From: "Jérôme Pouiller" <jezz@sysmic.org>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH v4 02/18] reproducible: fix DATE/TIME macros in toolchain-wrapper
Date: Wed, 23 Nov 2016 13:58:41 +0100 [thread overview]
Message-ID: <1479905937-17241-3-git-send-email-jezz@sysmic.org> (raw)
In-Reply-To: <1479905937-17241-1-git-send-email-jezz@sysmic.org>
The use __DATE__ and __TIME__ are one of most common sources of
non-reproducible binaries. In order to fix that, gcc begin to support
SOURCE_DATE_EPOCH variable. This patch take advantage of toolchain-wrapper
to provide support of SOURCE_DATE_EPOCH to older gcc versions.
Function get_source_date_epoch() come directly from gcc git.
This work was sponsored by `BA Robotic Systems'.
Signed-off-by: J?r?me Pouiller <jezz@sysmic.org>
---
Notes:
v3:
- Handle $SOURCE_DATE_EPOCH at runtime (Thomas)
v2:
- Overload __TIME__ and __DATE__ instead of patching gcc (Thomas)
toolchain/toolchain-wrapper.c | 74 ++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 73 insertions(+), 1 deletion(-)
diff --git a/toolchain/toolchain-wrapper.c b/toolchain/toolchain-wrapper.c
index 925d013..26d01b6 100644
--- a/toolchain/toolchain-wrapper.c
+++ b/toolchain/toolchain-wrapper.c
@@ -22,12 +22,17 @@
#include <unistd.h>
#include <stdlib.h>
#include <errno.h>
+#include <time.h>
#ifdef BR_CCACHE
static char ccache_path[PATH_MAX];
#endif
static char path[PATH_MAX];
static char sysroot[PATH_MAX];
+// strlen("-D__TIME__=\"HH:MM:SS\"") + 1 = 22
+static char source_time[22];
+// strlen("-D__DATE__=\"MMM DD YYYY\"") + 1 = 25
+static char source_date[25];
/**
* GCC errors out with certain combinations of arguments (examples are
@@ -39,8 +44,11 @@ static char sysroot[PATH_MAX];
* -mfloat-abi=
* -march=
* -mcpu=
+ * -D__TIME__=
+ * -D__DATE__=
+ * -Wno-builtin-macro-redefined
*/
-#define EXCLUSIVE_ARGS 3
+#define EXCLUSIVE_ARGS 6
static char *predef_args[] = {
#ifdef BR_CCACHE
@@ -136,6 +144,47 @@ static void check_unsafe_path(const char *arg,
}
}
+/* Read SOURCE_DATE_EPOCH from environment to have a deterministic
+ * timestamp to replace embedded current dates to get reproducible
+ * results. Returns -1 if SOURCE_DATE_EPOCH is not defined.
+ */
+time_t get_source_date_epoch()
+{
+ char *source_date_epoch;
+ long long epoch;
+ char *endptr;
+
+ source_date_epoch = getenv("SOURCE_DATE_EPOCH");
+ if (!source_date_epoch)
+ return (time_t) -1;
+
+ errno = 0;
+ epoch = strtoll (source_date_epoch, &endptr, 10);
+ if ((errno == ERANGE && (epoch == LLONG_MAX || epoch == LLONG_MIN))
+ || (errno != 0 && epoch == 0)) {
+ fprintf(stderr, "environment variable $SOURCE_DATE_EPOCH: "
+ "strtoll: %s\n", strerror(errno));
+ exit(2);
+ }
+ if (endptr == source_date_epoch) {
+ fprintf(stderr, "environment variable $SOURCE_DATE_EPOCH: "
+ "no digits were found: %s\n", endptr);
+ exit(2);
+ }
+ if (*endptr != '\0') {
+ fprintf(stderr, "environment variable $SOURCE_DATE_EPOCH: "
+ "trailing garbage: %s\n", endptr);
+ exit(2);
+ }
+ if (epoch < 0) {
+ fprintf(stderr, "environment variable $SOURCE_DATE_EPOCH: "
+ "value must be nonnegative: %lld \n", epoch);
+ exit(2);
+ }
+
+ return (time_t) epoch;
+}
+
int main(int argc, char **argv)
{
char **args, **cur, **exec_args;
@@ -146,6 +195,7 @@ int main(int argc, char **argv)
char *paranoid_wrapper;
int paranoid;
int ret, i, count = 0, debug;
+ time_t source_date_epoch;
/* Calculate the relative paths */
basename = strrchr(progpath, '/');
