From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 7163187300010033152 X-Received: by 2002:ac2:4bc9:0:b0:4aa:66d3:c717 with SMTP id o9-20020ac24bc9000000b004aa66d3c717mr19477630lfq.73.1667811223815; Mon, 07 Nov 2022 00:53:43 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a2e:9613:0:b0:277:2e6e:e039 with SMTP id v19-20020a2e9613000000b002772e6ee039ls2152352ljh.9.-pod-prod-gmail; Mon, 07 Nov 2022 00:53:42 -0800 (PST) X-Google-Smtp-Source: AMsMyM4kQ59IzHhxA2BTzHK/mgtE8vtazFPXJ9fNFa3dSQi+zK83bN3gFvq6x0SWPTu3k+zxed2N X-Received: by 2002:a2e:546:0:b0:26f:ab25:8a77 with SMTP id 67-20020a2e0546000000b0026fab258a77mr4993102ljf.93.1667811222575; Mon, 07 Nov 2022 00:53:42 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1667811222; cv=pass; d=google.com; s=arc-20160816; b=uYJax46cAAaxTG8wt60KqpL8iN/sXZiXihZaxfVJ5AH8bA6AiuO4kNMwQf9i0TeHZN LrVtGUHNjq+exBRMF2eKjTkj5O55x2GyI6acLFIuhD/AmMvIsGtxx5O9PkzX+YB0VXK6 jO8p5AHE85QJ4boMVGqwORK7bM9IhE01O/ueEugE69/xghV8trgbGMLUQ93vO+RfgV+V TIt3CHJqT4ImTmres47dS6WifERs/tJ3yfF+YsT6Yg52/MbXGoN8j94jJjEr+64A4CoJ NSG9WZLHEwes93DEIIlM03OWjpxOAqQqSeMdxYEvFapfcDi6Pf8kB7QXDycJW6Fn51M2 0HfA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=mime-version:content-transfer-encoding:references:in-reply-to :message-id:subject:cc:to:from:date:dkim-signature; bh=4gatRhPsEa45P+g6Zj4ehDM+UIK1XOBqlbpwq3AoYWI=; b=QIYcLwn1K61Kpoemf1f2sMg69tj8h1+ON+hT9Hv3B3fnuOWJon1x0PdSnSHxF+/L4r vRfA8NbQepH4HKkXEUyrp468qhWAg5Sqa4rcWbqrn832U3U/QOo8loRLlsuSAN/PFQiB Km4QYJVVSlxPuQOgrQ34gOQYUeqIfT4DHxJOvUllUbLLmHj5fRLOS2alwAeHMEbgJolr rmUvhYgcs9bxH4T5soc2SLqiaEySJl038zkeD4lcy2Kv6EaIf7PNRk9oxnkoAZKwzhxn g5qGwX+EjyRU8JJVWO7hBnT7TJykXXkWBn6bItoFkwyRtp+og6LSmR9NDHlyFpOxVCGS AwHg== ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=W53essRu; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of henning.schild@siemens.com designates 40.107.20.87 as permitted sender) smtp.mailfrom=henning.schild@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com Return-Path: Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on2087.outbound.protection.outlook.com. [40.107.20.87]) by gmr-mx.google.com with ESMTPS id m16-20020a056512359000b0049c8ac119casi199040lfr.5.2022.11.07.00.53.42 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 07 Nov 2022 00:53:42 -0800 (PST) Received-SPF: pass (google.com: domain of henning.schild@siemens.com designates 40.107.20.87 as permitted sender) client-ip=40.107.20.87; Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=W53essRu; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of henning.schild@siemens.com designates 40.107.20.87 as permitted sender) smtp.mailfrom=henning.schild@siemens.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=LOi0gVd+Te+H6xOM1wx4mvdFEVlDYd82HKPANI7gqtLuBdENFj0vtuY/4tEYAs0vMSPE/mfFGVrNqBFjMoma50jnyQSwDV2fvktorknfueBHN120o/iOhD8LFCRWxLzpmYRdA8UzOxyx6NI0NMfDd+AZ3/5bTMoHXrcMIX+lJPantdaDF8sjK4a3BRBIy9T9VfIFlkXj9chN7n+BQ/pyXOsqwIxReamS/NpK4VJUzh2P2+uVNi9T9k0s6YltF5NgLSSAXWzIDj89umATTPmZin3u4Rg1GWZH1XXc/fwh1JKSIFVROYXT1c9vTqG38/lTJ7H7KsVwId8+yPByp7JBpQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=4gatRhPsEa45P+g6Zj4ehDM+UIK