[whinlatter,18/18] populate_sdk_ext: keep SDK_TARGETS so SPDX/SBOM tasks remain in locked sigs

From: Jayasurya Maganuru <Maganuru.Jayasurya@windriver.com>

Fixes [YOCTO #15853]

The filtering in populate_sdk_ext.bbclass was removing all image targets from
the locked signatures, including the main SDK images (SDK_TARGETS). As a
result, their tasks including the image SPDX/SBOM tasks were not added to
locked-sigs.inc.

Without these entries, the eSDK lacked the necessary sstate, and the installer
attempted to run the missing tasks during installation, leading to unexpected
task execution errors.

This patch keeps SDK_TARGETS (and their multilib variants) in the locked
signatures so their SPDX/SBOM tasks are included. With those tasks in the
sstate cache, the eSDK installs cleanly without needing to re-run anything.

Signed-off-by: Jayasurya Maganuru <Maganuru.Jayasurya@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 920c5de570ec575a9eaccb105461394d9fa0f1db)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/classes-recipe/populate_sdk_ext.bbclass | 9 +++++++++
 1 file changed, 9 insertions(+)

On 2025-12-21 4:37 p.m., Steve Sakoman via lists.openembedded.org wrote:
> From: Jayasurya Maganuru<Maganuru.Jayasurya@windriver.com>
>
> Fixes [YOCTO #15853]

Steve, Yoann, and others,

This commit as well as 17/18 made it into whinlatter before master.
Was that intentional ?

❯ git log   --oneline origin/whinlatter  ^master 
meta/classes-recipe/populate_sdk_ext.bbclass
9964fa3da2 (origin/whinlatter) populate_sdk_ext: keep SDK_TARGETS so 
SPDX/SBOM tasks remain in locked sigs

❯ git log   --oneline origin/whinlatter  ^master
9964fa3da2 (origin/whinlatter) populate_sdk_ext: keep SDK_TARGETS so 
SPDX/SBOM tasks remain in locked sigs
3f57280caa create-spdx-image-3.0: Image SPDX/SBOM tasks are retained for 
eSDK installation
7f02b3f811 cve-update: Avoid NFS caching issues

The patches has been sitting in master-next for a while since people
have some concerns about them, IIRC.

What do we do now, revert ?


Apologies for missing the review deadline.
Maybe next year, there should be a longer merge freeze around Xmas time
so that there's sufficient review.

../Randy



> The filtering in populate_sdk_ext.bbclass was removing all image targets from
> the locked signatures, including the main SDK images (SDK_TARGETS). As a
> result, their tasks including the image SPDX/SBOM tasks were not added to
> locked-sigs.inc.
>
> Without these entries, the eSDK lacked the necessary sstate, and the installer
> attempted to run the missing tasks during installation, leading to unexpected
> task execution errors.
>
> This patch keeps SDK_TARGETS (and their multilib variants) in the locked
> signatures so their SPDX/SBOM tasks are included. With those tasks in the
> sstate cache, the eSDK installs cleanly without needing to re-run anything.
>
> Signed-off-by: Jayasurya Maganuru<Maganuru.Jayasurya@windriver.com>
> Signed-off-by: Mathieu Dubois-Briand<mathieu.dubois-briand@bootlin.com>
> Signed-off-by: Richard Purdie<richard.purdie@linuxfoundation.org>
> (cherry picked from commit 920c5de570ec575a9eaccb105461394d9fa0f1db)
> Signed-off-by: Steve Sakoman<steve@sakoman.com>
> ---
>   meta/classes-recipe/populate_sdk_ext.bbclass | 9 +++++++++
>   1 file changed, 9 insertions(+)
>
> diff --git a/meta/classes-recipe/populate_sdk_ext.bbclass b/meta/classes-recipe/populate_sdk_ext.bbclass
> index 2859320ddf..2838ca1a03 100644
> --- a/meta/classes-recipe/populate_sdk_ext.bbclass
> +++ b/meta/classes-recipe/populate_sdk_ext.bbclass
> @@ -460,6 +460,15 @@ def prepare_locked_cache(d, baseoutpath, derivative, conf_initpath):
>   
>       # Filter the locked signatures file to just the sstate tasks we are interested in
>       excluded_targets = get_sdk_install_targets(d, images_only=True)
> +    sdk_targets = d.getVar('SDK_TARGETS')
> +    ext_sdk_target_set = set(multilib_pkg_extend(d, sdk_targets).split())
> +    excluded_set = set(excluded_targets.split())
> +
> +    # Ensure SDK_TARGETS and their image SPDX/SBOM tasks are included in the locked signatures,
> +    # as they are required during eSDK installation.
> +    filtered_excluded_set = excluded_set - ext_sdk_target_set
> +    excluded_targets = ' '.join(filtered_excluded_set)
> +
>       sigfile = d.getVar('WORKDIR') + '/locked-sigs.inc'
>       lockedsigs_pruned = baseoutpath + '/conf/locked-sigs.inc'
>       #nativesdk-only sigfile to merge into locked-sigs.inc
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#228276):https://lists.openembedded.org/g/openembedded-core/message/228276
> Mute This Topic:https://lists.openembedded.org/mt/116893601/3616765
> Group Owner:openembedded-core+owner@lists.openembedded.org
> Unsubscribe:https://lists.openembedded.org/g/openembedded-core/unsub [randy.macleod@windriver.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>

Sigh, this was my mistake.

