| |
| |
| |
|
Comments:
<0> good night everybody
<1> any ELF gurus about? im trying to figure out where some extra space is being taken up in my binaries. I have a 768-byte .text, 9 byte .rodata, 12 byte .bss, 52 bytes for the ELF header. 1184 bytes total size leaves 340 bytes unaccounted for. Help?
<2> hello
<2> ok, i have a question that may seem odd, but i have some code that runs in user space but needs to far call to an arbitrary memory location... obviously this can't be done without support from the kernel...
<2> so, in linux, is there a way to take a memory map of /dev/mem (physical memory) and far call into it? it would require a far call over two indirections
<2> the only other thing i would worry about is the code even being able to find its way back to my code once the far call is finished executing.. again, i think the kernel would have to help here
<2> and yes, there actually is a reason i'm trying to avoid writing a kernel module to handle this particular piece of code
<3> a way back from a call far...
<3> like a ret far maybe ?
<3> and you still can do far calls without help of kernel
<2> edcba: you can do far calls without help from the kernel, but not into arbitrary locations in memory outside the CS given to you by the kernel
<3> indeed
<3> so what you really want is to change your privileges ?
<2> and i'm not calling my own code; i'm actually trying to do a far call into the BIOS32 service directory (PCI BIOS service)
<2> yes
<2> if i could do that, that would also be nice... that'd be a lot easier than writing a kernel module
<2> edcba: only thing i found to increase privileges was iopl(2), but that only increased my privileges to be able to r/w any I/O port
<3> so why don't you use a lkm ?
<2> i think that's what i'll have to do... i was just trying to think of a solution other than that for the sake of trying something different
<2> for educational/research purposes
<4> hi
<5> does "mov ecx,32" clear the upper 32 bits of rcx?
<6> no
<6> it's completely analoguous to mov bx, 32 which doesn't touch the upper half of ebx at all
<5> http://modseven.de/pastebin.php?id=1002
<5> and ecx holds 0x0000ff00 instead of 0xff00ff00
<5> "mov rcx,0xff00ff0000000000; mov ecx,0; shr rcx,32" => ecx is zero..
<5> without the second 'mov' ecx is 0xff00ff00
<5> there it is.. "Results of 32-bit operations are implicitly zero-extended to the upper 32 bits of the corresponding 64-bit register" .. but how can I work around this?
<7> http://www.amd64.org/documentation/***embly
<7> `Implicit zero extend'
<5> yep, but how do I disable it?
<5> I need to load a 32bit value into the lower 32bits of rcx withlout affecting the upper 32bits
<5> or what other options do I have to avoid shld on amd64?
<7> I don't understand why to split 64-bit register.
<5> my code is "mov ecx,[esi]; shld,eax,ecx,cl;" and if eax is full then I save the value to memory
<5> and because someone here advised me to use something else than shld (and so does the amd64 manual), I thought I could use the upper 32bits of rcx as eax and the lower 32bits as ecx and then just use "shl rcx,cl"
<7> I don't know if is it appropriate solution for a problem but if would it mean only technical form then there is probably one instruction to change (mov).
<7> Not only technical - would be: replacing `shl' with second register and copying.
<7> wereHamster: Are you seeing it?
<5> not really :(
<7> `mov' or `or'
<7> I don't under... why to push 32-bit values to 64-bit register...
<5> it's a huffman encoder.. after "mov ecx,[esi]" ecx holds the bits to encode (starting at the MSB) and the number of bits in the low 8bits. The original x86 code uses "shld,eax,ecx,cl" to push the bits into eax and then puts eax into memory if eax is full.
<6> omg, i didn't know at all about the implicit extension, maybe i should retain from answering anything x86_64 on my intuition from now on
<6> it makes sense, that extension, though. keeps code size smaller
<5> rwt, you mean I should do "shl rax,cl; shr rcx,32-cl; or rax,rcx" ?
<7> wereHamster: Without `shr' in middle (in the past) but now... Generally a static part of 64-bit value can be or-ed and a stream part mov-ed.
<7> The problem is: not using 64- with 32-bit value, but using 64-bit with 64-bit.
<5> I think I'll stick with the old code..
<7> I'll think the few minutes yet.
<7> Can you read 6-bit value?
<7> 64
<5> why shouldn't I be able?
<7> Then old `shld' works with 64-bit values.
<5> the original code is x86, and my amd64 ***embler also uses only 32bit registers
<7> So?
<6> wereHamster: considering that implicit extension scheme, although shld is slow to decode, it's still what you should use, because the replacement would be very complicated.
<5> maybe not so complicated ;)
<6> wereHamster: well, quite complicated when compared with single shld instruction. notice that the amd64 manual only has simple replacements for shld with small fixed shift counts, nothing more.
<5> yep.. you're probably right.. I've given up :-P
<1> Can anyone recommend a good computationally cheap PRNG that doesnt use division or modulus operations? Mersenne Twister and Lagged Fibonacci are both a bit too expensive for my needs.
<8> sparr_, such a thing doesn't exist. the whole idea is based on cyclic groups .. modulo mandatory.
<1> well, i can bit shift
<1> modulo 2^N
<1> but not arbitrary modulus
<8> sparr_, but since this is asm. pick any address (or example into the framebuffer or whatnot) and read that value. that's .. well .. random. idiotic but random =)
<1> not very good random though
<1> i could get hundreds of zeros in a row (since thats what a majority of my RAM holds)
<8> what? it's extremely random since there's random input from the outside (you)
<9> probably unlikely from what i've found on the web, but is anyone aware of any ongoing efforts to reverse engineer Intel or AMD microcode updates?
<1> (how) can i get gcc to not write a section header to my ELF binary?
<8> sparr_, you gotta strip it away. gcc -O binary for example or use objcopy after compilation
<8> or was it --oformat ?`..
<1> i dont want to strip the ELF or program header
<1> just the section header
<8> But that's idiotic. Without such a header you can strip everything right away anyway.
<8> ah yes (not for sparr_ then) "ld --oformat" . Not that anyway accuses me to spread misinformation here ;)
<8> s/anyway/anyone/
<1> wobster: i dont want a nondefault format
<1> i still want ELF
<1> elf32-littlearm specifically, which is the default
<8> sparr_, well, for such an obscure operation you would have to dissect the whole object and reconstruct it for your needs. but I've my doubts that your problem could be solved in a less fearsome way.
<1> thats what im doing now :(
<1> its not particularly hard, but its annoying
<8> and scary!
Return to
#asm
or
Go to some related
logs:
conection refused
#lisp
#linux
GetListOfResourceTypes
#centos
libdecss rpm
#web
#javascript
ipforwarding
glue bison-kit
|
|