[Buildroot] [PATCH v4 06/18] reproducibility/linux: inhibit build-id

Buildroot Archive on lore.kernel.org
 help / color / mirror / Atom feed

From: "Jérôme Pouiller" <jezz@sysmic.org>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH v4 06/18] reproducibility/linux: inhibit build-id
Date: Wed, 23 Nov 2016 13:58:45 +0100	[thread overview]
Message-ID: <1479905937-17241-7-git-send-email-jezz@sysmic.org> (raw)
In-Reply-To: <1479905937-17241-1-git-send-email-jezz@sysmic.org>

Linux kernel include build path in debug sections. These sections are stripped
and do not impact build reproducibility directly. However, 'build-id'
depends on content of all sections, including debug sections. So, it
add random bytes in section .notes of kernel image[1]:

  $ readelf -Wn .../vmlinux
  Displaying notes found at file offset 0x00008000 with length 0x00000024:
    Owner                 Data size       Description
    GNU                  0x00000014       NT_GNU_BUILD_ID (unique build ID bitstring)
      Build ID: ca689e2ed3944f49474715908e2ac1bb04907fb2

In order to not depend on build path, patch kernel Makefile to disable
'build-id'.

[1] https://kernelnewbies.org/BuildId

This work was sponsored by `BA Robotic Systems'.

Signed-off-by: J?r?me Pouiller <jezz@sysmic.org>
---

Notes:
    v3:
       - Better explain why disabling build-id is necessary (in fact, it not
         necessary if build paths are preserved between builds)

 linux/linux.mk | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/linux/linux.mk b/linux/linux.mk
index 7e826cc..a63d1f3 100644
--- a/linux/linux.mk
+++ b/linux/linux.mk
@@ -209,6 +209,13 @@ define LINUX_TRY_PATCH_TIMECONST
 endef
 LINUX_POST_PATCH_HOOKS += LINUX_TRY_PATCH_TIMECONST
 
+ifeq ($(BR2_REPRODUCIBLE),y)
+define LINUX_REMOVE_BUILD_ID
+	sed -i -e s/--build-id/--build-id=none/ $(@D)/Makefile
+endef
+LINUX_POST_PATCH_HOOKS += LINUX_REMOVE_BUILD_ID
+endif
+
 ifeq ($(BR2_LINUX_KERNEL_USE_DEFCONFIG),y)
 LINUX_KCONFIG_DEFCONFIG = $(call qstrip,$(BR2_LINUX_KERNEL_DEFCONFIG))_defconfig
 else ifeq ($(BR2_LINUX_KERNEL_USE_ARCH_DEFAULT_CONFIG),y)
-- 
1.9.1

next prev parent reply	other threads:[~2016-11-23 12:58 UTC|newest]

Thread overview: 33+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-11-23 12:58 [Buildroot] [PATCH v4 00/18] Reproducible builds Jérôme Pouiller
2016-11-23 12:58 ` [Buildroot] [PATCH v4 01/18] reproducibility: generate SOURCE_DATE_EPOCH Jérôme Pouiller
2016-11-23 21:49   ` Thomas Petazzoni
2016-11-23 12:58 ` [Buildroot] [PATCH v4 02/18] reproducible: fix DATE/TIME macros in toolchain-wrapper Jérôme Pouiller
2016-11-23 12:58 ` [Buildroot] [PATCH v4 03/18] reproducible: add '-n' to gzip invocations Jérôme Pouiller
2016-11-23 21:49   ` Thomas Petazzoni
2016-11-23 12:58 ` [Buildroot] [PATCH v4 04/18] fs/tar: make results reproducible Jérôme Pouiller
2016-11-23 21:56   ` Thomas Petazzoni
2016-11-23 12:58 ` [Buildroot] [PATCH v4 05/18] reproducibility/linux: override build timestamp Jérôme Pouiller
2016-11-23 21:56   ` Thomas Petazzoni
2016-11-23 12:58 ` Jérôme Pouiller [this message]
2016-11-23 12:58 ` [Buildroot] [PATCH v4 07/18] reproducibility/busybox: disable build timestamps Jérôme Pouiller
2016-11-23 21:57   ` Thomas Petazzoni
2016-11-23 12:58 ` [Buildroot] [PATCH v4 08/18] reproducible: lock modification times in $TARGET_DIR Jérôme Pouiller
2016-11-23 21:59   ` Thomas Petazzoni
2016-11-23 12:58 ` [Buildroot] [PATCH v4 09/18] fakedate: new package Jérôme Pouiller
2016-11-23 12:58 ` [Buildroot] [PATCH v4 10/18] core: do not reset DEPENDENCIES_HOST_PREREQ in dependencies.mk Jérôme Pouiller
2016-11-23 12:58 ` [Buildroot] [PATCH v4 11/18] reproducible: enable fakedate Jérôme Pouiller
2016-11-23 12:58 ` [Buildroot] [PATCH v4 12/18] pycompile: allow to force compilation Jérôme Pouiller
2016-11-23 22:03   ` Thomas Petazzoni
2016-11-23 12:58 ` [Buildroot] [PATCH v4 13/18] python2: generate reproducible .pyc Jérôme Pouiller
2016-11-23 22:05   ` Thomas Petazzoni
2016-11-24 19:06     ` Arnout Vandecappelle
2016-11-26 16:00       ` Jérôme Pouiller
2016-11-23 12:58 ` [Buildroot] [PATCH v4 14/18] python3: " Jérôme Pouiller
2016-11-23 22:09   ` Thomas Petazzoni
2016-11-26 16:20     ` Jérôme Pouiller
2016-11-23 12:58 ` [Buildroot] [PATCH v4 15/18] python2: remove full path from .pyc Jérôme Pouiller
2016-11-23 12:58 ` [Buildroot] [PATCH v4 16/18] python3: " Jérôme Pouiller
2016-11-23 12:58 ` [Buildroot] [PATCH v4 17/18] reproducible: improve help text Jérôme Pouiller
2016-11-23 22:09   ` Thomas Petazzoni
2016-11-23 12:58 ` [Buildroot] [PATCH v4 18/18] reproducible: fix coding style Jérôme Pouiller
2016-11-23 22:10   ` Thomas Petazzoni

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:7e826cc dfblob:a63d1f3 )
 OR (
bs:"[Buildroot] [PATCH v4 06/18] reproducibility/linux: inhibit build-id" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1479905937-17241-7-git-send-email-jezz@sysmic.org \
    --to=jezz@sysmic.org \
    --cc=buildroot@busybox.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox