flat assembler
Message board for the users of flat assembler.

Index > OS Construction > Long Mode syscall/sysret

Author
Thread Post new topic Reply to topic
zenix



Joined: 19 Dec 2007
Posts: 7
zenix 19 Dec 2007, 03:25
Hiii all..

can u give me simple sample for long mode with syscall / sysret

syscall from ring 3 to ring 0 and back to ring 3 Very Happy Very Happy


Thanks's
Post 19 Dec 2007, 03:25
View user's profile Send private message Reply with quote
zenix



Joined: 19 Dec 2007
Posts: 7
zenix 21 Dec 2007, 04:55
What's wrong with my code??? can u help me???

I want to jump from ring 0 to ring 3 using iret but i get an error..

can u solve my problem please...

Code:

ORG 0x7C00

      USE16

   cli

     lgdt    [cs:GDTR]

   mov     eax,cr0
     or      al,1
        mov     cr0,eax

 jmp     8:PM_Start


GDTR:     dw 5*8-1
    dd GDT  


GDT:    dw 0x0000,0x0000,0x0000,0x0000          ; (0)  NUll Selector
        dw 0xFFFF,0x0000,0x9A00,0x00CF          ; (8 ) Code Segment 32bit ring 0
    dw 0xFFFF,0x0000,0x9200,0x00CF          ; (16) Data Segment 32bit ring 0
    dw 0xFFFF,0x0000,0xFA00,0x00CF          ; (24) Code Segment 32bit ring 3
    dw 0xFFFF,0x0000,0xF200,0x00CF          ; (32) Data Segment 32bit ring 3

        USE32

PM_Start:
  mov     ax,16
       mov     ds,ax
       mov     es,ax
       mov     ss,ax
       mov     fs,ax
       mov     gs,ax

   mov     eax,'P M '
        mov     [0xB8000],eax

   push    dword 32                        ; SS
        push    dword Stack_Top                 ; ESP
       push    dword 0                         ; EFLAGS
    push    dword 24                        ; CS
        push    dword PM_Ring3                  ; EIP
       iret                                    ; Jmp to ring 3

PM_Ring3:
        mov     ax,32
       mov     ds,ax
       mov     es,ax
       mov     fs,ax
       mov     gs,ax

   mov     eax,'R 3 '
        mov     [0B8000h],eax
       
    jmp     PM_Ring3


    db 512 dup (0)
Stack_Top:

    



thank's
Post 21 Dec 2007, 04:55
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 20299
Location: In your JS exploiting you and your system
revolution 21 Dec 2007, 05:19
The above code looks like you want it to be a boot sector. If so, then you will have to make it exactly 512 bytes in length and have the last two bytes for the signature 0x55,0xaa
Post 21 Dec 2007, 05:19
View user's profile Send private message Visit poster's website Reply with quote
edfed



Joined: 20 Feb 2006
Posts: 4330
Location: Now
edfed 21 Dec 2007, 05:20
where is the bootsignature? 0AA55h?
and db 512 duo (0) to do what?
if it is to make your file fit in 512 bytes, the best, is to make:

rb 510-($-$$)
dw 0aa55h

edit:
it miss the seconds in post time!
to see how many seconds are between two posts Wink
Post 21 Dec 2007, 05:20
View user's profile Send private message Visit poster's website Reply with quote
zenix



Joined: 19 Dec 2007
Posts: 7
zenix 21 Dec 2007, 05:40
No, that is not bootsector code...

i just load that code using Vmware. please don't look at ORG 0x7C00

i get an error in this sesion, i hope that code can jump to ring 3, but i get GPF!!!

Code:
        push    dword 32                ; SS
        push    dword Stack_Top     ; ESP
        push    dword 0                  ; EFLAGS
        push    dword 24                ; CS
        push    dword PM_Ring3      ; EIP
        iret                                   ; Jmp to ring 3 
    


Quote:

where is the bootsignature? 0AA55h?
and db 512 duo (0) to do what?


That is stack top for ring 3 user mode...



Ok thank's for your reply...
Post 21 Dec 2007, 05:40
View user's profile Send private message Reply with quote
dosin



Joined: 24 Aug 2007
Posts: 337
dosin 21 Dec 2007, 06:23
Witch fault are you getting? it may be -irq0 if you have not programmed it you need to.. To handle the task..

when you set up your itd you need to handle the ring switch.. just for testing I sent all my isr0 -31 to a fault handle:
Code:
   
isr0:
jmp fault_handle

isr1:
jmp fault_handle
;rest of the isr2-31 go here

irq0:
jmp fault_handle
;irq0 - 7 here
;sys int ?? go here
fault_handle:
push fs
                push es
             push ds
             pusha
                               reset 8259 interrupt controller
             mov al,0x20
         out 0x20,al



     
                                SAVE USER REGS
          mov ax,ss
           mov ds,ax
           mov es,ax
           mov fs,ax
           mov gs,ax

..do more here to load next task etc...

jmp main_task_loop

jmp $ ;just in case      

iret
    

then you need to program your irq0 at first..

