From patchwork Sat Jul 6 06:55:01 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Atharva Lele X-Patchwork-Id: 1128404 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=busybox.net (client-ip=140.211.166.137; helo=fraxinus.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="ZRVf5Tns"; dkim-atps=neutral Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 45gjCS52fwz9sN4 for ; Sat, 6 Jul 2019 16:55:32 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 12A6F8453F; Sat, 6 Jul 2019 06:55:28 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fBnufb6Orjeb; Sat, 6 Jul 2019 06:55:25 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by fraxinus.osuosl.org (Postfix) with ESMTP id 8E46E83608; Sat, 6 Jul 2019 06:55:25 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by ash.osuosl.org (Postfix) with ESMTP id 6FE011BF2B0 for ; Sat, 6 Jul 2019 06:55:24 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id 63F8220356 for ; Sat, 6 Jul 2019 06:55:24 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nD131+NckmGz for ; Sat, 6 Jul 2019 06:55:21 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mail-pf1-f194.google.com (mail-pf1-f194.google.com [209.85.210.194]) by silver.osuosl.org (Postfix) with ESMTPS id 74CB520354 for ; Sat, 6 Jul 2019 06:55:21 +0000 (UTC) Received: by mail-pf1-f194.google.com with SMTP id i189so5180197pfg.10 for ; Fri, 05 Jul 2019 23:55:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=slHEQbHHnv2SEYGhYE6afdGT2FnVbHKP6daSjnkXlt4=; b=ZRVf5TnsLL3zOEWpqM3diGXdKW9VEJaJlTBN3K3kiPPAREBcRamXU0iYX1Z1AcYIlG Q3cNth2nIRZfVqVeeMI0EJsBDAgym944eeIA15yQJFkTcEX9MDmWkUqEZE6d4Xj8RsTP wAl5d9kOmFZEYj7hH3Be+5WI2Kus60cm604JmAki8XuzVRK3+W4xSiNFicJJScj0ZK70 zdnsMuDJAKpngminJ84p2k95J7VWDMKJ+KNZwOvgqDyQrGKYLyIeS/GQgaRMZFejfTM6 Yn04aGZSaATLycv41lNeJVyj2cVwhN+uKbfpPtyubw3RXPiVYIjfOA0TCNIG+eMCFHMs fVPw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=slHEQbHHnv2SEYGhYE6afdGT2FnVbHKP6daSjnkXlt4=; b=DA74mEItixFCGU3kzT7uqu1GiitemZ4vErhV81ceT3r1CvMR2+8Tu7KAewedXKIG1f Ljw3imlLkjTyiZ+1Cyx+jqNjFzvHk7l1Rr7l8Qgj8cshlTgEWS80PV+/qWSu7ePqI3R6 x106f46GpYLKy58nXaLA86t7b7Bp6hd9CEtgXrUOYM/ursu7n8fIDW/M7mb+PahWQpaK PeJ4n9P/dzxByNlnJ6boOfY4AXDmGb70rjIG0+2P2J0oMbmF52NEnS6ygXfgNCfzMj5L sd+mr3eU281NTOt9r9ANIed6bbkC67NwJyvMR0Tg8dftsQfz35NE8dOy22bEloK/qHIk 7RVw== X-Gm-Message-State: APjAAAW6k9uaxoF4kufnBeiLXgJug0wb9z6iEmLGw1MIEbmlqjKBb+YA BZcET6ycwGTiUGu/RO8Ctpl4FDA6v99+Bg== X-Google-Smtp-Source: APXvYqyTp6vATMSyf/bog9/jWq+rpWKeZ70u+TpYoDe0lTiaLCtsQPM246eDYjcOEU1hE+YaNMttaQ== X-Received: by 2002:a63:52:: with SMTP id 79mr9478388pga.381.1562396120366; Fri, 05 Jul 2019 23:55:20 -0700 (PDT) Received: from localhost.localdomain ([123.201.54.13]) by smtp.gmail.com with ESMTPSA id a16sm12519290pfd.68.2019.07.05.23.55.17 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Fri, 05 Jul 2019 23:55:19 -0700 (PDT) From: Atharva Lele To: buildroot@buildroot.org Date: Sat, 6 Jul 2019 12:25:01 +0530 Message-Id: <20190706065501.3959-1-itsatharva@gmail.com> X-Mailer: git-send-email 2.22.0 MIME-Version: 1.0 Subject: [Buildroot] [PATCH v3] fs/tar: explicitly set extended header values to ensure binary reproducibility X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: peter@korsgaard.com, matthew.weber@collins.com, Atharva Lele , yann.morin.1998@free.fr Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" Since we use --xattrs-include='*' to include all extended attributes, tar creates a PAX formatted archive. The archive metadata captures atime and ctime of files. To fix this, GNU recommends that we pass this added argument to tar to create binary reproducible packages. Setting of mtime is handled in fs/common.mk using touch on all files. Diffoscope output pre-change: https://gitlab.com/snippets/1871111 Diffoscope output after change is blank i.e. binary reproducibile rootfs is created. GNU Recommendation: https://www.gnu.org/software/tar/manual/tar.html#SEC147 Signed-off-by: Atharva Lele Reviewed-by: Matt Weber --- Changes v2 -> v2: - Add comment (suggested by Peter) - Does not depend on BR2_REPRODUCIBLE since we don't need atime/ctime anyway Changes v1 -> v2: - Added comment about mtime handling --- fs/tar/tar.mk | 3 +++ 1 file changed, 3 insertions(+) diff --git a/fs/tar/tar.mk b/fs/tar/tar.mk index 4c6327ace8..393d01bfe8 100644 --- a/fs/tar/tar.mk +++ b/fs/tar/tar.mk @@ -8,6 +8,9 @@ TAR_OPTS := $(call qstrip,$(BR2_TARGET_ROOTFS_TAR_OPTIONS)) ROOTFS_TAR_DEPENDENCIES = $(BR2_TAR_HOST_DEPENDENCY) +# do not store atime/ctime in PaxHeaders to ensure reproducbility +TAR_OPTS += --pax-option=exthdr.name=%d/PaxHeaders/%f,atime:=0,ctime:=0 + define ROOTFS_TAR_CMD (cd $(TARGET_DIR); find -print0 | LC_ALL=C sort -z | \ tar $(TAR_OPTS) -cf $@ --null --xattrs-include='*' --no-recursion -T - --numeric-owner)