From owner-svn-src-head@freebsd.org Wed Jun 20 15:35:09 2018 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C3023101F9B4; Wed, 20 Jun 2018 15:35:09 +0000 (UTC) (envelope-from sjg@juniper.net) Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.pphosted.com", Issuer "thawte SHA256 SSL CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 28432801A8; Wed, 20 Jun 2018 15:35:09 +0000 (UTC) (envelope-from sjg@juniper.net) Received: from pps.filterd (m0108160.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w5KFNsgx030828; Wed, 20 Jun 2018 08:35:06 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=to : cc : subject : in-reply-to : references : from : mime-version : content-type : content-id : date : message-id; s=PPS1017; bh=NiN0V/fELmGx5OsNLJx6ZlpWuZ4Yd+OA0md941tJ+0U=; b=JCEi6w/CX520b/WwuhNd6LiLeBLPVDymstGzpUQOAA3hDtsSk/O3z63t7NH+CJWd7mXm XdgsydGxfi7IOyGmSNgM5g+wb88sBChecVER37vu4YYvTf59c+V+6mxtFjFfbYphf6SI 0Sy/twhfqE5q9Es1qSYv0FI9uzdHyGhIg0C2QN2W1twBMVZF8bQMgzOkWP7lXzi/rLv4 nQ2yeHNF0plyAz510CPQu17WvATMpcaZ2Ful8BmUd1URiIfxzD4sCygSv81dyF/7X3BV mums5+uYa8TlBvjjqi72yC4/5Bn5ZwjjUu1BRAG/1ceGr0nH95JK0pNWvChKyF0BcaQ3 /g== Received: from nam01-sn1-obe.outbound.protection.outlook.com (mail-sn1nam01lp0117.outbound.protection.outlook.com [207.46.163.117]) by mx0b-00273201.pphosted.com with ESMTP id 2jqrq584bk-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 20 Jun 2018 08:35:06 -0700 Received: from BN6PR05CA0026.namprd05.prod.outlook.com (2603:10b6:405:39::39) by BN6PR05MB3106.namprd05.prod.outlook.com (2603:10b6:404:bb::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.884.12; Wed, 20 Jun 2018 15:35:04 +0000 Received: from BY2NAM05FT047.eop-nam05.prod.protection.outlook.com (2a01:111:f400:7e52::209) by BN6PR05CA0026.outlook.office365.com (2603:10b6:405:39::39) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.906.9 via Frontend Transport; Wed, 20 Jun 2018 15:35:04 +0000 Received-SPF: SoftFail (protection.outlook.com: domain of transitioning juniper.net discourages use of 66.129.239.15 as permitted sender) Received: from P-EMFE01C-SAC.jnpr.net (66.129.239.15) by BY2NAM05FT047.mail.protection.outlook.com (10.152.100.184) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384) id 15.20.884.14 via Frontend Transport; Wed, 20 Jun 2018 15:35:03 +0000 Received: from p-mailhub01.juniper.net (10.47.226.20) by P-EMFE01C-SAC.jnpr.net (172.24.192.21) with Microsoft SMTP