From: Felix Moessbauer <felix.moessbauer@siemens.com>
To: isar-users@googlegroups.com
Cc: jan.kiszka@siemens.com, daniel.bovensiepen@siemens.com,
henning.schild@siemens.com, venkata.pyla@toshiba-tsip.com,
Felix Moessbauer <felix.moessbauer@siemens.com>
Subject: [PATCH v3 10/10] make custom linux-image bit-by-bit reproducible
Date: Mon, 16 Jan 2023 03:35:52 +0000 [thread overview]
Message-ID: <20230116033552.139048-11-felix.moessbauer@siemens.com> (raw)
In-Reply-To: <20230116033552.139048-1-felix.moessbauer@siemens.com>
This patch makes the build of custom linux kernels bit-by-bit
reproducible. By that, we can remove the dh_strip_nondeterminism step,
which significantly reduces the kernel build time.
The implementation is similar to how upstream debian builds their kernel
images and extracts all information from the changelog. As the
DISTRIBUTOR field is not part of the changelog, we inject it via a bb
variable which is defaulted to ISAR.
Signed-off-by: Felix Moessbauer <felix.moessbauer@siemens.com>
---
.../linux/files/debian/isar/build.tmpl | 1 +
meta/recipes-kernel/linux/files/debian/rules.tmpl | 14 +++++++++++++-
meta/recipes-kernel/linux/linux-custom.inc | 2 ++
3 files changed, 16 insertions(+), 1 deletion(-)
diff --git a/meta/recipes-kernel/linux/files/debian/isar/build.tmpl b/meta/recipes-kernel/linux/files/debian/isar/build.tmpl
index 94cfbe0..e7e0479 100644
--- a/meta/recipes-kernel/linux/files/debian/isar/build.tmpl
+++ b/meta/recipes-kernel/linux/files/debian/isar/build.tmpl
@@ -34,6 +34,7 @@ print_settings() {
# ---------------
# ARCH=${ARCH}
# CROSS_COMPILE=${CROSS_COMPILE}
+# KBUILD_BUILD_TIMESTAMP=${KBUILD_BUILD_TIMESTAMP}
EOF
}
diff --git a/meta/recipes-kernel/linux/files/debian/rules.tmpl b/meta/recipes-kernel/linux/files/debian/rules.tmpl
index 8063c49..e8ae3da 100755
--- a/meta/recipes-kernel/linux/files/debian/rules.tmpl
+++ b/meta/recipes-kernel/linux/files/debian/rules.tmpl
@@ -2,6 +2,11 @@
CROSS_COMPILE:=$(DEB_HOST_GNU_TYPE)-
+MAINTAINER := $(shell sed -ne 's,^Maintainer: .[^<]*<\([^>]*\)>,\1,p' debian/control)
+DISTRIBUTOR := ${DISTRIBUTOR}
+SOURCE_DATE := $(shell dpkg-parsechangelog -SDate)
+SOURCE_DATE_UTC_ISO := $(shell date -u -d '$(SOURCE_DATE)' +%Y-%m-%d)
+
O:=$(CURDIR)/${KERNEL_BUILD_DIR}
S:=$(CURDIR)
deb_top_dir:=$(S)/debian
@@ -14,7 +19,11 @@ isar_env=$(strip \
export MAKE='$(MAKE)' && \
export O='${O}' && \
export S='${S}' && \
- export CURDIR='$(CURDIR)' \
+ export CURDIR='$(CURDIR)' && \
+ export KBUILD_BUILD_TIMESTAMP='$(SOURCE_DATE)' && \
+ export KBUILD_BUILD_VERSION_TIMESTAMP='$(DISTRIBUTOR) $(DEB_VERSION_UPSTREAM) ($(SOURCE_DATE_UTC_ISO))' && \
+ export KBUILD_BUILD_USER='$(word 1,$(subst @, ,$(MAINTAINER)))' && \
+ export KBUILD_BUILD_HOST='$(word 2,$(subst @, ,$(MAINTAINER)))' \
)
%:
@@ -35,5 +44,8 @@ override_dh_auto_install:
override_dh_auto_test:
true
+override_dh_strip_nondeterminism:
+ true
+
override_dh_strip:
unset DEB_HOST_GNU_TYPE && dh_strip -Xvmlinu --no-automatic-dbgsym
diff --git a/meta/recipes-kernel/linux/linux-custom.inc b/meta/recipes-kernel/linux/linux-custom.inc
index 447d4e8..6c539c0 100644
--- a/meta/recipes-kernel/linux/linux-custom.inc
+++ b/meta/recipes-kernel/linux/linux-custom.inc
@@ -12,6 +12,7 @@
CHANGELOG_V = "${PV}+${PR}"
DESCRIPTION ?= "Custom kernel"
MAINTAINER ?= "isar-users <isar-users@googlegroups.com>"
+DISTRIBUTOR ?= "ISAR"
KBUILD_DEPENDS ?= "build-essential:native, \
libelf-dev:native, \
@@ -79,6 +80,7 @@ TEMPLATE_VARS += " \
KERNEL_NAME_PROVIDED \
KERNEL_CONFIG_FRAGMENTS \
KCFLAGS \
+ DISTRIBUTOR \
"
inherit dpkg
--
2.34.1
next prev parent reply other threads:[~2023-01-16 3:37 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-16 3:35 [PATCH v3 00/10] Make rootfs build reproducible Felix Moessbauer
2023-01-16 3:35 ` [PATCH v3 01/10] image: make sure do_rootfs_finalize can run multiple times Felix Moessbauer
2023-01-16 3:35 ` [PATCH v3 02/10] image.bbclass: fix non-reproducible file time-stamps inside rootfs Felix Moessbauer
2023-01-16 3:35 ` [PATCH v3 03/10] rootfs postprocess: clean python cache Felix Moessbauer
2023-01-16 3:35 ` [PATCH v3 04/10] remove non-portable ldconfig aux-cache Felix Moessbauer
2023-01-16 3:35 ` [PATCH v3 05/10] generate deterministic clear-text password hash Felix Moessbauer
2023-01-16 3:35 ` [PATCH v3 06/10] update debian initramfs in deterministic mode Felix Moessbauer
2023-01-16 3:35 ` [PATCH v3 07/10] create custom " Felix Moessbauer
2023-01-16 3:35 ` [PATCH v3 08/10] make deb_add_changelog idempotent Felix Moessbauer
2023-01-16 3:35 ` [PATCH v3 09/10] deb_add_changelog: set timestamp to valid epoch Felix Moessbauer
2023-01-16 3:35 ` Felix Moessbauer [this message]
2023-01-25 7:16 ` [PATCH v3 00/10] Make rootfs build reproducible Uladzimir Bely
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230116033552.139048-11-felix.moessbauer@siemens.com \
--to=felix.moessbauer@siemens.com \
--cc=daniel.bovensiepen@siemens.com \
--cc=henning.schild@siemens.com \
--cc=isar-users@googlegroups.com \
--cc=jan.kiszka@siemens.com \
--cc=venkata.pyla@toshiba-tsip.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox