From patchwork Mon Nov 7 08:25:03 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: venkata.pyla@toshiba-tsip.com X-Patchwork-Id: 2204 Return-Path: Received: from shymkent.ilbers.de ([unix socket]) by shymkent (Cyrus 2.5.10-Debian-2.5.10-3+deb9u2) with LMTPA; Mon, 07 Nov 2022 09:25:16 +0100 X-Sieve: CMU Sieve 2.4 Received: from mail-pj1-f61.google.com (mail-pj1-f61.google.com [209.85.216.61]) by shymkent.ilbers.de (8.15.2/8.15.2/Debian-8+deb9u1) with ESMTPS id 2A78PFGu019940 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 7 Nov 2022 09:25:16 +0100 Received: by mail-pj1-f61.google.com with SMTP id om10-20020a17090b3a8a00b002108b078ab1sf9975372pjb.9; Mon, 07 Nov 2022 00:25:16 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1667809509; cv=pass; d=google.com; s=arc-20160816; b=uZO/3iNUcyVc1NOFHz3PWDobl7iRK8ssd983BMy5zily//GJMMPM3K+WW7/toWKqM3 7LTo+E6NPNmDUfUZ1hYoWA1SJ+FpFRZNVYo2UmZrLTV79pF2Oc0Ox8T2smrJSz00k3rf 2CuUNrYTvquztnBMGHXCnjjmAPEoSJNQ/kA6YnxZlmo8AJ4XPQ6epqXHz0bexWnZjv6d NhdZCWdbcyPisVtEVS4WZkceW1i2Vq3V4qTf24ykw8C9kqBwoHYXK00NTyAy/eHvZABo 03PMnp8PtYzq1OnmMcMaQ0zn4w6oNPTLQ2KCm0JCngnIiT9xq0vRDJcGm6qCp9mBavbB MppA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:mime-version:message-id:date :subject:cc:to:from:sender:dkim-signature; bh=xBwpSrTdZvAr+jStcvHBg3jJMSUWxppY/zrtfuhSdH8=; b=Tlk18uAT1vG632+KG2uFf6Ll+e1Ws05odL5OSjE9d+6u+JkuG+eVFFncO9lnyoIMMM yR1LjzM57GZWFOjRg0jrFCg5nUckNbqD1VSvOMAfhQZcEX0k/ce4R9ZheMVIbTVkhjKu iI8/q1fGZs+1oFsN3dCWKd6AEztpDQjpDxLyPArYOkfhwEbIPSDfYyXMlDqNxzrvGL9Z 6CE8FSUBmCL0W7bLgbfBpOUpyTuUtCL+2M8BXwMfIsWHpdxKbAtyi0p5sw7s0JpgptMm iGUbXHyG1pe3XoIm+ifBd1HB0lNyEFludc9fMCrrXwSEvX7pqLLkwcEEM22TjK8NfqTG UD3Q== ARC-Authentication-Results: i=2; gmr-mx.google.com; spf=pass (google.com: domain of venkata.pyla@toshiba-tsip.com designates 210.130.202.155 as permitted sender) smtp.mailfrom=venkata.pyla@toshiba-tsip.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20210112; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-authentication-results :x-original-sender:mime-version:message-id:date:subject:cc:to:from :sender:from:to:cc:subject:date:message-id:reply-to; bh=xBwpSrTdZvAr+jStcvHBg3jJMSUWxppY/zrtfuhSdH8=; b=Ft6zyAjjoSlUL2Qief2F1DOvFjwFhfW9MMFw54lCHxHzmTEukAVNJggabOTV58SvT4 aBaAKmOy+LwOLzlOX6CHhIWzgelzRBeRAAYx6AtZnz5oFNY3+PClYNjkiezTs+F9+NlL W5GprKSEL/+vZcjrvFDsul5tBbW2WC1tNi/JBFw/3iWM4VzQfSNh0GBxvMFDlRyGMI8o q8E6bH1YdAzWVJFnoUVzrJ0rTy1T+kkBmG9jbxoKoEB6gEkfDTk4h/m1PRsPZubKLq2H mNHGmakVp3RwHPvpqeI/ESdzL54p/p3XijBhSQusmQQ2aYokULrkz5CDQ4mEB4oQoiwv mEzQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence :x-original-authentication-results:x-original-sender:mime-version :message-id:date:subject:cc:to:from:x-gm-message-state:sender:from :to:cc:subject:date:message-id:reply-to; bh=xBwpSrTdZvAr+jStcvHBg3jJMSUWxppY/zrtfuhSdH8=; b=Omgvb96oUD6ta9XiqucFJmydosVLzKIzIAytlEsZJ/zJvl1IGIFZMKHIauJMAbt6h4 ag8r4qYqABYXU5wgBrtvL4c+Ym3mvLKC8B6kN6dCTQnYuF5xV7Yew5+uRoI8YQ9KnEdL HPskyFwXlL+b5rwaoK6nDKXNxE/sJXGt+7j8+TKQcWUo+dDKZuz32r1IE5lQ4UCkuC5Q