mailarchive of the ptxdist mailing list
 help / color / mirror / Atom feed
From: "Baeuerle, Florian" <Florian.Baeuerle@allegion.com>
To: "ptxdist@pengutronix.de" <ptxdist@pengutronix.de>
Subject: Re: [ptxdist] [PATCH 2/3] barebox: add option for building barebox reproducibly
Date: Fri, 12 Oct 2018 07:59:32 +0000	[thread overview]
Message-ID: <dd606fb3f1f868a043a8b9d65ae506aa7d0d64c0.camel@allegion.com> (raw)
In-Reply-To: <20181011141855.6476-2-florian.baeuerle@allegion.com>

I tested this for phycore-am335x and phycard-imx27 bootloaders. I get the same
binaries from different machines, but I think anyone using that feature should
first test it before putting any trust into it.

This is a quick implementation that I primarily need for my RAUC bundles (for
not overwriting unchanged bootloaders).

I think this could me implemented as a ptxdist- or platform option that would
theoretically allow building every package reproducibly.

Some packages need special treatment of course, but that could be done with:

ifdef PTXDIST_REPRODUCIBLE
PKG_ENV := $(PKG_ENV) SOME_OTHER_VAR=1
endif

or a new variable:

PKG_REPRODUCIBLE_ENV := ...

Any thoughts or ideas on this?


-Florian

Am Donnerstag, den 11.10.2018, 14:19 +0000 schrieb Baeuerle, Florian:
> Inject fake timestamps into the build via faketime to produce the exact
> same binaries.
> 
> Signed-off-by: Florian Bäuerle <florian.baeuerle@allegion.com>
> ---
>  platforms/barebox.in | 10 ++++++++++
>  rules/barebox.make   | 16 +++++++++++++++-
>  2 files changed, 25 insertions(+), 1 deletion(-)
> 
> diff --git a/platforms/barebox.in b/platforms/barebox.in
> index 645366e93..5bc2f08b6 100644
> --- a/platforms/barebox.in
> +++ b/platforms/barebox.in
> @@ -13,6 +13,7 @@ menuconfig BAREBOX
>  	select HOST_OPENSSL if BAREBOX_NEEDS_HOST_OPENSSL
>  	select HOST_IMX_CST if BAREBOX_NEEDS_HOST_IMX_CST
>  	select HOST_LZOP if BAREBOX_NEEDS_HOST_LZOP
> +	select HOST_FAKETIME if BAREBOX_REPRODUCIBLE
>  	prompt "barebox                       "
>  	bool
>  	help
> @@ -50,6 +51,15 @@ config BAREBOX_EXTRA_ENV_PATH
>  	  Directories and files to add to the builtin barebox environment.
>  	  Relative paths must be relative to the platformconfigdir.
>  
> +config BAREBOX_REPRODUCIBLE
> +	prompt "build reproducibly"
> +	bool
> +	default n
> +	help
> +	  With this, fake timestamps are injected to the barebox build, so the
> +	  resulting barebox images are identical when the sources haven't been
> +	  changed.
> +
>  config BAREBOX_BAREBOXENV
>  	prompt "install 'bareboxenv'"
>  	bool
> diff --git a/rules/barebox.make b/rules/barebox.make
> index a6ec3c394..ad160b3ba 100644
> --- a/rules/barebox.make
> +++ b/rules/barebox.make
> @@ -45,6 +45,20 @@ BAREBOX_ENV := \
>  	KCONFIG_NOTIMESTAMP=1 \
>  	pkg_wrapper_blacklist="$(BAREBOX_WRAPPER_BLACKLIST)"
>  
> +ifdef PTXCONF_BAREBOX_REPRODUCIBLE
> +BAREBOX_FAKE_TIMESTAMP := \
> +	$(shell echo $(BAREBOX_VERSION) | \
> +		sed -E "s/([0-9]{4})\.([0-9]{1,2}).*/\1-\2-01 00:00:00/")
> +BAREBOX_FAKETIME := faketime -f "$(BAREBOX_FAKE_TIMESTAMP)"
> +BAREBOX_ENV := $(BAREBOX_ENV) \
> +	KBUILD_BUILD_TIMESTAMP="$(BAREBOX_FAKE_TIMESTAMP)" \
> +	KBUILD_BUILD_VERSION="0" \
> +	KBUILD_BUILD_USER="ptxdist" \
> +	KBUILD_BUILD_HOST="ptxdist"
> +else
> +BAREBOX_FAKETIME :=
> +endif
> +
>  BAREBOX_MAKEVARS := \
>  	V=$(PTXDIST_VERBOSE) \
>  	HOSTCC=$(HOSTCC) \
> @@ -113,7 +127,7 @@ ifdef PTXCONF_BAREBOX_EXTRA_ENV
>  endif
>  
>  	@+cd $(BAREBOX_DIR) && $(BAREBOX_PATH) $(BAREBOX_ENV) \
> -		$(MAKE) $(BAREBOX_MAKEVARS)
> +		$(BAREBOX_FAKETIME) $(MAKE) $(BAREBOX_MAKEVARS)
>  	@$(call touch)
>  
>  # -------------------------------------------------------------------------
> ---
> -- 
> 2.19.0
> 
> _______________________________________________
> ptxdist mailing list
> ptxdist@pengutronix.de
_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de

