"Turning Over A New Leaf"
Well, I'm turning over a new leaf, so to speak. My new company is finally getting somewhere, as we make more progress on version 1 of our product, and we've chosen a company name: Falling Leaf Systems. We aim to provide a hypervisor that allows end users to run Windows, Linux, and OS X simultaneously with full hardware access and tight integration between them, but I won't say anymore on that yet.
Nothing else is really going on. Work is fun, but tiring, as would be expected. I've been working on some cool stuff, relearning Java (I love new languages)
I've been relearning all the low-level stuff I knew, and coding a ton of assembly lately. It's nice to get away from Python for a bit, despite loving it.
Speaking of love, I've been spending every moment I can with my fiancee Nika, and she's able to come down for Spring Break, finally! :D I've never been happier in my life, even to just hold her for a few moments. I can't wait until we can see each other every day. Nothing could be better than that. :)
Well, I'll leave you all with a little challenge. This one is easy. What does this function do:
_getloc:
pop %eax
jmp %eax
Keep in mind that that's the entire function when submitting your answer.
Happy hacking,
- Cody Brocious
posted by Cody Brocious @ 5:05 PM
4 Comments:
Well, it's been a *long* time since I played with intel assembly in college (they were still mainly using segmented memory addressing back then, blech). So forgive me for being a little rusty (or possibly wrong!)
But anyways, that looks like a GAS function call that does the same thing as RET call, you're popping the the return address that was thrown onto the ESP register when you made an enter call into the EAX register then doing an unconditional branch to that addy.
You're right about what you said, but you didn't post the reasoning behind using that over a ret, not that I asked for that ;)
If anyone wants to build on Adin's solution, please feel free! :)
One question before I say something that sounds completely n00b. :P
Does the entry to the procedure matter to what you're looking for? If don't do an enter to jump to the procedure (and call it more like a macro), then you can avoid having any vars/addys automatically thrown on the stack and having the stack pointer incremented. And if you've manually thrown an addy onto the stack, it'll let you jump to there. I have to admit that I never really had to muck with ring levels, but maybe this could be used as a method to get around ring 3 vs ring 0 execution?
Anyways....gimme a cluebird! :P
You _were_ on the right course before ;)
The function is called only by using the call instruction, and it will work properly in any ring of execution.
Post a Comment
Subscribe to Post Comments [Atom]
<< Home