Real Mode use two 16 bit registor to represent 20bit address space • segment:offset => segment << 4 + offset • Can use up 1MB memory ( 1MB = 220 ) • Protect Mode • segment:offset => Segment Descriptor + offset 8
equal) • jne <label> (jump when not equal) • jz <label> (jump when last result was zero) • jg <label> (jump when greater than) • jge <label> (jump when greater than or equal to) • jl <label> (jump when less than) • jle <label> (jump when less than or equal to) 16
and the Linux kernel • Put value on registers eax, ebx • eax represent system call number • ebx, ecx …… represent arguments • Finally, execute int 0x80 instruction • Return value will put on eax register • If you want to know more about system call, type man 2 system_call (ex:open) • http://docs.cs.up.ac.za/programming/asm/derick_tut/syscalls.html 23
-m elf_i386 -s -o practice practice.o ./practice //Hello, world! 24 section .text global _start ;must be declared for linker (ld) _start: ;tell linker entry point ;You are going to practice system call ;What you should do? ;put system call number in %eax ;put fd number in %ebx ;put string address in %ecx ;put string length in %edx ;interrupt section .data msg db 'Hello, world!',0xa ;our dear string len equ $ - msg ;length of our dear string
//or just download it wget http://people.cs.nctu.edu.tw/~wp chen/sum objdump -d sum | less 27 #include<stdio.h> int sum(int i,int j) { int sum; sum=i+j; return sum; } int main(void) { int i; int j; int k; scanf("%d%d",&i,&j); k=sum(i,j); printf("Sum:%d\n",k); return 0; }
to 16 bytes. After this operation esp will be less than or equal to what it was before this operation, so the stack may grow, which protects anything that might already be on the stack. This is sometimes done in main just in case the function is called with an unaligned stack, which can cause things to be really slow (16 byte is a cache line width on x86, I think, though 4 byte alignment is what is really important here). If main has a unaligned stack the rest of the program will too. http://stackoverflow.com/questions/4228261/understanding-the- purpose-of-some-assembly-statements 29
some padding to make it align to word boundary You have to inspect the assembly code to know the exactly stack position There are special instructions called SSE2 on x86 CPUs do require the data to be 128-bit (16-byte) aligned Most of the SSE2 instructions implement the integer vector operations also found in MMX https://en.wikipedia.org/wiki/Data_structure_alignment 35
Linux System Call Table http://docs.cs.up.ac.za/programming/asm/derick_tut/syscalls.html • Wiki https://en.wikipedia.org/wiki/X86_assembly_language https://en.wikibooks.org/wiki/X86_Assembly/Interfacing_with_Linux https://en.wikipedia.org/wiki/Data_structure_alignment 38
bananaappletw
bkuhlmann
kj455
tatamiya
demuyan
ttskch
konifar
.JPG){kind=avatar}
ymd65536
polamjag
pospome
77web
sugarenia
rmw
addyosmani
jnunemaker
chrislema
kastner
rocio
danielanewman
bermonpainter
edds
jcasabona
davidbonilla
![Memory Operands Intel Syntax • mov eax,[ebx] • mov eax,[ebx+3]](https://files.speakerdeck.com/presentations/4cf4e3d913c143faaf5a60dd0e23edd8/slide_20.jpg){kind=link}
![Suffixes Intel Syntax • Instr foo,segreg:[base+index*scale+di sp] • mov eax,[ebx+20h]](https://files.speakerdeck.com/presentations/4cf4e3d913c143faaf5a60dd0e23edd8/slide_21.jpg){kind=link}
