Received: by mail.netbsd.org (Postfix, from userid 605) id 35A2D84DCC; Sun, 12 Nov 2017 13:34:16 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id B485C84CFC for ; Sun, 12 Nov 2017 13:34:15 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.netbsd.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id DI9wxvqglTB2 for ; Sun, 12 Nov 2017 13:34:15 +0000 (UTC) Received: from cvs.NetBSD.org (ivanova.netbsd.org [199.233.217.197]) by mail.netbsd.org (Postfix) with ESMTP id 0982484C2E for ; Sun, 12 Nov 2017 13:34:15 +0000 (UTC) Received: by cvs.NetBSD.org (Postfix, from userid 500) id C4FE7FBDE; Sun, 12 Nov 2017 13:34:14 +0000 (UTC) Content-Transfer-Encoding: 7bit Content-Type: multipart/mixed; boundary="_----------=_1510493654217470" MIME-Version: 1.0 Date: Sun, 12 Nov 2017 13:34:14 +0000 From: "Pierre Pronchery" Subject: CVS commit: pkgsrc/mk To: pkgsrc-changes@NetBSD.org Reply-To: khorben@netbsd.org X-Mailer: log_accum Message-Id: <20171112133414.C4FE7FBDE@cvs.NetBSD.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk List-Unsubscribe: This is a multi-part message in MIME format. --_----------=_1510493654217470 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Module Name: pkgsrc Committed By: khorben Date: Sun Nov 12 13:34:14 UTC 2017 Modified Files: pkgsrc/mk: bsd.pkg.mk bsd.prefs.mk pkgsrc/mk/compiler: gcc.mk pkgsrc/mk/defaults: mk.conf pkgsrc/mk/platform: NetBSD.mk Added Files: pkgsrc/mk/repro: ar repro.mk Log Message: Add initial support for building packages reproducibly It currently tackles two problems: - gcc(1) hard-coding full paths in debugging information (with one caveat at the moment) - ar(1) hard-coding user IDs in archive headers This allows packages built from the same tree and options to produce identical results bit by bit. This option should be combined with ASLR and PKGSRC_MKPIE to avoid predictable address offsets for attackers attempting to exploit security vulnerabilities. This is still disabled by default, and only supports NetBSD so far. As discussed on tech-pkg@ To generate a diff of this commit: cvs rdiff -u -r1.2027 -r1.2028 pkgsrc/mk/bsd.pkg.mk cvs rdiff -u -r1.394 -r1.395 pkgsrc/mk/bsd.prefs.mk cvs rdiff -u -r1.186 -r1.187 pkgsrc/mk/compiler/gcc.mk cvs rdiff -u -r1.285 -r1.286 pkgsrc/mk/defaults/mk.conf cvs rdiff -u -r1.56 -r1.57 pkgsrc/mk/platform/NetBSD.mk cvs rdiff -u -r0 -r1.1 pkgsrc/mk/repro/ar pkgsrc/mk/repro/repro.mk Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. --_----------=_1510493654217470 Content-Disposition: inline Content-Length: 5171 Content-Transfer-Encoding: binary Content-Type: text/x-diff; charset=us-ascii Modified files: Index: pkgsrc/mk/bsd.pkg.mk diff -u pkgsrc/mk/bsd.pkg.mk:1.2027 pkgsrc/mk/bsd.pkg.mk:1.2028 --- pkgsrc/mk/bsd.pkg.mk:1.2027 Sat Sep 16 09:34:25 2017 +++ pkgsrc/mk/bsd.pkg.mk Sun Nov 12 13:34:14 2017 @@ -1,4 +1,4 @@ -# $NetBSD: bsd.pkg.mk,v 1.2027 2017/09/16 09:34:25 wiz Exp $ +# $NetBSD: bsd.pkg.mk,v 1.2028 2017/11/12 13:34:14 khorben Exp $ # # This file is in the public domain. # @@ -315,6 +315,10 @@ OVERRIDE_DIRDEPTH?= 2 .endif .endif +# Handle Reproducible Builds +# +.include "repro/repro.mk" + # Define SMART_MESSAGES in /etc/mk.conf for messages giving the tree # of dependencies for building, and the current target. _PKGSRC_IN?= ===${SMART_MESSAGES:D> ${.TARGET} [${PKGNAME}${_PKGSRC_DEPS}] ===} Index: pkgsrc/mk/bsd.prefs.mk diff -u pkgsrc/mk/bsd.prefs.mk:1.394 pkgsrc/mk/bsd.prefs.mk:1.395 --- pkgsrc/mk/bsd.prefs.mk:1.394 Fri Nov 3 18:07:40 2017 +++ pkgsrc/mk/bsd.prefs.mk Sun Nov 12 13:34:14 2017 @@ -1,4 +1,4 @@ -# $NetBSD: bsd.prefs.mk,v 1.394 2017/11/03 18:07:40 bsiegert Exp $ +# $NetBSD: bsd.prefs.mk,v 1.395 2017/11/12 13:34:14 khorben Exp $ # # This file includes the mk.conf file, which contains the user settings. # @@ -705,6 +705,12 @@ _PKGSRC_MKPIE= no _PKGSRC_MKPIE= yes .endif +_PKGSRC_MKREPRO= no +.if (${PKGSRC_MKREPRO:tl} == "yes") && \ + (${_OPSYS_SUPPORTS_MKREPRO:Uno} == "yes") +_PKGSRC_MKREPRO= yes +.endif + _PKGSRC_USE_FORTIFY= no .if (${PKGSRC_USE_FORTIFY:tl} != "no") && \ (${_OPSYS_SUPPORTS_FORTIFY:Uno} == "yes") Index: pkgsrc/mk/compiler/gcc.mk diff -u pkgsrc/mk/compiler/gcc.mk:1.186 pkgsrc/mk/compiler/gcc.mk:1.187 --- pkgsrc/mk/compiler/gcc.mk:1.186 Tue Nov 7 16:57:58 2017 +++ pkgsrc/mk/compiler/gcc.mk Sun Nov 12 13:34:14 2017 @@ -1,4 +1,4 @@ -# $NetBSD: gcc.mk,v 1.186 2017/11/07 16:57:58 khorben Exp $ +# $NetBSD: gcc.mk,v 1.187 2017/11/12 13:34:14 khorben Exp $ # # This is the compiler definition for the GNU Compiler Collection. # @@ -347,6 +347,17 @@ CWRAPPERS_APPEND.cc+= ${_MKPIE_CFLAGS.gc # CWRAPPERS_APPEND.ld+= ${_MKPIE_LDFLAGS.gcc} .endif +.if ${_PKGSRC_MKREPRO} == "yes" +.export WRKDIR +# XXX the dollar sign should not be expanded by the shell +_GCC_CFLAGS+= -fdebug-prefix-map=$$$$WRKDIR/= +.endif + +.if ${_PKGSRC_MKREPRO} == "yes" +_GCC_CFLAGS+= ${_MKREPRO_CFLAGS.gcc} +CWRAPPERS_APPEND.cc+= ${_MKREPRO_CFLAGS.gcc} +.endif + # The user can choose the level of FORTIFY. .if ${PKGSRC_USE_FORTIFY} == "weak" _FORTIFY_CFLAGS= -D_FORTIFY_SOURCE=1 Index: pkgsrc/mk/defaults/mk.conf diff -u pkgsrc/mk/defaults/mk.conf:1.285 pkgsrc/mk/defaults/mk.conf:1.286 --- pkgsrc/mk/defaults/mk.conf:1.285 Sat Oct 28 15:56:48 2017 +++ pkgsrc/mk/defaults/mk.conf Sun Nov 12 13:34:14 2017 @@ -1,4 +1,4 @@ -# $NetBSD: mk.conf,v 1.285 2017/10/28 15:56:48 schmonz Exp $ +# $NetBSD: mk.conf,v 1.286 2017/11/12 13:34:14 khorben Exp $ # # This file provides default values for variables that may be overridden @@ -231,6 +231,17 @@ PKGSRC_MKPIE?= no # Possible: yes, no # Default: no +PKGSRC_MKREPRO?= no +# If no, do not alter the build process. Otherwise, try to build reproducibly. +# This allows packages built from the same tree and options to produce identical +# results bit by bit. +# This option should be combined with ASLR and PKGSRC_MKPIE to avoid predictable +# address offsets for attackers attempting to exploit security vulnerabilities. +# Possible: yes, no +# Default: no +# +# Keywords: reproducible + PKGSRC_USE_FORTIFY?= strong # Turns on substitute wrappers for commonly used functions that do not bounds # checking regularly, but could in some cases. This is effectively in use only Index: pkgsrc/mk/platform/NetBSD.mk diff -u pkgsrc/mk/platform/NetBSD.mk:1.56 pkgsrc/mk/platform/NetBSD.mk:1.57 --- pkgsrc/mk/platform/NetBSD.mk:1.56 Tue Oct 3 13:18:00 2017 +++ pkgsrc/mk/platform/NetBSD.mk Sun Nov 12 13:34:14 2017 @@ -1,4 +1,4 @@ -# $NetBSD: NetBSD.mk,v 1.56 2017/10/03 13:18:00 jperkin Exp $ +# $NetBSD: NetBSD.mk,v 1.57 2017/11/12 13:34:14 khorben Exp $ # # Variable definitions for the NetBSD operating system. @@ -142,6 +142,9 @@ _OPSYS_SUPPORTS_MKPIE= yes _OPSYS_SUPPORTS_RELRO= yes .endif +# Register support for REPRO (with GCC) +_OPSYS_SUPPORTS_MKREPRO= yes + # Register support for SSP on most architectures (with GCC) .if (${MACHINE_ARCH} != "alpha") && \ (${MACHINE_ARCH} != "hppa") && \ Added files: Index: pkgsrc/mk/repro/ar diff -u /dev/null pkgsrc/mk/repro/ar:1.1 --- /dev/null Sun Nov 12 13:34:14 2017 +++ pkgsrc/mk/repro/ar Sun Nov 12 13:34:14 2017 @@ -0,0 +1,11 @@ +#!/bin/sh + +if [ $# -ge 2 ]; then + args="$1" + mod="$2" + shift 2 + + exec /usr/bin/ar "$mod$args" "$@" +else + exec /usr/bin/ar "$@" +fi Index: pkgsrc/mk/repro/repro.mk diff -u /dev/null pkgsrc/mk/repro/repro.mk:1.1 --- /dev/null Sun Nov 12 13:34:14 2017 +++ pkgsrc/mk/repro/repro.mk Sun Nov 12 13:34:14 2017 @@ -0,0 +1,15 @@ +# $NetBSD: repro.mk,v 1.1 2017/11/12 13:34:14 khorben Exp $ +# +# Infrastructure support for PKGSRC_MKREPRO. +# +# Keywords: reproducible +# + +.if ${_PKGSRC_MKREPRO} == "yes" + +# force ar(1) to be deterministic +TOOLS_CREATE+= ar +TOOLS_PATH.ar?= ${PKGSRCDIR}/mk/repro/ar +TOOLS_ARGS.ar?= D + +.endif --_----------=_1510493654217470--