Date: Wed, 02 Dec 2015 13:14:57 -0700 From: Ian Lepore <ian@freebsd.org> To: John Baldwin <jhb@freebsd.org>, freebsd-arch@freebsd.org Cc: Ed Maste <emaste@freebsd.org> Subject: Re: Removing build metadata, for reproducible kernel builds Message-ID: <1449087297.1262.82.camel@freebsd.org> In-Reply-To: <1920964.NJpSim6qZF@ralph.baldwin.cx> References: <CAPyFy2AYeN9XNg=b0=JMWDC9ctWarfiZ-5zQorOPhguDJgxYpg@mail.gmail.com> <1920964.NJpSim6qZF@ralph.baldwin.cx>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 2015-12-02 at 12:03 -0800, John Baldwin wrote: > On Wednesday, December 02, 2015 05:36:52 PM Ed Maste wrote: > > The main issue currently preventing kernel builds from being > > reproducible[1] is the build metadata itself that's included (time, > > user, host, build path). In order to make the kernel build > > reproducible I plan to remove these by default, and add a src.conf > > knob to enable them for developers who want them in their own > > builds. > > > > The user-facing effect of this is that the kern.version sysctl no > > longer conveys this information, and uname -a changes from > > something > > like: > > > > FreeBSD ref11-amd64.freebsd.org 11.0-CURRENT FreeBSD 11.0-CURRENT > > #0 > > r288681: Mon Oct 5 01:40:11 UTC 2015 > > peter@build-11.freebsd.org:/usr/obj/usr/src/sys/CLUSTER11 amd64 > > > > to something like: > > > > FreeBSD feynman 10.2-STABLE FreeBSD 10.2-STABLE #44 > > r288174+7644546(stable-10) amd64 > > > > The current version of the change is available for review at > > https://reviews.freebsd.org/D4347. > > > > [1] See https://reproducible-builds.org/ for more information on > > the > > reproducible builds project. > > As I noted in the review, this will break kgdb -n (and possibly > crashinfo, > less certain about that). Keeping the path (which should not vary if > you > build out of the same tree) will be sufficient to let kgdb -n still > work > (though it may need some changes to recognize both formats). > > Keeping the path also means that 'uname -a' still tells you which > kernel > config you are running (I assume you aren't changing 'uname -i', but > 'uname -a' doesn't include 'uname -i'). > But in the kinds of venues where reproducible builds are most important, such as creating images that are part of commercial products, the build path is one of the things most likely to change between builds and least likely to be significant in terms of any differences to the conents of the build. Likewise the hostname of the build machine, which it appears is still in the uname output. -- Ian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1449087297.1262.82.camel>