From owner-freebsd-current@FreeBSD.ORG Sat Nov 12 10:34:27 2011 Return-Path: Delivered-To: current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8368C106566B; Sat, 12 Nov 2011 10:34:27 +0000 (UTC) (envelope-from ache@vniz.net) Received: from vniz.net (vniz.net [194.87.13.69]) by mx1.freebsd.org (Postfix) with ESMTP id 06A6D8FC16; Sat, 12 Nov 2011 10:34:26 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by vniz.net (8.14.5/8.14.5) with ESMTP id pACAMgZA075766; Sat, 12 Nov 2011 14:22:42 +0400 (MSK) (envelope-from ache@vniz.net) Received: (from ache@localhost) by localhost (8.14.5/8.14.5/Submit) id pACAMfAC075765; Sat, 12 Nov 2011 14:22:42 +0400 (MSK) (envelope-from ache) Date: Sat, 12 Nov 2011 14:22:41 +0400 From: Andrey Chernov To: David Schultz , current@freebsd.org, secteam@freebsd.org Message-ID: <20111112102241.GA75396@vniz.net> Mail-Followup-To: Andrey Chernov , David Schultz , current@freebsd.org, secteam@freebsd.org References: <20080916140319.GA34447@nagual.pp.ru> <20080916201932.GA59781@zim.MIT.EDU> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20080916201932.GA59781@zim.MIT.EDU> User-Agent: Mutt/1.5.21 (2010-09-15) Cc: Subject: Re: Is fork() hook ever possible? X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Nov 2011 10:34:27 -0000 On Tue, Sep 16, 2008 at 04:19:32PM -0400, David Schultz wrote: > secteam@ already agreed to the idea of solving the fork problem as > in OpenBSD over a month ago. On Wed, Sep 17, 2008 at 12:50:25PM +0400, Andrey Chernov wrote: > I agree with your patch (BTW you can remove unneded #define RANDOMDEV). The question remains: why you don't commit this patch all that 3 years, having secteam@ and mine agreements too? > --- /usr/ob/src/lib/libc/crypt/arc4random.c 2008-06-03 20:50:23.000000000 -0400 > +++ arc4random.c 2008-08-16 15:14:59.000000000 -0400 > @@ -34,21 +34,22 @@ > * RC4 is a registered trademark of RSA Laboratories. > */ > > +#include > +__FBSDID("$FreeBSD: head/lib/libc/gen/arc4random.c 181261 2008-08-03 20:15:22Z ache $"); > + > +#include "namespace.h" > #include > #include > #include > #include > +#include > #include > #include > #include > #include > -#include "thread_private.h" > > -#ifdef __GNUC__ > -#define inline __inline > -#else /* !__GNUC__ */ > -#define inline > -#endif /* !__GNUC__ */ > +#include "libc_private.h" > +#include "un-namespace.h" > > struct arc4_stream { > u_int8_t i; > @@ -56,6 +57,21 @@ > u_int8_t s[256]; > }; > > +static pthread_mutex_t arc4random_mtx = PTHREAD_MUTEX_INITIALIZER; > + > +#define RANDOMDEV "/dev/urandom" > +#define _ARC4_LOCK() \ > + do { \ > + if (__isthreaded) \ > + _pthread_mutex_lock(&arc4random_mtx); \ > + } while (0) > + > +#define _ARC4_UNLOCK() \ > + do { \ > + if (__isthreaded) \ > + _pthread_mutex_unlock(&arc4random_mtx); \ > + } while (0) > + > static int rs_initialized; > static struct arc4_stream rs; > static pid_t arc4_stir_pid; > @@ -114,9 +130,9 @@ > > /* > * Discard early keystream, as per recommendations in: > - * http://www.wisdom.weizmann.ac.il/~itsik/RC4/Papers/Rc4_ksa.ps > + * "(Not So) Random Shuffles of RC4" by Ilya Mironov. > */ > - for (i = 0; i < 256; i++) > + for (i = 0; i < 1024; i++) > (void)arc4_getbyte(); > arc4_count = 1600000; > } > @@ -135,6 +151,7 @@ > return (rs.s[(si + sj) & 0xff]); > } > > +#if 0 > u_int8_t > __arc4_getbyte(void) > { > @@ -147,6 +164,7 @@ > _ARC4_UNLOCK(); > return val; > } > +#endif > > static inline u_int32_t > arc4_getword(void) -- http://ache.vniz.net/