build-appliance-image: Update to morty head revision

(From OE-Core rev: 55c835c73cc41b6fc809c941c295d62a612e49e0) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
openssl: CVE: CVE-2017-3731
2026-02-04 15:58:50 +01:00 · 2017-02-08 12:00:36 +00:00 · 2017-02-08 12:00:21 +00:00 · 2017-02-08 12:00:21 +00:00 · 2017-02-08 12:00:21 +00:00 · 2017-02-08 12:00:21 +00:00
215 changed files with 5882 additions and 2479 deletions
--- a/bitbake/bin/bitbake-worker
+++ b/bitbake/bin/bitbake-worker
@@ -11,7 +11,10 @@ import select
 import errno
 import signal
 import pickle
+import traceback
+import queue
 from multiprocessing import Lock
+from threading import Thread

 if sys.getfilesystemencoding() != "utf-8":
    sys.exit("Please use a locale setting which supports utf-8.\nPython can't change the filesystem locale after loading so we need a utf-8 when python starts or things won't work.")
@@ -63,7 +66,7 @@ if 0:
    consolelog.setFormatter(conlogformat)
    logger.addHandler(consolelog)

-worker_queue = b""
+worker_queue = queue.Queue()

 def worker_fire(event, d):
    data = b"<event>" + pickle.dumps(event) + b"</event>"
@@ -72,21 +75,38 @@ def worker_fire(event, d):
 def worker_fire_prepickled(event):
    global worker_queue

-    worker_queue = worker_queue + event
-    worker_flush()
+    worker_queue.put(event)

-def worker_flush():
-    global worker_queue, worker_pipe
+#
+# We can end up with write contention with the cooker, it can be trying to send commands
+# and we can be trying to send event data back. Therefore use a separate thread for writing 
+# back data to cooker.
+#
+worker_thread_exit = False

-    if not worker_queue:
-        return
+def worker_flush(worker_queue):
+    worker_queue_int = b""
+    global worker_pipe, worker_thread_exit

-    try:
-        written = os.write(worker_pipe, worker_queue)
-        worker_queue = worker_queue[written:]
-    except (IOError, OSError) as e:
-        if e.errno != errno.EAGAIN and e.errno != errno.EPIPE:
-            raise
+    while True:
+        try:
+            worker_queue_int = worker_queue_int + worker_queue.get(True, 1)
+        except queue.Empty:
+            pass
+        while (worker_queue_int or not worker_queue.empty()):
+            try:
+                if not worker_queue.empty():
+                    worker_queue_int = worker_queue_int + worker_queue.get()
+                written = os.write(worker_pipe, worker_queue_int)
+                worker_queue_int = worker_queue_int[written:]
+            except (IOError, OSError) as e:
+                if e.errno != errno.EAGAIN and e.errno != errno.EPIPE:
+                    raise
+        if worker_thread_exit and worker_queue.empty() and not worker_queue_int:
+            return
+
+worker_thread = Thread(target=worker_flush, args=(worker_queue,))
+worker_thread.start()

 def worker_child_fire(event, d):
    global worker_pipe
@@ -234,9 +254,9 @@ def fork_off_task(cfg, data, databuilder, workerdata, fn, task, taskname, append
                if quieterrors:
                    the_data.setVarFlag(taskname, "quieterrors", "1")

-            except Exception as exc:
+            except Exception:
                if not quieterrors:
-                    logger.critical(str(exc))
+                    logger.critical(traceback.format_exc())
                os._exit(1)
            try:
                if cfg.dry_run:
@@ -352,7 +372,6 @@ class BitbakeWorker(object):
                self.build_pipes[pipe].read()
            if len(self.build_pids):
                self.process_waitpid()
-            worker_flush()


    def handle_item(self, item, func):
@@ -457,8 +476,10 @@ except BaseException as e:
        import traceback
        sys.stderr.write(traceback.format_exc())
        sys.stderr.write(str(e))
-while len(worker_queue):
-    worker_flush()
+
+worker_thread_exit = True
+worker_thread.join()
+
 workerlog_write("exitting")
 sys.exit(0)

--- a/bitbake/lib/bb/build.py
+++ b/bitbake/lib/bb/build.py
@@ -92,6 +92,7 @@ class TaskBase(event.Event):
    def __init__(self, t, logfile, d):
        self._task = t
        self._package = d.getVar("PF", True)
+        self._mc = d.getVar("BB_CURRENT_MC", True)
        self.taskfile = d.getVar("FILE", True)
        self.taskname = self._task
        self.logfile = logfile
@@ -723,7 +724,7 @@ def make_stamp(task, d, file_name = None):
    for mask in cleanmask:
        for name in glob.glob(mask):
            # Preserve sigdata files in the stamps directory
-            if "sigdata" in name:
+            if "sigdata" in name or "sigbasedata" in name:
                continue
            # Preserve taint files in the stamps directory
            if name.endswith('.taint'):
--- a/bitbake/lib/bb/cooker.py
+++ b/bitbake/lib/bb/cooker.py
@@ -252,6 +252,10 @@ class BBCooker:
        signal.signal(signal.SIGHUP, self.sigterm_exception)

    def config_notifications(self, event):
+        if event.maskname == "IN_Q_OVERFLOW":
+            bb.warn("inotify event queue overflowed, invalidating caches.")
+            self.baseconfig_valid = False
+            return
        if not event.pathname in self.configwatcher.bbwatchedfiles:
            return
        if not event.pathname in self.inotify_modified_files:
@@ -259,6 +263,10 @@ class BBCooker:
        self.baseconfig_valid = False

    def notifications(self, event):
+        if event.maskname == "IN_Q_OVERFLOW":
+            bb.warn("inotify event queue overflowed, invalidating caches.")
+            self.parsecache_valid = False
+            return
        if not event.pathname in self.inotify_modified_files:
            self.inotify_modified_files.append(event.pathname)
        self.parsecache_valid = False
@@ -657,6 +665,8 @@ class BBCooker:
        # A task of None means use the default task
        if task is None:
            task = self.configuration.cmd
+        if not task.startswith("do_"):
+            task = "do_%s" % task

        fulltargetlist = self.checkPackages(pkgs_to_build, task)
        taskdata = {}
@@ -715,6 +725,9 @@ class BBCooker:
        Create a dependency graph of pkgs_to_build including reverse dependency
        information.
        """
+        if not task.startswith("do_"):
+            task = "do_%s" % task
+
        runlist, taskdata = self.prepareTreeData(pkgs_to_build, task)
        rq = bb.runqueue.RunQueue(self, self.data, self.recipecaches, taskdata, runlist)
        rq.rqdata.prepare()
@@ -818,6 +831,9 @@ class BBCooker:
        """
        Create a dependency tree of pkgs_to_build, returning the data.
        """
+        if not task.startswith("do_"):
+            task = "do_%s" % task
+
        _, taskdata = self.prepareTreeData(pkgs_to_build, task)

        seen_fns = []
@@ -1318,6 +1334,8 @@ class BBCooker:
        # If we are told to do the None task then query the default task
        if (task == None):
            task = self.configuration.cmd
+        if not task.startswith("do_"):
+            task = "do_%s" % task

        fn, cls, mc = bb.cache.virtualfn2realfn(buildfile)
        fn = self.matchFile(fn)
@@ -1354,8 +1372,6 @@ class BBCooker:
        # Invalidate task for target if force mode active
        if self.configuration.force:
            logger.verbose("Invalidate task %s, %s", task, fn)
-            if not task.startswith("do_"):
-                task = "do_%s" % task
            bb.parse.siggen.invalidate_task(task, self.recipecaches[mc], fn)

        # Setup taskdata structure
@@ -1367,8 +1383,6 @@ class BBCooker:
        bb.event.fire(bb.event.BuildStarted(buildname, [item]), self.expanded_data)

        # Execute the runqueue
-        if not task.startswith("do_"):
-            task = "do_%s" % task
        runlist = [[mc, item, task, fn]]

        rq = bb.runqueue.RunQueue(self, self.data, self.recipecaches, taskdata, runlist)
--- a/bitbake/lib/bb/cookerdata.py
+++ b/bitbake/lib/bb/cookerdata.py
@@ -288,7 +288,7 @@ class CookerDataBuilder(object):

            multiconfig = (self.data.getVar("BBMULTICONFIG", True) or "").split()
            for config in multiconfig:
-                mcdata = self.parseConfigurationFiles(['conf/multiconfig/%s.conf' % config] + self.prefiles, self.postfiles)
+                mcdata = self.parseConfigurationFiles(self.prefiles, self.postfiles, config)
                bb.event.fire(bb.event.ConfigParsed(), mcdata)
                self.mcdata[config] = mcdata

@@ -304,8 +304,9 @@ class CookerDataBuilder(object):
    def _findLayerConf(self, data):
        return findConfigFile("bblayers.conf", data)

-    def parseConfigurationFiles(self, prefiles, postfiles):
+    def parseConfigurationFiles(self, prefiles, postfiles, mc = "default"):
        data = bb.data.createCopy(self.basedata)
+        data.setVar("BB_CURRENT_MC", mc)

        # Parse files for loading *before* bitbake.conf and any includes
        for f in prefiles:
--- a/bitbake/lib/bb/data.py
+++ b/bitbake/lib/bb/data.py
@@ -258,11 +258,13 @@ def exported_keys(d):
                                      not d.getVarFlag(key, 'unexport', False))

 def exported_vars(d):
-    for key in exported_keys(d):
+    k = list(exported_keys(d))
+    for key in k:
        try:
            value = d.getVar(key, True)
-        except Exception:
-            pass
+        except Exception as err:
+            bb.warn("%s: Unable to export ${%s}: %s" % (d.getVar("FILE", True), key, err))
+            continue

        if value is not None:
            yield key, str(value)
--- a/bitbake/lib/bb/runqueue.py
+++ b/bitbake/lib/bb/runqueue.py
@@ -289,8 +289,8 @@ class RunQueueData:
        return tid + task_name_suffix

    def get_short_user_idstring(self, task, task_name_suffix = ""):
-        (mc, fn, taskname, _) = split_tid_mcfn(task)
-        pn = self.dataCaches[mc].pkg_fn[fn]
+        (mc, fn, taskname, taskfn) = split_tid_mcfn(task)
+        pn = self.dataCaches[mc].pkg_fn[taskfn]
        taskname = taskname_from_tid(task) + task_name_suffix
        return "%s:%s" % (pn, taskname)

@@ -884,14 +884,14 @@ class RunQueueData:
        if not self.cooker.configuration.nosetscene:
            for tid in self.runtaskentries:
                (mc, fn, taskname, _) = split_tid_mcfn(tid)
-                setscenetid = fn + ":" + taskname + "_setscene"
+                setscenetid = tid + "_setscene"
                if setscenetid not in taskData[mc].taskentries:
                    continue
                self.runq_setscene_tids.append(tid)

        def invalidate_task(tid, error_nostamp):
-            (mc, fn, taskname, _) = split_tid_mcfn(tid)
-            taskdep = self.dataCaches[mc].task_deps[fn]
+            (mc, fn, taskname, taskfn) = split_tid_mcfn(tid)
+            taskdep = self.dataCaches[mc].task_deps[taskfn]
            if fn + ":" + taskname not in taskData[mc].taskentries:
                logger.warning("Task %s does not exist, invalidating this task will have no effect" % taskname)
            if 'nostamp' in taskdep and taskname in taskdep['nostamp']:
@@ -997,8 +997,9 @@ class RunQueue:
            magic = "decafbadbad"
        if fakeroot:
            magic = magic + "beef"
-            fakerootcmd = self.cfgData.getVar("FAKEROOTCMD", True)
-            fakerootenv = (self.cfgData.getVar("FAKEROOTBASEENV", True) or "").split()
+            mcdata = self.cooker.databuilder.mcdata[mc]
+            fakerootcmd = mcdata.getVar("FAKEROOTCMD", True)
+            fakerootenv = (mcdata.getVar("FAKEROOTBASEENV", True) or "").split()
            env = os.environ.copy()
            for key, value in (var.split('=') for var in fakerootenv):
                env[key] = value
@@ -1059,10 +1060,9 @@ class RunQueue:
        for mc in self.rqdata.dataCaches:
            self.worker[mc] = self._start_worker(mc)

-    def start_fakeworker(self, rqexec):
-        if not self.fakeworker:
-            for mc in self.rqdata.dataCaches:
-                self.fakeworker[mc] = self._start_worker(mc, True, rqexec)
+    def start_fakeworker(self, rqexec, mc):
+        if not mc in self.fakeworker:
+            self.fakeworker[mc] = self._start_worker(mc, True, rqexec)

    def teardown_workers(self):
        self.teardown = True
@@ -1322,7 +1322,7 @@ class RunQueue:
                continue

            sq_fn.append(fn)
-            sq_hashfn.append(self.rqdata.dataCaches[mc].hashfn[fn])
+            sq_hashfn.append(self.rqdata.dataCaches[mc].hashfn[taskfn])
            sq_hash.append(self.rqdata.runtaskentries[tid].hash)
            sq_taskname.append(taskname)
            sq_task.append(tid)
@@ -1402,8 +1402,8 @@ class RunQueue:


        for tid in invalidtasks:
-            (mc, fn, taskname, _) = split_tid_mcfn(tid)
-            pn = self.rqdata.dataCaches[mc].pkg_fn[fn]
+            (mc, fn, taskname, taskfn) = split_tid_mcfn(tid)
+            pn = self.rqdata.dataCaches[mc].pkg_fn[taskfn]
            h = self.rqdata.runtaskentries[tid].hash
            matches = bb.siggen.find_siginfo(pn, taskname, [], self.cfgData)
            match = None
@@ -1506,8 +1506,8 @@ class RunQueueExecute:
        taskdata = {}
        taskdeps.add(task)
        for dep in taskdeps:
-            (mc, fn, taskname, _) = split_tid_mcfn(dep)
-            pn = self.rqdata.dataCaches[mc].pkg_fn[fn]
+            (mc, fn, taskname, taskfn) = split_tid_mcfn(dep)
+            pn = self.rqdata.dataCaches[mc].pkg_fn[taskfn]
            taskdata[dep] = [pn, taskname, fn]
        call = self.rq.depvalidate + "(task, taskdata, notneeded, d)"
        locs = { "task" : task, "taskdata" : taskdata, "notneeded" : self.scenequeue_notneeded, "d" : self.cooker.expanded_data }
@@ -1707,7 +1707,7 @@ class RunQueueExecuteTasks(RunQueueExecute):

            # Check tasks that are going to run against the whitelist
            def check_norun_task(tid, showerror=False):
-                (mc, fn, taskname, _) = split_tid_mcfn(tid)
+                (mc, fn, taskname, taskfn) = split_tid_mcfn(tid)
                # Ignore covered tasks
                if tid in self.rq.scenequeue_covered:
                    return False
@@ -1715,11 +1715,11 @@ class RunQueueExecuteTasks(RunQueueExecute):
                if self.rq.check_stamp_task(tid, taskname, cache=self.stampcache):
                    return False
                # Ignore noexec tasks
-                taskdep = self.rqdata.dataCaches[mc].task_deps[fn]
+                taskdep = self.rqdata.dataCaches[mc].task_deps[taskfn]
                if 'noexec' in taskdep and taskname in taskdep['noexec']:
                    return False

-                pn = self.rqdata.dataCaches[mc].pkg_fn[fn]
+                pn = self.rqdata.dataCaches[mc].pkg_fn[taskfn]
                if not check_setscene_enforce_whitelist(pn, taskname, self.rqdata.setscenewhitelist):
                    if showerror:
                        if tid in self.rqdata.runq_setscene_tids:
@@ -1787,9 +1787,9 @@ class RunQueueExecuteTasks(RunQueueExecute):

            taskdep = self.rqdata.dataCaches[mc].task_deps[taskfn]
            if 'fakeroot' in taskdep and taskname in taskdep['fakeroot'] and not self.cooker.configuration.dry_run:
-                if not self.rq.fakeworker:
+                if not mc in self.rq.fakeworker:
                    try:
-                        self.rq.start_fakeworker(self)
+                        self.rq.start_fakeworker(self, mc)
                    except OSError as exc:
                        logger.critical("Failed to spawn fakeroot worker to run %s: %s" % (task, str(exc)))
                        self.rq.state = runQueueFailed
@@ -1868,6 +1868,7 @@ class RunQueueExecuteScenequeue(RunQueueExecute):
        sq_revdeps_new = {}
        sq_revdeps_squash = {}
        self.sq_harddeps = {}
+        self.stamps = {}

        # We need to construct a dependency graph for the setscene functions. Intermediate
        # dependencies between the setscene tasks only complicate the code. This code
@@ -1978,9 +1979,10 @@ class RunQueueExecuteScenequeue(RunQueueExecute):
        # e.g. do_sometask_setscene[depends] = "targetname:do_someothertask_setscene"
        # Note that anything explicitly depended upon will have its reverse dependencies removed to avoid circular dependencies
        for tid in self.rqdata.runq_setscene_tids:
-                (mc, fn, taskname, _) = split_tid_mcfn(tid)
-                realtid = fn + ":" + taskname + "_setscene"
+                (mc, fn, taskname, taskfn) = split_tid_mcfn(tid)
+                realtid = tid + "_setscene"
                idepends = self.rqdata.taskData[mc].taskentries[realtid].idepends
+                self.stamps[tid] = bb.build.stampfile(taskname + "_setscene", self.rqdata.dataCaches[mc], taskfn, noextra=True)
                for (depname, idependtask) in idepends:

                    if depname not in self.rqdata.taskData[mc].build_targets:
@@ -2044,7 +2046,7 @@ class RunQueueExecuteScenequeue(RunQueueExecute):
            for tid in self.sq_revdeps:
                (mc, fn, taskname, taskfn) = split_tid_mcfn(tid)

-                taskdep = self.rqdata.dataCaches[mc].task_deps[fn]
+                taskdep = self.rqdata.dataCaches[mc].task_deps[taskfn]

                if 'noexec' in taskdep and taskname in taskdep['noexec']:
                    noexec.append(tid)
@@ -2065,7 +2067,7 @@ class RunQueueExecuteScenequeue(RunQueueExecute):
                    continue

                sq_fn.append(fn)
-                sq_hashfn.append(self.rqdata.dataCaches[mc].hashfn[fn])
+                sq_hashfn.append(self.rqdata.dataCaches[mc].hashfn[taskfn])
                sq_hash.append(self.rqdata.runtaskentries[tid].hash)
                sq_taskname.append(taskname)
                sq_task.append(tid)
@@ -2113,8 +2115,8 @@ class RunQueueExecuteScenequeue(RunQueueExecute):
    def check_taskfail(self, task):
        if self.rqdata.setscenewhitelist:
            realtask = task.split('_setscene')[0]
-            (mc, fn, taskname, _) = split_tid_mcfn(realtask)
-            pn = self.rqdata.dataCaches[mc].pkg_fn[fn]
+            (mc, fn, taskname, taskfn) = split_tid_mcfn(realtask)
+            pn = self.rqdata.dataCaches[mc].pkg_fn[taskfn]
            if not check_setscene_enforce_whitelist(pn, taskname, self.rqdata.setscenewhitelist):
                logger.error('Task %s.%s failed' % (pn, taskname + "_setscene"))
                self.rq.state = runQueueCleanUp
@@ -2157,7 +2159,7 @@ class RunQueueExecuteScenequeue(RunQueueExecute):
        if self.stats.active < self.number_tasks:
            # Find the next setscene to run
            for nexttask in self.rqdata.runq_setscene_tids:
-                if nexttask in self.runq_buildable and nexttask not in self.runq_running:
+                if nexttask in self.runq_buildable and nexttask not in self.runq_running and self.stamps[nexttask] not in self.build_stamps.values():
                    if nexttask in self.unskippable:
                        logger.debug(2, "Setscene task %s is unskippable" % nexttask)
                    if nexttask not in self.unskippable and len(self.sq_revdeps[nexttask]) > 0 and self.sq_revdeps[nexttask].issubset(self.scenequeue_covered) and self.check_dependencies(nexttask, self.sq_revdeps[nexttask], True):
@@ -2199,14 +2201,16 @@ class RunQueueExecuteScenequeue(RunQueueExecute):

            taskdep = self.rqdata.dataCaches[mc].task_deps[taskfn]
            if 'fakeroot' in taskdep and taskname in taskdep['fakeroot'] and not self.cooker.configuration.dry_run:
-                if not self.rq.fakeworker:
-                    self.rq.start_fakeworker(self)
+                if not mc in self.rq.fakeworker:
+                    self.rq.start_fakeworker(self, mc)
                self.rq.fakeworker[mc].process.stdin.write(b"<runtask>" + pickle.dumps((taskfn, task, taskname, True, self.cooker.collection.get_file_appends(taskfn), None)) + b"</runtask>")
                self.rq.fakeworker[mc].process.stdin.flush()
            else:
                self.rq.worker[mc].process.stdin.write(b"<runtask>" + pickle.dumps((taskfn, task, taskname, True, self.cooker.collection.get_file_appends(taskfn), None)) + b"</runtask>")
                self.rq.worker[mc].process.stdin.flush()

+            self.build_stamps[task] = bb.build.stampfile(taskname, self.rqdata.dataCaches[mc], taskfn, noextra=True)
+            self.build_stamps2.append(self.build_stamps[task])
            self.runq_running.add(task)
            self.stats.taskActive()
            if self.stats.active < self.number_tasks:
--- a/bitbake/lib/bb/siggen.py
+++ b/bitbake/lib/bb/siggen.py
@@ -30,6 +30,7 @@ class SignatureGenerator(object):
    name = "noop"

    def __init__(self, data):
+        self.basehash = {}
        self.taskhash = {}
        self.runtaskdeps = {}
        self.file_checksum_values = {}
@@ -61,11 +62,10 @@ class SignatureGenerator(object):
        return

    def get_taskdata(self):
-       return (self.runtaskdeps, self.taskhash, self.file_checksum_values, self.taints)
+        return (self.runtaskdeps, self.taskhash, self.file_checksum_values, self.taints, self.basehash)

    def set_taskdata(self, data):
-        self.runtaskdeps, self.taskhash, self.file_checksum_values, self.taints = data
-
+        self.runtaskdeps, self.taskhash, self.file_checksum_values, self.taints, self.basehash = data

 class SignatureGeneratorBasic(SignatureGenerator):
    """
@@ -133,7 +133,11 @@ class SignatureGeneratorBasic(SignatureGenerator):
                var = lookupcache[dep]
                if var is not None:
                    data = data + str(var)
-            self.basehash[fn + "." + task] = hashlib.md5(data.encode("utf-8")).hexdigest()
+            datahash = hashlib.md5(data.encode("utf-8")).hexdigest()
+            k = fn + "." + task
+            if k in self.basehash and self.basehash[k] != datahash:
+                bb.error("When reparsing %s, the basehash value changed from %s to %s. The metadata is not deterministic and this needs to be fixed." % (k, self.basehash[k], datahash))
+            self.basehash[k] = datahash
            taskdeps[task] = alldeps

        self.taskdeps[fn] = taskdeps
@@ -182,6 +186,7 @@ class SignatureGeneratorBasic(SignatureGenerator):
    def get_taskhash(self, fn, task, deps, dataCache):
        k = fn + "." + task
        data = dataCache.basetaskhash[k]
+        self.basehash[k] = data
        self.runtaskdeps[k] = []
        self.file_checksum_values[k] = []
        recipename = dataCache.pkg_fn[fn]
@@ -278,6 +283,15 @@ class SignatureGeneratorBasic(SignatureGenerator):
            if 'nostamp:' in self.taints[k]:
                data['taint'] = self.taints[k]

+        computed_basehash = calc_basehash(data)
+        if computed_basehash != self.basehash[k]:
+            bb.error("Basehash mismatch %s versus %s for %s" % (computed_basehash, self.basehash[k], k))
+        if runtime and k in self.taskhash:
+            computed_taskhash = calc_taskhash(data)
+            if computed_taskhash != self.taskhash[k]:
+                bb.error("Taskhash mismatch %s versus %s for %s" % (computed_taskhash, self.taskhash[k], k))
+                sigfile = sigfile.replace(self.taskhash[k], computed_taskhash)
+
        fd, tmpfile = tempfile.mkstemp(dir=os.path.dirname(sigfile), prefix="sigtask.")
        try:
            with os.fdopen(fd, "wb") as stream:
@@ -292,15 +306,6 @@ class SignatureGeneratorBasic(SignatureGenerator):
                pass
            raise err

-        computed_basehash = calc_basehash(data)
-        if computed_basehash != self.basehash[k]:
-            bb.error("Basehash mismatch %s versus %s for %s" % (computed_basehash, self.basehash[k], k))
-        if runtime and k in self.taskhash:
-            computed_taskhash = calc_taskhash(data)
-            if computed_taskhash != self.taskhash[k]:
-                bb.error("Taskhash mismatch %s versus %s for %s" % (computed_taskhash, self.taskhash[k], k))
-
-
    def dump_sigs(self, dataCaches, options):
        for fn in self.taskdeps:
            for task in self.taskdeps[fn]:
@@ -346,9 +351,14 @@ def dump_this_task(outfile, d):
    bb.parse.siggen.dump_sigtask(fn, task, outfile, "customfile:" + referencestamp)

 def clean_basepath(a):
+    mc = None
+    if a.startswith("multiconfig:"):
+        _, mc, a = a.split(":", 2)
    b = a.rsplit("/", 2)[1] + a.rsplit("/", 2)[2]
    if a.startswith("virtual:"):
        b = b + ":" + a.rsplit(":", 1)[0]
+    if mc:
+        b = b + ":multiconfig:" + mc
    return b

 def clean_basepaths(a):
--- a/bitbake/lib/bb/tinfoil.py
+++ b/bitbake/lib/bb/tinfoil.py
@@ -51,10 +51,13 @@ class Tinfoil:
        features = []
        if tracking:
            features.append(CookerFeatures.BASEDATASTORE_TRACKING)
+        cleanedvars = bb.utils.clean_environment()
        self.cooker = BBCooker(self.config, features)
        self.config_data = self.cooker.data
        bb.providers.logger.setLevel(logging.ERROR)
        self.cooker_data = None
+        for k in cleanedvars:
+            os.environ[k] = cleanedvars[k]

    def register_idle_function(self, function, data):
        pass
--- a/bitbake/lib/bb/ui/buildinfohelper.py
+++ b/bitbake/lib/bb/ui/buildinfohelper.py
@@ -982,6 +982,31 @@ class BuildInfoHelper(object):
            pass
        return task_information

