Re: [PATCH 0/4] Checkpoint/Restore: Show in proc IDs of objects thatcan be shared between tasks

[Cyrill Gorcunov]

On Tue, Nov 15, 2011 at 09:44:27PM -0800, Matt Helsley wrote:
...
> > 
> > The object address is XOR-ed with a "random" value of the same size and then
> > shown in proc. Providing this poison is not leaked into the userspace then
> > ID seem to be safe.
> 
> Really? There's no way to quickly derive the random number from known
> allocation patterns and thereby break the obfuscation scheme?
> To start we can note that the low N bits are directly exposed in the ID
> of anything that requires 2^N-byte alignment.
> 
> I think it's really a question of whether the high order bits can be derived.
> 

Good point. I suppose we might use 2 random numbers here, one for xor and
second to shuffle bits.

> And of course the random number only needs to be derived once per boot
> before it reveals the address of everything with an ID.

	Cyrill
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/