Source: dietlibc Version: 0.33~cvs20120325-6 Severity: wishlist Tags: patch User: [email protected] Usertags: timestamps fileordering X-Debbugs-Cc: [email protected]
Hi! While working on the "reproducible builds" effort [1], we have noticed that dietlibc could not be built reproducibly. It has build timestamps in the gzip headers of manpages and ChangeLog files, an unsorted md5sums file and several static libraries were linked with an unsorted order of object files. The attached patch fixes this. Regards, Reiner [1]: https://wiki.debian.org/ReproducibleBuilds
diff --git a/debian/implicit b/debian/implicit
index 639532b..e87ac4c 100644
--- a/debian/implicit
+++ b/debian/implicit
@@ -35,7 +35,7 @@ deb-checkuid:
debian/$*/usr/share/doc/$*/changelog'
@test -s debian/$*/usr/share/doc/$*/changelog || \
sh -cx 'rm -f debian/$*/usr/share/doc/$*/changelog'
- @gzip -9 debian/$*/usr/share/doc/$*/changelog*
+ @gzip -9n debian/$*/usr/share/doc/$*/changelog*
%.deb-docs-docs: %.deb-docs-base
@for i in `cat debian/$*.docs 2>/dev/null || :`; do \
if test -d $$i; then \
@@ -54,7 +54,7 @@ deb-checkuid:
@if test -r debian/$*.NEWS.Debian; then \
sh -cx 'install -m0644 debian/$*.NEWS.Debian \
debian/$*/usr/share/doc/$*/NEWS.Debian && \
- gzip -9 debian/$*/usr/share/doc/$*/NEWS.Debian'; \
+ gzip -9n debian/$*/usr/share/doc/$*/NEWS.Debian'; \
fi
%.deb-docs-examples: %.deb-docs-docs
@rm -rf debian/$*/usr/share/doc/$*/examples
@@ -87,7 +87,7 @@ deb-checkuid:
: debian/$*/DEBIAN/md5sums
@rm -f debian/$*/DEBIAN/md5sums
@cd debian/$* && find * -path 'DEBIAN' -prune -o \
- -type f -exec md5sum {} >>DEBIAN/md5sums \;
+ -type f -exec md5sum {} \; | LC_ALL=C sort >>DEBIAN/md5sums
%.deb-DEBIAN: %.deb-checkdir %.deb-DEBIAN-base %.deb-DEBIAN-scripts \
%.deb-DEBIAN-md5sums
: debian/$*/DEBIAN/ ok
diff --git a/debian/patches/0038-reproducible-build.diff b/debian/patches/0038-reproducible-build.diff
new file mode 100644
index 0000000..524e657
--- /dev/null
+++ b/debian/patches/0038-reproducible-build.diff
@@ -0,0 +1,73 @@
+Author: Reiner Herrmann <[email protected]>
+Description: sort order of object files to get reproducible static libraries
+
+--- a/Makefile
++++ b/Makefile
+@@ -108,23 +108,23 @@
+
+ VPATH=lib:libstdio:libugly:libcruft:libcrypt:libshell:liblatin1:libcompat:libdl:librpc:libregex:libm:profiling
+
+-SYSCALLOBJ=$(patsubst syscalls.s/%.S,$(OBJDIR)/%.o,$(wildcard syscalls.s/*.S))
++SYSCALLOBJ=$(patsubst syscalls.s/%.S,$(OBJDIR)/%.o,$(sort $(wildcard syscalls.s/*.S)))
+
+-LIBOBJ=$(patsubst lib/%.c,$(OBJDIR)/%.o,$(wildcard lib/*.c))
+-LIBUGLYOBJ=$(patsubst libugly/%.c,$(OBJDIR)/%.o,$(wildcard libugly/*.c))
+-LIBSTDIOOBJ=$(patsubst libstdio/%.c,$(OBJDIR)/%.o,$(wildcard libstdio/*.c))
+-LIBCRUFTOBJ=$(patsubst libcruft/%.c,$(OBJDIR)/%.o,$(wildcard libcruft/*.c))
+-LIBCRYPTOBJ=$(patsubst libcrypt/%.c,$(OBJDIR)/%.o,$(wildcard libcrypt/*.c))
+-LIBSHELLOBJ=$(patsubst libshell/%.c,$(OBJDIR)/%.o,$(wildcard libshell/*.c))
+-LIBCOMPATOBJ=$(patsubst libcompat/%.c,$(OBJDIR)/%.o,$(wildcard libcompat/*.c)) $(OBJDIR)/syscall.o
+-LIBMATH=$(patsubst libm/%.c,%.o,$(wildcard libm/*.c))
