[presentations] 01/01: Add "The Reproducible Build Zoo" presented at Embedded Linux Conference 2017.
Vagrant Cascadian
vagrant at moszumanska.debian.org
Fri Feb 24 18:52:50 UTC 2017
This is an automated email from the git hooks/post-receive script.
vagrant pushed a commit to branch master
in repository presentations.
commit 154a2e83707579770697a0fc1f9f57daa117219e
Author: Vagrant Cascadian <vagrant at debian.org>
Date: Fri Feb 24 10:51:16 2017 -0800
Add "The Reproducible Build Zoo" presented at Embedded Linux
Conference 2017.
---
2017-02-22-Reproducible-Build-Zoo/README.txt | 19 +
.../images/Dcentre_racks.jpg | Bin 0 -> 54495 bytes
2017-02-22-Reproducible-Build-Zoo/images/mamr | 1 +
.../images/stats_builds_per_day_armhf.png | Bin 0 -> 57333 bytes
.../reproducible-build-zoo-elc.org | 543 +++++++++++++++++++++
5 files changed, 563 insertions(+)
diff --git a/2017-02-22-Reproducible-Build-Zoo/README.txt b/2017-02-22-Reproducible-Build-Zoo/README.txt
new file mode 100644
index 0000000..16d3e39
--- /dev/null
+++ b/2017-02-22-Reproducible-Build-Zoo/README.txt
@@ -0,0 +1,19 @@
+This talk can generate a PDF presentation using emacs org-mode.
+
+Install:
+
+ apt-get install texlive-latex-extra org-mode
+
+ emacs *.org
+
+To generate a PDF from within emacs:
+
+ ctrl-c ctrl-e l P
+
+or
+
+ M-x org-beamer-export-to-pdf
+
+(This also generates a .tex file)
+
+To present it, I used firefox's built-in PDF viewer.
diff --git a/2017-02-22-Reproducible-Build-Zoo/images/Dcentre_racks.jpg b/2017-02-22-Reproducible-Build-Zoo/images/Dcentre_racks.jpg
new file mode 100644
index 0000000..ae93b34
Binary files /dev/null and b/2017-02-22-Reproducible-Build-Zoo/images/Dcentre_racks.jpg differ
diff --git a/2017-02-22-Reproducible-Build-Zoo/images/mamr b/2017-02-22-Reproducible-Build-Zoo/images/mamr
new file mode 120000
index 0000000..6103f27
--- /dev/null
+++ b/2017-02-22-Reproducible-Build-Zoo/images/mamr
@@ -0,0 +1 @@
+../../2016-07-04-many-armed-monster-of-reproducibility/images/
\ No newline at end of file
diff --git a/2017-02-22-Reproducible-Build-Zoo/images/stats_builds_per_day_armhf.png b/2017-02-22-Reproducible-Build-Zoo/images/stats_builds_per_day_armhf.png
new file mode 100644
index 0000000..99ab2ec
Binary files /dev/null and b/2017-02-22-Reproducible-Build-Zoo/images/stats_builds_per_day_armhf.png differ
diff --git a/2017-02-22-Reproducible-Build-Zoo/reproducible-build-zoo-elc.org b/2017-02-22-Reproducible-Build-Zoo/reproducible-build-zoo-elc.org
new file mode 100644
index 0000000..b3efcf8
--- /dev/null
+++ b/2017-02-22-Reproducible-Build-Zoo/reproducible-build-zoo-elc.org
@@ -0,0 +1,543 @@
+#+TITLE: The Reproducible Build Zoo
+#+AUTHOR: Vagrant Cascadian
+#+EMAIL: vagrantc at aikidev.net
+#+DATE: ELC 2017-02-22
+#+DESCRIPTION:
+#+KEYWORDS:
+#+LANGUAGE: en
+#+OPTIONS: H:1 num:t toc:nil \n:nil @:t ::t |:t ^:t -:t f:t *:t <:t
+#+OPTIONS: TeX:t LaTeX:t skip:nil d:nil todo:t pri:nil tags:not-in-toc
+#+OPTIONS: ^:nil
+#+INFOJS_OPT: view:nil toc:nil ltoc:t mouse:underline buttons:0 path:http://orgmode.org/org-info.js
+#+EXPORT_SELECT_TAGS: export
+#+EXPORT_EXCLUDE_TAGS: noexport
+#+LINK_UP:
+#+LINK_HOME:
+#+startup: beamer
+#+LaTeX_CLASS: beamer
+#+LaTeX_CLASS_OPTIONS: [bigger]
+#+LaTeX_CLASS_OPTIONS: [aspectratio=169]
+#+latex_header: \mode<beamer>{\usetheme{Madrid}}
+#+COLUMNS: %40ITEM %10BEAMER_env(Env) %9BEAMER_envargs(Env Args) %4BEAMER_col(Col) %10BEAMER_extra(Extra)
+
+* About reproducible builds
+
+ - reproducible-builds.org
+ - Packages with the same source code, built with the same toolchain,
+ should come out identical.
