[From nobody Thu Jun 25 05:55:03 2020 Received: from sonic310-13.consmr.mail.ir2.yahoo.com ([77.238.177.34]) by bombadil.infradead.org with esmtps (Exim 4.90_1 #2 (Red Hat Linux)) id 1gvoaC-0002Dx-7k for openwrt-devel@lists.openwrt.org; Mon, 18 Feb 2019 19:28:06 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1550518078; bh=1H6Jw9veY3vNx3RNuurZ6QWEOK6wdKN5FqRzg7x3tGY=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From:Subject; b=Y4BsLAQdWGwNyw1HEgL9qEX3jcEBiJ4FnZ0klbMUfz0BRaM79seqhSEWR8p4StXXhEvz+fhNmaocHBKqSdNx03qFhOxtvTqbZWHgH1Z04ViCDNazP71ygU7M3s7PXDa0/Gi1mhRxZvUJ5oNGKXIuNuVJGFyIfusYWx389z/yNX/M+KVMzdjqCaJLmgXf1L3KPMapAsaEdVuM4gnogl2puIKwQr3zjA+EI/Yo0mZM4IUiCg3lamCyW+Jq/VQobA5fdRPNXOIEQpx1yAgDjj2vTgl44RccLXHqCdDYqFKj+Qf9XxltxoCYcpxSo6vhCXYoAZ/ozxj7PUYRCzMHPxJL0g== X-YMail-OSG: EnJ9V.IVM1meRYnBK.g0MtiIbSyhBbM0A2Wo5o.1mZec21od0kZH5I67Or0pSgs pRRMiIPKZbY84RwGDAKhMohtAB.IovifIx_KAQ4BUC5wFRXYeU5jSlmBQBLK7ACpOABJYT2z6y2w 1KArUUmwZ7VGp5N8AShvwbcmaOK0UMOm8jbQWymBIEELb_kJ7BzU504v8vTcNaG8Gf8qm4Q2Plui 7w2oL8bFfRvVyzmjKVuAW9A_jNViSnnhq90iT9B3L9JS_g812IbwF5I8EGA.ym6gpcwyO6WrVWM4 mBcpdfycpqhXDxQ1HP6XtRQfI8lcmqXR4Mnj8IrBn0P76Y1iv8rt7sLHSgvi37esXE36WMxo_Bcv mu64wB_Rx_THIRz7s66A2d1PuhhCISgUvtjiwPfXOyzMEtckyWygLdtzsVRizhBPLRs0ZNb1SOf4 K2uj2jpOIgku9Rxugew6yb7cE_fAb4tF43Zu.8XlqfZUAUWUF28rvHA3Ql9UNfdoQES0UrCwQJiD o7Um9EuZAruOyPsCHQeu0s.ru6YI9mTTPHEZ0zSBjmWaf5biSKIE6EVC7YLwVg1H4NZyfgbSkXZj vjEDbspAvQDCPq8XTEZNkmM6ZkQozwLt2dUvfI5iBTZNGIh2d1CNHSgBMOgZat8TRmU62q8YGapz 81qMEyeWye0DS_l3hvfp754OTFqL5syGvBoEhg9k3QIL5MA5r4uCoZDs.BSUPa8Kvms6t5RaOFpf dQ1F3V5pislmZuUbRanvCkSbXDsmWFW44V.hADyhzSflf0iWUTzRBvYE3iFL5kZkvx76ECvpajmW Uer43bHQiOeE81QNaAtD2_an8XPs9xpL_0HJEqMaVEQOndBW7DHJf80stifaF.pk0fpg17OMcjCx jN5_wUNqFA9VsqtZ.DA7DdGK7zjzv.7sJ._GOXdxL2WUUBzKxzjLzY7dkg0GN4_xwJHhD0kDUU_z uZgklzc47j8RjSthkuJn.0CRA2mZOXYpkioEIUeIzkbfpGbtVTO7HnESiPc5JYUqNUA4vKvU.EMo f5AuwRGiVsHGlfGhQJXWZRWvDGlRwZr7Y.RvhDTW6M_SkuVrcJkiiENdmawQTJc8oBq7LkKk1ziv 81IkaDM6Q6FCnGrPH3v4- Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.ir2.yahoo.com with HTTP; Mon, 18 Feb 2019 19:27:58 +0000 Received: from ip-178-200-129-247.hsi07.unitymediagroup.de (EHLO [192.168.113.5]) ([178.200.129.247]) by smtp424.mail.ir2.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 63a7009ec5b7d3f29e9f3f01625e0f2a; Mon, 18 Feb 2019 19:27:56 +0000 (UTC) Subject: Re: [OpenWrt-Devel] Random PARTUUID on every rebuild To: =?UTF-8?Q?Petr_=c5=a0tetiar?= <ynezz@true.cz> Cc: openwrt-devel@lists.openwrt.org References: <mailman.21733.1550340849.2376.openwrt-devel@lists.openwrt.org> <20190218185649.GC23776@meh.true.cz> From: "R. Diez" <rdiezmail-openwrt@yahoo.com> Message-ID: <9e10493a-04ad-153d-06bb-449b1de1d910@yahoo.com> Date: Mon, 18 Feb 2019 20:27:55 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.4.0 MIME-Version: 1.0 In-Reply-To: <20190218185649.GC23776@meh.true.cz> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-GB Content-Transfer-Encoding: 7bit X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20190218_112804_417374_815C3AB3 X-CRM114-Status: