[openwrt/openwrt] kernel: set options to make external initramfs reproducible

LEDE Commits lede-commits at lists.infradead.org
Wed Mar 23 20:29:13 PDT 2022 

dangole pushed a commit to openwrt/openwrt.git, branch master:
https://git.openwrt.org/29d7461d1135b91905120a44dc028b786693ecc4

commit 29d7461d1135b91905120a44dc028b786693ecc4
Author: Daniel Golle <daniel at makrotopia.org>
AuthorDate: Thu Mar 24 03:25:28 2022 +0000

    kernel: set options to make external initramfs reproducible
    
    Run cpio as well as compressors in such ways that they are generating
    reproducible output.
    
    Signed-off-by: Daniel Golle <daniel at makrotopia.org>
---
 include/kernel-defaults.mk | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/include/kernel-defaults.mk b/include/kernel-defaults.mk
index 5a061a5178..af1d59c481 100644
--- a/include/kernel-defaults.mk
+++ b/include/kernel-defaults.mk
@@ -174,13 +174,14 @@ ifeq ($(CONFIG_TARGET_ROOTFS_INITRAMFS_SEPARATE),y)
 ifneq ($(qstrip $(CONFIG_EXTERNAL_CPIO)),)
 	$(CP) $(CONFIG_EXTERNAL_CPIO) $(KERNEL_BUILD_DIR)/initrd.cpio
 else
-	( cd $(TARGET_DIR); find . | $(STAGING_DIR_HOST)/bin/cpio -o -H newc -R 0:0 > $(KERNEL_BUILD_DIR)/initrd.cpio )
+	( cd $(TARGET_DIR); find . | LC_ALL=C sort | $(STAGING_DIR_HOST)/bin/cpio --reproducible -o -H newc -R 0:0 > $(KERNEL_BUILD_DIR)/initrd.cpio )
 endif
+	$(if $(SOURCE_DATE_EPOCH),touch -hcd "@$(SOURCE_DATE_EPOCH)" $(KERNEL_BUILD_DIR)/initrd.cpio)
 	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_BZIP2),bzip2 -9 -c < $(KERNEL_BUILD_DIR)/initrd.cpio > $(KERNEL_BUILD_DIR)/initrd.cpio.bzip2)
-	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_GZIP),gzip -f -S .gzip -9n $(KERNEL_BUILD_DIR)/initrd.cpio)
+	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_GZIP),gzip -n -f -S .gzip -9n $(KERNEL_BUILD_DIR)/initrd.cpio)
 	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_LZMA),$(STAGING_DIR_HOST)/bin/lzma e -lc1 -lp2 -pb2 $(KERNEL_BUILD_DIR)/initrd.cpio $(KERNEL_BUILD_DIR)/initrd.cpio.lzma)
 # ?	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_LZO),)
-	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_XZ),$(STAGING_DIR_HOST)/bin/xz -9 -fz --check=crc32 $(KERNEL_BUILD_DIR)/initrd.cpio)
+	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_XZ),$(STAGING_DIR_HOST)/bin/xz -T0 -9 -fz --check=crc32 $(KERNEL_BUILD_DIR)/initrd.cpio)
 # ?	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_LZ4),)
 	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_ZSTD),$(STAGING_DIR_HOST)/bin/zstd -T0 -f -o $(KERNEL_BUILD_DIR)/initrd.cpio.zstd $(KERNEL_BUILD_DIR)/initrd.cpio)
 endif

More information about the lede-commits mailing list