From 2637c3f098d33e601f3d09038b11be5f32da4b24 Mon Sep 17 00:00:00 2001 From: Andrew Robbins Date: Mon, 19 Jun 2017 21:00:33 -0400 Subject: Added vars RANDOM_SEED, LIBFAKETIME_PATH + misc. All environment variables necessary for creating reproducible builds should now be present. If libfaketime is not linked then the only reproducibility-related variables SOURCE_DATE_EPOCH and RANDOM_SEED (gcc flag -frandom-seed) will be used. -frandom-seed will be added in a later commit. --- libreboot | 46 ++++++++++++++++++++++++++++++++-------------- libs/common | 1 + 2 files changed, 33 insertions(+), 14 deletions(-) diff --git a/libreboot b/libreboot index f02de202..a89b78e5 100755 --- a/libreboot +++ b/libreboot @@ -63,6 +63,7 @@ libreboot_usage() { printf " TOOLS_FORCE - Tools to always perform actions for\n" >&2 printf " RELEASE_KEY - GPG key to use for release\n" >&2 printf " VBOOT_KEYS_PATH - Path to the vboot keys\n" >&2 + printf " LIBFAKETIME_PATH - Path to the libfaketime shared library\n" >&2 printf " TASKS - Number of simultaneous tasks to run\n" >&2 printf " VERSION - Version string to use\n" >&2 @@ -172,21 +173,18 @@ libreboot_setup_variables() { local vboot_tools_path="$(project_install_path 'vboot' 'tools')" local version_path="${root}/${DOTVERSION}" local epoch_path="${root}/${DOTEPOCH}" + local rnd_seed_path="${root}/${DOTRNDSEED}" - if [[ -z "${TASKS}" ]]; then - TASKS=1 - fi - - if [[ -z "${VERSION}" ]]; then - if git_check "${root}"; then - VERSION="${BUILD_SYSTEM}-$(git_describe "${root}" 2> /dev/null || echo 'git')" - elif [[ -f "${version_path}" ]]; then - VERSION="$(cat "${version_path}")" + # Used by GCC, e.g., -frandom-seed="${RANDOM_SEED}" + if [[ -z "${RANDOM_SEED}" ]]; then + if [[ -f "${rnd_seed_path}" ]]; then + RANDOM_SEED="$(cat "${rnd_seed_path}")" else - VERSION="${BUILD_SYSTEM}" + RANDOM_SEED="${RANDOM}" # True randomness is unnecessary fi fi + # Also used by GCC, but as an environment variable if [[ -z "${SOURCE_DATE_EPOCH}" ]]; then if git_check "${root}"; then SOURCE_DATE_EPOCH="$(git log -1 --format=%ct)" @@ -197,12 +195,32 @@ libreboot_setup_variables() { fi fi - if [[ -z "${VBOOT_KEYS_PATH}" ]] && [[ -d "${vboot_tools_path}/devkeys/" ]]; then - VBOOT_KEYS_PATH="${vboot_tools_path}/devkeys/" + if [[ -z "${VERSION}" ]]; then + if git_check "${root}"; then + VERSION="${BUILD_SYSTEM}-$(git_describe "${root}" 2> /dev/null || echo 'git')" + elif [[ -f "${version_path}" ]]; then + VERSION="$(cat "${version_path}")" + else + VERSION="${BUILD_SYSTEM}" + fi + fi + + if [[ -d "${vboot_tools_path}/devkeys/" ]]; then + VBOOT_KEYS_PATH="${VBOOT_KEYS_PATH:-${vboot_tools_path}/devkeys/}" fi - if [[ -z "${EDITOR}" ]]; then - EDITOR="vi" + CONFIG_SHELL="${CONFIG_SHELL:-$(which bash)}" + EDITOR="${EDITOR:-$(which vi || true)}" + TASKS="${TASKS:-1}" + + # Environment variables useful for creating reproducible builds + if [[ -n "${LIBFAKETIME_PATH}" ]]; then + BUILD_DATE_FMT="%Y-%m-%d %H:%M:%S" + BUILD_DATE="$(date -u -d "@${SOURCE_DATE_EPOCH}" "+${BUILD_DATE_FMT}" 2>/dev/null || date -u -r "${SOURCE_DATE_EPOCH}" "+${BUILD_DATE_FMT}" 2>/dev/null || date -u "+${BUILD_DATE_FMT}")" + FAKETIME="@${BUILD_DATE}" + LC_ALL='C.UTF-8' + LD_PRELOAD="${LIBFAKETIME_PATH}" + TZ='UTC' fi } diff --git a/libs/common b/libs/common index 8f1379ee..281728bc 100755 --- a/libs/common +++ b/libs/common @@ -35,6 +35,7 @@ BLOBS_IGNORE="blobs-ignore" BLOBS_DISCOVER="blobs-discover" DOTEPOCH=".epoch" +DOTRNDSEED=".rndseed" DOTVERSION=".version" DOTREVISION=".revision" DOTTARFILES=".tarfiles" -- cgit v1.2.3-70-g09d2