> Assuming you can trust your hardware. At this point hardware supply chain attacks are a real threat and nobody seems to know what to do about them. The problem seems somewhat intractable.<p>Which is a big assumption. Going to such extreme measures to bootstrap from scratch could be worth it if it provided an ironclad guarantee you couldn't get any other way. But if, after all that, you're still relying on a giant mass of proprietary code that just happens to be written in Verilog instead of C… then what's the point?<p>That said, for a recent attempt to at least make progress on trustable hardware, see Precursor:<p><a href="https://www.crowdsupply.com/sutajio-kosagi/precursor" rel="nofollow">https://www.crowdsupply.com/sutajio-kosagi/precursor</a>
I assume step 7 could be accomlished by tccboot, a c compiler capable of booting linux straight from source code. Expand it with the possibiliy to show the hash of the source code in ROM. No POSIX system needed. You'll need to translate the 140k C source to assembler, time consuming but not impossible.<p><a href="https://bellard.org/tcc/tccboot.html" rel="nofollow">https://bellard.org/tcc/tccboot.html</a>