diff options
author | Andrew Robbins <contact@andrewrobbins.info> | 2017-06-19 21:00:33 -0400 |
---|---|---|
committer | Andrew Robbins <contact@andrewrobbins.info> | 2017-06-19 21:34:29 -0400 |
commit | 2637c3f098d33e601f3d09038b11be5f32da4b24 (patch) | |
tree | 232c336694a9e3d72bc09fcc42d9e264c6e7eead | |
parent | 5787cc7698de91a80806275e863d8392f96744e2 (diff) | |
download | librebootfr-2637c3f098d33e601f3d09038b11be5f32da4b24.tar.gz librebootfr-2637c3f098d33e601f3d09038b11be5f32da4b24.zip |
Added vars RANDOM_SEED, LIBFAKETIME_PATH + misc.
All environment variables necessary for creating reproducible builds
should now be present. If libfaketime is not linked then the only
reproducibility-related variables SOURCE_DATE_EPOCH and RANDOM_SEED (gcc
flag -frandom-seed) will be used. -frandom-seed will be added in a
later commit.
-rwxr-xr-x | libreboot | 46 | ||||
-rwxr-xr-x | libs/common | 1 |
2 files changed, 33 insertions, 14 deletions
@@ -63,6 +63,7 @@ libreboot_usage() { printf " TOOLS_FORCE - Tools to always perform actions for\n" >&2 printf " RELEASE_KEY - GPG key to use for release\n" >&2 printf " VBOOT_KEYS_PATH - Path to the vboot keys\n" >&2 + printf " LIBFAKETIME_PATH - Path to the libfaketime shared library\n" >&2 printf " TASKS - Number of simultaneous tasks to run\n" >&2 printf " VERSION - Version string to use\n" >&2 @@ -172,21 +173,18 @@ libreboot_setup_variables() { local vboot_tools_path="$(project_install_path 'vboot' 'tools')" local version_path="${root}/${DOTVERSION}" local epoch_path="${root}/${DOTEPOCH}" + local rnd_seed_path="${root}/${DOTRNDSEED}" - if [[ -z "${TASKS}" ]]; then - TASKS=1 - fi - - if [[ -z "${VERSION}" ]]; then - if git_check "${root}"; then - VERSION="${BUILD_SYSTEM}-$(git_describe "${root}" 2> /dev/null || echo 'git')" - elif [[ -f "${version_path}" ]]; then - VERSION="$(cat "${version_path}")" + # Used by GCC, e.g., -frandom-seed="${RANDOM_SEED}" + if [[ -z "${RANDOM_SEED}" ]]; then + if [[ -f "${rnd_seed_path}" ]]; then + RANDOM_SEED="$(cat "${rnd_seed_path}")" else - VERSION="${BUILD_SYSTEM}" + RANDOM_SEED="${RANDOM}" # True randomness is unnecessary fi fi + # Also used by GCC, but as an environment variable if [[ -z "${SOURCE_DATE_EPOCH}" ]]; then if git_check "${root}"; then SOURCE_DATE_EPOCH="$(git log -1 --format=%ct)" @@ -197,12 +195,32 @@ libreboot_setup_variables() { fi fi - if [[ -z "${VBOOT_KEYS_PATH}" ]] && [[ -d "${vboot_tools_path}/devkeys/" ]]; then - VBOOT_KEYS_PATH="${vboot_tools_path}/devkeys/" + if [[ -z "${VERSION}" ]]; then + if git_check "${root}"; then + VERSION="${BUILD_SYSTEM}-$(git_describe "${root}" 2> /dev/null || echo 'git')" + elif [[ -f "${version_path}" ]]; then + VERSION="$(cat "${version_path}")" + else + VERSION="${BUILD_SYSTEM}" + fi + fi + + if [[ -d "${vboot_tools_path}/devkeys/" ]]; then + VBOOT_KEYS_PATH="${VBOOT_KEYS_PATH:-${vboot_tools_path}/devkeys/}" fi - if [[ -z "${EDITOR}" ]]; then - EDITOR="vi" + CONFIG_SHELL="${CONFIG_SHELL:-$(which bash)}" + EDITOR="${EDITOR:-$(which vi || true)}" + TASKS="${TASKS:-1}" + + # Environment variables useful for creating reproducible builds + if [[ -n "${LIBFAKETIME_PATH}" ]]; then + BUILD_DATE_FMT="%Y-%m-%d %H:%M:%S" + BUILD_DATE="$(date -u -d "@${SOURCE_DATE_EPOCH}" "+${BUILD_DATE_FMT}" 2>/dev/null || date -u -r "${SOURCE_DATE_EPOCH}" "+${BUILD_DATE_FMT}" 2>/dev/null || date -u "+${BUILD_DATE_FMT}")" + FAKETIME="@${BUILD_DATE}" + LC_ALL='C.UTF-8' + LD_PRELOAD="${LIBFAKETIME_PATH}" + TZ='UTC' fi } diff --git a/libs/common b/libs/common index 8f1379ee..281728bc 100755 --- a/libs/common +++ b/libs/common @@ -35,6 +35,7 @@ BLOBS_IGNORE="blobs-ignore" BLOBS_DISCOVER="blobs-discover" DOTEPOCH=".epoch" +DOTRNDSEED=".rndseed" DOTVERSION=".version" DOTREVISION=".revision" DOTTARFILES=".tarfiles" |