Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 16 Mar 2017 15:19:46 +0200
From:      Konstantin Belousov <kostikbel@gmail.com>
To:        Dag-Erling Sm??rgrav <des@des.no>
Cc:        Andrey Chernov <ache@freebsd.org>, freebsd-security@freebsd.org, freebsd-hackers@freebsd.org, Steven Chamberlain <steven@pyro.eu.org>
Subject:   Re: arc4random weakness
Message-ID:  <20170316131946.GN16105@kib.kiev.ua>
In-Reply-To: <86k27pz8sy.fsf@desk.des.no>
References:  <CAD2Ti28acbW%2BpGQR5UihECWvg9WduGmVzkVFug_2ZWRF2zyTBw@mail.gmail.com> <20170313220639.GB65190@pyro.eu.org> <20170315130615.GC25448@pyro.eu.org> <5160183b-9778-59aa-6cf9-118014a588eb@freebsd.org> <86k27pz8sy.fsf@desk.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Thu, Mar 16, 2017 at 01:48:45PM +0100, Dag-Erling Sm??rgrav wrote:
> Andrey Chernov <ache@freebsd.org> writes:
> > Steven Chamberlain <steven@pyro.eu.org> writes:
> > > Also it is great to see INHERIT_ZERO was added to mmap(2)!
> > It is not so great. For a program which forks very often zeroing even
> > one page will be slowdown.
> 
> Wouldn't it be possible to just set up the page entry but leave it
> unmapped, so that it is paged in (and zeroed if necessary) on first
> access?  Thus, a process that uses arc4random() and fork()s would not
> incur a penalty until (and unless) the child uses arc4random() too.
This is how the forking code works, without any additional coding,
for the INHERIT_ZERO regions as well.

> 
> > It will be better and faster to implement it as fork syscall wrapper
> > setting single variable, as it already done for threaded lib.
> 
> fork() and vfork() and pdfork() and...  From a security point of view, I
> prefer to have it in a single place.
> 
> DES
> -- 
> Dag-Erling Sm??rgrav - des@des.no
> _______________________________________________
> freebsd-hackers@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20170316131946.GN16105>