Re: [PATCH v2 0/4] Checkpoint/Restore: Show in proc IDs of objectsthat can be shared between tasks

[Pekka Enberg]

On Fri, Nov 18, 2011 at 11:03 PM, Cyrill Gorcunov <gorcunov@xxxxxxxxx> wrote:
>> Of course.  But
>>
>> a) I'm not sure that this scheme actually protects the kernel
>>    addresses - there may be way in which cunning userspace can work out
>>    the random mask.
>
> Well, in case of hw-rng it should not be that easy, still of course
> there is no 100% guarantee that there is absolutely no way to predict
> this mask (espec since it's generated once at lives here forever). But
> whatever makes attacker life harder -- is a good thing. After all we might
> simply take some hash on kernel address here (such as sha256) since it's
> not a time-critical operation and as far as I know collision is not found
> for it yet (??).

XOR cipher is very easy to crack with frequency analysis. I'd also
consider using SHA256 or similar hash for this.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/