LINUX ASSEMBLY

LINUX ASSEMBLY

Some example code always helps:

mov eax,1 ; The exit syscall number
mov ebx,0 ; Have an exit code of 0
int 80h ; Interrupt 80h, the thing that pokes the kernel and says, "Yo, do this"


=====================================

/usr/include/asm/unistd.h

===================

This is the syscall you use to write to, well, a file. But you also use it to print stuff on the screen. "Why the heck is that?" you ask. See, in Linux everything is a file. Things like the screen, mice, printers, etc. are special files called "device files", but you read and write to them just like you do to a text file. This actually makes sense, because reading/writing files is one of the simplest things to do in programming, so why not do everything in the same simple way - but I digress.


=====================================
you use the extended 32-bit registers EAX, EBX, ECX
instead of the normal 16-bit registers AX, BX, CX etc.




An assembly program can be divided into three sections:

* The .data section

This section is for "declaring initialized data", in other words defining "variables" that already contain stuff. However this data does not change at runtime so they're not really variables. The .data section is used for things like filenames and buffer sizes, and you can also define constants using the EQU instruction. Here you can use the DB, DW, DD, DQ and DT instructions. For example:

section .data
message: db 'Hello world!' ; Declare message to contain the bytes 'Hello world!' (without quotes)
msglength: equ 12 ; Declare msglength to have the constant value 12
buffersize: dw 1024 ; Declare buffersize to be a word containing 1024

* The .bss section

This section is where you declare your variables. You use the RESB, RESW, RESD, RESQ and REST instructions to reserve uninitialized space in memory for your variables, like this:

section .bss
filename: resb 255 ; Reserve 255 bytes
number: resb 1 ; Reserve 1 byte
bignum: resw 1 ; Reserve 1 word (1 word = 2 bytes)
realarray: resq 10 ; Reserve an array of 10 reals

* The .text section

This is where the actual assembly code is written. The .text section must begin with the declaration global _start, which just tells the kernel where the program execution begins. (It's like the main function in C or Java, only it's not a function, just a starting point.) Eg.:

section .text
global _start

_start:
pop ebx ; Here is the where the program actually begins
.
.
.


======================


4.3 Linux System Calls

Linux system calls are called in exactly the same way as DOS system calls:

1. You put the system call number in EAX (we're dealing with 32-bit registers here, remember)
2. You set up the arguments to the system call in EBX, ECX, etc.
3. You call the relevant interrupt (for DOS, 21h; for Linux, 80h)
4. The result is usually returned in EAX

There are six registers that are used for the arguments that the system call takes. The first argument goes in EBX, the second in ECX, then EDX, ESI, EDI, and finally EBP, if there are so many. If there are more than six arguments, EBX must contain the memory location where the list of arguments is stored - but don't worry about this because it's unlikely that you'll use a syscall with more than six arguments. The wonderful thing about this scheme is that Linux uses it consistently – all system calls are designed this way, there are no confusing exceptions.