On Wed, May 04, 2016 at 08:28:41PM -0400, Ian Sutton wrote:
> This gives me an idea for how to solve the lack of a first-stage
> bootloader (like biosboot(8)) on armv7. Currently U-Boot loads the
> kernel image directly into memory and jmp's to its entry point without
> an intermediary stage to rea
This gives me an idea for how to solve the lack of a first-stage
bootloader (like biosboot(8)) on armv7. Currently U-Boot loads the
kernel image directly into memory and jmp's to its entry point without
an intermediary stage to read /etc/random.seed from disk and provide it
to the kernel to kicksta
26 Apr. 2016 19:58 "Theo de Raadt" wrote:
>
> Here is a new version that does a more comprehensive test of the new
> libc.so before installing it, and uses install -S
>
> Index: etc/rc
> ===
> RCS file: /cvs/src/etc/rc,v
> retrieving
Here is a new version that does a more comprehensive test of the new
libc.so before installing it, and uses install -S
Index: etc/rc
===
RCS file: /cvs/src/etc/rc,v
retrieving revision 1.474
diff -u -p -u -r1.474 rc
--- etc/rc 29
On Mon, Apr 25, 2016 at 03:23:47PM +, Robert Peichaer wrote:
> On Mon, Apr 25, 2016 at 10:57:37AM -0400, Ted Unangst wrote:
> > Theo de Raadt wrote:
> > > + cp -p /usr/lib/$_lib /usr/lib/$_tmplib
> > > + install -o root -g bin -m 0444 $_lib /usr/lib/$_lib &&
> >
>> Wait! Does that mean there is a moment where there is not a valid
>> libc.so installed? That would be wrong wouldn't it?
>>
>> Doesn't the install command guarantee atomicity?
>
> Well, this is the same procedure we use during every make build,
> and it works.
It had been fixed to use insta
On Mon, 25 Apr 2016 10:18:56 -0600, "Todd C. Miller" wrote:
> On Mon, 25 Apr 2016 18:04:58 +0200, Mark Kettenis wrote:
>
> > Wait! Does that mean there is a moment where there is not a valid
> > libc.so installed? That would be wrong wouldn't it?
> >
> > Doesn't the install command guarantee a
> On Mon, Apr 25, 2016 at 8:23 AM, Robert Peichaer wrote:
> > If the install fails, the original library file is restored.
> >
> > The "install .. && rm .. || mv ..." is identical to if-then-else and could
> > be written like this too.
> >
> > if install -o root -g bin -m 0444 $_lib /usr/l
Robert Peichaer wrote:
> On Mon, Apr 25, 2016 at 10:57:37AM -0400, Ted Unangst wrote:
> > Theo de Raadt wrote:
> > > + cp -p /usr/lib/$_lib /usr/lib/$_tmplib
> > > + install -o root -g bin -m 0444 $_lib /usr/lib/$_lib &&
> > > + rm -f /usr/lib
On Mon, Apr 25, 2016 at 8:23 AM, Robert Peichaer wrote:
> If the install fails, the original library file is restored.
>
> The "install .. && rm .. || mv ..." is identical to if-then-else and could
> be written like this too.
>
> if install -o root -g bin -m 0444 $_lib /usr/lib/$_lib; then
> Wait! Does that mean there is a moment where there is not a valid
> libc.so installed? That would be wrong wouldn't it?
>
> Doesn't the install command guarantee atomicity?
Well, this is the same procedure we use during every make build,
and it works.
On Mon, 25 Apr 2016 18:04:58 +0200, Mark Kettenis wrote:
> Wait! Does that mean there is a moment where there is not a valid
> libc.so installed? That would be wrong wouldn't it?
>
> Doesn't the install command guarantee atomicity?
Seems like it would be safer to just install as /usr/lib/$_tmp
> Date: Mon, 25 Apr 2016 15:23:47 +
> From: Robert Peichaer
>
> On Mon, Apr 25, 2016 at 10:57:37AM -0400, Ted Unangst wrote:
> > Theo de Raadt wrote:
> > > + cp -p /usr/lib/$_lib /usr/lib/$_tmplib
> > > + install -o root -g bin -m 0444 $_lib /usr/lib/$_lib &&
>
On Mon, Apr 25, 2016 at 10:57:37AM -0400, Ted Unangst wrote:
> Theo de Raadt wrote:
> > + cp -p /usr/lib/$_lib /usr/lib/$_tmplib
> > + install -o root -g bin -m 0444 $_lib /usr/lib/$_lib &&
> > + rm -f /usr/lib/$_tmplib ||
> > +
Theo de Raadt wrote:
> + cp -p /usr/lib/$_lib /usr/lib/$_tmplib
> + install -o root -g bin -m 0444 $_lib /usr/lib/$_lib &&
> + rm -f /usr/lib/$_tmplib ||
> + mv /usr/lib/$_tmplib /usr/lib/$_lib
I'm a li
This change randomizes the order of symbols in libc.so at boot time.
This is done by saving all the independent .so sub-files into an ar
archive, and then relinking them into a new libc.so in random order,
at each boot. The cost is less than a second on the systems I am
using.
For now, this is o
16 matches
Mail list logo
