Fixing fork detection of arc4random by implementing INHERIT_ZERO for minherit?
Jan Kokemüller
jan.kokemueller at gmail.com
Fri Jul 18 16:21:24 UTC 2014
Hi,
the issue mentioned at
https://www.agwa.name/blog/post/libressls_prng_is_unsafe_on_linux also
affects FreeBSDs arc4random implementation as its fork detection relies
on changing pids only. Under FreeBSD, LibreSSL uses arc4random directly,
and relies on it to be 100% fork safe. They don't provide a way to stir
the RNG manually. I've brought this up with the LibreSSL developers, who
think it's a bug in the OS
(https://github.com/libressl-portable/portable/issues/17).
I've tried to implement INHERIT_ZERO for minherit to make arc4random
fork safe (patches attached). It seems to work fine so far, but I'm
really no expert on FreeBSDs VM system.
Also, the arc4random functions should probably be updated to use
something more secure like ChaCha20 instead of RC4
(https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=182610).
Cheers,
Jan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: minherit-inherit-zero.patch
Type: text/x-patch
Size: 1749 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20140718/08cb65c2/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: arc4random-fork-safety-POC.patch
Type: text/x-patch
Size: 1860 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20140718/08cb65c2/attachment-0001.bin>
More information about the freebsd-hackers
mailing list