> > > >> + func = (u8 *)seccomp_bpf_load;
> > > >> + t_offset = func - (image + addrs[i]);
> > > >> + EMIT1_off32(0xbf, K); /* mov imm32,%edi
> > > >> */
> > > >> + EMIT1_off32(0xe8, t_offset); /* call
> > > >> seccomp_bpf_load */
> > > >> + break;
> > > >> +#endif
> > > >
> > > > This seems seriously wrong to me.
> > >
> > > Can you elaborate?
> >
> > The 'call seccomp_bpf_load' needs a pc-relative offset,
> > I assume that is what EMIT1_off32() generates.
> >
> > The other two instructions want an absolute 32 bit value...
>
> Hmm, this part is fine, we perform the relative adjustments in
> t_offset = func - (image + addrs[i]);
The call needs the displacement from the address of
the instruction following the call.
I can't imagine any way in which above can allow for the 5 byte
'mov imm32,%edi' instruction.
I'd have thought there would be an EMIT1_imm32().
(I've written a lot of x86 asm in my days!)
David
