Linux syscall table from C re-written to assembly

So, from this code, a kernel module, there is a get_system_call function to get the x86_64 system call table.

#define IA32_LSTAR  0xc0000082  void *get_system_call(void) {   void *system_call;   unsigned char *ptr;   int i, low, high;    asm volatile("rdmsr" : "=a" (low), "=d" (high) : "c" (IA32_LSTAR));    system_call = (void*)(((long)high<<32) | low);    printk(KERN_INFO "system_call: 0x%p\n", system_call);    for (ptr=system_call, i=0; i<500; i++) {      if (ptr[0] == 0xff && ptr[1] == 0x14 && ptr[2] == 0xc5)         return (void*)(0xffffffff00000000 | *((unsigned int*)(ptr+3)));   ptr++;   }    return NULL; } 

I try to rewrite the x86 assembly version like this:

global _start section .text _start:  mov ecx, 0xc0000082 rdmsr mov edx, 32 mov ecx, edx sal edx, cl or eax, edx  .loop_init: mov ecx, eax add ecx, 500 jmp .loop_body  .loop: add eax, 1 cmp ecx, eax je .fail  .loop_body: cmp byte [eax], 0xff jne .loop cmp byte [eax+1], 0x14 jne .loop cmp byte [eax+2], 0xc5 jne .loop  .success: mov ecx, 0xffffffff mov eax, dword [eax+3] or eax, ecx ret  .fail: xor eax, eax ret 

My question is: Is that correct or I’m totally wrong ?

Add Comment
0 Answer(s)

Your Answer

By posting your answer, you agree to the privacy policy and terms of service.