From owner-freebsd-current@FreeBSD.ORG Tue Sep 16 16:39:52 2008 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 276601065670 for ; Tue, 16 Sep 2008 16:39:52 +0000 (UTC) (envelope-from max@love2party.net) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.183]) by mx1.freebsd.org (Postfix) with ESMTP id ADDE08FC19 for ; Tue, 16 Sep 2008 16:39:51 +0000 (UTC) (envelope-from max@love2party.net) Received: from vampire.homelinux.org (dslb-088-066-010-043.pools.arcor-ip.net [88.66.10.43]) by mrelayeu.kundenserver.de (node=mrelayeu2) with ESMTP (Nemesis) id 0MKwtQ-1KfdOO1B8C-0005c3; Tue, 16 Sep 2008 18:27:08 +0200 Received: (qmail 60298 invoked from network); 16 Sep 2008 16:27:07 -0000 Received: from fbsd8.laiers.local (192.168.4.151) by router.laiers.local with SMTP; 16 Sep 2008 16:27:07 -0000 From: Max Laier Organization: FreeBSD To: freebsd-current@freebsd.org Date: Tue, 16 Sep 2008 18:27:07 +0200 User-Agent: KMail/1.10.1 (FreeBSD/8.0-CURRENT; KDE/4.1.1; i386; ; ) References: <20080916140319.GA34447@nagual.pp.ru> In-Reply-To: <20080916140319.GA34447@nagual.pp.ru> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200809161827.07627.max@love2party.net> X-Provags-ID: V01U2FsdGVkX1/1BdqWBDbvBL6epLhVz7oT8TzStzmFyt3keHD nf/VYRYlFOwT6eB4Zu1VAyddtq8Ta2JvfNb9234BBde/fNWFNr kn99Eed061olpG+6Cw/Kw== Cc: Andrey Chernov Subject: Re: Is fork() hook ever possible? X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Sep 2008 16:39:52 -0000 On Tuesday 16 September 2008 16:03:20 Andrey Chernov wrote: > I need some sort of fork() hook to detect that pid is changed to re-stir > ar4random() after that (in the child), simple flag variable with > child's pid is needed. > > Currently OpenBSD does almost that checking getpid() every time > arc4random() called, but it is very slow way to use getpid() syscall > repeatedly, about 12-15 times slower than just arc4random() without > getpid(). > > Any ideas? I guess the goal here is not to leak the state of the seed to the child, right? Wouldn't it be easier to do something like this in libc's fork(): arc4random_stir(); /* create a new seed for the child */ fork_syscall(); if (parent) arc4random_stir(); /* create a new seed for the parent */ This should solve the problem and doesn't require any handling in arc4random. Of course, programs that call the fork syscall directly won't benefit, but then again ... they are using the syscall directly and should know what they are doing, right? -- /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News