+
+* Source Code
+
+ - Source code is readable and writeable by trained +monkeys+ humans
+ - Computers run binary code
+ - How do you know the binary code the computer is running was
+ produced from the source code?
+
+* Verification
+
+ #+BEGIN_SRC shell
+ $ python -c 'x=1 ; y=1 ; print(x+y)'
+ 2
+ #+END_SRC
+
+ #+BEGIN_SRC shell
+ $ python -c 'x=1 ; y=1 ; print(x+y)' | sha256sum
+ 53c234e5e8472b6ac51c1ae1cab3fe06fad053beb8ebfd8977b010655bfdd3c3 -
+ #+END_SRC
+
+ #+BEGIN_SRC shell
+ $ echo 2 | sha256sum
+ 53c234e5e8472b6ac51c1ae1cab3fe06fad053beb8ebfd8977b010655bfdd3c3 -
+ #+END_SRC
+
+* Independent verification
+
+ source code + build environment + build instructions
+
+ =
+
+ bit-by-bit identical copies
+
+ *anyone* can verify the result
+
+https://reproducible-builds.org/docs/definition/
+
+* Reproducibility matters
+
+ What kind of security implications are we facing?
+
+ - *CVE-2002-0083*: Remote root exploit in OpenSSH,
+ caused by an off-by-one error
+
+ - 2015: *XcodeGhost*: malware variant of Apple's SDK Infected over
+ 4,000 apps in Apple's App store
+
+* I Blame u-boot
+
+ - u-boot was marked as reproducible
+ - I knew it was wrong:
+
+ U-Boot SPL 2016.01+dfsg1-3 (*Feb 21 2016 - 21:39:10*)
+
+* timestamps: Please No
+
+ There's no timestamps like *NO* timestamps.
+
+* timestamps: SOURCE_DATE_EPOCH
+
+ Last resort: SOURCE_DATE_EPOCH
+
+ https://reproducible-builds.org/specs/source-date-epoch/
+
+* locales
+
+ - Sort order for C, as spoken in UNIX:
+ #+BEGIN_SRC shell
+ $ printf 'a\nB\nb\nA\n' | LC_ALL=C sort
+ A
+ B
+ a
+ b
+ #+END_SRC
+
+ - Sort order for English, as spoken in USA:
+ #+BEGIN_SRC shell
+ $ printf 'a\nB\nb\nA\n' | LC_ALL=en_US.UTF-8 sort
+ a
+ A
+ b
+ B
+ #+END_SRC
+
+ https://reproducible-builds.org/docs/locales/
+
+* file sort order
+
+ - Bad Makefile:
+ #+BEGIN_SRC Makefile
+ SRCS = $(wildcard *.c)
+ tool: $(SRCS:.c=.o)
+ $(CC) -o $@ $^
+ #+END_SRC
+
+ - Good Makefile:
+ #+BEGIN_SRC Makefile
+ SRCS = $(sort $(wildcard *.c))
+ tool: $(SRCS:.c=.o)
+ $(CC) -o $@ $^
+ #+END_SRC
+
+ https://reproducible-builds.org/docs/stable-inputs/
+
+* build path
+
+ - Can be normalized in build environment
+ - Ongoing work to GCC and other major toolchains by Ximin Luo and
+ others:
+ - Some patches to GCC accepted, more in progress
+ - draft specification: BUILD_PATH_PREFIX_MAP in progress
+
+* A typical build farm
+
+ [[./images/Dcentre_racks.jpg]]
+
+* The Reproducible Build Zoo
+
+ [[./images/mamr/rack_20160630_010.jpg]]
+
+* Humble Beginnings
+** Beginnings
+ :PROPERTIES:
+ :BEAMER_col: 0.40
+ :END:
+
+ - In August of 2015, work was done to enable two dual-core and two
+ quad-core build machines.
+
+** Image
+ :PROPERTIES:
+ :BEAMER_col: 0.60
+ :END:
+
+ [[./images/mamr/hb2_20160630_021.jpg]]
+
+* Alive and kicking
+
+ - In September 2015, the network went live, building around 200
+ source packages a day.
+ - With over 25,000 packages in the Debian archive, it would take well
+ over 100 days to build everything in Debian unstable...
