NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fs/tar: explicitly set extended header values to ensure binary reproducibility

Browse Source 
Since we use --xattrs-include='*' to include all extended attributes,
tar creates a PAX formatted archive. The archive metadata captures atime
and ctime of files. To fix this, GNU recommends that we pass this added
argument to tar to create binary reproducible packages. Setting of mtime
is handled in fs/common.mk using touch on all files.

Diffoscope output pre-change: https://gitlab.com/snippets/1871111
Diffoscope output after change is blank i.e. binary reproducibile rootfs
is created.

GNU Recommendation: https://www.gnu.org/software/tar/manual/tar.html#SEC147

Signed-off-by: Atharva Lele <itsatharva@gmail.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 9c449f9dd8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Atharva Lele 2019-07-06 12:25:01 +05:30 committed by Peter Korsgaard
parent fbc5ff9e85
commit dc1431ec65
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
fs/tar/tar.mk
View File

@ -8,6 +8,9 @@ TAR_OPTS := $(call qstrip,$(BR2_TARGET_ROOTFS_TAR_OPTIONS))
ROOTFS_TAR_DEPENDENCIES = $(BR2_TAR_HOST_DEPENDENCY) ROOTFS_TAR_DEPENDENCIES = $(BR2_TAR_HOST_DEPENDENCY)
# do not store atime/ctime in PaxHeaders to ensure reproducbility
TAR_OPTS += --pax-option=exthdr.name=%d/PaxHeaders/%f,atime:=0,ctime:=0
define ROOTFS_TAR_CMD define ROOTFS_TAR_CMD
(cd $(TARGET_DIR); find -print0 | LC_ALL=C sort -z | \ (cd $(TARGET_DIR); find -print0 | LC_ALL=C sort -z | \
tar $(TAR_OPTS) -cf $@ --null --xattrs-include='*' --no-recursion -T - --numeric-owner) tar $(TAR_OPTS) -cf $@ --null --xattrs-include='*' --no-recursion -T - --numeric-owner)