The implementation of copy_user_enhanced_fast_string in the Linux Kernel copy routine uses stac/clac in the epilog and prolog. perf annotate shows the following code: AC is “Alignment check (or access control) flag”. What is the reason stac/clac are used in the routine? What would be the consequences if we simply remove them? Answer Normally all page access checks are disabled in
Tag: x86
Loop Never Ends in Assembly?
Basically, I have below assembly code: I am trying to loop through 0-50 and print the variable pas or probably buf from input box. But this loop keeps printing pas endlessly. I Presume the issue is the re-assignment of ecx, but otherwise without putting my string into ecx how would I print it? or even execute any thing within my
SYS_READ call only works once, seemingly skips over code when ran again
I’m trying to rewrite a little text game in assembly for fun, and I noticed that I’m only able to run the following code successfully once. If I run it again elsewhere, it will seemingly skip over the code. I am compiling using the following command: nasm -f elf64 -o test.o textgame.s && ld -o test test.o && ./test Full
What are the correct permissions while “sys_open”ing a file?
I am trying to read the contents of a file using x86 assembly on Linux. The question is, what we should put into edx – the “permissions” register for sys_open. I’ve used open() of C before; but there wasn’t any “permissions” field. I am trying to read a file belongs to the same owner of the executable. The file’s permissions
Segmentation fault when using memory with custom ELF file
I am trying to program a small ELF program with a custom ELF header but have a segmentation fault whenever i am writing to memory. Why would that code trigger a segmentation fault ? %assign LOAD_ADDRESS 0x08048000 BITS 32 org LOAD_ADDRESS ; load address ehdr: ; Elf32_Ehdr db 0x7F, “ELF”, 1, 1, 1 ; e_ident times 9 db 0 ;
How to read stale values on x86
My goal is to read in stale and outdated values of memory without cache-coherence. I have attempted to use prefetchnta to perform a non-temporal load, but it failed to fetch outdated values. I am looking into performing some kind of Streaming Memory-to-Memory Direct-Memory-Access, but am having a little trouble due to the overwhelming amount of background knowledge required to proceed
Explain Linux commit message that patches/secures POP SS followed by a #BP interrupt (INT3)
This is in reference to CVE-2018-8897 (which appears related to CVE-2018-1087), described as follows: A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer’s Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as
Is it possible to use both 64 bit and 32 bit instructions in the same executable in 64 bit Linux?
A 64 bit CPU (amd64) supports 32 bit Intel instructions in the compatibility mode. Also, a 64 bit Linux installation allows running ELFs containing 32 bit instructions if the ELF header says it is a 32 bit executable. I was wondering if it is possible to put some assembly instructions inside the ELF which switches the CPU to 32 bit
Why can’t I mmap(MAP_FIXED) the highest virtual page in a 32-bit Linux process on a 64-bit kernel?
While attempting to test Is it allowed to access memory that spans the zero boundary in x86? in user-space on Linux, I wrote a 32-bit test program that tries to map the low and high pages of 32-bit virtual address space. After echo 0 | sudo tee /proc/sys/vm/mmap_min_addr, I can map the zero page, but I don’t know why I
Linux page table of the process
I’m reading about the memory paging here and now trying to experiment with it. I wrote a simple assembly program for getting Segmentation Fault and ran in gdb. Here it is: I assemble and link this into a 64-bit ELF static executable. As far as I read each process has its own Page Table which cr3 register points to. Now