GOOD ( 15.76 ) X-Spam-Score: -0.2 (/) X-Spam-Report: SpamAssassin version 3.4.2 on bombadil.infradead.org summary: Content analysis details: (-0.2 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [77.238.177.34 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (rdiezmail-openwrt[at]yahoo.com) 0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3) [77.238.177.34 listed in wl.mailspike.net] -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders >> The one thing I noticed is that there is a random PARTUUID for the X86_64 >> target, and that it gets regenerated on every (re)build. This makes the >> image different every time, even if nothing has changed. > > PARTUUID can't be the source of the rebuild as PARTUUID is not target or > dependency in the make's build pipeline. The (re)build times here are the same, > with or without ptgen's random signature. It is probably true that a different PARTUUID would not cause a rebuild of some source files. But then again, a different PARTUUID would probably cause a rebuild of the final image file, even if nothing else has changed. There is no need for such a rebuild if the image contents have not changed in the meantime. Besides, like I mentioned in my first mail, this random PARTUUID is an obstacle for repeatable builds. In my opinion, repeatable builds is a desirable goal. It can help troubleshoot some problems, but it is especially interesting from a security point of view. Two independent parties can verify that a binary was created from the stated sources. This particular UUID issue is listed here as a problem: https://reproducible-builds.org/docs/system-images/ >> Is there a reason why this partition ID has to be random? Such things make it >> impossible to do repeatable builds. > > It's UUID, so I think it should be unique. It seems like you could use > CONFIG_TARGET_ROOTFS_PARTNAME for fixed root partition name, but by looking at > the code, it might probably need some love to get it working properly. Thanks for pointing out CONFIG_TARGET_ROOTFS_PARTNAME. However, you did not actually give a reason why this OpenWrt PARTUUID has to be random at build time. A unique ID is certainly interesting for USB sticks or external disks that need to be recognised when mounted again. Or if you have several partitions on a rather dynamic hard disk. But the OpenWrt system partition probably does not need such an ID. Even if it did, maybe for the benefit of other operating systems in a multiboot environment, it does not make sense to regenerate this PARTUUID every time. The partition IDs on Linux do not change when the files inside the partition change. If you think about it, a fixed PARTUUID is a bad idea in any case. You could install the same OpenWrt image on 2 different partitions on your hard disk, and then both copies would have the same PARTUUID, which actually beats the purpose of such UUIDs. Setting a PARTUUID should probably be done by the installer, and not be a random but fixed value embedded during image build time. Regards, rdiez ]