refactor(submodules): remove submodules

2023-12-26 18:29:54 +01:00
100 changed files with 568 additions and 1335 deletions
--- a/.gitmodules
+++ b/.gitmodules
@ -1,36 +0,0 @@
 [submodule "bitbake"]
 	path = bitbake
 	url = ssh://git@bitbucket.gad.local:7999/ico/bitbake.git
 	branch = 2.0
 [submodule "openembedded-core"]
 	path = external-layers/openembedded-core
 	url = ssh://git@bitbucket.gad.local:7999/ico/openembedded-core.git
 	branch = kirkstone
 [submodule "meta-openembedded"]
 	path = external-layers/meta-openembedded
 	url = ssh://git@bitbucket.gad.local:7999/ico/meta-openembedded.git
 	branch = kirkstone
 [submodule "meta-virtualization"]
 	path = external-layers/meta-virtualization
 	url = ssh://git@bitbucket.gad.local:7999/ico/meta-virtualization.git
 	branch = kirkstone
 [submodule "meta-efibootguard"]
 	path = external-layers/meta-efibootguard
 	url = ssh://git@bitbucket.gad.local:7999/ico/meta-efibootguard.git
 	branch = master
 [submodule "meta-swupdate"]
 	path = external-layers/meta-swupdate
 	url = ssh://git@bitbucket.gad.local:7999/ico/meta-swupdate.git
 	branch = kirkstone
 [submodule "meta-arm"]
 	path = external-layers/meta-arm
 	url = ssh://git@bitbucket.gad.local:7999/ico/meta-arm.git
 	branch = kirkstone
 [submodule "meta-ti"]
 	path = external-layers/meta-ti
 	url = ssh://git@bitbucket.gad.local:7999/ico/meta-ti.git
 	branch = kirkstone
 [submodule "meta-lts-kernel-mixin"]
 	path = external-layers/meta-lts-kernel-mixin
 	url = ssh://git@bitbucket.gad.local:7999/ico/meta-lts-mixins.git
 	branch = coreos/kirkstone/kernel
--- a/.vscode/extensions.json
+++ b/.vscode/extensions.json
@ -2,9 +2,9 @@
    "recommendations": [
        "ms-vscode.makefile-tools",
        "timonwong.shellcheck",
        "eugenwiens.bitbake",
        "kweihmann.oelint-vscode",
        "lextudio.restructuredtext",
-        "trond-snekvik.simple-rst",
+        "trond-snekvik.simple-rst"
        "yocto-project.yocto-bitbake"
    ]
 }
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@ -1,47 +1,12 @@
 {
    "files.watcherExclude": {
-        "**/build/**": true,
+        "**/build/cache/**": true,
-        "**/_build/**": true,
+        "**/build/downloads/**": true,
        "**/build/sstate-cache/**": true,
        "**/build/tmp/**": true,
        "**/documentation/_build/**": true,
        "**/build/workspace": true
    },
    "search.exclude": {
        "**/build/**": true,
        "**/_build/**": true,
    },
    "C_Cpp.files.exclude": {
        "**/build": true,
        "**/_build": true,
    },
    "python.analysis.exclude": [
        "**/build/**",
        "**/_build/**",
    ],
    "python.formatting.provider": "black",
-    "editor.rulers": [80,100,120],
+    "editor.rulers": [80,100,120]
    "bitbake.pathToBuildFolder": "${workspaceFolder}/build",
    "bitbake.pathToEnvScript": "${workspaceFolder}/coreos-init-build-env",
    "bitbake.pathToBitbakeFolder": "${workspaceFolder}/bitbake",
    "python.autoComplete.extraPaths": [
        "${workspaceFolder}/bitbake/lib",
        "${workspaceFolder}/meta/lib"
    ],
    "python.analysis.extraPaths": [
        "${workspaceFolder}/bitbake/lib",
        "${workspaceFolder}/meta/lib"
    ],
    "[python]": {
        "diffEditor.ignoreTrimWhitespace": false,
        "gitlens.codeLens.symbolScopes": [
            "!Module"
        ],
        "editor.formatOnType": true,
        "editor.wordBasedSuggestions": "off",
        "files.trimTrailingWhitespace": false
    },
    "[shellscript]": {
        "files.eol": "\n",
        "files.trimTrailingWhitespace": false
    },
    "bitbake.sdkImage": "coreos-image-minimal",
    "bitbake.workingDirectory": "${workspaceFolder}",
    "task.saveBeforeRun": "always",
 }
--- a/1
+++ b/1
@ -1 +0,0 @@
 Subproject commit 40fd5f4eef7460ca67f32cfce8e229e67e1ff607
--- a/15
+++ b/15
@ -92,3 +92,18 @@ coreos-bblayers-envsub COREOS_EXTLAYERSDIR "${COREOS_ROOT}/external-layers"
 # stdout is redirected to reduce the amount of output but not stderr
 #
 #Note: if a final build is detected all the dev keys are deleted
 if [ "$CreateFinal" = "true" ]; then
    echo "\nFinal build detected delete dev keys and dont use or generate them" >&2
    rm -rf "${BUILDDIR}/keys"
 else
    echo "\nNo final build detected use development keys" >&2
    coreos-get-dev-keys > /dev/null || {
        echo "The coreos-get-dev-keys script has failed" >&2
    }
    coreos-keygen > /dev/null || {
        echo "The coreos-keygen script has failed" >&2
        return 1
    }
 fi
--- a/documentation/components/optional/installer.rst
+++ b/documentation/components/optional/installer.rst
@ -3,35 +3,33 @@
 CoreOS Installer
 ****************
-The CoreOS installer is a set of scripts running on the target and a
+The CoreOS installer is a set of script running on the target and a
 corresponding bitbake image that is used into the bootstrap process of CoreOS.
 coreos-image-installer
 ======================
-The CoreOS image installer results in an image contairing only a single binary
+The CoreOS installer image is a single binary EFI file that include a kernel,
-EFI file. This EFI file includes a kernel, a device tree and an initramfs with
+device tree and an initramfs with all the tools needed to install CoreOS.
 all (and only) the tools needed to install CoreOS.
-The installer image is not automatically built in parallel of a normal image.
+An installer image is automatically built in parallel of a normal image.
-This can be changed by setting `COREOS_IMAGE_GENERATE_INSTALLER` to 1 in the
+This can be deactivated by setting `COREOS_IMAGE_GENERATE_INSTALLER` to 0.
 image file (as it is done for example in coreos-image-all-features.bb).
 The installer image build by default only a single EFI binary named
-coreos-installer-MACHINE.efi. An SDCard or USB image can be generated if
+coreos-installer-MACHINE.efi. An SDCard image can be generate if
 `COREOS_INSTALLER_WKS_FILE` is set to a wks file.
 coreos-installer
 ================
-The coreos-installer recipe installs scripts that are used at startup to
+The coreos-installer recipe installs some script that is used at startup
-automatically format the internal emmc of the device. The recipe also contains
+to automatically format the internal emmc of the device. It also contains
 a swupdate configuration file to setup swupdate correctly for that use case.
 coreos-installer-config
 =======================
 The coreos-installer-config recipe installs device specific configuration file
-used by the coreos-installer. This includes the partitioner config file. Distros
+used by the coreos-installer. This includes the partitionner config file. Distro
-and projects based on CoreOS can change the partioning scheme or partition size
+and project based on CoreOS can change the partionning scheme or partition size
 by installing their own version of this package using a `bbappend file`.
--- a/external-layers/meta-arm
+++ b/external-layers/meta-arm
@ -1 +0,0 @@
 Subproject commit d7b7b6fb6c7c5545e718e44f38853d1718ce5446
--- a/external-layers/meta-efibootguard
+++ b/external-layers/meta-efibootguard
@ -1 +0,0 @@
 Subproject commit e3581b11d30d91d0363acb48a6aee47043b7e0bc
--- a/external-layers/meta-lts-kernel-mixin
+++ b/external-layers/meta-lts-kernel-mixin
@ -1 +0,0 @@
 Subproject commit 09d2f9391813674627ec53cb222da6c7a51221e6
--- a/external-layers/meta-openembedded
+++ b/external-layers/meta-openembedded
@ -1 +0,0 @@
 Subproject commit 8bb16533532b6abc2eded7d9961ab2a108fd7a5b
--- a/external-layers/meta-swupdate
+++ b/external-layers/meta-swupdate
@ -1 +0,0 @@
 Subproject commit 3d12b2788a45d86efcb1ad3e01f209558c54795c
--- a/external-layers/meta-ti
+++ b/external-layers/meta-ti
@ -1 +0,0 @@
 Subproject commit bae3658ac0bc1c9adac7a882439cabb385cae720
--- a/external-layers/meta-virtualization
+++ b/external-layers/meta-virtualization
@ -1 +0,0 @@
 Subproject commit cb2bc17e96552cdfc141d27bd9f4dbd95a872846
--- a/external-layers/openembedded-core
+++ b/external-layers/openembedded-core
@ -1 +0,0 @@
 Subproject commit 1b5405955c7c2579ed1f52522e2e177d0281fa33
--- a/layers/meta-belden-coreos-bsp/classes/coreos-efi-secureboot.bbclass
+++ b/layers/meta-belden-coreos-bsp/classes/coreos-efi-secureboot.bbclass
@ -3,7 +3,7 @@
 # UEFI Secure boot configuration
 # ==============================================================================
-COREOS_EFI_SECUREBOOT_KEYDIR ??= "${RECIPE_SYSROOT_NATIVE}/${datadir}/keys"
+COREOS_EFI_SECUREBOOT_KEYDIR ??= "${TOPDIR}/keys"
 COREOS_EFI_SECUREBOOT_INSTALL_PUBKEY_IN_EFIDIR ??= "0"
 # UEFI Secure boot helpers
@ -16,12 +16,12 @@ HOSTTOOLS += "sbsign"
 # Ensure that the public keys are always deployed to the deploy directory
 # before running wic
-do_image_wic[depends] += "cos-certificates-and-keys-native:do_deploy"
+do_image_wic[depends] += "efi-secureboot-keys:do_deploy"
 COREOS_EFI_SECUREBOOT_INSTALL_PUBKEY_IN_EFIDIR ??= "0"
 def get_coreos_secureboot_efi_boot_files(d):
    """
-        Return the list of pubkey file inside deploy if
+        Return the list of pubkey file inside deploy if 
        COREOS_EFI_SECUREBOOT_INSTALL_PUBKEY_IN_EFIDIR is set or an empty string
        otherwise
    """
@ -31,4 +31,26 @@ def get_coreos_secureboot_efi_boot_files(d):
 IMAGE_EFI_BOOT_FILES:append = " ${@get_coreos_secureboot_efi_boot_files(d)}"
 def get_coreos_secureboot_keydir_hash(d):
    """
        Generate a space separate list, with a value for each file inside of 
        keydir. Fromat: <filename>:md5:<md5sum>
    """
    import hashlib
    keydir = d.getVar('COREOS_EFI_SECUREBOOT_KEYDIR')
    value = ""
    for keyname in os.listdir(keydir):
        filepath = os.path.join(keydir, keyname)
        if os.path.isfile(filepath): 
            md5 = bb.utils.md5_file(filepath)
            value += f"{keyname}:md5:{md5} "
    return value
 # The build system should detect if someone change one of the key inside
 # COREOS_EFI_SECUREBOOT_KEYDIR and rebuild all the recipes and artifacts that
 # depends on this directory
 COREOS_EFI_SECUREBOOT_KEYDIR_HASH = "${@get_coreos_secureboot_keydir_hash(d)}"
 COREOS_EFI_SECUREBOOT_KEYDIR[vardeps] += "COREOS_EFI_SECUREBOOT_KEYDIR_HASH"
--- a/layers/meta-belden-coreos-bsp/conf/machine/beaglebone.conf
+++ b/layers/meta-belden-coreos-bsp/conf/machine/beaglebone.conf
@ -12,7 +12,7 @@ include conf/machine/include/arm/armv7a/tune-cortexa8.inc
 IMAGE_FSTYPES += "wic wic.xz wic.bmap"
 WKS_FILE ?= "beaglebone-sdcard.wks.in"
 COREOS_INSTALLER_WKS_FILE ?= "beaglebone-sdcard-installer.wks"
-MACHINE_ESSENTIAL_EXTRA_RDEPENDS += "kernel-image"
+MACHINE_ESSENTIAL_EXTRA_RDEPENDS += "kernel-image kernel-devicetree"
 do_image_wic[depends] += "mtools-native:do_populate_sysroot dosfstools-native:do_populate_sysroot gptfdisk-native:do_populate_sysroot virtual/bootloader:do_deploy"
 do_image_wic[recrdeptask] += "do_bootimg"
@ -21,10 +21,10 @@ SERIAL_CONSOLES_CHECK = "${SERIAL_CONSOLES}"
 APPEND:append = " console=ttyS0,115200"
 PREFERRED_PROVIDER_virtual/kernel ?= "linux-yocto"
-PREFERRED_VERSION_linux-yocto ?= "6.6%"
+PREFERRED_VERSION_linux-yocto ?= "5.15%"
 KERNEL_IMAGETYPE = "zImage"
-DTB_FILES = "ti/omap/am335x-bone.dtb ti/omap/am335x-boneblack.dtb ti/omap/am335x-bonegreen.dtb"
+KERNEL_DEVICETREE = "am335x-bone.dtb am335x-boneblack.dtb am335x-bonegreen.dtb"
 KERNEL_EXTRA_ARGS += "LOADADDR=${UBOOT_ENTRYPOINT}"
 PREFERRED_PROVIDER_virtual/bootloader ?= "u-boot"
--- a/layers/meta-belden-coreos-bsp/conf/machine/eagle40-03.conf
+++ b/layers/meta-belden-coreos-bsp/conf/machine/eagle40-03.conf
@ -5,12 +5,12 @@
 require include/coreos-generic-arch/x64.inc
-MACHINE_FEATURES += "pci usbhost x86 serial efi"
+MACHINE_FEATURES += "pci usbhost x86 acpi serial efi tpm2 "
 # Kernel configuration
 # ******************************************************************************
-PREFERRED_VERSION_linux-yocto ?= "6.6%"
+PREFERRED_VERSION_linux-yocto ?= "5.15%"
 PREFERRED_PROVIDER_virtual/kernel ?= "linux-yocto"
 KERNEL_IMAGETYPE = "bzImage"
@ -28,10 +28,11 @@ APPEND += "console=ttyS0,115200"
 # Ensure that both flash-image.bin and boot.scr are generated as they are needed
 # for a wic image
 WKS_FILE = "generic-uefi.wks.in"
-COREOS_INSTALLER_WKS_FILE ?= "generic-uefi-usb-installer.wks"
+# COREOS_INSTALLER_WKS_FILE ?= ""  --> TBD
 IMAGE_FSTYPES += "wic.xz wic.bmap"
 MACHINE_ESSENTIAL_EXTRA_RDEPENDS += " kernel-modules"
 # COREOS_IMAGE_SWUPDATE_EXTRACLASSES += "" --> TBD
 # No watchdog available yet
 EFIBOOTGUARD_TIMEOUT ?= "0"
--- a/layers/meta-belden-coreos-bsp/conf/machine/include/coreos-generic-features/partitions.inc
+++ b/layers/meta-belden-coreos-bsp/conf/machine/include/coreos-generic-features/partitions.inc
@ -1,20 +1,15 @@
-# Variables used in WKS file
+
 # Variable used in WKS file
 WKS_PART_EFI ??= 'part --source efibootguard-efi --label efi --part-type=EF00'