1XOBqlbpwq3AoYWI=; b=TqGIPwaNNwc0XetI/uWb8l68UmL4cm65AmJtjH7GsoFzZ4AOaFdC2023Fzx3P3sV/ldh14kk40JGJc6nM2G1kfNVbsjIGWw22zEvmzb5lfro5kbAagzDmDcgki5cS3ixcnWcXHbJ8qoDjdc9W+nCxH6Lyw8ES/N6b3mpQL5TIi3DdW0iuXM7ESAyA678e32gBo5jgfX8UvWpr1oszFOZtddCRMqi7gVD+kNtGVE9BZEonPlHM1aazruf9sl7ptft2F+kLX3wrrkH7yYnhE+ueb/8AR+Msa9DQ3r8WZcBaFg2SUpKoRjea+kudC2nt/xH5vYGe7PyvV3qI3Ry/RW3xg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=4gatRhPsEa45P+g6Zj4ehDM+UIK1XOBqlbpwq3AoYWI=; b=W53essRumq+TlbMzIvraPXjUcufNDv7J3DseSqmQ/HobG3pYHsCnVcHPC4d3Sl9Tl/2+ZSqCUfVCoRXsq505P4YP/kazlfrY5+SCaZYidFUWCz2YS1SwEB+uMB8lKnXTFmTkDAFiA6FGP+kG71kEN/lhxQTP38JjPoeXd8EQJKJAgT3lOYv/NQSdjHiNnjtjlW+jOPDzjRuvOACM2w60/sj3MrvTVm0UYMjqBJkwGQHURzKEm3USwuMmj7p0y+tW5rYIloTBLlq2iUGJYgqryIz/GH+ueQXZ7hW6JNzvBa6rbPahh5hSwNJ7Kk/7vIKALx4llmxCYtZ9Gy4mWx693A== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=siemens.com; Received: from PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:102:269::8) by AS1PR10MB5652.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:20b:47b::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5791.25; Mon, 7 Nov 2022 08:53:40 +0000 Received: from PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM ([fe80::e9f4:4305:f82d:1abb]) by PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM ([fe80::e9f4:4305:f82d:1abb%3]) with mapi id 15.20.5791.026; Mon, 7 Nov 2022 08:53:40 +0000 Date: Mon, 7 Nov 2022 10:53:35 +0200 From: Henning Schild To: venkata.pyla@toshiba-tsip.com Cc: isar-users@googlegroups.com, jan.kiszka@siemens.com, kazuhiro3.hayashi@toshiba.co.jp, dinesh.kumar@toshiba-tsip.com Subject: Re: [PATCH] image.bbclass: set file timestamps inside the rootfs and initramfs image Message-ID: <20221107105335.619fa4e1@md1za8fc.ad001.siemens.net> In-Reply-To: <20221107082503.14774-1-venkata.pyla@toshiba-tsip.com> References: <20221107082503.14774-1-venkata.pyla@toshiba-tsip.com> X-Mailer: Claws Mail 4.1.0 (GTK 3.24.34; x86_64-pc-linux-gnu) Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-ClientProxiedBy: FR0P281CA0150.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:96::8) To PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:102:269::8) Return-Path: henning.schild@siemens.com MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: PA4PR10MB5780:EE_|AS1PR10MB5652:EE_ X-MS-Office365-Filtering-Correlation-Id: 0e8b3cd1-a474-4072-e62a-08dac09d910d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: XZ3C6wbx1fvteiXvh0hIwwuioz0Kry3ULWrxi1lVZuZw0TxkqKbxHB/QBZeBxFeNu7nIbsA1CvSB561Fw5WcGtnk2ADUxjhfiqVo60/zfa56tTYKoUBQ6ZuVjxMRtZlrnhjU8Qw9as47wWG4DT9951+h8Pth9BOhrJ22oGraL5HvupVixYMb1zvbiPDkKn04MjDNFbtJMCTXUpWiHpd8Wh2xgbjaUmSoaxbdG+DmJOkXBHJL9z47Mi8xBuxVjhIcOxDEoOiNUZIQ3YFqXyhq+7NLDyi05Owj/GfQ2YmIRqgY5PApQM/9r9tx1VYCT+bj05Hx90IqJI0v29aPulN0GlX4zCevXA2ni3z2/3TUq2HYDCmn02NcaaXdgcLv0Ae5apBJZ3WjPM1lZg/9vQKtG909l39UJmJwFuILdG10FPrrTieJlu7G9w4D5xl3o3xmPYRE1qhE/948dc7XJbWNRasAkSWqYUnwffHQdjJkoyvGYxqVXjqX9x1ztooHUqZlZIwVyiVlzFf5Kva8TGh52k3WlnM+BtVLSM1S+/axbP73bdqBeghEjMBX1nBN3sha0uHDWjtJgKE/lYUyuM7EDYqjKtmPG810+KdDgmpi1aIJ7xDs2Ia1kjTTLJ6CD+p+wwaW1x5vj53Y6RsltYUR8sBNUw9y/a6xeXAOJrvqG6hn5ak740AA3Uynf7nsVX1b8KCk8prC3wwyfgNF2o/rtoYJ58vFod+K6fldX4pgbuk= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230022)(4636009)(136003)(376002)(346002)(39860400002)(396003)(366004)(451199015)(1076003)(83380400001)(66899015)(186003)(966005)(38100700002)(316002)(6916009)(8936002)(41300700001)(478600001)(6486002)(2906002)(6666004)(6506007)(9686003)(26005)(6512007)(44832011)(86362001)(5660300002)(8676002)(4326008)(66476007)(66556008)(66946007)(82960400001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?dzW22WyZukAP/X3vDvy0CB2rWXv/dyuck6XANJxCLvRgERW7PE0TBS0Ts8nJ?= =?us-ascii?Q?dUv6U8+cgF6P+nGtqeY7UukFhdMeULxtAwmbEfk/VH3ysHYt9anpOcSWKhPI?= =?us-ascii?Q?exDl8DBcw4fv3duUrgYYctzoLaLjX6Gdhr3F3wET1VwxPdmVsfyTgny91foS?= =?us-ascii?Q?rgx12UkD64FgHtF8N4iiNmpIDMtpKrszMEGRcHp7gqjKdaLtXnISHXgGNwLY?= =?us-ascii?Q?X0yhEoBYwkbDXPCraCNYqcGkE7ISsDnMw4eozsd3PvLeQBs9wIOrf7B0cZML?= =?us-ascii?Q?BmRZDBv/r+G1ZeHnqL/nz8M8vGgh2Sn4cD2BnuqpqAFhEBOr/aRcyAYAy2zI?= =?us-ascii?Q?ruSHEU3e9I2Zv6q7FqandkSxh2XewUW1RTdl8axh9XBVnb92VbOn6RnbCpTX?= =?us-ascii?Q?MxaWxH9AJlVGtDivB0rq4maVNqfzWLjUAjW2dwg4YrnsRGW0JGTwjdVvWKeh?= =?us-ascii?Q?l+e3m7Bjj8lyl5NUILcFRn0ppP2zXhhPDViFBi7eKtwESvZNimtNfeoZz8/g?= =?us-ascii?Q?jj9piLBGjSbc0scuWHUOUEAcV/hSWTgiSzWcX1PsQWhotgkCJADy05ZOCKls?= =?us-ascii?Q?bKFOaPbXw1ch7iAI4/Ppyo/siMzvKmsNVtxYp6e6ZK10evIjtcm5fGwddtlb?= =?us-ascii?Q?9+EENeFQ0LkelWwxUfdOf4oJtR5BAx+WcdPDCLCF0ZDGmtTXKZsa0BHZW+2k?= =?us-ascii?Q?tpJS16lZgDF0ByLZ4BTe/39AE9jFYOfmkVekMVej6+k4el/lBrp29KgUYEc3?= =?us-ascii?Q?7ToyTdR65YJwlgaGJJ2bYsqH0MGuwhtVNAo77rirXmxJhxg3Do7nd6tRyFi7?= =?us-ascii?Q?B6k0bVpYIv+dI5zXgKUzMN3DdBXZEH4ibUz9o8fM6uxoiWNBnpYol0xbA+3y?= =?us-ascii?Q?uQngIlpmonU2h6EhpegfglF4vKfbdUqmZHBVBzXUOqfcACSBeuuIdKh0bKCx?= =?us-ascii?Q?X0kV6t3BEkYer6Ypg2OYI7VyCmHiVUY83ciQYWV/XeqJUatsxUwcMlCHsrP8?= =?us-ascii?Q?T/Z2meVd3qq+O0weGzqB/N/R4s9OtCbgjKx3W4LKsEQFVf/zM+X52R+pOMJi?= =?us-ascii?Q?x13e83mDljm/n2WPEFu1wTix3WuuFpt97MlDGlqkGrjHLfKAzbApw3vrG3++?= =?us-ascii?Q?bA2PxSgOUsZ2R+PduRo+keOJgxKTRfUPKtqbsSUTGDm3EMBUS02KerFvY6mk?= =?us-ascii?Q?To8CVvlcqjpBkSReZnmpViQBjXXOKpV4y/YPuQ2nj9d6YC8TflpMPGt4wWoG?= =?us-ascii?Q?1kztc7E3MkvUF+jiNhHAblhV8x6GRhwnvVhN6LSbr4IO+yjsYTyJBvE1ifQh?= =?us-ascii?Q?ctWOt4qQPfGxfJBum8ei00n7T/CFM3phE6t9HYjE4DSrlL466RNEC0XbnCMq?= =?us-ascii?Q?3iIRYvXjdrGy2+YEr7lyfcd19EAZKZvyJ4jCCCVHfVICc9taEQ/tmTpTGXun?= =?us-ascii?Q?dXC9/pW5eWXCGlsR0nJKK431VQXv9kcJXAjk5G82+ly84LiHVyhHAUxfLUFm?= =?us-ascii?Q?9GxLxvd7NLnvdDcuhl7zU7Y26YXlcXNQsIifMVg9tN4irq7S4AlXTNIU8YgB?= =?us-ascii?Q?uLtoT6XU9mopSxojOK4Q+Q/XpxQMBo1kjuOO8igrXm5/o4t628c/S1OPqI0R?= =?us-ascii?Q?HA=3D=3D?= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 0e8b3cd1-a474-4072-e62a-08dac09d910d X-MS-Exchange-CrossTenant-AuthSource: PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Nov 2022 08:53:40.4070 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: JEgKTMuPEgCIuULg5QiZ7lGAiVu97O0KBOlIAsorLRchw3TlqgYI8kDVZSnsXz55wibNOfftono2vqewzBS8Arnf9OSIqwXDVLIOtWzPkws= X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS1PR10MB5652 X-TUID: YZ7VUZa+AZD8 Am Mon, 7 Nov 2022 13:55:03 +0530 schrieb venkata.pyla@toshiba-tsip.com: > From: venkata pyla > > As part of reproducible-build