From owner-freebsd-hackers@freebsd.org  Thu Mar 16 12:57:15 2017
Return-Path: <owner-freebsd-hackers@freebsd.org>
Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id AD3FBD0C0D2;
 Thu, 16 Mar 2017 12:57:15 +0000 (UTC) (envelope-from des@des.no)
Received: from smtp.des.no (smtp.des.no [194.63.250.102])
 by mx1.freebsd.org (Postfix) with ESMTP id 76844130F;
 Thu, 16 Mar 2017 12:57:15 +0000 (UTC) (envelope-from des@des.no)
Received: from desk.des.no (smtp.des.no [194.63.250.102])
 by smtp.des.no (Postfix) with ESMTP id 57B868F84;
 Thu, 16 Mar 2017 12:48:48 +0000 (UTC)
Received: by desk.des.no (Postfix, from userid 1001)
 id 6F3DD40CA; Thu, 16 Mar 2017 13:48:45 +0100 (CET)
From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no>
To: Andrey Chernov <ache@freebsd.org>
Cc: Steven Chamberlain <steven@pyro.eu.org>, freebsd-security@freebsd.org,
 freebsd-hackers@freebsd.org
Subject: Re: arc4random weakness
References: <CAD2Ti28acbW+pGQR5UihECWvg9WduGmVzkVFug_2ZWRF2zyTBw@mail.gmail.com>
 <20170313220639.GB65190@pyro.eu.org>
 <20170315130615.GC25448@pyro.eu.org>
 <5160183b-9778-59aa-6cf9-118014a588eb@freebsd.org>
Date: Thu, 16 Mar 2017 13:48:45 +0100
In-Reply-To: <5160183b-9778-59aa-6cf9-118014a588eb@freebsd.org> (Andrey
 Chernov's message of "Wed, 15 Mar 2017 23:13:26 +0300")
Message-ID: <86k27pz8sy.fsf@desk.des.no>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
 <freebsd-hackers.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers/>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Mar 2017 12:57:15 -0000

Andrey Chernov <ache@freebsd.org> writes:
> Steven Chamberlain <steven@pyro.eu.org> writes:
> > Also it is great to see INHERIT_ZERO was added to mmap(2)!
> It is not so great. For a program which forks very often zeroing even
> one page will be slowdown.

Wouldn't it be possible to just set up the page entry but leave it
unmapped, so that it is paged in (and zeroed if necessary) on first
access?  Thus, a process that uses arc4random() and fork()s would not
incur a penalty until (and unless) the child uses arc4random() too.

> It will be better and faster to implement it as fork syscall wrapper
> setting single variable, as it already done for threaded lib.

fork() and vfork() and pdfork() and...  From a security point of view, I
prefer to have it in a single place.

DES
--=20
Dag-Erling Sm=C3=B8rgrav - des@des.no