subtree updates

meta-arm: 3fcafa3a94..d6fac49541:
  Abdellatif El Khlifi (1):
        arm-bsp/u-boot: corstone1000: upgrade NVMXIP support

  Denys Dmytriyenko (1):
        optee-os: do not explicitly set CFG_MAP_EXT_DT_SECURE=y

  Emekcan Aras (8):
        arm-bsp/u-boot: corstone1000: Fix EFI multiple protocol install failure
        arm-bsp/u-boot: corstone1000: Enable EFI set/get time services
        arm-bsp/trusted-services: corstone1000: GetNextVariableName Fix
        arm-bsp/optee-os:corstone1000: Drop SPMC non secure interrupt patches
        arm-bsp/u-boot: corstone1000: Fix u-boot compilation warnings
        arm-bsp/trusted-services: corstone1000: Fix PSA_RAW_KEY agreement test
        arm-bsp/trusted-services: corstone1000: Fix Capsule Update
        arm-bsp/trusted-firmware-a: corstone1000: Fix Trusted-Firmware-A version for corstone1000

  Jon Mason (3):
        trusted-firmware-a: update to the latest TF-A LTS
        arm-bsp/tc1: update to use the latest tf-a
        arm/scp-firmware: update to v2.12.0

  Khem Raj (2):
        gn: update to latest
        gn: Fix build with gcc13

  Ross Burton (8):
        arm/trusted-firmware-m: remove -fcanon-prefix-map from DEBUG_PREFIX_MAP
        arm-bsp/external-system: remove -fcanon-prefix-map from DEBUG_PREFIX_MAP
        arm-toolchain/external-arm: remove -fcanon-prefix-map from DEBUG_PREFIX_MAP
        arm/scp-firmware: use concerete toolchain
        arm-toolchain/gcc-arm-12.2: remove
        arm/gn: fix build with GCC <13
        CI: always put the build logs in an artifact
        CI: print the name of the documentation when building

  Sumit Garg (1):
        external-arm-toolchain: Enforce absolute path check

meta-openembedded: def4759e95..2638d458a5:
  Adrian Zaharia (2):
        meta-python: Add stopit
        python3-stopit: add missing run-time dependencies

  Alex Kiernan (1):
        ostree: Upgrade 2023.3 -> 2023.4

  Bartosz Golaszewski (55):
        python3-pywbemtools: remove build-time dependencies
        python3-pywbem: drop unneeded class from RDEPENDS
        python3-pywbem: don't use PYTHON_PN
        python3-pywbem: order RDEPENDS alphabetically
        python3-pywbem: add missing run-time dependencies
        python3-padatious: add missing run-time dependencies
        python3-pako: add missing run-time dependencies
        python3-paramiko: stop using PYTHON_PN
        python3-paramiko: add missing run-time dependencies
        python3-path: fix coding style
        python3-path: add missing run-time dependencies
        python3-ecdsa: don't install tests
        python3-et-xmlfile: fix coding style
        python3-et-xmlfile: add missing run-time dependencies
        python3-flask-user: fix coding style
        python3-flask-user: add missing run-time dependencies
        python3-isort: fix coding style
        python3-isort: add missing run-time dependencies
        python3-isodate: stop using PYTHON_PN
        python3-isodate: add missing run-time dependencies
        python-idna-ssl: add missing run-time dependencies
        python3-hpack: add missing run-time dependencies
        python3-h11: add missing run-time dependencies
        python3-gsocketpool: drop unneeded DEPENDS
        python3-gsocketpool: stop using PYTHON_PN
        python3-gsocketpool: add missing run-time dependencies
        python3-flask-mail: stop using PYTHON_PN
        python3-flask-mail: add missing run-time dependencies
        python3-flask-sijax: stop using PYTHON_PN
        python3-flask-sijax: add missing run-time dependencies
        python3-flask-script: remove recipe
        python3-aioserial: fix coding style
        python3-aioserial: add missing run-time dependencies
        python3-aspectlib: add missing run-time dependencies
        python3-asyncio-throttle: add missing run-time dependencies
        python3-attrdict3: add missing run-time dependencies
        python3-betamax: add missing run-time dependencies
        python3-binwalk: add missing run-time dependencies
        python3-can: fix coding style
        python3-can: add missing run-time dependencies
        python3-click-spinner: add missing run-time dependencies
        python3-colorlog: add missing run-time dependencies
        python3-colorzero: add missing run-time dependencies
        python3-configobj: fix coding style
        python3-configobj: add missing run-time dependencies
        python3-configshell-fb: add missing run-time dependencies
        python3-coverage: fix coding style and RDEPENDS
        python3-custom-inherit: add missing run-time dependencies
        python3-dateparser: fix coding style
        python3-dateparser: add missing run-time dependencies
        python3-tzlocal: fix coding style
        python3-tzlocal: add missing run-time dependencies
        python3-dbus-next: add missing run-time dependencies
        python3-defusedxml: add missing run-time dependencies
        python3-setuptools-scm-git-archive: add missing run-time dependencies

