Date: Mon, 15 Sep 1997 21:57:46 -0700 (PDT) From: Simon Shapiro <Shimon@i-Connect.Net> To: FreeBSD-Hackers@FreeBSD.org Subject: Fast Encryption (in kernel) seeked Message-ID: <XFMail.970915215746.Shimon@i-Connect.Net>
next in thread | raw e-mail | index | archive | help
Hi! It's me again! I have a specific integer (actually a pointer to a structure) which, for performance reasons, I want exported to userspace. What happens with this pointer is that sometimes later it comes back to the kernel. I want a QUICK was to encrypt it so that a melicious user cannot send a bad address into the kernel. The data comes and goes via special /dev entry in the form of READ, WRITE and IOCTL. The pointer in question is to a small structure and the data in the structure is safe from corruption. The reasonm for this mess is that the structure is created/anihilated via malloc/free and the process returning it to the kernel may not be the one that got it from the kernel. Instead of a key to search on, having the address is much faster. The security issue is obvious. If I could have a FAST machanism by which to ``sign'' the address, It would be advantageous way to handle it. If I put just a unique signature that I have to then search for, well, I knwo how to do that, and actually already do that. XORing the pointer can be safe from accidents, but too easy to fake. If this sounds like harebrain idea, it probably is :-) --- Sincerely Yours, (Sent on 15-Sep-97, 21:44:35 by XF-Mail) Simon Shapiro Atlas Telecom Senior Architect 14355 SW Allen Blvd., Suite 130 Beaverton OR 97005 Shimon@i-Connect.Net Voice: 503.643.5559, Emergency: 503.799.2313
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.970915215746.Shimon>