I saw they were in master-next and moved them into whinlatter-nut for
testing and then forgot to check to see if they merged before I sent
them out for review.

We should revert them before the whinlatter release build.

Time to retire, I'm making mistakes :-(

Steve

On Tue, Jan 6, 2026 at 1:30 PM Randy MacLeod via
lists.openembedded.org
<randy.macleod=windriver.com@lists.openembedded.org> wrote:
>
> On 2025-12-21 4:37 p.m., Steve Sakoman via lists.openembedded.org wrote:
>
> From: Jayasurya Maganuru <Maganuru.Jayasurya@windriver.com>
>
> Fixes [YOCTO #15853]
>
> Steve, Yoann, and others,
>
> This commit as well as 17/18 made it into whinlatter before master.
> Was that intentional ?
>
> ❯ git log   --oneline origin/whinlatter  ^master meta/classes-recipe/populate_sdk_ext.bbclass
> 9964fa3da2 (origin/whinlatter) populate_sdk_ext: keep SDK_TARGETS so SPDX/SBOM tasks remain in locked sigs
>
> ❯ git log   --oneline origin/whinlatter  ^master
> 9964fa3da2 (origin/whinlatter) populate_sdk_ext: keep SDK_TARGETS so SPDX/SBOM tasks remain in locked sigs
> 3f57280caa create-spdx-image-3.0: Image SPDX/SBOM tasks are retained for eSDK installation
> 7f02b3f811 cve-update: Avoid NFS caching issues
>
> The patches has been sitting in master-next for a while since people
> have some concerns about them, IIRC.
>
> What do we do now, revert ?
>
>
> Apologies for missing the review deadline.
> Maybe next year, there should be a longer merge freeze around Xmas time
> so that there's sufficient review.
>
> ../Randy
>
>
>
> The filtering in populate_sdk_ext.bbclass was removing all image targets from
> the locked signatures, including the main SDK images (SDK_TARGETS). As a
> result, their tasks including the image SPDX/SBOM tasks were not added to
> locked-sigs.inc.
>
> Without these entries, the eSDK lacked the necessary sstate, and the installer
> attempted to run the missing tasks during installation, leading to unexpected
> task execution errors.
>
> This patch keeps SDK_TARGETS (and their multilib variants) in the locked
> signatures so their SPDX/SBOM tasks are included. With those tasks in the
> sstate cache, the eSDK installs cleanly without needing to re-run anything.
>
> Signed-off-by: Jayasurya Maganuru <Maganuru.Jayasurya@windriver.com>
> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
> (cherry picked from commit 920c5de570ec575a9eaccb105461394d9fa0f1db)
> Signed-off-by: Steve Sakoman <steve@sakoman.com>
> ---
>  meta/classes-recipe/populate_sdk_ext.bbclass | 9 +++++++++
>  1 file changed, 9 insertions(+)
>
> diff --git a/meta/classes-recipe/populate_sdk_ext.bbclass b/meta/classes-recipe/populate_sdk_ext.bbclass
> index 2859320ddf..2838ca1a03 100644
> --- a/meta/classes-recipe/populate_sdk_ext.bbclass
> +++ b/meta/classes-recipe/populate_sdk_ext.bbclass
> @@ -460,6 +460,15 @@ def prepare_locked_cache(d, baseoutpath, derivative, conf_initpath):
>
>      # Filter the locked signatures file to just the sstate tasks we are interested in
>      excluded_targets = get_sdk_install_targets(d, images_only=True)
> +    sdk_targets = d.getVar('SDK_TARGETS')
> +    ext_sdk_target_set = set(multilib_pkg_extend(d, sdk_targets).split())
> +    excluded_set = set(excluded_targets.split())
> +
> +    # Ensure SDK_TARGETS and their image SPDX/SBOM tasks are included in the locked signatures,
> +    # as they are required during eSDK installation.
> +    filtered_excluded_set = excluded_set - ext_sdk_target_set
> +    excluded_targets = ' '.join(filtered_excluded_set)
> +
>      sigfile = d.getVar('WORKDIR') + '/locked-sigs.inc'
>      lockedsigs_pruned = baseoutpath + '/conf/locked-sigs.inc'
>      #nativesdk-only sigfile to merge into locked-sigs.inc
>
>
>
>
> --
> # Randy MacLeod
> # Wind River Linux
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#228933): https://lists.openembedded.org/g/openembedded-core/message/228933
> Mute This Topic: https://lists.openembedded.org/mt/116893601/3620601
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [steve@sakoman.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>

Le mar. 6 janv. 2026 à 23:37, Steve Sakoman <steve@sakoman.com> a écrit :

> Sigh, this was my mistake.
>
> I saw they were in master-next and moved them into whinlatter-nut for
> testing and then forgot to check to see if they merged before I sent
> them out for review.
>
> We should revert them before the whinlatter release build.
>

I'll handle this. There will be one last patch review series before
the 5.3.1 release build.
I will add the reverts to the list.