  Beniamin Sandu (5):
        lmsensors: do not pull in unneeded perl modules for run-time dependencies
        mdns: remove unneeded headers
        mbedtls: add support for v3.x
        rasdaemon: upgrade to 0.8.0
        unbound: add option to build with libevent

  Chen Qi (1):
        redis: use the files path correctly

  Denys Dmytriyenko (1):
        grpc: point to the native protobuf compiler binary

  Enguerrand de Ribaucourt (4):
        cukinia: remove trailing whitespaces
        cukinia: upgrade 0.6.1 -> 0.6.2
        cukinia: inherit allarch
        cukinia: add libgpiod-tools to RRECOMMENDS

  Etienne Cordonnier (1):
        uutils-coreutils: upgrade 0.0.18 -> 0.0.19

  Joe Slater (2):
        libgpiod: modify test 'gpioset: toggle (continuous)'
        python3-sqlparse: fix CVE-2023-30608

  Johannes Kauffmann (3):
        open62541: add multithreading PACKAGECONFIG option
        open62541: allow disabling subscriptions
        ntpd: switch service type from forking to simple

  Khem Raj (16):
        ply: Demand BFD linker explicitly
        crucible: Upgrade to 2023.04.12 release
        schroedinger: Fix building tests
        fwts: Fix build issues found with lld linker
        xfce4-sensors-plugin: Use bfd linker instead of lld
        ostree: Fix build errors found with lld linker
        spice-gtk: Fix build with lld linker
        sblim-sfcb: Fix build with lld linker
        libtracefs: Fix build with clang+musl
        gosu: Upgrade to 1.16 release
        layers: Move READMEs to markdown format
        xdg-desktop-portal-wlr: Fix build with older mesa
        geary: Fix build with vala >= 0.56.8
        libforms: Replace hardcoded dep on mesa with virtual/libgl
        syzkaller: Upgrade to latest tip of trunk
        ristretto: Upgrade to 0.13.1 release

  Markus Volk (1):
        gnome-software: upgrade 44.1 -> 44.2

  Martin Jansa (5):
        asio: fix malformed Upstream-Status
        libgpiod: fix malformed Upstream-Status
        postfix: fix malformed Upstream-Status
        *.patch: add Upstream-Status to all patches
        postfix: remove 2nd Upstream-Status

  Michael Heimpold (1):
        php: drop explicite ARM_INSTRUCTION_SET

  Patrick Williams (1):
        libplist_2.3.0: compile fix for version

  Peter Kjellerstedt (1):
        glog: Correct the packaging of /usr/share/glog/cmake/FindUnwind.cmake

  Peter Marko (1):
        python3-stopit: fix override syntax

  Randolph Sapp (1):
        opengl-es-cts: ->

  Remi Peuvergne (2):
        zeromq: consider license exception over LGPL-3.0
        zeromq: consider license exception over LGPL-3.0

