I'm trying to find a way to make my code wait for two seconds before proceeding. I'm using nasm for Linux in protected mode, so I can only use int 80h. I found a syscall called "alarm" (27) and another called "pause" (29). However, when I try to use those, the program waits and finishes instead of continuing execution. I've also found another syscall, sigaction, which changes the behavior of a signal (so I think it can be used to make the program ignore the signal generated by alarm instead of exiting) but I didn't quite understand how sigaction works. Thanks for any help.
Useful links:http://man7.org/linux/man-pages/man2/alarm.2.html
http://man7.org/linux/man-pages/man2/sigaction.2.html
There is a system call for sleeping the program, sys_nanosleep:
sys_nanosleep : eax = 162, ebx = struct timespec *, ecx = struct timespec *
this struct timespec structure has two members:
;; This is for 32-bit. Note that x86-64 uses 2x 64-bit members
tv_sec ; 32 bit seconds
tv_nsec ; 32 bit nanoseconds
this structure can be declared in nasm as:
section .data
timeval:
tv_sec dd 0
tv_usec dd 0
and then you sets the values and call it as:
mov dword [tv_sec], 5
mov dword [tv_usec], 0
mov eax, 162
mov ebx, timeval
mov ecx, 0
int 0x80
the program then will sleep for 5 seconds. A complete example:
global _start
section .text
_start:
; print "Sleep"
mov eax, 4
mov ebx, 1
mov ecx, bmessage
mov edx, bmessagel
int 0x80
; Sleep for 5 seconds and 0 nanoseconds
mov dword [tv_sec], 5
mov dword [tv_usec], 0
mov eax, 162
mov ebx, timeval
mov ecx, 0
int 0x80
; print "Continue"
mov eax, 4
mov ebx, 1
mov ecx, emessage
mov edx, emessagel
int 0x80
; exit
mov eax, 1
mov ebx, 0
int 0x80
section .data
timeval:
tv_sec dd 0
tv_usec dd 0
bmessage db "Sleep", 10, 0
bmessagel equ $ - bmessage
emessage db "Continue", 10, 0
emessagel equ $ - emessage
With NASM, if you are targeting Linux x86-64, you can simply do something similar to the following:
global _start
section .data
timespec:
tv_sec dq 1
tv_nsec dq 200000000
section .text
_start:
mov rax, 35
mov rdi, timespec
xor rsi, rsi
syscall
...
35 corresponds to the 64-bit system call number for sys_nanosleep (as listed here). If the call is interrupted, the remaining sleep time is written to the memory location pointed by register rsi; in this example rsi is set to 0 to ignore the value if it happens. This call will sleep for tv_sec seconds + tv_nsec nanoseconds, 1.2 seconds in the above code snippet.
More information about this system call can be found in the nanosleep man page.
Related
nasm linux x64 how do i find and cmp EOF to stop printing data from file to screen
section .data
Nile_2 db '/home/mark/Desktop/mynewfile.txt', 0;
section .bss
fd_out resd 4 ; use this here instead of resb so there is enough room for long file names
fd_in resd 4
info resd 26
section .text
global _start ;must be declared for using gcc
_start:
;open the file for reading
mov rax, 5
mov rbx, Nile_2 ; was file_name
mov rcx, 0 ;for read only access
; mov rdx, 0777 ;read, write and execute by all
int 0x80
mov [fd_in], eax
;mov rdx, 20
READ:
;read from file
mov rax, 3
mov rbx, [fd_in]
mov rcx, info
;mov rdx, 26
int 0x80
; print the info
mov rax, 4
mov rbx, 1
mov rcx, info
;mov rdx, 26
int 0x80
mov r10, info ; dec rdx
cmp r10, 00
jnz READ
;jmp READ ;jnz Read
HERE:
; close the file
mov rax, 6
mov rbx, [fd_in]
int 0x80
mov eax,1 ;system call number (sys_exit)
int 0x80 ;call kernel
how do i find out if sys_read or info is zero
how do i find out EOF ??? i dont know how to use sys_read to check if no bytes have been read... when i try to cmp that info is zero bytes read i get the last few bytes over and over ???
