summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Fritsch <sf@cvs.openbsd.org>2017-07-01 19:43:00 +0000
committerStefan Fritsch <sf@cvs.openbsd.org>2017-07-01 19:43:00 +0000
commit6a53fc145d153ecd66f051140bfec37034967992 (patch)
treef7a62ee5b3d23b995eaa39686ca07957e9570e02
parentf9cf5944cb96c895e5a6ef3c2072498c7f6de7f1 (diff)
Use absolute pointers in codepatch entries
Instead of offsets to KERNBASE, store absolute pointers in the codepatch entries. KERNBASE will go away when ASLR is introduced. Requested by deraadt@
-rw-r--r--sys/arch/i386/i386/codepatch.c25
-rw-r--r--sys/arch/i386/include/codepatch.h4
2 files changed, 13 insertions, 16 deletions
diff --git a/sys/arch/i386/i386/codepatch.c b/sys/arch/i386/i386/codepatch.c
index 9b5b305bc2a..42c18892e9e 100644
--- a/sys/arch/i386/i386/codepatch.c
+++ b/sys/arch/i386/i386/codepatch.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: codepatch.c,v 1.2 2017/03/26 23:27:44 jca Exp $ */
+/* $OpenBSD: codepatch.c,v 1.3 2017/07/01 19:42:59 sf Exp $ */
/*
* Copyright (c) 2014-2015 Stefan Fritsch <sf@sfritsch.de>
*
@@ -27,7 +27,7 @@
#endif
struct codepatch {
- uint32_t offset;
+ vaddr_t addr;
uint16_t len;
uint16_t tag;
};
@@ -132,7 +132,7 @@ codepatch_nop(uint16_t tag)
{
struct codepatch *patch;
unsigned char *rwaddr;
- vaddr_t addr, rwmap = 0;
+ vaddr_t rwmap = 0;
int i = 0;
DBGPRINT("patching tag %u", tag);
@@ -140,8 +140,7 @@ codepatch_nop(uint16_t tag)
for (patch = &codepatch_begin; patch < &codepatch_end; patch++) {
if (patch->tag != tag)
continue;
- addr = KERNBASE + patch->offset;
- rwaddr = codepatch_maprw(&rwmap, addr);
+ rwaddr = codepatch_maprw(&rwmap, patch->addr);
codepatch_fill_nop(rwaddr, patch->len);
i++;
}
@@ -155,7 +154,7 @@ codepatch_replace(uint16_t tag, void *code, size_t len)
{
struct codepatch *patch;
unsigned char *rwaddr;
- vaddr_t addr, rwmap = 0;
+ vaddr_t rwmap = 0;
int i = 0;
DBGPRINT("patching tag %u with %p", tag, code);
@@ -163,13 +162,12 @@ codepatch_replace(uint16_t tag, void *code, size_t len)
for (patch = &codepatch_begin; patch < &codepatch_end; patch++) {
if (patch->tag != tag)
continue;
- addr = KERNBASE + patch->offset;
if (len > patch->len) {
panic("%s: can't replace len %u with %zu at %#lx",
- __func__, patch->len, len, addr);
+ __func__, patch->len, len, patch->addr);
}
- rwaddr = codepatch_maprw(&rwmap, addr);
+ rwaddr = codepatch_maprw(&rwmap, patch->addr);
memcpy(rwaddr, code, len);
codepatch_fill_nop(rwaddr + len, patch->len - len);
i++;
@@ -186,20 +184,19 @@ codepatch_call(uint16_t tag, void *func)
unsigned char *rwaddr;
int32_t offset;
int i = 0;
- vaddr_t addr, rwmap = 0;
+ vaddr_t rwmap = 0;
DBGPRINT("patching tag %u with call %p", tag, func);
for (patch = &codepatch_begin; patch < &codepatch_end; patch++) {
if (patch->tag != tag)
continue;
- addr = KERNBASE + patch->offset;
if (patch->len < 5)
panic("%s: can't replace len %u with call at %#lx",
- __func__, patch->len, addr);
+ __func__, patch->len, patch->addr);
- offset = (vaddr_t)func - (addr + 5);
- rwaddr = codepatch_maprw(&rwmap, addr);
+ offset = (vaddr_t)func - (patch->addr + 5);
+ rwaddr = codepatch_maprw(&rwmap, patch->addr);
rwaddr[0] = 0xe8; /* call near */
memcpy(rwaddr + 1, &offset, sizeof(offset));
codepatch_fill_nop(rwaddr + 5, patch->len - 5);
diff --git a/sys/arch/i386/include/codepatch.h b/sys/arch/i386/include/codepatch.h
index cf9ad7abaca..89791f46d8b 100644
--- a/sys/arch/i386/include/codepatch.h
+++ b/sys/arch/i386/include/codepatch.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: codepatch.h,v 1.1 2015/04/19 06:27:17 sf Exp $ */
+/* $OpenBSD: codepatch.h,v 1.2 2017/07/01 19:42:59 sf Exp $ */
/*
* Copyright (c) 2014-2015 Stefan Fritsch <sf@sfritsch.de>
*
@@ -41,7 +41,7 @@ void codepatch_call(uint16_t tag, void *func);
#define CODEPATCH_END(tag) \
999: \
.section .codepatch, "a" ;\
- .int (998b - KERNBASE) ;\
+ .int 998b ;\
.short (999b - 998b) ;\
.short tag ;\
.previous