* [PATCH] Reproducible builds of xen.gz
@ 2016-08-09 14:56 Trammell Hudson
2016-08-09 15:06 ` Jan Beulich
0 siblings, 1 reply; 2+ messages in thread
From: Trammell Hudson @ 2016-08-09 14:56 UTC (permalink / raw)
To: xen-devel
The mkelf32 executable was using an uninitialized stack buffer for
padding after the ehdr and phdr are written to the xen file, which
leads to non-deterministic bytes in the binary and prevented Xen
hypervisors from being reproducibly built.
Additionally, the file was then compressed with gzip -9 without the
-n | --no-name flag, which lead to the xen.gz file having
non-deterministric bytes (the timestamp) in the compressed file.
Signed-off-by: Trammell Hudson <trammell.hudson@twosigma.com>
---
xen/Makefile | 2 +-
xen/arch/x86/boot/mkelf32.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/xen/Makefile b/xen/Makefile
index ee8ce8e..76b60bc 100644
--- a/xen/Makefile
+++ b/xen/Makefile
@@ -121,7 +121,7 @@ _distclean: clean
rm -f tags TAGS cscope.files cscope.in.out cscope.out cscope.po.out GTAGS GPATH GRTAGS GSYMS .config
$(TARGET).gz: $(TARGET)
- gzip -f -9 < $< > $@.new
+ gzip -n -f -9 < $< > $@.new
mv $@.new $@
$(TARGET): delete-unfresh-files
diff --git a/xen/arch/x86/boot/mkelf32.c b/xen/arch/x86/boot/mkelf32.c
index 6cfa312..e66740f 100644
--- a/xen/arch/x86/boot/mkelf32.c
+++ b/xen/arch/x86/boot/mkelf32.c
@@ -260,7 +260,7 @@ int main(int argc, char **argv)
u32 loadbase, dat_siz, mem_siz, note_base, note_sz, offset;
char *inimage, *outimage;
int infd, outfd;
- char buffer[1024];
+ char buffer[1024] = {};
int bytes, todo, i = 1;
int num_phdrs = 1;
--
2.5.0
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] Reproducible builds of xen.gz
2016-08-09 14:56 [PATCH] Reproducible builds of xen.gz Trammell Hudson
@ 2016-08-09 15:06 ` Jan Beulich
0 siblings, 0 replies; 2+ messages in thread
From: Jan Beulich @ 2016-08-09 15:06 UTC (permalink / raw)
To: Trammell Hudson; +Cc: xen-devel
>>> On 09.08.16 at 16:56, <Trammell.Hudson@twosigma.com> wrote:
> --- a/xen/arch/x86/boot/mkelf32.c
> +++ b/xen/arch/x86/boot/mkelf32.c
> @@ -260,7 +260,7 @@ int main(int argc, char **argv)
> u32 loadbase, dat_siz, mem_siz, note_base, note_sz, offset;
> char *inimage, *outimage;
> int infd, outfd;
> - char buffer[1024];
> + char buffer[1024] = {};
> int bytes, todo, i = 1;
> int num_phdrs = 1;
This is less of a change than you earlier mail had - did you
intentionally strip off the other changes?
Regardless of that,
Reviewed-by: Jan Beulich <jbeulich@suse.com>
albeit as said before I'd have preferred this to be two separate
patches.
Jan
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2016-08-09 15:06 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-08-09 14:56 [PATCH] Reproducible builds of xen.gz Trammell Hudson
2016-08-09 15:06 ` Jan Beulich
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.