You are using int 0x80 in your 64-bit code. Normally, in 64-bit code, you would use the syscall instruction and use other register arguments. For some light reading, see
What happens if you use the 32-bit int 0x80 Linux ABI in 64-bit code?
how do i find out if sys_read or info is zero how do i find out EOF ???
If a request to read a certain number of bytes from a file, reports a count that is less than the number that you requested, then the end-of-file has been reached. If the reported count is 0, then the end-of-file was already reached before you made the request, else we say that a partial record was read.
i dont know how to use sys_read to check if no bytes have been read...
sys_read provides you with the number of bytes that were actually read in the eax register. I mentioned this already in my answer to your previous question Nasm linux for some reason i cant use two file variable names at the same time for opening a file and creating a file?
when i try to cmp that info is zero bytes read i get the last few bytes over and over ???
You have managed to create an endless loop!
In NASM, an instruction like mov r10, info loads the address of info in the register. So not the contents that are stored at info which is what you were trying to get.
Since the address is not zero, code like:
mov r10, info
cmp r10, 00
jnz READ
will always jump and thus continue the loop ad infinitum.
fd_out resd 4 ; use this here instead of `resb` so there is **enough room for long file names**
fd_in resd 4
info resd 26
What sys_creat and sys_open return to you in the eax register is a file descriptor (it's in the names fd_in and fd_out), and it's a handle by which the system can identify the open file. It is a single dword and it is meaningless to assign 4 dwords for its storage.
Also, I find it strange that, in response to my previous answer, you changed info resb 26 into info resd 26. This does not make much sense.
With using 64-bit registers this time, you did introduce another mismatch on the fd_in variable! If you stored a dword (mov [fd_in], eax) then don't retrieve a qword (mov rbx, [fd_in])
section .bss
fd_out resd 1
fd_in resd 1
info resb 26
...
READ:
;read from file
mov edx, 26
mov ecx, info
mov ebx, [fd_in]
mov eax, 3
int 0x80 ; -> EAX
test eax, eax
js ERROR ; Some error occured
jz HERE ; End-of-file
; print the info
mov edx, eax ; Could be a partial record
mov ecx, info
mov ebx, 1
mov eax, 4
int 0x80
jmp READ
ERROR:
HERE:
i found out that if i check eax and if its zero thats the end of file
cmp rax, 0
je HERE
'''
so that there does the job and not it will end almost properly when it reaches the end of the file it does spit out an extra bit tho dont know why
When compiled and ran this piece of assembly code throws a Segmentation fault which I can't figure out
section .data
section .bss ; Uninitialized data
x resb 5
section .text
global _start ; entry point for linker (ld)
_start:
; Grab input from user
mov eax, 3 ; system call number (sys_read)
mov ebx, 2
mov ecx, x
mov edx, 5 ; 5 bytes 1 for the sign 4 for the numbers
;Output the number entered
mov eax, 4 ; system call number (sys_write)
mov ebx, 1
mov ecx, x
mov edx, 5
int 0x80 ; kernel call
The goal is to declare a number inside the code and then output the value to the screen
looks like I forgot to do the kernel calls that is why it results in a segfault
section .data
section .bss ; Uninitialized data
x resb 5
section .text
global _start ; entry point for linker (ld)
_start:
; Grab input from user
mov eax, 3 ; system call number (sys_read)
mov ebx, 2
mov ecx, x
mov edx, 5 ; 5 bytes 1 for the sign 4 for the numbers
int 0x80 ; kernel call
;Output the number entered
mov eax, 4 ; system call number (sys_write)
mov ebx, 1
mov ecx, x
mov edx, 5
int 0x80 ; kernel call
; return 0
mov eax, 1
mov ebx, 0
int 80h ; kernel call
Hello all.
So I'm learning assembly.And as per my usual learning steps with any new language I pick up I've arrived at networking with assembly.
