Send in your ideas. Deadline December 1, 2024
logo
hex
Download
Download
Stay up to date
Mailinglist
Website
More info available :
https://www.gnu.org/software/mes/
Grant
Theme fund: NGI Assure
Period: 2020-04 — 2024-08

Full-source GNU Mes on ARM and RISC-V

Expand full-source bootstrap to other CPU platforms

GNU Mes was created to address the security concerns that arise from bootstrapping an operating system using large binary blobs of several 100s of megabytes, which (incredibly so!) is common practice for the software supply chains in use today. While these days users can reproducibly build software with modern functional package managers like Guix and Nix, the presence of potentially toxic code in these unauditable blobs or the propagation into binaries cannot be excluded. Users have no technical assurance that the executable they use corresponds with the source code - or whether the tool chain which compiled the source code introduce weaknesses or undefined behaviour. By making the toolchain 'bootstrappable' (as per bootstrappable.org), users can verify themselves for every step what happens - in the case of GNU Mes from one tiny (and orders of magnitude more easily verifiable) 357-byte file upwards. The final goal is to help create a "full source" bootstrap for any interested UNIX-like operating system and any type of architectures. In this project the project will add ARM and RISC-V, with other architectures on the roadmap.

Run by joy of source

Logo NLnet: abstract logo of four people seen from above Logo NGI Assure: letterlogo shaped like a tag

This project was funded through the NGI Assure Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 957073.