flat assembler
Message board for the users of flat assembler.

Index > Windows > Help - Jumping Out of .obj Linked fasm code to C code

Author
Thread Post new topic Reply to topic
HyperVista



Joined: 18 Apr 2005
Posts: 691
Location: Virginia, USA
HyperVista 04 Feb 2007, 20:50
I need some help and guidance on how to best jump out of .obj linked fasm code to a C function within the program containing the linked fasm. I'm implementing my hypervisor as a Windows device driver. I'm doing some "defensive" programming and want to implement the fasm module so that it will jump out of the fasm code if certain conditions are not met and call C code driver exit functions.

One of several fasm modules that I may need to jump out of to C driver code is the function that sets CR4.VMXE[bit 13]. If for some reason I'm not able to set that bit, I need to jump out of the fasm code performing the failed bit set routine and call the C driver code that forces the driver to exit. In the following example, I simply write a debugprint message stating that the bit was not set. I really need to end the driver code if that happens and want some guidance on the best way to do that. Naturally, the drive code has a driver unload function and that's the function I want to call.

rough example code:

Code:
format MS COFF

section '.text' code readable executable

public hvcr4set as '_hvcr4set@0'

hvcr4set:

   jmp start

   start:
   pusha
   mov eax,CR4
   and ah,0x20          ; test to see if CR4[VMXE] bit 13 is set
   jz Not_Set
   jmp Set
   ret

   Set:
   popa
   mov eax,Bit_Set
   ret

   Not_Set:
   xor eax, eax         ; ensure we don't set reserved bits in CR4
   mov eax,CR4
   bts eax,13           ; set CR4[VMXE} bit 13
   mov CR4,eax
   and ah,0x20
   jz Nope_Not_Set
   jmp Set
   ret

   Nope_Not_Set:
   popa
   mov eax,Bit_Not_Set
   ret

section '.data' data readable writeable
Bit_Set db 'CR4.VMXE[13] is set', 0
Bit_Not_Set db    'WARNING: CR4.VMXE[13] is NOT set - VMXON will BSOD', 0    



here's the drive unload code:

Code:
void hypervistaUnload(IN PDRIVER_OBJECT DriverObject)
{
        UNICODE_STRING Win32NameString;
        KdPrint(("Hypervista driver Unloading.\n"));

/* Create string version of our Win32 device name */

        RtlInitUnicodeString(&Win32NameString, DOS_DEVICE_NAME);

/* Delete the link from the device name to the Win32 namespace */

        IoDeleteSymbolicLink(&Win32NameString);

/* Delete device object */

        IoDeleteDevice(DriverObject->DeviceObject);
}    


My fasm code is declared as extern in the C code and linked in as .obj libraries. I guess I could declare the driver unload function as extrn in my fasm code, but I'm not certain that's the best way.

Thanks in advance for the help.
Post 04 Feb 2007, 20:50
View user's profile Send private message Visit poster's website Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid 04 Feb 2007, 22:10
if you use statical linking
Code:
;declare C proc in ASM
extrn '_hypervistaUnload' as hypervistaUnload

;call C proc in ASM
push [DriverObject]  ;push argument
call hypervistaUnload
add esp, 4 ;clear arguments from stack
    

also, if you use C++ compiler, you must enclose definition of "hypervistaUnload" in extern "C" {} block.

for more examples, see http://board.flatassembler.net/topic.php?t=6371

also a little "wrath of vid #2", if you are interested.

1. For local labels of procedure, prepend name with ".". This makes it local to label, so you can use same label in more procedures. Example:
Code:
proc1:
.a  ; defines proc1.a
jmp .a  ;jumps to proc1.a
proc2:
.a ; defines proc2.a
jmp .a ;jumps to proc2.a
    


2. (not that important...) use "retn" instead of "ret". "ret" should be used in procedures, it means something like "return from current context", and since you are out-of-context (not in procedure), it uses retn. so using retn directly is clearer
Post 04 Feb 2007, 22:10
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
HyperVista



Joined: 18 Apr 2005
Posts: 691
Location: Virginia, USA
HyperVista 04 Feb 2007, 22:49
Thanks vid! I really appreciate the help, and the wrath Very Happy

I thought declaring the C function as extrn in the fasm code might be the way to go, but wasn't sure. I really appreciate the example.

Many thanks professor vid.
Post 04 Feb 2007, 22:49
View user's profile Send private message Visit poster's website Reply with quote
f0dder



Joined: 19 Feb 2004
Posts: 3175
Location: Denmark
f0dder 04 Feb 2007, 22:52
vid wrote:

2. (not that important...) use "retn" instead of "ret". "ret" should be used in procedures, it means something like "return from current context", and since you are out-of-context (not in procedure), it uses retn. so using retn directly is clearer

IMHO it's better to use 'ret' generally, and 'retn' when you specifically need just that 0xC3 generated (ie., no macro-overloaded 'procedure epilogue code' or whatever).

It's like saying "drink coffee with mouth" instead of "drink coffee" - if you choose the first form, people will wonder why you are being so specific if there's not a need for it.

Anyway, back to the original question. I don't think you can just call your "DriverUnload" code that way, HyperVista. Rather, you need to exit your DriverInit code returning "failure" - if your C code is mainly a shimmy, your C code could, basically, do "return asm_driverinit(params);", and the assembly code would then return STATUS_DEVICE_CONFIGURATION_ERROR or whatever.
Post 04 Feb 2007, 22:52
View user's profile Send private message Visit poster's website Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid 04 Feb 2007, 23:14
f0dder: usage of "ret" vs. "retn" is really matter of opinion. I find it absolutely the same, it's just that i prefer using native instructions.

of course your point is right about initialization code, but this may been done elsewhere.

PS: more "wrath" to come when i am in mood Wink
Post 04 Feb 2007, 23:14
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.