Which, sadly isn't going that well as I've pretty much failed at step 0, which would be getting a socket through which communication can begin.
The assembly code should be roughly equal to the following C code:
#include <stdio.h>
#include <sys/socket.h>
int main(){
int sock;
sock = socket(AF_INET, SOCK_STREAM, 0);
}
(Let's ignore the fact that it's not closing the socket for now.)
So here's what I did thus far:
Checked the manual. Which would imply that I need to make a socketcall() this is all good and well. The problem starts with that it would need an int that describes what sort of socketcall it should make. The calls manpage isn't helping much with this either as it only describes that:
On a some architectures—for example, x86-64 and ARM—there is no
socketcall() system call; instead socket(2), accept(2), bind(2), and
so on really are implemented as separate system calls.
Yet there are no such calls in the original list of syscalls - and as far as I know the socket(), accept(), bind(), listen(), etc. are calls from libnet and not from the kernel. This got me utterly confused so I've decided to compile the above C code and check up on it with strace. This yielded the following:
socket(PF_INET, SOCK_STREAM, IPPROTO_IP) = 3
While that didn't got me any closer to knowing what socket() is it did explain it's arguments. For witch I don't seem to find the proper documentation (again). I thought that PF_INET, SOCK_STREAM, IPPROTO_IP would be defined in <sys/socket.h> but my grep-ing for them didn't seem to find anything of use. So I decided to just wing it by using gdb in tandem with disass main to find the values. This gave the following output:
Dump of assembler code for function main:
0x00000000004004fd <+0>: push rbp
0x00000000004004fe <+1>: mov rbp,rsp
0x0000000000400501 <+4>: sub rsp,0x10
0x0000000000400505 <+8>: mov edx,0x0
0x000000000040050a <+13>: mov esi,0x1
0x000000000040050f <+18>: mov edi,0x2
0x0000000000400514 <+23>: call 0x400400
0x0000000000400519 <+28>: mov DWORD PTR [rbp-0x4],eax
0x000000000040051c <+31>: leave
0x000000000040051d <+32>: ret
End of assembler dump.
In my experience this would imply that socket() gets it's parameters from EDX (PF_INET), ESI (SOCK_STREAM), and EDI (IPPROTO_IP). Which would be odd for a syscall (as the convention with linux syscalls would be to use EAX/RAX for the call number and other registers for the parameters in increasing order, eg. RBX, RCX, RDX ...). The fact that this is beaing CALL-ed and not INT 0x80'd would also imply that this is not in fact a system call but rather something thats being called from a shared object. Or something.
But then again. Passing arguments in registers is very odd for something that's CALL-ed. Normally as far as I know argument's for called things should be PUSH-ed onto the stack, as the compiler can't know what registers they would try to use.
This behavior becomes even more curious when checking the produced binary with ldd:
linux-vdso.so.1 (0x00007fff4a7fc000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f56b0c61000)
/lib64/ld-linux-x86-64.so.2 (0x00007f56b1037000)
There appears to be no networking library's linked.
And that's the point where I've ran out of ideas.
So I'm asking for the following:
A documentation that describes the x86-64 linux kernel's actual syscalls and their associated numbers. (Preferably as a header file for C.)
The header files that define PF_INET, SOCK_STREAM, IPPROTO_IP as it really bugs me that I wasn't able to find them on my own system.
Maybe a tutorial for networking in assembly on x86-64 linux. (For x86-32 it's easy to find material but for some reason I came up empty with the 64 bits stuff.)
Thanks!
The 64 bit calling convention does use registers to pass arguments, both in user space and to system calls. As you have seen, the user space convention is rdi,rsi, rdx, rcx, r8, r9. For system calls, r10 is used instead of rcx which is clobbered by the syscall instruction. See wikipedia or the ABI documentation for more details.
The definitions of the various constants are hidden in header files, which are nevertheless easily found via a file system search assuming you have the necessary development packages installed. You should look in /usr/include/x86_64-linux-gnu/bits/socket.h and /usr/include/linux/in.h.
As for a system call list, it's trivial to google one, such as this. You can also always look in the kernel source of course.
socket.asm
; Socket
; Compile with: nasm -f elf socket.asm
; Link with (64 bit systems require elf_i386 option): ld -m elf_i386 socket.o -o socket
; Run with: ./socket
%include 'functions.asm'
SECTION .text
global _start
_start:
xor eax, eax ; init eax 0
xor ebx, ebx ; init ebx 0
xor edi, edi ; init edi 0
xor esi, esi ; init esi 0
_socket:
push byte 6 ; push 6 onto the stack (IPPROTO_TCP)
push byte 1 ; push 1 onto the stack (SOCK_STREAM)
push byte 2 ; push 2 onto the stack (PF_INET)
mov ecx, esp ; move address of arguments into ecx
mov ebx, 1 ; invoke subroutine SOCKET (1)
mov eax, 102 ; invoke SYS_SOCKETCALL (kernel opcode 102)
int 80h ; call the kernel
call iprintLF ; call our integer printing function (print the file descriptor in EAX or -1 on error)
_exit:
call quit ; call our quit function
more docs...
this is for x86 system. if you want use for x86_64 system change x86 register to x86_64. for example change 'eax' to 'rax' or 'esp' to 'rsp'. and change syscall value in eax(rax), see https://chromium.googlesource.com/chromiumos/docs/+/master/constants/syscalls.md
[bits 32]
global _start
section .data
msg: db "Socket Failed To Create!",0xa,0
len: equ $-msg
msg1: db "Socket Created",0xa,0
len1: equ $-msg1
msg2: db "Recv Or Send Failed",0xa,0
len2: equ $-msg2
msg3: db "Shutdown Socket Failed",0xa,0
len3: equ $-msg3
DATASIZE: equ 5
SOCK_STREAM: equ 1
AF_INET: equ 2
AF_INET: equ 2
INADDR_ANY: equ 0
MSG_WAITALL: equ 0x100
MSG_DONTWAIT: equ 0x40
SHUT_RDWR: equ 2
SYS_SOCKET: equ 1 ; sys_socket(2)
SYS_BIND: equ 2 ; sys_bind(2)
SYS_CONNECT: equ 3 ; sys_connect(2)
SYS_LISTEN: equ 4 ; sys_listen(2)
SYS_ACCEPT: equ 5 ; sys_accept(2)
SYS_GETSOCKNAME:equ 6 ; sys_getsockname(2)
SYS_GETPEERNAME:equ 7 ; sys_getpeername(2)
SYS_SOCKETPAIR: equ 8 ; sys_socketpair(2)
SYS_SEND: equ 9 ; sys_send(2)
SYS_RECV: equ 10 ; sys_recv(2)
SYS_SENDTO: equ 11 ; sys_sendto(2)
SYS_RECVFROM: equ 12 ; sys_recvfrom(2)
SYS_SHUTDOWN: equ 13 ; sys_shutdown(2)
SYS_SETSOCKOPT: equ 14 ; sys_setsockopt(2)
SYS_GETSOCKOPT: equ 15 ; sys_getsockopt(2)
SYS_SENDMSG: equ 16 ; sys_sendmsg(2)
SYS_RECVMSG: equ 17 ; sys_recvmsg(2)
SYS_ACCEPT4: equ 18 ; sys_accept4(2)
SYS_RECVMMSG: equ 19 ; sys_recvmmsg(2)
SYS_SENDMMSG: equ 20 ; sys_sendmmsg(2)
struc sockaddr_in, -0x30
.sin_family: resb 2 ;2bytes
.sin_port: resb 2 ;2bytes
.sin_addr: resb 4 ;4bytes
.sin_zero: resb 8 ;8bytes
endstruc
struc socket, -0x40
.socketfd resb 4
.connectionfd resb 4
.count resb 4
.data resb DATASIZE
endstruc
section .text
_start:
push ebp
mov ebp, esp
sub esp, 0x400 ;1024byte
xor edx, edx ;or use cdq
;
; int socket(int domain, int type, int protocol);
; domain: The domain argument specifies a communication domain
;
push edx ; Push protocol
