unofficial mirror of guix-patches@gnu.org 
 help / color / mirror / Atom feed
* [bug#45344] [Patch 0/2] Libwaive for signify
@ 2020-12-20 18:49 Vincent Legoll
  2020-12-20 18:53 ` [bug#45344] [PATCH 1/2] gnu: Add libwaive Vincent Legoll
                   ` (2 more replies)
  0 siblings, 3 replies; 10+ messages in thread
From: Vincent Legoll @ 2020-12-20 18:49 UTC (permalink / raw)
  To: 45344

The following series adds libwaive, use it
for signify, and remove the TODO item.

I don't know if the test I did is sufficient to
ensure that the libwaive was used but the
following worked OK:

wget https://ftp.openbsd.org/pub/OpenBSD/6.8/openbsd-68-base.pub
wget https://cdn.openbsd.org/pub/OpenBSD/6.8/amd64/miniroot68.img
wget https://cdn.openbsd.org/pub/OpenBSD/6.8/amd64/SHA256
sha256sum -c --ignore-missing SHA256
wget https://cdn.openbsd.org/pub/OpenBSD/6.8/amd64/SHA256.sig
signify -Cp ./openbsd-68-base.pub -x SHA256.sig miniroot68.img

-- 
Vincent Legoll




^ permalink raw reply	[flat|nested] 10+ messages in thread

* [bug#45344] [PATCH 1/2] gnu: Add libwaive.
  2020-12-20 18:49 [bug#45344] [Patch 0/2] Libwaive for signify Vincent Legoll
@ 2020-12-20 18:53 ` Vincent Legoll
  2020-12-20 18:53   ` [bug#45344] [PATCH 2/2] gnu: signify: Build with libwaive to emulate OpenBSD's pledge() Vincent Legoll
  2020-12-20 18:55 ` [bug#45344] Following up Vincent Legoll
  2021-02-20 18:46 ` [bug#45344] [Patch 0/2] Libwaive for signify Leo Famulari
  2 siblings, 1 reply; 10+ messages in thread
From: Vincent Legoll @ 2020-12-20 18:53 UTC (permalink / raw)
  To: 45344; +Cc: Vincent Legoll

* gnu/packages/linux.scm (libwaive): New variable.
---
 gnu/packages/linux.scm | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index 2a9aafb50e..a7acab615a 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -2526,6 +2526,30 @@ Linux-based operating systems.")
 (define-deprecated libcap/next libcap)
 (export libcap/next)
 
+(define-public libwaive
+  ;; There's no release
+  (let ((commit "cdf7c1688dd13e86edd3536b9885b790b0f552e4")
+        (revision "1"))
+    (package
+      (name "libwaive")
+      (version (git-version "0.0.0" revision commit))
+      (home-page "https://github.com/dimkr/libwaive")
+      (source (origin
+                (method git-fetch)
+                (uri (git-reference
+                      (url home-page)
+                      (commit commit)))
+                (sha256
+                 (base32 "1wzy8wqryd26bs6vl8r6sx5jai7afsz0brvjczcpzlfwa7c6c1nn"))
+                (file-name (git-file-name name version))))
+    (build-system cmake-build-system)
+    (arguments '(#:tests? #f))
+    (native-inputs
+     `(("libseccomp" ,libseccomp)))
+    (synopsis "")
+    (description "")
+    (license license:x11))))
+
 (define-public bridge-utils
   (package
     (name "bridge-utils")
-- 
2.29.2





^ permalink raw reply	[flat|nested] 10+ messages in thread

* [bug#45344] [PATCH 2/2] gnu: signify: Build with libwaive to emulate OpenBSD's pledge().
  2020-12-20 18:53 ` [bug#45344] [PATCH 1/2] gnu: Add libwaive Vincent Legoll
@ 2020-12-20 18:53   ` Vincent Legoll
  0 siblings, 0 replies; 10+ messages in thread
From: Vincent Legoll @ 2020-12-20 18:53 UTC (permalink / raw)
  To: 45344; +Cc: Vincent Legoll

* gnu/packages/crypto.scm (native-inputs): Add libseccomp & libwaive.
(arguments): Add PLEDGE variable to #:make-flags.
---
 gnu/packages/crypto.scm | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/gnu/packages/crypto.scm b/gnu/packages/crypto.scm
index 1b51366d7e..0b446c08e2 100644
--- a/gnu/packages/crypto.scm
+++ b/gnu/packages/crypto.scm
@@ -154,17 +154,17 @@ communication, encryption, decryption, signatures, etc.")
                (base32
                 "11l67j04gyxnlw6zrzsygqs5cgsc1sww1rh0apl05yay131hd17n"))))
     (build-system gnu-build-system)
-    ;; TODO Build with libwaive (described in README.md), to implement something
-    ;; like OpenBSD's pledge().
     (arguments
      `(#:make-flags
-       (list "CC=gcc"
+       (list "CC=gcc" "PLEDGE=waive"
              (string-append "PREFIX=" (assoc-ref %outputs "out")))
        #:phases
        (modify-phases %standard-phases
          (delete 'configure))))
     (native-inputs
-     `(("pkg-config" ,pkg-config)))
+     `(("pkg-config" ,pkg-config)
+       ("libseccomp" ,libseccomp)
+       ("libwaive" ,libwaive)))
     (inputs
      `(("libbsd" ,libbsd)))
     (synopsis "Create and verify cryptographic signatures")
-- 
2.29.2





^ permalink raw reply	[flat|nested] 10+ messages in thread

* [bug#45344] Following up
  2020-12-20 18:49 [bug#45344] [Patch 0/2] Libwaive for signify Vincent Legoll
  2020-12-20 18:53 ` [bug#45344] [PATCH 1/2] gnu: Add libwaive Vincent Legoll
@ 2020-12-20 18:55 ` Vincent Legoll
  2021-02-20 18:46 ` [bug#45344] [Patch 0/2] Libwaive for signify Leo Famulari
  2 siblings, 0 replies; 10+ messages in thread
From: Vincent Legoll @ 2020-12-20 18:55 UTC (permalink / raw)
  To: 45344

Yes, it's missing a proper description & synopsis.

I'll add those, but will accept feedback anyways.

Thanks

-- 
Vincent Legoll




^ permalink raw reply	[flat|nested] 10+ messages in thread

* [bug#45344] [Patch 0/2] Libwaive for signify
  2020-12-20 18:49 [bug#45344] [Patch 0/2] Libwaive for signify Vincent Legoll
  2020-12-20 18:53 ` [bug#45344] [PATCH 1/2] gnu: Add libwaive Vincent Legoll
  2020-12-20 18:55 ` [bug#45344] Following up Vincent Legoll
@ 2021-02-20 18:46 ` Leo Famulari
  2021-02-20 19:05   ` Vincent Legoll
  2 siblings, 1 reply; 10+ messages in thread
From: Leo Famulari @ 2021-02-20 18:46 UTC (permalink / raw)
  To: Vincent Legoll; +Cc: 45344

On Sun, Dec 20, 2020 at 07:49:22PM +0100, Vincent Legoll wrote:
> The following series adds libwaive, use it
> for signify, and remove the TODO item.
> 
> I don't know if the test I did is sufficient to
> ensure that the libwaive was used but the
> following worked OK:
> 
> wget https://ftp.openbsd.org/pub/OpenBSD/6.8/openbsd-68-base.pub
> wget https://cdn.openbsd.org/pub/OpenBSD/6.8/amd64/miniroot68.img
> wget https://cdn.openbsd.org/pub/OpenBSD/6.8/amd64/SHA256
> sha256sum -c --ignore-missing SHA256
> wget https://cdn.openbsd.org/pub/OpenBSD/6.8/amd64/SHA256.sig
> signify -Cp ./openbsd-68-base.pub -x SHA256.sig miniroot68.img

Well, as long as signify keeps working, these extra security features
are offered as "best effort" on Linux. From what I can see, the only
OpenBSD software that is fully supported on Linux is OpenSSH. So, we are
only missing the description and synopsis.




^ permalink raw reply	[flat|nested] 10+ messages in thread

* [bug#45344] [Patch 0/2] Libwaive for signify
  2021-02-20 18:46 ` [bug#45344] [Patch 0/2] Libwaive for signify Leo Famulari
@ 2021-02-20 19:05   ` Vincent Legoll
  2021-02-20 21:38     ` Vincent Legoll
  0 siblings, 1 reply; 10+ messages in thread
From: Vincent Legoll @ 2021-02-20 19:05 UTC (permalink / raw)
  To: Leo Famulari; +Cc: 45344

Hello,

On Sat, Feb 20, 2021 at 7:46 PM Leo Famulari <leo@famulari.name> wrote:
> Well, as long as signify keeps working, these extra security features
> are offered as "best effort" on Linux. From what I can see, the only
> OpenBSD software that is fully supported on Linux is OpenSSH. So, we are
> only missing the description and synopsis.

Yes, I'm not knowledgeable enough to check for sure that this is really
enhancing security or anything else, but saw the light^Wcomment and
tried to do it... It certainly is more interesting than bare boring package
version updates (which I'll still continue to do anyways though).

I'll update the patch with desc and synopsis.

Thanks

--
Vincent Legoll




^ permalink raw reply	[flat|nested] 10+ messages in thread

* [bug#45344] [Patch 0/2] Libwaive for signify
  2021-02-20 19:05   ` Vincent Legoll
@ 2021-02-20 21:38     ` Vincent Legoll
  2021-02-20 23:08       ` Leo Famulari
  0 siblings, 1 reply; 10+ messages in thread
From: Vincent Legoll @ 2021-02-20 21:38 UTC (permalink / raw)
  To: Leo Famulari; +Cc: 45344

This one is not ready anyways, signify still uses the
bundled libwaive, I have to handle that properly as
well...

