PUSHA/POPA and Syscalls

Question about which tools to use, bugs, the best way to implement a function, etc should go here. Don't forget to see if your question is answered in the wiki first! When in doubt post here.
Post Reply
osdeve

PUSHA/POPA and Syscalls

Post by osdeve »

I am trying to save the return value of a syscall in register eax.
So, I can't do popa. However, if I do it the manual way [pop ..., pop ...], I get a GPF on pop edi. Is there any other way?

Code:

Code: Select all

[global _KeAsmSyscallIRQ]
_KeAsmSyscallIRQ:
   cli
   pusha
   push gs
   push fs
   push ds
   push es

   push ebx ; Paramater 2
   push ecx ; Paramater 1
   push edx ; Function Code

   call _KeSyscallIRQ

        ;eax already has return value
   pop edx
   pop ecx
   pop ebx

   popa   
   

         pop es
   pop ds
   pop fs
   pop gs

   
   iret
Top
Dex4u

Re:PUSHA/POPA and Syscalls

Post by Dex4u »

1. First if your talking 32bit pmode, you should be doing pushad.
2. you could save it to a var from eax and after popad add the contents of var to eax.
3. Should that not be:

Code: Select all

[global _KeAsmSyscallIRQ]
_KeAsmSyscallIRQ:
   cli
   pushad
   push gs
   push fs
   push ds
   push es

   push ebx ; Paramater 2
   push ecx ; Paramater 1
   push edx ; Function Code

   call _KeSyscallIRQ

        ;save eax to var here
   pop edx
   pop ecx
   pop ebx
   pop es
   pop ds
   pop fs
   pop gs
   popad 
       ;add it back to eax here.
   iret
Or are you using one of those s**t , passing parameeters ??.
Top
proxy

Re:PUSHA/POPA and Syscalls

Post by proxy »

the way i do it is i just heave my interrupt handlers (whcih includes syscall handlers) take the interrupt context as a param (this is all registers). Then in my c++ code i have something like this:

context->eax = (syscalltable[context->eax])(context->edx);

assuming edx is suppose to have a pointer to my params.

this way the assembly stub need not be changed at all.

proxy
Top
User avatar
Pype.Clicker
Member
Member
Posts: 5964
Joined: Wed Oct 18, 2006 2:31 am
Location: In a galaxy, far, far away
Contact:
Contact Pype.Clicker

Re:PUSHA/POPA and Syscalls

Post by Pype.Clicker »

osdeve wrote: I am trying to save the return value of a syscall in register eax.
I'm somehow confused ... you talk about both "syscall" (that is, invoking the kernel to perform e.g. file open, file close ...) and "IRQ" (that is, handling a request from a hardware device).

In the first one, you want to produce output values in _more_ than eax ... in the second one, you do not want any register to be modified because the handling event should not be noticed by the interrupted program.
So, I can't do popa. However, if I do it the manual way [pop ..., pop ...], I get a GPF on pop edi.
Chances are that you're messing up with the stack ... if it actually GPFs on "pop esp" or "pop ds", the reason might be different, but i suggest you cross-check the stack state...

Is there any other way?
access directly the place where EAX is saved on stack ... this may be more convenient in a C-based handler as shown by proxy, since it's your only way to manipulate the return values properly (without having the compiler messing the value of %ebx, for instance).

In an asm-based handler, you can still achieve that with mov [esp+offset_of_eax_on_stack], new_value.
Top
Post Reply

Return to “OS Development”