From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:56215) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gBcFr-0006EW-W5 for guix-patches@gnu.org; Sun, 14 Oct 2018 05:00:09 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gBcFp-0002yz-Uv for guix-patches@gnu.org; Sun, 14 Oct 2018 05:00:07 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:44538) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1gBcFp-0002yq-PY for guix-patches@gnu.org; Sun, 14 Oct 2018 05:00:05 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1gBcFp-0006IC-N7 for guix-patches@gnu.org; Sun, 14 Oct 2018 05:00:05 -0400 Subject: [bug#33038] [PATCH 6/6] doc: Update Preparing to Use the Bootstrap Binaries. Resent-Message-ID: From: Jan Nieuwenhuizen Date: Sun, 14 Oct 2018 10:58:57 +0200 Message-Id: <20181014085857.3863-6-janneke@gnu.org> In-Reply-To: <20181014085857.3863-1-janneke@gnu.org> References: <20181014085857.3863-1-janneke@gnu.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: 33038@debbugs.gnu.org * doc/guix.texi (Preparing to Use the Bootstrap Binaries): Mention bootstrap-mes alongside bootstrap-gcc. (Reducing the Set of Bootstrap Binaries): Mention the Reduced Binary Seed bootstrap, MesCC-Tools and Mes. --- doc/guix.texi | 51 ++++++++++++++++++++++++++++++++++++--------------- 1 file changed, 36 insertions(+), 15 deletions(-) diff --git a/doc/guix.texi b/doc/guix.texi index 48f01e989..0d7cabaa1 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -23583,8 +23583,8 @@ to use that term for what we do now.}. The Reduced Binary Seed bootstrap removes the most critical tools---from a trust perspective---from the bootstrap binaries: GCC, Binutils and the GNU C Library are replaced by: @code{mescc-tools-seed} (a tiny assembler and linker) -@code{mes-seed} (a small Scheme Interpreter and a C compiler writen in Scheme) -and @code{tinycc-seed} (the Mes C Library, built for TinyCC). Using these new +@code{bootstrap-mes} (a small Scheme Interpreter and a C compiler writen in +Scheme and the Mes C Library, built for TinyCC and for GCC). Using these new binary seeds and a new set of @c packages@footnote{@c @@ -23640,7 +23640,15 @@ packages bootstrap)} module. A similar figure can be generated with @example guix graph -t derivation \ -e '(@@@@ (gnu packages bootstrap) %bootstrap-gcc)' \ - | dot -Tps > t.ps + | dot -Tps > gcc.ps +@end example + +or, for the Reduced Binary Seed bootstrap + +@example +guix graph -t derivation \ + -e '(@@@@ (gnu packages bootstrap) %bootstrap-mes)' \ + | dot -Tps > mes.ps @end example At this level of detail, things are @@ -23672,10 +23680,10 @@ write them in an output directory with the right layout. This corresponds to the @code{#:modules} argument of @code{build-expression->derivation} (@pxref{Derivations}). -Finally, the various tarballs are unpacked by the -derivations @code{gcc-bootstrap-0.drv}, @code{glibc-bootstrap-0.drv}, -etc., at which point we have a working C tool chain. - +Finally, the various tarballs are unpacked by the derivations +@code{gcc-bootstrap-0.drv}, @code{glibc-bootstrap-0.drv}, or +@code{bootstrap-mes-0.drv} and @code{mescc-tools-boot-0.drv}, at which point +we have a working C tool chain. @unnumberedsubsec Building the Build Tools @@ -23741,7 +23749,9 @@ automated way to produce them, should an update occur, and this is what the @code{(gnu packages make-bootstrap)} module provides. The following command builds the tarballs containing the bootstrap -binaries (Guile, Binutils, GCC, libc, and a tarball containing a mixture +binaries (Binutils, GCC, glibc, for the traditional bootstrap and +linux-libre-headers, mescc-tools-seed, bootstrap-mes for the Reduced +Binary Seed bootstrap, and Guile, and a tarball containing a mixture of Coreutils and other basic command-line tools): @example @@ -23760,12 +23770,12 @@ know. @unnumberedsubsec Reducing the Set of Bootstrap Binaries -Our bootstrap binaries currently include GCC, Guile, etc. That's a lot -of binary code! Why is that a problem? It's a problem because these -big chunks of binary code are practically non-auditable, which makes it -hard to establish what source code produced them. Every unauditable -binary also leaves us vulnerable to compiler backdoors as described by -Ken Thompson in the 1984 paper @emph{Reflections on Trusting Trust}. +Our traditional bootstrap includes GCC, GNU Libc, Guile, etc. That's a lot of +binary code! Why is that a problem? It's a problem because these big chunks +of binary code are practically non-auditable, which makes it hard to establish +what source code produced them. Every unauditable binary also leaves us +vulnerable to compiler backdoors as described by Ken Thompson in the 1984 +paper @emph{Reflections on Trusting Trust}. This is mitigated by the fact that our bootstrap binaries were generated from an earlier Guix revision. Nevertheless it lacks the level of @@ -23777,7 +23787,18 @@ The @uref{http://bootstrappable.org, Bootstrappable.org web site} lists on-going projects to do that. One of these is about replacing the bootstrap GCC with a sequence of assemblers, interpreters, and compilers of increasing complexity, which could be built from source starting from -a simple and auditable assembler. Your help is welcome! +a simple and auditable assembler. + +Our first major achievement is the replacement of of GCC, the GNU C Library +and Binutils by MesCC-Tools (a simple hex linker and macro assembler) and Mes +(a Scheme interpreter and a C99 compiler in Scheme). Neither MesCC-Tools nor +Mes can be fully bootstrapped yet and thus we inject them as binary seeds. We +call this the Reduced Binary Seed bootstrap, as it has halved the size of our +bootstrap binaries! Also, it has eliminated the C compiler binary; i686-linux +and x86_64-linux GuixSD are now bootstrapped without any binary C compiler. + +Work is ongoing to make MesCC-Tools and Mes fully bootstrappable and we are +also looking at any other bootstrap binaries. Your help is welcome! @node Porting @section Porting to a New Platform -- 2.18.0