work, one of the problem chosen to solve > is the file time stamps inside rootfs and initramfs are not identical > between two builds. > > With the help of reproducible-builds.org and their suggestions, the > above problem can be fixed using 'SOURCE_DATE_EPOCH' variable [2]. > > In case of rootfs file time-stamps, set all the files and folders that > are newer than 'SOURCE_DATE_EPOCH' and set it to same. > In case of initramfs, regenerate the initramfs image with > 'SOURCE_DATE_EPOCH' variable set as the mkinitramfs script is already > taken care of creating reproducible initramfs image when the > variable is set in the environment[3]. > > The SOURCE_DATE_EPOCH variable should be set to the last modification > of the git repository as explained in the documentation[2]. > > e.g: > SOURCE_DATE_EPOCH=$(git log -1 --pretty=%ct) > > To know more about the reproducible builds and its goals please refer > [1]. > > [1] https://reproducible-builds.org/ > [2] https://reproducible-builds.org/docs/source-date-epoch/ > [3] > https://manpages.debian.org/bullseye/initramfs-tools-core/mkinitramfs.8.en.html#ENVIRONMENT > > Signed-off-by: venkata pyla > --- > meta/classes/image.bbclass | 15 +++++++++++++++ > 1 file changed, 15 insertions(+) > > diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass > index ccff810..c1bb4fd 100644 > --- a/meta/classes/image.bbclass > +++ b/meta/classes/image.bbclass > @@ -431,6 +431,21 @@ do_rootfs_finalize() { > "${ROOTFSDIR}/etc/apt/sources.list.d/bootstrap.list" > > rm -f "${ROOTFSDIR}/etc/apt/sources-list" > + > + # Recreate initramfs inorder to set timestamps to > SOURCE_DATE_EPOCH > + # inorder to make reproducible initramfs > + test ! -z "${SOURCE_DATE_EPOCH}" && \ > + SOURCE_DATE_EPOCH=${SOURCE_DATE_EPOCH} chroot > "${ROOTFSDIR}" \ > + update-initramfs -u -v This should be done where that initial update-initramfs can be found. And not fix things up later. Not every image will have an initrd so that is wrong in multiple ways. > + > + # Set timestamp to files inside the rootfs image inorder to > make > + # reproducible rootfs > + test ! -z "${SOURCE_DATE_EPOCH}" && \ > + find ${ROOTFSDIR} -newermt \ > + "$(date -d@${SOURCE_DATE_EPOCH} '+%Y-%m-%d > %H:%M:%S')" \ > + -printf "%y %p\n" \ > + -exec touch '{}' -h -d@${SOURCE_DATE_EPOCH} ';' > + No! Which files do we care about? My guess would content of packages built with isar. We should export the variable in the dpkg class then the packages will be correct and we do not have to mess around with that rootfs and fix problems that should have never been there. I would like to ask for test cases. Ideally first a breaking test and later a commit fixing the issue. Note that deriving the time from git means one needs git. And when using layers just that one Isar git is clearly not good enough. And we will have to check how that works with sstate. I assume any new commit would rebuild all custom packages. Here i see a conflict between regular dev work and repro pedantics. We might need a way to turn that stuff off. regards, Henning > EOSUDO > } > addtask rootfs_finalize before do_rootfs after do_rootfs_postprocess