lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <5a2fb3b0-e469-43b4-b914-4ca0ad16b808@oracle.com>
Date: Tue, 9 Jul 2024 10:00:21 +0200
From: Alexandre Chartre <alexandre.chartre@...cle.com>
To: Borislav Petkov <bp@...en8.de>, linux-kernel@...r.kernel.org
Cc: alexandre.chartre@...cle.com, linux-tip-commits@...r.kernel.org,
        kernel test robot <lkp@...el.com>,
        Josh Poimboeuf <jpoimboe@...nel.org>, x86@...nel.org
Subject: Re: [tip: objtool/core] objtool/x86: objtool can confuse memory and
 stack access



On 7/8/24 18:48, Borislav Petkov wrote:
> On Mon, Jul 08, 2024 at 11:49:24AM -0000, tip-bot2 for Alexandre Chartre wrote:
>>   4c 8b 24 25 e0 ff ff    mov    0xffffffffffffffe0,%r12
> 
> Right, this is missing a "ff" which is the 4th byte of a disp32.
> 
> I.e., ModRM=0, SIB=5 simply means that what follows is a disp32 field:
> 
>   REX:                   0x4c { 4 [w]: 1 [r]: 1 [x]: 0 [b]: 0 }
> Opcode:                 0x8b
> ModRM:                  0x24  [mod:0b][.R:1b,reg:1100b][.B:0b,r/m:100b]
>                          register-indirect mode, offset 0
> SIB:                    0x25 [.B:0b,base:101b][.X:0b,idx:100b][scale: 0]
> 
>   MOV Gv,Ev; MOV reg{16,32,64} reg/mem{16,32,64}
>                 0:       4c 8b 24 25 e0 ff ff    mov 0xffffffffffffffe0,%r12
>                 7:       ff

Ah! Right. I regularly got tricked when the opcode is output on two lines :-(

Sorry.

alex.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