diff options
| author | jkim <jkim@FreeBSD.org> | 2008-08-18 19:14:26 +0000 |
|---|---|---|
| committer | jkim <jkim@FreeBSD.org> | 2008-08-18 19:14:26 +0000 |
| commit | 9847f32c4eeb6e1c4d2dd5c95b9fdd4b378c85fe (patch) | |
| tree | 0ad0caaac1378e69faf24b4282c11ea64c5547c8 /sys/amd64/amd64/bpf_jit_machdep.c | |
| parent | 2e51cd9be9bf3bb0d8870d6f2117847e6da04a9e (diff) | |
| download | FreeBSD-src-9847f32c4eeb6e1c4d2dd5c95b9fdd4b378c85fe.zip FreeBSD-src-9847f32c4eeb6e1c4d2dd5c95b9fdd4b378c85fe.tar.gz | |
Correctly check unsignedness of all BPF_LD|BPF_IND instructions.
This is roughly from sys/net/bpf_filter.c r1.12 and r1.14.
Diffstat (limited to 'sys/amd64/amd64/bpf_jit_machdep.c')
| -rw-r--r-- | sys/amd64/amd64/bpf_jit_machdep.c | 90 |
1 files changed, 55 insertions, 35 deletions
diff --git a/sys/amd64/amd64/bpf_jit_machdep.c b/sys/amd64/amd64/bpf_jit_machdep.c index 90eb735..2ccb6ac 100644 --- a/sys/amd64/amd64/bpf_jit_machdep.c +++ b/sys/amd64/amd64/bpf_jit_machdep.c @@ -167,11 +167,13 @@ bpf_jit_compile(struct bpf_insn *prog, u_int nins, int *mem) break; case BPF_LD|BPF_W|BPF_ABS: - MOVid(ins->k, ECX); - MOVrd(ECX, ESI); - ADDib(sizeof(int32_t), ECX); - CMPrd(EDI, ECX); - JBEb(6); + MOVid(ins->k, ESI); + CMPrd(EDI, ESI); + JAb(12); + MOVrd(EDI, ECX); + SUBrd(ESI, ECX); + CMPid(sizeof(int32_t), ECX); + JAEb(6); ZEROrd(EAX); MOVrq3(R8, RBX); RET(); @@ -181,11 +183,13 @@ bpf_jit_compile(struct bpf_insn *prog, u_int nins, int *mem) case BPF_LD|BPF_H|BPF_ABS: ZEROrd(EAX); - MOVid(ins->k, ECX); - MOVrd(ECX, ESI); - ADDib(sizeof(int16_t), ECX); - CMPrd(EDI, ECX); - JBEb(4); + MOVid(ins->k, ESI); + CMPrd(EDI, ESI); + JAb(12); + MOVrd(EDI, ECX); + SUBrd(ESI, ECX); + CMPid(sizeof(int16_t), ECX); + JAEb(4); MOVrq3(R8, RBX); RET(); MOVobw(RBX, RSI, AX); @@ -194,12 +198,12 @@ bpf_jit_compile(struct bpf_insn *prog, u_int nins, int *mem) case BPF_LD|BPF_B|BPF_ABS: ZEROrd(EAX); - MOVid(ins->k, ECX); - CMPrd(EDI, ECX); - JBEb(4); + MOVid(ins->k, ESI); + CMPrd(EDI, ESI); + JBb(4); MOVrq3(R8, RBX); RET(); - MOVobb(RBX, RCX, AL); + MOVobb(RBX, RSI, AL); break; case BPF_LD|BPF_W|BPF_LEN: @@ -211,12 +215,18 @@ bpf_jit_compile(struct bpf_insn *prog, u_int nins, int *mem) break; case BPF_LD|BPF_W|BPF_IND: - MOVid(ins->k, ECX); - ADDrd(EDX, ECX); - MOVrd(ECX, ESI); - ADDib(sizeof(int32_t), ECX); - CMPrd(EDI, ECX); - JBEb(6); + CMPrd(EDI, EDX); + JAb(27); + MOVid(ins->k, ESI); + MOVrd(EDI, ECX); + SUBrd(EDX, ECX); + CMPrd(ESI, ECX); + JBb(14); + ADDrd(EDX, ESI); + MOVrd(EDI, ECX); + SUBrd(ESI, ECX); + CMPid(sizeof(int32_t), ECX); + JAEb(6); ZEROrd(EAX); MOVrq3(R8, RBX); RET(); @@ -226,12 +236,18 @@ bpf_jit_compile(struct bpf_insn *prog, u_int nins, int *mem) case BPF_LD|BPF_H|BPF_IND: ZEROrd(EAX); - MOVid(ins->k, ECX); - ADDrd(EDX, ECX); - MOVrd(ECX, ESI); - ADDib(sizeof(int16_t), ECX); - CMPrd(EDI, ECX); - JBEb(4); + CMPrd(EDI, EDX); + JAb(27); + MOVid(ins->k, ESI); + MOVrd(EDI, ECX); + SUBrd(EDX, ECX); + CMPrd(ESI, ECX); + JBb(14); + ADDrd(EDX, ESI); + MOVrd(EDI, ECX); + SUBrd(ESI, ECX); + CMPid(sizeof(int16_t), ECX); + JAEb(4); MOVrq3(R8, RBX); RET(); MOVobw(RBX, RSI, AX); @@ -240,24 +256,28 @@ bpf_jit_compile(struct bpf_insn *prog, u_int nins, int *mem) case BPF_LD|BPF_B|BPF_IND: ZEROrd(EAX); - MOVid(ins->k, ECX); - ADDrd(EDX, ECX); - CMPrd(EDI, ECX); - JBEb(4); + CMPrd(EDI, EDX); + JAEb(13); + MOVid(ins->k, ESI); + MOVrd(EDI, ECX); + SUBrd(EDX, ECX); + CMPrd(ESI, ECX); + JAb(4); MOVrq3(R8, RBX); RET(); - MOVobb(RBX, RCX, AL); + ADDrd(EDX, ESI); + MOVobb(RBX, RSI, AL); break; case BPF_LDX|BPF_MSH|BPF_B: - MOVid(ins->k, ECX); - CMPrd(EDI, ECX); - JBEb(6); + MOVid(ins->k, ESI); + CMPrd(EDI, ESI); + JBb(6); ZEROrd(EAX); MOVrq3(R8, RBX); RET(); ZEROrd(EDX); - MOVobb(RBX, RCX, DL); + MOVobb(RBX, RSI, DL); ANDib(0x0f, DL); SHLib(2, EDX); break; |
