diff options
author | Juro Bystricky <juro.bystricky@intel.com> | 2017-08-09 10:48:32 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-08-16 00:03:15 +0100 |
commit | 55e9485735ae8393b410f30973c785236dc402d2 (patch) | |
tree | 9d87c88f5d25599c3cb9a06312cb3c74ed6c92d2 /meta | |
parent | f3da1613c4d19f599ecea34fc9ea7b9935a8a26a (diff) | |
download | poky-55e9485735ae8393b410f30973c785236dc402d2.tar.gz |
kernel.bbclass: improve reproducibility
Several tweaks to improve reproducibility:
1. If BUILD_REPRODUCIBLE_BINARIES == 1, set KBUILD_BUILD_TIMESTAMP
to a reproducible value. This is either a non-zero SOURCE_DATE_EPOCH, or the
value obtained from top entry of GIT repo, or (if there is no GIT repo)
fallback to REPRODUCIBLE_TIMESTAMP_ROOTFS as the last resort.
Also export KCONFIG_NOTIMESTAMP=1.
2. When compressing vmlinux.gz, use gzip "-n" option
3. Kernel and kernel modules contain hard coded paths referencing the host
build system. This is usually because the source code contains __FILE__
at some place. This prevents binary reproducibility. However, some compilers
allow remapping of the __FILE__ value. If we detect the compiler is capable
of doing this, we replace the source path $(S) part of __FILE__ by a string "/kernel-source".
For example:
/data/master/build/tmp/work-shared/qemux86/kernel-source/drivers/media/v4l2-core/videobuf2-core.c
will be replaced by a reproducible value:
/kernel-source/drivers/media/v4l2-core/videobuf2-core.c.
(From OE-Core rev: 012a70da7ae0617740cd0cf807d01c3cd912c823)
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta')
-rw-r--r-- | meta/classes/kernel.bbclass | 39 |
1 files changed, 36 insertions, 3 deletions
diff --git a/meta/classes/kernel.bbclass b/meta/classes/kernel.bbclass index ce2cab65ae..2a765547ac 100644 --- a/meta/classes/kernel.bbclass +++ b/meta/classes/kernel.bbclass | |||
@@ -255,8 +255,39 @@ python do_devshell_prepend () { | |||
255 | 255 | ||
256 | addtask bundle_initramfs after do_install before do_deploy | 256 | addtask bundle_initramfs after do_install before do_deploy |
257 | 257 | ||
258 | get_cc_option () { | ||
259 | # Check if KERNEL_CC supports the option "file-prefix-map". | ||
260 | # This option allows us to build images with __FILE__ values that do not | ||
261 | # contain the host build path. | ||
262 | cc_option_supported=`${KERNEL_CC} -Q --help=joined | grep ffile-prefix-map` | ||
263 | cc_extra="" | ||
264 | if [ $cc_option_supported = "-ffile-prefix-map=<old=new>" ]; then | ||
265 | cc_extra=-ffile-prefix-map=${S}=/kernel-source/ | ||
266 | fi | ||
267 | echo $cc_extra | ||
268 | } | ||
269 | |||
258 | kernel_do_compile() { | 270 | kernel_do_compile() { |
259 | unset CFLAGS CPPFLAGS CXXFLAGS LDFLAGS MACHINE | 271 | unset CFLAGS CPPFLAGS CXXFLAGS LDFLAGS MACHINE |
272 | if [ "$BUILD_REPRODUCIBLE_BINARIES" = "1" ]; then | ||
273 | # kernel sources do not use do_unpack, so SOURCE_DATE_EPOCH may not | ||
274 | # be set.... | ||
