Received: by 2002:a5b:505:0:0:0:0:0 with SMTP id o5csp710690ybp;
        Fri, 4 Oct 2019 03:50:22 -0700 (PDT)
X-Google-Smtp-Source: APXvYqxvfD6vb7hDAY0lgHIIfMO7YS7QIsMJpUZvZMAdsvgYQBmwcrWhtFz0bEN3VSOY5tVHM5EA
X-Received: by 2002:a17:906:d922:: with SMTP id rn2mr11796042ejb.124.1570186222278;
        Fri, 04 Oct 2019 03:50:22 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1570186222; cv=none;
        d=google.com; s=arc-20160816;
        b=LMoecY25d9EXU92gmk9147Xy0hXvYWNHNuAfCd+0HktHmembvfYRUt2kskqyiXwXzv
         3/uTU8PkIdC37bISRoGry7UktSslHRuR+xLn4J+2jmA1VizY3Ajg8HnU+Wtrx+M1yFmn
         HVUim4pOhs1d+gnOuqQwftZTFaSmM/myLoQGQYgZ54SFuZibVJa+YDEYwP+dfQNThZIg
         kX+TYWmtvH6r7hWUq5ATWWqsyUBSEXvNOAFk+Cj1L6w6WdDhvRAfQmGvL+J8iEz+m6Hq
         vt7tFRrHmXZ7wUh/fYwpVDeoZKKwan0tkTVdWuO2gDy1feOm3A36g2PnrVyR36Defct8
         O8hQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :feedback-id:message-id:subject:reply-to:cc:from:to:dkim-signature
         :date;
        bh=jcjMzfd4m+XfL4rmlu4IOvLrfeypogFn7NmUoqG8CF0=;
        b=kqQI00KRbwLgQaBf/hc1i9NBfqoNOO53r1A5Q1nEFVOPItsludUXH2YVGCZ6LHocN1
         yEuIABzRrxdEoaV5R9+ffZDrt1HXDwjp934FXOiz1+90tXJyqbyY9taSfqgJLHT7+aAI
         IGyaJJkUzQ1nAiaGxmci2ETnGoraQ2n09GoJ4I9zf5ZyAPu2JidsE71MbNiZmduldH7v
         5x6eNdKDqwLkCo62BGSCYDYxwuXZ8+jXTv9vLIH4VZMO52ezJeZdn/razZRDLBvof+vn
         ZBVQV0OQ9Xqu9X0nV548cKAeTkTOiaeBMBjZSWEuLQBDWLmyJSkBolN0LGoVXe6XNy2L
         iYpA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@protonmail.ch header.s=default header.b=RWgHCOpT;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=protonmail.ch
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id z35si3228098edb.146.2019.10.04.03.49.57;
        Fri, 04 Oct 2019 03:50:22 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@protonmail.ch header.s=default header.b=RWgHCOpT;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=protonmail.ch
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1730248AbfJDKkS (ORCPT <rfc822;ablacktshirt@gmail.com>
        + 99 others); Fri, 4 Oct 2019 06:40:18 -0400
Received: from mail4.protonmail.ch ([185.70.40.27]:36480 "EHLO
        mail4.protonmail.ch" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1729319AbfJDKkQ (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 4 Oct 2019 06:40:16 -0400
Date:   Fri, 04 Oct 2019 10:40:07 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.ch;
        s=default; t=1570185611;
        bh=jcjMzfd4m+XfL4rmlu4IOvLrfeypogFn7NmUoqG8CF0=;
        h=Date:To:From:Cc:Reply-To:Subject:Feedback-ID:From;
        b=RWgHCOpTrMaUH32uevd5OxbmiZBGUXsPuGCjBJVJYAEeYVvsx9Zr2Xz++GaeylX9g
         vvf+RVO+I1C7OCpFDUCX60tstIZ7btsSxBwo+8S0MAbwEPyvhHGXmXjjyZoLg2CAQE
         PhGJMjzIYRFzETPU6iCcaffCeZG2GPqGbNXa7q3Y=
To:     Masahiro Yamada <yamada.masahiro@socionext.com>
From:   Dmitry Goldin <dgoldin@protonmail.ch>
Cc:     "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        "joel@joelfernandes.org" <joel@joelfernandes.org>,
        "gregkh@linuxfoundation.org" <gregkh@linuxfoundation.org>,
        Ben Hutchings <ben@decadent.org.uk>
Reply-To: Dmitry Goldin <dgoldin@protonmail.ch>
Subject: [PATCH v2] kheaders: making headers archive reproducible
Message-ID: <z4zhwEnRqCVnnV8RYwKbY9H_TEnHePR6grYfw1toELFA-iZidlp3T18y0w35JtWNghJQ3hwL23RrsKXIVJHYiv9wOsqmow33NU6LcHcFWyw=@protonmail.ch>
Feedback-ID: Z14zYPZ70AFJyYagXjx-jk2Vw9RTvF5p9C9xp4Pq6DJAMFg9PDsfB7GoMmtR_dfa0BaFgToZb9Q4V0UiY2YiMQ==:Ext:ProtonMail
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Status: No, score=-1.2 required=7.0 tests=ALL_TRUSTED,DKIM_SIGNED,
        DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM autolearn=ham
        autolearn_force=no version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on mail.protonmail.ch
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Dmitry Goldin <dgoldin+lkml@protonmail.ch>