  Sandeep Gundlupet Raju (1):
        opencv: Revert fix runtime dependencies

  Soumya (1):
        opencv: Fix for CVE-2023-2617

  Wang Mingyu (57):
        ctags: upgrade 6.0.20230604.0 -> 6.0.20230611.0
        gjs: upgrade 1.76.0 -> 1.76.1
        ipcalc: upgrade 1.0.2 -> 1.0.3
        libadwaita: upgrade 1.3.2 -> 1.3.3
        libjcat: upgrade 0.1.13 -> 0.1.14
        libqb: upgrade 2.0.6 -> 2.0.7
        mbpoll: upgrade 1.5.0 -> 1.5.2
        mpich: upgrade 4.1.1 -> 4.1.2
        nautilus: upgrade 44.2 -> 44.2.1
        ntp: upgrade 4.2.8p16 -> 4.2.8p17
        python3-eth-account: upgrade 0.8.0 -> 0.9.0
        python3-eth-hash: upgrade 0.5.1 -> 0.5.2
        python3-eth-typing: upgrade 3.3.0 -> 3.4.0
        python3-eth-utils: upgrade 2.1.0 -> 2.1.1
        python3-platformdirs: upgrade 3.5.1 -> 3.5.3
        pcsc-lite: upgrade 1.9.9 -> 2.0.0
        php: upgrade 8.2.6 -> 8.2.7
        python3-argcomplete: upgrade 3.0.8 -> 3.1.0
        python3-autobahn: upgrade 23.1.2 -> 23.6.1
        python3-cassandra-driver: upgrade 3.27.0 -> 3.28.0
        python3-cmake: upgrade 3.26.3 -> 3.26.4
        python3-django: upgrade 4.2.1 -> 4.2.2
        python3-hexbytes: upgrade 0.3.0 -> 0.3.1
        python3-imageio: upgrade 2.30.0 -> 2.31.0
        python3-pykickstart: upgrade 3.47 -> 3.48
        python3-pymisp: upgrade 2.4.171 -> 2.4.172
        python3-pymodbus: upgrade 3.3.0 -> 3.3.1
        python3-sentry-sdk: upgrade 1.25.0 -> 1.25.1
        python3-websocket-client: upgrade 1.5.2 -> 1.5.3
        python3-zeroconf: upgrade 0.63.0 -> 0.64.1
        remmina: upgrade 1.4.30 -> 1.4.31
        tio: upgrade 2.5 -> 2.6
        libtracefs: upgrade 1.6.4 -> 1.7.0
        adw-gtk3: upgrade 4.7 -> 4.8
        evince: upgrade 44.1 -> 44.2
        gensio: upgrade 2.6.5 -> 2.6.6
        redis-plus-plus: upgrade 1.3.8 -> 1.3.9
        python3-click-repl: upgrade 0.2.0 -> 0.3.0
        python3-platformdirs: upgrade 3.5.3 -> 3.6.0
        python3-pytest-mock: upgrade 3.10.0 -> 3.11.1
        python3-croniter: upgrade 1.3.15 -> 1.4.1
        python3-elementpath: upgrade 4.1.2 -> 4.1.3
        python3-google-api-core: upgrade 2.11.0 -> 2.11.1
        python3-google-api-python-client: upgrade 2.88.0 -> 2.89.0
        python3-googleapis-common-protos: upgrade 1.59.0 -> 1.59.1
        python3-google-auth: upgrade 2.19.1 -> 2.20.0
        python3-imageio: upgrade 2.31.0 -> 2.31.1
        python3-protobuf: upgrade 4.23.2 -> 4.23.3
        python3-pyproj: upgrade 3.5.0 -> 3.6.0
        python3-rich: upgrade 13.4.1 -> 13.4.2
        python3-robotframework: upgrade 6.0.2 -> 6.1
        python3-ujson: upgrade 5.7.0 -> 5.8.0
        python3-xmlschema: upgrade 2.3.0 -> 2.3.1
        python3-xmodem: upgrade 0.4.6 -> 0.4.7
        python3-zeroconf: upgrade 0.64.1 -> 0.68.0
        strongswan: upgrade 5.9.10 -> 5.9.11
        rdfind: upgrade 1.5.0 -> 1.6.0

  Xiangyu Chen (1):
        meta-oe: add pahole to NON_MULTILIB_RECIPES

  Zoltán Böszörményi (3):
        mpich: Upgrade to 4.1.1
        python3-meson-python: New recipe
        python_mesonpy: New class

poky: 00f3d58064..13b646c0e1:
  Adrian Freihofer (9):
        runqemu-ifup: remove uid parameter
        runqemu-ifup: configurable tap names
        runqemu-ifup: fix tap index
        runqemu-ifup: remove only our taps
        runqemu-gen-tapdevs: remove staging dir parameter
        runqemu-gen-tapdevs: remove uid parameter
        runqemu-gen-tapdevs: configurable tap names
        runqemu-gen-tapdevs: remove only our taps
        runqemu: configurable tap names

