build system: have tar use $SOURCE_DATE_EPOCH for --mtime

The --mtime argument to 'tar' sets the modification time for all files within
the archive, which determines the timestamp files will get when they are
extracted. In this case, rootfs and other tarballs will get mtimes which
correspond to the last commit timestamp of the build system, as reported by
git/subversion.

This is a step towards reproducible image builds.

Signed-off-by: bryan newbold <[email protected]>
Signed-off-by: Alexander Couzens <[email protected]>
Signed-off-by: Felix Fietkau <[email protected]>

SVN-Revision: 48586

include/image.mk

@@ -186,7 +186,8 @@ ifneq ($(CONFIG_NAND_SUPPORT),)
 	[ -z "$(2)" ] || $(CP) "$(KDIR)/root.$(2)" "$(KDIR_TMP)/sysupgrade-$(1)/root"
 	[ -z "$(3)" ] || $(CP) "$(3)" "$(KDIR_TMP)/sysupgrade-$(1)/kernel"
 	(cd "$(KDIR_TMP)"; $(TAR) cvf \
-		"$(BIN_DIR)/$(IMG_PREFIX)-$(1)-$(2)-sysupgrade.tar" sysupgrade-$(1))
+		"$(BIN_DIR)/$(IMG_PREFIX)-$(1)-$(2)-sysupgrade.tar" sysupgrade-$(1) \
+			$(if $(SOURCE_DATE_EPOCH),--mtime="@$(SOURCE_DATE_EPOCH)")
    endef
 
 # $(1) board name
@@ -248,7 +249,10 @@ define Image/mkfs/cpiogz
 endef
 
 define Image/mkfs/targz
-	$(TAR) -czpf $(BIN_DIR)/$(IMG_PREFIX)$(if $(PROFILE_SANITIZED),-$(PROFILE_SANITIZED))-rootfs.tar.gz --numeric-owner --owner=0 --group=0 --sort=name -C $(TARGET_DIR)/ .
+	$(TAR) -czpf $(BIN_DIR)/$(IMG_PREFIX)$(if $(PROFILE_SANITIZED),-$(PROFILE_SANITIZED))-rootfs.tar.gz \
+		--numeric-owner --owner=0 --group=0 --sort=name \
+		$(if $(SOURCE_DATE_EPOCH),--mtime="@$(SOURCE_DATE_EPOCH)") \
+		-C $(TARGET_DIR)/ .
 endef
 
 E2SIZE=$(shell echo $$(($(CONFIG_TARGET_ROOTFS_PARTSIZE)*1024*1024)))

include/kernel-build.mk

@@ -54,7 +54,9 @@ ifdef CONFIG_COLLECT_KERNEL_DEBUG
 		$(STAGING_DIR_ROOT)/lib/modules/$(LINUX_VERSION)/* \
 		$(KERNEL_BUILD_DIR)/debug/modules/
 	$(FIND) $(KERNEL_BUILD_DIR)/debug -type f | $(XARGS) $(KERNEL_CROSS)strip --only-keep-debug
-	$(TAR) c -C $(KERNEL_BUILD_DIR) debug | bzip2 -c -9 > $(BIN_DIR)/kernel-debug.tar.bz2
+	$(TAR) c -C $(KERNEL_BUILD_DIR) debug \
+		$(if $(SOURCE_DATE_EPOCH),--mtime="@$(SOURCE_DATE_EPOCH)") \
+		| bzip2 -c -9 > $(BIN_DIR)/kernel-debug.tar.bz2
   endef
 endif
 

scripts/sysupgrade-nand.sh

@@ -56,7 +56,12 @@ echo "BOARD=${board}" > "${tmpdir}/sysupgrade-${board}/CONTROL"
 [ -z "${rootfs}" ] || cp "${rootfs}" "${tmpdir}/sysupgrade-${board}/root"
 [ -z "${kernel}" ] || cp "${kernel}" "${tmpdir}/sysupgrade-${board}/kernel"
 
-(cd "$tmpdir"; tar cvf sysupgrade.tar sysupgrade-${board})
+mtime=""
+if [ -n "$SOURCE_DATE_EPOCH" ]; then
+	mtime="--mtime=@${SOURCE_DATE_EPOCH}"
+fi
+
+(cd "$tmpdir"; tar cvf sysupgrade.tar sysupgrade-${board} ${mtime})
 err="$?"
 if [ -e "$tmpdir/sysupgrade.tar" ]; then
 	cp "$tmpdir/sysupgrade.tar" "$outfile"