353 files changed, 31728 insertions, 4886 deletions

diff --git a/meta/lib/bbconfigbuild/configfragments.py b/meta/lib/bbconfigbuild/configfragments.py
new file mode 100644
index 0000000000..61c33ac316
--- /dev/null
+++ b/meta/lib/bbconfigbuild/configfragments.py
@@ -0,0 +1,185 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+
+import logging
+import os
+import sys
+import os.path
+
+import bb.utils
+
+from bblayers.common import LayerPlugin
+
+logger = logging.getLogger('bitbake-config-layers')
+
+sys.path.insert(0, os.path.dirname(os.path.dirname(__file__)))
+
+def plugin_init(plugins):
+    return ConfigFragmentsPlugin()
+
+class ConfigFragmentsPlugin(LayerPlugin):
+    def get_fragment_info(self, path, name):
+        d = bb.data.init()
+        d.setVar('BBPATH', self.tinfoil.config_data.getVar('BBPATH'))
+        bb.parse.handle(path, d, True)
+        summary = d.getVar('BB_CONF_FRAGMENT_SUMMARY')
+        description = d.getVar('BB_CONF_FRAGMENT_DESCRIPTION')
+        if not summary:
+            raise Exception('Please add a one-line summary as BB_CONF_FRAGMENT_SUMMARY = \"...\" variable at the beginning of {}'.format(path))
+
+        if not description:
+            raise Exception('Please add a description as BB_CONF_FRAGMENT_DESCRIPTION = \"...\" variable at the beginning of {}'.format(path))
+
+        return summary, description
+
+    def discover_fragments(self):
+        fragments_path_prefix = self.tinfoil.config_data.getVar('OE_FRAGMENTS_PREFIX')
+        allfragments = {}
+        for layername in self.bbfile_collections:
+             layerdir = self.bbfile_collections[layername]
+             fragments = []
+             for topdir, dirs, files in os.walk(os.path.join(layerdir, fragments_path_prefix)):
+                 fragmentdir = os.path.relpath(topdir, os.path.join(layerdir, fragments_path_prefix))
+                 for fragmentfile in sorted(files):
+                     if fragmentfile.startswith(".") or not fragmentfile.endswith(".conf"):
+                         continue
+                     fragmentname = os.path.normpath("/".join((layername, fragmentdir, fragmentfile.split('.')[0])))
+                     fragmentpath = os.path.join(topdir, fragmentfile)
+                     fragmentsummary, fragmentdesc = self.get_fragment_info(fragmentpath, fragmentname)
+                     fragments.append({'path':fragmentpath, 'name':fragmentname, 'summary':fragmentsummary, 'description':fragmentdesc})
+             if fragments:
+                 allfragments[layername] = {'layerdir':layerdir,'fragments':fragments}
+        return allfragments
+
+    def do_list_fragments(self, args):
+        """ List available configuration fragments """
+        def print_fragment(f, verbose, is_enabled):
+            if not verbose:
+                print('{}\t{}'.format(f['name'], f['summary']))
+            else:
+                print('Name: {}\nPath: {}\nEnabled: {}\nSummary: {}\nDescription:\n{}\n'.format(f['name'], f['path'], 'yes' if is_enabled else 'no', f['summary'],''.join(f['description'])))
+
+        def print_builtin_fragments(builtin, enabled):
+            print('Available built-in fragments:')
+            builtin_dict = {i[0]:i[1] for i in [f.split(':') for f in builtin]}
+            for prefix,var in builtin_dict.items():
+                print('{}/...\tSets {} = ...'.format(prefix, var))
+            print('')
+            enabled_builtin_fragments = [f for f in enabled if self.builtin_fragment_exists(f)]
+            print('Enabled built-in fragments:')
+            for f in enabled_builtin_fragments:
+                 prefix, value = f.split('/', 1)
+                 print('{}\tSets {} = "{}"'.format(f, builtin_dict[prefix], value))
+            print('')
+
+        all_enabled_fragments = (self.tinfoil.config_data.getVar('OE_FRAGMENTS') or "").split()
+        all_builtin_fragments = (self.tinfoil.config_data.getVar('OE_FRAGMENTS_BUILTIN') or "").split()
+        print_builtin_fragments(all_builtin_fragments, all_enabled_fragments)
+
+        for layername, layerdata in self.discover_fragments().items():
+            layerdir = layerdata['layerdir']
+            fragments = layerdata['fragments']
+            enabled_fragments = [f for f in fragments if f['name'] in all_enabled_fragments]
+            disabled_fragments = [f for f in fragments if f['name'] not in all_enabled_fragments]
+
+            print('Available fragments in {} layer located in {}:\n'.format(layername, layerdir))
+            if enabled_fragments:
+                print('Enabled fragments:')
+                for f in enabled_fragments:
+                    print_fragment(f, args.verbose, is_enabled=True)
+                print('')
+            if disabled_fragments:
+                print('Unused fragments:')
+                for f in disabled_fragments:
+                    print_fragment(f, args.verbose, is_enabled=False)
+            print('')
+
+    def fragment_exists(self, fragmentname):
+        for layername, layerdata in self.discover_fragments().items():
+            for f in layerdata['fragments']:
+              if f['name'] == fragmentname:
+                  return True
+        return False
+
+    def builtin_fragment_exists(self, fragmentname):
+        fragment_prefix = fragmentname.split("/",1)[0]
+        fragment_prefix_defs = set([f.split(':')[0] for f in self.tinfoil.config_data.getVar('OE_FRAGMENTS_BUILTIN').split()])
+        return fragment_prefix in fragment_prefix_defs
+
+    def create_conf(self, confpath):
+        if not os.path.exists(confpath):
+            with open(confpath, 'w') as f:
+                f.write('')
+        with open(confpath, 'r') as f:
+            lines = f.read()
+        if "OE_FRAGMENTS += " not in lines:
+            lines += "\nOE_FRAGMENTS += \"\"\n"
+        with open(confpath, 'w') as f:
+            f.write(lines)
+
+    def do_enable_fragment(self, args):
+        """ Enable a fragment in the local build configuration """
+        def enable_helper(varname, origvalue, op, newlines):
+            enabled_fragments = origvalue.split()
+            for f in args.fragmentname:
+                if f in enabled_fragments:
+                    print("Fragment {} already included in {}".format(f, args.confpath))
+                else:
+                    enabled_fragments.append(f)
+            return " ".join(enabled_fragments), None, 0, True
+
+        for f in args.fragmentname:
+            if not self.fragment_exists(f) and not self.builtin_fragment_exists(f):
+                raise Exception("Fragment {} does not exist; use 'list-fragments' to see the full list.".format(f))
+
+        self.create_conf(args.confpath)
+        modified = bb.utils.edit_metadata_file(args.confpath, ["OE_FRAGMENTS"], enable_helper)
+        if modified:
+            print("Fragment {} added to {}.".format(", ".join(args.fragmentname), args.confpath))
+
+    def do_disable_fragment(self, args):
+        """ Disable a fragment in the local build configuration """
+        def disable_helper(varname, origvalue, op, newlines):
+            enabled_fragments = origvalue.split()
+            for f in args.fragmentname:
+                if f in enabled_fragments:
+                    enabled_fragments.remove(f)
+                else:
+                    print("Fragment {} not currently enabled in {}".format(f, args.confpath))
+            return " ".join(enabled_fragments), None, 0, True
+
+        self.create_conf(args.confpath)
+        modified = bb.utils.edit_metadata_file(args.confpath, ["OE_FRAGMENTS"], disable_helper)
+        if modified:
+            print("Fragment {} removed from {}.".format(", ".join(args.fragmentname), args.confpath))
+
+    def do_disable_all_fragments(self, args):
+        """ Disable all fragments in the local build configuration """
+        def disable_all_helper(varname, origvalue, op, newlines):
+            return "", None, 0, True
+
+        self.create_conf(args.confpath)
+        modified = bb.utils.edit_metadata_file(args.confpath, ["OE_FRAGMENTS"], disable_all_helper)
+        if modified:
+            print("All fragments removed from {}.".format(args.confpath))
+
+    def register_commands(self, sp):
+        default_confpath = os.path.join(os.environ["BBPATH"], "conf/auto.conf")
+
+        parser_list_fragments = self.add_command(sp, 'list-fragments', self.do_list_fragments, parserecipes=False)
+        parser_list_fragments.add_argument("--confpath", default=default_confpath, help='Configuration file which contains a list of enabled fragments (default is {}).'.format(default_confpath))
+        parser_list_fragments.add_argument('--verbose', '-v', action='store_true', help='Print extended descriptions of the fragments')
+
+        parser_enable_fragment = self.add_command(sp, 'enable-fragment', self.do_enable_fragment, parserecipes=False)
+        parser_enable_fragment.add_argument("--confpath", default=default_confpath, help='Configuration file which contains a list of enabled fragments (default is {}).'.format(default_confpath))
+        parser_enable_fragment.add_argument('fragmentname', help='The name of the fragment (use list-fragments to see them)', nargs='+')
+
+        parser_disable_fragment = self.add_command(sp, 'disable-fragment', self.do_disable_fragment, parserecipes=False)
+        parser_disable_fragment.add_argument("--confpath", default=default_confpath, help='Configuration file which contains a list of enabled fragments (default is {}).'.format(default_confpath))
+        parser_disable_fragment.add_argument('fragmentname', help='The name of the fragment', nargs='+')
+
+        parser_disable_all = self.add_command(sp, 'disable-all-fragments', self.do_disable_all_fragments, parserecipes=False)
+        parser_disable_all.add_argument("--confpath", default=default_confpath, help='Configuration file which contains a list of enabled fragments (default is {}).'.format(default_confpath))
diff --git a/meta/lib/bblayers/buildconf.py b/meta/lib/bblayers/buildconf.py
new file mode 100644
index 0000000000..722cf0723c
--- /dev/null
+++ b/meta/lib/bblayers/buildconf.py
@@ -0,0 +1,84 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+
+import logging
+import os
+import sys
+
+from bblayers.common import LayerPlugin
+
+logger = logging.getLogger('bitbake-layers')
+
+sys.path.insert(0, os.path.dirname(os.path.dirname(__file__)))
+
+import oe.buildcfg
+
+def plugin_init(plugins):
+    return BuildConfPlugin()
+
+class BuildConfPlugin(LayerPlugin):
+    notes_fixme = """FIXME: Please place here the detailed instructions for using this build configuration.
+They will be shown to the users when they set up their builds via TEMPLATECONF.
+"""
+    summary_fixme = """FIXME: Please place here the short summary of what this build configuration is for.
+It will be shown to the users when they set up their builds via TEMPLATECONF.
+"""
+
+    def _save_conf(self, templatename, templatepath, oecorepath, relpaths_to_oecore):
+        confdir = os.path.join(os.environ["BBPATH"], "conf")
+        destdir = os.path.join(templatepath, "conf", "templates", templatename)
+        os.makedirs(destdir, exist_ok=True)
+
+        with open(os.path.join(confdir, "local.conf")) as src:
+            with open(os.path.join(destdir, "local.conf.sample"), 'w') as dest:
+                dest.write(src.read())
+
+        with open(os.path.join(confdir, "bblayers.conf")) as src:
+            with open(os.path.join(destdir, "bblayers.conf.sample"), 'w') as dest:
+                bblayers_data = src.read()
+
+                for (abspath, relpath) in relpaths_to_oecore:
+                    bblayers_data = bblayers_data.replace(abspath, "##OEROOT##/" + relpath)
+                dest.write(bblayers_data)
+
+        with open(os.path.join(destdir, "conf-summary.txt"), 'w') as dest:
+            dest.write(self.summary_fixme)
+        with open(os.path.join(destdir, "conf-notes.txt"), 'w') as dest:
+            dest.write(self.notes_fixme)
+
+        logger.info("""Configuration template placed into {}
+Please review the files in there, and particularly provide a configuration summary in {}
+and notes in {}
+You can try out the configuration with
+TEMPLATECONF={} . {}/oe-init-build-env build-try-{}"""
+.format(destdir, os.path.join(destdir, "conf-summary.txt"), os.path.join(destdir, "conf-notes.txt"), destdir, oecorepath, templatename))
+
+    def do_save_build_conf(self, args):
+        """ Save the currently active build configuration (conf/local.conf, conf/bblayers.conf) as a template into a layer.\n This template can later be used for setting up builds via TEMPLATECONF. """
+        layers = oe.buildcfg.get_layer_revisions(self.tinfoil.config_data)
+        targetlayer = None
+        oecore = None
+
+        for l in layers:
+            if os.path.abspath(l[0]) == os.path.abspath(args.layerpath):
+                targetlayer = l[0]
+            if l[1] == 'meta':
+                oecore = os.path.dirname(l[0])
+
+        if not targetlayer:
+            logger.error("Layer {} not in one of the currently enabled layers:\n{}".format(args.layerpath, "\n".join([l[0] for l in layers])))
+        elif not oecore:
+            logger.error("Openembedded-core not in one of the currently enabled layers:\n{}".format("\n".join([l[0] for l in layers])))
+        else:
+            relpaths_to_oecore = [(l[0], os.path.relpath(l[0], start=oecore)) for l in layers]
+            self._save_conf(args.templatename, targetlayer, oecore, relpaths_to_oecore)
+
+    def register_commands(self, sp):
+        parser_build_conf = self.add_command(sp, 'save-build-conf', self.do_save_build_conf, parserecipes=False)
+        parser_build_conf.add_argument('layerpath',
+            help='The path to the layer where the configuration template should be saved.')
+        parser_build_conf.add_argument('templatename',
+            help='The name of the configuration template.')
diff --git a/meta/lib/bblayers/create.py b/meta/lib/bblayers/create.py
index 542f31fc81..517554c587 100644
--- a/meta/lib/bblayers/create.py
+++ b/meta/lib/bblayers/create.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
@@ -10,6 +12,7 @@ import shutil
 import bb.utils
 
 from bblayers.common import LayerPlugin
+from bblayers.action import ActionPlugin
 
 logger = logging.getLogger('bitbake-layers')
 
@@ -35,6 +38,7 @@ class CreatePlugin(LayerPlugin):
         bb.utils.mkdirhier(conf)
 
         layername = os.path.basename(os.path.normpath(args.layerdir))
+        layerid = args.layerid if args.layerid is not None else layername
 
         # Create the README from templates/README
         readme_template =  read_template('README').format(layername=layername)
@@ -50,11 +54,11 @@ class CreatePlugin(LayerPlugin):
         shutil.copy(license_src, license_dst)
 
         # Get the compat value for core layer.
-        compat = self.tinfoil.config_data.getVar('LAYERSERIES_COMPAT_core') or ""
+        compat = self.tinfoil.config_data.getVar('LAYERSERIES_CORENAMES') or ""
 
         # Create the layer.conf from templates/layer.conf
         layerconf_template = read_template('layer.conf').format(
-                layername=layername, priority=args.priority, compat=compat)
+                layerid=layerid, priority=args.priority, compat=compat)
         layerconf = os.path.join(conf, 'layer.conf')
         with open(layerconf, 'w') as fd:
             fd.write(layerconf_template)
@@ -66,12 +70,21 @@ class CreatePlugin(LayerPlugin):
         with open(os.path.join(example, args.examplerecipe + '_%s.bb') % args.version, 'w') as fd:
             fd.write(example_template)
 
-        logger.plain('Add your new layer with \'bitbake-layers add-layer %s\'' % args.layerdir)
+        if args.add_layer:
+            # Add the layer to bblayers.conf
+            args.layerdir = [layerdir]
+            ActionPlugin.do_add_layer(self, args)
+            logger.plain('Layer added %s' % args.layerdir)
+
+        else:
+            logger.plain('Add your new layer with \'bitbake-layers add-layer %s\'' % args.layerdir)
 
     def register_commands(self, sp):
         parser_create_layer = self.add_command(sp, 'create-layer', self.do_create_layer, parserecipes=False)
         parser_create_layer.add_argument('layerdir', help='Layer directory to create')
-        parser_create_layer.add_argument('--priority', '-p', default=6, help='Layer directory to create')
+        parser_create_layer.add_argument('--add-layer', '-a', action='store_true', help='Add the layer to bblayers.conf after creation')
+        parser_create_layer.add_argument('--layerid', '-i', help='Layer id to use if different from layername')
+        parser_create_layer.add_argument('--priority', '-p', default=6, help='Priority of recipes in layer')
         parser_create_layer.add_argument('--example-recipe-name', '-e', dest='examplerecipe', default='example', help='Filename of the example recipe')
         parser_create_layer.add_argument('--example-recipe-version', '-v', dest='version', default='0.1', help='Version number for the example recipe')
 
diff --git a/meta/lib/bblayers/machines.py b/meta/lib/bblayers/machines.py
new file mode 100644
index 0000000000..5fd970af0e
--- /dev/null
+++ b/meta/lib/bblayers/machines.py
@@ -0,0 +1,37 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+
+import logging
+import pathlib
+
+from bblayers.common import LayerPlugin
+
+logger = logging.getLogger('bitbake-layers')
+
+def plugin_init(plugins):
+    return ShowMachinesPlugin()
+
+class ShowMachinesPlugin(LayerPlugin):
+    def do_show_machines(self, args):
+        """List the machines available in the currently configured layers."""
+
+        for layer_dir in self.bblayers:
+            layer_name = self.get_layer_name(layer_dir)
+
+            if args.layer and args.layer != layer_name:
+                continue
+
+            for p in sorted(pathlib.Path(layer_dir).glob("conf/machine/*.conf")):
+                if args.bare:
+                    logger.plain("%s" % (p.stem))
+                else:
+                    logger.plain("%s (%s)" % (p.stem, layer_name))
+
+
+    def register_commands(self, sp):
+        parser_show_machines = self.add_command(sp, "show-machines", self.do_show_machines)
+        parser_show_machines.add_argument('-b', '--bare', help='output just the machine names, not the source layer', action='store_true')
+        parser_show_machines.add_argument('-l', '--layer', help='Limit to machines in the specified layer')
diff --git a/meta/lib/bblayers/makesetup.py b/meta/lib/bblayers/makesetup.py
new file mode 100644
index 0000000000..4199b5f069
--- /dev/null
+++ b/meta/lib/bblayers/makesetup.py
@@ -0,0 +1,101 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+
+import logging
+import os
+import sys
+
+import bb.utils
+
+from bblayers.common import LayerPlugin
+
+logger = logging.getLogger('bitbake-layers')
+
+sys.path.insert(0, os.path.dirname(os.path.dirname(__file__)))
+
+import oe.buildcfg
+
+def plugin_init(plugins):
+    return MakeSetupPlugin()
+
+class MakeSetupPlugin(LayerPlugin):
+
+    def _get_remotes_with_url(self, repo_path):
+        remotes = {}
+        for r in oe.buildcfg.get_metadata_git_remotes(repo_path):
+            remotes[r] = {'uri':oe.buildcfg.get_metadata_git_remote_url(repo_path, r)}
+        return remotes
+
+    def _is_submodule(self, repo_path):
+        # This is slightly brittle: git does not offer a way to tell whether
+        # a given repo dir is a submodule checkout, so we need to rely on .git
+        # being a file (rather than a dir like it is in standalone checkouts).
+        # The file typically contains a gitdir pointer to elsewhere.
+        return os.path.isfile(os.path.join(repo_path,".git"))
+
+    def make_repo_config(self, destdir):
+        """ This is a helper function for the writer plugins that discovers currently configured layers.
+        The writers do not have to use it, but it can save a bit of work and avoid duplicated code, hence it is
+        available here. """
+        repos = {}
+        layers = oe.buildcfg.get_layer_revisions(self.tinfoil.config_data)
+        destdir_repo = oe.buildcfg.get_metadata_git_toplevel(destdir)
+
+        for (l_path, l_name, l_branch, l_rev, l_ismodified) in layers:
+            if l_name == 'workspace':
+                continue
+            if l_ismodified:
+                e = "Layer {name} in {path} has uncommitted modifications or is not in a git repository.".format(name=l_name,path=l_path)
+                logger.error(e)
+                raise Exception(e)
+            repo_path = oe.buildcfg.get_metadata_git_toplevel(l_path)
+
+            if self._is_submodule(repo_path):
+                continue
+            if repo_path not in repos.keys():
+                repos[repo_path] = {'path':os.path.basename(repo_path),'git-remote':{
+                        'rev':l_rev,
+                        'branch':l_branch,
+                        'remotes':self._get_remotes_with_url(repo_path),
+                        'describe':oe.buildcfg.get_metadata_git_describe(repo_path)}}
+                if repo_path == destdir_repo:
+                    repos[repo_path]['contains_this_file'] = True
+
+        top_path = os.path.commonpath([os.path.dirname(r) for r in repos.keys()])
+
+        repos_nopaths = {}
+        for r in repos.keys():
+            r_nopath = os.path.basename(r)
+            repos_nopaths[r_nopath] = repos[r]
+            r_relpath = os.path.relpath(r, top_path)
+            repos_nopaths[r_nopath]['path'] = r_relpath
+            repos_nopaths[r_nopath]['originpath'] = r
+        return repos_nopaths
+
+    def do_make_setup(self, args):
+        """ Writes out a configuration file and/or a script that replicate the directory structure and revisions of the layers in a current build. """
+        for p in self.plugins:
+            if str(p) == args.writer:
+                p.do_write(self, args)
+
+    def register_commands(self, sp):
+        parser_setup_layers = self.add_command(sp, 'create-layers-setup', self.do_make_setup, parserecipes=False)
+        parser_setup_layers.add_argument('destdir',
+            help='Directory where to write the output\n(if it is inside one of the layers, the layer becomes a bootstrap repository and thus will be excluded from fetching).')
+        parser_setup_layers.add_argument('--output-prefix', '-o',
+            help='File name prefix for the output files, if the default (setup-layers) is undesirable.')
+
+        self.plugins = []
+
+        for path in (self.tinfoil.config_data.getVar('BBPATH').split(':')):
+            pluginpath = os.path.join(path, 'lib', 'bblayers', 'setupwriters')
+            bb.utils.load_plugins(logger, self.plugins, pluginpath)
+
+        parser_setup_layers.add_argument('--writer', '-w', choices=[str(p) for p in self.plugins], help="Choose the output format (defaults to oe-setup-layers).\n\nCurrently supported options are:\noe-setup-layers - a self-contained python script and a json config for it.\n\n", default="oe-setup-layers")
+
+        for plugin in self.plugins:
+            if hasattr(plugin, 'register_arguments'):
+                plugin.register_arguments(parser_setup_layers)
diff --git a/meta/lib/bblayers/setupwriters/oe-setup-layers.py b/meta/lib/bblayers/setupwriters/oe-setup-layers.py
new file mode 100644
index 0000000000..8faeabfabc
--- /dev/null
+++ b/meta/lib/bblayers/setupwriters/oe-setup-layers.py
@@ -0,0 +1,122 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+
+import logging
+import os
+import json
+import stat
+
+logger = logging.getLogger('bitbake-layers')
+
+def plugin_init(plugins):
+    return OeSetupLayersWriter()
+
+class OeSetupLayersWriter():
+
+    def __str__(self):
+        return "oe-setup-layers"
+
+    def _write_python(self, input, output):
+        with open(input) as f:
+            script = f.read()
+        with open(output, 'w') as f:
+            f.write(script)
+        st = os.stat(output)
+        os.chmod(output, st.st_mode | stat.S_IEXEC | stat.S_IXGRP | stat.S_IXOTH)
+
+    def _write_json(self, repos, output):
+        with open(output, 'w') as f:
+            json.dump(repos, f, sort_keys=True, indent=4)
+
+    def _read_repo_config(self, json_path):
+        with open(json_path) as f:
+            json_config = json.load(f)
+
+        supported_versions = ["1.0"]
+        if json_config["version"] not in supported_versions:
+            err = "File {} has version {}, which is not in supported versions: {}".format(json_path, json_config["version"], supported_versions)
+            logger.error(err)
+            raise Exception(err)
+
+        return json_config
+
+    def _modify_repo_config(self, json_config, args):
+        sources = json_config['sources']
+        for pair in args.custom_references:
+            try:
+                repo, rev = pair.split(':', maxsplit=1)
+            except ValueError:
+                err = "Invalid custom reference specified: '{}'. Provide one using 'REPOSITORY:REFERENCE'.".format(pair)
+                logger.error(err)
+                raise Exception(err)
+            if not repo in sources.keys():
+                err = "Repository {} does not exist in setup-layers config".format(repo)
+                logger.error(err)
+                raise Exception(err)
+
+            layer_remote = json_config['sources'][repo]['git-remote']
+            layer_remote['rev'] = rev
+            # Clear describe
+            layer_remote['describe'] = ''
+
+    def do_write(self, parent, args):
+        """ Writes out a python script and a json config that replicate the directory structure and revisions of the layers in a current build. """
+        output = args.output_prefix or "setup-layers"
+        output = os.path.join(os.path.abspath(args.destdir), output)
+
+        if args.update:
+            # Modify existing layers setup
+            if args.custom_references is None:
+                err = "No custom reference specified. Please provide one using '--use-custom-reference REPOSITORY:REFERENCE'."
+                logger.error(err)
+                raise Exception(err)
+
+            json = self._read_repo_config(output + ".json")
+            if not 'sources' in json.keys():
+                err = "File {}.json does not contain valid layer sources.".format(output)
+                logger.error(err)
+                raise Exception(err)
+
+        else:
+            # Create new layers setup
+            if not os.path.exists(args.destdir):
+                os.makedirs(args.destdir)
+            repos = parent.make_repo_config(args.destdir)
+            for r in repos.values():
+                if not r['git-remote']['remotes'] and not r.get('contains_this_file', False):
+                    e = "Layer repository in {path} does not have any remotes configured. Please add at least one with 'git remote add'.".format(path=r['originpath'])
+                    raise Exception(e)
+                del r['originpath']
+            json = {"version":"1.0","sources":repos}
+            if not repos:
+                err = "Could not determine layer sources"
+                logger.error(err)
+                raise Exception(err)
+
+        if args.custom_references is not None:
+            self._modify_repo_config(json, args)
+
+        self._write_json(json, output + ".json")
+        logger.info('Created {}.json'.format(output))
+        if not args.json_only:
+            self._write_python(os.path.join(os.path.dirname(__file__),'../../../../scripts/oe-setup-layers'), output)
+            logger.info('Created {}'.format(output))
+
+    def register_arguments(self, parser):
+        parser.add_argument('--json-only', action='store_true',
+            help='When using the oe-setup-layers writer, write only the layer configuruation in json format. Otherwise, also a copy of scripts/oe-setup-layers (from oe-core or poky) is provided, which is a self contained python script that fetches all the needed layers and sets them to correct revisions using the data from the json.')
+
+        parser.add_argument('--update', '-u',
+            action='store_true',
+            help=("Instead of writing a new json file, update an existing layer setup json file with custom references provided via the '--use-custom-reference' option."
+                  "\nThis will only update repositories for which a custom reference is specified, all other repositores will be left unchanged."))
+        parser.add_argument('--use-custom-reference', '-r',
+            action='append',
+            dest='custom_references',
+            metavar='REPOSITORY:REFERENCE',
+            help=("A pair consisting of a repository and a custom reference to use for it (by default the currently checked out commit id would be written out)."
+                  "\nThis value can be any reference that 'git checkout' would accept, and is not checked for validity."
+                  "\nThis option can be used multiple times."))
diff --git a/meta/lib/bblayers/templates/layer.conf b/meta/lib/bblayers/templates/layer.conf
index e2eaff4346..dddfbf716e 100644
--- a/meta/lib/bblayers/templates/layer.conf
+++ b/meta/lib/bblayers/templates/layer.conf
@@ -5,9 +5,9 @@ BBPATH .= ":${{LAYERDIR}}"
 BBFILES += "${{LAYERDIR}}/recipes-*/*/*.bb \
             ${{LAYERDIR}}/recipes-*/*/*.bbappend"
 
-BBFILE_COLLECTIONS += "{layername}"
-BBFILE_PATTERN_{layername} = "^${{LAYERDIR}}/"
-BBFILE_PRIORITY_{layername} = "{priority}"
+BBFILE_COLLECTIONS += "{layerid}"
+BBFILE_PATTERN_{layerid} = "^${{LAYERDIR}}/"
+BBFILE_PRIORITY_{layerid} = "{priority}"
 
-LAYERDEPENDS_{layername} = "core"
-LAYERSERIES_COMPAT_{layername} = "{compat}"
+LAYERDEPENDS_{layerid} = "core"
+LAYERSERIES_COMPAT_{layerid} = "{compat}"
diff --git a/meta/lib/oe/__init__.py b/meta/lib/oe/__init__.py
index 4e7c09da04..73de774266 100644
--- a/meta/lib/oe/__init__.py
+++ b/meta/lib/oe/__init__.py
@@ -1,6 +1,15 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
 from pkgutil import extend_path
 __path__ = extend_path(__path__, __name__)
+
+# Modules with vistorcode need to go first else anything depending on them won't be
+# processed correctly (e.g. qa)
+BBIMPORTS = ["qa", "data", "path", "utils", "types", "package", "packagedata", \
+             "packagegroup", "sstatesig", "lsb", "cachedpath", "license", "qemu", \
+             "reproducible", "rust", "buildcfg", "go", "spdx30_tasks", "spdx_common", \
+             "cve_check", "tune"]
diff --git a/meta/lib/oe/bootfiles.py b/meta/lib/oe/bootfiles.py
new file mode 100644
index 0000000000..7ee148c4e2
--- /dev/null
+++ b/meta/lib/oe/bootfiles.py
@@ -0,0 +1,57 @@
+#
+# SPDX-License-Identifier: MIT
+#
+# Copyright (C) 2024 Marcus Folkesson
+# Author: Marcus Folkesson <marcus.folkesson@gmail.com>
+#
+# Utility functions handling boot files
+#
+# Look into deploy_dir and search for boot_files.
+# Returns a list of tuples with (original filepath relative to
+# deploy_dir, desired filepath renaming)
+#
+# Heavily inspired of bootimg_partition.py
+#
+def get_boot_files(deploy_dir, boot_files):
+    import re
+    import os
+    from glob import glob
+
+    if boot_files is None:
+        return None
+
+    # list of tuples (src_name, dst_name)
+    deploy_files = []
+    for src_entry in re.findall(r'[\w;\-\./\*]+', boot_files):
+        if ';' in src_entry:
+            dst_entry = tuple(src_entry.split(';'))
+            if not dst_entry[0] or not dst_entry[1]:
+                raise ValueError('Malformed boot file entry: %s' % src_entry)
+        else:
+            dst_entry = (src_entry, src_entry)
+
+        deploy_files.append(dst_entry)
+
+    install_files = []
+    for deploy_entry in deploy_files:
+        src, dst = deploy_entry
+        if '*' in src:
+            # by default install files under their basename
+            entry_name_fn = os.path.basename
+            if dst != src:
+                # unless a target name was given, then treat name
+                # as a directory and append a basename
+                entry_name_fn = lambda name: \
+                                os.path.join(dst,
+                                             os.path.basename(name))
+
+            srcs = glob(os.path.join(deploy_dir, src))
+
+            for entry in srcs:
+                src = os.path.relpath(entry, deploy_dir)
+                entry_dst_name = entry_name_fn(entry)
+                install_files.append((src, entry_dst_name))
+        else:
+            install_files.append((src, dst))
+
+    return install_files
diff --git a/meta/lib/oe/buildcfg.py b/meta/lib/oe/buildcfg.py
new file mode 100644
index 0000000000..85b903fab0
--- /dev/null
+++ b/meta/lib/oe/buildcfg.py
@@ -0,0 +1,79 @@
+
+import os
+import subprocess
+import bb.process
+
+def detect_revision(d):
+    path = get_scmbasepath(d)
+    return get_metadata_git_revision(path)
+
+def detect_branch(d):
+    path = get_scmbasepath(d)
+    return get_metadata_git_branch(path)
+
+def get_scmbasepath(d):
+    return os.path.join(d.getVar('COREBASE'), 'meta')
+
+def get_metadata_git_branch(path):
+    try:
+        rev, _ = bb.process.run('git rev-parse --abbrev-ref HEAD', cwd=path)
+    except (bb.process.ExecutionError, bb.process.NotFoundError):
+        rev = '<unknown>'
+    return rev.strip()
+
+def get_metadata_git_revision(path):
+    try:
+        rev, _ = bb.process.run('git rev-parse HEAD', cwd=path)
+    except (bb.process.ExecutionError, bb.process.NotFoundError):
+        rev = '<unknown>'
+    return rev.strip()
+
+def get_metadata_git_toplevel(path):
+    try:
+        toplevel, _ = bb.process.run('git rev-parse --show-toplevel', cwd=path)
+    except (bb.process.ExecutionError, bb.process.NotFoundError):
+        return ""
+    return toplevel.strip()
+
+def get_metadata_git_remotes(path):
+    try:
+        remotes_list, _ = bb.process.run('git remote', cwd=path)
+        remotes = remotes_list.split()
+    except (bb.process.ExecutionError, bb.process.NotFoundError):
+        remotes = []
+    return remotes
+
+def get_metadata_git_remote_url(path, remote):
+    try:
+        uri, _ = bb.process.run('git remote get-url {remote}'.format(remote=remote), cwd=path)
+    except (bb.process.ExecutionError, bb.process.NotFoundError):
+        return ""
+    return uri.strip()
+
+def get_metadata_git_describe(path):
+    try:
+        describe, _ = bb.process.run('git describe --tags --dirty', cwd=path)
+    except (bb.process.ExecutionError, bb.process.NotFoundError):
+        return ""
+    return describe.strip()
+
+def is_layer_modified(path):
+    try:
+        subprocess.check_output("""cd %s; export PSEUDO_UNLOAD=1; set -e;
+                                git diff --quiet --no-ext-diff
+                                git diff --quiet --no-ext-diff --cached""" % path,
+                                shell=True,
+                                stderr=subprocess.STDOUT)
+        return ""
+    except subprocess.CalledProcessError as ex:
+        # Silently treat errors as "modified", without checking for the
+        # (expected) return code 1 in a modified git repo. For example, we get
+        # output and a 129 return code when a layer isn't a git repo at all.
+        return " -- modified"
+
+def get_layer_revisions(d):
+    layers = (d.getVar("BBLAYERS") or "").split()
+    revisions = []
+    for i in layers:
+        revisions.append((i, os.path.basename(i), get_metadata_git_branch(i).strip(), get_metadata_git_revision(i), is_layer_modified(i)))
+    return revisions
diff --git a/meta/lib/oe/buildhistory_analysis.py b/meta/lib/oe/buildhistory_analysis.py
index b1856846b6..4edad01580 100644
--- a/meta/lib/oe/buildhistory_analysis.py
+++ b/meta/lib/oe/buildhistory_analysis.py
@@ -562,7 +562,7 @@ def compare_siglists(a_blob, b_blob, taskdiff=False):
                 elif not hash2 in hashfiles:
                     out.append("Unable to find matching sigdata for %s with hash %s" % (desc, hash2))
                 else:
-                    out2 = bb.siggen.compare_sigfiles(hashfiles[hash1], hashfiles[hash2], recursecb, collapsed=True)
+                    out2 = bb.siggen.compare_sigfiles(hashfiles[hash1]['path'], hashfiles[hash2]['path'], recursecb, collapsed=True)
                     for line in out2:
                         m = hashlib.sha256()
                         m.update(line.encode('utf-8'))
diff --git a/meta/lib/buildstats.py b/meta/lib/oe/buildstats.py
index 8627ed3c31..2700245ec6 100644
--- a/meta/lib/buildstats.py
+++ b/meta/lib/oe/buildstats.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 # Implements system state sampling. Called by buildstats.bbclass.
@@ -8,19 +10,35 @@
 import time
 import re
 import bb.event
+from collections import deque
 
 class SystemStats:
     def __init__(self, d):
         bn = d.getVar('BUILDNAME')
         bsdir = os.path.join(d.getVar('BUILDSTATS_BASE'), bn)
         bb.utils.mkdirhier(bsdir)
+        file_handlers =  [('diskstats', self._reduce_diskstats),
+                            ('meminfo', self._reduce_meminfo),
+                            ('stat', self._reduce_stat),
+                            ('net/dev', self._reduce_net)]
+
+        # Some hosts like openSUSE have readable /proc/pressure files
+        # but throw errors when these files are opened. Catch these error
+        # and ensure that the reduce_proc_pressure directory is not created.
+        if os.path.exists("/proc/pressure"):
+            try:
+                with open('/proc/pressure/cpu', 'rb') as source:
+                    source.read()
+                pressuredir = os.path.join(bsdir, 'reduced_proc_pressure')
+                bb.utils.mkdirhier(pressuredir)
+                file_handlers.extend([('pressure/cpu', self._reduce_pressure),
+                                     ('pressure/io', self._reduce_pressure),
+                                     ('pressure/memory', self._reduce_pressure)])
+            except Exception:
+                pass
 
         self.proc_files = []
-        for filename, handler in (
-                ('diskstats', self._reduce_diskstats),
-                ('meminfo', self._reduce_meminfo),
-                ('stat', self._reduce_stat),
-        ):
+        for filename, handler in (file_handlers):
             # The corresponding /proc files might not exist on the host.
             # For example, /proc/diskstats is not available in virtualized
             # environments like Linux-VServer. Silently skip collecting
@@ -31,30 +49,42 @@ class SystemStats:
                 # not strictly necessary, but using it makes the class
                 # more robust should two processes ever write
                 # concurrently.
-                destfile = os.path.join(bsdir, '%sproc_%s.log' % ('reduced_' if handler else '', filename))
+                if filename == 'net/dev':
+                    destfile = os.path.join(bsdir, 'reduced_proc_net.log')
+                else:
+                    destfile = os.path.join(bsdir, '%sproc_%s.log' % ('reduced_' if handler else '', filename))
                 self.proc_files.append((filename, open(destfile, 'ab'), handler))
         self.monitor_disk = open(os.path.join(bsdir, 'monitor_disk.log'), 'ab')
         # Last time that we sampled /proc data resp. recorded disk monitoring data.
         self.last_proc = 0
         self.last_disk_monitor = 0
-        # Minimum number of seconds between recording a sample. This
-        # becames relevant when we get called very often while many
-        # short tasks get started. Sampling during quiet periods
+        # Minimum number of seconds between recording a sample. This becames relevant when we get
+        # called very often while many short tasks get started. Sampling during quiet periods
         # depends on the heartbeat event, which fires less often.
-        self.min_seconds = 1
-
-        self.meminfo_regex = re.compile(b'^(MemTotal|MemFree|Buffers|Cached|SwapTotal|SwapFree):\s*(\d+)')
-        self.diskstats_regex = re.compile(b'^([hsv]d.|mtdblock\d|mmcblk\d|cciss/c\d+d\d+.*)$')
+        # By default, the Heartbeat events occur roughly once every second but the actual time
+        # between these events deviates by a few milliseconds, in most cases. Hence
+        # pick a somewhat arbitary tolerance such that we sample a large majority
+        # of the Heartbeat events. This ignores rare events that fall outside the minimum
+        # and may lead an extra sample in a given second every so often. However, it allows for fairly
+        # consistent intervals between samples without missing many events.
+        self.tolerance = 0.01
+        self.min_seconds = 1.0 - self.tolerance
+
+        self.meminfo_regex = re.compile(rb'^(MemTotal|MemFree|Buffers|Cached|SwapTotal|SwapFree):\s*(\d+)')
+        self.diskstats_regex = re.compile(rb'^([hsv]d.|mtdblock\d|mmcblk\d|cciss/c\d+d\d+|nvme\d+n\d+.*)$')
         self.diskstats_ltime = None
         self.diskstats_data = None
         self.stat_ltimes = None
+        # Last time we sampled /proc/pressure. All resources stored in a single dict with the key as filename
+        self.last_pressure = {"pressure/cpu": None, "pressure/io": None, "pressure/memory": None}
+        self.net_stats = {}
 
     def close(self):
         self.monitor_disk.close()
         for _, output, _ in self.proc_files:
             output.close()
 
-    def _reduce_meminfo(self, time, data):
+    def _reduce_meminfo(self, time, data, filename):
         """
         Extracts 'MemTotal', 'MemFree', 'Buffers', 'Cached', 'SwapTotal', 'SwapFree'
         and writes their values into a single line, in that order.
@@ -69,13 +99,46 @@ class SystemStats:
                     b' '.join([values[x] for x in
                                (b'MemTotal', b'MemFree', b'Buffers', b'Cached', b'SwapTotal', b'SwapFree')]) + b'\n')
 
+    def _reduce_net(self, time, data, filename):
+        data = data.split(b'\n')
+        for line in data[2:]:
+            if b":" not in line:
+                continue
+            try:
+                parts = line.split()
+                iface = (parts[0].strip(b':')).decode('ascii')
+                receive_bytes = int(parts[1])
+                transmit_bytes = int(parts[9])
+            except Exception:
+                continue
+
+            if iface not in self.net_stats:
+                self.net_stats[iface] = deque(maxlen=2)
+                self.net_stats[iface].append((receive_bytes, transmit_bytes, 0, 0))
+            prev = self.net_stats[iface][-1] if self.net_stats[iface] else (0, 0, 0, 0)            
+            receive_diff = receive_bytes - prev[0]
+            transmit_diff = transmit_bytes - prev[1]
+            self.net_stats[iface].append((
+                receive_bytes,
+                transmit_bytes,
+                receive_diff,
+                transmit_diff
+            ))
+
+        result_str = "\n".join(
+            f"{iface}: {net_data[-1][0]} {net_data[-1][1]} {net_data[-1][2]} {net_data[-1][3]}"
+            for iface, net_data in self.net_stats.items()
+        ) + "\n"
+
+        return time, result_str.encode('ascii')
+
     def _diskstats_is_relevant_line(self, linetokens):
-        if len(linetokens) != 14:
+        if len(linetokens) < 14:
             return False
         disk = linetokens[2]
         return self.diskstats_regex.match(disk)
 
-    def _reduce_diskstats(self, time, data):
+    def _reduce_diskstats(self, time, data, filename):
         relevant_tokens = filter(self._diskstats_is_relevant_line, map(lambda x: x.split(), data.split(b'\n')))
         diskdata = [0] * 3
         reduced = None
@@ -104,10 +167,10 @@ class SystemStats:
         return reduced
 
 
-    def _reduce_nop(self, time, data):
+    def _reduce_nop(self, time, data, filename):
         return (time, data)
 
-    def _reduce_stat(self, time, data):
+    def _reduce_stat(self, time, data, filename):
         if not data:
             return None
         # CPU times {user, nice, system, idle, io_wait, irq, softirq} from first line
@@ -126,14 +189,41 @@ class SystemStats:
         self.stat_ltimes = times
         return reduced
 
+    def _reduce_pressure(self, time, data, filename):
+        """
+        Return reduced pressure: {avg10, avg60, avg300} and delta total compared to the previous sample
+        for the cpu, io and memory resources. A common function is used for all 3 resources since the
+        format of the /proc/pressure file is the same in each case.
+        """
+        if not data:
+            return None
+        tokens = data.split(b'\n', 1)[0].split()
+        avg10 = float(tokens[1].split(b'=')[1])
+        avg60 = float(tokens[2].split(b'=')[1])
+        avg300 = float(tokens[3].split(b'=')[1])
+        total = int(tokens[4].split(b'=')[1])
+
+        reduced = None
+        if self.last_pressure[filename]:
+            delta = total - self.last_pressure[filename]
+            reduced = (time, (avg10, avg60, avg300, delta))
+        self.last_pressure[filename] = total
+        return reduced
+
     def sample(self, event, force):
+        """
+        Collect and log proc or disk_monitor stats periodically.
+        Return True if a new sample is collected and hence the value last_proc or last_disk_monitor
+        is changed.
+        """
+        retval = False
         now = time.time()
         if (now - self.last_proc > self.min_seconds) or force:
             for filename, output, handler in self.proc_files:
                 with open(os.path.join('/proc', filename), 'rb') as input:
                     data = input.read()
                     if handler:
-                        reduced = handler(now, data)
+                        reduced = handler(now, data, filename)
                     else:
                         reduced = (now, data)
                     if reduced:
@@ -150,6 +240,7 @@ class SystemStats:
                                  data +
                                  b'\n')
             self.last_proc = now
+            retval = True
 
         if isinstance(event, bb.event.MonitorDiskEvent) and \
            ((now - self.last_disk_monitor > self.min_seconds) or force):
@@ -159,3 +250,5 @@ class SystemStats:
                               for dev, sample in event.disk_usage.items()]).encode('ascii') +
                      b'\n')
             self.last_disk_monitor = now
+            retval = True
+        return retval
\ No newline at end of file
diff --git a/meta/lib/oe/cachedpath.py b/meta/lib/oe/cachedpath.py
index 254257a83f..68c85807d9 100644
--- a/meta/lib/oe/cachedpath.py
+++ b/meta/lib/oe/cachedpath.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 # Based on standard python library functions but avoid
@@ -109,9 +111,13 @@ class CachedPath(object):
             return True
         return False
 
+    # WARNING - this is not currently a drop in replacement since they return False
+    # rather than raise exceptions.
     def stat(self, path):
         return self.callstat(path)
 
+    # WARNING - this is not currently a drop in replacement since they return False
+    # rather than raise exceptions.
     def lstat(self, path):
         return self.calllstat(path)
 
diff --git a/meta/lib/oe/classextend.py b/meta/lib/oe/classextend.py
index d3d8fbe724..8ae5d3b715 100644
--- a/meta/lib/oe/classextend.py
+++ b/meta/lib/oe/classextend.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
@@ -30,6 +32,9 @@ class ClassExtender(object):
         if name.endswith("-" + self.extname):
             name = name.replace("-" + self.extname, "")
         if name.startswith("virtual/"):
+            # Assume large numbers of dashes means a triplet is present and we don't need to convert
+            if name.count("-") >= 3 and name.endswith(("-go",)):
+                return name
             subs = name.split("/", 1)[1]
             if not subs.startswith(self.extname):
                 return "virtual/" + self.extname + "-" + subs
@@ -87,7 +92,7 @@ class ClassExtender(object):
     def map_depends_variable(self, varname, suffix = ""):
         # We need to preserve EXTENDPKGV so it can be expanded correctly later
         if suffix:
-            varname = varname + "_" + suffix
+            varname = varname + ":" + suffix
         orig = self.d.getVar("EXTENDPKGV", False)
         self.d.setVar("EXTENDPKGV", "EXTENDPKGV")
         deps = self.d.getVar(varname)
@@ -142,15 +147,13 @@ class ClassExtender(object):
             if pkg_mapping[0].startswith("${") and pkg_mapping[0].endswith("}"):
                 continue
             for subs in variables:
-                self.d.renameVar("%s_%s" % (subs, pkg_mapping[0]), "%s_%s" % (subs, pkg_mapping[1]))
+                self.d.renameVar("%s:%s" % (subs, pkg_mapping[0]), "%s:%s" % (subs, pkg_mapping[1]))
 
 class NativesdkClassExtender(ClassExtender):
     def map_depends(self, dep):
         if dep.startswith(self.extname):
             return dep
-        if dep.endswith(("-gcc", "-g++")):
-            return dep + "-crosssdk"
-        elif dep.endswith(("-native", "-native-runtime")) or ('nativesdk-' in dep) or ('-cross-' in dep) or ('-crosssdk-' in dep):
+        if dep.endswith(("-native", "-native-runtime")) or ('nativesdk-' in dep) or ('-cross-' in dep) or ('-crosssdk-' in dep):
             return dep
         else:
             return self.extend_name(dep)
diff --git a/meta/lib/oe/classutils.py b/meta/lib/oe/classutils.py
index 08bb66b365..ec3f6ad720 100644
--- a/meta/lib/oe/classutils.py
+++ b/meta/lib/oe/classutils.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
diff --git a/meta/lib/oe/copy_buildsystem.py b/meta/lib/oe/copy_buildsystem.py
index 31a84f5b06..ced751b835 100644
--- a/meta/lib/oe/copy_buildsystem.py
+++ b/meta/lib/oe/copy_buildsystem.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 # This class should provide easy access to the different aspects of the
@@ -20,7 +22,7 @@ def _smart_copy(src, dest):
     mode = os.stat(src).st_mode
     if stat.S_ISDIR(mode):
         bb.utils.mkdirhier(dest)
-        cmd = "tar --exclude='.git' --xattrs --xattrs-include='*' -chf - -C %s -p . \
+        cmd = "tar --exclude='.git' --exclude='__pycache__' --xattrs --xattrs-include='*' -cf - -C %s -p . \
         | tar --xattrs --xattrs-include='*' -xf - -C %s" % (src, dest)
         subprocess.check_output(cmd, shell=True, stderr=subprocess.STDOUT)
     else:
@@ -45,9 +47,6 @@ class BuildSystem(object):
 
         corebase = os.path.abspath(self.d.getVar('COREBASE'))
         layers.append(corebase)
-        # Get relationship between TOPDIR and COREBASE
-        # Layers should respect it
-        corebase_relative = os.path.dirname(os.path.relpath(os.path.abspath(self.d.getVar('TOPDIR')), corebase))
         # The bitbake build system uses the meta-skeleton layer as a layout
         # for common recipies, e.g: the recipetool script to create kernel recipies
         # Add the meta-skeleton layer to be included as part of the eSDK installation
@@ -100,11 +99,10 @@ class BuildSystem(object):
             layerdestpath = destdir
             if corebase == os.path.dirname(layer):
                 layerdestpath += '/' + os.path.basename(corebase)
-            else:
-                layer_relative = os.path.relpath(layer, corebase)
-                if os.path.dirname(layer_relative) == corebase_relative:
-                    layer_relative = os.path.dirname(corebase_relative) + '/' + layernewname
-                layer_relative = os.path.basename(corebase) + '/' + layer_relative
+            # If the layer is located somewhere under the same parent directory
+            # as corebase we keep the layer structure.
+            elif os.path.commonpath([layer, corebase]) == os.path.dirname(corebase):
+                layer_relative = os.path.relpath(layer, os.path.dirname(corebase))
                 if os.path.dirname(layer_relative) != layernewname:
                     layerdestpath += '/' + os.path.dirname(layer_relative)
 
@@ -195,13 +193,17 @@ def prune_lockedsigs(excluded_tasks, excluded_targets, lockedsigs, onlynative, p
                     else:
                         f.write(line)
                         invalue = False
-                elif line.startswith('SIGGEN_LOCKEDSIGS'):
+                elif line.startswith('SIGGEN_LOCKEDSIGS_t'):
                     invalue = True
                     f.write(line)
+                else:
+                    invalue = False
+                    f.write(line)
 
 def merge_lockedsigs(copy_tasks, lockedsigs_main, lockedsigs_extra, merged_output, copy_output=None):
     merged = {}
     arch_order = []
+    otherdata = []
     with open(lockedsigs_main, 'r') as f:
         invalue = None
         for line in f:
@@ -214,6 +216,9 @@ def merge_lockedsigs(copy_tasks, lockedsigs_main, lockedsigs_extra, merged_outpu
                 invalue = line[18:].split('=', 1)[0].rstrip()
                 merged[invalue] = []
                 arch_order.append(invalue)
+            else:
+                invalue = None
+                otherdata.append(line)
 
     with open(lockedsigs_extra, 'r') as f:
         invalue = None
@@ -248,6 +253,7 @@ def merge_lockedsigs(copy_tasks, lockedsigs_main, lockedsigs_extra, merged_outpu
                     f.write('    "\n')
                     fulltypes.append(typename)
             f.write('SIGGEN_LOCKEDSIGS_TYPES = "%s"\n' % ' '.join(fulltypes))
+            f.write('\n' + ''.join(otherdata))
 
     if copy_output:
         write_sigs_file(copy_output, list(tocopy.keys()), tocopy)
@@ -259,7 +265,7 @@ def create_locked_sstate_cache(lockedsigs, input_sstate_cache, output_sstate_cac
     bb.note('Generating sstate-cache...')
 
     nativelsbstring = d.getVar('NATIVELSBSTRING')
-    bb.process.run("gen-lockedsig-cache %s %s %s %s %s" % (lockedsigs, input_sstate_cache, output_sstate_cache, nativelsbstring, filterfile or ''))
+    bb.process.run("PYTHONDONTWRITEBYTECODE=1 gen-lockedsig-cache %s %s %s %s %s" % (lockedsigs, input_sstate_cache, output_sstate_cache, nativelsbstring, filterfile or ''))
     if fixedlsbstring and nativelsbstring != fixedlsbstring:
         nativedir = output_sstate_cache + '/' + nativelsbstring
         if os.path.isdir(nativedir):
@@ -286,7 +292,7 @@ def check_sstate_task_list(d, targets, filteroutfile, cmdprefix='', cwd=None, lo
         logparam = '-l %s' % logfile
     else:
         logparam = ''
-    cmd = "%sBB_SETSCENE_ENFORCE=1 PSEUDO_DISABLED=1 oe-check-sstate %s -s -o %s %s" % (cmdprefix, targets, filteroutfile, logparam)
+    cmd = "%sPYTHONDONTWRITEBYTECODE=1 BB_SETSCENE_ENFORCE=1 PSEUDO_DISABLED=1 oe-check-sstate %s -s -o %s %s" % (cmdprefix, targets, filteroutfile, logparam)
     env = dict(d.getVar('BB_ORIGENV', False))
     env.pop('BUILDDIR', '')
     env.pop('BBPATH', '')
diff --git a/meta/lib/oe/cve_check.py b/meta/lib/oe/cve_check.py
index ce755f940a..ae194f27cf 100644
--- a/meta/lib/oe/cve_check.py
+++ b/meta/lib/oe/cve_check.py
@@ -1,7 +1,15 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
 import collections
-import re
-import itertools
 import functools
+import itertools
+import os.path
+import re
+import oe.patch
 
 _Version = collections.namedtuple(
     "_Version", ["release", "patch_l", "pre_l", "pre_v"]
@@ -11,8 +19,13 @@ _Version = collections.namedtuple(
 class Version():
 
     def __init__(self, version, suffix=None):
+
+        suffixes = ["alphabetical", "patch"]
+
         if str(suffix) == "alphabetical":
             version_pattern =  r"""r?v?(?:(?P<release>[0-9]+(?:[-\.][0-9]+)*)(?P<patch>[-_\.]?(?P<patch_l>[a-z]))?(?P<pre>[-_\.]?(?P<pre_l>(rc|alpha|beta|pre|preview|dev))[-_\.]?(?P<pre_v>[0-9]+)?)?)(.*)?"""
+        elif str(suffix) == "patch":
+            version_pattern =  r"""r?v?(?:(?P<release>[0-9]+(?:[-\.][0-9]+)*)(?P<patch>[-_\.]?(p|patch)(?P<patch_l>[0-9]+))?(?P<pre>[-_\.]?(?P<pre_l>(rc|alpha|beta|pre|preview|dev))[-_\.]?(?P<pre_v>[0-9]+)?)?)(.*)?"""
         else:
             version_pattern =  r"""r?v?(?:(?P<release>[0-9]+(?:[-\.][0-9]+)*)(?P<pre>[-_\.]?(?P<pre_l>(rc|alpha|beta|pre|preview|dev))[-_\.]?(?P<pre_v>[0-9]+)?)?)(.*)?"""
         regex = re.compile(r"^\s*" + version_pattern + r"\s*$", re.VERBOSE | re.IGNORECASE)
@@ -23,7 +36,7 @@ class Version():
 
         self._version = _Version(
             release=tuple(int(i) for i in match.group("release").replace("-",".").split(".")),
-            patch_l=match.group("patch_l") if str(suffix) == "alphabetical" and match.group("patch_l") else "",
+            patch_l=match.group("patch_l") if str(suffix) in suffixes and match.group("patch_l") else "",
             pre_l=match.group("pre_l"),
             pre_v=match.group("pre_v")
         )
@@ -58,3 +71,308 @@ def _cmpkey(release, patch_l, pre_l, pre_v):
     else:
         _pre = float(pre_v) if pre_v else float('-inf')
     return _release, _patch, _pre
+
+
+def parse_cve_from_filename(patch_filename):
+    """
+    Parses CVE ID from the filename
+
+    Matches the last "CVE-YYYY-ID" in the file name, also if written
+    in lowercase. Possible to have multiple CVE IDs in a single
+    file name, but only the last one will be detected from the file name.
+
+    Returns the last CVE ID foudn in the filename. If no CVE ID is found
+    an empty string is returned.
+    """
+    cve_file_name_match = re.compile(r".*(CVE-\d{4}-\d{4,})", re.IGNORECASE)
+
+    # Check patch file name for CVE ID
+    fname_match = cve_file_name_match.search(patch_filename)
+    return fname_match.group(1).upper() if fname_match else ""
+
+
+def parse_cves_from_patch_contents(patch_contents):
+    """
+    Parses CVE IDs from patch contents
+
+    Matches all CVE IDs contained on a line that starts with "CVE: ". Any
+    delimiter (',', '&', "and", etc.) can be used without any issues. Multiple
+    "CVE:" lines can also exist.
+
+    Returns a set of all CVE IDs found in the patch contents.
+    """
+    cve_ids = set()
+    cve_match = re.compile(r"CVE-\d{4}-\d{4,}")
+    # Search for one or more "CVE: " lines
+    for line in patch_contents.split("\n"):
+        if not line.startswith("CVE:"):
+            continue
+        cve_ids.update(cve_match.findall(line))
+    return cve_ids
+
+
+def parse_cves_from_patch_file(patch_file):
+    """
+    Parses CVE IDs associated with a particular patch file, using both the filename
+    and patch contents.
+
+    Returns a set of all CVE IDs found in the patch filename and contents.
+    """
+    cve_ids = set()
+    filename_cve = parse_cve_from_filename(patch_file)
+    if filename_cve:
+        bb.debug(2, "Found %s from patch file name %s" % (filename_cve, patch_file))
+        cve_ids.add(parse_cve_from_filename(patch_file))
+
+    # Remote patches won't be present and compressed patches won't be
+    # unpacked, so say we're not scanning them
+    if not os.path.isfile(patch_file):
+        bb.note("%s is remote or compressed, not scanning content" % patch_file)
+        return cve_ids
+
+    with open(patch_file, "r", encoding="utf-8") as f:
+        try:
+            patch_text = f.read()
+        except UnicodeDecodeError:
+            bb.debug(
+                1,
+                "Failed to read patch %s using UTF-8 encoding"
+                " trying with iso8859-1" % patch_file,
+            )
+            f.close()
+            with open(patch_file, "r", encoding="iso8859-1") as f:
+                patch_text = f.read()
+
+    cve_ids.update(parse_cves_from_patch_contents(patch_text))
+
+    if not cve_ids:
+        bb.debug(2, "Patch %s doesn't solve CVEs" % patch_file)
+    else:
+        bb.debug(2, "Patch %s solves %s" % (patch_file, ", ".join(sorted(cve_ids))))
+
+    return cve_ids
+
+
+@bb.parse.vardeps("CVE_STATUS")
+def get_patched_cves(d):
+    """
+    Determines the CVE IDs that have been solved by either patches incuded within
+    SRC_URI or by setting CVE_STATUS.
+
+    Returns a dictionary with the CVE IDs as keys and an associated dictonary of
+    relevant metadata as the value.
+    """
+    patched_cves = {}
+    patches = oe.patch.src_patches(d)
+    bb.debug(2, "Scanning %d patches for CVEs" % len(patches))
+
+    # Check each patch file
+    for url in patches:
+        patch_file = bb.fetch.decodeurl(url)[2]
+        for cve_id in parse_cves_from_patch_file(patch_file):
+            if cve_id not in patched_cves:
+                patched_cves[cve_id] = {
+                    "abbrev-status": "Patched",
+                    "status": "fix-file-included",
+                    "resource": [patch_file],
+                }
+            else:
+                patched_cves[cve_id]["resource"].append(patch_file)
+
+    # Search for additional patched CVEs
+    for cve_id in d.getVarFlags("CVE_STATUS") or {}:
+        decoded_status = decode_cve_status(d, cve_id)
+        products = d.getVar("CVE_PRODUCT")
+        if has_cve_product_match(decoded_status, products):
+            if cve_id in patched_cves:
+                bb.warn(
+                    'CVE_STATUS[%s] = "%s" is overwriting previous status of "%s: %s"'
+                    % (
+                        cve_id,
+                        d.getVarFlag("CVE_STATUS", cve_id),
+                        patched_cves[cve_id]["abbrev-status"],
+                        patched_cves[cve_id]["status"],
+                    )
+                )
+            patched_cves[cve_id] = {
+                "abbrev-status": decoded_status["mapping"],
+                "status": decoded_status["detail"],
+                "justification": decoded_status["description"],
+                "affected-vendor": decoded_status["vendor"],
+                "affected-product": decoded_status["product"],
+            }
+
+    return patched_cves
+
+
+def get_cpe_ids(cve_product, version):
+    """
+    Get list of CPE identifiers for the given product and version
+    """
+
+    version = version.split("+git")[0]
+
+    cpe_ids = []
+    for product in cve_product.split():
+        # CVE_PRODUCT in recipes may include vendor information for CPE identifiers. If not,
+        # use wildcard for vendor.
+        if ":" in product:
+            vendor, product = product.split(":", 1)
+        else:
+            vendor = "*"
+
+        cpe_id = 'cpe:2.3:*:{}:{}:{}:*:*:*:*:*:*:*'.format(vendor, product, version)
+        cpe_ids.append(cpe_id)
+
+    return cpe_ids
+
+def cve_check_merge_jsons(output, data):
+    """
+    Merge the data in the "package" property to the main data file
+    output
+    """
+    if output["version"] != data["version"]:
+        bb.error("Version mismatch when merging JSON outputs")
+        return
+
+    for product in output["package"]:
+        if product["name"] == data["package"][0]["name"]:
+            bb.error("Error adding the same package %s twice" % product["name"])
+            return
+
+    output["package"].append(data["package"][0])
+
+def update_symlinks(target_path, link_path):
+    """
+    Update a symbolic link link_path to point to target_path.
+    Remove the link and recreate it if exist and is different.
+    """
+    if link_path != target_path and os.path.exists(target_path):
+        if os.path.exists(os.path.realpath(link_path)):
+            os.remove(link_path)
+        os.symlink(os.path.basename(target_path), link_path)
+
+
+def convert_cve_version(version):
+    """
+    This function converts from CVE format to Yocto version format.
+    eg 8.3_p1 -> 8.3p1, 6.2_rc1 -> 6.2-rc1
+
+    Unless it is redefined using CVE_VERSION in the recipe,
+    cve_check uses the version in the name of the recipe (${PV})
+    to check vulnerabilities against a CVE in the database downloaded from NVD.
+
+    When the version has an update, i.e.
+    "p1" in OpenSSH 8.3p1,
+    "-rc1" in linux kernel 6.2-rc1,
+    the database stores the version as version_update (8.3_p1, 6.2_rc1).
+    Therefore, we must transform this version before comparing to the
+    recipe version.
+
+    In this case, the parameter of the function is 8.3_p1.
+    If the version uses the Release Candidate format, "rc",
+    this function replaces the '_' by '-'.
+    If the version uses the Update format, "p",
+    this function removes the '_' completely.
+    """
+    import re
+
+    matches = re.match('^([0-9.]+)_((p|rc)[0-9]+)$', version)
+
+    if not matches:
+        return version
+
+    version = matches.group(1)
+    update = matches.group(2)
+
+    if matches.group(3) == "rc":
+        return version + '-' + update
+
+    return version + update
+
+@bb.parse.vardeps("CVE_STATUS", "CVE_CHECK_STATUSMAP")
+def decode_cve_status(d, cve):
+    """
+    Convert CVE_STATUS into status, vendor, product, detail and description.
+    """
+    status = d.getVarFlag("CVE_STATUS", cve)
+    if not status:
+        return {}
+
+    status_split = status.split(':', 4)
+    status_out = {}
+    status_out["detail"] = status_split[0]
+    product = "*"
+    vendor = "*"
+    description = ""
+    if len(status_split) >= 4 and status_split[1].strip() == "cpe":
+        # Both vendor and product are mandatory if cpe: present, the syntax is then:
+        # detail: cpe:vendor:product:description
+        vendor = status_split[2].strip()
+        product = status_split[3].strip()
+        description = status_split[4].strip()
+    elif len(status_split) >= 2 and status_split[1].strip() == "cpe":
+        # Malformed CPE
+        bb.warn(
+            'Invalid CPE information for CVE_STATUS[%s] = "%s", not setting CPE'
+            % (cve, status)
+        )
+    else:
+        # Other case: no CPE, the syntax is then:
+        # detail: description
+        description = status.split(':', 1)[1].strip() if (len(status_split) > 1) else ""
+
+    status_out["vendor"] = vendor
+    status_out["product"] = product
+    status_out["description"] = description
+
+    detail = status_out["detail"]
+    status_mapping = d.getVarFlag("CVE_CHECK_STATUSMAP", detail)
+    if status_mapping is None:
+        bb.warn(
+            'Invalid detail "%s" for CVE_STATUS[%s] = "%s", fallback to Unpatched'
+            % (detail, cve, status)
+        )
+        status_mapping = "Unpatched"
+    status_out["mapping"] = status_mapping
+
+    return status_out
+
+def has_cve_product_match(detailed_status, products):
+    """
+    Check product/vendor match between detailed_status from decode_cve_status and a string of
+    products (like from CVE_PRODUCT)
+    """
+    for product in products.split():
+        vendor = "*"
+        if ":" in product:
+            vendor, product = product.split(":", 1)
+
+        if (vendor == detailed_status["vendor"] or detailed_status["vendor"] == "*") and \
+            (product == detailed_status["product"] or detailed_status["product"] == "*"):
+            return True
+
+    #if no match, return False
+    return False
+
+def extend_cve_status(d):
+    # do this only once in case multiple classes use this
+    if d.getVar("CVE_STATUS_EXTENDED"):
+        return
+    d.setVar("CVE_STATUS_EXTENDED", "1")
+
+    # Fallback all CVEs from CVE_CHECK_IGNORE to CVE_STATUS
+    cve_check_ignore = d.getVar("CVE_CHECK_IGNORE")
+    if cve_check_ignore:
+        bb.warn("CVE_CHECK_IGNORE is deprecated in favor of CVE_STATUS")
+        for cve in (d.getVar("CVE_CHECK_IGNORE") or "").split():
+            d.setVarFlag("CVE_STATUS", cve, "ignored")
+
+    # Process CVE_STATUS_GROUPS to set multiple statuses and optional detail or description at once
+    for cve_status_group in (d.getVar("CVE_STATUS_GROUPS") or "").split():
+        cve_group = d.getVar(cve_status_group)
+        if cve_group is not None:
+            for cve in cve_group.split():
+                d.setVarFlag("CVE_STATUS", cve, d.getVarFlag(cve_status_group, "status"))
+        else:
+            bb.warn("CVE_STATUS_GROUPS contains undefined variable %s" % cve_status_group)
diff --git a/meta/lib/oe/data.py b/meta/lib/oe/data.py
index 602130a904..37121cfad2 100644
--- a/meta/lib/oe/data.py
+++ b/meta/lib/oe/data.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
diff --git a/meta/lib/oe/distro_check.py b/meta/lib/oe/distro_check.py
index 88e46c354d..3494520f40 100644
--- a/meta/lib/oe/distro_check.py
+++ b/meta/lib/oe/distro_check.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
@@ -26,7 +28,7 @@ def find_latest_numeric_release(url, d):
     maxstr=""
     for link in get_links_from_url(url, d):
         try:
-            # TODO use LooseVersion
+            # TODO use bb.utils.vercmp_string_op()
             release = float(link)
         except:
             release = 0
diff --git a/meta/lib/oe/elf.py b/meta/lib/oe/elf.py
index df0a4593fa..9794453092 100644
--- a/meta/lib/oe/elf.py
+++ b/meta/lib/oe/elf.py
@@ -1,133 +1,148 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
 def machine_dict(d):
-#           TARGET_OS  TARGET_ARCH   MACHINE, OSABI, ABIVERSION, Little Endian, 32bit?
-    machdata = {
-            "darwin9" : { 
-                        "arm" :       (40,     0,    0,          True,          32),
-                      },
-            "eabi" : {
-                        "arm" :       (40,     0,    0,          True,          32),
-                      },
-            "elf" : {
-                        "aarch64" :   (183,    0,    0,          True,          64),
-                        "aarch64_be" :(183,    0,    0,          False,         64),
-                        "i586" :      (3,      0,    0,          True,          32),
-                        "i686" :      (3,      0,    0,          True,          32),
-                        "x86_64":     (62,     0,    0,          True,          64),
-                        "epiphany":   (4643,   0,    0,          True,          32),
-                        "lm32":       (138,    0,    0,          False,         32),
-                        "mips":       ( 8,     0,    0,          False,         32),
-                        "mipsel":     ( 8,     0,    0,          True,          32),
-                        "microblaze":  (189,   0,    0,          False,         32),
-                        "microblazeel":(189,   0,    0,          True,          32),
-                        "powerpc":    (20,     0,    0,          False,         32),
-                        "riscv32":    (243,    0,    0,          True,          32),
-                        "riscv64":    (243,    0,    0,          True,          64),
-                      },
-            "linux" : { 
-                        "aarch64" :   (183,    0,    0,          True,          64),
-                        "aarch64_be" :(183,    0,    0,          False,         64),
-                        "arm" :       (40,    97,    0,          True,          32),
-                        "armeb":      (40,    97,    0,          False,         32),
-                        "powerpc":    (20,     0,    0,          False,         32),
-                        "powerpc64":  (21,     0,    0,          False,         64),
-                        "powerpc64le":  (21,     0,    0,          True,         64),
-                        "i386":       ( 3,     0,    0,          True,          32),
-                        "i486":       ( 3,     0,    0,          True,          32),
-                        "i586":       ( 3,     0,    0,          True,          32),
-                        "i686":       ( 3,     0,    0,          True,          32),
-                        "x86_64":     (62,     0,    0,          True,          64),
-                        "ia64":       (50,     0,    0,          True,          64),
-                        "alpha":      (36902,  0,    0,          True,          64),
-                        "hppa":       (15,     3,    0,          False,         32),
-                        "m68k":       ( 4,     0,    0,          False,         32),
-                        "mips":       ( 8,     0,    0,          False,         32),
-                        "mipsel":     ( 8,     0,    0,          True,          32),
-                        "mips64":     ( 8,     0,    0,          False,         64),
-                        "mips64el":   ( 8,     0,    0,          True,          64),
-                        "mipsisa32r6":   ( 8,  0,    0,          False,         32),
-                        "mipsisa32r6el": ( 8,  0,    0,          True,          32),
-                        "mipsisa64r6":   ( 8,  0,    0,          False,         64),
-                        "mipsisa64r6el": ( 8,  0,    0,          True,          64),
-                        "nios2":      (113,    0,    0,          True,          32),
-                        "riscv32":    (243,    0,    0,          True,          32),
-                        "riscv64":    (243,    0,    0,          True,          64),
-                        "s390":       (22,     0,    0,          False,         32),
-                        "sh4":        (42,     0,    0,          True,          32),
-                        "sparc":      ( 2,     0,    0,          False,         32),
-                        "microblaze":  (189,   0,    0,          False,         32),
-                        "microblazeel":(189,   0,    0,          True,          32),
-                      },
-            "linux-musl" : { 
-                        "aarch64" :   (183,    0,    0,            True,          64),
-                        "aarch64_be" :(183,    0,    0,            False,         64),
-                        "arm" :       (  40,    97,    0,          True,          32),
-                        "armeb":      (  40,    97,    0,          False,         32),
-                        "powerpc":    (  20,     0,    0,          False,         32),
-                        "powerpc64":  (  21,     0,    0,          False,         64),
-                        "powerpc64le":  (21,     0,    0,          True,         64),
-                        "i386":       (   3,     0,    0,          True,          32),
-                        "i486":       (   3,     0,    0,          True,          32),
-                        "i586":       (   3,     0,    0,          True,          32),
-                        "i686":       (   3,     0,    0,          True,          32),
-                        "x86_64":     (  62,     0,    0,          True,          64),
-                        "mips":       (   8,     0,    0,          False,         32),
-                        "mipsel":     (   8,     0,    0,          True,          32),
-                        "mips64":     (   8,     0,    0,          False,         64),
-                        "mips64el":   (   8,     0,    0,          True,          64),
-                        "microblaze":  (189,     0,    0,          False,         32),
-                        "microblazeel":(189,     0,    0,          True,          32),
-                        "riscv32":    (243,      0,    0,          True,          32),
-                        "riscv64":    (243,      0,    0,          True,          64),
-                        "sh4":        (  42,     0,    0,          True,          32),
-                      },
-            "uclinux-uclibc" : {
-                        "bfin":       ( 106,     0,    0,          True,         32),
-                      }, 
-            "linux-gnueabi" : {
-                        "arm" :       (40,     0,    0,          True,          32),
-                        "armeb" :     (40,     0,    0,          False,         32),
-                      },
-            "linux-musleabi" : {
-                        "arm" :       (40,     0,    0,          True,          32),
-                        "armeb" :     (40,     0,    0,          False,         32),
-                      },
-            "linux-gnuspe" : {
-                        "powerpc":    (20,     0,    0,          False,         32),
-                      },
-            "linux-muslspe" : {
-                        "powerpc":    (20,     0,    0,          False,         32),
-                      },
-            "linux-gnu" :       {
-                        "powerpc":    (20,     0,    0,          False,         32),
-                        "sh4":        (42,     0,    0,          True,          32),
-                      },
-            "linux-gnu_ilp32" :     {
-                        "aarch64" :   (183,    0,    0,          True,          32),
-                      },
-            "linux-gnux32" :       {
-                        "x86_64":     (62,     0,    0,          True,          32),
-                      },
-            "linux-muslx32" :       {
-                        "x86_64":     (62,     0,    0,          True,          32),
-                      },
-            "linux-gnun32" :       {
-                        "mips64":       ( 8,     0,    0,          False,         32),
-                        "mips64el":     ( 8,     0,    0,          True,          32),
-                        "mipsisa64r6":  ( 8,     0,    0,          False,         32),
-                        "mipsisa64r6el":( 8,     0,    0,          True,          32),
-                      },
-        }
+  # Generating this data is slow, so cache it
+  if not hasattr(machine_dict, "machdata"):
+    machine_dict.machdata = {
+      # TARGET_OS  TARGET_ARCH   MACHINE, OSABI, ABIVERSION, Little Endian, 32bit?
+      "darwin9" : { 
+                  "arm" :       (40,     0,    0,          True,          32),
+                },
+      "eabi" : {
+                  "arm" :       (40,     0,    0,          True,          32),
+                },
+      "elf" : {
+                  "aarch64" :   (183,    0,    0,          True,          64),
+                  "aarch64_be" :(183,    0,    0,          False,         64),
+                  "i586" :      (3,      0,    0,          True,          32),
+                  "i686" :      (3,      0,    0,          True,          32),
+                  "x86_64":     (62,     0,    0,          True,          64),
+                  "epiphany":   (4643,   0,    0,          True,          32),
+                  "lm32":       (138,    0,    0,          False,         32),
+                  "loongarch64":(258,    0,    0,          True,          64),
+                  "mips":       ( 8,     0,    0,          False,         32),
+                  "mipsel":     ( 8,     0,    0,          True,          32),
+                  "microblaze":  (189,   0,    0,          False,         32),
+                  "microblazeel":(189,   0,    0,          True,          32),
+                  "powerpc":    (20,     0,    0,          False,         32),
+                  "riscv32":    (243,    0,    0,          True,          32),
+                  "riscv64":    (243,    0,    0,          True,          64),
+                },
+      "linux" : { 
+                  "aarch64" :   (183,    0,    0,          True,          64),
+                  "aarch64_be" :(183,    0,    0,          False,         64),
+                  "arm" :       (40,    97,    0,          True,          32),
+                  "armeb":      (40,    97,    0,          False,         32),
+                  "powerpc":    (20,     0,    0,          False,         32),
+                  "powerpc64":  (21,     0,    0,          False,         64),
+                  "powerpc64le":  (21,     0,    0,          True,         64),
+                  "i386":       ( 3,     0,    0,          True,          32),
+                  "i486":       ( 3,     0,    0,          True,          32),
+                  "i586":       ( 3,     0,    0,          True,          32),
+                  "i686":       ( 3,     0,    0,          True,          32),
+                  "x86_64":     (62,     0,    0,          True,          64),
+                  "ia64":       (50,     0,    0,          True,          64),
+                  "alpha":      (36902,  0,    0,          True,          64),
+                  "hppa":       (15,     3,    0,          False,         32),
+                  "loongarch64":(258,    0,    0,          True,          64),
+                  "m68k":       ( 4,     0,    0,          False,         32),
+                  "mips":       ( 8,     0,    0,          False,         32),
+                  "mipsel":     ( 8,     0,    0,          True,          32),
+                  "mips64":     ( 8,     0,    0,          False,         64),
+                  "mips64el":   ( 8,     0,    0,          True,          64),
+                  "mipsisa32r6":   ( 8,  0,    0,          False,         32),
+                  "mipsisa32r6el": ( 8,  0,    0,          True,          32),
+                  "mipsisa64r6":   ( 8,  0,    0,          False,         64),
+                  "mipsisa64r6el": ( 8,  0,    0,          True,          64),
+                  "nios2":      (113,    0,    0,          True,          32),
+                  "riscv32":    (243,    0,    0,          True,          32),
+                  "riscv64":    (243,    0,    0,          True,          64),
+                  "s390":       (22,     0,    0,          False,         32),
+                  "sh4":        (42,     0,    0,          True,          32),
+                  "sparc":      ( 2,     0,    0,          False,         32),
+                  "microblaze":  (189,   0,    0,          False,         32),
+                  "microblazeel":(189,   0,    0,          True,          32),
+                },
+      "linux-android" : {
+                  "aarch64" :   (183,    0,    0,          True,          64),
+                  "i686":       ( 3,     0,    0,          True,          32),
+                  "x86_64":     (62,     0,    0,          True,          64),
+                },
+      "linux-androideabi" : {
+                  "arm" :       (40,    97,    0,          True,          32),
+                },
+      "linux-musl" : { 
+                  "aarch64" :   (183,    0,    0,            True,          64),
+                  "aarch64_be" :(183,    0,    0,            False,         64),
+                  "arm" :       (  40,    97,    0,          True,          32),
+                  "armeb":      (  40,    97,    0,          False,         32),
+                  "powerpc":    (  20,     0,    0,          False,         32),
+                  "powerpc64":  (  21,     0,    0,          False,         64),
+                  "powerpc64le":  (21,     0,    0,          True,         64),
+                  "i386":       (   3,     0,    0,          True,          32),
+                  "i486":       (   3,     0,    0,          True,          32),
+                  "i586":       (   3,     0,    0,          True,          32),
+                  "i686":       (   3,     0,    0,          True,          32),
+                  "x86_64":     (  62,     0,    0,          True,          64),
+                  "loongarch64":( 258,     0,    0,          True,          64),
+                  "mips":       (   8,     0,    0,          False,         32),
+                  "mipsel":     (   8,     0,    0,          True,          32),
+                  "mips64":     (   8,     0,    0,          False,         64),
+                  "mips64el":   (   8,     0,    0,          True,          64),
+                  "microblaze":  (189,     0,    0,          False,         32),
+                  "microblazeel":(189,     0,    0,          True,          32),
+                  "riscv32":    (243,      0,    0,          True,          32),
+                  "riscv64":    (243,      0,    0,          True,          64),
+                  "sh4":        (  42,     0,    0,          True,          32),
+                },
+      "uclinux-uclibc" : {
+                  "bfin":       ( 106,     0,    0,          True,         32),
+                }, 
+      "linux-gnueabi" : {
+                  "arm" :       (40,     0,    0,          True,          32),
+                  "armeb" :     (40,     0,    0,          False,         32),
+                },
+      "linux-musleabi" : {
+                  "arm" :       (40,     0,    0,          True,          32),
+                  "armeb" :     (40,     0,    0,          False,         32),
+                },
+      "linux-gnuspe" : {
+                  "powerpc":    (20,     0,    0,          False,         32),
+                },
+      "linux-muslspe" : {
+                  "powerpc":    (20,     0,    0,          False,         32),
+                },
+      "linux-gnu" :       {
+                  "powerpc":    (20,     0,    0,          False,         32),
+                  "sh4":        (42,     0,    0,          True,          32),
+                },
+      "linux-gnu_ilp32" :     {
+                  "aarch64" :   (183,    0,    0,          True,          32),
+                },
+      "linux-gnux32" :       {
+                  "x86_64":     (62,     0,    0,          True,          32),
+                },
+      "linux-muslx32" :       {
+                  "x86_64":     (62,     0,    0,          True,          32),
+                },
+      "linux-gnun32" :       {
+                  "mips64":       ( 8,     0,    0,          False,         32),
+                  "mips64el":     ( 8,     0,    0,          True,          32),
+                  "mipsisa64r6":  ( 8,     0,    0,          False,         32),
+                  "mipsisa64r6el":( 8,     0,    0,          True,          32),
+                },
+    }
 
     # Add in any extra user supplied data which may come from a BSP layer, removing the
     # need to always change this class directly
     extra_machdata = (d and d.getVar("PACKAGEQA_EXTRA_MACHDEFFUNCS" or None) or "").split()
     for m in extra_machdata:
         call = m + "(machdata, d)"
-        locs = { "machdata" : machdata, "d" : d}
-        machdata = bb.utils.better_eval(call, locs)
+        locs = { "machdata" : machine_dict.machdata, "d" : d}
+        machine_dict.machdata = bb.utils.better_eval(call, locs)
 
-    return machdata
+  return machine_dict.machdata
diff --git a/meta/lib/oe/fitimage.py b/meta/lib/oe/fitimage.py
new file mode 100644
index 0000000000..f303799155
--- /dev/null
+++ b/meta/lib/oe/fitimage.py
@@ -0,0 +1,547 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+# This file contains common functions for the fitimage generation
+
+import os
+import shlex
+import subprocess
+import bb
+
+from oeqa.utils.commands import runCmd
+
+class ItsNode:
+    INDENT_SIZE = 8
+
+    def __init__(self, name, parent_node, sub_nodes=None, properties=None):
+        self.name = name
+        self.parent_node = parent_node
+
+        self.sub_nodes = []
+        if sub_nodes:
+            self.sub_nodes = sub_nodes
+
+        self.properties = {}
+        if properties:
+            self.properties = properties
+
+        if parent_node:
+            parent_node.add_sub_node(self)
+
+    def add_sub_node(self, sub_node):
+        self.sub_nodes.append(sub_node)
+
+    def add_property(self, key, value):
+        self.properties[key] = value
+
+    def emit(self, f, indent):
+        indent_str_name = " " * indent
+        indent_str_props = " " * (indent + self.INDENT_SIZE)
+        f.write("%s%s {\n" % (indent_str_name, self.name))
+        for key, value in self.properties.items():
+            bb.debug(1, "key: %s, value: %s" % (key, str(value)))
+            # Single integer: <0x12ab>
+            if isinstance(value, int):
+                f.write(indent_str_props + key + ' = <0x%x>;\n' % value)
+            # list of strings: "string1", "string2" or integers: <0x12ab 0x34cd>
+            elif isinstance(value, list):
+                if len(value) == 0:
+                    f.write(indent_str_props + key + ' = "";\n')
+                elif isinstance(value[0], int):
+                    list_entries = ' '.join('0x%x' % entry for entry in value)
+                    f.write(indent_str_props + key + ' = <%s>;\n' % list_entries)
+                else:
+                    list_entries = ', '.join('"%s"' % entry for entry in value)
+                    f.write(indent_str_props + key + ' = %s;\n' % list_entries)
+            elif isinstance(value, str):
+                # path: /incbin/("path/to/file")
+                if key in ["data"] and value.startswith('/incbin/('):
+                    f.write(indent_str_props + key + ' = %s;\n' % value)
+                # Integers which are already string formatted
+                elif value.startswith("<") and value.endswith(">"):
+                    f.write(indent_str_props + key + ' = %s;\n' % value)
+                else:
+                    f.write(indent_str_props + key + ' = "%s";\n' % value)
+            else:
+                bb.fatal("%s has unexpexted data type." % str(value))
+        for sub_node in self.sub_nodes:
+            sub_node.emit(f, indent + self.INDENT_SIZE)
+        f.write(indent_str_name + '};\n')
+
+class ItsNodeImages(ItsNode):
+    def __init__(self, parent_node):
+        super().__init__("images", parent_node)
+
+class ItsNodeConfigurations(ItsNode):
+    def __init__(self, parent_node):
+        super().__init__("configurations", parent_node)
+
+class ItsNodeHash(ItsNode):
+    def __init__(self, name, parent_node, algo, opt_props=None):
+        properties = {
+            "algo": algo
+        }
+        if opt_props:
+            properties.update(opt_props)
+        super().__init__(name, parent_node, None, properties)
+
+class ItsImageSignature(ItsNode):
+    def __init__(self, name, parent_node, algo, keyname, opt_props=None):
+        properties = {
+            "algo": algo,
+            "key-name-hint": keyname
+        }
+        if opt_props:
+            properties.update(opt_props)
+        super().__init__(name, parent_node, None, properties)
+
+class ItsNodeImage(ItsNode):
+    def __init__(self, name, parent_node, description, type, compression, sub_nodes=None, opt_props=None):
+        properties = {
+            "description": description,
+            "type": type,
+            "compression": compression,
+        }
+        if opt_props:
+            properties.update(opt_props)
+        super().__init__(name, parent_node, sub_nodes, properties)
+
+class ItsNodeDtb(ItsNodeImage):
+    def __init__(self, name, parent_node, description, type, compression,
+                 sub_nodes=None, opt_props=None, compatible=None):
+        super().__init__(name, parent_node, description, type, compression, sub_nodes, opt_props)
+        self.compatible = compatible
+
+class ItsNodeDtbAlias(ItsNode):
+    """Additional Configuration Node for a DTB
+
+    Symlinks pointing to a DTB file are handled by an addtitional
+    configuration node referring to another DTB image node.
+    """
+    def __init__(self, name, alias_name, compatible=None):
+        super().__init__(name, parent_node=None, sub_nodes=None, properties=None)
+        self.alias_name = alias_name
+        self.compatible = compatible
+
+class ItsNodeConfigurationSignature(ItsNode):
+    def __init__(self, name, parent_node, algo, keyname, opt_props=None):
+        properties = {
+            "algo": algo,
+            "key-name-hint": keyname
+        }
+        if opt_props:
+            properties.update(opt_props)
+        super().__init__(name, parent_node, None, properties)
+
+class ItsNodeConfiguration(ItsNode):
+    def __init__(self, name, parent_node, description, sub_nodes=None, opt_props=None):
+        properties = {
+            "description": description,
+        }
+        if opt_props:
+            properties.update(opt_props)
+        super().__init__(name, parent_node, sub_nodes, properties)
+
+class ItsNodeRootKernel(ItsNode):
+    """Create FIT images for the kernel
+
+    Currently only a single kernel (no less or more) can be added to the FIT
+    image along with 0 or more device trees and 0 or 1 ramdisk.
+
+    If a device tree included in the FIT image, the default configuration is the
+    firt DTB. If there is no dtb present than the default configuation the kernel.
+    """
+    def __init__(self, description, address_cells, host_prefix, arch, conf_prefix,
+                 sign_enable=False, sign_keydir=None,
+                 mkimage=None, mkimage_dtcopts=None,
+                 mkimage_sign=None, mkimage_sign_args=None,
+                 hash_algo=None, sign_algo=None, pad_algo=None,
+                 sign_keyname_conf=None,
+                 sign_individual=False, sign_keyname_img=None):
+        props = {
+            "description": description,
+            "#address-cells": f"<{address_cells}>"
+        }
+        super().__init__("/", None, None, props)
+        self.images = ItsNodeImages(self)
+        self.configurations = ItsNodeConfigurations(self)
+
+        self._host_prefix = host_prefix
+        self._arch = arch
+        self._conf_prefix = conf_prefix
+
+        # Signature related properties
+        self._sign_enable = sign_enable
+        self._sign_keydir = sign_keydir
+        self._mkimage = mkimage
+        self._mkimage_dtcopts = mkimage_dtcopts
+        self._mkimage_sign = mkimage_sign
+        self._mkimage_sign_args = mkimage_sign_args
+        self._hash_algo = hash_algo
+        self._sign_algo = sign_algo
+        self._pad_algo = pad_algo
+        self._sign_keyname_conf = sign_keyname_conf
+        self._sign_individual = sign_individual
+        self._sign_keyname_img = sign_keyname_img
+        self._sanitize_sign_config()
+
+        self._dtbs = []
+        self._dtb_alias = []
+        self._kernel = None
+        self._ramdisk = None
+        self._bootscr = None
+        self._setup = None
+
+    def _sanitize_sign_config(self):
+        if self._sign_enable:
+            if not self._hash_algo:
+                bb.fatal("FIT image signing is enabled but no hash algorithm is provided.")
+            if not self._sign_algo:
+                bb.fatal("FIT image signing is enabled but no signature algorithm is provided.")
+            if not self._pad_algo:
+                bb.fatal("FIT image signing is enabled but no padding algorithm is provided.")
+            if not self._sign_keyname_conf:
+                bb.fatal("FIT image signing is enabled but no configuration key name is provided.")
+            if self._sign_individual and not self._sign_keyname_img:
+                bb.fatal("FIT image signing is enabled for individual images but no image key name is provided.")
+
+    def write_its_file(self, itsfile):
+        with open(itsfile, 'w') as f:
+            f.write("/dts-v1/;\n\n")
+            self.emit(f, 0)
+
+    def its_add_node_image(self, image_id, description, image_type, compression, opt_props):
+        image_node = ItsNodeImage(
+            image_id,
+            self.images,
+            description,
+            image_type,
+            compression,
+            opt_props=opt_props
+        )
+        if self._hash_algo:
+            ItsNodeHash(
+                "hash-1",
+                image_node,
+                self._hash_algo
+            )
+        if self._sign_individual:
+            ItsImageSignature(
+                "signature-1",
+                image_node,
+                f"{self._hash_algo},{self._sign_algo}",
+                self._sign_keyname_img
+            )
+        return image_node
+
+    def its_add_node_dtb(self, image_id, description, image_type, compression, opt_props, compatible):
+        dtb_node = ItsNodeDtb(
+            image_id,
+            self.images,
+            description,
+            image_type,
+            compression,
+            opt_props=opt_props,
+            compatible=compatible
+        )
+        if self._hash_algo:
+            ItsNodeHash(
+                "hash-1",
+                dtb_node,
+                self._hash_algo
+            )
+        if self._sign_individual:
+            ItsImageSignature(
+                "signature-1",
+                dtb_node,
+                f"{self._hash_algo},{self._sign_algo}",
+                self._sign_keyname_img
+            )
+        return dtb_node
+
+    def fitimage_emit_section_kernel(self, kernel_id, kernel_path, compression,
+        load, entrypoint, mkimage_kernel_type, entrysymbol=None):
+        """Emit the fitImage ITS kernel section"""
+        if self._kernel:
+            bb.fatal("Kernel section already exists in the ITS file.")
+        if entrysymbol:
+            result = subprocess.run([self._host_prefix + "nm", "vmlinux"], capture_output=True, text=True)
+            for line in result.stdout.splitlines():
+                parts = line.split()
+                if len(parts) == 3 and parts[2] == entrysymbol:
+                    entrypoint = "<0x%s>" % parts[0]
+                    break
+        kernel_node = self.its_add_node_image(
+            kernel_id,
+            "Linux kernel",
+            mkimage_kernel_type,
+            compression,
+            {
+                "data": '/incbin/("' + kernel_path + '")',
+                "arch": self._arch,
+                "os": "linux",
+                "load": f"<{load}>",
+                "entry": f"<{entrypoint}>"
+            }
+        )
+        self._kernel = kernel_node
+
+    def fitimage_emit_section_dtb(self, dtb_id, dtb_path, dtb_loadaddress=None,
+                                  dtbo_loadaddress=None, add_compatible=False):
+        """Emit the fitImage ITS DTB section"""
+        load=None
+        dtb_ext = os.path.splitext(dtb_path)[1]
+        if dtb_ext == ".dtbo":
+            if dtbo_loadaddress:
+                load = dtbo_loadaddress
+        elif dtb_loadaddress:
+            load = dtb_loadaddress
+
+        opt_props = {
+            "data": '/incbin/("' + dtb_path + '")',
+            "arch": self._arch
+        }
+        if load:
+            opt_props["load"] = f"<{load}>"
+
+        # Preserve the DTB's compatible string to be added to the configuration node
+        compatible = None
+        if add_compatible:
+            compatible = get_compatible_from_dtb(dtb_path)
+
+        dtb_node = self.its_add_node_dtb(
+            "fdt-" + dtb_id,
+            "Flattened Device Tree blob",
+            "flat_dt",
+            "none",
+            opt_props,
+            compatible
+        )
+        self._dtbs.append(dtb_node)
+
+    def fitimage_emit_section_dtb_alias(self, dtb_alias_id, dtb_path, add_compatible=False):
+        """Add a configuration node referring to another DTB"""
+        # Preserve the DTB's compatible string to be added to the configuration node
+        compatible = None
+        if add_compatible:
+            compatible = get_compatible_from_dtb(dtb_path)
+
+        dtb_id = os.path.basename(dtb_path)
+        dtb_alias_node = ItsNodeDtbAlias("fdt-" + dtb_id, dtb_alias_id, compatible)
+        self._dtb_alias.append(dtb_alias_node)
+        bb.warn(f"compatible: {compatible}, dtb_alias_id: {dtb_alias_id}, dtb_id: {dtb_id}, dtb_path: {dtb_path}")
+
+    def fitimage_emit_section_boot_script(self, bootscr_id, bootscr_path):
+        """Emit the fitImage ITS u-boot script section"""
+        if self._bootscr:
+            bb.fatal("U-boot script section already exists in the ITS file.")
+        bootscr_node = self.its_add_node_image(
+            bootscr_id,
+            "U-boot script",
+            "script",
+            "none",
+            {
+                "data": '/incbin/("' + bootscr_path + '")',
+                "arch": self._arch,
+                "type": "script"
+            }
+        )
+        self._bootscr = bootscr_node
+
+    def fitimage_emit_section_setup(self, setup_id, setup_path):
+        """Emit the fitImage ITS setup section"""
+        if self._setup:
+            bb.fatal("Setup section already exists in the ITS file.")
+        load = "<0x00090000>"
+        entry = "<0x00090000>"
+        setup_node = self.its_add_node_image(
+            setup_id,
+            "Linux setup.bin",
+            "x86_setup",
+            "none",
+            {
+                "data": '/incbin/("' + setup_path + '")',
+                "arch": self._arch,
+                "os": "linux",
+                "load": load,
+                "entry": entry
+            }
+        )
+        self._setup = setup_node
+
+    def fitimage_emit_section_ramdisk(self, ramdisk_id, ramdisk_path, description="ramdisk", load=None, entry=None):
+        """Emit the fitImage ITS ramdisk section"""
+        if self._ramdisk:
+            bb.fatal("Ramdisk section already exists in the ITS file.")
+        opt_props = {
+            "data": '/incbin/("' + ramdisk_path + '")',
+            "type": "ramdisk",
+            "arch": self._arch,
+            "os": "linux"
+        }
+        if load:
+            opt_props["load"] = f"<{load}>"
+        if entry:
+            opt_props["entry"] = f"<{entry}>"
+
+        ramdisk_node = self.its_add_node_image(
+            ramdisk_id,
+            description,
+            "ramdisk",
+            "none",
+            opt_props
+        )
+        self._ramdisk = ramdisk_node
+
+    def _fitimage_emit_one_section_config(self, conf_node_name, dtb=None):
+        """Emit the fitImage ITS configuration section"""
+        opt_props = {}
+        conf_desc = []
+        sign_entries = []
+
+        if self._kernel:
+            conf_desc.append("Linux kernel")
+            opt_props["kernel"] = self._kernel.name
+            if self._sign_enable:
+                sign_entries.append("kernel")
+
+        if dtb:
+            conf_desc.append("FDT blob")
+            opt_props["fdt"] = dtb.name
+            if dtb.compatible:
+                opt_props["compatible"] = dtb.compatible
+            if self._sign_enable:
+                sign_entries.append("fdt")
+
+        if self._ramdisk:
+            conf_desc.append("ramdisk")
+            opt_props["ramdisk"] = self._ramdisk.name
+            if self._sign_enable:
+                sign_entries.append("ramdisk")
+
+        if self._bootscr:
+            conf_desc.append("u-boot script")
+            opt_props["bootscr"] = self._bootscr.name
+            if self._sign_enable:
+                sign_entries.append("bootscr")
+
+        if self._setup:
+            conf_desc.append("setup")
+            opt_props["setup"] = self._setup.name
+            if self._sign_enable:
+                sign_entries.append("setup")
+
+        # First added configuration is the default configuration
+        default_flag = "0"
+        if len(self.configurations.sub_nodes) == 0:
+            default_flag = "1"
+
+        conf_node = ItsNodeConfiguration(
+            conf_node_name,
+            self.configurations,
+            f"{default_flag} {', '.join(conf_desc)}",
+            opt_props=opt_props
+        )
+        if self._hash_algo:
+            ItsNodeHash(
+                "hash-1",
+                conf_node,
+                self._hash_algo
+            )
+        if self._sign_enable:
+            ItsNodeConfigurationSignature(
+                "signature-1",
+                conf_node,
+                f"{self._hash_algo},{self._sign_algo}",
+                self._sign_keyname_conf,
+                opt_props={
+                    "padding": self._pad_algo,
+                    "sign-images": sign_entries
+                }
+            )
+
+    def fitimage_emit_section_config(self, default_dtb_image=None):
+        if self._dtbs:
+            for dtb in self._dtbs:
+                dtb_name = dtb.name
+                if dtb.name.startswith("fdt-"):
+                    dtb_name = dtb.name[len("fdt-"):]
+                self._fitimage_emit_one_section_config(self._conf_prefix + dtb_name, dtb)
+            for dtb in self._dtb_alias:
+                self._fitimage_emit_one_section_config(self._conf_prefix + dtb.alias_name, dtb)
+        else:
+            # Currently exactly one kernel is supported.
+            self._fitimage_emit_one_section_config(self._conf_prefix + "1")
+
+        default_conf = self.configurations.sub_nodes[0].name
+        if default_dtb_image and self._dtbs:
+            default_conf = self._conf_prefix + default_dtb_image
+        self.configurations.add_property('default', default_conf)
+
+    def run_mkimage_assemble(self, itsfile, fitfile):
+        cmd = [
+            self._mkimage,
+            '-f', itsfile,
+            fitfile
+        ]
+        if self._mkimage_dtcopts:
+            cmd.insert(1, '-D')
+            cmd.insert(2, self._mkimage_dtcopts)
+        try:
+            subprocess.run(cmd, check=True, capture_output=True)
+        except subprocess.CalledProcessError as e:
+            bb.fatal(f"Command '{' '.join(cmd)}' failed with return code {e.returncode}\nstdout: {e.stdout.decode()}\nstderr: {e.stderr.decode()}\nitsflile: {os.path.abspath(itsfile)}")
+
+    def run_mkimage_sign(self, fitfile):
+        if not self._sign_enable:
+            bb.debug(1, "FIT image signing is disabled. Skipping signing.")
+            return
+
+        # Some sanity checks because mkimage exits with 0 also without needed keys
+        sign_key_path = os.path.join(self._sign_keydir, self._sign_keyname_conf)
+        if not os.path.exists(sign_key_path + '.key') or not os.path.exists(sign_key_path + '.crt'):
+            bb.fatal("%s.key or .crt does not exist" % sign_key_path)
+        if self._sign_individual:
+            sign_key_img_path = os.path.join(self._sign_keydir, self._sign_keyname_img)
+            if not os.path.exists(sign_key_img_path + '.key') or not os.path.exists(sign_key_img_path + '.crt'):
+                bb.fatal("%s.key or .crt does not exist" % sign_key_img_path)
+
+        cmd = [
+            self._mkimage_sign,
+            '-F',
+            '-k', self._sign_keydir,
+            '-r', fitfile
+        ]
+        if self._mkimage_dtcopts:
+            cmd.extend(['-D', self._mkimage_dtcopts])
+        if self._mkimage_sign_args:
+            cmd.extend(shlex.split(self._mkimage_sign_args))
+        try:
+            subprocess.run(cmd, check=True, capture_output=True)
+        except subprocess.CalledProcessError as e:
+            bb.fatal(f"Command '{' '.join(cmd)}' failed with return code {e.returncode}\nstdout: {e.stdout.decode()}\nstderr: {e.stderr.decode()}")
+
+
+def symlink_points_below(file_or_symlink, expected_parent_dir):
+    """returns symlink destination if it points below directory"""
+    file_path = os.path.join(expected_parent_dir, file_or_symlink)
+    if not os.path.islink(file_path):
+        return None
+
+    realpath = os.path.relpath(os.path.realpath(file_path), expected_parent_dir)
+    if realpath.startswith(".."):
+        return None
+
+    return realpath
+
+def get_compatible_from_dtb(dtb_path, fdtget_path="fdtget"):
+    compatible = None
+    cmd = [fdtget_path, "-t", "s", dtb_path, "/", "compatible"]
+    try:
+        ret = subprocess.run(cmd, check=True, capture_output=True, text=True)
+        compatible = ret.stdout.strip().split()
+    except subprocess.CalledProcessError:
+        compatible = None
+    return compatible
diff --git a/meta/lib/oe/go.py b/meta/lib/oe/go.py
new file mode 100644
index 0000000000..4559dc63b2
--- /dev/null
+++ b/meta/lib/oe/go.py
@@ -0,0 +1,38 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+import re
+
+def map_arch(a):
+    """
+    Map our architecture names to Go's GOARCH names.
+    See https://github.com/golang/go/blob/master/src/internal/syslist/syslist.go for the complete list.
+    """
+    if re.match('i.86', a):
+        return '386'
+    elif a == 'x86_64':
+        return 'amd64'
+    elif re.match('arm.*', a):
+        return 'arm'
+    elif re.match('aarch64.*', a):
+        return 'arm64'
+    elif re.match('mips64el.*', a):
+        return 'mips64le'
+    elif re.match('mips64.*', a):
+        return 'mips64'
+    elif a == 'mips':
+        return 'mips'
+    elif a == 'mipsel':
+        return 'mipsle'
+    elif re.match('p(pc|owerpc)(64le)', a):
+        return 'ppc64le'
+    elif re.match('p(pc|owerpc)(64)', a):
+        return 'ppc64'
+    elif a == 'riscv64':
+        return 'riscv64'
+    elif a == 'loongarch64':
+        return 'loong64'
+    raise KeyError(f"Cannot map architecture {a}")
diff --git a/meta/lib/oe/gpg_sign.py b/meta/lib/oe/gpg_sign.py
index 7634d7ef1d..ede6186c84 100644
--- a/meta/lib/oe/gpg_sign.py
+++ b/meta/lib/oe/gpg_sign.py
@@ -1,13 +1,16 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
 """Helper module for GPG signing"""
-import os
 
 import bb
-import subprocess
+import os
 import shlex
+import subprocess
+import tempfile
 
 class LocalSigner(object):
     """Class for handling local (on the build host) signing"""
@@ -58,7 +61,7 @@ class LocalSigner(object):
         for i in range(0, len(files), sign_chunk):
             subprocess.check_output(shlex.split(cmd + ' '.join(files[i:i+sign_chunk])), stderr=subprocess.STDOUT)
 
-    def detach_sign(self, input_file, keyid, passphrase_file, passphrase=None, armor=True):
+    def detach_sign(self, input_file, keyid, passphrase_file, passphrase=None, armor=True, output_suffix=None, use_sha256=False):
         """Create a detached signature of a file"""
 
         if passphrase_file and passphrase:
@@ -71,25 +74,35 @@ class LocalSigner(object):
             cmd += ['--homedir', self.gpg_path]
         if armor:
             cmd += ['--armor']
+        if use_sha256:
+            cmd += ['--digest-algo', "SHA256"]
 
         #gpg > 2.1 supports password pipes only through the loopback interface
         #gpg < 2.1 errors out if given unknown parameters
         if self.gpg_version > (2,1,):
             cmd += ['--pinentry-mode', 'loopback']
 
-        cmd += [input_file]
-
         try:
             if passphrase_file:
                 with open(passphrase_file) as fobj:
                     passphrase = fobj.readline();
 
-            job = subprocess.Popen(cmd, stdin=subprocess.PIPE, stderr=subprocess.PIPE)
-            (_, stderr) = job.communicate(passphrase.encode("utf-8"))
+            if not output_suffix:
+                output_suffix = 'asc' if armor else 'sig'
+            output_file = input_file + "." + output_suffix
+            with tempfile.TemporaryDirectory(dir=os.path.dirname(output_file)) as tmp_dir:
+                tmp_file = os.path.join(tmp_dir, os.path.basename(output_file))
+                cmd += ['-o', tmp_file]
+
+                cmd += [input_file]
+
+                job = subprocess.Popen(cmd, stdin=subprocess.PIPE, stderr=subprocess.PIPE)
+                (_, stderr) = job.communicate(passphrase.encode("utf-8"))
 
-            if job.returncode:
-                bb.fatal("GPG exited with code %d: %s" % (job.returncode, stderr.decode("utf-8")))
+                if job.returncode:
+                    bb.fatal("GPG exited with code %d: %s" % (job.returncode, stderr.decode("utf-8")))
 
+                os.rename(tmp_file, output_file)
         except IOError as e:
             bb.error("IO error (%s): %s" % (e.errno, e.strerror))
             raise Exception("Failed to sign '%s'" % input_file)
@@ -109,16 +122,33 @@ class LocalSigner(object):
             bb.fatal("Could not get gpg version: %s" % e)
 
 
-    def verify(self, sig_file):
+    def verify(self, sig_file, valid_sigs = ''):
         """Verify signature"""
-        cmd = self.gpg_cmd + [" --verify", "--no-permission-warning"]
+        cmd = self.gpg_cmd + ["--verify", "--no-permission-warning", "--status-fd", "1"]
         if self.gpg_path:
             cmd += ["--homedir", self.gpg_path]
 
         cmd += [sig_file]
-        status = subprocess.call(cmd)
-        ret = False if status else True
-        return ret
+        status = subprocess.run(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+        # Valid if any key matches if unspecified
+        if not valid_sigs:
+            ret = False if status.returncode else True
+            return ret
+
+        import re
+        goodsigs = []
+        sigre = re.compile(r'^\[GNUPG:\] GOODSIG (\S+)\s(.*)$')
+        for l in status.stdout.decode("utf-8").splitlines():
+            s = sigre.match(l)
+            if s:
+                goodsigs += [s.group(1)]
+
+        for sig in valid_sigs.split():
+            if sig in goodsigs:
+                return True
+        if len(goodsigs):
+            bb.warn('No accepted signatures found. Good signatures found: %s.' % ' '.join(goodsigs))
+        return False
 
 
 def get_signer(d, backend):
diff --git a/meta/lib/oe/license.py b/meta/lib/oe/license.py
index 665d32ecbb..6e55fa1e7f 100644
--- a/meta/lib/oe/license.py
+++ b/meta/lib/oe/license.py
@@ -1,10 +1,13 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 """Code for parsing OpenEmbedded license strings"""
 
 import ast
 import re
+import oe.qa
 from fnmatch import fnmatchcase as fnmatch
 
 def license_ok(license, dont_want_licenses):
@@ -14,6 +17,16 @@ def license_ok(license, dont_want_licenses):
             return False
     return True
 
+def obsolete_license_list():
+    return ["AGPL-3", "AGPL-3+", "AGPLv3", "AGPLv3+", "AGPLv3.0", "AGPLv3.0+", "AGPL-3.0", "AGPL-3.0+", "BSD-0-Clause",
+            "GPL-1", "GPL-1+", "GPLv1", "GPLv1+", "GPLv1.0", "GPLv1.0+", "GPL-1.0", "GPL-1.0+", "GPL-2", "GPL-2+", "GPLv2",
+            "GPLv2+", "GPLv2.0", "GPLv2.0+", "GPL-2.0", "GPL-2.0+", "GPL-3", "GPL-3+", "GPLv3", "GPLv3+", "GPLv3.0", "GPLv3.0+",
+            "GPL-3.0", "GPL-3.0+", "LGPLv2", "LGPLv2+", "LGPLv2.0", "LGPLv2.0+", "LGPL-2.0", "LGPL-2.0+", "LGPL2.1", "LGPL2.1+",
+            "LGPLv2.1", "LGPLv2.1+", "LGPL-2.1", "LGPL-2.1+", "LGPLv3", "LGPLv3+", "LGPL-3.0", "LGPL-3.0+", "MPL-1", "MPLv1",
+            "MPLv1.1", "MPLv2", "MIT-X", "MIT-style", "openssl", "PSF", "PSFv2", "Python-2", "Apachev2", "Apache-2", "Artisticv1",
+            "Artistic-1", "AFL-2", "AFL-1", "AFLv2", "AFLv1", "CDDLv1", "CDDL-1", "EPLv1.0", "FreeType", "Nauman",
+            "tcl", "vim", "SGIv1"]
+
 class LicenseError(Exception):
     pass
 
@@ -74,6 +87,9 @@ class FlattenVisitor(LicenseVisitor):
     def visit_Str(self, node):
         self.licenses.append(node.s)
 
+    def visit_Constant(self, node):
+        self.licenses.append(node.value)
+
     def visit_BinOp(self, node):
         if isinstance(node.op, ast.BitOr):
             left = FlattenVisitor(self.choose_licenses)
@@ -96,26 +112,26 @@ def flattened_licenses(licensestr, choose_licenses):
         raise LicenseSyntaxError(licensestr, exc)
     return flatten.licenses
 
-def is_included(licensestr, whitelist=None, blacklist=None):
-    """Given a license string and whitelist and blacklist, determine if the
-    license string matches the whitelist and does not match the blacklist.
+def is_included(licensestr, include_licenses=None, exclude_licenses=None):
+    """Given a license string, a list of licenses to include and a list of
+    licenses to exclude, determine if the license string matches the include
+    list and does not match the exclude list.
 
     Returns a tuple holding the boolean state and a list of the applicable
     licenses that were excluded if state is False, or the licenses that were
-    included if the state is True.
-    """
+    included if the state is True."""
 
     def include_license(license):
-        return any(fnmatch(license, pattern) for pattern in whitelist)
+        return any(fnmatch(license, pattern) for pattern in include_licenses)
 
     def exclude_license(license):
-        return any(fnmatch(license, pattern) for pattern in blacklist)
+        return any(fnmatch(license, pattern) for pattern in exclude_licenses)
 
     def choose_licenses(alpha, beta):
         """Select the option in an OR which is the 'best' (has the most
         included licenses and no excluded licenses)."""
         # The factor 1000 below is arbitrary, just expected to be much larger
-        # that the number of licenses actually specified. That way the weight
+        # than the number of licenses actually specified. That way the weight
         # will be negative if the list of licenses contains an excluded license,
         # but still gives a higher weight to the list with the most included
         # licenses.
@@ -128,11 +144,11 @@ def is_included(licensestr, whitelist=None, blacklist=None):
         else:
             return beta
 
-    if not whitelist:
-        whitelist = ['*']
+    if not include_licenses:
+        include_licenses = ['*']
 
-    if not blacklist:
-        blacklist = []
+    if not exclude_licenses:
+        exclude_licenses = []
 
     licenses = flattened_licenses(licensestr, choose_licenses)
     excluded = [lic for lic in licenses if exclude_license(lic)]
@@ -227,6 +243,9 @@ class ListVisitor(LicenseVisitor):
     def visit_Str(self, node):
         self.licenses.add(node.s)
 
+    def visit_Constant(self, node):
+        self.licenses.add(node.value)
+
 def list_licenses(licensestr):
     """Simply get a list of all licenses mentioned in a license string.
        Binary operators are not applied or taken into account in any way"""
@@ -236,3 +255,225 @@ def list_licenses(licensestr):
     except SyntaxError as exc:
         raise LicenseSyntaxError(licensestr, exc)
     return visitor.licenses
+
+def apply_pkg_license_exception(pkg, bad_licenses, exceptions):
+    """Return remaining bad licenses after removing any package exceptions"""
+
+    return [lic for lic in bad_licenses if pkg + ':' + lic not in exceptions]
+
+def return_spdx(d, license):
+    """
+    This function returns the spdx mapping of a license if it exists.
+     """
+    return d.getVarFlag('SPDXLICENSEMAP', license)
+
+def canonical_license(d, license):
+    """
+    Return the canonical (SPDX) form of the license if available (so GPLv3
+    becomes GPL-3.0-only) or the passed license if there is no canonical form.
+    """
+    return d.getVarFlag('SPDXLICENSEMAP', license) or license
+
+def expand_wildcard_licenses(d, wildcard_licenses):
+    """
+    There are some common wildcard values users may want to use. Support them
+    here.
+    """
+    licenses = set(wildcard_licenses)
+    mapping = {
+        "AGPL-3.0*" : ["AGPL-3.0-only", "AGPL-3.0-or-later"],
+        "GPL-3.0*" : ["GPL-3.0-only", "GPL-3.0-or-later"],
+        "LGPL-3.0*" : ["LGPL-3.0-only", "LGPL-3.0-or-later"],
+    }
+    for k in mapping:
+        if k in wildcard_licenses:
+            licenses.remove(k)
+            for item in mapping[k]:
+                licenses.add(item)
+
+    for l in licenses:
+        if l in obsolete_license_list():
+            bb.fatal("Error, %s is an obsolete license, please use an SPDX reference in INCOMPATIBLE_LICENSE" % l)
+        if "*" in l:
+            bb.fatal("Error, %s is an invalid license wildcard entry" % l)
+
+    return list(licenses)
+
+def incompatible_license_contains(license, truevalue, falsevalue, d):
+    license = canonical_license(d, license)
+    bad_licenses = (d.getVar('INCOMPATIBLE_LICENSE') or "").split()
+    bad_licenses = expand_wildcard_licenses(d, bad_licenses)
+    return truevalue if license in bad_licenses else falsevalue
+
+def incompatible_pkg_license(d, dont_want_licenses, license):
+    # Handles an "or" or two license sets provided by
+    # flattened_licenses(), pick one that works if possible.
+    def choose_lic_set(a, b):
+        return a if all(license_ok(canonical_license(d, lic),
+                            dont_want_licenses) for lic in a) else b
+
+    try:
+        licenses = flattened_licenses(license, choose_lic_set)
+    except LicenseError as exc:
+        bb.fatal('%s: %s' % (d.getVar('P'), exc))
+
+    incompatible_lic = []
+    for l in licenses:
+        license = canonical_license(d, l)
+        if not license_ok(license, dont_want_licenses):
+            incompatible_lic.append(license)
+
+    return sorted(incompatible_lic)
+
+def incompatible_license(d, dont_want_licenses, package=None):
+    """
+    This function checks if a recipe has only incompatible licenses. It also
+    take into consideration 'or' operand.  dont_want_licenses should be passed
+    as canonical (SPDX) names.
+    """
+    license = d.getVar("LICENSE:%s" % package) if package else None
+    if not license:
+        license = d.getVar('LICENSE')
+
+    return incompatible_pkg_license(d, dont_want_licenses, license)
+
+def check_license_flags(d):
+    """
+    This function checks if a recipe has any LICENSE_FLAGS that
+    aren't acceptable.
+
+    If it does, it returns the all LICENSE_FLAGS missing from the list
+    of acceptable license flags, or all of the LICENSE_FLAGS if there
+    is no list of acceptable flags.
+
+    If everything is is acceptable, it returns None.
+    """
+
+    def license_flag_matches(flag, acceptlist, pn):
+        """
+        Return True if flag matches something in acceptlist, None if not.
+
+        Before we test a flag against the acceptlist, we append _${PN}
+        to it.  We then try to match that string against the
+        acceptlist.  This covers the normal case, where we expect
+        LICENSE_FLAGS to be a simple string like 'commercial', which
+        the user typically matches exactly in the acceptlist by
+        explicitly appending the package name e.g 'commercial_foo'.
+        If we fail the match however, we then split the flag across
+        '_' and append each fragment and test until we either match or
+        run out of fragments.
+        """
+        flag_pn = ("%s_%s" % (flag, pn))
+        for candidate in acceptlist:
+            if flag_pn == candidate:
+                    return True
+
+        flag_cur = ""
+        flagments = flag_pn.split("_")
+        flagments.pop() # we've already tested the full string
+        for flagment in flagments:
+            if flag_cur:
+                flag_cur += "_"
+            flag_cur += flagment
+            for candidate in acceptlist:
+                if flag_cur == candidate:
+                    return True
+        return False
+
+    def all_license_flags_match(license_flags, acceptlist):
+        """ Return all unmatched flags, None if all flags match """
+        pn = d.getVar('PN')
+        split_acceptlist = acceptlist.split()
+        flags = []
+        for flag in license_flags.split():
+            if not license_flag_matches(flag, split_acceptlist, pn):
+                flags.append(flag)
+        return flags if flags else None
+
+    license_flags = d.getVar('LICENSE_FLAGS')
+    if license_flags:
+        acceptlist = d.getVar('LICENSE_FLAGS_ACCEPTED')
+        if not acceptlist:
+            return license_flags.split()
+        unmatched_flags = all_license_flags_match(license_flags, acceptlist)
+        if unmatched_flags:
+            return unmatched_flags
+    return None
+
+def check_license_format(d):
+    """
+    This function checks if LICENSE is well defined,
+        Validate operators in LICENSES.
+        No spaces are allowed between LICENSES.
+    """
+    pn = d.getVar('PN')
+    licenses = d.getVar('LICENSE')
+
+    elements = list(filter(lambda x: x.strip(), license_operator.split(licenses)))
+    for pos, element in enumerate(elements):
+        if license_pattern.match(element):
+            if pos > 0 and license_pattern.match(elements[pos - 1]):
+                oe.qa.handle_error('license-format',
+                        '%s: LICENSE value "%s" has an invalid format - license names ' \
+                        'must be separated by the following characters to indicate ' \
+                        'the license selection: %s' %
+                        (pn, licenses, license_operator_chars), d)
+        elif not license_operator.match(element):
+            oe.qa.handle_error('license-format',
+                    '%s: LICENSE value "%s" has an invalid separator "%s" that is not ' \
+                    'in the valid list of separators (%s)' %
+                    (pn, licenses, element, license_operator_chars), d)
+
+def skip_incompatible_package_licenses(d, pkgs):
+    if not pkgs:
+        return {}
+
+    pn = d.getVar("PN")
+
+    check_license = False if pn.startswith("nativesdk-") else True
+    for t in ["-native", "-cross-${TARGET_ARCH}", "-cross-initial-${TARGET_ARCH}",
+            "-crosssdk-${SDK_SYS}", "-crosssdk-initial-${SDK_SYS}",
+            "-cross-canadian-${TRANSLATED_TARGET_ARCH}"]:
+        if pn.endswith(d.expand(t)):
+            check_license = False
+    if pn.startswith("gcc-source-"):
+        check_license = False
+
+    bad_licenses = (d.getVar('INCOMPATIBLE_LICENSE') or "").split()
+    if not check_license or not bad_licenses:
+        return {}
+
+    bad_licenses = expand_wildcard_licenses(d, bad_licenses)
+
+    exceptions = (d.getVar("INCOMPATIBLE_LICENSE_EXCEPTIONS") or "").split()
+
+    for lic_exception in exceptions:
+        if ":" in lic_exception:
+            lic_exception = lic_exception.split(":")[1]
+        if lic_exception in obsolete_license_list():
+            bb.fatal("Obsolete license %s used in INCOMPATIBLE_LICENSE_EXCEPTIONS" % lic_exception)
+
+    skipped_pkgs = {}
+    for pkg in pkgs:
+        remaining_bad_licenses = apply_pkg_license_exception(pkg, bad_licenses, exceptions)
+
+        incompatible_lic = incompatible_license(d, remaining_bad_licenses, pkg)
+        if incompatible_lic:
+            skipped_pkgs[pkg] = incompatible_lic
+
+    return skipped_pkgs
+
+def tidy_licenses(value):
+    """
+    Flat, split and sort licenses.
+    """
+    from oe.license import flattened_licenses
+
+    def _choose(a, b):
+        str_a, str_b  = sorted((" & ".join(a), " & ".join(b)), key=str.casefold)
+        return ["(%s | %s)" % (str_a, str_b)]
+
+    if not isinstance(value, str):
+        value = " & ".join(value)
+
+    return sorted(list(set(flattened_licenses(value, _choose))), key=str.casefold)
diff --git a/meta/lib/oe/license_finder.py b/meta/lib/oe/license_finder.py
new file mode 100644
index 0000000000..16f5d7c94c
--- /dev/null
+++ b/meta/lib/oe/license_finder.py
@@ -0,0 +1,179 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+
+import fnmatch
+import hashlib
+import logging
+import os
+import re
+
+import bb
+import bb.utils
+
+logger = logging.getLogger("BitBake.OE.LicenseFinder")
+
+def _load_hash_csv(d):
+    """
+    Load a mapping of (checksum: license name) from all files/license-hashes.csv
+    files that can be found in the available layers.
+    """
+    import csv
+    md5sums = {}
+
+    # Read license md5sums from csv file
+    for path in d.getVar('BBPATH').split(':'):
+        csv_path = os.path.join(path, 'files', 'license-hashes.csv')
+        if os.path.isfile(csv_path):
+            with open(csv_path, newline='') as csv_file:
+                reader = csv.DictReader(csv_file, delimiter=',', fieldnames=['md5sum', 'license'])
+                for row in reader:
+                    md5sums[row['md5sum']] = row['license']
+
+    return md5sums
+
+
+def _crunch_known_licenses(d):
+    """
+    Calculate the MD5 checksums for the original and "crunched" versions of all
+    known licenses.
+    """
+    md5sums = {}
+
+    lic_dirs = [d.getVar('COMMON_LICENSE_DIR')] + (d.getVar('LICENSE_PATH') or "").split()
+    for lic_dir in lic_dirs:
+        for fn in os.listdir(lic_dir):
+            path = os.path.join(lic_dir, fn)
+            # Hash the exact contents
+            md5value = bb.utils.md5_file(path)
+            md5sums[md5value] = fn
+            # Also hash a "crunched" version
+            md5value = _crunch_license(path)
+            md5sums[md5value] = fn
+
+    return md5sums
+
+
+def _crunch_license(licfile):
+    '''
+    Remove non-material text from a license file and then calculate its
+    md5sum. This works well for licenses that contain a copyright statement,
+    but is also a useful way to handle people's insistence upon reformatting
+    the license text slightly (with no material difference to the text of the
+    license).
+    '''
+
+    import oe.utils
+
+    # Note: these are carefully constructed!
+    license_title_re = re.compile(r'^#*\(? *(This is )?([Tt]he )?.{0,15} ?[Ll]icen[sc]e( \(.{1,10}\))?\)?[:\.]? ?#*$')
+    license_statement_re = re.compile(r'^((This (project|software)|.{1,10}) is( free software)? (released|licen[sc]ed)|(Released|Licen[cs]ed)) under the .{1,10} [Ll]icen[sc]e:?$')
+    copyright_re = re.compile(r'^ *[#\*]* *(Modified work |MIT LICENSED )?Copyright ?(\([cC]\))? .*$')
+    disclaimer_re = re.compile(r'^ *\*? ?All [Rr]ights [Rr]eserved\.$')
+    email_re = re.compile(r'^.*<[\w\.-]*@[\w\.\-]*>$')
+    header_re = re.compile(r'^(\/\**!?)? ?[\-=\*]* ?(\*\/)?$')
+    tag_re = re.compile(r'^ *@?\(?([Ll]icense|MIT)\)?$')
+    url_re = re.compile(r'^ *[#\*]* *https?:\/\/[\w\.\/\-]+$')
+
+    lictext = []
+    with open(licfile, 'r', errors='surrogateescape') as f:
+        for line in f:
+            # Drop opening statements
+            if copyright_re.match(line):
+                continue
+            elif disclaimer_re.match(line):
+                continue
+            elif email_re.match(line):
+                continue
+            elif header_re.match(line):
+                continue
+            elif tag_re.match(line):
+                continue
+            elif url_re.match(line):
+                continue
+            elif license_title_re.match(line):
+                continue
+            elif license_statement_re.match(line):
+                continue
+            # Strip comment symbols
+            line = line.replace('*', '') \
+                       .replace('#', '')
+            # Unify spelling
+            line = line.replace('sub-license', 'sublicense')
+            # Squash spaces
+            line = oe.utils.squashspaces(line.strip())
+            # Replace smart quotes, double quotes and backticks with single quotes
+            line = line.replace(u"\u2018", "'").replace(u"\u2019", "'").replace(u"\u201c","'").replace(u"\u201d", "'").replace('"', '\'').replace('`', '\'')
+            # Unify brackets
+            line = line.replace("{", "[").replace("}", "]")
+            if line:
+                lictext.append(line)
+
+    m = hashlib.md5()
+    try:
+        m.update(' '.join(lictext).encode('utf-8'))
+        md5val = m.hexdigest()
+    except UnicodeEncodeError:
+        md5val = None
+    return md5val
+
+
+def find_license_files(srctree, first_only=False):
+    """
+    Search srctree for files that look like they could be licenses.
+    If first_only is True, only return the first file found.
+    """
+    licspecs = ['*LICEN[CS]E*', 'COPYING*', '*[Ll]icense*', 'LEGAL*', '[Ll]egal*', '*GPL*', 'README.lic*', 'COPYRIGHT*', '[Cc]opyright*', 'e[dp]l-v10']
+    skip_extensions = (".html", ".js", ".json", ".svg", ".ts", ".go", ".sh")
+    licfiles = []
+    for root, dirs, files in os.walk(srctree):
+        # Sort files so that LICENSE is before LICENSE.subcomponent, which is
+        # meaningful if first_only is set.
+        for fn in sorted(files):
+            if fn.endswith(skip_extensions):
+                continue
+            for spec in licspecs:
+                if fnmatch.fnmatch(fn, spec):
+                    fullpath = os.path.join(root, fn)
+                    if not fullpath in licfiles:
+                        licfiles.append(fullpath)
+                        if first_only:
+                            return licfiles
+
+    return licfiles
+
+
+def match_licenses(licfiles, srctree, d, extra_hashes={}):
+    md5sums = {}
+    md5sums.update(_load_hash_csv(d))
+    md5sums.update(_crunch_known_licenses(d))
+    md5sums.update(extra_hashes)
+
+    licenses = []
+    for licfile in sorted(licfiles):
+        resolved_licfile = d.expand(licfile)
+        md5value = bb.utils.md5_file(resolved_licfile)
+        license = md5sums.get(md5value, None)
+        if not license:
+            crunched_md5 = _crunch_license(resolved_licfile)
+            license = md5sums.get(crunched_md5, None)
+            if not license:
+                license = 'Unknown'
+                logger.info("Please add the following line for '%s' to a 'license-hashes.csv' " \
+                    "and replace `Unknown` with the license:\n" \
+                    "%s,Unknown" % (os.path.relpath(licfile, srctree + "/.."), md5value))
+
+        licenses.append((license, os.path.relpath(licfile, srctree), md5value))
+
+    return licenses
+
+
+def find_licenses(srctree, d, first_only=False, extra_hashes={}):
+    licfiles = find_license_files(srctree, first_only)
+    licenses = match_licenses(licfiles, srctree, d, extra_hashes)
+
+    # FIXME should we grab at least one source file with a license header and add that too?
+
+    return licenses
diff --git a/meta/lib/oe/lsb.py b/meta/lib/oe/lsb.py
index 43e46380d7..3ec03e5042 100644
--- a/meta/lib/oe/lsb.py
+++ b/meta/lib/oe/lsb.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
diff --git a/meta/lib/oe/maketype.py b/meta/lib/oe/maketype.py
index d929c8b3e5..7a83bdf602 100644
--- a/meta/lib/oe/maketype.py
+++ b/meta/lib/oe/maketype.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 """OpenEmbedded variable typing support
@@ -10,12 +12,7 @@ the arguments of the type's factory for details.
 
 import inspect
 import oe.types as types
-try:
-    # Python 3.7+
-    from collections.abc import Callable
-except ImportError:
-    # Python < 3.7
-    from collections import Callable
+from collections.abc import Callable
 
 available_types = {}
 
diff --git a/meta/lib/oe/manifest.py b/meta/lib/oe/manifest.py
index 1a058dcd73..cf7a13c247 100644
--- a/meta/lib/oe/manifest.py
+++ b/meta/lib/oe/manifest.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
@@ -198,7 +200,3 @@ def create_manifest(d, final_manifest=False, manifest_dir=None,
         manifest.create_final()
     else:
         manifest.create_initial()
-
-
-if __name__ == "__main__":
-    pass
diff --git a/meta/lib/oe/npm_registry.py b/meta/lib/oe/npm_registry.py
new file mode 100644
index 0000000000..d97ced7cda
--- /dev/null
+++ b/meta/lib/oe/npm_registry.py
@@ -0,0 +1,175 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+import bb
+import json
+import subprocess
+
+_ALWAYS_SAFE = frozenset('ABCDEFGHIJKLMNOPQRSTUVWXYZ'
+                         'abcdefghijklmnopqrstuvwxyz'
+                         '0123456789'
+                         '_.-~()')
+
+MISSING_OK = object()
+
+REGISTRY = "https://registry.npmjs.org"
+
+# we can not use urllib.parse here because npm expects lowercase
+# hex-chars but urllib generates uppercase ones
+def uri_quote(s, safe = '/'):
+    res = ""
+    safe_set = set(safe)
+    for c in s:
+        if c in _ALWAYS_SAFE or c in safe_set:
+            res += c
+        else:
+            res += '%%%02x' % ord(c)
+    return res
+
+class PackageJson:
+    def __init__(self, spec):
+        self.__spec = spec
+
+    @property
+    def name(self):
+        return self.__spec['name']
+
+    @property
+    def version(self):
+        return self.__spec['version']
+
+    @property
+    def empty_manifest(self):
+        return {
+            'name': self.name,
+            'description': self.__spec.get('description', ''),
+            'versions': {},
+        }
+
+    def base_filename(self):
+        return uri_quote(self.name, safe = '@')
+
+    def as_manifest_entry(self, tarball_uri):
+        res = {}
+
+        ## NOTE: 'npm install' requires more than basic meta information;
+        ## e.g. it takes 'bin' from this manifest entry but not the actual
+        ## 'package.json'
+        for (idx,dflt) in [('name', None),
+                           ('description', ""),
+                           ('version', None),
+                           ('bin', MISSING_OK),
+                           ('man', MISSING_OK),
+                           ('scripts', MISSING_OK),
+                           ('directories', MISSING_OK),
+                           ('dependencies', MISSING_OK),
+                           ('devDependencies', MISSING_OK),
+                           ('optionalDependencies', MISSING_OK),
+                           ('license', "unknown")]:
+            if idx in self.__spec:
+                res[idx] = self.__spec[idx]
+            elif dflt == MISSING_OK:
+                pass
+            elif dflt != None:
+                res[idx] = dflt
+            else:
+                raise Exception("%s-%s: missing key %s" % (self.name,
+                                                           self.version,
+                                                           idx))
+
+        res['dist'] = {
+            'tarball': tarball_uri,
+        }
+
+        return res
+
+class ManifestImpl:
+    def __init__(self, base_fname, spec):
+        self.__base = base_fname
+        self.__spec = spec
+
+    def load(self):
+        try:
+            with open(self.filename, "r") as f:
+                res = json.load(f)
+        except IOError:
+            res = self.__spec.empty_manifest
+
+        return res
+
+    def save(self, meta):
+        with open(self.filename, "w") as f:
+            json.dump(meta, f, indent = 2)
+
+    @property
+    def filename(self):
+        return self.__base + ".meta"
+
+class Manifest:
+    def __init__(self, base_fname, spec):
+        self.__base = base_fname
+        self.__spec = spec
+        self.__lockf = None
+        self.__impl = None
+
+    def __enter__(self):
+        self.__lockf = bb.utils.lockfile(self.__base + ".lock")
+        self.__impl  = ManifestImpl(self.__base, self.__spec)
+        return self.__impl
+
+    def __exit__(self, exc_type, exc_val, exc_tb):
+        bb.utils.unlockfile(self.__lockf)
+
+class NpmCache:
+    def __init__(self, cache):
+        self.__cache = cache
+
+    @property
+    def path(self):
+        return self.__cache
+
+    def run(self, type, key, fname):
+        subprocess.run(['oe-npm-cache', self.__cache, type, key, fname],
+                       check = True)
+
+class NpmRegistry:
+    def __init__(self, path, cache):
+        self.__path = path
+        self.__cache = NpmCache(cache + '/_cacache')
+        bb.utils.mkdirhier(self.__path)
+        bb.utils.mkdirhier(self.__cache.path)
+
+    @staticmethod
+    ## This function is critical and must match nodejs expectations
+    def _meta_uri(spec):
+        return REGISTRY + '/' + uri_quote(spec.name, safe = '@')
+
+    @staticmethod
+    ## Exact return value does not matter; just make it look like a
+    ## usual registry url
+    def _tarball_uri(spec):
+        return '%s/%s/-/%s-%s.tgz' % (REGISTRY,
+                                      uri_quote(spec.name, safe = '@'),
+                                      uri_quote(spec.name, safe = '@/'),
+                                      spec.version)
+
+    def add_pkg(self, tarball, pkg_json):
+        pkg_json = PackageJson(pkg_json)
+        base = os.path.join(self.__path, pkg_json.base_filename())
+
+        with Manifest(base, pkg_json) as manifest:
+            meta = manifest.load()
+            tarball_uri = self._tarball_uri(pkg_json)
+
+            meta['versions'][pkg_json.version] = pkg_json.as_manifest_entry(tarball_uri)
+
+            manifest.save(meta)
+
+            ## Cache entries are a little bit dependent on the nodejs
+            ## version; version specific cache implementation must
+            ## mitigate differences
+            self.__cache.run('meta', self._meta_uri(pkg_json), manifest.filename);
+            self.__cache.run('tgz',  tarball_uri, tarball);
diff --git a/meta/lib/oe/overlayfs.py b/meta/lib/oe/overlayfs.py
new file mode 100644
index 0000000000..8b88900f71
--- /dev/null
+++ b/meta/lib/oe/overlayfs.py
@@ -0,0 +1,54 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+# This file contains common functions for overlayfs and its QA check
+
+# this function is based on https://github.com/systemd/systemd/blob/main/src/basic/unit-name.c
+def escapeSystemdUnitName(path):
+    escapeMap = {
+        '/': '-',
+        '-': "\\x2d",
+        '\\': "\\x5d"
+    }
+    return "".join([escapeMap.get(c, c) for c in path.strip('/')])
+
+def strForBash(s):
+    return s.replace('\\', '\\\\')
+
+def allOverlaysUnitName(d):
+    return d.getVar('PN') + '-overlays.service'
+
+def mountUnitName(unit):
+    return escapeSystemdUnitName(unit) + '.mount'
+
+def helperUnitName(unit):
+    return escapeSystemdUnitName(unit) + '-create-upper-dir.service'
+
+def unitFileList(d):
+    fileList = []
+    overlayMountPoints = d.getVarFlags("OVERLAYFS_MOUNT_POINT")
+
+    if not overlayMountPoints:
+        bb.fatal("A recipe uses overlayfs class but there is no OVERLAYFS_MOUNT_POINT set in your MACHINE configuration")
+
+    # check that we have required mount points set first
+    requiredMountPoints = d.getVarFlags('OVERLAYFS_WRITABLE_PATHS')
+    for mountPoint in requiredMountPoints:
+        if mountPoint not in overlayMountPoints:
+            bb.fatal("Missing required mount point for OVERLAYFS_MOUNT_POINT[%s] in your MACHINE configuration" % mountPoint)
+
+    for mountPoint in overlayMountPoints:
+        mountPointList = d.getVarFlag('OVERLAYFS_WRITABLE_PATHS', mountPoint)
+        if not mountPointList:
+            bb.debug(1, "No mount points defined for %s flag, don't add to file list", mountPoint)
+            continue
+        for path in mountPointList.split():
+            fileList.append(mountUnitName(path))
+            fileList.append(helperUnitName(path))
+
+    fileList.append(allOverlaysUnitName(d))
+
+    return fileList
+
diff --git a/meta/lib/oe/package.py b/meta/lib/oe/package.py
index dd700cbb0c..ce69151e5d 100644
--- a/meta/lib/oe/package.py
+++ b/meta/lib/oe/package.py
@@ -1,12 +1,25 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
+import errno
+import fnmatch
+import itertools
+import os
+import shlex
+import re
+import glob
 import stat
 import mmap
 import subprocess
+import shutil
+
+import bb.parse
+import oe.cachedpath
 
-def runstrip(arg):
+def runstrip(file, elftype, strip, extra_strip_sections=''):
     # Function to strip a single file, called from split_and_strip_files below
     # A working 'file' (one which works on the target architecture)
     #
@@ -16,8 +29,6 @@ def runstrip(arg):
     # 8 - shared library
     # 16 - kernel module
 
-    (file, elftype, strip) = arg
-
     newmode = None
     if not os.access(file, os.W_OK) or os.access(file, os.R_OK):
         origmode = os.stat(file)[stat.ST_MODE]
@@ -26,7 +37,7 @@ def runstrip(arg):
 
     stripcmd = [strip]
     skip_strip = False
-    # kernel module    
+    # kernel module
     if elftype & 16:
         if is_kernel_module_signed(file):
             bb.debug(1, "Skip strip on signed module %s" % file)
@@ -40,6 +51,9 @@ def runstrip(arg):
     # shared or executable:
     elif elftype & 8 or elftype & 4:
         stripcmd.extend(["--remove-section=.comment", "--remove-section=.note"])
+        if extra_strip_sections != '':
+            for section in extra_strip_sections.split():
+                stripcmd.extend(["--remove-section=" + section])
 
     stripcmd.append(file)
     bb.debug(1, "runstrip: %s" % stripcmd)
@@ -96,7 +110,7 @@ def is_static_lib(path):
             return start == magic
     return False
 
-def strip_execs(pn, dstdir, strip_cmd, libdir, base_libdir, d, qa_already_stripped=False):
+def strip_execs(pn, dstdir, strip_cmd, libdir, base_libdir, max_process, qa_already_stripped=False):
     """
     Strip executable code (like executables, shared libraries) _in_place_
     - Based on sysroot_strip in staging.bbclass
@@ -104,6 +118,7 @@ def strip_execs(pn, dstdir, strip_cmd, libdir, base_libdir, d, qa_already_stripp
     :param strip_cmd: Strip command (usually ${STRIP})
     :param libdir: ${libdir} - strip .so files in this directory
     :param base_libdir: ${base_libdir} - strip .so files in this directory
+    :param max_process: number of stripping processes started in parallel
     :param qa_already_stripped: Set to True if already-stripped' in ${INSANE_SKIP}
     This is for proper logging and messages only.
     """
@@ -146,7 +161,7 @@ def strip_execs(pn, dstdir, strip_cmd, libdir, base_libdir, d, qa_already_stripp
                 # ...but is it ELF, and is it already stripped?
                 checkelf.append(file)
                 inodecache[file] = s.st_ino
-    results = oe.utils.multiprocess_launch(is_elf, checkelf, d)
+    results = oe.utils.multiprocess_launch_mp(is_elf, checkelf, max_process)
     for (file, elf_file) in results:
                 #elf_file = is_elf(file)
                 if elf_file & 1:
@@ -174,22 +189,35 @@ def strip_execs(pn, dstdir, strip_cmd, libdir, base_libdir, d, qa_already_stripp
         elf_file = int(elffiles[file])
         sfiles.append((file, elf_file, strip_cmd))
 
-    oe.utils.multiprocess_launch(runstrip, sfiles, d)
+    oe.utils.multiprocess_launch_mp(runstrip, sfiles, max_process)
 
+TRANSLATE = (
+    ("@", "@at@"),
+    (" ", "@space@"),
+    ("\t", "@tab@"),
+    ("[", "@openbrace@"),
+    ("]", "@closebrace@"),
+    ("_", "@underscore@"),
+    (":", "@colon@"),
+)
 
 def file_translate(file):
-    ft = file.replace("@", "@at@")
-    ft = ft.replace(" ", "@space@")
-    ft = ft.replace("\t", "@tab@")
-    ft = ft.replace("[", "@openbrace@")
-    ft = ft.replace("]", "@closebrace@")
-    ft = ft.replace("_", "@underscore@")
+    ft = file
+    for s, replace in TRANSLATE:
+        ft = ft.replace(s, replace)
+
+    return ft
+
+def file_reverse_translate(file):
+    ft = file
+    for s, replace in reversed(TRANSLATE):
+        ft = ft.replace(replace, s)
+
     return ft
 
-def filedeprunner(arg):
+def filedeprunner(pkg, pkgfiles, rpmdeps, pkgdest):
     import re, subprocess, shlex
 
-    (pkg, pkgfiles, rpmdeps, pkgdest) = arg
     provides = {}
     requires = {}
 
@@ -283,3 +311,1800 @@ def read_shlib_providers(d):
                         shlib_provider[s[0]] = {}
                     shlib_provider[s[0]][s[1]] = (dep_pkg, s[2])
     return shlib_provider
+
+# We generate a master list of directories to process, we start by
+# seeding this list with reasonable defaults, then load from
+# the fs-perms.txt files
+def fixup_perms(d):
+    import pwd, grp
+
+    cpath = oe.cachedpath.CachedPath()
+    dvar = d.getVar('PKGD')
+
+    # init using a string with the same format as a line as documented in
+    # the fs-perms.txt file
+    # <path> <mode> <uid> <gid> <walk> <fmode> <fuid> <fgid>
+    # <path> link <link target>
+    #
+    # __str__ can be used to print out an entry in the input format
+    #
+    # if fs_perms_entry.path is None:
+    #    an error occurred
+    # if fs_perms_entry.link, you can retrieve:
+    #    fs_perms_entry.path = path
+    #    fs_perms_entry.link = target of link
+    # if not fs_perms_entry.link, you can retrieve:
+    #    fs_perms_entry.path = path
+    #    fs_perms_entry.mode = expected dir mode or None
+    #    fs_perms_entry.uid = expected uid or -1
+    #    fs_perms_entry.gid = expected gid or -1
+    #    fs_perms_entry.walk = 'true' or something else
+    #    fs_perms_entry.fmode = expected file mode or None
+    #    fs_perms_entry.fuid = expected file uid or -1
+    #    fs_perms_entry_fgid = expected file gid or -1
+    class fs_perms_entry():
+        def __init__(self, line):
+            lsplit = line.split()
+            if len(lsplit) == 3 and lsplit[1].lower() == "link":
+                self._setlink(lsplit[0], lsplit[2])
+            elif len(lsplit) == 8:
+                self._setdir(lsplit[0], lsplit[1], lsplit[2], lsplit[3], lsplit[4], lsplit[5], lsplit[6], lsplit[7])
+            else:
+                msg = "Fixup Perms: invalid config line %s" % line
+                oe.qa.handle_error("perm-config", msg, d)
+                self.path = None
+                self.link = None
+
+        def _setdir(self, path, mode, uid, gid, walk, fmode, fuid, fgid):
+            self.path = os.path.normpath(path)
+            self.link = None
+            self.mode = self._procmode(mode)
+            self.uid  = self._procuid(uid)
+            self.gid  = self._procgid(gid)
+            self.walk = walk.lower()
+            self.fmode = self._procmode(fmode)
+            self.fuid = self._procuid(fuid)
+            self.fgid = self._procgid(fgid)
+
+        def _setlink(self, path, link):
+            self.path = os.path.normpath(path)
+            self.link = link
+
+        def _procmode(self, mode):
+            if not mode or (mode and mode == "-"):
+                return None
+            else:
+                return int(mode,8)
+
+        # Note uid/gid -1 has special significance in os.lchown
+        def _procuid(self, uid):
+            if uid is None or uid == "-":
+                return -1
+            elif uid.isdigit():
+                return int(uid)
+            else:
+                return pwd.getpwnam(uid).pw_uid
+
+        def _procgid(self, gid):
+            if gid is None or gid == "-":
+                return -1
+            elif gid.isdigit():
+                return int(gid)
+            else:
+                return grp.getgrnam(gid).gr_gid
+
+        # Use for debugging the entries
+        def __str__(self):
+            if self.link:
+                return "%s link %s" % (self.path, self.link)
+            else:
+                mode = "-"
+                if self.mode:
+                    mode = "0%o" % self.mode
+                fmode = "-"
+                if self.fmode:
+                    fmode = "0%o" % self.fmode
+                uid = self._mapugid(self.uid)
+                gid = self._mapugid(self.gid)
+                fuid = self._mapugid(self.fuid)
+                fgid = self._mapugid(self.fgid)
+                return "%s %s %s %s %s %s %s %s" % (self.path, mode, uid, gid, self.walk, fmode, fuid, fgid)
+
+        def _mapugid(self, id):
+            if id is None or id == -1:
+                return "-"
+            else:
+                return "%d" % id
+
+    # Fix the permission, owner and group of path
+    def fix_perms(path, mode, uid, gid, dir):
+        if mode and not os.path.islink(path):
+            #bb.note("Fixup Perms: chmod 0%o %s" % (mode, dir))
+            os.chmod(path, mode)
+        # -1 is a special value that means don't change the uid/gid
+        # if they are BOTH -1, don't bother to lchown
+        if not (uid == -1 and gid == -1):
+            #bb.note("Fixup Perms: lchown %d:%d %s" % (uid, gid, dir))
+            os.lchown(path, uid, gid)
+
+    # Return a list of configuration files based on either the default
+    # files/fs-perms.txt or the contents of FILESYSTEM_PERMS_TABLES
+    # paths are resolved via BBPATH
+    def get_fs_perms_list(d):
+        str = ""
+        bbpath = d.getVar('BBPATH')
+        fs_perms_tables = d.getVar('FILESYSTEM_PERMS_TABLES') or ""
+        for conf_file in fs_perms_tables.split():
+            confpath = bb.utils.which(bbpath, conf_file)
+            if confpath:
+                str += " %s" % bb.utils.which(bbpath, conf_file)
+            else:
+                bb.warn("cannot find %s specified in FILESYSTEM_PERMS_TABLES" % conf_file)
+        return str
+
+    fs_perms_table = {}
+    fs_link_table = {}
+
+    # By default all of the standard directories specified in
+    # bitbake.conf will get 0755 root:root.
+    target_path_vars = [    'base_prefix',
+                'prefix',
+                'exec_prefix',
+                'base_bindir',
+                'base_sbindir',
+                'base_libdir',
+                'datadir',
+                'sysconfdir',
+                'servicedir',
+                'sharedstatedir',
+                'localstatedir',
+                'infodir',
+                'mandir',
+                'docdir',
+                'bindir',
+                'sbindir',
+                'libexecdir',
+                'libdir',
+                'includedir' ]
+
+    for path in target_path_vars:
+        dir = d.getVar(path) or ""
+        if dir == "":
+            continue
+        fs_perms_table[dir] = fs_perms_entry(d.expand("%s 0755 root root false - - -" % (dir)))
+
+    # Now we actually load from the configuration files
+    for conf in get_fs_perms_list(d).split():
+        if not os.path.exists(conf):
+            continue
+        with open(conf) as f:
+            for line in f:
+                if line.startswith('#'):
+                    continue
+                lsplit = line.split()
+                if len(lsplit) == 0:
+                    continue
+                if len(lsplit) != 8 and not (len(lsplit) == 3 and lsplit[1].lower() == "link"):
+                    msg = "Fixup perms: %s invalid line: %s" % (conf, line)
+                    oe.qa.handle_error("perm-line", msg, d)
+                    continue
+                entry = fs_perms_entry(d.expand(line))
+                if entry and entry.path:
+                    if entry.link:
+                        fs_link_table[entry.path] = entry
+                        if entry.path in fs_perms_table:
+                            fs_perms_table.pop(entry.path)
+                    else:
+                        fs_perms_table[entry.path] = entry
+                        if entry.path in fs_link_table:
+                            fs_link_table.pop(entry.path)
+
+    # Debug -- list out in-memory table
+    #for dir in fs_perms_table:
+    #    bb.note("Fixup Perms: %s: %s" % (dir, str(fs_perms_table[dir])))
+    #for link in fs_link_table:
+    #    bb.note("Fixup Perms: %s: %s" % (link, str(fs_link_table[link])))
+
+    # We process links first, so we can go back and fixup directory ownership
+    # for any newly created directories
+    # Process in sorted order so /run gets created before /run/lock, etc.
+    for entry in sorted(fs_link_table.values(), key=lambda x: x.link):
+        link = entry.link
+        dir = entry.path
+        origin = dvar + dir
+        if not (cpath.exists(origin) and cpath.isdir(origin) and not cpath.islink(origin)):
+            continue
+
+        if link[0] == "/":
+            target = dvar + link
+            ptarget = link
+        else:
+            target = os.path.join(os.path.dirname(origin), link)
+            ptarget = os.path.join(os.path.dirname(dir), link)
+        if os.path.exists(target):
+            msg = "Fixup Perms: Unable to correct directory link, target already exists: %s -> %s" % (dir, ptarget)
+            oe.qa.handle_error("perm-link", msg, d)
+            continue
+
+        # Create path to move directory to, move it, and then setup the symlink
+        bb.utils.mkdirhier(os.path.dirname(target))
+        #bb.note("Fixup Perms: Rename %s -> %s" % (dir, ptarget))
+        bb.utils.rename(origin, target)
+        #bb.note("Fixup Perms: Link %s -> %s" % (dir, link))
+        os.symlink(link, origin)
+
+    for dir in fs_perms_table:
+        origin = dvar + dir
+        if not (cpath.exists(origin) and cpath.isdir(origin)):
+            continue
+
+        fix_perms(origin, fs_perms_table[dir].mode, fs_perms_table[dir].uid, fs_perms_table[dir].gid, dir)
+
+        if fs_perms_table[dir].walk == 'true':
+            for root, dirs, files in os.walk(origin):
+                for dr in dirs:
+                    each_dir = os.path.join(root, dr)
+                    fix_perms(each_dir, fs_perms_table[dir].mode, fs_perms_table[dir].uid, fs_perms_table[dir].gid, dir)
+                for f in files:
+                    each_file = os.path.join(root, f)
+                    fix_perms(each_file, fs_perms_table[dir].fmode, fs_perms_table[dir].fuid, fs_perms_table[dir].fgid, dir)
+
+# Get a list of files from file vars by searching files under current working directory
+# The list contains symlinks, directories and normal files.
+def files_from_filevars(filevars):
+    cpath = oe.cachedpath.CachedPath()
+    files = []
+    for f in filevars:
+        if os.path.isabs(f):
+            f = '.' + f
+        if not f.startswith("./"):
+            f = './' + f
+        globbed = glob.glob(f, recursive=True)
+        if globbed:
+            if [ f ] != globbed:
+                files += globbed
+                continue
+        files.append(f)
+
+    symlink_paths = []
+    for ind, f in enumerate(files):
+        # Handle directory symlinks. Truncate path to the lowest level symlink
+        parent = ''
+        for dirname in f.split('/')[:-1]:
+            parent = os.path.join(parent, dirname)
+            if dirname == '.':
+                continue
+            if cpath.islink(parent):
+                bb.warn("FILES contains file '%s' which resides under a "
+                        "directory symlink. Please fix the recipe and use the "
+                        "real path for the file." % f[1:])
+                symlink_paths.append(f)
+                files[ind] = parent
+                f = parent
+                break
+
+        if not cpath.islink(f):
+            if cpath.isdir(f):
+                newfiles = [ os.path.join(f,x) for x in os.listdir(f) ]
+                if newfiles:
+                    files += newfiles
+
+    return files, symlink_paths
+
+# Called in package_<rpm,ipk,deb>.bbclass to get the correct list of configuration files
+def get_conffiles(pkg, d):
+    pkgdest = d.getVar('PKGDEST')
+    root = os.path.join(pkgdest, pkg)
+    cwd = os.getcwd()
+    os.chdir(root)
+
+    conffiles = d.getVar('CONFFILES:%s' % pkg);
+    if conffiles == None:
+        conffiles = d.getVar('CONFFILES')
+    if conffiles == None:
+        conffiles = ""
+    conffiles = conffiles.split()
+    conf_orig_list = files_from_filevars(conffiles)[0]
+
+    # Remove links and directories from conf_orig_list to get conf_list which only contains normal files
+    conf_list = []
+    for f in conf_orig_list:
+        if os.path.isdir(f):
+            continue
+        if os.path.islink(f):
+            continue
+        if not os.path.exists(f):
+            continue
+        conf_list.append(f)
+
+    # Remove the leading './'
+    for i in range(0, len(conf_list)):
+        conf_list[i] = conf_list[i][1:]
+
+    os.chdir(cwd)
+    return sorted(conf_list)
+
+def legitimize_package_name(s):
+    """
+    Make sure package names are legitimate strings
+    """
+
+    def fixutf(m):
+        cp = m.group(1)
+        if cp:
+            return ('\\u%s' % cp).encode('latin-1').decode('unicode_escape')
+
+    # Handle unicode codepoints encoded as <U0123>, as in glibc locale files.
+    s = re.sub(r'<U([0-9A-Fa-f]{1,4})>', fixutf, s)
+
+    # Remaining package name validity fixes
+    return s.lower().replace('_', '-').replace('@', '+').replace(',', '+').replace('/', '-')
+
+def split_locales(d):
+    cpath = oe.cachedpath.CachedPath()
+    if (d.getVar('PACKAGE_NO_LOCALE') == '1'):
+        bb.debug(1, "package requested not splitting locales")
+        return
+
+    packages = (d.getVar('PACKAGES') or "").split()
+
+    dvar = d.getVar('PKGD')
+    pn = d.getVar('LOCALEBASEPN')
+
+    try:
+        locale_index = packages.index(pn + '-locale')
+        packages.pop(locale_index)
+    except ValueError:
+        locale_index = len(packages)
+
+    lic = d.getVar("LICENSE:" + pn + "-locale")
+
+    localepaths = []
+    locales = set()
+    for localepath in (d.getVar('LOCALE_PATHS') or "").split():
+        localedir = dvar + localepath
+        if not cpath.isdir(localedir):
+            bb.debug(1, 'No locale files in %s' % localepath)
+            continue
+
+        localepaths.append(localepath)
+        with os.scandir(localedir) as it:
+            for entry in it:
+                if entry.is_dir():
+                    locales.add(entry.name)
+
+    if len(locales) == 0:
+        bb.debug(1, "No locale files in this package")
+        return
+
+    summary = d.getVar('SUMMARY') or pn
+    description = d.getVar('DESCRIPTION') or ""
+    locale_section = d.getVar('LOCALE_SECTION')
+    mlprefix = d.getVar('MLPREFIX') or ""
+    for l in sorted(locales):
+        ln = legitimize_package_name(l)
+        pkg = pn + '-locale-' + ln
+        packages.insert(locale_index, pkg)
+        locale_index += 1
+        files = []
+        for localepath in localepaths:
+            files.append(os.path.join(localepath, l))
+        d.setVar('FILES:' + pkg, " ".join(files))
+        d.setVar('RRECOMMENDS:' + pkg, '%svirtual-locale-%s' % (mlprefix, ln))
+        d.setVar('RPROVIDES:' + pkg, '%s-locale %s%s-translation' % (pn, mlprefix, ln))
+        d.setVar('SUMMARY:' + pkg, '%s - %s translations' % (summary, l))
+        d.setVar('DESCRIPTION:' + pkg, '%s  This package contains language translation files for the %s locale.' % (description, l))
+        if lic:
+            d.setVar('LICENSE:' + pkg, lic)
+        if locale_section:
+            d.setVar('SECTION:' + pkg, locale_section)
+
+    d.setVar('PACKAGES', ' '.join(packages))
+
+    # Disabled by RP 18/06/07
+    # Wildcards aren't supported in debian
+    # They break with ipkg since glibc-locale* will mean that
+    # glibc-localedata-translit* won't install as a dependency
+    # for some other package which breaks meta-toolchain
+    # Probably breaks since virtual-locale- isn't provided anywhere
+    #rdep = (d.getVar('RDEPENDS:%s' % pn) or "").split()
+    #rdep.append('%s-locale*' % pn)
+    #d.setVar('RDEPENDS:%s' % pn, ' '.join(rdep))
+
+def package_debug_vars(d):
+    # We default to '.debug' style
+    if d.getVar('PACKAGE_DEBUG_SPLIT_STYLE') == 'debug-file-directory':
+        # Single debug-file-directory style debug info
+        debug_vars = {
+            "append": ".debug",
+            "staticappend": "",
+            "dir": "",
+            "staticdir": "",
+            "libdir": "/usr/lib/debug",
+            "staticlibdir": "/usr/lib/debug-static",
+            "srcdir": "/usr/src/debug",
+        }
+    elif d.getVar('PACKAGE_DEBUG_SPLIT_STYLE') == 'debug-without-src':
+        # Original OE-core, a.k.a. ".debug", style debug info, but without sources in /usr/src/debug
+        debug_vars = {
+            "append": "",
+            "staticappend": "",
+            "dir": "/.debug",
+            "staticdir": "/.debug-static",
+            "libdir": "",
+            "staticlibdir": "",
+            "srcdir": "",
+        }
+    elif d.getVar('PACKAGE_DEBUG_SPLIT_STYLE') == 'debug-with-srcpkg':
+        debug_vars = {
+            "append": "",
+            "staticappend": "",
+            "dir": "/.debug",
+            "staticdir": "/.debug-static",
+            "libdir": "",
+            "staticlibdir": "",
+            "srcdir": "/usr/src/debug",
+        }
+    else:
+        # Original OE-core, a.k.a. ".debug", style debug info
+        debug_vars = {
+            "append": "",
+            "staticappend": "",
+            "dir": "/.debug",
+            "staticdir": "/.debug-static",
+            "libdir": "",
+            "staticlibdir": "",
+            "srcdir": "/usr/src/debug",
+        }
+
+    return debug_vars
+
+
+def parse_debugsources_from_dwarfsrcfiles_output(dwarfsrcfiles_output):
+    debugfiles = {}
+
+    for line in dwarfsrcfiles_output.splitlines():
+        if line.startswith("\t"):
+            debugfiles[os.path.normpath(line.split()[0])] = ""
+
+    return debugfiles.keys()
+
+def source_info(file, d, fatal=True):
+    cmd = ["dwarfsrcfiles", file]
+    try:
+        output = subprocess.check_output(cmd, universal_newlines=True, stderr=subprocess.STDOUT)
+        retval = 0
+    except subprocess.CalledProcessError as exc:
+        output = exc.output
+        retval = exc.returncode
+
+    # 255 means a specific file wasn't fully parsed to get the debug file list, which is not a fatal failure
+    if retval != 0 and retval != 255:
+        msg = "dwarfsrcfiles failed with exit code %s (cmd was %s)%s" % (retval, cmd, ":\n%s" % output if output else "")
+        if fatal:
+            bb.fatal(msg)
+        bb.note(msg)
+
+    debugsources = parse_debugsources_from_dwarfsrcfiles_output(output)
+
+    return list(debugsources)
+
+def splitdebuginfo(file, dvar, dv, d):
+    # Function to split a single file into two components, one is the stripped
+    # target system binary, the other contains any debugging information. The
+    # two files are linked to reference each other.
+    #
+    # return a mapping of files:debugsources
+
+    src = file[len(dvar):]
+    dest = dv["libdir"] + os.path.dirname(src) + dv["dir"] + "/" + os.path.basename(src) + dv["append"]
+    debugfile = dvar + dest
+    sources = []
+
+    if file.endswith(".ko") and file.find("/lib/modules/") != -1:
+        if oe.package.is_kernel_module_signed(file):
+            bb.debug(1, "Skip strip on signed module %s" % file)
+            return (file, sources)
+
+    # Split the file...
+    bb.utils.mkdirhier(os.path.dirname(debugfile))
+    #bb.note("Split %s -> %s" % (file, debugfile))
+    # Only store off the hard link reference if we successfully split!
+
+    dvar = d.getVar('PKGD')
+    objcopy = d.getVar("OBJCOPY")
+
+    newmode = None
+    if not os.access(file, os.W_OK) or os.access(file, os.R_OK):
+        origmode = os.stat(file)[stat.ST_MODE]
+        newmode = origmode | stat.S_IWRITE | stat.S_IREAD
+        os.chmod(file, newmode)
+
+    # We need to extract the debug src information here...
+    if dv["srcdir"]:
+        sources = source_info(file, d)
+
+    bb.utils.mkdirhier(os.path.dirname(debugfile))
+
+    subprocess.check_output([objcopy, '--only-keep-debug', file, debugfile], stderr=subprocess.STDOUT)
+
+    # Set the debuglink to have the view of the file path on the target
+    subprocess.check_output([objcopy, '--add-gnu-debuglink', debugfile, file], stderr=subprocess.STDOUT)
+
+    if newmode:
+        os.chmod(file, origmode)
+
+    return (file, sources)
+
+def splitstaticdebuginfo(file, dvar, dv, d):
+    # Unlike the function above, there is no way to split a static library
+    # two components.  So to get similar results we will copy the unmodified
+    # static library (containing the debug symbols) into a new directory.
+    # We will then strip (preserving symbols) the static library in the
+    # typical location.
+    #
+    # return a mapping of files:debugsources
+
+    src = file[len(dvar):]
+    dest = dv["staticlibdir"] + os.path.dirname(src) + dv["staticdir"] + "/" + os.path.basename(src) + dv["staticappend"]
+    debugfile = dvar + dest
+    sources = []
+
+    # Copy the file...
+    bb.utils.mkdirhier(os.path.dirname(debugfile))
+    #bb.note("Copy %s -> %s" % (file, debugfile))
+
+    dvar = d.getVar('PKGD')
+
+    newmode = None
+    if not os.access(file, os.W_OK) or os.access(file, os.R_OK):
+        origmode = os.stat(file)[stat.ST_MODE]
+        newmode = origmode | stat.S_IWRITE | stat.S_IREAD
+        os.chmod(file, newmode)
+
+    # We need to extract the debug src information here...
+    if dv["srcdir"]:
+        sources = source_info(file, d)
+
+    bb.utils.mkdirhier(os.path.dirname(debugfile))
+
+    # Copy the unmodified item to the debug directory
+    shutil.copy2(file, debugfile)
+
+    if newmode:
+        os.chmod(file, origmode)
+
+    return (file, sources)
+
+def inject_minidebuginfo(file, dvar, dv, d):
+    # Extract just the symbols from debuginfo into minidebuginfo,
+    # compress it with xz and inject it back into the binary in a .gnu_debugdata section.
+    # https://sourceware.org/gdb/onlinedocs/gdb/MiniDebugInfo.html
+
+    readelf = d.getVar('READELF')
+    nm = d.getVar('NM')
+    objcopy = d.getVar('OBJCOPY')
+
+    minidebuginfodir = d.expand('${WORKDIR}/minidebuginfo')
+
+    src = file[len(dvar):]
+    dest = dv["libdir"] + os.path.dirname(src) + dv["dir"] + "/" + os.path.basename(src) + dv["append"]
+    debugfile = dvar + dest
+    minidebugfile = minidebuginfodir + src + '.minidebug'
+    bb.utils.mkdirhier(os.path.dirname(minidebugfile))
+
+    # If we didn't produce debuginfo for any reason, we can't produce minidebuginfo either
+    # so skip it.
+    if not os.path.exists(debugfile):
+        bb.debug(1, 'ELF file {} has no debuginfo, skipping minidebuginfo injection'.format(file))
+        return
+
+    # minidebuginfo does not make sense to apply to ELF objects other than
+    # executables and shared libraries, skip applying the minidebuginfo
+    # generation for objects like kernel modules.
+    for line in subprocess.check_output([readelf, '-h', debugfile], universal_newlines=True).splitlines():
+        if not line.strip().startswith("Type:"):
+            continue
+        elftype = line.split(":")[1].strip()
+        if not any(elftype.startswith(i) for i in ["EXEC", "DYN"]):
+            bb.debug(1, 'ELF file {} is not executable/shared, skipping minidebuginfo injection'.format(file))
+            return
+        break
+
+    # Find non-allocated PROGBITS, NOTE, and NOBITS sections in the debuginfo.
+    # We will exclude all of these from minidebuginfo to save space.
+    remove_section_names = []
+    for line in subprocess.check_output([readelf, '-W', '-S', debugfile], universal_newlines=True).splitlines():
+        # strip the leading "  [ 1]" section index to allow splitting on space
+        if ']' not in line:
+            continue
+        fields = line[line.index(']') + 1:].split()
+        if len(fields) < 7:
+            continue
+        name = fields[0]
+        type = fields[1]
+        flags = fields[6]
+        # .debug_ sections will be removed by objcopy -S so no need to explicitly remove them
+        if name.startswith('.debug_'):
+            continue
+        if 'A' not in flags and type in ['PROGBITS', 'NOTE', 'NOBITS']:
+            remove_section_names.append(name)
+
+    # List dynamic symbols in the binary. We can exclude these from minidebuginfo
+    # because they are always present in the binary.
+    dynsyms = set()
+    for line in subprocess.check_output([nm, '-D', file, '--format=posix', '--defined-only'], universal_newlines=True).splitlines():
+        dynsyms.add(line.split()[0])
+
+    # Find all function symbols from debuginfo which aren't in the dynamic symbols table.
+    # These are the ones we want to keep in minidebuginfo.
+    keep_symbols_file = minidebugfile + '.symlist'
+    found_any_symbols = False
+    with open(keep_symbols_file, 'w') as f:
+        for line in subprocess.check_output([nm, debugfile, '--format=sysv', '--defined-only'], universal_newlines=True).splitlines():
+            fields = line.split('|')
+            if len(fields) < 7:
+                continue
+            name = fields[0].strip()
+            type = fields[3].strip()
+            if type == 'FUNC' and name not in dynsyms:
+                f.write('{}\n'.format(name))
+                found_any_symbols = True
+
+    if not found_any_symbols:
+        bb.debug(1, 'ELF file {} contains no symbols, skipping minidebuginfo injection'.format(file))
+        return
+
+    bb.utils.remove(minidebugfile)
+    bb.utils.remove(minidebugfile + '.xz')
+
+    subprocess.check_call([objcopy, '-S'] +
+                          ['--remove-section={}'.format(s) for s in remove_section_names] +
+                          ['--keep-symbols={}'.format(keep_symbols_file), debugfile, minidebugfile])
+
+    subprocess.check_call(['xz', '--keep', minidebugfile])
+
+    subprocess.check_call([objcopy, '--add-section', '.gnu_debugdata={}.xz'.format(minidebugfile), file])
+
+def copydebugsources(debugsrcdir, sources, d):
+    # The debug src information written out to sourcefile is further processed
+    # and copied to the destination here.
+
+    cpath = oe.cachedpath.CachedPath()
+
+    if debugsrcdir and sources:
+        sourcefile = d.expand("${WORKDIR}/debugsources.list")
+        bb.utils.remove(sourcefile)
+
+        # filenames are null-separated - this is an artefact of the previous use
+        # of rpm's debugedit, which was writing them out that way, and the code elsewhere
+        # is still assuming that.
+        debuglistoutput = '\0'.join(sources) + '\0'
+        with open(sourcefile, 'a') as sf:
+           sf.write(debuglistoutput)
+
+        dvar = d.getVar('PKGD')
+        strip = d.getVar("STRIP")
+        objcopy = d.getVar("OBJCOPY")
+        workdir = d.getVar("WORKDIR")
+        sdir = d.getVar("S")
+        cflags = d.expand("${CFLAGS}")
+
+        prefixmap = {}
+        for flag in cflags.split():
+            if not flag.startswith("-ffile-prefix-map"):
+                continue
+            if "recipe-sysroot" in flag:
+                continue
+            flag = flag.split("=")
+            prefixmap[flag[1]] = flag[2]
+
+        nosuchdir = []
+        basepath = dvar
+        for p in debugsrcdir.split("/"):
+            basepath = basepath + "/" + p
+            if not cpath.exists(basepath):
+                nosuchdir.append(basepath)
+        bb.utils.mkdirhier(basepath)
+        cpath.updatecache(basepath)
+
+        for pmap in prefixmap:
+            # Ignore files from the recipe sysroots (target and native)
+            cmd =  "LC_ALL=C ; sort -z -u '%s' | egrep -v -z '((<internal>|<built-in>)$|/.*recipe-sysroot.*/)' | " % sourcefile
+            # We need to ignore files that are not actually ours
+            # we do this by only paying attention to items from this package
+            cmd += "fgrep -zw '%s' | " % prefixmap[pmap]
+            # Remove prefix in the source paths
+            cmd += "sed 's#%s/##g' | " % (prefixmap[pmap])
+            cmd += "(cd '%s' ; cpio -pd0mlL --no-preserve-owner '%s%s' 2>/dev/null)" % (pmap, dvar, prefixmap[pmap])
+
+            try:
+                subprocess.check_output(cmd, shell=True, stderr=subprocess.STDOUT)
+            except subprocess.CalledProcessError:
+                # Can "fail" if internal headers/transient sources are attempted
+                pass
+            # cpio seems to have a bug with -lL together and symbolic links are just copied, not dereferenced.
+            # Work around this by manually finding and copying any symbolic links that made it through.
+            cmd = "find %s%s -type l -print0 -delete | sed s#%s%s/##g | (cd '%s' ; cpio -pd0mL --no-preserve-owner '%s%s')" % \
+                    (dvar, prefixmap[pmap], dvar, prefixmap[pmap], pmap, dvar, prefixmap[pmap])
+            subprocess.check_output(cmd, shell=True, stderr=subprocess.STDOUT)
+
+        # debugsources.list may be polluted from the host if we used externalsrc,
+        # cpio uses copy-pass and may have just created a directory structure
+        # matching the one from the host, if thats the case move those files to
+        # debugsrcdir to avoid host contamination.
+        # Empty dir structure will be deleted in the next step.
+
+        # Same check as above for externalsrc
+        if workdir not in sdir:
+            if os.path.exists(dvar + debugsrcdir + sdir):
+                cmd = "mv %s%s%s/* %s%s" % (dvar, debugsrcdir, sdir, dvar,debugsrcdir)
+                subprocess.check_output(cmd, shell=True, stderr=subprocess.STDOUT)
+
+        # The copy by cpio may have resulted in some empty directories!  Remove these
+        cmd = "find %s%s -empty -type d -delete" % (dvar, debugsrcdir)
+        subprocess.check_output(cmd, shell=True, stderr=subprocess.STDOUT)
+
+        # Also remove debugsrcdir if its empty
+        for p in nosuchdir[::-1]:
+            if os.path.exists(p) and not os.listdir(p):
+                os.rmdir(p)
+
+@bb.parse.vardepsexclude("BB_NUMBER_THREADS")
+def save_debugsources_info(debugsrcdir, sources_raw, d):
+    import json
+    import bb.compress.zstd
+    if debugsrcdir and sources_raw:
+        debugsources_file = d.expand("${PKGDESTWORK}/debugsources/${PN}-debugsources.json.zstd")
+        debugsources_dir = os.path.dirname(debugsources_file)
+        if not os.path.isdir(debugsources_dir):
+            bb.utils.mkdirhier(debugsources_dir)
+        bb.utils.remove(debugsources_file)
+
+        workdir = d.getVar("WORKDIR")
+        pn = d.getVar('PN')
+
+        # Kernel sources are in a different directory and are special case
+        # we format the sources as expected by spdx by replacing /usr/src/kernel/
+        # into BP/
+        kernel_src = d.getVar('KERNEL_SRC_PATH')
+        bp = d.getVar('BP')
+        sources_dict = {}
+        for file, src_files in sources_raw:
+            file_clean = file.replace(f"{workdir}/package/","")
+            sources_clean = [
+                src.replace(f"{debugsrcdir}/{pn}/", "")
+                if not kernel_src else src.replace(f"{kernel_src}/", f"{bp}/")
+                for src in src_files
+                if not any(keyword in src for keyword in ("<internal>", "<built-in>")) and not src.endswith("/")
+            ]
+            sources_dict[file_clean] = sorted(sources_clean)
+        num_threads = int(d.getVar("BB_NUMBER_THREADS"))
+        with bb.compress.zstd.open(debugsources_file, "wt", encoding="utf-8", num_threads=num_threads) as f:
+            json.dump(sources_dict, f, sort_keys=True)
+
+@bb.parse.vardepsexclude("BB_NUMBER_THREADS")
+def read_debugsources_info(d):
+    import json
+    import bb.compress.zstd
+    try:
+        fn = d.expand("${PKGDESTWORK}/debugsources/${PN}-debugsources.json.zstd")
+        num_threads = int(d.getVar("BB_NUMBER_THREADS"))
+        with bb.compress.zstd.open(fn, "rt", encoding="utf-8", num_threads=num_threads) as f:
+            return json.load(f)
+    except FileNotFoundError:
+        bb.debug(1, f"File not found: {fn}")
+        return None
+
+def process_split_and_strip_files(d):
+    cpath = oe.cachedpath.CachedPath()
+
+    dvar = d.getVar('PKGD')
+    pn = d.getVar('PN')
+    hostos = d.getVar('HOST_OS')
+
+    oldcwd = os.getcwd()
+    os.chdir(dvar)
+
+    dv = package_debug_vars(d)
+
+    #
+    # First lets figure out all of the files we may have to process ... do this only once!
+    #
+    elffiles = {}
+    symlinks = {}
+    staticlibs = []
+    inodes = {}
+    libdir = os.path.abspath(dvar + os.sep + d.getVar("libdir"))
+    baselibdir = os.path.abspath(dvar + os.sep + d.getVar("base_libdir"))
+    skipfiles = (d.getVar("INHIBIT_PACKAGE_STRIP_FILES") or "").split()
+    if (d.getVar('INHIBIT_PACKAGE_STRIP') != '1' or \
+            d.getVar('INHIBIT_PACKAGE_DEBUG_SPLIT') != '1'):
+        checkelf = {}
+        checkelflinks = {}
+        checkstatic = {}
+        for root, dirs, files in cpath.walk(dvar):
+            for f in files:
+                file = os.path.join(root, f)
+
+                # Skip debug files
+                if dv["append"] and file.endswith(dv["append"]):
+                    continue
+                if dv["dir"] and dv["dir"] in os.path.dirname(file[len(dvar):]):
+                    continue
+
+                if file in skipfiles:
+                    continue
+
+                try:
+                    ltarget = cpath.realpath(file, dvar, False)
+                    s = cpath.lstat(ltarget)
+                except OSError as e:
+                    (err, strerror) = e.args
+                    if err != errno.ENOENT:
+                        raise
+                    # Skip broken symlinks
+                    continue
+                if not s:
+                    continue
+
+                if oe.package.is_static_lib(file):
+                    # Use a reference of device ID and inode number to identify files
+                    file_reference = "%d_%d" % (s.st_dev, s.st_ino)
+                    checkstatic[file] = (file, file_reference)
+                    continue
+
+                # Check its an executable
+                if (s[stat.ST_MODE] & stat.S_IXUSR) or (s[stat.ST_MODE] & stat.S_IXGRP) \
+                        or (s[stat.ST_MODE] & stat.S_IXOTH) \
+                        or ((file.startswith(libdir) or file.startswith(baselibdir)) \
+                        and (".so" in f or ".node" in f)) \
+                        or (f.startswith('vmlinux') or ".ko" in f):
+
+                    if cpath.islink(file):
+                        checkelflinks[file] = ltarget
+                        continue
+                    # Use a reference of device ID and inode number to identify files
+                    file_reference = "%d_%d" % (s.st_dev, s.st_ino)
+                    checkelf[file] = (file, file_reference)
+
+        results = oe.utils.multiprocess_launch(oe.package.is_elf, checkelflinks.values(), d)
+        results_map = {}
+        for (ltarget, elf_file) in results:
+            results_map[ltarget] = elf_file
+        for file in checkelflinks:
+            ltarget = checkelflinks[file]
+            # If it's a symlink, and points to an ELF file, we capture the readlink target
+            if results_map[ltarget]:
+                target = os.readlink(file)
+                #bb.note("Sym: %s (%d)" % (ltarget, results_map[ltarget]))
+                symlinks[file] = target
+
+        results = oe.utils.multiprocess_launch(oe.package.is_elf, checkelf.keys(), d)
+
+        # Sort results by file path. This ensures that the files are always
+        # processed in the same order, which is important to make sure builds
+        # are reproducible when dealing with hardlinks
+        results.sort(key=lambda x: x[0])
+
+        for (file, elf_file) in results:
+            # It's a file (or hardlink), not a link
+            # ...but is it ELF, and is it already stripped?
+            if elf_file & 1:
+                if elf_file & 2:
+                    if 'already-stripped' in (d.getVar('INSANE_SKIP:' + pn) or "").split():
+                        bb.note("Skipping file %s from %s for already-stripped QA test" % (file[len(dvar):], pn))
+                    else:
+                        msg = "File '%s' from %s was already stripped, this will prevent future debugging!" % (file[len(dvar):], pn)
+                        oe.qa.handle_error("already-stripped", msg, d)
+                    continue
+
+                # At this point we have an unstripped elf file. We need to:
+                #  a) Make sure any file we strip is not hardlinked to anything else outside this tree
+                #  b) Only strip any hardlinked file once (no races)
+                #  c) Track any hardlinks between files so that we can reconstruct matching debug file hardlinks
+
+                # Use a reference of device ID and inode number to identify files
+                file_reference = checkelf[file][1]
+                if file_reference in inodes:
+                    os.unlink(file)
+                    os.link(inodes[file_reference][0], file)
+                    inodes[file_reference].append(file)
+                else:
+                    inodes[file_reference] = [file]
+                    # break hardlink
+                    bb.utils.break_hardlinks(file)
+                    elffiles[file] = elf_file
+                # Modified the file so clear the cache
+                cpath.updatecache(file)
+
+        # Do the same hardlink processing as above, but for static libraries
+        results = list(checkstatic.keys())
+
+        # As above, sort the results.
+        results.sort(key=lambda x: x[0])
+
+        for file in results:
+            # Use a reference of device ID and inode number to identify files
+            file_reference = checkstatic[file][1]
+            if file_reference in inodes:
+                os.unlink(file)
+                os.link(inodes[file_reference][0], file)
+                inodes[file_reference].append(file)
+            else:
+                inodes[file_reference] = [file]
+                # break hardlink
+                bb.utils.break_hardlinks(file)
+                staticlibs.append(file)
+            # Modified the file so clear the cache
+            cpath.updatecache(file)
+
+    def strip_pkgd_prefix(f):
+        nonlocal dvar
+
+        if f.startswith(dvar):
+            return f[len(dvar):]
+
+        return f
+
+    #
+    # First lets process debug splitting
+    #
+    if (d.getVar('INHIBIT_PACKAGE_DEBUG_SPLIT') != '1'):
+        results = oe.utils.multiprocess_launch(splitdebuginfo, list(elffiles), d, extraargs=(dvar, dv, d))
+
+        if dv["srcdir"] and not hostos.startswith("mingw"):
+            if (d.getVar('PACKAGE_DEBUG_STATIC_SPLIT') == '1'):
+                results = oe.utils.multiprocess_launch(splitstaticdebuginfo, staticlibs, d, extraargs=(dvar, dv, d))
+            else:
+                for file in staticlibs:
+                    results.append( (file,source_info(file, d)) )
+
+        d.setVar("PKGDEBUGSOURCES", {strip_pkgd_prefix(f): sorted(s) for f, s in results})
+
+        sources = set()
+        for r in results:
+            sources.update(r[1])
+
+        # Hardlink our debug symbols to the other hardlink copies
+        for ref in inodes:
+            if len(inodes[ref]) == 1:
+                continue
+
+            target = inodes[ref][0][len(dvar):]
+            for file in inodes[ref][1:]:
+                src = file[len(dvar):]
+                dest = dv["libdir"] + os.path.dirname(src) + dv["dir"] + "/" + os.path.basename(target) + dv["append"]
+                fpath = dvar + dest
+                ftarget = dvar + dv["libdir"] + os.path.dirname(target) + dv["dir"] + "/" + os.path.basename(target) + dv["append"]
+                if os.access(ftarget, os.R_OK):
+                    bb.utils.mkdirhier(os.path.dirname(fpath))
+                    # Only one hardlink of separated debug info file in each directory
+                    if not os.access(fpath, os.R_OK):
+                        #bb.note("Link %s -> %s" % (fpath, ftarget))
+                        os.link(ftarget, fpath)
+                elif (d.getVar('PACKAGE_DEBUG_STATIC_SPLIT') == '1'):
+                    deststatic = dv["staticlibdir"] + os.path.dirname(src) + dv["staticdir"] + "/" + os.path.basename(file) + dv["staticappend"]
+                    fpath = dvar + deststatic
+                    ftarget = dvar + dv["staticlibdir"] + os.path.dirname(target) + dv["staticdir"] + "/" + os.path.basename(target) + dv["staticappend"]
+                    if os.access(ftarget, os.R_OK):
+                        bb.utils.mkdirhier(os.path.dirname(fpath))
+                        # Only one hardlink of separated debug info file in each directory
+                        if not os.access(fpath, os.R_OK):
+                            #bb.note("Link %s -> %s" % (fpath, ftarget))
+                            os.link(ftarget, fpath)
+                else:
+                    bb.note("Unable to find inode link target %s" % (target))
+
+        # Create symlinks for all cases we were able to split symbols
+        for file in symlinks:
+            src = file[len(dvar):]
+            dest = dv["libdir"] + os.path.dirname(src) + dv["dir"] + "/" + os.path.basename(src) + dv["append"]
+            fpath = dvar + dest
+            # Skip it if the target doesn't exist
+            try:
+                s = os.stat(fpath)
+            except OSError as e:
+                (err, strerror) = e.args
+                if err != errno.ENOENT:
+                    raise
+                continue
+
+            ltarget = symlinks[file]
+            lpath = os.path.dirname(ltarget)
+            lbase = os.path.basename(ltarget)
+            ftarget = ""
+            if lpath and lpath != ".":
+                ftarget += lpath + dv["dir"] + "/"
+            ftarget += lbase + dv["append"]
+            if lpath.startswith(".."):
+                ftarget = os.path.join("..", ftarget)
+            bb.utils.mkdirhier(os.path.dirname(fpath))
+            #bb.note("Symlink %s -> %s" % (fpath, ftarget))
+            os.symlink(ftarget, fpath)
+
+        # Process the dv["srcdir"] if requested...
+        # This copies and places the referenced sources for later debugging...
+        copydebugsources(dv["srcdir"], sources, d)
+
+        # Save source info to be accessible to other tasks
+        save_debugsources_info(dv["srcdir"], results, d)
+    #
+    # End of debug splitting
+    #
+
+    #
+    # Now lets go back over things and strip them
+    #
+    if (d.getVar('INHIBIT_PACKAGE_STRIP') != '1'):
+        strip = d.getVar("STRIP")
+        sfiles = []
+        for file in elffiles:
+            elf_file = int(elffiles[file])
+            #bb.note("Strip %s" % file)
+            sfiles.append((file, elf_file, strip))
+        if (d.getVar('PACKAGE_STRIP_STATIC') == '1' or d.getVar('PACKAGE_DEBUG_STATIC_SPLIT') == '1'):
+            for f in staticlibs:
+                sfiles.append((f, 16, strip))
+
+        oe.utils.multiprocess_launch(oe.package.runstrip, sfiles, d)
+
+    # Build "minidebuginfo" and reinject it back into the stripped binaries
+    if bb.utils.contains('DISTRO_FEATURES', 'minidebuginfo', True, False, d):
+        oe.utils.multiprocess_launch(inject_minidebuginfo, list(elffiles), d,
+                                     extraargs=(dvar, dv, d))
+
+    #
+    # End of strip
+    #
+    os.chdir(oldcwd)
+
+
+def populate_packages(d):
+    cpath = oe.cachedpath.CachedPath()
+
+    workdir = d.getVar('WORKDIR')
+    outdir = d.getVar('DEPLOY_DIR')
+    dvar = d.getVar('PKGD')
+    packages = d.getVar('PACKAGES').split()
+    pn = d.getVar('PN')
+
+    bb.utils.mkdirhier(outdir)
+    os.chdir(dvar)
+
+    autodebug = not (d.getVar("NOAUTOPACKAGEDEBUG") or False)
+
+    split_source_package = (d.getVar('PACKAGE_DEBUG_SPLIT_STYLE') == 'debug-with-srcpkg')
+
+    # If debug-with-srcpkg mode is enabled then add the source package if it
+    # doesn't exist and add the source file contents to the source package.
+    if split_source_package:
+        src_package_name = ('%s-src' % d.getVar('PN'))
+        if not src_package_name in packages:
+            packages.append(src_package_name)
+        d.setVar('FILES:%s' % src_package_name, '/usr/src/debug')
+
+    # Sanity check PACKAGES for duplicates
+    # Sanity should be moved to sanity.bbclass once we have the infrastructure
+    package_dict = {}
+
+    for i, pkg in enumerate(packages):
+        if pkg in package_dict:
+            msg = "%s is listed in PACKAGES multiple times, this leads to packaging errors." % pkg
+            oe.qa.handle_error("packages-list", msg, d)
+        # Ensure the source package gets the chance to pick up the source files
+        # before the debug package by ordering it first in PACKAGES. Whether it
+        # actually picks up any source files is controlled by
+        # PACKAGE_DEBUG_SPLIT_STYLE.
+        elif pkg.endswith("-src"):
+            package_dict[pkg] = (10, i)
+        elif autodebug and pkg.endswith("-dbg"):
+            package_dict[pkg] = (30, i)
+        else:
+            package_dict[pkg] = (50, i)
+    packages = sorted(package_dict.keys(), key=package_dict.get)
+    d.setVar('PACKAGES', ' '.join(packages))
+    pkgdest = d.getVar('PKGDEST')
+
+    seen = []
+
+    # os.mkdir masks the permissions with umask so we have to unset it first
+    oldumask = os.umask(0)
+
+    debug = []
+    for root, dirs, files in cpath.walk(dvar):
+        dir = root[len(dvar):]
+        if not dir:
+            dir = os.sep
+        for f in (files + dirs):
+            path = "." + os.path.join(dir, f)
+            if "/.debug/" in path or "/.debug-static/" in path or path.endswith("/.debug"):
+                debug.append(path)
+
+    for pkg in packages:
+        root = os.path.join(pkgdest, pkg)
+        bb.utils.mkdirhier(root)
+
+        filesvar = d.getVar('FILES:%s' % pkg) or ""
+        if "//" in filesvar:
+            msg = "FILES variable for package %s contains '//' which is invalid. Attempting to fix this but you should correct the metadata.\n" % pkg
+            oe.qa.handle_error("files-invalid", msg, d)
+            filesvar.replace("//", "/")
+
+        origfiles = filesvar.split()
+        files, symlink_paths = oe.package.files_from_filevars(origfiles)
+
+        if autodebug and pkg.endswith("-dbg"):
+            files.extend(debug)
+
+        for file in files:
+            if (not cpath.islink(file)) and (not cpath.exists(file)):
+                continue
+            if file in seen:
+                continue
+            seen.append(file)
+
+            def mkdir(src, dest, p):
+                src = os.path.join(src, p)
+                dest = os.path.join(dest, p)
+                fstat = cpath.stat(src)
+                os.mkdir(dest)
+                os.chmod(dest, fstat.st_mode)
+                os.chown(dest, fstat.st_uid, fstat.st_gid)
+                if p not in seen:
+                    seen.append(p)
+                cpath.updatecache(dest)
+
+            def mkdir_recurse(src, dest, paths):
+                if cpath.exists(dest + '/' + paths):
+                    return
+                while paths.startswith("./"):
+                    paths = paths[2:]
+                p = "."
+                for c in paths.split("/"):
+                    p = os.path.join(p, c)
+                    if not cpath.exists(os.path.join(dest, p)):
+                        mkdir(src, dest, p)
+
+            if cpath.isdir(file) and not cpath.islink(file):
+                mkdir_recurse(dvar, root, file)
+                continue
+
+            mkdir_recurse(dvar, root, os.path.dirname(file))
+            fpath = os.path.join(root,file)
+            if not cpath.islink(file):
+                os.link(file, fpath)
+                continue
+            ret = bb.utils.copyfile(file, fpath)
+            if ret is False or ret == 0:
+                bb.fatal("File population failed")
+
+        # Check if symlink paths exist
+        for file in symlink_paths:
+            if not os.path.exists(os.path.join(root,file)):
+                bb.fatal("File '%s' cannot be packaged into '%s' because its "
+                         "parent directory structure does not exist. One of "
+                         "its parent directories is a symlink whose target "
+                         "directory is not included in the package." %
+                         (file, pkg))
+
+    os.umask(oldumask)
+    os.chdir(workdir)
+
+    # Handle excluding packages with incompatible licenses
+    package_list = []
+    skipped_pkgs = oe.license.skip_incompatible_package_licenses(d, packages)
+    for pkg in packages:
+        if pkg in skipped_pkgs:
+            msg = "Excluding %s from packaging as it has incompatible license(s): %s" % (pkg, skipped_pkgs[pkg])
+            oe.qa.handle_error("incompatible-license", msg, d)
+        else:
+            package_list.append(pkg)
+    d.setVar('PACKAGES', ' '.join(package_list))
+
+    unshipped = []
+    for root, dirs, files in cpath.walk(dvar):
+        dir = root[len(dvar):]
+        if not dir:
+            dir = os.sep
+        for f in (files + dirs):
+            path = os.path.join(dir, f)
+            if ('.' + path) not in seen:
+                unshipped.append(path)
+
+    if unshipped != []:
+        msg = pn + ": Files/directories were installed but not shipped in any package:"
+        if "installed-vs-shipped" in (d.getVar('INSANE_SKIP:' + pn) or "").split():
+            bb.note("Package %s skipping QA tests: installed-vs-shipped" % pn)
+        else:
+            for f in unshipped:
+                msg = msg + "\n  " + f
+            msg = msg + "\nPlease set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install.\n"
+            msg = msg + "%s: %d installed and not shipped files." % (pn, len(unshipped))
+            oe.qa.handle_error("installed-vs-shipped", msg, d)
+
+def process_fixsymlinks(pkgfiles, d):
+    cpath = oe.cachedpath.CachedPath()
+    pkgdest = d.getVar('PKGDEST')
+    packages = d.getVar("PACKAGES", False).split()
+
+    dangling_links = {}
+    pkg_files = {}
+    for pkg in packages:
+        dangling_links[pkg] = []
+        pkg_files[pkg] = []
+        inst_root = os.path.join(pkgdest, pkg)
+        for path in pkgfiles[pkg]:
+                rpath = path[len(inst_root):]
+                pkg_files[pkg].append(rpath)
+                rtarget = cpath.realpath(path, inst_root, True, assume_dir = True)
+                if not cpath.lexists(rtarget):
+                    dangling_links[pkg].append(os.path.normpath(rtarget[len(inst_root):]))
+
+    newrdepends = {}
+    for pkg in dangling_links:
+        for l in dangling_links[pkg]:
+            found = False
+            bb.debug(1, "%s contains dangling link %s" % (pkg, l))
+            for p in packages:
+                if l in pkg_files[p]:
+                        found = True
+                        bb.debug(1, "target found in %s" % p)
+                        if p == pkg:
+                            break
+                        if pkg not in newrdepends:
+                            newrdepends[pkg] = []
+                        newrdepends[pkg].append(p)
+                        break
+            if found == False:
+                bb.note("%s contains dangling symlink to %s" % (pkg, l))
+
+    for pkg in newrdepends:
+        rdepends = bb.utils.explode_dep_versions2(d.getVar('RDEPENDS:' + pkg) or "")
+        for p in newrdepends[pkg]:
+            if p not in rdepends:
+                rdepends[p] = []
+        d.setVar('RDEPENDS:' + pkg, bb.utils.join_deps(rdepends, commasep=False))
+
+def process_filedeps(pkgfiles, d):
+    """
+    Collect perfile run-time dependency metadata
+    Output:
+     FILERPROVIDESFLIST:pkg - list of all files w/ deps
+     FILERPROVIDES:filepath:pkg - per file dep
+
+      FILERDEPENDSFLIST:pkg - list of all files w/ deps
+      FILERDEPENDS:filepath:pkg - per file dep
+    """
+    if d.getVar('SKIP_FILEDEPS') == '1':
+        return
+
+    pkgdest = d.getVar('PKGDEST')
+    packages = d.getVar('PACKAGES')
+    rpmdeps = d.getVar('RPMDEPS')
+
+    def chunks(files, n):
+        return [files[i:i+n] for i in range(0, len(files), n)]
+
+    pkglist = []
+    for pkg in packages.split():
+        if d.getVar('SKIP_FILEDEPS:' + pkg) == '1':
+            continue
+        if pkg.endswith('-dbg') or pkg.endswith('-doc') or pkg.find('-locale-') != -1 or pkg.find('-localedata-') != -1 or pkg.find('-gconv-') != -1 or pkg.find('-charmap-') != -1 or pkg.startswith('kernel-module-') or pkg.endswith('-src'):
+            continue
+        for files in chunks(pkgfiles[pkg], 100):
+            pkglist.append((pkg, files, rpmdeps, pkgdest))
+
+    processed = oe.utils.multiprocess_launch(oe.package.filedeprunner, pkglist, d)
+
+    provides_files = {}
+    requires_files = {}
+
+    for result in processed:
+        (pkg, provides, requires) = result
+
+        if pkg not in provides_files:
+            provides_files[pkg] = []
+        if pkg not in requires_files:
+            requires_files[pkg] = []
+
+        for file in sorted(provides):
+            provides_files[pkg].append(file)
+            key = "FILERPROVIDES:" + file + ":" + pkg
+            d.appendVar(key, " " + " ".join(provides[file]))
+
+        for file in sorted(requires):
+            requires_files[pkg].append(file)
+            key = "FILERDEPENDS:" + file + ":" + pkg
+            d.appendVar(key, " " + " ".join(requires[file]))
+
+    for pkg in requires_files:
+        d.setVar("FILERDEPENDSFLIST:" + pkg, " ".join(sorted(requires_files[pkg])))
+    for pkg in provides_files:
+        d.setVar("FILERPROVIDESFLIST:" + pkg, " ".join(sorted(provides_files[pkg])))
+
+def process_shlibs(pkgfiles, d):
+    cpath = oe.cachedpath.CachedPath()
+
+    exclude_shlibs = d.getVar('EXCLUDE_FROM_SHLIBS', False)
+    if exclude_shlibs:
+        bb.note("not generating shlibs")
+        return
+
+    lib_re = re.compile(r"^.*\.so")
+    libdir_re = re.compile(r".*/%s$" % d.getVar('baselib'))
+
+    packages = d.getVar('PACKAGES')
+
+    shlib_pkgs = []
+    exclusion_list = d.getVar("EXCLUDE_PACKAGES_FROM_SHLIBS")
+    if exclusion_list:
+        for pkg in packages.split():
+            if pkg not in exclusion_list.split():
+                shlib_pkgs.append(pkg)
+            else:
+                bb.note("not generating shlibs for %s" % pkg)
+    else:
+        shlib_pkgs = packages.split()
+
+    hostos = d.getVar('HOST_OS')
+
+    workdir = d.getVar('WORKDIR')
+
+    ver = d.getVar('PKGV')
+    if not ver:
+        msg = "PKGV not defined"
+        oe.qa.handle_error("pkgv-undefined", msg, d)
+        return
+
+    pkgdest = d.getVar('PKGDEST')
+
+    shlibswork_dir = d.getVar('SHLIBSWORKDIR')
+
+    def linux_so(file, pkg, pkgver, d):
+        needs_ldconfig = False
+        needed = set()
+        sonames = set()
+        ldir = os.path.dirname(file).replace(pkgdest + "/" + pkg, '')
+        cmd = d.getVar('OBJDUMP') + " -p " + shlex.quote(file) + " 2>/dev/null"
+        fd = os.popen(cmd)
+        lines = fd.readlines()
+        fd.close()
+        rpath = tuple()
+        for l in lines:
+            m = re.match(r"\s+RPATH\s+([^\s]*)", l)
+            if m:
+                rpaths = m.group(1).replace("$ORIGIN", ldir).split(":")
+                rpath = tuple(map(os.path.normpath, rpaths))
+        for l in lines:
+            m = re.match(r"\s+NEEDED\s+([^\s]*)", l)
+            if m:
+                dep = m.group(1)
+                if dep not in needed:
+                    needed.add((dep, file, rpath))
+            m = re.match(r"\s+SONAME\s+([^\s]*)", l)
+            if m:
+                this_soname = m.group(1)
+                prov = (this_soname, ldir, pkgver)
+                if not prov in sonames:
+                    # if library is private (only used by package) then do not build shlib for it
+                    if not private_libs or len([i for i in private_libs if fnmatch.fnmatch(this_soname, i)]) == 0:
+                        sonames.add(prov)
+                if libdir_re.match(os.path.dirname(file)):
+                    needs_ldconfig = True
+        return (needs_ldconfig, needed, sonames)
+
+    def darwin_so(file, needed, sonames, pkgver):
+        if not os.path.exists(file):
+            return
+        ldir = os.path.dirname(file).replace(pkgdest + "/" + pkg, '')
+
+        def get_combinations(base):
+            #
+            # Given a base library name, find all combinations of this split by "." and "-"
+            #
+            combos = []
+            options = base.split(".")
+            for i in range(1, len(options) + 1):
+                combos.append(".".join(options[0:i]))
+            options = base.split("-")
+            for i in range(1, len(options) + 1):
+                combos.append("-".join(options[0:i]))
+            return combos
+
+        if (file.endswith('.dylib') or file.endswith('.so')) and not pkg.endswith('-dev') and not pkg.endswith('-dbg') and not pkg.endswith('-src'):
+            # Drop suffix
+            name = os.path.basename(file).rsplit(".",1)[0]
+            # Find all combinations
+            combos = get_combinations(name)
+            for combo in combos:
+                if not combo in sonames:
+                    prov = (combo, ldir, pkgver)
+                    sonames.add(prov)
+        if file.endswith('.dylib') or file.endswith('.so'):
+            rpath = []
+            p = subprocess.Popen([d.expand("${HOST_PREFIX}otool"), '-l', file], stdout=subprocess.PIPE, stderr=subprocess.PIPE, text=True)
+            out, err = p.communicate()
+            # If returned successfully, process stdout for results
+            if p.returncode == 0:
+                for l in out.split("\n"):
+                    l = l.strip()
+                    if l.startswith('path '):
+                        rpath.append(l.split()[1])
+
+        p = subprocess.Popen([d.expand("${HOST_PREFIX}otool"), '-L', file], stdout=subprocess.PIPE, stderr=subprocess.PIPE, text=True)
+        out, err = p.communicate()
+        # If returned successfully, process stdout for results
+        if p.returncode == 0:
+            for l in out.split("\n"):
+                l = l.strip()
+                if not l or l.endswith(":"):
+                    continue
+                if "is not an object file" in l:
+                    continue
+                name = os.path.basename(l.split()[0]).rsplit(".", 1)[0]
+                if name and name not in needed[pkg]:
+                     needed[pkg].add((name, file, tuple()))
+
+    def mingw_dll(file, needed, sonames, pkgver):
+        if not os.path.exists(file):
+            return
+
+        if file.endswith(".dll"):
+            # assume all dlls are shared objects provided by the package
+            sonames.add((os.path.basename(file), os.path.dirname(file).replace(pkgdest + "/" + pkg, ''), pkgver))
+
+        if (file.endswith(".dll") or file.endswith(".exe")):
+            # use objdump to search for "DLL Name: .*\.dll"
+            p = subprocess.Popen([d.expand("${OBJDUMP}"), "-p", file], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+            out, err = p.communicate()
+            # process the output, grabbing all .dll names
+            if p.returncode == 0:
+                for m in re.finditer(r"DLL Name: (.*?\.dll)$", out.decode(), re.MULTILINE | re.IGNORECASE):
+                    dllname = m.group(1)
+                    if dllname:
+                        needed[pkg].add((dllname, file, tuple()))
+
+    needed = {}
+
+    shlib_provider = oe.package.read_shlib_providers(d)
+
+    for pkg in shlib_pkgs:
+        private_libs = d.getVar('PRIVATE_LIBS:' + pkg) or d.getVar('PRIVATE_LIBS') or ""
+        private_libs = private_libs.split()
+        needs_ldconfig = False
+        bb.debug(2, "calculating shlib provides for %s" % pkg)
+
+        pkgver = d.getVar('PKGV:' + pkg)
+        if not pkgver:
+            pkgver = d.getVar('PV_' + pkg)
+        if not pkgver:
+            pkgver = ver
+
+        needed[pkg] = set()
+        sonames = set()
+        linuxlist = []
+        for file in pkgfiles[pkg]:
+                soname = None
+                if cpath.islink(file):
+                    continue
+                if hostos.startswith("darwin"):
+                    darwin_so(file, needed, sonames, pkgver)
+                elif hostos.startswith("mingw"):
+                    mingw_dll(file, needed, sonames, pkgver)
+                elif os.access(file, os.X_OK) or lib_re.match(file):
+                    linuxlist.append(file)
+
+        if linuxlist:
+            results = oe.utils.multiprocess_launch(linux_so, linuxlist, d, extraargs=(pkg, pkgver, d))
+            for r in results:
+                ldconfig = r[0]
+                needed[pkg] |= r[1]
+                sonames |= r[2]
+                needs_ldconfig = needs_ldconfig or ldconfig
+
+        shlibs_file = os.path.join(shlibswork_dir, pkg + ".list")
+        if len(sonames):
+            with open(shlibs_file, 'w') as fd:
+                for s in sorted(sonames):
+                    if s[0] in shlib_provider and s[1] in shlib_provider[s[0]]:
+                        (old_pkg, old_pkgver) = shlib_provider[s[0]][s[1]]
+                        if old_pkg != pkg:
+                            bb.warn('%s-%s was registered as shlib provider for %s, changing it to %s-%s because it was built later' % (old_pkg, old_pkgver, s[0], pkg, pkgver))
+                    bb.debug(1, 'registering %s-%s as shlib provider for %s' % (pkg, pkgver, s[0]))
+                    fd.write(s[0] + ':' + s[1] + ':' + s[2] + '\n')
+                    if s[0] not in shlib_provider:
+                        shlib_provider[s[0]] = {}
+                    shlib_provider[s[0]][s[1]] = (pkg, pkgver)
+        if needs_ldconfig:
+            bb.debug(1, 'adding ldconfig call to postinst for %s' % pkg)
+            postinst = d.getVar('pkg_postinst:%s' % pkg)
+            if not postinst:
+                postinst = '#!/bin/sh\n'
+            postinst += d.getVar('ldconfig_postinst_fragment')
+            d.setVar('pkg_postinst:%s' % pkg, postinst)
+        bb.debug(1, 'LIBNAMES: pkg %s sonames %s' % (pkg, sonames))
+
+    assumed_libs = d.getVar('ASSUME_SHLIBS')
+    if assumed_libs:
+        libdir = d.getVar("libdir")
+        for e in assumed_libs.split():
+            l, dep_pkg = e.split(":")
+            lib_ver = None
+            dep_pkg = dep_pkg.rsplit("_", 1)
+            if len(dep_pkg) == 2:
+                lib_ver = dep_pkg[1]
+            dep_pkg = dep_pkg[0]
+            if l not in shlib_provider:
+                shlib_provider[l] = {}
+            shlib_provider[l][libdir] = (dep_pkg, lib_ver)
+
+    libsearchpath = [d.getVar('libdir'), d.getVar('base_libdir')]
+
+    for pkg in shlib_pkgs:
+        bb.debug(2, "calculating shlib requirements for %s" % pkg)
+
+        private_libs = d.getVar('PRIVATE_LIBS:' + pkg) or d.getVar('PRIVATE_LIBS') or ""
+        private_libs = private_libs.split()
+
+        deps = list()
+        for n in needed[pkg]:
+            # if n is in private libraries, don't try to search provider for it
+            # this could cause problem in case some abc.bb provides private
+            # /opt/abc/lib/libfoo.so.1 and contains /usr/bin/abc depending on system library libfoo.so.1
+            # but skipping it is still better alternative than providing own
+            # version and then adding runtime dependency for the same system library
+            if private_libs and len([i for i in private_libs if fnmatch.fnmatch(n[0], i)]) > 0:
+                bb.debug(2, '%s: Dependency %s covered by PRIVATE_LIBS' % (pkg, n[0]))
+                continue
+            if n[0] in shlib_provider.keys():
+                shlib_provider_map = shlib_provider[n[0]]
+                matches = set()
+                for p in itertools.chain(list(n[2]), sorted(shlib_provider_map.keys()), libsearchpath):
+                    if p in shlib_provider_map:
+                        matches.add(p)
+                if len(matches) > 1:
+                    matchpkgs = ', '.join([shlib_provider_map[match][0] for match in matches])
+                    bb.error("%s: Multiple shlib providers for %s: %s (used by files: %s)" % (pkg, n[0], matchpkgs, n[1]))
+                elif len(matches) == 1:
+                    (dep_pkg, ver_needed) = shlib_provider_map[matches.pop()]
+
+                    bb.debug(2, '%s: Dependency %s requires package %s (used by files: %s)' % (pkg, n[0], dep_pkg, n[1]))
+
+                    if dep_pkg == pkg:
+                        continue
+
+                    if ver_needed:
+                        dep = "%s (>= %s)" % (dep_pkg, ver_needed)
+                    else:
+                        dep = dep_pkg
+                    if not dep in deps:
+                        deps.append(dep)
+                    continue
+            bb.note("Couldn't find shared library provider for %s, used by files: %s" % (n[0], n[1]))
+
+        deps_file = os.path.join(pkgdest, pkg + ".shlibdeps")
+        if os.path.exists(deps_file):
+            os.remove(deps_file)
+        if deps:
+            with open(deps_file, 'w') as fd:
+                for dep in sorted(deps):
+                    fd.write(dep + '\n')
+
+def process_pkgconfig(pkgfiles, d):
+    packages = d.getVar('PACKAGES')
+    workdir = d.getVar('WORKDIR')
+    pkgdest = d.getVar('PKGDEST')
+
+    shlibs_dirs = d.getVar('SHLIBSDIRS').split()
+    shlibswork_dir = d.getVar('SHLIBSWORKDIR')
+
+    pc_re = re.compile(r'(.*)\.pc$')
+    var_re = re.compile(r'(.*)=(.*)')
+    field_re = re.compile(r'(.*): (.*)')
+
+    pkgconfig_provided = {}
+    pkgconfig_needed = {}
+    for pkg in packages.split():
+        pkgconfig_provided[pkg] = []
+        pkgconfig_needed[pkg] = []
+        for file in sorted(pkgfiles[pkg]):
+                m = pc_re.match(file)
+                if m:
+                    pd = bb.data.init()
+                    name = m.group(1)
+                    pkgconfig_provided[pkg].append(os.path.basename(name))
+                    if not os.access(file, os.R_OK):
+                        continue
+                    with open(file, 'r') as f:
+                        lines = f.readlines()
+                    for l in lines:
+                        m = field_re.match(l)
+                        if m:
+                            hdr = m.group(1)
+                            exp = pd.expand(m.group(2))
+                            if hdr == 'Requires' or hdr == 'Requires.private':
+                                pkgconfig_needed[pkg] += exp.replace(',', ' ').split()
+                                continue
+                        m = var_re.match(l)
+                        if m:
+                            name = m.group(1)
+                            val = m.group(2)
+                            pd.setVar(name, pd.expand(val))
+
+    for pkg in packages.split():
+        pkgs_file = os.path.join(shlibswork_dir, pkg + ".pclist")
+        if pkgconfig_provided[pkg] != []:
+            with open(pkgs_file, 'w') as f:
+                for p in sorted(pkgconfig_provided[pkg]):
+                    f.write('%s\n' % p)
+
+    # Go from least to most specific since the last one found wins
+    for dir in reversed(shlibs_dirs):
+        if not os.path.exists(dir):
+            continue
+        for file in sorted(os.listdir(dir)):
+            m = re.match(r'^(.*)\.pclist$', file)
+            if m:
+                pkg = m.group(1)
+                with open(os.path.join(dir, file)) as fd:
+                    lines = fd.readlines()
+                pkgconfig_provided[pkg] = []
+                for l in lines:
+                    pkgconfig_provided[pkg].append(l.rstrip())
+
+    for pkg in packages.split():
+        deps = []
+        for n in pkgconfig_needed[pkg]:
+            found = False
+            for k in pkgconfig_provided.keys():
+                if n in pkgconfig_provided[k]:
+                    if k != pkg and not (k in deps):
+                        deps.append(k)
+                    found = True
+            if found == False:
+                bb.note("couldn't find pkgconfig module '%s' in any package" % n)
+        deps_file = os.path.join(pkgdest, pkg + ".pcdeps")
+        if len(deps):
+            with open(deps_file, 'w') as fd:
+                for dep in deps:
+                    fd.write(dep + '\n')
+
+def read_libdep_files(d):
+    pkglibdeps = {}
+    packages = d.getVar('PACKAGES').split()
+    for pkg in packages:
+        pkglibdeps[pkg] = {}
+        for extension in ".shlibdeps", ".pcdeps", ".clilibdeps":
+            depsfile = d.expand("${PKGDEST}/" + pkg + extension)
+            if os.access(depsfile, os.R_OK):
+                with open(depsfile) as fd:
+                    lines = fd.readlines()
+                for l in lines:
+                    l.rstrip()
+                    deps = bb.utils.explode_dep_versions2(l)
+                    for dep in deps:
+                        if not dep in pkglibdeps[pkg]:
+                            pkglibdeps[pkg][dep] = deps[dep]
+    return pkglibdeps
+
+def process_depchains(pkgfiles, d):
+    """
+    For a given set of prefix and postfix modifiers, make those packages
+    RRECOMMENDS on the corresponding packages for its RDEPENDS.
+
+    Example:  If package A depends upon package B, and A's .bb emits an
+    A-dev package, this would make A-dev Recommends: B-dev.
+
+    If only one of a given suffix is specified, it will take the RRECOMMENDS
+    based on the RDEPENDS of *all* other packages. If more than one of a given
+    suffix is specified, its will only use the RDEPENDS of the single parent
+    package.
+    """
+
+    packages  = d.getVar('PACKAGES')
+    postfixes = (d.getVar('DEPCHAIN_POST') or '').split()
+    prefixes  = (d.getVar('DEPCHAIN_PRE') or '').split()
+
+    def pkg_adddeprrecs(pkg, base, suffix, getname, depends, d):
+
+        #bb.note('depends for %s is %s' % (base, depends))
+        rreclist = bb.utils.explode_dep_versions2(d.getVar('RRECOMMENDS:' + pkg) or "")
+
+        for depend in sorted(depends):
+            if depend.find('-native') != -1 or depend.find('-cross') != -1 or depend.startswith('virtual/'):
+                #bb.note("Skipping %s" % depend)
+                continue
+            if depend.endswith('-dev'):
+                depend = depend[:-4]
+            if depend.endswith('-dbg'):
+                depend = depend[:-4]
+            pkgname = getname(depend, suffix)
+            #bb.note("Adding %s for %s" % (pkgname, depend))
+            if pkgname not in rreclist and pkgname != pkg:
+                rreclist[pkgname] = []
+
+        #bb.note('setting: RRECOMMENDS:%s=%s' % (pkg, ' '.join(rreclist)))
+        d.setVar('RRECOMMENDS:%s' % pkg, bb.utils.join_deps(rreclist, commasep=False))
+
+    def pkg_addrrecs(pkg, base, suffix, getname, rdepends, d):
+
+        #bb.note('rdepends for %s is %s' % (base, rdepends))
+        rreclist = bb.utils.explode_dep_versions2(d.getVar('RRECOMMENDS:' + pkg) or "")
+
+        for depend in sorted(rdepends):
+            if depend.find('virtual-locale-') != -1:
+                #bb.note("Skipping %s" % depend)
+                continue
+            if depend.endswith('-dev'):
+                depend = depend[:-4]
+            if depend.endswith('-dbg'):
+                depend = depend[:-4]
+            pkgname = getname(depend, suffix)
+            #bb.note("Adding %s for %s" % (pkgname, depend))
+            if pkgname not in rreclist and pkgname != pkg:
+                rreclist[pkgname] = []
+
+        #bb.note('setting: RRECOMMENDS:%s=%s' % (pkg, ' '.join(rreclist)))
+        d.setVar('RRECOMMENDS:%s' % pkg, bb.utils.join_deps(rreclist, commasep=False))
+
+    def add_dep(list, dep):
+        if dep not in list:
+            list.append(dep)
+
+    depends = []
+    for dep in bb.utils.explode_deps(d.getVar('DEPENDS') or ""):
+        add_dep(depends, dep)
+
+    rdepends = []
+    for pkg in packages.split():
+        for dep in bb.utils.explode_deps(d.getVar('RDEPENDS:' + pkg) or ""):
+            add_dep(rdepends, dep)
+
+    #bb.note('rdepends is %s' % rdepends)
+
+    def post_getname(name, suffix):
+        return '%s%s' % (name, suffix)
+    def pre_getname(name, suffix):
+        return '%s%s' % (suffix, name)
+
+    pkgs = {}
+    for pkg in packages.split():
+        for postfix in postfixes:
+            if pkg.endswith(postfix):
+                if not postfix in pkgs:
+                    pkgs[postfix] = {}
+                pkgs[postfix][pkg] = (pkg[:-len(postfix)], post_getname)
+
+        for prefix in prefixes:
+            if pkg.startswith(prefix):
+                if not prefix in pkgs:
+                    pkgs[prefix] = {}
+                pkgs[prefix][pkg] = (pkg[:-len(prefix)], pre_getname)
+
+    if "-dbg" in pkgs:
+        pkglibdeps = read_libdep_files(d)
+        pkglibdeplist = []
+        for pkg in pkglibdeps:
+            for k in pkglibdeps[pkg]:
+                add_dep(pkglibdeplist, k)
+        dbgdefaultdeps = ((d.getVar('DEPCHAIN_DBGDEFAULTDEPS') == '1') or (bb.data.inherits_class('packagegroup', d)))
+
+    for suffix in pkgs:
+        for pkg in pkgs[suffix]:
+            if d.getVarFlag('RRECOMMENDS:' + pkg, 'nodeprrecs'):
+                continue
+            (base, func) = pkgs[suffix][pkg]
+            if suffix == "-dev":
+                pkg_adddeprrecs(pkg, base, suffix, func, depends, d)
+            elif suffix == "-dbg":
+                if not dbgdefaultdeps:
+                    pkg_addrrecs(pkg, base, suffix, func, pkglibdeplist, d)
+                    continue
+            if len(pkgs[suffix]) == 1:
+                pkg_addrrecs(pkg, base, suffix, func, rdepends, d)
+            else:
+                rdeps = []
+                for dep in bb.utils.explode_deps(d.getVar('RDEPENDS:' + base) or ""):
+                    add_dep(rdeps, dep)
+                pkg_addrrecs(pkg, base, suffix, func, rdeps, d)
diff --git a/meta/lib/oe/package_manager/__init__.py b/meta/lib/oe/package_manager/__init__.py
index 8e7128b195..2100a97c12 100644
--- a/meta/lib/oe/package_manager/__init__.py
+++ b/meta/lib/oe/package_manager/__init__.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
@@ -90,7 +92,7 @@ def opkg_query(cmd_output):
 
 def failed_postinsts_abort(pkgs, log_path):
     bb.fatal("""Postinstall scriptlets of %s have failed. If the intention is to defer them to first boot,
-then please place them into pkg_postinst_ontarget_${PN} ().
+then please place them into pkg_postinst_ontarget:${PN} ().
 Deferring to first boot via 'exit 1' is no longer supported.
 Details of the failure are in %s.""" %(pkgs, log_path))
 
@@ -120,7 +122,8 @@ def generate_locale_archive(d, rootfs, target_arch, localedir):
         "riscv32": ["--uint32-align=4", "--little-endian"],
         "i586": ["--uint32-align=4", "--little-endian"],
         "i686": ["--uint32-align=4", "--little-endian"],
-        "x86_64": ["--uint32-align=4", "--little-endian"]
+        "x86_64": ["--uint32-align=4", "--little-endian"],
+        "loongarch64": ["--uint32-align=4", "--little-endian"]
     }
     if target_arch in locale_arch_options:
         arch_options = locale_arch_options[target_arch]
@@ -189,7 +192,7 @@ class PackageManager(object, metaclass=ABCMeta):
         bb.utils.remove(self.intercepts_dir, True)
         bb.utils.mkdirhier(self.intercepts_dir)
         for intercept in postinst_intercepts:
-            bb.utils.copyfile(intercept, os.path.join(self.intercepts_dir, os.path.basename(intercept)))
+            shutil.copy(intercept, os.path.join(self.intercepts_dir, os.path.basename(intercept)))
 
     @abstractmethod
     def _handle_intercept_failure(self, failed_script):
@@ -266,7 +269,7 @@ class PackageManager(object, metaclass=ABCMeta):
         pass
 
     @abstractmethod
-    def install(self, pkgs, attempt_only=False):
+    def install(self, pkgs, attempt_only=False, hard_depends_only=False):
         """
         Install a list of packages. 'pkgs' is a list object. If 'attempt_only' is
         True, installation failures are ignored.
@@ -321,7 +324,7 @@ class PackageManager(object, metaclass=ABCMeta):
         # TODO don't have sdk here but have a property on the superclass
         # (and respect in install_complementary)
         if sdk:
-            pkgdatadir = self.d.expand("${TMPDIR}/pkgdata/${SDK_SYS}")
+            pkgdatadir = self.d.getVar("PKGDATA_DIR_SDK")
         else:
             pkgdatadir = self.d.getVar("PKGDATA_DIR")
 
@@ -344,10 +347,8 @@ class PackageManager(object, metaclass=ABCMeta):
     def install_complementary(self, globs=None):
         """
         Install complementary packages based upon the list of currently installed
-        packages e.g. locales, *-dev, *-dbg, etc. This will only attempt to install
-        these packages, if they don't exist then no error will occur.  Note: every
-        backend needs to call this function explicitly after the normal package
-        installation
+        packages e.g. locales, *-dev, *-dbg, etc. Note: every backend needs to
+        call this function explicitly after the normal package installation.
         """
         if globs is None:
             globs = self.d.getVar('IMAGE_INSTALL_COMPLEMENTARY')
@@ -364,45 +365,43 @@ class PackageManager(object, metaclass=ABCMeta):
                 for complementary_linguas in (self.d.getVar('IMAGE_LINGUAS_COMPLEMENTARY') or "").split():
                     globs += (" " + complementary_linguas) % lang
 
-        if globs is None:
-            return
-
-        # we need to write the list of installed packages to a file because the
-        # oe-pkgdata-util reads it from a file
-        with tempfile.NamedTemporaryFile(mode="w+", prefix="installed-pkgs") as installed_pkgs:
-            pkgs = self.list_installed()
-
-            provided_pkgs = set()
-            for pkg in pkgs.values():
-                provided_pkgs |= set(pkg.get('provs', []))
-
-            output = oe.utils.format_pkg_list(pkgs, "arch")
-            installed_pkgs.write(output)
-            installed_pkgs.flush()
-
-            cmd = ["oe-pkgdata-util",
-                   "-p", self.d.getVar('PKGDATA_DIR'), "glob", installed_pkgs.name,
-                   globs]
-            exclude = self.d.getVar('PACKAGE_EXCLUDE_COMPLEMENTARY')
-            if exclude:
-                cmd.extend(['--exclude=' + '|'.join(exclude.split())])
-            try:
-                bb.note('Running %s' % cmd)
-                proc = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-                stdout, stderr = proc.communicate()
-                if stderr: bb.note(stderr.decode("utf-8"))
-                complementary_pkgs = stdout.decode("utf-8")
-                complementary_pkgs = set(complementary_pkgs.split())
-                skip_pkgs = sorted(complementary_pkgs & provided_pkgs)
-                install_pkgs = sorted(complementary_pkgs - provided_pkgs)
-                bb.note("Installing complementary packages ... %s (skipped already provided packages %s)" % (
-                    ' '.join(install_pkgs),
-                    ' '.join(skip_pkgs)))
-                self.install(install_pkgs, attempt_only=True)
-            except subprocess.CalledProcessError as e:
-                bb.fatal("Could not compute complementary packages list. Command "
-                         "'%s' returned %d:\n%s" %
-                         (' '.join(cmd), e.returncode, e.output.decode("utf-8")))
+        if globs:
+            # we need to write the list of installed packages to a file because the
+            # oe-pkgdata-util reads it from a file
+            with tempfile.NamedTemporaryFile(mode="w+", prefix="installed-pkgs") as installed_pkgs:
+                pkgs = self.list_installed()
+
+                provided_pkgs = set()
+                for pkg in pkgs.values():
+                    provided_pkgs |= set(pkg.get('provs', []))
+
+                output = oe.utils.format_pkg_list(pkgs, "arch")
+                installed_pkgs.write(output)
+                installed_pkgs.flush()
+
+                cmd = ["oe-pkgdata-util",
+                    "-p", self.d.getVar('PKGDATA_DIR'), "glob", installed_pkgs.name,
+                    globs]
+                exclude = self.d.getVar('PACKAGE_EXCLUDE_COMPLEMENTARY')
+                if exclude:
+                    cmd.extend(['--exclude=' + '|'.join(exclude.split())])
+                try:
+                    bb.note('Running %s' % cmd)
+                    proc = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+                    stdout, stderr = proc.communicate()
+                    if stderr: bb.note(stderr.decode("utf-8"))
+                    complementary_pkgs = stdout.decode("utf-8")
+                    complementary_pkgs = set(complementary_pkgs.split())
+                    skip_pkgs = sorted(complementary_pkgs & provided_pkgs)
+                    install_pkgs = sorted(complementary_pkgs - provided_pkgs)
+                    bb.note("Installing complementary packages ... %s (skipped already provided packages %s)" % (
+                        ' '.join(install_pkgs),
+                        ' '.join(skip_pkgs)))
+                    self.install(install_pkgs, hard_depends_only=True)
+                except subprocess.CalledProcessError as e:
+                    bb.fatal("Could not compute complementary packages list. Command "
+                            "'%s' returned %d:\n%s" %
+                            (' '.join(cmd), e.returncode, e.output.decode("utf-8")))
 
         if self.d.getVar('IMAGE_LOCALES_ARCHIVE') == '1':
             target_arch = self.d.getVar('TARGET_ARCH')
@@ -448,7 +447,7 @@ class PackageManager(object, metaclass=ABCMeta):
             return res
         return _append(uris, base_paths)
 
-def create_packages_dir(d, subrepo_dir, deploydir, taskname, filterbydependencies):
+def create_packages_dir(d, subrepo_dir, deploydir, taskname, filterbydependencies, include_self=False):
     """
     Go through our do_package_write_X dependencies and hardlink the packages we depend
     upon into the repo directory. This prevents us seeing other packages that may
@@ -469,7 +468,10 @@ def create_packages_dir(d, subrepo_dir, deploydir, taskname, filterbydependencie
     # Detect bitbake -b usage
     nodeps = d.getVar("BB_LIMITEDDEPS") or False
     if nodeps or not filterbydependencies:
-        oe.path.symlink(deploydir, subrepo_dir, True)
+        for arch in d.getVar("ALL_MULTILIB_PACKAGE_ARCHS").split() + d.getVar("ALL_MULTILIB_PACKAGE_ARCHS").replace("-", "_").split():
+            target = os.path.join(deploydir + "/" + arch)
+            if os.path.exists(target):
+                oe.path.symlink(target, subrepo_dir + "/" + arch, True)
         return
 
     start = None
@@ -482,14 +484,17 @@ def create_packages_dir(d, subrepo_dir, deploydir, taskname, filterbydependencie
         bb.fatal("Couldn't find ourself in BB_TASKDEPDATA?")
     pkgdeps = set()
     start = [start]
-    seen = set(start)
+    if include_self:
+        seen = set()
+    else:
+        seen = set(start)
     # Support direct dependencies (do_rootfs -> do_package_write_X)
     # or indirect dependencies within PN (do_populate_sdk_ext -> do_rootfs -> do_package_write_X)
     while start:
         next = []
         for dep2 in start:
             for dep in taskdepdata[dep2][3]:
-                if taskdepdata[dep][0] != pn:
+                if include_self or taskdepdata[dep][0] != pn:
                     if "do_" + taskname in dep:
                         pkgdeps.add(dep)
                 elif dep not in seen:
diff --git a/meta/lib/oe/package_manager/common_deb_ipk.py b/meta/lib/oe/package_manager/common_deb_ipk.py
new file mode 100644
index 0000000000..6a1e28ee6f
--- /dev/null
+++ b/meta/lib/oe/package_manager/common_deb_ipk.py
@@ -0,0 +1,97 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+
+import glob
+import os
+import subprocess
+import tempfile
+
+import bb
+
+from oe.package_manager import opkg_query, PackageManager
+
+class OpkgDpkgPM(PackageManager):
+    def __init__(self, d, target_rootfs):
+        """
+        This is an abstract class. Do not instantiate this directly.
+        """
+        super(OpkgDpkgPM, self).__init__(d, target_rootfs)
+
+    def package_info(self, pkg):
+        """
+        Returns a dictionary with the package info.
+        """
+        raise NotImplementedError
+
+    def _common_package_info(self, cmd):
+        """
+       "Returns a dictionary with the package info.
+
+        This method extracts the common parts for Opkg and Dpkg
+        """
+
+        proc = subprocess.run(cmd, capture_output=True, encoding="utf-8", shell=True)
+        if proc.returncode:
+            bb.fatal("Unable to list available packages. Command '%s' "
+                     "returned %d:\n%s" % (cmd, proc.returncode, proc.stderr))
+        elif proc.stderr:
+            bb.note("Command '%s' returned stderr: %s" % (cmd, proc.stderr))
+
+        return opkg_query(proc.stdout)
+
+    def extract(self, pkg):
+        """
+        Returns the path to a tmpdir where resides the contents of a package.
+
+        Deleting the tmpdir is responsability of the caller.
+        """
+        pkg_info = self.package_info(pkg)
+        if not pkg_info:
+            bb.fatal("Unable to get information for package '%s' while "
+                     "trying to extract the package."  % pkg)
+
+        ar_cmd = bb.utils.which(os.getenv("PATH"), "ar")
+        tar_cmd = bb.utils.which(os.getenv("PATH"), "tar")
+        pkg_path = pkg_info[pkg]["filepath"]
+
+        if not os.path.isfile(pkg_path):
+            bb.fatal("Unable to extract package for '%s'."
+                     "File %s doesn't exists" % (pkg, pkg_path))
+
+        tmp_dir = tempfile.mkdtemp()
+        current_dir = os.getcwd()
+        os.chdir(tmp_dir)
+
+        try:
+            cmd = [ar_cmd, 'x', pkg_path]
+            output = subprocess.check_output(cmd, stderr=subprocess.STDOUT)
+            data_tar = glob.glob("data.tar.*")
+            if len(data_tar) != 1:
+                bb.fatal("Unable to extract %s package. Failed to identify "
+                         "data tarball (found tarballs '%s').",
+                         pkg_path, data_tar)
+            data_tar = data_tar[0]
+            cmd = [tar_cmd, 'xf', data_tar]
+            output = subprocess.check_output(cmd, stderr=subprocess.STDOUT)
+        except subprocess.CalledProcessError as e:
+            bb.utils.remove(tmp_dir, recurse=True)
+            bb.fatal("Unable to extract %s package. Command '%s' "
+                     "returned %d:\n%s" % (pkg_path, ' '.join(cmd), e.returncode, e.output.decode("utf-8")))
+        except OSError as e:
+            bb.utils.remove(tmp_dir, recurse=True)
+            bb.fatal("Unable to extract %s package. Command '%s' "
+                     "returned %d:\n%s at %s" % (pkg_path, ' '.join(cmd), e.errno, e.strerror, e.filename))
+
+        bb.note("Extracted %s to %s" % (pkg_path, tmp_dir))
+        bb.utils.remove(os.path.join(tmp_dir, "debian-binary"))
+        bb.utils.remove(os.path.join(tmp_dir, "control.tar.gz"))
+        bb.utils.remove(os.path.join(tmp_dir, data_tar))
+        os.chdir(current_dir)
+
+        return tmp_dir
+
+    def _handle_intercept_failure(self, registered_pkgs):
+        self.mark_packages("unpacked", registered_pkgs.split())
diff --git a/meta/lib/oe/package_manager/deb/__init__.py b/meta/lib/oe/package_manager/deb/__init__.py
index 2ee68fefb1..e09e81e490 100644
--- a/meta/lib/oe/package_manager/deb/__init__.py
+++ b/meta/lib/oe/package_manager/deb/__init__.py
@@ -1,10 +1,13 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
 import re
 import subprocess
 from oe.package_manager import *
+from oe.package_manager.common_deb_ipk import OpkgDpkgPM
 
 class DpkgIndexer(Indexer):
     def _create_configs(self):
@@ -53,6 +56,7 @@ class DpkgIndexer(Indexer):
 
         index_cmds = []
         deb_dirs_found = False
+        index_sign_files = set()
         for arch in arch_list:
             arch_dir = os.path.join(self.deploy_dir, arch)
             if not os.path.isdir(arch_dir):
@@ -62,7 +66,10 @@ class DpkgIndexer(Indexer):
 
             cmd += "%s -fcn Packages > Packages.gz;" % gzip
 
-            with open(os.path.join(arch_dir, "Release"), "w+") as release:
+            release_file = os.path.join(arch_dir, "Release")
+            index_sign_files.add(release_file)
+
+            with open(release_file, "w+") as release:
                 release.write("Label: %s\n" % arch)
 
             cmd += "PSEUDO_UNLOAD=1 %s release . >> Release" % apt_ftparchive
@@ -77,7 +84,16 @@ class DpkgIndexer(Indexer):
 
         oe.utils.multiprocess_launch(create_index, index_cmds, self.d)
         if self.d.getVar('PACKAGE_FEED_SIGN') == '1':
-            raise NotImplementedError('Package feed signing not implementd for dpkg')
+            signer = get_signer(self.d, self.d.getVar('PACKAGE_FEED_GPG_BACKEND'))
+        else:
+            signer = None
+        if signer:
+            for f in index_sign_files:
+                signer.detach_sign(f,
+                                   self.d.getVar('PACKAGE_FEED_GPG_NAME'),
+                                   self.d.getVar('PACKAGE_FEED_GPG_PASSPHRASE_FILE'),
+                                   output_suffix="gpg",
+                                   use_sha256=True)
 
 class PMPkgsList(PkgsList):
 
@@ -96,72 +112,6 @@ class PMPkgsList(PkgsList):
 
         return opkg_query(cmd_output)
 
-class OpkgDpkgPM(PackageManager):
-    def __init__(self, d, target_rootfs):
-        """
-        This is an abstract class. Do not instantiate this directly.
-        """
-        super(OpkgDpkgPM, self).__init__(d, target_rootfs)
-
-    def package_info(self, pkg, cmd):
-        """
-        Returns a dictionary with the package info.
-
-        This method extracts the common parts for Opkg and Dpkg
-        """
-
-        try:
-            output = subprocess.check_output(cmd, stderr=subprocess.STDOUT, shell=True).decode("utf-8")
-        except subprocess.CalledProcessError as e:
-            bb.fatal("Unable to list available packages. Command '%s' "
-                     "returned %d:\n%s" % (cmd, e.returncode, e.output.decode("utf-8")))
-        return opkg_query(output)
-
-    def extract(self, pkg, pkg_info):
-        """
-        Returns the path to a tmpdir where resides the contents of a package.
-
-        Deleting the tmpdir is responsability of the caller.
-
-        This method extracts the common parts for Opkg and Dpkg
-        """
-
-        ar_cmd = bb.utils.which(os.getenv("PATH"), "ar")
-        tar_cmd = bb.utils.which(os.getenv("PATH"), "tar")
-        pkg_path = pkg_info[pkg]["filepath"]
-
-        if not os.path.isfile(pkg_path):
-            bb.fatal("Unable to extract package for '%s'."
-                     "File %s doesn't exists" % (pkg, pkg_path))
-
-        tmp_dir = tempfile.mkdtemp()
-        current_dir = os.getcwd()
-        os.chdir(tmp_dir)
-        data_tar = 'data.tar.xz'
-
-        try:
-            cmd = [ar_cmd, 'x', pkg_path]
-            output = subprocess.check_output(cmd, stderr=subprocess.STDOUT)
-            cmd = [tar_cmd, 'xf', data_tar]
-            output = subprocess.check_output(cmd, stderr=subprocess.STDOUT)
-        except subprocess.CalledProcessError as e:
-            bb.utils.remove(tmp_dir, recurse=True)
-            bb.fatal("Unable to extract %s package. Command '%s' "
-                     "returned %d:\n%s" % (pkg_path, ' '.join(cmd), e.returncode, e.output.decode("utf-8")))
-        except OSError as e:
-            bb.utils.remove(tmp_dir, recurse=True)
-            bb.fatal("Unable to extract %s package. Command '%s' "
-                     "returned %d:\n%s at %s" % (pkg_path, ' '.join(cmd), e.errno, e.strerror, e.filename))
-
-        bb.note("Extracted %s to %s" % (pkg_path, tmp_dir))
-        bb.utils.remove(os.path.join(tmp_dir, "debian-binary"))
-        bb.utils.remove(os.path.join(tmp_dir, "control.tar.gz"))
-        os.chdir(current_dir)
-
-        return tmp_dir
-
-    def _handle_intercept_failure(self, registered_pkgs):
-        self.mark_packages("unpacked", registered_pkgs.split())
 
 class DpkgPM(OpkgDpkgPM):
     def __init__(self, d, target_rootfs, archs, base_archs, apt_conf_dir=None, deb_repo_workdir="oe-rootfs-repo", filterbydependencies=True):
@@ -214,7 +164,7 @@ class DpkgPM(OpkgDpkgPM):
 
                     tmp_sf.write(status)
 
-        os.rename(status_file + ".tmp", status_file)
+        bb.utils.rename(status_file + ".tmp", status_file)
 
     def run_pre_post_installs(self, package_name=None):
         """
@@ -276,14 +226,18 @@ class DpkgPM(OpkgDpkgPM):
 
         self.deploy_dir_unlock()
 
-    def install(self, pkgs, attempt_only=False):
+    def install(self, pkgs, attempt_only=False, hard_depends_only=False):
         if attempt_only and len(pkgs) == 0:
             return
 
         os.environ['APT_CONFIG'] = self.apt_conf_file
 
-        cmd = "%s %s install --allow-downgrades --allow-remove-essential --allow-change-held-packages --allow-unauthenticated --no-remove %s" % \
-              (self.apt_get_cmd, self.apt_args, ' '.join(pkgs))
+        extra_args = ""
+        if hard_depends_only:
+            extra_args = "--no-install-recommends"
+
+        cmd = "%s %s install --allow-downgrades --allow-remove-essential --allow-change-held-packages --allow-unauthenticated --no-remove %s %s" % \
+              (self.apt_get_cmd, self.apt_args, extra_args, ' '.join(pkgs))
 
         try:
             bb.note("Installing the following packages: %s" % ' '.join(pkgs))
@@ -299,13 +253,13 @@ class DpkgPM(OpkgDpkgPM):
             for dir in dirs:
                 new_dir = re.sub(r"\.dpkg-new", "", dir)
                 if dir != new_dir:
-                    os.rename(os.path.join(root, dir),
+                    bb.utils.rename(os.path.join(root, dir),
                               os.path.join(root, new_dir))
 
             for file in files:
                 new_file = re.sub(r"\.dpkg-new", "", file)
                 if file != new_file:
-                    os.rename(os.path.join(root, file),
+                    bb.utils.rename(os.path.join(root, file),
                               os.path.join(root, new_file))
 
 
@@ -422,7 +376,7 @@ class DpkgPM(OpkgDpkgPM):
         multilib_variants = self.d.getVar("MULTILIB_VARIANTS");
         for variant in multilib_variants.split():
             localdata = bb.data.createCopy(self.d)
-            variant_tune = localdata.getVar("DEFAULTTUNE_virtclass-multilib-" + variant, False)
+            variant_tune = localdata.getVar("DEFAULTTUNE:virtclass-multilib-" + variant, False)
             orig_arch = localdata.getVar("DPKG_ARCH")
             localdata.setVar("DEFAULTTUNE", variant_tune)
             variant_arch = localdata.getVar("DPKG_ARCH")
@@ -477,7 +431,7 @@ class DpkgPM(OpkgDpkgPM):
         Returns a dictionary with the package info.
         """
         cmd = "%s show %s" % (self.apt_cache_cmd, pkg)
-        pkg_info = super(DpkgPM, self).package_info(pkg, cmd)
+        pkg_info = self._common_package_info(cmd)
 
         pkg_arch = pkg_info[pkg]["pkgarch"]
         pkg_filename = pkg_info[pkg]["filename"]
@@ -485,19 +439,3 @@ class DpkgPM(OpkgDpkgPM):
                 os.path.join(self.deploy_dir, pkg_arch, pkg_filename)
 
         return pkg_info
-
-    def extract(self, pkg):
-        """
-        Returns the path to a tmpdir where resides the contents of a package.
-
-        Deleting the tmpdir is responsability of the caller.
-        """
-        pkg_info = self.package_info(pkg)
-        if not pkg_info:
-            bb.fatal("Unable to get information for package '%s' while "
-                     "trying to extract the package."  % pkg)
-
-        tmp_dir = super(DpkgPM, self).extract(pkg, pkg_info)
-        bb.utils.remove(os.path.join(tmp_dir, "data.tar.xz"))
-
-        return tmp_dir
diff --git a/meta/lib/oe/package_manager/deb/manifest.py b/meta/lib/oe/package_manager/deb/manifest.py
index d8eab24a06..72983bae98 100644
--- a/meta/lib/oe/package_manager/deb/manifest.py
+++ b/meta/lib/oe/package_manager/deb/manifest.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
diff --git a/meta/lib/oe/package_manager/deb/rootfs.py b/meta/lib/oe/package_manager/deb/rootfs.py
index 8fbaca11d6..1e25b64ed9 100644
--- a/meta/lib/oe/package_manager/deb/rootfs.py
+++ b/meta/lib/oe/package_manager/deb/rootfs.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
diff --git a/meta/lib/oe/package_manager/deb/sdk.py b/meta/lib/oe/package_manager/deb/sdk.py
index 9859d8f32d..6f3005053e 100644
--- a/meta/lib/oe/package_manager/deb/sdk.py
+++ b/meta/lib/oe/package_manager/deb/sdk.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
@@ -65,7 +67,14 @@ class PkgSdk(Sdk):
 
         self.target_pm.install_complementary(self.d.getVar('SDKIMAGE_INSTALL_COMPLEMENTARY'))
 
+        self.target_pm.run_pre_post_installs()
+
+        env_bkp = os.environ.copy()
+        os.environ['PATH'] = self.d.expand("${COREBASE}/scripts/nativesdk-intercept") + \
+                             os.pathsep + os.environ["PATH"]
+
         self.target_pm.run_intercepts(populate_sdk='target')
+        os.environ.update(env_bkp)
 
         execute_pre_post_process(self.d, self.d.getVar("POPULATE_SDK_POST_TARGET_COMMAND"))
 
@@ -78,6 +87,8 @@ class PkgSdk(Sdk):
         self._populate_sysroot(self.host_pm, self.host_manifest)
         self.install_locales(self.host_pm)
 
+        self.host_pm.run_pre_post_installs()
+
         self.host_pm.run_intercepts(populate_sdk='host')
 
         execute_pre_post_process(self.d, self.d.getVar("POPULATE_SDK_POST_HOST_COMMAND"))
diff --git a/meta/lib/oe/package_manager/ipk/__init__.py b/meta/lib/oe/package_manager/ipk/__init__.py
index da488c1c7f..3d998e52ff 100644
--- a/meta/lib/oe/package_manager/ipk/__init__.py
+++ b/meta/lib/oe/package_manager/ipk/__init__.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
@@ -6,6 +8,7 @@ import re
 import shutil
 import subprocess
 from oe.package_manager import *
+from oe.package_manager.common_deb_ipk import OpkgDpkgPM
 
 class OpkgIndexer(Indexer):
     def write_index(self):
@@ -14,6 +17,7 @@ class OpkgIndexer(Indexer):
                      ]
 
         opkg_index_cmd = bb.utils.which(os.getenv('PATH'), "opkg-make-index")
+        opkg_index_cmd_extra_params = self.d.getVar('OPKG_MAKE_INDEX_EXTRA_PARAMS') or ""
         if self.d.getVar('PACKAGE_FEED_SIGN') == '1':
             signer = get_signer(self.d, self.d.getVar('PACKAGE_FEED_GPG_BACKEND'))
         else:
@@ -39,8 +43,8 @@ class OpkgIndexer(Indexer):
                 if not os.path.exists(pkgs_file):
                     open(pkgs_file, "w").close()
 
-                index_cmds.add('%s --checksum md5 --checksum sha256 -r %s -p %s -m %s' %
-                                  (opkg_index_cmd, pkgs_file, pkgs_file, pkgs_dir))
+                index_cmds.add('%s --checksum md5 --checksum sha256 -r %s -p %s -m %s %s' %
+                                  (opkg_index_cmd, pkgs_file, pkgs_file, pkgs_dir, opkg_index_cmd_extra_params))
 
                 index_sign_files.add(pkgs_file)
 
@@ -87,74 +91,6 @@ class PMPkgsList(PkgsList):
         return opkg_query(cmd_output)
 
 
-
-class OpkgDpkgPM(PackageManager):
-    def __init__(self, d, target_rootfs):
-        """
-        This is an abstract class. Do not instantiate this directly.
-        """
-        super(OpkgDpkgPM, self).__init__(d, target_rootfs)
-
-    def package_info(self, pkg, cmd):
-        """
-        Returns a dictionary with the package info.
-
-        This method extracts the common parts for Opkg and Dpkg
-        """
-
-        try:
-            output = subprocess.check_output(cmd, stderr=subprocess.STDOUT, shell=True).decode("utf-8")
-        except subprocess.CalledProcessError as e:
-            bb.fatal("Unable to list available packages. Command '%s' "
-                     "returned %d:\n%s" % (cmd, e.returncode, e.output.decode("utf-8")))
-        return opkg_query(output)
-
-    def extract(self, pkg, pkg_info):
-        """
-        Returns the path to a tmpdir where resides the contents of a package.
-
-        Deleting the tmpdir is responsability of the caller.
-
-        This method extracts the common parts for Opkg and Dpkg
-        """
-
-        ar_cmd = bb.utils.which(os.getenv("PATH"), "ar")
-        tar_cmd = bb.utils.which(os.getenv("PATH"), "tar")
-        pkg_path = pkg_info[pkg]["filepath"]
-
-        if not os.path.isfile(pkg_path):
-            bb.fatal("Unable to extract package for '%s'."
-                     "File %s doesn't exists" % (pkg, pkg_path))
-
-        tmp_dir = tempfile.mkdtemp()
-        current_dir = os.getcwd()
-        os.chdir(tmp_dir)
-        data_tar = 'data.tar.xz'
-
-        try:
-            cmd = [ar_cmd, 'x', pkg_path]
-            output = subprocess.check_output(cmd, stderr=subprocess.STDOUT)
-            cmd = [tar_cmd, 'xf', data_tar]
-            output = subprocess.check_output(cmd, stderr=subprocess.STDOUT)
-        except subprocess.CalledProcessError as e:
-            bb.utils.remove(tmp_dir, recurse=True)
-            bb.fatal("Unable to extract %s package. Command '%s' "
-                     "returned %d:\n%s" % (pkg_path, ' '.join(cmd), e.returncode, e.output.decode("utf-8")))
-        except OSError as e:
-            bb.utils.remove(tmp_dir, recurse=True)
-            bb.fatal("Unable to extract %s package. Command '%s' "
-                     "returned %d:\n%s at %s" % (pkg_path, ' '.join(cmd), e.errno, e.strerror, e.filename))
-
-        bb.note("Extracted %s to %s" % (pkg_path, tmp_dir))
-        bb.utils.remove(os.path.join(tmp_dir, "debian-binary"))
-        bb.utils.remove(os.path.join(tmp_dir, "control.tar.gz"))
-        os.chdir(current_dir)
-
-        return tmp_dir
-
-    def _handle_intercept_failure(self, registered_pkgs):
-        self.mark_packages("unpacked", registered_pkgs.split())
-
 class OpkgPM(OpkgDpkgPM):
     def __init__(self, d, target_rootfs, config_file, archs, task_name='target', ipk_repo_workdir="oe-rootfs-repo", filterbydependencies=True, prepare_index=True):
         super(OpkgPM, self).__init__(d, target_rootfs)
@@ -213,7 +149,7 @@ class OpkgPM(OpkgDpkgPM):
 
                     tmp_sf.write(status)
 
-        os.rename(status_file + ".tmp", status_file)
+        bb.utils.rename(status_file + ".tmp", status_file)
 
     def _create_custom_config(self):
         bb.note("Building from feeds activated!")
@@ -243,7 +179,7 @@ class OpkgPM(OpkgDpkgPM):
             """
             if (self.d.getVar('FEED_DEPLOYDIR_BASE_URI') or "") != "":
                 for arch in self.pkg_archs.split():
-                    cfg_file_name = os.path.join(self.target_rootfs,
+                    cfg_file_name = oe.path.join(self.target_rootfs,
                                                  self.d.getVar("sysconfdir"),
                                                  "opkg",
                                                  "local-%s-feed.conf" % arch)
@@ -337,7 +273,7 @@ class OpkgPM(OpkgDpkgPM):
 
         self.deploy_dir_unlock()
 
-    def install(self, pkgs, attempt_only=False):
+    def install(self, pkgs, attempt_only=False, hard_depends_only=False):
         if not pkgs:
             return
 
@@ -346,6 +282,8 @@ class OpkgPM(OpkgDpkgPM):
             cmd += " --add-exclude %s" % exclude
         for bad_recommendation in (self.d.getVar("BAD_RECOMMENDATIONS") or "").split():
             cmd += " --add-ignore-recommends %s" % bad_recommendation
+        if hard_depends_only:
+            cmd += " --no-install-recommends"
         cmd += " install "
         cmd += " ".join(pkgs)
 
@@ -443,15 +381,16 @@ class OpkgPM(OpkgDpkgPM):
         cmd = "%s %s --noaction install %s " % (self.opkg_cmd,
                                                 opkg_args,
                                                 ' '.join(pkgs))
-        try:
-            output = subprocess.check_output(cmd, stderr=subprocess.STDOUT, shell=True)
-        except subprocess.CalledProcessError as e:
+        proc = subprocess.run(cmd, capture_output=True, encoding="utf-8", shell=True)
+        if proc.returncode:
             bb.fatal("Unable to dummy install packages. Command '%s' "
-                     "returned %d:\n%s" % (cmd, e.returncode, e.output.decode("utf-8")))
+                     "returned %d:\n%s" % (cmd, proc.returncode, proc.stderr))
+        elif proc.stderr:
+            bb.note("Command '%s' returned stderr: %s" % (cmd, proc.stderr))
 
         bb.utils.remove(temp_rootfs, True)
 
-        return output
+        return proc.stdout
 
     def backup_packaging_data(self):
         # Save the opkglib for increment ipk image generation
@@ -477,7 +416,7 @@ class OpkgPM(OpkgDpkgPM):
         Returns a dictionary with the package info.
         """
         cmd = "%s %s info %s" % (self.opkg_cmd, self.opkg_args, pkg)
-        pkg_info = super(OpkgPM, self).package_info(pkg, cmd)
+        pkg_info = self._common_package_info(cmd)
 
         pkg_arch = pkg_info[pkg]["arch"]
         pkg_filename = pkg_info[pkg]["filename"]
@@ -485,19 +424,3 @@ class OpkgPM(OpkgDpkgPM):
                 os.path.join(self.deploy_dir, pkg_arch, pkg_filename)
 
         return pkg_info
-
-    def extract(self, pkg):
-        """
-        Returns the path to a tmpdir where resides the contents of a package.
-
-        Deleting the tmpdir is responsability of the caller.
-        """
-        pkg_info = self.package_info(pkg)
-        if not pkg_info:
-            bb.fatal("Unable to get information for package '%s' while "
-                     "trying to extract the package."  % pkg)
-
-        tmp_dir = super(OpkgPM, self).extract(pkg, pkg_info)
-        bb.utils.remove(os.path.join(tmp_dir, "data.tar.xz"))
-
-        return tmp_dir
diff --git a/meta/lib/oe/package_manager/ipk/manifest.py b/meta/lib/oe/package_manager/ipk/manifest.py
index ee4b57bcb0..3549d7428d 100644
--- a/meta/lib/oe/package_manager/ipk/manifest.py
+++ b/meta/lib/oe/package_manager/ipk/manifest.py
@@ -1,8 +1,11 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
 from oe.manifest import Manifest
+import re
 
 class PkgManifest(Manifest):
     """
diff --git a/meta/lib/oe/package_manager/ipk/rootfs.py b/meta/lib/oe/package_manager/ipk/rootfs.py
index 26dbee6f6a..ba93eb62ea 100644
--- a/meta/lib/oe/package_manager/ipk/rootfs.py
+++ b/meta/lib/oe/package_manager/ipk/rootfs.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
@@ -145,51 +147,14 @@ class PkgRootfs(DpkgOpkgRootfs):
             self.pm.recover_packaging_data()
 
         bb.utils.remove(self.d.getVar('MULTILIB_TEMP_ROOTFS'), True)
-
-    def _prelink_file(self, root_dir, filename):
-        bb.note('prelink %s in %s' % (filename, root_dir))
-        prelink_cfg = oe.path.join(root_dir,
-                                   self.d.expand('${sysconfdir}/prelink.conf'))
-        if not os.path.exists(prelink_cfg):
-            shutil.copy(self.d.expand('${STAGING_DIR_NATIVE}${sysconfdir_native}/prelink.conf'),
-                        prelink_cfg)
-
-        cmd_prelink = self.d.expand('${STAGING_DIR_NATIVE}${sbindir_native}/prelink')
-        self._exec_shell_cmd([cmd_prelink,
-                              '--root',
-                              root_dir,
-                              '-amR',
-                              '-N',
-                              '-c',
-                              self.d.expand('${sysconfdir}/prelink.conf')])
-
     '''
     Compare two files with the same key twice to see if they are equal.
     If they are not equal, it means they are duplicated and come from
     different packages.
-    1st: Comapre them directly;
-    2nd: While incremental image creation is enabled, one of the
-         files could be probaly prelinked in the previous image
-         creation and the file has been changed, so we need to
-         prelink the other one and compare them.
     '''
     def _file_equal(self, key, f1, f2):
-
-        # Both of them are not prelinked
         if filecmp.cmp(f1, f2):
             return True
-
-        if bb.data.inherits_class('image-prelink', self.d):
-            if self.image_rootfs not in f1:
-                self._prelink_file(f1.replace(key, ''), f1)
-
-            if self.image_rootfs not in f2:
-                self._prelink_file(f2.replace(key, ''), f2)
-
-            # Both of them are prelinked
-            if filecmp.cmp(f1, f2):
-                return True
-
         # Not equal
         return False
 
@@ -200,7 +165,7 @@ class PkgRootfs(DpkgOpkgRootfs):
     """
     def _multilib_sanity_test(self, dirs):
 
-        allow_replace = self.d.getVar("MULTILIBRE_ALLOW_REP")
+        allow_replace = "|".join((self.d.getVar("MULTILIBRE_ALLOW_REP") or "").split())
         if allow_replace is None:
             allow_replace = ""
 
diff --git a/meta/lib/oe/package_manager/ipk/sdk.py b/meta/lib/oe/package_manager/ipk/sdk.py
index e2ca415c8e..3acd55f548 100644
--- a/meta/lib/oe/package_manager/ipk/sdk.py
+++ b/meta/lib/oe/package_manager/ipk/sdk.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
@@ -61,12 +63,19 @@ class PkgSdk(Sdk):
 
         self.target_pm.install_complementary(self.d.getVar('SDKIMAGE_INSTALL_COMPLEMENTARY'))
 
+        env_bkp = os.environ.copy()
+        os.environ['PATH'] = self.d.expand("${COREBASE}/scripts/nativesdk-intercept") + \
+                             os.pathsep + os.environ["PATH"]
+
         self.target_pm.run_intercepts(populate_sdk='target')
+        os.environ.update(env_bkp)
 
         execute_pre_post_process(self.d, self.d.getVar("POPULATE_SDK_POST_TARGET_COMMAND"))
 
         if not bb.utils.contains("SDKIMAGE_FEATURES", "package-management", True, False, self.d):
             self.target_pm.remove_packaging_data()
+        else:
+            self.target_pm.remove_lists()
 
         bb.note("Installing NATIVESDK packages")
         self._populate_sysroot(self.host_pm, self.host_manifest)
@@ -78,6 +87,8 @@ class PkgSdk(Sdk):
 
         if not bb.utils.contains("SDKIMAGE_FEATURES", "package-management", True, False, self.d):
             self.host_pm.remove_packaging_data()
+        else:
+            self.host_pm.remove_lists()
 
         target_sysconfdir = os.path.join(self.sdk_target_sysroot, self.sysconfdir)
         host_sysconfdir = os.path.join(self.sdk_host_sysroot, self.sysconfdir)
diff --git a/meta/lib/oe/package_manager/rpm/__init__.py b/meta/lib/oe/package_manager/rpm/__init__.py
index 6df0092281..323ec5008f 100644
--- a/meta/lib/oe/package_manager/rpm/__init__.py
+++ b/meta/lib/oe/package_manager/rpm/__init__.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
@@ -96,11 +98,15 @@ class RpmPM(PackageManager):
         archs = ["sdk_provides_dummy_target"] + archs
         confdir = "%s/%s" %(self.target_rootfs, "etc/dnf/vars/")
         bb.utils.mkdirhier(confdir)
-        open(confdir + "arch", 'w').write(":".join(archs))
+        with open(confdir + "arch", 'w') as f:
+            f.write(":".join(archs))
+
         distro_codename = self.d.getVar('DISTRO_CODENAME')
-        open(confdir + "releasever", 'w').write(distro_codename if distro_codename is not None else '')
+        with open(confdir + "releasever", 'w') as f:
+            f.write(distro_codename if distro_codename is not None else '')
 
-        open(oe.path.join(self.target_rootfs, "etc/dnf/dnf.conf"), 'w').write("")
+        with open(oe.path.join(self.target_rootfs, "etc/dnf/dnf.conf"), 'w') as f:
+            f.write("")
 
 
     def _configure_rpm(self):
@@ -110,14 +116,17 @@ class RpmPM(PackageManager):
         platformconfdir = "%s/%s" %(self.target_rootfs, "etc/rpm/")
         rpmrcconfdir = "%s/%s" %(self.target_rootfs, "etc/")
         bb.utils.mkdirhier(platformconfdir)
-        open(platformconfdir + "platform", 'w').write("%s-pc-linux" % self.primary_arch)
+        with open(platformconfdir + "platform", 'w') as f:
+            f.write("%s-pc-linux" % self.primary_arch)
         with open(rpmrcconfdir + "rpmrc", 'w') as f:
             f.write("arch_compat: %s: %s\n" % (self.primary_arch, self.archs if len(self.archs) > 0 else self.primary_arch))
             f.write("buildarch_compat: %s: noarch\n" % self.primary_arch)
 
-        open(platformconfdir + "macros", 'w').write("%_transaction_color 7\n")
+        with open(platformconfdir + "macros", 'w') as f:
+            f.write("%_transaction_color 7\n")
         if self.d.getVar('RPM_PREFER_ELF_ARCH'):
-            open(platformconfdir + "macros", 'a').write("%%_prefer_color %s" % (self.d.getVar('RPM_PREFER_ELF_ARCH')))
+            with open(platformconfdir + "macros", 'a') as f:
+                f.write("%%_prefer_color %s" % (self.d.getVar('RPM_PREFER_ELF_ARCH')))
 
         if self.d.getVar('RPM_SIGN_PACKAGES') == '1':
             signer = get_signer(self.d, self.d.getVar('RPM_GPG_BACKEND'))
@@ -164,13 +173,13 @@ class RpmPM(PackageManager):
                     repo_uri = uri + "/" + arch
                     repo_id   = "oe-remote-repo"  + "-".join(urlparse(repo_uri).path.split("/"))
                     repo_name = "OE Remote Repo:" + " ".join(urlparse(repo_uri).path.split("/"))
-                    open(oe.path.join(self.target_rootfs, "etc", "yum.repos.d", repo_base + ".repo"), 'a').write(
-                             "[%s]\nname=%s\nbaseurl=%s\n%s\n" % (repo_id, repo_name, repo_uri, gpg_opts))
+                    with open(oe.path.join(self.target_rootfs, "etc", "yum.repos.d", repo_base + ".repo"), 'a') as f:
+                        f.write("[%s]\nname=%s\nbaseurl=%s\n%s\n" % (repo_id, repo_name, repo_uri, gpg_opts))
             else:
                 repo_name = "OE Remote Repo:" + " ".join(urlparse(uri).path.split("/"))
                 repo_uri = uri
-                open(oe.path.join(self.target_rootfs, "etc", "yum.repos.d", repo_base + ".repo"), 'w').write(
-                             "[%s]\nname=%s\nbaseurl=%s\n%s" % (repo_base, repo_name, repo_uri, gpg_opts))
+                with open(oe.path.join(self.target_rootfs, "etc", "yum.repos.d", repo_base + ".repo"), 'w') as f:
+                    f.write("[%s]\nname=%s\nbaseurl=%s\n%s" % (repo_base, repo_name, repo_uri, gpg_opts))
 
     def _prepare_pkg_transaction(self):
         os.environ['D'] = self.target_rootfs
@@ -181,7 +190,7 @@ class RpmPM(PackageManager):
         os.environ['NATIVE_ROOT'] = self.d.getVar('STAGING_DIR_NATIVE')
 
 
-    def install(self, pkgs, attempt_only = False):
+    def install(self, pkgs, attempt_only=False, hard_depends_only=False):
         if len(pkgs) == 0:
             return
         self._prepare_pkg_transaction()
@@ -192,13 +201,16 @@ class RpmPM(PackageManager):
 
         output = self._invoke_dnf((["--skip-broken"] if attempt_only else []) +
                          (["-x", ",".join(exclude_pkgs)] if len(exclude_pkgs) > 0 else []) +
-                         (["--setopt=install_weak_deps=False"] if self.d.getVar('NO_RECOMMENDATIONS') == "1" else []) +
+                         (["--setopt=install_weak_deps=False"] if (hard_depends_only or self.d.getVar('NO_RECOMMENDATIONS') == "1") else []) +
                          (["--nogpgcheck"] if self.d.getVar('RPM_SIGN_PACKAGES') != '1' else ["--setopt=gpgcheck=True"]) +
                          ["install"] +
                          pkgs)
 
         failed_scriptlets_pkgnames = collections.OrderedDict()
         for line in output.splitlines():
+            if line.startswith("Error: Systemctl"):
+                bb.error(line)
+
             if line.startswith("Error in POSTIN scriptlet in rpm package"):
                 failed_scriptlets_pkgnames[line.split()[-1]] = True
 
@@ -326,7 +338,8 @@ class RpmPM(PackageManager):
             return e.output.decode("utf-8")
 
     def dump_install_solution(self, pkgs):
-        open(self.solution_manifest, 'w').write(" ".join(pkgs))
+        with open(self.solution_manifest, 'w') as f:
+            f.write(" ".join(pkgs))
         return pkgs
 
     def load_old_install_solution(self):
@@ -360,7 +373,8 @@ class RpmPM(PackageManager):
         bb.utils.mkdirhier(target_path)
         num = self._script_num_prefix(target_path)
         saved_script_name = oe.path.join(target_path, "%d-%s" % (num, pkg))
-        open(saved_script_name, 'w').write(output)
+        with open(saved_script_name, 'w') as f:
+            f.write(output)
         os.chmod(saved_script_name, 0o755)
 
     def _handle_intercept_failure(self, registered_pkgs):
@@ -372,14 +386,15 @@ class RpmPM(PackageManager):
             self.save_rpmpostinst(pkg)
 
     def extract(self, pkg):
-        output = self._invoke_dnf(["repoquery", "--queryformat", "%{location}", pkg])
+        output = self._invoke_dnf(["repoquery", "--location", pkg])
         pkg_name = output.splitlines()[-1]
         if not pkg_name.endswith(".rpm"):
             bb.fatal("dnf could not find package %s in repository: %s" %(pkg, output))
-        pkg_path = oe.path.join(self.rpm_repo_dir, pkg_name)
+        # Strip file: prefix
+        pkg_path = pkg_name[5:]
 
-        cpio_cmd = bb.utils.which(os.getenv("PATH"), "cpio")
-        rpm2cpio_cmd = bb.utils.which(os.getenv("PATH"), "rpm2cpio")
+        tar_cmd = bb.utils.which(os.getenv("PATH"), "tar")
+        rpm2archive_cmd = bb.utils.which(os.getenv("PATH"), "rpm2archive")
 
         if not os.path.isfile(pkg_path):
             bb.fatal("Unable to extract package for '%s'."
@@ -390,7 +405,7 @@ class RpmPM(PackageManager):
         os.chdir(tmp_dir)
 
         try:
-            cmd = "%s %s | %s -idmv" % (rpm2cpio_cmd, pkg_path, cpio_cmd)
+            cmd = "%s -n %s | %s xv" % (rpm2archive_cmd, pkg_path, tar_cmd)
             output = subprocess.check_output(cmd, stderr=subprocess.STDOUT, shell=True)
         except subprocess.CalledProcessError as e:
             bb.utils.remove(tmp_dir, recurse=True)
diff --git a/meta/lib/oe/package_manager/rpm/manifest.py b/meta/lib/oe/package_manager/rpm/manifest.py
index e6604b301f..6ee7c329f0 100644
--- a/meta/lib/oe/package_manager/rpm/manifest.py
+++ b/meta/lib/oe/package_manager/rpm/manifest.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
diff --git a/meta/lib/oe/package_manager/rpm/rootfs.py b/meta/lib/oe/package_manager/rpm/rootfs.py
index 00d07cd9cc..3ba5396320 100644
--- a/meta/lib/oe/package_manager/rpm/rootfs.py
+++ b/meta/lib/oe/package_manager/rpm/rootfs.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
@@ -108,7 +110,7 @@ class PkgRootfs(Rootfs):
         if self.progress_reporter:
             self.progress_reporter.next_stage()
 
-        self._setup_dbg_rootfs(['/etc', '/var/lib/rpm', '/var/cache/dnf', '/var/lib/dnf'])
+        self._setup_dbg_rootfs(['/etc/rpm', '/etc/rpmrc', '/etc/dnf', '/var/lib/rpm', '/var/cache/dnf', '/var/lib/dnf'])
 
         execute_pre_post_process(self.d, rpm_post_process_cmds)
 
diff --git a/meta/lib/oe/package_manager/rpm/sdk.py b/meta/lib/oe/package_manager/rpm/sdk.py
index c5f232431f..ea79fe050b 100644
--- a/meta/lib/oe/package_manager/rpm/sdk.py
+++ b/meta/lib/oe/package_manager/rpm/sdk.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
@@ -65,7 +67,12 @@ class PkgSdk(Sdk):
 
         self.target_pm.install_complementary(self.d.getVar('SDKIMAGE_INSTALL_COMPLEMENTARY'))
 
+        env_bkp = os.environ.copy()
+        os.environ['PATH'] = self.d.expand("${COREBASE}/scripts/nativesdk-intercept") + \
+                             os.pathsep + os.environ["PATH"]
+
         self.target_pm.run_intercepts(populate_sdk='target')
+        os.environ.update(env_bkp)
 
         execute_pre_post_process(self.d, self.d.getVar("POPULATE_SDK_POST_TARGET_COMMAND"))
 
@@ -110,5 +117,6 @@ class PkgSdk(Sdk):
         for f in glob.glob(os.path.join(self.sdk_output, "etc", "rpm*")):
             self.movefile(f, native_sysconf_dir)
         for f in glob.glob(os.path.join(self.sdk_output, "etc", "dnf", "*")):
-            self.movefile(f, native_sysconf_dir)
+            self.mkdirhier(native_sysconf_dir + "/dnf")
+            self.movefile(f, native_sysconf_dir + "/dnf")
         self.remove(os.path.join(self.sdk_output, "etc"), True)
diff --git a/meta/lib/oe/packagedata.py b/meta/lib/oe/packagedata.py
index a82085a792..b6a10a930a 100644
--- a/meta/lib/oe/packagedata.py
+++ b/meta/lib/oe/packagedata.py
@@ -1,9 +1,17 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
 import codecs
 import os
+import json
+import bb.parse
+import bb.compress.zstd
+import oe.path
+
+from glob import glob
 
 def packaged(pkg, d):
     return os.access(get_subpkgedata_fn(pkg, d) + '.packaged', os.R_OK)
@@ -19,7 +27,7 @@ def read_pkgdatafile(fn):
         import re
         with open(fn, 'r') as f:
             lines = f.readlines()
-        r = re.compile("([^:]+):\s*(.*)")
+        r = re.compile(r"(^.+?):\s+(.*)")
         for l in lines:
             m = r.match(l)
             if m:
@@ -45,18 +53,31 @@ def read_pkgdata(pn, d):
     return read_pkgdatafile(fn)
 
 #
-# Collapse FOO_pkg variables into FOO
+# Collapse FOO:pkg variables into FOO
 #
 def read_subpkgdata_dict(pkg, d):
     ret = {}
     subd = read_pkgdatafile(get_subpkgedata_fn(pkg, d))
     for var in subd:
-        newvar = var.replace("_" + pkg, "")
-        if newvar == var and var + "_" + pkg in subd:
+        newvar = var.replace(":" + pkg, "")
+        if newvar == var and var + ":" + pkg in subd:
             continue
         ret[newvar] = subd[var]
     return ret
 
+@bb.parse.vardepsexclude("BB_NUMBER_THREADS")
+def read_subpkgdata_extended(pkg, d):
+    import json
+    import bb.compress.zstd
+
+    fn = d.expand("${PKGDATA_DIR}/extended/%s.json.zstd" % pkg)
+    try:
+        num_threads = int(d.getVar("BB_NUMBER_THREADS"))
+        with bb.compress.zstd.open(fn, "rt", encoding="utf-8", num_threads=num_threads) as f:
+            return json.load(f)
+    except FileNotFoundError:
+        return None
+
 def _pkgmap(d):
     """Return a dictionary mapping package to recipe name."""
 
