about summary refs log blame commit diff stats
path: root/modrm.pdf
blob: 552aec5363ab48130a5945966f284c22833d4b75 (plain) (tree)
blob is binary.
a>) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
ik/mu/blame/init.linux?h=hlt&id=3b5b19df66c0de4f916ba00298c6e000fc69de71'>^
1
2
3
4
5
6
7
8
9
10
11
12
13












                                                                        
                                                                     


                                                  
                                



                                                  
                                                                                      




                                                   
                                                                                       




                                                  
                                                                                                            




                                                   
                                           



                          





                                                               
                                                   
                                                                            




                                                    
                                                                        




                                                    
                                                                                                      




                                                                                                  
                                                                   



                                                                         




                                                              
 
                                              


                                    




                                                                  
# Some OS-specific preliminaries for Linux.

# Memory layout
#
#          0 - 0x08047ffff - reserved for the kernel
# 0x08048000 - 0xbffffffff - available for user programs
# 0xc0000000 - 0xfffffffff - reserved for the kernel
== code 0x09000000
== data 0x0a000000

# Syscalls
#
# We don't have libc, so we need to know Linux's precise syscall layout.
# These are not real functions. Pass arguments in specific registers.
== code

# http://man7.org/linux/man-pages/man2/exit.2.html
syscall_exit:  # status/ebx: int
    b8/copy-to-eax 1/imm32
    cd/syscall 0x80/imm8

# http://man7.org/linux/man-pages/man2/read.2.html
syscall_read:  # fd/ebx: int, buf/ecx: addr, size/edx: int -> nbytes-or-error/eax: int
    b8/copy-to-eax 3/imm32
    cd/syscall 0x80/imm8
    c3/return

# http://man7.org/linux/man-pages/man2/write.2.html
syscall_write:  # fd/ebx: int, buf/ecx: addr, size/edx: int -> nbytes-or-error/eax: int
    b8/copy-to-eax 4/imm32
    cd/syscall 0x80/imm8
    c3/return

# http://man7.org/linux/man-pages/man2/open.2.html
syscall_open:  # filename/ebx: (addr kernel-string), flags/ecx: int, dummy=0x180/edx -> fd-or-error/eax: int
    b8/copy-to-eax 5/imm32
    cd/syscall 0x80/imm8
    c3/return

# http://man7.org/linux/man-pages/man2/close.2.html
syscall_close:  # fd/ebx: int -> status/eax
    b8/copy-to-eax 6/imm32
    cd/syscall 0x80/imm8
    c3/return

# http://man7.org/linux/man-pages/man2/lseek.2.html
syscall_lseek:  # fd/ebx: int, offset/ecx: int, whence/edx: int
    b8/copy-to-eax 0x13/imm32
    cd/syscall 0x80/imm8
    c3/return

# http://man7.org/linux/man-pages/man2/creat.2.html
syscall_creat:  # filename/ebx: (addr kernel-string) -> fd-or-error/eax: int
    b8/copy-to-eax 8/imm32
    cd/syscall 0x80/imm8
    c3/return

# http://man7.org/linux/man-pages/man2/unlink.2.html
syscall_unlink:  # filename/ebx: (addr kernel-string) -> status/eax: int
    b8/copy-to-eax 0xa/imm32
    cd/syscall 0x80/imm8
    c3/return

# http://man7.org/linux/man-pages/man2/rename.2.html
syscall_rename:  # source/ebx: (addr kernel-string), dest/ecx: (addr kernel-string) -> status/eax: int
    b8/copy-to-eax 0x26/imm32
    cd/syscall 0x80/imm8
    c3/return

# https://github.com/torvalds/linux/blob/fa121bb3fed6313b1f0af23952301e06cf6d32ed/mm/nommu.c#L1352
syscall_mmap:  # arg/ebx: (addr mmap_arg_struct) -> status/eax: int
    # the important thing: ebx+4 contains the 32-bit size to be allocated
    b8/copy-to-eax 0x5a/imm32
    cd/syscall 0x80/imm8
    c3/return

syscall_ioctl:  # fd/ebx: int, cmd/ecx: int, arg/edx: (addr _)
    b8/copy-to-eax 0x36/imm32
    cd/syscall 0x80/imm8
    c3/return

syscall_nanosleep:  # req/ebx: (addr timespec)
    b8/copy-to-eax 0xa2/imm32  # 162
    cd/syscall 0x80/imm8
    c3/return

syscall_clock_gettime:  # clock/ebx: int, out/ecx: (addr timespec)
    b8/copy-to-eax 0x109/imm32  # 265
    cd/syscall 0x80/imm8
    c3/return