On Tue, 16 Sep 2008, Andrey Chernov wrote: > On Tue, Sep 16, 2008 at 06:27:07PM +0200, Max Laier wrote: >> On Tuesday 16 September 2008 16:03:20 Andrey Chernov wrote: >>> I need some sort of fork() hook to detect that pid is changed to re-stir >>> ar4random() after that (in the child), simple flag variable with >>> child's pid is needed. >>> >>> Currently OpenBSD does almost that checking getpid() every time >>> arc4random() called, but it is very slow way to use getpid() syscall >>> repeatedly, about 12-15 times slower than just arc4random() without >>> getpid(). >>> >>> Any ideas? >> >> I guess the goal here is not to leak the state of the seed to the child, >> right? >> >> Wouldn't it be easier to do something like this in libc's fork(): >> >> arc4random_stir(); /* create a new seed for the child */ >> fork_syscall(); >> if (parent) >> arc4random_stir(); /* create a new seed for the parent */ >> >> This should solve the problem and doesn't require any handling in arc4random. >> Of course, programs that call the fork syscall directly won't benefit, but >> then again ... they are using the syscall directly and should know what they >> are doing, right? > > Calling arc4random_stir() inside fork() will slow down fork() and is not > acceptable because of it. Could you add a new interface, arc4random_setstir() or something, to set a flag that indicates a stir should be done at the next opportunity? -- DEReceived on Tue Sep 16 2008 - 15:31:58 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:35 UTC