+    def _get_layer_version_for_dependency(self, pathRE):
+        """ Returns the layer in the toaster db that has a full regex match to the pathRE.
+        pathRE - the layer path passed as a regex in the event. It is created in
+          cooker.py as a collection for the layer priorities.
+        """
+        self._ensure_build()
+
+        def _sort_longest_path(layer_version):
+            assert isinstance(layer_version, Layer_Version)
+            return len(layer_version.local_path)
+
+        # we don't care if we match the trailing slashes
+        p = re.compile(re.sub("/[^/]*?$","",pathRE))
+        # Heuristics: we always match recipe to the deepest layer path in the discovered layers
+        for lvo in sorted(self.orm_wrapper.layer_version_objects, reverse=True, key=_sort_longest_path):
+            if p.fullmatch(lvo.local_path):
+                return lvo
+            if lvo.layer.local_source_dir:
+                if p.fullmatch(lvo.layer.local_source_dir):
+                    return lvo
+        #if we get here, we didn't read layers correctly; dump whatever information we have on the error log
+        logger.warning("Could not match layer dependency for path %s : %s", path, self.orm_wrapper.layer_version_objects)
+
+
+
    def _get_layer_version_for_path(self, path):
        self._ensure_build()

@@ -1372,7 +1397,7 @@ class BuildInfoHelper(object):
        if 'layer-priorities' in event._depgraph.keys():
            for lv in event._depgraph['layer-priorities']:
                (_, path, _, priority) = lv
-                layer_version_obj = self._get_layer_version_for_path(path[1:]) # paths start with a ^
+                layer_version_obj = self._get_layer_version_for_dependency(path)
                assert layer_version_obj is not None
                layer_version_obj.priority = priority
                layer_version_obj.save()
--- a/bitbake/lib/bb/ui/uihelper.py
+++ b/bitbake/lib/bb/ui/uihelper.py
@@ -32,7 +32,10 @@ class BBUIHelper:

    def eventHandler(self, event):
        if isinstance(event, bb.build.TaskStarted):
-            self.running_tasks[event.pid] = { 'title' : "%s %s" % (event._package, event._task), 'starttime' : time.time() }
+            if event._mc != "default":
+                self.running_tasks[event.pid] = { 'title' : "mc:%s:%s %s" % (event._mc, event._package, event._task), 'starttime' : time.time() }
+            else:
+                self.running_tasks[event.pid] = { 'title' : "%s %s" % (event._package, event._task), 'starttime' : time.time() }
            self.running_pids.append(event.pid)
            self.needUpdate = True
        elif isinstance(event, bb.build.TaskSucceeded):
--- a/bitbake/lib/bb/utils.py
+++ b/bitbake/lib/bb/utils.py
@@ -378,7 +378,7 @@ def _print_exception(t, value, tb, realfile, text, context):

        # If the exception is from spwaning a task, let's be helpful and display
        # the output (which hopefully includes stderr).
-        if isinstance(value, subprocess.CalledProcessError):
+        if isinstance(value, subprocess.CalledProcessError) and value.output:
            error.append("Subprocess output:")
            error.append(value.output.decode("utf-8", errors="ignore"))
    finally:
--- a/bitbake/lib/toaster/toastermain/settings.py
+++ b/bitbake/lib/toaster/toastermain/settings.py
@@ -60,9 +60,19 @@ DATABASES = {
 if 'sqlite' in DATABASES['default']['ENGINE']:
    DATABASES['default']['OPTIONS'] = { 'timeout': 20 }

-# Hosts/domain names that are valid for this site; required if DEBUG is False
-# See https://docs.djangoproject.com/en/1.5/ref/settings/#allowed-hosts
-ALLOWED_HOSTS = []
+# Update as of django 1.8.16 release, the '*' is needed to allow us to connect while running
+# on hosts without explicitly setting the fqdn for the toaster server.
+# See https://docs.djangoproject.com/en/dev/ref/settings/ for info on ALLOWED_HOSTS
+# Previously this setting was not enforced if DEBUG was set but it is now.
+# The previous behavior was such that ALLOWED_HOSTS defaulted to ['localhost','127.0.0.1','::1']
+# and if you bound to 0.0.0.0:<port #> then accessing toaster as localhost or fqdn would both work.
+# To have that same behavior, with a fqdn explicitly enabled you would set
+# ALLOWED_HOSTS= ['localhost','127.0.0.1','::1','myserver.mycompany.com'] for
+# Django >= 1.8.16. By default, we are not enforcing this restriction in
+# DEBUG mode.
+if DEBUG is True:
+    # this will allow connection via localhost,hostname, or fqdn
+    ALLOWED_HOSTS = ['*']

 # Local time zone for this installation. Choices can be found here:
 # http://en.wikipedia.org/wiki/List_of_tz_zones_by_name
--- a/documentation/bsp-guide/bsp-guide.xml
+++ b/documentation/bsp-guide/bsp-guide.xml
@@ -113,6 +113,11 @@
                <date>October 2016</date>
                <revremark>Released with the Yocto Project 2.2 Release.</revremark>
            </revision>
+            <revision>
+                <revnumber>2.2.1</revnumber>
+                <date>January 2017</date>
+                <revremark>Released with the Yocto Project 2.2.1 Release.</revremark>
+            </revision>
        </revhistory>

    <copyright>
--- a/documentation/dev-manual/dev-manual-common-tasks.xml
+++ b/documentation/dev-manual/dev-manual-common-tasks.xml
--- a/documentation/dev-manual/dev-manual-start.xml
+++ b/documentation/dev-manual/dev-manual-start.xml
@@ -352,6 +352,11 @@
        <ulink url='&YOCTO_DOCS_REF_URL;#var-SDKMACHINE'><filename>SDKMACHINE</filename></ulink>).
        If you are not using an SDK type image, you need to separately download
        and install the stand-alone Yocto Project cross-toolchain tarball.
+        See the
+        "<ulink url='&YOCTO_DOCS_SDK_URL;#sdk-appendix-obtain'>Obtaining the SDK</ulink>"
+        appendix in the Yocto Project Software Development Kit (SDK)
+        Developer's Guide for more information on locating and installing
+        cross-toolchains.
    </para>

    <para>
--- a/documentation/dev-manual/dev-manual.xml
+++ b/documentation/dev-manual/dev-manual.xml
@@ -91,6 +91,11 @@
                <date>October 2016</date>
                <revremark>Released with the Yocto Project 2.2 Release.</revremark>
            </revision>
+            <revision>
+                <revnumber>2.2.1</revnumber>
+                <date>January 2017</date>
+                <revremark>Released with the Yocto Project 2.2.1 Release.</revremark>
+            </revision>
        </revhistory>

    <copyright>
--- a/documentation/kernel-dev/kernel-dev.xml
+++ b/documentation/kernel-dev/kernel-dev.xml
@@ -76,6 +76,11 @@
                <date>October 2016</date>
                <revremark>Released with the Yocto Project 2.2 Release.</revremark>
            </revision>
+            <revision>
+                <revnumber>2.2.1</revnumber>
+                <date>January 2017</date>
+                <revremark>Released with the Yocto Project 2.2.1 Release.</revremark>
+            </revision>
        </revhistory>

    <copyright>
--- a/documentation/mega-manual/mega-manual.xml
+++ b/documentation/mega-manual/mega-manual.xml
@@ -60,6 +60,11 @@
                <date>October 2016</date>
                <revremark>Released with the Yocto Project 2.2 Release.</revremark>
            </revision>
+            <revision>
+                <revnumber>2.2.1</revnumber>
+                <date>January 2017</date>
+                <revremark>Released with the Yocto Project 2.2.1 Release.</revremark>
+            </revision>
       </revhistory>

    <copyright>
@@ -125,6 +130,8 @@
        xmlns:xi="http://www.w3.org/2003/XInclude" href="../sdk-manual/sdk-appendix-obtain.xml"/>
    <xi:include
        xmlns:xi="http://www.w3.org/2003/XInclude" href="../sdk-manual/sdk-appendix-customizing.xml"/>
+    <xi:include
+        xmlns:xi="http://www.w3.org/2003/XInclude" href="../sdk-manual/sdk-appendix-customizing-standard.xml"/>
    <xi:include
        xmlns:xi="http://www.w3.org/2003/XInclude" href="../sdk-manual/sdk-appendix-mars.xml"/>

--- a/documentation/poky.ent
+++ b/documentation/poky.ent
@@ -1,12 +1,12 @@
-<!ENTITY DISTRO "2.2">
-<!ENTITY DISTRO_COMPRESSED "22">
+<!ENTITY DISTRO "2.2.1">
+<!ENTITY DISTRO_COMPRESSED "221">
 <!ENTITY DISTRO_NAME_NO_CAP "morty">
 <!ENTITY DISTRO_NAME "Morty">
-<!ENTITY YOCTO_DOC_VERSION "2.2">
-<!ENTITY POKYVERSION "17.0.0">
-<!ENTITY POKYVERSION_COMPRESSED "1700">
+<!ENTITY YOCTO_DOC_VERSION "2.2.1">
+<!ENTITY POKYVERSION "17.0.1">
+<!ENTITY POKYVERSION_COMPRESSED "1701">
 <!ENTITY YOCTO_POKY "poky-&DISTRO_NAME_NO_CAP;-&POKYVERSION;">
-<!ENTITY COPYRIGHT_YEAR "2010-2016">
+<!ENTITY COPYRIGHT_YEAR "2010-2017">
 <!ENTITY YOCTO_DL_URL "http://downloads.yoctoproject.org">
 <!ENTITY YOCTO_HOME_URL "http://www.yoctoproject.org">
 <!ENTITY YOCTO_LISTS_URL "http://lists.yoctoproject.org">
@@ -61,13 +61,14 @@
 <!ENTITY OE_INIT_PATH "&YOCTO_POKY;/oe-init-build-env">
 <!ENTITY OE_INIT_FILE "oe-init-build-env">
 <!ENTITY UBUNTU_HOST_PACKAGES_ESSENTIAL "gawk wget git-core diffstat unzip texinfo gcc-multilib \
-     build-essential chrpath socat">
+     build-essential chrpath socat cpio python python3 pip3 pexpect">
 <!ENTITY FEDORA_HOST_PACKAGES_ESSENTIAL "gawk make wget tar bzip2 gzip python3 unzip perl patch \
     diffutils diffstat git cpp gcc gcc-c++ glibc-devel texinfo chrpath \
     ccache perl-Data-Dumper perl-Text-ParseWords perl-Thread-Queue perl-bignum socat \
-     findutils which">
+     findutils which file cpio python pip3 pexpect">
 <!ENTITY OPENSUSE_HOST_PACKAGES_ESSENTIAL "python gcc gcc-c++ git chrpath make wget python-xml \
-     diffstat makeinfo python-curses patch socat">
+     diffstat makeinfo python-curses patch socat python3 python3-curses tar pip3 pexpect">
 <!ENTITY CENTOS_HOST_PACKAGES_ESSENTIAL "gawk make wget tar bzip2 gzip python unzip perl patch \
     diffutils diffstat git cpp gcc gcc-c++ glibc-devel texinfo chrpath socat \
-     perl-Data-Dumper perl-Text-ParseWords perl-Thread-Queue">
+     perl-Data-Dumper perl-Text-ParseWords perl-Thread-Queue pip3 pexpect">
+
--- a/documentation/profile-manual/profile-manual.xml
+++ b/documentation/profile-manual/profile-manual.xml
@@ -76,6 +76,11 @@
                <date>October 2016</date>
                <revremark>Released with the Yocto Project 2.2 Release.</revremark>
            </revision>
+            <revision>
+                <revnumber>2.2.1</revnumber>
+                <date>January 2017</date>
+                <revremark>Released with the Yocto Project 2.2.1 Release.</revremark>
+            </revision>
        </revhistory>

    <copyright>
--- a/documentation/ref-manual/introduction.xml
+++ b/documentation/ref-manual/introduction.xml
@@ -168,20 +168,22 @@
                <listitem><para>Ubuntu 14.10</para></listitem>
                <listitem><para>Ubuntu 15.04</para></listitem>
                <listitem><para>Ubuntu 15.10</para></listitem>
+                <listitem><para>Ubuntu 16.04</para></listitem>
 <!--                <listitem><para>Fedora 16 (Verne)</para></listitem>
                <listitem><para>Fedora 17 (Spherical)</para></listitem>
                <listitem><para>Fedora release 19 (Schrödinger's Cat)</para></listitem>
                <listitem><para>Fedora release 20 (Heisenbug)</para></listitem> -->
-                <listitem><para>Fedora release 21</para></listitem>
                <listitem><para>Fedora release 22</para></listitem>
+                <listitem><para>Fedora release 23</para></listitem>
+                <listitem><para>Fedora release 24</para></listitem>
 <!--                <listitem><para>CentOS release 5.6 (Final)</para></listitem>
                <listitem><para>CentOS release 5.7 (Final)</para></listitem>
                <listitem><para>CentOS release 5.8 (Final)</para></listitem>
-                <listitem><para>CentOS release 6.3 (Final)</para></listitem> -->
-                <listitem><para>CentOS release 6.x</para></listitem>
+                <listitem><para>CentOS release 6.3 (Final)</para></listitem>
+                <listitem><para>CentOS release 6.x</para></listitem> -->
                <listitem><para>CentOS release 7.x</para></listitem>
-<!--                <listitem><para>Debian GNU/Linux 6.0 (Squeeze)</para></listitem> -->
-                <listitem><para>Debian GNU/Linux 7.x (Wheezy)</para></listitem>
+<!--                <listitem><para>Debian GNU/Linux 6.0 (Squeeze)</para></listitem>
+                <listitem><para>Debian GNU/Linux 7.x (Wheezy)</para></listitem> -->
                <listitem><para>Debian GNU/Linux 8.x (Jessie)</para></listitem>
 <!--                <listitem><para>Debian GNU/Linux 7.1 (Wheezy)</para></listitem>
                <listitem><para>Debian GNU/Linux 7.2 (Wheezy)</para></listitem>
@@ -195,6 +197,7 @@
                <listitem><para>openSUSE 12.3</para></listitem>
                <listitem><para>openSUSE 13.1</para></listitem> -->
                <listitem><para>openSUSE 13.2</para></listitem>
+                <listitem><para>openSUSE 42.1</para></listitem>
            </itemizedlist>
        </para>

@@ -257,12 +260,6 @@
                        <literallayout class='monospaced'>
     $ sudo apt-get install make xsltproc docbook-utils fop dblatex xmlto
                        </literallayout></para></listitem>
-                    <listitem><para><emphasis>SDK Installer Extras:</emphasis>
-                        Packages needed if you are going to be using the
-                        the standard or extensible SDK:
-                        <literallayout class='monospaced'>
-     $ sudo apt-get install autoconf automake libtool libglib2.0-dev libarchive-dev
-                        </literallayout></para></listitem>
                    <listitem><para><emphasis>OpenEmbedded Self-Test (<filename>oe-selftest</filename>):</emphasis>
                        Packages needed if you are going to run
                        <filename>oe-selftest</filename>:
@@ -301,12 +298,6 @@
     $ sudo dnf install make docbook-style-dsssl docbook-style-xsl \
     docbook-dtds docbook-utils fop libxslt dblatex xmlto xsltproc
                        </literallayout></para></listitem>
-                    <listitem><para><emphasis>SDK Installer Extras:</emphasis>
-                        Packages needed if you are going to be using the
-                        standard or extensible SDK:
-                        <literallayout class='monospaced'>
-     $ sudo dnf install autoconf automake libtool glib2-devel libarchive-devel
-                        </literallayout></para></listitem>
                    <listitem><para><emphasis>OpenEmbedded Self-Test (<filename>oe-selftest</filename>):</emphasis>
                        Packages needed if you are going to run
                        <filename>oe-selftest</filename>:
@@ -344,12 +335,6 @@
                        <literallayout class='monospaced'>
     $ sudo zypper install make fop xsltproc dblatex xmlto
                        </literallayout></para></listitem>
-                    <listitem><para><emphasis>SDK Installer Extras:</emphasis>
-                        Packages needed if you are going to be using the
-                        standard or extensible SDK:
-                        <literallayout class='monospaced'>
-     $ sudo zypper install autoconf automake libtool glib2-devel libarchive-devel
-                        </literallayout></para></listitem>
                    <listitem><para><emphasis>OpenEmbedded Self-Test (<filename>oe-selftest</filename>):</emphasis>
                        Packages needed if you are going to run
                        <filename>oe-selftest</filename>:
@@ -399,12 +384,6 @@
     $ sudo yum install make docbook-style-dsssl docbook-style-xsl \
     docbook-dtds docbook-utils fop libxslt dblatex xmlto xsltproc
                        </literallayout></para></listitem>
-                    <listitem><para><emphasis>SDK Installer Extras:</emphasis>
-                        Packages needed if you are going to be using the
-                        standard or extensible SDK:
-                        <literallayout class='monospaced'>
-     $ sudo yum install autoconf automake libtool glib2-devel libarchive-devel
-                        </literallayout></para></listitem>
                    <listitem><para><emphasis>OpenEmbedded Self-Test (<filename>oe-selftest</filename>):</emphasis>
                        Packages needed if you are going to run
                        <filename>oe-selftest</filename>:
--- a/documentation/ref-manual/migration.xml
+++ b/documentation/ref-manual/migration.xml
@@ -3392,10 +3392,6 @@

        <para>
            The following changes for Python occurred:
-            <note>
-                Python 2 and recipes that use it can still be built for the
-                target as with previous versions.
-            </note>
        </para>

        <section id='migration-2.2-bitbake-now-requires-python-3.4'>
@@ -3443,6 +3439,10 @@
                Unfortunately, systems using RPM as a package manager and
                providing online package-manager support through SMART still
                require Python 2.
+                <note>
+                    Python 2 and recipes that use it can still be built for the
+                    target as with previous versions.
+                </note>
            </para>
        </section>

@@ -3489,23 +3489,26 @@
        <para>
            <filename>runqemu</filename> has been ported to Python and has
            changed behavior in some cases.
+            Previous usage patterns continue to be supported.
        </para>

        <para>
            The new <filename>runqemu</filename> is a Python script.
-            The script requires a configuration file in the following
-            form in order to boot the BSP:
+            Machine knowledge is no longer hardcoded into
+            <filename>runqemu</filename>.
+            You can choose to use the <filename>qemuboot</filename>
+            configuration file to define the BSP's own arguments and to make
+            it bootable with <filename>runqemu</filename>.
+            If you use a configuration file, use the following form:
            <literallayout class='monospaced'>
     <replaceable>image-name</replaceable>-<replaceable>machine</replaceable>.qemuboot.conf
            </literallayout>
-            Machine knowledge is no longer hardcoded into
-            <filename>runqemu</filename>.
-            You can use the <filename>qemuboot</filename> configuration file
-            to define the BSP's own arguments and to make it bootable
-            with <filename>runqemu</filename>.
-            <note>
-                Previous usage patterns are continued to be supported.
-            </note>
+            The configuration file enables fine-grained tuning of options
+            passed to QEMU without the <filename>runqemu</filename> script
+            hard-coding any knowledge about different machines.
+            Using a configuration file is particularly convenient when trying
+            to use QEMU with machines other than the
+            <filename>qemu*</filename> machines in OE-Core.
            The <filename>qemuboot.conf</filename> file is generated by the
            <filename>qemuboot</filename>
            class when the root filesystem is being build (i.e.
@@ -3515,6 +3518,34 @@
            <filename>qemuboot.conf</filename>.
        </para>

+
+        <para>
+            If you want to use <filename>runqemu</filename> without a
+            configuration file, use the following command form:
+            <literallayout class='monospaced'>
+     $ runqemu <replaceable>machine</replaceable> <replaceable>rootfs</replaceable> <replaceable>kernel</replaceable> [<replaceable>options</replaceable>]
+            </literallayout>
+            Supported <replaceable>machines</replaceable> are as follows:
+            <literallayout class='monospaced'>
+     qemuarm
+     qemuarm64
+     qemux86
+     qemux86-64
+     qemuppc
+     qemumips
+     qemumips64
+     qemumipsel
+     qemumips64el
+            </literallayout>
+            Consider the following example, which uses the
+            <filename>qemux86-64</filename> machine,
+            provides a root filesystem, provides an image, and uses
+            the <filename>nographic</filename> option:
+            <literallayout class='monospaced'>
+$ runqemu qemux86-64 tmp/deploy/images/qemux86-64/core-image-minimal-qemux86-64.ext4 tmp/deploy/images/qemux86-64/bzImage nographic
+            </literallayout>
+        </para>
+
        <para>
            Following is a list of variables that can be set in configuration
            files such as <filename>bsp.conf</filename> to enable the BSP
@@ -3579,8 +3610,8 @@
            binary" QA issues when building such recipes.
            You need to fix these recipes so that they use the expected
            <filename>LDFLAGS</filename>.
-            Depending on how the software is built, the build system might
-            need to be patched.
+            Depending on how the software is built, the build system used by
+            the software (e.g. a Makefile) might need to be patched.
            However, sometimes making this fix is as simple as adding the
            following to the recipe:
            <literallayout class='monospaced'>
@@ -3589,6 +3620,27 @@
        </para>
    </section>

+    <section id='migration-2.2-kernel-image-base-name-no-longer-uses-kernel-imagetype'>
+        <title><filename>KERNEL_IMAGE_BASE_NAME</filename> no Longer Uses <filename>KERNEL_IMAGETYPE</filename></title>
+
+        <para>
+            The
+            <link linkend='var-KERNEL_IMAGE_BASE_NAME'><filename>KERNEL_IMAGE_BASE_NAME</filename></link>
+            variable no longer uses the
+            <link linkend='var-KERNEL_IMAGETYPE'><filename>KERNEL_IMAGETYPE</filename></link>
+            variable to create the image's base name.
+            Because the OpenEmbedded build system can now build multiple kernel
+            image types, this part of the kernel image base name as been
+            removed leaving only the following:
+            <literallayout class='monospaced'>
+     KERNEL_IMAGE_BASE_NAME ?= "${PKGE}-${PKGV}-${PKGR}-${MACHINE}-${DATETIME}
+            </literallayout>
+            If you have recipes or classes that use
+            <filename>KERNEL_IMAGE_BASE_NAME</filename> directly, you might
+            need to update the references to ensure they continue to work.
+        </para>
+    </section>
+
    <section id='migration-2.2-bitbake-changes'>
        <title>BitBake Changes</title>

--- a/documentation/ref-manual/ref-classes.xml
+++ b/documentation/ref-manual/ref-classes.xml
@@ -1873,11 +1873,22 @@
    </para>

    <para>
-        This means that each built kernel module is packaged separately and inter-module
-        dependencies are created by parsing the <filename>modinfo</filename> output.
-        If all modules are required, then installing the <filename>kernel-modules</filename>
-        package installs all packages with modules and various other kernel packages
-        such as <filename>kernel-vmlinux</filename>.
+        This means that each built kernel module is packaged separately and
+        inter-module dependencies are created by parsing the
+        <filename>modinfo</filename> output.
+        If all modules are required, then installing the
+        <filename>kernel-modules</filename> package installs all packages with
+        modules and various other kernel packages such as
+        <filename>kernel-vmlinux</filename>.
+    </para>
+
+    <para>
+        The <filename>kernel</filename> class contains logic that allows
+        you to embed an initial RAM filesystem (initramfs) image when
+        you build the kernel image.
+        For information on how to build an initramfs, see the
+        "<ulink url='&YOCTO_DOCS_DEV_URL;#building-an-initramfs-image'>Building an Initial RAM Filesystem (initramfs) Image</ulink>"
+        section in the Yocto Project Development Manual.
    </para>

    <para>
--- a/documentation/ref-manual/ref-features.xml
+++ b/documentation/ref-manual/ref-features.xml
@@ -142,6 +142,18 @@
                <listitem><para><emphasis>alsa:</emphasis> Include ALSA support
                    (OSS compatibility kernel modules installed if available).
                    </para></listitem>
+                <listitem><para><emphasis>api-documentation:</emphasis>
+                    Enables generation of API documentation during recipe
+                    builds.
+                    The resulting documentation is added to SDK tarballs
+                    when the
+                    <filename>bitbake -c populate_sdk</filename> command
+                    is used.
+                    See the
+                    "<ulink url='&YOCTO_DOCS_SDK_URL;#adding-api-documentation-to-the-standard-sdk'>Adding API Documentation to the Standard SDK</ulink>"
+                    section in the Yocto Project Software Development Kit (SDK)
+                    Developer's Guide for more information.
+                    </para></listitem>
                <listitem><para><emphasis>bluetooth:</emphasis> Include
                    bluetooth support (integrated BT only).</para></listitem>
                <listitem><para><emphasis>bluez5:</emphasis> Include
--- a/documentation/ref-manual/ref-manual.xml
+++ b/documentation/ref-manual/ref-manual.xml
@@ -107,6 +107,11 @@
                <date>October 2016</date>
                <revremark>Released with the Yocto Project 2.2 Release.</revremark>
            </revision>
+            <revision>
+                <revnumber>2.2.1</revnumber>
+                <date>January 2017</date>
+                <revremark>Released with the Yocto Project 2.2.1 Release.</revremark>
+            </revision>
        </revhistory>

    <copyright>
--- a/documentation/ref-manual/ref-variables.xml
+++ b/documentation/ref-manual/ref-variables.xml
@@ -1225,6 +1225,42 @@
            </glossdef>
        </glossentry>

+        <glossentry id='var-BBMULTICONFIG'><glossterm>BBMULTICONFIG</glossterm>
+            <info>
+                BBMULTICONFIG[doc] = "Specifies each separate configuration when you are building targets with multiple configurations."
+            </info>
+            <glossdef>
+                <para role="glossdeffirst">
+<!--                <para role="glossdeffirst"><imagedata fileref="figures/define-generic.png" /> -->
+                    Specifies each separate configuration when you are
+                    building targets with multiple configurations.
+                    Use this variable in your
+                    <filename>conf/local.conf</filename> configuration file.
+                    Specify a <replaceable>multiconfigname</replaceable> for
+                    each configuration file you are using.
+                    For example, the following line specifies three
+                    configuration files:
+                    <literallayout class='monospaced'>
+     BBMULTIFONFIG = "configA configB configC"
+                    </literallayout>
+                    Each configuration file you use must reside in the
+                    <ulink url='&YOCTO_DOCS_DEV_URL;#build-directory'>Build Directory's</ulink>
+                    <filename>conf/multiconfig</filename> directory
+                    (e.g.
+                    <replaceable>build_directory</replaceable><filename>/conf/multiconfig/configA.conf</filename>).
+                </para>
+
+                <para>
+                    For information on how to use
+                    <filename>BBMULTICONFIG</filename> in an environment that
+                    supports building targets with multiple configurations,
+                    see the
+                    "<ulink url='&YOCTO_DOCS_DEV_URL;#platdev-building-targets-with-multiple-configurations'>Building Targets with Multiple Configurations</ulink>"
+                    section in the Yocto Project Development Manual.
+                </para>
+            </glossdef>
+        </glossentry>
+
        <glossentry id='var-BBPATH'><glossterm>BBPATH</glossterm>
            <info>
                BBPATH[doc] = "Used by BitBake to locate .bbclass and configuration files. This variable is analogous to the PATH variable."
@@ -2237,12 +2273,13 @@

