Announcement

Collapse
No announcement yet.

Mes Becomes An Official GNU Project, Mes 0.17 Released To Bootstrap GNU/Linux Distros

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Mes Becomes An Official GNU Project, Mes 0.17 Released To Bootstrap GNU/Linux Distros

    Phoronix: Mes Becomes An Official GNU Project, Mes 0.17 Released To Bootstrap GNU/Linux Distros

    Mes is the newest project under the GNU umbrella and this package is intended to help bootstrap GNU/Linux distributions like GuixSD...

    http://www.phoronix.com/scan.php?pag...-0.17-Released

  • #2
    In other words, it's going to go absolutely nowhere, like ever other non-core GNU project. Non gcc, binutils, etc, in other words.
    Last edited by mulenmar; 08-27-2018, 11:08 AM. Reason: Mobile-induced typo

    Comment


    • #3
      Originally posted by mulenmar View Post
      In other words, it's going to go absolutely nowhere, like ever other non-core GNU project. Non bcc, binutils, etc, in other words.
      Yeah, sound like an unnecessarily complicated mess. Why this non-standard Scheme and TinyCC setup, when #t2sde (ROCK Linux successor) can already bootstrap and cross compile an entire Linux distribution, in clean, readable Shell script, using the standard GCC canadian cross configuration without any tinycc and scheme in between. Heck since over a decade we even support cross compiled C++ ;-) https://t2sde.org/ recently even test cross compiled HP-PA/RISC: https://www.youtube.com/watch?v=2Ge-0RFnvlU

      Comment


      • #4

        Comment


        • #5
          Originally posted by rene View Post
          Yeah, sound like an unnecessarily complicated mess
          The logic is different. Let's say that there's a new machine that pop-up (a new hardware constructor making a RISC-V platform). Somebody has to write and then compile the first Linux (or any other OS that uses GNU userland) system on it.

          The GCC Canadian Cross approach :
          - you take you trusty old laptop with Linux on it, and you compile the basics tools on it by asking your laptop's compiler to target RISC-V architecture.

          The MES approach :
          - whatever the exotic machine there, scheme is about one of the easiest interpreter to implement any where. As long as it not in kiosk mode, lots of hacker could "just write" a scheme interpreter. The scheme interpreter could be used to make a (very simply) C compiler, not a very good one, but enough to compile a good C/C++ compiler written in ANSI C, and THAT new good compiler would probably support a sizeable chunk of C and C++ modern standards. Thus it can build the GNU basic tools.

          The MES approach is problematic because it require multiple stages.

          But it has few advantages :
          - it requires NO independent external laptop for the first stage. Everything including the first scheme interpreter is self hosted on the new machine.
          - by starting simple (easily reviewable) it is virtually immune to the Ken Thompson compiler attack. You have a clear chain of trust between the first scheme interpreter you wrote, and then all the successive step where you feed known good opensource to already trusted previous steps.

          The later part is interesting, it's an entirely different approach against compiler attack, compared to the classical "multiple parallel reproducible builds" solution to the attack.

          Comment


          • #6
            So the weak link here is the "self hosting scheme interpreter". How does this get ported to a new platform? I am assuming it needs to be cross compiled?
            Can't we just skip this part and provide the patched TinyCC directly via cross compilation?

            Comment


            • #7
              Building a reproducible gcc is not as easy as one might think: https://lists.reproducible-builds.or...ne/001068.html

              Also, being able to build a C-compiler in 20 seconds rather than 2 hours is a clear advantage.

              Overall, this effort is less about cross-compiling and more about being able to trust the binaries we use by building everything from source with a minimal set of bootstrap binaries.

              Another way to detect and avoid the Ken Thompson compiler attack is implemented in https://github.com/bmwiedemann/ddcpoc

              Comment


              • #8
                Getting a reproducible gcc is not as easy as one might think https://lists.reproducible-builds.or...ne/001068.html
                and tcc compiles in 20 seconds while gcc can take hours. A clear advantage.

                Overall, Mes is less about cross-compiling and more about establishing trust in the binaries we use by bootstrapping everything from source with a minimum set of bootstrap binaries.

                https://github.com/bmwiedemann/ddcpoc is another approach to detect and avoid a Ken Thompson compiler attack.

                Comment


                • #9
                  Originally posted by kpedersen View Post
                  So the weak link here is the "self hosting scheme interpreter".
                  Under 5k loc in x86 assembly: https://github.com/sqrt57/x86-scheme

                  (((Ugly) syntax) aside), bootstrapping with a LISP is advantageous due to the ease of coding s-expression parsers and the small size of the languages. There's also the GuixSD lisp-machine dream/agenda of replacing all the bash, sed, make, python, perl, awk and systemd craft with Guile to ease the learning curve of administrating and system programming modern systems that plays into this...

                  Comment


                  • #10
                    I wonder why has nobody mentioned Meson yet...

                    Originally posted by phoronix View Post
                    Mes consists of a self-hosting Scheme interpreter and a Nyacc-based C compiler written in Scheme. From this Scheme interpreter to build its C compiler, it can then build a (slightly patched) TinyCC compiler and in turn that resulting TinyCC compiler can go on to building GCC 4.7, Glibc 2.2.5, and Binutils 2.20 for getting a toolchain in place...
                    ...that can be used to build CPython, which can run Meson to build Mesa
                    Last edited by tildearrow; 08-27-2018, 11:00 PM. Reason: clarify

                    Comment

                    Working...
                    X