GNU Mes 0.24 released

GNU Mes 0.24 released

[Jan Nieuwenhuizen]

[-- Attachment #1: Type: text/plain, Size: 5049 bytes --]


We are thrilled to announce the release of GNU Mes 0.24, representing
222 commits over one year by four people.

Mes has now been ported to M2-Planet and can be bootstrapped using
stage0-posix[0], starting from the 357-byte hex0 binary of the
bootstrap-seeds[1], as was promised at FOSDEM'21[2].

We are exciteda that the NlNet Foundation[4] is again sponsoring this
work!

What's next?

Work to integrate this so-called "Full Source Bootstrap" is happening on
the wip-full-source-bootstrap[3] branch.  Also, full Guile compatible
module support, and RICS-V support.

Enjoy!

* About

  GNU Mes[5] is a Scheme interpreter and C compiler for bootstrapping
  the GNU System.  Since version 0.22 it has again helped to halve the
  size of opaque, uninspectable binary seeds that are currently being
  used in the Reduced Binary Seed bootstrap[6] of GNU Guix[7].  The
  final goal is to help create a full source bootstrap as part of the
  bootstrappable builds[8] effort for UNIX-like operating systems.

  The Scheme interpreter is written in ~5,000 LOC of simple C, and the C
  compiler written in Scheme and these are mutual self-hosting.  Mes can
  now be bootstrapped from M2-Planet[9] and Mescc-Tools[10].

  Mes has a Garbage Collector, a library of loadable Scheme modules--
  notably Dominique Boucher's LALR[11], Pre-R6RS portable
  syntax-case[12] with R7RS ellipsis, Matt Wette's Nyacc[13] --and test
  suite, just enough to support a REPL and a C99 compiler: mescc.

  Mes + MesCC + Mes C Library can build a bootstrappable TinyCC[14] that
  is self-hosting.  Using this tcc and the Mes C library we now have a
  Reduced Binary Seed bootstrap for the gnutools triplet: glibc-2.2.5,
  binutils-2.20.1, gcc-2.95.3.  This is enough to bootstrap Guix for
  i686-linux, x86_64-linux, armhf-linux and aarch64-linux.

  Mes is inspired by The Maxwell Equations of Software: LISP-1.5[15] --
  John McCarthy page 13, GNU Guix's source/binary packaging transparency
  and Jeremiah Orians's stage0[16] 357-byte self-hosting hex assembler.

* Download

  git clone git://git.savannah.gnu.org/mes.git

  Here are the compressed sources and a GPG detached signature[*]:
    https://ftp.gnu.org/gnu/mes/mes-0.24.tar.gz
    https://ftp.gnu.org/gnu/mes/mes-0.24.tar.gz.sig

  Use a mirror for higher download bandwidth:
    https://ftpmirror.gnu.org/mes/mes-0.24.tar.gz
    https://ftpmirror.gnu.org/mes/mes-0.24.tar.gz.sig

  Here are the SHA1 and SHA256 checksums:

  f6681aa02edc6729af43f1d7c46ae1a97cbc1c92  mes-0.24.tar.gz
  828be15e02c103df8a248232491fba10d763724d6ec10f08a2e0e1d249bd9902  mes-0.24.tar.gz

  [*] Use a .sig file to verify that the corresponding file (without the
  .sig suffix) is intact.  First, be sure to download both the .sig file
  and the corresponding tarball.  Then, run a command like this:

    gpg --verify mes-0.24.tar.gz.sig

  If that command fails because you don't have the required public key,
  or that public key has expired, try the following commands to update
  or refresh it, and then rerun the 'gpg --verify' command.

    gpg --recv-keys 1A858392E331EAFDB8C27FFBF3C1A0D9C1D65273

* Get informed, get involved

  See https://bootstrappable.org
  Join #bootstrappable on irc.libera.chat

* NEWS
 * Changes in 0.24 since 0.23
 ** Core
 *** Mes and Mes C Library can now be built with M2-Planet.
 *** Mes now supports the --bootstrap build on ARM.
 ** MesCC
 *** MesCC now supports the integer suffixes:
 Next to `U', also support `ULL', `UL', `L', and `LL'.
 ** Noteworthy bug fixes
 *** MesCC now uses the unsigned type for sizeof.
 *** MesCC now only uses signed division if numerator is signed.
 *** The Mes C library now supports an argv bigger than 255.
 *** Development build support with Guile-2 was resurrected.
 *** The logand procedure now works correctly.
 *** The 64bit build was resurrected.