If your not getting an irq0; but a different fault you have other probs..
program your IDT and set up error msg for each fault..That way you know whats happening..


Last edited by dosin on 21 Dec 2007, 06:31; edited 1 time in total
Post 21 Dec 2007, 06:23
View user's profile Send private message Reply with quote
edfed



Joined: 20 Feb 2006
Posts: 4330
Location: Now
edfed 21 Dec 2007, 06:31
irq0 = timer
irq1 = keyboard

PM int 0 is not irq0

but, yes, have you got your isrX configured?
if not, do you CLI?
if you CLI and it make errors, hemm hemmm, hard to guess, please, post your code.
Post 21 Dec 2007, 06:31
View user's profile Send private message Visit poster's website Reply with quote
dosin



Joined: 24 Aug 2007
Posts: 337
dosin 21 Dec 2007, 06:45
Quote:
PM int 0 is not irq0

Ya! i should have used (timer) not to cause confusion.. Just use to labling it that way! lol

Once this is done you may have to remap the PIC and enable the Timer..

Good luck!
Post 21 Dec 2007, 06:45
View user's profile Send private message Reply with quote
zenix



Joined: 19 Dec 2007
Posts: 7
zenix 21 Dec 2007, 06:50
I have no configure ISR yet, but i do CLI.

what do you do for jamp to ring 3 from ring 0.?

i use iret so i do this:

push UserDataRing3 ; for stack segment
push OffsetStack ; for stack pointer
push 0 ; Clearing EFLAGS
push UserCodeRing3 ; for code segment
push OffsetRing3 ; User code ring 3
iret ; jump to ring 3

after iret i hope it jump to ring 3. but hmmm error Sad Sad ...

how about you??? have you do this?? please show me your code... Smile
Post 21 Dec 2007, 06:50
View user's profile Send private message Reply with quote
edfed



Joined: 20 Feb 2006
Posts: 4330
Location: Now
edfed 21 Dec 2007, 06:57
i don't use rings...
i don't see the utility for now in my applications, and my kernel is all in ring0


i think in this case, you can make a :

jmp ring3segment:entry
Post 21 Dec 2007, 06:57
View user's profile Send private message Visit poster's website Reply with quote
zenix



Joined: 19 Dec 2007
Posts: 7
zenix 21 Dec 2007, 07:15
edfed wrote:
i don't use rings...
i don't see the utility for now in my applications, and my kernel is all in ring0


i think in this case, you can make a :

jmp ring3segment:entry


i use far jump before i use iret but the result still same...

hmmmm what i do else??????
Post 21 Dec 2007, 07:15
View user's profile Send private message Reply with quote
dosin



Joined: 24 Aug 2007
Posts: 337
dosin 21 Dec 2007, 07:15
I sent you an example that may help in your- messages!
it has the same basic idea that your using....

Good luck!
Post 21 Dec 2007, 07:15
View user's profile Send private message Reply with quote
zenix



Joined: 19 Dec 2007
Posts: 7
zenix 21 Dec 2007, 07:31
thanks dosin for your help..

i will look it and learn first

Very Happy Very Happy Very Happy
Post 21 Dec 2007, 07:31
View user's profile Send private message Reply with quote
dosin



Joined: 24 Aug 2007
Posts: 337
dosin 21 Dec 2007, 07:43
No prob!

look it over and then look at other Multitask systems to get an idea linux,MenuetOS etc.. They use a simular but more advance way of doing the same thing... and there open source.. learn from them and then apply your ideas on how you want it done or change it completly..

if you have any probs I will try and help!
Post 21 Dec 2007, 07:43
View user's profile Send private message Reply with quote
zenix



Joined: 19 Dec 2007
Posts: 7
zenix 22 Dec 2007, 04:59
i am back,,, and good news i have resolve my problems Very Happy Very Happy ..

i change my code tobe like this...

Code:
        push        dword 35                        ; SS
        push    dword Stack_Top                 ; ESP
       push    dword 0                         ; EFLAGS
    push    dword 27                        ; CS
        push    dword PM_Ring3                  ; EIP
       iret                                    ; Jmp to ring 3
    


Add CS descriptor with 3 "24+3 = 27". CS descriptor with RLP 3
Add SS descriptor with 3 "32+3 = 35". SS descriptor with RPL 3


Very Happy Very Happy Very Happy

Thanks ALL..

Cheers...
Orange
Post 22 Dec 2007, 04:59
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.