Textbook Mastering Assembly Programming 1St Edition Alexey Lyashko Ebook All Chapter PDF
Textbook Mastering Assembly Programming 1St Edition Alexey Lyashko Ebook All Chapter PDF
Textbook Mastering Assembly Programming 1St Edition Alexey Lyashko Ebook All Chapter PDF
https://textbookfull.com/product/assembly-programming-and-
computer-architecture-for-software-engineers-brian-hall/
https://textbookfull.com/product/mastering-bitcoin-programming-
the-open-blockchain-antonopoulos/
https://textbookfull.com/product/mastering-bitcoin-programming-
the-open-blockchain-3rd-edition-antonopoulos/
https://textbookfull.com/product/mastering-delphi-programming-a-
complete-reference-guide-primoz-gabrijelcic/
Assembly 1st Edition Michael Hardt
https://textbookfull.com/product/assembly-1st-edition-michael-
hardt/
https://textbookfull.com/product/microcavities-alexey-v-kavokin/
https://textbookfull.com/product/modern-x86-assembly-language-
programming-covers-x86-64-bit-avx-avx2-and-avx-512-daniel-
kusswurm/
https://textbookfull.com/product/modern-arm-assembly-language-
programming-covers-armv8-a-32-bit-64-bit-and-simd-daniel-
kusswurm/
https://textbookfull.com/product/risc-v-assembly-language-
programming-unlock-the-power-of-the-risc-v-instruction-set-maker-
innovations-series-1st-edition-smith/
Mastering Assembly Programming
From instruction set to kernel module with Intel processor
Alexey Lyashko
BIRMINGHAM - MUMBAI
Mastering Assembly Programming
Every effort has been made in the preparation of this book to ensure the
accuracy of the information presented. However, the information contained in
this book is sold without warranty, either express or implied. Neither the
author, nor Packt Publishing, and its dealers and distributors will be held
liable for any damages caused or alleged to be caused directly or indirectly by
this book.
ISBN 978-1-78728-748-8
www.packtpub.com
Credits
Author Copy Editor
Reviewer
Project Coordinator
Commissioning Editor
Proofreader
Safis Editing
Merint Mathew
I would like to express my endless gratitude to everyone who made this book
a reality--the current and former members of the team at Packt Publishing:
Sonali Vernekar, Kinnari Sanghvi, Angad Singh, Zeeyan Pinheiro, Vivek
Pala, and many others, who devoted their time and effort. To Mr. Tomasz
Grysztar, the author of the Flat Assembler, who agreed to be the technical
reviewer for the book--thank you and I hope you did not suffer much reading
my stream of consciousness.
A special thank you to my darling wife, Yulia, for her patience and support,
and to my 3 years old son, Yaakov, for helping with the cover design
selection. This book would never have happened without the support from
you all. Thank you!
About the Reviewer
Tomasz Grysztar is a self-employed programmer and systems designer,
with a focus on machine languages. He is the author of FASM, one of the
assemblers for the x86 architecture of processors, and he has been
continuously developing it for nearly 20 years.
www.PacktPub.com
For support files and downloads related to your book, please visit
www.PacktPub.com.
Did you know that Packt offers eBook versions of every book published, with
PDF and ePub files available? You can upgrade to the eBook version at
www.PacktPub.com and as a print book customer, you are entitled to a
discount on the eBook copy. Get in touch with us at [email protected]
for more details.
https://www.packtpub.com/mapt
Get the most in-demand software skills with Mapt. Mapt gives you full
access to all Packt books and video courses, as well as industry-leading tools
to help you plan your personal development and advance your career.
Why subscribe?
Fully searchable across every book published by Packt
Copy and paste, print, and bookmark content
On demand and accessible via a web browser
Customer Feedback
Thanks for purchasing this Packt book. At Packt, quality is at the heart of our
editorial process. To help us improve, please leave us an honest review on
this book's Amazon page at https://www.amazon.com/dp/1787287483.
If you'd like to join our team of regular reviewers, you can e-mail us at
[email protected]. We award our regular reviewers with free
eBooks and videos in exchange for their valuable feedback. Help us be
relentless in improving our products!
Table of Contents
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Downloading the example code
Errata
Piracy
Questions
1. Intel Architecture
Processor registers
General purpose registers
Accumulators
Counter
Stack pointer
Source and destination indices
Base pointer
Instruction pointer
Floating point registers
XMM registers
Segment registers and memory organization
Real mode
Protected mode - segmentation
Protected mode - paging
Long mode - paging
Control registers
Debug registers
Debug address registers DR0 - DR3
Debug control register (DR7)
Debug status register (DR6)
The EFlags register
Bit #0 - carry flag
Bit #2 - parity flag
Bit #4 - adjust flag
Bit #6 - zero flag
Bit #7 - sign flag
Bit #8 - trap flag
Bit #9 - interrupt enable flag
Bit #10 - direction flag
Bit #11 - overflow flag
Remaining bits
Summary
2. Setting Up a Development Environment
Microsoft Macro Assembler
Installing Microsoft Visual Studio 2017 Community
Setting up the Assembly project
GNU Assembler (GAS)
Installing GAS
Step 1 - installing GAS
Step 2 - let's test
Flat Assembler
Installing the Flat Assembler
The first FASM program
Windows
Linux
Summary
3. Intel Instruction Set Architecture (ISA)
Assembly source template
The Windows Assembly template (32-bit)
The Linux Assembly template (32-bit)
Data types and their definitions
A debugger
The instruction set summary
General purpose instructions
Data transfer instructions
Binary Arithmetic Instructions
Decimal arithmetic instructions
Logical instructions
Shift and rotate instructions
Bit and byte instructions
Execution flow transfer instructions
String instructions
ENTER/LEAVE
Flag control instructions
Miscellaneous instructions
FPU instructions
Extensions
AES-NI
SSE
Example program
Summary
4. Memory Addressing Modes
Addressing code
Sequential addressing
Direct addressing
Indirect addressing
RIP based addressing
Addressing data
Sequential addressing
Direct addressing
Scale, index, base, and displacement
RIP addressing
Far pointers
Summary
5. Parallel Data Processing
SSE
Registers
Revisions
Biorhythm calculator
The idea
The algorithm
Data section
The code
Standard header
The main() function
Data preparation steps
Calculation loop
Adjustment of sine input values
Computing sine
Exponentiation
Factorials
AVX-512
Summary
6. Macro Instructions
What are macro instructions?
