It has been a while ;D !!
Today I saw that Mac OS X 10.11 introduces a new Mitigation to generate less kernel info leaks in future. The Mitigation I’m talking about can be tested in an Kernel Extension when you for example try to print the address of an API implemented in the kernel.
Using printf(“address(‘vfs_context_current’) == %llx”, vfs_context_current); won’t work anymore as you would expect it should work. Instead of printing the address of the function if will replace the output with a small string “<ptr>”.
Of course this protection can be easily broken if you for example xor these values or use something like %c%c%c%c and so on….
Nevertheless to me it makes sense. Just imagine the huge number of amateur coders which don’t think about the impact of a leaked address. I’ve seen worse mitigations, hehe.