Yocto Project Summit 2023.11
welcome
hands-on setup
This seminar is for people who are new to using the Yocto Project and want an introduction to the basics of how to use bitbake and start to build images to be used with QEMU.
Layer organisation 101 - live coding
This hands-on session will teach attendees how to apply all sorts of quality checking tools directly from within the build.
devtool hands-on
This seminar is for people who are new to using the Yocto Project and want an introduction to the basics of layers, building images, and other initial topics
During this class we will explore containerization for embedded systems. After a walkthrough on what containers are and how the differ from virtualization we will build a system that adds container capabilities to a Yocto Project image. We will use the container tools to fetch containers from a repository, create recipes to embed containers into a Yocto Project build, and build a container image with the Yocto Project.
YPS Social - Tuesday
welcome
A year in review
A generic arm64 OS image will be a new hardware reference image for upstream Yocto Project 4.4 LTS.
This talk will describe what this is, how it will be tested, and current status
UEFI Secure Boot, a standard within the UEFI framework, enhances embedded
platform security by verifying signatures for loaded images in the UEFI BIOS.
However, integrating it into a project involves challenges such as ensuring the
level of UEFI specification compliance that UEFI BIOS implementation on a given
hardware target provides, planning for certificate rotation to maintain
security, and seamlessly integrating CI/CD pipelines for component signing. In
the upcoming presentation, I will explore strategies and solutions for resolving
these challenges within Yocto-based projects, demonstrating how to successfully
implement UEFI Secure Boot to bolster platform security.
As we navigate the ever-complex world of software development, automated embedded testing stands as a compelling tool to enhance product quality, streamline processes, and unlock new possibilities. All the more with the advent of AI, connectivity, intricate user interfaces, and heightened security concerns.
This talk introduces "simplest-yocto-setup", a practical and working example of how a Yocto layer implementing a final product should be written: simple, stupid, hassle-free, understandable and maintainable.
Using KAS makes handling Yocto Projects easy. By shipping its own container with all needed dependencies, building sophisticated CI pipelines becomes pretty easy - in theory, or when using Gitlab.
But using GitHub as a code hosting platform with self-managed Action runners on AWS comes with a set of unexpected challenges.
Anna-Lena will talk about her quest through GitHub Actions, the Cloud and how to tame them.
In embedded systems we often need multi featured system : good drivers, lots of applications, cyber resilient , of course real time and still easy to use and debug.
To have this so-called "5-legged sheep" why can we combined... several sheeps ?
We will see how to create this full featured system by gathering advantages of several embedded OS on the same SoC.
During this talk we will explore :
- Embedded Linux (for its good drivers support and high level applications)
- OP-Tee and ARM TrustZone (for cybersecurity)
- RTOS or baremateal software running on Cortex-M4 co-microprocessor
- all configured, cross-compiled and gathered by Yocto
- target SoC will be STM32MP157c which have 2 Cortex-A7 core and 1 Cortex-M4 co-microprocessor
How the new devtool ide plugin can simplify application development on the target device and how we are rolling it out at scale.
Take part to better understand the rapid changes in development workflows and VSCode IDE usage for your Yocto projects.
The talk will include how to generate a machine configuration file for System Device-tree(SDT) and non-SDT builds using gen-machine-conf tool.
gen-machine-conf tool will use an xsa and parse with tcl scripts and json to generate the machine configuration file. Once machine conf files are generated then it will be used by Yocto Project to build all the boot fimware and linux images for a system to boot via QEMU or HW.
Optimizing Yocto build times can be a tricky task. The Yocto Project's cache mechanism helps, but getting it right and sharing it within a team is often a challenge. This talk will be a practical guide to speeding up Yocto builds through shared sstate-cache optimization. The goal is to show you how to set up a shared space with an HTTP server and introduce the Hash Equivalent Server (OEEquivHash) for more predictable and faster builds. It will be a straightforward presentation with simple steps and real-world examples. By the end, you'll have practical tips to make your Yocto projects faster and more efficient, even on limited resources.
