Date: Wed, 20 Jun 2018 08:33:46 -0700 From: "Simon J. Gerraty" <sjg@juniper.net> To: Cy Schubert <Cy.Schubert@cschubert.com> Cc: <cem@freebsd.org>, "Stephen J. Kiernan" <stevek@freebsd.org>, src-committers <src-committers@freebsd.org>, <svn-src-all@freebsd.org>, <svn-src-head@freebsd.org>, <sjg@juniper.net> Subject: Re: svn commit: r335402 - head/sbin/veriexecctl Message-ID: <80645.1529508826@kaos.jnpr.net> In-Reply-To: <201806201342.w5KDgMeS040038@slippy.cwsent.com> References: <201806201342.w5KDgMeS040038@slippy.cwsent.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Cy Schubert <Cy.Schubert@cschubert.com> wrote: > > The signing of manifests is external. The veriexecctl tool is I assume > > a straight copy of what's in NetBSD (I've not looked at it in at least a > > decade). > > If this is correct, should it not be imported into the vendor branches > first? > > What are the criteria to import through the vendor branches v.s. direct > import into HEAD? Do I fail to understand a missing piece of > information or is there an inconsistency? AFAIK the key is whether there is an upstream project that will be tracked, which is not the case here. The ctl tool is the only bit that bears any relationship to the NetBSD code - because we never used it. Once I commit the loader stuff, we can replace the above with something more useful - can leverage the same library to verify manifest signatures.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?80645.1529508826>