* Links
  [0] https://github.com/oriansj/stage0-posix
  [1] https://github.com/oriansj/bootstrap-seeds
  [2] https://archive.fosdem.org/2021/schedule/event/gnumes/
  [3] https://git.savannah.gnu.org/cgit/guix.git/log/?h=wip-full-source-bootstrap
  [4] https://nlnet.nl/project/GNUMes-ARM_RISC-V
  [5] https://www.gnu.org/software/mes
  [6] https://guix.gnu.org/blog/2020/guix-further-reduces-bootstrap-seed-to-25
  [7] https://www.gnu.org/software/guix
  [8] https://bootstrappable.org
  [9] https://github.com/oriansj/m2-planet
  [10] https://savannah.nongnu.org/projects/mescc-tools
  [11] https://github.com/schemeway/lalr-scm
  [12] https://www.cs.indiana.edu/chezscheme/syntax-case/old-psyntax.html
  [13] https://www.nongnu.org/nyacc
  [14] https://gitlab.com/janneke/tinycc
  [15] http://www.softwarepreservation.org/projects/LISP/book/LISP%201.5%20Programmers%20Manual.pdf
  [16] https://savannah.nongnu.org/projects/stage0

-- 
Jan Nieuwenhuizen <janneke@gnu.org>  | GNU LilyPond https://lilypond.org
Freelance IT https://JoyOfSource.com | Avatar® https://AvatarAcademy.com

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]

Re: GNU Mes 0.24 released

[Ludovic Courtès]

Heya,

Jan Nieuwenhuizen <janneke@gnu.org> skribis:

> Mes has now been ported to M2-Planet and can be bootstrapped using
> stage0-posix[0], starting from the 357-byte hex0 binary of the
> bootstrap-seeds[1], as was promised at FOSDEM'21[2].

This is amazing… congrats to you & everyone involved!  You made it!  :-)

The ability to build literally everything from source, with reproducible
builds, is a game changer IMO when it comes to supply chain security.

The common objection is: “you’re building from source but you’re not
gonna audit all that source code anyway, so why bother?”  I think it’s
akin to security by obscurity.  That we collectively can and do fiddle
with all this code makes a practical difference; that this is all
transparent means that backdoors become harder to hide.

Supply chain security is a spectrum and I think this achievement changes
what we can expect and demand.

Ludo’.

Re: GNU Mes 0.24 released

[Larry Doolittle]

Ludovic and friends -

On Sun, May 08, 2022 at 12:34:47AM +0200, Ludovic Courtès wrote:
> Jan Nieuwenhuizen <janneke@gnu.org> skribis:
> > Mes has now been ported to M2-Planet and can be bootstrapped using
> > stage0-posix[0], starting from the 357-byte hex0 binary of the
> > bootstrap-seeds[1], as was promised at FOSDEM'21[2].
> This is amazing… congrats to you & everyone involved!  You made it!  :-)

+1

> The common objection is: “you’re building from source but you’re not
> gonna audit all that source code anyway, so why bother?”  [...]
> Supply chain security is a spectrum and I think this achievement changes
> what we can expect and demand.

I've had this conversation before, any my analogy is to the
three legs of a stool.  Bootstrapped toolchains, reproducible builds,
and source-code audits.  Each one is arguably useless without the others,
but taken together, you've actually accomplished something meaningful.
Maybe I should also include "cryptographically signed artifact distribution"
on that list.

 - Larry

Re: GNU Mes 0.24 released

[Sébastien Lerique]

Amazing indeed!

On 07 May 2022 at 16:11, Larry Doolittle <larry@doolittle.boa.org> wrote:
>> The common objection is: “you’re building from source but you’re not
>> gonna audit all that source code anyway, so why bother?”  [...]
>> Supply chain security is a spectrum and I think this achievement changes
>> what we can expect and demand.
>
> I've had this conversation before, any my analogy is to the
> three legs of a stool.  Bootstrapped toolchains, reproducible builds,
> and source-code audits.  Each one is arguably useless without the others,
> but taken together, you've actually accomplished something meaningful.
> Maybe I should also include "cryptographically signed artifact distribution"
> on that list.
>

In a similar line, Bunnie Huang gave an interesting talk about the
hardware trust level a few years ago [0], which led to the Precursor
project [1,2].

