Hi!
On Wed, 2017-09-06 at 19:18:33 -0700, Vagrant Cascadian wrote:
> On 2017-09-02, Holger Levsen wrote:
> > On Fri, Sep 01, 2017 at 04:51:55PM +0200, Guillem Jover wrote:
> > > In addition to the above, I'm actually somewhat uncomfortable with this
> > > request, as it looks like a massive privacy leak. Compared to package
> > > lists and versions, which are actually requested by the package being
> > > built and might not have anything to do with the main system this
> > > build was being run on (say a chroot for example), or might get deleted
> > > immediately after the build. The kernel tends to be a system-wide
> > > resource, that even if upgraded does not mean it will be running (until
> > > a reboot).
> >
> > on reflection I agree that the privacy implications are too bad.
>
> The including the build path also has privacy implications, but it can
> be disabled from inclusion in .buildinfo, no? What about including the
> kernel if something like DEB_BUILD_OPTS="buildinfo=+kernel" ?
Ah good point, yeah, I have no problem with adding this as an option
that is disabled by default. Attached a tentative patch doing that.
Thanks,
Guillem
From ca1a160894ecd1d1b1bc71228540a117e1a0a9a1 Mon Sep 17 00:00:00 2001
From: Guillem Jover <guil...@debian.org>
Date: Sun, 10 Sep 2017 16:18:15 +0200
Subject: [PATCH] dpkg-genbuildinfo: Add a new Build-Kernel-Version field
disabled by default
Packages intended to be built in a generic way must never rely on the
currently running kernel on the build system (an exception could be an
optimization rebuild using the current system as the reference baseline).
But to be able to detect when a package might not be reproducible due to
varying kernel information it is still useful to be able to record this
information. Although that information can be very sensitive.
We add a new Build-Kernel-Version field which needs to be enabled
explicitly by the builder so that it gets included in the .buildinfo
file.
Closes: #873937
---
man/deb-buildinfo.man | 6 ++++++
man/dpkg-genbuildinfo.man | 6 ++++++
scripts/Dpkg/Control/FieldsCore.pm | 6 +++++-
scripts/dpkg-genbuildinfo.pl | 8 ++++++++
4 files changed, 25 insertions(+), 1 deletion(-)
diff --git a/man/deb-buildinfo.man b/man/deb-buildinfo.man
index 3b184241e..5013aa047 100644
--- a/man/deb-buildinfo.man
+++ b/man/deb-buildinfo.man
@@ -135,6 +135,12 @@ The date the package was built.
It must be in the same format as the date in a \fBdeb\-changelog\fP(5)
entry.
.TP
+.BR Build\-Kernel\-Version: " \fIbuild-kernel-version\fP"
+The release and version (in an unspecified format) of the kernel running
+on the build system.
+This field is only going to be present if the builder has explicitly
+requested it, to avoid leaking possibly sensitive information.
+.TP
.BR Build\-Path: " \fIbuild-path\fP"
The absolute build path, which correspond to the unpacked source tree.
This field is only going to be present if the vendor has whitelisted it
diff --git a/man/dpkg-genbuildinfo.man b/man/dpkg-genbuildinfo.man
index aaf54a38a..f97f4d316 100644
--- a/man/dpkg-genbuildinfo.man
+++ b/man/dpkg-genbuildinfo.man
@@ -104,6 +104,12 @@ rather than
(\fBdpkg\-genbuildinfo\fP needs to find these files so that it can include
their sizes and checksums in the \fB.buildinfo\fP file).
.TP
+.BI \-\-always\-include\-kernel
+By default, the \fBBuild\-Kernel-Version\fR field will not be written out.
+
+Specify this option (since dpkg 1.19.0) to always write a
+\fBBuild\-Kerel\-Version\fR field when generating the \fB.buildinfo\fR.
+.TP
.BI \-\-always\-include\-path
By default, the \fBBuild\-Path\fR field will only be written if the current
directory starts with a whitelisted pattern.
diff --git a/scripts/Dpkg/Control/FieldsCore.pm b/scripts/Dpkg/Control/FieldsCore.pm
index 78e59d393..7c9ec47e7 100644
--- a/scripts/Dpkg/Control/FieldsCore.pm
+++ b/scripts/Dpkg/Control/FieldsCore.pm
@@ -143,6 +143,9 @@ our %FIELDS = (
'Build-Essential' => {
allowed => ALL_PKG,
},
+ 'Build-Kernel-Version' => {
+ allowed => CTRL_FILE_BUILDINFO,
+ },
'Build-Origin' => {
allowed => CTRL_FILE_BUILDINFO,
},
@@ -479,7 +482,8 @@ our %FIELD_ORDER = (
qw(Format Source Binary Architecture Version
Binary-Only-Changes),
@checksum_fields,
- qw(Build-Origin Build-Architecture Build-Date Build-Path
+ qw(Build-Origin Build-Architecture Build-Date Build-Kernel-Version
+ Build-Path
Installed-Build-Depends Environment),
],
CTRL_FILE_CHANGES() => [
diff --git a/scripts/dpkg-genbuildinfo.pl b/scripts/dpkg-genbuildinfo.pl
index 3682f2f02..e6350bba2 100755
--- a/scripts/dpkg-genbuildinfo.pl
+++ b/scripts/dpkg-genbuildinfo.pl
@@ -61,6 +61,7 @@ my $outputfile;
my $stdout = 0;
my $admindir = $Dpkg::ADMINDIR;
my %use_feature = (
+ kernel => 0,
path => 0,
);
my @build_profiles = get_build_profiles();
@@ -325,6 +326,8 @@ while (@ARGV) {
} elsif (m/^--buildinfo-id=.*$/) {
# Deprecated option
warning('--buildinfo-id is deprecated, it is without effect');
+ } elsif (m/^--always-include-kernel$/) {
+ $use_feature{kernel} = 1;
} elsif (m/^--always-include-path$/) {
$use_feature{path} = 1;
} elsif (m/^--admindir=(.*)$/) {
@@ -415,6 +418,11 @@ $fields->{'Build-Origin'} = get_current_vendor();
$fields->{'Build-Architecture'} = get_build_arch();
$fields->{'Build-Date'} = get_build_date();
+if ($use_feature{kernel}) {
+ my (undef, undef, $kern_rel, $kern_ver, undef) = POSIX::uname();
+ $field->{'Build-Kernel-Version'} = "$kern_rel $kern_ver";
+}
+
my $cwd = cwd();
if ($use_feature{path}) {
$fields->{'Build-Path'} = $cwd;
--
2.14.1
_______________________________________________
Reproducible-builds mailing list
Reproducible-builds@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/reproducible-builds