        <glossentry id='var-CONFIG_INITRAMFS_SOURCE'><glossterm>CONFIG_INITRAMFS_SOURCE</glossterm>
            <info>
-                CONFIG_INITRAMFS_SOURCE[doc] = "Identifies the initial RAM disk (initramfs) source files. The OpenEmbedded build system receives and uses this kernel Kconfig variable as an environment variable."
+                CONFIG_INITRAMFS_SOURCE[doc] = "Identifies the initial RAM filesystem (initramfs) source files. The OpenEmbedded build system receives and uses this kernel Kconfig variable as an environment variable."
            </info>
            <glossdef>
                <para role="glossdeffirst">
 <!--                <para role="glossdeffirst"><imagedata fileref="figures/define-generic.png" /> -->
-                    Identifies the initial RAM disk (initramfs) source files.
+                    Identifies the initial RAM filesystem (initramfs) source
+                    files.
                    The OpenEmbedded build system receives and uses
                    this kernel Kconfig variable as an environment variable.
                    By default, the variable is set to null ("").
@@ -2268,6 +2305,12 @@
                    If you specify multiple directories and files, the
                    initramfs image will be the aggregate of all of them.
                </para>
+
+                <para>
+                    For information on creating an initramfs, see the
+                    "<ulink url='&YOCTO_DOCS_DEV_URL;#building-an-initramfs-image'>Building an Initial RAM Filesystem (initramfs) Image</ulink>"
+                    section in the Yocto Project Development Manual.
+                </para>
            </glossdef>
        </glossentry>

@@ -5369,9 +5412,12 @@
                        variable to specify packages for installation.
                        Instead, use the
                        <link linkend='var-PACKAGE_INSTALL'><filename>PACKAGE_INSTALL</filename></link>
-                        variable, which allows the initial RAM disk (initramfs)
-                        recipe to use a fixed set of packages and not be
-                        affected by <filename>IMAGE_INSTALL</filename>.
+                        variable, which allows the initial RAM filesystem
+                        (initramfs) recipe to use a fixed set of packages and
+                        not be affected by <filename>IMAGE_INSTALL</filename>.
+                        For information on creating an initramfs, see the
+                        "<ulink url='&YOCTO_DOCS_DEV_URL;#building-an-initramfs-image'>Building an Initial RAM Filesystem (initramfs) Image</ulink>"
+                        section in the Yocto Project Development Manual.
                    </note>
                </para>

@@ -6097,13 +6143,13 @@ recipes-graphics/xorg-font/font-alias_1.0.3.bb:PR = "${INC_PR}.3"

        <glossentry id='var-INITRAMFS_FSTYPES'><glossterm>INITRAMFS_FSTYPES</glossterm>
            <info>
-                INITRAMFS_FSTYPES[doc] = "Defines the format for the output image of an initial RAM disk (initramfs), which is used during boot."
+                INITRAMFS_FSTYPES[doc] = "Defines the format for the output image of an initial RAM filesystem (initramfs), which is used during boot."
            </info>
            <glossdef>
                <para role="glossdeffirst">
 <!--                <para role="glossdeffirst"><imagedata fileref="figures/define-generic.png" /> -->
                    Defines the format for the output image of an initial
-                    RAM disk (initramfs), which is used during boot.
+                    RAM filesystem (initramfs), which is used during boot.
                    Supported formats are the same as those supported by the
                    <link linkend='var-IMAGE_FSTYPES'><filename>IMAGE_FSTYPES</filename></link>
                    variable.
@@ -6116,7 +6162,7 @@ recipes-graphics/xorg-font/font-alias_1.0.3.bb:PR = "${INC_PR}.3"
                    <ulink url='&YOCTO_DOCS_DEV_URL;#source-directory'>Source Directory</ulink>,
                    is "cpio.gz".
                    The Linux kernel's initramfs mechanism, as opposed to the
-                    initial RAM disk
+                    initial RAM filesystem
                    <ulink url='https://en.wikipedia.org/wiki/Initrd'>initrd</ulink>
                    mechanism, expects an optionally compressed cpio
                    archive.
@@ -6126,7 +6172,7 @@ recipes-graphics/xorg-font/font-alias_1.0.3.bb:PR = "${INC_PR}.3"

        <glossentry id='var-INITRAMFS_IMAGE'><glossterm>INITRAMFS_IMAGE</glossterm>
            <info>
-                INITRAMFS_IMAGE[doc] = "Specifies the PROVIDES name of an image recipe that is used to build an initial RAM disk (initramfs) image."
+                INITRAMFS_IMAGE[doc] = "Specifies the PROVIDES name of an image recipe that is used to build an initial RAM filesystem (initramfs) image."
            </info>
            <glossdef>
                <para role="glossdeffirst">
@@ -6134,7 +6180,7 @@ recipes-graphics/xorg-font/font-alias_1.0.3.bb:PR = "${INC_PR}.3"
                    Specifies the
                    <link linkend='var-PROVIDES'><filename>PROVIDES</filename></link>
                    name of an image recipe that is used to build an initial
-                    RAM disk (initramfs) image.
+                    RAM filesystem (initramfs) image.
                    An initramfs provides a temporary root filesystem used for
                    early system initialization (e.g. loading of modules
                    needed to locate and mount the "real" root filesystem).
@@ -6175,17 +6221,21 @@ recipes-graphics/xorg-font/font-alias_1.0.3.bb:PR = "${INC_PR}.3"
                </para>

                <para>
-                    Finally, for more information you can also see the
+                    For more information, you can also see the
                    <link linkend='var-INITRAMFS_IMAGE_BUNDLE'><filename>INITRAMFS_IMAGE_BUNDLE</filename></link>
                    variable, which allows the generated image to be bundled
                    inside the kernel image.
+                    Additionally, for information on creating an initramfs, see
+                    the
+                    "<ulink url='&YOCTO_DOCS_DEV_URL;#building-an-initramfs-image'>Building an Initial RAM Filesystem (initramfs) Image</ulink>"
+                    section in the Yocto Project Development Manual.
                </para>
            </glossdef>
        </glossentry>

        <glossentry id='var-INITRAMFS_IMAGE_BUNDLE'><glossterm>INITRAMFS_IMAGE_BUNDLE</glossterm>
            <info>
-                INITRAMFS_IMAGE_BUNDLE[doc] = "Controls whether or not the image recipe specified by INITRAMFS_IMAGE is run through an extra pass (do_bundle_initramfs) during kernel compilation in order to build a single binary that contains both the kernel image and the initial RAM disk (initramfs)."
+                INITRAMFS_IMAGE_BUNDLE[doc] = "Controls whether or not the image recipe specified by INITRAMFS_IMAGE is run through an extra pass (do_bundle_initramfs) during kernel compilation in order to build a single binary that contains both the kernel image and the initial RAM filesystem (initramfs)."
            </info>
            <glossdef>
                <para role="glossdeffirst">
@@ -6195,8 +6245,8 @@ recipes-graphics/xorg-font/font-alias_1.0.3.bb:PR = "${INC_PR}.3"
                    is run through an extra pass
                    (<link linkend='ref-tasks-bundle_initramfs'><filename>do_bundle_initramfs</filename></link>)
                    during kernel compilation in order to build a single binary
-                    that contains both the kernel image and the initial RAM disk
-                    (initramfs).
+                    that contains both the kernel image and the initial RAM
+                    filesystem (initramfs) image.
                    This makes use of the
                    <link linkend='var-CONFIG_INITRAMFS_SOURCE'><filename>CONFIG_INITRAMFS_SOURCE</filename></link>
                    kernel feature.
@@ -6243,6 +6293,9 @@ recipes-graphics/xorg-font/font-alias_1.0.3.bb:PR = "${INC_PR}.3"
                    See the
                    <ulink url='&YOCTO_GIT_URL;/cgit/cgit.cgi/poky/tree/meta-poky/conf/local.conf.sample.extended'><filename>local.conf.sample.extended</filename></ulink>
                    file for additional information.
+                    Also, for information on creating an initramfs, see the
+                    "<ulink url='&YOCTO_DOCS_DEV_URL;#building-an-initramfs-image'>Building an Initial RAM Filesystem (initramfs) Image</ulink>"
+                    section in the Yocto Project Development Manual.
                </para>
            </glossdef>
        </glossentry>
@@ -6730,13 +6783,12 @@ recipes-graphics/xorg-font/font-alias_1.0.3.bb:PR = "${INC_PR}.3"
                    <link linkend='ref-classes-kernel'>kernel</link> class
                    as follows:
                    <literallayout class='monospaced'>
-     KERNEL_IMAGE_BASE_NAME ?= "${KERNEL_IMAGETYPE}-${PKGE}-${PKGV}-${PKGR}-${MACHINE}-${DATETIME}"
+     KERNEL_IMAGE_BASE_NAME ?= "${PKGE}-${PKGV}-${PKGR}-${MACHINE}-${DATETIME}"
                    </literallayout>
                </para>

                <para>
                    See the
-                    <link linkend='var-KERNEL_IMAGETYPE'><filename>KERNEL_IMAGETYPE</filename></link>,
                    <link linkend='var-PKGE'><filename>PKGE</filename></link>,
                    <link linkend='var-PKGV'><filename>PKGV</filename></link>,
                    <link linkend='var-PKGR'><filename>PKGR</filename></link>,
@@ -9070,9 +9122,12 @@ recipes-graphics/xorg-font/font-alias_1.0.3.bb:PR = "${INC_PR}.3"
                    the
                    <link linkend='images-core-image-minimal-initramfs'><filename>core-image-minimal-initramfs</filename></link>
                    image.
-                    When working with an initial RAM disk (initramfs)
+                    When working with an initial RAM filesystem (initramfs)
                    image, use the <filename>PACKAGE_INSTALL</filename>
                    variable.
+                    For information on creating an initramfs, see the
+                    "<ulink url='&YOCTO_DOCS_DEV_URL;#building-an-initramfs-image'>Building an Initial RAM Filesystem (initramfs) Image</ulink>"
+                    section in the Yocto Project Development Manual.
                </para>
            </glossdef>
        </glossentry>
@@ -10621,7 +10676,7 @@ recipes-graphics/xorg-font/font-alias_1.0.3.bb:PR = "${INC_PR}.3"
                    <literallayout class='monospaced'>
     RDEPENDS_${PN} = "<replaceable>package</replaceable> (<replaceable>operator</replaceable> <replaceable>version</replaceable>)"
                    </literallayout>
-                    For <filename>operator</filename>, you can specify the
+                    For <replaceable>operator</replaceable>, you can specify the
                    following:
                    <literallayout class='monospaced'>
     =
@@ -10630,6 +10685,13 @@ recipes-graphics/xorg-font/font-alias_1.0.3.bb:PR = "${INC_PR}.3"
     &lt;=
     &gt;=
                    </literallayout>
+                    For <replaceable>version</replaceable>, provide the version
+                    number.
+                    <note><title>Tip</title>
+                        You can use
+                        <link linkend='var-EXTENDPKGV'><filename>EXTENDPKGV</filename></link>
+                        to provide a full package version specification.
+                    </note>
                    For example, the following sets up a dependency on version
                    1.2 or greater of the package <filename>foo</filename>:
                    <literallayout class='monospaced'>
@@ -12649,9 +12711,22 @@ recipes-graphics/xorg-font/font-alias_1.0.3.bb:PR = "${INC_PR}.3"
                    Specifies the path to the top-level sysroots directory
                    (i.e.
                    <filename>${</filename><link linkend='var-TMPDIR'><filename>TMPDIR</filename></link><filename>}/sysroots</filename>).
+                </para>
+
+                <para>
+                    <filename>STAGING_DIR</filename> contains the directories
+                    that are staged into the sysroot by the
+                    <link linkend='ref-tasks-populate_sysroot'><filename>do_populate_sysroot</filename></link>
+                    task.
+                    See the
+                    <link linkend='var-SYSROOT_DIRS'><filename>SYSROOT_DIRS</filename></link>
+                    variable and the
+                    "<ulink url='&YOCTO_DOCS_DEV_URL;#new-sharing-files-between-recipes'>Sharing Files Between Recipes</ulink>"
+                    section for more information.
                    <note>
                        Recipes should never write files directly under
-                        this directory because the OpenEmbedded build system
+                        the <filename>STAGING_DIR</filename> directory because
+                        the OpenEmbedded build system
                        manages the directory automatically.
                        Instead, files should be installed to
                        <filename>${</filename><link linkend='var-D'><filename>D</filename></link><filename>}</filename>
@@ -14383,6 +14458,10 @@ recipes-graphics/xorg-font/font-alias_1.0.3.bb:PR = "${INC_PR}.3"
                    </literallayout>
                    In this case, a default list of packages is set in this
                    variable, but you can add additional packages to the list.
+                    See the
+                    "<ulink url='&YOCTO_DOCS_SDK_URL;#sdk-adding-individual-packages'>Adding Individual Packages to the Standard SDK</ulink>"
+                    section in the Yocto Project Software Development Kit (SDK)
+                    Developer's Guide for more information.
                </para>

                <para>
@@ -14434,6 +14513,12 @@ recipes-graphics/xorg-font/font-alias_1.0.3.bb:PR = "${INC_PR}.3"
                    uses when it creates the target part of an SDK
                    (i.e. the part built for the target hardware), which
                    includes libraries and headers.
+                    Use this variable to add individual packages to the
+                    part of the SDK that runs on the target.
+                    See the
+                    "<ulink url='&YOCTO_DOCS_SDK_URL;#sdk-adding-individual-packages'>Adding Individual Packages to the Standard SDK</ulink>"
+                    section in the Yocto Project Software Development Kit (SDK)
+                    Developer's Guide for more information.
                </para>

                <para>
@@ -15483,6 +15568,26 @@ recipes-graphics/xorg-font/font-alias_1.0.3.bb:PR = "${INC_PR}.3"
            </glossdef>
        </glossentry>

+        <glossentry id='var-WKS_FILE'><glossterm>WKS_FILE</glossterm>
+            <info>
+               WKS_FILE[doc] = "Specifies the name of the wic kickstart file."
+            </info>
+            <glossdef>
+                <para role="glossdeffirst">
+                    Specifies the location of the Wic
+                    kickstart file that is used by the OpenEmbedded build
+                    system to create a partitioned image
+                    (<replaceable>image</replaceable><filename>.wic</filename>).
+                    For information on how to create a
+                    partitioned image, see the
+                    "<ulink url='&YOCTO_DOCS_DEV_URL;#creating-wic-images-oe'>Creating Partitioned Images</ulink>"
+                    section.
+                    For details on the kickstart file format, see the
+                    "<ulink url='&YOCTO_DOCS_DEV_URL;#openembedded-kickstart-wks-reference'>OpenEmbedded Kickstart (<filename>.wks</filename>) Reference</ulink>.
+                </para>
+            </glossdef>
+        </glossentry>
+
        <glossentry id='var-WORKDIR'><glossterm>WORKDIR</glossterm>
            <info>
               WORKDIR[doc] = "The pathname of the working directory in which the OpenEmbedded build system builds a recipe. This directory is located within the TMPDIR directory structure and changes as different packages are built."
--- a/documentation/sdk-manual/sdk-appendix-customizing-standard.xml
+++ b/documentation/sdk-manual/sdk-appendix-customizing-standard.xml
@@ -0,0 +1,58 @@
+<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
+"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"
+[<!ENTITY % poky SYSTEM "../poky.ent"> %poky; ] >
+
+<appendix id='sdk-appendix-customizing-standard'>
+
+<title>Customizing the Standard SDK</title>
+
+<para>
+    This appendix presents customizations you can apply to the standard SDK.
+</para>
+
+<section id='sdk-adding-individual-packages'>
+    <title>Adding Individual Packages to the Standard SDK</title>
+
+    <para>
+         When you build a standard SDK using the
+         <filename>bitbake -c populate_sdk</filename>, a default set of
+         packages is included in the resulting SDK.
+         The
+         <ulink url='&YOCTO_DOCS_REF_URL;#var-TOOLCHAIN_HOST_TASK'><filename>TOOLCHAIN_HOST_TASK</filename></ulink>
+         and
+         <ulink url='&YOCTO_DOCS_REF_URL;#var-TOOLCHAIN_TARGET_TASK'><filename>TOOLCHAIN_TARGET_TASK</filename></ulink>
+         variables control the set of packages adding to the SDK.
+    </para>
+
+    <para>
+        If you want to add individual packages to the toolchain that runs on
+        the host, simply add those packages to the
+        <filename>TOOLCHAIN_HOST_TASK</filename> variable.
+        Similarly, if you want to add packages to the default set that is
+        part of the toolchain that runs on the target, add the packages to the
+        <filename>TOOLCHAIN_TARGET_TASK</filename> variable.
+    </para>
+</section>
+
+<section id='adding-api-documentation-to-the-standard-sdk'>
+    <title>Adding API Documentation to the Standard SDK</title>
+
+    <para>
+        You can include API documentation as well as any other
+        documentation provided by recipes with the standard SDK by
+        adding "api-documentation" to the
+        <ulink url='&YOCTO_DOCS_REF_URL;#var-DISTRO_FEATURES'><filename>DISTRO_FEATURES</filename></ulink>
+        variable:
+        <literallayout class='monospaced'>
+     DISTRO_FEATURES_append = " api-documentation"
+        </literallayout>
+        Setting this variable as shown here causes the OpenEmbedded build
+        system to build the documentation and then include it in the standard
+        SDK.
+    </para>
+</section>
+
+</appendix>
+<!--
+vim: expandtab tw=80 ts=4
+-->
--- a/documentation/sdk-manual/sdk-appendix-customizing.xml
+++ b/documentation/sdk-manual/sdk-appendix-customizing.xml
@@ -4,12 +4,10 @@

 <appendix id='sdk-appendix-customizing'>

-<title>Customizing the SDK</title>
+<title>Customizing the Extensible SDK</title>

 <para>
-    This appendix presents customizations you can apply to both the standard
-    and extensible SDK.
-    Each subsection identifies the type of SDK to which the section applies.
+    This appendix presents customizations you can apply to the extensible SDK.
 </para>

 <section id='sdk-configuring-the-extensible-sdk'>
--- a/documentation/sdk-manual/sdk-appendix-mars.xml
+++ b/documentation/sdk-manual/sdk-appendix-mars.xml
@@ -72,6 +72,24 @@
                    <listitem><para><emphasis>Launch Eclipse:</emphasis>
                        Double click the "Eclipse" file in the folder to
                        launch Eclipse.
+                        <note>
+                            If you experience a NullPointer Exception after
+                            launch Eclipse or the debugger from within Eclipse,
+                            try adding the following
+                            to your <filename>eclipse.ini</filename> file,
+                            which is located in the directory in which you
+                            unpacked the Eclipse tar file:
+                            <literallayout class='monospaced'>
+     --launcher.GTK_version
+     2
+                            </literallayout>
+                            Alternatively, you can export the
+                            <filename>SWT_GTK</filename> variable in your
+                            shell as follows:
+                            <literallayout class='monospaced'>
+     $ export SWT_GTK3=0
+                            </literallayout>
+                            </note>
                        </para></listitem>
                </orderedlist>
            </para>
--- a/documentation/sdk-manual/sdk-manual.xml
+++ b/documentation/sdk-manual/sdk-manual.xml
@@ -41,6 +41,11 @@
                <date>October 2016</date>
                <revremark>Released with the Yocto Project 2.2 Release.</revremark>
            </revision>
+            <revision>
+                <revnumber>2.2.1</revnumber>
+                <date>January 2017</date>
+                <revremark>Released with the Yocto Project 2.2.1 Release.</revremark>
+            </revision>
       </revhistory>

    <copyright>
@@ -76,6 +81,8 @@

    <xi:include href="sdk-appendix-customizing.xml"/>

+    <xi:include href="sdk-appendix-customizing-standard.xml"/>
+
    <xi:include href="sdk-appendix-mars.xml"/>

 <!--    <index id='index'>
--- a/documentation/toaster-manual/toaster-manual.xml
+++ b/documentation/toaster-manual/toaster-manual.xml
@@ -51,6 +51,11 @@
                <date>October 2016</date>
                <revremark>Released with the Yocto Project 2.2 Release.</revremark>
            </revision>
+            <revision>
+                <revnumber>2.2.1</revnumber>
+                <date>January 2017</date>
+                <revremark>Released with the Yocto Project 2.2.1 Release.</revremark>
+            </revision>
       </revhistory>

    <copyright>
--- a/documentation/tools/mega-manual.sed
+++ b/documentation/tools/mega-manual.sed
@@ -2,32 +2,32 @@
 # This style is for manual folders like "yocto-project-qs" and "poky-ref-manual".
 # This is the old way that did it.  Can't do that now that we have "bitbake-user-manual" strings
 # in the mega-manual.
-# s/\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2\/[a-z]*-[a-z]*-[a-z]*\/[a-z]*-[a-z]*-[a-z]*.html#/\"link\" href=\"#/g
-s/\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2\/yocto-project-qs\/yocto-project-qs.html#/\"link\" href=\"#/g
-s/\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2\/poky-ref-manual\/poky-ref-manual.html#/\"link\" href=\"#/g
+# s/\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2.1\/[a-z]*-[a-z]*-[a-z]*\/[a-z]*-[a-z]*-[a-z]*.html#/\"link\" href=\"#/g
+s/\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2.1\/yocto-project-qs\/yocto-project-qs.html#/\"link\" href=\"#/g
+s/\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2.1\/poky-ref-manual\/poky-ref-manual.html#/\"link\" href=\"#/g

 # Processes all other manuals (<word>-<word> style) except for the BitBake User Manual because
 # it is not included in the mega-manual.
 # This style is for manual folders that use two word, which is the standard now (e.g. "ref-manual").
 # This was the one-liner that worked before we introduced the BitBake User Manual, which is
 # not in the mega-manual.
-# s/\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2\/[a-z]*-[a-z]*\/[a-z]*-[a-z]*.html#/\"link\" href=\"#/g
+# s/\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2.1\/[a-z]*-[a-z]*\/[a-z]*-[a-z]*.html#/\"link\" href=\"#/g

-s/\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2\/sdk-manual\/sdk-manual.html#/\"link\" href=\"#/g
-s/\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2\/bsp-guide\/bsp-guide.html#/\"link\" href=\"#/g
-s/\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2\/dev-manual\/dev-manual.html#/\"link\" href=\"#/g
-s/\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2\/kernel-dev\/kernel-dev.html#/\"link\" href=\"#/g
-s/\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2\/profile-manual\/profile-manual.html#/\"link\" href=\"#/g
-s/\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2\/ref-manual\/ref-manual.html#/\"link\" href=\"#/g
-s/\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2\/toaster-manual\/toaster-manual.html#/\"link\" href=\"#/g
-s/\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2\/yocto-project-qs\/yocto-project-qs.html#/\"link\" href=\"#/g
+s/\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2.1\/sdk-manual\/sdk-manual.html#/\"link\" href=\"#/g
+s/\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2.1\/bsp-guide\/bsp-guide.html#/\"link\" href=\"#/g
+s/\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2.1\/dev-manual\/dev-manual.html#/\"link\" href=\"#/g
+s/\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2.1\/kernel-dev\/kernel-dev.html#/\"link\" href=\"#/g
+s/\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2.1\/profile-manual\/profile-manual.html#/\"link\" href=\"#/g
+s/\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2.1\/ref-manual\/ref-manual.html#/\"link\" href=\"#/g
+s/\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2.1\/toaster-manual\/toaster-manual.html#/\"link\" href=\"#/g
+s/\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2.1\/yocto-project-qs\/yocto-project-qs.html#/\"link\" href=\"#/g

 # Process cases where just an external manual is referenced without an id anchor
-s/<a class=\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2\/yocto-project-qs\/yocto-project-qs.html\" target=\"_top\">Yocto Project Quick Start<\/a>/Yocto Project Quick Start/g
-s/<a class=\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2\/dev-manual\/dev-manual.html\" target=\"_top\">Yocto Project Development Manual<\/a>/Yocto Project Development Manual/g
-s/<a class=\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2\/sdk-manual\/sdk-manual.html\" target=\"_top\">Yocto Project Software Development Kit (SDK) Developer's Guide<\/a>/Yocto Project Software Development Kit (SDK) Developer's Guide/g
-s/<a class=\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2\/bsp-guide\/bsp-guide.html\" target=\"_top\">Yocto Project Board Support Package (BSP) Developer's Guide<\/a>/Yocto Project Board Support Package (BSP) Developer's Guide/g
-s/<a class=\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2\/profile-manual\/profile-manual.html\" target=\"_top\">Yocto Project Profiling and Tracing Manual<\/a>/Yocto Project Profiling and Tracing Manual/g
-s/<a class=\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2\/kernel-dev\/kernel-dev.html\" target=\"_top\">Yocto Project Linux Kernel Development Manual<\/a>/Yocto Project Linux Kernel Development Manual/g
-s/<a class=\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2\/ref-manual\/ref-manual.html\" target=\"_top\">Yocto Project Reference Manual<\/a>/Yocto Project Reference Manual/g
-s/<a class=\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2\/toaster-manual\/toaster-manual.html\" target=\"_top\">Toaster User Manual<\/a>/Toaster User Manual/g
+s/<a class=\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2.1\/yocto-project-qs\/yocto-project-qs.html\" target=\"_top\">Yocto Project Quick Start<\/a>/Yocto Project Quick Start/g
+s/<a class=\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2.1\/dev-manual\/dev-manual.html\" target=\"_top\">Yocto Project Development Manual<\/a>/Yocto Project Development Manual/g
+s/<a class=\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2.1\/sdk-manual\/sdk-manual.html\" target=\"_top\">Yocto Project Software Development Kit (SDK) Developer's Guide<\/a>/Yocto Project Software Development Kit (SDK) Developer's Guide/g
+s/<a class=\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2.1\/bsp-guide\/bsp-guide.html\" target=\"_top\">Yocto Project Board Support Package (BSP) Developer's Guide<\/a>/Yocto Project Board Support Package (BSP) Developer's Guide/g
+s/<a class=\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2.1\/profile-manual\/profile-manual.html\" target=\"_top\">Yocto Project Profiling and Tracing Manual<\/a>/Yocto Project Profiling and Tracing Manual/g
+s/<a class=\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2.1\/kernel-dev\/kernel-dev.html\" target=\"_top\">Yocto Project Linux Kernel Development Manual<\/a>/Yocto Project Linux Kernel Development Manual/g
+s/<a class=\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2.1\/ref-manual\/ref-manual.html\" target=\"_top\">Yocto Project Reference Manual<\/a>/Yocto Project Reference Manual/g
+s/<a class=\"ulink\" href=\"http:\/\/www.yoctoproject.org\/docs\/2.2.1\/toaster-manual\/toaster-manual.html\" target=\"_top\">Toaster User Manual<\/a>/Toaster User Manual/g
--- a/documentation/yocto-project-qs/yocto-project-qs.xml
+++ b/documentation/yocto-project-qs/yocto-project-qs.xml
@@ -312,7 +312,8 @@
                        </para></listitem>
                    <listitem><para><emphasis>OpenSUSE</emphasis>
                        <literallayout class='monospaced'>
-     $ sudo zypper install &OPENSUSE_HOST_PACKAGES_ESSENTIAL; libSDL-devel xterm
+     $ sudo zypper install &OPENSUSE_HOST_PACKAGES_ESSENTIAL; \
+     libSDL-devel xterm
                        </literallayout>
                        </para></listitem>
                    <listitem><para><emphasis>CentOS</emphasis>
@@ -390,8 +391,8 @@
        </para>

        <para>
-            You can try out the Yocto Project using the command-line interface
-            by finishing this quick start, which presents steps that let you
+            To use the Yocto Project through the command-line interface,
+            finish this quick start, which presents steps that let you
            do the following:
            <itemizedlist>
                <listitem><para>
@@ -400,230 +401,239 @@
                    </para></listitem>
                <listitem><para>
                    Easily change configurations so that you can quickly
-                    create a second image, which would be for MinnowBoard
+                    create a second image that you can load onto bootable
+                    media and actually boot target hardware.
+                    This example uses the MinnowBoard
                    MAX-compatible boards.
                    </para></listitem>
            </itemizedlist>
            <note>
-                The steps in this section do not provide detail, but rather
-                provide minimal, working commands and examples designed to
-                just get you started.
+                The steps in the following two sections do not provide detail,
+                but rather provide minimal, working commands and examples
+                designed to just get you started.
                For more details, see the appropriate manuals in the
                <ulink url='&YOCTO_HOME_URL;/documentation'>Yocto Project manual set</ulink>.
            </note>
        </para>

-        <para>
-            Use the following commands to build your image.
-            The OpenEmbedded build system creates an entire Linux
-            distribution, including the toolchain, from source.
-            <note><title>Note about Network Proxies</title>
-                <para>
-                    By default, the build process searches for source code
-                    using a pre-determined order through a set of
-                    locations.
-                    If you are working behind a firewall and your build
-                    host is not set up for proxies, you could encounter
-                    problems with the build process when fetching source
-                    code (e.g. fetcher failures or Git failures).
-                </para>
+        <section id='building-an-image-for-emulation'>
+            <title>Building an Image for Emulation</title>

-                <para>
-                    If you do not know your proxy settings, consult your
-                    local network infrastructure resources and get that
-                    information.
-                    A good starting point could also be to check your web
-                    browser settings.
-                    Finally, you can find more information on using the
-                    Yocto Project behind a firewall in the Yocto Project
-                    Reference Manual
-                    <ulink url='&YOCTO_DOCS_REF_URL;#how-does-the-yocto-project-obtain-source-code-and-will-it-work-behind-my-firewall-or-proxy-server'>FAQ</ulink>
-                    and on the
-                    "<ulink url='https://wiki.yoctoproject.org/wiki/Working_Behind_a_Network_Proxy'>Working Behind a Network Proxy</ulink>"
-                    wiki page.
-                </para>
-            </note>
-        </para>
+            <para>
+                Use the following commands to build your image.
+                The OpenEmbedded build system creates an entire Linux
+                distribution, including the toolchain, from source.
+                <note><title>Note about Network Proxies</title>
+                    <para>
+                        By default, the build process searches for source code
+                        using a pre-determined order through a set of
+                        locations.
+                        If you are working behind a firewall and your build
+                        host is not set up for proxies, you could encounter
+                        problems with the build process when fetching source
+                        code (e.g. fetcher failures or Git failures).
+                    </para>

-        <para>
-            <orderedlist>
-                <listitem><para><emphasis>Be Sure Your Build Host is Set Up:</emphasis>
-                    The steps to build an image in this section depend on
-                    your build host being properly set up.
-                    Be sure you have worked through the requirements
-                    described in the
-                    "<link linkend='yp-resources'>Setting Up to Use the Yocto Project</link>"
-                    section.
-                    </para></listitem>
-                <listitem><para><emphasis>Check Out Your Branch:</emphasis>
-                    Be sure you are in the
-                    <ulink url='&YOCTO_DOCS_DEV_URL;#source-directory'>Source Directory</ulink>
-                    (e.g. <filename>poky</filename>) and then check out
-                    the branch associated with the latest Yocto Project
-                    Release:
-                    <literallayout class='monospaced'>
+                    <para>
+                        If you do not know your proxy settings, consult your
+                        local network infrastructure resources and get that
+                        information.
+                        A good starting point could also be to check your web
+                        browser settings.
+                        Finally, you can find more information on using the
+                        Yocto Project behind a firewall in the Yocto Project
+                        Reference Manual
+                        <ulink url='&YOCTO_DOCS_REF_URL;#how-does-the-yocto-project-obtain-source-code-and-will-it-work-behind-my-firewall-or-proxy-server'>FAQ</ulink>
+                        and on the
+                        "<ulink url='https://wiki.yoctoproject.org/wiki/Working_Behind_a_Network_Proxy'>Working Behind a Network Proxy</ulink>"
+                        wiki page.
+                    </para>
+                </note>
+            </para>
+
+            <para>
+                <orderedlist>
+                    <listitem><para><emphasis>Be Sure Your Build Host is Set Up:</emphasis>
+                        The steps to build an image in this section depend on
+                        your build host being properly set up.
+                        Be sure you have worked through the requirements
+                        described in the
+                        "<link linkend='yp-resources'>Setting Up to Use the Yocto Project</link>"
+                        section.
+                        </para></listitem>
+                    <listitem><para><emphasis>Check Out Your Branch:</emphasis>
+                        Be sure you are in the
+                        <ulink url='&YOCTO_DOCS_DEV_URL;#source-directory'>Source Directory</ulink>
+                        (e.g. <filename>poky</filename>) and then check out
+                        the branch associated with the latest Yocto Project
+                        Release:
+                        <literallayout class='monospaced'>
     $ cd ~/poky
     $ git checkout -b &DISTRO_NAME_NO_CAP; origin/&DISTRO_NAME_NO_CAP;
-                    </literallayout>
-                    Git's <filename>checkout</filename> command checks out
-                    the current Yocto Project release into a local branch
-                    whose name matches the release (i.e.
-                    <filename>&DISTRO_NAME_NO_CAP;</filename>).
-                    The local branch tracks the upstream branch of the
-                    same name.
-                    Creating your own branch based on the released
-                    branch ensures you are using the latest files for
-                    that release.
-                    </para></listitem>
-                <listitem><para><emphasis>Initialize the Build Environment:</emphasis>
-                    Run the
-                    <ulink url='&YOCTO_DOCS_REF_URL;#structure-core-script'><filename>&OE_INIT_FILE;</filename></ulink>
-                    environment setup script to define the OpenEmbedded
-                    build environment on your build host.
-                    <literallayout class='monospaced'>
+                        </literallayout>
+                        Git's <filename>checkout</filename> command checks out
+                        the current Yocto Project release into a local branch
+                        whose name matches the release (i.e.
+                        <filename>&DISTRO_NAME_NO_CAP;</filename>).
+                        The local branch tracks the upstream branch of the
+                        same name.
+                        Creating your own branch based on the released
+                        branch ensures you are using the latest files for
+                        that release.
+                        </para></listitem>
+                    <listitem><para><emphasis>Initialize the Build Environment:</emphasis>
+                        Run the
+                        <ulink url='&YOCTO_DOCS_REF_URL;#structure-core-script'><filename>&OE_INIT_FILE;</filename></ulink>
+                        environment setup script to define the OpenEmbedded
+                        build environment on your build host.
+                        <literallayout class='monospaced'>
     $ source &OE_INIT_FILE;
-                    </literallayout>
-                    Among other things, the script creates the
-                    <ulink url='&YOCTO_DOCS_DEV_URL;#build-directory'>Build Directory</ulink>,
-                    which is <filename>build</filename> in this case
-                    and is located in the
-                    <ulink url='&YOCTO_DOCS_DEV_URL;#source-directory'>Source Directory</ulink>.
-                    After the script runs, your current working directory
-                    is set to the Build Directory.
-                    Later, when the build completes, the Build Directory
-                    contains all the files created during the build.
-                    <note>
-                        For information on running a memory-resident
-                        <ulink url='&YOCTO_DOCS_REF_URL;#usingpoky-components-bitbake'>BitBake</ulink>,
-                        see the
-                        <ulink url='&YOCTO_DOCS_REF_URL;#structure-memres-core-script'><filename>oe-init-build-env-memres</filename></ulink>
-                        setup script.
-                    </note>
-                    </para></listitem>
-                <listitem><para><emphasis>Examine Your Local Configuration File:</emphasis>
-                    When you set up the build environment, a local
-                    configuration file named
-                    <filename>local.conf</filename> becomes available in
-                    a <filename>conf</filename> subdirectory of the
-                    Build Directory.
-                    Before using BitBake to start the build, you can
-                    look at this file and be sure your general
-                    configurations are how you want them:
-                    <itemizedlist>
-                        <listitem><para>
-                            To help conserve disk space during builds,
-                            you can add the following statement to your
-                            project's configuration file, which for this
-                            example is
-                            <filename>poky/build/conf/local.conf</filename>.
-                            Adding this statement deletes the work
-                            directory used for building a recipe once the
-                            recipe is built.
-                            <literallayout class='monospaced'>
+                        </literallayout>
+                        Among other things, the script creates the
+                        <ulink url='&YOCTO_DOCS_DEV_URL;#build-directory'>Build Directory</ulink>,
+                        which is <filename>build</filename> in this case
+                        and is located in the
+                        <ulink url='&YOCTO_DOCS_DEV_URL;#source-directory'>Source Directory</ulink>.
+                        After the script runs, your current working directory
+                        is set to the Build Directory.
+                        Later, when the build completes, the Build Directory
+                        contains all the files created during the build.
+                        <note>
+                            For information on running a memory-resident
+                            <ulink url='&YOCTO_DOCS_REF_URL;#usingpoky-components-bitbake'>BitBake</ulink>,
+                            see the
+                            <ulink url='&YOCTO_DOCS_REF_URL;#structure-memres-core-script'><filename>oe-init-build-env-memres</filename></ulink>
+                            setup script.
+                        </note>
+                        </para></listitem>
+                    <listitem><para><emphasis>Examine Your Local Configuration File:</emphasis>
+                        When you set up the build environment, a local
+                        configuration file named
+                        <filename>local.conf</filename> becomes available in
+                        a <filename>conf</filename> subdirectory of the
+                        Build Directory.
+                        Before using BitBake to start the build, you can
+                        look at this file and be sure your general
+                        configurations are how you want them:
+                        <itemizedlist>
+                            <listitem><para>
+                                To help conserve disk space during builds,
+                                you can add the following statement to your
+                                project's configuration file, which for this
+                                example is
+                                <filename>poky/build/conf/local.conf</filename>.
+                                Adding this statement deletes the work
+                                directory used for building a recipe once the
+                                recipe is built.
+                                <literallayout class='monospaced'>
     INHERIT += "rm_work"
-                            </literallayout>
-                            </para></listitem>
-                        <listitem><para>
-                            By default, the target machine for the build is
-                            <filename>qemux86</filename>,
-                            which produces an image that can be used in
-                            the QEMU emulator and is targeted at an
-                            <trademark class='registered'>Intel</trademark>
-                            32-bit based architecture.
-                            Further on in this example, this default is
-                            easily changed through the
-                            <ulink url='&YOCTO_DOCS_REF_URL;#var-MACHINE'><filename>MACHINE</filename></ulink>
-                            variable so that you can quickly
-                            build an image for a different machine.
-                            </para></listitem>
-                        <listitem><para>
-                            Another consideration before you build is the
-                            package manager used when creating the image.
-                            The default <filename>local.conf</filename>
-                            file selects the RPM package manager.
-                            You can control this configuration by using the
-                            <filename><ulink url='&YOCTO_DOCS_REF_URL;#var-PACKAGE_CLASSES'><filename>PACKAGE_CLASSES</filename></ulink></filename>
-                            variable.</para>
-                            <para>Selection of the package manager is separate
-                            from whether package management is used at runtime
-                            in the target image.</para>
-                            <para>For additional package manager selection
-                            information, see the
-                            "<ulink url='&YOCTO_DOCS_REF_URL;#ref-classes-package'><filename>package.bbclass</filename></ulink>"
-                            section in the Yocto Project Reference Manual.
-                            </para></listitem>
-                    </itemizedlist>
-                    </para></listitem>
-                <listitem><para><emphasis>Start the Build:</emphasis>
-                    Continue with the following command to build an OS image
-                    for the target, which is
-                    <filename>core-image-sato</filename> in this example:
-                    <note>
-                        Depending on the number of processors and cores, the
-                        amount of RAM, the speed of your Internet connection
-                        and other factors, the build process could take several
-                        hours the first time you run it.
-                        Subsequent builds run much faster since parts of the
-                        build are cached.
-                    </note>
-                    <literallayout class='monospaced'>
+                                </literallayout>
+                                </para></listitem>
+                            <listitem><para>
+                                By default, the target machine for the build is
+                                <filename>qemux86</filename>,
+                                which produces an image that can be used in
+                                the QEMU emulator and is targeted at an
+                                <trademark class='registered'>Intel</trademark>
+                                32-bit based architecture.
+                                Further on in this example, this default is
+                                easily changed through the
+                                <ulink url='&YOCTO_DOCS_REF_URL;#var-MACHINE'><filename>MACHINE</filename></ulink>
+                                variable so that you can quickly
+                                build an image for a different machine.
+                                </para></listitem>
+                            <listitem><para>
+                                Another consideration before you build is the
+                                package manager used when creating the image.
+                                The default <filename>local.conf</filename>
+                                file selects the RPM package manager.
+                                You can control this configuration by using the
+                                <filename><ulink url='&YOCTO_DOCS_REF_URL;#var-PACKAGE_CLASSES'><filename>PACKAGE_CLASSES</filename></ulink></filename>
+                                variable.</para>
+                                <para>Selection of the package manager is separate
+                                from whether package management is used at runtime
+                                in the target image.</para>
+                                <para>For additional package manager selection
+                                information, see the
+                                "<ulink url='&YOCTO_DOCS_REF_URL;#ref-classes-package'><filename>package.bbclass</filename></ulink>"
+                                section in the Yocto Project Reference Manual.
+                                </para></listitem>
+                        </itemizedlist>
+                        </para></listitem>
+                    <listitem><para><emphasis>Start the Build:</emphasis>
+                        Continue with the following command to build an OS image
+                        for the target, which is
+                        <filename>core-image-sato</filename> in this example:
+                        <note>
+                            Depending on the number of processors and cores, the
+                            amount of RAM, the speed of your Internet connection
+                            and other factors, the build process could take several
+                            hours the first time you run it.
+                            Subsequent builds run much faster since parts of the
+                            build are cached.
+                        </note>
+                        <literallayout class='monospaced'>
     $ bitbake core-image-sato
-                    </literallayout>
-                    For information on using the
-                    <filename>bitbake</filename> command, see the
-                    "<ulink url='&YOCTO_DOCS_REF_URL;#usingpoky-components-bitbake'>BitBake</ulink>"
-                    section in the Yocto Project Reference Manual, or see the
-                    "<ulink url='&YOCTO_DOCS_BB_URL;#bitbake-user-manual-command'>BitBake Command</ulink>"
-                    section in the BitBake User Manual.
-                    For information on other targets, see the
-                    "<ulink url='&YOCTO_DOCS_REF_URL;#ref-images'>Images</ulink>"
-                    chapter in the Yocto Project Reference Manual.
-                    </para></listitem>
-                <listitem><para><emphasis>Simulate Your Image Using QEMU:</emphasis>
-                    Once this particular image is built, you can start QEMU
-                    and run the image:
-                    <literallayout class='monospaced'>
+                        </literallayout>
+                        For information on using the
+                        <filename>bitbake</filename> command, see the
+                        "<ulink url='&YOCTO_DOCS_REF_URL;#usingpoky-components-bitbake'>BitBake</ulink>"
+                        section in the Yocto Project Reference Manual, or see the
+                        "<ulink url='&YOCTO_DOCS_BB_URL;#bitbake-user-manual-command'>BitBake Command</ulink>"
+                        section in the BitBake User Manual.
+                        For information on other targets, see the
+                        "<ulink url='&YOCTO_DOCS_REF_URL;#ref-images'>Images</ulink>"
+                        chapter in the Yocto Project Reference Manual.
+                        </para></listitem>
+                    <listitem><para><emphasis>Simulate Your Image Using QEMU:</emphasis>
+                        Once this particular image is built, you can start QEMU
+                        and run the image:
+                        <literallayout class='monospaced'>
     $ runqemu qemux86
-                    </literallayout>
-                    If you want to learn more about running QEMU, see the
-                    "<ulink url="&YOCTO_DOCS_DEV_URL;#dev-manual-qemu">Using the Quick EMUlator (QEMU)</ulink>"
-                    chapter in the Yocto Project Development Manual.
-                    </para></listitem>
-                <listitem><para><emphasis>Exit QEMU:</emphasis>
-                    Exit QEMU by either clicking on the shutdown icon or by
-                    opening a terminal, typing
-                    <filename>poweroff</filename>, and then pressing "Enter".
-                    </para></listitem>
-            </orderedlist>
-        </para>
+                        </literallayout>
+                        If you want to learn more about running QEMU, see the
+                        "<ulink url="&YOCTO_DOCS_DEV_URL;#dev-manual-qemu">Using the Quick EMUlator (QEMU)</ulink>"
+                        chapter in the Yocto Project Development Manual.
+                        </para></listitem>
+                    <listitem><para><emphasis>Exit QEMU:</emphasis>
+                        Exit QEMU by either clicking on the shutdown icon or by
+                        opening a terminal, typing
+                        <filename>poweroff</filename>, and then pressing "Enter".
+                        </para></listitem>
+                </orderedlist>
+            </para>
+        </section>

-        <para id='qs-minnowboard-example'>
-            The following steps show how easy it is to set up to build an
-            image for a new machine.
-            These steps build an image for the MinnowBoard MAX, which is
-            supported by the Yocto Project and the
-            <filename>meta-intel</filename> <filename>intel-corei7-64</filename>
-            and <filename>intel-core2-32</filename> Board Support Packages
-            (BSPs).
-            <note>
-                The MinnowBoard MAX ships with 64-bit firmware.
-                If you want to use the board in 32-bit mode, you must
-                download the
-                <ulink url='http://firmware.intel.com/projects/minnowboard-max'>32-bit firmware</ulink>.
-            </note>
-        </para>
+        <section id='building-an-image-for-hardware'>
+            <title>Building an Image for Hardware</title>

-        <para>
-            <orderedlist>
-                <listitem><para><emphasis>Create a Local Copy of the
-                    <filename>meta-intel</filename> Repository:</emphasis>
-                    Building an image for the MinnowBoard MAX requires the
-                    <filename>meta-intel</filename> layer.
-                    Use the <filename>git clone</filename> command to create
-                    a local copy of the repository inside your
-                    <ulink url='&YOCTO_DOCS_DEV_URL;#source-directory'>Source Directory</ulink>,
-                    which is <filename>poky</filename> in this example:
-                    <literallayout class='monospaced'>
+            <para id='qs-minnowboard-example'>
+                The following steps show how easy it is to set up to build an
+                image for a new machine.
+                These steps build an image for the MinnowBoard MAX, which is
+                supported by the Yocto Project and the
+                <filename>meta-intel</filename> <filename>intel-corei7-64</filename>
+                and <filename>intel-core2-32</filename> Board Support Packages
+                (BSPs).
+                <note>
+                    The MinnowBoard MAX ships with 64-bit firmware.
+                    If you want to use the board in 32-bit mode, you must
+                    download the
+                    <ulink url='http://firmware.intel.com/projects/minnowboard-max'>32-bit firmware</ulink>.
+                </note>
+            </para>
+
+            <para>
+                <orderedlist>
+                    <listitem><para><emphasis>Create a Local Copy of the
+                        <filename>meta-intel</filename> Repository:</emphasis>
+                        Building an image for the MinnowBoard MAX requires the
+                        <filename>meta-intel</filename> layer.
+                        Use the <filename>git clone</filename> command to create
+                        a local copy of the repository inside your
+                        <ulink url='&YOCTO_DOCS_DEV_URL;#source-directory'>Source Directory</ulink>,
+                        which is <filename>poky</filename> in this example:
+                        <literallayout class='monospaced'>
     $ cd $HOME/poky
     $ git clone git://git.yoctoproject.org/meta-intel
     Cloning into 'meta-intel'...
@@ -633,137 +643,133 @@
     remote: Total 11988 (delta 6881), reused 11752 (delta 6645)
     Resolving deltas: 100% (6881/6881), done.
     Checking connectivity... done.
-                    </literallayout>
-                    By default when you clone a Git repository, the
-                    "master" branch is checked out.
-                    Before you build your image that uses the
-                    <filename>meta-intel</filename> layer, you must be
-                    sure that both repositories
-                    (<filename>meta-intel</filename> and
-                    <filename>poky</filename>) are using the same releases.
-                    Consequently, you need to checkout out the
-                    "<filename>&DISTRO_NAME_NO_CAP;</filename>" release after
-                    cloning <filename>meta-intel</filename>:
-                    <literallayout class='monospaced'>
+                        </literallayout>
+                        By default when you clone a Git repository, the
+                        "master" branch is checked out.
+                        Before you build your image that uses the
+                        <filename>meta-intel</filename> layer, you must be
+                        sure that both repositories
+                        (<filename>meta-intel</filename> and
+                        <filename>poky</filename>) are using the same releases.
+                        Consequently, you need to checkout out the
+                        "<filename>&DISTRO_NAME_NO_CAP;</filename>" release after
+                        cloning <filename>meta-intel</filename>:
+                        <literallayout class='monospaced'>
     $ cd $HOME/poky/meta-intel
     $ git checkout &DISTRO_NAME_NO_CAP;
     Branch &DISTRO_NAME_NO_CAP; set up to track remote branch &DISTRO_NAME_NO_CAP; from origin.
     Switched to a new branch '&DISTRO_NAME_NO_CAP;'
-                    </literallayout>
-                    </para></listitem>
-                <listitem><para><emphasis>Configure the Build:</emphasis>
-                    To configure the build, you edit the
-                    <filename>bblayers.conf</filename> and
-                    <filename>local.conf</filename> files, both of which are
-                    located in the <filename>build/conf</filename> directory.
-                    </para>
+                        </literallayout>
+                        </para></listitem>
+                    <listitem><para><emphasis>Configure the Build:</emphasis>
+                        To configure the build, you edit the
+                        <filename>bblayers.conf</filename> and
+                        <filename>local.conf</filename> files, both of which are
+                        located in the <filename>build/conf</filename> directory.
+                        </para>

-                    <para>Here is a quick way to make the edits.
-                    The first command uses the
-                    <filename>bitbake-layers add-layer</filename> command
-                    to add the <filename>meta-intel</filename>
-                    layer, which contains the <filename>intel-core*</filename>
-                    BSPs to the build.
-                    The second command selects the BSP by setting the
-                    <ulink url='&YOCTO_DOCS_REF_URL;#var-MACHINE'><filename>MACHINE</filename></ulink>
-                    variable.
-                    <literallayout class='monospaced'>
+                        <para>Here is a quick way to make the edits.
+                        The first command uses the
+                        <filename>bitbake-layers add-layer</filename> command
+                        to add the <filename>meta-intel</filename>
+                        layer, which contains the <filename>intel-core*</filename>
+                        BSPs to the build.
+                        The second command selects the BSP by setting the
+                        <ulink url='&YOCTO_DOCS_REF_URL;#var-MACHINE'><filename>MACHINE</filename></ulink>
+                        variable.
+                        <literallayout class='monospaced'>
     $ cd $HOME/poky/build
     $ bitbake-layers add-layer "$HOME/poky/meta-intel"
     $ echo 'MACHINE = "intel-corei7-64"' >> conf/local.conf
-                    </literallayout>
-                    <note><title>Notes</title>
-                    <para>
-                        If you want a 64-bit build, use the following:
-                        <literallayout class='monospaced'>
+                        </literallayout>
+                        <note><title>Notes</title>
+                        <para>
+                            If you want a 64-bit build, use the following:
+                            <literallayout class='monospaced'>
     $ echo 'MACHINE = "intel-corei7-64"' >> conf/local.conf
-                        </literallayout>
-                    </para>
+                            </literallayout>
+                        </para>

