outline
play

Outline Introduction 1 Reproducibility 2 Bootstrappability 3 - PowerPoint PPT Presentation

Aug 17, 2023 •610 likes •1.06k views

GNU Mes Scheme-only bootstrap janneke@gnu.org FOSDEM20 2020-02-02 janneke@gnu.org (FOSDEM20) GNU Mes Scheme-only bootstrap 2020-02-02 1 / 62 Outline Introduction 1 Reproducibility 2 Bootstrappability 3 Thanks 4

  1. GNU Mes – Scheme-only bootstrap janneke@gnu.org FOSDEM’20 2020-02-02 janneke@gnu.org (FOSDEM’20) GNU Mes – Scheme-only bootstrap 2020-02-02 1 / 62

  2. Outline Introduction 1 Reproducibility 2 Bootstrappability 3 Thanks 4 janneke@gnu.org (FOSDEM’20) GNU Mes – Scheme-only bootstrap 2020-02-02 2 / 62

  3. Scheme-only bootstrap: Why? Why bootstrapping is important to you. or Why bootstrapping is something you wish to ignore. janneke@gnu.org (FOSDEM’20) GNU Mes – Scheme-only bootstrap 2020-02-02 3 / 62

  4. Scheme-only bootstrap: GNU Mes GNU Mes A Scheme interpreter written in ~5,000LOC of simple C. A C compiler written in Scheme. Built on LISP: eval/apply, the Maxwell Equations of Software. janneke@gnu.org (FOSDEM’20) GNU Mes – Scheme-only bootstrap 2020-02-02 4 / 62

  5. Auditable Elegance (define (apply fn x a) (cond ((atom fn) (cond ((eq fn CAR) (caar x)) ((eq fn CDR) (cdar x)) ((eq fn CONS) (cons (car x) (cadr x))) ((eq fn ATOM) (atom (car x))) ((eq fn EQ) (eq (car x) (cadr x))) (#t (apply (eval fn a) x a)))) ((eq (car fn) LAMBDA) (eval (caddr fn) (pairlis (cadr fn) x a))) ((eq (car fn) LABEL) (apply (caddr fn) x (cons (cons (cadr fn) (caddr fn)) a))))) (define (eval e a) (cond ((atom e) (cdr (assoc e a))) ((atom (car e)) (cond ((eq (car e) QUOTE) (cadr e)) ((eq (car e) COND) (evcon (cdr e) a)) (#t (apply (car e) (evlis (cdr e) a) a)))) (#t (apply (car e) (evlis (cdr e) a) a)))) eval and apply are mutual recursing functions that—using a few helper functions—describe the universe of computing. janneke@gnu.org (FOSDEM’20) GNU Mes – Scheme-only bootstrap 2020-02-02 5 / 62

  6. Long path: Best Practice 500+ MB: no bootstrap janneke@gnu.org (FOSDEM’20) GNU Mes – Scheme-only bootstrap 2020-02-02 6 / 62

  7. Guix pronounced geeks

  8. Reduce binary seeds to bare minimum These big chunks of binary code are practically non-auditable which breaks the source to binary transparency that we get in the rest of the package dependency graph. Every unauditable binary leaves us vulnerable to compiler back- doors as described by Ken Thompson in the 1984 paper Reflections on Trusting Trust. Thus, our goal is to reduce the set of bootstrap binaries to the bare minimum. – Ludovic Courtès (GNU Guix documentation, December 2017) janneke@gnu.org (FOSDEM’20) GNU Mes – Scheme-only bootstrap 2020-02-02 9 / 62

  9. A big problem, predicted 40y ago

  10. Long path: Ignoring the Problem 500+ MB: no bootstrap janneke@gnu.org (FOSDEM’20) GNU Mes – Scheme-only bootstrap 2020-02-02 12 / 62

  11. Long path: GNU Guix System v1.0 500+ MB: no bootstrap 252 MB: GNU Guix System v1.0 janneke@gnu.org (FOSDEM’20) GNU Mes – Scheme-only bootstrap 2020-02-02 13 / 62