 WKS_PART_EFIBOOTGUARD_A ??= 'part --source efibootguard-boot --label ebg0 --part-type=0700 --sourceparams "args=coreos.root=rootfs0,watchdog=${EFIBOOTGUARD_TIMEOUT},revision=2,kernel=${COREOS_KERNEL_FILENAME};KERNEL.EFI"'
 WKS_PART_EFIBOOTGUARD_B ??= 'part --source efibootguard-boot --label ebg1 --part-type=0700 --sourceparams "args=coreos.root=rootfs1,watchdog=${EFIBOOTGUARD_TIMEOUT},revision=1,kernel=${COREOS_KERNEL_FILENAME};KERNEL.EFI"'
 WKS_PART_ROOT_A ??= 'part / --source rootfs --fstype=ext4 --label rootfs0'
 WKS_PART_ROOT_B ??= 'part --fstype=ext4 --label rootfs1'
-WKS_PART_USERDATA ??= 'part /usr/local/data --fstype=btrfs --label userdata'
+WKS_PART_ROOT_SIZE ??= '2G'
 PART_EFI_SIZE ??= '64M'
 PART_ROOT_SIZE ??= '1G'
 PART_EFIBG_SIZE ??= '128M'
 PART_USERDATA_SIZE ??= '1G'
 # Variables used in SFDISK file
 SFDISK_PART_EFI ??= 'type=C12A7328-F81F-11D2-BA4B-00A0C93EC93B, name="efi"'
 SFDISK_PART_EFIBOOTGUARD_A ??= 'type=EBD0A0A2-B9E5-4433-87C0-68B6B72699C7, name="ebg0"'
 SFDISK_PART_EFIBOOTGUARD_B ??= 'type=EBD0A0A2-B9E5-4433-87C0-68B6B72699C7, name="ebg1"'
 SFDISK_PART_ROOT_A ??= 'type=0FC63DAF-8483-4772-8E79-3D69D8477DE4, name="rootfs0"'
-SFDISK_PART_ROOT_B ??= 'type=0FC63DAF-8483-4772-8E79-3D69D8477DE4, name="rootfs1"'
+SFDISK_PART_ROOT_B ??= 'type=0FC63DAF-8483-4772-8E79-3D69D8477DE4, name="rootfs0"'
 SFDISK_PART_USERDATA ??= 'type=0FC63DAF-8483-4772-8E79-3D69D8477DE4, name="userdata"'
--- a/layers/meta-belden-coreos-bsp/conf/machine/include/coreos-generic-machine/vm.inc
+++ b/layers/meta-belden-coreos-bsp/conf/machine/include/coreos-generic-machine/vm.inc
@ -6,7 +6,7 @@ MACHINE_FEATURES += "wifi efi"
 # Add an override that work for all pc image
 MACHINEOVERRIDES =. "vm:"
-PREFERRED_VERSION_linux-yocto ?= "6.6%"
+PREFERRED_VERSION_linux-yocto ?= "5.15%"
 PREFERRED_PROVIDER_virtual/kernel ?= "linux-yocto"
 MACHINE_EXTRA_RRECOMMENDS += "kernel-modules linux-firmware"
--- a/layers/meta-belden-coreos-bsp/conf/machine/qemu-coreos-arm64.conf
+++ b/layers/meta-belden-coreos-bsp/conf/machine/qemu-coreos-arm64.conf
@ -6,9 +6,9 @@
 require conf/machine/qemu-generic-arm64.conf
 MACHINEOVERRIDES =. "qemu-generic-arm64:"
-COREOS_IMAGE_GENERATE_INSTALLER = "0"
+IMAGE_FSTYPES += "wic.xz wic.bmap"
 WKS_FILE = "qemu-efi-coreos-generic.wks.in"
 QB_DRIVE_TYPE = "/dev/sd"
 EFIBOOTGUARD_TIMEOUT ?= "0"
 require conf/machine/include/coreos-generic-features/efi.inc
--- a/layers/meta-belden-coreos-bsp/recipes-bsp/u-boot/u-boot-coreos-efi.inc
+++ b/layers/meta-belden-coreos-bsp/recipes-bsp/u-boot/u-boot-coreos-efi.inc
@ -1,23 +1,12 @@
 # Ensure that file are found event when this file is included in another layer
 # ==============================================================================
 FILESEXTRAPATHS:prepend := "${THISDIR}/u-boot:"
 # U-Boot CoreOS Distro Settings
 # ==============================================================================
 # Enable more debug option when debug-tweaks is enabled
 SRC_URI += " \
    ${@bb.utils.contains("IMAGE_FEATURES", "debug-tweaks", "file://debug-tweaks.cfg", "", d)} \
 "
 inherit coreos-efi-secureboot
 # Make sure UEFI and secure boot is enabled for every u-boot build
 SRC_URI += " \
    file://uefi.cfg \
    file://uefi-secureboot.cfg \
 "
 DEPENDS:append = " ${PYTHON_PN}-pyopenssl-native u-boot-tools-native"
 # Generate a ubootefi.var file inside the build directory
 #
 # This file can be directly linked inside the u-boot binary to provide
@ -26,7 +15,6 @@ SRC_URI += " \
 #
 # The efivar.py is taken from u-boot-tools recipes, so that we are sure that he
 # is found and don't depend on the u-boot version being used
 DEPENDS:append = " ${PYTHON_PN}-pyopenssl-native u-boot-tools-native cos-certificates-and-keys-native"
 addtask uboot_generate_efivar after do_configure before do_compile
 do_uboot_generate_efivar() {
    # Settings OPENSSL_MODULES is needed, otherwise efivar.py fail with
--- a/layers/meta-belden-coreos-bsp/recipes-bsp/u-boot/u-boot-coreos.inc
+++ b/layers/meta-belden-coreos-bsp/recipes-bsp/u-boot/u-boot-coreos.inc
@ -0,0 +1,12 @@
 # Ensure that file are found event when this file is included in another layer
 # ==============================================================================
 FILESEXTRAPATHS:prepend := "${THISDIR}/u-boot:"
 # Main include file for u-boot to ensure CoreOS compatibility
 # ==============================================================================
 SRC_URI += " \
    ${@bb.utils.contains("IMAGE_FEATURES", "debug-tweaks", "file://debug-tweaks.cfg", "", d)} \
 "
 require ${@bb.utils.contains("COMBINED_FEATURES", "efi", "u-boot-coreos-efi.inc", "", d)}
--- a/layers/meta-belden-coreos-bsp/recipes-bsp/u-boot/u-boot-tools_2022.01.bbappend
+++ b/layers/meta-belden-coreos-bsp/recipes-bsp/u-boot/u-boot-tools_2022.01.bbappend
--- a/layers/meta-belden-coreos-bsp/recipes-bsp/u-boot/u-boot/debug-tweaks.cfg
+++ b/layers/meta-belden-coreos-bsp/recipes-bsp/u-boot/u-boot/debug-tweaks.cfg
--- a/layers/meta-belden-coreos-bsp/recipes-bsp/u-boot/u-boot/uefi-secureboot.cfg
+++ b/layers/meta-belden-coreos-bsp/recipes-bsp/u-boot/u-boot/uefi-secureboot.cfg
--- a/layers/meta-belden-coreos-bsp/recipes-bsp/u-boot/u-boot/uefi.cfg
+++ b/layers/meta-belden-coreos-bsp/recipes-bsp/u-boot/u-boot/uefi.cfg
--- a/layers/meta-belden-coreos-bsp/recipes-bsp/u-boot/u-boot_2022.01.bbappend
+++ b/layers/meta-belden-coreos-bsp/recipes-bsp/u-boot/u-boot_2022.01.bbappend
@ -0,0 +1,2 @@
 FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"
 require u-boot-coreos.inc
--- a/layers/meta-belden-coreos-bsp/recipes-bsp/u-boot/u-boot_2022.10.bb
+++ b/layers/meta-belden-coreos-bsp/recipes-bsp/u-boot/u-boot_2022.10.bb
@ -4,3 +4,5 @@ require recipes-bsp/u-boot/u-boot.inc
 SRCREV = "4debc57a3da6c3f4d3f89a637e99206f4cea0a96"
 DEPENDS += "bc-native dtc-native python3-setuptools-native"
 LIC_FILES_CHKSUM = "file://Licenses/README;md5=2ca5f2c35c8cc335f0a19756634782f1"
 require u-boot-coreos.inc
--- a/layers/meta-belden-coreos-bsp/recipes-coreos/coreos-installer/coreos-installer-config/beaglebone_1.0.sfdisk
+++ b/layers/meta-belden-coreos-bsp/recipes-coreos/coreos-installer/coreos-installer-config/beaglebone_1.0.sfdisk
@ -12,8 +12,8 @@ sector-size: 512
 /dev/mmcblk1p1 : start=         256, size=         512, type=4DA6E9DA-C803-4BE4-BAC4-8192717C5EB0, name="mlo", attrs="RequiredPartition"
 /dev/mmcblk1p2 : start=         768, size=        8192, type=5B97345D-B7A1-47D3-A491-ED40F4841639, name="uboot", attrs="RequiredPartition"
-/dev/mmcblk1p3 : size= ${PART_EFI_SIZE}, ${SFDISK_PART_EFI}
+/dev/mmcblk1p3 : start=        8960, size=      131072, ${SFDISK_PART_EFI}
-/dev/mmcblk1p4 : size= ${PART_EFIBG_SIZE}, ${SFDISK_PART_EFIBOOTGUARD_A}
+/dev/mmcblk1p4 : start=      140032, size=      262144, ${SFDISK_PART_EFIBOOTGUARD_A}
-/dev/mmcblk1p5 : size= ${PART_EFIBG_SIZE}, ${SFDISK_PART_EFIBOOTGUARD_B}
+/dev/mmcblk1p5 : start=      402176, size=      262144, ${SFDISK_PART_EFIBOOTGUARD_B}
-/dev/mmcblk1p6 : size= ${PART_ROOT_SIZE}, ${SFDISK_PART_ROOT_A}
+/dev/mmcblk1p6 : start=      664320, size=     3403375, ${SFDISK_PART_ROOT_A}
-/dev/mmcblk1p7 : size= ${PART_ROOT_SIZE}, ${SFDISK_PART_ROOT_B}
+/dev/mmcblk1p7 : start=     4067695, size=     3403375, ${SFDISK_PART_ROOT_B}
--- a/layers/meta-belden-coreos-bsp/recipes-coreos/coreos-installer/coreos-installer-config/eagle40-03_1.0.sfdisk
+++ b/layers/meta-belden-coreos-bsp/recipes-coreos/coreos-installer/coreos-installer-config/eagle40-03_1.0.sfdisk
@ -1,13 +0,0 @@
 label: gpt
 device: /dev/mmcblk2
 unit: sectors
 first-lba: 34
 last-lba: 7471070
 sector-size: 512
 /dev/mmcblk2p1 : start= 256, size= ${PART_EFI_SIZE}, ${SFDISK_PART_EFI}
 /dev/mmcblk2p2 : size= ${PART_ROOT_SIZE}, ${SFDISK_PART_ROOT_A}
 /dev/mmcblk2p3 : size= ${PART_ROOT_SIZE}, ${SFDISK_PART_ROOT_B}
 /dev/mmcblk2p4 : size= ${PART_EFIBG_SIZE}, ${SFDISK_PART_EFIBOOTGUARD_A}
 /dev/mmcblk2p5 : size= ${PART_EFIBG_SIZE}, ${SFDISK_PART_EFIBOOTGUARD_B}
 /dev/mmcblk2p6 : size= ${PART_USERDATA_SIZE}, ${SFDISK_PART_USERDATA}
--- a/layers/meta-belden-coreos-bsp/recipes-coreos/coreos-installer/coreos-installer-config_%.bbappend
+++ b/layers/meta-belden-coreos-bsp/recipes-coreos/coreos-installer/coreos-installer-config_%.bbappend
@ -1,4 +1,3 @@
 FILESEXTRAPATHS:prepend := "${THISDIR}/coreos-installer-config:"
 SRC_URI:append:beaglebone = " file://beaglebone_1.0.sfdisk"
 SRC_URI:append:eagle40-03 = " file://eagle40-03_1.0.sfdisk"
--- a/layers/meta-belden-coreos-bsp/recipes-kernel/linux/files/eagle40-03.cfg
+++ b/layers/meta-belden-coreos-bsp/recipes-kernel/linux/files/eagle40-03.cfg
@ -1,2 +0,0 @@
 CONFIG_F71808E_WDT=y
 CONFIG_WATCHDOG_SYSFS=y
--- a/layers/meta-belden-coreos-demo/recipes-kernel/linux/files/k3s_kernel_adaptions.cfg
+++ b/layers/meta-belden-coreos-demo/recipes-kernel/linux/files/k3s_kernel_adaptions.cfg
--- a/layers/meta-belden-coreos-bsp/recipes-kernel/linux/linux-yocto-coreos-efi.inc
+++ b/layers/meta-belden-coreos-bsp/recipes-kernel/linux/linux-yocto-coreos-efi.inc
@ -0,0 +1,23 @@
 inherit coreos-efi-sbsign
 require conf/image-uefi.conf
 # Ensure EFI STUB is enabled
 KERNEL_FEATURES:append = " cfg/efi.scc cfg/efi-ext.scc"
 # By default we use a Unified Kernel Image that contain the kernel, the
 # kernel command line and some device tree, so we don't need to sign the output
 # of the kernel recipes
 COREOS_KERNEL_EFI_SIGNED ??= "0"
 # Extend the kernel_do_deploy function from kernel.bbclass to sign the kernel
 kernel_do_deploy:append() {
    if [ "${COREOS_KERNEL_EFI_SIGNED}" == "1" ]; then
      deployDir="${DEPLOYDIR}"
      for imageType in ${KERNEL_IMAGETYPES} ; do
        baseName="$imageType-${KERNEL_IMAGE_NAME}"
        coreos_efi_secureboot_sign_app "$deployDir/$baseName${KERNEL_IMAGE_BIN_EXT}"
      done
    fi
 }
--- a/layers/meta-belden-coreos-bsp/recipes-kernel/linux/linux-yocto_5.15.bbappend
+++ b/layers/meta-belden-coreos-bsp/recipes-kernel/linux/linux-yocto_5.15.bbappend
@ -4,7 +4,7 @@ COMPATIBLE_MACHINE:vm-x64 = "vm-x64"
 # Enable some kernel features related to virtualiuzation
 KERNEL_FEATURES:append:vm-x64=" cfg/virtio.scc cfg/paravirt_kvm.scc"
-SRC_URI:append:vm-x64 = " file://hyperv.cfg"
+
 KMACHINE:eagle40-03 ?= "common-pc-64"
 KBRANCH:eagle40-03 = "v5.15/standard/base"
@ -18,3 +18,8 @@ KMACHINE:beaglebone ?= "beaglebone"
 SRCREV_machine:beaglebone ?= "9aabbaa89fcb21af7028e814c1f5b61171314d5a"
 COMPATIBLE_MACHINE:beaglebone = "beaglebone"
 LINUX_VERSION:beaglebone = "5.15.54"
 require ${@bb.utils.contains("COMBINED_FEATURES", "efi", "linux-yocto-coreos-efi.inc", "", d)}
 SRC_URI += " file://k3s_kernel_adaptions.cfg"
 SRC_URI:append:vm-x64 = " file://hyperv.cfg"
--- a/layers/meta-belden-coreos-bsp/recipes-kernel/linux/linux-yocto_6.6.bbappend
+++ b/layers/meta-belden-coreos-bsp/recipes-kernel/linux/linux-yocto_6.6.bbappend
@ -1,14 +0,0 @@
 FILESEXTRAPATHS:prepend := "${THISDIR}/files:"
 KMACHINE:eagle40-03 ?= "common-pc-64"
 COMPATIBLE_MACHINE:eagle40-03 = "eagle40-03"
 KMACHINE:beaglebone ?= "beaglebone"
 COMPATIBLE_MACHINE:beaglebone = "beaglebone"
 KMACHINE:vm-x64 ?= "common-pc-64"
 COMPATIBLE_MACHINE:vm-x64 = "vm-x64"
 KERNEL_FEATURES:append:vm-x64=" cfg/virtio.scc cfg/paravirt_kvm.scc"
 SRC_URI:append:vm-x64 = " file://hyperv.cfg"
 SRC_URI += " file://eagle40-03.cfg"
--- a/layers/meta-belden-coreos-bsp/wic/beaglebone-sdcard.wks.in
+++ b/layers/meta-belden-coreos-bsp/wic/beaglebone-sdcard.wks.in
@ -13,8 +13,8 @@ part --offset 768S --source rawcopy --sourceparams="file=u-boot.img" --ondisk mm
 # Let's define a 4MiB maximum size for the bootloader
 # 4MiB => 4*1024*1024/512=8192S | 768S + 8192S => 8960S
 ${WKS_PART_EFI} --ondisk mmcblk0 --offset 8960S --fixed-size 32M
-${WKS_PART_EFIBOOTGUARD_A} --ondisk mmcblk0 --fixed-size ${PART_EFIBG_SIZE}
+${WKS_PART_EFIBOOTGUARD_A} --ondisk mmcblk0 --fixed-size 128M
-${WKS_PART_EFIBOOTGUARD_B} --ondisk mmcblk0 --fixed-size ${PART_EFIBG_SIZE}
+${WKS_PART_EFIBOOTGUARD_B} --ondisk mmcblk0 --fixed-size 128M
-${WKS_PART_ROOT_A} --ondisk mmcblk0 --fixed-size ${PART_ROOT_SIZE}
+${WKS_PART_ROOT_A} --ondisk mmcblk0 --fixed-size ${WKS_PART_ROOT_SIZE}
-${WKS_PART_ROOT_B} --ondisk mmcblk0 --fixed-size ${PART_ROOT_SIZE}
+${WKS_PART_ROOT_B} --ondisk mmcblk0 --fixed-size ${WKS_PART_ROOT_SIZE}
 bootloader --ptable gpt
--- a/layers/meta-belden-coreos-bsp/wic/generic-uefi-usb-installer.wks
+++ b/layers/meta-belden-coreos-bsp/wic/generic-uefi-usb-installer.wks
@ -1,16 +0,0 @@
 # short-description: Create USB image for Eagle 40-03
 # long-description: Creates a partitioned USB image for Eagle 40-03.
 # offset 1S => 1 sector (1x512 byte)
 # The bootloader can be at 4 different position in raw mode: 0S, 256S, 512S, 768S
 # MBR disk use only the sector 0, so 1S is free
 # GPT disk use sector 0-33S, so first free slot is 256S
 # Offset are from the BBB default settings
 # !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 # Don't name partition in the installer disk image, otherwise the installer may not work as it rely on partition label!