  Alberto Planas (2):
        bitbake.conf: add unzstd in HOSTTOOLS update to the last 4.x version

  Alejandro Hernandez Samaniego (2):
        baremetal-helloworld: Update SRCREV to fix entry addresses for ARM architectures
        runqemu: Stop passing bindir to the runqemu-ifup call

  Alex Kiernan (1):
        eudev: Upgrade 3.2.11 -> 3.2.12

  Alexander Kanavin (60):
        scripts/runqemu: split lock dir creation into a reusable function
        scripts/runqemu: allocate unfsd ports in a way that doesn't race or clash with unrelated processes
        apmd: remove recipe and apm MACHINE_FEATURE
        qemu: a pending patch was submitted and accepted upstream unassign Adrian Bunk from wireless-regdb unassign Alistair Francis from opensbi unassign Chase Qi from libc-test unassign Oleksandr Kravchuk from python3 and all other items unassign Ricardo Neri from ovmf
        grub: submit determinism.patch upstream
        apr: upgrade 1.7.3 -> 1.7.4
        at-spi2-core: upgrade 2.48.0 -> 2.48.3
        btrfs-tools: upgrade 6.3 -> 6.3.1
        attr: package /etc/xattr.conf with the library that consumes it
        glib-2.0: backport a patch to address ptest fails caused by coreutils 9.2+
        diffoscope: upgrade 236 -> 242
        dnf: upgrade 4.14.0 -> 4.16.1
        ethtool: upgrade 6.2 -> 6.3
        gawk: upgrade 5.2.1 -> 5.2.2
        strace: upgrade 6.2 -> 6.3
        coreutils: upgrade 9.1 -> 9.3
        gnupg: upgrade 2.4.0 -> 2.4.2
        gobject-introspection: upgrade 1.74.0 -> 1.76.1
        kmscube: upgrade to latest revision
        libmodulemd: upgrade 2.14.0 -> 2.15.0
        libuv: license file was split in two in the 1.45.0 version update
        libx11: upgrade 1.8.4 -> 1.8.5
        libxslt: upgrade 1.1.37 -> 1.1.38
        linux-firmware: upgrade 20230404 -> 20230515
        ltp: upgrade 20230127 -> 20230516
        mesa: upgrade 23.0.3 -> 23.1.1
        meson: upgrade 1.1.0 -> 1.1.1
        mmc-utils: upgrade to latest revision
        nettle: upgrade 3.8.1 -> 3.9
        nghttp2: upgrade 1.52.0 -> 1.53.0
        parted: upgrade 3.5 -> 3.6
        puzzles: upgrade to latest revision
        python3: upgrade 3.11.2 -> 3.11.3
        python3-certifi: upgrade 2022.12.7 -> 2023.5.7
        python3-docutils: upgrade 0.19 -> 0.20.1
        python3-flit-core: upgrade 3.8.0 -> 3.9.0
        python3-importlib-metadata: upgrade 6.2.0 -> 6.6.0
        python3-pyasn1: upgrade 0.4.8 -> 0.5.0
        python3-pyopenssl: upgrade 23.1.1 -> 23.2.0
        python3-sphinx: remove BSD-3-Clause from LICENSE
        serf: upgrade 1.3.9 -> 1.3.10
        shaderc: upgrade 2023.2 -> 2023.4
        squashfs-tools: upgrade 4.5.1 -> 4.6.1
        vala: upgrade 0.56.6 -> 0.56.8
        vulkan: upgrade ->
        wget: upgrade 1.21.3 -> 1.21.4
        wireless-regdb: upgrade 2023.02.13 -> 2023.05.03
        xf86-input-libinput: upgrade 1.2.1 -> 1.3.0
        xf86-input-mouse: upgrade 1.9.4 -> 1.9.5
        zstd: upgrade 1.5.4 -> 1.5.5
        gdb: upgrade 13.1 -> 13.2
        libxcrypt: upgrade 4.4.33 -> 4.4.34
        zstd: fix a reproducibility issue in 1.5.5
        sysfsutils: fetch a supported fork from github
        sysfsutils: update 2.1.0 -> 2.1.1

