[OE-core] [PATCH v2] image_types: improve reproducibility of .cpio files.
Kamel Hacene
kamel.hacene at smile.fr
Tue May 29 15:44:24 UTC 2018
When BUILD_REPRODUCIBLE_BINARIES is set, run cpio command with the
--reproducible flag and set the timestamp of the created /init file to
REPRODUCIBLE_TIMESTAMP_ROOTFS in accordance with reproducible_final_image_task
in image.bbclass.
Signed-off-by: Kamel Hacene <kamel.hacene at smile.fr>
---
meta/classes/image_types.bbclass | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/meta/classes/image_types.bbclass b/meta/classes/image_types.bbclass
index 00a00d318f..aa3255d091 100644
--- a/meta/classes/image_types.bbclass
+++ b/meta/classes/image_types.bbclass
@@ -127,9 +127,14 @@ IMAGE_CMD_TAR ?= "tar"
# ignore return code 1 "file changed as we read it" as other tasks(e.g. do_image_wic) may be hardlinking rootfs
IMAGE_CMD_tar = "${IMAGE_CMD_TAR} --numeric-owner -cf ${IMGDEPLOYDIR}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.tar -C ${IMAGE_ROOTFS} . || [ $? -eq 1 ]"
+# Extra options given to the cpio command
+CPIO_EXTRA_OPTS ?= ""
+CPIO_EXTRA_OPTS += "${@'--reproducible' if d.getVar('BUILD_REPRODUCIBLE_BINARIES') == '1' else ''}"
+# Ensure the use of cpio v2.12 or higher by using oe's instead of the host's
+DEPENDS += "${@'cpio-native' if d.getVar('BUILD_REPRODUCIBLE_BINARIES') == '1' else ''}"
do_image_cpio[cleandirs] += "${WORKDIR}/cpio_append"
IMAGE_CMD_cpio () {
- (cd ${IMAGE_ROOTFS} && find . | cpio -o -H newc >${IMGDEPLOYDIR}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.cpio)
+ (cd ${IMAGE_ROOTFS} && find . | cpio ${CPIO_EXTRA_OPTS} -o -H newc >${IMGDEPLOYDIR}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.cpio)
# We only need the /init symlink if we're building the real
# image. The -dbg image doesn't need it! By being clever
# about this we also avoid 'touch' below failing, as it
@@ -142,7 +147,10 @@ IMAGE_CMD_cpio () {
else
touch ${WORKDIR}/cpio_append/init
fi
- (cd ${WORKDIR}/cpio_append && echo ./init | cpio -oA -H newc -F ${IMGDEPLOYDIR}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.cpio)
+ if [ "$BUILD_REPRODUCIBLE_BINARIES" = "1" ]; then
+ touch --no-dereference --date=@${REPRODUCIBLE_TIMESTAMP_ROOTFS} ${WORKDIR}/cpio_append/init
+ fi
+ (cd ${WORKDIR}/cpio_append && echo ./init | cpio ${CPIO_EXTRA_OPTS} -oA -H newc -F ${IMGDEPLOYDIR}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.cpio)
fi
fi
}
--
2.16.2
More information about the Openembedded-core
mailing list