 # !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 part --offset 256S --source bootimg-partition --part-type=EF00 --ondisk mmcblk0
 part --fixed-size 3G --fstype=vfat --label=image
 bootloader --ptable gpt
--- a/layers/meta-belden-coreos-bsp/wic/generic-uefi.wks.in
+++ b/layers/meta-belden-coreos-bsp/wic/generic-uefi.wks.in
@ -1,11 +1,10 @@
 # short-description: Create an EFI disk image for genericx86*
 # long-description: Creates a partitioned EFI disk image for genericx86* machines
 ${WKS_PART_EFI} --ondisk sda  --align 1024 --size 64M --extra-space 0 --overhead-factor 1
 ${WKS_PART_ROOT_A} --ondisk sda --size ${WKS_PART_ROOT_SIZE} --extra-space 0 --overhead-factor 1
 ${WKS_PART_ROOT_B} --ondisk sda --size ${WKS_PART_ROOT_SIZE} --extra-space 0 --overhead-factor 1
 ${WKS_PART_EFIBOOTGUARD_A} --ondisk sda  --align 1024 --size 128M --extra-space 0 --overhead-factor 1
 ${WKS_PART_EFIBOOTGUARD_B} --ondisk sda  --align 1024 --size 128M --extra-space 0 --overhead-factor 1
-${WKS_PART_EFI} --align 1024 --size ${PART_EFI_SIZE} --extra-space 0 --overhead-factor 1
+part swap --ondisk sda --size 44 --label swap1 --fstype=swap
 ${WKS_PART_ROOT_A} --size ${PART_ROOT_SIZE} --extra-space 0 --overhead-factor 1
 ${WKS_PART_ROOT_B} --size ${PART_ROOT_SIZE} --extra-space 0 --overhead-factor 1
 ${WKS_PART_EFIBOOTGUARD_A} --align 1024 --size ${PART_EFIBG_SIZE} --extra-space 0 --overhead-factor 1
 ${WKS_PART_EFIBOOTGUARD_B} --align 1024 --size ${PART_EFIBG_SIZE} --extra-space 0 --overhead-factor 1
 ${WKS_PART_USERDATA} --size ${PART_USERDATA_SIZE} --extra-space 0 --overhead-factor 1
 bootloader --ptable gpt
--- a/layers/meta-belden-coreos-bsp/wic/qemu-efi-coreos-generic.wks.in
+++ b/layers/meta-belden-coreos-bsp/wic/qemu-efi-coreos-generic.wks.in
@ -2,11 +2,10 @@
 # long-description: Creates a partitioned EFI disk image that the user
 # can directly dd to boot media.
-part --source efibootguard-efi --label efi --part-type=EF00 --use-uuid --offset 20480S --size ${PART_EFI_SIZE} --extra-space 0 --overhead-factor 1
+part --source efibootguard-efi --label efi --part-type=EF00 --ondisk mmcblk1 --offset 20480S --size 64M --extra-space 0 --overhead-factor 1
-part / --source rootfs --fstype=ext4 --label rootfs0 --use-uuid --size ${PART_ROOT_SIZE} --extra-space 0 --overhead-factor 1
+part / --source rootfs --fstype=ext4 --label rootfs0 --ondisk mmcblk1 --size ${WKS_PART_ROOT_SIZE} --extra-space 0 --overhead-factor 1
-part --fstype=ext4 --label rootfs1 --use-uuid --size ${PART_ROOT_SIZE} --extra-space 0 --overhead-factor 1
+part --fstype=ext4 --label rootfs1 --ondisk mmcblk1 --size ${WKS_PART_ROOT_SIZE} --extra-space 0 --overhead-factor 1
-part --source efibootguard-boot --label ebg0 --part-type=0700 --sourceparams "args=coreos.root=rootfs0,watchdog=${EFIBOOTGUARD_TIMEOUT},revision=2,kernel=${COREOS_KERNEL_FILENAME};KERNEL.EFI" --use-uuid --align 1024 --size ${PART_EFIBG_SIZE} --extra-space 0 --overhead-factor 1
+part --source efibootguard-boot --label ebg0 --part-type=0700 --sourceparams "args=coreos.root=rootfs0,watchdog=${EFIBOOTGUARD_TIMEOUT},revision=2,kernel=${COREOS_KERNEL_FILENAME};KERNEL.EFI" --ondisk mmcblk1  --align 1024 --size 128M --extra-space 0 --overhead-factor 1
-part --source efibootguard-boot --label ebg1 --part-type=0700 --sourceparams "args=coreos.root=rootfs1,watchdog=${EFIBOOTGUARD_TIMEOUT},revision=1,kernel=${COREOS_KERNEL_FILENAME};KERNEL.EFI" --use-uuid --align 1024 --size ${PART_EFIBG_SIZE} --extra-space 0 --overhead-factor 1
+part --source efibootguard-boot --label ebg1 --part-type=0700 --sourceparams "args=coreos.root=rootfs1,watchdog=${EFIBOOTGUARD_TIMEOUT},revision=1,kernel=${COREOS_KERNEL_FILENAME};KERNEL.EFI" --ondisk mmcblk1  --align 1024 --size 128M --extra-space 0 --overhead-factor 1
 ${WKS_PART_USERDATA} --use-uuid --size ${PART_USERDATA_SIZE} --extra-space 0 --overhead-factor 1
 bootloader --ptable gpt
--- a/layers/meta-belden-coreos-demo/recipes-core/images/coreos-image-demo-k3s.bb
+++ b/layers/meta-belden-coreos-demo/recipes-core/images/coreos-image-demo-k3s.bb
@ -4,5 +4,3 @@ require recipes-core/images/coreos-image-all-features.bb
 IMAGE_INSTALL += "k3s-agent"
 # To use this image, please add k3s to DISTRO_FEATURE inside your
 # local.conf config file.
--- a/layers/meta-belden-coreos-demo/recipes-kernel/linux/linux-yocto_%.bbappend
+++ b/layers/meta-belden-coreos-demo/recipes-kernel/linux/linux-yocto_%.bbappend
@ -1 +0,0 @@
 FILESEXTRAPATHS:prepend := "${THISDIR}/files:"
--- a/layers/meta-belden-coreos/classes/coreos-image-ci.bbclass
+++ b/layers/meta-belden-coreos/classes/coreos-image-ci.bbclass
@ -3,7 +3,6 @@
 # > COREOS_IMAGE_EXTRACLASSES += "coreos-image-ci"
 # in auto.conf (or local.conf)
 inherit kernel-artifact-names
 def get_coreos_ci_artifacts(d):
    artifacts = []
@ -13,11 +12,11 @@ def get_coreos_ci_artifacts(d):
    # Container handling
    # ==========================================================================
-
+    
    if bb.utils.contains('IMAGE_FSTYPES', 'oci', True, False, d):
        artifacts.append(d.getVar('IMAGE_LINK_NAME') + '.rootfs-oci.tar')
-
+        
        # Special case for container, we just need the OCI tarball
        return " ".join(artifacts)
@ -26,14 +25,10 @@ def get_coreos_ci_artifacts(d):
    if bb.utils.contains('IMAGE_FSTYPES', 'wic.xz', True, False, d):
        artifacts.append(d.getVar('IMAGE_LINK_NAME') + '.wic.xz')
-
+    
    if bb.utils.contains('IMAGE_FSTYPES', 'wic.bmap', True, False, d):
        artifacts.append(d.getVar('IMAGE_LINK_NAME') + '.wic.bmap')
    # This is used for qemu-coreos-arm64
    if bb.utils.contains('IMAGE_FSTYPES', 'wic.qcow2', True, False, d):
        artifacts.append(d.getVar('IMAGE_LINK_NAME') + '.wic.qcow2')
    if d.getVar('COREOS_IMAGE_GENERATE_SWU') == '1':
        artifacts.append(d.getVar('IMAGE_LINK_NAME') + '.swu')
@ -95,5 +90,5 @@ do_deploy_ci() {
    for file in ${COREOS_CI_DEPLOY_ARTIFACTS}; do
        echo $file >> $output
    done
-}
+} 
 addtask deploy_ci after do_image before do_build
--- a/layers/meta-belden-coreos/classes/coreos-image-installer.bbclass
+++ b/layers/meta-belden-coreos/classes/coreos-image-installer.bbclass
@ -1,41 +0,0 @@
 # Class used to generate image based on Belden CoreOS
 export IMAGE_BASENAME = "${MLPREFIX}${PN}"
 IMAGE_NAME_SUFFIX ?= ""
 IMAGE_LINGUAS = ""
 LICENSE = "MIT"
 IMAGE_FSTYPES = "cpio.gz"
 # Support for generating a SDCard or USB installer is optional
 COREOS_INSTALLER_WKS_FILE ??= ""
 WKS_FILE = "${COREOS_INSTALLER_WKS_FILE}"
 IMAGE_FSTYPES += "${@'wic.xz wic.bmap' if d.getVar('COREOS_INSTALLER_WKS_FILE') else ''}"
 IMAGE_BOOT_FILES =  "${COREOS_KERNEL_FILENAME};EFI/BOOT/${EFI_BOOT_IMAGE}"
 COREOS_IMAGE_GENERATE_UKI = "1"
 # IMGDEPLOYDIR has to be used instead of DEPLOY_DIR_IMAGE here, because it will
 # run during image generation
 COREOS_UKI_PART_INITRAMFS = "${IMGDEPLOYDIR}/${IMAGE_BASENAME}-${MACHINE}.cpio.gz"
 COREOS_IMAGE_GENERATE_SWU = "0"
 # Change generated UKI filename and reset the bundled command line to "APPEND"
 # to ensure that root is not set in the kernel command line
 COREOS_KERNEL_NAME ?= "coreos-installer-${MACHINE}"
 COREOS_KERNEL_CMDLINE ?= "${APPEND}"
 inherit coreos-image
 # Only install a reduced set of package and feature to keep image size small
 IMAGE_INSTALL = "packagegroup-coreos-boot coreos-installer coreos-installer-unattended util-linux-sfdisk util-linux-fdisk util-linux-cfdisk efibootguard efibootguard-tools"
 IMAGE_FEATURES = "debug-tweaks swupdate"
 NO_RECOMMENDATIONS = "1"
 IMAGE_ROOTFS_SIZE = "8192"
 INITRAMFS_MAXSIZE = "976562"
 IMAGE_ROOTFS_EXTRA_SPACE = "0"
 # Use the same restriction as initramfs-module-install
 COMPATIBLE_HOST = '(x86_64.*|i.86.*|arm.*|aarch64.*)-(linux.*|freebsd.*)'
--- a/layers/meta-belden-coreos/classes/coreos-image.bbclass
+++ b/layers/meta-belden-coreos/classes/coreos-image.bbclass
@ -68,7 +68,6 @@ PACKAGE_EXCLUDE_COMPLEMENTARY:append = "${@bb.utils.contains_any('PACKAGE_INSTAL
 COREOS_IMAGE_BASE_INSTALL = "\
    packagegroup-coreos-boot \
    packagegroup-coreos-base \
    secure-storage \
    "
 COREOS_IMAGE_EXTRA_INSTALL ?= ""
@ -90,10 +89,8 @@ IMAGE_ROOTFS_EXTRA_SPACE:append = " ${@bb.utils.contains('DISTRO_FEATURES', 'sys
 # Unified kernel image and swupdate support
 # ==============================================================================
-# The CoreOS image installer is disabled by default.
+# Support for Unified Kernel Image and Swupdate are optional
-COREOS_IMAGE_GENERATE_INSTALLER ?= "0"
+COREOS_IMAGE_GENERATE_INSTALLER ?= "${@"1" if "efi" in d.getVar('COMBINED_FEATURES') and "swupdate" in d.getVar("DISTRO_FEATURES") else "0"}"
 # Support for Unified Kernel Image and Swupdate are optional.
 COREOS_IMAGE_GENERATE_UKI ?= "${@bb.utils.contains("COMBINED_FEATURES", "efi", "1", "0", d)}"
 COREOS_IMAGE_GENERATE_SWU ?= "${@"1" if "efi" in d.getVar('COMBINED_FEATURES') and "swupdate" in d.getVar("DISTRO_FEATURES") else "0"}"
--- a/layers/meta-belden-coreos/classes/coreos-sanity.bbclass
+++ b/layers/meta-belden-coreos/classes/coreos-sanity.bbclass
@ -13,8 +13,6 @@ addhandler check_coreos_sanity_eventhandler
 check_coreos_sanity_eventhandler[eventmask] = "bb.event.SanityCheck"
 python check_coreos_sanity_eventhandler() {
    import datetime
    # Checks related to the distribution configuration files
    # ==========================================================================
@ -31,22 +29,13 @@ python check_coreos_sanity_eventhandler() {
            "systemd is not set as `INIT_MANAGER`. "
            "Using SystemD is mandatory on CoreOS based distribution"
        )
-
+    
    if e.data.getVar("TCLIBC") != "glibc":
        bb.fatal(
            "glibc is not set as `TCLIBC`. "
            "Using glibc is mandatory on CoreOS based distribution"
        )
-
+    
    # Check if the timestamp for REPRODUCIBLE_TIMESTAMP_ROOTFS is still up to date
    first_of_year = datetime.datetime(datetime.date.today().year, 1, 1, tzinfo=datetime.timezone.utc)
    foy_ts = str(int(first_of_year.timestamp()))
    if e.data.getVar("REPRODUCIBLE_TIMESTAMP_ROOTFS") != foy_ts:
        bb.warn(
            "`REPRODUCIBLE_TIMESTAMP_ROOTFS` outdated!"
            "Set to current 01. january of the year."
        )
    # Checks related to the machine configuration files
    # ==========================================================================
@ -58,7 +47,7 @@ python check_coreos_sanity_eventhandler() {
                "CoreOS recommands to use compressed wic image, please add "
                "`wic.xz` to your machine `IMAGE_FSTYPES` variables"
            )
-
+        
        if not "wic.bmap":
            bb.warn(
                "wic image should be flashed with bmaptools, but this require "
--- a/layers/meta-belden-coreos/conf/distro/include/belden-coreos-base.inc
+++ b/layers/meta-belden-coreos/conf/distro/include/belden-coreos-base.inc
@ -2,11 +2,6 @@
 # it should support the most basic distro without optional coreos
 # features
 # Using :coreos override should work on all CoreOS based distro
 # Note that :belden-coreos does not work on CoreOS based distro but will
 # work when build for the belden-coreos distro
 DISTROOVERRIDES = "coreos:${DISTRO}"
 INHERIT += "coreos_metadata_scm"
 # Distro features and policies
@ -111,8 +106,3 @@ PACKAGECONFIG:pn-systemd ?= " \
 # Distro based on CoreOS can provide their own configuration files for the
 # CoreOS installer by overriding this variable
 PREFERRED_PROVIDER_coreos-installer-config ??= "coreos-installer-config"
 # This TS represents 01.01.2024 generating it dynamically would cause a lot of
 # things to get re-build, we need a good solution for this or change it every
 # year
 REPRODUCIBLE_TIMESTAMP_ROOTFS = "1704067200"
--- a/layers/meta-belden-coreos/conf/distro/include/coreos-support.inc
+++ b/layers/meta-belden-coreos/conf/distro/include/coreos-support.inc
@ -1,149 +0,0 @@
 COREOS_RECIPE_MAINTAINER:pn-acl = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-arptables = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-attr = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-autoconf-archive = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-base-files = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-base-passwd = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-bash-completion = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-bash = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-binutils-cross-x86_64 = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-boost = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-bridge-utils = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-busybox = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-bzip2 = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-ca-certificates = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-conntrack-tools = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-coreutils = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-cppzmq = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-cracklib = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-cryptsetup = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-curl = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-dbus = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-depmodwrapper-cross = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-e2fsprogs = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-ebtables = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-efibootguard = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-elfutils = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-ethtool = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-expat = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-findutils = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-flatbuffers = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-flex = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-fmt = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-gawk = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-gcc-cross-x86_64 = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-gcc-runtime = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-gcc-source-11.4.0 = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-gdbm = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-glib-2.0 = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-glibc = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-glibc-locale = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-gmp = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-gnu-efi = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-gnutls = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-grub-bootconf = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-grub = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-grub-efi = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-icu = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-iproute2 = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-iptables = "Team CoreOS"
 #iw should be removed
 COREOS_RECIPE_MAINTAINER:pn-json-c = "Team CoreOS"
 # kbd check if it can be removed
 # kmod check if it can be removed
 COREOS_RECIPE_MAINTAINER:pn-libaio = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libarchive = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libcap = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libcap-ng = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libcheck = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libconfig = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libdevmapper = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libestr = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libfastjson = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libffi = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libgcc = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libgcc-initial = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libgcrypt = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libgpg-error = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libidn2 = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-liblogging = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libmnl = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libnet = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libnetfilter-conntrack = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libnetfilter-cthelper = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libnetfilter-cttimeout = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libnetfilter-log = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libnetfilter-queue = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libnfnetlink = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libnl = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libnsl2 = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libpam = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libpcap = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libpcre = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libseccomp = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libsodium = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libsolv = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libssh2 = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libssh = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libtirpc = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libtool-cross = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libunistring = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libusb1 = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libxcrypt = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-libxml2 = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-linux-libc-headers = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-linux-yocto = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-logrotate = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-lrzsz = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-lvm2 = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-lzo = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-m4 = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-mtools = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-ncurses = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-netbase = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-nettle = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-openssh = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-openssl = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-opkg-arch-config = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-opkg = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-opkg-utils = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-os-release = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-packagegroup-base = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-packagegroup-core-boot = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-packagegroup-coreos-base = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-packagegroup-coreos-boot = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-pciutils = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-perl = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-popt = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-python3 = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-qemuwrapper-cross = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-readline = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-rsyslog = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-run-postinsts = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-secure-storage = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-setserial = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-sh = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-shared-mime-info = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-spdlog = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-sqlite3 = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-swupdate = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-sysfsutils = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-syslinux = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-syslog-ng = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-systemd-bootconf = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-systemd-boot = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-systemd-conf = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-systemd = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-systemd-serialgetty = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-tar = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-tcpdump = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-usbutils = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-util-linux = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-util-linux-libuuid = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-volatile-binds = "Team CoreOS"
 # wpa-supplicant should be removed
 COREOS_RECIPE_MAINTAINER:pn-xz = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-zeromq = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-zip = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-zlib = "Team CoreOS"
 COREOS_RECIPE_MAINTAINER:pn-zstd = "Team CoreOS"
--- a/layers/meta-belden-coreos/recipes-bsp/efi/efi-secureboot-keys.bb
+++ b/layers/meta-belden-coreos/recipes-bsp/efi/efi-secureboot-keys.bb
@ -0,0 +1,33 @@
 SUMMARY = "A recipe to deploy UEFI public keys update files"
 LICENSE = "CLOSED"
 INHIBIT_DEFAULT_DEPS = "1"
