flat assembler
Message board for the users of flat assembler.
Index
> Linux > dumb newbie |
Author |
|
vid 05 Sep 2006, 10:16
well, FASM has VERY few material about linux, but you are free to ask here and we are willing to help you
here is something to start with: Code: format ELF executable entry start segment readable writeable executable buffer db "Hello Linux World" buffersize = $-buffer start: ;write text to screen mov eax, 4 ;sys_write mov ebx, 0 ;stdout mov ecx, buffer ;pointer to buffer to write mov edx, buffersize ;buffer to write int 80h cmp eax, -4096 ;needed only in funny cases ja error ;exit with code 0 mov eax, 1 ;sys_exit mov ebx, 0 ;exit code int 80h error: ;exit with code 1 mov eax, 1 ;sys_exit mov ebx, 1 ;exit code int 80h you can find linux kernel API calls description here: http://www.lxhp.in-berlin.de/lhpsyscal.html |
|||
05 Sep 2006, 10:16 |
|
noob 05 Sep 2006, 11:35
thanks a lot vid, will give that a go!
|
|||
05 Sep 2006, 11:35 |
|
vid 05 Sep 2006, 11:57
okay, let me know if it crashes
|
|||
05 Sep 2006, 11:57 |
|
noob 05 Sep 2006, 22:54
Hi Vid,
It worked thanks without crashing, wasnt sure it was going to as I forgot to say my linux machine is 64 bit. thanks |
|||
05 Sep 2006, 22:54 |
|
Feryno 06 Sep 2006, 08:02
http://flatassembler.net/examples.php
32-bit apps should run OK, but why not to use the power of 64-bits ? AMD64 processors appeared here years ago and various distributions of Linux for AMD64 have followed them immediately (in the time when ms has slept). |
|||
06 Sep 2006, 08:02 |
|
vid 06 Sep 2006, 08:23
Feryno: okay, so i believe this is a good time to describe 64bit linux kernel calling conventions.
|
|||
06 Sep 2006, 08:23 |
|
noob 06 Sep 2006, 11:43
The machine that I want to run the code on (long way to go yet) will be an amd 64 opteron, I dont know whether while learning I should just use a 32 bit intel laptop to learn on or whether I should just ssh onto my server and start learning to code straight away for 64 bit platform.
I'd like to understand how you guys code for linux, eg. whether directly on the target machine or whether you use a dev environment with different machines / different cpu's with different linux distro's or vmware ? Or does a dissimilar dev environment just cause too much grief ? thanks |
|||
06 Sep 2006, 11:43 |
|
Feryno 06 Sep 2006, 13:22
2 vid:
please read txt from package in examples section. Although lack of explains and comments, it's enough for start and point you to some directions (some may be good, some may be fakes, I don't know exactly because I'm lazy to read and search manuals and my improving stops everytime on a point when my "programs" or samples begin to behave correctly). Although it isn't well documented (or maybe I have searched not enough as I usualy didn't use to do), but I suggest to use syscall instead of int 80 - I lost hours playing why int80 didn't work over 32-bit limit and then found some different numbers for system calls in the kernel sources for use with syscall instruction which helped me much so I was able to continue). Numbers of system calls differs from int 80 (read txt where you can find numbers of system calls in the kernel sources). You can use int 80 in 64-bit apps well until you access data over 32-bit limit, then int 80 fails and then it is the turn for syscall only. When you allocate some memory using int 80, Linux 64 allocates it in 32-bit, so you don't to worry when accessing it using int 80 again. When you allocate memory using syscall you cannot be sure whether it isn't over 32-bit limit (you can try e.g. mov rcx,100000000h, cmp rax,rcx, jc we_are_under_32_bit_limit). You are sure over 32-bit when you use: format ELF64 executable at 0000000100000000h and then you must use syscall to have success accessing memory. You get arguments in the stack at entry $ when you compile ELF directly from source using FASM. You get arguments in registers at main: when you link with libraries by external linker because linker adds exctra code which executes before your asm start point and this code transform params from the stack to registers (so samples in X-windows begin with main: instead of entry $ in console samples). I like debugging more than assembling, so I traced through code put by linker and I saw what it did, not usefull to repeat, just believe me this. 2 noob: I use directly my home PC, which holds 3 OSes (and 4th when I plug there HDD from my private PC in my job - easier than move the whole PC case... but I had wired them together year ago). Fortunately, my home PC isn't connected to any net, so I feel safe, I have only 1 account on Linux so I log everytime like a root and I haven't created second account with less privileges yet... I don't see big difficuties when you connect from 32-bit os into Linux 64, you can code and run apps in 64-bits from your 32-bit terminal wery well. Every way you described should be good, wmware too. |
|||
06 Sep 2006, 13:22 |
|
vid 06 Sep 2006, 13:58
thanks feryno, btw, you are not very descriptive about errors.
for example in 32bit linux, kernel returns negated error number, when -4096<eax<0. You mention that error is when negative number is returned... but are you sure it's entire -0x8000000000000000 < rax < 0? PS: error in my code: stdout is 1, not 0. |
|||
06 Sep 2006, 13:58 |
|
Feryno 07 Sep 2006, 08:46
to vid:
you are right, it should be the same in 64-bit (I don't know it exactly now, but I saw error numbers in range from about -400 to -1) so this my way: OR RAX,RAX JS ERROR is very simplified and not really correct I don't worry about make my way better, because user app shouldn't be over offset 8000000000000000h so successful system call return parameter for memory pointers shouldn't be in range 8000000000000000h-FFFFFFFFFFFFFFFFh. Handles start counting from 0, 1, ... and I will never reach so much handles for get over 8000000000000000h e.g. cmp rax,-400 (fictive number, put real from kernel sources...) is too big opcode for my style of playing, so I use smaller opcode or rax,rax (3 bytes) I have never had any problem using or rax,rax / js. But I have never said that you and I wouldn't have any using this style... we are walking through an unkonwn land... Just some of my ideas (I don't say that they are the best...), everybody has to choose it's own way. The fact that I have had success with this way doesn't allow me to tell you now that you have to do it in this way. We can discuss and choose the best. |
|||
07 Sep 2006, 08:46 |
|
vid 07 Sep 2006, 09:27
so i believe it's still -4096 = FFFFFFFFFFFFF000
then we can use Code: or rax, rax jns @f cmp ax, F000 ja .error @@: but it's ugly |
|||
07 Sep 2006, 09:27 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.