The Hash Equivalence server has been shown to be an effective tool for improving build speeds. However, the current implementation which uses raw TCP sockets and SQLite is not suitable as a server infrastructure for all environments.
In the never-ending quest to run all of the latest versions of all of the software, issues ensue. From CVEs to makefiles changes needed to get the thing building in an environment, patches are created and applied. Some of these patches are upstreamed and others live forever in the murky bowels of the distro's package. The latter's technical debt can cause issues on the next release, etc. But how big of a problem is this? How long do patches live? How many are upstreamed? We'll take a look at some pretty graphs and see.
In this talk I will share my experience of using Yocto to build a demo of my Embedded Linux Conference 2022 talk on V4L2 mem2mem framework. The work done on Yocto was an accompanying demonstration of a V4L2 mem2mem driver written for a QEMU based mem2mem scaler virtual hardware device and a test C++ application all built using Yocto.
YPS Social - Wednesday
welcome
SEAPATH is an open-source project aimed at developing a reliable and robust platform for integrating renewable energy sources into power grids. SEAPATH involves two main Linux distributions, Yocto project and Debian. Yocto project is preferred for its customizability and is more industrial, while Debian offers ease of maintenance and comes with pre-compiled packages.
This talk will introduce the SEAPATH project. Then it will focus on the benefits of using yocto in an industrial product as well as the specific use cases in the SEAPATH project.
Learn how to prepare, generate and send code patches in the most convenient way for OpenEmbedded and Yocto Project maintainers. Learn Git tricks to make your own job easier.
Do you have a fix ready for a security issue? Do you know how to submit it to the Yocto Project (YP)? In this hands-on, Marta will show the path from a security issue reported by the YP CVE check do an accepted fix. You will learn about file naming, choosing the right branch, testing your patch and more!
Back to basics will walk you through the original mental model of Yocto build system and it is internals in details.
What has happened around security in the Yocto Project in 2023? What is cooking for 2024? If you're using YP in your products, you will be interested to learn about new options and features. Marta will discuss changes in the CVE scanning process, SBOM generation with SPDX, default options, and more.
Weston 12 introduces a groundbreaking and long anticipated feature - VNC support. This allows remote connection and control through graphical desktop sharing though Virtual Network Computing (VNC).
We delve into the technical aspects, explaining how the VNC backend in Weston 12 depends on Neat VNC and AML libraries, offering TLS support and user authentication. Using the Yocto Project and OpenEmbedded we will build core-image-weston for popular development boards and set up TLS certificate. A step by step tutorial will be provided to demonstrate remote connection from another computer using Vinagre, an open-source VNC client for the GNOME Desktop.
This presentation is designed to be inclusive, catering to both newcomers and experienced developers interested in Wayland and Weston integration in the Yocto Project. It aims to simplify the process of setting up the VNC backend in Weston and empower developers to utilize this powerful feature seamlessly within their projects.
Pulsar is an open source runtime threat detection system for embedded Linux devices. Powered by eBPF, it offers granular observability, low computational cost and great customization capabilities for IoT and edge computing applications.
The talk will include how to configure and build Yocto Project using meta-ros(ROS2 Humble) on KR260.
It will include how the build system can be used to construct and package the components for a KR260, including Linux, ROS2 Humble framework and demo of ROS2 application running on KR260.
This talk explores the role of FIDO Device Onboarding [1] in strengthening the device provisioning process, emphasizing both its security and extensibility. I'll also share my personal experience and challenges faced while implementing the fido-device-onboard-rs [2] project in the YOCTO environment, offering a practical perspective on working with this promising technology.
This presentation will feature introductory slides, a live demonstration, and a live discussion of work around CVE triage and analysis in Yocto Project.
Yocto reference kernel weather report / state of the union.
YPS Social - Thursday