@@ -96,3 +117,253 @@ def recipename(pkg, d):
     """Return the recipe name for the given binary package name."""
 
     return pkgmap(d).get(pkg)
+
+def foreach_runtime_provider_pkgdata(d, rdep, include_rdep=False):
+    pkgdata_dir = d.getVar("PKGDATA_DIR")
+    possibles = set()
+    try:
+        possibles |= set(os.listdir("%s/runtime-rprovides/%s/" % (pkgdata_dir, rdep)))
+    except OSError:
+        pass
+
+    if include_rdep:
+        possibles.add(rdep)
+
+    for p in sorted(list(possibles)):
+        rdep_data = read_subpkgdata(p, d)
+        yield p, rdep_data
+
+def get_package_mapping(pkg, basepkg, d, depversions=None):
+    import oe.packagedata
+
+    data = oe.packagedata.read_subpkgdata(pkg, d)
+    key = "PKG:%s" % pkg
+
+    if key in data:
+        if bb.data.inherits_class('allarch', d) and bb.data.inherits_class('packagegroup', d) and pkg != data[key]:
+            bb.error("An allarch packagegroup shouldn't depend on packages which are dynamically renamed (%s to %s)" % (pkg, data[key]))
+        # Have to avoid undoing the write_extra_pkgs(global_variants...)
+        if bb.data.inherits_class('allarch', d) and not d.getVar('MULTILIB_VARIANTS') \
+            and data[key] == basepkg:
+            return pkg
+        if depversions == []:
+            # Avoid returning a mapping if the renamed package rprovides its original name
+            rprovkey = "RPROVIDES:%s" % pkg
+            if rprovkey in data:
+                if pkg in bb.utils.explode_dep_versions2(data[rprovkey]):
+                    bb.note("%s rprovides %s, not replacing the latter" % (data[key], pkg))
+                    return pkg
+        # Do map to rewritten package name
+        return data[key]
+
+    return pkg
+
+def get_package_additional_metadata(pkg_type, d):
+    base_key = "PACKAGE_ADD_METADATA"
+    for key in ("%s_%s" % (base_key, pkg_type.upper()), base_key):
+        if d.getVar(key, False) is None:
+            continue
+        d.setVarFlag(key, "type", "list")
+        if d.getVarFlag(key, "separator") is None:
+            d.setVarFlag(key, "separator", "\\n")
+        metadata_fields = [field.strip() for field in oe.data.typed_value(key, d)]
+        return "\n".join(metadata_fields).strip()
+
+def runtime_mapping_rename(varname, pkg, d):
+    #bb.note("%s before: %s" % (varname, d.getVar(varname)))
+
+    new_depends = {}
+    deps = bb.utils.explode_dep_versions2(d.getVar(varname) or "")
+    for depend, depversions in deps.items():
+        new_depend = get_package_mapping(depend, pkg, d, depversions)
+        if depend != new_depend:
+            bb.note("package name mapping done: %s -> %s" % (depend, new_depend))
+        new_depends[new_depend] = deps[depend]
+
+    d.setVar(varname, bb.utils.join_deps(new_depends, commasep=False))
+
+    #bb.note("%s after: %s" % (varname, d.getVar(varname)))
+
+@bb.parse.vardepsexclude("BB_NUMBER_THREADS")
+def emit_pkgdata(pkgfiles, d):
+    def process_postinst_on_target(pkg, mlprefix):
+        pkgval = d.getVar('PKG:%s' % pkg)
+        if pkgval is None:
+            pkgval = pkg
+
+        defer_fragment = """
+if [ -n "$D" ]; then
+    $INTERCEPT_DIR/postinst_intercept delay_to_first_boot %s mlprefix=%s
+    exit 0
+fi
+""" % (pkgval, mlprefix)
+
+        postinst = d.getVar('pkg_postinst:%s' % pkg)
+        postinst_ontarget = d.getVar('pkg_postinst_ontarget:%s' % pkg)
+
+        if postinst_ontarget:
+            bb.debug(1, 'adding deferred pkg_postinst_ontarget() to pkg_postinst() for %s' % pkg)
+            if not postinst:
+                postinst = '#!/bin/sh\n'
+            postinst += defer_fragment
+            postinst += postinst_ontarget
+            d.setVar('pkg_postinst:%s' % pkg, postinst)
+
+    def add_set_e_to_scriptlets(pkg):
+        for scriptlet_name in ('pkg_preinst', 'pkg_postinst', 'pkg_prerm', 'pkg_postrm'):
+            scriptlet = d.getVar('%s:%s' % (scriptlet_name, pkg))
+            if scriptlet:
+                scriptlet_split = scriptlet.split('\n')
+                if scriptlet_split[0].startswith("#!"):
+                    scriptlet = scriptlet_split[0] + "\nset -e\n" + "\n".join(scriptlet_split[1:])
+                else:
+                    scriptlet = "set -e\n" + "\n".join(scriptlet_split[0:])
+            d.setVar('%s:%s' % (scriptlet_name, pkg), scriptlet)
+
+    def write_if_exists(f, pkg, var):
+        def encode(str):
+            import codecs
+            c = codecs.getencoder("unicode_escape")
+            return c(str)[0].decode("latin1")
+
+        val = d.getVar('%s:%s' % (var, pkg))
+        if val:
+            f.write('%s:%s: %s\n' % (var, pkg, encode(val)))
+            return val
+        val = d.getVar('%s' % (var))
+        if val:
+            f.write('%s: %s\n' % (var, encode(val)))
+        return val
+
+    def write_extra_pkgs(variants, pn, packages, pkgdatadir):
+        for variant in variants:
+            with open("%s/%s-%s" % (pkgdatadir, variant, pn), 'w') as fd:
+                fd.write("PACKAGES: %s\n" % ' '.join(
+                            map(lambda pkg: '%s-%s' % (variant, pkg), packages.split())))
+
+    def write_extra_runtime_pkgs(variants, packages, pkgdatadir):
+        for variant in variants:
+            for pkg in packages.split():
+                ml_pkg = "%s-%s" % (variant, pkg)
+                subdata_file = "%s/runtime/%s" % (pkgdatadir, ml_pkg)
+                with open(subdata_file, 'w') as fd:
+                    fd.write("PKG:%s: %s" % (ml_pkg, pkg))
+
+    packages = d.getVar('PACKAGES')
+    pkgdest = d.getVar('PKGDEST')
+    pkgdatadir = d.getVar('PKGDESTWORK')
+
+    data_file = pkgdatadir + d.expand("/${PN}")
+    with open(data_file, 'w') as fd:
+        fd.write("PACKAGES: %s\n" % packages)
+
+    pkgdebugsource = d.getVar("PKGDEBUGSOURCES") or []
+
+    pn = d.getVar('PN')
+    global_variants = (d.getVar('MULTILIB_GLOBAL_VARIANTS') or "").split()
+    variants = (d.getVar('MULTILIB_VARIANTS') or "").split()
+
+    if bb.data.inherits_class('kernel', d) or bb.data.inherits_class('module-base', d):
+        write_extra_pkgs(variants, pn, packages, pkgdatadir)
+
+    if bb.data.inherits_class('allarch', d) and not variants \
+        and not bb.data.inherits_class('packagegroup', d):
+        write_extra_pkgs(global_variants, pn, packages, pkgdatadir)
+
+    workdir = d.getVar('WORKDIR')
+
+    for pkg in packages.split():
+        pkgval = d.getVar('PKG:%s' % pkg)
+        if pkgval is None:
+            pkgval = pkg
+            d.setVar('PKG:%s' % pkg, pkg)
+
+        extended_data = {
+            "files_info": {}
+        }
+
+        pkgdestpkg = os.path.join(pkgdest, pkg)
+        files = {}
+        files_extra = {}
+        total_size = 0
+        seen = set()
+        for f in pkgfiles[pkg]:
+            fpath = os.sep + os.path.relpath(f, pkgdestpkg)
+
+            fstat = os.lstat(f)
+            files[fpath] = fstat.st_size
+
+            extended_data["files_info"].setdefault(fpath, {})
+            extended_data["files_info"][fpath]['size'] = fstat.st_size
+
+            if fstat.st_ino not in seen:
+                seen.add(fstat.st_ino)
+                total_size += fstat.st_size
+
+            if fpath in pkgdebugsource:
+                extended_data["files_info"][fpath]['debugsrc'] = pkgdebugsource[fpath]
+                del pkgdebugsource[fpath]
+
+        d.setVar('FILES_INFO:' + pkg , json.dumps(files, sort_keys=True))
+
+        process_postinst_on_target(pkg, d.getVar("MLPREFIX"))
+        add_set_e_to_scriptlets(pkg)
+
+        subdata_file = pkgdatadir + "/runtime/%s" % pkg
+        with open(subdata_file, 'w') as sf:
+            for var in (d.getVar('PKGDATA_VARS') or "").split():
+                val = write_if_exists(sf, pkg, var)
+
+            write_if_exists(sf, pkg, 'FILERPROVIDESFLIST')
+            for dfile in sorted((d.getVar('FILERPROVIDESFLIST:' + pkg) or "").split()):
+                write_if_exists(sf, pkg, 'FILERPROVIDES:' + dfile)
+
+            write_if_exists(sf, pkg, 'FILERDEPENDSFLIST')
+            for dfile in sorted((d.getVar('FILERDEPENDSFLIST:' + pkg) or "").split()):
+                write_if_exists(sf, pkg, 'FILERDEPENDS:' + dfile)
+
+            sf.write('%s:%s: %d\n' % ('PKGSIZE', pkg, total_size))
+
+        subdata_extended_file = pkgdatadir + "/extended/%s.json.zstd" % pkg
+        num_threads = int(d.getVar("BB_NUMBER_THREADS"))
+        with bb.compress.zstd.open(subdata_extended_file, "wt", encoding="utf-8", num_threads=num_threads) as f:
+            json.dump(extended_data, f, sort_keys=True, separators=(",", ":"))
+
+        # Symlinks needed for rprovides lookup
+        rprov = d.getVar('RPROVIDES:%s' % pkg) or d.getVar('RPROVIDES')
+        if rprov:
+            for p in bb.utils.explode_deps(rprov):
+                subdata_sym = pkgdatadir + "/runtime-rprovides/%s/%s" % (p, pkg)
+                bb.utils.mkdirhier(os.path.dirname(subdata_sym))
+                oe.path.relsymlink(subdata_file, subdata_sym, True)
+
+        allow_empty = d.getVar('ALLOW_EMPTY:%s' % pkg)
+        if not allow_empty:
+            allow_empty = d.getVar('ALLOW_EMPTY')
+        root = "%s/%s" % (pkgdest, pkg)
+        os.chdir(root)
+        g = glob('*')
+        if g or allow_empty == "1":
+            # Symlinks needed for reverse lookups (from the final package name)
+            subdata_sym = pkgdatadir + "/runtime-reverse/%s" % pkgval
+            oe.path.relsymlink(subdata_file, subdata_sym, True)
+
+            packagedfile = pkgdatadir + '/runtime/%s.packaged' % pkg
+            open(packagedfile, 'w').close()
+
+    if bb.data.inherits_class('kernel', d) or bb.data.inherits_class('module-base', d):
+        write_extra_runtime_pkgs(variants, packages, pkgdatadir)
+
+    if bb.data.inherits_class('allarch', d) and not variants \
+        and not bb.data.inherits_class('packagegroup', d):
+        write_extra_runtime_pkgs(global_variants, packages, pkgdatadir)
+
+def mapping_rename_hook(d):
+    """
+    Rewrite variables to account for package renaming in things
+    like debian.bbclass or manual PKG variable name changes
+    """
+    pkg = d.getVar("PKG")
+    oe.packagedata.runtime_mapping_rename("RDEPENDS", pkg, d)
+    oe.packagedata.runtime_mapping_rename("RRECOMMENDS", pkg, d)
+    oe.packagedata.runtime_mapping_rename("RSUGGESTS", pkg, d)
diff --git a/meta/lib/oe/packagegroup.py b/meta/lib/oe/packagegroup.py
index 8fcaecde82..7b7594751a 100644
--- a/meta/lib/oe/packagegroup.py
+++ b/meta/lib/oe/packagegroup.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
diff --git a/meta/lib/oe/patch.py b/meta/lib/oe/patch.py
index fccbedb519..edd77196ee 100644
--- a/meta/lib/oe/patch.py
+++ b/meta/lib/oe/patch.py
@@ -1,7 +1,12 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
+import os
+import shlex
+import subprocess
 import oe.path
 import oe.types
 
@@ -24,9 +29,6 @@ class CmdError(bb.BBHandledException):
 
 
 def runcmd(args, dir = None):
-    import pipes
-    import subprocess
-
     if dir:
         olddir = os.path.abspath(os.curdir)
         if not os.path.exists(dir):
@@ -35,7 +37,7 @@ def runcmd(args, dir = None):
         # print("cwd: %s -> %s" % (olddir, dir))
 
     try:
-        args = [ pipes.quote(str(arg)) for arg in args ]
+        args = [ shlex.quote(str(arg)) for arg in args ]
         cmd = " ".join(args)
         # print("cmd: %s" % cmd)
         proc = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
@@ -56,6 +58,7 @@ def runcmd(args, dir = None):
         if dir:
             os.chdir(olddir)
 
+
 class PatchError(Exception):
     def __init__(self, msg):
         self.msg = msg
@@ -214,7 +217,7 @@ class PatchTree(PatchSet):
         with open(self.seriespath, 'w') as f:
             for p in patches:
                 f.write(p)
-         
+
     def Import(self, patch, force = None):
         """"""
         PatchSet.Import(self, patch, force)
@@ -291,13 +294,32 @@ class PatchTree(PatchSet):
         self.Pop(all=True)
 
 class GitApplyTree(PatchTree):
-    patch_line_prefix = '%% original patch'
-    ignore_commit_prefix = '%% ignore'
+    notes_ref = "refs/notes/devtool"
+    original_patch = 'original patch'
+    ignore_commit = 'ignore'
 
     def __init__(self, dir, d):
         PatchTree.__init__(self, dir, d)
         self.commituser = d.getVar('PATCH_GIT_USER_NAME')
         self.commitemail = d.getVar('PATCH_GIT_USER_EMAIL')
+        if not self._isInitialized(d):
+            self._initRepo()
+
+    def _isInitialized(self, d):
+        cmd = "git rev-parse --show-toplevel"
+        try:
+            output = runcmd(cmd.split(), self.dir).strip()
+        except CmdError as err:
+            ## runcmd returned non-zero which most likely means 128
+            ## Not a git directory
+            return False
+        ## Make sure repo is in builddir to not break top-level git repos, or under workdir
+        return os.path.samefile(output, self.dir) or oe.path.is_path_parent(d.getVar('WORKDIR'), output)
+
+    def _initRepo(self):
+        runcmd("git init".split(), self.dir)
+        runcmd("git add .".split(), self.dir)
+        runcmd("git commit -a --allow-empty -m bitbake_patching_started".split(), self.dir)
 
     @staticmethod
     def extractPatchHeader(patchfile):
@@ -431,7 +453,7 @@ class GitApplyTree(PatchTree):
         # Prepare git command
         cmd = ["git"]
         GitApplyTree.gitCommandUserOptions(cmd, commituser, commitemail)
-        cmd += ["commit", "-F", tmpfile]
+        cmd += ["commit", "-F", tmpfile, "--no-verify"]
         # git doesn't like plain email addresses as authors
         if author and '<' in author:
             cmd.append('--author="%s"' % author)
@@ -440,44 +462,133 @@ class GitApplyTree(PatchTree):
         return (tmpfile, cmd)
 
     @staticmethod
-    def extractPatches(tree, startcommit, outdir, paths=None):
+    def addNote(repo, ref, key, value=None, commituser=None, commitemail=None):
+        note = key + (": %s" % value if value else "")
+        notes_ref = GitApplyTree.notes_ref
+        runcmd(["git", "config", "notes.rewriteMode", "ignore"], repo)
+        runcmd(["git", "config", "notes.displayRef", notes_ref, notes_ref], repo)
+        runcmd(["git", "config", "notes.rewriteRef", notes_ref, notes_ref], repo)
+        cmd = ["git"]
+        GitApplyTree.gitCommandUserOptions(cmd, commituser, commitemail)
+        runcmd(cmd + ["notes", "--ref", notes_ref, "append", "-m", note, ref], repo)
+
+    @staticmethod
+    def removeNote(repo, ref, key, commituser=None, commitemail=None):
+        notes = GitApplyTree.getNotes(repo, ref)
+        notes = {k: v for k, v in notes.items() if k != key and not k.startswith(key + ":")}
+        runcmd(["git", "notes", "--ref", GitApplyTree.notes_ref, "remove", "--ignore-missing", ref], repo)
+        for note, value in notes.items():
+            GitApplyTree.addNote(repo, ref, note, value, commituser, commitemail)
+
+    @staticmethod
+    def getNotes(repo, ref):
+        import re
+
+        note = None
+        try:
+            note = runcmd(["git", "notes", "--ref", GitApplyTree.notes_ref, "show", ref], repo)
+            prefix = ""
+        except CmdError:
+            note = runcmd(['git', 'show', '-s', '--format=%B', ref], repo)
+            prefix = "%% "
+
+        note_re = re.compile(r'^%s(.*?)(?::\s*(.*))?$' % prefix)
+        notes = dict()
+        for line in note.splitlines():
+            m = note_re.match(line)
+            if m:
+                notes[m.group(1)] = m.group(2)
+
+        return notes
+
+    @staticmethod
+    def commitIgnored(subject, dir=None, files=None, d=None):
+        if files:
+            runcmd(['git', 'add'] + files, dir)
+        cmd = ["git"]
+        GitApplyTree.gitCommandUserOptions(cmd, d=d)
+        cmd += ["commit", "-m", subject, "--no-verify"]
+        runcmd(cmd, dir)
+        GitApplyTree.addNote(dir, "HEAD", GitApplyTree.ignore_commit, d.getVar('PATCH_GIT_USER_NAME'), d.getVar('PATCH_GIT_USER_EMAIL'))
+
+    @staticmethod
+    def extractPatches(tree, startcommits, outdir, paths=None):
         import tempfile
         import shutil
         tempdir = tempfile.mkdtemp(prefix='oepatch')
         try:
-            shellcmd = ["git", "format-patch", "--no-signature", "--no-numbered", startcommit, "-o", tempdir]
-            if paths:
-                shellcmd.append('--')
-                shellcmd.extend(paths)
-            out = runcmd(["sh", "-c", " ".join(shellcmd)], tree)
-            if out:
-                for srcfile in out.split():
-                    for encoding in ['utf-8', 'latin-1']:
-                        patchlines = []
-                        outfile = None
-                        try:
-                            with open(srcfile, 'r', encoding=encoding) as f:
-                                for line in f:
-                                    if line.startswith(GitApplyTree.patch_line_prefix):
-                                        outfile = line.split()[-1].strip()
-                                        continue
-                                    if line.startswith(GitApplyTree.ignore_commit_prefix):
-                                        continue
-                                    patchlines.append(line)
-                        except UnicodeDecodeError:
+            for name, rev in startcommits.items():
+                shellcmd = ["git", "format-patch", "--no-signature", "--no-numbered", rev, "-o", tempdir]
+                if paths:
+                    shellcmd.append('--')
+                    shellcmd.extend(paths)
+                out = runcmd(["sh", "-c", " ".join(shellcmd)], os.path.join(tree, name))
+                if out:
+                    for srcfile in out.split():
+                        # This loop, which is used to remove any line that
+                        # starts with "%% original patch", is kept for backwards
+                        # compatibility. If/when that compatibility is dropped,
+                        # it can be replaced with code to just read the first
+                        # line of the patch file to get the SHA-1, and the code
+                        # below that writes the modified patch file can be
+                        # replaced with a simple file move.
+                        for encoding in ['utf-8', 'latin-1']:
+                            patchlines = []
+                            try:
+                                with open(srcfile, 'r', encoding=encoding, newline='') as f:
+                                    for line in f:
+                                        if line.startswith("%% " + GitApplyTree.original_patch):
+                                            continue
+                                        patchlines.append(line)
+                            except UnicodeDecodeError:
+                                continue
+                            break
+                        else:
+                            raise PatchError('Unable to find a character encoding to decode %s' % srcfile)
+
+                        sha1 = patchlines[0].split()[1]
+                        notes = GitApplyTree.getNotes(os.path.join(tree, name), sha1)
+                        if GitApplyTree.ignore_commit in notes:
                             continue
-                        break
-                    else:
-                        raise PatchError('Unable to find a character encoding to decode %s' % srcfile)
-
-                    if not outfile:
-                        outfile = os.path.basename(srcfile)
-                    with open(os.path.join(outdir, outfile), 'w') as of:
-                        for line in patchlines:
-                            of.write(line)
+                        outfile = notes.get(GitApplyTree.original_patch, os.path.basename(srcfile))
+
+                        bb.utils.mkdirhier(os.path.join(outdir, name))
+                        with open(os.path.join(outdir, name, outfile), 'w') as of:
+                            for line in patchlines:
+                                of.write(line)
         finally:
             shutil.rmtree(tempdir)
 
+    def _need_dirty_check(self):
+        fetch = bb.fetch2.Fetch([], self.d)
+        check_dirtyness = False
+        for url in fetch.urls:
+            url_data = fetch.ud[url]
+            parm = url_data.parm
+            # a git url with subpath param will surely be dirty
+            # since the git tree from which we clone will be emptied
+            # from all files that are not in the subpath
+            if url_data.type == 'git' and parm.get('subpath'):
+                check_dirtyness = True
+        return check_dirtyness
+
+    def _commitpatch(self, patch, patchfilevar):
+        output = ""
+        # Add all files
+        shellcmd = ["git", "add", "-f", "-A", "."]
+        output += runcmd(["sh", "-c", " ".join(shellcmd)], self.dir)
+        # Exclude the patches directory
+        shellcmd = ["git", "reset", "HEAD", self.patchdir]
+        output += runcmd(["sh", "-c", " ".join(shellcmd)], self.dir)
+        # Commit the result
+        (tmpfile, shellcmd) = self.prepareCommit(patch['file'], self.commituser, self.commitemail)
+        try:
+            shellcmd.insert(0, patchfilevar)
+            output += runcmd(["sh", "-c", " ".join(shellcmd)], self.dir)
+        finally:
+            os.remove(tmpfile)
+        return output
+
     def _applypatch(self, patch, force = False, reverse = False, run = True):
         import shutil
 
@@ -492,27 +603,26 @@ class GitApplyTree(PatchTree):
 
             return runcmd(["sh", "-c", " ".join(shellcmd)], self.dir)
 
-        # Add hooks which add a pointer to the original patch file name in the commit message
         reporoot = (runcmd("git rev-parse --show-toplevel".split(), self.dir) or '').strip()
         if not reporoot:
             raise Exception("Cannot get repository root for directory %s" % self.dir)
-        hooks_dir = os.path.join(reporoot, '.git', 'hooks')
-        hooks_dir_backup = hooks_dir + '.devtool-orig'
-        if os.path.lexists(hooks_dir_backup):
-            raise Exception("Git hooks backup directory already exists: %s" % hooks_dir_backup)
-        if os.path.lexists(hooks_dir):
-            shutil.move(hooks_dir, hooks_dir_backup)
-        os.mkdir(hooks_dir)
-        commithook = os.path.join(hooks_dir, 'commit-msg')
-        applyhook = os.path.join(hooks_dir, 'applypatch-msg')
-        with open(commithook, 'w') as f:
-            # NOTE: the formatting here is significant; if you change it you'll also need to
-            # change other places which read it back
-            f.write('echo "\n%s: $PATCHFILE" >> $1' % GitApplyTree.patch_line_prefix)
-        os.chmod(commithook, 0o755)
-        shutil.copy2(commithook, applyhook)
+
+        patch_applied = True
         try:
             patchfilevar = 'PATCHFILE="%s"' % os.path.basename(patch['file'])
+            if self._need_dirty_check():
+                # Check dirtyness of the tree
+                try:
+                    output = runcmd(["git", "--work-tree=%s" % reporoot, "status", "--short"])
+                except CmdError:
+                    pass
+                else:
+                    if output:
+                        # The tree is dirty, no need to try to apply patches with git anymore
+                        # since they fail, fallback directly to patch
+                        output = PatchTree._applypatch(self, patch, force, reverse, run)
+                        output += self._commitpatch(patch, patchfilevar)
+                        return output
             try:
                 shellcmd = [patchfilevar, "git", "--work-tree=%s" % reporoot]
                 self.gitCommandUserOptions(shellcmd, self.commituser, self.commitemail)
@@ -539,24 +649,14 @@ class GitApplyTree(PatchTree):
                 except CmdError:
                     # Fall back to patch
                     output = PatchTree._applypatch(self, patch, force, reverse, run)
-                # Add all files
-                shellcmd = ["git", "add", "-f", "-A", "."]
-                output += runcmd(["sh", "-c", " ".join(shellcmd)], self.dir)
-                # Exclude the patches directory
-                shellcmd = ["git", "reset", "HEAD", self.patchdir]
-                output += runcmd(["sh", "-c", " ".join(shellcmd)], self.dir)
-                # Commit the result
-                (tmpfile, shellcmd) = self.prepareCommit(patch['file'], self.commituser, self.commitemail)
-                try:
-                    shellcmd.insert(0, patchfilevar)
-                    output += runcmd(["sh", "-c", " ".join(shellcmd)], self.dir)
-                finally:
-                    os.remove(tmpfile)
+                output += self._commitpatch(patch, patchfilevar)
                 return output
+        except:
+            patch_applied = False
+            raise
         finally:
-            shutil.rmtree(hooks_dir)
-            if os.path.lexists(hooks_dir_backup):
-                shutil.move(hooks_dir_backup, hooks_dir)
+            if patch_applied:
+                GitApplyTree.addNote(self.dir, "HEAD", GitApplyTree.original_patch, os.path.basename(patch['file']), self.commituser, self.commitemail)
 
 
 class QuiltTree(PatchSet):
@@ -579,6 +679,8 @@ class QuiltTree(PatchSet):
 
     def Clean(self):
         try:
+            # make sure that patches/series file exists before quilt pop to keep quilt-0.67 happy
+            open(os.path.join(self.dir, "patches","series"), 'a').close()
             self._runcmd(["pop", "-a", "-f"])
             oe.path.remove(os.path.join(self.dir, "patches","series"))
         except Exception:
@@ -715,8 +817,9 @@ class NOOPResolver(Resolver):
             self.patchset.Push()
         except Exception:
             import sys
-            os.chdir(olddir)
             raise
+        finally:
+            os.chdir(olddir)
 
 # Patch resolver which relies on the user doing all the work involved in the
 # resolution, with the exception of refreshing the remote copy of the patch
@@ -776,12 +879,12 @@ class UserResolver(Resolver):
                             # User did not fix the problem.  Abort.
                             raise PatchError("Patch application failed, and user did not fix and refresh the patch.")
         except Exception:
-            os.chdir(olddir)
             raise
-        os.chdir(olddir)
+        finally:
+            os.chdir(olddir)
 
 
-def patch_path(url, fetch, workdir, expand=True):
+def patch_path(url, fetch, unpackdir, expand=True):
     """Return the local path of a patch, or return nothing if this isn't a patch"""
 
     local = fetch.localpath(url)
@@ -790,7 +893,7 @@ def patch_path(url, fetch, workdir, expand=True):
     base, ext = os.path.splitext(os.path.basename(local))
     if ext in ('.gz', '.bz2', '.xz', '.Z'):
         if expand:
-            local = os.path.join(workdir, base)
+            local = os.path.join(unpackdir, base)
         ext = os.path.splitext(base)[1]
 
     urldata = fetch.ud[url]
@@ -804,12 +907,12 @@ def patch_path(url, fetch, workdir, expand=True):
     return local
 
 def src_patches(d, all=False, expand=True):
-    workdir = d.getVar('WORKDIR')
+    unpackdir = d.getVar('UNPACKDIR')
     fetch = bb.fetch2.Fetch([], d)
     patches = []
     sources = []
     for url in fetch.urls:
-        local = patch_path(url, fetch, workdir, expand)
+        local = patch_path(url, fetch, unpackdir, expand)
         if not local:
             if all:
                 local = fetch.localpath(url)
@@ -898,4 +1001,3 @@ def should_apply(parm, d):
             return False, "applies to later version"
 
     return True, None
-
diff --git a/meta/lib/oe/path.py b/meta/lib/oe/path.py
index c8d8ad05b9..a1efe97d88 100644
--- a/meta/lib/oe/path.py
+++ b/meta/lib/oe/path.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
@@ -8,6 +10,8 @@ import shutil
 import subprocess
 import os.path
 
+import bb.parse
+
 def join(*paths):
     """Like os.path.join but doesn't treat absolute RHS specially"""
     return os.path.normpath("/".join(paths))
@@ -75,6 +79,7 @@ def replace_absolute_symlinks(basedir, d):
             os.remove(path)
             os.symlink(base, path)
 
+@bb.parse.vardepsexclude("TOPDIR")
 def format_display(path, metadata):
     """ Prepare a path for display to the user. """
     rel = relative(metadata.getVar("TOPDIR"), path)
@@ -123,7 +128,8 @@ def copyhardlinktree(src, dst):
         if os.path.isdir(src):
             if len(glob.glob('%s/.??*' % src)) > 0:
                 source = './.??* '
-            source += './*'
+            if len(glob.glob('%s/**' % src)) > 0:
+                source += './*'
             s_dir = src
         else:
             source = src
@@ -169,6 +175,9 @@ def symlink(source, destination, force=False):
         if e.errno != errno.EEXIST or os.readlink(destination) != source:
             raise
 
+def relsymlink(target, name, force=False):
+    symlink(os.path.relpath(target, os.path.dirname(name)), name, force=force)
+
 def find(dir, **walkoptions):
     """ Given a directory, recurses into that directory,
     returning all files as absolute paths. """
diff --git a/meta/lib/oe/prservice.py b/meta/lib/oe/prservice.py
index fcdbe66c19..c41242c878 100644
--- a/meta/lib/oe/prservice.py
+++ b/meta/lib/oe/prservice.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
@@ -7,11 +9,10 @@ def prserv_make_conn(d, check = False):
     host_params = list([_f for _f in (d.getVar("PRSERV_HOST") or '').split(':') if _f])
     try:
         conn = None
-        conn = prserv.serv.PRServerConnection(host_params[0], int(host_params[1]))
+        conn = prserv.serv.connect(host_params[0], int(host_params[1]))
         if check:
             if not conn.ping():
                 raise Exception('service not available')
-        d.setVar("__PRSERV_CONN",conn)
     except Exception as exc:
         bb.fatal("Connecting to PR service %s:%s failed: %s" % (host_params[0], host_params[1], str(exc)))
 
@@ -22,31 +23,29 @@ def prserv_dump_db(d):
         bb.error("Not using network based PR service")
         return None
 
-    conn = d.getVar("__PRSERV_CONN")
+    conn = prserv_make_conn(d)
     if conn is None:
-        conn = prserv_make_conn(d)
-        if conn is None:
-            bb.error("Making connection failed to remote PR service")
-            return None
+        bb.error("Making connection failed to remote PR service")
+        return None
 
     #dump db
     opt_version = d.getVar('PRSERV_DUMPOPT_VERSION')
     opt_pkgarch = d.getVar('PRSERV_DUMPOPT_PKGARCH')
     opt_checksum = d.getVar('PRSERV_DUMPOPT_CHECKSUM')
     opt_col = ("1" == d.getVar('PRSERV_DUMPOPT_COL'))
-    return conn.export(opt_version, opt_pkgarch, opt_checksum, opt_col)
+    d = conn.export(opt_version, opt_pkgarch, opt_checksum, opt_col)
+    conn.close()
+    return d
 
 def prserv_import_db(d, filter_version=None, filter_pkgarch=None, filter_checksum=None):
     if not d.getVar('PRSERV_HOST'):
         bb.error("Not using network based PR service")
         return None
 
-    conn = d.getVar("__PRSERV_CONN")
+    conn = prserv_make_conn(d)
     if conn is None:
-        conn = prserv_make_conn(d)
-        if conn is None:
-            bb.error("Making connection failed to remote PR service")
-            return None
+        bb.error("Making connection failed to remote PR service")
+        return None
     #get the entry values
     imported = []
     prefix = "PRAUTO$"
@@ -70,6 +69,7 @@ def prserv_import_db(d, filter_version=None, filter_pkgarch=None, filter_checksu
                 bb.error("importing(%s,%s,%s,%d) failed. DB may have larger value %d" % (version,pkgarch,checksum,value,ret))
             else:
                imported.append((version,pkgarch,checksum,value))
+    conn.close()
     return imported
 
 def prserv_export_tofile(d, metainfo, datainfo, lockdown, nomax=False):
@@ -78,8 +78,7 @@ def prserv_export_tofile(d, metainfo, datainfo, lockdown, nomax=False):
     bb.utils.mkdirhier(d.getVar('PRSERV_DUMPDIR'))
     df = d.getVar('PRSERV_DUMPFILE')
     #write data
-    lf = bb.utils.lockfile("%s.lock" % df)
-    with open(df, "a") as f:
+    with open(df, "a") as f, bb.utils.fileslocked(["%s.lock" % df]) as locks:
         if metainfo:
             #dump column info
             f.write("#PR_core_ver = \"%s\"\n\n" % metainfo['core_ver']);
@@ -113,7 +112,6 @@ def prserv_export_tofile(d, metainfo, datainfo, lockdown, nomax=False):
             if not nomax:
                 for i in idx:
                     f.write("PRAUTO_%s_%s = \"%s\"\n" % (str(datainfo[idx[i]]['version']),str(datainfo[idx[i]]['pkgarch']),str(datainfo[idx[i]]['value'])))
-    bb.utils.unlockfile(lf)
 
 def prserv_check_avail(d):
     host_params = list([_f for _f in (d.getVar("PRSERV_HOST") or '').split(':') if _f])
@@ -125,4 +123,5 @@ def prserv_check_avail(d):
     except TypeError:
         bb.fatal('Undefined/incorrect PRSERV_HOST value. Format: "host:port"')
     else:
-        prserv_make_conn(d, True)
+        conn = prserv_make_conn(d, True)
+        conn.close()
diff --git a/meta/lib/oe/qa.py b/meta/lib/oe/qa.py
index e8a854a302..cd36cb5070 100644
--- a/meta/lib/oe/qa.py
+++ b/meta/lib/oe/qa.py
@@ -1,7 +1,10 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
+import ast
 import os, struct, mmap
 
 class NotELFFileError(Exception):
@@ -48,6 +51,9 @@ class ELFFile:
         return self
 
     def __exit__(self, exc_type, exc_value, traceback):
+        self.close()
+
+    def close(self):
         if self.data:
             self.data.close()
 
@@ -128,6 +134,9 @@ class ELFFile:
         """
         return self.getShort(ELFFile.E_MACHINE)
 
+    def set_objdump(self, cmd, output):
+        self.objdump_output[cmd] = output
+
     def run_objdump(self, cmd, d):
         import bb.process
         import sys
@@ -171,6 +180,66 @@ def elf_machine_to_string(machine):
     except:
         return "Unknown (%s)" % repr(machine)
 
+def write_error(type, error, d):
+    logfile = d.getVar('QA_LOGFILE')
+    if logfile:
+        p = d.getVar('P')
+        with open(logfile, "a+") as f:
+            f.write("%s: %s [%s]\n" % (p, error, type))
+
+def handle_error_visitorcode(name, args):
+    execs = set()
+    contains = {}
+    warn = None
+    if isinstance(args[0], ast.Constant) and isinstance(args[0].value, str):
+        for i in ["ERROR_QA", "WARN_QA"]:
+            if i not in contains:
+                contains[i] = set()
+            contains[i].add(args[0].value)
+    else:
+        warn = args[0]
+        execs.add(name)
+    return contains, execs, warn
+
+def handle_error(error_class, error_msg, d):
+    if error_class in (d.getVar("ERROR_QA") or "").split():
+        write_error(error_class, error_msg, d)
+        bb.error("QA Issue: %s [%s]" % (error_msg, error_class))
+        d.setVar("QA_ERRORS_FOUND", "True")
+        return False
+    elif error_class in (d.getVar("WARN_QA") or "").split():
+        write_error(error_class, error_msg, d)
+        bb.warn("QA Issue: %s [%s]" % (error_msg, error_class))
+    else:
+        bb.note("QA Issue: %s [%s]" % (error_msg, error_class))
+    return True
+handle_error.visitorcode = handle_error_visitorcode
+
+def exit_with_message_if_errors(message, d):
+    qa_fatal_errors = bb.utils.to_boolean(d.getVar("QA_ERRORS_FOUND"), False)
+    if qa_fatal_errors:
+        bb.fatal(message)
+
+def exit_if_errors(d):
+    exit_with_message_if_errors("Fatal QA errors were found, failing task.", d)
+
+def check_upstream_status(fullpath):
+    import re
+    kinda_status_re = re.compile(r"^.*upstream.*status.*$", re.IGNORECASE | re.MULTILINE)
+    strict_status_re = re.compile(r"^Upstream-Status: (Pending|Submitted|Denied|Inappropriate|Backport|Inactive-Upstream)( .+)?$", re.MULTILINE)
+    guidelines = "https://docs.yoctoproject.org/contributor-guide/recipe-style-guide.html#patch-upstream-status"
+
+    with open(fullpath, encoding='utf-8', errors='ignore') as f:
+        file_content = f.read()
+        match_kinda = kinda_status_re.search(file_content)
+        match_strict = strict_status_re.search(file_content)
+
+        if not match_strict:
+            if match_kinda:
+                return "Malformed Upstream-Status in patch\n%s\nPlease correct according to %s :\n%s" % (fullpath, guidelines, match_kinda.group(0))
+            else:
+                return "Missing Upstream-Status in patch\n%s\nPlease add according to %s ." % (fullpath, guidelines)
+
 if __name__ == "__main__":
     import sys
 
diff --git a/meta/lib/oe/qemu.py b/meta/lib/oe/qemu.py
new file mode 100644
index 0000000000..769865036c
--- /dev/null
+++ b/meta/lib/oe/qemu.py
@@ -0,0 +1,54 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+
+def qemu_target_binary(d):
+    package_arch = d.getVar("PACKAGE_ARCH")
+    qemu_target_binary = (d.getVar("QEMU_TARGET_BINARY_%s" % package_arch) or "")
+    if qemu_target_binary:
+        return qemu_target_binary
+
+    target_arch = d.getVar("TARGET_ARCH")
+    if target_arch in ("i486", "i586", "i686"):
+        target_arch = "i386"
+    elif target_arch == "powerpc":
+        target_arch = "ppc"
+    elif target_arch == "powerpc64":
+        target_arch = "ppc64"
+    elif target_arch == "powerpc64le":
+        target_arch = "ppc64le"
+
+    return "qemu-" + target_arch
+
+def qemu_wrapper_cmdline(d, rootfs_path, library_paths, qemu_options=None):
+    import string
+
+    package_arch = d.getVar("PACKAGE_ARCH")
+    if package_arch == "all":
+        return "false"
+
+    qemu_binary = qemu_target_binary(d)
+    if qemu_binary == "qemu-allarch":
+        qemu_binary = "qemuwrapper"
+
+    if qemu_options == None:
+        qemu_options = d.getVar("QEMU_OPTIONS") or ""
+
+    return "PSEUDO_UNLOAD=1 " + qemu_binary + " " + qemu_options + " -L " + rootfs_path\
+            + " -E LD_LIBRARY_PATH=" + ":".join(library_paths) + " "
+
+# Next function will return a string containing the command that is needed to
+# to run a certain binary through qemu. For example, in order to make a certain
+# postinstall scriptlet run at do_rootfs time and running the postinstall is
+# architecture dependent, we can run it through qemu. For example, in the
+# postinstall scriptlet, we could use the following:
+#
+# ${@qemu_run_binary(d, '$D', '/usr/bin/test_app')} [test_app arguments]
+#
+def qemu_run_binary(d, rootfs_path, binary):
+    libdir = rootfs_path + d.getVar("libdir", False)
+    base_libdir = rootfs_path + d.getVar("base_libdir", False)
+
+    return qemu_wrapper_cmdline(d, rootfs_path, [libdir, base_libdir]) + rootfs_path + binary
diff --git a/meta/lib/oe/recipeutils.py b/meta/lib/oe/recipeutils.py
index 407d168894..044f1bfa61 100644
--- a/meta/lib/oe/recipeutils.py
+++ b/meta/lib/oe/recipeutils.py
@@ -24,9 +24,9 @@ from collections import OrderedDict, defaultdict
 from bb.utils import vercmp_string
 
 # Help us to find places to insert values
-recipe_progression = ['SUMMARY', 'DESCRIPTION', 'AUTHOR', 'HOMEPAGE', 'BUGTRACKER', 'SECTION', 'LICENSE', 'LICENSE_FLAGS', 'LIC_FILES_CHKSUM', 'PROVIDES', 'DEPENDS', 'PR', 'PV', 'SRCREV', 'SRCPV', 'SRC_URI', 'S', 'do_fetch()', 'do_unpack()', 'do_patch()', 'EXTRA_OECONF', 'EXTRA_OECMAKE', 'EXTRA_OESCONS', 'do_configure()', 'EXTRA_OEMAKE', 'do_compile()', 'do_install()', 'do_populate_sysroot()', 'INITSCRIPT', 'USERADD', 'GROUPADD', 'PACKAGES', 'FILES', 'RDEPENDS', 'RRECOMMENDS', 'RSUGGESTS', 'RPROVIDES', 'RREPLACES', 'RCONFLICTS', 'ALLOW_EMPTY', 'populate_packages()', 'do_package()', 'do_deploy()', 'BBCLASSEXTEND']
+recipe_progression = ['SUMMARY', 'DESCRIPTION', 'HOMEPAGE', 'BUGTRACKER', 'SECTION', 'LICENSE', 'LICENSE_FLAGS', 'LIC_FILES_CHKSUM', 'PROVIDES', 'DEPENDS', 'PR', 'PV', 'SRCREV', 'SRC_URI', 'S', 'do_fetch()', 'do_unpack()', 'do_patch()', 'EXTRA_OECONF', 'EXTRA_OECMAKE', 'EXTRA_OESCONS', 'do_configure()', 'EXTRA_OEMAKE', 'do_compile()', 'do_install()', 'do_populate_sysroot()', 'INITSCRIPT', 'USERADD', 'GROUPADD', 'PACKAGES', 'FILES', 'RDEPENDS', 'RRECOMMENDS', 'RSUGGESTS', 'RPROVIDES', 'RREPLACES', 'RCONFLICTS', 'ALLOW_EMPTY', 'populate_packages()', 'do_package()', 'do_deploy()', 'BBCLASSEXTEND']
 # Variables that sometimes are a bit long but shouldn't be wrapped
-nowrap_vars = ['SUMMARY', 'HOMEPAGE', 'BUGTRACKER', r'SRC_URI\[(.+\.)?md5sum\]', r'SRC_URI\[(.+\.)?sha256sum\]']
+nowrap_vars = ['SUMMARY', 'HOMEPAGE', 'BUGTRACKER', r'SRC_URI\[(.+\.)?md5sum\]', r'SRC_URI\[(.+\.)?sha[0-9]+sum\]']
 list_vars = ['SRC_URI', 'LIC_FILES_CHKSUM']
 meta_vars = ['SUMMARY', 'DESCRIPTION', 'HOMEPAGE', 'BUGTRACKER', 'SECTION']
 
@@ -47,7 +47,7 @@ def simplify_history(history, d):
                 continue
             has_set = True
         elif event['op'] in ('append', 'prepend', 'postdot', 'predot'):
-            # Reminder: "append" and "prepend" mean += and =+ respectively, NOT _append / _prepend
+            # Reminder: "append" and "prepend" mean += and =+ respectively, NOT :append / :prepend
             if has_set:
                 continue
         ret_history.insert(0, event)
@@ -342,7 +342,7 @@ def patch_recipe(d, fn, varvalues, patch=False, relpath='', redirect_output=None
     def override_applicable(hevent):
         op = hevent['op']
         if '[' in op:
-            opoverrides = op.split('[')[1].split(']')[0].split('_')
+            opoverrides = op.split('[')[1].split(']')[0].split(':')
             for opoverride in opoverrides:
                 if not opoverride in overrides:
                     return False
@@ -368,13 +368,13 @@ def patch_recipe(d, fn, varvalues, patch=False, relpath='', redirect_output=None
                                 recipe_set = True
                     if not recipe_set:
                         for event in history:
-                            if event['op'].startswith('_remove'):
+                            if event['op'].startswith(':remove'):
                                 continue
                             if not override_applicable(event):
                                 continue
                             newvalue = value.replace(event['detail'], '')
-                            if newvalue == value and os.path.abspath(event['file']) == fn and event['op'].startswith('_'):
-                                op = event['op'].replace('[', '_').replace(']', '')
+                            if newvalue == value and os.path.abspath(event['file']) == fn and event['op'].startswith(':'):
+                                op = event['op'].replace('[', ':').replace(']', '')
                                 extravals[var + op] = None
                             value = newvalue
                             vals[var] = ('+=', value)
@@ -414,15 +414,13 @@ def copy_recipe_files(d, tgt_dir, whole_dir=False, download=True, all_variants=F
 
     fetch_urls(d)
     if all_variants:
-        # Get files for other variants e.g. in the case of a SRC_URI_append
+        # Get files for other variants e.g. in the case of a SRC_URI:append
         localdata = bb.data.createCopy(d)
         variants = (localdata.getVar('BBCLASSEXTEND') or '').split()
         if variants:
             # Ensure we handle class-target if we're dealing with one of the variants
             variants.append('target')
             for variant in variants:
-                if variant.startswith("devupstream"):
-                    localdata.setVar('SRCPV', 'git')
                 localdata.setVar('CLASSOVERRIDE', 'class-%s' % variant)
                 fetch_urls(localdata)
 
@@ -666,19 +664,23 @@ def get_bbappend_path(d, destlayerdir, wildcardver=False):
     return (appendpath, pathok)
 
 
-def bbappend_recipe(rd, destlayerdir, srcfiles, install=None, wildcardver=False, machine=None, extralines=None, removevalues=None, redirect_output=None):
+def bbappend_recipe(rd, destlayerdir, srcfiles, install=None, wildcardver=False, machine=None, extralines=None, removevalues=None, redirect_output=None, params=None, update_original_recipe=False):
     """
     Writes a bbappend file for a recipe
     Parameters:
         rd: data dictionary for the recipe
         destlayerdir: base directory of the layer to place the bbappend in
             (subdirectory path from there will be determined automatically)
-        srcfiles: dict of source files to add to SRC_URI, where the value
-            is the full path to the file to be added, and the value is the
-            original filename as it would appear in SRC_URI or None if it
-            isn't already present. You may pass None for this parameter if
-            you simply want to specify your own content via the extralines
-            parameter.
+        srcfiles: dict of source files to add to SRC_URI, where the key
+            is the full path to the file to be added, and the value is a
+            dict with following optional keys:
+                path: the original filename as it would appear in SRC_URI
+                    or None if it isn't already present.
+                patchdir: the patchdir parameter
+                newname: the name to give to the new added file. None to use
+                    the default value: basename(path)
+            You may pass None for this parameter if you simply want to specify
+            your own content via the extralines parameter.
         install: dict mapping entries in srcfiles to a tuple of two elements:
             install path (*without* ${D} prefix) and permission value (as a
             string, e.g. '0644').
@@ -696,18 +698,32 @@ def bbappend_recipe(rd, destlayerdir, srcfiles, install=None, wildcardver=False,
         redirect_output:
             If specified, redirects writing the output file to the
             specified directory (for dry-run purposes)
+        params:
+            Parameters to use when adding entries to SRC_URI. If specified,
+            should be a list of dicts with the same length as srcfiles.
+        update_original_recipe:
+            Force to update the original recipe instead of creating/updating
+            a bbapend. destlayerdir must contain the original recipe
     """
 
     if not removevalues:
         removevalues = {}
 
-    # Determine how the bbappend should be named
-    appendpath, pathok = get_bbappend_path(rd, destlayerdir, wildcardver)
-    if not appendpath:
-        bb.error('Unable to determine layer directory containing %s' % recipefile)
-        return (None, None)
-    if not pathok:
-        bb.warn('Unable to determine correct subdirectory path for bbappend file - check that what %s adds to BBFILES also matches .bbappend files. Using %s for now, but until you fix this the bbappend will not be applied.' % (os.path.join(destlayerdir, 'conf', 'layer.conf'), os.path.dirname(appendpath)))
+    recipefile = rd.getVar('FILE')
+    if update_original_recipe:
+        if destlayerdir not in recipefile:
+            bb.error("destlayerdir %s doesn't contain the original recipe (%s), cannot update it" % (destlayerdir, recipefile))
+            return (None, None)
+
+        appendpath = recipefile
+    else:
+        # Determine how the bbappend should be named
+        appendpath, pathok = get_bbappend_path(rd, destlayerdir, wildcardver)
+        if not appendpath:
+            bb.error('Unable to determine layer directory containing %s' % recipefile)
+            return (None, None)
+        if not pathok:
+            bb.warn('Unable to determine correct subdirectory path for bbappend file - check that what %s adds to BBFILES also matches .bbappend files. Using %s for now, but until you fix this the bbappend will not be applied.' % (os.path.join(destlayerdir, 'conf', 'layer.conf'), os.path.dirname(appendpath)))
 
     appenddir = os.path.dirname(appendpath)
     if not redirect_output:
@@ -752,30 +768,48 @@ def bbappend_recipe(rd, destlayerdir, srcfiles, install=None, wildcardver=False,
             bbappendlines.append((varname, op, value))
 
     destsubdir = rd.getVar('PN')
-    if srcfiles:
-        bbappendlines.append(('FILESEXTRAPATHS_prepend', ':=', '${THISDIR}/${PN}:'))
+    if not update_original_recipe and srcfiles:
+        bbappendlines.append(('FILESEXTRAPATHS:prepend', ':=', '${THISDIR}/${PN}:'))
 
     appendoverride = ''
     if machine:
         bbappendlines.append(('PACKAGE_ARCH', '=', '${MACHINE_ARCH}'))
-        appendoverride = '_%s' % machine
+        appendoverride = ':%s' % machine
     copyfiles = {}
     if srcfiles:
         instfunclines = []
-        for newfile, origsrcfile in srcfiles.items():
-            srcfile = origsrcfile
+        for i, (newfile, param) in enumerate(srcfiles.items()):
             srcurientry = None
-            if not srcfile:
-                srcfile = os.path.basename(newfile)
+            if not 'path' in param or not param['path']:
+                if 'newname' in param and param['newname']:
+                    srcfile = param['newname']
+                else:
+                    srcfile = os.path.basename(newfile)
                 srcurientry = 'file://%s' % srcfile
+                oldentry = None
+                for uri in rd.getVar('SRC_URI').split():
+                    if srcurientry in uri:
+                        oldentry = uri
+                if params and params[i]:
+                    srcurientry = '%s;%s' % (srcurientry, ';'.join('%s=%s' % (k,v) for k,v in params[i].items()))
                 # Double-check it's not there already
                 # FIXME do we care if the entry is added by another bbappend that might go away?
                 if not srcurientry in rd.getVar('SRC_URI').split():
                     if machine:
-                        appendline('SRC_URI_append%s' % appendoverride, '=', ' ' + srcurientry)
+                        if oldentry:
+                            appendline('SRC_URI:remove%s' % appendoverride, '=', ' ' + oldentry)
+                        appendline('SRC_URI:append%s' % appendoverride, '=', ' ' + srcurientry)
                     else:
+                        if oldentry:
+                            if update_original_recipe:
+                                removevalues['SRC_URI'] = oldentry
+                            else:
+                                appendline('SRC_URI:remove', '=', oldentry)
                         appendline('SRC_URI', '+=', srcurientry)
-            copyfiles[newfile] = srcfile
+                param['path'] = srcfile
+            else:
+                srcfile = param['path']
+            copyfiles[newfile] = param
             if install:
                 institem = install.pop(newfile, None)
                 if institem:
@@ -784,9 +818,9 @@ def bbappend_recipe(rd, destlayerdir, srcfiles, install=None, wildcardver=False,
                     instdirline = 'install -d ${D}%s' % os.path.dirname(instdestpath)
                     if not instdirline in instfunclines:
                         instfunclines.append(instdirline)
-                    instfunclines.append('install -m %s ${WORKDIR}/%s ${D}%s' % (perms, os.path.basename(srcfile), instdestpath))
+                    instfunclines.append('install -m %s ${UNPACKDIR}/%s ${D}%s' % (perms, os.path.basename(srcfile), instdestpath))
         if instfunclines:
-            bbappendlines.append(('do_install_append%s()' % appendoverride, '', instfunclines))
+            bbappendlines.append(('do_install:append%s()' % appendoverride, '', instfunclines))
 
     if redirect_output:
         bb.note('Writing append file %s (dry-run)' % appendpath)
@@ -795,6 +829,8 @@ def bbappend_recipe(rd, destlayerdir, srcfiles, install=None, wildcardver=False,
         # multiple times per operation when we're handling overrides)
         if os.path.exists(appendpath) and not os.path.exists(outfile):
             shutil.copy2(appendpath, outfile)
+    elif update_original_recipe:
+        outfile = recipefile
     else:
         bb.note('Writing append file %s' % appendpath)
         outfile = appendpath
@@ -804,15 +840,15 @@ def bbappend_recipe(rd, destlayerdir, srcfiles, install=None, wildcardver=False,
         extvars = {'destsubdir': destsubdir}
 
         def appendfile_varfunc(varname, origvalue, op, newlines):
-            if varname == 'FILESEXTRAPATHS_prepend':
+            if varname == 'FILESEXTRAPATHS:prepend':
                 if origvalue.startswith('${THISDIR}/'):
-                    popline('FILESEXTRAPATHS_prepend')
+                    popline('FILESEXTRAPATHS:prepend')
                     extvars['destsubdir'] = rd.expand(origvalue.split('${THISDIR}/', 1)[1].rstrip(':'))
             elif varname == 'PACKAGE_ARCH':
                 if machine:
                     popline('PACKAGE_ARCH')
                     return (machine, None, 4, False)
-            elif varname.startswith('do_install_append'):
+            elif varname.startswith('do_install:append'):
                 func = popline(varname)
                 if func:
                     instfunclines = [line.strip() for line in origvalue.strip('\n').splitlines()]
@@ -824,7 +860,7 @@ def bbappend_recipe(rd, destlayerdir, srcfiles, install=None, wildcardver=False,
                 splitval = split_var_value(origvalue, assignment=False)
                 changed = False
                 removevar = varname
-                if varname in ['SRC_URI', 'SRC_URI_append%s' % appendoverride]:
+                if varname in ['SRC_URI', 'SRC_URI:append%s' % appendoverride]:
                     removevar = 'SRC_URI'
                     line = popline(varname)
                     if line:
@@ -853,11 +889,11 @@ def bbappend_recipe(rd, destlayerdir, srcfiles, install=None, wildcardver=False,
                     newvalue = splitval
                     if len(newvalue) == 1:
                         # Ensure it's written out as one line
-                        if '_append' in varname:
+                        if ':append' in varname:
                             newvalue = ' ' + newvalue[0]
                         else:
                             newvalue = newvalue[0]
-                    if not newvalue and (op in ['+=', '.='] or '_append' in varname):
+                    if not newvalue and (op in ['+=', '.='] or ':append' in varname):
                         # There's no point appending nothing
                         newvalue = None
                     if varname.endswith('()'):
@@ -898,7 +934,12 @@ def bbappend_recipe(rd, destlayerdir, srcfiles, install=None, wildcardver=False,
             outdir = redirect_output
         else:
             outdir = appenddir
-        for newfile, srcfile in copyfiles.items():
+        for newfile, param in copyfiles.items():
+            srcfile = param['path']
+            patchdir = param.get('patchdir', ".")
+
+            if patchdir != ".":
+                newfile = os.path.join(os.path.split(newfile)[0], patchdir, os.path.split(newfile)[1])
             filedest = os.path.join(outdir, destsubdir, os.path.basename(srcfile))
             if os.path.abspath(newfile) != os.path.abspath(filedest):
                 if newfile.startswith(tempfile.gettempdir()):
@@ -942,10 +983,9 @@ def replace_dir_vars(path, d):
         path = path.replace(dirpath, '${%s}' % dirvars[dirpath])
     return path
 
-def get_recipe_pv_without_srcpv(pv, uri_type):
+def get_recipe_pv_with_pfx_sfx(pv, uri_type):
     """
-    Get PV without SRCPV common in SCM's for now only
-    support git.
+    Get PV separating prefix and suffix components.
 
     Returns tuple with pv, prefix and suffix.
     """
@@ -953,7 +993,7 @@ def get_recipe_pv_without_srcpv(pv, uri_type):
     sfx = ''
 
     if uri_type == 'git':
-        git_regex = re.compile(r"(?P<pfx>v?)(?P<ver>.*?)(?P<sfx>\+[^\+]*(git)?r?(AUTOINC\+))(?P<rev>.*)")
+        git_regex = re.compile(r"(?P<pfx>v?)(?P<ver>.*?)(?P<sfx>\+[^\+]*(git)?r?(AUTOINC\+)?)(?P<rev>.*)")
         m = git_regex.match(pv)
 
         if m:
@@ -1005,7 +1045,7 @@ def get_recipe_upstream_version(rd):
     src_uri = src_uris.split()[0]
     uri_type, _, _, _, _, _ =  decodeurl(src_uri)
 
-    (pv, pfx, sfx) = get_recipe_pv_without_srcpv(rd.getVar('PV'), uri_type)
+    (pv, pfx, sfx) = get_recipe_pv_with_pfx_sfx(rd.getVar('PV'), uri_type)
     ru['current_version'] = pv
 
     manual_upstream_version = rd.getVar("RECIPE_UPSTREAM_VERSION")
@@ -1029,10 +1069,16 @@ def get_recipe_upstream_version(rd):
     else:
         ud = bb.fetch2.FetchData(src_uri, rd)
         if rd.getVar("UPSTREAM_CHECK_COMMITS") == "1":
-            revision = ud.method.latest_revision(ud, rd, 'default')
-            upversion = pv
-            if revision != rd.getVar("SRCREV"):
-                upversion = upversion + "-new-commits-available" 
+            bb.fetch2.get_srcrev(rd)
+            upversion = None
+            revision = None
+            try:
+                revision = ud.method.latest_revision(ud, rd, 'default')
+                upversion = pv
+                if revision != rd.getVar("SRCREV"):
+                    upversion = upversion + "-new-commits-available"
+            except bb.fetch2.FetchError as e:
+                bb.warn("Unable to obtain latest revision: {}".format(e))
         else:
             pupver = ud.method.latest_versionstring(ud, rd)
             (upversion, revision) = pupver
@@ -1071,7 +1117,7 @@ def _get_recipe_upgrade_status(data):
     maintainer = data.getVar('RECIPE_MAINTAINER')
     no_upgrade_reason = data.getVar('RECIPE_NO_UPDATE_REASON')
 
-    return (pn, status, cur_ver, next_ver, maintainer, revision, no_upgrade_reason)
+    return {'pn':pn, 'status':status, 'cur_ver':cur_ver, 'next_ver':next_ver, 'maintainer':maintainer, 'revision':revision, 'no_upgrade_reason':no_upgrade_reason}
 
 def get_recipe_upgrade_status(recipes=None):
     pkgs_list = []
@@ -1113,6 +1159,7 @@ def get_recipe_upgrade_status(recipes=None):
         if not recipes:
             recipes = tinfoil.all_recipe_files(variants=False)
 
+        recipeincludes = {}
         for fn in recipes:
             try:
                 if fn.startswith("/"):
@@ -1137,8 +1184,65 @@ def get_recipe_upgrade_status(recipes=None):
 
             data_copy_list.append(data_copy)
 
+            recipeincludes[data.getVar('FILE')] = {'bbincluded':data.getVar('BBINCLUDED').split(),'pn':data.getVar('PN')}
+
     from concurrent.futures import ProcessPoolExecutor
     with ProcessPoolExecutor(max_workers=utils.cpu_count()) as executor:
         pkgs_list = executor.map(_get_recipe_upgrade_status, data_copy_list)
 
-    return pkgs_list
+    return _group_recipes(pkgs_list, _get_common_include_recipes(recipeincludes))
+
+def get_common_include_recipes():
+    with bb.tinfoil.Tinfoil() as tinfoil:
+        tinfoil.prepare(config_only=False)
+
+        recipes = tinfoil.all_recipe_files(variants=False)
+
+        recipeincludes = {}
+        for fn in recipes:
+            data = tinfoil.parse_recipe_file(fn)
+            recipeincludes[fn] = {'bbincluded':data.getVar('BBINCLUDED').split(),'pn':data.getVar('PN')}
+        return _get_common_include_recipes(recipeincludes)
+
+def _get_common_include_recipes(recipeincludes_all):
+        recipeincludes = {}
+        for fn,data in recipeincludes_all.items():
+            bbincluded_filtered = [i for i in data['bbincluded'] if os.path.dirname(i) == os.path.dirname(fn) and i != fn]
+            if bbincluded_filtered:
+                recipeincludes[data['pn']] = bbincluded_filtered
+
+        recipeincludes_inverted = {}
+        for k,v in recipeincludes.items():
+            for i in v:
+                recipeincludes_inverted.setdefault(i,set()).add(k)
+
+        recipeincludes_inverted_filtered = {k:v for k,v in recipeincludes_inverted.items() if len(v) > 1}
+
+        recipes_with_shared_includes = list()
+        for v in recipeincludes_inverted_filtered.values():
+            recipeset = v
+            for v1 in recipeincludes_inverted_filtered.values():
+                if recipeset.intersection(v1):
+                    recipeset.update(v1)
+            if recipeset not in recipes_with_shared_includes:
+                recipes_with_shared_includes.append(recipeset)
+
+        return recipes_with_shared_includes
+
+def _group_recipes(recipes, groups):
+    recipedict = {}
+    for r in recipes:
+        recipedict[r['pn']] = r
+
+    recipegroups = []
+    for g in groups:
+        recipeset = []
+        for r in g:
+            if r in recipedict.keys():
+                recipeset.append(recipedict[r])
+                del recipedict[r]
+        recipegroups.append(recipeset)
+
+    for r in recipedict.values():
+        recipegroups.append([r])
+    return recipegroups
diff --git a/meta/lib/oe/reproducible.py b/meta/lib/oe/reproducible.py
index 204b9bd734..0270024a83 100644
--- a/meta/lib/oe/reproducible.py
+++ b/meta/lib/oe/reproducible.py
@@ -1,10 +1,63 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 import os
 import subprocess
 import bb
 
+# For reproducible builds, this code sets the default SOURCE_DATE_EPOCH in each
+# component's build environment. The format is number of seconds since the
+# system epoch.
+#
+# Upstream components (generally) respect this environment variable,
+# using it in place of the "current" date and time.
+# See https://reproducible-builds.org/specs/source-date-epoch/
+#
+# The default value of SOURCE_DATE_EPOCH comes from the function
+# get_source_date_epoch_value which reads from the SDE_FILE, or if the file
+# is not available will use the fallback of SOURCE_DATE_EPOCH_FALLBACK.
+#
+# The SDE_FILE is normally constructed from the function
+# create_source_date_epoch_stamp which is typically added as a postfuncs to
+# the do_unpack task.  If a recipe does NOT have do_unpack, it should be added
+# to a task that runs after the source is available and before the
+# do_deploy_source_date_epoch task is executed.
+#
+# If a recipe wishes to override the default behavior it should set it's own
+# SOURCE_DATE_EPOCH or override the do_deploy_source_date_epoch_stamp task
+# with recipe-specific functionality to write the appropriate
+# SOURCE_DATE_EPOCH into the SDE_FILE.
+#
+# SOURCE_DATE_EPOCH is intended to be a reproducible value.  This value should
+# be reproducible for anyone who builds the same revision from the same
+# sources.
+#
+# There are 4 ways the create_source_date_epoch_stamp function determines what
+# becomes SOURCE_DATE_EPOCH:
+#
+# 1. Use the value from __source_date_epoch.txt file if this file exists.
+#    This file was most likely created in the previous build by one of the
+#    following methods 2,3,4.
+#    Alternatively, it can be provided by a recipe via SRC_URI.
+#
+# If the file does not exist:
+#
+# 2. If there is a git checkout, use the last git commit timestamp.
+#    Git does not preserve file timestamps on checkout.
+#
+# 3. Use the mtime of "known" files such as NEWS, CHANGELOG, ...
+#    This works for well-kept repositories distributed via tarball.
+#
+# 4. Use the modification time of the youngest file in the source tree, if
+#    there is one.
+#    This will be the newest file from the distribution tarball, if any.
+#
+# 5. Fall back to a fixed timestamp (SOURCE_DATE_EPOCH_FALLBACK).
+#
+# Once the value is determined, it is stored in the recipe's SDE_FILE.
+
 def get_source_date_epoch_from_known_files(d, sourcedir):
     source_date_epoch = None
     newest_file = None
@@ -22,10 +75,11 @@ def get_source_date_epoch_from_known_files(d, sourcedir):
     return source_date_epoch
 
 def find_git_folder(d, sourcedir):
-    # First guess: WORKDIR/git
+    # First guess: UNPACKDIR/BB_GIT_DEFAULT_DESTSUFFIX
     # This is the default git fetcher unpack path
-    workdir = d.getVar('WORKDIR')
-    gitpath = os.path.join(workdir, "git/.git")
+    unpackdir = d.getVar('UNPACKDIR')
+    default_destsuffix = d.getVar('BB_GIT_DEFAULT_DESTSUFFIX')
+    gitpath = os.path.join(unpackdir, default_destsuffix, ".git")
     if os.path.isdir(gitpath):
         return gitpath
 
@@ -35,15 +89,16 @@ def find_git_folder(d, sourcedir):
         return gitpath
 
     # Perhaps there was a subpath or destsuffix specified.
-    # Go looking in the WORKDIR
-    exclude = set(["build", "image", "license-destdir", "patches", "pseudo",
-                   "recipe-sysroot", "recipe-sysroot-native", "sysroot-destdir", "temp"])
-    for root, dirs, files in os.walk(workdir, topdown=True):
-        dirs[:] = [d for d in dirs if d not in exclude]
+    # Go looking in the UNPACKDIR
+    for root, dirs, files in os.walk(unpackdir, topdown=True):
         if '.git' in dirs:
-            return root
+            return os.path.join(root, ".git")
 
-    bb.warn("Failed to find a git repository in WORKDIR: %s" % workdir)
+    for root, dirs, files in os.walk(sourcedir, topdown=True):
+        if '.git' in dirs:
+            return os.path.join(root, ".git")
+
+    bb.warn("Failed to find a git repository in UNPACKDIR: %s" % unpackdir)
     return None
 
 def get_source_date_epoch_from_git(d, sourcedir):
@@ -62,11 +117,12 @@ def get_source_date_epoch_from_git(d, sourcedir):
         return None
 
     bb.debug(1, "git repository: %s" % gitpath)
-    p = subprocess.run(['git', '--git-dir', gitpath, 'log', '-1', '--pretty=%ct'], check=True, stdout=subprocess.PIPE)
+    p = subprocess.run(['git', '-c', 'log.showSignature=false', '--git-dir', gitpath, 'log', '-1', '--pretty=%ct'],
+                       check=True, stdout=subprocess.PIPE)
     return int(p.stdout.decode('utf-8'))
 
 def get_source_date_epoch_from_youngest_file(d, sourcedir):
-    if sourcedir == d.getVar('WORKDIR'):
+    if sourcedir == d.getVar('UNPACKDIR'):
        # These sources are almost certainly not from a tarball
        return None
 
@@ -77,6 +133,9 @@ def get_source_date_epoch_from_youngest_file(d, sourcedir):
         files = [f for f in files if not f[0] == '.']
 
         for fname in files:
+            if fname == "singletask.lock":
+                 # Ignore externalsrc/devtool lockfile [YOCTO #14921]
+                 continue
             filename = os.path.join(root, fname)
             try:
                 mtime = int(os.lstat(filename).st_mtime)
@@ -101,8 +160,40 @@ def fixed_source_date_epoch(d):
 def get_source_date_epoch(d, sourcedir):
     return (
         get_source_date_epoch_from_git(d, sourcedir) or
-        get_source_date_epoch_from_known_files(d, sourcedir) or
         get_source_date_epoch_from_youngest_file(d, sourcedir) or
         fixed_source_date_epoch(d)       # Last resort
     )
 
+def epochfile_read(epochfile, d):
+    cached, efile = d.getVar('__CACHED_SOURCE_DATE_EPOCH') or (None, None)
+    if cached and efile == epochfile:
+        return cached
+
+    if cached and epochfile != efile:
+        bb.debug(1, "Epoch file changed from %s to %s" % (efile, epochfile))
+
+    source_date_epoch = int(d.getVar('SOURCE_DATE_EPOCH_FALLBACK'))
+    try:
+        with open(epochfile, 'r') as f:
+            s = f.read()
+            try:
+                source_date_epoch = int(s)
+            except ValueError:
+                bb.warn("SOURCE_DATE_EPOCH value '%s' is invalid. Reverting to SOURCE_DATE_EPOCH_FALLBACK" % s)
+                source_date_epoch = int(d.getVar('SOURCE_DATE_EPOCH_FALLBACK'))
+        bb.debug(1, "SOURCE_DATE_EPOCH: %d" % source_date_epoch)
+    except FileNotFoundError:
+        bb.debug(1, "Cannot find %s. SOURCE_DATE_EPOCH will default to %d" % (epochfile, source_date_epoch))
+
+    d.setVar('__CACHED_SOURCE_DATE_EPOCH', (str(source_date_epoch), epochfile))
+    return str(source_date_epoch)
+
+def epochfile_write(source_date_epoch, epochfile, d):
+
+    bb.debug(1, "SOURCE_DATE_EPOCH: %d" % source_date_epoch)
+    bb.utils.mkdirhier(os.path.dirname(epochfile))
+
+    tmp_file = "%s.new" % epochfile
+    with open(tmp_file, 'w') as f:
+        f.write(str(source_date_epoch))
+    os.rename(tmp_file, epochfile)
diff --git a/meta/lib/oe/rootfs.py b/meta/lib/oe/rootfs.py
index 249c685dcf..14befac8fa 100644
--- a/meta/lib/oe/rootfs.py
+++ b/meta/lib/oe/rootfs.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 from abc import ABCMeta, abstractmethod
@@ -104,7 +106,7 @@ class Rootfs(object, metaclass=ABCMeta):
     def _cleanup(self):
         pass
 
-    def _setup_dbg_rootfs(self, dirs):
+    def _setup_dbg_rootfs(self, package_paths):
         gen_debugfs = self.d.getVar('IMAGE_GEN_DEBUGFS') or '0'
         if gen_debugfs != '1':
            return
@@ -114,17 +116,18 @@ class Rootfs(object, metaclass=ABCMeta):
             shutil.rmtree(self.image_rootfs + '-orig')
         except:
             pass
-        os.rename(self.image_rootfs, self.image_rootfs + '-orig')
+        bb.utils.rename(self.image_rootfs, self.image_rootfs + '-orig')
 
         bb.note("  Creating debug rootfs...")
         bb.utils.mkdirhier(self.image_rootfs)
 
         bb.note("  Copying back package database...")
-        for dir in dirs:
-            if not os.path.isdir(self.image_rootfs + '-orig' + dir):
-                continue
-            bb.utils.mkdirhier(self.image_rootfs + os.path.dirname(dir))
-            shutil.copytree(self.image_rootfs + '-orig' + dir, self.image_rootfs + dir, symlinks=True)
+        for path in package_paths:
+            bb.utils.mkdirhier(self.image_rootfs + os.path.dirname(path))
+            if os.path.isdir(self.image_rootfs + '-orig' + path):
+                shutil.copytree(self.image_rootfs + '-orig' + path, self.image_rootfs + path, symlinks=True)
+            elif os.path.isfile(self.image_rootfs + '-orig' + path):
+                shutil.copyfile(self.image_rootfs + '-orig' + path, self.image_rootfs + path)
 
         # Copy files located in /usr/lib/debug or /usr/src/debug
         for dir in ["/usr/lib/debug", "/usr/src/debug"]:
@@ -160,25 +163,26 @@ class Rootfs(object, metaclass=ABCMeta):
             bb.note("  Install extra debug packages...")
             self.pm.install(extra_debug_pkgs.split(), True)
 
+        bb.note("  Removing package database...")
+        for path in package_paths:
+            if os.path.isdir(self.image_rootfs + path):
+                shutil.rmtree(self.image_rootfs + path)
+            elif os.path.isfile(self.image_rootfs + path):
+                os.remove(self.image_rootfs + path)
+
         bb.note("  Rename debug rootfs...")
         try:
             shutil.rmtree(self.image_rootfs + '-dbg')
         except:
             pass
-        os.rename(self.image_rootfs, self.image_rootfs + '-dbg')
+        bb.utils.rename(self.image_rootfs, self.image_rootfs + '-dbg')
 
-        bb.note("  Restoreing original rootfs...")
-        os.rename(self.image_rootfs + '-orig', self.image_rootfs)
+        bb.note("  Restoring original rootfs...")
+        bb.utils.rename(self.image_rootfs + '-orig', self.image_rootfs)
 
     def _exec_shell_cmd(self, cmd):
-        fakerootcmd = self.d.getVar('FAKEROOT')
-        if fakerootcmd is not None:
-            exec_cmd = [fakerootcmd, cmd]
-        else:
-            exec_cmd = cmd
-
         try:
-            subprocess.check_output(exec_cmd, stderr=subprocess.STDOUT)
+            subprocess.check_output(cmd, stderr=subprocess.STDOUT)
         except subprocess.CalledProcessError as e:
             return("Command '%s' returned %d:\n%s" % (e.cmd, e.returncode, e.output))
 
@@ -190,9 +194,17 @@ class Rootfs(object, metaclass=ABCMeta):
         post_process_cmds = self.d.getVar("ROOTFS_POSTPROCESS_COMMAND")
         rootfs_post_install_cmds = self.d.getVar('ROOTFS_POSTINSTALL_COMMAND')
 
-        bb.utils.mkdirhier(self.image_rootfs)
+        def make_last(command, commands):
+            commands = commands.split()
+            if command in commands:
+                commands.remove(command)
+                commands.append(command)
+            return " ".join(commands)
 
-        bb.utils.mkdirhier(self.deploydir)
+        # We want this to run as late as possible, in particular after
+        # systemd_sysusers_create and set_user_group. Using :append is not enough
+        post_process_cmds = make_last("tidy_shadowutils_files", post_process_cmds)
+        post_process_cmds = make_last("rootfs_reproducible", post_process_cmds)
 
         execute_pre_post_process(self.d, pre_process_cmds)
 
@@ -250,16 +262,18 @@ class Rootfs(object, metaclass=ABCMeta):
 
 
     def _uninstall_unneeded(self):
-        # Remove unneeded init script symlinks
+        # Remove the run-postinsts package if no delayed postinsts are found
         delayed_postinsts = self._get_delayed_postinsts()
         if delayed_postinsts is None:
-            if os.path.exists(self.d.expand("${IMAGE_ROOTFS}${sysconfdir}/init.d/run-postinsts")):
-                self._exec_shell_cmd(["update-rc.d", "-f", "-r",
-                                      self.d.getVar('IMAGE_ROOTFS'),
-                                      "run-postinsts", "remove"])
+            if os.path.exists(self.d.expand("${IMAGE_ROOTFS}${sysconfdir}/init.d/run-postinsts")) or os.path.exists(self.d.expand("${IMAGE_ROOTFS}${systemd_system_unitdir}/run-postinsts.service")):
+                self.pm.remove(["run-postinsts"])
 
         image_rorfs = bb.utils.contains("IMAGE_FEATURES", "read-only-rootfs",
+                                        True, False, self.d) and \
+                      not bb.utils.contains("IMAGE_FEATURES",
+                                        "read-only-rootfs-delayed-postinsts",
                                         True, False, self.d)
+
         image_rorfs_force = self.d.getVar('FORCE_RO_REMOVE')
 
         if image_rorfs or image_rorfs_force == "1":
@@ -304,10 +318,20 @@ class Rootfs(object, metaclass=ABCMeta):
             self._exec_shell_cmd(['ldconfig', '-r', self.image_rootfs, '-c',
                                   'new', '-v', '-X'])
 
+        image_rorfs = bb.utils.contains("IMAGE_FEATURES", "read-only-rootfs",
+                                        True, False, self.d)
+        ldconfig_in_features = bb.utils.contains("DISTRO_FEATURES", "ldconfig",
+                                                 True, False, self.d)
+        if image_rorfs or not ldconfig_in_features:
+            ldconfig_cache_dir = os.path.join(self.image_rootfs, "var/cache/ldconfig")
+            if os.path.exists(ldconfig_cache_dir):
+                bb.note("Removing ldconfig auxiliary cache...")
+                shutil.rmtree(ldconfig_cache_dir)
+
     def _check_for_kernel_modules(self, modules_dir):
         for root, dirs, files in os.walk(modules_dir, topdown=True):
             for name in files:
-                found_ko = name.endswith(".ko")
+                found_ko = name.endswith((".ko", ".ko.gz", ".ko.xz", ".ko.zst"))
                 if found_ko:
                     return found_ko
         return False
@@ -319,17 +343,31 @@ class Rootfs(object, metaclass=ABCMeta):
             bb.note("No Kernel Modules found, not running depmod")
             return
 
-        kernel_abi_ver_file = oe.path.join(self.d.getVar('PKGDATA_DIR'), "kernel-depmod",
-                                           'kernel-abiversion')
-        if not os.path.exists(kernel_abi_ver_file):
-            bb.fatal("No kernel-abiversion file found (%s), cannot run depmod, aborting" % kernel_abi_ver_file)
+        pkgdatadir = self.d.getVar('PKGDATA_DIR')
 
-        kernel_ver = open(kernel_abi_ver_file).read().strip(' \n')
-        versioned_modules_dir = os.path.join(self.image_rootfs, modules_dir, kernel_ver)
+        # PKGDATA_DIR can include multiple kernels so we run depmod for each
+        # one of them.
+        for direntry in os.listdir(pkgdatadir):
+            match = re.match('(.*)-depmod', direntry)
+            if not match:
+                continue
+            kernel_package_name = match.group(1)
+
+            kernel_abi_ver_file = oe.path.join(pkgdatadir, direntry, kernel_package_name + '-abiversion')
+            if not os.path.exists(kernel_abi_ver_file):
+                bb.fatal("No kernel-abiversion file found (%s), cannot run depmod, aborting" % kernel_abi_ver_file)
 
-        bb.utils.mkdirhier(versioned_modules_dir)
+            with open(kernel_abi_ver_file) as f:
+                kernel_ver = f.read().strip(' \n')
 
-        self._exec_shell_cmd(['depmodwrapper', '-a', '-b', self.image_rootfs, kernel_ver])
+            versioned_modules_dir = os.path.join(self.image_rootfs, modules_dir, kernel_ver)
+
+            if os.path.exists(versioned_modules_dir):
+                bb.note("Running depmodwrapper for %s ..." % versioned_modules_dir)
+                if self._exec_shell_cmd(['depmodwrapper', '-a', '-b', self.image_rootfs, kernel_ver, kernel_package_name]):
+                    bb.fatal("Kernel modules dependency generation failed")
+            else:
+                bb.note("Not running depmodwrapper for %s since directory does not exist" % versioned_modules_dir)
 
     """
     Create devfs:
@@ -378,6 +416,10 @@ def create_rootfs(d, manifest_dir=None, progress_reporter=None, logcatcher=None)
 
 
 def image_list_installed_packages(d, rootfs_dir=None):
+    # Theres no rootfs for baremetal images
+    if bb.data.inherits_class('baremetal-image', d):
+        return ""
+
     if not rootfs_dir:
         rootfs_dir = d.getVar('IMAGE_ROOTFS')
 
@@ -386,12 +428,3 @@ def image_list_installed_packages(d, rootfs_dir=None):
     import importlib
     cls = importlib.import_module('oe.package_manager.' + img_type)
     return cls.PMPkgsList(d, rootfs_dir).list_pkgs()
-
-if __name__ == "__main__":
-    """
-    We should be able to run this as a standalone script, from outside bitbake
-    environment.
-    """
-    """
-    TBD
-    """
diff --git a/meta/lib/rootfspostcommands.py b/meta/lib/oe/rootfspostcommands.py
index fdb9f5b850..5386eea409 100644
--- a/meta/lib/rootfspostcommands.py
+++ b/meta/lib/oe/rootfspostcommands.py
@@ -1,16 +1,19 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
 import os
 
-def sort_file(filename, mapping):
+def sort_shadowutils_file(filename, mapping):
     """
     Sorts a passwd or group file based on the numeric ID in the third column.
     If a mapping is given, the name from the first column is mapped via that
     dictionary instead (necessary for /etc/shadow and /etc/gshadow). If not,
     a new mapping is created on the fly and returned.
     """
+
     new_mapping = {}
     with open(filename, 'rb+') as f:
         lines = f.readlines()
@@ -31,30 +34,57 @@ def sort_file(filename, mapping):
         # We overwrite the entire file, i.e. no truncate() necessary.
         f.seek(0)
         f.write(b''.join(lines))
+
     return new_mapping
 
-def remove_backup(filename):
+def sort_shadowutils_files(sysconfdir):
     """
-    Removes the backup file for files like /etc/passwd.
+    Sorts shadow-utils 'passwd' and 'group' files in a rootfs' /etc directory
+    by ID.
     """
-    backup_filename = filename + '-'
-    if os.path.exists(backup_filename):
-        os.unlink(backup_filename)
 
-def sort_passwd(sysconfdir):
-    """
-    Sorts passwd and group files in a rootfs /etc directory by ID.
-    Backup files are sometimes are inconsistent and then cannot be
-    sorted (YOCTO #11043), and more importantly, are not needed in
-    the initial rootfs, so they get deleted.
-    """
     for main, shadow in (('passwd', 'shadow'),
                          ('group', 'gshadow')):
         filename = os.path.join(sysconfdir, main)
-        remove_backup(filename)
         if os.path.exists(filename):
-            mapping = sort_file(filename, None)
+            mapping = sort_shadowutils_file(filename, None)
             filename = os.path.join(sysconfdir, shadow)
-            remove_backup(filename)
             if os.path.exists(filename):
-                 sort_file(filename, mapping)
+                 sort_shadowutils_file(filename, mapping)
+
+def remove_shadowutils_backup_file(filename):
+    """
+    Remove shadow-utils backup file for files like /etc/passwd.
+    """
+
+    backup_filename = filename + '-'
+    if os.path.exists(backup_filename):
+        os.unlink(backup_filename)
+
+def remove_shadowutils_backup_files(sysconfdir):
+    """
+    Remove shadow-utils backup files in a rootfs /etc directory. They are not
+    needed in the initial root filesystem and sorting them can be inconsistent
+    (YOCTO #11043).
+    """
+
+    for filename in (
+            'group',
+            'gshadow',
+            'passwd',
+            'shadow',
+            'subgid',
+            'subuid',
+        ):
+        filepath = os.path.join(sysconfdir, filename)
+        remove_shadowutils_backup_file(filepath)
+
+def tidy_shadowutils_files(sysconfdir):
+    """
+    Tidy up shadow-utils files.
+    """
+
+    remove_shadowutils_backup_files(sysconfdir)
+    sort_shadowutils_files(sysconfdir)
+
+    return True
diff --git a/meta/lib/oe/rust.py b/meta/lib/oe/rust.py
new file mode 100644
index 0000000000..1dc9cf150d
--- /dev/null
+++ b/meta/lib/oe/rust.py
@@ -0,0 +1,11 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+# Handle mismatches between `uname -m`-style output and Rust's arch names
+def arch_to_rust_arch(arch):
+    if arch == "ppc64le":
+        return "powerpc64le"
+    return arch
diff --git a/meta/lib/oe/sbom.py b/meta/lib/oe/sbom.py
new file mode 100644
index 0000000000..fd4b6895d8
--- /dev/null
+++ b/meta/lib/oe/sbom.py
@@ -0,0 +1,120 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+
+import collections
+
+DepRecipe = collections.namedtuple("DepRecipe", ("doc", "doc_sha1", "recipe"))
+DepSource = collections.namedtuple("DepSource", ("doc", "doc_sha1", "recipe", "file"))
+
+
+def get_recipe_spdxid(d):
+    return "SPDXRef-%s-%s" % ("Recipe", d.getVar("PN"))
+
+
+def get_download_spdxid(d, idx):
+    return "SPDXRef-Download-%s-%d" % (d.getVar("PN"), idx)
+
+
+def get_package_spdxid(pkg):
+    return "SPDXRef-Package-%s" % pkg
+
+
+def get_source_file_spdxid(d, idx):
+    return "SPDXRef-SourceFile-%s-%d" % (d.getVar("PN"), idx)
+
+
+def get_packaged_file_spdxid(pkg, idx):
+    return "SPDXRef-PackagedFile-%s-%d" % (pkg, idx)
+
+
+def get_image_spdxid(img):
+    return "SPDXRef-Image-%s" % img
+
+
+def get_sdk_spdxid(sdk):
+    return "SPDXRef-SDK-%s" % sdk
+
+
+def _doc_path_by_namespace(spdx_deploy, arch, doc_namespace):
+    return spdx_deploy / "by-namespace" / arch / doc_namespace.replace("/", "_")
+
+
+def doc_find_by_namespace(spdx_deploy, search_arches, doc_namespace):
+    for pkgarch in search_arches:
+        p = _doc_path_by_namespace(spdx_deploy, pkgarch, doc_namespace)
+        if os.path.exists(p):
+            return p
+    return None
+
+
+def _doc_path_by_hashfn(spdx_deploy, arch, doc_name, hashfn):
+    return (
+        spdx_deploy / "by-hash" / arch / hashfn.split()[1] / (doc_name + ".spdx.json")
+    )
+
+
+def doc_find_by_hashfn(spdx_deploy, search_arches, doc_name, hashfn):
+    for pkgarch in search_arches:
+        p = _doc_path_by_hashfn(spdx_deploy, pkgarch, doc_name, hashfn)
+        if os.path.exists(p):
+            return p
+    return None
+
+
+def doc_path(spdx_deploy, doc_name, arch, subdir):
+    return spdx_deploy / arch / subdir / (doc_name + ".spdx.json")
+
+
+def write_doc(d, spdx_doc, arch, subdir, spdx_deploy=None, indent=None):
+    from pathlib import Path
+
+    if spdx_deploy is None:
+        spdx_deploy = Path(d.getVar("SPDXDEPLOY"))
+
+    dest = doc_path(spdx_deploy, spdx_doc.name, arch, subdir)
+    dest.parent.mkdir(exist_ok=True, parents=True)
+    with dest.open("wb") as f:
+        doc_sha1 = spdx_doc.to_json(f, sort_keys=True, indent=indent)
+
+    l = _doc_path_by_namespace(spdx_deploy, arch, spdx_doc.documentNamespace)
+    l.parent.mkdir(exist_ok=True, parents=True)
+    l.symlink_to(os.path.relpath(dest, l.parent))
+
+    l = _doc_path_by_hashfn(
+        spdx_deploy, arch, spdx_doc.name, d.getVar("BB_HASHFILENAME")
+    )
+    l.parent.mkdir(exist_ok=True, parents=True)
+    l.symlink_to(os.path.relpath(dest, l.parent))
+
+    return doc_sha1
+
+
+def read_doc(fn):
+    import hashlib
+    import oe.spdx
+    import io
+    import contextlib
+
+    @contextlib.contextmanager
+    def get_file():
+        if isinstance(fn, io.IOBase):
+            yield fn
+        else:
+            with fn.open("rb") as f:
+                yield f
+
+    with get_file() as f:
+        sha1 = hashlib.sha1()
+        while True:
+            chunk = f.read(4096)
+            if not chunk:
+                break
+            sha1.update(chunk)
+
+        f.seek(0)
+        doc = oe.spdx.SPDXDocument.from_json(f)
+
+    return (doc, sha1.hexdigest())
diff --git a/meta/lib/oe/sbom30.py b/meta/lib/oe/sbom30.py
new file mode 100644
index 0000000000..227ac51877
--- /dev/null
+++ b/meta/lib/oe/sbom30.py
@@ -0,0 +1,1096 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+
+from pathlib import Path
+
+import oe.spdx30
+import bb
+import re
+import hashlib
+import uuid
+import os
+import oe.spdx_common
+from datetime import datetime, timezone
+
+OE_SPDX_BASE = "https://rdf.openembedded.org/spdx/3.0/"
+
+VEX_VERSION = "1.0.0"
+
+SPDX_BUILD_TYPE = "http://openembedded.org/bitbake"
+
+OE_ALIAS_PREFIX = "http://spdxdocs.org/openembedded-alias/by-doc-hash/"
+OE_DOC_ALIAS_PREFIX = "http://spdxdocs.org/openembedded-alias/doc/"
+
+
+@oe.spdx30.register(OE_SPDX_BASE + "id-alias")
+class OEIdAliasExtension(oe.spdx30.extension_Extension):
+    """
+    This extension allows an Element to provide an internal alias for the SPDX
+    ID. Since SPDX requires unique URIs for each SPDX ID, most of the objects
+    created have a unique UUID namespace and the unihash of the task encoded in
+    their SPDX ID. However, this causes a problem for referencing documents
+    across recipes, since the taskhash of a dependency may not factor into the
+    taskhash of the current task and thus the current task won't rebuild and
+    see the new SPDX ID when the dependency changes (e.g. ABI safe recipes and
+    tasks).
+
+    To help work around this, this extension provides a non-unique alias for an
+    Element by which it can be referenced from other tasks/recipes. When a
+    final SBoM is created, references to these aliases will be replaced with
+    the actual unique SPDX ID.
+
+    Most Elements will automatically get an alias created when they are written
+    out if they do not already have one. To suppress the creation of an alias,
+    add an extension with a blank `alias` property.
+
+
+    It is in internal extension that should be removed when writing out a final
+    SBoM
+    """
+
+    CLOSED = True
+    INTERNAL = True
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        cls._add_property(
+            "alias",
+            oe.spdx30.StringProp(),
+            OE_SPDX_BASE + "alias",
+            max_count=1,
+        )
+
+        cls._add_property(
+            "link_name",
+            oe.spdx30.StringProp(),
+            OE_SPDX_BASE + "link-name",
+            max_count=1,
+        )
+
+
+@oe.spdx30.register(OE_SPDX_BASE + "file-name-alias")
+class OEFileNameAliasExtension(oe.spdx30.extension_Extension):
+    CLOSED = True
+    INTERNAL = True
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        cls._add_property(
+            "aliases",
+            oe.spdx30.ListProp(oe.spdx30.StringProp()),
+            OE_SPDX_BASE + "filename-alias",
+        )
+
+
+@oe.spdx30.register(OE_SPDX_BASE + "license-scanned")
+class OELicenseScannedExtension(oe.spdx30.extension_Extension):
+    """
+    The presence of this extension means the file has already been scanned for
+    license information
+    """
+
+    CLOSED = True
+    INTERNAL = True
+
+
+@oe.spdx30.register(OE_SPDX_BASE + "document-extension")
+class OEDocumentExtension(oe.spdx30.extension_Extension):
+    """
+    This extension is added to a SpdxDocument to indicate various useful bits
+    of information about its contents
+    """
+
+    CLOSED = True
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        cls._add_property(
+            "is_native",
+            oe.spdx30.BooleanProp(),
+            OE_SPDX_BASE + "is-native",
+            max_count=1,
+        )
+
+
+def spdxid_hash(*items):
+    h = hashlib.md5()
+    for i in items:
+        if isinstance(i, oe.spdx30.Element):
+            h.update(i._id.encode("utf-8"))
+        else:
+            h.update(i.encode("utf-8"))
+    return h.hexdigest()
+
+
+def spdx_sde(d):
+    sde = d.getVar("SOURCE_DATE_EPOCH")
+    if not sde:
+        return datetime.now(timezone.utc)
+
+    return datetime.fromtimestamp(int(sde), timezone.utc)
+
+
+def get_element_link_id(e):
+    """
+    Get the string ID which should be used to link to an Element. If the
+    element has an alias, that will be preferred, otherwise its SPDX ID will be
+    used.
+    """
+    ext = get_alias(e)
+    if ext is not None and ext.alias:
+        return ext.alias
+    return e._id
+
+
+def get_alias(obj):
+    for ext in obj.extension:
+        if not isinstance(ext, OEIdAliasExtension):
+            continue
+        return ext
+
+    return None
+
+
+def hash_id(_id):
+    return hashlib.sha256(_id.encode("utf-8")).hexdigest()
+
+
+def to_list(l):
+    if isinstance(l, set):
+        l = sorted(list(l))
+
+    if not isinstance(l, (list, tuple)):
+        raise TypeError("Must be a list or tuple. Got %s" % type(l))
+
+    return l
+
+
+class ObjectSet(oe.spdx30.SHACLObjectSet):
+    def __init__(self, d):
+        super().__init__()
+        self.d = d
+        self.alias_prefix = None
+
+    def create_index(self):
+        self.by_sha256_hash = {}
+        super().create_index()
+
+    def add_index(self, obj):
+        # Check that all elements are given an ID before being inserted
+        if isinstance(obj, oe.spdx30.Element):
+            if not obj._id:
+                raise ValueError("Element missing ID")
+
+            alias_ext = get_alias(obj)
+            if alias_ext is not None and alias_ext.alias:
+                self.obj_by_id[alias_ext.alias] = obj
+
+            for v in obj.verifiedUsing:
+                if not isinstance(v, oe.spdx30.Hash):
+                    continue
+
+                if v.algorithm != oe.spdx30.HashAlgorithm.sha256:
+                    continue
+
+                self.by_sha256_hash.setdefault(v.hashValue, set()).add(obj)
+
+        super().add_index(obj)
+        if isinstance(obj, oe.spdx30.SpdxDocument):
+            self.doc = obj
+            alias_ext = get_alias(obj)
+            if alias_ext is not None and alias_ext.alias:
+                self.alias_prefix = OE_ALIAS_PREFIX + hash_id(alias_ext.alias) + "/"
+
+    def __filter_obj(self, obj, attr_filter):
+        return all(getattr(obj, k) == v for k, v in attr_filter.items())
+
+    def foreach_filter(self, typ, *, match_subclass=True, **attr_filter):
+        for obj in self.foreach_type(typ, match_subclass=match_subclass):
+            if self.__filter_obj(obj, attr_filter):
+                yield obj
+
+    def find_filter(self, typ, *, match_subclass=True, **attr_filter):
+        for obj in self.foreach_filter(
+            typ, match_subclass=match_subclass, **attr_filter
+        ):
+            return obj
+        return None
+
+    def foreach_root(self, typ, **attr_filter):
+        for obj in self.doc.rootElement:
+            if not isinstance(obj, typ):
+                continue
+
+            if self.__filter_obj(obj, attr_filter):
+                yield obj
+
+    def find_root(self, typ, **attr_filter):
+        for obj in self.foreach_root(typ, **attr_filter):
+            return obj
+        return None
+
+    def add_root(self, obj):
+        self.add(obj)
+        self.doc.rootElement.append(obj)
+        return obj
+
+    def is_native(self):
+        for e in self.doc.extension:
+            if not isinstance(e, oe.sbom30.OEDocumentExtension):
+                continue
+
+            if e.is_native is not None:
+                return e.is_native
+
+        return False
+
+    def set_is_native(self, is_native):
+        for e in self.doc.extension:
+            if not isinstance(e, oe.sbom30.OEDocumentExtension):
+                continue
+
+            e.is_native = is_native
+            return
+
+        if is_native:
+            self.doc.extension.append(oe.sbom30.OEDocumentExtension(is_native=True))
+
+    def add_aliases(self):
+        for o in self.foreach_type(oe.spdx30.Element):
+            self.set_element_alias(o)
+
+    def new_alias_id(self, obj, replace):
+        unihash = self.d.getVar("BB_UNIHASH")
+        namespace = self.get_namespace()
+        if unihash not in obj._id:
+            bb.warn(f"Unihash {unihash} not found in {obj._id}")
+            return None
+
+        if namespace not in obj._id:
+            bb.warn(f"Namespace {namespace} not found in {obj._id}")
+            return None
+
+        return obj._id.replace(unihash, "UNIHASH").replace(
+            namespace, replace + self.d.getVar("PN")
+        )
+
+    def remove_internal_extensions(self):
+        def remove(o):
+            o.extension = [e for e in o.extension if not getattr(e, "INTERNAL", False)]
+
+        for o in self.foreach_type(oe.spdx30.Element):
+            remove(o)
+
+        if self.doc:
+            remove(self.doc)
+
+    def get_namespace(self):
+        namespace_uuid = uuid.uuid5(
+            uuid.NAMESPACE_DNS, self.d.getVar("SPDX_UUID_NAMESPACE")
+        )
+        pn = self.d.getVar("PN")
+        return "%s/%s-%s" % (
+            self.d.getVar("SPDX_NAMESPACE_PREFIX"),
+            pn,
+            str(uuid.uuid5(namespace_uuid, pn)),
+        )
+
+    def set_element_alias(self, e):
+        if not e._id or e._id.startswith("_:"):
+            return
+
+        alias_ext = get_alias(e)
+        if alias_ext is None:
+            alias_id = self.new_alias_id(e, self.alias_prefix)
+            if alias_id is not None:
+                e.extension.append(OEIdAliasExtension(alias=alias_id))
+        elif (
+            alias_ext.alias
+            and not isinstance(e, oe.spdx30.SpdxDocument)
+            and not alias_ext.alias.startswith(self.alias_prefix)
+        ):
+            bb.warn(
+                f"Element {e._id} has alias {alias_ext.alias}, but it should have prefix {self.alias_prefix}"
+            )
+
+    def new_spdxid(self, *suffix, include_unihash=True):
+        items = [self.get_namespace()]
+        if include_unihash:
+            unihash = self.d.getVar("BB_UNIHASH")
+            items.append(unihash)
+        items.extend(re.sub(r"[^a-zA-Z0-9_-]", "_", s) for s in suffix)
+        return "/".join(items)
+
+    def new_import(self, key):
+        base = f"SPDX_IMPORTS_{key}"
+        spdxid = self.d.getVar(f"{base}_spdxid")
+        if not spdxid:
+            bb.fatal(f"{key} is not a valid SPDX_IMPORTS key")
+
+        for i in self.doc.import_:
+            if i.externalSpdxId == spdxid:
+                # Already imported
+                return spdxid
+
+        m = oe.spdx30.ExternalMap(externalSpdxId=spdxid)
+
+        uri = self.d.getVar(f"{base}_uri")
+        if uri:
+            m.locationHint = uri
+
+        for pyname, algorithm in oe.spdx30.HashAlgorithm.NAMED_INDIVIDUALS.items():
+            value = self.d.getVar(f"{base}_hash_{pyname}")
+            if value:
+                m.verifiedUsing.append(
+                    oe.spdx30.Hash(
+                        algorithm=algorithm,
+                        hashValue=value,
+                    )
+                )
+
+        self.doc.import_.append(m)
+        return spdxid
+
+    def new_agent(self, varname, *, creation_info=None, add=True):
+        ref_varname = self.d.getVar(f"{varname}_ref")
+        if ref_varname:
+            if ref_varname == varname:
+                bb.fatal(f"{varname} cannot reference itself")
+            return self.new_agent(ref_varname, creation_info=creation_info)
+
+        import_key = self.d.getVar(f"{varname}_import")
+        if import_key:
+            return self.new_import(import_key)
+
+        name = self.d.getVar(f"{varname}_name")
+        if not name:
+            return None
+
+        spdxid = self.new_spdxid("agent", name)
+        agent = self.find_by_id(spdxid)
+        if agent is not None:
+            return agent
+
+        agent_type = self.d.getVar("%s_type" % varname)
+        if agent_type == "person":
+            agent = oe.spdx30.Person()
+        elif agent_type == "software":
+            agent = oe.spdx30.SoftwareAgent()
+        elif agent_type == "organization":
+            agent = oe.spdx30.Organization()
+        elif not agent_type or agent_type == "agent":
+            agent = oe.spdx30.Agent()
+        else:
+            bb.fatal("Unknown agent type '%s' in %s_type" % (agent_type, varname))
+
+        agent._id = spdxid
+        agent.creationInfo = creation_info or self.doc.creationInfo
+        agent.name = name
+
+        comment = self.d.getVar("%s_comment" % varname)
+        if comment:
+            agent.comment = comment
+
+        for (
+            pyname,
+            idtype,
+        ) in oe.spdx30.ExternalIdentifierType.NAMED_INDIVIDUALS.items():
+            value = self.d.getVar("%s_id_%s" % (varname, pyname))
+            if value:
+                agent.externalIdentifier.append(
+                    oe.spdx30.ExternalIdentifier(
+                        externalIdentifierType=idtype,
+                        identifier=value,
+                    )
+                )
+
+        if add:
+            self.add(agent)
+
+        return agent
+
+    def new_creation_info(self):
+        creation_info = oe.spdx30.CreationInfo()
+
+        name = "%s %s" % (
+            self.d.getVar("SPDX_TOOL_NAME"),
+            self.d.getVar("SPDX_TOOL_VERSION"),
+        )
+        tool = self.add(
+            oe.spdx30.Tool(
+                _id=self.new_spdxid("tool", name),
+                creationInfo=creation_info,
+                name=name,
+            )
+        )
+
+        authors = []
+        for a in self.d.getVar("SPDX_AUTHORS").split():
+            varname = "SPDX_AUTHORS_%s" % a
+            author = self.new_agent(varname, creation_info=creation_info)
+
+            if not author:
+                bb.fatal("Unable to find or create author %s" % a)
+
+            authors.append(author)
+
+        creation_info.created = spdx_sde(self.d)
+        creation_info.specVersion = self.d.getVar("SPDX_VERSION")
+        creation_info.createdBy = authors
+        creation_info.createdUsing = [tool]
+
+        return creation_info
+
+    def copy_creation_info(self, copy):
+        c = oe.spdx30.CreationInfo(
+            created=spdx_sde(self.d),
+            specVersion=self.d.getVar("SPDX_VERSION"),
+        )
+
+        for author in copy.createdBy:
+            if isinstance(author, str):
+                c.createdBy.append(author)
+            else:
+                c.createdBy.append(author._id)
+
+        for tool in copy.createdUsing:
+            if isinstance(tool, str):
+                c.createdUsing.append(tool)
+            else:
+                c.createdUsing.append(tool._id)
+
+        return c
+
+    def new_annotation(self, subject, comment, typ):
+        return self.add(
+            oe.spdx30.Annotation(
+                _id=self.new_spdxid("annotation", spdxid_hash(comment, typ)),
+                creationInfo=self.doc.creationInfo,
+                annotationType=typ,
+                subject=subject,
+                statement=comment,
+            )
+        )
+
+    def _new_relationship(
+        self,
+        cls,
+        from_,
+        typ,
+        to,
+        *,
+        spdxid_name="relationship",
+        **props,
+    ):
+        from_ = to_list(from_)
+        to = to_list(to)
+
+        if not from_:
+            return []
+
+        if not to:
+            to = [oe.spdx30.IndividualElement.NoneElement]
+
+        ret = []
+
+        for f in from_:
+            hash_args = [typ, f]
+            for k in sorted(props.keys()):
+                hash_args.append(props[k])
+            hash_args.extend(to)
+
+            relationship = self.add(
+                cls(
+                    _id=self.new_spdxid(spdxid_name, spdxid_hash(*hash_args)),
+                    creationInfo=self.doc.creationInfo,
+                    from_=f,
+                    relationshipType=typ,
+                    to=to,
+                    **props,
+                )
+            )
+            ret.append(relationship)
+
+        return ret
+
+    def new_relationship(self, from_, typ, to):
+        return self._new_relationship(oe.spdx30.Relationship, from_, typ, to)
+
+    def new_scoped_relationship(self, from_, typ, scope, to):
+        return self._new_relationship(
+            oe.spdx30.LifecycleScopedRelationship,
+            from_,
+            typ,
+            to,
+            scope=scope,
+        )
+
+    def new_license_expression(
+        self, license_expression, license_data, license_text_map={}
+    ):
+        license_list_version = license_data["licenseListVersion"]
+        # SPDX 3 requires that the license list version be a semver
+        # MAJOR.MINOR.MICRO, but the actual license version might be
+        # MAJOR.MINOR on some older versions. As such, manually append a .0
+        # micro version if its missing to keep SPDX happy
+        if license_list_version.count(".") < 2:
+            license_list_version += ".0"
+
+        spdxid = [
+            "license",
+            license_list_version,
+            re.sub(r"[^a-zA-Z0-9_-]", "_", license_expression),
+        ]
+
+        license_text = [
+            (k, license_text_map[k]) for k in sorted(license_text_map.keys())
+        ]
+
+        if not license_text:
+            lic = self.find_filter(
+                oe.spdx30.simplelicensing_LicenseExpression,
+                simplelicensing_licenseExpression=license_expression,
+                simplelicensing_licenseListVersion=license_list_version,
+            )
+            if lic is not None:
+                return lic
+        else:
+            spdxid.append(spdxid_hash(*(v for _, v in license_text)))
+            lic = self.find_by_id(self.new_spdxid(*spdxid))
+            if lic is not None:
+                return lic
+
+        lic = self.add(
+            oe.spdx30.simplelicensing_LicenseExpression(
+                _id=self.new_spdxid(*spdxid),
+                creationInfo=self.doc.creationInfo,
+                simplelicensing_licenseExpression=license_expression,
+                simplelicensing_licenseListVersion=license_list_version,
+            )
+        )
+
+        for key, value in license_text:
+            lic.simplelicensing_customIdToUri.append(
+                oe.spdx30.DictionaryEntry(key=key, value=value)
+            )
+
+        return lic
+
+    def scan_declared_licenses(self, spdx_file, filepath, license_data):
+        for e in spdx_file.extension:
+            if isinstance(e, OELicenseScannedExtension):
+                return
+
+        file_licenses = set()
+        for extracted_lic in oe.spdx_common.extract_licenses(filepath):
+            lic = self.new_license_expression(extracted_lic, license_data)
+            self.set_element_alias(lic)
+            file_licenses.add(lic)
+
+        self.new_relationship(
+            [spdx_file],
+            oe.spdx30.RelationshipType.hasDeclaredLicense,
+            [oe.sbom30.get_element_link_id(lic_alias) for lic_alias in file_licenses],
+        )
+        spdx_file.extension.append(OELicenseScannedExtension())
+
+    def new_file(self, _id, name, path, *, purposes=[]):
+        sha256_hash = bb.utils.sha256_file(path)
+
+        for f in self.by_sha256_hash.get(sha256_hash, []):
+            if not isinstance(f, oe.spdx30.software_File):
+                continue
+
+            if purposes:
+                new_primary = purposes[0]
+                new_additional = []
+
+                if f.software_primaryPurpose:
+                    new_additional.append(f.software_primaryPurpose)
+                new_additional.extend(f.software_additionalPurpose)
+
+                new_additional = sorted(
+                    list(set(p for p in new_additional if p != new_primary))
+                )
+
+                f.software_primaryPurpose = new_primary
+                f.software_additionalPurpose = new_additional
+
+            if f.name != name:
+                for e in f.extension:
+                    if isinstance(e, OEFileNameAliasExtension):
+                        e.aliases.append(name)
+                        break
+                else:
+                    f.extension.append(OEFileNameAliasExtension(aliases=[name]))
+
+            return f
+
+        spdx_file = oe.spdx30.software_File(
+            _id=_id,
+            creationInfo=self.doc.creationInfo,
+            name=name,
+        )
+        if purposes:
+            spdx_file.software_primaryPurpose = purposes[0]
+            spdx_file.software_additionalPurpose = purposes[1:]
+
+        spdx_file.verifiedUsing.append(
+            oe.spdx30.Hash(
+                algorithm=oe.spdx30.HashAlgorithm.sha256,
+                hashValue=sha256_hash,
+            )
+        )
+
+        return self.add(spdx_file)
+
+    def new_cve_vuln(self, cve):
+        v = oe.spdx30.security_Vulnerability()
+        v._id = self.new_spdxid("vulnerability", cve)
+        v.creationInfo = self.doc.creationInfo
+
+        v.externalIdentifier.append(
+            oe.spdx30.ExternalIdentifier(
+                externalIdentifierType=oe.spdx30.ExternalIdentifierType.cve,
+                identifier=cve,
+                identifierLocator=[
+                    f"https://cveawg.mitre.org/api/cve/{cve}",
+                    f"https://www.cve.org/CVERecord?id={cve}",
+                ],
+            )
+        )
+        return self.add(v)
+
+    def new_vex_patched_relationship(self, from_, to):
+        return self._new_relationship(
+            oe.spdx30.security_VexFixedVulnAssessmentRelationship,
+            from_,
+            oe.spdx30.RelationshipType.fixedIn,
+            to,
+            spdxid_name="vex-fixed",
+            security_vexVersion=VEX_VERSION,
+        )
+
+    def new_vex_unpatched_relationship(self, from_, to):
+        return self._new_relationship(
+            oe.spdx30.security_VexAffectedVulnAssessmentRelationship,
+            from_,
+            oe.spdx30.RelationshipType.affects,
+            to,
+            spdxid_name="vex-affected",
+            security_vexVersion=VEX_VERSION,
+            security_actionStatement="Mitigation action unknown",
+        )
+
+    def new_vex_ignored_relationship(self, from_, to, *, impact_statement):
+        return self._new_relationship(
+            oe.spdx30.security_VexNotAffectedVulnAssessmentRelationship,
+            from_,
+            oe.spdx30.RelationshipType.doesNotAffect,
+            to,
+            spdxid_name="vex-not-affected",
+            security_vexVersion=VEX_VERSION,
+            security_impactStatement=impact_statement,
+        )
+
+    def import_bitbake_build_objset(self):
+        deploy_dir_spdx = Path(self.d.getVar("DEPLOY_DIR_SPDX"))
+        bb_objset = load_jsonld(
+            self.d, deploy_dir_spdx / "bitbake.spdx.json", required=True
+        )
+        self.doc.import_.extend(bb_objset.doc.import_)
+        self.update(bb_objset.objects)
+
+        return bb_objset
+
+    def import_bitbake_build(self):
+        def find_bitbake_build(objset):
+            return objset.find_filter(
+                oe.spdx30.build_Build,
+                build_buildType=SPDX_BUILD_TYPE,
+            )
+
+        build = find_bitbake_build(self)
+        if build:
+            return build
+
+        bb_objset = self.import_bitbake_build_objset()
+        build = find_bitbake_build(bb_objset)
+        if build is None:
+            bb.fatal(f"No build found in {deploy_dir_spdx}")
+
+        return build
+
+    def new_task_build(self, name, typ):
+        current_task = self.d.getVar("BB_CURRENTTASK")
+        pn = self.d.getVar("PN")
+
+        build = self.add(
+            oe.spdx30.build_Build(
+                _id=self.new_spdxid("build", name),
+                creationInfo=self.doc.creationInfo,
+                name=f"{pn}:do_{current_task}:{name}",
+                build_buildType=f"{SPDX_BUILD_TYPE}/do_{current_task}/{typ}",
+            )
+        )
+
+        if self.d.getVar("SPDX_INCLUDE_BITBAKE_PARENT_BUILD") == "1":
+            bitbake_build = self.import_bitbake_build()
+
+            self.new_relationship(
+                [bitbake_build],
+                oe.spdx30.RelationshipType.ancestorOf,
+                [build],
+            )
+
+        if self.d.getVar("SPDX_INCLUDE_BUILD_VARIABLES") == "1":
+            for varname in sorted(self.d.keys()):
+                if varname.startswith("__"):
+                    continue
+
+                value = self.d.getVar(varname, expand=False)
+
+                # TODO: Deal with non-string values
+                if not isinstance(value, str):
+                    continue
+
+                build.build_parameter.append(
+                    oe.spdx30.DictionaryEntry(key=varname, value=value)
+                )
+
+        return build
+
+    def new_archive(self, archive_name):
+        return self.add(
+            oe.spdx30.software_File(
+                _id=self.new_spdxid("archive", str(archive_name)),
+                creationInfo=self.doc.creationInfo,
+                name=str(archive_name),
+                software_primaryPurpose=oe.spdx30.software_SoftwarePurpose.archive,
+            )
+        )
+
+    @classmethod
+    def new_objset(cls, d, name, copy_from_bitbake_doc=True):
+        objset = cls(d)
+
+        document = oe.spdx30.SpdxDocument(
+            _id=objset.new_spdxid("document", name),
+            name=name,
+        )
+
+        document.extension.append(
+            OEIdAliasExtension(
+                alias=objset.new_alias_id(
+                    document,
+                    OE_DOC_ALIAS_PREFIX + d.getVar("PN") + "/" + name + "/",
+                ),
+            )
+        )
+        objset.doc = document
+        objset.add_index(document)
+
+        if copy_from_bitbake_doc:
+            bb_objset = objset.import_bitbake_build_objset()
+            document.creationInfo = objset.copy_creation_info(
+                bb_objset.doc.creationInfo
+            )
+        else:
+            document.creationInfo = objset.new_creation_info()
+
+        return objset
+
+    def expand_collection(self, *, add_objectsets=[]):
+        """
+        Expands a collection to pull in all missing elements
+
+        Returns the set of ids that could not be found to link into the document
+        """
+        missing_spdxids = set()
+        imports = {e.externalSpdxId: e for e in self.doc.import_}
+
+        def merge_doc(other):
+            nonlocal imports
+
+            for e in other.doc.import_:
+                if not e.externalSpdxId in imports:
+                    imports[e.externalSpdxId] = e
+
+            self.objects |= other.objects
+
+        for o in add_objectsets:
+            merge_doc(o)
+
+        needed_spdxids = self.link()
+        provided_spdxids = set(self.obj_by_id.keys())
+
+        while True:
+            import_spdxids = set(imports.keys())
+            searching_spdxids = (
+                needed_spdxids - provided_spdxids - missing_spdxids - import_spdxids
+            )
+            if not searching_spdxids:
+                break
+
+            spdxid = searching_spdxids.pop()
+            bb.debug(
+                1,
+                f"Searching for {spdxid}. Remaining: {len(searching_spdxids)}, Total: {len(provided_spdxids)}, Missing: {len(missing_spdxids)}, Imports: {len(import_spdxids)}",
+            )
+            dep_objset, dep_path = find_by_spdxid(self.d, spdxid)
+
+            if dep_objset:
+                dep_provided = set(dep_objset.obj_by_id.keys())
+                if spdxid not in dep_provided:
+                    bb.fatal(f"{spdxid} not found in {dep_path}")
+                provided_spdxids |= dep_provided
+                needed_spdxids |= dep_objset.missing_ids
+                merge_doc(dep_objset)
+            else:
+                missing_spdxids.add(spdxid)
+
+        self.doc.import_ = sorted(imports.values(), key=lambda e: e.externalSpdxId)
+        bb.debug(1, "Linking...")
+        self.link()
+
+        # Manually go through all of the simplelicensing_customIdToUri DictionaryEntry
+        # items and resolve any aliases to actual objects.
+        for lic in self.foreach_type(oe.spdx30.simplelicensing_LicenseExpression):
+            for d in lic.simplelicensing_customIdToUri:
+                if d.value.startswith(OE_ALIAS_PREFIX):
+                    obj = self.find_by_id(d.value)
+                    if obj is not None:
+                        d.value = obj._id
+                    else:
+                        self.missing_ids.add(d.value)
+
+        self.missing_ids -= set(imports.keys())
+        return self.missing_ids
+
+
+def load_jsonld(d, path, required=False):
+    deserializer = oe.spdx30.JSONLDDeserializer()
+    objset = ObjectSet(d)
+    try:
+        with path.open("rb") as f:
+            deserializer.read(f, objset)
+    except FileNotFoundError:
+        if required:
+            bb.fatal("No SPDX document named %s found" % path)
+        return None
+
+    if not objset.doc:
+        bb.fatal("SPDX Document %s has no SPDXDocument element" % path)
+        return None
+
+    objset.objects.remove(objset.doc)
+    return objset
+
+
+def jsonld_arch_path(d, arch, subdir, name, deploydir=None):
+    if deploydir is None:
+        deploydir = Path(d.getVar("DEPLOY_DIR_SPDX"))
+    return deploydir / arch / subdir / (name + ".spdx.json")
+
+
+def jsonld_hash_path(h):
+    return Path("by-spdxid-hash") / h[:2], h
+
+
+def load_jsonld_by_arch(d, arch, subdir, name, *, required=False):
+    path = jsonld_arch_path(d, arch, subdir, name)
+    objset = load_jsonld(d, path, required=required)
+    if objset is not None:
+        return (objset, path)
+    return (None, None)
+
+
+def find_jsonld(d, subdir, name, *, required=False):
+    package_archs = d.getVar("SPDX_MULTILIB_SSTATE_ARCHS").split()
+    package_archs.reverse()
+
+    for arch in package_archs:
+        objset, path = load_jsonld_by_arch(d, arch, subdir, name)
+        if objset is not None:
+            return (objset, path)
+
+    if required:
+        bb.fatal("Could not find a %s SPDX document named %s" % (subdir, name))
+
+    return (None, None)
+
+
+def write_jsonld_doc(d, objset, dest):
+    if not isinstance(objset, ObjectSet):
+        bb.fatal("Only an ObjsetSet can be serialized")
+        return
+
+    if not objset.doc:
+        bb.fatal("ObjectSet is missing a SpdxDocument")
+        return
+
+    objset.doc.rootElement = sorted(list(set(objset.doc.rootElement)))
+    objset.doc.profileConformance = sorted(
+        list(
+            getattr(oe.spdx30.ProfileIdentifierType, p)
+            for p in d.getVar("SPDX_PROFILES").split()
+        )
+    )
+
+    dest.parent.mkdir(exist_ok=True, parents=True)
+
+    if d.getVar("SPDX_PRETTY") == "1":
+        serializer = oe.spdx30.JSONLDSerializer(
+            indent=2,
+        )
+    else:
+        serializer = oe.spdx30.JSONLDInlineSerializer()
+
+    objset.objects.add(objset.doc)
+    with dest.open("wb") as f:
+        serializer.write(objset, f, force_at_graph=True)
+    objset.objects.remove(objset.doc)
+
+
+def write_recipe_jsonld_doc(
+    d,
+    objset,
+    subdir,
+    deploydir,
+    *,
+    create_spdx_id_links=True,
+):
+    pkg_arch = d.getVar("SSTATE_PKGARCH")
+
+    dest = jsonld_arch_path(d, pkg_arch, subdir, objset.doc.name, deploydir=deploydir)
+
+    def link_id(_id):
+        hash_path = jsonld_hash_path(hash_id(_id))
+
+        link_name = jsonld_arch_path(
+            d,
+            pkg_arch,
+            *hash_path,
+            deploydir=deploydir,
+        )
+        try:
+            link_name.parent.mkdir(exist_ok=True, parents=True)
+            link_name.symlink_to(os.path.relpath(dest, link_name.parent))
+        except:
+            target = link_name.readlink()
+            bb.warn(
+                f"Unable to link {_id} in {dest} as {link_name}. Already points to {target}"
+            )
+            raise
+
+        return hash_path[-1]
+
+    objset.add_aliases()
+
+    try:
+        if create_spdx_id_links:
+            alias_ext = get_alias(objset.doc)
+            if alias_ext is not None and alias_ext.alias:
+                alias_ext.link_name = link_id(alias_ext.alias)
+
+    finally:
+        # It is really helpful for debugging if the JSON document is written
+        # out, so always do that even if there is an error making the links
+        write_jsonld_doc(d, objset, dest)
+
+
+def find_root_obj_in_jsonld(d, subdir, fn_name, obj_type, **attr_filter):
+    objset, fn = find_jsonld(d, subdir, fn_name, required=True)
+
+    spdx_obj = objset.find_root(obj_type, **attr_filter)
+    if not spdx_obj:
+        bb.fatal("No root %s found in %s" % (obj_type.__name__, fn))
+
+    return spdx_obj, objset
+
+
+def load_obj_in_jsonld(d, arch, subdir, fn_name, obj_type, **attr_filter):
+    objset, fn = load_jsonld_by_arch(d, arch, subdir, fn_name, required=True)
+
+    spdx_obj = objset.find_filter(obj_type, **attr_filter)
+    if not spdx_obj:
+        bb.fatal("No %s found in %s" % (obj_type.__name__, fn))
+
+    return spdx_obj, objset
+
+
+def find_by_spdxid(d, spdxid, *, required=False):
+    if spdxid.startswith(OE_ALIAS_PREFIX):
+        h = spdxid[len(OE_ALIAS_PREFIX) :].split("/", 1)[0]
+        return find_jsonld(d, *jsonld_hash_path(h), required=required)
+    return find_jsonld(d, *jsonld_hash_path(hash_id(spdxid)), required=required)
+
+
+def create_sbom(d, name, root_elements, add_objectsets=[]):
+    objset = ObjectSet.new_objset(d, name)
+
+    sbom = objset.add(
+        oe.spdx30.software_Sbom(
+            _id=objset.new_spdxid("sbom", name),
+            name=name,
+            creationInfo=objset.doc.creationInfo,
+            software_sbomType=[oe.spdx30.software_SbomType.build],
+            rootElement=root_elements,
+        )
+    )
+
+    missing_spdxids = objset.expand_collection(add_objectsets=add_objectsets)
+    if missing_spdxids:
+        bb.warn(
+            "The following SPDX IDs were unable to be resolved:\n  "
+            + "\n  ".join(sorted(list(missing_spdxids)))
+        )
+
+    # Filter out internal extensions from final SBoMs
+    objset.remove_internal_extensions()
+
+    # SBoM should be the only root element of the document
+    objset.doc.rootElement = [sbom]
+
+    # De-duplicate licenses
+    unique = set()
+    dedup = {}
+    for lic in objset.foreach_type(oe.spdx30.simplelicensing_LicenseExpression):
+        for u in unique:
+            if (
+                u.simplelicensing_licenseExpression
+                == lic.simplelicensing_licenseExpression
+                and u.simplelicensing_licenseListVersion
+                == lic.simplelicensing_licenseListVersion
+            ):
+                dedup[lic] = u
+                break
+        else:
+            unique.add(lic)
+
+    if dedup:
+        for rel in objset.foreach_filter(
+            oe.spdx30.Relationship,
+            relationshipType=oe.spdx30.RelationshipType.hasDeclaredLicense,
+        ):
+            rel.to = [dedup.get(to, to) for to in rel.to]
+
+        for rel in objset.foreach_filter(
+            oe.spdx30.Relationship,
+            relationshipType=oe.spdx30.RelationshipType.hasConcludedLicense,
+        ):
+            rel.to = [dedup.get(to, to) for to in rel.to]
+
+        for k, v in dedup.items():
+            bb.debug(1, f"Removing duplicate License {k._id} -> {v._id}")
+            objset.objects.remove(k)
+
+        objset.create_index()
+
+    return objset, sbom
diff --git a/meta/lib/oe/sdk.py b/meta/lib/oe/sdk.py
index 37b59afd1a..9fe0fbb752 100644
--- a/meta/lib/oe/sdk.py
+++ b/meta/lib/oe/sdk.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
@@ -68,7 +70,7 @@ class Sdk(object, metaclass=ABCMeta):
         #FIXME: using umbrella exc catching because bb.utils method raises it
         except Exception as e:
             bb.debug(1, "printing the stack trace\n %s" %traceback.format_exc())
-            bb.error("unable to place %s in final SDK location" % sourcefile)
+            bb.fatal("unable to place %s in final SDK location" % sourcefile)
 
     def mkdirhier(self, dirpath):
         try:
@@ -115,6 +117,10 @@ def sdk_list_installed_packages(d, target, rootfs_dir=None):
 
         rootfs_dir = [sdk_output, os.path.join(sdk_output, target_path)][target is True]
 
