Difference between revisions of "Buildroot:ReproducibleBuilds"
(Typoes) |
Atharvalele (talk | contribs) (Diffoscope dependencies and minimal config diffoscope log) |
||
| Line 34: | Line 34: | ||
* Diffoscope data on their shared states: [https://github.com/alimon/yocto-reproduciblebuilds-data yocto-reproduciblebuilds-data] | * Diffoscope data on their shared states: [https://github.com/alimon/yocto-reproduciblebuilds-data yocto-reproduciblebuilds-data] | ||
| + | |||
| + | == Diffoscope Dependencies == | ||
| + | * '''Depends on''': python3, PyPI modules: libarchive-c, python-magic | ||
| + | * '''External tools requied''': Rscript, abootimg, apktool, bsdtar, bzip2, cbfstool, cd-iccdump, cmp, compare, convert, db_dump, diff, docx2txt, dumpxsb, enjarify, fdtdump, ffprobe, getfacl, ghc, gifbuild, gpg, gzip, identify, img2txt, isoinfo, javap, js-beautify, lipo, llvm-bcanalyzer, llvm-dis, lsattr, lz4, msgunfmt, nm, objcopy, objdump, ocamlobjinfo, odt2txt, oggDump, otool, pdftotext, pedump, pgpdump, ppudump, procyon, ps2ascii, readelf, showttf, sng, sqlite3, ssconvert, ssh-keygen, stat, tcpdump, unsquashfs, wasm2wat, xxd, xz, zipinfo, zipnote | ||
| + | * This has tools used to compare a lot of file formats that probably aren't generated (like android APKs, Windows/Mac executables) in a Buildroot run. We can exclude those. | ||
| + | |||
| + | == Sample Diffoscope Output == | ||
| + | * Minimal config build (make defconfig; make). Will run diffoscope on a build from Autobuilder config tomorrow. | ||
| + | * Builds run about 10 minutes apart. | ||
| + | * Moved first build to target, and rerun. Then run ''diffoscope target-1 target > diff.txt'' | ||
| + | * diffoscope log: https://paste.ubuntu.com/p/VpMbW4qQQP/ | ||
| + | * Except for a time record in the busybox binary, all other differences seem to be only timestamps of file generation. | ||
== Planning == | == Planning == | ||
Revision as of 09:28, 27 May 2019
As part of a Google Summer of Code project, Atharva Lele works on reproducible builds.
Contents
Away time
Arnout is away on: 30-31/5; 10/6; some time in July; 15-19/8.
Meetings
Weekly meetings on appear.in/buildroot every Tuesdays at 14:30 UTC.
- 2019-W20
- introductions
- confirm overal actions and planning
- 2019-W21
- Confirmed that starting from next week, work is full-time on GSoC (end of exams)
- Review of the Yocto implementation
- differences: Yocto is a distribution, so has a cache of the output, while buildroot does not
- SOURCE_DATE_EPOCH and TZ: already done (depends on BR2_REPRODUCIBLE)
- Doing similar in Buildroot:
- Do a first build with a successfull config from autobuilders, after enabling BR2_REPRODUCIBLE
- Then mv $(O)/target to $(O)/target-1; make clean; make
- And then run diffoscope target-1 target/
- Identify diffoscope dependencies to run it in autobuilders (eventually)
- How to save and present the result on autobuilder site?
Yocto's Implementation
- Wiki page: Reproducible Builds
- Shared State Mechanism: If input metadata hashes are same, outputs are reused. If inputs have changed, tools from Reproducible-Builds to be used. Further development yet to be done.
- At this stage, binary contents should be same. However file timestamps (due to package managers) may be different.
- Static Timezone value: Bugzilla
- Adapted SOURCE_DATE_EPOCH: Bugzilla, Source-Date-Epoch - Reproducible Builds
- Archives generated with deterministic metadata (using archive tools' arguments)
- Remove non-deterministic data from rootfs
- Diffoscope data on their shared states: yocto-reproduciblebuilds-data
Diffoscope Dependencies
- Depends on: python3, PyPI modules: libarchive-c, python-magic
- External tools requied: Rscript, abootimg, apktool, bsdtar, bzip2, cbfstool, cd-iccdump, cmp, compare, convert, db_dump, diff, docx2txt, dumpxsb, enjarify, fdtdump, ffprobe, getfacl, ghc, gifbuild, gpg, gzip, identify, img2txt, isoinfo, javap, js-beautify, lipo, llvm-bcanalyzer, llvm-dis, lsattr, lz4, msgunfmt, nm, objcopy, objdump, ocamlobjinfo, odt2txt, oggDump, otool, pdftotext, pedump, pgpdump, ppudump, procyon, ps2ascii, readelf, showttf, sng, sqlite3, ssconvert, ssh-keygen, stat, tcpdump, unsquashfs, wasm2wat, xxd, xz, zipinfo, zipnote
- This has tools used to compare a lot of file formats that probably aren't generated (like android APKs, Windows/Mac executables) in a Buildroot run. We can exclude those.
Sample Diffoscope Output
- Minimal config build (make defconfig; make). Will run diffoscope on a build from Autobuilder config tomorrow.
- Builds run about 10 minutes apart.
- Moved first build to target, and rerun. Then run diffoscope target-1 target > diff.txt
- diffoscope log: https://paste.ubuntu.com/p/VpMbW4qQQP/
- Except for a time record in the busybox binary, all other differences seem to be only timestamps of file generation.
Planning
- Week 20: study how yocto does it
- Week 21: ...
- Week 22: do two builds in autobuild-run script