  12. Carl Dong – bitcoin build system security

  13. Reproducible-Builds.org

  14. What is a Bootstrap? Impossible task: pull yourself up on your boot straps Software: to create your first: kernel, shell, C compiler, . . . source + ?? = binary janneke@gnu.org (FOSDEM’20) GNU Mes – Scheme-only bootstrap 2020-02-02 18 / 62

  15. How to Bootstrap: An Old Recipe. . . Recipe for yoghurt: Add yoghurt to milk – Anonymous janneke@gnu.org (FOSDEM’20) GNU Mes – Scheme-only bootstrap 2020-02-02 19 / 62

  16. How to Bootstrap: Create your second GCC Traditional recipe: like yoghurt source + binary - 1 = binary . . . and done! janneke@gnu.org (FOSDEM’20) GNU Mes – Scheme-only bootstrap 2020-02-02 20 / 62

  17. Pour milk

  18. Add yoghurt

  19. We’re reproducible

  20. Add evil yoghurt

  21. We’re reproducible

  22. Evil yoghurt

  23. We’re reproducibly malicous

  24. Reproducibility is not enough

  25. Reproducibility plus clean source code is not enough

  26. Guix pronounced geeks

  27. Long path: Reduced Binary Seed bootstrap 500+ MB: no bootstrap 252 MB: GNU Guix System v1.0 145 MB: Reduced Binary Seed master branch GCC, GLIBC, Binutils + MesCC-Tools, + Mes janneke@gnu.org (FOSDEM’20) GNU Mes – Scheme-only bootstrap 2020-02-02 41 / 62

  28. GCC mesboot0

  29. NLnet Foundation janneke@gnu.org (FOSDEM’20) GNU Mes – Scheme-only bootstrap 2020-02-02 44 / 62

  30. Long path: Scheme-only bootstrap 500+ MB: no bootstrap 252 MB: GNU Guix System v1.0 145 MB: Reduced Binary Seed master branch GCC, GLIBC, Binutils + MesCC-Tools, + Mes 57 MB: Scheme-only wip-bootstrap branch Awk, Bash, Bzip2, GNU Core Utilities, Grep, Gzip, Make, Patch, Sed, Tar, and XZ. + Gash (source only!) janneke@gnu.org (FOSDEM’20) GNU Mes – Scheme-only bootstrap 2020-02-02 45 / 62

  31. Scheme-only bootstrap: Gash Core Utils awk cp gash mv sleep uname basename cut grep pwd sort uniq bash diff gzip reboot tar wc cat dirname head rm test which chmod expr ln rmdir touch cmp false ls sed tr compress find mkdir sh true janneke@gnu.org (FOSDEM’20) GNU Mes – Scheme-only bootstrap 2020-02-02 46 / 62

  32. GCC core-mesboot0-scheme-only

  33. GCC mesboot0-scheme-only

  34. Cross distro reproducibility The sha256sum for bin/mes-mescc on x86 shall be 722790ed261954eb53cf2cd2906c89c7589ef72b66171bbe2a9dce0f0af20232 v0.22 9e0bcb1633c58e7bc415f6ea27cee7951d6b0658e13cdc147e992b31a14625fb v0.21 only differing in the version number string. For v0.21 this has been verified on Guix System, Debian GNU/Linux and NixOS. janneke@gnu.org (FOSDEM’20) GNU Mes – Scheme-only bootstrap 2020-02-02 51 / 62

  35. The holy grail The holy grail of bootstrappability will be connecting mes to hex0. – Carl Dong, Chaincode Labs janneke@gnu.org (FOSDEM’20) GNU Mes – Scheme-only bootstrap 2020-02-02 52 / 62

  36. Full Source Bootstrap janneke@gnu.org (FOSDEM’20) GNU Mes – Scheme-only bootstrap 2020-02-02 53 / 62

  37. Long path: Full Source Bootstrap 500+ MB: no bootstrap 252 MB: GNU Guix System v1.0 145 MB: Reduced Binary Seed master branch GCC, GLIBC, Binutils + MesCC-Tools, + Mes 57 MB: Scheme-only wip-bootstrap branch Awk, Bash, Bzip2, GNU Core Utilities, Grep, Gzip, Make, Patch, Sed, Tar, and XZ. + Gash (source only!) 357 bytes: Full Source MesCC-Tools, Mes + Stage0: 357 bytes (x86) janneke@gnu.org (FOSDEM’20) GNU Mes – Scheme-only bootstrap 2020-02-02 54 / 62

