Re: Is it feasible to cross-build compat5x binary?

On Mon, 24 Oct 2005, Martin Cracauer wrote:

> Peter Jeremy wrote on Mon, Oct 24, 2005 at 06:08:11PM +1000:
>> On Sun, 2005-Oct-23 16:29:35 -0700, David O'Brien wrote:
>>> We should no trust cross built libraries for this purpose at this time.
>>> We really don't know how identical the results will be to being natively
>>> built.
>>
>> At some stage, we need to validate our cross-build chain with cmp(1).
>
> ELF object files are timestamped.  But there's some elf-cmp out there.

On libraries (ELF or not: .so or .a) are.

I use diff -r to check that builds of object trees give reproducible
results, and just ignore libraries since they are built up from object
files by a simple process (perhaps not so simple for .so's).  The main
problem at least used to be braindamaged applications that create
irreproducible results using the following methods:
- version.c files with a unique version number or timestamp
- __DATE__ in C files.  Results are reproducible until the next day
- __TIME__ in C files
- __FILE__ in C files.  For {source,generated} files, this makes the
   results depend on the location of the {source,object} tree.

Bruce
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"