@@ -251,6 +301,28 @@ int main(int argc, char **argv)
}
#endif /* ARCH || CPU */
+ source_date_epoch = get_source_date_epoch();
+ if (source_date_epoch != -1) {
+ struct tm *tm = localtime(&source_date_epoch);
+ if (!tm) {
+ perror("__FILE__: localtime");
+ return 3;
+ }
+ ret = strftime(source_time, sizeof(source_time), "-D__TIME__=\"%T\"", tm);
+ if (!ret) {
+ perror("__FILE__: overflow");
+ return 3;
+ }
+ *cur++ = source_time;
+ ret = strftime(source_date, sizeof(source_date), "-D__DATE__=\"%b %e %Y\"", tm);
+ if (!ret) {
+ perror("__FILE__: overflow");
+ return 3;
+ }
+ *cur++ = source_date;
+ *cur++ = "-Wno-builtin-macro-redefined";
+ }
+
paranoid_wrapper = getenv("BR_COMPILER_PARANOID_UNSAFE_PATH");
if (paranoid_wrapper && strlen(paranoid_wrapper) > 0)
paranoid = 1;
--
1.9.1
next prev parent reply other threads:[~2016-11-23 12:58 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-11-23 12:58 [Buildroot] [PATCH v4 00/18] Reproducible builds Jérôme Pouiller
2016-11-23 12:58 ` [Buildroot] [PATCH v4 01/18] reproducibility: generate SOURCE_DATE_EPOCH Jérôme Pouiller
2016-11-23 21:49 ` Thomas Petazzoni
2016-11-23 12:58 ` Jérôme Pouiller [this message]
2016-11-23 12:58 ` [Buildroot] [PATCH v4 03/18] reproducible: add '-n' to gzip invocations Jérôme Pouiller
2016-11-23 21:49 ` Thomas Petazzoni
2016-11-23 12:58 ` [Buildroot] [PATCH v4 04/18] fs/tar: make results reproducible Jérôme Pouiller
2016-11-23 21:56 ` Thomas Petazzoni
2016-11-23 12:58 ` [Buildroot] [PATCH v4 05/18] reproducibility/linux: override build timestamp Jérôme Pouiller
2016-11-23 21:56 ` Thomas Petazzoni
2016-11-23 12:58 ` [Buildroot] [PATCH v4 06/18] reproducibility/linux: inhibit build-id Jérôme Pouiller
2016-11-23 12:58 ` [Buildroot] [PATCH v4 07/18] reproducibility/busybox: disable build timestamps Jérôme Pouiller
2016-11-23 21:57 ` Thomas Petazzoni
2016-11-23 12:58 ` [Buildroot] [PATCH v4 08/18] reproducible: lock modification times in $TARGET_DIR Jérôme Pouiller
2016-11-23 21:59 ` Thomas Petazzoni
2016-11-23 12:58 ` [Buildroot] [PATCH v4 09/18] fakedate: new package Jérôme Pouiller
2016-11-23 12:58 ` [Buildroot] [PATCH v4 10/18] core: do not reset DEPENDENCIES_HOST_PREREQ in dependencies.mk Jérôme Pouiller
2016-11-23 12:58 ` [Buildroot] [PATCH v4 11/18] reproducible: enable fakedate Jérôme Pouiller
2016-11-23 12:58 ` [Buildroot] [PATCH v4 12/18] pycompile: allow to force compilation Jérôme Pouiller
2016-11-23 22:03 ` Thomas Petazzoni
2016-11-23 12:58 ` [Buildroot] [PATCH v4 13/18] python2: generate reproducible .pyc Jérôme Pouiller
2016-11-23 22:05 ` Thomas Petazzoni
2016-11-24 19:06 ` Arnout Vandecappelle
2016-11-26 16:00 ` Jérôme Pouiller
2016-11-23 12:58 ` [Buildroot] [PATCH v4 14/18] python3: " Jérôme Pouiller
2016-11-23 22:09 ` Thomas Petazzoni
2016-11-26 16:20 ` Jérôme Pouiller
2016-11-23 12:58 ` [Buildroot] [PATCH v4 15/18] python2: remove full path from .pyc Jérôme Pouiller
2016-11-23 12:58 ` [Buildroot] [PATCH v4 16/18] python3: " Jérôme Pouiller
2016-11-23 12:58 ` [Buildroot] [PATCH v4 17/18] reproducible: improve help text Jérôme Pouiller
2016-11-23 22:09 ` Thomas Petazzoni
2016-11-23 12:58 ` [Buildroot] [PATCH v4 18/18] reproducible: fix coding style Jérôme Pouiller
2016-11-23 22:10 ` Thomas Petazzoni
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1479905937-17241-3-git-send-email-jezz@sysmic.org \
--to=jezz@sysmic.org \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox