feat: add nRF Cloud provisioning support

Add support for nRF Cloud provisioning:
- Modify the cloud module to include states for provisioning.
- Add support for reprovisioning of the device via the device shadow.
  The device will initiate reprovisioning if receiving provisioning
  commands via the device shadow. This pipeline can be used to issue
  other commands as well. Reboot also added as an example command.

  If the device has no valid credentials after boot, it is considered
  unclaimed. The user needs to claim the device using the attestation
  token. The device will back off using the cloud built-in backoff
  mechanism until it's claimed and provisioning can start.

  If the device is claimed and authenticated, it will start the
  connection immediately as before.

- Update main CDDL format to be able to parse the new shadow format.
- Add on-target test that tests different provisioning scenarios
  on target.

Documentation on how to use the feature will follow.

Signed-off-by: Simen S. Røstad <simen.rostad@nordicsemi.no>

Author: simensrostad

README.md

@@ -80,7 +80,8 @@ More information on how to customize the template can be found in the [Customiza
 
 ## Quick Start
 
-This section provides a brief introduction to building and running the Asset Tracker Template on supported hardware. For detailed instructions, refer to the [Getting Started](docs/common/getting_started.md) document.
+This section provides a brief introduction to building and running the Asset Tracker Template on supported hardware.
+For detailed setup including nRF Cloud provisioning and advanced build configurations, see [Getting Started](docs/common/getting_started.md).
 