+    if target is False:
+        ipkgconf_sdk_target = d.getVar("IPKGCONF_SDK")
+        d.setVar("IPKGCONF_TARGET", ipkgconf_sdk_target)
+
     img_type = d.getVar('IMAGE_PKGTYPE')
     import importlib
     cls = importlib.import_module('oe.package_manager.' + img_type)
@@ -142,13 +148,11 @@ def get_extra_sdkinfo(sstate_dir):
     extra_info['filesizes'] = {}
     for root, _, files in os.walk(sstate_dir):
         for fn in files:
-            if fn.endswith('.tgz'):
+            # Note that this makes an assumption about the sstate filenames
+            if '.tar.' in fn and not fn.endswith('.siginfo'):
                 fsize = int(math.ceil(float(os.path.getsize(os.path.join(root, fn))) / 1024))
                 task = fn.rsplit(':',1)[1].split('_',1)[1].split(',')[0]
                 origtotal = extra_info['tasksizes'].get(task, 0)
                 extra_info['tasksizes'][task] = origtotal + fsize
                 extra_info['filesizes'][fn] = fsize
     return extra_info
-
-if __name__ == "__main__":
-    pass
diff --git a/meta/lib/oe/spdx.py b/meta/lib/oe/spdx.py
new file mode 100644
index 0000000000..7aaf2af5ed
--- /dev/null
+++ b/meta/lib/oe/spdx.py
@@ -0,0 +1,357 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+
+#
+# This library is intended to capture the JSON SPDX specification in a type
+# safe manner. It is not intended to encode any particular OE specific
+# behaviors, see the sbom.py for that.
+#
+# The documented SPDX spec document doesn't cover the JSON syntax for
+# particular configuration, which can make it hard to determine what the JSON
+# syntax should be. I've found it is actually much simpler to read the official
+# SPDX JSON schema which can be found here: https://github.com/spdx/spdx-spec
+# in schemas/spdx-schema.json
+#
+
+import hashlib
+import itertools
+import json
+
+SPDX_VERSION = "2.2"
+
+
+#
+# The following are the support classes that are used to implement SPDX object
+#
+
+class _Property(object):
+    """
+    A generic SPDX object property. The different types will derive from this
+    class
+    """
+
+    def __init__(self, *, default=None):
+        self.default = default
+
+    def setdefault(self, dest, name):
+        if self.default is not None:
+            dest.setdefault(name, self.default)
+
+
+class _String(_Property):
+    """
+    A scalar string property for an SPDX object
+    """
+
+    def __init__(self, **kwargs):
+        super().__init__(**kwargs)
+
+    def set_property(self, attrs, name):
+        def get_helper(obj):
+            return obj._spdx[name]
+
+        def set_helper(obj, value):
+            obj._spdx[name] = value
+
+        def del_helper(obj):
+            del obj._spdx[name]
+
+        attrs[name] = property(get_helper, set_helper, del_helper)
+
+    def init(self, source):
+        return source
+
+
+class _Object(_Property):
+    """
+    A scalar SPDX object property of a SPDX object
+    """
+
+    def __init__(self, cls, **kwargs):
+        super().__init__(**kwargs)
+        self.cls = cls
+
+    def set_property(self, attrs, name):
+        def get_helper(obj):
+            if not name in obj._spdx:
+                obj._spdx[name] = self.cls()
+            return obj._spdx[name]
+
+        def set_helper(obj, value):
+            obj._spdx[name] = value
+
+        def del_helper(obj):
+            del obj._spdx[name]
+
+        attrs[name] = property(get_helper, set_helper)
+
+    def init(self, source):
+        return self.cls(**source)
+
+
+class _ListProperty(_Property):
+    """
+    A list of SPDX properties
+    """
+
+    def __init__(self, prop, **kwargs):
+        super().__init__(**kwargs)
+        self.prop = prop
+
+    def set_property(self, attrs, name):
+        def get_helper(obj):
+            if not name in obj._spdx:
+                obj._spdx[name] = []
+            return obj._spdx[name]
+
+        def set_helper(obj, value):
+            obj._spdx[name] = list(value)
+
+        def del_helper(obj):
+            del obj._spdx[name]
+
+        attrs[name] = property(get_helper, set_helper, del_helper)
+
+    def init(self, source):
+        return [self.prop.init(o) for o in source]
+
+
+class _StringList(_ListProperty):
+    """
+    A list of strings as a property for an SPDX object
+    """
+
+    def __init__(self, **kwargs):
+        super().__init__(_String(), **kwargs)
+
+
+class _ObjectList(_ListProperty):
+    """
+    A list of SPDX objects as a property for an SPDX object
+    """
+
+    def __init__(self, cls, **kwargs):
+        super().__init__(_Object(cls), **kwargs)
+
+
+class MetaSPDXObject(type):
+    """
+    A metaclass that allows properties (anything derived from a _Property
+    class) to be defined for a SPDX object
+    """
+    def __new__(mcls, name, bases, attrs):
+        attrs["_properties"] = {}
+
+        for key in attrs.keys():
+            if isinstance(attrs[key], _Property):
+                prop = attrs[key]
+                attrs["_properties"][key] = prop
+                prop.set_property(attrs, key)
+
+        return super().__new__(mcls, name, bases, attrs)
+
+
+class SPDXObject(metaclass=MetaSPDXObject):
+    """
+    The base SPDX object; all SPDX spec classes must derive from this class
+    """
+    def __init__(self, **d):
+        self._spdx = {}
+
+        for name, prop in self._properties.items():
+            prop.setdefault(self._spdx, name)
+            if name in d:
+                self._spdx[name] = prop.init(d[name])
+
+    def serializer(self):
+        return self._spdx
+
+    def __setattr__(self, name, value):
+        if name in self._properties or name == "_spdx":
+            super().__setattr__(name, value)
+            return
+        raise KeyError("%r is not a valid SPDX property" % name)
+
+#
+# These are the SPDX objects implemented from the spec. The *only* properties
+# that can be added to these objects are ones directly specified in the SPDX
+# spec, however you may add helper functions to make operations easier.
+#
+# Defaults should *only* be specified if the SPDX spec says there is a certain
+# required value for a field (e.g. dataLicense), or if the field is mandatory
+# and has some sane "this field is unknown" (e.g. "NOASSERTION")
+#
+
+class SPDXAnnotation(SPDXObject):
+    annotationDate = _String()
+    annotationType = _String()
+    annotator = _String()
+    comment = _String()
+
+class SPDXChecksum(SPDXObject):
+    algorithm = _String()
+    checksumValue = _String()
+
+
+class SPDXRelationship(SPDXObject):
+    spdxElementId = _String()
+    relatedSpdxElement = _String()
+    relationshipType = _String()
+    comment = _String()
+    annotations = _ObjectList(SPDXAnnotation)
+
+
+class SPDXExternalReference(SPDXObject):
+    referenceCategory = _String()
+    referenceType = _String()
+    referenceLocator = _String()
+
+
+class SPDXPackageVerificationCode(SPDXObject):
+    packageVerificationCodeValue = _String()
+    packageVerificationCodeExcludedFiles = _StringList()
+
+
+class SPDXPackage(SPDXObject):
+    ALLOWED_CHECKSUMS = [
+        "SHA1",
+        "SHA224",
+        "SHA256",
+        "SHA384",
+        "SHA512",
+        "MD2",
+        "MD4",
+        "MD5",
+        "MD6",
+    ]
+
+    name = _String()
+    SPDXID = _String()
+    versionInfo = _String()
+    downloadLocation = _String(default="NOASSERTION")
+    supplier = _String(default="NOASSERTION")
+    homepage = _String()
+    licenseConcluded = _String(default="NOASSERTION")
+    licenseDeclared = _String(default="NOASSERTION")
+    summary = _String()
+    description = _String()
+    sourceInfo = _String()
+    copyrightText = _String(default="NOASSERTION")
+    licenseInfoFromFiles = _StringList(default=["NOASSERTION"])
+    externalRefs = _ObjectList(SPDXExternalReference)
+    packageVerificationCode = _Object(SPDXPackageVerificationCode)
+    hasFiles = _StringList()
+    packageFileName = _String()
+    annotations = _ObjectList(SPDXAnnotation)
+    checksums = _ObjectList(SPDXChecksum)
+
+
+class SPDXFile(SPDXObject):
+    SPDXID = _String()
+    fileName = _String()
+    licenseConcluded = _String(default="NOASSERTION")
+    copyrightText = _String(default="NOASSERTION")
+    licenseInfoInFiles = _StringList(default=["NOASSERTION"])
+    checksums = _ObjectList(SPDXChecksum)
+    fileTypes = _StringList()
+
+
+class SPDXCreationInfo(SPDXObject):
+    created = _String()
+    licenseListVersion = _String()
+    comment = _String()
+    creators = _StringList()
+
+
+class SPDXExternalDocumentRef(SPDXObject):
+    externalDocumentId = _String()
+    spdxDocument = _String()
+    checksum = _Object(SPDXChecksum)
+
+
+class SPDXExtractedLicensingInfo(SPDXObject):
+    name = _String()
+    comment = _String()
+    licenseId = _String()
+    extractedText = _String()
+
+
+class SPDXDocument(SPDXObject):
+    spdxVersion = _String(default="SPDX-" + SPDX_VERSION)
+    dataLicense = _String(default="CC0-1.0")
+    SPDXID = _String(default="SPDXRef-DOCUMENT")
+    name = _String()
+    documentNamespace = _String()
+    creationInfo = _Object(SPDXCreationInfo)
+    packages = _ObjectList(SPDXPackage)
+    files = _ObjectList(SPDXFile)
+    relationships = _ObjectList(SPDXRelationship)
+    externalDocumentRefs = _ObjectList(SPDXExternalDocumentRef)
+    hasExtractedLicensingInfos = _ObjectList(SPDXExtractedLicensingInfo)
+
+    def __init__(self, **d):
+        super().__init__(**d)
+
+    def to_json(self, f, *, sort_keys=False, indent=None, separators=None):
+        class Encoder(json.JSONEncoder):
+            def default(self, o):
+                if isinstance(o, SPDXObject):
+                    return o.serializer()
+
+                return super().default(o)
+
+        sha1 = hashlib.sha1()
+        for chunk in Encoder(
+            sort_keys=sort_keys,
+            indent=indent,
+            separators=separators,
+        ).iterencode(self):
+            chunk = chunk.encode("utf-8")
+            f.write(chunk)
+            sha1.update(chunk)
+
+        return sha1.hexdigest()
+
+    @classmethod
+    def from_json(cls, f):
+        return cls(**json.load(f))
+
+    def add_relationship(self, _from, relationship, _to, *, comment=None, annotation=None):
+        if isinstance(_from, SPDXObject):
+            from_spdxid = _from.SPDXID
+        else:
+            from_spdxid = _from
+
+        if isinstance(_to, SPDXObject):
+            to_spdxid = _to.SPDXID
+        else:
+            to_spdxid = _to
+
+        r = SPDXRelationship(
+            spdxElementId=from_spdxid,
+            relatedSpdxElement=to_spdxid,
+            relationshipType=relationship,
+        )
+
+        if comment is not None:
+            r.comment = comment
+
+        if annotation is not None:
+            r.annotations.append(annotation)
+
+        self.relationships.append(r)
+
+    def find_by_spdxid(self, spdxid):
+        for o in itertools.chain(self.packages, self.files):
+            if o.SPDXID == spdxid:
+                return o
+        return None
+
+    def find_external_document_ref(self, namespace):
+        for r in self.externalDocumentRefs:
+            if r.spdxDocument == namespace:
+                return r
+        return None
diff --git a/meta/lib/oe/spdx30.py b/meta/lib/oe/spdx30.py
new file mode 100644
index 0000000000..cd97eebd18
--- /dev/null
+++ b/meta/lib/oe/spdx30.py
@@ -0,0 +1,5593 @@
+#! /usr/bin/env python3
+#
+# Generated Python bindings from a SHACL model
+#
+# This file was automatically generated by shacl2code. DO NOT MANUALLY MODIFY IT
+#
+# SPDX-License-Identifier: MIT
+
+import functools
+import hashlib
+import json
+import re
+import sys
+import threading
+import time
+from contextlib import contextmanager
+from datetime import datetime, timezone, timedelta
+from enum import Enum
+from abc import ABC, abstractmethod
+
+
+def check_type(obj, types):
+    if not isinstance(obj, types):
+        if isinstance(types, (list, tuple)):
+            raise TypeError(
+                f"Value must be one of type: {', '.join(t.__name__ for t in types)}. Got {type(obj)}"
+            )
+        raise TypeError(f"Value must be of type {types.__name__}. Got {type(obj)}")
+
+
+class Property(ABC):
+    """
+    A generic SHACL object property. The different types will derive from this
+    class
+    """
+
+    def __init__(self, *, pattern=None):
+        self.pattern = pattern
+
+    def init(self):
+        return None
+
+    def validate(self, value):
+        check_type(value, self.VALID_TYPES)
+        if self.pattern is not None and not re.search(
+            self.pattern, self.to_string(value)
+        ):
+            raise ValueError(
+                f"Value is not correctly formatted. Got '{self.to_string(value)}'"
+            )
+
+    def set(self, value):
+        return value
+
+    def check_min_count(self, value, min_count):
+        return min_count == 1
+
+    def check_max_count(self, value, max_count):
+        return max_count == 1
+
+    def elide(self, value):
+        return value is None
+
+    def walk(self, value, callback, path):
+        callback(value, path)
+
+    def iter_objects(self, value, recursive, visited):
+        return []
+
+    def link_prop(self, value, objectset, missing, visited):
+        return value
+
+    def to_string(self, value):
+        return str(value)
+
+    @abstractmethod
+    def encode(self, encoder, value, state):
+        pass
+
+    @abstractmethod
+    def decode(self, decoder, *, objectset=None):
+        pass
+
+
+class StringProp(Property):
+    """
+    A scalar string property for an SHACL object
+    """
+
+    VALID_TYPES = str
+
+    def set(self, value):
+        return str(value)
+
+    def encode(self, encoder, value, state):
+        encoder.write_string(value)
+
+    def decode(self, decoder, *, objectset=None):
+        return decoder.read_string()
+
+
+class AnyURIProp(StringProp):
+    def encode(self, encoder, value, state):
+        encoder.write_iri(value)
+
+    def decode(self, decoder, *, objectset=None):
+        return decoder.read_iri()
+
+
+class DateTimeProp(Property):
+    """
+    A Date/Time Object with optional timezone
+    """
+
+    VALID_TYPES = datetime
+    UTC_FORMAT_STR = "%Y-%m-%dT%H:%M:%SZ"
+    REGEX = r"^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}(Z|[+-]\d{2}:\d{2})?$"
+
+    def set(self, value):
+        return self._normalize(value)
+
+    def encode(self, encoder, value, state):
+        encoder.write_datetime(self.to_string(value))
+
+    def decode(self, decoder, *, objectset=None):
+        s = decoder.read_datetime()
+        if s is None:
+            return None
+        v = self.from_string(s)
+        return self._normalize(v)
+
+    def _normalize(self, value):
+        if value.utcoffset() is None:
+            value = value.astimezone()
+        offset = value.utcoffset()
+        seconds = offset % timedelta(minutes=-1 if offset.total_seconds() < 0 else 1)
+        if seconds:
+            offset = offset - seconds
+            value = value.replace(tzinfo=timezone(offset))
+        value = value.replace(microsecond=0)
+        return value
+
+    def to_string(self, value):
+        value = self._normalize(value)
+        if value.tzinfo == timezone.utc:
+            return value.strftime(self.UTC_FORMAT_STR)
+        return value.isoformat()
+
+    def from_string(self, value):
+        if not re.match(self.REGEX, value):
+            raise ValueError(f"'{value}' is not a correctly formatted datetime")
+        if "Z" in value:
+            d = datetime(
+                *(time.strptime(value, self.UTC_FORMAT_STR)[0:6]),
+                tzinfo=timezone.utc,
+            )
+        else:
+            d = datetime.fromisoformat(value)
+
+        return self._normalize(d)
+
+
+class DateTimeStampProp(DateTimeProp):
+    """
+    A Date/Time Object with required timestamp
+    """
+
+    REGEX = r"^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}(Z|[+-]\d{2}:\d{2})$"
+
+
+class IntegerProp(Property):
+    VALID_TYPES = int
+
+    def set(self, value):
+        return int(value)
+
+    def encode(self, encoder, value, state):
+        encoder.write_integer(value)
+
+    def decode(self, decoder, *, objectset=None):
+        return decoder.read_integer()
+
+
+class PositiveIntegerProp(IntegerProp):
+    def validate(self, value):
+        super().validate(value)
+        if value < 1:
+            raise ValueError(f"Value must be >=1. Got {value}")
+
+
+class NonNegativeIntegerProp(IntegerProp):
+    def validate(self, value):
+        super().validate(value)
+        if value < 0:
+            raise ValueError(f"Value must be >= 0. Got {value}")
+
+
+class BooleanProp(Property):
+    VALID_TYPES = bool
+
+    def set(self, value):
+        return bool(value)
+
+    def encode(self, encoder, value, state):
+        encoder.write_bool(value)
+
+    def decode(self, decoder, *, objectset=None):
+        return decoder.read_bool()
+
+
+class FloatProp(Property):
+    VALID_TYPES = (float, int)
+
+    def set(self, value):
+        return float(value)
+
+    def encode(self, encoder, value, state):
+        encoder.write_float(value)
+
+    def decode(self, decoder, *, objectset=None):
+        return decoder.read_float()
+
+
+class IRIProp(Property):
+    def __init__(self, context=[], *, pattern=None):
+        super().__init__(pattern=pattern)
+        self.context = context
+
+    def compact(self, value):
+        for iri, compact in self.context:
+            if value == iri:
+                return compact
+        return None
+
+    def expand(self, value):
+        for iri, compact in self.context:
+            if value == compact:
+                return iri
+        return None
+
+    def iri_values(self):
+        return (iri for iri, _ in self.context)
+
+
+class ObjectProp(IRIProp):
+    """
+    A scalar SHACL object property of a SHACL object
+    """
+
+    def __init__(self, cls, required, context=[]):
+        super().__init__(context)
+        self.cls = cls
+        self.required = required
+
+    def init(self):
+        if self.required and not self.cls.IS_ABSTRACT:
+            return self.cls()
+        return None
+
+    def validate(self, value):
+        check_type(value, (self.cls, str))
+
+    def walk(self, value, callback, path):
+        if value is None:
+            return
+
+        if not isinstance(value, str):
+            value.walk(callback, path)
+        else:
+            callback(value, path)
+
+    def iter_objects(self, value, recursive, visited):
+        if value is None or isinstance(value, str):
+            return
+
+        if value not in visited:
+            visited.add(value)
+            yield value
+
+            if recursive:
+                for c in value.iter_objects(recursive=True, visited=visited):
+                    yield c
+
+    def encode(self, encoder, value, state):
+        if value is None:
+            raise ValueError("Object cannot be None")
+
+        if isinstance(value, str):
+            encoder.write_iri(value, self.compact(value))
+            return
+
+        return value.encode(encoder, state)
+
+    def decode(self, decoder, *, objectset=None):
+        iri = decoder.read_iri()
+        if iri is None:
+            return self.cls.decode(decoder, objectset=objectset)
+
+        iri = self.expand(iri) or iri
+
+        if objectset is None:
+            return iri
+
+        obj = objectset.find_by_id(iri)
+        if obj is None:
+            return iri
+
+        self.validate(obj)
+        return obj
+
+    def link_prop(self, value, objectset, missing, visited):
+        if value is None:
+            return value
+
+        if isinstance(value, str):
+            o = objectset.find_by_id(value)
+            if o is not None:
+                self.validate(o)
+                return o
+
+            if missing is not None:
+                missing.add(value)
+
+            return value
+
+        # De-duplicate IDs
+        if value._id:
+            value = objectset.find_by_id(value._id, value)
+            self.validate(value)
+
+        value.link_helper(objectset, missing, visited)
+        return value
+
+
+class ListProxy(object):
+    def __init__(self, prop, data=None):
+        if data is None:
+            self.__data = []
+        else:
+            self.__data = data
+        self.__prop = prop
+
+    def append(self, value):
+        self.__prop.validate(value)
+        self.__data.append(self.__prop.set(value))
+
+    def insert(self, idx, value):
+        self.__prop.validate(value)
+        self.__data.insert(idx, self.__prop.set(value))
+
+    def extend(self, items):
+        for i in items:
+            self.append(i)
+
+    def sort(self, *args, **kwargs):
+        self.__data.sort(*args, **kwargs)
+
+    def __getitem__(self, key):
+        return self.__data[key]
+
+    def __setitem__(self, key, value):
+        if isinstance(key, slice):
+            for v in value:
+                self.__prop.validate(v)
+            self.__data[key] = [self.__prop.set(v) for v in value]
+        else:
+            self.__prop.validate(value)
+            self.__data[key] = self.__prop.set(value)
+
+    def __delitem__(self, key):
+        del self.__data[key]
+
+    def __contains__(self, item):
+        return item in self.__data
+
+    def __iter__(self):
+        return iter(self.__data)
+
+    def __len__(self):
+        return len(self.__data)
+
+    def __str__(self):
+        return str(self.__data)
+
+    def __repr__(self):
+        return repr(self.__data)
+
+    def __eq__(self, other):
+        if isinstance(other, ListProxy):
+            return self.__data == other.__data
+
+        return self.__data == other
+
+
+class ListProp(Property):
+    """
+    A list of SHACL properties
+    """
+
+    VALID_TYPES = (list, ListProxy)
+
+    def __init__(self, prop):
+        super().__init__()
+        self.prop = prop
+
+    def init(self):
+        return ListProxy(self.prop)
+
+    def validate(self, value):
+        super().validate(value)
+
+        for i in value:
+            self.prop.validate(i)
+
+    def set(self, value):
+        if isinstance(value, ListProxy):
+            return value
+
+        return ListProxy(self.prop, [self.prop.set(d) for d in value])
+
+    def check_min_count(self, value, min_count):
+        check_type(value, ListProxy)
+        return len(value) >= min_count
+
+    def check_max_count(self, value, max_count):
+        check_type(value, ListProxy)
+        return len(value) <= max_count
+
+    def elide(self, value):
+        check_type(value, ListProxy)
+        return len(value) == 0
+
+    def walk(self, value, callback, path):
+        callback(value, path)
+        for idx, v in enumerate(value):
+            self.prop.walk(v, callback, path + [f"[{idx}]"])
+
+    def iter_objects(self, value, recursive, visited):
+        for v in value:
+            for c in self.prop.iter_objects(v, recursive, visited):
+                yield c
+
+    def link_prop(self, value, objectset, missing, visited):
+        if isinstance(value, ListProxy):
+            data = [self.prop.link_prop(v, objectset, missing, visited) for v in value]
+        else:
+            data = [self.prop.link_prop(v, objectset, missing, visited) for v in value]
+
+        return ListProxy(self.prop, data=data)
+
+    def encode(self, encoder, value, state):
+        check_type(value, ListProxy)
+
+        with encoder.write_list() as list_s:
+            for v in value:
+                with list_s.write_list_item() as item_s:
+                    self.prop.encode(item_s, v, state)
+
+    def decode(self, decoder, *, objectset=None):
+        data = []
+        for val_d in decoder.read_list():
+            v = self.prop.decode(val_d, objectset=objectset)
+            self.prop.validate(v)
+            data.append(v)
+
+        return ListProxy(self.prop, data=data)
+
+
+class EnumProp(IRIProp):
+    VALID_TYPES = str
+
+    def __init__(self, values, *, pattern=None):
+        super().__init__(values, pattern=pattern)
+
+    def validate(self, value):
+        super().validate(value)
+
+        valid_values = self.iri_values()
+        if value not in valid_values:
+            raise ValueError(
+                f"'{value}' is not a valid value. Choose one of {' '.join(valid_values)}"
+            )
+
+    def encode(self, encoder, value, state):
+        encoder.write_enum(value, self, self.compact(value))
+
+    def decode(self, decoder, *, objectset=None):
+        v = decoder.read_enum(self)
+        return self.expand(v) or v
+
+
+class NodeKind(Enum):
+    BlankNode = 1
+    IRI = 2
+    BlankNodeOrIRI = 3
+
+
+def is_IRI(s):
+    if not isinstance(s, str):
+        return False
+    if s.startswith("_:"):
+        return False
+    if ":" not in s:
+        return False
+    return True
+
+
+def is_blank_node(s):
+    if not isinstance(s, str):
+        return False
+    if not s.startswith("_:"):
+        return False
+    return True
+
+
+def register(type_iri, *, compact_type=None, abstract=False):
+    def add_class(key, c):
+        assert (
+            key not in SHACLObject.CLASSES
+        ), f"{key} already registered to {SHACLObject.CLASSES[key].__name__}"
+        SHACLObject.CLASSES[key] = c
+
+    def decorator(c):
+        global NAMED_INDIVIDUALS
+
+        assert issubclass(
+            c, SHACLObject
+        ), f"{c.__name__} is not derived from SHACLObject"
+
+        c._OBJ_TYPE = type_iri
+        c.IS_ABSTRACT = abstract
+        add_class(type_iri, c)
+
+        c._OBJ_COMPACT_TYPE = compact_type
+        if compact_type:
+            add_class(compact_type, c)
+
+        NAMED_INDIVIDUALS |= set(c.NAMED_INDIVIDUALS.values())
+
+        # Registration is deferred until the first instance of class is created
+        # so that it has access to any other defined class
+        c._NEEDS_REG = True
+        return c
+
+    return decorator
+
+
+register_lock = threading.Lock()
+NAMED_INDIVIDUALS = set()
+
+
+@functools.total_ordering
+class SHACLObject(object):
+    CLASSES = {}
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    ID_ALIAS = None
+    IS_ABSTRACT = True
+
+    def __init__(self, **kwargs):
+        if self._is_abstract():
+            raise NotImplementedError(
+                f"{self.__class__.__name__} is abstract and cannot be implemented"
+            )
+
+        with register_lock:
+            cls = self.__class__
+            if cls._NEEDS_REG:
+                cls._OBJ_PROPERTIES = {}
+                cls._OBJ_IRIS = {}
+                cls._register_props()
+                cls._NEEDS_REG = False
+
+        self.__dict__["_obj_data"] = {}
+        self.__dict__["_obj_metadata"] = {}
+
+        for iri, prop, _, _, _, _ in self.__iter_props():
+            self.__dict__["_obj_data"][iri] = prop.init()
+
+        for k, v in kwargs.items():
+            setattr(self, k, v)
+
+    def _is_abstract(self):
+        return self.__class__.IS_ABSTRACT
+
+    @classmethod
+    def _register_props(cls):
+        cls._add_property("_id", StringProp(), iri="@id")
+
+    @classmethod
+    def _add_property(
+        cls,
+        pyname,
+        prop,
+        iri,
+        min_count=None,
+        max_count=None,
+        compact=None,
+    ):
+        if pyname in cls._OBJ_IRIS:
+            raise KeyError(f"'{pyname}' is already defined for '{cls.__name__}'")
+        if iri in cls._OBJ_PROPERTIES:
+            raise KeyError(f"'{iri}' is already defined for '{cls.__name__}'")
+
+        while hasattr(cls, pyname):
+            pyname = pyname + "_"
+
+        pyname = sys.intern(pyname)
+        iri = sys.intern(iri)
+
+        cls._OBJ_IRIS[pyname] = iri
+        cls._OBJ_PROPERTIES[iri] = (prop, min_count, max_count, pyname, compact)
+
+    def __setattr__(self, name, value):
+        if name == self.ID_ALIAS:
+            self["@id"] = value
+            return
+
+        try:
+            iri = self._OBJ_IRIS[name]
+            self[iri] = value
+        except KeyError:
+            raise AttributeError(
+                f"'{name}' is not a valid property of {self.__class__.__name__}"
+            )
+
+    def __getattr__(self, name):
+        if name in self._OBJ_IRIS:
+            return self.__dict__["_obj_data"][self._OBJ_IRIS[name]]
+
+        if name == self.ID_ALIAS:
+            return self.__dict__["_obj_data"]["@id"]
+
+        if name == "_metadata":
+            return self.__dict__["_obj_metadata"]
+
+        if name == "_IRI":
+            return self._OBJ_IRIS
+
+        if name == "TYPE":
+            return self.__class__._OBJ_TYPE
+
+        if name == "COMPACT_TYPE":
+            return self.__class__._OBJ_COMPACT_TYPE
+
+        raise AttributeError(
+            f"'{name}' is not a valid property of {self.__class__.__name__}"
+        )
+
+    def __delattr__(self, name):
+        if name == self.ID_ALIAS:
+            del self["@id"]
+            return
+
+        try:
+            iri = self._OBJ_IRIS[name]
+            del self[iri]
+        except KeyError:
+            raise AttributeError(
+                f"'{name}' is not a valid property of {self.__class__.__name__}"
+            )
+
+    def __get_prop(self, iri):
+        if iri not in self._OBJ_PROPERTIES:
+            raise KeyError(
+                f"'{iri}' is not a valid property of {self.__class__.__name__}"
+            )
+
+        return self._OBJ_PROPERTIES[iri]
+
+    def __iter_props(self):
+        for iri, v in self._OBJ_PROPERTIES.items():
+            yield iri, *v
+
+    def __getitem__(self, iri):
+        return self.__dict__["_obj_data"][iri]
+
+    def __setitem__(self, iri, value):
+        if iri == "@id":
+            if self.NODE_KIND == NodeKind.BlankNode:
+                if not is_blank_node(value):
+                    raise ValueError(
+                        f"{self.__class__.__name__} ({id(self)}) can only have local reference. Property '{iri}' cannot be set to '{value}' and must start with '_:'"
+                    )
+            elif self.NODE_KIND == NodeKind.IRI:
+                if not is_IRI(value):
+                    raise ValueError(
+                        f"{self.__class__.__name__} ({id(self)}) can only have an IRI value. Property '{iri}' cannot be set to '{value}'"
+                    )
+            else:
+                if not is_blank_node(value) and not is_IRI(value):
+                    raise ValueError(
+                        f"{self.__class__.__name__} ({id(self)}) Has invalid Property '{iri}' '{value}'. Must be a blank node or IRI"
+                    )
+
+        prop, _, _, _, _ = self.__get_prop(iri)
+        prop.validate(value)
+        self.__dict__["_obj_data"][iri] = prop.set(value)
+
+    def __delitem__(self, iri):
+        prop, _, _, _, _ = self.__get_prop(iri)
+        self.__dict__["_obj_data"][iri] = prop.init()
+
+    def __iter__(self):
+        return self._OBJ_PROPERTIES.keys()
+
+    def walk(self, callback, path=None):
+        """
+        Walk object tree, invoking the callback for each item
+
+        Callback has the form:
+
+        def callback(object, path):
+        """
+        if path is None:
+            path = ["."]
+
+        if callback(self, path):
+            for iri, prop, _, _, _, _ in self.__iter_props():
+                prop.walk(self.__dict__["_obj_data"][iri], callback, path + [f".{iri}"])
+
+    def property_keys(self):
+        for iri, _, _, _, pyname, compact in self.__iter_props():
+            if iri == "@id":
+                compact = self.ID_ALIAS
+            yield pyname, iri, compact
+
+    def iter_objects(self, *, recursive=False, visited=None):
+        """
+        Iterate of all objects that are a child of this one
+        """
+        if visited is None:
+            visited = set()
+
+        for iri, prop, _, _, _, _ in self.__iter_props():
+            for c in prop.iter_objects(
+                self.__dict__["_obj_data"][iri], recursive=recursive, visited=visited
+            ):
+                yield c
+
+    def encode(self, encoder, state):
+        idname = self.ID_ALIAS or self._OBJ_IRIS["_id"]
+        if not self._id and self.NODE_KIND == NodeKind.IRI:
+            raise ValueError(
+                f"{self.__class__.__name__} ({id(self)}) must have a IRI for property '{idname}'"
+            )
+
+        if state.is_written(self):
+            encoder.write_iri(state.get_object_id(self))
+            return
+
+        state.add_written(self)
+
+        with encoder.write_object(
+            self,
+            state.get_object_id(self),
+            bool(self._id) or state.is_refed(self),
+        ) as obj_s:
+            self._encode_properties(obj_s, state)
+
+    def _encode_properties(self, encoder, state):
+        for iri, prop, min_count, max_count, pyname, compact in self.__iter_props():
+            value = self.__dict__["_obj_data"][iri]
+            if prop.elide(value):
+                if min_count:
+                    raise ValueError(
+                        f"Property '{pyname}' in {self.__class__.__name__} ({id(self)}) is required (currently {value!r})"
+                    )
+                continue
+
+            if min_count is not None:
+                if not prop.check_min_count(value, min_count):
+                    raise ValueError(
+                        f"Property '{pyname}' in {self.__class__.__name__} ({id(self)}) requires a minimum of {min_count} elements"
+                    )
+
+            if max_count is not None:
+                if not prop.check_max_count(value, max_count):
+                    raise ValueError(
+                        f"Property '{pyname}' in {self.__class__.__name__} ({id(self)}) requires a maximum of {max_count} elements"
+                    )
+
+            if iri == self._OBJ_IRIS["_id"]:
+                continue
+
+            with encoder.write_property(iri, compact) as prop_s:
+                prop.encode(prop_s, value, state)
+
+    @classmethod
+    def _make_object(cls, typ):
+        if typ not in cls.CLASSES:
+            raise TypeError(f"Unknown type {typ}")
+
+        return cls.CLASSES[typ]()
+
+    @classmethod
+    def decode(cls, decoder, *, objectset=None):
+        typ, obj_d = decoder.read_object()
+        if typ is None:
+            raise TypeError("Unable to determine type for object")
+
+        obj = cls._make_object(typ)
+        for key in (obj.ID_ALIAS, obj._OBJ_IRIS["_id"]):
+            with obj_d.read_property(key) as prop_d:
+                if prop_d is None:
+                    continue
+
+                _id = prop_d.read_iri()
+                if _id is None:
+                    raise TypeError(f"Object key '{key}' is the wrong type")
+
+                obj._id = _id
+                break
+
+        if obj.NODE_KIND == NodeKind.IRI and not obj._id:
+            raise ValueError("Object is missing required IRI")
+
+        if objectset is not None:
+            if obj._id:
+                v = objectset.find_by_id(_id)
+                if v is not None:
+                    return v
+
+        obj._decode_properties(obj_d, objectset=objectset)
+
+        if objectset is not None:
+            objectset.add_index(obj)
+        return obj
+
+    def _decode_properties(self, decoder, objectset=None):
+        for key in decoder.object_keys():
+            if not self._decode_prop(decoder, key, objectset=objectset):
+                raise KeyError(f"Unknown property '{key}'")
+
+    def _decode_prop(self, decoder, key, objectset=None):
+        if key in (self._OBJ_IRIS["_id"], self.ID_ALIAS):
+            return True
+
+        for iri, prop, _, _, _, compact in self.__iter_props():
+            if compact == key:
+                read_key = compact
+            elif iri == key:
+                read_key = iri
+            else:
+                continue
+
+            with decoder.read_property(read_key) as prop_d:
+                v = prop.decode(prop_d, objectset=objectset)
+                prop.validate(v)
+                self.__dict__["_obj_data"][iri] = v
+            return True
+
+        return False
+
+    def link_helper(self, objectset, missing, visited):
+        if self in visited:
+            return
+
+        visited.add(self)
+
+        for iri, prop, _, _, _, _ in self.__iter_props():
+            self.__dict__["_obj_data"][iri] = prop.link_prop(
+                self.__dict__["_obj_data"][iri],
+                objectset,
+                missing,
+                visited,
+            )
+
+    def __str__(self):
+        parts = [
+            f"{self.__class__.__name__}(",
+        ]
+        if self._id:
+            parts.append(f"@id='{self._id}'")
+        parts.append(")")
+        return "".join(parts)
+
+    def __hash__(self):
+        return super().__hash__()
+
+    def __eq__(self, other):
+        return super().__eq__(other)
+
+    def __lt__(self, other):
+        def sort_key(obj):
+            if isinstance(obj, str):
+                return (obj, "", "", "")
+            return (
+                obj._id or "",
+                obj.TYPE,
+                getattr(obj, "name", None) or "",
+                id(obj),
+            )
+
+        return sort_key(self) < sort_key(other)
+
+
+class SHACLExtensibleObject(object):
+    CLOSED = False
+
+    def __init__(self, typ=None, **kwargs):
+        if typ:
+            self.__dict__["_obj_TYPE"] = (typ, None)
+        else:
+            self.__dict__["_obj_TYPE"] = (self._OBJ_TYPE, self._OBJ_COMPACT_TYPE)
+        super().__init__(**kwargs)
+
+    def _is_abstract(self):
+        # Unknown classes are assumed to not be abstract so that they can be
+        # deserialized
+        typ = self.__dict__["_obj_TYPE"][0]
+        if typ in self.__class__.CLASSES:
+            return self.__class__.CLASSES[typ].IS_ABSTRACT
+
+        return False
+
+    @classmethod
+    def _make_object(cls, typ):
+        # Check for a known type, and if so, deserialize as that instead
+        if typ in cls.CLASSES:
+            return cls.CLASSES[typ]()
+
+        obj = cls(typ)
+        return obj
+
+    def _decode_properties(self, decoder, objectset=None):
+        def decode_value(d):
+            if not d.is_list():
+                return d.read_value()
+
+            return [decode_value(val_d) for val_d in d.read_list()]
+
+        if self.CLOSED:
+            super()._decode_properties(decoder, objectset=objectset)
+            return
+
+        for key in decoder.object_keys():
+            if self._decode_prop(decoder, key, objectset=objectset):
+                continue
+
+            if not is_IRI(key):
+                raise KeyError(
+                    f"Extensible object properties must be IRIs. Got '{key}'"
+                )
+
+            with decoder.read_property(key) as prop_d:
+                self.__dict__["_obj_data"][key] = decode_value(prop_d)
+
+    def _encode_properties(self, encoder, state):
+        def encode_value(encoder, v):
+            if isinstance(v, bool):
+                encoder.write_bool(v)
+            elif isinstance(v, str):
+                encoder.write_string(v)
+            elif isinstance(v, int):
+                encoder.write_integer(v)
+            elif isinstance(v, float):
+                encoder.write_float(v)
+            elif isinstance(v, list):
+                with encoder.write_list() as list_s:
+                    for i in v:
+                        with list_s.write_list_item() as item_s:
+                            encode_value(item_s, i)
+            else:
+                raise TypeError(
+                    f"Unsupported serialized type {type(v)} with value '{v}'"
+                )
+
+        super()._encode_properties(encoder, state)
+        if self.CLOSED:
+            return
+
+        for iri, value in self.__dict__["_obj_data"].items():
+            if iri in self._OBJ_PROPERTIES:
+                continue
+
+            with encoder.write_property(iri) as prop_s:
+                encode_value(prop_s, value)
+
+    def __setitem__(self, iri, value):
+        try:
+            super().__setitem__(iri, value)
+        except KeyError:
+            if self.CLOSED:
+                raise
+
+            if not is_IRI(iri):
+                raise KeyError(f"Key '{iri}' must be an IRI")
+            self.__dict__["_obj_data"][iri] = value
+
+    def __delitem__(self, iri):
+        try:
+            super().__delitem__(iri)
+        except KeyError:
+            if self.CLOSED:
+                raise
+
+            if not is_IRI(iri):
+                raise KeyError(f"Key '{iri}' must be an IRI")
+            del self.__dict__["_obj_data"][iri]
+
+    def __getattr__(self, name):
+        if name == "TYPE":
+            return self.__dict__["_obj_TYPE"][0]
+        if name == "COMPACT_TYPE":
+            return self.__dict__["_obj_TYPE"][1]
+        return super().__getattr__(name)
+
+    def property_keys(self):
+        iris = set()
+        for pyname, iri, compact in super().property_keys():
+            iris.add(iri)
+            yield pyname, iri, compact
+
+        if self.CLOSED:
+            return
+
+        for iri in self.__dict__["_obj_data"].keys():
+            if iri not in iris:
+                yield None, iri, None
+
+
+class SHACLObjectSet(object):
+    def __init__(self, objects=[], *, link=False):
+        self.objects = set()
+        self.missing_ids = set()
+        for o in objects:
+            self.objects.add(o)
+        self.create_index()
+        if link:
+            self._link()
+
+    def create_index(self):
+        """
+        (re)Create object index
+
+        Creates or recreates the indices for the object set to enable fast
+        lookup. All objects and their children are walked and indexed
+        """
+        self.obj_by_id = {}
+        self.obj_by_type = {}
+        for o in self.foreach():
+            self.add_index(o)
+
+    def add_index(self, obj):
+        """
+        Add object to index
+
+        Adds the object to all appropriate indices
+        """
+
+        def reg_type(typ, compact, o, exact):
+            self.obj_by_type.setdefault(typ, set()).add((exact, o))
+            if compact:
+                self.obj_by_type.setdefault(compact, set()).add((exact, o))
+
+        if not isinstance(obj, SHACLObject):
+            raise TypeError("Object is not of type SHACLObject")
+
+        for typ in SHACLObject.CLASSES.values():
+            if isinstance(obj, typ):
+                reg_type(
+                    typ._OBJ_TYPE, typ._OBJ_COMPACT_TYPE, obj, obj.__class__ is typ
+                )
+
+        # This covers custom extensions
+        reg_type(obj.TYPE, obj.COMPACT_TYPE, obj, True)
+
+        if not obj._id:
+            return
+
+        self.missing_ids.discard(obj._id)
+
+        if obj._id in self.obj_by_id:
+            return
+
+        self.obj_by_id[obj._id] = obj
+
+    def add(self, obj):
+        """
+        Add object to object set
+
+        Adds a SHACLObject to the object set and index it.
+
+        NOTE: Child objects of the attached object are not indexes
+        """
+        if not isinstance(obj, SHACLObject):
+            raise TypeError("Object is not of type SHACLObject")
+
+        if obj not in self.objects:
+            self.objects.add(obj)
+            self.add_index(obj)
+        return obj
+
+    def update(self, *others):
+        """
+        Update object set adding all objects in each other iterable
+        """
+        for o in others:
+            for obj in o:
+                self.add(obj)
+
+    def __contains__(self, item):
+        """
+        Returns True if the item is in the object set
+        """
+        return item in self.objects
+
+    def link(self):
+        """
+        Link object set
+
+        Links the object in the object set by replacing string object
+        references with references to the objects themselves. e.g.
+        a property that references object "https://foo/bar" by a string
+        reference will be replaced with an actual reference to the object in
+        the object set with the same ID if it exists in the object set
+
+        If multiple objects with the same ID are found, the duplicates are
+        eliminated
+        """
+        self.create_index()
+        return self._link()
+
+    def _link(self):
+        global NAMED_INDIVIDUALS
+
+        self.missing_ids = set()
+        visited = set()
+
+        new_objects = set()
+
+        for o in self.objects:
+            if o._id:
+                o = self.find_by_id(o._id, o)
+            o.link_helper(self, self.missing_ids, visited)
+            new_objects.add(o)
+
+        self.objects = new_objects
+
+        # Remove blank nodes
+        obj_by_id = {}
+        for _id, obj in self.obj_by_id.items():
+            if _id.startswith("_:"):
+                del obj._id
+            else:
+                obj_by_id[_id] = obj
+        self.obj_by_id = obj_by_id
+
+        # Named individuals aren't considered missing
+        self.missing_ids -= NAMED_INDIVIDUALS
+
+        return self.missing_ids
+
+    def find_by_id(self, _id, default=None):
+        """
+        Find object by ID
+
+        Returns objects that match the specified ID, or default if there is no
+        object with the specified ID
+        """
+        if _id not in self.obj_by_id:
+            return default
+        return self.obj_by_id[_id]
+
+    def foreach(self):
+        """
+        Iterate over every object in the object set, and all child objects
+        """
+        visited = set()
+        for o in self.objects:
+            if o not in visited:
+                yield o
+                visited.add(o)
+
+            for child in o.iter_objects(recursive=True, visited=visited):
+                yield child
+
+    def foreach_type(self, typ, *, match_subclass=True):
+        """
+        Iterate over each object of a specified type (or subclass there of)
+
+        If match_subclass is True, and class derived from typ will also match
+        (similar to isinstance()). If False, only exact matches will be
+        returned
+        """
+        if not isinstance(typ, str):
+            if not issubclass(typ, SHACLObject):
+                raise TypeError(f"Type must be derived from SHACLObject, got {typ}")
+            typ = typ._OBJ_TYPE
+
+        if typ not in self.obj_by_type:
+            return
+
+        for exact, o in self.obj_by_type[typ]:
+            if match_subclass or exact:
+                yield o
+
+    def merge(self, *objectsets):
+        """
+        Merge object sets
+
+        Returns a new object set that is the combination of this object set and
+        all provided arguments
+        """
+        new_objects = set()
+        new_objects |= self.objects
+        for d in objectsets:
+            new_objects |= d.objects
+
+        return SHACLObjectSet(new_objects, link=True)
+
+    def encode(self, encoder, force_list=False, *, key=None):
+        """
+        Serialize a list of objects to a serialization encoder
+
+        If force_list is true, a list will always be written using the encoder.
+        """
+        ref_counts = {}
+        state = EncodeState()
+
+        def walk_callback(value, path):
+            nonlocal state
+            nonlocal ref_counts
+
+            if not isinstance(value, SHACLObject):
+                return True
+
+            # Remove blank node ID for re-assignment
+            if value._id and value._id.startswith("_:"):
+                del value._id
+
+            if value._id:
+                state.add_refed(value)
+
+            # If the object is referenced more than once, add it to the set of
+            # referenced objects
+            ref_counts.setdefault(value, 0)
+            ref_counts[value] += 1
+            if ref_counts[value] > 1:
+                state.add_refed(value)
+                return False
+
+            return True
+
+        for o in self.objects:
+            if o._id:
+                state.add_refed(o)
+            o.walk(walk_callback)
+
+        use_list = force_list or len(self.objects) > 1
+
+        if use_list:
+            # If we are making a list add all the objects referred to by reference
+            # to the list
+            objects = list(self.objects | state.ref_objects)
+        else:
+            objects = list(self.objects)
+
+        objects.sort(key=key)
+
+        if use_list:
+            # Ensure top level objects are only written in the top level graph
+            # node, and referenced by ID everywhere else. This is done by setting
+            # the flag that indicates this object has been written for all the top
+            # level objects, then clearing it right before serializing the object.
+            #
+            # In this way, if an object is referenced before it is supposed to be
+            # serialized into the @graph, it will serialize as a string instead of
+            # the actual object
+            for o in objects:
+                state.written_objects.add(o)
+
+            with encoder.write_list() as list_s:
+                for o in objects:
+                    # Allow this specific object to be written now
+                    state.written_objects.remove(o)
+                    with list_s.write_list_item() as item_s:
+                        o.encode(item_s, state)
+
+        elif objects:
+            objects[0].encode(encoder, state)
+
+    def decode(self, decoder):
+        self.create_index()
+
+        for obj_d in decoder.read_list():
+            o = SHACLObject.decode(obj_d, objectset=self)
+            self.objects.add(o)
+
+        self._link()
+
+
+class EncodeState(object):
+    def __init__(self):
+        self.ref_objects = set()
+        self.written_objects = set()
+        self.blank_objects = {}
+
+    def get_object_id(self, o):
+        if o._id:
+            return o._id
+
+        if o not in self.blank_objects:
+            _id = f"_:{o.__class__.__name__}{len(self.blank_objects)}"
+            self.blank_objects[o] = _id
+
+        return self.blank_objects[o]
+
+    def is_refed(self, o):
+        return o in self.ref_objects
+
+    def add_refed(self, o):
+        self.ref_objects.add(o)
+
+    def is_written(self, o):
+        return o in self.written_objects
+
+    def add_written(self, o):
+        self.written_objects.add(o)
+
+
+class Decoder(ABC):
+    @abstractmethod
+    def read_value(self):
+        """
+        Consume next item
+
+        Consumes the next item of any type
+        """
+        pass
+
+    @abstractmethod
+    def read_string(self):
+        """
+        Consume the next item as a string.
+
+        Returns the string value of the next item, or `None` if the next item
+        is not a string
+        """
+        pass
+
+    @abstractmethod
+    def read_datetime(self):
+        """
+        Consumes the next item as a date & time string
+
+        Returns the string value of the next item, if it is a ISO datetime, or
+        `None` if the next item is not a ISO datetime string.
+
+        Note that validation of the string is done by the caller, so a minimal
+        implementation can just check if the next item is a string without
+        worrying about the format
+        """
+        pass
+
+    @abstractmethod
+    def read_integer(self):
+        """
+        Consumes the next item as an integer
+
+        Returns the integer value of the next item, or `None` if the next item
+        is not an integer
+        """
+        pass
+
+    @abstractmethod
+    def read_iri(self):
+        """
+        Consumes the next item as an IRI string
+
+        Returns the string value of the next item an IRI, or `None` if the next
+        item is not an IRI.
+
+        The returned string should be either a fully-qualified IRI, or a blank
+        node ID
+        """
+        pass
+
+    @abstractmethod
+    def read_enum(self, e):
+        """
+        Consumes the next item as an Enum value string
+
+        Returns the fully qualified IRI of the next enum item, or `None` if the
+        next item is not an enum value.
+
+        The callee is responsible for validating that the returned IRI is
+        actually a member of the specified Enum, so the `Decoder` does not need
+        to check that, but can if it wishes
+        """
+        pass
+
+    @abstractmethod
+    def read_bool(self):
+        """
+        Consume the next item as a boolean value
+
+        Returns the boolean value of the next item, or `None` if the next item
+        is not a boolean
+        """
+        pass
+
+    @abstractmethod
+    def read_float(self):
+        """
+        Consume the next item as a float value
+
+        Returns the float value of the next item, or `None` if the next item is
+        not a float
+        """
+        pass
+
+    @abstractmethod
+    def read_list(self):
+        """
+        Consume the next item as a list generator
+
+        This should generate a `Decoder` object for each item in the list. The
+        generated `Decoder` can be used to read the corresponding item from the
+        list
+        """
+        pass
+
+    @abstractmethod
+    def is_list(self):
+        """
+        Checks if the next item is a list
+
+        Returns True if the next item is a list, or False if it is a scalar
+        """
+        pass
+
+    @abstractmethod
+    def read_object(self):
+        """
+        Consume next item as an object
+
+        A context manager that "enters" the next item as a object and yields a
+        `Decoder` that can read properties from it. If the next item is not an
+        object, yields `None`
+
+        Properties will be read out of the object using `read_property` and
+        `read_object_id`
+        """
+        pass
+
+    @abstractmethod
+    @contextmanager
+    def read_property(self, key):
+        """
+        Read property from object
+
+        A context manager that yields a `Decoder` that can be used to read the
+        value of the property with the given key in current object, or `None`
+        if the property does not exist in the current object.
+        """
+        pass
+
+    @abstractmethod
+    def object_keys(self):
+        """
+        Read property keys from an object
+
+        Iterates over all the serialized keys for the current object
+        """
+        pass
+
+    @abstractmethod
+    def read_object_id(self, alias=None):
+        """
+        Read current object ID property
+
+        Returns the ID of the current object if one is defined, or `None` if
+        the current object has no ID.
+
+        The ID must be a fully qualified IRI or a blank node
+
+        If `alias` is provided, is is a hint as to another name by which the ID
+        might be found, if the `Decoder` supports aliases for an ID
+        """
+        pass
+
+
+class JSONLDDecoder(Decoder):
+    def __init__(self, data, root=False):
+        self.data = data
+        self.root = root
+
+    def read_value(self):
+        if isinstance(self.data, str):
+            try:
+                return float(self.data)
+            except ValueError:
+                pass
+        return self.data
+
+    def read_string(self):
+        if isinstance(self.data, str):
+            return self.data
+        return None
+
+    def read_datetime(self):
+        return self.read_string()
+
+    def read_integer(self):
+        if isinstance(self.data, int):
+            return self.data
+        return None
+
+    def read_bool(self):
+        if isinstance(self.data, bool):
+            return self.data
+        return None
+
+    def read_float(self):
+        if isinstance(self.data, (int, float, str)):
+            return float(self.data)
+        return None
+
+    def read_iri(self):
+        if isinstance(self.data, str):
+            return self.data
+        return None
+
+    def read_enum(self, e):
+        if isinstance(self.data, str):
+            return self.data
+        return None
+
+    def read_list(self):
+        if self.is_list():
+            for v in self.data:
+                yield self.__class__(v)
+        else:
+            yield self
+
+    def is_list(self):
+        return isinstance(self.data, (list, tuple, set))
+
+    def __get_value(self, *keys):
+        for k in keys:
+            if k and k in self.data:
+                return self.data[k]
+        return None
+
+    @contextmanager
+    def read_property(self, key):
+        v = self.__get_value(key)
+        if v is not None:
+            yield self.__class__(v)
+        else:
+            yield None
+
+    def object_keys(self):
+        for key in self.data.keys():
+            if key in ("@type", "type"):
+                continue
+            if self.root and key == "@context":
+                continue
+            yield key
+
+    def read_object(self):
+        typ = self.__get_value("@type", "type")
+        if typ is not None:
+            return typ, self
+
+        return None, self
+
+    def read_object_id(self, alias=None):
+        return self.__get_value(alias, "@id")
+
+
+class JSONLDDeserializer(object):
+    def deserialize_data(self, data, objectset: SHACLObjectSet):
+        if "@graph" in data:
+            h = JSONLDDecoder(data["@graph"], True)
+        else:
+            h = JSONLDDecoder(data, True)
+
+        objectset.decode(h)
+
+    def read(self, f, objectset: SHACLObjectSet):
+        data = json.load(f)
+        self.deserialize_data(data, objectset)
+
+
+class Encoder(ABC):
+    @abstractmethod
+    def write_string(self, v):
+        """
+        Write a string value
+
+        Encodes the value as a string in the output
+        """
+        pass
+
+    @abstractmethod
+    def write_datetime(self, v):
+        """
+        Write a date & time string
+
+        Encodes the value as an ISO datetime string
+
+        Note: The provided string is already correctly encoded as an ISO datetime
+        """
+        pass
+
+    @abstractmethod
+    def write_integer(self, v):
+        """
+        Write an integer value
+
+        Encodes the value as an integer in the output
+        """
+        pass
+
+    @abstractmethod
+    def write_iri(self, v, compact=None):
+        """
+        Write IRI
+
+        Encodes the string as an IRI. Note that the string will be either a
+        fully qualified IRI or a blank node ID. If `compact` is provided and
+        the serialization supports compacted IRIs, it should be preferred to
+        the full IRI
+        """
+        pass
+
+    @abstractmethod
+    def write_enum(self, v, e, compact=None):
+        """
+        Write enum value IRI
+
+        Encodes the string enum value IRI. Note that the string will be a fully
+        qualified IRI. If `compact` is provided and the serialization supports
+        compacted IRIs, it should be preferred to the full IRI.
+        """
+        pass
+
+    @abstractmethod
+    def write_bool(self, v):
+        """
+        Write boolean
+
+        Encodes the value as a boolean in the output
+        """
+        pass
+
+    @abstractmethod
+    def write_float(self, v):
+        """
+        Write float
+
+        Encodes the value as a floating point number in the output
+        """
+        pass
+
+    @abstractmethod
+    @contextmanager
+    def write_object(self, o, _id, needs_id):
+        """
+        Write object
+
+        A context manager that yields an `Encoder` that can be used to encode
+        the given object properties.
+
+        The provided ID will always be a valid ID (even if o._id is `None`), in
+        case the `Encoder` _must_ have an ID. `needs_id` is a hint to indicate
+        to the `Encoder` if an ID must be written or not (if that is even an
+        option). If it is `True`, the `Encoder` must encode an ID for the
+        object. If `False`, the encoder is not required to encode an ID and may
+        omit it.
+
+        The ID will be either a fully qualified IRI, or a blank node IRI.
+
+        Properties will be written the object using `write_property`
+        """
+        pass
+
+    @abstractmethod
+    @contextmanager
+    def write_property(self, iri, compact=None):
+        """
+        Write object property
+
+        A context manager that yields an `Encoder` that can be used to encode
+        the value for the property with the given IRI in the current object
+
+        Note that the IRI will be fully qualified. If `compact` is provided and
+        the serialization supports compacted IRIs, it should be preferred to
+        the full IRI.
+        """
+        pass
+
+    @abstractmethod
+    @contextmanager
+    def write_list(self):
+        """
+        Write list
+
+        A context manager that yields an `Encoder` that can be used to encode a
+        list.
+
+        Each item of the list will be added using `write_list_item`
+        """
+        pass
+
+    @abstractmethod
+    @contextmanager
+    def write_list_item(self):
+        """
+        Write list item
+
+        A context manager that yields an `Encoder` that can be used to encode
+        the value for a list item
+        """
+        pass
+
+
+class JSONLDEncoder(Encoder):
+    def __init__(self, data=None):
+        self.data = data
+
+    def write_string(self, v):
+        self.data = v
+
+    def write_datetime(self, v):
+        self.data = v
+
+    def write_integer(self, v):
+        self.data = v
+
+    def write_iri(self, v, compact=None):
+        self.write_string(compact or v)
+
+    def write_enum(self, v, e, compact=None):
+        self.write_string(compact or v)
+
+    def write_bool(self, v):
+        self.data = v
+
+    def write_float(self, v):
+        self.data = str(v)
+
+    @contextmanager
+    def write_property(self, iri, compact=None):
+        s = self.__class__(None)
+        yield s
+        if s.data is not None:
+            self.data[compact or iri] = s.data
+
+    @contextmanager
+    def write_object(self, o, _id, needs_id):
+        self.data = {
+            "type": o.COMPACT_TYPE or o.TYPE,
+        }
+        if needs_id:
+            self.data[o.ID_ALIAS or "@id"] = _id
+        yield self
+
+    @contextmanager
+    def write_list(self):
+        self.data = []
+        yield self
+        if not self.data:
+            self.data = None
+
+    @contextmanager
+    def write_list_item(self):
+        s = self.__class__(None)
+        yield s
+        if s.data is not None:
+            self.data.append(s.data)
+
+
+class JSONLDSerializer(object):
+    def __init__(self, **args):
+        self.args = args
+
+    def serialize_data(
+        self,
+        objectset: SHACLObjectSet,
+        force_at_graph=False,
+    ):
+        h = JSONLDEncoder()
+        objectset.encode(h, force_at_graph)
+        data = {}
+        if len(CONTEXT_URLS) == 1:
+            data["@context"] = CONTEXT_URLS[0]
+        elif CONTEXT_URLS:
+            data["@context"] = CONTEXT_URLS
+
+        if isinstance(h.data, list):
+            data["@graph"] = h.data
+        else:
+            for k, v in h.data.items():
+                data[k] = v
+
+        return data
+
+    def write(
+        self,
+        objectset: SHACLObjectSet,
+        f,
+        force_at_graph=False,
+        **kwargs,
+    ):
+        """
+        Write a SHACLObjectSet to a JSON LD file
+
+        If force_at_graph is True, a @graph node will always be written
+        """
+        data = self.serialize_data(objectset, force_at_graph)
+
+        args = {**self.args, **kwargs}
+
+        sha1 = hashlib.sha1()
+        for chunk in json.JSONEncoder(**args).iterencode(data):
+            chunk = chunk.encode("utf-8")
+            f.write(chunk)
+            sha1.update(chunk)
+
+        return sha1.hexdigest()
+
+
+class JSONLDInlineEncoder(Encoder):
+    def __init__(self, f, sha1):
+        self.f = f
+        self.comma = False
+        self.sha1 = sha1
+
+    def write(self, s):
+        s = s.encode("utf-8")
+        self.f.write(s)
+        self.sha1.update(s)
+
+    def _write_comma(self):
+        if self.comma:
+            self.write(",")
+            self.comma = False
+
+    def write_string(self, v):
+        self.write(json.dumps(v))
+
+    def write_datetime(self, v):
+        self.write_string(v)
+
+    def write_integer(self, v):
+        self.write(f"{v}")
+
+    def write_iri(self, v, compact=None):
+        self.write_string(compact or v)
+
+    def write_enum(self, v, e, compact=None):
+        self.write_iri(v, compact)
+
+    def write_bool(self, v):
+        if v:
+            self.write("true")
+        else:
+            self.write("false")
+
+    def write_float(self, v):
+        self.write(json.dumps(str(v)))
+
+    @contextmanager
+    def write_property(self, iri, compact=None):
+        self._write_comma()
+        self.write_string(compact or iri)
+        self.write(":")
+        yield self
+        self.comma = True
+
+    @contextmanager
+    def write_object(self, o, _id, needs_id):
+        self._write_comma()
+
+        self.write("{")
+        self.write_string("type")
+        self.write(":")
+        self.write_string(o.COMPACT_TYPE or o.TYPE)
+        self.comma = True
+
+        if needs_id:
+            self._write_comma()
+            self.write_string(o.ID_ALIAS or "@id")
+            self.write(":")
+            self.write_string(_id)
+            self.comma = True
+
+        self.comma = True
+        yield self
+
+        self.write("}")
+        self.comma = True
+
+    @contextmanager
+    def write_list(self):
+        self._write_comma()
+        self.write("[")
+        yield self.__class__(self.f, self.sha1)
+        self.write("]")
+        self.comma = True
+
+    @contextmanager
+    def write_list_item(self):
+        self._write_comma()
+        yield self.__class__(self.f, self.sha1)
+        self.comma = True
+
+
+class JSONLDInlineSerializer(object):
+    def write(
+        self,
+        objectset: SHACLObjectSet,
+        f,
+        force_at_graph=False,
+    ):
+        """
+        Write a SHACLObjectSet to a JSON LD file
+
+        Note: force_at_graph is included for compatibility, but ignored. This
+        serializer always writes out a graph
+        """
+        sha1 = hashlib.sha1()
+        h = JSONLDInlineEncoder(f, sha1)
+        h.write('{"@context":')
+        if len(CONTEXT_URLS) == 1:
+            h.write(f'"{CONTEXT_URLS[0]}"')
+        elif CONTEXT_URLS:
+            h.write('["')
+            h.write('","'.join(CONTEXT_URLS))
+            h.write('"]')
+        h.write(",")
+
+        h.write('"@graph":')
+
+        objectset.encode(h, True)
+        h.write("}")
+        return sha1.hexdigest()
+
+
+def print_tree(objects, all_fields=False):
+    """
+    Print object tree
+    """
+    seen = set()
+
+    def callback(value, path):
+        nonlocal seen
+
+        s = ("  " * (len(path) - 1)) + f"{path[-1]}"
+        if isinstance(value, SHACLObject):
+            s += f" {value} ({id(value)})"
+            is_empty = False
+        elif isinstance(value, ListProxy):
+            is_empty = len(value) == 0
+            if is_empty:
+                s += " []"
+        else:
+            s += f" {value!r}"
+            is_empty = value is None
+
+        if all_fields or not is_empty:
+            print(s)
+
+        if isinstance(value, SHACLObject):
+            if value in seen:
+                return False
+            seen.add(value)
+            return True
+
+        return True
+
+    for o in objects:
+        o.walk(callback)
+
+
+# fmt: off
+"""Format Guard"""
+
+
+CONTEXT_URLS = [
+    "https://spdx.org/rdf/3.0.1/spdx-context.jsonld",
+]
+
+
+# CLASSES
+# A class for describing the energy consumption incurred by an AI model in
+# different stages of its lifecycle.
+@register("https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumption", compact_type="ai_EnergyConsumption", abstract=False)
+class ai_EnergyConsumption(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Specifies the amount of energy consumed when finetuning the AI model that is
+        # being used in the AI system.
+        cls._add_property(
+            "ai_finetuningEnergyConsumption",
+            ListProp(ObjectProp(ai_EnergyConsumptionDescription, False)),
+            iri="https://spdx.org/rdf/3.0.1/terms/AI/finetuningEnergyConsumption",
+            compact="ai_finetuningEnergyConsumption",
+        )
+        # Specifies the amount of energy consumed during inference time by an AI model
+        # that is being used in the AI system.
+        cls._add_property(
+            "ai_inferenceEnergyConsumption",
+            ListProp(ObjectProp(ai_EnergyConsumptionDescription, False)),
+            iri="https://spdx.org/rdf/3.0.1/terms/AI/inferenceEnergyConsumption",
+            compact="ai_inferenceEnergyConsumption",
+        )
+        # Specifies the amount of energy consumed when training the AI model that is
+        # being used in the AI system.
+        cls._add_property(
+            "ai_trainingEnergyConsumption",
+            ListProp(ObjectProp(ai_EnergyConsumptionDescription, False)),
+            iri="https://spdx.org/rdf/3.0.1/terms/AI/trainingEnergyConsumption",
+            compact="ai_trainingEnergyConsumption",
+        )
+
+
+# The class that helps note down the quantity of energy consumption and the unit
+# used for measurement.
+@register("https://spdx.org/rdf/3.0.1/terms/AI/EnergyConsumptionDescription", compact_type="ai_EnergyConsumptionDescription", abstract=False)
+class ai_EnergyConsumptionDescription(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Represents the energy quantity.
+        cls._add_property(
+            "ai_energyQuantity",
+            FloatProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/AI/energyQuantity",
+            min_count=1,
+            compact="ai_energyQuantity",
+        )
+        # Specifies the unit in which energy is measured.
+        cls._add_property(
+            "ai_energyUnit",
+            EnumProp([
+                    ("https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/kilowattHour", "kilowattHour"),
+                    ("https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/megajoule", "megajoule"),
+                    ("https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/other", "other"),
+                ]),
+            iri="https://spdx.org/rdf/3.0.1/terms/AI/energyUnit",
+            min_count=1,
+            compact="ai_energyUnit",
+        )
+
+
+# Specifies the unit of energy consumption.
+@register("https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType", compact_type="ai_EnergyUnitType", abstract=False)
+class ai_EnergyUnitType(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+        "kilowattHour": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/kilowattHour",
+        "megajoule": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/megajoule",
+        "other": "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/other",
+    }
+    # Kilowatt-hour.
+    kilowattHour = "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/kilowattHour"
+    # Megajoule.
+    megajoule = "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/megajoule"
+    # Any other units of energy measurement.
+    other = "https://spdx.org/rdf/3.0.1/terms/AI/EnergyUnitType/other"
+
+
+# Specifies the safety risk level.
+@register("https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType", compact_type="ai_SafetyRiskAssessmentType", abstract=False)
+class ai_SafetyRiskAssessmentType(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+        "high": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/high",
+        "low": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/low",
+        "medium": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/medium",
+        "serious": "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/serious",
+    }
+    # The second-highest level of risk posed by an AI system.
+    high = "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/high"
+    # Low/no risk is posed by an AI system.
+    low = "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/low"
+    # The third-highest level of risk posed by an AI system.
+    medium = "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/medium"
+    # The highest level of risk posed by an AI system.
+    serious = "https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/serious"
+
+
+# Specifies the type of an annotation.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType", compact_type="AnnotationType", abstract=False)
+class AnnotationType(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+        "other": "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/other",
+        "review": "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/review",
+    }
+    # Used to store extra information about an Element which is not part of a review (e.g. extra information provided during the creation of the Element).
+    other = "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/other"
+    # Used when someone reviews the Element.
+    review = "https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/review"
+
+
+# Provides information about the creation of the Element.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/CreationInfo", compact_type="CreationInfo", abstract=False)
+class CreationInfo(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Provide consumers with comments by the creator of the Element about the
+        # Element.
+        cls._add_property(
+            "comment",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/comment",
+            compact="comment",
+        )
+        # Identifies when the Element was originally created.
+        cls._add_property(
+            "created",
+            DateTimeStampProp(pattern=r"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$",),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/created",
+            min_count=1,
+            compact="created",
+        )
+        # Identifies who or what created the Element.
+        cls._add_property(
+            "createdBy",
+            ListProp(ObjectProp(Agent, False, context=[
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/SpdxOrganization", "SpdxOrganization"),
+                ],)),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/createdBy",
+            min_count=1,
+            compact="createdBy",
+        )
+        # Identifies the tooling that was used during the creation of the Element.
+        cls._add_property(
+            "createdUsing",
+            ListProp(ObjectProp(Tool, False)),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/createdUsing",
+            compact="createdUsing",
+        )
+        # Provides a reference number that can be used to understand how to parse and
+        # interpret an Element.
+        cls._add_property(
+            "specVersion",
+            StringProp(pattern=r"^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$",),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/specVersion",
+            min_count=1,
+            compact="specVersion",
+        )
+
+
+# A key with an associated value.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/DictionaryEntry", compact_type="DictionaryEntry", abstract=False)
+class DictionaryEntry(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # A key used in a generic key-value pair.
+        cls._add_property(
+            "key",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/key",
+            min_count=1,
+            compact="key",
+        )
+        # A value used in a generic key-value pair.
+        cls._add_property(
+            "value",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/value",
+            compact="value",
+        )
+
+
+# Base domain class from which all other SPDX-3.0 domain classes derive.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/Element", compact_type="Element", abstract=True)
+class Element(SHACLObject):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Provide consumers with comments by the creator of the Element about the
+        # Element.
+        cls._add_property(
+            "comment",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/comment",
+            compact="comment",
+        )
+        # Provides information about the creation of the Element.
+        cls._add_property(
+            "creationInfo",
+            ObjectProp(CreationInfo, True),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/creationInfo",
+            min_count=1,
+            compact="creationInfo",
+        )
+        # Provides a detailed description of the Element.
+        cls._add_property(
+            "description",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/description",
+            compact="description",
+        )
+        # Specifies an Extension characterization of some aspect of an Element.
+        cls._add_property(
+            "extension",
+            ListProp(ObjectProp(extension_Extension, False)),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/extension",
+            compact="extension",
+        )
+        # Provides a reference to a resource outside the scope of SPDX-3.0 content
+        # that uniquely identifies an Element.
+        cls._add_property(
+            "externalIdentifier",
+            ListProp(ObjectProp(ExternalIdentifier, False)),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifier",
+            compact="externalIdentifier",
+        )
+        # Points to a resource outside the scope of the SPDX-3.0 content
+        # that provides additional characteristics of an Element.
+        cls._add_property(
+            "externalRef",
+            ListProp(ObjectProp(ExternalRef, False)),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/externalRef",
+            compact="externalRef",
+        )
+        # Identifies the name of an Element as designated by the creator.
+        cls._add_property(
+            "name",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/name",
+            compact="name",
+        )
+        # A short description of an Element.
+        cls._add_property(
+            "summary",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/summary",
+            compact="summary",
+        )
+        # Provides an IntegrityMethod with which the integrity of an Element can be
+        # asserted.
+        cls._add_property(
+            "verifiedUsing",
+            ListProp(ObjectProp(IntegrityMethod, False)),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing",
+            compact="verifiedUsing",
+        )
+
+
+# A collection of Elements, not necessarily with unifying context.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/ElementCollection", compact_type="ElementCollection", abstract=True)
+class ElementCollection(Element):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Refers to one or more Elements that are part of an ElementCollection.
+        cls._add_property(
+            "element",
+            ListProp(ObjectProp(Element, False, context=[
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/NoneElement", "NoneElement"),
+                    ("https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoAssertionLicense", "expandedlicensing_NoAssertionLicense"),
+                    ("https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoneLicense", "expandedlicensing_NoneLicense"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/SpdxOrganization", "SpdxOrganization"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/NoAssertionElement", "NoAssertionElement"),
+                ],)),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/element",
+            compact="element",
+        )
+        # Describes one a profile which the creator of this ElementCollection intends to
+        # conform to.
+        cls._add_property(
+            "profileConformance",
+            ListProp(EnumProp([
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/ai", "ai"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/build", "build"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/core", "core"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/dataset", "dataset"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/expandedLicensing", "expandedLicensing"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/extension", "extension"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/lite", "lite"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/security", "security"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/simpleLicensing", "simpleLicensing"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/software", "software"),
+                ])),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/profileConformance",
+            compact="profileConformance",
+        )
+        # This property is used to denote the root Element(s) of a tree of elements contained in a BOM.
+        cls._add_property(
+            "rootElement",
+            ListProp(ObjectProp(Element, False, context=[
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/NoneElement", "NoneElement"),
+                    ("https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoAssertionLicense", "expandedlicensing_NoAssertionLicense"),
+                    ("https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoneLicense", "expandedlicensing_NoneLicense"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/SpdxOrganization", "SpdxOrganization"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/NoAssertionElement", "NoAssertionElement"),
+                ],)),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/rootElement",
+            compact="rootElement",
+        )
+
+
+# A reference to a resource identifier defined outside the scope of SPDX-3.0 content that uniquely identifies an Element.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifier", compact_type="ExternalIdentifier", abstract=False)
+class ExternalIdentifier(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Provide consumers with comments by the creator of the Element about the
+        # Element.
+        cls._add_property(
+            "comment",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/comment",
+            compact="comment",
+        )
+        # Specifies the type of the external identifier.
+        cls._add_property(
+            "externalIdentifierType",
+            EnumProp([
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe22", "cpe22"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe23", "cpe23"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cve", "cve"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/email", "email"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/gitoid", "gitoid"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/other", "other"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/packageUrl", "packageUrl"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/securityOther", "securityOther"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swhid", "swhid"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swid", "swid"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/urlScheme", "urlScheme"),
+                ]),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/externalIdentifierType",
+            min_count=1,
+            compact="externalIdentifierType",
+        )
+        # Uniquely identifies an external element.
+        cls._add_property(
+            "identifier",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/identifier",
+            min_count=1,
+            compact="identifier",
+        )
+        # Provides the location for more information regarding an external identifier.
+        cls._add_property(
+            "identifierLocator",
+            ListProp(AnyURIProp()),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/identifierLocator",
+            compact="identifierLocator",
+        )
+        # An entity that is authorized to issue identification credentials.
+        cls._add_property(
+            "issuingAuthority",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/issuingAuthority",
+            compact="issuingAuthority",
+        )
+
+
+# Specifies the type of an external identifier.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType", compact_type="ExternalIdentifierType", abstract=False)
+class ExternalIdentifierType(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+        "cpe22": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe22",
+        "cpe23": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe23",
+        "cve": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cve",
+        "email": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/email",
+        "gitoid": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/gitoid",
+        "other": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/other",
+        "packageUrl": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/packageUrl",
+        "securityOther": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/securityOther",
+        "swhid": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swhid",
+        "swid": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swid",
+        "urlScheme": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/urlScheme",
+    }
+    # [Common Platform Enumeration Specification 2.2](https://cpe.mitre.org/files/cpe-specification_2.2.pdf)
+    cpe22 = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe22"
+    # [Common Platform Enumeration: Naming Specification Version 2.3](https://csrc.nist.gov/publications/detail/nistir/7695/final)
+    cpe23 = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cpe23"
+    # Common Vulnerabilities and Exposures identifiers, an identifier for a specific software flaw defined within the official CVE Dictionary and that conforms to the [CVE specification](https://csrc.nist.gov/glossary/term/cve_id).
+    cve = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/cve"
+    # Email address, as defined in [RFC 3696](https://datatracker.ietf.org/doc/rfc3986/) Section 3.
+    email = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/email"
+    # [Gitoid](https://www.iana.org/assignments/uri-schemes/prov/gitoid), stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). A gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent either an [Artifact Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-identifier-types) for the software artifact or an [Input Manifest Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#input-manifest-identifier) for the software artifact's associated [Artifact Input Manifest](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-input-manifest); this ambiguity exists because the Artifact Input Manifest is itself an artifact, and the gitoid of that artifact is its valid identifier. Gitoids calculated on software artifacts (Snippet, File, or Package Elements) should be recorded in the SPDX 3.0 SoftwareArtifact's contentIdentifier property. Gitoids calculated on the Artifact Input Manifest (Input Manifest Identifier) should be recorded in the SPDX 3.0 Element's externalIdentifier property. See [OmniBOR Specification](https://github.com/omnibor/spec/), a minimalistic specification for describing software [Artifact Dependency Graphs](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-dependency-graph-adg).
+    gitoid = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/gitoid"
+    # Used when the type does not match any of the other options.
+    other = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/other"
+    # Package URL, as defined in the corresponding [Annex](../../../annexes/pkg-url-specification.md) of this specification.
+    packageUrl = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/packageUrl"
+    # Used when there is a security related identifier of unspecified type.
+    securityOther = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/securityOther"
+    # SoftWare Hash IDentifier, a persistent intrinsic identifier for digital artifacts, such as files, trees (also known as directories or folders), commits, and other objects typically found in version control systems. The format of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) (ISO/IEC DIS 18670). They typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`.
+    swhid = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swhid"
+    # Concise Software Identification (CoSWID) tag, as defined in [RFC 9393](https://datatracker.ietf.org/doc/rfc9393/) Section 2.3.
+    swid = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/swid"
+    # [Uniform Resource Identifier (URI) Schemes](https://www.iana.org/assignments/uri-schemes/uri-schemes.xhtml). The scheme used in order to locate a resource.
+    urlScheme = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalIdentifierType/urlScheme"
+
+
+# A map of Element identifiers that are used within an SpdxDocument but defined
+# external to that SpdxDocument.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/ExternalMap", compact_type="ExternalMap", abstract=False)
+class ExternalMap(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Artifact representing a serialization instance of SPDX data containing the
+        # definition of a particular Element.
+        cls._add_property(
+            "definingArtifact",
+            ObjectProp(Artifact, False),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/definingArtifact",
+            compact="definingArtifact",
+        )
+        # Identifies an external Element used within an SpdxDocument but defined
+        # external to that SpdxDocument.
+        cls._add_property(
+            "externalSpdxId",
+            AnyURIProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/externalSpdxId",
+            min_count=1,
+            compact="externalSpdxId",
+        )
+        # Provides an indication of where to retrieve an external Element.
+        cls._add_property(
+            "locationHint",
+            AnyURIProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/locationHint",
+            compact="locationHint",
+        )
+        # Provides an IntegrityMethod with which the integrity of an Element can be
+        # asserted.
+        cls._add_property(
+            "verifiedUsing",
+            ListProp(ObjectProp(IntegrityMethod, False)),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/verifiedUsing",
+            compact="verifiedUsing",
+        )
+
+
+# A reference to a resource outside the scope of SPDX-3.0 content related to an Element.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRef", compact_type="ExternalRef", abstract=False)
+class ExternalRef(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Provide consumers with comments by the creator of the Element about the
+        # Element.
+        cls._add_property(
+            "comment",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/comment",
+            compact="comment",
+        )
+        # Provides information about the content type of an Element or a Property.
+        cls._add_property(
+            "contentType",
+            StringProp(pattern=r"^[^\/]+\/[^\/]+$",),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/contentType",
+            compact="contentType",
+        )
+        # Specifies the type of the external reference.
+        cls._add_property(
+            "externalRefType",
+            EnumProp([
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altDownloadLocation", "altDownloadLocation"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altWebPage", "altWebPage"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/binaryArtifact", "binaryArtifact"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/bower", "bower"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildMeta", "buildMeta"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildSystem", "buildSystem"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/certificationReport", "certificationReport"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/chat", "chat"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/componentAnalysisReport", "componentAnalysisReport"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/cwe", "cwe"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/documentation", "documentation"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/dynamicAnalysisReport", "dynamicAnalysisReport"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/eolNotice", "eolNotice"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/exportControlAssessment", "exportControlAssessment"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/funding", "funding"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/issueTracker", "issueTracker"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/license", "license"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mailingList", "mailingList"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mavenCentral", "mavenCentral"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/metrics", "metrics"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/npm", "npm"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/nuget", "nuget"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/other", "other"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/privacyAssessment", "privacyAssessment"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/productMetadata", "productMetadata"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/purchaseOrder", "purchaseOrder"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/qualityAssessmentReport", "qualityAssessmentReport"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseHistory", "releaseHistory"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseNotes", "releaseNotes"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/riskAssessment", "riskAssessment"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/runtimeAnalysisReport", "runtimeAnalysisReport"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/secureSoftwareAttestation", "secureSoftwareAttestation"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdversaryModel", "securityAdversaryModel"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdvisory", "securityAdvisory"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityFix", "securityFix"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityOther", "securityOther"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPenTestReport", "securityPenTestReport"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPolicy", "securityPolicy"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityThreatModel", "securityThreatModel"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/socialMedia", "socialMedia"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/sourceArtifact", "sourceArtifact"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/staticAnalysisReport", "staticAnalysisReport"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/support", "support"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vcs", "vcs"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityDisclosureReport", "vulnerabilityDisclosureReport"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityExploitabilityAssessment", "vulnerabilityExploitabilityAssessment"),
+                ]),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/externalRefType",
+            compact="externalRefType",
+        )
+        # Provides the location of an external reference.
+        cls._add_property(
+            "locator",
+            ListProp(StringProp()),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/locator",
+            compact="locator",
+        )
+
+
+# Specifies the type of an external reference.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType", compact_type="ExternalRefType", abstract=False)
+class ExternalRefType(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+        "altDownloadLocation": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altDownloadLocation",
+        "altWebPage": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altWebPage",
+        "binaryArtifact": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/binaryArtifact",
+        "bower": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/bower",
+        "buildMeta": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildMeta",
+        "buildSystem": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildSystem",
+        "certificationReport": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/certificationReport",
+        "chat": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/chat",
+        "componentAnalysisReport": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/componentAnalysisReport",
+        "cwe": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/cwe",
+        "documentation": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/documentation",
+        "dynamicAnalysisReport": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/dynamicAnalysisReport",
+        "eolNotice": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/eolNotice",
+        "exportControlAssessment": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/exportControlAssessment",
+        "funding": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/funding",
+        "issueTracker": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/issueTracker",
+        "license": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/license",
+        "mailingList": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mailingList",
+        "mavenCentral": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mavenCentral",
+        "metrics": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/metrics",
+        "npm": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/npm",
+        "nuget": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/nuget",
+        "other": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/other",
+        "privacyAssessment": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/privacyAssessment",
+        "productMetadata": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/productMetadata",
+        "purchaseOrder": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/purchaseOrder",
+        "qualityAssessmentReport": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/qualityAssessmentReport",
+        "releaseHistory": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseHistory",
+        "releaseNotes": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseNotes",
+        "riskAssessment": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/riskAssessment",
+        "runtimeAnalysisReport": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/runtimeAnalysisReport",
+        "secureSoftwareAttestation": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/secureSoftwareAttestation",
+        "securityAdversaryModel": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdversaryModel",
+        "securityAdvisory": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdvisory",
+        "securityFix": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityFix",
+        "securityOther": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityOther",
+        "securityPenTestReport": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPenTestReport",
+        "securityPolicy": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPolicy",
+        "securityThreatModel": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityThreatModel",
+        "socialMedia": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/socialMedia",
+        "sourceArtifact": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/sourceArtifact",
+        "staticAnalysisReport": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/staticAnalysisReport",
+        "support": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/support",
+        "vcs": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vcs",
+        "vulnerabilityDisclosureReport": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityDisclosureReport",
+        "vulnerabilityExploitabilityAssessment": "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityExploitabilityAssessment",
+    }
+    # A reference to an alternative download location.
+    altDownloadLocation = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altDownloadLocation"
+    # A reference to an alternative web page.
+    altWebPage = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/altWebPage"
+    # A reference to binary artifacts related to a package.
+    binaryArtifact = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/binaryArtifact"
+    # A reference to a Bower package. The package locator format, looks like `package#version`, is defined in the "install" section of [Bower API documentation](https://bower.io/docs/api/#install).
+    bower = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/bower"
+    # A reference build metadata related to a published package.
+    buildMeta = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildMeta"
+    # A reference build system used to create or publish the package.
+    buildSystem = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/buildSystem"
+    # A reference to a certification report for a package from an accredited/independent body.
+    certificationReport = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/certificationReport"
+    # A reference to the instant messaging system used by the maintainer for a package.
+    chat = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/chat"
+    # A reference to a Software Composition Analysis (SCA) report.
+    componentAnalysisReport = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/componentAnalysisReport"
+    # [Common Weakness Enumeration](https://csrc.nist.gov/glossary/term/common_weakness_enumeration). A reference to a source of software flaw defined within the official [CWE List](https://cwe.mitre.org/data/) that conforms to the [CWE specification](https://cwe.mitre.org/).
+    cwe = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/cwe"
+    # A reference to the documentation for a package.
+    documentation = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/documentation"
+    # A reference to a dynamic analysis report for a package.
+    dynamicAnalysisReport = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/dynamicAnalysisReport"
+    # A reference to the End Of Sale (EOS) and/or End Of Life (EOL) information related to a package.
+    eolNotice = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/eolNotice"
+    # A reference to a export control assessment for a package.
+    exportControlAssessment = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/exportControlAssessment"
+    # A reference to funding information related to a package.
+    funding = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/funding"
+    # A reference to the issue tracker for a package.
+    issueTracker = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/issueTracker"
+    # A reference to additional license information related to an artifact.
+    license = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/license"
+    # A reference to the mailing list used by the maintainer for a package.
+    mailingList = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mailingList"
+    # A reference to a Maven repository artifact. The artifact locator format is defined in the [Maven documentation](https://maven.apache.org/guides/mini/guide-naming-conventions.html) and looks like `groupId:artifactId[:version]`.
+    mavenCentral = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/mavenCentral"
+    # A reference to metrics related to package such as OpenSSF scorecards.
+    metrics = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/metrics"
+    # A reference to an npm package. The package locator format is defined in the [npm documentation](https://docs.npmjs.com/cli/v10/configuring-npm/package-json) and looks like `package@version`.
+    npm = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/npm"
+    # A reference to a NuGet package. The package locator format is defined in the [NuGet documentation](https://docs.nuget.org) and looks like `package/version`.
+    nuget = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/nuget"
+    # Used when the type does not match any of the other options.
+    other = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/other"
+    # A reference to a privacy assessment for a package.
+    privacyAssessment = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/privacyAssessment"
+    # A reference to additional product metadata such as reference within organization's product catalog.
+    productMetadata = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/productMetadata"
+    # A reference to a purchase order for a package.
+    purchaseOrder = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/purchaseOrder"
+    # A reference to a quality assessment for a package.
+    qualityAssessmentReport = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/qualityAssessmentReport"
+    # A reference to a published list of releases for a package.
+    releaseHistory = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseHistory"
+    # A reference to the release notes for a package.
+    releaseNotes = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/releaseNotes"
+    # A reference to a risk assessment for a package.
+    riskAssessment = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/riskAssessment"
+    # A reference to a runtime analysis report for a package.
+    runtimeAnalysisReport = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/runtimeAnalysisReport"
+    # A reference to information assuring that the software is developed using security practices as defined by [NIST SP 800-218 Secure Software Development Framework (SSDF) Version 1.1](https://csrc.nist.gov/pubs/sp/800/218/final) or [CISA Secure Software Development Attestation Form](https://www.cisa.gov/resources-tools/resources/secure-software-development-attestation-form).
+    secureSoftwareAttestation = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/secureSoftwareAttestation"
+    # A reference to the security adversary model for a package.
+    securityAdversaryModel = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdversaryModel"
+    # A reference to a published security advisory (where advisory as defined per [ISO 29147:2018](https://www.iso.org/standard/72311.html)) that may affect one or more elements, e.g., vendor advisories or specific NVD entries.
+    securityAdvisory = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityAdvisory"
+    # A reference to the patch or source code that fixes a vulnerability.
+    securityFix = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityFix"
+    # A reference to related security information of unspecified type.
+    securityOther = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityOther"
+    # A reference to a [penetration test](https://en.wikipedia.org/wiki/Penetration_test) report for a package.
+    securityPenTestReport = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPenTestReport"
+    # A reference to instructions for reporting newly discovered security vulnerabilities for a package.
+    securityPolicy = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityPolicy"
+    # A reference the [security threat model](https://en.wikipedia.org/wiki/Threat_model) for a package.
+    securityThreatModel = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/securityThreatModel"
+    # A reference to a social media channel for a package.
+    socialMedia = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/socialMedia"
+    # A reference to an artifact containing the sources for a package.
+    sourceArtifact = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/sourceArtifact"
+    # A reference to a static analysis report for a package.
+    staticAnalysisReport = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/staticAnalysisReport"
+    # A reference to the software support channel or other support information for a package.
+    support = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/support"
+    # A reference to a version control system related to a software artifact.
+    vcs = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vcs"
+    # A reference to a Vulnerability Disclosure Report (VDR) which provides the software supplier's analysis and findings describing the impact (or lack of impact) that reported vulnerabilities have on packages or products in the supplier's SBOM as defined in [NIST SP 800-161 Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations](https://csrc.nist.gov/pubs/sp/800/161/r1/final).
+    vulnerabilityDisclosureReport = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityDisclosureReport"
+    # A reference to a Vulnerability Exploitability eXchange (VEX) statement which provides information on whether a product is impacted by a specific vulnerability in an included package and, if affected, whether there are actions recommended to remediate. See also [NTIA VEX one-page summary](https://ntia.gov/files/ntia/publications/vex_one-page_summary.pdf).
+    vulnerabilityExploitabilityAssessment = "https://spdx.org/rdf/3.0.1/terms/Core/ExternalRefType/vulnerabilityExploitabilityAssessment"
+
+
+# A mathematical algorithm that maps data of arbitrary size to a bit string.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm", compact_type="HashAlgorithm", abstract=False)
+class HashAlgorithm(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+        "adler32": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/adler32",
+        "blake2b256": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b256",
+        "blake2b384": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b384",
+        "blake2b512": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b512",
+        "blake3": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake3",
+        "crystalsDilithium": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsDilithium",
+        "crystalsKyber": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsKyber",
+        "falcon": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/falcon",
+        "md2": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md2",
+        "md4": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md4",
+        "md5": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md5",
+        "md6": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md6",
+        "other": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/other",
+        "sha1": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha1",
+        "sha224": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha224",
+        "sha256": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha256",
+        "sha384": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha384",
+        "sha3_224": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_224",
+        "sha3_256": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_256",
+        "sha3_384": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_384",
+        "sha3_512": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_512",
+        "sha512": "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha512",
+    }
+    # Adler-32 checksum is part of the widely used zlib compression library as defined in [RFC 1950](https://datatracker.ietf.org/doc/rfc1950/) Section 2.3.
+    adler32 = "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/adler32"
+    # BLAKE2b algorithm with a digest size of 256, as defined in [RFC 7693](https://datatracker.ietf.org/doc/rfc7693/) Section 4.
+    blake2b256 = "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b256"
+    # BLAKE2b algorithm with a digest size of 384, as defined in [RFC 7693](https://datatracker.ietf.org/doc/rfc7693/) Section 4.
+    blake2b384 = "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b384"
+    # BLAKE2b algorithm with a digest size of 512, as defined in [RFC 7693](https://datatracker.ietf.org/doc/rfc7693/) Section 4.
+    blake2b512 = "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b512"
+    # [BLAKE3](https://github.com/BLAKE3-team/BLAKE3-specs/blob/master/blake3.pdf)
+    blake3 = "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake3"
+    # [Dilithium](https://pq-crystals.org/dilithium/)
+    crystalsDilithium = "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsDilithium"
+    # [Kyber](https://pq-crystals.org/kyber/)
+    crystalsKyber = "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsKyber"
+    # [FALCON](https://falcon-sign.info/falcon.pdf)
+    falcon = "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/falcon"
+    # MD2 message-digest algorithm, as defined in [RFC 1319](https://datatracker.ietf.org/doc/rfc1319/).
+    md2 = "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md2"
+    # MD4 message-digest algorithm, as defined in [RFC 1186](https://datatracker.ietf.org/doc/rfc1186/).
+    md4 = "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md4"
+    # MD5 message-digest algorithm, as defined in [RFC 1321](https://datatracker.ietf.org/doc/rfc1321/).
+    md5 = "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md5"
+    # [MD6 hash function](https://people.csail.mit.edu/rivest/pubs/RABCx08.pdf)
+    md6 = "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md6"
+    # any hashing algorithm that does not exist in this list of entries
+    other = "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/other"
+    # SHA-1, a secure hashing algorithm, as defined in [RFC 3174](https://datatracker.ietf.org/doc/rfc3174/).
+    sha1 = "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha1"
+    # SHA-2 with a digest length of 224, as defined in [RFC 3874](https://datatracker.ietf.org/doc/rfc3874/).
+    sha224 = "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha224"
+    # SHA-2 with a digest length of 256, as defined in [RFC 6234](https://datatracker.ietf.org/doc/rfc6234/).
+    sha256 = "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha256"
+    # SHA-2 with a digest length of 384, as defined in [RFC 6234](https://datatracker.ietf.org/doc/rfc6234/).
+    sha384 = "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha384"
+    # SHA-3 with a digest length of 224, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final).
+    sha3_224 = "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_224"
+    # SHA-3 with a digest length of 256, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final).
+    sha3_256 = "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_256"
+    # SHA-3 with a digest length of 384, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final).
+    sha3_384 = "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_384"
+    # SHA-3 with a digest length of 512, as defined in [FIPS 202](https://csrc.nist.gov/pubs/fips/202/final).
+    sha3_512 = "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_512"
+    # SHA-2 with a digest length of 512, as defined in [RFC 6234](https://datatracker.ietf.org/doc/rfc6234/).
+    sha512 = "https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha512"
+
+
+# A concrete subclass of Element used by Individuals in the
+# Core profile.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/IndividualElement", compact_type="IndividualElement", abstract=False)
+class IndividualElement(Element):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+        "NoAssertionElement": "https://spdx.org/rdf/3.0.1/terms/Core/NoAssertionElement",
+        "NoneElement": "https://spdx.org/rdf/3.0.1/terms/Core/NoneElement",
+    }
+    # An Individual Value for Element representing a set of Elements of unknown
+    # identify or cardinality (number).
+    NoAssertionElement = "https://spdx.org/rdf/3.0.1/terms/Core/NoAssertionElement"
+    # An Individual Value for Element representing a set of Elements with
+    # cardinality (number/count) of zero.
+    NoneElement = "https://spdx.org/rdf/3.0.1/terms/Core/NoneElement"
+
+
+# Provides an independently reproducible mechanism that permits verification of a specific Element.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/IntegrityMethod", compact_type="IntegrityMethod", abstract=True)
+class IntegrityMethod(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Provide consumers with comments by the creator of the Element about the
+        # Element.
+        cls._add_property(
+            "comment",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/comment",
+            compact="comment",
+        )
+
+
+# Provide an enumerated set of lifecycle phases that can provide context to relationships.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType", compact_type="LifecycleScopeType", abstract=False)
+class LifecycleScopeType(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+        "build": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/build",
+        "design": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/design",
+        "development": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/development",
+        "other": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/other",
+        "runtime": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/runtime",
+        "test": "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/test",
+    }
+    # A relationship has specific context implications during an element's build phase, during development.
+    build = "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/build"
+    # A relationship has specific context implications during an element's design.
+    design = "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/design"
+    # A relationship has specific context implications during development phase of an element.
+    development = "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/development"
+    # A relationship has other specific context information necessary to capture that the above set of enumerations does not handle.
+    other = "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/other"
+    # A relationship has specific context implications during the execution phase of an element.
+    runtime = "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/runtime"
+    # A relationship has specific context implications during an element's testing phase, during development.
+    test = "https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/test"
+
+
+# A mapping between prefixes and namespace partial URIs.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/NamespaceMap", compact_type="NamespaceMap", abstract=False)
+class NamespaceMap(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Provides an unambiguous mechanism for conveying a URI fragment portion of an
+        # Element ID.
+        cls._add_property(
+            "namespace",
+            AnyURIProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/namespace",
+            min_count=1,
+            compact="namespace",
+        )
+        # A substitute for a URI.
+        cls._add_property(
+            "prefix",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/prefix",
+            min_count=1,
+            compact="prefix",
+        )
+
+
+# An SPDX version 2.X compatible verification method for software packages.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/PackageVerificationCode", compact_type="PackageVerificationCode", abstract=False)
+class PackageVerificationCode(IntegrityMethod):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Specifies the algorithm used for calculating the hash value.
+        cls._add_property(
+            "algorithm",
+            EnumProp([
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/adler32", "adler32"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b256", "blake2b256"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b384", "blake2b384"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b512", "blake2b512"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake3", "blake3"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsDilithium", "crystalsDilithium"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsKyber", "crystalsKyber"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/falcon", "falcon"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md2", "md2"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md4", "md4"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md5", "md5"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md6", "md6"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/other", "other"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha1", "sha1"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha224", "sha224"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha256", "sha256"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha384", "sha384"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_224", "sha3_224"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_256", "sha3_256"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_384", "sha3_384"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_512", "sha3_512"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha512", "sha512"),
+                ]),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/algorithm",
+            min_count=1,
+            compact="algorithm",
+        )
+        # The result of applying a hash algorithm to an Element.
+        cls._add_property(
+            "hashValue",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/hashValue",
+            min_count=1,
+            compact="hashValue",
+        )
+        # The relative file name of a file to be excluded from the
+        # `PackageVerificationCode`.
+        cls._add_property(
+            "packageVerificationCodeExcludedFile",
+            ListProp(StringProp()),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/packageVerificationCodeExcludedFile",
+            compact="packageVerificationCodeExcludedFile",
+        )
+
+
+# A tuple of two positive integers that define a range.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/PositiveIntegerRange", compact_type="PositiveIntegerRange", abstract=False)
+class PositiveIntegerRange(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Defines the beginning of a range.
+        cls._add_property(
+            "beginIntegerRange",
+            PositiveIntegerProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/beginIntegerRange",
+            min_count=1,
+            compact="beginIntegerRange",
+        )
+        # Defines the end of a range.
+        cls._add_property(
+            "endIntegerRange",
+            PositiveIntegerProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/endIntegerRange",
+            min_count=1,
+            compact="endIntegerRange",
+        )
+
+
+# Categories of presence or absence.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/PresenceType", compact_type="PresenceType", abstract=False)
+class PresenceType(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+        "no": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/no",
+        "noAssertion": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/noAssertion",
+        "yes": "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/yes",
+    }
+    # Indicates absence of the field.
+    no = "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/no"
+    # Makes no assertion about the field.
+    noAssertion = "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/noAssertion"
+    # Indicates presence of the field.
+    yes = "https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/yes"
+
+
+# Enumeration of the valid profiles.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType", compact_type="ProfileIdentifierType", abstract=False)
+class ProfileIdentifierType(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+        "ai": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/ai",
+        "build": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/build",
+        "core": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/core",
+        "dataset": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/dataset",
+        "expandedLicensing": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/expandedLicensing",
+        "extension": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/extension",
+        "lite": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/lite",
+        "security": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/security",
+        "simpleLicensing": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/simpleLicensing",
+        "software": "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/software",
+    }
+    # the element follows the AI profile specification
+    ai = "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/ai"
+    # the element follows the Build profile specification
+    build = "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/build"
+    # the element follows the Core profile specification
+    core = "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/core"
+    # the element follows the Dataset profile specification
+    dataset = "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/dataset"
+    # the element follows the ExpandedLicensing profile specification
+    expandedLicensing = "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/expandedLicensing"
+    # the element follows the Extension profile specification
+    extension = "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/extension"
+    # the element follows the Lite profile specification
+    lite = "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/lite"
+    # the element follows the Security profile specification
+    security = "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/security"
+    # the element follows the SimpleLicensing profile specification
+    simpleLicensing = "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/simpleLicensing"
+    # the element follows the Software profile specification
+    software = "https://spdx.org/rdf/3.0.1/terms/Core/ProfileIdentifierType/software"
+
+
+# Describes a relationship between one or more elements.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/Relationship", compact_type="Relationship", abstract=False)
+class Relationship(Element):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Provides information about the completeness of relationships.
+        cls._add_property(
+            "completeness",
+            EnumProp([
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/complete", "complete"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/incomplete", "incomplete"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/noAssertion", "noAssertion"),
+                ]),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/completeness",
+            compact="completeness",
+        )
+        # Specifies the time from which an element is no longer applicable / valid.
+        cls._add_property(
+            "endTime",
+            DateTimeStampProp(pattern=r"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$",),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/endTime",
+            compact="endTime",
+        )
+        # References the Element on the left-hand side of a relationship.
+        cls._add_property(
+            "from_",
+            ObjectProp(Element, True, context=[
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/NoneElement", "NoneElement"),
+                    ("https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoAssertionLicense", "expandedlicensing_NoAssertionLicense"),
+                    ("https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoneLicense", "expandedlicensing_NoneLicense"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/SpdxOrganization", "SpdxOrganization"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/NoAssertionElement", "NoAssertionElement"),
+                ],),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/from",
+            min_count=1,
+            compact="from",
+        )
+        # Information about the relationship between two Elements.
+        cls._add_property(
+            "relationshipType",
+            EnumProp([
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/affects", "affects"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/amendedBy", "amendedBy"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/ancestorOf", "ancestorOf"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/availableFrom", "availableFrom"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/configures", "configures"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/contains", "contains"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/coordinatedBy", "coordinatedBy"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/copiedTo", "copiedTo"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/delegatedTo", "delegatedTo"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/dependsOn", "dependsOn"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/descendantOf", "descendantOf"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/describes", "describes"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/doesNotAffect", "doesNotAffect"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/expandsTo", "expandsTo"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/exploitCreatedBy", "exploitCreatedBy"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedBy", "fixedBy"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedIn", "fixedIn"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/foundBy", "foundBy"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/generates", "generates"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAddedFile", "hasAddedFile"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssessmentFor", "hasAssessmentFor"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssociatedVulnerability", "hasAssociatedVulnerability"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasConcludedLicense", "hasConcludedLicense"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDataFile", "hasDataFile"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeclaredLicense", "hasDeclaredLicense"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeletedFile", "hasDeletedFile"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDependencyManifest", "hasDependencyManifest"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDistributionArtifact", "hasDistributionArtifact"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDocumentation", "hasDocumentation"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDynamicLink", "hasDynamicLink"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasEvidence", "hasEvidence"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasExample", "hasExample"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasHost", "hasHost"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasInput", "hasInput"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasMetadata", "hasMetadata"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalComponent", "hasOptionalComponent"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalDependency", "hasOptionalDependency"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOutput", "hasOutput"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasPrerequisite", "hasPrerequisite"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasProvidedDependency", "hasProvidedDependency"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasRequirement", "hasRequirement"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasSpecification", "hasSpecification"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasStaticLink", "hasStaticLink"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTest", "hasTest"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTestCase", "hasTestCase"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasVariant", "hasVariant"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/invokedBy", "invokedBy"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/modifiedBy", "modifiedBy"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/other", "other"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/packagedBy", "packagedBy"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/patchedBy", "patchedBy"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/publishedBy", "publishedBy"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/reportedBy", "reportedBy"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/republishedBy", "republishedBy"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/serializedInArtifact", "serializedInArtifact"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/testedOn", "testedOn"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/trainedOn", "trainedOn"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/underInvestigationFor", "underInvestigationFor"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/usesTool", "usesTool"),
+                ]),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/relationshipType",
+            min_count=1,
+            compact="relationshipType",
+        )
+        # Specifies the time from which an element is applicable / valid.
+        cls._add_property(
+            "startTime",
+            DateTimeStampProp(pattern=r"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$",),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/startTime",
+            compact="startTime",
+        )
+        # References an Element on the right-hand side of a relationship.
+        cls._add_property(
+            "to",
+            ListProp(ObjectProp(Element, False, context=[
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/NoneElement", "NoneElement"),
+                    ("https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoAssertionLicense", "expandedlicensing_NoAssertionLicense"),
+                    ("https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoneLicense", "expandedlicensing_NoneLicense"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/SpdxOrganization", "SpdxOrganization"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/NoAssertionElement", "NoAssertionElement"),
+                ],)),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/to",
+            min_count=1,
+            compact="to",
+        )
+
+
+# Indicates whether a relationship is known to be complete, incomplete, or if no assertion is made with respect to relationship completeness.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness", compact_type="RelationshipCompleteness", abstract=False)
+class RelationshipCompleteness(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+        "complete": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/complete",
+        "incomplete": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/incomplete",
+        "noAssertion": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/noAssertion",
+    }
+    # The relationship is known to be exhaustive.
+    complete = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/complete"
+    # The relationship is known not to be exhaustive.
+    incomplete = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/incomplete"
+    # No assertion can be made about the completeness of the relationship.
+    noAssertion = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipCompleteness/noAssertion"
+
+
+# Information about the relationship between two Elements.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType", compact_type="RelationshipType", abstract=False)
+class RelationshipType(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+        "affects": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/affects",
+        "amendedBy": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/amendedBy",
+        "ancestorOf": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/ancestorOf",
+        "availableFrom": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/availableFrom",
+        "configures": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/configures",
+        "contains": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/contains",
+        "coordinatedBy": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/coordinatedBy",
+        "copiedTo": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/copiedTo",
+        "delegatedTo": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/delegatedTo",
+        "dependsOn": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/dependsOn",
+        "descendantOf": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/descendantOf",
+        "describes": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/describes",
+        "doesNotAffect": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/doesNotAffect",
+        "expandsTo": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/expandsTo",
+        "exploitCreatedBy": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/exploitCreatedBy",
+        "fixedBy": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedBy",
+        "fixedIn": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedIn",
+        "foundBy": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/foundBy",
+        "generates": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/generates",
+        "hasAddedFile": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAddedFile",
+        "hasAssessmentFor": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssessmentFor",
+        "hasAssociatedVulnerability": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssociatedVulnerability",
+        "hasConcludedLicense": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasConcludedLicense",
+        "hasDataFile": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDataFile",
+        "hasDeclaredLicense": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeclaredLicense",
+        "hasDeletedFile": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeletedFile",
+        "hasDependencyManifest": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDependencyManifest",
+        "hasDistributionArtifact": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDistributionArtifact",
+        "hasDocumentation": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDocumentation",
+        "hasDynamicLink": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDynamicLink",
+        "hasEvidence": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasEvidence",
+        "hasExample": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasExample",
+        "hasHost": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasHost",
+        "hasInput": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasInput",
+        "hasMetadata": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasMetadata",
+        "hasOptionalComponent": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalComponent",
+        "hasOptionalDependency": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalDependency",
+        "hasOutput": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOutput",
+        "hasPrerequisite": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasPrerequisite",
+        "hasProvidedDependency": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasProvidedDependency",
+        "hasRequirement": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasRequirement",
+        "hasSpecification": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasSpecification",
+        "hasStaticLink": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasStaticLink",
+        "hasTest": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTest",
+        "hasTestCase": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTestCase",
+        "hasVariant": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasVariant",
+        "invokedBy": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/invokedBy",
+        "modifiedBy": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/modifiedBy",
+        "other": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/other",
+        "packagedBy": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/packagedBy",
+        "patchedBy": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/patchedBy",
+        "publishedBy": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/publishedBy",
+        "reportedBy": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/reportedBy",
+        "republishedBy": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/republishedBy",
+        "serializedInArtifact": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/serializedInArtifact",
+        "testedOn": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/testedOn",
+        "trainedOn": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/trainedOn",
+        "underInvestigationFor": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/underInvestigationFor",
+        "usesTool": "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/usesTool",
+    }
+    # The `from` Vulnerability affects each `to` Element. The use of the `affects` type is constrained to `VexAffectedVulnAssessmentRelationship` classed relationships.
+    affects = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/affects"
+    # The `from` Element is amended by each `to` Element.
+    amendedBy = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/amendedBy"
+    # The `from` Element is an ancestor of each `to` Element.
+    ancestorOf = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/ancestorOf"
+    # The `from` Element is available from the additional supplier described by each `to` Element.
+    availableFrom = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/availableFrom"
+    # The `from` Element is a configuration applied to each `to` Element, during a LifecycleScopeType period.
+    configures = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/configures"
+    # The `from` Element contains each `to` Element.
+    contains = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/contains"
+    # The `from` Vulnerability is coordinatedBy the `to` Agent(s) (vendor, researcher, or consumer agent).
+    coordinatedBy = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/coordinatedBy"
+    # The `from` Element has been copied to each `to` Element.
+    copiedTo = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/copiedTo"
+    # The `from` Agent is delegating an action to the Agent of the `to` Relationship (which must be of type invokedBy), during a LifecycleScopeType (e.g. the `to` invokedBy Relationship is being done on behalf of `from`).
+    delegatedTo = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/delegatedTo"
+    # The `from` Element depends on each `to` Element, during a LifecycleScopeType period.
+    dependsOn = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/dependsOn"
+    # The `from` Element is a descendant of each `to` Element.
+    descendantOf = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/descendantOf"
+    # The `from` Element describes each `to` Element. To denote the root(s) of a tree of elements in a collection, the rootElement property should be used.
+    describes = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/describes"
+    # The `from` Vulnerability has no impact on each `to` Element. The use of the `doesNotAffect` is constrained to `VexNotAffectedVulnAssessmentRelationship` classed relationships.
+    doesNotAffect = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/doesNotAffect"
+    # The `from` archive expands out as an artifact described by each `to` Element.
+    expandsTo = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/expandsTo"
+    # The `from` Vulnerability has had an exploit created against it by each `to` Agent.
+    exploitCreatedBy = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/exploitCreatedBy"
+    # Designates a `from` Vulnerability has been fixed by the `to` Agent(s).
+    fixedBy = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedBy"
+    # A `from` Vulnerability has been fixed in each `to` Element. The use of the `fixedIn` type is constrained to `VexFixedVulnAssessmentRelationship` classed relationships.
+    fixedIn = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/fixedIn"
+    # Designates a `from` Vulnerability was originally discovered by the `to` Agent(s).
+    foundBy = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/foundBy"
+    # The `from` Element generates each `to` Element.
+    generates = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/generates"
+    # Every `to` Element is a file added to the `from` Element (`from` hasAddedFile `to`).
+    hasAddedFile = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAddedFile"
+    # Relates a `from` Vulnerability and each `to` Element with a security assessment. To be used with `VulnAssessmentRelationship` types.
+    hasAssessmentFor = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssessmentFor"
+    # Used to associate a `from` Artifact with each `to` Vulnerability.
+    hasAssociatedVulnerability = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasAssociatedVulnerability"
+    # The `from` SoftwareArtifact is concluded by the SPDX data creator to be governed by each `to` license.
+    hasConcludedLicense = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasConcludedLicense"
+    # The `from` Element treats each `to` Element as a data file. A data file is an artifact that stores data required or optional for the `from` Element's functionality. A data file can be a database file, an index file, a log file, an AI model file, a calibration data file, a temporary file, a backup file, and more. For AI training dataset, test dataset, test artifact, configuration data, build input data, and build output data, please consider using the more specific relationship types: `trainedOn`, `testedOn`, `hasTest`, `configures`, `hasInput`, and `hasOutput`, respectively. This relationship does not imply dependency.
+    hasDataFile = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDataFile"
+    # The `from` SoftwareArtifact was discovered to actually contain each `to` license, for example as detected by use of automated tooling.
+    hasDeclaredLicense = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeclaredLicense"
+    # Every `to` Element is a file deleted from the `from` Element (`from` hasDeletedFile `to`).
+    hasDeletedFile = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDeletedFile"
+    # The `from` Element has manifest files that contain dependency information in each `to` Element.
+    hasDependencyManifest = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDependencyManifest"
+    # The `from` Element is distributed as an artifact in each `to` Element (e.g. an RPM or archive file).
+    hasDistributionArtifact = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDistributionArtifact"
+    # The `from` Element is documented by each `to` Element.
+    hasDocumentation = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDocumentation"
+    # The `from` Element dynamically links in each `to` Element, during a LifecycleScopeType period.
+    hasDynamicLink = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasDynamicLink"
+    # Every `to` Element is considered as evidence for the `from` Element (`from` hasEvidence `to`).
+    hasEvidence = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasEvidence"
+    # Every `to` Element is an example for the `from` Element (`from` hasExample `to`).
+    hasExample = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasExample"
+    # The `from` Build was run on the `to` Element during a LifecycleScopeType period (e.g. the host that the build runs on).
+    hasHost = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasHost"
+    # The `from` Build has each `to` Element as an input, during a LifecycleScopeType period.
+    hasInput = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasInput"
+    # Every `to` Element is metadata about the `from` Element (`from` hasMetadata `to`).
+    hasMetadata = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasMetadata"
+    # Every `to` Element is an optional component of the `from` Element (`from` hasOptionalComponent `to`).
+    hasOptionalComponent = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalComponent"
+    # The `from` Element optionally depends on each `to` Element, during a LifecycleScopeType period.
+    hasOptionalDependency = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOptionalDependency"
+    # The `from` Build element generates each `to` Element as an output, during a LifecycleScopeType period.
+    hasOutput = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasOutput"
+    # The `from` Element has a prerequisite on each `to` Element, during a LifecycleScopeType period.
+    hasPrerequisite = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasPrerequisite"
+    # The `from` Element has a dependency on each `to` Element, dependency is not in the distributed artifact, but assumed to be provided, during a LifecycleScopeType period.
+    hasProvidedDependency = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasProvidedDependency"
+    # The `from` Element has a requirement on each `to` Element, during a LifecycleScopeType period.
+    hasRequirement = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasRequirement"
+    # Every `to` Element is a specification for the `from` Element (`from` hasSpecification `to`), during a LifecycleScopeType period.
+    hasSpecification = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasSpecification"
+    # The `from` Element statically links in each `to` Element, during a LifecycleScopeType period.
+    hasStaticLink = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasStaticLink"
+    # Every `to` Element is a test artifact for the `from` Element (`from` hasTest `to`), during a LifecycleScopeType period.
+    hasTest = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTest"
+    # Every `to` Element is a test case for the `from` Element (`from` hasTestCase `to`).
+    hasTestCase = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasTestCase"
+    # Every `to` Element is a variant the `from` Element (`from` hasVariant `to`).
+    hasVariant = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/hasVariant"
+    # The `from` Element was invoked by the `to` Agent, during a LifecycleScopeType period (for example, a Build element that describes a build step).
+    invokedBy = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/invokedBy"
+    # The `from` Element is modified by each `to` Element.
+    modifiedBy = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/modifiedBy"
+    # Every `to` Element is related to the `from` Element where the relationship type is not described by any of the SPDX relationship types (this relationship is directionless).
+    other = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/other"
+    # Every `to` Element is a packaged instance of the `from` Element (`from` packagedBy `to`).
+    packagedBy = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/packagedBy"
+    # Every `to` Element is a patch for the `from` Element (`from` patchedBy `to`).
+    patchedBy = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/patchedBy"
+    # Designates a `from` Vulnerability was made available for public use or reference by each `to` Agent.
+    publishedBy = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/publishedBy"
+    # Designates a `from` Vulnerability was first reported to a project, vendor, or tracking database for formal identification by each `to` Agent.
+    reportedBy = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/reportedBy"
+    # Designates a `from` Vulnerability's details were tracked, aggregated, and/or enriched to improve context (i.e. NVD) by each `to` Agent.
+    republishedBy = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/republishedBy"
+    # The `from` SpdxDocument can be found in a serialized form in each `to` Artifact.
+    serializedInArtifact = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/serializedInArtifact"
+    # The `from` Element has been tested on the `to` Element(s).
+    testedOn = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/testedOn"
+    # The `from` Element has been trained on the `to` Element(s).
+    trainedOn = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/trainedOn"
+    # The `from` Vulnerability impact is being investigated for each `to` Element. The use of the `underInvestigationFor` type is constrained to `VexUnderInvestigationVulnAssessmentRelationship` classed relationships.
+    underInvestigationFor = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/underInvestigationFor"
+    # The `from` Element uses each `to` Element as a tool, during a LifecycleScopeType period.
+    usesTool = "https://spdx.org/rdf/3.0.1/terms/Core/RelationshipType/usesTool"
+
+
+# A collection of SPDX Elements that could potentially be serialized.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/SpdxDocument", compact_type="SpdxDocument", abstract=False)
+class SpdxDocument(ElementCollection):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Provides the license under which the SPDX documentation of the Element can be
+        # used.
+        cls._add_property(
+            "dataLicense",
+            ObjectProp(simplelicensing_AnyLicenseInfo, False, context=[
+                    ("https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoAssertionLicense", "expandedlicensing_NoAssertionLicense"),
+                    ("https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoneLicense", "expandedlicensing_NoneLicense"),
+                ],),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/dataLicense",
+            compact="dataLicense",
+        )
+        # Provides an ExternalMap of Element identifiers.
+        cls._add_property(
+            "import_",
+            ListProp(ObjectProp(ExternalMap, False)),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/import",
+            compact="import",
+        )
+        # Provides a NamespaceMap of prefixes and associated namespace partial URIs applicable to an SpdxDocument and independent of any specific serialization format or instance.
+        cls._add_property(
+            "namespaceMap",
+            ListProp(ObjectProp(NamespaceMap, False)),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/namespaceMap",
+            compact="namespaceMap",
+        )
+
+
+# Indicates the type of support that is associated with an artifact.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/SupportType", compact_type="SupportType", abstract=False)
+class SupportType(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+        "deployed": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/deployed",
+        "development": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/development",
+        "endOfSupport": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/endOfSupport",
+        "limitedSupport": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/limitedSupport",
+        "noAssertion": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noAssertion",
+        "noSupport": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noSupport",
+        "support": "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/support",
+    }
+    # in addition to being supported by the supplier, the software is known to have been deployed and is in use.  For a software as a service provider, this implies the software is now available as a service.
+    deployed = "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/deployed"
+    # the artifact is in active development and is not considered ready for formal support from the supplier.
+    development = "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/development"
+    # there is a defined end of support for the artifact from the supplier.  This may also be referred to as end of life. There is a validUntilDate that can be used to signal when support ends for the artifact.
+    endOfSupport = "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/endOfSupport"
+    # the artifact has been released, and there is limited support available from the supplier. There is a validUntilDate that can provide additional information about the duration of support.
+    limitedSupport = "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/limitedSupport"
+    # no assertion about the type of support is made.   This is considered the default if no other support type is used.
+    noAssertion = "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noAssertion"
+    # there is no support for the artifact from the supplier, consumer assumes any support obligations.
+    noSupport = "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noSupport"
+    # the artifact has been released, and is supported from the supplier.   There is a validUntilDate that can provide additional information about the duration of support.
+    support = "https://spdx.org/rdf/3.0.1/terms/Core/SupportType/support"
+
+
+# An element of hardware and/or software utilized to carry out a particular function.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/Tool", compact_type="Tool", abstract=False)
+class Tool(Element):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+
+# Categories of confidentiality level.
+@register("https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType", compact_type="dataset_ConfidentialityLevelType", abstract=False)
+class dataset_ConfidentialityLevelType(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+        "amber": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/amber",
+        "clear": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/clear",
+        "green": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/green",
+        "red": "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/red",
+    }
+    # Data points in the dataset can be shared only with specific organizations and their clients on a need to know basis.
+    amber = "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/amber"
+    # Dataset may be distributed freely, without restriction.
+    clear = "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/clear"
+    # Dataset can be shared within a community of peers and partners.
+    green = "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/green"
+    # Data points in the dataset are highly confidential and can only be shared with named recipients.
+    red = "https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/red"
+
+
+# Availability of dataset.
+@register("https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType", compact_type="dataset_DatasetAvailabilityType", abstract=False)
+class dataset_DatasetAvailabilityType(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+        "clickthrough": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/clickthrough",
+        "directDownload": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/directDownload",
+        "query": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/query",
+        "registration": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/registration",
+        "scrapingScript": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/scrapingScript",
+    }
+    # the dataset is not publicly available and can only be accessed after affirmatively accepting terms on a clickthrough webpage.
+    clickthrough = "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/clickthrough"
+    # the dataset is publicly available and can be downloaded directly.
+    directDownload = "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/directDownload"
+    # the dataset is publicly available, but not all at once, and can only be accessed through queries which return parts of the dataset.
+    query = "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/query"
+    # the dataset is not publicly available and an email registration is required before accessing the dataset, although without an affirmative acceptance of terms.
+    registration = "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/registration"
+    # the dataset provider is not making available the underlying data and the dataset must be reassembled, typically using the provided script for scraping the data.
+    scrapingScript = "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/scrapingScript"
+
+
+# Enumeration of dataset types.
+@register("https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType", compact_type="dataset_DatasetType", abstract=False)
+class dataset_DatasetType(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+        "audio": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/audio",
+        "categorical": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/categorical",
+        "graph": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/graph",
+        "image": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/image",
+        "noAssertion": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/noAssertion",
+        "numeric": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/numeric",
+        "other": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/other",
+        "sensor": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/sensor",
+        "structured": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/structured",
+        "syntactic": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/syntactic",
+        "text": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/text",
+        "timeseries": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timeseries",
+        "timestamp": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timestamp",
+        "video": "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/video",
+    }
+    # data is audio based, such as a collection of music from the 80s.
+    audio = "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/audio"
+    # data that is classified into a discrete number of categories, such as the eye color of a population of people.
+    categorical = "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/categorical"
+    # data is in the form of a graph where entries are somehow related to each other through edges, such a social network of friends.
+    graph = "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/graph"
+    # data is a collection of images such as pictures of animals.
+    image = "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/image"
+    # data type is not known.
+    noAssertion = "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/noAssertion"
+    # data consists only of numeric entries.
+    numeric = "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/numeric"
+    # data is of a type not included in this list.
+    other = "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/other"
+    # data is recorded from a physical sensor, such as a thermometer reading or biometric device.
+    sensor = "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/sensor"
+    # data is stored in tabular format or retrieved from a relational database.
+    structured = "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/structured"
+    # data describes the syntax or semantics of a language or text, such as a parse tree used for natural language processing.
+    syntactic = "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/syntactic"
+    # data consists of unstructured text, such as a book, Wikipedia article (without images), or transcript.
+    text = "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/text"
+    # data is recorded in an ordered sequence of timestamped entries, such as the price of a stock over the course of a day.
+    timeseries = "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timeseries"
+    # data is recorded with a timestamp for each entry, but not necessarily ordered or at specific intervals, such as when a taxi ride starts and ends.
+    timestamp = "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timestamp"
+    # data is video based, such as a collection of movie clips featuring Tom Hanks.
+    video = "https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/video"
+
+
+# Abstract class for additional text intended to be added to a License, but
+# which is not itself a standalone License.
+@register("https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/LicenseAddition", compact_type="expandedlicensing_LicenseAddition", abstract=True)
+class expandedlicensing_LicenseAddition(Element):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Identifies the full text of a LicenseAddition.
+        cls._add_property(
+            "expandedlicensing_additionText",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/additionText",
+            min_count=1,
+            compact="expandedlicensing_additionText",
+        )
+        # Specifies whether an additional text identifier has been marked as deprecated.
+        cls._add_property(
+            "expandedlicensing_isDeprecatedAdditionId",
+            BooleanProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedAdditionId",
+            compact="expandedlicensing_isDeprecatedAdditionId",
+        )
+        # Identifies all the text and metadata associated with a license in the license
+        # XML format.
+        cls._add_property(
+            "expandedlicensing_licenseXml",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml",
+            compact="expandedlicensing_licenseXml",
+        )
+        # Specifies the licenseId that is preferred to be used in place of a deprecated
+        # License or LicenseAddition.
+        cls._add_property(
+            "expandedlicensing_obsoletedBy",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy",
+            compact="expandedlicensing_obsoletedBy",
+        )
+        # Contains a URL where the License or LicenseAddition can be found in use.
+        cls._add_property(
+            "expandedlicensing_seeAlso",
+            ListProp(AnyURIProp()),
+            iri="https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso",
+            compact="expandedlicensing_seeAlso",
+        )
+        # Identifies the full text of a LicenseAddition, in SPDX templating format.
+        cls._add_property(
+            "expandedlicensing_standardAdditionTemplate",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardAdditionTemplate",
+            compact="expandedlicensing_standardAdditionTemplate",
+        )
+
+
+# A license exception that is listed on the SPDX Exceptions list.
+@register("https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicenseException", compact_type="expandedlicensing_ListedLicenseException", abstract=False)
+class expandedlicensing_ListedLicenseException(expandedlicensing_LicenseAddition):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Specifies the SPDX License List version in which this license or exception
+        # identifier was deprecated.
+        cls._add_property(
+            "expandedlicensing_deprecatedVersion",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion",
+            compact="expandedlicensing_deprecatedVersion",
+        )
+        # Specifies the SPDX License List version in which this ListedLicense or
+        # ListedLicenseException identifier was first added.
+        cls._add_property(
+            "expandedlicensing_listVersionAdded",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded",
+            compact="expandedlicensing_listVersionAdded",
+        )
+
+
+# A property name with an associated value.
+@register("https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertyEntry", compact_type="extension_CdxPropertyEntry", abstract=False)
+class extension_CdxPropertyEntry(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # A name used in a CdxPropertyEntry name-value pair.
+        cls._add_property(
+            "extension_cdxPropName",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropName",
+            min_count=1,
+            compact="extension_cdxPropName",
+        )
+        # A value used in a CdxPropertyEntry name-value pair.
+        cls._add_property(
+            "extension_cdxPropValue",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Extension/cdxPropValue",
+            compact="extension_cdxPropValue",
+        )
+
+
+# A characterization of some aspect of an Element that is associated with the Element in a generalized fashion.
+@register("https://spdx.org/rdf/3.0.1/terms/Extension/Extension", compact_type="extension_Extension", abstract=True)
+class extension_Extension(SHACLExtensibleObject, SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+    }
+
+
+# Specifies the CVSS base, temporal, threat, or environmental severity type.
+@register("https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType", compact_type="security_CvssSeverityType", abstract=False)
+class security_CvssSeverityType(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+        "critical": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/critical",
+        "high": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/high",
+        "low": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/low",
+        "medium": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/medium",
+        "none": "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/none",
+    }
+    # When a CVSS score is between 9.0 - 10.0
+    critical = "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/critical"
+    # When a CVSS score is between 7.0 - 8.9
+    high = "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/high"
+    # When a CVSS score is between 0.1 - 3.9
+    low = "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/low"
+    # When a CVSS score is between 4.0 - 6.9
+    medium = "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/medium"
+    # When a CVSS score is 0.0
+    none = "https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/none"
+
+
+# Specifies the exploit catalog type.
+@register("https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType", compact_type="security_ExploitCatalogType", abstract=False)
+class security_ExploitCatalogType(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+        "kev": "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/kev",
+        "other": "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/other",
+    }
+    # CISA's Known Exploited Vulnerability (KEV) Catalog
+    kev = "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/kev"
+    # Other exploit catalogs
+    other = "https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/other"
+
+
+# Specifies the SSVC decision type.
+@register("https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType", compact_type="security_SsvcDecisionType", abstract=False)
+class security_SsvcDecisionType(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+        "act": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/act",
+        "attend": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/attend",
+        "track": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/track",
+        "trackStar": "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/trackStar",
+    }
+    # The vulnerability requires attention from the organization's internal, supervisory-level and leadership-level individuals. Necessary actions include requesting assistance or information about the vulnerability, as well as publishing a notification either internally and/or externally. Typically, internal groups would meet to determine the overall response and then execute agreed upon actions. CISA recommends remediating Act vulnerabilities as soon as possible.
+    act = "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/act"
+    # The vulnerability requires attention from the organization's internal, supervisory-level individuals. Necessary actions include requesting assistance or information about the vulnerability, and may involve publishing a notification either internally and/or externally. CISA recommends remediating Attend vulnerabilities sooner than standard update timelines.
+    attend = "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/attend"
+    # The vulnerability does not require action at this time. The organization would continue to track the vulnerability and reassess it if new information becomes available. CISA recommends remediating Track vulnerabilities within standard update timelines.
+    track = "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/track"
+    # ("Track\*" in the SSVC spec) The vulnerability contains specific characteristics that may require closer monitoring for changes. CISA recommends remediating Track\* vulnerabilities within standard update timelines.
+    trackStar = "https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/trackStar"
+
+
+# Specifies the VEX justification type.
+@register("https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType", compact_type="security_VexJustificationType", abstract=False)
+class security_VexJustificationType(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+        "componentNotPresent": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/componentNotPresent",
+        "inlineMitigationsAlreadyExist": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/inlineMitigationsAlreadyExist",
+        "vulnerableCodeCannotBeControlledByAdversary": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeCannotBeControlledByAdversary",
+        "vulnerableCodeNotInExecutePath": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotInExecutePath",
+        "vulnerableCodeNotPresent": "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotPresent",
+    }
+    # The software is not affected because the vulnerable component is not in the product.
+    componentNotPresent = "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/componentNotPresent"
+    # Built-in inline controls or mitigations prevent an adversary from leveraging the vulnerability.
+    inlineMitigationsAlreadyExist = "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/inlineMitigationsAlreadyExist"
+    # The vulnerable component is present, and the component contains the vulnerable code. However, vulnerable code is used in such a way that an attacker cannot mount any anticipated attack.
+    vulnerableCodeCannotBeControlledByAdversary = "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeCannotBeControlledByAdversary"
+    # The affected code is not reachable through the execution of the code, including non-anticipated states of the product.
+    vulnerableCodeNotInExecutePath = "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotInExecutePath"
+    # The product is not affected because the code underlying the vulnerability is not present in the product.
+    vulnerableCodeNotPresent = "https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotPresent"
+
+
+# Abstract ancestor class for all vulnerability assessments
+@register("https://spdx.org/rdf/3.0.1/terms/Security/VulnAssessmentRelationship", compact_type="security_VulnAssessmentRelationship", abstract=True)
+class security_VulnAssessmentRelationship(Relationship):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Identifies who or what supplied the artifact or VulnAssessmentRelationship
+        # referenced by the Element.
+        cls._add_property(
+            "suppliedBy",
+            ObjectProp(Agent, False, context=[
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/SpdxOrganization", "SpdxOrganization"),
+                ],),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy",
+            compact="suppliedBy",
+        )
+        # Specifies an Element contained in a piece of software where a vulnerability was
+        # found.
+        cls._add_property(
+            "security_assessedElement",
+            ObjectProp(software_SoftwareArtifact, False),
+            iri="https://spdx.org/rdf/3.0.1/terms/Security/assessedElement",
+            compact="security_assessedElement",
+        )
+        # Specifies a time when a vulnerability assessment was modified
+        cls._add_property(
+            "security_modifiedTime",
+            DateTimeStampProp(pattern=r"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$",),
+            iri="https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime",
+            compact="security_modifiedTime",
+        )
+        # Specifies the time when a vulnerability was published.
+        cls._add_property(
+            "security_publishedTime",
+            DateTimeStampProp(pattern=r"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$",),
+            iri="https://spdx.org/rdf/3.0.1/terms/Security/publishedTime",
+            compact="security_publishedTime",
+        )
+        # Specified the time and date when a vulnerability was withdrawn.
+        cls._add_property(
+            "security_withdrawnTime",
+            DateTimeStampProp(pattern=r"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$",),
+            iri="https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime",
+            compact="security_withdrawnTime",
+        )
+
+
+# Abstract class representing a license combination consisting of one or more licenses.
+@register("https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/AnyLicenseInfo", compact_type="simplelicensing_AnyLicenseInfo", abstract=True)
+class simplelicensing_AnyLicenseInfo(Element):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+
+# An SPDX Element containing an SPDX license expression string.
+@register("https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/LicenseExpression", compact_type="simplelicensing_LicenseExpression", abstract=False)
+class simplelicensing_LicenseExpression(simplelicensing_AnyLicenseInfo):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Maps a LicenseRef or AdditionRef string for a Custom License or a Custom
+        # License Addition to its URI ID.
+        cls._add_property(
+            "simplelicensing_customIdToUri",
+            ListProp(ObjectProp(DictionaryEntry, False)),
+            iri="https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/customIdToUri",
+            compact="simplelicensing_customIdToUri",
+        )
+        # A string in the license expression format.
+        cls._add_property(
+            "simplelicensing_licenseExpression",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseExpression",
+            min_count=1,
+            compact="simplelicensing_licenseExpression",
+        )
+        # The version of the SPDX License List used in the license expression.
+        cls._add_property(
+            "simplelicensing_licenseListVersion",
+            StringProp(pattern=r"^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$",),
+            iri="https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseListVersion",
+            compact="simplelicensing_licenseListVersion",
+        )
+
+
+# A license or addition that is not listed on the SPDX License List.
+@register("https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/SimpleLicensingText", compact_type="simplelicensing_SimpleLicensingText", abstract=False)
+class simplelicensing_SimpleLicensingText(Element):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Identifies the full text of a License or Addition.
+        cls._add_property(
+            "simplelicensing_licenseText",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText",
+            min_count=1,
+            compact="simplelicensing_licenseText",
+        )
+
+
+# A canonical, unique, immutable identifier
+@register("https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifier", compact_type="software_ContentIdentifier", abstract=False)
+class software_ContentIdentifier(IntegrityMethod):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Specifies the type of the content identifier.
+        cls._add_property(
+            "software_contentIdentifierType",
+            EnumProp([
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/gitoid", "gitoid"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/swhid", "swhid"),
+                ]),
+            iri="https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierType",
+            min_count=1,
+            compact="software_contentIdentifierType",
+        )
+        # Specifies the value of the content identifier.
+        cls._add_property(
+            "software_contentIdentifierValue",
+            AnyURIProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifierValue",
+            min_count=1,
+            compact="software_contentIdentifierValue",
+        )
+
+
+# Specifies the type of a content identifier.
+@register("https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType", compact_type="software_ContentIdentifierType", abstract=False)
+class software_ContentIdentifierType(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+        "gitoid": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/gitoid",
+        "swhid": "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/swhid",
+    }
+    # [Gitoid](https://www.iana.org/assignments/uri-schemes/prov/gitoid), stands for [Git Object ID](https://git-scm.com/book/en/v2/Git-Internals-Git-Objects). A gitoid of type blob is a unique hash of a binary artifact. A gitoid may represent either an [Artifact Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-identifier-types) for the software artifact or an [Input Manifest Identifier](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#input-manifest-identifier) for the software artifact's associated [Artifact Input Manifest](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-input-manifest); this ambiguity exists because the Artifact Input Manifest is itself an artifact, and the gitoid of that artifact is its valid identifier. Gitoids calculated on software artifacts (Snippet, File, or Package Elements) should be recorded in the SPDX 3.0 SoftwareArtifact's contentIdentifier property. Gitoids calculated on the Artifact Input Manifest (Input Manifest Identifier) should be recorded in the SPDX 3.0 Element's externalIdentifier property. See [OmniBOR Specification](https://github.com/omnibor/spec/), a minimalistic specification for describing software [Artifact Dependency Graphs](https://github.com/omnibor/spec/blob/eb1ee5c961c16215eb8709b2975d193a2007a35d/spec/SPEC.md#artifact-dependency-graph-adg).
+    gitoid = "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/gitoid"
+    # SoftWare Hash IDentifier, a persistent intrinsic identifier for digital artifacts, such as files, trees (also known as directories or folders), commits, and other objects typically found in version control systems. The format of the identifiers is defined in the [SWHID specification](https://www.swhid.org/specification/v1.1/4.Syntax) (ISO/IEC DIS 18670). They typically look like `swh:1:cnt:94a9ed024d3859793618152ea559a168bbcbb5e2`.
+    swhid = "https://spdx.org/rdf/3.0.1/terms/Software/ContentIdentifierType/swhid"
+
+
+# Enumeration of the different kinds of SPDX file.
+@register("https://spdx.org/rdf/3.0.1/terms/Software/FileKindType", compact_type="software_FileKindType", abstract=False)
+class software_FileKindType(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+        "directory": "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/directory",
+        "file": "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/file",
+    }
+    # The file represents a directory and all content stored in that directory.
+    directory = "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/directory"
+    # The file represents a single file (default).
+    file = "https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/file"
+
+
+# Provides a set of values to be used to describe the common types of SBOMs that
+# tools may create.
+@register("https://spdx.org/rdf/3.0.1/terms/Software/SbomType", compact_type="software_SbomType", abstract=False)
+class software_SbomType(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+        "analyzed": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/analyzed",
+        "build": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/build",
+        "deployed": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/deployed",
+        "design": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/design",
+        "runtime": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/runtime",
+        "source": "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/source",
+    }
+    # SBOM generated through analysis of artifacts (e.g., executables, packages, containers, and virtual machine images) after its build. Such analysis generally requires a variety of heuristics. In some contexts, this may also be referred to as a "3rd party" SBOM.
+    analyzed = "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/analyzed"
+    # SBOM generated as part of the process of building the software to create a releasable artifact (e.g., executable or package) from data such as source files, dependencies, built components, build process ephemeral data, and other SBOMs.
+    build = "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/build"
+    # SBOM provides an inventory of software that is present on a system. This may be an assembly of other SBOMs that combines analysis of configuration options, and examination of execution behavior in a (potentially simulated) deployment environment.
+    deployed = "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/deployed"
+    # SBOM of intended, planned software project or product with included components (some of which may not yet exist) for a new software artifact.
+    design = "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/design"
+    # SBOM generated through instrumenting the system running the software, to capture only components present in the system, as well as external call-outs or dynamically loaded components. In some contexts, this may also be referred to as an "Instrumented" or "Dynamic" SBOM.
+    runtime = "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/runtime"
+    # SBOM created directly from the development environment, source files, and included dependencies used to build an product artifact.
+    source = "https://spdx.org/rdf/3.0.1/terms/Software/SbomType/source"
+
+
+# Provides information about the primary purpose of an Element.
+@register("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose", compact_type="software_SoftwarePurpose", abstract=False)
+class software_SoftwarePurpose(SHACLObject):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+        "application": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/application",
+        "archive": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/archive",
+        "bom": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/bom",
+        "configuration": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/configuration",
+        "container": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/container",
+        "data": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/data",
+        "device": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/device",
+        "deviceDriver": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/deviceDriver",
+        "diskImage": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/diskImage",
+        "documentation": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/documentation",
+        "evidence": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/evidence",
+        "executable": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/executable",
+        "file": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/file",
+        "filesystemImage": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/filesystemImage",
+        "firmware": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/firmware",
+        "framework": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/framework",
+        "install": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/install",
+        "library": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/library",
+        "manifest": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/manifest",
+        "model": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/model",
+        "module": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/module",
+        "operatingSystem": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/operatingSystem",
+        "other": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/other",
+        "patch": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/patch",
+        "platform": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/platform",
+        "requirement": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/requirement",
+        "source": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/source",
+        "specification": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/specification",
+        "test": "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/test",
+    }
+    # The Element is a software application.
+    application = "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/application"
+    # The Element is an archived collection of one or more files (.tar, .zip, etc.).
+    archive = "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/archive"
+    # The Element is a bill of materials.
+    bom = "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/bom"
+    # The Element is configuration data.
+    configuration = "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/configuration"
+    # The Element is a container image which can be used by a container runtime application.
+    container = "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/container"
+    # The Element is data.
+    data = "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/data"
+    # The Element refers to a chipset, processor, or electronic board.
+    device = "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/device"
+    # The Element represents software that controls hardware devices.
+    deviceDriver = "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/deviceDriver"
+    # The Element refers to a disk image that can be written to a disk, booted in a VM, etc. A disk image typically contains most or all of the components necessary to boot, such as bootloaders, kernels, firmware, userspace, etc.
+    diskImage = "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/diskImage"
+    # The Element is documentation.
+    documentation = "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/documentation"
+    # The Element is the evidence that a specification or requirement has been fulfilled.
+    evidence = "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/evidence"
+    # The Element is an Artifact that can be run on a computer.
+    executable = "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/executable"
+    # The Element is a single file which can be independently distributed (configuration file, statically linked binary, Kubernetes deployment, etc.).
+    file = "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/file"
+    # The Element is a file system image that can be written to a disk (or virtual) partition.
+    filesystemImage = "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/filesystemImage"
+    # The Element provides low level control over a device's hardware.
+    firmware = "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/firmware"
+    # The Element is a software framework.
+    framework = "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/framework"
+    # The Element is used to install software on disk.
+    install = "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/install"
+    # The Element is a software library.
+    library = "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/library"
+    # The Element is a software manifest.
+    manifest = "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/manifest"
+    # The Element is a machine learning or artificial intelligence model.
+    model = "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/model"
+    # The Element is a module of a piece of software.
+    module = "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/module"
+    # The Element is an operating system.
+    operatingSystem = "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/operatingSystem"
+    # The Element doesn't fit into any of the other categories.
+    other = "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/other"
+    # The Element contains a set of changes to update, fix, or improve another Element.
+    patch = "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/patch"
+    # The Element represents a runtime environment.
+    platform = "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/platform"
+    # The Element provides a requirement needed as input for another Element.
+    requirement = "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/requirement"
+    # The Element is a single or a collection of source files.
+    source = "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/source"
+    # The Element is a plan, guideline or strategy how to create, perform or analyze an application.
+    specification = "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/specification"
+    # The Element is a test used to verify functionality on an software element.
+    test = "https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/test"
+
+
+# Class that describes a build instance of software/artifacts.
+@register("https://spdx.org/rdf/3.0.1/terms/Build/Build", compact_type="build_Build", abstract=False)
+class build_Build(Element):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Property that describes the time at which a build stops.
+        cls._add_property(
+            "build_buildEndTime",
+            DateTimeStampProp(pattern=r"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$",),
+            iri="https://spdx.org/rdf/3.0.1/terms/Build/buildEndTime",
+            compact="build_buildEndTime",
+        )
+        # A buildId is a locally unique identifier used by a builder to identify a unique
+        # instance of a build produced by it.
+        cls._add_property(
+            "build_buildId",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Build/buildId",
+            compact="build_buildId",
+        )
+        # Property describing the start time of a build.
+        cls._add_property(
+            "build_buildStartTime",
+            DateTimeStampProp(pattern=r"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$",),
+            iri="https://spdx.org/rdf/3.0.1/terms/Build/buildStartTime",
+            compact="build_buildStartTime",
+        )
+        # A buildType is a hint that is used to indicate the toolchain, platform, or
+        # infrastructure that the build was invoked on.
+        cls._add_property(
+            "build_buildType",
+            AnyURIProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Build/buildType",
+            min_count=1,
+            compact="build_buildType",
+        )
+        # Property that describes the digest of the build configuration file used to
+        # invoke a build.
+        cls._add_property(
+            "build_configSourceDigest",
+            ListProp(ObjectProp(Hash, False)),
+            iri="https://spdx.org/rdf/3.0.1/terms/Build/configSourceDigest",
+            compact="build_configSourceDigest",
+        )
+        # Property describes the invocation entrypoint of a build.
+        cls._add_property(
+            "build_configSourceEntrypoint",
+            ListProp(StringProp()),
+            iri="https://spdx.org/rdf/3.0.1/terms/Build/configSourceEntrypoint",
+            compact="build_configSourceEntrypoint",
+        )
+        # Property that describes the URI of the build configuration source file.
+        cls._add_property(
+            "build_configSourceUri",
+            ListProp(AnyURIProp()),
+            iri="https://spdx.org/rdf/3.0.1/terms/Build/configSourceUri",
+            compact="build_configSourceUri",
+        )
+        # Property describing the session in which a build is invoked.
+        cls._add_property(
+            "build_environment",
+            ListProp(ObjectProp(DictionaryEntry, False)),
+            iri="https://spdx.org/rdf/3.0.1/terms/Build/environment",
+            compact="build_environment",
+        )
+        # Property describing a parameter used in an instance of a build.
+        cls._add_property(
+            "build_parameter",
+            ListProp(ObjectProp(DictionaryEntry, False)),
+            iri="https://spdx.org/rdf/3.0.1/terms/Build/parameter",
+            compact="build_parameter",
+        )
+
+
+# Agent represents anything with the potential to act on a system.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/Agent", compact_type="Agent", abstract=False)
+class Agent(Element):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+
+# An assertion made in relation to one or more elements.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/Annotation", compact_type="Annotation", abstract=False)
+class Annotation(Element):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Describes the type of annotation.
+        cls._add_property(
+            "annotationType",
+            EnumProp([
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/other", "other"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/AnnotationType/review", "review"),
+                ]),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/annotationType",
+            min_count=1,
+            compact="annotationType",
+        )
+        # Provides information about the content type of an Element or a Property.
+        cls._add_property(
+            "contentType",
+            StringProp(pattern=r"^[^\/]+\/[^\/]+$",),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/contentType",
+            compact="contentType",
+        )
+        # Commentary on an assertion that an annotator has made.
+        cls._add_property(
+            "statement",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/statement",
+            compact="statement",
+        )
+        # An Element an annotator has made an assertion about.
+        cls._add_property(
+            "subject",
+            ObjectProp(Element, True, context=[
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/NoneElement", "NoneElement"),
+                    ("https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoAssertionLicense", "expandedlicensing_NoAssertionLicense"),
+                    ("https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoneLicense", "expandedlicensing_NoneLicense"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/SpdxOrganization", "SpdxOrganization"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/NoAssertionElement", "NoAssertionElement"),
+                ],),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/subject",
+            min_count=1,
+            compact="subject",
+        )
+
+
+# A distinct article or unit within the digital domain.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/Artifact", compact_type="Artifact", abstract=True)
+class Artifact(Element):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Specifies the time an artifact was built.
+        cls._add_property(
+            "builtTime",
+            DateTimeStampProp(pattern=r"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$",),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/builtTime",
+            compact="builtTime",
+        )
+        # Identifies from where or whom the Element originally came.
+        cls._add_property(
+            "originatedBy",
+            ListProp(ObjectProp(Agent, False, context=[
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/SpdxOrganization", "SpdxOrganization"),
+                ],)),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/originatedBy",
+            compact="originatedBy",
+        )
+        # Specifies the time an artifact was released.
+        cls._add_property(
+            "releaseTime",
+            DateTimeStampProp(pattern=r"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$",),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/releaseTime",
+            compact="releaseTime",
+        )
+        # The name of a relevant standard that may apply to an artifact.
+        cls._add_property(
+            "standardName",
+            ListProp(StringProp()),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/standardName",
+            compact="standardName",
+        )
+        # Identifies who or what supplied the artifact or VulnAssessmentRelationship
+        # referenced by the Element.
+        cls._add_property(
+            "suppliedBy",
+            ObjectProp(Agent, False, context=[
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/SpdxOrganization", "SpdxOrganization"),
+                ],),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/suppliedBy",
+            compact="suppliedBy",
+        )
+        # Specifies the level of support associated with an artifact.
+        cls._add_property(
+            "supportLevel",
+            ListProp(EnumProp([
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/SupportType/deployed", "deployed"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/SupportType/development", "development"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/SupportType/endOfSupport", "endOfSupport"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/SupportType/limitedSupport", "limitedSupport"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noAssertion", "noAssertion"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/SupportType/noSupport", "noSupport"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/SupportType/support", "support"),
+                ])),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/supportLevel",
+            compact="supportLevel",
+        )
+        # Specifies until when the artifact can be used before its usage needs to be
+        # reassessed.
+        cls._add_property(
+            "validUntilTime",
+            DateTimeStampProp(pattern=r"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$",),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/validUntilTime",
+            compact="validUntilTime",
+        )
+
+
+# A collection of Elements that have a shared context.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/Bundle", compact_type="Bundle", abstract=False)
+class Bundle(ElementCollection):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Gives information about the circumstances or unifying properties
+        # that Elements of the bundle have been assembled under.
+        cls._add_property(
+            "context",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/context",
+            compact="context",
+        )
+
+
+# A mathematically calculated representation of a grouping of data.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/Hash", compact_type="Hash", abstract=False)
+class Hash(IntegrityMethod):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Specifies the algorithm used for calculating the hash value.
+        cls._add_property(
+            "algorithm",
+            EnumProp([
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/adler32", "adler32"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b256", "blake2b256"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b384", "blake2b384"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake2b512", "blake2b512"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/blake3", "blake3"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsDilithium", "crystalsDilithium"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/crystalsKyber", "crystalsKyber"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/falcon", "falcon"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md2", "md2"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md4", "md4"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md5", "md5"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/md6", "md6"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/other", "other"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha1", "sha1"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha224", "sha224"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha256", "sha256"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha384", "sha384"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_224", "sha3_224"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_256", "sha3_256"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_384", "sha3_384"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha3_512", "sha3_512"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/HashAlgorithm/sha512", "sha512"),
+                ]),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/algorithm",
+            min_count=1,
+            compact="algorithm",
+        )
+        # The result of applying a hash algorithm to an Element.
+        cls._add_property(
+            "hashValue",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/hashValue",
+            min_count=1,
+            compact="hashValue",
+        )
+
+
+# Provide context for a relationship that occurs in the lifecycle.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopedRelationship", compact_type="LifecycleScopedRelationship", abstract=False)
+class LifecycleScopedRelationship(Relationship):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Capture the scope of information about a specific relationship between elements.
+        cls._add_property(
+            "scope",
+            EnumProp([
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/build", "build"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/design", "design"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/development", "development"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/other", "other"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/runtime", "runtime"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/LifecycleScopeType/test", "test"),
+                ]),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/scope",
+            compact="scope",
+        )
+
+
+# A group of people who work together in an organized way for a shared purpose.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/Organization", compact_type="Organization", abstract=False)
+class Organization(Agent):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+        "SpdxOrganization": "https://spdx.org/rdf/3.0.1/terms/Core/SpdxOrganization",
+    }
+    # An Organization representing the SPDX Project.
+    SpdxOrganization = "https://spdx.org/rdf/3.0.1/terms/Core/SpdxOrganization"
+
+
+# An individual human being.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/Person", compact_type="Person", abstract=False)
+class Person(Agent):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+
+# A software agent.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/SoftwareAgent", compact_type="SoftwareAgent", abstract=False)
+class SoftwareAgent(Agent):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+
+# Portion of an AnyLicenseInfo representing a set of licensing information
+# where all elements apply.
+@register("https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ConjunctiveLicenseSet", compact_type="expandedlicensing_ConjunctiveLicenseSet", abstract=False)
+class expandedlicensing_ConjunctiveLicenseSet(simplelicensing_AnyLicenseInfo):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # A license expression participating in a license set.
+        cls._add_property(
+            "expandedlicensing_member",
+            ListProp(ObjectProp(simplelicensing_AnyLicenseInfo, False, context=[
+                    ("https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoAssertionLicense", "expandedlicensing_NoAssertionLicense"),
+                    ("https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoneLicense", "expandedlicensing_NoneLicense"),
+                ],)),
+            iri="https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member",
+            min_count=2,
+            compact="expandedlicensing_member",
+        )
+
+
+# A license addition that is not listed on the SPDX Exceptions List.
+@register("https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicenseAddition", compact_type="expandedlicensing_CustomLicenseAddition", abstract=False)
+class expandedlicensing_CustomLicenseAddition(expandedlicensing_LicenseAddition):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+
+# Portion of an AnyLicenseInfo representing a set of licensing information where
+# only one of the elements applies.
+@register("https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/DisjunctiveLicenseSet", compact_type="expandedlicensing_DisjunctiveLicenseSet", abstract=False)
+class expandedlicensing_DisjunctiveLicenseSet(simplelicensing_AnyLicenseInfo):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # A license expression participating in a license set.
+        cls._add_property(
+            "expandedlicensing_member",
+            ListProp(ObjectProp(simplelicensing_AnyLicenseInfo, False, context=[
+                    ("https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoAssertionLicense", "expandedlicensing_NoAssertionLicense"),
+                    ("https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoneLicense", "expandedlicensing_NoneLicense"),
+                ],)),
+            iri="https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/member",
+            min_count=2,
+            compact="expandedlicensing_member",
+        )
+
+
+# Abstract class representing a License or an OrLaterOperator.
+@register("https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ExtendableLicense", compact_type="expandedlicensing_ExtendableLicense", abstract=True)
+class expandedlicensing_ExtendableLicense(simplelicensing_AnyLicenseInfo):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+
+# A concrete subclass of AnyLicenseInfo used by Individuals in the
+# ExpandedLicensing profile.
+@register("https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/IndividualLicensingInfo", compact_type="expandedlicensing_IndividualLicensingInfo", abstract=False)
+class expandedlicensing_IndividualLicensingInfo(simplelicensing_AnyLicenseInfo):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+        "NoAssertionLicense": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoAssertionLicense",
+        "NoneLicense": "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoneLicense",
+    }
+    # An Individual Value for License when no assertion can be made about its actual
+    # value.
+    NoAssertionLicense = "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoAssertionLicense"
+    # An Individual Value for License where the SPDX data creator determines that no
+    # license is present.
+    NoneLicense = "https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/NoneLicense"
+
+
+# Abstract class for the portion of an AnyLicenseInfo representing a license.
+@register("https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/License", compact_type="expandedlicensing_License", abstract=True)
+class expandedlicensing_License(expandedlicensing_ExtendableLicense):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Specifies whether a license or additional text identifier has been marked as
+        # deprecated.
+        cls._add_property(
+            "expandedlicensing_isDeprecatedLicenseId",
+            BooleanProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isDeprecatedLicenseId",
+            compact="expandedlicensing_isDeprecatedLicenseId",
+        )
+        # Specifies whether the License is listed as free by the
+        # Free Software Foundation (FSF).
+        cls._add_property(
+            "expandedlicensing_isFsfLibre",
+            BooleanProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isFsfLibre",
+            compact="expandedlicensing_isFsfLibre",
+        )
+        # Specifies whether the License is listed as approved by the
+        # Open Source Initiative (OSI).
+        cls._add_property(
+            "expandedlicensing_isOsiApproved",
+            BooleanProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/isOsiApproved",
+            compact="expandedlicensing_isOsiApproved",
+        )
+        # Identifies all the text and metadata associated with a license in the license
+        # XML format.
+        cls._add_property(
+            "expandedlicensing_licenseXml",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/licenseXml",
+            compact="expandedlicensing_licenseXml",
+        )
+        # Specifies the licenseId that is preferred to be used in place of a deprecated
+        # License or LicenseAddition.
+        cls._add_property(
+            "expandedlicensing_obsoletedBy",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/obsoletedBy",
+            compact="expandedlicensing_obsoletedBy",
+        )
+        # Contains a URL where the License or LicenseAddition can be found in use.
+        cls._add_property(
+            "expandedlicensing_seeAlso",
+            ListProp(AnyURIProp()),
+            iri="https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/seeAlso",
+            compact="expandedlicensing_seeAlso",
+        )
+        # Provides a License author's preferred text to indicate that a file is covered
+        # by the License.
+        cls._add_property(
+            "expandedlicensing_standardLicenseHeader",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseHeader",
+            compact="expandedlicensing_standardLicenseHeader",
+        )
+        # Identifies the full text of a License, in SPDX templating format.
+        cls._add_property(
+            "expandedlicensing_standardLicenseTemplate",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/standardLicenseTemplate",
+            compact="expandedlicensing_standardLicenseTemplate",
+        )
+        # Identifies the full text of a License or Addition.
+        cls._add_property(
+            "simplelicensing_licenseText",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/SimpleLicensing/licenseText",
+            min_count=1,
+            compact="simplelicensing_licenseText",
+        )
+
+
+# A license that is listed on the SPDX License List.
+@register("https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/ListedLicense", compact_type="expandedlicensing_ListedLicense", abstract=False)
+class expandedlicensing_ListedLicense(expandedlicensing_License):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Specifies the SPDX License List version in which this license or exception
+        # identifier was deprecated.
+        cls._add_property(
+            "expandedlicensing_deprecatedVersion",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/deprecatedVersion",
+            compact="expandedlicensing_deprecatedVersion",
+        )
+        # Specifies the SPDX License List version in which this ListedLicense or
+        # ListedLicenseException identifier was first added.
+        cls._add_property(
+            "expandedlicensing_listVersionAdded",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/listVersionAdded",
+            compact="expandedlicensing_listVersionAdded",
+        )
+
+
+# Portion of an AnyLicenseInfo representing this version, or any later version,
+# of the indicated License.
+@register("https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/OrLaterOperator", compact_type="expandedlicensing_OrLaterOperator", abstract=False)
+class expandedlicensing_OrLaterOperator(expandedlicensing_ExtendableLicense):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # A License participating in an 'or later' model.
+        cls._add_property(
+            "expandedlicensing_subjectLicense",
+            ObjectProp(expandedlicensing_License, True),
+            iri="https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectLicense",
+            min_count=1,
+            compact="expandedlicensing_subjectLicense",
+        )
+
+
+# Portion of an AnyLicenseInfo representing a License which has additional
+# text applied to it.
+@register("https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/WithAdditionOperator", compact_type="expandedlicensing_WithAdditionOperator", abstract=False)
+class expandedlicensing_WithAdditionOperator(simplelicensing_AnyLicenseInfo):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # A LicenseAddition participating in a 'with addition' model.
+        cls._add_property(
+            "expandedlicensing_subjectAddition",
+            ObjectProp(expandedlicensing_LicenseAddition, True),
+            iri="https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectAddition",
+            min_count=1,
+            compact="expandedlicensing_subjectAddition",
+        )
+        # A License participating in a 'with addition' model.
+        cls._add_property(
+            "expandedlicensing_subjectExtendableLicense",
+            ObjectProp(expandedlicensing_ExtendableLicense, True),
+            iri="https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/subjectExtendableLicense",
+            min_count=1,
+            compact="expandedlicensing_subjectExtendableLicense",
+        )
+
+
+# A type of extension consisting of a list of name value pairs.
+@register("https://spdx.org/rdf/3.0.1/terms/Extension/CdxPropertiesExtension", compact_type="extension_CdxPropertiesExtension", abstract=False)
+class extension_CdxPropertiesExtension(extension_Extension):
+    NODE_KIND = NodeKind.BlankNodeOrIRI
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Provides a map of a property names to a values.
+        cls._add_property(
+            "extension_cdxProperty",
+            ListProp(ObjectProp(extension_CdxPropertyEntry, False)),
+            iri="https://spdx.org/rdf/3.0.1/terms/Extension/cdxProperty",
+            min_count=1,
+            compact="extension_cdxProperty",
+        )
+
+
+# Provides a CVSS version 2.0 assessment for a vulnerability.
+@register("https://spdx.org/rdf/3.0.1/terms/Security/CvssV2VulnAssessmentRelationship", compact_type="security_CvssV2VulnAssessmentRelationship", abstract=False)
+class security_CvssV2VulnAssessmentRelationship(security_VulnAssessmentRelationship):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Provides a numerical (0-10) representation of the severity of a vulnerability.
+        cls._add_property(
+            "security_score",
+            FloatProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Security/score",
+            min_count=1,
+            compact="security_score",
+        )
+        # Specifies the CVSS vector string for a vulnerability.
+        cls._add_property(
+            "security_vectorString",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Security/vectorString",
+            min_count=1,
+            compact="security_vectorString",
+        )
+
+
+# Provides a CVSS version 3 assessment for a vulnerability.
+@register("https://spdx.org/rdf/3.0.1/terms/Security/CvssV3VulnAssessmentRelationship", compact_type="security_CvssV3VulnAssessmentRelationship", abstract=False)
+class security_CvssV3VulnAssessmentRelationship(security_VulnAssessmentRelationship):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Provides a numerical (0-10) representation of the severity of a vulnerability.
+        cls._add_property(
+            "security_score",
+            FloatProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Security/score",
+            min_count=1,
+            compact="security_score",
+        )
+        # Specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software.
+        cls._add_property(
+            "security_severity",
+            EnumProp([
+                    ("https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/critical", "critical"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/high", "high"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/low", "low"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/medium", "medium"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/none", "none"),
+                ]),
+            iri="https://spdx.org/rdf/3.0.1/terms/Security/severity",
+            min_count=1,
+            compact="security_severity",
+        )
+        # Specifies the CVSS vector string for a vulnerability.
+        cls._add_property(
+            "security_vectorString",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Security/vectorString",
+            min_count=1,
+            compact="security_vectorString",
+        )
+
+
+# Provides a CVSS version 4 assessment for a vulnerability.
+@register("https://spdx.org/rdf/3.0.1/terms/Security/CvssV4VulnAssessmentRelationship", compact_type="security_CvssV4VulnAssessmentRelationship", abstract=False)
+class security_CvssV4VulnAssessmentRelationship(security_VulnAssessmentRelationship):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Provides a numerical (0-10) representation of the severity of a vulnerability.
+        cls._add_property(
+            "security_score",
+            FloatProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Security/score",
+            min_count=1,
+            compact="security_score",
+        )
+        # Specifies the CVSS qualitative severity rating of a vulnerability in relation to a piece of software.
+        cls._add_property(
+            "security_severity",
+            EnumProp([
+                    ("https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/critical", "critical"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/high", "high"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/low", "low"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/medium", "medium"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Security/CvssSeverityType/none", "none"),
+                ]),
+            iri="https://spdx.org/rdf/3.0.1/terms/Security/severity",
+            min_count=1,
+            compact="security_severity",
+        )
+        # Specifies the CVSS vector string for a vulnerability.
+        cls._add_property(
+            "security_vectorString",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Security/vectorString",
+            min_count=1,
+            compact="security_vectorString",
+        )
+
+
+# Provides an EPSS assessment for a vulnerability.
+@register("https://spdx.org/rdf/3.0.1/terms/Security/EpssVulnAssessmentRelationship", compact_type="security_EpssVulnAssessmentRelationship", abstract=False)
+class security_EpssVulnAssessmentRelationship(security_VulnAssessmentRelationship):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # The percentile of the current probability score.
+        cls._add_property(
+            "security_percentile",
+            FloatProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Security/percentile",
+            min_count=1,
+            compact="security_percentile",
+        )
+        # A probability score between 0 and 1 of a vulnerability being exploited.
+        cls._add_property(
+            "security_probability",
+            FloatProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Security/probability",
+            min_count=1,
+            compact="security_probability",
+        )
+
+
+# Provides an exploit assessment of a vulnerability.
+@register("https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogVulnAssessmentRelationship", compact_type="security_ExploitCatalogVulnAssessmentRelationship", abstract=False)
+class security_ExploitCatalogVulnAssessmentRelationship(security_VulnAssessmentRelationship):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Specifies the exploit catalog type.
+        cls._add_property(
+            "security_catalogType",
+            EnumProp([
+                    ("https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/kev", "kev"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Security/ExploitCatalogType/other", "other"),
+                ]),
+            iri="https://spdx.org/rdf/3.0.1/terms/Security/catalogType",
+            min_count=1,
+            compact="security_catalogType",
+        )
+        # Describe that a CVE is known to have an exploit because it's been listed in an exploit catalog.
+        cls._add_property(
+            "security_exploited",
+            BooleanProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Security/exploited",
+            min_count=1,
+            compact="security_exploited",
+        )
+        # Provides the location of an exploit catalog.
+        cls._add_property(
+            "security_locator",
+            AnyURIProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Security/locator",
+            min_count=1,
+            compact="security_locator",
+        )
+
+
+# Provides an SSVC assessment for a vulnerability.
+@register("https://spdx.org/rdf/3.0.1/terms/Security/SsvcVulnAssessmentRelationship", compact_type="security_SsvcVulnAssessmentRelationship", abstract=False)
+class security_SsvcVulnAssessmentRelationship(security_VulnAssessmentRelationship):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Provide the enumeration of possible decisions in the
+        # [Stakeholder-Specific Vulnerability Categorization (SSVC) decision tree](https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc).
+        cls._add_property(
+            "security_decisionType",
+            EnumProp([
+                    ("https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/act", "act"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/attend", "attend"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/track", "track"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Security/SsvcDecisionType/trackStar", "trackStar"),
+                ]),
+            iri="https://spdx.org/rdf/3.0.1/terms/Security/decisionType",
+            min_count=1,
+            compact="security_decisionType",
+        )
+
+
+# Abstract ancestor class for all VEX relationships
+@register("https://spdx.org/rdf/3.0.1/terms/Security/VexVulnAssessmentRelationship", compact_type="security_VexVulnAssessmentRelationship", abstract=True)
+class security_VexVulnAssessmentRelationship(security_VulnAssessmentRelationship):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Conveys information about how VEX status was determined.
+        cls._add_property(
+            "security_statusNotes",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Security/statusNotes",
+            compact="security_statusNotes",
+        )
+        # Specifies the version of a VEX statement.
+        cls._add_property(
+            "security_vexVersion",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Security/vexVersion",
+            compact="security_vexVersion",
+        )
+
+
+# Specifies a vulnerability and its associated information.
+@register("https://spdx.org/rdf/3.0.1/terms/Security/Vulnerability", compact_type="security_Vulnerability", abstract=False)
+class security_Vulnerability(Artifact):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Specifies a time when a vulnerability assessment was modified
+        cls._add_property(
+            "security_modifiedTime",
+            DateTimeStampProp(pattern=r"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$",),
+            iri="https://spdx.org/rdf/3.0.1/terms/Security/modifiedTime",
+            compact="security_modifiedTime",
+        )
+        # Specifies the time when a vulnerability was published.
+        cls._add_property(
+            "security_publishedTime",
+            DateTimeStampProp(pattern=r"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$",),
+            iri="https://spdx.org/rdf/3.0.1/terms/Security/publishedTime",
+            compact="security_publishedTime",
+        )
+        # Specified the time and date when a vulnerability was withdrawn.
+        cls._add_property(
+            "security_withdrawnTime",
+            DateTimeStampProp(pattern=r"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$",),
+            iri="https://spdx.org/rdf/3.0.1/terms/Security/withdrawnTime",
+            compact="security_withdrawnTime",
+        )
+
+
+# A distinct article or unit related to Software.
+@register("https://spdx.org/rdf/3.0.1/terms/Software/SoftwareArtifact", compact_type="software_SoftwareArtifact", abstract=True)
+class software_SoftwareArtifact(Artifact):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Provides additional purpose information of the software artifact.
+        cls._add_property(
+            "software_additionalPurpose",
+            ListProp(EnumProp([
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/application", "application"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/archive", "archive"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/bom", "bom"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/configuration", "configuration"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/container", "container"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/data", "data"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/device", "device"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/deviceDriver", "deviceDriver"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/diskImage", "diskImage"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/documentation", "documentation"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/evidence", "evidence"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/executable", "executable"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/file", "file"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/filesystemImage", "filesystemImage"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/firmware", "firmware"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/framework", "framework"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/install", "install"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/library", "library"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/manifest", "manifest"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/model", "model"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/module", "module"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/operatingSystem", "operatingSystem"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/other", "other"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/patch", "patch"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/platform", "platform"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/requirement", "requirement"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/source", "source"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/specification", "specification"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/test", "test"),
+                ])),
+            iri="https://spdx.org/rdf/3.0.1/terms/Software/additionalPurpose",
+            compact="software_additionalPurpose",
+        )
+        # Provides a place for the SPDX data creator to record acknowledgement text for
+        # a software Package, File or Snippet.
+        cls._add_property(
+            "software_attributionText",
+            ListProp(StringProp()),
+            iri="https://spdx.org/rdf/3.0.1/terms/Software/attributionText",
+            compact="software_attributionText",
+        )
+        # A canonical, unique, immutable identifier of the artifact content, that may be
+        # used for verifying its identity and/or integrity.
+        cls._add_property(
+            "software_contentIdentifier",
+            ListProp(ObjectProp(software_ContentIdentifier, False)),
+            iri="https://spdx.org/rdf/3.0.1/terms/Software/contentIdentifier",
+            compact="software_contentIdentifier",
+        )
+        # Identifies the text of one or more copyright notices for a software Package,
+        # File or Snippet, if any.
+        cls._add_property(
+            "software_copyrightText",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Software/copyrightText",
+            compact="software_copyrightText",
+        )
+        # Provides information about the primary purpose of the software artifact.
+        cls._add_property(
+            "software_primaryPurpose",
+            EnumProp([
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/application", "application"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/archive", "archive"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/bom", "bom"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/configuration", "configuration"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/container", "container"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/data", "data"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/device", "device"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/deviceDriver", "deviceDriver"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/diskImage", "diskImage"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/documentation", "documentation"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/evidence", "evidence"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/executable", "executable"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/file", "file"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/filesystemImage", "filesystemImage"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/firmware", "firmware"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/framework", "framework"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/install", "install"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/library", "library"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/manifest", "manifest"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/model", "model"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/module", "module"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/operatingSystem", "operatingSystem"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/other", "other"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/patch", "patch"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/platform", "platform"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/requirement", "requirement"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/source", "source"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/specification", "specification"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SoftwarePurpose/test", "test"),
+                ]),
+            iri="https://spdx.org/rdf/3.0.1/terms/Software/primaryPurpose",
+            compact="software_primaryPurpose",
+        )
+
+
+# A container for a grouping of SPDX-3.0 content characterizing details
+# (provenence, composition, licensing, etc.) about a product.
+@register("https://spdx.org/rdf/3.0.1/terms/Core/Bom", compact_type="Bom", abstract=False)
+class Bom(Bundle):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+
+# A license that is not listed on the SPDX License List.
+@register("https://spdx.org/rdf/3.0.1/terms/ExpandedLicensing/CustomLicense", compact_type="expandedlicensing_CustomLicense", abstract=False)
+class expandedlicensing_CustomLicense(expandedlicensing_License):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+
+# Connects a vulnerability and an element designating the element as a product
+# affected by the vulnerability.
+@register("https://spdx.org/rdf/3.0.1/terms/Security/VexAffectedVulnAssessmentRelationship", compact_type="security_VexAffectedVulnAssessmentRelationship", abstract=False)
+class security_VexAffectedVulnAssessmentRelationship(security_VexVulnAssessmentRelationship):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Provides advise on how to mitigate or remediate a vulnerability when a VEX product
+        # is affected by it.
+        cls._add_property(
+            "security_actionStatement",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Security/actionStatement",
+            min_count=1,
+            compact="security_actionStatement",
+        )
+        # Records the time when a recommended action was communicated in a VEX statement
+        # to mitigate a vulnerability.
+        cls._add_property(
+            "security_actionStatementTime",
+            DateTimeStampProp(pattern=r"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$",),
+            iri="https://spdx.org/rdf/3.0.1/terms/Security/actionStatementTime",
+            compact="security_actionStatementTime",
+        )
+
+
+# Links a vulnerability and elements representing products (in the VEX sense) where
+# a fix has been applied and are no longer affected.
+@register("https://spdx.org/rdf/3.0.1/terms/Security/VexFixedVulnAssessmentRelationship", compact_type="security_VexFixedVulnAssessmentRelationship", abstract=False)
+class security_VexFixedVulnAssessmentRelationship(security_VexVulnAssessmentRelationship):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+
+# Links a vulnerability and one or more elements designating the latter as products
+# not affected by the vulnerability.
+@register("https://spdx.org/rdf/3.0.1/terms/Security/VexNotAffectedVulnAssessmentRelationship", compact_type="security_VexNotAffectedVulnAssessmentRelationship", abstract=False)
+class security_VexNotAffectedVulnAssessmentRelationship(security_VexVulnAssessmentRelationship):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Explains why a VEX product is not affected by a vulnerability. It is an
+        # alternative in VexNotAffectedVulnAssessmentRelationship to the machine-readable
+        # justification label.
+        cls._add_property(
+            "security_impactStatement",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Security/impactStatement",
+            compact="security_impactStatement",
+        )
+        # Timestamp of impact statement.
+        cls._add_property(
+            "security_impactStatementTime",
+            DateTimeStampProp(pattern=r"^\d\d\d\d-\d\d-\d\dT\d\d:\d\d:\d\dZ$",),
+            iri="https://spdx.org/rdf/3.0.1/terms/Security/impactStatementTime",
+            compact="security_impactStatementTime",
+        )
+        # Impact justification label to be used when linking a vulnerability to an element
+        # representing a VEX product with a VexNotAffectedVulnAssessmentRelationship
+        # relationship.
+        cls._add_property(
+            "security_justificationType",
+            EnumProp([
+                    ("https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/componentNotPresent", "componentNotPresent"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/inlineMitigationsAlreadyExist", "inlineMitigationsAlreadyExist"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeCannotBeControlledByAdversary", "vulnerableCodeCannotBeControlledByAdversary"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotInExecutePath", "vulnerableCodeNotInExecutePath"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Security/VexJustificationType/vulnerableCodeNotPresent", "vulnerableCodeNotPresent"),
+                ]),
+            iri="https://spdx.org/rdf/3.0.1/terms/Security/justificationType",
+            compact="security_justificationType",
+        )
+
+
+# Designates elements as products where the impact of a vulnerability is being
+# investigated.
+@register("https://spdx.org/rdf/3.0.1/terms/Security/VexUnderInvestigationVulnAssessmentRelationship", compact_type="security_VexUnderInvestigationVulnAssessmentRelationship", abstract=False)
+class security_VexUnderInvestigationVulnAssessmentRelationship(security_VexVulnAssessmentRelationship):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+
+# Refers to any object that stores content on a computer.
+@register("https://spdx.org/rdf/3.0.1/terms/Software/File", compact_type="software_File", abstract=False)
+class software_File(software_SoftwareArtifact):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Provides information about the content type of an Element or a Property.
+        cls._add_property(
+            "contentType",
+            StringProp(pattern=r"^[^\/]+\/[^\/]+$",),
+            iri="https://spdx.org/rdf/3.0.1/terms/Core/contentType",
+            compact="contentType",
+        )
+        # Describes if a given file is a directory or non-directory kind of file.
+        cls._add_property(
+            "software_fileKind",
+            EnumProp([
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/directory", "directory"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/FileKindType/file", "file"),
+                ]),
+            iri="https://spdx.org/rdf/3.0.1/terms/Software/fileKind",
+            compact="software_fileKind",
+        )
+
+
+# Refers to any unit of content that can be associated with a distribution of
+# software.
+@register("https://spdx.org/rdf/3.0.1/terms/Software/Package", compact_type="software_Package", abstract=False)
+class software_Package(software_SoftwareArtifact):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Identifies the download Uniform Resource Identifier for the package at the time
+        # that the document was created.
+        cls._add_property(
+            "software_downloadLocation",
+            AnyURIProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Software/downloadLocation",
+            compact="software_downloadLocation",
+        )
+        # A place for the SPDX document creator to record a website that serves as the
+        # package's home page.
+        cls._add_property(
+            "software_homePage",
+            AnyURIProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Software/homePage",
+            compact="software_homePage",
+        )
+        # Provides a place for the SPDX data creator to record the package URL string
+        # (in accordance with the Package URL specification) for a software Package.
+        cls._add_property(
+            "software_packageUrl",
+            AnyURIProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Software/packageUrl",
+            compact="software_packageUrl",
+        )
+        # Identify the version of a package.
+        cls._add_property(
+            "software_packageVersion",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Software/packageVersion",
+            compact="software_packageVersion",
+        )
+        # Records any relevant background information or additional comments
+        # about the origin of the package.
+        cls._add_property(
+            "software_sourceInfo",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Software/sourceInfo",
+            compact="software_sourceInfo",
+        )
+
+
+# A collection of SPDX Elements describing a single package.
+@register("https://spdx.org/rdf/3.0.1/terms/Software/Sbom", compact_type="software_Sbom", abstract=False)
+class software_Sbom(Bom):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Provides information about the type of an SBOM.
+        cls._add_property(
+            "software_sbomType",
+            ListProp(EnumProp([
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SbomType/analyzed", "analyzed"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SbomType/build", "build"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SbomType/deployed", "deployed"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SbomType/design", "design"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SbomType/runtime", "runtime"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Software/SbomType/source", "source"),
+                ])),
+            iri="https://spdx.org/rdf/3.0.1/terms/Software/sbomType",
+            compact="software_sbomType",
+        )
+
+
+# Describes a certain part of a file.
+@register("https://spdx.org/rdf/3.0.1/terms/Software/Snippet", compact_type="software_Snippet", abstract=False)
+class software_Snippet(software_SoftwareArtifact):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Defines the byte range in the original host file that the snippet information
+        # applies to.
+        cls._add_property(
+            "software_byteRange",
+            ObjectProp(PositiveIntegerRange, False),
+            iri="https://spdx.org/rdf/3.0.1/terms/Software/byteRange",
+            compact="software_byteRange",
+        )
+        # Defines the line range in the original host file that the snippet information
+        # applies to.
+        cls._add_property(
+            "software_lineRange",
+            ObjectProp(PositiveIntegerRange, False),
+            iri="https://spdx.org/rdf/3.0.1/terms/Software/lineRange",
+            compact="software_lineRange",
+        )
+        # Defines the original host file that the snippet information applies to.
+        cls._add_property(
+            "software_snippetFromFile",
+            ObjectProp(software_File, True),
+            iri="https://spdx.org/rdf/3.0.1/terms/Software/snippetFromFile",
+            min_count=1,
+            compact="software_snippetFromFile",
+        )
+
+
+# Specifies an AI package and its associated information.
+@register("https://spdx.org/rdf/3.0.1/terms/AI/AIPackage", compact_type="ai_AIPackage", abstract=False)
+class ai_AIPackage(software_Package):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Indicates whether the system can perform a decision or action without human
+        # involvement or guidance.
+        cls._add_property(
+            "ai_autonomyType",
+            EnumProp([
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/no", "no"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/noAssertion", "noAssertion"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/yes", "yes"),
+                ]),
+            iri="https://spdx.org/rdf/3.0.1/terms/AI/autonomyType",
+            compact="ai_autonomyType",
+        )
+        # Captures the domain in which the AI package can be used.
+        cls._add_property(
+            "ai_domain",
+            ListProp(StringProp()),
+            iri="https://spdx.org/rdf/3.0.1/terms/AI/domain",
+            compact="ai_domain",
+        )
+        # Indicates the amount of energy consumption incurred by an AI model.
+        cls._add_property(
+            "ai_energyConsumption",
+            ObjectProp(ai_EnergyConsumption, False),
+            iri="https://spdx.org/rdf/3.0.1/terms/AI/energyConsumption",
+            compact="ai_energyConsumption",
+        )
+        # Records a hyperparameter used to build the AI model contained in the AI
+        # package.
+        cls._add_property(
+            "ai_hyperparameter",
+            ListProp(ObjectProp(DictionaryEntry, False)),
+            iri="https://spdx.org/rdf/3.0.1/terms/AI/hyperparameter",
+            compact="ai_hyperparameter",
+        )
+        # Provides relevant information about the AI software, not including the model
+        # description.
+        cls._add_property(
+            "ai_informationAboutApplication",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/AI/informationAboutApplication",
+            compact="ai_informationAboutApplication",
+        )
+        # Describes relevant information about different steps of the training process.
+        cls._add_property(
+            "ai_informationAboutTraining",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/AI/informationAboutTraining",
+            compact="ai_informationAboutTraining",
+        )
+        # Captures a limitation of the AI software.
+        cls._add_property(
+            "ai_limitation",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/AI/limitation",
+            compact="ai_limitation",
+        )
+        # Records the measurement of prediction quality of the AI model.
+        cls._add_property(
+            "ai_metric",
+            ListProp(ObjectProp(DictionaryEntry, False)),
+            iri="https://spdx.org/rdf/3.0.1/terms/AI/metric",
+            compact="ai_metric",
+        )
+        # Captures the threshold that was used for computation of a metric described in
+        # the metric field.
+        cls._add_property(
+            "ai_metricDecisionThreshold",
+            ListProp(ObjectProp(DictionaryEntry, False)),
+            iri="https://spdx.org/rdf/3.0.1/terms/AI/metricDecisionThreshold",
+            compact="ai_metricDecisionThreshold",
+        )
+        # Describes all the preprocessing steps applied to the training data before the
+        # model training.
+        cls._add_property(
+            "ai_modelDataPreprocessing",
+            ListProp(StringProp()),
+            iri="https://spdx.org/rdf/3.0.1/terms/AI/modelDataPreprocessing",
+            compact="ai_modelDataPreprocessing",
+        )
+        # Describes methods that can be used to explain the results from the AI model.
+        cls._add_property(
+            "ai_modelExplainability",
+            ListProp(StringProp()),
+            iri="https://spdx.org/rdf/3.0.1/terms/AI/modelExplainability",
+            compact="ai_modelExplainability",
+        )
+        # Records the results of general safety risk assessment of the AI system.
+        cls._add_property(
+            "ai_safetyRiskAssessment",
+            EnumProp([
+                    ("https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/high", "high"),
+                    ("https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/low", "low"),
+                    ("https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/medium", "medium"),
+                    ("https://spdx.org/rdf/3.0.1/terms/AI/SafetyRiskAssessmentType/serious", "serious"),
+                ]),
+            iri="https://spdx.org/rdf/3.0.1/terms/AI/safetyRiskAssessment",
+            compact="ai_safetyRiskAssessment",
+        )
+        # Captures a standard that is being complied with.
+        cls._add_property(
+            "ai_standardCompliance",
+            ListProp(StringProp()),
+            iri="https://spdx.org/rdf/3.0.1/terms/AI/standardCompliance",
+            compact="ai_standardCompliance",
+        )
+        # Records the type of the model used in the AI software.
+        cls._add_property(
+            "ai_typeOfModel",
+            ListProp(StringProp()),
+            iri="https://spdx.org/rdf/3.0.1/terms/AI/typeOfModel",
+            compact="ai_typeOfModel",
+        )
+        # Records if sensitive personal information is used during model training or
+        # could be used during the inference.
+        cls._add_property(
+            "ai_useSensitivePersonalInformation",
+            EnumProp([
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/no", "no"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/noAssertion", "noAssertion"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/yes", "yes"),
+                ]),
+            iri="https://spdx.org/rdf/3.0.1/terms/AI/useSensitivePersonalInformation",
+            compact="ai_useSensitivePersonalInformation",
+        )
+
+
+# Specifies a data package and its associated information.
+@register("https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetPackage", compact_type="dataset_DatasetPackage", abstract=False)
+class dataset_DatasetPackage(software_Package):
+    NODE_KIND = NodeKind.IRI
+    ID_ALIAS = "spdxId"
+    NAMED_INDIVIDUALS = {
+    }
+
+    @classmethod
+    def _register_props(cls):
+        super()._register_props()
+        # Describes the anonymization methods used.
+        cls._add_property(
+            "dataset_anonymizationMethodUsed",
+            ListProp(StringProp()),
+            iri="https://spdx.org/rdf/3.0.1/terms/Dataset/anonymizationMethodUsed",
+            compact="dataset_anonymizationMethodUsed",
+        )
+        # Describes the confidentiality level of the data points contained in the dataset.
+        cls._add_property(
+            "dataset_confidentialityLevel",
+            EnumProp([
+                    ("https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/amber", "amber"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/clear", "clear"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/green", "green"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Dataset/ConfidentialityLevelType/red", "red"),
+                ]),
+            iri="https://spdx.org/rdf/3.0.1/terms/Dataset/confidentialityLevel",
+            compact="dataset_confidentialityLevel",
+        )
+        # Describes how the dataset was collected.
+        cls._add_property(
+            "dataset_dataCollectionProcess",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Dataset/dataCollectionProcess",
+            compact="dataset_dataCollectionProcess",
+        )
+        # Describes the preprocessing steps that were applied to the raw data to create the given dataset.
+        cls._add_property(
+            "dataset_dataPreprocessing",
+            ListProp(StringProp()),
+            iri="https://spdx.org/rdf/3.0.1/terms/Dataset/dataPreprocessing",
+            compact="dataset_dataPreprocessing",
+        )
+        # The field describes the availability of a dataset.
+        cls._add_property(
+            "dataset_datasetAvailability",
+            EnumProp([
+                    ("https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/clickthrough", "clickthrough"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/directDownload", "directDownload"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/query", "query"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/registration", "registration"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetAvailabilityType/scrapingScript", "scrapingScript"),
+                ]),
+            iri="https://spdx.org/rdf/3.0.1/terms/Dataset/datasetAvailability",
+            compact="dataset_datasetAvailability",
+        )
+        # Describes potentially noisy elements of the dataset.
+        cls._add_property(
+            "dataset_datasetNoise",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Dataset/datasetNoise",
+            compact="dataset_datasetNoise",
+        )
+        # Captures the size of the dataset.
+        cls._add_property(
+            "dataset_datasetSize",
+            NonNegativeIntegerProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Dataset/datasetSize",
+            compact="dataset_datasetSize",
+        )
+        # Describes the type of the given dataset.
+        cls._add_property(
+            "dataset_datasetType",
+            ListProp(EnumProp([
+                    ("https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/audio", "audio"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/categorical", "categorical"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/graph", "graph"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/image", "image"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/noAssertion", "noAssertion"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/numeric", "numeric"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/other", "other"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/sensor", "sensor"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/structured", "structured"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/syntactic", "syntactic"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/text", "text"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timeseries", "timeseries"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/timestamp", "timestamp"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Dataset/DatasetType/video", "video"),
+                ])),
+            iri="https://spdx.org/rdf/3.0.1/terms/Dataset/datasetType",
+            min_count=1,
+            compact="dataset_datasetType",
+        )
+        # Describes a mechanism to update the dataset.
+        cls._add_property(
+            "dataset_datasetUpdateMechanism",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Dataset/datasetUpdateMechanism",
+            compact="dataset_datasetUpdateMechanism",
+        )
+        # Describes if any sensitive personal information is present in the dataset.
+        cls._add_property(
+            "dataset_hasSensitivePersonalInformation",
+            EnumProp([
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/no", "no"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/noAssertion", "noAssertion"),
+                    ("https://spdx.org/rdf/3.0.1/terms/Core/PresenceType/yes", "yes"),
+                ]),
+            iri="https://spdx.org/rdf/3.0.1/terms/Dataset/hasSensitivePersonalInformation",
+            compact="dataset_hasSensitivePersonalInformation",
+        )
+        # Describes what the given dataset should be used for.
+        cls._add_property(
+            "dataset_intendedUse",
+            StringProp(),
+            iri="https://spdx.org/rdf/3.0.1/terms/Dataset/intendedUse",
+            compact="dataset_intendedUse",
+        )
+        # Records the biases that the dataset is known to encompass.
+        cls._add_property(
+            "dataset_knownBias",
+            ListProp(StringProp()),
+            iri="https://spdx.org/rdf/3.0.1/terms/Dataset/knownBias",
+            compact="dataset_knownBias",
+        )
+        # Describes a sensor used for collecting the data.
+        cls._add_property(
+            "dataset_sensor",
+            ListProp(ObjectProp(DictionaryEntry, False)),
+            iri="https://spdx.org/rdf/3.0.1/terms/Dataset/sensor",
+            compact="dataset_sensor",
+        )
+
+
+"""Format Guard"""
+# fmt: on
+
+
+def main():
+    import argparse
+    from pathlib import Path
+
+    parser = argparse.ArgumentParser(description="Python SHACL model test")
+    parser.add_argument("infile", type=Path, help="Input file")
+    parser.add_argument("--print", action="store_true", help="Print object tree")
+    parser.add_argument("--outfile", type=Path, help="Output file")
+
+    args = parser.parse_args()
+
+    objectset = SHACLObjectSet()
+    with args.infile.open("r") as f:
+        d = JSONLDDeserializer()
+        d.read(f, objectset)
+
+    if args.print:
+        print_tree(objectset.objects)
+
+    if args.outfile:
+        with args.outfile.open("wb") as f:
+            s = JSONLDSerializer()
+            s.write(objectset, f)
+
+    return 0
+
+
+if __name__ == "__main__":
+    sys.exit(main())
diff --git a/meta/lib/oe/spdx30_tasks.py b/meta/lib/oe/spdx30_tasks.py
new file mode 100644
index 0000000000..c352dab152
--- /dev/null
+++ b/meta/lib/oe/spdx30_tasks.py
@@ -0,0 +1,1367 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+
+import json
+import oe.cve_check
+import oe.packagedata
+import oe.patch
+import oe.sbom30
+import oe.spdx30
+import oe.spdx_common
+import oe.sdk
+import os
+
+from contextlib import contextmanager
+from datetime import datetime, timezone
+from pathlib import Path
+
+
+def walk_error(err):
+    bb.error(f"ERROR walking {err.filename}: {err}")
+
+
+def set_timestamp_now(d, o, prop):
+    if d.getVar("SPDX_INCLUDE_TIMESTAMPS") == "1":
+        setattr(o, prop, datetime.now(timezone.utc))
+    else:
+        # Doing this helps to validated that the property actually exists, and
+        # also that it is not mandatory
+        delattr(o, prop)
+
+
+def add_license_expression(d, objset, license_expression, license_data):
+    simple_license_text = {}
+    license_text_map = {}
+    license_ref_idx = 0
+
+    def add_license_text(name):
+        nonlocal objset
+        nonlocal simple_license_text
+
+        if name in simple_license_text:
+            return simple_license_text[name]
+
+        lic = objset.find_filter(
+            oe.spdx30.simplelicensing_SimpleLicensingText,
+            name=name,
+        )
+
+        if lic is not None:
+            simple_license_text[name] = lic
+            return lic
+
+        lic = objset.add(
+            oe.spdx30.simplelicensing_SimpleLicensingText(
+                _id=objset.new_spdxid("license-text", name),
+                creationInfo=objset.doc.creationInfo,
+                name=name,
+            )
+        )
+        objset.set_element_alias(lic)
+        simple_license_text[name] = lic
+
+        if name == "PD":
+            lic.simplelicensing_licenseText = "Software released to the public domain"
+            return lic
+
+        # Seach for the license in COMMON_LICENSE_DIR and LICENSE_PATH
+        for directory in [d.getVar("COMMON_LICENSE_DIR")] + (
+            d.getVar("LICENSE_PATH") or ""
+        ).split():
+            try:
+                with (Path(directory) / name).open(errors="replace") as f:
+                    lic.simplelicensing_licenseText = f.read()
+                    return lic
+
+            except FileNotFoundError:
+                pass
+
+        # If it's not SPDX or PD, then NO_GENERIC_LICENSE must be set
+        filename = d.getVarFlag("NO_GENERIC_LICENSE", name)
+        if filename:
+            filename = d.expand("${S}/" + filename)
+            with open(filename, errors="replace") as f:
+                lic.simplelicensing_licenseText = f.read()
+                return lic
+        else:
+            bb.fatal("Cannot find any text for license %s" % name)
+
+    def convert(l):
+        nonlocal license_text_map
+        nonlocal license_ref_idx
+
+        if l == "(" or l == ")":
+            return l
+
+        if l == "&":
+            return "AND"
+
+        if l == "|":
+            return "OR"
+
+        if l == "CLOSED":
+            return "NONE"
+
+        spdx_license = d.getVarFlag("SPDXLICENSEMAP", l) or l
+        if spdx_license in license_data["licenses"]:
+            return spdx_license
+
+        spdx_license = "LicenseRef-" + l
+        if spdx_license not in license_text_map:
+            license_text_map[spdx_license] = oe.sbom30.get_element_link_id(
+                add_license_text(l)
+            )
+
+        return spdx_license
+
+    lic_split = (
+        license_expression.replace("(", " ( ")
+        .replace(")", " ) ")
+        .replace("|", " | ")
+        .replace("&", " & ")
+        .split()
+    )
+    spdx_license_expression = " ".join(convert(l) for l in lic_split)
+
+    o = objset.new_license_expression(
+        spdx_license_expression, license_data, license_text_map
+    )
+    objset.set_element_alias(o)
+    return o
+
+
+def add_package_files(
+    d,
+    objset,
+    topdir,
+    get_spdxid,
+    get_purposes,
+    license_data=None,
+    *,
+    archive=None,
+    ignore_dirs=[],
+    ignore_top_level_dirs=[],
+):
+    source_date_epoch = d.getVar("SOURCE_DATE_EPOCH")
+    if source_date_epoch:
+        source_date_epoch = int(source_date_epoch)
+
+    spdx_files = set()
+
+    file_counter = 1
+    if not os.path.exists(topdir):
+        bb.note(f"Skip {topdir}")
+        return spdx_files
+
+    check_compiled_sources = d.getVar("SPDX_INCLUDE_COMPILED_SOURCES") == "1"
+    if check_compiled_sources:
+        compiled_sources, types = oe.spdx_common.get_compiled_sources(d)
+        bb.debug(1, f"Total compiled files: {len(compiled_sources)}")
+
+    for subdir, dirs, files in os.walk(topdir, onerror=walk_error):
+        dirs[:] = [d for d in dirs if d not in ignore_dirs]
+        if subdir == str(topdir):
+            dirs[:] = [d for d in dirs if d not in ignore_top_level_dirs]
+
+        dirs.sort()
+        files.sort()
+        for file in files:
+            filepath = Path(subdir) / file
+            if filepath.is_symlink() or not filepath.is_file():
+                continue
+
+            filename = str(filepath.relative_to(topdir))
+            file_purposes = get_purposes(filepath)
+
+            # Check if file is compiled
+            if check_compiled_sources:
+                if not oe.spdx_common.is_compiled_source(filename, compiled_sources, types):
+                    continue
+
+            spdx_file = objset.new_file(
+                get_spdxid(file_counter),
+                filename,
+                filepath,
+                purposes=file_purposes,
+            )
+            spdx_files.add(spdx_file)
+
+            if (
+                oe.spdx30.software_SoftwarePurpose.source in file_purposes
+                and license_data is not None
+            ):
+                objset.scan_declared_licenses(spdx_file, filepath, license_data)
+
+            if archive is not None:
+                with filepath.open("rb") as f:
+                    info = archive.gettarinfo(fileobj=f)
+                    info.name = filename
+                    info.uid = 0
+                    info.gid = 0
+                    info.uname = "root"
+                    info.gname = "root"
+
+                    if source_date_epoch is not None and info.mtime > source_date_epoch:
+                        info.mtime = source_date_epoch
+
+                    archive.addfile(info, f)
+
+            file_counter += 1
+
+    bb.debug(1, "Added %d files to %s" % (len(spdx_files), objset.doc._id))
+
+    return spdx_files
+
+
+def get_package_sources_from_debug(
+    d, package, package_files, sources, source_hash_cache
+):
+    def file_path_match(file_path, pkg_file):
+        if file_path.lstrip("/") == pkg_file.name.lstrip("/"):
+            return True
+
+        for e in pkg_file.extension:
+            if isinstance(e, oe.sbom30.OEFileNameAliasExtension):
+                for a in e.aliases:
+                    if file_path.lstrip("/") == a.lstrip("/"):
+                        return True
+
+        return False
+
+    debug_search_paths = [
+        Path(d.getVar("SPDXWORK")),
+        Path(d.getVar("PKGD")),
+        Path(d.getVar("STAGING_DIR_TARGET")),
+        Path(d.getVar("STAGING_DIR_NATIVE")),
+        Path(d.getVar("STAGING_KERNEL_DIR")),
+    ]
+
+    pkg_data = oe.packagedata.read_subpkgdata_extended(package, d)
+
+    if pkg_data is None:
+        return
+
+    dep_source_files = set()
+
+    for file_path, file_data in pkg_data["files_info"].items():
+        if not "debugsrc" in file_data:
+            continue
+
+        if not any(file_path_match(file_path, pkg_file) for pkg_file in package_files):
+            bb.fatal(
+                "No package file found for %s in %s; SPDX found: %s"
+                % (str(file_path), package, " ".join(p.name for p in package_files))
+            )
+            continue
+
+        for debugsrc in file_data["debugsrc"]:
+            for search in debug_search_paths:
+                if debugsrc.startswith("/usr/src/kernel"):
+                    debugsrc_path = search / debugsrc.replace("/usr/src/kernel/", "")
+                else:
+                    debugsrc_path = search / debugsrc.lstrip("/")
+
+                if debugsrc_path in source_hash_cache:
+                    file_sha256 = source_hash_cache[debugsrc_path]
+                    if file_sha256 is None:
+                        continue
+                else:
+                    # We can only hash files below, skip directories, links, etc.
+                    if not debugsrc_path.is_file():
+                        source_hash_cache[debugsrc_path] = None
+                        continue
+
+                    file_sha256 = bb.utils.sha256_file(debugsrc_path)
+                    source_hash_cache[debugsrc_path] = file_sha256
+
+                if file_sha256 in sources:
+                    source_file = sources[file_sha256]
+                    dep_source_files.add(source_file)
+                else:
+                    bb.debug(
+                        1,
+                        "Debug source %s with SHA256 %s not found in any dependency"
+                        % (str(debugsrc_path), file_sha256),
+                    )
+                break
+            else:
+                bb.debug(1, "Debug source %s not found" % debugsrc)
+
+    return dep_source_files
+
+
+def collect_dep_objsets(d, build):
+    deps = oe.spdx_common.get_spdx_deps(d)
+
+    dep_objsets = []
+    dep_builds = set()
+
+    dep_build_spdxids = set()
+    for dep in deps:
+        bb.debug(1, "Fetching SPDX for dependency %s" % (dep.pn))
+        dep_build, dep_objset = oe.sbom30.find_root_obj_in_jsonld(
+            d, "recipes", "recipe-" + dep.pn, oe.spdx30.build_Build
+        )
+        # If the dependency is part of the taskhash, return it to be linked
+        # against. Otherwise, it cannot be linked against because this recipe
+        # will not rebuilt if dependency changes
+        if dep.in_taskhash:
+            dep_objsets.append(dep_objset)
+
+        # The build _can_ be linked against (by alias)
+        dep_builds.add(dep_build)
+
+    return dep_objsets, dep_builds
+
+
+def index_sources_by_hash(sources, dest):
+    for s in sources:
+        if not isinstance(s, oe.spdx30.software_File):
+            continue
+
+        if s.software_primaryPurpose != oe.spdx30.software_SoftwarePurpose.source:
+            continue
+
+        for v in s.verifiedUsing:
+            if v.algorithm == oe.spdx30.HashAlgorithm.sha256:
+                if not v.hashValue in dest:
+                    dest[v.hashValue] = s
+                break
+        else:
+            bb.fatal(f"No SHA256 found for {s.name}")
+
+
+def collect_dep_sources(dep_objsets, dest):
+    for objset in dep_objsets:
+        # Don't collect sources from native recipes as they
+        # match non-native sources also.
+        if objset.is_native():
+            continue
+
+        bb.debug(1, "Fetching Sources for dependency %s" % (objset.doc.name))
+
+        dep_build = objset.find_root(oe.spdx30.build_Build)
+        if not dep_build:
+            bb.fatal("Unable to find a build")
+
+        for e in objset.foreach_type(oe.spdx30.Relationship):
+            if dep_build is not e.from_:
+                continue
+
+            if e.relationshipType != oe.spdx30.RelationshipType.hasInput:
+                continue
+
+            index_sources_by_hash(e.to, dest)
+
+
+def add_download_files(d, objset):
+    inputs = set()
+
+    urls = d.getVar("SRC_URI").split()
+    fetch = bb.fetch2.Fetch(urls, d)
+
+    for download_idx, src_uri in enumerate(urls):
+        fd = fetch.ud[src_uri]
+
+        file_name = os.path.basename(fetch.localpath(src_uri))
+        if oe.patch.patch_path(src_uri, fetch, "", expand=False):
+            primary_purpose = oe.spdx30.software_SoftwarePurpose.patch
+        else:
+            primary_purpose = oe.spdx30.software_SoftwarePurpose.source
+
+        if fd.type == "file":
+            if os.path.isdir(fd.localpath):
+                walk_idx = 1
+                for root, dirs, files in os.walk(fd.localpath, onerror=walk_error):
+                    dirs.sort()
+                    files.sort()
+                    for f in files:
+                        f_path = os.path.join(root, f)
+                        if os.path.islink(f_path):
+                            # TODO: SPDX doesn't support symlinks yet
+                            continue
+
+                        file = objset.new_file(
+                            objset.new_spdxid(
+                                "source", str(download_idx + 1), str(walk_idx)
+                            ),
+                            os.path.join(
+                                file_name, os.path.relpath(f_path, fd.localpath)
+                            ),
+                            f_path,
+                            purposes=[primary_purpose],
+                        )
+
+                        inputs.add(file)
+                        walk_idx += 1
+
+            else:
+                file = objset.new_file(
+                    objset.new_spdxid("source", str(download_idx + 1)),
+                    file_name,
+                    fd.localpath,
+                    purposes=[primary_purpose],
+                )
+                inputs.add(file)
+
+        else:
+            dl = objset.add(
+                oe.spdx30.software_Package(
+                    _id=objset.new_spdxid("source", str(download_idx + 1)),
+                    creationInfo=objset.doc.creationInfo,
+                    name=file_name,
+                    software_primaryPurpose=primary_purpose,
+                    software_downloadLocation=oe.spdx_common.fetch_data_to_uri(
+                        fd, fd.name
+                    ),
+                )
+            )
+
+            if fd.method.supports_checksum(fd):
+                # TODO Need something better than hard coding this
+                for checksum_id in ["sha256", "sha1"]:
+                    expected_checksum = getattr(
+                        fd, "%s_expected" % checksum_id, None
+                    )
+                    if expected_checksum is None:
+                        continue
+
+                    dl.verifiedUsing.append(
+                        oe.spdx30.Hash(
+                            algorithm=getattr(oe.spdx30.HashAlgorithm, checksum_id),
+                            hashValue=expected_checksum,
+                        )
+                    )
+
+            inputs.add(dl)
+
+    return inputs
+
+
+def set_purposes(d, element, *var_names, force_purposes=[]):
+    purposes = force_purposes[:]
+
+    for var_name in var_names:
+        val = d.getVar(var_name)
+        if val:
+            purposes.extend(val.split())
+            break
+
+    if not purposes:
+        bb.warn("No SPDX purposes found in %s" % " ".join(var_names))
+        return
+
+    element.software_primaryPurpose = getattr(
+        oe.spdx30.software_SoftwarePurpose, purposes[0]
+    )
+    element.software_additionalPurpose = [
+        getattr(oe.spdx30.software_SoftwarePurpose, p) for p in purposes[1:]
+    ]
+
+
+def create_spdx(d):
+    def set_var_field(var, obj, name, package=None):
+        val = None
+        if package:
+            val = d.getVar("%s:%s" % (var, package))
+
+        if not val:
+            val = d.getVar(var)
+
+        if val:
+            setattr(obj, name, val)
+
+    license_data = oe.spdx_common.load_spdx_license_data(d)
+
+    deploydir = Path(d.getVar("SPDXDEPLOY"))
+    deploy_dir_spdx = Path(d.getVar("DEPLOY_DIR_SPDX"))
+    spdx_workdir = Path(d.getVar("SPDXWORK"))
+    include_sources = d.getVar("SPDX_INCLUDE_SOURCES") == "1"
+    pkg_arch = d.getVar("SSTATE_PKGARCH")
+    is_native = bb.data.inherits_class("native", d) or bb.data.inherits_class(
+        "cross", d
+    )
+    include_vex = d.getVar("SPDX_INCLUDE_VEX")
+    if not include_vex in ("none", "current", "all"):
+        bb.fatal("SPDX_INCLUDE_VEX must be one of 'none', 'current', 'all'")
+
+    build_objset = oe.sbom30.ObjectSet.new_objset(d, "recipe-" + d.getVar("PN"))
+
+    build = build_objset.new_task_build("recipe", "recipe")
+    build_objset.set_element_alias(build)
+
+    build_objset.doc.rootElement.append(build)
+
+    build_objset.set_is_native(is_native)
+
+    for var in (d.getVar("SPDX_CUSTOM_ANNOTATION_VARS") or "").split():
+        new_annotation(
+            d,
+            build_objset,
+            build,
+            "%s=%s" % (var, d.getVar(var)),
+            oe.spdx30.AnnotationType.other,
+        )
+
+    build_inputs = set()
+
+    # Add CVEs
+    cve_by_status = {}
+    if include_vex != "none":
+        patched_cves = oe.cve_check.get_patched_cves(d)
+        for cve, patched_cve in patched_cves.items():
+            decoded_status = {
+                "mapping": patched_cve["abbrev-status"],
+                "detail": patched_cve["status"],
+                "description": patched_cve.get("justification", None)
+            }
+
+            # If this CVE is fixed upstream, skip it unless all CVEs are
+            # specified.
+            if (
+                include_vex != "all"
+                and "detail" in decoded_status
+                and decoded_status["detail"]
+                in (
+                    "fixed-version",
+                    "cpe-stable-backport",
+                )
+            ):
+                bb.debug(1, "Skipping %s since it is already fixed upstream" % cve)
+                continue
+
+            spdx_cve = build_objset.new_cve_vuln(cve)
+            build_objset.set_element_alias(spdx_cve)
+
+            cve_by_status.setdefault(decoded_status["mapping"], {})[cve] = (
+                spdx_cve,
+                decoded_status["detail"],
+                decoded_status["description"],
+            )
+
+    cpe_ids = oe.cve_check.get_cpe_ids(d.getVar("CVE_PRODUCT"), d.getVar("CVE_VERSION"))
+
+    source_files = add_download_files(d, build_objset)
+    build_inputs |= source_files
+
+    recipe_spdx_license = add_license_expression(
+        d, build_objset, d.getVar("LICENSE"), license_data
+    )
+    build_objset.new_relationship(
+        source_files,
+        oe.spdx30.RelationshipType.hasDeclaredLicense,
+        [oe.sbom30.get_element_link_id(recipe_spdx_license)],
+    )
+
+    dep_sources = {}
+    if oe.spdx_common.process_sources(d) and include_sources:
+        bb.debug(1, "Adding source files to SPDX")
+        oe.spdx_common.get_patched_src(d)
+
+        files = add_package_files(
+            d,
+            build_objset,
+            spdx_workdir,
+            lambda file_counter: build_objset.new_spdxid(
+                "sourcefile", str(file_counter)
+            ),
+            lambda filepath: [oe.spdx30.software_SoftwarePurpose.source],
+            license_data,
+            ignore_dirs=[".git"],
+            ignore_top_level_dirs=["temp"],
+            archive=None,
+        )
+        build_inputs |= files
+        index_sources_by_hash(files, dep_sources)
+
+    dep_objsets, dep_builds = collect_dep_objsets(d, build)
+    if dep_builds:
+        build_objset.new_scoped_relationship(
+            [build],
+            oe.spdx30.RelationshipType.dependsOn,
+            oe.spdx30.LifecycleScopeType.build,
+            sorted(oe.sbom30.get_element_link_id(b) for b in dep_builds),
+        )
+
+    debug_source_ids = set()
+    source_hash_cache = {}
+
+    # Write out the package SPDX data now. It is not complete as we cannot
+    # write the runtime data, so write it to a staging area and a later task
+    # will write out the final collection
+
+    # TODO: Handle native recipe output
+    if not is_native:
+        bb.debug(1, "Collecting Dependency sources files")
+        collect_dep_sources(dep_objsets, dep_sources)
+
+        bb.build.exec_func("read_subpackage_metadata", d)
+
+        pkgdest = Path(d.getVar("PKGDEST"))
+        for package in d.getVar("PACKAGES").split():
+            if not oe.packagedata.packaged(package, d):
+                continue
+
+            pkg_name = d.getVar("PKG:%s" % package) or package
+
+            bb.debug(1, "Creating SPDX for package %s" % pkg_name)
+
+            pkg_objset = oe.sbom30.ObjectSet.new_objset(d, "package-" + pkg_name)
+
+            spdx_package = pkg_objset.add_root(
+                oe.spdx30.software_Package(
+                    _id=pkg_objset.new_spdxid("package", pkg_name),
+                    creationInfo=pkg_objset.doc.creationInfo,
+                    name=pkg_name,
+                    software_packageVersion=d.getVar("SPDX_PACKAGE_VERSION"),
+                )
+            )
+            set_timestamp_now(d, spdx_package, "builtTime")
+
+            set_purposes(
+                d,
+                spdx_package,
+                "SPDX_PACKAGE_ADDITIONAL_PURPOSE:%s" % package,
+                "SPDX_PACKAGE_ADDITIONAL_PURPOSE",
+                force_purposes=["install"],
+            )
+
+            supplier = build_objset.new_agent("SPDX_PACKAGE_SUPPLIER")
+            if supplier is not None:
+                spdx_package.suppliedBy = (
+                    supplier if isinstance(supplier, str) else supplier._id
+                )
+
+            set_var_field(
+                "HOMEPAGE", spdx_package, "software_homePage", package=package
+            )
+            set_var_field("SUMMARY", spdx_package, "summary", package=package)
+            set_var_field("DESCRIPTION", spdx_package, "description", package=package)
+
+            if d.getVar("SPDX_PACKAGE_URL:%s" % package) or d.getVar("SPDX_PACKAGE_URL"):
+                set_var_field(
+                    "SPDX_PACKAGE_URL",
+                    spdx_package,
+                    "software_packageUrl",
+                    package=package
+                )
+
+            pkg_objset.new_scoped_relationship(
+                [oe.sbom30.get_element_link_id(build)],
+                oe.spdx30.RelationshipType.hasOutput,
+                oe.spdx30.LifecycleScopeType.build,
+                [spdx_package],
+            )
+
+            for cpe_id in cpe_ids:
+                spdx_package.externalIdentifier.append(
+                    oe.spdx30.ExternalIdentifier(
+                        externalIdentifierType=oe.spdx30.ExternalIdentifierType.cpe23,
+                        identifier=cpe_id,
+                    )
+                )
+
+            # TODO: Generate a file for each actual IPK/DEB/RPM/TGZ file
+            # generated and link it to the package
+            # spdx_package_file = pkg_objset.add(oe.spdx30.software_File(
+            #    _id=pkg_objset.new_spdxid("distribution", pkg_name),
+            #    creationInfo=pkg_objset.doc.creationInfo,
+            #    name=pkg_name,
+            #    software_primaryPurpose=spdx_package.software_primaryPurpose,
+            #    software_additionalPurpose=spdx_package.software_additionalPurpose,
+            # ))
+            # set_timestamp_now(d, spdx_package_file, "builtTime")
+
+            ## TODO add hashes
+            # pkg_objset.new_relationship(
+            #    [spdx_package],
+            #    oe.spdx30.RelationshipType.hasDistributionArtifact,
+            #    [spdx_package_file],
+            # )
+
+            # NOTE: licenses live in the recipe collection and are referenced
+            # by ID in the package collection(s). This helps reduce duplication
+            # (since a lot of packages will have the same license), and also
+            # prevents duplicate license SPDX IDs in the packages
+            package_license = d.getVar("LICENSE:%s" % package)
+            if package_license and package_license != d.getVar("LICENSE"):
+                package_spdx_license = add_license_expression(
+                    d, build_objset, package_license, license_data
+                )
+            else:
+                package_spdx_license = recipe_spdx_license
+
+            pkg_objset.new_relationship(
+                [spdx_package],
+                oe.spdx30.RelationshipType.hasConcludedLicense,
+                [oe.sbom30.get_element_link_id(package_spdx_license)],
+            )
+
+            # NOTE: CVE Elements live in the recipe collection
+            all_cves = set()
+            for status, cves in cve_by_status.items():
+                for cve, items in cves.items():
+                    spdx_cve, detail, description = items
+                    spdx_cve_id = oe.sbom30.get_element_link_id(spdx_cve)
+
+                    all_cves.add(spdx_cve_id)
+
+                    if status == "Patched":
+                        pkg_objset.new_vex_patched_relationship(
+                            [spdx_cve_id], [spdx_package]
+                        )
+                    elif status == "Unpatched":
+                        pkg_objset.new_vex_unpatched_relationship(
+                            [spdx_cve_id], [spdx_package]
+                        )
+                    elif status == "Ignored":
+                        spdx_vex = pkg_objset.new_vex_ignored_relationship(
+                            [spdx_cve_id],
+                            [spdx_package],
+                            impact_statement=description,
+                        )
+
+                        vex_just_type = d.getVarFlag(
+                            "CVE_CHECK_VEX_JUSTIFICATION", detail
+                        )
+                        if vex_just_type:
+                            if (
+                                vex_just_type
+                                not in oe.spdx30.security_VexJustificationType.NAMED_INDIVIDUALS
+                            ):
+                                bb.fatal(
+                                    f"Unknown vex justification '{vex_just_type}', detail '{detail}', for ignored {cve}"
+                                )
+
+                            for v in spdx_vex:
+                                v.security_justificationType = oe.spdx30.security_VexJustificationType.NAMED_INDIVIDUALS[
+                                    vex_just_type
+                                ]
+
+                    elif status == "Unknown":
+                        bb.note(f"Skipping {cve} with status 'Unknown'")
+                    else:
+                        bb.fatal(f"Unknown {cve} status '{status}'")
+
+            if all_cves:
+                pkg_objset.new_relationship(
+                    [spdx_package],
+                    oe.spdx30.RelationshipType.hasAssociatedVulnerability,
+                    sorted(list(all_cves)),
+                )
+
+            bb.debug(1, "Adding package files to SPDX for package %s" % pkg_name)
+            package_files = add_package_files(
+                d,
+                pkg_objset,
+                pkgdest / package,
+                lambda file_counter: pkg_objset.new_spdxid(
+                    "package", pkg_name, "file", str(file_counter)
+                ),
+                # TODO: Can we know the purpose here?
+                lambda filepath: [],
+                license_data,
+                ignore_top_level_dirs=["CONTROL", "DEBIAN"],
+                archive=None,
+            )
+
+            if package_files:
+                pkg_objset.new_relationship(
+                    [spdx_package],
+                    oe.spdx30.RelationshipType.contains,
+                    sorted(list(package_files)),
+                )
+
+            if include_sources:
+                debug_sources = get_package_sources_from_debug(
+                    d, package, package_files, dep_sources, source_hash_cache
+                )
+                debug_source_ids |= set(
+                    oe.sbom30.get_element_link_id(d) for d in debug_sources
+                )
+
+            oe.sbom30.write_recipe_jsonld_doc(
+                d, pkg_objset, "packages-staging", deploydir, create_spdx_id_links=False
+            )
+
+    if include_sources:
+        bb.debug(1, "Adding sysroot files to SPDX")
+        sysroot_files = add_package_files(
+            d,
+            build_objset,
+            d.expand("${COMPONENTS_DIR}/${PACKAGE_ARCH}/${PN}"),
+            lambda file_counter: build_objset.new_spdxid("sysroot", str(file_counter)),
+            lambda filepath: [],
+            license_data,
+            archive=None,
+        )
+
+        if sysroot_files:
+            build_objset.new_scoped_relationship(
+                [build],
+                oe.spdx30.RelationshipType.hasOutput,
+                oe.spdx30.LifecycleScopeType.build,
+                sorted(list(sysroot_files)),
+            )
+
+    if build_inputs or debug_source_ids:
+        build_objset.new_scoped_relationship(
+            [build],
+            oe.spdx30.RelationshipType.hasInput,
+            oe.spdx30.LifecycleScopeType.build,
+            sorted(list(build_inputs)) + sorted(list(debug_source_ids)),
+        )
+
+    oe.sbom30.write_recipe_jsonld_doc(d, build_objset, "recipes", deploydir)
+
+
+def create_package_spdx(d):
+    deploy_dir_spdx = Path(d.getVar("DEPLOY_DIR_SPDX"))
+    deploydir = Path(d.getVar("SPDXRUNTIMEDEPLOY"))
+    is_native = bb.data.inherits_class("native", d) or bb.data.inherits_class(
+        "cross", d
+    )
+
+    providers = oe.spdx_common.collect_package_providers(d)
+    pkg_arch = d.getVar("SSTATE_PKGARCH")
+
+    if is_native:
+        return
+
+    bb.build.exec_func("read_subpackage_metadata", d)
+
+    dep_package_cache = {}
+
+    # Any element common to all packages that need to be referenced by ID
+    # should be written into this objset set
+    common_objset = oe.sbom30.ObjectSet.new_objset(
+        d, "%s-package-common" % d.getVar("PN")
+    )
+
+    pkgdest = Path(d.getVar("PKGDEST"))
+    for package in d.getVar("PACKAGES").split():
+        localdata = bb.data.createCopy(d)
+        pkg_name = d.getVar("PKG:%s" % package) or package
+        localdata.setVar("PKG", pkg_name)
+        localdata.setVar("OVERRIDES", d.getVar("OVERRIDES", False) + ":" + package)
+
+        if not oe.packagedata.packaged(package, localdata):
+            continue
+
+        spdx_package, pkg_objset = oe.sbom30.load_obj_in_jsonld(
+            d,
+            pkg_arch,
+            "packages-staging",
+            "package-" + pkg_name,
+            oe.spdx30.software_Package,
+            software_primaryPurpose=oe.spdx30.software_SoftwarePurpose.install,
+        )
+
+        # We will write out a new collection, so link it to the new
+        # creation info in the common package data. The old creation info
+        # should still exist and be referenced by all the existing elements
+        # in the package
+        pkg_objset.creationInfo = pkg_objset.copy_creation_info(
+            common_objset.doc.creationInfo
+        )
+
+        runtime_spdx_deps = set()
+
+        deps = bb.utils.explode_dep_versions2(localdata.getVar("RDEPENDS") or "")
+        seen_deps = set()
+        for dep, _ in deps.items():
+            if dep in seen_deps:
+                continue
+
+            if dep not in providers:
+                continue
+
+            (dep, _) = providers[dep]
+
+            if not oe.packagedata.packaged(dep, localdata):
+                continue
+
+            dep_pkg_data = oe.packagedata.read_subpkgdata_dict(dep, d)
+            dep_pkg = dep_pkg_data["PKG"]
+
+            if dep in dep_package_cache:
+                dep_spdx_package = dep_package_cache[dep]
+            else:
+                bb.debug(1, "Searching for %s" % dep_pkg)
+                dep_spdx_package, _ = oe.sbom30.find_root_obj_in_jsonld(
+                    d,
+                    "packages-staging",
+                    "package-" + dep_pkg,
+                    oe.spdx30.software_Package,
+                    software_primaryPurpose=oe.spdx30.software_SoftwarePurpose.install,
+                )
+                dep_package_cache[dep] = dep_spdx_package
+
+            runtime_spdx_deps.add(dep_spdx_package)
+            seen_deps.add(dep)
+
+        if runtime_spdx_deps:
+            pkg_objset.new_scoped_relationship(
+                [spdx_package],
+                oe.spdx30.RelationshipType.dependsOn,
+                oe.spdx30.LifecycleScopeType.runtime,
+                [oe.sbom30.get_element_link_id(dep) for dep in runtime_spdx_deps],
+            )
+
+        oe.sbom30.write_recipe_jsonld_doc(d, pkg_objset, "packages", deploydir)
+
+    oe.sbom30.write_recipe_jsonld_doc(d, common_objset, "common-package", deploydir)
+
+
+def write_bitbake_spdx(d):
+    # Set PN to "bitbake" so that SPDX IDs can be generated
+    d.setVar("PN", "bitbake")
+    d.setVar("BB_TASKHASH", "bitbake")
+    oe.spdx_common.load_spdx_license_data(d)
+
+    deploy_dir_spdx = Path(d.getVar("DEPLOY_DIR_SPDX"))
+
+    objset = oe.sbom30.ObjectSet.new_objset(d, "bitbake", False)
+
+    host_import_key = d.getVar("SPDX_BUILD_HOST")
+    invoked_by = objset.new_agent("SPDX_INVOKED_BY", add=False)
+    on_behalf_of = objset.new_agent("SPDX_ON_BEHALF_OF", add=False)
+
+    if d.getVar("SPDX_INCLUDE_BITBAKE_PARENT_BUILD") == "1":
+        # Since the Build objects are unique, we may as well set the creation
+        # time to the current time instead of the fallback SDE
+        objset.doc.creationInfo.created = datetime.now(timezone.utc)
+
+        # Each invocation of bitbake should have a unique ID since it is a
+        # unique build
+        nonce = os.urandom(16).hex()
+
+        build = objset.add_root(
+            oe.spdx30.build_Build(
+                _id=objset.new_spdxid(nonce, include_unihash=False),
+                creationInfo=objset.doc.creationInfo,
+                build_buildType=oe.sbom30.SPDX_BUILD_TYPE,
+            )
+        )
+        set_timestamp_now(d, build, "build_buildStartTime")
+
+        if host_import_key:
+            objset.new_scoped_relationship(
+                [build],
+                oe.spdx30.RelationshipType.hasHost,
+                oe.spdx30.LifecycleScopeType.build,
+                [objset.new_import(host_import_key)],
+            )
+
+        if invoked_by:
+            objset.add(invoked_by)
+            invoked_by_spdx = objset.new_scoped_relationship(
+                [build],
+                oe.spdx30.RelationshipType.invokedBy,
+                oe.spdx30.LifecycleScopeType.build,
+                [invoked_by],
+            )
+
+            if on_behalf_of:
+                objset.add(on_behalf_of)
+                objset.new_scoped_relationship(
+                    [on_behalf_of],
+                    oe.spdx30.RelationshipType.delegatedTo,
+                    oe.spdx30.LifecycleScopeType.build,
+                    invoked_by_spdx,
+                )
+
+        elif on_behalf_of:
+            bb.warn("SPDX_ON_BEHALF_OF has no effect if SPDX_INVOKED_BY is not set")
+
+    else:
+        if host_import_key:
+            bb.warn(
+                "SPDX_BUILD_HOST has no effect if SPDX_INCLUDE_BITBAKE_PARENT_BUILD is not set"
+            )
+
+        if invoked_by:
+            bb.warn(
+                "SPDX_INVOKED_BY has no effect if SPDX_INCLUDE_BITBAKE_PARENT_BUILD is not set"
+            )
+
+        if on_behalf_of:
+            bb.warn(
+                "SPDX_ON_BEHALF_OF has no effect if SPDX_INCLUDE_BITBAKE_PARENT_BUILD is not set"
+            )
+
+    for obj in objset.foreach_type(oe.spdx30.Element):
+        obj.extension.append(oe.sbom30.OEIdAliasExtension())
+
+    oe.sbom30.write_jsonld_doc(d, objset, deploy_dir_spdx / "bitbake.spdx.json")
+
+
+def collect_build_package_inputs(d, objset, build, packages, files_by_hash=None):
+    import oe.sbom30
+
+    providers = oe.spdx_common.collect_package_providers(d)
+
+    build_deps = set()
+    missing_providers = set()
+
+    for name in sorted(packages.keys()):
+        if name not in providers:
+            missing_providers.add(name)
+            continue
+
+        pkg_name, pkg_hashfn = providers[name]
+
+        # Copy all of the package SPDX files into the Sbom elements
+        pkg_spdx, pkg_objset = oe.sbom30.find_root_obj_in_jsonld(
+            d,
+            "packages",
+            "package-" + pkg_name,
+            oe.spdx30.software_Package,
+            software_primaryPurpose=oe.spdx30.software_SoftwarePurpose.install,
+        )
+        build_deps.add(oe.sbom30.get_element_link_id(pkg_spdx))
+
+        if files_by_hash is not None:
+            for h, f in pkg_objset.by_sha256_hash.items():
+                files_by_hash.setdefault(h, set()).update(f)
+
+    if missing_providers:
+        bb.fatal(
+            f"Unable to find SPDX provider(s) for: {', '.join(sorted(missing_providers))}"
+        )
+
+    if build_deps:
+        objset.new_scoped_relationship(
+            [build],
+            oe.spdx30.RelationshipType.hasInput,
+            oe.spdx30.LifecycleScopeType.build,
+            sorted(list(build_deps)),
+        )
+
+
+def create_rootfs_spdx(d):
+    deploy_dir_spdx = Path(d.getVar("DEPLOY_DIR_SPDX"))
+    deploydir = Path(d.getVar("SPDXROOTFSDEPLOY"))
+    root_packages_file = Path(d.getVar("SPDX_ROOTFS_PACKAGES"))
+    image_basename = d.getVar("IMAGE_BASENAME")
+    image_rootfs = d.getVar("IMAGE_ROOTFS")
+    machine = d.getVar("MACHINE")
+
+    with root_packages_file.open("r") as f:
+        packages = json.load(f)
+
+    objset = oe.sbom30.ObjectSet.new_objset(
+        d, "%s-%s-rootfs" % (image_basename, machine)
+    )
+
+    rootfs = objset.add_root(
+        oe.spdx30.software_Package(
+            _id=objset.new_spdxid("rootfs", image_basename),
+            creationInfo=objset.doc.creationInfo,
+            name=image_basename,
+            software_primaryPurpose=oe.spdx30.software_SoftwarePurpose.archive,
+        )
+    )
+    set_timestamp_now(d, rootfs, "builtTime")
+
+    rootfs_build = objset.add_root(objset.new_task_build("rootfs", "rootfs"))
+    set_timestamp_now(d, rootfs_build, "build_buildEndTime")
+
+    objset.new_scoped_relationship(
+        [rootfs_build],
+        oe.spdx30.RelationshipType.hasOutput,
+        oe.spdx30.LifecycleScopeType.build,
+        [rootfs],
+    )
+
+    files_by_hash = {}
+    collect_build_package_inputs(d, objset, rootfs_build, packages, files_by_hash)
+
+    files = set()
+    for dirpath, dirnames, filenames in os.walk(image_rootfs, onerror=walk_error):
+        dirnames.sort()
+        filenames.sort()
+        for fn in filenames:
+            fpath = Path(dirpath) / fn
+            if fpath.is_symlink() or not fpath.is_file():
+                continue
+
+            relpath = str(fpath.relative_to(image_rootfs))
+            h = bb.utils.sha256_file(fpath)
+
+            found = False
+            if h in files_by_hash:
+                for f in files_by_hash[h]:
+                    if isinstance(f, oe.spdx30.software_File) and f.name == relpath:
+                        files.add(oe.sbom30.get_element_link_id(f))
+                        found = True
+                        break
+
+            if not found:
+                files.add(
+                    objset.new_file(
+                        objset.new_spdxid("rootfs-file", relpath),
+                        relpath,
+                        fpath,
+                    )
+                )
+
+    if files:
+        objset.new_relationship(
+            [rootfs],
+            oe.spdx30.RelationshipType.contains,
+            sorted(list(files)),
+        )
+
+    oe.sbom30.write_recipe_jsonld_doc(d, objset, "rootfs", deploydir)
+
+
+def create_image_spdx(d):
+    import oe.sbom30
+
+    image_deploy_dir = Path(d.getVar("IMGDEPLOYDIR"))
+    manifest_path = Path(d.getVar("IMAGE_OUTPUT_MANIFEST"))
+    spdx_work_dir = Path(d.getVar("SPDXIMAGEWORK"))
+
+    image_basename = d.getVar("IMAGE_BASENAME")
+    machine = d.getVar("MACHINE")
+
+    objset = oe.sbom30.ObjectSet.new_objset(
+        d, "%s-%s-image" % (image_basename, machine)
+    )
+
+    with manifest_path.open("r") as f:
+        manifest = json.load(f)
+
+    builds = []
+    for task in manifest:
+        imagetype = task["imagetype"]
+        taskname = task["taskname"]
+
+        image_build = objset.add_root(
+            objset.new_task_build(taskname, "image/%s" % imagetype)
+        )
+        set_timestamp_now(d, image_build, "build_buildEndTime")
+        builds.append(image_build)
+
+        artifacts = []
+
+        for image in task["images"]:
+            image_filename = image["filename"]
+            image_path = image_deploy_dir / image_filename
+            if os.path.isdir(image_path):
+                a = add_package_files(
+                        d,
+                        objset,
+                        image_path,
+                        lambda file_counter: objset.new_spdxid(
+                            "imagefile", str(file_counter)
+                        ),
+                        lambda filepath: [],
+                        license_data=None,
+                        ignore_dirs=[],
+                        ignore_top_level_dirs=[],
+                        archive=None,
+                )
+                artifacts.extend(a)
+            else:
+                a = objset.add_root(
+                    oe.spdx30.software_File(
+                        _id=objset.new_spdxid("image", image_filename),
+                        creationInfo=objset.doc.creationInfo,
+                        name=image_filename,
+                        verifiedUsing=[
+                            oe.spdx30.Hash(
+                                algorithm=oe.spdx30.HashAlgorithm.sha256,
+                                hashValue=bb.utils.sha256_file(image_path),
+                            )
+                        ],
+                    )
+                )
+
+                artifacts.append(a)
+
+            for a in artifacts:
+                set_purposes(
+                    d, a, "SPDX_IMAGE_PURPOSE:%s" % imagetype, "SPDX_IMAGE_PURPOSE"
+                )
+
+                set_timestamp_now(d, a, "builtTime")
+
+
+        if artifacts:
+            objset.new_scoped_relationship(
+                [image_build],
+                oe.spdx30.RelationshipType.hasOutput,
+                oe.spdx30.LifecycleScopeType.build,
+                artifacts,
+            )
+
+    if builds:
+        rootfs_image, _ = oe.sbom30.find_root_obj_in_jsonld(
+            d,
+            "rootfs",
+            "%s-%s-rootfs" % (image_basename, machine),
+            oe.spdx30.software_Package,
+            # TODO: Should use a purpose to filter here?
+        )
+        objset.new_scoped_relationship(
+            builds,
+            oe.spdx30.RelationshipType.hasInput,
+            oe.spdx30.LifecycleScopeType.build,
+            [oe.sbom30.get_element_link_id(rootfs_image)],
+        )
+
+    objset.add_aliases()
+    objset.link()
+    oe.sbom30.write_recipe_jsonld_doc(d, objset, "image", spdx_work_dir)
+
+
+def create_image_sbom_spdx(d):
+    import oe.sbom30
+
+    image_name = d.getVar("IMAGE_NAME")
+    image_basename = d.getVar("IMAGE_BASENAME")
+    image_link_name = d.getVar("IMAGE_LINK_NAME")
+    imgdeploydir = Path(d.getVar("SPDXIMAGEDEPLOYDIR"))
+    machine = d.getVar("MACHINE")
+
+    spdx_path = imgdeploydir / (image_name + ".spdx.json")
+
+    root_elements = []
+
+    # TODO: Do we need to add the rootfs or are the image files sufficient?
+    rootfs_image, _ = oe.sbom30.find_root_obj_in_jsonld(
+        d,
+        "rootfs",
+        "%s-%s-rootfs" % (image_basename, machine),
+        oe.spdx30.software_Package,
+        # TODO: Should use a purpose here?
+    )
+    root_elements.append(oe.sbom30.get_element_link_id(rootfs_image))
+
+    image_objset, _ = oe.sbom30.find_jsonld(
+        d, "image", "%s-%s-image" % (image_basename, machine), required=True
+    )
+    for o in image_objset.foreach_root(oe.spdx30.software_File):
+        root_elements.append(oe.sbom30.get_element_link_id(o))
+
+    objset, sbom = oe.sbom30.create_sbom(d, image_name, root_elements)
+
+    oe.sbom30.write_jsonld_doc(d, objset, spdx_path)
+
+    def make_image_link(target_path, suffix):
+        if image_link_name:
+            link = imgdeploydir / (image_link_name + suffix)
+            if link != target_path:
+                link.symlink_to(os.path.relpath(target_path, link.parent))
+
+    make_image_link(spdx_path, ".spdx.json")
+
+
+def sdk_create_spdx(d, sdk_type, spdx_work_dir, toolchain_outputname):
+    sdk_name = toolchain_outputname + "-" + sdk_type
+    sdk_packages = oe.sdk.sdk_list_installed_packages(d, sdk_type == "target")
+
+    objset = oe.sbom30.ObjectSet.new_objset(d, sdk_name)
+
+    sdk_rootfs = objset.add_root(
+        oe.spdx30.software_Package(
+            _id=objset.new_spdxid("sdk-rootfs", sdk_name),
+            creationInfo=objset.doc.creationInfo,
+            name=sdk_name,
+            software_primaryPurpose=oe.spdx30.software_SoftwarePurpose.archive,
+        )
+    )
+    set_timestamp_now(d, sdk_rootfs, "builtTime")
+
+    sdk_build = objset.add_root(objset.new_task_build("sdk-rootfs", "sdk-rootfs"))
+    set_timestamp_now(d, sdk_build, "build_buildEndTime")
+
+    objset.new_scoped_relationship(
+        [sdk_build],
+        oe.spdx30.RelationshipType.hasOutput,
+        oe.spdx30.LifecycleScopeType.build,
+        [sdk_rootfs],
+    )
+
+    collect_build_package_inputs(d, objset, sdk_build, sdk_packages)
+
+    objset.add_aliases()
+    oe.sbom30.write_jsonld_doc(d, objset, spdx_work_dir / "sdk-rootfs.spdx.json")
+
+
+def create_sdk_sbom(d, sdk_deploydir, spdx_work_dir, toolchain_outputname):
+    # Load the document written earlier
+    rootfs_objset = oe.sbom30.load_jsonld(
+        d, spdx_work_dir / "sdk-rootfs.spdx.json", required=True
+    )
+
+    # Create a new build for the SDK installer
+    sdk_build = rootfs_objset.new_task_build("sdk-populate", "sdk-populate")
+    set_timestamp_now(d, sdk_build, "build_buildEndTime")
+
+    rootfs = rootfs_objset.find_root(oe.spdx30.software_Package)
+    if rootfs is None:
+        bb.fatal("Unable to find rootfs artifact")
+
+    rootfs_objset.new_scoped_relationship(
+        [sdk_build],
+        oe.spdx30.RelationshipType.hasInput,
+        oe.spdx30.LifecycleScopeType.build,
+        [rootfs],
+    )
+
+    files = set()
+    root_files = []
+
+    # NOTE: os.walk() doesn't return symlinks
+    for dirpath, dirnames, filenames in os.walk(sdk_deploydir, onerror=walk_error):
+        dirnames.sort()
+        filenames.sort()
+        for fn in filenames:
+            fpath = Path(dirpath) / fn
+            if not fpath.is_file() or fpath.is_symlink():
+                continue
+
+            relpath = str(fpath.relative_to(sdk_deploydir))
+
+            f = rootfs_objset.new_file(
+                rootfs_objset.new_spdxid("sdk-installer", relpath),
+                relpath,
+                fpath,
+            )
+            set_timestamp_now(d, f, "builtTime")
+
+            if fn.endswith(".manifest"):
+                f.software_primaryPurpose = oe.spdx30.software_SoftwarePurpose.manifest
+            elif fn.endswith(".testdata.json"):
+                f.software_primaryPurpose = (
+                    oe.spdx30.software_SoftwarePurpose.configuration
+                )
+            else:
+                set_purposes(d, f, "SPDX_SDK_PURPOSE")
+                root_files.append(f)
+
+            files.add(f)
+
+    if files:
+        rootfs_objset.new_scoped_relationship(
+            [sdk_build],
+            oe.spdx30.RelationshipType.hasOutput,
+            oe.spdx30.LifecycleScopeType.build,
+            files,
+        )
+    else:
+        bb.warn(f"No SDK output files found in {sdk_deploydir}")
+
+    objset, sbom = oe.sbom30.create_sbom(
+        d, toolchain_outputname, sorted(list(files)), [rootfs_objset]
+    )
+
+    oe.sbom30.write_jsonld_doc(
+        d, objset, sdk_deploydir / (toolchain_outputname + ".spdx.json")
+    )
diff --git a/meta/lib/oe/spdx_common.py b/meta/lib/oe/spdx_common.py
new file mode 100644
index 0000000000..c2dec65563
--- /dev/null
+++ b/meta/lib/oe/spdx_common.py
@@ -0,0 +1,285 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+
+import bb
+import collections
+import json
+import oe.packagedata
+import re
+import shutil
+
+from pathlib import Path
+from dataclasses import dataclass
+
+LIC_REGEX = re.compile(
+    rb"^\W*SPDX-License-Identifier:\s*([ \w\d.()+-]+?)(?:\s+\W*)?$",
+    re.MULTILINE,
+)
+
+
+def extract_licenses(filename):
+    """
+    Extract SPDX License identifiers from a file
+    """
+    try:
+        with open(filename, "rb") as f:
+            size = min(15000, os.stat(filename).st_size)
+            txt = f.read(size)
+            licenses = re.findall(LIC_REGEX, txt)
+            if licenses:
+                ascii_licenses = [lic.decode("ascii") for lic in licenses]
+                return ascii_licenses
+    except Exception as e:
+        bb.warn(f"Exception reading {filename}: {e}")
+    return []
+
+
+def is_work_shared_spdx(d):
+    return '/work-shared/' in d.getVar('S')
+
+
+def load_spdx_license_data(d):
+    with open(d.getVar("SPDX_LICENSES"), "r") as f:
+        data = json.load(f)
+        # Transform the license array to a dictionary
+        data["licenses"] = {l["licenseId"]: l for l in data["licenses"]}
+
+    return data
+
+
+def process_sources(d):
+    """
+    Returns True if the sources for this recipe should be included in the SPDX
+    or False if not
+    """
+    pn = d.getVar("PN")
+    assume_provided = (d.getVar("ASSUME_PROVIDED") or "").split()
+    if pn in assume_provided:
+        for p in d.getVar("PROVIDES").split():
+            if p != pn:
+                pn = p
+                break
+
+    # glibc-locale: do_fetch, do_unpack and do_patch tasks have been deleted,
+    # so avoid archiving source here.
+    if pn.startswith("glibc-locale"):
+        return False
+    if d.getVar("PN") == "libtool-cross":
+        return False
+    if d.getVar("PN") == "libgcc-initial":
+        return False
+    if d.getVar("PN") == "shadow-sysroot":
+        return False
+
+    return True
+
+
+@dataclass(frozen=True)
+class Dep(object):
+    pn: str
+    hashfn: str
+    in_taskhash: bool
+
+
+def collect_direct_deps(d, dep_task):
+    """
+    Find direct dependencies of current task
+
+    Returns the list of recipes that have a dep_task that the current task
+    depends on
+    """
+    current_task = "do_" + d.getVar("BB_CURRENTTASK")
+    pn = d.getVar("PN")
+
+    taskdepdata = d.getVar("BB_TASKDEPDATA", False)
+
+    for this_dep in taskdepdata.values():
+        if this_dep[0] == pn and this_dep[1] == current_task:
+            break
+    else:
+        bb.fatal(f"Unable to find this {pn}:{current_task} in taskdepdata")
+
+    deps = set()
+
+    for dep_name in this_dep.deps:
+        dep_data = taskdepdata[dep_name]
+        if dep_data.taskname == dep_task and dep_data.pn != pn:
+            deps.add((dep_data.pn, dep_data.hashfn, dep_name in this_dep.taskhash_deps))
+
+    return sorted(deps)
+
+
+def get_spdx_deps(d):
+    """
+    Reads the SPDX dependencies JSON file and returns the data
+    """
+    spdx_deps_file = Path(d.getVar("SPDXDEPS"))
+
+    deps = []
+    with spdx_deps_file.open("r") as f:
+        for d in json.load(f):
+            deps.append(Dep(*d))
+    return deps
+
+
+def collect_package_providers(d):
+    """
+    Returns a dictionary where each RPROVIDES is mapped to the package that
+    provides it
+    """
+    deploy_dir_spdx = Path(d.getVar("DEPLOY_DIR_SPDX"))
+
+    providers = {}
+
+    deps = collect_direct_deps(d, "do_create_spdx")
+    deps.append((d.getVar("PN"), d.getVar("BB_HASHFILENAME"), True))
+
+    for dep_pn, dep_hashfn, _ in deps:
+        localdata = d
+        recipe_data = oe.packagedata.read_pkgdata(dep_pn, localdata)
+        if not recipe_data:
+            localdata = bb.data.createCopy(d)
+            localdata.setVar("PKGDATA_DIR", "${PKGDATA_DIR_SDK}")
+            recipe_data = oe.packagedata.read_pkgdata(dep_pn, localdata)
+
+        for pkg in recipe_data.get("PACKAGES", "").split():
+            pkg_data = oe.packagedata.read_subpkgdata_dict(pkg, localdata)
+            rprovides = set(
+                n
+                for n, _ in bb.utils.explode_dep_versions2(
+                    pkg_data.get("RPROVIDES", "")
+                ).items()
+            )
+            rprovides.add(pkg)
+
+            if "PKG" in pkg_data:
+                pkg = pkg_data["PKG"]
+                rprovides.add(pkg)
+
+            for r in rprovides:
+                providers[r] = (pkg, dep_hashfn)
+
+    return providers
+
+
+def get_patched_src(d):
+    """
+    Save patched source of the recipe in SPDX_WORKDIR.
+    """
+    spdx_workdir = d.getVar("SPDXWORK")
+    spdx_sysroot_native = d.getVar("STAGING_DIR_NATIVE")
+    pn = d.getVar("PN")
+
+    workdir = d.getVar("WORKDIR")
+
+    try:
+        # The kernel class functions require it to be on work-shared, so we dont change WORKDIR
+        if not is_work_shared_spdx(d):
+            # Change the WORKDIR to make do_unpack do_patch run in another dir.
+            d.setVar("WORKDIR", spdx_workdir)
+            # Restore the original path to recipe's native sysroot (it's relative to WORKDIR).
+            d.setVar("STAGING_DIR_NATIVE", spdx_sysroot_native)
+
+            # The changed 'WORKDIR' also caused 'B' changed, create dir 'B' for the
+            # possibly requiring of the following tasks (such as some recipes's
+            # do_patch required 'B' existed).
+            bb.utils.mkdirhier(d.getVar("B"))
+
+            bb.build.exec_func("do_unpack", d)
+
+            if d.getVar("SRC_URI") != "":
+                if bb.data.inherits_class('dos2unix', d):
+                    bb.build.exec_func('do_convert_crlf_to_lf', d)
+                bb.build.exec_func("do_patch", d)
+
+        # Copy source from work-share to spdx_workdir
+        if is_work_shared_spdx(d):
+            share_src = d.getVar('S')
+            d.setVar("WORKDIR", spdx_workdir)
+            d.setVar("STAGING_DIR_NATIVE", spdx_sysroot_native)
+            # Copy source to ${SPDXWORK}, same basename dir of ${S};
+            src_dir = (
+                spdx_workdir
+                + "/"
+                + os.path.basename(share_src)
+            )
+            # For kernel souce, rename suffix dir 'kernel-source'
+            # to ${BP} (${BPN}-${PV})
+            if bb.data.inherits_class("kernel", d):
+                src_dir = spdx_workdir + "/" + d.getVar('BP')
+
+            bb.note(f"copyhardlinktree {share_src} to {src_dir}")
+            oe.path.copyhardlinktree(share_src, src_dir)
+
+        # Some userland has no source.
+        if not os.path.exists(spdx_workdir):
+            bb.utils.mkdirhier(spdx_workdir)
+    finally:
+        d.setVar("WORKDIR", workdir)
+
+
+def has_task(d, task):
+    return bool(d.getVarFlag(task, "task", False)) and not bool(d.getVarFlag(task, "noexec", False))
+
+
+def fetch_data_to_uri(fd, name):
+    """
+    Translates a bitbake FetchData to a string URI
+    """
+    uri = fd.type
+    # Map gitsm to git, since gitsm:// is not a valid URI protocol
+    if uri == "gitsm":
+        uri = "git"
+    proto = getattr(fd, "proto", None)
+    if proto is not None:
+        uri = uri + "+" + proto
+    uri = uri + "://" + fd.host + fd.path
+
+    if fd.method.supports_srcrev():
+        uri = uri + "@" + fd.revision
+
+    return uri
+
+def is_compiled_source (filename, compiled_sources, types):
+    """
+    Check if the file is a compiled file
+    """
+    import os
+    # If we don't have compiled source, we assume all are compiled.
+    if not compiled_sources:
+        return True
+
+    # We return always true if the file type is not in the list of compiled files.
+    # Some files in the source directory are not compiled, for example, Makefiles,
+    # but also python .py file. We need to include them in the SPDX.
+    basename = os.path.basename(filename)
+    ext = basename.partition(".")[2]
+    if ext not in types:
+        return True
+    # Check that the file is in the list
+    return filename in compiled_sources
+
+def get_compiled_sources(d):
+    """
+    Get list of compiled sources from debug information and normalize the paths
+    """
+    import itertools
+    source_info = oe.package.read_debugsources_info(d)
+    if not source_info:
+        bb.debug(1, "Do not have debugsources.list. Skipping")
+        return [], []
+
+    # Sources are not split now in SPDX, so we aggregate them
+    sources = set(itertools.chain.from_iterable(source_info.values()))
+    # Check extensions of files
+    types = set()
+    for src in sources:
+        basename = os.path.basename(src)
+        ext = basename.partition(".")[2]
+        if ext not in types and ext:
+            types.add(ext)
+    bb.debug(1, f"Num of sources: {len(sources)} and types: {len(types)} {str(types)}")
+    return sources, types
diff --git a/meta/lib/oe/sstatesig.py b/meta/lib/oe/sstatesig.py
index 6cd6e11acc..ef687f5d41 100644
--- a/meta/lib/oe/sstatesig.py
+++ b/meta/lib/oe/sstatesig.py
@@ -1,9 +1,13 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
+import bb.parse
 import bb.siggen
 import bb.runqueue
 import oe
+import netrc
 
 def sstate_rundepfilter(siggen, fn, recipename, task, dep, depname, dataCaches):
     # Return True if we should keep the dependency, False to drop it
@@ -28,6 +32,12 @@ def sstate_rundepfilter(siggen, fn, recipename, task, dep, depname, dataCaches):
     depmc, _, deptaskname, depmcfn = bb.runqueue.split_tid_mcfn(dep)
     mc, _ = bb.runqueue.split_mc(fn)
 
+    # We can skip the rm_work task signature to avoid running the task
+    # when we remove some tasks from the dependencie chain
+    # i.e INHERIT:remove = "create-spdx" will trigger the do_rm_work
+    if task == "do_rm_work":
+        return False
+
     # (Almost) always include our own inter-task dependencies (unless it comes
     # from a mcdepends). The exception is the special
     # do_kernel_configme->do_unpack_and_patch dependency from archiver.bbclass.
@@ -59,7 +69,7 @@ def sstate_rundepfilter(siggen, fn, recipename, task, dep, depname, dataCaches):
         return False
 
     # Kernel modules are well namespaced. We don't want to depend on the kernel's checksum
-    # if we're just doing an RRECOMMENDS_xxx = "kernel-module-*", not least because the checksum
+    # if we're just doing an RRECOMMENDS:xxx = "kernel-module-*", not least because the checksum
     # is machine specific.
     # Therefore if we're not a kernel or a module recipe (inheriting the kernel classes)
     # and we reccomend a kernel-module, we exclude the dependency.
@@ -84,14 +94,13 @@ def sstate_lockedsigs(d):
             sigs[pn][task] = [h, siggen_lockedsigs_var]
     return sigs
 
-class SignatureGeneratorOEBasic(bb.siggen.SignatureGeneratorBasic):
-    name = "OEBasic"
-    def init_rundepcheck(self, data):
-        self.abisaferecipes = (data.getVar("SIGGEN_EXCLUDERECIPES_ABISAFE") or "").split()
-        self.saferecipedeps = (data.getVar("SIGGEN_EXCLUDE_SAFE_RECIPE_DEPS") or "").split()
-        pass
-    def rundep_check(self, fn, recipename, task, dep, depname, dataCaches = None):
-        return sstate_rundepfilter(self, fn, recipename, task, dep, depname, dataCaches)
+def lockedsigs_unihashmap(d):
+    unihashmap = {}
+    data = (d.getVar("SIGGEN_UNIHASHMAP") or "").split()
+    for entry in data:
+        pn, task, taskhash, unihash = entry.split(":")
+        unihashmap[(pn, task)] = (taskhash, unihash)
+    return unihashmap
 
 class SignatureGeneratorOEBasicHashMixIn(object):
     supports_multiconfig_datacaches = True
@@ -100,15 +109,17 @@ class SignatureGeneratorOEBasicHashMixIn(object):
         self.abisaferecipes = (data.getVar("SIGGEN_EXCLUDERECIPES_ABISAFE") or "").split()
         self.saferecipedeps = (data.getVar("SIGGEN_EXCLUDE_SAFE_RECIPE_DEPS") or "").split()
         self.lockedsigs = sstate_lockedsigs(data)
+        self.unihashmap = lockedsigs_unihashmap(data)
         self.lockedhashes = {}
         self.lockedpnmap = {}
         self.lockedhashfn = {}
         self.machine = data.getVar("MACHINE")
         self.mismatch_msgs = []
+        self.mismatch_number = 0
+        self.lockedsigs_msgs = ""
         self.unlockedrecipes = (data.getVar("SIGGEN_UNLOCKED_RECIPES") or
                                 "").split()
         self.unlockedrecipes = { k: "" for k in self.unlockedrecipes }
-        self.buildarch = data.getVar('BUILD_ARCH')
         self._internal = False
         pass
 
@@ -142,18 +153,12 @@ class SignatureGeneratorOEBasicHashMixIn(object):
         super().set_taskdata(data[3:])
 
     def dump_sigs(self, dataCache, options):
-        sigfile = os.getcwd() + "/locked-sigs.inc"
-        bb.plain("Writing locked sigs to %s" % sigfile)
-        self.dump_lockedsigs(sigfile)
+        if 'lockedsigs' in options:
+            sigfile = os.getcwd() + "/locked-sigs.inc"
+            bb.plain("Writing locked sigs to %s" % sigfile)
+            self.dump_lockedsigs(sigfile)
         return super(bb.siggen.SignatureGeneratorBasicHash, self).dump_sigs(dataCache, options)
 
-    def prep_taskhash(self, tid, deps, dataCaches):
-        super().prep_taskhash(tid, deps, dataCaches)
-        if hasattr(self, "extramethod"):
-            (mc, _, _, fn) = bb.runqueue.split_tid_mcfn(tid)
-            inherits = " ".join(dataCaches[mc].inherits[fn])
-            if inherits.find("/native.bbclass") != -1 or inherits.find("/cross.bbclass") != -1:
-                self.extramethod[tid] = ":" + self.buildarch
 
     def get_taskhash(self, tid, deps, dataCaches):
         if tid in self.lockedhashes:
@@ -196,6 +201,7 @@ class SignatureGeneratorOEBasicHashMixIn(object):
                 #bb.warn("Using %s %s %s" % (recipename, task, h))
 
                 if h != h_locked and h_locked != unihash:
+                    self.mismatch_number += 1
                     self.mismatch_msgs.append('The %s:%s sig is computed to be %s, but the sig is locked to %s in %s'
                                           % (recipename, task, h, h_locked, var))
 
@@ -210,10 +216,19 @@ class SignatureGeneratorOEBasicHashMixIn(object):
             return self.lockedhashes[tid]
         return super().get_stampfile_hash(tid)
 
-    def get_unihash(self, tid):
+    def get_cached_unihash(self, tid):
         if tid in self.lockedhashes and self.lockedhashes[tid] and not self._internal:
             return self.lockedhashes[tid]
-        return super().get_unihash(tid)
+
+        (mc, _, task, fn) = bb.runqueue.split_tid_mcfn(tid)
+        recipename = self.lockedpnmap[fn]
+
+        if (recipename, task) in self.unihashmap:
+            taskhash, unihash = self.unihashmap[(recipename, task)]
+            if taskhash == self.taskhash[tid]:
+                return unihash
+
+        return super().get_cached_unihash(tid)
 
     def dump_sigtask(self, fn, task, stampbase, runtime):
         tid = fn + ":" + task
@@ -223,17 +238,26 @@ class SignatureGeneratorOEBasicHashMixIn(object):
 
     def dump_lockedsigs(self, sigfile, taskfilter=None):
         types = {}
+        unihashmap = {}
         for tid in self.runtaskdeps:
+            # Bitbake changed this to a tuple in newer versions
+            if isinstance(tid, tuple):
+                tid = tid[1]
             if taskfilter:
                 if not tid in taskfilter:
                     continue
-            fn = bb.runqueue.fn_from_tid(tid)
+            (_, _, task, fn) = bb.runqueue.split_tid_mcfn(tid)
             t = self.lockedhashfn[fn].split(" ")[1].split(":")[5]
             t = 't-' + t.replace('_', '-')
             if t not in types:
                 types[t] = []
             types[t].append(tid)
 
+            taskhash = self.taskhash[tid]
+            unihash = self.get_unihash(tid)
+            if taskhash != unihash:
+                unihashmap[tid] = "    " + self.lockedpnmap[fn] + ":" + task + ":" + taskhash + ":" + unihash
+
         with open(sigfile, "w") as f:
             l = sorted(types)
             for t in l:
@@ -246,15 +270,31 @@ class SignatureGeneratorOEBasicHashMixIn(object):
                         continue
                     f.write("    " + self.lockedpnmap[fn] + ":" + task + ":" + self.get_unihash(tid) + " \\\n")
                 f.write('    "\n')
-            f.write('SIGGEN_LOCKEDSIGS_TYPES_%s = "%s"' % (self.machine, " ".join(l)))
+            f.write('SIGGEN_LOCKEDSIGS_TYPES:%s = "%s"\n' % (self.machine, " ".join(l)))
+            f.write('SIGGEN_UNIHASHMAP += "\\\n')
+            sortedtid = sorted(unihashmap, key=lambda tid: self.lockedpnmap[bb.runqueue.fn_from_tid(tid)])
+            for tid in sortedtid:
+                f.write(unihashmap[tid] + " \\\n")
+            f.write('    "\n')
+
+    def dump_siglist(self, sigfile, path_prefix_strip=None):
+        def strip_fn(fn):
+            nonlocal path_prefix_strip
+            if not path_prefix_strip:
+                return fn
+
+            fn_exp = fn.split(":")
+            if fn_exp[-1].startswith(path_prefix_strip):
+                fn_exp[-1] = fn_exp[-1][len(path_prefix_strip):]
+
+            return ":".join(fn_exp)
 
-    def dump_siglist(self, sigfile):
         with open(sigfile, "w") as f:
             tasks = []
             for taskitem in self.taskhash:
                 (fn, task) = taskitem.rsplit(":", 1)
                 pn = self.lockedpnmap[fn]
-                tasks.append((pn, task, fn, self.taskhash[taskitem]))
+                tasks.append((pn, task, strip_fn(fn), self.taskhash[taskitem]))
             for (pn, task, fn, taskhash) in sorted(tasks):
                 f.write('%s:%s %s %s\n' % (pn, task, fn, taskhash))
 
@@ -262,6 +302,15 @@ class SignatureGeneratorOEBasicHashMixIn(object):
         warn_msgs = []
         error_msgs = []
         sstate_missing_msgs = []
+        info_msgs = None
+
+        if self.lockedsigs:
+            if len(self.lockedsigs) > 10:
+                self.lockedsigs_msgs = "There are %s recipes with locked tasks (%s task(s) have non matching signature)" % (len(self.lockedsigs), self.mismatch_number)
+            else:
+                self.lockedsigs_msgs = "The following recipes have locked tasks:"
+                for pn in self.lockedsigs:
+                    self.lockedsigs_msgs += " %s" % (pn)
 
         for tid in sq_data['hash']:
             if tid not in found:
@@ -274,7 +323,9 @@ class SignatureGeneratorOEBasicHashMixIn(object):
                                                % (pn, taskname, sq_data['hash'][tid]))
 
         checklevel = d.getVar("SIGGEN_LOCKEDSIGS_TASKSIG_CHECK")
-        if checklevel == 'warn':
+        if checklevel == 'info':
+            info_msgs = self.lockedsigs_msgs
+        if checklevel == 'warn' or checklevel == 'info':
             warn_msgs += self.mismatch_msgs
         elif checklevel == 'error':
             error_msgs += self.mismatch_msgs
@@ -285,6 +336,8 @@ class SignatureGeneratorOEBasicHashMixIn(object):
         elif checklevel == 'error':
             error_msgs += sstate_missing_msgs
 
+        if info_msgs:
+            bb.note(info_msgs)
         if warn_msgs:
             bb.warn("\n".join(warn_msgs))
         if error_msgs:
@@ -304,9 +357,20 @@ class SignatureGeneratorOEEquivHash(SignatureGeneratorOEBasicHashMixIn, bb.sigge
         self.method = data.getVar('SSTATE_HASHEQUIV_METHOD')
         if not self.method:
             bb.fatal("OEEquivHash requires SSTATE_HASHEQUIV_METHOD to be set")
+        self.username = data.getVar("BB_HASHSERVE_USERNAME")
+        self.password = data.getVar("BB_HASHSERVE_PASSWORD")
+        if not self.username or not self.password:
+            try:
+                n = netrc.netrc()
+                auth = n.authenticators(self.server)
+                if auth is not None:
+                    self.username, _, self.password = auth
+            except FileNotFoundError:
+                pass
+            except netrc.NetrcParseError as e:
+                bb.warn("Error parsing %s:%s: %s" % (e.filename, str(e.lineno), e.msg))
 
 # Insert these classes into siggen's namespace so it can see and select them
-bb.siggen.SignatureGeneratorOEBasic = SignatureGeneratorOEBasic
 bb.siggen.SignatureGeneratorOEBasicHash = SignatureGeneratorOEBasicHash
 bb.siggen.SignatureGeneratorOEEquivHash = SignatureGeneratorOEEquivHash
 
@@ -320,14 +384,14 @@ def find_siginfo(pn, taskname, taskhashlist, d):
     if not taskname:
         # We have to derive pn and taskname
         key = pn
-        splitit = key.split('.bb:')
-        taskname = splitit[1]
-        pn = os.path.basename(splitit[0]).split('_')[0]
-        if key.startswith('virtual:native:'):
-            pn = pn + '-native'
+        if key.startswith("mc:"):
+           # mc:<mc>:<pn>:<task>
+           _, _, pn, taskname = key.split(':', 3)
+        else:
+           # <pn>:<task>
+           pn, taskname = key.split(':', 1)
 
     hashfiles = {}
-    filedates = {}
 
     def get_hashval(siginfo):
         if siginfo.endswith('.siginfo'):
@@ -335,6 +399,15 @@ def find_siginfo(pn, taskname, taskhashlist, d):
         else:
             return siginfo.rpartition('.')[2]
 
+    def get_time(fullpath):
+        # NFS can end up in a weird state where the file exists but has no stat info.
+        # If that happens, we assume it doesn't acutally exist and show a warning
+        try:
+            return os.stat(fullpath).st_mtime
+        except FileNotFoundError:
+            bb.warn("Could not obtain mtime for {}".format(fullpath))
+            return None
+
     # First search in stamps dir
     localdata = d.createCopy()
     localdata.setVar('MULTIMACH_TARGET_SYS', '*')
@@ -346,28 +419,32 @@ def find_siginfo(pn, taskname, taskhashlist, d):
     if pn.startswith("gcc-source"):
         # gcc-source shared workdir is a special case :(
         stamp = localdata.expand("${STAMPS_DIR}/work-shared/gcc-${PV}-${PR}")
+    elif pn.startswith("llvm-project-source"):
+        # llvm-project-source shared workdir is also a special case :*(
+        stamp = localdata.expand("${STAMPS_DIR}/work-shared/llvm-project-source-${PV}-${PR}")
 
     filespec = '%s.%s.sigdata.*' % (stamp, taskname)
     foundall = False
     import glob
+    bb.debug(1, "Calling glob.glob on {}".format(filespec))
     for fullpath in glob.glob(filespec):
         match = False
         if taskhashlist:
             for taskhash in taskhashlist:
                 if fullpath.endswith('.%s' % taskhash):
-                    hashfiles[taskhash] = fullpath
+                    mtime = get_time(fullpath)
+                    if mtime:
+                        hashfiles[taskhash] = {'path':fullpath, 'sstate':False, 'time':mtime}
                     if len(hashfiles) == len(taskhashlist):
                         foundall = True
                         break
         else:
-            try:
-                filedates[fullpath] = os.stat(fullpath).st_mtime
-            except OSError:
-                continue
             hashval = get_hashval(fullpath)
-            hashfiles[hashval] = fullpath
+            mtime = get_time(fullpath)
+            if mtime:
+                hashfiles[hashval] = {'path':fullpath, 'sstate':False, 'time':mtime}
 
-    if not taskhashlist or (len(filedates) < 2 and not foundall):
+    if not taskhashlist or (len(hashfiles) < 2 and not foundall):
         # That didn't work, look in sstate-cache
         hashes = taskhashlist or ['?' * 64]
         localdata = bb.data.createCopy(d)
@@ -376,35 +453,34 @@ def find_siginfo(pn, taskname, taskhashlist, d):
             localdata.setVar('TARGET_VENDOR', '*')
             localdata.setVar('TARGET_OS', '*')
             localdata.setVar('PN', pn)
+            # gcc-source is a special case, same as with local stamps above
+            if pn.startswith("gcc-source"):
+                localdata.setVar('PN', "gcc")
             localdata.setVar('PV', '*')
             localdata.setVar('PR', '*')
             localdata.setVar('BB_TASKHASH', hashval)
+            localdata.setVar('SSTATE_CURRTASK', taskname[3:])
             swspec = localdata.getVar('SSTATE_SWSPEC')
             if taskname in ['do_fetch', 'do_unpack', 'do_patch', 'do_populate_lic', 'do_preconfigure'] and swspec:
                 localdata.setVar('SSTATE_PKGSPEC', '${SSTATE_SWSPEC}')
             elif pn.endswith('-native') or "-cross-" in pn or "-crosssdk-" in pn:
                 localdata.setVar('SSTATE_EXTRAPATH', "${NATIVELSBSTRING}/")
-            sstatename = taskname[3:]
-            filespec = '%s_%s.*.siginfo' % (localdata.getVar('SSTATE_PKG'), sstatename)
+            filespec = '%s.siginfo' % localdata.getVar('SSTATE_PKG')
 
+            bb.debug(1, "Calling glob.glob on {}".format(filespec))
             matchedfiles = glob.glob(filespec)
             for fullpath in matchedfiles:
                 actual_hashval = get_hashval(fullpath)
                 if actual_hashval in hashfiles:
                     continue
-                hashfiles[hashval] = fullpath
-                if not taskhashlist:
-                    try:
-                        filedates[fullpath] = os.stat(fullpath).st_mtime
-                    except:
-                        continue
+                mtime = get_time(fullpath)
+                if mtime:
+                    hashfiles[actual_hashval] = {'path':fullpath, 'sstate':True, 'time':mtime}
 
-    if taskhashlist:
-        return hashfiles
-    else:
-        return filedates
+    return hashfiles
 
 bb.siggen.find_siginfo = find_siginfo
+bb.siggen.find_siginfo_version = 2
 
 
 def sstate_get_manifest_filename(task, d):
@@ -418,6 +494,7 @@ def sstate_get_manifest_filename(task, d):
         d2.setVar("SSTATE_MANMACH", extrainf)
     return (d2.expand("${SSTATE_MANFILEPREFIX}.%s" % task), d2)
 
+@bb.parse.vardepsexclude("BBEXTENDCURR", "BBEXTENDVARIANT", "OVERRIDES", "PACKAGE_EXTRA_ARCHS")
 def find_sstate_manifest(taskdata, taskdata2, taskname, d, multilibcache):
     d2 = d
     variant = ''
@@ -440,7 +517,7 @@ def find_sstate_manifest(taskdata, taskdata2, taskname, d, multilibcache):
     elif "-cross-canadian" in taskdata:
         pkgarchs = ["${SDK_ARCH}_${SDK_ARCH}-${SDKPKGSUFFIX}"]
     elif "-cross-" in taskdata:
-        pkgarchs = ["${BUILD_ARCH}_${TARGET_ARCH}"]
+        pkgarchs = ["${BUILD_ARCH}"]
     elif "-crosssdk" in taskdata:
         pkgarchs = ["${BUILD_ARCH}_${SDK_ARCH}_${SDK_OS}"]
     else:
@@ -449,11 +526,15 @@ def find_sstate_manifest(taskdata, taskdata2, taskname, d, multilibcache):
         pkgarchs.append('allarch')
         pkgarchs.append('${SDK_ARCH}_${SDK_ARCH}-${SDKPKGSUFFIX}')
 
+    searched_manifests = []
+
     for pkgarch in pkgarchs:
         manifest = d2.expand("${SSTATE_MANIFESTS}/manifest-%s-%s.%s" % (pkgarch, taskdata, taskname))
         if os.path.exists(manifest):
             return manifest, d2
-    bb.error("Manifest %s not found in %s (variant '%s')?" % (manifest, d2.expand(" ".join(pkgarchs)), variant))
+        searched_manifests.append(manifest)
+    bb.fatal("The sstate manifest for task '%s:%s' (multilib variant '%s') could not be found.\nThe pkgarchs considered were: %s.\nBut none of these manifests exists:\n    %s"
+            % (taskdata, taskname, variant, d2.expand(", ".join(pkgarchs)),"\n    ".join(searched_manifests)))
     return None, d2
 
 def OEOuthashBasic(path, sigfile, task, d):
@@ -467,6 +548,8 @@ def OEOuthashBasic(path, sigfile, task, d):
     import stat
     import pwd
     import grp
+    import re
+    import fnmatch
 
     def update_hash(s):
         s = s.encode('utf-8')
@@ -476,20 +559,38 @@ def OEOuthashBasic(path, sigfile, task, d):
 
     h = hashlib.sha256()
     prev_dir = os.getcwd()
+    corebase = d.getVar("COREBASE")
+    tmpdir = d.getVar("TMPDIR")
     include_owners = os.environ.get('PSEUDO_DISABLED') == '0'
     if "package_write_" in task or task == "package_qa":
         include_owners = False
     include_timestamps = False
+    include_root = True
     if task == "package":
-        include_timestamps = d.getVar('BUILD_REPRODUCIBLE_BINARIES') == '1'
-    extra_content = d.getVar('HASHEQUIV_HASH_VERSION')
+        include_timestamps = True
+        include_root = False
+        source_date_epoch = float(d.getVar("SOURCE_DATE_EPOCH"))
+    hash_version = d.getVar('HASHEQUIV_HASH_VERSION')
+    extra_sigdata = d.getVar("HASHEQUIV_EXTRA_SIGDATA")
+
+    filemaps = {}
+    for m in (d.getVar('SSTATE_HASHEQUIV_FILEMAP') or '').split():
+        entry = m.split(":")
+        if len(entry) != 3 or entry[0] != task:
+            continue
+        filemaps.setdefault(entry[1], [])
+        filemaps[entry[1]].append(entry[2])
 
     try:
         os.chdir(path)
+        basepath = os.path.normpath(path)
 
         update_hash("OEOuthashBasic\n")
-        if extra_content:
-            update_hash(extra_content + "\n")
+        if hash_version:
+            update_hash(hash_version + "\n")
+
+        if extra_sigdata:
+            update_hash(extra_sigdata + "\n")
 
         # It is only currently useful to get equivalent hashes for things that
         # can be restored from sstate. Since the sstate object is named using
@@ -534,32 +635,37 @@ def OEOuthashBasic(path, sigfile, task, d):
                 else:
                     add_perm(stat.S_IXUSR, 'x')
 
-                add_perm(stat.S_IRGRP, 'r')
-                add_perm(stat.S_IWGRP, 'w')
-                if stat.S_ISGID & s.st_mode:
-                    add_perm(stat.S_IXGRP, 's', 'S')
-                else:
-                    add_perm(stat.S_IXGRP, 'x')
+                if include_owners:
+                    # Group/other permissions are only relevant in pseudo context
+                    add_perm(stat.S_IRGRP, 'r')
+                    add_perm(stat.S_IWGRP, 'w')
+                    if stat.S_ISGID & s.st_mode:
+                        add_perm(stat.S_IXGRP, 's', 'S')
+                    else:
+                        add_perm(stat.S_IXGRP, 'x')
 
-                add_perm(stat.S_IROTH, 'r')
-                add_perm(stat.S_IWOTH, 'w')
-                if stat.S_ISVTX & s.st_mode:
-                    update_hash('t')
-                else:
-                    add_perm(stat.S_IXOTH, 'x')
+                    add_perm(stat.S_IROTH, 'r')
+                    add_perm(stat.S_IWOTH, 'w')
+                    if stat.S_ISVTX & s.st_mode:
+                        update_hash('t')
+                    else:
+                        add_perm(stat.S_IXOTH, 'x')
 
-                if include_owners:
                     try:
                         update_hash(" %10s" % pwd.getpwuid(s.st_uid).pw_name)
                         update_hash(" %10s" % grp.getgrgid(s.st_gid).gr_name)
                     except KeyError as e:
-                        bb.warn("KeyError in %s" % path)
                         msg = ("KeyError: %s\nPath %s is owned by uid %d, gid %d, which doesn't match "
-                            "any user/group on target. This may be due to host contamination." % (e, path, s.st_uid, s.st_gid))
+                            "any user/group on target. This may be due to host contamination." %
+                            (e, os.path.abspath(path), s.st_uid, s.st_gid))
                         raise Exception(msg).with_traceback(e.__traceback__)
 
                 if include_timestamps:
-                    update_hash(" %10d" % s.st_mtime)
+                    # Need to clamp to SOURCE_DATE_EPOCH
+                    if s.st_mtime > source_date_epoch:
+                        update_hash(" %10d" % source_date_epoch)
+                    else:
+                        update_hash(" %10d" % s.st_mtime)
 
                 update_hash(" ")
                 if stat.S_ISBLK(s.st_mode) or stat.S_ISCHR(s.st_mode):
@@ -567,8 +673,13 @@ def OEOuthashBasic(path, sigfile, task, d):
                 else:
                     update_hash(" " * 9)
 
+                filterfile = False
+                for entry in filemaps:
+                    if fnmatch.fnmatch(path, entry):
+                        filterfile = True
+
                 update_hash(" ")
-                if stat.S_ISREG(s.st_mode):
+                if stat.S_ISREG(s.st_mode) and not filterfile:
                     update_hash("%10d" % s.st_size)
                 else:
                     update_hash(" " * 10)
@@ -577,9 +688,24 @@ def OEOuthashBasic(path, sigfile, task, d):
                 fh = hashlib.sha256()
                 if stat.S_ISREG(s.st_mode):
                     # Hash file contents
-                    with open(path, 'rb') as d:
-                        for chunk in iter(lambda: d.read(4096), b""):
+                    if filterfile:
+                        # Need to ignore paths in crossscripts and postinst-useradd files.
+                        with open(path, 'rb') as d:
+                            chunk = d.read()
+                            chunk = chunk.replace(bytes(basepath, encoding='utf8'), b'')
+                            for entry in filemaps:
+                                if not fnmatch.fnmatch(path, entry):
+                                    continue
+                                for r in filemaps[entry]:
+                                    if r.startswith("regex-"):
+                                        chunk = re.sub(bytes(r[6:], encoding='utf8'), b'', chunk)
+                                    else:
+                                        chunk = chunk.replace(bytes(r, encoding='utf8'), b'')
                             fh.update(chunk)
+                    else:
+                        with open(path, 'rb') as d:
+                            for chunk in iter(lambda: d.read(4096), b""):
+                                fh.update(chunk)
                     update_hash(fh.hexdigest())
                 else:
                     update_hash(" " * len(fh.hexdigest()))
@@ -592,11 +718,16 @@ def OEOuthashBasic(path, sigfile, task, d):
                 update_hash("\n")
 
             # Process this directory and all its child files
-            process(root)
+            if include_root or root != ".":
+                process(root)
             for f in files:
                 if f == 'fixmepath':
                     continue
                 process(os.path.join(root, f))
+
+            for dir in dirs:
+                if os.path.islink(os.path.join(root, dir)):
+                    process(os.path.join(root, dir))
     finally:
         os.chdir(prev_dir)
 
diff --git a/meta/lib/oe/terminal.py b/meta/lib/oe/terminal.py
index 61c2687ef4..4412bc14c1 100644
--- a/meta/lib/oe/terminal.py
+++ b/meta/lib/oe/terminal.py
@@ -1,11 +1,12 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 import logging
 import oe.classutils
 import shlex
 from bb.process import Popen, ExecutionError
-from distutils.version import LooseVersion
 
 logger = logging.getLogger('BitBake.OE.Terminal')
 
@@ -31,9 +32,10 @@ class Registry(oe.classutils.ClassRegistry):
 
 class Terminal(Popen, metaclass=Registry):
     def __init__(self, sh_cmd, title=None, env=None, d=None):
+        from subprocess import STDOUT
         fmt_sh_cmd = self.format_command(sh_cmd, title)
         try:
-            Popen.__init__(self, fmt_sh_cmd, env=env)
+            Popen.__init__(self, fmt_sh_cmd, env=env, stderr=STDOUT)
         except OSError as exc:
             import errno
             if exc.errno == errno.ENOENT:
@@ -86,10 +88,10 @@ class Konsole(XTerminal):
     def __init__(self, sh_cmd, title=None, env=None, d=None):
         # Check version
         vernum = check_terminal_version("konsole")
-        if vernum and LooseVersion(vernum) < '2.0.0':
+        if vernum and bb.utils.vercmp_string_op(vernum, "2.0.0", "<"):
             # Konsole from KDE 3.x
             self.command = 'konsole -T "{title}" -e {command}'
-        elif vernum and LooseVersion(vernum) < '16.08.1':
+        elif vernum and bb.utils.vercmp_string_op(vernum, "16.08.1", "<"):
             # Konsole pre 16.08.01 Has nofork
             self.command = 'konsole --nofork --workdir . -p tabtitle="{title}" -e {command}'
         XTerminal.__init__(self, sh_cmd, title, env, d)
@@ -102,6 +104,10 @@ class Rxvt(XTerminal):
     command = 'rxvt -T "{title}" -e {command}'
     priority = 1
 
+class URxvt(XTerminal):
+    command = 'urxvt -T "{title}" -e {command}'
+    priority = 1
+
 class Screen(Terminal):
     command = 'screen -D -m -t "{title}" -S devshell {command}'
 
@@ -163,7 +169,12 @@ class Tmux(Terminal):
         # devshells, if it's already there, add a new window to it.
         window_name = 'devshell-%i' % os.getpid()
 
-        self.command = 'tmux new -c "{{cwd}}" -d -s {0} -n {0} "{{command}}"'.format(window_name)
+        self.command = 'tmux new -c "{{cwd}}" -d -s {0} -n {0} "{{command}}"'
+        if not check_tmux_version('1.9'):
+            # `tmux new-session -c` was added in 1.9;
+            # older versions fail with that flag
+            self.command = 'tmux new -d -s {0} -n {0} "{{command}}"'
+        self.command = self.command.format(window_name)
         Terminal.__init__(self, sh_cmd, title, env, d)
 
         attach_cmd = 'tmux att -t {0}'.format(window_name)
@@ -253,13 +264,18 @@ def spawn(name, sh_cmd, title=None, env=None, d=None):
         except OSError:
            return
 
+def check_tmux_version(desired):
+    vernum = check_terminal_version("tmux")
+    if vernum and bb.utils.vercmp_string_op(vernum, desired, "<"):
+        return False
+    return vernum
+
 def check_tmux_pane_size(tmux):
     import subprocess as sub
     # On older tmux versions (<1.9), return false. The reason
     # is that there is no easy way to get the height of the active panel
     # on current window without nested formats (available from version 1.9)
-    vernum = check_terminal_version("tmux")
-    if vernum and LooseVersion(vernum) < '1.9':
+    if not check_tmux_version('1.9'):
         return False
     try:
         p = sub.Popen('%s list-panes -F "#{?pane_active,#{pane_height},}"' % tmux,
diff --git a/meta/lib/oe/tune.py b/meta/lib/oe/tune.py
new file mode 100644
index 0000000000..7fda19430d
--- /dev/null
+++ b/meta/lib/oe/tune.py
@@ -0,0 +1,81 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+
+# riscv_isa_to_tune(isa)
+#
+# Automatically translate a RISC-V ISA string to TUNE_FEATURES
+#
+# Abbreviations, such as rv32g -> rv32imaffd_zicsr_zifencei are supported.
+#
+# Profiles, such as rva22u64, are NOT supported, you must use ISA strings.
+#
+def riscv_isa_to_tune(isa):
+    _isa = isa.lower()
+
+    feature = []
+    iter = 0
+
+    # rv or riscv
+    if _isa[iter:].startswith('rv'):
+        feature.append('rv')
+        iter = iter + 2
+    elif _isa[iter:].startswith('riscv'):
+        feature.append('rv')
+        iter = iter + 5
+    else:
+        # Not a risc-v ISA!
+        return _isa
+
+    while (_isa[iter:]):
+        # Skip _ and whitespace
+        if _isa[iter] == '_' or _isa[iter].isspace():
+            iter = iter + 1
+            continue
+
+        # Length, just capture numbers here
+        if _isa[iter].isdigit():
+            iter_end = iter
+            while iter_end < len(_isa) and _isa[iter_end].isdigit():
+                iter_end = iter_end + 1
+
+            feature.append(_isa[iter:iter_end])
+            iter = iter_end
+            continue
+
+        # Typically i, e or g is next, followed by extensions.
+        # Extensions are single character, except for Z, Ss, Sh, Sm, Sv, and X
+
+        # If the extension starts with 'Z', 'S' or 'X' use the name until the next _, whitespace or end
+        if _isa[iter] in ['z', 's', 'x']:
+            ext_type = _isa[iter]
+            iter_end = iter + 1
+
+            # Multicharacter extension, these are supposed to have a _ before the next multicharacter extension
+            # See 37.4 and 37.5:
+            # 37.4: Underscores "_" may be used to separate ISA extensions...
+            # 37.5: All multi-letter extensions ... must be separated from other multi-letter extensions by an underscore...
+            # Some extensions permit only alphabetic characters, while others allow alphanumeric chartacters
+            while iter_end < len(_isa) and _isa[iter_end] != "_" and not _isa[iter_end].isspace():
+                iter_end = iter_end + 1
+
+            feature.append(_isa[iter:iter_end])
+            iter = iter_end
+            continue
+
+        # 'g' is special, it's an abbreviation for imafd_zicsr_zifencei
+        # When expanding the abbreviation, any additional letters must appear before the _z* extensions
+        if _isa[iter] == 'g':
+            _isa = 'imafd' + _isa[iter+1:] + '_zicsr_zifencei'
+            iter = 0
+            continue
+
+        feature.append(_isa[iter])
+        iter = iter + 1
+        continue
+
+    # Eliminate duplicates, but preserve the order
+    feature = list(dict.fromkeys(feature))
+    return ' '.join(feature)
diff --git a/meta/lib/oe/types.py b/meta/lib/oe/types.py
index bbbabafbf6..b929afb1f3 100644
--- a/meta/lib/oe/types.py
+++ b/meta/lib/oe/types.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
diff --git a/meta/lib/oe/useradd.py b/meta/lib/oe/useradd.py
index 8fc77568ff..54aa86feb5 100644
--- a/meta/lib/oe/useradd.py
+++ b/meta/lib/oe/useradd.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 import argparse
@@ -45,7 +47,6 @@ def build_useradd_parser():
     parser.add_argument("-N", "--no-user-group", dest="user_group", help="do not create a group with the same name as the user", action="store_const", const=False)
     parser.add_argument("-o", "--non-unique", help="allow to create users with duplicate (non-unique UID)", action="store_true")
     parser.add_argument("-p", "--password", metavar="PASSWORD", help="encrypted password of the new account")
-    parser.add_argument("-P", "--clear-password", metavar="CLEAR_PASSWORD", help="use this clear password for the new account")
     parser.add_argument("-R", "--root", metavar="CHROOT_DIR", help="directory to chroot into")
     parser.add_argument("-r", "--system", help="create a system account", action="store_true")
     parser.add_argument("-s", "--shell", metavar="SHELL", help="login shell of the new account")
@@ -63,7 +64,6 @@ def build_groupadd_parser():
     parser.add_argument("-K", "--key", metavar="KEY=VALUE", help="override /etc/login.defs defaults")
     parser.add_argument("-o", "--non-unique", help="allow to create groups with duplicate (non-unique) GID", action="store_true")
     parser.add_argument("-p", "--password", metavar="PASSWORD", help="use this encrypted password for the new group")
-    parser.add_argument("-P", "--clear-password", metavar="CLEAR_PASSWORD", help="use this clear password for the new group")
     parser.add_argument("-R", "--root", metavar="CHROOT_DIR", help="directory to chroot into")
     parser.add_argument("-r", "--system", help="create a system account", action="store_true")
     parser.add_argument("GROUP", help="Group name of the new group")
diff --git a/meta/lib/oe/utils.py b/meta/lib/oe/utils.py
index 9a2187e36f..779c5e593f 100644
--- a/meta/lib/oe/utils.py
+++ b/meta/lib/oe/utils.py
@@ -1,10 +1,15 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
 import subprocess
 import multiprocessing
 import traceback
+import errno
+
+import bb.parse
 
 def read_file(filename):
     try:
@@ -221,12 +226,12 @@ def packages_filter_out_system(d):
     PN-dbg PN-doc PN-locale-eb-gb removed.
     """
     pn = d.getVar('PN')
-    blacklist = [pn + suffix for suffix in ('', '-dbg', '-dev', '-doc', '-locale', '-staticdev', '-src')]
+    pkgfilter = [pn + suffix for suffix in ('', '-dbg', '-dev', '-doc', '-locale', '-staticdev', '-src')]
     localepkg = pn + "-locale-"
     pkgs = []
 
     for pkg in d.getVar('PACKAGES').split():
-        if pkg not in blacklist and localepkg not in pkg:
+        if pkg not in pkgfilter and localepkg not in pkg:
             pkgs.append(pkg)
     return pkgs
 
@@ -248,24 +253,32 @@ def trim_version(version, num_parts=2):
     trimmed = ".".join(parts[:num_parts])
     return trimmed
 
-def cpu_count(at_least=1):
+def cpu_count(at_least=1, at_most=64):
     cpus = len(os.sched_getaffinity(0))
-    return max(cpus, at_least)
+    return max(min(cpus, at_most), at_least)
 
 def execute_pre_post_process(d, cmds):
     if cmds is None:
         return
 
-    for cmd in cmds.strip().split(';'):
-        cmd = cmd.strip()
-        if cmd != '':
-            bb.note("Executing %s ..." % cmd)
-            bb.build.exec_func(cmd, d)
+    cmds = cmds.replace(";", " ")
+
+    for cmd in cmds.split():
+        bb.note("Executing %s ..." % cmd)
+        bb.build.exec_func(cmd, d)
+
+@bb.parse.vardepsexclude("BB_NUMBER_THREADS")
+def get_bb_number_threads(d):
+    return int(d.getVar("BB_NUMBER_THREADS") or os.cpu_count() or 1)
+
+def multiprocess_launch(target, items, d, extraargs=None):
+    max_process = get_bb_number_threads(d)
+    return multiprocess_launch_mp(target, items, max_process, extraargs)
 
-# For each item in items, call the function 'target' with item as the first 
+# For each item in items, call the function 'target' with item as the first
 # argument, extraargs as the other arguments and handle any exceptions in the
 # parent thread
-def multiprocess_launch(target, items, d, extraargs=None):
+def multiprocess_launch_mp(target, items, max_process, extraargs=None):
 
     class ProcessLaunch(multiprocessing.Process):
         def __init__(self, *args, **kwargs):
@@ -300,14 +313,15 @@ def multiprocess_launch(target, items, d, extraargs=None):
             self.update()
             return self._result
 
-    max_process = int(d.getVar("BB_NUMBER_THREADS") or os.cpu_count() or 1)
     launched = []
     errors = []
     results = []
     items = list(items)
     while (items and not errors) or launched:
         if not errors and items and len(launched) < max_process:
-            args = (items.pop(),)
+            args = items.pop()
+            if not type(args) is tuple:
+                args = (args,)
             if extraargs is not None:
                 args = args + extraargs
             p = ProcessLaunch(target=target, args=args)
@@ -344,7 +358,29 @@ def squashspaces(string):
     import re
     return re.sub(r"\s+", " ", string).strip()
 
-def format_pkg_list(pkg_dict, ret_format=None):
+def rprovides_map(pkgdata_dir, pkg_dict):
+    # Map file -> pkg provider
+    rprov_map = {}
+
+    for pkg in pkg_dict:
+        path_to_pkgfile = os.path.join(pkgdata_dir, 'runtime-reverse', pkg)
+        if not os.path.isfile(path_to_pkgfile):
+            continue
+        with open(path_to_pkgfile) as f:
+            for line in f:
+                if line.startswith('RPROVIDES') or line.startswith('FILERPROVIDES'):
+                    # List all components provided by pkg.
+                    # Exclude version strings, i.e. those starting with (
+                    provides = [x for x in line.split()[1:] if not x.startswith('(')]
+                    for prov in provides:
+                        if prov in rprov_map:
+                            rprov_map[prov].append(pkg)
+                        else:
+                            rprov_map[prov] = [pkg]
+
+    return rprov_map
+
+def format_pkg_list(pkg_dict, ret_format=None, pkgdata_dir=None):
     output = []
 
     if ret_format == "arch":
@@ -357,9 +393,15 @@ def format_pkg_list(pkg_dict, ret_format=None):
         for pkg in sorted(pkg_dict):
             output.append("%s %s %s" % (pkg, pkg_dict[pkg]["arch"], pkg_dict[pkg]["ver"]))
     elif ret_format == "deps":
+        rprov_map = rprovides_map(pkgdata_dir, pkg_dict)
         for pkg in sorted(pkg_dict):
             for dep in pkg_dict[pkg]["deps"]:
-                output.append("%s|%s" % (pkg, dep))
+                if dep in rprov_map:
+                    # There could be multiple providers within the image
+                    for pkg_provider in rprov_map[dep]:
+                        output.append("%s|%s * %s [RPROVIDES]" % (pkg, pkg_provider, dep))
+                else:
+                    output.append("%s|%s" % (pkg, dep))
     else:
         for pkg in sorted(pkg_dict):
             output.append(pkg)
@@ -373,62 +415,31 @@ def format_pkg_list(pkg_dict, ret_format=None):
     return output_str
 
 
-# Helper function to get the host compiler version
-# Do not assume the compiler is gcc
-def get_host_compiler_version(d, taskcontextonly=False):
+# Helper function to get the host gcc version
+def get_host_gcc_version(d, taskcontextonly=False):
     import re, subprocess
 
     if taskcontextonly and d.getVar('BB_WORKERCONTEXT') != '1':
         return
 
-    compiler = d.getVar("BUILD_CC")
-    # Get rid of ccache since it is not present when parsing.
-    if compiler.startswith('ccache '):
-        compiler = compiler[7:]
     try:
         env = os.environ.copy()
         # datastore PATH does not contain session PATH as set by environment-setup-...
         # this breaks the install-buildtools use-case
         # env["PATH"] = d.getVar("PATH")
-        output = subprocess.check_output("%s --version" % compiler, \
+        output = subprocess.check_output("gcc --version", \
                     shell=True, env=env, stderr=subprocess.STDOUT).decode("utf-8")
     except subprocess.CalledProcessError as e:
-        bb.fatal("Error running %s --version: %s" % (compiler, e.output.decode("utf-8")))
+        bb.fatal("Error running gcc --version: %s" % (e.output.decode("utf-8")))
 
     match = re.match(r".* (\d+\.\d+)\.\d+.*", output.split('\n')[0])
     if not match:
-        bb.fatal("Can't get compiler version from %s --version output" % compiler)
+        bb.fatal("Can't get compiler version from gcc --version output")
 
     version = match.group(1)
-    return compiler, version
-
-
-def host_gcc_version(d, taskcontextonly=False):
-    import re, subprocess
-
-    if taskcontextonly and d.getVar('BB_WORKERCONTEXT') != '1':
-        return
-
-    compiler = d.getVar("BUILD_CC")
-    # Get rid of ccache since it is not present when parsing.
-    if compiler.startswith('ccache '):
-        compiler = compiler[7:]
-    try:
-        env = os.environ.copy()
-        env["PATH"] = d.getVar("PATH")
-        output = subprocess.check_output("%s --version" % compiler, \
-                    shell=True, env=env, stderr=subprocess.STDOUT).decode("utf-8")
-    except subprocess.CalledProcessError as e:
-        bb.fatal("Error running %s --version: %s" % (compiler, e.output.decode("utf-8")))
-
-    match = re.match(r".* (\d+\.\d+)\.\d+.*", output.split('\n')[0])
-    if not match:
-        bb.fatal("Can't get compiler version from %s --version output" % compiler)
-
-    version = match.group(1)
-    return "-%s" % version if version in ("4.8", "4.9") else ""
-
+    return version
 
+@bb.parse.vardepsexclude("DEFAULTTUNE_MULTILIB_ORIGINAL", "OVERRIDES")
 def get_multilib_datastore(variant, d):
     localdata = bb.data.createCopy(d)
     if variant:
@@ -445,94 +456,48 @@ def get_multilib_datastore(variant, d):
         localdata.setVar("MLPREFIX", "")
     return localdata
 
-#
-# Python 2.7 doesn't have threaded pools (just multiprocessing)
-# so implement a version here
-#
-
-from queue import Queue
-from threading import Thread
-
-class ThreadedWorker(Thread):
-    """Thread executing tasks from a given tasks queue"""
-    def __init__(self, tasks, worker_init, worker_end):
-        Thread.__init__(self)
-        self.tasks = tasks
-        self.daemon = True
-
-        self.worker_init = worker_init
-        self.worker_end = worker_end
-
-    def run(self):
-        from queue import Empty
-
-        if self.worker_init is not None:
-            self.worker_init(self)
-
-        while True:
-            try:
-                func, args, kargs = self.tasks.get(block=False)
-            except Empty:
-                if self.worker_end is not None:
-                    self.worker_end(self)
-                break
-
-            try:
-                func(self, *args, **kargs)
-            except Exception as e:
-                print(e)
-            finally:
-                self.tasks.task_done()
-
-class ThreadedPool:
-    """Pool of threads consuming tasks from a queue"""
-    def __init__(self, num_workers, num_tasks, worker_init=None,
-            worker_end=None):
-        self.tasks = Queue(num_tasks)
-        self.workers = []
-
-        for _ in range(num_workers):
-            worker = ThreadedWorker(self.tasks, worker_init, worker_end)
-            self.workers.append(worker)
-
-    def start(self):
-        for worker in self.workers:
-            worker.start()
-
-    def add_task(self, func, *args, **kargs):
-        """Add a task to the queue"""
-        self.tasks.put((func, args, kargs))
-
-    def wait_completion(self):
-        """Wait for completion of all the tasks in the queue"""
-        self.tasks.join()
-        for worker in self.workers:
-            worker.join()
-
-def write_ld_so_conf(d):
-    # Some utils like prelink may not have the correct target library paths
-    # so write an ld.so.conf to help them
-    ldsoconf = d.expand("${STAGING_DIR_TARGET}${sysconfdir}/ld.so.conf")
-    if os.path.exists(ldsoconf):
-        bb.utils.remove(ldsoconf)
-    bb.utils.mkdirhier(os.path.dirname(ldsoconf))
-    with open(ldsoconf, "w") as f:
-        f.write(d.getVar("base_libdir") + '\n')
-        f.write(d.getVar("libdir") + '\n')
-
-class ImageQAFailed(Exception):
-    def __init__(self, description, name=None, logfile=None):
-        self.description = description
-        self.name = name
-        self.logfile=logfile
-
-    def __str__(self):
-        msg = 'Function failed: %s' % self.name
-        if self.description:
-            msg = msg + ' (%s)' % self.description
-
-        return msg
-
 def sh_quote(string):
     import shlex
     return shlex.quote(string)
+
+def directory_size(root, blocksize=4096):
+    """
+    Calculate the size of the directory, taking into account hard links,
+    rounding up every size to multiples of the blocksize.
+    """
+    def roundup(size):
+        """
+        Round the size up to the nearest multiple of the block size.
+        """
+        import math
+        return math.ceil(size / blocksize) * blocksize
+
+    def getsize(filename):
+        """
+        Get the size of the filename, not following symlinks, taking into
+        account hard links.
+        """
+        stat = os.lstat(filename)
+        if stat.st_ino not in inodes:
+            inodes.add(stat.st_ino)
+            return stat.st_size
+        else:
+            return 0
+
+    inodes = set()
+    total = 0
+    for root, dirs, files in os.walk(root):
+        total += sum(roundup(getsize(os.path.join(root, name))) for name in files)
+        total += roundup(getsize(root))
+    return total
+
+# Update the mtime of a file, skip if permission/read-only issues
+def touch(filename):
+    try:
+        os.utime(filename, None)
+    except PermissionError:
+        pass
+    except OSError as e:
+        # Handle read-only file systems gracefully
+        if e.errno != errno.EROFS:
+            raise e
diff --git a/meta/lib/oeqa/buildperf/base.py b/meta/lib/oeqa/buildperf/base.py
index 5f1805d86c..5d656c781a 100644
--- a/meta/lib/oeqa/buildperf/base.py
+++ b/meta/lib/oeqa/buildperf/base.py
@@ -444,7 +444,7 @@ class BuildPerfTestCase(unittest.TestCase):
         buildstats = []
         for fname in os.listdir(bs_dir):
             recipe_dir = os.path.join(bs_dir, fname)
-            if not os.path.isdir(recipe_dir):
+            if not os.path.isdir(recipe_dir) or fname == "reduced_proc_pressure":
                 continue
             name, epoch, version, revision = split_nevr(fname)
             recipe_bs = OrderedDict((('name', name),
diff --git a/meta/lib/oeqa/buildtools-docs/cases/README b/meta/lib/oeqa/buildtools-docs/cases/README
new file mode 100644
index 0000000000..f8edbc7dad
--- /dev/null
+++ b/meta/lib/oeqa/buildtools-docs/cases/README
@@ -0,0 +1,2 @@
+These test cases are used by build-docs-tarball, and are not used by the testsdk
+class.
diff --git a/meta/lib/oeqa/buildtools-docs/cases/build.py b/meta/lib/oeqa/buildtools-docs/cases/build.py
new file mode 100644
index 0000000000..6e3ee94292
--- /dev/null
+++ b/meta/lib/oeqa/buildtools-docs/cases/build.py
@@ -0,0 +1,19 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+import tempfile
+from oeqa.sdk.case import OESDKTestCase
+from oeqa.utils.subprocesstweak import errors_have_output
+errors_have_output()
+
+class BuildTests(OESDKTestCase):
+    """
+    Verify that our docs can build using our docs tools tarball.
+    """
+    def test_docs_build(self):
+        with tempfile.TemporaryDirectory(prefix='docs-tarball-build-', dir=self.tc.sdk_dir) as testdir:
+            self._run('git clone git://git.yoctoproject.org/yocto-docs %s' % testdir)
+            self._run('cd %s/documentation && make html' % testdir)
diff --git a/meta/lib/oeqa/buildtools/cases/README b/meta/lib/oeqa/buildtools/cases/README
new file mode 100644
index 0000000000..d4f20faa9f
--- /dev/null
+++ b/meta/lib/oeqa/buildtools/cases/README
@@ -0,0 +1,2 @@
+These test cases are used by buildtools-tarball, and are not used by the testsdk
+class.
diff --git a/meta/lib/oeqa/buildtools/cases/build.py b/meta/lib/oeqa/buildtools/cases/build.py
new file mode 100644
index 0000000000..c85c32496b
--- /dev/null
+++ b/meta/lib/oeqa/buildtools/cases/build.py
@@ -0,0 +1,32 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+import os, tempfile
+import time
+from oeqa.sdk.case import OESDKTestCase
+from oeqa.utils.subprocesstweak import errors_have_output
+errors_have_output()
+
+class BuildTests(OESDKTestCase):
+    """
+    Verify that bitbake can build virtual/libc inside the buildtools.
+    """
+    def test_libc(self):
+        with tempfile.TemporaryDirectory(prefix='bitbake-build-', dir=self.tc.sdk_dir) as testdir:
+            corebase = self.td['COREBASE']
+
+            self._run('. %s/oe-init-build-env %s' % (corebase, testdir))
+            with open(os.path.join(testdir, 'conf', 'local.conf'), 'ta') as conf:
+                conf.write('\n')
+                conf.write('DL_DIR = "%s"\n' % self.td['DL_DIR'])
+
+            try:
+                self._run('. %s/oe-init-build-env %s && bitbake virtual/libc' % (corebase, testdir))
+            finally:
+                delay = 10
+                while delay and (os.path.exists(testdir + "/bitbake.lock") or os.path.exists(testdir + "/cache/hashserv.db-wal")):
+                    time.sleep(1)
+                    delay = delay - 1
diff --git a/meta/lib/oeqa/buildtools/cases/gcc.py b/meta/lib/oeqa/buildtools/cases/gcc.py
new file mode 100644
index 0000000000..a62c4d0bc4
--- /dev/null
+++ b/meta/lib/oeqa/buildtools/cases/gcc.py
@@ -0,0 +1,31 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+import os.path
+from oeqa.sdk.case import OESDKTestCase
+
+class GccTests(OESDKTestCase):
+    def test_verify_specs(self):
+        """
+        Verify that the compiler has been relocated successfully and isn't
+        looking in the hard-coded prefix.
+        """
+        # Canonicalise the SDK root
+        sdk_base = os.path.realpath(self.tc.sdk_dir)
+        # Canonicalise the location of GCC
+        gcc_path = os.path.realpath(self._run("command -v gcc").strip())
+        # Skip the test if the GCC didn't come from the buildtools, as it only
+        # comes with buildtools-extended-tarball.
+        if os.path.commonprefix((sdk_base, gcc_path)) != sdk_base:
+            self.skipTest("Buildtools does not provide GCC")
+
+        # This is the prefix that GCC is build with, and should be replaced at
+        # installation time.
+        sdkpath = self.td.get("SDKPATH")
+        self.assertTrue(sdkpath)
+
+        for line in self._run('gcc -dumpspecs').splitlines():
+            self.assertNotIn(sdkpath, line)
diff --git a/meta/lib/oeqa/buildtools/cases/https.py b/meta/lib/oeqa/buildtools/cases/https.py
new file mode 100644
index 0000000000..4525e3d758
--- /dev/null
+++ b/meta/lib/oeqa/buildtools/cases/https.py
@@ -0,0 +1,22 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+from oeqa.sdk.case import OESDKTestCase
+from oeqa.utils.subprocesstweak import errors_have_output
+errors_have_output()
+
+class HTTPTests(OESDKTestCase):
+    """
+    Verify that HTTPS certificates are working correctly, as this depends on
+    environment variables being set correctly.
+    """
+
+    def test_wget(self):
+        self._run('env -i wget --debug --output-document /dev/null https://yoctoproject.org/connectivity.html')
+
+    def test_python(self):
+        # urlopen() returns a file-like object on success and throws an exception otherwise
+        self._run('python3 -c \'import urllib.request; urllib.request.urlopen("https://yoctoproject.org/connectivity.html")\'')
diff --git a/meta/lib/oeqa/buildtools/cases/sanity.py b/meta/lib/oeqa/buildtools/cases/sanity.py
new file mode 100644
index 0000000000..a55d456656
--- /dev/null
+++ b/meta/lib/oeqa/buildtools/cases/sanity.py
@@ -0,0 +1,24 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+import shutil
+import os.path
+from oeqa.sdk.case import OESDKTestCase
+
+class SanityTests(OESDKTestCase):
+    def test_tools(self):
+        """
+        Test that wget and tar come from the buildtools, not the host. This
+        verifies that the buildtools have installed correctly. We can't check
+        for gcc as that is only installed by buildtools-extended.
+        """
+        for command in ("tar", "wget"):
+            # Canonicalise the SDK root
+            sdk_base = os.path.realpath(self.tc.sdk_dir)
+            # Canonicalise the location of this command
+            tool_path = os.path.realpath(self._run("command -v %s" % command).strip())
+            # Assert that the tool was found inside the SDK root
+            self.assertEqual(os.path.commonprefix((sdk_base, tool_path)), sdk_base)
diff --git a/meta/lib/oeqa/controllers/__init__.py b/meta/lib/oeqa/controllers/__init__.py
index cc3836c4bf..0fc905be9a 100644
--- a/meta/lib/oeqa/controllers/__init__.py
+++ b/meta/lib/oeqa/controllers/__init__.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 # Enable other layers to have modules in the same named directory
diff --git a/meta/lib/oeqa/controllers/masterimage.py b/meta/lib/oeqa/controllers/controllerimage.py
index 0bf5917e48..78a4aaff87 100644
--- a/meta/lib/oeqa/controllers/masterimage.py
+++ b/meta/lib/oeqa/controllers/controllerimage.py
@@ -3,13 +3,13 @@
 # SPDX-License-Identifier: MIT
 #
 # This module adds support to testimage.bbclass to deploy images and run
-# tests using a "master image" - this is a "known good" image that is
+# tests using a "controller image" - this is a "known good" image that is
 # installed onto the device as part of initial setup and will be booted into
 # with no interaction; we can then use it to deploy the image to be tested
 # to a second partition before running the tests.
 #
-# For an example master image, see core-image-testmaster
-# (meta/recipes-extended/images/core-image-testmaster.bb)
+# For an example controller image, see core-image-testcontroller
+# (meta/recipes-extended/images/core-image-testcontroller.bb)
 
 import os
 import bb
@@ -24,12 +24,12 @@ from oeqa.utils import CommandError
 
 from abc import ABCMeta, abstractmethod
 
-class MasterImageHardwareTarget(oeqa.targetcontrol.BaseTarget, metaclass=ABCMeta):
+class ControllerImageHardwareTarget(oeqa.targetcontrol.BaseTarget, metaclass=ABCMeta):
 
     supported_image_fstypes = ['tar.gz', 'tar.bz2']
 
     def __init__(self, d):
-        super(MasterImageHardwareTarget, self).__init__(d)
+        super(ControllerImageHardwareTarget, self).__init__(d)
 
         # target ip
         addr = d.getVar("TEST_TARGET_IP") or bb.fatal('Please set TEST_TARGET_IP with the IP address of the machine you want to run the tests on.')
@@ -61,8 +61,8 @@ class MasterImageHardwareTarget(oeqa.targetcontrol.BaseTarget, metaclass=ABCMeta
         if not os.path.isfile(self.kernel):
             bb.fatal("No kernel found. Expected path: %s" % self.kernel)
 
-        # master ssh connection
-        self.master = None
+        # controller ssh connection
+        self.controller = None
         # if the user knows what they are doing, then by all means...
         self.user_cmds = d.getVar("TEST_DEPLOY_CMDS")
         self.deploy_cmds = None
@@ -119,19 +119,19 @@ class MasterImageHardwareTarget(oeqa.targetcontrol.BaseTarget, metaclass=ABCMeta
 
     def deploy(self):
         # base class just sets the ssh log file for us
-        super(MasterImageHardwareTarget, self).deploy()
-        self.master = sshcontrol.SSHControl(ip=self.ip, logfile=self.sshlog, timeout=600, port=self.port)
-        status, output = self.master.run("cat /etc/masterimage")
+        super(ControllerImageHardwareTarget, self).deploy()
+        self.controller = sshcontrol.SSHControl(ip=self.ip, logfile=self.sshlog, timeout=600, port=self.port)
+        status, output = self.controller.run("cat /etc/controllerimage")
         if status != 0:
-            # We're not booted into the master image, so try rebooting
-            bb.plain("%s - booting into the master image" % self.pn)
+            # We're not booted into the controller image, so try rebooting
+            bb.plain("%s - booting into the controller image" % self.pn)
             self.power_ctl("cycle")
             self._wait_until_booted()
 
         bb.plain("%s - deploying image on target" % self.pn)
-        status, output = self.master.run("cat /etc/masterimage")
+        status, output = self.controller.run("cat /etc/controllerimage")
         if status != 0:
-            bb.fatal("No ssh connectivity or target isn't running a master image.\n%s" % output)
+            bb.fatal("No ssh connectivity or target isn't running a controller image.\n%s" % output)
         if self.user_cmds:
             self.deploy_cmds = self.user_cmds.split("\n")
         try:
@@ -156,10 +156,10 @@ class MasterImageHardwareTarget(oeqa.targetcontrol.BaseTarget, metaclass=ABCMeta
 
     def stop(self):
         bb.plain("%s - reboot/powercycle target" % self.pn)
-        self.power_cycle(self.master)
+        self.power_cycle(self.controller)
 
 
-class SystemdbootTarget(MasterImageHardwareTarget):
+class SystemdbootTarget(ControllerImageHardwareTarget):
 
     def __init__(self, d):
         super(SystemdbootTarget, self).__init__(d)
@@ -184,16 +184,16 @@ class SystemdbootTarget(MasterImageHardwareTarget):
 
     def _deploy(self):
         # make sure these aren't mounted
-        self.master.run("umount /boot; umount /mnt/testrootfs; umount /sys/firmware/efi/efivars;")
+        self.controller.run("umount /boot; umount /mnt/testrootfs; umount /sys/firmware/efi/efivars;")
         # from now on, every deploy cmd should return 0
         # else an exception will be thrown by sshcontrol
-        self.master.ignore_status = False
-        self.master.copy_to(self.rootfs, "~/test-rootfs." + self.image_fstype)
-        self.master.copy_to(self.kernel, "~/test-kernel")
+        self.controller.ignore_status = False
+        self.controller.copy_to(self.rootfs, "~/test-rootfs." + self.image_fstype)
+        self.controller.copy_to(self.kernel, "~/test-kernel")
         for cmd in self.deploy_cmds:
-            self.master.run(cmd)
+            self.controller.run(cmd)
 
     def _start(self, params=None):
-        self.power_cycle(self.master)
+        self.power_cycle(self.controller)
         # there are better ways than a timeout but this should work for now
         time.sleep(120)
diff --git a/meta/lib/oeqa/controllers/testtargetloader.py b/meta/lib/oeqa/controllers/testtargetloader.py
index 23101c7371..209ff7061a 100644
--- a/meta/lib/oeqa/controllers/testtargetloader.py
+++ b/meta/lib/oeqa/controllers/testtargetloader.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
diff --git a/meta/lib/oeqa/core/case.py b/meta/lib/oeqa/core/case.py
index aae451fef2..ad5524a714 100644
--- a/meta/lib/oeqa/core/case.py
+++ b/meta/lib/oeqa/core/case.py
@@ -5,6 +5,7 @@
 #
 
 import base64
+import os
 import zlib
 import unittest
 
@@ -43,8 +44,13 @@ class OETestCase(unittest.TestCase):
         clss.tearDownClassMethod()
 
     def _oeSetUp(self):
-        for d in self.decorators:
-            d.setUpDecorator()
+        try:
+            for d in self.decorators:
+                d.setUpDecorator()
+        except:
+            for d in self.decorators:
+                d.tearDownDecorator()
+            raise
         self.setUpMethod()
 
     def _oeTearDown(self):
@@ -52,6 +58,13 @@ class OETestCase(unittest.TestCase):
             d.tearDownDecorator()
         self.tearDownMethod()
 
+    def assertFileExists(self, filename, msg=None):
+        """
+        Test that filename exists. If it does not, the test will fail.
+        """
+        if not os.path.exists(filename):
+            self.fail(msg or "%s does not exist" % filename)
+
 class OEPTestResultTestCase:
     """
     Mix-in class to provide functions to make interacting with extraresults for
diff --git a/meta/lib/oeqa/core/context.py b/meta/lib/oeqa/core/context.py
index 2abe353d27..46de9135c1 100644
--- a/meta/lib/oeqa/core/context.py
+++ b/meta/lib/oeqa/core/context.py
@@ -81,7 +81,7 @@ class OETestContext(object):
     def runTests(self, processes=None, skips=[]):
         self.runner = self.runnerClass(self, descriptions=False, verbosity=2)
 
-        # Dinamically skip those tests specified though arguments
+        # Dynamically skip those tests specified though arguments
         self.skipTests(skips)
 
         self._run_start_time = time.time()
@@ -179,9 +179,16 @@ class OETestContextExecutor(object):
         else:
             self.tc_kwargs['init']['td'] = {}
 
+        # Run image specific TEST_SUITE like testimage.bbclass by default
+        test_suites = self.tc_kwargs['init']['td'].get("TEST_SUITES")
+        if test_suites:
+            test_suites = test_suites.split()
+
         if args.run_tests:
             self.tc_kwargs['load']['modules'] = args.run_tests
             self.tc_kwargs['load']['modules_required'] = args.run_tests
+        elif test_suites:
+            self.tc_kwargs['load']['modules'] = test_suites
         else:
             self.tc_kwargs['load']['modules'] = []
 
diff --git a/meta/lib/oeqa/core/decorator/__init__.py b/meta/lib/oeqa/core/decorator/__init__.py
index 1a82518ab6..93efd30e1d 100644
--- a/meta/lib/oeqa/core/decorator/__init__.py
+++ b/meta/lib/oeqa/core/decorator/__init__.py
@@ -5,8 +5,7 @@
 #
 
 from functools import wraps
-from abc import abstractmethod, ABCMeta
-from oeqa.core.utils.misc import strToList
+from abc import ABCMeta
 
 decoratorClasses = set()
 
@@ -65,15 +64,11 @@ class OETestDiscover(OETestDecorator):
         return registry['cases']
 
 def OETestTag(*tags):
-    expandedtags = []
-    for tag in tags:
-        expandedtags += strToList(tag)
     def decorator(item):
         if hasattr(item, "__oeqa_testtags"):
             # do not append, create a new list (to handle classes with inheritance)
-            item.__oeqa_testtags = list(item.__oeqa_testtags) + expandedtags
+            item.__oeqa_testtags = list(item.__oeqa_testtags) + list(tags)
         else:
-            item.__oeqa_testtags = expandedtags
+            item.__oeqa_testtags = tags
         return item
     return decorator
-
diff --git a/meta/lib/oeqa/core/decorator/data.py b/meta/lib/oeqa/core/decorator/data.py
index bc4939e87c..0daf46334f 100644
--- a/meta/lib/oeqa/core/decorator/data.py
+++ b/meta/lib/oeqa/core/decorator/data.py
@@ -13,8 +13,8 @@ def has_feature(td, feature):
         Checks for feature in DISTRO_FEATURES or IMAGE_FEATURES.
     """
 
-    if (feature in td.get('DISTRO_FEATURES', '') or
-        feature in td.get('IMAGE_FEATURES', '')):
+    if (feature in td.get('DISTRO_FEATURES', '').split() or
+        feature in td.get('IMAGE_FEATURES', '').split()):
         return True
     return False
 
@@ -23,18 +23,7 @@ def has_machine(td, machine):
         Checks for MACHINE.
     """
 
-    if (machine in td.get('MACHINE', '')):
-        return True
-    return False
-
-def is_qemu(td, qemu):
-    """
-        Checks if MACHINE is qemu.
-    """
-
-    machine = td.get('MACHINE', '')
-    if (qemu in td.get('MACHINE', '') or
-    machine.startswith('qemu')):
+    if (machine == td.get('MACHINE', '')):
         return True
     return False
 
@@ -189,34 +178,65 @@ class skipIfMachine(OETestDecorator):
 @registerDecorator
 class skipIfNotQemu(OETestDecorator):
     """
-        Skip test based on MACHINE.
-
-        value must be a qemu MACHINE or it will skip the test
-        with msg as the reason.
+    Skip test if MACHINE is not qemu*
     """
+    def setUpDecorator(self):
+        self.logger.debug("Checking if not qemu MACHINE")
+        if not self.case.td.get('MACHINE', '').startswith('qemu'):
+            self.case.skipTest('Test only runs on qemu machines')
 
-    attrs = ('value', 'msg')
-
+@registerDecorator
+class skipIfNotQemuUsermode(OETestDecorator):
+    """
+    Skip test if MACHINE_FEATURES does not contain qemu-usermode
+    """
     def setUpDecorator(self):
-        msg = ('Checking if %s is not this MACHINE' % self.value)
-        self.logger.debug(msg)
-        if not is_qemu(self.case.td, self.value):
-            self.case.skipTest(self.msg)
+        self.logger.debug("Checking if MACHINE_FEATURES does not contain qemu-usermode")
+        if 'qemu-usermode' not in self.case.td.get('MACHINE_FEATURES', '').split():
+            self.case.skipTest('Test requires qemu-usermode in MACHINE_FEATURES')
 
 @registerDecorator
 class skipIfQemu(OETestDecorator):
     """
-        Skip test based on Qemu Machine.
+    Skip test if MACHINE is qemu*
+    """
+    def setUpDecorator(self):
+        self.logger.debug("Checking if qemu MACHINE")
+        if self.case.td.get('MACHINE', '').startswith('qemu'):
+             self.case.skipTest('Test only runs on real hardware')
 
-        value must not be a qemu machine or it will skip the test
-        with msg as the reason.
-   """
+@registerDecorator
+class skipIfArch(OETestDecorator):
+    """
+    Skip test if HOST_ARCH is present in the tuple specified.
+    """
 
-    attrs = ('value', 'msg')
+    attrs = ('archs',)
+    def setUpDecorator(self):
+        arch = self.case.td['HOST_ARCH']
+        if arch in self.archs:
+             self.case.skipTest('Test skipped on %s' % arch)
+
+@registerDecorator
+class skipIfNotArch(OETestDecorator):
+    """
+    Skip test if HOST_ARCH is not present in the tuple specified.
+    """
 
+    attrs = ('archs',)
     def setUpDecorator(self):
-        msg = ('Checking if %s is this MACHINE' % self.value)
-        self.logger.debug(msg)
-        if is_qemu(self.case.td, self.value):
-             self.case.skipTest(self.msg)
+        arch = self.case.td['HOST_ARCH']
+        if arch not in self.archs:
+             self.case.skipTest('Test skipped on %s' % arch)
 
+@registerDecorator
+class skipIfNotBuildArch(OETestDecorator):
+    """
+    Skip test if BUILD_ARCH is not present in the tuple specified.
+    """
+
+    attrs = ('archs',)
+    def setUpDecorator(self):
+        arch = self.case.td['BUILD_ARCH']
+        if arch not in self.archs:
+             self.case.skipTest('Test skipped on %s' % arch)
diff --git a/meta/lib/oeqa/core/decorator/oetimeout.py b/meta/lib/oeqa/core/decorator/oetimeout.py
index df90d1c798..5e6873ad48 100644
--- a/meta/lib/oeqa/core/decorator/oetimeout.py
+++ b/meta/lib/oeqa/core/decorator/oetimeout.py
@@ -24,5 +24,6 @@ class OETimeout(OETestDecorator):
 
     def tearDownDecorator(self):
         signal.alarm(0)
-        signal.signal(signal.SIGALRM, self.alarmSignal)
-        self.logger.debug("Removed SIGALRM handler")
+        if hasattr(self, 'alarmSignal'):
+            signal.signal(signal.SIGALRM, self.alarmSignal)
+            self.logger.debug("Removed SIGALRM handler")
diff --git a/meta/lib/oeqa/core/loader.py b/meta/lib/oeqa/core/loader.py
index 11978213b8..d12d5a055c 100644
--- a/meta/lib/oeqa/core/loader.py
+++ b/meta/lib/oeqa/core/loader.py
@@ -37,7 +37,7 @@ def _find_duplicated_modules(suite, directory):
         if path:
             raise ImportError("Duplicated %s module found in %s" % (module, path))
 
-def _built_modules_dict(modules):
+def _built_modules_dict(modules, logger):
     modules_dict = {}
 
     if modules == None:
@@ -48,6 +48,9 @@ def _built_modules_dict(modules):
         # characters, whereas class names do
         m = re.match(r'^([0-9a-z_.]+)(?:\.(\w[^.]*)(?:\.([^.]+))?)?$', module, flags=re.ASCII)
         if not m:
+            logger.warn("module '%s' was skipped from selected modules, "\
+                "because it doesn't match with module name assumptions: "\
+                "package and module names do not contain upper case characters, whereas class names do" % module)
             continue
 
         module_name, class_name, test_name = m.groups()
@@ -58,6 +61,8 @@ def _built_modules_dict(modules):
             modules_dict[module_name][class_name] = []
         if test_name and test_name not in modules_dict[module_name][class_name]:
             modules_dict[module_name][class_name].append(test_name)
+    if modules and not modules_dict:
+        raise OEQATestNotFound("All selected modules were skipped, this would trigger selftest with all tests and -r ignored.")
 
     return modules_dict
 
@@ -71,7 +76,7 @@ class OETestLoader(unittest.TestLoader):
             *args, **kwargs):
         self.tc = tc
 
-        self.modules = _built_modules_dict(modules)
+        self.modules = _built_modules_dict(modules, tc.logger)
 
         self.tests = tests
         self.modules_required = modules_required
@@ -311,6 +316,9 @@ class OETestLoader(unittest.TestLoader):
                                   module_name_small in self.modules) \
                                else False
 
+        if any(c.isupper() for c in module.__name__):
+            raise SystemExit("Module '%s' contains uppercase characters and this isn't supported. Please fix the module name." % module.__name__)
+
         return (load_module, load_underscore)
 
 
diff --git a/meta/lib/oeqa/core/runner.py b/meta/lib/oeqa/core/runner.py
index d50690ab37..b683d9b80a 100644
--- a/meta/lib/oeqa/core/runner.py
+++ b/meta/lib/oeqa/core/runner.py
@@ -44,6 +44,7 @@ class OETestResult(_TestResult):
         self.endtime = {}
         self.progressinfo = {}
         self.extraresults = {}
+        self.shownmsg = []
 
         # Inject into tc so that TestDepends decorator can see results
         tc.results = self
@@ -74,6 +75,7 @@ class OETestResult(_TestResult):
             for (scase, msg) in getattr(self, t):
                 if test.id() == scase.id():
                     self.tc.logger.info(str(msg))
+                    self.shownmsg.append(test.id())
                     break
 
     def logSummary(self, component, context_msg=''):
@@ -169,7 +171,6 @@ class OETestResult(_TestResult):
 
     def logDetails(self, json_file_dir=None, configuration=None, result_id=None,
             dump_streams=False):
-        self.tc.logger.info("RESULTS:")
 
         result = self.extraresults
         logs = {}
@@ -193,6 +194,10 @@ class OETestResult(_TestResult):
             report = {'status': status}
             if log:
                 report['log'] = log
+                # Class setup failures wouldn't enter stopTest so would never display
+                if case.id() not in self.shownmsg:
+                    self.tc.logger.info("Failure (%s) for %s:\n" % (status, case.id()) + log)
+
             if duration:
                 report['duration'] = duration
 
@@ -215,6 +220,7 @@ class OETestResult(_TestResult):
                 report['stderr'] = stderr
             result[case.id()] = report
 
+        self.tc.logger.info("RESULTS:")
         for i in ['PASSED', 'SKIPPED', 'EXPECTEDFAIL', 'ERROR', 'FAILED', 'UNKNOWN']:
             if i not in logs:
                 continue
@@ -229,6 +235,10 @@ class OETestResult(_TestResult):
         # Override as we unexpected successes aren't failures for us
         return (len(self.failures) == len(self.errors) == 0)
 
+    def hasAnyFailingTest(self):
+        # Account for expected failures
+        return not self.wasSuccessful() or len(self.expectedFailures)
+
 class OEListTestsResult(object):
     def wasSuccessful(self):
         return True
@@ -347,7 +357,7 @@ class OETestResultJSONHelper(object):
             os.makedirs(write_dir, exist_ok=True)
         test_results = self._get_existing_testresults_if_available(write_dir)
         test_results[result_id] = {'configuration': configuration, 'result': test_result}
-        json_testresults = json.dumps(test_results, sort_keys=True, indent=4)
+        json_testresults = json.dumps(test_results, sort_keys=True, indent=1)
         self._write_file(write_dir, self.testresult_filename, json_testresults)
         if has_bb:
             bb.utils.unlockfile(lf)
diff --git a/meta/lib/oeqa/core/target/__init__.py b/meta/lib/oeqa/core/target/__init__.py
index 1382aa9b52..177f648fe3 100644
--- a/meta/lib/oeqa/core/target/__init__.py
+++ b/meta/lib/oeqa/core/target/__init__.py
@@ -10,6 +10,7 @@ class OETarget(object):
 
     def __init__(self, logger, *args, **kwargs):
         self.logger = logger
+        self.runner = None
 
     @abstractmethod
     def start(self):
diff --git a/meta/lib/oeqa/core/target/qemu.py b/meta/lib/oeqa/core/target/qemu.py
index 0f29414df5..d93b3ac94a 100644
--- a/meta/lib/oeqa/core/target/qemu.py
+++ b/meta/lib/oeqa/core/target/qemu.py
@@ -8,20 +8,21 @@ import os
 import sys
 import signal
 import time
+import glob
+import subprocess
 from collections import defaultdict
 
 from .ssh import OESSHTarget
 from oeqa.utils.qemurunner import QemuRunner
-from oeqa.utils.dump import TargetDumper
 
 supported_fstypes = ['ext3', 'ext4', 'cpio.gz', 'wic']
 
 class OEQemuTarget(OESSHTarget):
     def __init__(self, logger, server_ip, timeout=300, user='root',
             port=None, machine='', rootfs='', kernel='', kvm=False, slirp=False,
-            dump_dir='', dump_host_cmds='', display='', bootlog='',
+            dump_dir='', display='', bootlog='',
             tmpdir='', dir_image='', boottime=60, serial_ports=2,
-            boot_patterns = defaultdict(str), ovmf=False, **kwargs):
+            boot_patterns = defaultdict(str), ovmf=False, tmpfsdir=None, **kwargs):
 
         super(OEQemuTarget, self).__init__(logger, None, server_ip, timeout,
                 user, port)
@@ -35,17 +36,15 @@ class OEQemuTarget(OESSHTarget):
         self.ovmf = ovmf
         self.use_slirp = slirp
         self.boot_patterns = boot_patterns
+        self.dump_dir = dump_dir
+        self.bootlog = bootlog
 
         self.runner = QemuRunner(machine=machine, rootfs=rootfs, tmpdir=tmpdir,
                                  deploy_dir_image=dir_image, display=display,
                                  logfile=bootlog, boottime=boottime,
-                                 use_kvm=kvm, use_slirp=slirp, dump_dir=dump_dir,
-                                 dump_host_cmds=dump_host_cmds, logger=logger,
+                                 use_kvm=kvm, use_slirp=slirp, dump_dir=dump_dir, logger=logger,
                                  serial_ports=serial_ports, boot_patterns = boot_patterns, 
-                                 use_ovmf=ovmf)
-        dump_target_cmds = kwargs.get("testimage_dump_target")
-        self.target_dumper = TargetDumper(dump_target_cmds, dump_dir, self.runner)
-        self.target_dumper.create_dir("qemu")
+                                 use_ovmf=ovmf, tmpfsdir=tmpfsdir)
 
     def start(self, params=None, extra_bootparams=None, runqemuparams=''):
         if self.use_slirp and not self.server_ip:
@@ -68,7 +67,28 @@ class OEQemuTarget(OESSHTarget):
                 self.server_ip = self.runner.server_ip
         else:
             self.stop()
-            raise RuntimeError("FAILED to start qemu - check the task log and the boot log")
+            # Display the first 20 lines of top and
+            # last 20 lines of the bootlog when the
+            # target is not being booted up.
+            topfile = glob.glob(self.dump_dir + "/*_qemu/host_*_top")
+            msg = "\n\n===== start: snippet =====\n\n"
+            for f in topfile:
+                msg += "file: %s\n\n" % f
+                with open(f) as tf:
+                    for x in range(20):
+                        msg += next(tf)
+            msg += "\n\n===== end: snippet =====\n\n"
+            blcmd = ["tail", "-20", self.bootlog]
+            msg += "===== start: snippet =====\n\n"
+            try:
+                out = subprocess.check_output(blcmd, stderr=subprocess.STDOUT, timeout=1).decode('utf-8')
+                msg += "file: %s\n\n" % self.bootlog
+                msg += out
+            except (subprocess.CalledProcessError, subprocess.TimeoutExpired, FileNotFoundError) as err:
+                msg += "Error running command: %s\n%s\n" % (blcmd, err)
+            msg += "\n\n===== end: snippet =====\n"
+
+            raise RuntimeError("FAILED to start qemu - check the task log and the boot log %s" % (msg))
 
     def stop(self):
         self.runner.stop()
diff --git a/meta/lib/oeqa/core/target/serial.py b/meta/lib/oeqa/core/target/serial.py
new file mode 100644
index 0000000000..7c2cd8b248
--- /dev/null
+++ b/meta/lib/oeqa/core/target/serial.py
@@ -0,0 +1,315 @@
+#
+# SPDX-License-Identifier: MIT
+#
+
+import base64
+import logging
+import os
+from threading import Lock
+from . import OETarget
+
+class OESerialTarget(OETarget):
+
+    def __init__(self, logger, target_ip, server_ip, server_port=0,
+                 timeout=300, serialcontrol_cmd=None, serialcontrol_extra_args=None,
+                 serialcontrol_ps1=None, serialcontrol_connect_timeout=None, 
+                 machine=None, **kwargs):
+        if not logger:
+            logger = logging.getLogger('target')
+            logger.setLevel(logging.INFO)
+            filePath = os.path.join(os.getcwd(), 'remoteTarget.log')
+            fileHandler = logging.FileHandler(filePath, 'w', 'utf-8')
+            formatter = logging.Formatter(
+                        '%(asctime)s.%(msecs)03d %(levelname)s: %(message)s',
+                        '%H:%M:%S')
+            fileHandler.setFormatter(formatter)
+            logger.addHandler(fileHandler)
+
+        super(OESerialTarget, self).__init__(logger)
+
+        if serialcontrol_ps1:
+            self.target_ps1 = serialcontrol_ps1
+        elif machine:
+            # fallback to a default value which assumes root@machine
+            self.target_ps1 = f'root@{machine}:.*# '
+        else:
+            raise ValueError("Unable to determine shell command prompt (PS1) format.")
+
+        if not serialcontrol_cmd:
+            raise ValueError("Unable to determine serial control command.")
+
+        if serialcontrol_extra_args:
+            self.connection_script = f'{serialcontrol_cmd} {serialcontrol_extra_args}'
+        else:
+            self.connection_script = serialcontrol_cmd
+
+        if serialcontrol_connect_timeout:
+            self.connect_timeout = serialcontrol_connect_timeout
+        else:
+            self.connect_timeout = 10 # default to 10s connection timeout
+
+        self.default_command_timeout = timeout
+        self.ip = target_ip
+        self.server_ip = server_ip
+        self.server_port = server_port 
+        self.conn = None
+        self.mutex = Lock()
+
+    def start(self, **kwargs):
+        pass
+
+    def stop(self, **kwargs):
+        pass
+
+    def get_connection(self):
+        if self.conn is None:
+            self.conn = SerialConnection(self.connection_script,
+                                         self.target_ps1,
+                                         self.connect_timeout,
+                                         self.default_command_timeout)
+
+        return self.conn
+
+    def run(self, cmd, timeout=None):
+        """
+            Runs command on target over the provided serial connection.
+            The first call will open the connection, and subsequent
+            calls will re-use the same connection to send new commands.
+
+            command:    Command to run on target.
+            timeout:    <value>:    Kill command after <val> seconds.
+                        None:       Kill command default value seconds.
+                        0:          No timeout, runs until return.
+        """
+        # Lock needed to avoid multiple threads running commands concurrently
+        # A serial connection can only be used by one caller at a time
+        with self.mutex:
+            conn = self.get_connection()
+
+            self.logger.debug(f"[Running]$ {cmd}")
+            # Run the command, then echo $? to get the command's return code
+            try:
+                output = conn.run_command(cmd, timeout)
+                status = conn.run_command("echo $?")
+                self.logger.debug(f"   [stdout]: {output}")
+                self.logger.debug(f"   [ret code]: {status}\n\n")
+            except SerialTimeoutException as e:
+                self.logger.debug(e)
+                output = ""
+                status = 255
+
+            # Return to $HOME after each command to simulate a stateless SSH connection
+            conn.run_command('cd "$HOME"')
+
+        return (int(status), output)
+
+    def copyTo(self, localSrc, remoteDst):
+        """
+            Copies files by converting them to base 32, then transferring
+            the ASCII text to the target, and decoding it in place on the
+            target.
+
+            On a 115k baud serial connection, this method transfers at
+            roughly 30kbps.
+        """
+        with open(localSrc, 'rb') as file:
+            data = file.read()
+
+        b32 = base64.b32encode(data).decode('utf-8')
+
+        # To avoid shell line limits, send a chunk at a time
+        SPLIT_LEN = 512 
+        lines = [b32[i:i+SPLIT_LEN] for i in range(0, len(b32), SPLIT_LEN)]
+
+        with self.mutex:
+            conn = self.get_connection()
+
+            filename = os.path.basename(localSrc)
+            TEMP = f'/tmp/{filename}.b32'
+
+            # Create or empty out the temp file
+            conn.run_command(f'echo -n "" > {TEMP}')
+
+            for line in lines:
+                conn.run_command(f'echo -n {line} >> {TEMP}')
+
+            # Check to see whether the remoteDst is a directory
+            is_directory = conn.run_command(f'[[ -d {remoteDst} ]]; echo $?')
+            if int(is_directory) == 0:
+                # append the localSrc filename to the end of remoteDst
+                remoteDst = os.path.join(remoteDst, filename)
+
+            conn.run_command(f'base32 -d {TEMP} > {remoteDst}')
+            conn.run_command(f'rm {TEMP}')
+
+        return 0, 'Success'
+
+    def copyFrom(self, remoteSrc, localDst):
+        """
+            Copies files by converting them to base 32 on the target, then
+            transferring the ASCII text to the host. That text is then
+            decoded here and written out to the destination.
+
+            On a 115k baud serial connection, this method transfers at
+            roughly 30kbps.
+        """
+        with self.mutex:
+            b32 = self.get_connection().run_command(f'base32 {remoteSrc}')
+
+            data = base64.b32decode(b32.replace('\r\n', ''))
+
+            # If the local path is a directory, get the filename from
+            # the remoteSrc path and append it to localDst
+            if os.path.isdir(localDst):
+                filename = os.path.basename(remoteSrc)
+                localDst = os.path.join(localDst, filename)
+
+            with open(localDst, 'wb') as file:
+                file.write(data)
+
+        return 0, 'Success'
+
+    def copyDirTo(self, localSrc, remoteDst):
+        """
+            Copy recursively localSrc directory to remoteDst in target.
+        """
+
+        for root, dirs, files in os.walk(localSrc):
+            # Create directories in the target as needed
+            for d in dirs:
+                tmpDir = os.path.join(root, d).replace(localSrc, "")
+                newDir = os.path.join(remoteDst, tmpDir.lstrip("/"))
+                cmd = "mkdir -p %s" % newDir
+                self.run(cmd)
+
+            # Copy files into the target
+            for f in files:
+                tmpFile = os.path.join(root, f).replace(localSrc, "")
+                dstFile = os.path.join(remoteDst, tmpFile.lstrip("/"))
+                srcFile = os.path.join(root, f)
+                self.copyTo(srcFile, dstFile)
+
+    def deleteFiles(self, remotePath, files):
+        """
+            Deletes files in target's remotePath.
+        """
+
+        cmd = "rm"
+        if not isinstance(files, list):
+            files = [files]
+
+        for f in files:
+            cmd = "%s %s" % (cmd, os.path.join(remotePath, f))
+
+        self.run(cmd)
+
+    def deleteDir(self, remotePath):
+        """
+            Deletes target's remotePath directory.
+        """
+
+        cmd = "rmdir %s" % remotePath
+        self.run(cmd)
+
+    def deleteDirStructure(self, localPath, remotePath):
+        """
+        Delete recursively localPath structure directory in target's remotePath.
+
+        This function is useful to delete a package that is installed in the
+        device under test (DUT) and the host running the test has such package
+        extracted in tmp directory.
+
+        Example:
+            pwd: /home/user/tmp
+            tree:   .
+                    └── work
+                        ├── dir1
+                        │   └── file1
+                        └── dir2
+
+            localpath = "/home/user/tmp" and remotepath = "/home/user"
+
+            With the above variables this function will try to delete the
+            directory in the DUT in this order:
+                /home/user/work/dir1/file1
+                /home/user/work/dir1        (if dir is empty)
+                /home/user/work/dir2        (if dir is empty)
+                /home/user/work             (if dir is empty)
+        """
+
+        for root, dirs, files in os.walk(localPath, topdown=False):
+            # Delete files first
+            tmpDir = os.path.join(root).replace(localPath, "")
+            remoteDir = os.path.join(remotePath, tmpDir.lstrip("/"))
+            self.deleteFiles(remoteDir, files)
+
+            # Remove dirs if empty
+            for d in dirs:
+                tmpDir = os.path.join(root, d).replace(localPath, "")
+                remoteDir = os.path.join(remotePath, tmpDir.lstrip("/"))
+                self.deleteDir(remoteDir)
+
+class SerialTimeoutException(Exception):
+    def __init__(self, msg):
+        self.msg = msg
+    def __str__(self):
+        return self.msg
+
+class SerialConnection:
+
+    def __init__(self, script, target_prompt, connect_timeout, default_command_timeout):
+        import pexpect # limiting scope to avoid build dependency
+        self.prompt = target_prompt
+        self.connect_timeout = connect_timeout
+        self.default_command_timeout = default_command_timeout
+        self.conn = pexpect.spawn('/bin/bash', ['-c', script], encoding='utf8')
+        self._seek_to_clean_shell()
+        # Disable echo to avoid the need to parse the outgoing command
+        self.run_command('stty -echo')
+
+    def _seek_to_clean_shell(self):
+        """
+            Attempts to find a clean shell, meaning it is clear and
+            ready to accept a new command. This is necessary to ensure
+            the correct output is captured from each command.
+        """
+        import pexpect # limiting scope to avoid build dependency
+        # Look for a clean shell
+        # Wait a short amount of time for the connection to finish
+        pexpect_code = self.conn.expect([self.prompt, pexpect.TIMEOUT],
+                                        timeout=self.connect_timeout)
+
+        # if a timeout occurred, send an empty line and wait for a clean shell
+        if pexpect_code == 1:
+            # send a newline to clear and present the shell
+            self.conn.sendline("")
+            pexpect_code = self.conn.expect(self.prompt)
+
+    def run_command(self, cmd, timeout=None):
+        """
+            Runs command on target over the provided serial connection.
+            Returns any output on the shell while the command was run.
+
+            command:    Command to run on target.
+            timeout:    <value>:    Kill command after <val> seconds.
+                        None:       Kill command default value seconds.
+                        0:          No timeout, runs until return.
+        """
+        import pexpect # limiting scope to avoid build dependency
+        # Convert from the OETarget defaults to pexpect timeout values
+        if timeout is None:
+            timeout = self.default_command_timeout
+        elif timeout == 0:
+            timeout = None # passing None to pexpect is infinite timeout
+
+        self.conn.sendline(cmd)
+        pexpect_code = self.conn.expect([self.prompt, pexpect.TIMEOUT], timeout=timeout)
+
+        # check for timeout
+        if pexpect_code == 1:
+            self.conn.send('\003') # send Ctrl+C
+            self._seek_to_clean_shell()
+            raise SerialTimeoutException(f'Timeout executing: {cmd} after {timeout}s')
+
+        return self.conn.before.removesuffix('\r\n')
+
diff --git a/meta/lib/oeqa/core/target/ssh.py b/meta/lib/oeqa/core/target/ssh.py
index 461448dbc5..8b5c450a05 100644
--- a/meta/lib/oeqa/core/target/ssh.py
+++ b/meta/lib/oeqa/core/target/ssh.py
@@ -34,12 +34,17 @@ class OESSHTarget(OETarget):
         self.timeout = timeout
         self.user = user
         ssh_options = [
+                '-o', 'ServerAliveCountMax=2',
+                '-o', 'ServerAliveInterval=30',
                 '-o', 'UserKnownHostsFile=/dev/null',
                 '-o', 'StrictHostKeyChecking=no',
                 '-o', 'LogLevel=ERROR'
                 ]
+        scp_options = [
+                '-r'
+        ]
         self.ssh = ['ssh', '-l', self.user ] + ssh_options
-        self.scp = ['scp'] + ssh_options
+        self.scp = ['scp'] + ssh_options + scp_options
         if port:
             self.ssh = self.ssh + [ '-p', port ]
             self.scp = self.scp + [ '-P', port ]
@@ -50,14 +55,14 @@ class OESSHTarget(OETarget):
     def stop(self, **kwargs):
         pass
 
-    def _run(self, command, timeout=None, ignore_status=True):
+    def _run(self, command, timeout=None, ignore_status=True, raw=False):
         """
             Runs command in target using SSHProcess.
         """
         self.logger.debug("[Running]$ %s" % " ".join(command))
 
         starttime = time.time()
-        status, output = SSHCall(command, self.logger, timeout)
+        status, output = SSHCall(command, self.logger, timeout, raw)
         self.logger.debug("[Command returned '%d' after %.2f seconds]"
                  "" % (status, time.time() - starttime))
 
@@ -67,7 +72,7 @@ class OESSHTarget(OETarget):
 
         return (status, output)
 
-    def run(self, command, timeout=None):
+    def run(self, command, timeout=None, ignore_status=True, raw=False):
         """
             Runs command in target.
 
