@monk @trofi @emilyposting
Great talk!
Very interesting to see what may come out of all this.
#bootstrappable
#nixos

Spent part of my #RechageDay at #AMD looking at bootstrapping #TinyCC 0.9.26 from #GNUMes on #x86_64 architecture. And thanks to #Mes mantainer @janneke for his help debugging various issues. We can now build initial #tcc binary and it can even run some simple commands such as --help or -vv.

Unfortunately, we still hit some critical bugs when trying to use this tcc binary to rebuild itself but hopefully we are not far now.

#bootstrappable
#BootstrappableBuilds
#ReproducibleBuilds

Talk at IEEE S&P 2023 "Oakland" by Marcel Fourné "It’s like flossing your teeth: On the Importance and Challenges of Reproducible Builds for Software Supply Chain Security"

https://www.youtube.com/watch?v=H0A2cSejlZ4

#bootstrappable
#BootstrappableBuilds
#ReproducibleBuilds
@reproducible_builds

I've just merged PR that implements kernel bootstrap for live-bootstrap: https://github.com/fosslinux/live-bootstrap/pull/295
Big thanks to all the people who contributed to this!

We can start with a small x86 binary that has about 200 bytes of code (but has to be padded to 512 bytes to add MBR signature) and bootstraps both kernel (builder-hex0->Fiwix->Linux) and userspace all the way from hex0 to GCC 13.

#BootstrappableBuilds
#ReproducibleBuilds
@reproducible_builds #bootstrappable

@janneke @bugaevc The folks in #bootstrappable @liberachat are working towards resolving those questions. A POSIX kernel capable of building Linux, and a bootstrap from UEFI are some projects off the top of my head.

They want to get to a FPGA softcore bootstrap, then a manually constructed CPU in TTL to bootstrap from.

But yeah, there are many parts to work on that would improve our (collective) situation, such as bootstrapping GHC: @nomeata https://mastodon.online/@nomeata/110263917613134533

If you run "guix pull" today, you get a package graph of more than 22,000 nodes rooted in a 357-byte program---something that had never been achieved, to our knowledge, since the birth of Unix: a Full-Source Bootstrap.

#GnuMes
#bootstrappable
#BootstrappableBuilds
#ReproducibleBuilds
@fsf
@fsfe

@justafrog @davefischer @suricrasia You can still memorise entire kernel if you want: https://github.com/ironmeld/builder-hex0

#bootstrappable

good news is that prover9 proves David A. Wheeler's theorems on Diverse Double-Compiling for fully countering #TrustingTrust instantly and gives you rather detailed output.

https://dwheeler.com/trusting-trust/dissertation/

#bootstrappable

@revk @benjaminhollon I voted for cat as with the (ridiculous) idea that I could bootstrap my way into anything else, a la https://bootstrapping.miraheze.org/wiki/Stage0

#bootstrappable

#GNU Mes 0.24.2 released: Fixing a long standing stat64 and friends bug for 32-bit systems https://debbugs.gnu.org/41264.

https://lists.gnu.org/archive/html/info-gnu/2023-02/msg00004.html

The soon-to-be-merged #Guix core-updates branch now also uses this fix.

#GnuMes
#bootstrappable
#BootstrappableBuilds
#ReproducibleBuilds
@fsf@status.fsf.org
@fsfe

#Python 3.11 has just been added to https://github.com/fosslinux/live-bootstrap/. All built from 256 byte hex0 seed. Perhaps we can soon use it as a seed for #Gentoo.

#bootstrappable #bootstrappablebuilds

Recently I have been working on my new project:

https://git.stikonas.eu/andrius/stage0-uefi

This is probably the first self-hosted compiler that runs on UEFI. But it's not just that, it can also be bootstrapped from hex.

It is still work in progress and does not go beyond self-hosting M2-Planet on UEFI but its POSIX equivalent (that assumes existence of kernel such as #linux) can go all the way from hex to GCC:

https://github.com/fosslinux/live-bootstrap/
https://github.com/oriansj/stage0-posix

#bootstrappable #uefi #stage0

Recently I have been working on my new project:

https://git.stikonas.eu/andrius/stage0-uefi

This is probably the first self-hosted compiler that runs on UEFI. But it's not just that, it can also be bootstrapped from hex.

It is still work in progress and does not go beyond self-hosting M2-Planet on UEFI but its POSIX equivalent (that assumes existence of kernel such as #linux) can go all the way from hex to GCC:

https://github.com/fosslinux/live-bootstrap/
https://github.com/oriansj/stage0-posix

#bootstrappable #uefi #stage0

@johnnymojo I think the author covers the reasoning of s6-rc in the post linked above.

GNU-free has its advantages, primarily for security and saving disk space and memory usage. GNU software tends to suffer from scope creep and non-standard behavior, which is a problem if you want your software to work on non-GNU systems. And they tend not to care if you think that's a problem.

This thread by @ariadne gives more concrete details about the advantages of musl-libc: https://social.treehouse.systems/@ariadne/109207478182806790

There is a fellow in #bootstrappable @liberachat IRC channel that has most of a working Linux Portage overlay that has zero dependencies on GNU software. They just don't trust the stuff... Oasis Linux is something worth checking out for more on this approach: https://github.com/oasislinux/oasis

@nytpu

On the #bootstrappable, achaninja writes (https://logs.guix.gnu.org/bootstrappable/2022-05-11.log#142410):

My recreation of the mescc bootstrap:

https://github.com/andrewchambers/trusting-trust

Let me know if you try it, it's not finished, but gets as far as master tcc. It trusts the host system a bit more in order to get some more flexibility.

@EWings
http://bootstrappable.org/ should be a good entry point into this topic. One of the relevant projects is GNU Mes https://www.gnu.org/software/mes/

#bootstrappable #GNUmes

@civodul
So, how do we leverage that to actually get traction on projects such as #reproduciblebuilds and #bootstrappable and #guix which actually do address many of the supply chain issues?

I worry some of the weakest recommendations are likely what will take hold, and little more, but it would be such a missed opportunity...

This looks interesting. It's basically a project for a #bootstrappable civilization. Like #collapseOS but for wetware.
https://github.com/civboot/civboot

GNU Mes 0.23 released!

Mes now supports ARM! For development it also builds with @gnutools' gcc-10 and @guilelang 3.0

https://lists.gnu.org/archive/html/info-gnu/2021-03/msg00002.html

#bootstrappable #reprobuilds @fsf #gnutools #NLnetFDN

Next up in the Declarative and Minimalistic Computing devroom at #FOSDEM2021

We closed the gap between Stage0 and GNU Mes: the Full Source Bootstrap!

Video https://live.fosdem.org/watch/ddeclarativeminimalistic

Chat https://chat.fosdem.org/#/room/#declarative.minimalistic:fosdem.org

#bootstrappable @fsf @conservancy @fsfe @nixos@gup.pe