  38. Trusted Computing Base

  39. Trusted Computing Base Source code Binary seeds Guix System Linux janneke@gnu.org (FOSDEM’20) GNU Mes – Scheme-only bootstrap 2020-02-02 57 / 62

  40. Raising the bar on auditibility I want code easy to reason about at the heart of this bootstrap, so that everyone will be able to sit down in the morning and be done by lunch time; understanding how every piece of it works. – Jeremiah Orians janneke@gnu.org (FOSDEM’20) GNU Mes – Scheme-only bootstrap 2020-02-02 58 / 62

  41. Won’t your life be boring? MesCC should optimize for the ease of convincing us of its correct- ness. – Mark H Weaver janneke@gnu.org (FOSDEM’20) GNU Mes – Scheme-only bootstrap 2020-02-02 59 / 62

  42. Joy of Source Vulnerability to a trusting trust attack is a symptom of an unauditable or missing bootstrap story. – janneke janneke@gnu.org (FOSDEM’20) GNU Mes – Scheme-only bootstrap 2020-02-02 60 / 62

  43. Thanks Carl Dong Danny Milosavljevic David Terry Jeremiah Orians Ludovic Courtès Matt Wette Pjotr Prins Rutger van Beusekom Timothy Sample Vagrant Cascadian janneke@gnu.org (FOSDEM’20) GNU Mes – Scheme-only bootstrap 2020-02-02 61 / 62

  44. Want to join? You can help make Guix run on Mes write a bootstrappable syntax-case simplify MesCC and target GCC-4.6 bootstrap NixOS, Debian port MesCC to the Hurd, FreeBSD spread the message retweet @janneke_gnu janneke@octodon.social Connect irc freenode.net #bootstrappable #guix mail bug-mes@gnu.org guix-devel@gnu.org git https://git.savannah.gnu.org/git/mes.git web bootstrappable.org janneke@gnu.org (FOSDEM’20) GNU Mes – Scheme-only bootstrap 2020-02-02 62 / 62

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Ins Domingues Breast Cancer Workshop April 7th 2015 Outline Outline Outline Outline

Ins Domingues Breast Cancer Workshop April 7th 2015 Outline Outline Outline Outline

An automatic mammogram system: from screening to diagnosis Ins Domingues Breast Cancer Workshop April 7th 2015 Outline Outline Outline Outline Outline Outline Outline Outline Outline Outline Outline Outline Pectoral muscle

589 views • 45 slides
Presentation Preparation Outline Speech Outline Template ***Use this outline to guide you in

Presentation Preparation Outline Speech Outline Template ***Use this outline to guide you in

Presentation Preparation Outline Speech Outline Template ***Use this outline to guide you in preparing for your presentation; this outline is required. Title: I. Introduction (The speech actually starts here.) A. Attention Getter:

479 views • 3 slides
PT1 TMP Presentation Outline 1 Group Members: ___________________________________ Use this outline

PT1 TMP Presentation Outline 1 Group Members: ___________________________________ Use this outline

PT1 TMP Presentation Outline 1 Group Members: ___________________________________ Use this outline to organize your argument to create a logical flow of information and plan your presentation layout. This outline is worth a group grade (one copy

506 views • 3 slides
1 Web Application Development 2 3 Web Application Development CSS Outline An outline is a

1 Web Application Development 2 3 Web Application Development CSS Outline An outline is a

1 Web Application Development 2 3 Web Application Development CSS Outline An outline is a line that is drawn around elements, OUTSIDE the borders, to make the element "stand out". CSS has the following outline properties:

1.76k views • 117 slides
Outline Outline Background of the Network Vision Vision Aims Activities

Outline Outline Background of the Network Vision Vision Aims Activities

Asia Pacific Adaptation Network (APAN)- A k A key regional Initiative i l I iti ti Puja Sawhney Coordinator, APAN , Institute for Global Environmental Strategies Thimpu, Bhutan p 16 th November, 2011 Outline Outline Background of the

441 views • 9 slides
When (Low ) Pow er Really Matters When (Low ) Pow er Really Matters When (Low ) Pow er Really

When (Low ) Pow er Really Matters When (Low ) Pow er Really Matters When (Low ) Pow er Really

When (Low ) Pow er Really Matters When (Low ) Pow er Really Matters When (Low ) Pow er Really Matters When (Low ) Pow er Really Matters Yogesh K. Ramadass, AnanthaGroup Microsystems Technology Laboratory Outline Outline Outline Outline

507 views • 36 slides
Presentation Outline Worksheet You can use part or all of this outline to help you. This is YOUR

Presentation Outline Worksheet You can use part or all of this outline to help you. This is YOUR

Presentation Outline Worksheet You can use part or all of this outline to help you. This is YOUR personal presentation so you can create it however you want. These are just suggestions to help you get started. The purpose is to educate your

618 views • 3 slides
Outline 2 Outline 2 ZSim core simulation techniques Outline 2 ZSim core simulation

Outline 2 Outline 2 ZSim core simulation techniques Outline 2 ZSim core simulation

ZSim Tutorial MICRO 2015 S TATS AND C ONFIGURATION Core Models Po-An Tsai Outline 2 Outline 2 ZSim core simulation techniques Outline 2 ZSim core simulation techniques ZSim core structure I1D I1I Simple IPC 1 core

1.96k views • 120 slides
Outline Outline Motivation Motivation 1 1. Email Speech Acts 2. Modeling textual intention

Outline Outline Motivation Motivation 1 1. Email Speech Acts 2. Modeling textual intention

Modeling Intention in Email : Speech Acts, Information Leaks and User Ranking Methods p g Vitor R. Carvalho Carnegie Mellon University William Cohen Ramnath a at Tom Tom Jon Jon Balasubramanyan Mitchell Elsas Outline Outline

1.09k views • 65 slides
Session Outline Course themes imperative problem solving (think: outline form) C

Session Outline Course themes imperative problem solving (think: outline form) C

Session Outline Course themes imperative problem solving (think: outline form) C programming (close to the machine) storage and processing of data Linux operating system control of robots Demo Course Web site

780 views • 9 slides
Outline : Outline : Our method to perform periodicity search Candidates of the next Geminga The

Outline : Outline : Our method to perform periodicity search Candidates of the next Geminga The

Periodicity Sear Periodicity Search of ch of the the Geming Geminga-lik -like Pulsar e Pulsars Lupin Chun-Che Lin () Institute of Astronomy, National Central University, Taiwan Outline : Outline : Our method to perform periodicity

654 views • 19 slides
Outline for St Outline for St Outline for

Outline for St Outline for St Outline for

Outline for St Outline for St Outline for St Outline for St Francis Participation Francis Participation Francis Participation Francis Participation St Francis Overview Current Work on

120 views • 10 slides
RDF Beyond RDF Beyond Outline Outline RDFa RDFa Microformat Schema.org S h RDFa

RDF Beyond RDF Beyond Outline Outline RDFa RDFa Microformat Schema.org S h RDFa

RDF Beyond RDF Beyond Outline Outline RDFa RDFa Microformat Schema.org S h RDFa RDFa RDFa RDFa RDFa: A collection of attributes and processing p g rules for extending XHTML to support RDF. HTML contains structured data,

768 views • 37 slides
Appendix J: Capstone Presentation Outline Revised Spring 2016 CAPSTONE PRESENTATION OUTLINE This

Appendix J: Capstone Presentation Outline Revised Spring 2016 CAPSTONE PRESENTATION OUTLINE This

Appendix J: Capstone Presentation Outline Revised Spring 2016 CAPSTONE PRESENTATION OUTLINE This is a suggested outline only. Students should work closely with their Faculty Advisors to adapt this format the presentation to the needs of the

418 views • 4 slides
1 Course Outline Course Outline Course Outline Course Outline 3D Graphics Pipeline 3D

