From 7fd6cea253a27d3c0660a4c21774c9697a655661 Mon Sep 17 00:00:00 2001 From: Thomas Watson Date: Sat, 26 Mar 2022 18:34:30 -0500 Subject: make-initrd: fix reproducibility problems cpio includes the number of directory hard links in archives it creates. Some filesystems, like btrfs, do not count directory hard links the same way as more common filesystems like ext4 or tmpfs, so archives built when /tmp is on such a filesystem do not reproduce. This patch replaces cpio with bsdtar, which does not have this issue. The specific invocation is from this page: https://reproducible-builds.org/docs/archives/ --- pkgs/build-support/kernel/make-initrd.nix | 4 ++-- pkgs/build-support/kernel/make-initrd.sh | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'pkgs/build-support/kernel') diff --git a/pkgs/build-support/kernel/make-initrd.nix b/pkgs/build-support/kernel/make-initrd.nix index 23ce992f0d5..9c27a142f4b 100644 --- a/pkgs/build-support/kernel/make-initrd.nix +++ b/pkgs/build-support/kernel/make-initrd.nix @@ -18,7 +18,7 @@ let # compression type and filename extension. compressorName = fullCommand: builtins.elemAt (builtins.match "([^ ]*/)?([^ ]+).*" fullCommand) 1; in -{ stdenvNoCC, perl, cpio, ubootTools, lib, pkgsBuildHost +{ stdenvNoCC, perl, libarchive, ubootTools, lib, pkgsBuildHost # Name of the derivation (not of the resulting file!) , name ? "initrd" @@ -82,7 +82,7 @@ in stdenvNoCC.mkDerivation rec { builder = ./make-initrd.sh; - nativeBuildInputs = [ perl cpio ] + nativeBuildInputs = [ perl libarchive ] ++ lib.optional makeUInitrd ubootTools; compress = "${_compressorExecutable} ${lib.escapeShellArgs _compressorArgsReal}"; diff --git a/pkgs/build-support/kernel/make-initrd.sh b/pkgs/build-support/kernel/make-initrd.sh index 0a87d643546..8f64114d54c 100644 --- a/pkgs/build-support/kernel/make-initrd.sh +++ b/pkgs/build-support/kernel/make-initrd.sh @@ -40,7 +40,7 @@ for PREP in $prepend; do cat $PREP >> $out/initrd done (cd root && find * .[^.*] -exec touch -h -d '@1' '{}' +) -(cd root && find * .[^.*] -print0 | sort -z | cpio -o -H newc -R +0:+0 --reproducible --null | eval -- $compress >> "$out/initrd") +(cd root && find * .[^.*] -print0 | sort -z | bsdtar --uid 0 --gid 0 -cnf - -T - | bsdtar --null -cf - --format=newc @- | eval -- $compress >> "$out/initrd") if [ -n "$makeUInitrd" ]; then mkimage -A "$uInitrdArch" -O linux -T ramdisk -C "$uInitrdCompression" -d "$out/initrd" $out/initrd.img -- cgit 1.4.1