Guix—like other GNU/Linux distributions—is traditionally bootstrapped from a set of bootstrap binaries: Bourne shell, command-line tools provided by GNU Coreutils, Awk, Findutils, ‘sed’, and ‘grep’ and Guile, GCC, Binutils, and the GNU C Library (voir Bootstrapping). Usually, these bootstrap binaries are “taken for granted.”
Taking these binaries for granted means that we consider them to be a correct and trustworthy ‘seed’ for building the complete system. Therein lies a problem: the current combined size of these bootstrap binaries is about 250MB (voir Bootstrappable Builds dans GNU Mes). Auditing or even inspecting these is next to impossible.
x86_64-linux, Guix now features a “Reduced
Binary Seed” bootstrap 32.
The Reduced Binary Seed bootstrap removes the most critical tools—from a
trust perspective—from the bootstrap binaries: GCC, Binutils and the GNU C
Library are replaced by:
bootstrap-mescc-tools (a tiny assembler and
bootstrap-mes (a small Scheme Interpreter and a C
compiler written in Scheme and the Mes C Library, built for TinyCC and for
GCC). Using these new binary seeds and a new set of
packages33 the “missing” Binutils, GCC, and the GNU C Library
are built from source. From here on the more traditional bootstrap process
resumes. This approach has reduced the bootstrap binaries in size to about
130MB. Work is ongoing to reduce this further. If you are interested, join
#bootstrappable on the Freenode IRC network.
Below is the generated dependency graph for
bootstrap compiler used to build the rest of GuixSD.
We would like to say: “Full Source Bootstrap” and while we are working towards that goal it would be hyperbole to use that term for what we do now.
nyacc-boot, mes-boot, tcc-boot0, tcc-boot, make-mesboot0, diffutils-mesboot, binutils-mesboot0, gcc-core-mesboot, mesboot-headers, glibc-mesboot0, gcc-mesboot0, binutils-mesboot, make-mesboot, gcc-mesboot1, gcc-mesboot1-wrapper, glibc-headers-mesboot, glibc-mesboot, gcc-mesboot, and gcc-mesboot-wrapper.