Try to search your question here, if you can't find : Ask Any Question Now ?

How does 32-bit socketcall system call work based on the libc assembly?

HomeCategory: stackoverflowHow does 32-bit socketcall system call work based on the libc assembly?
Avatarkundan asked 5 months ago

I am trying to understand how 32-bit socketcall work by reading the assembly code in socket API and a few others in Libc library.

   000ed9f0 <socket>:
   ed9f0: 89 da                 mov    %ebx,%edx
   ed9f2: b8 66 00 00 00        mov    $0x66,%eax   # socketcall syscall number
   ed9f7: bb 01 00 00 00        mov    $0x1,%ebx    # SYS_SOCKET value
   ed9fc: 8d 4c 24 04           lea    0x4(%esp),%ecx # pointer to the *arg structure
   eda00: 65 ff 15 10 00 00 00  call   *%gs:0x10  # invokes syscall? but this is not sysenter or int 0x80
   eda07: 89 d3                 mov    %edx,%ebx
   eda09: 83 f8 83              cmp    $0xffffff83,%eax
   eda0c: 73 01                 jae    eda0f <socket+0x1f>
   eda0e: c3                    ret
   eda0f: e8 cb 8d 03 00        call   1267df <__frame_state_for+0x35f>
   eda14: 81 c1 ec d5 0b 00     add    $0xbd5ec,%ecx
   eda1a: 8b 89 24 ff ff ff     mov    -0xdc(%ecx),%ecx
   eda20: f7 d8                 neg    %eax
   eda22: 65 03 0d 00 00 00 00  add    %gs:0x0,%ecx
   eda29: 89 01                 mov    %eax,(%ecx)
   eda2b: 83 c8 ff              or     $0xffffffff,%eax
   eda2e: c3                    ret
   eda2f: 90                    nop

See my code comment above (#). It makes sense to me until this line:

   eda00: 65 ff 15 10 00 00 00  call   *%gs:0x10  # invokes syscall? but this is not Sysenter or int 0x80

I thought we invoke syscall using either int 0x80 or Sysenter. But how does this call with segment register invokes the socketcall syscall?

1 Answers
Best Answer
AvatarMikhail answered 5 months ago
Your Answer

17 + 10 =

Popular Tags

WP Facebook Auto Publish Powered By : XYZScripts.com