On Mon, 2023-06-05 at 09:00 +0000, Frieder Paape wrote: > I've encountered issues reproducing initramfs and UKI image builds, > which will be fixed with this patch. > > 1. initramfs > There's a symbolic link to /sbin/init, which is appended to the cpio archive > after creation. > The links timestamp needs to be static and the cpio append command needs the > '--reproducible' flag to produce deterministic outcomes. > > 2. Unified Kernel Image > '--preserve-dates' is required for a static 'Time/Date' entry. > I've added '--enable-deterministic-archives' although in my case this > didn't change anything. > > Signed-off-by: Frieder Paape <[email protected]> > --- > meta/classes-recipe/image_types.bbclass | 5 +++-- > scripts/lib/wic/plugins/source/bootimg-efi.py | 2 ++ > 2 files changed, 5 insertions(+), 2 deletions(-) > > diff --git a/meta/classes-recipe/image_types.bbclass > b/meta/classes-recipe/image_types.bbclass > index bbddfaf272..f73b4d965e 100644 > --- a/meta/classes-recipe/image_types.bbclass > +++ b/meta/classes-recipe/image_types.bbclass > @@ -148,10 +148,11 @@ IMAGE_CMD:cpio () { > if [ ! -L ${IMAGE_ROOTFS}/init ] && [ ! -e ${IMAGE_ROOTFS}/init > ]; then > if [ -L ${IMAGE_ROOTFS}/sbin/init ] || [ -e > ${IMAGE_ROOTFS}/sbin/init ]; then > ln -sf /sbin/init ${WORKDIR}/cpio_append/init > + touch -h -r ${IMAGE_ROOTFS}/sbin/init > ${WORKDIR}/cpio_append/init > else > - touch ${WORKDIR}/cpio_append/init > + touch -h -r ${IMAGE_ROOTFS} > ${WORKDIR}/cpio_append/init > fi > - (cd ${WORKDIR}/cpio_append && echo ./init | cpio -oA > -H newc -F ${IMGDEPLOYDIR}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.cpio) > + (cd ${WORKDIR}/cpio_append && echo ./init | cpio > --reproducible -oA -H newc -F > ${IMGDEPLOYDIR}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.cpio) > fi > fi > } > diff --git a/scripts/lib/wic/plugins/source/bootimg-efi.py > b/scripts/lib/wic/plugins/source/bootimg-efi.py > index 43c6fd94d9..2bf7375887 100644 > --- a/scripts/lib/wic/plugins/source/bootimg-efi.py > +++ b/scripts/lib/wic/plugins/source/bootimg-efi.py > @@ -351,6 +351,8 @@ class BootimgEFIPlugin(SourcePlugin): > > # > https://www.freedesktop.org/software/systemd/man/systemd-stub.html > objcopy_cmd = "%s-objcopy" % target_sys > + objcopy_cmd += " --enable-deterministic-archives" > + objcopy_cmd += " --preserve-dates" > objcopy_cmd += " --add-section .osrel=%s/usr/lib/os-release" > % staging_dir_host > objcopy_cmd += " --change-section-vma .osrel=0x20000" > objcopy_cmd += " --add-section .cmdline=%s" % cmdline.name
I like the idea of this and agree it is something we should improve. Unfortunately it caused testing failures: https://autobuilder.yoctoproject.org/typhoon/#/builders/80/builds/5236/steps/14/logs/stdio oe-selftest -r fitimage.FitImageTests.test_initramfs_bundle should reproduce. Cheers, Richard
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182414): https://lists.openembedded.org/g/openembedded-core/message/182414 Mute This Topic: https://lists.openembedded.org/mt/99336458/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
