Yocto Project Summit 2024.12
Let's kick off the YPS day.
Reserved slot for hands-on attendees to set up their instances and make sure that everything works as expected.
This seminar is for people who are new to using the Yocto Project and want an introduction to the basics of how to use bitbake and start to build images to be used with QEMU.
I don't know the topic exactly yet, but this will (hopefully) be a work-along live coding session.
Hands-on class that demonstrates the features of devtool
Containers are providing new possibilities for embedded systems. They allow separation of applications, updates independent of the host system, isolation of hardware and more.
During this hands-on class we will explore:
- Introduction into containers and how they differ from other virtualization techniques
- Building a container host system with the Yocto Project and launching a container
- Building containers with the Yocto Project from Yocto Project packages
- Building containers from upstream repositories e.g. Docker.io with the Yocto Project using Podman and Docker compose files
This seminar is for people who are new to using the Yocto Project and want an introduction to the basics of layers, building images, and other initial topics
This talk discusses a real world case study of a complex Dunfell to Kirkstone upgrade. We will talk about the tooling we used to upgrade, pitfalls we encountered during the upgrade and how we worked around them or avoided them completely. We will show some ugly hacks we needed to do with the vendor provided layer in order to ensure already deployed device were not bricked and choices we needed to make to avoid the potential of expensive replacement of those deployed devices.
This talk is about Toolchain handling in Yocto.
No agenda, its people time!
Let's kick off the YPS day.
The Raspberry Pi 5, introduced in 2023, arrives with a range of exciting new hardware features. Shortly after its release, support was added for it as a machine in the community-maintained BSP layer meta-raspberrypi.
In this presentation, we will dive into the Raspberry Pi 5’s advanced hardware capabilities, explore key software changes, and share real-life war stories. We will also discuss optional build configurations in meta-raspberrypi, U-Boot support across Yocto releases Scarthgap and Styhead, and review various strategies for over-the-air software updates specifically tailored to the Raspberry Pi 5.
Intrduces Linaro Trusted Substrate (TS) Arm SystemReady/UEFI firmware and Trusted Reference Stack (TRS) kernel, initramfs and rootfs prototype for secure boot with TPM for secure storage. Discusses upstreaming status, problems and solutions.
A view on how to structure a project so that it is easy to maintain, develop and share.
We wanted students to be ready to go for the first hour of a Yocto Project-based course without spending time setting up their distro.
Our all-in-one solution, Virtual Lab, uses GitLab CI/CD and OpenTofu to deploy a horde of virtual machines, Ansible to configure them all, CephFS to share resources such as sstate and packages, Grafana combined with Prometheus for monitoring purposes, and much more.
Explores the best practices for working with Yocto Project using Long Term Support (LTS) components for the kernel, bootloader, and Yocto Project itself. It emphasizes the importance of security and addresses how Yocto CVE analysis, integrated with Jenkins and the warning-ng plugin, can be effectively used to identify and mitigate vulnerabilities. Additionally, the talk discusses how regular updates of components not only help track vulnerabilities but also play a crucial role in providing long-term support for products.
The Yocto Project VS Code extension stands at a crossroads between two worlds: embedded Linux and web development. Providing a seamless IDE experience came with many challenges, such as integrating the slow BitBake build system with the fast-paced TypeScript language server. In this talk, we will dive into the architecture of the extension, focusing on advanced tradeoffs and optimization strategies to create a seamless and intuitive development experience.
Current Yocto tooling for maintaining Rust based yocto recipes dependencies is fairly manual.
This talk deals with pain points that come with maintaining an embedded Rust codebase and a specific example of how to automate this process
There are many different ways that an application developer may go about building their application. One could work natively to write code, test, and commit then use bitbake to build from a recipe. Or one could use an SDK or build directly on the target itself. For deployment one could use packages, containers, or some other method for transferring the file over the network to the target. One could even use an emulator, like QEMU, for fast iterations without the difficulty introduced by physical hardware. I will explain the various options and illustrate which may be best suited for your preferred workflow.
We have done well with binary distributions so far, however, exponential growth in software does not scale with current models of building and distributing software using package feeds and package managers. Workloads are becoming bigger than the platforms and its just starting, AI/ML workloads will add to ever growing need of scalable infrastructure. Critical infrastructure is adopting linux and has very different constraints and maintenance requirements which will require rethinking how software is composed.
Heterogenous compute is on the rise, where non-CPU compute units are main part of compute, Future tools are going to distribute programs over different compute units eg. GPU, Crypto units, CPUs. This
requires rethinking of how systems are composed.
Yocto project is at a good spot to become the infrastructure of choice for building such systems. since each one of them will need their own distribution but yet shared by virtue of yocto project.
Is yocto project ready for this challenge ? We will discuss these questions.
Sometimes you just need a layer that does one thing and one thing only. This talk will explain how to build a reusable image that includes all of what you need and none of what you do not need.
A method for maintaining the same configurations for multiple layer setup tools.
SBoMs have become a critical part of the software development lifecycle, even to the point of becoming mandatory in many cases. In this talk, Joshua will discuss how Yocto can generate highly detailed SBoMs in SPDX 3 format, and some of the uses cases that these SBoMs enable
A preview of the new YP Presentation Archive Project
In the last few years, embedded systems have become increasingly more complex to keep up with the ever-growing demands of the market. Industries like automotive and healthcare require solutions that are more advanced, faster, and more efficient to meet market needs.
However, the more complex a system becomes, the higher is the probability of failure. Each new functionality brings additional points of failure, making it essential to adopt robust safety mechanisms and advanced monitoring strategies to keep the performance, ensure system integrity, and, above all, guarantee a safe product for the user.
In this talk, we intend to demonstrate how Yocto Project tools and ELISA guidelines can help developers build systems that are more secure and stable.
No agenda, it's people time!
Let's kick off the YPS day.
Learn how to use the Yocto test frameworks testimage (for image tests) and ptest (for package tests) in your Yocto project.
Learn how to easily visualize the test results in the Gitlab CI/CD with the help of my feature I brought upstream.
In the Yocto world, the .bbappend file is a well-known and documented mechanism for altering recipe files, and an essential part of daily operations. While not common, there are instances where it becomes necessary to modify other file types, such as .inc or .bbclass, which do not offer an equivalent append mechanism. This session will summarize various strategies for effectively handling these file types when patching cannot be avoided.
Styhead includes several security-related changes. In this talk, Marta will discuss the rework of the cve-check, SBOM generation, policy changes, and more.
A Software Bill of Materials (SBOM) is an inventory of all software components and dependencies in a system, essential for vulnerability management, risk assessment, and ensuring timely updates.
This conference will focus on practical strategies and tools for generating SBOMs in systems built with the Yocto Project, highlighting the latest improvements brought by the Scarthgap release. Participants will gain insights into both automated SBOM generation tools tailored for Yocto environments.
Arm has recently released Arm Automotive Solutions version 1.1, a reference stack demonstrating automotive use cases on Arm IP, all built and tested using Yocto. The stack has 11 dependent layers, over 20 OEQA test suites and our largest build runs over 12000 bitbake tasks. I will discuss the key features of stack and some of the challenges we face developing such a large and complex Yocto-based codebase.
How to ensure reproducibility in Yocto Builds: Best Practices, Pitfalls, and Delta Update Performance
In this session, we dive deep into the process of crafting the smallest possible root filesystem using the Yocto Project.
LmP is a distro that has been releasing with support for several BSP metalayers for a while now. It's a good example on the struggles to deal with diverse releasing timing and how to configure the Yocto Project metadata to deal with several architectures.
The Yocto Project is a powerful tool for creating custom Linux distributions for embedded systems. One of its advanced features is the use of dynamic layers, which provide flexibility and modularity in managing recipes and configurations.
This talk is split into two parts. Thomas will talk about "Cool things we do with Yocto @ AWS IoT". Oscar will give a broader view of Yocto at Amazon from the OSPO perspective.
Developing a Yocto BSP layer can be a complex undertaking, often presenting challenges when choosing between different implementation approaches. This presentation delves into real-world use cases we encountered during our Yocto BSP development journey, outlining our decision-making processes, final outcomes, tips/tricks and valuable lessons learned.
No agenda, it's people time!