|
|
|
|
|
|
|
|
trampoline. Instead the jump in the trampoline needs to be modified so it jumps |
|
|
trampoline. Instead the jump in the trampoline needs to be modified so it jumps |
|
|
back to the original destinations |
|
|
back to the original destinations |
|
|
|
|
|
|
|
|
|
|
|
Test case: RIP relative |
|
|
|
|
|
======================= |
|
|
|
|
|
|
|
|
|
|
|
XXX TODO XXX |
|
|
|
|
|
|
|
|
|
|
|
Test case: AVX & RDRAND |
|
|
|
|
|
======================= |
|
|
|
|
|
The AMD64 instruction set is extended with every CPU generation. Becayse the |
|
|
|
|
|
hooking engines need to know the instruction lengths and their side effects to |
|
|
|
|
|
properly apply their hooks, they need to keep up. |
|
|
|
|
|
|
|
|
|
|
|
The actual code in the test case is boring and doesn't matter. I'm sure there |
|
|
|
|
|
are disagreements on whether I've picked good candidates of "exotic" or new |
|
|
|
|
|
instructions, but those were the first that came to mind. |
|
|
|
|
|
|
|
|
(Preliminary) Results |
|
|
(Preliminary) Results |
|
|
===================== |
|
|
===================== |
|
|
+----------+-----+------+------------+---+------+----+-------+ |
|
|
+----------+-----+------+------------+---+------+----+-------+ |