Re: [patch 1/4] Add routine for generating an ID for kernel pointer

From: KOSAKI Motohiro
Date: Fri Dec 30 2011 - 15:31:35 EST


(12/30/11 2:36 AM), Cyrill Gorcunov wrote:
On Fri, Dec 30, 2011 at 11:23:09AM +1100, Herbert Xu wrote:
On Thu, Dec 29, 2011 at 08:24:53PM +0400, Cyrill Gorcunov wrote:

Probably I've had to crypto_alloc_hash earlier and simply keep a reference
to algo but since I'm not sure if looking for modules in late-init-call
is good idea.

Right, the allocation needs to occur in a sleepable context.

If you're just hashing something small and have no need for
hardware acceleration then lib/sha1.c is fine.


Hi, yeah, it's just one message block hashing so I've switched
to lib/sha1.c. Herbert, I'm more interested in security analysis
-- would the sha1(msg), where the 'msg' is the kernel pointer
XOR'ed with random value and expanded to the 512 bits would be
safe enough for export to unprivilege users?

Even if now we don't know an attacking way of sha1 reverse hashing,
we may discover within 10 years. Many secure messages lost from hardware speedup and new algorithm attack. so, nobody can say it's abi safe.

And, if you don't use perfect hash, you may have a hash collision risk. What's happen if different pointer makes same ID?
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/