-                    <para>
-                        If you want 32-bit images, use the following:
-                        <literallayout class='monospaced'>
+                        <para>
+                            If you want 32-bit images, use the following:
+                            <literallayout class='monospaced'>
     $ echo 'MACHINE = "intel-core2-32"' >> conf/local.conf
-                        </literallayout>
-                    </para>
-                    </note>
-                    </para></listitem>
-                <listitem><para><emphasis>Build an Image for MinnowBoard MAX:</emphasis>
-                    The type of image you build depends on your goals.
-                    For example, the previous build created a
-                    <filename>core-image-sato</filename> image, which is an
-                    image with Sato support.
-                    It is possible to build many image types for the
-                    MinnowBoard MAX.
-                    Some possibilities are <filename>core-image-base</filename>,
-                    which is a console-only image.
-                    Another choice could be a
-                    <filename>core-image-full-cmdline</filename>, which is
-                    another console-only image but has more full-features
-                    Linux system functionality installed.
-                    For types of images you can build using the Yocto
-                    Project, see the
-                    "<ulink url='&YOCTO_DOCS_REF_URL;#ref-images'>Images</ulink>"
-                    chapter in the Yocto Project Reference Manual.</para>
-                    <para>Because configuration changes are minimal to set up
-                    for this second build, the OpenEmbedded build system can
-                    re-use files from previous builds as much as possible.
-                    Re-using files means this second build will be much faster
-                    than an initial build.
-                    For this example, the <filename>core-image-base</filename>
-                    image is built:
-                    <literallayout class='monospaced'>
+                            </literallayout>
+                        </para>
+                        </note>
+                        </para></listitem>
+                    <listitem><para><emphasis>Build an Image for MinnowBoard MAX:</emphasis>
+                        The type of image you build depends on your goals.
+                        For example, the previous build created a
+                        <filename>core-image-sato</filename> image, which is an
+                        image with Sato support.
+                        It is possible to build many image types for the
+                        MinnowBoard MAX.
+                        Some possibilities are <filename>core-image-base</filename>,
+                        which is a console-only image.
+                        Another choice could be a
+                        <filename>core-image-full-cmdline</filename>, which is
+                        another console-only image but has more full-features
+                        Linux system functionality installed.
+                        For types of images you can build using the Yocto
+                        Project, see the
+                        "<ulink url='&YOCTO_DOCS_REF_URL;#ref-images'>Images</ulink>"
+                        chapter in the Yocto Project Reference Manual.</para>
+                        <para>Because configuration changes are minimal to set up
+                        for this second build, the OpenEmbedded build system can
+                        re-use files from previous builds as much as possible.
+                        Re-using files means this second build will be much faster
+                        than an initial build.
+                        For this example, the <filename>core-image-base</filename>
+                        image is built:
+                        <literallayout class='monospaced'>
     $ bitbake core-image-base
-                    </literallayout>
-                    Once the build completes, the resulting console-only image
-                    is located in the Build Directory here:
-                    <literallayout class='monospaced'>
-     tmp/deploy/images/intel-corei7-64/core-image-base-intel-corei7-64.hddimg
-                    </literallayout>
-                    </para></listitem>
-                <listitem><para><emphasis>Write the Image:</emphasis>
-                    You can write the image to a USB key, SATA drive, or SD
-                    card by using the <filename>mkefidisk.sh</filename> script,
-                    which is included in the <filename>poky</filename>
-                    repository at
-                    <filename>scripts/contrib/mkefidisk.sh</filename>:
-                    <literallayout class='monospaced'>
-     $ sudo $HOME/source/poky/scripts/contrib/mkefidisk.sh <replaceable>HOST_DEVICE</replaceable> \
-        tmp/deploy/images/intel-corei7-64/core-image-base-intel-corei7-64.hddimg <replaceable>TARGET_DEVICE</replaceable>
-                    </literallayout>
-                    In the previous command,
-                    <replaceable>HOST_DEVICE</replaceable> is the device node
-                    on the build host (e.g. <filename>/dev/sdc</filename> or
-                    <filename>/dev/mmcblk0</filename>).
-                    <replaceable>TARGET_DEVICE</replaceable> is the name of the
-                    device as the MinnowBoard MAX sees it (e.g.
-                    <filename>/dev/sda</filename> or
-                    <filename>/dev/mmcblk0</filename>).
-                    </para></listitem>
-                <listitem><para><emphasis>Boot the Hardware:</emphasis>
-                    With the boot device provisioned, you can insert the
-                    media into the MinnowBoard MAX and boot the hardware.
-                    The board should automatically detect the media and boot to
-                    the bootloader and subsequently the operating system.
-                    </para>
+                        </literallayout>
+                        Once the build completes, the resulting console-only image
+                        is located in the Build Directory here:
+                        <literallayout class='monospaced'>
+     tmp/deploy/images/intel-corei7-64/core-image-base-intel-corei7-64.wic
+                        </literallayout>
+                        </para></listitem>
+                    <listitem><para><emphasis>Write the Image:</emphasis>
+                        You can write the image just built to a bootable media
+                        (e.g. a USB key, SATA drive, SD card, etc.) using the
+                        <filename>dd</filename> utility:
+                        <literallayout class='monospaced'>
+     $ sudo dd if=tmp/deploy/images/intel-corei7-64/core-image-base-intel-corei7-64.wic of=TARGET_DEVICE
+                        </literallayout>
+                        In the previous command, the
+                        <filename>TARGET_DEVICE</filename> is the device node in
+                        the host machine (e.g. <filename>/dev/sdc</filename>, which
+                        is most likely a USB stick, or
+                        <filename>/dev/mmcblk0</filename>, which is most likely an
+                        SD card).
+                        </para></listitem>
+                    <listitem><para><emphasis>Boot the Hardware:</emphasis>
+                        With the boot device provisioned, you can insert the
+                        media into the MinnowBoard MAX and boot the hardware.
+                        The board should automatically detect the media and boot to
+                        the bootloader and subsequently the operating system.
+                        </para>

-                    <para>If the board does not boot automatically, you can
-                    boot it manually from the EFI shell as follows:
-                    <literallayout class='monospaced'>
+                        <para>If the board does not boot automatically, you can
+                        boot it manually from the EFI shell as follows:
+                        <literallayout class='monospaced'>
     Shell> connect -r
     Shell> map -r
     Shell> fs0:
     Shell> bootx64
-                    </literallayout>
-                    <note>
-                        For a 32-bit image use the following:
-                        <literallayout class='monospaced'>
-     Shell> bootia32
                        </literallayout>
-                    </note>
-                    </para></listitem>
-            </orderedlist>
-        </para>
+                        <note>
+                            For a 32-bit image use the following:
+                            <literallayout class='monospaced'>
+     Shell> bootia32
+                            </literallayout>
+                        </note>
+                        </para></listitem>
+                </orderedlist>
+            </para>
+        </section>
    </section>

    <section id='qs-next-steps'>
--- a/meta-poky/conf/distro/poky.conf
+++ b/meta-poky/conf/distro/poky.conf
@@ -1,6 +1,6 @@
 DISTRO = "poky"
 DISTRO_NAME = "Poky (Yocto Project Reference Distro)"
-DISTRO_VERSION = "2.2"
+DISTRO_VERSION = "2.2.1"
 DISTRO_CODENAME = "morty"
 SDK_VENDOR = "-pokysdk"
 SDK_VERSION := "${@'${DISTRO_VERSION}'.replace('snapshot-${DATE}','snapshot')}"
--- a/meta-yocto-bsp/lib/oeqa/controllers/edgeroutertarget.py
+++ b/meta-yocto-bsp/lib/oeqa/controllers/edgeroutertarget.py
@@ -44,7 +44,7 @@ class EdgeRouterTarget(MasterImageHardwareTarget):
    def __init__(self, d):
        super(EdgeRouterTarget, self).__init__(d)

-	self.image_fstype = self.get_image_fstype(d)
+        self.image_fstype = self.get_image_fstype(d)
        self.deploy_cmds = [
                'mount -L boot /boot',
                'mkdir -p /mnt/testrootfs',
--- a/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_4.1.bbappend
+++ b/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_4.1.bbappend
@@ -7,11 +7,11 @@ KBRANCH_mpc8315e-rdb = "standard/fsl-mpc8315e-rdb"
 KMACHINE_genericx86 ?= "common-pc"
 KMACHINE_genericx86-64 ?= "common-pc-64"

-SRCREV_machine_genericx86    ?= "a38cb202738a2b055ac216b3699cc9377edea45a"
-SRCREV_machine_genericx86-64 ?= "a38cb202738a2b055ac216b3699cc9377edea45a"
-SRCREV_machine_edgerouter ?= "a38cb202738a2b055ac216b3699cc9377edea45a"
-SRCREV_machine_beaglebone ?= "3e064525c427e128d08ea599ea3247e2963b54a5"
-SRCREV_machine_mpc8315e-rdb ?= "a38cb202738a2b055ac216b3699cc9377edea45a"
+SRCREV_machine_genericx86    ?= "fec49247816d7045aa8abe0047bcd4737af9a853"
+SRCREV_machine_genericx86-64 ?= "fec49247816d7045aa8abe0047bcd4737af9a853"
+SRCREV_machine_edgerouter ?= "fec49247816d7045aa8abe0047bcd4737af9a853"
+SRCREV_machine_beaglebone ?= "938cc4ac8d36f166c9e2e0517d6ffd6d278fe631"
+SRCREV_machine_mpc8315e-rdb ?= "fec49247816d7045aa8abe0047bcd4737af9a853"

 COMPATIBLE_MACHINE_genericx86 = "genericx86"
 COMPATIBLE_MACHINE_genericx86-64 = "genericx86-64"
@@ -19,8 +19,8 @@ COMPATIBLE_MACHINE_edgerouter = "edgerouter"
 COMPATIBLE_MACHINE_beaglebone = "beaglebone"
 COMPATIBLE_MACHINE_mpc8315e-rdb = "mpc8315e-rdb"

-LINUX_VERSION_genericx86 = "4.1.33"
-LINUX_VERSION_genericx86-64 = "4.1.33"
-LINUX_VERSION_edgerouter = "4.1.33"
-LINUX_VERSION_beaglebone = "4.1.33"
-LINUX_VERSION_mpc8315e-rdb = "4.1.33"
+LINUX_VERSION_genericx86 = "4.1.36"
+LINUX_VERSION_genericx86-64 = "4.1.36"
+LINUX_VERSION_edgerouter = "4.1.36"
+LINUX_VERSION_beaglebone = "4.1.36"
+LINUX_VERSION_mpc8315e-rdb = "4.1.36"
--- a/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_4.4.bbappend
+++ b/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_4.4.bbappend
@@ -7,11 +7,11 @@ KBRANCH_edgerouter = "standard/edgerouter"
 KBRANCH_beaglebone = "standard/beaglebone"
 KBRANCH_mpc8315e-rdb = "standard/fsl-mpc8315e-rdb"

-SRCREV_machine_genericx86    ?= "f4e52341c304e044dbe581a35aad6b930c9410d1"
-SRCREV_machine_genericx86-64 ?= "f4e52341c304e044dbe581a35aad6b930c9410d1"
-SRCREV_machine_edgerouter ?= "f4e52341c304e044dbe581a35aad6b930c9410d1"
-SRCREV_machine_beaglebone ?= "f4e52341c304e044dbe581a35aad6b930c9410d1"
-SRCREV_machine_mpc8315e-rdb ?= "50e000bc5fce1e04a1a3aea5ffc57c3d5fd71e72"
+SRCREV_machine_genericx86    ?= "35482df5d5ba0807eb8a7c40b554bd657e3f9987"
+SRCREV_machine_genericx86-64 ?= "35482df5d5ba0807eb8a7c40b554bd657e3f9987"
+SRCREV_machine_edgerouter ?= "35482df5d5ba0807eb8a7c40b554bd657e3f9987"
+SRCREV_machine_beaglebone ?= "35482df5d5ba0807eb8a7c40b554bd657e3f9987"
+SRCREV_machine_mpc8315e-rdb ?= "772f071dbdd4b813c921058ddf9cba207237228b"

 COMPATIBLE_MACHINE_genericx86 = "genericx86"
 COMPATIBLE_MACHINE_genericx86-64 = "genericx86-64"
@@ -19,8 +19,8 @@ COMPATIBLE_MACHINE_edgerouter = "edgerouter"
 COMPATIBLE_MACHINE_beaglebone = "beaglebone"
 COMPATIBLE_MACHINE_mpc8315e-rdb = "mpc8315e-rdb"

-LINUX_VERSION_genericx86 = "4.4.22"
-LINUX_VERSION_genericx86-64 = "4.4.22"
-LINUX_VERSION_edgerouter = "4.4.22"
-LINUX_VERSION_beaglebone = "4.4.22"
-LINUX_VERSION_mpc8315e-rdb = "4.4.22"
+LINUX_VERSION_genericx86 = "4.4.36"
+LINUX_VERSION_genericx86-64 = "4.4.36"
+LINUX_VERSION_edgerouter = "4.4.36"
+LINUX_VERSION_beaglebone = "4.4.36"
+LINUX_VERSION_mpc8315e-rdb = "4.4.36"
--- a/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_4.8.bbappend
+++ b/meta-yocto-bsp/recipes-kernel/linux/linux-yocto_4.8.bbappend
@@ -7,11 +7,11 @@ KBRANCH_edgerouter = "standard/edgerouter"
 KBRANCH_beaglebone = "standard/beaglebone"
 KBRANCH_mpc8315e-rdb = "standard/fsl-mpc8315e-rdb"

-SRCREV_machine_genericx86    ?= "67813e7efa3a4614e209c2f058d92ef9a636441a"
-SRCREV_machine_genericx86-64 ?= "67813e7efa3a4614e209c2f058d92ef9a636441a"
-SRCREV_machine_edgerouter ?= "67813e7efa3a4614e209c2f058d92ef9a636441a"
-SRCREV_machine_beaglebone ?= "67813e7efa3a4614e209c2f058d92ef9a636441a"
-SRCREV_machine_mpc8315e-rdb ?= "4c9e17100b1f8ce45a60ad8984c12b00febbc685"
+SRCREV_machine_genericx86    ?= "021b4aef55b44597587a1ce5879be642b3dca155"
+SRCREV_machine_genericx86-64 ?= "021b4aef55b44597587a1ce5879be642b3dca155"
+SRCREV_machine_edgerouter ?= "6076f16536329465b62bd2037b8582a5e18f85d1"
+SRCREV_machine_beaglebone ?= "85dc85153cd7e3b72d34f967c4c0edde590c79a8"
+SRCREV_machine_mpc8315e-rdb ?= "f73222eb3bbd07a45564397a88dec554e848da7d"

 COMPATIBLE_MACHINE_genericx86 = "genericx86"
 COMPATIBLE_MACHINE_genericx86-64 = "genericx86-64"
@@ -19,8 +19,8 @@ COMPATIBLE_MACHINE_edgerouter = "edgerouter"
 COMPATIBLE_MACHINE_beaglebone = "beaglebone"
 COMPATIBLE_MACHINE_mpc8315e-rdb = "mpc8315e-rdb"

-LINUX_VERSION_genericx86 = "4.8"
-LINUX_VERSION_genericx86-64 = "4.8"
-LINUX_VERSION_edgerouter = "4.8"
-LINUX_VERSION_beaglebone = "4.8"
-LINUX_VERSION_mpc8315e-rdb = "4.8"
+LINUX_VERSION_genericx86 = "4.8.12"
+LINUX_VERSION_genericx86-64 = "4.8.12"
+LINUX_VERSION_edgerouter = "4.8.12"
+LINUX_VERSION_beaglebone = "4.8.12"
+LINUX_VERSION_mpc8315e-rdb = "4.8.12"
--- a/meta/classes/archiver.bbclass
+++ b/meta/classes/archiver.bbclass
@@ -125,7 +125,7 @@ python () {
 # (e.g. git repositories) is "unpacked" and then put into a tarball.
 python do_ar_original() {

-    import shutil, tarfile, tempfile
+    import shutil, tempfile

    if d.getVarFlag('ARCHIVER_MODE', 'src', True) != "original":
        return
@@ -261,13 +261,9 @@ def create_tarball(d, srcdir, suffix, ar_outdir):
        filename = '%s.tar.gz' % d.getVar('PF', True)
    tarname = os.path.join(ar_outdir, filename)

-    srcdir = srcdir.rstrip('/')
-    dirname = os.path.dirname(srcdir)
-    basename = os.path.basename(srcdir)
-    os.chdir(dirname)
    bb.note('Creating %s' % tarname)
    tar = tarfile.open(tarname, 'w:gz')
-    tar.add(basename)
+    tar.add(srcdir, arcname=os.path.basename(srcdir))
    tar.close()

 # creating .diff.gz between source.orig and source
--- a/meta/classes/cmake.bbclass
+++ b/meta/classes/cmake.bbclass
@@ -19,6 +19,8 @@ OECMAKE_C_FLAGS_RELEASE ?= "-DNDEBUG"
 OECMAKE_CXX_FLAGS_RELEASE ?= "-DNDEBUG"
 OECMAKE_C_LINK_FLAGS ?= "${HOST_CC_ARCH} ${TOOLCHAIN_OPTIONS} ${CPPFLAGS} ${LDFLAGS}"
 OECMAKE_CXX_LINK_FLAGS ?= "${HOST_CC_ARCH} ${TOOLCHAIN_OPTIONS} ${CXXFLAGS} ${LDFLAGS}"
+CXXFLAGS += "${HOST_CC_ARCH} ${TOOLCHAIN_OPTIONS}"
+CFLAGS += "${HOST_CC_ARCH} ${TOOLCHAIN_OPTIONS}"

 OECMAKE_RPATH ?= ""
 OECMAKE_PERLNATIVE_DIR ??= ""
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -20,6 +20,10 @@
 # the only method to check against CVEs. Running this tool
 # doesn't guarantee your packages are free of CVEs.

+# The product name that the CVE database uses.  Defaults to BPN, but may need to
+# be overriden per recipe (for example tiff.bb sets CVE_PRODUCT=libtiff).
+CVE_PRODUCT ?= "${BPN}"
+
 CVE_CHECK_DB_DIR ?= "${DL_DIR}/CVE_CHECK"
 CVE_CHECK_DB_FILE ?= "${CVE_CHECK_DB_DIR}/nvd.db"

@@ -39,7 +43,7 @@ CVE_CHECK_PN_WHITELIST = "\

 # Whitelist for CVE and version of package
 CVE_CHECK_CVE_WHITELIST = "{\
-    'CVE-2014-2524': ('6.3',), \
+    'CVE-2014-2524': ('6.3','5.2',), \
 }"

 python do_cve_check () {
@@ -144,7 +148,7 @@ def check_cves(d, patched_cves):

    cves_patched = []
    cves_unpatched = []
-    bpn = d.getVar("BPN", True)
+    bpn = d.getVar("CVE_PRODUCT")
    pv = d.getVar("PV", True).split("git+")[0]
    cves = " ".join(patched_cves)
    cve_db_dir = d.getVar("CVE_CHECK_DB_DIR", True)
--- a/meta/classes/image_types.bbclass
+++ b/meta/classes/image_types.bbclass
@@ -184,7 +184,7 @@ IMAGE_CMD_ubi () {

 IMAGE_CMD_ubifs = "mkfs.ubifs -r ${IMAGE_ROOTFS} -o ${IMGDEPLOYDIR}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.ubifs ${MKUBIFS_ARGS}"

-WKS_FILE ?= "${IMAGE_BASENAME}.${MACHINE}.wks"
+WKS_FILE ??= "${IMAGE_BASENAME}.${MACHINE}.wks"
 WKS_FILES ?= "${WKS_FILE} ${IMAGE_BASENAME}.wks"
 WKS_SEARCH_PATH ?= "${THISDIR}:${@':'.join('%s/scripts/lib/wic/canned-wks' % l for l in '${BBPATH}:${COREBASE}'.split(':'))}"
 WKS_FULL_PATH = "${@wks_search('${WKS_FILES}'.split(), '${WKS_SEARCH_PATH}') or ''}"
--- a/meta/classes/insane.bbclass
+++ b/meta/classes/insane.bbclass
@@ -63,6 +63,8 @@ def package_qa_get_machine_dict(d):
                        "arm" :       (40,     0,    0,          True,          32),
                      },
            "elf" : {
+                        "aarch64" :   (183,    0,    0,          True,          64),
+                        "aarch64_be" :(183,    0,    0,          False,         64),
                        "i586" :      (3,      0,    0,          True,          32),
                        "x86_64":     (62,     0,    0,          True,          64),
                        "epiphany":   (4643,   0,    0,          True,          32),
@@ -647,8 +649,8 @@ def package_qa_check_buildpaths(path, name, d, elf, messages):
        return

    tmpdir = d.getVar('TMPDIR', True)
-    with open(path) as f:
-        file_content = f.read()
+    with open(path, 'rb') as f:
+        file_content = f.read().decode('utf-8', errors='ignore')
        if tmpdir in file_content:
            package_qa_add_message(messages, "buildpaths", "File %s in package contained reference to tmpdir" % package_qa_clean_path(path,d))

@@ -820,6 +822,23 @@ def package_qa_check_staged(path,d):

    return sane

+# Run all package-wide warnfuncs and errorfuncs
+def package_qa_package(warnfuncs, errorfuncs, skip, package, d):
+    warnings = {}
+    errors = {}
+
+    for func in warnfuncs:
+        func(package, d, warnings)
+    for func in errorfuncs:
+        func(package, d, errors)
+
+    for w in warnings:
+        package_qa_handle_error(w, warnings[w], d)
+    for e in errors:
+        package_qa_handle_error(e, errors[e], d)
+
+    return len(errors) == 0
+
 # Walk over all files in a directory and call func
 def package_qa_walk(warnfuncs, errorfuncs, skip, package, d):
    import oe.qa
@@ -983,31 +1002,24 @@ def package_qa_check_deps(pkg, pkgdest, skip, d):
    check_valid_deps('RREPLACES')
    check_valid_deps('RCONFLICTS')

-QAPATHTEST[expanded-d] = "package_qa_check_expanded_d"
-def package_qa_check_expanded_d(path,name,d,elf,messages):
+QAPKGTEST[expanded-d] = "package_qa_check_expanded_d"
+def package_qa_check_expanded_d(package, d, messages):
    """
    Check for the expanded D (${D}) value in pkg_* and FILES
    variables, warn the user to use it correctly.
    """
-
    sane = True
-    expanded_d = d.getVar('D',True)
+    expanded_d = d.getVar('D', True)

-    # Get packages for current recipe and iterate
-    packages = d.getVar('PACKAGES', True).split(" ")
-    for pak in packages:
-    # Go through all variables and check if expanded D is found, warn the user accordingly
-        for var in 'FILES','pkg_preinst', 'pkg_postinst', 'pkg_prerm', 'pkg_postrm':
-            bbvar = d.getVar(var + "_" + pak, False)
-            if bbvar:
-                # Bitbake expands ${D} within bbvar during the previous step, so we check for its expanded value
-                if expanded_d in bbvar:
-                    if var == 'FILES':
-                        package_qa_add_message(messages, "expanded-d", "FILES in %s recipe should not contain the ${D} variable as it references the local build directory not the target filesystem, best solution is to remove the ${D} reference" % pak)
-                        sane = False
-                    else:
-                        package_qa_add_message(messages, "expanded-d", "%s in %s recipe contains ${D}, it should be replaced by $D instead" % (var, pak))
-                        sane = False
+    for var in 'FILES','pkg_preinst', 'pkg_postinst', 'pkg_prerm', 'pkg_postrm':
+        bbvar = d.getVar(var + "_" + package, True) or ""
+        if expanded_d in bbvar:
+            if var == 'FILES':
+                package_qa_add_message(messages, "expanded-d", "FILES in %s recipe should not contain the ${D} variable as it references the local build directory not the target filesystem, best solution is to remove the ${D} reference" % package)
+                sane = False
+            else:
+                package_qa_add_message(messages, "expanded-d", "%s in %s recipe contains ${D}, it should be replaced by $D instead" % (var, package))
+                sane = False
    return sane

 def package_qa_check_encoding(keys, encode, d):
@@ -1115,7 +1127,6 @@ python do_package_qa () {
    if not packages:
        return

-    testmatrix = d.getVarFlags("QAPATHTEST")
    import re
    # The package name matches the [a-z0-9.+-]+ regular expression
    pkgname_pattern = re.compile("^[a-z0-9.+-]+$")
@@ -1125,28 +1136,33 @@ python do_package_qa () {
    for dep in taskdepdata:
        taskdeps.add(taskdepdata[dep][0])

-    g = globals()
    for package in packages:
+        def parse_test_matrix(matrix_name):
+            testmatrix = d.getVarFlags(matrix_name) or {}
+            g = globals()
+            warnchecks = []
+            for w in (d.getVar("WARN_QA", True) or "").split():
+                if w in skip:
+                   continue
+                if w in testmatrix and testmatrix[w] in g:
+                    warnchecks.append(g[testmatrix[w]])
+                if w == 'unsafe-references-in-binaries':
+                    oe.utils.write_ld_so_conf(d)
+
+            errorchecks = []
+            for e in (d.getVar("ERROR_QA", True) or "").split():
+                if e in skip:
+                   continue
+                if e in testmatrix and testmatrix[e] in g:
+                    errorchecks.append(g[testmatrix[e]])
+                if e == 'unsafe-references-in-binaries':
+                    oe.utils.write_ld_so_conf(d)
+            return warnchecks, errorchecks
+
        skip = (d.getVar('INSANE_SKIP_' + package, True) or "").split()
        if skip:
            bb.note("Package %s skipping QA tests: %s" % (package, str(skip)))
-        warnchecks = []
-        for w in (d.getVar("WARN_QA", True) or "").split():
-            if w in skip:
-               continue
-            if w in testmatrix and testmatrix[w] in g:
-                warnchecks.append(g[testmatrix[w]])
-            if w == 'unsafe-references-in-binaries':
-                oe.utils.write_ld_so_conf(d)

-        errorchecks = []
-        for e in (d.getVar("ERROR_QA", True) or "").split():
-            if e in skip:
-               continue
-            if e in testmatrix and testmatrix[e] in g:
-                errorchecks.append(g[testmatrix[e]])
-            if e == 'unsafe-references-in-binaries':
-                oe.utils.write_ld_so_conf(d)

        bb.note("Checking Package: %s" % package)
        # Check package name
@@ -1154,8 +1170,11 @@ python do_package_qa () {
            package_qa_handle_error("pkgname",
                    "%s doesn't match the [a-z0-9.+-]+ regex" % package, d)

-        path = "%s/%s" % (pkgdest, package)
-        package_qa_walk(warnchecks, errorchecks, skip, package, d)
+        warn_checks, error_checks = parse_test_matrix("QAPATHTEST")
+        package_qa_walk(warn_checks, error_checks, skip, package, d)
+
+        warn_checks, error_checks = parse_test_matrix("QAPKGTEST")
+        package_qa_package(warn_checks, error_checks, skip, package, d)

        package_qa_check_rdepends(package, pkgdest, skip, taskdeps, packages, d)
        package_qa_check_deps(package, pkgdest, skip, d)
--- a/meta/classes/kernel-yocto.bbclass
+++ b/meta/classes/kernel-yocto.bbclass
@@ -149,12 +149,18 @@ do_kernel_metadata() {
 	elements="`echo -n ${bsp_definition} ${sccs} ${patches} ${KERNEL_FEATURES}`"
 	if [ -n "${elements}" ]; then
 		scc --force -o ${S}/${meta_dir}:cfg,meta ${includes} ${bsp_definition} ${sccs} ${patches} ${KERNEL_FEATURES}
+		if [ $? -ne 0 ]; then
+			bbfatal_log "Could not generate configuration queue for ${KMACHINE}."
+		fi
 	fi

