Add documentation for the dynamic code modifications.

src/trusted/validator_ragel/unreviewed/dfa_validate_64.c

 /*
  * Copyright (c) 2012 The Native Client Authors. All rights reserved.
  * Use of this source code is governed by a BSD-style license that can be
  * found in the LICENSE file.
  */
 
 /* Implement the Validator API for the x86-64 architecture. */
 #include <assert.h>
 #include <errno.h>
 #include <stddef.h>
@@ skipping 16 matching lines @@
 
 #define NACL_HALT_OPCODE 0xf4
 
 static Bool ProcessError(const uint8_t *begin, const uint8_t *end,
                          uint32_t info, void *callback_data) {
   UNREFERENCED_PARAMETER(begin);
   UNREFERENCED_PARAMETER(end);
   UNREFERENCED_PARAMETER(info);
 
   /* Instruction is unsupported by CPU, but otherwise valid.  */
-  if ((info & VALIDATION_ERRORS) == CPUID_UNSUPPORTED_INSTRUCTION) {
+  if ((info & VALIDATION_ERRORS_MASK) == CPUID_UNSUPPORTED_INSTRUCTION) {
     *((enum NaClValidationStatus*)callback_data) =
                                             NaClValidationFailedCpuNotSupported;
   }
   return FALSE;
 }
 
 static Bool StubOutCPUUnsupportedInstruction(const uint8_t *begin,
     const uint8_t *end, uint32_t info, void *callback_data) {
   UNREFERENCED_PARAMETER(callback_data);
 
   /* Stubout unsupported by CPU, but otherwise valid instructions.  */
-  if ((info & VALIDATION_ERRORS) == CPUID_UNSUPPORTED_INSTRUCTION) {
+  if ((info & VALIDATION_ERRORS_MASK) == CPUID_UNSUPPORTED_INSTRUCTION) {
     memset((uint8_t *)begin, NACL_HALT_OPCODE, end - begin + 1);
     return TRUE;
   } else {
     return FALSE;
   }
 }
 
 static NaClValidationStatus ApplyDfaValidator_x86_64(
     uintptr_t guest_addr,
     uint8_t *data,
@@ skipping 44 matching lines @@
 
 static Bool ProcessCodeCopyInstruction(const uint8_t *begin_new,
     const uint8_t *end_new, uint32_t info, void *callback_data) {
   struct CodeCopyCallbackData *data = callback_data;
 
   /* Sanity check: instruction must be shorter then 15 bytes.  */
   CHECK(end_new - begin_new < MAX_INSTRUCTION_LENGTH);
 
   return data->copy_func(
       (uint8_t *)begin_new + data->delta,
-      (info & VALIDATION_ERRORS) == CPUID_UNSUPPORTED_INSTRUCTION ?
+      (info & VALIDATION_ERRORS_MASK) == CPUID_UNSUPPORTED_INSTRUCTION ?
         (uint8_t *)kStubOutMem :
         (uint8_t *)begin_new,
       (uint8_t)(end_new - begin_new + 1));
 }
 
 static NaClValidationStatus ValidatorCodeCopy_x86_64(
     uintptr_t guest_addr,
     uint8_t *data_old,
     uint8_t *data_new,
     size_t size,
@@ skipping 25 matching lines @@
     const uint8_t *end_new, uint32_t info, void *callback_data) {
   ptrdiff_t delta = (ptrdiff_t)callback_data;
   size_t instruction_length = end_new - begin_new + 1;
   const uint8_t *begin_old = begin_new + delta;
   const uint8_t *end_old = end_new + delta;
 
   /* Sanity check: instruction must be shorter then 15 bytes.  */
   CHECK(instruction_length <= MAX_INSTRUCTION_LENGTH);
 
   /* Unsupported instruction must have been replaced with HLTs.  */
-  if ((info & VALIDATION_ERRORS) == CPUID_UNSUPPORTED_INSTRUCTION) {
+  if ((info & VALIDATION_ERRORS_MASK) == CPUID_UNSUPPORTED_INSTRUCTION) {
     if (memcmp(kStubOutMem, begin_old, instruction_length) == 0) {
       return TRUE;
     } else {
       return FALSE;
     }
   /* If we have jump which jumps out of it's range...  */
   } else if (info & DIRECT_JUMP_OUT_OF_RANGE) {
     /* then everything is fine if it's the only error and jump is unchanged!  */
-    if ((info & (VALIDATION_ERRORS & ~DIRECT_JUMP_OUT_OF_RANGE)) ||
+    if ((info & (VALIDATION_ERRORS_MASK & ~DIRECT_JUMP_OUT_OF_RANGE)) ||
         memcmp(begin_new, begin_old, instruction_length) != 0)
       return FALSE;
   /* If instruction is not accepted then we have nothing to do here.  */
-  } else if (info & (VALIDATION_ERRORS | BAD_JUMP_TARGET)) {
+  } else if (info & (VALIDATION_ERRORS_MASK | BAD_JUMP_TARGET)) {
     return FALSE;
   /* Instruction is untouched: we are done.  */
   } else if (memcmp(begin_new, begin_old, instruction_length) == 0) {
     return TRUE;
   /* Only some instructions can be modified.  */
   } else if (!(info & MODIFIABLE_INSTRUCTION)) {
     return FALSE;
   /* Instruction with two-bit immediate can only change these two bits.  */
   } else if ((info & IMMEDIATE_2BIT) == IMMEDIATE_2BIT) {
-    if (memcmp(begin_new, begin_old, instruction_length - 1) != 0 ||
+    if (memcmp(begin_new, begin_old,
+                 instruction_length - (info & IMMEDIATES_SIZE_MASK) - 1) != 0 ||
         (*end_new & 0xfc) != (*end_old & 0xfc)) {
       return FALSE;
     }
+  /* Instruction's last byte is not immediate, thus it must be unchanged.  */
   } else if (info & LAST_BYTE_IS_NOT_IMMEDIATE) {
-    if (memcmp(begin_new, begin_old, instruction_length - 1) != 0) {
+    if (memcmp(begin_new, begin_old,
+                 instruction_length - (info & IMMEDIATES_SIZE_MASK) - 1) != 0 ||
+        (*end_new) != (*end_old)) {
       return FALSE;
     }
   /* Normal instruction can only change an immediate.  */
   } else if (memcmp(begin_new, begin_old,
-                          instruction_length - (info & IMMEDIATES_SIZE)) != 0) {
+                     instruction_length - (info & IMMEDIATES_SIZE_MASK)) != 0) {
     return FALSE;
   }
   return TRUE;
 }
 
 static NaClValidationStatus ValidatorCodeReplacement_x86_64(
     uintptr_t guest_addr,
     uint8_t *data_old,
     uint8_t *data_new,
     size_t size,
@@ skipping 18 matching lines @@
 
 static const struct NaClValidatorInterface validator = {
   ApplyDfaValidator_x86_64,
   ValidatorCodeCopy_x86_64,
   ValidatorCodeReplacement_x86_64,
 };
 
 const struct NaClValidatorInterface *NaClDfaValidatorCreate_x86_64() {
   return &validator;
 }