Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 02 Dec 2015 13:14:57 -0700
From:      Ian Lepore <ian@freebsd.org>
To:        John Baldwin <jhb@freebsd.org>, freebsd-arch@freebsd.org
Cc:        Ed Maste <emaste@freebsd.org>
Subject:   Re: Removing build metadata, for reproducible kernel builds
Message-ID:  <1449087297.1262.82.camel@freebsd.org>
In-Reply-To: <1920964.NJpSim6qZF@ralph.baldwin.cx>
References:  <CAPyFy2AYeN9XNg=b0=JMWDC9ctWarfiZ-5zQorOPhguDJgxYpg@mail.gmail.com> <1920964.NJpSim6qZF@ralph.baldwin.cx>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 2015-12-02 at 12:03 -0800, John Baldwin wrote:
> On Wednesday, December 02, 2015 05:36:52 PM Ed Maste wrote:
> > The main issue currently preventing kernel builds from being
> > reproducible[1] is the build metadata itself that's included (time,
> > user, host, build path). In order to make the kernel build
> > reproducible I plan to remove these by default, and add a src.conf
> > knob to enable them for developers who want them in their own
> > builds.
> > 
> > The user-facing effect of this is that the kern.version sysctl no
> > longer conveys this information, and uname -a changes from
> > something
> > like:
> > 
> > FreeBSD ref11-amd64.freebsd.org 11.0-CURRENT FreeBSD 11.0-CURRENT
> > #0
> > r288681: Mon Oct  5 01:40:11 UTC 2015
> > peter@build-11.freebsd.org:/usr/obj/usr/src/sys/CLUSTER11  amd64
> > 
> > to something like:
> > 
> > FreeBSD feynman 10.2-STABLE FreeBSD 10.2-STABLE #44
> > r288174+7644546(stable-10) amd64
> > 
> > The current version of the change is available for review at
> > https://reviews.freebsd.org/D4347.
> > 
> > [1] See https://reproducible-builds.org/ for more information on
> > the
> > reproducible builds project.
> 
> As I noted in the review, this will break kgdb -n (and possibly
> crashinfo,
> less certain about that).  Keeping the path (which should not vary if
> you
> build out of the same tree) will be sufficient to let kgdb -n still
> work
> (though it may need some changes to recognize both formats).
> 
> Keeping the path also means that 'uname -a' still tells you which
> kernel
> config you are running (I assume you aren't changing 'uname -i', but
> 'uname -a' doesn't include 'uname -i').
> 

But in the kinds of venues where reproducible builds are most
important, such as creating images that are part of commercial
products, the build path is one of the things most likely to change
between builds and least likely to be significant in terms of any
differences to the conents of the build.  Likewise the hostname of the
build machine, which it appears is still in the uname output.

-- Ian





Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1449087297.1262.82.camel>