VirtualBox

Changeset 66847 in vbox for trunk/src/VBox/HostDrivers


Ignore:
Timestamp:
May 9, 2017 11:55:28 AM (8 years ago)
Author:
vboxsync
Message:

Support/posix: use the alternative approach

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/VBox/HostDrivers/Support/posix/SUPR3HardenedMain-posix.cpp

    r66846 r66847  
    369369
    370370    /*
    371      * Each relative call requires extra bytes as it is converted to four push imm16
    372      * + a jmp qword [$+8 wrt RIP] to avoid clobbering registers.
    373      */
    374     cbPatchMem += cRelCalls * RT_ALIGN_32(4 * 4 + 6 + 8, 8);
     371     * Each relative call requires extra bytes as it is converted to a pushq imm32
     372     * + mov [RSP+4], imm32 + a jmp qword [$+8 wrt RIP] to avoid clobbering registers.
     373     */
     374    cbPatchMem += cRelCalls * RT_ALIGN_32(13 + 6 + 8, 8);
    375375    cbPatchMem += 14; /* jmp qword [$+8 wrt RIP] + 8 byte address to jump to. */
    376376    cbPatchMem = RT_ALIGN_32(cbPatchMem, 8);
     
    459459            /* Skip the push instructions till the return address is known. */
    460460            uint8_t *pbPatchMemPush = pbPatchMem;
    461             pbPatchMem += 4 * 4;
     461            pbPatchMem += 13;
    462462
    463463            *pbPatchMem++ = 0xff; /* jmp qword [$+8 wrt RIP] */
     
    470470            /* Push the return address onto stack. Difficult on amd64 without clobbering registers... */
    471471            uintptr_t uAddrReturn = (uintptr_t)pbPatchMem;
    472             *pbPatchMemPush++ = 0x66; /* operand size 64-bit => 16-bit */
    473             *pbPatchMemPush++ = 0x68; /* push imm16 */
    474             *(uint16_t *)pbPatchMemPush = (uAddrReturn >> 48) & 0xffff;
    475             pbPatchMemPush += sizeof(uint16_t);
    476             *pbPatchMemPush++ = 0x66; /* operand size 64-bit => 16-bit */
    477             *pbPatchMemPush++ = 0x68; /* push imm16 */
    478             *(uint16_t *)pbPatchMemPush = (uAddrReturn >> 32) & 0xffff;
    479             pbPatchMemPush += sizeof(uint16_t);
    480             *pbPatchMemPush++ = 0x66; /* operand size 64-bit => 16-bit */
    481             *pbPatchMemPush++ = 0x68; /* push imm16 */
    482             *(uint16_t *)pbPatchMemPush = (uAddrReturn >> 16) & 0xffff;
    483             pbPatchMemPush += sizeof(uint16_t);
    484             *pbPatchMemPush++ = 0x66; /* operand size 64-bit => 16-bit */
    485             *pbPatchMemPush++ = 0x68; /* push imm16 */
    486             *(uint16_t *)pbPatchMemPush =  uAddrReturn        & 0xffff;
     472            *pbPatchMemPush++ = 0x68; /* push imm32 sign-extended as 64-bit*/
     473            *(uint32_t *)pbPatchMemPush = RT_LO_U32(uAddrReturn);
     474            pbPatchMemPush += sizeof(uint32_t);
     475            *pbPatchMemPush++ = 0xc7;
     476            *pbPatchMemPush++ = 0x44;
     477            *pbPatchMemPush++ = 0x24;
     478            *pbPatchMemPush++ = 0x04; /* movl [RSP+4], imm32 */
     479            *(uint32_t *)pbPatchMemPush = RT_HI_U32(uAddrReturn);
    487480        }
    488481        else
Note: See TracChangeset for help on using the changeset viewer.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette