@mboelen Looks nice and clean! But I knowingly ignore the details *right now* because I'm heading of to four week holiday ;-) [bookmarked the update for August]

Except next I have to flush my LKML queue and send v6.11 PR(s) but, oh well...

Daniel Bristot de Oliveira passed away a few days ago at far too young an age. Some of his associates have just asked us to publish their memories of him:

https://lwn.net/Articles/979912/

What an incredible loss.

I started my systemd journey about 2-3 weeks ago when I took first steps moving my home office kernel CI from busybox to systemd + UKI. I was lagging at least two years in its features. Before that I've been sysvinit level user, i.e. just enabling services and reading the logs 🤷

My fav feature so far: systemd-run0. It's excellent debugging tool for testing PolKit and other access control layers in Linux (in my daily use I still tend to sudo).

I put my old Unprivileged #Nix notes to Medium so that I won’t loose them by mistake: https://medium.com/@jarkko.sakkinen/unprivileged-nix-2c9f06b99f8e

I.e. how to get a fresh and most recent userland to any remote Linux system that you have SSH access to when exactly two contraints are met:

1. User NS is ON.
2. PID NS is ON.

Or to put in other words: Nix Home Manager without NixOS recipe…

did not know that this was to become a literal truth when the song came out https://www.youtube.com/watch?v=NWxISwEBU0U

https://www.theregister.com/2024/06/24/mozilla_product_chief_sues_over/

X aka "never ever touch this crate" tag ;-) That is how I literally interpret it.

#Rust #RustCrypto #rustlang

@pid_eins OK, fair enough, thanks for the responses! I asked the last question mainly because I was not entirely sure how far is the reach of bootctl. Now I know.

crates.io celebrates its 10 year anniversary today! 🎉

On 2014-06-25 Alex Crichton created the initial commit in the crates.io git repository: https://github.com/rust-lang/crates.io/commit/54cfc8d

A lot has happened since then, and the current crates.io team would like to say "thank you!" to all current and former contributors to crates.io and the ecosystem around it! 🤗

#rustlang

@rjzak Ghidra is something that I use sometimes just get ideas but this more when I already have "a target of interest". I.e. I know what data etc. I'm looking for :-)

Both are used for disassembly but still pretty different type of instruments.

Depite reverse engineering of malware and kernel engineering have commonalities in tools, they're still different type of Sudoku's... Malware has more "easter eggs" so to speak ;-) And requires factors more dynamic analysis and simulation.

@pid_eins does systemd have built-in mok signer?

my first ever pull request for #nnn: https://github.com/jarun/nnn/pull/1904

@rjzak it's a good one but I think that completely different angle too. it's an "exploration tool" this is a "debugging tool"...

@pid_eins not a big deal, just checking

@pid_eins Last week I ramped up my home office kernel QA to use UKI so I guess it was great timing then :-)

Is there LXR for systemd?

@jwz was going to ask this next but apparently FAQ has already an answer: https://www.jwz.org/blog/2023/09/wayland-and-screen-savers/

@Aissen Forks confuse me too much, if I don't know the clear reasoning for them, and they both are quite rich and complex tools, and I would not want invest learning "the wrong one". So I just decided to take the beef, use the tool that I already know (Python), and move forward with my life I guess 🤷

@Aissen yes, that's where i learned about capstone in the first place :-)

Next test run might be to combine this with #angr perhaps... https://angr.io/

If #Radare2 vs #Rizin makes no sense to you, perhaps #Python will. It is pretty solid tool for driving #Capstone :-)

Transcript:

raw = open('/home/jarkko/work/nnn/nnn', 'rb')
from elftools.elf.elffile import ELFFile
elf = ELFFile(raw)
symtab = {s.name: s for s in (elf.get_section_by_name('.symtab')).iter_symbols()}
sym = symtab.get('move_cursor')
addr = sym['st_value']
size = sym['st_size']
text = elf.get_section_by_name('.text')
offset = addr - text['sh_addr'] + text['sh_offset']
raw.seek(offset)
payload = raw.read(size)
from capstone import Cs, CS_ARCH_ARM64, CS_MODE_ARM)
disasm =  Cs(CS_ARCH_ARM64, CS_MODE_ARM)
for opcode in disasm.disasm(payload, addr):
    print(f"0x{opcode.address:x}:\t{opcode.mnemonic}\t{opcode.op_str}")

Just got a bit familiar this. The main benefits are obviously:

• Recursive traversal #disassembly (vs linear sweep style in objdump)
• Re-usable analysis
• No boundaries how you can post-process the analysis (or visualize it)

I find this super fascinating!