Server (TLS) id 14.3.123.3; Wed, 20 Jun 2018 08:33:56 -0700 Received: from kaos.jnpr.net (kaos.jnpr.net [172.21.30.60]) by p-mailhub01.juniper.net (8.14.4/8.11.3) with ESMTP id w5KFXtx7031947; Wed, 20 Jun 2018 08:33:55 -0700 (envelope-from sjg@juniper.net) Received: from kaos.jnpr.net (localhost [127.0.0.1]) by kaos.jnpr.net (Postfix) with ESMTP id 66526644F1; Wed, 20 Jun 2018 08:33:46 -0700 (PDT) To: Cy Schubert CC: , "Stephen J. Kiernan" , src-committers , , , Subject: Re: svn commit: r335402 - head/sbin/veriexecctl In-Reply-To: <201806201342.w5KDgMeS040038@slippy.cwsent.com> References: <201806201342.w5KDgMeS040038@slippy.cwsent.com> Comments: In-reply-to: Cy Schubert message dated "Wed, 20 Jun 2018 06:42:22 -0700." From: "Simon J. Gerraty" X-Mailer: MH-E 8.6; nmh 1.6; GNU Emacs 25.3.1 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <78785.1529508826.1@kaos.jnpr.net> Date: Wed, 20 Jun 2018 08:33:46 -0700 Message-ID: <80645.1529508826@kaos.jnpr.net> X-EOPAttributedMessage: 0 X-MS-Office365-Filtering-HT: Tenant X-Forefront-Antispam-Report: CIP:66.129.239.15; IPV:NLI; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10019020)(39860400002)(39380400002)(396003)(376002)(346002)(2980300002)(189003)(199004)(7696005)(305945005)(478600001)(50466002)(54906003)(59450400001)(68736007)(97736004)(8936002)(55016002)(77096007)(50226002)(26005)(8676002)(76176011)(53936002)(6916009)(69596002)(5660300001)(229853002)(86362001)(81156014)(81166006)(446003)(97756001)(105596002)(7126003)(6246003)(486006)(6266002)(356003)(186003)(97876018)(126002)(476003)(23726003)(106466001)(4326008)(16586007)(316002)(9686003)(336012)(46406003)(47776003)(76506005)(53416004)(11346002)(2906002)(107886003)(117636001)(2810700001)(42262002); DIR:OUT; SFP:1102; SCL:1; SRVR:BN6PR05MB3106; H:P-EMFE01C-SAC.jnpr.net; FPR:; SPF:SoftFail; LANG:en; PTR:InfoDomainNonexistent; MX:1; A:1; X-Microsoft-Exchange-Diagnostics: 1; BY2NAM05FT047; 1:Ts6yX2aXYCMdDnkb2mNq9nGd6KH0xRtfeE59YWAi4qwxKwDiw8RjcBJuP6OJmA3XeHJPqy4JedX27yCuP05p+UMjewXzLE5+e3pcKQsERC7G05Wba/qqwHXhMemGppEx X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 55ef8c22-1dfe-425f-6e8d-08d5d6c364da X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(4534165)(4627221)(201703031133081)(201702281549075)(5600026)(711020)(2017052603328)(7153060); SRVR:BN6PR05MB3106; X-Microsoft-Exchange-Diagnostics: 1; BN6PR05MB3106; 