Re: Updating plans of lang/ghc

[David Holland <dholland-pkgtech%netbsd.org@localhost>]

On Wed, Jan 08, 2014 at 10:51:59PM +0900, PHO wrote:
 > > The chief concern with the provenance of binary bootstrap blobs is
 > > whether the machine they were built on was adequately secured;
 > > anything built on an owned machine might be trojanized somehow, which
 > > is particularly problematic in the case of compilers. (And, well,
 > > there's also the possibility that the person who built them might have
 > > intentionally trojanized them, unlikely as that is.)
 > >
 > > Now that you're here we can hopefully sort this out satisfactorily --
 > > I have no desire to sink a lot of effort into updating ghc step-by-
 > > step if it can be avoided.
 > > [snip]
 > 
 > Well... I'm puzzled. Are you saying I have to prove that machines I
 > used to build my kits were not trojanized by any means? Obviously I
 > can't. No one on the earth can prove such things.

No, only that you've taken reasonable (or equivalently, adequately
paranoid) steps to be careful about securing the machines involved and
not exposed the builds to known hazards.

(Cloud hosting is one known hazard, for example, that's probably best
avoided for any binaries like this.)

 > > There is one problem with the current ghc-bootstrap (other than it
 > > being an old ghc), which is that it is dynamically linked against
 > > libreadline and libgmp. This means that the next time readline and/or
 > > gmp get their major versions bumped, the whole thing crashes out.
 > >
 > > I was intending to correct this before the 2013q4 branch, but wiz cut
 > > the branch without advance warning so I didn't get it done in time.
 > >
 > > Also I ran into problems: it seems that disabling readline and telling
 > > it to build with its included gmp (best available option in 6.8) is
 > > not sufficient to produce an output package that doesn't depend on
 > > pkgsrc readline and gmp. And it's hard to tell if it will be able to
 > > build a new ghc this way anyhow -- I suppose I can create a chroot for
 > > the purpose and artificially bump the readline and gmp major versions.
 > > The conclusion I'd come to was that I should include copies of the
 > > library images in the bootstrap kit and hope that it can be sorted out
 > > with LD_PRELOAD when the time comes.
 > 
 > How about removing *.so from ${BUILDLINK_DIR}/lib to get the linker
 > pick up only static libraries? Even though recent GHC comes with
 > shared Haskell libraries by default, which can't be linked with static
 > C libraries, they can be disabled anyway.

That's an idea; I should try that. It might just fail, of course.

-- 
David A. Holland
dholland%netbsd.org@localhost