SPDX is a new format to better hint the licenses used in source code
files.
Some years ago Wind River offered access to a cloud-based tool that scans
software licenses. Since then (r263093) some files have been removed, some
architectures have disappeared and other files have been relicensed.
Still, using that audit is a good starting point for proper license tagging.
Here is the result of checking for 4 Clause BSD licenses. Some of these
files could still be relicnes by checking the sources (particularly the
NetBSD guys).