live-bootstrap
bootstrap-seeds
Our great sponsors
live-bootstrap | bootstrap-seeds | |
---|---|---|
28 | 6 | |
264 | 72 | |
- | - | |
9.4 | 5.2 | |
9 days ago | 4 months ago | |
Shell | Assembly | |
GNU General Public License v3.0 only | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
live-bootstrap
- Bored? How about trying a Linux speedrun? (2020)
-
SectorC: A C Compiler in 512 bytes
Not using this, but tangentially related is (full disclosure, i am a maintainer of this project) live-bootstrap, which uses about a KB of binary to do a full "Linux from scratch" style thing - read https://github.com/fosslinux/live-bootstrap/blob/master/part... for all 143 steps you have to go through to get there.
-
Saving Knowledge Post-Collapse
Actually you can skip a file system entirely if you do something like stage0 or live-bootstrap https://github.com/fosslinux/live-bootstrap
-
Every night
See https://github.com/fosslinux/live-bootstrap, and https://github.com/fosslinux/live-bootstrap/blob/master/parts.rst has all the steps we take.
- Goodbye to the C++ Implementation of Zig
-
what is the smallest linux system capable of building itself?
live-bootstrap builds a variety of intermediate systems, starting from a <1KB binary seed (kernel excluded). Check parts.rst for a description, it's kinda wild just how many C and C subset compilers get compiled... but the end result is a system with musl and GCC 4.7, from which building the latest GCC is 2 steps away.
-
Ken Thompson: Reflections on Trusting Trust (Turing Award Lecture)
There is also live-bootstrap which uses a similar bootstrap chain to Guix (stage0 -> Mes -> tcc -> gcc), but without needing Guile/guix-daemon binaries etc. The whole thing starts with just a 357-byte binary seed (source)!
- Collapsing Internet
- Zig is now self–hosted by default
-
GHC blog: Migrating from Make to Hadrian (for packagers)
There's some cool stuff being done in this area. For example, live-bootstrap goes from a tiny, auditable binary seed to a full GNU userland using only source code (and a Linux kernel).
bootstrap-seeds
-
NixOS Reproducible Builds: minimal ISO successfully independently rebuilt
This[0] is basically the hand-documentation of those bytes then. Handwritten ELF header and assembly code.
[0] https://github.com/oriansj/bootstrap-seeds/blob/master/POSIX...
-
SectorC: A C Compiler in 512 bytes
The bootstrap seed, https://github.com/oriansj/bootstrap-seeds/blob/master/POSIX..., is a tiny interpreter that takes a much larger program written in a special-purpose, bytecode-based language. This proceeds in turn once or twice more--special purpose program generating another interpreter for another special-purpose language--until you end up with a minimal Scheme interpreter, which then can be used to execute a C compiler program.
All of this is incredible work, but a minimal C-subset compiler in under 512 bytes seems like a unique achievement.
-
Ken Thompson: Reflections on Trusting Trust (Turing Award Lecture)
There is also live-bootstrap which uses a similar bootstrap chain to Guix (stage0 -> Mes -> tcc -> gcc), but without needing Guile/guix-daemon binaries etc. The whole thing starts with just a 357-byte binary seed (source)!
-
Zig is now self–hosted by default
Yeah, it's a binary blob, but it's small enough to be easily auditable. Anyone with some knowledge of x86 assembly can read the annotated version [1] and verify that it does what it claims (which is to convert ASCII hex with comments into binary).
You're right, it also requires a Linux kernel, and of course, you also have to trust the hardware you're running it on. Still, it reduces the amount of stuff we have to take for granted as trusted, which I think is a good thing. (I'm not involved in the project, just an admirer).
[1]: https://github.com/oriansj/bootstrap-seeds/blob/b09a8b8cbcb6...
-
stage0-posix was ported to RISC-V
stage0-posix just gained initial support for RISC-V (64-bit). It starts with 392 byte hex assembler, 361 byte "shell" and bootstraps simple linker (hex2), macro assembler (M0). Then it builds cc_riscv64 RISC-V compiler written in RISC-V assembly and uses it to build simple C compiler written in C (M2-Planet). Then it builds a few extra utilities (cp, mkdir, untar, ungz, sha256sum, chmod)
-
Reproducibility
From a security point of view the only thing that gentoo users need to achieve similar levels of security is a bootstrapped compiler from a known good seed. The source code is already deterministic by definition. After that all you need is a compiler bootstrapped via something like https://github.com/oriansj/bootstrap-seeds which can be independently verified. It would probably be useful to be able to have independent bootstraps arrive at the same binary output for a compiler, but probably only as an option. Ultimately way less work for the same level of security.
What are some alternatives?
nix-ld - Run unpatched dynamic binaries on NixOS
zig-bootstrap - take off every zig
guix - Read-only mirror of GNU Guix — pull requests are ignored, see https://guix.gnu.org/en/manual/en/guix.html#Submitting-Patches instead
bcc - bcc is a b compiler
mescc-tools-seed - A place for public review of the posix port of stage0
stage0-posix-x86
brainfuck-x86-64 - A brainfuck interpreter written in x86-64 assembly
turning-polyglot-solutions-into-t
M2-Planet - The PLAtform NEutral Transpiler
rizin - UNIX-like reverse engineering framework and command-line toolset.
bootOS - bootOS is a monolithic operating system in 512 bytes of x86 machine code.