 ### Prerequisites
 
@@ -109,7 +110,11 @@ west thingy91x-dfu  # For Thingy:91 X serial bootloader
 west flash --erase
 ```
 
-For detailed setup including nRF Cloud provisioning and advanced build configurations, see [Getting Started](docs/common/getting_started.md).
+3. Provision the device:
+
+Run the [nRF Connect for Desktop Quickstart application](https://docs.nordicsemi.com/bundle/nrf-connect-desktop/page/index.html) to provision the device and connect to nRF Cloud over CoaP.
+
+For detailed provisioning instructions, see the [Provisioning](docs/common/provisioning.md) documentation.
 
 ## Further reading
 

app/Kconfig.sysbuild

@@ -21,4 +21,7 @@ endchoice
 config PM_EXTERNAL_FLASH_MCUBOOT_SECONDARY
 	default y if BOARD_NRF9151DK_NRF9151_NS
 
+config MCUBOOT_USE_ALL_AVAILABLE_RAM
+	default y
+
 source "${ZEPHYR_BASE}/share/sysbuild/Kconfig"

app/boards/thingy91x_nrf9151_ns.conf

@@ -36,8 +36,6 @@ CONFIG_NET_STATISTICS_WIFI=y
 # Heap allocations should be changed when CONFIG_LOCATION_METHOD_WIFI_SCANNING_RESULTS_MAX_CNT
 # and CONFIG_NRF_WIFI_SCAN_MAX_BSS_CNT (which should be the same value) are changed.
 CONFIG_NRF_WIFI_CTRL_HEAP_SIZE=10240
-CONFIG_HEAP_MEM_POOL_SIZE=6144
-CONFIG_HEAP_MEM_POOL_IGNORE_MIN=y
 
 # Wi-Fi location
 CONFIG_LOCATION_METHOD_WIFI=y

app/prj.conf

@@ -25,7 +25,7 @@ CONFIG_TFM_SPM_LOG_LEVEL_DEBUG=y
 CONFIG_MAIN_STACK_SIZE=2560
 # Extended AT host/monitor stack/heap sizes since some nrf_cloud credentials are longer than 1024 bytes.
 CONFIG_AT_MONITOR_HEAP_SIZE=2176
-CONFIG_HEAP_MEM_POOL_SIZE=10000
+CONFIG_HEAP_MEM_POOL_SIZE=12288
 CONFIG_HEAP_MEM_POOL_IGNORE_MIN=y
 CONFIG_SYSTEM_WORKQUEUE_STACK_SIZE=1280
 
@@ -230,3 +230,17 @@ CONFIG_TASK_WDT_MIN_TIMEOUT=10000
 # Device power management
 CONFIG_PM_DEVICE=y
 CONFIG_PM_DEVICE_SHELL=y
+
+# nRF Cloud Provisioning
+CONFIG_MODEM_ATTEST_TOKEN=y
+CONFIG_NRF_PROVISIONING=y
+CONFIG_NRF_PROVISIONING_LOG_LEVEL_DBG=y
+CONFIG_NRF_PROVISIONING_CBOR_RECORDS=5
+CONFIG_NRF_PROVISIONING_COAP=y
+CONFIG_NRF_PROVISIONING_CODEC=y
+CONFIG_NRF_PROVISIONING_CBOR=y
+CONFIG_NRF_PROVISIONING_WITH_CERT=y
+CONFIG_NRF_PROVISIONING_RX_BUF_SZ=4096
+CONFIG_NRF_PROVISIONING_TX_BUF_SZ=4096
+CONFIG_NRF_PROVISIONING_CODEC_AT_CMD_LEN=2048
+CONFIG_NRF_PROVISIONING_CODEC_RX_SZ_START=2048

app/src/cbor/CMakeLists.txt

@@ -13,7 +13,7 @@ set(zcbor_command
 	--cddl ${CMAKE_CURRENT_SOURCE_DIR}/device_shadow.cddl
 	--decode # Generate decoding functions
 	--short-names # Attempt to make generated symbol names shorter (at the risk of collision)
-	-t config-object # Create a public API for decoding the "config-object" type from the cddl file
+	-t desired-object # Create a public API for decoding the "desired-object" type from the cddl file
 	--output-cmake device_shadow.cmake # The generated cmake file will be placed here
 )
 execute_process(COMMAND ${zcbor_command}

app/src/cbor/cbor_helper.c

@@ -4,22 +4,47 @@
  * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause
  */
 #include <errno.h>
+#include <string.h>
+
+#include "cbor_helper.h"
 #include "device_shadow_decode.h"
 
-int get_update_interval_from_cbor_response(const uint8_t *cbor,
-					   size_t len,
-					   uint32_t *interval_sec)
+#include <zephyr/logging/log.h>
+
+LOG_MODULE_REGISTER(cbor_helper, CONFIG_APP_LOG_LEVEL);
+
+int get_parameters_from_cbor_response(const uint8_t *cbor,
+				      size_t len,
+				      uint32_t *interval_sec,
+				      uint32_t *command_type)
 {
-	struct config_object object = { 0 };
-	size_t not_used;
+	int err;
+	struct desired_object desired_object = { 0 };
+	size_t decode_len = len;
 
-	int err = cbor_decode_config_object(cbor, len, &object, &not_used);
+	if (!cbor || !interval_sec || !command_type || len == 0) {
+		return -EINVAL;
+	}
 
+	err = cbor_decode_desired_object(cbor, decode_len, &desired_object, &decode_len);
 	if (err) {
+		LOG_ERR("cbor_decode_desired_object, error: %d", err);
+		LOG_HEXDUMP_ERR(cbor, len, "Unexpected CBOR data");
 		return -EFAULT;
 	}
 
-	*interval_sec = object.update_interval;
+	if (desired_object.config_present && desired_object.config.update_interval_present) {
+		*interval_sec = desired_object.config.update_interval.update_interval;
+	} else {
+		LOG_DBG("Update interval parameter not present");
+	}
+
+	if (desired_object.command_present) {
+		*command_type = desired_object.command.type;
+		/* ID entry not used */
+	} else {
+		LOG_DBG("Command parameter not present");
+	}
 
 	return 0;
 }

app/src/cbor/cbor_helper.h

@@ -6,18 +6,23 @@
 
 #include <zephyr/types.h>
 
+#define CLOUD_COMMAND_TYPE_PROVISION 1
+#define CLOUD_COMMAND_TYPE_REBOOT 2
+
 /**
- * @brief Get the update interval from a CBOR buffer.
+ * @brief Get the device shadow parameters from a CBOR buffer.
  *
  * @param[in]  cbor         The CBOR buffer.
  * @param[in]  len          The length of the CBOR buffer.
- * @param[out] interval_sec The update interval in seconds.
+ * @param[out] interval_sec Update interval in seconds.
+ * @param[out] command_type Cloud command type.
  *
  * @returns 0 If the operation was successful.
  *	    Otherwise, a (negative) error code is returned.
  * @retval -EFAULT if the CBOR buffer is invalid.
  *
  */
-int get_update_interval_from_cbor_response(const uint8_t *cbor,
-					   size_t len,
-					   uint32_t *interval_sec);
+int get_parameters_from_cbor_response(const uint8_t *cbor,
