From 03b4be77e50c01cd0463089e68bbe673362a897b Mon Sep 17 00:00:00 2001 From: johannst Date: Mon, 29 Aug 2022 20:27:58 +0000 Subject: deploy: 8de64474ded169db55cdd34be9c020ed13c4e5e7 --- print.html | 77 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 76 insertions(+), 1 deletion(-) (limited to 'print.html') diff --git a/print.html b/print.html index 10d3605..8de9266 100644 --- a/print.html +++ b/print.html @@ -76,7 +76,7 @@ @@ -2641,6 +2641,8 @@ gcc -march=native -Q --help=target

Give the compiler a hint which branch is hot, so it can lay out the code accordingly to reduce number of jump instructions. See on compiler explorer.

+

The semantics of this hint are as follows, the compiler prioritises expr == cond. So __builtin_expect(expr, 0) means that we expect the expr to be 0 +most of the time.

echo "
 extern void foo();
 extern void bar();
@@ -3189,6 +3191,7 @@ def sum(a: int, b: int) -> int:
 
  • systemd
  • coredump
  • ptrace_scope
  • +
  • cryptsetup
  • systemd

    systemctl

    @@ -3337,6 +3340,78 @@ coredumpctl dump 6363 -o <file> 3 => No tracing allowed.

    Further details in ptrace(2).

    +

    cryptsetup(8)

    +
    cryptsetup <action> [opts] <action args>
    +
    +action:
    +    open <dev> <name> --type <type>    Open (decrypt) <dev> and map with <name>.
    +                                       Mapped as /dev/mapper/<name>.
    +                                       Type: {luks,plain,tcrypt,bitlk}
    +    close <name>                       Close existing mapping <name>.
    +    status <name>                      Print status for mapping <name>.
    +
    +    luksFormat <dev>                   Create new LUKS partition and set initial passphrase.
    +                                       (Keyslot 0)
    +    luksAddKey <dev>                   Add a new passphrase.
    +    luksRemoveKey <dev>                Remove existing passphrase.
    +    luksChangeKey <dev>                Change existing passphrase.
    +    lusDump <dev>                      Dump LUKS header for device.
    +
    +

    Example: Create LUKS encrypted disk.

    +

    For this example we use a file as backing storage and set it up as +loop(4) device. The loop device can be replaced by any block +device file.

    +
    +

    Optional: Overwrite existing data on disk.
    +sudo dd if=/dev/urandom of=/dev/sdX bs=1M

    +
    +

    First create the backing file and setup the loop device.

    +
    # Create 100MB file.
    +dd if=/dev/zero of=blkfile bs=1M count=100
    +
    +# Attach file to first free (-f) loop device
    +sudo losetup -f ./blkfile
    +# List loop devices.
    +sudo losetup -l
    +# NAME       SIZELIMIT OFFSET AUTOCLEAR RO BACK-FILE              DIO LOG-SEC
    +# /dev/loop0         0      0         0  0 /home/johannst/blkfile   0     512
    +
    +

    Create a new LUKS partition and format new filesystem.

    +
    # Initialize LUKS partition and set initial passphrase.
    +sudo cryptsetup luksFormat /dev/loop0
    +
    +file blkfile
    +# blkfile: LUKS encrypted file, ver 2 [, , sha256] UUID: 8...
    +
    +# Open (decrypt) the LUKS device, it will be mapped under /dev/mapper/loop0.
    +sudo cryptsetup open --type luks /dev/loop0 loop0
    +
    +# Format partition with new filesystem.
    +sudo mkfs.vfat /dev/mapper/loop0
    +
    +lsblk -f
    +# NAME        FSTYPE    FSVER LABEL  UUID  FSAVAIL FSUSE% MOUNTPOINTS
    +# loop0       crypto_LU 2            8...
    +# └─loop0     vfat      FAT16        D...    83.8M     0% /home/johannst/mnt
    +
    +# Close (re-encrypt) LUKS device.
    +sudo cryptsetup close loop0
    +
    +

    Example: Using an existing LUKS device.

    +
    # Open (decrypt) the LUKS device, it will be mapped under /dev/mapper/loop0.
    +sudo cryptsetup open --type luks /dev/loop0 loop0
    +
    +# Mount filesystem.
    +sudo mount /dev/mapper/loop0 <mntpoint>
    +
    +# Use disk ...
    +
    +# Unmount filesystem.
    +sudo umount <mntpoint>
    +
    +# Close (re-encrypt) LUKS device.
    +sudo cryptsetup close loop0
    +

    Network