++LIBOBJ=$(patsubst lib/%.c,$(OBJDIR)/%.o,$(sort $(wildcard lib/*.c)))
++LIBUGLYOBJ=$(patsubst libugly/%.c,$(OBJDIR)/%.o,$(sort $(wildcard libugly/*.c)))
++LIBSTDIOOBJ=$(patsubst libstdio/%.c,$(OBJDIR)/%.o,$(sort $(wildcard libstdio/*.c)))
++LIBCRUFTOBJ=$(patsubst libcruft/%.c,$(OBJDIR)/%.o,$(sort $(wildcard libcruft/*.c)))
++LIBCRYPTOBJ=$(patsubst libcrypt/%.c,$(OBJDIR)/%.o,$(sort $(wildcard libcrypt/*.c)))
++LIBSHELLOBJ=$(patsubst libshell/%.c,$(OBJDIR)/%.o,$(sort $(wildcard libshell/*.c)))
++LIBCOMPATOBJ=$(patsubst libcompat/%.c,$(OBJDIR)/%.o,$(sort $(wildcard libcompat/*.c))) $(OBJDIR)/syscall.o
++LIBMATH=$(patsubst libm/%.c,%.o,$(sort $(wildcard libm/*.c)))
+
+-LIBRPCOBJ=$(patsubst librpc/%.c,$(OBJDIR)/%.o,$(wildcard librpc/*.c))
+-LIBREGEXOBJ=$(patsubst libregex/%.c,$(OBJDIR)/%.o,$(wildcard libregex/*.c))
++LIBRPCOBJ=$(patsubst librpc/%.c,$(OBJDIR)/%.o,$(sort $(wildcard librpc/*.c)))
++LIBREGEXOBJ=$(patsubst libregex/%.c,$(OBJDIR)/%.o,$(sort $(wildcard libregex/*.c)))
+
+-LIBDLOBJ=$(patsubst libdl/%.c,$(OBJDIR)/%.o,$(wildcard libdl/*.c)) $(OBJDIR)/_dl_jump.o
++LIBDLOBJ=$(patsubst libdl/%.c,$(OBJDIR)/%.o,$(sort $(wildcard libdl/*.c))) $(OBJDIR)/_dl_jump.o
+
+-LIBPTHREAD_OBJS=$(patsubst libpthread/%.c,$(OBJDIR)/%.o,$(shell ./threadsafe.sh)) $(OBJDIR)/__testandset.o
++LIBPTHREAD_OBJS=$(patsubst libpthread/%.c,$(OBJDIR)/%.o,$(sort $(shell ./threadsafe.sh))) $(OBJDIR)/__testandset.o
+
+ LIBGMON_OBJS=$(OBJDIR)/__mcount.o $(OBJDIR)/monitor.o $(OBJDIR)/profil.o
+
+@@ -214,7 +214,7 @@
+
+ dummy.o:
+
+-LIBLATIN1_OBJS=$(patsubst liblatin1/%.c,$(OBJDIR)/%.o,$(wildcard liblatin1/*.c))
++LIBLATIN1_OBJS=$(patsubst liblatin1/%.c,$(OBJDIR)/%.o,$(sort $(wildcard liblatin1/*.c)))
+ $(OBJDIR)/liblatin1.a: $(LIBLATIN1_OBJS)
+ $(CROSS)ar cru $@ $^
+
+--- a/libdl/Makefile
++++ b/libdl/Makefile
+@@ -3,7 +3,7 @@
+ CC = $(CROSS)gcc
+ DCC = diet $(CC)
+
+-SRC = $(wildcard *.c) # test/test.c
++SRC = $(sort $(wildcard *.c)) # test/test.c
+ OBJ = _dl_jump.o $(SRC:.c=.o)
+
+ #CFLAGS = -Wall -D__OD_CLEAN_ROOM -DNODIETREF -fPIC -g -O
+--- a/libpthread/Makefile
++++ b/libpthread/Makefile
+@@ -12,7 +12,7 @@
+
+ VPATH=../$(ARCH)/
+
+-PTHREAD_OBJS = __testandset.o $(patsubst %.c,%.o,$(wildcard pthread_*.c))
++PTHREAD_OBJS = __testandset.o $(patsubst %.c,%.o,$(sort $(wildcard pthread_*.c)))
+
+ TESTS = $(patsubst %.c,%,$(wildcard test-*.c))
+
diff --git a/debian/patches/series b/debian/patches/series
index c30fd37..905bc0a 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -28,3 +28,4 @@
0035-Use-syscall-_newselect-instead-of-select-on-ppc64.diff
0036-fix-jmp_buf-size-on-armhf.diff
0037-support-powerpcspe.diff
+0038-reproducible-build.diff
diff --git a/debian/rules b/debian/rules
index 3d3dfac..126243d 100755
--- a/debian/rules
+++ b/debian/rules
@@ -116,7 +116,7 @@ endif
fi
install -d -m0755 $(DIR)-dev/usr/share/man
mv $(DIR)/usr/lib/diet/man/man? $(DIR)-dev/usr/share/man/
- gzip -9 $(DIR)-dev/usr/share/man/man?/*
+ gzip -9n $(DIR)-dev/usr/share/man/man?/*
rmdir $(DIR)/usr/lib/diet/man
install -d -m0755 $(DIR)-doc
# .in
signature.asc
Description: PGP signature
