Hacker News: aliceryhl

New comment by aliceryhl in "Linux Internals: How /proc/self/mem writes to unwritable memory (2021)"

aliceryhl — Mon, 09 Mar 2026 07:14:05 +0000

Interesting. Though looking at the code, it does still check VM_MAYWRITE, so the mapping needs to be something you could remap as writable.

New comment by aliceryhl in "Trump's global tariffs struck down by US Supreme Court"

aliceryhl — Mon, 23 Feb 2026 20:12:35 +0000

Ah thanks for clarifying.

New comment by aliceryhl in "What not to write on your security clearance form (1988)"

aliceryhl — Sat, 21 Feb 2026 21:03:23 +0000

Thank you. I was wondering about that.

New comment by aliceryhl in "Trump's global tariffs struck down by US Supreme Court"

aliceryhl — Sat, 21 Feb 2026 08:24:28 +0000

Hmm, I read some of the decision, and now I'm not sure what to make of all of it.

When I came to the opinion from Jackson, J., I found it extremely compelling. He says this:

... But some of TWEA’s sections delegating this authority had lapsed, and “there [was] doubt as to the effectiveness of other sections.” Accordingly, Congress amended TWEA in 1941, adding the subsection that includes the “regulate ... importation” language on which the President relies today. The Reports explained Congress’s primary purpose for the 1941 amendment: shoring up the President’s ability to control foreign-owned property by maintaining and strengthening the “existing system of foreign property control (commonly known as freezing control).”

When Congress enacted IEEPA in 1977, limiting the circumstances under which the President could exercise his emergency authorities, it kept the “regulate ... importation” language from TWEA. The other two relevant pieces of legislative history—the Senate and House Reports that accompanied IEEPA—demonstrate that Congress’s intent regarding the scope of this statutory language remained the same. As the Senate Report explained, Congress’s sole objective for the “regulate ... importation” subsection was to grant the President the emergency authority “to control or freeze property transactions where a foreign interest is involved.” The House Report likewise described IEEPA as empowering the President to “regulate or freeze any property in which any foreign country or a national thereof has any interest.”

However, then I read Kavanaugh, J. who writes the following:

In 1971, President Nixon imposed 10 percent tariffs on almost all foreign imports. He levied the tariffs under IEEPA’s predecessor statute, the Trading with the Enemy Act (TWEA), which similarly authorized the President to “regulate ... importation.” The Nixon tariffs were upheld in court.

When IEEPA was enacted in 1977 in the wake of the Nixon and Ford tariffs and the Algonquin decision, Congress and the public plainly would have understood that the power to “regulate ... importation” included tariffs. If Congress wanted to exclude tariffs from IEEPA, it surely would not have enacted the same broad “regulate ... importation” language that had just been used to justify major American tariffs on foreign imports.

And I also find this compelling.

To add onto this, Roberts, C. J. says: IEEPA’s grant of authority to “regulate ... importation” falls short. IEEPA contains no reference to tariffs or duties. The Government points to no statute in which Congress used the word “regulate” to authorize taxation. And until now no President has read IEEPA to confer such power.

This seems directly contradictory to Kavanaugh, J.'s dissent! Kavanaugh, J. claims that Nixon used the word “regulate” to impose tarrifs. And apparently the word isn't just in some random other statute — Nixon did so from TWEA, the predecessor of IEEPA: when Congress enacted IEEPA in 1977 it kept the “regulate ... importation” language from TWEA. (from Jackson, J.) So the point that no President has read IEEPA to confer such power seems pretty weak, when Nixon apparently did so from TWEA.

I have no conclusion from this, but IMO both Jackson, J. and Kavanaugh, J. have pretty strong points in opposing directions.

New comment by aliceryhl in "Rex is a safe kernel extension framework that allows Rust in the place of eBPF"

aliceryhl — Sun, 28 Dec 2025 09:00:16 +0000

I asked about this when they presented the project at the Linux Plumbers conference. They replied that it's not really intended to be a security boundary, and that you should not let anyone malicious load these programs.

Given this thread model, I think their project is entirely reasonable. Safe Rust will prevent accidental mistakes even if you could technically circumvent it if you really try.

New comment by aliceryhl in "Asahi Linux with Sway on the MacBook Air M2 (2024)"

aliceryhl — Thu, 25 Dec 2025 20:55:18 +0000

I have no insight into the Asahi project, but the LKML link goes to an email from James Calligeros containing code written by Hector Martin and Sven Peter. The code may have been written a long time ago.

