Dear coreboot folks,


Am Donnerstag, den 26.02.2015, 17:23 +0200 schrieb Emilian Bold:

> I was trying to duplicate a coreboot build back in November and I noticed I
> couldn't get my ROM file to be identical to the one I found online.
>
> It seems that coreboot doesn't have reproducible builds yet.
>
> Debian has been looking into this for a while
> https://wiki.debian.org/ReproducibleBuilds and I think coreboot should
> adopt this concept.

[…]

Holger Levsen joined #coreboot@irc.freenode.net yesterday to report that
he integrated coreboot into the reproducible builds infrastructure [1].

After configuring the used build script [2] to build without a payload,

        nice ionice -c 3 \
                bash util/abuild/abuild --payloads none || true # don't fail the full job just because some targets fail

it looks like most boards are passing the test now [1]. Big thanks to
Alexander (lynxis) for submitting the necessary patches!

The only exceptions are the six boards below.

      * a-trend_atc-6220 (256K) is unreproducible.
      * a-trend_atc-6240 (256K) is unreproducible.
      * google_nyan (4096K) is unreproducible.
      * google_nyan_big (4096K) is unreproducible.
      * google_rush (4096K) is unreproducible.
      * google_rush_ryu (8192K) is unreproducible.

Also, as a side node, SeaBIOS also supports to be built reproducible
since commit 624e8127 (build: Support "make VERSION=xyz" to override the
default build version) [3], though not by default.

So the coreboot build system, building the SeaBIOS payload, would need
to be adapted, if a reproducible build with the SeaBIOS payload is
required.


Thanks,

Paul


[1] https://reproducible.debian.net/coreboot/coreboot.html
[2] http://anonscm.debian.org/cgit/qa/jenkins.debian.net.git/tree/bin/reproducible_coreboot.sh
[3] http://seabios.org/pipermail/seabios/2015-June/009253.html

--
coreboot mailing list: coreboot@coreboot.org
http://www.coreboot.org/mailman/listinfo/coreboot