@@ -86,10 +91,12 @@ class OESSHTarget(OETarget):
         else:
             processTimeout = self.timeout
 
-        status, output = self._run(sshCmd, processTimeout, True)
-        self.logger.debug('Command: %s\nOutput:  %s\n' % (command, output))
-        if (status == 255) and (('No route to host') in output):
-            self.target_dumper.dump_target()
+        status, output = self._run(sshCmd, processTimeout, ignore_status, raw)
+        if len(output) > (64 * 1024):
+            self.logger.debug('Command: %s\nStatus: %d Output length:  %s\n' % (command, status, len(output)))
+        else:
+            self.logger.debug('Command: %s\nStatus: %d Output:  %s\n' % (command, status, output))
+
         return (status, output)
 
     def copyTo(self, localSrc, remoteDst):
@@ -202,32 +209,51 @@ class OESSHTarget(OETarget):
                 remoteDir = os.path.join(remotePath, tmpDir.lstrip("/"))
                 self.deleteDir(remoteDir)
 
-def SSHCall(command, logger, timeout=None, **opts):
+def SSHCall(command, logger, timeout=None, raw=False, **opts):
 
     def run():
         nonlocal output
         nonlocal process
+        output_raw = bytearray()
         starttime = time.time()
+        progress = time.time()
         process = subprocess.Popen(command, **options)
+        has_timeout = False
+        appendline = None
         if timeout:
             endtime = starttime + timeout
             eof = False
-            while time.time() < endtime and not eof:
-                logger.debug('time: %s, endtime: %s' % (time.time(), endtime))
+            os.set_blocking(process.stdout.fileno(), False)
+            while not has_timeout and not eof:
                 try:
                     if select.select([process.stdout], [], [], 5)[0] != []:
-                        reader = codecs.getreader('utf-8')(process.stdout, 'ignore')
-                        data = reader.read(1024, 4096)
+                        # wait a bit for more data, tries to avoid reading single characters
+                        time.sleep(0.2)
+                        data = process.stdout.read()
                         if not data:
-                            process.stdout.close()
                             eof = True
                         else:
-                            output += data
-                            logger.debug('Partial data from SSH call: %s' % data)
+                            output_raw.extend(data)
+                            # ignore errors to capture as much as possible
+                            #logger.debug('Partial data from SSH call:\n%s' % data.decode('utf-8', errors='ignore'))
                             endtime = time.time() + timeout
                 except InterruptedError:
+                    logger.debug('InterruptedError')
+                    continue
+                except BlockingIOError:
+                    logger.debug('BlockingIOError')
                     continue
 
+                if time.time() >= endtime:
+                    logger.debug('SSHCall has timeout! Time: %s, endtime: %s' % (time.time(), endtime))
+                    has_timeout = True
+
+                if time.time() >= (progress + 60):
+                    logger.debug('Waiting for process output at time: %s with datasize: %s' % (time.time(), len(output_raw)))
+                    progress = time.time()
+
+            process.stdout.close()
+
             # process hasn't returned yet
             if not eof:
                 process.terminate()
@@ -235,20 +261,58 @@ def SSHCall(command, logger, timeout=None, **opts):
                 try:
                     process.kill()
                 except OSError:
+                    logger.debug('OSError when killing process')
                     pass
                 endtime = time.time() - starttime
-                lastline = ("\nProcess killed - no output for %d seconds. Total"
+                appendline = ("\nProcess killed - no output for %d seconds. Total"
                             " running time: %d seconds." % (timeout, endtime))
-                logger.debug('Received data from SSH call %s ' % lastline)
-                output += lastline
-
+                logger.debug('Received data from SSH call:\n%s ' % appendline)
+                process.wait()
+
+            if raw:
+                output = bytes(output_raw)
+                if appendline:
+                    output += bytes(appendline, "utf-8")
+            else:
+                output = output_raw.decode('utf-8', errors='ignore')
+                if appendline:
+                    output += appendline
         else:
-            output = process.communicate()[0].decode('utf-8', errors='ignore')
-            logger.debug('Data from SSH call: %s' % output.rstrip())
+            output = output_raw = process.communicate()[0]
+            if not raw:
+                output = output_raw.decode('utf-8', errors='ignore')
+
+        if len(output) < (64 * 1024):
+            if output.rstrip():
+                logger.debug('Data from SSH call:\n%s' % output.rstrip())
+            else:
+                logger.debug('No output from SSH call')
+
+        # timout or not, make sure process exits and is not hanging
+        if process.returncode == None:
+            try:
+                process.wait(timeout=5)
+            except TimeoutExpired:
+                try:
+                    process.kill()
+                except OSError:
+                    logger.debug('OSError')
+                    pass
+                process.wait()
+
+        if has_timeout:
+            # Version of openssh before 8.6_p1 returns error code 0 when killed
+            # by a signal, when the timeout occurs we will receive a 0 error
+            # code because the process is been terminated and it's wrong because
+            # that value means success, but the process timed out.
+            # Afterwards, from version 8.6_p1 onwards, the returned code is 255.
+            # Fix this behaviour by checking the return code
+            if process.returncode == 0:
+                process.returncode = 255
 
     options = {
         "stdout": subprocess.PIPE,
-        "stderr": subprocess.STDOUT,
+        "stderr": subprocess.STDOUT if not raw else None,
         "stdin": None,
         "shell": False,
         "bufsize": -1,
@@ -271,6 +335,9 @@ def SSHCall(command, logger, timeout=None, **opts):
         # whilst running and ensure we don't leave a process behind.
         if process.poll() is None:
             process.kill()
+        if process.returncode == None:
+            process.wait()
         logger.debug('Something went wrong, killing SSH process')
         raise
-    return (process.wait(), output.rstrip())
+
+    return (process.returncode, output if raw else output.rstrip())
diff --git a/meta/lib/oeqa/core/tests/cases/timeout.py b/meta/lib/oeqa/core/tests/cases/timeout.py
index 5dfecc7b7c..69cf969a67 100644
--- a/meta/lib/oeqa/core/tests/cases/timeout.py
+++ b/meta/lib/oeqa/core/tests/cases/timeout.py
@@ -8,6 +8,7 @@ from time import sleep
 
 from oeqa.core.case import OETestCase
 from oeqa.core.decorator.oetimeout import OETimeout
+from oeqa.core.decorator.depends import OETestDepends
 
 class TimeoutTest(OETestCase):
 
@@ -19,3 +20,15 @@ class TimeoutTest(OETestCase):
     def testTimeoutFail(self):
         sleep(2)
         self.assertTrue(True, msg='How is this possible?')
+
+
+    def testTimeoutSkip(self):
+        self.skipTest("This test needs to be skipped, so that testTimeoutDepends()'s OETestDepends kicks in")
+
+    @OETestDepends(["timeout.TimeoutTest.testTimeoutSkip"])
+    @OETimeout(3)
+    def testTimeoutDepends(self):
+        self.assertTrue(False, msg='How is this possible?')
+
+    def testTimeoutUnrelated(self):
+        sleep(6)
diff --git a/meta/lib/oeqa/core/tests/common.py b/meta/lib/oeqa/core/tests/common.py
index 88cc758ad3..bcc4fde632 100644
--- a/meta/lib/oeqa/core/tests/common.py
+++ b/meta/lib/oeqa/core/tests/common.py
@@ -9,7 +9,6 @@ import os
 
 import unittest
 import logging
-import os
 
 logger = logging.getLogger("oeqa")
 logger.setLevel(logging.INFO)
diff --git a/meta/lib/oeqa/core/tests/test_data.py b/meta/lib/oeqa/core/tests/test_data.py
index ac74098b78..acd726f3a0 100755
--- a/meta/lib/oeqa/core/tests/test_data.py
+++ b/meta/lib/oeqa/core/tests/test_data.py
@@ -33,7 +33,7 @@ class TestData(TestBase):
 
     def test_data_fail_wrong_variable(self):
         expectedError = 'AssertionError'
-        d = {'IMAGE' : 'core-image-sato', 'ARCH' : 'arm'}
+        d = {'IMAGE' : 'core-image-weston', 'ARCH' : 'arm'}
 
         tc = self._testLoader(d=d, modules=self.modules)
         results = tc.runTests()
diff --git a/meta/lib/oeqa/core/tests/test_decorators.py b/meta/lib/oeqa/core/tests/test_decorators.py
index b798bf7d33..5095f39948 100755
--- a/meta/lib/oeqa/core/tests/test_decorators.py
+++ b/meta/lib/oeqa/core/tests/test_decorators.py
@@ -133,5 +133,11 @@ class TestTimeoutDecorator(TestBase):
         msg = "OETestTimeout didn't restore SIGALRM"
         self.assertIs(alarm_signal, signal.getsignal(signal.SIGALRM), msg=msg)
 
+    def test_timeout_cancel(self):
+        tests = ['timeout.TimeoutTest.testTimeoutSkip', 'timeout.TimeoutTest.testTimeoutDepends', 'timeout.TimeoutTest.testTimeoutUnrelated']
+        msg = 'Unrelated test failed to complete'
+        tc = self._testLoader(modules=self.modules, tests=tests)
+        self.assertTrue(tc.runTests().wasSuccessful(), msg=msg)
+
 if __name__ == '__main__':
     unittest.main()
diff --git a/meta/lib/oeqa/core/utils/concurrencytest.py b/meta/lib/oeqa/core/utils/concurrencytest.py
index b2eb68fb02..d10f8f7f04 100644
--- a/meta/lib/oeqa/core/utils/concurrencytest.py
+++ b/meta/lib/oeqa/core/utils/concurrencytest.py
@@ -1,5 +1,7 @@
 #!/usr/bin/env python3
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: GPL-2.0-or-later
 #
 # Modified for use in OE by Richard Purdie, 2018
@@ -48,11 +50,16 @@ _all__ = [
 #
 class BBThreadsafeForwardingResult(ThreadsafeForwardingResult):
 
-    def __init__(self, target, semaphore, threadnum, totalinprocess, totaltests):
+    def __init__(self, target, semaphore, threadnum, totalinprocess, totaltests, output, finalresult):
         super(BBThreadsafeForwardingResult, self).__init__(target, semaphore)
         self.threadnum = threadnum
         self.totalinprocess = totalinprocess
         self.totaltests = totaltests
+        self.buffer = True
+        self.outputbuf = output
+        self.finalresult = finalresult
+        self.finalresult.buffer = True
+        self.target = target
 
     def _add_result_with_semaphore(self, method, test, *args, **kwargs):
         self.semaphore.acquire()
@@ -61,16 +68,19 @@ class BBThreadsafeForwardingResult(ThreadsafeForwardingResult):
                 self.result.starttime[test.id()] = self._test_start.timestamp()
                 self.result.threadprogress[self.threadnum].append(test.id())
                 totalprogress = sum(len(x) for x in self.result.threadprogress.values())
-                self.result.progressinfo[test.id()] = "%s: %s/%s %s/%s (%ss) (%s)" % (
+                self.result.progressinfo[test.id()] = "%s: %s/%s %s/%s (%ss) (%s failed) (%s)" % (
                     self.threadnum,
                     len(self.result.threadprogress[self.threadnum]),
                     self.totalinprocess,
                     totalprogress,
                     self.totaltests,
                     "{0:.2f}".format(time.time()-self._test_start.timestamp()),
+                    self.target.failed_tests,
                     test.id())
         finally:
             self.semaphore.release()
+        self.finalresult._stderr_buffer = io.StringIO(initial_value=self.outputbuf.getvalue().decode("utf-8"))
+        self.finalresult._stdout_buffer = io.StringIO()
         super(BBThreadsafeForwardingResult, self)._add_result_with_semaphore(method, test, *args, **kwargs)
 
 class ProxyTestResult:
@@ -183,35 +193,28 @@ class dummybuf(object):
 #
 class ConcurrentTestSuite(unittest.TestSuite):
 
-    def __init__(self, suite, processes, setupfunc, removefunc):
+    def __init__(self, suite, processes, setupfunc, removefunc, bb_vars):
         super(ConcurrentTestSuite, self).__init__([suite])
         self.processes = processes
         self.setupfunc = setupfunc
         self.removefunc = removefunc
+        self.bb_vars = bb_vars
 
     def run(self, result):
-        tests, totaltests = fork_for_tests(self.processes, self)
+        testservers, totaltests = fork_for_tests(self.processes, self)
         try:
             threads = {}
             queue = Queue()
             semaphore = threading.Semaphore(1)
             result.threadprogress = {}
-            for i, (test, testnum) in enumerate(tests):
+            for i, (testserver, testnum, output) in enumerate(testservers):
                 result.threadprogress[i] = []
                 process_result = BBThreadsafeForwardingResult(
                         ExtraResultsDecoderTestResult(result),
-                        semaphore, i, testnum, totaltests)
-                # Force buffering of stdout/stderr so the console doesn't get corrupted by test output
-                # as per default in parent code
-                process_result.buffer = True
-                # We have to add a buffer object to stdout to keep subunit happy
-                process_result._stderr_buffer = io.StringIO()
-                process_result._stderr_buffer.buffer = dummybuf(process_result._stderr_buffer)
-                process_result._stdout_buffer = io.StringIO()
-                process_result._stdout_buffer.buffer = dummybuf(process_result._stdout_buffer)
+                        semaphore, i, testnum, totaltests, output, result)
                 reader_thread = threading.Thread(
-                    target=self._run_test, args=(test, process_result, queue))
-                threads[test] = reader_thread, process_result
+                    target=self._run_test, args=(testserver, process_result, queue))
+                threads[testserver] = reader_thread, process_result
                 reader_thread.start()
             while threads:
                 finished_test = queue.get()
@@ -222,13 +225,13 @@ class ConcurrentTestSuite(unittest.TestSuite):
                 process_result.stop()
             raise
         finally:
-            for test in tests:
-                test[0]._stream.close()
+            for testserver in testservers:
+                testserver[0]._stream.close()
 
-    def _run_test(self, test, process_result, queue):
+    def _run_test(self, testserver, process_result, queue):
         try:
             try:
-                test.run(process_result)
+                testserver.run(process_result)
             except Exception:
                 # The run logic itself failed
                 case = testtools.ErrorHolder(
@@ -236,12 +239,12 @@ class ConcurrentTestSuite(unittest.TestSuite):
                     error=sys.exc_info())
                 case.run(process_result)
         finally:
-            queue.put(test)
+            queue.put(testserver)
 
 def fork_for_tests(concurrency_num, suite):
-    result = []
+    testservers = []
     if 'BUILDDIR' in os.environ:
-        selftestdir = get_test_layer()
+        selftestdir = get_test_layer(suite.bb_vars['BBLAYERS'])
 
     test_blocks = partition_tests(suite, concurrency_num)
     # Clear the tests from the original suite so it doesn't keep them alive
@@ -261,7 +264,7 @@ def fork_for_tests(concurrency_num, suite):
             ourpid = os.getpid()
             try:
                 newbuilddir = None
-                stream = os.fdopen(c2pwrite, 'wb', 1)
+                stream = os.fdopen(c2pwrite, 'wb')
                 os.close(c2pread)
 
                 (builddir, newbuilddir) = suite.setupfunc("-st-" + str(ourpid), selftestdir, process_suite)
@@ -273,10 +276,11 @@ def fork_for_tests(concurrency_num, suite):
                 newsi = os.open(os.devnull, os.O_RDWR)
                 os.dup2(newsi, sys.stdin.fileno())
 
+                # Send stdout/stderr over the stream
+                os.dup2(c2pwrite, sys.stdout.fileno())
+                os.dup2(c2pwrite, sys.stderr.fileno())
+
                 subunit_client = TestProtocolClient(stream)
-                # Force buffering of stdout/stderr so the console doesn't get corrupted by test output
-                # as per default in parent code
-                subunit_client.buffer = True
                 subunit_result = AutoTimingTestResultDecorator(subunit_client)
                 unittest_result = process_suite.run(ExtraResultsEncoderTestResult(subunit_result))
                 if ourpid != os.getpid():
@@ -305,10 +309,12 @@ def fork_for_tests(concurrency_num, suite):
             os._exit(0)
         else:
             os.close(c2pwrite)
-            stream = os.fdopen(c2pread, 'rb', 1)
-            test = ProtocolTestCase(stream)
-            result.append((test, numtests))
-    return result, totaltests
+            stream = os.fdopen(c2pread, 'rb')
+            # Collect stdout/stderr into an io buffer
+            output = io.BytesIO()
+            testserver = ProtocolTestCase(stream, passthrough=output)
+            testservers.append((testserver, numtests, output))
+    return testservers, totaltests
 
 def partition_tests(suite, count):
     # Keep tests from the same class together but allow tests from modules
diff --git a/meta/lib/oeqa/core/utils/misc.py b/meta/lib/oeqa/core/utils/misc.py
deleted file mode 100644
index e1a59588eb..0000000000
--- a/meta/lib/oeqa/core/utils/misc.py
+++ /dev/null
@@ -1,47 +0,0 @@
-#
-# Copyright (C) 2016 Intel Corporation
-#
-# SPDX-License-Identifier: MIT
-#
-
-def toList(obj, obj_type, obj_name="Object"):
-    if isinstance(obj, obj_type):
-        return [obj]
-    elif isinstance(obj, list):
-        return obj
-    else:
-        raise TypeError("%s must be %s or list" % (obj_name, obj_type))
-
-def toSet(obj, obj_type, obj_name="Object"):
-    if isinstance(obj, obj_type):
-        return {obj}
-    elif isinstance(obj, list):
-        return set(obj)
-    elif isinstance(obj, set):
-        return obj
-    else:
-        raise TypeError("%s must be %s or set" % (obj_name, obj_type))
-
-def strToList(obj, obj_name="Object"):
-    return toList(obj, str, obj_name)
-
-def strToSet(obj, obj_name="Object"):
-    return toSet(obj, str, obj_name)
-
-def intToList(obj, obj_name="Object"):
-    return toList(obj, int, obj_name)
-
-def dataStoteToDict(d, variables):
-    data = {}
-
-    for v in variables:
-        data[v] = d.getVar(v)
-
-    return data
-
-def updateTestData(d, td, variables):
-    """
-    Updates variables with values of data store to test data.
-    """
-    for var in variables:
-        td[var] = d.getVar(var)
diff --git a/meta/lib/oeqa/files/maturin/guessing-game/Cargo.toml b/meta/lib/oeqa/files/maturin/guessing-game/Cargo.toml
new file mode 100644
index 0000000000..a78ada2593
--- /dev/null
+++ b/meta/lib/oeqa/files/maturin/guessing-game/Cargo.toml
@@ -0,0 +1,20 @@
+[package]
+name = "guessing-game"
+version = "0.1.0"
+edition = "2021"
+
+# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
+
+[lib]
+name = "guessing_game"
+# "cdylib" is necessary to produce a shared library for Python to import from.
+crate-type = ["cdylib"]
+
+[dependencies]
+rand = "0.8.4"
+
+[dependencies.pyo3]
+version = "0.24.1"
+# "abi3-py38" tells pyo3 (and maturin) to build using the stable ABI with minimum Python version 3.8
+features = ["abi3-py38"]
+
diff --git a/meta/lib/oeqa/files/maturin/guessing-game/LICENSE-APACHE b/meta/lib/oeqa/files/maturin/guessing-game/LICENSE-APACHE
new file mode 100644
index 0000000000..16fe87b06e
--- /dev/null
+++ b/meta/lib/oeqa/files/maturin/guessing-game/LICENSE-APACHE
@@ -0,0 +1,201 @@
+                              Apache License
+                        Version 2.0, January 2004
+                     http://www.apache.org/licenses/
+
+TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+1. Definitions.
+
+   "License" shall mean the terms and conditions for use, reproduction,
+   and distribution as defined by Sections 1 through 9 of this document.
+
+   "Licensor" shall mean the copyright owner or entity authorized by
+   the copyright owner that is granting the License.
+
+   "Legal Entity" shall mean the union of the acting entity and all
+   other entities that control, are controlled by, or are under common
+   control with that entity. For the purposes of this definition,
+   "control" means (i) the power, direct or indirect, to cause the
+   direction or management of such entity, whether by contract or
+   otherwise, or (ii) ownership of fifty percent (50%) or more of the
+   outstanding shares, or (iii) beneficial ownership of such entity.
+
+   "You" (or "Your") shall mean an individual or Legal Entity
+   exercising permissions granted by this License.
+
+   "Source" form shall mean the preferred form for making modifications,
+   including but not limited to software source code, documentation
+   source, and configuration files.
+
+   "Object" form shall mean any form resulting from mechanical
+   transformation or translation of a Source form, including but
+   not limited to compiled object code, generated documentation,
+   and conversions to other media types.
+
+   "Work" shall mean the work of authorship, whether in Source or
+   Object form, made available under the License, as indicated by a
+   copyright notice that is included in or attached to the work
+   (an example is provided in the Appendix below).
+
+   "Derivative Works" shall mean any work, whether in Source or Object
+   form, that is based on (or derived from) the Work and for which the
+   editorial revisions, annotations, elaborations, or other modifications
+   represent, as a whole, an original work of authorship. For the purposes
+   of this License, Derivative Works shall not include works that remain
+   separable from, or merely link (or bind by name) to the interfaces of,
+   the Work and Derivative Works thereof.
+
+   "Contribution" shall mean any work of authorship, including
+   the original version of the Work and any modifications or additions
+   to that Work or Derivative Works thereof, that is intentionally
+   submitted to Licensor for inclusion in the Work by the copyright owner
+   or by an individual or Legal Entity authorized to submit on behalf of
+   the copyright owner. For the purposes of this definition, "submitted"
+   means any form of electronic, verbal, or written communication sent
+   to the Licensor or its representatives, including but not limited to
+   communication on electronic mailing lists, source code control systems,
+   and issue tracking systems that are managed by, or on behalf of, the
+   Licensor for the purpose of discussing and improving the Work, but
+   excluding communication that is conspicuously marked or otherwise
+   designated in writing by the copyright owner as "Not a Contribution."
+
+   "Contributor" shall mean Licensor and any individual or Legal Entity
+   on behalf of whom a Contribution has been received by Licensor and
+   subsequently incorporated within the Work.
+
+2. Grant of Copyright License. Subject to the terms and conditions of
+   this License, each Contributor hereby grants to You a perpetual,
+   worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+   copyright license to reproduce, prepare Derivative Works of,
+   publicly display, publicly perform, sublicense, and distribute the
+   Work and such Derivative Works in Source or Object form.
+
+3. Grant of Patent License. Subject to the terms and conditions of
+   this License, each Contributor hereby grants to You a perpetual,
+   worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+   (except as stated in this section) patent license to make, have made,
+   use, offer to sell, sell, import, and otherwise transfer the Work,
+   where such license applies only to those patent claims licensable
+   by such Contributor that are necessarily infringed by their
+   Contribution(s) alone or by combination of their Contribution(s)
+   with the Work to which such Contribution(s) was submitted. If You
+   institute patent litigation against any entity (including a
+   cross-claim or counterclaim in a lawsuit) alleging that the Work
+   or a Contribution incorporated within the Work constitutes direct
+   or contributory patent infringement, then any patent licenses
+   granted to You under this License for that Work shall terminate
+   as of the date such litigation is filed.
+
+4. Redistribution. You may reproduce and distribute copies of the
+   Work or Derivative Works thereof in any medium, with or without
+   modifications, and in Source or Object form, provided that You
+   meet the following conditions:
+
+   (a) You must give any other recipients of the Work or
+       Derivative Works a copy of this License; and
+
+   (b) You must cause any modified files to carry prominent notices
+       stating that You changed the files; and
+
+   (c) You must retain, in the Source form of any Derivative Works
+       that You distribute, all copyright, patent, trademark, and
+       attribution notices from the Source form of the Work,
+       excluding those notices that do not pertain to any part of
+       the Derivative Works; and
+
+   (d) If the Work includes a "NOTICE" text file as part of its
+       distribution, then any Derivative Works that You distribute must
+       include a readable copy of the attribution notices contained
+       within such NOTICE file, excluding those notices that do not
+       pertain to any part of the Derivative Works, in at least one
+       of the following places: within a NOTICE text file distributed
+       as part of the Derivative Works; within the Source form or
+       documentation, if provided along with the Derivative Works; or,
+       within a display generated by the Derivative Works, if and
+       wherever such third-party notices normally appear. The contents
+       of the NOTICE file are for informational purposes only and
+       do not modify the License. You may add Your own attribution
+       notices within Derivative Works that You distribute, alongside
+       or as an addendum to the NOTICE text from the Work, provided
+       that such additional attribution notices cannot be construed
+       as modifying the License.
+
+   You may add Your own copyright statement to Your modifications and
+   may provide additional or different license terms and conditions
+   for use, reproduction, or distribution of Your modifications, or
+   for any such Derivative Works as a whole, provided Your use,
+   reproduction, and distribution of the Work otherwise complies with
+   the conditions stated in this License.
+
+5. Submission of Contributions. Unless You explicitly state otherwise,
+   any Contribution intentionally submitted for inclusion in the Work
+   by You to the Licensor shall be under the terms and conditions of
+   this License, without any additional terms or conditions.
+   Notwithstanding the above, nothing herein shall supersede or modify
+   the terms of any separate license agreement you may have executed
+   with Licensor regarding such Contributions.
+
+6. Trademarks. This License does not grant permission to use the trade
+   names, trademarks, service marks, or product names of the Licensor,
+   except as required for reasonable and customary use in describing the
+   origin of the Work and reproducing the content of the NOTICE file.
+
+7. Disclaimer of Warranty. Unless required by applicable law or
+   agreed to in writing, Licensor provides the Work (and each
+   Contributor provides its Contributions) on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+   implied, including, without limitation, any warranties or conditions
+   of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+   PARTICULAR PURPOSE. You are solely responsible for determining the
+   appropriateness of using or redistributing the Work and assume any
+   risks associated with Your exercise of permissions under this License.
+
+8. Limitation of Liability. In no event and under no legal theory,
+   whether in tort (including negligence), contract, or otherwise,
+   unless required by applicable law (such as deliberate and grossly
+   negligent acts) or agreed to in writing, shall any Contributor be
+   liable to You for damages, including any direct, indirect, special,
+   incidental, or consequential damages of any character arising as a
+   result of this License or out of the use or inability to use the
+   Work (including but not limited to damages for loss of goodwill,
+   work stoppage, computer failure or malfunction, or any and all
+   other commercial damages or losses), even if such Contributor
+   has been advised of the possibility of such damages.
+
+9. Accepting Warranty or Additional Liability. While redistributing
+   the Work or Derivative Works thereof, You may choose to offer,
+   and charge a fee for, acceptance of support, warranty, indemnity,
+   or other liability obligations and/or rights consistent with this
+   License. However, in accepting such obligations, You may act only
+   on Your own behalf and on Your sole responsibility, not on behalf
+   of any other Contributor, and only if You agree to indemnify,
+   defend, and hold each Contributor harmless for any liability
+   incurred by, or claims asserted against, such Contributor by reason
+   of your accepting any such warranty or additional liability.
+
+END OF TERMS AND CONDITIONS
+
+APPENDIX: How to apply the Apache License to your work.
+
+   To apply the Apache License to your work, attach the following
+   boilerplate notice, with the fields enclosed by brackets "[]"
+   replaced with your own identifying information. (Don't include
+   the brackets!)  The text should be enclosed in the appropriate
+   comment syntax for the file format. We also recommend that a
+   file or class name and description of purpose be included on the
+   same "printed page" as the copyright notice for easier
+   identification within third-party archives.
+
+Copyright [yyyy] [name of copyright owner]
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+        http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
diff --git a/meta/lib/oeqa/files/maturin/guessing-game/LICENSE-MIT b/meta/lib/oeqa/files/maturin/guessing-game/LICENSE-MIT
new file mode 100644
index 0000000000..c4a9a58791
--- /dev/null
+++ b/meta/lib/oeqa/files/maturin/guessing-game/LICENSE-MIT
@@ -0,0 +1,25 @@
+Copyright (c) 2018 konstin
+
+Permission is hereby granted, free of charge, to any
+person obtaining a copy of this software and associated
+documentation files (the "Software"), to deal in the
+Software without restriction, including without
+limitation the rights to use, copy, modify, merge,
+publish, distribute, sublicense, and/or sell copies of
+the Software, and to permit persons to whom the Software
+is furnished to do so, subject to the following
+conditions:
+
+The above copyright notice and this permission notice
+shall be included in all copies or substantial portions
+of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF
+ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED
+TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
+PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT
+SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR
+IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+DEALINGS IN THE SOFTWARE.
diff --git a/meta/lib/oeqa/files/maturin/guessing-game/pyproject.toml b/meta/lib/oeqa/files/maturin/guessing-game/pyproject.toml
new file mode 100644
index 0000000000..ff35abc472
--- /dev/null
+++ b/meta/lib/oeqa/files/maturin/guessing-game/pyproject.toml
@@ -0,0 +1,8 @@
+[build-system]
+requires = ["maturin>=1.0,<2.0"]
+build-backend = "maturin"
+
+[tool.maturin]
+# "extension-module" tells pyo3 we want to build an extension module (skips linking against libpython.so)
+features = ["pyo3/extension-module"]
+
diff --git a/meta/lib/oeqa/files/maturin/guessing-game/src/lib.rs b/meta/lib/oeqa/files/maturin/guessing-game/src/lib.rs
new file mode 100644
index 0000000000..6828466ed1
--- /dev/null
+++ b/meta/lib/oeqa/files/maturin/guessing-game/src/lib.rs
@@ -0,0 +1,48 @@
+use pyo3::prelude::*;
+use rand::Rng;
+use std::cmp::Ordering;
+use std::io;
+
+#[pyfunction]
+fn guess_the_number() {
+    println!("Guess the number!");
+
+    let secret_number = rand::thread_rng().gen_range(1..101);
+
+    loop {
+        println!("Please input your guess.");
+
+        let mut guess = String::new();
+
+        io::stdin()
+            .read_line(&mut guess)
+            .expect("Failed to read line");
+
+        let guess: u32 = match guess.trim().parse() {
+            Ok(num) => num,
+            Err(_) => continue,
+        };
+
+        println!("You guessed: {}", guess);
+
+        match guess.cmp(&secret_number) {
+            Ordering::Less => println!("Too small!"),
+            Ordering::Greater => println!("Too big!"),
+            Ordering::Equal => {
+                println!("You win!");
+                break;
+            }
+        }
+    }
+}
+
+/// A Python module implemented in Rust. The name of this function must match
+/// the `lib.name` setting in the `Cargo.toml`, else Python will not be able to
+/// import the module.
+#[pymodule]
+fn guessing_game(_py: Python, m: &PyModule) -> PyResult<()> {
+    m.add_function(wrap_pyfunction!(guess_the_number, m)?)?;
+
+    Ok(())
+}
+
diff --git a/meta/lib/oeqa/files/test.rs b/meta/lib/oeqa/files/test.rs
new file mode 100644
index 0000000000..f79c691f08
--- /dev/null
+++ b/meta/lib/oeqa/files/test.rs
@@ -0,0 +1,2 @@
+fn main() {
+}
diff --git a/meta/lib/oeqa/files/testresults/testresults.json b/meta/lib/oeqa/files/testresults/testresults.json
index 1a62155618..86e5e412af 100644
--- a/meta/lib/oeqa/files/testresults/testresults.json
+++ b/meta/lib/oeqa/files/testresults/testresults.json
@@ -1,5 +1,5 @@
 {
-    "runtime_core-image-minimal_qemuarm_20181225195701": {
+    "runtime_core-image-minimal:qemuarm_20181225195701": {
         "configuration": {
             "DISTRO": "poky",
             "HOST_DISTRO": "ubuntu-16.04",
diff --git a/meta/lib/oeqa/manual/bsp-hw.json b/meta/lib/oeqa/manual/bsp-hw.json
index 75b89758cb..308a0807f3 100644
--- a/meta/lib/oeqa/manual/bsp-hw.json
+++ b/meta/lib/oeqa/manual/bsp-hw.json
@@ -26,7 +26,7 @@
                     "expected_results": ""
                 },
                 "5": {
-                    "action": "Remove USB, and reboot into new installed system. \nNote:   If installation was successfully completed and received this message \"\"(sdx): Volume was not properly unmounted...Please run fsck.\"\" ignore it because this was whitelisted according to bug 9652.",
+                    "action": "Remove USB, and reboot into new installed system. \nNote:   If installation was successfully completed and received this message \"\"(sdx): Volume was not properly unmounted...Please run fsck.\"\" ignore it because this was allowed according to bug 9652.",
                     "expected_results": ""
                 }
             },
@@ -61,70 +61,6 @@
     },
     {
         "test": {
-            "@alias": "bsps-hw.bsps-hw.boot_from_runlevel_3",
-            "author": [
-                {
-                    "email": "alexandru.c.georgescu@intel.com",
-                    "name": "alexandru.c.georgescu@intel.com"
-                }
-            ],
-            "execution": {
-                "1": {
-                    "action": "Boot into system and edit /etc/inittab to make sure that system enter at the run level 3 by default, this is done by changing the line   \n\n\nid:5:initdefault  \n\nto  \n\nid:3:initdefault  \n\n",
-                    "expected_results": ""
-                },
-                "2": {
-                    "action": "Reboot system, and press \"Tab\" to enter \"grub\"",
-                    "expected_results": ""
-                },
-                "3": {
-                    "action": "Get into the \"kernel\" line with the edit option  \"e\" and add \"psplash=false text\" at the end line.",
-                    "expected_results": ""
-                },
-                "4": {
-                    "action": "Press \"F10\" or \"ctrl+x\" to boot system",
-                    "expected_results": ""
-                },
-                "5": {
-                    "action": "If system ask you for a login type \"root\"",
-                    "expected_results": "System should boot to run level 3, showing the command prompt."
-                }
-            },
-            "summary": "boot_from_runlevel_3"
-        }
-    },
-    {
-        "test": {
-            "@alias": "bsps-hw.bsps-hw.boot_from_runlevel_5",
-            "author": [
-                {
-                    "email": "alexandru.c.georgescu@intel.com",
-                    "name": "alexandru.c.georgescu@intel.com"
-                }
-            ],
-            "execution": {
-                "1": {
-                    "action": "Boot into system and edit /etc/inittab to make sure that system enter at the run level 5 by default, this is done by changing the line   \n\nid:3:initdefault  \n\nto  \n\nid:5:initdefault  \n\n",
-                    "expected_results": ""
-                },
-                "2": {
-                    "action": "Reboot system, and press \"Tab\" to enter \"grub\"",
-                    "expected_results": ""
-                },
-                "3": {
-                    "action": "Get into the \"kernel\" line with the edit option  \"e\" and add \"psplash=false text\" at the end line.",
-                    "expected_results": ""
-                },
-                "4": {
-                    "action": "Press \"F10\" or \"ctrl+x\" to boot system \nNote: The test is only for sato image.",
-                    "expected_results": "System should boot to runlevel 5 ."
-                }
-            },
-            "summary": "boot_from_runlevel_5"
-        }
-    },
-    {
-        "test": {
             "@alias": "bsps-hw.bsps-hw.switch_among_multi_applications_and_desktop",
             "author": [
                 {
@@ -155,70 +91,6 @@
     },
     {
         "test": {
-            "@alias": "bsps-hw.bsps-hw.ethernet_static_ip_set_in_connman",
-            "author": [
-                {
-                    "email": "alexandru.c.georgescu@intel.com",
-                    "name": "alexandru.c.georgescu@intel.com"
-                }
-            ],
-            "execution": {
-                "1": {
-                    "action": "Boot the system and check internet connection is on . ",
-                    "expected_results": ""
-                },
-                "2": {
-                    "action": "Launch connmand-properties (up-right corner on desktop)",
-                    "expected_results": ""
-                },
-                "3": {
-                    "action": "Choose  Ethernet device and set a valid static ip address for it. \nFor example, in our internal network, we can set as following: \nip address: 10.239.48.xxx \nMask: 255.255.255.0 \nGateway (Broadcast): 10.239.48.255",
-                    "expected_results": ""
-                },
-                "4": {
-                    "action": "Check the Network configuration with \"ifconfig\"",
-                    "expected_results": "Static IP was set successfully  \n"
-                },
-                "5": {
-                    "action": "ping to another IP adress",
-                    "expected_results": "Ping works correclty\n"
-                }
-            },
-            "summary": "ethernet_static_ip_set_in_connman"
-        }
-    },
-    {
-        "test": {
-            "@alias": "bsps-hw.bsps-hw.ethernet_get_IP_in_connman_via_DHCP",
-            "author": [
-                {
-                    "email": "alexandru.c.georgescu@intel.com",
-                    "name": "alexandru.c.georgescu@intel.com"
-                }
-            ],
-            "execution": {
-                "1": {
-                    "action": "Launch connmand-properties (up-right corner on your desktop). ",
-                    "expected_results": ""
-                },
-                "2": {
-                    "action": "Check if Ethernet device can work properly with static IP, doing \"ping XXX.XXX.XXX.XXX\", once this is set.",
-                    "expected_results": "Ping executed successfully .  \n\n"
-                },
-                "3": {
-                    "action": "Then choose DHCP method for Ethernet device in connmand-properties.",
-                    "expected_results": ""
-                },
-                "4": {
-                    "action": "Check with 'ifconfig\" and \"ping\" if Ethernet device get IP address via DHCP.",
-                    "expected_results": "Ethernet device can get dynamic IP address via DHCP in connmand ."
-                }
-            },
-            "summary": "ethernet_get_IP_in_connman_via_DHCP"
-        }
-    },
-    {
-        "test": {
             "@alias": "bsps-hw.bsps-hw.connman_offline_mode_in_connman-gnome",
             "author": [
                 {
@@ -241,40 +113,6 @@
     },
     {
         "test": {
-            "@alias": "bsps-hw.bsps-hw.standby",
-            "author": [
-                {
-                    "email": "alexandru.c.georgescu@intel.com",
-                    "name": "alexandru.c.georgescu@intel.com"
-                }
-            ],
-            "execution": {
-                "1": {
-                    "action": "boot system and launch terminal; check output of \"date\" and launch script \"continue.sh\"",
-                    "expected_results": ""
-                },
-                "2": {
-                    "action": "echo \"mem\" > /sys/power/state",
-                    "expected_results": ""
-                },
-                "3": {
-                    "action": "After system go into S3 mode, move mouse or press any key to make it resume (on NUC press power button)",
-                    "expected_results": ""
-                },
-                "4": {
-                    "action": "Check \"date\" and script \"continue.sh\"",
-                    "expected_results": ""
-                },
-                "5": {
-                    "action": "Check if application can work as normal \ncontinue.sh as below: \n \n#!/bin/sh \n \ni=1 \nwhile [ 0 ] \ndo \n echo $i \n sleep 1 \n i=$((i+1)) \ndone ",
-                    "expected_results": "Screen should resume back and script can run continuously incrementing the i's value from where it was before going to standby state. Date should be the same with the corresponding time increment."
-                }
-            },
-            "summary": "standby"
-        }
-    },
-    {
-        "test": {
             "@alias": "bsps-hw.bsps-hw.check_CPU_utilization_after_standby",
             "author": [
                 {
@@ -305,88 +143,6 @@
     },
     {
         "test": {
-            "@alias": "bsps-hw.bsps-hw.Test_if_LAN_device_works_well_after_resume_from_suspend_state",
-            "author": [
-                {
-                    "email": "alexandru.c.georgescu@intel.com",
-                    "name": "alexandru.c.georgescu@intel.com"
-                }
-            ],
-            "execution": {
-                "1": {
-                    "action": "boot system and launch terminal",
-                    "expected_results": ""
-                },
-                "2": {
-                    "action": "echo \"mem\" > /sys/power/state",
-                    "expected_results": ""
-                },
-                "3": {
-                    "action": "After system go into S3 mode, move mouse or press any key to make it resume",
-                    "expected_results": ""
-                },
-                "4": {
-                    "action": "check ping status  \n\nNote: This TC apply only for core-image-full-cmd.",
-                    "expected_results": "ping should always work before/after standby"
-                }
-            },
-            "summary": "Test_if_LAN_device_works_well_after_resume_from_suspend_state"
-        }
-    },
-    {
-        "test": {
-            "@alias": "bsps-hw.bsps-hw.Test_if_usb_hid_device_works_well_after_resume_from_suspend_state",
-            "author": [
-                {
-                    "email": "alexandru.c.georgescu@intel.com",
-                    "name": "alexandru.c.georgescu@intel.com"
-                }
-            ],
-            "execution": {
-                "1": {
-                    "action": "boot system and launch terminal",
-                    "expected_results": ""
-                },
-                "2": {
-                    "action": "echo \"mem\" > /sys/power/state",
-                    "expected_results": ""
-                },
-                "3": {
-                    "action": "After system go into S3 mode, resume the device by pressing the power button or using HID devices",
-                    "expected_results": "Devices resumes "
-                },
-                "4": {
-                    "action": "check usb mouse and keyboard",
-                    "expected_results": "Usb mouse and keyboard should work"
-                }
-            },
-            "summary": "Test_if_usb_hid_device_works_well_after_resume_from_suspend_state"
-        }
-    },
-    {
-        "test": {
-            "@alias": "bsps-hw.bsps-hw.click_terminal_icon_on_X_desktop",
-            "author": [
-                {
-                    "email": "alexandru.c.georgescu@intel.com",
-                    "name": "alexandru.c.georgescu@intel.com"
-                }
-            ],
-            "execution": {
-                "1": {
-                    "action": "After system launch and X start up, click terminal icon on desktop",
-                    "expected_results": ""
-                },
-                "2": {
-                    "action": "Check if only one terminal window launched and no other problem met",
-                    "expected_results": "There should be no problem after launching terminal . "
-                }
-            },
-            "summary": "click_terminal_icon_on_X_desktop"
-        }
-    },
-    {
-        "test": {
             "@alias": "bsps-hw.bsps-hw.Add_multiple_files_in_media_player",
             "author": [
                 {
@@ -839,40 +595,6 @@
     },
     {
         "test": {
-            "@alias": "bsps-hw.bsps-hw.Check_if_RTC_(Real_Time_Clock)_can_work_correctly",
-            "author": [
-                {
-                    "email": "yi.zhao@windriver.com",
-                    "name": "yi.zhao@windriver.com"
-                }
-            ],
-            "execution": {
-                "1": {
-                    "action": "Read time from RTC registers.  root@localhost:/root> hwclock -r  Sun Mar 22 04:05:47 1970 -0.001948 seconds ",
-                    "expected_results": "Can read and set the time from RTC.\n"
-                },
-                "2": {
-                    "action": "Set system current time  root@localhost:/root> date 062309452008 ",
-                    "expected_results": ""
-                },
-                "3": {
-                    "action": "Synchronize the system current time to RTC registers  root@localhost:/root> hwclock -w ",
-                    "expected_results": ""
-                },
-                "4": {
-                    "action": "Read time from RTC registers  root@localhost:/root> hwclock -r ",
-                    "expected_results": ""
-                },
-                "5": {
-                    "action": "Reboot target and read time from RTC again\n",
-                    "expected_results": ""
-                }
-            },
-            "summary": "Check_if_RTC_(Real_Time_Clock)_can_work_correctly"
-        }
-    },
-    {
-        "test": {
             "@alias": "bsps-hw.bsps-hw.System_can_boot_up_via_NFS",
             "author": [
                 {
diff --git a/meta/lib/oeqa/manual/build-appliance.json b/meta/lib/oeqa/manual/build-appliance.json
index 70f8c72c9b..82a556e93e 100644
--- a/meta/lib/oeqa/manual/build-appliance.json
+++ b/meta/lib/oeqa/manual/build-appliance.json
@@ -48,7 +48,7 @@
                     "expected_results": ""
                 },
                 "3": {
-                    "action": "Install a new package to the image, for example, acpid. Set the following line in conf/local.conf: IMAGE_INSTALL_append = \" acpid\"",
+                    "action": "Install a new package to the image, for example, acpid. Set the following line in conf/local.conf: IMAGE_INSTALL:append = \" acpid\"",
                     "expected_results": ""
                 },
                 "4": {
diff --git a/meta/lib/oeqa/manual/crops.json b/meta/lib/oeqa/manual/crops.json
deleted file mode 100644
index 5cfa653843..0000000000
--- a/meta/lib/oeqa/manual/crops.json
+++ /dev/null
@@ -1,294 +0,0 @@
-[
-    {
-        "test": {
-            "@alias": "crops-default.crops-default.sdkext_eSDK_devtool_build_make",
-            "author": [
-                {
-                    "email": "francisco.j.pedraza.gonzalez@intel.com",
-                    "name": "francisco.j.pedraza.gonzalez@intel.com"
-                }
-            ],
-            "execution": {
-                "1": {
-                    "action": "IMPORTANT NOTE: The firsts 5 steps refer to configuration of the environment to run the rest of the steps. These only apply for CROPS-eSDK.    \n\n\n\n",
-                    "expected_results": ""
-                },
-                "2": {
-                    "action": " Initiate your Crops-esdk environment as it says in wiki https://github.com/crops/docker-win-mac-docs/wiki   \n\n",
-                    "expected_results": ""
-                },
-                "3": {
-                    "action": "Create the following tree of files  <crops-esdk-workdir-workspace>/sdkext/files/myapp <crops-esdk-workdir-workspace>/sdkext/files/myapp_cmake   \n\n\n",
-                    "expected_results": ""
-                },
-                "4": {
-                    "action": " Create the following files withing the myapp directory  myapp.c and the Makefile. Write the following inside of each file: \n---------------------------------------- \nMakefile should contain  \n\nall: myapp  \n\nmyapp: myapp.o \n\t$(CC) $(LDFLAGS) $< -o $@  \n\nmyapp.o: myapp.c  \n\t$(CC) $(CFLAGS) -c $< -o $@ \n\nclean: \n\trm -rf myapp.o myapp  \n\n-----------------------------  \nmyapp.c  shold contain  \n\n\n#include <stdio.h>    \n\nint \nmain(int argc, char *argv[]) \n{ \n\tprintf(\"Hello world\\n\"); \n \n\treturn 0; \n} \n------------------------------------  \n\n",
-                    "expected_results": "be sure that the indentations on the makefile are tabs not spaces.  \n\n"
-                },
-                "5": {
-                    "action": " Create the following files within the myapp_cmake directory CMakeLists.txt and myapp.c. Write the following inside each file:  \n\n------------------------------------ \nCMakeLists.txt should contain:  \n\ncmake_minimum_required (VERSION 2.6) \nproject (myapp) \n# The version number. \nset (myapp_VERSION_MAJOR 1) \nset (myapp_VERSION_MINOR 0)  \n\n# add the executable \nadd_executable (myapp myapp.c)  \n\ninstall(TARGETS myapp \nRUNTIME DESTINATION bin)  \n\n------------------------------------------ \nmyapp.c should contain:  \n\n#include <stdio.h>     \n\nint  \nmain(int argc, char *argv[])  \n{ \n\tprintf(\"Hello world\\n\");  \n\n\treturn 0; \n} \n-------------------------------------------------  \n\n",
-                    "expected_results": "Be sure that the indentations on CMakeLists.txt is tabs not spaces."
-                },
-                "6": {
-                    "action": " source environment-setup-i586-poky-linux  \n\n",
-                    "expected_results": "This should output a message that says SDK environment now set up; additionally you may now run devtool to perform development tasks etc etc ...   \n\n"
-                },
-                "7": {
-                    "action": " run command which devtool  \n\n",
-                    "expected_results": "this should output the directory of the devtool script and it should be within the sdk workdir you are working in.  \n\n  "
-                },
-                "8": {
-                    "action": "devtool add myapp <directory>(this is myapp dir)    \n\n\n",
-                    "expected_results": "The directory you should input is the myapp directory. This should automatically create the recipe myapp.bb under <crops-esdk-workdir-workspace>/recipes/myapp/myapp.bb"
-                },
-                "9": {
-                    "action": " devtool build myapp  \n\n",
-                    "expected_results": "This should compile an image"
-                },
-                "10": {
-                    "action": " devtool reset myapp  ",
-                    "expected_results": "This cleans sysroot of the myapp recipe, but it leaves the source tree intact. meaning it does not erase."
-                }
-            },
-            "summary": "sdkext_eSDK_devtool_build_make"
-        }
-    },
-    {
-        "test": {
-            "@alias": "crops-default.crops-default.sdkext_devtool_build_esdk_package",
-            "author": [
-                {
-                    "email": "francisco.j.pedraza.gonzalez@intel.com",
-                    "name": "francisco.j.pedraza.gonzalez@intel.com"
-                }
-            ],
-            "execution": {
-                "1": {
-                    "action": "IMPORTANT NOTE: The firsts 5 steps refer to configuration of the environment to run the rest of the steps. These only apply for CROPS-eSDK.    \n\n\n\n",
-                    "expected_results": ""
-                },
-                "2": {
-                    "action": " Initiate your Crops-esdk environment as it says in wiki https://github.com/crops/docker-win-mac-docs/wiki   \n\n",
-                    "expected_results": ""
-                },
-                "3": {
-                    "action": " Create the following tree of files    <crops-esdk-workdir-workspace>/sdkext/files/myapp/ \n <crops-esdk-workdir-workspace>/sdkext/files/myapp_cmake  \n\n",
-                    "expected_results": ""
-                },
-                "4": {
-                    "action": " Create the following files withing the myapp directory  myapp.c and the Makefile. Write the following inside of each file: \n---------------------------------------- \nMakefile should contain  \n\nall: myapp  \n\nmyapp: myapp.o \n\t$(CC) $(LDFLAGS) $< -o $@ \n\nmyapp.o: myapp.c  \n\t$(CC) $(CFLAGS) -c $< -o $@ \n\nclean: \n\trm -rf myapp.o myapp  \n\n-----------------------------  \nmyapp.c  shold contain  \n\n#include <stdio.h>   \n\nint \nmain(int argc, char *argv[]) \n{ \n\tprintf(\"Hello world\\n\"); \n \n\treturn 0; \n} \n------------------------------------  \n\n",
-                    "expected_results": "be sure that the indentations on the makefile are tabs not spaces.  \n\n"
-                },
-                "5": {
-                    "action": " Create the following files within the myapp_cmake directory CMakeLists.txt and myapp.c. Write the following inside each file:  \n\n------------------------------------ \nCMakeLists.txt should contain:  \n\ncmake_minimum_required (VERSION 2.6) \nproject (myapp) \n# The version number. \nset (myapp_VERSION_MAJOR 1) \nset (myapp_VERSION_MINOR 0)  \n\n# add the executable \nadd_executable (myapp myapp.c)  \n\ninstall(TARGETS myapp \nRUNTIME DESTINATION bin)  \n\n------------------------------------------ \nmyapp.c should contain:  \n\n#include<stdio.h>     \n\nint  \nmain(int argc, char *argv[])  \n{ \n\tprintf(\"Hello world\\n\");  \n\n\treturn 0; \n} \n-------------------------------------------------  \n\n",
-                    "expected_results": "Be sure that the indentations on CMakeLists.txt is tabs not spaces.  \n\n"
-                },
-                "6": {
-                    "action": " source environment-setup-i586-poky-linux  \n\n",
-                    "expected_results": "This should output a message that says SDK environment now set up; additionally you may now run devtool to perform development tasks etc etc ...  \n\n"
-                },
-                "7": {
-                    "action": " run command which devtool  \n\n",
-                    "expected_results": " this should output the directory of the devtool script and it should be within the sdk workdir you are working in.  \n\n"
-                },
-                "8": {
-                    "action": " devtool add myapp <directory>  (this is myapp dir)  \n\n",
-                    "expected_results": " The directory you should input is the myapp directory. This should automatically create the recipe myapp.bb under <crops-esdk-workdir-workspace>/recipes/myapp/myapp.bb  \n\n"
-                },
-                "9": {
-                    "action": " devtool package myapp  \n\n",
-                    "expected_results": " you should expect a package creation of myapp and it should be under the  /tmp/deploy/  \n\n"
-                },
-                "10": {
-                    "action": " devtool reset myapp  ",
-                    "expected_results": "This cleans sysroot of the myapp recipe, but it leaves the source tree intact. meaning it does not erase.\n</package_format>"
-                }
-            },
-            "summary": "sdkext_devtool_build_esdk_package"
-        }
-    },
-    {
-        "test": {
-            "@alias": "crops-default.crops-default.sdkext_devtool_build_cmake",
-            "author": [
-                {
-                    "email": "francisco.j.pedraza.gonzalez@intel.com",
-                    "name": "francisco.j.pedraza.gonzalez@intel.com"
-                }
-            ],
-            "execution": {
-                "1": {
-                    "action": "IMPORTANT NOTE: The firsts 5 steps refer to configuration of the environment to run the rest of the steps. These only apply for CROPS-eSDK.    \n\n\n\n",
-                    "expected_results": ""
-                },
-                "2": {
-                    "action": " Initiate your Crops-esdk environment as it says in wiki https://github.com/crops/docker-win-mac-docs/wiki   \n\n",
-                    "expected_results": ""
-                },
-                "3": {
-                    "action": " Create the following tree of files    <crops-esdk-workdir-workspace>/sdkext/files/myapp \n <crops-esdk-workdir-workspace>/sdkext/files/myapp_cmake  \n\n",
-                    "expected_results": ""
-                },
-                "4": {
-                    "action": " Create the following files withing the myapp directory  myapp.c and the Makefile. Write the following inside of each file: \n---------------------------------------- \nMakefile should contain  \n\nall: myapp  \n\nmyapp: myapp.o \n\t$(CC) $(LDFLAGS) $< -o $@ \n\nmyapp.o: myapp.c  \n\t$(CC) $(CFLAGS) -c $< -o $@ \n\nclean: \n\trm -rf myapp.o myapp  \n\n-----------------------------  \nmyapp.c  shold contain  \n\n#include <stdio.h>   \n\nint \nmain(int argc, char *argv[]) \n{ \n\tprintf(\"Hello world\\n\"); \n \n\treturn 0; \n} \n------------------------------------  \n\n",
-                    "expected_results": "be sure that the indentations on the makefile are tabs not spaces.   \n\n"
-                },
-                "5": {
-                    "action": " Create the following files within the myapp_cmake directory CMakeLists.txt and myapp.c. Write the following inside each file:  \n\n------------------------------------ \nCMakeLists.txt should contain:  \n\ncmake_minimum_required (VERSION 2.6) \nproject (myapp) \n# The version number. \nset (myapp_VERSION_MAJOR 1) \nset (myapp_VERSION_MINOR 0)  \n\n# add the executable \nadd_executable (myapp myapp.c)  \n\ninstall(TARGETS myapp \nRUNTIME DESTINATION bin)  \n\n------------------------------------------ \nmyapp.c should contain:  \n\n#include    \n\nint  \nmain(int argc, char *argv[])  \n{ \n\tprintf(\"Hello world\\n\");  \n\n\treturn 0; \n} \n-------------------------------------------------  \n\n",
-                    "expected_results": "Be sure that the indentations on CMakeLists.txt is tabs not spaces.  \n\n"
-                },
-                "6": {
-                    "action": " source environment-setup-i586-poky-linux  \n\n",
-                    "expected_results": "This should output a message that says SDK environment now set up; additionally you may now run devtool to perform development tasks etc etc ...  \n\n"
-                },
-                "7": {
-                    "action": " run command which devtool  \n\n",
-                    "expected_results": "this should output the directory of the devtool script and it should be within the sdk workdir you are working in.  \n\n"
-                },
-                "8": {
-                    "action": " devtool add myapp <directory>   (this is myapp_cmake dir)  \n\n",
-                    "expected_results": "The directory you should input is the myapp_cmake directory. This should automatically create the recipe myapp.bb under <crops-esdk-workdir-workspace>/recipes/myapp/myapp.bb  \n\n"
-                },
-                "9": {
-                    "action": " devtool build myapp  \n\n",
-                    "expected_results": "This should compile an image  \n\n"
-                },
-                "10": {
-                    "action": " devtool reset myapp  ",
-                    "expected_results": "This cleans sysroot of the myapp recipe, but it leaves the source tree intact. meaning it does not erase.  "
-                }
-            },
-            "summary": "sdkext_devtool_build_cmake"
-        }
-    },
-    {
-        "test": {
-            "@alias": "crops-default.crops-default.sdkext_extend_autotools_recipe_creation",
-            "author": [
-                {
-                    "email": "francisco.j.pedraza.gonzalez@intel.com",
-                    "name": "francisco.j.pedraza.gonzalez@intel.com"
-                }
-            ],
-            "execution": {
-                "1": {
-                    "action": "IMPORTANT NOTE: The firsts 2 steps refer to configuration of the environment to run the rest of the steps. These only apply for CROPS-eSDK.    \n\n\n\n",
-                    "expected_results": ""
-                },
-                "2": {
-                    "action": "Initiate your Crops-esdk environment as it says in wiki https://github.com/crops/docker-win-mac-docs/wiki   \n\n",
-                    "expected_results": ""
-                },
-                "3": {
-                    "action": " source environment-setup-i586-poky-linux  \n\n",
-                    "expected_results": " This should output a message that says SDK environment now set up; additionally you may now run devtool to perform development tasks etc etc ...   \n\n"
-                },
-                "4": {
-                    "action": "run command which devtool  \n\n",
-                    "expected_results": "this should output the directory of the devtool script and it should be within the sdk workdir you are working in.   \n\n"
-                },
-                "5": {
-                    "action": "devtool sdk-install -s libxml2  \n\n",
-                    "expected_results": "this should install libxml2   \n\n"
-                },
-                "6": {
-                    "action": "devtool add librdfa  https://github.com/rdfa/librdfa  \n\n",
-                    "expected_results": "This should automatically create the recipe librdfa.bb under /recipes/librdfa/librdfa.bb   \n\n"
-                },
-                "7": {
-                    "action": "devtool build librdfa  \n\n",
-                    "expected_results": "This should compile   \n\n"
-                },
-                "8": {
-                    "action": "devtool reset librdfa  ",
-                    "expected_results": "This cleans sysroot of the librdfa recipe, but it leaves the source tree intact. meaning it does not erase."
-                }
-            },
-            "summary": "sdkext_extend_autotools_recipe_creation"
-        }
-    },
-    {
-        "test": {
-            "@alias": "crops-default.crops-default.sdkext_devtool_kernelmodule",
-            "author": [
-                {
-                    "email": "francisco.j.pedraza.gonzalez@intel.com",
-                    "name": "francisco.j.pedraza.gonzalez@intel.com"
-                }
-            ],
-            "execution": {
-                "1": {
-                    "action": "IMPORTANT NOTE: The firsts 2 steps refer to configuration of the environment to run the rest of the steps. These only apply for CROPS-eSDK.    \n\n\n",
-                    "expected_results": ""
-                },
-                "2": {
-                    "action": " Initiate your Crops-esdk environment as it says in wiki https://github.com/crops/docker-win-mac-docs/wiki   \n\n",
-                    "expected_results": ""
-                },
-                "3": {
-                    "action": "source environment-setup-i586-poky-linux   \n\n",
-                    "expected_results": "This should output a message that says SDK environment now set up; additionally you may now run devtool to perform development tasks etc etc ...   \n \n"
-                },
-                "4": {
-                    "action": "run command which devtool  \n\n",
-                    "expected_results": "this should output the directory of the devtool script and it should be within the sdk workdir you are working in.   \n\n"
-                },
-                "5": {
-                    "action": "devtool add kernel-module-hello-world https://git.yoctoproject.org/git/kernel-module-hello-world \n\n",
-                    "expected_results": "This should automatically create the recipe kernel-module-hello-world.bb under <crops-esdk-workdir-workspace>/recipes/kernel-module-hello-world/kernel-module-hello-world.bb "
-                },
-                "6": {
-                    "action": "devtool build kernel-module-hello-world   \n\n",
-                    "expected_results": "This should compile an image   \n\n"
-                },
-                "7": {
-                    "action": "devtool reset kernel-module-hello-world   ",
-                    "expected_results": "This cleans sysroot of the kernel-module-hello-world recipe, but it leaves the source tree intact. meaning it does not erase."
-                }
-            },
-            "summary": "sdkext_devtool_kernelmodule"
-        }
-    },
-    {
-        "test": {
-            "@alias": "crops-default.crops-default.sdkext_recipes_for_nodejs",
-            "author": [
-                {
-                    "email": "francisco.j.pedraza.gonzalez@intel.com",
-                    "name": "francisco.j.pedraza.gonzalez@intel.com"
-                }
-            ],
-            "execution": {
-                "1": {
-                    "action": "IMPORTANT NOTE: The firsts 2 steps refer to configuration of the environment to run the rest of the steps. These only apply for CROPS-eSDK.    \n\n\nlets say variable npm = npm://registry.npmjs.org;name=winston;version=2.2.0   \n\n",
-                    "expected_results": ""
-                },
-                "2": {
-                    "action": "Initiate your Crops-esdk environment as it says in wiki https://github.com/crops/docker-win-mac-docs/wiki   \n\n",
-                    "expected_results": ""
-                },
-                "3": {
-                    "action": "source environment-setup-i586-poky-linux   \n\n",
-                    "expected_results": "This should output a message that says SDK environment now set up; additionally you may now run devtool to perform development tasks etc etc ...   \n\n"
-                },
-                "4": {
-                    "action": "run command which devtool   \n\n",
-                    "expected_results": "this should output the directory of the devtool script and it should be within the sdk workdir you are working in.  \n\n"
-                },
-                "5": {
-                    "action": " 4a) git clone git://git.openembedded.org/meta-openembedded in  layers/build  directory   \n \n4b) Add meta-openembedded/meta-oe in bblayer.conf as mentioned below: ${SDKBASEMETAPATH}/layers/build/meta-openembedded/meta-oe \\   \n\n4c) devtool add \"npm://registry.npmjs.org;name=npm;version=2.2.0\"   \n\n",
-                    "expected_results": " This should automatically create the recipe npm.bb under /recipes/npm/npm.bb  \n\n"
-                },
-                "6": {
-                    "action": "devtool build npm   \n\n",
-                    "expected_results": "This should compile an image  \n\n"
-                },
-                "7": {
-                    "action": " devtool reset npm",
-                    "expected_results": "This cleans sysroot of the npm recipe, but it leaves the source tree intact. meaning it does not erase."
-                }
-            },
-            "summary": "sdkext_recipes_for_nodejs"
-        }
-    }
-]
diff --git a/meta/lib/oeqa/manual/eclipse-plugin.json b/meta/lib/oeqa/manual/eclipse-plugin.json
deleted file mode 100644
index d77d0e673b..0000000000
--- a/meta/lib/oeqa/manual/eclipse-plugin.json
+++ /dev/null
@@ -1,322 +0,0 @@
-[
-    {
-        "test": {
-            "@alias": "eclipse-plugin.eclipse-plugin.support_SSH_connection_to_Target",
-            "author": [
-                {
-                    "email": "ee.peng.yeoh@intel.com",
-                    "name": "ee.peng.yeoh@intel.com"
-                }
-            ],
-            "execution": {
-                "1": {
-                    "action": "In Eclipse, swich to Remote System Explorer to create a connention baseed on SSH, input the remote target IP address as the Host name, make sure disable the proxy in Window->Preferences->General->Network Connection, set Direct as Active Provider field.  ",
-                    "expected_results": "the connection based on SSH could be set up."
-                },
-                "2": {
-                    "action": "Configure connection from Eclipse: Run->Run Configurations->C/C++ Remote Application\\ ->New Connection->General->SSH Only  ",
-                    "expected_results": ""
-                },
-                "3": {
-                    "action": "Then right click to connect, input the user ID and password.  ",
-                    "expected_results": ""
-                },
-                "4": {
-                    "action": "expand the connection, it will show the Sftp Files etc.   \nNOTE. Might need to change dropbear to openssh and add the packagegroup-core-eclipse-debug recipe",
-                    "expected_results": ""
-                }
-            },
-            "summary": "support_SSH_connection_to_Target"
-        }
-    },
-    {
-        "test": {
-            "@alias": "eclipse-plugin.eclipse-plugin.Launch_QEMU_from_Eclipse",
-            "author": [
-                {
-                    "email": "ee.peng.yeoh@intel.com",
-                    "name": "ee.peng.yeoh@intel.com"
-                }
-            ],
-            "execution": {
-                "1": {
-                    "action": "Set the Yocto ADT's toolchain root location, sysroot location and kernel, in the menu Window -> Preferences -> Yocto ADT.   \n \n",
-                    "expected_results": ""
-                },
-                "2": {
-                    "action": "wget  autobuilder.yoctoproject.org/pub/releases//machines/qemu/qemux86/qemu (ex:core-image-sato-sdk-qemux86-date-rootfs-tar-bz2) \nsource /opt/poky/version/environment-setup-i585-poky-linux  \n\nExtract qemu with runqemu-extract-sdk /home/user/file(ex.core-image-sato-sdk-qemux86.bz2) \n/home/user/qemux86-sato-sdk  \n\n",
-                    "expected_results": " Qemu can be lauched normally."
-                },
-                "3": {
-                    "action": "(a)Point to the Toolchain:  \n \nIf you are using a stand-alone pre-built toolchain, you should be pointing to the /opt/poky/{test-version} directory as Toolchain Root Location. This is the default location for toolchains installed by the ADT Installer or by hand. If ADT is installed in other location, use that location as Toolchain location.\nIf you are using a system-derived toolchain, the path you provide for the Toolchain Root Location field is the Yocto Project's build directory.  \n \n           E.g:/home/user/yocto/poky/build \n",
-                    "expected_results": ""
-                },
-                "4": {
-                    "action": "(b)Specify the Sysroot Location: \nSysroot Location is the location where the root filesystem for the target hardware is created on the development system by the ADT Installer (SYSROOT in step 2 of the case ADT installer Installation).  \n   \n         Local :     e.g: /home/user/qemux86-sato-sdk \nUsing ADT : e.g :/home/user/test-yocto/qemux86  \n\n",
-                    "expected_results": ""
-                },
-                "5": {
-                    "action": "(c)Select the Target Architecture:  \n \nThe target architecture is the type of hardware you are going to use or emulate. Use the pull-down Target Architecture menu to make your selection.  \n \n\n",
-                    "expected_results": ""
-                },
-                "6": {
-                    "action": "(d) QEMU: \nSelect this option if you will be using the QEMU emulator. Specify the Kernel matching the QEMU architecture you are using. \n      wget  autobuilder.yoctoproject.org/pub/releases//machines/qemu/qemux86/bzImage-qemux86.bin \n      e.g: /home/$USER/yocto/adt-installer/download_image/bzImage-qemux86.bin  \n\n",
-                    "expected_results": ""
-                },      
-                "7": {
-                    "action": "(e) select OK to save the settings.  \n\n\n1: In the Eclipse toolbar, expose the Run -> External Tools menu. Your image should appear as a selectable menu item.  \n2: Select your image in the navigation pane to launch the emulator in a new window. \n3: If needed, enter your host root password in the shell window at the prompt. This sets up a Tap 0 connection needed for running in user-space NFS mode. \n",
-                    "expected_results": ""
-                }                               
-            },
-            "summary": "Launch_QEMU_from_Eclipse"
-        }
-    },
-    {
-        "test": {
-            "@alias": "eclipse-plugin.eclipse-plugin.Relocatable_SDK_-_C_-_Build_Hello_World_ANSI_C_Autotools_Project",
-            "author": [
-                {
-                    "email": "ee.peng.yeoh@intel.com",
-                    "name": "ee.peng.yeoh@intel.com"
-                }
-            ],
-            "execution": {
-                "1": {
-                    "action": "Launch a QEMU of target environment.(Reference to case \"ADT - Launch qemu by eclipse\") ",
-                    "expected_results": ""
-                },
-                "2": {
-                    "action": "Select File -> New -> Project.",
-                    "expected_results": ""
-                },
-                "3": {
-                    "action": "Double click C/C++.",
-                    "expected_results": ""
-                },
-                "4": {
-                    "action": "Click C or C++ Project to create the project.",
-                    "expected_results": ""
-                },
-                "5": {
-                    "action": "Expand Yocto ADT Project.",
-                    "expected_results": ""
-                },
-                "6": {
-                    "action": "Select Hello World ANSI C Autotools Project.",
-                    "expected_results": ""
-                },
-                "7": {
-                    "action": "Put a name in the Project name. Do not use hyphens as part of the name. \n \n",
-                    "expected_results": ""
-                },
-                "8": {
-                    "action": "Click Next.",
-                    "expected_results": ""
-                },
-                "9": {
-                    "action": "Add information in the Author and Copyright notice fields. \n1",
-                    "expected_results": ""
-                },
-                "10": {
-                    "action": "Click Finish. \n1",
-                    "expected_results": ""
-                },
-                "11": {
-                    "action": "If the \"open perspective\" prompt appears, click \"Yes\" so that you open the C/C++ perspective. \n1",
-                    "expected_results": ""
-                },
-                "12": {
-                    "action": "In the Project Explorer window, right click the project -> Reconfigure project. \n1",
-                    "expected_results": ""
-                },
-                "13": {
-                    "action": "In the Project Explorer window, right click the project -> Build project. \n1",
-                    "expected_results": "Under the Project files, a new folder appears called Binaries. This indicates that the compilation have been successful and the project binary have been created. \n"
-                },
-                "14": {
-                    "action": "Right click it again and Run as -> Run Configurations.  \n\t\t\tUnder Run Configurations expand \"C/C++ Remote Application\". A configuration for the current project should appear. Clicking it will display the configuration settings. \n\t\t\tin \"C/C++ Application\" field input Remote Absolute File path for C/C++ Application. e.g.: /home/root/myapplication \n\t\t\tIn \"Connection\" drop-down list make sure a TCF connection is set up for your target. If not, create a new one by clicking the New button. \n1",
-                    "expected_results": "step 14 to step 16 -> Build succeed and the console outputs Hello world, you can also check the output on target."
-                },
-                "15": {
-                    "action": "After all settings are done, select the Run button on the bottom right corner \n\n1",
-                    "expected_results": ""
-                },
-                "16": {
-                    "action": "Repeat the steps 14-15, but instead of using Run Configurations use Debug Configurations: \nRight click it again and Debug as -> Debug Configurations \nUnder Debug Configurations expand \"C/C++ Remote Application\". A configuration for the current project should appear. Clicking it will display the configuration settings. \nin \"C/C++ Application\" field input Remote Absolute File path for C/C++ Application.\ne.g.: /home/root/myapplication \nIn \"Connection\" drop-down list make sure a TCF connection is set up for your target. If not, create a new one by clicking the New button \n1",
-                    "expected_results": ""
-                },
-                "17": {
-                    "action": "After all settings are done, select the Debug button on the bottom right corner",
-                    "expected_results": ""
-                }
-            },
-            "summary": "Relocatable_SDK_-_C_-_Build_Hello_World_ANSI_C_Autotools_Project"
-        }
-    },
-    {
-        "test": {
-            "@alias": "eclipse-plugin.eclipse-plugin.Relocatable_SDK_-_C++_-_Build_Hello_World_C++_Autotools_project",
-            "author": [
-                {
-                    "email": "ee.peng.yeoh@intel.com",
-                    "name": "ee.peng.yeoh@intel.com"
-                }
-            ],
-            "execution": {
-                "1": {
-                    "action": "Launch a QEMU of target environment.(Reference to case \"ADT - Launch qemu by eclipse\") ",
-                    "expected_results": ""
-                },
-                "2": {
-                    "action": "Select File -> New -> Project. ",
-                    "expected_results": ""
-                },
-                "3": {
-                    "action": "Double click C/C++. ",
-                    "expected_results": ""
-                },
-                "4": {
-                    "action": "Click C or C++ Project to create the project. ",
-                    "expected_results": ""
-                },
-                "5": {
-                    "action": "Expand Yocto ADT Project. ",
-                    "expected_results": ""
-                },
-                "6": {
-                    "action": "Select Hello World ANSI C++ Autotools Project. ",
-                    "expected_results": ""
-                },
-                "7": {
-                    "action": "Put a name in the Project name. Do not use hyphens as part of the name.  \n \n",
-                    "expected_results": ""
-                },
-                "8": {
-                    "action": "Click Next.",
-                    "expected_results": ""
-                },
-                "9": {
-                    "action": "Add information in the Author and Copyright notice fields.",
-                    "expected_results": ""
-                },
-                "10": {
-                    "action": "Click Finish. \n1",
-                    "expected_results": ""
-                },
-                "11": {
-                    "action": "If the \"open perspective\" prompt appears, click \"Yes\" so that you open the C/C++ perspective. \n1",
-                    "expected_results": ""
-                },
-                "12": {
-                    "action": "In the Project Explorer window, right click the project -> Reconfigure project. \n1",
-                    "expected_results": ""
-                },
-                "13": {
-                    "action": "In the Project Explorer window, right click the project -> Build project. \n\n1",
-                    "expected_results": "under the Project files, a new folder appears called Binaries. This indicates that the compilation have been successful and the project binary have been created.  \n"
-                },
-                "14": {
-                    "action": "Right click it again and Run as -> Run Configurations. \n\t\t\tUnder Run Configurations expand \"C/C++ Remote Application\". A configuration for the current project should appear. Clicking it will display the configuration settings. \n\t\t\tin \"C/C++ Application\" field input Remote Absolute File path for C/C++ Application. e.g.: /home/root/myapplication \n\t\t\tIn \"Connection\" drop-down list make sure a TCF connection is set up for your target. If not, create a new one by clicking the New button. \n1",
-                    "expected_results": "step 14 to step 16 -> Build succeed and the console outputs Hello world, you can also check the output on target."
-                },
-                "15": {
-                    "action": "After all settings are done, select the Run button on the bottom right corner \n\n1",
-                    "expected_results": ""
-                },
-                "16": {
-                    "action": "Repeat the steps 14-15, but instead of using Run Configurations use Debug Configurations: \n\t\tRight click it again and Debug as -> Debug Configurations \n\t\tUnder Debug Configurations expand \"C/C++ Remote Application\". A configuration for the current project should appear. Clicking it will display the configuration settings. \n\t\tin \"C/C++ Application\" field input Remote Absolute File path for C/C++ Application. \n\t\te.g.: /home/root/myapplication \n\t\tIn \"Connection\" drop-down list make sure a TCF connection is set up for your target. If not, create a new one by clicking the New button \n1",
-                    "expected_results": ""
-                },
-                "17": {
-                    "action": "After all settings are done, select the Debug button on the bottom right corner",
-                    "expected_results": ""
-                }
-            },
-            "summary": "Relocatable_SDK_-_C++_-_Build_Hello_World_C++_Autotools_project"
-        }
-    },
-    {
-        "test": {
-            "@alias": "eclipse-plugin.eclipse-plugin.Build_Eclipse_Plugin_from_source",
-            "author": [
-                {
-                    "email": "laurentiu.serban@intel.com",
-                    "name": "laurentiu.serban@intel.com"
-                }
-            ],
-            "execution": {
-                "1": {
-                    "action": "Clone eclipse-poky source.   \n    \n    - git clone git://git.yoctoproject.org/eclipse-poky  \n\n",
-                    "expected_results": "Eclipse plugin is successfully installed  \n\nDocumentation is there. For example if you have release yocto-2.0.1 you will found on   http://autobuilder.yoctoproject.org/pub/releases/yocto-2.0.1/eclipse-plugin/mars/  archive with documentation like org.yocto.doc-development-$date.zip  \n  \n"
-                },
-                "2": {
-                    "action": "Checkout correct tag.  \n\n    - git checkout <eclipse-version>/<yocto-version> \n\n",
-                    "expected_results": "After plugin is build you must have  4 archive in foder scripts from eclipse-poky:  \n     - org.yocto.bc - mars-master-$date.zip  \n     - org.yocto.doc - mars-master-$date.zip    --> documentation  \n     - org.yocto.sdk - mars-master-$date.zip       \n     - org.yocto.sdk - mars-master-$date.-archive.zip  --> plugin  "
-                },
-                "3": {
-                    "action": "Move to scripts/ folder.  \n\n",
-                    "expected_results": ""
-                },
-                "4": {
-                    "action": "Run ./setup.sh  \n\n",
-                    "expected_results": ""
-                },
-                "5": {
-                    "action": "When the script finishes, it prompts a command to issue to build the plugin. It should look similar to the following:  \n\n$ ECLIPSE_HOME=/eclipse-poky/scripts/eclipse ./build.sh /&1 | tee -a build.log  \n\nHere, the three arguments to the build script are tag name, branch for documentation and release name.  \n\n",
-                    "expected_results": ""
-                },
-                "6": {
-                    "action": "On an eclipse without the Yocto Plugin, select \"Install New Software\" from Help pull-down menu  \n\n",
-                    "expected_results": ""
-                },
-                "7": {
-                    "action": "Select Add and from the dialog choose Archive...  Look for the *archive.zip file that was built previously with the build.sh script. Click OK.  \n\n",
-                    "expected_results": ""
-                },
-                "8": {
-                    "action": "Select all components and proceed with Installation of plugin. Restarting eclipse might be required.\n",
-                    "expected_results": ""
-                }
-            },
-            "summary": "Build_Eclipse_Plugin_from_source"
-        }
-    },
-    {
-        "test": {
-            "@alias": "eclipse-plugin.eclipse-plugin.Eclipse_Poky_installation_and_setup",
-            "author": [
-                {
-                    "email": "ee.peng.yeoh@intel.com",
-                    "name": "ee.peng.yeoh@intel.com"
-                }
-            ],
-            "execution": {
-                "1": {
-                    "action": "Install SDK  \n\ta)Download https://autobuilder.yocto.io/pub/releases//toolchain/x86_64/poky-glibc-x86_64-core-\timage-sato-i586-toolchain-.sh  \n\tb)Run the SDK installer and accept the default installation directory ",
-                    "expected_results": ""
-                },
-                "2": {
-                    "action": "Install \"Eclipse IDE for C/C++ Developers\" Oxygen release (4.7.0)  \n\ta) Go to https://www.eclipse.org/downloads/packages/all, click \"Oxygen R\"  \n\tb) Click to download the build for your OS  \n\tc) Click \"Download\" button to download from a mirror  \n\td) Run \"tar xf\" to extract the downloaded archive  ",
-                    "expected_result": ""
-                },
-                "3": {
-                    "action": "Install \"Eclipse IDE for C/C++ Developers\" Oxygen release (4.7.0) (Continue)  \n\te) Run \"eclipse/eclipse\" to start Eclipse  \n\tf) Optional step for host machine within Intel network: In Eclipse workbench window, go to \"Window\" menu -> \"Preferences...\".  \n\tg) In \"Preferences\" dialog, go to \"General\" -> \"Network Connections\", set \"Active Provider\" to \"Manual\". In \"Proxy \tentries\" table, select HTTP and click \"Edit\" and enter host \"proxy-chain.intel.com\" port 911, click OK. Repeat for HTTPS with port 912 \nClick OK to close \"Preferences\" dialog.  \n\th) Go to \"File\" menu -> \"Restart\" to restart Eclipse for proxy settings to take effect. ",
-                    "expected_result": ""
-                },
-                "4": {
-                    "action": "Install Eclipse Poky plugins  \n\ta) Download https://autobuilder.yocto.io/pub/releases/<yocto-version>/eclipse-plugin/<eclipse-version>/org.yocto.sdk-development-<date>-archive.zip   \n\tb) In Eclipse workbench window, go to \"Help\" menu -> \"Install New Software...\"  \n\tc) In \"Install\" dialog, click \"Add...\" button  \n\td) In \"Add Repository\" dialog, enter \"Eclipse Poky\" for (repository) Name, click \"Archive...\"  ",
-                    "expected_results": ""
-                },
-                "5": {
-                    "action": "Install Eclipse Poky plugins (continue)  \n\te) In \"Repository archive\" browse dialog, select the downloaded Eclipse Poky repository archive  \n\tf) Back in \"Add Repository\" dialog, click \"OK\"  \n\tg) Back in \"Install\" dialog, make sure \"Work with:\" is set to \"Eclipse Poky\" repository, tick \"Yocto Project \tDocumentation Plug-in\" and \"Yocto Project SDK Plug-in\", click \"Next >\" and verify plugins/features name/version, \tclick \"Next >\" and accept license agreement, click \"Finish\"  \n\th) If \"Security Warning\" dialog appears, click \"OK\" to install unsigned content.  \n\ti) In \"Software Updates\" dialog, click \"Yes\" to restart Eclipse to complete Eclipse Poky plugins installation. ",
-                    "expected_results": ""
-                },
-                "6": {
-                    "action": "Setup Eclipse Poky to use SDK  \n\ta) In Eclipse workbench window, go to \"Window\" menu -> \"Preferences\".  \n\tb) In \"Preferences\" window, go to \"Yocto Project SDK\", in \"Cross Compiler Options\" frame, select \"Standalone pre-\tbuilt toolchain\".  ",
-                    "expected_results": "Eclipse Poky plugins installed and running successfully, e.g. observe that \"Yocto Project Tools\" menu is available on Eclipse workbench window."
-                }
-            },
-            "summary": "Eclipse_Poky_installation_and_setup"
-        }
-    }
-]
diff --git a/meta/lib/oeqa/manual/sdk.json b/meta/lib/oeqa/manual/sdk.json
index 434982f7f5..21d892d26d 100644
--- a/meta/lib/oeqa/manual/sdk.json
+++ b/meta/lib/oeqa/manual/sdk.json
@@ -26,7 +26,7 @@
                     "expected_results": "Expect both qemu to boot up successfully."
                 }
             },
-            "summary": "test_install_cross_toolchain_can_run_multiple_qemu_for_x86"
+            "summary": "test_install_cross_toolchain_can_run_multiple_qemu_for:x86"
         }
     }
 ]
\ No newline at end of file
diff --git a/meta/lib/oeqa/manual/toaster-managed-mode.json b/meta/lib/oeqa/manual/toaster-managed-mode.json
index 12374c7c64..1a71985c3c 100644
--- a/meta/lib/oeqa/manual/toaster-managed-mode.json
+++ b/meta/lib/oeqa/manual/toaster-managed-mode.json
@@ -136,7 +136,7 @@
           "expected_results": ""
         },
         "3": {
-          "action": "Check that default values are as follows: \n\tDISTRO - poky \n\tIMAGE_FSTYPES - ext3 jffs2 tar.bz2 \n\tIMAGE_INSTALL_append - \"Not set\" \n\tPACKAGE_CLASES - package_rpm \n        SSTATE_DIR  - /homeDirectory/poky/sstate-cache \n\n",
+          "action": "Check that default values are as follows: \n\tDISTRO - poky \n\tIMAGE_FSTYPES - ext3 jffs2 tar.bz2 \n\tIMAGE_INSTALL:append - \"Not set\" \n\tPACKAGE_CLASSES - package_rpm \n        SSTATE_DIR  - /homeDirectory/poky/sstate-cache \n\n",
           "expected_results": ""
         },
         "4": {
@@ -186,7 +186,7 @@
           "expected_results": ""
         },
         "7": {
-          "action": "IMAGE_INSTALL_append: \n\t- check that the \"change\" icon is present (represented by a pen icon) \n\t- click on the \"change\" icon and check that the variable becomes a text field, populated with the current value of the variable.  \n\n\t- check that the save button is disabled when the text field is empty \n\t- insert test in the text field (for example \"package1\") and hit save; be aware that there is no input validation for this variable \n\t- check that a new \"delete\" icon(a trashcan) has appeared next to the pen icon \n\t- check that clicking on the trashcan icon resets the value to \"Not set\" and makes the trashcan icon dissapear  \n\n",
+          "action": "IMAGE_INSTALL:append: \n\t- check that the \"change\" icon is present (represented by a pen icon) \n\t- click on the \"change\" icon and check that the variable becomes a text field, populated with the current value of the variable.  \n\n\t- check that the save button is disabled when the text field is empty \n\t- insert test in the text field (for example \"package1\") and hit save; be aware that there is no input validation for this variable \n\t- check that a new \"delete\" icon(a trashcan) has appeared next to the pen icon \n\t- check that clicking on the trashcan icon resets the value to \"Not set\" and makes the trashcan icon dissapear  \n\n",
           "expected_results": ""
         },
         "8": {
@@ -1574,7 +1574,7 @@
           "expected_results": "Open bitbake variables page. \n\n\t"
         },
         "5": {
-          "action": "Click on change button for IMAGE_INSTALL_append and add a variable (ex: acpid). \n\n",
+          "action": "Click on change button for IMAGE_INSTALL:append and add a variable (ex: acpid). \n\n",
           "expected_results": "Variable added. \n\n\t"
         },
         "6": {
@@ -1590,7 +1590,7 @@
           "expected_results": "You should get results for ssh packages."
         }
       },
-      "summary": "Test_IMAGE_INSTALL_append_variable"
+      "summary": "Test_IMAGE_INSTALL:append_variable"
     }
   },
   {
@@ -2348,7 +2348,7 @@
           "expected_results": ""
         },
         "3": {
-          "action": "Build 6 recipes example (core-image-sato, core-image-minimal, core-image-base, core-image-clutter) to name a few. ",
+          "action": "Build 6 recipes example (core-image-sato, core-image-minimal, core-image-base) to name a few. ",
           "expected_results": " All recipes are built correctly \n\n"
         },
         "4": {
@@ -2382,7 +2382,7 @@
           "expected_results": ""
         },
         "3": {
-          "action": "Build 6 recipes example (core-image-sato, core-image-minimal, core-image-base, core-image-clutter) to name a few. \n\n",
+          "action": "Build 6 recipes example (core-image-sato, core-image-minimal, core-image-base) to name a few. \n\n",
           "expected_results": "All recipes are built correctly \n\n"
         },
         "4": {
@@ -2420,7 +2420,7 @@
           "expected_results": ""
         },
         "3": {
-          "action": "Build 4 recipes example (core-image-sato, core-image-minimal, core-image-base, core-image-clutter) to name a few. \n\n",
+          "action": "Build 4 recipes example (core-image-sato, core-image-minimal, core-image-base) to name a few. \n\n",
           "expected_results": " All recipes are built correctly \n\n"
         },
         "4": {
@@ -2569,4 +2569,4 @@
       "summary": "Download_task_log"
     }
   }
-]
\ No newline at end of file
+]
diff --git a/meta/lib/oeqa/oetest.py b/meta/lib/oeqa/oetest.py
index 9c84466dd0..bcb6a878c7 100644
--- a/meta/lib/oeqa/oetest.py
+++ b/meta/lib/oeqa/oetest.py
@@ -28,7 +28,7 @@ try:
     import oeqa.sdkext
 except ImportError:
     pass
-from oeqa.utils.decorators import LogResults, gettag, getResults
+from oeqa.utils.decorators import LogResults, gettag
 
 logger = logging.getLogger("BitBake")
 
@@ -57,7 +57,6 @@ def filterByTagExp(testsuite, tagexp):
 @LogResults
 class oeTest(unittest.TestCase):
 
-    pscmd = "ps"
     longMessage = True
 
     @classmethod
@@ -110,20 +109,6 @@ class oeRuntimeTest(oeTest):
     def tearDown(self):
         # Uninstall packages in the DUT
         self.tc.install_uninstall_packages(self.id(), False)
-
-        res = getResults()
-        # If a test fails or there is an exception dump
-        # for QemuTarget only
-        if (type(self.target).__name__ == "QemuTarget" and
-                (self.id() in res.getErrorList() or
-                self.id() in  res.getFailList())):
-            self.tc.host_dumper.create_dir(self._testMethodName)
-            self.tc.host_dumper.dump_host()
-            self.target.target_dumper.dump_target(
-                    self.tc.host_dumper.dump_dir)
-            print ("%s dump data stored in %s" % (self._testMethodName,
-                     self.tc.host_dumper.dump_dir))
-
         self.tearDownLocal()
 
     # Method to be run after tearDown and implemented by child classes
@@ -256,7 +241,7 @@ class TestContext(object):
 
         modules = []
         for test in self.testslist:
-            if re.search("\w+\.\w+\.test_\S+", test):
+            if re.search(r"\w+\.\w+\.test_\S+", test):
                 test = '.'.join(t.split('.')[:3])
             module = pkgutil.get_loader(test)
             modules.append(module)
@@ -398,11 +383,6 @@ class RuntimeTestContext(TestContext):
     def _get_test_suites_required(self):
         return [t for t in self.d.getVar("TEST_SUITES").split() if t != "auto"]
 
-    def loadTests(self):
-        super(RuntimeTestContext, self).loadTests()
-        if oeTest.hasPackage("procps"):
-            oeRuntimeTest.pscmd = "ps -ef"
-
     def extract_packages(self):
         """
         Find packages that will be needed during runtime.
diff --git a/meta/lib/oeqa/runtime/case.py b/meta/lib/oeqa/runtime/case.py
index f036982e1f..2a47771a3d 100644
--- a/meta/lib/oeqa/runtime/case.py
+++ b/meta/lib/oeqa/runtime/case.py
@@ -4,6 +4,9 @@
 # SPDX-License-Identifier: MIT
 #
 
+import os
+import subprocess
+import time
 from oeqa.core.case import OETestCase
 from oeqa.utils.package_manager import install_package, uninstall_package
 
@@ -18,3 +21,18 @@ class OERuntimeTestCase(OETestCase):
     def tearDown(self):
         super(OERuntimeTestCase, self).tearDown()
         uninstall_package(self)
+
+def run_network_serialdebug(runner):
+    if not runner:
+        return
+    status, output = runner.run_serial("ip addr")
+    print("ip addr on target: %s %s" % (output, status))
+    status, output = runner.run_serial("ping -c 1 %s" % self.target.server_ip)
+    print("ping on target for %s: %s %s" % (self.target.server_ip, output, status))
+    status, output = runner.run_serial("ping -c 1 %s" % self.target.ip)
+    print("ping on target for %s: %s %s" % (self.target.ip, output, status))
+    # Have to use a full path for netstat which isn't in HOSTTOOLS
+    subprocess.call(["/usr/bin/netstat", "-tunape"])
+    subprocess.call(["/usr/bin/netstat", "-ei"])
+    subprocess.call(["ps", "-awx"], shell=True)
+    print("PID: %s %s" % (str(os.getpid()), time.time()))
diff --git a/meta/lib/oeqa/runtime/cases/_qemutiny.py b/meta/lib/oeqa/runtime/cases/_qemutiny.py
index 6886e36502..816fd4a7cb 100644
--- a/meta/lib/oeqa/runtime/cases/_qemutiny.py
+++ b/meta/lib/oeqa/runtime/cases/_qemutiny.py
@@ -1,12 +1,19 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
 from oeqa.runtime.case import OERuntimeTestCase
+from oeqa.core.target.qemu import OEQemuTarget
 
 class QemuTinyTest(OERuntimeTestCase):
 
     def test_boot_tiny(self):
-        status, output = self.target.run_serial('uname -a')
-        msg = "Cannot detect poky tiny boot!"
-        self.assertTrue("yocto-tiny" in output, msg)
+        # Until the target has explicit run_serial support, check that the
+        # target is the qemu runner
+        if isinstance(self.target, OEQemuTarget):
+            status, output = self.target.runner.run_serial('uname -a')
+            self.assertIn("Linux", output)
+        else:
+            self.skipTest("Target %s is not OEQemuTarget" % self.target)
diff --git a/meta/lib/oeqa/runtime/cases/apt.py b/meta/lib/oeqa/runtime/cases/apt.py
index 53745df93f..8000645843 100644
--- a/meta/lib/oeqa/runtime/cases/apt.py
+++ b/meta/lib/oeqa/runtime/cases/apt.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -21,7 +23,7 @@ class AptRepoTest(AptTest):
 
     @classmethod
     def setUpClass(cls):
-        service_repo = os.path.join(cls.tc.td['DEPLOY_DIR_DEB'], 'all')
+        service_repo = os.path.join(cls.tc.td['DEPLOY_DIR_DEB'], '')
         cls.repo_server = HTTPService(service_repo,
                                       '0.0.0.0', port=cls.tc.target.server_port,
                                       logger=cls.tc.logger)
@@ -34,20 +36,44 @@ class AptRepoTest(AptTest):
     def setup_source_config_for_package_install(self):
         apt_get_source_server = 'http://%s:%s/' % (self.tc.target.server_ip, self.repo_server.port)
         apt_get_sourceslist_dir = '/etc/apt/'
-        self.target.run('cd %s; echo deb [ allow-insecure=yes ] %s ./ > sources.list' % (apt_get_sourceslist_dir, apt_get_source_server))
+        self.target.run('cd %s; echo deb [ allow-insecure=yes ] %s/all ./ > sources.list' % (apt_get_sourceslist_dir, apt_get_source_server))
+
+    def setup_source_config_for_package_install_signed(self):
+        apt_get_source_server = 'http://%s:%s' % (self.tc.target.server_ip, self.repo_server.port)
+        apt_get_sourceslist_dir = '/etc/apt/'
+        self.target.run("cd %s; cp sources.list sources.list.bak; sed -i 's|\[trusted=yes\] http://bogus_ip:bogus_port|%s|g' sources.list" % (apt_get_sourceslist_dir, apt_get_source_server))
 
     def cleanup_source_config_for_package_install(self):
         apt_get_sourceslist_dir = '/etc/apt/'
         self.target.run('cd %s; rm sources.list' % (apt_get_sourceslist_dir))
 
+    def cleanup_source_config_for_package_install_signed(self):
+        apt_get_sourceslist_dir = '/etc/apt/'
+        self.target.run('cd %s; mv sources.list.bak sources.list' % (apt_get_sourceslist_dir))
+
+    def setup_key(self):
+        # the key is found on the target /etc/pki/packagefeed-gpg/
+        # named PACKAGEFEED-GPG-KEY-poky-branch
+        self.target.run('cd %s; apt-key add P*' % ('/etc/pki/packagefeed-gpg'))
+
     @skipIfNotFeature('package-management',
                       'Test requires package-management to be in IMAGE_FEATURES')
     @skipIfNotDataVar('IMAGE_PKGTYPE', 'deb',
                       'DEB is not the primary package manager')
     @OEHasPackage(['apt'])
     def test_apt_install_from_repo(self):
-        self.setup_source_config_for_package_install()
-        self.pkg('update')
-        self.pkg('remove --yes run-postinsts-dev')
-        self.pkg('install --yes --allow-unauthenticated run-postinsts-dev')
-        self.cleanup_source_config_for_package_install()
+        if not self.tc.td.get('PACKAGE_FEED_GPG_NAME'):
+            self.setup_source_config_for_package_install()
+            self.pkg('update')
+            self.pkg('remove --yes run-postinsts-dev')
+            self.pkg('install --yes --allow-unauthenticated run-postinsts-dev')
+            self.cleanup_source_config_for_package_install()
+        else:
+            # when we are here a key has been set to sign the package feed and
+            # public key and gnupg installed on the image by test_testimage_apt
+            self.setup_source_config_for_package_install_signed()
+            self.setup_key()
+            self.pkg('update')
+            self.pkg('install --yes run-postinsts-dev')
+            self.pkg('remove --yes run-postinsts-dev')
+            self.cleanup_source_config_for_package_install_signed()
diff --git a/meta/lib/oeqa/runtime/cases/boot.py b/meta/lib/oeqa/runtime/cases/boot.py
index 2142f400a0..dcee3311f7 100644
--- a/meta/lib/oeqa/runtime/cases/boot.py
+++ b/meta/lib/oeqa/runtime/cases/boot.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -13,7 +15,7 @@ from oeqa.core.decorator.data import skipIfQemu
 class BootTest(OERuntimeTestCase):
 
     @OETimeout(120)
-    @skipIfQemu('qemuall', 'Test only runs on real hardware')
+    @skipIfQemu()
     @OETestDepends(['ssh.SSHTest.test_ssh'])
     def test_reboot(self):
         output = ''
diff --git a/meta/lib/oeqa/runtime/cases/buildcpio.py b/meta/lib/oeqa/runtime/cases/buildcpio.py
index e29bf16ccb..0c9c57a3cb 100644
--- a/meta/lib/oeqa/runtime/cases/buildcpio.py
+++ b/meta/lib/oeqa/runtime/cases/buildcpio.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -12,7 +14,7 @@ class BuildCpioTest(OERuntimeTestCase):
 
     @classmethod
     def setUpClass(cls):
-        uri = 'https://downloads.yoctoproject.org/mirror/sources/cpio-2.13.tar.gz'
+        uri = 'https://downloads.yoctoproject.org/mirror/sources/cpio-2.15.tar.gz'
         cls.project = TargetBuildProject(cls.tc.target,
                                          uri,
                                          dl_dir = cls.tc.td['DL_DIR'])
@@ -27,7 +29,6 @@ class BuildCpioTest(OERuntimeTestCase):
     @OEHasPackage(['autoconf'])
     def test_cpio(self):
         self.project.download_archive()
-        self.project.run_configure('--disable-maintainer-mode',
-                                   'sed -i -e "/char \*program_name/d" src/global.c;')
-        self.project.run_make()
+        self.project.run_configure(configure_args="CFLAGS='-std=gnu17 -Dbool=int -Dtrue=1 -Dfalse=0 -Wno-error=implicit-function-declaration'")
+        self.project.run_make(make_args="CFLAGS='-std=gnu17 -Dbool=int -Dtrue=1 -Dfalse=0 -Wno-error=implicit-function-declaration'")
         self.project.run_install()
diff --git a/meta/lib/oeqa/runtime/cases/buildgalculator.py b/meta/lib/oeqa/runtime/cases/buildgalculator.py
index e5cc3e2888..2cfb3243dc 100644
--- a/meta/lib/oeqa/runtime/cases/buildgalculator.py
+++ b/meta/lib/oeqa/runtime/cases/buildgalculator.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
diff --git a/meta/lib/oeqa/runtime/cases/buildlzip.py b/meta/lib/oeqa/runtime/cases/buildlzip.py
index bc70b41461..921a0bca61 100644
--- a/meta/lib/oeqa/runtime/cases/buildlzip.py
+++ b/meta/lib/oeqa/runtime/cases/buildlzip.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -13,7 +15,7 @@ class BuildLzipTest(OERuntimeTestCase):
     @classmethod
     def setUpClass(cls):
         uri = 'http://downloads.yoctoproject.org/mirror/sources'
-        uri = '%s/lzip-1.19.tar.gz' % uri
+        uri = '%s/lzip-1.25.tar.gz' % uri
         cls.project = TargetBuildProject(cls.tc.target,
                                          uri,
                                          dl_dir = cls.tc.td['DL_DIR'])
diff --git a/meta/lib/oeqa/runtime/cases/connman.py b/meta/lib/oeqa/runtime/cases/connman.py
index f0d15fac9b..a488752e3f 100644
--- a/meta/lib/oeqa/runtime/cases/connman.py
+++ b/meta/lib/oeqa/runtime/cases/connman.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
diff --git a/meta/lib/oeqa/runtime/cases/date.py b/meta/lib/oeqa/runtime/cases/date.py
index fdd2a6ae58..a2523de67a 100644
--- a/meta/lib/oeqa/runtime/cases/date.py
+++ b/meta/lib/oeqa/runtime/cases/date.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -13,12 +15,12 @@ class DateTest(OERuntimeTestCase):
     def setUp(self):
         if self.tc.td.get('VIRTUAL-RUNTIME_init_manager') == 'systemd':
             self.logger.debug('Stopping systemd-timesyncd daemon')
-            self.target.run('systemctl disable --now systemd-timesyncd')
+            self.target.run('systemctl disable --now --runtime systemd-timesyncd')
 
     def tearDown(self):
         if self.tc.td.get('VIRTUAL-RUNTIME_init_manager') == 'systemd':
             self.logger.debug('Starting systemd-timesyncd daemon')
-            self.target.run('systemctl enable --now systemd-timesyncd')
+            self.target.run('systemctl enable --now --runtime systemd-timesyncd')
 
     @OETestDepends(['ssh.SSHTest.test_ssh'])
     @OEHasPackage(['coreutils', 'busybox'])
@@ -28,14 +30,13 @@ class DateTest(OERuntimeTestCase):
         self.assertEqual(status, 0, msg=msg)
         oldDate = output
 
-        sampleDate = '"2016-08-09 10:00:00"'
-        (status, output) = self.target.run("date -s %s" % sampleDate)
+        sampleTimestamp = 1488800000
+        (status, output) = self.target.run("date -s @%d" % sampleTimestamp)
         self.assertEqual(status, 0, msg='Date set failed, output: %s' % output)
 
-        (status, output) = self.target.run("date -R")
-        p = re.match('Tue, 09 Aug 2016 10:00:.. \+0000', output)
+        (status, output) = self.target.run('date +"%s"')
         msg = 'The date was not set correctly, output: %s' % output
-        self.assertTrue(p, msg=msg)
+        self.assertTrue(int(output) - sampleTimestamp < 300, msg=msg)
 
         (status, output) = self.target.run('date -s "%s"' % oldDate)
         msg = 'Failed to reset date, output: %s' % output
diff --git a/meta/lib/oeqa/runtime/cases/df.py b/meta/lib/oeqa/runtime/cases/df.py
index bb155c9cf9..43e0ebf9ea 100644
--- a/meta/lib/oeqa/runtime/cases/df.py
+++ b/meta/lib/oeqa/runtime/cases/df.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
diff --git a/meta/lib/oeqa/runtime/cases/dnf.py b/meta/lib/oeqa/runtime/cases/dnf.py
index f40c63026e..3ccb18ce83 100644
--- a/meta/lib/oeqa/runtime/cases/dnf.py
+++ b/meta/lib/oeqa/runtime/cases/dnf.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -73,48 +75,43 @@ class DnfRepoTest(DnfTest):
     def test_dnf_makecache(self):
         self.dnf_with_repo('makecache')
 
-
-# Does not work when repo is specified on the command line
-#    @OETestDepends(['dnf.DnfRepoTest.test_dnf_makecache'])
-#    def test_dnf_repolist(self):
-#        self.dnf_with_repo('repolist')
-
     @OETestDepends(['dnf.DnfRepoTest.test_dnf_makecache'])
     def test_dnf_repoinfo(self):
         self.dnf_with_repo('repoinfo')
 
     @OETestDepends(['dnf.DnfRepoTest.test_dnf_makecache'])
     def test_dnf_install(self):
-        output = self.dnf_with_repo('list run-postinsts-dev')
-        if 'Installed Packages' in output:
-            self.dnf_with_repo('remove -y run-postinsts-dev')
-        self.dnf_with_repo('install -y run-postinsts-dev')
+        self.dnf_with_repo('remove -y dnf-test-*')
+        self.dnf_with_repo('install -y dnf-test-dep')
 
     @OETestDepends(['dnf.DnfRepoTest.test_dnf_install'])
     def test_dnf_install_dependency(self):
-        self.dnf_with_repo('remove -y run-postinsts')
-        self.dnf_with_repo('install -y run-postinsts-dev')
+        self.dnf_with_repo('remove -y dnf-test-*')
+        self.dnf_with_repo('install -y dnf-test-main')
+        output = self.dnf('list --installed dnf-test-*')
+        self.assertIn("dnf-test-main.", output)
+        self.assertIn("dnf-test-dep.", output)
 
     @OETestDepends(['dnf.DnfRepoTest.test_dnf_install_dependency'])
     def test_dnf_install_from_disk(self):
-        self.dnf_with_repo('remove -y run-postinsts-dev')
-        self.dnf_with_repo('install -y --downloadonly run-postinsts-dev')
-        status, output = self.target.run('find /var/cache/dnf -name run-postinsts-dev*rpm', 1500)
+        self.dnf_with_repo('remove -y dnf-test-dep')
+        self.dnf_with_repo('install -y --downloadonly dnf-test-dep')
+        status, output = self.target.run('find /var/cache/dnf -name dnf-test-dep*rpm')
         self.assertEqual(status, 0, output)
         self.dnf_with_repo('install -y %s' % output)
 
     @OETestDepends(['dnf.DnfRepoTest.test_dnf_install_from_disk'])
     def test_dnf_install_from_http(self):
-        output = subprocess.check_output('%s %s -name run-postinsts-dev*' % (bb.utils.which(os.getenv('PATH'), "find"),
+        output = subprocess.check_output('%s %s -name dnf-test-dep*' % (bb.utils.which(os.getenv('PATH'), "find"),
                                                                            os.path.join(self.tc.td['WORKDIR'], 'oe-testimage-repo')), shell=True).decode("utf-8")
         rpm_path = output.split("/")[-2] + "/" + output.split("/")[-1]
         url = 'http://%s:%s/%s' %(self.target.server_ip, self.repo_server.port, rpm_path)
-        self.dnf_with_repo('remove -y run-postinsts-dev')
+        self.dnf_with_repo('remove -y dnf-test-dep')
         self.dnf_with_repo('install -y %s' % url)
 
     @OETestDepends(['dnf.DnfRepoTest.test_dnf_install'])
     def test_dnf_reinstall(self):
-        self.dnf_with_repo('reinstall -y run-postinsts-dev')
+        self.dnf_with_repo('reinstall -y dnf-test-main')
 
     @OETestDepends(['dnf.DnfRepoTest.test_dnf_makecache'])
     @skipIfInDataVar('DISTRO_FEATURES', 'usrmerge', 'Test run when not enable usrmerge')
@@ -137,55 +134,40 @@ class DnfRepoTest(DnfTest):
         self.target.run('cp -r /etc/dnf %s/etc' % rootpath, 1500)
         self.target.run('cp /bin/sh %s/bin' % rootpath, 1500)
         self.target.run('mount -o bind /dev %s/dev/' % rootpath, 1500)
-        self.dnf_with_repo('install --installroot=%s -v -y --rpmverbosity=debug busybox run-postinsts' % rootpath)
+        self.dnf_with_repo('install --installroot=%s -v -y --rpmverbosity=debug busybox' % rootpath)
         status, output = self.target.run('test -e %s/var/cache/dnf' % rootpath, 1500)
         self.assertEqual(0, status, output)
         status, output = self.target.run('test -e %s/bin/busybox' % rootpath, 1500)
         self.assertEqual(0, status, output)
 
     @OETestDepends(['dnf.DnfRepoTest.test_dnf_makecache'])
-    @skipIfNotInDataVar('DISTRO_FEATURES', 'usrmerge', 'Test run when enable usrmege')
+    @skipIfNotInDataVar('DISTRO_FEATURES', 'usrmerge', 'Test run when enable usrmerge')
     @OEHasPackage('busybox')
     def test_dnf_installroot_usrmerge(self):
         rootpath = '/home/root/chroot/test'
         #Copy necessary files to avoid errors with not yet installed tools on
         #installroot directory.
-        self.target.run('mkdir -p %s/etc' % rootpath, 1500)
-        self.target.run('mkdir -p %s/usr/bin %s/usr/sbin' % (rootpath, rootpath), 1500)
-        self.target.run('ln -sf -r %s/usr/bin %s/bin'  % (rootpath, rootpath), 1500)
-        self.target.run('ln -sf -r %s/usr/sbin %s/sbin'  % (rootpath, rootpath), 1500)
-        self.target.run('mkdir -p %s/dev' % rootpath, 1500)
+        self.target.run('mkdir -p %s/etc' % rootpath)
+        self.target.run('mkdir -p %s/usr/bin %s/usr/sbin' % (rootpath, rootpath))
+        self.target.run('ln -sf usr/bin %s/bin'  % (rootpath))
+        self.target.run('ln -sf usr/sbin %s/sbin'  % (rootpath))
+        self.target.run('mkdir -p %s/dev' % rootpath)
         #Handle different architectures lib dirs
-        self.target.run('mkdir -p %s/usr/lib' % rootpath, 1500)
-        self.target.run('mkdir -p %s/usr/libx32' % rootpath, 1500)
-        self.target.run('mkdir -p %s/usr/lib64' % rootpath, 1500)
-        self.target.run('cp /lib/libtinfo.so.5 %s/usr/lib' % rootpath, 1500)
-        self.target.run('cp /libx32/libtinfo.so.5 %s/usr/libx32' % rootpath, 1500)
-        self.target.run('cp /lib64/libtinfo.so.5 %s/usr/lib64' % rootpath, 1500)
-        self.target.run('ln -sf -r %s/lib %s/usr/lib' % (rootpath,rootpath), 1500)
-        self.target.run('ln -sf -r %s/libx32 %s/usr/libx32' % (rootpath,rootpath), 1500)
-        self.target.run('ln -sf -r %s/lib64 %s/usr/lib64' % (rootpath,rootpath), 1500)
-        self.target.run('cp -r /etc/rpm %s/etc' % rootpath, 1500)
-        self.target.run('cp -r /etc/dnf %s/etc' % rootpath, 1500)
-        self.target.run('cp /bin/sh %s/bin' % rootpath, 1500)
-        self.target.run('mount -o bind /dev %s/dev/' % rootpath, 1500)
-        self.dnf_with_repo('install --installroot=%s -v -y --rpmverbosity=debug busybox run-postinsts' % rootpath)
-        status, output = self.target.run('test -e %s/var/cache/dnf' % rootpath, 1500)
+        self.target.run("for l in /lib*; do mkdir -p %s/usr/$l; ln -s usr/$l %s/$l; done" % (rootpath, rootpath))
+        self.target.run('cp -r /etc/rpm %s/etc' % rootpath)
+        self.target.run('cp -r /etc/dnf %s/etc' % rootpath)
+        self.target.run('cp /bin/busybox %s/bin/sh' % rootpath)
+        self.target.run('mount -o bind /dev %s/dev/' % rootpath)
+        self.dnf_with_repo('install --installroot=%s -v -y --rpmverbosity=debug busybox' % rootpath)
+        status, output = self.target.run('test -e %s/var/cache/dnf' % rootpath)
         self.assertEqual(0, status, output)
-        status, output = self.target.run('test -e %s/bin/busybox' % rootpath, 1500)
+        status, output = self.target.run('test -e %s/bin/busybox' % rootpath)
         self.assertEqual(0, status, output)
 
     @OETestDepends(['dnf.DnfRepoTest.test_dnf_makecache'])
     def test_dnf_exclude(self):
-        excludepkg = 'curl-dev'
-        self.dnf_with_repo('install -y curl*')
-        self.dnf('list %s' % excludepkg, 0)
-        #Avoid remove dependencies to skip some errors on different archs and images
-        self.dnf_with_repo('remove --setopt=clean_requirements_on_remove=0 -y curl*')
-        #check curl-dev is not installed adter removing all curl occurrences
-        status, output = self.target.run('dnf list --installed | grep %s'% excludepkg, 1500)
-        self.assertEqual(1, status, "%s was not removed,  is listed as installed"%excludepkg)
-        self.dnf_with_repo('install -y --exclude=%s --exclude=curl-staticdev curl*' % excludepkg)
-        #check curl-dev is not installed after being excluded
-        status, output = self.target.run('dnf list --installed | grep %s'% excludepkg , 1500)
-        self.assertEqual(1, status, "%s was not excluded, is listed as installed"%excludepkg)
+        self.dnf_with_repo('remove -y dnf-test-*')
+        self.dnf_with_repo('install -y --exclude=dnf-test-dep dnf-test-*')
+        output = self.dnf('list --installed dnf-test-*')
+        self.assertIn("dnf-test-main.", output)
+        self.assertNotIn("dnf-test-dev.", output)
diff --git a/meta/lib/oeqa/runtime/cases/ethernet_ip_connman.py b/meta/lib/oeqa/runtime/cases/ethernet_ip_connman.py
index e010612838..c3be60f006 100644
--- a/meta/lib/oeqa/runtime/cases/ethernet_ip_connman.py
+++ b/meta/lib/oeqa/runtime/cases/ethernet_ip_connman.py
@@ -1,28 +1,15 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
 from oeqa.runtime.case import OERuntimeTestCase
 from oeqa.core.decorator.depends import OETestDepends
 from oeqa.core.decorator.data import skipIfQemu
 
 class Ethernet_Test(OERuntimeTestCase):
 
-    def set_ip(self, x): 
-        x = x.split(".")
-        sample_host_address = '150'        
-        x[3] = sample_host_address
-        x = '.'.join(x)
-        return x
-    
-    @skipIfQemu('qemuall', 'Test only runs on real hardware')    
-    @OETestDepends(['ssh.SSHTest.test_ssh'])
-    def test_set_virtual_ip(self):
-        (status, output) = self.target.run("ifconfig eth0 | grep 'inet ' | awk '{print $2}'")
-        self.assertEqual(status, 0, msg='Failed to get ip address. Make sure you have an ethernet connection on your device, output: %s' % output)
-        original_ip = output 
-        virtual_ip = self.set_ip(original_ip)
-        
-        (status, output) = self.target.run("ifconfig eth0:1 %s netmask 255.255.255.0 && sleep 2 && ping -c 5 %s && ifconfig eth0:1 down" % (virtual_ip,virtual_ip))
-        self.assertEqual(status, 0, msg='Failed to create virtual ip address, output: %s' % output)
-        
-    @OETestDepends(['ethernet_ip_connman.Ethernet_Test.test_set_virtual_ip'])  
+    @skipIfQemu()
     def test_get_ip_from_dhcp(self): 
         (status, output) = self.target.run("connmanctl services | grep -E '*AO Wired|*AR Wired' | awk '{print $3}'")
         self.assertEqual(status, 0, msg='No wired interfaces are detected, output: %s' % output)
@@ -33,4 +20,4 @@ class Ethernet_Test(OERuntimeTestCase):
         default_gateway = output
 
         (status, output) = self.target.run("connmanctl config %s --ipv4 dhcp && sleep 2 && ping -c 5 %s" % (wired_interfaces,default_gateway))
-        self.assertEqual(status, 0, msg='Failed to get dynamic IP address via DHCP in connmand, output: %s' % output)
\ No newline at end of file
+        self.assertEqual(status, 0, msg='Failed to get dynamic IP address via DHCP in connmand, output: %s' % output)
diff --git a/meta/lib/oeqa/runtime/cases/gcc.py b/meta/lib/oeqa/runtime/cases/gcc.py
index 1b6e431bf4..17b1483e8d 100644
--- a/meta/lib/oeqa/runtime/cases/gcc.py
+++ b/meta/lib/oeqa/runtime/cases/gcc.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
diff --git a/meta/lib/oeqa/runtime/cases/gi.py b/meta/lib/oeqa/runtime/cases/gi.py
index 42bd100a31..78c7ddda2c 100644
--- a/meta/lib/oeqa/runtime/cases/gi.py
+++ b/meta/lib/oeqa/runtime/cases/gi.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
diff --git a/meta/lib/oeqa/runtime/cases/go.py b/meta/lib/oeqa/runtime/cases/go.py
new file mode 100644
index 0000000000..39a80f4dca
--- /dev/null
+++ b/meta/lib/oeqa/runtime/cases/go.py
@@ -0,0 +1,21 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+from oeqa.runtime.case import OERuntimeTestCase
+from oeqa.core.decorator.depends import OETestDepends
+from oeqa.runtime.decorator.package import OEHasPackage
+
+class GoHelloworldTest(OERuntimeTestCase):
+    @OETestDepends(['ssh.SSHTest.test_ssh'])
+    @OEHasPackage(['go-helloworld'])
+    def test_gohelloworld(self):
+        cmd = "go-helloworld"
+        status, output = self.target.run(cmd)
+        msg = 'Exit status was not 0. Output: %s' % output
+        self.assertEqual(status, 0, msg=msg)
+
+        msg = 'Incorrect output: %s' % output
+        self.assertEqual(output, "Hello, world!", msg=msg)
diff --git a/meta/lib/oeqa/runtime/cases/gstreamer.py b/meta/lib/oeqa/runtime/cases/gstreamer.py
index f735f82e3b..2295769cfd 100644
--- a/meta/lib/oeqa/runtime/cases/gstreamer.py
+++ b/meta/lib/oeqa/runtime/cases/gstreamer.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
diff --git a/meta/lib/oeqa/runtime/cases/kernelmodule.py b/meta/lib/oeqa/runtime/cases/kernelmodule.py
index 47fd2f850c..9c42fcc586 100644
--- a/meta/lib/oeqa/runtime/cases/kernelmodule.py
+++ b/meta/lib/oeqa/runtime/cases/kernelmodule.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
diff --git a/meta/lib/oeqa/runtime/cases/ksample.py b/meta/lib/oeqa/runtime/cases/ksample.py
index a9a1620ebd..b6848762e3 100644
--- a/meta/lib/oeqa/runtime/cases/ksample.py
+++ b/meta/lib/oeqa/runtime/cases/ksample.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -10,7 +12,7 @@ from oeqa.core.decorator.depends import OETestDepends
 from oeqa.core.decorator.data import skipIfNotFeature
 
 # need some kernel fragments
-# echo "KERNEL_FEATURES_append += \" features\/kernel\-sample\/kernel\-sample.scc\"" >> local.conf
+# echo "KERNEL_FEATURES:append = \" features\/kernel\-sample\/kernel\-sample.scc\"" >> local.conf
 class KSample(OERuntimeTestCase):
     def cmd_and_check(self, cmd='', match_string=''):
         status, output = self.target.run(cmd)
diff --git a/meta/lib/oeqa/runtime/cases/ldd.py b/meta/lib/oeqa/runtime/cases/ldd.py
index 9c2caa8f65..f6841c6675 100644
--- a/meta/lib/oeqa/runtime/cases/ldd.py
+++ b/meta/lib/oeqa/runtime/cases/ldd.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
diff --git a/meta/lib/oeqa/runtime/cases/login.py b/meta/lib/oeqa/runtime/cases/login.py
new file mode 100644
index 0000000000..e1bc60d49b
--- /dev/null
+++ b/meta/lib/oeqa/runtime/cases/login.py
@@ -0,0 +1,116 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+import shutil
+import subprocess
+import tempfile
+import time
+import os
+from datetime import datetime
+from oeqa.runtime.case import OERuntimeTestCase
+from oeqa.runtime.decorator.package import OEHasPackage
+
+### Status of qemu images.
+#   - runqemu qemuppc64 comes up blank. (skip)
+#   - qemuarmv5 comes up with multiple heads but sending "head" to screendump.
+#     seems to create a png with a bad header? (skip for now, but come back to fix)
+#   - qemuriscv32 and qemuloongarch64 doesn't work with testimage apparently? (skip)
+#   - qemumips64 is missing mouse icon.
+#   - qemumips takes forever to render and is missing mouse icon.
+#   - qemuarm and qemuppc are odd as they don't resize so we need to just set width.
+#   - All images have home and screen flipper icons not always rendered fully at first.
+#     the sleep seems to help this out some, depending on machine load.
+###
+
+class LoginTest(OERuntimeTestCase):
+    @OEHasPackage(['matchbox-desktop', 'dbus-wait'])
+    def test_screenshot(self):
+        if self.td.get('MACHINE') in ("qemuppc64", "qemuarmv5", "qemuriscv32", "qemuriscv64", "qemuloongarch64"):
+            self.skipTest("{0} is not currently supported.".format(self.td.get('MACHINE')))
+
+        pn = self.td.get('PN')
+
+        ourenv = os.environ.copy()
+        origpath = self.td.get("ORIGPATH")
+        if origpath:
+            ourenv['PATH'] = ourenv['PATH'] + ":" + origpath
+
+        for cmd in ["identify.im7", "convert.im7", "compare.im7"]:
+            try:
+                subprocess.check_output(["which", cmd], env=ourenv)
+            except subprocess.CalledProcessError:
+                self.skipTest("%s (from imagemagick) not available" % cmd)
+
+
+        # Store images so we can debug them if needed
+        saved_screenshots_dir = self.td.get('T') + "/saved-screenshots/"
+
+        ###
+        # This is a really horrible way of doing this but I've not found the
+        # right event to determine "The system is loaded and screen is rendered"
+        #
+        # Using dbus-wait for matchbox is the wrong answer because while it
+        # ensures the system is up, it doesn't mean the screen is rendered.
+        #
+        # Checking the qmp socket doesn't work afaik either.
+        #
+        # One way to do this is to do compares of known good screendumps until
+        # we either get expected or close to expected or we time out. Part of the
+        # issue here with that is that there is a very fine difference in the
+        # diff between a screendump where the icons haven't loaded yet and
+        # one where they won't load. I'll look at that next, but, for now, this.
+        #
+        # Which is ugly and I hate it but it 'works' for various definitions of
+        # 'works'.
+        ###
+        # RP: if the signal is sent before we run this, it will never be seen and we'd timeout
+        #status, output = self.target.run('dbus-wait org.matchbox_project.desktop Loaded')
+        #if status != 0 or "Timeout" in output:
+        #    self.fail('dbus-wait failed (%s, %s). This could mean that the image never loaded the matchbox desktop.' % (status, output))
+
+        # Start taking screenshots every 2 seconds until diff=0 or timeout is 60 seconds
+        timeout = time.time() + 60
+        diff = True
+        with tempfile.NamedTemporaryFile(prefix="oeqa-screenshot-login", suffix=".png") as t:
+            while diff != 0 and time.time() < timeout:
+                time.sleep(2)
+                ret = self.target.runner.run_monitor("screendump", args={"filename": t.name, "format":"png"})
+
+                # Find out size of image so we can determine where to blank out clock.
+                # qemuarm and qemuppc are odd as it doesn't resize the window and returns
+                # incorrect widths
+                if self.td.get('MACHINE') == "qemuarm" or self.td.get('MACHINE') == "qemuppc":
+                    width = "640"
+                else:
+                    cmd = "identify.im7 -ping -format '%w' {0}".format(t.name)
+                    width = subprocess.check_output(cmd, shell=True, env=ourenv).decode()
+
+                rblank = int(float(width))
+                lblank = rblank-80
+
+                # Use the meta-oe version of convert, along with it's suffix. This blanks out the clock.
+                cmd = "convert.im7 {0} -fill white -draw 'rectangle {1},4 {2},28' {3}".format(t.name, str(rblank), str(lblank), t.name)
+                convert_out=subprocess.check_output(cmd, shell=True, env=ourenv).decode()
+
+                bb.utils.mkdirhier(saved_screenshots_dir)
+                savedfile = "{0}/saved-{1}-{2}-{3}.png".format(saved_screenshots_dir, \
+                                                                            datetime.timestamp(datetime.now()), \
+                                                                            pn, \
+                                                                            self.td.get('MACHINE'))
+                shutil.copy2(t.name, savedfile)
+
+                refimage = self.td.get('COREBASE') + "/meta/files/screenshot-tests/" + pn + "-" + self.td.get('MACHINE') +".png"
+                if not os.path.exists(refimage):
+                    self.skipTest("No reference image for comparision (%s)" % refimage)
+
+                cmd = "compare.im7 -metric MSE {0} {1} /dev/null".format(t.name, refimage)
+                compare_out = subprocess.run(cmd, shell=True, capture_output=True, text=True, env=ourenv)
+                diff=float(compare_out.stderr.replace("(", "").replace(")","").split()[1])
+            if diff > 0:
+                # Keep a copy of the failed screenshot so we can see what happened.
+                self.fail("Screenshot diff is {0}. Failed image stored in {1}".format(str(diff), savedfile))
+            else:
+                self.assertEqual(0, diff, "Screenshot diff is {0}.".format(str(diff)))
diff --git a/meta/lib/oeqa/runtime/cases/logrotate.py b/meta/lib/oeqa/runtime/cases/logrotate.py
index a4efcd07c0..6ad980cb6a 100644
--- a/meta/lib/oeqa/runtime/cases/logrotate.py
+++ b/meta/lib/oeqa/runtime/cases/logrotate.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -17,7 +19,7 @@ class LogrotateTest(OERuntimeTestCase):
 
     @classmethod
     def tearDownClass(cls):
-        cls.tc.target.run('mv -f $HOME/wtmp.oeqabak /etc/logrotate.d/wtmp && rm -rf $HOME/logrotate_dir')
+        cls.tc.target.run('mv -f $HOME/wtmp.oeqabak /etc/logrotate.d/wtmp && rm -rf /var/log//logrotate_dir')
         cls.tc.target.run('rm -rf /var/log/logrotate_testfile && rm -rf /etc/logrotate.d/logrotate_testfile')
 
     @OETestDepends(['ssh.SSHTest.test_ssh'])
@@ -29,17 +31,17 @@ class LogrotateTest(OERuntimeTestCase):
         msg = ('Could not create/update /var/log/wtmp with touch')
         self.assertEqual(status, 0, msg = msg)
 
-        status, output = self.target.run('mkdir $HOME/logrotate_dir')
+        status, output = self.target.run('mkdir /var/log//logrotate_dir')
         msg = ('Could not create logrotate_dir. Output: %s' % output)
         self.assertEqual(status, 0, msg = msg)
 
-        status, output = self.target.run('echo "create \n olddir $HOME/logrotate_dir \n include /etc/logrotate.d/wtmp" > /tmp/logrotate-test.conf')
+        status, output = self.target.run('echo "create \n olddir /var/log//logrotate_dir \n include /etc/logrotate.d/wtmp" > /tmp/logrotate-test.conf')
         msg = ('Could not write to /tmp/logrotate-test.conf')
         self.assertEqual(status, 0, msg = msg)
         
         # If logrotate fails to rotate the log, view the verbose output of logrotate to see what prevented it
         _, logrotate_output = self.target.run('logrotate -vf /tmp/logrotate-test.conf')
-        status, _ = self.target.run('find $HOME/logrotate_dir -type f | grep wtmp.1')
+        status, _ = self.target.run('find /var/log//logrotate_dir -type f | grep wtmp.1')
         msg = ("logrotate did not successfully rotate the wtmp log. Output from logrotate -vf: \n%s" % (logrotate_output))
         self.assertEqual(status, 0, msg = msg)
        
@@ -54,17 +56,17 @@ class LogrotateTest(OERuntimeTestCase):
         msg = ('Could not write to /etc/logrotate.d/logrotate_testfile')
         self.assertEqual(status, 0, msg = msg)
 
-        status, output = self.target.run('echo "create \n olddir $HOME/logrotate_dir \n include /etc/logrotate.d/logrotate_testfile" > /tmp/logrotate-test2.conf')
+        status, output = self.target.run('echo "create \n olddir /var/log//logrotate_dir \n include /etc/logrotate.d/logrotate_testfile" > /tmp/logrotate-test2.conf')
         msg = ('Could not write to /tmp/logrotate_test2.conf')
         self.assertEqual(status, 0, msg = msg)
 
-        status, output = self.target.run('find $HOME/logrotate_dir -type f | grep logrotate_testfile.1')
+        status, output = self.target.run('find /var/log//logrotate_dir -type f | grep logrotate_testfile.1')
         msg = ('A rotated log for logrotate_testfile is already present in logrotate_dir')
         self.assertEqual(status, 1, msg = msg)
 
         # If logrotate fails to rotate the log, view the verbose output of logrotate instead of just listing the files in olddir
         _, logrotate_output = self.target.run('logrotate -vf /tmp/logrotate-test2.conf')
-        status, _ = self.target.run('find $HOME/logrotate_dir -type f | grep logrotate_testfile.1')
+        status, _ = self.target.run('find /var/log//logrotate_dir -type f | grep logrotate_testfile.1')
         msg = ('logrotate did not successfully rotate the logrotate_test log. Output from logrotate -vf: \n%s' % (logrotate_output))
         self.assertEqual(status, 0, msg = msg)
 
diff --git a/meta/lib/oeqa/runtime/cases/ltp.py b/meta/lib/oeqa/runtime/cases/ltp.py
index a66d5d13d7..e81360670c 100644
--- a/meta/lib/oeqa/runtime/cases/ltp.py
+++ b/meta/lib/oeqa/runtime/cases/ltp.py
@@ -57,37 +57,47 @@ class LtpTestBase(OERuntimeTestCase):
 
 class LtpTest(LtpTestBase):
 
-    ltp_groups = ["math", "syscalls", "dio", "io", "mm", "ipc", "sched", "nptl", "pty", "containers", "controllers", "filecaps", "cap_bounds", "fcntl-locktests", "connectors", "commands", "net.ipv6_lib", "input","fs_perms_simple"]
+    ltp_groups = ["math", "syscalls", "dio", "mm", "ipc", "sched", "nptl", "pty", "containers", "controllers", "fcntl-locktests", "commands", "net.ipv6_lib", "input","fs_perms_simple", "cve", "crypto", "ima", "net.nfs", "net_stress.ipsec_icmp", "net.ipv6", "numa", "uevent", "ltp-aiodio.part1", "ltp-aiodio.part2", "ltp-aiodio.part3", "ltp-aiodio.part4"]
 
-    ltp_fs = ["fs", "fsx", "fs_bind"]
+    ltp_fs = ["fs", "fs_bind"]
     # skip kernel cpuhotplug
     ltp_kernel = ["power_management_tests", "hyperthreading ", "kernel_misc", "hugetlb"]
     ltp_groups += ltp_fs
 
     def runltp(self, ltp_group):
-            cmd = '/opt/ltp/runltp -f %s -p -q -r /opt/ltp -l /opt/ltp/results/%s -I 1 -d /opt/ltp' % (ltp_group, ltp_group)
+            # LTP appends to log files, so ensure we start with a clean log
+            self.target.deleteFiles("/opt/ltp/results/", ltp_group)
+
+            cmd = '/opt/ltp/runltp -f %s -q -r /opt/ltp -l /opt/ltp/results/%s -I 1 -d /opt/ltp' % (ltp_group, ltp_group)
+
             starttime = time.time()
-            (status, output) = self.target.run(cmd)
+            (status, output) = self.target.run(cmd, timeout=1200)
             endtime = time.time()
 
+            # status of 1 is 'just' tests failing. 255 likely was a command output timeout 
+            if status and status != 1:
+                msg = 'Command %s returned exit code %s' % (cmd, status)
+                self.target.logger.warning(msg)
+
+            # Write the console log to disk for convenience
             with open(os.path.join(self.ltptest_log_dir, "%s-raw.log" % ltp_group), 'w') as f:
                 f.write(output)
 
+            # Also put the console log into the test result JSON
             self.extras['ltpresult.rawlogs']['log'] = self.extras['ltpresult.rawlogs']['log'] + output
 
-            # copy nice log from DUT
-            dst = os.path.join(self.ltptest_log_dir, "%s" %  ltp_group )
+            # Copy the machine-readable test results locally so we can parse it
+            dst = os.path.join(self.ltptest_log_dir, ltp_group)
             remote_src = "/opt/ltp/results/%s" % ltp_group 
             (status, output) = self.target.copyFrom(remote_src, dst, True)
-            msg = 'File could not be copied. Output: %s' % output
             if status:
+                msg = 'File could not be copied. Output: %s' % output
                 self.target.logger.warning(msg)
 
             parser = LtpParser()
             results, sections  = parser.parse(dst)
 
-            runtime = int(endtime-starttime)
-            sections['duration'] = runtime
+            sections['duration'] = int(endtime-starttime)
             self.sections[ltp_group] =  sections
 
             failed_tests = {}
diff --git a/meta/lib/oeqa/runtime/cases/ltp_stress.py b/meta/lib/oeqa/runtime/cases/ltp_stress.py
index 2445ffbc93..ce6f4bf59d 100644
--- a/meta/lib/oeqa/runtime/cases/ltp_stress.py
+++ b/meta/lib/oeqa/runtime/cases/ltp_stress.py
@@ -89,8 +89,7 @@ class LtpStressTest(LtpStressBase):
 
     # LTP stress runtime tests
     #
-    @skipIfQemu('qemuall', 'Test only runs on real hardware')
-
+    @skipIfQemu()
     @OETestDepends(['ssh.SSHTest.test_ssh'])
     @OEHasPackage(["ltp"])
     def test_ltp_stress(self):
diff --git a/meta/lib/oeqa/runtime/cases/maturin.py b/meta/lib/oeqa/runtime/cases/maturin.py
new file mode 100644
index 0000000000..4e6384fe5e
--- /dev/null
+++ b/meta/lib/oeqa/runtime/cases/maturin.py
@@ -0,0 +1,58 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+import os
+
+from oeqa.runtime.case import OERuntimeTestCase
+from oeqa.core.decorator.depends import OETestDepends
+from oeqa.runtime.decorator.package import OEHasPackage
+
+
+class MaturinTest(OERuntimeTestCase):
+    @OETestDepends(['ssh.SSHTest.test_ssh', 'python.PythonTest.test_python3'])
+    @OEHasPackage(['python3-maturin'])
+    def test_maturin_list_python(self):
+        status, output = self.target.run("maturin list-python")
+        self.assertEqual(status, 0)
+        _, py_major = self.target.run("python3 -c 'import sys; print(sys.version_info.major)'")
+        _, py_minor = self.target.run("python3 -c 'import sys; print(sys.version_info.minor)'")
+        python_version = "%s.%s" % (py_major, py_minor)
+        self.assertEqual(output, "🐍 1 python interpreter found:\n"
+                                 " - CPython %s at /usr/bin/python%s" % (python_version, python_version))
+
+
+class MaturinDevelopTest(OERuntimeTestCase):
+    @classmethod
+    def setUp(cls):
+        dst = '/tmp'
+        src = os.path.join(cls.tc.files_dir, "maturin/guessing-game")
+        cls.tc.target.copyTo(src, dst)
+
+    @classmethod
+    def tearDown(cls):
+        cls.tc.target.run('rm -rf %s' %  '/tmp/guessing-game/target')
+
+    @OETestDepends(['ssh.SSHTest.test_ssh', 'python.PythonTest.test_python3'])
+    @OEHasPackage(['python3-maturin'])
+    def test_maturin_develop(self):
+        """
+        This test case requires:
+          (1) that a .venv can been created.
+          (2) DNS nameserver to resolve crate URIs for fetching
+          (3) a functional 'rustc' and 'cargo'
+        """
+        targetdir = os.path.join("/tmp", "guessing-game")
+        self.target.run("cd %s; python3 -m venv .venv" % targetdir)
+        self.target.run("echo 'nameserver 8.8.8.8' > /etc/resolv.conf")
+        cmd = "cd %s; maturin develop" % targetdir
+        status, output = self.target.run(cmd)
+        self.assertRegex(output, r"🔗 Found pyo3 bindings with abi3 support for Python ≥ 3.8")
+        self.assertRegex(output, r"🐍 Not using a specific python interpreter")
+        self.assertRegex(output, r"📡 Using build options features from pyproject.toml")
+        self.assertRegex(output, r"Compiling guessing-game v0.1.0")
+        self.assertRegex(output, r"📦 Built wheel for abi3 Python ≥ 3.8")
+        self.assertRegex(output, r"🛠 Installed guessing-game-0.1.0")
+        self.assertEqual(status, 0)
diff --git a/meta/lib/oeqa/runtime/cases/multilib.py b/meta/lib/oeqa/runtime/cases/multilib.py
index 0d1b9ae2c9..68556e45c5 100644
--- a/meta/lib/oeqa/runtime/cases/multilib.py
+++ b/meta/lib/oeqa/runtime/cases/multilib.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
diff --git a/meta/lib/oeqa/runtime/cases/oe_syslog.py b/meta/lib/oeqa/runtime/cases/oe_syslog.py
index f3c2bedbaf..adb876160d 100644
--- a/meta/lib/oeqa/runtime/cases/oe_syslog.py
+++ b/meta/lib/oeqa/runtime/cases/oe_syslog.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -114,18 +116,23 @@ class SyslogTestConfig(OERuntimeTestCase):
     @OETestDepends(['oe_syslog.SyslogTestConfig.test_syslog_logger'])
     @OEHasPackage(["busybox-syslog"])
     @skipIfDataVar('VIRTUAL-RUNTIME_init_manager', 'systemd',
-                   'Not appropiate for systemd image')
+                   'Not appropriate for systemd image')
     def test_syslog_startup_config(self):
         cmd = 'echo "LOGFILE=/var/log/test" >> /etc/syslog-startup.conf'
         self.target.run(cmd)
 
         self.test_syslog_restart()
 
-        cmd = 'logger foobar && grep foobar /var/log/test'
-        status,output = self.target.run(cmd)
-        msg = 'Test log string not found. Output: %s ' % output
+        cmd = 'logger foobar'
+        status, output = self.target.run(cmd)
+        msg = 'Logger command failed, %s. Output: %s ' % (status, output)
         self.assertEqual(status, 0, msg=msg)
 
+        cmd = 'cat /var/log/test'
+        status, output = self.target.run(cmd)
+        if "foobar" not in output or status:
+            self.fail("'foobar' not found in logfile, status %s, contents %s" % (status, output))
+
         cmd = "sed -i 's#LOGFILE=/var/log/test##' /etc/syslog-startup.conf"
         self.target.run(cmd)
         self.test_syslog_restart()
diff --git a/meta/lib/oeqa/runtime/cases/opkg.py b/meta/lib/oeqa/runtime/cases/opkg.py
index 9cfee1cd88..a29c93e59a 100644
--- a/meta/lib/oeqa/runtime/cases/opkg.py
+++ b/meta/lib/oeqa/runtime/cases/opkg.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
diff --git a/meta/lib/oeqa/runtime/cases/pam.py b/meta/lib/oeqa/runtime/cases/pam.py
index a482ded945..b3e8b56c3c 100644
--- a/meta/lib/oeqa/runtime/cases/pam.py
+++ b/meta/lib/oeqa/runtime/cases/pam.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
diff --git a/meta/lib/oeqa/runtime/cases/parselogs-ignores-common.txt b/meta/lib/oeqa/runtime/cases/parselogs-ignores-common.txt
new file mode 100644
index 0000000000..f91abbc941
--- /dev/null
+++ b/meta/lib/oeqa/runtime/cases/parselogs-ignores-common.txt
@@ -0,0 +1,62 @@
+# Xserver explains what the short codes mean
+(WW) warning, (EE) error, (NI) not implemented, (??) unknown.
+
+# Xserver warns if compiled with ACPI but no acpid running
+Open ACPI failed (/var/run/acpid.socket) (No such file or directory)
+
+# Some machines (eg qemux86) don't enable PAE (they probably should though)
+NX (Execute Disable) protection cannot be enabled: non-PAE kernel!
+
+# Connman's pacrunner warns if external connectivity isn't available
+Failed to find URL:http://ipv4.connman.net/online/status.html
+Failed to find URL:http://ipv6.connman.net/online/status.html
+
+# x86 on 6.6+ outputs this message, it is informational, not an error
+ACPI: _OSC evaluation for CPUs failed, trying _PDC
+
+# These should be reviewed to see if they are still needed
+dma timeout
+can\'t add hid device:
+usbhid: probe of
+_OSC failed (AE_ERROR)
+_OSC failed (AE_SUPPORT)
+AE_ALREADY_EXISTS
+ACPI _OSC request failed (AE_SUPPORT)
+can\'t disable ASPM
+Failed to load module "vesa"
+Failed to load module "modesetting"
+Failed to load module "glx"
+Failed to load module "fbdev"
+Failed to load module "ati"
+[drm] Cannot find any crtc or sizes
+_OSC failed (AE_NOT_FOUND); disabling ASPM
+hd.: possibly failed opcode
+NETLINK INITIALIZATION FAILED
+kernel: Cannot find map file
+omap_hwmod: debugss: _wait_target_disable failed
+VGA arbiter: cannot open kernel arbiter, no multi-card support
+Online check failed for
+netlink init failed
+Fast TSC calibration
+controller can't do DEVSLP, turning off
+stmmac_dvr_probe: warning: cannot get CSR clock
+error: couldn\'t mount because of unsupported optional features
+GPT: Use GNU Parted to correct GPT errors
+Cannot set xattr user.Librepo.DownloadInProgress
+Failed to read /var/lib/nfs/statd/state: Success
+error retry time-out =
+logind: cannot setup systemd-logind helper (-61), using legacy fallback
+Failed to rename network interface
+Failed to process device, ignoring: Device or resource busy
+Cannot find a map file
+[rdrand]: Initialization Failed
+[rndr  ]: Initialization Failed
+[pulseaudio] authkey.c: Failed to open cookie file
+[pulseaudio] authkey.c: Failed to load authentication key
+was skipped because of a failed condition check
+was skipped because all trigger condition checks failed
+xf86OpenConsole: Switching VT failed
+Failed to read LoaderConfigTimeoutOneShot variable, ignoring: Operation not supported
+Failed to read LoaderEntryOneShot variable, ignoring: Operation not supported
+Direct firmware load for regulatory.db
+failed to load regulatory.db
diff --git a/meta/lib/oeqa/runtime/cases/parselogs-ignores-mipsarch.txt b/meta/lib/oeqa/runtime/cases/parselogs-ignores-mipsarch.txt
new file mode 100644
index 0000000000..156b0f9c10
--- /dev/null
+++ b/meta/lib/oeqa/runtime/cases/parselogs-ignores-mipsarch.txt
@@ -0,0 +1,19 @@
+# These should be reviewed to see if they are still needed
+cacheinfo: Failed to find cpu0 device node
+
+# 6.10 restructures sysctl registration such that mips
+# registers an empty table and generates harmless warnings:
+#   failed when register_sysctl_sz sched_fair_sysctls to kernel
+#   failed when register_sysctl_sz sched_core_sysctls to kernel
+failed when register_sysctl_sz sched
+
+# With qemu 9.1.0
+# pci 0000:00:00.0: BAR 2: can't handle BAR above 4GB (bus address 0x1f00000010)
+# pci 0000:00:00.0: BAR 5: error updating (0x1105d034 != 0x0100d034)
+BAR 0: error updating
+BAR 1: error updating
+BAR 2: error updating
+BAR 3: error updating
+BAR 4: error updating
+BAR 5: error updating
+: can't handle BAR above 4GB
diff --git a/meta/lib/oeqa/runtime/cases/parselogs-ignores-qemuall.txt b/meta/lib/oeqa/runtime/cases/parselogs-ignores-qemuall.txt
new file mode 100644
index 0000000000..143db40d63
--- /dev/null
+++ b/meta/lib/oeqa/runtime/cases/parselogs-ignores-qemuall.txt
@@ -0,0 +1,35 @@
+# psplash
+FBIOPUT_VSCREENINFO failed, double buffering disabled
+
+# PCI host bridge to bus 0000:00
+# pci_bus 0000:00: root bus resource [mem 0x10000000-0x17ffffff]
+# pci_bus 0000:00: root bus resource [io  0x1000-0x1fffff]
+# pci_bus 0000:00: No busn resource found for root bus, will use [bus 00-ff]
+# pci 0000:00:00.0: [2046:ab11] type 00 class 0x100000
+# pci 0000:00:00.0: [Firmware Bug]: reg 0x10: invalid BAR (can't size)
+# pci 0000:00:00.0: [Firmware Bug]: reg 0x14: invalid BAR (can't size)
+# pci 0000:00:00.0: [Firmware Bug]: reg 0x18: invalid BAR (can't size)
+# pci 0000:00:00.0: [Firmware Bug]: reg 0x1c: invalid BAR (can't size)
+# pci 0000:00:00.0: [Firmware Bug]: reg 0x20: invalid BAR (can't size)
+# pci 0000:00:00.0: [Firmware Bug]: reg 0x24: invalid BAR (can't size)
+invalid BAR (can't size)
+# 6.10+ the invalid BAR warnings are of this format:
+# pci 0000:00:00.0: [Firmware Bug]: BAR 0: invalid; can't size
+# pci 0000:00:00.0: [Firmware Bug]: BAR 1: invalid; can't size
+# pci 0000:00:00.0: [Firmware Bug]: BAR 2: invalid; can't size
+# pci 0000:00:00.0: [Firmware Bug]: BAR 3: invalid; can't size
+# pci 0000:00:00.0: [Firmware Bug]: BAR 4: invalid; can't size
+# pci 0000:00:00.0: [Firmware Bug]: BAR 5: invalid; can't size
+invalid; can't size
+
+# These should be reviewed to see if they are still needed
+wrong ELF class
+fail to add MMCONFIG information, can't access extended PCI configuration space under this bridge
+can't claim BAR
+amd_nb: Cannot enumerate AMD northbridges
+tsc: HPET/PMTIMER calibration failed
+modeset(0): Failed to initialize the DRI2 extension
+glamor initialization failed
+blk_update_request: I/O error, dev fd0, sector 0 op 0x0:(READ)
+floppy: error
+failed to IDENTIFY (I/O error, err_mask=0x4)
diff --git a/meta/lib/oeqa/runtime/cases/parselogs-ignores-qemuarm64.txt b/meta/lib/oeqa/runtime/cases/parselogs-ignores-qemuarm64.txt
new file mode 100644
index 0000000000..260cdde620
--- /dev/null
+++ b/meta/lib/oeqa/runtime/cases/parselogs-ignores-qemuarm64.txt
@@ -0,0 +1,6 @@
+# These should be reviewed to see if they are still needed
+Fatal server error:
+(EE) Server terminated with error (1). Closing log file.
+dmi: Firmware registration failed.
+irq: type mismatch, failed to map hwirq-27 for /intc
+logind: failed to get session seat
\ No newline at end of file
diff --git a/meta/lib/oeqa/runtime/cases/parselogs-ignores-qemuarmv5.txt b/meta/lib/oeqa/runtime/cases/parselogs-ignores-qemuarmv5.txt
new file mode 100644
index 0000000000..ed91107b7d
--- /dev/null
+++ b/meta/lib/oeqa/runtime/cases/parselogs-ignores-qemuarmv5.txt
@@ -0,0 +1,19 @@
+# Code is 2 JENT_ECOARSETIME: Timer too coarse for RNG.
+jitterentropy: Initialization failed with host not compliant with requirements: 2
+
+# These should be reviewed to see if they are still needed
+mmci-pl18x: probe of fpga:05 failed with error -22
+mmci-pl18x: probe of fpga:0b failed with error -22
+
+OF: amba_device_add() failed (-19) for /amba/smc@10100000
+OF: amba_device_add() failed (-19) for /amba/mpmc@10110000
+OF: amba_device_add() failed (-19) for /amba/sctl@101e0000
+OF: amba_device_add() failed (-19) for /amba/watchdog@101e1000
+OF: amba_device_add() failed (-19) for /amba/sci@101f0000
+OF: amba_device_add() failed (-19) for /amba/spi@101f4000
+OF: amba_device_add() failed (-19) for /amba/ssp@101f4000
+OF: amba_device_add() failed (-19) for /amba/fpga/sci@a000
+Failed to initialize '/amba/timer@101e3000': -22
+
+clcd-pl11x: probe of 10120000.display failed with error -2
+arm-charlcd 10008000.lcd: error -ENXIO: IRQ index 0 not found
diff --git a/meta/lib/oeqa/runtime/cases/parselogs-ignores-qemuppc.txt b/meta/lib/oeqa/runtime/cases/parselogs-ignores-qemuppc.txt
new file mode 100644
index 0000000000..d9b58b58f1
--- /dev/null
+++ b/meta/lib/oeqa/runtime/cases/parselogs-ignores-qemuppc.txt
@@ -0,0 +1,6 @@
+# These should be reviewed to see if they are still needed
+PCI 0000:00 Cannot reserve Legacy IO [io  0x0000-0x0fff]
+host side 80-wire cable detection failed, limiting max speed
+mode "640x480" test failed
+can't handle BAR above 4GB
+Cannot reserve Legacy IO
\ No newline at end of file
diff --git a/meta/lib/oeqa/runtime/cases/parselogs-ignores-qemuppc64.txt b/meta/lib/oeqa/runtime/cases/parselogs-ignores-qemuppc64.txt
new file mode 100644
index 0000000000..b736a2aeb7
--- /dev/null
+++ b/meta/lib/oeqa/runtime/cases/parselogs-ignores-qemuppc64.txt
@@ -0,0 +1,4 @@
+# These should be reviewed to see if they are still needed
+vio vio: uevent: failed to send synthetic uevent
+synth uevent: /devices/vio: failed to send uevent
+PCI 0000:00 Cannot reserve Legacy IO [io  0x10000-0x10fff]
\ No newline at end of file
diff --git a/meta/lib/oeqa/runtime/cases/parselogs-ignores-qemux86.txt b/meta/lib/oeqa/runtime/cases/parselogs-ignores-qemux86.txt
new file mode 100644
index 0000000000..ebb76f1221
--- /dev/null
+++ b/meta/lib/oeqa/runtime/cases/parselogs-ignores-qemux86.txt
@@ -0,0 +1,2 @@
+# These should be reviewed to see if they are still needed
+Failed to access perfctr msr (MSR
diff --git a/meta/lib/oeqa/runtime/cases/parselogs-ignores-x86.txt b/meta/lib/oeqa/runtime/cases/parselogs-ignores-x86.txt
new file mode 100644
index 0000000000..5985247daf
--- /dev/null
+++ b/meta/lib/oeqa/runtime/cases/parselogs-ignores-x86.txt
@@ -0,0 +1,10 @@
+# These should be reviewed to see if they are still needed
+[drm:psb_do_init] *ERROR* Debug is
+wrong ELF class
+Could not enable PowerButton event
+probe of LNXPWRBN:00 failed with error -22
+pmd_set_huge: Cannot satisfy
+failed to setup card detect gpio
+amd_nb: Cannot enumerate AMD northbridges
+failed to retrieve link info, disabling eDP
+Direct firmware load for iwlwifi
diff --git a/meta/lib/oeqa/runtime/cases/parselogs-ignores-x86_64.txt b/meta/lib/oeqa/runtime/cases/parselogs-ignores-x86_64.txt
new file mode 120000
index 0000000000..404e384c32
--- /dev/null
+++ b/meta/lib/oeqa/runtime/cases/parselogs-ignores-x86_64.txt
@@ -0,0 +1 @@
+parselogs-ignores-x86.txt
\ No newline at end of file
diff --git a/meta/lib/oeqa/runtime/cases/parselogs.py b/meta/lib/oeqa/runtime/cases/parselogs.py
index a1791b5cca..47c77fccd5 100644
--- a/meta/lib/oeqa/runtime/cases/parselogs.py
+++ b/meta/lib/oeqa/runtime/cases/parselogs.py
@@ -1,204 +1,49 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
+import collections
 import os
+import sys
 
-from subprocess import check_output
 from shutil import rmtree
 from oeqa.runtime.case import OERuntimeTestCase
 from oeqa.core.decorator.depends import OETestDepends
-from oeqa.core.decorator.data import skipIfDataVar
-from oeqa.runtime.decorator.package import OEHasPackage
-
-#in the future these lists could be moved outside of module
-errors = ["error", "cannot", "can\'t", "failed"]
-
-common_errors = [
-    "(WW) warning, (EE) error, (NI) not implemented, (??) unknown.",
-    "dma timeout",
-    "can\'t add hid device:",
-    "usbhid: probe of ",
-    "_OSC failed (AE_ERROR)",
-    "_OSC failed (AE_SUPPORT)",
-    "AE_ALREADY_EXISTS",
-    "ACPI _OSC request failed (AE_SUPPORT)",
-    "can\'t disable ASPM",
-    "Failed to load module \"vesa\"",
-    "Failed to load module vesa",
-    "Failed to load module \"modesetting\"",
-    "Failed to load module modesetting",
-    "Failed to load module \"glx\"",
-    "Failed to load module \"fbdev\"",
-    "Failed to load module fbdev",
-    "Failed to load module glx",
-    "[drm] Cannot find any crtc or sizes - going 1024x768",
-    "_OSC failed (AE_NOT_FOUND); disabling ASPM",
-    "Open ACPI failed (/var/run/acpid.socket) (No such file or directory)",
-    "NX (Execute Disable) protection cannot be enabled: non-PAE kernel!",
-    "hd.: possibly failed opcode",
-    'NETLINK INITIALIZATION FAILED',
-    'kernel: Cannot find map file',
-    'omap_hwmod: debugss: _wait_target_disable failed',
-    'VGA arbiter: cannot open kernel arbiter, no multi-card support',
-    'Failed to find URL:http://ipv4.connman.net/online/status.html',
-    'Online check failed for',
-    'netlink init failed',
-    'Fast TSC calibration',
-    "BAR 0-9",
-    "Failed to load module \"ati\"",
-    "controller can't do DEVSLP, turning off",
-    "stmmac_dvr_probe: warning: cannot get CSR clock",
-    "error: couldn\'t mount because of unsupported optional features",
-    "GPT: Use GNU Parted to correct GPT errors",
-    "Cannot set xattr user.Librepo.DownloadInProgress",
-    "Failed to read /var/lib/nfs/statd/state: Success",
-    "error retry time-out =",
-    "logind: cannot setup systemd-logind helper (-61), using legacy fallback",
-    "Failed to rename network interface",
-    "Failed to process device, ignoring: Device or resource busy",
-    "Cannot find a map file",
-    "[rdrand]: Initialization Failed",
-    "[pulseaudio] authkey.c: Failed to open cookie file",
-    "[pulseaudio] authkey.c: Failed to load authentication key",
-    ]
 
-video_related = [
-]
+# importlib.resources.open_text in Python <3.10 doesn't search all directories
+# when a package is split across multiple directories. Until we can rely on
+# 3.10+, reimplement the searching logic.
+if sys.version_info < (3, 10):
+    def _open_text(package, resource):
+        import importlib, pathlib
+        module = importlib.import_module(package)
+        for path in module.__path__:
+            candidate = pathlib.Path(path) / resource
+            if candidate.exists():
+                return candidate.open(encoding='utf-8')
+        raise FileNotFoundError
+else:
+    from importlib.resources import open_text as _open_text
 
-x86_common = [
-    '[drm:psb_do_init] *ERROR* Debug is',
-    'wrong ELF class',
-    'Could not enable PowerButton event',
-    'probe of LNXPWRBN:00 failed with error -22',
-    'pmd_set_huge: Cannot satisfy',
-    'failed to setup card detect gpio',
-    'amd_nb: Cannot enumerate AMD northbridges',
-    'failed to retrieve link info, disabling eDP',
-    'Direct firmware load for iwlwifi',
-    'Direct firmware load for regulatory.db',
-    'failed to load regulatory.db',
-] + common_errors
 
-qemux86_common = [
-    'wrong ELF class',
-    "fail to add MMCONFIG information, can't access extended PCI configuration space under this bridge.",
-    "can't claim BAR ",
-    'amd_nb: Cannot enumerate AMD northbridges',
-    'tsc: HPET/PMTIMER calibration failed',
-    "modeset(0): Failed to initialize the DRI2 extension",
-    "glamor initialization failed",
-] + common_errors
+class ParseLogsTest(OERuntimeTestCase):
 
-ignore_errors = {
-    'default' : common_errors,
-    'qemux86' : [
-        'Failed to access perfctr msr (MSR',
-        'pci 0000:00:00.0: [Firmware Bug]: reg 0x..: invalid BAR (can\'t size)',
-        ] + qemux86_common,
-    'qemux86-64' : qemux86_common,
-    'qemumips' : [
-        'Failed to load module "glx"',
-        'pci 0000:00:00.0: [Firmware Bug]: reg 0x..: invalid BAR (can\'t size)',
-        'cacheinfo: Failed to find cpu0 device node',
-        ] + common_errors,
-    'qemumips64' : [
-        'pci 0000:00:00.0: [Firmware Bug]: reg 0x..: invalid BAR (can\'t size)',
-        'cacheinfo: Failed to find cpu0 device node',
-         ] + common_errors,
-    'qemuppc' : [
-        'PCI 0000:00 Cannot reserve Legacy IO [io  0x0000-0x0fff]',
-        'host side 80-wire cable detection failed, limiting max speed',
-        'mode "640x480" test failed',
-        'Failed to load module "glx"',
-        'can\'t handle BAR above 4GB',
-        'Cannot reserve Legacy IO',
-        ] + common_errors,
-    'qemuarm' : [
-        'mmci-pl18x: probe of fpga:05 failed with error -22',
-        'mmci-pl18x: probe of fpga:0b failed with error -22',
-        'Failed to load module "glx"',
-        'OF: amba_device_add() failed (-19) for /amba/smc@10100000',
-        'OF: amba_device_add() failed (-19) for /amba/mpmc@10110000',
-        'OF: amba_device_add() failed (-19) for /amba/sctl@101e0000',
-        'OF: amba_device_add() failed (-19) for /amba/watchdog@101e1000',
-        'OF: amba_device_add() failed (-19) for /amba/sci@101f0000',
-        'OF: amba_device_add() failed (-19) for /amba/spi@101f4000',
-        'OF: amba_device_add() failed (-19) for /amba/ssp@101f4000',
-        'OF: amba_device_add() failed (-19) for /amba/fpga/sci@a000',
-        'Failed to initialize \'/amba/timer@101e3000\': -22',
-        'jitterentropy: Initialization failed with host not compliant with requirements: 2',
-        ] + common_errors,
-    'qemuarm64' : [
-        'Fatal server error:',
-        '(EE) Server terminated with error (1). Closing log file.',
-        'dmi: Firmware registration failed.',
-        'irq: type mismatch, failed to map hwirq-27 for /intc',
-        'logind: failed to get session seat',
-        ] + common_errors,
-    'intel-core2-32' : [
-        'ACPI: No _BQC method, cannot determine initial brightness',
-        '[Firmware Bug]: ACPI: No _BQC method, cannot determine initial brightness',
-        '(EE) Failed to load module "psb"',
-        '(EE) Failed to load module psb',
-        '(EE) Failed to load module "psbdrv"',
-        '(EE) Failed to load module psbdrv',
-        '(EE) open /dev/fb0: No such file or directory',
-        '(EE) AIGLX: reverting to software rendering',
-        'dmi: Firmware registration failed.',
-        'ioremap error for 0x78',
-        ] + x86_common,
-    'intel-corei7-64' : [
-        'can\'t set Max Payload Size to 256',
-        'intel_punit_ipc: can\'t request region for resource',
-        '[drm] parse error at position 4 in video mode \'efifb\'',
-        'ACPI Error: Could not enable RealTimeClock event',
-        'ACPI Warning: Could not enable fixed event - RealTimeClock',
-        'hci_intel INT33E1:00: Unable to retrieve gpio',
-        'hci_intel: probe of INT33E1:00 failed',
-        'can\'t derive routing for PCI INT A',
-        'failed to read out thermal zone',
-        'Bluetooth: hci0: Setting Intel event mask failed',
-        'ttyS2 - failed to request DMA',
-        'Bluetooth: hci0: Failed to send firmware data (-38)',
-        'atkbd serio0: Failed to enable keyboard on isa0060/serio0',
-        ] + x86_common,
-    'genericx86' : x86_common,
-    'genericx86-64' : [
-        'Direct firmware load for i915',
-        'Failed to load firmware i915',
-        'Failed to fetch GuC',
-        'Failed to initialize GuC',
-        'Failed to load DMC firmware',
-        'The driver is built-in, so to load the firmware you need to',
-        ] + x86_common,
-    'edgerouter' : [
-        'not creating \'/sys/firmware/fdt\'',
-        'Failed to find cpu0 device node',
-        'Fatal server error:',
-        'Server terminated with error',
-        ] + common_errors,
-    'beaglebone-yocto' : [
-        'Direct firmware load for regulatory.db',
-        'failed to load regulatory.db',
-        'l4_wkup_cm',
-        'Failed to load module "glx"',
-        'Failed to make EGL context current',
-        'glamor initialization failed',
-        ] + common_errors,
-}
+    # Which log files should be collected
+    log_locations = ["/var/log/", "/var/log/dmesg", "/tmp/dmesg_output.log"]
 
-log_locations = ["/var/log/","/var/log/dmesg", "/tmp/dmesg_output.log"]
+    # The keywords that identify error messages in the log files
+    errors = ["error", "cannot", "can't", "failed", "---[ cut here ]---", "No irq handler for vector"]
 
-class ParseLogsTest(OERuntimeTestCase):
+    # A list of error messages that should be ignored
+    ignore_errors = []
 
     @classmethod
     def setUpClass(cls):
-        cls.errors = errors
-
         # When systemd is enabled we need to notice errors on
         # circular dependencies in units.
-        if 'systemd' in cls.td.get('DISTRO_FEATURES', ''):
+        if 'systemd' in cls.td.get('DISTRO_FEATURES'):
             cls.errors.extend([
                 'Found ordering cycle on',
                 'Breaking ordering cycle by deleting job',
@@ -206,48 +51,22 @@ class ParseLogsTest(OERuntimeTestCase):
                 'Ordering cycle found, skipping',
                 ])
 
-        cls.ignore_errors = ignore_errors
-        cls.log_locations = log_locations
-        cls.msg = ''
-        is_lsb, _ = cls.tc.target.run("which LSB_Test.sh")
-        if is_lsb == 0:
-            for machine in cls.ignore_errors:
-                cls.ignore_errors[machine] = cls.ignore_errors[machine] \
-                                             + video_related
-
-    def getMachine(self):
-        return self.td.get('MACHINE', '')
-
-    def getWorkdir(self):
-        return self.td.get('WORKDIR', '')
-
-    # Get some information on the CPU of the machine to display at the
-    # beginning of the output. This info might be useful in some cases.
-    def getHardwareInfo(self):
-        hwi = ""
-        cmd = ('cat /proc/cpuinfo | grep "model name" | head -n1 | '
-               " awk 'BEGIN{FS=\":\"}{print $2}'")
-        _, cpu_name = self.target.run(cmd)
-
-        cmd = ('cat /proc/cpuinfo | grep "cpu cores" | head -n1 | '
-               "awk {'print $4'}")
-        _, cpu_physical_cores = self.target.run(cmd)
-
-        cmd = 'cat /proc/cpuinfo | grep "processor" | wc -l'
-        _, cpu_logical_cores = self.target.run(cmd)
-
-        _, cpu_arch = self.target.run('uname -m')
+        cls.errors = [s.casefold() for s in cls.errors]
 
-        hwi += 'Machine information: \n'
-        hwi += '*******************************\n'
-        hwi += 'Machine name: ' + self.getMachine() + '\n'
-        hwi += 'CPU: ' + str(cpu_name) + '\n'
-        hwi += 'Arch: ' + str(cpu_arch)+ '\n'
-        hwi += 'Physical cores: ' + str(cpu_physical_cores) + '\n'
-        hwi += 'Logical cores: ' + str(cpu_logical_cores) + '\n'
-        hwi += '*******************************\n'
+        cls.load_machine_ignores()
 
-        return hwi
+    @classmethod
+    def load_machine_ignores(cls):
+        # Add TARGET_ARCH explicitly as not every machine has that in MACHINEOVERRDES (eg qemux86-64)
+        for candidate in ["common", cls.td.get("TARGET_ARCH")] + cls.td.get("MACHINEOVERRIDES").split(":"):
+            try:
+                name = f"parselogs-ignores-{candidate}.txt"
+                for line in _open_text("oeqa.runtime.cases", name):
+                    line = line.strip()
+                    if line and not line.startswith("#"):
+                        cls.ignore_errors.append(line.casefold())
+            except FileNotFoundError:
+                pass
 
     # Go through the log locations provided and if it's a folder
     # create a list with all the .log files in it, if it's a file
@@ -255,23 +74,23 @@ class ParseLogsTest(OERuntimeTestCase):
     def getLogList(self, log_locations):
         logs = []
         for location in log_locations:
-            status, _ = self.target.run('test -f ' + str(location))
+            status, _ = self.target.run('test -f %s' % location)
             if status == 0:
-                logs.append(str(location))
+                logs.append(location)
             else:
-                status, _ = self.target.run('test -d ' + str(location))
+                status, _ = self.target.run('test -d %s' % location)
                 if status == 0:
-                    cmd = 'find ' + str(location) + '/*.log -maxdepth 1 -type f'
+                    cmd = 'find %s -name \\*.log -maxdepth 1 -type f' % location
                     status, output = self.target.run(cmd)
                     if status == 0:
                         output = output.splitlines()
                         for logfile in output:
-                            logs.append(os.path.join(location, str(logfile)))
+                            logs.append(os.path.join(location, logfile))
         return logs
 
     # Copy the log files to be parsed locally
     def transfer_logs(self, log_list):
-        workdir = self.getWorkdir()
+        workdir = self.td.get('WORKDIR')
         self.target_logs = workdir + '/' + 'target_logs'
         target_logs = self.target_logs
         if os.path.exists(target_logs):
@@ -288,65 +107,55 @@ class ParseLogsTest(OERuntimeTestCase):
         logs = [f for f in dir_files if os.path.isfile(f)]
         return logs
 
-    # Build the grep command to be used with filters and exclusions
-    def build_grepcmd(self, errors, ignore_errors, log):
-        grepcmd = 'grep '
-        grepcmd += '-Ei "'
-        for error in errors:
-            grepcmd += '\<' + error + '\>' + '|'
-        grepcmd = grepcmd[:-1]
-        grepcmd += '" ' + str(log) + " | grep -Eiv \'"
-
-        try:
-            errorlist = ignore_errors[self.getMachine()]
-        except KeyError:
-            self.msg += 'No ignore list found for this machine, using default\n'
-            errorlist = ignore_errors['default']
-
-        for ignore_error in errorlist:
-            ignore_error = ignore_error.replace('(', '\(')
-            ignore_error = ignore_error.replace(')', '\)')
-            ignore_error = ignore_error.replace("'", '.')
-            ignore_error = ignore_error.replace('?', '\?')
-            ignore_error = ignore_error.replace('[', '\[')
-            ignore_error = ignore_error.replace(']', '\]')
-            ignore_error = ignore_error.replace('*', '\*')
-            ignore_error = ignore_error.replace('0-9', '[0-9]')
-            grepcmd += ignore_error + '|'
-        grepcmd = grepcmd[:-1]
-        grepcmd += "\'"
-
-        return grepcmd
-
-    # Grep only the errors so that their context could be collected.
-    # Default context is 10 lines before and after the error itself
-    def parse_logs(self, errors, ignore_errors, logs,
-                   lines_before = 10, lines_after = 10):
-        results = {}
-        rez = []
-        grep_output = ''
+    def get_context(self, lines, index, before=6, after=3):
+        """
+        Given a set of lines and the index of the line that is important, return
+        a number of lines surrounding that line.
+        """
+        last = len(lines)
+
+        start = index - before
+        end = index + after + 1
+
+        if start < 0:
+            end -= start
+            start = 0
+        if end > last:
+            start -= end - last
+            end = last
+
+        return lines[start:end]
+
+    def test_get_context(self):
+        """
+        A test case for the test case.
+        """
+        lines = list(range(0,10))
+        self.assertEqual(self.get_context(lines, 0, 2, 1), [0, 1, 2, 3])
+        self.assertEqual(self.get_context(lines, 5, 2, 1), [3, 4, 5, 6])
+        self.assertEqual(self.get_context(lines, 9, 2, 1), [6, 7, 8, 9])
+
+    def parse_logs(self, logs, lines_before=10, lines_after=10):
+        """
+        Search the log files @logs looking for error lines (marked by
+        @self.errors), ignoring anything listed in @self.ignore_errors.
+
+        Returns a dictionary of log filenames to a dictionary of error lines to
+        the error context (controlled by @lines_before and @lines_after).
+        """
+        results = collections.defaultdict(dict)
 
         for log in logs:
-            result = None
-            thegrep = self.build_grepcmd(errors, ignore_errors, log)
+            with open(log) as f:
+                lines = f.readlines()
 
-            try:
-                result = check_output(thegrep, shell=True).decode('utf-8')
-            except:
-                pass
+            for i, line in enumerate(lines):
+                line = line.strip()
+                line_lower = line.casefold()
 
-            if result is not None:
-                results[log] = {}
-                rez = result.splitlines()
-
-                for xrez in rez:
-                    try:
-                        cmd = ['grep', '-F', xrez, '-B', str(lines_before)]
-                        cmd += ['-A', str(lines_after), log]
-                        grep_output = check_output(cmd).decode('utf-8')
-                    except:
-                        pass
-                    results[log][xrez]=grep_output
+                if any(keyword in line_lower for keyword in self.errors):
+                    if not any(ignore in line_lower for ignore in self.ignore_errors):
+                        results[log][line] = "".join(self.get_context(lines, i, lines_before, lines_after))
 
         return results
 
@@ -359,17 +168,18 @@ class ParseLogsTest(OERuntimeTestCase):
     def test_parselogs(self):
         self.write_dmesg()
         log_list = self.get_local_log_list(self.log_locations)
-        result = self.parse_logs(self.errors, self.ignore_errors, log_list)
-        print(self.getHardwareInfo())
+        result = self.parse_logs(log_list)
+
         errcount = 0
+        self.msg = ""
         for log in result:
             self.msg += 'Log: ' + log + '\n'
             self.msg += '-----------------------\n'
             for error in result[log]:
                 errcount += 1
-                self.msg += 'Central error: ' + str(error) + '\n'
+                self.msg += 'Central error: ' + error + '\n'
                 self.msg +=  '***********************\n'
-                self.msg +=  result[str(log)][str(error)] + '\n'
+                self.msg +=  result[log][error] + '\n'
                 self.msg +=  '***********************\n'
         self.msg += '%s errors found in logs.' % errcount
         self.assertEqual(errcount, 0, msg=self.msg)
diff --git a/meta/lib/oeqa/runtime/cases/perl.py b/meta/lib/oeqa/runtime/cases/perl.py
index 2c6b3b7846..f11b300836 100644
--- a/meta/lib/oeqa/runtime/cases/perl.py
+++ b/meta/lib/oeqa/runtime/cases/perl.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
diff --git a/meta/lib/oeqa/runtime/cases/ping.py b/meta/lib/oeqa/runtime/cases/ping.py
index f6603f75ec..efb91d4cc9 100644
--- a/meta/lib/oeqa/runtime/cases/ping.py
+++ b/meta/lib/oeqa/runtime/cases/ping.py
@@ -1,11 +1,15 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
 from subprocess import Popen, PIPE
+from time import sleep
 
-from oeqa.runtime.case import OERuntimeTestCase
+from oeqa.runtime.case import OERuntimeTestCase, run_network_serialdebug
 from oeqa.core.decorator.oetimeout import OETimeout
+from oeqa.core.exception import OEQATimeoutError
 
 class PingTest(OERuntimeTestCase):
 
@@ -13,14 +17,27 @@ class PingTest(OERuntimeTestCase):
     def test_ping(self):
         output = ''
         count = 0
-        while count < 5:
-            cmd = 'ping -c 1 %s' % self.target.ip
-            proc = Popen(cmd, shell=True, stdout=PIPE)
-            output += proc.communicate()[0].decode('utf-8')
-            if proc.poll() == 0:
-                count += 1
-            else:
-                count = 0
+        self.assertNotEqual(len(self.target.ip), 0, msg="No target IP address set")
+
+        # If the target IP is localhost (because user-space networking is being used),
+        # then there's no point in pinging it.
+        if self.target.ip.startswith("127.0.0.") or self.target.ip in ("localhost", "::1"):
+            print("runtime/ping: localhost detected, not pinging")
+            return
+
+        try:
+            while count < 5:
+                cmd = 'ping -c 1 %s' % self.target.ip
+                proc = Popen(cmd, shell=True, stdout=PIPE)
+                output += proc.communicate()[0].decode('utf-8')
+                if proc.poll() == 0:
+                    count += 1
+                else:
+                    count = 0
+                    sleep(1)
+        except OEQATimeoutError:
+            run_network_serialdebug(self.target.runner)
+            self.fail("Ping timeout error for address %s, count %s, output: %s" % (self.target.ip, count, output))
         msg = ('Expected 5 consecutive, got %d.\n'
                'ping output is:\n%s' % (count,output))
         self.assertEqual(count, 5, msg = msg)
diff --git a/meta/lib/oeqa/runtime/cases/ptest.py b/meta/lib/oeqa/runtime/cases/ptest.py
index 0800f3c27f..fbaeb84d00 100644
--- a/meta/lib/oeqa/runtime/cases/ptest.py
+++ b/meta/lib/oeqa/runtime/cases/ptest.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -57,7 +59,7 @@ class PtestRunnerTest(OERuntimeTestCase):
         ptest_dirs = [ '/usr/lib' ]
         if not libdir in ptest_dirs:
             ptest_dirs.append(libdir)
-        status, output = self.target.run('ptest-runner -d \"{}\"'.format(' '.join(ptest_dirs)), 0)
+        status, output = self.target.run('ptest-runner -t 450 -d \"{}\"'.format(' '.join(ptest_dirs)), 0)
         os.makedirs(ptest_log_dir)
         with open(ptest_runner_log, 'w') as f:
             f.write(output)
@@ -81,17 +83,20 @@ class PtestRunnerTest(OERuntimeTestCase):
 
         extras['ptestresult.sections'] = sections
 
+        zerolength = []
         trans = str.maketrans("()", "__")
         for section in results:
             for test in results[section]:
                 result = results[section][test]
                 testname = "ptestresult." + (section or "No-section") + "." + "_".join(test.translate(trans).split())
                 extras[testname] = {'status': result}
+            if not results[section]:
+                zerolength.append(section)
 
         failed_tests = {}
 
         for section in sections:
-            if 'exitcode' in sections[section].keys():
+            if 'exitcode' in sections[section].keys() or 'timeout' in sections[section].keys():
                 failed_tests[section] = sections[section]["log"]
 
         for section in results:
@@ -105,7 +110,10 @@ class PtestRunnerTest(OERuntimeTestCase):
             failmsg = "ERROR: Processes were killed by the OOM Killer:\n%s\n" % output
 
         if failed_tests:
-            failmsg = failmsg + "Failed ptests:\n%s" % pprint.pformat(failed_tests)
+            failmsg = failmsg + "\nFailed ptests:\n%s\n" % pprint.pformat(failed_tests)
+
+        if zerolength:
+            failmsg = failmsg + "\nptests which had no test results:\n%s" % pprint.pformat(zerolength)
 
         if failmsg:
             self.logger.warning("There were failing ptests.")
diff --git a/meta/lib/oeqa/runtime/cases/python.py b/meta/lib/oeqa/runtime/cases/python.py
index ec54f1e1db..5d6d133480 100644
--- a/meta/lib/oeqa/runtime/cases/python.py
+++ b/meta/lib/oeqa/runtime/cases/python.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
diff --git a/meta/lib/oeqa/runtime/cases/rpm.py b/meta/lib/oeqa/runtime/cases/rpm.py
index 8e18b426f8..ea5619ffea 100644
--- a/meta/lib/oeqa/runtime/cases/rpm.py
+++ b/meta/lib/oeqa/runtime/cases/rpm.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -49,21 +51,20 @@ class RpmBasicTest(OERuntimeTestCase):
             msg = 'status: %s. Cannot run rpm -qa: %s' % (status, output)
             self.assertEqual(status, 0, msg=msg)
 
-        def check_no_process_for_user(u):
-            _, output = self.target.run(self.tc.target_cmds['ps'])
-            if u + ' ' in output:
-                return False
-            else:
-                return True
+        def wait_for_no_process_for_user(u, timeout = 120):
+            timeout_at = time.time() + timeout
+            while time.time() < timeout_at:
+                _, output = self.target.run(self.tc.target_cmds['ps'])
+                if u + ' ' not in output:
+                    return
+                time.sleep(1)
+            user_pss = [ps for ps in output.split("\n") if u + ' ' in ps]
+            msg = "User %s has processes still running: %s" % (u, "\n".join(user_pss))
+            self.fail(msg=msg)
 
         def unset_up_test_user(u):
             # ensure no test1 process in running
-            timeout = time.time() + 30
-            while time.time() < timeout:
-                if check_no_process_for_user(u):
-                    break
-                else:
-                    time.sleep(1)
+            wait_for_no_process_for_user(u)
             status, output = self.target.run('userdel -r %s' % u)
             msg = 'Failed to erase user: %s' % output
             self.assertTrue(status == 0, msg=msg)
@@ -79,21 +80,24 @@ class RpmBasicTest(OERuntimeTestCase):
 
 class RpmInstallRemoveTest(OERuntimeTestCase):
 
-    @classmethod
-    def setUpClass(cls):
-        pkgarch = cls.td['TUNE_PKGARCH'].replace('-', '_')
-        rpmdir = os.path.join(cls.tc.td['DEPLOY_DIR'], 'rpm', pkgarch)
+    def _find_test_file(self):
+        pkgarch = self.td['TUNE_PKGARCH'].replace('-', '_')
+        rpmdir = os.path.join(self.tc.td['DEPLOY_DIR'], 'rpm', pkgarch)
         # Pick base-passwd-doc as a test file to get installed, because it's small
         # and it will always be built for standard targets
         rpm_doc = 'base-passwd-doc-*.%s.rpm' % pkgarch
         if not os.path.exists(rpmdir):
-            return
+            self.fail("Rpm directory {} does not exist".format(rpmdir))
         for f in fnmatch.filter(os.listdir(rpmdir), rpm_doc):
-            cls.test_file = os.path.join(rpmdir, f)
-        cls.dst = '/tmp/base-passwd-doc.rpm'
+            self.test_file = os.path.join(rpmdir, f)
+            break
+        else:
+            self.fail("Couldn't find the test rpm file {} in {}".format(rpm_doc, rpmdir))
+        self.dst = '/tmp/base-passwd-doc.rpm'
 
     @OETestDepends(['rpm.RpmBasicTest.test_rpm_query'])
     def test_rpm_install(self):
+        self._find_test_file()
         self.tc.target.copyTo(self.test_file, self.dst)
         status, output = self.target.run('rpm -ivh /tmp/base-passwd-doc.rpm')
         msg = 'Failed to install base-passwd-doc package: %s' % output
@@ -116,12 +120,13 @@ class RpmInstallRemoveTest(OERuntimeTestCase):
         Author:      Alexander Kanavin <alex.kanavin@gmail.com>
         AutomatedBy: Daniel Istrate <daniel.alexandrux.istrate@intel.com>
         """
-        db_files_cmd = 'ls /var/lib/rpm/__db.*'
+        self._find_test_file()
+        db_files_cmd = 'ls /var/lib/rpm/rpmdb.sqlite*'
         check_log_cmd = "grep RPM /var/log/messages | wc -l"
 
-        # Make sure that some database files are under /var/lib/rpm as '__db.xxx'
+        # Make sure that some database files are under /var/lib/rpm as 'rpmdb.sqlite'
         status, output = self.target.run(db_files_cmd)
-        msg =  'Failed to find database files under /var/lib/rpm/ as __db.xxx'
+        msg =  'Failed to find database files under /var/lib/rpm/ as rpmdb.sqlite'
         self.assertEqual(0, status, msg=msg)
 
         self.tc.target.copyTo(self.test_file, self.dst)
@@ -141,13 +146,4 @@ class RpmInstallRemoveTest(OERuntimeTestCase):
 
         self.tc.target.run('rm -f %s' % self.dst)
 
-        # if using systemd this should ensure all entries are flushed to /var
-        status, output = self.target.run("journalctl --sync")
-        # Get the amount of entries in the log file
-        status, output = self.target.run(check_log_cmd)
-        msg = 'Failed to get the final size of the log file.'
-        self.assertEqual(0, status, msg=msg)
 
-        # Check that there's enough of them
-        self.assertGreaterEqual(int(output), 80,
-                                   'Cound not find sufficient amount of rpm entries in /var/log/messages, found {} entries'.format(output))
diff --git a/meta/lib/oeqa/runtime/cases/rt.py b/meta/lib/oeqa/runtime/cases/rt.py
new file mode 100644
index 0000000000..15ab4dbbbb
--- /dev/null
+++ b/meta/lib/oeqa/runtime/cases/rt.py
@@ -0,0 +1,19 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+from oeqa.runtime.case import OERuntimeTestCase
+from oeqa.core.decorator.depends import OETestDepends
+
+class RtTest(OERuntimeTestCase):
+    @OETestDepends(['ssh.SSHTest.test_ssh'])
+    def test_is_rt(self):
+        """
+        Check that the kernel has CONFIG_PREEMPT_RT enabled.
+        """
+        status, output = self.target.run("uname -a")
+        self.assertEqual(status, 0, msg=output)
+        # Split so we don't get a substring false-positive
+        self.assertIn("PREEMPT_RT", output.split())
diff --git a/meta/lib/oeqa/runtime/cases/rtc.py b/meta/lib/oeqa/runtime/cases/rtc.py
index a34c101a9d..6e45c5db4f 100644
--- a/meta/lib/oeqa/runtime/cases/rtc.py
+++ b/meta/lib/oeqa/runtime/cases/rtc.py
@@ -1,5 +1,11 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
 from oeqa.runtime.case import OERuntimeTestCase
 from oeqa.core.decorator.depends import OETestDepends
+from oeqa.core.decorator.data import skipIfFeature
 from oeqa.runtime.decorator.package import OEHasPackage
 
 import re
@@ -9,19 +15,21 @@ class RTCTest(OERuntimeTestCase):
     def setUp(self):
         if self.tc.td.get('VIRTUAL-RUNTIME_init_manager') == 'systemd':
             self.logger.debug('Stopping systemd-timesyncd daemon')
-            self.target.run('systemctl disable --now systemd-timesyncd')
+            self.target.run('systemctl disable --now --runtime systemd-timesyncd')
 
     def tearDown(self):
         if self.tc.td.get('VIRTUAL-RUNTIME_init_manager') == 'systemd':
             self.logger.debug('Starting systemd-timesyncd daemon')
-            self.target.run('systemctl enable --now systemd-timesyncd')
+            self.target.run('systemctl enable --now --runtime systemd-timesyncd')
 
+    @skipIfFeature('read-only-rootfs',
+                   'Test does not work with read-only-rootfs in IMAGE_FEATURES')
     @OETestDepends(['ssh.SSHTest.test_ssh'])
     @OEHasPackage(['coreutils', 'busybox'])
     def test_rtc(self):
         (status, output) = self.target.run('hwclock -r')
         self.assertEqual(status, 0, msg='Failed to get RTC time, output: %s' % output)
-        
+
         (status, current_datetime) = self.target.run('date +"%m%d%H%M%Y"')
         self.assertEqual(status, 0, msg='Failed to get system current date & time, output: %s' % current_datetime)
 
@@ -32,7 +40,6 @@ class RTCTest(OERuntimeTestCase):
 
         (status, output) = self.target.run('date %s' % current_datetime)
         self.assertEqual(status, 0, msg='Failed to reset system date & time, output: %s' % output)
-        
+
         (status, output) = self.target.run('hwclock -w')
         self.assertEqual(status, 0, msg='Failed to reset RTC time, output: %s' % output)
-        
diff --git a/meta/lib/oeqa/runtime/cases/runlevel.py b/meta/lib/oeqa/runtime/cases/runlevel.py
index 3a4df8ace1..6734b0f5ed 100644
--- a/meta/lib/oeqa/runtime/cases/runlevel.py
+++ b/meta/lib/oeqa/runtime/cases/runlevel.py
@@ -1,3 +1,8 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
 from oeqa.runtime.case import OERuntimeTestCase
 from oeqa.core.decorator.depends import OETestDepends
 
diff --git a/meta/lib/oeqa/runtime/cases/rust.py b/meta/lib/oeqa/runtime/cases/rust.py
new file mode 100644
index 0000000000..123c942012
--- /dev/null
+++ b/meta/lib/oeqa/runtime/cases/rust.py
@@ -0,0 +1,64 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+from oeqa.runtime.case import OERuntimeTestCase
+from oeqa.core.decorator.depends import OETestDepends
+from oeqa.runtime.decorator.package import OEHasPackage
+
+class RustCompileTest(OERuntimeTestCase):
+
+    @classmethod
+    def setUp(cls):
+        dst = '/tmp/'
+        src = os.path.join(cls.tc.files_dir, 'test.rs')
+        cls.tc.target.copyTo(src, dst)
+
+    @classmethod
+    def tearDown(cls):
+        files = '/tmp/test.rs /tmp/test'
+        cls.tc.target.run('rm %s' % files)
+        dirs = '/tmp/hello'
+        cls.tc.target.run('rm -r %s' % dirs)
+
+    @OETestDepends(['ssh.SSHTest.test_ssh'])
+    @OEHasPackage('rust')
+    @OEHasPackage('openssh-scp')
+    def test_rust_compile(self):
+        status, output = self.target.run('rustc /tmp/test.rs -o /tmp/test')
+        msg = 'rust compile failed, output: %s' % output
+        self.assertEqual(status, 0, msg=msg)
+
+        status, output = self.target.run('/tmp/test')
+        msg = 'running compiled file failed, output: %s' % output
+        self.assertEqual(status, 0, msg=msg)
+
+    @OETestDepends(['ssh.SSHTest.test_ssh'])
+    @OEHasPackage('cargo')
+    @OEHasPackage('openssh-scp')
+    def test_cargo_compile(self):
+        status, output = self.target.run('cargo new /tmp/hello')
+        msg = 'cargo new failed, output: %s' % output
+        self.assertEqual(status, 0, msg=msg)
+
+        status, output = self.target.run('cargo build --manifest-path=/tmp/hello/Cargo.toml')
+        msg = 'cargo build failed, output: %s' % output
+        self.assertEqual(status, 0, msg=msg)
+
+        status, output = self.target.run('cargo run --manifest-path=/tmp/hello/Cargo.toml')
+        msg = 'running compiled file failed, output: %s' % output
+        self.assertEqual(status, 0, msg=msg)
+
+class RustCLibExampleTest(OERuntimeTestCase):
+    @OETestDepends(['ssh.SSHTest.test_ssh'])
+    @OEHasPackage('rust-c-lib-example-bin')
+    def test_rust_c_lib_example(self):
+        cmd = "rust-c-lib-example-bin test"
+        status, output = self.target.run(cmd)
+        msg = 'Exit status was not 0. Output: %s' % output
+        self.assertEqual(status, 0, msg=msg)
+
+        msg = 'Incorrect output: %s' % output
+        self.assertEqual(output, "Hello world in rust from C!", msg=msg)
diff --git a/meta/lib/oeqa/runtime/cases/scons.py b/meta/lib/oeqa/runtime/cases/scons.py
index 3c7c7f7270..4a8d4d40ba 100644
--- a/meta/lib/oeqa/runtime/cases/scons.py
+++ b/meta/lib/oeqa/runtime/cases/scons.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
diff --git a/meta/lib/oeqa/runtime/cases/scp.py b/meta/lib/oeqa/runtime/cases/scp.py
index 3a5f292152..364264369a 100644
--- a/meta/lib/oeqa/runtime/cases/scp.py
+++ b/meta/lib/oeqa/runtime/cases/scp.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -23,7 +25,7 @@ class ScpTest(OERuntimeTestCase):
         os.remove(cls.tmp_path)
 
     @OETestDepends(['ssh.SSHTest.test_ssh'])
-    @OEHasPackage(['openssh-scp', 'dropbear'])
+    @OEHasPackage({'openssh-scp', 'openssh-sftp-server'})
     def test_scp_file(self):
         dst = '/tmp/test_scp_file'
 
diff --git a/meta/lib/oeqa/runtime/cases/skeletoninit.py b/meta/lib/oeqa/runtime/cases/skeletoninit.py
index 4779cd6bb4..be7b39a9a3 100644
--- a/meta/lib/oeqa/runtime/cases/skeletoninit.py
+++ b/meta/lib/oeqa/runtime/cases/skeletoninit.py
@@ -1,10 +1,11 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
-# This test should cover https://bugzilla.yoctoproject.org/tr_show_case.cgi?case_id=284
-# testcase. Image under test must have meta-skeleton layer in bblayers and
-# IMAGE_INSTALL_append = " service" in local.conf
+# Image under test must have meta-skeleton layer in bblayers and
+# IMAGE_INSTALL:append = " service" in local.conf
 from oeqa.runtime.case import OERuntimeTestCase
 from oeqa.core.decorator.depends import OETestDepends
 from oeqa.core.decorator.data import skipIfDataVar
@@ -15,7 +16,7 @@ class SkeletonBasicTest(OERuntimeTestCase):
     @OETestDepends(['ssh.SSHTest.test_ssh'])
     @OEHasPackage(['service'])
     @skipIfDataVar('VIRTUAL-RUNTIME_init_manager', 'systemd',
-                   'Not appropiate for systemd image')
+                   'Not appropriate for systemd image')
     def test_skeleton_availability(self):
         status, output = self.target.run('ls /etc/init.d/skeleton')
         msg = 'skeleton init script not found. Output:\n%s' % output
diff --git a/meta/lib/oeqa/runtime/cases/ssh.py b/meta/lib/oeqa/runtime/cases/ssh.py
index 60a5fbbfbf..b632a29a01 100644
--- a/meta/lib/oeqa/runtime/cases/ssh.py
+++ b/meta/lib/oeqa/runtime/cases/ssh.py
@@ -1,8 +1,13 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
-from oeqa.runtime.case import OERuntimeTestCase
+import time
+import signal
+
+from oeqa.runtime.case import OERuntimeTestCase, run_network_serialdebug
 from oeqa.core.decorator.depends import OETestDepends
 from oeqa.runtime.decorator.package import OEHasPackage
 
@@ -11,9 +16,23 @@ class SSHTest(OERuntimeTestCase):
     @OETestDepends(['ping.PingTest.test_ping'])
     @OEHasPackage(['dropbear', 'openssh-sshd'])
     def test_ssh(self):
-        (status, output) = self.target.run('uname -a')
-        self.assertEqual(status, 0, msg='SSH Test failed: %s' % output)
-        (status, output) = self.target.run('cat /etc/masterimage')
-        msg = "This isn't the right image  - /etc/masterimage " \
-              "shouldn't be here %s" % output
-        self.assertEqual(status, 1, msg=msg)
+        for i in range(5):
+          status, output = self.target.run("uname -a", timeout=30)
+          if status == 0:
+              break
+          elif status == 255 or status == -signal.SIGTERM:
+              # ssh returns 255 only if a ssh error occurs.  This could
+              # be an issue with "Connection refused" because the port
+              # isn't open yet, and this could check explicitly for that
+              # here.  However, let's keep it simple and just retry for
+              # all errors a limited amount of times with a sleep to
+              # give it time for the port to open.
+              # We sometimes see -15 (SIGTERM) on slow emulation machines too, likely
+              # from boot/init not being 100% complete, retry for these too.
+              time.sleep(5)
+              continue
+          else:
+              run_network_serialdebug(self.target.runner)
+              self.fail("uname failed with \"%s\" (exit code %s)" % (output, status))
+        if status != 0:
+            self.fail("ssh failed with \"%s\" (exit code %s)" % (output, status))
diff --git a/meta/lib/oeqa/runtime/cases/stap.py b/meta/lib/oeqa/runtime/cases/stap.py
index 5342f6ac34..6b55e7de50 100644
--- a/meta/lib/oeqa/runtime/cases/stap.py
+++ b/meta/lib/oeqa/runtime/cases/stap.py
@@ -1,37 +1,35 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
 import os
 
 from oeqa.runtime.case import OERuntimeTestCase
-from oeqa.core.decorator.depends import OETestDepends
 from oeqa.core.decorator.data import skipIfNotFeature
 from oeqa.runtime.decorator.package import OEHasPackage
 
 class StapTest(OERuntimeTestCase):
-
-    @classmethod
-    def setUp(cls):
-        src = os.path.join(cls.tc.runtime_files_dir, 'hello.stp')
-        dst = '/tmp/hello.stp'
-        cls.tc.target.copyTo(src, dst)
-
-    @classmethod
-    def tearDown(cls):
-        files = '/tmp/hello.stp'
-        cls.tc.target.run('rm %s' % files)
-
-    @skipIfNotFeature('tools-profile',
-                      'Test requires tools-profile to be in IMAGE_FEATURES')
-    @OETestDepends(['kernelmodule.KernelModuleTest.test_kernel_module'])
+    @skipIfNotFeature('tools-profile', 'Test requires tools-profile to be in IMAGE_FEATURES')
     @OEHasPackage(['systemtap'])
+    @OEHasPackage(['gcc-symlinks'])
+    @OEHasPackage(['kernel-devsrc'])
     def test_stap(self):
-        cmds = [
-            'cd /usr/src/kernel && make scripts prepare',
-            'cd /lib/modules/`uname -r` && (if [ ! -e build ]; then ln -s /usr/src/kernel build; fi)',
-            'stap --disable-cache -DSTP_NO_VERREL_CHECK /tmp/hello.stp'
-            ]
-        for cmd in cmds:
+        try:
+            cmd = 'make -j -C /usr/src/kernel scripts prepare'
             status, output = self.target.run(cmd, 900)
             self.assertEqual(status, 0, msg='\n'.join([cmd, output]))
+
+            cmd = 'stap -v -p4 -m stap_hello --disable-cache -DSTP_NO_VERREL_CHECK -e \'probe oneshot { print("Hello, "); println("SystemTap!") }\''
+            status, output = self.target.run(cmd, 900)
+            self.assertEqual(status, 0, msg='\n'.join([cmd, output]))
+
+            cmd = 'staprun -v -R -b1 stap_hello.ko'
+            status, output = self.target.run(cmd, 60)
+            self.assertEqual(status, 0, msg='\n'.join([cmd, output]))
+            self.assertIn('Hello, SystemTap!', output, msg='\n'.join([cmd, output]))
+        except:
+            status, dmesg = self.target.run('dmesg')
+            if status == 0:
+                print(dmesg)
diff --git a/meta/lib/oeqa/runtime/cases/storage.py b/meta/lib/oeqa/runtime/cases/storage.py
index 166d26b252..b05622fea8 100644
--- a/meta/lib/oeqa/runtime/cases/storage.py
+++ b/meta/lib/oeqa/runtime/cases/storage.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -91,24 +93,24 @@ class UsbTest(StorageBase):
         self.test_file = "usb.tst"
         self.test_dir = os.path.join(self.mount_point, "oeqa")
 
-    @skipIfQemu('qemuall', 'Test only runs on real hardware')
+    @skipIfQemu()
     @OETestDepends(['ssh.SSHTest.test_ssh'])
     def test_usb_mount(self):
         self.storage_umount(2)
         self.storage_mount(5)
 
-    @skipIfQemu('qemuall', 'Test only runs on real hardware')
+    @skipIfQemu()
     @OETestDepends(['storage.UsbTest.test_usb_mount'])
     def test_usb_basic_operations(self):
         self.storage_basic()
 
-    @skipIfQemu('qemuall', 'Test only runs on real hardware')
+    @skipIfQemu()
     @OETestDepends(['storage.UsbTest.test_usb_basic_operations'])
     def test_usb_basic_rw(self):
         self.storage_write()
         self.storage_read()
 
-    @skipIfQemu('qemuall', 'Test only runs on real hardware')
+    @skipIfQemu()
     @OETestDepends(['storage.UsbTest.test_usb_mount'])
     def test_usb_umount(self):
         self.storage_umount(2)
@@ -126,24 +128,24 @@ class MMCTest(StorageBase):
         self.test_file = "mmc.tst"
         self.test_dir = os.path.join(self.mount_point, "oeqa")
 
-    @skipIfQemu('qemuall', 'Test only runs on real hardware')
+    @skipIfQemu()
     @OETestDepends(['ssh.SSHTest.test_ssh'])
     def test_mmc_mount(self):
         self.storage_umount(2)
         self.storage_mount()
 
-    @skipIfQemu('qemuall', 'Test only runs on real hardware')
+    @skipIfQemu()
     @OETestDepends(['storage.MMCTest.test_mmc_mount'])
     def test_mmc_basic_operations(self):
         self.storage_basic()
 
-    @skipIfQemu('qemuall', 'Test only runs on real hardware')
+    @skipIfQemu()
     @OETestDepends(['storage.MMCTest.test_mmc_basic_operations'])
     def test_mmc_basic_rw(self):
         self.storage_write()
         self.storage_read()
 
-    @skipIfQemu('qemuall', 'Test only runs on real hardware')
+    @skipIfQemu()
     @OETestDepends(['storage.MMCTest.test_mmc_mount'])
     def test_mmc_umount(self):
         self.storage_umount(2)
diff --git a/meta/lib/oeqa/runtime/cases/suspend.py b/meta/lib/oeqa/runtime/cases/suspend.py
index 67b6f7e56f..a625cc5901 100644
--- a/meta/lib/oeqa/runtime/cases/suspend.py
+++ b/meta/lib/oeqa/runtime/cases/suspend.py
@@ -1,3 +1,8 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
 from oeqa.runtime.case import OERuntimeTestCase
 from oeqa.core.decorator.depends import OETestDepends
 from oeqa.core.decorator.data import skipIfQemu
@@ -23,7 +28,7 @@ class Suspend_Test(OERuntimeTestCase):
         (status, output) = self.target.run('sudo rtcwake -m mem -s 10')
         self.assertEqual(status, 0,  msg = 'Failed to suspends your system to RAM, output : %s' % output)
     
-    @skipIfQemu('qemuall', 'Test only runs on real hardware')
+    @skipIfQemu()
     @OETestDepends(['ssh.SSHTest.test_ssh'])
     def test_suspend(self):
         self.test_date()
diff --git a/meta/lib/oeqa/runtime/cases/systemd.py b/meta/lib/oeqa/runtime/cases/systemd.py
index 7c44abe8ed..640f28abe9 100644
--- a/meta/lib/oeqa/runtime/cases/systemd.py
+++ b/meta/lib/oeqa/runtime/cases/systemd.py
@@ -1,8 +1,11 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
 import re
+import threading
 import time
 
 from oeqa.runtime.case import OERuntimeTestCase
@@ -66,8 +69,8 @@ class SystemdBasicTests(SystemdTest):
         """
         endtime = time.time() + (60 * 2)
         while True:
-            status, output = self.target.run('SYSTEMD_BUS_TIMEOUT=240s systemctl --state=activating')
-            if "0 loaded units listed" in output:
+            status, output = self.target.run('SYSTEMD_BUS_TIMEOUT=240s systemctl is-system-running')
+            if "running" in output or "degraded" in output:
                 return (True, '')
             if time.time() >= endtime:
                 return (False, output)
@@ -134,6 +137,38 @@ class SystemdServiceTests(SystemdTest):
             status = self.target.run('mount -oro,remount /')[0]
             self.assertTrue(status == 0, msg='Remounting / as r/o failed')
 
+    @OETestDepends(['systemd.SystemdBasicTests.test_systemd_basic'])
+    @skipIfNotFeature('minidebuginfo', 'Test requires minidebuginfo to be in DISTRO_FEATURES')
+    @OEHasPackage(['busybox'])
+    def test_systemd_coredump_minidebuginfo(self):
+        """
+        Verify that call-stacks generated by systemd-coredump contain symbolicated call-stacks,
+        extracted from the minidebuginfo metadata (.gnu_debugdata elf section).
+        """
+        # use "env sleep" instead of "sleep" to avoid calling the shell builtin function
+        t_thread = threading.Thread(target=self.target.run, args=("ulimit -c unlimited && env sleep 1000",))
+        t_thread.start()
+        time.sleep(1)
+
+        status, sleep_pid = self.target.run('pidof sleep')
+        # cause segfault on purpose
+        self.target.run('kill -SEGV %s' % sleep_pid)
+        self.assertEqual(status, 0, msg = 'Not able to find process that runs sleep, output : %s' % sleep_pid)
+
+        # Give some time to systemd-coredump@.service to process the coredump
+        for x in range(20):
+            status, output = self.target.run('coredumpctl list %s' % sleep_pid)
+            if status == 0:
+                break
+            time.sleep(1)
+        else:
+            self.fail("Timed out waiting for coredump creation")
+
+        (status, output) = self.target.run('coredumpctl info %s' % sleep_pid)
+        self.assertEqual(status, 0, msg='MiniDebugInfo Test failed: %s' % output)
+        self.assertEqual('sleep_for_duration (busybox.nosuid' in output or 'xnanosleep (sleep.coreutils' in output,
+                         True, msg='Call stack is missing minidebuginfo symbols (functions shown as "n/a"): %s' % output)
+
 class SystemdJournalTests(SystemdTest):
 
     @OETestDepends(['systemd.SystemdBasicTests.test_systemd_basic'])
@@ -152,7 +187,7 @@ class SystemdJournalTests(SystemdTest):
         """
 
         # The expression chain that uniquely identifies the time boot message.
-        expr_items=['Startup finished', 'kernel', 'userspace','\.$']
+        expr_items=['Startup finished', 'kernel', 'userspace', r'\.$']
         try:
             output = self.journalctl(args='-o cat --reverse')
         except AssertionError:
diff --git a/meta/lib/oeqa/runtime/cases/terminal.py b/meta/lib/oeqa/runtime/cases/terminal.py
index 8fcca99f47..96ba3c3195 100644
--- a/meta/lib/oeqa/runtime/cases/terminal.py
+++ b/meta/lib/oeqa/runtime/cases/terminal.py
@@ -1,3 +1,8 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
 from oeqa.runtime.case import OERuntimeTestCase
 from oeqa.core.decorator.depends import OETestDepends
 from oeqa.runtime.decorator.package import OEHasPackage
diff --git a/meta/lib/oeqa/runtime/cases/uki.py b/meta/lib/oeqa/runtime/cases/uki.py
new file mode 100644
index 0000000000..77bc5b9791
--- /dev/null
+++ b/meta/lib/oeqa/runtime/cases/uki.py
@@ -0,0 +1,16 @@
+# SPDX-License-Identifier: MIT
+#
+
+from oeqa.runtime.case import OERuntimeTestCase
+from oeqa.core.decorator.data import skipIfNotInDataVar
+
+class UkiTest(OERuntimeTestCase):
+
+    @skipIfNotInDataVar('IMAGE_CLASSES', 'uki', 'Test case uki is for images which use uki.bbclass')
+    def test_uki(self):
+        uki_filename = self.td.get('UKI_FILENAME')
+        status, output = self.target.run('ls /boot/EFI/Linux/%s' % uki_filename)
+        self.assertEqual(status, 0, output)
+
+        status, output = self.target.run('echo $( cat /sys/firmware/efi/efivars/LoaderEntrySelected-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f  ) | grep %s' % uki_filename)
+        self.assertEqual(status, 0, output)
diff --git a/meta/lib/oeqa/runtime/cases/usb_hid.py b/meta/lib/oeqa/runtime/cases/usb_hid.py
index 3c292cf661..6f23d2ff51 100644
--- a/meta/lib/oeqa/runtime/cases/usb_hid.py
+++ b/meta/lib/oeqa/runtime/cases/usb_hid.py
@@ -1,3 +1,8 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
 from oeqa.runtime.case import OERuntimeTestCase
 from oeqa.core.decorator.depends import OETestDepends
 from oeqa.core.decorator.data import skipIfQemu
@@ -14,7 +19,7 @@ class USB_HID_Test(OERuntimeTestCase):
         return self.assertEqual(status, 0,  msg = 'Failed to suspends your system to RAM, output : %s' % output)
     
     @OEHasPackage(['xdotool'])
-    @skipIfQemu('qemuall', 'Test only runs on real hardware')
+    @skipIfQemu()
     @OETestDepends(['ssh.SSHTest.test_ssh'])
     def test_USB_Hid_input(self):
         self.keyboard_mouse_simulation()
diff --git a/meta/lib/oeqa/runtime/cases/weston.py b/meta/lib/oeqa/runtime/cases/weston.py
index a1c7183213..ee4d336482 100644
--- a/meta/lib/oeqa/runtime/cases/weston.py
+++ b/meta/lib/oeqa/runtime/cases/weston.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -10,7 +12,7 @@ import threading
 import time
 
 class WestonTest(OERuntimeTestCase):
-    weston_log_file = '/tmp/weston.log'
+    weston_log_file = '/tmp/weston-2.log'
 
     @classmethod
     def tearDownClass(cls):
@@ -31,13 +33,13 @@ class WestonTest(OERuntimeTestCase):
         return output.split(" ")
 
     def get_weston_command(self, cmd):
-        return 'export XDG_RUNTIME_DIR=/run/user/0; export WAYLAND_DISPLAY=wayland-0; %s' % cmd
+        return 'export XDG_RUNTIME_DIR=/run/user/`id -u weston`; export WAYLAND_DISPLAY=wayland-1; %s' % cmd
 
     def run_weston_init(self):
         if 'systemd' in self.tc.td['VIRTUAL-RUNTIME_init_manager']:
             self.target.run('systemd-run --collect --unit=weston-ptest.service --uid=0 -p PAMName=login -p TTYPath=/dev/tty6 -E XDG_RUNTIME_DIR=/tmp -E WAYLAND_DISPLAY=wayland-0 /usr/bin/weston --socket=wayland-1 --log=%s' % self.weston_log_file)
         else:
-            self.target.run(self.get_weston_command('openvt -- weston --socket=wayland-1 --log=%s' % self.weston_log_file))
+            self.target.run(self.get_weston_command('openvt -- weston --socket=wayland-2 --log=%s' % self.weston_log_file))
 
     def get_new_wayland_processes(self, existing_wl_processes):
         try_cnt = 0
@@ -53,7 +55,11 @@ class WestonTest(OERuntimeTestCase):
 
     @OEHasPackage(['wayland-utils'])
     def test_wayland_info(self):
-        status, output = self.target.run(self.get_weston_command('wayland-info'))
+        if 'systemd' in self.tc.td['VIRTUAL-RUNTIME_init_manager']:
+            command = 'XDG_RUNTIME_DIR=/run wayland-info'
+        else:
+            command = self.get_weston_command('wayland-info')
+        status, output = self.target.run(command)
         self.assertEqual(status, 0, msg='wayland-info error: %s' % output)
 
     @OEHasPackage(['weston'])
@@ -73,3 +79,11 @@ class WestonTest(OERuntimeTestCase):
                 self.target.run('kill -9 %s' % w)
         __, weston_log = self.target.run('cat %s' % self.weston_log_file)
         self.assertTrue(new_wl_processes, msg='Could not get new weston-desktop-shell processes (%s, try_cnt:%s) weston log: %s' % (new_wl_processes, try_cnt, weston_log))
+
+    @skipIfNotFeature('x11', 'Test requires x11 to be in DISTRO_FEATURES')
+    @OEHasPackage(['weston'])
+    def test_weston_supports_xwayland(self):
+        cmd ='cat %s | grep "xserver listening on display"' % self.weston_log_file
+        status, output = self.target.run(cmd)
+        msg = ('xwayland does not appear to be running')
+        self.assertEqual(status, 0, msg=msg)
diff --git a/meta/lib/oeqa/runtime/cases/x32lib.py b/meta/lib/oeqa/runtime/cases/x32lib.py
index f419c8f181..014da4b386 100644
--- a/meta/lib/oeqa/runtime/cases/x32lib.py
+++ b/meta/lib/oeqa/runtime/cases/x32lib.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
diff --git a/meta/lib/oeqa/runtime/cases/xorg.py b/meta/lib/oeqa/runtime/cases/xorg.py
index d6845587c2..09afb1e3d1 100644
--- a/meta/lib/oeqa/runtime/cases/xorg.py
+++ b/meta/lib/oeqa/runtime/cases/xorg.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
diff --git a/meta/lib/oeqa/runtime/context.py b/meta/lib/oeqa/runtime/context.py
index 3826f27642..daabc44910 100644
--- a/meta/lib/oeqa/runtime/context.py
+++ b/meta/lib/oeqa/runtime/context.py
@@ -5,11 +5,12 @@
 #
 
 import os
+import sys
 
 from oeqa.core.context import OETestContext, OETestContextExecutor
+from oeqa.core.target.serial import OESerialTarget
 from oeqa.core.target.ssh import OESSHTarget
 from oeqa.core.target.qemu import OEQemuTarget
-from oeqa.utils.dump import HostDumper
 
 from oeqa.runtime.loader import OERuntimeTestLoader
 
@@ -19,12 +20,11 @@ class OERuntimeTestContext(OETestContext):
                         os.path.dirname(os.path.abspath(__file__)), "files")
 
     def __init__(self, td, logger, target,
-                 host_dumper, image_packages, extract_dir):
+                 image_packages, extract_dir):
         super(OERuntimeTestContext, self).__init__(td, logger)
 
         self.target = target
         self.image_packages = image_packages
-        self.host_dumper = host_dumper
         self.extract_dir = extract_dir
         self._set_target_cmds()
 
@@ -61,16 +61,16 @@ class OERuntimeTestContextExecutor(OETestContextExecutor):
         runtime_group = self.parser.add_argument_group('runtime options')
 
         runtime_group.add_argument('--target-type', action='store',
-                default=self.default_target_type, choices=['simpleremote', 'qemu'],
+                default=self.default_target_type, choices=['simpleremote', 'qemu', 'serial'],
                 help="Target type of device under test, default: %s" \
                 % self.default_target_type)
         runtime_group.add_argument('--target-ip', action='store',
                 default=self.default_target_ip,
-                help="IP address of device under test, default: %s" \
+                help="IP address and optionally ssh port (default 22) of device under test, for example '192.168.0.7:22'. Default: %s" \
                 % self.default_target_ip)
         runtime_group.add_argument('--server-ip', action='store',
                 default=self.default_target_ip,
-                help="IP address of device under test, default: %s" \
+                help="IP address of the test host from test target machine, default: %s" \
                 % self.default_server_ip)
 
         runtime_group.add_argument('--host-dumper-dir', action='store',
@@ -109,6 +109,8 @@ class OERuntimeTestContextExecutor(OETestContextExecutor):
             target = OESSHTarget(logger, target_ip, server_ip, **kwargs)
         elif target_type == 'qemu':
             target = OEQemuTarget(logger, server_ip, **kwargs)
+        elif target_type == 'serial':
+            target = OESerialTarget(logger, target_ip, server_ip, **kwargs)
         else:
             # XXX: This code uses the old naming convention for controllers and
             # targets, the idea it is to leave just targets as the controller
@@ -119,8 +121,7 @@ class OERuntimeTestContextExecutor(OETestContextExecutor):
             # XXX: Don't base your targets on this code it will be refactored
             # in the near future.
             # Custom target module loading
-            target_modules_path = kwargs.get('target_modules_path', '')
-            controller = OERuntimeTestContextExecutor.getControllerModule(target_type, target_modules_path)
+            controller = OERuntimeTestContextExecutor.getControllerModule(target_type)
             target = controller(logger, target_ip, server_ip, **kwargs)
 
         return target
@@ -130,15 +131,15 @@ class OERuntimeTestContextExecutor(OETestContextExecutor):
     # AttributeError raised if not found.
     # ImportError raised if a provided module can not be imported.
     @staticmethod
-    def getControllerModule(target, target_modules_path):
-        controllerslist = OERuntimeTestContextExecutor._getControllerModulenames(target_modules_path)
+    def getControllerModule(target):
+        controllerslist = OERuntimeTestContextExecutor._getControllerModulenames()
         controller = OERuntimeTestContextExecutor._loadControllerFromName(target, controllerslist)
         return controller
 
     # Return a list of all python modules in lib/oeqa/controllers for each
     # layer in bbpath
     @staticmethod
-    def _getControllerModulenames(target_modules_path):
+    def _getControllerModulenames():
 
         controllerslist = []
 
@@ -153,9 +154,12 @@ class OERuntimeTestContextExecutor(OETestContextExecutor):
                 else:
                     raise RuntimeError("Duplicate controller module found for %s. Layers should create unique controller module names" % module)
 
-        extpath = target_modules_path.split(':')
-        for p in extpath:
-            controllerpath = os.path.join(p, 'lib', 'oeqa', 'controllers')
+        # sys.path can contain duplicate paths, but because of the login in
+        # add_controller_list this doesn't work and causes testimage to abort.
+        # Remove duplicates using an intermediate dictionary to ensure this
+        # doesn't happen.
+        for p in list(dict.fromkeys(sys.path)):
+            controllerpath = os.path.join(p, 'oeqa', 'controllers')
             if os.path.exists(controllerpath):
                 add_controller_list(controllerpath)
         return controllerslist
@@ -175,16 +179,12 @@ class OERuntimeTestContextExecutor(OETestContextExecutor):
     # Search for and return a controller or None from given module name
     @staticmethod
     def _loadControllerFromModule(target, modulename):
-        obj = None
-        # import module, allowing it to raise import exception
-        module = __import__(modulename, globals(), locals(), [target])
-        # look for target class in the module, catching any exceptions as it
-        # is valid that a module may not have the target class.
         try:
-            obj = getattr(module, target)
-        except:
-            obj = None
-        return obj
+            import importlib
+            module = importlib.import_module(modulename)
+            return getattr(module, target)
+        except AttributeError:
+            return None
 
     @staticmethod
     def readPackagesManifest(manifest):
@@ -200,25 +200,25 @@ class OERuntimeTestContextExecutor(OETestContextExecutor):
 
         return image_packages
 
-    @staticmethod
-    def getHostDumper(cmds, directory):
-        return HostDumper(cmds, directory)
-
     def _process_args(self, logger, args):
         if not args.packages_manifest:
             raise TypeError('Manifest file not provided')
 
         super(OERuntimeTestContextExecutor, self)._process_args(logger, args)
 
+        td = self.tc_kwargs['init']['td']
+
         target_kwargs = {}
+        target_kwargs['machine'] = td.get("MACHINE") or None
         target_kwargs['qemuboot'] = args.qemu_boot
+        target_kwargs['serialcontrol_cmd'] = td.get("TEST_SERIALCONTROL_CMD") or None
+        target_kwargs['serialcontrol_extra_args'] = td.get("TEST_SERIALCONTROL_EXTRA_ARGS") or ""
+        target_kwargs['serialcontrol_ps1'] = td.get("TEST_SERIALCONTROL_PS1") or None
+        target_kwargs['serialcontrol_connect_timeout'] = td.get("TEST_SERIALCONTROL_CONNECT_TIMEOUT") or None
 
         self.tc_kwargs['init']['target'] = \
                 OERuntimeTestContextExecutor.getTarget(args.target_type,
                         None, args.target_ip, args.server_ip, **target_kwargs)
-        self.tc_kwargs['init']['host_dumper'] = \
-                OERuntimeTestContextExecutor.getHostDumper(None,
-                        args.host_dumper_dir)
         self.tc_kwargs['init']['image_packages'] = \
                 OERuntimeTestContextExecutor.readPackagesManifest(
                         args.packages_manifest)
diff --git a/meta/lib/oeqa/runtime/decorator/package.py b/meta/lib/oeqa/runtime/decorator/package.py
index 57178655cc..b78ac9fc38 100644
--- a/meta/lib/oeqa/runtime/decorator/package.py
+++ b/meta/lib/oeqa/runtime/decorator/package.py
@@ -5,7 +5,6 @@
 #
 
 from oeqa.core.decorator import OETestDecorator, registerDecorator
-from oeqa.core.utils.misc import strToSet
 
 @registerDecorator
 class OEHasPackage(OETestDecorator):
@@ -34,25 +33,30 @@ class OEHasPackage(OETestDecorator):
     def setUpDecorator(self):
         need_pkgs = set()
         unneed_pkgs = set()
-        pkgs = strToSet(self.need_pkgs)
-        for pkg in pkgs:
+
+        # Turn literal strings into a list so we can just iterate over it
+        if isinstance(self.need_pkgs, str):
+            self.need_pkgs = [self.need_pkgs,]
+
+        mlprefix = self.case.td.get("MLPREFIX")
+        for pkg in self.need_pkgs:
             if pkg.startswith('!'):
-                unneed_pkgs.add(pkg[1:])
+                unneed_pkgs.add(mlprefix + pkg[1:])
             else:
-                need_pkgs.add(pkg)
+                need_pkgs.add(mlprefix + pkg)
 
         if unneed_pkgs:
             msg = 'Checking if %s is not installed' % ', '.join(unneed_pkgs)
             self.logger.debug(msg)
             if not self.case.tc.image_packages.isdisjoint(unneed_pkgs):
-                msg = "Test can't run with %s installed" % ', or'.join(unneed_pkgs)
+                msg = "Test can't run with %s installed" % ', or '.join(unneed_pkgs)
                 self._decorator_fail(msg)
 
         if need_pkgs:
             msg = 'Checking if at least one of %s is installed' % ', '.join(need_pkgs)
             self.logger.debug(msg)
             if self.case.tc.image_packages.isdisjoint(need_pkgs):
-                msg = "Test requires %s to be installed" % ', or'.join(need_pkgs)
+                msg = "Test requires %s to be installed" % ', or '.join(need_pkgs)
                 self._decorator_fail(msg)
 
     def _decorator_fail(self, msg):
diff --git a/meta/lib/oeqa/runtime/files/hello.stp b/meta/lib/oeqa/runtime/files/hello.stp
deleted file mode 100644
index 3677147162..0000000000
--- a/meta/lib/oeqa/runtime/files/hello.stp
+++ /dev/null
@@ -1 +0,0 @@
-probe oneshot { println("hello world") }
diff --git a/meta/lib/oeqa/sdk/case.py b/meta/lib/oeqa/sdk/case.py
index c45882689c..1fd3b3b569 100644
--- a/meta/lib/oeqa/sdk/case.py
+++ b/meta/lib/oeqa/sdk/case.py
@@ -6,8 +6,11 @@
 
 import os
 import subprocess
+import shutil
+import unittest
 
 from oeqa.core.case import OETestCase
+from oeqa.sdkext.context import OESDKExtTestContext
 
 class OESDKTestCase(OETestCase):
     def _run(self, cmd):
@@ -15,18 +18,76 @@ class OESDKTestCase(OETestCase):
                 (self.tc.sdk_env, cmd), shell=True, executable="/bin/bash",
                 stderr=subprocess.STDOUT, universal_newlines=True)
 
+    def ensure_host_package(self, *packages, recipe=None):
+        """
+        Check that the host variation of one of the packages listed is available
+        in the SDK (nativesdk-foo for SDK, foo-native for eSDK). The package is
+        a list for the case where debian-renaming may have occured, and the
+        manifest could contain 'foo' or 'libfoo'.
+
+        If testing an eSDK and the package is not found, then try to install the
+        specified recipe to install it from sstate.
+        """
+
+        # In a SDK the manifest is correct. In an eSDK the manifest may be
+        # correct (type=full) or not include packages that exist in sstate but
+        # not installed yet (minimal) so we should try to install the recipe.
+        for package in packages:
+            if isinstance(self.tc, OESDKExtTestContext):
+                package = package + "-native"
+            else:
+                package = "nativesdk-" + package
+
+            if self.tc.hasHostPackage(package):
+                break
+        else:
+            if isinstance(self.tc, OESDKExtTestContext):
+                recipe = (recipe or packages[0]) + "-native"
+                print("Trying to install %s..." % recipe)
+                self._run('devtool sdk-install %s' % recipe)
+            else:
+                raise unittest.SkipTest("Test %s needs one of %s" % (self.id(), ", ".join(packages)))
+
+    def ensure_target_package(self, *packages, multilib=False, recipe=None):
+        """
+        Check that at least one of the packages listed is available in the SDK,
+        adding the multilib prefix if required. The target package is a list for
+        the case where debian-renaming may have occured, and the manifest could
+        contain 'foo' or 'libfoo'.
+
+        If testing an eSDK and the package is not found, then try to install the
+        specified recipe to install it from sstate.
+        """
+
+        # In a SDK the manifest is correct. In an eSDK the manifest may be
+        # correct (type=full) or not include packages that exist in sstate but
+        # not installed yet (minimal) so we should try to install the recipe.
+        for package in packages:
+            if self.tc.hasTargetPackage(package, multilib=multilib):
+                break
+        else:
+            if isinstance(self.tc, OESDKExtTestContext):
+                recipe = recipe or packages[0]
+                print("Trying to install %s..." % recipe)
+                self._run('devtool sdk-install %s' % recipe)
+            else:
+                raise unittest.SkipTest("Test %s needs one of %s" % (self.id(), ", ".join(packages)))
+
+
     def fetch(self, workdir, dl_dir, url, archive=None):
         if not archive:
             from urllib.parse import urlparse
             archive = os.path.basename(urlparse(url).path)
 
         if dl_dir:
-            tarball = os.path.join(dl_dir, archive)
-            if os.path.exists(tarball):
-                return tarball
+            archive_tarball = os.path.join(dl_dir, archive)
+            if os.path.exists(archive_tarball):
+                return archive_tarball
 
         tarball = os.path.join(workdir, archive)
         subprocess.check_output(["wget", "-O", tarball, url], stderr=subprocess.STDOUT)
+        if dl_dir and not os.path.exists(archive_tarball):
+            shutil.copyfile(tarball, archive_tarball)
         return tarball
 
     def check_elf(self, path, target_os=None, target_arch=None):
diff --git a/meta/lib/oeqa/sdk/cases/buildcpio.py b/meta/lib/oeqa/sdk/cases/autotools.py
index e7fc211a47..ee6c522551 100644
--- a/meta/lib/oeqa/sdk/cases/buildcpio.py
+++ b/meta/lib/oeqa/sdk/cases/autotools.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -11,16 +13,21 @@ from oeqa.sdk.case import OESDKTestCase
 from oeqa.utils.subprocesstweak import errors_have_output
 errors_have_output()
 
-class BuildCpioTest(OESDKTestCase):
+class AutotoolsTest(OESDKTestCase):
     """
     Check that autotools will cross-compile correctly.
     """
+    def setUp(self):
+        libc = self.td.get("TCLIBC")
+        if libc in [ 'newlib' ]:
+            raise unittest.SkipTest("AutotoolsTest class: SDK doesn't contain a supported C library")
+
     def test_cpio(self):
         with tempfile.TemporaryDirectory(prefix="cpio-", dir=self.tc.sdk_dir) as testdir:
-            tarball = self.fetch(testdir, self.td["DL_DIR"], "https://ftp.gnu.org/gnu/cpio/cpio-2.13.tar.gz")
+            tarball = self.fetch(testdir, self.td["DL_DIR"], "https://ftp.gnu.org/gnu/cpio/cpio-2.15.tar.gz")
 
             dirs = {}
-            dirs["source"] = os.path.join(testdir, "cpio-2.13")
+            dirs["source"] = os.path.join(testdir, "cpio-2.15")
             dirs["build"] = os.path.join(testdir, "build")
             dirs["install"] = os.path.join(testdir, "install")
 
@@ -28,9 +35,14 @@ class BuildCpioTest(OESDKTestCase):
             self.assertTrue(os.path.isdir(dirs["source"]))
             os.makedirs(dirs["build"])
 
-            self._run("sed -i -e '/char.*program_name/d' {source}/src/global.c".format(**dirs))
-            self._run("cd {build} && {source}/configure --disable-maintainer-mode $CONFIGURE_FLAGS".format(**dirs))
-            self._run("cd {build} && make -j".format(**dirs))
+            self._run("cd {build} && {source}/configure CFLAGS='-std=gnu17 -Dbool=int -Dtrue=1 -Dfalse=0 -Wno-error=implicit-function-declaration' $CONFIGURE_FLAGS".format(**dirs))
+
+            # Check that configure detected the target correctly
+            with open(os.path.join(dirs["build"], "config.log")) as f:
+                host_sys = self.td["HOST_SYS"]
+                self.assertIn(f"host_alias='{host_sys}'\n", f.readlines())
+
+            self._run("cd {build} && make CFLAGS='-std=gnu17 -Dbool=int -Dtrue=1 -Dfalse=0 -Wno-error=implicit-function-declaration' -j".format(**dirs))
             self._run("cd {build} && make install DESTDIR={install}".format(**dirs))
 
             self.check_elf(os.path.join(dirs["install"], "usr", "local", "bin", "cpio"))
diff --git a/meta/lib/oeqa/sdk/cases/buildepoxy.py b/meta/lib/oeqa/sdk/cases/buildepoxy.py
deleted file mode 100644
index 385f8ccca8..0000000000
--- a/meta/lib/oeqa/sdk/cases/buildepoxy.py
+++ /dev/null
@@ -1,41 +0,0 @@
-#
-# SPDX-License-Identifier: MIT
-#
-
-import os
-import subprocess
-import tempfile
-import unittest
-
-from oeqa.sdk.case import OESDKTestCase
-from oeqa.utils.subprocesstweak import errors_have_output
-errors_have_output()
-
-class EpoxyTest(OESDKTestCase):
-    """
-    Test that Meson builds correctly.
-    """
-    def setUp(self):
-        if not (self.tc.hasHostPackage("nativesdk-meson")):
-            raise unittest.SkipTest("GalculatorTest class: SDK doesn't contain Meson")
-
-    def test_epoxy(self):
-        with tempfile.TemporaryDirectory(prefix="epoxy", dir=self.tc.sdk_dir) as testdir:
-            tarball = self.fetch(testdir, self.td["DL_DIR"], "https://github.com/anholt/libepoxy/releases/download/1.5.3/libepoxy-1.5.3.tar.xz")
-
-            dirs = {}
-            dirs["source"] = os.path.join(testdir, "libepoxy-1.5.3")
-            dirs["build"] = os.path.join(testdir, "build")
-            dirs["install"] = os.path.join(testdir, "install")
-
-            subprocess.check_output(["tar", "xf", tarball, "-C", testdir], stderr=subprocess.STDOUT)
-            self.assertTrue(os.path.isdir(dirs["source"]))
-            os.makedirs(dirs["build"])
-
-            log = self._run("meson -Degl=no -Dglx=no -Dx11=false {build} {source}".format(**dirs))
-            # Check that Meson thinks we're doing a cross build and not a native
-            self.assertIn("Build type: cross build", log)
-            self._run("ninja -C {build} -v".format(**dirs))
-            self._run("DESTDIR={install} ninja -C {build} -v install".format(**dirs))
-
-            self.check_elf(os.path.join(dirs["install"], "usr", "local", "lib", "libepoxy.so"))
diff --git a/meta/lib/oeqa/sdk/cases/buildgalculator.py b/meta/lib/oeqa/sdk/cases/buildgalculator.py
deleted file mode 100644
index eb3c8ddf39..0000000000
--- a/meta/lib/oeqa/sdk/cases/buildgalculator.py
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# SPDX-License-Identifier: MIT
-#
-
-import os
-import subprocess
-import tempfile
-import unittest
-
-from oeqa.sdk.case import OESDKTestCase
-from oeqa.utils.subprocesstweak import errors_have_output
-errors_have_output()
-
-class GalculatorTest(OESDKTestCase):
-    """
-    Test that autotools and GTK+ 3 compiles correctly.
-    """
-    def setUp(self):
-        if not (self.tc.hasTargetPackage("gtk+3", multilib=True) or \
-                self.tc.hasTargetPackage("libgtk-3.0", multilib=True)):
-            raise unittest.SkipTest("GalculatorTest class: SDK don't support gtk+3")
-        if not (self.tc.hasHostPackage("nativesdk-gettext-dev")):
-            raise unittest.SkipTest("GalculatorTest class: SDK doesn't contain gettext")
-
-    def test_galculator(self):
-        with tempfile.TemporaryDirectory(prefix="galculator", dir=self.tc.sdk_dir) as testdir:
-            tarball = self.fetch(testdir, self.td["DL_DIR"], "http://galculator.mnim.org/downloads/galculator-2.1.4.tar.bz2")
-
-            dirs = {}
-            dirs["source"] = os.path.join(testdir, "galculator-2.1.4")
-            dirs["build"] = os.path.join(testdir, "build")
-            dirs["install"] = os.path.join(testdir, "install")
-
-            subprocess.check_output(["tar", "xf", tarball, "-C", testdir], stderr=subprocess.STDOUT)
-            self.assertTrue(os.path.isdir(dirs["source"]))
-            os.makedirs(dirs["build"])
-
-            self._run("cd {source} && sed -i -e '/s_preferences.*prefs;/d' src/main.c && autoreconf -i -f -I $OECORE_TARGET_SYSROOT/usr/share/aclocal -I m4".format(**dirs))
-            self._run("cd {build} && {source}/configure $CONFIGURE_FLAGS".format(**dirs))
-            self._run("cd {build} && make -j".format(**dirs))
-            self._run("cd {build} && make install DESTDIR={install}".format(**dirs))
-
-            self.check_elf(os.path.join(dirs["install"], "usr", "local", "bin", "galculator"))
diff --git a/meta/lib/oeqa/sdk/cases/assimp.py b/meta/lib/oeqa/sdk/cases/cmake.py
index f166758e49..070682ef08 100644
--- a/meta/lib/oeqa/sdk/cases/assimp.py
+++ b/meta/lib/oeqa/sdk/cases/cmake.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -11,30 +13,35 @@ from oeqa.sdk.case import OESDKTestCase
 from oeqa.utils.subprocesstweak import errors_have_output
 errors_have_output()
 
-class BuildAssimp(OESDKTestCase):
+class CMakeTest(OESDKTestCase):
     """
     Test case to build a project using cmake.
     """
 
     def setUp(self):
-        if not (self.tc.hasHostPackage("nativesdk-cmake") or
-                self.tc.hasHostPackage("cmake-native")):
-            raise unittest.SkipTest("Needs cmake")
+        libc = self.td.get("TCLIBC")
+        if libc in [ 'newlib' ]:
+            raise unittest.SkipTest("CMakeTest class: SDK doesn't contain a supported C library")
+
+        self.ensure_host_package("cmake")
 
     def test_assimp(self):
         with tempfile.TemporaryDirectory(prefix="assimp", dir=self.tc.sdk_dir) as testdir:
-            tarball = self.fetch(testdir, self.td["DL_DIR"], "https://github.com/assimp/assimp/archive/v4.1.0.tar.gz")
+            tarball = self.fetch(testdir, self.td["DL_DIR"], "https://github.com/assimp/assimp/archive/v5.4.1.tar.gz")
 
             dirs = {}
-            dirs["source"] = os.path.join(testdir, "assimp-4.1.0")
+            dirs["source"] = os.path.join(testdir, "assimp-5.4.1")
             dirs["build"] = os.path.join(testdir, "build")
             dirs["install"] = os.path.join(testdir, "install")
 
             subprocess.check_output(["tar", "xf", tarball, "-C", testdir], stderr=subprocess.STDOUT)
             self.assertTrue(os.path.isdir(dirs["source"]))
+            # Apply the zlib patch https://github.com/madler/zlib/commit/a566e156b3fa07b566ddbf6801b517a9dba04fa3
+            # this sed wont be needed once assimp moves its zlib copy to v1.3.1+
+            self._run("sed -i '/#  ifdef _FILE_OFFSET_BITS/I,+2 d' {source}/contrib/zlib/gzguts.h".format(**dirs))
             os.makedirs(dirs["build"])
 
-            self._run("cd {build} && cmake -DCMAKE_VERBOSE_MAKEFILE:BOOL=ON {source}".format(**dirs))
+            self._run("cd {build} && cmake -DASSIMP_WARNINGS_AS_ERRORS=OFF -DCMAKE_VERBOSE_MAKEFILE:BOOL=ON -DASSIMP_BUILD_ZLIB=ON {source}".format(**dirs))
             self._run("cmake --build {build} -- -j".format(**dirs))
             self._run("cmake --build {build} --target install -- DESTDIR={install}".format(**dirs))
-            self.check_elf(os.path.join(dirs["install"], "usr", "local", "lib", "libassimp.so.4.1.0"))
+            self.check_elf(os.path.join(dirs["install"], "usr", "local", "lib", "libassimp.so.5.4.1"))
diff --git a/meta/lib/oeqa/sdk/cases/gcc.py b/meta/lib/oeqa/sdk/cases/gcc.py
index eb08eadd28..e810d2c42b 100644
--- a/meta/lib/oeqa/sdk/cases/gcc.py
+++ b/meta/lib/oeqa/sdk/cases/gcc.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -24,6 +26,10 @@ class GccCompileTest(OESDKTestCase):
                     os.path.join(self.tc.sdk_dir, f))
 
     def setUp(self):
+        libc = self.td.get("TCLIBC")
+        if libc in [ 'newlib' ]:
+            raise unittest.SkipTest("GccCompileTest class: SDK doesn't contain a supported C library")
+
         machine = self.td.get("MACHINE")
         if not (self.tc.hasHostPackage("packagegroup-cross-canadian-%s" % machine) or
                 self.tc.hasHostPackage("^gcc-", regex=True)):
diff --git a/meta/lib/oeqa/sdk/cases/gtk3.py b/meta/lib/oeqa/sdk/cases/gtk3.py
new file mode 100644
index 0000000000..cdaf50ed38
--- /dev/null
+++ b/meta/lib/oeqa/sdk/cases/gtk3.py
@@ -0,0 +1,40 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+import os
+import subprocess
+import tempfile
+
+from oeqa.sdk.cases.meson import MesonTestBase
+
+from oeqa.utils.subprocesstweak import errors_have_output
+errors_have_output()
+
+class GTK3Test(MesonTestBase):
+
+    def setUp(self):
+        super().setUp()
+        self.ensure_target_package("gtk+3", "libgtk-3.0", recipe="gtk+3")
+        self.ensure_host_package("glib-2.0-utils", "libglib-2.0-utils", recipe="glib-2.0")
+
+    """
+    Test that autotools and GTK+ 3 compiles correctly.
+    """
+    def test_libhandy(self):
+        with tempfile.TemporaryDirectory(prefix="libhandy", dir=self.tc.sdk_dir) as testdir:
+            tarball = self.fetch(testdir, self.td["DL_DIR"], "https://download.gnome.org/sources/libhandy/1.8/libhandy-1.8.3.tar.xz")
+
+            sourcedir = os.path.join(testdir, "libhandy-1.8.3")
+            builddir = os.path.join(testdir, "build")
+            installdir = os.path.join(testdir, "install")
+
+            subprocess.check_output(["tar", "xf", tarball, "-C", testdir], stderr=subprocess.STDOUT)
+            self.assertTrue(os.path.isdir(sourcedir))
+            os.makedirs(builddir)
+
+            self.build_meson(sourcedir, builddir, installdir, "-Dglade_catalog=disabled -Dintrospection=disabled -Dvapi=false")
+            self.assertTrue(os.path.isdir(installdir))
+            self.check_elf(os.path.join(installdir, "usr", "local", "lib", "libhandy-1.so"))
diff --git a/meta/lib/oeqa/sdk/cases/kmod.py b/meta/lib/oeqa/sdk/cases/kmod.py
new file mode 100644
index 0000000000..0aa6f702e4
--- /dev/null
+++ b/meta/lib/oeqa/sdk/cases/kmod.py
@@ -0,0 +1,39 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+import os
+import subprocess
+import tempfile
+
+from oeqa.sdk.case import OESDKTestCase
+from oeqa.sdkext.context import OESDKExtTestContext
+from oeqa.utils.subprocesstweak import errors_have_output
+errors_have_output()
+
+class KernelModuleTest(OESDKTestCase):
+    """
+    Test that out-of-tree kernel modules build.
+    """
+    def test_cryptodev(self):
+        if isinstance(self.tc, OESDKExtTestContext):
+            self.skipTest(f"{self.id()} does not support eSDK (https://bugzilla.yoctoproject.org/show_bug.cgi?id=15850)")
+
+        self.ensure_target_package("kernel-devsrc")
+        # These targets need to be built before kernel modules can be built.
+        self._run("make -j -C $OECORE_TARGET_SYSROOT/usr/src/kernel prepare scripts")
+
+        with tempfile.TemporaryDirectory(prefix="cryptodev", dir=self.tc.sdk_dir) as testdir:
+            git_url = "https://github.com/cryptodev-linux/cryptodev-linux"
+            # This is a knnown-good commit post-1.13 that builds with kernel 6.7+
+            git_sha = "bb8bc7cf60d2c0b097c8b3b0e807f805b577a53f"
+
+            sourcedir = os.path.join(testdir, "cryptodev-linux")
+            subprocess.check_output(["git", "clone", git_url, sourcedir], stderr=subprocess.STDOUT)
+            self.assertTrue(os.path.isdir(sourcedir))
+            subprocess.check_output(["git", "-C", sourcedir, "checkout", git_sha], stderr=subprocess.STDOUT)
+
+            self._run("make -C %s V=1 KERNEL_DIR=$OECORE_TARGET_SYSROOT/usr/src/kernel" % sourcedir)
+            self.check_elf(os.path.join(sourcedir, "cryptodev.ko"))
diff --git a/meta/lib/oeqa/sdk/cases/buildlzip.py b/meta/lib/oeqa/sdk/cases/makefile.py
index 49ae756bf3..e1e2484820 100644
--- a/meta/lib/oeqa/sdk/cases/buildlzip.py
+++ b/meta/lib/oeqa/sdk/cases/makefile.py
@@ -1,16 +1,24 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
-import os, tempfile, subprocess, unittest
+import os, tempfile, subprocess
+import unittest
 from oeqa.sdk.case import OESDKTestCase
 from oeqa.utils.subprocesstweak import errors_have_output
 errors_have_output()
 
-class BuildLzipTest(OESDKTestCase):
+class MakefileTest(OESDKTestCase):
     """
     Test that "plain" compilation works, using just $CC $CFLAGS etc.
     """
+    def setUp(self):
+        libc = self.td.get("TCLIBC")
+        if libc in [ 'newlib' ]:
+            raise unittest.SkipTest("MakefileTest class: SDK doesn't contain a supported C library")
+
     def test_lzip(self):
         with tempfile.TemporaryDirectory(prefix="lzip", dir=self.tc.sdk_dir) as testdir:
             tarball = self.fetch(testdir, self.td["DL_DIR"], "http://downloads.yoctoproject.org/mirror/sources/lzip-1.19.tar.gz")
diff --git a/meta/lib/oeqa/sdk/cases/manifest.py b/meta/lib/oeqa/sdk/cases/manifest.py
new file mode 100644
index 0000000000..ee59a5f338
--- /dev/null
+++ b/meta/lib/oeqa/sdk/cases/manifest.py
@@ -0,0 +1,26 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+from oeqa.sdk.case import OESDKTestCase
+from oeqa.sdkext.context import OESDKExtTestContext
+
+
+class ManifestTest(OESDKTestCase):
+    def test_manifests(self):
+        """
+        Verify that the host and target manifests are not empty, unless this is
+        a minimal eSDK without toolchain in which case they should be empty.
+        """
+        if (
+            isinstance(self.tc, OESDKExtTestContext)
+            and self.td.get("SDK_EXT_TYPE") == "minimal"
+            and self.td.get("SDK_INCLUDE_TOOLCHAIN") == "0"
+        ):
+            self.assertEqual(self.tc.target_pkg_manifest, {})
+            self.assertEqual(self.tc.host_pkg_manifest, {})
+        else:
+            self.assertNotEqual(self.tc.target_pkg_manifest, {})
+            self.assertNotEqual(self.tc.host_pkg_manifest, {})
diff --git a/meta/lib/oeqa/sdk/cases/maturin.py b/meta/lib/oeqa/sdk/cases/maturin.py
new file mode 100644
index 0000000000..e3e8edc781
--- /dev/null
+++ b/meta/lib/oeqa/sdk/cases/maturin.py
@@ -0,0 +1,66 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+import os
+import shutil
+import unittest
+
+from oeqa.sdk.case import OESDKTestCase
+from oeqa.utils.subprocesstweak import errors_have_output
+
+errors_have_output()
+
+
+class MaturinTest(OESDKTestCase):
+    def setUp(self):
+        self.ensure_host_package("python3-maturin")
+
+    def test_maturin_list_python(self):
+        out = self._run(r"""python3 -c 'import sys; print(f"{sys.executable}\n{sys.version_info.major}.{sys.version_info.minor}")'""")
+        executable, version = out.splitlines()
+
+        output = self._run("maturin list-python")
+        # The output looks like this:
+        # - CPython 3.13 at /usr/bin/python3
+        # We don't want to assume CPython so just check for the version and path.
+        expected = f"{version} at {executable}"
+        self.assertIn(expected, output)
+
+class MaturinDevelopTest(OESDKTestCase):
+    def setUp(self):
+        machine = self.td.get("MACHINE")
+        self.ensure_host_package("python3-maturin")
+
+        if not (
+            self.tc.hasHostPackage("packagegroup-rust-cross-canadian-%s" % machine)
+        ):
+            raise unittest.SkipTest(
+                "Testing 'maturin develop' requires Rust cross-canadian in the SDK"
+            )
+
+    def test_maturin_develop(self):
+        """
+        This test case requires:
+          (1) that a .venv can been created.
+          (2) a functional 'rustc' and 'cargo'
+        """
+        targetdir = os.path.join(self.tc.sdk_dir, "guessing-game")
+        try:
+            shutil.rmtree(targetdir)
+        except FileNotFoundError:
+            pass
+        shutil.copytree(
+            os.path.join(self.tc.files_dir, "maturin/guessing-game"), targetdir
+        )
+
+        self._run("cd %s; python3 -m venv .venv" % targetdir)
+        output = self._run("cd %s; maturin develop" % targetdir)
+        self.assertRegex(output, r"🔗 Found pyo3 bindings with abi3 support for Python ≥ 3.8")
+        self.assertRegex(output, r"🐍 Not using a specific python interpreter")
+        self.assertRegex(output, r"📡 Using build options features from pyproject.toml")
+        self.assertRegex(output, r"Compiling guessing-game v0.1.0")
+        self.assertRegex(output, r"📦 Built wheel for abi3 Python ≥ 3.8")
+        self.assertRegex(output, r"🛠 Installed guessing-game-0.1.0")
diff --git a/meta/lib/oeqa/sdk/cases/meson.py b/meta/lib/oeqa/sdk/cases/meson.py
new file mode 100644
index 0000000000..a809ca3a53
--- /dev/null
+++ b/meta/lib/oeqa/sdk/cases/meson.py
@@ -0,0 +1,72 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+import json
+import os
+import subprocess
+import tempfile
+import unittest
+
+from oeqa.sdk.case import OESDKTestCase
+from oeqa.sdkext.context import OESDKExtTestContext
+from oeqa.utils.subprocesstweak import errors_have_output
+errors_have_output()
+
+class MesonTestBase(OESDKTestCase):
+    def setUp(self):
+        libc = self.td.get("TCLIBC")
+        if libc in [ 'newlib' ]:
+            raise unittest.SkipTest("MesonTest class: SDK doesn't contain a supported C library")
+
+        if isinstance(self.tc, OESDKExtTestContext):
+            self.skipTest(f"{self.id()} does not support eSDK (https://bugzilla.yoctoproject.org/show_bug.cgi?id=15854)")
+
+        self.ensure_host_package("meson")
+        self.ensure_host_package("pkgconfig")
+
+    def build_meson(self, sourcedir, builddir, installdir=None, options=""):
+        """
+        Given a source tree in sourcedir, configure it to build in builddir with
+        the specified options, and if installdir is set also install.
+        """
+        log = self._run(f"meson setup --warnlevel 1 {builddir} {sourcedir} {options}")
+
+        # Check that Meson thinks we're doing a cross build and not a native
+        self.assertIn("Build type: cross build", log)
+
+        # Check that the cross-compiler used is the one we set.
+        data = json.loads(self._run(f"meson introspect --compilers {builddir}"))
+        self.assertIn(self.td.get("CC").split()[0], data["host"]["c"]["exelist"])
+
+        # Check that the target architectures was set correctly.
+        data = json.loads(self._run(f"meson introspect --machines {builddir}"))
+        self.assertEqual(data["host"]["cpu"], self.td["HOST_ARCH"])
+
+        self._run(f"meson compile -C {builddir} -v")
+
+        if installdir:
+            self._run(f"meson install -C {builddir} --destdir {installdir}")
+
+class MesonTest(MesonTestBase):
+    """
+    Test that Meson builds correctly.
+    """
+
+    def test_epoxy(self):
+        with tempfile.TemporaryDirectory(prefix="epoxy", dir=self.tc.sdk_dir) as testdir:
+            tarball = self.fetch(testdir, self.td["DL_DIR"], "https://github.com/anholt/libepoxy/releases/download/1.5.3/libepoxy-1.5.3.tar.xz")
+
+            sourcedir = os.path.join(testdir, "libepoxy-1.5.3")
+            builddir = os.path.join(testdir, "build")
+            installdir = os.path.join(testdir, "install")
+
+            subprocess.check_output(["tar", "xf", tarball, "-C", testdir], stderr=subprocess.STDOUT)
+            self.assertTrue(os.path.isdir(sourcedir))
+
+            os.makedirs(builddir)
+            self.build_meson(sourcedir, builddir, installdir, "-Degl=no -Dglx=no -Dx11=false")
+            self.assertTrue(os.path.isdir(installdir))
+            self.check_elf(os.path.join(installdir, "usr", "local", "lib", "libepoxy.so"))
diff --git a/meta/lib/oeqa/sdk/cases/perl.py b/meta/lib/oeqa/sdk/cases/perl.py
index 14d76d820f..a72bd2461a 100644
--- a/meta/lib/oeqa/sdk/cases/perl.py
+++ b/meta/lib/oeqa/sdk/cases/perl.py
@@ -1,8 +1,9 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
-import unittest
 from oeqa.sdk.case import OESDKTestCase
 
 from oeqa.utils.subprocesstweak import errors_have_output
@@ -10,9 +11,7 @@ errors_have_output()
 
 class PerlTest(OESDKTestCase):
     def setUp(self):
-        if not (self.tc.hasHostPackage("nativesdk-perl") or
-                self.tc.hasHostPackage("perl-native")):
-            raise unittest.SkipTest("No perl package in the SDK")
+        self.ensure_host_package("perl")
 
     def test_perl(self):
         cmd = "perl -e '$_=\"Uryyb, jbeyq\"; tr/a-zA-Z/n-za-mN-ZA-M/;print'"
diff --git a/meta/lib/oeqa/sdk/cases/python.py b/meta/lib/oeqa/sdk/cases/python.py
index a334abce5f..b990cd889a 100644
--- a/meta/lib/oeqa/sdk/cases/python.py
+++ b/meta/lib/oeqa/sdk/cases/python.py
@@ -1,29 +1,17 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
-import subprocess, unittest
 from oeqa.sdk.case import OESDKTestCase
 
 from oeqa.utils.subprocesstweak import errors_have_output
 errors_have_output()
 
-class Python2Test(OESDKTestCase):
-    def setUp(self):
-        if not (self.tc.hasHostPackage("nativesdk-python-core") or
-                self.tc.hasHostPackage("python-core-native")):
-            raise unittest.SkipTest("No python package in the SDK")
-
-    def test_python2(self):
-        cmd = "python -c \"import codecs; print(codecs.encode('Uryyb, jbeyq', 'rot13'))\""
-        output = self._run(cmd)
-        self.assertEqual(output, "Hello, world\n")
-
 class Python3Test(OESDKTestCase):
     def setUp(self):
-        if not (self.tc.hasHostPackage("nativesdk-python3-core") or
-                self.tc.hasHostPackage("python3-core-native")):
-            raise unittest.SkipTest("No python3 package in the SDK")
+        self.ensure_host_package("python3-core", recipe="python3")
 
     def test_python3(self):
         cmd = "python3 -c \"import codecs; print(codecs.encode('Uryyb, jbeyq', 'rot13'))\""
diff --git a/meta/lib/oeqa/sdk/cases/rust.py b/meta/lib/oeqa/sdk/cases/rust.py
new file mode 100644
index 0000000000..4b115bebf5
--- /dev/null
+++ b/meta/lib/oeqa/sdk/cases/rust.py
@@ -0,0 +1,58 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+import os
+import shutil
+import unittest
+
+from oeqa.sdk.case import OESDKTestCase
+
+from oeqa.utils.subprocesstweak import errors_have_output
+errors_have_output()
+
+class RustCompileTest(OESDKTestCase):
+    td_vars = ['MACHINE']
+
+    @classmethod
+    def setUpClass(self):
+        targetdir = os.path.join(self.tc.sdk_dir, "hello")
+        try:
+            shutil.rmtree(targetdir)
+        except FileNotFoundError:
+            pass
+        shutil.copytree(os.path.join(self.tc.sdk_files_dir, "rust/hello"), targetdir)
+
+    def setUp(self):
+        machine = self.td.get("MACHINE")
+        if not self.tc.hasHostPackage("packagegroup-rust-cross-canadian-%s" % machine):
+            raise unittest.SkipTest("RustCompileTest class: SDK doesn't contain a Rust cross-canadian toolchain")
+
+    def test_cargo_build(self):
+        self._run('cd %s/hello; cargo add zstd' % (self.tc.sdk_dir))
+        self._run('cd %s/hello; cargo build' % self.tc.sdk_dir)
+
+class RustHostCompileTest(OESDKTestCase):
+    td_vars = ['MACHINE', 'SDK_SYS']
+
+    @classmethod
+    def setUpClass(self):
+        targetdir = os.path.join(self.tc.sdk_dir, "hello")
+        try:
+            shutil.rmtree(targetdir)
+        except FileNotFoundError:
+            pass
+        shutil.copytree(os.path.join(self.tc.sdk_files_dir, "rust/hello"), targetdir)
+
+    def setUp(self):
+        machine = self.td.get("MACHINE")
+        if not self.tc.hasHostPackage("packagegroup-rust-cross-canadian-%s" % machine):
+            raise unittest.SkipTest("RustCompileTest class: SDK doesn't contain a Rust cross-canadian toolchain")
+
+    def test_cargo_build(self):
+        sdksys = self.td.get("SDK_SYS")
+        self._run('cd %s/hello; cargo add zstd' % (self.tc.sdk_dir))
+        self._run('cd %s/hello; cargo build --target %s-gnu' % (self.tc.sdk_dir, sdksys))
+        self._run('cd %s/hello; cargo run --target %s-gnu' % (self.tc.sdk_dir, sdksys))
diff --git a/meta/lib/oeqa/sdk/context.py b/meta/lib/oeqa/sdk/context.py
index 01c38c24e6..d4fdd83207 100644
--- a/meta/lib/oeqa/sdk/context.py
+++ b/meta/lib/oeqa/sdk/context.py
@@ -23,6 +23,13 @@ class OESDKTestContext(OETestContext):
         self.target_pkg_manifest = target_pkg_manifest
         self.host_pkg_manifest = host_pkg_manifest
 
+        # match multilib according to sdk_env
+        self.multilib = ""
+        multilibs = self.td.get('MULTILIB_VARIANTS', '').split()
+        for ml in multilibs:
+            if ml in os.path.basename(self.sdk_env):
+                self.multilib = ml
+
     def _hasPackage(self, manifest, pkg, regex=False):
         if regex:
             # do regex match
@@ -40,12 +47,8 @@ class OESDKTestContext(OETestContext):
         return self._hasPackage(self.host_pkg_manifest, pkg, regex=regex)
 
     def hasTargetPackage(self, pkg, multilib=False, regex=False):
-        if multilib:
-            # match multilib according to sdk_env
-            mls = self.td.get('MULTILIB_VARIANTS', '').split()
-            for ml in mls:
-                if ('ml'+ml) in self.sdk_env:
-                    pkg = ml + '-' + pkg
+        if multilib and self.multilib:
+            pkg = self.multilib + '-' + pkg
         return self._hasPackage(self.target_pkg_manifest, pkg, regex=regex)
 
 class OESDKTestContextExecutor(OETestContextExecutor):
diff --git a/meta/lib/oeqa/sdk/files/rust/hello/Cargo.toml b/meta/lib/oeqa/sdk/files/rust/hello/Cargo.toml
new file mode 100644
index 0000000000..fe619478a6
--- /dev/null
+++ b/meta/lib/oeqa/sdk/files/rust/hello/Cargo.toml
@@ -0,0 +1,6 @@
+[package]
+name = "hello"
+version = "0.1.0"
+edition = "2021"
+
+[dependencies]
diff --git a/meta/lib/oeqa/sdk/files/rust/hello/build.rs b/meta/lib/oeqa/sdk/files/rust/hello/build.rs
new file mode 100644
index 0000000000..b1a533d5df
--- /dev/null
+++ b/meta/lib/oeqa/sdk/files/rust/hello/build.rs
@@ -0,0 +1,3 @@
+/* This is the simplest build script just to invoke host compiler
+   in the build process. */
+fn main() {}
diff --git a/meta/lib/oeqa/sdk/files/rust/hello/src/main.rs b/meta/lib/oeqa/sdk/files/rust/hello/src/main.rs
new file mode 100644
index 0000000000..a06c03f82a
--- /dev/null
+++ b/meta/lib/oeqa/sdk/files/rust/hello/src/main.rs
@@ -0,0 +1,3 @@
+fn main() {
+    println!("Hello, OpenEmbedded world!");
+}
diff --git a/meta/lib/oeqa/sdk/testmetaidesupport.py b/meta/lib/oeqa/sdk/testmetaidesupport.py
new file mode 100644
index 0000000000..00ef30e82e
--- /dev/null
+++ b/meta/lib/oeqa/sdk/testmetaidesupport.py
@@ -0,0 +1,45 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+class TestSDK(object):
+    def run(self, d):
+        import json
+        import logging
+        from oeqa.sdk.context import OESDKTestContext, OESDKTestContextExecutor
+        from oeqa.utils import make_logger_bitbake_compatible
+
+        pn = d.getVar("PN")
+
+        logger = make_logger_bitbake_compatible(logging.getLogger("BitBake"))
+
+        sdk_dir = d.expand("${WORKDIR}/testsdk/")
+        bb.utils.remove(sdk_dir, True)
+        bb.utils.mkdirhier(sdk_dir)
+
+        sdk_envs = OESDKTestContextExecutor._get_sdk_environs(d.getVar("DEPLOY_DIR_IMAGE"))
+        tdname = d.expand("${DEPLOY_DIR_IMAGE}/${PN}.testdata.json")
+        test_data = json.load(open(tdname, "r"))
+
+        host_pkg_manifest = {"cmake-native":"", "gcc-cross":"", "gettext-native":"", "meson-native":"", "perl-native":"", "python3-core-native":"", }
+        target_pkg_manifest = {"gtk+3":""}
+
+        for s in sdk_envs:
+            bb.plain("meta-ide-support based SDK testing environment: %s" % s)
+
+            sdk_env = sdk_envs[s]
+
+            tc = OESDKTestContext(td=test_data, logger=logger, sdk_dir=sdk_dir,
+                sdk_env=sdk_env, target_pkg_manifest=target_pkg_manifest,
+                host_pkg_manifest=host_pkg_manifest)
+
+            tc.loadTests(OESDKTestContextExecutor.default_cases)
+
+            results = tc.runTests()
+            if results:
+                results.logSummary(pn)
+
+            if (not results) or (not results.wasSuccessful()):
+                bb.fatal('%s - FAILED' % (pn,), forcelog=True)
diff --git a/meta/lib/oeqa/sdk/testsdk.py b/meta/lib/oeqa/sdk/testsdk.py
index 35e40187bc..cffcf9f49a 100644
--- a/meta/lib/oeqa/sdk/testsdk.py
+++ b/meta/lib/oeqa/sdk/testsdk.py
@@ -23,14 +23,6 @@ class TestSDKBase(object):
         return configuration
 
     @staticmethod
-    def get_sdk_json_result_dir(d):
-        json_result_dir = os.path.join(d.getVar("LOG_DIR"), 'oeqa')
-        custom_json_result_dir = d.getVar("OEQA_JSON_RESULT_DIR")
-        if custom_json_result_dir:
-            json_result_dir = custom_json_result_dir
-        return json_result_dir
-
-    @staticmethod
     def get_sdk_result_id(configuration):
         return '%s_%s_%s_%s_%s' % (configuration['TEST_TYPE'], configuration['IMAGE_BASENAME'], configuration['SDKMACHINE'], configuration['MACHINE'], configuration['STARTTIME'])
 
@@ -39,6 +31,28 @@ class TestSDK(TestSDKBase):
     context_class = OESDKTestContext
     test_type = 'sdk'
 
+    def sdk_dir_names(self, d):
+        """Return list from TESTSDK_CASE_DIRS."""
+        testdirs = d.getVar("TESTSDK_CASE_DIRS")
+        if testdirs:
+            return testdirs.split()
+
+        bb.fatal("TESTSDK_CASE_DIRS unset, can't find SDK test directories.")
+
+    def get_sdk_paths(self, d):
+        """
+        Return a list of paths where SDK test cases reside.
+
+        SDK tests are expected in <LAYER_DIR>/lib/oeqa/<dirname>/cases
+        """
+        paths = []
+        for layer in d.getVar("BBLAYERS").split():
+            for dirname in self.sdk_dir_names(d):
+                case_path = os.path.join(layer, "lib", "oeqa", dirname, "cases")
+                if os.path.isdir(case_path):
+                    paths.append(case_path)
+        return paths
+
     def get_tcname(self, d):
         """
         Get the name of the SDK file
@@ -72,6 +86,7 @@ class TestSDK(TestSDKBase):
 
         from bb.utils import export_proxies
         from oeqa.utils import make_logger_bitbake_compatible
+        from oeqa.utils import get_json_result_dir
 
         pn = d.getVar("PN")
         logger = make_logger_bitbake_compatible(logging.getLogger("BitBake"))
@@ -79,6 +94,9 @@ class TestSDK(TestSDKBase):
         # sdk use network for download projects for build
         export_proxies(d)
 
+        # We need the original PATH for testing the eSDK, not with our manipulations
+        os.environ['PATH'] = d.getVar("BB_ORIGENV", False).getVar("PATH")
+
         tcname = self.get_tcname(d)
 
         if not os.path.exists(tcname):
@@ -118,7 +136,8 @@ class TestSDK(TestSDKBase):
                 host_pkg_manifest=host_pkg_manifest, **context_args)
 
             try:
-                tc.loadTests(self.context_executor_class.default_cases)
+                modules = (d.getVar("TESTSDK_SUITES") or "").split()
+                tc.loadTests(self.get_sdk_paths(d), modules)
             except Exception as e:
                 import traceback
                 bb.fatal("Loading tests failed:\n%s" % traceback.format_exc())
@@ -131,7 +150,7 @@ class TestSDK(TestSDKBase):
             component = "%s %s" % (pn, self.context_executor_class.name)
             context_msg = "%s:%s" % (os.path.basename(tcname), os.path.basename(sdk_env))
             configuration = self.get_sdk_configuration(d, self.test_type)
-            result.logDetails(self.get_sdk_json_result_dir(d),
+            result.logDetails(get_json_result_dir(d),
                             configuration,
                             self.get_sdk_result_id(configuration))
             result.logSummary(component, context_msg)
diff --git a/meta/lib/oeqa/sdkext/cases/devtool.py b/meta/lib/oeqa/sdkext/cases/devtool.py
index a5c6a76e02..d0746e68eb 100644
--- a/meta/lib/oeqa/sdkext/cases/devtool.py
+++ b/meta/lib/oeqa/sdkext/cases/devtool.py
@@ -69,10 +69,9 @@ class DevtoolTest(OESDKExtTestCase):
         self._test_devtool_build(self.myapp_cmake_dst)
 
     def test_extend_autotools_recipe_creation(self):
-        req = 'https://github.com/rdfa/librdfa'
-        recipe = "librdfa"
-        self._run('devtool sdk-install libxml2')
-        self._run('devtool add %s %s' % (recipe, req) )
+        recipe = "test-dbus-wait"
+        self._run('devtool sdk-install dbus')
+        self._run('devtool add %s https://git.yoctoproject.org/git/dbus-wait' % (recipe) )
         try:
             self._run('devtool build %s' % recipe)
         finally:
@@ -112,7 +111,7 @@ class SdkUpdateTest(OESDKExtTestCase):
         cmd = 'oe-publish-sdk %s %s' % (tcname_new, self.publish_dir)
         subprocess.check_output(cmd, shell=True)
 
-        self.http_service = HTTPService(self.publish_dir)
+        self.http_service = HTTPService(self.publish_dir, logger=self.logger)
         self.http_service.start()
 
         self.http_url = "http://127.0.0.1:%d" % self.http_service.port
diff --git a/meta/lib/oeqa/sdkext/context.py b/meta/lib/oeqa/sdkext/context.py
index 2ac2bf6ff7..2da57e2ccf 100644
--- a/meta/lib/oeqa/sdkext/context.py
+++ b/meta/lib/oeqa/sdkext/context.py
@@ -12,11 +12,11 @@ class OESDKExtTestContext(OESDKTestContext):
 
     # FIXME - We really need to do better mapping of names here, this at
     # least allows some tests to run
-    def hasHostPackage(self, pkg):
+    def hasHostPackage(self, pkg, regex=False):
         # We force a toolchain to be installed into the eSDK even if its minimal
         if pkg.startswith("packagegroup-cross-canadian-"):
             return True
-        return self._hasPackage(self.host_pkg_manifest, pkg)
+        return self._hasPackage(self.host_pkg_manifest, pkg, regex)
 
 class OESDKExtTestContextExecutor(OESDKTestContextExecutor):
     _context_class = OESDKExtTestContext
diff --git a/meta/lib/oeqa/sdkext/testsdk.py b/meta/lib/oeqa/sdkext/testsdk.py
index ffd185ec55..6dc23065a4 100644
--- a/meta/lib/oeqa/sdkext/testsdk.py
+++ b/meta/lib/oeqa/sdkext/testsdk.py
@@ -16,6 +16,7 @@ class TestSDKExt(TestSDKBase):
         from bb.utils import export_proxies
         from oeqa.utils import avoid_paths_in_environ, make_logger_bitbake_compatible, subprocesstweak
         from oeqa.sdkext.context import OESDKExtTestContext, OESDKExtTestContextExecutor
+        from oeqa.utils import get_json_result_dir
 
         pn = d.getVar("PN")
         logger = make_logger_bitbake_compatible(logging.getLogger("BitBake"))
@@ -67,10 +68,10 @@ class TestSDKExt(TestSDKBase):
             # and we don't spend hours downloading kernels for the kernel module test
             # Abuse auto.conf since local.conf would be overwritten by the SDK
             with open(os.path.join(sdk_dir, 'conf', 'auto.conf'), 'a+') as f:
-                f.write('SSTATE_MIRRORS += " \\n file://.* file://%s/PATH"\n' % test_data.get('SSTATE_DIR'))
+                f.write('SSTATE_MIRRORS += "file://.* file://%s/PATH"\n' % test_data.get('SSTATE_DIR'))
                 f.write('SOURCE_MIRROR_URL = "file://%s"\n' % test_data.get('DL_DIR'))
                 f.write('INHERIT += "own-mirrors"\n')
-                f.write('PREMIRRORS_prepend = " git://git.yoctoproject.org/.* git://%s/git2/git.yoctoproject.org.BASENAME \\n "\n' % test_data.get('DL_DIR'))
+                f.write('PREMIRRORS:prepend = "git://git.yoctoproject.org/.* git://%s/git2/git.yoctoproject.org.BASENAME "\n' % test_data.get('DL_DIR'))
 
             # We need to do this in case we have a minimal SDK
             subprocess.check_output(". %s > /dev/null; devtool sdk-install meta-extsdk-toolchain" % \
@@ -81,7 +82,8 @@ class TestSDKExt(TestSDKBase):
                 host_pkg_manifest=host_pkg_manifest)
 
             try:
-                tc.loadTests(OESDKExtTestContextExecutor.default_cases)
+                modules = (d.getVar("TESTSDK_SUITES") or "").split()
+                tc.loadTests(OESDKExtTestContextExecutor.default_cases, modules)
             except Exception as e:
                 import traceback
                 bb.fatal("Loading tests failed:\n%s" % traceback.format_exc())
@@ -91,7 +93,7 @@ class TestSDKExt(TestSDKBase):
             component = "%s %s" % (pn, OESDKExtTestContextExecutor.name)
             context_msg = "%s:%s" % (os.path.basename(tcname), os.path.basename(sdk_env))
             configuration = self.get_sdk_configuration(d, 'sdkext')
-            result.logDetails(self.get_sdk_json_result_dir(d),
+            result.logDetails(get_json_result_dir(d),
                             configuration,
                             self.get_sdk_result_id(configuration))
             result.logSummary(component, context_msg)
diff --git a/meta/lib/oeqa/selftest/case.py b/meta/lib/oeqa/selftest/case.py
index dcad4f76ec..da35b25f68 100644
--- a/meta/lib/oeqa/selftest/case.py
+++ b/meta/lib/oeqa/selftest/case.py
@@ -117,10 +117,6 @@ class OESelftestTestCase(OETestCase):
                 if e.errno != errno.ENOENT:
                     raise
 
-        if self.tc.custommachine:
-            machine_conf = 'MACHINE ??= "%s"\n' % self.tc.custommachine
-            self.set_machine_config(machine_conf)
-
         # tests might need their own setup
         # but if they overwrite this one they have to call
         # super each time, so let's give them an alternative
@@ -178,19 +174,11 @@ class OESelftestTestCase(OETestCase):
         self.logger.debug("Writing to: %s\n%s\n" % (dest_path, data))
         ftools.write_file(dest_path, data)
 
-        if not multiconfig and self.tc.custommachine and 'MACHINE' in data:
-            machine = get_bb_var('MACHINE')
-            self.logger.warning('MACHINE overridden: %s' % machine)
-
     def append_config(self, data):
         """Append to <builddir>/conf/selftest.inc"""
         self.logger.debug("Appending to: %s\n%s\n" % (self.testinc_path, data))
         ftools.append_file(self.testinc_path, data)
 
-        if self.tc.custommachine and 'MACHINE' in data:
-            machine = get_bb_var('MACHINE')
-            self.logger.warning('MACHINE overridden: %s' % machine)
-
     def remove_config(self, data):
         """Remove data from <builddir>/conf/selftest.inc"""
         self.logger.debug("Removing from: %s\n%s\n" % (self.testinc_path, data))
@@ -249,6 +237,13 @@ class OESelftestTestCase(OETestCase):
         self.logger.debug("Writing to: %s\n%s\n" % (self.machineinc_path, data))
         ftools.write_file(self.machineinc_path, data)
 
+    def disable_class(self, classname):
+        destfile = "%s/classes/%s.bbclass" % (self.builddir, classname)
+        os.makedirs(os.path.dirname(destfile), exist_ok=True)
+        self.track_for_cleanup(destfile)
+        self.logger.debug("Creating empty class: %s\n" % (destfile))
+        ftools.write_file(destfile, "")
+
     # check does path exist
     def assertExists(self, expr, msg=None):
         if not os.path.exists(expr):
diff --git a/meta/lib/oeqa/selftest/cases/_sstatetests_noauto.py b/meta/lib/oeqa/selftest/cases/_sstatetests_noauto.py
index f7c356ad09..2c9584d329 100644
--- a/meta/lib/oeqa/selftest/cases/_sstatetests_noauto.py
+++ b/meta/lib/oeqa/selftest/cases/_sstatetests_noauto.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -6,8 +8,8 @@ import os
 import shutil
 
 import oeqa.utils.ftools as ftools
-from oeqa.utils.commands import runCmd, bitbake, get_bb_var, get_test_layer
-from oeqa.selftest.cases.sstate import SStateBase
+from oeqa.utils.commands import runCmd, bitbake, get_bb_var
+from oeqa.selftest.cases.sstatetests import SStateBase
 
 
 class RebuildFromSState(SStateBase):
@@ -90,7 +92,7 @@ class RebuildFromSState(SStateBase):
         self.assertFalse(failed_cleansstate, msg="The following recipes have failed cleansstate(all others have passed both cleansstate and rebuild from sstate tests): %s" % ' '.join(map(str, failed_cleansstate)))
 
     def test_sstate_relocation(self):
-        self.run_test_sstate_rebuild(['core-image-sato-sdk'], relocate=True, rebuild_dependencies=True)
+        self.run_test_sstate_rebuild(['core-image-weston-sdk'], relocate=True, rebuild_dependencies=True)
 
     def test_sstate_rebuild(self):
-        self.run_test_sstate_rebuild(['core-image-sato-sdk'], relocate=False, rebuild_dependencies=True)
+        self.run_test_sstate_rebuild(['core-image-weston-sdk'], relocate=False, rebuild_dependencies=True)
diff --git a/meta/lib/oeqa/selftest/cases/archiver.py b/meta/lib/oeqa/selftest/cases/archiver.py
index ddd08ecf84..612ec675a7 100644
--- a/meta/lib/oeqa/selftest/cases/archiver.py
+++ b/meta/lib/oeqa/selftest/cases/archiver.py
@@ -1,9 +1,12 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
 import os
 import glob
+import re
 from oeqa.utils.commands import bitbake, get_bb_vars
 from oeqa.selftest.case import OESelftestTestCase
 
@@ -35,11 +38,11 @@ class Archiver(OESelftestTestCase):
         src_path = os.path.join(bb_vars['DEPLOY_DIR_SRC'], bb_vars['TARGET_SYS'])
 
         # Check that include_recipe was included
-        included_present = len(glob.glob(src_path + '/%s-*' % include_recipe))
+        included_present = len(glob.glob(src_path + '/%s-*/*' % include_recipe))
         self.assertTrue(included_present, 'Recipe %s was not included.' % include_recipe)
 
         # Check that exclude_recipe was excluded
-        excluded_present = len(glob.glob(src_path + '/%s-*' % exclude_recipe))
+        excluded_present = len(glob.glob(src_path + '/%s-*/*' % exclude_recipe))
         self.assertFalse(excluded_present, 'Recipe %s was not excluded.' % exclude_recipe)
 
     def test_archiver_filters_by_type(self):
@@ -67,11 +70,11 @@ class Archiver(OESelftestTestCase):
         src_path_native = os.path.join(bb_vars['DEPLOY_DIR_SRC'], bb_vars['BUILD_SYS'])
 
         # Check that target_recipe was included
-        included_present = len(glob.glob(src_path_target + '/%s-*' % target_recipe))
+        included_present = len(glob.glob(src_path_target + '/%s-*/*' % target_recipe))
         self.assertTrue(included_present, 'Recipe %s was not included.' % target_recipe)
 
         # Check that native_recipe was excluded
-        excluded_present = len(glob.glob(src_path_native + '/%s-*' % native_recipe))
+        excluded_present = len(glob.glob(src_path_native + '/%s-*/*' % native_recipe))
         self.assertFalse(excluded_present, 'Recipe %s was not excluded.' % native_recipe)
 
     def test_archiver_filters_by_type_and_name(self):
@@ -104,20 +107,51 @@ class Archiver(OESelftestTestCase):
         src_path_native = os.path.join(bb_vars['DEPLOY_DIR_SRC'], bb_vars['BUILD_SYS'])
 
         # Check that target_recipe[0] and native_recipes[1] were included
-        included_present = len(glob.glob(src_path_target + '/%s-*' % target_recipes[0]))
+        included_present = len(glob.glob(src_path_target + '/%s-*/*' % target_recipes[0]))
         self.assertTrue(included_present, 'Recipe %s was not included.' % target_recipes[0])
 
-        included_present = len(glob.glob(src_path_native + '/%s-*' % native_recipes[1]))
+        included_present = len(glob.glob(src_path_native + '/%s-*/*' % native_recipes[1]))
         self.assertTrue(included_present, 'Recipe %s was not included.' % native_recipes[1])
 
         # Check that native_recipes[0] and target_recipes[1] were excluded
-        excluded_present = len(glob.glob(src_path_native + '/%s-*' % native_recipes[0]))
+        excluded_present = len(glob.glob(src_path_native + '/%s-*/*' % native_recipes[0]))
         self.assertFalse(excluded_present, 'Recipe %s was not excluded.' % native_recipes[0])
 
-        excluded_present = len(glob.glob(src_path_target + '/%s-*' % target_recipes[1]))
+        excluded_present = len(glob.glob(src_path_target + '/%s-*/*' % target_recipes[1]))
         self.assertFalse(excluded_present, 'Recipe %s was not excluded.' % target_recipes[1])
 
+    def test_archiver_multiconfig_shared_unpack_and_patch(self):
+        """
+        Test that shared recipes in original mode with diff enabled works in multiconfig,
+        otherwise it will not build when using the same TMP dir.
+        """
+
+        features = 'BBMULTICONFIG = "mc1 mc2"\n'
+        features += 'INHERIT += "archiver"\n'
+        features += 'ARCHIVER_MODE[src] = "original"\n'
+        features += 'ARCHIVER_MODE[diff] = "1"\n'
+        self.write_config(features)
+
+        # We can use any machine in multiconfig as long as they are different
+        self.write_config('MACHINE = "qemuarm"\n', 'mc1')
+        self.write_config('MACHINE = "qemux86"\n', 'mc2')
+
+        task = 'do_unpack_and_patch'
+        # Use gcc-source as it is a shared recipe (appends the pv to the pn)
+        pn = 'gcc-source-%s' % get_bb_vars(['PV'], 'gcc')['PV']
+
+        # Generate the tasks signatures
+        bitbake('mc:mc1:%s mc:mc2:%s -c %s -S lockedsigs' % (pn, pn, task))
 
+        # Check the tasks signatures
+        # To be machine agnostic the tasks needs to generate the same signature for each machine
+        locked_sigs_inc = "%s/locked-sigs.inc" % self.builddir
+        locked_sigs = open(locked_sigs_inc).read()
+        task_sigs = re.findall(r"%s:%s:.*" % (pn, task), locked_sigs)
+        uniq_sigs = set(task_sigs)
+        self.assertFalse(len(uniq_sigs) - 1, \
+            'The task "%s" of the recipe "%s" has different signatures in "%s" for each machine in multiconfig' \
+            % (task, pn, locked_sigs_inc))
 
     def test_archiver_srpm_mode(self):
         """
@@ -156,28 +190,28 @@ class Archiver(OESelftestTestCase):
         Test that the archiver works with `ARCHIVER_MODE[src] = "original"`.
         """
 
-        self._test_archiver_mode('original', 'ed-1.14.1.tar.lz')
+        self._test_archiver_mode('original', 'ed-1.21.1.tar.lz')
 
     def test_archiver_mode_patched(self):
         """
         Test that the archiver works with `ARCHIVER_MODE[src] = "patched"`.
         """
 
-        self._test_archiver_mode('patched', 'selftest-ed-native-1.14.1-r0-patched.tar.gz')
+        self._test_archiver_mode('patched', 'selftest-ed-native-1.21.1-r0-patched.tar.xz')
 
     def test_archiver_mode_configured(self):
         """
         Test that the archiver works with `ARCHIVER_MODE[src] = "configured"`.
         """
 
-        self._test_archiver_mode('configured', 'selftest-ed-native-1.14.1-r0-configured.tar.gz')
+        self._test_archiver_mode('configured', 'selftest-ed-native-1.21.1-r0-configured.tar.xz')
 
     def test_archiver_mode_recipe(self):
         """
         Test that the archiver works with `ARCHIVER_MODE[recipe] = "1"`.
         """
 
-        self._test_archiver_mode('patched', 'selftest-ed-native-1.14.1-r0-recipe.tar.gz',
+        self._test_archiver_mode('patched', 'selftest-ed-native-1.21.1-r0-recipe.tar.xz',
                                  'ARCHIVER_MODE[recipe] = "1"\n')
 
     def test_archiver_mode_diff(self):
@@ -186,7 +220,7 @@ class Archiver(OESelftestTestCase):
         Exclusions controlled by `ARCHIVER_MODE[diff-exclude]` are not yet tested.
         """
 
-        self._test_archiver_mode('patched', 'selftest-ed-native-1.14.1-r0-diff.gz',
+        self._test_archiver_mode('patched', 'selftest-ed-native-1.21.1-r0-diff.gz',
                                  'ARCHIVER_MODE[diff] = "1"\n')
 
     def test_archiver_mode_dumpdata(self):
@@ -194,7 +228,7 @@ class Archiver(OESelftestTestCase):
         Test that the archiver works with `ARCHIVER_MODE[dumpdata] = "1"`.
         """
 
-        self._test_archiver_mode('patched', 'selftest-ed-native-1.14.1-r0-showdata.dump',
+        self._test_archiver_mode('patched', 'selftest-ed-native-1.21.1-r0-showdata.dump',
                                  'ARCHIVER_MODE[dumpdata] = "1"\n')
 
     def test_archiver_mode_mirror(self):
@@ -202,7 +236,7 @@ class Archiver(OESelftestTestCase):
         Test that the archiver works with `ARCHIVER_MODE[src] = "mirror"`.
         """
 
-        self._test_archiver_mode('mirror', 'ed-1.14.1.tar.lz',
+        self._test_archiver_mode('mirror', 'ed-1.21.1.tar.lz',
                                  'BB_GENERATE_MIRROR_TARBALLS = "1"\n')
 
     def test_archiver_mode_mirror_excludes(self):
@@ -213,7 +247,7 @@ class Archiver(OESelftestTestCase):
         """
 
         target='selftest-ed'
-        target_file_name = 'ed-1.14.1.tar.lz'
+        target_file_name = 'ed-1.21.1.tar.lz'
 
         features = 'INHERIT += "archiver"\n'
         features += 'ARCHIVER_MODE[src] = "mirror"\n'
@@ -251,7 +285,7 @@ class Archiver(OESelftestTestCase):
             bitbake('-c deploy_archives %s' % (target))
 
         bb_vars = get_bb_vars(['DEPLOY_DIR_SRC'])
-        for target_file_name in ['ed-1.14.1.tar.lz', 'hello.c']:
+        for target_file_name in ['ed-1.21.1.tar.lz', 'hello.c']:
             glob_str = os.path.join(bb_vars['DEPLOY_DIR_SRC'], 'mirror', target_file_name)
             glob_result = glob.glob(glob_str)
             self.assertTrue(glob_result, 'Missing archive file %s' % (target_file_name))
diff --git a/meta/lib/oeqa/selftest/cases/barebox.py b/meta/lib/oeqa/selftest/cases/barebox.py
new file mode 100644
index 0000000000..3f8f232432
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/barebox.py
@@ -0,0 +1,44 @@
+# Qemu-based barebox bootloader integration testing
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+from oeqa.selftest.case import OESelftestTestCase
+from oeqa.utils.commands import bitbake, runqemu
+from oeqa.core.decorator.data import skipIfNotArch
+from oeqa.core.decorator import OETestTag
+
+barebox_boot_patterns = {
+        'search_reached_prompt': r"stop autoboot",
+        'search_login_succeeded': r"barebox@[^:]+:[^ ]+ ",
+        'search_cmd_finished': r"barebox@[a-zA-Z0-9\-\s]+:/"
+        }
+
+
+class BareboxTest(OESelftestTestCase):
+
+    @skipIfNotArch(['arm', 'aarch64'])
+    @OETestTag("runqemu")
+    def test_boot_barebox(self):
+        """
+        Tests building barebox and booting it with QEMU
+        """
+
+        self.write_config("""
+QB_DEFAULT_KERNEL = "barebox-dt-2nd.img"
+PREFERRED_PROVIDER_virtual/bootloader = "barebox"
+QEMU_USE_KVM = "False"
+""")
+
+        bitbake("virtual/bootloader core-image-minimal")
+
+        with runqemu('core-image-minimal', ssh=False, runqemuparams='nographic',
+                     boot_patterns=barebox_boot_patterns) as qemu:
+
+            # test if barebox console works
+            cmd = "version"
+            status, output = qemu.run_serial(cmd)
+            self.assertEqual(status, 1, msg=output)
+            self.assertTrue("barebox" in output, msg=output)
diff --git a/meta/lib/oeqa/selftest/cases/baremetal.py b/meta/lib/oeqa/selftest/cases/baremetal.py
new file mode 100644
index 0000000000..cadaea2f1a
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/baremetal.py
@@ -0,0 +1,14 @@
+
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+from oeqa.selftest.case import OESelftestTestCase
+from oeqa.utils.commands import bitbake
+
+class BaremetalTest(OESelftestTestCase):
+    def test_baremetal(self):
+        self.write_config('TCLIBC = "baremetal"')
+        bitbake('baremetal-helloworld')
diff --git a/meta/lib/oeqa/selftest/cases/bbclasses.py b/meta/lib/oeqa/selftest/cases/bbclasses.py
new file mode 100644
index 0000000000..10545ebe65
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/bbclasses.py
@@ -0,0 +1,106 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+from oeqa.selftest.case import OESelftestTestCase
+from oeqa.utils.commands import get_bb_vars, bitbake
+
+class Systemd(OESelftestTestCase):
+    """
+    Tests related to the systemd bbclass.
+    """
+
+    def getVars(self, recipe):
+        self.bb_vars = get_bb_vars(
+            [
+                'BPN',
+                'D',
+                'INIT_D_DIR',
+                'prefix',
+                'systemd_system_unitdir',
+                'sysconfdir',
+            ],
+            recipe,
+        )
+
+    def fileExists(self, filename):
+        self.assertExists(filename.format(**self.bb_vars))
+
+    def fileNotExists(self, filename):
+        self.assertNotExists(filename.format(**self.bb_vars))
+
+    def test_systemd_in_distro(self):
+        """
+        Summary:    Verify that no sysvinit files are installed when the
+                    systemd distro feature is enabled, but sysvinit is not.
+        Expected:   Systemd service file exists, but /etc does not.
+        Product:    OE-Core
+        Author:     Peter Kjellerstedt <peter.kjellerstedt@axis.com>
+        """
+
+        self.write_config("""
+DISTRO_FEATURES:append = " systemd usrmerge"
+DISTRO_FEATURES:remove = "sysvinit"
+VIRTUAL-RUNTIME_init_manager = "systemd"
+""")
+        bitbake("systemd-only systemd-and-sysvinit -c install")
+
+        self.getVars("systemd-only")
+        self.fileExists("{D}{systemd_system_unitdir}/{BPN}.service")
+
+        self.getVars("systemd-and-sysvinit")
+        self.fileExists("{D}{systemd_system_unitdir}/{BPN}.service")
+        self.fileNotExists("{D}{sysconfdir}")
+
+    def test_systemd_and_sysvinit_in_distro(self):
+        """
+        Summary:    Verify that both systemd and sysvinit files are installed
+                    when both the systemd and sysvinit distro features are
+                    enabled.
+        Expected:   Systemd service file and sysvinit initscript exist.
+        Product:    OE-Core
+        Author:     Peter Kjellerstedt <peter.kjellerstedt@axis.com>
+        """
+
+        self.write_config("""
+DISTRO_FEATURES:append = " systemd sysvinit usrmerge"
+VIRTUAL-RUNTIME_init_manager = "systemd"
+""")
+        bitbake("systemd-only systemd-and-sysvinit -c install")
+
+        self.getVars("systemd-only")
+        self.fileExists("{D}{systemd_system_unitdir}/{BPN}.service")
+
+        self.getVars("systemd-and-sysvinit")
+        self.fileExists("{D}{systemd_system_unitdir}/{BPN}.service")
+        self.fileExists("{D}{INIT_D_DIR}/{BPN}")
+
+    def test_sysvinit_in_distro(self):
+        """
+        Summary:    Verify that no systemd service files are installed when the
+                    sysvinit distro feature is enabled, but systemd is not.
+        Expected:   The systemd  service file does not exist, nor does /usr.
+                    The sysvinit initscript exists.
+        Product:    OE-Core
+        Author:     Peter Kjellerstedt <peter.kjellerstedt@axis.com>
+        """
+
+        self.write_config("""
+DISTRO_FEATURES:remove = "systemd"
+DISTRO_FEATURES:append = " sysvinit usrmerge"
+VIRTUAL-RUNTIME_init_manager = "sysvinit"
+""")
+        bitbake("systemd-only systemd-and-sysvinit -c install")
+
+        self.getVars("systemd-only")
+        self.fileNotExists("{D}{systemd_system_unitdir}/{BPN}.service")
+        self.fileNotExists("{D}{prefix}")
+        self.fileNotExists("{D}{sysconfdir}")
+        self.fileExists("{D}")
+
+        self.getVars("systemd-and-sysvinit")
+        self.fileNotExists("{D}{systemd_system_unitdir}/{BPN}.service")
+        self.fileNotExists("{D}{prefix}")
+        self.fileExists("{D}{INIT_D_DIR}/{BPN}")
diff --git a/meta/lib/oeqa/selftest/cases/bblayers.py b/meta/lib/oeqa/selftest/cases/bblayers.py
index f131d9856c..68b0377720 100644
--- a/meta/lib/oeqa/selftest/cases/bblayers.py
+++ b/meta/lib/oeqa/selftest/cases/bblayers.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -6,12 +8,23 @@ import os
 import re
 
 import oeqa.utils.ftools as ftools
-from oeqa.utils.commands import runCmd, get_bb_var, get_bb_vars
+from oeqa.utils.commands import runCmd, get_bb_var, get_bb_vars, bitbake
 
 from oeqa.selftest.case import OESelftestTestCase
 
 class BitbakeLayers(OESelftestTestCase):
 
