6.1 KiB
Bootstrapping Intro \smaller[2]{– Current status}
#+DATE:2020-01-30
#+LATEX_HEADER:∈stitute{GNU Guix Days @FOSDEM'20} #+LATEX_HEADER:\def\ahref#1#2{\htmladdnormallink{#2}{#1}}
Bootstrapping Guix v1.0
Guix v1.0: The First Package
#+LATEX:∈cludegraphics[width=1.0\textwidth]{gnu-make-boot0.png}
Guix Graph
$ guix graph make
$ guix graph make | dot -T png > make.png
$ guix graph -e '(@@ (gnu packages commencement) gnu-make-boot0)'
Guix v1.0: The First GCC
#+LATEX:∈cludegraphics[width=1.3\textwidth]{gcc-boot0-black.png}
Guix bootstrap tarballs
$ guix build bootstrap-tarballs
Guix v1.0 bootstrap binary seed
$ du -schx $(readlink $(guix build bootstrap-tarballs)/*)
2.1M /gnu/store/9623n4bq6iq5c8cwwdq99qb7d0xj93ym-binutils-static-stripped-tarball-2.28.1/binutils-static-stripped-2.28.1-x86_64-linux.tar.xz
18M /gnu/store/437xwygmmwwpkddcyy1qvjcv4hak89pb-gcc-stripped-tarball-5.5.0/gcc-stripped-5.5.0-x86_64-linux.tar.xz
1.8M /gnu/store/55ccx18a0d1x5y6a575jf1yr0ywizvdg-glibc-stripped-tarball-2.26.105-g0890d5379c/glibc-stripped-2.26.105-g0890d5379c-x86_64-linux.tar.xz
5.7M /gnu/store/bqf0ajclbvnbm0a46819f30804y3ilx0-guile-static-stripped-tarball-2.2.3/guile-static-stripped-2.2.3-x86_64-linux.tar.xz
5.8M /gnu/store/j8yzjmh9sy4gbdfwjrhw46zca43aah6x-static-binaries-tarball-0/static-binaries-0-x86_64-linux.tar.xz
33M total
$ for i in $(readlink $(guix build bootstrap-tarballs)/*);\
do sudo tar xf $i; done
$ du -schx *
130M bin
13M include
54M lib
51M libexec
5.2M share
252M total
Reduce binary seeds to bare minimum
These big chunks of binary code are practically non-auditable which breaks the source to binary transparency that we get in the rest of the package dependency graph.
Every unauditable binary leaves us vulnerable to compiler backdoors as described by Ken Thompson in the 1984 paper Reflections on Trusting Trust.
Thus, our goal is to reduce the set of bootstrap binaries to the bare minimum. – Ludovic Courtès (GNU Guix documentation, December 2017)
Guix Reduced Binary Seed
$ du -schx $(readlink $(guix build bootstrap-tarballs)/*)
5.7M /gnu/store/9f8gi8raqfx9j3l9d00qrrc0jg3r1kyj-guile-static-stripped-tarball-2.2.6/guile-static-stripped-2.2.6-x86_64-linux.tar.xz
80K /gnu/store/b6rjl52hibhmvyw4dg8678pwryhla0h2-linux-libre-headers-stripped-tarball-4.19.56/linux-libre-headers-stripped-4.19.56-x86_64-linux.tar.xz
12K /gnu/store/d7zlxsjcnqilmvqwx7scija9x9bjw8cw-mescc-tools-static-stripped-tarball-0.5.2-0.bb062b0/mescc-tools-static-stripped-0.5.2-0.bb062b0-x86_64-linux.tar.xz
428K /gnu/store/n7zc4kpi8ny6jlfaikkzxlwhc5fvr1vr-mes-minimal-stripped-tarball-0.19/mes-minimal-stripped-0.19-x86_64-linux.tar.xz
6.0M /gnu/store/nv4djwlrljfqmynqr2cqvfwz0ydx7kxb-static-binaries-tarball-0/static-binaries-0-x86_64-linux.tar.xz
13M total
$ for i in $(readlink $(guix build bootstrap-tarballs)/*);\
do sudo tar xf $i; done
Password:
$ du -schx *
93M bin
700K include
38M lib
14M share
145M total
Guix Scheme-only bootstrap
$ du -schx $(readlink $(~/src/guix/wip-bootstrap/pre-inst-env guix build bootstrap-tarballs)/*)
5.7M /gnu/store/1mq2pcd2h7g54xpi2jrgj6ibbi4lgi3c-guile-static-stripped-tarball-2.2.6/guile-static-stripped-2.2.6-x86_64-linux.tar.xz
80K /gnu/store/bl1r2bpk6fam8r2gjvr5mvr48i3dm2hn-linux-libre-headers-stripped-tarball-4.19.56/linux-libre-headers-stripped-4.19.56-x86_64-linux.tar.xz
12K /gnu/store/w0dlz486dhb8aiq8pxm5akllz628fqin-mescc-tools-static-stripped-tarball-0.5.2-0.bb062b0/mescc-tools-static-stripped-0.5.2-0.bb062b0-x86_64-linux.tar.xz
428K /gnu/store/15j6l18q44ymlrh1cfp4s4hc9835xic5-mes-minimal-stripped-tarball-0.19/mes-minimal-stripped-0.19-x86_64-linux.tar.xz
6.2M total
$ for i in $(readlink $(~/src/guix/wip-bootstrap/pre-inst-env guix build bootstrap-tarballs)/*);\
do sudo tar xf $i; done
$ du -schx *
4.9M bin
700K include
38M lib
14M share
57M total
Scheme-only bootstrap: Gash Core Utils
awk cp gash mv sleep uname
basename cut grep pwd sort uniq
bash diff gzip reboot tar wc
cat dirname head rm test which
chmod expr ln rmdir touch
cmp false ls sed tr
compress find mkdir sh true
Aim for the Stars: Full Source Bootstrap
Full Source Bootstrap
#+LATEX:∈cludegraphics[width=0.6\textwidth]{fsb-logo-guile-guix-mes.png}
Full Source Bootstrap: Stage 0
#+LATEX:\rightskip=2cm∈cludegraphics[width=0.8\textwidth]{stage-0.png}
Full Source Bootstrap: Stage 1
#+LATEX:\rightskip=2cm∈cludegraphics[width=0.85\textwidth]{stage-1.png}
Full Source Bootstrap: Stage 2
#+LATEX:\rightskip=2cm∈cludegraphics[width=0.75\textwidth]{stage-2.png}
Full Source Bootstrap: Stage mes
#+LATEX:\rightskip=2cm∈cludegraphics[width=0.75\textwidth]{stage-mes.png}
Full Source Bootstrap: Stage mesboot
#+LATEX:\rightskip=2cm∈cludegraphics[width=1.0\textwidth]{stage-mesboot.png}
legalese
Copyright © 2019, 2020 Jan (janneke) Nieuwenhuizen <janneke@gnu.org>
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover Texts, and with no Back-Cover Texts.