In commit 43d8ce9d65a5 ("Provide in-kernel headers to make
extending kernel easier") a new mechanism was introduced, for kernels
>=3D5.2, which embeds the kernel headers in the kernel image or a module
and exposes them in procfs for use by userland tools.

The archive containing the header files has nondeterminism caused by
header files metadata. This patch normalizes the metadata and utilizes
KBUILD_BUILD_TIMESTAMP if provided and otherwise falls back to the
default behaviour.

In commit f7b101d33046 ("kheaders: Move from proc to sysfs") it was
modified to use sysfs and the script for generation of the archive was
renamed to what is being patched.

Signed-off-by: Dmitry Goldin <dgoldin+lkml@protonmail.ch>

---

v1: Initial fix

v2: Added a bit of info about kheaders to the reproducible builds
documentation and used the opportunity to fix a few typos in the
original patch.

---
 Documentation/kbuild/reproducible-builds.rst | 13 +++++++++----
 kernel/gen_kheaders.sh                       |  5 ++++-
 2 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/Documentation/kbuild/reproducible-builds.rst b/Documentation/k=
build/reproducible-builds.rst
index ab92e98c89c8..ce6a408b3303 100644
--- a/Documentation/kbuild/reproducible-builds.rst
+++ b/Documentation/kbuild/reproducible-builds.rst
@@ -16,16 +16,21 @@ the kernel may be unreproducible, and how to avoid them=
.
 Timestamps
 ----------

-The kernel embeds a timestamp in two places:
+The kernel embeds timestamps in three places:

 * The version string exposed by ``uname()`` and included in
   ``/proc/version``

 * File timestamps in the embedded initramfs

-By default the timestamp is the current time.  This must be overridden
-using the `KBUILD_BUILD_TIMESTAMP`_ variable.  If you are building
-from a git commit, you could use its commit date.
+* If enabled via ``CONFIG_IKHEADERS``, file timestamps of kernel
+  headers embedded in the kernel or respective module,
+  exposed via ``/sys/kernel/kheaders.tar.xz``
+
+By default the timestamp is the current time and in the case of
+``kheaders`` the various files' modification times. This must
+be overridden using the `KBUILD_BUILD_TIMESTAMP`_ variable.
+If you are building from a git commit, you could use its commit date.

 The kernel does *not* use the ``__DATE__`` and ``__TIME__`` macros,
 and enables warnings if they are used.  If you incorporate external
diff --git a/kernel/gen_kheaders.sh b/kernel/gen_kheaders.sh
index 9ff449888d9c..aff79e461fc9 100755
--- a/kernel/gen_kheaders.sh
+++ b/kernel/gen_kheaders.sh
@@ -71,7 +71,10 @@ done | cpio --quiet -pd $cpio_dir >/dev/null 2>&1
 find $cpio_dir -type f -print0 |
 =09xargs -0 -P8 -n1 perl -pi -e 'BEGIN {undef $/;}; s/\/\*((?!SPDX).)*?\*\=
///smg;'

-tar -Jcf $tarfile -C $cpio_dir/ . > /dev/null
+# Create archive and try to normalize metadata for reproducibility
+tar "${KBUILD_BUILD_TIMESTAMP:+--mtime=3D$KBUILD_BUILD_TIMESTAMP}" \
+    --owner=3D0 --group=3D0 --sort=3Dname --numeric-owner \
+    -Jcf $tarfile -C $cpio_dir/ . > /dev/null

 echo "$src_files_md5" >  kernel/kheaders.md5
 echo "$obj_files_md5" >> kernel/kheaders.md5
--
2.23.0