 	# run2: only generate patches for elements that have been passed on the SRC_URI
 	elements="`echo -n ${sccs} ${patches} ${KERNEL_FEATURES}`"
 	if [ -n "${elements}" ]; then
 		scc --force -o ${S}/${meta_dir}:patch --cmds patch ${includes} ${sccs} ${patches} ${KERNEL_FEATURES}
+		if [ $? -ne 0 ]; then
+			bbfatal_log "Could not generate configuration queue for ${KMACHINE}."
+		fi
 	fi
 }

--- a/meta/classes/kernel.bbclass
+++ b/meta/classes/kernel.bbclass
@@ -43,12 +43,12 @@ python __anonymous () {
    typeformake = re.sub(r'\.gz', '', types)
    d.setVar('KERNEL_IMAGETYPE_FOR_MAKE', typeformake)

-    for type in typeformake.split():
+    for type in types.split():
        typelower = type.lower()

        d.appendVar('PACKAGES', ' ' + 'kernel-image-' + typelower)

-        d.setVar('FILES_kernel-image-' + typelower, '/boot/' + type + '*')
+        d.setVar('FILES_kernel-image-' + typelower, '/boot/' + type + '-${KERNEL_VERSION_NAME}')

        d.appendVar('RDEPENDS_kernel-image', ' ' + 'kernel-image-' + typelower)

@@ -165,7 +165,7 @@ copy_initramfs() {
 	mkdir -p ${B}/usr
 	# Find and use the first initramfs image archive type we find
 	rm -f ${B}/usr/${INITRAMFS_IMAGE}-${MACHINE}.cpio
-	for img in cpio.gz cpio.lz4 cpio.lzo cpio.lzma cpio.xz; do
+	for img in cpio cpio.gz cpio.lz4 cpio.lzo cpio.lzma cpio.xz; do
 		if [ -e "${DEPLOY_DIR_IMAGE}/${INITRAMFS_IMAGE}-${MACHINE}.$img" ]; then
 			cp ${DEPLOY_DIR_IMAGE}/${INITRAMFS_IMAGE}-${MACHINE}.$img ${B}/usr/.
 			case $img in
@@ -235,12 +235,6 @@ do_bundle_initramfs () {
 				mv -f ${KERNEL_OUTPUT_DIR}/$type.bak ${KERNEL_OUTPUT_DIR}/$type
 			fi
 		done
-		# Update install area
-		for type in ${KERNEL_IMAGETYPES} ; do
-			echo "There is kernel image bundled with initramfs: ${B}/${KERNEL_OUTPUT_DIR}/$type.initramfs"
-			install -m 0644 ${B}/${KERNEL_OUTPUT_DIR}/$type.initramfs ${D}/boot/$type-initramfs-${MACHINE}.bin
-			echo "${B}/${KERNEL_OUTPUT_DIR}/$type.initramfs"
-		done
 	fi
 }
 do_bundle_initramfs[dirs] = "${B}"
@@ -270,6 +264,7 @@ kernel_do_compile() {
 		oe_runmake ${typeformake} CC="${KERNEL_CC}" LD="${KERNEL_LD}" ${KERNEL_EXTRA_ARGS} $use_alternate_initrd
 		for type in ${KERNEL_IMAGETYPES} ; do
 			if test "${typeformake}.gz" = "${type}"; then
+				mkdir -p "${KERNEL_OUTPUT_DIR}"
 				gzip -9c < "${typeformake}" > "${KERNEL_OUTPUT_DIR}/${type}"
 				break;
 			fi
@@ -486,7 +481,7 @@ FILES_${PN} = ""
 FILES_kernel-base = "/lib/modules/${KERNEL_VERSION}/modules.order /lib/modules/${KERNEL_VERSION}/modules.builtin"
 FILES_kernel-image = ""
 FILES_kernel-dev = "/boot/System.map* /boot/Module.symvers* /boot/config* ${KERNEL_SRC_PATH} /lib/modules/${KERNEL_VERSION}/build"
-FILES_kernel-vmlinux = "/boot/vmlinux*"
+FILES_kernel-vmlinux = "/boot/vmlinux-${KERNEL_VERSION_NAME}"
 FILES_kernel-modules = ""
 RDEPENDS_kernel = "kernel-base"
 # Allow machines to override this dependency if kernel image files are
--- a/meta/classes/license.bbclass
+++ b/meta/classes/license.bbclass
@@ -351,6 +351,8 @@ def copy_license_files(lic_files_paths, destdir):
            dst = os.path.join(destdir, basename)
            if os.path.exists(dst):
                os.remove(dst)
+            if os.path.islink(src):
+                src = os.path.realpath(src)
            canlink = os.access(src, os.W_OK) and (os.stat(src).st_dev == os.stat(destdir).st_dev)
            if canlink:
                try:
--- a/meta/classes/nativesdk.bbclass
+++ b/meta/classes/nativesdk.bbclass
@@ -97,3 +97,5 @@ do_populate_sysroot[stamp-extra-info] = ""
 do_packagedata[stamp-extra-info] = ""

 USE_NLS = "${SDKUSE_NLS}"
+
+OLDEST_KERNEL = "${SDK_OLDEST_KERNEL}"
--- a/meta/classes/populate_sdk_base.bbclass
+++ b/meta/classes/populate_sdk_base.bbclass
@@ -89,11 +89,6 @@ POPULATE_SDK_POST_HOST_COMMAND_append = " write_host_sdk_manifest; "
 SDK_PACKAGING_COMMAND = "${@'${SDK_PACKAGING_FUNC};' if '${SDK_PACKAGING_FUNC}' else ''}"
 SDK_POSTPROCESS_COMMAND = " create_sdk_files; check_sdk_sysroots; tar_sdk; ${SDK_PACKAGING_COMMAND} "

-# Some archs override this, we need the nativesdk version
-# turns out this is hard to get from the datastore due to TRANSLATED_TARGET_ARCH
-# manipulation.
-SDK_OLDEST_KERNEL = "3.2.0"
-
 def populate_sdk_common(d):
    from oe.sdk import populate_sdk
    from oe.manifest import create_manifest, Manifest
@@ -223,7 +218,7 @@ EOF
 		-e 's#@SDKEXTPATH@#${SDKEXTPATH}#g' \
 		-e 's#@OLDEST_KERNEL@#${SDK_OLDEST_KERNEL}#g' \
 		-e 's#@REAL_MULTIMACH_TARGET_SYS@#${REAL_MULTIMACH_TARGET_SYS}#g' \
-		-e 's#@SDK_TITLE@#${SDK_TITLE}#g' \
+		-e 's#@SDK_TITLE@#${@d.getVar("SDK_TITLE", True).replace('&', '\&')}#g' \
 		-e 's#@SDK_VERSION@#${SDK_VERSION}#g' \
 		-e '/@SDK_PRE_INSTALL_COMMAND@/d' \
 		-e '/@SDK_POST_INSTALL_COMMAND@/d' \
--- a/meta/classes/populate_sdk_ext.bbclass
+++ b/meta/classes/populate_sdk_ext.bbclass
@@ -88,7 +88,7 @@ SDK_TITLE_task-populate-sdk-ext = "${@d.getVar('DISTRO_NAME', True) or d.getVar(
 def clean_esdk_builddir(d, sdkbasepath):
    """Clean up traces of the fake build for create_filtered_tasklist()"""
    import shutil
-    cleanpaths = 'cache conf/sanity_info conf/templateconf.cfg tmp'.split()
+    cleanpaths = 'cache conf/sanity_info tmp'.split()
    for pth in cleanpaths:
        fullpth = os.path.join(sdkbasepath, pth)
        if os.path.isdir(fullpth):
@@ -305,10 +305,13 @@ python copy_buildsystem () {
            f.write('SIGGEN_LOCKEDSIGS_TASKSIG_CHECK = "warn"\n\n')

            # Set up whitelist for run on install
-            f.write('BB_SETSCENE_ENFORCE_WHITELIST = "%:* *:do_shared_workdir *:do_rm_work"\n\n')
+            f.write('BB_SETSCENE_ENFORCE_WHITELIST = "%:* *:do_shared_workdir *:do_rm_work *:do_package"\n\n')

            # Hide the config information from bitbake output (since it's fixed within the SDK)
-            f.write('BUILDCFG_HEADER = ""\n')
+            f.write('BUILDCFG_HEADER = ""\n\n')
+
+            # Map gcc-dependent uninative sstate cache for installer usage
+            f.write('SSTATE_MIRRORS = "file://universal/(.*) file://universal-4.9/\\1\\nfile://universal-4.9/(.*) file://universal-4.8/\\1"\n\n')

            # Allow additional config through sdk-extra.conf
            fn = bb.cookerdata.findConfigFile('sdk-extra.conf', d)
@@ -344,6 +347,10 @@ python copy_buildsystem () {
                    if line.strip() and not line.startswith('#'):
                        f.write(line)

+    # Write a templateconf.cfg
+    with open(baseoutpath + '/conf/templateconf.cfg', 'w') as f:
+        f.write('meta/conf\n')
+
    # Ensure any variables set from the external environment (by way of
    # BB_ENV_EXTRAWHITE) are set in the SDK's configuration
    extralines = []
@@ -370,8 +377,9 @@ python copy_buildsystem () {

    sstate_out = baseoutpath + '/sstate-cache'
    bb.utils.remove(sstate_out, True)
-    # uninative.bbclass sets NATIVELSBSTRING to 'universal'
-    fixedlsbstring = 'universal'
+
+    # uninative.bbclass sets NATIVELSBSTRING to 'universal%s' % oe.utils.host_gcc_version(d)
+    fixedlsbstring = "universal%s" % oe.utils.host_gcc_version(d)

    sdk_include_toolchain = (d.getVar('SDK_INCLUDE_TOOLCHAIN', True) == '1')
    sdk_ext_type = d.getVar('SDK_EXT_TYPE', True)
--- a/meta/classes/rm_work.bbclass
+++ b/meta/classes/rm_work.bbclass
@@ -58,7 +58,7 @@ do_rm_work () {
            *do_setscene*)
                break
                ;;
-            *sigdata*)
+            *sigdata*|*sigbasedata*)
                i=dummy
                break
                ;;
--- a/meta/classes/sstate.bbclass
+++ b/meta/classes/sstate.bbclass
@@ -457,7 +457,7 @@ def sstate_clean(ss, d):
    rm_nohash = ".do_%s" % ss['task']
    for stfile in glob.glob(wildcard_stfile):
        # Keep the sigdata
-        if ".sigdata." in stfile:
+        if ".sigdata." in stfile or ".sigbasedata." in stfile:
            continue
        # Preserve taint files in the stamps directory
        if stfile.endswith('.taint'):
--- a/meta/classes/staging.bbclass
+++ b/meta/classes/staging.bbclass
@@ -171,7 +171,6 @@ addtask populate_sysroot after do_install

 SYSROOT_PREPROCESS_FUNCS ?= ""
 SYSROOT_DESTDIR = "${WORKDIR}/sysroot-destdir"
-SYSROOT_LOCK = "${STAGING_DIR}/staging.lock"

 # We clean out any existing sstate from the sysroot if we rerun configure
 python sysroot_cleansstate () {
--- a/meta/classes/systemd.bbclass
+++ b/meta/classes/systemd.bbclass
@@ -32,7 +32,7 @@ if type systemctl >/dev/null 2>/dev/null; then
 	systemctl $OPTS ${SYSTEMD_AUTO_ENABLE} ${SYSTEMD_SERVICE}

 	if [ -z "$D" -a "${SYSTEMD_AUTO_ENABLE}" = "enable" ]; then
-		systemctl restart ${SYSTEMD_SERVICE}
+		systemctl --no-block restart ${SYSTEMD_SERVICE}
 	fi
 fi
 }
--- a/meta/classes/testsdk.bbclass
+++ b/meta/classes/testsdk.bbclass
@@ -4,13 +4,15 @@

 # testsdk.bbclass enables testing for SDK and Extensible SDK
 #
-# For run SDK tests you need to do,
-# - bitbake core-image-sato -c populate_sdk
-# - bitbake core-image-sato -c testsdk
+# To run SDK tests, run the commands:
+# $ bitbake <image-name> -c populate_sdk
+# $ bitbake <image-name> -c testsdk
 #
-# For run eSDK tests you need to do,
-# - bitbake core-image-sato -c populate_sdk_ext
-# - bitbake core-image-sato -c testsdkext
+# To run eSDK tests, run the commands:
+# $ bitbake <image-name> -c populate_sdk_ext
+# $ bitbake <image-name> -c testsdkext
+#
+# where "<image-name>" is an image like core-image-sato.

 TEST_LOG_DIR ?= "${WORKDIR}/testimage"
 TESTSDKLOCK = "${TMPDIR}/testsdk.lock"
--- a/meta/classes/uboot-sign.bbclass
+++ b/meta/classes/uboot-sign.bbclass
@@ -68,8 +68,8 @@ do_concat_dtb () {
 			[ -e "${DEPLOYDIR}/${UBOOT_DTB_IMAGE}" ]; then
 			cd ${B}
 			oe_runmake EXT_DTB=${DEPLOYDIR}/${UBOOT_DTB_IMAGE}
-			install ${S}/${UBOOT_BINARY} ${DEPLOYDIR}/${UBOOT_IMAGE}
-			install ${S}/${UBOOT_BINARY} ${DEPLOY_DIR_IMAGE}/${UBOOT_IMAGE}
+			install ${B}/${UBOOT_BINARY} ${DEPLOYDIR}/${UBOOT_IMAGE}
+			install ${B}/${UBOOT_BINARY} ${DEPLOY_DIR_IMAGE}/${UBOOT_IMAGE}
 		elif [ -e "${DEPLOYDIR}/${UBOOT_NODTB_IMAGE}" -a -e "${DEPLOYDIR}/${UBOOT_DTB_IMAGE}" ]; then
 			cd ${DEPLOYDIR}
 			cat ${UBOOT_NODTB_IMAGE} ${UBOOT_DTB_IMAGE} | tee ${B}/${UBOOT_BINARY} > ${UBOOT_IMAGE}
--- a/meta/classes/uninative.bbclass
+++ b/meta/classes/uninative.bbclass
@@ -1,4 +1,5 @@
-UNINATIVE_LOADER ?= "${STAGING_DIR}-uninative/${BUILD_ARCH}-linux/lib/${@bb.utils.contains('BUILD_ARCH', 'x86_64', 'ld-linux-x86-64.so.2', 'ld-linux.so.2', d)}"
+UNINATIVE_LOADER ?= "${UNINATIVE_STAGING_DIR}-uninative/${BUILD_ARCH}-linux/lib/${@bb.utils.contains('BUILD_ARCH', 'x86_64', 'ld-linux-x86-64.so.2', 'ld-linux.so.2', d)}"
+UNINATIVE_STAGING_DIR ?= "${STAGING_DIR}"

 UNINATIVE_URL ?= "unset"
 UNINATIVE_TARBALL ?= "${BUILD_ARCH}-nativesdk-libc.tar.bz2"
@@ -7,17 +8,6 @@ UNINATIVE_TARBALL ?= "${BUILD_ARCH}-nativesdk-libc.tar.bz2"
 #UNINATIVE_CHECKSUM[x86_64] = "dead"
 UNINATIVE_DLDIR ?= "${DL_DIR}/uninative/"

-# https://wiki.debian.org/GCC5
-# We may see binaries built with gcc5 run or linked into gcc4 environment
-# so use the older libstdc++ standard for now until we don't support gcc4
-# on the host system.
-BUILD_CXXFLAGS_append = " -D_GLIBCXX_USE_CXX11_ABI=0"
-
-#
-# icu configure defaults to CXX11 if no -std= option is passed in CXXFLAGS
-# therefore pass one
-BUILD_CXXFLAGS_append_pn-icu-native = " -std=c++98"
-
 addhandler uninative_event_fetchloader
 uninative_event_fetchloader[eventmask] = "bb.event.BuildStarted"

@@ -69,7 +59,7 @@ python uninative_event_fetchloader() {
            if localpath != tarballpath and os.path.exists(localpath) and not os.path.exists(tarballpath):
                    os.symlink(localpath, tarballpath)

-        cmd = d.expand("mkdir -p ${STAGING_DIR}-uninative; cd ${STAGING_DIR}-uninative; tar -xjf ${UNINATIVE_DLDIR}/%s/${UNINATIVE_TARBALL}; ${STAGING_DIR}-uninative/relocate_sdk.py ${STAGING_DIR}-uninative/${BUILD_ARCH}-linux ${UNINATIVE_LOADER} ${UNINATIVE_LOADER} ${STAGING_DIR}-uninative/${BUILD_ARCH}-linux/${bindir_native}/patchelf-uninative ${STAGING_DIR}-uninative/${BUILD_ARCH}-linux${base_libdir_native}/libc*.so" % chksum)
+        cmd = d.expand("mkdir -p ${UNINATIVE_STAGING_DIR}-uninative; cd ${UNINATIVE_STAGING_DIR}-uninative; tar -xjf ${UNINATIVE_DLDIR}/%s/${UNINATIVE_TARBALL}; ${UNINATIVE_STAGING_DIR}-uninative/relocate_sdk.py ${UNINATIVE_STAGING_DIR}-uninative/${BUILD_ARCH}-linux ${UNINATIVE_LOADER} ${UNINATIVE_LOADER} ${UNINATIVE_STAGING_DIR}-uninative/${BUILD_ARCH}-linux/${bindir_native}/patchelf-uninative ${UNINATIVE_STAGING_DIR}-uninative/${BUILD_ARCH}-linux${base_libdir_native}/libc*.so" % chksum)
        subprocess.check_call(cmd, shell=True)

        with open(loaderchksum, "w") as f:
@@ -99,9 +89,9 @@ def enable_uninative(d):
    loader = d.getVar("UNINATIVE_LOADER", True)
    if os.path.exists(loader):
        bb.debug(2, "Enabling uninative")
-        d.setVar("NATIVELSBSTRING", "universal")
+        d.setVar("NATIVELSBSTRING", "universal%s" % oe.utils.host_gcc_version(d))
        d.appendVar("SSTATEPOSTUNPACKFUNCS", " uninative_changeinterp")
-        d.prependVar("PATH", "${STAGING_DIR}-uninative/${BUILD_ARCH}-linux${bindir_native}:")
+        d.prependVar("PATH", "${UNINATIVE_STAGING_DIR}-uninative/${BUILD_ARCH}-linux${bindir_native}:")

 python uninative_changeinterp () {
    import subprocess
--- a/meta/classes/update-alternatives.bbclass
+++ b/meta/classes/update-alternatives.bbclass
@@ -195,8 +195,8 @@ python populate_packages_updatealternatives () {
    pkgdest = d.getVar('PKGD', True)
    for pkg in (d.getVar('PACKAGES', True) or "").split():
        # Create post install/removal scripts
-        alt_setup_links = ""
-        alt_remove_links = ""
+        alt_setup_links = "# Begin section update-alternatives\n"
+        alt_remove_links = "# Begin section update-alternatives\n"
        for alt_name in (d.getVar('ALTERNATIVE_%s' % pkg, True) or "").split():
            alt_link     = d.getVarFlag('ALTERNATIVE_LINK_NAME', alt_name, True)
            alt_target   = d.getVarFlag('ALTERNATIVE_TARGET_%s' % pkg, alt_name, True) or d.getVarFlag('ALTERNATIVE_TARGET', alt_name, True)
@@ -219,10 +219,13 @@ python populate_packages_updatealternatives () {
            # Default to generate shell script.. eventually we may want to change this...
            alt_target = os.path.normpath(alt_target)

-            alt_setup_links  += '\tupdate-alternatives --install %s %s %s %s\n' % (alt_link, alt_name, alt_target, alt_priority)
-            alt_remove_links += '\tupdate-alternatives --remove  %s %s\n' % (alt_name, alt_target)
+            alt_setup_links  += 'update-alternatives --install %s %s %s %s\n' % (alt_link, alt_name, alt_target, alt_priority)
+            alt_remove_links += 'update-alternatives --remove  %s %s\n' % (alt_name, alt_target)

-        if alt_setup_links:
+        alt_setup_links += "# End section update-alternatives\n"
+        alt_remove_links += "# End section update-alternatives\n"
+
+        if len(alt_setup_links.splitlines()) > 2:
            # RDEPENDS setup
            provider = d.getVar('VIRTUAL-RUNTIME_update-alternatives', True)
            if provider:
@@ -232,12 +235,24 @@ python populate_packages_updatealternatives () {
            bb.note('adding update-alternatives calls to postinst/prerm for %s' % pkg)
            bb.note('%s' % alt_setup_links)
            postinst = d.getVar('pkg_postinst_%s' % pkg, True) or '#!/bin/sh\n'
-            postinst += alt_setup_links
+            postinst = postinst.splitlines(True)
+            try:
+                index = postinst.index('# Begin section update-rc.d\n')
+                postinst.insert(index, alt_setup_links)
+            except ValueError:
+                postinst.append(alt_setup_links)
+            postinst = ''.join(postinst)
            d.setVar('pkg_postinst_%s' % pkg, postinst)

            bb.note('%s' % alt_remove_links)
            prerm = d.getVar('pkg_prerm_%s' % pkg, True) or '#!/bin/sh\n'
-            prerm += alt_remove_links
+            prerm = prerm.splitlines(True)
+            try:
+                index = prerm.index('# End section update-rc.d\n')
+                prerm.insert(index + 1, alt_remove_links)
+            except ValueError:
+                prerm.append(alt_remove_links)
+            prerm = ''.join(prerm)
            d.setVar('pkg_prerm_%s' % pkg, prerm)
 }

--- a/meta/classes/update-rc.d.bbclass
+++ b/meta/classes/update-rc.d.bbclass
@@ -26,6 +26,7 @@ fi
 }

 updatercd_postinst() {
+# Begin section update-rc.d
 if type update-rc.d >/dev/null 2>/dev/null; then
 	if [ -n "$D" ]; then
 		OPT="-r $D"
@@ -34,12 +35,15 @@ if type update-rc.d >/dev/null 2>/dev/null; then
 	fi
 	update-rc.d $OPT ${INITSCRIPT_NAME} ${INITSCRIPT_PARAMS}
 fi
+# End section update-rc.d
 }

 updatercd_prerm() {
+# Begin section update-rc.d
 if [ -z "$D" -a -x "${INIT_D_DIR}/${INITSCRIPT_NAME}" ]; then
 	${INIT_D_DIR}/${INITSCRIPT_NAME} stop || :
 fi
+# End section update-rc.d
 }

 updatercd_postrm() {
@@ -102,13 +106,25 @@ python populate_packages_updatercd () {
        postinst = d.getVar('pkg_postinst_%s' % pkg, True)
        if not postinst:
            postinst = '#!/bin/sh\n'
-        postinst += localdata.getVar('updatercd_postinst', True)
+        postinst = postinst.splitlines(True)
+        try:
+            index = postinst.index('# End section update-alternatives\n')
+            postinst.insert(index + 1, localdata.getVar('updatercd_postinst', True))
+        except ValueError:
+            postinst.append(localdata.getVar('updatercd_postinst', True))
+        postinst = ''.join(postinst)
        d.setVar('pkg_postinst_%s' % pkg, postinst)

        prerm = d.getVar('pkg_prerm_%s' % pkg, True)
        if not prerm:
            prerm = '#!/bin/sh\n'
-        prerm += localdata.getVar('updatercd_prerm', True)
+        prerm = prerm.splitlines(True)
+        try:
+            index = prerm.index('# Begin section update-alternatives\n')
+            prerm.insert(index, localdata.getVar('updatercd_prerm', True))
+        except ValueError:
+            prerm.append(localdata.getVar('updatercd_prerm', True))
+        prerm = ''.join(prerm)
        d.setVar('pkg_prerm_%s' % pkg, prerm)

        postrm = d.getVar('pkg_postrm_%s' % pkg, True)
--- a/meta/conf/bitbake.conf
+++ b/meta/conf/bitbake.conf
@@ -408,6 +408,11 @@ OLDEST_KERNEL = "3.2.0"
 OLDEST_KERNEL_aarch64 = "3.14"
 OLDEST_KERNEL_nios2 = "3.19"

+# SDK_OLDEST_KERNEL can't be set using overrides since there are
+# none for the SDK architecture. Best to set it from a machine-sdk
+# include file if you need an SDK arch-specific value
+SDK_OLDEST_KERNEL = "3.2.0"
+
 # Define where the kernel headers are installed on the target as well as where
 # they are staged.
 KERNEL_SRC_PATH = "/usr/src/kernel"
@@ -705,6 +710,7 @@ require conf/abi_version.conf
 include conf/site.conf
 include conf/auto.conf
 include conf/local.conf
+include conf/multiconfig/${BB_CURRENT_MC}.conf
 include conf/build/${BUILD_SYS}.conf
 include conf/target/${TARGET_SYS}.conf
 include conf/machine/${MACHINE}.conf
--- a/meta/conf/distro/defaultsetup.conf
+++ b/meta/conf/distro/defaultsetup.conf
@@ -9,6 +9,8 @@ require conf/distro/include/tcmode-${TCMODE}.inc
 TCLIBC ?= "glibc"
 require conf/distro/include/tclibc-${TCLIBC}.inc

+require conf/distro/include/uninative-flags.inc
+
 # Allow single libc distros to disable this code
 TCLIBCAPPEND ?= "-${TCLIBC}"
 TMPDIR .= "${TCLIBCAPPEND}"
@@ -20,4 +22,3 @@ PACKAGE_CLASSES ?= "package_ipk"
 INHERIT_BLACKLIST = "blacklist"
 INHERIT_DISTRO ?= "debian devshell sstate license"
 INHERIT += "${PACKAGE_CLASSES} ${USER_CLASSES} ${INHERIT_DISTRO} ${INHERIT_BLACKLIST}"
-
--- a/meta/conf/distro/include/uninative-flags.inc
+++ b/meta/conf/distro/include/uninative-flags.inc
@@ -0,0 +1,9 @@
+# https://wiki.debian.org/GCC5
+# We may see binaries built with gcc5 run or linked into gcc4 environment
+# so use the older libstdc++ standard for now until we don't support gcc4
+# on the host system.
+BUILD_CXXFLAGS_append = " -D_GLIBCXX_USE_CXX11_ABI=0"
+
+# icu configure defaults to CXX11 if no -std= option is passed in CXXFLAGS
+# therefore pass one
+BUILD_CXXFLAGS_append_pn-icu-native = " -std=c++98"
--- a/meta/conf/machine-sdk/i586.conf
+++ b/meta/conf/machine-sdk/i586.conf
@@ -1,4 +1,5 @@
 SDK_ARCH = "i586"
 SDK_CC_ARCH = "-march=i586"
 ABIEXTENSION_class-nativesdk = ""
+SDK_OLDEST_KERNEL = "2.6.32"