+
+* BananaPI
+
+ BananaPI
+ - 74 builds per day
+ - dual-core Allwinner A20 (cortex-A7)
+ - 1GB of ram
+ - Sata
+ - Donated by LeMaker
+
+* HummingBoard i2ex
+** hbi2
+ :PROPERTIES:
+ :BEAMER_col: 0.40
+ :END:
+
+ HummingBoard i2ex
+ - 89 builds per day
+ - dual-core imx6 (cortex-a9)
+ - 1GB of ram
+ - mSata
+ - Donated by Solidrun
+
+** Image
+ :PROPERTIES:
+ :BEAMER_col: 0.60
+ :END:
+
+ [[./images/mamr/hb2_20160630_021.jpg]]
+
+* Wandboard Quad
+** wbq
+ :PROPERTIES:
+ :BEAMER_col: 0.40
+ :END:
+
+ Wandboard Quad
+ - 184 builds per day
+ - quad-core imx6 (cortex-a9)
+ - 2GB of ram
+ - Sata
+ - Donated by Aikidev
+
+** Image
+ :PROPERTIES:
+ :BEAMER_col: 0.60
+ :END:
+
+ [[./images/mamr/boards/wbq_20160630_064.jpg]]
+
+* Cubox-i4pro
+** cbxi4p
+ :PROPERTIES:
+ :BEAMER_col: 0.40
+ :END:
+
+ Cubox-i4pro
+ - 165 builds per day
+ - quad-core imx6 (cortex-a9)
+ - 2GB of ram
+ - eSata
+ - Donated by Aikidev
+
+** Image
+ :PROPERTIES:
+ :BEAMER_col: 0.60
+ :END:
+
+ [[./images/mamr/boards/cbxi_20160630_025.jpg]]
+
+* Odroid-XU4
+** odxu4
+ :PROPERTIES:
+ :BEAMER_col: 0.40
+ :END:
+
+ Three Odroid-XU4
+ - 192-228 builds per day
+ - octa-core exynos 5422 (cortex-a15/a7)
+ - 2GB of ram
+ - *USB3*
+ - Running linux 4.7 due to USB issues
+ - firmware blob
+ - Donated by Aikidev/Debian
+
+** Image
+ :PROPERTIES:
+ :BEAMER_col: 0.60
+ :END:
+
+ [[./images/mamr/boards/odxu4_20160630_022.jpg]]
+
+* Wandboard Dual
+
+** wbd0
+ :PROPERTIES:
+ :BEAMER_col: 0.40
+ :END:
+
+ Wandboard Dual
+ - 78 packges per day
+ - dual-core imx6 (cortex-a9)
+ - 1GB of ram
+ - *USB2*
+ - Donated by TechNexion
+
+* Raspberry PI 2b
+** rpi2
+ :PROPERTIES:
+ :BEAMER_col: 0.40
+ :END:
+
+ Two RaspberryPI 2b
+ - 86-92 builds per day
+ - quad-core bcm2836 (cortex-a7)
+ - 1GB of ram
+ - USB2
+ - firmware blob
+ - Donated by Aikidev/Debian
+
+** Image
+ :PROPERTIES:
+ :BEAMER_col: 0.60
+ :END:
+ [[./images/mamr/boards/rpi2_20160630_045.jpg]]
+
+* Firefly
+** firefly
+ :PROPERTIES:
+ :BEAMER_col: 0.40
+ :END:
+
+ Two Firefly
+ - 178-181
+ - quad-core Rockchip rk3288 (cortex-a17)
+ - 2GB of ram
+ - USB2
+ - Donated by Debian
+
+** Image
+ :PROPERTIES:
+ :BEAMER_col: 0.60
+ :END:
+
+ [[./images/mamr/boards/firefly_20160630_042.jpg]]
+
+* Orange PI Plus2
+** opi2
+ :PROPERTIES:
+ :BEAMER_col: 0.40
+ :END:
+
+ Three OrangePi Plus2
+ - 162-165 builds per day
+ - quad-core Allwinner H3 (cortex-a7)
+ - 2GB ram
+ - USB2
+ - Ethernet not supported, using USB adapter
+ - Donated by Debian
+
+** Image
+ :PROPERTIES:
+ :BEAMER_col: 0.60
+ :END:
+
+ [[./images/mamr/boards/opi2_20160630_044.jpg]]
+
+* Cubox-i4x4
+** cbxi4x4
+ :PROPERTIES:
+ :BEAMER_col: 0.40
+ :END:
+
+ Two Cubox-i4x4
+ - 195-196 builds per day
+ - quad-core imx6 (cortex-a9)
+ - *3.8GB ram*
+ - eSata
+ - patched u-boot for full ram
+ - Donated by Debian
+
+** Image
+ :PROPERTIES:
+ :BEAMER_col: 0.60
+ :END:
+
+ [[./images/mamr/boards/cbxi_20160630_025.jpg]]
+
+* BeagleBoard-X15
+** bbx15
+ :PROPERTIES:
+ :BEAMER_col: 0.40
+ :END:
+
+ BeagleBoard-X15
+ - 200 builds per day
+ - dual-core TI AM5728 (cortex-a15)
+ - 2GB ram
+ - eSata
+ - Donated by Beagleboard.org
+
+** Image
+ :PROPERTIES:
+ :BEAMER_col: 0.60
+ :END:
+
+ [[./images/mamr/bbx15_20160630_012.jpg]]
+
+* Firefly with 4GB of ram!