  Alexandre Belloni (1):
        base-passwd: fix patchreview warning

  Alexis Lothoré (3):
        oeqa/core/runner: add helper to know about expected failures
        oeqa/target/ssh: update options for SCP
        testimage: implement test artifacts retriever for failing tests

  Anuj Mittal (1):
        glib-2.0: upgrade 2.76.2 -> 2.76.3

  BELOUARGA Mohamed (1):
        meta: lib: oe: npm_registry: Add more safe caracters

  Bruce Ashfield (4):
        linux-yocto/6.1: update to v6.1.33
        linux-yocto/6.1: fix intermittent x86 boot hangs
        linux-yocto/6.1: update to v6.1.34
        linux-yocto/6.1: update to v6.1.35

  Charlie Wu (1):
        devtool: Fix the wrong variable in srcuri_entry

  Chen Qi (7): error out when moving file fails fix moving dnf contents
        rpm: write macros under libdir
        zip: fix configure check by using _Static_assert
        zip: remove unnecessary LARGE_FILE_SUPPORT CLFAGS
        unzip: fix configure check for cross compilation
        unzip: remove hardcoded LARGE_FILE_SUPPORT

  Denys Dmytriyenko (1):
        binutils: move packaging of gprofng static lib into common .inc

  Ed Beroset (1):
        Add clarification for SRCREV

  Fabien Mahot (2):
        useradd-example: package typo correction
        oeqa/selftest/bbtests: add non-existent prefile/postfile tests

  Hannu Lounento (1):
        profile-manual: fix blktrace remote usage instructions

  Ian Ray (1):
        systemd-systemctl: support instance expansion in WantedBy

  Jermain Horsman (1):
        logrotate: Do not create logrotate.status file

  Jose Quaresma (1):
        selftest/reproducible: Allow chose the package manager

  Jörg Sommer (2):
        runqemu-gen-tapdevs: Refactoring
        runqemu-ifupdown/get-tapdevs: Add support for ip tuntap

  Khem Raj (12):
        llvm: Upgrade to 16.0.5
        glibc: Pass linker choice via compiler flags
        libgcc: Always use BFD linker
        efivar: Upgrade to tip of trunk
        babeltrace2: Always use BFD linker when building tests with ld-is-lld distro feature
        parted: Add missing libuuid to linker cmdline for
        kernel: Add kernel specific STRIP variable
        libxml2: Do not use lld linker when building with tests on rv64
        llvm: Bump to 16.0.6
        go-helloworld: Upgrade to tip of trunk
        rpcsvc-proto: Upgrade to 1.4.4
        python3-bcrypt: Use BFD linker when building tests

  Louis Rannou (3):
        rootfs-postcommands: change sysusers.d command
        systemd: replace the sysusers.d basic configuration
        base-passwd: add the wheel group

  Luca Ceresoli (1):
        ref-manual: classes: devicetree: fix sentence saying the same thing twice

  Markus Volk (2):
        gtk4: upgrade 4.10.3 -> 4.10.4
        gstreamer1.0-plugins-bad: use oneVPL instead of intel-mediasdk for msdk

  Martin Jansa (1):
        libstd-rs, rust: use bfd linker instead of gold

  Michael Opdenacker (5):
        psplash: replace Yocto .h by .png splashscreen
        migration-guides: release-notes-4.3: update documentation notes
        bitbake: bitbake-user-manual: explicit variables taking a colon separated list
        bitbake: bitbake-user-manual: revert change about PREFERRED_PROVIDERS
        ref-manual: variables.rst: explicit variables accepting colon separated lists

  Mikko Rapeli (4):
        useradd-staticids.bbclass: improve error message
        selftest support different build targets

  Ming Liu (2):
        weston-init: introduce xwayland PACKAGECONFIG

  Mingli Yu (2):
        qemu: Split the qemu package
        u-boot-tools: Use PATH_MAX for path length

  Petr Gotthard (1):
        lighttpd: upgrade 1.4.69 -> 1.4.71

  Quentin Schulz (5):
        bitbake: docs: bitbake-user-manual: bitbake-user-manual-hello: add links and highlights for variables
        docs: bsp-guide: bsp: fix typo
        docs: ref-manual: terms: fix typos in SPDX term
        docs: fix unnecessary double white space
        docs: ref-manual: terms: fix incorrect note directive

