Merge 4bc8d25cec into 2da35debfd

Signed-off-by: Gaurav Aggarwal <aggarg@amazon.com>

.github/workflows/auto-release.yml

@@ -96,6 +96,18 @@ jobs:
           repo_path: ./local_kernel
           source_path: ./
 
+      # 1. Install cosign tool
+      - name: Install Cosign
+        uses: sigstore/cosign-installer@v3.8.1
+        
+      # 2. Sign the sbom.spdx file using cosign. Two files are produced: sbom.sig and sbom.crt, stored in the same directory as sbom.spdx
+      - name: Attest SBOM
+        working-directory: ./local_kernel
+        run: |
+          cosign sign-blob sbom.spdx --output-certificate='sbom.crt' --output-signature='sbom.sig' -y
+          # The following is a sanity check. After signing, we verify the image to check that everything is OK
+          cosign verify-blob --signature='sbom.sig' --certificate='sbom.crt' --certificate-identity-regexp=.* --certificate-oidc-issuer-regexp='https://github.com' ./sbom.spdx
+
       - name: commit SBOM file
         env:
           VERSION_NUMBER: ${{ github.event.inputs.version_number }}

tasks.c

@@ -893,7 +893,7 @@ static void prvAddNewTaskToReadyList( TCB_t * pxNewTCB ) PRIVILEGED_FUNCTION;
         BaseType_t xCurrentCoreTaskPriority;
         BaseType_t xLowestPriorityCore = ( BaseType_t ) -1;
         BaseType_t xCoreID;
-        const BaseType_t xCurrentCoreID = portGET_CORE_ID();
+        const BaseType_t xCurrentCoreID = ( BaseType_t ) portGET_CORE_ID();
 
         #if ( configRUN_MULTIPLE_PRIORITIES == 0 )
             BaseType_t xYieldCount = 0;