+    @classmethod
+    def setUpClass(cls):
+        super(BitbakeLayers, cls).setUpClass()
+        bitbake("python3-jsonschema-native")
+        bitbake("-c addto_recipe_sysroot python3-jsonschema-native")
+
+    def test_bitbakelayers_layerindexshowdepends(self):
+        result = runCmd('bitbake-layers layerindex-show-depends meta-poky')
+        find_in_contents = re.search("openembedded-core", result.output)
+        self.assertTrue(find_in_contents, msg = "openembedded-core should have been listed at this step. bitbake-layers layerindex-show-depends meta-poky output: %s" % result.output)
+
     def test_bitbakelayers_showcrossdepends(self):
         result = runCmd('bitbake-layers show-cross-depends')
         self.assertIn('aspell', result.output)
@@ -41,7 +54,7 @@ class BitbakeLayers(OESelftestTestCase):
         bb_file = os.path.join(testoutdir, recipe_path, recipe_file)
         self.assertTrue(os.path.isfile(bb_file), msg = "Cannot find xcursor-transparent-theme_0.1.1.bb in the test_bitbakelayers_flatten local dir.")
         contents = ftools.read_file(bb_file)
-        find_in_contents = re.search("##### bbappended from meta-selftest #####\n(.*\n)*include test_recipe.inc", contents)
+        find_in_contents = re.search(r"##### bbappended from meta-selftest #####\n(.*\n)*include test_recipe.inc", contents)
         self.assertTrue(find_in_contents, msg = "Flattening layers did not work. bitbake-layers flatten output: %s" % result.output)
 
     def test_bitbakelayers_add_remove(self):
@@ -72,8 +85,9 @@ class BitbakeLayers(OESelftestTestCase):
         result = runCmd('bitbake-layers show-recipes -i image')
         self.assertIn('core-image-minimal', result.output)
         self.assertNotIn('mtd-utils:', result.output)
-        result = runCmd('bitbake-layers show-recipes -i cmake,pkgconfig')
+        result = runCmd('bitbake-layers show-recipes -i meson,pkgconfig')
         self.assertIn('libproxy:', result.output)
+        result = runCmd('bitbake-layers show-recipes -i cmake,pkgconfig')
         self.assertNotIn('mtd-utils:', result.output) # doesn't inherit either
         self.assertNotIn('wget:', result.output) # doesn't inherit cmake
         self.assertNotIn('waffle:', result.output) # doesn't inherit pkgconfig
@@ -106,6 +120,11 @@ class BitbakeLayers(OESelftestTestCase):
 
         self.assertEqual(bb_vars['BBFILE_PRIORITY_%s' % layername], str(priority), 'BBFILE_PRIORITY_%s != %d' % (layername, priority))
 
+        result = runCmd('bitbake-layers save-build-conf {} {}'.format(layerpath, "buildconf-1"))
+        for f in ('local.conf.sample', 'bblayers.conf.sample', 'conf-summary.txt', 'conf-notes.txt'):
+            fullpath = os.path.join(layerpath, "conf", "templates", "buildconf-1", f)
+            self.assertTrue(os.path.exists(fullpath), "Template configuration file {} not found".format(fullpath))
+
     def get_recipe_basename(self, recipe):
         recipe_file = ""
         result = runCmd("bitbake-layers show-recipes -f %s" % recipe)
@@ -116,3 +135,139 @@ class BitbakeLayers(OESelftestTestCase):
 
         self.assertTrue(os.path.isfile(recipe_file), msg = "Can't find recipe file for %s" % recipe)
         return os.path.basename(recipe_file)
+
+    def validate_layersjson(self, json):
+        python = os.path.join(get_bb_var('STAGING_BINDIR', 'python3-jsonschema-native'), 'nativepython3')
+        jsonvalidator = os.path.join(get_bb_var('STAGING_BINDIR', 'python3-jsonschema-native'), 'jsonschema')
+        jsonschema = os.path.join(get_bb_var('COREBASE'), 'meta/files/layers.schema.json')
+        result = runCmd("{} {} -i {} {}".format(python, jsonvalidator, json, jsonschema))
+
+    def test_validate_examplelayersjson(self):
+        json = os.path.join(get_bb_var('COREBASE'), "meta/files/layers.example.json")
+        self.validate_layersjson(json)
+
+    def test_bitbakelayers_setup(self):
+        result = runCmd('bitbake-layers create-layers-setup {}'.format(self.testlayer_path))
+        jsonfile = os.path.join(self.testlayer_path, "setup-layers.json")
+        self.validate_layersjson(jsonfile)
+
+        # The revision-under-test may not necessarily be available on the remote server,
+        # so replace it with a revision that has a yocto-4.1 tag.
+        import json
+        with open(jsonfile) as f:
+            data = json.load(f)
+        for s in data['sources']:
+            data['sources'][s]['git-remote']['rev'] = '5200799866b92259e855051112520006e1aaaac0'
+        with open(jsonfile, 'w') as f:
+            json.dump(data, f)
+
+        testcheckoutdir = os.path.join(self.builddir, 'test-layer-checkout')
+        result = runCmd('{}/setup-layers --destdir {}'.format(self.testlayer_path, testcheckoutdir))
+        layers_json = os.path.join(testcheckoutdir, ".oe-layers.json")
+        self.assertTrue(os.path.exists(layers_json), "File {} not found in test layer checkout".format(layers_json))
+
+        # As setup-layers checkout out an old revision of poky, there is no setup-build symlink,
+        # and we need to run oe-setup-build directly from the current poky tree under test
+        oe_setup_build = os.path.join(get_bb_var('COREBASE'), 'scripts/oe-setup-build')
+        oe_setup_build_l = os.path.join(testcheckoutdir, 'setup-build')
+        os.symlink(oe_setup_build,oe_setup_build_l)
+
+        cmd = '{} --layerlist {} list -v'.format(oe_setup_build_l, layers_json)
+        result = runCmd(cmd)
+        cond = "conf/templates/default" in result.output
+        self.assertTrue(cond, "Incorrect output from {}: {}".format(cmd, result.output))
+
+        # rather than hardcode the build setup cmdline here, let's actually run what the tool suggests to the user
+        conf = None
+        if 'poky-default' in result.output:
+            conf = 'poky-default'
+        elif 'meta-default' in result.output:
+            conf = 'meta-default'
+        self.assertIsNotNone(conf, "Could not find the configuration to set up a build in the output: {}".format(result.output))
+
+        cmd = '{} --layerlist {} setup -c {} --no-shell'.format(oe_setup_build_l, layers_json, conf)
+        result = runCmd(cmd)
+
+    def test_bitbakelayers_updatelayer(self):
+        result = runCmd('bitbake-layers create-layers-setup {}'.format(self.testlayer_path))
+        jsonfile = os.path.join(self.testlayer_path, "setup-layers.json")
+        self.validate_layersjson(jsonfile)
+
+        import json
+        with open(jsonfile) as f:
+            data = json.load(f)
+        repos = []
+        for s in data['sources']:
+            repos.append(s)
+
+        self.assertTrue(len(repos) > 1, "Not enough repositories available")
+        self.validate_layersjson(jsonfile)
+
+        test_ref_1 = 'ref_1'
+        test_ref_2 = 'ref_2'
+
+        # Create a new layers setup using custom references
+        result = runCmd('bitbake-layers create-layers-setup --use-custom-reference {first_repo}:{test_ref} --use-custom-reference {second_repo}:{test_ref} {path}'
+                        .format(first_repo=repos[0], second_repo=repos[1], test_ref=test_ref_1, path=self.testlayer_path))
+        self.validate_layersjson(jsonfile)
+
+        with open(jsonfile) as f:
+            data = json.load(f)
+        first_rev_1 = data['sources'][repos[0]]['git-remote']['rev']
+        first_desc_1 = data['sources'][repos[0]]['git-remote']['describe']
+        second_rev_1 = data['sources'][repos[1]]['git-remote']['rev']
+        second_desc_1 = data['sources'][repos[1]]['git-remote']['describe']
+
+        self.assertEqual(first_rev_1, test_ref_1, "Revision not set correctly: '{}'".format(first_rev_1))
+        self.assertEqual(first_desc_1, '', "Describe not cleared: '{}'".format(first_desc_1))
+        self.assertEqual(second_rev_1, test_ref_1, "Revision not set correctly: '{}'".format(second_rev_1))
+        self.assertEqual(second_desc_1, '', "Describe not cleared: '{}'".format(second_desc_1))
+
+        # Update one of the repositories in the layers setup using a different custom reference
+        # This should only update the selected repository, everything else should remain as is
+        result = runCmd('bitbake-layers create-layers-setup --update --use-custom-reference {first_repo}:{test_ref} {path}'
+                        .format(first_repo=repos[0], test_ref=test_ref_2, path=self.testlayer_path))
+        self.validate_layersjson(jsonfile)
+
+        with open(jsonfile) as f:
+            data = json.load(f)
+        first_rev_2 = data['sources'][repos[0]]['git-remote']['rev']
+        first_desc_2 = data['sources'][repos[0]]['git-remote']['describe']
+        second_rev_2 = data['sources'][repos[1]]['git-remote']['rev']
+        second_desc_2 = data['sources'][repos[1]]['git-remote']['describe']
+
+        self.assertEqual(first_rev_2, test_ref_2, "Revision not set correctly: '{}'".format(first_rev_2))
+        self.assertEqual(first_desc_2, '', "Describe not cleared: '{}'".format(first_desc_2))
+        self.assertEqual(second_rev_2, second_rev_1, "Revision should not be updated: '{}'".format(second_rev_2))
+        self.assertEqual(second_desc_2, second_desc_1, "Describe should not be updated: '{}'".format(second_desc_2))
+
+class BitbakeConfigBuild(OESelftestTestCase):
+    def test_enable_disable_fragments(self):
+        self.assertEqual(get_bb_var('SELFTEST_FRAGMENT_VARIABLE'), None)
+        self.assertEqual(get_bb_var('SELFTEST_FRAGMENT_ANOTHER_VARIABLE'), None)
+
+        runCmd('bitbake-config-build enable-fragment selftest/test-fragment')
+        self.assertEqual(get_bb_var('SELFTEST_FRAGMENT_VARIABLE'), 'somevalue')
+        self.assertEqual(get_bb_var('SELFTEST_FRAGMENT_ANOTHER_VARIABLE'), None)
+
+        runCmd('bitbake-config-build enable-fragment selftest/more-fragments-here/test-another-fragment')
+        self.assertEqual(get_bb_var('SELFTEST_FRAGMENT_VARIABLE'), 'somevalue')
+        self.assertEqual(get_bb_var('SELFTEST_FRAGMENT_ANOTHER_VARIABLE'), 'someothervalue')
+
+        fragment_metadata_command = "bitbake-getvar -f {} --value {}"
+        result = runCmd(fragment_metadata_command.format("selftest/test-fragment", "BB_CONF_FRAGMENT_SUMMARY"))
+        self.assertIn("This is a configuration fragment intended for testing in oe-selftest context", result.output)
+        result = runCmd(fragment_metadata_command.format("selftest/test-fragment", "BB_CONF_FRAGMENT_DESCRIPTION"))
+        self.assertIn("It defines a variable that can be checked inside the test.", result.output)
+        result = runCmd(fragment_metadata_command.format("selftest/more-fragments-here/test-another-fragment", "BB_CONF_FRAGMENT_SUMMARY"))
+        self.assertIn("This is a second configuration fragment intended for testing in oe-selftest context", result.output)
+        result = runCmd(fragment_metadata_command.format("selftest/more-fragments-here/test-another-fragment", "BB_CONF_FRAGMENT_DESCRIPTION"))
+        self.assertIn("It defines another variable that can be checked inside the test.", result.output)
+
+        runCmd('bitbake-config-build disable-fragment selftest/test-fragment')
+        self.assertEqual(get_bb_var('SELFTEST_FRAGMENT_VARIABLE'), None)
+        self.assertEqual(get_bb_var('SELFTEST_FRAGMENT_ANOTHER_VARIABLE'), 'someothervalue')
+
+        runCmd('bitbake-config-build disable-fragment selftest/more-fragments-here/test-another-fragment')
+        self.assertEqual(get_bb_var('SELFTEST_FRAGMENT_VARIABLE'), None)
+        self.assertEqual(get_bb_var('SELFTEST_FRAGMENT_ANOTHER_VARIABLE'), None)
diff --git a/meta/lib/oeqa/selftest/cases/bblock.py b/meta/lib/oeqa/selftest/cases/bblock.py
new file mode 100644
index 0000000000..2b62d2a0aa
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/bblock.py
@@ -0,0 +1,203 @@
+#
+# Copyright (c) 2023 BayLibre, SAS
+# Author: Julien Stepahn <jstephan@baylibre.com>
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+
+import os
+import re
+import bb.tinfoil
+
+import oeqa.utils.ftools as ftools
+from oeqa.utils.commands import runCmd, get_bb_var, get_bb_vars, bitbake
+
+from oeqa.selftest.case import OESelftestTestCase
+
+
+class BBLock(OESelftestTestCase):
+    @classmethod
+    def setUpClass(cls):
+        super(BBLock, cls).setUpClass()
+        cls.lockfile = cls.builddir + "/conf/bblock.conf"
+
+    def unlock_recipes(self, recipes=None, tasks=None):
+        cmd = "bblock -r "
+        if recipes:
+            cmd += " ".join(recipes)
+        if tasks:
+            cmd += " -t " + ",".join(tasks)
+        result = runCmd(cmd)
+
+        if recipes:
+            # ensure all signatures are removed from lockfile
+            contents = ftools.read_file(self.lockfile)
+            for recipe in recipes:
+                for task in tasks:
+                    find_in_contents = re.search(
+                        'SIGGEN_LOCKEDSIGS_.+\s\+=\s"%s:%s:.*"' % (recipe, task),
+                        contents,
+                    )
+                    self.assertFalse(
+                        find_in_contents,
+                        msg="%s:%s should not be present into bblock.conf anymore"
+                        % (recipe, task),
+                    )
+                self.assertExists(self.lockfile)
+        else:
+            self.assertNotExists(self.lockfile)
+
+    def lock_recipes(self, recipes, tasks=None):
+        cmd = "bblock " + " ".join(recipes)
+        if tasks:
+            cmd += " -t " + ",".join(tasks)
+
+        result = runCmd(cmd)
+
+        self.assertExists(self.lockfile)
+
+        # ensure all signatures are added to lockfile
+        contents = ftools.read_file(self.lockfile)
+        for recipe in recipes:
+            if tasks:
+                for task in tasks:
+                    find_in_contents = re.search(
+                        'SIGGEN_LOCKEDSIGS_.+\s\+=\s"%s:%s:.*"' % (recipe, task),
+                        contents,
+                    )
+                    self.assertTrue(
+                        find_in_contents,
+                        msg="%s:%s was not added into bblock.conf. bblock output: %s"
+                        % (recipe, task, result.output),
+                    )
+
+    def modify_tasks(self, recipes, tasks):
+        task_append = ""
+        for recipe in recipes:
+            bb_vars = get_bb_vars(["PV"], recipe)
+            recipe_pv = bb_vars["PV"]
+            recipe_append_file = recipe + "_" + recipe_pv + ".bbappend"
+
+            os.mkdir(os.path.join(self.testlayer_path, "recipes-test", recipe))
+            recipe_append_path = os.path.join(
+                self.testlayer_path, "recipes-test", recipe, recipe_append_file
+            )
+
+            for task in tasks:
+                task_append += "%s:append() {\n#modify task hash \n}\n" % task
+            ftools.write_file(recipe_append_path, task_append)
+            self.add_command_to_tearDown(
+                "rm -rf %s" % os.path.join(self.testlayer_path, "recipes-test", recipe)
+            )
+
+    def test_lock_single_recipe_single_task(self):
+        recipes = ["quilt"]
+        tasks = ["do_compile"]
+        self._run_test(recipes, tasks)
+
+    def test_lock_single_recipe_multiple_tasks(self):
+        recipes = ["quilt"]
+        tasks = ["do_compile", "do_install"]
+        self._run_test(recipes, tasks)
+
+    def test_lock_single_recipe_all_tasks(self):
+        recipes = ["quilt"]
+        self._run_test(recipes, None)
+
+    def test_lock_multiple_recipe_single_task(self):
+        recipes = ["quilt", "bc"]
+        tasks = ["do_compile"]
+        self._run_test(recipes, tasks)
+
+    def test_lock_architecture_specific(self):
+        # unlock all recipes and ensure no bblock.conf file exist
+        self.unlock_recipes()
+
+        recipes = ["quilt"]
+        tasks = ["do_compile"]
+
+        # lock quilt's do_compile task for another machine
+        if self.td["MACHINE"] == "qemux86-64":
+            machine = "qemuarm"
+        else:
+            machine = "qemux86-64"
+
+        self.write_config('MACHINE = "%s"\n' % machine)
+
+        self.lock_recipes(recipes, tasks)
+
+        self.write_config('MACHINE = "%s"\n' % self.td["MACHINE"])
+        # modify quilt's do_compile task
+        self.modify_tasks(recipes, tasks)
+
+        # build quilt using the default machine
+        # No Note/Warning should be emitted since sig is locked for another machine
+        # (quilt package is architecture dependant)
+        info_message = "NOTE: The following recipes have locked tasks: " + recipes[0]
+        warn_message = "The %s:%s sig is computed to be" % (recipes[0], tasks[0])
+        result = bitbake(recipes[0] + " -n")
+        self.assertNotIn(info_message, result.output)
+        self.assertNotIn(warn_message, result.output)
+
+        # unlock all recipes
+        self.unlock_recipes()
+
+    def _run_test(self, recipes, tasks=None):
+        # unlock all recipes and ensure no bblock.conf file exist
+        self.unlock_recipes()
+
+        self.write_config('BB_SIGNATURE_HANDLER = "OEBasicHash"')
+
+        # lock tasks for recipes
+        result = self.lock_recipes(recipes, tasks)
+
+        if not tasks:
+            tasks = []
+            result = bitbake("-c listtasks " + recipes[0])
+            with bb.tinfoil.Tinfoil() as tinfoil:
+                tinfoil.prepare(config_only=False, quiet=2)
+                d = tinfoil.parse_recipe(recipes[0])
+
+                for line in result.output.splitlines():
+                    if line.startswith("do_"):
+                        task = line.split()[0]
+                        if "setscene" in task:
+                            continue
+                        if d.getVarFlag(task, "nostamp"):
+                            continue
+                        tasks.append(task)
+
+        # build recipes. At this stage we should have a Note about recipes
+        # having locked task's sig, but no warning since sig still match
+        info_message = "NOTE: The following recipes have locked tasks: " + " ".join(
+            recipes
+        )
+        for recipe in recipes:
+            result = bitbake(recipe + " -n")
+            self.assertIn(info_message, result.output)
+            for task in tasks:
+                warn_message = "The %s:%s sig is computed to be" % (recipe, task)
+                self.assertNotIn(warn_message, result.output)
+
+        # modify all tasks that are locked to trigger a sig change then build the recipes
+        # at this stage we should have a Note as before, but also a Warning for all
+        # locked tasks indicating the sig mismatch
+        self.modify_tasks(recipes, tasks)
+        for recipe in recipes:
+            result = bitbake(recipe + " -n")
+            self.assertIn(info_message, result.output)
+            for task in tasks:
+                warn_message = "The %s:%s sig is computed to be" % (recipe, task)
+                self.assertIn(warn_message, result.output)
+
+        # unlock all tasks and rebuild, no more Note/Warning should remain
+        self.unlock_recipes(recipes, tasks)
+        for recipe in recipes:
+            result = bitbake(recipe + " -n")
+            self.assertNotIn(info_message, result.output)
+            for task in tasks:
+                warn_message = "The %s:%s sig is computed to be" % (recipe, task)
+                self.assertNotIn(warn_message, result.output)
+
+        # unlock all recipes
+        self.unlock_recipes()
diff --git a/meta/lib/oeqa/selftest/cases/bblogging.py b/meta/lib/oeqa/selftest/cases/bblogging.py
new file mode 100644
index 0000000000..040c6db089
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/bblogging.py
@@ -0,0 +1,182 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+
+from oeqa.selftest.case import OESelftestTestCase
+from oeqa.utils.commands import bitbake
+
+class BitBakeLogging(OESelftestTestCase):
+
+    def assertCount(self, item, entry, count):
+        self.assertEqual(item.count(entry), count, msg="Output:\n'''\n%s\n'''\ndoesn't contain %d copies of:\n'''\n%s\n'''\n" % (item, count, entry))
+
+    def test_shell_loggingA(self):
+        # no logs, no verbose
+        self.write_config('BBINCLUDELOGS = ""')
+        result = bitbake("logging-test -c shelltest -f", ignore_status = True)
+        self.assertIn("ERROR: Logfile of failure stored in:", result.output)
+        self.assertNotIn("This is shell stdout", result.output)
+        self.assertNotIn("This is shell stderr", result.output)
+
+    def test_shell_loggingB(self):
+        # logs, no verbose
+        self.write_config('BBINCLUDELOGS = "yes"')
+        result = bitbake("logging-test -c shelltest -f", ignore_status = True)
+        self.assertIn("ERROR: Logfile of failure stored in:", result.output)
+        self.assertCount(result.output, "This is shell stdout", 1)
+        self.assertCount(result.output, "This is shell stderr", 1)
+
+    def test_shell_loggingC(self):
+        # no logs, verbose
+        self.write_config('BBINCLUDELOGS = ""')
+        result = bitbake("logging-test -c shelltest -f -v", ignore_status = True)
+        self.assertIn("ERROR: Logfile of failure stored in:", result.output)
+        # two copies due to set +x
+        self.assertCount(result.output, "This is shell stdout", 2)
+        self.assertCount(result.output, "This is shell stderr", 2)
+
+    def test_shell_loggingD(self):
+        # logs, verbose
+        self.write_config('BBINCLUDELOGS = "yes"')
+        result = bitbake("logging-test -c shelltest -f -v", ignore_status = True)
+        self.assertIn("ERROR: Logfile of failure stored in:", result.output)
+        # two copies due to set +x
+        self.assertCount(result.output, "This is shell stdout", 2)
+        self.assertCount(result.output, "This is shell stderr", 2)
+
+    def test_python_exec_func_shell_loggingA(self):
+        # no logs, no verbose
+        self.write_config('BBINCLUDELOGS = ""')
+        result = bitbake("logging-test -c pythontest_exec_func_shell -f",
+                         ignore_status = True)
+        self.assertIn("ERROR: Logfile of failure stored in:", result.output)
+        self.assertNotIn("This is shell stdout", result.output)
+        self.assertNotIn("This is shell stderr", result.output)
+
+    def test_python_exec_func_shell_loggingB(self):
+        # logs, no verbose
+        self.write_config('BBINCLUDELOGS = "yes"')
+        result = bitbake("logging-test -c pythontest_exec_func_shell -f",
+                         ignore_status = True)
+        self.assertIn("ERROR: Logfile of failure stored in:", result.output)
+        self.assertCount(result.output, "This is shell stdout", 1)
+        self.assertCount(result.output, "This is shell stderr", 1)
+
+    def test_python_exec_func_shell_loggingC(self):
+        # no logs, verbose
+        self.write_config('BBINCLUDELOGS = ""')
+        result = bitbake("logging-test -c pythontest_exec_func_shell -f -v",
+                         ignore_status = True)
+        self.assertIn("ERROR: Logfile of failure stored in:", result.output)
+        # two copies due to set +x
+        self.assertCount(result.output, "This is shell stdout", 2)
+        self.assertCount(result.output, "This is shell stderr", 2)
+
+    def test_python_exec_func_shell_loggingD(self):
+        # logs, verbose
+        self.write_config('BBINCLUDELOGS = "yes"')
+        result = bitbake("logging-test -c pythontest_exec_func_shell -f -v",
+                         ignore_status = True)
+        self.assertIn("ERROR: Logfile of failure stored in:", result.output)
+        # two copies due to set +x
+        self.assertCount(result.output, "This is shell stdout", 2)
+        self.assertCount(result.output, "This is shell stderr", 2)
+
+    def test_python_exit_loggingA(self):
+        # no logs, no verbose
+        self.write_config('BBINCLUDELOGS = ""')
+        result = bitbake("logging-test -c pythontest_exit -f", ignore_status = True)
+        self.assertIn("ERROR: Logfile of failure stored in:", result.output)
+        self.assertNotIn("This is python stdout", result.output)
+
+    def test_python_exit_loggingB(self):
+        # logs, no verbose
+        self.write_config('BBINCLUDELOGS = "yes"')
+        result = bitbake("logging-test -c pythontest_exit -f", ignore_status = True)
+        self.assertIn("ERROR: Logfile of failure stored in:", result.output)
+        # A sys.exit() should include the output
+        self.assertCount(result.output, "This is python stdout", 1)
+
+    def test_python_exit_loggingC(self):
+        # no logs, verbose
+        self.write_config('BBINCLUDELOGS = ""')
+        result = bitbake("logging-test -c pythontest_exit -f -v", ignore_status = True)
+        self.assertIn("ERROR: Logfile of failure stored in:", result.output)
+        self.assertCount(result.output, "This is python stdout", 1)
+
+    def test_python_exit_loggingD(self):
+        # logs, verbose
+        self.write_config('BBINCLUDELOGS = "yes"')
+        result = bitbake("logging-test -c pythontest_exit -f -v", ignore_status = True)
+        self.assertIn("ERROR: Logfile of failure stored in:", result.output)
+        self.assertCount(result.output, "This is python stdout", 1)
+
+    def test_python_exec_func_python_loggingA(self):
+        # no logs, no verbose
+        self.write_config('BBINCLUDELOGS = ""')
+        result = bitbake("logging-test -c pythontest_exec_func_python -f",
+                         ignore_status = True)
+        self.assertIn("ERROR: Logfile of failure stored in:", result.output)
+        self.assertNotIn("This is python stdout", result.output)
+
+    def test_python_exec_func_python_loggingB(self):
+        # logs, no verbose
+        self.write_config('BBINCLUDELOGS = "yes"')
+        result = bitbake("logging-test -c pythontest_exec_func_python -f",
+                         ignore_status = True)
+        self.assertIn("ERROR: Logfile of failure stored in:", result.output)
+        # A sys.exit() should include the output
+        self.assertCount(result.output, "This is python stdout", 1)
+
+    def test_python_exec_func_python_loggingC(self):
+        # no logs, verbose
+        self.write_config('BBINCLUDELOGS = ""')
+        result = bitbake("logging-test -c pythontest_exec_func_python -f -v",
+                         ignore_status = True)
+        self.assertIn("ERROR: Logfile of failure stored in:", result.output)
+        self.assertCount(result.output, "This is python stdout", 1)
+
+    def test_python_exec_func_python_loggingD(self):
+        # logs, verbose
+        self.write_config('BBINCLUDELOGS = "yes"')
+        result = bitbake("logging-test -c pythontest_exec_func_python -f -v",
+                         ignore_status = True)
+        self.assertIn("ERROR: Logfile of failure stored in:", result.output)
+        self.assertCount(result.output, "This is python stdout", 1)
+
+    def test_python_fatal_loggingA(self):
+        # no logs, no verbose
+        self.write_config('BBINCLUDELOGS = ""')
+        result = bitbake("logging-test -c pythontest_fatal -f", ignore_status = True)
+        self.assertIn("ERROR: Logfile of failure stored in:", result.output)
+        self.assertNotIn("This is python fatal test stdout", result.output)
+        self.assertCount(result.output, "This is a fatal error", 1)
+
+    def test_python_fatal_loggingB(self):
+        # logs, no verbose
+        self.write_config('BBINCLUDELOGS = "yes"')
+        result = bitbake("logging-test -c pythontest_fatal -f", ignore_status = True)
+        self.assertIn("ERROR: Logfile of failure stored in:", result.output)
+        # A bb.fatal() should not include the output
+        self.assertNotIn("This is python fatal test stdout", result.output)
+        self.assertCount(result.output, "This is a fatal error", 1)
+
+    def test_python_fatal_loggingC(self):
+        # no logs, verbose
+        self.write_config('BBINCLUDELOGS = ""')
+        result = bitbake("logging-test -c pythontest_fatal -f -v", ignore_status = True)
+        self.assertIn("ERROR: Logfile of failure stored in:", result.output)
+        self.assertCount(result.output, "This is python fatal test stdout", 1)
+        self.assertCount(result.output, "This is a fatal error", 1)
+
+    def test_python_fatal_loggingD(self):
+        # logs, verbose
+        self.write_config('BBINCLUDELOGS = "yes"')
+        result = bitbake("logging-test -c pythontest_fatal -f -v", ignore_status = True)
+        self.assertIn("ERROR: Logfile of failure stored in:", result.output)
+        self.assertCount(result.output, "This is python fatal test stdout", 1)
+        self.assertCount(result.output, "This is a fatal error", 1)
+
diff --git a/meta/lib/oeqa/selftest/cases/bbtests.py b/meta/lib/oeqa/selftest/cases/bbtests.py
index 79390acc0d..51934ef70d 100644
--- a/meta/lib/oeqa/selftest/cases/bbtests.py
+++ b/meta/lib/oeqa/selftest/cases/bbtests.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -39,7 +41,7 @@ class BitbakeTests(OESelftestTestCase):
 
     def test_event_handler(self):
         self.write_config("INHERIT += \"test_events\"")
-        result = bitbake('m4-native')
+        result = bitbake('selftest-hello-native')
         find_build_started = re.search(r"NOTE: Test for bb\.event\.BuildStarted(\n.*)*NOTE: Executing.*Tasks", result.output)
         find_build_completed = re.search(r"Tasks Summary:.*(\n.*)*NOTE: Test for bb\.event\.BuildCompleted", result.output)
         self.assertTrue(find_build_started, msg = "Match failed in:\n%s"  % result.output)
@@ -47,11 +49,11 @@ class BitbakeTests(OESelftestTestCase):
         self.assertNotIn('Test for bb.event.InvalidEvent', result.output)
 
     def test_local_sstate(self):
-        bitbake('m4-native')
-        bitbake('m4-native -cclean')
-        result = bitbake('m4-native')
-        find_setscene = re.search("m4-native.*do_.*_setscene", result.output)
-        self.assertTrue(find_setscene, msg = "No \"m4-native.*do_.*_setscene\" message found during bitbake m4-native. bitbake output: %s" % result.output )
+        bitbake('selftest-hello-native')
+        bitbake('selftest-hello-native -cclean')
+        result = bitbake('selftest-hello-native')
+        find_setscene = re.search("selftest-hello-native.*do_.*_setscene", result.output)
+        self.assertTrue(find_setscene, msg = "No \"selftest-hello-native.*do_.*_setscene\" message found during bitbake selftest-hello-native. bitbake output: %s" % result.output )
 
     def test_bitbake_invalid_recipe(self):
         result = bitbake('-b asdf', ignore_status=True)
@@ -63,15 +65,15 @@ class BitbakeTests(OESelftestTestCase):
 
     def test_warnings_errors(self):
         result = bitbake('-b asdf', ignore_status=True)
-        find_warnings = re.search("Summary: There w.{2,3}? [1-9][0-9]* WARNING messages* shown", result.output)
-        find_errors = re.search("Summary: There w.{2,3}? [1-9][0-9]* ERROR messages* shown", result.output)
+        find_warnings = re.search("Summary: There w.{2,3}? [1-9][0-9]* WARNING messages*", result.output)
+        find_errors = re.search("Summary: There w.{2,3}? [1-9][0-9]* ERROR messages*", result.output)
         self.assertTrue(find_warnings, msg="Did not find the mumber of warnings at the end of the build:\n" + result.output)
         self.assertTrue(find_errors, msg="Did not find the mumber of errors at the end of the build:\n" + result.output)
 
     def test_invalid_patch(self):
         # This patch should fail to apply.
-        self.write_recipeinc('man-db', 'FILESEXTRAPATHS_prepend := "${THISDIR}/files:"\nSRC_URI += "file://0001-Test-patch-here.patch"')
-        self.write_config("INHERIT_remove = \"report-error\"")
+        self.write_recipeinc('man-db', 'FILESEXTRAPATHS:prepend := "${THISDIR}/files:"\nSRC_URI += "file://0001-Test-patch-here.patch"')
+        self.write_config("INHERIT:remove = \"report-error\"")
         result = bitbake('man-db -c patch', ignore_status=True)
         self.delete_recipeinc('man-db')
         bitbake('-cclean man-db')
@@ -83,8 +85,10 @@ class BitbakeTests(OESelftestTestCase):
 
     def test_force_task_1(self):
         # test 1 from bug 5875
+        import uuid
         test_recipe = 'zlib'
-        test_data = "Microsoft Made No Profit From Anyone's Zunes Yo"
+        # Need to use uuid otherwise hash equivlance would change the workflow
+        test_data = "Microsoft Made No Profit From Anyone's Zunes Yo %s" % uuid.uuid1()
         bb_vars = get_bb_vars(['D', 'PKGDEST', 'mandir'], test_recipe)
         image_dir = bb_vars['D']
         pkgsplit_dir = bb_vars['PKGDEST']
@@ -139,19 +143,14 @@ class BitbakeTests(OESelftestTestCase):
         self.write_recipeinc('man-db', data)
         self.write_config("""DL_DIR = \"${TOPDIR}/download-selftest\"
 SSTATE_DIR = \"${TOPDIR}/download-selftest\"
-INHERIT_remove = \"report-error\"
+INHERIT:remove = \"report-error\"
 """)
         self.track_for_cleanup(os.path.join(self.builddir, "download-selftest"))
 
-        bitbake('-ccleanall man-db')
         result = bitbake('-c fetch man-db', ignore_status=True)
-        bitbake('-ccleanall man-db')
         self.delete_recipeinc('man-db')
         self.assertEqual(result.status, 1, msg="Command succeded when it should have failed. bitbake output: %s" % result.output)
-        self.assertIn('Fetcher failure: Unable to find file file://invalid anywhere. The paths that were searched were:', result.output)
-        line = self.getline(result, 'Fetcher failure for URL: \'file://invalid\'. Unable to fetch URL from any source.')
-        self.assertTrue(line and line.startswith("ERROR:"), msg = "\"invalid\" file \
-doesn't exist, yet fetcher didn't report any error. bitbake output: %s" % result.output)
+        self.assertIn('Unable to get checksum for man-db SRC_URI entry invalid: file could not be found', result.output)
 
     def test_rename_downloaded_file(self):
         # TODO unique dldir instead of using cleanall
@@ -161,7 +160,7 @@ SSTATE_DIR = \"${TOPDIR}/download-selftest\"
 """)
         self.track_for_cleanup(os.path.join(self.builddir, "download-selftest"))
 
-        data = 'SRC_URI = "${GNU_MIRROR}/aspell/aspell-${PV}.tar.gz;downloadfilename=test-aspell.tar.gz"'
+        data = 'SRC_URI = "https://downloads.yoctoproject.org/mirror/sources/aspell-${PV}.tar.gz;downloadfilename=test-aspell.tar.gz"'
         self.write_recipeinc('aspell', data)
         result = bitbake('-f -c fetch aspell', ignore_status=True)
         self.delete_recipeinc('aspell')
@@ -176,7 +175,7 @@ SSTATE_DIR = \"${TOPDIR}/download-selftest\"
         self.assertIn('localconf', result.output)
 
     def test_dry_run(self):
-        result = runCmd('bitbake -n m4-native')
+        result = runCmd('bitbake -n selftest-hello-native')
         self.assertEqual(0, result.status, "bitbake dry run didn't run as expected. %s" % result.output)
 
     def test_just_parse(self):
@@ -189,6 +188,10 @@ SSTATE_DIR = \"${TOPDIR}/download-selftest\"
         self.assertTrue(find, "No version returned for searched recipe. bitbake output: %s" % result.output)
 
     def test_prefile(self):
+        # Test when the prefile does not exist
+        result = runCmd('bitbake -r conf/prefile.conf', ignore_status=True)
+        self.assertEqual(1, result.status, "bitbake didn't error and should have when a specified prefile didn't exist: %s" % result.output)
+        # Test when the prefile exists
         preconf = os.path.join(self.builddir, 'conf/prefile.conf')
         self.track_for_cleanup(preconf)
         ftools.write_file(preconf ,"TEST_PREFILE=\"prefile\"")
@@ -199,6 +202,10 @@ SSTATE_DIR = \"${TOPDIR}/download-selftest\"
         self.assertIn('localconf', result.output)
 
     def test_postfile(self):
+        # Test when the postfile does not exist
+        result = runCmd('bitbake -R conf/postfile.conf', ignore_status=True)
+        self.assertEqual(1, result.status, "bitbake didn't error and should have when a specified postfile didn't exist: %s" % result.output)
+        # Test when the postfile exists
         postconf = os.path.join(self.builddir, 'conf/postfile.conf')
         self.track_for_cleanup(postconf)
         ftools.write_file(postconf , "TEST_POSTFILE=\"postfile\"")
@@ -213,7 +220,7 @@ SSTATE_DIR = \"${TOPDIR}/download-selftest\"
     def test_continue(self):
         self.write_config("""DL_DIR = \"${TOPDIR}/download-selftest\"
 SSTATE_DIR = \"${TOPDIR}/download-selftest\"
-INHERIT_remove = \"report-error\"
+INHERIT:remove = \"report-error\"
 """)
         self.track_for_cleanup(os.path.join(self.builddir, "download-selftest"))
         self.write_recipeinc('man-db',"\ndo_fail_task () {\nexit 1 \n}\n\naddtask do_fail_task before do_fetch\n" )
@@ -225,16 +232,22 @@ INHERIT_remove = \"report-error\"
         self.assertLess(errorpos,continuepos, msg = "bitbake didn't pass do_fail_task. bitbake output: %s" % result.output)
 
     def test_non_gplv3(self):
-        self.write_config('INCOMPATIBLE_LICENSE = "GPLv3"')
+        self.write_config('''INCOMPATIBLE_LICENSE = "GPL-3.0-or-later"
+OVERRIDES .= ":gplv3test"
+require conf/distro/include/no-gplv3.inc
+''')
         result = bitbake('selftest-ed', ignore_status=True)
         self.assertEqual(result.status, 0, "Bitbake failed, exit code %s, output %s" % (result.status, result.output))
         lic_dir = get_bb_var('LICENSE_DIRECTORY')
-        self.assertFalse(os.path.isfile(os.path.join(lic_dir, 'selftest-ed/generic_GPLv3')))
-        self.assertTrue(os.path.isfile(os.path.join(lic_dir, 'selftest-ed/generic_GPLv2')))
+        arch = get_bb_var('SSTATE_PKGARCH')
+        filename = os.path.join(lic_dir, arch, 'selftest-ed', 'generic_GPL-3.0-or-later')
+        self.assertFalse(os.path.isfile(filename), msg="License file %s exists and shouldn't" % filename)
+        filename = os.path.join(lic_dir, arch, 'selftest-ed', 'generic_GPL-2.0-only')
+        self.assertTrue(os.path.isfile(filename), msg="License file %s doesn't exist" % filename)
 
     def test_setscene_only(self):
         """ Bitbake option to restore from sstate only within a build (i.e. execute no real tasks, only setscene)"""
-        test_recipe = 'ed'
+        test_recipe = 'selftest-hello-native'
 
         bitbake(test_recipe)
         bitbake('-c clean %s' % test_recipe)
@@ -247,7 +260,7 @@ INHERIT_remove = \"report-error\"
                                              'Executed tasks were: %s' % (task, str(tasks)))
 
     def test_skip_setscene(self):
-        test_recipe = 'ed'
+        test_recipe = 'selftest-hello-native'
 
         bitbake(test_recipe)
         bitbake('-c clean %s' % test_recipe)
@@ -298,3 +311,86 @@ INHERIT_remove = \"report-error\"
 
         test_recipe_summary_after = get_bb_var('SUMMARY', test_recipe)
         self.assertEqual(expected_recipe_summary, test_recipe_summary_after)
+
+    def test_git_patchtool(self):
+        """ PATCHTOOL=git should work with non-git sources like tarballs
+            test recipe for the test must NOT containt git:// repository in SRC_URI
+        """
+        test_recipe = "man-db"
+        self.write_recipeinc(test_recipe, 'PATCHTOOL=\"git\"')
+        src = get_bb_var("SRC_URI",test_recipe)
+        gitscm = re.search("git://", src)
+        self.assertFalse(gitscm, "test_git_patchtool pre-condition failed: {} test recipe contains git repo!".format(test_recipe))
+        result = bitbake('{} -c patch'.format(test_recipe), ignore_status=False)
+        fatal = re.search("fatal: not a git repository (or any of the parent directories)", result.output)
+        self.assertFalse(fatal, "Failed to patch using PATCHTOOL=\"git\"")
+        self.delete_recipeinc(test_recipe)
+        bitbake('-cclean {}'.format(test_recipe))
+
+    def test_git_patchtool2(self):
+        """ Test if PATCHTOOL=git works with git repo and doesn't reinitialize it
+        """
+        test_recipe = "gitrepotest"
+        src = get_bb_var("SRC_URI",test_recipe)
+        gitscm = re.search("git://", src)
+        self.assertTrue(gitscm, "test_git_patchtool pre-condition failed: {} test recipe doesn't contains git repo!".format(test_recipe))
+        result = bitbake('{} -c patch'.format(test_recipe), ignore_status=False)
+        srcdir = get_bb_var('S', test_recipe)
+        result = runCmd("git log", cwd = srcdir)
+        self.assertFalse("bitbake_patching_started" in result.output, msg = "Repository has been reinitialized. {}".format(srcdir))
+        self.delete_recipeinc(test_recipe)
+        bitbake('-cclean {}'.format(test_recipe))
+
+
+    def test_git_unpack_nonetwork(self):
+        """
+        Test that a recipe with a floating tag that needs to be resolved upstream doesn't
+        access the network in a patch task run in a separate builld invocation
+        """
+
+        # Enable the recipe to float using a distro override
+        self.write_config("DISTROOVERRIDES .= \":gitunpack-enable-recipe\"")
+
+        bitbake('gitunpackoffline -c fetch')
+        bitbake('gitunpackoffline -c patch')
+
+    def test_git_unpack_nonetwork_fail(self):
+        """
+        Test that a recipe with a floating tag which doesn't call get_srcrev() in the fetcher
+        raises an error when the fetcher is called.
+        """
+
+        # Enable the recipe to float using a distro override
+        self.write_config("DISTROOVERRIDES .= \":gitunpack-enable-recipe\"")
+
+        result = bitbake('gitunpackoffline-fail -c fetch', ignore_status=True)
+        self.assertTrue(re.search("Recipe uses a floating tag/branch .* for repo .* without a fixed SRCREV yet doesn't call bb.fetch2.get_srcrev()", result.output), msg = "Recipe without PV set to SRCPV should have failed: %s" % result.output)
+
+    def test_unexpanded_variable_in_path(self):
+        """
+            Test that bitbake fails if directory contains unexpanded bitbake variable in the name
+        """
+        recipe_name = "gitunpackoffline"
+        self.write_config('PV:pn-gitunpackoffline:append = "+${UNDEFVAL}"')
+        result = bitbake('{}'.format(recipe_name), ignore_status=True)
+        self.assertGreater(result.status, 0, "Build should have failed if ${ is in the path")
+        self.assertTrue(re.search("ERROR: Directory name /.* contains unexpanded bitbake variable. This may cause build failures and WORKDIR polution",
+                                  result.output), msg = "mkdirhier with unexpanded variable should have failed: %s" % result.output)
+
+    def test_bb_env_bb_getvar_equality(self):
+        """ Test if "bitbake -e" output is identical to "bitbake-getvar" output for a variable set from an anonymous function
+        """
+        self.write_config('''INHERIT += "test_anon_func"
+TEST_SET_FROM_ANON_FUNC ?= ""''')
+
+        result_bb_e = runCmd('bitbake -e')
+        bb_e_var_match = re.search('^TEST_SET_FROM_ANON_FUNC="(?P<value>.*)"$', result_bb_e.output, re.MULTILINE)
+        self.assertTrue(bb_e_var_match, msg = "Can't find TEST_SET_FROM_ANON_FUNC value in \"bitbake -e\" output")
+        bb_e_var_value = bb_e_var_match.group("value")
+
+        result_bb_getvar = runCmd('bitbake-getvar TEST_SET_FROM_ANON_FUNC --value')
+        bb_getvar_var_value = result_bb_getvar.output.strip()
+        self.assertEqual(bb_e_var_value, bb_getvar_var_value,
+                         msg='''"bitbake -e" output differs from bitbake-getvar output for TEST_SET_FROM_ANON_FUNC (set from anonymous function)
+bitbake -e: "%s"
+bitbake-getvar: "%s"''' % (bb_e_var_value, bb_getvar_var_value))
diff --git a/meta/lib/oeqa/selftest/cases/binutils.py b/meta/lib/oeqa/selftest/cases/binutils.py
index 821f52f5a8..5ff263d342 100644
--- a/meta/lib/oeqa/selftest/cases/binutils.py
+++ b/meta/lib/oeqa/selftest/cases/binutils.py
@@ -1,12 +1,14 @@
+#
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
+#
 import os
-import sys
-import re
-import logging
+import time
 from oeqa.core.decorator import OETestTag
 from oeqa.core.case import OEPTestResultTestCase
 from oeqa.selftest.case import OESelftestTestCase
-from oeqa.utils.commands import bitbake, get_bb_var, get_bb_vars
+from oeqa.utils.commands import bitbake, get_bb_vars
 
 def parse_values(content):
     for i in content:
@@ -31,19 +33,23 @@ class BinutilsCrossSelfTest(OESelftestTestCase, OEPTestResultTestCase):
         features.append('CHECK_TARGETS = "{0}"'.format(suite))
         self.write_config("\n".join(features))
 
-        recipe = "binutils-cross-testsuite"
+        recipe = "binutils-testsuite"
         bb_vars = get_bb_vars(["B", "TARGET_SYS", "T"], recipe)
         builddir, target_sys, tdir = bb_vars["B"], bb_vars["TARGET_SYS"], bb_vars["T"]
 
+        start_time = time.time()
+
         bitbake("{0} -c check".format(recipe))
 
+        end_time = time.time()
+
         sumspath = os.path.join(builddir, suite, "{0}.sum".format(suite))
         if not os.path.exists(sumspath):
             sumspath = os.path.join(builddir, suite, "testsuite", "{0}.sum".format(suite))
         logpath = os.path.splitext(sumspath)[0] + ".log"
 
         ptestsuite = "binutils-{}".format(suite) if suite != "binutils" else suite
-        self.ptest_section(ptestsuite, logfile = logpath)
+        self.ptest_section(ptestsuite, duration = int(end_time - start_time), logfile = logpath)
         with open(sumspath, "r") as f:
             for test, result in parse_values(f):
                 self.ptest_result(ptestsuite, test, result)
diff --git a/meta/lib/oeqa/selftest/cases/buildhistory.py b/meta/lib/oeqa/selftest/cases/buildhistory.py
index d865da6252..511c666554 100644
--- a/meta/lib/oeqa/selftest/cases/buildhistory.py
+++ b/meta/lib/oeqa/selftest/cases/buildhistory.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -7,10 +9,10 @@ import re
 import datetime
 
 from oeqa.selftest.case import OESelftestTestCase
-from oeqa.utils.commands import bitbake, get_bb_vars
+from oeqa.utils.commands import bitbake, get_bb_vars, get_bb_var, runCmd
 
 
-class BuildhistoryBase(OESelftestTestCase):
+class BuildhistoryTests(OESelftestTestCase):
 
     def config_buildhistory(self, tmp_bh_location=False):
         bb_vars = get_bb_vars(['USER_CLASSES', 'INHERIT'])
@@ -46,5 +48,58 @@ class BuildhistoryBase(OESelftestTestCase):
         else:
             self.assertEqual(result.status, 0, msg="Command 'bitbake %s' has failed unexpectedly: %s" % (target, result.output))
 
-    # No tests should be added to the base class.
-    # Please create a new class that inherit this one, or use one of those already available for adding tests.
+
+    def test_buildhistory_basic(self):
+        self.run_buildhistory_operation('xcursor-transparent-theme')
+        self.assertTrue(os.path.isdir(get_bb_var('BUILDHISTORY_DIR')), "buildhistory dir was not created.")
+
+    def test_buildhistory_buildtime_pr_backwards(self):
+        target = 'xcursor-transparent-theme'
+        error = "ERROR:.*QA Issue: Package version for package %s went backwards which would break package feeds \(from .*-r1.* to .*-r0.*\)" % target
+        self.run_buildhistory_operation(target, target_config="PR = \"r1\"", change_bh_location=True)
+        self.run_buildhistory_operation(target, target_config="PR = \"r0\"", change_bh_location=False, expect_error=True, error_regex=error)
+
+    def test_fileinfo(self):
+        self.config_buildhistory()
+        bitbake('hicolor-icon-theme')
+        history_dir = get_bb_var('BUILDHISTORY_DIR_PACKAGE', 'hicolor-icon-theme')
+        self.assertTrue(os.path.isdir(history_dir), 'buildhistory dir was not created.')
+
+        def load_bh(f):
+            d = {}
+            for line in open(f):
+                split = [s.strip() for s in line.split('=', 1)]
+                if len(split) > 1:
+                    d[split[0]] = split[1]
+            return d
+
+        data = load_bh(os.path.join(history_dir, 'hicolor-icon-theme', 'latest'))
+        self.assertIn('FILELIST', data)
+        self.assertEqual(data['FILELIST'], '/usr/share/icons/hicolor/index.theme')
+        self.assertGreater(int(data['PKGSIZE']), 0)
+
+        data = load_bh(os.path.join(history_dir, 'hicolor-icon-theme-dev', 'latest'))
+        if 'FILELIST' in data:
+            self.assertEqual(data['FILELIST'], '/usr/share/pkgconfig/default-icon-theme.pc')
+        self.assertGreater(int(data['PKGSIZE']), 0)
+
+    def test_buildhistory_diff(self):
+        target = 'xcursor-transparent-theme'
+        self.run_buildhistory_operation(target, target_config="PR = \"r1\"", change_bh_location=True)
+        self.run_buildhistory_operation(target, target_config="PR = \"r0\"", change_bh_location=False, expect_error=True)
+        result = runCmd("oe-pkgdata-util read-value PKGV %s" % target)
+        pkgv = result.output.rstrip()
+        result = runCmd("buildhistory-diff -p %s" % get_bb_var('BUILDHISTORY_DIR'))
+        expected_endlines = [
+            "xcursor-transparent-theme-dev: RRECOMMENDS: removed \"xcursor-transparent-theme (['= %s-r1'])\", added \"xcursor-transparent-theme (['= %s-r0'])\"" % (pkgv, pkgv),
+            "xcursor-transparent-theme-staticdev: RDEPENDS: removed \"xcursor-transparent-theme-dev (['= %s-r1'])\", added \"xcursor-transparent-theme-dev (['= %s-r0'])\"" % (pkgv, pkgv)
+        ]
+        for line in result.output.splitlines():
+            for el in expected_endlines:
+                if line.endswith(el):
+                    expected_endlines.remove(el)
+                    break
+            else:
+                self.fail('Unexpected line:\n%s\nExpected line endings:\n  %s' % (line, '\n  '.join(expected_endlines)))
+        if expected_endlines:
+            self.fail('Missing expected line endings:\n  %s' % '\n  '.join(expected_endlines))
\ No newline at end of file
diff --git a/meta/lib/oeqa/selftest/cases/buildoptions.py b/meta/lib/oeqa/selftest/cases/buildoptions.py
index 3495bee986..767e19bd88 100644
--- a/meta/lib/oeqa/selftest/cases/buildoptions.py
+++ b/meta/lib/oeqa/selftest/cases/buildoptions.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -8,9 +10,10 @@ import glob as g
 import shutil
 import tempfile
 from oeqa.selftest.case import OESelftestTestCase
-from oeqa.selftest.cases.buildhistory import BuildhistoryBase
-from oeqa.utils.commands import runCmd, bitbake, get_bb_var, get_bb_vars
+from oeqa.core.decorator.data import skipIfMachine
+from oeqa.utils.commands import bitbake, get_bb_var, get_bb_vars
 import oeqa.utils.ftools as ftools
+from oeqa.core.decorator import OETestTag
 
 class ImageOptionsTests(OESelftestTestCase):
 
@@ -50,23 +53,23 @@ class ImageOptionsTests(OESelftestTestCase):
     def test_read_only_image(self):
         distro_features = get_bb_var('DISTRO_FEATURES')
         if not ('x11' in distro_features and 'opengl' in distro_features):
-            self.skipTest('core-image-sato requires x11 and opengl in distro features')
+            self.skipTest('core-image-sato/weston requires x11 and opengl in distro features')
         self.write_config('IMAGE_FEATURES += "read-only-rootfs"')
-        bitbake("core-image-sato")
+        bitbake("core-image-sato core-image-weston")
         # do_image will fail if there are any pending postinsts
 
 class DiskMonTest(OESelftestTestCase):
 
     def test_stoptask_behavior(self):
-        self.write_config('BB_DISKMON_DIRS = "STOPTASKS,${TMPDIR},100000G,100K"')
+        self.write_config('BB_DISKMON_DIRS = "STOPTASKS,${TMPDIR},100000G,100K"\nBB_HEARTBEAT_EVENT = "1"')
         res = bitbake("delay -c delay", ignore_status = True)
         self.assertTrue('ERROR: No new tasks can be executed since the disk space monitor action is "STOPTASKS"!' in res.output, msg = "Tasks should have stopped. Disk monitor is set to STOPTASK: %s" % res.output)
         self.assertEqual(res.status, 1, msg = "bitbake reported exit code %s. It should have been 1. Bitbake output: %s" % (str(res.status), res.output))
-        self.write_config('BB_DISKMON_DIRS = "ABORT,${TMPDIR},100000G,100K"')
+        self.write_config('BB_DISKMON_DIRS = "HALT,${TMPDIR},100000G,100K"\nBB_HEARTBEAT_EVENT = "1"')
         res = bitbake("delay -c delay", ignore_status = True)
-        self.assertTrue('ERROR: Immediately abort since the disk space monitor action is "ABORT"!' in res.output, "Tasks should have been aborted immediatelly. Disk monitor is set to ABORT: %s" % res.output)
+        self.assertTrue('ERROR: Immediately halt since the disk space monitor action is "HALT"!' in res.output, "Tasks should have been halted immediately. Disk monitor is set to HALT: %s" % res.output)
         self.assertEqual(res.status, 1, msg = "bitbake reported exit code %s. It should have been 1. Bitbake output: %s" % (str(res.status), res.output))
-        self.write_config('BB_DISKMON_DIRS = "WARN,${TMPDIR},100000G,100K"')
+        self.write_config('BB_DISKMON_DIRS = "WARN,${TMPDIR},100000G,100K"\nBB_HEARTBEAT_EVENT = "1"')
         res = bitbake("delay -c delay")
         self.assertTrue('WARNING: The free space' in res.output, msg = "A warning should have been displayed for disk monitor is set to WARN: %s" %res.output)
 
@@ -78,9 +81,9 @@ class SanityOptionsTest(OESelftestTestCase):
 
     def test_options_warnqa_errorqa_switch(self):
 
-        self.write_config("INHERIT_remove = \"report-error\"")
+        self.write_config("INHERIT:remove = \"report-error\"")
         if "packages-list" not in get_bb_var("ERROR_QA"):
-            self.append_config("ERROR_QA_append = \" packages-list\"")
+            self.append_config("ERROR_QA:append:pn-xcursor-transparent-theme = \" packages-list\"")
 
         self.write_recipeinc('xcursor-transparent-theme', 'PACKAGES += \"${PN}-dbg\"')
         self.add_command_to_tearDown('bitbake -c clean xcursor-transparent-theme')
@@ -90,8 +93,8 @@ class SanityOptionsTest(OESelftestTestCase):
         self.assertTrue(line and line.startswith("ERROR:"), msg=res.output)
         self.assertEqual(res.status, 1, msg = "bitbake reported exit code %s. It should have been 1. Bitbake output: %s" % (str(res.status), res.output))
         self.write_recipeinc('xcursor-transparent-theme', 'PACKAGES += \"${PN}-dbg\"')
-        self.append_config('ERROR_QA_remove = "packages-list"')
-        self.append_config('WARN_QA_append = " packages-list"')
+        self.append_config('ERROR_QA:remove:pn-xcursor-transparent-theme = "packages-list"')
+        self.append_config('WARN_QA:append:pn-xcursor-transparent-theme = " packages-list"')
         res = bitbake("xcursor-transparent-theme -f -c package")
         self.delete_recipeinc('xcursor-transparent-theme')
         line = self.getline(res, "QA Issue: xcursor-transparent-theme-dbg is listed in PACKAGES multiple times, this leads to packaging errors.")
@@ -135,32 +138,24 @@ class SanityOptionsTest(OESelftestTestCase):
 
         self.assertNotIn(err, ret.output)
 
-
-class BuildhistoryTests(BuildhistoryBase):
-
-    def test_buildhistory_basic(self):
-        self.run_buildhistory_operation('xcursor-transparent-theme')
-        self.assertTrue(os.path.isdir(get_bb_var('BUILDHISTORY_DIR')), "buildhistory dir was not created.")
-
-    def test_buildhistory_buildtime_pr_backwards(self):
-        target = 'xcursor-transparent-theme'
-        error = "ERROR:.*QA Issue: Package version for package %s went backwards which would break package feeds \(from .*-r1.* to .*-r0.*\)" % target
-        self.run_buildhistory_operation(target, target_config="PR = \"r1\"", change_bh_location=True)
-        self.run_buildhistory_operation(target, target_config="PR = \"r0\"", change_bh_location=False, expect_error=True, error_regex=error)
-
 class ArchiverTest(OESelftestTestCase):
     def test_arch_work_dir_and_export_source(self):
         """
         Test for archiving the work directory and exporting the source files.
         """
-        self.write_config("INHERIT += \"archiver\"\nARCHIVER_MODE[src] = \"original\"\nARCHIVER_MODE[srpm] = \"1\"")
+        self.write_config("""
+INHERIT += "archiver"
+PACKAGE_CLASSES = "package_rpm"
+ARCHIVER_MODE[src] = "original"
+ARCHIVER_MODE[srpm] = "1"
+""")
         res = bitbake("xcursor-transparent-theme", ignore_status=True)
         self.assertEqual(res.status, 0, "\nCouldn't build xcursortransparenttheme.\nbitbake output %s" % res.output)
         deploy_dir_src = get_bb_var('DEPLOY_DIR_SRC')
         pkgs_path = g.glob(str(deploy_dir_src) + "/allarch*/xcurs*")
         src_file_glob = str(pkgs_path[0]) + "/xcursor*.src.rpm"
-        tar_file_glob = str(pkgs_path[0]) + "/xcursor*.tar.gz"
-        self.assertTrue((g.glob(src_file_glob) and g.glob(tar_file_glob)), "Couldn't find .src.rpm and .tar.gz files under %s/allarch*/xcursor*" % deploy_dir_src)
+        tar_file_glob = str(pkgs_path[0]) + "/xcursor*.tar.xz"
+        self.assertTrue((g.glob(src_file_glob) and g.glob(tar_file_glob)), "Couldn't find .src.rpm and .tar.xz files under %s/allarch*/xcursor*" % deploy_dir_src)
 
 class ToolchainOptions(OESelftestTestCase):
     def test_toolchain_fortran(self):
@@ -168,10 +163,11 @@ class ToolchainOptions(OESelftestTestCase):
         Test that Fortran works by building a Hello, World binary.
         """
 
-        features = 'FORTRAN_forcevariable = ",fortran"\n'
+        features = 'FORTRAN:forcevariable = ",fortran"\n'
         self.write_config(features)
         bitbake('fortran-helloworld')
 
+@OETestTag("yocto-mirrors")
 class SourceMirroring(OESelftestTestCase):
     # Can we download everything from the Yocto Sources Mirror over http only
     def test_yocto_source_mirror(self):
@@ -195,5 +191,10 @@ PREMIRRORS = "\\
     https://.*/.*    http://downloads.yoctoproject.org/mirror/sources/ \\n"
 """)
 
-        bitbake("world --runall fetch")
+        bitbake("world --runall fetch --continue")
+
 
+class Poisoning(OESelftestTestCase):
+    def test_poisoning(self):
+        # The poison recipe fails if the poisoning didn't work
+        bitbake("poison")
diff --git a/meta/lib/oeqa/selftest/cases/c_cpp.py b/meta/lib/oeqa/selftest/cases/c_cpp.py
new file mode 100644
index 0000000000..9a70ce29f5
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/c_cpp.py
@@ -0,0 +1,60 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+from oeqa.selftest.case import OESelftestTestCase
+from oeqa.core.decorator.data import skipIfNotQemuUsermode
+from oeqa.utils.commands import bitbake
+
+
+class CCppTests(OESelftestTestCase):
+
+    @skipIfNotQemuUsermode()
+    def _qemu_usermode(self, recipe_name):
+        self.add_command_to_tearDown("bitbake -c clean %s" % recipe_name)
+        bitbake("%s -c run_tests" % recipe_name)
+
+    @skipIfNotQemuUsermode()
+    def _qemu_usermode_failing(self, recipe_name):
+        config = 'PACKAGECONFIG:pn-%s = "failing_test"' % recipe_name
+        self.write_config(config)
+        self.add_command_to_tearDown("bitbake -c clean %s" % recipe_name)
+        result = bitbake("%s -c run_tests" % recipe_name, ignore_status=True)
+        self.assertNotEqual(0, result.status, "command: %s is expected to fail but passed, status: %s, output: %s, error: %s" % (
+            result.command, result.status, result.output, result.error))
+
+
+class CMakeTests(CCppTests):
+    def test_cmake_qemu(self):
+        """Test for cmake-qemu.bbclass good case
+
+        compile the cmake-example and verify the CTests pass in qemu-user.
+        qemu-user is configured by CMAKE_CROSSCOMPILING_EMULATOR.
+        """
+        self._qemu_usermode("cmake-example")
+
+    def test_cmake_qemu_failing(self):
+        """Test for cmake-qemu.bbclass bad case
+
+        Break the comparison in the test code and verify the CTests do not pass.
+        """
+        self._qemu_usermode_failing("cmake-example")
+
+
+class MesonTests(CCppTests):
+    def test_meson_qemu(self):
+        """Test the qemu-user feature of the meson.bbclass good case
+
+        compile the meson-example and verify the Unit Test pass in qemu-user.
+        qemu-user is configured by meson's exe_wrapper option.
+        """
+        self._qemu_usermode("meson-example")
+
+    def test_meson_qemu_failing(self):
+        """Test the qemu-user feature of the meson.bbclass bad case
+
+        Break the comparison in the test code and verify the Unit Test does not pass in qemu-user.
+        """
+        self._qemu_usermode_failing("meson-example")
diff --git a/meta/lib/oeqa/selftest/cases/containerimage.py b/meta/lib/oeqa/selftest/cases/containerimage.py
index 79cc8a0f2e..d1ac305a84 100644
--- a/meta/lib/oeqa/selftest/cases/containerimage.py
+++ b/meta/lib/oeqa/selftest/cases/containerimage.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -13,7 +15,7 @@ from oeqa.utils.commands import bitbake, get_bb_vars, runCmd
 # The only package added to the image is container_image_testpkg, which
 # contains one file. However, due to some other things not cleaning up during
 # rootfs creation, there is some cruft. Ideally bugs will be filed and the
-# cruft removed, but for now we whitelist some known set.
+# cruft removed, but for now we ignore some known set.
 #
 # Also for performance reasons we're only checking the cruft when using ipk.
 # When using deb, and rpm it is a bit different and we could test all
@@ -22,7 +24,7 @@ from oeqa.utils.commands import bitbake, get_bb_vars, runCmd
 #
 class ContainerImageTests(OESelftestTestCase):
 
-    # Verify that when specifying a IMAGE_TYPEDEP_ of the form "foo.bar" that
+    # Verify that when specifying a IMAGE_TYPEDEP: of the form "foo.bar" that
     # the conversion type bar gets added as a dep as well
     def test_expected_files(self):
 
@@ -40,10 +42,9 @@ class ContainerImageTests(OESelftestTestCase):
         self.write_config("""PREFERRED_PROVIDER_virtual/kernel = "linux-dummy"
 IMAGE_FSTYPES = "container"
 PACKAGE_CLASSES = "package_ipk"
-IMAGE_FEATURES = ""
 IMAGE_BUILDINFO_FILE = ""
 INIT_MANAGER = "sysvinit"
-IMAGE_INSTALL_remove = "ssh-pregen-hostkeys"
+IMAGE_INSTALL:remove = "ssh-pregen-hostkeys"
 
 """)
 
@@ -53,8 +54,6 @@ IMAGE_INSTALL_remove = "ssh-pregen-hostkeys"
         expected_files = [
                     './',
                     '.{bindir}/theapp',
-                    '.{sysconfdir}/default/',
-                    '.{sysconfdir}/default/postinst',
                     '.{sysconfdir}/ld.so.cache',
                     '.{sysconfdir}/timestamp',
                     '.{sysconfdir}/version',
diff --git a/meta/lib/oeqa/selftest/cases/cve_check.py b/meta/lib/oeqa/selftest/cases/cve_check.py
index 3f343a2841..511e4b81b4 100644
--- a/meta/lib/oeqa/selftest/cases/cve_check.py
+++ b/meta/lib/oeqa/selftest/cases/cve_check.py
@@ -1,9 +1,19 @@
-from oe.cve_check import Version
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+import json
+import os
 from oeqa.selftest.case import OESelftestTestCase
+from oeqa.utils.commands import bitbake, get_bb_vars
 
 class CVECheck(OESelftestTestCase):
 
     def test_version_compare(self):
+        from oe.cve_check import Version
+
         result = Version("100") > Version("99")
         self.assertTrue( result, msg="Failed to compare version '100' > '99'")
         result = Version("2.3.1") > Version("2.2.3")
@@ -34,3 +44,453 @@ class CVECheck(OESelftestTestCase):
         self.assertTrue( result ,msg="Failed to compare version with suffix '1.0b' < '1.0r'")
         result = Version("1.0b","alphabetical") > Version("1.0","alphabetical")
         self.assertTrue( result ,msg="Failed to compare version with suffix '1.0b' > '1.0'")
+
+        # consider the trailing "p" and "patch" as patched released when comparing
+        result = Version("1.0","patch") < Version("1.0p1","patch")
+        self.assertTrue( result ,msg="Failed to compare version with suffix '1.0' < '1.0p1'")
+        result = Version("1.0p2","patch") > Version("1.0p1","patch")
+        self.assertTrue( result ,msg="Failed to compare version with suffix '1.0p2' > '1.0p1'")
+        result = Version("1.0_patch2","patch") < Version("1.0_patch3","patch")
+        self.assertTrue( result ,msg="Failed to compare version with suffix '1.0_patch2' < '1.0_patch3'")
+
+
+    def test_convert_cve_version(self):
+        from oe.cve_check import convert_cve_version
+
+        # Default format
+        self.assertEqual(convert_cve_version("8.3"), "8.3")
+        self.assertEqual(convert_cve_version(""), "")
+
+        # OpenSSL format version
+        self.assertEqual(convert_cve_version("1.1.1t"), "1.1.1t")
+
+        # OpenSSH format
+        self.assertEqual(convert_cve_version("8.3_p1"), "8.3p1")
+        self.assertEqual(convert_cve_version("8.3_p22"), "8.3p22")
+
+        # Linux kernel format
+        self.assertEqual(convert_cve_version("6.2_rc8"), "6.2-rc8")
+        self.assertEqual(convert_cve_version("6.2_rc31"), "6.2-rc31")
+
+    def test_product_match(self):
+        from oe.cve_check import has_cve_product_match
+
+        status = {}
+        status["detail"] = "ignored"
+        status["vendor"] = "*"
+        status["product"] = "*"
+        status["description"] = ""
+        status["mapping"] = ""
+
+        self.assertEqual(has_cve_product_match(status, "some_vendor:some_product"), True)
+        self.assertEqual(has_cve_product_match(status, "*:*"), True)
+        self.assertEqual(has_cve_product_match(status, "some_product"), True)
+        self.assertEqual(has_cve_product_match(status, "glibc"), True)
+        self.assertEqual(has_cve_product_match(status, "glibca"), True)
+        self.assertEqual(has_cve_product_match(status, "aglibc"), True)
+        self.assertEqual(has_cve_product_match(status, "*"), True)
+        self.assertEqual(has_cve_product_match(status, "aglibc glibc test:test"), True)
+
+        status["product"] = "glibc"
+        self.assertEqual(has_cve_product_match(status, "some_vendor:some_product"), False)
+        # The CPE in the recipe must be defined, no * accepted
+        self.assertEqual(has_cve_product_match(status, "*:*"), False)
+        self.assertEqual(has_cve_product_match(status, "*"), False)
+        self.assertEqual(has_cve_product_match(status, "some_product"), False)
+        self.assertEqual(has_cve_product_match(status, "glibc"), True)
+        self.assertEqual(has_cve_product_match(status, "glibca"), False)
+        self.assertEqual(has_cve_product_match(status, "aglibc"), False)
+        self.assertEqual(has_cve_product_match(status, "some_vendor:glibc"), True)
+        self.assertEqual(has_cve_product_match(status, "some_vendor:glibc test"), True)
+        self.assertEqual(has_cve_product_match(status, "test some_vendor:glibc"), True)
+
+        status["vendor"] = "glibca"
+        status["product"] = "glibc"
+        self.assertEqual(has_cve_product_match(status, "some_vendor:some_product"), False)
+        # The CPE in the recipe must be defined, no * accepted
+        self.assertEqual(has_cve_product_match(status, "*:*"), False)
+        self.assertEqual(has_cve_product_match(status, "*"), False)
+        self.assertEqual(has_cve_product_match(status, "some_product"), False)
+        self.assertEqual(has_cve_product_match(status, "glibc"), False)
+        self.assertEqual(has_cve_product_match(status, "glibca"), False)
+        self.assertEqual(has_cve_product_match(status, "aglibc"), False)
+        self.assertEqual(has_cve_product_match(status, "some_vendor:glibc"), False)
+        self.assertEqual(has_cve_product_match(status, "glibca:glibc"), True)
+        self.assertEqual(has_cve_product_match(status, "test:test glibca:glibc"), True)
+        self.assertEqual(has_cve_product_match(status, "test glibca:glibc"), True)
+        self.assertEqual(has_cve_product_match(status, "glibca:glibc test"), True)
+
+    def test_parse_cve_from_patch_filename(self):
+        from oe.cve_check import parse_cve_from_filename
+
+        # Patch filename without CVE ID
+        self.assertEqual(parse_cve_from_filename("0001-test.patch"), "")
+
+        # Patch with single CVE ID
+        self.assertEqual(
+            parse_cve_from_filename("CVE-2022-12345.patch"), "CVE-2022-12345"
+        )
+
+        # Patch with multiple CVE IDs
+        self.assertEqual(
+            parse_cve_from_filename("CVE-2022-41741-CVE-2022-41742.patch"),
+            "CVE-2022-41742",
+        )
+
+        # Patches with CVE ID and appended text
+        self.assertEqual(
+            parse_cve_from_filename("CVE-2023-3019-0001.patch"), "CVE-2023-3019"
+        )
+        self.assertEqual(
+            parse_cve_from_filename("CVE-2024-21886-1.patch"), "CVE-2024-21886"
+        )
+
+        # Patch with CVE ID and prepended text
+        self.assertEqual(
+            parse_cve_from_filename("grep-CVE-2012-5667.patch"), "CVE-2012-5667"
+        )
+        self.assertEqual(
+            parse_cve_from_filename("0001-CVE-2012-5667.patch"), "CVE-2012-5667"
+        )
+
+        # Patch with CVE ID and both prepended and appended text
+        self.assertEqual(
+            parse_cve_from_filename(
+                "0001-tpm2_import-fix-fixed-AES-key-CVE-2021-3565-0001.patch"
+            ),
+            "CVE-2021-3565",
+        )
+
+        # Only grab the last CVE ID in the filename
+        self.assertEqual(
+            parse_cve_from_filename("CVE-2012-5667-CVE-2012-5668.patch"),
+            "CVE-2012-5668",
+        )
+
+        # Test invalid CVE ID with incorrect length (must be at least 4 digits)
+        self.assertEqual(
+            parse_cve_from_filename("CVE-2024-001.patch"),
+            "",
+        )
+
+        # Test valid CVE ID with very long length
+        self.assertEqual(
+            parse_cve_from_filename("CVE-2024-0000000000000000000000001.patch"),
+            "CVE-2024-0000000000000000000000001",
+        )
+
+    def test_parse_cve_from_patch_contents(self):
+        import textwrap
+        from oe.cve_check import parse_cves_from_patch_contents
+
+        # Standard patch file excerpt without any patches
+        self.assertEqual(
+            parse_cves_from_patch_contents(
+                textwrap.dedent("""\
+            remove "*" for root since we don't have a /etc/shadow so far.
+
+            Upstream-Status: Inappropriate [configuration]
+
+            Signed-off-by: Scott Garman <scott.a.garman@intel.com>
+
+            --- base-passwd/passwd.master~nobash
+            +++ base-passwd/passwd.master
+            @@ -1,4 +1,4 @@
+            -root:*:0:0:root:/root:/bin/sh
+            +root::0:0:root:/root:/bin/sh
+            daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+            bin:*:2:2:bin:/bin:/bin/sh
+            sys:*:3:3:sys:/dev:/bin/sh
+            """)
+            ),
+            set(),
+        )
+
+        # Patch file with multiple CVE IDs (space-separated)
+        self.assertEqual(
+            parse_cves_from_patch_contents(
+                textwrap.dedent("""\
+                There is an assertion in function _cairo_arc_in_direction().
+
+                CVE: CVE-2019-6461 CVE-2019-6462
+                Upstream-Status: Pending
+                Signed-off-by: Ross Burton <ross.burton@intel.com>
+
+                diff --git a/src/cairo-arc.c b/src/cairo-arc.c
+                index 390397bae..1bde774a4 100644
+                --- a/src/cairo-arc.c
+                +++ b/src/cairo-arc.c
+                @@ -186,7 +186,8 @@ _cairo_arc_in_direction (cairo_t          *cr,
+                    if (cairo_status (cr))
+                        return;
+
+                -    assert (angle_max >= angle_min);
+                +    if (angle_max < angle_min)
+                +       return;
+
+                    if (angle_max - angle_min > 2 * M_PI * MAX_FULL_CIRCLES) {
+                    angle_max = fmod (angle_max - angle_min, 2 * M_PI);
+            """),
+            ),
+            {"CVE-2019-6461", "CVE-2019-6462"},
+        )
+
+        # Patch file with multiple CVE IDs (comma-separated w/ both space and no space)
+        self.assertEqual(
+            parse_cves_from_patch_contents(
+                textwrap.dedent("""\
+                There is an assertion in function _cairo_arc_in_direction().
+
+                CVE: CVE-2019-6461,CVE-2019-6462, CVE-2019-6463
+                Upstream-Status: Pending
+                Signed-off-by: Ross Burton <ross.burton@intel.com>
+
+                diff --git a/src/cairo-arc.c b/src/cairo-arc.c
+                index 390397bae..1bde774a4 100644
+                --- a/src/cairo-arc.c
+                +++ b/src/cairo-arc.c
+                @@ -186,7 +186,8 @@ _cairo_arc_in_direction (cairo_t          *cr,
+                    if (cairo_status (cr))
+                        return;
+
+                -    assert (angle_max >= angle_min);
+                +    if (angle_max < angle_min)
+                +       return;
+
+                    if (angle_max - angle_min > 2 * M_PI * MAX_FULL_CIRCLES) {
+                    angle_max = fmod (angle_max - angle_min, 2 * M_PI);
+
+            """),
+            ),
+            {"CVE-2019-6461", "CVE-2019-6462", "CVE-2019-6463"},
+        )
+
+        # Patch file with multiple CVE IDs (&-separated)
+        self.assertEqual(
+            parse_cves_from_patch_contents(
+                textwrap.dedent("""\
+                There is an assertion in function _cairo_arc_in_direction().
+
+                CVE: CVE-2019-6461 & CVE-2019-6462
+                Upstream-Status: Pending
+                Signed-off-by: Ross Burton <ross.burton@intel.com>
+
+                diff --git a/src/cairo-arc.c b/src/cairo-arc.c
+                index 390397bae..1bde774a4 100644
+                --- a/src/cairo-arc.c
+                +++ b/src/cairo-arc.c
+                @@ -186,7 +186,8 @@ _cairo_arc_in_direction (cairo_t          *cr,
+                    if (cairo_status (cr))
+                        return;
+
+                -    assert (angle_max >= angle_min);
+                +    if (angle_max < angle_min)
+                +       return;
+
+                    if (angle_max - angle_min > 2 * M_PI * MAX_FULL_CIRCLES) {
+                    angle_max = fmod (angle_max - angle_min, 2 * M_PI);
+            """),
+            ),
+            {"CVE-2019-6461", "CVE-2019-6462"},
+        )
+
+        # Patch file with multiple lines with CVE IDs
+        self.assertEqual(
+            parse_cves_from_patch_contents(
+                textwrap.dedent("""\
+                There is an assertion in function _cairo_arc_in_direction().
+
+                CVE: CVE-2019-6461 & CVE-2019-6462
+
+                CVE: CVE-2019-6463 & CVE-2019-6464
+                Upstream-Status: Pending
+                Signed-off-by: Ross Burton <ross.burton@intel.com>
+
+                diff --git a/src/cairo-arc.c b/src/cairo-arc.c
+                index 390397bae..1bde774a4 100644
+                --- a/src/cairo-arc.c
+                +++ b/src/cairo-arc.c
+                @@ -186,7 +186,8 @@ _cairo_arc_in_direction (cairo_t          *cr,
+                    if (cairo_status (cr))
+                        return;
+
+                -    assert (angle_max >= angle_min);
+                +    if (angle_max < angle_min)
+                +       return;
+
+                    if (angle_max - angle_min > 2 * M_PI * MAX_FULL_CIRCLES) {
+                    angle_max = fmod (angle_max - angle_min, 2 * M_PI);
+
+            """),
+            ),
+            {"CVE-2019-6461", "CVE-2019-6462", "CVE-2019-6463", "CVE-2019-6464"},
+        )
+
+    def test_recipe_report_json(self):
+        config = """
+INHERIT += "cve-check"
+CVE_CHECK_FORMAT_JSON = "1"
+"""
+        self.write_config(config)
+
+        vars = get_bb_vars(["CVE_CHECK_SUMMARY_DIR", "CVE_CHECK_SUMMARY_FILE_NAME_JSON"])
+        summary_json = os.path.join(vars["CVE_CHECK_SUMMARY_DIR"], vars["CVE_CHECK_SUMMARY_FILE_NAME_JSON"])
+        recipe_json = os.path.join(vars["CVE_CHECK_SUMMARY_DIR"], "m4-native_cve.json")
+
+        try:
+            os.remove(summary_json)
+            os.remove(recipe_json)
+        except FileNotFoundError:
+            pass
+
+        bitbake("m4-native -c cve_check")
+
+        def check_m4_json(filename):
+            with open(filename) as f:
+                report = json.load(f)
+            self.assertEqual(report["version"], "1")
+            self.assertEqual(len(report["package"]), 1)
+            package = report["package"][0]
+            self.assertEqual(package["name"], "m4-native")
+            found_cves = { issue["id"]: issue["status"] for issue in package["issue"]}
+            self.assertIn("CVE-2008-1687", found_cves)
+            self.assertEqual(found_cves["CVE-2008-1687"], "Patched")
+
+        self.assertExists(summary_json)
+        check_m4_json(summary_json)
+        self.assertExists(recipe_json)
+        check_m4_json(recipe_json)
+
+
+    def test_image_json(self):
+        config = """
+INHERIT += "cve-check"
+CVE_CHECK_FORMAT_JSON = "1"
+"""
+        self.write_config(config)
+
+        vars = get_bb_vars(["CVE_CHECK_DIR", "CVE_CHECK_SUMMARY_DIR", "CVE_CHECK_SUMMARY_FILE_NAME_JSON"])
+        report_json = os.path.join(vars["CVE_CHECK_SUMMARY_DIR"], vars["CVE_CHECK_SUMMARY_FILE_NAME_JSON"])
+        print(report_json)
+        try:
+            os.remove(report_json)
+        except FileNotFoundError:
+            pass
+
+        bitbake("core-image-minimal-initramfs")
+        self.assertExists(report_json)
+
+        # Check that the summary report lists at least one package
+        with open(report_json) as f:
+            report = json.load(f)
+        self.assertEqual(report["version"], "1")
+        self.assertGreater(len(report["package"]), 1)
+
+        # Check that a random recipe wrote a recipe report to deploy/cve/
+        recipename = report["package"][0]["name"]
+        recipe_report = os.path.join(vars["CVE_CHECK_DIR"], recipename + "_cve.json")
+        self.assertExists(recipe_report)
+        with open(recipe_report) as f:
+            report = json.load(f)
+        self.assertEqual(report["version"], "1")
+        self.assertEqual(len(report["package"]), 1)
+        self.assertEqual(report["package"][0]["name"], recipename)
+
+
+    def test_recipe_report_json_unpatched(self):
+        config = """
+INHERIT += "cve-check"
+CVE_CHECK_FORMAT_JSON = "1"
+CVE_CHECK_REPORT_PATCHED = "0"
+"""
+        self.write_config(config)
+
+        vars = get_bb_vars(["CVE_CHECK_SUMMARY_DIR", "CVE_CHECK_SUMMARY_FILE_NAME_JSON"])
+        summary_json = os.path.join(vars["CVE_CHECK_SUMMARY_DIR"], vars["CVE_CHECK_SUMMARY_FILE_NAME_JSON"])
+        recipe_json = os.path.join(vars["CVE_CHECK_SUMMARY_DIR"], "m4-native_cve.json")
+
+        try:
+            os.remove(summary_json)
+            os.remove(recipe_json)
+        except FileNotFoundError:
+            pass
+
+        bitbake("m4-native -c cve_check")
+
+        def check_m4_json(filename):
+            with open(filename) as f:
+                report = json.load(f)
+            self.assertEqual(report["version"], "1")
+            self.assertEqual(len(report["package"]), 1)
+            package = report["package"][0]
+            self.assertEqual(package["name"], "m4-native")
+            #m4 had only Patched CVEs, so the issues array will be empty
+            self.assertEqual(package["issue"], [])
+
+        self.assertExists(summary_json)
+        check_m4_json(summary_json)
+        self.assertExists(recipe_json)
+        check_m4_json(recipe_json)
+
+
+    def test_recipe_report_json_ignored(self):
+        config = """
+INHERIT += "cve-check"
+CVE_CHECK_FORMAT_JSON = "1"
+CVE_CHECK_REPORT_PATCHED = "1"
+"""
+        self.write_config(config)
+
+        vars = get_bb_vars(["CVE_CHECK_SUMMARY_DIR", "CVE_CHECK_SUMMARY_FILE_NAME_JSON"])
+        summary_json = os.path.join(vars["CVE_CHECK_SUMMARY_DIR"], vars["CVE_CHECK_SUMMARY_FILE_NAME_JSON"])
+        recipe_json = os.path.join(vars["CVE_CHECK_SUMMARY_DIR"], "logrotate_cve.json")
+
+        try:
+            os.remove(summary_json)
+            os.remove(recipe_json)
+        except FileNotFoundError:
+            pass
+
+        bitbake("logrotate -c cve_check")
+
+        def check_m4_json(filename):
+            with open(filename) as f:
+                report = json.load(f)
+            self.assertEqual(report["version"], "1")
+            self.assertEqual(len(report["package"]), 1)
+            package = report["package"][0]
+            self.assertEqual(package["name"], "logrotate")
+            found_cves = {}
+            for issue in package["issue"]:
+                found_cves[issue["id"]] = {
+                    "status" : issue["status"],
+                    "detail" : issue["detail"] if "detail" in issue else "",
+                    "description" : issue["description"] if "description" in issue else ""
+                }
+            # m4 CVE should not be in logrotate
+            self.assertNotIn("CVE-2008-1687", found_cves)
+            # logrotate has both Patched and Ignored CVEs
+            detail = "version-not-in-range"
+            self.assertIn("CVE-2011-1098", found_cves)
+            self.assertEqual(found_cves["CVE-2011-1098"]["status"], "Patched")
+            self.assertEqual(found_cves["CVE-2011-1098"]["detail"], detail)
+            self.assertEqual(len(found_cves["CVE-2011-1098"]["description"]), 0)
+            detail = "not-applicable-platform"
+            description = "CVE is debian, gentoo or SUSE specific on the way logrotate was installed/used"
+            self.assertIn("CVE-2011-1548", found_cves)
+            self.assertEqual(found_cves["CVE-2011-1548"]["status"], "Ignored")
+            self.assertEqual(found_cves["CVE-2011-1548"]["detail"], detail)
+            self.assertEqual(found_cves["CVE-2011-1548"]["description"], description)
+            self.assertIn("CVE-2011-1549", found_cves)
+            self.assertEqual(found_cves["CVE-2011-1549"]["status"], "Ignored")
+            self.assertEqual(found_cves["CVE-2011-1549"]["detail"], detail)
+            self.assertEqual(found_cves["CVE-2011-1549"]["description"], description)
+            self.assertIn("CVE-2011-1550", found_cves)
+            self.assertEqual(found_cves["CVE-2011-1550"]["status"], "Ignored")
+            self.assertEqual(found_cves["CVE-2011-1550"]["detail"], detail)
+            self.assertEqual(found_cves["CVE-2011-1550"]["description"], description)
+
+        self.assertExists(summary_json)
+        check_m4_json(summary_json)
+        self.assertExists(recipe_json)
+        check_m4_json(recipe_json)
diff --git a/meta/lib/oeqa/selftest/cases/debuginfod.py b/meta/lib/oeqa/selftest/cases/debuginfod.py
new file mode 100644
index 0000000000..46c0cd87bb
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/debuginfod.py
@@ -0,0 +1,160 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+import os
+import socketserver
+import subprocess
+import time
+import urllib
+import pathlib
+
+from oeqa.core.decorator import OETestTag
+from oeqa.selftest.case import OESelftestTestCase
+from oeqa.utils.commands import bitbake, get_bb_var, runqemu
+
+
+class Debuginfod(OESelftestTestCase):
+
+    def wait_for_debuginfod(self, port):
+        """
+        debuginfod takes time to scan the packages and requesting too early may
+        result in a test failure if the right packages haven't been scanned yet.
+
+        Request the metrics endpoint periodically and wait for there to be no
+        busy scanning threads.
+
+        Returns if debuginfod is ready, raises an exception if not within the
+        timeout.
+        """
+
+        # Wait two minutes
+        countdown = 24
+        delay = 5
+        latest = None
+
+        while countdown:
+            self.logger.info("waiting...")
+            time.sleep(delay)
+
+            self.logger.info("polling server")
+            if self.debuginfod.poll():
+                self.logger.info("server dead")
+                self.debuginfod.communicate()
+                self.fail("debuginfod terminated unexpectedly")
+            self.logger.info("server alive")
+
+            try:
+                with urllib.request.urlopen("http://localhost:%d/metrics" % port, timeout=10) as f:
+                    for line in f.read().decode("ascii").splitlines():
+                        key, value = line.rsplit(" ", 1)
+                        if key == "thread_busy{role=\"scan\"}":
+                            latest = int(value)
+                            self.logger.info("Waiting for %d scan jobs to finish" % latest)
+                            if latest == 0:
+                                return
+            except urllib.error.URLError as e:
+                # TODO: how to catch just timeouts?
+                self.logger.error(e)
+
+            countdown -= 1
+
+        raise TimeoutError("Cannot connect debuginfod, still %d scan jobs running" % latest)
+
+    def start_debuginfod(self, feed_dir):
+        # We assume that the caller has already bitbake'd elfutils-native:do_addto_recipe_sysroot
+
+        # Save some useful paths for later
+        native_sysroot = pathlib.Path(get_bb_var("RECIPE_SYSROOT_NATIVE", "elfutils-native"))
+        native_bindir = native_sysroot / "usr" / "bin"
+        self.debuginfod = native_bindir / "debuginfod"
+        self.debuginfod_find = native_bindir / "debuginfod-find"
+
+        cmd = [
+            self.debuginfod,
+            "--verbose",
+            # In-memory database, this is a one-shot test
+            "--database=:memory:",
+            # Don't use all the host cores
+            "--concurrency=8",
+            "--connection-pool=8",
+            # Disable rescanning, this is a one-shot test
+            "--rescan-time=0",
+            "--groom-time=0",
+            feed_dir,
+        ]
+
+        format = get_bb_var("PACKAGE_CLASSES").split()[0]
+        if format == "package_deb":
+            cmd.append("--scan-deb-dir")
+        elif format == "package_ipk":
+            cmd.append("--scan-deb-dir")
+        elif format == "package_rpm":
+            cmd.append("--scan-rpm-dir")
+        else:
+            self.fail("Unknown package class %s" % format)
+
+        # Find a free port. Racey but the window is small.
+        with socketserver.TCPServer(("localhost", 0), None) as s:
+            self.port = s.server_address[1]
+            cmd.append("--port=%d" % self.port)
+
+        self.logger.info(f"Starting server {cmd}")
+        self.debuginfod = subprocess.Popen(cmd, env={})
+        self.wait_for_debuginfod(self.port)
+
+
+    def test_debuginfod_native(self):
+        """
+        Test debuginfod outside of qemu, by building a package and looking up a
+        binary's debuginfo using elfutils-native.
+        """
+
+        self.write_config("""
+TMPDIR = "${TOPDIR}/tmp-debuginfod"
+DISTRO_FEATURES:append = " debuginfod"
+INHERIT += "localpkgfeed"
+""")
+        bitbake("elfutils-native:do_addto_recipe_sysroot xz xz:do_package xz:do_localpkgfeed")
+
+        try:
+            self.start_debuginfod(get_bb_var("LOCALPKGFEED_DIR", "xz"))
+
+            env = os.environ.copy()
+            env["DEBUGINFOD_URLS"] = "http://localhost:%d/" % self.port
+
+            pkgs = pathlib.Path(get_bb_var("PKGDEST", "xz"))
+            cmd = (self.debuginfod_find, "debuginfo", pkgs / "xz" / "usr" / "bin" / "xz.xz")
+            self.logger.info(f"Starting client {cmd}")
+            output = subprocess.check_output(cmd, env=env, text=True)
+            # This should be more comprehensive
+            self.assertIn("/.cache/debuginfod_client/", output)
+        finally:
+            self.debuginfod.kill()
+
+    @OETestTag("runqemu")
+    def test_debuginfod_qemu(self):
+        """
+        Test debuginfod-find inside a qemu, talking to a debuginfod on the host.
+        """
+
+        self.write_config("""
+TMPDIR = "${TOPDIR}/tmp-debuginfod"
+DISTRO_FEATURES:append = " debuginfod"
+INHERIT += "localpkgfeed"
+CORE_IMAGE_EXTRA_INSTALL += "elfutils xz"
+        """)
+        bitbake("core-image-minimal elfutils-native:do_addto_recipe_sysroot xz:do_localpkgfeed")
+
+        try:
+            self.start_debuginfod(get_bb_var("LOCALPKGFEED_DIR", "xz"))
+
+            with runqemu("core-image-minimal", runqemuparams="nographic") as qemu:
+                cmd = "DEBUGINFOD_URLS=http://%s:%d/ debuginfod-find debuginfo /usr/bin/xz" % (qemu.server_ip, self.port)
+                self.logger.info(f"Starting client {cmd}")
+                status, output = qemu.run_serial(cmd)
+                # This should be more comprehensive
+                self.assertIn("/.cache/debuginfod_client/", output)
+        finally:
+            self.debuginfod.kill()
diff --git a/meta/lib/oeqa/selftest/cases/devtool.py b/meta/lib/oeqa/selftest/cases/devtool.py
index 3385546e8e..d5715b328b 100644
--- a/meta/lib/oeqa/selftest/cases/devtool.py
+++ b/meta/lib/oeqa/selftest/cases/devtool.py
@@ -1,18 +1,23 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
+import errno
 import os
 import re
 import shutil
 import tempfile
 import glob
 import fnmatch
+import unittest
+import json
 
-import oeqa.utils.ftools as ftools
 from oeqa.selftest.case import OESelftestTestCase
 from oeqa.utils.commands import runCmd, bitbake, get_bb_var, create_temp_layer
-from oeqa.utils.commands import get_bb_vars, runqemu, get_test_layer
+from oeqa.utils.commands import get_bb_vars, runqemu, runqemu_check_taps, get_test_layer
+from oeqa.core.decorator import OETestTag
 
 oldmetapath = None
 
@@ -24,6 +29,9 @@ def setUpModule():
     corecopydir = os.path.join(templayerdir, 'core-copy')
     bblayers_conf = os.path.join(os.environ['BUILDDIR'], 'conf', 'bblayers.conf')
     edited_layers = []
+    # make sure user doesn't have a local workspace
+    result = runCmd('bitbake-layers show-layers')
+    assert "workspacelayer" not in result.output, "Devtool test suite cannot be run with a local workspace directory"
 
     # We need to take a copy of the meta layer so we can modify it and not
     # have any races against other tests that might be running in parallel
@@ -38,10 +46,17 @@ def setUpModule():
             canonical_layerpath = os.path.realpath(canonical_layerpath) + '/'
             edited_layers.append(layerpath)
             oldmetapath = os.path.realpath(layerpath)
+
+            # when downloading poky from tar.gz some tests will be skipped (BUG 12389)
+            try:
+                runCmd('git rev-parse --is-inside-work-tree', cwd=canonical_layerpath)
+            except:
+                raise unittest.SkipTest("devtool tests require folder to be a git repo")
+
             result = runCmd('git rev-parse --show-toplevel', cwd=canonical_layerpath)
             oldreporoot = result.output.rstrip()
             newmetapath = os.path.join(corecopydir, os.path.relpath(oldmetapath, oldreporoot))
-            runCmd('git clone %s %s' % (oldreporoot, corecopydir), cwd=templayerdir)
+            runCmd('git clone file://%s %s' % (oldreporoot, corecopydir), cwd=templayerdir)
             # Now we need to copy any modified files
             # You might ask "why not just copy the entire tree instead of
             # cloning and doing this?" - well, the problem with that is
@@ -49,11 +64,15 @@ def setUpModule():
             # under COREBASE and we don't want to copy that, so we have
             # to be selective.
             result = runCmd('git status --porcelain', cwd=oldreporoot)
+
+            # Also copy modifications to the 'scripts/' directory
+            canonical_layerpath_scripts = os.path.normpath(canonical_layerpath + "../scripts")
+
             for line in result.output.splitlines():
                 if line.startswith(' M ') or line.startswith('?? '):
                     relpth = line.split()[1]
                     pth = os.path.join(oldreporoot, relpth)
-                    if pth.startswith(canonical_layerpath):
+                    if pth.startswith(canonical_layerpath) or pth.startswith(canonical_layerpath_scripts):
                         if relpth.endswith('/'):
                             destdir = os.path.join(corecopydir, relpth)
                             # avoid race condition by not copying .pyc files YPBZ#13421,13803
@@ -80,32 +99,15 @@ def tearDownModule():
         bb.utils.edit_bblayers_conf(bblayers_conf, None, None, bblayers_edit_cb)
     shutil.rmtree(templayerdir)
 
-class DevtoolBase(OESelftestTestCase):
-
-    @classmethod
-    def setUpClass(cls):
-        super(DevtoolBase, cls).setUpClass()
-        bb_vars = get_bb_vars(['TOPDIR', 'SSTATE_DIR'])
-        cls.original_sstate = bb_vars['SSTATE_DIR']
-        cls.devtool_sstate = os.path.join(bb_vars['TOPDIR'], 'sstate_devtool')
-        cls.sstate_conf  = 'SSTATE_DIR = "%s"\n' % cls.devtool_sstate
-        cls.sstate_conf += ('SSTATE_MIRRORS += "file://.* file:///%s/PATH"\n'
-                            % cls.original_sstate)
-
-    @classmethod
-    def tearDownClass(cls):
-        cls.logger.debug('Deleting devtool sstate cache on %s' % cls.devtool_sstate)
-        runCmd('rm -rf %s' % cls.devtool_sstate)
-        super(DevtoolBase, cls).tearDownClass()
+class DevtoolTestCase(OESelftestTestCase):
 
     def setUp(self):
         """Test case setup function"""
-        super(DevtoolBase, self).setUp()
+        super(DevtoolTestCase, self).setUp()
         self.workspacedir = os.path.join(self.builddir, 'workspace')
         self.assertTrue(not os.path.exists(self.workspacedir),
                         'This test cannot be run with a workspace directory '
                         'under the build directory')
-        self.append_config(self.sstate_conf)
 
     def _check_src_repo(self, repo_dir):
         """Check srctree git repository"""
@@ -152,7 +154,7 @@ class DevtoolBase(OESelftestTestCase):
                         value = invalue
                         invar = None
                 elif '=' in line:
-                    splitline = line.split('=', 1)
+                    splitline = re.split(r"[?+:]*=[+]?", line, 1)
                     var = splitline[0].rstrip()
                     value = splitline[1].strip().strip('"')
                     if value.endswith('\\'):
@@ -235,6 +237,93 @@ class DevtoolBase(OESelftestTestCase):
             filelist.append(' '.join(splitline))
         return filelist
 
+    def _check_diff(self, diffoutput, addlines, removelines):
+        """Check output from 'git diff' matches expectation"""
+        remaining_addlines = addlines[:]
+        remaining_removelines = removelines[:]
+        for line in diffoutput.splitlines():
+            if line.startswith('+++') or line.startswith('---'):
+                continue
+            elif line.startswith('+'):
+                matched = False
+                for item in addlines:
+                    if re.match(item, line[1:].strip()):
+                        matched = True
+                        remaining_addlines.remove(item)
+                        break
+                self.assertTrue(matched, 'Unexpected diff add line: %s' % line)
+            elif line.startswith('-'):
+                matched = False
+                for item in removelines:
+                    if re.match(item, line[1:].strip()):
+                        matched = True
+                        remaining_removelines.remove(item)
+                        break
+                self.assertTrue(matched, 'Unexpected diff remove line: %s' % line)
+        if remaining_addlines:
+            self.fail('Expected added lines not found: %s' % remaining_addlines)
+        if remaining_removelines:
+            self.fail('Expected removed lines not found: %s' % remaining_removelines)
+
+    def _check_runqemu_prerequisites(self):
+        """Check runqemu is available
+
+        Whilst some tests would seemingly be better placed as a runtime test,
+        unfortunately the runtime tests run under bitbake and you can't run
+        devtool within bitbake (since devtool needs to run bitbake itself).
+        Additionally we are testing build-time functionality as well, so
+        really this has to be done as an oe-selftest test.
+        """
+        machine = get_bb_var('MACHINE')
+        if not machine.startswith('qemu'):
+            self.skipTest('This test only works with qemu machines')
+        if not runqemu_check_taps():
+            self.skipTest('You must set up tap devices with scripts/runqemu-gen-tapdevs before running this test')
+
+    def _test_devtool_add_git_url(self, git_url, version, pn, resulting_src_uri, srcrev=None):
+        self.track_for_cleanup(self.workspacedir)
+        self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
+        command = 'devtool add --version %s %s %s' % (version, pn, git_url)
+        if srcrev :
+            command += ' --srcrev %s' %srcrev
+        result = runCmd(command)
+        self.assertExists(os.path.join(self.workspacedir, 'conf', 'layer.conf'), 'Workspace directory not created')
+        # Check the recipe name is correct
+        recipefile = get_bb_var('FILE', pn)
+        self.assertIn('%s_git.bb' % pn, recipefile, 'Recipe file incorrectly named')
+        self.assertIn(recipefile, result.output)
+        # Test devtool status
+        result = runCmd('devtool status')
+        self.assertIn(pn, result.output)
+        self.assertIn(recipefile, result.output)
+        checkvars = {}
+        checkvars['SRC_URI'] = resulting_src_uri
+        self._test_recipe_contents(recipefile, checkvars, [])
+
+class DevtoolBase(DevtoolTestCase):
+
+    @classmethod
+    def setUpClass(cls):
+        super(DevtoolBase, cls).setUpClass()
+        bb_vars = get_bb_vars(['TOPDIR', 'SSTATE_DIR'])
+        cls.original_sstate = bb_vars['SSTATE_DIR']
+        cls.devtool_sstate = os.path.join(bb_vars['TOPDIR'], 'sstate_devtool')
+        cls.sstate_conf  = 'SSTATE_DIR = "%s"\n' % cls.devtool_sstate
+        cls.sstate_conf += ('SSTATE_MIRRORS += "file://.* file:///%s/PATH"\n'
+                            % cls.original_sstate)
+        cls.sstate_conf += ('BB_HASHSERVE_UPSTREAM = "hashserv.yoctoproject.org:8686"\n')
+
+    @classmethod
+    def tearDownClass(cls):
+        cls.logger.debug('Deleting devtool sstate cache on %s' % cls.devtool_sstate)
+        runCmd('rm -rf %s' % cls.devtool_sstate)
+        super(DevtoolBase, cls).tearDownClass()
+
+    def setUp(self):
+        """Test case setup function"""
+        super(DevtoolBase, self).setUp()
+        self.append_config(self.sstate_conf)
+
 
 class DevtoolTests(DevtoolBase):
 
@@ -304,6 +393,38 @@ class DevtoolAddTests(DevtoolBase):
             bindir = bindir[1:]
         self.assertTrue(os.path.isfile(os.path.join(installdir, bindir, 'pv')), 'pv binary not found in D')
 
+    def test_devtool_add_binary(self):
+        # Create a binary package containing a known test file
+        tempdir = tempfile.mkdtemp(prefix='devtoolqa')
+        self.track_for_cleanup(tempdir)
+        pn = 'tst-bin'
+        pv = '1.0'
+        test_file_dir     = "var/lib/%s/" % pn
+        test_file_name    = "test_file"
+        test_file_content = "TEST CONTENT"
+        test_file_package_root = os.path.join(tempdir, pn)
+        test_file_dir_full = os.path.join(test_file_package_root, test_file_dir)
+        bb.utils.mkdirhier(test_file_dir_full)
+        with open(os.path.join(test_file_dir_full, test_file_name), "w") as f:
+           f.write(test_file_content)
+        bin_package_path = os.path.join(tempdir, "%s.tar.gz" % pn)
+        runCmd("tar czf %s -C %s ." % (bin_package_path, test_file_package_root))
+
+        # Test devtool add -b on the binary package
+        self.track_for_cleanup(self.workspacedir)
+        self.add_command_to_tearDown('bitbake -c cleansstate %s' % pn)
+        self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
+        result = runCmd('devtool add  -b %s %s' % (pn, bin_package_path))
+        self.assertExists(os.path.join(self.workspacedir, 'conf', 'layer.conf'), 'Workspace directory not created')
+
+        # Build the resulting recipe
+        result = runCmd('devtool build %s' % pn)
+        installdir = get_bb_var('D', pn)
+        self.assertTrue(installdir, 'Could not query installdir variable')
+
+        # Check that a known file from the binary package has indeed been installed
+        self.assertTrue(os.path.isfile(os.path.join(installdir, test_file_dir, test_file_name)), '%s not found in D' % test_file_name)
+
     def test_devtool_add_git_local(self):
         # We need dbus built so that DEPENDS recognition works
         bitbake('dbus')
@@ -336,15 +457,32 @@ class DevtoolAddTests(DevtoolBase):
         self.assertIn(srcdir, result.output)
         self.assertIn(recipefile, result.output)
         checkvars = {}
-        checkvars['LICENSE'] = 'GPLv2'
+        checkvars['LICENSE'] = 'GPL-2.0-only'
         checkvars['LIC_FILES_CHKSUM'] = 'file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263'
-        checkvars['S'] = '${WORKDIR}/git'
-        checkvars['PV'] = '0.1+git${SRCPV}'
-        checkvars['SRC_URI'] = 'git://git.yoctoproject.org/git/dbus-wait;protocol=https'
+        checkvars['S'] = None
+        checkvars['PV'] = '0.1+git'
+        checkvars['SRC_URI'] = 'git://git.yoctoproject.org/git/dbus-wait;protocol=https;branch=master'
         checkvars['SRCREV'] = srcrev
         checkvars['DEPENDS'] = set(['dbus'])
         self._test_recipe_contents(recipefile, checkvars, [])
 
+    def test_devtool_add_git_style1(self):
+        version = 'v3.1.0'
+        pn = 'mbedtls'
+        # this will trigger reformat_git_uri with branch parameter in url
+        git_url = "'git://git@github.com/ARMmbed/mbedtls.git;branch=mbedtls-2.28;protocol=https'"
+        resulting_src_uri = "git://git@github.com/ARMmbed/mbedtls.git;branch=mbedtls-2.28;protocol=https"
+        self._test_devtool_add_git_url(git_url, version, pn, resulting_src_uri)
+
+    def test_devtool_add_git_style2(self):
+        version = 'v3.1.0'
+        srcrev = 'v3.1.0'
+        pn = 'mbedtls'
+        # this will trigger reformat_git_uri with branch parameter in url
+        git_url = "'git://git@github.com/ARMmbed/mbedtls.git;protocol=https'"
+        resulting_src_uri = "git://git@github.com/ARMmbed/mbedtls.git;protocol=https;branch=master"
+        self._test_devtool_add_git_url(git_url, version, pn, resulting_src_uri, srcrev)
+
     def test_devtool_add_library(self):
         # Fetch source
         tempdir = tempfile.mkdtemp(prefix='devtoolqa')
@@ -373,7 +511,7 @@ class DevtoolAddTests(DevtoolBase):
         recipefile = '%s/recipes/libftdi/libftdi_%s.bb' % (self.workspacedir, version)
         result = runCmd('recipetool setvar %s EXTRA_OECMAKE -- \'-DPYTHON_BINDINGS=OFF -DLIBFTDI_CMAKE_CONFIG_DIR=${datadir}/cmake/Modules\'' % recipefile)
         with open(recipefile, 'a') as f:
-            f.write('\nFILES_${PN}-dev += "${datadir}/cmake/Modules"\n')
+            f.write('\nFILES:${PN}-dev += "${datadir}/cmake/Modules"\n')
             # We don't have the ability to pick up this dependency automatically yet...
             f.write('\nDEPENDS += "libusb1"\n')
             f.write('\nTESTLIBOUTPUT = "${COMPONENTS_DIR}/${TUNE_PKGARCH}/${PN}/${libdir}"\n')
@@ -405,7 +543,7 @@ class DevtoolAddTests(DevtoolBase):
         self.track_for_cleanup(self.workspacedir)
         self.add_command_to_tearDown('bitbake -c cleansstate %s' % testrecipe)
         self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
-        result = runCmd('devtool add %s %s -f %s' % (testrecipe, srcdir, url))
+        result = runCmd('devtool add --no-pypi %s %s -f %s' % (testrecipe, srcdir, url))
         self.assertExists(os.path.join(self.workspacedir, 'conf', 'layer.conf'), 'Workspace directory not created. %s' % result.output)
         self.assertTrue(os.path.isfile(os.path.join(srcdir, 'setup.py')), 'Unable to find setup.py in source directory')
         self.assertTrue(os.path.isdir(os.path.join(srcdir, '.git')), 'git repository for external source tree was not created')
@@ -417,14 +555,14 @@ class DevtoolAddTests(DevtoolBase):
         recipefile = get_bb_var('FILE', testrecipe)
         self.assertIn('%s_%s.bb' % (testrecipe, testver), recipefile, 'Recipe file incorrectly named')
         checkvars = {}
-        checkvars['S'] = '${WORKDIR}/MarkupSafe-${PV}'
+        checkvars['S'] = '${UNPACKDIR}/MarkupSafe-${PV}'
         checkvars['SRC_URI'] = url.replace(testver, '${PV}')
         self._test_recipe_contents(recipefile, checkvars, [])
         # Try with version specified
         result = runCmd('devtool reset -n %s' % testrecipe)
         shutil.rmtree(srcdir)
         fakever = '1.9'
-        result = runCmd('devtool add %s %s -f %s -V %s' % (testrecipe, srcdir, url, fakever))
+        result = runCmd('devtool add --no-pypi %s %s -f %s -V %s' % (testrecipe, srcdir, url, fakever))
         self.assertTrue(os.path.isfile(os.path.join(srcdir, 'setup.py')), 'Unable to find setup.py in source directory')
         # Test devtool status
         result = runCmd('devtool status')
@@ -434,7 +572,7 @@ class DevtoolAddTests(DevtoolBase):
         recipefile = get_bb_var('FILE', testrecipe)
         self.assertIn('%s_%s.bb' % (testrecipe, fakever), recipefile, 'Recipe file incorrectly named')
         checkvars = {}
-        checkvars['S'] = '${WORKDIR}/MarkupSafe-%s' % testver
+        checkvars['S'] = '${UNPACKDIR}/MarkupSafe-%s' % testver
         checkvars['SRC_URI'] = url
         self._test_recipe_contents(recipefile, checkvars, [])
 
@@ -442,6 +580,7 @@ class DevtoolAddTests(DevtoolBase):
         tempdir = tempfile.mkdtemp(prefix='devtoolqa')
         self.track_for_cleanup(tempdir)
         url = 'gitsm://git.yoctoproject.org/mraa'
+        url_branch = '%s;branch=master' % url
         checkrev = 'ae127b19a50aa54255e4330ccfdd9a5d058e581d'
         testrecipe = 'mraa'
         srcdir = os.path.join(tempdir, testrecipe)
@@ -460,9 +599,9 @@ class DevtoolAddTests(DevtoolBase):
         recipefile = get_bb_var('FILE', testrecipe)
         self.assertIn('_git.bb', recipefile, 'Recipe file incorrectly named')
         checkvars = {}
-        checkvars['S'] = '${WORKDIR}/git'
-        checkvars['PV'] = '1.0+git${SRCPV}'
-        checkvars['SRC_URI'] = url
+        checkvars['S'] = None
+        checkvars['PV'] = '1.0+git'
+        checkvars['SRC_URI'] = url_branch
         checkvars['SRCREV'] = '${AUTOREV}'
         self._test_recipe_contents(recipefile, checkvars, [])
         # Try with revision and version specified
@@ -479,9 +618,9 @@ class DevtoolAddTests(DevtoolBase):
         recipefile = get_bb_var('FILE', testrecipe)
         self.assertIn('_git.bb', recipefile, 'Recipe file incorrectly named')
         checkvars = {}
-        checkvars['S'] = '${WORKDIR}/git'
-        checkvars['PV'] = '1.5+git${SRCPV}'
-        checkvars['SRC_URI'] = url
+        checkvars['S'] = None
+        checkvars['PV'] = '1.5+git'
+        checkvars['SRC_URI'] = url_branch
         checkvars['SRCREV'] = checkrev
         self._test_recipe_contents(recipefile, checkvars, [])
 
@@ -504,7 +643,7 @@ class DevtoolAddTests(DevtoolBase):
         result = runCmd('devtool status')
         self.assertIn(testrecipe, result.output)
         self.assertIn(srcdir, result.output)
-        # Check recipe
+        # Check recipedevtool add
         recipefile = get_bb_var('FILE', testrecipe)
         self.assertIn('%s_%s.bb' % (testrecipe, testver), recipefile, 'Recipe file incorrectly named')
         checkvars = {}
@@ -536,6 +675,19 @@ class DevtoolAddTests(DevtoolBase):
         # Test devtool build
         result = runCmd('devtool build %s' % pn)
 
+    def test_devtool_add_python_egg_requires(self):
+        # Fetch source
+        tempdir = tempfile.mkdtemp(prefix='devtoolqa')
+        self.track_for_cleanup(tempdir)
+        testver = '0.14.0'
+        url = 'https://files.pythonhosted.org/packages/e9/9e/25d59f5043cf763833b2581c8027fa92342c4cf8ee523b498ecdf460c16d/uvicorn-%s.tar.gz' % testver
+        testrecipe = 'python3-uvicorn'
+        srcdir = os.path.join(tempdir, testrecipe)
+        # Test devtool add
+        self.track_for_cleanup(self.workspacedir)
+        self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
+        result = runCmd('devtool add %s %s -f %s' % (testrecipe, srcdir, url))
+
 class DevtoolModifyTests(DevtoolBase):
 
     def test_devtool_modify(self):
@@ -595,6 +747,25 @@ class DevtoolModifyTests(DevtoolBase):
         result = runCmd('devtool status')
         self.assertNotIn('mdadm', result.output)
 
+    def test_devtool_modify_go(self):
+        import oe.path
+        from tempfile import TemporaryDirectory
+        with TemporaryDirectory(prefix='devtoolqa') as tempdir:
+            self.track_for_cleanup(self.workspacedir)
+            self.add_command_to_tearDown('bitbake -c clean go-helloworld')
+            self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
+            result = runCmd('devtool modify go-helloworld -x %s' % tempdir)
+            self.assertExists(
+                oe.path.join(tempdir, 'src', 'golang.org', 'x', 'example', 'go.mod'),
+                             'Extracted source could not be found'
+            )
+            self.assertExists(
+                oe.path.join(self.workspacedir, 'conf', 'layer.conf'),
+                'Workspace directory not created'
+            )
+            matches = glob.glob(oe.path.join(self.workspacedir, 'appends', 'go-helloworld_*.bbappend'))
+            self.assertTrue(matches, 'bbappend not created %s' % result.output)
+
     def test_devtool_buildclean(self):
         def assertFile(path, *paths):
             f = os.path.join(path, *paths)
@@ -649,7 +820,7 @@ class DevtoolModifyTests(DevtoolBase):
         self.track_for_cleanup(self.workspacedir)
         self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
 
-        testrecipes = 'perf kernel-devsrc package-index core-image-minimal meta-toolchain packagegroup-core-sdk meta-ide-support'.split()
+        testrecipes = 'perf kernel-devsrc package-index core-image-minimal meta-toolchain packagegroup-core-sdk'.split()
         # Find actual name of gcc-source since it now includes the version - crude, but good enough for this purpose
         result = runCmd('bitbake-layers show-recipes gcc-source*')
         for line in result.output.splitlines():
@@ -697,6 +868,7 @@ class DevtoolModifyTests(DevtoolBase):
 
         self.assertTrue(bbclassextended, 'None of these recipes are BBCLASSEXTENDed to native - need to adjust testrecipes list: %s' % ', '.join(testrecipes))
         self.assertTrue(inheritnative, 'None of these recipes do "inherit native" - need to adjust testrecipes list: %s' % ', '.join(testrecipes))
+
     def test_devtool_modify_localfiles_only(self):
         # Check preconditions
         testrecipe = 'base-files'
@@ -720,13 +892,8 @@ class DevtoolModifyTests(DevtoolBase):
         self.add_command_to_tearDown('bitbake -c clean %s' % testrecipe)
         self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
         result = runCmd('devtool modify %s -x %s' % (testrecipe, tempdir))
-        srcfile = os.path.join(tempdir, 'oe-local-files/share/dot.bashrc')
-        srclink = os.path.join(tempdir, 'share/dot.bashrc')
+        srcfile = os.path.join(tempdir, 'share/dot.bashrc')
         self.assertExists(srcfile, 'Extracted source could not be found')
-        if os.path.islink(srclink) and os.path.exists(srclink) and os.path.samefile(srcfile, srclink):
-            correct_symlink = True
-        self.assertTrue(correct_symlink, 'Source symlink to oe-local-files is broken')
-
         matches = glob.glob(os.path.join(self.workspacedir, 'appends', '%s_*.bbappend' % testrecipe))
         self.assertTrue(matches, 'bbappend not created')
         # Test devtool status
@@ -763,6 +930,122 @@ class DevtoolModifyTests(DevtoolBase):
         # Try building
         bitbake(testrecipe)
 
+    def test_devtool_modify_git_no_extract(self):
+        # Check preconditions
+        testrecipe = 'psplash'
+        src_uri = get_bb_var('SRC_URI', testrecipe)
+        self.assertIn('git://', src_uri, 'This test expects the %s recipe to be a git recipe' % testrecipe)
+        # Clean up anything in the workdir/sysroot/sstate cache
+        bitbake('%s -c cleansstate' % testrecipe)
+        # Try modifying a recipe
+        tempdir = tempfile.mkdtemp(prefix='devtoolqa')
+        self.track_for_cleanup(tempdir)
+        self.track_for_cleanup(self.workspacedir)
+        self.add_command_to_tearDown('bitbake -c clean %s' % testrecipe)
+        self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
+        result = runCmd('git clone https://git.yoctoproject.org/psplash %s && devtool modify -n %s %s' % (tempdir, testrecipe, tempdir))
+        self.assertExists(os.path.join(self.workspacedir, 'conf', 'layer.conf'), 'Workspace directory not created. devtool output: %s' % result.output)
+        matches = glob.glob(os.path.join(self.workspacedir, 'appends', 'psplash_*.bbappend'))
+        self.assertTrue(matches, 'bbappend not created')
+        # Test devtool status
+        result = runCmd('devtool status')
+        self.assertIn(testrecipe, result.output)
+        self.assertIn(tempdir, result.output)
+
+    def test_devtool_modify_git_crates_subpath(self):
+        # This tests two things in devtool context:
+        #   - that we support local git dependencies for cargo based recipe
+        #   - that we support patches in SRC_URI when git url contains subpath parameter
+
+        # Check preconditions:
+        #    recipe inherits cargo
+        #    git:// uri with a subpath as the main package
+        #    some crate:// in SRC_URI
+        #    others git:// in SRC_URI
+        #    cointains a patch
+        testrecipe = 'hello-rs'
+        bb_vars = get_bb_vars(['SRC_URI', 'FILE', 'UNPACKDIR', 'CARGO_HOME'], testrecipe)
+        recipefile = bb_vars['FILE']
+        unpackdir = bb_vars['UNPACKDIR']
+        cargo_home = bb_vars['CARGO_HOME']
+        src_uri = bb_vars['SRC_URI'].split()
+        self.assertTrue(src_uri[0].startswith('git://'),
+                        'This test expects the %s recipe to have a git repo has its main uri' % testrecipe)
+        self.assertIn(';subpath=', src_uri[0],
+                      'This test expects the %s recipe to have a git uri with subpath' % testrecipe)
+        self.assertTrue(any([uri.startswith('crate://') for uri in src_uri]),
+                        'This test expects the %s recipe to have some crates in its src uris' % testrecipe)
+        self.assertGreaterEqual(sum(map(lambda x:x.startswith('git://'), src_uri)), 2,
+                           'This test expects the %s recipe to have several git:// uris' % testrecipe)
+        self.assertTrue(any([uri.startswith('file://') and '.patch' in uri for uri in src_uri]),
+                        'This test expects the %s recipe to have a patch in its src uris' % testrecipe)
+
+        self._test_recipe_contents(recipefile, {}, ['ptest-cargo'])
+
+        # Clean up anything in the workdir/sysroot/sstate cache
+        bitbake('%s -c cleansstate' % testrecipe)
+        # Try modifying a recipe
+        tempdir = tempfile.mkdtemp(prefix='devtoolqa')
+        self.track_for_cleanup(tempdir)
+        self.track_for_cleanup(self.workspacedir)
+        self.add_command_to_tearDown('bitbake -c clean %s' % testrecipe)
+        self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
+        result = runCmd('devtool modify %s -x %s' % (testrecipe, tempdir))
+        self.assertExists(os.path.join(tempdir, 'Cargo.toml'), 'Extracted source could not be found')
+        self.assertExists(os.path.join(self.workspacedir, 'conf', 'layer.conf'), 'Workspace directory not created. devtool output: %s' % result.output)
+        matches = glob.glob(os.path.join(self.workspacedir, 'appends', '%s_*.bbappend' % testrecipe))
+        self.assertTrue(matches, 'bbappend not created')
+        # Test devtool status
+        result = runCmd('devtool status')
+        self.assertIn(testrecipe, result.output)
+        self.assertIn(tempdir, result.output)
+        # Check git repo
+        self._check_src_repo(tempdir)
+        # Check that the patch is correctly applied.
+        # The last commit message in the tree must contain the following note:
+        # Notes (devtool):
+        #     original patch: <patchname>
+        # ..
+        patchname = None
+        for uri in src_uri:
+            if uri.startswith('file://') and '.patch' in uri:
+                patchname = uri.replace("file://", "").partition('.patch')[0] + '.patch'
+        self.assertIsNotNone(patchname)
+        result = runCmd('git -C %s log -1' % tempdir)
+        self.assertIn("Notes (devtool):\n    original patch: %s" % patchname, result.output)
+
+        # Configure the recipe to check that the git dependencies are correctly patched in cargo config
+        bitbake('-c configure %s' % testrecipe)
+
+        cargo_config_path = os.path.join(cargo_home, 'config.toml')
+        with open(cargo_config_path, "r") as f:
+            cargo_config_contents = [line.strip('\n') for line in f.readlines()]
+
+        # Get back git dependencies of the recipe (ignoring the main one)
+        # and check that they are all correctly patched to be fetched locally
+        git_deps = [uri for uri in src_uri if uri.startswith("git://")][1:]
+        for git_dep in git_deps:
+            raw_url, _, raw_parms = git_dep.partition(";")
+            parms = {}
+            for parm in raw_parms.split(";"):
+                name_parm, _, value_parm = parm.partition('=')
+                parms[name_parm]=value_parm
+            self.assertIn('protocol', parms, 'git dependencies uri should contain the "protocol" parameter')
+            self.assertIn('name', parms, 'git dependencies uri should contain the "name" parameter')
+            self.assertIn('destsuffix', parms, 'git dependencies uri should contain the "destsuffix" parameter')
+            self.assertIn('type', parms, 'git dependencies uri should contain the "type" parameter')
+            self.assertEqual(parms['type'], 'git-dependency', 'git dependencies uri should have "type=git-dependency"')
+            raw_url = raw_url.replace("git://", '%s://' % parms['protocol'])
+            patch_line = '[patch."%s"]' % raw_url
+            path_patched = os.path.join(unpackdir, parms['destsuffix'])
+            path_override_line = '%s = { path = "%s" }' % (parms['name'], path_patched)
+            # Would have been better to use tomllib to read this file :/
+            self.assertIn(patch_line, cargo_config_contents)
+            self.assertIn(path_override_line, cargo_config_contents)
+
+        # Try to package the recipe
+        bitbake('-c package_qa %s' % testrecipe)
+
     def test_devtool_modify_localfiles(self):
         # Check preconditions
         testrecipe = 'lighttpd'
@@ -828,12 +1111,43 @@ class DevtoolModifyTests(DevtoolBase):
             runCmd('git -C %s checkout %s' % (tempdir, branch))
             with open(source, "rt") as f:
                 content = f.read()
-            self.assertEquals(content, expected)
-        check('devtool', 'This is a test for something\n')
+            self.assertEqual(content, expected)
+        if self.td["MACHINE"] == "qemux86":
+            check('devtool', 'This is a test for qemux86\n')
+        elif self.td["MACHINE"] == "qemuarm":
+            check('devtool', 'This is a test for qemuarm\n')
+        else:
+            check('devtool', 'This is a test for something\n')
         check('devtool-no-overrides', 'This is a test for something\n')
         check('devtool-override-qemuarm', 'This is a test for qemuarm\n')
         check('devtool-override-qemux86', 'This is a test for qemux86\n')
 
+    def test_devtool_modify_multiple_sources(self):
+        # This test check that recipes fetching several sources can be used with devtool modify/build
+        # Check preconditions
+        testrecipe = 'bzip2'
+        src_uri = get_bb_var('SRC_URI', testrecipe)
+        src1 = 'https://' in src_uri
+        src2 = 'git://' in src_uri
+        self.assertTrue(src1 and src2, 'This test expects the %s recipe to fetch both a git source and a tarball and it seems that it no longer does' % testrecipe)
+        # Clean up anything in the workdir/sysroot/sstate cache
+        bitbake('%s -c cleansstate' % testrecipe)
+        # Try modifying a recipe
+        tempdir = tempfile.mkdtemp(prefix='devtoolqa')
+        self.track_for_cleanup(tempdir)
+        self.track_for_cleanup(self.workspacedir)
+        self.add_command_to_tearDown('bitbake -c clean %s' % testrecipe)
+        self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
+        result = runCmd('devtool modify %s -x %s' % (testrecipe, tempdir))
+        self.assertEqual(result.status, 0, "Could not modify recipe %s. Output: %s" % (testrecipe, result.output))
+        # Test devtool status
+        result = runCmd('devtool status')
+        self.assertIn(testrecipe, result.output)
+        self.assertIn(tempdir, result.output)
+        # Try building
+        result = bitbake(testrecipe)
+        self.assertEqual(result.status, 0, "Bitbake failed, exit code %s, output %s" % (result.status, result.output))
+
 class DevtoolUpdateTests(DevtoolBase):
 
     def test_devtool_update_recipe(self):
@@ -861,16 +1175,20 @@ class DevtoolUpdateTests(DevtoolBase):
         result = runCmd('echo "A new file" > devtool-new-file', cwd=tempdir)
         result = runCmd('git add devtool-new-file', cwd=tempdir)
         result = runCmd('git commit -m "Add a new file"', cwd=tempdir)
-        self.add_command_to_tearDown('cd %s; rm %s/*.patch; git checkout %s %s' % (os.path.dirname(recipefile), testrecipe, testrecipe, os.path.basename(recipefile)))
+        cleanup_cmd = 'cd %s; rm %s/*.patch; git add %s; git checkout %s' % (os.path.dirname(recipefile), testrecipe, testrecipe, os.path.basename(recipefile))
+        self.add_command_to_tearDown(cleanup_cmd)
         result = runCmd('devtool update-recipe %s' % testrecipe)
+        result = runCmd('git add minicom', cwd=os.path.dirname(recipefile))
         expected_status = [(' M', '.*/%s$' % os.path.basename(recipefile)),
-                           ('??', '.*/0001-Change-the-README.patch$'),
-                           ('??', '.*/0002-Add-a-new-file.patch$')]
+                           ('A ', '.*/0001-Change-the-README.patch$'),
+                           ('A ', '.*/0002-Add-a-new-file.patch$')]
         self._check_repo_status(os.path.dirname(recipefile), expected_status)
+        result = runCmd(cleanup_cmd)
+        self._check_repo_status(os.path.dirname(recipefile), [])
 
     def test_devtool_update_recipe_git(self):
         # Check preconditions
-        testrecipe = 'mtd-utils'
+        testrecipe = 'mtd-utils-selftest'
         bb_vars = get_bb_vars(['FILE', 'SRC_URI'], testrecipe)
         recipefile = bb_vars['FILE']
         src_uri = bb_vars['SRC_URI']
@@ -904,28 +1222,12 @@ class DevtoolUpdateTests(DevtoolBase):
         self._check_repo_status(os.path.dirname(recipefile), expected_status)
 
         result = runCmd('git diff %s' % os.path.basename(recipefile), cwd=os.path.dirname(recipefile))
-        addlines = ['SRCREV = ".*"', 'SRC_URI = "git://git.infradead.org/mtd-utils.git"']
+        addlines = ['SRCREV = ".*"', 'SRC_URI = "git://git.infradead.org/mtd-utils.git;branch=master"']
         srcurilines = src_uri.split()
         srcurilines[0] = 'SRC_URI = "' + srcurilines[0]
         srcurilines.append('"')
         removelines = ['SRCREV = ".*"'] + srcurilines
-        for line in result.output.splitlines():
-            if line.startswith('+++') or line.startswith('---'):
-                continue
-            elif line.startswith('+'):
-                matched = False
-                for item in addlines:
-                    if re.match(item, line[1:].strip()):
-                        matched = True
-                        break
-                self.assertTrue(matched, 'Unexpected diff add line: %s' % line)
-            elif line.startswith('-'):
-                matched = False
-                for item in removelines:
-                    if re.match(item, line[1:].strip()):
-                        matched = True
-                        break
-                self.assertTrue(matched, 'Unexpected diff remove line: %s' % line)
+        self._check_diff(result.output, addlines, removelines)
         # Now try with auto mode
         runCmd('cd %s; git checkout %s %s' % (os.path.dirname(recipefile), testrecipe, os.path.basename(recipefile)))
         result = runCmd('devtool update-recipe %s' % testrecipe)
@@ -939,7 +1241,7 @@ class DevtoolUpdateTests(DevtoolBase):
 
     def test_devtool_update_recipe_append(self):
         # Check preconditions
-        testrecipe = 'mdadm'
+        testrecipe = 'minicom'
         bb_vars = get_bb_vars(['FILE', 'SRC_URI'], testrecipe)
         recipefile = bb_vars['FILE']
         src_uri = bb_vars['SRC_URI']
@@ -957,7 +1259,7 @@ class DevtoolUpdateTests(DevtoolBase):
         # Check git repo
         self._check_src_repo(tempsrcdir)
         # Add a commit
-        result = runCmd("sed 's!\\(#define VERSION\\W*\"[^\"]*\\)\"!\\1-custom\"!' -i ReadMe.c", cwd=tempsrcdir)
+        result = runCmd('echo "Additional line" >> README', cwd=tempsrcdir)
         result = runCmd('git commit -a -m "Add our custom version"', cwd=tempsrcdir)
         self.add_command_to_tearDown('cd %s; rm -f %s/*.patch; git checkout .' % (os.path.dirname(recipefile), testrecipe))
         # Create a temporary layer and add it to bblayers.conf
@@ -975,7 +1277,7 @@ class DevtoolUpdateTests(DevtoolBase):
         self.assertExists(patchfile, 'Patch file not created')
 
         # Check bbappend contents
-        expectedlines = ['FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"\n',
+        expectedlines = ['FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"\n',
                          '\n',
                          'SRC_URI += "file://0001-Add-our-custom-version.patch"\n',
                          '\n']
@@ -987,15 +1289,16 @@ class DevtoolUpdateTests(DevtoolBase):
         with open(bbappendfile, 'r') as f:
             self.assertEqual(expectedlines, f.readlines())
         # Drop new commit and check patch gets deleted
-        result = runCmd('git reset HEAD^', cwd=tempsrcdir)
+        result = runCmd('git reset HEAD^ --hard', cwd=tempsrcdir)
         result = runCmd('devtool update-recipe %s -a %s' % (testrecipe, templayerdir))
         self.assertNotExists(patchfile, 'Patch file not deleted')
-        expectedlines2 = ['FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"\n',
+        expectedlines2 = ['FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"\n',
                          '\n']
         with open(bbappendfile, 'r') as f:
             self.assertEqual(expectedlines2, f.readlines())
         # Put commit back and check we can run it if layer isn't in bblayers.conf
         os.remove(bbappendfile)
+        result = runCmd('echo "Additional line" >> README', cwd=tempsrcdir)
         result = runCmd('git commit -a -m "Add our custom version"', cwd=tempsrcdir)
         result = runCmd('bitbake-layers remove-layer %s' % templayerdir, cwd=self.builddir)
         result = runCmd('devtool update-recipe %s -a %s' % (testrecipe, templayerdir))
@@ -1007,10 +1310,11 @@ class DevtoolUpdateTests(DevtoolBase):
 
     def test_devtool_update_recipe_append_git(self):
         # Check preconditions
-        testrecipe = 'mtd-utils'
-        bb_vars = get_bb_vars(['FILE', 'SRC_URI'], testrecipe)
+        testrecipe = 'mtd-utils-selftest'
+        bb_vars = get_bb_vars(['FILE', 'SRC_URI', 'LAYERSERIES_CORENAMES'], testrecipe)
         recipefile = bb_vars['FILE']
         src_uri = bb_vars['SRC_URI']
+        corenames = bb_vars['LAYERSERIES_CORENAMES']
         self.assertIn('git://', src_uri, 'This test expects the %s recipe to be a git recipe' % testrecipe)
         for entry in src_uri.split():
             if entry.startswith('git://'):
@@ -1041,7 +1345,7 @@ class DevtoolUpdateTests(DevtoolBase):
             f.write('BBFILE_PATTERN_oeselftesttemplayer = "^${LAYERDIR}/"\n')
             f.write('BBFILE_PRIORITY_oeselftesttemplayer = "999"\n')
             f.write('BBFILE_PATTERN_IGNORE_EMPTY_oeselftesttemplayer = "1"\n')
-            f.write('LAYERSERIES_COMPAT_oeselftesttemplayer = "${LAYERSERIES_COMPAT_core}"\n')
+            f.write('LAYERSERIES_COMPAT_oeselftesttemplayer = "%s"\n' % corenames)
         self.add_command_to_tearDown('bitbake-layers remove-layer %s || true' % templayerdir)
         result = runCmd('bitbake-layers add-layer %s' % templayerdir, cwd=self.builddir)
         # Create the bbappend
@@ -1069,7 +1373,7 @@ class DevtoolUpdateTests(DevtoolBase):
         with open(bbappendfile, 'r') as f:
             self.assertEqual(expectedlines, set(f.readlines()))
         # Drop new commit and check SRCREV changes
-        result = runCmd('git reset HEAD^', cwd=tempsrcdir)
+        result = runCmd('git reset HEAD^ --hard', cwd=tempsrcdir)
         result = runCmd('devtool update-recipe -m srcrev %s -a %s' % (testrecipe, templayerdir))
         self.assertNotExists(os.path.join(appenddir, testrecipe), 'Patch directory should not be created')
         result = runCmd('git rev-parse HEAD', cwd=tempsrcdir)
@@ -1081,6 +1385,7 @@ class DevtoolUpdateTests(DevtoolBase):
             self.assertEqual(expectedlines, set(f.readlines()))
         # Put commit back and check we can run it if layer isn't in bblayers.conf
         os.remove(bbappendfile)
+        result = runCmd('echo "# Additional line" >> Makefile.am', cwd=tempsrcdir)
         result = runCmd('git commit -a -m "Change the Makefile"', cwd=tempsrcdir)
         result = runCmd('bitbake-layers remove-layer %s' % templayerdir, cwd=self.builddir)
         result = runCmd('devtool update-recipe -m srcrev %s -a %s' % (testrecipe, templayerdir))
@@ -1112,22 +1417,39 @@ class DevtoolUpdateTests(DevtoolBase):
         # Try building just to ensure we haven't broken that
         bitbake("%s" % testrecipe)
         # Edit / commit local source
-        runCmd('echo "/* Foobar */" >> oe-local-files/makedevs.c', cwd=tempdir)
-        runCmd('echo "Foo" > oe-local-files/new-local', cwd=tempdir)
+        runCmd('echo "/* Foobar */" >> makedevs.c', cwd=tempdir)
+        runCmd('echo "Foo" > new-local', cwd=tempdir)
         runCmd('echo "Bar" > new-file', cwd=tempdir)
         runCmd('git add new-file', cwd=tempdir)
         runCmd('git commit -m "Add new file"', cwd=tempdir)
-        self.add_command_to_tearDown('cd %s; git clean -fd .; git checkout .' %
-                                     os.path.dirname(recipefile))
+        runCmd('git add new-local', cwd=tempdir)
         runCmd('devtool update-recipe %s' % testrecipe)
         expected_status = [(' M', '.*/%s$' % os.path.basename(recipefile)),
                            (' M', '.*/makedevs/makedevs.c$'),
                            ('??', '.*/makedevs/new-local$'),
                            ('??', '.*/makedevs/0001-Add-new-file.patch$')]
         self._check_repo_status(os.path.dirname(recipefile), expected_status)
-
-    def test_devtool_update_recipe_local_files_2(self):
-        """Check local source files support when oe-local-files is in Git"""
+        # Now try to update recipe in another layer, so first, clean it
+        runCmd('cd %s; git clean -fd .; git checkout .' % os.path.dirname(recipefile))
+        # Create a temporary layer and add it to bblayers.conf
+        self._create_temp_layer(templayerdir, True, 'templayer')
+        # Update recipe in templayer
+        result = runCmd('devtool update-recipe %s -a %s' % (testrecipe, templayerdir))
+        self.assertNotIn('WARNING:', result.output)
+        # Check recipe is still clean
+        self._check_repo_status(os.path.dirname(recipefile), [])
+        splitpath = os.path.dirname(recipefile).split(os.sep)
+        appenddir = os.path.join(templayerdir, splitpath[-2], splitpath[-1])
+        bbappendfile = self._check_bbappend(testrecipe, recipefile, appenddir)
+        patchfile = os.path.join(appenddir, testrecipe, '0001-Add-new-file.patch')
+        new_local_file = os.path.join(appenddir, testrecipe, 'new_local')
+        local_file = os.path.join(appenddir, testrecipe, 'makedevs.c')
+        self.assertExists(patchfile, 'Patch file 0001-Add-new-file.patch not created')
+        self.assertExists(local_file, 'File makedevs.c not created')
+        self.assertExists(patchfile, 'File new_local not created')
+
+    def _test_devtool_update_recipe_local_files_2(self):
+        """Check local source files support when editing local files in Git"""
         testrecipe = 'devtool-test-local'
         recipefile = get_bb_var('FILE', testrecipe)
         recipedir = os.path.dirname(recipefile)
@@ -1142,17 +1464,13 @@ class DevtoolUpdateTests(DevtoolBase):
         result = runCmd('devtool modify %s -x %s' % (testrecipe, tempdir))
         # Check git repo
         self._check_src_repo(tempdir)
-        # Add oe-local-files to Git
-        runCmd('rm oe-local-files/.gitignore', cwd=tempdir)
-        runCmd('git add oe-local-files', cwd=tempdir)
-        runCmd('git commit -m "Add local sources"', cwd=tempdir)
         # Edit / commit local sources
-        runCmd('echo "# Foobar" >> oe-local-files/file1', cwd=tempdir)
+        runCmd('echo "# Foobar" >> file1', cwd=tempdir)
         runCmd('git commit -am "Edit existing file"', cwd=tempdir)
-        runCmd('git rm oe-local-files/file2', cwd=tempdir)
+        runCmd('git rm file2', cwd=tempdir)
         runCmd('git commit -m"Remove file"', cwd=tempdir)
-        runCmd('echo "Foo" > oe-local-files/new-local', cwd=tempdir)
-        runCmd('git add oe-local-files/new-local', cwd=tempdir)
+        runCmd('echo "Foo" > new-local', cwd=tempdir)
+        runCmd('git add new-local', cwd=tempdir)
         runCmd('git commit -m "Add new local file"', cwd=tempdir)
         runCmd('echo "Gar" > new-file', cwd=tempdir)
         runCmd('git add new-file', cwd=tempdir)
@@ -1161,7 +1479,7 @@ class DevtoolUpdateTests(DevtoolBase):
                                      os.path.dirname(recipefile))
         # Checkout unmodified file to working copy -> devtool should still pick
         # the modified version from HEAD
-        runCmd('git checkout HEAD^ -- oe-local-files/file1', cwd=tempdir)
+        runCmd('git checkout HEAD^ -- file1', cwd=tempdir)
         runCmd('devtool update-recipe %s' % testrecipe)
         expected_status = [(' M', '.*/%s$' % os.path.basename(recipefile)),
                            (' M', '.*/file1$'),
@@ -1236,7 +1554,7 @@ class DevtoolUpdateTests(DevtoolBase):
         # (don't bother with cleaning the recipe on teardown, we won't be building it)
         result = runCmd('devtool modify %s' % testrecipe)
         # Modify one file
-        runCmd('echo "Another line" >> file2', cwd=os.path.join(self.workspacedir, 'sources', testrecipe, 'oe-local-files'))
+        runCmd('echo "Another line" >> file2', cwd=os.path.join(self.workspacedir, 'sources', testrecipe))
         self.add_command_to_tearDown('cd %s; rm %s/*; git checkout %s %s' % (os.path.dirname(recipefile), testrecipe, testrecipe, os.path.basename(recipefile)))
         result = runCmd('devtool update-recipe %s' % testrecipe)
         expected_status = [(' M', '.*/%s/file2$' % testrecipe)]
@@ -1259,7 +1577,7 @@ class DevtoolUpdateTests(DevtoolBase):
         # Modify one file
         srctree = os.path.join(self.workspacedir, 'sources', testrecipe)
         runCmd('echo "Another line" >> README', cwd=srctree)
-        runCmd('git commit -a --amend --no-edit', cwd=srctree)
+        runCmd('git commit -a --amend --no-edit --no-verify', cwd=srctree)
         self.add_command_to_tearDown('cd %s; rm %s/*; git checkout %s %s' % (os.path.dirname(recipefile), testrecipe, testrecipe, os.path.basename(recipefile)))
         result = runCmd('devtool update-recipe %s' % testrecipe)
         expected_status = [(' M', '.*/%s/readme.patch.gz$' % testrecipe)]
@@ -1295,6 +1613,121 @@ class DevtoolUpdateTests(DevtoolBase):
         expected_status = []
         self._check_repo_status(os.path.dirname(recipefile), expected_status)
 
+    def test_devtool_finish_modify_git_subdir(self):
+        # Check preconditions
+        testrecipe = 'dos2unix'
+        self.append_config('ERROR_QA:remove:pn-dos2unix = "patch-status"\n')
+        bb_vars = get_bb_vars(['SRC_URI', 'S', 'UNPACKDIR', 'FILE', 'BB_GIT_DEFAULT_DESTSUFFIX'], testrecipe)
+        self.assertIn('git://', bb_vars['SRC_URI'], 'This test expects the %s recipe to be a git recipe' % testrecipe)
+        unpackdir_git = '%s/%s/' % (bb_vars['UNPACKDIR'], bb_vars['BB_GIT_DEFAULT_DESTSUFFIX'])
+        if not bb_vars['S'].startswith(unpackdir_git):
+            self.fail('This test expects the %s recipe to be building from a subdirectory of the git repo' % testrecipe)
+        subdir = bb_vars['S'].split(unpackdir_git, 1)[1]
+        # Clean up anything in the workdir/sysroot/sstate cache
+        bitbake('%s -c cleansstate' % testrecipe)
+        # Try modifying a recipe
+        tempdir = tempfile.mkdtemp(prefix='devtoolqa')
+        self.track_for_cleanup(tempdir)
+        self.track_for_cleanup(self.workspacedir)
+        self.add_command_to_tearDown('bitbake -c clean %s' % testrecipe)
+        self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
+        result = runCmd('devtool modify %s -x %s' % (testrecipe, tempdir))
+        testsrcfile = os.path.join(tempdir, subdir, 'dos2unix.c')
+        self.assertExists(testsrcfile, 'Extracted source could not be found')
+        self.assertExists(os.path.join(self.workspacedir, 'conf', 'layer.conf'), 'Workspace directory not created. devtool output: %s' % result.output)
+        self.assertNotExists(os.path.join(tempdir, subdir, '.git'), 'Subdirectory has been initialised as a git repo')
+        # Check git repo
+        self._check_src_repo(tempdir)
+        # Modify file
+        runCmd("sed -i '1s:^:/* Add a comment */\\n:' %s" % testsrcfile)
+        result = runCmd('git commit -a -m "Add a comment"', cwd=tempdir)
+        # Now try updating original recipe
+        recipefile = bb_vars['FILE']
+        recipedir = os.path.dirname(recipefile)
+        self.add_command_to_tearDown('cd %s; rm -f %s/*.patch; git checkout .' % (recipedir, testrecipe))
+        result = runCmd('devtool update-recipe %s' % testrecipe)
+        expected_status = [(' M', '.*/%s$' % os.path.basename(recipefile)),
+                           ('??', '.*/%s/%s/$' % (testrecipe, testrecipe))]
+        self._check_repo_status(os.path.dirname(recipefile), expected_status)
+        result = runCmd('git diff %s' % os.path.basename(recipefile), cwd=os.path.dirname(recipefile))
+        removelines = ['SRC_URI = "git://.*"']
+        addlines = [
+            'SRC_URI = "git://.* \\\\',
+            'file://0001-Add-a-comment.patch;patchdir=.. \\\\',
+            '"'
+        ]
+        self._check_diff(result.output, addlines, removelines)
+        # Put things back so we can run devtool finish on a different layer
+        runCmd('cd %s; rm -f %s/*.patch; git checkout .' % (recipedir, testrecipe))
+        # Run devtool finish
+        res = re.search('recipes-.*', recipedir)
+        self.assertTrue(res, 'Unable to find recipe subdirectory')
+        recipesubdir = res[0]
+        self.add_command_to_tearDown('rm -rf %s' % os.path.join(self.testlayer_path, recipesubdir))
+        result = runCmd('devtool finish %s meta-selftest' % testrecipe)
+        # Check bbappend file contents
+        appendfn = os.path.join(self.testlayer_path, recipesubdir, '%s_%%.bbappend' % testrecipe)
+        with open(appendfn, 'r') as f:
+            appendlines = f.readlines()
+        expected_appendlines = [
+            'FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"\n',
+            '\n',
+            'SRC_URI += "file://0001-Add-a-comment.patch;patchdir=.."\n',
+            '\n'
+        ]
+        self.assertEqual(appendlines, expected_appendlines)
+        self.assertExists(os.path.join(os.path.dirname(appendfn), testrecipe, '0001-Add-a-comment.patch'))
+        # Try building
+        bitbake('%s -c patch' % testrecipe)
+
+    def test_devtool_git_submodules(self):
+        # This tests if we can add a patch in a git submodule and extract it properly using devtool finish
+        # Check preconditions
+        self.assertTrue(not os.path.exists(self.workspacedir), 'This test cannot be run with a workspace directory under the build directory')
+        self.track_for_cleanup(self.workspacedir)
+        recipe = 'vulkan-samples'
+        src_uri = get_bb_var('SRC_URI', recipe)
+        self.assertIn('gitsm://', src_uri, 'This test expects the %s recipe to be a git recipe with submodules' % recipe)
+        oldrecipefile = get_bb_var('FILE', recipe)
+        recipedir = os.path.dirname(oldrecipefile)
+        result = runCmd('git status --porcelain .', cwd=recipedir)
+        if result.output.strip():
+            self.fail('Recipe directory for %s contains uncommitted changes' % recipe)
+        self.assertIn('/meta/', recipedir)
+        tempdir = tempfile.mkdtemp(prefix='devtoolqa')
+        self.track_for_cleanup(tempdir)
+        self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
+        result = runCmd('devtool modify %s %s' % (recipe, tempdir))
+        self.assertExists(os.path.join(tempdir, 'CMakeLists.txt'), 'Extracted source could not be found')
+        # Test devtool status
+        result = runCmd('devtool status')
+        self.assertIn(recipe, result.output)
+        self.assertIn(tempdir, result.output)
+        # Modify a source file in a submodule, (grab the first one)
+        result = runCmd('git submodule --quiet foreach \'echo $sm_path\'', cwd=tempdir)
+        submodule = result.output.splitlines()[0]
+        submodule_path = os.path.join(tempdir, submodule)
+        runCmd('echo "#This is a first comment" >> testfile', cwd=submodule_path)
+        result = runCmd('git status --porcelain . ', cwd=submodule_path)
+        self.assertIn("testfile", result.output)
+        runCmd('git add testfile; git commit -m "Adding a new file"', cwd=submodule_path)
+
+        # Try finish to the original layer
+        self.add_command_to_tearDown('rm -rf %s ; cd %s ; git checkout %s' % (recipedir, os.path.dirname(recipedir), recipedir))
+        runCmd('devtool finish -f %s meta' % recipe)
+        result = runCmd('devtool status')
+        self.assertNotIn(recipe, result.output, 'Recipe should have been reset by finish but wasn\'t')
+        self.assertNotExists(os.path.join(self.workspacedir, 'recipes', recipe), 'Recipe directory should not exist after finish')
+        expected_status = [(' M', '.*/%s$' % os.path.basename(oldrecipefile)),
+                           ('??', '.*/.*-Adding-a-new-file.patch$')]
+        self._check_repo_status(recipedir, expected_status)
+        # Make sure the patch is added to the recipe with the correct "patchdir" option
+        result = runCmd('git diff .', cwd=recipedir)
+        addlines = [
+           'file://0001-Adding-a-new-file.patch;patchdir=%s \\\\' % submodule
+        ]
+        self._check_diff(result.output, addlines, [])
+
 class DevtoolExtractTests(DevtoolBase):
 
     def test_devtool_extract(self):
@@ -1317,6 +1750,8 @@ class DevtoolExtractTests(DevtoolBase):
         self.assertExists(os.path.join(tempdir, 'Makefile.am'), 'Extracted source could not be found')
         self._check_src_repo(tempdir)
 
+class DevtoolResetTests(DevtoolBase):
+
     def test_devtool_reset_all(self):
         tempdir = tempfile.mkdtemp(prefix='devtoolqa')
         self.track_for_cleanup(tempdir)
@@ -1343,33 +1778,30 @@ class DevtoolExtractTests(DevtoolBase):
         matches2 = glob.glob(stampprefix2 + '*')
         self.assertFalse(matches2, 'Stamp files exist for recipe %s that should have been cleaned' % testrecipe2)
 
+    def test_devtool_reset_re_plus_plus(self):
+        tempdir = tempfile.mkdtemp(prefix='devtoolqa')
+        self.track_for_cleanup(tempdir)
+        self.track_for_cleanup(self.workspacedir)
+        self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
+        testrecipe = 'devtool-test-reset-re++'
+        result = runCmd('devtool modify %s' % testrecipe)
+        result = runCmd('devtool reset -n %s' % testrecipe)
+        self.assertIn(testrecipe, result.output)
+        result = runCmd('devtool status')
+        self.assertNotIn(testrecipe, result.output)
+        self.assertNotExists(os.path.join(self.workspacedir, 'recipes', testrecipe), 'Recipe directory should not exist after resetting')
+
+class DevtoolDeployTargetTests(DevtoolBase):
+
+    @OETestTag("runqemu")
     def test_devtool_deploy_target(self):
-        # NOTE: Whilst this test would seemingly be better placed as a runtime test,
-        # unfortunately the runtime tests run under bitbake and you can't run
-        # devtool within bitbake (since devtool needs to run bitbake itself).
-        # Additionally we are testing build-time functionality as well, so
-        # really this has to be done as an oe-selftest test.
-        #
-        # Check preconditions
-        machine = get_bb_var('MACHINE')
-        if not machine.startswith('qemu'):
-            self.skipTest('This test only works with qemu machines')
-        if not os.path.exists('/etc/runqemu-nosudo'):
-            self.skipTest('You must set up tap devices with scripts/runqemu-gen-tapdevs before running this test')
-        result = runCmd('PATH="$PATH:/sbin:/usr/sbin" ip tuntap show', ignore_status=True)
-        if result.status != 0:
-            result = runCmd('PATH="$PATH:/sbin:/usr/sbin" ifconfig -a', ignore_status=True)
-            if result.status != 0:
-                self.skipTest('Failed to determine if tap devices exist with ifconfig or ip: %s' % result.output)
-        for line in result.output.splitlines():
-            if line.startswith('tap'):
-                break
-        else:
-            self.skipTest('No tap devices found - you must set up tap devices with scripts/runqemu-gen-tapdevs before running this test')
+        self._check_runqemu_prerequisites()
         self.assertTrue(not os.path.exists(self.workspacedir), 'This test cannot be run with a workspace directory under the build directory')
         # Definitions
         testrecipe = 'mdadm'
         testfile = '/sbin/mdadm'
+        if "usrmerge" in get_bb_var('DISTRO_FEATURES'):
+            testfile = '/usr/sbin/mdadm'
         testimage = 'oe-selftest-image'
         testcommand = '/sbin/mdadm --help'
         # Build an image to run
@@ -1397,36 +1829,41 @@ class DevtoolExtractTests(DevtoolBase):
         # Boot the image
         with runqemu(testimage) as qemu:
             # Now really test deploy-target
-            result = runCmd('devtool deploy-target -c %s root@%s' % (testrecipe, qemu.ip))
-            # Run a test command to see if it was installed properly
-            sshargs = '-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no'
-            result = runCmd('ssh %s root@%s %s' % (sshargs, qemu.ip, testcommand))
-            # Check if it deployed all of the files with the right ownership/perms
-            # First look on the host - need to do this under pseudo to get the correct ownership/perms
-            bb_vars = get_bb_vars(['D', 'FAKEROOTENV', 'FAKEROOTCMD'], testrecipe)
-            installdir = bb_vars['D']
-            fakerootenv = bb_vars['FAKEROOTENV']
-            fakerootcmd = bb_vars['FAKEROOTCMD']
-            result = runCmd('%s %s find . -type f -exec ls -l {} \\;' % (fakerootenv, fakerootcmd), cwd=installdir)
-            filelist1 = self._process_ls_output(result.output)
-
-            # Now look on the target
-            tempdir2 = tempfile.mkdtemp(prefix='devtoolqa')
-            self.track_for_cleanup(tempdir2)
-            tmpfilelist = os.path.join(tempdir2, 'files.txt')
-            with open(tmpfilelist, 'w') as f:
-                for line in filelist1:
-                    splitline = line.split()
-                    f.write(splitline[-1] + '\n')
-            result = runCmd('cat %s | ssh -q %s root@%s \'xargs ls -l\'' % (tmpfilelist, sshargs, qemu.ip))
-            filelist2 = self._process_ls_output(result.output)
-            filelist1.sort(key=lambda item: item.split()[-1])
-            filelist2.sort(key=lambda item: item.split()[-1])
-            self.assertEqual(filelist1, filelist2)
-            # Test undeploy-target
-            result = runCmd('devtool undeploy-target -c %s root@%s' % (testrecipe, qemu.ip))
-            result = runCmd('ssh %s root@%s %s' % (sshargs, qemu.ip, testcommand), ignore_status=True)
-            self.assertNotEqual(result, 0, 'undeploy-target did not remove command as it should have')
+            for extra_opt in ['', '--strip']:
+                deploy_cmd= 'devtool deploy-target -c %s root@%s %s' % (testrecipe, qemu.ip, extra_opt)
+                self.logger.debug(deploy_cmd)
+                result = runCmd(deploy_cmd)
+                # Run a test command to see if it was installed properly
+                sshargs = '-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no'
+                result = runCmd('ssh %s root@%s %s' % (sshargs, qemu.ip, testcommand))
+                # Check if it deployed all of the files with the right ownership/perms
+                # First look on the host - need to do this under pseudo to get the correct ownership/perms
+                bb_vars = get_bb_vars(['D', 'FAKEROOTENV', 'FAKEROOTCMD'], testrecipe)
+                installdir = bb_vars['D']
+                fakerootenv = bb_vars['FAKEROOTENV']
+                fakerootcmd = bb_vars['FAKEROOTCMD']
+                result = runCmd('%s %s find . -type f -exec ls -l {} \\;' % (fakerootenv, fakerootcmd), cwd=installdir)
+                filelist1 = self._process_ls_output(result.output)
+
+                # Now look on the target
+                tempdir2 = tempfile.mkdtemp(prefix='devtoolqa')
+                self.track_for_cleanup(tempdir2)
+                tmpfilelist = os.path.join(tempdir2, 'files.txt')
+                with open(tmpfilelist, 'w') as f:
+                    for line in filelist1:
+                        splitline = line.split()
+                        f.write(splitline[-1] + '\n')
+                result = runCmd('cat %s | ssh -q %s root@%s \'xargs ls -l\'' % (tmpfilelist, sshargs, qemu.ip))
+                filelist2 = self._process_ls_output(result.output)
+                filelist1.sort(key=lambda item: item.split()[-1])
+                filelist2.sort(key=lambda item: item.split()[-1])
+                self.assertEqual(filelist1, filelist2)
+                # Test undeploy-target
+                result = runCmd('devtool undeploy-target -c %s root@%s' % (testrecipe, qemu.ip))
+                result = runCmd('ssh %s root@%s %s' % (sshargs, qemu.ip, testcommand), ignore_status=True)
+                self.assertNotEqual(result, 0, 'undeploy-target did not remove command as it should have')
+
+class DevtoolBuildImageTests(DevtoolBase):
 
     def test_devtool_build_image(self):
         """Test devtool build-image plugin"""
@@ -1463,6 +1900,14 @@ class DevtoolExtractTests(DevtoolBase):
 
 class DevtoolUpgradeTests(DevtoolBase):
 
+    def setUp(self):
+        super().setUp()
+        try:
+            runCmd("git config --global user.name")
+            runCmd("git config --global user.email")
+        except:
+            self.skip("Git user.name and user.email must be set")
+
     def test_devtool_upgrade(self):
         # Check preconditions
         self.assertTrue(not os.path.exists(self.workspacedir), 'This test cannot be run with a workspace directory under the build directory')
@@ -1543,6 +1988,100 @@ class DevtoolUpgradeTests(DevtoolBase):
         self.assertNotIn(recipe, result.output)
         self.assertNotExists(os.path.join(self.workspacedir, 'recipes', recipe), 'Recipe directory should not exist after resetting')
 
+    def test_devtool_upgrade_drop_md5sum(self):
+        # Check preconditions
+        self.assertTrue(not os.path.exists(self.workspacedir), 'This test cannot be run with a workspace directory under the build directory')
+        self.track_for_cleanup(self.workspacedir)
+        self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
+        # For the moment, we are using a real recipe.
+        recipe = 'devtool-upgrade-test3'
+        version = '1.6.0'
+        oldrecipefile = get_bb_var('FILE', recipe)
+        tempdir = tempfile.mkdtemp(prefix='devtoolqa')
+        self.track_for_cleanup(tempdir)
+        # Check upgrade. Code does not check if new PV is older or newer that current PV, so, it may be that
+        # we are downgrading instead of upgrading.
+        result = runCmd('devtool upgrade %s %s -V %s' % (recipe, tempdir, version))
+        # Check new recipe file is present
+        newrecipefile = os.path.join(self.workspacedir, 'recipes', recipe, '%s_%s.bb' % (recipe, version))
+        self.assertExists(newrecipefile, 'Recipe file should exist after upgrade')
+        # Check recipe got changed as expected
+        with open(oldrecipefile + '.upgraded', 'r') as f:
+            desiredlines = f.readlines()
+        with open(newrecipefile, 'r') as f:
+            newlines = f.readlines()
+        self.assertEqual(desiredlines, newlines)
+
+    def test_devtool_upgrade_all_checksums(self):
+        # Check preconditions
+        self.assertTrue(not os.path.exists(self.workspacedir), 'This test cannot be run with a workspace directory under the build directory')
+        self.track_for_cleanup(self.workspacedir)
+        self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
+        # For the moment, we are using a real recipe.
+        recipe = 'devtool-upgrade-test4'
+        version = '1.6.0'
+        oldrecipefile = get_bb_var('FILE', recipe)
+        tempdir = tempfile.mkdtemp(prefix='devtoolqa')
+        self.track_for_cleanup(tempdir)
+        # Check upgrade. Code does not check if new PV is older or newer that current PV, so, it may be that
+        # we are downgrading instead of upgrading.
+        result = runCmd('devtool upgrade %s %s -V %s' % (recipe, tempdir, version))
+        # Check new recipe file is present
+        newrecipefile = os.path.join(self.workspacedir, 'recipes', recipe, '%s_%s.bb' % (recipe, version))
+        self.assertExists(newrecipefile, 'Recipe file should exist after upgrade')
+        # Check recipe got changed as expected
+        with open(oldrecipefile + '.upgraded', 'r') as f:
+            desiredlines = f.readlines()
+        with open(newrecipefile, 'r') as f:
+            newlines = f.readlines()
+        self.assertEqual(desiredlines, newlines)
+
+    def test_devtool_upgrade_recipe_upgrade_extra_tasks(self):
+        # Check preconditions
+        self.assertTrue(not os.path.exists(self.workspacedir), 'This test cannot be run with a workspace directory under the build directory')
+        self.track_for_cleanup(self.workspacedir)
+        self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
+        recipe = 'python3-guessing-game'
+        version = '0.2.0'
+        commit = '40cf004c2772ffa20ea803fa3be1528a75be3e98'
+        oldrecipefile = get_bb_var('FILE', recipe)
+        oldcratesincfile = os.path.join(os.path.dirname(oldrecipefile), os.path.basename(oldrecipefile).strip('_git.bb') + '-crates.inc')
+        tempdir = tempfile.mkdtemp(prefix='devtoolqa')
+        self.track_for_cleanup(tempdir)
+        # Check that recipe is not already under devtool control
+        result = runCmd('devtool status')
+        self.assertNotIn(recipe, result.output)
+        # Check upgrade
+        result = runCmd('devtool upgrade %s %s --version %s --srcrev %s' % (recipe, tempdir, version, commit))
+        # Check if srctree at least is populated
+        self.assertTrue(len(os.listdir(tempdir)) > 0, 'srctree (%s) should be populated with new (%s) source code' % (tempdir, commit))
+        # Check new recipe file and new -crates.inc files are present
+        newrecipefile = os.path.join(self.workspacedir, 'recipes', recipe, os.path.basename(oldrecipefile))
+        newcratesincfile = os.path.join(self.workspacedir, 'recipes', recipe, os.path.basename(oldcratesincfile))
+        self.assertExists(newrecipefile, 'Recipe file should exist after upgrade')
+        self.assertExists(newcratesincfile, 'Recipe crates.inc file should exist after upgrade')
+        # Check devtool status and make sure recipe is present
+        result = runCmd('devtool status')
+        self.assertIn(recipe, result.output)
+        self.assertIn(tempdir, result.output)
+        # Check recipe got changed as expected
+        with open(oldrecipefile + '.upgraded', 'r') as f:
+            desiredlines = f.readlines()
+        with open(newrecipefile, 'r') as f:
+            newlines = f.readlines()
+        self.assertEqual(desiredlines, newlines)
+        # Check crates.inc got changed as expected
+        with open(oldcratesincfile + '.upgraded', 'r') as f:
+            desiredlines = f.readlines()
+        with open(newcratesincfile, 'r') as f:
+            newlines = f.readlines()
+        self.assertEqual(desiredlines, newlines)
+        # Check devtool reset recipe
+        result = runCmd('devtool reset %s -n' % recipe)
+        result = runCmd('devtool status')
+        self.assertNotIn(recipe, result.output)
+        self.assertNotExists(os.path.join(self.workspacedir, 'recipes', recipe), 'Recipe directory should not exist after resetting')
+
     def test_devtool_layer_plugins(self):
         """Test that devtool can use plugins from other layers.
 
@@ -1561,7 +2100,15 @@ class DevtoolUpgradeTests(DevtoolBase):
         for p in paths:
             dstdir = os.path.join(dstdir, p)
             if not os.path.exists(dstdir):
-                os.makedirs(dstdir)
+                try:
+                    os.makedirs(dstdir)
+                except PermissionError:
+                    return False
+                except OSError as e:
+                    if e.errno == errno.EROFS:
+                        return False
+                    else:
+                        raise e
                 if p == "lib":
                     # Can race with other tests
                     self.add_command_to_tearDown('rmdir --ignore-fail-on-non-empty %s' % dstdir)
@@ -1569,8 +2116,12 @@ class DevtoolUpgradeTests(DevtoolBase):
                     self.track_for_cleanup(dstdir)
         dstfile = os.path.join(dstdir, os.path.basename(srcfile))
         if srcfile != dstfile:
-            shutil.copy(srcfile, dstfile)
+            try:
+                shutil.copy(srcfile, dstfile)
+            except PermissionError:
+                return False
             self.track_for_cleanup(dstfile)
+        return True
 
     def test_devtool_load_plugin(self):
         """Test that devtool loads only the first found plugin in BBPATH."""
@@ -1588,15 +2139,17 @@ class DevtoolUpgradeTests(DevtoolBase):
             plugincontent = fh.readlines()
         try:
             self.assertIn('meta-selftest', srcfile, 'wrong bbpath plugin found')
-            for path in searchpath:
-                self._copy_file_with_cleanup(srcfile, path, 'lib', 'devtool')
+            searchpath = [
+                path for path in searchpath
+                if self._copy_file_with_cleanup(srcfile, path, 'lib', 'devtool')
+            ]
             result = runCmd("devtool --quiet count")
             self.assertEqual(result.output, '1')
             result = runCmd("devtool --quiet multiloaded")
             self.assertEqual(result.output, "no")
             for path in searchpath:
                 result = runCmd("devtool --quiet bbdir")
-                self.assertEqual(result.output, path)
+                self.assertEqual(os.path.realpath(result.output), os.path.realpath(path))
                 os.unlink(os.path.join(result.output, 'lib', 'devtool', 'bbpath.py'))
         finally:
             with open(srcfile, 'w') as fh:
@@ -1777,6 +2330,52 @@ class DevtoolUpgradeTests(DevtoolBase):
         if files:
             self.fail('Unexpected file(s) copied next to bbappend: %s' % ', '.join(files))
 
+    def test_devtool_finish_update_patch(self):
+        # This test uses a modified version of the sysdig recipe from meta-oe.
+        # - The patches have been renamed.
+        # - The dependencies are commented out since the recipe is not being
+        #   built.
+        #
+        # The sysdig recipe is interesting in that it fetches two different Git
+        # repositories, and there are patches for both. This leads to that
+        # devtool will create ignore commits as it uses Git submodules to keep
+        # track of the second repository.
+        #
+        # This test will verify that the ignored commits actually are ignored
+        # when a commit in between is modified. It will also verify that the
+        # updated patch keeps its original name.
+
+        # Check preconditions
+        self.assertTrue(not os.path.exists(self.workspacedir), 'This test cannot be run with a workspace directory under the build directory')
+        # Try modifying a recipe
+        self.track_for_cleanup(self.workspacedir)
+        recipe = 'sysdig-selftest'
+        recipefile = get_bb_var('FILE', recipe)
+        recipedir = os.path.dirname(recipefile)
+        result = runCmd('git status --porcelain .', cwd=recipedir)
+        if result.output.strip():
+            self.fail('Recipe directory for %s contains uncommitted changes' % recipe)
+        tempdir = tempfile.mkdtemp(prefix='devtoolqa')
+        self.track_for_cleanup(tempdir)
+        self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
+        result = runCmd('devtool modify %s %s' % (recipe, tempdir))
+        self.add_command_to_tearDown('cd %s; rm %s/*; git checkout %s %s' % (recipedir, recipe, recipe, os.path.basename(recipefile)))
+        self.assertExists(os.path.join(tempdir, 'CMakeLists.txt'), 'Extracted source could not be found')
+        # Make a change to one of the existing commits
+        result = runCmd('echo "# A comment " >> CMakeLists.txt', cwd=tempdir)
+        result = runCmd('git status --porcelain', cwd=tempdir)
+        self.assertIn('M CMakeLists.txt', result.output)
+        result = runCmd('git commit --fixup HEAD^ CMakeLists.txt', cwd=tempdir)
+        result = runCmd('git show -s --format=%s', cwd=tempdir)
+        self.assertIn('fixup! cmake: Pass PROBE_NAME via CFLAGS', result.output)
+        result = runCmd('GIT_SEQUENCE_EDITOR=true git rebase -i --autosquash devtool-base', cwd=tempdir)
+        result = runCmd('devtool finish %s meta-selftest' % recipe)
+        result = runCmd('devtool status')
+        self.assertNotIn(recipe, result.output, 'Recipe should have been reset by finish but wasn\'t')
+        self.assertNotExists(os.path.join(self.workspacedir, 'recipes', recipe), 'Recipe directory should not exist after finish')
+        expected_status = [(' M', '.*/0099-cmake-Pass-PROBE_NAME-via-CFLAGS.patch$')]
+        self._check_repo_status(recipedir, expected_status)
+
     def test_devtool_rename(self):
         # Check preconditions
         self.assertTrue(not os.path.exists(self.workspacedir), 'This test cannot be run with a workspace directory under the build directory')
@@ -1808,12 +2407,11 @@ class DevtoolUpgradeTests(DevtoolBase):
         newsrctree = os.path.join(self.workspacedir, 'sources', newrecipename)
         self.assertExists(newsrctree, 'Source directory not renamed')
         checkvars = {}
-        checkvars['S'] = '${WORKDIR}/%s-%s' % (recipename, recipever)
+        checkvars['S'] = '${UNPACKDIR}/%s-%s' % (recipename, recipever)
         checkvars['SRC_URI'] = url
         self._test_recipe_contents(newrecipefile, checkvars, [])
         # Try again - change just name this time
         result = runCmd('devtool reset -n %s' % newrecipename)
-        shutil.rmtree(newsrctree)
         add_recipe()
         newrecipefile = os.path.join(self.workspacedir, 'recipes', newrecipename, '%s_%s.bb' % (newrecipename, recipever))
         result = runCmd('devtool rename %s %s' % (recipename, newrecipename))
@@ -1821,19 +2419,18 @@ class DevtoolUpgradeTests(DevtoolBase):
         self.assertNotExists(os.path.join(self.workspacedir, 'recipes', recipename), 'Old recipe directory still exists')
         self.assertExists(os.path.join(self.workspacedir, 'sources', newrecipename), 'Source directory not renamed')
         checkvars = {}
-        checkvars['S'] = '${WORKDIR}/%s-${PV}' % recipename
+        checkvars['S'] = '${UNPACKDIR}/%s-${PV}' % recipename
         checkvars['SRC_URI'] = url.replace(recipever, '${PV}')
         self._test_recipe_contents(newrecipefile, checkvars, [])
         # Try again - change just version this time
         result = runCmd('devtool reset -n %s' % newrecipename)
-        shutil.rmtree(newsrctree)
         add_recipe()
         newrecipefile = os.path.join(self.workspacedir, 'recipes', recipename, '%s_%s.bb' % (recipename, newrecipever))
         result = runCmd('devtool rename %s -V %s' % (recipename, newrecipever))
         self.assertExists(newrecipefile, 'Recipe file not renamed')
         self.assertExists(os.path.join(self.workspacedir, 'sources', recipename), 'Source directory no longer exists')
         checkvars = {}
-        checkvars['S'] = '${WORKDIR}/${BPN}-%s' % recipever
+        checkvars['S'] = '${UNPACKDIR}/${BPN}-%s' % recipever
         checkvars['SRC_URI'] = url
         self._test_recipe_contents(newrecipefile, checkvars, [])
 
@@ -1858,8 +2455,9 @@ class DevtoolUpgradeTests(DevtoolBase):
          Expected:       devtool modify is able to checkout the source of the kernel
                          and modification to the source and configurations are reflected
                          when building the kernel.
-         """
-        kernel_provider = get_bb_var('PREFERRED_PROVIDER_virtual/kernel')
+        """
+        kernel_provider = self.td['PREFERRED_PROVIDER_virtual/kernel']
+
         # Clean up the environment
         bitbake('%s -c clean' % kernel_provider)
         tempdir = tempfile.mkdtemp(prefix='devtoolqa')
@@ -1886,33 +2484,541 @@ class DevtoolUpgradeTests(DevtoolBase):
         self.assertExists(os.path.join(tempdir, 'Makefile'), 'Extracted source could not be found')
         #Step 4.2
         configfile = os.path.join(tempdir,'.config')
-        diff = runCmd('diff %s %s' % (tmpconfig, configfile))
-        self.assertEqual(0,diff.status,'Kernel .config file is not the same using bitbake and devtool')
+        runCmd('diff %s %s' % (tmpconfig, configfile))
+
         #Step 4.3
         #NOTE: virtual/kernel is mapped to kernel_provider
-        result = runCmd('devtool build %s' % kernel_provider)
-        self.assertEqual(0,result.status,'Cannot build kernel using `devtool build`')
+        runCmd('devtool build %s' % kernel_provider)
         kernelfile = os.path.join(get_bb_var('KBUILD_OUTPUT', kernel_provider), 'vmlinux')
         self.assertExists(kernelfile, 'Kernel was not build correctly')
 
         #Modify the kernel source
-        modfile = os.path.join(tempdir,'arch/x86/boot/header.S')
-        modstring = "Use a boot loader. Devtool testing."
-        modapplied = runCmd("sed -i 's/Use a boot loader./%s/' %s" % (modstring, modfile))
-        self.assertEqual(0,modapplied.status,'Modification to %s on kernel source failed' % modfile)
+        modfile = os.path.join(tempdir, 'init/version.c')
+        # Moved to uts.h in 6.1 onwards
+        modfile2 = os.path.join(tempdir, 'include/linux/uts.h')
+        runCmd("sed -i 's/Linux/LiNuX/g' %s %s" % (modfile, modfile2))
+
         #Modify the configuration
-        codeconfigfile = os.path.join(tempdir,'.config.new')
+        codeconfigfile = os.path.join(tempdir, '.config.new')
         modconfopt = "CONFIG_SG_POOL=n"
-        modconf = runCmd("sed -i 's/CONFIG_SG_POOL=y/%s/' %s" % (modconfopt, codeconfigfile))
-        self.assertEqual(0,modconf.status,'Modification to %s failed' % codeconfigfile)
+        runCmd("sed -i 's/CONFIG_SG_POOL=y/%s/' %s" % (modconfopt, codeconfigfile))
+
         #Build again kernel with devtool
-        rebuild = runCmd('devtool build %s' % kernel_provider)
-        self.assertEqual(0,rebuild.status,'Fail to build kernel after modification of source and config')
+        runCmd('devtool build %s' % kernel_provider)
+
         #Step 4.4
-        bzimagename = 'bzImage-' + get_bb_var('KERNEL_VERSION_NAME', kernel_provider)
-        bzimagefile = os.path.join(get_bb_var('D', kernel_provider),'boot', bzimagename)
-        checkmodcode = runCmd("grep '%s' %s" % (modstring, bzimagefile))
-        self.assertEqual(0,checkmodcode.status,'Modification on kernel source failed')
+        runCmd("grep '%s' %s" % ('LiNuX', kernelfile))
+
         #Step 4.5
-        checkmodconfg = runCmd("grep %s %s" % (modconfopt, codeconfigfile))
-        self.assertEqual(0,checkmodconfg.status,'Modification to configuration file failed')
+        runCmd("grep %s %s" % (modconfopt, codeconfigfile))
+
+
+class DevtoolIdeSdkTests(DevtoolBase):
+    def _write_bb_config(self, recipe_names):
+        """Helper to write the bitbake local.conf file"""
+        conf_lines = [
+            'IMAGE_CLASSES += "image-combined-dbg"',
+            'IMAGE_GEN_DEBUGFS = "1"',
+            'IMAGE_INSTALL:append = " gdbserver %s"' % ' '.join(
+                [r + '-ptest' for r in recipe_names]),
+            'DISTRO_FEATURES:append = " ptest"'
+        ]
+        self.write_config("\n".join(conf_lines))
+
+    def _check_workspace(self):
+        """Check if a workspace directory is available and setup the cleanup"""
+        self.assertTrue(not os.path.exists(self.workspacedir),
+                        'This test cannot be run with a workspace directory under the build directory')
+        self.track_for_cleanup(self.workspacedir)
+        self.add_command_to_tearDown('bitbake-layers remove-layer */workspace')
+
+    def _workspace_scripts_dir(self, recipe_name):
+        return os.path.realpath(os.path.join(self.builddir, 'workspace', 'ide-sdk', recipe_name, 'scripts'))
+
+    def _sources_scripts_dir(self, src_dir):
+        return os.path.realpath(os.path.join(src_dir, 'oe-scripts'))
+
+    def _workspace_gdbinit_dir(self, recipe_name):
+        return os.path.realpath(os.path.join(self.builddir, 'workspace', 'ide-sdk', recipe_name, 'scripts', 'gdbinit'))
+
+    def _sources_gdbinit_dir(self, src_dir):
+        return os.path.realpath(os.path.join(src_dir, 'oe-gdbinit'))
+
+    def _devtool_ide_sdk_recipe(self, recipe_name, build_file, testimage):
+        """Setup a recipe for working with devtool ide-sdk
+
+        Basically devtool modify -x followed by some tests
+        """
+        tempdir = tempfile.mkdtemp(prefix='devtoolqa')
+        self.track_for_cleanup(tempdir)
+        self.add_command_to_tearDown('bitbake -c clean %s' % recipe_name)
+
+        result = runCmd('devtool modify %s -x %s --debug-build' % (recipe_name, tempdir))
+        self.assertExists(os.path.join(tempdir, build_file),
+                          'Extracted source could not be found')
+        self.assertExists(os.path.join(self.workspacedir, 'conf',
+                                       'layer.conf'), 'Workspace directory not created')
+        matches = glob.glob(os.path.join(self.workspacedir,
+                            'appends', recipe_name + '.bbappend'))
+        self.assertTrue(matches, 'bbappend not created %s' % result.output)
+
+        # Test devtool status
+        result = runCmd('devtool status')
+        self.assertIn(recipe_name, result.output)
+        self.assertIn(tempdir, result.output)
+        self._check_src_repo(tempdir)
+
+        # Usually devtool ide-sdk would initiate the build of the SDK.
+        # But there is a circular dependency with starting Qemu and passing the IP of runqemu to devtool ide-sdk.
+        if testimage:
+            bitbake("%s qemu-native qemu-helper-native" % testimage)
+            deploy_dir_image = get_bb_var('DEPLOY_DIR_IMAGE')
+            self.add_command_to_tearDown('bitbake -c clean %s' % testimage)
+            self.add_command_to_tearDown(
+                'rm -f %s/%s*' % (deploy_dir_image, testimage))
+
+        return tempdir
+
+    def _get_recipe_ids(self, recipe_name):
+        """IDs needed to write recipe specific config entries into IDE config files"""
+        package_arch = get_bb_var('PACKAGE_ARCH', recipe_name)
+        recipe_id = recipe_name + "-" + package_arch
+        recipe_id_pretty = recipe_name + ": " + package_arch
+        return (recipe_id, recipe_id_pretty)
+
+    def _verify_install_script_code(self, tempdir, recipe_name):
+        """Verify the scripts referred by the tasks.json file are fine.
+
+        This function does not depend on Qemu. Therefore it verifies the scripts
+        exists and the delete step works as expected. But it does not try to
+        deploy to Qemu.
+        """
+        recipe_id, recipe_id_pretty = self._get_recipe_ids(recipe_name)
+        with open(os.path.join(tempdir, '.vscode', 'tasks.json')) as tasks_j:
+            tasks_d = json.load(tasks_j)
+        tasks = tasks_d["tasks"]
+        task_install = next(
+            (task for task in tasks if task["label"] == "install && deploy-target %s" % recipe_id_pretty), None)
+        self.assertIsNot(task_install, None)
+        # execute only the bb_run_do_install script since the deploy would require e.g. Qemu running.
+        i_and_d_script = "install_and_deploy_" + recipe_id
+        i_and_d_script_path = os.path.join(
+            self._workspace_scripts_dir(recipe_name), i_and_d_script)
+        self.assertExists(i_and_d_script_path)
+
+    def _devtool_ide_sdk_qemu(self, tempdir, qemu, recipe_name, example_exe):
+        """Verify deployment and execution in Qemu system work for one recipe.
+
+        This function checks the entire SDK workflow: changing the code, recompiling
+        it and deploying it back to Qemu, and checking that the changes have been
+        incorporated into the provided binaries. It also runs the tests of the recipe.
+        """
+        recipe_id, _ = self._get_recipe_ids(recipe_name)
+        i_and_d_script = "install_and_deploy_" + recipe_id
+        install_deploy_cmd = os.path.join(
+            self._workspace_scripts_dir(recipe_name), i_and_d_script)
+        self.assertExists(install_deploy_cmd,
+                          '%s script not found' % install_deploy_cmd)
+        runCmd(install_deploy_cmd)
+
+        MAGIC_STRING_ORIG = "Magic: 123456789"
+        MAGIC_STRING_NEW = "Magic: 987654321"
+        ptest_cmd = "ptest-runner " + recipe_name
+
+        # validate that SSH is working
+        status, _ = qemu.run("uname")
+        self.assertEqual(
+            status, 0, msg="Failed to connect to the SSH server on Qemu")
+
+        # Verify the unmodified example prints the magic string
+        status, output = qemu.run(example_exe)
+        self.assertEqual(status, 0, msg="%s failed: %s" %
+                         (example_exe, output))
+        self.assertIn(MAGIC_STRING_ORIG, output)
+
+        # Verify the unmodified ptests work
+        status, output = qemu.run(ptest_cmd)
+        self.assertEqual(status, 0, msg="%s failed: %s" % (ptest_cmd, output))
+        self.assertIn("PASS: cpp-example-lib", output)
+
+        # Verify remote debugging works
+        self._gdb_cross_debugging(
+            qemu, recipe_name, example_exe, MAGIC_STRING_ORIG)
+
+        # Replace the Magic String in the code, compile and deploy to Qemu
+        cpp_example_lib_hpp = os.path.join(tempdir, 'cpp-example-lib.hpp')
+        with open(cpp_example_lib_hpp, 'r') as file:
+            cpp_code = file.read()
+            cpp_code = cpp_code.replace(MAGIC_STRING_ORIG, MAGIC_STRING_NEW)
+        with open(cpp_example_lib_hpp, 'w') as file:
+            file.write(cpp_code)
+        runCmd(install_deploy_cmd, cwd=tempdir)
+
+        # Verify the modified example prints the modified magic string
+        status, output = qemu.run(example_exe)
+        self.assertEqual(status, 0, msg="%s failed: %s" %
+                         (example_exe, output))
+        self.assertNotIn(MAGIC_STRING_ORIG, output)
+        self.assertIn(MAGIC_STRING_NEW, output)
+
+        # Verify the modified example ptests work
+        status, output = qemu.run(ptest_cmd)
+        self.assertEqual(status, 0, msg="%s failed: %s" % (ptest_cmd, output))
+        self.assertIn("PASS: cpp-example-lib", output)
+
+        # Verify remote debugging works wit the modified magic string
+        self._gdb_cross_debugging(
+            qemu, recipe_name, example_exe, MAGIC_STRING_NEW)
+
+    def _gdb_cross(self):
+        """Verify gdb-cross is provided by devtool ide-sdk"""
+        target_arch = self.td["TARGET_ARCH"]
+        target_sys = self.td["TARGET_SYS"]
+        gdb_recipe = "gdb-cross-" + target_arch
+        gdb_binary = target_sys + "-gdb"
+
+        native_sysroot = get_bb_var("RECIPE_SYSROOT_NATIVE", gdb_recipe)
+        r = runCmd("%s --version" % gdb_binary,
+                   native_sysroot=native_sysroot, target_sys=target_sys)
+        self.assertEqual(r.status, 0)
+        self.assertIn("GNU gdb", r.output)
+
+    def _gdb_cross_debugging(self, qemu, recipe_name, example_exe, magic_string):
+        """Verify gdb-cross is working
+
+        Test remote debugging:
+        break main
+        run
+        continue
+        break CppExample::print_json()
+        continue
+        print CppExample::test_string.compare("cpp-example-lib Magic: 123456789")
+        $1 = 0
+        print CppExample::test_string.compare("cpp-example-lib Magic: 123456789aaa")
+        $2 = -3
+        list cpp-example-lib.hpp:13,13
+        13          inline static const std::string test_string = "cpp-example-lib Magic: 123456789";
+        continue
+        """
+        sshargs = '-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no'
+        gdbserver_script = os.path.join(self._workspace_scripts_dir(
+            recipe_name), 'gdbserver_1234_usr-bin-' + example_exe + '_m')
+        gdb_script = os.path.join(self._workspace_scripts_dir(
+            recipe_name), 'gdb_1234_usr-bin-' + example_exe)
+
+        # Start a gdbserver
+        r = runCmd(gdbserver_script)
+        self.assertEqual(r.status, 0)
+
+        # Check there is a gdbserver running
+        r = runCmd('ssh %s root@%s %s' % (sshargs, qemu.ip, 'ps'))
+        self.assertEqual(r.status, 0)
+        self.assertIn("gdbserver ", r.output)
+
+        # Check the pid file is correct
+        test_cmd = "cat /proc/$(cat /tmp/gdbserver_1234_usr-bin-" + \
+            example_exe + "/pid)/cmdline"
+        r = runCmd('ssh %s root@%s %s' % (sshargs, qemu.ip, test_cmd))
+        self.assertEqual(r.status, 0)
+        self.assertIn("gdbserver", r.output)
+
+        # Test remote debugging works
+        gdb_batch_cmd = " --batch -ex 'break main' -ex 'run'"
+        gdb_batch_cmd += " -ex 'break CppExample::print_json()' -ex 'continue'"
+        gdb_batch_cmd += " -ex 'print CppExample::test_string.compare(\"cpp-example-lib %s\")'" % magic_string
+        gdb_batch_cmd += " -ex 'print CppExample::test_string.compare(\"cpp-example-lib %saaa\")'" % magic_string
+        gdb_batch_cmd += " -ex 'list cpp-example-lib.hpp:13,13'"
+        gdb_batch_cmd += " -ex 'continue'"
+        r = runCmd(gdb_script + gdb_batch_cmd)
+        self.logger.debug("%s %s returned: %s", gdb_script,
+                          gdb_batch_cmd, r.output)
+        self.assertEqual(r.status, 0)
+        self.assertIn("Breakpoint 1, main", r.output)
+        self.assertIn("$1 = 0", r.output)  # test.string.compare equal
+        self.assertIn("$2 = -3", r.output)  # test.string.compare longer
+        self.assertIn(
+            'inline static const std::string test_string = "cpp-example-lib %s";' % magic_string, r.output)
+        self.assertIn("exited normally", r.output)
+
+        # Stop the gdbserver
+        r = runCmd(gdbserver_script + ' stop')
+        self.assertEqual(r.status, 0)
+
+        # Check there is no gdbserver running
+        r = runCmd('ssh %s root@%s %s' % (sshargs, qemu.ip, 'ps'))
+        self.assertEqual(r.status, 0)
+        self.assertNotIn("gdbserver ", r.output)
+
+    def _verify_cmake_preset(self, tempdir):
+        """Verify the generated cmake preset works as expected
+
+        Check if compiling works
+        Check if unit tests can be executed in qemu (not qemu-system)
+        """
+        with open(os.path.join(tempdir, 'CMakeUserPresets.json')) as cmake_preset_j:
+            cmake_preset_d = json.load(cmake_preset_j)
+        config_presets = cmake_preset_d["configurePresets"]
+        self.assertEqual(len(config_presets), 1)
+        cmake_exe = config_presets[0]["cmakeExecutable"]
+        preset_name = config_presets[0]["name"]
+
+        # Verify the wrapper for cmake native is available
+        self.assertExists(cmake_exe)
+
+        # Verify the cmake preset generated by devtool ide-sdk is available
+        result = runCmd('%s --list-presets' % cmake_exe, cwd=tempdir)
+        self.assertIn(preset_name, result.output)
+
+        # Verify cmake re-uses the o files compiled by bitbake
+        result = runCmd('%s --build --preset %s' %
+                        (cmake_exe, preset_name), cwd=tempdir)
+        self.assertIn("ninja: no work to do.", result.output)
+
+        # Verify the unit tests work (in Qemu user mode)
+        result = runCmd('%s --build --preset %s --target test' %
+                        (cmake_exe, preset_name), cwd=tempdir)
+        self.assertIn("100% tests passed", result.output)
+
+        # Verify re-building and testing works again
+        result = runCmd('%s --build --preset %s --target clean' %
+                        (cmake_exe, preset_name), cwd=tempdir)
+        self.assertIn("Cleaning", result.output)
+        result = runCmd('%s --build --preset %s' %
+                        (cmake_exe, preset_name), cwd=tempdir)
+        self.assertIn("Building", result.output)
+        self.assertIn("Linking", result.output)
+        result = runCmd('%s --build --preset %s --target test' %
+                        (cmake_exe, preset_name), cwd=tempdir)
+        self.assertIn("Running tests...", result.output)
+        self.assertIn("100% tests passed", result.output)
+
+    @OETestTag("runqemu")
+    def test_devtool_ide_sdk_none_qemu(self):
+        """Start qemu-system and run tests for multiple recipes. ide=none is used."""
+        recipe_names = ["cmake-example", "meson-example"]
+        testimage = "oe-selftest-image"
+
+        self._check_workspace()
+        self._write_bb_config(recipe_names)
+        self._check_runqemu_prerequisites()
+
+        # Verify deployment to Qemu (system mode) works
+        bitbake(testimage)
+        with runqemu(testimage, runqemuparams="nographic") as qemu:
+            # cmake-example recipe
+            recipe_name = "cmake-example"
+            example_exe = "cmake-example"
+            build_file = "CMakeLists.txt"
+            tempdir = self._devtool_ide_sdk_recipe(
+                recipe_name, build_file, testimage)
+            bitbake_sdk_cmd = 'devtool ide-sdk %s %s -t root@%s -c --ide=none' % (
+                recipe_name, testimage, qemu.ip)
+            runCmd(bitbake_sdk_cmd)
+            self._gdb_cross()
+            self._verify_cmake_preset(tempdir)
+            self._devtool_ide_sdk_qemu(tempdir, qemu, recipe_name, example_exe)
+            # Verify the oe-scripts sym-link is valid
+            self.assertEqual(self._workspace_scripts_dir(
+                recipe_name), self._sources_scripts_dir(tempdir))
+
+            # meson-example recipe
+            recipe_name = "meson-example"
+            example_exe = "mesonex"
+            build_file = "meson.build"
+            tempdir = self._devtool_ide_sdk_recipe(
+                recipe_name, build_file, testimage)
+            bitbake_sdk_cmd = 'devtool ide-sdk %s %s -t root@%s -c --ide=none' % (
+                recipe_name, testimage, qemu.ip)
+            runCmd(bitbake_sdk_cmd)
+            self._gdb_cross()
+            self._devtool_ide_sdk_qemu(tempdir, qemu, recipe_name, example_exe)
+            # Verify the oe-scripts sym-link is valid
+            self.assertEqual(self._workspace_scripts_dir(
+                recipe_name), self._sources_scripts_dir(tempdir))
+
+    def test_devtool_ide_sdk_code_cmake(self):
+        """Verify a cmake recipe works with ide=code mode"""
+        recipe_name = "cmake-example"
+        build_file = "CMakeLists.txt"
+        testimage = "oe-selftest-image"
+
+        self._check_workspace()
+        self._write_bb_config([recipe_name])
+        tempdir = self._devtool_ide_sdk_recipe(
+            recipe_name, build_file, testimage)
+        bitbake_sdk_cmd = 'devtool ide-sdk %s %s -t root@192.168.17.17 -c --ide=code' % (
+            recipe_name, testimage)
+        runCmd(bitbake_sdk_cmd)
+        self._verify_cmake_preset(tempdir)
+        self._verify_install_script_code(tempdir,  recipe_name)
+        self._gdb_cross()
+
+    def test_devtool_ide_sdk_code_meson(self):
+        """Verify a meson recipe works with ide=code mode"""
+        recipe_name = "meson-example"
+        build_file = "meson.build"
+        testimage = "oe-selftest-image"
+
+        self._check_workspace()
+        self._write_bb_config([recipe_name])
+        tempdir = self._devtool_ide_sdk_recipe(
+            recipe_name, build_file, testimage)
+        bitbake_sdk_cmd = 'devtool ide-sdk %s %s -t root@192.168.17.17 -c --ide=code' % (
+            recipe_name, testimage)
+        runCmd(bitbake_sdk_cmd)
+
+        with open(os.path.join(tempdir, '.vscode', 'settings.json')) as settings_j:
+            settings_d = json.load(settings_j)
+        meson_exe = settings_d["mesonbuild.mesonPath"]
+        meson_build_folder = settings_d["mesonbuild.buildFolder"]
+
+        # Verify the wrapper for meson native is available
+        self.assertExists(meson_exe)
+
+        # Verify meson re-uses the o files compiled by bitbake
+        result = runCmd('%s compile -C  %s' %
+                        (meson_exe, meson_build_folder), cwd=tempdir)
+        self.assertIn("ninja: no work to do.", result.output)
+
+        # Verify the unit tests work (in Qemu)
+        runCmd('%s test -C %s' % (meson_exe, meson_build_folder), cwd=tempdir)
+
+        # Verify re-building and testing works again
+        result = runCmd('%s compile -C  %s --clean' %
+                        (meson_exe, meson_build_folder), cwd=tempdir)
+        self.assertIn("Cleaning...", result.output)
+        result = runCmd('%s compile -C  %s' %
+                        (meson_exe, meson_build_folder), cwd=tempdir)
+        self.assertIn("Linking target", result.output)
+        runCmd('%s test -C %s' % (meson_exe, meson_build_folder), cwd=tempdir)
+
+        self._verify_install_script_code(tempdir,  recipe_name)
+        self._gdb_cross()
+
+    def test_devtool_ide_sdk_shared_sysroots(self):
+        """Verify the shared sysroot SDK"""
+
+        # Handle the workspace (which is not needed by this test case)
+        self._check_workspace()
+
+        result_init = runCmd(
+            'devtool ide-sdk -m shared oe-selftest-image cmake-example meson-example --ide=code')
+        bb_vars = get_bb_vars(
+            ['REAL_MULTIMACH_TARGET_SYS', 'DEPLOY_DIR_IMAGE', 'COREBASE'], "meta-ide-support")
+        environment_script = 'environment-setup-%s' % bb_vars['REAL_MULTIMACH_TARGET_SYS']
+        deploydir = bb_vars['DEPLOY_DIR_IMAGE']
+        environment_script_path = os.path.join(deploydir, environment_script)
+        cpp_example_src = os.path.join(
+            bb_vars['COREBASE'], 'meta-selftest', 'recipes-test', 'cpp', 'files')
+
+        # Verify the cross environment script is available
+        self.assertExists(environment_script_path)
+
+        def runCmdEnv(cmd, cwd):
+            cmd = '/bin/sh -c ". %s > /dev/null && %s"' % (
+                environment_script_path, cmd)
+            return runCmd(cmd, cwd)
+
+        # Verify building the C++ example works with CMake
+        tempdir_cmake = tempfile.mkdtemp(prefix='devtoolqa')
+        self.track_for_cleanup(tempdir_cmake)
+
+        result_cmake = runCmdEnv("which cmake", cwd=tempdir_cmake)
+        cmake_native = os.path.normpath(result_cmake.output.strip())
+        self.assertExists(cmake_native)
+
+        runCmdEnv('cmake %s' % cpp_example_src, cwd=tempdir_cmake)
+        runCmdEnv('cmake --build %s' % tempdir_cmake, cwd=tempdir_cmake)
+
+        # Verify the printed note really referres to a cmake executable
+        cmake_native_code = ""
+        for line in result_init.output.splitlines():
+            m = re.search(r'"cmake.cmakePath": "(.*)"', line)
+            if m:
+                cmake_native_code = m.group(1)
+                break
+        self.assertExists(cmake_native_code)
+        self.assertEqual(cmake_native, cmake_native_code)
+
+        # Verify building the C++ example works with Meson
+        tempdir_meson = tempfile.mkdtemp(prefix='devtoolqa')
+        self.track_for_cleanup(tempdir_meson)
+
+        result_cmake = runCmdEnv("which meson", cwd=tempdir_meson)
+        meson_native = os.path.normpath(result_cmake.output.strip())
+        self.assertExists(meson_native)
+
+        runCmdEnv('meson setup %s' % tempdir_meson, cwd=cpp_example_src)
+        runCmdEnv('meson compile', cwd=tempdir_meson)
+
+    def test_devtool_ide_sdk_plugins(self):
+        """Test that devtool ide-sdk can use plugins from other layers."""
+
+        # We need a workspace layer and a modified recipe (but no image)
+        modified_recipe_name = "meson-example"
+        modified_build_file = "meson.build"
+        testimage = "oe-selftest-image"
+        shared_recipe_name = "cmake-example"
+
+        self._check_workspace()
+        self._write_bb_config([modified_recipe_name])
+        tempdir = self._devtool_ide_sdk_recipe(
+            modified_recipe_name, modified_build_file, None)
+
+        IDE_RE = re.compile(r'.*--ide \{(.*)\}.*')
+
+        def get_ides_from_help(help_str):
+            m = IDE_RE.search(help_str)
+            return m.group(1).split(',')
+
+        # verify the default plugins are available but the foo plugin is not
+        result = runCmd('devtool ide-sdk -h')
+        found_ides = get_ides_from_help(result.output)
+        self.assertIn('code', found_ides)
+        self.assertIn('none', found_ides)
+        self.assertNotIn('foo', found_ides)
+
+        shared_config_file = os.path.join(tempdir, 'shared-config.txt')
+        shared_config_str = 'Dummy shared IDE config'
+        modified_config_file = os.path.join(tempdir, 'modified-config.txt')
+        modified_config_str = 'Dummy modified IDE config'
+
+        # Generate a foo plugin in the workspace layer
+        plugin_dir = os.path.join(
+            self.workspacedir, 'lib', 'devtool', 'ide_plugins')
+        os.makedirs(plugin_dir)
+        plugin_code = 'from devtool.ide_plugins import IdeBase\n\n'
+        plugin_code += 'class IdeFoo(IdeBase):\n'
+        plugin_code += '    def setup_shared_sysroots(self, shared_env):\n'
+        plugin_code += '        with open("%s", "w") as config_file:\n' % shared_config_file
+        plugin_code += '            config_file.write("%s")\n\n' % shared_config_str
+        plugin_code += '    def setup_modified_recipe(self, args, image_recipe, modified_recipe):\n'
+        plugin_code += '        with open("%s", "w") as config_file:\n' % modified_config_file
+        plugin_code += '            config_file.write("%s")\n\n' % modified_config_str
+        plugin_code += 'def register_ide_plugin(ide_plugins):\n'
+        plugin_code += '    ide_plugins["foo"] = IdeFoo\n'
+
+        plugin_py = os.path.join(plugin_dir, 'ide_foo.py')
+        with open(plugin_py, 'w') as plugin_file:
+            plugin_file.write(plugin_code)
+
+        # Verify the foo plugin is available as well
+        result = runCmd('devtool ide-sdk -h')
+        found_ides = get_ides_from_help(result.output)
+        self.assertIn('code', found_ides)
+        self.assertIn('none', found_ides)
+        self.assertIn('foo', found_ides)
+
+        # Verify the foo plugin generates a shared config
+        result = runCmd(
+            'devtool ide-sdk -m shared --skip-bitbake --ide foo %s' % shared_recipe_name)
+        with open(shared_config_file) as shared_config:
+            shared_config_new = shared_config.read()
+        self.assertEqual(shared_config_str, shared_config_new)
+
+        # Verify the foo plugin generates a modified config
+        result = runCmd('devtool ide-sdk --skip-bitbake --ide foo %s %s' %
+                        (modified_recipe_name, testimage))
+        with open(modified_config_file) as modified_config:
+            modified_config_new = modified_config.read()
+        self.assertEqual(modified_config_str, modified_config_new)
diff --git a/meta/lib/oeqa/selftest/cases/distrodata.py b/meta/lib/oeqa/selftest/cases/distrodata.py
index e1cfc3b621..f2c6124d70 100644
--- a/meta/lib/oeqa/selftest/cases/distrodata.py
+++ b/meta/lib/oeqa/selftest/cases/distrodata.py
@@ -1,11 +1,10 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
 from oeqa.selftest.case import OESelftestTestCase
-from oeqa.utils.commands import runCmd, bitbake, get_bb_var, get_bb_vars
-from oeqa.utils.decorators import testcase
-from oeqa.utils.ftools import write_file
 
 import oe.recipeutils
 
@@ -18,13 +17,13 @@ class Distrodata(OESelftestTestCase):
         Product:     oe-core
         Author:      Alexander Kanavin <alex.kanavin@gmail.com>
         """
-        feature = 'LICENSE_FLAGS_WHITELIST += " commercial"\n'
+        feature = 'LICENSE_FLAGS_ACCEPTED += " commercial"\n'
         self.write_config(feature)
 
-        pkgs = oe.recipeutils.get_recipe_upgrade_status()
+        pkggroups = oe.recipeutils.get_recipe_upgrade_status()
 
-        regressed_failures = [pkg[0] for pkg in pkgs if pkg[1] == 'UNKNOWN_BROKEN']
-        regressed_successes = [pkg[0] for pkg in pkgs if pkg[1] == 'KNOWN_BROKEN']
+        regressed_failures = [pkg['pn'] for pkgs in pkggroups for pkg in pkgs if pkg['status'] == 'UNKNOWN_BROKEN']
+        regressed_successes = [pkg['pn'] for pkgs in pkggroups for pkg in pkgs if pkg['status'] == 'KNOWN_BROKEN']
         msg = ""
         if len(regressed_failures) > 0:
             msg = msg + """
@@ -49,21 +48,21 @@ but their recipes claim otherwise by setting UPSTREAM_VERSION_UNKNOWN. Please re
         Author:      Alexander Kanavin <alex.kanavin@gmail.com>
         """
         def is_exception(pkg):
-            exceptions = ["packagegroup-", "initramfs-", "systemd-machine-units", "target-sdk-provides-dummy"]
+            exceptions = ["packagegroup-",]
             for i in exceptions:
                  if i in pkg:
                      return True
             return False
 
         def is_maintainer_exception(entry):
-            exceptions = ["musl", "newlib", "linux-yocto", "linux-dummy", "mesa-gl", "libgfortran",
-                          "cve-update-db-native"]
+            exceptions = ["musl", "newlib", "picolibc", "linux-yocto", "linux-dummy", "mesa-gl", "libgfortran", "libx11-compose-data",
+                          "cve-update-nvd2-native", "barebox", "libglvnd"]
             for i in exceptions:
                  if i in entry:
                      return True
             return False
 
-        feature = 'require conf/distro/include/maintainers.inc\nLICENSE_FLAGS_WHITELIST += " commercial"\nPARSE_ALL_RECIPES = "1"\n'
+        feature = 'require conf/distro/include/maintainers.inc\nLICENSE_FLAGS_ACCEPTED += " commercial"\nPARSE_ALL_RECIPES = "1"\nPACKAGE_CLASSES = "package_ipk package_deb package_rpm"\n'
         self.write_config(feature)
 
         with bb.tinfoil.Tinfoil() as tinfoil:
@@ -74,7 +73,7 @@ but their recipes claim otherwise by setting UPSTREAM_VERSION_UNKNOWN. Please re
 
             missing_recipes = []
             recipes = []
-            prefix = "RECIPE_MAINTAINER_pn-"
+            prefix = "RECIPE_MAINTAINER:pn-"
 
             # We could have used all_recipes() here, but this method will find
             # every recipe if we ever move to setting RECIPE_MAINTAINER in recipe files
@@ -116,3 +115,15 @@ The list of oe-core recipes with maintainers is empty. This may indicate that th
                 self.fail("""
 Unable to find recipes for the following entries in maintainers.inc:
 """ + "\n".join(['%s' % i for i in missing_recipes]))
+
+    def test_common_include_recipes(self):
+        """
+        Summary:     Test that obtaining recipes that share includes between them returns a sane result
+        Expected:    At least cmake and qemu entries are present in the output
+        Product:     oe-core
+        Author:      Alexander Kanavin <alex.kanavin@gmail.com>
+        """
+        recipes = oe.recipeutils.get_common_include_recipes()
+
+        self.assertIn({'qemu-system-native', 'qemu', 'qemu-native'}, recipes)
+        self.assertIn({'cmake-native', 'cmake'}, recipes)
diff --git a/meta/lib/oeqa/selftest/cases/efibootpartition.py b/meta/lib/oeqa/selftest/cases/efibootpartition.py
index a61cf9bcb3..fcfcdaf7e4 100644
--- a/meta/lib/oeqa/selftest/cases/efibootpartition.py
+++ b/meta/lib/oeqa/selftest/cases/efibootpartition.py
@@ -5,42 +5,30 @@
 # SPDX-License-Identifier: MIT
 #
 
-import re
-
 from oeqa.selftest.case import OESelftestTestCase
 from oeqa.utils.commands import bitbake, runqemu, get_bb_var
+from oeqa.core.decorator.data import skipIfNotMachine
+import oe.types
 
 class GenericEFITest(OESelftestTestCase):
     """EFI booting test class"""
+    @skipIfNotMachine("qemux86-64", "test is qemux86-64 specific currently")
+    def test_boot_efi(self):
+        image = "core-image-minimal"
+        runqemu_params = get_bb_var('TEST_RUNQEMUPARAMS', image) or ""
+        cmd = "runqemu %s nographic serial wic ovmf" % (runqemu_params)
+        if oe.types.qemu_use_kvm(self.td.get('QEMU_USE_KVM', 0), self.td["TARGET_ARCH"]):
+            cmd += " kvm"
 
-    cmd_common = "runqemu nographic serial wic ovmf"
-    efi_provider = "systemd-boot"
-    image = "core-image-minimal"
-    machine = "qemux86-64"
-    recipes_built = False
-
-    @classmethod
-    def setUpLocal(self):
-        super(GenericEFITest, self).setUpLocal(self)
-
-        self.write_config(self,
-"""
-EFI_PROVIDER = "%s"
-IMAGE_FSTYPES_pn-%s_append = " wic"
-MACHINE = "%s"
-MACHINE_FEATURES_append = " efi"
+        self.write_config("""
+EFI_PROVIDER = "grub-efi"
+IMAGE_FSTYPES:pn-%s:append = " wic"
+MACHINE_FEATURES:append = " efi"
 WKS_FILE = "efi-bootdisk.wks.in"
-IMAGE_INSTALL_append = " grub-efi systemd-boot kernel-image-bzimage"
+IMAGE_INSTALL:append = " grub-efi kernel-image-bzimage"
 """
-% (self.efi_provider, self.image, self.machine))
-        if not self.recipes_built:
-            bitbake("ovmf")
-            bitbake(self.image)
-            self.recipes_built = True
+% (image))
 
-    @classmethod
-    def test_boot_efi(self):
-        """Test generic boot partition with qemu"""
-        cmd = "%s %s" % (self.cmd_common, self.machine)
-        with runqemu(self.image, ssh=False, launch_cmd=cmd) as qemu:
+        bitbake(image + " ovmf")
+        with runqemu(image, ssh=False, launch_cmd=cmd) as qemu:
             self.assertTrue(qemu.runner.logged, "Failed: %s" % cmd)
diff --git a/meta/lib/oeqa/selftest/cases/eSDK.py b/meta/lib/oeqa/selftest/cases/esdk.py
index 862849af35..7a5fe00a08 100644
--- a/meta/lib/oeqa/selftest/cases/eSDK.py
+++ b/meta/lib/oeqa/selftest/cases/esdk.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -8,7 +10,7 @@ import os
 import glob
 import time
 from oeqa.selftest.case import OESelftestTestCase
-from oeqa.utils.commands import runCmd, bitbake, get_bb_var, get_bb_vars
+from oeqa.utils.commands import runCmd, bitbake, get_bb_vars
 
 class oeSDKExtSelfTest(OESelftestTestCase):
     """
@@ -25,11 +27,7 @@ class oeSDKExtSelfTest(OESelftestTestCase):
         return glob.glob(pattern)[0]
 
     @staticmethod
-    def run_esdk_cmd(env_eSDK, tmpdir_eSDKQA, cmd, postconfig=None, **options):
-        if postconfig:
-            esdk_conf_file = os.path.join(tmpdir_eSDKQA, 'conf', 'local.conf')
-            with open(esdk_conf_file, 'a+') as f:
-                f.write(postconfig)
+    def run_esdk_cmd(env_eSDK, tmpdir_eSDKQA, cmd, **options):
         if not options:
             options = {}
         if not 'shell' in options:
@@ -63,7 +61,7 @@ class oeSDKExtSelfTest(OESelftestTestCase):
         cls.env_eSDK = oeSDKExtSelfTest.get_esdk_environment('', cls.tmpdir_eSDKQA)
 
         sstate_config="""
-SDK_LOCAL_CONF_WHITELIST = "SSTATE_MIRRORS"
+ESDK_LOCALCONF_ALLOW = "SSTATE_MIRRORS"
 SSTATE_MIRRORS =  "file://.* file://%s/PATH"
 CORE_IMAGE_EXTRA_INSTALL = "perl"
         """ % sstate_dir
@@ -91,7 +89,7 @@ CORE_IMAGE_EXTRA_INSTALL = "perl"
 
         # Configure eSDK to use sstate mirror from poky
         sstate_config="""
-SDK_LOCAL_CONF_WHITELIST = "SSTATE_MIRRORS"
+ESDK_LOCALCONF_ALLOW = "SSTATE_MIRRORS"
 SSTATE_MIRRORS =  "file://.* file://%s/PATH"
             """ % bb_vars["SSTATE_DIR"]
         with open(os.path.join(cls.tmpdir_eSDKQA, 'conf', 'local.conf'), 'a+') as f:
@@ -100,7 +98,7 @@ SSTATE_MIRRORS =  "file://.* file://%s/PATH"
     @classmethod
     def tearDownClass(cls):
         for i in range(0, 10):
-            if os.path.exists(os.path.join(cls.tmpdir_eSDKQA, 'bitbake.lock')):
+            if os.path.exists(os.path.join(cls.tmpdir_eSDKQA, 'bitbake.lock')) or os.path.exists(os.path.join(cls.tmpdir_eSDKQA, 'cache/hashserv.db-wal')):
                 time.sleep(1)
             else:
                 break
diff --git a/meta/lib/oeqa/selftest/cases/externalsrc.py b/meta/lib/oeqa/selftest/cases/externalsrc.py
new file mode 100644
index 0000000000..1d800dc82c
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/externalsrc.py
@@ -0,0 +1,44 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+import os
+import shutil
+import tempfile
+
+from oeqa.selftest.case import OESelftestTestCase
+from oeqa.utils.commands import get_bb_var, runCmd
+
+class ExternalSrc(OESelftestTestCase):
+    # test that srctree_hash_files does not crash
+    # we should be actually checking do_compile[file-checksums] but oeqa currently does not support it
+    #     so we check only that a recipe with externalsrc can be parsed
+    def test_externalsrc_srctree_hash_files(self):
+        test_recipe = "git-submodule-test"
+        git_url = "git://git.yoctoproject.org/git-submodule-test"
+        externalsrc_dir = tempfile.TemporaryDirectory(prefix="externalsrc").name
+
+        self.write_config(
+            """
+INHERIT += "externalsrc"
+EXTERNALSRC:pn-%s = "%s"
+""" % (test_recipe, externalsrc_dir)
+        )
+
+        # test with git without submodules
+        runCmd('git clone %s %s' % (git_url, externalsrc_dir))
+        os.unlink(externalsrc_dir + "/.gitmodules")
+        open(".gitmodules", 'w').close()  # local file .gitmodules in cwd should not affect externalsrc parsing
+        self.assertEqual(get_bb_var("S", test_recipe), externalsrc_dir, msg = "S does not equal to EXTERNALSRC")
+        os.unlink(".gitmodules")
+
+        # test with git with submodules
+        runCmd('git checkout .gitmodules', cwd=externalsrc_dir)
+        runCmd('git submodule update --init --recursive', cwd=externalsrc_dir)
+        self.assertEqual(get_bb_var("S", test_recipe), externalsrc_dir, msg = "S does not equal to EXTERNALSRC")
+
+        # test without git
+        shutil.rmtree(os.path.join(externalsrc_dir, ".git"))
+        self.assertEqual(get_bb_var("S", test_recipe), externalsrc_dir, msg = "S does not equal to EXTERNALSRC")
diff --git a/meta/lib/oeqa/selftest/cases/fetch.py b/meta/lib/oeqa/selftest/cases/fetch.py
index 76cbadf2ff..1beef5cfed 100644
--- a/meta/lib/oeqa/selftest/cases/fetch.py
+++ b/meta/lib/oeqa/selftest/cases/fetch.py
@@ -1,7 +1,12 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
+import tempfile
+import textwrap
+import bb.tinfoil
 import oe.path
 from oeqa.selftest.case import OESelftestTestCase
 from oeqa.utils.commands import bitbake
@@ -21,8 +26,8 @@ class Fetch(OESelftestTestCase):
         # No mirrors, should use git to fetch successfully
         features = """
 DL_DIR = "%s"
-MIRRORS_forcevariable = ""
-PREMIRRORS_forcevariable = ""
+MIRRORS:forcevariable = ""
+PREMIRRORS:forcevariable = ""
 """ % dldir
         self.write_config(features)
         oe.path.remove(dldir, recurse=True)
@@ -31,9 +36,10 @@ PREMIRRORS_forcevariable = ""
         # No mirrors and broken git, should fail
         features = """
 DL_DIR = "%s"
+SRC_URI:pn-dbus-wait = "git://git.yoctoproject.org/dbus-wait;branch=master;protocol=git"
 GIT_PROXY_COMMAND = "false"
-MIRRORS_forcevariable = ""
-PREMIRRORS_forcevariable = ""
+MIRRORS:forcevariable = ""
+PREMIRRORS:forcevariable = ""
 """ % dldir
         self.write_config(features)
         oe.path.remove(dldir, recurse=True)
@@ -43,9 +49,62 @@ PREMIRRORS_forcevariable = ""
         # Broken git but a specific mirror
         features = """
 DL_DIR = "%s"
+SRC_URI:pn-dbus-wait = "git://git.yoctoproject.org/dbus-wait;branch=master;protocol=git"
 GIT_PROXY_COMMAND = "false"
-MIRRORS_forcevariable = "git://.*/.* http://downloads.yoctoproject.org/mirror/sources/"
+MIRRORS:forcevariable = "git://.*/.* http://downloads.yoctoproject.org/mirror/sources/"
 """ % dldir
         self.write_config(features)
         oe.path.remove(dldir, recurse=True)
         bitbake("dbus-wait -c fetch -f")
+
+
+class Dependencies(OESelftestTestCase):
+    def write_recipe(self, content, tempdir):
+        f = os.path.join(tempdir, "test.bb")
+        with open(f, "w") as fd:
+            fd.write(content)
+        return f
+
+    def test_dependencies(self):
+        """
+        Verify that the correct dependencies are generated for specific SRC_URI entries.
+        """
+
+        with bb.tinfoil.Tinfoil() as tinfoil, tempfile.TemporaryDirectory(prefix="selftest-fetch") as tempdir:
+            tinfoil.prepare(config_only=False, quiet=2)
+
+            r = """
+            LICENSE = "CLOSED"
+            SRC_URI = "http://example.com/tarball.zip"
+            """
+            f = self.write_recipe(textwrap.dedent(r), tempdir)
+            d = tinfoil.parse_recipe_file(f)
+            self.assertIn("wget-native", d.getVarFlag("do_fetch", "depends"))
+            self.assertIn("unzip-native", d.getVarFlag("do_unpack", "depends"))
+
+            # Verify that the downloadfilename overrides the URI
+            r = """
+            LICENSE = "CLOSED"
+            SRC_URI = "https://example.com/tarball;downloadfilename=something.zip"
+            """
+            f = self.write_recipe(textwrap.dedent(r), tempdir)
+            d = tinfoil.parse_recipe_file(f)
+            self.assertIn("wget-native", d.getVarFlag("do_fetch", "depends"))
+            self.assertIn("unzip-native", d.getVarFlag("do_unpack", "depends") or "")
+
+            r = """
+            LICENSE = "CLOSED"
+            SRC_URI = "ftp://example.com/tarball.lz"
+            """
+            f = self.write_recipe(textwrap.dedent(r), tempdir)
+            d = tinfoil.parse_recipe_file(f)
+            self.assertIn("wget-native", d.getVarFlag("do_fetch", "depends"))
+            self.assertIn("lzip-native", d.getVarFlag("do_unpack", "depends"))
+
+            r = """
+            LICENSE = "CLOSED"
+            SRC_URI = "git://example.com/repo;branch=master;rev=ffffffffffffffffffffffffffffffffffffffff"
+            """
+            f = self.write_recipe(textwrap.dedent(r), tempdir)
+            d = tinfoil.parse_recipe_file(f)
+            self.assertIn("git-native", d.getVarFlag("do_fetch", "depends"))
diff --git a/meta/lib/oeqa/selftest/cases/fitimage.py b/meta/lib/oeqa/selftest/cases/fitimage.py
index 02692de822..3c40857747 100644
--- a/meta/lib/oeqa/selftest/cases/fitimage.py
+++ b/meta/lib/oeqa/selftest/cases/fitimage.py
@@ -1,14 +1,743 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
-from oeqa.selftest.case import OESelftestTestCase
-from oeqa.utils.commands import runCmd, bitbake, get_bb_var, runqemu
 import os
-import json
 import re
+import shlex
+import logging
+import pprint
+import tempfile
+
+import oe.fitimage
+
+from oeqa.selftest.case import OESelftestTestCase
+from oeqa.utils.commands import runCmd, bitbake, get_bb_vars, get_bb_var
+
+
+class BbVarsMockGenKeys:
+    def __init__(self, keydir, gen_keys="0", sign_enabled="0", keyname="", sign_ind="0", img_keyname=""):
+        self.bb_vars = {
+            'FIT_GENERATE_KEYS': gen_keys,
+            'FIT_KEY_GENRSA_ARGS': "-F4",
+            'FIT_KEY_REQ_ARGS': "-batch -new",
+            'FIT_KEY_SIGN_PKCS': "-x509",
+            'FIT_SIGN_INDIVIDUAL': sign_ind,
+            'FIT_SIGN_NUMBITS': "2048",
+            'UBOOT_SIGN_ENABLE': sign_enabled,
+            'UBOOT_SIGN_IMG_KEYNAME': img_keyname,
+            'UBOOT_SIGN_KEYDIR': keydir,
+            'UBOOT_SIGN_KEYNAME': keyname,
+        }
+
+    def getVar(self, var):
+        return self.bb_vars[var]
+
+class FitImageTestCase(OESelftestTestCase):
+    """Test functions usable for testing kernel-fitimage.bbclass and uboot-sign.bbclass
+
+    A brief summary showing the structure of a test case:
+
+    self._test_fitimage()
+        # Generate a local.conf file and bitbake the bootloader or the kernel
+        self._bitbake_fit_image()
+
+        # Check if the its file contains the expected paths and attributes.
+        # The _get_req_* functions are implemented by more specific chield classes.
+        self._check_its_file()
+            req_its_paths = self._get_req_its_paths()
+            req_sigvalues_config = self._get_req_sigvalues_config()
+            req_sigvalues_image = self._get_req_sigvalues_image()
+            # Compare the its file against req_its_paths, req_sigvalues_config, req_sigvalues_image
+
+        # Call the dumpimage utiliy and check that it prints all the expected paths and attributes
+        # The _get_req_* functions are implemented by more specific chield classes.
+        self._check_fitimage()
+            self._get_req_sections()
+            # Compare the output of the dumpimage utility against
+    """
+
+    MKIMAGE_HASH_LENGTHS = { 'sha256': 64, 'sha384': 96, 'sha512': 128 }
+    MKIMAGE_SIGNATURE_LENGTHS = { 'rsa2048': 512 }
+
+    def _gen_signing_key(self, bb_vars):
+        """Generate a key pair and a singing certificate
+
+        Generate a UBOOT_SIGN_KEYNAME in the UBOOT_SIGN_KEYDIR similar to what
+        the FIT_GENERATE_KEYS feature does. However, having a static key is
+        probably a more realistic use case than generating a random key with
+        each clean build. So this needs to be tested as well.
+        The FIT_GENERATE_KEYS generates 2 keys: The UBOOT_SIGN_KEYNAME and the
+        UBOOT_SIGN_IMG_KEYNAME. The UBOOT_SIGN_IMG_KEYNAME is used by the
+        FIT_SIGN_INDIVIDUAL feature only. Testing if everything is working if
+        there is only one key available is important as well. Therefore this
+        function generates only the keys which are really needed, not just two.
+        """
+
+        # Define some variables which are usually defined by the kernel-fitimage.bbclass.
+        # But for testing purpose check if the uboot-sign.bbclass is independent from
+        # the kernel-fitimage.bbclass
+        fit_sign_numbits = bb_vars.get('FIT_SIGN_NUMBITS', "2048")
+        fit_key_genrsa_args = bb_vars.get('FIT_KEY_GENRSA_ARGS', "-F4")
+        fit_key_req_args =  bb_vars.get('FIT_KEY_REQ_ARGS', "-batch -new")
+        fit_key_sign_pkcs = bb_vars.get('FIT_KEY_SIGN_PKCS', "-x509")
+
+        uboot_sign_keydir = bb_vars['UBOOT_SIGN_KEYDIR']
+        sign_keys = [bb_vars['UBOOT_SIGN_KEYNAME']]
+        if bb_vars['FIT_SIGN_INDIVIDUAL'] == "1":
+            sign_keys.append(bb_vars['UBOOT_SIGN_IMG_KEYNAME'])
+        for sign_key in sign_keys:
+            sing_key_path = os.path.join(uboot_sign_keydir, sign_key)
+            if not os.path.isdir(uboot_sign_keydir):
+                os.makedirs(uboot_sign_keydir)
+            openssl_bindir = FitImageTestCase._setup_native('openssl-native')
+            openssl_path = os.path.join(openssl_bindir, 'openssl')
+            runCmd("%s genrsa %s -out %s.key %s" % (
+                openssl_path,
+                fit_key_genrsa_args,
+                sing_key_path,
+                fit_sign_numbits
+            ))
+            runCmd("%s req %s %s -key %s.key -out %s.crt" % (
+                openssl_path,
+                fit_key_req_args,
+                fit_key_sign_pkcs,
+                sing_key_path,
+                sing_key_path
+            ))
+
+    @staticmethod
+    def _gen_random_file(file_path, num_bytes=65536):
+        with open(file_path, 'wb') as file_out:
+            file_out.write(os.urandom(num_bytes))
+
+    @staticmethod
+    def _setup_native(native_recipe):
+        """Build a native recipe and return the path to its bindir in RECIPE_SYSROOT_NATIVE"""
+        bitbake(native_recipe + " -c addto_recipe_sysroot")
+        vars = get_bb_vars(['RECIPE_SYSROOT_NATIVE', 'bindir'], native_recipe)
+        return os.path.join(vars['RECIPE_SYSROOT_NATIVE'], vars['bindir'])
+
+    def _verify_fit_image_signature(self, uboot_tools_bindir, fitimage_path, dtb_path, conf_name=None):
+        """Verify the signature of a fit configuration
+
+        The fit_check_sign utility from u-boot-tools-native is called.
+        uboot-fit_check_sign -f fitImage -k $dtb_path -c conf-$dtb_name
+        dtb_path refers to a binary device tree containing the public key.
+        """
+        fit_check_sign_path = os.path.join(uboot_tools_bindir, 'uboot-fit_check_sign')
+        cmd = '%s -f %s -k %s' % (fit_check_sign_path, fitimage_path, dtb_path)
+        if conf_name:
+            cmd += ' -c %s' % conf_name
+        result = runCmd(cmd)
+        self.logger.debug("%s\nreturned: %s\n%s", cmd, str(result.status), result.output)
+        self.assertIn("Signature check OK", result.output)
+
+    def _verify_dtb_property(self, dtc_bindir, dtb_path, node_path, property_name, req_property, absent=False):
+        """Verify device tree properties
+
+        The fdtget utility from dtc-native is called and the property is compared.
+        """
+        fdtget_path = os.path.join(dtc_bindir, 'fdtget')
+        cmd = '%s %s %s %s' % (fdtget_path, dtb_path, node_path, property_name)
+        if absent:
+            result = runCmd(cmd, ignore_status=True)
+            self.logger.debug("%s\nreturned: %s\n%s", cmd, str(result.status), result.output)
+            self.assertIn("FDT_ERR_NOTFOUND", result.output)
+        else:
+            result = runCmd(cmd)
+            self.logger.debug("%s\nreturned: %s\n%s", cmd, str(result.status), result.output)
+            self.assertEqual(req_property, result.output.strip())
+
+    @staticmethod
+    def _find_string_in_bin_file(file_path, search_string):
+        """find strings in a binary file
+
+        Shell equivalent: strings "$1" | grep "$2" | wc -l
+        return number of matches
+        """
+        found_positions = 0
+        with open(file_path, 'rb') as file:
+            content = file.read().decode('ascii', errors='ignore')
+            found_positions = content.count(search_string)
+        return found_positions
+
+    @staticmethod
+    def _get_uboot_mkimage_sign_args(uboot_mkimage_sign_args):
+        """Retrive the string passed via -c to the mkimage command
+
+        Example: If a build configutation defines
+          UBOOT_MKIMAGE_SIGN_ARGS = "-c 'a smart comment'"
+        this function returns "a smart comment"
+        """
+        a_comment = None
+        if uboot_mkimage_sign_args:
+            mkimage_args = shlex.split(uboot_mkimage_sign_args)
+            try:
+                c_index = mkimage_args.index('-c')
+                a_comment = mkimage_args[c_index+1]
+            except ValueError:
+                pass
+        return a_comment
+
+    @staticmethod
+    def _get_dtb_files(bb_vars):
+        """Return a list of devicetree names
+
+        The list should be used to check the dtb and conf nodes in the FIT image or its file.
+        In addition to the entries from KERNEL_DEVICETREE, the external devicetree and the
+        external devicetree overlay added by the test recipe bbb-dtbs-as-ext are handled as well.
+        """
+        kernel_devicetree = bb_vars.get('KERNEL_DEVICETREE')
+        all_dtbs = []
+        dtb_symlinks = []
+        if kernel_devicetree:
+            all_dtbs += [os.path.basename(dtb) for dtb in kernel_devicetree.split()]
+        # Support only the test recipe which provides 1 devicetree and 1 devicetree overlay
+        pref_prov_dtb = bb_vars.get('PREFERRED_PROVIDER_virtual/dtb')
+        if pref_prov_dtb == "bbb-dtbs-as-ext":
+            all_dtbs += ["am335x-bonegreen-ext.dtb", "BBORG_RELAY-00A2.dtbo"]
+            dtb_symlinks.append("am335x-bonegreen-ext-alias.dtb")
+        return (all_dtbs, dtb_symlinks)
+
+    def _is_req_dict_in_dict(self, found_dict, req_dict):
+        """
+        Check if all key-value pairs in the required dictionary are present in the found dictionary.
+
+        This function recursively checks if the required dictionary (`req_dict`) is a subset of the found dictionary (`found_dict`).
+        It supports nested dictionaries, strings, lists, and sets as values.
+
+        Args:
+            found_dict (dict): The dictionary to search within.
+            req_dict (dict): The dictionary containing the required key-value pairs.
+        """
+        for key, value in req_dict.items():
+            self.assertIn(key, found_dict)
+            if isinstance(value, dict):
+                self._is_req_dict_in_dict(found_dict[key], value)
+            elif isinstance(value, str):
+                self.assertIn(value, found_dict[key])
+            elif isinstance(value, list):
+                self.assertLessEqual(set(value), set(found_dict[key]))
+            elif isinstance(value, set):
+                self.assertLessEqual(value, found_dict[key])
+            else:
+                self.assertEqual(value, found_dict[key])
+
+    def _check_its_file(self, bb_vars, its_file_path):
+        """Check if the its file contains the expected sections and fields"""
+        # print the its file for debugging
+        if logging.DEBUG >= self.logger.level:
+            with open(its_file_path) as its_file:
+                self.logger.debug("its file: %s" % its_file.read())
+
+        # Generate a list of expected paths in the its file
+        req_its_paths = self._get_req_its_paths(bb_vars)
+        self.logger.debug("req_its_paths:\n%s\n" % pprint.pformat(req_its_paths, indent=4))
+
+        # Generate a dict of expected configuration signature nodes
+        req_sigvalues_config = self._get_req_sigvalues_config(bb_vars)
+        self.logger.debug("req_sigvalues_config:\n%s\n" % pprint.pformat(req_sigvalues_config, indent=4))
+
+        # Generate a dict of expected image signature nodes
+        req_sigvalues_image = self._get_req_sigvalues_image(bb_vars)
+        self.logger.debug("req_sigvalues_image:\n%s\n" % pprint.pformat(req_sigvalues_image, indent=4))
+
+        # Parse the its file for paths and signatures
+        its_path = []
+        its_paths = []
+        linect = 0
+        sigs = {}
+        with open(its_file_path) as its_file:
+            for line in its_file:
+                linect += 1
+                line = line.strip()
+                if line.endswith('};'):
+                    its_path.pop()
+                elif line.endswith('{'):
+                    its_path.append(line[:-1].strip())
+                    its_paths.append(its_path[:])
+                # kernel-fitimage uses signature-1, uboot-sign uses signature
+                elif its_path and (its_path[-1] == 'signature-1' or its_path[-1] == 'signature'):
+                    itsdotpath = '.'.join(its_path)
+                    if not itsdotpath in sigs:
+                        sigs[itsdotpath] = {}
+                    if not '=' in line or not line.endswith(';'):
+                        self.fail('Unexpected formatting in %s sigs section line %d:%s' % (its_file_path, linect, line))
+                    key, value = line.split('=', 1)
+                    sigs[itsdotpath][key.rstrip()] = value.lstrip().rstrip(';')
+
+        # Check if all expected paths are found in the its file
+        self.logger.debug("itspaths:\n%s\n" % pprint.pformat(its_paths, indent=4))
+        for req_path in req_its_paths:
+            if not req_path in its_paths:
+                self.fail('Missing path in its file: %s (%s)' % (req_path, its_file_path))
+
+        # Check if all the expected singnature nodes (images and configurations) are found
+        self.logger.debug("sigs:\n%s\n" % pprint.pformat(sigs, indent=4))
+        if req_sigvalues_config or req_sigvalues_image:
+            for its_path, values in sigs.items():
+                if bb_vars.get('FIT_CONF_PREFIX', "conf-") in its_path:
+                    reqsigvalues = req_sigvalues_config
+                else:
+                    reqsigvalues = req_sigvalues_image
+                for reqkey, reqvalue in reqsigvalues.items():
+                    value = values.get(reqkey, None)
+                    if value is None:
+                        self.fail('Missing key "%s" in its file signature section %s (%s)' % (reqkey, its_path, its_file_path))
+                    self.assertEqual(value, reqvalue)
+
+        # Generate a list of expected fields in the its file
+        req_its_fields = self._get_req_its_fields(bb_vars)
+        self.logger.debug("req_its_fields:\n%s\n" % pprint.pformat(req_its_fields, indent=4))
+
+        # Check if all expected fields are in the its file
+        if req_its_fields:
+            field_index = 0
+            field_index_last = len(req_its_fields) - 1
+            with open(its_file_path) as its_file:
+                for line in its_file:
+                    if req_its_fields[field_index] in line:
+                        if field_index < field_index_last:
+                            field_index +=1
+                        else:
+                            break
+            self.assertEqual(field_index, field_index_last,
+                "Fields in Image Tree Source File %s did not match, error in finding %s"
+                % (its_file_path, req_its_fields[field_index]))
+
+    def _check_fitimage(self, bb_vars, fitimage_path, uboot_tools_bindir):
+        """Run dumpimage on the final FIT image and parse the output into a dict"""
+        dumpimage_path = os.path.join(uboot_tools_bindir, 'dumpimage')
+        cmd = '%s -l %s' % (dumpimage_path, fitimage_path)
+        self.logger.debug("Analyzing output from dumpimage: %s" % cmd)
+        dumpimage_result = runCmd(cmd)
+        in_section = None
+        sections = {}
+        self.logger.debug("dumpimage output: %s" % dumpimage_result.output)
+        for line in dumpimage_result.output.splitlines():
+            # Find potentially hashed and signed sections
+            if line.startswith((' Configuration', ' Image')):
+                in_section = re.search(r'\((.*)\)', line).groups()[0]
+            # Key value lines start with two spaces otherwise the section ended
+            elif not line.startswith("  "):
+                in_section = None
+            # Handle key value lines of this section
+            elif in_section:
+                if not in_section in sections:
+                    sections[in_section] = {}
+                try:
+                    key, value = line.split(':', 1)
+                    key = key.strip()
+                    value = value.strip()
+                except ValueError as val_err:
+                    # Handle multiple entries as e.g. for Loadables as a list
+                    if key and line.startswith("   "):
+                        value = sections[in_section][key] + "," + line.strip()
+                    else:
+                        raise ValueError(f"Error processing line: '{line}'. Original error: {val_err}")
+                sections[in_section][key] = value
+
+        # Check if the requested dictionary is a subset of the parsed dictionary
+        req_sections, num_signatures = self._get_req_sections(bb_vars)
+        self.logger.debug("req_sections: \n%s\n" % pprint.pformat(req_sections, indent=4))
+        self.logger.debug("dumpimage sections: \n%s\n" % pprint.pformat(sections, indent=4))
+        self._is_req_dict_in_dict(sections, req_sections)
+
+        # Call the signing related checks if the function is provided by a inherited class
+        self._check_signing(bb_vars, sections, num_signatures, uboot_tools_bindir, fitimage_path)
+
+    def _get_req_its_paths(self, bb_vars):
+        self.logger.error("This function needs to be implemented")
+        return []
+
+    def _get_req_its_fields(self, bb_vars):
+        self.logger.error("This function needs to be implemented")
+        return []
+
+    def _get_req_sigvalues_config(self, bb_vars):
+        self.logger.error("This function needs to be implemented")
+        return {}
+
+    def _get_req_sigvalues_image(self, bb_vars):
+        self.logger.error("This function needs to be implemented")
+        return {}
+
+    def _get_req_sections(self, bb_vars):
+        self.logger.error("This function needs to be implemented")
+        return ({}, 0)
+
+    def _check_signing(self, bb_vars, sections, num_signatures, uboot_tools_bindir, fitimage_path):
+        """Verify the signatures in the FIT image."""
+        self.fail("Function needs to be implemented by inheriting classes")
+
+    def _bitbake_fit_image(self, bb_vars):
+        """Bitbake the FIT image and return the paths to the its file and the FIT image"""
+        self.fail("Function needs to be implemented by inheriting classes")
+
+    def _test_fitimage(self, bb_vars):
+        """Check if the its file and the FIT image are created and signed correctly"""
+        fitimage_its_path, fitimage_path = self._bitbake_fit_image(bb_vars)
+        self.assertExists(fitimage_its_path, "%s image tree source doesn't exist" % (fitimage_its_path))
+        self.assertExists(fitimage_path, "%s FIT image doesn't exist" % (fitimage_path))
+
+        self.logger.debug("Checking its: %s" % fitimage_its_path)
+        self._check_its_file(bb_vars, fitimage_its_path)
+
+        # Setup u-boot-tools-native
+        uboot_tools_bindir = FitImageTestCase._setup_native('u-boot-tools-native')
+
+        # Verify the FIT image
+        self._check_fitimage(bb_vars, fitimage_path, uboot_tools_bindir)
+
+class KernelFitImageBase(FitImageTestCase):
+    """Test cases for the linux-yocto-fitimage recipe"""
+
+    def _fit_get_bb_vars(self, additional_vars=[]):
+        """Retrieve BitBake variables specific to the test case.
+
+        Call the get_bb_vars function once and get all variables needed by the test case.
+        """
+        internal_used = {
+            'DEPLOY_DIR_IMAGE',
+            'FIT_CONF_DEFAULT_DTB',
+            'FIT_CONF_PREFIX',
+            'FIT_DESC',
+            'FIT_HASH_ALG',
+            'FIT_KERNEL_COMP_ALG',
+            'FIT_SIGN_ALG',
+            'FIT_SIGN_INDIVIDUAL',
+            'FIT_UBOOT_ENV',
+            'INITRAMFS_IMAGE_BUNDLE',
+            'INITRAMFS_IMAGE_NAME',
+            'INITRAMFS_IMAGE',
+            'KERNEL_DEPLOYSUBDIR',
+            'KERNEL_DEVICETREE',
+            'KERNEL_FIT_LINK_NAME',
+            'MACHINE',
+            'PREFERRED_PROVIDER_virtual/dtb',
+            'UBOOT_ARCH',
+            'UBOOT_ENTRYPOINT',
+            'UBOOT_LOADADDRESS',
+            'UBOOT_MKIMAGE_KERNEL_TYPE',
+            'UBOOT_MKIMAGE_SIGN_ARGS',
+            'UBOOT_RD_ENTRYPOINT',
+            'UBOOT_RD_LOADADDRESS',
+            'UBOOT_SIGN_ENABLE',
+            'UBOOT_SIGN_IMG_KEYNAME',
+            'UBOOT_SIGN_KEYDIR',
+            'UBOOT_SIGN_KEYNAME',
+        }
+        bb_vars = get_bb_vars(list(internal_used | set(additional_vars)), self.kernel_recipe)
+        self.logger.debug("bb_vars: %s" % pprint.pformat(bb_vars, indent=4))
+        return bb_vars
+
+    def _config_add_kernel_classes(self, config):
+        config += '# Use kernel-fit-extra-artifacts.bbclass for the creation of the vmlinux artifact' + os.linesep
+        config += 'KERNEL_CLASSES = "kernel-fit-extra-artifacts"' + os.linesep
+        return config
+
+    @property
+    def kernel_recipe(self):
+        return "linux-yocto-fitimage"
+
+    def _config_add_uboot_env(self, config):
+        """Generate an u-boot environment
+
+        Create a boot.cmd file that is packed into the FIT image as a source-able text file.
+        Updates the configuration to include the boot.cmd file.
+        """
+        fit_uenv_file =  "boot.cmd"
+        test_files_dir = "test-files"
+        fit_uenv_path = os.path.join(self.builddir, test_files_dir, fit_uenv_file)
+
+        config += '# Add an u-boot script to the fitImage' + os.linesep
+        config += 'FIT_UBOOT_ENV = "%s"' % fit_uenv_file + os.linesep
+        config += 'FILESEXTRAPATHS:prepend := "${TOPDIR}/%s:"' % test_files_dir + os.linesep
+        config += 'SRC_URI:append:pn-%s = " file://${FIT_UBOOT_ENV}"' % self.kernel_recipe + os.linesep
+
+        if not os.path.isdir(test_files_dir):
+            os.makedirs(test_files_dir)
+        self.logger.debug("Writing to: %s" % fit_uenv_path)
+        with open(fit_uenv_path, "w") as f:
+            f.write('echo "hello world"')
 
-class FitImageTests(OESelftestTestCase):
+        return config
+
+    def _bitbake_fit_image(self, bb_vars):
+        """Bitbake the kernel and return the paths to the its file and the FIT image"""
+        bitbake(self.kernel_recipe)
+
+        # Find the right its file and the final fitImage and check if both files are available
+        deploy_dir_image = bb_vars['DEPLOY_DIR_IMAGE']
+        initramfs_image = bb_vars['INITRAMFS_IMAGE']
+        initramfs_image_bundle = bb_vars['INITRAMFS_IMAGE_BUNDLE']
+        initramfs_image_name = bb_vars['INITRAMFS_IMAGE_NAME']
+        kernel_fit_link_name = bb_vars['KERNEL_FIT_LINK_NAME']
+        if not initramfs_image and initramfs_image_bundle != "1":
+            fitimage_its_name = "fitImage-its-%s" % kernel_fit_link_name
+            fitimage_name = "fitImage"
+        elif initramfs_image and initramfs_image_bundle != "1":
+            fitimage_its_name = "fitImage-its-%s-%s" % (initramfs_image_name, kernel_fit_link_name)
+            fitimage_name = "fitImage-%s-%s" % (initramfs_image_name, kernel_fit_link_name)
+        elif initramfs_image and initramfs_image_bundle == "1":
+            fitimage_its_name = "fitImage-its-%s-%s" % (initramfs_image_name, kernel_fit_link_name)
+            fitimage_name = "fitImage"  # or fitImage-${KERNEL_IMAGE_LINK_NAME}${KERNEL_IMAGE_BIN_EXT}
+        else:
+            self.fail('Invalid configuration: INITRAMFS_IMAGE_BUNDLE = "1" and not INITRAMFS_IMAGE')
+        kernel_deploysubdir = bb_vars['KERNEL_DEPLOYSUBDIR']
+        if kernel_deploysubdir:
+            fitimage_its_path = os.path.realpath(os.path.join(deploy_dir_image, kernel_deploysubdir, fitimage_its_name))
+            fitimage_path = os.path.realpath(os.path.join(deploy_dir_image, kernel_deploysubdir, fitimage_name))
+        else:
+            fitimage_its_path = os.path.realpath(os.path.join(deploy_dir_image, fitimage_its_name))
+            fitimage_path = os.path.realpath(os.path.join(deploy_dir_image, fitimage_name))
+        return (fitimage_its_path, fitimage_path)
+
+    def _get_req_its_paths(self, bb_vars):
+        """Generate a list of expected paths in the its file
+
+        Example:
+            [
+                ['/', 'images', 'kernel-1', 'hash-1'],
+                ['/', 'images', 'kernel-1', 'signature-1'],
+            ]
+        """
+        dtb_files, dtb_symlinks = FitImageTestCase._get_dtb_files(bb_vars)
+        fit_sign_individual = bb_vars['FIT_SIGN_INDIVIDUAL']
+        fit_uboot_env = bb_vars['FIT_UBOOT_ENV']
+        initramfs_image = bb_vars['INITRAMFS_IMAGE']
+        initramfs_image_bundle = bb_vars['INITRAMFS_IMAGE_BUNDLE']
+        uboot_sign_enable = bb_vars.get('UBOOT_SIGN_ENABLE')
+
+        # image nodes
+        images = [ 'kernel-1' ]
+        if dtb_files:
+            images += [ 'fdt-' + dtb for dtb in dtb_files ]
+        if fit_uboot_env:
+            images.append('bootscr-' + fit_uboot_env)
+        if bb_vars['MACHINE'] == "qemux86-64": # Not really the right if
+            images.append('setup-1')
+        if initramfs_image and initramfs_image_bundle != "1":
+            images.append('ramdisk-1')
+
+        # configuration nodes (one per DTB and also one per symlink)
+        if dtb_files:
+            configurations = [bb_vars['FIT_CONF_PREFIX'] + conf for conf in dtb_files + dtb_symlinks]
+        else:
+            configurations = [bb_vars['FIT_CONF_PREFIX'] + '1']
+
+        # Create a list of paths for all image and configuration nodes
+        req_its_paths = []
+        for image in images:
+            req_its_paths.append(['/', 'images', image, 'hash-1'])
+            if uboot_sign_enable == "1" and fit_sign_individual == "1":
+                req_its_paths.append(['/', 'images', image, 'signature-1'])
+        for configuration in configurations:
+            req_its_paths.append(['/', 'configurations', configuration, 'hash-1'])
+            if uboot_sign_enable == "1":
+                req_its_paths.append(['/', 'configurations', configuration, 'signature-1'])
+        return req_its_paths
+
+    def _get_req_its_fields(self, bb_vars):
+        initramfs_image = bb_vars['INITRAMFS_IMAGE']
+        initramfs_image_bundle = bb_vars['INITRAMFS_IMAGE_BUNDLE']
+        uboot_rd_loadaddress = bb_vars.get('UBOOT_RD_LOADADDRESS')
+        uboot_rd_entrypoint = bb_vars.get('UBOOT_RD_ENTRYPOINT')
+
+        its_field_check = [
+            'description = "%s";' % bb_vars['FIT_DESC'],
+            'description = "Linux kernel";',
+            'type = "' + str(bb_vars['UBOOT_MKIMAGE_KERNEL_TYPE']) + '";',
+            # 'compression = "' + str(bb_vars['FIT_KERNEL_COMP_ALG']) + '";', defined based on files in TMPDIR, not ideal...
+            'data = /incbin/("linux.bin");',
+            'arch = "' + str(bb_vars['UBOOT_ARCH']) + '";',
+            'os = "linux";',
+            'load = <' + str(bb_vars['UBOOT_LOADADDRESS']) + '>;',
+            'entry = <' + str(bb_vars['UBOOT_ENTRYPOINT']) + '>;',
+        ]
+        if initramfs_image and initramfs_image_bundle != "1":
+            its_field_check.append('type = "ramdisk";')
+            if uboot_rd_loadaddress:
+                its_field_check.append("load = <%s>;" % uboot_rd_loadaddress)
+            if uboot_rd_entrypoint:
+                its_field_check.append("entry = <%s>;" % uboot_rd_entrypoint)
+
+        fit_conf_default_dtb = bb_vars.get('FIT_CONF_DEFAULT_DTB')
+        if fit_conf_default_dtb:
+            fit_conf_prefix = bb_vars.get('FIT_CONF_PREFIX', "conf-")
+            its_field_check.append('default = "' + fit_conf_prefix + fit_conf_default_dtb + '";')
+
+        its_field_check.append('kernel = "kernel-1";')
+
+        if initramfs_image and initramfs_image_bundle != "1":
+            its_field_check.append('ramdisk = "ramdisk-1";')
+
+        return its_field_check
+
+    def _get_req_sigvalues_config(self, bb_vars):
+        """Generate a dictionary of expected configuration signature nodes"""
+        if bb_vars.get('UBOOT_SIGN_ENABLE') != "1":
+            return {}
+        sign_images = '"kernel", "fdt"'
+        if bb_vars['INITRAMFS_IMAGE'] and bb_vars['INITRAMFS_IMAGE_BUNDLE'] != "1":
+            sign_images += ', "ramdisk"'
+        if bb_vars['FIT_UBOOT_ENV']:
+            sign_images += ', "bootscr"'
+        req_sigvalues_config = {
+            'algo': '"%s,%s"' % (bb_vars['FIT_HASH_ALG'], bb_vars['FIT_SIGN_ALG']),
+            'key-name-hint': '"%s"' % bb_vars['UBOOT_SIGN_KEYNAME'],
+            'sign-images': sign_images,
+        }
+        return req_sigvalues_config
+
+    def _get_req_sigvalues_image(self, bb_vars):
+        """Generate a dictionary of expected image signature nodes"""
+        if bb_vars['FIT_SIGN_INDIVIDUAL'] != "1":
+            return {}
+        req_sigvalues_image = {
+            'algo': '"%s,%s"' % (bb_vars['FIT_HASH_ALG'], bb_vars['FIT_SIGN_ALG']),
+            'key-name-hint': '"%s"' % bb_vars['UBOOT_SIGN_IMG_KEYNAME'],
+        }
+        return req_sigvalues_image
+
+    def _get_req_sections(self, bb_vars):
+        """Generate a dictionary of expected sections in the output of dumpimage"""
+        dtb_files, dtb_symlinks = FitImageTestCase._get_dtb_files(bb_vars)
+        fit_hash_alg = bb_vars['FIT_HASH_ALG']
+        fit_sign_alg = bb_vars['FIT_SIGN_ALG']
+        fit_sign_individual = bb_vars['FIT_SIGN_INDIVIDUAL']
+        fit_uboot_env = bb_vars['FIT_UBOOT_ENV']
+        initramfs_image = bb_vars['INITRAMFS_IMAGE']
+        initramfs_image_bundle = bb_vars['INITRAMFS_IMAGE_BUNDLE']
+        uboot_sign_enable = bb_vars['UBOOT_SIGN_ENABLE']
+        uboot_sign_img_keyname = bb_vars['UBOOT_SIGN_IMG_KEYNAME']
+        uboot_sign_keyname = bb_vars['UBOOT_SIGN_KEYNAME']
+        num_signatures = 0
+        req_sections = {
+            "kernel-1": {
+                "Type": "Kernel Image",
+                "OS": "Linux",
+                "Load Address": bb_vars['UBOOT_LOADADDRESS'],
+                "Entry Point": bb_vars['UBOOT_ENTRYPOINT'],
+            }
+        }
+        # Create one section per DTB
+        for dtb in dtb_files:
+            req_sections['fdt-' + dtb] = {
+                "Type": "Flat Device Tree",
+            }
+        # Add a script section if there is a script
+        if fit_uboot_env:
+            req_sections['bootscr-' + fit_uboot_env] = { "Type": "Script" }
+        # Add the initramfs
+        if initramfs_image and initramfs_image_bundle != "1":
+            req_sections['ramdisk-1'] = {
+                "Type": "RAMDisk Image",
+                "Load Address": bb_vars['UBOOT_RD_LOADADDRESS'],
+                "Entry Point": bb_vars['UBOOT_RD_ENTRYPOINT']
+            }
+        # Create a configuration section for each DTB
+        if dtb_files:
+            for dtb in dtb_files + dtb_symlinks:
+                conf_name = bb_vars['FIT_CONF_PREFIX'] + dtb
+                # Assume that DTBs with an "-alias" in its name are symlink DTBs created e.g. by the
+                # bbb-dtbs-as-ext test recipe. Make the configuration node pointing to the real DTB.
+                real_dtb = dtb.replace("-alias", "")
+                # dtb overlays do not refer to a kernel (yet?)
+                if dtb.endswith('.dtbo'):
+                    req_sections[conf_name] = {
+                        "FDT": 'fdt-' + real_dtb,
+                    }
+                else:
+                    req_sections[conf_name] = {
+                        "Kernel": "kernel-1",
+                        "FDT": 'fdt-' + real_dtb,
+                    }
+                if initramfs_image and initramfs_image_bundle != "1":
+                    req_sections[conf_name]['Init Ramdisk'] = "ramdisk-1"
+        else:
+            conf_name = bb_vars['FIT_CONF_PREFIX'] +  '1'
+            req_sections[conf_name] = {
+                "Kernel": "kernel-1"
+            }
+            if initramfs_image and initramfs_image_bundle != "1":
+                req_sections[conf_name]['Init Ramdisk'] = "ramdisk-1"
+
+        # Add signing related properties if needed
+        if uboot_sign_enable == "1":
+            for section in req_sections:
+                req_sections[section]['Hash algo'] = fit_hash_alg
+                if section.startswith(bb_vars['FIT_CONF_PREFIX']):
+                    req_sections[section]['Hash value'] = "unavailable"
+                    req_sections[section]['Sign algo'] = "%s,%s:%s" % (fit_hash_alg, fit_sign_alg, uboot_sign_keyname)
+                    num_signatures += 1
+                elif fit_sign_individual == "1":
+                    req_sections[section]['Sign algo'] = "%s,%s:%s" % (fit_hash_alg, fit_sign_alg, uboot_sign_img_keyname)
+                    num_signatures += 1
+        return (req_sections, num_signatures)
+
+    def _check_signing(self, bb_vars, sections, num_signatures, uboot_tools_bindir, fitimage_path):
+        """Verify the signature nodes in the FIT image"""
+        if bb_vars['UBOOT_SIGN_ENABLE'] == "1":
+            self.logger.debug("Verifying signatures in the FIT image")
+        else:
+            self.logger.debug("FIT image is not signed. Signature verification is not needed.")
+            return
+
+        fit_hash_alg = bb_vars['FIT_HASH_ALG']
+        fit_sign_alg = bb_vars['FIT_SIGN_ALG']
+        uboot_sign_keyname = bb_vars['UBOOT_SIGN_KEYNAME']
+        uboot_sign_img_keyname = bb_vars['UBOOT_SIGN_IMG_KEYNAME']
+        deploy_dir_image = bb_vars['DEPLOY_DIR_IMAGE']
+        kernel_deploysubdir = bb_vars['KERNEL_DEPLOYSUBDIR']
+        fit_sign_individual = bb_vars['FIT_SIGN_INDIVIDUAL']
+        fit_hash_alg_len = FitImageTestCase.MKIMAGE_HASH_LENGTHS[fit_hash_alg]
+        fit_sign_alg_len = FitImageTestCase.MKIMAGE_SIGNATURE_LENGTHS[fit_sign_alg]
+        for section, values in sections.items():
+            # Configuration nodes are always signed with UBOOT_SIGN_KEYNAME (if UBOOT_SIGN_ENABLE = "1")
+            if section.startswith(bb_vars['FIT_CONF_PREFIX']):
+                sign_algo = values.get('Sign algo', None)
+                req_sign_algo = "%s,%s:%s" % (fit_hash_alg, fit_sign_alg, uboot_sign_keyname)
+                self.assertEqual(sign_algo, req_sign_algo, 'Signature algorithm for %s not expected value' % section)
+                sign_value = values.get('Sign value', None)
+                self.assertEqual(len(sign_value), fit_sign_alg_len, 'Signature value for section %s not expected length' % section)
+                dtb_file_name = section.replace(bb_vars['FIT_CONF_PREFIX'], '')
+                dtb_path = os.path.join(deploy_dir_image, dtb_file_name)
+                if kernel_deploysubdir:
+                    dtb_path = os.path.join(deploy_dir_image, kernel_deploysubdir, dtb_file_name)
+                # External devicetrees created by devicetree.bbclass are in a subfolder and have priority
+                dtb_path_ext = os.path.join(deploy_dir_image, "devicetree", dtb_file_name)
+                if os.path.exists(dtb_path_ext):
+                    dtb_path = dtb_path_ext
+                self._verify_fit_image_signature(uboot_tools_bindir, fitimage_path, dtb_path, section)
+            else:
+                # Image nodes always need a hash which gets indirectly signed by the config signature
+                hash_algo = values.get('Hash algo', None)
+                self.assertEqual(hash_algo, fit_hash_alg)
+                hash_value = values.get('Hash value', None)
+                self.assertEqual(len(hash_value), fit_hash_alg_len, 'Hash value for section %s not expected length' % section)
+                # Optionally, if FIT_SIGN_INDIVIDUAL = 1 also the image nodes have a signature (which is redundant but possible)
+                if fit_sign_individual == "1":
+                    sign_algo = values.get('Sign algo', None)
+                    req_sign_algo = "%s,%s:%s" % (fit_hash_alg, fit_sign_alg, uboot_sign_img_keyname)
+                    self.assertEqual(sign_algo, req_sign_algo, 'Signature algorithm for %s not expected value' % section)
+                    sign_value = values.get('Sign value', None)
+                    self.assertEqual(len(sign_value), fit_sign_alg_len, 'Signature value for section %s not expected length' % section)
+
+        # Search for the string passed to mkimage in each signed section of the FIT image.
+        # Looks like mkimage supports to add a comment but does not support to read it back.
+        a_comment = FitImageTestCase._get_uboot_mkimage_sign_args(bb_vars['UBOOT_MKIMAGE_SIGN_ARGS'])
+        self.logger.debug("a_comment: %s" % a_comment)
+        if a_comment:
+            found_comments = FitImageTestCase._find_string_in_bin_file(fitimage_path, a_comment)
+            self.assertEqual(found_comments, num_signatures, "Expected %d signed and commented (%s) sections in the fitImage." %
+                             (num_signatures, a_comment))
+
+class KernelFitImageRecipeTests(KernelFitImageBase):
+    """Test cases for the kernel-fitimage bbclass"""
 
     def test_fit_image(self):
         """
@@ -24,214 +753,230 @@ class FitImageTests(OESelftestTestCase):
         Author:      Usama Arif <usama.arif@arm.com>
         """
         config = """
-# Enable creation of fitImage
 KERNEL_IMAGETYPE = "Image"
-KERNEL_IMAGETYPES += " fitImage "
-KERNEL_CLASSES = " kernel-fitimage "
 