  reply	other threads:[~2018-10-12  7:59 UTC|newest]

Thread overview: 34+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-10-11 14:19 [ptxdist] [PATCH 1/3] host-faketime: new package Baeuerle, Florian
2018-10-11 14:19 ` [ptxdist] [PATCH 2/3] barebox: add option for building barebox reproducibly Baeuerle, Florian
2018-10-12  7:59   ` Baeuerle, Florian [this message]
2018-10-12 12:01   ` Michael Olbrich
2018-10-12 12:21     ` Baeuerle, Florian
2018-10-24  8:19       ` Michael Olbrich
2018-10-26 13:46         ` [ptxdist] [PATCH 0/2] Barebox reproducible build + ptxdist setup configuration Baeuerle, Florian
2018-10-26 13:46           ` [ptxdist] [PATCH 1/4] config/setup: make reproducible builds configurable Baeuerle, Florian
2018-10-26 13:46           ` [ptxdist] [PATCH 2/4] barebox: depend on HOST_LZOP Baeuerle, Florian
2018-10-26 13:46           ` [ptxdist] [PATCH 3/4] lzop: add patch that allows overriding mtime Baeuerle, Florian
2018-10-26 13:46           ` [ptxdist] [PATCH 4/4] barebox: add support for reproducible build Baeuerle, Florian
2018-10-12 12:28     ` [ptxdist] [PATCH 2/3] barebox: add option for building barebox reproducibly Baeuerle, Florian
2018-10-16  8:59       ` Michael Olbrich
2018-10-16 11:06         ` Baeuerle, Florian
2018-10-16 12:51           ` Michael Olbrich
2018-10-16 14:11             ` Baeuerle, Florian
2018-10-16 19:06               ` Michael Olbrich
2018-10-16 10:09   ` Michael Olbrich
2018-10-16 10:57     ` Baeuerle, Florian
2018-10-16 12:38       ` Michael Olbrich
2018-10-16 14:27         ` Baeuerle, Florian
2018-10-16 19:20           ` Michael Olbrich
2018-10-16 17:15       ` Alexander Dahl
2018-10-16 19:13         ` Michael Olbrich
2018-10-11 14:19 ` [ptxdist] [PATCH 3/3] barebox_mlo: add option for building barebox_mlo reproducibly Baeuerle, Florian
2018-10-11 14:43 ` [ptxdist] [PATCH 1/3] host-faketime: new package Roland Hieber
2018-10-11 21:30   ` Jon Ringle
2018-10-16  7:33     ` Baeuerle, Florian
2018-10-16  8:47       ` Michael Olbrich
2018-10-12  7:47   ` Baeuerle, Florian
2018-10-16  8:51     ` Michael Olbrich
2018-10-16 11:34       ` Alexander Dahl
2018-10-16 12:30         ` Michael Olbrich
2018-10-16  8:53 ` Michael Olbrich

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=dd606fb3f1f868a043a8b9d65ae506aa7d0d64c0.camel@allegion.com \
    --to=florian.baeuerle@allegion.com \
    --cc=ptxdist@pengutronix.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox