From: Adithya Balakumar <Adithya.Balakumar@toshiba-tsip.com>
To: isar-users@googlegroups.com
Cc: jan.kiszka@siemens.com, kazuhiro3.hayashi@toshiba.co.jp,
dinesh.kumar@toshiba-tsip.com,
shivanand.kunijadar@toshiba-tsip.com,
sai.sathujoda@toshiba-tsip.com,
adithya.balakumar@toshiba-tsip.com
Subject: [PATCH v1 1/1] imagetypes.bbclass: Generate reproducible ext4 images using IMAGE_CMD
Date: Fri, 29 Nov 2024 18:20:40 +0530 [thread overview]
Message-ID: <20241129125040.1231947-2-Adithya.Balakumar@toshiba-tsip.com> (raw)
In-Reply-To: <20241129125040.1231947-1-Adithya.Balakumar@toshiba-tsip.com>
e2fsprogs v1.47.1 added support for timestamp clamping to SOURCE_DATE_EPOCH
to generate reproducible ext4 images.
Along with the above, a deterministic uuid and hash_seed also needs to be set.
Signed-off-by: Adithya Balakumar <Adithya.Balakumar@toshiba-tsip.com>
---
meta/classes/imagetypes.bbclass | 23 ++++++++++++++++++++++-
1 file changed, 22 insertions(+), 1 deletion(-)
diff --git a/meta/classes/imagetypes.bbclass b/meta/classes/imagetypes.bbclass
index a3be0a1d..f802c11c 100644
--- a/meta/classes/imagetypes.bbclass
+++ b/meta/classes/imagetypes.bbclass
@@ -14,9 +14,30 @@ IMAGE_CMD:tar() {
# image type: ext4
IMAGER_INSTALL:ext4 += "e2fsprogs"
-MKE2FS_ARGS ?= "-t ext4"
+# NOTE: Creating reproducible ext4 images requires timestamp clamping to SOURCE_DATE_EPOCH and deterministic uuid, hash_seed to be set.
+# Timestamp clamping to SOURCE_DATE_EPOCH is only available from e2fsprogs v1.47.1 onwards. Older versions cannot generate reproducible ext4 images.
+python set_mke2fs_args () {
+ import uuid
+
+ mke2fs_args = "-t ext4"
+ sde_time = int(os.getenv('SOURCE_DATE_EPOCH'))
+
+ # set uuid
+ fsuuid = uuid.UUID(int=sde_time)
+ mke2fs_args += " -U " + str(fsuuid)
+
+ # set hash_seed
+ hash_seed = str(uuid.uuid5(fsuuid, str(sde_time)))
+ mke2fs_args += " -E hash_seed=" + hash_seed
+
+ d.setVar("MKE2FS_ARGS", mke2fs_args)
+}
+
+do_image_ext4[prefuncs] = "set_mke2fs_args"
IMAGE_CMD:ext4() {
+ export E2FSPROGS_FAKE_TIME="${SOURCE_DATE_EPOCH}"
+
truncate -s ${ROOTFS_SIZE}K '${IMAGE_FILE_HOST}'
${SUDO_CHROOT} /sbin/mke2fs ${MKE2FS_ARGS} \
--
2.39.5
--
You received this message because you are subscribed to the Google Groups "isar-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to isar-users+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/isar-users/20241129125040.1231947-2-Adithya.Balakumar%40toshiba-tsip.com.
next prev parent reply other threads:[~2024-11-29 12:44 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-11-29 12:50 [PATCH v1 0/1] Generate reproducible ext4 images with IMAGE_CMD Adithya Balakumar
2024-11-29 12:50 ` Adithya Balakumar [this message]
2024-12-06 7:29 ` Uladzimir Bely
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241129125040.1231947-2-Adithya.Balakumar@toshiba-tsip.com \
--to=adithya.balakumar@toshiba-tsip.com \
--cc=dinesh.kumar@toshiba-tsip.com \
--cc=isar-users@googlegroups.com \
--cc=jan.kiszka@siemens.com \
--cc=kazuhiro3.hayashi@toshiba.co.jp \
--cc=sai.sathujoda@toshiba-tsip.com \
--cc=shivanand.kunijadar@toshiba-tsip.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox