Project

General

Profile

Actions
Copy link

Feature #5805

closed

want MC_INHERIT_ZERO

Added by Robert Mustacchi over 7 years ago. Updated over 7 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Robert Mustacchi
Category:
kernel
Start date:
Due date:
% Done:

100%

Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:

Description

As part of the arc4random() suite we need a guaranteed way that we can effectively zero data in a child process. For example, with arc4random() we want to make sure that our child doesn't inherit the PRNG state that we have in the parent. Unfortunately atfork() interfaces are a bad fit for several reasons:

  • It is not guaranteed that atfork() will fire from a signal handler
  • atfork() handlers do not fire when forkall() is used

While we could try to create a new atfork like interface that always fired, this ends up having its own series of challenges. This adds a private memcntl interface to allow us to do this. It, importantly, only works on anonymous privately mapped memory, limiting the potential scope and impact in a way that corresponds to the uses of it.

Actions
Copy link
 #1

Updated by Electric Monk over 7 years ago

  • Status changed from New to Closed
  • % Done changed from 90 to 100

git commit 9d12795f87b63c2e39e87bff369182edd34677d3

commit  9d12795f87b63c2e39e87bff369182edd34677d3
Author: Robert Mustacchi <rm@joyent.com>
Date:   2015-04-12T23:04:38.000Z

    5830 want arc4random(3C) suite
    5802 want getentropy(3C)
    5803 want getrandom(2)
    5804 want explicit_bzero(3C)
    5805 want MC_INHERIT_ZERO
    5806 uuid_generate can leak its cache in edge conditions
    Reviewed by: Jerry Jelinek <jerry.jelinek@joyent.com>
    Reviewed by: Joshua M. Clulow <josh@sysmgr.org>
    Reviewed by: Josef 'Jeff' Sipek <josef.sipek@nexenta.com>
    Reviewed by: Garrett D'Amore <garrett@damore.org>
    Approved by: Garrett D'Amore <garrett@damore.org>

Actions
Copy link

Also available in: Atom PDF