3:hstZhkcFyZtfJT/BhCsn33WPjPcDN83gIqEmv+EUw5u3Dp4rzJbj7hfo54Ruu+kSC1ZbTy26PkBS4EaNsb3f56Fjg7crlSnOZe6vbIrEeE1PrI6rivYifWcqyah4apFi+OEHbDNe6u8i7x077fSj+h0ShIVeSI79TowoTi3GCAHwtIaFradj6YrDN8XNzxF8oy7+/3qudUdWSGdmJmS31iQCHurI5/cl7eySV1M60jDMpdu+GK8ksY06ny5LgZ5PsQTloMgVkS0AASho+7UOT9YV8ZSag6RomuGKrjpDl31g84HDmm8o2n6gHWQqTcXyrYx+EALW4yLicawL++XV/OYUDk/S9thHbvaSC1S0kgE=; 25:gfynLY2pbPkEJIyE/tnIZ3d2c06qB6hlVDDCS2kCs3MA1YF4UQdlA1tT7N70hFCeAH3sx6i9ZoGXVnyWudYqJH6qUJp8hinChh+yQDLawz9bou7p53nk57U2FwJhYGEJoblCxi1COpS3UKUQbOVoetzkxl0vwDI9NRM0yWKUAKr4Jr6YJjZJowvwTBAkb0yarsXJcRj6MfZ0XbHx8mLZCplOTRA//BU/QFkmt3+oe647quVYV+GVieEb2AM02/AGQ9k3JhSTlBtQiXgv/of0U5awR0I3cCFCZ6dpNPjd9zW8g3xdiOuQg1kLG22R31t0QGk/cTzw9Edu7muzkU9ByQ== X-MS-TrafficTypeDiagnostic: BN6PR05MB3106: X-Microsoft-Exchange-Diagnostics: 1; BN6PR05MB3106; 31:g9AJTBb4g6hzKPvuDD4irJOakxxsnzO/sdVqiAQ89h5hjkcL/OqiQN8rc7wwjEEjPKPrh2rnu6N0fUUiXqTKpgOyQ1itbLp82HDZbms3RMTctFu0RtpWdNIK0iEU5M/kvKYIdLfZFyaA6joRZSpLL1cBB2ouEXoRO3PcKF6DW3gBeyJNRu7CyqodWBCBSzOVgcjwVnrkwk1R2Q9BWvfaOVjYE1eZC1WUcyobc7FNbto=; 20:j4Zrwws/0jJFrtjCoCOJ8YMxOjmrFa8/9P5pj6+YLSKWfH/fSEkmvbBiRx4xkOCyOa8iNphWuTpXKkmmiCSQfAA1VDXPtEa1PijqyzjJJn/ExVJV1iArm/dXaJ9UGn4W7nHJTyTGIhThuiMGYASrfmOKxYm5geUsYqQ+ipiZ3bkNL3gBCW5kze5b6qrBHV61AtNN9FbdvIGRgjhy+m72b6GGBXomOKWr85LUYw4qOs1f0darfb8vfVmxwA4tScHvX+HTlDhm/dP8B0btD/F9dHHWEZkeW8/1yij2OM7LfxMM7ZZ4dLA4N63M7wPXs9OcHWG8+BL4AEwMjmjt4V2LHlLd43qXoTR1Zr9YCzDjBpm4SqyTwnjfdd5g2Bd/0YWvXaaECjnC2ABEtAvRzteeNEShmWvqLJLo90R2ArN1hP4HHevaK4toNS9nFQb9NwLQSHLCbD5qDD1riaLKRZl2t8OvbyLJ7z+lK6M1clUPFvTIo6oONqO1JLr+zFLorF+d X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(788757137089); X-MS-Exchange-SenderADCheck: 1 X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(3231254)(944501410)(52105095)(93006095)(93001095)(10201501046)(3002001)(6055026)(149027)(150027)(6041310)(20161123558120)(20161123562045)(20161123564045)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(6072148)(201708071742011)(7699016); SRVR:BN6PR05MB3106; BCL:0; PCL:0; RULEID:; SRVR:BN6PR05MB3106; X-Microsoft-Exchange-Diagnostics: 1; BN6PR05MB3106; 4:BkQ+/buFNWyzHoWU6HFnyuq6Znt4VbW35jGE/TmhnP7jlgK7HFbylCX8+qUmeuwYIAS5PVPvOx78RfXVgtxid1IF7Hwh1s9m5kRvVeqUyDUgYk6AlqxI2RlIVpPfJK1sAAMiMYIIQ4sQKXTqAfCHFQBQ59+cjlYrZUNWZ0fvVhms12YW7vk5Y9skMhl4DvNL61PwLd6F9QhIf/T9BiDJgw+fVgXBZfDrb9hJtlZDG/Ciwpmjy0yGVhTFJ4RAm968zDNqHOVJHsnBzyRa8q46YeDBhXL1y2sJk8Wp0O3rDq85dSY0BNtSnmRUTgWJJPuw X-Forefront-PRVS: 070912876F X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; BN6PR05MB3106; 23:W5cKSqvdzKKaSQwmO5RGtYnyAgWZnn0JwcrRNndJ5?