On Sun, Nov 20, 2022 at 02:04:49AM +0100, Jason A. Donenfeld wrote:
> On Sun, Nov 20, 2022 at 01:53:53AM +0100, Jason A. Donenfeld wrote:
> > I'm not quite sure what the best approach here is. One idea would be to
> > just note that libcs should wait until vgetrandom() has returned
> > everywhere before forking, using its atfork functionality.
>
> To elaborate on this idea a bit, the way this looks is:
>
> rwlock_t l;
> pid_t fork(void)
> {
> pid_t pid;
> write_lock(&l);
> pid = syscall_fork();
> write_unlock(&l);
> return pid;
> }
> ssize_t getrandom(...)
> {
> ssize_t ret;
> ...
> if (!read_try_lock(&l))
> return syscall_getrandom(...);
> ret = vdso_getrandom(...);
> read_unlock(&l);
> return ret;
> }
>
> So maybe that doesn't seem that bad, especially considering libc already
> has the kind of infrastructure in place to do that somewhat easily.
> Maybe there's a priority locking thing to get right here -- the writer
> should immediately starve out all future readers, so it's not unbound --
> but that seems par for the course.
Fortunately none of this was necessary, and I've got things implemented
without needing to resort to that, for v+1.
Jason
