From owner-svn-src-head@freebsd.org Wed Jun 20 15:13:34 2018 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1C85F101E56E; Wed, 20 Jun 2018 15:13:34 +0000 (UTC) (envelope-from sjg@juniper.net) Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.pphosted.com", Issuer "thawte SHA256 SSL CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 753D37F033; Wed, 20 Jun 2018 15:13:33 +0000 (UTC) (envelope-from sjg@juniper.net) Received: from pps.filterd (m0108160.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w5KFDWb7020352; Wed, 20 Jun 2018 08:13:32 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=to : subject : in-reply-to : references : from : mime-version : content-type : content-id : date : message-id; s=PPS1017; bh=bqZAWPfvxx6o9oh1n+104SsoI4MI9jrlrCF1rRu0YcU=; b=oeQcTzLuIyzvYoDSloF9fpyz8Sr7GUw3aktBfvpATG9BghM64g3AzqbiiqjP/qX4hsC+ k2tBdtphOvrxW2YGk+AetbUqZ+hRrC4ko0JwTpzY6EKM14sQ9HWBIsvakE18fCjA+Emy AVncEXrkDY70ipdA4wu7qNyJqaSCwmeXTdfBu/qqzjo7CCcEOqvouDutP21LRXs9Spxt ESilAfZJd7S4gTNgOALYdyKP30FpoPXK+tI1yigoA9W2jPfrIEMJy86hXZwajg0+BaHz Txp/TirKEOkVnK/kAS9ZWsM3TBH3Z3wk4Y97z7lo5eEWPkfjM3sJi4TMt2cBtx5WqUzp 3A== Received: from nam04-bn3-obe.outbound.protection.outlook.com (mail-bn3nam04lp0120.outbound.protection.outlook.com [216.32.180.120]) by mx0b-00273201.pphosted.com with ESMTP id 2jqrq5835g-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 20 Jun 2018 08:13:29 -0700 Received: from SN4PR0501CA0013.namprd05.prod.outlook.com (2603:10b6:803:40::26) by DM2PR05MB624.namprd05.prod.outlook.com (2a01:111:e400:2441::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.884.16; Wed, 20 Jun 2018 15:13:27 +0000 Received: from BY2NAM05FT061.eop-nam05.prod.protection.outlook.com (2a01:111:f400:7e52::201) by SN4PR0501CA0013.outlook.office365.com (2603:10b6:803:40::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.884.14 via Frontend Transport; Wed, 20 Jun 2018 15:13:27 +0000 Received-SPF: SoftFail (protection.outlook.com: domain of transitioning juniper.net discourages use of 66.129.239.15 as permitted sender) Received: from P-EMFE01C-SAC.jnpr.net (66.129.239.15) by BY2NAM05FT061.mail.protection.outlook.com (10.152.100.198) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384) id 15.20.884.14 via Frontend Transport; Wed, 20 Jun 2018 15:13:26 +0000 Received: from p-mailhub01.juniper.net (10.47.226.20) by P-EMFE01C-SAC.jnpr.net (172.24.192.21) with Microsoft SMTP Server (TLS) id 14.3.123.3; Wed, 20 Jun 2018 08:10:08 -0700 Received: from kaos.jnpr.net (kaos.jnpr.net [172.21.30.60]) by p-mailhub01.juniper.net (8.14.4/8.11.3) with ESMTP id w5KFA8PB027354; Wed, 20 Jun 2018 08:10:08 -0700 (envelope-from sjg@juniper.net) Received: from kaos.jnpr.net (localhost [127.0.0.1]) by kaos.jnpr.net (Postfix) with ESMTP id C6747644D5; Wed, 20 Jun 2018 08:09:58 -0700 (PDT) To: , "Stephen J. Kiernan" , src-committers , , , Subject: Re: svn commit: r335402 - head/sbin/veriexecctl In-Reply-To: <96021.1529475664@kaos.jnpr.net> References: <201806200108.w5K18sIR050132@repo.freebsd.org> <96021.1529475664@kaos.jnpr.net> Comments: In-reply-to: "Simon J. Gerraty" message dated "Tue, 19 Jun 2018 23:21:04 -0700." From: "Simon J. Gerraty" X-Mailer: MH-E 8.6; nmh 1.6; GNU Emacs 25.3.1 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <13045.1529507398.1@kaos.jnpr.net> Date: Wed, 20 Jun 2018 08:09:58 -0700 Message-ID: <16106.1529507398@kaos.jnpr.net> X-EOPAttributedMessage: 0 X-MS-Office365-Filtering-HT: Tenant X-Forefront-Antispam-Report: CIP:66.129.239.15; IPV:NLI; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10019020)(396003)(346002)(39380400002)(39860400002)(376002)(2980300002)(199004)(189003)(97876018)(76506005)(2810700001)(97736004)(2906002)(97756001)(2201001)(9686003)(53416004)(5660300001)(47776003)(105596002)(46406003)(478600001)(106466001)(50466002)(476003)(23726003)(11346002)(126002)(50226002)(86362001)(7126003)(68736007)(69596002)(486006)(1941001)(446003)(229853002)(8936002)(6346003)(316002)(16586007)(8676002)(59450400001)(6266002)(356003)(6246003)(55016002)(450100002)(81156014)(81166006)(76176011)(26005)(186003)(305945005)(7696005)(336012)(77096007)(117636001)(110136005)(53936002)(2101003)(42262002); DIR:OUT; SFP:1102; SCL:1; SRVR:DM2PR05MB624; H:P-EMFE01C-SAC.jnpr.net; FPR:; SPF:SoftFail; LANG:en; PTR:InfoDomainNonexistent; A:1; MX:1; X-Microsoft-Exchange-Diagnostics: 1; BY2NAM05FT061; 1:d5nqVOcZHJPnrkzjYpQs3KeV8u8pvRfj3XlxwBTErUVzUxhXOryeZLkiYN6dNbI35ItdwVzZr2SEmAHs1AZAtP+n/p4mgrqBVqJ6snz0pNXNkYLKBLYjayrO5cm4aP/V X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: bfa8e428-8885-47af-fcf1-08d5d6c05f9f X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(4534165)(4627221)(201703031133081)(201702281549075)(5600026)(711020)(2017052603328)(7153060); SRVR:DM2PR05MB624; X-Microsoft-Exchange-Diagnostics: 1; DM2PR05MB624; 3:+XqQk/i8mPDo+HHO7JbbdamPNRhHsOSbU7hHSV2dIe7mr+rTybKRO8SCD9pf5KphoXUaSpE+er6xiCLb++/UDxtnwaWr9tJpt5gIhNVVsWR1JnyZdpW2/RV1N/MvikOvsHky64QZGtqRgH3euUaXSAWrNO4qd2dm4KhY0uWIW2ROork6LaTxQmAlDAGrRWRNhHaddCw80eEoFTi9qqbbyMxAP3wIluU/CgpOXSuZsXGEhIAG2El8G6+F2a3E4raNuJxV4hUHov61BZN2uLSsCPUL5Z59/zGx3Q1xK2eIni7U27+HXUdFmwEyik8ZIGTjBKDauHcJ+2XuQrPDCc66vUzxLrrxlAN7d4B85F2bjRE=; 25:9iGbA7DawyMxcUu+rA65iA/GFBlqyb/nc486V23Q9YPEdc07prVC+JoMy0VEm1hFoUMKyROMkRt0n5r2V1kGkbfrVqTZjHqKHxqgjpF93RrjyAKuzpL+F76eIucw/JzIkpAoKyWCWRrorZeh+UCR9noTKOhr+umW/EvFf0D5jfqG0++HJDOeM5hUi2KZuRMgPJ2B8yWh/nXyMq/yF1fbWtyA3I8468/PGzCFmKWBCmvt1oYOInj2kCD+VktB1cKpS+BXlvgx4XqNnSyJWooqJJLayogvvsCqpFnS29y9Kd9qVkFYgBeOdeyET7k16jWmPHP65esI5AomBYtqa2lttQ== X-MS-TrafficTypeDiagnostic: DM2PR05MB624: X-Microsoft-Exchange-Diagnostics: 1; DM2PR05MB624; 31:+7+HHMa7Y/equCaKjMyGyDf0XeAD7TIW6ZqojPK3Ojn2aDTeh9eQtS7nbSl8/A6pDW6HTuuCrdkAfZ18yYJF4NXWrzefbniBEaHxaAMpgoUeU7LtFhn9sMcYU4cvc7NHYlPb5yhmHpFlpJcAUYyBrnEN9S2I45HF9tw+z1SezMrS/5YNPNJaDFU40PmB/gwCG82xQIdRzEsjM3fEhy2wgUSFftflrpVubXLxqkomvUM=; 20:KPFqyQpczv/bKQ3PxlFctvpZZA2neNGqXcMJeWveTIbYBUPlo2/+f/AoAxEIJRKeGklFuZx4k1JcidM1cEpFEayJENHuJlqfkdtVub6Z+t+NG2p45iEHlQ/pepDGrLn5A6D6Cin1UGT38dwNfOowZBOMDy5iv8D1HN9aEyWYNYDzKBr2El/xEi3F/sRgcknDPcu+MAXbk/LswPGyStuXzEZh9NPZ2Nd7m8evSGENZHhfBKssVevliFRY+jB23QJFFb9O/Q1GkVFjMSEVHD2abnM0qeut2lXBmCGulnq9qj9waFgNV6ngyXe7V6n0g6iRR6gJnUCmkiMXfMX9Oj/Dl3ityxZbPm8xH9yFM4kUyyZtILViiXzUqAtVFxvOeZjMg6PggPIRn1XZtsPm7Av9J4K9kwzL3PfNckELeN3L/xualEyxs9TqIGC5VwiyT/Kg7wr464PJlhnKNB/R5EL3+iyT9mn5JqJTbjj7SNlQNyGg9ZmwwLqB/ePN9gEkB9r+ X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(138986009662008); X-MS-Exchange-SenderADCheck: 1 X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(3002001)(10201501046)(93006095)(93001095)(3231254)(944501410)(52105095)(6055026)(149027)(150027)(6041310)(20161123560045)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123558120)(20161123562045)(6072148)(201708071742011)(7699016); SRVR:DM2PR05MB624; BCL:0; PCL:0; RULEID:; SRVR:DM2PR05MB624; X-Microsoft-Exchange-Diagnostics: 1; DM2PR05MB624; 4:LrbMs7xhzhH7pFeg0sFjfGrAubFBqHQ9YWIlm980D1u923IcyUQD+7gcEGsHhAm1nTJzj4vEZD1/3wmFceiQafIk8cgS4ufpXyRPegJm3YPgGlyvAbZR+9IwPXzcS5DCRwW0tn6T9RZbGANV9h8wEkX+3EE9GBsNAiQMP6VMefPEMopDEpr0IKa2FFiZJKRNvQVYm50F1yjK7dMxiAjnFkNE96SAaOfXwRq/iKnpYHXnY3F44gLvU5g7DBQsuDd+1HtE2mZX/9BBzkEuVQZ/zl+Z092Noyc+SiWuCacQ7nGQLrwsEhcpEbnh+n34a9y7 X-Forefront-PRVS: 070912876F X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; DM2PR05MB624; 23:PnLoABjHzkR5fzZ0Uz6wc9ZQHIYe8fxg34x7708uMd?= =?us-ascii?Q?m4CYZar6TF1xl3Dxc7fuT/GpaBF+LXdeu3bpHMzejggZuxnVS794XiRlyw+/?= =?us-ascii?Q?Mm9Cdxht1ToBrgn9fk8imNK+ZeA+EneaUfX8W6CjufgypIEJEOpujCLUnF6T?= =?us-ascii?Q?Mog/m/gQZn3YPlvt8b00Ob1/Z6KNG7sTJ3RGFEXMJMwuCq4wRxCNWNxnp7ZQ?= =?us-ascii?Q?K/fJFteMehZowc9HPYXW3wTOtB/l5y/98b8g6cSAt24igkxBgfD02VoNfyVe?= =?us-ascii?Q?spv3k7CtJEF4PRozS3hUhGF1lGiCFnmwYmz+kYVH4dJghRijhnmkESgOW4dD?= =?us-ascii?Q?erZj+nY52mhtRs2uQRwPZaFTSLQdyJlo6ebjyxf7MTJIbnPlKdGmhyZTNVx1?= =?us-ascii?Q?l1isCtxR5OtIxEkzDskAus9/sgSfVxrHi6HEmAlkmtxEsyP1bRis7YqF21kM?= =?us-ascii?Q?ZCnMULbXOgND9f/OyyL2Cjc+gCCrZr+/QP5pYCdL2frecy8U6GVoObM4Yi1+?= =?us-ascii?Q?JtZEyPS9Y2IoKh0Ow8NquPsUTl3sr9YXOotYNa69EM2W/2+uSZYB4eBnSq9I?= =?us-ascii?Q?4DISWpXy0eVdUeZmusPK4Pyn9OO/QdMYxv19KAHIAvtzIPJIS9N7+9RcZ+29?= =?us-ascii?Q?vxkYZQCqXwML5eZyyvPMIyNk3bj+8IiUJgD924pvQ9BtK5HsfcPlY4VqCoKJ?= =?us-ascii?Q?JoMB6BCDMVoAeTqIbXkvniQYx1Uq7gFliMIARRxn1iJ38w090sm1vODR3jje?= =?us-ascii?Q?Kt92NJ60V3aNS+Vw6NLfCyvJQ+RwmG39q2xJNwSN1V/vk9OEIJRlK5njYMVl?= =?us-ascii?Q?pXUYd0I+UPuUE0u/LTdASu03Si8cO7IFX5Y64YYZYdav9wTIvhXEW6PhXei0?= =?us-ascii?Q?Sc9xrUGp2Utue/bx6QNJM5jI/31Z63OshvQRjpf2RF4k+iej5/1qncujRE+s?= =?us-ascii?Q?32XXB2cc6RIEgOj1VCba5ruEwRQMRj3qoy6e5G+y+FRjhbqdeGX6iCrU8cLi?= =?us-ascii?Q?m8BdkSUi2HHQqg5e0JsIICu6cFUM3M38ojAxO82cI3gJotup8ovi0P89Bnxh?= =?us-ascii?Q?tY6FgC6EnKxVs+zGF4jnS67xCnlMczOSG0H4YXG52dMDM0MBFuBBUog5icT0?= =?us-ascii?Q?Tqos+HJrxP/kvubyuEkpCfMoT/q3x6eDrWLC2fJKH7Ofk2yYje6RwJPnTXNu?= =?us-ascii?Q?UcUQSdhbPsNVSasKhE23QXXgyqWv2SKeEl9tghk9gh8afXuYT3dPbkjAT8ww?= =?us-ascii?Q?8VYClHU5w2s4Rrq3UnjUBmjC64HpHVIbtyNti32lelWTxAm5o1S+rMe60MrR?= =?us-ascii?Q?oo/1bAZqD03eBRJkXwrz6khBjEwymO1v02GDtjWIT9Xg68FniqDZY7ASb7Wm?= =?us-ascii?Q?xDBMG9moB5dMOePh7Jh5RA6905JMoonrdbqedFaNnea3aV?= X-Microsoft-Antispam-Message-Info: BtKsj6f+RjX49X2qhRi1j/cx8Ea8J8cCDZEfKn8Ul/jG5fFKbjlLRvvyuLzPeSUbLF9mVrcI6OBRF9MkSZauk1pv8eZApn0HacGgqXUMipMudE54HewQdSekkx1JlJAIgCXf7afVgrkTsX2X6GpJcPLBM7npl0YzasTyXh4u1iKtCyJzas92SVDF7QvAwldl1iaTVd4HR5kiuvPwxg/BfFWZ3u2VBFOO6R+w6NP7o5RAE/rbwc47qw6KFbcsrpmZT0znu5X1f10WGu+AeRWPiQXQ5iUBEQsun60ILkClmzWCds6V9dlzaKpwJSrU64hK05HENyxaeIZpvhaSpW7sbw== X-Microsoft-Exchange-Diagnostics: 1; DM2PR05MB624; 6:0G+Ve+yje/dW8Luidhi9vZ03UZWdH9T6gFK9nrmwFu0N1TWcUjt5pN+WFgkN/l3P1tV/9i+zyaF7rDFpOhlD/dQVs3V/7JUOCbWPVg7wIIJLqQxXTpPpzOOMU7uOtwXXEz9B6LEp3TuSig9lzu+KiAadPDWqylDbns7Jt9cxugtkbnMPLMNUkE5x5/gaV1qN/s4dNkS/OTb7KP4olEgdN0EH3maMYl5OOJ78nVjRtQEV4bEcaUS4XonPdBN8r9gQk+2b4Em/b6YuXxugSeblANnzumNswd3POwJCHbHCmc7dHnLgt7tuSfUaH1+8W3xh7tfSxVPTfQLLRqtOMT/CEo+OLn4Cmkr88xfJEuvJwgKbTwroG102rpeWlrpvXqKPiImBRxJEVpPOZeR778xOkOlYWRFBsvc5PMuFI6P3py1u0mmsqXzdbHCTiEba6a0n//SWA1GNcdHLIhrJ2u5gMg==; 5:E3lQmMLEsdUHdoDVWj+WeUsV824hS+dyfh6nUupe3Rae8kqk6rvW49cW59d+Wxkfe5Hp6Wy8qxuYO9da2SP/OFKd/TyO06pqFLxs4eNRKqN5HmCDCnQRIlFsIHykNh5fSrYN+EE43+qVHGjif7U00rJvIpKbmv7DbQXghL4nNEk=; 24:ukD3M+sf4TNELxRKM42v+Vmh5+jZdL8pGzM5OBU3aD3ZszrS1akAxojLBIbisdkx06Q/7pf/p+FBKdCyGkiAoGLQy+FJny7T6YbZZYmFJ1o= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; DM2PR05MB624; 7:GNpeJ/fJMsf7i5oTWYDvpV5On9hCXVF7gCJQCyw3ICw/BMfKTkNyuu0hfeI7c0s+7yQf7vvjlOgGOzxbukJISgCa4KlVY2VRy/3urf6+luryY8yc+89a1oxAswc7+iq2CJE86aAiTUIl8BtI/5d4ncCP7jZkvEh60Q6FYp/HRuHc906cuJ1n2FqlVxt64oVP7dj0kMrnjwYnE65NQnEHQCj63smNBTLvSewJCzeRggy+vSVnSkik/FIhrAvzJdEI X-OriginatorOrg: juniper.net X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Jun 2018 15:13:26.6991 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: bfa8e428-8885-47af-fcf1-08d5d6c05f9f X-MS-Exchange-CrossTenant-Id: bea78b3c-4cdb-4130-854a-1d193232e5f4 X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=bea78b3c-4cdb-4130-854a-1d193232e5f4; Ip=[66.129.239.15]; Helo=[P-EMFE01C-SAC.jnpr.net] X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR05MB624 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2018-06-20_07:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=917 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1805220000 definitions=main-1806200170 X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Jun 2018 15:13:34 -0000 Simon J. Gerraty wrote: > > - Maybe sign the source-of-trust file > > We do. As noted above, we cannot upstream that until FreeBSD has > suitable signing infra. It occurred to me, that since I'll be upstreaming a library that uses BearSSL to do the necessary manifest verification for the loader, the same could be leveraged for the veriexec loader. That may impact where the two libs should go - will discuss with imp.