diff options
| author | Bruce Ashfield <bruce.ashfield@gmail.com> | 2019-08-08 23:45:09 -0400 |
|---|---|---|
| committer | Bruce Ashfield <bruce.ashfield@gmail.com> | 2019-08-08 23:45:09 -0400 |
| commit | d026abceda86886cf6f38c2448d1ce83974e1aac (patch) | |
| tree | f4c8f27b227af148c9039f0170371b0b131ab064 | |
| parent | 85a0cac7fd0dbc97b66ddbf459deb5fe33f8b050 (diff) | |
| download | yocto-kernel-cache-d026abceda86886cf6f38c2448d1ce83974e1aac.tar.gz yocto-kernel-cache-d026abceda86886cf6f38c2448d1ce83974e1aac.tar.bz2 yocto-kernel-cache-d026abceda86886cf6f38c2448d1ce83974e1aac.zip | |
arch/x86/boot: use prefix map to avoid embedded paths
1/1 [
Author: Bruce Ashfield
Email: bruce.ashfield@gmail.com
Subject: arch/x86/boot: use prefix map to avoid embedded paths
Date: Thu, 8 Aug 2019 23:39:26 -0400
It was observed that the kernel embeds the path in the x86 boot
artifacts.
From https://bugzilla.yoctoproject.org/show_bug.cgi?id=13458:
[
If you turn on the buildpaths QA test, or try a reproducible build, you
discover that the kernel image contains build paths.
$ strings bzImage-5.0.19-yocto-standard |grep tmp/
out of pgt_buf in
/data/poky-tmp/reproducible/tmp/work-shared/qemux86-64/kernel-source/arch/x86/boot/compressed/kaslr_64.c!?
But what's this in the top-level Makefile:
$ git grep prefix-map
Makefile:KBUILD_CFLAGS += $(call
cc-option,-fmacro-prefix-map=$(srctree)/=)
So the __FILE__ shouldn't be using the full path. However
arch/x86/boot/compressed/Makefile has this:
KBUILD_CFLAGS := -m$(BITS) -O2
So that clears KBUILD_FLAGS, removing the -fmacro-prefix-map option.
]
Other architectures do not clear the flags, but instead prune before
adding boot or specific options. There's no obvious reason why x86 isn't
doing the same thing (pruning vs clearing) and no build or boot issues
have been observed.
So we make x86 can do the same thing, and we no longer have embedded paths.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
| -rw-r--r-- | arch/x86/arch-x86-boot-use-prefix-map-to-avoid-embedded-paths.patch | 59 | ||||
| -rw-r--r-- | arch/x86/x86.scc | 1 |
2 files changed, 60 insertions, 0 deletions
diff --git a/arch/x86/arch-x86-boot-use-prefix-map-to-avoid-embedded-paths.patch b/arch/x86/arch-x86-boot-use-prefix-map-to-avoid-embedded-paths.patch new file mode 100644 index 00000000..2889a379 --- /dev/null +++ b/arch/x86/arch-x86-boot-use-prefix-map-to-avoid-embedded-paths.patch @@ -0,0 +1,59 @@ +From 55dd15336b7301b686a0c183f5372b49c1003d03 Mon Sep 17 00:00:00 2001 +From: Bruce Ashfield <bruce.ashfield@gmail.com> +Date: Thu, 8 Aug 2019 23:39:26 -0400 +Subject: [PATCH] arch/x86/boot: use prefix map to avoid embedded paths + +It was observed that the kernel embeds the path in the x86 boot +artifacts. + +From https://bugzilla.yoctoproject.org/show_bug.cgi?id=13458: + +[ + If you turn on the buildpaths QA test, or try a reproducible build, you + discover that the kernel image contains build paths. + + $ strings bzImage-5.0.19-yocto-standard |grep tmp/ + out of pgt_buf in + /data/poky-tmp/reproducible/tmp/work-shared/qemux86-64/kernel-source/arch/x86/boot/compressed/kaslr_64.c!? + + But what's this in the top-level Makefile: + + $ git grep prefix-map + Makefile:KBUILD_CFLAGS += $(call + cc-option,-fmacro-prefix-map=$(srctree)/=) + + So the __FILE__ shouldn't be using the full path. However + arch/x86/boot/compressed/Makefile has this: + + KBUILD_CFLAGS := -m$(BITS) -O2 + + So that clears KBUILD_FLAGS, removing the -fmacro-prefix-map option. +] + +Other architectures do not clear the flags, but instead prune before +adding boot or specific options. There's no obvious reason why x86 isn't +doing the same thing (pruning vs clearing) and no build or boot issues +have been observed. + +So we make x86 can do the same thing, and we no longer have embedded paths. + +Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> +--- + arch/x86/boot/compressed/Makefile | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile +index f0515ac895a4..364d1c64c26e 100644 +--- a/arch/x86/boot/compressed/Makefile ++++ b/arch/x86/boot/compressed/Makefile +@@ -38,6 +38,7 @@ KBUILD_CFLAGS += $(call cc-option,-fno-stack-protector) + KBUILD_CFLAGS += $(call cc-disable-warning, address-of-packed-member) + KBUILD_CFLAGS += $(call cc-disable-warning, gnu) + KBUILD_CFLAGS += -Wno-pointer-sign ++KBUILD_CFLAGS += $(call cc-option,-fmacro-prefix-map=$(srctree)/=) + + KBUILD_AFLAGS := $(KBUILD_CFLAGS) -D__ASSEMBLY__ + GCOV_PROFILE := n +-- +2.19.1 + diff --git a/arch/x86/x86.scc b/arch/x86/x86.scc index e69de29b..4eb9bcc1 100644 --- a/arch/x86/x86.scc +++ b/arch/x86/x86.scc @@ -0,0 +1 @@ +patch arch-x86-boot-use-prefix-map-to-avoid-embedded-paths.patch |