Le mercredi 26 août 2015 à 21:08 +1200, Chris Packham a écrit :
On Wed, Aug 26, 2015 at 12:09 AM, Paul Kocialkowski contact@paulk.fr wrote:
Le jeudi 13 août 2015 à 18:08 +1200, Chris Packham a écrit :
Along with SOURCE_DATE_EPOCH SOURCE_DATE_TZ can be used to recreate a build with a specific date timestamp. This allows the verification of source supplied with a pre-compiled binary.
If SOURCE_DATE_EPOCH is supplied SOURCE_DATE_TZ can be used to specify what will appear in the output of the version command. If SOURCE_DATE_TZ is not specified UTC will be used. SOURCE_DATE_TZ on it's own will not have an affect.
I advise against merging this patch given Ximin Luo's comments on v1, at least until this has been properly discussed with the reproducible team and a precise meaning for it has been agreed on.
I'm happy to go along with that. 1/2 of this series was the "fix". 2/2 just kind of came up as part of the discussion that followed. Tom, can you handle that or do you want me to send a v4 of the series with just the first patch?
Just for my own understanding is the "reproducible team" a u-boot thing or a debian thing? I'm not really active in any of the debian projects so maybe someone there should pick this up if it's a debian thing.
Well, I'm referring to the reproducible team at Debian, but since they're working with upstream (and they're apparently the only group of people to do that work), I think it's fair to say they're the reference when it comes to reproducible builds.
Signed-off-by: Chris Packham judge.packham@gmail.com
This is a quick proof of concept that allows some control of how the timezone is displayed. Now you can do something like
make SOURCE_DATE_EPOCH=12345678 SOURCE_DATE_TZ=America/Los_Angeles
Changes in v3:
- Drop RFC
Changes in v2: None
Makefile | 7 ++++--- README | 9 ++++++--- 2 files changed, 10 insertions(+), 6 deletions(-)
diff --git a/Makefile b/Makefile index 3ff063a..609b595 100644 --- a/Makefile +++ b/Makefile @@ -1281,9 +1281,10 @@ endef define filechk_timestamp.h (if test -n "$${SOURCE_DATE_EPOCH}"; then \ SOURCE_DATE="@$${SOURCE_DATE_EPOCH}"; \
LC_ALL=C date -u -d "$${SOURCE_DATE}" +'#define U_BOOT_DATE "%b %d %C%y"'; \LC_ALL=C date -u -d "$${SOURCE_DATE}" +'#define U_BOOT_TIME "%T"'; \LC_ALL=C date -u -d "$${SOURCE_DATE}" +'#define U_BOOT_TZ "%z"'; \
SOURCE_TZ="$${SOURCE_DATE_TZ:-UTC}"; \TZ="$${SOURCE_TZ}" LC_ALL=C date -d "$${SOURCE_DATE}" +'#define U_BOOT_DATE "%b %d %C%y"'; \TZ="$${SOURCE_TZ}" LC_ALL=C date -d "$${SOURCE_DATE}" +'#define U_BOOT_TIME "%T"'; \TZ="$${SOURCE_TZ}" LC_ALL=C date -d "$${SOURCE_DATE}" +'#define U_BOOT_TZ "%z"'; \ else \ LC_ALL=C date +'#define U_BOOT_DATE "%b %d %C%y"'; \ LC_ALL=C date +'#define U_BOOT_TIME "%T"'; \diff --git a/README b/README index 1bcb63c..d2e3e94 100644 --- a/README +++ b/README @@ -5087,11 +5087,14 @@ Reproducible builds In order to achieve reproducible builds, timestamps used in the U-Boot build process have to be set to a fixed value.
-This is done using the SOURCE_DATE_EPOCH environment variable. -SOURCE_DATE_EPOCH is to be set on the build host's shell, not as a configuration -option for U-Boot or an environment variable in U-Boot. +This is done using the SOURCE_DATE_EPOCH and SOURCE_DATE_TZ environment +variables. These are to be set on the build host's shell, not as a +configuration option for U-Boot or an environment variable in U-Boot.
SOURCE_DATE_EPOCH should be set to a number of seconds since the epoch, in UTC. +SOURCE_DATE_TZ will default to UTC but can be set to another timezone and is +used to determine how the date is displayed (tzselect(1) can be used to +determine an appropriate value).
Building the Software: