[PATCH] dtrace: Allow for reproducible .o file builds

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[PATCH] dtrace: Allow for reproducible .o file builds

Bernhard M. Wiedemann
When building packages like libvirt on openSUSE
that link a libvirt_probes.o from dtrace
the build results differed across builds,
because the source's temporary filename was in the .o

See https://reproducible-builds.org/ for why this matters.

---
I tried to think of downsides of not using mkstemp
such as malicious symlink overwrite (unlikely in build dir)
or problems with parallel builds (make -j),
but think it should be fine
---
 dtrace.in | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dtrace.in b/dtrace.in
index 5e1cf80..2e2e002 100644
--- a/dtrace.in
+++ b/dtrace.in
@@ -410,7 +410,7 @@ def main():
         else:
             print("header: " + fname)
 
-        (ignore, fname) = mkstemp(suffix=".c")
+        fname = filename + ".dtrace-temp.c"
         fdesc = open(fname, mode='w')
         providers.semaphore_write(fdesc)
         fdesc.close()
--
2.12.3

Reply | Threaded
Open this post in threaded view
|

Re: [PATCH] dtrace: Allow for reproducible .o file builds

David Smith-19
On Thu, Aug 10, 2017 at 3:29 PM, Bernhard M. Wiedemann
<[hidden email]> wrote:

> When building packages like libvirt on openSUSE
> that link a libvirt_probes.o from dtrace
> the build results differed across builds,
> because the source's temporary filename was in the .o
>
> See https://reproducible-builds.org/ for why this matters.
>
> ---
> I tried to think of downsides of not using mkstemp
> such as malicious symlink overwrite (unlikely in build dir)
> or problems with parallel builds (make -j),
> but think it should be fine
> ---
>  dtrace.in | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/dtrace.in b/dtrace.in
> index 5e1cf80..2e2e002 100644
> --- a/dtrace.in
> +++ b/dtrace.in
> @@ -410,7 +410,7 @@ def main():
>          else:
>              print("header: " + fname)
>
> -        (ignore, fname) = mkstemp(suffix=".c")
> +        fname = filename + ".dtrace-temp.c"
>          fdesc = open(fname, mode='w')
>          providers.semaphore_write(fdesc)
>          fdesc.close()

I couldn't really see any downsides of not using mkstemp either, so I
added this in commit c245153ca.

Thanks for the patch.

--
David Smith
Principal Software Engineer
Red Hat