+
+** firefly
+ :PROPERTIES:
+ :BEAMER_col: 0.40
+ :END:
+
+ Firefly
+ - 202 builds per day
+ - quad-core Rockchip rk3288 (cortex-a17)
+ - *4GB of ram*
+ - USB2
+ - Donated by Debian
+
+** Image
+ :PROPERTIES:
+ :BEAMER_col: 0.60
+ :END:
+
+ [[./images/mamr/boards/firefly_20160630_014.jpg]]
+
+* Odroid-U3
+
+ Odroid-U3
+ - 234 builds per day
+ - quad-core exynos 4412 (cortex-a9)
+ - 2GB of ram
+ - USB2
+ - firmware blob
+ - Donated by Debian
+
+* Cubietruck
+** cb3a
+ :PROPERTIES:
+ :BEAMER_col: 0.40
+ :END:
+
+ Cubietruck
+ - 75 builds per day
+ - dual-core Allwinner A20 (cortex-a7)
+ - 2GB of ram
+ - SATA
+ - Donated by Debian
+
+** Image
+ :PROPERTIES:
+ :BEAMER_col: 0.60
+ :END:
+
+ [[./images/mamr/boards/cb3_20160630_011.jpg]]
+
+* Jetson-TK1
+
+ Jetson-TK1
+ - 232 builds per day
+ - quad-core tegra-k1 (cortex-a15)
+ - 2GB of ram
+ - SATA
+ - installation of firmware difficult
+ - on-board ethernet issues
+ - Donated by Nvidia
+
+* Pine64+
+
+ Two Pine64+
+ - 95-106 builds per day
+ - quad-core Allwinner A64 (coretex-a53)
+ - 2GB of ram
+ - USB2
+ - Ethernet not supported, using USB adapter
+ - firmware blob
+ - Running kernel from linux-next
+ - Donated by Aikidev
+
+* Troublesome boards
+
+ - Cubieboard4
+ - Cubietruck Plus
+ - Odroid-c1+
+ - Odroid-c2
+ - LeMaker HiKey
+
+* Upstream Linux support
+
+ - Debian's modular kernel configuration
+
+* Upstream U-boot support
+
+ - distro bootcmd
+ - Patches in Debian packages
+
+* Bootstrapping
+
+ - debootstrap or qemu-debootstrap
+ - install and configure kernel & initial user
+ - Ansible
+
+* Managing build jobs
+
+ https://tests.reproducible-builds.org
+
+ - runs jenkins
+ - executes shell scripts on nodes
+ - results of builds copied to server for comparison
+
+* Current capacity
+
+** counts
+ :PROPERTIES:
+ :BEAMER_col: 0.2
+ :END:
+
+ - 98 cores
+ - 46.8 GB of ram
+ - under 225 watts
+ - 1700+ builds per day
+
+** stats
+ :PROPERTIES:
+ :BEAMER_col: 0.80
+ :END:
+
+ [[./images/stats_builds_per_day_armhf.png]]
+
+* Thanks
+
+** funding
+ :PROPERTIES:
+ :BEAMER_col: 0.33
+ :END:
+
+- Core Infrastructure Initiative
+
+** sponsors
+ :PROPERTIES:
+ :BEAMER_col: 0.33
+ :END:
+
+- LeMaker
+- TechNexion
+- SolidRun
+- Debian
+- BeagleBoard.org
+- Nvidia
+
+** people
+ :PROPERTIES:
+ :BEAMER_col: 0.33
+ :END:
+
+- The Reproducible Builds folks
+
+* Copyright
+
+Copyright 2016-2017 by Vagrant Cascadian
+<vagrant at debian.org>. Copyright of images included in the images
+directory are held by their respective owners.
+
+This work is licensed under the Creative Commons Attribution-Share
+Alike 3.0 License. To view a copy of this license, visit
+http://creativecommons.org/licenses/by-sa/3.0/ or send a letter to
+Creative Commons, 171 Second Street, Suite 300, San Francisco,
+California, 94105, USA.
+
+Dcentre_racks.jpg by https://commons.wikimedia.org/wiki/File:Dcentre_racks.jpg
+by Lgate74, license: https://creativecommons.org/licenses/by/3.0/deed.en
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/reproducible/presentations.git
More information about the Reproducible-commits
mailing list