--- a/meta/conf/machine-sdk/i686.conf
+++ b/meta/conf/machine-sdk/i686.conf
@@ -1,3 +1,4 @@
 SDK_ARCH = "i686"
 SDK_CC_ARCH = "-march=i686"
 ABIEXTENSION_class-nativesdk = ""
+SDK_OLDEST_KERNEL = "2.6.32"
--- a/meta/conf/machine-sdk/x86_64.conf
+++ b/meta/conf/machine-sdk/x86_64.conf
@@ -1,2 +1,3 @@
 SDK_ARCH = "x86_64"
 ABIEXTENSION_class-nativesdk = ""
+SDK_OLDEST_KERNEL = "2.6.32"
--- a/meta/conf/machine/include/arm/arch-arm64.inc
+++ b/meta/conf/machine/include/arm/arch-arm64.inc
@@ -1,6 +1,6 @@
 DEFAULTTUNE ?= "aarch64"

-require conf/machine/include/arm/arch-armv7a.inc
+require conf/machine/include/arm/arch-armv7ve.inc

 TUNEVALID[aarch64] = "Enable instructions for aarch64"

--- a/meta/conf/machine/qemuarm.conf
+++ b/meta/conf/machine/qemuarm.conf
@@ -8,7 +8,7 @@ require conf/machine/include/tune-arm926ejs.inc

 KERNEL_IMAGETYPE = "zImage"

-SERIAL_CONSOLES = "115200;ttyAMA0 115200;ttyAMA1"
+SERIAL_CONSOLES ?= "115200;ttyAMA0 115200;ttyAMA1"

 # For runqemu
 QB_SYSTEM_NAME = "qemu-system-arm"
--- a/meta/conf/machine/qemuarm64.conf
+++ b/meta/conf/machine/qemuarm64.conf
@@ -7,7 +7,7 @@ require conf/machine/include/qemu.inc

 KERNEL_IMAGETYPE = "Image"

-SERIAL_CONSOLES = "38400;ttyAMA0 38400;hvc0"
+SERIAL_CONSOLES ?= "38400;ttyAMA0 38400;hvc0"

 # For runqemu
 QB_SYSTEM_NAME = "qemu-system-aarch64"
@@ -16,7 +16,7 @@ QB_MACHINE = "-machine virt"
 QB_CPU = "-cpu cortex-a57"
 QB_KERNEL_CMDLINE_APPEND = "console=ttyAMA0,38400"
 # Add the 'virtio-rng-pci' device otherwise the guest may run out of entropy
-QB_OPT_APPEND = "-show-cursor -device virtio-rng-pci"
+QB_OPT_APPEND = "-show-cursor -device virtio-rng-pci -monitor null"
 QB_TAP_OPT = "-netdev tap,id=net0,ifname=@TAP@,script=no,downscript=no -device virtio-net-device,netdev=net0,mac=@MAC@"
 QB_SLIRP_OPT = "-netdev user,id=net0 -device virtio-net-device,netdev=net0"
 QB_ROOTFS_OPT = "-drive id=disk0,file=@ROOTFS@,if=none,format=raw -device virtio-blk-device,drive=disk0"
--- a/meta/conf/machine/qemumips.conf
+++ b/meta/conf/machine/qemumips.conf
@@ -9,6 +9,6 @@ require conf/machine/include/qemuboot-mips.inc
 KERNEL_IMAGETYPE = "vmlinux"
 KERNEL_ALT_IMAGETYPE = "vmlinux.bin"

-SERIAL_CONSOLES = "115200;ttyS0 115200;ttyS1"
+SERIAL_CONSOLES ?= "115200;ttyS0 115200;ttyS1"

 MACHINE_EXTRA_RRECOMMENDS = " kernel-modules"
--- a/meta/conf/machine/qemumips64.conf
+++ b/meta/conf/machine/qemumips64.conf
@@ -9,6 +9,6 @@ require conf/machine/include/qemuboot-mips.inc
 KERNEL_IMAGETYPE = "vmlinux"
 KERNEL_ALT_IMAGETYPE = "vmlinux.bin"

-SERIAL_CONSOLES = "115200;ttyS0 115200;ttyS1"
+SERIAL_CONSOLES ?= "115200;ttyS0 115200;ttyS1"

 MACHINE_EXTRA_RRECOMMENDS = " kernel-modules"
--- a/meta/conf/machine/qemuppc.conf
+++ b/meta/conf/machine/qemuppc.conf
@@ -9,7 +9,7 @@ TARGET_CC_KERNEL_ARCH = "-mno-spe"

 KERNEL_IMAGETYPE = "vmlinux"

-SERIAL_CONSOLES = "115200;ttyS0 115200;ttyS1"
+SERIAL_CONSOLES ?= "115200;ttyS0 115200;ttyS1"

 # For runqemu
 QB_SYSTEM_NAME = "qemu-system-ppc"
--- a/meta/conf/machine/qemux86-64.conf
+++ b/meta/conf/machine/qemux86-64.conf
@@ -14,7 +14,7 @@ require conf/machine/include/qemuboot-x86.inc

 KERNEL_IMAGETYPE = "bzImage"

-SERIAL_CONSOLES = "115200;ttyS0 115200;ttyS1"
+SERIAL_CONSOLES ?= "115200;ttyS0 115200;ttyS1"

 XSERVER = "xserver-xorg \
           ${@bb.utils.contains('DISTRO_FEATURES', 'opengl', 'mesa-driver-swrast xserver-xorg-extension-glx', '', d)} \
@@ -31,3 +31,6 @@ XSERVER = "xserver-xorg \
 MACHINE_FEATURES += "x86"

 MACHINE_ESSENTIAL_EXTRA_RDEPENDS += "v86d"
+
+WKS_FILE ?= "directdisk.wks"
+do_image_wic[depends] += "syslinux:do_build syslinux-native:do_populate_sysroot mtools-native:do_populate_sysroot dosfstools-native:do_populate_sysroot"
--- a/meta/conf/machine/qemux86.conf
+++ b/meta/conf/machine/qemux86.conf
@@ -13,7 +13,7 @@ require conf/machine/include/qemuboot-x86.inc

 KERNEL_IMAGETYPE = "bzImage"

-SERIAL_CONSOLES = "115200;ttyS0 115200;ttyS1"
+SERIAL_CONSOLES ?= "115200;ttyS0 115200;ttyS1"

 XSERVER = "xserver-xorg \
           ${@bb.utils.contains('DISTRO_FEATURES', 'opengl', 'mesa-driver-swrast xserver-xorg-extension-glx', '', d)} \
@@ -30,3 +30,6 @@ XSERVER = "xserver-xorg \
 MACHINE_FEATURES += "x86"

 MACHINE_ESSENTIAL_EXTRA_RDEPENDS += "v86d"
+
+WKS_FILE = "directdisk.wks"
+do_image_wic[depends] += "syslinux:do_build syslinux-native:do_populate_sysroot mtools-native:do_populate_sysroot dosfstools-native:do_populate_sysroot"
--- a/meta/lib/oe/copy_buildsystem.py
+++ b/meta/lib/oe/copy_buildsystem.py
@@ -4,11 +4,15 @@ import stat
 import shutil

 def _smart_copy(src, dest):
+    import subprocess
    # smart_copy will choose the correct function depending on whether the
    # source is a file or a directory.
    mode = os.stat(src).st_mode
    if stat.S_ISDIR(mode):
-        shutil.copytree(src, dest, symlinks=True, ignore=shutil.ignore_patterns('.git'))
+        bb.utils.mkdirhier(dest)
+        cmd = "tar --exclude='.git' --xattrs --xattrs-include='*' -chf - -C %s -p . \
+        | tar --xattrs --xattrs-include='*' -xf - -C %s" % (src, dest)
+        subprocess.check_output(cmd, shell=True, stderr=subprocess.STDOUT)
    else:
        shutil.copyfile(src, dest)
        shutil.copymode(src, dest)
--- a/meta/lib/oe/package_manager.py
+++ b/meta/lib/oe/package_manager.py
@@ -1776,7 +1776,7 @@ class OpkgPM(OpkgDpkgPM):

    def remove(self, pkgs, with_dependencies=True):
        if with_dependencies:
-            cmd = "%s %s --force-depends --force-remove --force-removal-of-dependent-packages remove %s" % \
+            cmd = "%s %s --force-remove --force-removal-of-dependent-packages remove %s" % \
                (self.opkg_cmd, self.opkg_args, ' '.join(pkgs))
        else:
            cmd = "%s %s --force-depends remove %s" % \
--- a/meta/lib/oe/qa.py
+++ b/meta/lib/oe/qa.py
@@ -1,4 +1,4 @@
-import os, struct
+import os, struct, mmap

 class NotELFFileError(Exception):
    pass
@@ -23,9 +23,9 @@ class ELFFile:
    EV_CURRENT   = 1

    # possible values for EI_DATA
-    ELFDATANONE  = 0
-    ELFDATA2LSB  = 1
-    ELFDATA2MSB  = 2
+    EI_DATA_NONE  = 0
+    EI_DATA_LSB  = 1
+    EI_DATA_MSB  = 2

    PT_INTERP = 3

@@ -34,51 +34,46 @@ class ELFFile:
            #print "'%x','%x' %s" % (ord(expectation), ord(result), self.name)
            raise NotELFFileError("%s is not an ELF" % self.name)

-    def __init__(self, name, bits = 0):
+    def __init__(self, name):
        self.name = name
-        self.bits = bits
        self.objdump_output = {}

+    # Context Manager functions to close the mmap explicitly
+    def __enter__(self):
+        return self
+
+    def __exit__(self, exc_type, exc_value, traceback):
+        self.data.close()
+
    def open(self):
-        if not os.path.isfile(self.name):
-            raise NotELFFileError("%s is not a normal file" % self.name)
-
        with open(self.name, "rb") as f:
-            # Read 4k which should cover most of the headers we're after
-            self.data = f.read(4096)
+            try:
+                self.data = mmap.mmap(f.fileno(), 0, access=mmap.ACCESS_READ)
+            except ValueError:
+                # This means the file is empty
+                raise NotELFFileError("%s is empty" % self.name)

+        # Check the file has the minimum number of ELF table entries
        if len(self.data) < ELFFile.EI_NIDENT + 4:
            raise NotELFFileError("%s is not an ELF" % self.name)

+        # ELF header
        self.my_assert(self.data[0], 0x7f)
        self.my_assert(self.data[1], ord('E'))
        self.my_assert(self.data[2], ord('L'))
        self.my_assert(self.data[3], ord('F'))
-        if self.bits == 0:
-            if self.data[ELFFile.EI_CLASS] == ELFFile.ELFCLASS32:
-                self.bits = 32
-            elif self.data[ELFFile.EI_CLASS] == ELFFile.ELFCLASS64:
-                self.bits = 64
-            else:
-                # Not 32-bit or 64.. lets assert
-                raise NotELFFileError("ELF but not 32 or 64 bit.")
-        elif self.bits == 32:
-            self.my_assert(self.data[ELFFile.EI_CLASS], ELFFile.ELFCLASS32)
-        elif self.bits == 64:
-            self.my_assert(self.data[ELFFile.EI_CLASS], ELFFile.ELFCLASS64)
+        if self.data[ELFFile.EI_CLASS] == ELFFile.ELFCLASS32:
+            self.bits = 32
+        elif self.data[ELFFile.EI_CLASS] == ELFFile.ELFCLASS64:
+            self.bits = 64
        else:
-            raise NotELFFileError("Must specify unknown, 32 or 64 bit size.")
+            # Not 32-bit or 64.. lets assert
+            raise NotELFFileError("ELF but not 32 or 64 bit.")
        self.my_assert(self.data[ELFFile.EI_VERSION], ELFFile.EV_CURRENT)

-        self.sex = self.data[ELFFile.EI_DATA]
-        if self.sex == ELFFile.ELFDATANONE:
-            raise NotELFFileError("self.sex == ELFDATANONE")
-        elif self.sex == ELFFile.ELFDATA2LSB:
-            self.sex = "<"
-        elif self.sex == ELFFile.ELFDATA2MSB:
-            self.sex = ">"
-        else:
-            raise NotELFFileError("Unknown self.sex")
+        self.endian = self.data[ELFFile.EI_DATA]
+        if self.endian not in (ELFFile.EI_DATA_LSB, ELFFile.EI_DATA_MSB):
+            raise NotELFFileError("Unexpected EI_DATA %x" % self.endian)

    def osAbi(self):
        return self.data[ELFFile.EI_OSABI]
@@ -90,16 +85,20 @@ class ELFFile:
        return self.bits

    def isLittleEndian(self):
-        return self.sex == "<"
+        return self.endian == ELFFile.EI_DATA_LSB

    def isBigEndian(self):
-        return self.sex == ">"
+        return self.endian == ELFFile.EI_DATA_MSB
+
+    def getStructEndian(self):
+        return {ELFFile.EI_DATA_LSB: "<",
+                ELFFile.EI_DATA_MSB: ">"}[self.endian]

    def getShort(self, offset):
-        return struct.unpack_from(self.sex+"H", self.data, offset)[0]
+        return struct.unpack_from(self.getStructEndian() + "H", self.data, offset)[0]

    def getWord(self, offset):
-        return struct.unpack_from(self.sex+"i", self.data, offset)[0]
+        return struct.unpack_from(self.getStructEndian() + "i", self.data, offset)[0]

    def isDynamic(self):
        """
@@ -118,7 +117,7 @@ class ELFFile:

    def machine(self):
        """
-        We know the sex stored in self.sex and we
+        We know the endian stored in self.endian and we
        know the position
        """
        return self.getShort(ELFFile.E_MACHINE)
@@ -166,6 +165,7 @@ def elf_machine_to_string(machine):

 if __name__ == "__main__":
    import sys
-    elf = ELFFile(sys.argv[1])
-    elf.open()
-    print(elf.isDynamic())
+
+    with ELFFile(sys.argv[1]) as elf:
+        elf.open()
+        print(elf.isDynamic())
--- a/meta/lib/oe/rootfs.py
+++ b/meta/lib/oe/rootfs.py
@@ -477,8 +477,6 @@ class RpmRootfs(Rootfs):

        execute_pre_post_process(self.d, rpm_post_process_cmds)

-        self._log_check()
-
        if self.inc_rpm_image_gen == "1":
            self.pm.backup_packaging_data()

--- a/meta/lib/oe/terminal.py
+++ b/meta/lib/oe/terminal.py
@@ -227,6 +227,8 @@ def spawn(name, sh_cmd, title=None, env=None, d=None):

    pipe = terminal(sh_cmd, title, env, d)
    output = pipe.communicate()[0]
+    if output:
+        output = output.decode("utf-8")
    if pipe.returncode != 0:
        raise ExecutionError(sh_cmd, pipe.returncode, output)

--- a/meta/lib/oe/utils.py
+++ b/meta/lib/oe/utils.py
@@ -230,6 +230,25 @@ def format_pkg_list(pkg_dict, ret_format=None):

    return '\n'.join(output)

+def host_gcc_version(d):
+    import re, subprocess
+
+    compiler = d.getVar("BUILD_CC", True)
+
+    try:
+        env = os.environ.copy()
+        env["PATH"] = d.getVar("PATH", True)
+        output = subprocess.check_output("%s --version" % compiler, shell=True, env=env).decode("utf-8")
+    except subprocess.CalledProcessError as e:
+        bb.fatal("Error running %s --version: %s" % (compiler, e.output.decode("utf-8")))
+
+    match = re.match(".* (\d\.\d)\.\d.*", output.split('\n')[0])
+    if not match:
+        bb.fatal("Can't get compiler version from %s --version output" % compiler)
+
+    version = match.group(1)
+    return "-%s" % version if version in ("4.8", "4.9") else ""
+
 #
 # Python 2.7 doesn't have threaded pools (just multiprocessing)
 # so implement a version here
--- a/meta/lib/oeqa/controllers/testtargetloader.py
+++ b/meta/lib/oeqa/controllers/testtargetloader.py
@@ -61,8 +61,6 @@ class TestTargetLoader:
            obj = getattr(module, target)
            if obj: 
                from oeqa.targetcontrol import BaseTarget
-                if (not isinstance(obj, (type, types.ClassType))):
-                    bb.warn("Target {0} found, but not of type Class".format(target))
                if( not issubclass(obj, BaseTarget)):
                    bb.warn("Target {0} found, but subclass is not BaseTarget".format(target))
        except:
--- a/meta/lib/oeqa/runtime/parselogs.py
+++ b/meta/lib/oeqa/runtime/parselogs.py
@@ -43,6 +43,7 @@ common_errors = [
    "controller can't do DEVSLP, turning off",
    "stmmac_dvr_probe: warning: cannot get CSR clock",
    "error: couldn\'t mount because of unsupported optional features",
+    "GPT: Use GNU Parted to correct GPT errors",
    ]

 video_related = [
@@ -58,6 +59,7 @@ x86_common = [
    'failed to setup card detect gpio',
    'amd_nb: Cannot enumerate AMD northbridges',
    'failed to retrieve link info, disabling eDP',
+    'Direct firmware load for iwlwifi',
 ] + common_errors

 qemux86_common = [
@@ -69,7 +71,7 @@ qemux86_common = [
    'tsc: HPET/PMTIMER calibration failed',
 ] + common_errors

-ignore_errors = { 
+ignore_errors = {
    'default' : common_errors,
    'qemux86' : [
        'Failed to access perfctr msr (MSR',
@@ -200,7 +202,7 @@ class ParseLogsTest(oeRuntimeTest):
        hwi += "*******************************\n"
        return hwi

-    #go through the log locations provided and if it's a folder create a list with all the .log files in it, if it's a file just add 
+    #go through the log locations provided and if it's a folder create a list with all the .log files in it, if it's a file just add
    #it to that list
    def getLogList(self, log_locations):
        logs = []
--- a/meta/lib/oeqa/selftest/wic.py
+++ b/meta/lib/oeqa/selftest/wic.py
@@ -42,7 +42,8 @@ class Wic(oeSelfTest):
    def setUpLocal(self):
        """This code is executed before each test method."""
        self.write_config('IMAGE_FSTYPES += " hddimg"\n'
-                          'MACHINE_FEATURES_append = " efi"\n')
+                          'MACHINE_FEATURES_append = " efi"\n'
+                          'WKS_FILE = "wic-image-minimal"\n')

        # Do this here instead of in setUpClass as the base setUp does some
        # clean up which can result in the native tools built earlier in
--- a/meta/recipes-bsp/grub/files/0001-Enforce-no-pie-if-the-compiler-supports-it.patch
+++ b/meta/recipes-bsp/grub/files/0001-Enforce-no-pie-if-the-compiler-supports-it.patch
@@ -0,0 +1,45 @@
+From 6186bcf1bcaaa0f16e79339e07c64c841d4d957d Mon Sep 17 00:00:00 2001
+From: Alexander Kanavin <alex.kanavin@gmail.com>
+Date: Fri, 2 Dec 2016 20:52:40 +0200
+Subject: [PATCH] Enforce -no-pie, if the compiler supports it.
+
+Add a -no-pie as recent (2 Dec 2016) Debian testing compiler
+seems to default to enabling PIE when linking. See
+https://wiki.ubuntu.com/SecurityTeam/PIE
+
+Upstream-Status: Pending
+Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
+---
+ acinclude.m4 | 2 +-
+ configure.ac | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/acinclude.m4 b/acinclude.m4
+index 19200b0..a713923 100644
+--- a/acinclude.m4
+++ b/acinclude.m4
+@@ -416,7 +416,7 @@ int main() {
+ 
+ [# `$CC -c -o ...' might not be portable.  But, oh, well...  Is calling
+ # `ac_compile' like this correct, after all?
+-if eval "$ac_compile -S -o conftest.s" 2> /dev/null; then]
+if eval "$ac_compile -S -o conftest.s" 2> /dev/null && eval "$CC -dumpspecs 2>/dev/null | grep -e no-pie" ; then]
+   AC_MSG_RESULT([yes])
+   [# Should we clear up other files as well, having called `AC_LANG_CONFTEST'?
+   rm -f conftest.s
+diff --git a/configure.ac b/configure.ac
+index df20991..506c6b4 100644
+--- a/configure.ac
+++ b/configure.ac
+@@ -603,7 +603,7 @@ grub_CHECK_PIE
+ [# Need that, because some distributions ship compilers that include
+ # `-fPIE' in the default specs.
+ if [ x"$pie_possible" = xyes ]; then
+-  TARGET_CFLAGS="$TARGET_CFLAGS -fno-PIE"
+  TARGET_CFLAGS="$TARGET_CFLAGS -fno-PIE -no-pie"
+ fi]
+ 
+ # Position independent executable.
+-- 
+2.10.2
+
--- a/meta/recipes-bsp/grub/files/0001-grub-core-kern-efi-mm.c-grub_efi_finish_boot_service.patch
+++ b/meta/recipes-bsp/grub/files/0001-grub-core-kern-efi-mm.c-grub_efi_finish_boot_service.patch
@@ -0,0 +1,79 @@
+From b258761d11946b28a847dff0768c3f271e13d60a Mon Sep 17 00:00:00 2001
+From: Awais Belal <awais_belal@mentor.com>
+Date: Thu, 8 Dec 2016 18:21:12 +0500
+Subject: [PATCH 1/2] * grub-core/kern/efi/mm.c
+ (grub_efi_finish_boot_services):  Try terminating EFI services several times
+ due to quirks in some  implementations.
+
+Upstream-status: Backport [ http://git.savannah.gnu.org/cgit/grub.git/patch/?id=e75fdee420a7ad95e9a465c9699adc2e2e970440 ]
+
+Signed-off-by: Awais Belal <awais_belal@mentor.com>
+---
+ grub-core/kern/efi/mm.c | 46 ++++++++++++++++++++++++++++++----------------
+ 1 file changed, 30 insertions(+), 16 deletions(-)
+
+diff --git a/grub-core/kern/efi/mm.c b/grub-core/kern/efi/mm.c
+index 461deb0..b00e0bc 100644
+--- a/grub-core/kern/efi/mm.c
+++ b/grub-core/kern/efi/mm.c
+@@ -167,27 +167,41 @@ grub_efi_finish_boot_services (grub_efi_uintn_t *outbuf_size, void *outbuf,
+ 			   apple, sizeof (apple)) == 0);
+ #endif
+ 
+-  if (grub_efi_get_memory_map (&finish_mmap_size, finish_mmap_buf, &finish_key,
+-			       &finish_desc_size, &finish_desc_version) < 0)
+-    return grub_error (GRUB_ERR_IO, "couldn't retrieve memory map");
+  while (1)
+    {
+      if (grub_efi_get_memory_map (&finish_mmap_size, finish_mmap_buf, &finish_key,
+				   &finish_desc_size, &finish_desc_version) < 0)
+	return grub_error (GRUB_ERR_IO, "couldn't retrieve memory map");
+ 
+-  if (outbuf && *outbuf_size < finish_mmap_size)
+-    return grub_error (GRUB_ERR_IO, "memory map buffer is too small");
+      if (outbuf && *outbuf_size < finish_mmap_size)
+	return grub_error (GRUB_ERR_IO, "memory map buffer is too small");
+ 
+-  finish_mmap_buf = grub_malloc (finish_mmap_size);
+-  if (!finish_mmap_buf)
+-    return grub_errno;
+      finish_mmap_buf = grub_malloc (finish_mmap_size);
+      if (!finish_mmap_buf)
+	return grub_errno;
+ 
+-  if (grub_efi_get_memory_map (&finish_mmap_size, finish_mmap_buf, &finish_key,
+-			       &finish_desc_size, &finish_desc_version) <= 0)
+-    return grub_error (GRUB_ERR_IO, "couldn't retrieve memory map");
+      if (grub_efi_get_memory_map (&finish_mmap_size, finish_mmap_buf, &finish_key,
+				   &finish_desc_size, &finish_desc_version) <= 0)
+	{
+	  grub_free (finish_mmap_buf);
+	  return grub_error (GRUB_ERR_IO, "couldn't retrieve memory map");
+	}
+ 
+-  b = grub_efi_system_table->boot_services;
+-  status = efi_call_2 (b->exit_boot_services, grub_efi_image_handle,
+-		       finish_key);
+-  if (status != GRUB_EFI_SUCCESS)
+-    return grub_error (GRUB_ERR_IO, "couldn't terminate EFI services");
+      b = grub_efi_system_table->boot_services;
+      status = efi_call_2 (b->exit_boot_services, grub_efi_image_handle,
+			   finish_key);
+      if (status == GRUB_EFI_SUCCESS)
+	break;
+ 
+      if (status != GRUB_EFI_INVALID_PARAMETER)
+	{
+	  grub_free (finish_mmap_buf);
+	  return grub_error (GRUB_ERR_IO, "couldn't terminate EFI services");
+	}
+
+      grub_free (finish_mmap_buf);
+      grub_printf ("Trying to terminate EFI services again\n");
+    }
+   grub_efi_is_finished = 1;
+   if (outbuf_size)
+     *outbuf_size = finish_mmap_size;
+-- 
+1.9.1
+
--- a/meta/recipes-bsp/grub/files/0002-grub-core-kern-efi-mm.c-grub_efi_get_memory_map-Neve.patch
+++ b/meta/recipes-bsp/grub/files/0002-grub-core-kern-efi-mm.c-grub_efi_get_memory_map-Neve.patch
@@ -0,0 +1,43 @@
+From 630de45f3d5f9a2dda7fad99acd21449b8c4111d Mon Sep 17 00:00:00 2001
+From: Awais Belal <awais_belal@mentor.com>
+Date: Thu, 8 Dec 2016 18:27:01 +0500
+Subject: [PATCH 2/2] * grub-core/kern/efi/mm.c (grub_efi_get_memory_map):
+ Never  return a descriptor_size==0 to avoid potential divisions by zero.
+
+Upstream-status: Backport [ http://git.savannah.gnu.org/cgit/grub.git/commit/?id=69aee43fa64601cabf6efa9279c10d69b466662e ]
+
+Signed-off-by: Awais Belal <awais_belal@mentor.com>
+---
+ grub-core/kern/efi/mm.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/grub-core/kern/efi/mm.c b/grub-core/kern/efi/mm.c
+index b00e0bc..9f1d194 100644
+--- a/grub-core/kern/efi/mm.c
+++ b/grub-core/kern/efi/mm.c
+@@ -235,6 +235,7 @@ grub_efi_get_memory_map (grub_efi_uintn_t *memory_map_size,
+   grub_efi_boot_services_t *b;
+   grub_efi_uintn_t key;
+   grub_efi_uint32_t version;
+  grub_efi_uintn_t size;
+ 
+   if (grub_efi_is_finished)
+     {
+@@ -264,10 +265,14 @@ grub_efi_get_memory_map (grub_efi_uintn_t *memory_map_size,
+     map_key = &key;
+   if (! descriptor_version)
+     descriptor_version = &version;
+  if (! descriptor_size)
+    descriptor_size = &size;
+ 
+   b = grub_efi_system_table->boot_services;
+   status = efi_call_5 (b->get_memory_map, memory_map_size, memory_map, map_key,
+ 			      descriptor_size, descriptor_version);
+  if (*descriptor_size == 0)
+    *descriptor_size = sizeof (grub_efi_memory_descriptor_t);
+   if (status == GRUB_EFI_SUCCESS)
+     return 1;
+   else if (status == GRUB_EFI_BUFFER_TOO_SMALL)
+-- 
+1.9.1
+
--- a/meta/recipes-bsp/grub/grub2.inc
+++ b/meta/recipes-bsp/grub/grub2.inc
@@ -32,6 +32,9 @@ SRC_URI = "ftp://ftp.gnu.org/gnu/grub/grub-${PV}.tar.gz \
           file://0001-Remove-direct-_llseek-code-and-require-long-filesyst.patch \
           file://fix-texinfo.patch \
           file://0001-grub-core-gettext-gettext.c-main_context-secondary_c.patch \
+           file://0001-Enforce-no-pie-if-the-compiler-supports-it.patch \
+           file://0001-grub-core-kern-efi-mm.c-grub_efi_finish_boot_service.patch \
+           file://0002-grub-core-kern-efi-mm.c-grub_efi_get_memory_map-Neve.patch \
            "

