From: Florian Weimer <fw@deneb.enyo.de>
To: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Cc: libc-alpha@sourceware.org
Subject: Re: [PATCH] Remove cached PID/TID in clone
Date: Tue, 08 Nov 2016 20:44:00 -0000 [thread overview]
Message-ID: <87wpgdsnvh.fsf@mid.deneb.enyo.de> (raw)
In-Reply-To: <d3453042-f7ba-d43e-09c8-b3831aab1d2c@linaro.org> (Adhemerval Zanella's message of "Tue, 8 Nov 2016 18:36:53 -0200")
* Adhemerval Zanella:
> On 08/11/2016 18:11, Florian Weimer wrote:
>> * Adhemerval Zanella:
>>
>>>> It's a hotspot for incorrect/broken fork detection.
>>>
>>> If you mean the assert on fork.c, I review the code and it seems
>>> unnecessary to remove the assert on child creation:
>>
>> No, something else entirely. OpenSSL mixes the current PID into the
>> randomness pool, in an attempt to make sure that the streams generated
>> by parent and child are different:
>>
>> pid_t curr_pid = getpid();
>> …
>> if (curr_pid) { /* just in the first iteration to save time */
>> if (!MD_Update(m, (unsigned char *)&curr_pid, sizeof curr_pid))
>> goto err;
>> curr_pid = 0;
>> }
>>
>> <https://github.com/openssl/openssl/blob/master/crypto/rand/md_rand.c#L283>
>>
>> This happens at every invocation of RAND_bytes. It may show up in
>> profiles if all the other system calls (time, gettimeofday etc.) are
>> handled by the vDSO.
>>
>> But I suggest that this shouldn't block your change. It's just
>> something we should be aware of. If the kernel provides a more
>> efficient way to get the PID, we can change glibc to use it.
>>
>> More comments about your revised patch tomorrow.
>>
>
> Right, I referenced a quite old discussion about the pid caching
> and the randomness provided by getpid [1].
It's not about randomness per se, it's about making sure that the
randomness streams, well, fork after a fork system call. Without it,
parent and child would give the same random bytes in the future.
The main problem is that this does not work reliably once multiple
forks are involved and the randomness pool has been seeded at an
inconvenient time:
<https://www.postgresql.org/message-id/E1UKzBn-0006c6-Ep@gemulon.postgresql.org>
Carlos has a patch to turn pthread_atfork into something that's
available without libpthread. Maybe we should upstream it and prepare
it for handling clone (and fork from signal handlers).
next prev parent reply other threads:[~2016-11-08 20:44 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-10-13 19:45 Adhemerval Zanella
2016-10-26 17:59 ` Adhemerval Zanella
2016-11-07 17:21 ` Florian Weimer
2016-11-08 19:58 ` Adhemerval Zanella
2016-11-08 20:11 ` Florian Weimer
2016-11-08 20:37 ` Adhemerval Zanella
2016-11-08 20:44 ` Florian Weimer [this message]
2016-11-09 12:18 ` Florian Weimer
2016-11-15 14:27 ` Adhemerval Zanella
2016-11-15 14:30 ` Florian Weimer
2016-11-24 21:24 ` Adhemerval Zanella
2016-11-25 10:50 ` Florian Weimer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87wpgdsnvh.fsf@mid.deneb.enyo.de \
--to=fw@deneb.enyo.de \
--cc=adhemerval.zanella@linaro.org \
--cc=libc-alpha@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).