Author: emaste
Date: Wed Jan 25 01:04:51 2017
New Revision: 312730
URL: https://svnweb.freebsd.org/changeset/base/312730
Log:
Add WITH_REPRODUCIBLE_BUILD src.conf(5) knob
MFC r310128: Add WITH_REPRODUCIBLE_BUILD src.conf(5) knob to disable kernel
metadata
The kernel builds reproducibly, except for the time, date, user, and
hostname baked into the kernel (reported at startup and via the
kern.version sysctl for uname). Add a build knob to disable the
inclusion of this metadata.
MFC r310268: Build loaders reproducibly when WITH_REPRODUCIBLE_BUILD
When WITH_REPRODUCIBLE_BUILD=yes is set in src.conf(5), eliminate the
time, user, and host from the loader's version information. This allows
builds to produce bit-for-bit identical output.
Added:
stable/11/tools/build/options/WITH_REPRODUCIBLE_BUILD
- copied, changed from r310128,
head/tools/build/options/WITH_REPRODUCIBLE_BUILD
Modified:
stable/11/share/mk/src.opts.mk
stable/11/sys/boot/common/Makefile.inc
stable/11/sys/boot/common/newvers.sh
stable/11/sys/conf/kern.opts.mk
stable/11/sys/conf/kern.post.mk
Directory Properties:
stable/11/ (props changed)
Modified: stable/11/share/mk/src.opts.mk
==============================================================================
--- stable/11/share/mk/src.opts.mk Wed Jan 25 00:44:21 2017
(r312729)
+++ stable/11/share/mk/src.opts.mk Wed Jan 25 01:04:51 2017
(r312730)
@@ -187,6 +187,7 @@ __DEFAULT_NO_OPTIONS = \
NAND \
OFED \
OPENLDAP \
+ REPRODUCIBLE_BUILD \
SHARED_TOOLCHAIN \
SORT_THREADS \
SVN \
Modified: stable/11/sys/boot/common/Makefile.inc
==============================================================================
--- stable/11/sys/boot/common/Makefile.inc Wed Jan 25 00:44:21 2017
(r312729)
+++ stable/11/sys/boot/common/Makefile.inc Wed Jan 25 01:04:51 2017
(r312730)
@@ -73,5 +73,9 @@ CFLAGS+=-I${.CURDIR}/../../../../lib/lib
CLEANFILES+= vers.c
VERSION_FILE?= ${.CURDIR}/version
+.if ${MK_REPRODUCIBLE_BUILD} != no
+REPRO_FLAG= -r
+.endif
vers.c: ${SRCTOP}/sys/boot/common/newvers.sh ${VERSION_FILE}
- sh ${SRCTOP}/sys/boot/common/newvers.sh ${VERSION_FILE} ${NEWVERSWHAT}
+ sh ${SRCTOP}/sys/boot/common/newvers.sh ${REPRO_FLAG} ${VERSION_FILE} \
+ ${NEWVERSWHAT}
Modified: stable/11/sys/boot/common/newvers.sh
==============================================================================
--- stable/11/sys/boot/common/newvers.sh Wed Jan 25 00:44:21 2017
(r312729)
+++ stable/11/sys/boot/common/newvers.sh Wed Jan 25 01:04:51 2017
(r312730)
@@ -35,11 +35,26 @@
tempfile=$(mktemp tmp.XXXXXX) || exit
trap "rm -f $tempfile" EXIT INT TERM
+include_metadata=true
+while getopts r opt; do
+ case "$opt" in
+ r)
+ include_metadata=
+ ;;
+ esac
+done
+shift $((OPTIND - 1))
+
LC_ALL=C; export LC_ALL
u=${USER-root} h=${HOSTNAME-`hostname`} t=`date`
#r=`head -n 6 $1 | tail -n 1 | awk -F: ' { print $1 } '`
r=`awk -F: ' /^[0-9]\.[0-9]+:/ { print $1; exit }' $1`
-echo "char bootprog_info[] = \"FreeBSD/${3} ${2}, Revision ${r}\\n(${t}
${u}@${h})\\n\";" > $tempfile
+bootprog_info="FreeBSD/${3} ${2}, Revision ${r}\\n"
+if [ -n "${include_metadata}" ]; then
+ bootprog_info="$bootprog_info(${t} ${u}@${h})\\n"
+fi
+
+echo "char bootprog_info[] = \"$bootprog_info\";" > $tempfile
echo "unsigned bootprog_rev = ${r%%.*}${r##*.};" >> $tempfile
mv $tempfile vers.c
Modified: stable/11/sys/conf/kern.opts.mk
==============================================================================
--- stable/11/sys/conf/kern.opts.mk Wed Jan 25 00:44:21 2017
(r312729)
+++ stable/11/sys/conf/kern.opts.mk Wed Jan 25 01:04:51 2017
(r312730)
@@ -47,7 +47,8 @@ __DEFAULT_NO_OPTIONS = \
EISA \
EXTRA_TCP_STACKS \
NAND \
- OFED
+ OFED \
+ REPRODUCIBLE_BUILD
# Some options are totally broken on some architectures. We disable
# them. If you need to enable them on an experimental basis, you
Modified: stable/11/sys/conf/kern.post.mk
==============================================================================
--- stable/11/sys/conf/kern.post.mk Wed Jan 25 00:44:21 2017
(r312729)
+++ stable/11/sys/conf/kern.post.mk Wed Jan 25 01:04:51 2017
(r312730)
@@ -357,8 +357,11 @@ config.o env.o hints.o vers.o vnode_if.o
config.ln env.ln hints.ln vers.ln vnode_if.ln:
${NORMAL_LINT}
+.if ${MK_REPRODUCIBLE_BUILD} != "no"
+REPRO_FLAG="-r"
+.endif
vers.c: $S/conf/newvers.sh $S/sys/param.h ${SYSTEM_DEP}
- MAKE=${MAKE} sh $S/conf/newvers.sh ${KERN_IDENT}
+ MAKE=${MAKE} sh $S/conf/newvers.sh ${REPRO_FLAG} ${KERN_IDENT}
vnode_if.c: $S/tools/vnode_if.awk $S/kern/vnode_if.src
${AWK} -f $S/tools/vnode_if.awk $S/kern/vnode_if.src -c
Copied and modified: stable/11/tools/build/options/WITH_REPRODUCIBLE_BUILD
(from r310128, head/tools/build/options/WITH_REPRODUCIBLE_BUILD)
==============================================================================
--- head/tools/build/options/WITH_REPRODUCIBLE_BUILD Thu Dec 15 21:26:58
2016 (r310128, copy source)
+++ stable/11/tools/build/options/WITH_REPRODUCIBLE_BUILD Wed Jan 25
01:04:51 2017 (r312730)
@@ -1,3 +1,4 @@
$FreeBSD$
-Set to exclude build metadata (build time, user, host and path) from the
-kernel and uname output.
+Set to exclude build metadata (such as the build time, user, or host)
+from the kernel, boot loaders, and uname output, so that builds produce
+bit-for-bit identical output.
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