Mc0bYOPE1gy0BJPrVgqo1N9Paj+6d70DvA0jZB0bYzw+MiI+eLX9aWxwYvFOejM0GwdS RRyXZVDKCnh9zdTbXn9luNGVwoagzHK+aFb81OpcDOo8Ht1iJv+SzYgBnDs7WQYD7IGC 4ptA== Sender: isar-users@googlegroups.com X-Gm-Message-State: ACrzQf3bt8v8+wNo8J7B7AUUtbQyJq5+4ClFoexi3jgRc+Pq29M3PV5h J6bPg06u3PyNOXiYQelnIT4= X-Google-Smtp-Source: AMsMyM6L1c0dj0IPapYRpXg0Q/Wn2NOmLsSp0LxI9KrXG67umCVVCAGGKCxyp/atyfots53Ao3x7aw== X-Received: by 2002:a17:902:e548:b0:186:f0d5:1ac2 with SMTP id n8-20020a170902e54800b00186f0d51ac2mr32827613plf.144.1667809509395; Mon, 07 Nov 2022 00:25:09 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a17:90a:17eb:b0:20f:adac:8c6 with SMTP id q98-20020a17090a17eb00b0020fadac08c6ls10898097pja.1.-pod-canary-gmail; Mon, 07 Nov 2022 00:25:08 -0800 (PST) X-Received: by 2002:a17:90a:d084:b0:213:8cf1:4d34 with SMTP id k4-20020a17090ad08400b002138cf14d34mr51417748pju.150.1667809508777; Mon, 07 Nov 2022 00:25:08 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1667809508; cv=none; d=google.com; s=arc-20160816; b=cCUw73pd+YtSeByZW3XYLcW/U4a8r7CLoF4h/3NWrsPxPSrZkaXmpTexvJBzP3dkmB 66DcGZiybx0cRZ15JrE22lXrcqi/plcXhZxH2/qYmFinDIg37Rrq2ieR4qh6ZANdVrU0 2eg9jYHQF79t8fPl4p1VDDYAQNa9lAsGjHlWwTAvPtXkhP3Az6XzXt8traATh5CWHDCm 2JGr+O4NEjMiePt0nFKVMrCZWcxe3aQarmhBP24/FiVhATeMy+l3CxMfQlI7sqKV6OmV 0zfWB0WZu9vdkVVEpt/Pee4x+Vd23frCpEmGquA62ek+yyIasc7MCy0ns/A6azxgfViT LAgw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from; bh=ZiIa5TesU/3SJ3oujsXCdlKhUQJ/L+1d1PwegtivOB0=; b=Bh6eqUs4r+FWfzoxFfGSwpuL3Q3VSRA/6GGaZyd5ETTbKA6RQi6QYwdeA20tEp5F0c 2l31RaNAmu7Si/qmFpe8Woww/D835PvGiPusNBBmYgZDdZgifMOzXTqZLPXR9UxFWhZN FBvYqyzAyr7QaDEI25PadI8T/1Wt4Gq4G/GL4CNreS04mOZEiOBi+dkHkE+sde3OMhSI QyfP6BZFZI6JOTd5stlnuwElIqW5Ht+gDViAmGV37rTSergfTKeuZ/aGqaZ3J/Ly8BRk TyObLMsoUGN8FfNNgOXDCFiMYgLn3nPHx8YPBMLdzQwxNeq2gbOEXz/lblx98fBrG7H9 BruQ== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of venkata.pyla@toshiba-tsip.com designates 210.130.202.155 as permitted sender) smtp.mailfrom=venkata.pyla@toshiba-tsip.com Received: from mo-csw.securemx.jp (mo-csw1516.securemx.jp. [210.130.202.155]) by gmr-mx.google.com with ESMTPS id p13-20020a170902a40d00b00186c372722csi312805plq.9.2022.11.07.00.25.08 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 07 Nov 2022 00:25:08 -0800 (PST) Received-SPF: pass (google.com: domain of venkata.pyla@toshiba-tsip.com designates 210.130.202.155 as permitted sender) client-ip=210.130.202.155; Received: by mo-csw.securemx.jp (mx-mo-csw1516) id 2A78P6E1016570; Mon, 7 Nov 2022 17:25:06 +0900 X-Iguazu-Qid: 34ts129D5ZIe0Yv22k X-Iguazu-QSIG: v=2; s=0; t=1667809506; q=34ts129D5ZIe0Yv22k; m=+m7m/GgVTadfVGUe+esNFJuK7zLLhkJN9i9cczmQLi4= Received: from imx12-a.toshiba.co.jp ([38.106.60.135]) by relay.securemx.jp (mx-mr1511) id 2A78P6mX001082 (version=TLSv1.2 cipher=AES128-GCM-SHA256 bits=128 verify=NOT); Mon, 7 Nov 2022 17:25:06 +0900 From: venkata.pyla@toshiba-tsip.com To: isar-users@googlegroups.com Cc: venkata pyla , jan.kiszka@siemens.com, henning.schild@siemens.com, kazuhiro3.hayashi@toshiba.co.jp, dinesh.kumar@toshiba-tsip.com Subject: [PATCH] image.bbclass: set file timestamps inside the rootfs and initramfs image Date: Mon, 7 Nov 2022 13:55:03 +0530 X-TSB-HOP2: ON Message-Id: <20221107082503.14774-1-venkata.pyla@toshiba-tsip.com> X-Mailer: git-send-email 2.20.1 MIME-Version: 1.0 X-OriginalArrivalTime: 07 Nov 2022 08:25:03.0939 (UTC) FILETIME=[6F98E130:01D8F282] X-Original-Sender: venkata.pyla@toshiba-tsip.com X-Original-Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of venkata.pyla@toshiba-tsip.com designates 210.130.202.155 as permitted sender) smtp.mailfrom=venkata.pyla@toshiba-tsip.com Precedence: list Mailing-list: list isar-users@googlegroups.com; contact isar-users+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: isar-users@googlegroups.com X-Google-Group-Id: 914930254986 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_EF,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on shymkent.ilbers.de X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= From: venkata pyla As part of reproducible-build work, one of the problem chosen to solve is the file time stamps inside rootfs and initramfs are not identical between two builds. With the help of reproducible-builds.org and their suggestions, the above problem can be fixed using 'SOURCE_DATE_EPOCH' variable [2]. In case of rootfs file time-stamps, set all the files and folders that are newer than 'SOURCE_DATE_EPOCH' and set it to same. In case of initramfs, regenerate the initramfs image with 'SOURCE_DATE_EPOCH' variable set as the mkinitramfs script is already taken care of creating reproducible initramfs image when the variable is set in the environment[3]. The SOURCE_DATE_EPOCH variable should be set to the last modification of the git repository as explained in the documentation[2]. e.g: SOURCE_DATE_EPOCH=$(git log -1 --pretty=%ct) To know more about the reproducible builds and its goals please refer [1]. [1] https://reproducible-builds.org/ [2] https://reproducible-builds.org/docs/source-date-epoch/ [3] https://manpages.debian.org/bullseye/initramfs-tools-core/mkinitramfs.8.en.html#ENVIRONMENT Signed-off-by: venkata pyla --- meta/classes/image.bbclass | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass index ccff810..c1bb4fd 100644 --- a/meta/classes/image.bbclass +++ b/meta/classes/image.bbclass @@ -431,6 +431,21 @@ do_rootfs_finalize() { "${ROOTFSDIR}/etc/apt/sources.list.d/bootstrap.list" rm -f "${ROOTFSDIR}/etc/apt/sources-list" + + # Recreate initramfs inorder to set timestamps to SOURCE_DATE_EPOCH + # inorder to make reproducible initramfs + test ! -z "${SOURCE_DATE_EPOCH}" && \ + SOURCE_DATE_EPOCH=${SOURCE_DATE_EPOCH} chroot "${ROOTFSDIR}" \ + update-initramfs -u -v + + # Set timestamp to files inside the rootfs image inorder to make + # reproducible rootfs + test ! -z "${SOURCE_DATE_EPOCH}" && \ + find ${ROOTFSDIR} -newermt \ + "$(date -d@${SOURCE_DATE_EPOCH} '+%Y-%m-%d %H:%M:%S')" \ + -printf "%y %p\n" \ + -exec touch '{}' -h -d@${SOURCE_DATE_EPOCH} ';' + EOSUDO } addtask rootfs_finalize before do_rootfs after do_rootfs_postprocess