 inherit nopackages
 inherit deploy
 inherit coreos-efi-secureboot
 # Public key needed by firmware very depending on the implementation
 # So we copy all type of public key (*.auth, *.esl, *.crt, *der)
 addtask deploy after do_compile
 do_deploy() {
    install -D -m 644 ${COREOS_EFI_SECUREBOOT_KEYDIR}/KEK.auth ${DEPLOYDIR}/KEK.auth
    install -D -m 644 ${COREOS_EFI_SECUREBOOT_KEYDIR}/db.auth ${DEPLOYDIR}/db.auth
    install -D -m 644 ${COREOS_EFI_SECUREBOOT_KEYDIR}/PK.auth ${DEPLOYDIR}/PK.auth
    install -D -m 644 ${COREOS_EFI_SECUREBOOT_KEYDIR}/KEK.esl ${DEPLOYDIR}/KEK.esl
    install -D -m 644 ${COREOS_EFI_SECUREBOOT_KEYDIR}/db.esl ${DEPLOYDIR}/db.esl
    install -D -m 644 ${COREOS_EFI_SECUREBOOT_KEYDIR}/PK.esl ${DEPLOYDIR}/PK.esl
    install -D -m 644 ${COREOS_EFI_SECUREBOOT_KEYDIR}/KEK.crt ${DEPLOYDIR}/KEK.crt
    install -D -m 644 ${COREOS_EFI_SECUREBOOT_KEYDIR}/db.crt ${DEPLOYDIR}/db.crt
    install -D -m 644 ${COREOS_EFI_SECUREBOOT_KEYDIR}/PK.crt ${DEPLOYDIR}/PK.crt
    install -D -m 644 ${COREOS_EFI_SECUREBOOT_KEYDIR}/KEK.der ${DEPLOYDIR}/KEK.der
    install -D -m 644 ${COREOS_EFI_SECUREBOOT_KEYDIR}/db.der ${DEPLOYDIR}/db.der
    install -D -m 644 ${COREOS_EFI_SECUREBOOT_KEYDIR}/PK.der ${DEPLOYDIR}/PK.der
    # !SECURITY WARNING! 
    # .key file are not copied to DEPLOYDIR, as they contains the PRIVATE keys
 }
--- a/layers/meta-belden-coreos/recipes-bsp/efibootguard/efibootguard_%.bbappend
+++ b/layers/meta-belden-coreos/recipes-bsp/efibootguard/efibootguard_%.bbappend
@ -9,8 +9,6 @@ SRC_URI += "file://0001-coreos-add-a-coreos-specific-rootfs-switch-to-the-UK.pat
 # Add signature support
 # ==============================================================================
 DEPENDS:append = " cos-certificates-and-keys-native"
 inherit coreos-efi-sbsign
 require conf/image-uefi.conf
--- a/layers/meta-belden-coreos/recipes-bsp/u-boot/u-boot_%.bbappend
+++ b/layers/meta-belden-coreos/recipes-bsp/u-boot/u-boot_%.bbappend
@ -1,5 +0,0 @@
 # Add CoreOS distro settings to u-boot
 UBOOT_COREOS_REQUIRE:coreos ?= "u-boot-coreos.inc"
 UBOOT_COREOS_REQUIRE ?= ""
 require ${UBOOT_COREOS_REQUIRE}
--- a/layers/meta-belden-coreos/recipes-core/images/coreos-image-all-features.bb
+++ b/layers/meta-belden-coreos/recipes-core/images/coreos-image-all-features.bb
@ -10,6 +10,3 @@ IMAGE_INSTALL:append = "${@bb.utils.contains("IMAGE_FEATURES", "swupdate", " swu
 # development tools
 IMAGE_INSTALL:append = " systemd-analyze"
 # Enable the optional image installer
 COREOS_IMAGE_GENERATE_INSTALLER = "1"
--- a/layers/meta-belden-coreos/recipes-core/images/coreos-image-installer.bb
+++ b/layers/meta-belden-coreos/recipes-core/images/coreos-image-installer.bb
@ -1,4 +1,50 @@
 DESCRIPTION = "Initramfs image with the CoreOS emmc installer"
 # Don't reboot the device at reboot and don't do A/B switching
 BAD_RECOMMENDATIONS = "swupdate-progress swupdate-coreos-config"
 export IMAGE_BASENAME = "${MLPREFIX}${PN}"
 IMAGE_NAME_SUFFIX ?= ""
 IMAGE_LINGUAS = ""
 LICENSE = "MIT"
-inherit coreos-image-installer
+IMAGE_FSTYPES = "cpio.gz"
 # Support for generating a SDCard installer is optional
 COREOS_INSTALLER_WKS_FILE ??= ""
 WKS_FILE = "${COREOS_INSTALLER_WKS_FILE}"
 IMAGE_FSTYPES += "${@'wic.xz wic.bmap' if d.getVar('COREOS_INSTALLER_WKS_FILE') else ''}"
 IMAGE_BOOT_FILES =  "${COREOS_KERNEL_FILENAME};EFI/BOOT/${EFI_BOOT_IMAGE}"
 COREOS_IMAGE_GENERATE_UKI = "1"
 # Avoid dependancy loop, we are already in an installer image, so we don't need
 # to bundle another one
 COREOS_IMAGE_GENERATE_INSTALLER = "0"
 # IMGDEPLOYDIR has to be used instead of DEPLOY_DIR_IMAGE here, because it will
 # run during image generation
 COREOS_UKI_PART_INITRAMFS = "${IMGDEPLOYDIR}/${IMAGE_BASENAME}-${MACHINE}.cpio.gz"
 COREOS_IMAGE_GENERATE_SWU = "0"
 # Change generated UKI filename and reset the bundled command line to "APPEND"
 # to ensure that root is not set in the kernel command line
 COREOS_KERNEL_NAME ?= "coreos-installer-${MACHINE}"
 COREOS_KERNEL_CMDLINE ?= "${APPEND}"
 inherit coreos-image
 # Only install a reduced set of package and feature to keep image size small
 IMAGE_INSTALL = "packagegroup-coreos-boot coreos-installer swupdate-www util-linux-sfdisk util-linux-fdisk util-linux-cfdisk efibootguard efibootguard-tools"
 IMAGE_FEATURES = "debug-tweaks swupdate networkmanager"
 NO_RECOMMENDATIONS = "1"
 IMAGE_ROOTFS_SIZE = "8192"
 INITRAMFS_MAXSIZE = "976562"
 IMAGE_ROOTFS_EXTRA_SPACE = "0"
 # Use the same restriction as initramfs-module-install
 COMPATIBLE_HOST = '(x86_64.*|i.86.*|arm.*|aarch64.*)-(linux.*|freebsd.*)'
--- a/layers/meta-belden-coreos/recipes-core/packagegroups/packagegroup-coreos-base.bb
+++ b/layers/meta-belden-coreos/recipes-core/packagegroups/packagegroup-coreos-base.bb
@ -15,7 +15,7 @@ COREOS_IMAGE_EFI_PROVIDER_EXTRA = " \
 "
 RDEPENDS:${PN} = "\
-    packagegroup-base \
+    packagegroup-base-extended \
    os-release \
    ${@bb.utils.contains("MACHINE_FEATURES", "efi", "${COREOS_IMAGE_EFI_PROVIDER_EXTRA}", "", d)} \
 "
--- a/layers/meta-belden-coreos/recipes-core/systemd/systemd-conf/system.conf-watchdog
+++ b/layers/meta-belden-coreos/recipes-core/systemd/systemd-conf/system.conf-watchdog
@ -1,2 +0,0 @@
 [Manager]
 RuntimeWatchdogSec=5
--- a/layers/meta-belden-coreos/recipes-core/systemd/systemd_%.bbappend
+++ b/layers/meta-belden-coreos/recipes-core/systemd/systemd_%.bbappend
@ -1,15 +0,0 @@
 FILESEXTRAPATHS:prepend := "${THISDIR}/systemd-conf:"
 SRC_URI += " file://system.conf-watchdog"
 do_install:append(){
 	# the creation date/time of this file will be used as initial boot time.
 	# Creation time will be set to REPRODUCIBLE_TIMESTAMP_ROOTFS
 	# More info about the date/time handling here:
 	# https://www.freedesktop.org/software/systemd/man/latest/systemd-timesyncd.service.html
 	touch ${D}/${base_libdir}/clock-epoch
 	install -D -m0644 ${WORKDIR}/system.conf-watchdog ${D}${systemd_unitdir}/system.conf.d/01-${PN}-watchdog.conf
 }
 FILES:${PN} += "${base_libdir}/clock-epoch"
--- a/layers/meta-belden-coreos/recipes-coreos/coreos-installer/coreos-installer-unattended/99-overwrite.sh
+++ b/layers/meta-belden-coreos/recipes-coreos/coreos-installer/coreos-installer-unattended/99-overwrite.sh
@ -1,23 +0,0 @@
 #!/usr/bin/env sh
 # catch errors from previous source files
 if [ "$SWUPDATE_EXIT" != "" ]; then
  # Notify the installation status indicator about the failed installation.
  # This can result in the red LED lighting up.
  dbus-send --system /org/belden/CoreOSInstallationStatusIndicator org.belden.CoreOSInstallationStatusIndicator.InstallationStatusFailure
  exit 1
 fi
 # Notify the installation status indicator about the success with partitioning
 # the blockdevice. This can result in the first green LED lighting up.
 dbus-send --system /org/belden/CoreOSInstallationStatusIndicator org.belden.CoreOSInstallationStatusIndicator.InstallationStatusPartitioningSuccess
 mount /dev/disk/by-label/image /mnt
 if [ ! -f "/mnt/image.swu" ]; then
  echo "Could not find image.swu on the vfat partition!"
  dbus-send --system /org/belden/CoreOSInstallationStatusIndicator org.belden.CoreOSInstallationStatusIndicator.InstallationStatusFailure
  exit 1
 fi
 SWUPDATE_ARGS="${SWUPDATE_ARGS} -p /usr/lib/swupdate/post-install.sh"
 SWUPDATE_ARGS="${SWUPDATE_ARGS} -i /mnt/image.swu"
--- a/layers/meta-belden-coreos/recipes-coreos/coreos-installer/coreos-installer-unattended/post-install.sh
+++ b/layers/meta-belden-coreos/recipes-coreos/coreos-installer/coreos-installer-unattended/post-install.sh
@ -1,5 +0,0 @@
 #!/usr/bin/env sh
 # Notify the installation status indicator about the success with flashing the image.
 # This can result in the second green LED lighting up.
 dbus-send --system /org/belden/CoreOSInstallationStatusIndicator org.belden.CoreOSInstallationStatusIndicator.InstallationStatusImageFlashingSuccess
--- a/layers/meta-belden-coreos/recipes-coreos/coreos-installer/coreos-installer-unattended_1.0.bb
+++ b/layers/meta-belden-coreos/recipes-coreos/coreos-installer/coreos-installer-unattended_1.0.bb
@ -1,23 +0,0 @@
 DESCRIPTION = "CoreOS scripts for unattended installation"
 SECTION = "coreos"
 LICENSE = "CLOSED"
 SRC_URI += "\
    file://99-overwrite.sh \
    file://post-install.sh \
 "
 FILES:${PN} = "\
    ${libdir}/swupdate/conf.d/99-overwrite.sh \
    ${libdir}/swupdate/post-install.sh \
 "
 RDEPENDS:${PN} = "coreos-installer"
 RCONFLICTS:${PN} = "swupdate-www"
 do_install() {
    install -d ${D}${libdir}/swupdate/conf.d
    install -m 755 ${WORKDIR}/post-install.sh ${D}${libdir}/swupdate/
    install -m 755 ${WORKDIR}/99-overwrite.sh ${D}${libdir}/swupdate/conf.d/
 }
--- a/layers/meta-belden-coreos/recipes-coreos/coreos-installer/coreos-installer/25-installer-config.sh
+++ b/layers/meta-belden-coreos/recipes-coreos/coreos-installer/coreos-installer/25-installer-config.sh
@ -1,8 +1,5 @@
 #!/usr/bin/env sh
 set -o errtrace
 trap 'echo "An error occured in line $LINENO: $BASH_COMMAND, exiting..."; SWUPDATE_EXIT=1; exit;' ERR
 # Read /etc/hwrevision and turn it into a stripped string
 # with the format ${MACHINE}_${VERSION}
 HWREVISION=$(tr ' ' '_' < /etc/hwrevision | tr -d '[:space:]')
@ -18,13 +15,6 @@ fi
 DISK=$(grep "^device:\s" < "${SFDISK_DUMP_FILE}" | cut -d ' ' -f 2)
 # Remove the partition table signature, if there is already one.
 # This ensures that sfdisk always finds a 'clean' disk to install / recover
 wipefs -a -f ${DISK}
 # Give the kernel some time to reload the partition
 sleep 3
 echo "Flashing ${SFDISK_DUMP_FILE} to ${DISK}"
 cat "${SFDISK_DUMP_FILE}"
 sfdisk "${DISK}" < "${SFDISK_DUMP_FILE}"
@ -58,4 +48,3 @@ umount /mnt/ebg1
 umount /mnt/efi
 SWUPDATE_ARGS="${SWUPDATE_ARGS} -e stable,copy0"
 SWUPDATE_ARGS="${SWUPDATE_ARGS} -k /usr/lib/swupdate/swupdate.crt"
--- a/layers/meta-belden-coreos/recipes-coreos/coreos-installer/coreos-installer_1.0.bb
+++ b/layers/meta-belden-coreos/recipes-coreos/coreos-installer/coreos-installer_1.0.bb
@ -1,18 +1,22 @@
 DESCRIPTION = "CoreOS Installer scripts"
 SECTION = "coreos"
 LICENSE = "CLOSED"
 SECTION = "coreos"
-SRC_URI += "file://25-installer-config.sh"
+SRC_URI+= " \
    file://25-installer-config.sh \
 "
-FILES:${PN} = "${libdir}/swupdate/conf.d/25-installer-config.sh"
+# This package ship an alternate configuration for SWUpade to disable A/B
 # switching and always flash A
 RCONFLICTS:${PN}= "swupdate-coreos-config"
 FILES:${PN} = " \
    ${libdir}/swupdate/conf.d/25-installer-config.sh \
 "
 # glibc-utils provide iconv
 # glibc-gconv-utf-16 provide utf-16 support to iconv
-RDEPENDS:${PN} = "coreos-installer-config dosfstools glibc-gconv-utf-16 glibc-utils util-linux-lsblk util-linux-sfdisk util-linux-wipefs"
+RDEPENDS:${PN} = "coreos-installer-config dosfstools util-linux-lsblk util-linux-sfdisk glibc-utils glibc-gconv-utf-16"
 # This package ships an alternate configuration for SWUpdate to disable A/B
 # switching and always flash A
 RCONFLICTS:${PN} = "swupdate-coreos-config"
 do_install() {
    install -d ${D}${libdir}/swupdate/conf.d
--- a/layers/meta-belden-coreos/recipes-kernel/linux/files/secure-storage.cfg
+++ b/layers/meta-belden-coreos/recipes-kernel/linux/files/secure-storage.cfg
@ -1,4 +0,0 @@
 CONFIG_BLK_DEV_DM=y
 CONFIG_KEYS=y
 CONFIG_ENCRYPTED_KEYS=y
 CONFIG_DM_CRYPT=y
--- a/layers/meta-belden-coreos/recipes-kernel/linux/linux-yocto-coreos.inc
+++ b/layers/meta-belden-coreos/recipes-kernel/linux/linux-yocto-coreos.inc
@ -1,8 +0,0 @@
 FILESEXTRAPATHS:prepend := "${THISDIR}/files:"
 # Secure Storage
 # ==============================================================================
 SRC_URI += "file://secure-storage.cfg"
 # Ensure the Kernel EFI STUB is enabled
 KERNEL_FEATURES += "cfg/efi.scc cfg/efi-ext.scc"
--- a/layers/meta-belden-coreos/recipes-kernel/linux/linux-yocto_%.bbappend
+++ b/layers/meta-belden-coreos/recipes-kernel/linux/linux-yocto_%.bbappend
@ -1,6 +0,0 @@
 # Add CoreOS distro settings to the linux-yocto recipes
 LINUX_YOCTO_COREOS_REQUIRE ?= ""
 LINUX_YOCTO_COREOS_REQUIRE:coreos = "linux-yocto-coreos.inc"
 require ${LINUX_YOCTO_COREOS_REQUIRE}
--- a/layers/meta-belden-coreos/recipes-security/cos-certificates-and-keys/cos-certificates-and-keys-native_1.0.bb
+++ b/layers/meta-belden-coreos/recipes-security/cos-certificates-and-keys/cos-certificates-and-keys-native_1.0.bb
@ -1,65 +0,0 @@
 SUMMARY = "Installs CoreOS certificates and keys"
 DESCRIPTION = "Installs CoreOS certificates and keys that are used during the build"
 AUTHOR = "Patrick Vogelaar"
 LICENSE = "CLOSED"
 SRC_URI = "git://git@bitbucket.gad.local:7999/ico/development-keys.git;protocol=ssh;branch=master"
 SRCREV = "2b5d6941ea8759db90f07e195bb1855f618cccb7"
 S = "${WORKDIR}/git"
 inherit deploy native
 CERTIFICATES_AND_KEYS_DIR ?= "${datadir}/keys/"
 #FILES:${PN} += "${CERTIFICATES_AND_KEYS_DIR}/*"
 do_install() {
    install -d "${D}/${CERTIFICATES_AND_KEYS_DIR}"
    install -m 755 ${S}/db.auth ${D}/${CERTIFICATES_AND_KEYS_DIR}/db.auth
    install -m 755 ${S}/db.crt ${D}/${CERTIFICATES_AND_KEYS_DIR}/db.crt
    install -m 755 ${S}/db.der ${D}/${CERTIFICATES_AND_KEYS_DIR}/db.der
    install -m 755 ${S}/db.esl ${D}/${CERTIFICATES_AND_KEYS_DIR}/db.esl
    install -m 755 ${S}/db.key ${D}/${CERTIFICATES_AND_KEYS_DIR}/db.key
    install -m 755 ${S}/KEK.auth ${D}/${CERTIFICATES_AND_KEYS_DIR}/KEK.auth
    install -m 755 ${S}/KEK.crt ${D}/${CERTIFICATES_AND_KEYS_DIR}/KEK.crt
    install -m 755 ${S}/KEK.der ${D}/${CERTIFICATES_AND_KEYS_DIR}/KEK.der
    install -m 755 ${S}/KEK.esl ${D}/${CERTIFICATES_AND_KEYS_DIR}/KEK.esl
    install -m 755 ${S}/KEK.key ${D}/${CERTIFICATES_AND_KEYS_DIR}/KEK.key
    install -m 755 ${S}/PK.auth ${D}/${CERTIFICATES_AND_KEYS_DIR}/PK.auth
    install -m 755 ${S}/PK.crt ${D}/${CERTIFICATES_AND_KEYS_DIR}/PK.crt
    install -m 755 ${S}/PK.der ${D}/${CERTIFICATES_AND_KEYS_DIR}/PK.der
    install -m 755 ${S}/PK.esl ${D}/${CERTIFICATES_AND_KEYS_DIR}/PK.esl
    install -m 755 ${S}/PK.key ${D}/${CERTIFICATES_AND_KEYS_DIR}/PK.key
    install -m 755 ${S}/swupdate.crt ${D}/${CERTIFICATES_AND_KEYS_DIR}/swupdate.crt
    install -m 755 ${S}/swupdate.key ${D}/${CERTIFICATES_AND_KEYS_DIR}/swupdate.key
    bbwarn "Development certificates and keys are added into the image (UNSECURE)! This image must not be released!"
