From 8664ab7debabfb6e1049c81030c2a18fd3eecb58 Mon Sep 17 00:00:00 2001
From: Vagrant Cascadian <vagrant@debian.org>
Date: Sun, 3 Jun 2018 12:26:57 -0700
Subject: [PATCH] Set time and umask on multi-dtb fit images to ensure
 reproducibile builds.

When building compressed (lzop, gzip) multi-dtb fit images, the
compression tool may embed the time or umask in the image.

Work around this by manually setting the time of the source file using
SOURCE_DATE_EPOCH and a hard-coded 0600 umask.

With gzip, this could be accomplished by using -n/--no-name, but lzop
has no current workaround:

  https://bugs.debian.org/896520

Signed-off-by: Vagrant Cascadian <vagrant@debian.org>
---
 scripts/Makefile.spl | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/scripts/Makefile.spl b/scripts/Makefile.spl
index 057389997d..ef018b5b40 100644
--- a/scripts/Makefile.spl
+++ b/scripts/Makefile.spl
@@ -391,6 +391,10 @@ MKIMAGEFLAGS_$(SPL_BIN).multidtb.fit = -f auto -A $(ARCH) -T firmware -C none -O
 
 $(obj)/$(SPL_BIN).multidtb.fit: /dev/null $(SHRUNK_ARCH_DTB) FORCE
 	$(call if_changed,mkimage)
+ifneq ($(SOURCE_DATE_EPOCH),)
+	touch -d @$(SOURCE_DATE_EPOCH) $(obj)/$(SPL_BIN).multidtb.fit
+	chmod 0600 $(obj)/$(SPL_BIN).multidtb.fit
+endif
 
 $(obj)/$(SPL_BIN).multidtb.fit.gz: $(obj)/$(SPL_BIN).multidtb.fit
 	@gzip -kf9 $< > $@
-- 
2.39.2