= =?us-ascii?Q?jSjrCZ1t4HT0FooD0ekK6Z4GddXlPBkSErJPzHKo75dOYXzERjfTZ/IVsBqg?= =?us-ascii?Q?+uA79paFGurVYANaXYKJWldbgoAzknvOweg3mA5W/A90PBwM6HcD9juTYhdX?= =?us-ascii?Q?XZejCz4iHov4ZZacnIHzvFqDm5YxDHWjVU49dyBB1D9C96n0efGn2D5L4DBS?= =?us-ascii?Q?eC9NDwNvTFCcemmdj6Wk9Px1iPZqL7v9wIIPSwjgJTx9lzkrHKLbnK9MqWI5?= =?us-ascii?Q?Q7vFjkcUTpHjgiZM/wvNqQN3fhYw0rrPaaqyntqpipsHkv7ow2y3fiI7dGW6?= =?us-ascii?Q?oKr0aa1Quk6ILMQ/Kqd/NNsIXJwQrzd48Kqwm12dDHk8FW15LGnwrKiYqBAo?= =?us-ascii?Q?RYRp1uKA/McfQij3XbdtjTA4n6mILj+nJ0IpGsL0Db5FyvrsXlNDA1enxktB?= =?us-ascii?Q?+zQqrwU911njrTnTq6n06SOM3P0OETh26pl35XzQN3xKuyLUuzT87qKPm3yq?= =?us-ascii?Q?fMMiblP7Jon6K3HEVavk2gfUVAM21aTMG0z27NgEvAav5wrehVBOTifwR8dO?= =?us-ascii?Q?rN9WIqi9u6gl8b/ZkYCfL4oh2Tg815Fn1PD7QvfiTuDvD+Y/VgvgIwrOOOow?= =?us-ascii?Q?W6YncxYvnPX2tV6lGmPt34MH3fNzfxrGIg2YDxj//O7D9My5gJkO7CHE3VZ9?= =?us-ascii?Q?HsWSPIO1TorrtV/V8vXA7LHOsUkoX8oGNs397xD0NlmBfxo9Aq4sn1hDXzFD?= =?us-ascii?Q?E0uyoE3PhSnmQBVfESvh0KSr2ejtw82TH8oOGm/9Or/5qI/MirE3iDcXCsq7?= =?us-ascii?Q?XRtl6aYa/S4oKUexN5NIE+aZUNvQMhGI4ohEsMUmOg2M1wOHUueN/HJIKKpL?= =?us-ascii?Q?fd+feciW9psDSFso42N+mhbxnuMKMtL2hMKu+3Ns+6X27ogc9XQwEF1F29+z?= =?us-ascii?Q?rcFNtJAY5Ja0XDPQpuqGDU8IW3md1Kjgwx8MkNmY6d5eyi5O66JqenlMfvEz?= =?us-ascii?Q?kglZUpi0s5fsFxDuYpHCq/a5M5BSsAVtMvs32XNyxF0cnd0IVL2mczf1g8h6?= =?us-ascii?Q?+7XMcZ9mEYqWTJfeaRIjAc7m6OhXDTchX8tACGJIrONaK7UqHKyRQHM2HoKu?= =?us-ascii?Q?Aq2sfCCCYk5VGYJ/lQF3TjzCmb2x0ISzEzkUex5zb26g8dywxRtPyuolu4/b?= =?us-ascii?Q?qCR+6W6GcLaOe4n35HN6erXkBgPedhM7SFsvBJ59zz56Fo7PD97WWniRI3Aa?= =?us-ascii?Q?5Pe8ZBT2MskevrbSAhuOSRAHTeQluIXbHMLExef0pWYDIxXCRTKIfnQyHdo7?= =?us-ascii?Q?a8YjVsOWCz+RzyhnMKJQI78Zp05LYuU1EAsp8qoh4o9UPAhFK8C5Z+dwiNnV?= =?us-ascii?Q?TNkpg=3D=3D?= X-Microsoft-Antispam-Message-Info: +gx480JDvzwXN1z41AnZNe84pBeb1o98kyaz+OPgKJ0M1lV4NICjsrHCYcZ9m3xKr5o+9EhxWX9CqoFoUae8ReFgvGXe2WWm2puhRCKjmUZfOX9hq7XUQAhF9BIzBNlt45p2XN2Ref0m6I375axrT+4MEvU9107XZDSISwnTf+XJ2kRZPMB6qSf8JFDz5wIXaO1wwkZ7u+RkE4VhPOky2f17y0knpG6jQe64r3PvlbmdcQnEA1yr2ErWmDG4p/qIld8DjewcASxD6C1NmfImFF//9dj8EPFixBAZjZxYRoo9iLKsh5TKkBC/GQLiAlyaqJiNUUf2BV0BT8te4T+5Jw== X-Microsoft-Exchange-Diagnostics: 1; BN6PR05MB3106; 