[U-Boot] [PATCH] Reproducible U-Boot build support, using SOURCE_DATE_EPOCH

Paul Kocialkowski contact at paulk.fr
Mon Jul 20 10:06:41 CEST 2015


Le lundi 20 juillet 2015 à 10:01 +0200, Paul Kocialkowski a écrit :
> In order to achieve reproducible builds in U-Boot, timestamps that are defined
> at build-time have to be somewhat eliminated. The SOURCE_DATE_EPOCH environment
> variable allows setting a fixed value for those timestamps.
> 
> Simply by setting SOURCE_DATE_EPOCH to a fixed value, a number of targets can be
> built reproducibly. This is the case for e.g. sunxi devices.
> 
> However, some other devices might need some more tweaks, especially regarding
> the image generation tools.

Lunar, since you have contributed to this patch, feel free to add your
Signed-Off-By line here before it's merged!

Heiko, since this is based on your original patch, feel free to do the
same!

It would be nice to have this tested on as many boards as possible to
spot other areas that make the binaries not reproducible. However, I
doubt this patch will evolve much and other fixes should be sent in
subsequent patches.

> Signed-off-by: Paul Kocialkowski <contact at paulk.fr>
> ---
>  Makefile              |  7 ++++---
>  tools/default_image.c | 21 ++++++++++++++++++++-
>  2 files changed, 24 insertions(+), 4 deletions(-)
> 
> diff --git a/Makefile b/Makefile
> index 37cc4c3..71aeac7 100644
> --- a/Makefile
> +++ b/Makefile
> @@ -1231,9 +1231,10 @@ define filechk_version.h
>  endef
>  
>  define filechk_timestamp.h
> -	(LC_ALL=C date +'#define U_BOOT_DATE "%b %d %C%y"'; \
> -	LC_ALL=C date +'#define U_BOOT_TIME "%T"'; \
> -	LC_ALL=C date +'#define U_BOOT_TZ "%z"')
> +	(SOURCE_DATE="$${SOURCE_DATE_EPOCH:+@$$SOURCE_DATE_EPOCH}"; \
> +	LC_ALL=C date -u -d "$${SOURCE_DATE:-now}" +'#define U_BOOT_DATE "%b %d %C%y"'; \
> +	LC_ALL=C date -u -d "$${SOURCE_DATE:-now}" +'#define U_BOOT_TIME "%T"'; \
> +	LC_ALL=C date -u -d "$${SOURCE_DATE:-now}" +'#define U_BOOT_TZ "%z"' )
>  endef
>  
>  $(version_h): include/config/uboot.release FORCE
> diff --git a/tools/default_image.c b/tools/default_image.c
> index cf5c0d4..18940af 100644
> --- a/tools/default_image.c
> +++ b/tools/default_image.c
> @@ -88,6 +88,9 @@ static void image_set_header(void *ptr, struct stat *sbuf, int ifd,
>  				struct image_tool_params *params)
>  {
>  	uint32_t checksum;
> +	char *source_date_epoch;
> +	struct tm *time_universal;
> +	time_t time;
>  
>  	image_header_t * hdr = (image_header_t *)ptr;
>  
> @@ -96,9 +99,25 @@ static void image_set_header(void *ptr, struct stat *sbuf, int ifd,
>  				sizeof(image_header_t)),
>  			sbuf->st_size - sizeof(image_header_t));
>  
> +	source_date_epoch = getenv("SOURCE_DATE_EPOCH");
> +	if (source_date_epoch != NULL) {
> +		time = (time_t) strtol(source_date_epoch, NULL, 10);
> +
> +		time_universal = gmtime(&time);
> +		if (time_universal == NULL) {
> +			fprintf(stderr, "%s: SOURCE_DATE_EPOCH is not valid\n",
> +				__func__);
> +			time = 0;
> +		} else {
> +			time = mktime(time_universal);
> +		}
> +	} else {
> +		time = sbuf->st_mtime;
> +	}
> +
>  	/* Build new header */
>  	image_set_magic(hdr, IH_MAGIC);
> -	image_set_time(hdr, sbuf->st_mtime);
> +	image_set_time(hdr, time);
>  	image_set_size(hdr, sbuf->st_size - sizeof(image_header_t));
>  	image_set_load(hdr, params->addr);
>  	image_set_ep(hdr, params->ep);

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20150720/2b9bda00/attachment.sig>


More information about the U-Boot mailing list