Implementation of fork generation number API (aws#3191)

This change implements a fork generation number (fgn). A fgn has the following properties: * Unsigned 64-bit integer. * Strictly-monotonic increasing. * If returned in a process, a subsequent return in a forked child process will result in a strictly greater value.
dougch · Mar 17, 2022 · 4c6e077 · 4c6e077
1 parent 8d7529a
commit 4c6e077
Show file tree

Hide file tree

Showing 11 changed files with 873 additions and 3 deletions.
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -275,6 +275,30 @@ try_compile(
         COMPILE_DEFINITIONS "-Werror"
 )
 
+# Determine if madvise() is available
+try_compile(
+        MADVISE_SUPPORTED
+        ${CMAKE_BINARY_DIR}
+        SOURCES "${CMAKE_CURRENT_LIST_DIR}/tests/features/madvise.c"
+        COMPILE_DEFINITIONS "-Werror"
+)
+
+# Determine if minherit() is available
+try_compile(
+        MINHERIT_SUPPORTED
+        ${CMAKE_BINARY_DIR}
+        SOURCES "${CMAKE_CURRENT_LIST_DIR}/tests/features/minherit.c"
+        COMPILE_DEFINITIONS "-Werror"
+)
+
+# Determine if clone() is available
+try_compile(
+        CLONE_SUPPORTED
+        ${CMAKE_BINARY_DIR}
+        SOURCES "${CMAKE_CURRENT_LIST_DIR}/tests/features/clone.c"
+        COMPILE_DEFINITIONS "-Werror"
+)
+
 if(APPLE)
     set(OS_LIBS c Threads::Threads)
 elseif(CMAKE_SYSTEM_NAME STREQUAL "FreeBSD")
@@ -436,6 +460,21 @@ if (__RESTRICT__SUPPORTED)
     target_compile_options(${PROJECT_NAME} PUBLIC -DS2N___RESTRICT__SUPPORTED)
 endif()
 
+if (MADVISE_SUPPORTED)
+    target_compile_options(${PROJECT_NAME} PUBLIC -DS2N_MADVISE_SUPPORTED)
+    message(STATUS "madvise() support detected")
+endif()
+
+if (MINHERIT_SUPPORTED)
+    target_compile_options(${PROJECT_NAME} PUBLIC -DS2N_MINHERIT_SUPPORTED)
+    message(STATUS "minherit() support detected")
+endif()
+
+if (CLONE_SUPPORTED)
+    target_compile_options(${PROJECT_NAME} PUBLIC -DS2N_CLONE_SUPPORTED)
+    message(STATUS "clone() support detected")
+endif()
+
 list(APPEND CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake/modules")
 
 #work around target differences

diff --git a/crypto/s2n_drbg.c b/crypto/s2n_drbg.c
@@ -197,9 +197,14 @@ int s2n_drbg_generate(struct s2n_drbg *drbg, struct s2n_blob *blob)
 
     S2N_ERROR_IF(blob->size > S2N_DRBG_GENERATE_LIMIT, S2N_ERR_DRBG_REQUEST_SIZE);
 
-    /* Always mix in additional entropy, for prediction resistance.
-        If s2n_drbg_mix is removed: must implement reseeding according to limit
-        specified in NIST SP800-90A 10.2.1 Table 3. */
+    /* Mix in additional entropy for every randomness generation call. This
+     * defense mechanism is referred to as "prediction resistance".
+     * If we ever relax this defense, we must:
+     *  1. Implement reseeding according to limit specified in
+     *     NIST SP800-90A 10.2.1 Table 3.
+     *  2. Re-consider whether the current fork detection strategy is still
+     *     sufficient.
+     */
     POSIX_GUARD(s2n_drbg_mix(drbg, &zeros));
     POSIX_GUARD(s2n_drbg_bits(drbg, blob));
     POSIX_GUARD(s2n_drbg_update(drbg, &zeros));

diff --git a/error/s2n_errno.c b/error/s2n_errno.c
@@ -265,6 +265,9 @@ static const char *no_such_error = "Internal s2n error";
     ERR_ENTRY(S2N_ERR_KEYING_MATERIAL_EXPIRED, "The lifetime of the connection keying material has exceeded the limit. Perform a new full handshake.") \
     ERR_ENTRY(S2N_ERR_EARLY_DATA_TRIAL_DECRYPT, "Unable to decrypt rejected early data") \
     ERR_ENTRY(S2N_ERR_PKEY_CTX_INIT, "Unable to initialize the libcrypto pkey context") \
+    ERR_ENTRY(S2N_ERR_FORK_DETECTION_INIT, "Fork detection initialization failed") \
+    ERR_ENTRY(S2N_ERR_RETRIEVE_FORK_GENERATION_NUMBER, "Retrieving fork generation number failed") \
+
 /* clang-format on */
 