  Randolph Sapp (6):
        weston-init: make sure the render group exists
        weston-init: add weston user to the render group
        weston-init: add the weston user to the wayland group
        weston-init: fix the mixed indentation
        weston-init: guard against systemd configs
        weston-init: add profile to point users to global socket

  Remi Peuvergne (1):
        common-licenses: Add LGPL-3.0-with-zeromq-exception

  Richard Purdie (18):
        runqemu/qemu-helper: Drop tunctl
        runqemu-if*: Rename confusing variable name
        oeqa/selftest/oescripts: Fix qemu-helper selftest
        oeqa/logparser: Fix ptest No-section exception
        strace: Disable failing test
        strace: Merge two similar patches
        testimage: Only note missing target directories, don't warn
        ptest-runner: Pull in sync fix to improve log warnings
        scripts/runqemu-ifup: Fix extra parameter issue
        scripts/runqemu-ifup: Fix 10 or more tap devices
        bitbake: runqueue: Fix handling of virtual files in layername calculation
        ptest-runner: Ensure data writes don't race
        bitbake.conf: Add layer-<layername> override support
        insane: Improve patch-status layer filtering
        genericx86: Drop gma500-gfx-check
        bitbake: doc: Document FILE_LAYERNAME
        migration-guides: add notes on FILE_LAYERNAME
        migration-guides: add notes on systemd/usrmerge changes

  Ross Burton (15):
        nettle: rewrite ptest integration
        nettle: inherit lib_package
        cve-extra-exclusions: add more ignores for 2023 kernel CVEs
        cve-extra-exclusions: remove 2019 blanket ignores
        poky-altconfig: enable usrmerge DISTRO_FEATURE
        gi-docgen: correct comment
        gobject-introspection: remove obsolete DEPENDS
        coreutils: fix build when the host has fr_FR.
        cve-extra-exclusions: call out an Ubuntu-specific issue explicitly
        cve-extra-exclusions: CVE-2023-3141 was backported in Linux 6.1.30
        erofs-utils: backport fixes for CVE-2023-33551 and CVE-2023-33552
        ghostscript: mostly rewrite recipe
        python3-dbusmock: only recommend python3-pygobject
        sysfsutils: don't install to base_libdir
        base: improve LICENSE_FLAGS_DETAILS output

  Sakib Sajal (1):
        go: Upgrade 1.20.4 -> 1.20.5

  Soumya (1):
        perl: fix CVE-2023-31484

  Stefano Babic (2):
        libubootenv: upgrade 0.3.3 -> 0.3.4
        mtd-utils: export headers and libraries for MTD and UBI

  Sudip Mukherjee (2):
        dpkg: upgrade to v1.21.22
        cmake: upgrade to v3.26.4

  Tan Wen Yan (1):
        linux-yocto/6.1: update genericx86* machines to v6.1.30

  Tom Hochstein (1):
        weston: Cleanup and fix x11 and xwayland dependencies

  Trevor Gamblin (2):
        runqemu-gen-tapdevs: fix missing variable quote
        glib-networking: use correct error code in ptest

  Vincent Davis Jr (4):
        spirv-tools: fix INTERFACE_LINK_LIBRARIES cmake prop
        vulkan-validation-layers: add new recipe v1.3.243.0
        spirv-tools: Use baselib instead of base_libdir
        vulkan-validation-layers: cleanup recipe

  Xiangyu Chen (1):
        dbus: upgrade 1.14.6 -> 1.14.8

  nikhil (1):
        libwebp: Fix CVE-2023-1999 (1):
        cups: Fix CVE-2023-32324

meta-security: 180dac9aec..405cca4028:
  Ahmed Abdelfattah (1):
        swtpm: fix parser error when using USERADDEXTENSION="useradd-staticids"

  Armin Kuster (25):
        scap-security-guide: update to 0.1.67
        scap-security-guide: update to tip
        scap-security-guide_git: drop oe version
        openscap-daemon: This is now obsolete
        oe-scap: Not maintained nor upstreamed
        openscap: Fix native build missing depends
        openscap: Drop OE specific recipe
        lynis: move to main meta-security layer
        openscap: move to main meta-security layer
        meta-security-compliance: remove layer
        openscap: add support for OpenEmbedded nodistro and Poky
        scap-security-guide: add OE support
        packagegroup-core-security: add compliance pkg group
        kas: ci changes do to meta-security-compliance being removed
        meta-security-isafw: drop layer isafw project archived
        openscap: Update to tip to get OE/Poky support
        scap-security-guide: bump the number of test that pass
        clamav: drop unused patch
        isic: fine tune Upstream-Status
        scap-security-guide: Add Poky
        arpwatch: Fix typo in COMPATIBLE_HOST:libc-musl = "null"
        scap-security-guide: add Upstream-Status
        scap-security-guide: Does not build for musl
        openscap: update to 1.3.8
        packagegroup-core-security: add os-release

