Development mailing list

Syndicate content
Archive of posts for haiku-development at FreeLists
Updated: 1 hour 57 min ago

[haiku-development] Re: Design for signed packages (Jonathan Schleifer)

Fri, 2014-03-28 04:45
Am 24.03.2014 um 21:27 schrieb Axel Dörfler axeld@xxxxxxxxxxxxxxxx: On 03/24/2014 07:55 PM, Jonathan Schleifer wrote: Am 23.03.2014 um 23:17 schrieb Axel Dörfler axeld@xxxxxxxxxxxxxxxx: I don't think we should only support secure boot in combination with an encrypted boot disk. Well, for it to actually make sense, full disk encryption is basically a must. An attacker can just place arbitrary binaries on the system to get control. ...
Categories: Development

[haiku-development] Re: [haiku-development] Re: [haiku-development] [haiku-development] /packages, /system/packages, /system/package-links… (Axel Dörfler)

Fri, 2014-03-28 02:45
On 03/24/2014 08:11 PM, Jonathan Schleifer wrote: I assume that /packages contains all visible packages for the current user, while /system/package-links only has the one in /system. You assumed wrong. /packages is a symlink to /system/package-links - this is basically what I'm complaining about. You got it wrong which basically proves the point I make: It's not intuitive. ...
Categories: Development

[haiku-development] Re: Design for signed packages (Axel Dörfler)

Thu, 2014-03-27 22:45
On 03/24/2014 07:55 PM, Jonathan Schleifer wrote: Am 23.03.2014 um 23:17 schrieb Axel Dörfler axeld@xxxxxxxxxxxxxxxx: I don't think we should only support secure boot in combination with an encrypted boot disk. Well, for it to actually make sense, full disk encryption is basically a must. An attacker can just place arbitrary binaries on the system to get control. ...
Categories: Development

[haiku-development] Re: hpkgs and compression (Jonathan Schleifer)

Thu, 2014-03-27 22:45
Am 24.03.2014 um 11:44 schrieb Ingo Weinhold ingo_weinhold@xxxxxx: But aligning it for mmap() is a good point - though we should use 8 instead of 4 I guess, since some platforms have 8 bytes as their natural alignment. mmap()ed data are always page aligned. And this really isn't relevant in this case, because the alignment within the package file is completely irrelevant to mmap()ing contained files. Yes, the start of the data is always page-aligned. What I meant is making ...
Categories: Development

[haiku-development] Re: [haiku-development] [haiku-development] /packages, /system/packages, /system/package-links… (Jonathan Schleifer)

Thu, 2014-03-27 20:45
Am 24.03.2014 um 12:24 schrieb Ingo Weinhold ingo_weinhold@xxxxxx: As you may have notice, /packages is a symlink to /boot/system/package-links. I did indeed. And I wonder why it's not just mounted to /packages (or better: /package-links) and /boot/system/package-links non-existant. package-links is not actually a particularly good name. Yes, it contains directories with symlinks, but that's only the syntax level. It actually contains meta information about the currently active packages (for the ...
Categories: Development

[haiku-development] Re: [haiku-development] [haiku-development] /packages, /system/packages, /system/package-links… (Jonathan Schleifer)

Thu, 2014-03-27 20:45
Am 23.03.2014 um 22:54 schrieb Axel Dörfler axeld@xxxxxxxxxxxxxxxx: On 03/22/2014 06:09 PM, Jonathan Schleifer wrote: Therefore, my proposal would be: Remove /packages and /system/package-links, instead use /package-links and mount the virtual filesystem there. That would give the following layout: It's quite confusing that you remove something (/system/package-links) you obviously don't understand any more than I do, at least :-) ...
Categories: Development

[haiku-development] Re: Design for signed packages (Jonathan Schleifer)

Thu, 2014-03-27 20:45
Am 24.03.2014 um 17:10 schrieb Ingo Weinhold ingo_weinhold@xxxxxx: Finally, at the end of the heap (we fortunately know it's compressed size so we can easily seek there), I would add the following fields (not final yet, but to give you a rough idea): uint8 signature[64]; uint16 certificateLength; uint8 certificate[]; ...
Categories: Development

[haiku-development] Re: Design for signed packages (Jonathan Schleifer)

Thu, 2014-03-27 20:45
Am 23.03.2014 um 23:17 schrieb Axel Dörfler axeld@xxxxxxxxxxxxxxxx: On 03/22/2014 10:28 PM, Jonathan Schleifer wrote: Remember our file system is encrypted. So now we need to ask the user for the encryption password (in the loader, that is). The loader is already signed so it cannot be tampered with. So after the user entered the correct password, the loader can now load the haiku.hpkg - without checking the signature! ...
Categories: Development

[haiku-development] Re: Design for signed packages (Ingo Weinhold)

Thu, 2014-03-27 20:45
On 03/22/2014 10:28 PM, Jonathan Schleifer wrote: Von: Jonathan Schleifer js-haikuports-commits@xxxxxxxxxxx Betreff: Aw: [HaikuPorts-svn] haikuporter : 1 new changeset : a4ba368099a5 Datum: 22. März 2014 22:24:28 MEZ An: HaikuPorts SVN commits haikuports-svn@xxxxxxxxxxxxxxxxxxxxxxxxxxx [...] ...
Categories: Development

[haiku-development] Re: [haiku-development] /packages, /system/packages, /system/package-links… (Ingo Weinhold)

Thu, 2014-03-27 14:45
On 03/22/2014 06:09 PM, Jonathan Schleifer wrote: We currently have the following paths: /packages /system/packages /system/package-links /boot/home/config/packages In /system/packages, we have hpkg files. In /boot/home/config/packages, we have hpkg files. So far, this seems ...
Categories: Development

[haiku-development] Re: hpkgs and compression (Ingo Weinhold)

Thu, 2014-03-27 12:45
On 03/22/2014 08:50 PM, Jonathan Schleifer wrote: Am 22.03.2014 um 19:54 schrieb David Given dg@xxxxxxxxxxx: Android packages are signed zipfiles, and have much the same access patterns as hpkgs; there's a special tool called zipalign which ensures that the files in the zipfile are 4-aligned. This allows Android to mmap() the zipfiles and access file data using 32-bit instructions. i.e ...
Categories: Development

[haiku-development] Re: Design for signed packages (Axel Dörfler)

Thu, 2014-03-27 12:45
On 03/22/2014 10:28 PM, Jonathan Schleifer wrote: Remember our file system is encrypted. So now we need to ask the user for the encryption password (in the loader, that is). The loader is already signed so it cannot be tampered with. So after the user entered the correct password, the loader can now load the haiku.hpkg - without checking the signature! ...
Categories: Development

[haiku-development] Re: Auto Hiding Scroll Bars (Axel Dörfler)

Thu, 2014-03-27 12:45
On 03/22/2014 11:02 PM, Andrew Wood wrote: Ive been doing some work creating an alternative to BScrollView for my app which automatically hides the scrollbars completely if theyre not neeeded rather than just greying them out. Currently its a subclass of BView but I see no reason why it couldnt be integrated into BScrollView if people wanted it. If anyones interested I will release it under a BSD or MIT licence....and yes I have followed ...
Categories: Development

[haiku-development] Re: [haiku-development] /packages, /system/packages, /system/package-links… (Axel Dörfler)

Thu, 2014-03-27 12:45
On 03/22/2014 06:09 PM, Jonathan Schleifer wrote: Therefore, my proposal would be: Remove /packages and /system/package-links, instead use /package-links and mount the virtual filesystem there. That would give the following layout: It's quite confusing that you remove something (/system/package-links) you obviously don't understand any more than I do, at least :-) ...
Categories: Development

[haiku-development] Re: Design for signed packages (Jonathan Schleifer)

Thu, 2014-03-27 12:45
Am 23.03.2014 um 03:11 schrieb Jonathan Schleifer js-haiku-development@xxxxxxxxxxx: and in the place where it matters Of course, that should have been and in the other place where it matters. I decided to change that in now to not copy the message And that in shouldn't be there, of course. ...
Categories: Development

[haiku-development] Re: Design for signed packages (Jonathan Schleifer)

Thu, 2014-03-27 12:45
Am 22.03.2014 um 22:55 schrieb Jonathan Schleifer js-haiku-development@xxxxxxxxxxx: Looking some more at it: It copies the whole message, so either we need to change the reference implementation to not do that, or use my original approach and hash first. The message it signs is of variable length and I could not find a maximum length, so in theory, it should work if we patch it to not copy the message. I'll try to contact djb and ask him what he thinks is the right approach. ...
Categories: Development

[haiku-development] Auto Hiding Scroll Bars (Andrew Wood)

Thu, 2014-03-27 12:45
Ive been doing some work creating an alternative to BScrollView for my app which automatically hides the scrollbars completely if theyre not neeeded rather than just greying them out. Currently its a subclass of BView but I see no reason why it couldnt be integrated into BScrollView if people wanted it. If anyones interested I will release it under a BSD or MIT licence....and yes I have followed the haiku coding guidelines! ...
Categories: Development

[haiku-development] Re: Design for signed packages (Jonathan Schleifer)

Thu, 2014-03-27 04:45
Am 22.03.2014 um 22:37 schrieb Jonathan Schleifer js-haiku-development@xxxxxxxxxxx: Am 22.03.2014 um 22:28 schrieb Jonathan Schleifer js-haiku-development@xxxxxxxxxxx: signature will be an Ed25519 signature of the SHA-256 hash of the uncompressed heap. Actually, that doesn't make any sense and it slipped me while reading over ...
Categories: Development

[haiku-development] Re: Design for signed packages (Jonathan Schleifer)

Wed, 2014-03-26 22:45
Am 22.03.2014 um 22:28 schrieb Jonathan Schleifer js-haiku-development@xxxxxxxxxxx: signature will be an Ed25519 signature of the SHA-256 hash of the uncompressed heap. Actually, that doesn't make any sense and it slipped me while reading over it. Looking at the implementation of Ed25519, it already seems to do the hashing, so it will be just the Ed25519 signature of the uncompressed heap, of course. ...
Categories: Development

[haiku-development] Design for signed packages (Jonathan Schleifer)

Wed, 2014-03-26 22:45
I just send this as a reply to a thread in the haikuports-svn mailing list, but just after sending it, it occurred to me that it would be much better placed here. So, here goes: Anfang der weitergeleiteten Nachricht: Von: Jonathan Schleifer js-haikuports-commits@xxxxxxxxxxx Betreff: Aw: [HaikuPorts-svn] haikuporter : 1 new changeset : a4ba368099a5 Datum: 22. März 2014 22:24:28 MEZ An: HaikuPorts SVN commits haikuports-svn@xxxxxxxxxxxxxxxxxxxxxxxxxxx ...
Categories: Development