On Fri, May 22, 2015 at 12:01:58AM +0200, Borislav Petkov wrote: > On Thu, May 21, 2015 at 03:54:25PM -0500, Josh Poimboeuf wrote: > > stackvalidate: arch/x86/lib/memmove_64.o: return instruction outside of a function at .altinstr_replacement+0x5 > > That must be something like this: > > 0000000000000000 <.altinstr_replacement>: > 0: 48 89 d1 mov %rdx,%rcx > 3: f3 a4 rep movsb %ds:(%rsi),%es:(%rdi) > 5: c3 retq > > right? > > In any case, anything with alternatives is probably a false positive > because even if instructions appear outside of the containing function, > they get patched in and are actually inside. Jump offsets get fixed up > properly too. Should, at least :-) Hm, alternatives do complicate things a bit. It *is* a false positive, but not necessarily because its part of an alternative instruction block. The above code would be patched into memmove(), which is a leaf function because it doesn't call any other functions. Leaf functions don't need frame pointer logic, so we can ignore them. If instead the above code were patched into a non-leaf function, we'd have to change it to restore the frame pointer before returning. -- Josh -- To unsubscribe from this list: send the line "unsubscribe live-patching" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
