On Sun, Nov 20, 2022 at 01:53:53AM +0100, Jason A. Donenfeld wrote:
> I'm not quite sure what the best approach here is. One idea would be to
> just note that libcs should wait until vgetrandom() has returned
> everywhere before forking, using its atfork functionality.
To elaborate on this idea a bit, the way this looks is:
rwlock_t l;
pid_t fork(void)
{
pid_t pid;
write_lock(&l);
pid = syscall_fork();
write_unlock(&l);
return pid;
}
ssize_t getrandom(...)
{
ssize_t ret;
...
if (!read_try_lock(&l))
return syscall_getrandom(...);
ret = vdso_getrandom(...);
read_unlock(&l);
return ret;
}
So maybe that doesn't seem that bad, especially considering libc already
has the kind of infrastructure in place to do that somewhat easily.
Maybe there's a priority locking thing to get right here -- the writer
should immediately starve out all future readers, so it's not unbound --
but that seems par for the course.
Jason
