[Buildroot] [PATCH v5 0/3] Add tainting support to buildroot
Thomas Petazzoni
thomas.petazzoni at bootlin.com
Mon Sep 10 19:37:56 UTC 2018
Hello,
On Mon, 10 Sep 2018 20:07:05 +0200, Yann E. MORIN wrote:
> If you are going so far as to explicitly write this line, just hide the
> package behing BR2_REPRODUCIBLE instead, yes.
I think BR2_REPRODUCIBLE is not the same thing. BR2_REPRODUCIBLE means
"assuming we have the same source code and configuration, we guarantee
that the binary results will be bit-to-bit identical".
While the reproducibility issue we are talking about in this thread is
about having the same source code each time the build is done. It's
obviously a requirement for BR2_REPRODUCIBLE to work, but the fact that
we build with the same source code each time the build is done is a
property of Buildroot regardless of whether BR2_REPRODUCIBLE is enabled
or not.
So I'm sorry, but this suggestion to hide a package behind
BR2_REPRODUCIBLE because the *source* is not guaranteed to be the same
each time is not a good suggestion IMO, as it's confusing two
different "reproducible" properties.
Best regards,
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
More information about the buildroot
mailing list