  Chen Qi (1):
        complicance/isafw: remove oeqa addpylib

  Kevin Hao (1):
        dmverity: Suppress the realpath errors

  Martin Jansa (5):
        *.patch: add Upstream-Status to all patches
        meta-tpm: *.patch: fix malformed Upstream-Status lines
        dynamic-layers: *.patch: fix malformed and missing Upstream-Status lines
        *.patch: fix malformed Upstream-Status and SOB lines
        .patch: remove probably unused patches

  Paul Gortmaker (7):
        dm-verity: add descriptive strings for "wic list images"
        dm-verity: restructure the veritysetup arg parsing
        dm-verity: save veritysetup args beside runtime environment
        dm-verity: add support for hash storage on separate partition
        dm-verity: add fragment with dynamic build hash data
        dm-verity: hook separate hash into initramfs framework
        dm-verity: add sample systemd separate hash example and doc

  Samantha Jalabert (1):
        buck-security: fix missing dependencies to perl modules

meta-raspberrypi: 8e07f0d328..dff85b9a9f:
  Khem Raj (1):
        linux-raspberrypi-6.1: Update to 6.1.34 release

  Martin Jansa (1):
        *.patch: add Upstream-Status to all patches

Signed-off-by: Patrick Williams <>
Change-Id: If34dfa008a81d778c7bc02627388238f5125d85c
1263 files changed
tree: 07d3f525ee77fa94f7cd8792291b2d102be649a6
  1. .github/
  2. meta-amd/
  3. meta-ampere/
  4. meta-arm/
  5. meta-aspeed/
  6. meta-asrock/
  7. meta-bytedance/
  8. meta-delta/
  9. meta-evb/
  10. meta-facebook/
  11. meta-fii/
  12. meta-google/
  13. meta-hpe/
  14. meta-ibm/
  15. meta-ingrasys/
  16. meta-inspur/
  17. meta-intel-openbmc/
  18. meta-inventec/
  19. meta-nuvoton/
  20. meta-openembedded/
  21. meta-openpower/
  22. meta-phosphor/
  23. meta-qualcomm/
  24. meta-quanta/
  25. meta-raspberrypi/
  26. meta-security/
  27. meta-supermicro/
  28. meta-tyan/
  29. meta-ufispace/
  30. meta-wistron/
  31. meta-yadro/
  32. poky/
  33. .eslintrc.json
  34. .gitignore
  35. .gitreview
  36. openbmc-env
  37. OWNERS
  39. setup


Build Status

OpenBMC is a Linux distribution for management controllers used in devices such as servers, top of rack switches or RAID appliances. It uses Yocto, OpenEmbedded, systemd, and D-Bus to allow easy customization for your platform.

Setting up your OpenBMC project

1) Prerequisite

See the Yocto documentation for the latest requirements


sudo apt install git python3-distutils gcc g++ make file wget \
    gawk diffstat bzip2 cpio chrpath zstd lz4 bzip2


sudo dnf install git python3 gcc g++ gawk which bzip2 chrpath cpio \
    hostname file diffutils diffstat lz4 wget zstd rpcgen patch

2) Download the source

git clone
cd openbmc

3) Target your hardware

Any build requires an environment set up according to your hardware target. There is a special script in the root of this repository that can be used to configure the environment as needed. The script is called setup and takes the name of your hardware target as an argument.

