“How to test the latest mainline Linux kernel or bootloader?”
Michael Opdenacker;
Talk
With OpenEmbedded, the Yocto Project and official layers, there is wide support for many embedded boards. However, such support usually comes with specific versions of the Linux kernel and the bootloader.
In this presentation, I will share 2 or 3 examples in which I replaced the default kernel and bootloader versions by newer mainline versions. That's handy for contributors to the kernel or bootloader projects, or for embedded system developers, who want to test the bleeding edge upstream versions and still take advantage of the OpenEmbedded and Yocto tooling and layer ecosystem to generate full featured images with exhaustive userspace stacks.
“meta-cra-compatible”
Marta Rybczynska;
Talk with discussion
The Cyber Resilience Act mandates security for all embedded products. This includes secure-by-default configuration, a mandatory update mechanism, and more.
The Yocto Project allows easy assembly of building blocks and the creation of a CRA-compatible product, but this will require user intervention, setup, and additional recipes. Each vendor can do it on their own, or we can mutualize the effort and work together.
This session will be an occasion to discuss creating an easy-to-use, CRA-compatible configuration. Marta will remind us of the CRA requirements, and then we will discuss various features, starting from compiler options and user setup by logging and auditing to secure boot and updates.
“Release Cadence Retrospective”
Ross Burton;
Talk
A brief retrospective on the Yocto release cadence and is it working for everyone.
“Secure and Efficient PR Workflows for OpenEmbedded Layers”
Jan Lübbe;
Talk
We've been using a pull request (PR) workflow with GitHub Actions for public OpenEmbedded layers such as meta-rauc, meta-labgrid and the LXA TAC BSP for years. This approach enhances visibility via GitHub, simplifies onboarding for new contributors, and provides automated feedback through CI, reducing maintainer workload.
Due to concerns with build-testing untrusted code, we were using GitHub's hosted runners with regular SSTATE pre-building on a separate server. This limited performance, especially for PRs changing global config variables, and made the PR workflow less smooth than it could be. To address this, we implemented a custom runner which uses QEMU on self-hosted hardware to run ephemeral VMs. SSTATE and DL_DIR can be read from the host, balancing build speed with security.
“The many ways to modify a bootloader”
Alan;
Talk
This talk explores various methods for patching a bootloader, focusing on the patching process rather than the specific changes made.
We will compare different approaches (devshell, devtool, manually navigating build directories) and how the combine with external tools for patching (git, quilt) and dealing with Kconfig configuration (menuconfig, config fragments, defconf).
The aim is to leave attendees with a sense of clarity that there are indeed a multitude of options to achieve the same goal.
“Yocto Build Failure Swat Team - Workflow and Updates”
Mathieu Dubois-Briand;
Talk
All Yocto branches under active maintenance, in addition to any patches proposed on the mailing lists, are built on the Yocto autobuilder. The Yocto SWAT team is responsible for monitoring build failures, doing a first investigation of their causes, logging the issues, and notifying the relevant
owners.
In this session, Mathieu will outline tasks and processes of the SWAT team, along with the tooling and recent improvements.
“Yocto is more than BitBake!”
Ming;
Talk
There are many tools and utilities provided with Poky that hide in plain sight!
All too often we can sit at the keyboard pulling our hair out when the tool to help is right there begging to be used.