1 Course Outline Course Outline Course Outline Course Outline 3D Graphics Pipeline 3D

Goals Goals Foundations of Computer Graphics Foundations of Computer Graphics Systems: Write complex 3D graphics programs (Spring 2010) (Spring 2010) (real-time in OpenGL, offline raytracer, animation) CS 184, Lecture 1: Overview and

176 views • 5 slides
Outline Outline 1. About Cambodia 1. About Cambodia 2. Overview of disaster Hazards &

Outline Outline 1. About Cambodia 1. About Cambodia 2. Overview of disaster Hazards &

Sophak PHOEUN, National DRR Forum Coordinat or & Executive Assistant to Vice President of NCDM , National Committee for Disaster Management. Outline Outline 1. About Cambodia 1. About Cambodia 2. Overview of disaster Hazards &

346 views • 15 slides
Computational Linguistics: Language and Vision I Raffaella Bernardi Contents First Last Prev

Computational Linguistics: Language and Vision I Raffaella Bernardi Contents First Last Prev

Computational Linguistics: Language and Vision I Raffaella Bernardi Contents First Last Prev Next Contents 1 Credits. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 2 What is

1.34k views • 89 slides
TopoAct: Visually Exploring the Shape of Activations in Deep Learning Topological Data Analysis +

TopoAct: Visually Exploring the Shape of Activations in Deep Learning Topological Data Analysis +

TopoAct: Visually Exploring the Shape of Activations in Deep Learning Topological Data Analysis + Machine Learning Archit Rathore, Nithin Chalapathi, Sourabh Palande Bei Wang University of Utah www.sci.utah.edu/~beiwang

391 views • 36 slides
Briefly: Pandoras box? Rutherfords discovery First: e & plum pudding model

Briefly: Pandoras box? Rutherfords discovery First: e & plum pudding model

D ISCOVERING THE N UCLEUS OF THE I NDIVISIBLE BLUEPRINT FOR THE LEGACY OF FUNDAMENTAL PHYSICS Tristan Hbsch Howard University, W ashington DC University of Central Florida, Orlando FL & Faculty of Natural Sciences, Novi Sad

544 views • 25 slides
Plotting a Bearing onto your map Why we plot bearings Where am I? Location by

Plotting a Bearing onto your map Why we plot bearings Where am I? Location by

Plotting a Bearing onto your map Why we plot bearings Where am I? Location by resectioning Where is the ____ I can see in the distance? Location by intersection Using straight line course legs Location by Resectioning

534 views • 32 slides
CS 335 Software Development Introduction/Review of Object-Oriented Concepts Feb 5, 2014

CS 335 Software Development Introduction/Review of Object-Oriented Concepts Feb 5, 2014

CS 335 Software Development Introduction/Review of Object-Oriented Concepts Feb 5, 2014 Objects return Jan 12, 2009; + dateProduced(): long + color(): Color return WHITE; + calories(): int return 300; Objects dont need classes

209 views • 17 slides
Distributed Teams Week 13 INFM 603 Agenda Distributed teams Project presentation prep

Distributed Teams Week 13 INFM 603 Agenda Distributed teams Project presentation prep

Distributed Teams Week 13 INFM 603 Agenda Distributed teams Project presentation prep Final exam prep Strategic Choices Acquisition Proprietary (COTS) Open source Implementation Integrate

585 views • 23 slides
Natural Language Processing: The Class and Preliminaries CSE354 - Spring 2020 Instructor: Andrew

Natural Language Processing: The Class and Preliminaries CSE354 - Spring 2020 Instructor: Andrew

Natural Language Processing: The Class and Preliminaries CSE354 - Spring 2020 Instructor: Andrew Schwartz 1. General goal for NLP and appreciation for complexity. 2. Course Topics 3. Preliminary methods Natural language is complicated!

1.32k views • 70 slides
diocese of BOISE O FFICE OF C ATECHESIS The Office of Catechesis supports the mission of the

diocese of BOISE O FFICE OF C ATECHESIS The Office of Catechesis supports the mission of the

diocese of BOISE O FFICE OF C ATECHESIS The Office of Catechesis supports the mission of the Diocese of Boise by assisting the Bishop in carrying out his role as the chief catechist of the diocese. Catechist Certification Introduction to

888 views • 47 slides

More recommend