 }
 # Public key needed by firmware very depending on the implementation
 # So we copy all type of public key (*.auth, *.esl, *.crt, *der)
 addtask deploy after do_compile
 do_deploy() {
    install -D -m 644 ${S}/KEK.auth ${DEPLOYDIR}/KEK.auth
    install -D -m 644 ${S}/db.auth ${DEPLOYDIR}/db.auth
    install -D -m 644 ${S}/PK.auth ${DEPLOYDIR}/PK.auth
    install -D -m 644 ${S}/KEK.esl ${DEPLOYDIR}/KEK.esl
    install -D -m 644 ${S}/db.esl ${DEPLOYDIR}/db.esl
    install -D -m 644 ${S}/PK.esl ${DEPLOYDIR}/PK.esl
    install -D -m 644 ${S}/KEK.crt ${DEPLOYDIR}/KEK.crt
    install -D -m 644 ${S}/db.crt ${DEPLOYDIR}/db.crt
    install -D -m 644 ${S}/PK.crt ${DEPLOYDIR}/PK.crt
    install -D -m 644 ${S}/KEK.der ${DEPLOYDIR}/KEK.der
    install -D -m 644 ${S}/db.der ${DEPLOYDIR}/db.der
    install -D -m 644 ${S}/PK.der ${DEPLOYDIR}/PK.der
    # !SECURITY WARNING!
    # .key file are not copied to DEPLOYDIR, as they contains the PRIVATE keys
 }
--- a/layers/meta-belden-coreos/recipes-security/secure-storage/files/sec-storage-loopback.sh
+++ b/layers/meta-belden-coreos/recipes-security/secure-storage/files/sec-storage-loopback.sh
@ -1,93 +0,0 @@
 #!/usr/bin/env sh
 loopdir=/usr/local/data/loopdevices
 loopfile=$loopdir/crypt.loop
 keyfiledir=/usr/local/data/.crypto
 keyfile=$keyfiledir/ss_crypto.keyfile
 #megabytes
 loopsize=16
 #/dev/mapper/xxxxx when open
 cryptmapper=secStorage
 makefilesystem=ext4
 #mountpoint of uncrypted device
 mountpoint=/usr/local/data/secure-storage
 create_keyfile() {
 	# echo "Create key file"
 	systemd-notify --status="Create key file"
 	mkdir -p $keyfiledir
 	dd if=/dev/urandom of=$keyfile bs=1 count=256
 	chown root:root $keyfiledir/*
 	chmod 000 $keyfiledir/*
 }
 error() {
 	echo "Error: $1"
 	exit $?
 }
 #creates a new file
 create_loopback_and_open() {
 	# echo "Creating a file with random bits.. this could take a while..."
 	systemd-notify --status="Creating a file with random bits.. this could take a while..."
 	mkdir -p $loopdir || error "Creating loopdir"
 	mkdir -p $mountpoint || error "Creating mountpoint"
 	dd if=/dev/urandom of=$loopfile bs=1M count=$loopsize || error "Creating loopfile"
 	loopdevice=$(losetup -f --show $loopfile) || error "Setting up loop device"
 	echo "Selected loop device: $loopdevice"
 	cryptsetup luksFormat -q --key-file $keyfile $loopdevice || error "Setting up encrypted loop device"
 	cryptsetup open --key-file $keyfile $loopdevice $cryptmapper || error "Opening encrypted loop device"
 	mkfs.$makefilesystem /dev/mapper/$cryptmapper || error "Creating encrypted FS"
 	mount /dev/mapper/$cryptmapper $mountpoint || error "Mounting encrypted FS"
 	systemd-notify --ready --status="Sucessfully mounted secure storage"
 }
 #mounts crypted loopback file
 open() {
 	#echo "Open secure-storage"
 	systemd-notify --status="Open secure storage"
 	loopdevice=$(losetup -f --show $loopfile) || error "Setting up loop device"
 	echo "Selected loop device: $ld"
 	cryptsetup open --key-file $keyfile $loopdevice $cryptmapper || error "Opening encrypted loop device"
 	mount /dev/mapper/$cryptmapper $mountpoint || error "Mounting encrypted FS"
 	systemd-notify --ready --status="Sucessfully mounted secure storage"
 }
 #unmounts previously mounted loopback file
 close() {
 	echo "Close secure-storage"
 	# get loopdevice
 	loopdevice=$(losetup --list --noheadings --output NAME,BACK-FILE | grep crypt.loop | awk '{print $1}')
 	umount $mountpoint
 	cryptsetup close $cryptmapper
 	losetup -d $loopdevice
 }
 if [ $# -eq 1 ]
 then
 	#echo "Parameter detected"
 	$1
 	exit 0
 fi
 if [ -e $keyfile ]
 then
 	#echo "Key file available"
 	if [ -e $loopfile ]
 	then
 		#echo "Loop file available"
 		open
 	else
 		#echo "Loop file not available"
 		create_loopback_and_open
 	fi
 else
 	#echo "Key file not available"
 	create_keyfile
 	create_loopback_and_open
 fi
--- a/layers/meta-belden-coreos/recipes-security/secure-storage/files/secure-storage.service
+++ b/layers/meta-belden-coreos/recipes-security/secure-storage/files/secure-storage.service
@ -1,12 +0,0 @@
 [Unit]
 Description=Secure Storage Service
 RequiresMountsFor=/usr/local/data
 [Service]
 Type=notify
 ExecStart=/usr/bin/sec-storage-loopback.sh
 TimeoutSec=300
 [Install]
 WantedBy=local-fs.target
--- a/layers/meta-belden-coreos/recipes-security/secure-storage/secure-storage_1.0.bb
+++ b/layers/meta-belden-coreos/recipes-security/secure-storage/secure-storage_1.0.bb
@ -1,34 +0,0 @@
 SUMMARY = "Provides a Secure Storage"
 DESCRIPTION = "The secure storage is a loopback mount that is encrypted. It protects data in rest"
 AUTHOR = "Patrick Vogelaar"
 LICENSE = "CLOSED"
 SRC_URI = "\
    file://sec-storage-loopback.sh \
    file://secure-storage.service \
    "
 S = "${WORKDIR}"
 inherit systemd
 FILES:${PN} += "\
    /usr/local/data/ \
    ${systemd_unitdir}/system \
    ${bindir}/sec-storage-loopback.sh \
    ${systemd_unitdir}/system/secure-storage.service \
    "
 do_install() {
    install -d ${D}$/usr/local/data/
    install -d ${D}${bindir}
    install -m 0731 ${S}/sec-storage-loopback.sh ${D}${bindir}/sec-storage-loopback.sh
    install -d ${D}${systemd_unitdir}/system
    install -m 0644 ${S}/secure-storage.service ${D}${systemd_unitdir}/system
 }
 SYSTEMD_SERVICE:${PN} = "secure-storage.service"
 SYSTEMD_AUTO_ENABLE = "enable"
 RDEPENDS:${PN} += "cryptsetup util-linux-losetup e2fsprogs-mke2fs"
--- a/layers/meta-belden-coreos/recipes-support/swupdate/swupdate/defconfig
+++ b/layers/meta-belden-coreos/recipes-support/swupdate/swupdate/defconfig
@ -24,7 +24,6 @@ CONFIG_DISKPART=y
 CONFIG_DISKPART_FORMAT=y
 CONFIG_FAT_FILESYSTEM=y
 CONFIG_EXT_FILESYSTEM=y
 CONFIG_SIGNED=y
 CONFIG_SIGNED_IMAGES=y
 CONFIG_SIGALG_RAWRSA=n
 CONFIG_SIGALG_CMS=y
--- a/layers/meta-belden-coreos/recipes-support/swupdate/swupdate_%.bbappend
+++ b/layers/meta-belden-coreos/recipes-support/swupdate/swupdate_%.bbappend
@ -5,8 +5,6 @@ REQUIRED_DISTRO_FEATURES = "swupdate"
 # same file in meta-swupdate
 FILESEXTRAPATHS:prepend := "${THISDIR}/swupdate:"
 DEPENDS += "cos-certificates-and-keys-native"
 SRC_URI += "\
    file://50-webserver-config.sh \
    file://25-sw-collections-config.sh \
@ -48,6 +46,3 @@ do_install:append() {
    install -m 755 ${COREOS_EFI_SECUREBOOT_KEYDIR}/swupdate.crt ${D}${libdir}/swupdate/
    echo "${MACHINE} 1.0" > ${D}${sysconfdir}/hwrevision
 }
 # Fix: libgcc_s.so.1 must be installed for pthread_exit to work
 RDEPENDS:${PN} += "libgcc"
--- a/layers/meta-belden-marvell-bsp/conf/layer.conf
+++ b/layers/meta-belden-marvell-bsp/conf/layer.conf
@ -9,5 +9,5 @@ BBFILE_COLLECTIONS += "meta-belden-marvell-bsp"
 BBFILE_PATTERN_meta-belden-marvell-bsp = "^${LAYERDIR}/"
 BBFILE_PRIORITY_meta-belden-marvell-bsp = "6"
-LAYERDEPENDS_meta-belden-marvell-bsp = "core meta-belden-coreos meta-arm"
+LAYERDEPENDS_meta-belden-marvell-bsp = "core meta-belden-coreos"
 LAYERSERIES_COMPAT_meta-belden-marvell-bsp = "kirkstone"
--- a/layers/meta-belden-marvell-bsp/recipes-bsp/trusted-firmware-a/files/0001-ddr-spd-read-failover-to-defualt-config.patch
+++ b/layers/meta-belden-marvell-bsp/recipes-bsp/trusted-firmware-a/files/0001-ddr-spd-read-failover-to-defualt-config.patch
@ -1,14 +1,14 @@
-From 3f8f24cf82848ef1778f3e1d0a0607d4860dd4f3 Mon Sep 17 00:00:00 2001
+From 5aeea052b30604b2f8640960b775cee0f5c877cb Mon Sep 17 00:00:00 2001
 From: Alon Rotman <alon.rotman@solid-run.com>
 Date: Mon, 22 Nov 2021 13:33:25 +0200
-Subject: [PATCH] ddr spd read failover to defualt config
+Subject: [PATCH 2/2] ddr spd read failover to defualt config
 ---
 .../octeontx/otx2/t91/t9130/board/dram_port.c | 100 ++++++++++++++++--
 1 file changed, 93 insertions(+), 7 deletions(-)
 diff --git a/plat/marvell/octeontx/otx2/t91/t9130/board/dram_port.c b/plat/marvell/octeontx/otx2/t91/t9130/board/dram_port.c
-index 82ce07b09..bb7814e9b 100644
+index 0befadfc6..5de71f095 100644
 --- a/plat/marvell/octeontx/otx2/t91/t9130/board/dram_port.c
 +++ b/plat/marvell/octeontx/otx2/t91/t9130/board/dram_port.c
@@ -33,7 +33,7 @@ struct mv_ddr_iface dram_iface_ap0 = {
@ -148,7 +148,7 @@ index 82ce07b09..bb7814e9b 100644
 {
 	struct mv_ddr_topology_map *tm = mv_ddr_topology_map_get();
@@ -152,7 +236,9 @@ void plat_marvell_dram_update_topology(void)
- 		i2c_write(I2C_SPD_P0_ADDR, 0x0, 1, tm->spd_data.all_bytes, 0);
+ 		i2c_write(I2C_SPD_P0_ADDR, 0x0, 1, tm->spd_data.all_bytes, 1);
 		/* read data from spd */
 -		i2c_read(I2C_SPD_ADDR, 0x0, 1, tm->spd_data.all_bytes,
@ -159,3 +159,6 @@ index 82ce07b09..bb7814e9b 100644
 +			set_param_based_on_som_strap();
 	}
 }
 -- 
 2.25.1
--- a/layers/meta-belden-marvell-bsp/recipes-bsp/trusted-firmware-a/files/0002-som-sdp-failover-using-crc-verification.patch
+++ b/layers/meta-belden-marvell-bsp/recipes-bsp/trusted-firmware-a/files/0002-som-sdp-failover-using-crc-verification.patch
@ -1,16 +1,15 @@
-From 6cbb01ba5a5a5ad2b2247c8401d5fac488bf05c3 Mon Sep 17 00:00:00 2001
+From da25bbba607de35267f4dbe74cd772588260de57 Mon Sep 17 00:00:00 2001
 From: Alon Rotman <alon.rotman@solid-run.com>
 Date: Mon, 6 Dec 2021 18:34:37 +0200
 Subject: [PATCH] som sdp failover using crc verification
 Signed-off-by: Alon Rotman <alon.rotman@solid-run.com>
 ---
 .../octeontx/otx2/t91/t9130/board/dram_port.c | 63 ++++++++++++-------
 1 file changed, 41 insertions(+), 22 deletions(-)
 diff --git a/plat/marvell/octeontx/otx2/t91/t9130/board/dram_port.c b/plat/marvell/octeontx/otx2/t91/t9130/board/dram_port.c
-index bb7814e9b..772774215 100644
+index 5de71f095..d59b8100d 100644
 --- a/plat/marvell/octeontx/otx2/t91/t9130/board/dram_port.c
 +++ b/plat/marvell/octeontx/otx2/t91/t9130/board/dram_port.c
@@ -50,7 +50,7 @@ struct mv_ddr_iface dram_iface_ap0 = {
@ -123,3 +122,6 @@ index bb7814e9b..772774215 100644
 +	
 	}
 }
 -- 
 2.25.1
--- a/layers/meta-belden-marvell-bsp/recipes-bsp/trusted-firmware-a/files/ssl.patch
+++ b/layers/meta-belden-marvell-bsp/recipes-bsp/trusted-firmware-a/files/ssl.patch
@ -0,0 +1,52 @@
 fiptool: respect OPENSSL_DIR
 fiptool links to libcrypto, so as with the other tools it should respect
 OPENSSL_DIR for include/library paths.
 Upstream-Status: Submitted
 Signed-off-by: Ross Burton <ross.burton@arm.com>
 diff --git a/Makefile b/Makefile
 index ec6f88585..2d3b9fc26 100644
 --- a/Makefile
 +++ b/Makefile
@@ -1388,7 +1388,7 @@ fwu_fip: ${BUILD_PLAT}/${FWU_FIP_NAME}
 ${FIPTOOL}: FORCE
 ifdef UNIX_MK
 -	${Q}${MAKE} CPPFLAGS="-DVERSION='\"${VERSION_STRING}\"'" FIPTOOL=${FIPTOOL} --no-print-directory -C ${FIPTOOLPATH}
 +	${Q}${MAKE} CPPFLAGS="-DVERSION='\"${VERSION_STRING}\"'" FIPTOOL=${FIPTOOL} OPENSSL_DIR=${OPENSSL_DIR} --no-print-directory -C ${FIPTOOLPATH}
 else
 # Clear the MAKEFLAGS as we do not want
 # to pass the gnumake flags to nmake.
 diff --git a/tools/fiptool/Makefile b/tools/fiptool/Makefile
 index 11d2e7b0b..7c2a08379 100644
 --- a/tools/fiptool/Makefile
 +++ b/tools/fiptool/Makefile
@@ -12,6 +12,8 @@ FIPTOOL ?= fiptool${BIN_EXT}
 PROJECT := $(notdir ${FIPTOOL})
 OBJECTS := fiptool.o tbbr_config.o
 V ?= 0
 +OPENSSL_DIR := /usr
 +
 override CPPFLAGS += -D_GNU_SOURCE -D_XOPEN_SOURCE=700
 HOSTCCFLAGS := -Wall -Werror -pedantic -std=c99
@@ -20,7 +22,7 @@ ifeq (${DEBUG},1)
 else
   HOSTCCFLAGS += -O2
 endif
 -LDLIBS := -lcrypto
 +LDLIBS := -L${OPENSSL_DIR}/lib -lcrypto
 ifeq (${V},0)
   Q := @
@@ -28,7 +30,7 @@ else
   Q :=
 endif
 -INCLUDE_PATHS := -I../../include/tools_share
 +INCLUDE_PATHS := -I../../include/tools_share  -I${OPENSSL_DIR}/include
 HOSTCC ?= gcc
--- a/layers/meta-belden-marvell-bsp/recipes-bsp/u-boot/u-boot_2019.10-solidrun.bb
+++ b/layers/meta-belden-marvell-bsp/recipes-bsp/u-boot/u-boot_2019.10-solidrun.bb
@ -51,6 +51,7 @@ SRC_URI = "git://git.denx.de/u-boot.git;branch=master \
 S = "${WORKDIR}/git"
 require recipes-bsp/u-boot/u-boot.inc
 require recipes-bsp/u-boot/u-boot-coreos.inc
 # Solidrun patches require to build out-of-the-tree
 B = "${WORKDIR}/build"
--- a/layers/meta-belden-marvell-bsp/recipes-bsp/u-boot/u-boot_2023.04-marvell.bb
+++ b/layers/meta-belden-marvell-bsp/recipes-bsp/u-boot/u-boot_2023.04-marvell.bb
@ -30,6 +30,7 @@ SRC_URI = "git://source.denx.de/u-boot/custodians/u-boot-marvell.git;branch=mast
 S = "${WORKDIR}/git"
 require recipes-bsp/u-boot/u-boot.inc
 require recipes-bsp/u-boot/u-boot-coreos.inc
 # Solidrun patches require to build out-of-the-tree
 B = "${WORKDIR}/build"
--- a/layers/meta-belden-marvell-bsp/recipes-coreos/coreos-installer/coreos-installer-config/cn9130-cf-pro_1.0.sfdisk
+++ b/layers/meta-belden-marvell-bsp/recipes-coreos/coreos-installer/coreos-installer-config/cn9130-cf-pro_1.0.sfdisk
@ -18,8 +18,8 @@ sector-size: 512
 /dev/mmcblk0p1 : start=        4096, size=        8192, type=71B02716-C000-4F0D-AE03-2F5DC0A114CD, name="fw0", attrs="RequiredPartition"
 /dev/mmcblk0p2 : start=       12288, size=        8192, type=71B02716-C000-4F0D-AE03-2F5DC0A114CD, name="fw1", attrs="RequiredPartition"
-/dev/mmcblk0p3 : size= ${PART_EFI_SIZE}, ${SFDISK_PART_EFI}
+/dev/mmcblk0p3 : start=       20480, size=      131072, ${SFDISK_PART_EFI}
-/dev/mmcblk0p4 : size= ${PART_EFIBG_SIZE}, ${SFDISK_PART_EFIBOOTGUARD_A}
+/dev/mmcblk0p4 : start=      151552, size=      262144, ${SFDISK_PART_EFIBOOTGUARD_A}
-/dev/mmcblk0p5 : size= ${PART_EFIBG_SIZE}, ${SFDISK_PART_EFIBOOTGUARD_B}
+/dev/mmcblk0p5 : start=      413696, size=      262144, ${SFDISK_PART_EFIBOOTGUARD_B}
-/dev/mmcblk0p6 : size= ${PART_ROOT_SIZE}, ${SFDISK_PART_ROOT_A}
+/dev/mmcblk0p6 : start=      675840, size=     7294976, ${SFDISK_PART_ROOT_A}
-/dev/mmcblk0p7 : size= ${PART_ROOT_SIZE}, ${SFDISK_PART_ROOT_B}
+/dev/mmcblk0p7 : start=     7970816, size=     7294976, ${SFDISK_PART_ROOT_B}
--- a/layers/meta-belden-marvell-bsp/recipes-kernel/linux/linux-netmodule/cn913x_additions.cfg
+++ b/layers/meta-belden-marvell-bsp/recipes-kernel/linux/linux-netmodule/cn913x_additions.cfg
@ -18,12 +18,11 @@ CONFIG_ACPI_CPPC_CPUFREQ=y
 CONFIG_ARM_ARMADA_8K_CPUFREQ=y
 CONFIG_MICROSEMI_PHY=y
 # CONFIG_QRTR_MHI is not set
 # CONFIG_QRTR is not set
 # CONFIG_MHI_BUS is not set
-# CONFIG_ATH11K is not set
+CONFIG_ATH11K=m
-# CONFIG_ATH11K_AHB is not set
+CONFIG_ATH11K_AHB=m
-# CONFIG_ATH11K_PCI is not set
+CONFIG_ATH11K_PCI=m
-# CONFIG_ATH11K_DEBUG is not set
+CONFIG_ATH11K_DEBUG=y
 CONFIG_CRYPTO_MICHAEL_MIC=m
 CONFIG_R8169=y
 CONFIG_MTD=y
@ -50,25 +49,25 @@ CONFIG_WEXT_CORE=y
 CONFIG_WEXT_PROC=y
 CONFIG_WEXT_SPY=y
 CONFIG_WEXT_PRIV=y
-# CONFIG_CFG80211_DEBUGFS is not set
+CONFIG_CFG80211_DEBUGFS=y
-# CONFIG_CFG80211_WEXT is not set
+CONFIG_CFG80211_WEXT=y
-# CONFIG_CFG80211_WEXT_EXPORT is not set
+CONFIG_CFG80211_WEXT_EXPORT=y
-# CONFIG_LIB80211 is not set
+CONFIG_LIB80211=m
-# CONFIG_LIB80211_CRYPT_WEP is not set
+CONFIG_LIB80211_CRYPT_WEP=m
-# CONFIG_LIB80211_CRYPT_CCMP is not set
+CONFIG_LIB80211_CRYPT_CCMP=m
-# CONFIG_LIB80211_CRYPT_TKIP is not set
+CONFIG_LIB80211_CRYPT_TKIP=m
-# CONFIG_LIB80211_DEBUG is not set
+CONFIG_LIB80211_DEBUG=y
-# CONFIG_MAC80211_DEBUGFS is not set
+CONFIG_MAC80211_DEBUGFS=y
-# CONFIG_MAC80211_MESSAGE_TRACING is not set
+CONFIG_MAC80211_MESSAGE_TRACING=y
-# CONFIG_MAC80211_DEBUG_MENU is not set
+CONFIG_MAC80211_DEBUG_MENU=y
 # CONFIG_MAC80211_NOINLINE is not set
-# CONFIG_MAC80211_VERBOSE_DEBUG is not set
+CONFIG_MAC80211_VERBOSE_DEBUG=y
 # CONFIG_MAC80211_MLME_DEBUG is not set
-# CONFIG_MAC80211_STA_DEBUG is not set
+CONFIG_MAC80211_STA_DEBUG=y
 # CONFIG_MAC80211_HT_DEBUG is not set
 # CONFIG_MAC80211_OCB_DEBUG is not set
 # CONFIG_MAC80211_IBSS_DEBUG is not set
-# CONFIG_MAC80211_PS_DEBUG is not set
+CONFIG_MAC80211_PS_DEBUG=y
 # CONFIG_MAC80211_TDLS_DEBUG is not set
 # CONFIG_MAC80211_DEBUG_COUNTERS is not set
 CONFIG_HOTPLUG_PCI_PCIE=y
@ -80,38 +79,38 @@ CONFIG_PCI_DEBUG=y
 # CONFIG_ATH10K_TRACING is not set
 # CONFIG_ATH11K_DEBUGFS is not set
 # CONFIG_ATH11K_TRACING is not set
-# CONFIG_IPW2100 is not set
+CONFIG_IPW2100=m
-# CONFIG_IPW2100_MONITOR is not set
+CONFIG_IPW2100_MONITOR=y
-# CONFIG_IPW2100_DEBUG is not set
+CONFIG_IPW2100_DEBUG=y
-# CONFIG_IPW2200 is not set
+CONFIG_IPW2200=m
-# CONFIG_IPW2200_MONITOR is not set
+CONFIG_IPW2200_MONITOR=y
-# CONFIG_IPW2200_RADIOTAP is not set
+CONFIG_IPW2200_RADIOTAP=y
-# CONFIG_IPW2200_PROMISCUOUS is not set
+CONFIG_IPW2200_PROMISCUOUS=y
-# CONFIG_IPW2200_QOS is not set
+CONFIG_IPW2200_QOS=y
-# CONFIG_IPW2200_DEBUG is not set
+CONFIG_IPW2200_DEBUG=y
-# CONFIG_LIBIPW is not set
+CONFIG_LIBIPW=m
-# CONFIG_LIBIPW_DEBUG is not set
+CONFIG_LIBIPW_DEBUG=y
-# CONFIG_IWLEGACY is not set
+CONFIG_IWLEGACY=m
-# CONFIG_IWL4965 is not set
+CONFIG_IWL4965=m
-# CONFIG_IWL3945 is not set
+CONFIG_IWL3945=m
 #
 # iwl3945 / iwl4965 Debugging Options
 #
-# CONFIG_IWLEGACY_DEBUG is not set
+CONFIG_IWLEGACY_DEBUG=y
 # CONFIG_IWLEGACY_DEBUGFS is not set
 # end of iwl3945 / iwl4965 Debugging Options
-# CONFIG_IWLWIFI is not set
+CONFIG_IWLWIFI=m
-# CONFIG_IWLWIFI_LEDS is not set
+CONFIG_IWLWIFI_LEDS=y
-# CONFIG_IWLDVM is not set
+CONFIG_IWLDVM=m
-# CONFIG_IWLMVM is not set
+CONFIG_IWLMVM=m
-# CONFIG_IWLWIFI_OPMODE_MODULAR is not set
+CONFIG_IWLWIFI_OPMODE_MODULAR=y
-# CONFIG_IWLWIFI_BCAST_FILTERING is not set
+CONFIG_IWLWIFI_BCAST_FILTERING=y
 #
 # Debugging Options
 #
-# CONFIG_IWLWIFI_DEBUG is not set
+CONFIG_IWLWIFI_DEBUG=y
 # CONFIG_IWLWIFI_DEBUGFS is not set
-# CONFIG_IWLWIFI_DEVICE_TRACING is not set
+CONFIG_IWLWIFI_DEVICE_TRACING=y
 # end of Debugging Options
 # CONFIG_WLAN_VENDOR_INTERSIL is not set
 # CONFIG_WLAN_VENDOR_RALINK is not set
@ -166,7 +165,7 @@ CONFIG_FTRACE_MCOUNT_USE_RECORDMCOUNT=y
 # CONFIG_RING_BUFFER_STARTUP_TEST is not set
 # CONFIG_RING_BUFFER_VALIDATE_TIME_DELTAS is not set
 # CONFIG_PREEMPTIRQ_DELAY_TEST is not set
-CONFIG_CMA_SIZE_MBYTES=256
+CONFIG_CMA_SIZE_MBYTES=128
 CONFIG_FUNCTION_TRACER
 CONFIG_FUNCTION_GRAPH_TRACER
 CONFIG_STACK_TRACER
--- a/layers/meta-belden-marvell-bsp/recipes-kernel/linux/linux-netmodule/secure-storage.cfg
+++ b/layers/meta-belden-marvell-bsp/recipes-kernel/linux/linux-netmodule/secure-storage.cfg
@ -1,4 +0,0 @@
 CONFIG_BLK_DEV_DM=y
 CONFIG_KEYS=y
 CONFIG_ENCRYPTED_KEYS=y
 CONFIG_DM_CRYPT=y
--- a/layers/meta-belden-marvell-bsp/recipes-kernel/linux/linux-netmodule_git-5.15-solidrun.bb
+++ b/layers/meta-belden-marvell-bsp/recipes-kernel/linux/linux-netmodule_git-5.15-solidrun.bb
@ -12,7 +12,6 @@ SRC_URI = "git://gitlab.com/netmodule/kernel/linux-netmodule.git;protocol=ssh;us
           file://0001-fix-phy-support-for-falcon-board.patch \
           file://0001-refactor-cn913x-defconfig-cleanup.patch \
           file://cn913x_additions.cfg \
           file://secure-storage.cfg \
           "
 SRCREV ?= "be2f2f0c96e85ecec9d807397194e46bb8bea4a5"
@ -32,7 +31,4 @@ do_configure:append(){
    fi
 }
-# linux-yocto-coreos.inc provide some kernel config fragment that we can apply
+require recipes-kernel/linux/linux-yocto-coreos-efi.inc
 # Note that KERNEL_FEATURES are not applied as this recipes doesn't ihnerit
 # the linux-yocto class.
 require recipes-kernel/linux/linux-yocto-coreos.inc
--- a/layers/meta-belden-marvell-bsp/wic/cn913x-sdcard.wks.in
+++ b/layers/meta-belden-marvell-bsp/wic/cn913x-sdcard.wks.in
@ -11,11 +11,10 @@
 part --offset 4096S --source rawcopy --sourceparams="file=flash-image.bin" --ondisk mmcblk1 --size 4M --extra-space 0 --overhead-factor 1 --part-name fw0
 part --offset 12288S --source rawcopy --sourceparams="file=flash-image.bin" --ondisk mmcblk1 --size 4M --extra-space 0 --overhead-factor 1 --part-name fw1
-${WKS_PART_EFI} --ondisk mmcblk1 --offset 20480S --size ${PART_EFI_SIZE} --extra-space 0 --overhead-factor 1
+${WKS_PART_EFI} --ondisk mmcblk1 --offset 20480S --size 64M --extra-space 0 --overhead-factor 1
-${WKS_PART_ROOT_A} --ondisk mmcblk1 --size ${PART_ROOT_SIZE} --extra-space 0 --overhead-factor 1
+${WKS_PART_ROOT_A} --ondisk mmcblk1 --size ${WKS_PART_ROOT_SIZE} --extra-space 0 --overhead-factor 1
-${WKS_PART_ROOT_B} --ondisk mmcblk1 --size ${PART_ROOT_SIZE} --extra-space 0 --overhead-factor 1
+${WKS_PART_ROOT_B} --ondisk mmcblk1 --size ${WKS_PART_ROOT_SIZE} --extra-space 0 --overhead-factor 1
-${WKS_PART_EFIBOOTGUARD_A} --ondisk mmcblk1  --align 1024 --size ${PART_EFIBG_SIZE} --extra-space 0 --overhead-factor 1
+${WKS_PART_EFIBOOTGUARD_A} --ondisk mmcblk1  --align 1024 --size 128M --extra-space 0 --overhead-factor 1
-${WKS_PART_EFIBOOTGUARD_B} --ondisk mmcblk1  --align 1024 --size ${PART_EFIBG_SIZE} --extra-space 0 --overhead-factor 1
+${WKS_PART_EFIBOOTGUARD_B} --ondisk mmcblk1  --align 1024 --size 128M --extra-space 0 --overhead-factor 1
 ${WKS_PART_USERDATA} --ondisk mmcblk1 --size ${PART_USERDATA_SIZE} --extra-space 0 --overhead-factor 1
 bootloader --ptable gpt
--- a/layers/meta-netmodule-coreos-bsp/README.md
+++ b/layers/meta-netmodule-coreos-bsp/README.md
@ -1,26 +0,0 @@
 # meta-netmodule-coreos-bsp
 BSP layer for NetModule board
 This layer depends on:
 - meta-ti-bsp
 - meta-arm
 ## SoC Family
 This layer contains all CoreOS supported board manufactured by NetModule
 ## Availables Machines
 This layer contains the following machine configuration:
 ### Based on the Gemini platform
 - netmodule-hw34 (Codename for XG900)
 **remarks**: Gemini based board use a TI am64xx (k3) family has a separate
 R5 core that use another architecture as the main core, so for each machine you
 will find a companion machine name `${MACHINE}-k3r5`. This config should not be
 used as is, but will be automatically used for some recipes under the hood when
 using `${MACHINE}` using Bitbake multiconfig feature.