 # RAM disk variables including load address and entrypoint for kernel and RAM disk
 IMAGE_FSTYPES += "cpio.gz"
 INITRAMFS_IMAGE = "core-image-minimal"
+# core-image-minimal is used as initramfs here, drop the rootfs suffix
+IMAGE_NAME_SUFFIX:pn-core-image-minimal = ""
 UBOOT_RD_LOADADDRESS = "0x88000000"
 UBOOT_RD_ENTRYPOINT = "0x88000000"
 UBOOT_LOADADDRESS = "0x80080000"
 UBOOT_ENTRYPOINT = "0x80080000"
 FIT_DESC = "A model description"
+FIT_CONF_PREFIX = "foo-"
 """
+        config = self._config_add_kernel_classes(config)
         self.write_config(config)
+        bb_vars = self._fit_get_bb_vars()
+        self._test_fitimage(bb_vars)
 
-        # fitImage is created as part of linux recipe
-        bitbake("virtual/kernel")
-
-        image_type = "core-image-minimal"
-        deploy_dir_image = get_bb_var('DEPLOY_DIR_IMAGE')
-        machine = get_bb_var('MACHINE')
-        fitimage_its_path = os.path.join(deploy_dir_image,
-            "fitImage-its-%s-%s-%s" % (image_type, machine, machine))
-        fitimage_path = os.path.join(deploy_dir_image,
-            "fitImage-%s-%s-%s" % (image_type, machine, machine))
-
-        self.assertTrue(os.path.exists(fitimage_its_path),
-            "%s image tree source doesn't exist" % (fitimage_its_path))
-        self.assertTrue(os.path.exists(fitimage_path),
-            "%s FIT image doesn't exist" % (fitimage_path))
-
-        # Check that the type, load address, entrypoint address and default
-        # values for kernel and ramdisk in Image Tree Source are as expected.
-        # The order of fields in the below array is important. Not all the
-        # fields are tested, only the key fields that wont vary between
-        # different architectures.
-        its_field_check = [
-            'description = "A model description";',
-            'type = "kernel";',
-            'load = <0x80080000>;',
-            'entry = <0x80080000>;',
-            'type = "ramdisk";',
-            'load = <0x88000000>;',
-            'entry = <0x88000000>;',
-            'default = "conf-1";',
-            'kernel = "kernel-1";',
-            'ramdisk = "ramdisk-1";'
-            ]
+    def test_get_compatible_from_dtb(self):
+        """Test the oe.fitimage.get_compatible_from_dtb function
 
-        with open(fitimage_its_path) as its_file:
-            field_index = 0
-            for line in its_file:
-                if field_index == len(its_field_check):
-                    break
-                if its_field_check[field_index] in line:
-                    field_index +=1
+        1. bitbake bbb-dtbs-as-ext
+        2. Check if symlink_points_below returns the path to the DTB
+        3. Check if the expected compatible string is found by get_compatible_from_dtb()
+        """
+        DTB_RECIPE = "bbb-dtbs-as-ext"
+        DTB_FILE = "am335x-bonegreen-ext.dtb"
+        DTB_SYMLINK = "am335x-bonegreen-ext-alias.dtb"
+        DTBO_FILE = "BBORG_RELAY-00A2.dtbo"
+        EXPECTED_COMP = ["ti,am335x-bone-green", "ti,am335x-bone-black", "ti,am335x-bone", "ti,am33xx"]
 
-        if field_index != len(its_field_check): # if its equal, the test passed
-            self.assertTrue(field_index == len(its_field_check),
-                "Fields in Image Tree Source File %s did not match, error in finding %s"
-                % (fitimage_its_path, its_field_check[field_index]))
+        config = """
+DISTRO = "poky"
+MACHINE = "beaglebone-yocto"
+"""
+        self.write_config(config)
+
+        # Provide the fdtget command called by get_compatible_from_dtb
+        dtc_bindir = FitImageTestCase._setup_native('dtc-native')
+        fdtget_path = os.path.join(dtc_bindir, "fdtget")
+        self.assertExists(fdtget_path)
+
+        # bitbake an external DTB with a symlink to it and a DTB overlay
+        bitbake(DTB_RECIPE)
+        deploy_dir_image = get_bb_var("DEPLOY_DIR_IMAGE", DTB_RECIPE)
+        devicetree_dir = os.path.join(deploy_dir_image, "devicetree")
+        dtb_path = os.path.join(devicetree_dir, DTB_FILE)
+        dtb_alias_path = os.path.join(devicetree_dir, DTB_SYMLINK)
+        dtbo_file = os.path.join(devicetree_dir, DTBO_FILE)
+        self.assertExists(dtb_path)
+        self.assertExists(dtb_alias_path)
+        self.assertExists(dtbo_file)
+
+        # Test symlink_points_below
+        linked_dtb = oe.fitimage.symlink_points_below(dtb_alias_path, devicetree_dir)
+        self.assertEqual(linked_dtb, DTB_FILE)
+
+        # Check if get_compatible_from_dtb finds the expected compatible string in the DTBs
+        comp = oe.fitimage.get_compatible_from_dtb(dtb_path, fdtget_path)
+        self.assertEqual(comp, EXPECTED_COMP)
+        comp_alias = oe.fitimage.get_compatible_from_dtb(dtb_alias_path, fdtget_path)
+        self.assertEqual(comp_alias, EXPECTED_COMP)
+        # The alias is a symlink, therefore the compatible string is equal
+        self.assertEqual(comp_alias, comp)
 
+    def test_fit_image_ext_dtb_dtbo(self):
+        """
+        Summary:     Check if FIT image and Image Tree Source (its) are created correctly.
+        Expected:    1) its and FIT image are built successfully
+                     2) The its file contains also the external devicetree overlay
+                     3) Dumping the FIT image indicates the devicetree overlay
+        """
+        config = """
+# Enable creation of fitImage
+MACHINE = "beaglebone-yocto"
+# Add a devicetree overlay which does not need kernel sources
+PREFERRED_PROVIDER_virtual/dtb = "bbb-dtbs-as-ext"
+"""
+        config = self._config_add_kernel_classes(config)
+        config = self._config_add_uboot_env(config)
+        self.write_config(config)
+        bb_vars = self._fit_get_bb_vars()
+        self._test_fitimage(bb_vars)
+
+
+    def test_sign_fit_image_configurations(self):
+        """
+        Summary:     Check if FIT image and Image Tree Source (its) are created
+                     and the configuration nodes are signed correctly.
+        Expected:    1) its and FIT image are built successfully
+                     2) Scanning the its file indicates signing is enabled
+                        as requested by UBOOT_SIGN_ENABLE
+                     3) Dumping the FIT image indicates signature values
+                        are present (only for the configuration nodes as
+                        FIT_SIGN_INDIVIDUAL is disabled)
+                     4) Verify the FIT image contains the comments passed via
+                        UBOOT_MKIMAGE_SIGN_ARGS once per configuration node.
+        """
+        # Generate a configuration section which gets included into the local.conf file
+        config = """
+# Enable creation of fitImage
+MACHINE = "beaglebone-yocto"
+UBOOT_SIGN_ENABLE = "1"
+UBOOT_SIGN_KEYDIR = "${TOPDIR}/signing-keys"
+UBOOT_SIGN_KEYNAME = "dev"
+UBOOT_MKIMAGE_SIGN_ARGS = "-c 'a smart comment'"
+FIT_CONF_DEFAULT_DTB = "am335x-bonegreen.dtb"
+"""
+        config = self._config_add_kernel_classes(config)
+        config = self._config_add_uboot_env(config)
+        self.write_config(config)
+
+        # Retrieve some variables from bitbake
+        bb_vars = self._fit_get_bb_vars([
+            'FIT_KEY_GENRSA_ARGS',
+            'FIT_KEY_REQ_ARGS',
+            'FIT_KEY_SIGN_PKCS',
+            'FIT_SIGN_NUMBITS',
+            'UBOOT_SIGN_KEYDIR',
+        ])
+
+        self._gen_signing_key(bb_vars)
+        self._test_fitimage(bb_vars)
 
-    def test_sign_fit_image(self):
+    def test_sign_fit_image_individual(self):
         """
         Summary:     Check if FIT image and Image Tree Source (its) are created
-                     and signed correctly.
+                     and all nodes are signed correctly.
         Expected:    1) its and FIT image are built successfully
                      2) Scanning the its file indicates signing is enabled
-                        as requested by UBOOT_SIGN_ENABLE (using keys generated
-                        via FIT_GENERATE_KEYS)
+                        as requested by UBOOT_SIGN_ENABLE
                      3) Dumping the FIT image indicates signature values
                         are present (including for images as enabled via
                         FIT_SIGN_INDIVIDUAL)
-                     4) Examination of the do_assemble_fitimage runfile/logfile
-                        indicate that UBOOT_MKIMAGE, UBOOT_MKIMAGE_SIGN and
-                        UBOOT_MKIMAGE_SIGN_ARGS are working as expected.
+                        This also implies that FIT_GENERATE_KEYS = "1" works.
+                     4) Verify the FIT image contains the comments passed via
+                        UBOOT_MKIMAGE_SIGN_ARGS once per image and per
+                        configuration node.
+        Note:        This test is mostly for backward compatibility.
+                     The recommended approach is to sign the configuration nodes
+                     which include also the hashes of all the images. Signing
+                     all the images individually is therefore redundant.
         Product:     oe-core
         Author:      Paul Eggleton <paul.eggleton@microsoft.com> based upon
                      work by Usama Arif <usama.arif@arm.com>
         """
+        # Generate a configuration section which gets included into the local.conf file
         config = """
 # Enable creation of fitImage
 MACHINE = "beaglebone-yocto"
-KERNEL_IMAGETYPES += " fitImage "
-KERNEL_CLASSES = " kernel-fitimage test-mkimage-wrapper "
 UBOOT_SIGN_ENABLE = "1"
 FIT_GENERATE_KEYS = "1"
 UBOOT_SIGN_KEYDIR = "${TOPDIR}/signing-keys"
-UBOOT_SIGN_KEYNAME = "oe-selftest"
+UBOOT_SIGN_IMG_KEYNAME = "img-oe-selftest"
+UBOOT_SIGN_KEYNAME = "cfg-oe-selftest"
 FIT_SIGN_INDIVIDUAL = "1"
 UBOOT_MKIMAGE_SIGN_ARGS = "-c 'a smart comment'"
 """
+        config = self._config_add_kernel_classes(config)
+        config = self._config_add_uboot_env(config)
         self.write_config(config)
+        bb_vars = self._fit_get_bb_vars()
 
-        # fitImage is created as part of linux recipe
-        bitbake("virtual/kernel")
-
-        image_type = "core-image-minimal"
-        deploy_dir_image = get_bb_var('DEPLOY_DIR_IMAGE')
-        machine = get_bb_var('MACHINE')
-        fitimage_its_path = os.path.join(deploy_dir_image,
-            "fitImage-its-%s" % (machine,))
-        fitimage_path = os.path.join(deploy_dir_image,
-            "fitImage-%s.bin" % (machine,))
-
-        self.assertTrue(os.path.exists(fitimage_its_path),
-            "%s image tree source doesn't exist" % (fitimage_its_path))
-        self.assertTrue(os.path.exists(fitimage_path),
-            "%s FIT image doesn't exist" % (fitimage_path))
-
-        req_itspaths = [
-            ['/', 'images', 'kernel-1'],
-            ['/', 'images', 'kernel-1', 'signature-1'],
-            ['/', 'images', 'fdt-am335x-boneblack.dtb'],
-            ['/', 'images', 'fdt-am335x-boneblack.dtb', 'signature-1'],
-            ['/', 'configurations', 'conf-am335x-boneblack.dtb'],
-            ['/', 'configurations', 'conf-am335x-boneblack.dtb', 'signature-1'],
-        ]
+        # Ensure new keys are generated and FIT_GENERATE_KEYS = "1" is tested
+        bitbake("kernel-signing-keys-native -c compile -f")
 
-        itspath = []
-        itspaths = []
-        linect = 0
-        sigs = {}
-        with open(fitimage_its_path) as its_file:
-            linect += 1
-            for line in its_file:
-                line = line.strip()
-                if line.endswith('};'):
-                    itspath.pop()
-                elif line.endswith('{'):
-                    itspath.append(line[:-1].strip())
-                    itspaths.append(itspath[:])
-                elif itspath and itspath[-1] == 'signature-1':
-                    itsdotpath = '.'.join(itspath)
-                    if not itsdotpath in sigs:
-                        sigs[itsdotpath] = {}
-                    if not '=' in line or not line.endswith(';'):
-                        self.fail('Unexpected formatting in %s sigs section line %d:%s' % (fitimage_its_path, linect, line))
-                    key, value = line.split('=', 1)
-                    sigs[itsdotpath][key.rstrip()] = value.lstrip().rstrip(';')
+        self._test_fitimage(bb_vars)
 
-        for reqpath in req_itspaths:
-            if not reqpath in itspaths:
-                self.fail('Missing section in its file: %s' % reqpath)
+    def test_fit_image_sign_initramfs(self):
+        """
+        Summary:     Verifies the content of the initramfs node in the FIT Image Tree Source (its)
+                     The FIT settings are set by the test case.
+                     The machine used is beaglebone-yocto.
+        Expected:    1. The ITS is generated with initramfs support
+                     2. All the fields in the kernel node are as expected (matching the
+                        conf settings)
+                     3. The kernel is included in all the available configurations and
+                        its hash is included in the configuration signature
 
-        reqsigvalues_image = {
-            'algo': '"sha256,rsa2048"',
-            'key-name-hint': '"oe-selftest"',
-        }
-        reqsigvalues_config = {
-            'algo': '"sha256,rsa2048"',
-            'key-name-hint': '"oe-selftest"',
-            'sign-images': '"kernel", "fdt"',
-        }
+        Product:     oe-core
+        Author:      Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
+        """
 
-        for itspath, values in sigs.items():
-            if 'conf-' in itspath:
-                reqsigvalues = reqsigvalues_config
-            else:
-                reqsigvalues = reqsigvalues_image
-            for reqkey, reqvalue in reqsigvalues.items():
-                value = values.get(reqkey, None)
-                if value is None:
-                    self.fail('Missing key "%s" in its file signature section %s' % (reqkey, itspath))
-                self.assertEqual(value, reqvalue)
-
-        # Dump the image to see if it really got signed
-        bitbake("u-boot-tools-native -c addto_recipe_sysroot")
-        result = runCmd('bitbake -e u-boot-tools-native | grep ^RECIPE_SYSROOT_NATIVE=')
-        recipe_sysroot_native = result.output.split('=')[1].strip('"')
-        dumpimage_path = os.path.join(recipe_sysroot_native, 'usr', 'bin', 'dumpimage')
-        result = runCmd('%s -l %s' % (dumpimage_path, fitimage_path))
-        in_signed = None
-        signed_sections = {}
-        for line in result.output.splitlines():
-            if line.startswith((' Configuration', ' Image')):
-                in_signed = re.search('\((.*)\)', line).groups()[0]
-            elif re.match('^ *', line) in (' ', ''):
-                in_signed = None
-            elif in_signed:
-                if not in_signed in signed_sections:
-                    signed_sections[in_signed] = {}
-                key, value = line.split(':', 1)
-                signed_sections[in_signed][key.strip()] = value.strip()
-        self.assertIn('kernel-1', signed_sections)
-        self.assertIn('fdt-am335x-boneblack.dtb', signed_sections)
-        self.assertIn('conf-am335x-boneblack.dtb', signed_sections)
-        for signed_section, values in signed_sections.items():
-            value = values.get('Sign algo', None)
-            self.assertEqual(value, 'sha256,rsa2048:oe-selftest', 'Signature algorithm for %s not expected value' % signed_section)
-            value = values.get('Sign value', None)
-            self.assertEqual(len(value), 512, 'Signature value for section %s not expected length' % signed_section)
-
-        # Check for UBOOT_MKIMAGE_SIGN_ARGS
-        result = runCmd('bitbake -e virtual/kernel | grep ^T=')
-        tempdir = result.output.split('=', 1)[1].strip().strip('')
-        result = runCmd('grep "a smart comment" %s/run.do_assemble_fitimage' % tempdir, ignore_status=True)
-        self.assertEqual(result.status, 0, 'UBOOT_MKIMAGE_SIGN_ARGS value did not get used')
-
-        # Check for evidence of test-mkimage-wrapper class
-        result = runCmd('grep "### uboot-mkimage wrapper message" %s/log.do_assemble_fitimage' % tempdir, ignore_status=True)
-        self.assertEqual(result.status, 0, 'UBOOT_MKIMAGE did not work')
-        result = runCmd('grep "### uboot-mkimage signing wrapper message" %s/log.do_assemble_fitimage' % tempdir, ignore_status=True)
-        self.assertEqual(result.status, 0, 'UBOOT_MKIMAGE_SIGN did not work')
-
-    def test_initramfs_bundle(self):
+        config = """
+DISTRO = "poky"
+MACHINE = "beaglebone-yocto"
+INITRAMFS_IMAGE = "core-image-minimal-initramfs"
+INITRAMFS_SCRIPTS = ""
+UBOOT_MACHINE = "am335x_evm_defconfig"
+UBOOT_SIGN_ENABLE = "1"
+UBOOT_SIGN_KEYNAME = "beaglebonekey"
+UBOOT_SIGN_KEYDIR ?= "${DEPLOY_DIR_IMAGE}"
+UBOOT_DTB_BINARY = "u-boot.dtb"
+UBOOT_ENTRYPOINT  = "0x80000000"
+UBOOT_LOADADDRESS = "0x80000000"
+UBOOT_RD_LOADADDRESS = "0x88000000"
+UBOOT_RD_ENTRYPOINT = "0x88000000"
+UBOOT_DTB_LOADADDRESS = "0x82000000"
+UBOOT_ARCH = "arm"
+UBOOT_MKIMAGE_DTCOPTS = "-I dts -O dtb -p 2000"
+UBOOT_MKIMAGE_KERNEL_TYPE = "kernel"
+UBOOT_EXTLINUX = "0"
+KERNEL_IMAGETYPE_REPLACEMENT = "zImage"
+FIT_KERNEL_COMP_ALG = "none"
+FIT_HASH_ALG = "sha256"
+"""
+        config = self._config_add_kernel_classes(config)
+        config = self._config_add_uboot_env(config)
+        self.write_config(config)
+
+        # Retrieve some variables from bitbake
+        bb_vars = self._fit_get_bb_vars([
+            'FIT_KEY_GENRSA_ARGS',
+            'FIT_KEY_REQ_ARGS',
+            'FIT_KEY_SIGN_PKCS',
+            'FIT_SIGN_NUMBITS',
+            'UBOOT_SIGN_KEYDIR',
+        ])
+
+        self._gen_signing_key(bb_vars)
+        self._test_fitimage(bb_vars)
+
+    def test_fit_image_sign_initramfs_bundle(self):
         """
         Summary:     Verifies the content of the initramfs bundle node in the FIT Image Tree Source (its)
                      The FIT settings are set by the test case.
@@ -247,14 +992,12 @@ UBOOT_MKIMAGE_SIGN_ARGS = "-c 'a smart comment'"
         """
 
         config = """
-DISTRO="poky"
+DISTRO = "poky"
 MACHINE = "beaglebone-yocto"
 INITRAMFS_IMAGE_BUNDLE = "1"
 INITRAMFS_IMAGE = "core-image-minimal-initramfs"
 INITRAMFS_SCRIPTS = ""
 UBOOT_MACHINE = "am335x_evm_defconfig"
-KERNEL_CLASSES = " kernel-fitimage "
-KERNEL_IMAGETYPES = "fitImage"
 UBOOT_SIGN_ENABLE = "1"
 UBOOT_SIGN_KEYNAME = "beaglebonekey"
 UBOOT_SIGN_KEYDIR ?= "${DEPLOY_DIR_IMAGE}"
@@ -264,102 +1007,725 @@ UBOOT_LOADADDRESS = "0x80000000"
 UBOOT_DTB_LOADADDRESS = "0x82000000"
 UBOOT_ARCH = "arm"
 UBOOT_MKIMAGE_DTCOPTS = "-I dts -O dtb -p 2000"
+UBOOT_MKIMAGE_KERNEL_TYPE = "kernel"
 UBOOT_EXTLINUX = "0"
-FIT_GENERATE_KEYS = "1"
 KERNEL_IMAGETYPE_REPLACEMENT = "zImage"
+FIT_KERNEL_COMP_ALG = "none"
 FIT_HASH_ALG = "sha256"
 """
+        config = self._config_add_kernel_classes(config)
+        config = self._config_add_uboot_env(config)
         self.write_config(config)
+        bb_vars = self._fit_get_bb_vars()
+        self._gen_signing_key(bb_vars)
+        self._test_fitimage(bb_vars)
+
+class FitImagePyTests(KernelFitImageBase):
+    """Test cases for the fitimage.py module without calling bitbake"""
 
-        # fitImage is created as part of linux recipe
-        bitbake("virtual/kernel")
+    def _test_fitimage_py(self, bb_vars_overrides=None):
+        topdir = os.path.join(os.environ['BUILDDIR'])
+        fitimage_its_path = os.path.join(topdir, self._testMethodName + '.its')
 
-        image_type = get_bb_var('INITRAMFS_IMAGE')
-        deploy_dir_image = get_bb_var('DEPLOY_DIR_IMAGE')
-        machine = get_bb_var('MACHINE')
-        fitimage_its_path = os.path.join(deploy_dir_image,
-                    "fitImage-its-%s-%s-%s" % (image_type, machine, machine))
-        fitimage_path = os.path.join(deploy_dir_image,"fitImage")
+        # Provide variables without calling bitbake
+        bb_vars = {
+            # image-fitimage.conf
+            'FIT_DESC': "Kernel fitImage for a dummy distro",
+            'FIT_HASH_ALG': "sha256",
+            'FIT_SIGN_ALG': "rsa2048",
+            'FIT_PAD_ALG': "pkcs-1.5",
+            'FIT_GENERATE_KEYS': "0",
+            'FIT_SIGN_NUMBITS': "2048",
+            'FIT_KEY_GENRSA_ARGS': "-F4",
+            'FIT_KEY_REQ_ARGS': "-batch -new",
+            'FIT_KEY_SIGN_PKCS': "-x509",
+            'FIT_SIGN_INDIVIDUAL': "0",
+            'FIT_CONF_PREFIX': "conf-",
+            'FIT_SUPPORTED_INITRAMFS_FSTYPES': "cpio.lz4 cpio.lzo cpio.lzma cpio.xz cpio.zst cpio.gz ext2.gz cpio",
+            'FIT_CONF_DEFAULT_DTB': "",
+            'FIT_ADDRESS_CELLS': "1",
+            'FIT_UBOOT_ENV': "",
+            # kernel.bbclass
+            'UBOOT_ENTRYPOINT': "0x20008000",
+            'UBOOT_LOADADDRESS': "0x20008000",
+            'INITRAMFS_IMAGE': "",
+            'INITRAMFS_IMAGE_BUNDLE': "",
+            # kernel-uboot.bbclass
+            'FIT_KERNEL_COMP_ALG': "gzip",
+            'FIT_KERNEL_COMP_ALG_EXTENSION': ".gz",
+            'UBOOT_MKIMAGE_KERNEL_TYPE': "kernel",
+            # uboot-config.bbclass
+            'UBOOT_MKIMAGE_DTCOPTS': "",
+            'UBOOT_MKIMAGE': "uboot-mkimage",
+            'UBOOT_MKIMAGE_SIGN': "uboot-mkimage",
+            'UBOOT_MKIMAGE_SIGN_ARGS': "",
+            'UBOOT_SIGN_ENABLE': "0",
+            'UBOOT_SIGN_KEYDIR': None,
+            'UBOOT_SIGN_KEYNAME': None,
+            'UBOOT_SIGN_IMG_KEYNAME': None,
+            # others
+            'MACHINE': "qemux86-64",
+            'UBOOT_ARCH': "x86",
+            'HOST_PREFIX': "x86_64-poky-linux-"
+        }
+        if bb_vars_overrides:
+            bb_vars.update(bb_vars_overrides)
 
-        self.assertTrue(os.path.exists(fitimage_its_path),
-            "%s image tree source doesn't exist" % (fitimage_its_path))
-        self.assertTrue(os.path.exists(fitimage_path),
-            "%s FIT image doesn't exist" % (fitimage_path))
+        root_node = oe.fitimage.ItsNodeRootKernel(
+            bb_vars["FIT_DESC"], bb_vars["FIT_ADDRESS_CELLS"],
+            bb_vars['HOST_PREFIX'], bb_vars['UBOOT_ARCH'],  bb_vars["FIT_CONF_PREFIX"],
+            oe.types.boolean(bb_vars['UBOOT_SIGN_ENABLE']), bb_vars["UBOOT_SIGN_KEYDIR"],
+            bb_vars["UBOOT_MKIMAGE"], bb_vars["UBOOT_MKIMAGE_DTCOPTS"],
+            bb_vars["UBOOT_MKIMAGE_SIGN"], bb_vars["UBOOT_MKIMAGE_SIGN_ARGS"],
+            bb_vars['FIT_HASH_ALG'], bb_vars['FIT_SIGN_ALG'], bb_vars['FIT_PAD_ALG'],
+            bb_vars['UBOOT_SIGN_KEYNAME'],
+            oe.types.boolean(bb_vars['FIT_SIGN_INDIVIDUAL']), bb_vars['UBOOT_SIGN_IMG_KEYNAME']
+        )
 
-        kernel_load = str(get_bb_var('UBOOT_LOADADDRESS'))
-        kernel_entry = str(get_bb_var('UBOOT_ENTRYPOINT'))
-        initramfs_bundle_format = str(get_bb_var('KERNEL_IMAGETYPE_REPLACEMENT'))
-        uboot_arch = str(get_bb_var('UBOOT_ARCH'))
-        initramfs_bundle = "arch/" + uboot_arch + "/boot/" + initramfs_bundle_format + ".initramfs"
-        fit_hash_alg = str(get_bb_var('FIT_HASH_ALG'))
+        root_node.fitimage_emit_section_kernel("kernel-1", "linux.bin", "none",
+            bb_vars.get('UBOOT_LOADADDRESS'), bb_vars.get('UBOOT_ENTRYPOINT'),
+            bb_vars.get('UBOOT_MKIMAGE_KERNEL_TYPE'), bb_vars.get("UBOOT_ENTRYSYMBOL")
+        )
 
-        its_file = open(fitimage_its_path)
+        dtb_files, _ = FitImageTestCase._get_dtb_files(bb_vars)
+        for dtb in dtb_files:
+            root_node.fitimage_emit_section_dtb(dtb, os.path.join("a-dir", dtb),
+                bb_vars.get("UBOOT_DTB_LOADADDRESS"), bb_vars.get("UBOOT_DTBO_LOADADDRESS"))
 
-        its_lines = [line.strip() for line in its_file.readlines()]
+        if bb_vars.get('FIT_UBOOT_ENV'):
+            root_node.fitimage_emit_section_boot_script(
+                "bootscr-" + bb_vars['FIT_UBOOT_ENV'], bb_vars['FIT_UBOOT_ENV'])
 
-        exp_node_lines = [
-            'kernel-1 {',
-            'description = "Linux kernel";',
-            'data = /incbin/("' + initramfs_bundle + '");',
-            'type = "kernel";',
-            'arch = "' + uboot_arch + '";',
-            'os = "linux";',
+        if bb_vars['MACHINE'] == "qemux86-64": # Not really the right if
+            root_node.fitimage_emit_section_setup("setup-1", "setup1.bin")
+
+        if bb_vars.get('INITRAMFS_IMAGE') and bb_vars.get("INITRAMFS_IMAGE_BUNDLE") != "1":
+            root_node.fitimage_emit_section_ramdisk("ramdisk-1", "a-dir/a-initramfs-1",
+                "core-image-minimal-initramfs",
+                bb_vars.get("UBOOT_RD_LOADADDRESS"), bb_vars.get("UBOOT_RD_ENTRYPOINT"))
+
+        root_node.fitimage_emit_section_config(bb_vars['FIT_CONF_DEFAULT_DTB'])
+        root_node.write_its_file(fitimage_its_path)
+
+        self.assertExists(fitimage_its_path, "%s image tree source doesn't exist" % (fitimage_its_path))
+        self.logger.debug("Checking its: %s" % fitimage_its_path)
+        self._check_its_file(bb_vars, fitimage_its_path)
+
+    def test_fitimage_py_default(self):
+        self._test_fitimage_py()
+
+    def test_fitimage_py_default_dtb(self):
+        bb_vars_overrides = {
+            'KERNEL_DEVICETREE': "one.dtb two.dtb three.dtb",
+            'FIT_CONF_DEFAULT_DTB': "two.dtb"
+        }
+        self._test_fitimage_py(bb_vars_overrides)
+
+
+class UBootFitImageTests(FitImageTestCase):
+    """Test cases for the uboot-sign bbclass"""
+
+    BOOTLOADER_RECIPE = "virtual/bootloader"
+
+    def _fit_get_bb_vars(self, additional_vars=[]):
+        """Get bb_vars as needed by _test_sign_fit_image
+
+        Call the get_bb_vars function once and get all variables needed by the test case.
+        """
+        internal_used = {
+            'DEPLOY_DIR_IMAGE',
+            'FIT_HASH_ALG',
+            'FIT_KEY_GENRSA_ARGS',
+            'FIT_KEY_REQ_ARGS',
+            'FIT_KEY_SIGN_PKCS',
+            'FIT_SIGN_ALG',
+            'FIT_SIGN_INDIVIDUAL',
+            'FIT_SIGN_NUMBITS',
+            'MACHINE',
+            'SPL_MKIMAGE_SIGN_ARGS',
+            'SPL_SIGN_ENABLE',
+            'SPL_SIGN_KEYNAME',
+            'UBOOT_ARCH',
+            'UBOOT_DTB_BINARY',
+            'UBOOT_DTB_IMAGE',
+            'UBOOT_FIT_ARM_TRUSTED_FIRMWARE_ENTRYPOINT',
+            'UBOOT_FIT_ARM_TRUSTED_FIRMWARE_LOADADDRESS',
+            'UBOOT_FIT_ARM_TRUSTED_FIRMWARE',
+            'UBOOT_FIT_CONF_USER_LOADABLES',
+            'UBOOT_FIT_DESC',
+            'UBOOT_FIT_HASH_ALG',
+            'UBOOT_FIT_SIGN_ALG',
+            'UBOOT_FIT_TEE_ENTRYPOINT',
+            'UBOOT_FIT_TEE_LOADADDRESS',
+            'UBOOT_FIT_TEE',
+            'UBOOT_FIT_UBOOT_ENTRYPOINT',
+            'UBOOT_FIT_UBOOT_LOADADDRESS',
+            'UBOOT_FIT_USER_SETTINGS',
+            'UBOOT_FITIMAGE_ENABLE',
+            'UBOOT_NODTB_BINARY',
+            'UBOOT_SIGN_ENABLE',
+            'UBOOT_SIGN_IMG_KEYNAME',
+            'UBOOT_SIGN_KEYDIR',
+            'UBOOT_SIGN_KEYNAME',
+        }
+        bb_vars = get_bb_vars(list(internal_used | set(additional_vars)), UBootFitImageTests.BOOTLOADER_RECIPE)
+        self.logger.debug("bb_vars: %s" % pprint.pformat(bb_vars, indent=4))
+        return bb_vars
+
+    def _bitbake_fit_image(self, bb_vars):
+        """Bitbake the bootloader and return the paths to the its file and the FIT image"""
+        bitbake(UBootFitImageTests.BOOTLOADER_RECIPE)
+
+        deploy_dir_image = bb_vars['DEPLOY_DIR_IMAGE']
+        machine = bb_vars['MACHINE']
+        fitimage_its_path = os.path.join(deploy_dir_image, "u-boot-its-%s" % machine)
+        fitimage_path = os.path.join(deploy_dir_image, "u-boot-fitImage-%s" % machine)
+        return (fitimage_its_path, fitimage_path)
+
+    def _get_req_its_paths(self, bb_vars):
+        # image nodes
+        images = [ 'uboot', 'fdt',  ]
+        if bb_vars['UBOOT_FIT_TEE'] == "1":
+            images.append('tee')
+        if bb_vars['UBOOT_FIT_ARM_TRUSTED_FIRMWARE'] == "1":
+            images.append('atf')
+        # if bb_vars['UBOOT_FIT_USER_SETTINGS']:
+
+        # configuration nodes
+        configurations = [ 'conf']
+
+        # Create a list of paths for all image and configuration nodes
+        req_its_paths = []
+        for image in images:
+            req_its_paths.append(['/', 'images', image])
+            if bb_vars['SPL_SIGN_ENABLE'] == "1":
+                req_its_paths.append(['/', 'images', image, 'signature'])
+        for configuration in configurations:
+            req_its_paths.append(['/', 'configurations', configuration])
+        return req_its_paths
+
+    def _get_req_its_fields(self, bb_vars):
+        loadables = ["uboot"]
+        its_field_check = [
+            'description = "%s";' % bb_vars['UBOOT_FIT_DESC'],
+            'description = "U-Boot image";',
+            'data = /incbin/("%s");' % bb_vars['UBOOT_NODTB_BINARY'],
+            'type = "standalone";',
+            'os = "u-boot";',
+            'arch = "%s";' % bb_vars['UBOOT_ARCH'],
+            'compression = "none";',
+            'load = <%s>;' % bb_vars['UBOOT_FIT_UBOOT_LOADADDRESS'],
+            'entry = <%s>;' % bb_vars['UBOOT_FIT_UBOOT_ENTRYPOINT'],
+            'description = "U-Boot FDT";',
+            'data = /incbin/("%s");' % bb_vars['UBOOT_DTB_BINARY'],
+            'type = "flat_dt";',
+            'arch = "%s";' % bb_vars['UBOOT_ARCH'],
             'compression = "none";',
-            'load = <' + kernel_load + '>;',
-            'entry = <' + kernel_entry + '>;',
-            'hash-1 {',
-            'algo = "' + fit_hash_alg +'";',
-            '};',
-            '};'
         ]
+        if bb_vars['UBOOT_FIT_TEE'] == "1":
+            its_field_check += [
+                'description = "Trusted Execution Environment";',
+                'data = /incbin/("%s");' % bb_vars['UBOOT_FIT_TEE_IMAGE'],
+                'type = "tee";',
+                'arch = "%s";' % bb_vars['UBOOT_ARCH'],
+                'os = "tee";',
+                'load = <%s>;' % bb_vars['UBOOT_FIT_TEE_LOADADDRESS'],
+                'entry = <%s>;' % bb_vars['UBOOT_FIT_TEE_ENTRYPOINT'],
+                'compression = "none";',
+            ]
+            loadables.insert(0, "tee")
+        if bb_vars['UBOOT_FIT_ARM_TRUSTED_FIRMWARE'] == "1":
+            its_field_check += [
+                'description = "ARM Trusted Firmware";',
+                'data = /incbin/("%s");' % bb_vars['UBOOT_FIT_ARM_TRUSTED_FIRMWARE_IMAGE'],
+                'type = "firmware";',
+                'arch = "%s";' % bb_vars['UBOOT_ARCH'],
+                'os = "arm-trusted-firmware";',
+                'load = <%s>;' % bb_vars['UBOOT_FIT_ARM_TRUSTED_FIRMWARE_LOADADDRESS'],
+                'entry = <%s>;' % bb_vars['UBOOT_FIT_ARM_TRUSTED_FIRMWARE_ENTRYPOINT'],
+                'compression = "none";',
+            ]
+            loadables.insert(0, "atf")
+        its_field_check += [
+            'default = "conf";',
+            'description = "Boot with signed U-Boot FIT";',
+            'loadables = "%s";' % '", "'.join(loadables),
+            'fdt = "fdt";',
+        ]
+        return its_field_check
 
-        node_str = exp_node_lines[0]
+    def _get_req_sigvalues_config(self, bb_vars):
+        # COnfigurations are not signed by uboot-sign
+        return {}
 
-        test_passed = False
+    def _get_req_sigvalues_image(self, bb_vars):
+        if bb_vars['SPL_SIGN_ENABLE'] != "1":
+            return {}
+        req_sigvalues_image = {
+            'algo': '"%s,%s"' % (bb_vars['UBOOT_FIT_HASH_ALG'], bb_vars['UBOOT_FIT_SIGN_ALG']),
+            'key-name-hint': '"%s"' % bb_vars['SPL_SIGN_KEYNAME'],
+        }
+        return req_sigvalues_image
 
-        print ("checking kernel node\n")
+    def _get_req_sections(self, bb_vars):
+        """Generate the expected output of dumpimage for beaglebone targets
 
-        if node_str in its_lines:
-            node_start_idx = its_lines.index(node_str)
-            node = its_lines[node_start_idx:(node_start_idx + len(exp_node_lines))]
-            if node == exp_node_lines:
-                print("kernel node verified")
-            else:
-                self.assertTrue(test_passed == True,"kernel node does not match expectation")
-
-        rx_configs = re.compile("^conf-.*")
-        its_configs = list(filter(rx_configs.match, its_lines))
-
-        for cfg_str in its_configs:
-            cfg_start_idx = its_lines.index(cfg_str)
-            line_idx = cfg_start_idx + 2
-            node_end = False
-            while node_end == False:
-                if its_lines[line_idx] == "};" and its_lines[line_idx-1] == "};" :
-                    node_end = True
-                line_idx = line_idx + 1
-
-            node = its_lines[cfg_start_idx:line_idx]
-            print("checking configuration " + cfg_str.rstrip(" {"))
-            rx_desc_line = re.compile("^description.*1 Linux kernel.*")
-            if len(list(filter(rx_desc_line.match, node))) != 1:
-                self.assertTrue(test_passed == True,"kernel keyword not found in the description line")
-                break
-            else:
-                print("kernel keyword found in the description line")
+        The dict generated by this function is supposed to be compared against
+        the dict which is generated by the _dump_fitimage function.
+        """
+        loadables = ['uboot']
+        req_sections = {
+            "uboot": {
+                "Type": "Standalone Program",
+                "Load Address": bb_vars['UBOOT_FIT_UBOOT_LOADADDRESS'],
+                "Entry Point": bb_vars['UBOOT_FIT_UBOOT_ENTRYPOINT'],
+            },
+            "fdt": {
+                "Type": "Flat Device Tree",
+            }
+        }
+        if bb_vars['UBOOT_FIT_TEE'] == "1":
+            loadables.insert(0, "tee")
+            req_sections['tee'] = {
+                "Type": "Trusted Execution Environment Image",
+                # "Load Address": bb_vars['UBOOT_FIT_TEE_LOADADDRESS'], not printed by mkimage?
+                # "Entry Point": bb_vars['UBOOT_FIT_TEE_ENTRYPOINT'], not printed by mkimage?
+            }
+        if bb_vars['UBOOT_FIT_ARM_TRUSTED_FIRMWARE'] == "1":
+            loadables.insert(0, "atf")
+            req_sections['atf'] = {
+                "Type": "Firmware",
+                "Load Address": bb_vars['UBOOT_FIT_ARM_TRUSTED_FIRMWARE_LOADADDRESS'],
+                # "Entry Point": bb_vars['UBOOT_FIT_ARM_TRUSTED_FIRMWARE_ENTRYPOINT'], not printed by mkimage?
+            }
+        req_sections["conf"] = {
+            "Kernel": "unavailable",
+            "FDT": "fdt",
+            "Loadables": ','.join(loadables),
+        }
 
-            if 'kernel = "kernel-1";' not in node:
-                self.assertTrue(test_passed == True,"kernel line not found")
-                break
-            else:
-                print("kernel line found")
+        # Add signing related properties if needed
+        uboot_fit_hash_alg = bb_vars['UBOOT_FIT_HASH_ALG']
+        uboot_fit_sign_alg = bb_vars['UBOOT_FIT_SIGN_ALG']
+        spl_sign_enable = bb_vars['SPL_SIGN_ENABLE']
+        spl_sign_keyname = bb_vars['SPL_SIGN_KEYNAME']
+        num_signatures = 0
+        if spl_sign_enable == "1":
+            for section in req_sections:
+                if not section.startswith('conf'):
+                    req_sections[section]['Sign algo'] = "%s,%s:%s" % \
+                        (uboot_fit_hash_alg, uboot_fit_sign_alg, spl_sign_keyname)
+                    num_signatures += 1
+        return (req_sections, num_signatures)
+
+    def  _check_signing(self, bb_vars, sections, num_signatures, uboot_tools_bindir, fitimage_path):
+        if bb_vars['UBOOT_FITIMAGE_ENABLE'] == '1' and bb_vars['SPL_SIGN_ENABLE'] == "1":
+            self.logger.debug("Verifying signatures in the FIT image")
+        else:
+            self.logger.debug("FIT image is not signed. Signature verification is not needed.")
+            return
 
-            rx_sign_line = re.compile("^sign-images.*kernel.*")
-            if len(list(filter(rx_sign_line.match, node))) != 1:
-                self.assertTrue(test_passed == True,"kernel hash not signed")
-                break
+        uboot_fit_hash_alg = bb_vars['UBOOT_FIT_HASH_ALG']
+        uboot_fit_sign_alg = bb_vars['UBOOT_FIT_SIGN_ALG']
+        spl_sign_keyname = bb_vars['SPL_SIGN_KEYNAME']
+        fit_sign_alg_len = FitImageTestCase.MKIMAGE_SIGNATURE_LENGTHS[uboot_fit_sign_alg]
+        for section, values in sections.items():
+            # Configuration nodes are always signed with UBOOT_SIGN_KEYNAME (if UBOOT_SIGN_ENABLE = "1")
+            if section.startswith("conf"):
+                # uboot-sign does not sign configuration nodes
+                pass
             else:
-                print("kernel hash signed")
+                # uboot-sign does not add hash nodes, only image signatures
+                sign_algo = values.get('Sign algo', None)
+                req_sign_algo = "%s,%s:%s" % (uboot_fit_hash_alg, uboot_fit_sign_alg, spl_sign_keyname)
+                self.assertEqual(sign_algo, req_sign_algo, 'Signature algorithm for %s not expected value' % section)
+                sign_value = values.get('Sign value', None)
+                self.assertEqual(len(sign_value), fit_sign_alg_len, 'Signature value for section %s not expected length' % section)
+
+        # Search for the string passed to mkimage in each signed section of the FIT image.
+        # Looks like mkimage supports to add a comment but does not support to read it back.
+        a_comment = FitImageTestCase._get_uboot_mkimage_sign_args(bb_vars['SPL_MKIMAGE_SIGN_ARGS'])
+        self.logger.debug("a_comment: %s" % a_comment)
+        if a_comment:
+            found_comments = FitImageTestCase._find_string_in_bin_file(fitimage_path, a_comment)
+            self.assertEqual(found_comments, num_signatures, "Expected %d signed and commented (%s) sections in the fitImage." %
+                             (num_signatures, a_comment))
+
+    def _check_kernel_dtb(self, bb_vars):
+        """
+        Check if the device-tree from U-Boot has the kernel public key(s).
+
+        The concat_dtb function of the uboot-sign.bbclass injects the public keys
+        which are required for verifying the kernel at run-time into the DTB from
+        U-Boot. The following example is from a build with FIT_SIGN_INDIVIDUAL
+        set to "1". If it is set to "0" the key-the-kernel-image-key node is not
+        present.
+        / {
+            ...
+            signature {
+                key-the-kernel-image-key {
+                required = "image";
+                algo = "sha256,rsa2048";
+                ...
+            };
+            key-the-kernel-config-key {
+                required = "conf";
+                algo = "sha256,rsa2048";
+                ...
+            };
+        };
+        """
+        # Setup u-boot-tools-native
+        dtc_bindir = FitImageTestCase._setup_native('dtc-native')
+
+        # Check if 1 or 2 signature sections are in the DTB.
+        uboot_dtb_path = os.path.join(bb_vars['DEPLOY_DIR_IMAGE'], bb_vars['UBOOT_DTB_IMAGE'])
+        algo = "%s,%s" % (bb_vars['FIT_HASH_ALG'], bb_vars['FIT_SIGN_ALG'])
+        if bb_vars['FIT_SIGN_INDIVIDUAL'] == "1":
+            uboot_sign_img_keyname = bb_vars['UBOOT_SIGN_IMG_KEYNAME']
+            key_dtb_path = "/signature/key-" + uboot_sign_img_keyname
+            self._verify_dtb_property(dtc_bindir, uboot_dtb_path, key_dtb_path, "required", "image")
+            self._verify_dtb_property(dtc_bindir, uboot_dtb_path, key_dtb_path, "algo", algo)
+            self._verify_dtb_property(dtc_bindir, uboot_dtb_path, key_dtb_path, "key-name-hint", uboot_sign_img_keyname)
+
+        uboot_sign_keyname = bb_vars['UBOOT_SIGN_KEYNAME']
+        key_dtb_path = "/signature/key-" + uboot_sign_keyname
+        self._verify_dtb_property(dtc_bindir, uboot_dtb_path, key_dtb_path, "required", "conf")
+        self._verify_dtb_property(dtc_bindir, uboot_dtb_path, key_dtb_path, "algo", algo)
+        self._verify_dtb_property(dtc_bindir, uboot_dtb_path, key_dtb_path, "key-name-hint", uboot_sign_keyname)
+
+
+    def test_uboot_fit_image(self):
+        """
+        Summary:     Check if Uboot FIT image and Image Tree Source
+                     (its) are built and the Image Tree Source has the
+                     correct fields.
+        Expected:    1. u-boot-fitImage and u-boot-its can be built
+                     2. The type, load address, entrypoint address and
+                     default values of U-boot image are correct in the
+                     Image Tree Source. Not all the fields are tested,
+                     only the key fields that wont vary between
+                     different architectures.
+        Product:     oe-core
+        Author:      Klaus Heinrich Kiwi <klaus@linux.vnet.ibm.com>
+                     based on work by Usama Arif <usama.arif@arm.com>
+        """
+        config = """
+# We need at least CONFIG_SPL_LOAD_FIT and CONFIG_SPL_OF_CONTROL set
+MACHINE = "qemuarm"
+UBOOT_MACHINE = "am57xx_evm_defconfig"
+SPL_BINARY = "MLO"
+
+# Enable creation of the U-Boot fitImage
+UBOOT_FITIMAGE_ENABLE = "1"
+
+# (U-boot) fitImage properties
+UBOOT_LOADADDRESS = "0x80080000"
+UBOOT_ENTRYPOINT = "0x80080000"
+UBOOT_FIT_DESC = "A model description"
+"""
+        self.write_config(config)
+        bb_vars = self._fit_get_bb_vars()
+        self._test_fitimage(bb_vars)
+
+
+    def test_sign_standalone_uboot_fit_image(self):
+        """
+        Summary:     Check if U-Boot FIT image and Image Tree Source (its) are
+                     created and signed correctly for the scenario where only
+                     the U-Boot proper fitImage is being created and signed.
+        Expected:    1) U-Boot its and FIT image are built successfully
+                     2) Scanning the its file indicates signing is enabled
+                        as requested by SPL_SIGN_ENABLE (using keys generated
+                        via UBOOT_FIT_GENERATE_KEYS)
+                     3) Dumping the FIT image indicates signature values
+                        are present
+                     4) Examination of the do_uboot_assemble_fitimage
+                     runfile/logfile indicate that UBOOT_MKIMAGE, UBOOT_MKIMAGE_SIGN
+                     and SPL_MKIMAGE_SIGN_ARGS are working as expected.
+        Product:     oe-core
+        Author:      Klaus Heinrich Kiwi <klaus@linux.vnet.ibm.com> based upon
+                     work by Paul Eggleton <paul.eggleton@microsoft.com> and
+                     Usama Arif <usama.arif@arm.com>
+        """
+        config = """
+# There's no U-boot defconfig with CONFIG_FIT_SIGNATURE yet, so we need at
+# least CONFIG_SPL_LOAD_FIT and CONFIG_SPL_OF_CONTROL set
+MACHINE = "qemuarm"
+UBOOT_MACHINE = "am57xx_evm_defconfig"
+SPL_BINARY = "MLO"
+# Enable creation and signing of the U-Boot fitImage
+UBOOT_FITIMAGE_ENABLE = "1"
+SPL_SIGN_ENABLE = "1"
+SPL_SIGN_KEYNAME = "spl-oe-selftest"
+SPL_SIGN_KEYDIR = "${TOPDIR}/signing-keys"
+UBOOT_DTB_BINARY = "u-boot.dtb"
+UBOOT_ENTRYPOINT  = "0x80000000"
+UBOOT_LOADADDRESS = "0x80000000"
+UBOOT_DTB_LOADADDRESS = "0x82000000"
+UBOOT_ARCH = "arm"
+SPL_MKIMAGE_DTCOPTS = "-I dts -O dtb -p 2000"
+SPL_MKIMAGE_SIGN_ARGS = "-c 'a smart U-Boot comment'"
+UBOOT_EXTLINUX = "0"
+UBOOT_FIT_GENERATE_KEYS = "1"
+UBOOT_FIT_HASH_ALG = "sha256"
+"""
+        self.write_config(config)
+        bb_vars = self._fit_get_bb_vars()
+        self._test_fitimage(bb_vars)
+
+
+    def test_sign_cascaded_uboot_fit_image(self):
+        """
+        Summary:     Check if U-Boot FIT image and Image Tree Source (its) are
+                     created and signed correctly for the scenario where both
+                     U-Boot proper and Kernel fitImages are being created and
+                     signed.
+        Expected:    1) U-Boot its and FIT image are built successfully
+                     2) Scanning the its file indicates signing is enabled
+                        as requested by SPL_SIGN_ENABLE (using keys generated
+                        via UBOOT_FIT_GENERATE_KEYS)
+                     3) Dumping the FIT image indicates signature values
+                        are present
+                     4) Examination of the do_uboot_assemble_fitimage that
+                     UBOOT_MKIMAGE, UBOOT_MKIMAGE_SIGN and SPL_MKIMAGE_SIGN_ARGS
+                     are working as expected.
+        Product:     oe-core
+        Author:      Klaus Heinrich Kiwi <klaus@linux.vnet.ibm.com> based upon
+                     work by Paul Eggleton <paul.eggleton@microsoft.com> and
+                     Usama Arif <usama.arif@arm.com>
+        """
+        config = """
+# There's no U-boot deconfig with CONFIG_FIT_SIGNATURE yet, so we need at
+# least CONFIG_SPL_LOAD_FIT and CONFIG_SPL_OF_CONTROL set
+MACHINE = "qemuarm"
+UBOOT_MACHINE = "am57xx_evm_defconfig"
+SPL_BINARY = "MLO"
+# Enable creation and signing of the U-Boot fitImage
+UBOOT_FITIMAGE_ENABLE = "1"
+SPL_SIGN_ENABLE = "1"
+SPL_SIGN_KEYNAME = "spl-cascaded-oe-selftest"
+SPL_SIGN_KEYDIR = "${TOPDIR}/signing-keys"
+UBOOT_DTB_BINARY = "u-boot.dtb"
+UBOOT_ENTRYPOINT  = "0x80000000"
+UBOOT_LOADADDRESS = "0x80000000"
+UBOOT_MKIMAGE_DTCOPTS = "-I dts -O dtb -p 2000"
+UBOOT_MKIMAGE_SIGN_ARGS = "-c 'a smart cascaded U-Boot comment'"
+UBOOT_DTB_LOADADDRESS = "0x82000000"
+UBOOT_ARCH = "arm"
+SPL_MKIMAGE_DTCOPTS = "-I dts -O dtb -p 2000"
+SPL_MKIMAGE_SIGN_ARGS = "-c 'a smart cascaded U-Boot comment'"
+UBOOT_EXTLINUX = "0"
+UBOOT_FIT_GENERATE_KEYS = "1"
+UBOOT_FIT_HASH_ALG = "sha256"
+UBOOT_SIGN_ENABLE = "1"
+UBOOT_SIGN_KEYDIR = "${TOPDIR}/signing-keys"
+UBOOT_SIGN_KEYNAME = "cfg-oe-selftest"
+"""
+        self.write_config(config)
+        bb_vars = self._fit_get_bb_vars()
+
+        self._gen_signing_key(bb_vars)
+        self._test_fitimage(bb_vars)
+        self._check_kernel_dtb(bb_vars)
+
+    def test_uboot_atf_tee_fit_image(self):
+        """
+        Summary:     Check if U-boot FIT image and Image Tree Source
+                     (its) are built and the Image Tree Source has the
+                     correct fields.
+        Expected:    1. Create atf and tee dummy images
+                     2. Both u-boot-fitImage and u-boot-its can be built
+                     3. The os, load address, entrypoint address and
+                        default values of U-boot, ATF and TEE images are
+                        correct in the Image Tree Source. Not all the
+                        fields are tested, only the key fields that wont
+                        vary between different architectures.
+                Product:     oe-core
+                Author:      Jamin Lin <jamin_lin@aspeedtech.com>
+        """
+        config = """
+# We need at least CONFIG_SPL_LOAD_FIT and CONFIG_SPL_OF_CONTROL set
+MACHINE = "qemuarm"
+UBOOT_MACHINE = "am57xx_evm_defconfig"
+SPL_BINARY = "MLO"
+
+# Enable creation of the U-Boot fitImage
+UBOOT_FITIMAGE_ENABLE = "1"
+
+# (U-boot) fitImage properties
+UBOOT_LOADADDRESS = "0x80080000"
+UBOOT_ENTRYPOINT = "0x80080000"
+UBOOT_FIT_DESC = "A model description"
+
+# Enable creation of the TEE fitImage
+UBOOT_FIT_TEE = "1"
+
+# TEE fitImage properties
+UBOOT_FIT_TEE_IMAGE = "${TOPDIR}/tee-dummy.bin"
+UBOOT_FIT_TEE_LOADADDRESS = "0x80180000"
+UBOOT_FIT_TEE_ENTRYPOINT = "0x80180000"
+
+# Enable creation of the ATF fitImage
+UBOOT_FIT_ARM_TRUSTED_FIRMWARE = "1"
+
+# ATF fitImage properties
+UBOOT_FIT_ARM_TRUSTED_FIRMWARE_IMAGE = "${TOPDIR}/atf-dummy.bin"
+UBOOT_FIT_ARM_TRUSTED_FIRMWARE_LOADADDRESS = "0x80280000"
+UBOOT_FIT_ARM_TRUSTED_FIRMWARE_ENTRYPOINT = "0x80280000"
+"""
+        self.write_config(config)
+
+        bb_vars = self._fit_get_bb_vars([
+            'UBOOT_FIT_ARM_TRUSTED_FIRMWARE_IMAGE',
+            'UBOOT_FIT_TEE_IMAGE',
+        ])
+
+        # Create an ATF dummy image
+        dummy_atf = os.path.join(self.builddir, bb_vars['UBOOT_FIT_ARM_TRUSTED_FIRMWARE_IMAGE'])
+        FitImageTestCase._gen_random_file(dummy_atf)
+
+        # Create a TEE dummy image
+        dummy_tee = os.path.join(self.builddir, bb_vars['UBOOT_FIT_TEE_IMAGE'])
+        FitImageTestCase._gen_random_file(dummy_tee)
+
+        self._test_fitimage(bb_vars)
+
+    def test_sign_standalone_uboot_atf_tee_fit_image(self):
+        """
+        Summary:     Check if U-Boot FIT image and Image Tree Source (its) are
+                     created and signed correctly for the scenario where only
+                     the U-Boot proper fitImage is being created and signed.
+        Expected:    1. Create atf and tee dummy images
+                     2. U-Boot its and FIT image are built successfully
+                     3. Scanning the its file indicates signing is enabled
+                        as requested by SPL_SIGN_ENABLE (using keys generated
+                        via UBOOT_FIT_GENERATE_KEYS)
+                     4. Dumping the FIT image indicates signature values
+                        are present
+                     5. Examination of the do_uboot_assemble_fitimage
+                     runfile/logfile indicate that UBOOT_MKIMAGE, UBOOT_MKIMAGE_SIGN
+                     and SPL_MKIMAGE_SIGN_ARGS are working as expected.
+                Product:     oe-core
+                Author:      Jamin Lin <jamin_lin@aspeedtech.com>
+        """
+        config = """
+# There's no U-boot deconfig with CONFIG_FIT_SIGNATURE yet, so we need at
+# least CONFIG_SPL_LOAD_FIT and CONFIG_SPL_OF_CONTROL set
+MACHINE = "qemuarm"
+UBOOT_MACHINE = "am57xx_evm_defconfig"
+SPL_BINARY = "MLO"
+# Enable creation and signing of the U-Boot fitImage
+UBOOT_FITIMAGE_ENABLE = "1"
+SPL_SIGN_ENABLE = "1"
+SPL_SIGN_KEYNAME = "spl-oe-selftest"
+SPL_SIGN_KEYDIR = "${TOPDIR}/signing-keys"
+UBOOT_DTB_BINARY = "u-boot.dtb"
+UBOOT_ENTRYPOINT  = "0x80000000"
+UBOOT_LOADADDRESS = "0x80000000"
+UBOOT_ARCH = "arm"
+SPL_MKIMAGE_DTCOPTS = "-I dts -O dtb -p 2000"
+SPL_MKIMAGE_SIGN_ARGS = "-c 'a smart U-Boot ATF TEE comment'"
+UBOOT_EXTLINUX = "0"
+UBOOT_FIT_GENERATE_KEYS = "1"
+UBOOT_FIT_HASH_ALG = "sha256"
+
+# Enable creation of the TEE fitImage
+UBOOT_FIT_TEE = "1"
+
+# TEE fitImage properties
+UBOOT_FIT_TEE_IMAGE = "${TOPDIR}/tee-dummy.bin"
+UBOOT_FIT_TEE_LOADADDRESS = "0x80180000"
+UBOOT_FIT_TEE_ENTRYPOINT = "0x80180000"
+
+# Enable creation of the ATF fitImage
+UBOOT_FIT_ARM_TRUSTED_FIRMWARE = "1"
+
+# ATF fitImage properties
+UBOOT_FIT_ARM_TRUSTED_FIRMWARE_IMAGE = "${TOPDIR}/atf-dummy.bin"
+UBOOT_FIT_ARM_TRUSTED_FIRMWARE_LOADADDRESS = "0x80280000"
+UBOOT_FIT_ARM_TRUSTED_FIRMWARE_ENTRYPOINT = "0x80280000"
+"""
+        self.write_config(config)
+
+        bb_vars = self._fit_get_bb_vars([
+            'UBOOT_FIT_ARM_TRUSTED_FIRMWARE_IMAGE',
+            'UBOOT_FIT_TEE_IMAGE',
+        ])
+
+        # Create an ATF dummy image
+        dummy_atf = os.path.join(self.builddir, bb_vars['UBOOT_FIT_ARM_TRUSTED_FIRMWARE_IMAGE'])
+        FitImageTestCase._gen_random_file(dummy_atf)
+
+        # Create a TEE dummy image
+        dummy_tee = os.path.join(self.builddir, bb_vars['UBOOT_FIT_TEE_IMAGE'])
+        FitImageTestCase._gen_random_file(dummy_tee)
+
+        self._test_fitimage(bb_vars)
+
+
+    def test_sign_uboot_kernel_individual(self):
+        """
+        Summary:     Check if the device-tree from U-Boot has two public keys
+                     for verifying the kernel FIT image created by the
+                     kernel-fitimage.bbclass included.
+                     This test sets: FIT_SIGN_INDIVIDUAL = "1"
+        Expected:    There must be two signature nodes. One is required for
+                     the individual image nodes, the other is required for the
+                     verification of the configuration section.
+        """
+        config = """
+# Enable creation of fitImage
+MACHINE = "beaglebone-yocto"
+UBOOT_SIGN_ENABLE = "1"
+UBOOT_SIGN_KEYDIR = "${TOPDIR}/signing-keys"
+UBOOT_SIGN_KEYNAME = "the-kernel-config-key"
+UBOOT_SIGN_IMG_KEYNAME = "the-kernel-image-key"
+UBOOT_MKIMAGE_DTCOPTS="-I dts -O dtb -p 2000"
+FIT_SIGN_INDIVIDUAL = "1"
+"""
+        self.write_config(config)
+        bb_vars = self._fit_get_bb_vars()
+        self._gen_signing_key(bb_vars)
+
+        bitbake(UBootFitImageTests.BOOTLOADER_RECIPE)
+
+        # Just check the DTB of u-boot since there is no u-boot FIT image
+        self._check_kernel_dtb(bb_vars)
+
+
+    def test_sign_uboot_fit_image_without_spl(self):
+        """
+        Summary:     Check if U-Boot FIT image and Image Tree Source (its) are
+                     created and signed correctly for the scenario where only
+                     the U-Boot proper fitImage is being created and signed
+                     (no SPL included).
+        Expected:    1) U-Boot its and FIT image are built successfully
+                     2) Scanning the its file indicates signing is enabled
+                        as requested by SPL_SIGN_ENABLE (using keys generated
+                        via UBOOT_FIT_GENERATE_KEYS)
+                     3) Dumping the FIT image indicates signature values
+                        are present
+                     4) Examination of the do_uboot_assemble_fitimage
+                     runfile/logfile indicate that UBOOT_MKIMAGE and
+                     UBOOT_MKIMAGE_SIGN are working as expected.
+        Product:     oe-core
+        Author:      Jamin Lin <jamin_lin@aspeedtech.com>
+        """
+        config = """
+# There's no U-boot defconfig with CONFIG_FIT_SIGNATURE yet, so we need at
+# least CONFIG_SPL_LOAD_FIT and CONFIG_SPL_OF_CONTROL set
+MACHINE = "qemuarm"
+UBOOT_MACHINE = "am57xx_evm_defconfig"
+# Enable creation and signing of the U-Boot fitImage (no SPL)
+UBOOT_FITIMAGE_ENABLE = "1"
+SPL_DTB_BINARY = ""
+SPL_SIGN_ENABLE = "1"
+SPL_SIGN_KEYNAME = "spl-oe-selftest"
+SPL_SIGN_KEYDIR = "${TOPDIR}/signing-keys"
+UBOOT_FIT_GENERATE_KEYS = "1"
+"""
+        self.write_config(config)
+        bb_vars = self._fit_get_bb_vars()
+        self._test_fitimage(bb_vars)
 
-            test_passed = True
-            self.assertTrue(test_passed == True,"Initramfs bundle test success")
diff --git a/meta/lib/oeqa/selftest/cases/gcc.py b/meta/lib/oeqa/selftest/cases/gcc.py
index 3efe15228f..1bda29a72b 100644
--- a/meta/lib/oeqa/selftest/cases/gcc.py
+++ b/meta/lib/oeqa/selftest/cases/gcc.py
@@ -1,9 +1,14 @@
+#
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
+#
 import os
+import time
 from oeqa.core.decorator import OETestTag
 from oeqa.core.case import OEPTestResultTestCase
 from oeqa.selftest.case import OESelftestTestCase
-from oeqa.utils.commands import bitbake, get_bb_var, get_bb_vars, runqemu, Command
+from oeqa.utils.commands import bitbake, get_bb_var, get_bb_vars, runqemu
 
 def parse_values(content):
     for i in content:
@@ -32,15 +37,20 @@ class GccSelfTestBase(OESelftestTestCase, OEPTestResultTestCase):
         features = []
         features.append('MAKE_CHECK_TARGETS = "{0}"'.format(" ".join(targets)))
         if ssh is not None:
-            features.append('TOOLCHAIN_TEST_TARGET = "ssh"')
+            features.append('TOOLCHAIN_TEST_TARGET = "linux-ssh"')
             features.append('TOOLCHAIN_TEST_HOST = "{0}"'.format(ssh))
             features.append('TOOLCHAIN_TEST_HOST_USER = "root"')
             features.append('TOOLCHAIN_TEST_HOST_PORT = "22"')
         self.write_config("\n".join(features))
 
         recipe = "gcc-runtime"
+
+        start_time = time.time()
+
         bitbake("{} -c check".format(recipe))
 
+        end_time = time.time()
+
         bb_vars = get_bb_vars(["B", "TARGET_SYS"], recipe)
         builddir, target_sys = bb_vars["B"], bb_vars["TARGET_SYS"]
 
@@ -54,7 +64,7 @@ class GccSelfTestBase(OESelftestTestCase, OEPTestResultTestCase):
 
             ptestsuite = "gcc-{}".format(suite) if suite != "gcc" else suite
             ptestsuite = ptestsuite + "-user" if ssh is None else ptestsuite
-            self.ptest_section(ptestsuite, logfile = logpath)
+            self.ptest_section(ptestsuite, duration = int(end_time - start_time), logfile = logpath)
             with open(sumspath, "r") as f:
                 for test, result in parse_values(f):
                     self.ptest_result(ptestsuite, test, result)
@@ -73,6 +83,8 @@ class GccSelfTestBase(OESelftestTestCase, OEPTestResultTestCase):
             # validate that SSH is working
             status, _ = qemu.run("uname")
             self.assertEqual(status, 0)
+            qemu.run('echo "MaxStartups 75:30:100" >> /etc/ssh/sshd_config')
+            qemu.run('service sshd restart')
 
             return self.run_check(*args, ssh=qemu.ip, **kwargs)
 
@@ -114,37 +126,44 @@ class GccLibItmSelfTest(GccSelfTestBase):
         self.run_check("libitm")
 
 @OETestTag("toolchain-system")
+@OETestTag("runqemu")
 class GccCrossSelfTestSystemEmulated(GccSelfTestBase):
     def test_cross_gcc(self):
         self.run_check_emulated("gcc")
 
 @OETestTag("toolchain-system")
+@OETestTag("runqemu")
 class GxxCrossSelfTestSystemEmulated(GccSelfTestBase):
     def test_cross_gxx(self):
         self.run_check_emulated("g++")
 
 @OETestTag("toolchain-system")
+@OETestTag("runqemu")
 class GccLibAtomicSelfTestSystemEmulated(GccSelfTestBase):
     def test_libatomic(self):
         self.run_check_emulated("libatomic")
 
 @OETestTag("toolchain-system")
+@OETestTag("runqemu")
 class GccLibGompSelfTestSystemEmulated(GccSelfTestBase):
     def test_libgomp(self):
         self.run_check_emulated("libgomp")
 
 @OETestTag("toolchain-system")
+@OETestTag("runqemu")
 class GccLibStdCxxSelfTestSystemEmulated(GccSelfTestBase):
     def test_libstdcxx(self):
         self.run_check_emulated("libstdc++-v3")
 
 @OETestTag("toolchain-system")
+@OETestTag("runqemu")
 class GccLibSspSelfTestSystemEmulated(GccSelfTestBase):
     def test_libssp(self):
         self.check_skip("libssp")
         self.run_check_emulated("libssp")
 
 @OETestTag("toolchain-system")
+@OETestTag("runqemu")
 class GccLibItmSelfTestSystemEmulated(GccSelfTestBase):
     def test_libitm(self):
         self.check_skip("libitm")
diff --git a/meta/lib/oeqa/selftest/cases/gdbserver.py b/meta/lib/oeqa/selftest/cases/gdbserver.py
new file mode 100644
index 0000000000..b6b7c5c473
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/gdbserver.py
@@ -0,0 +1,67 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+import os
+import time
+import tempfile
+import shutil
+import concurrent.futures
+
+from oeqa.selftest.case import OESelftestTestCase
+from oeqa.utils.commands import bitbake, get_bb_var, get_bb_vars , runqemu, runCmd
+
+class GdbServerTest(OESelftestTestCase):
+    def test_gdb_server(self):
+        target_arch = self.td["TARGET_ARCH"]
+        target_sys = self.td["TARGET_SYS"]
+
+        features = """
+IMAGE_GEN_DEBUGFS = "1"
+IMAGE_FSTYPES_DEBUGFS = "tar.bz2"
+CORE_IMAGE_EXTRA_INSTALL = "gdbserver"
+        """
+        self.write_config(features)
+
+        gdb_recipe = "gdb-cross-" + target_arch
+        gdb_binary = target_sys + "-gdb"
+
+        bitbake("core-image-minimal %s:do_addto_recipe_sysroot" % gdb_recipe)
+
+        native_sysroot = get_bb_var("RECIPE_SYSROOT_NATIVE", gdb_recipe)
+        r = runCmd("%s --version" % gdb_binary, native_sysroot=native_sysroot, target_sys=target_sys)
+        self.assertEqual(r.status, 0)
+        self.assertIn("GNU gdb", r.output)
+        image = 'core-image-minimal'
+        bb_vars = get_bb_vars(['DEPLOY_DIR_IMAGE', 'IMAGE_LINK_NAME'], image)
+
+        with tempfile.TemporaryDirectory(prefix="debugfs-") as debugfs:
+            filename = os.path.join(bb_vars['DEPLOY_DIR_IMAGE'], "%s-dbg.tar.bz2" % bb_vars['IMAGE_LINK_NAME'])
+            shutil.unpack_archive(filename, debugfs)
+            filename = os.path.join(bb_vars['DEPLOY_DIR_IMAGE'], "%s.tar.bz2" % bb_vars['IMAGE_LINK_NAME'])
+            shutil.unpack_archive(filename, debugfs)
+
+            with runqemu("core-image-minimal", runqemuparams="nographic") as qemu:
+                status, output = qemu.run_serial("kmod --help")
+                self.assertIn("modprobe", output)
+
+                with concurrent.futures.ThreadPoolExecutor(max_workers=1) as executor:
+                    def run_gdb():
+                        for _ in range(5):
+                            time.sleep(2)
+                            cmd = "%s --batch -ex 'set sysroot %s' -ex \"target extended-remote %s:9999\" -ex \"info line kmod_help\"" % (gdb_binary, debugfs, qemu.ip)
+                            self.logger.warning("starting gdb %s" % cmd)
+                            r = runCmd(cmd, native_sysroot=native_sysroot, target_sys=target_sys)
+                            self.assertEqual(0, r.status)
+                            line_re = r"Line \d+ of \".*\" starts at address 0x[0-9A-Fa-f]+ <kmod_help>"
+                            self.assertRegex(r.output, line_re)
+                            break
+                        else:
+                            self.fail("Timed out connecting to gdb")
+                    future = executor.submit(run_gdb)
+
+                    status, output = qemu.run_serial("gdbserver --once :9999 kmod --help")
+                    self.assertEqual(status, 1)
+                    # The future either returns None, or raises an exception
+                    future.result()
diff --git a/meta/lib/oeqa/selftest/cases/gitarchivetests.py b/meta/lib/oeqa/selftest/cases/gitarchivetests.py
new file mode 100644
index 0000000000..71382089c1
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/gitarchivetests.py
@@ -0,0 +1,136 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+import os
+import sys
+basepath = os.path.abspath(os.path.dirname(__file__) + '/../../../../../')
+lib_path = basepath + '/scripts/lib'
+sys.path = sys.path + [lib_path]
+import oeqa.utils.gitarchive as ga
+from oeqa.utils.git import GitError
+import tempfile
+import shutil
+import scriptutils
+import logging
+from oeqa.selftest.case import OESelftestTestCase
+
+logger = scriptutils.logger_create('resulttool')
+
+def create_fake_repository(commit, tag_list=[], add_remote=True):
+    """ Create a testing git directory
+
+    Initialize a simple git repository with one initial commit, and as many
+    tags on this commit as listed in tag_list
+    Returns both git directory path and gitarchive git object
+    If commit is true, fake data will be commited, otherwise it will stay in staging area
+    If commit is true and tag_lsit is non empty, all tags in tag_list will be
+    created on the initial commit
+    Fake remote will also be added to make git ls-remote work
+    """
+    fake_data_file = "fake_data.txt"
+    tempdir = tempfile.mkdtemp(prefix='fake_results.')
+    repo = ga.init_git_repo(tempdir, False, False, logger)
+    if add_remote:
+        repo.run_cmd(["remote", "add", "origin", "."])
+    with open(os.path.join(tempdir, fake_data_file), "w") as fake_data:
+        fake_data.write("Fake data")
+    if commit:
+        repo.run_cmd(["add", fake_data_file])
+        repo.run_cmd(["commit", "-m", "\"Add fake data\""])
+        for tag in tag_list:
+            repo.run_cmd(["tag", tag])
+    
+    return tempdir, repo
+
+def delete_fake_repository(path):
+    shutil.rmtree(path)
+
+def tag_exists(git_obj, target_tag):
+    for tag in git_obj.run_cmd(["tag"]).splitlines():
+        if target_tag == tag:
+            return True
+    return False
+
+class GitArchiveTests(OESelftestTestCase):
+    TEST_BRANCH="main"
+    TEST_COMMIT="0f7d5df"
+    TEST_COMMIT_COUNT="42"
+
+    @classmethod
+    def setUpClass(cls):
+        super().setUpClass()
+        cls.log = logging.getLogger('gitarchivetests')
+        cls.log.setLevel(logging.DEBUG)
+
+    def test_create_first_test_tag(self):
+        path, git_obj = create_fake_repository(False)
+        keywords = {'commit': self.TEST_COMMIT, 'branch': self.TEST_BRANCH, "commit_count": self.TEST_COMMIT_COUNT}
+        target_tag = f"{self.TEST_BRANCH}/{self.TEST_COMMIT_COUNT}-g{self.TEST_COMMIT}/0"
+
+        ga.gitarchive(path, path, True, False,
+                              "Results of {branch}:{commit}", "branch: {branch}\ncommit: {commit}", "{branch}",
+                              False, "{branch}/{commit_count}-g{commit}/{tag_number}",
+                              'Test run #{tag_number} of {branch}:{commit}', '',
+                              [], [], False, keywords, logger)
+        self.assertTrue(tag_exists(git_obj, target_tag), msg=f"Tag {target_tag} has not been created")
+        delete_fake_repository(path)
+
+    def test_create_second_test_tag(self):
+        first_tag = f"{self.TEST_BRANCH}/{self.TEST_COMMIT_COUNT}-g{self.TEST_COMMIT}/0"
+        second_tag = f"{self.TEST_BRANCH}/{self.TEST_COMMIT_COUNT}-g{self.TEST_COMMIT}/1"
+        keywords = {'commit': self.TEST_COMMIT, 'branch': self.TEST_BRANCH, "commit_count": self.TEST_COMMIT_COUNT}
+
+        path, git_obj = create_fake_repository(True, [first_tag])
+        ga.gitarchive(path, path, True, False,
+                              "Results of {branch}:{commit}", "branch: {branch}\ncommit: {commit}", "{branch}",
+                              False, "{branch}/{commit_count}-g{commit}/{tag_number}",
+                              'Test run #{tag_number} of {branch}:{commit}', '',
+                              [], [], False, keywords, logger)
+        self.assertTrue(tag_exists(git_obj, second_tag), msg=f"Second tag {second_tag} has not been created")
+        delete_fake_repository(path)
+
+    def test_get_revs_on_branch(self):
+        fake_tags_list=["main/10-g0f7d5df/0", "main/10-g0f7d5df/1", "foo/20-g2468f5d/0"]
+        tag_name = "{branch}/{commit_number}-g{commit}/{tag_number}"
+
+        path, git_obj = create_fake_repository(True, fake_tags_list)
+        revs = ga.get_test_revs(logger, git_obj, tag_name, branch="main")
+        self.assertEqual(len(revs), 1)
+        self.assertEqual(revs[0].commit, "0f7d5df")
+        self.assertEqual(len(revs[0].tags), 2)
+        self.assertEqual(revs[0].tags, ['main/10-g0f7d5df/0', 'main/10-g0f7d5df/1'])
+        delete_fake_repository(path)
+
+    def test_get_tags_without_valid_remote(self):
+        url = 'git://git.yoctoproject.org/poky'
+        path, git_obj = create_fake_repository(False, None, False)
+
+        tags = ga.get_tags(git_obj, self.log, pattern="yocto-*", url=url)
+        """Test for some well established tags (released tags)"""
+        self.assertIn("yocto-4.0", tags)
+        self.assertIn("yocto-4.1", tags)
+        self.assertIn("yocto-4.2", tags)
+        delete_fake_repository(path)
+
+    def test_get_tags_with_only_local_tag(self):
+        fake_tags_list=["main/10-g0f7d5df/0", "main/10-g0f7d5df/1", "foo/20-g2468f5d/0"]
+        path, git_obj = create_fake_repository(True, fake_tags_list, False)
+
+        """No remote is configured and no url is passed: get_tags must fall
+        back to local tags
+        """
+        tags = ga.get_tags(git_obj, self.log)
+        self.assertCountEqual(tags, fake_tags_list)
+        delete_fake_repository(path)
+
+    def test_get_tags_without_valid_remote_and_wrong_url(self):
+        url = 'git://git.foo.org/bar'
+        path, git_obj = create_fake_repository(False, None, False)
+
+        """Test for some well established tags (released tags)"""
+        with self.assertRaises(GitError):
+            tags = ga.get_tags(git_obj, self.log, pattern="yocto-*", url=url)
+        delete_fake_repository(path)
diff --git a/meta/lib/oeqa/selftest/cases/glibc.py b/meta/lib/oeqa/selftest/cases/glibc.py
index c687f6ef93..bd56b2f6e7 100644
--- a/meta/lib/oeqa/selftest/cases/glibc.py
+++ b/meta/lib/oeqa/selftest/cases/glibc.py
@@ -1,10 +1,15 @@
+#
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
+#
 import os
+import time
 import contextlib
 from oeqa.core.decorator import OETestTag
 from oeqa.core.case import OEPTestResultTestCase
 from oeqa.selftest.case import OESelftestTestCase
-from oeqa.utils.commands import bitbake, get_bb_var, get_bb_vars, runqemu, Command
+from oeqa.utils.commands import bitbake, get_bb_var, runqemu
 from oeqa.utils.nfs import unfs_server
 
 def parse_values(content):
@@ -24,16 +29,20 @@ class GlibcSelfTestBase(OESelftestTestCase, OEPTestResultTestCase):
             features.append('TOOLCHAIN_TEST_HOST_USER = "root"')
             features.append('TOOLCHAIN_TEST_HOST_PORT = "22"')
             # force single threaded test execution
-            features.append('EGLIBCPARALLELISM_task-check_pn-glibc-testsuite = "PARALLELMFLAGS="-j1""')
+            features.append('EGLIBCPARALLELISM:task-check:pn-glibc-testsuite = "PARALLELMFLAGS="-j1""')
         self.write_config("\n".join(features))
 
+        start_time = time.time()
+
         bitbake("glibc-testsuite -c check")
 
+        end_time = time.time()
+
         builddir = get_bb_var("B", "glibc-testsuite")
 
         ptestsuite = "glibc-user" if ssh is None else "glibc"
-        self.ptest_section(ptestsuite)
-        with open(os.path.join(builddir, "tests.sum"), "r") as f:
+        self.ptest_section(ptestsuite, duration = int(end_time - start_time))
+        with open(os.path.join(builddir, "tests.sum"), "r",  errors='replace') as f:
             for test, result in parse_values(f):
                 self.ptest_result(ptestsuite, test, result)
 
@@ -41,7 +50,7 @@ class GlibcSelfTestBase(OESelftestTestCase, OEPTestResultTestCase):
         with contextlib.ExitStack() as s:
             # use the base work dir, as the nfs mount, since the recipe directory may not exist
             tmpdir = get_bb_var("BASE_WORKDIR")
-            nfsport, mountport = s.enter_context(unfs_server(tmpdir))
+            nfsport, mountport = s.enter_context(unfs_server(tmpdir, udp = False))
 
             # build core-image-minimal with required packages
             default_installed_packages = [
@@ -61,7 +70,7 @@ class GlibcSelfTestBase(OESelftestTestCase, OEPTestResultTestCase):
             bitbake("core-image-minimal")
 
             # start runqemu
-            qemu = s.enter_context(runqemu("core-image-minimal", runqemuparams = "nographic"))
+            qemu = s.enter_context(runqemu("core-image-minimal", runqemuparams = "nographic", qemuparams = "-m 1024"))
 
             # validate that SSH is working
             status, _ = qemu.run("uname")
@@ -70,7 +79,7 @@ class GlibcSelfTestBase(OESelftestTestCase, OEPTestResultTestCase):
             # setup nfs mount
             if qemu.run("mkdir -p \"{0}\"".format(tmpdir))[0] != 0:
                 raise Exception("Failed to setup NFS mount directory on target")
-            mountcmd = "mount -o noac,nfsvers=3,port={0},udp,mountport={1} \"{2}:{3}\" \"{3}\"".format(nfsport, mountport, qemu.server_ip, tmpdir)
+            mountcmd = "mount -o noac,nfsvers=3,port={0},mountport={1} \"{2}:{3}\" \"{3}\"".format(nfsport, mountport, qemu.server_ip, tmpdir)
             status, output = qemu.run(mountcmd)
             if status != 0:
                 raise Exception("Failed to setup NFS mount on target ({})".format(repr(output)))
@@ -83,6 +92,7 @@ class GlibcSelfTest(GlibcSelfTestBase):
         self.run_check()
 
 @OETestTag("toolchain-system")
+@OETestTag("runqemu")
 class GlibcSelfTestSystemEmulated(GlibcSelfTestBase):
     def test_glibc(self):
         self.run_check_emulated()
diff --git a/meta/lib/oeqa/selftest/cases/gotoolchain.py b/meta/lib/oeqa/selftest/cases/gotoolchain.py
index 4fc3605f42..ee2cf4b09a 100644
--- a/meta/lib/oeqa/selftest/cases/gotoolchain.py
+++ b/meta/lib/oeqa/selftest/cases/gotoolchain.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -50,6 +52,9 @@ class oeGoToolchainSelfTest(OESelftestTestCase):
         cmd = "cd %s/src/%s/%s; " % (self.go_path, proj, name)
         cmd = cmd + ". %s; " % self.env_SDK
         cmd = cmd + "export GOPATH=%s; " % self.go_path
+        cmd = cmd + "export GOFLAGS=-modcacherw; "
+        cmd = cmd + "export CGO_ENABLED=1; "
+        cmd = cmd + "export GOPROXY=https://proxy.golang.org,direct; "
         cmd = cmd + "${CROSS_COMPILE}go %s" % gocmd
         return runCmd(cmd).status
 
diff --git a/meta/lib/oeqa/selftest/cases/image_typedep.py b/meta/lib/oeqa/selftest/cases/image_typedep.py
index 52e1080f13..17c98baf14 100644
--- a/meta/lib/oeqa/selftest/cases/image_typedep.py
+++ b/meta/lib/oeqa/selftest/cases/image_typedep.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -9,7 +11,7 @@ from oeqa.utils.commands import bitbake
 
 class ImageTypeDepTests(OESelftestTestCase):
 
-    # Verify that when specifying a IMAGE_TYPEDEP_ of the form "foo.bar" that
+    # Verify that when specifying a IMAGE_TYPEDEP: of the form "foo.bar" that
     # the conversion type bar gets added as a dep as well
     def test_conversion_typedep_added(self):
 
@@ -22,7 +24,7 @@ LICENSE = "MIT"
 IMAGE_FSTYPES = "testfstype"
 
 IMAGE_TYPES_MASKED += "testfstype"
-IMAGE_TYPEDEP_testfstype = "tar.bz2"
+IMAGE_TYPEDEP:testfstype = "tar.bz2"
 
 inherit image
 
diff --git a/meta/lib/oeqa/selftest/cases/imagefeatures.py b/meta/lib/oeqa/selftest/cases/imagefeatures.py
index 6723a8198f..94d01ba116 100644
--- a/meta/lib/oeqa/selftest/cases/imagefeatures.py
+++ b/meta/lib/oeqa/selftest/cases/imagefeatures.py
@@ -1,9 +1,12 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
 from oeqa.selftest.case import OESelftestTestCase
-from oeqa.utils.commands import runCmd, bitbake, get_bb_var, runqemu
+from oeqa.core.decorator import OETestTag
+from oeqa.utils.commands import runCmd, bitbake, get_bb_var, get_bb_vars, runqemu
 from oeqa.utils.sshcontrol import SSHControl
 import glob
 import os
@@ -14,6 +17,7 @@ class ImageFeatures(OESelftestTestCase):
     test_user = 'tester'
     root_user = 'root'
 
+    @OETestTag("runqemu")
     def test_non_root_user_can_connect_via_ssh_without_password(self):
         """
         Summary: Check if non root user can connect via ssh without password
@@ -39,6 +43,7 @@ class ImageFeatures(OESelftestTestCase):
                 status, output = ssh.run("true")
                 self.assertEqual(status, 0, 'ssh to user %s failed with %s' % (user, output))
 
+    @OETestTag("runqemu")
     def test_all_users_can_connect_via_ssh_without_password(self):
         """
         Summary:     Check if all users can connect via ssh without password
@@ -68,18 +73,6 @@ class ImageFeatures(OESelftestTestCase):
                     self.assertEqual(status, 0, 'ssh to user tester failed with %s' % output)
 
 
-    def test_clutter_image_can_be_built(self):
-        """
-        Summary:     Check if clutter image can be built
-        Expected:    1. core-image-clutter can be built
-        Product:     oe-core
-        Author:      Ionut Chisanovici <ionutx.chisanovici@intel.com>
-        AutomatedBy: Daniel Istrate <daniel.alexandrux.istrate@intel.com>
-        """
-
-        # Build a core-image-clutter
-        bitbake('core-image-clutter')
-
     def test_wayland_support_in_image(self):
         """
         Summary:     Check Wayland support in image
@@ -109,12 +102,11 @@ class ImageFeatures(OESelftestTestCase):
         features = 'IMAGE_FSTYPES += " ext4 ext4.bmap ext4.bmap.gz"'
         self.write_config(features)
 
-        image_name = 'core-image-minimal'
-        bitbake(image_name)
+        image = 'core-image-minimal'
+        bitbake(image)
+        bb_vars = get_bb_vars(['DEPLOY_DIR_IMAGE', 'IMAGE_LINK_NAME'], image)
 
-        deploy_dir_image = get_bb_var('DEPLOY_DIR_IMAGE')
-        link_name = get_bb_var('IMAGE_LINK_NAME', image_name)
-        image_path = os.path.join(deploy_dir_image, "%s.ext4" % link_name)
+        image_path = os.path.join(bb_vars['DEPLOY_DIR_IMAGE'], "%s.ext4" % bb_vars['IMAGE_LINK_NAME'])
         bmap_path = "%s.bmap" % image_path
         gzip_path = "%s.gz" % bmap_path
 
@@ -127,8 +119,8 @@ class ImageFeatures(OESelftestTestCase):
         image_stat = os.stat(image_path)
         self.assertGreater(image_stat.st_size, image_stat.st_blocks * 512)
 
-        # check if the resulting gzip is valid
-        self.assertTrue(runCmd('gzip -t %s' % gzip_path))
+        # check if the resulting gzip is valid, --force is needed in case gzip_path is a symlink
+        self.assertTrue(runCmd('gzip --test --force %s' % gzip_path))
 
     def test_hypervisor_fmts(self):
         """
@@ -143,17 +135,16 @@ class ImageFeatures(OESelftestTestCase):
         img_types = [ 'vmdk', 'vdi', 'qcow2' ]
         features = ""
         for itype in img_types:
-            features += 'IMAGE_FSTYPES += "wic.%s"\n' % itype
+            features += 'IMAGE_FSTYPES += "ext4.%s"\n' % itype
         self.write_config(features)
 
-        image_name = 'core-image-minimal'
-        bitbake(image_name)
+        image = 'core-image-minimal'
+        bitbake(image)
+        bb_vars = get_bb_vars(['DEPLOY_DIR_IMAGE', 'IMAGE_LINK_NAME'], image)
 
-        deploy_dir_image = get_bb_var('DEPLOY_DIR_IMAGE')
-        link_name = get_bb_var('IMAGE_LINK_NAME', image_name)
         for itype in img_types:
-            image_path = os.path.join(deploy_dir_image, "%s.wic.%s" %
-                                      (link_name, itype))
+            image_path = os.path.join(bb_vars['DEPLOY_DIR_IMAGE'], "%s.ext4.%s" %
+                                      (bb_vars['IMAGE_LINK_NAME'], itype))
 
             # check if result image file is in deploy directory
             self.assertTrue(os.path.exists(image_path))
@@ -173,24 +164,22 @@ class ImageFeatures(OESelftestTestCase):
         """
         Summary:     Check for chaining many CONVERSION_CMDs together
         Expected:    1. core-image-minimal can be built with
-                        ext4.bmap.gz.bz2.lzo.xz.u-boot and also create a
+                        ext4.bmap.gz.bz2.zst.xz.u-boot and also create a
                         sha256sum
                      2. The above image has a valid sha256sum
         Product:     oe-core
         Author:      Tom Rini <trini@konsulko.com>
         """
 
-        conv = "ext4.bmap.gz.bz2.lzo.xz.u-boot"
+        conv = "ext4.bmap.gz.bz2.zst.xz.u-boot"
         features = 'IMAGE_FSTYPES += "%s %s.sha256sum"' % (conv, conv)
         self.write_config(features)
 
-        image_name = 'core-image-minimal'
-        bitbake(image_name)
-
-        deploy_dir_image = get_bb_var('DEPLOY_DIR_IMAGE')
-        link_name = get_bb_var('IMAGE_LINK_NAME', image_name)
-        image_path = os.path.join(deploy_dir_image, "%s.%s" %
-                                  (link_name, conv))
+        image = 'core-image-minimal'
+        bitbake(image)
+        bb_vars = get_bb_vars(['DEPLOY_DIR_IMAGE', 'IMAGE_LINK_NAME'], image)
+        image_path = os.path.join(bb_vars['DEPLOY_DIR_IMAGE'], "%s.%s" %
+                                  (bb_vars['IMAGE_LINK_NAME'], conv))
 
         # check if resulting image is in the deploy directory
         self.assertTrue(os.path.exists(image_path))
@@ -198,7 +187,7 @@ class ImageFeatures(OESelftestTestCase):
 
         # check if the resulting sha256sum agrees
         self.assertTrue(runCmd('cd %s;sha256sum -c %s.%s.sha256sum' %
-                               (deploy_dir_image, link_name, conv)))
+                               (bb_vars['DEPLOY_DIR_IMAGE'], bb_vars['IMAGE_LINK_NAME'], conv)))
 
     def test_image_fstypes(self):
         """
@@ -207,26 +196,43 @@ class ImageFeatures(OESelftestTestCase):
         Product:     oe-core
         Author:      Ed Bartosh <ed.bartosh@linux.intel.com>
         """
-        image_name = 'core-image-minimal'
+        image = 'core-image-minimal'
 
-        all_image_types = set(get_bb_var("IMAGE_TYPES", image_name).split())
-        blacklist = set(('container', 'elf', 'f2fs', 'multiubi', 'tar.zst', 'wic.zst'))
-        img_types = all_image_types - blacklist
+        all_image_types = set(get_bb_var("IMAGE_TYPES", image).split())
+        skip_image_types = set(('container', 'elf', 'f2fs', 'tar.zst', 'wic.zst', 'squashfs-lzo', 'vfat'))
+        img_types = all_image_types - skip_image_types
 
-        config = 'IMAGE_FSTYPES += "%s"\n'\
-                 'MKUBIFS_ARGS ?= "-m 2048 -e 129024 -c 2047"\n'\
-                 'UBINIZE_ARGS ?= "-m 2048 -p 128KiB -s 512"' % ' '.join(img_types)
+        config = """
+IMAGE_FSTYPES += "%s"
+WKS_FILE = "wictestdisk.wks"
+MKUBIFS_ARGS ?= "-m 2048 -e 129024 -c 2047"
+UBINIZE_ARGS ?= "-m 2048 -p 128KiB -s 512"
+MULTIUBI_BUILD += "mtd_2_128"
+MKUBIFS_ARGS_mtd_2_128 ?= "-m 2048 -e 129024 -c 2047"
+UBINIZE_ARGS_mtd_2_128 ?= "-m 2048 -p 128KiB -s 512"
+MULTIUBI_BUILD += "mtd_4_256"
+MKUBIFS_ARGS_mtd_4_256 ?= "-m 4096 -e 253952 -c 4096"
+UBINIZE_ARGS_mtd_4_256 ?= "-m 4096 -p 256KiB"
+""" % ' '.join(img_types)
         self.write_config(config)
 
-        bitbake(image_name)
+        bitbake(image)
+        bb_vars = get_bb_vars(['DEPLOY_DIR_IMAGE', 'IMAGE_LINK_NAME', 'MULTIUBI_BUILD'], image)
 
-        deploy_dir_image = get_bb_var('DEPLOY_DIR_IMAGE')
-        link_name = get_bb_var('IMAGE_LINK_NAME', image_name)
         for itype in img_types:
-            image_path = os.path.join(deploy_dir_image, "%s.%s" % (link_name, itype))
-            # check if result image is in deploy directory
-            self.assertTrue(os.path.exists(image_path),
-                            "%s image %s doesn't exist" % (itype, image_path))
+            if itype == 'multiubi':
+                # For multiubi build we need to manage MULTIUBI_BUILD entry to append
+                # specific name to IMAGE_LINK_NAME
+                for vname in bb_vars['MULTIUBI_BUILD'].split():
+                    image_path = os.path.join(bb_vars['DEPLOY_DIR_IMAGE'], "%s_%s.ubifs" % (bb_vars['IMAGE_LINK_NAME'], vname))
+                    # check if result image is in deploy directory
+                    self.assertTrue(os.path.exists(image_path),
+                                    "%s image %s doesn't exist" % (itype, image_path))
+            else:
+                image_path = os.path.join(bb_vars['DEPLOY_DIR_IMAGE'], "%s.%s" % (bb_vars['IMAGE_LINK_NAME'], itype))
+                # check if result image is in deploy directory
+                self.assertTrue(os.path.exists(image_path),
+                                "%s image %s doesn't exist" % (itype, image_path))
 
     def test_useradd_static(self):
         config = """
@@ -240,16 +246,11 @@ USERADD_GID_TABLES += "files/static-group"
 
     def test_no_busybox_base_utils(self):
         config = """
-# Enable x11
-DISTRO_FEATURES_append += "x11"
+# Enable wayland
+DISTRO_FEATURES:append = " pam opengl wayland"
 
 # Switch to systemd
-DISTRO_FEATURES += "systemd"
-VIRTUAL-RUNTIME_init_manager = "systemd"
-VIRTUAL-RUNTIME_initscripts = ""
-VIRTUAL-RUNTIME_syslog = ""
-VIRTUAL-RUNTIME_login_manager = "shadow-base"
-DISTRO_FEATURES_BACKFILL_CONSIDERED = "sysvinit"
+INIT_MANAGER = "systemd"
 
 # Replace busybox
 PREFERRED_PROVIDER_virtual/base-utils = "packagegroup-core-base-utils"
@@ -257,12 +258,12 @@ VIRTUAL-RUNTIME_base-utils = "packagegroup-core-base-utils"
 VIRTUAL-RUNTIME_base-utils-hwclock = "util-linux-hwclock"
 VIRTUAL-RUNTIME_base-utils-syslog = ""
 
-# Blacklist busybox
-PNBLACKLIST[busybox] = "Don't build this"
+# Skip busybox
+SKIP_RECIPE[busybox] = "Don't build this"
 """
         self.write_config(config)
 
-        bitbake("--graphviz core-image-sato")
+        bitbake("--graphviz core-image-weston")
 
     def test_image_gen_debugfs(self):
         """
@@ -275,20 +276,20 @@ PNBLACKLIST[busybox] = "Don't build this"
                      Yeoh Ee Peng <ee.peng.yeoh@intel.com>
         """
       
-        image_name = 'core-image-minimal'
+        image = 'core-image-minimal'
+        image_fstypes_debugfs = 'tar.bz2'
         features = 'IMAGE_GEN_DEBUGFS = "1"\n'
-        features += 'IMAGE_FSTYPES_DEBUGFS = "tar.bz2"\n'
-        features += 'MACHINE = "genericx86-64"\n'
+        features += 'IMAGE_FSTYPES_DEBUGFS = "%s"\n' % image_fstypes_debugfs
         self.write_config(features)
 
-        bitbake(image_name)
-        deploy_dir_image = get_bb_var('DEPLOY_DIR_IMAGE')
-        dbg_tar_file = os.path.join(deploy_dir_image, "*-dbg.rootfs.tar.bz2")
-        debug_files = glob.glob(dbg_tar_file)
-        self.assertNotEqual(len(debug_files), 0, 'debug filesystem not generated at %s' % dbg_tar_file)
-        result = runCmd('cd %s; tar xvf %s' % (deploy_dir_image, dbg_tar_file))
+        bitbake(image)
+        bb_vars = get_bb_vars(['DEPLOY_DIR_IMAGE', 'IMAGE_LINK_NAME'], image)
+
+        dbg_tar_file = os.path.join(bb_vars['DEPLOY_DIR_IMAGE'], "%s-dbg.%s" % (bb_vars['IMAGE_LINK_NAME'], image_fstypes_debugfs))
+        self.assertTrue(os.path.exists(dbg_tar_file), 'debug filesystem not generated at %s' % dbg_tar_file)
+        result = runCmd('cd %s; tar xvf %s' % (bb_vars['DEPLOY_DIR_IMAGE'], dbg_tar_file))
         self.assertEqual(result.status, 0, msg='Failed to extract %s: %s' % (dbg_tar_file, result.output))
-        result = runCmd('find %s -name %s' % (deploy_dir_image, "udevadm"))
+        result = runCmd('find %s -name %s' % (bb_vars['DEPLOY_DIR_IMAGE'], "udevadm"))
         self.assertTrue("udevadm" in result.output, msg='Failed to find udevadm: %s' % result.output)
         dbg_symbols_targets = result.output.splitlines()
         self.assertTrue(dbg_symbols_targets, msg='Failed to split udevadm: %s' % dbg_symbols_targets)
@@ -298,9 +299,33 @@ PNBLACKLIST[busybox] = "Don't build this"
 
     def test_empty_image(self):
         """Test creation of image with no packages"""
-        bitbake('test-empty-image')
-        res_dir = get_bb_var('DEPLOY_DIR_IMAGE')
-        images = os.path.join(res_dir, "test-empty-image-*.manifest")
-        result = glob.glob(images)
-        with open(result[1],"r") as f:
+        image = 'test-empty-image'
+        bitbake(image)
+        bb_vars = get_bb_vars(['DEPLOY_DIR_IMAGE', 'IMAGE_LINK_NAME'], image)
+        manifest = os.path.join(bb_vars['DEPLOY_DIR_IMAGE'], "%s.manifest" % bb_vars['IMAGE_LINK_NAME'])
+        self.assertTrue(os.path.exists(manifest))
+
+        with open(manifest, "r") as f:
                 self.assertEqual(len(f.read().strip()),0)
+
+    def test_mandb(self):
+        """
+        Test that an image containing manpages has working man and apropos commands.
+        """
+        config = """
+DISTRO_FEATURES:append = " api-documentation"
+CORE_IMAGE_EXTRA_INSTALL = "man-pages"
+"""
+        self.write_config(config)
+        bitbake("core-image-minimal")
+
+        with runqemu('core-image-minimal', ssh=False, runqemuparams='nographic') as qemu:
+            # This manpage is provided by man-pages
+            status, output = qemu.run_serial("apropos 8859")
+            self.assertEqual(status, 1, 'Failed to run apropos: %s' % (output))
+            self.assertIn("iso_8859_15", output)
+
+            # This manpage is provided by man-pages
+            status, output = qemu.run_serial("man --pager=cat intro")
+            self.assertEqual(status, 1, 'Failed to run man: %s' % (output))
+            self.assertIn("introduction to user commands", output)
diff --git a/meta/lib/oeqa/selftest/cases/incompatible_lic.py b/meta/lib/oeqa/selftest/cases/incompatible_lic.py
index 152da6332a..93884f5731 100644
--- a/meta/lib/oeqa/selftest/cases/incompatible_lic.py
+++ b/meta/lib/oeqa/selftest/cases/incompatible_lic.py
@@ -1,10 +1,16 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
 from oeqa.selftest.case import OESelftestTestCase
 from oeqa.utils.commands import bitbake
 
-class IncompatibleLicenseTests(OESelftestTestCase):
+class IncompatibleLicenseTestObsolete(OESelftestTestCase):
 
-    def lic_test(self, pn, pn_lic, lic):
-        error_msg = 'ERROR: Nothing PROVIDES \'%s\'\n%s was skipped: it has incompatible license(s): %s' % (pn, pn, pn_lic)
+    def lic_test(self, pn, pn_lic, lic, error_msg=None):
+        if not error_msg:
+            error_msg = 'ERROR: Nothing PROVIDES \'%s\'\n%s was skipped: it has incompatible license(s): %s' % (pn, pn, pn_lic)
 
         self.write_config("INCOMPATIBLE_LICENSE += \"%s\"" % (lic))
 
@@ -12,72 +18,81 @@ class IncompatibleLicenseTests(OESelftestTestCase):
         if error_msg not in result.output:
             raise AssertionError(result.output)
 
-    # Verify that a package with an SPDX license (from AVAILABLE_LICENSES)
-    # cannot be built when INCOMPATIBLE_LICENSE contains this SPDX license
-    def test_incompatible_spdx_license(self):
-        self.lic_test('incompatible-license', 'GPL-3.0-only', 'GPL-3.0-only')
-
-    # Verify that a package with an SPDX license (from AVAILABLE_LICENSES)
-    # cannot be built when INCOMPATIBLE_LICENSE contains an alias (in
-    # SPDXLICENSEMAP) of this SPDX license
+    # Verify that a package with an SPDX license cannot be built when
+    # INCOMPATIBLE_LICENSE contains an alias (in SPDXLICENSEMAP) of this SPDX
+    # license
     def test_incompatible_alias_spdx_license(self):
-        self.lic_test('incompatible-license', 'GPL-3.0-only', 'GPLv3')
-
-    # Verify that a package with an SPDX license (from AVAILABLE_LICENSES)
-    # cannot be built when INCOMPATIBLE_LICENSE contains a wildcarded license
-    # matching this SPDX license
-    def test_incompatible_spdx_license_wildcard(self):
-        self.lic_test('incompatible-license', 'GPL-3.0-only', '*GPL-3.0-only')
+        self.lic_test('incompatible-license', 'GPL-3.0-only', 'GPLv3', "is an obsolete license, please use an SPDX reference in INCOMPATIBLE_LICENSE")
 
-    # Verify that a package with an SPDX license (from AVAILABLE_LICENSES)
-    # cannot be built when INCOMPATIBLE_LICENSE contains a wildcarded alias
-    # license matching this SPDX license
+    # Verify that a package with an SPDX license cannot be built when
+    # INCOMPATIBLE_LICENSE contains a wildcarded alias license matching this
+    # SPDX license
     def test_incompatible_alias_spdx_license_wildcard(self):
-        self.lic_test('incompatible-license', 'GPL-3.0-only', '*GPLv3')
-
-    # Verify that a package with an alias (from SPDXLICENSEMAP) to an SPDX
-    # license cannot be built when INCOMPATIBLE_LICENSE contains this SPDX
-    # license
-    def test_incompatible_spdx_license_alias(self):
-        self.lic_test('incompatible-license-alias', 'GPL-3.0-only', 'GPL-3.0-only')
+        self.lic_test('incompatible-license', 'GPL-3.0-only', '*GPLv3', "*GPLv3 is an invalid license wildcard entry")
 
     # Verify that a package with an alias (from SPDXLICENSEMAP) to an SPDX
     # license cannot be built when INCOMPATIBLE_LICENSE contains this alias
     def test_incompatible_alias_spdx_license_alias(self):
-        self.lic_test('incompatible-license-alias', 'GPL-3.0-only', 'GPLv3')
+        self.lic_test('incompatible-license-alias', 'GPL-3.0-only', 'GPLv3', "is an obsolete license, please use an SPDX reference in INCOMPATIBLE_LICENSE")
 
     # Verify that a package with an alias (from SPDXLICENSEMAP) to an SPDX
     # license cannot be built when INCOMPATIBLE_LICENSE contains a wildcarded
     # license matching this SPDX license
     def test_incompatible_spdx_license_alias_wildcard(self):
-        self.lic_test('incompatible-license-alias', 'GPL-3.0-only', '*GPL-3.0')
+        self.lic_test('incompatible-license-alias', 'GPL-3.0-only', '*GPL-3.0', "*GPL-3.0 is an invalid license wildcard entry")
 
     # Verify that a package with an alias (from SPDXLICENSEMAP) to an SPDX
     # license cannot be built when INCOMPATIBLE_LICENSE contains a wildcarded
     # alias license matching the SPDX license
     def test_incompatible_alias_spdx_license_alias_wildcard(self):
-        self.lic_test('incompatible-license-alias', 'GPL-3.0-only', '*GPLv3')
+        self.lic_test('incompatible-license-alias', 'GPL-3.0-only', '*GPLv3', "*GPLv3 is an invalid license wildcard entry")
 
-    # Verify that a package with multiple SPDX licenses (from
-    # AVAILABLE_LICENSES) cannot be built when INCOMPATIBLE_LICENSE contains
-    # some of them
-    def test_incompatible_spdx_licenses(self):
-        self.lic_test('incompatible-licenses', 'GPL-3.0-only LGPL-3.0-only', 'GPL-3.0-only LGPL-3.0-only')
 
-    # Verify that a package with multiple SPDX licenses (from
-    # AVAILABLE_LICENSES) cannot be built when INCOMPATIBLE_LICENSE contains a
-    # wildcard to some of them
+    # Verify that a package with multiple SPDX licenses cannot be built when
+    # INCOMPATIBLE_LICENSE contains a wildcard to some of them
     def test_incompatible_spdx_licenses_wildcard(self):
-        self.lic_test('incompatible-licenses', 'GPL-3.0-only LGPL-3.0-only', '*GPL-3.0-only')
+        self.lic_test('incompatible-licenses', 'GPL-3.0-only LGPL-3.0-only', '*GPL-3.0-only', "*GPL-3.0-only is an invalid license wildcard entry")
 
-    # Verify that a package with multiple SPDX licenses (from
-    # AVAILABLE_LICENSES) cannot be built when INCOMPATIBLE_LICENSE contains a
-    # wildcard matching all licenses
+
+    # Verify that a package with multiple SPDX licenses cannot be built when
+    # INCOMPATIBLE_LICENSE contains a wildcard matching all licenses
     def test_incompatible_all_licenses_wildcard(self):
-        self.lic_test('incompatible-licenses', 'GPL-2.0-only GPL-3.0-only LGPL-3.0-only', '*')
+        self.lic_test('incompatible-licenses', 'GPL-2.0-only GPL-3.0-only LGPL-3.0-only', '*', "* is an invalid license wildcard entry")
+
+class IncompatibleLicenseTests(OESelftestTestCase):
+
+    def lic_test(self, pn, pn_lic, lic):
+        error_msg = 'ERROR: Nothing PROVIDES \'%s\'\n%s was skipped: it has incompatible license(s): %s' % (pn, pn, pn_lic)
 
-    # Verify that a package with a non-SPDX license (neither in
-    # AVAILABLE_LICENSES nor in SPDXLICENSEMAP) cannot be built when
+        self.write_config("INCOMPATIBLE_LICENSE += \"%s\"" % (lic))
+
+        result = bitbake('%s --dry-run' % (pn), ignore_status=True)
+        if error_msg not in result.output:
+            raise AssertionError(result.output)
+
+    # Verify that a package with an SPDX license cannot be built when
+    # INCOMPATIBLE_LICENSE contains this SPDX license
+    def test_incompatible_spdx_license(self):
+        self.lic_test('incompatible-license', 'GPL-3.0-only', 'GPL-3.0-only')
+
+    # Verify that a package with an SPDX license cannot be built when
+    # INCOMPATIBLE_LICENSE contains a wildcarded license matching this SPDX
+    # license
+    def test_incompatible_spdx_license_wildcard(self):
+        self.lic_test('incompatible-license', 'GPL-3.0-only', 'GPL-3.0*')
+
+    # Verify that a package with an alias (from SPDXLICENSEMAP) to an SPDX
+    # license cannot be built when INCOMPATIBLE_LICENSE contains this SPDX
+    # license
+    def test_incompatible_spdx_license_alias(self):
+        self.lic_test('incompatible-license-alias', 'GPL-3.0-only', 'GPL-3.0-only')
+
+    # Verify that a package with multiple SPDX licenses cannot be built when
+    # INCOMPATIBLE_LICENSE contains some of them
+    def test_incompatible_spdx_licenses(self):
+        self.lic_test('incompatible-licenses', 'GPL-3.0-only LGPL-3.0-only', 'GPL-3.0-only LGPL-3.0-only')
+
+    # Verify that a package with a non-SPDX license cannot be built when
     # INCOMPATIBLE_LICENSE contains this license
     def test_incompatible_nonspdx_license(self):
         self.lic_test('incompatible-nonspdx-license', 'FooLicense', 'FooLicense')
@@ -85,8 +100,9 @@ class IncompatibleLicenseTests(OESelftestTestCase):
 class IncompatibleLicensePerImageTests(OESelftestTestCase):
     def default_config(self):
         return """
-IMAGE_INSTALL_append = " bash"
-INCOMPATIBLE_LICENSE_pn-core-image-minimal = "GPL-3.0 LGPL-3.0"
+IMAGE_INSTALL:append = " bash"
+INCOMPATIBLE_LICENSE:pn-core-image-minimal = "GPL-3.0* LGPL-3.0*"
+MACHINE_ESSENTIAL_EXTRA_RDEPENDS:remove = "tar"
 """
 
     def test_bash_default(self):
@@ -98,7 +114,8 @@ INCOMPATIBLE_LICENSE_pn-core-image-minimal = "GPL-3.0 LGPL-3.0"
             raise AssertionError(result.output)
 
     def test_bash_and_license(self):
-        self.write_config(self.default_config() + '\nLICENSE_append_pn-bash = " & SomeLicense"')
+        self.disable_class("create-spdx")
+        self.write_config(self.default_config() + '\nLICENSE:append:pn-bash = " & SomeLicense"\nERROR_QA:remove:pn-bash = "license-exists"')
         error_msg = "ERROR: core-image-minimal-1.0-r0 do_rootfs: Package bash cannot be installed into the image because it has incompatible license(s): GPL-3.0-or-later"
 
         result = bitbake('core-image-minimal', ignore_status=True)
@@ -106,30 +123,33 @@ INCOMPATIBLE_LICENSE_pn-core-image-minimal = "GPL-3.0 LGPL-3.0"
             raise AssertionError(result.output)
 
     def test_bash_or_license(self):
-        self.write_config(self.default_config() + '\nLICENSE_append_pn-bash = " | SomeLicense"')
+        self.disable_class("create-spdx")
+        self.write_config(self.default_config() + '\nLICENSE:append:pn-bash = " | SomeLicense"\nERROR_QA:remove:pn-bash = "license-exists"\nERROR_QA:remove:pn-core-image-minimal = "license-file-missing"')
 
         bitbake('core-image-minimal')
 
-    def test_bash_whitelist(self):
-        self.write_config(self.default_config() + '\nWHITELIST_GPL-3.0_pn-core-image-minimal = "bash"')
+    def test_bash_license_exceptions(self):
+        self.write_config(self.default_config() + '\nINCOMPATIBLE_LICENSE_EXCEPTIONS:pn-core-image-minimal = "bash:GPL-3.0-or-later"\nERROR_QA:remove:pn-core-image-minimal = "license-exception"')
 
         bitbake('core-image-minimal')
 
 class NoGPL3InImagesTests(OESelftestTestCase):
     def test_core_image_minimal(self):
         self.write_config("""
-INCOMPATIBLE_LICENSE_pn-core-image-minimal = "GPL-3.0 LGPL-3.0"
+INCOMPATIBLE_LICENSE:pn-core-image-minimal = "GPL-3.0* LGPL-3.0*"
+
+require conf/distro/include/no-gplv3.inc
 """)
         bitbake('core-image-minimal')
 
-    def test_core_image_full_cmdline(self):
+    def test_core_image_full_cmdline_weston(self):
         self.write_config("""
-INHERIT += "testimage"\n
-INCOMPATIBLE_LICENSE_pn-core-image-full-cmdline = "GPL-3.0 LGPL-3.0"\n
-RDEPENDS_packagegroup-core-full-cmdline-utils_remove = "bash bc coreutils cpio ed findutils gawk grep mc mc-fish mc-helpers mc-helpers-perl sed tar time"\n
-RDEPENDS_packagegroup-core-full-cmdline-dev-utils_remove = "diffutils m4 make patch"\n
-RDEPENDS_packagegroup-core-full-cmdline-multiuser_remove = "gzip"\n
+IMAGE_CLASSES += "testimage"
+INCOMPATIBLE_LICENSE:pn-core-image-full-cmdline = "GPL-3.0* LGPL-3.0*"
+INCOMPATIBLE_LICENSE:pn-core-image-weston = "GPL-3.0* LGPL-3.0*"
+
+require conf/distro/include/no-gplv3.inc
 """)
-        bitbake('core-image-full-cmdline')
-        bitbake('-c testimage core-image-full-cmdline')
+        bitbake('core-image-full-cmdline core-image-weston')
+        bitbake('-c testimage core-image-full-cmdline core-image-weston')
 
diff --git a/meta/lib/oeqa/selftest/cases/intercept.py b/meta/lib/oeqa/selftest/cases/intercept.py
new file mode 100644
index 0000000000..12583c3099
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/intercept.py
@@ -0,0 +1,21 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+from oeqa.selftest.case import OESelftestTestCase
+from oeqa.utils.commands import bitbake
+
+class GitCheck(OESelftestTestCase):
+    def test_git_intercept(self):
+        """
+        Git binaries with CVE-2022-24765 fixed will refuse to operate on a
+        repository which is owned by a different user. This breaks our
+        do_install task as that runs inside pseudo, so the git repository is
+        owned by the build user but git is running as (fake)root.
+
+        We have an intercept which disables pseudo, so verify that it works.
+        """
+        bitbake("git-submodule-test -c test_git_as_user")
+        bitbake("git-submodule-test -c test_git_as_root")
diff --git a/meta/lib/oeqa/selftest/cases/kerneldevelopment.py b/meta/lib/oeqa/selftest/cases/kerneldevelopment.py
index a61876ee61..b1f78a0cd1 100644
--- a/meta/lib/oeqa/selftest/cases/kerneldevelopment.py
+++ b/meta/lib/oeqa/selftest/cases/kerneldevelopment.py
@@ -1,3 +1,9 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
 import os
 from oeqa.selftest.case import OESelftestTestCase
 from oeqa.utils.commands import runCmd, get_bb_var
@@ -58,7 +64,8 @@ class KernelDev(OESelftestTestCase):
         recipe_append = os.path.join(self.recipeskernel_dir, 'linux-yocto_%.bbappend')
         with open(recipe_append, 'w+') as fh:
             fh.write('SRC_URI += "file://%s"\n' % patch_name)
-            fh.write('FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"')
+            fh.write('ERROR_QA:remove:pn-linux-yocto = "patch-status"\n')
+            fh.write('FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"')
 
         runCmd('bitbake virtual/kernel -c clean')
         runCmd('bitbake virtual/kernel -c patch')
diff --git a/meta/lib/oeqa/selftest/cases/layerappend.py b/meta/lib/oeqa/selftest/cases/layerappend.py
index 05e9426fc6..64b17117cc 100644
--- a/meta/lib/oeqa/selftest/cases/layerappend.py
+++ b/meta/lib/oeqa/selftest/cases/layerappend.py
@@ -1,11 +1,13 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
 import os
 
 from oeqa.selftest.case import OESelftestTestCase
-from oeqa.utils.commands import runCmd, bitbake, get_bb_var
+from oeqa.utils.commands import bitbake, get_bb_var
 import oeqa.utils.ftools as ftools
 
 class LayerAppendTests(OESelftestTestCase):
@@ -30,20 +32,20 @@ python do_build() {
 addtask build
 """
     append = """
-FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
+FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"
 
-SRC_URI_append = " file://appendtest.txt"
+SRC_URI:append = " file://appendtest.txt"
 
-sysroot_stage_all_append() {
-        install -m 644 ${WORKDIR}/appendtest.txt ${SYSROOT_DESTDIR}/
+sysroot_stage_all:append() {
+        install -m 644 ${UNPACKDIR}/appendtest.txt ${SYSROOT_DESTDIR}/
 }
 
 """
 
     append2 = """
-FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
+FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"
 
-SRC_URI_append = " file://appendtest.txt"
+SRC_URI:append = " file://appendtest.txt"
 """
     layerappend = ''
 
diff --git a/meta/lib/oeqa/selftest/cases/liboe.py b/meta/lib/oeqa/selftest/cases/liboe.py
index afe8f8809f..930354c931 100644
--- a/meta/lib/oeqa/selftest/cases/liboe.py
+++ b/meta/lib/oeqa/selftest/cases/liboe.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -7,11 +9,11 @@ from oeqa.utils.commands import get_bb_var, get_bb_vars, bitbake, runCmd
 import oe.path
 import os
 
-class LibOE(OESelftestTestCase):
+class CopyTreeTests(OESelftestTestCase):
 
     @classmethod
     def setUpClass(cls):
-        super(LibOE, cls).setUpClass()
+        super().setUpClass()
         cls.tmp_dir = get_bb_var('TMPDIR')
 
     def test_copy_tree_special(self):
@@ -97,6 +99,39 @@ class LibOE(OESelftestTestCase):
 
         dstcnt = len(os.listdir(dst))
         srccnt = len(os.listdir(src))
-        self.assertEquals(dstcnt, len(testfiles), "Number of files in dst (%s) differs from number of files in src(%s)." % (dstcnt, srccnt))
+        self.assertEqual(dstcnt, len(testfiles), "Number of files in dst (%s) differs from number of files in src(%s)." % (dstcnt, srccnt))
 
         oe.path.remove(testloc)
+
+class SubprocessTests(OESelftestTestCase):
+
+    def test_subprocess_tweak(self):
+        """
+        Test that the string representation of
+        oeqa.utils.subprocesstweak.OETestCalledProcessError includes stdout and
+        stderr, as expected.
+        """
+        script = """
+#! /bin/sh
+echo Ivn fgqbhg | tr '[a-zA-Z]' '[n-za-mN-ZA-M]'
+echo Ivn fgqree | tr '[a-zA-Z]' '[n-za-mN-ZA-M]' >&2
+exit 42
+        """
+
+        import subprocess
+        import unittest.mock
+        from oeqa.utils.subprocesstweak import OETestCalledProcessError
+
+        with self.assertRaises(OETestCalledProcessError) as cm:
+            with unittest.mock.patch("subprocess.CalledProcessError", OETestCalledProcessError):
+                subprocess.run(["bash", "-"], input=script, text=True, capture_output=True, check=True)
+
+        e = cm.exception
+        self.assertEqual(e.returncode, 42)
+        self.assertEqual("Via stdout\n", e.stdout)
+        self.assertEqual("Via stderr\n", e.stderr)
+
+        string = str(e)
+        self.assertIn("exit status 42", string)
+        self.assertIn("Standard Output: Via stdout", string)
+        self.assertIn("Standard Error: Via stderr", string)
diff --git a/meta/lib/oeqa/selftest/cases/lic_checksum.py b/meta/lib/oeqa/selftest/cases/lic_checksum.py
index bae935d697..2d0b805b90 100644
--- a/meta/lib/oeqa/selftest/cases/lic_checksum.py
+++ b/meta/lib/oeqa/selftest/cases/lic_checksum.py
@@ -1,16 +1,36 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
 import os
 import tempfile
+import urllib
 
 from oeqa.selftest.case import OESelftestTestCase
 from oeqa.utils.commands import bitbake
-from oeqa.utils import CommandError
 
 class LicenseTests(OESelftestTestCase):
 
+    def test_checksum_with_space(self):
+        bitbake_cmd = '-c populate_lic emptytest'
+
+        lic_file, lic_path = tempfile.mkstemp(" -afterspace")
+        os.close(lic_file)
+        #self.track_for_cleanup(lic_path)
+
+        self.write_config("INHERIT:remove = \"report-error\"")
+
+        self.write_recipeinc('emptytest', """
+INHIBIT_DEFAULT_DEPS = "1"
+LIC_FILES_CHKSUM = "file://%s;md5=d41d8cd98f00b204e9800998ecf8427e"
+SRC_URI = "file://%s;md5=d41d8cd98f00b204e9800998ecf8427e"
+""" % (urllib.parse.quote(lic_path), urllib.parse.quote(lic_path)))
+        result = bitbake(bitbake_cmd)
+        self.delete_recipeinc('emptytest')
+
+
     # Verify that changing a license file that has an absolute path causes
     # the license qa to fail due to a mismatched md5sum.
     def test_nonmatching_checksum(self):
@@ -21,7 +41,7 @@ class LicenseTests(OESelftestTestCase):
         os.close(lic_file)
         self.track_for_cleanup(lic_path)
 
-        self.write_config("INHERIT_remove = \"report-error\"")
+        self.write_config("INHERIT:remove = \"report-error\"")
 
         self.write_recipeinc('emptytest', """
 INHIBIT_DEFAULT_DEPS = "1"
@@ -34,5 +54,6 @@ SRC_URI = "file://%s;md5=d41d8cd98f00b204e9800998ecf8427e"
             f.write("data")
 
         result = bitbake(bitbake_cmd, ignore_status=True)
+        self.delete_recipeinc('emptytest')
         if error_msg not in result.output:
             raise AssertionError(result.output)
diff --git a/meta/lib/oeqa/selftest/cases/locales.py b/meta/lib/oeqa/selftest/cases/locales.py
new file mode 100644
index 0000000000..ac4888ef66
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/locales.py
@@ -0,0 +1,54 @@
+#
+# SPDX-License-Identifier: MIT
+#
+
+from oeqa.selftest.case import OESelftestTestCase
+from oeqa.core.decorator import OETestTag
+from oeqa.utils.commands import bitbake, runqemu
+
+class LocalesTest(OESelftestTestCase):
+
+    @OETestTag("runqemu")
+
+    def run_locales_test(self, binary_enabled):
+        features = []
+        features.append('EXTRA_IMAGE_FEATURES = "empty-root-password allow-empty-password allow-root-login"')
+        features.append('IMAGE_INSTALL:append = " glibc-utils localedef"')
+        features.append('GLIBC_GENERATE_LOCALES = "en_US.UTF-8 fr_FR.UTF-8 en_US.ISO-8859-1 de_DE.UTF-8 fr_FR.ISO-8859-1 zh_HK.BIG5-HKSCS tr_TR.UTF-8"')
+        features.append('IMAGE_LINGUAS:append = " en-us fr-fr"')
+        if binary_enabled:
+            features.append('ENABLE_BINARY_LOCALE_GENERATION = "1"')
+        else:
+            features.append('ENABLE_BINARY_LOCALE_GENERATION = "0"')
+        self.write_config("\n".join(features))
+
+        # Build a core-image-minimal
+        bitbake('core-image-minimal')
+
+        with runqemu("core-image-minimal", ssh=False, runqemuparams='nographic') as qemu:
+            cmd = "locale -a"
+            status, output = qemu.run_serial(cmd)
+            # output must includes fr_FR or fr_FR.UTF-8
+            self.assertEqual(status, 1, msg='locale test command failed: output: %s' % output)
+            self.assertIn("fr_FR", output, msg='locale -a test failed: output: %s' % output)
+
+            cmd = "localedef --list-archive -v"
+            status, output = qemu.run_serial(cmd)
+            # output must includes fr_FR.utf8
+            self.assertEqual(status, 1, msg='localedef test command failed: output: %s' % output)
+            self.assertIn("fr_FR.utf8", output, msg='localedef test failed: output: %s' % output)
+
+    def test_locales_on(self):
+        """
+        Summary: Test the locales are generated
+        Expected: 1. Check the locale exist in the locale-archive
+                  2. Check the locale exist for the glibc
+                  3. Check the locale can be generated
+        Product: oe-core
+        Author: Louis Rannou <lrannou@baylibre.com>
+        AutomatedBy: Louis Rannou <lrannou@baylibre.com>
+        """
+        self.run_locales_test(True)
+
+    def test_locales_off(self):
+        self.run_locales_test(False)
diff --git a/meta/lib/oeqa/selftest/cases/manifest.py b/meta/lib/oeqa/selftest/cases/manifest.py
index 5d13f35468..07a6c80489 100644
--- a/meta/lib/oeqa/selftest/cases/manifest.py
+++ b/meta/lib/oeqa/selftest/cases/manifest.py
@@ -1,11 +1,13 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
 import os
 
 from oeqa.selftest.case import OESelftestTestCase
-from oeqa.utils.commands import get_bb_var, get_bb_vars, bitbake
+from oeqa.utils.commands import get_bb_var, bitbake
 
 class ManifestEntry:
     '''A manifest item of a collection able to list missing packages'''
diff --git a/meta/lib/oeqa/selftest/cases/meta_ide.py b/meta/lib/oeqa/selftest/cases/meta_ide.py
index 6f10d30dc9..c3a7df4cdf 100644
--- a/meta/lib/oeqa/selftest/cases/meta_ide.py
+++ b/meta/lib/oeqa/selftest/cases/meta_ide.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -16,13 +18,15 @@ class MetaIDE(OESelftestTestCase):
     def setUpClass(cls):
         super(MetaIDE, cls).setUpClass()
         bitbake('meta-ide-support')
-        bb_vars = get_bb_vars(['MULTIMACH_TARGET_SYS', 'TMPDIR', 'COREBASE'])
-        cls.environment_script = 'environment-setup-%s' % bb_vars['MULTIMACH_TARGET_SYS']
-        cls.tmpdir = bb_vars['TMPDIR']
-        cls.environment_script_path = '%s/%s' % (cls.tmpdir, cls.environment_script)
+        bitbake('build-sysroots -c build_native_sysroot')
+        bitbake('build-sysroots -c build_target_sysroot')
+        bb_vars = get_bb_vars(['MACHINE_ARCH', 'TARGET_VENDOR', 'TARGET_OS', 'DEPLOY_DIR_IMAGE', 'COREBASE'])
+        cls.environment_script = 'environment-setup-%s%s-%s' % (bb_vars['MACHINE_ARCH'], bb_vars['TARGET_VENDOR'], bb_vars['TARGET_OS'])
+        cls.deploydir = bb_vars['DEPLOY_DIR_IMAGE']
+        cls.environment_script_path = '%s/%s' % (cls.deploydir, cls.environment_script)
         cls.corebasedir = bb_vars['COREBASE']
         cls.tmpdir_metaideQA = tempfile.mkdtemp(prefix='metaide')
-        
+
     @classmethod
     def tearDownClass(cls):
         shutil.rmtree(cls.tmpdir_metaideQA, ignore_errors=True)
@@ -40,12 +44,17 @@ class MetaIDE(OESelftestTestCase):
     def test_meta_ide_can_build_cpio_project(self):
         dl_dir = self.td.get('DL_DIR', None)
         self.project = SDKBuildProject(self.tmpdir_metaideQA + "/cpio/", self.environment_script_path,
-                        "https://ftp.gnu.org/gnu/cpio/cpio-2.13.tar.gz",
+                        "https://ftp.gnu.org/gnu/cpio/cpio-2.15.tar.gz",
                         self.tmpdir_metaideQA, self.td['DATETIME'], dl_dir=dl_dir)
         self.project.download_archive()
-        self.assertEqual(self.project.run_configure('$CONFIGURE_FLAGS --disable-maintainer-mode','sed -i -e "/char \*program_name/d" src/global.c;'), 0,
+        self.assertEqual(self.project.run_configure('CFLAGS="-std=gnu17 -Dbool=int -Dtrue=1 -Dfalse=0 -Wno-error=implicit-function-declaration" $CONFIGURE_FLAGS'), 0,
                         msg="Running configure failed")
-        self.assertEqual(self.project.run_make(), 0,
+        self.assertEqual(self.project.run_make(make_args="CFLAGS='-std=gnu17 -Dbool=int -Dtrue=1 -Dfalse=0 -Wno-error=implicit-function-declaration'"), 0,
                         msg="Running make failed")
         self.assertEqual(self.project.run_install(), 0,
                         msg="Running make install failed")
+
+    def test_meta_ide_can_run_sdk_tests(self):
+        bitbake('-c populate_sysroot gtk+3')
+        bitbake('build-sysroots -c build_target_sysroot')
+        bitbake('-c testsdk meta-ide-support')
diff --git a/meta/lib/oeqa/selftest/cases/minidebuginfo.py b/meta/lib/oeqa/selftest/cases/minidebuginfo.py
new file mode 100644
index 0000000000..a8923460f9
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/minidebuginfo.py
@@ -0,0 +1,60 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+import os
+import subprocess
+import tempfile
+import shutil
+
+from oeqa.core.decorator import OETestTag
+from oeqa.selftest.case import OESelftestTestCase
+from oeqa.utils.commands import bitbake, get_bb_var, get_bb_vars, runCmd
+
+
+class Minidebuginfo(OESelftestTestCase):
+    def test_minidebuginfo(self):
+        target_sys = get_bb_var("TARGET_SYS")
+        binutils = "binutils-cross-{}".format(get_bb_var("TARGET_ARCH"))
+
+        image = 'core-image-minimal'
+        bb_vars = get_bb_vars(['DEPLOY_DIR_IMAGE', 'IMAGE_LINK_NAME', 'READELF'], image)
+
+        self.write_config("""
+DISTRO_FEATURES:append = " minidebuginfo"
+IMAGE_FSTYPES = "tar.bz2"
+""")
+        bitbake("{} {}:do_addto_recipe_sysroot".format(image, binutils))
+
+        native_sysroot = get_bb_var("RECIPE_SYSROOT_NATIVE", binutils)
+
+        # confirm that executables and shared libraries contain an ELF section
+        # ".gnu_debugdata" which stores minidebuginfo.
+        with tempfile.TemporaryDirectory(prefix = "unpackfs-") as unpackedfs:
+            filename = os.path.join(bb_vars['DEPLOY_DIR_IMAGE'], "{}.tar.bz2".format(bb_vars['IMAGE_LINK_NAME']))
+            shutil.unpack_archive(filename, unpackedfs)
+
+            r = runCmd([bb_vars['READELF'], "-W", "-S", os.path.join(unpackedfs, "bin", "busybox")],
+                    native_sysroot = native_sysroot, target_sys = target_sys)
+            self.assertIn(".gnu_debugdata", r.output)
+
+            r = runCmd([bb_vars['READELF'], "-W", "-S", os.path.join(unpackedfs, "lib", "libc.so.6")],
+                    native_sysroot = native_sysroot, target_sys = target_sys)
+            self.assertIn(".gnu_debugdata", r.output)
+
+    @OETestTag("runqemu")
+    def test_minidebuginfo_qemu(self):
+        """
+        Test minidebuginfo inside a qemu.
+        This runs test_systemd_coredump_minidebuginfo and other minidebuginfo runtime tests which may be added in the future.
+        """
+
+        self.write_config("""
+DISTRO_FEATURES:append = " minidebuginfo"
+INIT_MANAGER = "systemd"
+IMAGE_CLASSES += "testimage"
+TEST_SUITES = "ping ssh systemd"
+        """)
+        bitbake('core-image-minimal')
+        bitbake('-c testimage core-image-minimal')
diff --git a/meta/lib/oeqa/selftest/cases/multiconfig.py b/meta/lib/oeqa/selftest/cases/multiconfig.py
index 39b92f2439..f509cbf607 100644
--- a/meta/lib/oeqa/selftest/cases/multiconfig.py
+++ b/meta/lib/oeqa/selftest/cases/multiconfig.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -17,7 +19,7 @@ class MultiConfig(OESelftestTestCase):
         """
 
         config = """
-IMAGE_INSTALL_append_pn-core-image-full-cmdline = " multiconfig-image-packager-tiny multiconfig-image-packager-musl"
+IMAGE_INSTALL:append:pn-core-image-full-cmdline = " multiconfig-image-packager-tiny multiconfig-image-packager-musl"
 BBMULTICONFIG = "tiny musl"
 """
         self.write_config(config)
@@ -52,7 +54,7 @@ TMPDIR = "${TOPDIR}/tmp-mc-tiny"
         self.write_config(config)
 
         testconfig = textwrap.dedent('''\
-                MCTESTVAR_append = "1"
+                MCTESTVAR:append = "1"
                 ''')
         self.write_config(testconfig, 'test')
 
@@ -64,9 +66,22 @@ TMPDIR = "${TOPDIR}/tmp-mc-tiny"
         self.assertIn('MCTESTVAR=test1', result.output.splitlines())
 
         testconfig = textwrap.dedent('''\
-                MCTESTVAR_append = "2"
+                MCTESTVAR:append = "2"
                 ''')
         self.write_config(testconfig, 'test')
 
         result = bitbake('mc:test:multiconfig-test-parse -c showvar')
         self.assertIn('MCTESTVAR=test2', result.output.splitlines())
+
+    def test_multiconfig_inlayer(self):
+        """
+        Test that a multiconfig from meta-selftest works.
+        """
+
+        config = """
+BBMULTICONFIG = "muslmc"
+"""
+        self.write_config(config)
+
+        # Build a core-image-minimal, only dry run needed to check config is present
+        bitbake('mc:muslmc:bash -n')
diff --git a/meta/lib/oeqa/selftest/cases/newlib.py b/meta/lib/oeqa/selftest/cases/newlib.py
new file mode 100644
index 0000000000..fe57aa51f2
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/newlib.py
@@ -0,0 +1,13 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+from oeqa.selftest.case import OESelftestTestCase
+from oeqa.utils.commands import bitbake
+
+class NewlibTest(OESelftestTestCase):
+    def test_newlib(self):
+        self.write_config('TCLIBC = "newlib"')
+        bitbake("newlib libgloss")
diff --git a/meta/lib/oeqa/selftest/cases/oelib/buildhistory.py b/meta/lib/oeqa/selftest/cases/oelib/buildhistory.py
index 802a91a488..042ccdd2b4 100644
--- a/meta/lib/oeqa/selftest/cases/oelib/buildhistory.py
+++ b/meta/lib/oeqa/selftest/cases/oelib/buildhistory.py
@@ -1,8 +1,11 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
 import os
+import sys
 from oeqa.selftest.case import OESelftestTestCase
 import tempfile
 import operator
@@ -11,15 +14,14 @@ from oeqa.utils.commands import get_bb_var
 class TestBlobParsing(OESelftestTestCase):
 
     def setUp(self):
-        import time
         self.repo_path = tempfile.mkdtemp(prefix='selftest-buildhistory',
             dir=get_bb_var('TOPDIR'))
 
         try:
             from git import Repo
             self.repo = Repo.init(self.repo_path)
-        except ImportError:
-            self.skipTest('Python module GitPython is not present')
+        except ImportError as e:
+            self.skipTest('Python module GitPython is not present (%s)  (%s)' % (e, sys.path))
 
         self.test_file = "test"
         self.var_map = {}
@@ -28,6 +30,16 @@ class TestBlobParsing(OESelftestTestCase):
         import shutil
         shutil.rmtree(self.repo_path)
 
+    @property
+    def heads_default(self):
+        """
+        Support repos defaulting to master or to main branch
+        """
+        try:
+            return self.repo.heads.main
+        except AttributeError:
+            return self.repo.heads.master
+
     def commit_vars(self, to_add={}, to_remove = [], msg="A commit message"):
         if len(to_add) == 0 and len(to_remove) == 0:
             return
@@ -65,10 +77,10 @@ class TestBlobParsing(OESelftestTestCase):
         changesmap = { "foo-2" : ("2", "8"), "bar" : ("","4"), "bar-2" : ("","5")}
 
         self.commit_vars(to_add = { "foo" : "1", "foo-2" : "2", "foo-3" : "3" })
-        blob1 = self.repo.heads.master.commit.tree.blobs[0]
+        blob1 = self.heads_default.commit.tree.blobs[0]
 
         self.commit_vars(to_add = { "foo-2" : "8", "bar" : "4", "bar-2" : "5" })
-        blob2 = self.repo.heads.master.commit.tree.blobs[0]
+        blob2 = self.heads_default.commit.tree.blobs[0]
 
         change_records = compare_dict_blobs(os.path.join(self.repo_path, self.test_file),
             blob1, blob2, False, False)
@@ -84,10 +96,10 @@ class TestBlobParsing(OESelftestTestCase):
         defaultmap = { x : ("default", "1")  for x in ["PKG", "PKGE", "PKGV", "PKGR"]}
 
         self.commit_vars(to_add = { "foo" : "1" })
-        blob1 = self.repo.heads.master.commit.tree.blobs[0]
+        blob1 = self.heads_default.commit.tree.blobs[0]
 
         self.commit_vars(to_add = { "PKG" : "1", "PKGE" : "1", "PKGV" : "1", "PKGR" : "1" })
-        blob2 = self.repo.heads.master.commit.tree.blobs[0]
+        blob2 = self.heads_default.commit.tree.blobs[0]
 
         change_records = compare_dict_blobs(os.path.join(self.repo_path, self.test_file),
             blob1, blob2, False, False)
diff --git a/meta/lib/oeqa/selftest/cases/oelib/elf.py b/meta/lib/oeqa/selftest/cases/oelib/elf.py
index 5a5f9b4fdf..7bf550b6fd 100644
--- a/meta/lib/oeqa/selftest/cases/oelib/elf.py
+++ b/meta/lib/oeqa/selftest/cases/oelib/elf.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
diff --git a/meta/lib/oeqa/selftest/cases/oelib/license.py b/meta/lib/oeqa/selftest/cases/oelib/license.py
index 6ebbee589f..5eea12e761 100644
--- a/meta/lib/oeqa/selftest/cases/oelib/license.py
+++ b/meta/lib/oeqa/selftest/cases/oelib/license.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -15,11 +17,11 @@ class SeenVisitor(oe.license.LicenseVisitor):
 
 class TestSingleLicense(TestCase):
     licenses = [
-        "GPLv2",
-        "LGPL-2.0",
-        "Artistic",
+        "GPL-2.0-only",
+        "LGPL-2.0-only",
+        "Artistic-1.0",
         "MIT",
-        "GPLv3+",
+        "GPL-3.0-or-later",
         "FOO_BAR",
     ]
     invalid_licenses = ["GPL/BSD"]
@@ -67,9 +69,9 @@ class TestComplexCombinations(TestSimpleCombinations):
         "FOO & (BAR | BAZ)&MOO": ["FOO", "BAR", "MOO"],
         "(ALPHA|(BETA&THETA)|OMEGA)&DELTA": ["OMEGA", "DELTA"],
         "((ALPHA|BETA)&FOO)|BAZ": ["BETA", "FOO"],
-        "(GPL-2.0|Proprietary)&BSD-4-clause&MIT": ["GPL-2.0", "BSD-4-clause", "MIT"],
+        "(GPL-2.0-only|Proprietary)&BSD-4-clause&MIT": ["GPL-2.0-only", "BSD-4-clause", "MIT"],
     }
-    preferred = ["BAR", "OMEGA", "BETA", "GPL-2.0"]
+    preferred = ["BAR", "OMEGA", "BETA", "GPL-2.0-only"]
 
 class TestIsIncluded(TestCase):
     tests = {
@@ -87,12 +89,12 @@ class TestIsIncluded(TestCase):
             [True, ["BAR", "FOOBAR"]],
         ("(FOO | BAR) & FOOBAR | BAZ & MOO & BARFOO", None, "FOO"):
             [True, ["BAZ", "MOO", "BARFOO"]],
-        ("GPL-3.0 & GPL-2.0 & LGPL-2.1 | Proprietary", None, None):
-            [True, ["GPL-3.0", "GPL-2.0", "LGPL-2.1"]],
-        ("GPL-3.0 & GPL-2.0 & LGPL-2.1 | Proprietary", None, "GPL-3.0"):
+        ("GPL-3.0-or-later & GPL-2.0-only & LGPL-2.1-only | Proprietary", None, None):
+            [True, ["GPL-3.0-or-later", "GPL-2.0-only", "LGPL-2.1-only"]],
+        ("GPL-3.0-or-later & GPL-2.0-only & LGPL-2.1-only | Proprietary", None, "GPL-3.0-or-later"):
             [True, ["Proprietary"]],
-        ("GPL-3.0 & GPL-2.0 & LGPL-2.1 | Proprietary", None, "GPL-3.0 Proprietary"):
-            [False, ["GPL-3.0"]]
+        ("GPL-3.0-or-later & GPL-2.0-only & LGPL-2.1-only | Proprietary", None, "GPL-3.0-or-later Proprietary"):
+            [False, ["GPL-3.0-or-later"]]
     }
 
     def test_tests(self):
diff --git a/meta/lib/oeqa/selftest/cases/oelib/path.py b/meta/lib/oeqa/selftest/cases/oelib/path.py
index a1cfa08c09..b963e447e3 100644
--- a/meta/lib/oeqa/selftest/cases/oelib/path.py
+++ b/meta/lib/oeqa/selftest/cases/oelib/path.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
diff --git a/meta/lib/oeqa/selftest/cases/oelib/types.py b/meta/lib/oeqa/selftest/cases/oelib/types.py
index 7eb49e6f95..58318b18b2 100644
--- a/meta/lib/oeqa/selftest/cases/oelib/types.py
+++ b/meta/lib/oeqa/selftest/cases/oelib/types.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
diff --git a/meta/lib/oeqa/selftest/cases/oelib/utils.py b/meta/lib/oeqa/selftest/cases/oelib/utils.py
index a7214beb4c..0cb46425a0 100644
--- a/meta/lib/oeqa/selftest/cases/oelib/utils.py
+++ b/meta/lib/oeqa/selftest/cases/oelib/utils.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -64,7 +66,7 @@ class TestMultiprocessLaunch(TestCase):
         import bb
 
         def testfunction(item, d):
-            if item == "2" or item == "1":
+            if item == "2":
                 raise KeyError("Invalid number %s" % item)
             return "Found %s" % item
 
@@ -99,5 +101,4 @@ class TestMultiprocessLaunch(TestCase):
         # Assert the function prints exceptions
         with captured_output() as (out, err):
             self.assertRaises(bb.BBHandledException, multiprocess_launch, testfunction, ["1", "2", "3", "4", "5", "6"], d, extraargs=(d,))
-        self.assertIn("KeyError: 'Invalid number 1'", out.getvalue())
         self.assertIn("KeyError: 'Invalid number 2'", out.getvalue())
diff --git a/meta/lib/oeqa/selftest/cases/oescripts.py b/meta/lib/oeqa/selftest/cases/oescripts.py
index 8a10ff357b..3f9899b289 100644
--- a/meta/lib/oeqa/selftest/cases/oescripts.py
+++ b/meta/lib/oeqa/selftest/cases/oescripts.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -7,47 +9,19 @@ import shutil
 import importlib
 import unittest
 from oeqa.selftest.case import OESelftestTestCase
-from oeqa.selftest.cases.buildhistory import BuildhistoryBase
-from oeqa.utils.commands import Command, runCmd, bitbake, get_bb_var, get_test_layer
+from oeqa.utils.commands import runCmd, bitbake, get_bb_var
 from oeqa.utils import CommandError
 
-class BuildhistoryDiffTests(BuildhistoryBase):
-
-    def test_buildhistory_diff(self):
-        target = 'xcursor-transparent-theme'
-        self.run_buildhistory_operation(target, target_config="PR = \"r1\"", change_bh_location=True)
-        self.run_buildhistory_operation(target, target_config="PR = \"r0\"", change_bh_location=False, expect_error=True)
-        result = runCmd("oe-pkgdata-util read-value PKGV %s" % target)
-        pkgv = result.output.rstrip()
-        result = runCmd("buildhistory-diff -p %s" % get_bb_var('BUILDHISTORY_DIR'))
-        expected_endlines = [
-            "xcursor-transparent-theme-dev: RDEPENDS: removed \"xcursor-transparent-theme (['= %s-r1'])\", added \"xcursor-transparent-theme (['= %s-r0'])\"" % (pkgv, pkgv),
-            "xcursor-transparent-theme-staticdev: RDEPENDS: removed \"xcursor-transparent-theme-dev (['= %s-r1'])\", added \"xcursor-transparent-theme-dev (['= %s-r0'])\"" % (pkgv, pkgv)
-        ]
-        for line in result.output.splitlines():
-            for el in expected_endlines:
-                if line.endswith(el):
-                    expected_endlines.remove(el)
-                    break
-            else:
-                self.fail('Unexpected line:\n%s\nExpected line endings:\n  %s' % (line, '\n  '.join(expected_endlines)))
-        if expected_endlines:
-            self.fail('Missing expected line endings:\n  %s' % '\n  '.join(expected_endlines))
-
 @unittest.skipUnless(importlib.util.find_spec("cairo"), "Python cairo module is not present")
-class OEScriptTests(OESelftestTestCase):
+class OEPybootchartguyTests(OESelftestTestCase):
 
     @classmethod
     def setUpClass(cls):
-        super(OEScriptTests, cls).setUpClass()
-        import cairo
+        super().setUpClass()
         bitbake("core-image-minimal -c rootfs -f")
         cls.tmpdir = get_bb_var('TMPDIR')
         cls.buildstats = cls.tmpdir + "/buildstats/" + sorted(os.listdir(cls.tmpdir + "/buildstats"))[-1]
-
-    scripts_dir = os.path.join(get_bb_var('COREBASE'), 'scripts')
-
-class OEPybootchartguyTests(OEScriptTests):
+        cls.scripts_dir = os.path.join(get_bb_var('COREBASE'), 'scripts')
 
     def test_pybootchartguy_help(self):
         runCmd('%s/pybootchartgui/pybootchartgui.py  --help' % self.scripts_dir)
@@ -67,7 +41,10 @@ class OEPybootchartguyTests(OEScriptTests):
 
 class OEGitproxyTests(OESelftestTestCase):
 
-    scripts_dir = os.path.join(get_bb_var('COREBASE'), 'scripts')
+    @classmethod
+    def setUpClass(cls):
+        super().setUpClass()
+        cls.scripts_dir = os.path.join(get_bb_var('COREBASE'), 'scripts')
 
     def test_oegitproxy_help(self):
         try:
@@ -125,15 +102,22 @@ class OEGitproxyTests(OESelftestTestCase):
 class OeRunNativeTest(OESelftestTestCase):
     def test_oe_run_native(self):
         bitbake("qemu-helper-native -c addto_recipe_sysroot")
-        result = runCmd("oe-run-native qemu-helper-native tunctl -h")
-        self.assertIn("Delete: tunctl -d device-name [-f tun-clone-device]", result.output)
+        result = runCmd("oe-run-native qemu-helper-native qemu-oe-bridge-helper --help")
+        self.assertIn("Helper function to find and exec qemu-bridge-helper", result.output)
+
+class OEListPackageconfigTests(OESelftestTestCase):
+
+    @classmethod
+    def setUpClass(cls):
+        super().setUpClass()
+        cls.scripts_dir = os.path.join(get_bb_var('COREBASE'), 'scripts')
 
-class OEListPackageconfigTests(OEScriptTests):
     #oe-core.scripts.List_all_the_PACKAGECONFIG's_flags
     def check_endlines(self, results,  expected_endlines): 
         for line in results.output.splitlines():
             for el in expected_endlines:
-                if line.split() == el.split():
+                if line and line.split()[0] == el.split()[0] and \
+                   ' '.join(sorted(el.split())) in ' '.join(sorted(line.split())):
                     expected_endlines.remove(el)
                     break
 
@@ -149,8 +133,8 @@ class OEListPackageconfigTests(OEScriptTests):
         results = runCmd('%s/contrib/list-packageconfig-flags.py' % self.scripts_dir)
         expected_endlines = []
         expected_endlines.append("RECIPE NAME                  PACKAGECONFIG FLAGS")
-        expected_endlines.append("pinentry                     gtk2 libcap ncurses qt secret")
-        expected_endlines.append("tar                          acl")
+        expected_endlines.append("pinentry                     gtk2 ncurses qt secret")
+        expected_endlines.append("tar                          acl selinux")
 
         self.check_endlines(results, expected_endlines)
 
@@ -167,11 +151,10 @@ class OEListPackageconfigTests(OEScriptTests):
     def test_packageconfig_flags_option_all(self):
         results = runCmd('%s/contrib/list-packageconfig-flags.py -a' % self.scripts_dir)
         expected_endlines = []
-        expected_endlines.append("pinentry-1.1.1")
-        expected_endlines.append("PACKAGECONFIG ncurses libcap")
+        expected_endlines.append("pinentry-1.3.1")
+        expected_endlines.append("PACKAGECONFIG ncurses")
         expected_endlines.append("PACKAGECONFIG[qt] --enable-pinentry-qt, --disable-pinentry-qt, qtbase-native qtbase")
         expected_endlines.append("PACKAGECONFIG[gtk2] --enable-pinentry-gtk2, --disable-pinentry-gtk2, gtk+ glib-2.0")
-        expected_endlines.append("PACKAGECONFIG[libcap] --with-libcap, --without-libcap, libcap")
         expected_endlines.append("PACKAGECONFIG[ncurses] --enable-ncurses  --with-ncurses-include-dir=${STAGING_INCDIR}, --disable-ncurses, ncurses")
         expected_endlines.append("PACKAGECONFIG[secret] --enable-libsecret, --disable-libsecret, libsecret")
 
@@ -181,7 +164,7 @@ class OEListPackageconfigTests(OEScriptTests):
         results = runCmd('%s/contrib/list-packageconfig-flags.py -p' % self.scripts_dir)
         expected_endlines = []
         expected_endlines.append("RECIPE NAME                  PACKAGECONFIG FLAGS")
-        expected_endlines.append("pinentry                     gtk2 libcap ncurses qt secret")
+        expected_endlines.append("pinentry                     gtk2 ncurses qt secret")
 
         self.check_endlines(results, expected_endlines)
 
diff --git a/meta/lib/oeqa/selftest/cases/overlayfs.py b/meta/lib/oeqa/selftest/cases/overlayfs.py
new file mode 100644
index 0000000000..580fbdcb9c
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/overlayfs.py
@@ -0,0 +1,541 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+from oeqa.selftest.case import OESelftestTestCase
+from oeqa.utils.commands import bitbake, runqemu, get_bb_vars
+from oeqa.core.decorator import OETestTag
+from oeqa.core.decorator.data import skipIfNotMachine
+
+def getline_qemu(out, line):
+    for l in out.split('\n'):
+        if line in l:
+            return l
+
+def getline(res, line):
+    return getline_qemu(res.output, line)
+
+class OverlayFSTests(OESelftestTestCase):
+    """Overlayfs class usage tests"""
+
+    def add_overlay_conf_to_machine(self):
+        machine_inc = """
+OVERLAYFS_MOUNT_POINT[mnt-overlay] = "/mnt/overlay"
+"""
+        self.set_machine_config(machine_inc)
+
+    def test_distro_features_missing(self):
+        """
+        Summary:   Check that required DISTRO_FEATURES are set
+        Expected:  Fail when either systemd or overlayfs are not in DISTRO_FEATURES
+        Author:    Vyacheslav Yurkov <uvv.mail@gmail.com>
+        """
+
+        config = """
+IMAGE_INSTALL:append = " overlayfs-user"
+"""
+        overlayfs_recipe_append = """
+inherit overlayfs
+"""
+        self.write_config(config)
+        self.add_overlay_conf_to_machine()
+        self.write_recipeinc('overlayfs-user', overlayfs_recipe_append)
+
+        res = bitbake('core-image-minimal', ignore_status=True)
+        line = getline(res, "overlayfs-user was skipped: missing required distro features")
+        self.assertTrue("overlayfs" in res.output, msg=res.output)
+        self.assertTrue("systemd" in res.output, msg=res.output)
+        self.assertTrue("ERROR: Required build target 'core-image-minimal' has no buildable providers." in res.output, msg=res.output)
+
+    def test_not_all_units_installed(self):
+        """
+        Summary:   Test QA check that we have required mount units in the image
+        Expected:  Fail because mount unit for overlay partition is not installed
+        Author:    Vyacheslav Yurkov <uvv.mail@gmail.com>
+        """
+
+        config = """
+IMAGE_INSTALL:append = " overlayfs-user"
+DISTRO_FEATURES:append = " systemd overlayfs usrmerge"
+"""
+
+        self.write_config(config)
+        self.add_overlay_conf_to_machine()
+
+        res = bitbake('core-image-minimal', ignore_status=True)
+        line = getline(res, " Mount path /mnt/overlay not found in fstab and unit mnt-overlay.mount not found in systemd unit directories")
+        self.assertTrue(line and line.startswith("WARNING:"), msg=res.output)
+        line = getline(res, "Not all mount paths and units are installed in the image")
+        self.assertTrue(line and line.startswith("ERROR:"), msg=res.output)
+
+    def test_not_all_units_installed_but_qa_skipped(self):
+        """
+        Summary:   Test skipping the QA check
+        Expected:  Image is created successfully
+        Author:    Claudius Heine <ch@denx.de>
+        """
+
+        config = """
+IMAGE_INSTALL:append = " overlayfs-user"
+DISTRO_FEATURES:append = " systemd overlayfs usrmerge"
+OVERLAYFS_QA_SKIP[mnt-overlay] = "mount-configured"
+"""
+
+        self.write_config(config)
+        self.add_overlay_conf_to_machine()
+
+        bitbake('core-image-minimal')
+
+    def test_mount_unit_not_set(self):
+        """
+        Summary:   Test whether mount unit was set properly
+        Expected:  Fail because mount unit was not set
+        Author:    Vyacheslav Yurkov <uvv.mail@gmail.com>
+        """
+
+        config = """
+IMAGE_INSTALL:append = " overlayfs-user"
+DISTRO_FEATURES:append = " systemd overlayfs usrmerge"
+"""
+
+        self.write_config(config)
+
+        res = bitbake('core-image-minimal', ignore_status=True)
+        line = getline(res, "A recipe uses overlayfs class but there is no OVERLAYFS_MOUNT_POINT set in your MACHINE configuration")
+        self.assertTrue(line and line.startswith("Parsing recipes...ERROR:"), msg=res.output)
+
+    def test_wrong_mount_unit_set(self):
+        """
+        Summary:   Test whether mount unit was set properly
+        Expected:  Fail because not the correct flag used for mount unit
+        Author:    Vyacheslav Yurkov <uvv.mail@gmail.com>
+        """
+
+        config = """
+IMAGE_INSTALL:append = " overlayfs-user"
+DISTRO_FEATURES:append = " systemd overlayfs usrmerge"
+"""
+
+        wrong_machine_config = """
+OVERLAYFS_MOUNT_POINT[usr-share-overlay] = "/usr/share/overlay"
+"""
+
+        self.write_config(config)
+        self.set_machine_config(wrong_machine_config)
+
+        res = bitbake('core-image-minimal', ignore_status=True)
+        line = getline(res, "Missing required mount point for OVERLAYFS_MOUNT_POINT[mnt-overlay] in your MACHINE configuration")
+        self.assertTrue(line and line.startswith("Parsing recipes...ERROR:"), msg=res.output)
+
+    def _test_correct_image(self, recipe, data):
+        """
+        Summary:   Check that we can create an image when all parameters are
+                   set correctly
+        Expected:  Image is created successfully
+        Author:    Vyacheslav Yurkov <uvv.mail@gmail.com>
+        """
+
+        config = """
+IMAGE_INSTALL:append = " overlayfs-user systemd-machine-units"
+DISTRO_FEATURES:append = " overlayfs"
+
+# Use systemd as init manager
+INIT_MANAGER = "systemd"
+
+# enable overlayfs in the kernel
+KERNEL_EXTRA_FEATURES:append = " features/overlayfs/overlayfs.scc"
+"""
+
+        overlayfs_recipe_append = """
+OVERLAYFS_WRITABLE_PATHS[mnt-overlay] += "/usr/share/another-overlay-mount"
+
+SYSTEMD_SERVICE:${PN} += " \
+    my-application.service \
+"
+
+do_install:append() {
+    install -d ${D}${systemd_system_unitdir}
+    cat <<EOT > ${D}${systemd_system_unitdir}/my-application.service
+[Unit]
+Description=Sample application start-up unit
+After=overlayfs-user-overlays.service
+Requires=overlayfs-user-overlays.service
+
+[Service]
+Type=oneshot
+ExecStart=/bin/true
+RemainAfterExit=true
+
+[Install]
+WantedBy=multi-user.target
+EOT
+}
+"""
+
+        self.write_config(config)
+        self.add_overlay_conf_to_machine()
+        self.write_recipeinc(recipe, data)
+        self.write_recipeinc('overlayfs-user', overlayfs_recipe_append)
+
+        bitbake('core-image-minimal')
+
+        with runqemu('core-image-minimal') as qemu:
+            # Check that application service started
+            status, output = qemu.run_serial("systemctl status my-application")
+            self.assertTrue("active (exited)" in output, msg=output)
+
+            # Check that overlay mounts are dependencies of our application unit
+            status, output = qemu.run_serial("systemctl list-dependencies my-application")
+            self.assertTrue("overlayfs-user-overlays.service" in output, msg=output)
+
+            status, output = qemu.run_serial("systemctl list-dependencies overlayfs-user-overlays")
+            self.assertTrue("usr-share-another\\x2doverlay\\x2dmount.mount" in output, msg=output)
+            self.assertTrue("usr-share-my\\x2dapplication.mount" in output, msg=output)
+
+            # Check that we have /mnt/overlay fs mounted as tmpfs and
+            # /usr/share/my-application as an overlay (see overlayfs-user recipe)
+            status, output = qemu.run_serial("/bin/mount -t tmpfs,overlay")
+
+            line = getline_qemu(output, "on /mnt/overlay")
+            self.assertTrue(line and line.startswith("tmpfs"), msg=output)
+
+            line = getline_qemu(output, "upperdir=/mnt/overlay/upper/usr/share/my-application")
+            self.assertTrue(line and line.startswith("overlay"), msg=output)
+
+            line = getline_qemu(output, "upperdir=/mnt/overlay/upper/usr/share/another-overlay-mount")
+            self.assertTrue(line and line.startswith("overlay"), msg=output)
+
+    @OETestTag("runqemu")
+    def test_correct_image_fstab(self):
+        """
+        Summary:   Check that we can create an image when all parameters are
+                   set correctly via fstab
+        Expected:  Image is created successfully
+        Author:    Stefan Herbrechtsmeier <stefan.herbrechtsmeier@weidmueller.com>
+        """
+
+        base_files_append = """
+do_install:append() {
+    cat <<EOT >> ${D}${sysconfdir}/fstab
+tmpfs                /mnt/overlay         tmpfs      mode=1777,strictatime,nosuid,nodev  0  0
+EOT
+}
+"""
+
+        self._test_correct_image('base-files', base_files_append)
+
+    @OETestTag("runqemu")
+    def test_correct_image_unit(self):
+        """
+        Summary:   Check that we can create an image when all parameters are
+                   set correctly via mount unit
+        Expected:  Image is created successfully
+        Author:    Vyacheslav Yurkov <uvv.mail@gmail.com>
+        """
+
+        systemd_machine_unit_append = """
+SYSTEMD_SERVICE:${PN} += " \
+    mnt-overlay.mount \
+"
+
+do_install:append() {
+    install -d ${D}${systemd_system_unitdir}
+    cat <<EOT > ${D}${systemd_system_unitdir}/mnt-overlay.mount
+[Unit]
+Description=Tmpfs directory
+DefaultDependencies=no
+
+[Mount]
+What=tmpfs
+Where=/mnt/overlay
+Type=tmpfs
+Options=mode=1777,strictatime,nosuid,nodev
+
+[Install]
+WantedBy=multi-user.target
+EOT
+}
+
+"""
+
+        self._test_correct_image('systemd-machine-units', systemd_machine_unit_append)
+
+@OETestTag("runqemu")
+class OverlayFSEtcRunTimeTests(OESelftestTestCase):
+    """overlayfs-etc class tests"""
+
+    def test_all_required_variables_set(self):
+        """
+        Summary:   Check that required variables are set
+        Expected:  Fail when any of required variables is missing
+        Author:    Vyacheslav Yurkov <uvv.mail@gmail.com>
+        """
+
+        configBase = """
+# Use systemd as init manager
+INIT_MANAGER = "systemd"
+
+# enable overlayfs in the kernel
+KERNEL_EXTRA_FEATURES:append = " features/overlayfs/overlayfs.scc"
+
+# Image configuration for overlayfs-etc
+EXTRA_IMAGE_FEATURES += "overlayfs-etc"
+IMAGE_FEATURES:remove = "package-management"
+"""
+        configMountPoint = """
+OVERLAYFS_ETC_MOUNT_POINT = "/data"
+"""
+        configDevice = """
+OVERLAYFS_ETC_DEVICE = "/dev/mmcblk0p1"
+"""
+
+        self.write_config(configBase)
+        res = bitbake('core-image-minimal', ignore_status=True)
+        line = getline(res, "OVERLAYFS_ETC_MOUNT_POINT must be set in your MACHINE configuration")
+        self.assertTrue(line, msg=res.output)
+
+        self.append_config(configMountPoint)
+        res = bitbake('core-image-minimal', ignore_status=True)
+        line = getline(res, "OVERLAYFS_ETC_DEVICE must be set in your MACHINE configuration")
+        self.assertTrue(line, msg=res.output)
+
+        self.append_config(configDevice)
+        res = bitbake('core-image-minimal', ignore_status=True)
+        line = getline(res, "OVERLAYFS_ETC_FSTYPE should contain a valid file system type on /dev/mmcblk0p1")
+        self.assertTrue(line, msg=res.output)
+
+    def test_image_feature_conflict(self):
+        """
+        Summary:   Overlayfs-etc is not allowed to be used with package-management
+        Expected:  Feature conflict
+        Author:    Vyacheslav Yurkov <uvv.mail@gmail.com>
+        """
+
+        config = """
+# Use systemd as init manager
+INIT_MANAGER = "systemd"
+
+# enable overlayfs in the kernel
+KERNEL_EXTRA_FEATURES:append = " features/overlayfs/overlayfs.scc"
+EXTRA_IMAGE_FEATURES += "overlayfs-etc"
+EXTRA_IMAGE_FEATURES += "package-management"
+"""
+
+        self.write_config(config)
+
+        res = bitbake('core-image-minimal', ignore_status=True)
+        line = getline(res, "contains conflicting IMAGE_FEATURES")
+        self.assertTrue("overlayfs-etc" in res.output, msg=res.output)
+        self.assertTrue("package-management" in res.output, msg=res.output)
+
+    # https://bugzilla.yoctoproject.org/show_bug.cgi?id=14963
+    @skipIfNotMachine("qemux86-64", "tests are qemux86-64 specific currently")
+    def test_image_feature_is_missing(self):
+        """
+        Summary:   Overlayfs-etc class is not applied when image feature is not set
+        Expected:  Image is created successfully but /etc is not an overlay
+        Author:    Vyacheslav Yurkov <uvv.mail@gmail.com>
+        """
+
+        config = """
+# Use systemd as init manager
+INIT_MANAGER = "systemd"
+
+# enable overlayfs in the kernel
+KERNEL_EXTRA_FEATURES:append = " features/overlayfs/overlayfs.scc"
+
+IMAGE_FSTYPES += "wic"
+WKS_FILE = "overlayfs_etc.wks.in"
+
+EXTRA_IMAGE_FEATURES += "read-only-rootfs"
+# Image configuration for overlayfs-etc
+OVERLAYFS_ETC_MOUNT_POINT = "/data"
+OVERLAYFS_ETC_DEVICE = "/dev/sda3"
+OVERLAYFS_ROOTFS_TYPE = "ext4"
+"""
+
+        self.write_config(config)
+
+        bitbake('core-image-minimal')
+
+        with runqemu('core-image-minimal', image_fstype='wic') as qemu:
+            status, output = qemu.run_serial("/bin/mount")
+
+            line = getline_qemu(output, "upperdir=/data/overlay-etc/upper")
+            self.assertFalse(line, msg=output)
+
+    @skipIfNotMachine("qemux86-64", "tests are qemux86-64 specific currently")
+    def test_sbin_init_preinit(self):
+        self.run_sbin_init(False, "ext4")
+
+    @skipIfNotMachine("qemux86-64", "tests are qemux86-64 specific currently")
+    def test_sbin_init_original(self):
+        self.run_sbin_init(True, "ext4")
+
+    @skipIfNotMachine("qemux86-64", "tests are qemux86-64 specific currently")
+    def test_sbin_init_read_only(self):
+        self.run_sbin_init(True, "squashfs")
+
+    def run_sbin_init(self, origInit, rootfsType):
+        """
+        Summary:   Confirm we can replace original init and mount overlay on top of /etc
+        Expected:  Image is created successfully and /etc is mounted as an overlay
+        Author:    Vyacheslav Yurkov <uvv.mail@gmail.com>
+        """
+
+        config = self.get_working_config()
+
+        args = {
+            'OVERLAYFS_INIT_OPTION': "" if origInit else "init=/sbin/preinit",
+            'OVERLAYFS_ETC_USE_ORIG_INIT_NAME': int(origInit == True),
+            'OVERLAYFS_ROOTFS_TYPE': rootfsType,
+            'OVERLAYFS_ETC_CREATE_MOUNT_DIRS': int(rootfsType == "ext4")
+        }
+
+        self.write_config(config.format(**args))
+
+        bitbake('core-image-minimal')
+        testFile = "/etc/my-test-data"
+
+        with runqemu('core-image-minimal', image_fstype='wic', discard_writes=False) as qemu:
+            status, output = qemu.run_serial("/bin/mount")
+
+            line = getline_qemu(output, "/dev/sda3")
+            self.assertTrue("/data" in output, msg=output)
+
+            line = getline_qemu(output, "upperdir=/data/overlay-etc/upper")
+            self.assertTrue(line and line.startswith("/data/overlay-etc/upper on /etc type overlay"), msg=output)
+
+            # check that lower layer is not available
+            status, output = qemu.run_serial("ls -1 /data/overlay-etc/lower")
+            line = getline_qemu(output, "No such file or directory")
+            self.assertTrue(line, msg=output)
+
+            status, output = qemu.run_serial("touch " + testFile)
+            status, output = qemu.run_serial("sync")
+            status, output = qemu.run_serial("ls -1 " + testFile)
+            line = getline_qemu(output, testFile)
+            self.assertTrue(line and line.startswith(testFile), msg=output)
+
+        # Check that file exists in /etc after reboot
+        with runqemu('core-image-minimal', image_fstype='wic') as qemu:
+            status, output = qemu.run_serial("ls -1 " + testFile)
+            line = getline_qemu(output, testFile)
+            self.assertTrue(line and line.startswith(testFile), msg=output)
+
+    @skipIfNotMachine("qemux86-64", "tests are qemux86-64 specific currently")
+    def test_lower_layer_access(self):
+        """
+        Summary:   Test that lower layer of /etc is available read-only when configured
+        Expected:  Can't write to lower layer. The files on lower and upper different after
+                   modification
+        Author:    Vyacheslav Yurkov <uvv.mail@gmail.com>
+        """
+
+        config = self.get_working_config()
+
+        configLower = """
+OVERLAYFS_ETC_EXPOSE_LOWER = "1"
+IMAGE_INSTALL:append = " overlayfs-user"
+"""
+        testFile = "lower-layer-test.txt"
+
+        args = {
+            'OVERLAYFS_INIT_OPTION': "",
+            'OVERLAYFS_ETC_USE_ORIG_INIT_NAME': 1,
+            'OVERLAYFS_ROOTFS_TYPE': "ext4",
+            'OVERLAYFS_ETC_CREATE_MOUNT_DIRS': 1
+        }
+
+        self.write_config(config.format(**args))
+
+        self.append_config(configLower)
+        bitbake('core-image-minimal')
+
+        with runqemu('core-image-minimal', image_fstype='wic') as qemu:
+            status, output = qemu.run_serial("echo \"Modified in upper\" > /etc/" + testFile)
+            status, output = qemu.run_serial("diff /etc/" + testFile + " /data/overlay-etc/lower/" + testFile)
+            line = getline_qemu(output, "Modified in upper")
+            self.assertTrue(line, msg=output)
+            line = getline_qemu(output, "Original file")
+            self.assertTrue(line, msg=output)
+
+            status, output = qemu.run_serial("touch /data/overlay-etc/lower/ro-test.txt")
+            line = getline_qemu(output, "Read-only file system")
+            self.assertTrue(line, msg=output)
+
+    @skipIfNotMachine("qemux86-64", "tests are qemux86-64 specific currently")
+    def test_postinst_on_target_for_read_only_rootfs(self):
+        """
+        Summary:  The purpose of this test case is to verify that post-installation
+                  on target scripts are executed even if using read-only rootfs when
+                  read-only-rootfs-delayed-postinsts is set
+        Expected: The test files are created on first boot
+        """
+
+        import oe.path
+
+        vars = get_bb_vars(("IMAGE_ROOTFS", "sysconfdir"), "core-image-minimal")
+        sysconfdir = vars["sysconfdir"]
+        self.assertIsNotNone(sysconfdir)
+        # Need to use oe.path here as sysconfdir starts with /
+        targettestdir = os.path.join(sysconfdir, "postinst-test")
+
+        config = self.get_working_config()
+
+        args = {
+            'OVERLAYFS_INIT_OPTION': "",
+            'OVERLAYFS_ETC_USE_ORIG_INIT_NAME': 1,
+            'OVERLAYFS_ROOTFS_TYPE': "ext4",
+            'OVERLAYFS_ETC_CREATE_MOUNT_DIRS': 1
+        }
+
+        # read-only-rootfs is already set in get_working_config()
+        config += 'EXTRA_IMAGE_FEATURES += "read-only-rootfs-delayed-postinsts"\n'
+        config += 'CORE_IMAGE_EXTRA_INSTALL = "postinst-delayed-b"\n'
+
+        self.write_config(config.format(**args))
+
+        res = bitbake('core-image-minimal')
+
+        with runqemu('core-image-minimal', image_fstype='wic') as qemu:
+            for filename in ("rootfs", "delayed-a", "delayed-b"):
+                status, output = qemu.run_serial("test -f %s && echo found" % os.path.join(targettestdir, filename))
+                self.assertIn("found", output, "%s was not present on boot" % filename)
+
+    def get_working_config(self):
+        return """
+# Use systemd as init manager
+INIT_MANAGER = "systemd"
+
+# enable overlayfs in the kernel
+KERNEL_EXTRA_FEATURES:append = " \
+    features/overlayfs/overlayfs.scc \
+    cfg/fs/squashfs.scc"
+
+IMAGE_FSTYPES += "wic"
+OVERLAYFS_INIT_OPTION = "{OVERLAYFS_INIT_OPTION}"
+OVERLAYFS_ROOTFS_TYPE = "{OVERLAYFS_ROOTFS_TYPE}"
+OVERLAYFS_ETC_CREATE_MOUNT_DIRS = "{OVERLAYFS_ETC_CREATE_MOUNT_DIRS}"
+WKS_FILE = "overlayfs_etc.wks.in"
+
+EXTRA_IMAGE_FEATURES += "read-only-rootfs"
+# Image configuration for overlayfs-etc
+EXTRA_IMAGE_FEATURES += "overlayfs-etc"
+IMAGE_FEATURES:remove = "package-management"
+OVERLAYFS_ETC_MOUNT_POINT = "/data"
+OVERLAYFS_ETC_FSTYPE = "ext4"
+OVERLAYFS_ETC_DEVICE = "/dev/sda3"
+OVERLAYFS_ETC_USE_ORIG_INIT_NAME = "{OVERLAYFS_ETC_USE_ORIG_INIT_NAME}"
+
+ROOTFS_POSTPROCESS_COMMAND += "{OVERLAYFS_ROOTFS_TYPE}_rootfs"
+
+ext4_rootfs() {{
+}}
+
+squashfs_rootfs() {{
+    mkdir -p ${{IMAGE_ROOTFS}}/data
+}}
+"""
diff --git a/meta/lib/oeqa/selftest/cases/package.py b/meta/lib/oeqa/selftest/cases/package.py
index 7166c3991f..38ed7173fe 100644
--- a/meta/lib/oeqa/selftest/cases/package.py
+++ b/meta/lib/oeqa/selftest/cases/package.py
@@ -1,10 +1,11 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
 from oeqa.selftest.case import OESelftestTestCase
 from oeqa.utils.commands import bitbake, get_bb_vars, get_bb_var, runqemu
-import stat
 import subprocess, os
 import oe.path
 import re
@@ -88,6 +89,13 @@ class VersionOrdering(OESelftestTestCase):
             self.assertEqual(status - 100, sort, "%s %s (%d) failed" % (ver1, ver2, sort))
 
 class PackageTests(OESelftestTestCase):
+    # Verify that a recipe cannot rename a package into an existing one
+    def test_package_name_conflict(self):
+        res = bitbake("packagenameconflict", ignore_status=True)
+        self.assertNotEqual(res.status, 0)
+        err = "package name already exists"
+        self.assertTrue(err in res.output)
+
     # Verify that a recipe which sets up hardlink files has those preserved into split packages
     # Also test file sparseness is preserved
     def test_preserve_sparse_hardlinks(self):
@@ -95,11 +103,37 @@ class PackageTests(OESelftestTestCase):
 
         dest = get_bb_var('PKGDEST', 'selftest-hardlink')
         bindir = get_bb_var('bindir', 'selftest-hardlink')
+        libdir = get_bb_var('libdir', 'selftest-hardlink')
+        libexecdir = get_bb_var('libexecdir', 'selftest-hardlink')
 
         def checkfiles():
             # Recipe creates 4 hardlinked files, there is a copy in package/ and a copy in packages-split/
             # so expect 8 in total.
             self.assertEqual(os.stat(dest + "/selftest-hardlink" + bindir + "/hello1").st_nlink, 8)
+            self.assertEqual(os.stat(dest + "/selftest-hardlink" + libexecdir + "/hello3").st_nlink, 8)
+
+            # Check dbg version
+            # 2 items, a copy in both package/packages-split so 4
+            self.assertEqual(os.stat(dest + "/selftest-hardlink-dbg" + bindir + "/.debug/hello1").st_nlink, 4)
+            self.assertEqual(os.stat(dest + "/selftest-hardlink-dbg" + libexecdir + "/.debug/hello1").st_nlink, 4)
+
+            # Even though the libexecdir name is 'hello3' or 'hello4', that isn't the debug target name
+            self.assertEqual(os.path.exists(dest + "/selftest-hardlink-dbg" + libexecdir + "/.debug/hello3"), False)
+            self.assertEqual(os.path.exists(dest + "/selftest-hardlink-dbg" + libexecdir + "/.debug/hello4"), False)
+
+            # Check the staticdev libraries
+            # 101 items, a copy in both package/packages-split so 202
+            self.assertEqual(os.stat(dest + "/selftest-hardlink-staticdev" + libdir + "/libhello.a").st_nlink, 202)
+            self.assertEqual(os.stat(dest + "/selftest-hardlink-staticdev" + libdir + "/libhello-25.a").st_nlink, 202)
+            self.assertEqual(os.stat(dest + "/selftest-hardlink-staticdev" + libdir + "/libhello-50.a").st_nlink, 202)
+            self.assertEqual(os.stat(dest + "/selftest-hardlink-staticdev" + libdir + "/libhello-75.a").st_nlink, 202)
+
+            # Check static dbg
+            # 101 items, a copy in both package/packages-split so 202
+            self.assertEqual(os.stat(dest + "/selftest-hardlink-dbg" + libdir + "/.debug-static/libhello.a").st_nlink, 202)
+            self.assertEqual(os.stat(dest + "/selftest-hardlink-dbg" + libdir + "/.debug-static/libhello-25.a").st_nlink, 202)
+            self.assertEqual(os.stat(dest + "/selftest-hardlink-dbg" + libdir + "/.debug-static/libhello-50.a").st_nlink, 202)
+            self.assertEqual(os.stat(dest + "/selftest-hardlink-dbg" + libdir + "/.debug-static/libhello-75.a").st_nlink, 202)
 
             # Test a sparse file remains sparse
             sparsestat = os.stat(dest + "/selftest-hardlink" + bindir + "/sparsetest")
@@ -116,9 +150,9 @@ class PackageTests(OESelftestTestCase):
 
     # Verify gdb to read symbols from separated debug hardlink file correctly
     def test_gdb_hardlink_debug(self):
-        features = 'IMAGE_INSTALL_append = " selftest-hardlink"\n'
-        features += 'IMAGE_INSTALL_append = " selftest-hardlink-dbg"\n'
-        features += 'IMAGE_INSTALL_append = " selftest-hardlink-gdb"\n'
+        features = 'IMAGE_INSTALL:append = " selftest-hardlink"\n'
+        features += 'IMAGE_INSTALL:append = " selftest-hardlink-dbg"\n'
+        features += 'IMAGE_INSTALL:append = " selftest-hardlink-gdb"\n'
         self.write_config(features)
         bitbake("core-image-minimal")
 
@@ -134,8 +168,10 @@ class PackageTests(OESelftestTestCase):
                     self.logger.error("No debugging symbols found. GDB result:\n%s" % output)
                     return False
 
-                # Check debugging symbols works correctly
-                elif re.match(r"Breakpoint 1.*hello\.c.*4", l):
+                # Check debugging symbols works correctly. Don't look for a
+                # source file as optimisation can put the breakpoint inside
+                # stdio.h.
+                elif "Breakpoint 1 at" in l:
                     return True
 
             self.logger.error("GDB result:\n%d: %s", status, output)
@@ -150,25 +186,25 @@ class PackageTests(OESelftestTestCase):
                     self.fail('GDB %s failed' % binary)
 
     def test_preserve_ownership(self):
-        import os, stat, oe.cachedpath
-        features = 'IMAGE_INSTALL_append = " selftest-chown"\n'
+        features = 'IMAGE_INSTALL:append = " selftest-chown"\n'
         self.write_config(features)
         bitbake("core-image-minimal")
 
-        sysconfdir = get_bb_var('sysconfdir', 'selftest-chown')
-        def check_ownership(qemu, gid, uid, path):
+        def check_ownership(qemu, expected_gid, expected_uid, path):
             self.logger.info("Check ownership of %s", path)
-            status, output = qemu.run_serial(r'/bin/stat -c "%U %G" ' + path, timeout=60)
-            output = output.split(" ")
-            if output[0] != uid or output[1] != gid :
-                self.logger.error("Incrrect ownership %s [%s:%s]", path, output[0], output[1])
-                return False
-            return True
+            status, output = qemu.run_serial('stat -c "%U %G" ' + path)
+            self.assertEqual(status, 1, "stat failed: " + output)
+            try:
+                uid, gid = output.split()
+                self.assertEqual(uid, expected_uid)
+                self.assertEqual(gid, expected_gid)
+            except ValueError:
+                self.fail("Cannot parse output: " + output)
 
+        sysconfdir = get_bb_var('sysconfdir', 'selftest-chown')
         with runqemu('core-image-minimal') as qemu:
             for path in [ sysconfdir + "/selftest-chown/file",
                           sysconfdir + "/selftest-chown/dir",
                           sysconfdir + "/selftest-chown/symlink",
                           sysconfdir + "/selftest-chown/fifotest/fifo"]:
-                if not check_ownership(qemu, "test", "test", path):
-                    self.fail('Test ownership %s failed' % path)
+                check_ownership(qemu, "test", "test", path)
diff --git a/meta/lib/oeqa/selftest/cases/picolibc.py b/meta/lib/oeqa/selftest/cases/picolibc.py
new file mode 100644
index 0000000000..e40b4fc3d3
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/picolibc.py
@@ -0,0 +1,18 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+from oeqa.selftest.case import OESelftestTestCase
+from oeqa.utils.commands import bitbake, get_bb_var
+
+class PicolibcTest(OESelftestTestCase):
+
+    def test_picolibc(self):
+        compatible_machines = ['qemuarm', 'qemuarm64', 'qemuriscv32', 'qemuriscv64']
+        machine = get_bb_var('MACHINE')
+        if machine not in compatible_machines:
+            self.skipTest('This test only works with machines : %s' % ' '.join(compatible_machines))
+        self.write_config('TCLIBC = "picolibc"')
+        bitbake("picolibc-helloworld")
diff --git a/meta/lib/oeqa/selftest/cases/pkgdata.py b/meta/lib/oeqa/selftest/cases/pkgdata.py
index 254abc40c6..d786c33018 100644
--- a/meta/lib/oeqa/selftest/cases/pkgdata.py
+++ b/meta/lib/oeqa/selftest/cases/pkgdata.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -47,8 +49,8 @@ class OePkgdataUtilTests(OESelftestTestCase):
         self.assertGreater(pkgsize, 1, "Size should be greater than 1. %s" % result.output)
 
     def test_find_path(self):
-        result = runCmd('oe-pkgdata-util find-path /lib/libz.so.1')
-        self.assertEqual(result.output, 'zlib: /lib/libz.so.1')
+        result = runCmd('oe-pkgdata-util find-path /usr/lib/libz.so.1')
+        self.assertEqual(result.output, 'zlib: /usr/lib/libz.so.1')
         result = runCmd('oe-pkgdata-util find-path /usr/bin/m4')
         self.assertEqual(result.output, 'm4: /usr/bin/m4')
         result = runCmd('oe-pkgdata-util find-path /not/exist', ignore_status=True)
@@ -120,8 +122,7 @@ class OePkgdataUtilTests(OESelftestTestCase):
                     curpkg = line.split(':')[0]
                     files[curpkg] = []
             return files
-        bb_vars = get_bb_vars(['base_libdir', 'libdir', 'includedir', 'mandir'])
-        base_libdir = bb_vars['base_libdir']
+        bb_vars = get_bb_vars(['libdir', 'includedir', 'mandir'])
         libdir = bb_vars['libdir']
         includedir = bb_vars['includedir']
         mandir = bb_vars['mandir']
@@ -138,7 +139,7 @@ class OePkgdataUtilTests(OESelftestTestCase):
         self.assertIn('libz1', list(files.keys()), "listed pkgs. files: %s" %result.output)
         self.assertIn('libz-dev', list(files.keys()), "listed pkgs. files: %s" %result.output)
         self.assertGreater(len(files['libz1']), 1)
-        libspec = os.path.join(base_libdir, 'libz.so.1.*')
+        libspec = os.path.join(libdir, 'libz.so.1.*')
         found = False
         for fileitem in files['libz1']:
             if fnmatch.fnmatchcase(fileitem, libspec):
diff --git a/meta/lib/oeqa/selftest/cases/prservice.py b/meta/lib/oeqa/selftest/cases/prservice.py
index 578b2b4dd9..8da3739c57 100644
--- a/meta/lib/oeqa/selftest/cases/prservice.py
+++ b/meta/lib/oeqa/selftest/cases/prservice.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -12,6 +14,8 @@ from oeqa.selftest.case import OESelftestTestCase
 from oeqa.utils.commands import runCmd, bitbake, get_bb_var
 from oeqa.utils.network import get_free_port
 
+import bb.utils
+
 class BitbakePrTests(OESelftestTestCase):
 
     @classmethod
@@ -19,6 +23,16 @@ class BitbakePrTests(OESelftestTestCase):
         super(BitbakePrTests, cls).setUpClass()
         cls.pkgdata_dir = get_bb_var('PKGDATA_DIR')
 
+        cls.exported_db_path = os.path.join(cls.builddir, 'export.inc')
+        cls.current_db_path = os.path.join(get_bb_var('PERSISTENT_DIR'), 'prserv.sqlite3')
+
+    def cleanup(self):
+        # Ensure any memory resident bitbake is stopped
+        bitbake("-m")
+        # Remove any existing export file or prserv database
+        bb.utils.remove(self.exported_db_path)
+        bb.utils.remove(self.current_db_path + "*")
+
     def get_pr_version(self, package_name):
         package_data_file = os.path.join(self.pkgdata_dir, 'runtime', package_name)
         package_data = ftools.read_file(package_data_file)
@@ -40,13 +54,14 @@ class BitbakePrTests(OESelftestTestCase):
         return str(stamps[0])
 
     def increment_package_pr(self, package_name):
-        inc_data = "do_package_append() {\n    bb.build.exec_func('do_test_prserv', d)\n}\ndo_test_prserv() {\necho \"The current date is: %s\" > ${PKGDESTWORK}/${PN}.datestamp\n}" % datetime.datetime.now()
+        inc_data = "do_package:append() {\n    bb.build.exec_func('do_test_prserv', d)\n}\ndo_test_prserv() {\necho \"The current date is: %s\" > ${PKGDESTWORK}/${PN}.datestamp\n}" % datetime.datetime.now()
         self.write_recipeinc(package_name, inc_data)
         res = bitbake(package_name, ignore_status=True)
         self.delete_recipeinc(package_name)
         self.assertEqual(res.status, 0, msg=res.output)
 
     def config_pr_tests(self, package_name, package_type='rpm', pr_socket='localhost:0'):
+        self.cleanup()
         config_package_data = 'PACKAGE_CLASSES = "package_%s"' % package_type
         self.write_config(config_package_data)
         config_server_data = 'PRSERV_HOST = "%s"' % pr_socket
@@ -66,24 +81,24 @@ class BitbakePrTests(OESelftestTestCase):
         self.assertTrue(pr_2 - pr_1 == 1, "New PR %s did not increment as expected (from %s), difference should be 1" % (pr_2, pr_1))
         self.assertTrue(stamp_1 != stamp_2, "Different pkg rev. but same stamp: %s" % stamp_1)
 
+        self.cleanup()
+
     def run_test_pr_export_import(self, package_name, replace_current_db=True):
         self.config_pr_tests(package_name)
 
         self.increment_package_pr(package_name)
         pr_1 = self.get_pr_version(package_name)
 
-        exported_db_path = os.path.join(self.builddir, 'export.inc')
-        export_result = runCmd("bitbake-prserv-tool export %s" % exported_db_path, ignore_status=True)
+        export_result = runCmd("bitbake-prserv-tool export %s" % self.exported_db_path, ignore_status=True)
         self.assertEqual(export_result.status, 0, msg="PR Service database export failed: %s" % export_result.output)
-        self.assertTrue(os.path.exists(exported_db_path))
+        self.assertTrue(os.path.exists(self.exported_db_path), msg="%s didn't exist, tool output %s" % (self.exported_db_path, export_result.output))
 
         if replace_current_db:
-            current_db_path = os.path.join(get_bb_var('PERSISTENT_DIR'), 'prserv.sqlite3')
-            self.assertTrue(os.path.exists(current_db_path), msg="Path to current PR Service database is invalid: %s" % current_db_path)
-            os.remove(current_db_path)
+            self.assertTrue(os.path.exists(self.current_db_path), msg="Path to current PR Service database is invalid: %s" % self.current_db_path)
+            os.remove(self.current_db_path)
 
-        import_result = runCmd("bitbake-prserv-tool import %s" % exported_db_path, ignore_status=True)
-        os.remove(exported_db_path)
+        import_result = runCmd("bitbake-prserv-tool import %s" % self.exported_db_path, ignore_status=True)
+        #os.remove(self.exported_db_path)
         self.assertEqual(import_result.status, 0, msg="PR Service database import failed: %s" % import_result.output)
 
         self.increment_package_pr(package_name)
@@ -91,6 +106,8 @@ class BitbakePrTests(OESelftestTestCase):
 
         self.assertTrue(pr_2 - pr_1 == 1, "New PR %s did not increment as expected (from %s), difference should be 1" % (pr_2, pr_1))
 
+        self.cleanup()
+
     def test_import_export_replace_db(self):
         self.run_test_pr_export_import('m4')
 
diff --git a/meta/lib/oeqa/selftest/cases/pseudo.py b/meta/lib/oeqa/selftest/cases/pseudo.py
index 33593d5ce9..3ef8786022 100644
--- a/meta/lib/oeqa/selftest/cases/pseudo.py
+++ b/meta/lib/oeqa/selftest/cases/pseudo.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
diff --git a/meta/lib/oeqa/selftest/cases/recipetool.py b/meta/lib/oeqa/selftest/cases/recipetool.py
index 9d56e9e1e3..0bd724c8ee 100644
--- a/meta/lib/oeqa/selftest/cases/recipetool.py
+++ b/meta/lib/oeqa/selftest/cases/recipetool.py
@@ -1,7 +1,10 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
+import errno
 import os
 import shutil
 import tempfile
@@ -25,7 +28,17 @@ def tearDownModule():
     runCmd('rm -rf %s' % templayerdir)
 
 
-class RecipetoolBase(devtool.DevtoolBase):
+def needTomllib(test):
+    # This test require python 3.11 or above for the tomllib module or tomli module to be installed
+    try:
+        import tomllib
+    except ImportError:
+        try:
+            import tomli
+        except ImportError:
+            test.skipTest('Test requires python 3.11 or above for tomllib module or tomli module')
+
+class RecipetoolBase(devtool.DevtoolTestCase):
 
     def setUpLocal(self):
         super(RecipetoolBase, self).setUpLocal()
@@ -35,6 +48,8 @@ class RecipetoolBase(devtool.DevtoolBase):
         self.testfile = os.path.join(self.tempdir, 'testfile')
         with open(self.testfile, 'w') as f:
             f.write('Test file\n')
+        config = 'BBMASK += "meta-poky/recipes-core/base-files/base-files_%.bbappend"\n'
+        self.append_config(config)
 
     def tearDownLocal(self):
         runCmd('rm -rf %s/recipes-*' % self.templayerdir)
@@ -68,17 +83,16 @@ class RecipetoolBase(devtool.DevtoolBase):
         return bbappendfile, result.output
 
 
-class RecipetoolTests(RecipetoolBase):
+class RecipetoolAppendTests(RecipetoolBase):
 
     @classmethod
     def setUpClass(cls):
-        super(RecipetoolTests, cls).setUpClass()
+        super(RecipetoolAppendTests, cls).setUpClass()
         # Ensure we have the right data in shlibs/pkgdata
         cls.logger.info('Running bitbake to generate pkgdata')
         bitbake('-c packagedata base-files coreutils busybox selftest-recipetool-appendfile')
-        bb_vars = get_bb_vars(['COREBASE', 'BBPATH'])
+        bb_vars = get_bb_vars(['COREBASE'])
         cls.corebase = bb_vars['COREBASE']
-        cls.bbpath = bb_vars['BBPATH']
 
     def _try_recipetool_appendfile(self, testrecipe, destfile, newfile, options, expectedlines, expectedfiles):
         cmd = 'recipetool appendfile %s %s %s %s' % (self.templayerdir, destfile, newfile, options)
@@ -94,7 +108,7 @@ class RecipetoolTests(RecipetoolBase):
 
     def test_recipetool_appendfile_basic(self):
         # Basic test
-        expectedlines = ['FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"\n',
+        expectedlines = ['FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"\n',
                         '\n']
         _, output = self._try_recipetool_appendfile('base-files', '/etc/motd', self.testfile, '', expectedlines, ['motd'])
         self.assertNotIn('WARNING: ', output)
@@ -106,23 +120,29 @@ class RecipetoolTests(RecipetoolBase):
         self._try_recipetool_appendfile_fail('/dev/console', self.testfile, ['ERROR: /dev/console cannot be handled by this tool'])
 
     def test_recipetool_appendfile_alternatives(self):
+        lspath = '/bin/ls'
+        dirname = "base_bindir"
+        if "usrmerge" in get_bb_var('DISTRO_FEATURES'):
+            lspath = '/usr/bin/ls'
+            dirname = "bindir"
+
         # Now try with a file we know should be an alternative
         # (this is very much a fake example, but one we know is reliably an alternative)
-        self._try_recipetool_appendfile_fail('/bin/ls', self.testfile, ['ERROR: File /bin/ls is an alternative possibly provided by the following recipes:', 'coreutils', 'busybox'])
+        self._try_recipetool_appendfile_fail(lspath, self.testfile, ['ERROR: File %s is an alternative possibly provided by the following recipes:' % lspath, 'coreutils', 'busybox'])
         # Need a test file - should be executable
         testfile2 = os.path.join(self.corebase, 'oe-init-build-env')
         testfile2name = os.path.basename(testfile2)
-        expectedlines = ['FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"\n',
+        expectedlines = ['FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"\n',
                          '\n',
                          'SRC_URI += "file://%s"\n' % testfile2name,
                          '\n',
-                         'do_install_append() {\n',
-                         '    install -d ${D}${base_bindir}\n',
-                         '    install -m 0755 ${WORKDIR}/%s ${D}${base_bindir}/ls\n' % testfile2name,
+                         'do_install:append() {\n',
+                         '    install -d ${D}${%s}\n' % dirname,
+                         '    install -m 0755 ${UNPACKDIR}/%s ${D}${%s}/ls\n' % (testfile2name, dirname),
                          '}\n']
-        self._try_recipetool_appendfile('coreutils', '/bin/ls', testfile2, '-r coreutils', expectedlines, [testfile2name])
+        self._try_recipetool_appendfile('coreutils', lspath, testfile2, '-r coreutils', expectedlines, [testfile2name])
         # Now try bbappending the same file again, contents should not change
-        bbappendfile, _ = self._try_recipetool_appendfile('coreutils', '/bin/ls', self.testfile, '-r coreutils', expectedlines, [testfile2name])
+        bbappendfile, _ = self._try_recipetool_appendfile('coreutils', lspath, self.testfile, '-r coreutils', expectedlines, [testfile2name])
         # But file should have
         copiedfile = os.path.join(os.path.dirname(bbappendfile), 'coreutils', testfile2name)
         result = runCmd('diff -q %s %s' % (testfile2, copiedfile), ignore_status=True)
@@ -138,117 +158,117 @@ class RecipetoolTests(RecipetoolBase):
 
     def test_recipetool_appendfile_add(self):
         # Try arbitrary file add to a recipe
-        expectedlines = ['FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"\n',
+        expectedlines = ['FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"\n',
                          '\n',
                          'SRC_URI += "file://testfile"\n',
                          '\n',
-                         'do_install_append() {\n',
+                         'do_install:append() {\n',
                          '    install -d ${D}${datadir}\n',
-                         '    install -m 0644 ${WORKDIR}/testfile ${D}${datadir}/something\n',
+                         '    install -m 0644 ${UNPACKDIR}/testfile ${D}${datadir}/something\n',
                          '}\n']
         self._try_recipetool_appendfile('netbase', '/usr/share/something', self.testfile, '-r netbase', expectedlines, ['testfile'])
         # Try adding another file, this time where the source file is executable
         # (so we're testing that, plus modifying an existing bbappend)
         testfile2 = os.path.join(self.corebase, 'oe-init-build-env')
         testfile2name = os.path.basename(testfile2)
-        expectedlines = ['FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"\n',
+        expectedlines = ['FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"\n',
                          '\n',
                          'SRC_URI += "file://testfile \\\n',
                          '            file://%s \\\n' % testfile2name,
                          '            "\n',
                          '\n',
-                         'do_install_append() {\n',
+                         'do_install:append() {\n',
                          '    install -d ${D}${datadir}\n',
-                         '    install -m 0644 ${WORKDIR}/testfile ${D}${datadir}/something\n',
-                         '    install -m 0755 ${WORKDIR}/%s ${D}${datadir}/scriptname\n' % testfile2name,
+                         '    install -m 0644 ${UNPACKDIR}/testfile ${D}${datadir}/something\n',
+                         '    install -m 0755 ${UNPACKDIR}/%s ${D}${datadir}/scriptname\n' % testfile2name,
                          '}\n']
         self._try_recipetool_appendfile('netbase', '/usr/share/scriptname', testfile2, '-r netbase', expectedlines, ['testfile', testfile2name])
 
     def test_recipetool_appendfile_add_bindir(self):
         # Try arbitrary file add to a recipe, this time to a location such that should be installed as executable
-        expectedlines = ['FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"\n',
+        expectedlines = ['FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"\n',
                          '\n',
                          'SRC_URI += "file://testfile"\n',
                          '\n',
-                         'do_install_append() {\n',
+                         'do_install:append() {\n',
                          '    install -d ${D}${bindir}\n',
-                         '    install -m 0755 ${WORKDIR}/testfile ${D}${bindir}/selftest-recipetool-testbin\n',
+                         '    install -m 0755 ${UNPACKDIR}/testfile ${D}${bindir}/selftest-recipetool-testbin\n',
                          '}\n']
         _, output = self._try_recipetool_appendfile('netbase', '/usr/bin/selftest-recipetool-testbin', self.testfile, '-r netbase', expectedlines, ['testfile'])
         self.assertNotIn('WARNING: ', output)
 
     def test_recipetool_appendfile_add_machine(self):
         # Try arbitrary file add to a recipe, this time to a location such that should be installed as executable
-        expectedlines = ['FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"\n',
+        expectedlines = ['FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"\n',
                          '\n',
                          'PACKAGE_ARCH = "${MACHINE_ARCH}"\n',
                          '\n',
-                         'SRC_URI_append_mymachine = " file://testfile"\n',
+                         'SRC_URI:append:mymachine = " file://testfile"\n',
                          '\n',
-                         'do_install_append_mymachine() {\n',
+                         'do_install:append:mymachine() {\n',
                          '    install -d ${D}${datadir}\n',
-                         '    install -m 0644 ${WORKDIR}/testfile ${D}${datadir}/something\n',
+                         '    install -m 0644 ${UNPACKDIR}/testfile ${D}${datadir}/something\n',
                          '}\n']
         _, output = self._try_recipetool_appendfile('netbase', '/usr/share/something', self.testfile, '-r netbase -m mymachine', expectedlines, ['mymachine/testfile'])
         self.assertNotIn('WARNING: ', output)
 
     def test_recipetool_appendfile_orig(self):
         # A file that's in SRC_URI and in do_install with the same name
-        expectedlines = ['FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"\n',
+        expectedlines = ['FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"\n',
                          '\n']
         _, output = self._try_recipetool_appendfile('selftest-recipetool-appendfile', '/usr/share/selftest-replaceme-orig', self.testfile, '', expectedlines, ['selftest-replaceme-orig'])
         self.assertNotIn('WARNING: ', output)
 
     def test_recipetool_appendfile_todir(self):
         # A file that's in SRC_URI and in do_install with destination directory rather than file
-        expectedlines = ['FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"\n',
+        expectedlines = ['FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"\n',
                          '\n']
         _, output = self._try_recipetool_appendfile('selftest-recipetool-appendfile', '/usr/share/selftest-replaceme-todir', self.testfile, '', expectedlines, ['selftest-replaceme-todir'])
         self.assertNotIn('WARNING: ', output)
 
     def test_recipetool_appendfile_renamed(self):
         # A file that's in SRC_URI with a different name to the destination file
-        expectedlines = ['FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"\n',
+        expectedlines = ['FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"\n',
                          '\n']
         _, output = self._try_recipetool_appendfile('selftest-recipetool-appendfile', '/usr/share/selftest-replaceme-renamed', self.testfile, '', expectedlines, ['file1'])
         self.assertNotIn('WARNING: ', output)
 
     def test_recipetool_appendfile_subdir(self):
         # A file that's in SRC_URI in a subdir
-        expectedlines = ['FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"\n',
+        expectedlines = ['FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"\n',
                          '\n',
                          'SRC_URI += "file://testfile"\n',
                          '\n',
-                         'do_install_append() {\n',
+                         'do_install:append() {\n',
                          '    install -d ${D}${datadir}\n',
-                         '    install -m 0644 ${WORKDIR}/testfile ${D}${datadir}/selftest-replaceme-subdir\n',
+                         '    install -m 0644 ${UNPACKDIR}/testfile ${D}${datadir}/selftest-replaceme-subdir\n',
                          '}\n']
         _, output = self._try_recipetool_appendfile('selftest-recipetool-appendfile', '/usr/share/selftest-replaceme-subdir', self.testfile, '', expectedlines, ['testfile'])
         self.assertNotIn('WARNING: ', output)
 
     def test_recipetool_appendfile_inst_glob(self):
         # A file that's in do_install as a glob
-        expectedlines = ['FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"\n',
+        expectedlines = ['FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"\n',
                          '\n']
         _, output = self._try_recipetool_appendfile('selftest-recipetool-appendfile', '/usr/share/selftest-replaceme-inst-globfile', self.testfile, '', expectedlines, ['selftest-replaceme-inst-globfile'])
         self.assertNotIn('WARNING: ', output)
 
     def test_recipetool_appendfile_inst_todir_glob(self):
         # A file that's in do_install as a glob with destination as a directory
-        expectedlines = ['FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"\n',
+        expectedlines = ['FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"\n',
                          '\n']
         _, output = self._try_recipetool_appendfile('selftest-recipetool-appendfile', '/usr/share/selftest-replaceme-inst-todir-globfile', self.testfile, '', expectedlines, ['selftest-replaceme-inst-todir-globfile'])
         self.assertNotIn('WARNING: ', output)
 
     def test_recipetool_appendfile_patch(self):
         # A file that's added by a patch in SRC_URI
-        expectedlines = ['FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"\n',
+        expectedlines = ['FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"\n',
                          '\n',
                          'SRC_URI += "file://testfile"\n',
                          '\n',
-                         'do_install_append() {\n',
+                         'do_install:append() {\n',
                          '    install -d ${D}${sysconfdir}\n',
-                         '    install -m 0644 ${WORKDIR}/testfile ${D}${sysconfdir}/selftest-replaceme-patched\n',
+                         '    install -m 0644 ${UNPACKDIR}/testfile ${D}${sysconfdir}/selftest-replaceme-patched\n',
                          '}\n']
         _, output = self._try_recipetool_appendfile('selftest-recipetool-appendfile', '/etc/selftest-replaceme-patched', self.testfile, '', expectedlines, ['testfile'])
         for line in output.splitlines():
@@ -260,20 +280,20 @@ class RecipetoolTests(RecipetoolBase):
 
     def test_recipetool_appendfile_script(self):
         # Now, a file that's in SRC_URI but installed by a script (so no mention in do_install)
-        expectedlines = ['FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"\n',
+        expectedlines = ['FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"\n',
                          '\n',
                          'SRC_URI += "file://testfile"\n',
                          '\n',
-                         'do_install_append() {\n',
+                         'do_install:append() {\n',
                          '    install -d ${D}${datadir}\n',
-                         '    install -m 0644 ${WORKDIR}/testfile ${D}${datadir}/selftest-replaceme-scripted\n',
+                         '    install -m 0644 ${UNPACKDIR}/testfile ${D}${datadir}/selftest-replaceme-scripted\n',
                          '}\n']
         _, output = self._try_recipetool_appendfile('selftest-recipetool-appendfile', '/usr/share/selftest-replaceme-scripted', self.testfile, '', expectedlines, ['testfile'])
         self.assertNotIn('WARNING: ', output)
 
     def test_recipetool_appendfile_inst_func(self):
         # A file that's installed from a function called by do_install
-        expectedlines = ['FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"\n',
+        expectedlines = ['FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"\n',
                          '\n']
         _, output = self._try_recipetool_appendfile('selftest-recipetool-appendfile', '/usr/share/selftest-replaceme-inst-func', self.testfile, '', expectedlines, ['selftest-replaceme-inst-func'])
         self.assertNotIn('WARNING: ', output)
@@ -283,13 +303,13 @@ class RecipetoolTests(RecipetoolBase):
         # First try without specifying recipe
         self._try_recipetool_appendfile_fail('/usr/share/selftest-replaceme-postinst', self.testfile, ['File /usr/share/selftest-replaceme-postinst may be written out in a pre/postinstall script of the following recipes:', 'selftest-recipetool-appendfile'])
         # Now specify recipe
-        expectedlines = ['FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"\n',
+        expectedlines = ['FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"\n',
                          '\n',
                          'SRC_URI += "file://testfile"\n',
                          '\n',
-                         'do_install_append() {\n',
+                         'do_install:append() {\n',
                          '    install -d ${D}${datadir}\n',
-                         '    install -m 0644 ${WORKDIR}/testfile ${D}${datadir}/selftest-replaceme-postinst\n',
+                         '    install -m 0644 ${UNPACKDIR}/testfile ${D}${datadir}/selftest-replaceme-postinst\n',
                          '}\n']
         _, output = self._try_recipetool_appendfile('selftest-recipetool-appendfile', '/usr/share/selftest-replaceme-postinst', self.testfile, '-r selftest-recipetool-appendfile', expectedlines, ['testfile'])
 
@@ -332,6 +352,9 @@ class RecipetoolTests(RecipetoolBase):
         filename = try_appendfile_wc('-w')
         self.assertEqual(filename, recipefn.split('_')[0] + '_%.bbappend')
 
+
+class RecipetoolCreateTests(RecipetoolBase):
+
     def test_recipetool_create(self):
         # Try adding a recipe
         tempsrc = os.path.join(self.tempdir, 'srctree')
@@ -341,14 +364,13 @@ class RecipetoolTests(RecipetoolBase):
         result = runCmd('recipetool create -o %s %s -x %s' % (recipefile, srcuri, tempsrc))
         self.assertTrue(os.path.isfile(recipefile))
         checkvars = {}
-        checkvars['LICENSE'] = 'GPLv2'
+        checkvars['LICENSE'] = 'GPL-2.0-only'
         checkvars['LIC_FILES_CHKSUM'] = 'file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263'
         checkvars['SRC_URI'] = 'https://github.com/logrotate/logrotate/releases/download/${PV}/logrotate-${PV}.tar.xz'
-        checkvars['SRC_URI[md5sum]'] = 'a560c57fac87c45b2fc17406cdf79288'
         checkvars['SRC_URI[sha256sum]'] = '2e6a401cac9024db2288297e3be1a8ab60e7401ba8e91225218aaf4a27e82a07'
         self._test_recipe_contents(recipefile, checkvars, [])
 
-    def test_recipetool_create_git(self):
+    def test_recipetool_create_autotools(self):
         if 'x11' not in get_bb_var('DISTRO_FEATURES'):
             self.skipTest('Test requires x11 as distro feature')
         # Ensure we have the right data in shlibs/pkgdata
@@ -357,15 +379,15 @@ class RecipetoolTests(RecipetoolBase):
         tempsrc = os.path.join(self.tempdir, 'srctree')
         os.makedirs(tempsrc)
         recipefile = os.path.join(self.tempdir, 'libmatchbox.bb')
-        srcuri = 'git://git.yoctoproject.org/libmatchbox'
+        srcuri = 'git://git.yoctoproject.org/libmatchbox;protocol=https'
         result = runCmd(['recipetool', 'create', '-o', recipefile, srcuri + ";rev=9f7cf8895ae2d39c465c04cc78e918c157420269", '-x', tempsrc])
         self.assertTrue(os.path.isfile(recipefile), 'recipetool did not create recipe file; output:\n%s' % result.output)
         checkvars = {}
-        checkvars['LICENSE'] = 'LGPLv2.1'
+        checkvars['LICENSE'] = 'LGPL-2.1-only'
         checkvars['LIC_FILES_CHKSUM'] = 'file://COPYING;md5=7fbc338309ac38fefcd64b04bb903e34'
-        checkvars['S'] = '${WORKDIR}/git'
-        checkvars['PV'] = '1.11+git${SRCPV}'
-        checkvars['SRC_URI'] = srcuri
+        checkvars['S'] = None
+        checkvars['PV'] = '1.11+git'
+        checkvars['SRC_URI'] = srcuri + ';branch=master'
         checkvars['DEPENDS'] = set(['libcheck', 'libjpeg-turbo', 'libpng', 'libx11', 'libxext', 'pango'])
         inherits = ['autotools', 'pkgconfig']
         self._test_recipe_contents(recipefile, checkvars, inherits)
@@ -374,8 +396,8 @@ class RecipetoolTests(RecipetoolBase):
         # Try adding a recipe
         temprecipe = os.path.join(self.tempdir, 'recipe')
         os.makedirs(temprecipe)
-        pv = '1.7.3.0'
-        srcuri = 'http://www.dest-unreach.org/socat/download/socat-%s.tar.bz2' % pv
+        pv = '1.7.4.1'
+        srcuri = 'http://www.dest-unreach.org/socat/download/Archive/socat-%s.tar.bz2' % pv
         result = runCmd('recipetool create %s -o %s' % (srcuri, temprecipe))
         dirlist = os.listdir(temprecipe)
         if len(dirlist) > 1:
@@ -384,7 +406,7 @@ class RecipetoolTests(RecipetoolBase):
             self.fail('recipetool did not create recipe file; output:\n%s\ndirlist:\n%s' % (result.output, str(dirlist)))
         self.assertEqual(dirlist[0], 'socat_%s.bb' % pv, 'Recipe file incorrectly named')
         checkvars = {}
-        checkvars['LICENSE'] = set(['Unknown', 'GPLv2'])
+        checkvars['LICENSE'] = set(['Unknown', 'GPL-2.0-only'])
         checkvars['LIC_FILES_CHKSUM'] = set(['file://COPYING.OpenSSL;md5=5c9bccc77f67a8328ef4ebaf468116f4', 'file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263'])
         # We don't check DEPENDS since they are variable for this recipe depending on what's in the sysroot
         checkvars['S'] = None
@@ -400,9 +422,8 @@ class RecipetoolTests(RecipetoolBase):
         result = runCmd('recipetool create -o %s %s' % (temprecipe, srcuri))
         self.assertTrue(os.path.isfile(recipefile))
         checkvars = {}
-        checkvars['LICENSE'] = set(['LGPLv2.1', 'MPL-1.1'])
+        checkvars['LICENSE'] = set(['LGPL-2.1-only', 'MPL-1.1-only'])
         checkvars['SRC_URI'] = 'http://taglib.github.io/releases/taglib-${PV}.tar.gz'
-        checkvars['SRC_URI[md5sum]'] = 'cee7be0ccfc892fa433d6c837df9522a'
         checkvars['SRC_URI[sha256sum]'] = 'b6d1a5a610aae6ff39d93de5efd0fdc787aa9e9dc1e7026fa4c961b26563526b'
         checkvars['DEPENDS'] = set(['boost', 'zlib'])
         inherits = ['cmake']
@@ -424,77 +445,271 @@ class RecipetoolTests(RecipetoolBase):
         checkvars = {}
         checkvars['SUMMARY'] = 'Node Server Example'
         checkvars['HOMEPAGE'] = 'https://github.com/savoirfairelinux/node-server-example#readme'
-        checkvars['LICENSE'] = set(['MIT', 'ISC', 'Unknown'])
+        checkvars['LICENSE'] = 'BSD-3-Clause & ISC & MIT & Unknown'
         urls = []
         urls.append('npm://registry.npmjs.org/;package=@savoirfairelinux/node-server-example;version=${PV}')
         urls.append('npmsw://${THISDIR}/${BPN}/npm-shrinkwrap.json')
         checkvars['SRC_URI'] = set(urls)
         checkvars['S'] = '${WORKDIR}/npm'
-        checkvars['LICENSE_${PN}'] = 'MIT'
-        checkvars['LICENSE_${PN}-base64'] = 'Unknown'
-        checkvars['LICENSE_${PN}-accepts'] = 'MIT'
-        checkvars['LICENSE_${PN}-inherits'] = 'ISC'
+        checkvars['LICENSE:${PN}'] = 'MIT'
+        checkvars['LICENSE:${PN}-base64'] = 'Unknown'
+        checkvars['LICENSE:${PN}-accepts'] = 'MIT'
+        checkvars['LICENSE:${PN}-inherits'] = 'ISC'
         inherits = ['npm']
         self._test_recipe_contents(recipefile, checkvars, inherits)
 
     def test_recipetool_create_github(self):
-        # Basic test to see if github URL mangling works
+        # Basic test to see if github URL mangling works. Deliberately use an
+        # older release of Meson at present so we don't need a toml parser.
         temprecipe = os.path.join(self.tempdir, 'recipe')
         os.makedirs(temprecipe)
-        recipefile = os.path.join(temprecipe, 'meson_git.bb')
-        srcuri = 'https://github.com/mesonbuild/meson;rev=0.32.0'
-        result = runCmd(['recipetool', 'create', '-o', temprecipe, srcuri])
-        self.assertTrue(os.path.isfile(recipefile))
+        recipefile = os.path.join(temprecipe, 'python3-meson_git.bb')
+        srcuri = 'https://github.com/mesonbuild/meson;rev=0.52.1'
+        cmd = ['recipetool', 'create', '-o', temprecipe, srcuri]
+        result = runCmd(cmd)
+        self.assertTrue(os.path.isfile(recipefile), msg="recipe %s not created for command %s, output %s" % (recipefile, " ".join(cmd), result.output))
         checkvars = {}
-        checkvars['LICENSE'] = set(['Apache-2.0'])
-        checkvars['SRC_URI'] = 'git://github.com/mesonbuild/meson;protocol=https'
+        checkvars['LICENSE'] = set(['Apache-2.0', "Unknown"])
+        checkvars['SRC_URI'] = 'git://github.com/mesonbuild/meson;protocol=https;branch=0.52'
         inherits = ['setuptools3']
         self._test_recipe_contents(recipefile, checkvars, inherits)
 
     def test_recipetool_create_python3_setuptools(self):
         # Test creating python3 package from tarball (using setuptools3 class)
+        # Use the --no-pypi switch to avoid creating a pypi enabled recipe and
+        # and check the created recipe as if it was a more general tarball
         temprecipe = os.path.join(self.tempdir, 'recipe')
         os.makedirs(temprecipe)
         pn = 'python-magic'
         pv = '0.4.15'
         recipefile = os.path.join(temprecipe, '%s_%s.bb' % (pn, pv))
         srcuri = 'https://files.pythonhosted.org/packages/84/30/80932401906eaf787f2e9bd86dc458f1d2e75b064b4c187341f29516945c/python-magic-%s.tar.gz' % pv
-        result = runCmd('recipetool create -o %s %s' % (temprecipe, srcuri))
+        result = runCmd('recipetool create --no-pypi -o %s %s' % (temprecipe, srcuri))
         self.assertTrue(os.path.isfile(recipefile))
         checkvars = {}
         checkvars['LICENSE'] = set(['MIT'])
         checkvars['LIC_FILES_CHKSUM'] = 'file://LICENSE;md5=16a934f165e8c3245f241e77d401bb88'
         checkvars['SRC_URI'] = 'https://files.pythonhosted.org/packages/84/30/80932401906eaf787f2e9bd86dc458f1d2e75b064b4c187341f29516945c/python-magic-${PV}.tar.gz'
-        checkvars['SRC_URI[md5sum]'] = 'e384c95a47218f66c6501cd6dd45ff59'
         checkvars['SRC_URI[sha256sum]'] = 'f3765c0f582d2dfc72c15f3b5a82aecfae9498bd29ca840d72f37d7bd38bfcd5'
         inherits = ['setuptools3']
         self._test_recipe_contents(recipefile, checkvars, inherits)
 
-    def test_recipetool_create_python3_distutils(self):
-        # Test creating python3 package from tarball (using distutils3 class)
+    def test_recipetool_create_python3_setuptools_pypi_tarball(self):
+        # Test creating python3 package from tarball (using setuptools3 and pypi classes)
+        temprecipe = os.path.join(self.tempdir, 'recipe')
+        os.makedirs(temprecipe)
+        pn = 'python-magic'
+        pv = '0.4.15'
+        recipefile = os.path.join(temprecipe, '%s_%s.bb' % (pn, pv))
+        srcuri = 'https://files.pythonhosted.org/packages/84/30/80932401906eaf787f2e9bd86dc458f1d2e75b064b4c187341f29516945c/python-magic-%s.tar.gz' % pv
+        result = runCmd('recipetool create -o %s %s' % (temprecipe, srcuri))
+        self.assertTrue(os.path.isfile(recipefile))
+        checkvars = {}
+        checkvars['LICENSE'] = set(['MIT'])
+        checkvars['LIC_FILES_CHKSUM'] = 'file://LICENSE;md5=16a934f165e8c3245f241e77d401bb88'
+        checkvars['SRC_URI[sha256sum]'] = 'f3765c0f582d2dfc72c15f3b5a82aecfae9498bd29ca840d72f37d7bd38bfcd5'
+        checkvars['PYPI_PACKAGE'] = pn
+        inherits = ['setuptools3', 'pypi']
+        self._test_recipe_contents(recipefile, checkvars, inherits)
+
+    def test_recipetool_create_python3_setuptools_pypi(self):
+        # Test creating python3 package from pypi url (using setuptools3 and pypi classes)
+        # Intentionnaly using setuptools3 class here instead of any of the pep517 class
+        # to avoid the toml dependency and allows this test to run on host autobuilders
+        # with older version of python
         temprecipe = os.path.join(self.tempdir, 'recipe')
         os.makedirs(temprecipe)
-        pn = 'docutils'
-        pv = '0.14'
+        pn = 'python-magic'
+        pv = '0.4.15'
         recipefile = os.path.join(temprecipe, '%s_%s.bb' % (pn, pv))
-        srcuri = 'https://files.pythonhosted.org/packages/84/f4/5771e41fdf52aabebbadecc9381d11dea0fa34e4759b4071244fa094804c/docutils-%s.tar.gz' % pv
+        # First specify the required version in the url
+        srcuri = 'https://pypi.org/project/%s/%s' % (pn, pv)
+        runCmd('recipetool create -o %s %s' % (temprecipe, srcuri))
+        self.assertTrue(os.path.isfile(recipefile))
+        checkvars = {}
+        checkvars['LICENSE'] = set(['MIT'])
+        checkvars['LIC_FILES_CHKSUM'] = 'file://LICENSE;md5=16a934f165e8c3245f241e77d401bb88'
+        checkvars['SRC_URI[sha256sum]'] = 'f3765c0f582d2dfc72c15f3b5a82aecfae9498bd29ca840d72f37d7bd38bfcd5'
+        checkvars['PYPI_PACKAGE'] = pn
+        inherits = ['setuptools3', "pypi"]
+        self._test_recipe_contents(recipefile, checkvars, inherits)
+
+        # Now specify the version as a recipetool parameter
+        runCmd('rm -rf %s' % recipefile)
+        self.assertFalse(os.path.isfile(recipefile))
+        srcuri = 'https://pypi.org/project/%s' % pn
+        runCmd('recipetool create -o %s %s --version %s' % (temprecipe, srcuri, pv))
+        self.assertTrue(os.path.isfile(recipefile))
+        checkvars = {}
+        checkvars['LICENSE'] = set(['MIT'])
+        checkvars['LIC_FILES_CHKSUM'] = 'file://LICENSE;md5=16a934f165e8c3245f241e77d401bb88'
+        checkvars['SRC_URI[sha256sum]'] = 'f3765c0f582d2dfc72c15f3b5a82aecfae9498bd29ca840d72f37d7bd38bfcd5'
+        checkvars['PYPI_PACKAGE'] = pn
+        inherits = ['setuptools3', "pypi"]
+        self._test_recipe_contents(recipefile, checkvars, inherits)
+
+        # Now, try to grab latest version of the package, so we cannot guess the name of the recipe,
+        # unless hardcoding the latest version but it means we will need to update the test for each release,
+        # so use a regexp
+        runCmd('rm -rf %s' % recipefile)
+        self.assertFalse(os.path.isfile(recipefile))
+        recipefile_re = r'%s_(.*)\.bb' % pn
+        result = runCmd('recipetool create -o %s %s' % (temprecipe, srcuri))
+        dirlist = os.listdir(temprecipe)
+        if len(dirlist) > 1:
+            self.fail('recipetool created more than just one file; output:\n%s\ndirlist:\n%s' % (result.output, str(dirlist)))
+        if len(dirlist) < 1 or not os.path.isfile(os.path.join(temprecipe, dirlist[0])):
+            self.fail('recipetool did not create recipe file; output:\n%s\ndirlist:\n%s' % (result.output, str(dirlist)))
+        import re
+        match = re.match(recipefile_re, dirlist[0])
+        self.assertTrue(match)
+        latest_pv = match.group(1)
+        self.assertTrue(latest_pv != pv)
+        recipefile = os.path.join(temprecipe, '%s_%s.bb' % (pn, latest_pv))
+        # Do not check LIC_FILES_CHKSUM and SRC_URI checksum here to avoid having updating the test on each release
+        checkvars = {}
+        checkvars['LICENSE'] = set(['MIT'])
+        checkvars['PYPI_PACKAGE'] = pn
+        inherits = ['setuptools3', "pypi"]
+        self._test_recipe_contents(recipefile, checkvars, inherits)
+
+    def test_recipetool_create_python3_pep517_setuptools_build_meta(self):
+        # This test require python 3.11 or above for the tomllib module or tomli module to be installed
+        needTomllib(self)
+
+        # Test creating python3 package from tarball (using setuptools.build_meta class)
+        temprecipe = os.path.join(self.tempdir, 'recipe')
+        os.makedirs(temprecipe)
+        pn = 'webcolors'
+        pv = '1.13'
+        recipefile = os.path.join(temprecipe, 'python3-%s_%s.bb' % (pn, pv))
+        srcuri = 'https://files.pythonhosted.org/packages/a1/fb/f95560c6a5d4469d9c49e24cf1b5d4d21ffab5608251c6020a965fb7791c/%s-%s.tar.gz' % (pn, pv)
+        result = runCmd('recipetool create -o %s %s' % (temprecipe, srcuri))
+        self.assertTrue(os.path.isfile(recipefile))
+        checkvars = {}
+        checkvars['SUMMARY'] = 'A library for working with the color formats defined by HTML and CSS.'
+        checkvars['LICENSE'] = set(['BSD-3-Clause'])
+        checkvars['LIC_FILES_CHKSUM'] = 'file://LICENSE;md5=702b1ef12cf66832a88f24c8f2ee9c19'
+        checkvars['SRC_URI[sha256sum]'] = 'c225b674c83fa923be93d235330ce0300373d02885cef23238813b0d5668304a'
+        inherits = ['python_setuptools_build_meta', 'pypi']
+
+        self._test_recipe_contents(recipefile, checkvars, inherits)
+
+    def test_recipetool_create_python3_pep517_poetry_core_masonry_api(self):
+        # This test require python 3.11 or above for the tomllib module or tomli module to be installed
+        needTomllib(self)
+
+        # Test creating python3 package from tarball (using poetry.core.masonry.api class)
+        temprecipe = os.path.join(self.tempdir, 'recipe')
+        os.makedirs(temprecipe)
+        pn = 'iso8601'
+        pv = '2.1.0'
+        recipefile = os.path.join(temprecipe, 'python3-%s_%s.bb' % (pn, pv))
+        srcuri = 'https://files.pythonhosted.org/packages/b9/f3/ef59cee614d5e0accf6fd0cbba025b93b272e626ca89fb70a3e9187c5d15/%s-%s.tar.gz' % (pn, pv)
+        result = runCmd('recipetool create -o %s %s' % (temprecipe, srcuri))
+        self.assertTrue(os.path.isfile(recipefile))
+        checkvars = {}
+        checkvars['SUMMARY'] = 'Simple module to parse ISO 8601 dates'
+        checkvars['LICENSE'] = set(['MIT'])
+        checkvars['LIC_FILES_CHKSUM'] = 'file://LICENSE;md5=aab31f2ef7ba214a5a341eaa47a7f367'
+        checkvars['SRC_URI[sha256sum]'] = '6b1d3829ee8921c4301998c909f7829fa9ed3cbdac0d3b16af2d743aed1ba8df'
+        inherits = ['python_poetry_core', 'pypi']
+
+        self._test_recipe_contents(recipefile, checkvars, inherits)
+
+    def test_recipetool_create_python3_pep517_flit_core_buildapi(self):
+        # This test require python 3.11 or above for the tomllib module or tomli module to be installed
+        needTomllib(self)
+
+        # Test creating python3 package from tarball (using flit_core.buildapi class)
+        temprecipe = os.path.join(self.tempdir, 'recipe')
+        os.makedirs(temprecipe)
+        pn = 'typing-extensions'
+        pv = '4.8.0'
+        recipefile = os.path.join(temprecipe, 'python3-%s_%s.bb' % (pn, pv))
+        srcuri = 'https://files.pythonhosted.org/packages/1f/7a/8b94bb016069caa12fc9f587b28080ac33b4fbb8ca369b98bc0a4828543e/typing_extensions-%s.tar.gz' % pv
+        result = runCmd('recipetool create -o %s %s' % (temprecipe, srcuri))
+        self.assertTrue(os.path.isfile(recipefile))
+        checkvars = {}
+        checkvars['SUMMARY'] = 'Backported and Experimental Type Hints for Python 3.8+'
+        checkvars['LICENSE'] = set(['PSF-2.0'])
+        checkvars['LIC_FILES_CHKSUM'] = 'file://LICENSE;md5=fcf6b249c2641540219a727f35d8d2c2'
+        checkvars['SRC_URI[sha256sum]'] = 'df8e4339e9cb77357558cbdbceca33c303714cf861d1eef15e1070055ae8b7ef'
+        inherits = ['python_flit_core', 'pypi']
+
+        self._test_recipe_contents(recipefile, checkvars, inherits)
+
+    def test_recipetool_create_python3_pep517_hatchling(self):
+        # This test require python 3.11 or above for the tomllib module or tomli module to be installed
+        needTomllib(self)
+
+        # Test creating python3 package from tarball (using hatchling class)
+        temprecipe = os.path.join(self.tempdir, 'recipe')
+        os.makedirs(temprecipe)
+        pn = 'jsonschema'
+        pv = '4.19.1'
+        recipefile = os.path.join(temprecipe, 'python3-%s_%s.bb' % (pn, pv))
+        srcuri = 'https://files.pythonhosted.org/packages/e4/43/087b24516db11722c8687e0caf0f66c7785c0b1c51b0ab951dfde924e3f5/jsonschema-%s.tar.gz' % pv
+        result = runCmd('recipetool create -o %s %s' % (temprecipe, srcuri))
+        self.assertTrue(os.path.isfile(recipefile))
+        checkvars = {}
+        checkvars['SUMMARY'] = 'An implementation of JSON Schema validation for Python'
+        checkvars['HOMEPAGE'] = 'https://github.com/python-jsonschema/jsonschema'
+        checkvars['LICENSE'] = set(['MIT'])
+        checkvars['LIC_FILES_CHKSUM'] = 'file://COPYING;md5=7a60a81c146ec25599a3e1dabb8610a8 file://json/LICENSE;md5=9d4de43111d33570c8fe49b4cb0e01af'
+        checkvars['SRC_URI[sha256sum]'] = 'ec84cc37cfa703ef7cd4928db24f9cb31428a5d0fa77747b8b51a847458e0bbf'
+        inherits = ['python_hatchling', 'pypi']
+
+        self._test_recipe_contents(recipefile, checkvars, inherits)
+
+    def test_recipetool_create_python3_pep517_maturin(self):
+        # This test require python 3.11 or above for the tomllib module or tomli module to be installed
+        needTomllib(self)
+
+        # Test creating python3 package from tarball (using maturin class)
+        temprecipe = os.path.join(self.tempdir, 'recipe')
+        os.makedirs(temprecipe)
+        pn = 'pydantic-core'
+        pv = '2.14.5'
+        recipefile = os.path.join(temprecipe, 'python3-%s_%s.bb' % (pn, pv))
+        srcuri = 'https://files.pythonhosted.org/packages/64/26/cffb93fe9c6b5a91c497f37fae14a4b073ecbc47fc36a9979c7aa888b245/pydantic_core-%s.tar.gz' % pv
+        result = runCmd('recipetool create -o %s %s' % (temprecipe, srcuri))
+        self.assertTrue(os.path.isfile(recipefile))
+        checkvars = {}
+        checkvars['HOMEPAGE'] = 'https://github.com/pydantic/pydantic-core'
+        checkvars['LICENSE'] = set(['MIT'])
+        checkvars['LIC_FILES_CHKSUM'] = 'file://LICENSE;md5=ab599c188b4a314d2856b3a55030c75c'
+        checkvars['SRC_URI[sha256sum]'] = '6d30226dfc816dd0fdf120cae611dd2215117e4f9b124af8c60ab9093b6e8e71'
+        inherits = ['python_maturin', 'pypi']
+
+        self._test_recipe_contents(recipefile, checkvars, inherits)
+
+    def test_recipetool_create_python3_pep517_mesonpy(self):
+        # This test require python 3.11 or above for the tomllib module or tomli module to be installed
+        needTomllib(self)
+
+        # Test creating python3 package from tarball (using mesonpy class)
+        temprecipe = os.path.join(self.tempdir, 'recipe')
+        os.makedirs(temprecipe)
+        pn = 'siphash24'
+        pv = '1.4'
+        recipefile = os.path.join(temprecipe, 'python3-%s_%s.bb' % (pn, pv))
+        srcuri = 'https://files.pythonhosted.org/packages/c2/32/b934a70592f314afcfa86c7f7e388804a8061be65b822e2aa07e573b6477/%s-%s.tar.gz' % (pn, pv)
         result = runCmd('recipetool create -o %s %s' % (temprecipe, srcuri))
         self.assertTrue(os.path.isfile(recipefile))
         checkvars = {}
-        checkvars['LICENSE'] = set(['PSF', '&', 'BSD', 'GPL'])
-        checkvars['LIC_FILES_CHKSUM'] = 'file://COPYING.txt;md5=35a23d42b615470583563132872c97d6'
-        checkvars['SRC_URI'] = 'https://files.pythonhosted.org/packages/84/f4/5771e41fdf52aabebbadecc9381d11dea0fa34e4759b4071244fa094804c/docutils-${PV}.tar.gz'
-        checkvars['SRC_URI[md5sum]'] = 'c53768d63db3873b7d452833553469de'
-        checkvars['SRC_URI[sha256sum]'] = '51e64ef2ebfb29cae1faa133b3710143496eca21c530f3f71424d77687764274'
-        inherits = ['distutils3']
+        checkvars['SRC_URI[sha256sum]'] = '7fd65e39b2a7c8c4ddc3a168a687f4610751b0ac2ebb518783c0cdfc30bec4a0'
+        inherits = ['python_mesonpy', 'pypi']
+
         self._test_recipe_contents(recipefile, checkvars, inherits)
 
     def test_recipetool_create_github_tarball(self):
-        # Basic test to ensure github URL mangling doesn't apply to release tarballs
+        # Basic test to ensure github URL mangling doesn't apply to release tarballs.
+        # Deliberately use an older release of Meson at present so we don't need a toml parser.
         temprecipe = os.path.join(self.tempdir, 'recipe')
         os.makedirs(temprecipe)
-        pv = '0.32.0'
-        recipefile = os.path.join(temprecipe, 'meson_%s.bb' % pv)
+        pv = '0.52.1'
+        recipefile = os.path.join(temprecipe, 'python3-meson_%s.bb' % pv)
         srcuri = 'https://github.com/mesonbuild/meson/releases/download/%s/meson-%s.tar.gz' % (pv, pv)
         result = runCmd('recipetool create -o %s %s' % (temprecipe, srcuri))
         self.assertTrue(os.path.isfile(recipefile))
@@ -504,19 +719,93 @@ class RecipetoolTests(RecipetoolBase):
         inherits = ['setuptools3']
         self._test_recipe_contents(recipefile, checkvars, inherits)
 
-    def test_recipetool_create_git_http(self):
+    def _test_recipetool_create_git(self, srcuri, branch=None):
         # Basic test to check http git URL mangling works
         temprecipe = os.path.join(self.tempdir, 'recipe')
         os.makedirs(temprecipe)
-        recipefile = os.path.join(temprecipe, 'matchbox-terminal_git.bb')
-        srcuri = 'http://git.yoctoproject.org/git/matchbox-terminal'
-        result = runCmd('recipetool create -o %s %s' % (temprecipe, srcuri))
+        name = srcuri.split(';')[0].split('/')[-1]
+        recipefile = os.path.join(temprecipe, name + '_git.bb')
+        options = ' -B %s' % branch if branch else ''
+        result = runCmd('recipetool create -o %s%s "%s"' % (temprecipe, options, srcuri))
         self.assertTrue(os.path.isfile(recipefile))
         checkvars = {}
-        checkvars['LICENSE'] = set(['GPLv2'])
-        checkvars['SRC_URI'] = 'git://git.yoctoproject.org/git/matchbox-terminal;protocol=http'
-        inherits = ['pkgconfig', 'autotools']
+        checkvars['SRC_URI'] = srcuri
+        for scheme in ['http', 'https']:
+            if srcuri.startswith(scheme + ":"):
+                checkvars['SRC_URI'] = 'git%s;protocol=%s' % (srcuri[len(scheme):], scheme)
+        if ';branch=' not in srcuri:
+            checkvars['SRC_URI'] += ';branch=' + (branch or 'master')
+        self._test_recipe_contents(recipefile, checkvars, [])
+
+    def test_recipetool_create_git_http(self):
+        self._test_recipetool_create_git('http://git.yoctoproject.org/git/matchbox-keyboard')
+
+    def test_recipetool_create_git_srcuri_master(self):
+        self._test_recipetool_create_git('git://git.yoctoproject.org/matchbox-keyboard;branch=master;protocol=https')
+
+    def test_recipetool_create_git_srcuri_branch(self):
+        self._test_recipetool_create_git('git://git.yoctoproject.org/matchbox-keyboard;branch=matchbox-keyboard-0-1;protocol=https')
+
+    def test_recipetool_create_git_srcbranch(self):
+        self._test_recipetool_create_git('git://git.yoctoproject.org/matchbox-keyboard;protocol=https', 'matchbox-keyboard-0-1')
+
+    def _go_urifiy(self, url, version, modulepath = None, pathmajor = None, subdir = None):
+        modulepath = ",path='%s'" % modulepath if len(modulepath) else ''
+        pathmajor = ",pathmajor='%s'" % pathmajor if len(pathmajor) else ''
+        subdir = ",subdir='%s'" % subdir if len(subdir) else ''
+        return "${@go_src_uri('%s','%s'%s%s%s)}" % (url, version, modulepath, pathmajor, subdir)
+
+    def test_recipetool_create_go(self):
+        # Basic test to check go recipe generation
+        self.maxDiff = None
+
+        temprecipe = os.path.join(self.tempdir, 'recipe')
+        os.makedirs(temprecipe)
+
+        recipefile = os.path.join(temprecipe, 'recipetool-go-test_git.bb')
+
+        srcuri = 'https://git.yoctoproject.org/recipetool-go-test.git'
+        srcrev = "c3e213c01b6c1406b430df03ef0d1ae77de5d2f7"
+        srcbranch = "main"
+
+        result = runCmd('recipetool create -o %s %s -S %s -B %s' % (temprecipe, srcuri, srcrev, srcbranch))
+
+        inherits = ['go-mod', 'go-mod-update-modules']
+
+        checkvars = {}
+        checkvars['GO_IMPORT'] = "git.yoctoproject.org/recipetool-go-test"
+        checkvars['SRC_URI'] = {'git://${GO_IMPORT};protocol=https;nobranch=1;destsuffix=${GO_SRCURI_DESTSUFFIX}'}
+        checkvars['LIC_FILES_CHKSUM'] = {
+            'file://src/${GO_IMPORT}/LICENSE;md5=4e3933dd47afbf115e484d11385fb3bd',
+            'file://src/${GO_IMPORT}/is/LICENSE;md5=62beaee5a116dd1e80161667b1df39ab'
+        }
+
         self._test_recipe_contents(recipefile, checkvars, inherits)
+        self.assertNotIn('Traceback', result.output)
+
+        lics_require_file = os.path.join(temprecipe, 'recipetool-go-test-licenses.inc')
+        self.assertFileExists(lics_require_file)
+        checkvars = {}
+        checkvars['LIC_FILES_CHKSUM'] = {'file://pkg/mod/github.com/godbus/dbus/v5@v5.1.0/LICENSE;md5=09042bd5c6c96a2b9e45ddf1bc517eed;spdx=BSD-2-Clause'}
+        self._test_recipe_contents(lics_require_file, checkvars, [])
+
+        deps_require_file = os.path.join(temprecipe, 'recipetool-go-test-go-mods.inc')
+        self.assertFileExists(deps_require_file)
+        checkvars = {}
+        checkvars['SRC_URI'] = {'gomod://github.com/godbus/dbus/v5;version=v5.1.0;sha256sum=03dfa8e71089a6f477310d15c4d3a036d82d028532881b50fee254358e782ad9'}
+        self._test_recipe_contents(deps_require_file, checkvars, [])
+
+class RecipetoolTests(RecipetoolBase):
+
+    @classmethod
+    def setUpClass(cls):
+        import sys
+
+        super(RecipetoolTests, cls).setUpClass()
+        bb_vars = get_bb_vars(['BBPATH'])
+        cls.bbpath = bb_vars['BBPATH']
+        libpath = os.path.join(get_bb_var('COREBASE'), 'scripts', 'lib', 'recipetool')
+        sys.path.insert(0, libpath)
 
     def _copy_file_with_cleanup(self, srcfile, basedstdir, *paths):
         dstdir = basedstdir
@@ -524,7 +813,15 @@ class RecipetoolTests(RecipetoolBase):
         for p in paths:
             dstdir = os.path.join(dstdir, p)
             if not os.path.exists(dstdir):
-                os.makedirs(dstdir)
+                try:
+                    os.makedirs(dstdir)
+                except PermissionError:
+                    return False
+                except OSError as e:
+                    if e.errno == errno.EROFS:
+                        return False
+                    else:
+                        raise e
                 if p == "lib":
                     # Can race with other tests
                     self.add_command_to_tearDown('rmdir --ignore-fail-on-non-empty %s' % dstdir)
@@ -532,8 +829,12 @@ class RecipetoolTests(RecipetoolBase):
                     self.track_for_cleanup(dstdir)
         dstfile = os.path.join(dstdir, os.path.basename(srcfile))
         if srcfile != dstfile:
-            shutil.copy(srcfile, dstfile)
+            try:
+                shutil.copy(srcfile, dstfile)
+            except PermissionError:
+                return False
             self.track_for_cleanup(dstfile)
+        return True
 
     def test_recipetool_load_plugin(self):
         """Test that recipetool loads only the first found plugin in BBPATH."""
@@ -547,20 +848,148 @@ class RecipetoolTests(RecipetoolBase):
             plugincontent = fh.readlines()
         try:
             self.assertIn('meta-selftest', srcfile, 'wrong bbpath plugin found')
-            for path in searchpath:
-                self._copy_file_with_cleanup(srcfile, path, 'lib', 'recipetool')
+            searchpath = [
+                path for path in searchpath
+                if self._copy_file_with_cleanup(srcfile, path, 'lib', 'recipetool')
+            ]
             result = runCmd("recipetool --quiet count")
             self.assertEqual(result.output, '1')
             result = runCmd("recipetool --quiet multiloaded")
             self.assertEqual(result.output, "no")
             for path in searchpath:
                 result = runCmd("recipetool --quiet bbdir")
-                self.assertEqual(result.output, path)
+                self.assertEqual(os.path.realpath(result.output), os.path.realpath(path))
                 os.unlink(os.path.join(result.output, 'lib', 'recipetool', 'bbpath.py'))
         finally:
             with open(srcfile, 'w') as fh:
                 fh.writelines(plugincontent)
 
+    def test_recipetool_handle_license_vars(self):
+        from create import handle_license_vars
+        from unittest.mock import Mock
+
+        commonlicdir = get_bb_var('COMMON_LICENSE_DIR')
+
+        class DataConnectorCopy(bb.tinfoil.TinfoilDataStoreConnector):
+            pass
+
+        d = DataConnectorCopy
+        d.getVar = Mock(return_value=commonlicdir)
+        d.expand = Mock(side_effect=lambda x: x)
+
+        srctree = tempfile.mkdtemp(prefix='recipetoolqa')
+        self.track_for_cleanup(srctree)
+
+        # Multiple licenses
+        licenses = ['MIT', 'ISC', 'BSD-3-Clause', 'Apache-2.0']
+        for licence in licenses:
+            shutil.copy(os.path.join(commonlicdir, licence), os.path.join(srctree, 'LICENSE.' + licence))
+        # Duplicate license
+        shutil.copy(os.path.join(commonlicdir, 'MIT'), os.path.join(srctree, 'LICENSE'))
+
+        extravalues = {
+            # Duplicate and missing licenses
+            'LICENSE': 'Zlib & BSD-2-Clause & Zlib',
+            'LIC_FILES_CHKSUM': [
+                'file://README.md;md5=0123456789abcdef0123456789abcd'
+            ]
+        }
+        lines_before = []
+        handled = []
+        licvalues = handle_license_vars(srctree, lines_before, handled, extravalues, d)
+        expected_lines_before = [
+            '# WARNING: the following LICENSE and LIC_FILES_CHKSUM values are best guesses - it is',
+            '# your responsibility to verify that the values are complete and correct.',
+            '# NOTE: Original package / source metadata indicates license is: BSD-2-Clause & Zlib',
+            '#',
+            '# NOTE: multiple licenses have been detected; they have been separated with &',
+            '# in the LICENSE value for now since it is a reasonable assumption that all',
+            '# of the licenses apply. If instead there is a choice between the multiple',
+            '# licenses then you should change the value to separate the licenses with |',
+            '# instead of &. If there is any doubt, check the accompanying documentation',
+            '# to determine which situation is applicable.',
+            'LICENSE = "Apache-2.0 & BSD-2-Clause & BSD-3-Clause & ISC & MIT & Zlib"',
+            'LIC_FILES_CHKSUM = "file://LICENSE;md5=0835ade698e0bcf8506ecda2f7b4f302 \\\n'
+            '                    file://LICENSE.Apache-2.0;md5=89aea4e17d99a7cacdbeed46a0096b10 \\\n'
+            '                    file://LICENSE.BSD-3-Clause;md5=550794465ba0ec5312d6919e203a55f9 \\\n'
+            '                    file://LICENSE.ISC;md5=f3b90e78ea0cffb20bf5cca7947a896d \\\n'
+            '                    file://LICENSE.MIT;md5=0835ade698e0bcf8506ecda2f7b4f302 \\\n'
+            '                    file://README.md;md5=0123456789abcdef0123456789abcd"',
+            ''
+        ]
+        self.assertEqual(lines_before, expected_lines_before)
+        expected_licvalues = [
+            ('MIT', 'LICENSE', '0835ade698e0bcf8506ecda2f7b4f302'),
+            ('Apache-2.0', 'LICENSE.Apache-2.0', '89aea4e17d99a7cacdbeed46a0096b10'),
+            ('BSD-3-Clause', 'LICENSE.BSD-3-Clause', '550794465ba0ec5312d6919e203a55f9'),
+            ('ISC', 'LICENSE.ISC', 'f3b90e78ea0cffb20bf5cca7947a896d'),
+            ('MIT', 'LICENSE.MIT', '0835ade698e0bcf8506ecda2f7b4f302')
+        ]
+        self.assertEqual(handled, [('license', expected_licvalues)])
+        self.assertEqual(extravalues, {})
+        self.assertEqual(licvalues, expected_licvalues)
+
+
+    def test_recipetool_split_pkg_licenses(self):
+        from create import split_pkg_licenses
+        licvalues = [
+            # Duplicate licenses
+            ('BSD-2-Clause', 'x/COPYING', None),
+            ('BSD-2-Clause', 'x/LICENSE', None),
+            # Multiple licenses
+            ('MIT', 'x/a/LICENSE.MIT', None),
+            ('ISC', 'x/a/LICENSE.ISC', None),
+            # Alternative licenses
+            ('(MIT | ISC)', 'x/b/LICENSE', None),
+            # Alternative licenses without brackets
+            ('MIT | BSD-2-Clause', 'x/c/LICENSE', None),
+            # Multi licenses with alternatives
+            ('MIT', 'x/d/COPYING', None),
+            ('MIT | BSD-2-Clause', 'x/d/LICENSE', None),
+            # Multi licenses with alternatives and brackets
+            ('Apache-2.0 & ((MIT | ISC) & BSD-3-Clause)', 'x/e/LICENSE', None)
+        ]
+        packages = {
+            '${PN}': '',
+            'a': 'x/a',
+            'b': 'x/b',
+            'c': 'x/c',
+            'd': 'x/d',
+            'e': 'x/e',
+            'f': 'x/f',
+            'g': 'x/g',
+        }
+        fallback_licenses = {
+            # Ignored
+            'a': 'BSD-3-Clause',
+            # Used
+            'f': 'BSD-3-Clause'
+        }
+        outlines = []
+        outlicenses = split_pkg_licenses(licvalues, packages, outlines, fallback_licenses)
+        expected_outlicenses = {
+            '${PN}': ['BSD-2-Clause'],
+            'a': ['ISC', 'MIT'],
+            'b': ['(ISC | MIT)'],
+            'c': ['(BSD-2-Clause | MIT)'],
+            'd': ['(BSD-2-Clause | MIT)', 'MIT'],
+            'e': ['(ISC | MIT)', 'Apache-2.0', 'BSD-3-Clause'],
+            'f': ['BSD-3-Clause'],
+            'g': ['Unknown']
+        }
+        self.assertEqual(outlicenses, expected_outlicenses)
+        expected_outlines = [
+            'LICENSE:${PN} = "BSD-2-Clause"',
+            'LICENSE:a = "ISC & MIT"',
+            'LICENSE:b = "(ISC | MIT)"',
+            'LICENSE:c = "(BSD-2-Clause | MIT)"',
+            'LICENSE:d = "(BSD-2-Clause | MIT) & MIT"',
+            'LICENSE:e = "(ISC | MIT) & Apache-2.0 & BSD-3-Clause"',
+            'LICENSE:f = "BSD-3-Clause"',
+            'LICENSE:g = "Unknown"'
+        ]
+        self.assertEqual(outlines, expected_outlines)
+
 
 class RecipetoolAppendsrcBase(RecipetoolBase):
     def _try_recipetool_appendsrcfile(self, testrecipe, newfile, destfile, options, expectedlines, expectedfiles):
@@ -593,9 +1022,9 @@ class RecipetoolAppendsrcBase(RecipetoolBase):
         for uri in src_uri:
             p = urllib.parse.urlparse(uri)
             if p.scheme == 'file':
-                return p.netloc + p.path
+                return p.netloc + p.path, uri
 
-    def _test_appendsrcfile(self, testrecipe, filename=None, destdir=None, has_src_uri=True, srcdir=None, newfile=None, options=''):
+    def _test_appendsrcfile(self, testrecipe, filename=None, destdir=None, has_src_uri=True, srcdir=None, newfile=None, remove=None, machine=None , options=''):
         if newfile is None:
             newfile = self.testfile
 
@@ -620,14 +1049,42 @@ class RecipetoolAppendsrcBase(RecipetoolBase):
             else:
                 destpath = '.' + os.sep
 
-        expectedlines = ['FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"\n',
+        expectedlines = ['FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"\n',
                          '\n']
+
+        override = ""
+        if machine:
+            options += ' -m %s' % machine
+            override = ':append:%s' % machine
+            expectedlines.extend(['PACKAGE_ARCH = "${MACHINE_ARCH}"\n',
+                                  '\n'])
+
+        if remove:
+            for entry in remove:
+                if machine:
+                    entry_remove_line = 'SRC_URI:remove:%s = " %s"\n' % (machine, entry)
+                else:
+                    entry_remove_line = 'SRC_URI:remove = "%s"\n' % entry
+
+                expectedlines.extend([entry_remove_line,
+                                       '\n'])
+
         if has_src_uri:
             uri = 'file://%s' % filename
             if expected_subdir:
                 uri += ';subdir=%s' % expected_subdir
-            expectedlines[0:0] = ['SRC_URI += "%s"\n' % uri,
-                                  '\n']
+            if machine:
+                src_uri_line = 'SRC_URI%s = " %s"\n' % (override, uri)
+            else:
+                src_uri_line = 'SRC_URI += "%s"\n' % uri
+
+            expectedlines.extend([src_uri_line, '\n'])
+
+        with open("/tmp/tmp.txt", "w") as file:
+            print(expectedlines, file=file)
+
+        if machine:
+            filename = '%s/%s' % (machine, filename)
 
         return self._try_recipetool_appendsrcfile(testrecipe, newfile, destpath, options, expectedlines, [filename])
 
@@ -674,34 +1131,62 @@ class RecipetoolAppendsrcTests(RecipetoolAppendsrcBase):
 
     def test_recipetool_appendsrcfile_srcdir_basic(self):
         testrecipe = 'bash'
-        bb_vars = get_bb_vars(['S', 'WORKDIR'], testrecipe)
+        bb_vars = get_bb_vars(['S', 'UNPACKDIR'], testrecipe)
         srcdir = bb_vars['S']
-        workdir = bb_vars['WORKDIR']
-        subdir = os.path.relpath(srcdir, workdir)
+        unpackdir = bb_vars['UNPACKDIR']
+        subdir = os.path.relpath(srcdir, unpackdir)
         self._test_appendsrcfile(testrecipe, 'a-file', srcdir=subdir)
 
     def test_recipetool_appendsrcfile_existing_in_src_uri(self):
         testrecipe = 'base-files'
-        filepath = self._get_first_file_uri(testrecipe)
+        filepath,_  = self._get_first_file_uri(testrecipe)
         self.assertTrue(filepath, 'Unable to test, no file:// uri found in SRC_URI for %s' % testrecipe)
         self._test_appendsrcfile(testrecipe, filepath, has_src_uri=False)
 
-    def test_recipetool_appendsrcfile_existing_in_src_uri_diff_params(self):
+    def test_recipetool_appendsrcfile_existing_in_src_uri_diff_params(self, machine=None):
         testrecipe = 'base-files'
         subdir = 'tmp'
-        filepath = self._get_first_file_uri(testrecipe)
+        filepath, srcuri_entry = self._get_first_file_uri(testrecipe)
         self.assertTrue(filepath, 'Unable to test, no file:// uri found in SRC_URI for %s' % testrecipe)
 
-        output = self._test_appendsrcfile(testrecipe, filepath, subdir, has_src_uri=False)
-        self.assertTrue(any('with different parameters' in l for l in output))
+        self._test_appendsrcfile(testrecipe, filepath, subdir, machine=machine, remove=[srcuri_entry])
+
+    def test_recipetool_appendsrcfile_machine(self):
+        # A very basic test
+        self._test_appendsrcfile('base-files', 'a-file', machine='mymachine')
+
+        # Force cleaning the output of previous test
+        self.tearDownLocal()
+
+        # A more complex test: existing entry in src_uri with different param
+        self.test_recipetool_appendsrcfile_existing_in_src_uri_diff_params(machine='mymachine')
+
+    def test_recipetool_appendsrcfile_update_recipe_basic(self):
+        testrecipe = "mtd-utils-selftest"
+        recipefile = get_bb_var('FILE', testrecipe)
+        self.assertIn('meta-selftest', recipefile, 'This test expect %s recipe to be in meta-selftest')
+        cmd = 'recipetool appendsrcfile -W -u meta-selftest %s %s' % (testrecipe, self.testfile)
+        result = runCmd(cmd)
+        self.assertNotIn('Traceback', result.output)
+        self.add_command_to_tearDown('cd %s; rm -f %s/%s; git checkout .' % (os.path.dirname(recipefile), testrecipe, os.path.basename(self.testfile)))
+
+        expected_status = [(' M', '.*/%s$' % os.path.basename(recipefile)),
+                           ('??', '.*/%s/%s$' % (testrecipe, os.path.basename(self.testfile)))]
+        self._check_repo_status(os.path.dirname(recipefile), expected_status)
+        result = runCmd('git diff %s' % os.path.basename(recipefile), cwd=os.path.dirname(recipefile))
+        removelines = []
+        addlines = [
+            'file://%s \\\\' % os.path.basename(self.testfile),
+        ]
+        self._check_diff(result.output, addlines, removelines)
 
     def test_recipetool_appendsrcfile_replace_file_srcdir(self):
         testrecipe = 'bash'
         filepath = 'Makefile.in'
-        bb_vars = get_bb_vars(['S', 'WORKDIR'], testrecipe)
+        bb_vars = get_bb_vars(['S', 'UNPACKDIR'], testrecipe)
         srcdir = bb_vars['S']
-        workdir = bb_vars['WORKDIR']
-        subdir = os.path.relpath(srcdir, workdir)
+        unpackdir = bb_vars['UNPACKDIR']
+        subdir = os.path.relpath(srcdir, unpackdir)
 
         self._test_appendsrcfile(testrecipe, filepath, srcdir=subdir)
         bitbake('%s:do_unpack' % testrecipe)
diff --git a/meta/lib/oeqa/selftest/cases/recipeutils.py b/meta/lib/oeqa/selftest/cases/recipeutils.py
index 747870383b..e697fd2920 100644
--- a/meta/lib/oeqa/selftest/cases/recipeutils.py
+++ b/meta/lib/oeqa/selftest/cases/recipeutils.py
@@ -1,15 +1,13 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
-import os
-import re
-import time
-import logging
 import bb.tinfoil
 
 from oeqa.selftest.case import OESelftestTestCase
-from oeqa.utils.commands import runCmd, get_test_layer
+from oeqa.utils.commands import get_test_layer
 
 
 def setUpModule():
@@ -40,7 +38,7 @@ class RecipeUtilsTests(OESelftestTestCase):
  SUMMARY = "Python framework to process interdependent tasks in a pool of workers"
  HOMEPAGE = "http://github.com/gitpython-developers/async"
  SECTION = "devel/python"
--LICENSE = "BSD"
+-LICENSE = "BSD-3-Clause"
 +LICENSE = "something"
  LIC_FILES_CHKSUM = "file://PKG-INFO;beginline=8;endline=8;md5=88df8e78b9edfd744953862179f2d14e"
  
@@ -52,7 +50,7 @@ class RecipeUtilsTests(OESelftestTestCase):
 +SRC_URI[md5sum] = "aaaaaa"
  SRC_URI[sha256sum] = "ac6894d876e45878faae493b0cf61d0e28ec417334448ac0a6ea2229d8343051"
  
- RDEPENDS_${PN} += "${PYTHON_PN}-threading"
+ RDEPENDS:${PN} += "python3-threading"
 """
         patchlines = []
         for f in patches:
@@ -74,13 +72,13 @@ class RecipeUtilsTests(OESelftestTestCase):
         expected_patch = """
 --- a/recipes-test/recipeutils/recipeutils-test_1.2.bb
 +++ b/recipes-test/recipeutils/recipeutils-test_1.2.bb
-@@ -8,6 +8,4 @@
+@@ -10,6 +10,4 @@
  
  BBCLASSEXTEND = "native nativesdk"
  
 -SRC_URI += "file://somefile"
 -
- SRC_URI_append = " file://anotherfile"
+ SRC_URI:append = " file://anotherfile"
 """
         patchlines = []
         for f in patches:
@@ -99,13 +97,13 @@ class RecipeUtilsTests(OESelftestTestCase):
         expected_patch = """
 --- a/recipes-test/recipeutils/recipeutils-test_1.2.bb
 +++ b/recipes-test/recipeutils/recipeutils-test_1.2.bb
-@@ -8,6 +8,3 @@
+@@ -10,6 +10,3 @@
  
  BBCLASSEXTEND = "native nativesdk"
  
 -SRC_URI += "file://somefile"
 -
--SRC_URI_append = " file://anotherfile"
+-SRC_URI:append = " file://anotherfile"
 """
         patchlines = []
         for f in patches:
diff --git a/meta/lib/oeqa/selftest/cases/reproducible.py b/meta/lib/oeqa/selftest/cases/reproducible.py
index 0d0259477e..f06027cb03 100644
--- a/meta/lib/oeqa/selftest/cases/reproducible.py
+++ b/meta/lib/oeqa/selftest/cases/reproducible.py
@@ -9,35 +9,13 @@ import bb.utils
 import functools
 import multiprocessing
 import textwrap
-import json
-import unittest
 import tempfile
 import shutil
 import stat
 import os
 import datetime
 
-# For sample packages, see:
-# https://autobuilder.yocto.io/pub/repro-fail/oe-reproducible-20201127-0t7wr_oo/
-# https://autobuilder.yocto.io/pub/repro-fail/oe-reproducible-20201127-4s9ejwyp/
-# https://autobuilder.yocto.io/pub/repro-fail/oe-reproducible-20201127-haiwdlbr/
-# https://autobuilder.yocto.io/pub/repro-fail/oe-reproducible-20201127-hwds3mcl/
-# https://autobuilder.yocto.io/pub/repro-fail/oe-reproducible-20201203-sua0pzvc/
-# (both packages/ and packages-excluded/)
-
-# ruby-ri-docs, meson:
-#https://autobuilder.yocto.io/pub/repro-fail/oe-reproducible-20210215-0_td9la2/packages/diff-html/
 exclude_packages = [
-        'glide',
-        'go-dep',
-        'go-helloworld',
-        'go-runtime',
-        'go_',
-        'go-',
-        'meson',
-        'ovmf-shell-efi',
-        'perf',
-        'ruby-ri-docs'
         ]
 
 def is_excluded(package):
@@ -65,13 +43,14 @@ class CompareResult(object):
         return (self.status, self.test) < (other.status, other.test)
 
 class PackageCompareResults(object):
-    def __init__(self):
+    def __init__(self, exclusions):
         self.total = []
         self.missing = []
         self.different = []
         self.different_excluded = []
         self.same = []
         self.active_exclusions = set()
+        exclude_packages.extend((exclusions or "").split())
 
     def add_result(self, r):
         self.total.append(r)
@@ -118,8 +97,11 @@ def compare_file(reference, test, diffutils_sysroot):
     result.status = SAME
     return result
 
-def run_diffoscope(a_dir, b_dir, html_dir, **kwargs):
-    return runCmd(['diffoscope', '--no-default-limits', '--exclude-directory-metadata', 'yes', '--html-dir', html_dir, a_dir, b_dir],
+def run_diffoscope(a_dir, b_dir, html_dir, max_report_size=0, max_diff_block_lines=1024, max_diff_block_lines_saved=0, **kwargs):
+    return runCmd(['diffoscope', '--no-default-limits', '--max-report-size', str(max_report_size),
+                   '--max-diff-block-lines-saved', str(max_diff_block_lines_saved),
+                   '--max-diff-block-lines', str(max_diff_block_lines),
+                   '--exclude-directory-metadata', 'yes', '--html-dir', html_dir, a_dir, b_dir],
                 **kwargs)
 
 class DiffoscopeTests(OESelftestTestCase):
@@ -149,10 +131,21 @@ class ReproducibleTests(OESelftestTestCase):
 
     package_classes = ['deb', 'ipk', 'rpm']
 
+    # Maximum report size, in bytes
+    max_report_size = 250 * 1024 * 1024
+
+    # Maximum diff blocks size, in lines
+    max_diff_block_lines = 1024
+    # Maximum diff blocks size (saved in memory), in lines
+    max_diff_block_lines_saved = max_diff_block_lines
+
     # targets are the things we want to test the reproducibility of
-    targets = ['core-image-minimal', 'core-image-sato', 'core-image-full-cmdline', 'core-image-weston', 'world']
+    # Have to add the virtual targets manually for now as builds may or may not include them as they're exclude from world
+    targets = ['core-image-minimal', 'core-image-sato', 'core-image-full-cmdline', 'core-image-weston', 'world', 'virtual/librpc', 'virtual/libsdl2', 'virtual/crypt']
+
     # sstate targets are things to pull from sstate to potentially cut build/debugging time
     sstate_targets = []
+
     save_results = False
     if 'OEQA_DEBUGGING_SAVED_OUTPUT' in os.environ:
         save_results = os.environ['OEQA_DEBUGGING_SAVED_OUTPUT']
@@ -167,20 +160,40 @@ class ReproducibleTests(OESelftestTestCase):
 
     def setUpLocal(self):
         super().setUpLocal()
-        needed_vars = ['TOPDIR', 'TARGET_PREFIX', 'BB_NUMBER_THREADS']
+        needed_vars = [
+            'TOPDIR',
+            'TARGET_PREFIX',
+            'BB_NUMBER_THREADS',
+            'BB_HASHSERVE',
+            'OEQA_REPRODUCIBLE_TEST_PACKAGE',
+            'OEQA_REPRODUCIBLE_TEST_TARGET',
+            'OEQA_REPRODUCIBLE_TEST_SSTATE_TARGETS',
+            'OEQA_REPRODUCIBLE_EXCLUDED_PACKAGES',
+            'OEQA_REPRODUCIBLE_TEST_LEAF_TARGETS',
+        ]
         bb_vars = get_bb_vars(needed_vars)
         for v in needed_vars:
             setattr(self, v.lower(), bb_vars[v])
 
+        if bb_vars['OEQA_REPRODUCIBLE_TEST_PACKAGE']:
+            self.package_classes = bb_vars['OEQA_REPRODUCIBLE_TEST_PACKAGE'].split()
+
+        if bb_vars['OEQA_REPRODUCIBLE_TEST_TARGET'] or bb_vars['OEQA_REPRODUCIBLE_TEST_LEAF_TARGETS']:
+            self.targets = (bb_vars['OEQA_REPRODUCIBLE_TEST_TARGET'] or "").split() + (bb_vars['OEQA_REPRODUCIBLE_TEST_LEAF_TARGETS'] or "").split()
+
+        if bb_vars['OEQA_REPRODUCIBLE_TEST_SSTATE_TARGETS']:
+            self.sstate_targets = bb_vars['OEQA_REPRODUCIBLE_TEST_SSTATE_TARGETS'].split()
+
+        if bb_vars['OEQA_REPRODUCIBLE_TEST_LEAF_TARGETS']:
+            # Setup to build every DEPENDS of leaf recipes using sstate
+            for leaf_recipe in bb_vars['OEQA_REPRODUCIBLE_TEST_LEAF_TARGETS'].split():
+                self.sstate_targets.extend(get_bb_var('DEPENDS', leaf_recipe).split())
+
         self.extraresults = {}
-        self.extraresults.setdefault('reproducible.rawlogs', {})['log'] = ''
         self.extraresults.setdefault('reproducible', {}).setdefault('files', {})
 
-    def append_to_log(self, msg):
-        self.extraresults['reproducible.rawlogs']['log'] += msg
-
     def compare_packages(self, reference_dir, test_dir, diffutils_sysroot):
-        result = PackageCompareResults()
+        result = PackageCompareResults(self.oeqa_reproducible_excluded_packages)
 
         old_cwd = os.getcwd()
         try:
@@ -205,7 +218,7 @@ class ReproducibleTests(OESelftestTestCase):
 
     def write_package_list(self, package_class, name, packages):
         self.extraresults['reproducible']['files'].setdefault(package_class, {})[name] = [
-                {'reference': p.reference, 'test': p.test} for p in packages]
+                p.reference.split("/./")[1] for p in packages]
 
     def copy_file(self, source, dest):
         bb.utils.mkdirhier(os.path.dirname(dest))
@@ -217,14 +230,11 @@ class ReproducibleTests(OESelftestTestCase):
         tmpdir = os.path.join(self.topdir, name, 'tmp')
         if os.path.exists(tmpdir):
             bb.utils.remove(tmpdir, recurse=True)
-
         config = textwrap.dedent('''\
-            INHERIT += "reproducible_build"
             PACKAGE_CLASSES = "{package_classes}"
-            INHIBIT_PACKAGE_STRIP = "1"
             TMPDIR = "{tmpdir}"
-            LICENSE_FLAGS_WHITELIST = "commercial"
-            DISTRO_FEATURES_append = ' systemd pam'
+            LICENSE_FLAGS_ACCEPTED = "commercial"
+            DISTRO_FEATURES:append = ' pam'
             USERADDEXTENSION = "useradd-staticids"
             USERADD_ERROR_DYNAMIC = "skip"
             USERADD_UID_TABLES += "files/static-passwd"
@@ -232,25 +242,70 @@ class ReproducibleTests(OESelftestTestCase):
             ''').format(package_classes=' '.join('package_%s' % c for c in self.package_classes),
                         tmpdir=tmpdir)
 
+        # Export BB_CONSOLELOG to the calling function and make it constant to
+        # avoid a case where bitbake would get a timestamp-based filename but
+        # oe-selftest would, later, get another.
+        capture_vars.append("BB_CONSOLELOG")
+        config += 'BB_CONSOLELOG = "${LOG_DIR}/cooker/${MACHINE}/console.log"\n'
+
+        # We want different log files for each build, but a persistent bitbake
+        # may reuse the previous log file so restart the bitbake server.
+        bitbake("--kill-server")
+
+        def print_condensed_error_log(logs, context_lines=10, tail_lines=20):
+            """Prints errors with context and the end of the log."""
+
+            logs = logs.split("\n")
+            for i, line in enumerate(logs):
+                if line.startswith("ERROR"):
+                    self.logger.info("Found ERROR (line %d):" % (i + 1))
+                    for l in logs[i-context_lines:i+context_lines]:
+                        self.logger.info("      " + l)
+
+            self.logger.info("End of log:")
+            for l in logs[-tail_lines:]:
+                self.logger.info("      " + l)
+
+        bitbake_failure_count = 0
         if not use_sstate:
             if self.sstate_targets:
                self.logger.info("Building prebuild for %s (sstate allowed)..." % (name))
                self.write_config(config)
-               bitbake(' '.join(self.sstate_targets))
+               try:
+                   bitbake("--continue "+' '.join(self.sstate_targets))
+               except AssertionError as e:
+                   bitbake_failure_count += 1
+                   self.logger.error("Bitbake failed! but keep going... Log:")
+                   print_condensed_error_log(str(e))
 
             # This config fragment will disable using shared and the sstate
             # mirror, forcing a complete build from scratch
             config += textwrap.dedent('''\
                 SSTATE_DIR = "${TMPDIR}/sstate"
-                SSTATE_MIRRORS = ""
+                SSTATE_MIRRORS = "file://.*/.*-native.*  http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH file://.*/.*-cross.*  http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH"
                 ''')
 
         self.logger.info("Building %s (sstate%s allowed)..." % (name, '' if use_sstate else ' NOT'))
         self.write_config(config)
         d = get_bb_vars(capture_vars)
-        # targets used to be called images
-        bitbake(' '.join(getattr(self, 'images', self.targets)))
-        return d
+        try:
+            # targets used to be called images
+            bitbake("--continue "+' '.join(getattr(self, 'images', self.targets)))
+        except AssertionError as e:
+            bitbake_failure_count += 1
+            self.logger.error("Bitbake failed! but keep going... Log:")
+            print_condensed_error_log(str(e))
+
+            # The calling function expects the existence of the deploy
+            # directories containing the packages.
+            # If bitbake failed to create them, do it manually
+            for c in self.package_classes:
+                deploy = d['DEPLOY_DIR_' + c.upper()]
+                if not os.path.exists(deploy):
+                    self.logger.info("Manually creating %s" % deploy)
+                    bb.utils.mkdirhier(deploy)
+
+        return (d, bitbake_failure_count)
 
     def test_reproducible_builds(self):
         def strip_topdir(s):
@@ -272,15 +327,30 @@ class ReproducibleTests(OESelftestTestCase):
             os.chmod(save_dir, stat.S_IRWXU | stat.S_IRGRP | stat.S_IXGRP | stat.S_IROTH | stat.S_IXOTH)
             self.logger.info('Non-reproducible packages will be copied to %s', save_dir)
 
-        vars_A = self.do_test_build('reproducibleA', self.build_from_sstate)
+        # The below bug shows that a few reproducible issues are depends on build dir path length.
+        # https://bugzilla.yoctoproject.org/show_bug.cgi?id=15554
+        # So, the reproducibleA & reproducibleB directories are changed to reproducibleA & reproducibleB-extended to have different size.
 
