“mov rax, QWORD PTR fs:0x28"是什么意思?汇编指令做什么? [英] What does the "mov rax, QWORD PTR fs:0x28" assembly instruction do?

问题描述

在这条指令执行之前，fs包含0x0.

Immediately before this instruction is executed fs contains 0x0.

另外我想知道如何从 GDB 中的这个内存区域读取，该命令是什么?

Also I'd like to know how I can read from this memory area in GDB, what would the command for that be?

推荐答案

Linux 和 Windows 等现代操作系统中的 fs 和 gs 寄存器指向线程特定和其他操作系统定义的结构.修改段寄存器是受保护的指令，所以只有操作系统可以为你设置这些.

The fs and gs registers in modern OSes like Linux and Windows point to thread-specific and other OS-defined structures. Modifying the segment register is a protected instruction, so only the OS can set these up for you.

这个问题应该有助于解释究竟是什么意思:amd64 fs/gs registers inlinux.

This question should help explain what exactly the point to: amd64 fs/gs registers in linux.

fs 寄存器的实际值不是地址.它是一个 选择器 - GDT 的偏移量，描述了该段可以/不能用于什么.您看不到隐藏的 fs 基址和限制寄存器的值是什么 - 它们是内部 CPU 寄存器，只能通过向 fs 写入新的选择器"来更新(此时基址/限制寄存器从 GDT 更新).

The actual value of the fs register isn't an address. It is a selector - an offset into the GDT, that describes what that segment can/cannot be used for. You cannot see what the values of the hidden fs base and limit registers are - they are internal CPU registers that are only updated by writing a new "selector" to fs (at which point the base/limit registers are updated from the GDT).

这篇关于“mov rax, QWORD PTR fs:0x28"是什么意思?汇编指令做什么?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！