Date: Sat, 19 Jul 2014 00:49:27 +0400 From: Andrey Chernov <ache@freebsd.org> To: Steven Chamberlain <steven@pyro.eu.org>, Leif Pedersen <bilbo@hobbiton.org> Cc: "freebsd-security@freebsd.org" <freebsd-security@freebsd.org> Subject: Re: Speed and security of /dev/urandom Message-ID: <53C98857.8060603@freebsd.org> In-Reply-To: <53C97E47.4030100@pyro.eu.org> References: <53C85F42.1000704@pyro.eu.org> <4E23BEEA-693A-4FA3-BE94-9BB82B49503A@vpnc.org> <CAK-wPOhuh_XUpQ9OZXB1UZjz6wQF=8gO2thWiBu9i3tt%2BKt7mQ@mail.gmail.com> <C9E21765-D47F-4D98-8C7A-FCD9922FD072@vpnc.org> <CAK-wPOhUDhzB6mXJ4XSCN4O6VcyPG9dXqtQJkR3Eoj6Q_gZ=Xg@mail.gmail.com> <53C97E47.4030100@pyro.eu.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 19.07.2014 0:06, Steven Chamberlain wrote: > It's been pointed out to me that OpenBSD solved that particular issue > with MAP_INHERIT_ZERO: the state of the arc4random PRNG is zeroed out > on forking, and it knows to reseed then. > > FreeBSD since r227520 (2011-11-15), calls getpid() on every > arc4random_buf call, to see if the pid has changed since it seeded, and > thus reseed. It was shown recently (in the context of LibreSSL > Portable) that this may not work in a contrived corner-case, so there > they added an atfork handler, but again might not always be called. I always say that calling getpid on every arc4random call is ugly and should be replaced by something. pthread_atfork belong to another library and MAP_INHERIT_ZERO is not currently implemented. -- http://ache.vniz.net/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53C98857.8060603>