Date: Tue, 16 Sep 2008 18:27:07 +0200 From: Max Laier <max@love2party.net> To: freebsd-current@freebsd.org Cc: Andrey Chernov <ache@nagual.pp.ru> Subject: Re: Is fork() hook ever possible? Message-ID: <200809161827.07627.max@love2party.net> In-Reply-To: <20080916140319.GA34447@nagual.pp.ru> References: <20080916140319.GA34447@nagual.pp.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tuesday 16 September 2008 16:03:20 Andrey Chernov wrote:
> I need some sort of fork() hook to detect that pid is changed to re-stir
> ar4random() after that (in the child), simple flag variable with
> child's pid is needed.
>
> Currently OpenBSD does almost that checking getpid() every time
> arc4random() called, but it is very slow way to use getpid() syscall
> repeatedly, about 12-15 times slower than just arc4random() without
> getpid().
>
> Any ideas?
I guess the goal here is not to leak the state of the seed to the child,
right?
Wouldn't it be easier to do something like this in libc's fork():
arc4random_stir(); /* create a new seed for the child */
fork_syscall();
if (parent)
arc4random_stir(); /* create a new seed for the parent */
This should solve the problem and doesn't require any handling in arc4random.
Of course, programs that call the fork syscall directly won't benefit, but
then again ... they are using the syscall directly and should know what they
are doing, right?
--
/"\ Best regards, | mlaier@freebsd.org
\ / Max Laier | ICQ #67774661
X http://pf4freebsd.love2party.net/ | mlaier@EFnet
/ \ ASCII Ribbon Campaign | Against HTML Mail and News
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200809161827.07627.max>