Commit e4b4bfaa5090 for kernel

commit e4b4bfaa5090760925b98848aa3e0fc10b3c574f
Merge: 8a500fd09385 880bae5f1269
Author: Linus Torvalds <torvalds@linux-foundation.org>
Date:   Mon Jun 22 12:06:22 2026 -0700

    Merge tag 'spdx-7.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/spdx

    Pull SPDX updates from Greg KH:
     "Here is a "big" set of SPDX-like patches for 7.2-rc1. It is the
      addition of the ability for the kernel build process to generate a
      Software Bill of Materials (SBOM) in the SPDX format, that matches up
      exactly with just the files that are actually built for the specific
      kernel image generated.

      To generate a sbom, after the kernel has been built, just do:
            make sbom
      and marvel at the JSON file that is generated...

      This is needed by users for environments in which a SBOM is required
      (medical, automotive, anything shipped in the EU, etc.) and cuts down
      by a massive size the "naive" SBOM solution that many vendors have
      done by just including _all_ of the kernel files in the resulting
      document.

      This result is still a giant JSON file, that I am told parses
      properly, so we just have to trust that it is properly inclusive as
      attempting to parse that thing by hand is impossible.

      The scripts here are self-contained python scripts, no additional
      libraries or tools to create the SBOM are needed, which is important
      for many build systems. Overall it's just a bit over 4000 lines of
      "simple" python code, the most complex part is the regex matching
      lines, but those are nothing compared to what we maintain in
      scripts/checkpatch.pl today...

      The various parts where the tool touches the kbuild subsystem have
      been acked by the kbuild maintainer, so all should be good here.

      All of these patches have been in linux-next for weeks with no
      reported problems"

    * tag 'spdx-7.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/spdx:
      scripts/sbom: add unit tests for SPDX-License-Identifier parsing
      scripts/sbom: add unit tests for command parsers
      scripts/sbom: add SPDX build graph
      scripts/sbom: add SPDX source graph
      scripts/sbom: add SPDX output graph
      scripts/sbom: collect file metadata
      scripts/sbom: add shared SPDX elements
      scripts/sbom: add JSON-LD serialization
      scripts/sbom: add SPDX classes
      scripts/sbom: add additional dependency sources for cmd graph
      scripts/sbom: add cmd graph generation
      scripts/sbom: add command parsers
      scripts/sbom: setup sbom logging
      scripts/sbom: integrate script in make process
      scripts/sbom: add documentation

diff --cc Makefile
index d3e161ab8360,e02d2a614c53..e3c24951d41b
--- a/Makefile
+++ b/Makefile
@@@ -1718,10 -1690,9 +1718,10 @@@ endif # CONFIG_MODULE
  CLEAN_FILES += vmlinux.symvers modules-only.symvers \
  	       modules.builtin modules.builtin.modinfo modules.nsdeps \
  	       modules.builtin.ranges vmlinux.o.map vmlinux.unstripped \
 +	       vmlinux.thinlto-index builtin.order \
  	       compile_commands.json rust/test \
  	       rust-project.json .vmlinux.objs .vmlinux.export.c \
-                .builtin-dtbs-list .builtin-dtbs.S
+ 	       .builtin-dtbs-list .builtin-dtbs.S sbom-*.spdx.json

  # Directories & files removed with 'make mrproper'
  MRPROPER_FILES += include/config include/generated          \