Actions
Feature #5805
closed
want MC_INHERIT_ZERO
Start date:
Due date:
% Done:
100%
Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:
Description
As part of the arc4random() suite we need a guaranteed way that we can effectively zero data in a child process. For example, with arc4random() we want to make sure that our child doesn't inherit the PRNG state that we have in the parent. Unfortunately atfork() interfaces are a bad fit for several reasons:
- It is not guaranteed that atfork() will fire from a signal handler
- atfork() handlers do not fire when forkall() is used
While we could try to create a new atfork like interface that always fired, this ends up having its own series of challenges. This adds a private memcntl interface to allow us to do this. It, importantly, only works on anonymous privately mapped memory, limiting the potential scope and impact in a way that corresponds to the uses of it.
Updated by Electric Monk about 7 years ago
- Status changed from New to Closed
- % Done changed from 90 to 100
git commit 9d12795f87b63c2e39e87bff369182edd34677d3
commit 9d12795f87b63c2e39e87bff369182edd34677d3
Author: Robert Mustacchi <rm@joyent.com>
Date: 2015-04-12T23:04:38.000Z
5830 want arc4random(3C) suite
5802 want getentropy(3C)
5803 want getrandom(2)
5804 want explicit_bzero(3C)
5805 want MC_INHERIT_ZERO
5806 uuid_generate can leak its cache in edge conditions
Reviewed by: Jerry Jelinek <jerry.jelinek@joyent.com>
Reviewed by: Joshua M. Clulow <josh@sysmgr.org>
Reviewed by: Josef 'Jeff' Sipek <josef.sipek@nexenta.com>
Reviewed by: Garrett D'Amore <garrett@damore.org>
Approved by: Garrett D'Amore <garrett@damore.org>
Actions