diff options
| author | Luis Augenstein <luis.augenstein@tngtech.com> | 2026-05-18 08:20:49 +0200 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2026-05-22 13:14:40 +0200 |
| commit | e72b635ceaf7e8d5ad757169d5950c43adeb5261 (patch) | |
| tree | 2485b8d673554564730f58fc74c62440244c25c2 | |
| parent | 658325c9c507ac2b8e4703afb3e6caa38474c09b (diff) | |
scripts/sbom: integrate script in make process
integrate SBOM script into the kernel build process.
Assisted-by: Cursor:claude-sonnet-4-5
Assisted-by: OpenCode:GLM-4-7
Co-developed-by: Maximilian Huber <maximilian.huber@tngtech.com>
Signed-off-by: Maximilian Huber <maximilian.huber@tngtech.com>
Signed-off-by: Luis Augenstein <luis.augenstein@tngtech.com>
Acked-by: Nathan Chancellor <nathan@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
| -rw-r--r-- | .gitignore | 1 | ||||
| -rw-r--r-- | MAINTAINERS | 6 | ||||
| -rw-r--r-- | Makefile | 20 | ||||
| -rw-r--r-- | scripts/sbom/sbom.py | 16 |
4 files changed, 41 insertions, 2 deletions
diff --git a/.gitignore b/.gitignore index 3044b9590f05..f0d35a9d591d 100644 --- a/.gitignore +++ b/.gitignore @@ -49,6 +49,7 @@ *.s *.so *.so.dbg +*.spdx.json *.su *.symtypes *.tab.[ch] diff --git a/MAINTAINERS b/MAINTAINERS index c2c6d79275c6..36dac854a21d 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -23903,6 +23903,12 @@ R: Marc Murphy <marc.murphy@sancloud.com> S: Supported F: arch/arm/boot/dts/ti/omap/am335x-sancloud* +SBOM +M: Luis Augenstein <luis.augenstein@tngtech.com> +M: Maximilian Huber <maximilian.huber@tngtech.com> +S: Maintained +F: scripts/sbom/ + SC1200 WDT DRIVER M: Zwane Mwaikambo <zwanem@gmail.com> S: Maintained @@ -787,7 +787,7 @@ endif # in addition to whatever we do anyway. # Just "make" or "make all" shall build modules as well -ifneq ($(filter all modules nsdeps compile_commands.json clang-%,$(MAKECMDGOALS)),) +ifneq ($(filter all modules nsdeps compile_commands.json clang-% sbom,$(MAKECMDGOALS)),) KBUILD_MODULES := y endif @@ -1692,7 +1692,7 @@ CLEAN_FILES += vmlinux.symvers modules-only.symvers \ modules.builtin.ranges vmlinux.o.map vmlinux.unstripped \ compile_commands.json rust/test \ rust-project.json .vmlinux.objs .vmlinux.export.c \ - .builtin-dtbs-list .builtin-dtbs.S + .builtin-dtbs-list .builtin-dtbs.S sbom-*.spdx.json # Directories & files removed with 'make mrproper' MRPROPER_FILES += include/config include/generated \ @@ -1811,6 +1811,7 @@ help: @echo '' @echo 'Tools:' @echo ' nsdeps - Generate missing symbol namespace dependencies' + @echo ' sbom - Generate Software Bill of Materials' @echo '' @echo 'Kernel selftest:' @echo ' kselftest - Build and run kernel selftest' @@ -2197,6 +2198,21 @@ nsdeps: export KBUILD_NSDEPS=1 nsdeps: modules $(Q)$(CONFIG_SHELL) $(srctree)/scripts/nsdeps +# Script to generate .spdx.json SBOM documents describing the build +# --------------------------------------------------------------------------- + +ifdef building_out_of_srctree +sbom_targets := sbom-source.spdx.json +endif +sbom_targets += sbom-build.spdx.json sbom-output.spdx.json +quiet_cmd_sbom = GEN $(sbom_targets) + cmd_sbom = printf "%s\n" "$(KBUILD_IMAGE)" >"$(tmp-target)"; \ + $(if $(CONFIG_MODULES),sed 's/\.o$$/.ko/' $(objtree)/modules.order >> "$(tmp-target)";) \ + $(PYTHON3) $(srctree)/scripts/sbom/sbom.py; +PHONY += sbom +sbom: $(notdir $(KBUILD_IMAGE)) include/generated/autoconf.h $(if $(CONFIG_MODULES),modules modules.order) + $(call cmd,sbom) + # Clang Tooling # --------------------------------------------------------------------------- diff --git a/scripts/sbom/sbom.py b/scripts/sbom/sbom.py new file mode 100644 index 000000000000..9c2e4c7f17ce --- /dev/null +++ b/scripts/sbom/sbom.py @@ -0,0 +1,16 @@ +#!/usr/bin/env python3 +# SPDX-License-Identifier: GPL-2.0-only OR MIT +# Copyright (C) 2025 TNG Technology Consulting GmbH + +""" +Compute software bill of materials in SPDX format describing a kernel build. +""" + + +def main(): + pass + + +# Call main method +if __name__ == "__main__": + main() |