 DEPENDS = "flex-native bison-native autogen-native"
--- a/meta/recipes-connectivity/connman/connman/0003-stats-Fix-bad-file-descriptor-initialisation.patch
+++ b/meta/recipes-connectivity/connman/connman/0003-stats-Fix-bad-file-descriptor-initialisation.patch
@@ -0,0 +1,102 @@
+From c7f4151fb053b0d0691d8f10d7e3690265d28889 Mon Sep 17 00:00:00 2001
+From: Lukasz Nowak <lnowak@tycoint.com>
+Date: Wed, 26 Oct 2016 18:13:02 +0100
+Subject: [PATCH] stats: Fix bad file descriptor initialisation
+
+Stats file code initialises its file descriptor field to 0.  But 0 is
+a valid fd value. -1 should be used instead.  This causes problems
+when an error happens before a stats file is open (e.g. mkdir
+fails). The clean-up procedure, stats_free() calls close(fd).  When fd
+is 0, this first closes stdin, and then any files/sockets which
+received fd=0, re-used by the OS.
+
+Fixed several instances of bad file descriptor field handling, in case
+of errors.
+
+The bug results with connman freezing if there is no read/write storage
+directory available, and there are multiple active interfaces
+(fd=0 gets re-used for sockets in that case).
+
+The patch was imported from the Connman git repository
+(git://git.kernel.org/pub/scm/network/connman) as of commit id
+c7f4151fb053b0d0691d8f10d7e3690265d28889. 
+
+Upstream-Status: Accepted
+Signed-off-by: Lukasz Nowak <lnowak@tycoint.com>
+---
+ src/stats.c | 15 +++++++++++++++
+ src/util.c  |  4 ++--
+ 2 files changed, 17 insertions(+), 2 deletions(-)
+
+diff --git a/src/stats.c b/src/stats.c
+index 26343b1..c3ca738 100644
+--- a/src/stats.c
+++ b/src/stats.c
+@@ -378,6 +378,7 @@ static int stats_file_setup(struct stats_file *file)
+ 			strerror(errno), file->name);
+ 
+ 		TFR(close(file->fd));
+		file->fd = -1;
+ 		g_free(file->name);
+ 		file->name = NULL;
+ 
+@@ -393,6 +394,7 @@ static int stats_file_setup(struct stats_file *file)
+ 	err = stats_file_remap(file, size);
+ 	if (err < 0) {
+ 		TFR(close(file->fd));
+		file->fd = -1;
+ 		g_free(file->name);
+ 		file->name = NULL;
+ 
+@@ -649,6 +651,13 @@ static int stats_file_history_update(struct stats_file *data_file)
+ 	bzero(history_file, sizeof(struct stats_file));
+ 	bzero(temp_file, sizeof(struct stats_file));
+ 
+	/*
+	 * 0 is a valid file descriptor - fd needs to be initialized
+	 * to -1 to handle errors correctly
+	 */
+	history_file->fd = -1;
+	temp_file->fd = -1;
+
+ 	err = stats_open(history_file, data_file->history_name);
+ 	if (err < 0)
+ 		return err;
+@@ -682,6 +691,12 @@ int __connman_stats_service_register(struct connman_service *service)
+ 		if (!file)
+ 			return -ENOMEM;
+ 
+		/*
+		 * 0 is a valid file descriptor - fd needs to be initialized
+		 * to -1 to handle errors correctly
+		 */
+		file->fd = -1;
+
+ 		g_hash_table_insert(stats_hash, service, file);
+ 	} else {
+ 		return -EALREADY;
+diff --git a/src/util.c b/src/util.c
+index e6532c8..732d451 100644
+--- a/src/util.c
+++ b/src/util.c
+@@ -63,7 +63,7 @@ int __connman_util_init(void)
+ {
+ 	int r = 0;
+ 
+-	if (f > 0)
+	if (f >= 0)
+ 		return 0;
+ 
+ 	f = open(URANDOM, O_RDONLY);
+@@ -86,7 +86,7 @@ int __connman_util_init(void)
+ 
+ void __connman_util_cleanup(void)
+ {
+-	if (f > 0)
+	if (f >= 0)
+ 		close(f);
+ 
+ 	f = -1;
+-- 
+2.7.4
+
--- a/meta/recipes-connectivity/connman/connman_1.33.bb
+++ b/meta/recipes-connectivity/connman/connman_1.33.bb
@@ -5,6 +5,7 @@ SRC_URI  = "${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \
            file://connman \
            file://no-version-scripts.patch \
            file://includes.patch \
+            file://0003-stats-Fix-bad-file-descriptor-initialisation.patch \
            "
 SRC_URI_append_libc-musl = " file://0002-resolve-musl-does-not-implement-res_ninit.patch"

--- a/meta/recipes-connectivity/nfs-utils/nfs-utils/fix-protocol-minor-version-fall-back.patch
+++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/fix-protocol-minor-version-fall-back.patch
@@ -0,0 +1,55 @@
+From 78bb645a42c216b37b8d930c7c849a3fa89babf8 Mon Sep 17 00:00:00 2001
+From: Takashi Iwai <tiwai@suse.com>
+Date: Sat, 16 Jan 2016 12:02:30 -0500
+Subject: [PATCH] Fix protocol minor version fall-back
+
+mount.nfs currently expects mount(2) to fail with EPROTONOSUPPORT if
+the kernel doesn't understand the requested NFS version.
+
+Unfortunately if the requested minor is not known to the kernel
+it returns -EINVAL.
+In kernels since 3.11 this can happen in nfs4_alloc_client(), if
+compiled without NFS_V4_2.
+
+More generally it can happen in in nfs_validate_text_mount_data()
+when nfs_parse_mount_options() returns 0 because
+nfs_parse_version_string()
+didn't recognise the version.
+
+EPROTONOSUPPORT is only returned if NFSv4 support is completely compiled
+out.
+
+So nfs_autonegotiate needs to check for EINVAL as well as
+EPROTONOSUPPORT.
+
+URL: https://bugzilla.opensuse.org/show_bug.cgi?id=959211
+Reported-by: Takashi Iwai <tiwai@suse.com>
+Signed-off-by: NeilBrown <neilb@suse.com>
+Signed-off-by: Steve Dickson <steved@redhat.com>
+
+
+Upstream-Status: Backport
+http://git.linux-nfs.org/?p=steved/nfs-utils.git;a=patch;h=78bb645a42c216b37b8d930c7c849a3fa89babf8
+
+Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
+---
+ utils/mount/stropts.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/utils/mount/stropts.c b/utils/mount/stropts.c
+index c8f5a6d..86829a9 100644
+--- a/utils/mount/stropts.c
+++ b/utils/mount/stropts.c
+@@ -841,6 +841,9 @@ check_result:
+ 	case EPROTONOSUPPORT:
+ 		/* A clear indication that the server or our
+ 		 * client does not support NFS version 4 and minor */
+	case EINVAL:
+		/* A less clear indication that our client
+		 * does not support NFSv4 minor version. */
+ 		if (mi->version.v_mode == V_GENERAL &&
+ 			mi->version.minor == 0)
+ 				return result;
+-- 
+2.7.4
+
--- a/meta/recipes-connectivity/nfs-utils/nfs-utils_1.3.3.bb
+++ b/meta/recipes-connectivity/nfs-utils/nfs-utils_1.3.3.bb
@@ -33,6 +33,7 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/nfs-utils/${PV}/nfs-utils-${PV}.tar.x
           file://nfs-utils-debianize-start-statd.patch \
           file://0001-nfs-utils-statd-fix-a-segfault-caused-by-improper-us.patch \
           file://bugfix-adjust-statd-service-name.patch \
+           file://fix-protocol-minor-version-fall-back.patch \
 "

 SRC_URI[md5sum] = "cd6b568c2e9301cc3bfac09d87fbbc0b"
--- a/meta/recipes-connectivity/openssh/openssh/fix-CVE-2016-8858.patch
+++ b/meta/recipes-connectivity/openssh/openssh/fix-CVE-2016-8858.patch
@@ -0,0 +1,39 @@
+Fix CVE-2016-8858 of openssh
+
+Backport patch from upstream and drop the change of comment which can NOT be applied.
+
+Upstream-Status: Backport [ https://anongit.mindrot.org/openssh.git/commit/?id=ec165c3 ]
+CVE: CVE-2016-8858
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+---
+From ec165c392ca54317dbe3064a8c200de6531e89ad Mon Sep 17 00:00:00 2001
+From: "markus@openbsd.org" <markus@openbsd.org>
+Date: Mon, 10 Oct 2016 19:28:48 +0000
+Subject: [PATCH] upstream commit
+
+Unregister the KEXINIT handler after message has been
+received. Otherwise an unauthenticated peer can repeat the KEXINIT and cause
+allocation of up to 128MB -- until the connection is closed. Reported by
+shilei-c at 360.cn
+
+Upstream-ID: 43649ae12a27ef94290db16d1a98294588b75c05
+---
+ kex.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/kex.c b/kex.c
+index 3f97f8c..6a94bc5 100644
+--- a/kex.c
+++ b/kex.c
+@@ -481,6 +481,7 @@ kex_input_kexinit(int type, u_int32_t seq, void *ctxt)
+ 	if (kex == NULL)
+ 		return SSH_ERR_INVALID_ARGUMENT;
+ 
+	ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL);
+ 	ptr = sshpkt_ptr(ssh, &dlen);
+ 	if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0)
+ 		return r;
+-- 
+2.10.1
+
--- a/meta/recipes-connectivity/openssh/openssh_7.3p1.bb
+++ b/meta/recipes-connectivity/openssh/openssh_7.3p1.bb
@@ -25,6 +25,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar
           file://openssh-7.1p1-conditional-compile-des-in-cipher.patch \
           file://openssh-7.1p1-conditional-compile-des-in-pkcs11.patch \
           file://fix-potential-signed-overflow-in-pointer-arithmatic.patch \
+           file://fix-CVE-2016-8858.patch \
           "

 PAM_SRC_URI = "file://sshd"
--- a/meta/recipes-connectivity/openssl/openssl/0001-CVE-2017-3731.patch
+++ b/meta/recipes-connectivity/openssl/openssl/0001-CVE-2017-3731.patch
@@ -0,0 +1,46 @@
+From 0cde9a9645c949fd0acf657dadc747676245cfaf Mon Sep 17 00:00:00 2001
+From: Alexandru Moise <alexandru.moise@windriver.com>
+Date: Tue, 7 Feb 2017 11:13:19 +0200
+Subject: [PATCH 1/2] crypto/evp: harden RC4_MD5 cipher.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Originally a crash in 32-bit build was reported CHACHA20-POLY1305
+cipher. The crash is triggered by truncated packet and is result
+of excessive hashing to the edge of accessible memory (or bogus
+MAC value is produced if x86 MD5 assembly module is involved). Since
+hash operation is read-only it is not considered to be exploitable
+beyond a DoS condition.
+
+Thanks to Robert Święcki for report.
+
+CVE-2017-3731
+
+Backported from upstream commit:
+8e20499629b6bcf868d0072c7011e590b5c2294d
+
+Upstream-Status: Backport
+
+Reviewed-by: Rich Salz <rsalz@openssl.org>
+Signed-off-by: Alexandru Moise <alexandru.moise@windriver.com>
+---
+ crypto/evp/e_rc4_hmac_md5.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/crypto/evp/e_rc4_hmac_md5.c b/crypto/evp/e_rc4_hmac_md5.c
+index 5e92855..3293419 100644
+--- a/crypto/evp/e_rc4_hmac_md5.c
+++ b/crypto/evp/e_rc4_hmac_md5.c
+@@ -269,6 +269,8 @@ static int rc4_hmac_md5_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
+             len = p[arg - 2] << 8 | p[arg - 1];
+ 
+             if (!ctx->encrypt) {
+		if (len < MD5_DIGEST_LENGTH)
+                    return -1;
+                 len -= MD5_DIGEST_LENGTH;
+                 p[arg - 2] = len >> 8;
+                 p[arg - 1] = len;
+-- 
+2.10.2
+
--- a/meta/recipes-connectivity/openssl/openssl/0002-CVE-2017-3731.patch
+++ b/meta/recipes-connectivity/openssl/openssl/0002-CVE-2017-3731.patch
@@ -0,0 +1,53 @@
+From 6427f1accc54b515bb899370f1a662bfcb1caa52 Mon Sep 17 00:00:00 2001
+From: Alexandru Moise <alexandru.moise@windriver.com>
+Date: Tue, 7 Feb 2017 11:16:13 +0200
+Subject: [PATCH 2/2] crypto/evp: harden AEAD ciphers.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Originally a crash in 32-bit build was reported CHACHA20-POLY1305
+cipher. The crash is triggered by truncated packet and is result
+of excessive hashing to the edge of accessible memory. Since hash
+operation is read-only it is not considered to be exploitable
+beyond a DoS condition. Other ciphers were hardened.
+
+Thanks to Robert Święcki for report.
+
+CVE-2017-3731
+
+Backported from upstream commit:
+2198b3a55de681e1f3c23edb0586afe13f438051
+
+Upstream-Status: Backport
+
+Reviewed-by: Rich Salz <rsalz@openssl.org>
+Signed-off-by: Alexandru Moise <alexandru.moise@windriver.com>
+---
+ crypto/evp/e_aes.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
+index 1734a82..16dcd10 100644
+--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
+@@ -1235,10 +1235,15 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
+         {
+             unsigned int len = c->buf[arg - 2] << 8 | c->buf[arg - 1];
+             /* Correct length for explicit IV */
+	    if (len < EVP_GCM_TLS_EXPLICIT_IV_LEN)
+	        return 0;
+             len -= EVP_GCM_TLS_EXPLICIT_IV_LEN;
+             /* If decrypting correct for tag too */
+-            if (!c->encrypt)
+            if (!c->encrypt) {
+		if (len < EVP_GCM_TLS_TAG_LEN)
+		    return 0;
+                 len -= EVP_GCM_TLS_TAG_LEN;
+	    }
+             c->buf[arg - 2] = len >> 8;
+             c->buf[arg - 1] = len & 0xff;
+         }
+-- 
+2.10.2
+
--- a/meta/recipes-connectivity/openssl/openssl/CVE-2016-7055.patch
+++ b/meta/recipes-connectivity/openssl/openssl/CVE-2016-7055.patch
@@ -0,0 +1,43 @@
+From 57c4b9f6a2f800b41ce2836986fe33640f6c3f8a Mon Sep 17 00:00:00 2001
+From: Andy Polyakov <appro@openssl.org>
+Date: Sun, 6 Nov 2016 18:33:17 +0100
+Subject: [PATCH] bn/asm/x86_64-mont.pl: fix for CVE-2016-7055 (Low severity).
+
+Reviewed-by: Rich Salz <rsalz@openssl.org>
+(cherry picked from commit 2fac86d9abeaa643677d1ffd0a139239fdf9406a)
+
+Upstream-Status: Backport [https://github.com/openssl/openssl/commit/57c4b9f6a2f800b41ce2836986fe33640f6c3f8a]
+CVE: CVE-2016-7055
+Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
+---
+ crypto/bn/asm/x86_64-mont.pl | 5 ++---
+ 1 file changed, 2 insertions(+), 3 deletions(-)
+
+diff --git a/crypto/bn/asm/x86_64-mont.pl b/crypto/bn/asm/x86_64-mont.pl
+index 044fd7e..80492d8 100755
+--- a/crypto/bn/asm/x86_64-mont.pl
+++ b/crypto/bn/asm/x86_64-mont.pl
+@@ -1148,18 +1148,17 @@ $code.=<<___;
+ 	mulx	2*8($aptr),%r15,%r13	# ...
+ 	adox	-3*8($tptr),%r11
+ 	adcx	%r15,%r12
+-	adox	$zero,%r12
+	adox	-2*8($tptr),%r12
+ 	adcx	$zero,%r13
+	adox	$zero,%r13
+ 
+ 	mov	$bptr,8(%rsp)		# off-load &b[i]
+-	.byte	0x67
+ 	mov	$mi,%r15
+ 	imulq	24(%rsp),$mi		# "t[0]"*n0
+ 	xor	%ebp,%ebp		# xor	$zero,$zero	# cf=0, of=0
+ 
+ 	mulx	3*8($aptr),%rax,%r14
+ 	 mov	$mi,%rdx
+-	adox	-2*8($tptr),%r12
+ 	adcx	%rax,%r13
+ 	adox	-1*8($tptr),%r13
+ 	adcx	$zero,%r14
+-- 
+2.7.4
+
--- a/meta/recipes-connectivity/openssl/openssl/Use-SHA256-not-MD5-as-default-digest.patch
+++ b/meta/recipes-connectivity/openssl/openssl/Use-SHA256-not-MD5-as-default-digest.patch
@@ -0,0 +1,69 @@
+From d795f5f20a29adecf92c09459a3ee07ffac01a99 Mon Sep 17 00:00:00 2001
+From: Rich Salz <rsalz@akamai.com>
+Date: Sat, 13 Jun 2015 17:03:39 -0400
+Subject: [PATCH] Use SHA256 not MD5 as default digest.
+
+Commit f8547f62c212837dbf44fb7e2755e5774a59a57b upstream.
+
+Upstream-Status: Backport
+Backport from OpenSSL 2.0 to OpenSSL 1.0.2
+Commit f8547f62c212837dbf44fb7e2755e5774a59a57b   
+
+CVE: CVE-2004-2761
+
+    The MD5 Message-Digest Algorithm is not collision resistant,
+    which makes it easier for context-dependent attackers to            
+    conduct spoofing attacks, as demonstrated by attacks on the     
+    use of MD5 in the signature algorithm of an X.509 certificate.     
+
+Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
+Signed-off-by: Zhang Xiao <xiao.zhang@windriver.com>     
+Signed-off-by: T.O. Radzy Radzykewycz <radzy@windriver.com> 
+---
+ apps/ca.c   | 2 +-
+ apps/dgst.c | 2 +-
+ apps/enc.c  | 2 +-
+ 3 files changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/apps/ca.c b/apps/ca.c
+index 3b7336c..8f3a84b 100644
+--- a/apps/ca.c
+++ b/apps/ca.c
+@@ -1612,7 +1612,7 @@ static int certify_cert(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
+     } else
+         BIO_printf(bio_err, "Signature ok\n");
+ 
+-    if ((rreq = X509_to_X509_REQ(req, NULL, EVP_md5())) == NULL)
+    if ((rreq = X509_to_X509_REQ(req, NULL, NULL)) == NULL)
+         goto err;
+ 
+     ok = do_body(xret, pkey, x509, dgst, sigopts, policy, db, serial, subj,
+diff --git a/apps/dgst.c b/apps/dgst.c
+index 95e5fa3..0d1529f 100644
+--- a/apps/dgst.c
+++ b/apps/dgst.c
+@@ -442,7 +442,7 @@ int MAIN(int argc, char **argv)
+             goto end;
+         }
+         if (md == NULL)
+-            md = EVP_md5();
+            md = EVP_sha256();
+         if (!EVP_DigestInit_ex(mctx, md, impl)) {
+             BIO_printf(bio_err, "Error setting digest %s\n", pname);
+             ERR_print_errors(bio_err);
+diff --git a/apps/enc.c b/apps/enc.c
+index 7b7c70b..a7d944c 100644
+--- a/apps/enc.c
+++ b/apps/enc.c
+@@ -344,7 +344,7 @@ int MAIN(int argc, char **argv)
+     }
+ 
+     if (dgst == NULL) {
+-        dgst = EVP_md5();
+        dgst = EVP_sha256();
+     }
+ 
+     if (bufsize != NULL) {
+-- 
+1.9.1
+
--- a/meta/recipes-connectivity/openssl/openssl/openssl-c_rehash.sh
+++ b/meta/recipes-connectivity/openssl/openssl/openssl-c_rehash.sh
@@ -114,11 +114,11 @@ link_hash()
 	LINKFILE=${HASH}.${TAG}${SUFFIX}
    done

-    echo "${1} => ${LINKFILE}"
+    echo "${3} => ${LINKFILE}"

    # assume any system with a POSIX shell will either support symlinks or
    # do something to handle this gracefully
-    ln -s ${1} ${LINKFILE}
+    ln -s ${3} ${LINKFILE}

    return 0
 }
@@ -142,7 +142,19 @@ hash_dir()

    ls -1 *.pem *.cer *.crt *.crl 2>/dev/null | while read FILE
    do
-	check_file ${FILE}
+	REAL_FILE=${FILE}
+	# if we run on build host then get to the real files in rootfs
+	if [ -n "${SYSROOT}" -a -h ${FILE} ]
+	then
+	    FILE=$( readlink ${FILE} )
+	    # check the symlink is absolute (or dangling in other word)
+	    if [ "x/" = "x$( echo ${FILE} | cut -c1 -)" ]
+	    then
+		REAL_FILE=${SYSROOT}/${FILE}
+	    fi
+	fi
+
+	check_file ${REAL_FILE}
        local FILE_TYPE=${?}
 	local TYPE_STR=''

@@ -157,7 +169,7 @@ hash_dir()
 	    continue
        fi

-	link_hash ${FILE} ${TYPE_STR}
+	link_hash ${REAL_FILE} ${TYPE_STR} ${FILE}
    done
 }

--- a/meta/recipes-connectivity/openssl/openssl_1.0.2j.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.0.2j.bb
@@ -40,6 +40,9 @@ SRC_URI += "file://find.pl;subdir=${BP}/util/ \
            file://configure-musl-target.patch \
            file://parallel.patch \
            file://openssl-util-perlpath.pl-cwd.patch \
+            file://CVE-2016-7055.patch \
+            file://0001-CVE-2017-3731.patch \
+            file://0002-CVE-2017-3731.patch \
           "
 SRC_URI[md5sum] = "96322138f0b69e61b7212bc53d5e912b"
 SRC_URI[sha256sum] = "e7aff292be21c259c6af26469c7a9b3ba26e9abaaffd325e3dccc9785256c431"
--- a/meta/recipes-core/busybox/files/mdev.conf
+++ b/meta/recipes-core/busybox/files/mdev.conf
@@ -39,4 +39,6 @@ input/mouse.* 0:0 0660
 tun[0-9]* 0:0 0660 =net/

 [hs]d[a-z][0-9]? 0:0 660 */etc/mdev/mdev-mount.sh
+mmcblk[0-9]rpmb 0:0 660
+mmcblk[0-9]boot[0-9] 0:0 660
 mmcblk[0-9].* 0:0 660 */etc/mdev/mdev-mount.sh
--- a/meta/recipes-core/glibc/glibc.inc
+++ b/meta/recipes-core/glibc/glibc.inc
@@ -78,3 +78,9 @@ do_configure_prepend() {
 }

 GLIBC_ADDONS ?= "nptl,libidn"
+
+# Enable backtrace from abort()
+do_configure_append_arm () {
+	echo "CFLAGS-abort.c = -fasynchronous-unwind-tables" >> ${B}/configparms
+	echo "CFLAGS-raise.c = -fasynchronous-unwind-tables" >> ${B}/configparms
+}
--- a/meta/recipes-core/images/build-appliance-image_15.0.0.bb
+++ b/meta/recipes-core/images/build-appliance-image_15.0.0.bb
@@ -22,8 +22,8 @@ IMAGE_FSTYPES = "vmdk"

 inherit core-image module-base

-SRCREV ?= "4b94b498e21aeba945fe7e72a6b7c4bb0314fb83"
-SRC_URI = "git://git.yoctoproject.org/poky;branch=master \
+SRCREV ?= "8ba5b9eae34bbab537954ccee1726c7ee7a82750"
+SRC_URI = "git://git.yoctoproject.org/poky;branch=morty \
           file://Yocto_Build_Appliance.vmx \
           file://Yocto_Build_Appliance.vmxf \
           file://README_VirtualBox_Guest_Additions.txt \
@@ -63,7 +63,7 @@ fakeroot do_populate_poky_src () {
 	# Also save (for reference only) the actual SRCREV used to create this image
 	echo "export BA_SRCREV=${SRCREV}" >> ${IMAGE_ROOTFS}/home/builder/.bashrc
 	echo "" >> ${IMAGE_ROOTFS}/home/builder/.bashrc
-	echo "export PATH=$PATH:/sbin" >> ${IMAGE_ROOTFS}/home/builder/.bashrc
+	echo 'export PATH=$PATH:/sbin' >> ${IMAGE_ROOTFS}/home/builder/.bashrc
 	echo "" >> ${IMAGE_ROOTFS}/home/builder/.bashrc

 	echo "# If working behind a proxy and using the provided oe-git-proxy script" >> ${IMAGE_ROOTFS}/home/builder/.bashrc
--- a/Show More
+++ b/Show More