From owner-freebsd-security@freebsd.org Thu Mar 16 17:24:50 2017 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BCEADD0F1B6; Thu, 16 Mar 2017 17:24:50 +0000 (UTC) (envelope-from delphij@gmail.com) Received: from mail-ot0-x233.google.com (mail-ot0-x233.google.com [IPv6:2607:f8b0:4003:c0f::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 8BE041D00; Thu, 16 Mar 2017 17:24:50 +0000 (UTC) (envelope-from delphij@gmail.com) Received: by mail-ot0-x233.google.com with SMTP id x37so63790431ota.2; Thu, 16 Mar 2017 10:24:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=ngkX5mYfoinHeE4jRP3pwrbhM2Kbi0cDcWPXKHpTAaQ=; b=NNyKyzO3yK2dadkEX+e1p5oTk69yfAAX++mHhx70OPCZlYJZRNnVuzizb4IEnBhPii PRuefvhXPyX6eEL5+OM4nXC/qWxH/LBTgYGssBMETod7r7DU1OzSmqGXQFmqWRrf6MVO KPBc5tBXTN5SD9VZX0dk4fNg6MJ0tlQf+BJEmeWYavn8P1k9cfdKrGptQ3mioksA7CTb kzQ5J2rxJC+ZqSwEn++EnZFLJYpLLMYvRfKyJXM92gGj5rUcQ0mkqXqvjrz1hz/FQ7Cf a3m5HMJX2ELN1+mKO3pB+gIUUCEcWGc4ojViOhQNryOt2JNd98VCO90YrzjmEzab1Lbo M50g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=ngkX5mYfoinHeE4jRP3pwrbhM2Kbi0cDcWPXKHpTAaQ=; b=LIHHrwJVuzsm0tjMtxNtRYL7jy8IfBK+avaIhaF/kgwevCy6jTvBDowMh3yHRPc41L dgjt42Dqw3zimDZTI/AJctB0hP0F9pWsgjPuaftQPKncBGkLkQrnFbsCCBOB0Ft7wKW3 0YUtMSZe+CPrxElaY2kwHU6/a7vgq9GJAqxoxwPwCM/ON2mVtg0YQGH7DB5g6oWE9k2Z SzZSdiwshLqTf9bUiQUbML+tjh/fgB/b5d1M1v8rE1eMFyo0ohffaB91PJSucd7dAS2y ffATTZVxYTxu2WN8oWKYPgIOf94rn4Pno3251NgtqkgGogA2Y29eGK8zpYs4V5WM2OLU TR7Q== X-Gm-Message-State: AFeK/H27qy1Tsnkd3Q69PoDP6NpGBM6jHqTVG4dH3wXZhKGolGtPjCmTufNZ0gI9EmJuT7RfcNjtnjj659wwMw== X-Received: by 10.157.30.198 with SMTP id n64mr4787380otn.133.1489685089589; Thu, 16 Mar 2017 10:24:49 -0700 (PDT) MIME-Version: 1.0 Received: by 10.157.48.198 with HTTP; Thu, 16 Mar 2017 10:24:48 -0700 (PDT) In-Reply-To: <5160183b-9778-59aa-6cf9-118014a588eb@freebsd.org> References: <20170313220639.GB65190@pyro.eu.org> <20170315130615.GC25448@pyro.eu.org> <5160183b-9778-59aa-6cf9-118014a588eb@freebsd.org> From: Xin LI Date: Thu, 16 Mar 2017 10:24:48 -0700 Message-ID: Subject: Re: arc4random weakness To: Andrey Chernov Cc: Steven Chamberlain , "freebsd-security@freebsd.org" , freebsd Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Mar 2017 17:24:50 -0000 On Wed, Mar 15, 2017 at 1:13 PM, Andrey Chernov wrote: > On 15.03.2017 16:06, Steven Chamberlain wrote: >> Also it is great to see INHERIT_ZERO was added to mmap(2)! > > It is not so great. For a program which forks very often zeroing even > one page will be slowdown. It will be better and faster to implement it > as fork syscall wrapper setting single variable, as it already done for > threaded lib. I think it's exactly what it was done (and unlike a fork wrapper, the zeroing only happens on-demand, i.e. when the page is first touched). Cheers,