-- 
Vincent Legoll




^ permalink raw reply	[flat|nested] 10+ messages in thread

* [bug#45344] [Patch 0/2] Libwaive for signify
  2021-02-20 21:38     ` Vincent Legoll
@ 2021-02-20 23:08       ` Leo Famulari
  2021-02-21  9:55         ` Vincent Legoll
  0 siblings, 1 reply; 10+ messages in thread
From: Leo Famulari @ 2021-02-20 23:08 UTC (permalink / raw)
  To: Vincent Legoll; +Cc: 45344

On Sat, Feb 20, 2021 at 10:38:00PM +0100, Vincent Legoll wrote:
> This one is not ready anyways, signify still uses the
> bundled libwaive, I have to handle that properly as
> well...

Alright.

I noticed that libwaive hasn't been active in a few years. I wonder if
it's something we should pursue...




^ permalink raw reply	[flat|nested] 10+ messages in thread

* [bug#45344] [Patch 0/2] Libwaive for signify
  2021-02-20 23:08       ` Leo Famulari
@ 2021-02-21  9:55         ` Vincent Legoll
  2021-02-21 19:04           ` Leo Famulari
  0 siblings, 1 reply; 10+ messages in thread
From: Vincent Legoll @ 2021-02-21  9:55 UTC (permalink / raw)
  To: Leo Famulari; +Cc: 45344

Hello,

On Sun, Feb 21, 2021 at 12:09 AM Leo Famulari <leo@famulari.name> wrote:
> I noticed that libwaive hasn't been active in a few years. I wonder if
> it's something we should pursue...

libwaive is a single-file C (~300 LOCs [1]) source code library, I glanced over
it and it looks straightforward enough. I compared it to the seccomp manpage
[2] code samples and saw nothing suspicious.

I think it may not have been updated for newly added syscalls, but that
should not make it unsecure, mainly because what is not explicitely allowed
is prevented from use (default-locked policy [3]).

So, I'll wait for a bit more feedback before working on this, but I think
it may still be a worthwhile addition.

WDYT ?

[1] https://github.com/dimkr/libwaive/blob/master/waive.c
[2] https://man7.org/linux/man-pages/man3/seccomp_rule_add.3.html
[3] https://en.wikipedia.org/wiki/Seccomp

-- 
Vincent Legoll




^ permalink raw reply	[flat|nested] 10+ messages in thread

* [bug#45344] [Patch 0/2] Libwaive for signify
  2021-02-21  9:55         ` Vincent Legoll
@ 2021-02-21 19:04           ` Leo Famulari
  0 siblings, 0 replies; 10+ messages in thread
From: Leo Famulari @ 2021-02-21 19:04 UTC (permalink / raw)
  To: Vincent Legoll; +Cc: 45344

On Sun, Feb 21, 2021 at 10:55:16AM +0100, Vincent Legoll wrote:
> Hello,
> 
> On Sun, Feb 21, 2021 at 12:09 AM Leo Famulari <leo@famulari.name> wrote:
> > I noticed that libwaive hasn't been active in a few years. I wonder if
> > it's something we should pursue...
> 
> libwaive is a single-file C (~300 LOCs [1]) source code library, I glanced over
> it and it looks straightforward enough. I compared it to the seccomp manpage
> [2] code samples and saw nothing suspicious.
> 
> I think it may not have been updated for newly added syscalls, but that
> should not make it unsecure, mainly because what is not explicitely allowed
> is prevented from use (default-locked policy [3]).
> 
> So, I'll wait for a bit more feedback before working on this, but I think
> it may still be a worthwhile addition.
> 
> WDYT ?

I think you've done all the things a reviewer would ask for, so please
proceed as you see fit :)




^ permalink raw reply	[flat|nested] 10+ messages in thread

end of thread, other threads:[~2021-02-21 19:05 UTC | newest]

Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-12-20 18:49 [bug#45344] [Patch 0/2] Libwaive for signify Vincent Legoll
2020-12-20 18:53 ` [bug#45344] [PATCH 1/2] gnu: Add libwaive Vincent Legoll
2020-12-20 18:53   ` [bug#45344] [PATCH 2/2] gnu: signify: Build with libwaive to emulate OpenBSD's pledge() Vincent Legoll
2020-12-20 18:55 ` [bug#45344] Following up Vincent Legoll
2021-02-20 18:46 ` [bug#45344] [Patch 0/2] Libwaive for signify Leo Famulari
2021-02-20 19:05   ` Vincent Legoll
2021-02-20 21:38     ` Vincent Legoll
2021-02-20 23:08       ` Leo Famulari
2021-02-21  9:55         ` Vincent Legoll
2021-02-21 19:04           ` Leo Famulari

unofficial mirror of guix-patches@gnu.org 

This inbox may be cloned and mirrored by anyone:

	git clone --mirror https://yhetil.org/guix-patches/1 guix-patches/git/1.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 guix-patches guix-patches/ https://yhetil.org/guix-patches \
		guix-patches@gnu.org
	public-inbox-index guix-patches

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://news.yhetil.org/yhetil.gnu.guix.patches


AGPL code for this site: git clone http://ou63pmih66umazou.onion/public-inbox.git