reproducible builds of FreeBSD in a chroot on Linux

Steven Chamberlain steven at pyro.eu.org
Tue Jun 16 12:19:08 UTC 2015 

Hi Holger!

On 5/7/15 5:22 PM, Holger Levsen wrote:
> Here's the catch: I have basically no clue about freebsd - and I want to
> build on Debian linux (on amd64) in a chroot.

As Ed Maste points out, building it on a Linux chroot might not
be representative of whether FreeBSD's own build system makes
reproducible binaries or not.

Ed Maste wrote:
> If it's to help FreeBSD overall with reproducible
> builds, then using the FreeBSD build infrastructure on a FreeBSD
> kernel ... is an important part of the story.

I can think of two other options:

  * ssh to a real FreeBSD build system, trigger builds there and take
   copies of the output files for analysis;

  * build in a FreeBSD chroot/jail on Debian GNU/kFreeBSD;  so that you
   have the familiar Debian tools and could run as a Jenkins slave
   (which I'd particularly like, because it should be useful for other
   QA jobs too).

On a kfreebsd-amd64 host I was able to complete a `make universe` - a
build of all FreeBSD (10.1) for all architectures - using a bare FreeBSD
jail.

Then I can look at the build tree and object files, from the Debian host
system, and compare those with a subsequent, clean build.  For now I
only did a simple diff.

The differences are quite typical of what has been seen from Debian's
reproducibility work - timestamps added by the build system:

diff -Nr -U0 obj1/arm.arm/usr/home/build/src/include/vers.c obj2/arm.arm/usr/home/build/src/include/vers.c
--- obj1/arm.arm/usr/home/build/src/include/vers.c      2015-05-31 22:51:27.000000000 +0000
+++ obj2/arm.arm/usr/home/build/src/include/vers.c      2015-06-03 00:12:51.000000000 +0000
@@ -28,2 +28,2 @@
-#define SCCSSTR "@(#)FreeBSD 10.1-RELEASE-p10 #0 r283831: Sun May 31 22:51:24 UTC 2015"
-#define VERSTR "FreeBSD 10.1-RELEASE-p10 #0 r283831: Sun May 31 22:51:24 UTC 2015\n    build at freebsd:/home/build/obj/arm.arm/usr/home/build/src/include\n"
+#define SCCSSTR "@(#)FreeBSD 10.1-RELEASE-p10 #0 r283831: Wed Jun  3 00:12:48 UTC 2015"
+#define VERSTR "FreeBSD 10.1-RELEASE-p10 #0 r283831: Wed Jun  3 00:12:48 UTC 2015\n    build at freebsd:/home/build/obj/arm.arm/usr/home/build/src/include\n"

--- obj1/arm.arm/usr/home/build/src/sys/boot/arm/uboot/vers.c   2015-05-31 23:18:17.000000000 +0000
+++ obj2/arm.arm/usr/home/build/src/sys/boot/arm/uboot/vers.c   2015-06-03 00:40:02.000000000 +0000
@@ -3 +3 @@
-char bootprog_date[] = "Sun May 31 23:18:17 UTC 2015";
+char bootprog_date[] = "Wed Jun  3 00:40:02 UTC 2015";

And then obviously, vers.o differs, and so do the kernel images.
For this particular kernel (CNS11XXNAS arm), it was actually the only
difference:

--- kernel-hexdump1.txt 2015-06-16 13:12:27.000000000 +0100
+++ kernel-hexdump2.txt 2015-06-16 13:12:33.000000000 +0100
@@ -242194,2 +242194,2 @@
-003b5ff0  72 32 38 33 38 33 31 3a  20 4d 6f 6e 20 4a 75 6e  |r283831: Mon Jun|
-003b6000  20 20 31 20 30 31 3a 30  39 3a 32 31 20 55 54 43  |  1 01:09:21 UTC|
+003b5ff0  72 32 38 33 38 33 31 3a  20 57 65 64 20 4a 75 6e  |r283831: Wed Jun|
+003b6000  20 20 33 20 30 32 3a 32  37 3a 33 39 20 55 54 43  |  3 02:27:39 UTC|
@@ -242201,2 +242201,2 @@
-003b6070  38 33 31 3a 20 4d 6f 6e  20 4a 75 6e 20 20 31 20  |831: Mon Jun  1 |
-003b6080  30 31 3a 30 39 3a 32 31  20 55 54 43 20 32 30 31  |01:09:21 UTC 201|
+003b6070  38 33 31 3a 20 57 65 64  20 4a 75 6e 20 20 33 20  |831: Wed Jun  3 |
+003b6080  30 32 3a 32 37 3a 33 39  20 55 54 43 20 32 30 31  |02:27:39 UTC 201|

Regards,
-- 
Steven Chamberlain
steven at pyro.eu.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 493 bytes
Desc: Digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20150616/abf98fb4/attachment.sig>

More information about the freebsd-hackers mailing list