Date: Tue, 16 Sep 2008 20:45:58 +0400 From: Andrey Chernov <ache@nagual.pp.ru> To: Max Laier <max@love2party.net> Cc: freebsd-current@freebsd.org Subject: Re: Is fork() hook ever possible? Message-ID: <20080916164558.GA41258@nagual.pp.ru> In-Reply-To: <200809161827.07627.max@love2party.net> References: <20080916140319.GA34447@nagual.pp.ru> <200809161827.07627.max@love2party.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Sep 16, 2008 at 06:27:07PM +0200, Max Laier wrote: > On Tuesday 16 September 2008 16:03:20 Andrey Chernov wrote: > > I need some sort of fork() hook to detect that pid is changed to re-stir > > ar4random() after that (in the child), simple flag variable with > > child's pid is needed. > > > > Currently OpenBSD does almost that checking getpid() every time > > arc4random() called, but it is very slow way to use getpid() syscall > > repeatedly, about 12-15 times slower than just arc4random() without > > getpid(). > > > > Any ideas? > > I guess the goal here is not to leak the state of the seed to the child, > right? > > Wouldn't it be easier to do something like this in libc's fork(): > > arc4random_stir(); /* create a new seed for the child */ > fork_syscall(); > if (parent) > arc4random_stir(); /* create a new seed for the parent */ > > This should solve the problem and doesn't require any handling in arc4random. > Of course, programs that call the fork syscall directly won't benefit, but > then again ... they are using the syscall directly and should know what they > are doing, right? Calling arc4random_stir() inside fork() will slow down fork() and is not acceptable because of it. -- http://ache.pp.ru/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080916164558.GA41258>