 #define ERR_STR_CASE(ERR, str) case ERR: return str;

diff --git a/error/s2n_errno.h b/error/s2n_errno.h
@@ -207,6 +207,8 @@ typedef enum {
     S2N_ERR_INVALID_CERT_STATE,
     S2N_ERR_INVALID_EARLY_DATA_STATE,
     S2N_ERR_PKEY_CTX_INIT,
+    S2N_ERR_FORK_DETECTION_INIT,
+    S2N_ERR_RETRIEVE_FORK_GENERATION_NUMBER,
     S2N_ERR_T_INTERNAL_END,
 
     /* S2N_ERR_T_USAGE */

diff --git a/s2n.mk b/s2n.mk
@@ -211,6 +211,24 @@ ifeq ($(TRY_EVP_MD_CTX_SET_PKEY_CTX), 0)
 	DEFAULT_CFLAGS += -DS2N_LIBCRYPTO_SUPPORTS_EVP_MD_CTX_SET_PKEY_CTX
 endif
 
+# Determine if madvise() is available
+TRY_COMPILE_MADVISE := $(call try_compile,$(S2N_ROOT)/tests/features/madvise.c)
+ifeq ($(TRY_COMPILE_MADVISE), 0)
+	DEFAULT_CFLAGS += -DS2N_MADVISE_SUPPORTED
+endif
+
+# Determine if minherit() is available
+TRY_COMPILE_MINHERIT:= $(call try_compile,$(S2N_ROOT)/tests/features/minherit.c)
+ifeq ($(TRY_COMPILE_MINHERIT), 0)
+	DEFAULT_CFLAGS += -DS2N_MINHERIT_SUPPORTED
+endif
+
+# Determine if clone() is available
+TRY_COMPILE_CLONE := $(call try_compile,$(S2N_ROOT)/tests/features/clone.c)
+ifeq ($(TRY_COMPILE_CLONE), 0)
+	DEFAULT_CFLAGS += -DS2N_CLONE_SUPPORTED
+endif
+
 CFLAGS_LLVM = ${DEFAULT_CFLAGS} -emit-llvm -c -g -O1
 
 $(BITCODE_DIR)%.bc: %.c

diff --git a/tests/features/clone.c b/tests/features/clone.c
@@ -0,0 +1,24 @@
+/*
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License").
+ * You may not use this file except in compliance with the License.
+ * A copy of the License is located at
+ *
+ *  http://aws.amazon.com/apache2.0
+ *
+ * or in the "license" file accompanying this file. This file is distributed
+ * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing
+ * permissions and limitations under the License.
+ */
+
+#define _GNU_SOURCE
+
+#include <sched.h>
+#include <stddef.h>
+
+int main() {
+    clone(NULL, NULL, 0, NULL);
+    return 0;
+}
diff --git a/tests/features/madvise.c b/tests/features/madvise.c
@@ -0,0 +1,27 @@
+/*
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License").
+ * You may not use this file except in compliance with the License.
+ * A copy of the License is located at
+ *
+ *  http://aws.amazon.com/apache2.0
+ *
+ * or in the "license" file accompanying this file. This file is distributed
+ * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing
+ * permissions and limitations under the License.
+ */
+
+/* Keep in sync with utils/s2n_fork_detection.c */
+#if !defined(__APPLE__) && !defined(_GNU_SOURCE)
+    #define _GNU_SOURCE
+#endif
+
+#include <stddef.h>
+#include <sys/mman.h>
+
+int main() {
+    madvise(NULL, 0, 0);
+    return 0;
+}
diff --git a/tests/features/minherit.c b/tests/features/minherit.c
@@ -0,0 +1,22 @@
+/*
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License").
+ * You may not use this file except in compliance with the License.
+ * A copy of the License is located at
+ *
+ *  http://aws.amazon.com/apache2.0
+ *
+ * or in the "license" file accompanying this file. This file is distributed
+ * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing
+ * permissions and limitations under the License.
+ */
+
+#include <stddef.h>
+#include <sys/mman.h>
+
+int main() {
+    minherit(NULL, 0, 0);
+    return 0;
+}