New comment by aliceryhl in "Asahi Linux with Sway on the MacBook Air M2 (2024)"

aliceryhl — Thu, 25 Dec 2025 20:51:20 +0000

That's an email from James Calligeros. All this patch says is that the author is Hector Martin (and Sven Peter). The code could have been written a long time ago.

New comment by aliceryhl in "Texas is suing all of the big TV makers for spying on what you watch"

aliceryhl — Fri, 19 Dec 2025 16:43:56 +0000

Where I'm from, it probably would not be stolen by anyone.

New comment by aliceryhl in "The healthcare market is taxing reproduction out of existence"

aliceryhl — Mon, 01 Dec 2025 22:58:40 +0000

How?

New comment by aliceryhl in "Upcoming Rust language features for kernel development"

aliceryhl — Fri, 17 Oct 2025 16:40:19 +0000

It never made it into upstream Linux, but there is already a sample implementation that Wedson wrote in 2022: https://github.com/Rust-for-Linux/linux/pull/798

New comment by aliceryhl in "Upcoming Rust language features for kernel development"

aliceryhl — Fri, 17 Oct 2025 16:37:45 +0000

It won't be different from Tokio. When you pass a future to tokio::spawn, that will also eagerly execute the future right away.

New comment by aliceryhl in "Upcoming Rust language features for kernel development"

aliceryhl — Thu, 16 Oct 2025 12:17:26 +0000

It's trivial to implement an async runtime in the kernel. The kernel's workqueue is already essentially a runtime.

New comment by aliceryhl in "Io_uring, kTLS and Rust for zero syscall HTTPS server"

aliceryhl — Fri, 22 Aug 2025 12:40:05 +0000

> IIRC Alice from the tokio team also suggested there hasn't been much interest in pushing through these difficulties more recently, as the current performance is "good enough".

Well, I think there is interest, but mostly for file IO.

For file IO, the situation is pretty simple. We already have to implement that using spawn_blocking, and spawn_blocking has the exact same buffer challenges as io_uring does, so translating file IO to io_uring is not that tricky.

On the other hand, I don't think tokio::net's existing APIs will support io_uring. Or at least they won't support the buffer-based io_uring APIs; there is no reason they can't register for readiness through io_uring.

New comment by aliceryhl in "Rust’s dependencies are starting to worry me"

aliceryhl — Fri, 09 May 2025 14:04:45 +0000

I'm quite careful to tightly control the dependencies of Tokio. All dependencies are under control by members of the Tokio team or others that I trust.

New comment by aliceryhl in "'Mathematically perfect' star system being investigated for potential alien tech"

aliceryhl — Wed, 28 Feb 2024 15:38:49 +0000

The caption for the picture says this:

> The six planets orbit their central star HD 110067 in a harmonic rhythm with planets aligning every few orbits.

New comment by aliceryhl in "Git Things"

aliceryhl — Mon, 01 Jan 2024 12:32:58 +0000

Regarding the review process ... one thing that I find challenging and don't know a good solution to is documentation. I've received many PRs where the change itself is fine, but the PR is dragging out because the documentation is lacking, and getting the PR author to improve it sometimes takes a lot of review rounds.

What would you do to avoid this?

Sometimes the same situation comes up with tests, but it is not as common in my experience.

New comment by aliceryhl in "Rust to stabilize `async fn` and return-position `impl Trait` in traits"

aliceryhl — Thu, 21 Dec 2023 17:42:34 +0000

It's well known that what is being stabilized today is lacking the Send bounds stuff. In fact, there was a lot of discussion about whether they should completely block this feature until the Send bounds stuff was ready. Ultimately I think it is good that they shipped this part of the feature even though the other part isn't ready yet - Tower isn't able to use this yet, but other crates can.

New comment by aliceryhl in "Google OAuth is broken (sort of)"

aliceryhl — Thu, 21 Dec 2023 16:45:20 +0000

If you pay too much in bounties, you risk having your own red-team employees leave so that they can report bugs externally and get paid much more via bounties.

New comment by aliceryhl in "Sudo-rs' first security audit"

aliceryhl — Fri, 03 Nov 2023 22:04:26 +0000

I'm surprised that CLN-003 made the list even as low severity. It's intended to make reverse engineering of the binary harder, but the code is already freely accessible (and CLN-003 also acknowledges this).

New comment by aliceryhl in "The underground world of credit card network exploitation"

aliceryhl — Wed, 02 Aug 2023 21:57:56 +0000

In Denmark, there's a national system for authentication used for government sites and banks. I have a small device with a single button on it that shows a 6-digit code when you press it. I enter that code along with a password any time I make a purchase online.

(There's also an app that most people use. But I like the hardware thingy better.)