From owner-freebsd-hackers Sat Aug 10 11:59:56 2002 Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 485A637B400 for ; Sat, 10 Aug 2002 11:59:53 -0700 (PDT) Received: from gull.mail.pas.earthlink.net (gull.mail.pas.earthlink.net [207.217.120.84]) by mx1.FreeBSD.org (Postfix) with ESMTP id DF01B43E6A for ; Sat, 10 Aug 2002 11:59:52 -0700 (PDT) (envelope-from tlambert2@mindspring.com) Received: from pool0086.cvx21-bradley.dialup.earthlink.net ([209.179.192.86] helo=mindspring.com) by gull.mail.pas.earthlink.net with esmtp (Exim 3.33 #1) id 17dbSn-0003RN-00; Sat, 10 Aug 2002 11:59:49 -0700 Message-ID: <3D556270.CACF724B@mindspring.com> Date: Sat, 10 Aug 2002 11:58:56 -0700 From: Terry Lambert X-Mailer: Mozilla 4.79 [en] (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Colin Percival Cc: freebsd-hackers@freebsd.org Subject: Re: release variability References: <5.0.2.1.1.20020808000218.01fcd120@popserver.sfu.ca> <5.0.2.1.1.20020810024458.02035e48@popserver.sfu.ca> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Colin Percival wrote: > At 00:41 08/08/2002 -0700, Terry Lambert wrote: > >Colin Percival wrote: > > > If two people `make release` on different machines, how much difference > > > will there be between the results? Obviously the kernel will be different > > > because it contains the user and host names from its build; should > > > everything else be the same? > > > >Assuming identical source trees, and that the build takes place > >on systems installed with the same software, the only things that > >should be different are user, host, and time stamps. The kernel > >is one place that's stamped; the boot code is another. > > And, unfortunately, there's a hell of a lot more. [ ... good list of generated files containing timestamps ... ] > Files which are always the same size, but seem to have completely different > contents: > /usr/share/games/fortune/*.dat > /var/games/phantasia/void This is disturbing. > This raises two questions: > 1. Is there any way I can set up my system to consistently build the same > world? The user and host are of course easy to fix; I'd consider running a > daemon to reset my clock every second in order to keep the time stamps > consistent, except that I don't think it would work, and I worry that it > might break `make` anyway. For library files, there's nothing you can do, since it's the archive date, and .o files are assembled from multiple source files. Some of the generated files with timestamps really want to use the timestamp of the modification date of the sources, rather than the creation date of hte object. Correcting this is relatively minor; it's one of the reasons I suggested NFS mounting the sources; I imagine you would have a much worse time otherwise. > 2. Is this really a desireable state of affairs at all? As it is, it is > practically impossible for someone to `make release` on their own and > compare their version to the official version to ensure that the build was > correct. Reproducibility and verifiability are rather important matters > when it comes to security. I personally agree. The hardest part has got to be the archive files; I don't see how it could be avoided, without destroying information, at least in the archive update case, and probably in the archive recreation from object files case. The main problem here is that there isn't a "derivation date" stamp on object files, that can be used instead of the date of last modification or creation date. I think changing the modification date vs. create date would break "make". -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message