Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bit for bit deterministic reproducible builds from the getgo #56

Open
unbalancedparentheses opened this issue Jan 6, 2024 · 0 comments
Assignees
Milestone

Comments

@unbalancedparentheses
Copy link
Member

Repeatable builds are a difficult goal. You essentially have to purge all sources of non determinism from the compiler, or mitigate them so they don't show up in the final binary. This includes timestamps, random numbers (which might show up in the order values are written into the binary from hash maps for instance) file paths that depend on the directory in which the build takes place, and a lot more.
I don't think anyone has prioritized putting in that work or that the rust project has agreed to support repeatability in future work.
On top of the difficulty, when I've seen it brought up before, I've seen pushback in the other direction that non repeatability can actually be a valuable property for making binaries more secure. I think the argument was that you can use randomness kind of like a hash salt to make it harder to craft effective attacks against programs. (Rust doesn't currently do this either).
Which is not to say it couldn't be done, but it would be a big effort. And that's just getting to repeatable builds. What you're proposing would need to be built on top of that.

https://users.rust-lang.org/t/testing-out-reproducible-builds/9758

@unbalancedparentheses unbalancedparentheses changed the title Reproducible builds from the getgo Bit for bit deterministic reproducible builds from the getgo Jan 6, 2024
@igaray igaray added this to the 0.01 Talc milestone Jan 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants