[PATCH 1/1] create separate BOM for external initrd
14 views
Skip to first unread message
Felix Moessbauer
Aug 4, 2025, 9:23:07 AMAug 4
to isar-...@googlegroups.com, Felix Moessbauer, gernot....@siemens.com, cedric.h...@siemens.com
The BOM (manifest file) describes all packages installed in a rootfs.
Currently, the BOM is just generated for the images rootfs, but not for
the initrd. This is fine, as long as no separate initrd is used. Tests
on isar-cip-core have shown, that ~4-10 source packages are only
referenced by the initrd rootfs, but not by the image rootfs.
We change this by generating the BOM also for the rootfs of external
initrds. Note, that this has a significant overlap with the images
rootfs, as it also contains all essential packages. As there is
currently no way to explain in a uniform BOM which components are used
where, the merging of the BOMs is left to the user.
Signed-off-by: Felix Moessbauer <felix.mo...@siemens.com>
---
I plan so send a similar patch to the SBOM RFC series as well.
Best regards,
Felix
meta/classes/initramfs.bbclass | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/meta/classes/initramfs.bbclass b/meta/classes/initramfs.bbclass
index 3a996f78..658ef0ac 100644
--- a/meta/classes/initramfs.bbclass
+++ b/meta/classes/initramfs.bbclass
@@ -18,10 +18,14 @@ INITRAMFS_INSTALL += "${@ ("linux-image-" + d.getVar("KERNEL_NAME")) if d.getVar
# Name of the initramfs including distro&machine names
INITRAMFS_FULLNAME = "${PN}-${DISTRO}-${MACHINE}"
+# Bill-of-material
+ROOTFS_MANIFEST_DEPLOY_DIR = "${DEPLOY_DIR_IMAGE}"
+ROOTFS_PACKAGE_SUFFIX = "${INITRAMFS_FULLNAME}"
+
DEPENDS += "${INITRAMFS_INSTALL}"
ROOTFSDIR = "${INITRAMFS_ROOTFS}"
-ROOTFS_FEATURES = ""
+ROOTFS_FEATURES = "generate-manifest"
ROOTFS_PACKAGES = "initramfs-tools ${INITRAMFS_PREINSTALL} ${INITRAMFS_INSTALL}"
inherit rootfs
--
2.50.1
Currently, the BOM is just generated for the images rootfs, but not for
the initrd. This is fine, as long as no separate initrd is used. Tests
on isar-cip-core have shown, that ~4-10 source packages are only
referenced by the initrd rootfs, but not by the image rootfs.
We change this by generating the BOM also for the rootfs of external
initrds. Note, that this has a significant overlap with the images
rootfs, as it also contains all essential packages. As there is
currently no way to explain in a uniform BOM which components are used
where, the merging of the BOMs is left to the user.
Signed-off-by: Felix Moessbauer <felix.mo...@siemens.com>
---
I plan so send a similar patch to the SBOM RFC series as well.
Best regards,
Felix
meta/classes/initramfs.bbclass | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/meta/classes/initramfs.bbclass b/meta/classes/initramfs.bbclass
index 3a996f78..658ef0ac 100644
--- a/meta/classes/initramfs.bbclass
+++ b/meta/classes/initramfs.bbclass
@@ -18,10 +18,14 @@ INITRAMFS_INSTALL += "${@ ("linux-image-" + d.getVar("KERNEL_NAME")) if d.getVar
# Name of the initramfs including distro&machine names
INITRAMFS_FULLNAME = "${PN}-${DISTRO}-${MACHINE}"
+# Bill-of-material
+ROOTFS_MANIFEST_DEPLOY_DIR = "${DEPLOY_DIR_IMAGE}"
+ROOTFS_PACKAGE_SUFFIX = "${INITRAMFS_FULLNAME}"
+
DEPENDS += "${INITRAMFS_INSTALL}"
ROOTFSDIR = "${INITRAMFS_ROOTFS}"
-ROOTFS_FEATURES = ""
+ROOTFS_FEATURES = "generate-manifest"
ROOTFS_PACKAGES = "initramfs-tools ${INITRAMFS_PREINSTALL} ${INITRAMFS_INSTALL}"
inherit rootfs
--
2.50.1
MOESSBAUER, Felix
Aug 21, 2025, 8:27:54 AMAug 21
to isar-...@googlegroups.com, cedric.h...@siemens.com, Hillier, Gernot
On Mon, 2025-08-04 at 15:22 +0200, Felix Moessbauer wrote:
> The BOM (manifest file) describes all packages installed in a rootfs.
> Currently, the BOM is just generated for the images rootfs, but not
> for
> the initrd. This is fine, as long as no separate initrd is used.
> Tests
> on isar-cip-core have shown, that ~4-10 source packages are only
> referenced by the initrd rootfs, but not by the image rootfs.
>
> We change this by generating the BOM also for the rootfs of external
> initrds. Note, that this has a significant overlap with the images
> rootfs, as it also contains all essential packages. As there is
> currently no way to explain in a uniform BOM which components are
> used
> where, the merging of the BOMs is left to the user.
Hi, are there any blocking points, concerns, ...? Something I can do to
> The BOM (manifest file) describes all packages installed in a rootfs.
> Currently, the BOM is just generated for the images rootfs, but not
> for
> the initrd. This is fine, as long as no separate initrd is used.
> Tests
> on isar-cip-core have shown, that ~4-10 source packages are only
> referenced by the initrd rootfs, but not by the image rootfs.
>
> We change this by generating the BOM also for the rootfs of external
> initrds. Note, that this has a significant overlap with the images
> rootfs, as it also contains all essential packages. As there is
> currently no way to explain in a uniform BOM which components are
> used
> where, the merging of the BOMs is left to the user.
speedup the integration?
Best regards,
Felix
--
Siemens AG
Linux Expert Center
Friedrich-Ludwig-Bauer-Str. 3
85748 Garching, Germany
Baurzhan Ismagulov
Aug 27, 2025, 5:42:27 AM (11 days ago) Aug 27
to isar-...@googlegroups.com
On 2025-08-04 15:22, 'Felix Moessbauer' via isar-users wrote:
> The BOM (manifest file) describes all packages installed in a rootfs.
> Currently, the BOM is just generated for the images rootfs, but not for
> the initrd. This is fine, as long as no separate initrd is used. Tests
> on isar-cip-core have shown, that ~4-10 source packages are only
> referenced by the initrd rootfs, but not by the image rootfs.
>
> We change this by generating the BOM also for the rootfs of external
> initrds. Note, that this has a significant overlap with the images
> rootfs, as it also contains all essential packages. As there is
> currently no way to explain in a uniform BOM which components are used
> where, the merging of the BOMs is left to the user.
We are back from the vacations, thanks for your patience.
> The BOM (manifest file) describes all packages installed in a rootfs.
> Currently, the BOM is just generated for the images rootfs, but not for
> the initrd. This is fine, as long as no separate initrd is used. Tests
> on isar-cip-core have shown, that ~4-10 source packages are only
> referenced by the initrd rootfs, but not by the image rootfs.
>
> We change this by generating the BOM also for the rootfs of external
> initrds. Note, that this has a significant overlap with the images
> rootfs, as it also contains all essential packages. As there is
> currently no way to explain in a uniform BOM which components are used
> where, the merging of the BOMs is left to the user.
Applied to next (capitalizing the title), thanks.
With kind regards,
Baurzhan
Reply all
Reply to author
Forward
0 new messages