Daniel Turull
Daniel is a senior specialist at Ericsson. Currently, he focuses on embedded Linux with Yocto, working on both internal and commercial distributions. He works on the Ericsson Linux distribution team, productifying Yocto and ensuring supply chain security to safeguard critical infrastructure.
Session
The world is focusing more on secure systems. When maintaining a Linux distribution, there is a challenge between stability and security corrections. While released versions must not break backward compatibility, they must remain secure. Some components provide patch releases but sometimes they add features that break things.
This talk presents the latest changes that we made to enable Yocto Auto Upgrade Helper [1] to be compatible with Yocto Scarthgap LTS, update patched versions automatically, and add changelog information. Then in combination with the update on the layer meta-binaryaudit [2], we can validate that the version upgrade does not have any ABI changes and therefore be backward compatible.
This combination can allow the Yocto Project or distributions teams to update components more frequently on stable branches and be more secure but backward compatible.
References:
[1] https://git.yoctoproject.org/auto-upgrade-helper/
[2] https://github.com/Nordix/meta-binaryaudit/