From c7fd90cb71b1d79cfb62c9dcdf709c0b9b634fc4 Mon Sep 17 00:00:00 2001 From: mortimer Date: Mon, 10 Jul 2017 00:59:24 +0000 Subject: [PATCH] Replace codepatch nopsleds with trapsleds. ok sf@ mlarkin@ suggested by deraadt@ --- sys/arch/amd64/amd64/codepatch.c | 36 ++++++++++++++------------------ sys/arch/i386/i386/codepatch.c | 36 ++++++++++++++------------------ 2 files changed, 32 insertions(+), 40 deletions(-) diff --git a/sys/arch/amd64/amd64/codepatch.c b/sys/arch/amd64/amd64/codepatch.c index 323704415a7..a5bb847317e 100644 --- a/sys/arch/amd64/amd64/codepatch.c +++ b/sys/arch/amd64/amd64/codepatch.c @@ -1,4 +1,4 @@ -/* $OpenBSD: codepatch.c,v 1.4 2017/07/01 19:38:41 sf Exp $ */ +/* $OpenBSD: codepatch.c,v 1.5 2017/07/10 00:59:24 mortimer Exp $ */ /* * Copyright (c) 2014-2015 Stefan Fritsch * @@ -36,20 +36,6 @@ CTASSERT(sizeof(struct codepatch) % 8 == 0); extern struct codepatch codepatch_begin; extern struct codepatch codepatch_end; -#define NOP_LEN_MAX 9 - -static const unsigned char nops[][NOP_LEN_MAX] = { - { 0x90 }, - { 0x66, 0x90 }, - { 0x0F, 0x1F, 0x00 }, - { 0x0F, 0x1F, 0x40, 0x00 }, - { 0x0F, 0x1F, 0x44, 0x00, 0x00 }, - { 0x66, 0x0F, 0x1F, 0x44, 0x00, 0x00 }, - { 0x0F, 0x1F, 0x80, 0x00, 0x00, 0x00, 0x00 }, - { 0x0F, 0x1F, 0x84, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x66, 0x0F, 0x1F, 0x84, 0x00, 0x00, 0x00, 0x00, 0x00}, -}; - void codepatch_fill_nop(void *caddr, uint16_t len) { @@ -57,11 +43,21 @@ codepatch_fill_nop(void *caddr, uint16_t len) uint16_t nop_len; while (len > 0) { - if (len <= NOP_LEN_MAX) - nop_len = len; - else - nop_len = NOP_LEN_MAX; - memcpy(addr, nops[nop_len-1], nop_len); + nop_len = len < 127 ? len : 127; + switch (nop_len) { + case 1: + addr[0] = 0x90; + break; + case 2: + addr[0] = 0x66; + addr[1] = 0x90; + break; + default: + addr[0] = 0xEB; + addr[1] = nop_len - 2; + memset(addr + 2, 0xCC, nop_len - 2); + break; + } addr += nop_len; len -= nop_len; } diff --git a/sys/arch/i386/i386/codepatch.c b/sys/arch/i386/i386/codepatch.c index 42c18892e9e..cd44bc33cec 100644 --- a/sys/arch/i386/i386/codepatch.c +++ b/sys/arch/i386/i386/codepatch.c @@ -1,4 +1,4 @@ -/* $OpenBSD: codepatch.c,v 1.3 2017/07/01 19:42:59 sf Exp $ */ +/* $OpenBSD: codepatch.c,v 1.4 2017/07/10 00:59:24 mortimer Exp $ */ /* * Copyright (c) 2014-2015 Stefan Fritsch * @@ -35,20 +35,6 @@ struct codepatch { extern struct codepatch codepatch_begin; extern struct codepatch codepatch_end; -#define NOP_LEN_MAX 9 - -static const unsigned char nops[][NOP_LEN_MAX] = { - { 0x90 }, - { 0x66, 0x90 }, - { 0x0F, 0x1F, 0x00 }, - { 0x0F, 0x1F, 0x40, 0x00 }, - { 0x0F, 0x1F, 0x44, 0x00, 0x00 }, - { 0x66, 0x0F, 0x1F, 0x44, 0x00, 0x00 }, - { 0x0F, 0x1F, 0x80, 0x00, 0x00, 0x00, 0x00 }, - { 0x0F, 0x1F, 0x84, 0x00, 0x00, 0x00, 0x00, 0x00 }, - { 0x66, 0x0F, 0x1F, 0x84, 0x00, 0x00, 0x00, 0x00, 0x00}, -}; - void codepatch_fill_nop(void *caddr, uint16_t len) { @@ -78,11 +64,21 @@ codepatch_fill_nop(void *caddr, uint16_t len) } while (len > 0) { - if (len <= NOP_LEN_MAX) - nop_len = len; - else - nop_len = NOP_LEN_MAX; - memcpy(addr, nops[nop_len-1], nop_len); + nop_len = len < 127 ? len : 127; + switch (nop_len) { + case 1: + addr[0] = 0x90; + break; + case 2: + addr[0] = 0x66; + addr[1] = 0x90; + break; + default: + addr[0] = 0xEB; + addr[1] = nop_len - 2; + memset(addr + 2, 0xCC, nop_len - 2); + break; + } addr += nop_len; len -= nop_len; } -- 2.20.1