A quick welcome to start the day at YPS!
A session to help people setup their Digital Ocean account
This seminar is for people who are new to using the Yocto Project and want an introduction to the basics of how to use bitbake and start to build images to be used with QEMU.
It's only live if you fail on stage.
Hands-on session using devtool, the Yocto Project tool that helps you create/update recipes and work with recipe source trees. You will learn how to create new recipes based upon a source tree; modify the sources of a recipe, create patches and update the recipe to apply them; upgrade a recipe to a new upstream version, and more.
This seminar is for people who are new to using the Yocto Project and want an introduction to the basics of layers, building images, and other initial topics
Most of your development work will likely be developing your own software packages, creating Yocto Project recipes for them, building and installing them into a root file system built with the Yocto Project.
During this course we will look at some typical tasks beyond creating the recipe and compiling.
A chance for all the attendees to meet socially and show off their drink.
Keynote presentation to the YP Summit
Users often talk about builds being slow and how to speed them up. This is a huge topic, from ideal build machine hardware, proper use of shared state caches, identifying build bottlenecks, reducing redundant builds, and ensuring maximum machine utilisation. This session will cover all of these topics, offering advice as to how to ensure your builds are as fast as possible.
How to use yoct CVE checker to find security vulnerabilities in your product? How to apply fixes for the detected CVE security issues? What are the common problems in that work?
Manually upgrading bitbake recipes often - some daily, and testing them is time-consuming!
In this talk, Marta will share experiences with the maintenance and security of a Yocto Project-based distribution, the Oniro project. The stories will include: best practices and caveats when following official YP branches, running cve-check and SPDX generation on the whole distribution, and experiences with the yocto-check-layer tool. Marta will also share stories of blocked updates caused by a regression, deciding to fork or not of a 3rd party layer, and more.
Practical details for generating an SPDX SBoM with the Yocto Project
The existing installer method copies files from a loopdev mounted rootfs to the target. This is limiting for multi-partition images (such as wic or meta-mender). Instead, we will describe how to create an installer image which uses output (image and .bmap files) from another image and writes all the partitions at once to the target using bmaptool.
Yocto is thought of as difficult to use, but even a novice can use KAS to build and deploy a Yocto image. This session will go over KAS and how it is useful
Building images using bitbake can be a demanding task that is able to push a computer system beyond it's capacity. Recent bitbake scheduler changes that can be used to regulate task creation to make optimal use of a system without overwhelming it will be discussed.
Running a QEMU virtual machine with 'runqemu' or 'mender-qemu' is easy, but sometimes you want more advanced features like passing through a host USB device. While this can be done with command line tools, it gets complicated quickly. We will discuss some experiences building and launching QEMU images with tools that leverage libvirt and virtio on your host, such as virsh and virt-manager.
The Robot Operating System (ROS) is an open source platform for robotics. It provides software libraries, tools, and drivers to developers who wish to go from research and prototyping all the way through to deployment and production. Using Yocto Project and OpenEmbedded as the Linux operating system under ROS combines the best of both worlds for creating robots across a wide range of hardware.
Maintaining a comprehensive description of the Software Supply Chain has become increasingly important in software development today. As the industry has started to form around standardized mechanisms for reporting the Software Supply Chain via a Software Bill of Materials, the Yocto project has a unique position to be able to describe complex supply chains owing to the rich, complex, and comprehensive metadata it uses to build the software.
A presentation on lesser known Yocto Project Features.
A chance for all the attendees to meet socially and show off their drink.
A quick welcome to start the day at YPS!
Yocto Project and AWS presented by Richard Elberger, Head of IoT Ecosystem Services
Showcasing Corstone-1000 platform on Yocto Project.
Your company's OSPO would really enjoy to have many datapoints ready for consumption, for detecting inbound and outbound license incompatibilities at file level, generating detailed SBOM for firmware images with file-level license metadata, automatically identify offending binary files in IP compliance litigation cases and so on.
A PoC showcasing these features has been created via a dynamic representation of a Yocto project SBOM in a graph database, starting from upstream sources, down to workdir sources, debug sources, and finally to binary files and libraries, with very simple graph queries.
Mender is a popular open source over-the-air software update solution with numerous features. In this talk we will discuss the initial efforts to port Mender to Toradex Verdin iMX8M Plus SoM and after that the exact steps to build images for it and the Dahlia carrier board using the long-term support release of the Yocto Project and the Toradex BSP. Nowadays, getting started with Mender on this machine is straight forward thanks to the existing support in layer meta-mender-nxp. Mender A/B updates will be demonstrated. Furthermore, practical tips and tricks for using Toradex Easy Installer for various use cases will be shared.
Today, many embedded projects run on x86 platforms, and often end users are
concerned about security. The term Root of Trust matters a lot here. One of its
components in the case of x86 is UEFI Secure Boot. It is a standard defined in
UEFI that allows for trusted key verification of images loaded by UEFI BIOS.
Using the publicly available layers, I would like to present what UEFI Secure
Boot is and how to integrate it into Yocto Project.
This presentation provides perspective on when Yocto Project is the best solution, but also perspective when it is not.
The history and current state of the Rust toolchain in the Yocto Project will be presented.
A typical software product build with Yocto Project makes use of several different metadata layers. These layers may be maintained by hardware manufacturers, software/service companies, or individual hobby developers. Naturally there is some variation in layer quality and compatibility - some layers play well with each other while others are in practice mutually exclusive. For example, misbehaving layers may force the selection of particular machine or distro or make unwanted changes to recipes defined in other layers. This can result in broken builds (often with confusing error messages) or subtle runtime errors and crashes which may be difficult to debug.
Use Gitlab CI/CD to automatically build, deploy, and test images on a remote target.
In 2015, we built a sophisticated meeting room information system based on Android Things as a student project. As Android Things was deprecated in 2021, we started to use our Yocto Project experience to develop a maintainable, future proof embedded system.
A discussion of live update strategies, including OTA, RAUC, and SW Update.
A chance for all the attendees to meet socially and show off their drink.