+				      size_t len,
+				      uint32_t *interval_sec,
+				      uint32_t *command_type);

app/src/cbor/device_shadow.cddl

@@ -1,5 +1,25 @@
-config-object = {
-    "config": {
-        "update_interval": uint .size 4
-    }
+; Device Shadow Desired Object Definition
+; ---------------------------------------
+; This section defines the structure of the "desired" object in the device shadow.
+; All sections are optional, but if present, they must appear in the specified order when decoding the CBOR buffer.
+;
+; Sections:
+; 1. "config": Contains device configuration parameters.
+;    - "update_interval": (optional) A 4-byte unsigned integer specifying the update interval.
+;    - Additional configuration parameters may be included as key-value pairs (tstr => any).
+;
+; 2. "command": (optional) An array specifying a command for the device to execute.
+;    - Structure: [type, id]
+;      - type: 4-byte unsigned integer indicating the command type.
+;      - id:   4-byte unsigned integer indicating the command ID.
+;
+; Any additional fields may be included as key-value pairs (tstr => any).
+
+desired-object = {
+    ? "config": {
+        ? "update_interval": uint .size 4,
+        * tstr => any
+    },
+    ? "command": [type: uint .size 4, id: uint .size 4],
+    * tstr => any
 }

app/src/main.c

@@ -335,6 +335,73 @@ static void timer_work_fn(struct k_work *work)
 	}
 }
 
+static void on_shadow_response(struct main_state *state_object, const struct cloud_msg *msg)
+{
+	int err;
+	uint32_t command_type = UINT32_MAX;
+	uint32_t interval_sec = UINT32_MAX;
+
+	err = get_parameters_from_cbor_response(msg->response.buffer,
+						       msg->response.buffer_data_len,
+						       &interval_sec,
+						       &command_type);
+	if (err) {
+		LOG_ERR("get_parameters_from_cbor_response, error: %d", err);
+		return;
+	}
+
+	/* Set new interval if valid */
+	if (interval_sec != UINT32_MAX) {
+		state_object->interval_sec = interval_sec;
+
+		LOG_DBG("Received new interval: %d seconds", state_object->interval_sec);
+
+		err = k_work_reschedule(&trigger_work, K_SECONDS(state_object->interval_sec));
+		if (err < 0) {
+			LOG_ERR("k_work_reschedule, error: %d", err);
+			SEND_FATAL_ERROR();
+			return;
+		}
+	}
+
+	/* For commands, only process delta responses. This avoids executing commands that may still
+	 * persist in the shadow's desired section. Delta responses only include new
+	 * commands, since the device clears received commands by reporting them in
+	 * the reported section of the shadow.
+	 */
+	if ((msg->type != CLOUD_SHADOW_RESPONSE_DELTA) && (command_type != UINT32_MAX)) {
+		return;
+	}
+
+	LOG_DBG("Received command ID: %d, translated to %s", command_type,
+		(command_type == CLOUD_COMMAND_TYPE_PROVISION) ?
+		"CLOUD_COMMAND_TYPE_PROVISION" :
+		(command_type == CLOUD_COMMAND_TYPE_REBOOT) ?
+		"CLOUD_COMMAND_TYPE_REBOOT" : "UNKNOWN");
+
+	/* Check for known commands */
+	if (command_type == CLOUD_COMMAND_TYPE_PROVISION) {
+
+		struct cloud_msg cloud_msg = {
+			.type = CLOUD_PROVISIONING_REQUEST,
+		};
+
+		err = zbus_chan_pub(&CLOUD_CHAN, &cloud_msg, K_SECONDS(1));
+		if (err) {
+			LOG_ERR("zbus_chan_pub, error: %d", err);
+			SEND_FATAL_ERROR();
+			return;
+		}
+	} else if (command_type == CLOUD_COMMAND_TYPE_REBOOT) {
+		LOG_WRN("Received command ID: %d", command_type);
+
+		/* Flush the log buffer and wait a few seconds before rebooting */
+		LOG_PANIC();
+		k_sleep(K_SECONDS(10));
+		sys_reboot(SYS_REBOOT_COLD);
+	}
+}
+
 /* Zephyr State Machine framework handlers */
 
 /* STATE_RUNNING */
@@ -440,29 +507,34 @@ static void triggering_run(void *o)
 	if (state_object->chan == &CLOUD_CHAN) {
 		const struct cloud_msg *msg = MSG_TO_CLOUD_MSG_PTR(state_object->msg_buf);
 
-		if (msg->type == CLOUD_DISCONNECTED) {
+		switch (msg->type) {
+		case CLOUD_DISCONNECTED:
 			state_object->connected = false;
-			smf_set_state(SMF_CTX(state_object), &states[STATE_IDLE]);
-			return;
-		}
 
-		if (msg->type == CLOUD_SHADOW_RESPONSE) {
-			err = get_update_interval_from_cbor_response(msg->response.buffer,
-								     msg->response.buffer_data_len,
-								     &state_object->interval_sec);
+			/* Because the location library in the location module performs its own
+			 * calls to cloud we cancel any ongoing location request when the cloud
+			 * connection is lost. This is to prevent the location module from
+			 * attempting to send location data to the cloud when it is not connected.
+			 */
+			enum location_msg_type location_msg = LOCATION_SEARCH_CANCEL;
+
+			err = zbus_chan_pub(&LOCATION_CHAN, &location_msg, K_SECONDS(1));
 			if (err) {
-				LOG_ERR("get_update_interval_from_cbor_response, error: %d", err);
+				LOG_ERR("zbus_chan_pub, error: %d", err);
+				SEND_FATAL_ERROR();
 				return;
 			}
 
-			LOG_WRN("Received new interval: %d seconds", state_object->interval_sec);
-
-			err = k_work_reschedule(&trigger_work,
-						K_SECONDS(state_object->interval_sec));
-			if (err < 0) {
-				LOG_ERR("k_work_reschedule, error: %d", err);
-				SEND_FATAL_ERROR();
-			}
+			smf_set_state(SMF_CTX(state_object), &states[STATE_IDLE]);
+			return;
+		case CLOUD_SHADOW_RESPONSE_DELTA:
+			__fallthrough;
+		case CLOUD_SHADOW_RESPONSE_DESIRED:
+			on_shadow_response(state_object, msg);
+			return;
+		default:
+			/* Don't care */
+			break;
 		}
 	}
 }