[ipxe-devel] BUILD_ID_CMD := perl -e 'printf "0x%08x", int ( rand ( 0xffffffff ) ); '

Heinrich Schuchardt xypron.glpk at gmx.de
Sat Jan 19 13:29:47 UTC 2019


On 1/19/19 1:14 PM, Christian Nilsson wrote:
> On Sat, 19 Jan 2019 at 13:03, Heinrich Schuchardt <xypron.glpk at gmx.de> wrote:
>>
>> Hello Michael,
>>
>> Linux distributions are struggling hard to create reproducible builds.
>> This means if you run the make script twice you should get exactly the
>> same binary. Cf. https://wiki.debian.org/ReproducibleBuilds
>>
>> Currently iPXE is introducing a random number as build id:
>>
>> # Command to generate build ID.  Must be unique for each $(BIN)/%.tmp,
>> # even within the same build run.
>> #
>> BUILD_ID_CMD    := perl -e 'printf "0x%08x", int ( rand ( 0xffffffff ) );'
>>
>> Random number do not give any guarantee that they are unique. So this is
>> not only disadvantageous for creating reproducible builds but simply buggy.
>>
>> A better solution would be to simply delete temporary files.
>>
>> Best regards
>>
>> Heinrich
> 
> This has already been discussed several times, and no-one has so far
> provided an alternate fix for the need of this.
> How would deleting temporary files fix the need for ROMs to see if
> they are initializing the same or different instances of the ROM?
> http://lists.ipxe.org/pipermail/ipxe-devel/2015-February/003978.html
> 
> Another recent PR which eliminates the randomness but then creates the
> issues that the randomness is needed for:
> http://lists.ipxe.org/pipermail/ipxe-devel/2018-October/006323.html
> 
> Commit that introduced this is
> https://git.ipxe.org/ipxe.git/commitdiff/58f6e553625c90d928ddd54b8f31634a5b26f05e
> 
Hello Christian,

thanks for pointing me to those threads.

These threads were about ROM targets. My interest is in the UEFI targets.

I think for these we need neither a random build ID nor any build timestamp.

So how about:

diff --git a/src/Makefile.housekeeping b/src/Makefile.housekeeping
index f8334921..492661f1 100644
--- a/src/Makefile.housekeeping
+++ b/src/Makefile.housekeeping
@@ -1162,11 +1162,19 @@ blib : $(BLIB)
 # Command to generate build ID.  Must be unique for each $(BIN)/%.tmp,
 # even within the same build run.
 #
+ifeq ($(PLATFORM),efi)
+BUILD_ID_CMD   := perl -e 'printf "0x00000000";'
+else
 BUILD_ID_CMD   := perl -e 'printf "0x%08x", int ( rand ( 0xffffffff ) );'
+endif

 # Build timestamp
 #
+ifeq ($(PLATFORM),efi)
+BUILD_TIMESTAMP := 0
+else
 BUILD_TIMESTAMP := $(shell date +%s)
+endif

 # Build version
 #

I looked at:

interface/efi/efi_driver.c:379: efi_driver_binding.Version = (
build_timestamp >> 6 );

I cannot see that using Version=0 would make any difference for the
usability of snp.efi.

Best regards

Heinrich



More information about the ipxe-devel mailing list