Cheers,
Sébastien

[0] https://media.ccc.de/v/36c3-10690-open_source_is_insufficient_to_solve_trust_problems_in_hardware
[1] https://www.crowdsupply.com/sutajio-kosagi/precursor
[2] https://www.bunniestudios.com/blog/?p=5979

Re: GNU Mes 0.24 released

[Larry Doolittle]

Sébastien -

On Sun, May 08, 2022 at 10:55:41PM +0900, Sébastien Lerique wrote:
> In a similar line, Bunnie Huang gave an interesting talk about the
> hardware trust level a few years ago, which led to the Precursor
> project.

Right.  We (the world in general, and open-source and security communities
in particular) are lucky to have bunnie out there finding creative ways
to contribute.

I'm really happy to see risc-v in the mes-supported list.
I was at the 5th RISC-V Workshop in 2016, and heard Eric Grosse, then
Google's VP of Security and Privacy, say that a future without risc-v 
was too scary to consider.

Obligatory xkcd: Stack https://xkcd.com/2166/

  - Larry

Re: GNU Mes 0.24 released

[Thiago Jung Bauermann]

Hello,

Ludovic Courtès <ludo@gnu.org> writes:

> Jan Nieuwenhuizen <janneke@gnu.org> skribis:
>
>> Mes has now been ported to M2-Planet and can be bootstrapped using
>> stage0-posix[0], starting from the 357-byte hex0 binary of the
>> bootstrap-seeds[1], as was promised at FOSDEM'21[2].
>
> This is amazing… congrats to you & everyone involved!  You made it!  :-)
>
> The ability to build literally everything from source, with reproducible
> builds, is a game changer IMO when it comes to supply chain security.

Indeed, this is awesome!

> The common objection is: “you’re building from source but you’re not
> gonna audit all that source code anyway, so why bother?”  I think it’s
> akin to security by obscurity.  That we collectively can and do fiddle
> with all this code makes a practical difference; that this is all
> transparent means that backdoors become harder to hide.

I saw a project a while ago with an interesting approach that looks very
interesting for tackling this problem: crowd-sourced, social code
review:

https://github.com/crev-dev/crev

If many people review a piece of code and there's a system to record
those reviews, then it's possible to get a metric that is proportional
to the trustworthiness of said code.

It's a big task, but for unchanging code bases (such as the bootstrap
chain), it's a finite amount of work...

-- 
Thanks
Thiago

Re: GNU Mes 0.24 released

[indieterminacy]

Larry Doolittle <larry@doolittle.boa.org> writes:

> Ludovic and friends -
>
> On Sun, May 08, 2022 at 12:34:47AM +0200, Ludovic Courtès wrote:
>> Jan Nieuwenhuizen <janneke@gnu.org> skribis:
>> > Mes has now been ported to M2-Planet and can be bootstrapped using
>> > stage0-posix[0], starting from the 357-byte hex0 binary of the
>> > bootstrap-seeds[1], as was promised at FOSDEM'21[2].
>> This is amazing… congrats to you & everyone involved!  You made it!  :-)
>
> +1
>
>> The common objection is: “you’re building from source but you’re not
>> gonna audit all that source code anyway, so why bother?”  [...]
>> Supply chain security is a spectrum and I think this achievement changes
>> what we can expect and demand.
>
> I've had this conversation before, any my analogy is to the
> three legs of a stool.  Bootstrapped toolchains, reproducible builds,
> and source-code audits.  Each one is arguably useless without the others,
> but taken together, you've actually accomplished something meaningful.
> Maybe I should also include "cryptographically signed artifact distribution"
> on that list.
>
>  - Larry

With works this sturdy then even two tool domains suffice as a fine and
versatile stepladder...

Great job everybody!


- Jonathan

RE: GNU Mes 0.24 released

[Orians, Jeremiah (DTMB)]

>> The common objection is: "you're building from source but you're not 
>> gonna audit all that source code anyway, so why bother?"  I think it's 
>> akin to security by obscurity.  That we collectively can and do fiddle 
>> with all this code makes a practical difference; that this is all 
>> transparent means that backdoors become harder to hide.
Well from root binaries to Gnu Mes (along with the extras such as sha256sum, ungz and untar) if printed on single sided paper at size 12 font would be only 171 pages.
So not that hard after all after that you can leverage sha256sums and chains of trust to do the rest

> I saw a project a while ago with an interesting approach that looks very interesting for tackling this problem: crowd-sourced, social code
> review:
> https://github.com/crev-dev/crev
Looks interesting

-Jeremiah