April 2014 - Darwin-dev - lists.apple.com

Re: Mac Certificates Query
by Jens Alfke 29 Apr '14

29 Apr '14

On Apr 28, 2014, at 11:49 PM, Rakesh Singhal <rakesh.singhal(a)gmail.com> wrote: > How can we programatically bundle all VALID certificates from all keychains(login.keychain, SystemRootCertificates, SystemCACertificates and System.keychain) in one file, like we have /etc/ssl/certs/ca-certificates.crt in Linux? Our application is not going to ship its own ca-certificates.crt and instead is required to build one from the keychains. This is more appropriate for the apple-cdsa (aka “security/crypto”) mailing list. You should repost it there. In general, this sounds like a bad idea. The OS already has its own trusted set of certs; why would you need to duplicate it? The OS root cert set can be updated dynamically, but baking one into your app will freeze it until you update your app, so the app might end up trusting certs that have since been invalidated. (This is an especially big concern right now, as many cert owners are regenerating their certs in response to the Heartbleed vulnerability.) —Jens _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev(a)lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/darwin-dev/site_archiver%40lists.ap… This email sent to site_archiver(a)lists.apple.com

1 0

Mac Certificates Query
by Rakesh Singhal 29 Apr '14

29 Apr '14

_______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev(a)lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/darwin-dev/site_archiver%40lists.ap… This email sent to site_archiver(a)lists.apple.com

1 0

Re: Is F_FULLFSYNC still important on iOS or with SSDs?
by Greg Parker 25 Apr '14

25 Apr '14

On Apr 25, 2014, at 8:12 AM, Jens Alfke <jens(a)mooseyard.com> wrote: > * Is F_FULLFSYNC important on iOS devices, since they never suffer abrupt power failures, instead shutting down cleanly when the battery level drops too low? (But judging by how long it takes to issue an END TRANSACTION statement in SQLite, that codebase still seems to be using it on iOS.) I would be worried that (1) the shutdown-before-power-failure mechanism may not be foolproof, and (2) a kernel panic could still leave the truly non-volatile storage in an inconsistent state. -- Greg Parker gparker(a)apple.com Runtime Wrangler _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev(a)lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/darwin-dev/site_archiver%40lists.ap… This email sent to site_archiver(a)lists.apple.com

1 0

Is F_FULLFSYNC still important on iOS or with SSDs?
by Jens Alfke 25 Apr '14

25 Apr '14

{I posted this to darwin-userlevel on Monday and got no response, so I’m trying again here. Apologies if you see it twice.} Back in the day (circa 2005) I got the religion about using ioctl(F_FULLFSYNC) to ensure that data written to the filesystem has actually been securely saved to disk. fsync() is not sufficient: it writes kernel buffers to the disk controller, but afterwards the controller still has several megabytes in its internal cache that haven’t been written to the platters yet, which can be lost if there’s an immediate power failure. (This isn’t the sort of thing that most apps have to worry about, since they tend to rewrite the entire file to a temp location and then swap, but it’s important for databases and other software that updates files in place. SQLite uses F_FULLFSYNC, for example.) I’m now working with a team that’s implementing a new b-tree storage manager (somewhat like Tokyo Cabinet, for instance). They’re currently calling regular fsync to commit writes. I’m telling them about F_FULLFSYNC, but a lot of time has passed since I first learned about this and I’m unsure how much of what I know is still relevant. * Do modern-day disk controllers still block completely while processing a cache flush operation? * How does the behavior of SSD controllers differ from hard disks? * Is F_FULLFSYNC important on iOS devices, since they never suffer abrupt power failures, instead shutting down cleanly when the battery level drops too low? (But judging by how long it takes to issue an END TRANSACTION statement in SQLite, that codebase still seems to be using it on iOS.) Thanks, —Jens _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev(a)lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/darwin-dev/site_archiver%40lists.ap… This email sent to site_archiver(a)lists.apple.com

1 0