VirtualBox

Changeset 66845 in vbox


Ignore:
Timestamp:
May 9, 2017 11:16:57 AM (8 years ago)
Author:
vboxsync
Message:

Support/posix: harder than expected

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/VBox/HostDrivers/Support/posix/SUPR3HardenedMain-posix.cpp

    r66844 r66845  
    369369
    370370    /*
    371      * Each relative call requires extra bytes as it is converted to a push imm64
     371     * Each relative call requires extra bytes as it is converted to four push imm16
    372372     * + a jmp qword [$+8 wrt RIP] to avoid clobbering registers.
    373373     */
    374     cbPatchMem += cRelCalls * RT_ALIGN_32(9 + 6 + 8, 8);
     374    cbPatchMem += cRelCalls * RT_ALIGN_32(4 * 4 + 6 + 8, 8);
    375375    cbPatchMem += 14; /* jmp qword [$+8 wrt RIP] + 8 byte address to jump to. */
    376376    cbPatchMem = RT_ALIGN_32(cbPatchMem, 8);
     
    457457            uintptr_t uAddr = (uintptr_t)&pbTarget[offInsn + cbInstr] + (intptr_t)Dis.Param1.uValue;
    458458
    459             /* Skip the initial push instructions till the return address is known. */
     459            /* Skip the push instructions till the return address is known. */
    460460            uint8_t *pbPatchMemPush = pbPatchMem;
    461             pbPatchMem += 9;
     461            pbPatchMem += 4 * 4;
    462462
    463463            *pbPatchMem++ = 0xff; /* jmp qword [$+8 wrt RIP] */
     
    468468            pbPatchMem += sizeof(uint64_t);
    469469
    470             /* Push the return address onto the stack. */
    471             uintptr_t uAddrReturn = (uintptr_t)pbPatchMem;
    472             *pbPatchMemPush++ = 0x68; /* push imm64 */
    473             *(uint64_t *)pbPatchMemPush = uAddrReturn;
     470            /* Push the return address onto stack. Difficult on amd64 without clobbering registers... */
     471            *pbPatchMemPush++ = 0x66; /* operand size 64-bit => 16-bit */
     472            *pbPatchMemPush++ = 0x68; /* push imm16 */
     473            *(uint16_t *)pbPatchMemPush = (uAddrReturn >> 48) & 0xffff;
     474            pbPatchMemPush += sizeof(uint16_t);
     475            *pbPatchMemPush++ = 0x66; /* operand size 64-bit => 16-bit */
     476            *pbPatchMemPush++ = 0x68; /* push imm16 */
     477            *(uint16_t *)pbPatchMemPush = (uAddrReturn >> 32) & 0xffff;
     478            pbPatchMemPush += sizeof(uint16_t);
     479            *pbPatchMemPush++ = 0x66; /* operand size 64-bit => 16-bit */
     480            *pbPatchMemPush++ = 0x68; /* push imm16 */
     481            *(uint16_t *)pbPatchMemPush = (uAddrReturn >> 16) & 0xffff;
     482            pbPatchMemPush += sizeof(uint16_t);
     483            *pbPatchMemPush++ = 0x66; /* operand size 64-bit => 16-bit */
     484            *pbPatchMemPush++ = 0x68; /* push imm16 */
     485            *(uint16_t *)pbPatchMemPush =  uAddrReturn        & 0xffff;
    474486        }
    475487        else
Note: See TracChangeset for help on using the changeset viewer.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette