live-bootstrap VS bootstrap-seeds

Not using this, but tangentially related is (full disclosure, i am a maintainer of this project) live-bootstrap, which uses about a KB of binary to do a full "Linux from scratch" style thing - read https://github.com/fosslinux/live-bootstrap/blob/master/part... for all 143 steps you have to go through to get there.

Actually you can skip a file system entirely if you do something like stage0 or live-bootstrap https://github.com/fosslinux/live-bootstrap

See https://github.com/fosslinux/live-bootstrap, and https://github.com/fosslinux/live-bootstrap/blob/master/parts.rst has all the steps we take.

live-bootstrap builds a variety of intermediate systems, starting from a <1KB binary seed (kernel excluded). Check parts.rst for a description, it's kinda wild just how many C and C subset compilers get compiled... but the end result is a system with musl and GCC 4.7, from which building the latest GCC is 2 steps away.

There is also live-bootstrap which uses a similar bootstrap chain to Guix (stage0 -> Mes -> tcc -> gcc), but without needing Guile/guix-daemon binaries etc. The whole thing starts with just a 357-byte binary seed (source)!

There's some cool stuff being done in this area. For example, live-bootstrap goes from a tiny, auditable binary seed to a full GNU userland using only source code (and a Linux kernel).

This[0] is basically the hand-documentation of those bytes then. Handwritten ELF header and assembly code.

[0] https://github.com/oriansj/bootstrap-seeds/blob/master/POSIX...

The bootstrap seed, https://github.com/oriansj/bootstrap-seeds/blob/master/POSIX..., is a tiny interpreter that takes a much larger program written in a special-purpose, bytecode-based language. This proceeds in turn once or twice more--special purpose program generating another interpreter for another special-purpose language--until you end up with a minimal Scheme interpreter, which then can be used to execute a C compiler program.

All of this is incredible work, but a minimal C-subset compiler in under 512 bytes seems like a unique achievement.

There is also live-bootstrap which uses a similar bootstrap chain to Guix (stage0 -> Mes -> tcc -> gcc), but without needing Guile/guix-daemon binaries etc. The whole thing starts with just a 357-byte binary seed (source)!

Yeah, it's a binary blob, but it's small enough to be easily auditable. Anyone with some knowledge of x86 assembly can read the annotated version [1] and verify that it does what it claims (which is to convert ASCII hex with comments into binary).

You're right, it also requires a Linux kernel, and of course, you also have to trust the hardware you're running it on. Still, it reduces the amount of stuff we have to take for granted as trusted, which I think is a good thing. (I'm not involved in the project, just an admirer).

[1]: https://github.com/oriansj/bootstrap-seeds/blob/b09a8b8cbcb6...

stage0-posix just gained initial support for RISC-V (64-bit). It starts with 392 byte hex assembler, 361 byte "shell" and bootstraps simple linker (hex2), macro assembler (M0). Then it builds cc_riscv64 RISC-V compiler written in RISC-V assembly and uses it to build simple C compiler written in C (M2-Planet). Then it builds a few extra utilities (cp, mkdir, untar, ungz, sha256sum, chmod)

From a security point of view the only thing that gentoo users need to achieve similar levels of security is a bootstrapped compiler from a known good seed. The source code is already deterministic by definition. After that all you need is a compiler bootstrapped via something like https://github.com/oriansj/bootstrap-seeds which can be independently verified. It would probably be useful to be able to have independent bootstraps arrive at the same binary output for a compiler, but probably only as an option. Ultimately way less work for the same level of security.