On Mon, 2011-09-19 at 20:51 +0300, Pekka Enberg wrote: > How is the attacker able to identify that we kmalloc()'d from ecryptfs or > VFS based on non-root /proc/slabinfo when the slab allocator itself does > not have that sort of information if you mix up the allocations? Isn't this > much stronger protection especially if you combine that with /proc/slabinfo > restriction? Mixing it up just adds noise. It makes the attack somewhat more difficult, but it still leaves open the possibility that the attacker can filter out the noise somehow. -- Dave -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Fight unfair telecom internet charges in Canada: sign http://stopthemeter.ca/ Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>