HackerTrans
热门最新趋势评论往期问答秀出招聘

timhh

808 声望加入于 9年前

提交

Rust 与 Zig 编译时间

blog.timhutt.co.uk
1 分·作者 timhh·7小时前·0 评论

Baochip-1x: What it is, why I'm doing it now and how it came about

crowdsupply.com
346 分·作者 timhh·4个月前·79 评论

Sudo-rs enables pwfeedback by default for Resolute Raccoon

discourse.ubuntu.com
3 分·作者 timhh·5个月前·3 评论

评论

timhh
·23小时前·讨论
这看起来很简单。想想这样一个商用 SystemVerilog 仿真器(只显示了用户界面的一小部分)。

https://blog.reds.ch/wp-content/uploads/2018/09/questa13.png

或者类似 Visual Studio 这样的软件。

显然,大多数图形用户界面并没有那么复杂,因此即时模式可以让你走得更远。它最大的局限是很难进行一些布局。你的图形用户界面布局会受到数据依赖性的影响,这就很尴尬了。
timhh
·前天·讨论
当然你可以制作压缩作品。例如。你获取的是 66 字节而不是 64 字节。见鬼,Intel/AMD 设法使 x86 相当快。

但它肯定更尴尬,并且会消耗整个 CPU 的成本。

如果较低的代码密度比由于一切都很好地对齐而带来的改进更糟糕,我会感到非常惊讶。 Especially because Qualcomm had actual data that it isn't (if you add new instructions with the extra coding space you free up).
timhh
·前天·讨论
> 需要 C(压缩)以避免 Linux 生态系统分裂。缺乏 C 的芯片将永远无法运行用 C 编译的二进制文件。

是的,这正是将其从 RVA 配置文件中排除的目的。这意味着 Linux 发行版不会编译启用 C 的代码,因此芯片可以自由地不支持 C,因此可以实现更高的性能(可能)。并且它打开了 3/4 的指令编码空间供其他事物使用。

> 另外,高通给出的借口——它将使所有指令的长度固定并且更容易解码——是错误的。 RISC-V 支持可变长度指令,甚至比 32 位长得多,您只需处理它即可。

这并没有错。 RISC-V 定义了一种可以使用 48/64 位指令的机制,但目前尚未真正定义。所有现有指令都是 16 或 32 位。如果没有 C,所有指令都是 32 位。您不必处理 48 位指令,因为根本不存在。

他们将来可能会添加一些,但我对此表示怀疑,因为a)这将是一个巨大的痛苦,b)他们没有为Vector添加,而Vector本来是最有用的。

> 仅仅因为高通收购了一家微架构只能处理固定长度指令的公司,并不能成为破坏生态系统的理由。

是的,现在改变已经太晚了,但这并不意味着这不是一个错误。

Zicond 看起来不错 - 我忘记了它的存在。
timhh
·前天·讨论
我喜欢 RISC-V(这是我过去 7 年的工作),但这完全是无稽之谈。并不是所有 RISC-V 都是好的。 CLIC 很糟糕(幸好它已被放弃)。该规范写得不是特别好 - 由于由许多作者编写,风格不一致,而且它太像教科书了,而不是正确的规范。 (有一些正在进行的工作来改进这个tbf。)

有一个几乎无穷无尽的未定义/实现定义行为列表,如果您想实现具有 100 次浮点运算的超小型微控制器,那么这非常好,但否则就非常糟糕了。

在 RVA 配置文件中要求 C(压缩)扩展名绝对是一个错误。缺乏真正的 16/64kB 页面和条件移动可能是一个错误(尽管可以修复)。

我不知道这些如何使它变得更加强大和成熟。

(但要明确的是,我仍然认为总体上相当不错。)
timhh
·上个月·讨论
> Default lock screen experience still has a needless delay of 5 seconds when entering a wrong (even blank wrong) password, even on the first attempt.

I suspect that is not KDE's fault (or Wayland's) - it's probably PAM, which by default has a 2 second delay (+/- 50%). That default is extremely difficult to change, but you can configure it. See my instructions here: https://github.com/linux-pam/linux-pam/issues/778#issuecomme...

Also if you follow that issue you can see I've been trying to convince the PAM developers to fix it (by changing it to a 0.5 second delay, which is much more tolerable and no less secure). Unfortunately they have this weird idea that users want the delay, because it lets them recompose their thoughts after getting the password wrong or something like that.
timhh
·2个月前·讨论
Note the shunting yard algorithm is an iterative (as opposed to recursive) version of Pratt parsing (and also precedence climbing which is virtually identical). However as normally stated it does not do proper error checking - it will accept totally invalid input.

That isn't a fundamental limit of the algorithm though; you can easily add error checking, as I did here: https://github.com/Timmmm/expr/blob/1b0aef8f91460974d526b5ba...

I'm not really sure why this is omitted.
timhh
·4个月前·讨论
I don't understand how you can be so confidently wrong about something so easily checked. :D

> You can't run unix_chkpwd against a local account without root because you won't be able to access /etc/shadow to get the hash.

unix_chkpwd can access /etc/shadow because it is suid.

