From owner-freebsd-audit Sun Nov 28 1:15:11 1999 Delivered-To: freebsd-audit@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 758) id 2B97D14E1A; Sun, 28 Nov 1999 01:15:09 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id 13AB41CD44A; Sun, 28 Nov 1999 01:15:08 -0800 (PST) (envelope-from kris@hub.freebsd.org) Date: Sun, 28 Nov 1999 01:15:08 -0800 (PST) From: Kris Kennaway To: Dan Moschuk Cc: freebsd-audit@freebsd.org Subject: Re: Last random PID patch before commit In-Reply-To: <19991128012420.A48334@spirit.jaded.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sun, 28 Nov 1999, Dan Moschuk wrote: > Here's the last functionality change before I commit this. I doubt that using > random() to generate the key used to shuffle the ARC4 algorithm is the > absolute best way of doing it, but, It Works(tm). The other option I looked > at was read_random(), but I'm not 100% certain that it will have built up > sufficient entropy by the time the code is called (usually at bootup). You seed random() using the current time. This is practically a known quantity, since the system boot time is public information (you just have to guess the delta until the RNG was initialised). Using /dev/random seems much better, as you at least have some entropy (to be certain, you could measure how much is in the pool at the time the RNG is seeded). I'm not sure why you didn't just use the existing arc4random.c implementation, which a) seeds both using the time, and whatever is already in the entropy pool at that point, and b) reseeds periodically. > static int nextpid = 0; > > +static int randompid = 0; > +SYSCTL_INT(_kern, OID_AUTO, randompid, CTLFLAG_RW, &randompid, 0, ""); > + > int > fork1(p1, flags, procp) > struct proc *p1; > @@ -262,8 +265,8 @@ > * restart somewhat above 0, as the low-numbered procs > * tend to include daemons that don't exit. > */ > - if (nextpid >= PID_MAX) { > - nextpid = 100; > + if (nextpid >= PID_MAX || randompid) { > + nextpid = (randompid) ? arc4random() % PID_MAX : 100; > pidchecked = 0; > } You only seem to be randomizing the PIDs in the case when they wrap around to 0. OpenBSD have an extra conditional in there which forces this to always be the case. > Index: libkern/arc4random.c > =================================================================== > RCS file: arc4random.c > diff -N arc4random.c > --- /dev/null Sat Nov 27 21:16:45 1999 > +++ arc4random.c Sat Nov 27 22:05:05 1999 > @@ -0,0 +1,95 @@ > +/*- > + * THE BEER-WARE LICENSE > + * > + * wrote this file. As long as you retain this notice you > + * can do whatever you want with this stuff. If we meet some day, and you > + * think this stuff is worth it, you can buy me a beer in return. Why not just use the arc4random.c we already have (+ any openbsd changes) and tweak it, instead of rewriting from scratch? sys/dev/rnd.c in OpenBSD.. Kris ---- Just remember, as you celebrate Thanksgiving with your family feasts of turkey, cranberries, stuffing, gravy, mashed potatoes, squash, corn, cornbread, apples, pickles, dumplings, fish, orangutans, fruitbats, breakfast cereals, and so forth, to keep in mind the true reason for the season: The birth of Santa. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message