275 | if [ "$SOURCE_DATE_EPOCH" = "0" ]; then | ||
276 | olddir=`pwd` | ||
277 | cd ${S} | ||
278 | SOURCE_DATE_EPOCH=`git log -1 --pretty=%ct` | ||
279 | # git repo not guaranteed, so fall back to REPRODUCIBLE_TIMESTAMP_ROOTFS | ||
280 | if [ $? -ne 0 ]; then | ||
281 | SOURCE_DATE_EPOCH=${REPRODUCIBLE_TIMESTAMP_ROOTFS} | ||
282 | fi | ||
283 | cd $olddir | ||
284 | fi | ||
285 | |||
286 | ts=`LC_ALL=C date -d @$SOURCE_DATE_EPOCH` | ||
287 | export KBUILD_BUILD_TIMESTAMP="$ts" | ||
288 | export KCONFIG_NOTIMESTAMP=1 | ||
289 | bbnote "KBUILD_BUILD_TIMESTAMP: $ts" | ||
290 | fi | ||
260 | # The $use_alternate_initrd is only set from | 291 | # The $use_alternate_initrd is only set from |
261 | # do_bundle_initramfs() This variable is specifically for the | 292 | # do_bundle_initramfs() This variable is specifically for the |
262 | # case where we are making a second pass at the kernel | 293 | # case where we are making a second pass at the kernel |
@@ -270,20 +301,22 @@ kernel_do_compile() { | |||
270 | copy_initramfs | 301 | copy_initramfs |
271 | use_alternate_initrd=CONFIG_INITRAMFS_SOURCE=${B}/usr/${INITRAMFS_IMAGE_NAME}.cpio | 302 | use_alternate_initrd=CONFIG_INITRAMFS_SOURCE=${B}/usr/${INITRAMFS_IMAGE_NAME}.cpio |
272 | fi | 303 | fi |
304 | cc_extra=$(get_cc_option) | ||
273 | for typeformake in ${KERNEL_IMAGETYPE_FOR_MAKE} ; do | 305 | for typeformake in ${KERNEL_IMAGETYPE_FOR_MAKE} ; do |
274 | oe_runmake ${typeformake} CC="${KERNEL_CC}" LD="${KERNEL_LD}" ${KERNEL_EXTRA_ARGS} $use_alternate_initrd | 306 | oe_runmake ${typeformake} CC="${KERNEL_CC} $cc_extra " LD="${KERNEL_LD}" ${KERNEL_EXTRA_ARGS} $use_alternate_initrd |
275 | done | 307 | done |
276 | # vmlinux.gz is not built by kernel | 308 | # vmlinux.gz is not built by kernel |
277 | if (echo "${KERNEL_IMAGETYPES}" | grep -wq "vmlinux\.gz"); then | 309 | if (echo "${KERNEL_IMAGETYPES}" | grep -wq "vmlinux\.gz"); then |
278 | mkdir -p "${KERNEL_OUTPUT_DIR}" | 310 | mkdir -p "${KERNEL_OUTPUT_DIR}" |
279 | gzip -9c < ${B}/vmlinux > "${KERNEL_OUTPUT_DIR}/vmlinux.gz" | 311 | gzip -9cn < ${B}/vmlinux > "${KERNEL_OUTPUT_DIR}/vmlinux.gz" |
280 | fi | 312 | fi |
281 | } | 313 | } |
282 | 314 | ||
283 | do_compile_kernelmodules() { | 315 | do_compile_kernelmodules() { |
284 | unset CFLAGS CPPFLAGS CXXFLAGS LDFLAGS MACHINE | 316 | unset CFLAGS CPPFLAGS CXXFLAGS LDFLAGS MACHINE |
285 | if (grep -q -i -e '^CONFIG_MODULES=y$' ${B}/.config); then | 317 | if (grep -q -i -e '^CONFIG_MODULES=y$' ${B}/.config); then |
286 | oe_runmake -C ${B} ${PARALLEL_MAKE} modules CC="${KERNEL_CC}" LD="${KERNEL_LD}" ${KERNEL_EXTRA_ARGS} | 318 | cc_extra=$(get_cc_option) |
319 | oe_runmake -C ${B} ${PARALLEL_MAKE} modules CC="${KERNEL_CC} $cc_extra " LD="${KERNEL_LD}" ${KERNEL_EXTRA_ARGS} | ||
287 | 320 | ||
288 | # Module.symvers gets updated during the | 321 | # Module.symvers gets updated during the |
289 | # building of the kernel modules. We need to | 322 | # building of the kernel modules. We need to |