--- a/layers/meta-netmodule-coreos-bsp/classes/coreos-image-swupdate-am64xx.bbclass
+++ b/layers/meta-netmodule-coreos-bsp/classes/coreos-image-swupdate-am64xx.bbclass
@ -1,46 +0,0 @@
 SWUPDATE_IMAGES += "tiboot3-am64x-gemini-b"
 SWUPDATE_IMAGES += "tispl"
 SWUPDATE_IMAGES += "u-boot-${MACHINE}"
 SWUPDATE_IMAGES_FSTYPES[tiboot3-am64x-gemini-b] = ".bin"
 SWUPDATE_IMAGES_FSTYPES[tispl] = ".bin"
 python () {
    machine = d.getVar('MACHINE')
    d.setVarFlag("SWUPDATE_IMAGES_FSTYPES", "u-boot-" + machine, ".img")
 }
 COREOS_SWUPDATE_EXTENDS_FOR:append = "am64xx"
 def coreos_swupdate_extends_images_for_am64xx(d,s):
    machine = d.getVar('MACHINE')
    uboot_filename = "u-boot-" + machine + ".img"
    SECTOR_SIZE = 512
    OFFSET = [0x0*SECTOR_SIZE, 0x600*SECTOR_SIZE, 0x1600*SECTOR_SIZE]
    return [
        {
            "filename" : "tiboot3-am64x-gemini-b.bin",
            "installed-directly" : "true",
            "device" : "/dev/mmcblk0boot0",
            "offset": str(OFFSET[0]),
            "type" : "raw",
            "sha256" : swupdate_get_sha256(d, s, "tiboot3-am64x-gemini-b.bin"),
        },
        {
            "filename" : "tispl.bin",
            "installed-directly" : "true",
            "device" : "/dev/mmcblk0boot0",
            "offset": str(OFFSET[1]),
            "type" : "raw",
            "sha256" : swupdate_get_sha256(d, s, "tispl.bin"),
        },
        {
            "filename" : uboot_filename,
            "installed-directly" : "true",
            "device" : "/dev/mmcblk0boot0",
            "offset": str(OFFSET[2]),
            "type" : "raw",
            "sha256" : swupdate_get_sha256(d, s, uboot_filename),
        }
    ]
--- a/layers/meta-netmodule-coreos-bsp/conf/layer.conf
+++ b/layers/meta-netmodule-coreos-bsp/conf/layer.conf
@ -1,13 +0,0 @@
 # Add layer directory to bbpath
 BBPATH .= ":${LAYERDIR}"
 # Add recipe directories
 BBFILES += "${LAYERDIR}/recipes-*/*/*.bb \
            ${LAYERDIR}/recipes-*/*/*.bbappend"
 BBFILE_COLLECTIONS += "netmodule-coreos-bsp-layer"
 BBFILE_PATTERN_netmodule-coreos-bsp-layer = "^${LAYERDIR}/"
 BBFILE_PRIORITY_netmodule-coreos-bsp-layer = "8"
 LAYERSERIES_COMPAT_netmodule-coreos-bsp-layer = "kirkstone"
 LAYERDEPENDS_netmodule-coreos-bsp-layer = "meta-arm meta-ti-bsp"
--- a/layers/meta-netmodule-coreos-bsp/conf/machine/include/netmodule-am64xx-common.inc
+++ b/layers/meta-netmodule-coreos-bsp/conf/machine/include/netmodule-am64xx-common.inc
@ -1,6 +0,0 @@
 # This file contains the part of the configuration that is common to all
 # board based on the Gemini platform and that are the same for both
 # the Cortex-A53 and Cortex-R5 core (Gemini use a multi-arch SOC)
 PREFERRED_PROVIDER_virtual/bootloader = "u-boot-ti-coreos"
 PREFERRED_PROVIDER_u-boot = "u-boot-ti-coreos"
--- a/layers/meta-netmodule-coreos-bsp/conf/machine/include/netmodule-am64xx-k3.inc
+++ b/layers/meta-netmodule-coreos-bsp/conf/machine/include/netmodule-am64xx-k3.inc
@ -1,49 +0,0 @@
 # This file contains the part of the configuration that is common to all
 # board based on the Gemini platform and that are the Cortex-A53 core.
 # k3.inc from meta-ti set a default WKS_FILE and add wic to IMAGE_FSTYPE.
 # But we don't need a wic image
 WKS_FILE ?= ""
 require conf/machine/include/k3.inc
 require netmodule-am64xx-common.inc
 # Workarround to remove wic related settings added to IMAGE_FSTYPE in k3.inc
 # without too much risk of breaking a distro or local config (as remove)
 # are final
 IMAGE_FSTYPES:remove = "${@'wic.xz wic.bmap' if not d.getVar('WKS_FILE') else ''}"
 # meta-ti-bsp use the machine override in a lot of recipes, so by adding the
 # name of the machine in meta-ti-bsp to SOC_FAMILY, we ensure that we the
 # device override apply.
 #
 # We don't modify MACHINEOVERRIDES directly as this will not place the string
 # in the same place
 SOC_FAMILY:append = ":am64xx"
 # Install u-boot script
 MACHINE_ESSENTIAL_EXTRA_RDEPENDS += "kernel-devicetree"
 PREFERRED_PROVIDER_virtual/kernel = "linux-ti-coreos"
 KERNEL_DEFCONFIG ?= "gemini_defconfig"
 KERNEL_IMAGETYPE = "Image"
 UBOOT_ENTRYPOINT = "0x82000000"
 UBOOT_LOADADDRESS = "0x82000000"
 UBOOT_DTB_LOADADDRESS = "0x88000000"
 UBOOT_RD_LOADADDRESS = "0x88080000"
 UBOOT_RD_ENTRYPOINT = "0x88080000"
 TFA_BOARD = "lite"
 OPTEEMACHINE = "k3"
 # No watchdog available yet
 EFIBOOTGUARD_TIMEOUT ?= "0"
 COREOS_IMAGE_SWUPDATE_EXTRACLASSES += "coreos-image-swupdate-am64xx"
 require conf/machine/include/coreos-generic-features/efi.inc
--- a/layers/meta-netmodule-coreos-bsp/conf/machine/include/netmodule-am64xx-k3r5.inc
+++ b/layers/meta-netmodule-coreos-bsp/conf/machine/include/netmodule-am64xx-k3r5.inc
@ -1,13 +0,0 @@
 # This file contains the part of the configuration that is common to all
 # board based on the Gemini platform and that are the Cortex-R5 core.
 require conf/machine/include/k3r5.inc
 require netmodule-am64xx-common.inc
 # A variant
 #SPL_BINARY = "tiboot3-am64x-gemini.${SPL_SUFFIX}"
 # B variant
 SPL_BINARY = "tiboot3-am64x-gemini-b.${SPL_SUFFIX}"
 # Sanity checks don't apply for real time cores
 INHERIT:remove = "coreos-sanity"
--- a/layers/meta-netmodule-coreos-bsp/conf/machine/netmodule-hw34-k3r5.conf
+++ b/layers/meta-netmodule-coreos-bsp/conf/machine/netmodule-hw34-k3r5.conf
@ -1,7 +0,0 @@
 #@TYPE: Machine
 #@NAME: AM64xx EVM (R5F)
 #@DESCRIPTION: Machine configuration for the TI AM64xx EVM (R5F core)
 require conf/machine/include/netmodule-am64xx-k3r5.inc
 UBOOT_MACHINE = "am64x_netmodule_hw34_r5_defconfig"
--- a/layers/meta-netmodule-coreos-bsp/conf/machine/netmodule-hw34.conf
+++ b/layers/meta-netmodule-coreos-bsp/conf/machine/netmodule-hw34.conf
@ -1,17 +0,0 @@
 require conf/machine/include/netmodule-am64xx-k3.inc
 KERNEL_DEVICETREE = " \
    ti/k3-am642-netmodule-hw34.dtb \
 "
 UBOOT_MACHINE = "am64x_netmodule_hw34_a53_defconfig"
 KERNEL_CONSOLE = "ttyS2"
 SERIAL_CONSOLES = "115200;ttyS2"
 APPEND += "console=ttyS2,115200"
 MACHINE_ESSENTIAL_EXTRA_RDEPENDS:append = " udev-gemini"
 MACHINE_EXTRA_RDEPENDS:append = " prueth-fw-am65x-sr2 linux-firmware-ath10k linux-firmware-ath11k linux-firmware-qca kernel-modules"
--- a/layers/meta-netmodule-coreos-bsp/recipes-bsp/u-boot/u-boot-ti-coreos_2023.04.bb
+++ b/layers/meta-netmodule-coreos-bsp/recipes-bsp/u-boot/u-boot-ti-coreos_2023.04.bb
@ -1,23 +0,0 @@
 require recipes-bsp/u-boot/u-boot-ti.inc
 SPL_UART_BINARY = "u-boot-spl.bin"
 SPL_UART_BINARY:netmodule-hw34-k3r5 = "u-boot-spl.bin"
 LIC_FILES_CHKSUM = "file://Licenses/README;md5=2ca5f2c35c8cc335f0a19756634782f1"
 PV = "2023.04"
 SRC_URI = "git://bitbucket.gad.local:7999/nm-nsp/netmodule-u-boot.git;protocol=ssh;user=git;branch=gemini/ti/ti-u-boot-2023.04 \
           "
 SRCREV = "34cf1e583eb263dd6644d0ebf3468b3846fc0925"
 PACKAGECONFIG[atf] = "BL31=${STAGING_DIR_HOST}/firmware/bl31.bin,,trusted-firmware-a"
 # CoreOS enable EFI by default for all u-boot build, but this machine as a dual architecture u-boot
 # and EFI is not needed on the co-processor. So we enable it only for the main
 # machine
 UBOOT_COREOS_REQUIRE:coreos:netmodule-hw34 ?= "recipes-bsp/u-boot/u-boot-coreos.inc"
 UBOOT_COREOS_REQUIRE ?= ""
 require ${UBOOT_COREOS_REQUIRE}
--- a/layers/meta-netmodule-coreos-bsp/recipes-core/udev/udev-gemini/gemini-can.rules
+++ b/layers/meta-netmodule-coreos-bsp/recipes-core/udev/udev-gemini/gemini-can.rules
@ -1,5 +0,0 @@
 # CAN renaming
 SUBSYSTEM=="net", ACTION=="add", KERNEL=="can*", ENV{ID_PATH}=="platform-20701000.can", NAME="canfd0"
 SUBSYSTEM=="net", ACTION=="add", KERNEL=="can*", ENV{ID_PATH}=="platform-20711000.can", NAME="canfd1"
 SUBSYSTEM=="net", ACTION=="add", KERNEL=="can*", ENV{ID_PATH}=="platform-20110000.spi-cs-0", NAME="canstd0"
 SUBSYSTEM=="net", ACTION=="add", KERNEL=="can*", ENV{ID_PATH}=="platform-20110000.spi-cs-1", NAME="canstd1"
--- a/layers/meta-netmodule-coreos-bsp/recipes-core/udev/udev-gemini_1.0.bb
+++ b/layers/meta-netmodule-coreos-bsp/recipes-core/udev/udev-gemini_1.0.bb
@ -1,18 +0,0 @@
 SUMMARY = "Extra Gemini specific configuration files"
 DESCRIPTION = "Extra machine specific configuration files for udev that are Gemini related."
 LICENSE = "MIT"
 LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
 SRC_URI = " \
       file://gemini-can.rules \
 "
 S = "${WORKDIR}"
 do_install() {
    install -d ${D}${sysconfdir}/udev/rules.d
    install -m 0644 ${WORKDIR}/gemini-can.rules ${D}${sysconfdir}/udev/rules.d/gemini-can.rules
 }
 RDEPENDS:${PN} = "udev"
--- a/layers/meta-netmodule-coreos-bsp/recipes-coreos/coreos-installer/coreos-installer-config/netmodule-hw34_1.0.sfdisk
+++ b/layers/meta-netmodule-coreos-bsp/recipes-coreos/coreos-installer/coreos-installer-config/netmodule-hw34_1.0.sfdisk
@ -1,12 +0,0 @@
 label: gpt
 device: /dev/mmcblk0
 unit: sectors
 first-lba: 34
 last-lba: 15273566
 sector-size: 512
 /dev/mmcblk0p1 : start=          34, size=      131072, type=C12A7328-F81F-11D2-BA4B-00A0C93EC93B, name="efi"
 /dev/mmcblk0p2 : start=      131106, size=      262144, type=EBD0A0A2-B9E5-4433-87C0-68B6B72699C7, name="ebg0"
 /dev/mmcblk0p3 : start=      393250, size=      262144, type=EBD0A0A2-B9E5-4433-87C0-68B6B72699C7, name="ebg1"
 /dev/mmcblk0p4 : start=      655394, size=     7309086, type=0FC63DAF-8483-4772-8E79-3D69D8477DE4, name="rootfs0"
 /dev/mmcblk0p5 : start=     7964480, size=     7309086, type=0FC63DAF-8483-4772-8E79-3D69D8477DE4, name="rootfs1"
--- a/layers/meta-netmodule-coreos-bsp/recipes-coreos/coreos-installer/coreos-installer-config_%.bbappend
+++ b/layers/meta-netmodule-coreos-bsp/recipes-coreos/coreos-installer/coreos-installer-config_%.bbappend
@ -1,7 +0,0 @@
 FILESEXTRAPATHS:prepend := "${THISDIR}/coreos-installer-config:"
 SRC_URI:append:netmodule-hw34 = " file://netmodule-hw34_1.0.sfdisk"
 do_install:append:netmodule-hw34() {
    install -m 755 ${WORKDIR}/netmodule-hw34_1.0.sfdisk ${D}${sysconfdir}/
 }
--- a/layers/meta-netmodule-coreos-bsp/recipes-kernel/linux/linux-ti-coreos_git-5.10.bb
+++ b/layers/meta-netmodule-coreos-bsp/recipes-kernel/linux/linux-ti-coreos_git-5.10.bb
@ -1,29 +0,0 @@
 DESCRIPTION = "Linux kernel for various NetModule hardware"
 COMPATIBLE_MACHINE = "k3"
 inherit kernel
 SRC_URI = "git://bitbucket.gad.local:7999/ico/ti-linux-kernel.git;protocol=ssh;user=git;branch=coreos/5.10 \
           "
 SRCREV = "1debdf5926e98255e7c97e3c160a91f3aa094ffc"
 LICENSE = "GPLv2"
 LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
 S = "${WORKDIR}/git"
 #If a KERNEL_DEFCONFIG is specified, the defconfig specified in SRC_URI will be overwritten!
 do_configure:append(){
    if [ "${KERNEL_DEFCONFIG}" != "" ]; then
        oe_runmake ${KERNEL_DEFCONFIG}
    fi
    configs="${@" ".join(find_cfgs(d))}"
    if [ ! -z "${configs}" ]; then
        ${S}/scripts/kconfig/merge_config.sh -m -O ${WORKDIR}/build ${WORKDIR}/build/.config ${WORKDIR}/*.cfg
    fi
 }
 # linux-yocto-coreos.inc provide some kernel config fragment that we can apply
 # Note that KERNEL_FEATURES are not applied as this recipes doesn't ihnerit
 # the linux-yocto class.
 require recipes-kernel/linux/linux-yocto-coreos.inc
--- a/scripts/coreos-get-dev-keys
+++ b/scripts/coreos-get-dev-keys
@ -0,0 +1,88 @@
 #!/usr/bin/env bash
 # This script will get development keys needed by the UEFI secure boot
 # implementation from the k-stufen web share and put the under $BUILDDIR/keys
 #
 # The reason for every developer to have the same keys is that image/update
 # filest are interchangable.
 # Those developer keys are used for all builds except the ones that are marked
 # as final. Here the official keys will be used.
 #
 # Following keys will be downloaded
 # db.auth  db.der  db.key    KEK.crt  KEK.esl  PK.auth  PK.der  PK.key
 # db.crt   db.esl  KEK.auth  KEK.der  KEK.key  PK.crt   PK.esl
 # This script is used every time the build environment of CoreOS is sourced
 # Note: in the build environment stdout is redirected to /dev/null but not
 # stderr.
 set -e
 # Logging helper
 RED='\033[0;31m'
 GREEN='\033[0;32m'
 BOLD='\033[1m'
 RESET='\033[0m'
 # Ensure that BUILDDIR is defined
 # ==============================================================================
 # This is usually done inside the coreos-init-build-env script
 if [ -z "$BUILDDIR" ]; then 
    echo -e "${RED}BUILDDIR is not defined${RESET}" 2>&1
    echo -e "Have you run the coreos-init-buildenv script?" 2>&1
    exit 1
 fi
 # We need the KEYDIR directory to exist
 # ==============================================================================
 KEYDIR="${BUILDDIR}/keys"
 mkdir -p "${KEYDIR}"
 cd "${KEYDIR}"
 # we need wget and tar
 # ==============================================================================
 assert_command_in_path() {
    if command -v "$1" >/dev/null 2>&1; then
        echo -e "✓ Command ${GREEN}${1}${RESET} was found"
    else
        echo -e "✗ ${RED}Command ${BOLD}${1}${RESET}${RED} was not found in your path${RESET}" >&2 
        echo -e "Please check the coreos-documentation for the list of required packages" >&2 
        exit 1
    fi
 }
 assert_command_in_path wget
 assert_command_in_path tar
 # Generate all they keys, as needed
 # ==============================================================================
 # Only generate the file if it's missing and don't fail if the file already
 # exist
 check_files_exist() {
    RET=0
    for file in "$@"; do
        if [ ! -e "$file" ]; then
            echo -e "𐄂 File ${RED}${file}${RESET} missing"
            RET=1
        else
            echo -e "✓ File ${GREEN}${file}${RESET} already exist"
        fi
    done
    return $RET
 }
 check_files_exist db.auth db.crt db.der db.esl db.key KEK.auth KEK.crt KEK.der \
                  KEK.esl KEK.key PK.auth PK.crt PK.der PK.esl PK.key || \
 {
    echo -e "${RED}Incosistent or no keys.${RESET}"
    echo "Downloading Keys"
    wget -q https://platform-nas.gad.local/K-Stufen/CoreOS/.signing/coreos_developer_signing.keys.tar.gz && \
    tar -xzf coreos_developer_signing.keys.tar.gz -C ${BUILDDIR}/keys && \
    rm coreos_developer_signing.keys.tar.gz
 }
--- a/scripts/coreos-keygen
+++ b/scripts/coreos-keygen
@ -0,0 +1,117 @@
 #!/usr/bin/env bash
 # This script will generate key needed by the UEFI secure boot implementation
 # under $BUILDDIR/keys
 # db.auth  db.der  db.key    KEK.crt  KEK.esl  PK.auth  PK.der  PK.key
 # db.crt   db.esl  KEK.auth  KEK.der  KEK.key  PK.crt   PK.esl
 # This script is used every time the build environment of CoreOS is sourced
 # Note: in the build environment stdout is redirected to /dev/null but not
 # stderr.
 set -e
 # Logging helper
 RED='\033[0;31m'
 GREEN='\033[0;32m'
 BOLD='\033[1m'
 RESET='\033[0m'
 # Ensure that BUILDDIR is defined
 # ==============================================================================
 # This is usually done inside the coreos-init-build-env script
 if [ -z "$BUILDDIR" ]; then 
    echo -e "${RED}BUILDDIR is not defined${RESET}" 2>&1
    echo -e "Have you run the coreos-init-buildenv script?" 2>&1
    exit 1
 fi
 # We need the KEYDIR directory to exist
 # ==============================================================================
 KEYDIR="${BUILDDIR}/keys"
 mkdir -p "${KEYDIR}"
 cd "${KEYDIR}"
 # we need openssl, cert-to-efi-sig-list and sign-efi-sig-list 
 # ==============================================================================
 assert_command_in_path() {
    if command -v "$1" >/dev/null 2>&1; then
        echo -e "✓ Command ${GREEN}${1}${RESET} was found"
    else
        echo -e "✗ ${RED}Command ${BOLD}${1}${RESET}${RED} was not found in your path${RESET}" >&2 
        echo -e "Please check the coreos-documentation for the list of required packages" >&2 
        exit 1
    fi
 }
 assert_command_in_path openssl
 assert_command_in_path cert-to-efi-sig-list
 assert_command_in_path sign-efi-sig-list
 # Generate all they keys, as needed
 # ==============================================================================
 # Only generate the file if it's missing and don't fail if the file already
 # exist
 check_files_exist() {
    RET=0
    for file in "$@"; do
        if [ ! -e "$file" ]; then
            echo -e "𐄂 File ${RED}${file}${RESET} missing"
            RET=1
        else
            echo -e "✓ File ${GREEN}${file}${RESET} already exist"
        fi
    done
    return $RET
 }
 echo "Generating private/public keys in .key/.crt format for PK, KEK et db"
 check_files_exist PK.key PK.crt || \
 openssl req -x509 -sha256 -newkey rsa:2048 -subj /CN=TEST_PK/ \
        -keyout PK.key -out PK.crt -nodes -days 365
 check_files_exist KEK.key KEK.crt || \
 openssl req -x509 -sha256 -newkey rsa:2048 -subj /CN=TEST_KEK/ \
        -keyout KEK.key -out KEK.crt -nodes -days 365
 check_files_exist db.key db.crt || \
 openssl req -x509 -sha256 -newkey rsa:2048 -subj /CN=TEST_db/ \
 		-keyout db.key -out db.crt -nodes -days 365
 echo "Generatic EFI signature list file with PK, KEK et db public key"
 check_files_exist PK.esl || \
 cert-to-efi-sig-list -g 11111111-2222-3333-4444-123456789abc \
        PK.crt PK.esl;
 check_files_exist KEK.esl || \
 cert-to-efi-sig-list -g 11111111-2222-3333-4444-123456789abc \
        KEK.crt KEK.esl
 check_files_exist db.esl || \
 cert-to-efi-sig-list -g 11111111-2222-3333-4444-123456789abc \
        db.crt db.esl
 echo "Generatic EFI AUTH file with PK, KEK et db public key"
 check_files_exist PK.auth || sign-efi-sig-list -c PK.crt -k PK.key PK PK.esl PK.auth
 check_files_exist KEK.auth || sign-efi-sig-list -c PK.crt -k PK.key KEK KEK.esl KEK.auth
 check_files_exist db.auth || sign-efi-sig-list -c KEK.crt -k KEK.key db db.esl db.auth
 echo "Generatic DER files with PK, KEK et db public key"
 # der certificate are need for OVMF based firmware (virtual machine)
 check_files_exist PK.der || openssl x509 -in PK.crt -outform der -out PK.der
 check_files_exist KEK.der || openssl x509 -in KEK.crt -outform der -out KEK.der
 check_files_exist db.der || openssl x509 -in db.crt -outform der -out db.der
 # keys needed to sign and verify SWUpdate
 check_files_exist swupdate.key swupdate.crt || openssl req -x509 -newkey rsa:4096 -nodes -keyout swupdate.key \
    -out swupdate.crt -subj "/O=SWUpdate /CN=target"
--- a/scripts/coreos-resign-swu-file.sh
+++ b/scripts/coreos-resign-swu-file.sh
@ -1,62 +0,0 @@
 #!/usr/bin/env bash
 #title           :coreos-resign-swu-file.sh
 #description     :This script signs/resigns an already existent swu file with a
 #                 provided private key and a certificate
 #author          :Patrick Vogelaar
 #date            :20240325
 #version         :0.1
 #usage           :coreos-resign-swu-file.sh -i <in>.swu -k <key> -c <cert>
 #                 -o <output_file>
 #notes           :openssl and cpio are required
 #==============================================================================
 SW_DESC_FILE_NAME="sw-description"
 SW_DESC_SIG_FILE_NAME="sw-description.sig"
 FIRMWARE_TMP_DIR="firmware_tmp"
 CPIO_ORDER_FILE="cpio_order"
 while getopts i:k:c:o flag
 do
 	case "${flag}" in
 		i) swupdate_in_file=${OPTARG};;
 		k) key_file=${OPTARG};;
 		c) certificate=${OPTARG};;
 		o) output_file=${OPTARG};;
 		*);; # TODO: error handling -> unknown flag
 	esac
 done
 ### Some basic checks
 if [[ -d $FIRMWARE_TMP_DIR ]]; then
 	echo "ERROR: $FIRMWARE_TMP_DIR directory alread exists in this directory"
 	exit 1
 fi
 if ! command -v openssl &> /dev/null
 then
 	echo "openssl could not be found"
 	exit 1
 fi
 if ! command -v cpio &> /dev/null
 then
 	echo "cpio could not be found"
 	exit 1
 fi
 mkdir -p $FIRMWARE_TMP_DIR
 cd $FIRMWARE_TMP_DIR || exit 1
 # store the exact order in a file
 cpio --quiet --list < "../$swupdate_in_file" > $CPIO_ORDER_FILE
 cpio --quiet -id < "../$swupdate_in_file"
 # resign
 openssl cms -sign -in $SW_DESC_FILE_NAME -out $SW_DESC_SIG_FILE_NAME -signer\
        "$certificate" -inkey "$key_file" -outform DER -nosmimecap -binary
 # recreate the swu file
 echo "cat < $CPIO_ORDER_FILE | cpio --quiet -ov > $output_file"
 cat < $CPIO_ORDER_FILE | cpio --quiet -ov > "$output_file"
--- a/scripts/coreos-supported-pkgs.py
+++ b/scripts/coreos-supported-pkgs.py
@ -1,164 +0,0 @@
 #!/usr/bin/env python3
 # Copyright (C) 2023 Hirschmann Automation and Control GmbH
 #
 # - list all recipes that are supported by the CoreOS team
 import sys
 import optparse
 import os
 import re
 scripts_path = os.path.abspath(os.path.dirname(os.path.abspath(sys.argv[0])))
 # Add the path if we have own libs
 lib_path = os.path.abspath(scripts_path + '/../lib')
 sys.path = sys.path + [lib_path]
 # Add the OE lib path
 lib_path = os.path.abspath(scripts_path + '/../external-layers/openembedded-core/scripts/lib')
 sys.path = sys.path + [lib_path]
 import scriptpath
 # For importing the following modules
 bitbakepath = scriptpath.add_bitbake_lib_path()
 if not bitbakepath:
    sys.stderr.write("Unable to find bitbake by searching parent directory of this script or PATH\n")
    sys.exit(1)
 import bb.cooker
 import bb.providers
 import bb.tinfoil
 from pprint import pprint
 def get_fnlist(bbhandler, pkg_pn):
    ''' Get all recipe file names '''
    (latest_versions, preferred_versions, required_versions) = bb.providers.findProviders(bbhandler.config_data, bbhandler.cooker.recipecaches[''], pkg_pn)
    fn_list = []
    for pn in sorted(pkg_pn):
            # use the preferred version
            fn_list.append(preferred_versions[pn][1])
    return fn_list
 def get_recipesdata(bbhandler):
    ''' Get data of all available recipes '''
    pkg_pn = bbhandler.cooker.recipecaches[''].pkg_pn
    pkg_dict = {}
    supported_pkg_dict = {}
    fn_list = get_fnlist(bbhandler, pkg_pn)
    size = str(len(fn_list))
    i = 0
    for fn in fn_list:
        print(size + "/" + str(i))
        i += 1
        data = bbhandler.parse_recipe_file(fn)
        maintainer = data.getVar("COREOS_RECIPE_MAINTAINER")
        pn = data.getVar("PN")
        packages = data.getVar("PACKAGES")
        packages += data.getVar("PROVIDES")
        pkg_dict[pn] = data
        if maintainer:
            supported_pkg_dict[pn] = data
        for pkg in packages.split():
            pkg_dict[pkg] = data
            if maintainer:
                supported_pkg_dict[pkg] = data
    return pkg_dict, supported_pkg_dict
 def resolve_dependencies(pkg_dict, supported_pkg_dict):
    ''' Resolve dependencies and add them to supported packages '''
    sup_with_dep_dict = {}
    for pkg in supported_pkg_dict:
        depends = supported_pkg_dict[pkg].getVar("DEPENDS") or ''
        rdepends = supported_pkg_dict[pkg].getVar("RDEPENDS") or ''
        sup_with_dep_dict[pkg] = pkg_dict[pkg]
        for d_pkg in depends.split():
            if ("virtual/" in d_pkg) or ("native" in d_pkg):
                continue
            sup_with_dep_dict[d_pkg] = pkg_dict[d_pkg]
        for r_pkg in rdepends.split():
            if ("virtual/" in r_pkg) or ("native" in r_pkg):
                continue
            sup_with_dep_dict[r_pkg] = pkg_dict[r_pkg]
    return sup_with_dep_dict
 def display(supported_pkg_dict):
    ''' Display all pkgs and COREOS_RECIPE_MAINTAINER information '''
    print(f'{str("RECIPE NAMES:"):40} {str("META-LAYER:"):40} {str("COS-MAINTAINER:"):50}')
    for pn in supported_pkg_dict:
        recipe_name = supported_pkg_dict[pn].getVar("P")
        recipe_path = supported_pkg_dict[pn].getVar("FILE")
        meta_layer = re.search("(?<=/layers/)(.*)(?=/recipe)", recipe_path).group(0)
        maintainer = supported_pkg_dict[pn].getVar("COREOS_RECIPE_MAINTAINER") or 'Supported by Dependency'
        print(f'{recipe_name:40} {meta_layer:40} {maintainer:50}')
 def get_unique_list(supported_pkg_dict):
    ''' Create a list that only contains one package based on PN '''
    unique_dict = {}
    for pkg in supported_pkg_dict:
        pn = supported_pkg_dict[pkg].getVar("P")
        unique_dict[pn] = supported_pkg_dict[pkg]
    return unique_dict
 def print_to_file(supported_pkg_dict, file):
    ''' print list to a file '''
    with open(file, "w") as file:
        file.write(f'{str("RECIPE NAMES:"):40} {str("META-LAYER:"):40} {str("COS-MAINTAINER:"):50}\n')
        for pn in supported_pkg_dict:
            recipe_name = supported_pkg_dict[pn].getVar("P")
            recipe_path = supported_pkg_dict[pn].getVar("FILE")
            meta_layer = re.search("(?<=/layers/)(.*)(?=/recipe)", recipe_path).group(0)
            maintainer = supported_pkg_dict[pn].getVar("COREOS_RECIPE_MAINTAINER") or 'Supported by Dependency'
            file.write(f'{recipe_name:40} {meta_layer:40} {maintainer:50}\n')
 def main():
    parser = optparse.OptionParser(
        description = "Lists all recipes supported by CoreOS.",
        usage = """
    %prog [options]""")
    parser.add_option("-p", "--print",
            help = "print all recipes that are supported",
            action="store_const", dest="print", default=True)
    parser.add_option("-f", "--file",
            help = "store in file",
            action="store", dest="file", type="string")
    options, args = parser.parse_args(sys.argv)
    with bb.tinfoil.Tinfoil() as bbhandler:
        bbhandler.prepare()
        print("Gathering recipe data...")
        pkg_dict, supported_pkg_dict = get_recipesdata(bbhandler)
        new_len = len(supported_pkg_dict)
        old_len = 0
        while old_len != new_len:
            supported_pkg_dict = resolve_dependencies(pkg_dict, supported_pkg_dict)
            old_len = new_len
            new_len = len(supported_pkg_dict)
        unique_dict = get_unique_list(supported_pkg_dict)
        supported_pkg_dict = unique_dict
        if options.print:
            display(supported_pkg_dict)
        if options.file:
            print_to_file(supported_pkg_dict, options.file)
 if __name__ == "__main__":
    main()
--- a/templates/bblayers.conf.sample
+++ b/templates/bblayers.conf.sample
@ -11,7 +11,6 @@ BBLAYERS ?= " \
  ##COREOS_LAYERSDIR##/meta-belden-coreos-bsp \
  ##COREOS_LAYERSDIR##/meta-belden-coreos-demo \
  ##COREOS_LAYERSDIR##/meta-belden-marvell-bsp \
  ##COREOS_LAYERSDIR##/meta-netmodule-coreos-bsp \
  ##COREOS_EXTLAYERSDIR##/meta-openembedded/meta-oe \
  ##COREOS_EXTLAYERSDIR##/meta-openembedded/meta-networking \
  ##COREOS_EXTLAYERSDIR##/meta-openembedded/meta-filesystems \
@ -22,6 +21,4 @@ BBLAYERS ?= " \
  ##COREOS_EXTLAYERSDIR##/meta-swupdate \
  ##COREOS_EXTLAYERSDIR##/meta-arm/meta-arm \
  ##COREOS_EXTLAYERSDIR##/meta-arm/meta-arm-toolchain \
  ##COREOS_EXTLAYERSDIR##/meta-ti/meta-ti-bsp \
  ##COREOS_EXTLAYERSDIR##/meta-lts-kernel-mixin \
  "
		`@ -1 +0,0 @@`
			`Subproject commit 40fd5f4eef7460ca67f32cfce8e229e67e1ff607`
		`@ -1 +0,0 @@`
			`Subproject commit d7b7b6fb6c7c5545e718e44f38853d1718ce5446`
		`@ -1 +0,0 @@`
			`Subproject commit e3581b11d30d91d0363acb48a6aee47043b7e0bc`
		`@ -1 +0,0 @@`
			`Subproject commit 09d2f9391813674627ec53cb222da6c7a51221e6`
		`@ -1 +0,0 @@`
			`Subproject commit 8bb16533532b6abc2eded7d9961ab2a108fd7a5b`
		`@ -1 +0,0 @@`
			`Subproject commit 3d12b2788a45d86efcb1ad3e01f209558c54795c`
		`@ -1 +0,0 @@`
			`Subproject commit bae3658ac0bc1c9adac7a882439cabb385cae720`
		`@ -1 +0,0 @@`
			`Subproject commit cb2bc17e96552cdfc141d27bd9f4dbd95a872846`
		`@ -1 +0,0 @@`
			`Subproject commit 1b5405955c7c2579ed1f52522e2e177d0281fa33`
		`@ -0,0 +1,2 @@`
							`FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"`
							`require u-boot-coreos.inc`