6:J8oRTgt/hKZ3Hpsnn9D5GaK9+TvYF/tsODx+IX03LyhWifChxqBKxWjFS/3qY9qtKqL9tzaTtXpCWbYdHCTrcqCZe829+5SN0l+3gFzb3DgBSVYQrrVlxHOGT30/7e08q5z3YKU7p+7TcYCJvf1BUzXwv8DM6a7m2CIknqE5sUnTpmjCFR2i8V2IMT8nbcAmlfQ7Ij97lW9CDUqKP1kcYUQzXifd/uAjFlnlxawDviQcXz1IfWQFTJWEXUBpBIu0+2JGGsY0MWNvGoZXyOt6XjT00+URQrzuw4KH3nsFj70FsbwcRUWGBx7GqfK7zQZw76HQxyZ4R+LE7Ea4uFRjMFxAlJtCAirxBpEGpwWX25NR48csGIaudyTljVMzzFu72A0h/E1BBU72KeGd3kWehmkxX/UDOvzQC49sGgJ009iIWAqx/2H/MvcWsD3MFik31XbHnXJ33MLzmvbRg84ysA==; 5:liRyGHw0lEnk91Vc4emlW6EIpML4g+RXuaNfddxnqa5ttsvAvllE6eo/+sjLkkPWELDrCRMdmLs8gZhFv0OmHpCSrt+IAZFNwMuHsxYo6sEIXocGqC6ucNywGpxNXgh5zkfyAV66nGeVJTvNSXUNK28tyqil2f1sX90Iv5X0USA=; 24:4QJdD983c0ysLX4VLfbyRrPVHRTTrawzEvRIM29rEGrCT3hWYswJOOnouIHqlVZgHV/r5TBp6elK+aBm6xUxqJ0NueEudh27bKf6JQKW7bg= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; BN6PR05MB3106; 7:SAPYeATlat3E5mGgOJoAq+WqjR0DE5Sx/ZzXtani0jteDk88HqezcobmkeD2lfUHub0r/dYI3PQgoBMRxWEt9DqEaZoVdq36AQ0jPejNevQ5vhhVpyod8ttY+pFbaEd9umEOizUfFPDxgf8lMdW4FqPm33/VPdbZp8Wh0pLoqii9wxgdMmX7juoubU+eOM0+Ltzes1SG+2lFHmJznht/M9tAGDauL+tkyT2MgGrEUpFdillgp8X/6JV/rqXUiIH9 X-OriginatorOrg: juniper.net X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Jun 2018 15:35:03.9140 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 55ef8c22-1dfe-425f-6e8d-08d5d6c364da X-MS-Exchange-CrossTenant-Id: bea78b3c-4cdb-4130-854a-1d193232e5f4 X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=bea78b3c-4cdb-4130-854a-1d193232e5f4; Ip=[66.129.239.15]; Helo=[P-EMFE01C-SAC.jnpr.net] X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR05MB3106 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2018-06-20_07:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1805220000 definitions=main-1806200172 X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Jun 2018 15:35:10 -0000 Cy Schubert wrote: > > The signing of manifests is external. The veriexecctl tool is I assume > > a straight copy of what's in NetBSD (I've not looked at it in at least a > > decade). > > If this is correct, should it not be imported into the vendor branches > first? > > What are the criteria to import through the vendor branches v.s. direct > import into HEAD? Do I fail to understand a missing piece of > information or is there an inconsistency? AFAIK the key is whether there is an upstream project that will be tracked, which is not the case here. The ctl tool is the only bit that bears any relationship to the NetBSD code - because we never used it. Once I commit the loader stuff, we can replace the above with something more useful - can leverage the same library to verify manifest signatures.