push dword SOCK_STREAM ; Push type
push dword AF_INET ; Push domain
mov ecx, esp ; ECX points to args
mov ebx, SYS_SOCKET ;
mov eax, 0x66 ; socketcall()
int 0x80
cmp eax, 0
jl .socket_failed
mov [ebp + socket.socketfd], eax
;
; fill struct sockaddr_in serv_addr;
;
mov word [ebp + sockaddr_in.sin_family], AF_INET
mov word [ebp + sockaddr_in.sin_port], 0x3905
mov dword [ebp + sockaddr_in.sin_addr], INADDR_ANY
push dword [ebp + sockaddr_in.sin_addr]
push word [ebp + sockaddr_in.sin_port]
push word [ebp + sockaddr_in.sin_family]
mov ecx, esp
;
; int bind(int sockfd, const struct sockaddr *addr, socklen_t addrlen);
;
push byte 0x10 ; sizeof(struct sockaddr)
push ecx ; pointer struct sockaddr
push dword [ebp + socket.socketfd]
mov ecx, esp ; ECX points to args
mov ebx, SYS_BIND ;
mov eax, 0x66
int 0x80
cmp eax, 0
jne .socket_failed
;
; int listen(int sockfd, int backlog);
;
push dword 0x10
push dword [ebp + socket.socketfd]
mov ecx, esp
mov ebx, SYS_LISTEN
mov eax, 0x66
int 0x80
cmp eax, 0
jne .socket_failed
;
; int accept(int sockfd, struct sockaddr *addr, socklen_t *addrlen);
;
xor ebx, ebx
push ebx
push ebx
push dword [ebp + socket.socketfd]
mov ecx, esp
mov ebx, SYS_ACCEPT
mov eax, 0x66
int 0x80
cmp eax, -1
je .socket_failed
mov [ebp + socket.connectionfd], eax
mov dword [ebp + socket.count], 0
.again:
lea edi, [ebp + socket.data]
mov ecx, DATASIZE
mov eax, 0
rep stosd
lea eax, [ebp + socket.data]
;
; ssize_t recv(int sockfd, const void *buf, size_t len, int flags);
;
push dword MSG_WAITALL
push dword DATASIZE
push eax
push dword [ebp + socket.connectionfd]
mov ecx, esp
mov ebx, SYS_RECV
mov eax, 0x66
int 0x80
cmp eax, 0
jle .recv_or_send_failed
mov edx, eax
lea ecx, [ebp + socket.data]
call printk
inc dword [ebp + socket.count]
cmp dword [ebp + socket.count], 5
jle .again
.break:
;
; int shutdown(int sockfd, int how);
;
push dword SHUT_RDWR
push dword [ebp + socket.socketfd]
mov ecx, esp
mov ebx, SYS_SHUTDOWN
mov eax, 0x66
int 0x80
cmp eax, 0
jne .shutdown_failed
;
; int close(int fd)
;
mov ebx, [ebp + socket.connectionfd]
mov eax, 0x06
int 0x80
cmp eax, 0
jne .shutdown_failed
jmp .success
.shutdown_failed:
mov edx, len3
mov ecx, msg3
call printk
jmp .end
.recv_or_send_failed:
mov edx, len2
mov ecx, msg2
call printk
jmp .end
.socket_failed:
mov edx, len
mov ecx, msg
call printk
jmp .end
.success:
mov edx, len1
mov ecx, msg1
call printk
jmp .end
.end:
leave
mov ebx,0 ;first syscall argument: exit code
mov eax,1 ;system call number (sys_exit)
int 0x80 ;call kernel
ret
; EDX: message length
; ECX: pointer to message to write
printk:
pusha
mov ebx,1 ;first argument: file handle (stdout)
mov eax,4 ;system call number (sys_write)
int 0x80 ;call kernel
popa
ret
i'm learning Assembler (Nasm, Linux, Ubuntu 16.4, x86_64)
and getting Trouble using the sys_time call (mov eax, 13).
