Date: Mon, 10 Sep 2018 09:08:07 -0600 From: Warner Losh <imp@bsdimp.com> To: Ed Maste <emaste@freebsd.org> Cc: FreeBSD Current <freebsd-current@freebsd.org> Subject: Re: Enabling the WITH_REPRODUCIBLE_BUILD knob for 12.0-REL Message-ID: <CANCZdfrnW64naSHWk5n7bxWXUBAhrBbPMSe4pOUHnGWbYFsNLQ@mail.gmail.com> In-Reply-To: <CAPyFy2C6=trSndoNmNn8SZv1Taq9n%2BtUqj3wY04DCqJ%2B-OuF5Q@mail.gmail.com> References: <CAPyFy2C6=trSndoNmNn8SZv1Taq9n%2BtUqj3wY04DCqJ%2B-OuF5Q@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Sep 10, 2018 at 8:58 AM Ed Maste <emaste@freebsd.org> wrote: > The FreeBSD base system is a reproducible build[1] with a minor > exception: the build metadata (timestamps, user, hostname, etc.) > included in the kernel and loader. > > With the default, non-reproducible build the kernel ident looks like: > > FreeBSD 12.0-ALPHA5 #4 r338195: Mon Jan 1 10:11:12 EDT 2018 > user@hostname:/path/to/freebsd/src > > and the loader ident: > > FreeBSD/amd64 EFI loader, Revision 1.1 > (Mon Jan 1 10:11:12 EDT 2018 user@hostname) > > With reproducible builds enabled the kernel ident looks like: > > FreeBSD 12.0-ALPHA5 r338195 > > and the loader ident: > > FreeBSD/amd64 EFI loader, Revision 1.1 > > I would like to enable the REPRODUCIBLE_BUILD knob by default for the > 12.0 release, and propose we do this by adding a step to switch the > default to the list of changes[2] that re@ commits to the branch as > part of the release process. > > [1] https://reproducible-builds.org > [2] > https://www.freebsd.org/doc/en_US.ISO8859-1/articles/freebsd-releng/releng-head.html Turning it on, like we turn off WITNESS, for stable branches, I think this is a good idea. The loader doesn't really need the extra stuff to function properly, so dropping it is OK. Warner
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CANCZdfrnW64naSHWk5n7bxWXUBAhrBbPMSe4pOUHnGWbYFsNLQ>