diff options
| author | Frieder Paape <frieder@konvera.io> | 2023-06-05 09:00:33 +0000 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2023-06-06 23:41:13 +0100 |
| commit | f7035ce464c5bb8bf137afe3de2c8d29f09897e4 (patch) | |
| tree | 08a939e4b4cb9f3485acaf66b502f09c7e0794f9 | |
| parent | 06b5f249ced23b6bc442758131832b8640164b44 (diff) | |
| download | poky-f7035ce464c5bb8bf137afe3de2c8d29f09897e4.tar.gz | |
image_types: Fix reproducible builds for initramfs and UKI img
I've encountered issues reproducing initramfs and UKI image builds,
which will be fixed with this patch.
1. initramfs
There's a symbolic link to /sbin/init, which is appended to the cpio archive after creation.
The links timestamp needs to be static and the cpio append command needs the '--reproducible' flag to produce deterministic outcomes.
2. Unified Kernel Image
'--preserve-dates' is required for a static 'Time/Date' entry.
I've added '--enable-deterministic-archives' although in my case this
didn't change anything.
(From OE-Core rev: fd027729bafb4e085ba0949e38e724f3a8cad102)
Signed-off-by: Frieder Paape <frieder@konvera.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
| -rw-r--r-- | meta/classes-recipe/image_types.bbclass | 5 | ||||
| -rw-r--r-- | scripts/lib/wic/plugins/source/bootimg-efi.py | 2 |
2 files changed, 5 insertions, 2 deletions
diff --git a/meta/classes-recipe/image_types.bbclass b/meta/classes-recipe/image_types.bbclass index bbddfaf272..023eb87537 100644 --- a/meta/classes-recipe/image_types.bbclass +++ b/meta/classes-recipe/image_types.bbclass | |||
| @@ -148,10 +148,11 @@ IMAGE_CMD:cpio () { | |||
| 148 | if [ ! -L ${IMAGE_ROOTFS}/init ] && [ ! -e ${IMAGE_ROOTFS}/init ]; then | 148 | if [ ! -L ${IMAGE_ROOTFS}/init ] && [ ! -e ${IMAGE_ROOTFS}/init ]; then |
| 149 | if [ -L ${IMAGE_ROOTFS}/sbin/init ] || [ -e ${IMAGE_ROOTFS}/sbin/init ]; then | 149 | if [ -L ${IMAGE_ROOTFS}/sbin/init ] || [ -e ${IMAGE_ROOTFS}/sbin/init ]; then |
| 150 | ln -sf /sbin/init ${WORKDIR}/cpio_append/init | 150 | ln -sf /sbin/init ${WORKDIR}/cpio_append/init |
| 151 | touch -h -r ${IMAGE_ROOTFS}/sbin/init ${WORKDIR}/cpio_append/init | ||
| 151 | else | 152 | else |
| 152 | touch ${WORKDIR}/cpio_append/init | 153 | touch -r ${IMAGE_ROOTFS} ${WORKDIR}/cpio_append/init |
| 153 | fi | 154 | fi |
| 154 | (cd ${WORKDIR}/cpio_append && echo ./init | cpio -oA -H newc -F ${IMGDEPLOYDIR}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.cpio) | 155 | (cd ${WORKDIR}/cpio_append && echo ./init | cpio --reproducible -oA -H newc -F ${IMGDEPLOYDIR}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.cpio) |
| 155 | fi | 156 | fi |
| 156 | fi | 157 | fi |
| 157 | } | 158 | } |
diff --git a/scripts/lib/wic/plugins/source/bootimg-efi.py b/scripts/lib/wic/plugins/source/bootimg-efi.py index 43c6fd94d9..2bf7375887 100644 --- a/scripts/lib/wic/plugins/source/bootimg-efi.py +++ b/scripts/lib/wic/plugins/source/bootimg-efi.py | |||
| @@ -351,6 +351,8 @@ class BootimgEFIPlugin(SourcePlugin): | |||
| 351 | 351 | ||
| 352 | # https://www.freedesktop.org/software/systemd/man/systemd-stub.html | 352 | # https://www.freedesktop.org/software/systemd/man/systemd-stub.html |
| 353 | objcopy_cmd = "%s-objcopy" % target_sys | 353 | objcopy_cmd = "%s-objcopy" % target_sys |
| 354 | objcopy_cmd += " --enable-deterministic-archives" | ||
| 355 | objcopy_cmd += " --preserve-dates" | ||
| 354 | objcopy_cmd += " --add-section .osrel=%s/usr/lib/os-release" % staging_dir_host | 356 | objcopy_cmd += " --add-section .osrel=%s/usr/lib/os-release" % staging_dir_host |
| 355 | objcopy_cmd += " --change-section-vma .osrel=0x20000" | 357 | objcopy_cmd += " --change-section-vma .osrel=0x20000" |
| 356 | objcopy_cmd += " --add-section .cmdline=%s" % cmdline.name | 358 | objcopy_cmd += " --add-section .cmdline=%s" % cmdline.name |