> Time to retire, I'm making mistakes :-(
>

That's fine, we got this :)


> Steve
>
> On Tue, Jan 6, 2026 at 1:30 PM Randy MacLeod via
> lists.openembedded.org
> <randy.macleod=windriver.com@lists.openembedded.org> wrote:
> >
> > On 2025-12-21 4:37 p.m., Steve Sakoman via lists.openembedded.org wrote:
> >
> > From: Jayasurya Maganuru <Maganuru.Jayasurya@windriver.com>
> >
> > Fixes [YOCTO #15853]
> >
> > Steve, Yoann, and others,
> >
> > This commit as well as 17/18 made it into whinlatter before master.
>

Nice catch, Randy!


> > Was that intentional ?
> >
> > ❯ git log   --oneline origin/whinlatter  ^master
> meta/classes-recipe/populate_sdk_ext.bbclass
> > 9964fa3da2 (origin/whinlatter) populate_sdk_ext: keep SDK_TARGETS so
> SPDX/SBOM tasks remain in locked sigs
> >
> > ❯ git log   --oneline origin/whinlatter  ^master
> > 9964fa3da2 (origin/whinlatter) populate_sdk_ext: keep SDK_TARGETS so
> SPDX/SBOM tasks remain in locked sigs
> > 3f57280caa create-spdx-image-3.0: Image SPDX/SBOM tasks are retained for
> eSDK installation
> > 7f02b3f811 cve-update: Avoid NFS caching issues
> >
> > The patches has been sitting in master-next for a while since people
> > have some concerns about them, IIRC.
> >
> > What do we do now, revert ?
> >
> >
> > Apologies for missing the review deadline.
> > Maybe next year, there should be a longer merge freeze around Xmas time
> > so that there's sufficient review.
> >
> > ../Randy
> >
> >
> >
> > The filtering in populate_sdk_ext.bbclass was removing all image targets
> from
> > the locked signatures, including the main SDK images (SDK_TARGETS). As a
> > result, their tasks including the image SPDX/SBOM tasks were not added to
> > locked-sigs.inc.
> >
> > Without these entries, the eSDK lacked the necessary sstate, and the
> installer
> > attempted to run the missing tasks during installation, leading to
> unexpected
> > task execution errors.
> >
> > This patch keeps SDK_TARGETS (and their multilib variants) in the locked
> > signatures so their SPDX/SBOM tasks are included. With those tasks in the
> > sstate cache, the eSDK installs cleanly without needing to re-run
> anything.
> >
> > Signed-off-by: Jayasurya Maganuru <Maganuru.Jayasurya@windriver.com>
> > Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
> > Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
> > (cherry picked from commit 920c5de570ec575a9eaccb105461394d9fa0f1db)
> > Signed-off-by: Steve Sakoman <steve@sakoman.com>
> > ---
> >  meta/classes-recipe/populate_sdk_ext.bbclass | 9 +++++++++
> >  1 file changed, 9 insertions(+)
> >
> > diff --git a/meta/classes-recipe/populate_sdk_ext.bbclass
> b/meta/classes-recipe/populate_sdk_ext.bbclass
> > index 2859320ddf..2838ca1a03 100644
> > --- a/meta/classes-recipe/populate_sdk_ext.bbclass
> > +++ b/meta/classes-recipe/populate_sdk_ext.bbclass
> > @@ -460,6 +460,15 @@ def prepare_locked_cache(d, baseoutpath,
> derivative, conf_initpath):
> >
> >      # Filter the locked signatures file to just the sstate tasks we are
> interested in
> >      excluded_targets = get_sdk_install_targets(d, images_only=True)
> > +    sdk_targets = d.getVar('SDK_TARGETS')
> > +    ext_sdk_target_set = set(multilib_pkg_extend(d,
> sdk_targets).split())
> > +    excluded_set = set(excluded_targets.split())
> > +
> > +    # Ensure SDK_TARGETS and their image SPDX/SBOM tasks are included
> in the locked signatures,
> > +    # as they are required during eSDK installation.
> > +    filtered_excluded_set = excluded_set - ext_sdk_target_set
> > +    excluded_targets = ' '.join(filtered_excluded_set)
> > +
> >      sigfile = d.getVar('WORKDIR') + '/locked-sigs.inc'
> >      lockedsigs_pruned = baseoutpath + '/conf/locked-sigs.inc'
> >      #nativesdk-only sigfile to merge into locked-sigs.inc
> >
> >
> >
> >
> > --
> > # Randy MacLeod
> > # Wind River Linux
> >
> >
> > -=-=-=-=-=-=-=-=-=-=-=-
> > Links: You receive all messages sent to this group.
> > View/Reply Online (#228933):
> https://lists.openembedded.org/g/openembedded-core/message/228933
> > Mute This Topic: https://lists.openembedded.org/mt/116893601/3620601
> > Group Owner: openembedded-core+owner@lists.openembedded.org
> > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [
> steve@sakoman.com]
> > -=-=-=-=-=-=-=-=-=-=-=-
> >
>