[line-devel] Re: int80 handler

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Awsome.
    I'm glad that it works.  I cant wait to play around with the new line.
Mike

----- Original Message -----
From: "Michael Vines" <mi...@bl...>
To: "Jordan Stout" <jd...@me...>
Cc: <lin...@li...>
Sent: Monday, April 23, 2001 03:58 PM
Subject: int80 handler


>
> I played around with the int80 driver code today and got the int 80's
> reflecting back to the process.  I didn't check the code into CVS, but
> basically you just take the existing 'un' module and replace HANDLER.ASM
> with the source inlined below.  It's so nice going back to good old Intel
> assembly syntax for a while, AT&T syntax hurts my brain :)
>
> I've also included a modified '80.cpp' test program below.  However, I was
> able to get LINE working using the driver very easily.  I'll check that
> code into CVS once I clean it up a little.  The performance increase is
> quite considerable and I could attach a debugger to the live Linux
> application without problem.  Very cool!
>
>
> Mike
>
>
> ------------
> ; HANDLER.ASM
> .386
> .model small
>
> .data
>     _syscallHandlerPtr dd 0
>
> .code
>
> public _InterruptHandler
>
> include ..\include\undocnt.inc
>
> _InterruptHandler proc
> PUSHAD
> PUSHFD
> PUSH FS
>
> MOV     EDX,00000030h
> MOV     FS,DX
> SUB     ESP, 50h
> MOV     EBP,ESP
>
> ;Setup the exception frame to NULL
> MOV     EDX,DWORD PTR CS:[0FFDFF000h]
> MOV     DWORD PTR DS:[0FFDFF000h], 0FFFFFFFFh
> MOV     DWORD PTR [EBP],EDX
>
> ;Save away the existing KSS EBP
> MOV     ESI, DWORD PTR CS:[0FFDFF124h]
> MOV     EDX,DWORD PTR [ESI+00000128h]
> MOV     DWORD PTR [EBP+4h],EDX
> MOV     DWORD PTR [ESI+00000128h],EBP
>
> ;Save away the kernel time and the thread mode (kernel/user)
> MOV     EDI,DWORD PTR [ESI+00000137h]
> MOV     DWORD PTR [EBP+8h],EDI
>
> ;Set the thread mode (kernel/user) based on the code selector
> MOV     EDX,DWORD PTR [EBP+7Ch]
> AND     EDX,01
> MOV     BYTE PTR [ESI+00000137h],DL
>
> STI
>
>
>     ; Check for SYSCALL_LINEXEC_HANDLER
>     CMP     EAX, 0DEADBEEFh
>     JNE     reflect_syscall
>
>     MOV     DS:_syscallHandlerPtr, EBX
>     JMP     exit_handler
>
>
> reflect_syscall:
>
>     ; simple sanity check
>     MOV     EAX, DS:_syscallHandlerPtr
>     CMP     EAX, 0
>     JE      no_handler
>
>     MOV     EBX, DWORD PTR [ESP+50h+40]  ; read userland EIP from stack
>     MOV     DWORD PTR [ESP+50h+40], EAX  ; set EIP to syscall handler
>
>     MOV     EAX, DWORD PTR [ESP+50h+52]  ; get ESP from stack
>     SUB     EAX, 4
>     MOV     DWORD PTR [ESP+50h+52], EAX  ; write new ESP
>     MOV     DWORD PTR [EAX], EBX         ; place EIP on top of userland
> stack
>
>
>     JMP     exit_handler
>
>
> no_handler:
>     MOV     EAX, -38                     ; -38 == ENOSYS
>
>
> exit_handler:
>
> ;Restore the KSS EBP
> MOV     ESI,DWORD PTR CS:[0FFDFF124h]
> MOV     EBX,DWORD PTR [EBP+4]
> MOV     DWORD PTR [ESI+00000128h],EBX
>
> ;Restore the exception frame
> MOV     EBX,DWORD PTR [EBP]
> MOV     DWORD PTR FS:[00000000],EBX
>
> ;Restore the thread mode
> MOV     EBX,DWORD PTR [EBP+8h]
> MOV     ESI,DWORD PTR FS:[00000124h]
> MOV     BYTE PTR [ESI+00000137h],BL
> ADD     ESP, 50h
> POP     FS
> POPFD
> POPAD
>
> IRETD
>
>
> _InterruptHandler endp
>
> End
> -------------
>
>
>
> -------------
> // 80.cpp : int80 driver test program
> //
>
> #include "stdafx.h"
> #include <stdio.h>
>
>
> int syscallHandler(void)
> {
>   printf("hello from handler\n");
>   return 0;
> }
>
>
> int main(int argc,char *argv[])
> {
>   printf("sending syscall handler address\n");
>
>   _asm {
>     mov eax, 0xDEADBEEF
>     mov ebx, offset syscallHandler
>     int 0x80
>   }
>
>
>   printf("trying a syscall\n");
>   _asm {
>     mov eax, 1
>     int 0x80
>   }
>
>   printf ("return from syscall\n");
>   return 1;
> }
> -------------
>