The script needs to be sourced while in the top directory of the OpenBMC repository clone, and, if run without arguments, will display the list of supported hardware targets, see the following example:

$ . setup <machine> [build_dir]
Target machine must be specified. Use one of:

bletchley               mori                    s8036
dl360poc                mtjade                  swift
e3c246d4i               mtmitchell              tatlin-archive-x86
ethanolx                nicole                  tiogapass
evb-ast2500             olympus-nuvoton         transformers
evb-ast2600             on5263m5                vegman-n110
evb-npcm750             p10bmc                  vegman-rx20
f0b                     palmetto                vegman-sx20
fp5280g2                qcom-dc-scm-v1          witherspoon
g220a                   quanta-q71l             witherspoon-tacoma
gbs                     romed8hm3               x11spi
greatlakes              romulus                 yosemitev2
gsj                     s2600wf                 zaius
kudo                    s6q
lannister               s7106

Once you know the target (e.g. romulus), source the setup script as follows:

. setup romulus

4) Build

bitbake obmc-phosphor-image

Additional details can be found in the docs repository.

OpenBMC Development

The OpenBMC community maintains a set of tutorials new users can go through to get up to speed on OpenBMC development out here

Build Validation and Testing

Commits submitted by members of the OpenBMC GitHub community are compiled and tested via our Jenkins server. Commits are run through two levels of testing. At the repository level the makefile make check directive is run. At the system level, the commit is built into a firmware image and run with an arm-softmmu QEMU model against a barrage of CI tests.

Commits submitted by non-members do not automatically proceed through CI testing. After visual inspection of the commit, a CI run can be manually performed by the reviewer.

Automated testing against the QEMU model along with supported systems are performed. The OpenBMC project uses the Robot Framework for all automation. Our complete test repository can be found here.

Submitting Patches

Support of additional hardware and software packages is always welcome. Please follow the contributing guidelines when making a submission. It is expected that contributions contain test cases.

Bug Reporting

Issues are managed on GitHub. It is recommended you search through the issues before opening a new one.


First, please do a search on the internet. There's a good chance your question has already been asked.

For general questions, please use the openbmc tag on Stack Overflow. Please review the discussion on Stack Overflow licensing before posting any code.

For technical discussions, please see contact info below for Discord and mailing list information. Please don't file an issue to ask a question. You'll get faster results by using the mailing list or Discord.

Will OpenBMC run on my Acme Server Corp. XYZ5000 motherboard?

This is a common question, particularly regarding boards from popular COTS (commercial off-the-shelf) vendors such as Supermicro and ASRock. You can see the list of supported boards by running . setup (with no further arguments) in the root of the OpenBMC source tree. Most of the platforms supported by OpenBMC are specialized servers operated by companies running large datacenters, but some more generic COTS servers are supported to varying degrees.

If your motherboard is not listed in the output of . setup it is not currently supported. Porting OpenBMC to a new platform is a non-trivial undertaking, ideally done with the assistance of schematics and other documentation from the manufacturer (it is not completely infeasible to take on a porting effort without documentation via reverse engineering, but it is considerably more difficult, and probably involves a greater risk of hardware damage).

However, even if your motherboard is among those listed in the output of . setup, there are two significant caveats to bear in mind. First, not all ports are equally mature -- some platforms are better supported than others, and functionality on some "supported" boards may be fairly limited. Second, support for a motherboard is not the same as support for a complete system -- in particular, fan control is critically dependent on not just the motherboard but also the fans connected to it and the chassis that the board and fans are housed in, both of which can vary dramatically between systems using the same board model. So while you may be able to compile and install an OpenBMC build on your system and get some basic functionality, rough edges (such as your cooling fans running continuously at full throttle) are likely.

Features of OpenBMC

Feature List

  • Host management: Power, Cooling, LEDs, Inventory, Events, Watchdog
  • Full IPMI 2.0 Compliance with DCMI
  • Code Update Support for multiple BMC/BIOS images
  • Web-based user interface
  • REST interfaces
  • D-Bus based interfaces
  • SSH based SOL
  • Remote KVM
  • Hardware Simulation
  • Automated Testing
  • User management
  • Virtual media

Features In Progress

  • OpenCompute Redfish Compliance
  • Verified Boot

Features Requested but need help

  • OpenBMC performance monitoring

Finding out more

Dive deeper into OpenBMC by opening the docs repository.

Technical Steering Committee

The Technical Steering Committee (TSC) guides the project. Members are:

  • Roxanne Clarke, IBM
  • Nancy Yuen, Google
  • Patrick Williams, Meta
  • Terry Duncan, Intel
  • Sagar Dharia, Microsoft
  • Samer El-Haj-Mahmoud, Arm