Module Name: src Committed By: riastradh Date: Mon Aug 26 15:19:22 UTC 2024
Modified Files: src/lib/libc/gen: arc4random.c Log Message: arc4random(3): Reseed if system entropy epoch changes. This can happen, for example, if the system is a VM instance, and the VM is cloned. This incurs the cost of a system call on every arc4random call, which is unfortunate, but 1. we don't currently have a (machine-independent) mechanism for exposing a read-only page to userland shared by the kernel to enable a cheaper access path to the entropy epoch; and 2. the algorithm here -- a simple application of ChaCha -- is likely also a bottleneck and could be much cheaper by (a) using sys/crypto/chacha for machine-dependent vectorized ChaCha code, and (b) filling a buffer (somewhere between a cipher block and a page) in a batch at a time, instead of running ChaCha to generate only 32 bytes at a time. So although this might be a performance hit, the security benefit is worthwhile and we have a clear path to do better than reversing the performance hit later. PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM fork To generate a diff of this commit: cvs rdiff -u -r1.34 -r1.35 src/lib/libc/gen/arc4random.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.