[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen master] allow reproducible builds of xen.gz

commit 1d6569a74bd6bfc87fa51ebaa85aee5723070c10
Author:     Trammell Hudson <trammell.hudson@xxxxxxxxxxxx>
AuthorDate: Thu Aug 11 13:34:59 2016 +0200
Commit:     Jan Beulich <jbeulich@xxxxxxxx>
CommitDate: Thu Aug 11 13:34:59 2016 +0200

    allow reproducible builds of xen.gz
    
    The mkelf32 executable was using an uninitialized stack buffer for
    padding after the ehdr and phdr are written to the xen file, which
    leads to non-deterministic bytes in the binary and prevented Xen
    hypervisors from being reproducibly built.
    
    Additionally, the file was then compressed with gzip -9 without the
    -n | --no-name flag, which lead to the xen.gz file having
    non-deterministric bytes (the timestamp) in the compressed file.
    
    Signed-off-by: Trammell Hudson <trammell.hudson@xxxxxxxxxxxx>
    Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
---
 xen/Makefile                | 2 +-
 xen/arch/x86/boot/mkelf32.c | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/xen/Makefile b/xen/Makefile
index ee8ce8e..76b60bc 100644
--- a/xen/Makefile
+++ b/xen/Makefile
@@ -121,7 +121,7 @@ _distclean: clean
        rm -f tags TAGS cscope.files cscope.in.out cscope.out cscope.po.out 
GTAGS GPATH GRTAGS GSYMS .config
 
 $(TARGET).gz: $(TARGET)
-       gzip -f -9 < $< > $@.new
+       gzip -n -f -9 < $< > $@.new
        mv $@.new $@
 
 $(TARGET): delete-unfresh-files
diff --git a/xen/arch/x86/boot/mkelf32.c b/xen/arch/x86/boot/mkelf32.c
index 6cfa312..e66740f 100644
--- a/xen/arch/x86/boot/mkelf32.c
+++ b/xen/arch/x86/boot/mkelf32.c
@@ -260,7 +260,7 @@ int main(int argc, char **argv)
     u32        loadbase, dat_siz, mem_siz, note_base, note_sz, offset;
     char      *inimage, *outimage;
     int        infd, outfd;
-    char       buffer[1024];
+    char       buffer[1024] = {};
     int        bytes, todo, i = 1;
     int        num_phdrs = 1;
 
--
generated by git-patchbot for /home/xen/git/xen.git#master

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
https://lists.xenproject.org/xen-changelog

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.