How it works
Macro instructions with parameters
Variadic macro instructions
An introduction to calling conventions
cdecl (32-bit)
stdcall (32-bit)
Microsoft x64 (64-bit)
AMD64 (64-bit)
A note on Flat Assembler's macro capabilities
Macro instructions in MASM and GAS
Microsoft Macro Assembler
The GNU Assembler
Other assembler directives (FASM Specific)
The conditional assembly
Repeat directives
Inclusion directives
The include directive
File directive
Summary
7. Data Structures
Arrays
Simple byte arrays
Arrays of words, double words, and quad words
Structures
Addressing structure members
Arrays of structures
Arrays of pointers to structures
Linked lists
Special cases of linked lists
Stack
Queue and deque
Priority queues
Cyclic linked list
Summary for special cases of linked lists
Trees
A practical example
Example - trivial cryptographic virtual machine
Virtual machine architecture
Adding support for a virtual processor to the Flat
Assembler
Virtual code
The virtual processor
Searching the tree
The loop
Tree balancing
Sparse matrices
Graphs
Summary
8. Mixing Modules Written in Assembly and Those Written in High-Level
Languages
Crypto Core
Portability
Specifying the output format
Conditional declaration of code and data sections
Exporting symbols
Core procedures
Encryption/decryption
Setting the encryption/decryption parameters
f_set_data_pointer
f_set_data_length
GetPointers()
Interfacing with C/C++
Static linking - Visual Studio 2017
Static linking - GCC
Dynamic linking
Assembly and managed code
Native structure versus managed structure
Importing from DLL/SO and function pointers
Summary
9. Operating System Interface
The rings
System call
System call hardware interface
Direct system calls
Indirect system calls
Using libraries
Windows
Linking against object and/or library files
Object file
Producing the executable
Importing procedures from DLL
Linux
Linking against object and/or library files
Object file
Producing the executable
Dynamic linking of ELF
The code
Summary
10. Patching Legacy Code
The executable
The issue
PE files
Headers
Imports
Gathering information
Locating calls to gets()
Preparing for the patch
Importing fgets()
Patching calls
Shim code
Applying the patch
A complex scenario
Preparing the patch
Adjusting file headers
Appending a new section
Fixing the call instruction
ELF executables
LD_PRELOAD
A shared object
Summary
11. Oh, Almost Forgot
Protecting the code
The original code
The call
The call obfuscation macro
A bit of kernel space
LKM structure
LKM source
.init.text
.exit.text
.rodata.str1.1
.modinfo
.gnu.linkonce.this_module
__versions
Testing the LKM
Summary
Preface
The Assembly language is the lowest-level human readable programming
language on any platform. Knowing the way things are on the Assembly level
will help developers design their code in a much more elegant and efficient
way.
The Assembly language is a powerful tool that developers may use in their
projects to gain more efficiency with their code, not to mention that
Assembly is the basis of computing even in today's world of high-level
languages, software frameworks, and scripting engines. The core idea behind
this book is to familiarize software developers with things that are often
skipped or are not given enough attention by developers and, much worse, by
those who teach them. It may be hard to believe that the Assembly language
itself is only the tip of the iceberg (unfortunately, the part of the iceberg that
is hidden in water falls outside the scope of this book), but even it alone may
highly improve your ability to develop much cleaner, more elegant and, more
importantly, much more efficient code.
What this book covers
Chapter 1, Intel Architecture, provides a brief insight into the Intel
architecture, covering processor registers and their usage.
Chapter 10, Patching Legacy Code, attempts to show the basics of patching
existing executables, which is an art in itself.
Chapter 11, Oh, Almost Forgot, covers a few things that did not fit into any
of the preceding chapters but are, nevertheless, interesting and may even be
important.
What you need for this book
The requirements for this book are rather minimal. All you need is a
computer running either Windows or Linux and the desire to learn new
things.
Who this book is for
This book is primarily intended for developers wishing to enrich their
understanding of low-level proceedings, but, in fact, there is no special
requirement for much experience, although a certain level of experience is
anticipated. Of course, anyone interested in Assembly programming should
be able to find something useful in this book.
Conventions
In this book, you will find a number of text styles that distinguish between
different kinds of information. Here are some examples of these styles and an
explanation of their meaning.
Code words in text, database table names, folder names, filenames, file
extensions, pathnames, dummy URLs, user input, and Twitter handles are
shown as follows:
"If you decide to move it elsewhere, do not forget to put the INCLUDE folder
and the FASMW.INI file (if one has already been created) into the same
directory."
Once the file is downloaded, please make sure that you unzip or extract the
folder using the latest version of:
From nervous bulbar lesion, or toxic from the pathogenic bacteria. Transient or
permanent and fatal. Symptoms: dysphagia: liquids expelled by nose or enter
lungs. Inhalation pneumonia. Facial palsy. Roaring, laryngeal thrill. Atrophy.
Gangrene. Treatment: remove cause: combat bulbar hyperæmia and cephalic
congestion: cold: derivatives, electricity: blisters: antiseptics.