> Otherwise you have to use the setuid version which won't let you run it directly.

Haha you mean this?

  $ unix_chkpwd
  This binary is not designed for running in this way
  -- the system administrator has been informed
Take a look at the source code I linked about 6 comments ago!

> Perhaps try checking something yourself?

I have. You haven't.

  printf 'hunter2\0' | unix_chkpwd yourusername nullok; echo $?
timhh
·4个月前·讨论
Definitely not for local password authentication, and I'm dubious it helps for ssh either. See my other comment.
timhh
·4个月前·讨论
> You obviously can't run unix_chkpwd against a local account without root.

Wrong. At least check before you say something is obvious.

> No, it's very simple.

Even more wrong: https://github.com/linux-pam/linux-pam/issues/778#issuecomme...

> feels like arguing with an LLM

I could say the same about you, repeatedly and confidently asserting falsehoods.
timhh
·4个月前·讨论
It is. Only the default changed. Also you can press tab if someone happens to be looking over your shoulder (and your password is so obvious they can guess it from the length).
timhh
·4个月前·讨论
> Yes, for local password authentication.

It's really really not. By default PAM has a difficult-to-disable 2ish second minimum delay for all authentication methods. However this is completely pointless for local password authentication because PAM checks password using unix_chkpwd, which has no delay. The comment I linked to is explaining that unix_chkpwd has a silly security theatre delay if you try to run it in a tty, but that's trivial to avoid.

If you want to brute force local password authentication you can just run unix_chkpwd as fast as you like. You don't need to involve PAM at all, so its 2 seconds delay achieves nothing.

It maybe does more for remote connections but I'm not sure about that either - if you want to check 10k ssh passwords per second what stops you making 10k separate connections every second? I don't think the 2 second delay helps there at all.

> Change both the config files and you can remove the delay if you want.

This is extremely complicated. See the comments in the issue for details.
timhh
·4个月前·讨论
Not for local password authentication.

https://github.com/pibara/pam_unix/blob/master/unix_chkpwd.c...
timhh
·4个月前·讨论
You make it sound like there was a discussion where they looked at these two alternatives and chose improving sudo over using run0. Actually I just submitted a patch for this and they accepted it. I don't work for Ubuntu and I didn't even know run0 existed until now (it does sound good though; I hope they switch to that).
timhh
·4个月前·讨论
Yeah I would like to fix those too but sudo is the one I encounter most. Also the existence of sudo-rs meant there was less push-back. I seriously doubt the maintainers of openssh or passwd would accept this change.
timhh
·4个月前·讨论
I did this!

I didn't actually know that Mint had enabled this by default. That would have been a useful counterpoint to the naysayers.

If you want the original behaviour you don't actually need to change the configuration - they added a patch afterwards so you can press tab and it will hide the password just for that time.

> The catalyst for Ubuntu’s change is sudo-rs

Actually it was me getting sufficiently pissed off at the 2 second delay for invalid passwords in sudo (actually PAM's fault). There's no reason for it (if you think there is look up unix_chkpwd). I tried to fix it but the PAM people have this strange idea that people like the delay. So I gave up on that and thought I may as well try fixing this other UX facepalm too. I doubt it would have happened with the original sudo (and they said as much) so it did require sudo-rs to exist.

I think this is one of the benefits of rewriting coreutils and so on in Rust - people are way more open to fixing long-standing issues. You don't get the whole "why are you overturning 46 years of tradition??" nonsense.

If anyone wants to rewrite PAM in Rust... :-D

https://github.com/linux-pam/linux-pam/issues/778
timhh
·5个月前·讨论
> i.e. this doesn't require age verification at all, just a user profile age property

This is usually how they do it though. First make a dumb law with poor enforcement. People don't push back about it because it obviously won't be enforced. Wait a bit, then say "people are flagrantly violating this law, we need better enforcement". At that point it's a lot harder to say "it shouldn't be a law at all!" because nobody complained when it was brought into law.
timhh
·5个月前·讨论
> the capabilities are so far mostly just talk

lol what? They've caught and successfully reflown the super heavy booster, and they've mostly successfully done a soft landing of Starship in the sea. How is that remotely "just talk"?
timhh
·5个月前·讨论
I recently started using Linux again, and decided to try and fix some of its more ancient and silly UX paper cuts. This is my first success!

My attempt to fix the annoying and unnecessary 2 second delay when you mistype your password is going rather less well: https://github.com/linux-pam/linux-pam/pull/789

Does anyone want to rewrite PAM in Rust? :D
timhh
·5个月前·讨论
If you get lost in the SEW, LMUL, VLMAX, etc. stuff I made a brief explanation here:

https://blog.timhutt.co.uk/riscv-vector/

It has a visualisation of the element selection stuff at the end.
timhh
·5个月前·讨论
It's going to be optional - the hooks will always fix the code if they can, but then you can supply a `--no-fix` flag (or config) if you want to tell it to not actually apply those changes to the real filesystem.

It doesn't need Landlock because WASI already provides a VFS.