[CRYPTO] obfuscating kernel pointers

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Dan Rosenberg <drosenberg@vsecurity.com>
To: linux-crypto@vger.kernel.org
Subject: [CRYPTO] obfuscating kernel pointers
Date: Fri, 12 Nov 2010 08:32:01 -0500	[thread overview]
Message-ID: <1289568721.3090.267.camel@Dan> (raw)

Hi Crypto people,

I'm planning on submitting a patch that introduces a new %p format
specifier that obfuscates kernel pointers depending on privileges.  This
change is for security reasons - many networking protocols expose
pointers to socket structures in their /proc interfaces, which are
attractive targets when exploiting other issues.

It's been suggested that I initialize a secret value at boot, and use
that as the key to a crypto hash function.  I should use a function that
is relatively fast (ideally), produces a unique output based on its
input of a pointer, and produces consistent output when given the same
input.  It should be difficult to infer the input given only the output.

I have two questions:

1. What is a proper, safe way of initializing a random value at boot?
Are there any existing examples that do this?

2. Can you recommend a crypto algorithm that would be well suited for
this pointer obfuscation?

Thanks,
Dan

next             reply	other threads:[~2010-11-12 13:38 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-11-12 13:32 Dan Rosenberg [this message]
2010-11-12 17:27 ` [CRYPTO] obfuscating kernel pointers Neil Horman
2010-11-12 17:39   ` Dan Rosenberg
2010-11-12 18:54     ` Neil Horman
2010-11-12 19:03       ` Dan Rosenberg
2010-11-15  8:43 ` Tomas Mraz
2010-11-15 11:21   ` Neil Horman
2010-11-15 11:58   ` Herbert Xu
2010-11-15 12:06     ` Tomas Mraz

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1289568721.3090.267.camel@Dan \
    --to=drosenberg@vsecurity.com \
    --cc=linux-crypto@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.