section .bss
time: resb 30;
section .data
msg: db "The Time is:";
msgLen: equ $-msg;
blank: db 0x0a;
blankLen: equ $-blank;
section .text
global _start:
_start:
mov eax, 13;
mov ebx, time;
int 80h;
mov eax, 4;
mov ebx, 1;
mov ecx, msg;
mov edx, msgLen;
int 80h;
mov eax, 4;
mov ebx, 1;
mov edx, time;
mov ecx, 30;
int 80;
mov eax, 4;
mov ebx, 1;
mov ecx, blank;
mov edx, blankLen;
int 80h;
mov eax, 1;
mov ebx, 0;
int 80h;
The error message is
(translated with google) (Written dump ) segfaulting if someone knows german here the German error Message Speicherzugriffsfehler (Speicherabzug geschrieben)
my thougts: maybe resb reserves space for a string, but how can i convert the Integer to a string?? Or do i have to declare a Integer?
or is my kernel broke?
You have int 80 instead of int 80h on one line. And ecx/edx have the values other way.
After printing msg the next code should be:
mov eax, 4
mov ebx, 1
mov ecx, time
mov edx, 30
int 80h
(It will not do, what you expect, anyway, as the sys_time does not return string, so you can't display it directly).
Checking the sys_time docs on internet... you should call it rather with xor ebx,ebx (NULL buffer pointer), and use the returned eax value. Giving it the buffer pointer is now obsolete way of call. It's number of seconds since Epoch (1970-01-01 00:00:00 +0000 (UTC)).
So at the beginning of your code you can do:
mov eax, 13
xor ebx,ebx
int 80h
mov [time],eax
It's still not solving how to display it (nor I will even try, depends what you really want to achieve, whether just linking against clib is enough for you, and then use the C functions to format the time, or you want to create the seconds_number->time_string formatter from scratch on your own).
I am trying to print a single digit integer in nasm assembly on linux. What I currently have compiles fine, but nothing is being written to the screen. Can anyone explain to me what I am doing wrong here?
section .text
global _start
_start:
mov ecx, 1 ; stores 1 in rcx
add edx, ecx ; stores ecx in edx
add edx, 30h ; gets the ascii value in edx
mov ecx, edx ; ascii value is now in ecx
jmp write ; jumps to write
write:
mov eax, ecx ; moves ecx to eax for writing
mov eax, 4 ; sys call for write
mov ebx, 1 ; stdout
int 80h ; call kernel
mov eax,1 ; system exit
mov ebx,0 ; exit 0
int 80h ; call the kernel again
This is adding, not storing:
add edx, ecx ; stores ecx in edx
This copies ecx to eax and then overwrites it with 4:
mov eax, ecx ; moves ecx to eax for writing
mov eax, 4 ; sys call for write
EDIT:
For a 'write' system call:
eax = 4
ebx = file descriptor (1 = screen)
ecx = address of string
edx = length of string
After reviewing the other two answers this is what I finally came up with.
sys_exit equ 1
sys_write equ 4
stdout equ 1
section .bss
outputBuffer resb 4
section .text
global _start
_start:
mov ecx, 1 ; Number 1
add ecx, 0x30 ; Add 30 hex for ascii
mov [outputBuffer], ecx ; Save number in buffer
mov ecx, outputBuffer ; Store address of outputBuffer in ecx
mov eax, sys_write ; sys_write
mov ebx, stdout ; to STDOUT
mov edx, 1 ; length = one byte
int 0x80 ; Call the kernel
mov eax, sys_exit ; system exit
mov ebx, 0 ; exit 0
int 0x80 ; call the kernel again
From man 2 write
ssize_t write(int fd, const void *buf, size_t count);
In addition to the other errors that have been pointed out, write() takes a pointer to the data and a length, not an actual byte itself in a register as you are trying to provide.
So you will have to store your data from a register to memory and use that address (or if it's constant as it currently is, don't load the data into a register but load its address instead).