-        vars_B = self.do_test_build('reproducibleB', False)
+        fails = []
+        vars_list = [None, None]
+
+        for i, (name, use_sstate) in enumerate(
+                                 (('reproducibleA', self.build_from_sstate),
+                                 ('reproducibleB-extended', False))):
+            (variables, bitbake_failure_count) = self.do_test_build(name, use_sstate)
+            if bitbake_failure_count > 0:
+                self.logger.error('%s build failed. Trying to compute built packages differences but the test will fail.' % name)
+                fails.append("Bitbake %s failure" % name)
+                if self.save_results:
+                    failure_log_path = os.path.join(save_dir, "bitbake-%s.log" % name)
+                    self.logger.info('Failure log for %s will be copied to %s'% (name, failure_log_path))
+                    self.copy_file(variables["BB_CONSOLELOG"], failure_log_path)
+            vars_list[i] = variables
 
+        vars_A, vars_B = vars_list
         # NOTE: The temp directories from the reproducible build are purposely
         # kept after the build so it can be diffed for debugging.
 
-        fails = []
-
         for c in self.package_classes:
             with self.subTest(package_class=c):
                 package_class = 'package_' + c
@@ -293,8 +363,6 @@ class ReproducibleTests(OESelftestTestCase):
 
                 self.logger.info('Reproducibility summary for %s: %s' % (c, result))
 
-                self.append_to_log('\n'.join("%s: %s" % (r.status, r.test) for r in result.total))
-
                 self.write_package_list(package_class, 'missing', result.missing)
                 self.write_package_list(package_class, 'different', result.different)
                 self.write_package_list(package_class, 'different_excluded', result.different_excluded)
@@ -309,9 +377,13 @@ class ReproducibleTests(OESelftestTestCase):
                         self.copy_file(d.reference, '/'.join([save_dir, 'packages-excluded', strip_topdir(d.reference)]))
                         self.copy_file(d.test, '/'.join([save_dir, 'packages-excluded', strip_topdir(d.test)]))
 
-                if result.missing or result.different:
-                    fails.append("The following %s packages are missing or different and not in exclusion list: %s" %
-                            (c, '\n'.join(r.test for r in (result.missing + result.different))))
+                if result.different:
+                    fails.append("The following %s packages are different and not in exclusion list:\n%s" %
+                            (c, '\n'.join(r.test for r in (result.different))))
+
+                if result.missing and len(self.sstate_targets) == 0:
+                    fails.append("The following %s packages are missing and not in exclusion list:\n%s" %
+                            (c, '\n'.join(r.test for r in (result.missing))))
 
         # Clean up empty directories
         if self.save_results:
@@ -325,7 +397,9 @@ class ReproducibleTests(OESelftestTestCase):
                 # Copy jquery to improve the diffoscope output usability
                 self.copy_file(os.path.join(jquery_sysroot, 'usr/share/javascript/jquery/jquery.min.js'), os.path.join(package_html_dir, 'jquery.js'))
 
-                run_diffoscope('reproducibleA', 'reproducibleB', package_html_dir,
+                run_diffoscope('reproducibleA', 'reproducibleB-extended', package_html_dir, max_report_size=self.max_report_size,
+                        max_diff_block_lines_saved=self.max_diff_block_lines_saved,
+                        max_diff_block_lines=self.max_diff_block_lines,
                         native_sysroot=diffoscope_sysroot, ignore_status=True, cwd=package_dir)
 
         if fails:
diff --git a/meta/lib/oeqa/selftest/cases/resulttooltests.py b/meta/lib/oeqa/selftest/cases/resulttooltests.py
index dac5c46801..c3303f3fbb 100644
--- a/meta/lib/oeqa/selftest/cases/resulttooltests.py
+++ b/meta/lib/oeqa/selftest/cases/resulttooltests.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -69,7 +71,7 @@ class ResultToolTests(OESelftestTestCase):
         self.assertTrue('target_result1' in results['runtime/mydistro/qemux86/image'], msg="Pair not correct:%s" % results)
         self.assertTrue('target_result3' in results['runtime/mydistro/qemux86-64/image'], msg="Pair not correct:%s" % results)
 
-    def test_regrresion_can_get_regression_result(self):
+    def test_regression_can_get_regression_result(self):
         base_result_data = {'result': {'test1': {'status': 'PASSED'},
                                        'test2': {'status': 'PASSED'},
                                        'test3': {'status': 'FAILED'},
@@ -96,3 +98,278 @@ class ResultToolTests(OESelftestTestCase):
         resultutils.append_resultsdata(results, ResultToolTests.target_results_data, configmap=resultutils.flatten_map)
         self.assertEqual(len(results[''].keys()), 5, msg="Flattened results not correct %s" % str(results))
 
+    def test_results_without_metadata_can_be_compared(self):
+        base_configuration = {"configuration": {
+            "TEST_TYPE": "oeselftest",
+            "TESTSERIES": "series1",
+            "IMAGE_BASENAME": "image",
+            "IMAGE_PKGTYPE": "ipk",
+            "DISTRO": "mydistro",
+            "MACHINE": "qemux86",
+            "STARTTIME": 1672527600
+        }, "result": {}}
+        target_configuration = {"configuration": {
+                                "TEST_TYPE": "oeselftest",
+                                "TESTSERIES": "series1",
+                                "IMAGE_BASENAME": "image",
+                                "IMAGE_PKGTYPE": "ipk",
+                                "DISTRO": "mydistro",
+                                "MACHINE": "qemux86",
+                                "STARTTIME": 1672527600
+                                }, "result": {}}
+        self.assertTrue(regression.can_be_compared(self.logger, base_configuration, target_configuration),
+                        msg="incorrect metadata filtering, tests without metadata should be compared")
+
+    def test_target_result_with_missing_metadata_can_not_be_compared(self):
+        base_configuration = {"configuration": {
+            "TEST_TYPE": "oeselftest",
+            "TESTSERIES": "series1",
+            "IMAGE_BASENAME": "image",
+            "IMAGE_PKGTYPE": "ipk",
+            "DISTRO": "mydistro",
+            "MACHINE": "qemux86",
+            "OESELFTEST_METADATA": {
+                "run_all_tests": True,
+                "run_tests": None,
+                "skips": None,
+                "machine": None,
+                "select_tags": ["toolchain-user", "toolchain-system"],
+                "exclude_tags": None
+            }}, "result": {}}
+        target_configuration = {"configuration": {"TEST_TYPE": "oeselftest",
+                                "TESTSERIES": "series1",
+                                                  "IMAGE_BASENAME": "image",
+                                                  "IMAGE_PKGTYPE": "ipk",
+                                                  "DISTRO": "mydistro",
+                                                  "MACHINE": "qemux86",
+                                                  "STARTTIME": 1672527600
+                                                  }, "result": {}}
+        self.assertFalse(regression.can_be_compared(self.logger, base_configuration, target_configuration),
+                         msg="incorrect metadata filtering, tests should not be compared")
+
+    def test_results_with_matching_metadata_can_be_compared(self):
+        base_configuration = {"configuration": {
+            "TEST_TYPE": "oeselftest",
+            "TESTSERIES": "series1",
+            "IMAGE_BASENAME": "image",
+            "IMAGE_PKGTYPE": "ipk",
+                             "DISTRO": "mydistro",
+                             "MACHINE": "qemux86",
+            "STARTTIME": 1672527600,
+                             "OESELFTEST_METADATA": {"run_all_tests": True,
+                                                     "run_tests": None,
+                                                     "skips": None,
+                                                     "machine": None,
+                                                     "select_tags": ["toolchain-user", "toolchain-system"],
+                                                     "exclude_tags": None}
+        }, "result": {}}
+        target_configuration = {"configuration": {
+            "TEST_TYPE": "oeselftest",
+            "TESTSERIES": "series1",
+            "IMAGE_BASENAME": "image",
+            "IMAGE_PKGTYPE": "ipk",
+            "DISTRO": "mydistro",
+            "MACHINE": "qemux86",
+                                "STARTTIME": 1672527600,
+                                "OESELFTEST_METADATA": {"run_all_tests": True,
+                                                        "run_tests": None,
+                                                        "skips": None,
+                                                        "machine": None,
+                                                        "select_tags": ["toolchain-user", "toolchain-system"],
+                                                        "exclude_tags": None}
+                                }, "result": {}}
+        self.assertTrue(regression.can_be_compared(self.logger, base_configuration, target_configuration),
+                        msg="incorrect metadata filtering, tests with matching metadata should be compared")
+
+    def test_results_with_mismatching_metadata_can_not_be_compared(self):
+        base_configuration = {"configuration": {
+            "TEST_TYPE": "oeselftest",
+            "TESTSERIES": "series1",
+            "IMAGE_BASENAME": "image",
+            "IMAGE_PKGTYPE": "ipk",
+            "DISTRO": "mydistro",
+            "MACHINE": "qemux86",
+            "STARTTIME": 1672527600,
+            "OESELFTEST_METADATA": {"run_all_tests": True,
+                                    "run_tests": None,
+                                    "skips": None,
+                                    "machine": None,
+                                    "select_tags": ["toolchain-user", "toolchain-system"],
+                                    "exclude_tags": None}
+        }, "result": {}}
+        target_configuration = {"configuration": {
+            "TEST_TYPE": "oeselftest",
+            "TESTSERIES": "series1",
+            "IMAGE_BASENAME": "image",
+            "IMAGE_PKGTYPE": "ipk",
+            "DISTRO": "mydistro",
+            "MACHINE": "qemux86",
+                                "STARTTIME": 1672527600,
+                                "OESELFTEST_METADATA": {"run_all_tests": True,
+                                                        "run_tests": None,
+                                                        "skips": None,
+                                                        "machine": None,
+                                                        "select_tags": ["machine"],
+                                                        "exclude_tags": None}
+                                }, "result": {}}
+        self.assertFalse(regression.can_be_compared(self.logger, base_configuration, target_configuration),
+                         msg="incorrect metadata filtering, tests with mismatching metadata should not be compared")
+
+    def test_metadata_matching_is_only_checked_for_relevant_test_type(self):
+        base_configuration = {"configuration": {"TEST_TYPE": "runtime",
+                              "TESTSERIES": "series1",
+                                                "IMAGE_BASENAME": "image",
+                                                "IMAGE_PKGTYPE": "ipk",
+                                                "DISTRO": "mydistro",
+                                                "MACHINE": "qemux86",
+                                                "STARTTIME": 1672527600,
+                                                "OESELFTEST_METADATA": {"run_all_tests": True,
+                                                                        "run_tests": None,
+                                                                        "skips": None,
+                                                                        "machine": None,
+                                                                        "select_tags": ["toolchain-user", "toolchain-system"],
+                                                                        "exclude_tags": None}}, "result": {}}
+        target_configuration = {"configuration": {"TEST_TYPE": "runtime",
+                                "TESTSERIES": "series1",
+                                                  "IMAGE_BASENAME": "image",
+                                                  "IMAGE_PKGTYPE": "ipk",
+                                                  "DISTRO": "mydistro",
+                                                  "MACHINE": "qemux86",
+                                                  "STARTTIME": 1672527600,
+                                                  "OESELFTEST_METADATA": {"run_all_tests": True,
+                                                                          "run_tests": None,
+                                                                          "skips": None,
+                                                                          "machine": None,
+                                                                          "select_tags": ["machine"],
+                                                                          "exclude_tags": None}}, "result": {}}
+        self.assertTrue(regression.can_be_compared(self.logger, base_configuration, target_configuration),
+                        msg="incorrect metadata filtering, %s tests should be compared" % base_configuration['configuration']['TEST_TYPE'])
+
+    def test_machine_matches(self):
+        base_configuration = {"configuration": {
+            "TEST_TYPE": "runtime",
+            "MACHINE": "qemux86"}, "result": {}}
+        target_configuration = {"configuration": {
+            "TEST_TYPE": "runtime",
+            "MACHINE": "qemux86"
+        }, "result": {}}
+        self.assertTrue(regression.can_be_compared(self.logger, base_configuration, target_configuration),
+                        msg="incorrect machine filtering, identical machine tests should be compared")
+
+    def test_machine_mismatches(self):
+        base_configuration = {"configuration": {
+            "TEST_TYPE": "runtime",
+            "MACHINE": "qemux86"
+        }, "result": {}}
+        target_configuration = {"configuration": {
+            "TEST_TYPE": "runtime",
+            "MACHINE": "qemux86_64"
+        }, "result": {}}
+        self.assertFalse(regression.can_be_compared(self.logger, base_configuration, target_configuration),
+                         msg="incorrect machine filtering, mismatching machine tests should not be compared")
+
+    def test_can_not_compare_non_ltp_tests(self):
+        base_configuration = {"configuration": {
+            "TEST_TYPE": "runtime",
+            "MACHINE": "qemux86"
+        }, "result": {
+            "ltpresult_foo": {
+                "status": "PASSED"
+            }}}
+        target_configuration = {"configuration": {
+            "TEST_TYPE": "runtime",
+            "MACHINE": "qemux86_64"
+        }, "result": {
+            "bar": {
+                "status": "PASSED"
+            }}}
+        self.assertFalse(regression.can_be_compared(self.logger, base_configuration, target_configuration),
+                         msg="incorrect ltpresult filtering, mismatching ltpresult content should not be compared")
+
+    def test_can_compare_ltp_tests(self):
+        base_configuration = {"configuration": {
+            "TEST_TYPE": "runtime",
+            "MACHINE": "qemux86"
+        }, "result": {
+            "ltpresult_foo": {
+                "status": "PASSED"
+            }}}
+        target_configuration = {"configuration": {
+            "TEST_TYPE": "runtime",
+            "MACHINE": "qemux86"
+        }, "result": {
+            "ltpresult_foo": {
+                "status": "PASSED"
+            }}}
+        self.assertTrue(regression.can_be_compared(self.logger, base_configuration, target_configuration),
+                        msg="incorrect ltpresult filtering, matching ltpresult content should be compared")
+
+    def test_can_match_non_static_ptest_names(self):
+        base_configuration = {"a": {
+            "conf_X": {
+                "configuration": {
+                    "TEST_TYPE": "runtime",
+                    "MACHINE": "qemux86"
+                }, "result": {
+                    "ptestresult.lttng-tools.foo_-_bar_-_moo": {
+                        "status": "PASSED"
+                    },
+                    "ptestresult.babeltrace.bar_-_moo_-_foo": {
+                        "status": "PASSED"
+                    },
+                    "ptestresult.babeltrace2.moo_-_foo_-_bar": {
+                        "status": "PASSED"
+                    },
+                    "ptestresult.curl.test_0000__foo_out_of_bar": {
+                        "status": "PASSED"
+                    },
+                    "ptestresult.dbus.test_0000__foo_out_of_bar,_remaining:_00:02,_took_0.032s,_duration:_03:32_": {
+                        "status": "PASSED"
+                    },
+                    "ptestresult.binutils-ld.in testcase /foo/build-st-bar/moo/ctf.exp": {
+                        "status": "PASSED"
+                    },
+                    "ptestresult.gcc-libstdc++-v3.Couldn't create remote directory /tmp/runtest.30975 on target": {
+                        "status": "PASSED"
+                    },
+                    "ptestresult.gcc-libgomp.Couldn't create remote directory /tmp/runtest.3657621 on": {
+                        "status": "PASSED"
+                    }
+                }}}}
+        target_configuration = {"a": {
+            "conf_Y": {
+                "configuration": {
+                    "TEST_TYPE": "runtime",
+                    "MACHINE": "qemux86"
+                }, "result": {
+                    "ptestresult.lttng-tools.foo_-_yyy_-_zzz": {
+                        "status": "PASSED"
+                    },
+                    "ptestresult.babeltrace.bar_-_zzz_-_xxx": {
+                        "status": "PASSED"
+                    },
+                    "ptestresult.babeltrace2.moo_-_xxx_-_yyy": {
+                        "status": "PASSED"
+                    },
+                    "ptestresult.curl.test_0000__xxx_out_of_yyy": {
+                        "status": "PASSED"
+                    },
+                    "ptestresult.dbus.test_0000__yyy_out_of_zzz,_remaining:_00:03,_took_0.034s,_duration:_03:30_": {
+                        "status": "PASSED"
+                    },
+                    "ptestresult.binutils-ld.in testcase /xxx/build-st-yyy/zzz/ctf.exp": {
+                        "status": "PASSED"
+                    },
+                    "ptestresult.gcc-libstdc++-v3.Couldn't create remote directory /tmp/runtest.45678 on target": {
+                        "status": "PASSED"
+                    },
+                    "ptestresult.gcc-libgomp.Couldn't create remote directory /tmp/runtest.3657621 on": {
+                        "status": "PASSED"
+                    }
+                }}}}
+        regression.fixup_ptest_names(base_configuration, self.logger)
+        regression.fixup_ptest_names(target_configuration, self.logger)
+        result, resultstring = regression.compare_result(
+            self.logger, "A", "B", base_configuration["a"]["conf_X"], target_configuration["a"]["conf_Y"])
+        self.assertDictEqual(
+            result, {}, msg=f"ptests should be compared: {resultstring}")
diff --git a/meta/lib/oeqa/selftest/cases/retain.py b/meta/lib/oeqa/selftest/cases/retain.py
new file mode 100644
index 0000000000..892be45857
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/retain.py
@@ -0,0 +1,241 @@
+# Tests for retain.bbclass
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+import os
+import glob
+import fnmatch
+import oe.path
+import shutil
+import tarfile
+from oeqa.utils.commands import bitbake, get_bb_vars
+from oeqa.selftest.case import OESelftestTestCase
+
+class Retain(OESelftestTestCase):
+
+    def test_retain_always(self):
+        """
+        Summary:     Test retain class with RETAIN_DIRS_ALWAYS
+        Expected:    Archive written to RETAIN_OUTDIR when build of test recipe completes
+        Product:     oe-core
+        Author:      Paul Eggleton <paul.eggleton@microsoft.com>
+        """
+
+        test_recipe = 'quilt-native'
+
+        features = 'INHERIT += "retain"\n'
+        features += 'RETAIN_DIRS_ALWAYS = "${T}"\n'
+        self.write_config(features)
+
+        bitbake('-c clean %s' % test_recipe)
+
+        bb_vars = get_bb_vars(['RETAIN_OUTDIR', 'TMPDIR'])
+        retain_outdir = bb_vars['RETAIN_OUTDIR'] or ''
+        tmpdir = bb_vars['TMPDIR']
+        if len(retain_outdir) < 5:
+            self.fail('RETAIN_OUTDIR value "%s" is invalid' % retain_outdir)
+        if not oe.path.is_path_parent(tmpdir, retain_outdir):
+            self.fail('RETAIN_OUTDIR (%s) is not underneath TMPDIR (%s)' % (retain_outdir, tmpdir))
+        try:
+            shutil.rmtree(retain_outdir)
+        except FileNotFoundError:
+            pass
+
+        bitbake(test_recipe)
+        if not glob.glob(os.path.join(retain_outdir, '%s_temp_*.tar.gz' % test_recipe)):
+            self.fail('No output archive for %s created' % test_recipe)
+
+
+    def test_retain_failure(self):
+        """
+        Summary:     Test retain class default behaviour
+        Expected:    Archive written to RETAIN_OUTDIR only when build of test
+                     recipe fails, and archive contents are as expected
+        Product:     oe-core
+        Author:      Paul Eggleton <paul.eggleton@microsoft.com>
+        """
+
+        test_recipe_fail = 'error'
+
+        features = 'INHERIT += "retain"\n'
+        self.write_config(features)
+
+        bb_vars = get_bb_vars(['RETAIN_OUTDIR', 'TMPDIR', 'RETAIN_DIRS_ALWAYS', 'RETAIN_DIRS_GLOBAL_ALWAYS'])
+        if bb_vars['RETAIN_DIRS_ALWAYS']:
+            self.fail('RETAIN_DIRS_ALWAYS is set, this interferes with the test')
+        if bb_vars['RETAIN_DIRS_GLOBAL_ALWAYS']:
+            self.fail('RETAIN_DIRS_GLOBAL_ALWAYS is set, this interferes with the test')
+        retain_outdir = bb_vars['RETAIN_OUTDIR'] or ''
+        tmpdir = bb_vars['TMPDIR']
+        if len(retain_outdir) < 5:
+            self.fail('RETAIN_OUTDIR value "%s" is invalid' % retain_outdir)
+        if not oe.path.is_path_parent(tmpdir, retain_outdir):
+            self.fail('RETAIN_OUTDIR (%s) is not underneath TMPDIR (%s)' % (retain_outdir, tmpdir))
+
+        try:
+            shutil.rmtree(retain_outdir)
+        except FileNotFoundError:
+            pass
+
+        bitbake('-c clean %s' % test_recipe_fail)
+
+        if os.path.exists(retain_outdir):
+            retain_dirlist = os.listdir(retain_outdir)
+            if retain_dirlist:
+                self.fail('RETAIN_OUTDIR should be empty without failure, contents:\n%s' % '\n'.join(retain_dirlist))
+
+        result = bitbake('-c compile %s' % test_recipe_fail, ignore_status=True)
+        if result.status == 0:
+            self.fail('Build of %s did not fail as expected' % test_recipe_fail)
+
+        archives = glob.glob(os.path.join(retain_outdir, '%s_*.tar.gz' % test_recipe_fail))
+        if not archives:
+            self.fail('No output archive for %s created' % test_recipe_fail)
+        if len(archives) > 1:
+            self.fail('More than one archive for %s created' % test_recipe_fail)
+        for archive in archives:
+            found = False
+            archive_prefix = os.path.basename(archive).split('.tar')[0]
+            expected_prefix_start = '%s_workdir' % test_recipe_fail
+            if not archive_prefix.startswith(expected_prefix_start):
+                self.fail('Archive %s name does not start with expected prefix "%s"' % (os.path.basename(archive), expected_prefix_start))
+            with tarfile.open(archive) as tf:
+                for ti in tf:
+                    if not fnmatch.fnmatch(ti.name, '%s/*' % archive_prefix):
+                        self.fail('File without tarball-named subdirectory within tarball %s: %s' % (os.path.basename(archive), ti.name))
+                    if ti.name.endswith('/temp/log.do_compile'):
+                        found = True
+            if not found:
+                self.fail('Did not find log.do_compile in output archive %s' % os.path.basename(archive))
+
+
+    def test_retain_global(self):
+        """
+        Summary:     Test retain class RETAIN_DIRS_GLOBAL_* behaviour
+        Expected:    Ensure RETAIN_DIRS_GLOBAL_ALWAYS always causes an
+                     archive to be created, and RETAIN_DIRS_GLOBAL_FAILURE
+                     only causes an archive to be created on failure.
+                     Also test archive naming (with : character) as an
+                     added bonus.
+        Product:     oe-core
+        Author:      Paul Eggleton <paul.eggleton@microsoft.com>
+        """
+
+        test_recipe = 'quilt-native'
+        test_recipe_fail = 'error'
+
+        features = 'INHERIT += "retain"\n'
+        features += 'RETAIN_DIRS_GLOBAL_ALWAYS = "${LOG_DIR};prefix=buildlogs"\n'
+        features += 'RETAIN_DIRS_GLOBAL_FAILURE = "${STAMPS_DIR}"\n'
+        self.write_config(features)
+
+        bitbake('-c clean %s' % test_recipe)
+
+        bb_vars = get_bb_vars(['RETAIN_OUTDIR', 'TMPDIR', 'STAMPS_DIR'])
+        retain_outdir = bb_vars['RETAIN_OUTDIR'] or ''
+        tmpdir = bb_vars['TMPDIR']
+        if len(retain_outdir) < 5:
+            self.fail('RETAIN_OUTDIR value "%s" is invalid' % retain_outdir)
+        if not oe.path.is_path_parent(tmpdir, retain_outdir):
+            self.fail('RETAIN_OUTDIR (%s) is not underneath TMPDIR (%s)' % (retain_outdir, tmpdir))
+        try:
+            shutil.rmtree(retain_outdir)
+        except FileNotFoundError:
+            pass
+
+        # Test success case
+        bitbake(test_recipe)
+        if not glob.glob(os.path.join(retain_outdir, 'buildlogs_*.tar.gz')):
+            self.fail('No output archive for LOG_DIR created')
+        stamps_dir = bb_vars['STAMPS_DIR']
+        if glob.glob(os.path.join(retain_outdir, '%s_*.tar.gz' % os.path.basename(stamps_dir))):
+            self.fail('Output archive for STAMPS_DIR created when it should not have been')
+
+        # Test failure case
+        result = bitbake('-c compile %s' % test_recipe_fail, ignore_status=True)
+        if result.status == 0:
+            self.fail('Build of %s did not fail as expected' % test_recipe_fail)
+        if not glob.glob(os.path.join(retain_outdir, '%s_*.tar.gz' % os.path.basename(stamps_dir))):
+            self.fail('Output archive for STAMPS_DIR not created')
+        if len(glob.glob(os.path.join(retain_outdir, 'buildlogs_*.tar.gz'))) != 2:
+            self.fail('Should be exactly two buildlogs archives in output dir')
+
+
+    def test_retain_misc(self):
+        """
+        Summary:     Test retain class with RETAIN_ENABLED and RETAIN_TARBALL_SUFFIX
+        Expected:    Archive written to RETAIN_OUTDIR only when RETAIN_ENABLED is set
+                     and archive contents are as expected. Also test archive naming
+                     (with : character) as an added bonus.
+        Product:     oe-core
+        Author:      Paul Eggleton <paul.eggleton@microsoft.com>
+        """
+
+        test_recipe_fail = 'error'
+
+        features = 'INHERIT += "retain"\n'
+        features += 'RETAIN_DIRS_ALWAYS = "${T}"\n'
+        features += 'RETAIN_ENABLED = "0"\n'
+        self.write_config(features)
+
+        bb_vars = get_bb_vars(['RETAIN_OUTDIR', 'TMPDIR'])
+        retain_outdir = bb_vars['RETAIN_OUTDIR'] or ''
+        tmpdir = bb_vars['TMPDIR']
+        if len(retain_outdir) < 5:
+            self.fail('RETAIN_OUTDIR value "%s" is invalid' % retain_outdir)
+        if not oe.path.is_path_parent(tmpdir, retain_outdir):
+            self.fail('RETAIN_OUTDIR (%s) is not underneath TMPDIR (%s)' % (retain_outdir, tmpdir))
+
+        try:
+            shutil.rmtree(retain_outdir)
+        except FileNotFoundError:
+            pass
+
+        bitbake('-c clean %s' % test_recipe_fail)
+        result = bitbake('-c compile %s' % test_recipe_fail, ignore_status=True)
+        if result.status == 0:
+            self.fail('Build of %s did not fail as expected' % test_recipe_fail)
+
+        if os.path.exists(retain_outdir) and os.listdir(retain_outdir):
+            self.fail('RETAIN_OUTDIR should be empty with RETAIN_ENABLED = "0"')
+
+        features = 'INHERIT += "retain"\n'
+        features += 'RETAIN_DIRS_ALWAYS = "${T};prefix=recipelogs"\n'
+        features += 'RETAIN_TARBALL_SUFFIX = "${DATETIME}-testsuffix.tar.bz2"\n'
+        features += 'RETAIN_ENABLED = "1"\n'
+        self.write_config(features)
+
+        result = bitbake('-c compile %s' % test_recipe_fail, ignore_status=True)
+        if result.status == 0:
+            self.fail('Build of %s did not fail as expected' % test_recipe_fail)
+
+        archives = glob.glob(os.path.join(retain_outdir, '%s_*-testsuffix.tar.bz2' % test_recipe_fail))
+        if not archives:
+            self.fail('No output archive for %s created' % test_recipe_fail)
+        if len(archives) != 2:
+            self.fail('Two archives for %s expected, but %d exist' % (test_recipe_fail, len(archives)))
+        recipelogs_found = False
+        workdir_found = False
+        for archive in archives:
+            contents_found = False
+            archive_prefix = os.path.basename(archive).split('.tar')[0]
+            if archive_prefix.startswith('%s_recipelogs' % test_recipe_fail):
+                recipelogs_found = True
+            if archive_prefix.startswith('%s_workdir' % test_recipe_fail):
+                workdir_found = True
+            with tarfile.open(archive, 'r:bz2') as tf:
+                for ti in tf:
+                    if not fnmatch.fnmatch(ti.name, '%s/*' % (archive_prefix)):
+                        self.fail('File without tarball-named subdirectory within tarball %s: %s' % (os.path.basename(archive), ti.name))
+                    if ti.name.endswith('/log.do_compile'):
+                        contents_found = True
+            if not contents_found:
+                # Both archives should contain this file
+                self.fail('Did not find log.do_compile in output archive %s' % os.path.basename(archive))
+        if not recipelogs_found:
+            self.fail('No archive with expected "recipelogs" prefix found')
+        if not workdir_found:
+            self.fail('No archive with expected "workdir" prefix found')
diff --git a/meta/lib/oeqa/selftest/cases/rootfspostcommandstests.py b/meta/lib/oeqa/selftest/cases/rootfspostcommandstests.py
new file mode 100644
index 0000000000..44e2c09a6f
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/rootfspostcommandstests.py
@@ -0,0 +1,97 @@
+# SPDX-FileCopyrightText: Huawei Inc.
+#
+# SPDX-License-Identifier: MIT
+
+import os
+import oe
+import unittest
+from oeqa.selftest.case import OESelftestTestCase
+from oeqa.utils.commands import bitbake, get_bb_vars
+
+class ShadowUtilsTidyFiles(OESelftestTestCase):
+    """
+    Check if shadow image rootfs files are tidy.
+
+    The tests are focused on testing the functionality provided by the
+    'tidy_shadowutils_files' rootfs postprocess command (via
+    SORT_PASSWD_POSTPROCESS_COMMAND).
+    """
+
+    def sysconf_build(self):
+        """
+        Verify if shadow tidy files tests are to be run and if yes, build a
+        test image and return its sysconf rootfs path.
+        """
+
+        test_image = "core-image-minimal"
+
+        config = 'IMAGE_CLASSES += "extrausers"\n'
+        config += 'EXTRA_USERS_PARAMS = "groupadd -g 1000 oeqatester; "\n'
+        config += 'EXTRA_USERS_PARAMS += "useradd -p \'\' -u 1000 -N -g 1000 oeqatester; "\n'
+        self.write_config(config)
+
+        vars = get_bb_vars(("IMAGE_ROOTFS", "SORT_PASSWD_POSTPROCESS_COMMAND", "sysconfdir"),
+            test_image)
+        passwd_postprocess_cmd = vars["SORT_PASSWD_POSTPROCESS_COMMAND"]
+        self.assertIsNotNone(passwd_postprocess_cmd)
+        if (passwd_postprocess_cmd.strip() != 'tidy_shadowutils_files;'):
+            raise unittest.SkipTest("Testcase skipped as 'tidy_shadowutils_files' "
+                "rootfs post process command is not the set SORT_PASSWD_POSTPROCESS_COMMAND.")
+
+        rootfs = vars["IMAGE_ROOTFS"]
+        self.assertIsNotNone(rootfs)
+        sysconfdir = vars["sysconfdir"]
+        bitbake(test_image)
+        self.assertIsNotNone(sysconfdir)
+
+        return oe.path.join(rootfs, sysconfdir)
+
+    def test_shadowutils_backup_files(self):
+        """
+        Test that the rootfs doesn't include any known shadow backup files.
+        """
+
+        backup_files = (
+            'group-',
+            'gshadow-',
+            'passwd-',
+            'shadow-',
+            'subgid-',
+            'subuid-',
+        )
+
+        rootfs_sysconfdir = self.sysconf_build()
+        found = []
+        for backup_file in backup_files:
+            backup_filepath = oe.path.join(rootfs_sysconfdir, backup_file)
+            if os.path.exists(backup_filepath):
+                found.append(backup_file)
+        if (found):
+            raise Exception('The following shadow backup files were found in '
+                'the rootfs: %s' % found)
+
+    def test_shadowutils_sorted_files(self):
+        """
+        Test that the 'passwd' and the 'group' shadow utils files are ordered
+        by ID.
+        """
+
+        files = (
+            'passwd',
+            'group',
+        )
+
+        rootfs_sysconfdir = self.sysconf_build()
+        unsorted = []
+        for file in files:
+            filepath = oe.path.join(rootfs_sysconfdir, file)
+            with open(filepath, 'rb') as f:
+                ids = []
+                lines = f.readlines()
+                for line in lines:
+                    entries = line.split(b':')
+                    ids.append(int(entries[2]))
+            if (ids != sorted(ids)):
+                unsorted.append(file)
+        if (unsorted):
+            raise Exception("The following files were not sorted by ID as expected: %s" % unsorted)
diff --git a/meta/lib/oeqa/selftest/cases/rpmtests.py b/meta/lib/oeqa/selftest/cases/rpmtests.py
new file mode 100644
index 0000000000..902d7dca3d
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/rpmtests.py
@@ -0,0 +1,14 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+from oeqa.selftest.case import OESelftestTestCase
+from oeqa.utils.commands import bitbake
+
+class BitbakeTests(OESelftestTestCase):
+
+    def test_rpm_filenames(self):
+        test_recipe = "testrpm"
+        bitbake(test_recipe)
diff --git a/meta/lib/oeqa/selftest/cases/runcmd.py b/meta/lib/oeqa/selftest/cases/runcmd.py
index fa6113d7fa..70047ca0ca 100644
--- a/meta/lib/oeqa/selftest/cases/runcmd.py
+++ b/meta/lib/oeqa/selftest/cases/runcmd.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -27,8 +29,8 @@ class RunCmdTests(OESelftestTestCase):
 
     # The delta is intentionally smaller than the timeout, to detect cases where
     # we incorrectly apply the timeout more than once.
-    TIMEOUT = 5
-    DELTA = 3
+    TIMEOUT = 10
+    DELTA = 8
 
     def test_result_okay(self):
         result = runCmd("true")
@@ -56,11 +58,11 @@ class RunCmdTests(OESelftestTestCase):
         self.assertEqual(result.status, 0)
 
     def test_result_assertion(self):
-        self.assertRaisesRegexp(AssertionError, "Command 'echo .* false' returned non-zero exit status 1:\nfoobar",
+        self.assertRaisesRegex(AssertionError, "Command 'echo .* false' returned non-zero exit status 1:\nfoobar",
                                 runCmd, "echo foobar >&2; false", shell=True)
 
     def test_result_exception(self):
-        self.assertRaisesRegexp(CommandError, "Command 'echo .* false' returned non-zero exit status 1 with output: foobar",
+        self.assertRaisesRegex(CommandError, "Command 'echo .* false' returned non-zero exit status 1 with output: foobar",
                                 runCmd, "echo foobar >&2; false", shell=True, assert_error=False)
 
     def test_output(self):
diff --git a/meta/lib/oeqa/selftest/cases/runqemu.py b/meta/lib/oeqa/selftest/cases/runqemu.py
index 7e676bcb41..f01e1eec66 100644
--- a/meta/lib/oeqa/selftest/cases/runqemu.py
+++ b/meta/lib/oeqa/selftest/cases/runqemu.py
@@ -4,14 +4,17 @@
 # SPDX-License-Identifier: MIT
 #
 
+import os
 import re
-import tempfile
 import time
 import oe.types
 from oeqa.core.decorator import OETestTag
+from oeqa.core.decorator.data import skipIfNotArch, skipIfNotMachine
 from oeqa.selftest.case import OESelftestTestCase
-from oeqa.utils.commands import bitbake, runqemu, get_bb_var, runCmd
+from oeqa.utils.commands import bitbake, runqemu, get_bb_var
 
+
+@OETestTag("runqemu")
 class RunqemuTests(OESelftestTestCase):
     """Runqemu test class"""
 
@@ -21,23 +24,26 @@ class RunqemuTests(OESelftestTestCase):
     def setUpLocal(self):
         super(RunqemuTests, self).setUpLocal()
         self.recipe = 'core-image-minimal'
-        self.machine =  'qemux86-64'
-        self.fstypes = "ext4 iso hddimg wic.vmdk wic.qcow2 wic.vdi"
-        self.cmd_common = "runqemu nographic"
+        self.machine = self.td['MACHINE']
+        self.image_link_name = get_bb_var('IMAGE_LINK_NAME', self.recipe)
 
-        kvm = oe.types.qemu_use_kvm(get_bb_var('QEMU_USE_KVM'), 'x86_64')
+        self.fstypes = "ext4"
+        if self.td["HOST_ARCH"] in ('i586', 'i686', 'x86_64'):
+            self.fstypes += " iso hddimg"
+        if self.machine == "qemux86-64":
+            self.fstypes += " wic.vmdk wic.qcow2 wic.vdi"
+
+        self.cmd_common = "runqemu nographic"
+        kvm = oe.types.qemu_use_kvm(get_bb_var('QEMU_USE_KVM'), self.td["TARGET_ARCH"])
         if kvm:
             self.cmd_common += " kvm"
 
         self.write_config(
 """
-MACHINE = "%s"
 IMAGE_FSTYPES = "%s"
 # 10 means 1 second
 SYSLINUX_TIMEOUT = "10"
-"""
-% (self.machine, self.fstypes)
-        )
+""" % self.fstypes)
 
         if not RunqemuTests.image_is_ready:
             RunqemuTests.deploy_dir_image = get_bb_var('DEPLOY_DIR_IMAGE')
@@ -56,14 +62,17 @@ SYSLINUX_TIMEOUT = "10"
         cmd = "%s %s ext4" % (self.cmd_common, self.machine)
         with runqemu(self.recipe, ssh=False, launch_cmd=cmd) as qemu:
             with open(qemu.qemurunnerlog) as f:
-                self.assertIn('rootfs.ext4', f.read(), "Failed: %s" % cmd)
+                regexp = r'\nROOTFS: .*\.ext4]\n'
+                self.assertRegex(f.read(), regexp, "Failed to find '%s' in '%s' after running '%s'" % (regexp, qemu.qemurunnerlog, cmd))
 
+    @skipIfNotArch(['i586', 'i686', 'x86_64'])
     def test_boot_machine_iso(self):
         """Test runqemu machine iso"""
         cmd = "%s %s iso" % (self.cmd_common, self.machine)
         with runqemu(self.recipe, ssh=False, launch_cmd=cmd) as qemu:
             with open(qemu.qemurunnerlog) as f:
-                self.assertIn('media=cdrom', f.read(), "Failed: %s" % cmd)
+                text_in = 'media=cdrom'
+                self.assertIn(text_in, f.read(), "Failed to find '%s' in '%s' after running '%s'" % (text_in, qemu.qemurunnerlog, cmd))
 
     def test_boot_recipe_image(self):
         """Test runqemu recipe-image"""
@@ -72,20 +81,24 @@ SYSLINUX_TIMEOUT = "10"
             with open(qemu.qemurunnerlog) as f:
                 self.assertTrue(qemu.runner.logged, "Failed: %s, %s" % (cmd, f.read()))
 
-
+    # https://bugzilla.yoctoproject.org/show_bug.cgi?id=14963
+    @skipIfNotMachine("qemux86-64", "tests are qemux86-64 specific currently")
     def test_boot_recipe_image_vmdk(self):
         """Test runqemu recipe-image vmdk"""
         cmd = "%s %s wic.vmdk" % (self.cmd_common, self.recipe)
         with runqemu(self.recipe, ssh=False, launch_cmd=cmd) as qemu:
             with open(qemu.qemurunnerlog) as f:
-                self.assertIn('format=vmdk', f.read(), "Failed: %s" % cmd)
+                text_in = 'format=vmdk'
+                self.assertIn(text_in, f.read(), "Failed to find '%s' in '%s' after running '%s'" % (text_in, qemu.qemurunnerlog, cmd))
 
+    @skipIfNotMachine("qemux86-64", "tests are qemux86-64 specific currently")
     def test_boot_recipe_image_vdi(self):
         """Test runqemu recipe-image vdi"""
         cmd = "%s %s wic.vdi" % (self.cmd_common, self.recipe)
         with runqemu(self.recipe, ssh=False, launch_cmd=cmd) as qemu:
             with open(qemu.qemurunnerlog) as f:
-                self.assertIn('format=vdi', f.read(), "Failed: %s" % cmd)
+                text_in = 'format=vdi'
+                self.assertIn(text_in, f.read(), "Failed to find '%s' in '%s' after running '%s'" % (text_in, qemu.qemurunnerlog, cmd))
 
     def test_boot_deploy(self):
         """Test runqemu deploy_dir_image"""
@@ -94,7 +107,7 @@ SYSLINUX_TIMEOUT = "10"
             with open(qemu.qemurunnerlog) as f:
                 self.assertTrue(qemu.runner.logged, "Failed: %s, %s" % (cmd, f.read()))
 
-
+    @skipIfNotArch(['i586', 'i686', 'x86_64'])
     def test_boot_deploy_hddimg(self):
         """Test runqemu deploy_dir_image hddimg"""
         cmd = "%s %s hddimg" % (self.cmd_common, self.deploy_dir_image)
@@ -109,6 +122,7 @@ SYSLINUX_TIMEOUT = "10"
             with open(qemu.qemurunnerlog) as f:
                 self.assertIn(' -netdev user', f.read(), "Failed: %s" % cmd)
 
+    @skipIfNotMachine("qemux86-64", "tests are qemux86-64 specific currently")
     def test_boot_machine_slirp_qcow2(self):
         """Test runqemu machine slirp qcow2"""
         cmd = "%s slirp wic.qcow2 %s" % (self.cmd_common, self.machine)
@@ -118,7 +132,7 @@ SYSLINUX_TIMEOUT = "10"
 
     def test_boot_qemu_boot(self):
         """Test runqemu /path/to/image.qemuboot.conf"""
-        qemuboot_conf = "%s-%s.qemuboot.conf" % (self.recipe, self.machine)
+        qemuboot_conf = "%s.qemuboot.conf" % (self.image_link_name)
         qemuboot_conf = os.path.join(self.deploy_dir_image, qemuboot_conf)
         if not os.path.exists(qemuboot_conf):
             self.skipTest("%s not found" % qemuboot_conf)
@@ -129,7 +143,7 @@ SYSLINUX_TIMEOUT = "10"
 
     def test_boot_rootfs(self):
         """Test runqemu /path/to/rootfs.ext4"""
-        rootfs = "%s-%s.ext4" % (self.recipe, self.machine)
+        rootfs = "%s.ext4" % (self.image_link_name)
         rootfs = os.path.join(self.deploy_dir_image, rootfs)
         if not os.path.exists(rootfs):
             self.skipTest("%s not found" % rootfs)
@@ -149,26 +163,27 @@ SYSLINUX_TIMEOUT = "10"
 # bootup various filesystem types, including live image(iso and hddimg)
 # where live image was not supported on all qemu architecture.
 @OETestTag("machine")
+@OETestTag("runqemu")
 class QemuTest(OESelftestTestCase):
 
     @classmethod
     def setUpClass(cls):
         super(QemuTest, cls).setUpClass()
         cls.recipe = 'core-image-minimal'
-        cls.machine =  get_bb_var('MACHINE')
-        cls.deploy_dir_image =  get_bb_var('DEPLOY_DIR_IMAGE')
+        cls.machine = get_bb_var('MACHINE')
+        cls.deploy_dir_image = get_bb_var('DEPLOY_DIR_IMAGE')
+        cls.image_link_name = get_bb_var('IMAGE_LINK_NAME', cls.recipe)
         cls.cmd_common = "runqemu nographic"
-        cls.qemuboot_conf = "%s-%s.qemuboot.conf" % (cls.recipe, cls.machine)
+        cls.qemuboot_conf = "%s.qemuboot.conf" % (cls.image_link_name)
         cls.qemuboot_conf = os.path.join(cls.deploy_dir_image, cls.qemuboot_conf)
         bitbake(cls.recipe)
 
     def _start_qemu_shutdown_check_if_shutdown_succeeded(self, qemu, timeout):
+        # Allow the runner's LoggingThread instance to exit without errors
+        # (such as the exception "Console connection closed unexpectedly")
+        # as qemu will disappear when we shut it down
+        qemu.runner.allowexit()
         qemu.run_serial("shutdown -h now")
-        # Stop thread will stop the LoggingThread instance used for logging
-        # qemu through serial console, stop thread will prevent this code
-        # from facing exception (Console connection closed unexpectedly)
-        # when qemu was shutdown by the above shutdown command
-        qemu.runner.stop_thread()
         time_track = 0
         try:
             while True:
@@ -190,22 +205,12 @@ class QemuTest(OESelftestTestCase):
             qemu_shutdown_succeeded = self._start_qemu_shutdown_check_if_shutdown_succeeded(qemu, shutdown_timeout)
             self.assertTrue(qemu_shutdown_succeeded, 'Failed: %s does not shutdown within timeout(%s)' % (self.machine, shutdown_timeout))
 
-    # Need to have portmap/rpcbind running to allow this test to work and
-    # current autobuilder setup does not have this.
-    def disabled_test_qemu_can_boot_nfs_and_shutdown(self):
-        self.assertExists(self.qemuboot_conf)
-        bitbake('meta-ide-support')
-        rootfs_tar = "%s-%s.tar.bz2" % (self.recipe, self.machine)
+    def test_qemu_can_boot_nfs_and_shutdown(self):
+        rootfs_tar = "%s.tar.bz2" % (self.image_link_name)
         rootfs_tar = os.path.join(self.deploy_dir_image, rootfs_tar)
         self.assertExists(rootfs_tar)
-        tmpdir = tempfile.mkdtemp(prefix='qemu_nfs')
-        tmpdir_nfs = os.path.join(tmpdir, 'nfs')
-        cmd_extract_nfs = 'runqemu-extract-sdk %s %s' % (rootfs_tar, tmpdir_nfs)
-        result = runCmd(cmd_extract_nfs)
-        self.assertEqual(0, result.status, "runqemu-extract-sdk didn't run as expected. %s" % result.output)
-        cmd = "%s nfs %s %s" % (self.cmd_common, self.qemuboot_conf, tmpdir_nfs)
+        cmd = "%s %s" % (self.cmd_common, rootfs_tar)
         shutdown_timeout = 120
         with runqemu(self.recipe, ssh=False, launch_cmd=cmd) as qemu:
             qemu_shutdown_succeeded = self._start_qemu_shutdown_check_if_shutdown_succeeded(qemu, shutdown_timeout)
             self.assertTrue(qemu_shutdown_succeeded, 'Failed: %s does not shutdown within timeout(%s)' % (self.machine, shutdown_timeout))
-        runCmd('rm -rf %s' % tmpdir)
diff --git a/meta/lib/oeqa/selftest/cases/runtime_test.py b/meta/lib/oeqa/selftest/cases/runtime_test.py
index b20c5b427b..d58ffa80f5 100644
--- a/meta/lib/oeqa/selftest/cases/runtime_test.py
+++ b/meta/lib/oeqa/selftest/cases/runtime_test.py
@@ -1,24 +1,20 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
 from oeqa.selftest.case import OESelftestTestCase
 from oeqa.utils.commands import runCmd, bitbake, get_bb_var, get_bb_vars, runqemu
-from oeqa.utils.sshcontrol import SSHControl
+from oeqa.core.decorator import OETestTag
 import os
-import re
 import tempfile
-import shutil
 import oe.lsb
-from oeqa.core.decorator.data import skipIfNotQemu
+from oeqa.core.decorator.data import skipIfNotQemu, skipIfNotMachine
 
 class TestExport(OESelftestTestCase):
 
-    @classmethod
-    def tearDownClass(cls):
-        runCmd("rm -rf /tmp/sdk")
-        super(TestExport, cls).tearDownClass()
-
+    @OETestTag("runqemu")
     def test_testexport_basic(self):
         """
         Summary: Check basic testexport functionality with only ping test enabled.
@@ -29,7 +25,7 @@ class TestExport(OESelftestTestCase):
         Author: Mariano Lopez <mariano.lopez@intel.com>
         """
 
-        features = 'INHERIT += "testexport"\n'
+        features = 'IMAGE_CLASSES += "testexport"\n'
         # These aren't the actual IP addresses but testexport class needs something defined
         features += 'TEST_SERVER_IP = "192.168.7.1"\n'
         features += 'TEST_TARGET_IP = "192.168.7.1"\n'
@@ -70,7 +66,7 @@ class TestExport(OESelftestTestCase):
         Author: Mariano Lopez <mariano.lopez@intel.com>
         """
 
-        features = 'INHERIT += "testexport"\n'
+        features = 'IMAGE_CLASSES += "testexport"\n'
         # These aren't the actual IP addresses but testexport class needs something defined
         features += 'TEST_SERVER_IP = "192.168.7.1"\n'
         features += 'TEST_TARGET_IP = "192.168.7.1"\n'
@@ -95,21 +91,23 @@ class TestExport(OESelftestTestCase):
         msg = "Couldn't find SDK tarball: %s" % tarball_path
         self.assertEqual(os.path.isfile(tarball_path), True, msg)
 
-        # Extract SDK and run tar from SDK
-        result = runCmd("%s -y -d /tmp/sdk" % tarball_path)
-        self.assertEqual(0, result.status, "Couldn't extract SDK")
+        with tempfile.TemporaryDirectory() as tmpdirname:
+            # Extract SDK and run tar from SDK
+            result = runCmd("%s -y -d %s" % (tarball_path, tmpdirname))
+            self.assertEqual(0, result.status, "Couldn't extract SDK")
 
-        env_script = result.output.split()[-1]
-        result = runCmd(". %s; which tar" % env_script, shell=True)
-        self.assertEqual(0, result.status, "Couldn't setup SDK environment")
-        is_sdk_tar = True if "/tmp/sdk" in result.output else False
-        self.assertTrue(is_sdk_tar, "Couldn't setup SDK environment")
+            env_script = result.output.split()[-1]
+            result = runCmd(". %s; which tar" % env_script, shell=True)
+            self.assertEqual(0, result.status, "Couldn't setup SDK environment")
+            is_sdk_tar = True if tmpdirname in result.output else False
+            self.assertTrue(is_sdk_tar, "Couldn't setup SDK environment")
 
-        tar_sdk = result.output
-        result = runCmd("%s --version" % tar_sdk)
-        self.assertEqual(0, result.status, "Couldn't run tar from SDK")
+            tar_sdk = result.output
+            result = runCmd("%s --version" % tar_sdk)
+            self.assertEqual(0, result.status, "Couldn't run tar from SDK")
 
 
+@OETestTag("runqemu")
 class TestImage(OESelftestTestCase):
 
     def test_testimage_install(self):
@@ -123,15 +121,30 @@ class TestImage(OESelftestTestCase):
         if get_bb_var('DISTRO') == 'poky-tiny':
             self.skipTest('core-image-full-cmdline not buildable for poky-tiny')
 
-        features = 'INHERIT += "testimage"\n'
-        features += 'IMAGE_INSTALL_append = " libssl"\n'
+        features = 'IMAGE_CLASSES += "testimage"\n'
+        features += 'IMAGE_INSTALL:append = " libssl"\n'
         features += 'TEST_SUITES = "ping ssh selftest"\n'
         self.write_config(features)
 
-        # Build core-image-sato and testimage
         bitbake('core-image-full-cmdline socat')
         bitbake('-c testimage core-image-full-cmdline')
 
+    def test_testimage_slirp(self):
+        """
+        Summary: Check basic testimage functionality with qemu and slirp networking.
+        """
+
+        features = '''
+IMAGE_CLASSES:append = " testimage"
+IMAGE_FEATURES:append = " ssh-server-dropbear"
+IMAGE_ROOTFS_EXTRA_SPACE:append = "${@bb.utils.contains("IMAGE_CLASSES", "testimage", " + 5120", "", d)}"
+TEST_RUNQEMUPARAMS += " slirp"
+'''
+        self.write_config(features)
+
+        bitbake('core-image-minimal')
+        bitbake('-c testimage core-image-minimal')
+
     def test_testimage_dnf(self):
         """
         Summary: Check package feeds functionality for dnf
@@ -142,7 +155,7 @@ class TestImage(OESelftestTestCase):
         if get_bb_var('DISTRO') == 'poky-tiny':
             self.skipTest('core-image-full-cmdline not buildable for poky-tiny')
 
-        features = 'INHERIT += "testimage"\n'
+        features = 'IMAGE_CLASSES += "testimage"\n'
         features += 'TEST_SUITES = "ping ssh dnf_runtime dnf.DnfBasicTest.test_dnf_help"\n'
         # We don't yet know what the server ip and port will be - they will be patched
         # in at the start of the on-image test
@@ -161,13 +174,50 @@ class TestImage(OESelftestTestCase):
         features += 'PACKAGE_FEED_GPG_NAME = "testuser"\n'
         features += 'PACKAGE_FEED_GPG_PASSPHRASE_FILE = "%s"\n' % os.path.join(signing_key_dir, 'key.passphrase')
         features += 'GPG_PATH = "%s"\n' % self.gpg_home
-        features += 'PSEUDO_IGNORE_PATHS .= ",%s"\n' % self.gpg_home
+        self.write_config(features)
+
+        bitbake('core-image-full-cmdline socat')
+        bitbake('-c testimage core-image-full-cmdline')
+
+    def test_testimage_apt(self):
+        """
+        Summary: Check package feeds functionality for apt
+        Expected: 1. Check that remote package feeds can be accessed
+        Product: oe-core
+        Author: Ferry Toth <fntoth@gmail.com>
+        """
+        if get_bb_var('DISTRO') == 'poky-tiny':
+            self.skipTest('core-image-full-cmdline not buildable for poky-tiny')
+
+        features = 'IMAGE_CLASSES += "testimage"\n'
+        features += 'TEST_SUITES = "ping ssh apt.AptRepoTest.test_apt_install_from_repo"\n'
+        # We don't yet know what the server ip and port will be - they will be patched
+        # in at the start of the on-image test
+        features += 'PACKAGE_FEED_URIS = "http://bogus_ip:bogus_port"\n'
+        features += 'EXTRA_IMAGE_FEATURES += "package-management"\n'
+        features += 'PACKAGE_CLASSES = "package_deb"\n'
+        # We need  gnupg on the target to install keys
+        features += 'IMAGE_INSTALL:append:pn-core-image-full-cmdline = " gnupg"\n'
+
+        bitbake('gnupg-native -c addto_recipe_sysroot')
+
+        # Enable package feed signing
+        self.gpg_home = tempfile.mkdtemp(prefix="oeqa-feed-sign-")
+        self.track_for_cleanup(self.gpg_home)
+        signing_key_dir = os.path.join(self.testlayer_path, 'files', 'signing')
+        runCmd('gpgconf --list-dirs --homedir %s; gpg -v --batch --homedir %s --import %s' % (self.gpg_home, self.gpg_home, os.path.join(signing_key_dir, 'key.secret')), native_sysroot=get_bb_var("RECIPE_SYSROOT_NATIVE", "gnupg-native"), shell=True)
+        features += 'INHERIT += "sign_package_feed"\n'
+        features += 'PACKAGE_FEED_GPG_NAME = "testuser"\n'
+        features += 'PACKAGE_FEED_GPG_PASSPHRASE_FILE = "%s"\n' % os.path.join(signing_key_dir, 'key.passphrase')
+        features += 'GPG_PATH = "%s"\n' % self.gpg_home
         self.write_config(features)
 
         # Build core-image-sato and testimage
         bitbake('core-image-full-cmdline socat')
         bitbake('-c testimage core-image-full-cmdline')
 
+    # https://bugzilla.yoctoproject.org/show_bug.cgi?id=14966
+    @skipIfNotMachine("qemux86-64", "test needs qemux86-64")
     def test_testimage_virgl_gtk_sdl(self):
         """
         Summary: Check host-assisted accelerate OpenGL functionality in qemu with gtk and SDL frontends
@@ -190,25 +240,26 @@ class TestImage(OESelftestTestCase):
 
         qemu_packageconfig = get_bb_var('PACKAGECONFIG', 'qemu-system-native')
         qemu_distrofeatures = get_bb_var('DISTRO_FEATURES', 'qemu-system-native')
-        features = 'INHERIT += "testimage"\n'
+        features = 'IMAGE_CLASSES += "testimage"\n'
         if 'gtk+' not in qemu_packageconfig:
-            features += 'PACKAGECONFIG_append_pn-qemu-system-native = " gtk+"\n'
+            features += 'PACKAGECONFIG:append:pn-qemu-system-native = " gtk+"\n'
         if 'sdl' not in qemu_packageconfig:
-            features += 'PACKAGECONFIG_append_pn-qemu-system-native = " sdl"\n'
+            features += 'PACKAGECONFIG:append:pn-qemu-system-native = " sdl"\n'
         if 'opengl' not in qemu_distrofeatures:
-            features += 'DISTRO_FEATURES_append = " opengl"\n'
+            features += 'DISTRO_FEATURES:append = " opengl"\n'
         features += 'TEST_SUITES = "ping ssh virgl"\n'
-        features += 'IMAGE_FEATURES_append = " ssh-server-dropbear"\n'
-        features += 'IMAGE_INSTALL_append = " kmscube"\n'
-        features_gtk = features + 'TEST_RUNQEMUPARAMS = "gtk gl"\n'
+        features += 'IMAGE_FEATURES:append = " ssh-server-dropbear"\n'
+        features += 'IMAGE_INSTALL:append = " kmscube"\n'
+        features_gtk = features + 'TEST_RUNQEMUPARAMS += " gtk gl"\n'
         self.write_config(features_gtk)
         bitbake('core-image-minimal')
         bitbake('-c testimage core-image-minimal')
-        features_sdl = features + 'TEST_RUNQEMUPARAMS = "sdl gl"\n'
+        features_sdl = features + 'TEST_RUNQEMUPARAMS += " sdl gl"\n'
         self.write_config(features_sdl)
         bitbake('core-image-minimal')
         bitbake('-c testimage core-image-minimal')
 
+    @skipIfNotMachine("qemux86-64", "test needs qemux86-64")
     def test_testimage_virgl_headless(self):
         """
         Summary: Check host-assisted accelerate OpenGL functionality in qemu with egl-headless frontend
@@ -218,28 +269,27 @@ class TestImage(OESelftestTestCase):
         Author: Alexander Kanavin <alex.kanavin@gmail.com>
         """
         import subprocess, os
-        try:
-            content = os.listdir("/dev/dri")
-            if len([i for i in content if i.startswith('render')]) == 0:
-                self.skipTest("No render nodes found in /dev/dri: %s" %(content))
-        except FileNotFoundError:
-            self.skipTest("/dev/dri directory does not exist; no render nodes available on this machine.")
-        try:
-            dripath = subprocess.check_output("pkg-config --variable=dridriverdir dri", shell=True)
-        except subprocess.CalledProcessError as e:
-            self.skipTest("Could not determine the path to dri drivers on the host via pkg-config.\nPlease install Mesa development files (particularly, dri.pc) on the host machine.")
+
+        distro = oe.lsb.distro_identifier()
+        # Merge request to address the issue on centos/rhel/derivatives:
+        # https://gitlab.com/cki-project/kernel-ark/-/merge_requests/3449
+        if distro and (distro in ['debian-9', 'debian-10', 'centos-7', 'centos-8', 'centos-9', 'ubuntu-16.04', 'ubuntu-18.04'] or
+            distro.startswith('almalinux') or distro.startswith('rocky')):
+            self.skipTest('virgl headless cannot be tested with %s' %(distro))
+
         qemu_distrofeatures = get_bb_var('DISTRO_FEATURES', 'qemu-system-native')
-        features = 'INHERIT += "testimage"\n'
+        features = 'IMAGE_CLASSES += "testimage"\n'
         if 'opengl' not in qemu_distrofeatures:
-            features += 'DISTRO_FEATURES_append = " opengl"\n'
+            features += 'DISTRO_FEATURES:append = " opengl"\n'
         features += 'TEST_SUITES = "ping ssh virgl"\n'
-        features += 'IMAGE_FEATURES_append = " ssh-server-dropbear"\n'
-        features += 'IMAGE_INSTALL_append = " kmscube"\n'
-        features += 'TEST_RUNQEMUPARAMS = "egl-headless"\n'
+        features += 'IMAGE_FEATURES:append = " ssh-server-dropbear"\n'
+        features += 'IMAGE_INSTALL:append = " kmscube"\n'
+        features += 'TEST_RUNQEMUPARAMS += " egl-headless"\n'
         self.write_config(features)
         bitbake('core-image-minimal')
         bitbake('-c testimage core-image-minimal')
 
+@OETestTag("runqemu")
 class Postinst(OESelftestTestCase):
 
     def init_manager_loop(self, init_manager):
@@ -260,10 +310,7 @@ class Postinst(OESelftestTestCase):
                 features += 'IMAGE_FEATURES += "package-management empty-root-password"\n'
                 features += 'PACKAGE_CLASSES = "%s"\n' % classes
                 if init_manager == "systemd":
-                    features += 'DISTRO_FEATURES_append = " systemd"\n'
-                    features += 'VIRTUAL-RUNTIME_init_manager = "systemd"\n'
-                    features += 'DISTRO_FEATURES_BACKFILL_CONSIDERED = "sysvinit"\n'
-                    features += 'VIRTUAL-RUNTIME_initscripts = ""\n'
+                    features += 'INIT_MANAGER = "systemd"\n'
                 self.write_config(features)
 
                 bitbake('core-image-minimal')
@@ -280,7 +327,7 @@ class Postinst(OESelftestTestCase):
 
 
 
-    @skipIfNotQemu('qemuall', 'Test only runs in qemu')
+    @skipIfNotQemu()
     def test_postinst_rootfs_and_boot_sysvinit(self):
         """
         Summary:        The purpose of this test case is to verify Post-installation
@@ -301,7 +348,7 @@ class Postinst(OESelftestTestCase):
         self.init_manager_loop("sysvinit")
 
 
-    @skipIfNotQemu('qemuall', 'Test only runs in qemu')
+    @skipIfNotQemu()
     def test_postinst_rootfs_and_boot_systemd(self):
         """
         Summary:        The purpose of this test case is to verify Post-installation
@@ -357,6 +404,7 @@ class Postinst(OESelftestTestCase):
                 self.assertFalse(os.path.isfile(os.path.join(hosttestdir, "rootfs-after-failure")),
                                     "rootfs-after-failure file was created")
 
+@OETestTag("runqemu")
 class SystemTap(OESelftestTestCase):
         """
         Summary:        The purpose of this test case is to verify native crosstap
@@ -377,14 +425,14 @@ TEST_SERVER_IP = "192.168.7.1"
 TEST_TARGET_IP = "192.168.7.2"
 
 EXTRA_IMAGE_FEATURES += "tools-profile dbg-pkgs"
-IMAGE_FEATURES_append = " ssh-server-dropbear"
+IMAGE_FEATURES:append = " ssh-server-dropbear"
 
 # enables kernel debug symbols
-KERNEL_EXTRA_FEATURES_append = " features/debug/debug-kernel.scc"
-KERNEL_EXTRA_FEATURES_append = " features/systemtap/systemtap.scc"
+KERNEL_EXTRA_FEATURES:append = " features/debug/debug-kernel.scc"
+KERNEL_EXTRA_FEATURES:append = " features/systemtap/systemtap.scc"
 
 # add systemtap run-time into target image if it is not there yet
-IMAGE_INSTALL_append = " systemtap-runtime"
+IMAGE_INSTALL:append = " systemtap-runtime"
 """
 
         def test_crosstap_helloworld(self):
@@ -433,4 +481,3 @@ IMAGE_INSTALL_append = " systemtap-runtime"
                 cmd = "crosstap -r root@192.168.7.2 -s %s/process/ syscalls_by_pid.stp" % systemtap_examples
                 result = runCmd(cmd)
                 self.assertEqual(0, result.status, 'crosstap  syscalls_by_pid returned a non 0 status:%s' % result.output)
-
diff --git a/meta/lib/oeqa/selftest/cases/rust.py b/meta/lib/oeqa/selftest/cases/rust.py
new file mode 100644
index 0000000000..d99a58d6b9
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/rust.py
@@ -0,0 +1,135 @@
+# SPDX-License-Identifier: MIT
+import subprocess
+import time
+from oeqa.core.decorator import OETestTag
+from oeqa.core.decorator.data import skipIfArch
+from oeqa.core.case import OEPTestResultTestCase
+from oeqa.selftest.case import OESelftestTestCase
+from oeqa.utils.commands import runCmd, bitbake, get_bb_var, runqemu
+from oeqa.utils.sshcontrol import SSHControl
+
+def parse_results(filename):
+    tests = {}
+    with open(filename, "r") as f:
+        lines = f.readlines()
+        for line in lines:
+            if "..." in line and "test [" in line:
+                test = line.split("test ")[1].split(" ... ")[0]
+                if "] " in test:
+                    test = test.split("] ", 1)[1]
+                result = line.split(" ... ")[1].strip()
+                if result == "ok":
+                    result = "PASS"
+                elif result == "failed":
+                    result = "FAIL"
+                elif "ignored" in result:
+                    result = "SKIPPED"
+                if test in tests:
+                    if tests[test] != result:
+                        print("Duplicate and mismatching result %s for %s" % (result, test))
+                    else:
+                        print("Duplicate result %s for %s" % (result, test))
+                else:
+                    tests[test] = result
+    return tests
+
+# Total time taken for testing is of about 2hr 20min, with PARALLEL_MAKE set to 40 number of jobs.
+@OETestTag("toolchain-system")
+@OETestTag("toolchain-user")
+@OETestTag("runqemu")
+class RustSelfTestSystemEmulated(OESelftestTestCase, OEPTestResultTestCase):
+
+    @skipIfArch(['mips', 'mips64'])
+    def test_rust(self, *args, **kwargs):
+        # build remote-test-server before image build
+        recipe = "rust"
+        start_time = time.time()
+        bitbake("{} -c test_compile".format(recipe))
+        builddir = get_bb_var("RUSTSRC", "rust")
+        # build core-image-minimal with required packages
+        default_installed_packages = ["libgcc", "libstdc++", "libatomic", "libgomp"]
+        features = []
+        features.append('IMAGE_FEATURES += "ssh-server-dropbear"')
+        features.append('CORE_IMAGE_EXTRA_INSTALL += "{0}"'.format(" ".join(default_installed_packages)))
+        self.write_config("\n".join(features))
+        bitbake("core-image-minimal")
+
+        # Exclude the test folders that error out while building
+        # TODO: Fix the errors and include them for testing
+        # no-fail-fast: Run all tests regardless of failure.
+        # bless: First runs rustfmt to format the codebase,
+        # then runs tidy checks.
+        exclude_list =  [
+                            'src/bootstrap',
+                            'src/doc/rustc',
+                            'src/doc/rustdoc',
+                            'src/doc/unstable-book',
+                            'src/etc/test-float-parse',
+                            'src/librustdoc',
+                            'src/rustdoc-json-types',
+                            'src/tools/jsondoclint',
+                            'src/tools/lint-docs',
+                            'src/tools/replace-version-placeholder',
+                            'src/tools/rust-analyzer',
+                            'src/tools/rustdoc-themes',
+                            'src/tools/rust-installer',
+                            'src/tools/suggest-tests',
+                            'tests/assembly/asm/aarch64-outline-atomics.rs',
+                            'tests/codegen/issues/issue-122805.rs',
+                            'tests/codegen/thread-local.rs',
+                            'tests/mir-opt/',
+                            'tests/run-make',
+                            'tests/run-make-fulldeps',
+                            'tests/rustdoc',
+                            'tests/rustdoc-json',
+                            'tests/rustdoc-js-std',
+                            'tests/ui/abi/stack-probes-lto.rs',
+                            'tests/ui/abi/stack-probes.rs',
+                            'tests/ui/codegen/mismatched-data-layouts.rs',
+                            'tests/codegen/rust-abi-arch-specific-adjustment.rs',
+                            'tests/ui/debuginfo/debuginfo-emit-llvm-ir-and-split-debuginfo.rs',
+                            'tests/ui/feature-gates/version_check.rs',
+                            'tests/ui-fulldeps/',
+                            'tests/ui/process/nofile-limit.rs',
+                            'tidyselftest'
+                        ]
+
+        exclude_fail_tests = " ".join([" --exclude " + item for item in exclude_list])
+        # Add exclude_fail_tests with other test arguments
+        testargs =  exclude_fail_tests + " --no-fail-fast --bless"
+
+        # wrap the execution with a qemu instance.
+        # Tests are run with 512 tasks in parallel to execute all tests very quickly
+        with runqemu("core-image-minimal", runqemuparams = "nographic", qemuparams = "-m 512") as qemu:
+            # Copy remote-test-server to image through scp
+            host_sys = get_bb_var("RUST_BUILD_SYS", "rust")
+            ssh = SSHControl(ip=qemu.ip, logfile=qemu.sshlog, user="root")
+            ssh.copy_to(builddir + "/build/" + host_sys + "/stage2-tools-bin/remote-test-server","~/")
+            # Execute remote-test-server on image through background ssh
+            command = '~/remote-test-server --bind 0.0.0.0:12345 -v'
+            sshrun=subprocess.Popen(("ssh", '-o',  'UserKnownHostsFile=/dev/null', '-o',  'StrictHostKeyChecking=no', '-f', "root@%s" % qemu.ip, command), shell=False, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+            # Get the values of variables.
+            tcpath = get_bb_var("TARGET_SYS", "rust")
+            targetsys = get_bb_var("RUST_TARGET_SYS", "rust")
+            rustlibpath = get_bb_var("WORKDIR", "rust")
+            tmpdir = get_bb_var("TMPDIR", "rust")
+
+            # Set path for target-poky-linux-gcc, RUST_TARGET_PATH and hosttools.
+            cmd = "export TARGET_VENDOR=\"-poky\";"
+            cmd = cmd + " export PATH=%s/recipe-sysroot-native/usr/bin/python3-native:%s/recipe-sysroot-native/usr/bin:%s/recipe-sysroot-native/usr/bin/%s:%s/hosttools:$PATH;" % (rustlibpath, rustlibpath, rustlibpath, tcpath, tmpdir)
+            cmd = cmd + " export RUST_TARGET_PATH=%s/rust-targets;" % rustlibpath
+            # Trigger testing.
+            cmd = cmd + " export TEST_DEVICE_ADDR=\"%s:12345\";" % qemu.ip
+            cmd = cmd + " cd %s; python3 src/bootstrap/bootstrap.py test %s --target %s" % (builddir, testargs, targetsys)
+            retval = runCmd(cmd)
+            end_time = time.time()
+
+            resultlog = rustlibpath + "/results-log.txt"
+            with open(resultlog, "w") as f:
+                f.write(retval.output)
+
+            ptestsuite = "rust"
+            self.ptest_section(ptestsuite, duration = int(end_time - start_time), logfile=resultlog)
+            test_results = parse_results(resultlog)
+            for test in test_results:
+                self.ptest_result(ptestsuite, test, test_results[test])
diff --git a/meta/lib/oeqa/selftest/cases/sdk.py b/meta/lib/oeqa/selftest/cases/sdk.py
new file mode 100644
index 0000000000..3971365029
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/sdk.py
@@ -0,0 +1,39 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+import os.path
+
+from oeqa.selftest.case import OESelftestTestCase
+from oeqa.utils.commands import bitbake, get_bb_vars
+
+class SDKTests(OESelftestTestCase):
+
+    def load_manifest(self, filename):
+        manifest = {}
+        with open(filename) as f:
+            for line in f:
+                name, arch, version = line.split(maxsplit=3)
+                manifest[name] = (version, arch)
+        return manifest
+
+    def test_sdk_manifests(self):
+        image = "core-image-minimal"
+
+        self.write_config("""
+TOOLCHAIN_HOST_TASK:append = " nativesdk-selftest-hello"
+IMAGE_INSTALL:append = " selftest-hello"
+""")
+
+        bitbake(f"{image} -c populate_sdk")
+        vars = get_bb_vars(['SDK_DEPLOY', 'TOOLCHAIN_OUTPUTNAME'], image)
+
+        path = os.path.join(vars["SDK_DEPLOY"], vars["TOOLCHAIN_OUTPUTNAME"] + ".host.manifest")
+        self.assertNotEqual(os.path.getsize(path), 0, msg="Host manifest is empty")
+        self.assertIn("nativesdk-selftest-hello", self.load_manifest(path))
+
+        path = os.path.join(vars["SDK_DEPLOY"], vars["TOOLCHAIN_OUTPUTNAME"] + ".target.manifest")
+        self.assertNotEqual(os.path.getsize(path), 0, msg="Target manifest is empty")
+        self.assertIn("selftest-hello", self.load_manifest(path))
diff --git a/meta/lib/oeqa/selftest/cases/selftest.py b/meta/lib/oeqa/selftest/cases/selftest.py
index af080dcf03..a80a8651a5 100644
--- a/meta/lib/oeqa/selftest/cases/selftest.py
+++ b/meta/lib/oeqa/selftest/cases/selftest.py
@@ -1,9 +1,10 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
 import importlib
-from oeqa.utils.commands import runCmd
 import oeqa.selftest
 from oeqa.selftest.case import OESelftestTestCase
 
diff --git a/meta/lib/oeqa/selftest/cases/signing.py b/meta/lib/oeqa/selftest/cases/signing.py
index a28c7eb19a..4df45ba032 100644
--- a/meta/lib/oeqa/selftest/cases/signing.py
+++ b/meta/lib/oeqa/selftest/cases/signing.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -81,6 +83,8 @@ class Signing(OESelftestTestCase):
         feature += 'RPM_GPG_PASSPHRASE = "test123"\n'
         feature += 'RPM_GPG_NAME = "testuser"\n'
         feature += 'GPG_PATH = "%s"\n' % self.gpg_dir
+        feature += 'PACKAGECONFIG:append:pn-rpm-native = " sequoia"\n'
+        feature += 'PACKAGECONFIG:append:pn-rpm = " sequoia"\n'
 
         self.write_config(feature)
 
@@ -145,7 +149,7 @@ class Signing(OESelftestTestCase):
         feature += 'GPG_PATH = "%s"\n' % self.gpg_dir
         feature += 'SSTATE_DIR = "%s"\n' % sstatedir
         # Any mirror might have partial sstate without .sig files, triggering failures
-        feature += 'SSTATE_MIRRORS_forcevariable = ""\n'
+        feature += 'SSTATE_MIRRORS:forcevariable = ""\n'
 
         self.write_config(feature)
 
@@ -159,13 +163,13 @@ class Signing(OESelftestTestCase):
             bitbake('-c clean %s' % test_recipe)
             bitbake('-c populate_lic %s' % test_recipe)
 
-            recipe_sig = glob.glob(sstatedir + '/*/*/*:ed:*_populate_lic.tgz.sig')
-            recipe_tgz = glob.glob(sstatedir + '/*/*/*:ed:*_populate_lic.tgz')
+            recipe_sig = glob.glob(sstatedir + '/*/*/*:ed:*_populate_lic.tar.zst.sig')
+            recipe_archive = glob.glob(sstatedir + '/*/*/*:ed:*_populate_lic.tar.zst')
 
             self.assertEqual(len(recipe_sig), 1, 'Failed to find .sig file.')
-            self.assertEqual(len(recipe_tgz), 1, 'Failed to find .tgz file.')
+            self.assertEqual(len(recipe_archive), 1, 'Failed to find .tar.zst file.')
 
-            ret = runCmd('gpg --homedir %s --verify %s %s' % (self.gpg_dir, recipe_sig[0], recipe_tgz[0]))
+            ret = runCmd('gpg --homedir %s --verify %s %s' % (self.gpg_dir, recipe_sig[0], recipe_archive[0]))
             # gpg: Signature made Thu 22 Oct 2015 01:45:09 PM EEST using RSA key ID 61EEFB30
             # gpg: Good signature from "testuser (nocomment) <testuser@email.com>"
             self.assertIn('gpg: Good signature from', ret.output, 'Package signed incorrectly.')
@@ -189,7 +193,7 @@ class LockedSignatures(OESelftestTestCase):
 
         bitbake(test_recipe)
         # Generate locked sigs include file
-        bitbake('-S none %s' % test_recipe)
+        bitbake('-S lockedsigs %s' % test_recipe)
 
         feature = 'require %s\n' % locked_sigs_file
         feature += 'SIGGEN_LOCKEDSIGS_TASKSIG_CHECK = "warn"\n'
@@ -206,7 +210,7 @@ class LockedSignatures(OESelftestTestCase):
         # Use uuid so hash equivalance server isn't triggered
         recipe_append_file = test_recipe + '_' + get_bb_var('PV', test_recipe) + '.bbappend'
         recipe_append_path = os.path.join(templayerdir, 'recipes-test', test_recipe, recipe_append_file)
-        feature = 'SUMMARY_${PN} = "test locked signature%s"\n' % uuid.uuid4()
+        feature = 'SUMMARY:${PN} = "test locked signature%s"\n' % uuid.uuid4()
 
         os.mkdir(os.path.join(templayerdir, 'recipes-test'))
         os.mkdir(os.path.join(templayerdir, 'recipes-test', test_recipe))
diff --git a/meta/lib/oeqa/selftest/cases/spdx.py b/meta/lib/oeqa/selftest/cases/spdx.py
new file mode 100644
index 0000000000..8cd4e83ca2
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/spdx.py
@@ -0,0 +1,288 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+import json
+import os
+import textwrap
+import hashlib
+from pathlib import Path
+from oeqa.selftest.case import OESelftestTestCase
+from oeqa.utils.commands import bitbake, get_bb_var, get_bb_vars, runCmd
+import oe.spdx30
+
+
+class SPDX22Check(OESelftestTestCase):
+    @classmethod
+    def setUpClass(cls):
+        super().setUpClass()
+        bitbake("python3-spdx-tools-native")
+        bitbake("-c addto_recipe_sysroot python3-spdx-tools-native")
+
+    def check_recipe_spdx(self, high_level_dir, spdx_file, target_name):
+        config = textwrap.dedent(
+            """\
+            INHERIT:remove = "create-spdx"
+            INHERIT += "create-spdx-2.2"
+            """
+        )
+        self.write_config(config)
+
+        deploy_dir = get_bb_var("DEPLOY_DIR")
+        arch_dir = get_bb_var("PACKAGE_ARCH", target_name)
+        spdx_version = get_bb_var("SPDX_VERSION")
+        # qemux86-64 creates the directory qemux86_64
+        #arch_dir = arch_var.replace("-", "_")
+
+        full_file_path = os.path.join(
+            deploy_dir, "spdx", spdx_version, arch_dir, high_level_dir, spdx_file
+        )
+
+        try:
+            os.remove(full_file_path)
+        except FileNotFoundError:
+            pass
+
+        bitbake("%s -c create_spdx" % target_name)
+
+        def check_spdx_json(filename):
+            with open(filename) as f:
+                report = json.load(f)
+                self.assertNotEqual(report, None)
+                self.assertNotEqual(report["SPDXID"], None)
+
+            python = os.path.join(
+                get_bb_var("STAGING_BINDIR", "python3-spdx-tools-native"),
+                "nativepython3",
+            )
+            validator = os.path.join(
+                get_bb_var("STAGING_BINDIR", "python3-spdx-tools-native"), "pyspdxtools"
+            )
+            result = runCmd("{} {} -i {}".format(python, validator, filename))
+
+        self.assertExists(full_file_path)
+        result = check_spdx_json(full_file_path)
+
+    def test_spdx_base_files(self):
+        self.check_recipe_spdx("packages", "base-files.spdx.json", "base-files")
+
+    def test_spdx_tar(self):
+        self.check_recipe_spdx("packages", "tar.spdx.json", "tar")
+
+
+class SPDX3CheckBase(object):
+    """
+    Base class for checking SPDX 3 based tests
+    """
+
+    def check_spdx_file(self, filename):
+        self.assertExists(filename)
+
+        # Read the file
+        objset = oe.spdx30.SHACLObjectSet()
+        with open(filename, "r") as f:
+            d = oe.spdx30.JSONLDDeserializer()
+            d.read(f, objset)
+
+        return objset
+
+    def check_recipe_spdx(self, target_name, spdx_path, *, task=None, extraconf=""):
+        config = (
+            textwrap.dedent(
+                f"""\
+                INHERIT:remove = "create-spdx"
+                INHERIT += "{self.SPDX_CLASS}"
+                """
+            )
+            + textwrap.dedent(extraconf)
+        )
+
+        self.write_config(config)
+
+        if task:
+            bitbake(f"-c {task} {target_name}")
+        else:
+            bitbake(target_name)
+
+        filename = spdx_path.format(
+            **get_bb_vars(
+                [
+                    "DEPLOY_DIR_IMAGE",
+                    "DEPLOY_DIR_SPDX",
+                    "MACHINE",
+                    "MACHINE_ARCH",
+                    "SDKMACHINE",
+                    "SDK_DEPLOY",
+                    "SPDX_VERSION",
+                    "SSTATE_PKGARCH",
+                    "TOOLCHAIN_OUTPUTNAME",
+                ],
+                target_name,
+            )
+        )
+
+        return self.check_spdx_file(filename)
+
+    def check_objset_missing_ids(self, objset):
+        for o in objset.foreach_type(oe.spdx30.SpdxDocument):
+            doc = o
+            break
+        else:
+            self.assertTrue(False, "Unable to find SpdxDocument")
+
+        missing_ids = objset.missing_ids - set(i.externalSpdxId for i in doc.import_)
+        if missing_ids:
+            self.assertTrue(
+                False,
+                "The following SPDXIDs are unresolved:\n  " + "\n  ".join(missing_ids),
+            )
+
+
+class SPDX30Check(SPDX3CheckBase, OESelftestTestCase):
+    SPDX_CLASS = "create-spdx-3.0"
+
+    def test_base_files(self):
+        self.check_recipe_spdx(
+            "base-files",
+            "{DEPLOY_DIR_SPDX}/{MACHINE_ARCH}/packages/package-base-files.spdx.json",
+        )
+
+    def test_gcc_include_source(self):
+        objset = self.check_recipe_spdx(
+            "gcc",
+            "{DEPLOY_DIR_SPDX}/{SSTATE_PKGARCH}/recipes/recipe-gcc.spdx.json",
+            extraconf="""\
+                SPDX_INCLUDE_SOURCES = "1"
+                """,
+        )
+
+        gcc_pv = get_bb_var("PV", "gcc")
+        filename = f"gcc-{gcc_pv}/README"
+        found = False
+        for software_file in objset.foreach_type(oe.spdx30.software_File):
+            if software_file.name == filename:
+                found = True
+                self.logger.info(
+                    f"The spdxId of {filename} in recipe-gcc.spdx.json is {software_file.spdxId}"
+                )
+                break
+
+        self.assertTrue(
+            found, f"Not found source file {filename} in recipe-gcc.spdx.json\n"
+        )
+
+    def test_core_image_minimal(self):
+        objset = self.check_recipe_spdx(
+            "core-image-minimal",
+            "{DEPLOY_DIR_IMAGE}/core-image-minimal-{MACHINE}.rootfs.spdx.json",
+        )
+
+        # Document should be fully linked
+        self.check_objset_missing_ids(objset)
+
+    def test_core_image_minimal_sdk(self):
+        objset = self.check_recipe_spdx(
+            "core-image-minimal",
+            "{SDK_DEPLOY}/{TOOLCHAIN_OUTPUTNAME}.spdx.json",
+            task="populate_sdk",
+        )
+
+        # Document should be fully linked
+        self.check_objset_missing_ids(objset)
+
+    def test_baremetal_helloworld(self):
+        objset = self.check_recipe_spdx(
+            "baremetal-helloworld",
+            "{DEPLOY_DIR_IMAGE}/baremetal-helloworld-image-{MACHINE}.spdx.json",
+            extraconf="""\
+                TCLIBC = "baremetal"
+                """,
+        )
+
+        # Document should be fully linked
+        self.check_objset_missing_ids(objset)
+
+    def test_extra_opts(self):
+        HOST_SPDXID = "http://foo.bar/spdx/bar2"
+
+        EXTRACONF = textwrap.dedent(
+            f"""\
+            SPDX_INVOKED_BY_name = "CI Tool"
+            SPDX_INVOKED_BY_type = "software"
+
+            SPDX_ON_BEHALF_OF_name = "John Doe"
+            SPDX_ON_BEHALF_OF_type = "person"
+            SPDX_ON_BEHALF_OF_id_email = "John.Doe@noreply.com"
+
+            SPDX_PACKAGE_SUPPLIER_name = "ACME Embedded Widgets"
+            SPDX_PACKAGE_SUPPLIER_type = "organization"
+
+            SPDX_AUTHORS += "authorA"
+            SPDX_AUTHORS_authorA_ref = "SPDX_ON_BEHALF_OF"
+
+            SPDX_BUILD_HOST = "host"
+
+            SPDX_IMPORTS += "host"
+            SPDX_IMPORTS_host_spdxid = "{HOST_SPDXID}"
+
+            SPDX_INCLUDE_BUILD_VARIABLES = "1"
+            SPDX_INCLUDE_BITBAKE_PARENT_BUILD = "1"
+            SPDX_INCLUDE_TIMESTAMPS = "1"
+
+            SPDX_PRETTY = "1"
+            """
+        )
+        extraconf_hash = hashlib.sha1(EXTRACONF.encode("utf-8")).hexdigest()
+
+        objset = self.check_recipe_spdx(
+            "core-image-minimal",
+            "{DEPLOY_DIR_IMAGE}/core-image-minimal-{MACHINE}.rootfs.spdx.json",
+            # Many SPDX variables do not trigger a rebuild, since they are
+            # intended to record information at the time of the build. As such,
+            # the extra configuration alone may not trigger a rebuild, and even
+            # if it does, the task hash won't necessarily be unique. In order
+            # to make sure rebuilds happen, but still allow these test objects
+            # to be pulled from sstate (e.g. remain reproducible), change the
+            # namespace prefix to include the hash of the extra configuration
+            extraconf=textwrap.dedent(
+                f"""\
+                SPDX_NAMESPACE_PREFIX = "http://spdx.org/spdxdocs/{extraconf_hash}"
+                """
+            )
+            + EXTRACONF,
+        )
+
+        # Document should be fully linked
+        self.check_objset_missing_ids(objset)
+
+        for o in objset.foreach_type(oe.spdx30.SoftwareAgent):
+            if o.name == "CI Tool":
+                break
+        else:
+            self.assertTrue(False, "Unable to find software tool")
+
+        for o in objset.foreach_type(oe.spdx30.Person):
+            if o.name == "John Doe":
+                break
+        else:
+            self.assertTrue(False, "Unable to find person")
+
+        for o in objset.foreach_type(oe.spdx30.Organization):
+            if o.name == "ACME Embedded Widgets":
+                break
+        else:
+            self.assertTrue(False, "Unable to find organization")
+
+        for o in objset.foreach_type(oe.spdx30.SpdxDocument):
+            doc = o
+            break
+        else:
+            self.assertTrue(False, "Unable to find SpdxDocument")
+
+        for i in doc.import_:
+            if i.externalSpdxId == HOST_SPDXID:
+                break
+        else:
+            self.assertTrue(False, "Unable to find imported Host SpdxID")
diff --git a/meta/lib/oeqa/selftest/cases/sstate.py b/meta/lib/oeqa/selftest/cases/sstate.py
deleted file mode 100644
index 80ce9e353c..0000000000
--- a/meta/lib/oeqa/selftest/cases/sstate.py
+++ /dev/null
@@ -1,67 +0,0 @@
-#
-# SPDX-License-Identifier: MIT
-#
-
-import datetime
-import unittest
-import os
-import re
-import shutil
-
-import oeqa.utils.ftools as ftools
-from oeqa.selftest.case import OESelftestTestCase
-from oeqa.utils.commands import runCmd, bitbake, get_bb_vars, get_test_layer
-
-
-class SStateBase(OESelftestTestCase):
-
-    def setUpLocal(self):
-        super(SStateBase, self).setUpLocal()
-        self.temp_sstate_location = None
-        needed_vars = ['SSTATE_DIR', 'NATIVELSBSTRING', 'TCLIBC', 'TUNE_ARCH',
-                       'TOPDIR', 'TARGET_VENDOR', 'TARGET_OS']
-        bb_vars = get_bb_vars(needed_vars)
-        self.sstate_path = bb_vars['SSTATE_DIR']
-        self.hostdistro = bb_vars['NATIVELSBSTRING']
-        self.tclibc = bb_vars['TCLIBC']
-        self.tune_arch = bb_vars['TUNE_ARCH']
-        self.topdir = bb_vars['TOPDIR']
-        self.target_vendor = bb_vars['TARGET_VENDOR']
-        self.target_os = bb_vars['TARGET_OS']
-        self.distro_specific_sstate = os.path.join(self.sstate_path, self.hostdistro)
-
-    # Creates a special sstate configuration with the option to add sstate mirrors
-    def config_sstate(self, temp_sstate_location=False, add_local_mirrors=[]):
-        self.temp_sstate_location = temp_sstate_location
-
-        if self.temp_sstate_location:
-            temp_sstate_path = os.path.join(self.builddir, "temp_sstate_%s" % datetime.datetime.now().strftime('%Y%m%d%H%M%S'))
-            config_temp_sstate = "SSTATE_DIR = \"%s\"" % temp_sstate_path
-            self.append_config(config_temp_sstate)
-            self.track_for_cleanup(temp_sstate_path)
-        bb_vars = get_bb_vars(['SSTATE_DIR', 'NATIVELSBSTRING'])
-        self.sstate_path = bb_vars['SSTATE_DIR']
-        self.hostdistro = bb_vars['NATIVELSBSTRING']
-        self.distro_specific_sstate = os.path.join(self.sstate_path, self.hostdistro)
-
-        if add_local_mirrors:
-            config_set_sstate_if_not_set = 'SSTATE_MIRRORS ?= ""'
-            self.append_config(config_set_sstate_if_not_set)
-            for local_mirror in add_local_mirrors:
-                self.assertFalse(os.path.join(local_mirror) == os.path.join(self.sstate_path), msg='Cannot add the current sstate path as a sstate mirror')
-                config_sstate_mirror = "SSTATE_MIRRORS += \"file://.* file:///%s/PATH\"" % local_mirror
-                self.append_config(config_sstate_mirror)
-
-    # Returns a list containing sstate files
-    def search_sstate(self, filename_regex, distro_specific=True, distro_nonspecific=True):
-        result = []
-        for root, dirs, files in os.walk(self.sstate_path):
-            if distro_specific and re.search(r"%s/%s/[a-z0-9]{2}/[a-z0-9]{2}$" % (self.sstate_path, self.hostdistro), root):
-                for f in files:
-                    if re.search(filename_regex, f):
-                        result.append(f)
-            if distro_nonspecific and re.search(r"%s/[a-z0-9]{2}/[a-z0-9]{2}$" % self.sstate_path, root):
-                for f in files:
-                    if re.search(filename_regex, f):
-                        result.append(f)
-        return result
diff --git a/meta/lib/oeqa/selftest/cases/sstatetests.py b/meta/lib/oeqa/selftest/cases/sstatetests.py
index c46e8ba489..08f94b168a 100644
--- a/meta/lib/oeqa/selftest/cases/sstatetests.py
+++ b/meta/lib/oeqa/selftest/cases/sstatetests.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -7,17 +9,205 @@ import shutil
 import glob
 import subprocess
 import tempfile
+import datetime
+import re
 
+from oeqa.utils.commands import runCmd, bitbake, get_bb_var, create_temp_layer, get_bb_vars
 from oeqa.selftest.case import OESelftestTestCase
-from oeqa.utils.commands import runCmd, bitbake, get_bb_var, get_test_layer, create_temp_layer
-from oeqa.selftest.cases.sstate import SStateBase
+from oeqa.core.decorator import OETestTag
 
+import oe
 import bb.siggen
 
+# Set to True to preserve stamp files after test execution for debugging failures
+keep_temp_files = False
+
+class SStateBase(OESelftestTestCase):
+
+    def setUpLocal(self):
+        super(SStateBase, self).setUpLocal()
+        self.temp_sstate_location = None
+        needed_vars = ['SSTATE_DIR', 'TCLIBC', 'TUNE_ARCH',
+                       'TOPDIR', 'TARGET_VENDOR', 'TARGET_OS']
+        bb_vars = get_bb_vars(needed_vars)
+        self.sstate_path = bb_vars['SSTATE_DIR']
+        self.tclibc = bb_vars['TCLIBC']
+        self.tune_arch = bb_vars['TUNE_ARCH']
+        self.topdir = bb_vars['TOPDIR']
+        self.target_vendor = bb_vars['TARGET_VENDOR']
+        self.target_os = bb_vars['TARGET_OS']
+
+    def track_for_cleanup(self, path):
+        if not keep_temp_files:
+            super().track_for_cleanup(path)
+
+    # Creates a special sstate configuration with the option to add sstate mirrors
+    def config_sstate(self, temp_sstate_location=False, add_local_mirrors=[]):
+        self.temp_sstate_location = temp_sstate_location
+
+        if self.temp_sstate_location:
+            temp_sstate_path = os.path.join(self.builddir, "temp_sstate_%s" % datetime.datetime.now().strftime('%Y%m%d%H%M%S'))
+            config_temp_sstate = "SSTATE_DIR = \"%s\"" % temp_sstate_path
+            self.append_config(config_temp_sstate)
+            self.track_for_cleanup(temp_sstate_path)
+        self.sstate_path = get_bb_var('SSTATE_DIR')
+
+        if add_local_mirrors:
+            config_set_sstate_if_not_set = 'SSTATE_MIRRORS ?= ""'
+            self.append_config(config_set_sstate_if_not_set)
+            for local_mirror in add_local_mirrors:
+                self.assertFalse(os.path.join(local_mirror) == os.path.join(self.sstate_path), msg='Cannot add the current sstate path as a sstate mirror')
+                config_sstate_mirror = "SSTATE_MIRRORS += \"file://.* file:///%s/PATH\"" % local_mirror
+                self.append_config(config_sstate_mirror)
+
+    def set_hostdistro(self):
+        # This needs to be read after a BuildStarted event in case it gets changed by event
+        # handling in uninative.bbclass
+        self.hostdistro = get_bb_var('NATIVELSBSTRING')
+        self.distro_specific_sstate = os.path.join(self.sstate_path, self.hostdistro)
+
+    # Returns a list containing sstate files
+    def search_sstate(self, filename_regex, distro_specific=True, distro_nonspecific=True):
+        self.set_hostdistro()
+
+        result = []
+        for root, dirs, files in os.walk(self.sstate_path):
+            if distro_specific and re.search(r"%s/%s/[a-z0-9]{2}/[a-z0-9]{2}$" % (self.sstate_path, self.hostdistro), root):
+                for f in files:
+                    if re.search(filename_regex, f):
+                        result.append(f)
+            if distro_nonspecific and re.search(r"%s/[a-z0-9]{2}/[a-z0-9]{2}$" % self.sstate_path, root):
+                for f in files:
+                    if re.search(filename_regex, f):
+                        result.append(f)
+        return result
+
+    # Test sstate files creation and their location and directory perms
+    def run_test_sstate_creation(self, targets, hostdistro_specific):
+        self.config_sstate(True, [self.sstate_path])
+
+        bitbake(['-cclean'] + targets)
+
+        # Set it to a umask we know will be 'wrong'
+        with bb.utils.umask(0o022):
+            bitbake(targets)
+
+        # Distro specific files
+        distro_specific_files = self.search_sstate('|'.join(map(str, targets)), True, False)
+
+        # Distro non-specific
+        distro_non_specific_files = []
+        results = self.search_sstate('|'.join(map(str, targets)), False, True)
+        for r in results:
+            if r.endswith(("_populate_lic.tar.zst", "_populate_lic.tar.zst.siginfo", "_fetch.tar.zst.siginfo", "_unpack.tar.zst.siginfo", "_patch.tar.zst.siginfo")):
+                continue
+            distro_non_specific_files.append(r)
+
+        if hostdistro_specific:
+            self.assertTrue(distro_specific_files , msg="Could not find sstate files for: %s" % ', '.join(map(str, targets)))
+            self.assertFalse(distro_non_specific_files, msg="Found sstate files in the wrong place for: %s (found %s)" % (', '.join(map(str, targets)), str(distro_non_specific_files)))
+        else:
+            self.assertTrue(distro_non_specific_files , msg="Could not find sstate files for: %s" % ', '.join(map(str, targets)))
+            self.assertFalse(distro_specific_files, msg="Found sstate files in the wrong place for: %s (found %s)" % (', '.join(map(str, targets)), str(distro_specific_files)))
+
+        # Now we'll walk the tree to check the mode and see if things are incorrect.
+        badperms = []
+        for root, dirs, files in os.walk(self.sstate_path):
+            for directory in dirs:
+                mode = os.stat(os.path.join(root, directory)).st_mode & 0o777
+                if mode != 0o775:
+                    badperms.append("%s: %s vs %s" % (os.path.join(root, directory), mode, 0o775))
+
+        # Check badperms is empty
+        self.assertFalse(badperms , msg="Found sstate directories with the wrong permissions: %s (found %s)" % (', '.join(map(str, targets)), str(badperms)))
+
+    # Test the sstate files deletion part of the do_cleansstate task
+    def run_test_cleansstate_task(self, targets, distro_specific=True, distro_nonspecific=True, temp_sstate_location=True):
+        self.config_sstate(temp_sstate_location, [self.sstate_path])
+
+        bitbake(['-ccleansstate'] + targets)
+
+        bitbake(targets)
+        archives_created = self.search_sstate('|'.join(map(str, [s + r'.*?\.tar.zst$' for s in targets])), distro_specific, distro_nonspecific)
+        self.assertTrue(archives_created, msg="Could not find sstate .tar.zst files for: %s (%s)" % (', '.join(map(str, targets)), str(archives_created)))
+
+        siginfo_created = self.search_sstate('|'.join(map(str, [s + r'.*?\.siginfo$' for s in targets])), distro_specific, distro_nonspecific)
+        self.assertTrue(siginfo_created, msg="Could not find sstate .siginfo files for: %s (%s)" % (', '.join(map(str, targets)), str(siginfo_created)))
+
+        bitbake(['-ccleansstate'] + targets)
+        archives_removed = self.search_sstate('|'.join(map(str, [s + r'.*?\.tar.zst$' for s in targets])), distro_specific, distro_nonspecific)
+        self.assertTrue(not archives_removed, msg="do_cleansstate didn't remove .tar.zst sstate files for: %s (%s)" % (', '.join(map(str, targets)), str(archives_removed)))
+
+    # Test rebuilding of distro-specific sstate files
+    def run_test_rebuild_distro_specific_sstate(self, targets, temp_sstate_location=True):
+        self.config_sstate(temp_sstate_location, [self.sstate_path])
+
+        bitbake(['-ccleansstate'] + targets)
+
+        self.set_hostdistro()
+
+        bitbake(targets)
+        results = self.search_sstate('|'.join(map(str, [s + r'.*?\.tar.zst$' for s in targets])), distro_specific=False, distro_nonspecific=True)
+        filtered_results = []
+        for r in results:
+            if r.endswith(("_populate_lic.tar.zst", "_populate_lic.tar.zst.siginfo")):
+                continue
+            filtered_results.append(r)
+        self.assertTrue(filtered_results == [], msg="Found distro non-specific sstate for: %s (%s)" % (', '.join(map(str, targets)), str(filtered_results)))
+        file_tracker_1 = self.search_sstate('|'.join(map(str, [s + r'.*?\.tar.zst$' for s in targets])), distro_specific=True, distro_nonspecific=False)
+        self.assertTrue(len(file_tracker_1) >= len(targets), msg = "Not all sstate files were created for: %s" % ', '.join(map(str, targets)))
+
+        self.track_for_cleanup(self.distro_specific_sstate + "_old")
+        shutil.copytree(self.distro_specific_sstate, self.distro_specific_sstate + "_old")
+        shutil.rmtree(self.distro_specific_sstate)
+
+        bitbake(['-cclean'] + targets)
+        bitbake(targets)
+        file_tracker_2 = self.search_sstate('|'.join(map(str, [s + r'.*?\.tar.zst$' for s in targets])), distro_specific=True, distro_nonspecific=False)
+        self.assertTrue(len(file_tracker_2) >= len(targets), msg = "Not all sstate files were created for: %s" % ', '.join(map(str, targets)))
+
+        not_recreated = [x for x in file_tracker_1 if x not in file_tracker_2]
+        self.assertTrue(not_recreated == [], msg="The following sstate files were not recreated: %s" % ', '.join(map(str, not_recreated)))
+
+        created_once = [x for x in file_tracker_2 if x not in file_tracker_1]
+        self.assertTrue(created_once == [], msg="The following sstate files were created only in the second run: %s" % ', '.join(map(str, created_once)))
+
+    def sstate_common_samesigs(self, configA, configB, allarch=False):
+
+        self.write_config(configA)
+        self.track_for_cleanup(self.topdir + "/tmp-sstatesamehash")
+        bitbake("world meta-toolchain -S none")
+        self.write_config(configB)
+        self.track_for_cleanup(self.topdir + "/tmp-sstatesamehash2")
+        bitbake("world meta-toolchain -S none")
+
+        def get_files(d, result):
+            for root, dirs, files in os.walk(d):
+                for name in files:
+                    if "meta-environment" in root or "cross-canadian" in root:
+                        continue
+                    if "do_build" not in name:
+                        # 1.4.1+gitAUTOINC+302fca9f4c-r0.do_package_write_ipk.sigdata.f3a2a38697da743f0dbed8b56aafcf79
+                        (_, task, _, shash) = name.rsplit(".", 3)
+                        result[os.path.join(os.path.basename(root), task)] = shash
+
+        files1 = {}
+        files2 = {}
+        subdirs = sorted(glob.glob(self.topdir + "/tmp-sstatesamehash/stamps/*-nativesdk*-linux"))
+        if allarch:
+            subdirs.extend(sorted(glob.glob(self.topdir + "/tmp-sstatesamehash/stamps/all-*-linux")))
+
+        for subdir in subdirs:
+            nativesdkdir = os.path.basename(subdir)
+            get_files(self.topdir + "/tmp-sstatesamehash/stamps/" + nativesdkdir, files1)
+            get_files(self.topdir + "/tmp-sstatesamehash2/stamps/" + nativesdkdir, files2)
+
+        self.maxDiff = None
+        self.assertEqual(files1, files2)
+
 class SStateTests(SStateBase):
     def test_autorev_sstate_works(self):
         # Test that a git repository which changes is correctly handled by SRCREV = ${AUTOREV}
-        # when PV does not contain SRCPV
 
         tempdir = tempfile.mkdtemp(prefix='sstate_autorev')
         tempdldir = tempfile.mkdtemp(prefix='sstate_autorev_dldir')
@@ -39,7 +229,7 @@ class SStateTests(SStateBase):
 
         recipefile = os.path.join(tempdir, "recipes-test", "dbus-wait-test", 'dbus-wait-test_git.bb')
         os.makedirs(os.path.dirname(recipefile))
-        srcuri = 'git://' + srcdir + ';protocol=file'
+        srcuri = 'git://' + srcdir + ';protocol=file;branch=master'
         result = runCmd(['recipetool', 'create', '-o', recipefile, srcuri])
         self.assertTrue(os.path.isfile(recipefile), 'recipetool did not create recipe file; output:\n%s' % result.output)
 
@@ -53,61 +243,14 @@ class SStateTests(SStateBase):
         result = runCmd('git add bar.txt; git commit -asm "add bar"', cwd=srcdir)
         bitbake("dbus-wait-test -c unpack")
 
+class SStateCreation(SStateBase):
+    def test_sstate_creation_distro_specific(self):
+        self.run_test_sstate_creation(['binutils-cross-'+ self.tune_arch, 'binutils-native'], hostdistro_specific=True)
 
-    # Test sstate files creation and their location
-    def run_test_sstate_creation(self, targets, distro_specific=True, distro_nonspecific=True, temp_sstate_location=True, should_pass=True):
-        self.config_sstate(temp_sstate_location, [self.sstate_path])
-
-        if  self.temp_sstate_location:
-            bitbake(['-cclean'] + targets)
-        else:
-            bitbake(['-ccleansstate'] + targets)
-
-        bitbake(targets)
-        file_tracker = []
-        results = self.search_sstate('|'.join(map(str, targets)), distro_specific, distro_nonspecific)
-        if distro_nonspecific:
-            for r in results:
-                if r.endswith(("_populate_lic.tgz", "_populate_lic.tgz.siginfo", "_fetch.tgz.siginfo", "_unpack.tgz.siginfo", "_patch.tgz.siginfo")):
-                    continue
-                file_tracker.append(r)
-        else:
-            file_tracker = results
-
-        if should_pass:
-            self.assertTrue(file_tracker , msg="Could not find sstate files for: %s" % ', '.join(map(str, targets)))
-        else:
-            self.assertTrue(not file_tracker , msg="Found sstate files in the wrong place for: %s (found %s)" % (', '.join(map(str, targets)), str(file_tracker)))
-
-    def test_sstate_creation_distro_specific_pass(self):
-        self.run_test_sstate_creation(['binutils-cross-'+ self.tune_arch, 'binutils-native'], distro_specific=True, distro_nonspecific=False, temp_sstate_location=True)
-
-    def test_sstate_creation_distro_specific_fail(self):
-        self.run_test_sstate_creation(['binutils-cross-'+ self.tune_arch, 'binutils-native'], distro_specific=False, distro_nonspecific=True, temp_sstate_location=True, should_pass=False)
-
-    def test_sstate_creation_distro_nonspecific_pass(self):
-        self.run_test_sstate_creation(['linux-libc-headers'], distro_specific=False, distro_nonspecific=True, temp_sstate_location=True)
-
-    def test_sstate_creation_distro_nonspecific_fail(self):
-        self.run_test_sstate_creation(['linux-libc-headers'], distro_specific=True, distro_nonspecific=False, temp_sstate_location=True, should_pass=False)
-
-    # Test the sstate files deletion part of the do_cleansstate task
-    def run_test_cleansstate_task(self, targets, distro_specific=True, distro_nonspecific=True, temp_sstate_location=True):
-        self.config_sstate(temp_sstate_location, [self.sstate_path])
-
-        bitbake(['-ccleansstate'] + targets)
-
-        bitbake(targets)
-        tgz_created = self.search_sstate('|'.join(map(str, [s + r'.*?\.tgz$' for s in targets])), distro_specific, distro_nonspecific)
-        self.assertTrue(tgz_created, msg="Could not find sstate .tgz files for: %s (%s)" % (', '.join(map(str, targets)), str(tgz_created)))
-
-        siginfo_created = self.search_sstate('|'.join(map(str, [s + r'.*?\.siginfo$' for s in targets])), distro_specific, distro_nonspecific)
-        self.assertTrue(siginfo_created, msg="Could not find sstate .siginfo files for: %s (%s)" % (', '.join(map(str, targets)), str(siginfo_created)))
-
-        bitbake(['-ccleansstate'] + targets)
-        tgz_removed = self.search_sstate('|'.join(map(str, [s + r'.*?\.tgz$' for s in targets])), distro_specific, distro_nonspecific)
-        self.assertTrue(not tgz_removed, msg="do_cleansstate didn't remove .tgz sstate files for: %s (%s)" % (', '.join(map(str, targets)), str(tgz_removed)))
+    def test_sstate_creation_distro_nonspecific(self):
+        self.run_test_sstate_creation(['linux-libc-headers'], hostdistro_specific=False)
 
+class SStateCleanup(SStateBase):
     def test_cleansstate_task_distro_specific_nonspecific(self):
         targets = ['binutils-cross-'+ self.tune_arch, 'binutils-native']
         targets.append('linux-libc-headers')
@@ -121,39 +264,7 @@ class SStateTests(SStateBase):
         targets.append('linux-libc-headers')
         self.run_test_cleansstate_task(targets, distro_specific=True, distro_nonspecific=False, temp_sstate_location=True)
 
-
-    # Test rebuilding of distro-specific sstate files
-    def run_test_rebuild_distro_specific_sstate(self, targets, temp_sstate_location=True):
-        self.config_sstate(temp_sstate_location, [self.sstate_path])
-
-        bitbake(['-ccleansstate'] + targets)
-
-        bitbake(targets)
-        results = self.search_sstate('|'.join(map(str, [s + r'.*?\.tgz$' for s in targets])), distro_specific=False, distro_nonspecific=True)
-        filtered_results = []
-        for r in results:
-            if r.endswith(("_populate_lic.tgz", "_populate_lic.tgz.siginfo")):
-                continue
-            filtered_results.append(r)
-        self.assertTrue(filtered_results == [], msg="Found distro non-specific sstate for: %s (%s)" % (', '.join(map(str, targets)), str(filtered_results)))
-        file_tracker_1 = self.search_sstate('|'.join(map(str, [s + r'.*?\.tgz$' for s in targets])), distro_specific=True, distro_nonspecific=False)
-        self.assertTrue(len(file_tracker_1) >= len(targets), msg = "Not all sstate files ware created for: %s" % ', '.join(map(str, targets)))
-
-        self.track_for_cleanup(self.distro_specific_sstate + "_old")
-        shutil.copytree(self.distro_specific_sstate, self.distro_specific_sstate + "_old")
-        shutil.rmtree(self.distro_specific_sstate)
-
-        bitbake(['-cclean'] + targets)
-        bitbake(targets)
-        file_tracker_2 = self.search_sstate('|'.join(map(str, [s + r'.*?\.tgz$' for s in targets])), distro_specific=True, distro_nonspecific=False)
-        self.assertTrue(len(file_tracker_2) >= len(targets), msg = "Not all sstate files ware created for: %s" % ', '.join(map(str, targets)))
-
-        not_recreated = [x for x in file_tracker_1 if x not in file_tracker_2]
-        self.assertTrue(not_recreated == [], msg="The following sstate files ware not recreated: %s" % ', '.join(map(str, not_recreated)))
-
-        created_once = [x for x in file_tracker_2 if x not in file_tracker_1]
-        self.assertTrue(created_once == [], msg="The following sstate files ware created only in the second run: %s" % ', '.join(map(str, created_once)))
-
+class SStateDistroTests(SStateBase):
     def test_rebuild_distro_specific_sstate_cross_native_targets(self):
         self.run_test_rebuild_distro_specific_sstate(['binutils-cross-' + self.tune_arch, 'binutils-native'], temp_sstate_location=True)
 
@@ -163,48 +274,48 @@ class SStateTests(SStateBase):
     def test_rebuild_distro_specific_sstate_native_target(self):
         self.run_test_rebuild_distro_specific_sstate(['binutils-native'], temp_sstate_location=True)
 
-
+class SStateCacheManagement(SStateBase):
     # Test the sstate-cache-management script. Each element in the global_config list is used with the corresponding element in the target_config list
-    # global_config elements are expected to not generate any sstate files that would be removed by sstate-cache-management.sh (such as changing the value of MACHINE)
+    # global_config elements are expected to not generate any sstate files that would be removed by sstate-cache-management.py (such as changing the value of MACHINE)
     def run_test_sstate_cache_management_script(self, target, global_config=[''], target_config=[''], ignore_patterns=[]):
         self.assertTrue(global_config)
         self.assertTrue(target_config)
         self.assertTrue(len(global_config) == len(target_config), msg='Lists global_config and target_config should have the same number of elements')
-        self.config_sstate(temp_sstate_location=True, add_local_mirrors=[self.sstate_path])
 
-        # If buildhistory is enabled, we need to disable version-going-backwards
-        # QA checks for this test. It may report errors otherwise.
-        self.append_config('ERROR_QA_remove = "version-going-backwards"')
+        for idx in range(len(target_config)):
+            self.append_config(global_config[idx])
+            self.append_recipeinc(target, target_config[idx])
+            bitbake(target)
+            self.remove_config(global_config[idx])
+            self.remove_recipeinc(target, target_config[idx])
 
-        # For not this only checks if random sstate tasks are handled correctly as a group.
+        self.config_sstate(temp_sstate_location=True, add_local_mirrors=[self.sstate_path])
+
+        # For now this only checks if random sstate tasks are handled correctly as a group.
         # In the future we should add control over what tasks we check for.
 
-        sstate_archs_list = []
         expected_remaining_sstate = []
         for idx in range(len(target_config)):
             self.append_config(global_config[idx])
             self.append_recipeinc(target, target_config[idx])
-            sstate_arch = get_bb_var('SSTATE_PKGARCH', target)
-            if not sstate_arch in sstate_archs_list:
-                sstate_archs_list.append(sstate_arch)
             if target_config[idx] == target_config[-1]:
-                target_sstate_before_build = self.search_sstate(target + r'.*?\.tgz$')
+                target_sstate_before_build = self.search_sstate(target + r'.*?\.tar.zst$')
             bitbake("-cclean %s" % target)
             result = bitbake(target, ignore_status=True)
             if target_config[idx] == target_config[-1]:
-                target_sstate_after_build = self.search_sstate(target + r'.*?\.tgz$')
+                target_sstate_after_build = self.search_sstate(target + r'.*?\.tar.zst$')
                 expected_remaining_sstate += [x for x in target_sstate_after_build if x not in target_sstate_before_build if not any(pattern in x for pattern in ignore_patterns)]
             self.remove_config(global_config[idx])
             self.remove_recipeinc(target, target_config[idx])
             self.assertEqual(result.status, 0, msg = "build of %s failed with %s" % (target, result.output))
 
-        runCmd("sstate-cache-management.sh -y --cache-dir=%s --remove-duplicated --extra-archs=%s" % (self.sstate_path, ','.join(map(str, sstate_archs_list))))
-        actual_remaining_sstate = [x for x in self.search_sstate(target + r'.*?\.tgz$') if not any(pattern in x for pattern in ignore_patterns)]
+        runCmd("sstate-cache-management.py -y --cache-dir=%s --remove-duplicated" % (self.sstate_path))
+        actual_remaining_sstate = [x for x in self.search_sstate(target + r'.*?\.tar.zst$') if not any(pattern in x for pattern in ignore_patterns)]
 
         actual_not_expected = [x for x in actual_remaining_sstate if x not in expected_remaining_sstate]
-        self.assertFalse(actual_not_expected, msg="Files should have been removed but ware not: %s" % ', '.join(map(str, actual_not_expected)))
+        self.assertFalse(actual_not_expected, msg="Files should have been removed but were not: %s" % ', '.join(map(str, actual_not_expected)))
         expected_not_actual = [x for x in expected_remaining_sstate if x not in actual_remaining_sstate]
-        self.assertFalse(expected_not_actual, msg="Extra files ware removed: %s" ', '.join(map(str, expected_not_actual)))
+        self.assertFalse(expected_not_actual, msg="Extra files were removed: %s" ', '.join(map(str, expected_not_actual)))
 
     def test_sstate_cache_management_script_using_pr_1(self):
         global_config = []
@@ -242,18 +353,12 @@ class SStateTests(SStateBase):
         target_config.append('')
         self.run_test_sstate_cache_management_script('m4', global_config,  target_config, ignore_patterns=['populate_lic'])
 
-    def test_sstate_32_64_same_hash(self):
-        """
-        The sstate checksums for both native and target should not vary whether
-        they're built on a 32 or 64 bit system. Rather than requiring two different
-        build machines and running a builds, override the variables calling uname()
-        manually and check using bitbake -S.
-        """
+class SStateHashSameSigs(SStateBase):
+    def sstate_hashtest(self, sdkmachine):
 
         self.write_config("""
 MACHINE = "qemux86"
 TMPDIR = "${TOPDIR}/tmp-sstatesamehash"
-TCLIBCAPPEND = ""
 BUILD_ARCH = "x86_64"
 BUILD_OS = "linux"
 SDKMACHINE = "x86_64"
@@ -261,24 +366,23 @@ PACKAGE_CLASSES = "package_rpm package_ipk package_deb"
 BB_SIGNATURE_HANDLER = "OEBasicHash"
 """)
         self.track_for_cleanup(self.topdir + "/tmp-sstatesamehash")
-        bitbake("core-image-sato -S none")
+        bitbake("core-image-weston -S none")
         self.write_config("""
 MACHINE = "qemux86"
 TMPDIR = "${TOPDIR}/tmp-sstatesamehash2"
-TCLIBCAPPEND = ""
 BUILD_ARCH = "i686"
 BUILD_OS = "linux"
-SDKMACHINE = "i686"
+SDKMACHINE = "%s"
 PACKAGE_CLASSES = "package_rpm package_ipk package_deb"
 BB_SIGNATURE_HANDLER = "OEBasicHash"
-""")
+""" % sdkmachine)
         self.track_for_cleanup(self.topdir + "/tmp-sstatesamehash2")
-        bitbake("core-image-sato -S none")
+        bitbake("core-image-weston -S none")
 
         def get_files(d):
             f = []
             for root, dirs, files in os.walk(d):
-                if "core-image-sato" in root:
+                if "core-image-weston" in root:
                     # SDKMACHINE changing will change
                     # do_rootfs/do_testimage/do_build stamps of images which
                     # is safe to ignore.
@@ -291,6 +395,20 @@ BB_SIGNATURE_HANDLER = "OEBasicHash"
         self.maxDiff = None
         self.assertCountEqual(files1, files2)
 
+    def test_sstate_32_64_same_hash(self):
+        """
+        The sstate checksums for both native and target should not vary whether
+        they're built on a 32 or 64 bit system. Rather than requiring two different
+        build machines and running a builds, override the variables calling uname()
+        manually and check using bitbake -S.
+        """
+        self.sstate_hashtest("i686")
+
+    def test_sstate_sdk_arch_same_hash(self):
+        """
+        Similarly, test an arm SDK has the same hashes
+        """
+        self.sstate_hashtest("aarch64")
 
     def test_sstate_nativelsbstring_same_hash(self):
         """
@@ -301,20 +419,18 @@ BB_SIGNATURE_HANDLER = "OEBasicHash"
 
         self.write_config("""
 TMPDIR = \"${TOPDIR}/tmp-sstatesamehash\"
-TCLIBCAPPEND = \"\"
 NATIVELSBSTRING = \"DistroA\"
 BB_SIGNATURE_HANDLER = "OEBasicHash"
 """)
         self.track_for_cleanup(self.topdir + "/tmp-sstatesamehash")
-        bitbake("core-image-sato -S none")
+        bitbake("core-image-weston -S none")
         self.write_config("""
 TMPDIR = \"${TOPDIR}/tmp-sstatesamehash2\"
-TCLIBCAPPEND = \"\"
 NATIVELSBSTRING = \"DistroB\"
 BB_SIGNATURE_HANDLER = "OEBasicHash"
 """)
         self.track_for_cleanup(self.topdir + "/tmp-sstatesamehash2")
-        bitbake("core-image-sato -S none")
+        bitbake("core-image-weston -S none")
 
         def get_files(d):
             f = []
@@ -327,6 +443,7 @@ BB_SIGNATURE_HANDLER = "OEBasicHash"
         self.maxDiff = None
         self.assertCountEqual(files1, files2)
 
+class SStateHashSameSigs2(SStateBase):
     def test_sstate_allarch_samesigs(self):
         """
         The sstate checksums of allarch packages should be independent of whichever
@@ -337,17 +454,19 @@ BB_SIGNATURE_HANDLER = "OEBasicHash"
 
         configA = """
 TMPDIR = \"${TOPDIR}/tmp-sstatesamehash\"
-TCLIBCAPPEND = \"\"
 MACHINE = \"qemux86-64\"
 BB_SIGNATURE_HANDLER = "OEBasicHash"
 """
+        #OLDEST_KERNEL is arch specific so set to a different value here for testing
         configB = """
 TMPDIR = \"${TOPDIR}/tmp-sstatesamehash2\"
-TCLIBCAPPEND = \"\"
 MACHINE = \"qemuarm\"
+OLDEST_KERNEL = \"3.3.0\"
 BB_SIGNATURE_HANDLER = "OEBasicHash"
+ERROR_QA:append = " somenewoption"
+WARN_QA:append = " someotheroption"
 """
-        self.sstate_allarch_samesigs(configA, configB)
+        self.sstate_common_samesigs(configA, configB, allarch=True)
 
     def test_sstate_nativesdk_samesigs_multilib(self):
         """
@@ -356,51 +475,22 @@ BB_SIGNATURE_HANDLER = "OEBasicHash"
 
         configA = """
 TMPDIR = \"${TOPDIR}/tmp-sstatesamehash\"
-TCLIBCAPPEND = \"\"
 MACHINE = \"qemux86-64\"
 require conf/multilib.conf
 MULTILIBS = \"multilib:lib32\"
-DEFAULTTUNE_virtclass-multilib-lib32 = \"x86\"
+DEFAULTTUNE:virtclass-multilib-lib32 = \"x86\"
 BB_SIGNATURE_HANDLER = "OEBasicHash"
 """
         configB = """
 TMPDIR = \"${TOPDIR}/tmp-sstatesamehash2\"
-TCLIBCAPPEND = \"\"
 MACHINE = \"qemuarm\"
 require conf/multilib.conf
 MULTILIBS = \"\"
 BB_SIGNATURE_HANDLER = "OEBasicHash"
 """
-        self.sstate_allarch_samesigs(configA, configB)
-
-    def sstate_allarch_samesigs(self, configA, configB):
-
-        self.write_config(configA)
-        self.track_for_cleanup(self.topdir + "/tmp-sstatesamehash")
-        bitbake("world meta-toolchain -S none")
-        self.write_config(configB)
-        self.track_for_cleanup(self.topdir + "/tmp-sstatesamehash2")
-        bitbake("world meta-toolchain -S none")
-
-        def get_files(d):
-            f = {}
-            for root, dirs, files in os.walk(d):
-                for name in files:
-                    if "meta-environment" in root or "cross-canadian" in root:
-                        continue
-                    if "do_build" not in name:
-                        # 1.4.1+gitAUTOINC+302fca9f4c-r0.do_package_write_ipk.sigdata.f3a2a38697da743f0dbed8b56aafcf79
-                        (_, task, _, shash) = name.rsplit(".", 3)
-                        f[os.path.join(os.path.basename(root), task)] = shash
-            return f
-
-        nativesdkdir = os.path.basename(glob.glob(self.topdir + "/tmp-sstatesamehash/stamps/*-nativesdk*-linux")[0])
-
-        files1 = get_files(self.topdir + "/tmp-sstatesamehash/stamps/" + nativesdkdir)
-        files2 = get_files(self.topdir + "/tmp-sstatesamehash2/stamps/" + nativesdkdir)
-        self.maxDiff = None
-        self.assertEqual(files1, files2)
+        self.sstate_common_samesigs(configA, configB)
 
+class SStateHashSameSigs3(SStateBase):
     def test_sstate_sametune_samesigs(self):
         """
         The sstate checksums of two identical machines (using the same tune) should be the
@@ -410,22 +500,20 @@ BB_SIGNATURE_HANDLER = "OEBasicHash"
 
         self.write_config("""
 TMPDIR = \"${TOPDIR}/tmp-sstatesamehash\"
-TCLIBCAPPEND = \"\"
 MACHINE = \"qemux86\"
 require conf/multilib.conf
 MULTILIBS = "multilib:lib32"
-DEFAULTTUNE_virtclass-multilib-lib32 = "x86"
+DEFAULTTUNE:virtclass-multilib-lib32 = "x86"
 BB_SIGNATURE_HANDLER = "OEBasicHash"
 """)
         self.track_for_cleanup(self.topdir + "/tmp-sstatesamehash")
         bitbake("world meta-toolchain -S none")
         self.write_config("""
 TMPDIR = \"${TOPDIR}/tmp-sstatesamehash2\"
-TCLIBCAPPEND = \"\"
 MACHINE = \"qemux86copy\"
 require conf/multilib.conf
 MULTILIBS = "multilib:lib32"
-DEFAULTTUNE_virtclass-multilib-lib32 = "x86"
+DEFAULTTUNE:virtclass-multilib-lib32 = "x86"
 BB_SIGNATURE_HANDLER = "OEBasicHash"
 """)
         self.track_for_cleanup(self.topdir + "/tmp-sstatesamehash2")
@@ -435,7 +523,7 @@ BB_SIGNATURE_HANDLER = "OEBasicHash"
             f = []
             for root, dirs, files in os.walk(d):
                 for name in files:
-                    if "meta-environment" in root or "cross-canadian" in root:
+                    if "meta-environment" in root or "cross-canadian" in root or 'meta-ide-support' in root:
                         continue
                     if "qemux86copy-" in root or "qemux86-" in root:
                         continue
@@ -458,18 +546,16 @@ BB_SIGNATURE_HANDLER = "OEBasicHash"
 
         self.write_config("""
 TMPDIR = \"${TOPDIR}/tmp-sstatesamehash\"
-TCLIBCAPPEND = \"\"
 MACHINE = \"qemux86\"
 require conf/multilib.conf
 MULTILIBS = "multilib:lib32"
-DEFAULTTUNE_virtclass-multilib-lib32 = "x86"
+DEFAULTTUNE:virtclass-multilib-lib32 = "x86"
 BB_SIGNATURE_HANDLER = "OEBasicHash"
 """)
         self.track_for_cleanup(self.topdir + "/tmp-sstatesamehash")
         bitbake("binutils-native  -S none")
         self.write_config("""
 TMPDIR = \"${TOPDIR}/tmp-sstatesamehash2\"
-TCLIBCAPPEND = \"\"
 MACHINE = \"qemux86copy\"
 BB_SIGNATURE_HANDLER = "OEBasicHash"
 """)
@@ -488,7 +574,7 @@ BB_SIGNATURE_HANDLER = "OEBasicHash"
         self.maxDiff = None
         self.assertCountEqual(files1, files2)
 
-
+class SStateHashSameSigs4(SStateBase):
     def test_sstate_noop_samesigs(self):
         """
         The sstate checksums of two builds with these variables changed or
@@ -497,13 +583,12 @@ BB_SIGNATURE_HANDLER = "OEBasicHash"
 
         self.write_config("""
 TMPDIR = "${TOPDIR}/tmp-sstatesamehash"
-TCLIBCAPPEND = ""
 BB_NUMBER_THREADS = "${@oe.utils.cpu_count()}"
 PARALLEL_MAKE = "-j 1"
 DL_DIR = "${TOPDIR}/download1"
 TIME = "111111"
 DATE = "20161111"
-INHERIT_remove = "buildstats-summary buildhistory uninative"
+INHERIT:remove = "buildstats-summary buildhistory uninative"
 http_proxy = ""
 BB_SIGNATURE_HANDLER = "OEBasicHash"
 """)
@@ -512,14 +597,13 @@ BB_SIGNATURE_HANDLER = "OEBasicHash"
         bitbake("world meta-toolchain -S none")
         self.write_config("""
 TMPDIR = "${TOPDIR}/tmp-sstatesamehash2"
-TCLIBCAPPEND = ""
 BB_NUMBER_THREADS = "${@oe.utils.cpu_count()+1}"
 PARALLEL_MAKE = "-j 2"
 DL_DIR = "${TOPDIR}/download2"
 TIME = "222222"
 DATE = "20161212"
 # Always remove uninative as we're changing proxies
-INHERIT_remove = "uninative"
+INHERIT:remove = "uninative"
 INHERIT += "buildstats-summary buildhistory"
 http_proxy = "http://example.com/"
 BB_SIGNATURE_HANDLER = "OEBasicHash"
@@ -573,3 +657,334 @@ BB_SIGNATURE_HANDLER = "OEBasicHash"
         compare_sigfiles(rest, files1, files2, compare=False)
 
         self.fail("sstate hashes not identical.")
+
+    def test_sstate_movelayer_samesigs(self):
+        """
+        The sstate checksums of two builds with the same oe-core layer in two
+        different locations should be the same.
+        """
+        core_layer = os.path.join(
+                    self.tc.td["COREBASE"], 'meta')
+        copy_layer_1 = self.topdir + "/meta-copy1/meta"
+        copy_layer_2 = self.topdir + "/meta-copy2/meta"
+
+        oe.path.copytree(core_layer, copy_layer_1)
+        os.symlink(os.path.dirname(core_layer) + "/scripts", self.topdir + "/meta-copy1/scripts")
+        self.write_config("""
+TMPDIR = "${TOPDIR}/tmp-sstatesamehash"
+""")
+        bblayers_conf = 'BBLAYERS += "%s"\nBBLAYERS:remove = "%s"' % (copy_layer_1, core_layer)
+        self.write_bblayers_config(bblayers_conf)
+        self.track_for_cleanup(self.topdir + "/tmp-sstatesamehash")
+        bitbake("bash -S none")
+
+        oe.path.copytree(core_layer, copy_layer_2)
+        os.symlink(os.path.dirname(core_layer) + "/scripts", self.topdir + "/meta-copy2/scripts")
+        self.write_config("""
+TMPDIR = "${TOPDIR}/tmp-sstatesamehash2"
+""")
+        bblayers_conf = 'BBLAYERS += "%s"\nBBLAYERS:remove = "%s"' % (copy_layer_2, core_layer)
+        self.write_bblayers_config(bblayers_conf)
+        self.track_for_cleanup(self.topdir + "/tmp-sstatesamehash2")
+        bitbake("bash -S none")
+
+        def get_files(d):
+            f = []
+            for root, dirs, files in os.walk(d):
+                for name in files:
+                    f.append(os.path.join(root, name))
+            return f
+        files1 = get_files(self.topdir + "/tmp-sstatesamehash/stamps")
+        files2 = get_files(self.topdir + "/tmp-sstatesamehash2/stamps")
+        files2 = [x.replace("tmp-sstatesamehash2", "tmp-sstatesamehash") for x in files2]
+        self.maxDiff = None
+        self.assertCountEqual(files1, files2)
+
+class SStateFindSiginfo(SStateBase):
+    def test_sstate_compare_sigfiles_and_find_siginfo(self):
+        """
+        Test the functionality of the find_siginfo: basic function and callback in compare_sigfiles
+        """
+        self.write_config("""
+TMPDIR = \"${TOPDIR}/tmp-sstates-findsiginfo\"
+MACHINE = \"qemux86-64\"
+require conf/multilib.conf
+MULTILIBS = "multilib:lib32"
+DEFAULTTUNE:virtclass-multilib-lib32 = "x86"
+BB_SIGNATURE_HANDLER = "OEBasicHash"
+""")
+        self.track_for_cleanup(self.topdir + "/tmp-sstates-findsiginfo")
+
+        pns = ["binutils", "binutils-native", "lib32-binutils"]
+        target_configs = [
+"""
+TMPVAL1 = "tmpval1"
+TMPVAL2 = "tmpval2"
+do_tmptask1() {
+    echo ${TMPVAL1}
+}
+do_tmptask2() {
+    echo ${TMPVAL2}
+}
+addtask do_tmptask1
+addtask tmptask2 before do_tmptask1
+""",
+"""
+TMPVAL3 = "tmpval3"
+TMPVAL4 = "tmpval4"
+do_tmptask1() {
+    echo ${TMPVAL3}
+}
+do_tmptask2() {
+    echo ${TMPVAL4}
+}
+addtask do_tmptask1
+addtask tmptask2 before do_tmptask1
+"""
+        ]
+
+        for target_config in target_configs:
+            self.write_recipeinc("binutils", target_config)
+            for pn in pns:
+                bitbake("%s -c do_tmptask1 -S none" % pn)
+            self.delete_recipeinc("binutils")
+
+        with bb.tinfoil.Tinfoil() as tinfoil:
+            tinfoil.prepare(config_only=True)
+
+            def find_siginfo(pn, taskname, sigs=None):
+                result = None
+                command_complete = False
+                tinfoil.set_event_mask(["bb.event.FindSigInfoResult",
+                                "bb.command.CommandCompleted"])
+                ret = tinfoil.run_command("findSigInfo", pn, taskname, sigs)
+                if ret:
+                    while result is None or not command_complete:
+                        event = tinfoil.wait_event(1)
+                        if event:
+                            if isinstance(event, bb.command.CommandCompleted):
+                                command_complete = True
+                            elif isinstance(event, bb.event.FindSigInfoResult):
+                                result = event.result
+                return result
+
+            def recursecb(key, hash1, hash2):
+                nonlocal recursecb_count
+                recursecb_count += 1
+                hashes = [hash1, hash2]
+                hashfiles = find_siginfo(key, None, hashes)
+                self.assertCountEqual(hashes, hashfiles)
+                bb.siggen.compare_sigfiles(hashfiles[hash1]['path'], hashfiles[hash2]['path'], recursecb)
+
+            for pn in pns:
+                recursecb_count = 0
+                matches = find_siginfo(pn, "do_tmptask1")
+                self.assertGreaterEqual(len(matches), 2)
+                latesthashes = sorted(matches.keys(), key=lambda h: matches[h]['time'])[-2:]
+                bb.siggen.compare_sigfiles(matches[latesthashes[-2]]['path'], matches[latesthashes[-1]]['path'], recursecb)
+                self.assertEqual(recursecb_count,1)
+
+class SStatePrintdiff(SStateBase):
+    def run_test_printdiff_changerecipe(self, target, change_recipe, change_bbtask, change_content, expected_sametmp_output, expected_difftmp_output):
+        import time
+        self.write_config("""
+TMPDIR = "${{TOPDIR}}/tmp-sstateprintdiff-sametmp-{}"
+""".format(time.time()))
+        # Use runall do_build to ensure any indirect sstate is created, e.g. tzcode-native on both x86 and
+        # aarch64 hosts since only allarch target recipes depend upon it and it may not be built otherwise.
+        # A bitbake -c cleansstate tzcode-native would cause some of these tests to error for example.
+        bitbake("--runall build --runall deploy_source_date_epoch {}".format(target))
+        bitbake("-S none {}".format(target))
+        bitbake(change_bbtask)
+        self.write_recipeinc(change_recipe, change_content)
+        result_sametmp = bitbake("-S printdiff {}".format(target))
+
+        self.write_config("""
+TMPDIR = "${{TOPDIR}}/tmp-sstateprintdiff-difftmp-{}"
+""".format(time.time()))
+        result_difftmp = bitbake("-S printdiff {}".format(target))
+
+        self.delete_recipeinc(change_recipe)
+        for item in expected_sametmp_output:
+            self.assertIn(item, result_sametmp.output, msg = "Item {} not found in output:\n{}".format(item, result_sametmp.output))
+        for item in expected_difftmp_output:
+            self.assertIn(item, result_difftmp.output, msg = "Item {} not found in output:\n{}".format(item, result_difftmp.output))
+
+    def run_test_printdiff_changeconfig(self, target, change_bbtasks, change_content, expected_sametmp_output, expected_difftmp_output):
+        import time
+        self.write_config("""
+TMPDIR = "${{TOPDIR}}/tmp-sstateprintdiff-sametmp-{}"
+""".format(time.time()))
+        bitbake("--runall build --runall deploy_source_date_epoch {}".format(target))
+        bitbake("-S none {}".format(target))
+        bitbake(" ".join(change_bbtasks))
+        self.append_config(change_content)
+        result_sametmp = bitbake("-S printdiff {}".format(target))
+
+        self.write_config("""
+TMPDIR = "${{TOPDIR}}/tmp-sstateprintdiff-difftmp-{}"
+""".format(time.time()))
+        self.append_config(change_content)
+        result_difftmp = bitbake("-S printdiff {}".format(target))
+
+        for item in expected_sametmp_output:
+            self.assertIn(item, result_sametmp.output, msg = "Item {} not found in output:\n{}".format(item, result_sametmp.output))
+        for item in expected_difftmp_output:
+            self.assertIn(item, result_difftmp.output, msg = "Item {} not found in output:\n{}".format(item, result_difftmp.output))
+
+
+    # Check if printdiff walks the full dependency chain from the image target to where the change is in a specific recipe
+    def test_image_minimal_vs_perlcross(self):
+        expected_output = ("Task perlcross-native:do_install couldn't be used from the cache because:",
+"We need hash",
+"most recent matching task was")
+        expected_sametmp_output = expected_output + (
+"Variable do_install value changed",
+'+    echo "this changes the task signature"')
+        expected_difftmp_output = expected_output
+
+        self.run_test_printdiff_changerecipe("core-image-minimal", "perlcross", "-c do_install perlcross-native",
+"""
+do_install:append() {
+    echo "this changes the task signature"
+}
+""",
+expected_sametmp_output, expected_difftmp_output)
+
+    # Check if changes to gcc-source (which uses tmp/work-shared) are correctly discovered
+    def test_gcc_runtime_vs_gcc_source(self):
+        gcc_source_pn = 'gcc-source-%s' % get_bb_vars(['PV'], 'gcc')['PV']
+
+        expected_output = ("Task {}:do_preconfigure couldn't be used from the cache because:".format(gcc_source_pn),
+"We need hash",
+"most recent matching task was")
+        expected_sametmp_output = expected_output + (
+"Variable do_preconfigure value changed",
+'+    print("this changes the task signature")')
+        expected_difftmp_output = expected_output
+
+        self.run_test_printdiff_changerecipe("gcc-runtime", "gcc-source", "-c do_preconfigure {}".format(gcc_source_pn),
+"""
+python do_preconfigure:append() {
+    print("this changes the task signature")
+}
+""",
+expected_sametmp_output, expected_difftmp_output)
+
+    # Check if changing a really base task definiton is reported against multiple core recipes using it
+    def test_image_minimal_vs_base_do_configure(self):
+        change_bbtasks = ('zstd-native:do_configure',
+'texinfo-dummy-native:do_configure',
+'ldconfig-native:do_configure',
+'gettext-minimal-native:do_configure',
+'tzcode-native:do_configure',
+'makedevs-native:do_configure',
+'pigz-native:do_configure',
+'update-rc.d-native:do_configure',
+'unzip-native:do_configure',
+'gnu-config-native:do_configure')
+
+        expected_output = ["Task {} couldn't be used from the cache because:".format(t) for t in change_bbtasks] + [
+"We need hash",
+"most recent matching task was"]
+
+        expected_sametmp_output = expected_output + [
+"Variable base_do_configure value changed",
+'+      echo "this changes base_do_configure() definiton "']
+        expected_difftmp_output = expected_output
+
+        self.run_test_printdiff_changeconfig("core-image-minimal",change_bbtasks,
+"""
+INHERIT += "base-do-configure-modified"
+""",
+expected_sametmp_output, expected_difftmp_output)
+
+class SStateCheckObjectPresence(SStateBase):
+    def check_bb_output(self, output, targets, exceptions, check_cdn):
+        def is_exception(object, exceptions):
+            for e in exceptions:
+                if re.search(e, object):
+                    return True
+            return False
+
+        # sstate is checked for existence of these, but they never get written out to begin with
+        exceptions += ["{}.*image_qa".format(t) for t in targets.split()]
+        exceptions += ["{}.*deploy_source_date_epoch".format(t) for t in targets.split()]
+        exceptions += ["{}.*image_complete".format(t) for t in targets.split()]
+        exceptions += ["linux-yocto.*shared_workdir"]
+        # these get influnced by IMAGE_FSTYPES tweaks in yocto-autobuilder-helper's config.json (on x86-64)
+        # additionally, they depend on noexec (thus, absent stamps) package, install, etc. image tasks,
+        # which makes tracing other changes difficult
+        exceptions += ["{}.*create_.*spdx".format(t) for t in targets.split()]
+
+        output_l = output.splitlines()
+        for l in output_l:
+            if l.startswith("Sstate summary"):
+                for idx, item in enumerate(l.split()):
+                    if item == 'Missed':
+                        missing_objects = int(l.split()[idx+1])
+                        break
+                else:
+                    self.fail("Did not find missing objects amount in sstate summary: {}".format(l))
+                break
+        else:
+            self.fail("Did not find 'Sstate summary' line in bitbake output")
+
+        failed_urls = []
+        failed_urls_extrainfo = []
+        for l in output_l:
+            if "SState: Unsuccessful fetch test for" in l and check_cdn:
+                missing_object = l.split()[6]
+            elif "SState: Looked for but didn't find file" in l and not check_cdn:
+                missing_object = l.split()[8]
+            else:
+                missing_object = None
+            if missing_object:
+                if not is_exception(missing_object, exceptions):
+                    failed_urls.append(missing_object)
+                else:
+                    missing_objects -= 1
+
+            if "urlopen failed for" in l and not is_exception(l, exceptions):
+                failed_urls_extrainfo.append(l)
+
+        self.assertEqual(len(failed_urls), missing_objects, "Amount of reported missing objects does not match failed URLs: {}\nFailed URLs:\n{}\nFetcher diagnostics:\n{}".format(missing_objects, "\n".join(failed_urls), "\n".join(failed_urls_extrainfo)))
+        self.assertEqual(len(failed_urls), 0, "Missing objects in the cache:\n{}\nFetcher diagnostics:\n{}".format("\n".join(failed_urls), "\n".join(failed_urls_extrainfo)))
+
+@OETestTag("yocto-mirrors")
+class SStateMirrors(SStateCheckObjectPresence):
+    def run_test(self, machine, targets, exceptions, check_cdn = True, ignore_errors = False):
+        if check_cdn:
+            self.config_sstate(True)
+            self.append_config("""
+MACHINE = "{}"
+BB_HASHSERVE_UPSTREAM = "hashserv.yoctoproject.org:8686"
+SSTATE_MIRRORS ?= "file://.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH"
+""".format(machine))
+        else:
+            self.append_config("""
+MACHINE = "{}"
+""".format(machine))
+        result = bitbake("-DD -n {}".format(targets))
+        bitbake("-S none {}".format(targets))
+        if ignore_errors:
+            return
+        self.check_bb_output(result.output, targets, exceptions, check_cdn)
+
+    def test_cdn_mirror_qemux86_64(self):
+        exceptions = []
+        self.run_test("qemux86-64", "core-image-minimal core-image-full-cmdline core-image-sato-sdk", exceptions, ignore_errors = True)
+        self.run_test("qemux86-64", "core-image-minimal core-image-full-cmdline core-image-sato-sdk", exceptions)
+
+    def test_cdn_mirror_qemuarm64(self):
+        exceptions = []
+        self.run_test("qemuarm64", "core-image-minimal core-image-full-cmdline core-image-sato-sdk", exceptions, ignore_errors = True)
+        self.run_test("qemuarm64", "core-image-minimal core-image-full-cmdline core-image-sato-sdk", exceptions)
+
+    def test_local_cache_qemux86_64(self):
+        exceptions = []
+        self.run_test("qemux86-64", "core-image-minimal core-image-full-cmdline core-image-sato-sdk", exceptions, check_cdn = False)
+
+    def test_local_cache_qemuarm64(self):
+        exceptions = []
+        self.run_test("qemuarm64", "core-image-minimal core-image-full-cmdline core-image-sato-sdk", exceptions, check_cdn = False)
diff --git a/meta/lib/oeqa/selftest/cases/sysroot.py b/meta/lib/oeqa/selftest/cases/sysroot.py
index 6e34927c90..ef854f6fee 100644
--- a/meta/lib/oeqa/selftest/cases/sysroot.py
+++ b/meta/lib/oeqa/selftest/cases/sysroot.py
@@ -1,11 +1,13 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
 import uuid
 
 from oeqa.selftest.case import OESelftestTestCase
-from oeqa.utils.commands import  bitbake
+from oeqa.utils.commands import bitbake
 
 class SysrootTests(OESelftestTestCase):
     def test_sysroot_cleanup(self):
@@ -24,14 +26,61 @@ class SysrootTests(OESelftestTestCase):
         self.write_config("""
 PREFERRED_PROVIDER_virtual/sysroot-test = "sysroot-test-arch1"
 MACHINE = "qemux86"
-TESTSTRING_pn-sysroot-test-arch1 = "%s"
-TESTSTRING_pn-sysroot-test-arch2 = "%s"
+TESTSTRING:pn-sysroot-test-arch1 = "%s"
+TESTSTRING:pn-sysroot-test-arch2 = "%s"
 """ % (uuid1, uuid2))
         bitbake("sysroot-test")
         self.write_config("""
 PREFERRED_PROVIDER_virtual/sysroot-test = "sysroot-test-arch2"
 MACHINE = "qemux86copy"
-TESTSTRING_pn-sysroot-test-arch1 = "%s"
-TESTSTRING_pn-sysroot-test-arch2 = "%s"
+TESTSTRING:pn-sysroot-test-arch1 = "%s"
+TESTSTRING:pn-sysroot-test-arch2 = "%s"
 """ % (uuid1, uuid2))
         bitbake("sysroot-test")
+
+    def test_sysroot_max_shebang(self):
+        """
+        Summary:   Check max shebang triggers. To confirm [YOCTO #11053] is closed.
+        Expected:  Fail when a shebang bigger than the max shebang-size is reached.
+        Author:    Paulo Neves <ptsneves@gmail.com>
+        """
+        expected = "maximum shebang size exceeded, the maximum size is 128. [shebang-size]"
+        res = bitbake("sysroot-shebang-test-native -c populate_sysroot", ignore_status=True)
+        self.assertTrue(expected in res.output, msg=res.output)
+        self.assertTrue(res.status != 0)
+
+    def test_sysroot_la(self):
+        """
+        Summary:   Check that workdir paths are not contained in .la files.
+        Expected:  Fail when a workdir path is found in the file content.
+        Author:    Paulo Neves <ptsneves@gmail.com>
+        """
+        expected = "la-test.la failed sanity test (workdir) in path"
+
+        res = bitbake("sysroot-la-test -c populate_sysroot", ignore_status=True)
+        self.assertTrue(expected in res.output, msg=res.output)
+        self.assertTrue('[la]' in res.output, msg=res.output)
+        self.assertTrue(res.status != 0)
+
+        res = bitbake("sysroot-la-test-native -c populate_sysroot", ignore_status=True)
+        self.assertTrue(expected in res.output, msg=res.output)
+        self.assertTrue('[la]' in res.output, msg=res.output)
+        self.assertTrue(res.status != 0)
+
+    def test_sysroot_pkgconfig(self):
+        """
+        Summary:   Check that tmpdir paths are not contained in .pc files.
+        Expected:  Fail when a tmpdir path is found in the file content.
+        Author:    Paulo Neves <ptsneves@gmail.com>
+        """
+        expected = "test.pc failed sanity test (tmpdir) in path"
+
+        res = bitbake("sysroot-pc-test -c populate_sysroot", ignore_status=True)
+        self.assertTrue('[pkgconfig]' in res.output, msg=res.output)
+        self.assertTrue(expected in res.output, msg=res.output)
+        self.assertTrue(res.status != 0)
+
+        res = bitbake("sysroot-pc-test-native -c populate_sysroot", ignore_status=True)
+        self.assertTrue(expected in res.output, msg=res.output)
+        self.assertTrue('[pkgconfig]' in res.output, msg=res.output)
+        self.assertTrue(res.status != 0)
diff --git a/meta/lib/oeqa/selftest/cases/tinfoil.py b/meta/lib/oeqa/selftest/cases/tinfoil.py
index a51c6048d3..21c8686b2a 100644
--- a/meta/lib/oeqa/selftest/cases/tinfoil.py
+++ b/meta/lib/oeqa/selftest/cases/tinfoil.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
@@ -9,7 +11,6 @@ import logging
 import bb.tinfoil
 
 from oeqa.selftest.case import OESelftestTestCase
-from oeqa.utils.commands import runCmd
 
 class TinfoilTests(OESelftestTestCase):
     """ Basic tests for the tinfoil API """
@@ -47,6 +48,17 @@ class TinfoilTests(OESelftestTestCase):
             rd = tinfoil.parse_recipe_file(best[3])
             self.assertEqual(testrecipe, rd.getVar('PN'))
 
+    def test_parse_virtual_recipe(self):
+        with bb.tinfoil.Tinfoil() as tinfoil:
+            tinfoil.prepare(config_only=False, quiet=2)
+            testrecipe = 'nativesdk-gcc'
+            best = tinfoil.find_best_provider(testrecipe)
+            if not best:
+                self.fail('Unable to find recipe providing %s' % testrecipe)
+            rd = tinfoil.parse_recipe_file(best[3])
+            self.assertEqual(testrecipe, rd.getVar('PN'))
+            self.assertIsNotNone(rd.getVar('FILE_LAYERNAME'))
+
     def test_parse_recipe_copy_expand(self):
         with bb.tinfoil.Tinfoil() as tinfoil:
             tinfoil.prepare(config_only=False, quiet=2)
@@ -65,6 +77,32 @@ class TinfoilTests(OESelftestTestCase):
             localdata.setVar('PN', 'hello')
             self.assertEqual('hello', localdata.getVar('BPN'))
 
+    # The config_data API to parse_recipe_file is used by:
+    # layerindex-web layerindex/update_layer.py
+    def test_parse_recipe_custom_data(self):
+        with bb.tinfoil.Tinfoil() as tinfoil:
+            tinfoil.prepare(config_only=False, quiet=2)
+            localdata = bb.data.createCopy(tinfoil.config_data)
+            localdata.setVar("TESTVAR", "testval")
+            testrecipe = 'mdadm'
+            best = tinfoil.find_best_provider(testrecipe)
+            if not best:
+                self.fail('Unable to find recipe providing %s' % testrecipe)
+            rd = tinfoil.parse_recipe_file(best[3], config_data=localdata)
+            self.assertEqual("testval", rd.getVar('TESTVAR'))
+
+    def test_parse_virtual_recipe_custom_data(self):
+        with bb.tinfoil.Tinfoil() as tinfoil:
+            tinfoil.prepare(config_only=False, quiet=2)
+            localdata = bb.data.createCopy(tinfoil.config_data)
+            localdata.setVar("TESTVAR", "testval")
+            testrecipe = 'nativesdk-gcc'
+            best = tinfoil.find_best_provider(testrecipe)
+            if not best:
+                self.fail('Unable to find recipe providing %s' % testrecipe)
+            rd = tinfoil.parse_recipe_file(best[3], config_data=localdata)
+            self.assertEqual("testval", rd.getVar('TESTVAR'))
+
     def test_list_recipes(self):
         with bb.tinfoil.Tinfoil() as tinfoil:
             tinfoil.prepare(config_only=False, quiet=2)
@@ -87,21 +125,20 @@ class TinfoilTests(OESelftestTestCase):
         with bb.tinfoil.Tinfoil() as tinfoil:
             tinfoil.prepare(config_only=True)
 
-            tinfoil.set_event_mask(['bb.event.FilesMatchingFound', 'bb.command.CommandCompleted'])
+            tinfoil.set_event_mask(['bb.event.FilesMatchingFound', 'bb.command.CommandCompleted', 'bb.command.CommandFailed', 'bb.command.CommandExit'])
 
             # Need to drain events otherwise events that were masked may still be in the queue
             while tinfoil.wait_event():
                 pass
 
             pattern = 'conf'
-            res = tinfoil.run_command('findFilesMatchingInDir', pattern, 'conf/machine')
+            res = tinfoil.run_command('testCookerCommandEvent', pattern, handle_events=False)
             self.assertTrue(res)
 
             eventreceived = False
             commandcomplete = False
             start = time.time()
             # Wait for maximum 60s in total so we'd detect spurious heartbeat events for example
-            # The test is IO load sensitive too
             while (not (eventreceived == True and commandcomplete == True) 
                     and (time.time() - start < 60)):
                 # if we received both events (on let's say a good day), we are done  
@@ -111,14 +148,15 @@ class TinfoilTests(OESelftestTestCase):
                         commandcomplete = True
                     elif isinstance(event, bb.event.FilesMatchingFound):
                         self.assertEqual(pattern, event._pattern)
-                        self.assertIn('qemuarm.conf', event._matches)
+                        self.assertIn('A', event._matches)
+                        self.assertIn('B', event._matches)
                         eventreceived = True
                     elif isinstance(event, logging.LogRecord):
                         continue
                     else:
                         self.fail('Unexpected event: %s' % event)
 
-            self.assertTrue(commandcomplete, 'Timed out waiting for CommandCompleted event from bitbake server')
+            self.assertTrue(commandcomplete, 'Timed out waiting for CommandCompleted event from bitbake server (Matching event received: %s)' % str(eventreceived))
             self.assertTrue(eventreceived, 'Did not receive FilesMatchingFound event from bitbake server')
 
     def test_setvariable_clean(self):
@@ -173,8 +211,8 @@ class TinfoilTests(OESelftestTestCase):
             self.assertEqual(value, 'origvalue', 'Variable renamed using config_data.renameVar() does not appear with new name')
             # Test overrides
             tinfoil.config_data.setVar('TESTVAR', 'original')
-            tinfoil.config_data.setVar('TESTVAR_overrideone', 'one')
-            tinfoil.config_data.setVar('TESTVAR_overridetwo', 'two')
+            tinfoil.config_data.setVar('TESTVAR:overrideone', 'one')
+            tinfoil.config_data.setVar('TESTVAR:overridetwo', 'two')
             tinfoil.config_data.appendVar('OVERRIDES', ':overrideone')
             value = tinfoil.config_data.getVar('TESTVAR')
             self.assertEqual(value, 'one', 'Variable overrides not functioning correctly')
diff --git a/meta/lib/oeqa/selftest/cases/toolchain.py b/meta/lib/oeqa/selftest/cases/toolchain.py
new file mode 100644
index 0000000000..b4b280d037
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/toolchain.py
@@ -0,0 +1,71 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+import shutil
+import subprocess
+import tempfile
+from types import SimpleNamespace
+
+import oe.path
+from oeqa.selftest.case import OESelftestTestCase
+from oeqa.utils.commands import bitbake, get_bb_var, get_bb_vars
+
+class ToolchainTests(OESelftestTestCase):
+
+    def test_toolchain_switching(self):
+        """
+        Test that a configuration that uses GCC by default but clang for one
+        specific recipe does infact do that.
+        """
+
+        def extract_comment(objcopy, filename):
+            """
+            Using the specified `objcopy`, return the .comment segment from
+            `filename` as a bytes().
+            """
+            with tempfile.NamedTemporaryFile(prefix="comment-") as f:
+                cmd = [objcopy, "--dump-section", ".comment=" + f.name, filename]
+                subprocess.run(cmd, check=True)
+                # clang's objcopy writes to a temporary file and renames, so we need to re-open.
+                with open(f.name, "rb") as f2:
+                    return f2.read()
+
+        def check_recipe(recipe, filename, override, comment_present, comment_absent=None):
+            """
+            Check that `filename` in `recipe`'s bindir contains `comment`, and
+            the overrides contain `override`.
+            """
+            d = SimpleNamespace(**get_bb_vars(("D", "bindir", "OBJCOPY", "OVERRIDES", "PATH"), target=recipe))
+
+            self.assertIn(override, d.OVERRIDES)
+
+            binary = oe.path.join(d.D, d.bindir, filename)
+
+            objcopy = shutil.which(d.OBJCOPY, path=d.PATH)
+            self.assertIsNotNone(objcopy)
+
+            comment = extract_comment(objcopy, binary)
+            self.assertIn(comment_present, comment)
+            if comment_absent:
+                self.assertNotIn(comment_absent, comment)
+
+
+        # GCC by default, clang for selftest-hello.
+        self.write_config("""
+TOOLCHAIN = "gcc"
+TOOLCHAIN:pn-selftest-hello = "clang"
+        """)
+
+        # Force these recipes to re-install so we can extract the .comments from
+        # the install directory, as they're stripped out of the final packages.
+        bitbake("m4 selftest-hello -C install")
+
+        # m4 should be built with GCC and only GCC
+        check_recipe("m4", "m4", "toolchain-gcc", b"GCC: (GNU)", b"clang")
+
+        # helloworld should be built with clang. We can't assert that GCC is not
+        # present as it will be linked against glibc which is built with GCC.
+        check_recipe("selftest-hello", "helloworld", "toolchain-clang", b"clang version")
diff --git a/meta/lib/oeqa/selftest/cases/uboot.py b/meta/lib/oeqa/selftest/cases/uboot.py
new file mode 100644
index 0000000000..980ea327f0
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/uboot.py
@@ -0,0 +1,98 @@
+# Qemu-based u-boot bootloader integration testing
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+from oeqa.selftest.case import OESelftestTestCase
+from oeqa.utils.commands import bitbake, runqemu, get_bb_var, get_bb_vars, runCmd
+from oeqa.core.decorator.data import skipIfNotArch, skipIfNotBuildArch
+from oeqa.core.decorator import OETestTag
+
+uboot_boot_patterns = {
+        'search_reached_prompt': "stop autoboot",
+        'search_login_succeeded': "=>",
+        'search_cmd_finished': "=>"
+        }
+
+
+class UBootTest(OESelftestTestCase):
+
+    @skipIfNotArch(['arm', 'aarch64'])
+    @OETestTag("runqemu")
+    def test_boot_uboot(self):
+        """
+        Tests building u-boot and booting it with QEMU
+        """
+
+        self.write_config("""
+QB_DEFAULT_BIOS = "u-boot.bin"
+PREFERRED_PROVIDER_virtual/bootloader = "u-boot"
+QEMU_USE_KVM = "False"
+""")
+        bitbake("virtual/bootloader core-image-minimal")
+
+        with runqemu('core-image-minimal', ssh=False, runqemuparams='nographic',
+                     boot_patterns=uboot_boot_patterns) as qemu:
+
+            # test if u-boot console works
+            cmd = "version"
+            status, output = qemu.run_serial(cmd)
+            self.assertEqual(status, 1, msg=output)
+            self.assertTrue("U-Boot" in output, msg=output)
+
+    @skipIfNotArch(['aarch64'])
+    @skipIfNotBuildArch(['aarch64'])
+    @OETestTag("runqemu")
+    def test_boot_uboot_kvm_to_full_target(self):
+        """
+        Tests building u-boot and booting it with QEMU and KVM.
+        Requires working KVM on build host. See "kvm-ok" output.
+        """
+
+        runCmd("kvm-ok")
+
+        image = "core-image-minimal"
+        vars = get_bb_vars(['HOST_ARCH', 'BUILD_ARCH'], image)
+        host_arch = vars['HOST_ARCH']
+        build_arch = vars['BUILD_ARCH']
+
+        self.assertEqual(host_arch, build_arch, 'HOST_ARCH %s and BUILD_ARCH %s must match for KVM' % (host_arch, build_arch))
+
+        self.write_config("""
+QEMU_USE_KVM = "1"
+
+# Using u-boot in EFI mode, need ESP partition for grub/systemd-boot/kernel etc
+IMAGE_FSTYPES:pn-core-image-minimal:append = " wic"
+
+# easiest to follow genericarm64 setup with wks file, initrd and EFI loader
+INITRAMFS_IMAGE = "core-image-initramfs-boot"
+EFI_PROVIDER = "${@bb.utils.contains("DISTRO_FEATURES", "systemd", "systemd-boot", "grub-efi", d)}"
+WKS_FILE = "genericarm64.wks.in"
+
+# use wic image with ESP for u-boot, not ext4
+QB_DEFAULT_FSTYPE = "wic"
+
+PREFERRED_PROVIDER_virtual/bootloader = "u-boot"
+QB_DEFAULT_BIOS = "u-boot.bin"
+
+# let u-boot or EFI loader load kernel from ESP
+QB_DEFAULT_KERNEL = "none"
+
+# virt pci, not scsi because support not in u-boot to find ESP
+QB_DRIVE_TYPE = "/dev/vd"
+""")
+        bitbake("virtual/bootloader %s" % image)
+
+        runqemu_params = get_bb_var('TEST_RUNQEMUPARAMS', image) or ""
+        with runqemu(image, ssh=False, runqemuparams='nographic kvm %s' % runqemu_params) as qemu:
+
+            # boot to target and login worked, should have been fast with kvm
+            cmd = "dmesg"
+            status, output = qemu.run_serial(cmd)
+            self.assertEqual(status, 1, msg=output)
+            # Machine is qemu
+            self.assertTrue("Machine model: linux,dummy-virt" in output, msg=output)
+            # with KVM enabled
+            self.assertTrue("KVM: hypervisor services detected" in output, msg=output)
diff --git a/meta/lib/oeqa/selftest/cases/uki.py b/meta/lib/oeqa/selftest/cases/uki.py
new file mode 100644
index 0000000000..9a1aa4e269
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/uki.py
@@ -0,0 +1,141 @@
+# Based on runqemu.py test file
+#
+# Copyright (c) 2017 Wind River Systems, Inc.
+#
+# SPDX-License-Identifier: MIT
+#
+
+from oeqa.selftest.case import OESelftestTestCase
+from oeqa.utils.commands import bitbake, runqemu, get_bb_var
+from oeqa.core.decorator.data import skipIfNotArch
+from oeqa.core.decorator import OETestTag
+import oe.types
+
+class UkiTest(OESelftestTestCase):
+    """Boot Unified Kernel Image (UKI) generated with uki.bbclass on UEFI firmware (omvf/edk2)"""
+
+    @skipIfNotArch(['i586', 'i686', 'x86_64'])
+    @OETestTag("runqemu")
+    def test_uki_boot_systemd(self):
+        """Build and boot into UEFI firmware (omvf/edk2), systemd-boot, initrd without systemd, rootfs with systemd"""
+        image = "core-image-minimal"
+        runqemu_params = get_bb_var('TEST_RUNQEMUPARAMS', image) or ""
+        cmd = "runqemu %s nographic serial wic ovmf" % (runqemu_params)
+        if oe.types.qemu_use_kvm(self.td.get('QEMU_USE_KVM', 0), self.td["TARGET_ARCH"]):
+            cmd += " kvm"
+
+        self.write_config("""
+# efi firmware must load systemd-boot, not grub
+EFI_PROVIDER = "systemd-boot"
+
+# image format must be wic, needs esp partition for firmware etc
+IMAGE_FSTYPES:pn-%s:append = " wic"
+WKS_FILE = "efi-uki-bootdisk.wks.in"
+
+# efi, uki and systemd features must be enabled
+INIT_MANAGER = "systemd"
+MACHINE_FEATURES:append = " efi"
+IMAGE_CLASSES:append:pn-core-image-minimal = " uki"
+
+# uki embeds also an initrd
+INITRAMFS_IMAGE = "core-image-minimal-initramfs"
+
+# runqemu must not load kernel separately, it's in the uki
+QB_KERNEL_ROOT = ""
+QB_DEFAULT_KERNEL = "none"
+
+# boot command line provided via uki, not via bootloader
+UKI_CMDLINE = "rootwait root=LABEL=root console=${KERNEL_CONSOLE}"
+
+# disable kvm, breaks boot
+QEMU_USE_KVM = ""
+
+IMAGE_CLASSES:remove = 'testimage'
+""" % (image))
+
+        uki_filename = get_bb_var('UKI_FILENAME', image)
+
+        bitbake(image + " ovmf")
+        with runqemu(image, ssh=False, launch_cmd=cmd) as qemu:
+            self.assertTrue(qemu.runner.logged, "Failed: %s" % cmd)
+
+            # Verify from efivars that firmware was:
+            # x86_64, qemux86_64, ovmf = edk2
+            cmd = "echo $( cat /sys/firmware/efi/efivars/LoaderFirmwareInfo-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f ) | grep 'EDK II'"
+            status, output = qemu.run_serial(cmd)
+            self.assertEqual(1, status, 'Failed to run command "%s": %s' % (cmd, output))
+
+            # Check that systemd-boot was the loader
+            cmd = "echo $( cat /sys/firmware/efi/efivars/LoaderInfo-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f ) | grep systemd-boot"
+            status, output = qemu.run_serial(cmd)
+            self.assertEqual(1, status, 'Failed to run command "%s": %s' % (cmd, output))
+
+            # Check that systemd-stub was used
+            cmd = "echo $( cat /sys/firmware/efi/efivars/StubInfo-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f ) | grep systemd-stub"
+            status, output = qemu.run_serial(cmd)
+            self.assertEqual(1, status, 'Failed to run command "%s": %s' % (cmd, output))
+
+            # Check that the compiled uki file was booted into
+            cmd = "echo $( cat /sys/firmware/efi/efivars/LoaderEntrySelected-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f ) | grep '%s'" % (uki_filename)
+            status, output = qemu.run_serial(cmd)
+            self.assertEqual(1, status, 'Failed to run command "%s": %s' % (cmd, output))
+
+    @skipIfNotArch(['i586', 'i686', 'x86_64'])
+    @OETestTag("runqemu")
+    def test_uki_sysvinit(self):
+        """Build and boot into UEFI firmware (omvf/edk2), systemd-boot, initrd with sysvinit, rootfs with sysvinit"""
+        config = """
+# efi firmware must load systemd-boot, not grub
+EFI_PROVIDER = "systemd-boot"
+
+# image format must be wic, needs esp partition for firmware etc
+IMAGE_FSTYPES:pn-core-image-base:append = " wic"
+WKS_FILE = "efi-uki-bootdisk.wks.in"
+
+# efi, uki and systemd features must be enabled
+MACHINE_FEATURES:append = " efi"
+IMAGE_CLASSES:append:pn-core-image-base = " uki"
+
+# uki embeds also an initrd, no systemd or udev
+INITRAMFS_IMAGE = "core-image-initramfs-boot"
+
+# runqemu must not load kernel separately, it's in the uki
+QB_KERNEL_ROOT = ""
+QB_DEFAULT_KERNEL = "none"
+
+# boot command line provided via uki, not via bootloader
+UKI_CMDLINE = "rootwait root=LABEL=root console=${KERNEL_CONSOLE}"
+
+# disable kvm, breaks boot
+QEMU_USE_KVM = ""
+
+IMAGE_CLASSES:remove = 'testimage'
+"""
+        self.append_config(config)
+        bitbake('core-image-base ovmf')
+        runqemu_params = get_bb_var('TEST_RUNQEMUPARAMS', 'core-image-base') or ""
+        uki_filename = get_bb_var('UKI_FILENAME', 'core-image-base')
+        self.remove_config(config)
+
+        with runqemu('core-image-base', ssh=False,
+                     runqemuparams='%s slirp nographic ovmf' % (runqemu_params), image_fstype='wic') as qemu:
+            # Verify from efivars that firmware was:
+            # x86_64, qemux86_64, ovmf = edk2
+            cmd = "echo $( cat /sys/firmware/efi/efivars/LoaderFirmwareInfo-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f ) | grep 'EDK II'"
+            status, output = qemu.run_serial(cmd)
+            self.assertEqual(1, status, 'Failed to run command "%s": %s' % (cmd, output))
+
+            # Check that systemd-boot was the loader
+            cmd = "echo $( cat /sys/firmware/efi/efivars/LoaderInfo-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f ) | grep systemd-boot"
+            status, output = qemu.run_serial(cmd)
+            self.assertEqual(1, status, 'Failed to run command "%s": %s' % (cmd, output))
+
+            # Check that systemd-stub was used
+            cmd = "echo $( cat /sys/firmware/efi/efivars/StubInfo-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f ) | grep systemd-stub"
+            status, output = qemu.run_serial(cmd)
+            self.assertEqual(1, status, 'Failed to run command "%s": %s' % (cmd, output))
+
+            # Check that the compiled uki file was booted into
+            cmd = "echo $( cat /sys/firmware/efi/efivars/LoaderEntrySelected-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f ) | grep '%s'" % (uki_filename)
+            status, output = qemu.run_serial(cmd)
+            self.assertEqual(1, status, 'Failed to run command "%s": %s' % (cmd, output))
diff --git a/meta/lib/oeqa/selftest/cases/usergrouptests.py b/meta/lib/oeqa/selftest/cases/usergrouptests.py
new file mode 100644
index 0000000000..3c59b0f290
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/usergrouptests.py
@@ -0,0 +1,57 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+import os
+import shutil
+from oeqa.selftest.case import OESelftestTestCase
+from oeqa.utils.commands import bitbake
+from oeqa.utils.commands import bitbake, get_bb_var, get_test_layer
+
+class UserGroupTests(OESelftestTestCase):
+    def test_group_from_dep_package(self):
+        self.logger.info("Building creategroup2")
+        bitbake(' creategroup2 creategroup1')
+        bitbake(' creategroup2 creategroup1 -c clean')
+        self.logger.info("Packaging creategroup2")
+        self.assertTrue(bitbake(' creategroup2 -c package'))
+
+    def test_add_task_between_p_sysroot_and_package(self):
+        # Test for YOCTO #14961
+        self.assertTrue(bitbake('useraddbadtask -C fetch'))
+
+    def test_postinst_order(self):
+        self.logger.info("Building dcreategroup")
+        self.assertTrue(bitbake(' dcreategroup'))
+
+    def test_static_useradd_from_dynamic(self):
+        metaselftestpath = get_test_layer()
+        self.logger.info("Building core-image-minimal to generate passwd/group file")
+        bitbake(' core-image-minimal')
+        self.logger.info("Setting up useradd-staticids")
+        repropassdir = os.path.join(metaselftestpath, "conf/include")
+        os.makedirs(repropassdir)
+        etcdir=os.path.join(os.path.join(os.path.join(get_bb_var("TMPDIR"), "work"), \
+                            os.path.join(get_bb_var("MACHINE").replace("-","_")+"-poky-linux", "core-image-minimal/1.0/rootfs/etc")))
+        shutil.copy(os.path.join(etcdir, "passwd"), os.path.join(repropassdir, "reproducable-passwd"))
+        shutil.copy(os.path.join(etcdir, "group"), os.path.join(repropassdir, "reproducable-group"))
+        # Copy the original local.conf
+        shutil.copyfile(os.path.join(os.environ.get('BUILDDIR'), 'conf/local.conf'), os.path.join(os.environ.get('BUILDDIR'), 'conf/local.conf.orig'))
+
+        self.write_config("USERADDEXTENSION = \"useradd-staticids\"")
+        self.write_config("USERADD_ERROR_DYNAMIC ??= \"error\"")
+        self.write_config("USERADD_UID_TABLES += \"conf/include/reproducible-passwd\"")
+        self.write_config("USERADD_GID_TABLES += \"conf/include/reproducible-group\"")
+        self.logger.info("Rebuild with staticids")
+        bitbake(' core-image-minimal')
+        shutil.copyfile(os.path.join(os.environ.get('BUILDDIR'), 'conf/local.conf.orig'), os.path.join(os.environ.get('BUILDDIR'), 'conf/local.conf'))
+        self.logger.info("Rebuild without staticids")
+        bitbake(' core-image-minimal')
+        self.write_config("USERADDEXTENSION = \"useradd-staticids\"")
+        self.write_config("USERADD_ERROR_DYNAMIC ??= \"error\"")
+        self.write_config("USERADD_UID_TABLES += \"files/static-passwd\"")
+        self.write_config("USERADD_GID_TABLES += \"files/static-group\"")
+        self.logger.info("Rebuild with other staticids")
+        self.assertTrue(bitbake(' core-image-minimal'))
diff --git a/meta/lib/oeqa/selftest/cases/wic.py b/meta/lib/oeqa/selftest/cases/wic.py
index 2bf5cb9a86..680f99d381 100644
--- a/meta/lib/oeqa/selftest/cases/wic.py
+++ b/meta/lib/oeqa/selftest/cases/wic.py
@@ -11,39 +11,20 @@
 import os
 import sys
 import unittest
+import hashlib
+import subprocess
 
 from glob import glob
 from shutil import rmtree, copy
-from functools import wraps, lru_cache
 from tempfile import NamedTemporaryFile
+from tempfile import TemporaryDirectory
 
 from oeqa.selftest.case import OESelftestTestCase
+from oeqa.core.decorator import OETestTag
+from oeqa.core.decorator.data import skipIfNotArch
 from oeqa.utils.commands import runCmd, bitbake, get_bb_var, get_bb_vars, runqemu
 
 
-@lru_cache(maxsize=32)
-def get_host_arch(recipe):
-    """A cached call to get_bb_var('HOST_ARCH', <recipe>)"""
-    return get_bb_var('HOST_ARCH', recipe)
-
-
-def only_for_arch(archs, image='core-image-minimal'):
-    """Decorator for wrapping test cases that can be run only for specific target
-    architectures. A list of compatible architectures is passed in `archs`.
-    Current architecture will be determined by parsing bitbake output for
-    `image` recipe.
-    """
-    def wrapper(func):
-        @wraps(func)
-        def wrapped_f(*args, **kwargs):
-            arch = get_host_arch(image)
-            if archs and arch not in archs:
-                raise unittest.SkipTest("Testcase arch dependency not met: %s" % arch)
-            return func(*args, **kwargs)
-        wrapped_f.__name__ = func.__name__
-        return wrapped_f
-    return wrapper
-
 def extract_files(debugfs_output):
     """
     extract file names from the output of debugfs -R 'ls -p',
@@ -77,22 +58,18 @@ class WicTestCase(OESelftestTestCase):
 
     def setUpLocal(self):
         """This code is executed before each test method."""
-        self.resultdir = self.builddir + "/wic-tmp/"
+        self.resultdir = os.path.join(self.builddir, "wic-tmp")
         super(WicTestCase, self).setUpLocal()
 
         # Do this here instead of in setUpClass as the base setUp does some
         # clean up which can result in the native tools built earlier in
         # setUpClass being unavailable.
         if not WicTestCase.image_is_ready:
-            if get_bb_var('USE_NLS') == 'yes':
-                bitbake('wic-tools')
-            else:
-                self.skipTest('wic-tools cannot be built due its (intltool|gettext)-native dependency and NLS disable')
+            if self.td['USE_NLS'] != 'yes':
+                self.skipTest('wic-tools needs USE_NLS=yes')
 
-            bitbake('core-image-minimal')
-            bitbake('core-image-minimal-mtdutils')
+            bitbake('wic-tools core-image-minimal core-image-minimal-mtdutils')
             WicTestCase.image_is_ready = True
-
         rmtree(self.resultdir, ignore_errors=True)
 
     def tearDownLocal(self):
@@ -103,15 +80,13 @@ class WicTestCase(OESelftestTestCase):
     def _get_image_env_path(self, image):
         """Generate and obtain the path to <image>.env"""
         if image not in WicTestCase.wicenv_cache:
-            self.assertEqual(0, bitbake('%s -c do_rootfs_wicenv' % image).status)
-            bb_vars = get_bb_vars(['STAGING_DIR', 'MACHINE'], image)
-            stdir = bb_vars['STAGING_DIR']
-            machine = bb_vars['MACHINE']
+            bitbake('%s -c do_rootfs_wicenv' % image)
+            stdir = get_bb_var('STAGING_DIR', image)
+            machine = self.td["MACHINE"]
             WicTestCase.wicenv_cache[image] = os.path.join(stdir, machine, 'imgdata')
         return WicTestCase.wicenv_cache[image]
 
-class Wic(WicTestCase):
-
+class CLITests(OESelftestTestCase):
     def test_version(self):
         """Test wic --version"""
         runCmd('wic --version')
@@ -172,68 +147,136 @@ class Wic(WicTestCase):
         """Test wic without command"""
         self.assertEqual(1, runCmd('wic', ignore_status=True).status)
 
+class Wic(WicTestCase):
+    def test_skip_kernel_install(self):
+        """Test the functionality of not installing the kernel in the boot directory using the wic plugin"""
+        # create a temporary file for the WKS content
+        with NamedTemporaryFile("w", suffix=".wks") as wks:
+            wks.write(
+                'part --source bootimg_efi '
+                '--sourceparams="loader=grub-efi,install-kernel-into-boot-dir=false" '
+                '--label boot --active\n'
+            )
+            wks.flush()
+            # create a temporary directory to extract the disk image to
+            with TemporaryDirectory() as tmpdir:
+                img = 'core-image-minimal'
+                # build the image using the WKS file
+                cmd = "wic create %s -e %s -o %s" % (
+                    wks.name, img, self.resultdir)
+                runCmd(cmd)
+                wksname = os.path.splitext(os.path.basename(wks.name))[0]
+                out = glob(os.path.join(
+                    self.resultdir, "%s-*.direct" % wksname))
+                self.assertEqual(1, len(out))
+                sysroot = get_bb_var('RECIPE_SYSROOT_NATIVE', 'wic-tools')
+                # extract the content of the disk image to the temporary directory
+                cmd = "wic cp %s:1 %s -n %s" % (out[0], tmpdir, sysroot)
+                runCmd(cmd)
+                # check if the kernel is installed or not
+                kimgtype = get_bb_var('KERNEL_IMAGETYPE', img)
+                for file in os.listdir(tmpdir):
+                    if file == kimgtype:
+                        raise AssertionError(
+                            "The kernel image '{}' was found in the partition".format(kimgtype)
+                        )
+
+    def test_kernel_install(self):
+        """Test the installation of the kernel to the boot directory in the wic plugin"""
+        # create a temporary file for the WKS content
+        with NamedTemporaryFile("w", suffix=".wks") as wks:
+            wks.write(
+                'part --source bootimg_efi '
+                '--sourceparams="loader=grub-efi,install-kernel-into-boot-dir=true" '
+                '--label boot --active\n'
+            )
+            wks.flush()
+            # create a temporary directory to extract the disk image to
+            with TemporaryDirectory() as tmpdir:
+                img = 'core-image-minimal'
+                # build the image using the WKS file
+                cmd = "wic create %s -e %s -o %s" % (wks.name, img, self.resultdir)
+                runCmd(cmd)
+                wksname = os.path.splitext(os.path.basename(wks.name))[0]
+                out = glob(os.path.join(self.resultdir, "%s-*.direct" % wksname))
+                self.assertEqual(1, len(out))
+                sysroot = get_bb_var('RECIPE_SYSROOT_NATIVE', 'wic-tools')
+                # extract the content of the disk image to the temporary directory
+                cmd = "wic cp %s:1 %s -n %s" % (out[0], tmpdir, sysroot)
+                runCmd(cmd)
+                # check if the kernel is installed or not
+                kimgtype = get_bb_var('KERNEL_IMAGETYPE', img)
+                found = False
+                for file in os.listdir(tmpdir):
+                    if file == kimgtype:
+                        found = True
+                        break
+                self.assertTrue(
+                    found, "The kernel image '{}' was not found in the boot partition".format(kimgtype)
+                )
+
     def test_build_image_name(self):
         """Test wic create wictestdisk --image-name=core-image-minimal"""
         cmd = "wic create wictestdisk --image-name=core-image-minimal -o %s" % self.resultdir
         runCmd(cmd)
-        self.assertEqual(1, len(glob(self.resultdir + "wictestdisk-*.direct")))
+        self.assertEqual(1, len(glob(os.path.join (self.resultdir, "wictestdisk-*.direct"))))
 
-    @only_for_arch(['i586', 'i686', 'x86_64'])
+    @skipIfNotArch(['i586', 'i686', 'x86_64'])
     def test_gpt_image(self):
         """Test creation of core-image-minimal with gpt table and UUID boot"""
         cmd = "wic create directdisk-gpt --image-name core-image-minimal -o %s" % self.resultdir
         runCmd(cmd)
-        self.assertEqual(1, len(glob(self.resultdir + "directdisk-*.direct")))
+        self.assertEqual(1, len(glob(os.path.join(self.resultdir, "directdisk-*.direct"))))
 
-    @only_for_arch(['i586', 'i686', 'x86_64'])
+    @skipIfNotArch(['i586', 'i686', 'x86_64'])
     def test_iso_image(self):
         """Test creation of hybrid iso image with legacy and EFI boot"""
         config = 'INITRAMFS_IMAGE = "core-image-minimal-initramfs"\n'\
-                 'MACHINE_FEATURES_append = " efi"\n'\
-                 'DEPENDS_pn-core-image-minimal += "syslinux"\n'
+                 'MACHINE_FEATURES:append = " efi"\n'\
+                 'DEPENDS:pn-core-image-minimal += "syslinux"\n'
         self.append_config(config)
         bitbake('core-image-minimal core-image-minimal-initramfs')
         self.remove_config(config)
         cmd = "wic create mkhybridiso --image-name core-image-minimal -o %s" % self.resultdir
         runCmd(cmd)
-        self.assertEqual(1, len(glob(self.resultdir + "HYBRID_ISO_IMG-*.direct")))
-        self.assertEqual(1, len(glob(self.resultdir + "HYBRID_ISO_IMG-*.iso")))
+        self.assertEqual(1, len(glob(os.path.join(self.resultdir, "HYBRID_ISO_IMG-*.direct"))))
+        self.assertEqual(1, len(glob(os.path.join (self.resultdir, "HYBRID_ISO_IMG-*.iso"))))
 
-    @only_for_arch(['i586', 'i686', 'x86_64'])
+    @skipIfNotArch(['i586', 'i686', 'x86_64'])
     def test_qemux86_directdisk(self):
         """Test creation of qemux-86-directdisk image"""
         cmd = "wic create qemux86-directdisk -e core-image-minimal -o %s" % self.resultdir
         runCmd(cmd)
-        self.assertEqual(1, len(glob(self.resultdir + "qemux86-directdisk-*direct")))
+        self.assertEqual(1, len(glob(os.path.join(self.resultdir, "qemux86-directdisk-*direct"))))
 
-    @only_for_arch(['i586', 'i686', 'x86_64'])
+    @skipIfNotArch(['i586', 'i686', 'x86_64', 'aarch64'])
     def test_mkefidisk(self):
         """Test creation of mkefidisk image"""
         cmd = "wic create mkefidisk -e core-image-minimal -o %s" % self.resultdir
         runCmd(cmd)
-        self.assertEqual(1, len(glob(self.resultdir + "mkefidisk-*direct")))
+        self.assertEqual(1, len(glob(os.path.join(self.resultdir, "mkefidisk-*direct"))))
 
-    @only_for_arch(['i586', 'i686', 'x86_64'])
+    @skipIfNotArch(['i586', 'i686', 'x86_64'])
     def test_bootloader_config(self):
         """Test creation of directdisk-bootloader-config image"""
-        config = 'DEPENDS_pn-core-image-minimal += "syslinux"\n'
+        config = 'DEPENDS:pn-core-image-minimal += "syslinux"\n'
         self.append_config(config)
         bitbake('core-image-minimal')
         self.remove_config(config)
         cmd = "wic create directdisk-bootloader-config -e core-image-minimal -o %s" % self.resultdir
         runCmd(cmd)
-        self.assertEqual(1, len(glob(self.resultdir + "directdisk-bootloader-config-*direct")))
+        self.assertEqual(1, len(glob(os.path.join(self.resultdir, "directdisk-bootloader-config-*direct"))))
 
-    @only_for_arch(['i586', 'i686', 'x86_64'])
+    @skipIfNotArch(['i586', 'i686', 'x86_64', 'aarch64'])
     def test_systemd_bootdisk(self):
         """Test creation of systemd-bootdisk image"""
-        config = 'MACHINE_FEATURES_append = " efi"\n'
+        config = 'MACHINE_FEATURES:append = " efi"\n'
         self.append_config(config)
         bitbake('core-image-minimal')
         self.remove_config(config)
         cmd = "wic create systemd-bootdisk -e core-image-minimal -o %s" % self.resultdir
         runCmd(cmd)
-        self.assertEqual(1, len(glob(self.resultdir + "systemd-bootdisk-*direct")))
+        self.assertEqual(1, len(glob(os.path.join(self.resultdir, "systemd-bootdisk-*direct"))))
 
     def test_efi_bootpart(self):
         """Test creation of efi-bootpart image"""
@@ -242,7 +285,7 @@ class Wic(WicTestCase):
         self.append_config('IMAGE_EFI_BOOT_FILES = "%s;kernel"\n' % kimgtype)
         runCmd(cmd)
         sysroot = get_bb_var('RECIPE_SYSROOT_NATIVE', 'wic-tools')
-        images = glob(self.resultdir + "mkefidisk-*.direct")
+        images = glob(os.path.join(self.resultdir, "mkefidisk-*.direct"))
         result = runCmd("wic ls %s:1/ -n %s" % (images[0], sysroot))       
         self.assertIn("kernel",result.output)
 
@@ -252,14 +295,15 @@ class Wic(WicTestCase):
         kimgtype = get_bb_var('KERNEL_IMAGETYPE', 'core-image-minimal')
         self.write_config('IMAGE_BOOT_FILES = "%s"\n' % kimgtype)
         runCmd(cmd)
-        self.assertEqual(1, len(glob(self.resultdir + "sdimage-bootpart-*direct")))
+        self.assertEqual(1, len(glob(os.path.join(self.resultdir, "sdimage-bootpart-*direct"))))
 
-    @only_for_arch(['i586', 'i686', 'x86_64'])
+    # TODO this doesn't have to be x86-specific
+    @skipIfNotArch(['i586', 'i686', 'x86_64'])
     def test_default_output_dir(self):
         """Test default output location"""
         for fname in glob("directdisk-*.direct"):
             os.remove(fname)
-        config = 'DEPENDS_pn-core-image-minimal += "syslinux"\n'
+        config = 'DEPENDS:pn-core-image-minimal += "syslinux"\n'
         self.append_config(config)
         bitbake('core-image-minimal')
         self.remove_config(config)
@@ -267,7 +311,7 @@ class Wic(WicTestCase):
         runCmd(cmd)
         self.assertEqual(1, len(glob("directdisk-*.direct")))
 
-    @only_for_arch(['i586', 'i686', 'x86_64'])
+    @skipIfNotArch(['i586', 'i686', 'x86_64'])
     def test_build_artifacts(self):
         """Test wic create directdisk providing all artifacts."""
         bb_vars = get_bb_vars(['STAGING_DATADIR', 'RECIPE_SYSROOT_NATIVE'],
@@ -282,28 +326,28 @@ class Wic(WicTestCase):
                         "-n %(recipe_sysroot_native)s "
                         "-r %(image_rootfs)s "
                         "-o %(resultdir)s" % bbvars)
-        self.assertEqual(1, len(glob(self.resultdir + "directdisk-*.direct")))
+        self.assertEqual(1, len(glob(os.path.join(self.resultdir, "directdisk-*.direct"))))
 
     def test_compress_gzip(self):
         """Test compressing an image with gzip"""
         runCmd("wic create wictestdisk "
                                    "--image-name core-image-minimal "
                                    "-c gzip -o %s" % self.resultdir)
-        self.assertEqual(1, len(glob(self.resultdir + "wictestdisk-*.direct.gz")))
+        self.assertEqual(1, len(glob(os.path.join(self.resultdir, "wictestdisk-*.direct.gz"))))
 
     def test_compress_bzip2(self):
         """Test compressing an image with bzip2"""
         runCmd("wic create wictestdisk "
                                    "--image-name=core-image-minimal "
                                    "-c bzip2 -o %s" % self.resultdir)
-        self.assertEqual(1, len(glob(self.resultdir + "wictestdisk-*.direct.bz2")))
+        self.assertEqual(1, len(glob(os.path.join(self.resultdir, "wictestdisk-*.direct.bz2"))))
 
     def test_compress_xz(self):
         """Test compressing an image with xz"""
         runCmd("wic create wictestdisk "
                                    "--image-name=core-image-minimal "
                                    "--compress-with=xz -o %s" % self.resultdir)
-        self.assertEqual(1, len(glob(self.resultdir + "wictestdisk-*.direct.xz")))
+        self.assertEqual(1, len(glob(os.path.join(self.resultdir, "wictestdisk-*.direct.xz"))))
 
     def test_wrong_compressor(self):
         """Test how wic breaks if wrong compressor is provided"""
@@ -317,23 +361,23 @@ class Wic(WicTestCase):
         runCmd("wic create wictestdisk "
                                    "--image-name=core-image-minimal "
                                    "-D -o %s" % self.resultdir)
-        self.assertEqual(1, len(glob(self.resultdir + "wictestdisk-*.direct")))
-        self.assertEqual(1, len(glob(self.resultdir + "tmp.wic*")))
+        self.assertEqual(1, len(glob(os.path.join(self.resultdir, "wictestdisk-*.direct"))))
+        self.assertEqual(1, len(glob(os.path.join(self.resultdir, "tmp.wic*"))))
 
     def test_debug_long(self):
         """Test --debug option"""
         runCmd("wic create wictestdisk "
                                    "--image-name=core-image-minimal "
                                    "--debug -o %s" % self.resultdir)
-        self.assertEqual(1, len(glob(self.resultdir + "wictestdisk-*.direct")))
-        self.assertEqual(1, len(glob(self.resultdir + "tmp.wic*")))
+        self.assertEqual(1, len(glob(os.path.join(self.resultdir, "wictestdisk-*.direct"))))
+        self.assertEqual(1, len(glob(os.path.join(self.resultdir, "tmp.wic*"))))
 
     def test_skip_build_check_short(self):
         """Test -s option"""
         runCmd("wic create wictestdisk "
                                    "--image-name=core-image-minimal "
                                    "-s -o %s" % self.resultdir)
-        self.assertEqual(1, len(glob(self.resultdir + "wictestdisk-*.direct")))
+        self.assertEqual(1, len(glob(os.path.join(self.resultdir, "wictestdisk-*.direct"))))
 
     def test_skip_build_check_long(self):
         """Test --skip-build-check option"""
@@ -341,14 +385,14 @@ class Wic(WicTestCase):
                                    "--image-name=core-image-minimal "
                                    "--skip-build-check "
                                    "--outdir %s" % self.resultdir)
-        self.assertEqual(1, len(glob(self.resultdir + "wictestdisk-*.direct")))
+        self.assertEqual(1, len(glob(os.path.join(self.resultdir, "wictestdisk-*.direct"))))
 
     def test_build_rootfs_short(self):
         """Test -f option"""
         runCmd("wic create wictestdisk "
                                    "--image-name=core-image-minimal "
                                    "-f -o %s" % self.resultdir)
-        self.assertEqual(1, len(glob(self.resultdir + "wictestdisk-*.direct")))
+        self.assertEqual(1, len(glob(os.path.join(self.resultdir, "wictestdisk-*.direct"))))
 
     def test_build_rootfs_long(self):
         """Test --build-rootfs option"""
@@ -356,9 +400,10 @@ class Wic(WicTestCase):
                                    "--image-name=core-image-minimal "
                                    "--build-rootfs "
                                    "--outdir %s" % self.resultdir)
-        self.assertEqual(1, len(glob(self.resultdir + "wictestdisk-*.direct")))
+        self.assertEqual(1, len(glob(os.path.join(self.resultdir, "wictestdisk-*.direct"))))
 
-    @only_for_arch(['i586', 'i686', 'x86_64'])
+    # TODO this doesn't have to be x86-specific
+    @skipIfNotArch(['i586', 'i686', 'x86_64'])
     def test_rootfs_indirect_recipes(self):
         """Test usage of rootfs plugin with rootfs recipes"""
         runCmd("wic create directdisk-multi-rootfs "
@@ -366,9 +411,10 @@ class Wic(WicTestCase):
                         "--rootfs rootfs1=core-image-minimal "
                         "--rootfs rootfs2=core-image-minimal "
                         "--outdir %s" % self.resultdir)
-        self.assertEqual(1, len(glob(self.resultdir + "directdisk-multi-rootfs*.direct")))
+        self.assertEqual(1, len(glob(os.path.join(self.resultdir, "directdisk-multi-rootfs*.direct"))))
 
-    @only_for_arch(['i586', 'i686', 'x86_64'])
+    # TODO this doesn't have to be x86-specific
+    @skipIfNotArch(['i586', 'i686', 'x86_64'])
     def test_rootfs_artifacts(self):
         """Test usage of rootfs plugin with rootfs paths"""
         bb_vars = get_bb_vars(['STAGING_DATADIR', 'RECIPE_SYSROOT_NATIVE'],
@@ -385,7 +431,7 @@ class Wic(WicTestCase):
                         "--rootfs-dir rootfs1=%(image_rootfs)s "
                         "--rootfs-dir rootfs2=%(image_rootfs)s "
                         "--outdir %(resultdir)s" % bbvars)
-        self.assertEqual(1, len(glob(self.resultdir + "%(wks)s-*.direct" % bbvars)))
+        self.assertEqual(1, len(glob(os.path.join(self.resultdir, "%(wks)s-*.direct" % bbvars))))
 
     def test_exclude_path(self):
         """Test --exclude-path wks option."""
@@ -400,19 +446,20 @@ class Wic(WicTestCase):
                 wks.write("""
 part / --source rootfs --ondisk mmcblk0 --fstype=ext4 --exclude-path usr
 part /usr --source rootfs --ondisk mmcblk0 --fstype=ext4 --rootfs-dir %s/usr
-part /etc --source rootfs --ondisk mmcblk0 --fstype=ext4 --exclude-path bin/ --rootfs-dir %s/usr"""
-                          % (rootfs_dir, rootfs_dir))
+part /etc --source rootfs --ondisk mmcblk0 --fstype=ext4 --exclude-path bin/ --rootfs-dir %s/usr
+part /mnt --source rootfs --ondisk mmcblk0 --fstype=ext4 --exclude-path bin/whoami --rootfs-dir %s/usr"""
+                          % (rootfs_dir, rootfs_dir, rootfs_dir))
             runCmd("wic create %s -e core-image-minimal -o %s" \
                                        % (wks_file, self.resultdir))
 
             os.remove(wks_file)
-            wicout = glob(self.resultdir + "%s-*direct" % 'temp')
+            wicout = glob(os.path.join(self.resultdir, "%s-*direct" % 'temp'))
             self.assertEqual(1, len(wicout))
 
             wicimg = wicout[0]
 
             # verify partition size with wic
-            res = runCmd("parted -m %s unit b p 2>/dev/null" % wicimg)
+            res = runCmd("parted -m %s unit b p" % wicimg, stderr=subprocess.PIPE)
 
             # parse parted output which looks like this:
             # BYT;\n
@@ -420,9 +467,9 @@ part /etc --source rootfs --ondisk mmcblk0 --fstype=ext4 --exclude-path bin/ --r
             # 1:0.00MiB:200MiB:200MiB:ext4::;\n
             partlns = res.output.splitlines()[2:]
 
-            self.assertEqual(3, len(partlns))
+            self.assertEqual(4, len(partlns))
 
-            for part in [1, 2, 3]:
+            for part in [1, 2, 3, 4]:
                 part_file = os.path.join(self.resultdir, "selftest_img.part%d" % part)
                 partln = partlns[part-1].split(":")
                 self.assertEqual(7, len(partln))
@@ -433,16 +480,16 @@ part /etc --source rootfs --ondisk mmcblk0 --fstype=ext4 --exclude-path bin/ --r
 
             # Test partition 1, should contain the normal root directories, except
             # /usr.
-            res = runCmd("debugfs -R 'ls -p' %s 2>/dev/null" % \
-                             os.path.join(self.resultdir, "selftest_img.part1"))
+            res = runCmd("debugfs -R 'ls -p' %s" % \
+                             os.path.join(self.resultdir, "selftest_img.part1"), stderr=subprocess.PIPE)
             files = extract_files(res.output)
             self.assertIn("etc", files)
             self.assertNotIn("usr", files)
 
             # Partition 2, should contain common directories for /usr, not root
             # directories.
-            res = runCmd("debugfs -R 'ls -p' %s 2>/dev/null" % \
-                             os.path.join(self.resultdir, "selftest_img.part2"))
+            res = runCmd("debugfs -R 'ls -p' %s" % \
+                             os.path.join(self.resultdir, "selftest_img.part2"), stderr=subprocess.PIPE)
             files = extract_files(res.output)
             self.assertNotIn("etc", files)
             self.assertNotIn("usr", files)
@@ -450,27 +497,78 @@ part /etc --source rootfs --ondisk mmcblk0 --fstype=ext4 --exclude-path bin/ --r
 
             # Partition 3, should contain the same as partition 2, including the bin
             # directory, but not the files inside it.
-            res = runCmd("debugfs -R 'ls -p' %s 2>/dev/null" % \
-                             os.path.join(self.resultdir, "selftest_img.part3"))
+            res = runCmd("debugfs -R 'ls -p' %s" % \
+                             os.path.join(self.resultdir, "selftest_img.part3"), stderr=subprocess.PIPE)
             files = extract_files(res.output)
             self.assertNotIn("etc", files)
             self.assertNotIn("usr", files)
             self.assertIn("share", files)
             self.assertIn("bin", files)
-            res = runCmd("debugfs -R 'ls -p bin' %s 2>/dev/null" % \
-                             os.path.join(self.resultdir, "selftest_img.part3"))
+            res = runCmd("debugfs -R 'ls -p bin' %s" % \
+                             os.path.join(self.resultdir, "selftest_img.part3"), stderr=subprocess.PIPE)
             files = extract_files(res.output)
             self.assertIn(".", files)
             self.assertIn("..", files)
             self.assertEqual(2, len(files))
 
-            for part in [1, 2, 3]:
+            # Partition 4, should contain the same as partition 2, including the bin
+            # directory, but not whoami (a symlink to busybox.nosuid) inside it.
+            res = runCmd("debugfs -R 'ls -p' %s" % \
+                             os.path.join(self.resultdir, "selftest_img.part4"), stderr=subprocess.PIPE)
+            files = extract_files(res.output)
+            self.assertNotIn("etc", files)
+            self.assertNotIn("usr", files)
+            self.assertIn("share", files)
+            self.assertIn("bin", files)
+            res = runCmd("debugfs -R 'ls -p bin' %s" % \
+                             os.path.join(self.resultdir, "selftest_img.part4"), stderr=subprocess.PIPE)
+            files = extract_files(res.output)
+            self.assertIn(".", files)
+            self.assertIn("..", files)
+            self.assertIn("who", files)
+            self.assertNotIn("whoami", files)
+
+            for part in [1, 2, 3, 4]:
                 part_file = os.path.join(self.resultdir, "selftest_img.part%d" % part)
                 os.remove(part_file)
 
         finally:
             os.environ['PATH'] = oldpath
 
+    def test_exclude_path_with_extra_space(self):
+        """Test having --exclude-path with IMAGE_ROOTFS_EXTRA_SPACE. [Yocto #15555]"""
+
+        with NamedTemporaryFile("w", suffix=".wks") as wks:
+            wks.writelines(
+                ['bootloader --ptable gpt\n',
+                 'part /boot --size=100M --active --fstype=ext4 --label boot\n',
+                 'part /     --source rootfs      --fstype=ext4 --label root --exclude-path boot/\n'])
+            wks.flush()
+            config = 'IMAGE_ROOTFS_EXTRA_SPACE = "500000"\n'\
+                     'DEPENDS:pn-core-image-minimal += "wic-tools"\n'\
+                     'IMAGE_FSTYPES += "wic ext4"\n'\
+                     'WKS_FILE = "%s"\n' % wks.name
+            self.append_config(config)
+            bitbake('core-image-minimal')
+
+        """
+        the output of "wic ls <image>.wic" will look something like:
+            Num     Start        End          Size      Fstype
+             1         17408    136332287    136314880  ext4
+             2     136332288    171464703     35132416  ext4
+        we are looking for the size of partition 2
+        i.e. in this case the number 35,132,416
+        without the fix the size will be around 85,403,648
+        with the fix the size should be around 799,960,064
+        """
+        bb_vars = get_bb_vars(['DEPLOY_DIR_IMAGE', 'MACHINE'], 'core-image-minimal')
+        deploy_dir = bb_vars['DEPLOY_DIR_IMAGE']
+        machine = bb_vars['MACHINE']
+        nativesysroot = get_bb_var('RECIPE_SYSROOT_NATIVE', 'wic-tools')
+        wicout = glob(os.path.join(deploy_dir, "core-image-minimal-%s.rootfs-*.wic" % machine))[0]
+        size_of_root_partition = int(runCmd("wic ls %s --native-sysroot %s" % (wicout, nativesysroot)).output.split('\n')[2].split()[3])
+        self.assertGreater(size_of_root_partition, 500000000)
+
     def test_include_path(self):
         """Test --include-path wks option."""
 
