Re: BPF hash algo (Re: [kernel-hardening] Re: [PATCH v7 3/6] random: use SipHash in place of MD5)

From: Hannes Frederic Sowa
Date: Thu Dec 22 2016 - 15:02:43 EST

Next message: Zoran Markovic: "[RFC PATCH 1/4] dt-bindings: mdm9615: Add ADM DMA engine"
Previous message: SÃren Brinkmann: "Re: [PATCH v2] ARM64: zynqmp: Fix i2c node's compatible string"
In reply to: Andy Lutomirski: "Re: BPF hash algo (Re: [kernel-hardening] Re: [PATCH v7 3/6] random: use SipHash in place of MD5)"
Next in thread: Daniel Borkmann: "Re: BPF hash algo (Re: [kernel-hardening] Re: [PATCH v7 3/6] random: use SipHash in place of MD5)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 22.12.2016 20:56, Andy Lutomirski wrote:
> It's also not quite clear to me why userspace needs to be able to
> calculate the digest on its own. A bpf(BPF_CALC_PROGRAM_DIGEST)
> command that takes a BPF program as input and hashes it would seem to
> serve the same purpose, and that would allow the kernel to key the
> digest and change the algorithm down the road without breaking things.

I think that people expect digests of BPF programs to be stable over
time and reboots.

Next message: Zoran Markovic: "[RFC PATCH 1/4] dt-bindings: mdm9615: Add ADM DMA engine"
Previous message: SÃren Brinkmann: "Re: [PATCH v2] ARM64: zynqmp: Fix i2c node's compatible string"
In reply to: Andy Lutomirski: "Re: BPF hash algo (Re: [kernel-hardening] Re: [PATCH v7 3/6] random: use SipHash in place of MD5)"
Next in thread: Daniel Borkmann: "Re: BPF hash algo (Re: [kernel-hardening] Re: [PATCH v7 3/6] random: use SipHash in place of MD5)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]