@@ -496,13 +594,13 @@ part /part2 --source rootfs --ondisk mmcblk0 --fstype=ext4 --include-path %s"""
             part2 = glob(os.path.join(self.resultdir, 'temp-*.direct.p2'))[0]
 
             # Test partition 1, should not contain 'test-file'
-            res = runCmd("debugfs -R 'ls -p' %s 2>/dev/null" % (part1))
+            res = runCmd("debugfs -R 'ls -p' %s" % (part1), stderr=subprocess.PIPE)
             files = extract_files(res.output)
             self.assertNotIn('test-file', files)
             self.assertEqual(True, files_own_by_root(res.output))
 
             # Test partition 2, should contain 'test-file'
-            res = runCmd("debugfs -R 'ls -p' %s 2>/dev/null" % (part2))
+            res = runCmd("debugfs -R 'ls -p' %s" % (part2), stderr=subprocess.PIPE)
             files = extract_files(res.output)
             self.assertIn('test-file', files)
             self.assertEqual(True, files_own_by_root(res.output))
@@ -531,12 +629,12 @@ part / --source rootfs  --fstype=ext4 --include-path %s --include-path core-imag
 
             part1 = glob(os.path.join(self.resultdir, 'temp-*.direct.p1'))[0]
 
-            res = runCmd("debugfs -R 'ls -p' %s 2>/dev/null" % (part1))
+            res = runCmd("debugfs -R 'ls -p' %s" % (part1), stderr=subprocess.PIPE)
             files = extract_files(res.output)
             self.assertIn('test-file', files)
             self.assertEqual(True, files_own_by_root(res.output))
 
-            res = runCmd("debugfs -R 'ls -p /export/etc/' %s 2>/dev/null" % (part1))
+            res = runCmd("debugfs -R 'ls -p /export/etc/' %s" % (part1), stderr=subprocess.PIPE)
             files = extract_files(res.output)
             self.assertIn('passwd', files)
             self.assertEqual(True, files_own_by_root(res.output))
@@ -623,7 +721,7 @@ part /etc --source rootfs --fstype=ext4 --change-directory=etc
                                        % (wks_file, self.resultdir))
 
                 for part in glob(os.path.join(self.resultdir, 'temp-*.direct.p*')):
-                    res = runCmd("debugfs -R 'ls -p' %s 2>/dev/null" % (part))
+                    res = runCmd("debugfs -R 'ls -p' %s" % (part), stderr=subprocess.PIPE)
                     self.assertEqual(True, files_own_by_root(res.output))
 
                 config = 'IMAGE_FSTYPES += "wic"\nWKS_FILE = "%s"\n' % wks_file
@@ -633,7 +731,7 @@ part /etc --source rootfs --fstype=ext4 --change-directory=etc
 
                 # check each partition for permission
                 for part in glob(os.path.join(tmpdir, 'temp-*.direct.p*')):
-                    res = runCmd("debugfs -R 'ls -p' %s 2>/dev/null" % (part))
+                    res = runCmd("debugfs -R 'ls -p' %s" % (part), stderr=subprocess.PIPE)
                     self.assertTrue(files_own_by_root(res.output)
                         ,msg='Files permission incorrect using wks set "%s"' % test)
 
@@ -661,7 +759,7 @@ part /etc --source rootfs --fstype=ext4 --change-directory=etc
 
             part1 = glob(os.path.join(self.resultdir, 'temp-*.direct.p1'))[0]
 
-            res = runCmd("debugfs -R 'ls -p' %s 2>/dev/null" % (part1))
+            res = runCmd("debugfs -R 'ls -p' %s" % (part1), stderr=subprocess.PIPE)
             files = extract_files(res.output)
             self.assertIn('passwd', files)
 
@@ -686,21 +784,185 @@ part /etc --source rootfs --fstype=ext4 --change-directory=etc
                                       % (wks_file, self.resultdir), ignore_status=True).status)
         os.remove(wks_file)
 
+    def test_no_fstab_update(self):
+        """Test --no-fstab-update wks option."""
+
+        oldpath = os.environ['PATH']
+        os.environ['PATH'] = get_bb_var("PATH", "wic-tools")
+
+        # Get stock fstab from base-files recipe
+        bitbake('base-files -c do_install')
+        bf_fstab = os.path.join(get_bb_var('D', 'base-files'), 'etc', 'fstab')
+        self.assertEqual(True, os.path.exists(bf_fstab))
+        bf_fstab_md5sum = runCmd('md5sum %s ' % bf_fstab).output.split(" ")[0]
+
+        try:
+            no_fstab_update_path = os.path.join(self.resultdir, 'test-no-fstab-update')
+            os.makedirs(no_fstab_update_path)
+            wks_file = os.path.join(no_fstab_update_path, 'temp.wks')
+            with open(wks_file, 'w') as wks:
+                wks.writelines(['part / --source rootfs --fstype=ext4 --label rootfs\n',
+                                'part /mnt/p2 --source rootfs --rootfs-dir=core-image-minimal ',
+                                '--fstype=ext4 --label p2 --no-fstab-update\n'])
+            runCmd("wic create %s -e core-image-minimal -o %s" \
+                                       % (wks_file, self.resultdir))
+
+            part_fstab_md5sum = []
+            for i in range(1, 3):
+                part = glob(os.path.join(self.resultdir, 'temp-*.direct.p') + str(i))[0]
+                part_fstab = runCmd("debugfs -R 'cat etc/fstab' %s" % (part), stderr=subprocess.PIPE)
+                part_fstab_md5sum.append(hashlib.md5((part_fstab.output + "\n\n").encode('utf-8')).hexdigest())
+
+            # '/etc/fstab' in partition 2 should contain the same stock fstab file
+            # as the one installed by the base-file recipe.
+            self.assertEqual(bf_fstab_md5sum, part_fstab_md5sum[1])
+
+            # '/etc/fstab' in partition 1 should contain an updated fstab file.
+            self.assertNotEqual(bf_fstab_md5sum, part_fstab_md5sum[0])
+
+        finally:
+            os.environ['PATH'] = oldpath
+
+    def test_no_fstab_update_errors(self):
+        """Test --no-fstab-update wks option error handling."""
+        wks_file = 'temp.wks'
+
+        # Absolute argument.
+        with open(wks_file, 'w') as wks:
+            wks.write("part / --source rootfs --fstype=ext4 --no-fstab-update /etc")
+        self.assertNotEqual(0, runCmd("wic create %s -e core-image-minimal -o %s" \
+                                      % (wks_file, self.resultdir), ignore_status=True).status)
+        os.remove(wks_file)
+
+        # Argument pointing to parent directory.
+        with open(wks_file, 'w') as wks:
+            wks.write("part / --source rootfs --fstype=ext4 --no-fstab-update ././..")
+        self.assertNotEqual(0, runCmd("wic create %s -e core-image-minimal -o %s" \
+                                      % (wks_file, self.resultdir), ignore_status=True).status)
+        os.remove(wks_file)
+
+    def test_extra_space(self):
+        """Test --extra-space wks option."""
+        extraspace = 1024**3
+        runCmd("wic create wictestdisk "
+                                   "--image-name core-image-minimal "
+                                   "--extra-space %i -o %s" % (extraspace ,self.resultdir))
+        wicout = glob(os.path.join(self.resultdir, "wictestdisk-*.direct"))
+        self.assertEqual(1, len(wicout))
+        size = os.path.getsize(wicout[0])
+        self.assertTrue(size > extraspace, msg="Extra space not present (%s vs %s)" % (size, extraspace))
+
+    def test_no_table(self):
+        """Test --no-table wks option."""
+        wks_file = 'temp.wks'
+
+        # Absolute argument.
+        with open(wks_file, 'w') as wks:
+            wks.write("part testspace --no-table --fixed-size 16k --offset 4080k")
+        runCmd("wic create %s --image-name core-image-minimal -o %s" % (wks_file, self.resultdir))
+
+        wicout = glob(os.path.join(self.resultdir, "*.*"))
+
+        self.assertEqual(1, len(wicout))
+        size = os.path.getsize(wicout[0])
+        self.assertEqual(size, 4 * 1024 * 1024)
+
+        os.remove(wks_file)
+
+    def test_partition_hidden_attributes(self):
+        """Test --hidden wks option."""
+        wks_file = 'temp.wks'
+        sysroot = get_bb_var('RECIPE_SYSROOT_NATIVE', 'wic-tools')
+        try:
+            with open(wks_file, 'w') as wks:
+                wks.write("""
+part / --source rootfs --fstype=ext4
+part / --source rootfs --fstype=ext4 --hidden
+bootloader --ptable gpt""")
+
+            runCmd("wic create %s -e core-image-minimal -o %s" \
+                                       % (wks_file, self.resultdir))
+            wicout = os.path.join(self.resultdir, "*.direct")
+
+            result = runCmd("%s/usr/sbin/sfdisk --part-attrs %s 1" % (sysroot, wicout))
+            self.assertEqual('', result.output)
+            result = runCmd("%s/usr/sbin/sfdisk --part-attrs %s 2" % (sysroot, wicout))
+            self.assertEqual('RequiredPartition', result.output)
+
+        finally:
+            os.remove(wks_file)
+
+    def test_wic_sector_size(self):
+        """Test generation image sector size"""
+ 
+        oldpath = os.environ['PATH']
+        os.environ['PATH'] = get_bb_var("PATH", "wic-tools")
+
+        try:
+            # Add WIC_SECTOR_SIZE into config
+            config = 'WIC_SECTOR_SIZE = "4096"\n'\
+                     'WICVARS:append = " WIC_SECTOR_SIZE"\n'
+            self.append_config(config)
+            bitbake('core-image-minimal')
+
+            # Check WIC_SECTOR_SIZE apply to bitbake variable
+            wic_sector_size_str = get_bb_var('WIC_SECTOR_SIZE', 'core-image-minimal')
+            wic_sector_size = int(wic_sector_size_str)
+            self.assertEqual(4096, wic_sector_size)
+
+            self.logger.info("Test wic_sector_size: %d \n" % wic_sector_size)
+
+            with NamedTemporaryFile("w", suffix=".wks") as wks:
+                wks.writelines(
+                    ['bootloader --ptable gpt\n',
+                     'part --fstype ext4 --source rootfs --label rofs-a --mkfs-extraopts "-b 4096"\n',
+                     'part --fstype ext4 --source rootfs --use-uuid --mkfs-extraopts "-b 4096"\n'])
+                wks.flush()
+                cmd = "wic create %s -e core-image-minimal -o %s" % (wks.name, self.resultdir)
+                runCmd(cmd)
+                wksname = os.path.splitext(os.path.basename(wks.name))[0]
+                images = glob(os.path.join(self.resultdir, "%s-*direct" % wksname))
+                self.assertEqual(1, len(images))
+
+            sysroot = get_bb_var('RECIPE_SYSROOT_NATIVE', 'wic-tools')
+            # list partitions
+            result = runCmd("wic ls %s -n %s" % (images[0], sysroot))
+            self.assertEqual(3, len(result.output.split('\n')))
+
+            # verify partition size with wic
+            res = runCmd("export PARTED_SECTOR_SIZE=%d; parted -m %s unit b p" % (wic_sector_size, images[0]),
+                         stderr=subprocess.PIPE)
+
+            # parse parted output which looks like this:
+            # BYT;\n
+            # /var/tmp/wic/build/tmpgjzzefdd-202410281021-sda.direct:78569472B:file:4096:4096:gpt::;\n
+            # 1:139264B:39284735B:39145472B:ext4:rofs-a:;\n
+            # 2:39284736B:78430207B:39145472B:ext4:primary:;\n
+            disk_info = res.output.splitlines()[1]
+            # Check sector sizes
+            sector_size_logical = int(disk_info.split(":")[3])
+            sector_size_physical = int(disk_info.split(":")[4])
+            self.assertEqual(wic_sector_size, sector_size_logical, "Logical sector size is not %d." % wic_sector_size)
+            self.assertEqual(wic_sector_size, sector_size_physical, "Physical sector size is not %d." % wic_sector_size)
+
+        finally:
+            os.environ['PATH'] = oldpath
+
 class Wic2(WicTestCase):
 
     def test_bmap_short(self):
         """Test generation of .bmap file -m option"""
         cmd = "wic create wictestdisk -e core-image-minimal -m -o %s" % self.resultdir
         runCmd(cmd)
-        self.assertEqual(1, len(glob(self.resultdir + "wictestdisk-*direct")))
-        self.assertEqual(1, len(glob(self.resultdir + "wictestdisk-*direct.bmap")))
+        self.assertEqual(1, len(glob(os.path.join(self.resultdir, "wictestdisk-*direct"))))
+        self.assertEqual(1, len(glob(os.path.join(self.resultdir, "wictestdisk-*direct.bmap"))))
 
     def test_bmap_long(self):
         """Test generation of .bmap file --bmap option"""
         cmd = "wic create wictestdisk -e core-image-minimal --bmap -o %s" % self.resultdir
         runCmd(cmd)
-        self.assertEqual(1, len(glob(self.resultdir + "wictestdisk-*direct")))
-        self.assertEqual(1, len(glob(self.resultdir + "wictestdisk-*direct.bmap")))
+        self.assertEqual(1, len(glob(os.path.join(self.resultdir, "wictestdisk-*direct"))))
+        self.assertEqual(1, len(glob(os.path.join(self.resultdir, "wictestdisk-*direct.bmap"))))
 
     def test_image_env(self):
         """Test generation of <image>.env files."""
@@ -711,7 +973,7 @@ class Wic2(WicTestCase):
         basename = bb_vars['IMAGE_BASENAME']
         self.assertEqual(basename, image)
         path = os.path.join(imgdatadir, basename) + '.env'
-        self.assertTrue(os.path.isfile(path))
+        self.assertTrue(os.path.isfile(path), msg="File %s wasn't generated as expected" % path)
 
         wicvars = set(bb_vars['WICVARS'].split())
         # filter out optional variables
@@ -724,7 +986,7 @@ class Wic2(WicTestCase):
             # test if variables used by wic present in the .env file
             for var in wicvars:
                 self.assertTrue(var in content, "%s is not in .env file" % var)
-                self.assertTrue(content[var])
+                self.assertTrue(content[var], "%s doesn't have a value (%s)" % (var, content[var]))
 
     def test_image_vars_dir_short(self):
         """Test image vars directory selection -v option"""
@@ -736,7 +998,7 @@ class Wic2(WicTestCase):
                                    "--image-name=%s -v %s -n %s -o %s"
                                    % (image, imgenvdir, native_sysroot,
                                       self.resultdir))
-        self.assertEqual(1, len(glob(self.resultdir + "wictestdisk-*direct")))
+        self.assertEqual(1, len(glob(os.path.join(self.resultdir, "wictestdisk-*direct"))))
 
     def test_image_vars_dir_long(self):
         """Test image vars directory selection --vars option"""
@@ -751,58 +1013,99 @@ class Wic2(WicTestCase):
                                    "--outdir %s"
                                    % (image, imgenvdir, native_sysroot,
                                       self.resultdir))
-        self.assertEqual(1, len(glob(self.resultdir + "wictestdisk-*direct")))
+        self.assertEqual(1, len(glob(os.path.join(self.resultdir, "wictestdisk-*direct"))))
 
-    @only_for_arch(['i586', 'i686', 'x86_64'])
+    # TODO this test could also work on aarch64
+    @skipIfNotArch(['i586', 'i686', 'x86_64'])
     def test_wic_image_type(self):
         """Test building wic images by bitbake"""
         config = 'IMAGE_FSTYPES += "wic"\nWKS_FILE = "wic-image-minimal"\n'\
-                 'MACHINE_FEATURES_append = " efi"\n'
+                 'MACHINE_FEATURES:append = " efi"\n'
+        image_recipe_append = """
+do_image_wic[postfuncs] += "run_wic_cmd"
+run_wic_cmd() {
+    echo "test" >> ${WORKDIR}/test.wic-cp
+    wic cp --vars "${STAGING_DIR}/${MACHINE}/imgdata/" -e "${IMAGE_BASENAME}" ${WORKDIR}/test.wic-cp  ${IMGDEPLOYDIR}/${IMAGE_NAME}.wic:1/
+    wic ls --vars "${STAGING_DIR}/${MACHINE}/imgdata/" -e "${IMAGE_BASENAME}" ${IMGDEPLOYDIR}/${IMAGE_NAME}.wic:1/
+    wic rm --vars "${STAGING_DIR}/${MACHINE}/imgdata/" -e "${IMAGE_BASENAME}" ${IMGDEPLOYDIR}/${IMAGE_NAME}.wic:1/test.wic-cp
+    wic cp --vars "${STAGING_DIR}/${MACHINE}/imgdata/" -e "${IMAGE_BASENAME}" ${WORKDIR}/test.wic-cp  ${IMGDEPLOYDIR}/${IMAGE_NAME}.wic:1/
+}
+"""
+        self.write_recipeinc('images', image_recipe_append)
+
         self.append_config(config)
-        self.assertEqual(0, bitbake('wic-image-minimal').status)
+        image = 'wic-image-minimal'
+        bitbake(image)
         self.remove_config(config)
 
-        bb_vars = get_bb_vars(['DEPLOY_DIR_IMAGE', 'MACHINE'])
-        deploy_dir = bb_vars['DEPLOY_DIR_IMAGE']
-        machine = bb_vars['MACHINE']
-        prefix = os.path.join(deploy_dir, 'wic-image-minimal-%s.' % machine)
+        bb_vars = get_bb_vars(['DEPLOY_DIR_IMAGE', 'IMAGE_LINK_NAME'], image)
+        prefix = os.path.join(bb_vars['DEPLOY_DIR_IMAGE'], '%s.' % bb_vars['IMAGE_LINK_NAME'])
+
+        sysroot = get_bb_var('RECIPE_SYSROOT_NATIVE', 'wic-tools')
+        # check if file is there
+        result = runCmd("wic ls %s:1/ -n %s" % (prefix+"wic", sysroot))
+        self.assertIn("test.wic-cp", result.output)
+
         # check if we have result image and manifests symlinks
         # pointing to existing files
         for suffix in ('wic', 'manifest'):
             path = prefix + suffix
-            self.assertTrue(os.path.islink(path))
-            self.assertTrue(os.path.isfile(os.path.realpath(path)))
+            self.assertTrue(os.path.islink(path), msg="Link %s wasn't generated as expected" % path)
+            self.assertTrue(os.path.isfile(os.path.realpath(path)), msg="File linked to by %s wasn't generated as expected" % path)
 
-    @only_for_arch(['i586', 'i686', 'x86_64'])
+    # TODO this should work on aarch64
+    @skipIfNotArch(['i586', 'i686', 'x86_64'])
+    @OETestTag("runqemu")
     def test_qemu(self):
         """Test wic-image-minimal under qemu"""
         config = 'IMAGE_FSTYPES += "wic"\nWKS_FILE = "wic-image-minimal"\n'\
-                 'MACHINE_FEATURES_append = " efi"\n'
+                 'MACHINE_FEATURES:append = " efi"\n'
         self.append_config(config)
-        self.assertEqual(0, bitbake('wic-image-minimal').status)
+        image_recipe_append = """
+do_image_wic[postfuncs] += "run_wic_cmd"
+run_wic_cmd() {
+    echo "test" >> ${WORKDIR}/test.wic-cp
+    wic cp --vars "${STAGING_DIR}/${MACHINE}/imgdata/" -e "${IMAGE_BASENAME}" ${WORKDIR}/test.wic-cp  ${IMGDEPLOYDIR}/${IMAGE_NAME}.wic:1/
+    wic ls --vars "${STAGING_DIR}/${MACHINE}/imgdata/" -e "${IMAGE_BASENAME}" ${IMGDEPLOYDIR}/${IMAGE_NAME}.wic:1/
+    wic rm --vars "${STAGING_DIR}/${MACHINE}/imgdata/" -e "${IMAGE_BASENAME}" ${IMGDEPLOYDIR}/${IMAGE_NAME}.wic:1/test.wic-cp
+    wic cp --vars "${STAGING_DIR}/${MACHINE}/imgdata/" -e "${IMAGE_BASENAME}" ${WORKDIR}/test.wic-cp  ${IMGDEPLOYDIR}/${IMAGE_NAME}.wic:1/
+}
+"""
+        self.write_recipeinc('images', image_recipe_append)
+        bitbake('wic-image-minimal')
+
+        sysroot = get_bb_var('RECIPE_SYSROOT_NATIVE', 'wic-tools')
+        bb_vars = get_bb_vars(['DEPLOY_DIR_IMAGE', 'IMAGE_LINK_NAME'], "wic-image-minimal")
+        image_path = os.path.join(bb_vars['DEPLOY_DIR_IMAGE'], bb_vars['IMAGE_LINK_NAME'])
+        # check if file is there
+        result = runCmd("wic ls %s:1/ -n %s" % (image_path+".wic", sysroot))
+        self.assertIn("test.wic-cp", result.output)
         self.remove_config(config)
 
-        with runqemu('wic-image-minimal', ssh=False) as qemu:
+        runqemu_params = get_bb_var('TEST_RUNQEMUPARAMS', 'wic-image-minimal') or ""
+        with runqemu('wic-image-minimal', ssh=False, runqemuparams='%s nographic' % (runqemu_params)) as qemu:
             cmd = "mount | grep '^/dev/' | cut -f1,3 -d ' ' | egrep -c -e '/dev/sda1 /boot' " \
                   "-e '/dev/root /|/dev/sda2 /' -e '/dev/sda3 /media' -e '/dev/sda4 /mnt'"
             status, output = qemu.run_serial(cmd)
             self.assertEqual(1, status, 'Failed to run command "%s": %s' % (cmd, output))
             self.assertEqual(output, '4')
-            cmd = "grep UUID= /etc/fstab"
+            cmd = "grep UUID=2c71ef06-a81d-4735-9d3a-379b69c6bdba /etc/fstab"
             status, output = qemu.run_serial(cmd)
             self.assertEqual(1, status, 'Failed to run command "%s": %s' % (cmd, output))
             self.assertEqual(output, 'UUID=2c71ef06-a81d-4735-9d3a-379b69c6bdba\t/media\text4\tdefaults\t0\t0')
 
-    @only_for_arch(['i586', 'i686', 'x86_64'])
+    @skipIfNotArch(['i586', 'i686', 'x86_64'])
+    @OETestTag("runqemu")
     def test_qemu_efi(self):
         """Test core-image-minimal efi image under qemu"""
         config = 'IMAGE_FSTYPES = "wic"\nWKS_FILE = "mkefidisk.wks"\n'
         self.append_config(config)
-        self.assertEqual(0, bitbake('core-image-minimal ovmf').status)
+        bitbake('core-image-minimal ovmf')
         self.remove_config(config)
 
+        runqemu_params = get_bb_var('TEST_RUNQEMUPARAMS', 'core-image-minimal') or ""
         with runqemu('core-image-minimal', ssh=False,
-                     runqemuparams='ovmf', image_fstype='wic') as qemu:
+                     runqemuparams='%s nographic ovmf' % (runqemu_params), image_fstype='wic') as qemu:
             cmd = "grep sda. /proc/partitions  |wc -l"
             status, output = qemu.run_serial(cmd)
             self.assertEqual(1, status, 'Failed to run command "%s": %s' % (cmd, output))
@@ -831,7 +1134,7 @@ class Wic2(WicTestCase):
 
         wksname = os.path.splitext(os.path.basename(wkspath))[0]
 
-        wicout = glob(self.resultdir + "%s-*direct" % wksname)
+        wicout = glob(os.path.join(self.resultdir, "%s-*direct" % wksname))
 
         if not wicout:
             return (p, None)
@@ -842,8 +1145,8 @@ class Wic2(WicTestCase):
             native_sysroot = get_bb_var("RECIPE_SYSROOT_NATIVE", "wic-tools")
 
         # verify partition size with wic
-        res = runCmd("parted -m %s unit kib p 2>/dev/null" % wicimg,
-                     native_sysroot=native_sysroot)
+        res = runCmd("parted -m %s unit kib p" % wicimg,
+                     native_sysroot=native_sysroot, stderr=subprocess.PIPE)
 
         # parse parted output which looks like this:
         # BYT;\n
@@ -882,71 +1185,71 @@ class Wic2(WicTestCase):
         with NamedTemporaryFile("w", suffix=".wks") as tempf:
             # Test that partitions are placed at the correct offsets, default KB
             tempf.write("bootloader --ptable gpt\n" \
-                        "part /    --source rootfs --ondisk hda --offset 32     --fixed-size 100M --fstype=ext4\n" \
-                        "part /bar                 --ondisk hda --offset 102432 --fixed-size 100M --fstype=ext4\n")
+                        "part /    --source rootfs --ondisk hda --offset 32     --fixed-size 200M --fstype=ext4\n" \
+                        "part /bar                 --ondisk hda --offset 204832 --fixed-size 100M --fstype=ext4\n")
             tempf.flush()
 
             _, partlns = self._get_wic_partitions(tempf.name, native_sysroot)
             self.assertEqual(partlns, [
-                "1:32.0kiB:102432kiB:102400kiB:ext4:primary:;",
-                "2:102432kiB:204832kiB:102400kiB:ext4:primary:;",
+                "1:32.0kiB:204832kiB:204800kiB:ext4:primary:;",
+                "2:204832kiB:307232kiB:102400kiB:ext4:primary:;",
                 ])
 
         with NamedTemporaryFile("w", suffix=".wks") as tempf:
             # Test that partitions are placed at the correct offsets, same with explicit KB
             tempf.write("bootloader --ptable gpt\n" \
-                        "part /    --source rootfs --ondisk hda --offset 32K     --fixed-size 100M --fstype=ext4\n" \
-                        "part /bar                 --ondisk hda --offset 102432K --fixed-size 100M --fstype=ext4\n")
+                        "part /    --source rootfs --ondisk hda --offset 32K     --fixed-size 200M --fstype=ext4\n" \
+                        "part /bar                 --ondisk hda --offset 204832K --fixed-size 100M --fstype=ext4\n")
             tempf.flush()
 
             _, partlns = self._get_wic_partitions(tempf.name, native_sysroot)
             self.assertEqual(partlns, [
-                "1:32.0kiB:102432kiB:102400kiB:ext4:primary:;",
-                "2:102432kiB:204832kiB:102400kiB:ext4:primary:;",
+                "1:32.0kiB:204832kiB:204800kiB:ext4:primary:;",
+                "2:204832kiB:307232kiB:102400kiB:ext4:primary:;",
                 ])
 
         with NamedTemporaryFile("w", suffix=".wks") as tempf:
             # Test that partitions are placed at the correct offsets using MB
             tempf.write("bootloader --ptable gpt\n" \
-                        "part /    --source rootfs --ondisk hda --offset 32K  --fixed-size 100M --fstype=ext4\n" \
-                        "part /bar                 --ondisk hda --offset 101M --fixed-size 100M --fstype=ext4\n")
+                        "part /    --source rootfs --ondisk hda --offset 32K  --fixed-size 200M --fstype=ext4\n" \
+                        "part /bar                 --ondisk hda --offset 201M --fixed-size 100M --fstype=ext4\n")
             tempf.flush()
 
             _, partlns = self._get_wic_partitions(tempf.name, native_sysroot)
             self.assertEqual(partlns, [
-                "1:32.0kiB:102432kiB:102400kiB:ext4:primary:;",
-                "2:103424kiB:205824kiB:102400kiB:ext4:primary:;",
+                "1:32.0kiB:204832kiB:204800kiB:ext4:primary:;",
+                "2:205824kiB:308224kiB:102400kiB:ext4:primary:;",
                 ])
 
         with NamedTemporaryFile("w", suffix=".wks") as tempf:
             # Test that partitions can be placed on a 512 byte sector boundary
             tempf.write("bootloader --ptable gpt\n" \
-                        "part /    --source rootfs --ondisk hda --offset 65s --fixed-size 99M --fstype=ext4\n" \
-                        "part /bar                 --ondisk hda --offset 102432 --fixed-size 100M --fstype=ext4\n")
+                        "part /    --source rootfs --ondisk hda --offset 65s --fixed-size 199M --fstype=ext4\n" \
+                        "part /bar                 --ondisk hda --offset 204832 --fixed-size 100M --fstype=ext4\n")
             tempf.flush()
 
             _, partlns = self._get_wic_partitions(tempf.name, native_sysroot)
             self.assertEqual(partlns, [
-                "1:32.5kiB:101408kiB:101376kiB:ext4:primary:;",
-                "2:102432kiB:204832kiB:102400kiB:ext4:primary:;",
+                "1:32.5kiB:203808kiB:203776kiB:ext4:primary:;",
+                "2:204832kiB:307232kiB:102400kiB:ext4:primary:;",
                 ])
 
         with NamedTemporaryFile("w", suffix=".wks") as tempf:
             # Test that a partition can be placed immediately after a MSDOS partition table
             tempf.write("bootloader --ptable msdos\n" \
-                        "part /    --source rootfs --ondisk hda --offset 1s --fixed-size 100M --fstype=ext4\n")
+                        "part /    --source rootfs --ondisk hda --offset 1s --fixed-size 200M --fstype=ext4\n")
             tempf.flush()
 
             _, partlns = self._get_wic_partitions(tempf.name, native_sysroot)
             self.assertEqual(partlns, [
-                "1:0.50kiB:102400kiB:102400kiB:ext4::;",
+                "1:0.50kiB:204800kiB:204800kiB:ext4::;",
                 ])
 
         with NamedTemporaryFile("w", suffix=".wks") as tempf:
             # Test that image creation fails if the partitions would overlap
             tempf.write("bootloader --ptable gpt\n" \
-                        "part /    --source rootfs --ondisk hda --offset 32     --fixed-size 100M --fstype=ext4\n" \
-                        "part /bar                 --ondisk hda --offset 102431 --fixed-size 100M --fstype=ext4\n")
+                        "part /    --source rootfs --ondisk hda --offset 32     --fixed-size 200M --fstype=ext4\n" \
+                        "part /bar                 --ondisk hda --offset 204831 --fixed-size 100M --fstype=ext4\n")
             tempf.flush()
 
             p, _ = self._get_wic_partitions(tempf.name, ignore_status=True)
@@ -955,7 +1258,7 @@ class Wic2(WicTestCase):
         with NamedTemporaryFile("w", suffix=".wks") as tempf:
             # Test that partitions are not allowed to overlap with the booloader
             tempf.write("bootloader --ptable gpt\n" \
-                        "part /    --source rootfs --ondisk hda --offset 8 --fixed-size 100M --fstype=ext4\n")
+                        "part /    --source rootfs --ondisk hda --offset 8 --fixed-size 200M --fstype=ext4\n")
             tempf.flush()
 
             p, _ = self._get_wic_partitions(tempf.name, ignore_status=True)
@@ -976,50 +1279,74 @@ class Wic2(WicTestCase):
             size = int(size[:-3])
             self.assertGreaterEqual(size, 204800)
 
-    @only_for_arch(['i586', 'i686', 'x86_64'])
+    # TODO this test could also work on aarch64
+    @skipIfNotArch(['i586', 'i686', 'x86_64'])
+    @OETestTag("runqemu")
     def test_rawcopy_plugin_qemu(self):
         """Test rawcopy plugin in qemu"""
-        # build ext4 and wic images
-        for fstype in ("ext4", "wic"):
-            config = 'IMAGE_FSTYPES = "%s"\nWKS_FILE = "test_rawcopy_plugin.wks.in"\n' % fstype
-            self.append_config(config)
-            self.assertEqual(0, bitbake('core-image-minimal').status)
-            self.remove_config(config)
+        # build ext4 and then use it for a wic image
+        config = 'IMAGE_FSTYPES = "ext4"\n'
+        self.append_config(config)
+        bitbake('core-image-minimal')
+        image_link_name = get_bb_var('IMAGE_LINK_NAME', 'core-image-minimal')
+        self.remove_config(config)
 
-        with runqemu('core-image-minimal', ssh=False, image_fstype='wic') as qemu:
+        config = 'IMAGE_FSTYPES = "wic"\n' \
+                 'IMAGE_LINK_NAME_CORE_IMAGE_MINIMAL = "%s"\n'\
+                 'WKS_FILE = "test_rawcopy_plugin.wks.in"\n'\
+                 % image_link_name
+        self.append_config(config)
+        bitbake('core-image-minimal-mtdutils')
+        self.remove_config(config)
+
+        runqemu_params = get_bb_var('TEST_RUNQEMUPARAMS', 'core-image-minimal-mtdutils') or ""
+        with runqemu('core-image-minimal-mtdutils', ssh=False,
+                     runqemuparams='%s nographic' % (runqemu_params), image_fstype='wic') as qemu:
             cmd = "grep sda. /proc/partitions  |wc -l"
             status, output = qemu.run_serial(cmd)
             self.assertEqual(1, status, 'Failed to run command "%s": %s' % (cmd, output))
             self.assertEqual(output, '2')
 
-    def test_rawcopy_plugin(self):
+    def _rawcopy_plugin(self, fstype):
         """Test rawcopy plugin"""
-        img = 'core-image-minimal'
-        machine = get_bb_var('MACHINE', img)
+        image = 'core-image-minimal'
+        bb_vars = get_bb_vars(['DEPLOY_DIR_IMAGE', 'IMAGE_LINK_NAME'], image)
+        params = ',unpack' if fstype.endswith('.gz') else ''
         with NamedTemporaryFile("w", suffix=".wks") as wks:
-            wks.writelines(['part /boot --active --source bootimg-pcbios\n',
-                            'part / --source rawcopy --sourceparams="file=%s-%s.ext4" --use-uuid\n'\
-                             % (img, machine),
-                            'bootloader --timeout=0 --append="console=ttyS0,115200n8"\n'])
+            wks.write('part / --source rawcopy --sourceparams="file=%s.%s%s"\n'\
+                      % (bb_vars['IMAGE_LINK_NAME'], fstype, params))
             wks.flush()
-            cmd = "wic create %s -e %s -o %s" % (wks.name, img, self.resultdir)
+            cmd = "wic create %s -e %s -o %s" % (wks.name, image, self.resultdir)
             runCmd(cmd)
             wksname = os.path.splitext(os.path.basename(wks.name))[0]
-            out = glob(self.resultdir + "%s-*direct" % wksname)
+            out = glob(os.path.join(self.resultdir, "%s-*direct" % wksname))
             self.assertEqual(1, len(out))
 
+    def test_rawcopy_plugin(self):
+        config = 'IMAGE_FSTYPES = "ext4"\n'
+        self.append_config(config)
+        self.assertEqual(0, bitbake('core-image-minimal').status)
+        self.remove_config(config)
+        self._rawcopy_plugin('ext4')
+
+    def test_rawcopy_plugin_unpack(self):
+        fstype = 'ext4.gz'
+        config = 'IMAGE_FSTYPES = "%s"\n' % fstype
+        self.append_config(config)
+        self.assertEqual(0, bitbake('core-image-minimal').status)
+        self.remove_config(config)
+        self._rawcopy_plugin(fstype)
+
     def test_empty_plugin(self):
         """Test empty plugin"""
         config = 'IMAGE_FSTYPES = "wic"\nWKS_FILE = "test_empty_plugin.wks"\n'
         self.append_config(config)
-        self.assertEqual(0, bitbake('core-image-minimal').status)
+        image = 'core-image-minimal'
+        bitbake(image)
         self.remove_config(config)
-
-        bb_vars = get_bb_vars(['DEPLOY_DIR_IMAGE', 'MACHINE'])
-        deploy_dir = bb_vars['DEPLOY_DIR_IMAGE']
-        machine = bb_vars['MACHINE']
-        image_path = os.path.join(deploy_dir, 'core-image-minimal-%s.wic' % machine)
-        self.assertEqual(True, os.path.exists(image_path))
+        bb_vars = get_bb_vars(['DEPLOY_DIR_IMAGE', 'IMAGE_LINK_NAME'], image)
+        image_path = os.path.join(bb_vars['DEPLOY_DIR_IMAGE'], '%s.wic' % bb_vars['IMAGE_LINK_NAME'])
+        self.assertTrue(os.path.exists(image_path), msg="Image file %s wasn't generated as expected" % image_path)
 
         sysroot = get_bb_var('RECIPE_SYSROOT_NATIVE', 'wic-tools')
 
@@ -1028,15 +1355,18 @@ class Wic2(WicTestCase):
         result = runCmd("wic ls %s -n %s | awk -F ' ' '{print $1 \" \" $5}' | grep '^2' | wc -w" % (image_path, sysroot))
         self.assertEqual('1', result.output)
 
-    @only_for_arch(['i586', 'i686', 'x86_64'])
+    @skipIfNotArch(['i586', 'i686', 'x86_64'])
+    @OETestTag("runqemu")
     def test_biosplusefi_plugin_qemu(self):
         """Test biosplusefi plugin in qemu"""
-        config = 'IMAGE_FSTYPES = "wic"\nWKS_FILE = "test_biosplusefi_plugin.wks"\nMACHINE_FEATURES_append = " efi"\n'
+        config = 'IMAGE_FSTYPES = "wic"\nWKS_FILE = "test_biosplusefi_plugin.wks"\nMACHINE_FEATURES:append = " efi"\n'
         self.append_config(config)
-        self.assertEqual(0, bitbake('core-image-minimal').status)
+        bitbake('core-image-minimal')
         self.remove_config(config)
 
-        with runqemu('core-image-minimal', ssh=False, image_fstype='wic') as qemu:
+        runqemu_params = get_bb_var('TEST_RUNQEMUPARAMS', 'core-image-minimal') or ""
+        with runqemu('core-image-minimal', ssh=False,
+                     runqemuparams='%s nographic' % (runqemu_params), image_fstype='wic') as qemu:
             # Check that we have ONLY two /dev/sda* partitions (/boot and /)
             cmd = "grep sda. /proc/partitions | wc -l"
             status, output = qemu.run_serial(cmd)
@@ -1059,32 +1389,178 @@ class Wic2(WicTestCase):
             self.assertEqual(1, status, 'Failed to run command "%s": %s' % (cmd, output))
             self.assertEqual(output, '*')
 
-    @only_for_arch(['i586', 'i686', 'x86_64'])
+    @skipIfNotArch(['i586', 'i686', 'x86_64'])
     def test_biosplusefi_plugin(self):
         """Test biosplusefi plugin"""
         # Wic generation below may fail depending on the order of the unittests
-        # This is because bootimg-pcbios (that bootimg-biosplusefi uses) generate its MBR inside STAGING_DATADIR directory
+        # This is because bootimg_pcbios (that bootimg_biosplusefi uses) generate its MBR inside STAGING_DATADIR directory
         #    which may or may not exists depending on what was built already
         # If an image hasn't been built yet, directory ${STAGING_DATADIR}/syslinux won't exists and _get_bootimg_dir()
         #   will raise with "Couldn't find correct bootimg_dir"
         # The easiest way to work-around this issue is to make sure we already built an image here, hence the bitbake call
-        config = 'IMAGE_FSTYPES = "wic"\nWKS_FILE = "test_biosplusefi_plugin.wks"\nMACHINE_FEATURES_append = " efi"\n'
+        config = 'IMAGE_FSTYPES = "wic"\nWKS_FILE = "test_biosplusefi_plugin.wks"\nMACHINE_FEATURES:append = " efi"\n'
         self.append_config(config)
-        self.assertEqual(0, bitbake('core-image-minimal').status)
+        bitbake('core-image-minimal')
+        self.remove_config(config)
+
+        img = 'core-image-minimal'
+        with NamedTemporaryFile("w", suffix=".wks") as wks:
+            wks.writelines(['part /boot --active --source bootimg_biosplusefi --sourceparams="loader=grub-efi"\n',
+                            'part / --source rootfs --fstype=ext4 --align 1024 --use-uuid\n'\
+                            'bootloader --timeout=0 --append="console=ttyS0,115200n8"\n'])
+            wks.flush()
+            cmd = "wic create %s -e %s -o %s" % (wks.name, img, self.resultdir)
+            runCmd(cmd)
+            wksname = os.path.splitext(os.path.basename(wks.name))[0]
+            out = glob(os.path.join(self.resultdir, "%s-*.direct" % wksname))
+            self.assertEqual(1, len(out))
+
+    @skipIfNotArch(['i586', 'i686', 'x86_64', 'aarch64'])
+    def test_uefi_kernel(self):
+        """ Test uefi-kernel in wic """
+        config = 'IMAGE_EFI_BOOT_FILES="/etc/fstab;testfile"\nIMAGE_FSTYPES = "wic"\nWKS_FILE = "test_uefikernel.wks"\nMACHINE_FEATURES:append = " efi"\n'
+        self.append_config(config)
+        bitbake('core-image-minimal')
         self.remove_config(config)
 
         img = 'core-image-minimal'
         with NamedTemporaryFile("w", suffix=".wks") as wks:
-            wks.writelines(['part /boot --active --source bootimg-biosplusefi --sourceparams="loader=grub-efi"\n',
+            wks.writelines(['part /boot --source bootimg_efi --sourceparams="loader=uefi-kernel"\n'
                             'part / --source rootfs --fstype=ext4 --align 1024 --use-uuid\n'\
                             'bootloader --timeout=0 --append="console=ttyS0,115200n8"\n'])
             wks.flush()
             cmd = "wic create %s -e %s -o %s" % (wks.name, img, self.resultdir)
             runCmd(cmd)
             wksname = os.path.splitext(os.path.basename(wks.name))[0]
-            out = glob(self.resultdir + "%s-*.direct" % wksname)
+            out = glob(os.path.join(self.resultdir, "%s-*.direct" % wksname))
             self.assertEqual(1, len(out))
 
+    # TODO this test could also work on aarch64
+    @skipIfNotArch(['i586', 'i686', 'x86_64'])
+    @OETestTag("runqemu")
+    def test_efi_plugin_unified_kernel_image_qemu(self):
+        """Test Unified Kernel Image feature in qemu without systemd in initramfs or rootfs"""
+        config = """
+# efi firmware must load systemd-boot, not grub
+EFI_PROVIDER = "systemd-boot"
+
+# image format must be wic, needs esp partition for firmware etc
+IMAGE_FSTYPES:pn-core-image-base:append = " wic"
+WKS_FILE = "test_efi_plugin.wks"
+
+# efi, uki and systemd features must be enabled
+MACHINE_FEATURES:append = " efi"
+IMAGE_CLASSES:append:pn-core-image-base = " uki"
+
+# uki embeds also an initrd, no systemd or udev
+INITRAMFS_IMAGE = "core-image-initramfs-boot"
+
+# runqemu must not load kernel separately, it's in the uki
+QB_KERNEL_ROOT = ""
+QB_DEFAULT_KERNEL = "none"
+
+# boot command line provided via uki, not via bootloader
+UKI_CMDLINE = "rootwait root=LABEL=root console=${KERNEL_CONSOLE}"
+
+"""
+        self.append_config(config)
+        bitbake('core-image-base ovmf')
+        runqemu_params = get_bb_var('TEST_RUNQEMUPARAMS', 'core-image-base') or ""
+        uki_filename = get_bb_var('UKI_FILENAME', 'core-image-base')
+        self.remove_config(config)
+
+        with runqemu('core-image-base', ssh=False,
+                     runqemuparams='%s nographic ovmf' % (runqemu_params), image_fstype='wic') as qemu:
+            # Check that /boot has EFI boot*.efi (required for EFI)
+            cmd = "ls /boot/EFI/BOOT/boot*.efi | wc -l"
+            status, output = qemu.run_serial(cmd)
+            self.assertEqual(1, status, 'Failed to run command "%s": %s' % (cmd, output))
+            self.assertEqual(output, '1')
+            # Check that /boot has EFI/Linux/${UKI_FILENAME} (required for Unified Kernel Images auto detection)
+            cmd = "ls /boot/EFI/Linux/%s | wc -l" % (uki_filename)
+            status, output = qemu.run_serial(cmd)
+            self.assertEqual(1, status, 'Failed to run command "%s": %s' % (cmd, output))
+            self.assertEqual(output, '1')
+            # Check that /boot doesn't have loader/entries/boot.conf (Unified Kernel Images are auto detected by the bootloader)
+            cmd = "ls /boot/loader/entries/boot.conf 2&>/dev/null | wc -l"
+            status, output = qemu.run_serial(cmd)
+            self.assertEqual(1, status, 'Failed to run command "%s": %s' % (cmd, output))
+            self.assertEqual(output, '0')
+
+    @skipIfNotArch(['aarch64'])
+    @OETestTag("runqemu")
+    def test_efi_plugin_plain_systemd_boot_qemu_aarch64(self):
+        """Test plain systemd-boot in qemu with systemd"""
+        config = """
+INIT_MANAGER = "systemd"
+EFI_PROVIDER = "systemd-boot"
+
+# image format must be wic, needs esp partition for firmware etc
+IMAGE_FSTYPES:pn-core-image-base:append = " wic"
+WKS_FILE = "test_efi_plugin_plain_systemd-boot.wks"
+
+INITRAMFS_IMAGE = "core-image-initramfs-boot"
+
+# to configure runqemu
+IMAGE_CLASSES += "qemuboot"
+# u-boot efi firmware
+QB_DEFAULT_BIOS = "u-boot.bin"
+# need to use virtio, scsi not supported by u-boot by default
+QB_DRIVE_TYPE = "/dev/vd"
+
+# disable kvm, breaks boot
+QEMU_USE_KVM = ""
+
+IMAGE_CLASSES:remove = 'testimage'
+"""
+        self.append_config(config)
+        bitbake('core-image-base u-boot')
+        runqemu_params = get_bb_var('TEST_RUNQEMUPARAMS', 'core-image-base') or ""
+
+        with runqemu('core-image-base', ssh=False,
+                     runqemuparams='%s nographic' % (runqemu_params), image_fstype='wic') as qemu:
+            # Check that /boot has EFI boot*.efi (required for EFI)
+            cmd = "ls /boot/EFI/BOOT/boot*.efi | wc -l"
+            status, output = qemu.run_serial(cmd)
+            self.assertEqual(1, status, 'Failed to run command "%s": %s' % (cmd, output))
+            self.assertEqual(output, '1')
+            # Check that boot.conf exists
+            cmd = "cat /boot/loader/entries/boot.conf"
+            status, output = qemu.run_serial(cmd)
+            self.assertEqual(1, status, 'Failed to run command "%s": %s' % (cmd, output))
+        self.remove_config(config)
+
+    @skipIfNotArch(['i586', 'i686', 'x86_64'])
+    @OETestTag("runqemu")
+    def test_efi_plugin_plain_systemd_boot_qemu_x86(self):
+        """Test plain systemd-boot to systemd in qemu"""
+        config = """
+INIT_MANAGER = "systemd"
+EFI_PROVIDER = "systemd-boot"
+
+# image format must be wic, needs esp partition for firmware etc
+IMAGE_FSTYPES:pn-core-image-base:append = " wic"
+WKS_FILE = "test_efi_plugin_plain_systemd-boot.wks"
+
+INITRAMFS_IMAGE = "core-image-initramfs-boot"
+"""
+        self.append_config(config)
+        bitbake('core-image-base ovmf')
+        runqemu_params = get_bb_var('TEST_RUNQEMUPARAMS', 'core-image-base') or ""
+        self.remove_config(config)
+
+        with runqemu('core-image-base', ssh=False,
+                     runqemuparams='%s nographic ovmf' % (runqemu_params), image_fstype='wic') as qemu:
+            # Check that /boot has EFI boot*.efi (required for EFI)
+            cmd = "ls /boot/EFI/BOOT/boot*.efi | wc -l"
+            status, output = qemu.run_serial(cmd)
+            self.assertEqual(1, status, 'Failed to run command "%s": %s' % (cmd, output))
+            self.assertEqual(output, '1')
+            # Check that boot.conf exists
+            cmd = "cat /boot/loader/entries/boot.conf"
+            status, output = qemu.run_serial(cmd)
+            self.assertEqual(1, status, 'Failed to run command "%s": %s' % (cmd, output))
+
     def test_fs_types(self):
         """Test filesystem types for empty and not empty partitions"""
         img = 'core-image-minimal'
@@ -1101,7 +1577,7 @@ class Wic2(WicTestCase):
             cmd = "wic create %s -e %s -o %s" % (wks.name, img, self.resultdir)
             runCmd(cmd)
             wksname = os.path.splitext(os.path.basename(wks.name))[0]
-            out = glob(self.resultdir + "%s-*direct" % wksname)
+            out = glob(os.path.join(self.resultdir, "%s-*direct" % wksname))
             self.assertEqual(1, len(out))
 
     def test_kickstart_parser(self):
@@ -1113,7 +1589,7 @@ class Wic2(WicTestCase):
             cmd = "wic create %s -e core-image-minimal -o %s" % (wks.name, self.resultdir)
             runCmd(cmd)
             wksname = os.path.splitext(os.path.basename(wks.name))[0]
-            out = glob(self.resultdir + "%s-*direct" % wksname)
+            out = glob(os.path.join(self.resultdir, "%s-*direct" % wksname))
             self.assertEqual(1, len(out))
 
     def test_image_bootpart_globbed(self):
@@ -1124,11 +1600,11 @@ class Wic2(WicTestCase):
         self.append_config(config)
         runCmd(cmd)
         self.remove_config(config)
-        self.assertEqual(1, len(glob(self.resultdir + "sdimage-bootpart-*direct")))
+        self.assertEqual(1, len(glob(os.path.join(self.resultdir, "sdimage-bootpart-*direct"))))
 
     def test_sparse_copy(self):
         """Test sparse_copy with FIEMAP and SEEK_HOLE filemap APIs"""
-        libpath = os.path.join(get_bb_var('COREBASE'), 'scripts', 'lib', 'wic')
+        libpath = os.path.join(self.td['COREBASE'], 'scripts', 'lib', 'wic')
         sys.path.insert(0, libpath)
         from  filemap import FilemapFiemap, FilemapSeek, sparse_copy, ErrorNotSupp
         with NamedTemporaryFile("w", suffix=".wic-sparse") as sparse:
@@ -1154,12 +1630,148 @@ class Wic2(WicTestCase):
                 self.assertEqual(dest_stat.st_blocks, 8)
             os.unlink(dest)
 
+    def test_mkfs_extraopts(self):
+        """Test wks option --mkfs-extraopts for empty and not empty partitions"""
+        img = 'core-image-minimal'
+        with NamedTemporaryFile("w", suffix=".wks") as wks:
+            wks.writelines(
+                ['part ext2   --fstype ext2     --source rootfs --mkfs-extraopts "-D -F -i 8192"\n',
+                 "part btrfs  --fstype btrfs    --source rootfs --size 40M --mkfs-extraopts='--quiet'\n",
+                 'part squash --fstype squashfs --source rootfs --mkfs-extraopts "-no-sparse -b 4096"\n',
+                 'part emptyvfat   --fstype vfat   --size 1M --mkfs-extraopts "-S 1024 -s 64"\n',
+                 'part emptymsdos  --fstype msdos  --size 1M --mkfs-extraopts "-S 1024 -s 64"\n',
+                 'part emptyext2   --fstype ext2   --size 1M --mkfs-extraopts "-D -F -i 8192"\n',
+                 'part emptybtrfs  --fstype btrfs  --size 100M --mkfs-extraopts "--mixed -K"\n'])
+            wks.flush()
+            cmd = "wic create %s -e %s -o %s" % (wks.name, img, self.resultdir)
+            runCmd(cmd)
+            wksname = os.path.splitext(os.path.basename(wks.name))[0]
+            out = glob(os.path.join(self.resultdir, "%s-*direct" % wksname))
+            self.assertEqual(1, len(out))
+
+    @skipIfNotArch(['i586', 'i686', 'x86_64'])
+    @OETestTag("runqemu")
+    def test_expand_mbr_image(self):
+        """Test wic write --expand command for mbr image"""
+        # build an image
+        config = 'IMAGE_FSTYPES = "wic"\nWKS_FILE = "directdisk.wks"\n'
+        self.append_config(config)
+        image = 'core-image-minimal'
+        bitbake(image)
+
+        # get path to the image
+        bb_vars = get_bb_vars(['DEPLOY_DIR_IMAGE', 'IMAGE_LINK_NAME'], image)
+        image_path = os.path.join(bb_vars['DEPLOY_DIR_IMAGE'], '%s.wic' % bb_vars['IMAGE_LINK_NAME'])
+
+        self.remove_config(config)
+
+        try:
+            # expand image to 1G
+            new_image_path = None
+            with NamedTemporaryFile(mode='wb', suffix='.wic.exp',
+                                    dir=bb_vars['DEPLOY_DIR_IMAGE'], delete=False) as sparse:
+                sparse.truncate(1024 ** 3)
+                new_image_path = sparse.name
+
+            sysroot = get_bb_var('RECIPE_SYSROOT_NATIVE', 'wic-tools')
+            cmd = "wic write -n %s --expand 1:0 %s %s" % (sysroot, image_path, new_image_path)
+            runCmd(cmd)
+
+            # check if partitions are expanded
+            orig = runCmd("wic ls %s -n %s" % (image_path, sysroot))
+            exp = runCmd("wic ls %s -n %s" % (new_image_path, sysroot))
+            orig_sizes = [int(line.split()[3]) for line in orig.output.split('\n')[1:]]
+            exp_sizes = [int(line.split()[3]) for line in exp.output.split('\n')[1:]]
+            self.assertEqual(orig_sizes[0], exp_sizes[0]) # first partition is not resized
+            self.assertTrue(orig_sizes[1] < exp_sizes[1], msg="Parition size wasn't enlarged (%s vs %s)" % (orig_sizes[1], exp_sizes[1]))
+
+            # Check if all free space is partitioned
+            result = runCmd("%s/usr/sbin/sfdisk -F %s" % (sysroot, new_image_path))
+            self.assertIn("0 B, 0 bytes, 0 sectors", result.output)
+
+            os.rename(image_path, image_path + '.bak')
+            os.rename(new_image_path, image_path)
+
+            runqemu_params = get_bb_var('TEST_RUNQEMUPARAMS', 'core-image-minimal') or ""
+            with runqemu('core-image-minimal', ssh=False, runqemuparams='%s nographic' % (runqemu_params)) as qemu:
+                cmd = "ls /etc/"
+                status, output = qemu.run_serial('true')
+                self.assertEqual(1, status, 'Failed to run command "%s": %s' % (cmd, output))
+        finally:
+            if os.path.exists(new_image_path):
+                os.unlink(new_image_path)
+            if os.path.exists(image_path + '.bak'):
+                os.rename(image_path + '.bak', image_path)
+
+    def test_gpt_partition_name(self):
+        """Test --part-name argument to set partition name in GPT table"""
+        config = 'IMAGE_FSTYPES += "wic"\nWKS_FILE = "test_gpt_partition_name.wks"\n'
+        self.append_config(config)
+        image = 'core-image-minimal'
+        bitbake(image)
+        self.remove_config(config)
+        deploy_dir = get_bb_var('DEPLOY_DIR_IMAGE')
+        bb_vars = get_bb_vars(['DEPLOY_DIR_IMAGE', 'IMAGE_LINK_NAME'], image)
+        image_path = os.path.join(bb_vars['DEPLOY_DIR_IMAGE'], '%s.wic' % bb_vars['IMAGE_LINK_NAME'])
+
+        sysroot = get_bb_var('RECIPE_SYSROOT_NATIVE', 'wic-tools')
+
+        # Image is created
+        self.assertTrue(os.path.exists(image_path), "image file %s doesn't exist" % image_path)
+
+        # Check the names of the three partitions
+        # as listed in test_gpt_partition_name.wks
+        result = runCmd("%s/usr/sbin/sfdisk --part-label %s 1" % (sysroot, image_path))
+        self.assertEqual('boot-A', result.output)
+        result = runCmd("%s/usr/sbin/sfdisk --part-label %s 2" % (sysroot, image_path))
+        self.assertEqual('root-A', result.output)
+        # When the --part-name is not defined, the partition name is equal to the --label
+        result = runCmd("%s/usr/sbin/sfdisk --part-label %s 3" % (sysroot, image_path))
+        self.assertEqual('ext-space', result.output)
+
+    def test_empty_zeroize_plugin(self):
+        img = 'core-image-minimal'
+        expected_size = [ 1024*1024,    # 1M
+                          512*1024,     # 512K
+                          2*1024*1024]  # 2M
+        # Check combination of sourceparams
+        with NamedTemporaryFile("w", suffix=".wks") as wks:
+            wks.writelines(
+                ['part empty --source empty --sourceparams="fill" --ondisk sda --fixed-size 1M\n',
+                 'part empty --source empty --sourceparams="size=512K" --ondisk sda --size 1M --align 1024\n',
+                 'part empty --source empty --sourceparams="size=2048k,bs=512K" --ondisk sda --size 4M --align 1024\n'
+                 ])
+            wks.flush()
+            cmd = "wic create %s -e %s -o %s" % (wks.name, img, self.resultdir)
+            runCmd(cmd)
+            wksname = os.path.splitext(os.path.basename(wks.name))[0]
+            wicout = glob(os.path.join(self.resultdir, "%s-*direct" % wksname))
+            # Skip the complete image and just look at the single partitions
+            for idx, value in enumerate(wicout[1:]):
+                self.logger.info(wicout[idx])
+                # Check if partitions are actually zeroized
+                with open(wicout[idx], mode="rb") as fd:
+                    ba = bytearray(fd.read())
+                    for b in ba:
+                        self.assertEqual(b, 0)
+                self.assertEqual(expected_size[idx], os.path.getsize(wicout[idx]))
+
+        # Check inconsistancy check between "fill" and "--size" parameter
+        with NamedTemporaryFile("w", suffix=".wks") as wks:
+            wks.writelines(['part empty --source empty --sourceparams="fill" --ondisk sda --size 1M\n'])
+            wks.flush()
+            cmd = "wic create %s -e %s -o %s" % (wks.name, img, self.resultdir)
+            result = runCmd(cmd, ignore_status=True)
+            self.assertIn("Source parameter 'fill' only works with the '--fixed-size' option, exiting.", result.output)
+            self.assertNotEqual(0, result.status)
+
+class ModifyTests(WicTestCase):
     def test_wic_ls(self):
         """Test listing image content using 'wic ls'"""
         runCmd("wic create wictestdisk "
                                    "--image-name=core-image-minimal "
                                    "-D -o %s" % self.resultdir)
-        images = glob(self.resultdir + "wictestdisk-*.direct")
+        images = glob(os.path.join(self.resultdir, "wictestdisk-*.direct"))
         self.assertEqual(1, len(images))
 
         sysroot = get_bb_var('RECIPE_SYSROOT_NATIVE', 'wic-tools')
@@ -1177,7 +1789,7 @@ class Wic2(WicTestCase):
         runCmd("wic create wictestdisk "
                                    "--image-name=core-image-minimal "
                                    "-D -o %s" % self.resultdir)
-        images = glob(self.resultdir + "wictestdisk-*.direct")
+        images = glob(os.path.join(self.resultdir, "wictestdisk-*.direct"))
         self.assertEqual(1, len(images))
 
         sysroot = get_bb_var('RECIPE_SYSROOT_NATIVE', 'wic-tools')
@@ -1195,7 +1807,7 @@ class Wic2(WicTestCase):
             # check if file is there
             result = runCmd("wic ls %s:1/ -n %s" % (images[0], sysroot))
             self.assertEqual(7, len(result.output.split('\n')))
-            self.assertTrue(os.path.basename(testfile.name) in result.output)
+            self.assertIn(os.path.basename(testfile.name), result.output)
 
             # prepare directory
             testdir = os.path.join(self.resultdir, 'wic-test-cp-dir')
@@ -1209,13 +1821,13 @@ class Wic2(WicTestCase):
             # check if directory is there
             result = runCmd("wic ls %s:1/ -n %s" % (images[0], sysroot))
             self.assertEqual(8, len(result.output.split('\n')))
-            self.assertTrue(os.path.basename(testdir) in result.output)
+            self.assertIn(os.path.basename(testdir), result.output)
 
             # copy the file from the partition and check if it success
             dest = '%s-cp' % testfile.name
             runCmd("wic cp %s:1/%s %s -n %s" % (images[0],
                     os.path.basename(testfile.name), dest, sysroot))
-            self.assertTrue(os.path.exists(dest))
+            self.assertTrue(os.path.exists(dest), msg="File %s wasn't generated as expected" % dest)
 
 
     def test_wic_rm(self):
@@ -1223,105 +1835,35 @@ class Wic2(WicTestCase):
         runCmd("wic create mkefidisk "
                                    "--image-name=core-image-minimal "
                                    "-D -o %s" % self.resultdir)
-        images = glob(self.resultdir + "mkefidisk-*.direct")
+        images = glob(os.path.join(self.resultdir, "mkefidisk-*.direct"))
         self.assertEqual(1, len(images))
 
         sysroot = get_bb_var('RECIPE_SYSROOT_NATIVE', 'wic-tools')
+        # Not bulletproof but hopefully sufficient
+        kerneltype = get_bb_var('KERNEL_IMAGETYPE', 'virtual/kernel')
 
         # list directory content of the first partition
         result = runCmd("wic ls %s:1 -n %s" % (images[0], sysroot))
-        self.assertIn('\nBZIMAGE        ', result.output)
+        self.assertIn('\n%s ' % kerneltype.upper(), result.output)
         self.assertIn('\nEFI          <DIR>     ', result.output)
 
-        # remove file
-        runCmd("wic rm %s:1/bzimage -n %s" % (images[0], sysroot))
+        # remove file. EFI partitions are case-insensitive so exercise that too
+        runCmd("wic rm %s:1/%s -n %s" % (images[0], kerneltype.lower(), sysroot))
 
         # remove directory
         runCmd("wic rm %s:1/efi -n %s" % (images[0], sysroot))
 
         # check if they're removed
         result = runCmd("wic ls %s:1 -n %s" % (images[0], sysroot))
-        self.assertNotIn('\nBZIMAGE        ', result.output)
+        self.assertNotIn('\n%s        ' % kerneltype.upper(), result.output)
         self.assertNotIn('\nEFI          <DIR>     ', result.output)
 
-    def test_mkfs_extraopts(self):
-        """Test wks option --mkfs-extraopts for empty and not empty partitions"""
-        img = 'core-image-minimal'
-        with NamedTemporaryFile("w", suffix=".wks") as wks:
-            wks.writelines(
-                ['part ext2   --fstype ext2     --source rootfs --mkfs-extraopts "-D -F -i 8192"\n',
-                 "part btrfs  --fstype btrfs    --source rootfs --size 40M --mkfs-extraopts='--quiet'\n",
-                 'part squash --fstype squashfs --source rootfs --mkfs-extraopts "-no-sparse -b 4096"\n',
-                 'part emptyvfat   --fstype vfat   --size 1M --mkfs-extraopts "-S 1024 -s 64"\n',
-                 'part emptymsdos  --fstype msdos  --size 1M --mkfs-extraopts "-S 1024 -s 64"\n',
-                 'part emptyext2   --fstype ext2   --size 1M --mkfs-extraopts "-D -F -i 8192"\n',
-                 'part emptybtrfs  --fstype btrfs  --size 100M --mkfs-extraopts "--mixed -K"\n'])
-            wks.flush()
-            cmd = "wic create %s -e %s -o %s" % (wks.name, img, self.resultdir)
-            runCmd(cmd)
-            wksname = os.path.splitext(os.path.basename(wks.name))[0]
-            out = glob(self.resultdir + "%s-*direct" % wksname)
-            self.assertEqual(1, len(out))
-
-    def test_expand_mbr_image(self):
-        """Test wic write --expand command for mbr image"""
-        # build an image
-        config = 'IMAGE_FSTYPES = "wic"\nWKS_FILE = "directdisk.wks"\n'
-        self.append_config(config)
-        self.assertEqual(0, bitbake('core-image-minimal').status)
-
-        # get path to the image
-        bb_vars = get_bb_vars(['DEPLOY_DIR_IMAGE', 'MACHINE'])
-        deploy_dir = bb_vars['DEPLOY_DIR_IMAGE']
-        machine = bb_vars['MACHINE']
-        image_path = os.path.join(deploy_dir, 'core-image-minimal-%s.wic' % machine)
-
-        self.remove_config(config)
-
-        try:
-            # expand image to 1G
-            new_image_path = None
-            with NamedTemporaryFile(mode='wb', suffix='.wic.exp',
-                                    dir=deploy_dir, delete=False) as sparse:
-                sparse.truncate(1024 ** 3)
-                new_image_path = sparse.name
-
-            sysroot = get_bb_var('RECIPE_SYSROOT_NATIVE', 'wic-tools')
-            cmd = "wic write -n %s --expand 1:0 %s %s" % (sysroot, image_path, new_image_path)
-            runCmd(cmd)
-
-            # check if partitions are expanded
-            orig = runCmd("wic ls %s -n %s" % (image_path, sysroot))
-            exp = runCmd("wic ls %s -n %s" % (new_image_path, sysroot))
-            orig_sizes = [int(line.split()[3]) for line in orig.output.split('\n')[1:]]
-            exp_sizes = [int(line.split()[3]) for line in exp.output.split('\n')[1:]]
-            self.assertEqual(orig_sizes[0], exp_sizes[0]) # first partition is not resized
-            self.assertTrue(orig_sizes[1] < exp_sizes[1])
-
-            # Check if all free space is partitioned
-            result = runCmd("%s/usr/sbin/sfdisk -F %s" % (sysroot, new_image_path))
-            self.assertTrue("0 B, 0 bytes, 0 sectors" in result.output)
-
-            os.rename(image_path, image_path + '.bak')
-            os.rename(new_image_path, image_path)
-
-            # Check if it boots in qemu
-            with runqemu('core-image-minimal', ssh=False) as qemu:
-                cmd = "ls /etc/"
-                status, output = qemu.run_serial('true')
-                self.assertEqual(1, status, 'Failed to run command "%s": %s' % (cmd, output))
-        finally:
-            if os.path.exists(new_image_path):
-                os.unlink(new_image_path)
-            if os.path.exists(image_path + '.bak'):
-                os.rename(image_path + '.bak', image_path)
-
     def test_wic_ls_ext(self):
         """Test listing content of the ext partition using 'wic ls'"""
         runCmd("wic create wictestdisk "
                                    "--image-name=core-image-minimal "
                                    "-D -o %s" % self.resultdir)
-        images = glob(self.resultdir + "wictestdisk-*.direct")
+        images = glob(os.path.join(self.resultdir, "wictestdisk-*.direct"))
         self.assertEqual(1, len(images))
 
         sysroot = get_bb_var('RECIPE_SYSROOT_NATIVE', 'wic-tools')
@@ -1329,14 +1871,14 @@ class Wic2(WicTestCase):
         # list directory content of the second ext4 partition
         result = runCmd("wic ls %s:2/ -n %s" % (images[0], sysroot))
         self.assertTrue(set(['bin', 'home', 'proc', 'usr', 'var', 'dev', 'lib', 'sbin']).issubset(
-                            set(line.split()[-1] for line in result.output.split('\n') if line)))
+                            set(line.split()[-1] for line in result.output.split('\n') if line)), msg="Expected directories not present %s" % result.output)
 
     def test_wic_cp_ext(self):
         """Test copy files and directories to the ext partition."""
         runCmd("wic create wictestdisk "
                                    "--image-name=core-image-minimal "
                                    "-D -o %s" % self.resultdir)
-        images = glob(self.resultdir + "wictestdisk-*.direct")
+        images = glob(os.path.join(self.resultdir, "wictestdisk-*.direct"))
         self.assertEqual(1, len(images))
 
         sysroot = get_bb_var('RECIPE_SYSROOT_NATIVE', 'wic-tools')
@@ -1344,7 +1886,7 @@ class Wic2(WicTestCase):
         # list directory content of the ext4 partition
         result = runCmd("wic ls %s:2/ -n %s" % (images[0], sysroot))
         dirs = set(line.split()[-1] for line in result.output.split('\n') if line)
-        self.assertTrue(set(['bin', 'home', 'proc', 'usr', 'var', 'dev', 'lib', 'sbin']).issubset(dirs))
+        self.assertTrue(set(['bin', 'home', 'proc', 'usr', 'var', 'dev', 'lib', 'sbin']).issubset(dirs), msg="Expected directories not present %s" % dirs)
 
         with NamedTemporaryFile("w", suffix=".wic-cp") as testfile:
             testfile.write("test")
@@ -1359,12 +1901,12 @@ class Wic2(WicTestCase):
 
             # check if the file to copy is in the partition
             result = runCmd("wic ls %s:2/etc/ -n %s" % (images[0], sysroot))
-            self.assertTrue('fstab' in [line.split()[-1] for line in result.output.split('\n') if line])
+            self.assertIn('fstab', [line.split()[-1] for line in result.output.split('\n') if line])
 
             # copy file from the partition, replace the temporary file content with it and
             # check for the file size to validate the copy
             runCmd("wic cp %s:2/etc/fstab %s -n %s" % (images[0], testfile.name, sysroot))
-            self.assertTrue(os.stat(testfile.name).st_size > 0)
+            self.assertTrue(os.stat(testfile.name).st_size > 0, msg="Filesize not as expected %s" % os.stat(testfile.name).st_size)
 
 
     def test_wic_rm_ext(self):
@@ -1372,25 +1914,25 @@ class Wic2(WicTestCase):
         runCmd("wic create mkefidisk "
                                    "--image-name=core-image-minimal "
                                    "-D -o %s" % self.resultdir)
-        images = glob(self.resultdir + "mkefidisk-*.direct")
+        images = glob(os.path.join(self.resultdir, "mkefidisk-*.direct"))
         self.assertEqual(1, len(images))
 
         sysroot = get_bb_var('RECIPE_SYSROOT_NATIVE', 'wic-tools')
 
         # list directory content of the /etc directory on ext4 partition
         result = runCmd("wic ls %s:2/etc/ -n %s" % (images[0], sysroot))
-        self.assertTrue('fstab' in [line.split()[-1] for line in result.output.split('\n') if line])
+        self.assertIn('fstab', [line.split()[-1] for line in result.output.split('\n') if line])
 
         # remove file
         runCmd("wic rm %s:2/etc/fstab -n %s" % (images[0], sysroot))
 
         # check if it's removed
         result = runCmd("wic ls %s:2/etc/ -n %s" % (images[0], sysroot))
-        self.assertTrue('fstab' not in [line.split()[-1] for line in result.output.split('\n') if line])
+        self.assertNotIn('fstab', [line.split()[-1] for line in result.output.split('\n') if line])
 
         # remove non-empty directory
         runCmd("wic rm -r %s:2/etc/ -n %s" % (images[0], sysroot))
 
         # check if it's removed
         result = runCmd("wic ls %s:2/ -n %s" % (images[0], sysroot))
-        self.assertTrue('etc' not in [line.split()[-1] for line in result.output.split('\n') if line])
+        self.assertNotIn('etc', [line.split()[-1] for line in result.output.split('\n') if line])
diff --git a/meta/lib/oeqa/selftest/cases/wrapper.py b/meta/lib/oeqa/selftest/cases/wrapper.py
new file mode 100644
index 0000000000..f2be44262c
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/wrapper.py
@@ -0,0 +1,16 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+from oeqa.selftest.case import OESelftestTestCase
+from oeqa.utils.commands import bitbake
+
+class WrapperTests(OESelftestTestCase):
+    def test_shebang_wrapper(self):
+        """
+        Summary:   Build a recipe which will fail if the cmdline_shebang_wrapper function is defective.
+        Expected:  Exit status to be 0.
+        Author:    Paulo Neves <ptsneves@gmail.com>
+        """
+        res = bitbake("cmdline-shebang-wrapper-test -c install", ignore_status=False)
diff --git a/meta/lib/oeqa/selftest/cases/yoctotestresultsquerytests.py b/meta/lib/oeqa/selftest/cases/yoctotestresultsquerytests.py
new file mode 100644
index 0000000000..312edb6431
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/yoctotestresultsquerytests.py
@@ -0,0 +1,39 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+import os
+import sys
+import subprocess
+import shutil
+from oeqa.selftest.case import OESelftestTestCase
+from yocto_testresults_query import get_sha1, create_workdir
+basepath = os.path.abspath(os.path.dirname(__file__) + '/../../../../../')
+lib_path = basepath + '/scripts/lib'
+sys.path = sys.path + [lib_path]
+
+
+class TestResultsQueryTests(OESelftestTestCase):
+    def test_get_sha1(self):
+        test_data_get_sha1 = [
+            {"input": "yocto-4.0", "expected": "00cfdde791a0176c134f31e5a09eff725e75b905"},
+            {"input": "4.1_M1", "expected": "95066dde6861ee08fdb505ab3e0422156cc24fae"},
+        ]
+        for data in test_data_get_sha1:
+            test_name = data["input"]
+            with self.subTest(f"Test SHA1 from {test_name}"):
+                self.assertEqual(
+                    get_sha1(basepath, data["input"]), data["expected"])
+
+    def test_create_workdir(self):
+        workdir = create_workdir()
+        try:
+            url = subprocess.check_output(
+                ["git", "-C", workdir, "remote", "get-url", "origin"]).strip().decode("utf-8")
+        except:
+            shutil.rmtree(workdir, ignore_errors=True)
+            self.fail(f"Can not execute git commands in {workdir}")
+        shutil.rmtree(workdir)
+        self.assertEqual(url, "git://git.yoctoproject.org/yocto-testresults")
diff --git a/meta/lib/oeqa/selftest/context.py b/meta/lib/oeqa/selftest/context.py
index 1659926975..16f82c6737 100644
--- a/meta/lib/oeqa/selftest/context.py
+++ b/meta/lib/oeqa/selftest/context.py
@@ -16,19 +16,32 @@ from random import choice
 import oeqa
 import oe
 import bb.utils
+import bb.tinfoil
 
 from oeqa.core.context import OETestContext, OETestContextExecutor
 from oeqa.core.exception import OEQAPreRun, OEQATestNotFound
 
 from oeqa.utils.commands import runCmd, get_bb_vars, get_test_layer
 
+OESELFTEST_METADATA=["run_all_tests", "run_tests", "skips", "machine", "select_tags", "exclude_tags"]
+
+def get_oeselftest_metadata(args):
+    result = {}
+    raw_args = vars(args)
+    for metadata in OESELFTEST_METADATA:
+        if metadata in raw_args:
+            result[metadata] = raw_args[metadata]
+
+    return result
+
 class NonConcurrentTestSuite(unittest.TestSuite):
-    def __init__(self, suite, processes, setupfunc, removefunc):
+    def __init__(self, suite, processes, setupfunc, removefunc, bb_vars):
         super().__init__([suite])
         self.processes = processes
         self.suite = suite
         self.setupfunc = setupfunc
         self.removefunc = removefunc
+        self.bb_vars = bb_vars
 
     def run(self, result):
         (builddir, newbuilddir) = self.setupfunc("-st", None, self.suite)
@@ -39,7 +52,7 @@ class NonConcurrentTestSuite(unittest.TestSuite):
 
 def removebuilddir(d):
     delay = 5
-    while delay and os.path.exists(d + "/bitbake.lock"):
+    while delay and (os.path.exists(d + "/bitbake.lock") or os.path.exists(d + "/cache/hashserv.db-wal")):
         time.sleep(1)
         delay = delay - 1
     # Deleting these directories takes a lot of time, use autobuilder
@@ -57,8 +70,6 @@ class OESelftestTestContext(OETestContext):
     def __init__(self, td=None, logger=None, machines=None, config_paths=None, newbuilddir=None, keep_builddir=None):
         super(OESelftestTestContext, self).__init__(td, logger)
 
-        self.machines = machines
-        self.custommachine = None
         self.config_paths = config_paths
         self.newbuilddir = newbuilddir
 
@@ -67,10 +78,15 @@ class OESelftestTestContext(OETestContext):
         else:
             self.removebuilddir = removebuilddir
 
+    def set_variables(self, vars):
+        self.bb_vars = vars
+
     def setup_builddir(self, suffix, selftestdir, suite):
+        sstatedir = self.bb_vars['SSTATE_DIR']
+
         builddir = os.environ['BUILDDIR']
         if not selftestdir:
-            selftestdir = get_test_layer()
+            selftestdir = get_test_layer(self.bb_vars['BBLAYERS'])
         if self.newbuilddir:
             newbuilddir = os.path.join(self.newbuilddir, 'build' + suffix)
         else:
@@ -86,16 +102,40 @@ class OESelftestTestContext(OETestContext):
         oe.path.copytree(builddir + "/cache", newbuilddir + "/cache")
         oe.path.copytree(selftestdir, newselftestdir)
 
+        # if the last line of local.conf in newbuilddir is not empty and does not end with newline then add one
+        localconf_path = newbuilddir + "/conf/local.conf"
+        with open(localconf_path, "r+", encoding="utf-8") as f:
+            last_line = f.readlines()[-1]
+            if last_line and not last_line.endswith("\n"):
+                f.write("\n")
+
+        subprocess.check_output("git init && git add * && git commit -a -m 'initial'", cwd=newselftestdir, shell=True)
+
+        # Tried to used bitbake-layers add/remove but it requires recipe parsing and hence is too slow
+        subprocess.check_output("sed %s/conf/bblayers.conf -i -e 's#%s#%s#g'" % (newbuilddir, selftestdir, newselftestdir), cwd=newbuilddir, shell=True)
+
+        # Relative paths in BBLAYERS only works when the new build dir share the same ascending node
+        if self.newbuilddir:
+            bblayers = subprocess.check_output("bitbake-getvar --value BBLAYERS | tail -1", cwd=builddir, shell=True, text=True)
+            if '..' in bblayers:
+                bblayers_abspath = [os.path.abspath(path) for path in bblayers.split()]
+                with open("%s/conf/bblayers.conf" % newbuilddir, "a") as f:
+                    newbblayers = "# new bblayers to be used by selftest in the new build dir '%s'\n" % newbuilddir
+                    newbblayers += 'unset BBLAYERS\n'
+                    newbblayers += 'BBLAYERS = "%s"\n' % ' '.join(bblayers_abspath)
+                    f.write(newbblayers)
+
+        # Rewrite builddir paths seen in environment variables
         for e in os.environ:
-            if builddir + "/" in os.environ[e]:
+            # Rewrite paths that absolutely point inside builddir
+            # (e.g $builddir/conf/ would be rewritten but not $builddir/../bitbake/)
+            if builddir + "/" in os.environ[e] and builddir + "/" in os.path.abspath(os.environ[e]):
                 os.environ[e] = os.environ[e].replace(builddir + "/", newbuilddir + "/")
             if os.environ[e].endswith(builddir):
                 os.environ[e] = os.environ[e].replace(builddir, newbuilddir)
 
-        subprocess.check_output("git init; git add *; git commit -a -m 'initial'", cwd=newselftestdir, shell=True)
-
-        # Tried to used bitbake-layers add/remove but it requires recipe parsing and hence is too slow
-        subprocess.check_output("sed %s/conf/bblayers.conf -i -e 's#%s#%s#g'" % (newbuilddir, selftestdir, newselftestdir), cwd=newbuilddir, shell=True)
+        # Set SSTATE_DIR to match the parent SSTATE_DIR
+        subprocess.check_output("echo 'SSTATE_DIR ?= \"%s\"' >> %s/conf/local.conf" % (sstatedir, newbuilddir), cwd=newbuilddir, shell=True)
 
         os.chdir(newbuilddir)
 
@@ -124,17 +164,11 @@ class OESelftestTestContext(OETestContext):
         if processes:
             from oeqa.core.utils.concurrencytest import ConcurrentTestSuite
 
-            return ConcurrentTestSuite(suites, processes, self.setup_builddir, self.removebuilddir)
+            return ConcurrentTestSuite(suites, processes, self.setup_builddir, self.removebuilddir, self.bb_vars)
         else:
-            return NonConcurrentTestSuite(suites, processes, self.setup_builddir, self.removebuilddir)
+            return NonConcurrentTestSuite(suites, processes, self.setup_builddir, self.removebuilddir, self.bb_vars)
 
     def runTests(self, processes=None, machine=None, skips=[]):
-        if machine:
-            self.custommachine = machine
-            if machine == 'random':
-                self.custommachine = choice(self.machines)
-            self.logger.info('Run tests with custom MACHINE set to: %s' % \
-                    self.custommachine)
         return super(OESelftestTestContext, self).runTests(processes, skips)
 
     def listTests(self, display_type, machine=None):
@@ -154,9 +188,6 @@ class OESelftestTestContextExecutor(OETestContextExecutor):
         group.add_argument('-a', '--run-all-tests', default=False,
                 action="store_true", dest="run_all_tests",
                 help='Run all (unhidden) tests')
-        group.add_argument('-R', '--skip-tests', required=False, action='store',
-                nargs='+', dest="skips", default=None,
-                help='Run all (unhidden) tests except the ones specified. Format should be <module>[.<class>[.<test_method>]]')
         group.add_argument('-r', '--run-tests', required=False, action='store',
                 nargs='+', dest="run_tests", default=None,
                 help='Select what tests to run (modules, classes or test methods). Format should be: <module>.<class>.<test_method>')
@@ -171,11 +202,26 @@ class OESelftestTestContextExecutor(OETestContextExecutor):
                 action="store_true", default=False,
                 help='List all available tests.')
 
-        parser.add_argument('-j', '--num-processes', dest='processes', action='store',
-                type=int, help="number of processes to execute in parallel with")
+        parser.add_argument('-R', '--skip-tests', required=False, action='store',
+                nargs='+', dest="skips", default=None,
+                help='Skip the tests specified. Format should be <module>[.<class>[.<test_method>]]')
+
+        def check_parallel_support(parameter):
+            if not parameter.isdigit():
+                import argparse
+                raise argparse.ArgumentTypeError("argument -j/--num-processes: invalid int value: '%s' " % str(parameter))
+
+            processes = int(parameter)
+            if processes:
+                try:
+                    import testtools, subunit
+                except ImportError:
+                    print("Failed to import testtools or subunit, the testcases will run serially")
+                    processes = None
+            return processes
 
-        parser.add_argument('--machine', required=False, choices=['random', 'all'],
-                            help='Run tests on different machines (random/all).')
+        parser.add_argument('-j', '--num-processes', dest='processes', action='store',
+                type=check_parallel_support, help="number of processes to execute in parallel with")
 
         parser.add_argument('-t', '--select-tag', dest="select_tags",
                 action='append', default=None,
@@ -191,20 +237,6 @@ class OESelftestTestContextExecutor(OETestContextExecutor):
         parser.add_argument('-v', '--verbose', action='store_true')
         parser.set_defaults(func=self.run)
 
-    def _get_available_machines(self):
-        machines = []
-
-        bbpath = self.tc_kwargs['init']['td']['BBPATH'].split(':')
-    
-        for path in bbpath:
-            found_machines = glob.glob(os.path.join(path, 'conf', 'machine', '*.conf'))
-            if found_machines:
-                for i in found_machines:
-                    # eg: '/home/<user>/poky/meta-intel/conf/machine/intel-core2-32.conf'
-                    machines.append(os.path.splitext(os.path.basename(i))[0])
-    
-        return machines
-
     def _get_cases_paths(self, bbpath):
         cases_paths = []
         for layer in bbpath:
@@ -235,11 +267,10 @@ class OESelftestTestContextExecutor(OETestContextExecutor):
             args.list_tests = 'name'
 
         self.tc_kwargs['init']['td'] = bbvars
-        self.tc_kwargs['init']['machines'] = self._get_available_machines()
 
         builddir = os.environ.get("BUILDDIR")
         self.tc_kwargs['init']['config_paths'] = {}
-        self.tc_kwargs['init']['config_paths']['testlayer_path'] = get_test_layer()
+        self.tc_kwargs['init']['config_paths']['testlayer_path'] = get_test_layer(bbvars["BBLAYERS"])
         self.tc_kwargs['init']['config_paths']['builddir'] = builddir
         self.tc_kwargs['init']['config_paths']['localconf'] = os.path.join(builddir, "conf/local.conf")
         self.tc_kwargs['init']['config_paths']['bblayers'] = os.path.join(builddir, "conf/bblayers.conf")
@@ -275,14 +306,14 @@ class OESelftestTestContextExecutor(OETestContextExecutor):
                 os.chdir(builddir)
 
             if not "meta-selftest" in self.tc.td["BBLAYERS"]:
-                self.tc.logger.warning("meta-selftest layer not found in BBLAYERS, adding it")
+                self.tc.logger.info("meta-selftest layer not found in BBLAYERS, adding it")
                 meta_selftestdir = os.path.join(
                     self.tc.td["BBLAYERS_FETCH_DIR"], 'meta-selftest')
                 if os.path.isdir(meta_selftestdir):
-                    runCmd("bitbake-layers add-layer %s" %meta_selftestdir)
+                    runCmd("bitbake-layers add-layer %s" % meta_selftestdir)
                     # reload data is needed because a meta-selftest layer was add
                     self.tc.td = get_bb_vars()
-                    self.tc.config_paths['testlayer_path'] = get_test_layer()
+                    self.tc.config_paths['testlayer_path'] = get_test_layer(self.tc.td["BBLAYERS"])
                 else:
                     self.tc.logger.error("could not locate meta-selftest in:\n%s" % meta_selftestdir)
                     raise OEQAPreRun
@@ -320,8 +351,15 @@ class OESelftestTestContextExecutor(OETestContextExecutor):
 
         _add_layer_libs()
 
-        self.tc.logger.info("Running bitbake -e to test the configuration is valid/parsable")
-        runCmd("bitbake -e")
+        self.tc.logger.info("Checking base configuration is valid/parsable")
+
+        with bb.tinfoil.Tinfoil(tracking=True) as tinfoil:
+            tinfoil.prepare(quiet=2, config_only=True)
+            d = tinfoil.config_data
+            vars = {}
+            vars['SSTATE_DIR'] = str(d.getVar('SSTATE_DIR'))
+            vars['BBLAYERS'] = str(d.getVar('BBLAYERS'))
+        self.tc.set_variables(vars)
 
     def get_json_result_dir(self, args):
         json_result_dir = os.path.join(self.tc.td["LOG_DIR"], 'oeqa')
@@ -334,12 +372,14 @@ class OESelftestTestContextExecutor(OETestContextExecutor):
         import platform
         from oeqa.utils.metadata import metadata_from_bb
         metadata = metadata_from_bb()
+        oeselftest_metadata = get_oeselftest_metadata(args)
         configuration = {'TEST_TYPE': 'oeselftest',
                         'STARTTIME': args.test_start_time,
                         'MACHINE': self.tc.td["MACHINE"],
                         'HOST_DISTRO': oe.lsb.distro_identifier().replace(' ', '-'),
                         'HOST_NAME': metadata['hostname'],
-                        'LAYERS': metadata['layers']}
+                        'LAYERS': metadata['layers'],
+                        'OESELFTEST_METADATA': oeselftest_metadata}
         return configuration
 
     def get_result_id(self, configuration):
@@ -374,37 +414,14 @@ class OESelftestTestContextExecutor(OETestContextExecutor):
 
         rc = None
         try:
-            if args.machine:
-                logger.info('Custom machine mode enabled. MACHINE set to %s' %
-                        args.machine)
-
-                if args.machine == 'all':
-                    results = []
-                    for m in self.tc_kwargs['init']['machines']:
-                        self.tc_kwargs['run']['machine'] = m
-                        results.append(self._internal_run(logger, args))
-
-                        # XXX: the oe-selftest script only needs to know if one
-                        # machine run fails
-                        for r in results:
-                            rc = r
-                            if not r.wasSuccessful():
-                                break
-
-                else:
-                    self.tc_kwargs['run']['machine'] = args.machine
-                    return self._internal_run(logger, args)
-
-            else:
-                self.tc_kwargs['run']['machine'] = args.machine
-                rc = self._internal_run(logger, args)
+             rc = self._internal_run(logger, args)
         finally:
             config_paths = self.tc_kwargs['init']['config_paths']
 
             output_link = os.path.join(os.path.dirname(args.output_log),
                     "%s-results.log" % self.name)
             if os.path.lexists(output_link):
-                os.remove(output_link)
+                os.unlink(output_link)
             os.symlink(args.output_log, output_link)
 
         return rc
diff --git a/meta/lib/oeqa/targetcontrol.py b/meta/lib/oeqa/targetcontrol.py
index 19f5a4ea7e..cdf382ee21 100644
--- a/meta/lib/oeqa/targetcontrol.py
+++ b/meta/lib/oeqa/targetcontrol.py
@@ -7,17 +7,14 @@
 # This module is used by testimage.bbclass for setting up and controlling a target machine.
 
 import os
-import shutil
 import subprocess
 import bb
-import traceback
-import sys
 import logging
 from oeqa.utils.sshcontrol import SSHControl
 from oeqa.utils.qemurunner import QemuRunner
 from oeqa.utils.qemutinyrunner import QemuTinyRunner
 from oeqa.utils.dump import TargetDumper
-from oeqa.controllers.testtargetloader import TestTargetLoader
+from oeqa.utils.dump import MonitorDumper
 from abc import ABCMeta, abstractmethod
 
 class BaseTarget(object, metaclass=ABCMeta):
@@ -41,7 +38,7 @@ class BaseTarget(object, metaclass=ABCMeta):
         if os.path.islink(sshloglink):
             os.unlink(sshloglink)
         os.symlink(self.sshlog, sshloglink)
-        self.logger.info("SSH log file: %s" %  self.sshlog)
+        self.logger.info("SSH log file: %s" % self.sshlog)
 
     @abstractmethod
     def start(self, params=None, ssh=True, extra_bootparams=None):
@@ -91,7 +88,7 @@ class QemuTarget(BaseTarget):
 
     supported_image_fstypes = ['ext3', 'ext4', 'cpio.gz', 'wic']
 
-    def __init__(self, d, logger, image_fstype=None):
+    def __init__(self, d, logger, image_fstype=None, boot_patterns=None):
 
         import oe.types
 
@@ -106,8 +103,7 @@ class QemuTarget(BaseTarget):
             self.rootfs = os.path.join(d.getVar("DEPLOY_DIR_IMAGE"),  d.getVar("IMAGE_LINK_NAME") + '.' + self.image_fstype)
             self.kernel = os.path.join(d.getVar("DEPLOY_DIR_IMAGE"), d.getVar("KERNEL_IMAGETYPE", False) + '-' + d.getVar('MACHINE', False) + '.bin')
         self.qemulog = os.path.join(self.testdir, "qemu_boot_log.%s" % self.datetime)
-        dump_target_cmds = d.getVar("testimage_dump_target")
-        dump_host_cmds = d.getVar("testimage_dump_host")
+        dump_monitor_cmds = d.getVar("testimage_dump_monitor")
         dump_dir = d.getVar("TESTIMAGE_DUMP_DIR")
         if not dump_dir:
             dump_dir = os.path.join(d.getVar('LOG_DIR'), 'runtime-hostdump')
@@ -131,6 +127,7 @@ class QemuTarget(BaseTarget):
                             logfile = self.qemulog,
                             kernel = self.kernel,
                             boottime = int(d.getVar("TEST_QEMUBOOT_TIMEOUT")),
+                            tmpfsdir = d.getVar("RUNQEMU_TMPFS_DIR"),
                             logger = logger)
         else:
             self.runner = QemuRunner(machine=d.getVar("MACHINE"),
@@ -142,11 +139,14 @@ class QemuTarget(BaseTarget):
                             boottime = int(d.getVar("TEST_QEMUBOOT_TIMEOUT")),
                             use_kvm = use_kvm,
                             dump_dir = dump_dir,
-                            dump_host_cmds = d.getVar("testimage_dump_host"),
                             logger = logger,
-                            serial_ports = len(d.getVar("SERIAL_CONSOLES").split()))
+                            tmpfsdir = d.getVar("RUNQEMU_TMPFS_DIR"),
+                            serial_ports = len(d.getVar("SERIAL_CONSOLES").split()),
+                            boot_patterns = boot_patterns)
 
-        self.target_dumper = TargetDumper(dump_target_cmds, dump_dir, self.runner)
+        self.monitor_dumper = MonitorDumper(dump_monitor_cmds, dump_dir, self.runner)
+        if (self.monitor_dumper):
+            self.monitor_dumper.create_dir("qmp")
 
     def deploy(self):
         bb.utils.mkdirhier(self.testdir)
@@ -156,7 +156,7 @@ class QemuTarget(BaseTarget):
             os.unlink(qemuloglink)
         os.symlink(self.qemulog, qemuloglink)
 
-        self.logger.info("rootfs file: %s" %  self.rootfs)
+        self.logger.info("rootfs file: %s" % self.rootfs)
         self.logger.info("Qemu log file: %s" % self.qemulog)
         super(QemuTarget, self).deploy()
 
@@ -198,7 +198,7 @@ class QemuTarget(BaseTarget):
             self.server_ip = self.runner.server_ip
             self.connection = SSHControl(ip=self.ip, logfile=self.sshlog)
         else:
-            raise RuntimError("%s - FAILED to re-start qemu - check the task log and the boot log" % self.pn)
+            raise RuntimeError("%s - FAILED to re-start qemu - check the task log and the boot log" % self.pn)
 
     def run_serial(self, command, timeout=60):
         return self.runner.run_serial(command, timeout=timeout)
diff --git a/meta/lib/oeqa/utils/__init__.py b/meta/lib/oeqa/utils/__init__.py
index 6d1ec4cb99..e03f7e33bb 100644
--- a/meta/lib/oeqa/utils/__init__.py
+++ b/meta/lib/oeqa/utils/__init__.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 # Enable other layers to have modules in the same named directory
@@ -88,3 +90,16 @@ def load_test_components(logger, executor):
                                 "_executor_class defined." % (comp_name, comp_context))
 
     return components
+
+def get_json_result_dir(d):
+    json_result_dir = os.path.join(d.getVar("LOG_DIR"), 'oeqa')
+    custom_json_result_dir = d.getVar("OEQA_JSON_RESULT_DIR")
+    if custom_json_result_dir:
+        json_result_dir = custom_json_result_dir
+    return json_result_dir
+
+def get_artefact_dir(d):
+    custom_json_result_dir = d.getVar("OEQA_ARTEFACT_DIR")
+    if custom_json_result_dir:
+        return custom_json_result_dir
+    return os.path.join(d.getVar("LOG_DIR"), 'oeqa-artefacts')
diff --git a/meta/lib/oeqa/utils/buildproject.py b/meta/lib/oeqa/utils/buildproject.py
index e6d80cc8dc..dfb9661868 100644
--- a/meta/lib/oeqa/utils/buildproject.py
+++ b/meta/lib/oeqa/utils/buildproject.py
@@ -18,6 +18,7 @@ class BuildProject(metaclass=ABCMeta):
     def __init__(self, uri, foldername=None, tmpdir=None, dl_dir=None):
         self.uri = uri
         self.archive = os.path.basename(uri)
+        self.tempdirobj = None
         if not tmpdir:
             self.tempdirobj = tempfile.TemporaryDirectory(prefix='buildproject-')
             tmpdir = self.tempdirobj.name
@@ -57,6 +58,8 @@ class BuildProject(metaclass=ABCMeta):
         return self._run('cd %s; make install %s' % (self.targetdir, install_args))
 
     def clean(self):
+        if self.tempdirobj:
+            self.tempdirobj.cleanup()
         if not self.needclean:
              return
         self._run('rm -rf %s' % self.targetdir)
diff --git a/meta/lib/oeqa/utils/commands.py b/meta/lib/oeqa/utils/commands.py
index a71c16ab14..9154220968 100644
--- a/meta/lib/oeqa/utils/commands.py
+++ b/meta/lib/oeqa/utils/commands.py
@@ -8,11 +8,8 @@
 # This module is mainly used by scripts/oe-selftest and modules under meta/oeqa/selftest
 # It provides a class and methods for running commands on the host in a convienent way for tests.
 
-
-
 import os
 import sys
-import signal
 import subprocess
 import threading
 import time
@@ -21,6 +18,7 @@ from oeqa.utils import CommandError
 from oeqa.utils import ftools
 import re
 import contextlib
+import errno
 # Export test doesn't require bb
 try:
     import bb
@@ -85,7 +83,7 @@ class Command(object):
             except OSError as ex:
                 # It's not an error when the command does not consume all
                 # of our data. subprocess.communicate() also ignores that.
-                if ex.errno != EPIPE:
+                if ex.errno != errno.EPIPE:
                     raise
 
         # We write in a separate thread because then we can read
@@ -117,7 +115,7 @@ class Command(object):
             else:
                 deadline = time.time() + self.timeout
                 for thread in self.threads:
-                    timeout = deadline - time.time() 
+                    timeout = deadline - time.time()
                     if timeout < 0:
                         timeout = 0
                     thread.join(timeout)
@@ -168,18 +166,22 @@ class Result(object):
 
 
 def runCmd(command, ignore_status=False, timeout=None, assert_error=True, sync=True,
-          native_sysroot=None, limit_exc_output=0, output_log=None, **options):
+          native_sysroot=None, target_sys=None, limit_exc_output=0, output_log=None, **options):
     result = Result()
 
     if native_sysroot:
-        extra_paths = "%s/sbin:%s/usr/sbin:%s/usr/bin" % \
-                      (native_sysroot, native_sysroot, native_sysroot)
-        extra_libpaths = "%s/lib:%s/usr/lib" % \
-                         (native_sysroot, native_sysroot)
-        nenv = dict(options.get('env', os.environ))
-        nenv['PATH'] = extra_paths + ':' + nenv.get('PATH', '')
-        nenv['LD_LIBRARY_PATH'] = extra_libpaths + ':' + nenv.get('LD_LIBRARY_PATH', '')
-        options['env'] = nenv
+        new_env = dict(options.get('env', os.environ))
+        paths = new_env["PATH"].split(":")
+        paths = [
+            os.path.join(native_sysroot, "bin"),
+            os.path.join(native_sysroot, "sbin"),
+            os.path.join(native_sysroot, "usr", "bin"),
+            os.path.join(native_sysroot, "usr", "sbin"),
+        ] + paths
+        if target_sys:
+            paths = [os.path.join(native_sysroot, "usr", "bin", target_sys)] + paths
+        new_env["PATH"] = ":".join(paths)
+        options['env'] = new_env
 
     cmd = Command(command, timeout=timeout, output_log=output_log, **options)
     cmd.run()
@@ -201,6 +203,8 @@ def runCmd(command, ignore_status=False, timeout=None, assert_error=True, sync=T
 
     if result.status and not ignore_status:
         exc_output = result.output
+        if result.error:
+            exc_output = exc_output + result.error
         if limit_exc_output > 0:
             split = result.output.splitlines()
             if len(split) > limit_exc_output:
@@ -281,10 +285,25 @@ def get_bb_vars(variables=None, target=None, postconfig=None):
     return values
 
 def get_bb_var(var, target=None, postconfig=None):
-    return get_bb_vars([var], target, postconfig)[var]
-
-def get_test_layer():
-    layers = get_bb_var("BBLAYERS").split()
+    if postconfig:
+        return bitbake("-e %s" % target or "", postconfig=postconfig).output
+    else:
+        # Fast-path for the non-postconfig case
+        cmd = ["bitbake-getvar", "--quiet", "--value", var]
+        if target:
+            cmd.extend(["--recipe", target])
+        try:
+            return subprocess.run(cmd, check=True, text=True, stdout=subprocess.PIPE).stdout.strip()
+        except subprocess.CalledProcessError as e:
+            # We need to return None not the empty string if the variable hasn't been set.
+            if e.returncode == 1:
+                return None
+            raise
+
+def get_test_layer(bblayers=None):
+    if bblayers is None:
+        bblayers = get_bb_var("BBLAYERS")
+    layers = bblayers.split()
     testlayer = None
     for l in layers:
         if '~' in l:
@@ -296,6 +315,7 @@ def get_test_layer():
 
 def create_temp_layer(templayerdir, templayername, priority=999, recipepathspec='recipes-*/*'):
     os.makedirs(os.path.join(templayerdir, 'conf'))
+    corenames = get_bb_var('LAYERSERIES_CORENAMES')
     with open(os.path.join(templayerdir, 'conf', 'layer.conf'), 'w') as f:
         f.write('BBPATH .= ":${LAYERDIR}"\n')
         f.write('BBFILES += "${LAYERDIR}/%s/*.bb \\' % recipepathspec)
@@ -304,12 +324,29 @@ def create_temp_layer(templayerdir, templayername, priority=999, recipepathspec=
         f.write('BBFILE_PATTERN_%s = "^${LAYERDIR}/"\n' % templayername)
         f.write('BBFILE_PRIORITY_%s = "%d"\n' % (templayername, priority))
         f.write('BBFILE_PATTERN_IGNORE_EMPTY_%s = "1"\n' % templayername)
-        f.write('LAYERSERIES_COMPAT_%s = "${LAYERSERIES_COMPAT_core}"\n' % templayername)
+        f.write('LAYERSERIES_COMPAT_%s = "%s"\n' % (templayername, corenames))
 
 @contextlib.contextmanager
-def runqemu(pn, ssh=True, runqemuparams='', image_fstype=None, launch_cmd=None, qemuparams=None, overrides={}, discard_writes=True):
+def runqemu(pn, ssh=True, runqemuparams='', image_fstype=None, launch_cmd=None, qemuparams=None, overrides={}, boot_patterns = {}, discard_writes=True):
     """
-    launch_cmd means directly run the command, don't need set rootfs or env vars.
+    Starts a context manager for a 'oeqa.targetcontrol.QemuTarget' resource.
+    The underlying Qemu will be booted into a shell when the generator yields
+    and stopped when the 'with' block exits.
+
+    Usage:
+
+        with runqemu('core-image-minimal') as qemu:
+            qemu.run_serial('cat /proc/cpuinfo')
+
+    Args:
+        pn (str): (image) recipe to run on
+        ssh (boolean): whether or not to enable SSH (network access)
+        runqemuparams (str): space-separated list of params to pass to 'runqemu' script (like 'nographics', 'ovmf', etc.)
+        image_fstype (str): IMAGE_FSTYPE to use
+        launch_cmd (str): directly run this command and bypass automatic runqemu parameter generation
+        overrides (dict): dict of "'<bitbake-variable>': value" pairs that allows overriding bitbake variables
+        boot_patterns (dict): dict of "'<pattern-name>': value" pairs to override default boot patterns, e.g. when not booting Linux
+        discard_writes (boolean): enables qemu -snapshot feature to prevent modifying original image
     """
 
     import bb.tinfoil
@@ -340,7 +377,7 @@ def runqemu(pn, ssh=True, runqemuparams='', image_fstype=None, launch_cmd=None,
 
         logdir = recipedata.getVar("TEST_LOG_DIR")
 
-        qemu = oeqa.targetcontrol.QemuTarget(recipedata, targetlogger, image_fstype)
+        qemu = oeqa.targetcontrol.QemuTarget(recipedata, targetlogger, image_fstype, boot_patterns=boot_patterns)
     finally:
         # We need to shut down tinfoil early here in case we actually want
         # to run tinfoil-using utilities with the running QEMU instance.
@@ -364,6 +401,20 @@ def runqemu(pn, ssh=True, runqemuparams='', image_fstype=None, launch_cmd=None,
         targetlogger.removeHandler(handler)
         qemu.stop()
 
+def runqemu_check_taps():
+    """Check if tap devices for runqemu are available"""
+    if not os.path.exists('/etc/runqemu-nosudo'):
+        return False
+    result = runCmd('PATH="$PATH:/sbin:/usr/sbin" ip tuntap show mode tap', ignore_status=True)
+    if result.status != 0:
+        return False
+    for line in result.output.splitlines():
+        if 'tap' in line:
+            break
+    else:
+        return False
+    return True
+
 def updateEnv(env_file):
     """
     Source a file and update environment.
diff --git a/meta/lib/oeqa/utils/decorators.py b/meta/lib/oeqa/utils/decorators.py
index aabf4110cb..ea90164e5e 100644
--- a/meta/lib/oeqa/utils/decorators.py
+++ b/meta/lib/oeqa/utils/decorators.py
@@ -16,91 +16,6 @@ import threading
 import signal
 from functools import wraps
 
-#get the "result" object from one of the upper frames provided that one of these upper frames is a unittest.case frame
-class getResults(object):
-    def __init__(self):
-        #dynamically determine the unittest.case frame and use it to get the name of the test method
-        ident = threading.current_thread().ident
-        upperf = sys._current_frames()[ident]
-        while (upperf.f_globals['__name__'] != 'unittest.case'):
-            upperf = upperf.f_back
-
-        def handleList(items):
-            ret = []
-            # items is a list of tuples, (test, failure) or (_ErrorHandler(), Exception())
-            for i in items:
-                s = i[0].id()
-                #Handle the _ErrorHolder objects from skipModule failures
-                if "setUpModule (" in s:
-                    ret.append(s.replace("setUpModule (", "").replace(")",""))
-                else:
-                    ret.append(s)
-                # Append also the test without the full path
-                testname = s.split('.')[-1]
-                if testname:
-                    ret.append(testname)
-            return ret
-        self.faillist = handleList(upperf.f_locals['result'].failures)
-        self.errorlist = handleList(upperf.f_locals['result'].errors)
-        self.skiplist = handleList(upperf.f_locals['result'].skipped)
-
-    def getFailList(self):
-        return self.faillist
-
-    def getErrorList(self):
-        return self.errorlist
-
-    def getSkipList(self):
-        return self.skiplist
-
-class skipIfFailure(object):
-
-    def __init__(self,testcase):
-        self.testcase = testcase
-
-    def __call__(self,f):
-        @wraps(f)
-        def wrapped_f(*args, **kwargs):
-            res = getResults()
-            if self.testcase in (res.getFailList() or res.getErrorList()):
-                raise unittest.SkipTest("Testcase dependency not met: %s" % self.testcase)
-            return f(*args, **kwargs)
-        wrapped_f.__name__ = f.__name__
-        return wrapped_f
-
-class skipIfSkipped(object):
-
-    def __init__(self,testcase):
-        self.testcase = testcase
-
-    def __call__(self,f):
-        @wraps(f)
-        def wrapped_f(*args, **kwargs):
-            res = getResults()
-            if self.testcase in res.getSkipList():
-                raise unittest.SkipTest("Testcase dependency not met: %s" % self.testcase)
-            return f(*args, **kwargs)
-        wrapped_f.__name__ = f.__name__
-        return wrapped_f
-
-class skipUnlessPassed(object):
-
-    def __init__(self,testcase):
-        self.testcase = testcase
-
-    def __call__(self,f):
-        @wraps(f)
-        def wrapped_f(*args, **kwargs):
-            res = getResults()
-            if self.testcase in res.getSkipList() or \
-                    self.testcase in res.getFailList() or \
-                    self.testcase in res.getErrorList():
-                raise unittest.SkipTest("Testcase dependency not met: %s" % self.testcase)
-            return f(*args, **kwargs)
-        wrapped_f.__name__ = f.__name__
-        wrapped_f._depends_on = self.testcase
-        return wrapped_f
-
 class testcase(object):
     def __init__(self, test_case):
         self.test_case = test_case
diff --git a/meta/lib/oeqa/utils/dump.py b/meta/lib/oeqa/utils/dump.py
index 09a44329e0..d4d271369f 100644
--- a/meta/lib/oeqa/utils/dump.py
+++ b/meta/lib/oeqa/utils/dump.py
@@ -1,9 +1,12 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
 import os
 import sys
+import json
 import errno
 import datetime
 import itertools
@@ -17,6 +20,7 @@ class BaseDumper(object):
         # Some testing doesn't inherit testimage, so it is needed
         # to set some defaults.
         self.parent_dir = parent_dir
+        self.dump_dir = parent_dir
         dft_cmds = """  top -bn1
                         iostat -x -z -N -d -p ALL 20 2
                         ps -ef
@@ -46,11 +50,11 @@ class BaseDumper(object):
                 raise err
         self.dump_dir = dump_dir
 
-    def _write_dump(self, command, output):
-        if isinstance(self, HostDumper):
-            prefix = "host"
-        elif isinstance(self, TargetDumper):
+    def _construct_filename(self, command):
+        if isinstance(self, TargetDumper):
             prefix = "target"
+        elif isinstance(self, MonitorDumper):
+            prefix = "qmp"
         else:
             prefix = "unknown"
         for i in itertools.count():
@@ -58,41 +62,80 @@ class BaseDumper(object):
             fullname = os.path.join(self.dump_dir, filename)
             if not os.path.exists(fullname):
                 break
-        with open(fullname, 'w') as dump_file:
-            dump_file.write(output)
-
-
-class HostDumper(BaseDumper):
-    """ Class to get dumps from the host running the tests """
-
-    def __init__(self, cmds, parent_dir):
-        super(HostDumper, self).__init__(cmds, parent_dir)
+        return fullname
 
-    def dump_host(self, dump_dir=""):
-        if dump_dir:
-            self.dump_dir = dump_dir
-        env = os.environ.copy()
-        env['PATH'] = '/usr/sbin:/sbin:/usr/bin:/bin'
-        env['COLUMNS'] = '9999'
-        for cmd in self.cmds:
-            result = runCmd(cmd, ignore_status=True, env=env)
-            self._write_dump(cmd.split()[0], result.output)
+    def _write_dump(self, command, output):
+        fullname = self._construct_filename(command)
+        os.makedirs(os.path.dirname(fullname), exist_ok=True)
+        if isinstance(self, MonitorDumper):
+            with open(fullname, 'w') as json_file:
+                json.dump(output, json_file, indent=4)
+        else:
+            with open(fullname, 'w') as dump_file:
+                dump_file.write(output)
 
 class TargetDumper(BaseDumper):
-    """ Class to get dumps from target, it only works with QemuRunner """
+    """ Class to get dumps from target, it only works with QemuRunner.
+        Will give up permanently after 5 errors from running commands over
+        serial console. This helps to end testing when target is really dead, hanging
+        or unresponsive.
+    """
 
     def __init__(self, cmds, parent_dir, runner):
         super(TargetDumper, self).__init__(cmds, parent_dir)
         self.runner = runner
+        self.errors = 0
 
     def dump_target(self, dump_dir=""):
+        if self.errors >= 5:
+                print("Too many errors when dumping data from target, assuming it is dead! Will not dump data anymore!")
+                return
         if dump_dir:
             self.dump_dir = dump_dir
         for cmd in self.cmds:
             # We can continue with the testing if serial commands fail
             try:
                 (status, output) = self.runner.run_serial(cmd)
+                if status == 0:
+                    self.errors = self.errors + 1
                 self._write_dump(cmd.split()[0], output)
             except:
+                self.errors = self.errors + 1
                 print("Tried to dump info from target but "
                         "serial console failed")
+                print("Failed CMD: %s" % (cmd))
+
+class MonitorDumper(BaseDumper):
+    """ Class to get dumps via the Qemu Monitor, it only works with QemuRunner
+        Will stop completely if there are more than 5 errors when dumping monitor data.
+        This helps to end testing when target is really dead, hanging or unresponsive.
+    """
+
+    def __init__(self, cmds, parent_dir, runner):
+        super(MonitorDumper, self).__init__(cmds, parent_dir)
+        self.runner = runner
+        self.errors = 0
+
+    def dump_monitor(self, dump_dir=""):
+        if self.runner is None:
+            return
+        if dump_dir:
+            self.dump_dir = dump_dir
+        if self.errors >= 5:
+                print("Too many errors when dumping data from qemu monitor, assuming it is dead! Will not dump data anymore!")
+                return
+        for cmd in self.cmds:
+            cmd_name = cmd.split()[0]
+            try:
+                if len(cmd.split()) > 1:
+                    cmd_args = cmd.split()[1]
+                    if "%s" in cmd_args:
+                        filename = self._construct_filename(cmd_name)
+                    cmd_data = json.loads(cmd_args % (filename))
+                    output = self.runner.run_monitor(cmd_name, cmd_data)
+                else:
+                    output = self.runner.run_monitor(cmd_name)
+                self._write_dump(cmd_name, output)
+            except Exception as e:
+                self.errors = self.errors + 1
+                print("Failed to dump QMP CMD: %s with\nException: %s" % (cmd_name, e))
diff --git a/meta/lib/oeqa/utils/ftools.py b/meta/lib/oeqa/utils/ftools.py
index 3093419cc7..a50aaa84c2 100644
--- a/meta/lib/oeqa/utils/ftools.py
+++ b/meta/lib/oeqa/utils/ftools.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
diff --git a/meta/lib/oeqa/utils/gitarchive.py b/meta/lib/oeqa/utils/gitarchive.py
index 6e8040eb5c..7e1d505748 100644
--- a/meta/lib/oeqa/utils/gitarchive.py
+++ b/meta/lib/oeqa/utils/gitarchive.py
@@ -67,7 +67,7 @@ def git_commit_data(repo, data_dir, branch, message, exclude, notes, log):
 
         # Remove files that are excluded
         if exclude:
-            repo.run_cmd(['rm', '--cached'] + [f for f in exclude], env_update)
+            repo.run_cmd(['rm', '--cached', '--ignore-unmatch'] + [f for f in exclude], env_update)
 
         tree = repo.run_cmd('write-tree', env_update)
 
@@ -100,9 +100,44 @@ def git_commit_data(repo, data_dir, branch, message, exclude, notes, log):
         if os.path.exists(tmp_index):
             os.unlink(tmp_index)
 
+def get_tags(repo, log, pattern=None, url=None):
+    """ Fetch remote tags from current repository
+
+    A pattern can be provided to filter returned tags list
+    An URL can be provided if local repository has no valid remote configured
+    """
+
+    base_cmd = ['ls-remote', '--refs', '--tags', '-q']
+    cmd = base_cmd.copy()
+
+    # First try to fetch tags from repository configured remote
+    cmd.append('origin')
+    if pattern:
+        cmd.append("refs/tags/"+pattern)
+    try:
+        tags_refs = repo.run_cmd(cmd)
+        tags = ["".join(d.split()[1].split('/', 2)[2:]) for d in tags_refs.splitlines()]
+    except GitError as e:
+        # If it fails, retry with repository url if one is provided
+        if url:
+            log.info("No remote repository configured, use provided url")
+            cmd = base_cmd.copy()
+            cmd.append(url)
+            if pattern:
+                cmd.append(pattern)
+            tags_refs = repo.run_cmd(cmd)
+            tags = ["".join(d.split()[1].split('/', 2)[2:]) for d in tags_refs.splitlines()]
+        else:
+            log.info("Read local tags only, some remote tags may be missed")
+            cmd = ["tag"]
+            if pattern:
+                cmd += ["-l", pattern]
+            tags = repo.run_cmd(cmd).splitlines()
+
+    return tags
 
 def expand_tag_strings(repo, name_pattern, msg_subj_pattern, msg_body_pattern,
-                       keywords):
+                       url, log, keywords):
     """Generate tag name and message, with support for running id number"""
     keyws = keywords.copy()
     # Tag number is handled specially: if not defined, we autoincrement it
@@ -111,12 +146,12 @@ def expand_tag_strings(repo, name_pattern, msg_subj_pattern, msg_body_pattern,
         keyws['tag_number'] = '{tag_number}'
         tag_re = format_str(name_pattern, keyws)
         # Replace parentheses for proper regex matching
-        tag_re = tag_re.replace('(', '\(').replace(')', '\)') + '$'
+        tag_re = tag_re.replace('(', r'\(').replace(')', r'\)') + '$'
         # Inject regex group pattern for 'tag_number'
         tag_re = tag_re.format(tag_number='(?P<tag_number>[0-9]{1,5})')
 
         keyws['tag_number'] = 0
-        for existing_tag in repo.run_cmd('tag').splitlines():
+        for existing_tag in get_tags(repo, log, url=url):
             match = re.match(tag_re, existing_tag)
 
             if match and int(match.group('tag_number')) >= keyws['tag_number']:
@@ -143,7 +178,8 @@ def gitarchive(data_dir, git_dir, no_create, bare, commit_msg_subject, commit_ms
     if not no_tag and tagname:
         tag_name, tag_msg = expand_tag_strings(data_repo, tagname,
                                                tag_msg_subject,
-                                               tag_msg_body, keywords)
+                                               tag_msg_body,
+                                               push, log, keywords)
 
     # Commit data
     commit = git_commit_data(data_repo, data_dir, branch_name,
@@ -166,6 +202,8 @@ def gitarchive(data_dir, git_dir, no_create, bare, commit_msg_subject, commit_ms
         log.info("Pushing data to remote")
         data_repo.run_cmd(cmd)
 
+    return tag_name
+
 # Container class for tester revisions
 TestedRev = namedtuple('TestedRev', 'commit commit_number tags')
 
@@ -181,7 +219,7 @@ def get_test_runs(log, repo, tag_name, **kwargs):
 
     # Get a list of all matching tags
     tag_pattern = tag_name.format(**str_fields)
-    tags = repo.run_cmd(['tag', '-l', tag_pattern]).splitlines()
+    tags = get_tags(repo, log, pattern=tag_pattern)
     log.debug("Found %d tags matching pattern '%s'", len(tags), tag_pattern)
 
     # Parse undefined fields from tag names
@@ -199,6 +237,8 @@ def get_test_runs(log, repo, tag_name, **kwargs):
     revs = []
     for tag in tags:
         m = tag_re.match(tag)
+        if not m:
+            continue
         groups = m.groupdict()
         revs.append([groups[f] for f in undef_fields] + [tag])
 
@@ -219,7 +259,15 @@ def get_test_revs(log, repo, tag_name, **kwargs):
         if not commit in revs:
             revs[commit] = TestedRev(commit, commit_num, [tag])
         else:
-            assert commit_num == revs[commit].commit_number, "Commit numbers do not match"
+            if commit_num != revs[commit].commit_number:
+                # Historically we have incorrect commit counts of '1' in the repo so fix these up
+                if int(revs[commit].commit_number) < 5:
+                    tags = revs[commit].tags
+                    revs[commit] = TestedRev(commit, commit_num, [tags])
+                elif int(commit_num) < 5:
+                    pass
+                else:
+                    sys.exit("Commit numbers for commit %s don't match (%s vs %s)" % (commit, commit_num, revs[commit].commit_number))
             revs[commit].tags.append(tag)
 
     # Return in sorted table
diff --git a/meta/lib/oeqa/utils/httpserver.py b/meta/lib/oeqa/utils/httpserver.py
index 58d3c3b3f8..80752c1377 100644
--- a/meta/lib/oeqa/utils/httpserver.py
+++ b/meta/lib/oeqa/utils/httpserver.py
@@ -1,11 +1,13 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
 import http.server
+import logging
 import multiprocessing
 import os
-import traceback
 import signal
 from socketserver import ThreadingMixIn
 
@@ -13,20 +15,24 @@ class HTTPServer(ThreadingMixIn, http.server.HTTPServer):
 
     def server_start(self, root_dir, logger):
         os.chdir(root_dir)
+        self.logger = logger
         self.serve_forever()
 
 class HTTPRequestHandler(http.server.SimpleHTTPRequestHandler):
 
     def log_message(self, format_str, *args):
-        pass
+        self.server.logger.info(format_str, *args)
 
-class HTTPService(object):
+class HTTPService:
 
     def __init__(self, root_dir, host='', port=0, logger=None):
         self.root_dir = root_dir
         self.host = host
         self.port = port
-        self.logger = logger
+        if logger:
+            self.logger = logger.getChild("HTTPService")
+        else:
+            self.logger = logging.getLogger("HTTPService")
 
     def start(self):
         if not os.path.exists(self.root_dir):
@@ -38,6 +44,12 @@ class HTTPService(object):
             self.port = self.server.server_port
         self.process = multiprocessing.Process(target=self.server.server_start, args=[self.root_dir, self.logger])
 
+        def handle_error(self, request, client_address):
+            import traceback
+            exception = traceback.format_exc()
+            self.logger.warn("Exception when handling %s: %s" % (request, exception))
+        self.server.handle_error = handle_error
+
         # The signal handler from testimage.bbclass can cause deadlocks here
         # if the HTTPServer is terminated before it can restore the standard 
         #signal behaviour
@@ -47,7 +59,7 @@ class HTTPService(object):
         signal.signal(signal.SIGTERM, orig)
 
         if self.logger:
-            self.logger.info("Started HTTPService on %s:%s" % (self.host, self.port))
+            self.logger.info("Started HTTPService for %s on %s:%s" % (self.root_dir, self.host, self.port))
 
 
     def stop(self):
@@ -59,3 +71,10 @@ class HTTPService(object):
         if self.logger:
             self.logger.info("Stopped HTTPService on %s:%s" % (self.host, self.port))
 
+if __name__ == "__main__":
+    import sys, logging
+
+    logger = logging.getLogger(__name__)
+    logging.basicConfig(level=logging.DEBUG)
+    httpd = HTTPService(sys.argv[1], port=8888, logger=logger)
+    httpd.start()
diff --git a/meta/lib/oeqa/utils/logparser.py b/meta/lib/oeqa/utils/logparser.py
index 60e16d500e..496d9e0c90 100644
--- a/meta/lib/oeqa/utils/logparser.py
+++ b/meta/lib/oeqa/utils/logparser.py
@@ -1,8 +1,10 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
-import sys
+import enum
 import os
 import re
 
@@ -42,6 +44,8 @@ class PtestParser(object):
                 result = section_regex['begin'].search(line)
                 if result:
                     current_section['name'] = result.group(1)
+                    if current_section['name'] not in self.results:
+                        self.results[current_section['name']] = {}
                     continue
 
                 result = section_regex['end'].search(line)
@@ -73,9 +77,10 @@ class PtestParser(object):
                 for t in test_regex:
                     result = test_regex[t].search(line)
                     if result:
-                        if current_section['name'] not in self.results:
-                            self.results[current_section['name']] = {}
-                        self.results[current_section['name']][result.group(1).strip()] = t
+                        try:
+                            self.results[current_section['name']][result.group(1).strip()] = t
+                        except KeyError:
+                            bb.warn("Result with no section: %s - %s" % (t, result.group(1).strip()))
 
         # Python performance for repeatedly joining long strings is poor, do it all at once at the end.
         # For 2.1 million lines in a log this reduces 18 hours to 12s.
@@ -101,30 +106,48 @@ class PtestParser(object):
                     f.write(status + ": " + test_name + "\n")
 
 
-# ltp log parsing
-class LtpParser(object):
-    def __init__(self):
-        self.results = {}
-        self.section = {'duration': "", 'log': ""}
-
+class LtpParser:
+    """
+    Parse the machine-readable LTP log output into a ptest-friendly data structure.
+    """
     def parse(self, logfile):
-        test_regex = {}
-        test_regex['PASSED'] = re.compile(r"PASS")
-        test_regex['FAILED'] = re.compile(r"FAIL")
-        test_regex['SKIPPED'] = re.compile(r"SKIP")
-
-        with open(logfile, errors='replace') as f:
+        results = {}
+        # Aaccumulate the duration here but as the log rounds quick tests down
+        # to 0 seconds this is very much a lower bound. The caller can replace
+        # the value.
+        section = {"duration": 0, "log": ""}
+
+        class LtpExitCode(enum.IntEnum):
+            # Exit codes as defined in ltp/include/tst_res_flags.h
+            TPASS = 0  # Test passed flag
+            TFAIL = 1  # Test failed flag
+            TBROK = 2  # Test broken flag
+            TWARN = 4  # Test warning flag
+            TINFO = 16 # Test information flag
+            TCONF = 32 # Test not appropriate for configuration flag
+
+        with open(logfile, errors="replace") as f:
+            # Lines look like this:
+            # tag=cfs_bandwidth01 stime=1689762564 dur=0 exit=exited stat=32 core=no cu=0 cs=0
             for line in f:
-                for t in test_regex:
-                    result = test_regex[t].search(line)
-                    if result:
-                        self.results[line.split()[0].strip()] = t
+                if not line.startswith("tag="):
+                    continue
 
-        for test in self.results:
-            result = self.results[test]
-            self.section['log'] = self.section['log'] + ("%s: %s\n" % (result.strip()[:-2], test.strip()))
+                values = dict(s.split("=") for s in line.strip().split())
 
-        return self.results, self.section
+                section["duration"] += int(values["dur"])
+                exitcode = int(values["stat"])
+                if values["exit"] == "exited" and exitcode == LtpExitCode.TCONF:
+                    # Exited normally with the "invalid configuration" code
+                    results[values["tag"]] = "SKIPPED"
+                elif exitcode == LtpExitCode.TPASS:
+                    # Successful exit
+                    results[values["tag"]] = "PASSED"
+                else:
+                    # Other exit
+                    results[values["tag"]] = "FAILED"
+
+        return results, section
 
 
 # ltp Compliance log parsing
@@ -135,30 +158,27 @@ class LtpComplianceParser(object):
 
     def parse(self, logfile):
         test_regex = {}
-        test_regex['PASSED'] = re.compile(r"^PASS")
-        test_regex['FAILED'] = re.compile(r"^FAIL")
-        test_regex['SKIPPED'] = re.compile(r"(?:UNTESTED)|(?:UNSUPPORTED)")
+        test_regex['FAILED'] = re.compile(r"FAIL")
 
         section_regex = {}
-        section_regex['test'] = re.compile(r"^Testing")
+        section_regex['test'] = re.compile(r"^Executing")
 
         with open(logfile, errors='replace') as f:
+            name = logfile
+            result = "PASSED"
             for line in f:
-                result = section_regex['test'].search(line)
-                if result:
-                    self.name = ""
-                    self.name = line.split()[1].strip()
-                    self.results[self.name] = "PASSED"
-                    failed = 0
+                regex_result = section_regex['test'].search(line)
+                if regex_result:
+                    name = line.split()[1].strip()
 
-                failed_result = test_regex['FAILED'].search(line)
-                if failed_result:
-                    failed = line.split()[1].strip()
-                    if int(failed) > 0:
-                        self.results[self.name] = "FAILED"
+                regex_result = test_regex['FAILED'].search(line)
+                if regex_result:
+                    result = "FAILED"
+            self.results[name] = result
 
         for test in self.results:
             result = self.results[test]
+            print (self.results)
             self.section['log'] = self.section['log'] + ("%s: %s\n" % (result.strip()[:-2], test.strip()))
 
         return self.results, self.section
diff --git a/meta/lib/oeqa/utils/metadata.py b/meta/lib/oeqa/utils/metadata.py
index 8013aa684d..b320df67e0 100644
--- a/meta/lib/oeqa/utils/metadata.py
+++ b/meta/lib/oeqa/utils/metadata.py
@@ -27,9 +27,9 @@ def metadata_from_bb():
     data_dict = get_bb_vars()
 
     # Distro information
-    info_dict['distro'] = {'id': data_dict['DISTRO'],
-                           'version_id': data_dict['DISTRO_VERSION'],
-                           'pretty_name': '%s %s' % (data_dict['DISTRO'], data_dict['DISTRO_VERSION'])}
+    info_dict['distro'] = {'id': data_dict.get('DISTRO', 'NODISTRO'),
+                                'version_id': data_dict.get('DISTRO_VERSION', 'NO_DISTRO_VERSION'),
+                                'pretty_name': '%s %s' % (data_dict.get('DISTRO', 'NODISTRO'), data_dict.get('DISTRO_VERSION', 'NO_DISTRO_VERSION'))}
 
     # Host distro information
     os_release = get_os_release()
@@ -76,6 +76,10 @@ def git_rev_info(path):
             info['commit_count'] = int(subprocess.check_output(["git", "rev-list", "--count", "HEAD"], cwd=path).decode('utf-8').strip())
         except subprocess.CalledProcessError:
             pass
+        try:
+            info['commit_time'] = int(subprocess.check_output(["git", "show", "--no-patch", "--format=%ct", "HEAD"], cwd=path).decode('utf-8').strip())
+        except subprocess.CalledProcessError:
+            pass
         return info
     try:
         repo = Repo(path, search_parent_directories=True)
@@ -83,6 +87,7 @@ def git_rev_info(path):
         return info
     info['commit'] = repo.head.commit.hexsha
     info['commit_count'] = repo.head.commit.count()
+    info['commit_time'] = repo.head.commit.committed_date
     try:
         info['branch'] = repo.active_branch.name
     except TypeError:
diff --git a/meta/lib/oeqa/utils/network.py b/meta/lib/oeqa/utils/network.py
index 59d01723a1..da4ffda9a9 100644
--- a/meta/lib/oeqa/utils/network.py
+++ b/meta/lib/oeqa/utils/network.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
diff --git a/meta/lib/oeqa/utils/nfs.py b/meta/lib/oeqa/utils/nfs.py
index a37686c914..903469bfee 100644
--- a/meta/lib/oeqa/utils/nfs.py
+++ b/meta/lib/oeqa/utils/nfs.py
@@ -1,4 +1,8 @@
+#
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
+#
 import os
 import sys
 import tempfile
@@ -8,7 +12,7 @@ from oeqa.utils.commands import bitbake, get_bb_var, Command
 from oeqa.utils.network import get_free_port
 
 @contextlib.contextmanager
-def unfs_server(directory, logger = None):
+def unfs_server(directory, logger = None, udp = True):
     unfs_sysroot = get_bb_var("RECIPE_SYSROOT_NATIVE", "unfs3-native")
     if not os.path.exists(os.path.join(unfs_sysroot, "usr", "bin", "unfsd")):
         # build native tool
@@ -22,11 +26,11 @@ def unfs_server(directory, logger = None):
             exports.write("{0} (rw,no_root_squash,no_all_squash,insecure)\n".format(directory).encode())
 
         # find some ports for the server
-        nfsport, mountport = get_free_port(udp = True), get_free_port(udp = True)
+        nfsport, mountport = get_free_port(udp), get_free_port(udp)
 
         nenv = dict(os.environ)
         nenv['PATH'] = "{0}/sbin:{0}/usr/sbin:{0}/usr/bin:".format(unfs_sysroot) + nenv.get('PATH', '')
-        cmd = Command(["unfsd", "-d", "-p", "-N", "-e", exports.name, "-n", str(nfsport), "-m", str(mountport)],
+        cmd = Command(["unfsd", "-d", "-p", "-e", exports.name, "-n", str(nfsport), "-m", str(mountport)],
                 bg = True, env = nenv, output_log = logger)
         cmd.run()
         yield nfsport, mountport
diff --git a/meta/lib/oeqa/utils/package_manager.py b/meta/lib/oeqa/utils/package_manager.py
index 6b67f22fdd..db799b64d6 100644
--- a/meta/lib/oeqa/utils/package_manager.py
+++ b/meta/lib/oeqa/utils/package_manager.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 
diff --git a/meta/lib/oeqa/utils/postactions.py b/meta/lib/oeqa/utils/postactions.py
new file mode 100644
index 0000000000..c69481db6c
--- /dev/null
+++ b/meta/lib/oeqa/utils/postactions.py
@@ -0,0 +1,102 @@
+#
+# Copyright OpenEmbedded Contributors
+#
+# SPDX-License-Identifier: MIT
+#
+
+# Run a set of actions after tests. The runner provides internal data
+# dictionary as well as test context to any action to run.
+
+import datetime
+import io
+import os
+import stat
+import subprocess
+import tempfile
+from oeqa.utils import get_artefact_dir
+
+##################################################################
+# Host/target statistics
+##################################################################
+
+def get_target_disk_usage(d, tc, artifacts_list, outputdir):
+    output_file = os.path.join(outputdir, "target_disk_usage.txt")
+    try:
+        (status, output) = tc.target.run('df -h')
+        with open(output_file, 'w') as f:
+            f.write(output)
+            f.write("\n")
+    except Exception as e:
+        bb.warn(f"Can not get target disk usage: {e}")
+
+def get_host_disk_usage(d, tc, artifacts_list, outputdir):
+    import subprocess
+
+    output_file = os.path.join(outputdir, "host_disk_usage.txt")
+    try:
+        with open(output_file, 'w') as f:
+            output = subprocess.run(['df', '-hl'], check=True, text=True, stdout=f, env={})
+    except Exception as e:
+        bb.warn(f"Can not get host disk usage: {e}")
+
+##################################################################
+# Artifacts retrieval
+##################################################################
+
+def get_artifacts_list(target, raw_list):
+    result = []
+    # Passed list may contains patterns in paths, expand them directly on target
+    for raw_path in raw_list.split():
+        cmd = f"for p in {raw_path}; do if [ -e $p ]; then echo $p; fi; done"
+        try:
+            status, output = target.run(cmd)
+            if status != 0 or not output:
+                raise Exception()
+            result += output.split()
+        except:
+            bb.note(f"No file/directory matching path {raw_path}")
+
+    return result
+
+def list_and_fetch_failed_tests_artifacts(d, tc, artifacts_list, outputdir):
+    artifacts_list = get_artifacts_list(tc.target, artifacts_list)
+    if not artifacts_list:
+        bb.warn("Could not load artifacts list, skip artifacts retrieval")
+        return
+    try:
+        # We need gnu tar for sparse files, not busybox
+        cmd = "tar --sparse -zcf - " + " ".join(artifacts_list)
+        (status, output) = tc.target.run(cmd, raw = True)
+        if status != 0 or not output:
+            raise Exception("Error while fetching compressed artifacts")
+        archive_name = os.path.join(outputdir, "tests_artifacts.tar.gz")
+        with open(archive_name, "wb") as f:
+            f.write(output)
+    except Exception as e:
+        bb.warn(f"Can not retrieve artifacts from test target: {e}")
+
+
+##################################################################
+# General post actions runner
+##################################################################
+
+def run_failed_tests_post_actions(d, tc):
+    artifacts = d.getVar("TESTIMAGE_FAILED_QA_ARTIFACTS")
+    # Allow all the code to be disabled by having no artifacts set, e.g. for systems with no ssh support
+    if not artifacts:
+        return
+
+    outputdir = get_artefact_dir(d)
+    os.makedirs(outputdir, exist_ok=True)
+    datestr = datetime.datetime.now().strftime('%Y%m%d')
+    outputdir = tempfile.mkdtemp(prefix='oeqa-target-artefacts-%s-' % datestr, dir=outputdir)
+    os.chmod(outputdir, stat.S_IRWXU | stat.S_IRGRP | stat.S_IXGRP | stat.S_IROTH | stat.S_IXOTH)
+
+    post_actions=[
+        list_and_fetch_failed_tests_artifacts,
+        get_target_disk_usage,
+        get_host_disk_usage
+    ]
+
+    for action in post_actions:
+        action(d, tc, artifacts, outputdir)
diff --git a/meta/lib/oeqa/utils/qemurunner.py b/meta/lib/oeqa/utils/qemurunner.py
index 77ec939ad7..c4db0cf038 100644
--- a/meta/lib/oeqa/utils/qemurunner.py
+++ b/meta/lib/oeqa/utils/qemurunner.py
@@ -19,20 +19,33 @@ import errno
 import string
 import threading
 import codecs
-import logging
-from oeqa.utils.dump import HostDumper
+import tempfile
 from collections import defaultdict
+from contextlib import contextmanager
+import importlib
+import traceback
 
 # Get Unicode non printable control chars
 control_range = list(range(0,32))+list(range(127,160))
 control_chars = [chr(x) for x in control_range
                 if chr(x) not in string.printable]
 re_control_char = re.compile('[%s]' % re.escape("".join(control_chars)))
+# Regex to remove the ANSI (color) control codes from console strings in order to match the text only
+re_vt100 = re.compile(r'(\x1b\[|\x9b)[^@-_a-z]*[@-_a-z]|\x1b[@-_a-z]')
+
+def getOutput(o):
+    import fcntl
+    fl = fcntl.fcntl(o, fcntl.F_GETFL)
+    fcntl.fcntl(o, fcntl.F_SETFL, fl | os.O_NONBLOCK)
+    try:
+        return os.read(o.fileno(), 1000000).decode("utf-8")
+    except BlockingIOError:
+        return ""
 
 class QemuRunner:
 
-    def __init__(self, machine, rootfs, display, tmpdir, deploy_dir_image, logfile, boottime, dump_dir, dump_host_cmds,
-                 use_kvm, logger, use_slirp=False, serial_ports=2, boot_patterns = defaultdict(str), use_ovmf=False, workdir=None):
+    def __init__(self, machine, rootfs, display, tmpdir, deploy_dir_image, logfile, boottime, dump_dir, use_kvm, logger, use_slirp=False,
+     serial_ports=2, boot_patterns = defaultdict(str), use_ovmf=False, workdir=None, tmpfsdir=None):
 
         # Popen object for runqemu
         self.runqemu = None
@@ -55,21 +68,24 @@ class QemuRunner:
         self.boottime = boottime
         self.logged = False
         self.thread = None
+        self.threadsock = None
         self.use_kvm = use_kvm
         self.use_ovmf = use_ovmf
         self.use_slirp = use_slirp
         self.serial_ports = serial_ports
         self.msg = ''
         self.boot_patterns = boot_patterns
+        self.tmpfsdir = tmpfsdir
 
-        self.runqemutime = 120
+        self.runqemutime = 300
         if not workdir:
             workdir = os.getcwd()
         self.qemu_pidfile = workdir + '/pidfile_' + str(os.getpid())
-        self.host_dumper = HostDumper(dump_host_cmds, dump_dir)
         self.monitorpipe = None
 
         self.logger = logger
+        # Whether we're expecting an exit and should show related errors
+        self.canexit = False
 
         # Enable testing other OS's
         # Set commands for target communication, and default to Linux ALWAYS
@@ -80,20 +96,21 @@ class QemuRunner:
         accepted_patterns = ['search_reached_prompt', 'send_login_user', 'search_login_succeeded', 'search_cmd_finished']
         default_boot_patterns = defaultdict(str)
         # Default to the usual paterns used to communicate with the target
-        default_boot_patterns['search_reached_prompt'] = b' login:'
+        default_boot_patterns['search_reached_prompt'] = ' login:'
         default_boot_patterns['send_login_user'] = 'root\n'
         default_boot_patterns['search_login_succeeded'] = r"root@[a-zA-Z0-9\-]+:~#"
         default_boot_patterns['search_cmd_finished'] = r"[a-zA-Z0-9]+@[a-zA-Z0-9\-]+:~#"
 
         # Only override patterns that were set e.g. login user TESTIMAGE_BOOT_PATTERNS[send_login_user] = "webserver\n"
         for pattern in accepted_patterns:
-            if not self.boot_patterns[pattern]:
+            if pattern not in self.boot_patterns or not self.boot_patterns[pattern]:
                 self.boot_patterns[pattern] = default_boot_patterns[pattern]
 
     def create_socket(self):
         try:
             sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
             sock.setblocking(0)
+            sock.setsockopt(socket.IPPROTO_TCP, socket.TCP_NODELAY, 1)
             sock.bind(("127.0.0.1",0))
             sock.listen(2)
             port = sock.getsockname()[1]
@@ -104,30 +121,24 @@ class QemuRunner:
             sock.close()
             raise
 
-    def log(self, msg):
-        if self.logfile:
-            # It is needed to sanitize the data received from qemu
-            # because is possible to have control characters
-            msg = msg.decode("utf-8", errors='ignore')
-            msg = re_control_char.sub('', msg)
-            self.msg += msg
-            with codecs.open(self.logfile, "a", encoding="utf-8") as f:
-                f.write("%s" % msg)
-
-    def getOutput(self, o):
-        import fcntl
-        fl = fcntl.fcntl(o, fcntl.F_GETFL)
-        fcntl.fcntl(o, fcntl.F_SETFL, fl | os.O_NONBLOCK)
-        return os.read(o.fileno(), 1000000).decode("utf-8")
+    def decode_qemulog(self, todecode):
+        # Sanitize the data received from qemu as it may contain control characters
+        msg = todecode.decode("utf-8", errors='backslashreplace')
+        msg = re_control_char.sub('', msg)
+        return msg
 
+    def log(self, msg, extension=""):
+        if self.logfile:
+            with codecs.open(self.logfile + extension, "ab") as f:
+                f.write(msg)
+        self.msg += self.decode_qemulog(msg)
 
     def handleSIGCHLD(self, signum, frame):
         if self.runqemu and self.runqemu.poll():
             if self.runqemu.returncode:
                 self.logger.error('runqemu exited with code %d' % self.runqemu.returncode)
-                self.logger.error('Output from runqemu:\n%s' % self.getOutput(self.runqemu.stdout))
+                self.logger.error('Output from runqemu:\n%s' % getOutput(self.runqemu.stdout))
                 self.stop()
-                self._dump_host()
 
     def start(self, qemuparams = None, get_ip = True, extra_bootparams = None, runqemuparams='', launch_cmd=None, discard_writes=True):
         env = os.environ.copy()
@@ -150,6 +161,9 @@ class QemuRunner:
         else:
             env["DEPLOY_DIR_IMAGE"] = self.deploy_dir_image
 
+        if self.tmpfsdir:
+            env["RUNQEMU_TMPFS_DIR"] = self.tmpfsdir
+
         if not launch_cmd:
             launch_cmd = 'runqemu %s' % ('snapshot' if discard_writes else '')
             if self.use_kvm:
@@ -163,11 +177,38 @@ class QemuRunner:
                 launch_cmd += ' slirp'
             if self.use_ovmf:
                 launch_cmd += ' ovmf'
-            launch_cmd += ' %s %s %s' % (runqemuparams, self.machine, self.rootfs)
+            launch_cmd += ' %s %s' % (runqemuparams, self.machine)
+            if self.rootfs.endswith('.vmdk'):
+                self.logger.debug('Bypassing VMDK rootfs for runqemu')
+            else:
+                launch_cmd += ' %s' % (self.rootfs)
 
         return self.launch(launch_cmd, qemuparams=qemuparams, get_ip=get_ip, extra_bootparams=extra_bootparams, env=env)
 
     def launch(self, launch_cmd, get_ip = True, qemuparams = None, extra_bootparams = None, env = None):
+        # use logfile to determine the recipe-sysroot-native path and
+        # then add in the site-packages path components and add that
+        # to the python sys.path so the qmp module can be found.
+        python_path = os.path.dirname(os.path.dirname(self.logfile))
+        python_path += "/recipe-sysroot-native/usr/lib/qemu-python"
+        sys.path.append(python_path)
+        importlib.invalidate_caches()
+        try:
+            qmp = importlib.import_module("qmp")
+        except Exception as e:
+            self.logger.error("qemurunner: qmp module missing, please ensure it's installed in %s (%s)" % (python_path, str(e)))
+            return False
+        # Path relative to tmpdir used as cwd for qemu below to avoid unix socket path length issues
+        qmp_file = "." + next(tempfile._get_candidate_names())
+        qmp_param = ' -S -qmp unix:./%s,server,wait' % (qmp_file)
+        qmp_port = self.tmpdir + "/" + qmp_file
+        # Create a second socket connection for debugging use,
+        # note this will NOT cause qemu to block waiting for the connection
+        qmp_file2 = "." + next(tempfile._get_candidate_names())
+        qmp_param += ' -qmp unix:./%s,server,nowait' % (qmp_file2)
+        qmp_port2 = self.tmpdir + "/" + qmp_file2
+        self.logger.info("QMP Available for connection at %s" % (qmp_port2))
+
         try:
             if self.serial_ports >= 2:
                 self.threadsock, threadport = self.create_socket()
@@ -176,7 +217,7 @@ class QemuRunner:
             self.logger.error("Failed to create listening socket: %s" % msg[1])
             return False
 
-        bootparams = 'console=tty1 console=ttyS0,115200n8 printk.time=1'
+        bootparams = ' printk.time=1'
         if extra_bootparams:
             bootparams = bootparams + ' ' + extra_bootparams
 
@@ -184,7 +225,8 @@ class QemuRunner:
         # and analyze descendents in order to determine it.
         if os.path.exists(self.qemu_pidfile):
             os.remove(self.qemu_pidfile)
-        self.qemuparams = 'bootparams="{0}" qemuparams="-pidfile {1}"'.format(bootparams, self.qemu_pidfile)
+        self.qemuparams = 'bootparams="{0}" qemuparams="-pidfile {1} {2}"'.format(bootparams, self.qemu_pidfile, qmp_param)
+
         if qemuparams:
             self.qemuparams = self.qemuparams[:-1] + " " + qemuparams + " " + '\"'
 
@@ -196,14 +238,15 @@ class QemuRunner:
         self.origchldhandler = signal.getsignal(signal.SIGCHLD)
         signal.signal(signal.SIGCHLD, self.handleSIGCHLD)
 
-        self.logger.debug('launchcmd=%s'%(launch_cmd))
+        self.logger.debug('launchcmd=%s' % (launch_cmd))
 
         # FIXME: We pass in stdin=subprocess.PIPE here to work around stty
         # blocking at the end of the runqemu script when using this within
         # oe-selftest (this makes stty error out immediately). There ought
         # to be a proper fix but this will suffice for now.
-        self.runqemu = subprocess.Popen(launch_cmd, shell=True, stdout=subprocess.PIPE, stderr=subprocess.STDOUT, stdin=subprocess.PIPE, preexec_fn=os.setpgrp, env=env)
+        self.runqemu = subprocess.Popen(launch_cmd, shell=True, stdout=subprocess.PIPE, stderr=subprocess.STDOUT, stdin=subprocess.PIPE, preexec_fn=os.setpgrp, env=env, cwd=self.tmpdir)
         output = self.runqemu.stdout
+        launch_time = time.time()
 
         #
         # We need the preexec_fn above so that all runqemu processes can easily be killed
@@ -224,35 +267,41 @@ class QemuRunner:
             self.monitorpipe = os.fdopen(w, "w")
         else:
             # child process
-            os.setpgrp()
-            os.close(w)
-            r = os.fdopen(r)
-            x = r.read()
-            os.killpg(os.getpgid(self.runqemu.pid), signal.SIGTERM)
-            sys.exit(0)
+            try:
+                os.setpgrp()
+                os.close(w)
+                r = os.fdopen(r)
+                x = r.read()
+                os.killpg(os.getpgid(self.runqemu.pid), signal.SIGTERM)
+            finally:
+                # We must exit under all circumstances
+                os._exit(0)
 
         self.logger.debug("runqemu started, pid is %s" % self.runqemu.pid)
-        self.logger.debug("waiting at most %s seconds for qemu pid (%s)" %
+        self.logger.debug("waiting at most %d seconds for qemu pid (%s)" %
                           (self.runqemutime, time.strftime("%D %H:%M:%S")))
         endtime = time.time() + self.runqemutime
         while not self.is_alive() and time.time() < endtime:
             if self.runqemu.poll():
                 if self.runqemu_exited:
+                    self.logger.warning("runqemu during is_alive() test")
                     return False
                 if self.runqemu.returncode:
                     # No point waiting any longer
                     self.logger.warning('runqemu exited with code %d' % self.runqemu.returncode)
-                    self._dump_host()
-                    self.logger.warning("Output from runqemu:\n%s" % self.getOutput(output))
+                    self.logger.warning("Output from runqemu:\n%s" % getOutput(output))
                     self.stop()
                     return False
             time.sleep(0.5)
 
         if self.runqemu_exited:
-            return False
+            self.logger.warning("runqemu after timeout")
+
+        if self.runqemu.returncode:
+            self.logger.warning('runqemu exited with code %d' % self.runqemu.returncode)
 
         if not self.is_alive():
-            self.logger.error("Qemu pid didn't appear in %s seconds (%s)" %
+            self.logger.error("Qemu pid didn't appear in %d seconds (%s)" %
                               (self.runqemutime, time.strftime("%D %H:%M:%S")))
 
             qemu_pid = None
@@ -267,8 +316,7 @@ class QemuRunner:
             ps = subprocess.Popen(['ps', 'axww', '-o', 'pid,ppid,pri,ni,command '], stdout=subprocess.PIPE).communicate()[0]
             processes = ps.decode("utf-8")
             self.logger.debug("Running processes:\n%s" % processes)
-            self._dump_host()
-            op = self.getOutput(output)
+            op = getOutput(output)
             self.stop()
             if op:
                 self.logger.error("Output from runqemu:\n%s" % op)
@@ -276,10 +324,79 @@ class QemuRunner:
                 self.logger.error("No output from runqemu.\n")
             return False
 
+        # Create the client socket for the QEMU Monitor Control Socket
+        # This will allow us to read status from Qemu if the the process
+        # is still alive
+        self.logger.debug("QMP Initializing to %s" % (qmp_port))
+        # chdir dance for path length issues with unix sockets
+        origpath = os.getcwd()
+        try:
+            os.chdir(os.path.dirname(qmp_port))
+            try:
+                from qmp.legacy import QEMUMonitorProtocol
+                self.qmp = QEMUMonitorProtocol(os.path.basename(qmp_port))
+            except OSError as msg:
+                self.logger.warning("Failed to initialize qemu monitor socket: %s File: %s" % (msg, msg.filename))
+                return False
+
+            self.logger.debug("QMP Connecting to %s" % (qmp_port))
+            if not os.path.exists(qmp_port) and self.is_alive():
+                self.logger.debug("QMP Port does not exist waiting for it to be created")
+                endtime = time.time() + self.runqemutime
+                while not os.path.exists(qmp_port) and self.is_alive() and time.time() < endtime:
+                    self.logger.info("QMP port does not exist yet!")
+                    time.sleep(0.5)
+                if not os.path.exists(qmp_port) and self.is_alive():
+                    self.logger.warning("QMP Port still does not exist but QEMU is alive")
+                    return False
+
+            try:
+                # set timeout value for all QMP calls
+                self.qmp.settimeout(self.runqemutime)
+                self.qmp.connect()
+                connect_time = time.time()
+                self.logger.info("QMP connected to QEMU at %s and took %.2f seconds" %
+                                  (time.strftime("%D %H:%M:%S"),
+                                   time.time() - launch_time))
+            except OSError as msg:
+                self.logger.warning("Failed to connect qemu monitor socket: %s File: %s" % (msg, msg.filename))
+                return False
+            except qmp.legacy.QMPError as msg:
+                self.logger.warning("Failed to communicate with qemu monitor: %s" % (msg))
+                return False
+        finally:
+            os.chdir(origpath)
+
+        # We worry that mmap'd libraries may cause page faults which hang the qemu VM for periods
+        # causing failures. Before we "start" qemu, read through it's mapped files to try and 
+        # ensure we don't hit page faults later
+        mapdir = "/proc/" + str(self.qemupid) + "/map_files/"
+        try:
+            for f in os.listdir(mapdir):
+                try:
+                    linktarget = os.readlink(os.path.join(mapdir, f))
+                    if not linktarget.startswith("/") or linktarget.startswith("/dev") or "deleted" in linktarget:
+                        continue
+                    with open(linktarget, "rb") as readf:
+                        data = True
+                        while data:
+                            data = readf.read(4096)
+                except FileNotFoundError:
+                    continue
+        # Centos7 doesn't allow us to read /map_files/
+        except PermissionError:
+            pass
+
+        # Release the qemu process to continue running
+        self.run_monitor('cont')
+        self.logger.info("QMP released QEMU at %s and took %.2f seconds from connect" %
+                          (time.strftime("%D %H:%M:%S"),
+                           time.time() - connect_time))
+
         # We are alive: qemu is running
-        out = self.getOutput(output)
+        out = getOutput(output)
         netconf = False # network configuration is not required by default
-        self.logger.debug("qemu started in %s seconds - qemu procces pid is %s (%s)" %
+        self.logger.debug("qemu started in %.2f seconds - qemu procces pid is %s (%s)" %
                           (time.time() - (endtime - self.runqemutime),
                            self.qemupid, time.strftime("%D %H:%M:%S")))
         cmdline = ''
@@ -291,9 +408,10 @@ class QemuRunner:
                 cmdline = re_control_char.sub(' ', cmdline)
             try:
                 if self.use_slirp:
-                    tcp_ports = cmdline.split("hostfwd=tcp::")[1]
+                    tcp_ports = cmdline.split("hostfwd=tcp:")[1]
+                    ip, tcp_ports = tcp_ports.split(":")[:2]
                     host_port = tcp_ports[:tcp_ports.find('-')]
-                    self.ip = "localhost:%s" % host_port
+                    self.ip = "%s:%s" % (ip, host_port)
                 else:
                     ips = re.findall(r"((?:[0-9]{1,3}\.){3}[0-9]{1,3})", cmdline.split("ip=")[1])
                     self.ip = ips[0]
@@ -301,8 +419,8 @@ class QemuRunner:
                 self.logger.debug("qemu cmdline used:\n{}".format(cmdline))
             except (IndexError, ValueError):
                 # Try to get network configuration from runqemu output
-                match = re.match(r'.*Network configuration: (?:ip=)*([0-9.]+)::([0-9.]+):([0-9.]+)$.*',
-                                 out, re.MULTILINE|re.DOTALL)
+                match = re.match(r'.*Network configuration: (?:ip=)*([0-9.]+)::([0-9.]+):([0-9.]+).*',
+                                 out, re.MULTILINE | re.DOTALL)
                 if match:
                     self.ip, self.server_ip, self.netmask = match.groups()
                     # network configuration is required as we couldn't get it
@@ -313,16 +431,16 @@ class QemuRunner:
                     self.logger.error("Couldn't get ip from qemu command line and runqemu output! "
                                  "Here is the qemu command line used:\n%s\n"
                                  "and output from runqemu:\n%s" % (cmdline, out))
-                    self._dump_host()
                     self.stop()
                     return False
 
         self.logger.debug("Target IP: %s" % self.ip)
         self.logger.debug("Server IP: %s" % self.server_ip)
 
+        self.thread = LoggingThread(self.log, self.threadsock, self.logger, self.runqemu.stdout)
+        self.thread.start()
+
         if self.serial_ports >= 2:
-            self.thread = LoggingThread(self.log, self.threadsock, self.logger)
-            self.thread.start()
             if not self.thread.connection_established.wait(self.boottime):
                 self.logger.error("Didn't receive a console connection from qemu. "
                              "Here is the qemu command line used:\n%s\nand "
@@ -334,7 +452,7 @@ class QemuRunner:
         self.logger.debug("Waiting at most %d seconds for login banner (%s)" %
                           (self.boottime, time.strftime("%D %H:%M:%S")))
         endtime = time.time() + self.boottime
-        socklist = [self.server_socket]
+        filelist = [self.server_socket]
         reachedlogin = False
         stopread = False
         qemusock = None
@@ -342,64 +460,84 @@ class QemuRunner:
         data = b''
         while time.time() < endtime and not stopread:
             try:
-                sread, swrite, serror = select.select(socklist, [], [], 5)
+                sread, swrite, serror = select.select(filelist, [], [], 5)
             except InterruptedError:
                 continue
-            for sock in sread:
-                if sock is self.server_socket:
+            for file in sread:
+                if file is self.server_socket:
                     qemusock, addr = self.server_socket.accept()
-                    qemusock.setblocking(0)
-                    socklist.append(qemusock)
-                    socklist.remove(self.server_socket)
+                    qemusock.setblocking(False)
+                    filelist.append(qemusock)
+                    filelist.remove(self.server_socket)
                     self.logger.debug("Connection from %s:%s" % addr)
                 else:
-                    data = data + sock.recv(1024)
+                    # try to avoid reading only a single character at a time
+                    time.sleep(0.1)
+                    if hasattr(file, 'read'):
+                        read = file.read(1024)
+                    elif hasattr(file, 'recv'):
+                        read = file.recv(1024)
+                    else:
+                        self.logger.error('Invalid file type: %s\n%s' % (file))
+                        read = b''
+
+                    self.logger.debug2('Partial boot log:\n%s' % (read.decode('utf-8', errors='backslashreplace')))
+                    data = data + read
                     if data:
                         bootlog += data
-                        if self.serial_ports < 2:
-                            # this socket has mixed console/kernel data, log it to logfile
-                            self.log(data)
-
+                        self.log(data, extension = ".2")
                         data = b''
-                        if self.boot_patterns['search_reached_prompt'] in bootlog:
+
+                        if bytes(self.boot_patterns['search_reached_prompt'], 'utf-8') in bootlog:
+                            self.server_socket.close()
                             self.server_socket = qemusock
                             stopread = True
                             reachedlogin = True
-                            self.logger.debug("Reached login banner in %s seconds (%s)" %
+                            self.logger.debug("Reached login banner in %.2f seconds (%s)" %
                                               (time.time() - (endtime - self.boottime),
                                               time.strftime("%D %H:%M:%S")))
                     else:
                         # no need to check if reachedlogin unless we support multiple connections
                         self.logger.debug("QEMU socket disconnected before login banner reached. (%s)" %
                                           time.strftime("%D %H:%M:%S"))
-                        socklist.remove(sock)
-                        sock.close()
+                        filelist.remove(file)
+                        file.close()
                         stopread = True
 
-
         if not reachedlogin:
             if time.time() >= endtime:
                 self.logger.warning("Target didn't reach login banner in %d seconds (%s)" %
                                   (self.boottime, time.strftime("%D %H:%M:%S")))
             tail = lambda l: "\n".join(l.splitlines()[-25:])
-            bootlog = bootlog.decode("utf-8")
-            # in case bootlog is empty, use tail qemu log store at self.msg
-            lines = tail(bootlog if bootlog else self.msg)
-            self.logger.warning("Last 25 lines of text:\n%s" % lines)
+            bootlog = self.decode_qemulog(bootlog)
+            self.logger.warning("Last 25 lines of login console (%d):\n%s" % (len(bootlog), tail(bootlog)))
+            self.logger.warning("Last 25 lines of all logging (%d):\n%s" % (len(self.msg), tail(self.msg)))
             self.logger.warning("Check full boot log: %s" % self.logfile)
-            self._dump_host()
             self.stop()
+            data = True
+            while data:
+                try:
+                    time.sleep(1)
+                    data = qemusock.recv(1024)
+                    self.log(data, extension = ".2")
+                    self.logger.warning('Extra log data read: %s\n' % (data.decode('utf-8', errors='backslashreplace')))
+                except Exception as e:
+                    self.logger.warning('Extra log data exception %s' % repr(e))
+                    data = None
             return False
 
+        with self.thread.serial_lock:
+            self.thread.set_serialsock(self.server_socket)
+
         # If we are not able to login the tests can continue
         try:
             (status, output) = self.run_serial(self.boot_patterns['send_login_user'], raw=True, timeout=120)
             if re.search(self.boot_patterns['search_login_succeeded'], output):
                 self.logged = True
-                self.logger.debug("Logged as root in serial console")
+                self.logger.debug("Logged in as %s in serial console" % self.boot_patterns['send_login_user'].replace("\n", ""))
                 if netconf:
                     # configure guest networking
-                    cmd = "ifconfig eth0 %s netmask %s up\n" % (self.ip, self.netmask)
+                    cmd = "ip addr add %s/%s dev eth0\nip link set dev eth0 up\n" % (self.ip, self.netmask)
                     output = self.run_serial(cmd, raw=True)[1]
                     if re.search(r"root@[a-zA-Z0-9\-]+:~#", output):
                         self.logger.debug("configured ip address %s", self.ip)
@@ -407,7 +545,7 @@ class QemuRunner:
                         self.logger.debug("Couldn't configure guest networking")
             else:
                 self.logger.warning("Couldn't login into serial console"
-                            " as root using blank password")
+                            " as %s using blank password" % self.boot_patterns['send_login_user'].replace("\n", ""))
                 self.logger.warning("The output:\n%s" % output)
         except:
             self.logger.warning("Serial console failed while trying to login")
@@ -427,16 +565,24 @@ class QemuRunner:
                 except OSError as e:
                     if e.errno != errno.ESRCH:
                         raise
-            endtime = time.time() + self.runqemutime
-            while self.runqemu.poll() is None and time.time() < endtime:
-                time.sleep(1)
-            if self.runqemu.poll() is None:
+            try:
+                outs, errs = self.runqemu.communicate(timeout=self.runqemutime)
+                if outs:
+                    self.logger.info("Output from runqemu:\n%s", outs.decode("utf-8"))
+                if errs:
+                    self.logger.info("Stderr from runqemu:\n%s", errs.decode("utf-8"))
+            except subprocess.TimeoutExpired:
                 self.logger.debug("Sending SIGKILL to runqemu")
                 os.killpg(os.getpgid(self.runqemu.pid), signal.SIGKILL)
+            if not self.runqemu.stdout.closed:
+                self.logger.info("Output from runqemu:\n%s" % getOutput(self.runqemu.stdout))
             self.runqemu.stdin.close()
             self.runqemu.stdout.close()
             self.runqemu_exited = True
 
+        if hasattr(self, 'qmp') and self.qmp:
+            self.qmp.close()
+            self.qmp = None
         if hasattr(self, 'server_socket') and self.server_socket:
             self.server_socket.close()
             self.server_socket = None
@@ -467,6 +613,11 @@ class QemuRunner:
             self.thread.stop()
             self.thread.join()
 
+    def allowexit(self):
+        self.canexit = True
+        if self.thread:
+            self.thread.allowexit()
+
     def restart(self, qemuparams = None):
         self.logger.warning("Restarting qemu process")
         if self.runqemu.poll() is None:
@@ -483,8 +634,12 @@ class QemuRunner:
             # so it's possible that the file has been created but the content is empty
             pidfile_timeout = time.time() + 3
             while time.time() < pidfile_timeout:
-                with open(self.qemu_pidfile, 'r') as f:
-                    qemu_pid = f.read().strip()
+                try:
+                    with open(self.qemu_pidfile, 'r') as f:
+                        qemu_pid = f.read().strip()
+                except FileNotFoundError:
+                    # Can be used to detect shutdown so the pid file can disappear
+                    return False
                 # file created but not yet written contents
                 if not qemu_pid:
                     time.sleep(0.5)
@@ -495,34 +650,49 @@ class QemuRunner:
                         return True
         return False
 
+    def run_monitor(self, command, args=None, timeout=60):
+        if hasattr(self, 'qmp') and self.qmp:
+            self.qmp.settimeout(timeout)
+            if args is not None:
+                return self.qmp.cmd_raw(command, args)
+            else:
+                return self.qmp.cmd_raw(command)
+
     def run_serial(self, command, raw=False, timeout=60):
+        # Returns (status, output) where status is 1 on success and 0 on error
+
         # We assume target system have echo to get command status
         if not raw:
             command = "%s; echo $?\n" % command
 
         data = ''
         status = 0
-        self.server_socket.sendall(command.encode('utf-8'))
-        start = time.time()
-        end = start + timeout
-        while True:
-            now = time.time()
-            if now >= end:
-                data += "<<< run_serial(): command timed out after %d seconds without output >>>\r\n\r\n" % timeout
-                break
-            try:
-                sread, _, _ = select.select([self.server_socket],[],[], end - now)
-            except InterruptedError:
-                continue
-            if sread:
-                answer = self.server_socket.recv(1024)
-                if answer:
-                    data += answer.decode('utf-8')
-                    # Search the prompt to stop
-                    if re.search(self.boot_patterns['search_cmd_finished'], data):
-                        break
-                else:
-                    raise Exception("No data on serial console socket")
+        with self.thread.serial_lock:
+            self.server_socket.sendall(command.encode('utf-8'))
+            start = time.time()
+            end = start + timeout
+            while True:
+                now = time.time()
+                if now >= end:
+                    data += "<<< run_serial(): command timed out after %d seconds without output >>>\r\n\r\n" % timeout
+                    break
+                try:
+                    sread, _, _ = select.select([self.server_socket],[],[], end - now)
+                except InterruptedError:
+                    continue
+                if sread:
+                    # try to avoid reading single character at a time
+                    time.sleep(0.1)
+                    answer = self.server_socket.recv(1024)
+                    if answer:
+                        data += re_vt100.sub("", answer.decode('utf-8'))
+                        # Search the prompt to stop
+                        if re.search(self.boot_patterns['search_cmd_finished'], data):
+                            break
+                    else:
+                        if self.canexit:
+                            return (1, "")
+                        raise Exception("No data on serial console socket, connection closed?")
 
         if data:
             if raw:
@@ -541,34 +711,48 @@ class QemuRunner:
                     status = 1
         return (status, str(data))
 
-
-    def _dump_host(self):
-        self.host_dumper.create_dir("qemu")
-        self.logger.warning("Qemu ended unexpectedly, dump data from host"
-                " is in %s" % self.host_dumper.dump_dir)
-        self.host_dumper.dump_host()
+@contextmanager
+def nonblocking_lock(lock):
+    locked = lock.acquire(False)
+    try:
+        yield locked
+    finally:
+        if locked:
+            lock.release()
 
 # This class is for reading data from a socket and passing it to logfunc
 # to be processed. It's completely event driven and has a straightforward
 # event loop. The mechanism for stopping the thread is a simple pipe which
 # will wake up the poll and allow for tearing everything down.
 class LoggingThread(threading.Thread):
-    def __init__(self, logfunc, sock, logger):
+    def __init__(self, logfunc, sock, logger, qemuoutput):
         self.connection_established = threading.Event()
+        self.serial_lock = threading.Lock()
+
         self.serversock = sock
+        self.serialsock = None
+        self.qemuoutput = qemuoutput
         self.logfunc = logfunc
         self.logger = logger
         self.readsock = None
         self.running = False
+        self.canexit = False
 
         self.errorevents = select.POLLERR | select.POLLHUP | select.POLLNVAL
         self.readevents = select.POLLIN | select.POLLPRI
 
         threading.Thread.__init__(self, target=self.threadtarget)
 
+    def set_serialsock(self, serialsock):
+        self.serialsock = serialsock
+
     def threadtarget(self):
         try:
             self.eventloop()
+        except Exception:
+            exc_type, exc_value, exc_traceback = sys.exc_info()
+            self.logger.warning("Exception %s in logging thread" %
+                                traceback.format_exception(exc_type, exc_value, exc_traceback))
         finally:
             self.teardown()
 
@@ -584,7 +768,8 @@ class LoggingThread(threading.Thread):
 
     def teardown(self):
         self.logger.debug("Tearing down logging thread")
-        self.close_socket(self.serversock)
+        if self.serversock:
+            self.close_socket(self.serversock)
 
         if self.readsock is not None:
             self.close_socket(self.readsock)
@@ -593,30 +778,37 @@ class LoggingThread(threading.Thread):
         self.close_ignore_error(self.writepipe)
         self.running = False
 
+    def allowexit(self):
+        self.canexit = True
+
     def eventloop(self):
         poll = select.poll()
         event_read_mask = self.errorevents | self.readevents
-        poll.register(self.serversock.fileno())
+        if self.serversock:
+            poll.register(self.serversock.fileno())
+        serial_registered = False
+        poll.register(self.qemuoutput.fileno())
         poll.register(self.readpipe, event_read_mask)
 
         breakout = False
         self.running = True
         self.logger.debug("Starting thread event loop")
         while not breakout:
-            events = poll.poll()
-            for event in events:
+            events = poll.poll(2)
+            for fd, event in events:
+
                 # An error occurred, bail out
-                if event[1] & self.errorevents:
-                    raise Exception(self.stringify_event(event[1]))
+                if event & self.errorevents:
+                    raise Exception(self.stringify_event(event))
 
                 # Event to stop the thread
-                if self.readpipe == event[0]:
+                if self.readpipe == fd:
                     self.logger.debug("Stop event received")
                     breakout = True
                     break
 
                 # A connection request was received
-                elif self.serversock.fileno() == event[0]:
+                elif self.serversock and self.serversock.fileno() == fd:
                     self.logger.debug("Connection request received")
                     self.readsock, _ = self.serversock.accept()
                     self.readsock.setblocking(0)
@@ -627,18 +819,40 @@ class LoggingThread(threading.Thread):
                     self.connection_established.set()
 
                 # Actual data to be logged
-                elif self.readsock.fileno() == event[0]:
-                    data = self.recv(1024)
+                elif self.readsock and self.readsock.fileno() == fd:
+                    data = self.recv(1024, self.readsock)
                     self.logfunc(data)
+                elif self.qemuoutput.fileno() == fd:
+                    data = self.qemuoutput.read()
+                    self.logger.debug("Data received on qemu stdout %s" % data)
+                    self.logfunc(data, ".stdout")
+                elif self.serialsock and self.serialsock.fileno() == fd:
+                    if self.serial_lock.acquire(blocking=False):
+                        try:
+                            data = self.recv(1024, self.serialsock)
+                            self.logger.debug("Data received serial thread %s" % data.decode('utf-8', 'replace'))
+                            self.logfunc(data, ".2")
+                        finally:
+                            self.serial_lock.release()
+                    else:
+                        serial_registered = False
+                        poll.unregister(self.serialsock.fileno())
+
+            if not serial_registered and self.serialsock:
+                with nonblocking_lock(self.serial_lock) as l:
+                    if l:
+                        serial_registered = True
+                        poll.register(self.serialsock.fileno(), event_read_mask)
+
 
     # Since the socket is non-blocking make sure to honor EAGAIN
     # and EWOULDBLOCK.
-    def recv(self, count):
+    def recv(self, count, sock):
         try:
-            data = self.readsock.recv(count)
+            data = sock.recv(count)
         except socket.error as e:
             if e.errno == errno.EAGAIN or e.errno == errno.EWOULDBLOCK:
-                return ''
+                return b''
             else:
                 raise
 
@@ -649,7 +863,9 @@ class LoggingThread(threading.Thread):
             # happened. But for this code it counts as an
             # error since the connection shouldn't go away
             # until qemu exits.
-            raise Exception("Console connection closed unexpectedly")
+            if not self.canexit:
+                raise Exception("Console connection closed unexpectedly")
+            return b''
 
         return data
 
@@ -661,6 +877,9 @@ class LoggingThread(threading.Thread):
             val = 'POLLHUP'
         elif select.POLLNVAL == event:
             val = 'POLLNVAL'
+        else:
+            val = "0x%x" % (event)
+
         return val
 
     def close_socket(self, sock):
diff --git a/meta/lib/oeqa/utils/qemutinyrunner.py b/meta/lib/oeqa/utils/qemutinyrunner.py
index 5c92941c0a..20009401ca 100644
--- a/meta/lib/oeqa/utils/qemutinyrunner.py
+++ b/meta/lib/oeqa/utils/qemutinyrunner.py
@@ -19,7 +19,7 @@ from .qemurunner import QemuRunner
 
 class QemuTinyRunner(QemuRunner):
 
-    def __init__(self, machine, rootfs, display, tmpdir, deploy_dir_image, logfile, kernel, boottime, logger):
+    def __init__(self, machine, rootfs, display, tmpdir, deploy_dir_image, logfile, kernel, boottime, logger, tmpfsdir=None):
 
         # Popen object for runqemu
         self.runqemu = None
@@ -37,6 +37,7 @@ class QemuTinyRunner(QemuRunner):
         self.deploy_dir_image = deploy_dir_image
         self.logfile = logfile
         self.boottime = boottime
+        self.tmpfsdir = tmpfsdir
 
         self.runqemutime = 60
         self.socketfile = "console.sock"
@@ -83,6 +84,9 @@ class QemuTinyRunner(QemuRunner):
             return False
         else:
             os.environ["DEPLOY_DIR_IMAGE"] = self.deploy_dir_image
+        if self.tmpfsdir:
+            env["RUNQEMU_TMPFS_DIR"] = self.tmpfsdir
+
 
         # Set this flag so that Qemu doesn't do any grabs as SDL grabs interact
         # badly with screensavers.
diff --git a/meta/lib/oeqa/utils/sshcontrol.py b/meta/lib/oeqa/utils/sshcontrol.py
index 36c2ecb3db..88a61aff63 100644
--- a/meta/lib/oeqa/utils/sshcontrol.py
+++ b/meta/lib/oeqa/utils/sshcontrol.py
@@ -57,8 +57,10 @@ class SSHProcess(object):
                     if select.select([self.process.stdout], [], [], 5)[0] != []:
                         data = os.read(self.process.stdout.fileno(), 1024)
                         if not data:
-                            self.process.stdout.close()
-                            eof = True
+                            self.process.poll()
+                            if self.process.returncode is not None:
+                                self.process.stdout.close()
+                                eof = True
                         else:
                             data = data.decode("utf-8")
                             output += data
diff --git a/meta/lib/oeqa/utils/subprocesstweak.py b/meta/lib/oeqa/utils/subprocesstweak.py
index b47975a4bc..1774513023 100644
--- a/meta/lib/oeqa/utils/subprocesstweak.py
+++ b/meta/lib/oeqa/utils/subprocesstweak.py
@@ -1,4 +1,6 @@
 #
+# Copyright OpenEmbedded Contributors
+#
 # SPDX-License-Identifier: MIT
 #
 import subprocess
@@ -6,16 +8,11 @@ import subprocess
 class OETestCalledProcessError(subprocess.CalledProcessError):
     def __str__(self):
         def strify(o):
-            if isinstance(o, bytes):
-                return o.decode("utf-8", errors="replace")
-            else:
-                return o
+            return o.decode("utf-8", errors="replace") if isinstance(o, bytes) else o
 
-        s = "Command '%s' returned non-zero exit status %d" % (self.cmd, self.returncode)
-        if hasattr(self, "output") and self.output:
-            s = s + "\nStandard Output: " + strify(self.output)
-        if hasattr(self, "stderr") and self.stderr:
-            s = s + "\nStandard Error: " + strify(self.stderr)
+        s = super().__str__()
+        s = s + "\nStandard Output: " + strify(self.output)
+        s = s + "\nStandard Error: " + strify(self.stderr)
         return s
 
 def errors_have_output():
diff --git a/meta/lib/oeqa/utils/targetbuild.py b/meta/lib/oeqa/utils/targetbuild.py
index 1055810ca3..09738add1d 100644
--- a/meta/lib/oeqa/utils/targetbuild.py
+++ b/meta/lib/oeqa/utils/targetbuild.py
@@ -19,6 +19,7 @@ class BuildProject(metaclass=ABCMeta):
         self.d = d
         self.uri = uri
         self.archive = os.path.basename(uri)
+        self.tempdirobj = None
         if not tmpdir:
             tmpdir = self.d.getVar('WORKDIR')
             if not tmpdir:
@@ -71,9 +72,10 @@ class BuildProject(metaclass=ABCMeta):
         return self._run('cd %s; make install %s' % (self.targetdir, install_args))
 
     def clean(self):
+        if self.tempdirobj:
+            self.tempdirobj.cleanup()
         self._run('rm -rf %s' % self.targetdir)
         subprocess.check_call('rm -f %s' % self.localarchive, shell=True)
-        pass
 
 class TargetBuildProject(BuildProject):
 
diff --git a/meta/lib/oeqa/utils/testexport.py b/meta/lib/oeqa/utils/testexport.py
index e89d130a9c..3ab024d9e9 100644
--- a/meta/lib/oeqa/utils/testexport.py
+++ b/meta/lib/oeqa/utils/testexport.py
@@ -60,17 +60,17 @@ def process_binaries(d, params):
     export_env = d.getVar("TEST_EXPORT_ONLY")
 
     def extract_binary(pth_to_pkg, dest_pth=None):
-        cpio_command = runCmd("which cpio")
-        rpm2cpio_command = runCmd("ls /usr/bin/rpm2cpio")
-        if (cpio_command.status != 0) and (rpm2cpio_command.status != 0):
-            bb.fatal("Either \"rpm2cpio\" or \"cpio\" tools are not available on your system."
+        tar_command = runCmd("which tar")
+        rpm2archive_command = runCmd("ls /usr/bin/rpm2archive")
+        if (tar_command.status != 0) and (rpm2archive_command.status != 0):
+            bb.fatal("Either \"rpm2archive\" or \"tar\" tools are not available on your system."
                     "All binaries extraction processes will not be available, crashing all related tests."
                     "Please install them according to your OS recommendations") # will exit here
         if dest_pth:
             os.chdir(dest_pth)
         else:
             os.chdir("%s" % os.sep)# this is for native package
-        extract_bin_command = runCmd("%s %s | %s -idm" % (rpm2cpio_command.output, pth_to_pkg, cpio_command.output)) # semi-hardcoded because of a bug on poky's rpm2cpio
+        extract_bin_command = runCmd("%s -n %s | %s xv" % (rpm2archive_command.output, pth_to_pkg, tar_command.output)) # semi-hardcoded because of a bug on poky's rpm2cpio
         return extract_bin_command
 
     if determine_if_poky_env(): # machine with poky environment
diff --git a/meta/lib/patchtest/README.md b/meta/lib/patchtest/README.md
new file mode 100644
index 0000000000..27cc61c802
--- /dev/null
+++ b/meta/lib/patchtest/README.md
@@ -0,0 +1,20 @@
+# patchtest selftests for openembedded-core
+
+This directory provides a test suite and selftest script for use with the
+patchtest repository: <https://git.yoctoproject.org/patchtest/>
+
+To setup for use:
+
+1. Clone <https://git.openembedded.org/openembedded-core> (this repo) and <https://git.openembedded.org/bitbake/>
+2. Clone <https://git.yoctoproject.org/patchtest>
+3. Install the necessary Python modules: in meta/lib/patchtest or the patchtest
+   repo, do `pip install -r requirements.txt`
+4. Add patchtest to PATH: `export PATH=/path/to/patchtest/repo:$PATH`
+5. Initialize the environment: `source oe-init-build-env`
+6. Add meta-selftest to bblayers.conf: `bitbake-layers add-layer
+   /path/to/meta-selftest/` (the selftests use this layer's recipes as test
+   targets)
+7. Finally, run the selftest script: `./meta/lib/patchtest/selftest/selftest`
+
+For more information on using patchtest, see the patchtest repo at
+<https://git.yoctoproject.org/patchtest/>.
diff --git a/meta/lib/patchtest/mbox.py b/meta/lib/patchtest/mbox.py
new file mode 100644
index 0000000000..1d95819b7a
--- /dev/null
+++ b/meta/lib/patchtest/mbox.py
@@ -0,0 +1,108 @@
+#! /usr/bin/env python3
+
+# series.py
+#
+# Read a series' mbox file and get information about the patches
+# contained
+#
+# Copyright (C) 2024 BayLibre SAS
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+
+import email
+import re
+
+# From: https://stackoverflow.com/questions/59681461/read-a-big-mbox-file-with-python
+class MboxReader:
+    def __init__(self, filepath):
+        self.handle = open(filepath, 'rb')
+        assert self.handle.readline().startswith(b'From ')
+
+    def __enter__(self):
+        return self
+
+    def __exit__(self, exc_type, exc_value, exc_traceback):
+        self.handle.close()
+
+    def __iter__(self):
+        return iter(self.__next__())
+
+    def __next__(self):
+        lines = []
+        while True:
+            line = self.handle.readline()
+            if line == b'' or line.startswith(b'From '):
+                yield email.message_from_bytes(b''.join(lines))
+                if line == b'':
+                    break
+                lines = []
+                continue
+            lines.append(line)
+
+class Patch:
+    def __init__(self, data):
+        self.author = data['From']
+        self.to = data['To']
+        self.cc = data['Cc']
+        self.subject = data['Subject']
+        self.split_body = re.split('---', data.get_payload(), maxsplit=1)
+        self.commit_message = self.split_body[0]
+        self.diff = self.split_body[1]
+
+class PatchSeries:
+    def __init__(self, filepath):
+        with MboxReader(filepath) as mbox:
+            self.patches = [Patch(message) for message in mbox]
+
+        assert self.patches
+        self.patch_count = len(self.patches)
+        self.path = filepath
+
+        @property
+        def path(self):
+            return self.path
+
+        self.branch = self.get_branch()
+
+    def get_branch(self):
+        fullprefix = ""
+        pattern = re.compile(r"(\[.*\])", re.DOTALL)
+
+        # There should be at least one patch in the series and it should
+        # include the branch name in the subject, so parse that
+        match = pattern.search(self.patches[0].subject)
+        if match:
+            fullprefix = match.group(1)
+
+        branch, branches, valid_branches = None, [], []
+
+        if fullprefix:
+            prefix = fullprefix.strip('[]')
+            branches = [ b.strip() for b in prefix.split(',')]
+            valid_branches = [b for b in branches if PatchSeries.valid_branch(b)]
+
+        if len(valid_branches):
+            branch = valid_branches[0]
+
+        # Get the branch name excluding any brackets. If nothing was
+        # found, then assume there was no branch tag in the subject line
+        # and that the patch targets master
+        if branch is not None:
+            return branch.split(']')[0]
+        else:
+            return "master"
+
+    @staticmethod
+    def valid_branch(branch):
+        """ Check if branch is valid name """
+        lbranch = branch.lower()
+
+        invalid  = lbranch.startswith('patch') or \
+                   lbranch.startswith('rfc') or \
+                   lbranch.startswith('resend') or \
+                   re.search(r'^v\d+', lbranch) or \
+                   re.search(r'^\d+/\d+', lbranch)
+
+        return not invalid
+
diff --git a/meta/lib/patchtest/patchtest_parser.py b/meta/lib/patchtest/patchtest_parser.py
new file mode 100644
index 0000000000..2a11cb76c2
--- /dev/null
+++ b/meta/lib/patchtest/patchtest_parser.py
@@ -0,0 +1,78 @@
+# ex:ts=4:sw=4:sts=4:et
+# -*- tab-width: 4; c-basic-offset: 4; indent-tabs-mode: nil -*-
+#
+# patchtestdata: module used to share command line arguments between
+#                patchtest & test suite and a data store between test cases
+#
+# Copyright (C) 2016 Intel Corporation
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+# NOTE: Strictly speaking, unit test should be isolated from outside,
+#       but patchtest test suites uses command line input data and
+#       pretest and test test cases may use the datastore defined
+#       on this module
+
+import os
+import argparse
+
+default_testdir = os.path.abspath(os.path.dirname(__file__) + "/tests")
+default_repodir = os.path.abspath(os.path.dirname(__file__) + "/../../..")
+
+class PatchtestParser(object):
+    """Abstract the patchtest argument parser"""
+
+    @classmethod
+    def set_namespace(cls):
+        parser = cls.get_parser()
+        parser.parse_args(namespace=cls)
+
+    @classmethod
+    def get_parser(cls):
+        parser = argparse.ArgumentParser()
+
+        target_patch_group = parser.add_mutually_exclusive_group(required=True)
+
+        target_patch_group.add_argument('--patch', metavar='PATCH', dest='patch_path',
+                            help='The patch to be tested')
+
+        target_patch_group.add_argument('--directory', metavar='DIRECTORY', dest='patch_path',
+                            help='The directory containing patches to be tested')
+
+        parser.add_argument('--repodir', metavar='REPO',
+                            default=default_repodir,
+                            help="Name of the repository where patch is merged")
+
+        parser.add_argument('--testdir', metavar='TESTDIR',
+                            default=default_testdir,
+                            help="Directory where test cases are located")
+
+        parser.add_argument('--top-level-directory', '-t',
+                            dest='topdir',
+                            default=None,
+                            help="Top level directory of project (defaults to start directory)")
+
+        parser.add_argument('--pattern', '-p',
+                            dest='pattern',
+                            default='test*.py',
+                            help="Pattern to match test files")
+
+        parser.add_argument('--base-branch', '-b',
+                            dest='basebranch',
+                            help="Branch name used by patchtest to branch from. By default, it uses the current one.")
+
+        parser.add_argument('--base-commit', '-c',
+                            dest='basecommit',
+                            help="Commit ID used by patchtest to branch from. By default, it uses HEAD.")
+
+        parser.add_argument('--debug', '-d',
+                            action='store_true',
+                            help='Enable debug output')
+
+        parser.add_argument('--log-results', 
+                            action='store_true', 
+                            help='Enable logging to a file matching the target patch name with ".testresult" appended')
+
+
+        return parser
+
diff --git a/meta/lib/patchtest/patchtest_patterns.py b/meta/lib/patchtest/patchtest_patterns.py
new file mode 100644
index 0000000000..50637cf499
--- /dev/null
+++ b/meta/lib/patchtest/patchtest_patterns.py
@@ -0,0 +1,98 @@
+# common pyparsing variables
+#
+# Copyright (C) 2016 Intel Corporation
+#
+# SPDX-License-Identifier: GPL-2.0-only
+
+import pyparsing
+import re
+
+# general
+colon = pyparsing.Literal(":")
+line_start = pyparsing.LineStart()
+line_end = pyparsing.LineEnd()
+lessthan = pyparsing.Literal("<")
+greaterthan = pyparsing.Literal(">")
+inappropriate = pyparsing.CaselessLiteral("Inappropriate")
+submitted = pyparsing.CaselessLiteral("Submitted")
+
+# word related
+nestexpr = pyparsing.nestedExpr(opener='[', closer=']')
+inappropriateinfo = pyparsing.Literal("Inappropriate") + nestexpr
+submittedinfo = pyparsing.Literal("Submitted") + nestexpr
+word = pyparsing.Word(pyparsing.alphas)
+worddot = pyparsing.Word(pyparsing.alphas+".")
+
+# metadata
+
+metadata_lic = 'LICENSE'
+invalid_license = 'PATCHTESTINVALID'
+metadata_chksum = 'LIC_FILES_CHKSUM'
+license_var  = 'LICENSE'
+closed   = 'CLOSED'
+lictag_re  = pyparsing.AtLineStart("License-Update:")
+lic_chksum_added = pyparsing.AtLineStart("+" + metadata_chksum)
+lic_chksum_removed = pyparsing.AtLineStart("-" + metadata_chksum)
+add_mark = pyparsing.Regex('\\+ ')
+patch_max_line_length = 200
+metadata_src_uri = "SRC_URI"
+metadata_summary = "SUMMARY"
+cve_check_ignore_var = "CVE_CHECK_IGNORE"
+cve_status_var = "CVE_STATUS"
+endcommit_messages_regex = re.compile(
+    r"\(From \w+-\w+ rev:|(?<!\S)Signed-off-by|(?<!\S)---\n"
+)
+patchmetadata_regex = re.compile(
+    r"-{3} \S+|\+{3} \S+|@{2} -\d+,\d+ \+\d+,\d+ @{2} \S+"
+)
+
+# mbox
+auh_email = 'auh@yoctoproject.org'
+
+invalid_submitters = [pyparsing.Regex("^Upgrade Helper.+"),
+            pyparsing.Regex(auh_email),
+            pyparsing.Regex("uh@not\.set"),
+            pyparsing.Regex("\S+@example\.com")]
+
+mbox_bugzilla = pyparsing.Regex('\[\s?YOCTO.*\]')
+mbox_bugzilla_validation = pyparsing.Regex('\[(\s?YOCTO\s?#\s?(\d+)\s?,?)+\]')
+mbox_revert_shortlog_regex = pyparsing.Regex('Revert\s+".*"')
+mbox_shortlog_maxlength = 90
+# based on https://stackoverflow.com/questions/30281026/regex-parsing-github-usernames-javascript
+mbox_github_username = pyparsing.Regex('\B@([a-z0-9](?:-(?=[a-z0-9])|[a-z0-9]){0,38}(?<=[a-z0-9]))')
+
+# patch
+
+cve = pyparsing.Regex("CVE\-\d{4}\-\d+")
+cve_payload_tag = pyparsing.Regex("\+CVE:(\s+CVE\-\d{4}\-\d+)+")
+upstream_status_regex = pyparsing.AtLineStart("+" + "Upstream-Status")
+
+# shortlog
+
+shortlog_target = pyparsing.OneOrMore(pyparsing.Word(pyparsing.printables.replace(':','')))
+shortlog_summary = pyparsing.OneOrMore(pyparsing.Word(pyparsing.printables))
+shortlog = line_start + shortlog_target + colon + shortlog_summary + line_end
+
+# signed-off-bys
+
+email_pattern = pyparsing.Regex(r"(?P<user>[A-Za-z0-9._%+-]+)@(?P<hostname>[A-Za-z0-9.-]+)\.(?P<domain>[A-Za-z]{2,})")
+
+signed_off_by_prefix = pyparsing.Literal("Signed-off-by:")
+signed_off_by_name = pyparsing.Regex('\S+.*(?= <)')
+signed_off_by_email = lessthan + email_pattern + greaterthan
+signed_off_by = pyparsing.AtLineStart(signed_off_by_prefix + signed_off_by_name + signed_off_by_email)
+patch_signed_off_by = pyparsing.AtLineStart("+" + signed_off_by_prefix + signed_off_by_name + signed_off_by_email)
+
+# upstream-status
+
+upstream_status_literal_valid_status = ["Pending", "Backport", "Denied", "Inappropriate", "Submitted", "Inactive-Upstream"]
+upstream_status_nonliteral_valid_status = ["Pending", "Backport", "Denied", "Inappropriate [reason]", "Submitted [where]", "Inactive-Upstream [lastcommit: when (and/or) lastrelease: when]"]
+
+upstream_status_valid_status = pyparsing.Or(
+    [pyparsing.Literal(status) for status in upstream_status_literal_valid_status]
+)
+
+upstream_status_prefix = pyparsing.Literal("Upstream-Status")
+upstream_status = line_start + upstream_status_prefix + colon + upstream_status_valid_status
+upstream_status_inappropriate_info = line_start + upstream_status_prefix + colon + inappropriateinfo
+upstream_status_submitted_info = line_start + upstream_status_prefix + colon + submittedinfo
diff --git a/meta/lib/patchtest/repo.py b/meta/lib/patchtest/repo.py
new file mode 100644
index 0000000000..8ec8f68a0b
--- /dev/null
+++ b/meta/lib/patchtest/repo.py
@@ -0,0 +1,85 @@
+# ex:ts=4:sw=4:sts=4:et
+# -*- tab-width: 4; c-basic-offset: 4; indent-tabs-mode: nil -*-
+#
+# patchtestrepo: PatchTestRepo class used mainly to control a git repo from patchtest
+#
+# Copyright (C) 2016 Intel Corporation
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+
+import git
+import os
+import mbox
+
+class PatchTestRepo(object):
+
+    # prefixes used for temporal branches/stashes
+    prefix = 'patchtest'
+
+    def __init__(self, patch, repodir, commit=None, branch=None):
+        self.repodir = repodir
+        self.repo = git.Repo.init(repodir)
+        self.patch = mbox.PatchSeries(patch)
+        self.current_branch = self.repo.active_branch.name
+
+        # targeted branch defined on the patch may be invalid, so make sure there
+        # is a corresponding remote branch
+        valid_patch_branch = None
+        if self.patch.branch in self.repo.branches:
+            valid_patch_branch = self.patch.branch
+            
+        # Target Commit
+        # Priority (top has highest priority):
+        #    1. commit given at cmd line
+        #    2. branch given at cmd line
+        #    3. branch given at the patch
+        #    3. current HEAD
+        self._commit = self._get_commitid(commit) or \
+          self._get_commitid(branch) or \
+          self._get_commitid(valid_patch_branch) or \
+          self._get_commitid('HEAD')
+
+        self._workingbranch = "%s_%s" % (PatchTestRepo.prefix, os.getpid())
+
+        # create working branch. Use the '-B' flag so that we just
+        # check out the existing one if it's there
+        self.repo.git.execute(['git', 'checkout', '-B', self._workingbranch, self._commit])
+
+        self._patchmerged = False
+
+        # Check if patch can be merged using git-am
+        self._patchcanbemerged = True
+        try:
+            # Make sure to get the absolute path of the file
+            self.repo.git.execute(['git', 'apply', '--check', os.path.abspath(self.patch.path)], with_exceptions=True)
+        except git.exc.GitCommandError as ce:
+            self._patchcanbemerged = False
+
+    def ismerged(self):
+        return self._patchmerged
+
+    def canbemerged(self):
+        return self._patchcanbemerged
+
+    def _get_commitid(self, commit):
+
+        if not commit:
+            return None
+
+        try:
+            return self.repo.rev_parse(commit).hexsha
+        except Exception as e:
+            print(f"Couldn't find commit {commit} in repo")
+
+        return None
+
+    def merge(self):
+        if self._patchcanbemerged:
+            self.repo.git.execute(['git', 'am', '--keep-cr', os.path.abspath(self.patch.path)])
+            self._patchmerged = True
+
+    def clean(self):
+        self.repo.git.execute(['git', 'checkout', self.current_branch])
+        self.repo.git.execute(['git', 'branch', '-D', self._workingbranch])
+        self._patchmerged = False
diff --git a/meta/lib/patchtest/requirements.txt b/meta/lib/patchtest/requirements.txt
new file mode 100644
index 0000000000..4247b91f09
--- /dev/null
+++ b/meta/lib/patchtest/requirements.txt
@@ -0,0 +1,7 @@
+boto3
+git-pw>=2.5.0
+GitPython
+jinja2
+pylint
+pyparsing>=3.0.9
+unidiff
diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_author_valid.1.fail b/meta/lib/patchtest/selftest/files/TestMbox.test_author_valid.1.fail
new file mode 100644
index 0000000000..30c1bc4624
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMbox.test_author_valid.1.fail
@@ -0,0 +1,43 @@
+From 04eb94a0134ef5eb5b5fd783b303104fbfcd8437 Mon Sep 17 00:00:00 2001
+From: First Last <first.last@example.com>
+Date: Fri, 31 May 2024 11:03:47 -0400
+Subject: [PATCH] selftest-hello: add selftest-hello-extra
+
+This should fail the test_author_valid test.
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ .../selftest-hello-extra_1.0.bb               | 21 +++++++++++++++++++
+ 1 file changed, 21 insertions(+)
+ create mode 100644 meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb
+new file mode 100644
+index 00000000000..f3dec1b220c
+--- /dev/null
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb
+@@ -0,0 +1,21 @@
++SUMMARY = "This is an example summary"
++DESCRIPTION = "Simple helloworld application -- selftest variant"
++SECTION = "examples"
++LICENSE = "MIT"
++LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
++
++SRC_URI = "file://helloworld.c"
++
++S = "${WORKDIR}/sources"
++UNPACKDIR = "${S}"
++
++do_compile() {
++       ${CC} ${CFLAGS} ${LDFLAGS} helloworld.c -o helloworld
++}
++
++do_install() {
++       install -d ${D}${bindir}
++       install -m 0755 helloworld ${D}${bindir}
++}
++
++BBCLASSEXTEND = "native nativesdk"
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_author_valid.1.pass b/meta/lib/patchtest/selftest/files/TestMbox.test_author_valid.1.pass
new file mode 100644
index 0000000000..6e82b08bc6
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMbox.test_author_valid.1.pass
@@ -0,0 +1,43 @@
+From 04eb94a0134ef5eb5b5fd783b303104fbfcd8437 Mon Sep 17 00:00:00 2001
+From: First Last <first.last@address.com>
+Date: Fri, 31 May 2024 11:03:47 -0400
+Subject: [PATCH] selftest-hello: add selftest-hello-extra
+
+This should pass the test_author_valid test.
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ .../selftest-hello-extra_1.0.bb               | 21 +++++++++++++++++++
+ 1 file changed, 21 insertions(+)
+ create mode 100644 meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb
+new file mode 100644
+index 00000000000..f3dec1b220c
+--- /dev/null
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb
+@@ -0,0 +1,21 @@
++SUMMARY = "This is an example summary"
++DESCRIPTION = "Simple helloworld application -- selftest variant"
++SECTION = "examples"
++LICENSE = "MIT"
++LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
++
++SRC_URI = "file://helloworld.c"
++
++S = "${WORKDIR}/sources"
++UNPACKDIR = "${S}"
++
++do_compile() {
++       ${CC} ${CFLAGS} ${LDFLAGS} helloworld.c -o helloworld
++}
++
++do_install() {
++       install -d ${D}${bindir}
++       install -m 0755 helloworld ${D}${bindir}
++}
++
++BBCLASSEXTEND = "native nativesdk"
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_author_valid.2.fail b/meta/lib/patchtest/selftest/files/TestMbox.test_author_valid.2.fail
new file mode 100644
index 0000000000..745a8f45d9
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMbox.test_author_valid.2.fail
@@ -0,0 +1,43 @@
+From 04eb94a0134ef5eb5b5fd783b303104fbfcd8437 Mon Sep 17 00:00:00 2001
+From: Upgrade Helper <auh@auh.yoctoproject.org>
+Date: Fri, 31 May 2024 11:03:47 -0400
+Subject: [PATCH] selftest-hello: add selftest-hello-extra
+
+This should fail the test_author_valid test.
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ .../selftest-hello-extra_1.0.bb               | 21 +++++++++++++++++++
+ 1 file changed, 21 insertions(+)
+ create mode 100644 meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb
+new file mode 100644
+index 00000000000..f3dec1b220c
+--- /dev/null
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb
+@@ -0,0 +1,21 @@
++SUMMARY = "This is an example summary"
++DESCRIPTION = "Simple helloworld application -- selftest variant"
++SECTION = "examples"
++LICENSE = "MIT"
++LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
++
++SRC_URI = "file://helloworld.c"
++
++S = "${WORKDIR}/sources"
++UNPACKDIR = "${S}"
++
++do_compile() {
++       ${CC} ${CFLAGS} ${LDFLAGS} helloworld.c -o helloworld
++}
++
++do_install() {
++       install -d ${D}${bindir}
++       install -m 0755 helloworld ${D}${bindir}
++}
++
++BBCLASSEXTEND = "native nativesdk"
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_author_valid.2.pass b/meta/lib/patchtest/selftest/files/TestMbox.test_author_valid.2.pass
new file mode 100644
index 0000000000..56cb77fa69
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMbox.test_author_valid.2.pass
@@ -0,0 +1,43 @@
+From 04eb94a0134ef5eb5b5fd783b303104fbfcd8437 Mon Sep 17 00:00:00 2001
+From: First Last <averylongemailaddressthatishardtoread.from@address.com>
+Date: Fri, 31 May 2024 11:03:47 -0400
+Subject: [PATCH] selftest-hello: add selftest-hello-extra
+
+This should pass the test_author_valid test.
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ .../selftest-hello-extra_1.0.bb               | 21 +++++++++++++++++++
+ 1 file changed, 21 insertions(+)
+ create mode 100644 meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb
+new file mode 100644
+index 00000000000..f3dec1b220c
+--- /dev/null
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb
+@@ -0,0 +1,21 @@
++SUMMARY = "This is an example summary"
++DESCRIPTION = "Simple helloworld application -- selftest variant"
++SECTION = "examples"
++LICENSE = "MIT"
++LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
++
++SRC_URI = "file://helloworld.c"
++
++S = "${WORKDIR}/sources"
++UNPACKDIR = "${S}"
++
++do_compile() {
++       ${CC} ${CFLAGS} ${LDFLAGS} helloworld.c -o helloworld
++}
++
++do_install() {
++       install -d ${D}${bindir}
++       install -m 0755 helloworld ${D}${bindir}
++}
++
++BBCLASSEXTEND = "native nativesdk"
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_bugzilla_entry_format.fail b/meta/lib/patchtest/selftest/files/TestMbox.test_bugzilla_entry_format.fail
new file mode 100644
index 0000000000..6facb8c756
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMbox.test_bugzilla_entry_format.fail
@@ -0,0 +1,67 @@
+From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Fri, 31 May 2024 09:54:50 -0400
+Subject: [PATCH] selftest-hello: fix CVE-1234-56789
+
+This should fail the test_bugzilla_entry_format test.
+
+[YOCTO 1234]
+CVE: CVE-1234-56789
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ .../files/0001-Fix-CVE-1234-56789.patch       | 26 +++++++++++++++++++
+ .../selftest-hello/selftest-hello_1.0.bb      |  4 ++-
+ 2 files changed, 29 insertions(+), 1 deletion(-)
+ create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+new file mode 100644
+index 00000000000..8a4f9329303
+--- /dev/null
++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+@@ -0,0 +1,26 @@
++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001
++From: Trevor Gamblin <tgamblin@baylibre.com>
++Date: Tue, 29 Aug 2023 14:08:20 -0400
++Subject: [PATCH] Fix CVE-NOT-REAL
++
++CVE: CVE-1234-56789
++Upstream-Status: Backport(http://example.com/example)
++
++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
++---
++ strlen.c | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/strlen.c b/strlen.c
++index 1788f38..83d7918 100644
++--- a/strlen.c
+++++ b/strlen.c
++
++int main() {
++
++       printf("%d\n", str_len(string1));
++       printf("%d\n", str_len(string2));
++       printf("CVE FIXED!!!\n");
++
++       return 0;
++}
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+index 2dc352d479e..d937759f157 100644
+--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+@@ -3,7 +3,9 @@ SECTION = "examples"
+ LICENSE = "MIT"
+ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
+ 
+-SRC_URI = "file://helloworld.c"
++SRC_URI = "file://helloworld.c \
++           file://0001-Fix-CVE-1234-56789.patch \
++          "
+ 
+ S = "${WORKDIR}/sources"
+ UNPACKDIR = "${S}"
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_bugzilla_entry_format.pass b/meta/lib/patchtest/selftest/files/TestMbox.test_bugzilla_entry_format.pass
new file mode 100644
index 0000000000..2f35458b4f
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMbox.test_bugzilla_entry_format.pass
@@ -0,0 +1,67 @@
+From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Fri, 31 May 2024 09:54:50 -0400
+Subject: [PATCH] selftest-hello: fix CVE-1234-56789
+
+This should pass the test_bugzilla_entry_format test.
+
+[YOCTO #1234]
+CVE: CVE-1234-56789
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ .../files/0001-Fix-CVE-1234-56789.patch       | 26 +++++++++++++++++++
+ .../selftest-hello/selftest-hello_1.0.bb      |  4 ++-
+ 2 files changed, 29 insertions(+), 1 deletion(-)
+ create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+new file mode 100644
+index 00000000000..8a4f9329303
+--- /dev/null
++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+@@ -0,0 +1,26 @@
++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001
++From: Trevor Gamblin <tgamblin@baylibre.com>
++Date: Tue, 29 Aug 2023 14:08:20 -0400
++Subject: [PATCH] Fix CVE-NOT-REAL
++
++CVE: CVE-1234-56789
++Upstream-Status: Backport(http://example.com/example)
++
++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
++---
++ strlen.c | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/strlen.c b/strlen.c
++index 1788f38..83d7918 100644
++--- a/strlen.c
+++++ b/strlen.c
++
++int main() {
++
++       printf("%d\n", str_len(string1));
++       printf("%d\n", str_len(string2));
++       printf("CVE FIXED!!!\n");
++
++       return 0;
++}
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+index 2dc352d479e..d937759f157 100644
+--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+@@ -3,7 +3,9 @@ SECTION = "examples"
+ LICENSE = "MIT"
+ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
+ 
+-SRC_URI = "file://helloworld.c"
++SRC_URI = "file://helloworld.c \
++           file://0001-Fix-CVE-1234-56789.patch \
++          "
+ 
+ S = "${WORKDIR}/sources"
+ UNPACKDIR = "${S}"
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_commit_message_presence.fail b/meta/lib/patchtest/selftest/files/TestMbox.test_commit_message_presence.fail
new file mode 100644
index 0000000000..6f4e61c0da
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMbox.test_commit_message_presence.fail
@@ -0,0 +1,62 @@
+From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Fri, 31 May 2024 09:54:50 -0400
+Subject: [PATCH] selftest-hello: fix CVE-1234-56789
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ .../files/0001-Fix-CVE-1234-56789.patch       | 26 +++++++++++++++++++
+ .../selftest-hello/selftest-hello_1.0.bb      |  4 ++-
+ 2 files changed, 29 insertions(+), 1 deletion(-)
+ create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+new file mode 100644
+index 00000000000..8a4f9329303
+--- /dev/null
++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+@@ -0,0 +1,26 @@
++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001
++From: Trevor Gamblin <tgamblin@baylibre.com>
++Date: Tue, 29 Aug 2023 14:08:20 -0400
++Subject: [PATCH] Fix CVE-NOT-REAL
++
++CVE: CVE-1234-56789
++Upstream-Status: Backport(http://example.com/example)
++
++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
++---
++ strlen.c | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/strlen.c b/strlen.c
++index 1788f38..83d7918 100644
++--- a/strlen.c
+++++ b/strlen.c
++
++int main() {
++
++       printf("%d\n", str_len(string1));
++       printf("%d\n", str_len(string2));
++       printf("CVE FIXED!!!\n");
++
++       return 0;
++}
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+index 2dc352d479e..d937759f157 100644
+--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+@@ -3,7 +3,9 @@ SECTION = "examples"
+ LICENSE = "MIT"
+ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
+ 
+-SRC_URI = "file://helloworld.c"
++SRC_URI = "file://helloworld.c \
++           file://0001-Fix-CVE-1234-56789.patch \
++          "
+ 
+ S = "${WORKDIR}/sources"
+ UNPACKDIR = "${S}"
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_commit_message_presence.pass b/meta/lib/patchtest/selftest/files/TestMbox.test_commit_message_presence.pass
new file mode 100644
index 0000000000..3fbc23fd00
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMbox.test_commit_message_presence.pass
@@ -0,0 +1,66 @@
+From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Fri, 31 May 2024 09:54:50 -0400
+Subject: [PATCH] selftest-hello: fix CVE-1234-56789
+
+This should pass the test_commit_message_presence test.
+
+CVE: CVE-1234-56789
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ .../files/0001-Fix-CVE-1234-56789.patch       | 26 +++++++++++++++++++
+ .../selftest-hello/selftest-hello_1.0.bb      |  4 ++-
+ 2 files changed, 29 insertions(+), 1 deletion(-)
+ create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+new file mode 100644
+index 00000000000..8a4f9329303
+--- /dev/null
++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+@@ -0,0 +1,26 @@
++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001
++From: Trevor Gamblin <tgamblin@baylibre.com>
++Date: Tue, 29 Aug 2023 14:08:20 -0400
++Subject: [PATCH] Fix CVE-NOT-REAL
++
++CVE: CVE-1234-56789
++Upstream-Status: Backport(http://example.com/example)
++
++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
++---
++ strlen.c | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/strlen.c b/strlen.c
++index 1788f38..83d7918 100644
++--- a/strlen.c
+++++ b/strlen.c
++
++int main() {
++
++       printf("%d\n", str_len(string1));
++       printf("%d\n", str_len(string2));
++       printf("CVE FIXED!!!\n");
++
++       return 0;
++}
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+index 2dc352d479e..d937759f157 100644
+--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+@@ -3,7 +3,9 @@ SECTION = "examples"
+ LICENSE = "MIT"
+ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
+ 
+-SRC_URI = "file://helloworld.c"
++SRC_URI = "file://helloworld.c \
++           file://0001-Fix-CVE-1234-56789.patch \
++          "
+ 
+ S = "${WORKDIR}/sources"
+ UNPACKDIR = "${S}"
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_commit_message_user_tags.fail b/meta/lib/patchtest/selftest/files/TestMbox.test_commit_message_user_tags.fail
new file mode 100644
index 0000000000..9d54af9644
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMbox.test_commit_message_user_tags.fail
@@ -0,0 +1,65 @@
+From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Fri, 31 May 2024 09:54:50 -0400
+Subject: [PATCH] selftest-hello: fix CVE-1234-56789
+
+This should fail the test_commit_message_user_tags test because of this
+string: @teststring
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ .../files/0001-Fix-CVE-1234-56789.patch       | 26 +++++++++++++++++++
+ .../selftest-hello/selftest-hello_1.0.bb      |  4 ++-
+ 2 files changed, 29 insertions(+), 1 deletion(-)
+ create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+new file mode 100644
+index 00000000000..8a4f9329303
+--- /dev/null
++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+@@ -0,0 +1,26 @@
++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001
++From: Trevor Gamblin <tgamblin@baylibre.com>
++Date: Tue, 29 Aug 2023 14:08:20 -0400
++Subject: [PATCH] Fix CVE-NOT-REAL
++
++CVE: CVE-1234-56789
++Upstream-Status: Backport(http://example.com/example)
++
++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
++---
++ strlen.c | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/strlen.c b/strlen.c
++index 1788f38..83d7918 100644
++--- a/strlen.c
+++++ b/strlen.c
++
++int main() {
++
++       printf("%d\n", str_len(string1));
++       printf("%d\n", str_len(string2));
++       printf("CVE FIXED!!!\n");
++
++       return 0;
++}
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+index 2dc352d479e..d937759f157 100644
+--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+@@ -3,7 +3,9 @@ SECTION = "examples"
+ LICENSE = "MIT"
+ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
+ 
+-SRC_URI = "file://helloworld.c"
++SRC_URI = "file://helloworld.c \
++           file://0001-Fix-CVE-1234-56789.patch \
++          "
+ 
+ S = "${WORKDIR}/sources"
+ UNPACKDIR = "${S}"
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_commit_message_user_tags.pass b/meta/lib/patchtest/selftest/files/TestMbox.test_commit_message_user_tags.pass
new file mode 100644
index 0000000000..57f2fc8a8e
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMbox.test_commit_message_user_tags.pass
@@ -0,0 +1,66 @@
+From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Fri, 31 May 2024 09:54:50 -0400
+Subject: [PATCH] selftest-hello: fix CVE-1234-56789
+
+This should pass the test_commit_message_user_tags test.
+
+CVE: CVE-1234-56789
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ .../files/0001-Fix-CVE-1234-56789.patch       | 26 +++++++++++++++++++
+ .../selftest-hello/selftest-hello_1.0.bb      |  4 ++-
+ 2 files changed, 29 insertions(+), 1 deletion(-)
+ create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+new file mode 100644
+index 00000000000..8a4f9329303
+--- /dev/null
++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+@@ -0,0 +1,26 @@
++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001
++From: Trevor Gamblin <tgamblin@baylibre.com>
++Date: Tue, 29 Aug 2023 14:08:20 -0400
++Subject: [PATCH] Fix CVE-NOT-REAL
++
++CVE: CVE-1234-56789
++Upstream-Status: Backport(http://example.com/example)
++
++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
++---
++ strlen.c | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/strlen.c b/strlen.c
++index 1788f38..83d7918 100644
++--- a/strlen.c
+++++ b/strlen.c
++
++int main() {
++
++       printf("%d\n", str_len(string1));
++       printf("%d\n", str_len(string2));
++       printf("CVE FIXED!!!\n");
++
++       return 0;
++}
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+index 2dc352d479e..d937759f157 100644
+--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+@@ -3,7 +3,9 @@ SECTION = "examples"
+ LICENSE = "MIT"
+ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
+ 
+-SRC_URI = "file://helloworld.c"
++SRC_URI = "file://helloworld.c \
++           file://0001-Fix-CVE-1234-56789.patch \
++          "
+ 
+ S = "${WORKDIR}/sources"
+ UNPACKDIR = "${S}"
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_mbox_format.fail b/meta/lib/patchtest/selftest/files/TestMbox.test_mbox_format.fail
new file mode 100644
index 0000000000..0dda6802d1
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMbox.test_mbox_format.fail
@@ -0,0 +1,66 @@
+From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Fri, 31 May 2024 09:54:50 -0400
+Subject: [PATCH] selftest-hello: fix CVE-1234-56789
+
+This should fail the test_mbox_format test.
+
+CVE: CVE-1234-56789
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ .../files/0001-Fix-CVE-1234-56789.patch       | 26 +++++++++++++++++++
+ .../selftest-hello/selftest-hello_1.0.bb      |  4 ++-
+ 2 files changed, 29 insertions(+), 1 deletion(-)
+ create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+new file mode 100644
+index 00000000000..8a4f9329303
+--- /dev/null
++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+@@ -0,0 +1,26 @@
++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001
++From: Trevor Gamblin <tgamblin@baylibre.com>
++Date: Tue, 29 Aug 2023 14:08:20 -0400
++Subject: [PATCH] Fix CVE-NOT-REAL
++
++CVE: CVE-1234-56789
++Upstream-Status: Backport(http://example.com/example)
++
++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
++---
++ strlen.c | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/strlen.c b/strlen.c
++index 1788f38..83d7918 100644
++--- a/strlen.c
+++++ b/strlen.c
++
++int main() {
++
++       printf("%d\n", str_len(string1));
++       printf("%d\n", str_len(string2));
++       printf("CVE FIXED!!!\n");
++
++       return 0;
++}
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+index 2dc352d479e..d937759f157 100644
+--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+@@ -3,7 +3,9 @@ SECTION = "examples"
+ LICENSE = "MIT"
+ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
+ 
+-SRC_URI = "file://helloworld.c"
++SRC_URI = "file://helloworld.c \
+%+           file://0001-Fix-CVE-1234-56789.patch \
++          "
+ 
+ S = "${WORKDIR}/sources"
+ UNPACKDIR = "${S}"
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_mbox_format.pass b/meta/lib/patchtest/selftest/files/TestMbox.test_mbox_format.pass
new file mode 100644
index 0000000000..f06ae11d04
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMbox.test_mbox_format.pass
@@ -0,0 +1,66 @@
+From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Fri, 31 May 2024 09:54:50 -0400
+Subject: [PATCH] selftest-hello: fix CVE-1234-56789
+
+This should pass the test_mbox_format test.
+
+CVE: CVE-1234-56789
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ .../files/0001-Fix-CVE-1234-56789.patch       | 26 +++++++++++++++++++
+ .../selftest-hello/selftest-hello_1.0.bb      |  4 ++-
+ 2 files changed, 29 insertions(+), 1 deletion(-)
+ create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+new file mode 100644
+index 00000000000..8a4f9329303
+--- /dev/null
++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+@@ -0,0 +1,26 @@
++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001
++From: Trevor Gamblin <tgamblin@baylibre.com>
++Date: Tue, 29 Aug 2023 14:08:20 -0400
++Subject: [PATCH] Fix CVE-NOT-REAL
++
++CVE: CVE-1234-56789
++Upstream-Status: Backport(http://example.com/example)
++
++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
++---
++ strlen.c | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/strlen.c b/strlen.c
++index 1788f38..83d7918 100644
++--- a/strlen.c
+++++ b/strlen.c
++
++int main() {
++
++       printf("%d\n", str_len(string1));
++       printf("%d\n", str_len(string2));
++       printf("CVE FIXED!!!\n");
++
++       return 0;
++}
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+index 2dc352d479e..d937759f157 100644
+--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+@@ -3,7 +3,9 @@ SECTION = "examples"
+ LICENSE = "MIT"
+ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
+ 
+-SRC_URI = "file://helloworld.c"
++SRC_URI = "file://helloworld.c \
++           file://0001-Fix-CVE-1234-56789.patch \
++          "
+ 
+ S = "${WORKDIR}/sources"
+ UNPACKDIR = "${S}"
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_series_merge_on_head.1.skip b/meta/lib/patchtest/selftest/files/TestMbox.test_series_merge_on_head.1.skip
new file mode 100644
index 0000000000..072ccc28c0
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMbox.test_series_merge_on_head.1.skip
@@ -0,0 +1,35 @@
+From d12db4cfa913b0e7a4b5bd858d3019acc53ce426 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Wed, 30 Aug 2023 12:15:00 -0400
+Subject: [PATCH] selftest-hello: upgrade 1.0 -> 1.1
+
+This file should skip the test_series_merge_on_head test.
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ .../{selftest-hello_1.0.bb => selftest-hello_1.1.bb}           | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+ rename meta-selftest/recipes-test/selftest-hello/{selftest-hello_1.0.bb => selftest-hello_1.1.bb} (88%)
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.1.bb
+similarity index 88%
+rename from meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+rename to meta-selftest/recipes-test/selftest-hello/selftest-hello_1.1.bb
+index 547587bef4..acc388ec2c 100644
+--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.1.bb
+@@ -1,3 +1,4 @@
++SUMMARY = "Hello!"
+ DESCRIPTION = "Simple helloworld application -- selftest variant"
+ SECTION = "examples"
+ LICENSE = "MIT"
+@@ -16,4 +17,4 @@ do_install() {
+        install -m 0755 helloworld ${D}${bindir}
+ }
+ 
+-BBCLASSEXTEND = "native nativesdk"
+\ No newline at end of file
++BBCLASSEXTEND = "native nativesdk"
+-- 
+2.41.0
+
diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_series_merge_on_head.2.skip b/meta/lib/patchtest/selftest/files/TestMbox.test_series_merge_on_head.2.skip
new file mode 100644
index 0000000000..49bd1f8ede
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMbox.test_series_merge_on_head.2.skip
@@ -0,0 +1,41 @@
+From 55208224f492af0ad929555ffc9b95ff1d301c5f Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Thu, 17 Aug 2023 15:02:38 -0400
+Subject: [PATCH] python3-dtc: upgrade 1.6.1 -> 1.7.0
+
+Changelog: https://kernel.googlesource.com/pub/scm/utils/dtc/dtc/+log/039a99414e778332d8f9c04cbd3072e1dcc62798
+
+Remove custom PV from the recipe since the relevant functionality is in
+1.7.0:
+
+[tgamblin@megalith dtc]$ git tag --contains c001fc01a43e7a06447c06ea3d50bd60641322b8
+v1.7.0
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
+---
+ .../python/{python3-dtc_1.6.1.bb => python3-dtc_1.7.0.bb}      | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+ rename meta/recipes-devtools/python/{python3-dtc_1.6.1.bb => python3-dtc_1.7.0.bb} (92%)
+
+diff --git a/meta/recipes-devtools/python/python3-dtc_1.6.1.bb b/meta/recipes-devtools/python/python3-dtc_1.7.0.bb
+similarity index 92%
+rename from meta/recipes-devtools/python/python3-dtc_1.6.1.bb
+rename to meta/recipes-devtools/python/python3-dtc_1.7.0.bb
+index 95ab0be474..85e48d4694 100644
+--- a/meta/recipes-devtools/python/python3-dtc_1.6.1.bb
++++ b/meta/recipes-devtools/python/python3-dtc_1.7.0.bb
+@@ -14,9 +14,8 @@ UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>\d+(\.\d+)+)"
+ 
+ LIC_FILES_CHKSUM = "file://pylibfdt/libfdt.i;beginline=1;endline=6;md5=afda088c974174a29108c8d80b5dce90"
+ 
+-SRCREV = "c001fc01a43e7a06447c06ea3d50bd60641322b8"
++SRCREV = "039a99414e778332d8f9c04cbd3072e1dcc62798"
+ 
+-PV = "1.6.1+git"
+ S = "${WORKDIR}/git"
+ 
+ PYPA_WHEEL = "${S}/dist/libfdt-1.6.2*.whl"
+-- 
+2.41.0
+
diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_shortlog_format.fail b/meta/lib/patchtest/selftest/files/TestMbox.test_shortlog_format.fail
new file mode 100644
index 0000000000..c5e4df2549
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMbox.test_shortlog_format.fail
@@ -0,0 +1,66 @@
+From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Fri, 31 May 2024 09:54:50 -0400
+Subject: [PATCH] selftest-hello% fix CVE-1234-56789
+
+This should fail the test_shortlog_format test.
+
+CVE: CVE-1234-56789
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ .../files/0001-Fix-CVE-1234-56789.patch       | 26 +++++++++++++++++++
+ .../selftest-hello/selftest-hello_1.0.bb      |  4 ++-
+ 2 files changed, 29 insertions(+), 1 deletion(-)
+ create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+new file mode 100644
+index 00000000000..8a4f9329303
+--- /dev/null
++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+@@ -0,0 +1,26 @@
++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001
++From: Trevor Gamblin <tgamblin@baylibre.com>
++Date: Tue, 29 Aug 2023 14:08:20 -0400
++Subject: [PATCH] Fix CVE-NOT-REAL
++
++CVE: CVE-1234-56789
++Upstream-Status: Backport(http://example.com/example)
++
++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
++---
++ strlen.c | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/strlen.c b/strlen.c
++index 1788f38..83d7918 100644
++--- a/strlen.c
+++++ b/strlen.c
++
++int main() {
++
++       printf("%d\n", str_len(string1));
++       printf("%d\n", str_len(string2));
++       printf("CVE FIXED!!!\n");
++
++       return 0;
++}
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+index 2dc352d479e..d937759f157 100644
+--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+@@ -3,7 +3,9 @@ SECTION = "examples"
+ LICENSE = "MIT"
+ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
+ 
+-SRC_URI = "file://helloworld.c"
++SRC_URI = "file://helloworld.c \
++           file://0001-Fix-CVE-1234-56789.patch \
++          "
+ 
+ S = "${WORKDIR}/sources"
+ UNPACKDIR = "${S}"
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_shortlog_format.pass b/meta/lib/patchtest/selftest/files/TestMbox.test_shortlog_format.pass
new file mode 100644
index 0000000000..4948e26afc
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMbox.test_shortlog_format.pass
@@ -0,0 +1,66 @@
+From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Fri, 31 May 2024 09:54:50 -0400
+Subject: [PATCH] selftest-hello: fix CVE-1234-56789
+
+This should pass the test_shortlog_format test.
+
+CVE: CVE-1234-56789
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ .../files/0001-Fix-CVE-1234-56789.patch       | 26 +++++++++++++++++++
+ .../selftest-hello/selftest-hello_1.0.bb      |  4 ++-
+ 2 files changed, 29 insertions(+), 1 deletion(-)
+ create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+new file mode 100644
+index 00000000000..8a4f9329303
+--- /dev/null
++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+@@ -0,0 +1,26 @@
++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001
++From: Trevor Gamblin <tgamblin@baylibre.com>
++Date: Tue, 29 Aug 2023 14:08:20 -0400
++Subject: [PATCH] Fix CVE-NOT-REAL
++
++CVE: CVE-1234-56789
++Upstream-Status: Backport(http://example.com/example)
++
++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
++---
++ strlen.c | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/strlen.c b/strlen.c
++index 1788f38..83d7918 100644
++--- a/strlen.c
+++++ b/strlen.c
++
++int main() {
++
++       printf("%d\n", str_len(string1));
++       printf("%d\n", str_len(string2));
++       printf("CVE FIXED!!!\n");
++
++       return 0;
++}
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+index 2dc352d479e..d937759f157 100644
+--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+@@ -3,7 +3,9 @@ SECTION = "examples"
+ LICENSE = "MIT"
+ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
+ 
+-SRC_URI = "file://helloworld.c"
++SRC_URI = "file://helloworld.c \
++           file://0001-Fix-CVE-1234-56789.patch \
++          "
+ 
+ S = "${WORKDIR}/sources"
+ UNPACKDIR = "${S}"
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_shortlog_length.fail b/meta/lib/patchtest/selftest/files/TestMbox.test_shortlog_length.fail
new file mode 100644
index 0000000000..4ed1242821
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMbox.test_shortlog_length.fail
@@ -0,0 +1,66 @@
+From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Fri, 31 May 2024 09:54:50 -0400
+Subject: [PATCH] selftest-hello: fix CVE-1234-56789 this is a very long commit shortlog with way too many words included in it to pass the test
+
+This should fail the test_shortlong_length test.
+
+CVE: CVE-1234-56789
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ .../files/0001-Fix-CVE-1234-56789.patch       | 26 +++++++++++++++++++
+ .../selftest-hello/selftest-hello_1.0.bb      |  4 ++-
+ 2 files changed, 29 insertions(+), 1 deletion(-)
+ create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+new file mode 100644
+index 00000000000..8a4f9329303
+--- /dev/null
++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+@@ -0,0 +1,26 @@
++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001
++From: Trevor Gamblin <tgamblin@baylibre.com>
++Date: Tue, 29 Aug 2023 14:08:20 -0400
++Subject: [PATCH] Fix CVE-NOT-REAL
++
++CVE: CVE-1234-56789
++Upstream-Status: Backport(http://example.com/example)
++
++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
++---
++ strlen.c | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/strlen.c b/strlen.c
++index 1788f38..83d7918 100644
++--- a/strlen.c
+++++ b/strlen.c
++
++int main() {
++
++       printf("%d\n", str_len(string1));
++       printf("%d\n", str_len(string2));
++       printf("CVE FIXED!!!\n");
++
++       return 0;
++}
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+index 2dc352d479e..d937759f157 100644
+--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+@@ -3,7 +3,9 @@ SECTION = "examples"
+ LICENSE = "MIT"
+ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
+ 
+-SRC_URI = "file://helloworld.c"
++SRC_URI = "file://helloworld.c \
++           file://0001-Fix-CVE-1234-56789.patch \
++          "
+ 
+ S = "${WORKDIR}/sources"
+ UNPACKDIR = "${S}"
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_shortlog_length.pass b/meta/lib/patchtest/selftest/files/TestMbox.test_shortlog_length.pass
new file mode 100644
index 0000000000..ef5066a650
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMbox.test_shortlog_length.pass
@@ -0,0 +1,66 @@
+From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Fri, 31 May 2024 09:54:50 -0400
+Subject: [PATCH] selftest-hello: fix CVE-1234-56789
+
+This should pass the test_shortlog_length test.
+
+CVE: CVE-1234-56789
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ .../files/0001-Fix-CVE-1234-56789.patch       | 26 +++++++++++++++++++
+ .../selftest-hello/selftest-hello_1.0.bb      |  4 ++-
+ 2 files changed, 29 insertions(+), 1 deletion(-)
+ create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+new file mode 100644
+index 00000000000..8a4f9329303
+--- /dev/null
++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+@@ -0,0 +1,26 @@
++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001
++From: Trevor Gamblin <tgamblin@baylibre.com>
++Date: Tue, 29 Aug 2023 14:08:20 -0400
++Subject: [PATCH] Fix CVE-NOT-REAL
++
++CVE: CVE-1234-56789
++Upstream-Status: Backport(http://example.com/example)
++
++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
++---
++ strlen.c | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/strlen.c b/strlen.c
++index 1788f38..83d7918 100644
++--- a/strlen.c
+++++ b/strlen.c
++
++int main() {
++
++       printf("%d\n", str_len(string1));
++       printf("%d\n", str_len(string2));
++       printf("CVE FIXED!!!\n");
++
++       return 0;
++}
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+index 2dc352d479e..d937759f157 100644
+--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+@@ -3,7 +3,9 @@ SECTION = "examples"
+ LICENSE = "MIT"
+ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
+ 
+-SRC_URI = "file://helloworld.c"
++SRC_URI = "file://helloworld.c \
++           file://0001-Fix-CVE-1234-56789.patch \
++          "
+ 
+ S = "${WORKDIR}/sources"
+ UNPACKDIR = "${S}"
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_signed_off_by_presence.1.fail b/meta/lib/patchtest/selftest/files/TestMbox.test_signed_off_by_presence.1.fail
new file mode 100644
index 0000000000..4ede7271ee
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMbox.test_signed_off_by_presence.1.fail
@@ -0,0 +1,65 @@
+From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Fri, 31 May 2024 09:54:50 -0400
+Subject: [PATCH] selftest-hello: fix CVE-1234-56789
+
+This should fail the test_signed_off_by_presence test.
+
+CVE: CVE-1234-56789
+
+---
+ .../files/0001-Fix-CVE-1234-56789.patch       | 26 +++++++++++++++++++
+ .../selftest-hello/selftest-hello_1.0.bb      |  4 ++-
+ 2 files changed, 29 insertions(+), 1 deletion(-)
+ create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+new file mode 100644
+index 00000000000..8a4f9329303
+--- /dev/null
++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+@@ -0,0 +1,26 @@
++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001
++From: Trevor Gamblin <tgamblin@baylibre.com>
++Date: Tue, 29 Aug 2023 14:08:20 -0400
++Subject: [PATCH] Fix CVE-NOT-REAL
++
++CVE: CVE-1234-56789
++Upstream-Status: Backport(http://example.com/example)
++
++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
++---
++ strlen.c | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/strlen.c b/strlen.c
++index 1788f38..83d7918 100644
++--- a/strlen.c
+++++ b/strlen.c
++
++int main() {
++
++       printf("%d\n", str_len(string1));
++       printf("%d\n", str_len(string2));
++       printf("CVE FIXED!!!\n");
++
++       return 0;
++}
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+index 2dc352d479e..d937759f157 100644
+--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+@@ -3,7 +3,9 @@ SECTION = "examples"
+ LICENSE = "MIT"
+ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
+ 
+-SRC_URI = "file://helloworld.c"
++SRC_URI = "file://helloworld.c \
++           file://0001-Fix-CVE-1234-56789.patch \
++          "
+ 
+ S = "${WORKDIR}/sources"
+ UNPACKDIR = "${S}"
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_signed_off_by_presence.2.fail b/meta/lib/patchtest/selftest/files/TestMbox.test_signed_off_by_presence.2.fail
new file mode 100644
index 0000000000..f7c3f5145a
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMbox.test_signed_off_by_presence.2.fail
@@ -0,0 +1,66 @@
+From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Fri, 31 May 2024 09:54:50 -0400
+Subject: [PATCH] selftest-hello: fix CVE-1234-56789
+
+This should fail the test_signed_off_by_presence test.
+
+CVE: CVE-1234-56789
+
+Approved-of-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ .../files/0001-Fix-CVE-1234-56789.patch       | 26 +++++++++++++++++++
+ .../selftest-hello/selftest-hello_1.0.bb      |  4 ++-
+ 2 files changed, 29 insertions(+), 1 deletion(-)
+ create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+new file mode 100644
+index 00000000000..8a4f9329303
+--- /dev/null
++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+@@ -0,0 +1,26 @@
++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001
++From: Trevor Gamblin <tgamblin@baylibre.com>
++Date: Tue, 29 Aug 2023 14:08:20 -0400
++Subject: [PATCH] Fix CVE-NOT-REAL
++
++CVE: CVE-1234-56789
++Upstream-Status: Backport(http://example.com/example)
++
++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
++---
++ strlen.c | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/strlen.c b/strlen.c
++index 1788f38..83d7918 100644
++--- a/strlen.c
+++++ b/strlen.c
++
++int main() {
++
++       printf("%d\n", str_len(string1));
++       printf("%d\n", str_len(string2));
++       printf("CVE FIXED!!!\n");
++
++       return 0;
++}
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+index 2dc352d479e..d937759f157 100644
+--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+@@ -3,7 +3,9 @@ SECTION = "examples"
+ LICENSE = "MIT"
+ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
+ 
+-SRC_URI = "file://helloworld.c"
++SRC_URI = "file://helloworld.c \
++           file://0001-Fix-CVE-1234-56789.patch \
++          "
+ 
+ S = "${WORKDIR}/sources"
+ UNPACKDIR = "${S}"
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_signed_off_by_presence.pass b/meta/lib/patchtest/selftest/files/TestMbox.test_signed_off_by_presence.pass
new file mode 100644
index 0000000000..2661c1416f
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMbox.test_signed_off_by_presence.pass
@@ -0,0 +1,66 @@
+From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Fri, 31 May 2024 09:54:50 -0400
+Subject: [PATCH] selftest-hello: fix CVE-1234-56789
+
+This should pass the test_signed_off_by_presence test.
+
+CVE: CVE-1234-56789
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ .../files/0001-Fix-CVE-1234-56789.patch       | 26 +++++++++++++++++++
+ .../selftest-hello/selftest-hello_1.0.bb      |  4 ++-
+ 2 files changed, 29 insertions(+), 1 deletion(-)
+ create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+new file mode 100644
+index 00000000000..8a4f9329303
+--- /dev/null
++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+@@ -0,0 +1,26 @@
++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001
++From: Trevor Gamblin <tgamblin@baylibre.com>
++Date: Tue, 29 Aug 2023 14:08:20 -0400
++Subject: [PATCH] Fix CVE-NOT-REAL
++
++CVE: CVE-1234-56789
++Upstream-Status: Backport(http://example.com/example)
++
++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
++---
++ strlen.c | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/strlen.c b/strlen.c
++index 1788f38..83d7918 100644
++--- a/strlen.c
+++++ b/strlen.c
++
++int main() {
++
++       printf("%d\n", str_len(string1));
++       printf("%d\n", str_len(string2));
++       printf("CVE FIXED!!!\n");
++
++       return 0;
++}
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+index 2dc352d479e..d937759f157 100644
+--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+@@ -3,7 +3,9 @@ SECTION = "examples"
+ LICENSE = "MIT"
+ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
+ 
+-SRC_URI = "file://helloworld.c"
++SRC_URI = "file://helloworld.c \
++           file://0001-Fix-CVE-1234-56789.patch \
++          "
+ 
+ S = "${WORKDIR}/sources"
+ UNPACKDIR = "${S}"
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.fail b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.fail
new file mode 100644
index 0000000000..dccafcd9bc
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.fail
@@ -0,0 +1,25 @@
+From 60450eefbc2c438a37c5e08759d021b18f0df0a3 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Fri, 31 May 2024 09:18:17 -0400
+Subject: [PATCH] selftest-hello: add CVE_CHECK_IGNORE
+
+This should fail the test_cve_tag_format selftest.
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+index 2dc352d479e..cc103de6e2e 100644
+--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+@@ -17,4 +17,5 @@ do_install() {
+        install -m 0755 helloworld ${D}${bindir}
+ }
+ 
++CVE_CHECK_IGNORE = "CVE-2024-12345"
+ BBCLASSEXTEND = "native nativesdk"
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.pass b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.pass
new file mode 100644
index 0000000000..93a6cc91fb
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.pass
@@ -0,0 +1,25 @@
+From f91073242268d2b2c1a1a705e7fd585679f78a59 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Fri, 31 May 2024 09:18:17 -0400
+Subject: [PATCH] selftest-hello: add CVE_STATUS
+
+This should pass the test_cve_tag_format selftest.
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+index 2dc352d479e..88c5c98608f 100644
+--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+@@ -17,4 +17,5 @@ do_install() {
+        install -m 0755 helloworld ${D}${bindir}
+ }
+ 
++CVE_STATUS[CVE-2024-12345] = "not-applicable-platform: Issue only applies on Windows"
+ BBCLASSEXTEND = "native nativesdk"
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestMetadata.test_lic_files_chksum_modified_not_mentioned.fail b/meta/lib/patchtest/selftest/files/TestMetadata.test_lic_files_chksum_modified_not_mentioned.fail
new file mode 100644
index 0000000000..61b3784e3c
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMetadata.test_lic_files_chksum_modified_not_mentioned.fail
@@ -0,0 +1,28 @@
+From 974c3a143bc67faaff9abcc0a06a3d5e692fc660 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Fri, 31 May 2024 11:51:15 -0400
+Subject: [PATCH] selftest-hello: update LIC_FILES_CHKSUM
+
+This should fail the test_lic_files_chksum_modified_not_mentioned test.
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+index 2dc352d479e..356921db1dd 100644
+--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+@@ -1,7 +1,7 @@
+ DESCRIPTION = "Simple helloworld application -- selftest variant"
+ SECTION = "examples"
+ LICENSE = "MIT"
+-LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
++LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f303"
+ 
+ SRC_URI = "file://helloworld.c"
+ 
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestMetadata.test_lic_files_chksum_modified_not_mentioned.pass b/meta/lib/patchtest/selftest/files/TestMetadata.test_lic_files_chksum_modified_not_mentioned.pass
new file mode 100644
index 0000000000..b7be1e8e55
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMetadata.test_lic_files_chksum_modified_not_mentioned.pass
@@ -0,0 +1,30 @@
+From 974c3a143bc67faaff9abcc0a06a3d5e692fc660 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Fri, 31 May 2024 11:51:15 -0400
+Subject: [PATCH] selftest-hello: update LIC_FILES_CHKSUM
+
+This should pass the test_lic_files_chksum_modified_not_mentioned test.
+
+License-Update: Stuff happened!
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+index 2dc352d479e..356921db1dd 100644
+--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+@@ -1,7 +1,7 @@
+ DESCRIPTION = "Simple helloworld application -- selftest variant"
+ SECTION = "examples"
+ LICENSE = "MIT"
+-LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
++LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f303"
+ 
+ SRC_URI = "file://helloworld.c"
+ 
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestMetadata.test_lic_files_chksum_presence.fail b/meta/lib/patchtest/selftest/files/TestMetadata.test_lic_files_chksum_presence.fail
new file mode 100644
index 0000000000..a7a0b0bacb
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMetadata.test_lic_files_chksum_presence.fail
@@ -0,0 +1,42 @@
+From 74bc209a4fbe4da2f57e153ccfff3d2241dada8d Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Fri, 31 May 2024 11:03:47 -0400
+Subject: [PATCH] selftest-hello: add selftest-hello-extra
+
+This should fail the test_lic_files_chksum_presence test.
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ .../selftest-hello-extra_1.0.bb               | 20 +++++++++++++++++++
+ 1 file changed, 20 insertions(+)
+ create mode 100644 meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb
+new file mode 100644
+index 00000000000..875bcbef859
+--- /dev/null
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb
+@@ -0,0 +1,20 @@
++SUMMARY = "This is an example summary"
++DESCRIPTION = "Simple helloworld application -- selftest variant"
++SECTION = "examples"
++LICENSE = "MIT"
++
++SRC_URI = "file://helloworld.c"
++
++S = "${WORKDIR}/sources"
++UNPACKDIR = "${S}"
++
++do_compile() {
++       ${CC} ${CFLAGS} ${LDFLAGS} helloworld.c -o helloworld
++}
++
++do_install() {
++       install -d ${D}${bindir}
++       install -m 0755 helloworld ${D}${bindir}
++}
++
++BBCLASSEXTEND = "native nativesdk"
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestMetadata.test_lic_files_chksum_presence.pass b/meta/lib/patchtest/selftest/files/TestMetadata.test_lic_files_chksum_presence.pass
new file mode 100644
index 0000000000..8ffa97ec56
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMetadata.test_lic_files_chksum_presence.pass
@@ -0,0 +1,43 @@
+From 04eb94a0134ef5eb5b5fd783b303104fbfcd8437 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Fri, 31 May 2024 11:03:47 -0400
+Subject: [PATCH] selftest-hello: add selftest-hello-extra
+
+This should pass the test_lic_files_chksum_presence test.
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ .../selftest-hello-extra_1.0.bb               | 21 +++++++++++++++++++
+ 1 file changed, 21 insertions(+)
+ create mode 100644 meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb
+new file mode 100644
+index 00000000000..f3dec1b220c
+--- /dev/null
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb
+@@ -0,0 +1,21 @@
++SUMMARY = "This is an example summary"
++DESCRIPTION = "Simple helloworld application -- selftest variant"
++SECTION = "examples"
++LICENSE = "MIT"
++LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
++
++SRC_URI = "file://helloworld.c"
++
++S = "${WORKDIR}/sources"
++UNPACKDIR = "${S}"
++
++do_compile() {
++       ${CC} ${CFLAGS} ${LDFLAGS} helloworld.c -o helloworld
++}
++
++do_install() {
++       install -d ${D}${bindir}
++       install -m 0755 helloworld ${D}${bindir}
++}
++
++BBCLASSEXTEND = "native nativesdk"
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestMetadata.test_src_uri_left_files.fail b/meta/lib/patchtest/selftest/files/TestMetadata.test_src_uri_left_files.fail
new file mode 100644
index 0000000000..0a402d0a3e
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMetadata.test_src_uri_left_files.fail
@@ -0,0 +1,28 @@
+From f2f7b6bcb831289bc3ba2343ad7dc5bee6d6e0cd Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Fri, 31 May 2024 08:45:41 -0400
+Subject: [PATCH] selftest-hello: remove helloworld.c
+
+This should fail the test_src_uri_left_files selftest.
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb | 2 --
+ 1 file changed, 2 deletions(-)
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+index 2dc352d479e..e95270adaeb 100644
+--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+@@ -3,8 +3,6 @@ SECTION = "examples"
+ LICENSE = "MIT"
+ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
+ 
+-SRC_URI = "file://helloworld.c"
+-
+ S = "${WORKDIR}/sources"
+ UNPACKDIR = "${S}"
+ 
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestMetadata.test_src_uri_left_files.pass b/meta/lib/patchtest/selftest/files/TestMetadata.test_src_uri_left_files.pass
new file mode 100644
index 0000000000..a675c028d0
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMetadata.test_src_uri_left_files.pass
@@ -0,0 +1,44 @@
+From e79933e2fc68570066eca66f0b599d259b7a1731 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Fri, 31 May 2024 08:18:48 -0400
+Subject: [PATCH] selftest-hello: remove helloworld.c
+
+This should pass the test_src_uri_left_files selftest.
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ .../recipes-test/selftest-hello/files/helloworld.c        | 8 --------
+ .../recipes-test/selftest-hello/selftest-hello_1.0.bb     | 2 --
+ 2 files changed, 10 deletions(-)
+ delete mode 100644 meta-selftest/recipes-test/selftest-hello/files/helloworld.c
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/files/helloworld.c b/meta-selftest/recipes-test/selftest-hello/files/helloworld.c
+deleted file mode 100644
+index fc7169b7b83..00000000000
+--- a/meta-selftest/recipes-test/selftest-hello/files/helloworld.c
++++ /dev/null
+@@ -1,8 +0,0 @@
+-#include <stdio.h>
+-
+-int main(void)
+-{
+-       printf("Hello world!\n");
+-
+-       return 0;
+-}
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+index 2dc352d479e..e95270adaeb 100644
+--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+@@ -3,8 +3,6 @@ SECTION = "examples"
+ LICENSE = "MIT"
+ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
+ 
+-SRC_URI = "file://helloworld.c"
+-
+ S = "${WORKDIR}/sources"
+ UNPACKDIR = "${S}"
+ 
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestMetadata.test_summary_presence.fail b/meta/lib/patchtest/selftest/files/TestMetadata.test_summary_presence.fail
new file mode 100644
index 0000000000..1087843619
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMetadata.test_summary_presence.fail
@@ -0,0 +1,42 @@
+From f4b72cc24f5e2a290a8637775c4d41c16d5d83aa Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Fri, 31 May 2024 11:03:47 -0400
+Subject: [PATCH] selftest-hello: add selftest-hello-extra
+
+This should fail the test_summary_presence test.
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ .../selftest-hello-extra_1.0.bb               | 20 +++++++++++++++++++
+ 1 file changed, 20 insertions(+)
+ create mode 100644 meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb
+new file mode 100644
+index 00000000000..2dc352d479e
+--- /dev/null
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb
+@@ -0,0 +1,20 @@
++DESCRIPTION = "Simple helloworld application -- selftest variant"
++SECTION = "examples"
++LICENSE = "MIT"
++LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
++
++SRC_URI = "file://helloworld.c"
++
++S = "${WORKDIR}/sources"
++UNPACKDIR = "${S}"
++
++do_compile() {
++       ${CC} ${CFLAGS} ${LDFLAGS} helloworld.c -o helloworld
++}
++
++do_install() {
++       install -d ${D}${bindir}
++       install -m 0755 helloworld ${D}${bindir}
++}
++
++BBCLASSEXTEND = "native nativesdk"
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestMetadata.test_summary_presence.pass b/meta/lib/patchtest/selftest/files/TestMetadata.test_summary_presence.pass
new file mode 100644
index 0000000000..3d35a8d8fb
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestMetadata.test_summary_presence.pass
@@ -0,0 +1,43 @@
+From 04eb94a0134ef5eb5b5fd783b303104fbfcd8437 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Fri, 31 May 2024 11:03:47 -0400
+Subject: [PATCH] selftest-hello: add selftest-hello-extra
+
+This should pass the test_summary_presence test.
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ .../selftest-hello-extra_1.0.bb               | 21 +++++++++++++++++++
+ 1 file changed, 21 insertions(+)
+ create mode 100644 meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb
+new file mode 100644
+index 00000000000..f3dec1b220c
+--- /dev/null
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb
+@@ -0,0 +1,21 @@
++SUMMARY = "This is an example summary"
++DESCRIPTION = "Simple helloworld application -- selftest variant"
++SECTION = "examples"
++LICENSE = "MIT"
++LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
++
++SRC_URI = "file://helloworld.c"
++
++S = "${WORKDIR}/sources"
++UNPACKDIR = "${S}"
++
++do_compile() {
++       ${CC} ${CFLAGS} ${LDFLAGS} helloworld.c -o helloworld
++}
++
++do_install() {
++       install -d ${D}${bindir}
++       install -m 0755 helloworld ${D}${bindir}
++}
++
++BBCLASSEXTEND = "native nativesdk"
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestPatch.test_cve_tag_format.fail b/meta/lib/patchtest/selftest/files/TestPatch.test_cve_tag_format.fail
new file mode 100644
index 0000000000..f64f2a40b0
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestPatch.test_cve_tag_format.fail
@@ -0,0 +1,66 @@
+From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Fri, 31 May 2024 09:54:50 -0400
+Subject: [PATCH] selftest-hello: fix CVE-1234-56789
+
+This should fail the test_cve_tag_format test.
+
+CVE: CVE-1234-56789
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ .../files/0001-Fix-CVE-1234-56789.patch       | 26 +++++++++++++++++++
+ .../selftest-hello/selftest-hello_1.0.bb      |  4 ++-
+ 2 files changed, 29 insertions(+), 1 deletion(-)
+ create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+new file mode 100644
+index 00000000000..8a4f9329303
+--- /dev/null
++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+@@ -0,0 +1,26 @@
++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001
++From: Trevor Gamblin <tgamblin@baylibre.com>
++Date: Tue, 29 Aug 2023 14:08:20 -0400
++Subject: [PATCH] Fix CVE-NOT-REAL
++
++CVE: CVE-BAD_FORMAT
++Upstream-Status: Backport(http://example.com/example)
++
++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
++---
++ strlen.c | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/strlen.c b/strlen.c
++index 1788f38..83d7918 100644
++--- a/strlen.c
+++++ b/strlen.c
++
++int main() {
++
++       printf("%d\n", str_len(string1));
++       printf("%d\n", str_len(string2));
++       printf("CVE FIXED!!!\n");
++
++       return 0;
++}
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+index 2dc352d479e..d937759f157 100644
+--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+@@ -3,7 +3,9 @@ SECTION = "examples"
+ LICENSE = "MIT"
+ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
+ 
+-SRC_URI = "file://helloworld.c"
++SRC_URI = "file://helloworld.c \
++           file://0001-Fix-CVE-1234-56789.patch \
++          "
+ 
+ S = "${WORKDIR}/sources"
+ UNPACKDIR = "${S}"
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestPatch.test_cve_tag_format.pass b/meta/lib/patchtest/selftest/files/TestPatch.test_cve_tag_format.pass
new file mode 100644
index 0000000000..3819487041
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestPatch.test_cve_tag_format.pass
@@ -0,0 +1,66 @@
+From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Fri, 31 May 2024 09:54:50 -0400
+Subject: [PATCH] selftest-hello: fix CVE-1234-56789
+
+This should pass the test_cve_tag format test.
+
+CVE: CVE-1234-56789
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ .../files/0001-Fix-CVE-1234-56789.patch       | 26 +++++++++++++++++++
+ .../selftest-hello/selftest-hello_1.0.bb      |  4 ++-
+ 2 files changed, 29 insertions(+), 1 deletion(-)
+ create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+new file mode 100644
+index 00000000000..8a4f9329303
+--- /dev/null
++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+@@ -0,0 +1,26 @@
++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001
++From: Trevor Gamblin <tgamblin@baylibre.com>
++Date: Tue, 29 Aug 2023 14:08:20 -0400
++Subject: [PATCH] Fix CVE-NOT-REAL
++
++CVE: CVE-1234-56789
++Upstream-Status: Backport(http://example.com/example)
++
++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
++---
++ strlen.c | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/strlen.c b/strlen.c
++index 1788f38..83d7918 100644
++--- a/strlen.c
+++++ b/strlen.c
++
++int main() {
++
++       printf("%d\n", str_len(string1));
++       printf("%d\n", str_len(string2));
++       printf("CVE FIXED!!!\n");
++
++       return 0;
++}
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+index 2dc352d479e..d937759f157 100644
+--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+@@ -3,7 +3,9 @@ SECTION = "examples"
+ LICENSE = "MIT"
+ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
+ 
+-SRC_URI = "file://helloworld.c"
++SRC_URI = "file://helloworld.c \
++           file://0001-Fix-CVE-1234-56789.patch \
++          "
+ 
+ S = "${WORKDIR}/sources"
+ UNPACKDIR = "${S}"
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestPatch.test_signed_off_by_presence.fail b/meta/lib/patchtest/selftest/files/TestPatch.test_signed_off_by_presence.fail
new file mode 100644
index 0000000000..b2d0fab9e3
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestPatch.test_signed_off_by_presence.fail
@@ -0,0 +1,65 @@
+From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Fri, 31 May 2024 09:54:50 -0400
+Subject: [PATCH] selftest-hello: fix CVE-1234-56789
+
+This should fail the test_signed_off_by_presence test.
+
+CVE: CVE-1234-56789
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ .../files/0001-Fix-CVE-1234-56789.patch       | 25 +++++++++++++++++++
+ .../selftest-hello/selftest-hello_1.0.bb      |  4 ++-
+ 2 files changed, 28 insertions(+), 1 deletion(-)
+ create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+new file mode 100644
+index 00000000000..8a4f9329303
+--- /dev/null
++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+@@ -0,0 +1,25 @@
++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001
++From: Trevor Gamblin <tgamblin@baylibre.com>
++Date: Tue, 29 Aug 2023 14:08:20 -0400
++Subject: [PATCH] Fix CVE-NOT-REAL
++
++CVE: CVE-1234-56789
++Upstream-Status: Backport(http://example.com/example)
++
++---
++ strlen.c | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/strlen.c b/strlen.c
++index 1788f38..83d7918 100644
++--- a/strlen.c
+++++ b/strlen.c
++
++int main() {
++
++       printf("%d\n", str_len(string1));
++       printf("%d\n", str_len(string2));
++       printf("CVE FIXED!!!\n");
++
++       return 0;
++}
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+index 2dc352d479e..d937759f157 100644
+--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+@@ -3,7 +3,9 @@ SECTION = "examples"
+ LICENSE = "MIT"
+ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
+ 
+-SRC_URI = "file://helloworld.c"
++SRC_URI = "file://helloworld.c \
++           file://0001-Fix-CVE-1234-56789.patch \
++          "
+ 
+ S = "${WORKDIR}/sources"
+ UNPACKDIR = "${S}"
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/files/TestPatch.test_signed_off_by_presence.pass b/meta/lib/patchtest/selftest/files/TestPatch.test_signed_off_by_presence.pass
new file mode 100644
index 0000000000..2661c1416f
--- /dev/null
+++ b/meta/lib/patchtest/selftest/files/TestPatch.test_signed_off_by_presence.pass
@@ -0,0 +1,66 @@
+From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <tgamblin@baylibre.com>
+Date: Fri, 31 May 2024 09:54:50 -0400
+Subject: [PATCH] selftest-hello: fix CVE-1234-56789
+
+This should pass the test_signed_off_by_presence test.
+
+CVE: CVE-1234-56789
+
+Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
+---
+ .../files/0001-Fix-CVE-1234-56789.patch       | 26 +++++++++++++++++++
+ .../selftest-hello/selftest-hello_1.0.bb      |  4 ++-
+ 2 files changed, 29 insertions(+), 1 deletion(-)
+ create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+
+diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+new file mode 100644
+index 00000000000..8a4f9329303
+--- /dev/null
++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch
+@@ -0,0 +1,26 @@
++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001
++From: Trevor Gamblin <tgamblin@baylibre.com>
++Date: Tue, 29 Aug 2023 14:08:20 -0400
++Subject: [PATCH] Fix CVE-NOT-REAL
++
++CVE: CVE-1234-56789
++Upstream-Status: Backport(http://example.com/example)
++
++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
++---
++ strlen.c | 1 +
++ 1 file changed, 1 insertion(+)
++
++diff --git a/strlen.c b/strlen.c
++index 1788f38..83d7918 100644
++--- a/strlen.c
+++++ b/strlen.c
++
++int main() {
++
++       printf("%d\n", str_len(string1));
++       printf("%d\n", str_len(string2));
++       printf("CVE FIXED!!!\n");
++
++       return 0;
++}
+diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+index 2dc352d479e..d937759f157 100644
+--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb
+@@ -3,7 +3,9 @@ SECTION = "examples"
+ LICENSE = "MIT"
+ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302"
+ 
+-SRC_URI = "file://helloworld.c"
++SRC_URI = "file://helloworld.c \
++           file://0001-Fix-CVE-1234-56789.patch \
++          "
+ 
+ S = "${WORKDIR}/sources"
+ UNPACKDIR = "${S}"
+-- 
+2.45.1
+
diff --git a/meta/lib/patchtest/selftest/selftest b/meta/lib/patchtest/selftest/selftest
new file mode 100755
index 0000000000..3cf1c361f7
--- /dev/null
+++ b/meta/lib/patchtest/selftest/selftest
@@ -0,0 +1,94 @@
+#!/usr/bin/env python3
+
+# Test every patch from files folder and output error on failure
+#
+# Copyright (C) 2016 Intel Corporation
+#
+# SPDX-License-Identifier: GPL-2.0-only
+
+import os
+import subprocess
+import sys
+
+currentdir = os.path.dirname(os.path.abspath(__file__))
+patchesdir = os.path.join(currentdir, 'files')
+topdir     = os.path.dirname(currentdir)
+parentdir  = os.path.dirname(topdir)
+
+# path to the repo root
+repodir = os.path.dirname(os.path.dirname(parentdir))
+
+def print_results(passcount, failcount, skipcount, xpasscount, xfailcount, xskipcount, errorcount):
+    total = passcount + skipcount + failcount + xpasscount + xfailcount + xskipcount + errorcount
+    print("============================================================================")
+    print("Testsuite summary for %s" % os.path.basename(topdir))
+    print("============================================================================")
+    print("# TOTAL: %s" % str(total))
+    print("# XPASS: %s" % str(xpasscount))
+    print("# XFAIL: %s" % str(xfailcount))
+    print("# XSKIP: %s" % str(xskipcount))
+    print("# PASS: %s" % str(passcount))
+    print("# FAIL: %s" % str(failcount))
+    print("# SKIP: %s" % str(skipcount))
+    print("# ERROR: %s" % str(errorcount))
+    print("============================================================================")
+
+# Once the tests are in oe-core, we can remove the testdir param and use os.path.dirname to get relative paths
+def test(root, patch):
+    res = True
+    patchpath = os.path.abspath(os.path.join(root, patch))
+    
+    cmd     = 'patchtest --base-commit HEAD --repodir %s --testdir %s/tests --patch %s' % (repodir, topdir, patchpath)
+    results = subprocess.check_output(cmd, stderr=subprocess.STDOUT, universal_newlines=True, shell=True)
+
+    return results
+
+if __name__ == '__main__':
+    passcount = 0
+    failcount = 0
+    skipcount = 0
+    xpasscount = 0
+    xfailcount = 0
+    xskipcount = 0
+    errorcount = 0
+
+    results = None
+        
+    for root, dirs, patches in os.walk(patchesdir):
+        for patch in patches:
+            results = test(root, patch)
+
+            a = patch.split('.')
+            klass, testname = a[0], a[1]
+            expected_result = a[-1]
+            testid          = ".%s.%s" % (klass,testname)
+
+            for resultline in results.splitlines():
+                if testid in resultline:
+                    result, _ = resultline.split(':', 1)
+
+                    if expected_result.upper() == "FAIL" and result.upper() == "FAIL":
+                        xfailcount = xfailcount + 1
+                        print("XFAIL: %s (file: %s)" % (testid.strip("."), os.path.basename(patch)))
+                    elif expected_result.upper() == "PASS" and result.upper() == "PASS":
+                        xpasscount = xpasscount + 1
+                        print("XPASS: %s (file: %s)" % (testid.strip("."), os.path.basename(patch)))
+                    elif expected_result.upper() == "SKIP" and result.upper() == "SKIP":
+                        xskipcount = xskipcount + 1
+                        print("XSKIP: %s (file: %s)" % (testid.strip("."), os.path.basename(patch)))
+                    else:
+                        print("%s: %s (%s)" % (result.upper(), testid.strip("."), os.path.basename(patch)))
+                        if result.upper() == "PASS":
+                            passcount = passcount + 1
+                        elif result.upper() == "FAIL":
+                            failcount = failcount + 1
+                        elif result.upper() == "SKIP":
+                            skipcount = skipcount + 1
+                        else:
+                            print("Bad result on test %s against %s" % (testid.strip("."), os.path.basename(patch)))
+                            errorcount = errorcount + 1
+                    break
+            else:
+                print ("No test for=%s" % patch)
+
+    print_results(passcount, failcount, skipcount, xpasscount, xfailcount, xskipcount, errorcount)
diff --git a/meta/lib/patchtest/tests/__init__.py b/meta/lib/patchtest/tests/__init__.py
new file mode 100644
index 0000000000..e69de29bb2
--- /dev/null
+++ b/meta/lib/patchtest/tests/__init__.py
diff --git a/meta/lib/patchtest/tests/base.py b/meta/lib/patchtest/tests/base.py
new file mode 100644
index 0000000000..919ca136bb
--- /dev/null
+++ b/meta/lib/patchtest/tests/base.py
@@ -0,0 +1,252 @@
+# Base class to be used by all test cases defined in the suite
+#
+# Copyright (C) 2016 Intel Corporation
+#
+# SPDX-License-Identifier: GPL-2.0-only
+
+import unittest
+import logging
+import json
+import unidiff
+from patchtest_parser import PatchtestParser
+import mailbox
+import patchtest_patterns
+import collections
+import sys
+import os
+import re
+
+logger = logging.getLogger("patchtest")
+debug = logger.debug
+info = logger.info
+warn = logger.warn
+error = logger.error
+
+Commit = collections.namedtuple(
+    "Commit", ["author", "subject", "commit_message", "shortlog", "payload"]
+)
+
+Commit = collections.namedtuple('Commit', ['author', 'subject', 'commit_message', 'shortlog', 'payload'])
+
+class PatchtestOEError(Exception):
+    """Exception for handling patchtest-oe errors"""
+    def __init__(self, message, exitcode=1):
+        super().__init__(message)
+        self.exitcode = exitcode
+
+class Base(unittest.TestCase):
+    # if unit test fails, fail message will throw at least the following JSON: {"id": <testid>}
+
+    @staticmethod
+    def msg_to_commit(msg):
+        payload = msg.get_payload()
+        return Commit(subject=msg['subject'].replace('\n', ' ').replace('  ', ' '),
+                      author=msg.get('From'),
+                      shortlog=Base.shortlog(msg['subject']),
+                      commit_message=Base.commit_message(payload),
+                      payload=payload)
+
+    @staticmethod
+    def commit_message(payload):
+        commit_message = payload.__str__()
+        match = patchtest_patterns.endcommit_messages_regex.search(payload)
+        if match:
+            commit_message = payload[:match.start()]
+        return commit_message
+
+    @staticmethod
+    def shortlog(shlog):
+        # remove possible prefix (between brackets) before colon
+        start = shlog.find(']', 0, shlog.find(':'))
+        # remove also newlines and spaces at both sides
+        return shlog[start + 1:].replace('\n', '').strip()
+
+    @classmethod
+    def setUpClass(cls):
+
+        # General objects: mailbox.mbox and patchset
+        cls.mbox = mailbox.mbox(PatchtestParser.repo.patch.path)
+
+        # Patch may be malformed, so try parsing it
+        cls.unidiff_parse_error = ''
+        cls.patchset = None
+        try:
+            cls.patchset = unidiff.PatchSet.from_filename(
+                PatchtestParser.repo.patch.path, encoding="UTF-8"
+            )
+        except unidiff.UnidiffParseError as upe:
+            cls.patchset = []
+            cls.unidiff_parse_error = str(upe)
+
+        # Easy to iterate list of commits
+        cls.commits = []
+        for msg in cls.mbox:
+            if msg['subject'] and msg.get_payload():
+                cls.commits.append(Base.msg_to_commit(msg))
+
+        cls.setUpClassLocal()
+
+    @classmethod
+    def tearDownClass(cls):
+        cls.tearDownClassLocal()
+
+    @classmethod
+    def setUpClassLocal(cls):
+        pass
+
+    @classmethod
+    def tearDownClassLocal(cls):
+        pass
+
+    def fail(self, issue, fix=None, commit=None, data=None):
+        """ Convert to a JSON string failure data"""
+        value = {'id': self.id(),
+                 'issue': issue}
+
+        if fix:
+            value['fix'] = fix
+        if commit:
+            value['commit'] = {'subject': commit.subject,
+                               'shortlog': commit.shortlog}
+
+        # extend return value with other useful info
+        if data:
+            value['data'] = data
+
+        return super(Base, self).fail(json.dumps(value))
+
+    def skip(self, issue, data=None):
+        """ Convert the skip string to JSON"""
+        value = {'id': self.id(),
+                 'issue': issue}
+
+        # extend return value with other useful info
+        if data:
+            value['data'] = data
+
+        return super(Base, self).skipTest(json.dumps(value))
+
+    def shortid(self):
+        return self.id().split('.')[-1]
+
+    def __str__(self):
+        return json.dumps({'id': self.id()})
+
+class Metadata(Base):
+    @classmethod
+    def setUpClassLocal(cls):
+        cls.tinfoil = cls.setup_tinfoil()
+
+        # get info about added/modified/remove recipes
+        cls.added, cls.modified, cls.removed = cls.get_metadata_stats(cls.patchset)
+
+    @classmethod
+    def tearDownClassLocal(cls):
+        cls.tinfoil.shutdown()
+
+    @classmethod
+    def setup_tinfoil(cls, config_only=False):
+        """Initialize tinfoil api from bitbake"""
+
+        # import relevant libraries
+        try:
+            scripts_path = os.path.join(PatchtestParser.repodir, "scripts", "lib")
+            if scripts_path not in sys.path:
+                sys.path.insert(0, scripts_path)
+            import scriptpath
+            scriptpath.add_bitbake_lib_path()
+            import bb.tinfoil
+        except ImportError:
+            raise PatchtestOEError('Could not import tinfoil module')
+
+        orig_cwd = os.path.abspath(os.curdir)
+
+        # Load tinfoil
+        tinfoil = None
+        try:
+            builddir = os.environ.get('BUILDDIR')
+            if not builddir:
+                logger.warn('Bitbake environment not loaded?')
+                return tinfoil
+            os.chdir(builddir)
+            tinfoil = bb.tinfoil.Tinfoil()
+            tinfoil.prepare(config_only=config_only)
+        except bb.tinfoil.TinfoilUIException as te:
+            if tinfoil:
+                tinfoil.shutdown()
+            raise PatchtestOEError('Could not prepare properly tinfoil (TinfoilUIException)')
+        except Exception as e:
+            if tinfoil:
+                tinfoil.shutdown()
+            raise e
+        finally:
+            os.chdir(orig_cwd)
+
+        return tinfoil
+
+    @classmethod
+    def get_metadata_stats(cls, patchset):
+        """Get lists of added, modified and removed metadata files"""
+
+        def find_pn(data, path):
+            """Find the PN from data"""
+            pn = None
+            pn_native = None
+            for _path, _pn in data:
+                if path in _path:
+                    if 'native' in _pn:
+                        # store the native PN but look for the non-native one first
+                        pn_native = _pn
+                    else:
+                        pn = _pn
+                        break
+            else:
+                # sent the native PN if found previously
+                if pn_native:
+                    return pn_native
+
+                # on renames (usually upgrades), we need to check (FILE) base names
+                # because the unidiff library does not provided the new filename, just the modified one
+                # and tinfoil datastore, once the patch is merged, will contain the new filename
+                path_basename = path.split('_')[0]
+                for _path, _pn in data:
+                    _path_basename = _path.split('_')[0]
+                    if path_basename == _path_basename:
+                        pn = _pn
+            return pn
+
+        if not cls.tinfoil:
+            cls.tinfoil = cls.setup_tinfoil()
+
+        added_paths, modified_paths, removed_paths = [], [], []
+        added, modified, removed = [], [], []
+
+        # get metadata filename additions, modification and removals
+        for patch in patchset:
+            if patch.path.endswith('.bb') or patch.path.endswith('.bbappend') or patch.path.endswith('.inc'):
+                if patch.is_added_file:
+                    added_paths.append(
+                        os.path.join(
+                            os.path.abspath(PatchtestParser.repodir), patch.path
+                        )
+                    )
+                elif patch.is_modified_file:
+                    modified_paths.append(
+                        os.path.join(
+                            os.path.abspath(PatchtestParser.repodir), patch.path
+                        )
+                    )
+                elif patch.is_removed_file:
+                    removed_paths.append(
+                        os.path.join(
+                            os.path.abspath(PatchtestParser.repodir), patch.path
+                        )
+                    )
+
+        data = cls.tinfoil.cooker.recipecaches[''].pkg_fn.items()
+
+        added = [find_pn(data,path) for path in added_paths]
+        modified = [find_pn(data,path) for path in modified_paths]
+        removed = [find_pn(data,path) for path in removed_paths]
+
+        return [a for a in added if a], [m for m in modified if m], [r for r in removed if r]
diff --git a/meta/lib/patchtest/tests/test_mbox.py b/meta/lib/patchtest/tests/test_mbox.py
new file mode 100644
index 0000000000..dab733ea77
--- /dev/null
+++ b/meta/lib/patchtest/tests/test_mbox.py
@@ -0,0 +1,179 @@
+# Checks related to the patch's author
+#
+# Copyright (C) 2016 Intel Corporation
+#
+# SPDX-License-Identifier: GPL-2.0-only
+
+import base
+import collections
+import patchtest_patterns
+import pyparsing
+import re
+import subprocess
+from patchtest_parser import PatchtestParser
+
+def headlog():
+    output = subprocess.check_output(
+        "cd %s; git log --pretty='%%h#%%aN#%%cD:#%%s' -1" % PatchtestParser.repodir,
+        universal_newlines=True,
+        shell=True
+        )
+    return output.split('#')
+
+class TestMbox(base.Base):
+
+    # base paths of main yocto project sub-projects
+    paths = {
+        'oe-core': ['meta-selftest', 'meta-skeleton', 'meta', 'scripts'],
+        'bitbake': ['bitbake'],
+        'documentation': ['documentation'],
+        'poky': ['meta-poky','meta-yocto-bsp'],
+        'oe': ['meta-gpe', 'meta-gnome', 'meta-efl', 'meta-networking', 'meta-multimedia','meta-initramfs', 'meta-ruby', 'contrib', 'meta-xfce', 'meta-filesystems', 'meta-perl', 'meta-webserver', 'meta-systemd', 'meta-oe', 'meta-python']
+        }
+
+    # scripts folder is a mix of oe-core and poky, most is oe-core code except:
+    poky_scripts = ['scripts/yocto-bsp', 'scripts/yocto-kernel', 'scripts/yocto-layer', 'scripts/lib/bsp']
+
+    Project = collections.namedtuple('Project', ['name', 'listemail', 'gitrepo', 'paths'])
+
+    bitbake = Project(name='Bitbake', listemail='bitbake-devel@lists.openembedded.org', gitrepo='http://git.openembedded.org/bitbake/', paths=paths['bitbake'])
+    doc     = Project(name='Documentantion', listemail='yocto@yoctoproject.org', gitrepo='http://git.yoctoproject.org/cgit/cgit.cgi/yocto-docs/', paths=paths['documentation'])
+    poky    = Project(name='Poky', listemail='poky@yoctoproject.org', gitrepo='http://git.yoctoproject.org/cgit/cgit.cgi/poky/', paths=paths['poky'])
+    oe      = Project(name='oe', listemail='openembedded-devel@lists.openembedded.org', gitrepo='http://git.openembedded.org/meta-openembedded/', paths=paths['oe'])
+
+
+    def test_signed_off_by_presence(self):
+        for commit in self.commits:
+            # skip those patches that revert older commits, these do not required the tag presence
+            if patchtest_patterns.mbox_revert_shortlog_regex.search_string(commit.shortlog):
+                continue
+            if not patchtest_patterns.signed_off_by.search_string(commit.payload):
+                self.fail(
+                    'Mbox is missing Signed-off-by. Add it manually or with "git commit --amend -s"',
+                    commit=commit,
+                )
+
+    def test_shortlog_format(self):
+        for commit in self.commits:
+            shortlog = commit.shortlog
+            if not shortlog.strip():
+                self.skip('Empty shortlog, no reason to execute shortlog format test')
+            else:
+                # no reason to re-check on revert shortlogs
+                if shortlog.startswith('Revert "'):
+                    continue
+                try:
+                    patchtest_patterns.shortlog.parseString(shortlog)
+                except pyparsing.ParseException as pe:
+                    self.fail('Commit shortlog (first line of commit message) should follow the format "<target>: <summary>"',
+                              commit=commit)
+
+    def test_shortlog_length(self):
+        for commit in self.commits:
+            # no reason to re-check on revert shortlogs
+            shortlog = re.sub('^(\[.*?\])+ ', '', commit.shortlog)
+            if shortlog.startswith('Revert "'):
+                continue
+            l = len(shortlog)
+            if l > patchtest_patterns.mbox_shortlog_maxlength:
+                self.fail(
+                    "Edit shortlog so that it is %d characters or less (currently %d characters)"
+                    % (patchtest_patterns.mbox_shortlog_maxlength, l),
+                    commit=commit,
+                )
+
+    def test_series_merge_on_head(self):
+        self.skip("Merge test is disabled for now")
+        if PatchtestParser.repo.patch.branch != "master":
+            self.skip(
+                "Skipping merge test since patch is not intended"
+                " for master branch. Target detected is %s"
+                % PatchtestParser.repo.patch.branch
+            )
+        if not PatchtestParser.repo.canbemerged:
+            commithash, author, date, shortlog = headlog()
+            self.fail(
+                "Series does not apply on top of target branch %s"
+                % PatchtestParser.repo.patch.branch,
+                data=[
+                    (
+                        "Targeted branch",
+                        "%s (currently at %s)"
+                        % (PatchtestParser.repo.patch.branch, commithash),
+                    )
+                ],
+            )
+
+    def test_target_mailing_list(self):
+        """Check for other targeted projects"""
+
+        # a meta project may be indicted in the message subject, if this is the case, just fail
+        # TODO: there may be other project with no-meta prefix, we also need to detect these
+        project_regex = pyparsing.Regex("\[(?P<project>meta-.+)\]")
+        for commit in self.commits:
+            match = project_regex.search_string(commit.subject)
+            if match:
+                self.fail('Series sent to the wrong mailing list or some patches from the series correspond to different mailing lists',
+                          commit=commit)
+
+        for patch in self.patchset:
+            folders = patch.path.split('/')
+            base_path = folders[0]
+            for project in [self.bitbake, self.doc, self.oe, self.poky]:
+                if base_path in  project.paths:
+                    self.fail('Series sent to the wrong mailing list or some patches from the series correspond to different mailing lists',
+                              data=[('Suggested ML', '%s [%s]' % (project.listemail, project.gitrepo)),
+                                    ('Patch\'s path:', patch.path)])
+
+            # check for poky's scripts code
+            if base_path.startswith('scripts'):
+                for poky_file in self.poky_scripts:
+                    if patch.path.startswith(poky_file):
+                        self.fail('Series sent to the wrong mailing list or some patches from the series correspond to different mailing lists',
+                                  data=[('Suggested ML', '%s [%s]' % (self.poky.listemail, self.poky.gitrepo)),('Patch\'s path:', patch.path)])
+
+    def test_mbox_format(self):
+        if self.unidiff_parse_error:
+            self.fail('Series has malformed diff lines. Create the series again using git-format-patch and ensure it applies using git am',
+                      data=[('Diff line',self.unidiff_parse_error)])
+
+    def test_commit_message_presence(self):
+        for commit in self.commits:
+            if not commit.commit_message.strip():
+                self.fail('Please include a commit message on your patch explaining the change', commit=commit)
+
+    # This may incorrectly report a failure if something such as a
+    # Python decorator is included in the commit message, but this
+    # scenario is much less common than the username case it is written
+    # to protect against
+    def test_commit_message_user_tags(self):
+        for commit in self.commits:
+            if patchtest_patterns.mbox_github_username.search_string(commit.commit_message):
+                self.fail('Mbox includes one or more GitHub-style username tags. Ensure that any "@" symbols are stripped out of usernames', commit=commit)
+
+    def test_bugzilla_entry_format(self):
+        for commit in self.commits:
+            if not patchtest_patterns.mbox_bugzilla.search_string(commit.commit_message):
+                self.skip("No bug ID found")
+            elif not patchtest_patterns.mbox_bugzilla_validation.search_string(
+                commit.commit_message
+            ):
+                self.fail(
+                    'Bugzilla issue ID is not correctly formatted - specify it with format: "[YOCTO #<bugzilla ID>]"',
+                    commit=commit,
+                )
+
+    def test_author_valid(self):
+        for commit in self.commits:
+            for invalid in patchtest_patterns.invalid_submitters:
+                if invalid.search_string(commit.author):
+                    self.fail('Invalid author %s. Resend the series with a valid patch author' % commit.author, commit=commit)
+
+    def test_non_auh_upgrade(self):
+        for commit in self.commits:
+            if patchtest_patterns.auh_email in commit.commit_message:
+                self.fail(
+                    "Invalid author %s. Resend the series with a valid patch author"
+                    % patchtest_patterns.auh_email,
+                    commit=commit,
+                )
diff --git a/meta/lib/patchtest/tests/test_metadata.py b/meta/lib/patchtest/tests/test_metadata.py
new file mode 100644
index 0000000000..2dee80b002
--- /dev/null
+++ b/meta/lib/patchtest/tests/test_metadata.py
@@ -0,0 +1,212 @@
+# Checks related to the patch's LIC_FILES_CHKSUM  metadata variable
+#
+# Copyright (C) 2016 Intel Corporation
+#
+# SPDX-License-Identifier: GPL-2.0-only
+
+import base
+import collections
+import os
+import patchtest_patterns
+import pyparsing
+from patchtest_parser import PatchtestParser
+
+# Data store commonly used to share values between pre and post-merge tests
+PatchTestDataStore = collections.defaultdict(str)
+
+class TestMetadata(base.Metadata):
+
+    def test_license_presence(self):
+        if not self.added:
+            self.skip('No added recipes, skipping test')
+
+        # TODO: this is a workaround so we can parse the recipe not
+        # containing the LICENSE var: add some default license instead
+        # of INVALID into auto.conf, then remove this line at the end
+        auto_conf = os.path.join(os.environ.get('BUILDDIR'), 'conf', 'auto.conf')
+        open_flag = 'w'
+        if os.path.exists(auto_conf):
+            open_flag = 'a'
+        with open(auto_conf, open_flag) as fd:
+            for pn in self.added:
+                fd.write('LICENSE ??= "%s"\n' % patchtest_patterns.invalid_license)
+
+        no_license = False
+        for pn in self.added:
+            rd = self.tinfoil.parse_recipe(pn)
+            license = rd.getVar(patchtest_patterns.metadata_lic)
+            if license == patchtest_patterns.invalid_license:
+                no_license = True
+                break
+
+        # remove auto.conf line or the file itself
+        if open_flag == 'w':
+            os.remove(auto_conf)
+        else:
+            fd = open(auto_conf, 'r')
+            lines = fd.readlines()
+            fd.close()
+            with open(auto_conf, 'w') as fd:
+                fd.write(''.join(lines[:-1]))
+
+        if no_license:
+            self.fail('Recipe does not have the LICENSE field set.')
+
+    def test_lic_files_chksum_presence(self):
+        if not self.added:
+            self.skip('No added recipes, skipping test')
+
+        for pn in self.added:
+            rd = self.tinfoil.parse_recipe(pn)
+            pathname = rd.getVar('FILE')
+            # we are not interested in images
+            if '/images/' in pathname:
+                continue
+            lic_files_chksum = rd.getVar(patchtest_patterns.metadata_chksum)
+            if rd.getVar(patchtest_patterns.license_var) == patchtest_patterns.closed:
+                continue
+            if not lic_files_chksum:
+                self.fail(
+                    "%s is missing in newly added recipe" % patchtest_patterns.metadata_chksum
+                )
+
+    def test_lic_files_chksum_modified_not_mentioned(self):
+        if not self.modified:
+            self.skip('No modified recipes, skipping test')
+
+        for patch in self.patchset:
+            # for the moment, we are just interested in metadata
+            if patch.path.endswith('.patch'):
+                continue
+            payload = str(patch)
+            if patchtest_patterns.lic_chksum_added.search_string(
+                payload
+            ) or patchtest_patterns.lic_chksum_removed.search_string(payload):
+                # if any patch on the series contain reference on the metadata, fail
+                for commit in self.commits:
+                    if patchtest_patterns.lictag_re.search_string(commit.commit_message):
+                        break
+                else:
+                    self.fail('LIC_FILES_CHKSUM changed without "License-Update:" tag and description in commit message')
+
+    def test_max_line_length(self):
+        for patch in self.patchset:
+            # for the moment, we are just interested in metadata
+            if patch.path.endswith('.patch'):
+                continue
+            payload = str(patch)
+            for line in payload.splitlines():
+                if patchtest_patterns.add_mark.search_string(line):
+                    current_line_length = len(line[1:])
+                    if current_line_length > patchtest_patterns.patch_max_line_length:
+                        self.fail(
+                            "Patch line too long (current length %s, maximum is %s)"
+                            % (current_line_length, patchtest_patterns.patch_max_line_length),
+                            data=[
+                                ("Patch", patch.path),
+                                ("Line", "%s ..." % line[0:80]),
+                            ],
+                        )
+
+    def pretest_src_uri_left_files(self):
+        # these tests just make sense on patches that can be merged
+        if not PatchtestParser.repo.canbemerged:
+            self.skip("Patch cannot be merged")
+        if not self.modified:
+            self.skip('No modified recipes, skipping pretest')
+
+        # get the proper metadata values
+        for pn in self.modified:
+            # we are not interested in images
+            if 'core-image' in pn:
+                continue
+            rd = self.tinfoil.parse_recipe(pn)
+            PatchTestDataStore[
+                "%s-%s-%s" % (self.shortid(), patchtest_patterns.metadata_src_uri, pn)
+            ] = rd.getVar(patchtest_patterns.metadata_src_uri)
+
+    def test_src_uri_left_files(self):
+        # these tests just make sense on patches that can be merged
+        if not PatchtestParser.repo.canbemerged:
+            self.skip("Patch cannot be merged")
+        if not self.modified:
+            self.skip('No modified recipes, skipping pretest')
+
+        # get the proper metadata values
+        for pn in self.modified:
+            # we are not interested in images
+            if 'core-image' in pn:
+                continue
+            rd = self.tinfoil.parse_recipe(pn)
+            PatchTestDataStore[
+                "%s-%s-%s" % (self.shortid(), patchtest_patterns.metadata_src_uri, pn)
+            ] = rd.getVar(patchtest_patterns.metadata_src_uri)
+
+        for pn in self.modified:
+            pretest_src_uri = PatchTestDataStore[
+                "pre%s-%s-%s" % (self.shortid(), patchtest_patterns.metadata_src_uri, pn)
+            ].split()
+            test_src_uri = PatchTestDataStore[
+                "%s-%s-%s" % (self.shortid(), patchtest_patterns.metadata_src_uri, pn)
+            ].split()
+
+            pretest_files = set([os.path.basename(patch) for patch in pretest_src_uri if patch.startswith('file://')])
+            test_files    = set([os.path.basename(patch) for patch in test_src_uri    if patch.startswith('file://')])
+
+            # check if files were removed
+            if len(test_files) < len(pretest_files):
+
+                # get removals from patchset
+                filesremoved_from_patchset = set()
+                for patch in self.patchset:
+                    if patch.is_removed_file:
+                        filesremoved_from_patchset.add(os.path.basename(patch.path))
+
+                # get the deleted files from the SRC_URI
+                filesremoved_from_usr_uri = pretest_files - test_files
+
+                # finally, get those patches removed at SRC_URI and not removed from the patchset
+                # TODO: we are not taking into account  renames, so test may raise false positives
+                not_removed = filesremoved_from_usr_uri - filesremoved_from_patchset
+                if not_removed:
+                    self.fail('Patches not removed from tree. Remove them and amend the submitted mbox',
+                              data=[('Patch', f) for f in not_removed])
+
+    def test_summary_presence(self):
+        if not self.added:
+            self.skip('No added recipes, skipping test')
+
+        for pn in self.added:
+            # we are not interested in images
+            if 'core-image' in pn:
+                continue
+            rd = self.tinfoil.parse_recipe(pn)
+            summary = rd.getVar(patchtest_patterns.metadata_summary)
+
+            # "${PN} version ${PN}-${PR}" is the default, so fail if default
+            if summary.startswith("%s version" % pn):
+                self.fail(
+                    "%s is missing in newly added recipe" % patchtest_patterns.metadata_summary
+                )
+
+    def test_cve_check_ignore(self):
+        # Skip if we neither modified a recipe or target branches are not
+        # Nanbield and newer. CVE_CHECK_IGNORE was first deprecated in Nanbield.
+        if (
+            not self.modified
+            or PatchtestParser.repo.patch.branch == "kirkstone"
+            or PatchtestParser.repo.patch.branch == "dunfell"
+        ):
+            self.skip("No modified recipes or older target branch, skipping test")
+        for pn in self.modified:
+            # we are not interested in images
+            if 'core-image' in pn:
+                continue
+            rd = self.tinfoil.parse_recipe(pn)
+            cve_check_ignore = rd.getVar(patchtest_patterns.cve_check_ignore_var)
+
+            if cve_check_ignore is not None:
+                self.fail(
+                    "%s is deprecated and should be replaced by %s"
+                    % (patchtest_patterns.cve_check_ignore_var, patchtest_patterns.cve_status_var)
+                )
diff --git a/meta/lib/patchtest/tests/test_patch.py b/meta/lib/patchtest/tests/test_patch.py
new file mode 100644
index 0000000000..d08b8a5019
--- /dev/null
+++ b/meta/lib/patchtest/tests/test_patch.py
@@ -0,0 +1,131 @@
+# Checks related to the patch's CVE lines
+#
+# Copyright (C) 2016 Intel Corporation
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+
+import base
+import os
+import patchtest_patterns
+import pyparsing
+
+class TestPatch(base.Base):
+
+    @classmethod
+    def setUpClassLocal(cls):
+        cls.newpatches = []
+        # get just those relevant patches: new software patches
+        for patch in cls.patchset:
+            if patch.path.endswith('.patch') and patch.is_added_file:
+                cls.newpatches.append(patch)
+
+        cls.mark = str(patchtest_patterns.signed_off_by_prefix).strip('"')
+
+        # match PatchSignedOffBy.mark with '+' preceding it
+        cls.prog = patchtest_patterns.patch_signed_off_by
+
+    def setUp(self):
+        if self.unidiff_parse_error:
+            self.skip('Parse error %s' % self.unidiff_parse_error)
+
+        self.valid_status = ", ".join(patchtest_patterns.upstream_status_nonliteral_valid_status)
+        self.standard_format = "Upstream-Status: <Valid status>"
+
+        # we are just interested in series that introduce CVE patches, thus discard other
+        # possibilities: modification to current CVEs, patch directly introduced into the
+        # recipe, upgrades already including the CVE, etc.
+        new_cves = [p for p in self.patchset if p.path.endswith('.patch') and p.is_added_file]
+        if not new_cves:
+            self.skip('No new CVE patches introduced')
+
+    def test_upstream_status_presence_format(self):
+        if not TestPatch.newpatches:
+            self.skip("There are no new software patches, no reason to test Upstream-Status presence/format")
+
+        for newpatch in TestPatch.newpatches:
+            payload = newpatch.__str__()
+            if not patchtest_patterns.upstream_status_regex.search_string(payload):
+                self.fail(
+                    "Added patch file is missing Upstream-Status: <Valid status> in the commit message",
+                    data=[
+                        ("Standard format", self.standard_format),
+                        ("Valid status", self.valid_status),
+                    ],
+                )
+            for line in payload.splitlines():
+                if patchtest_patterns.patchmetadata_regex.match(line):
+                    continue
+                if patchtest_patterns.upstream_status_regex.search_string(line):
+                    if patchtest_patterns.inappropriate.searchString(line):
+                        try:
+                            patchtest_patterns.upstream_status_inappropriate_info.parseString(
+                                line.lstrip("+")
+                            )
+                        except pyparsing.ParseException as pe:
+                            self.fail(
+                                "Upstream-Status is Inappropriate, but no reason was provided",
+                                data=[
+                                    ("Current", pe.pstr),
+                                    (
+                                        "Standard format",
+                                        "Upstream-Status: Inappropriate [reason]",
+                                    ),
+                                ],
+                            )
+                    elif patchtest_patterns.submitted.searchString(line):
+                        try:
+                            patchtest_patterns.upstream_status_submitted_info.parseString(
+                                line.lstrip("+")
+                            )
+                        except pyparsing.ParseException as pe:
+                            self.fail(
+                                "Upstream-Status is Submitted, but it is not mentioned where",
+                                data=[
+                                    ("Current", pe.pstr),
+                                    (
+                                        "Standard format",
+                                        "Upstream-Status: Submitted [where]",
+                                    ),
+                                ],
+                            )
+                    else:
+                        try:
+                            patchtest_patterns.upstream_status.parseString(line.lstrip("+"))
+                        except pyparsing.ParseException as pe:
+                            self.fail(
+                                "Upstream-Status is in incorrect format",
+                                data=[
+                                    ("Current", pe.pstr),
+                                    ("Standard format", self.standard_format),
+                                    ("Valid status", self.valid_status),
+                                ],
+                            )
+
+    def test_signed_off_by_presence(self):
+        if not TestPatch.newpatches:
+            self.skip("There are no new software patches, no reason to test %s presence" % PatchSignedOffBy.mark)
+
+        for newpatch in TestPatch.newpatches:
+            payload = newpatch.__str__()
+            for line in payload.splitlines():
+                if patchtest_patterns.patchmetadata_regex.match(line):
+                    continue
+                if TestPatch.prog.search_string(payload):
+                    break
+            else:
+                self.fail('A patch file has been added without a Signed-off-by tag: \'%s\'' % os.path.basename(newpatch.path))
+
+    def test_cve_tag_format(self):
+        for commit in TestPatch.commits:
+            if patchtest_patterns.cve.search_string(
+                commit.shortlog
+            ) or patchtest_patterns.cve.search_string(commit.commit_message):
+                tag_found = False
+                for line in commit.payload.splitlines():
+                    if patchtest_patterns.cve_payload_tag.search_string(line):
+                        tag_found = True
+                        break
+                if not tag_found:
+                    self.fail('Missing or incorrectly formatted CVE tag in patch file. Correct or include the CVE tag in the patch with format: "CVE: CVE-YYYY-XXXX"',
+                              commit=commit)
diff --git a/meta/lib/patchtest/tests/test_python_pylint.py b/meta/lib/patchtest/tests/test_python_pylint.py
new file mode 100644
index 0000000000..ec9129bc79
--- /dev/null
+++ b/meta/lib/patchtest/tests/test_python_pylint.py
@@ -0,0 +1,65 @@
+# Checks related to the python code done with pylint
+#
+# Copyright (C) 2016 Intel Corporation
+#
+# SPDX-License-Identifier: GPL-2.0-only
+
+import base
+from io import StringIO
+from patchtest_parser import PatchtestParser
+from pylint.reporters.text import TextReporter
+import pylint.lint as lint
+
+
+class PyLint(base.Base):
+    pythonpatches  = []
+    pylint_pretest = {}
+    pylint_test    = {}
+    pylint_options = " -E --disable='E0611, E1101, F0401, E0602' --msg-template='L:{line} F:{module} I:{msg}'"
+
+    @classmethod
+    def setUpClassLocal(cls):
+        # get just those patches touching python files
+        cls.pythonpatches = []
+        for patch in cls.patchset:
+            if patch.path.endswith('.py'):
+                if not patch.is_removed_file:
+                    cls.pythonpatches.append(patch)
+
+    def setUp(self):
+        if self.unidiff_parse_error:
+            self.skip('Python-unidiff parse error')
+        if not PyLint.pythonpatches:
+            self.skip('No python related patches, skipping test')
+
+    def pretest_pylint(self):
+        for pythonpatch in self.pythonpatches:
+            if pythonpatch.is_modified_file:
+                pylint_output = StringIO()
+                reporter = TextReporter(pylint_output)
+                lint.Run([self.pylint_options, pythonpatch.path], reporter=reporter, exit=False)
+                for line in pylint_output.readlines():
+                    if not '*' in line:
+                        if line.strip():
+                            self.pylint_pretest[line.strip().split(' ',1)[0]] = line.strip().split(' ',1)[1]
+
+    def test_pylint(self):
+        for pythonpatch in self.pythonpatches:
+            # a condition checking whether a file is renamed or not
+            # unidiff doesn't support this yet
+            if pythonpatch.target_file is not pythonpatch.path:
+                path = pythonpatch.target_file[2:]
+            else:
+                path = pythonpatch.path
+            pylint_output = StringIO()
+            reporter = TextReporter(pylint_output)
+            lint.Run([self.pylint_options, pythonpatch.path], reporter=reporter, exit=False)
+            for line in pylint_output.readlines():
+                    if not '*' in line:
+                        if line.strip():
+                            self.pylint_test[line.strip().split(' ',1)[0]] = line.strip().split(' ',1)[1]
+
+        for issue in self.pylint_test:
+             if self.pylint_test[issue] not in self.pylint_pretest.values():
+                 self.fail('Errors in your Python code were encountered. Please check your code with a linter and resubmit',
+                           data=[('Output', 'Please, fix the listed issues:'), ('', issue + ' ' + self.pylint_test[issue])])