这样做在保护模式下一个间接远跳转/调用 [英] Doing a indirect far jump/call in protected mode

问题描述

如何执行在保护模式下的间接远跳转/调用？首先，我在想，这样做是允许的：

How do I perform an indirect far jump/call in protected mode? First I was thinking that doing this is allowable:

jmp 0x10:eax;

（不要担心我GDT的段selector..the第二项是有效的code段）

(Don't worry about the segment selector..the 2nd entry of my GDT is a valid code segment)

但是，当NASM组装它，这是一个语法错误。纵观英特尔（指令集）手册的书2A，它只能使用 JMP ptr16完成：32 ，其中 ptr16：32 是一个立即值，或使用 JMP M16：32 ，其中 M16：32 是包含48位跳跃地址（16:32）的存储器位置

But when nasm assembled it, it was a syntax error. Looking at the Book 2a of the Intel (instruction set reference) manual, it can only be done using jmp ptr16:32, where the ptr16:32 is an immediate value, or using jmp m16:32, where the m16:32 is a memory location containing the 48-bit jump address (the 16:32).

现在我试图连接code这种方式：

Now I tried to encode it this way:

mov dword[ds:jumpaddress_offset],eax
; or just dword[jumpaddress_offset],eax
mov word[ds:jumpaddress_sel],0x10;
; or just mov word[ds:jumpaddress_sel],0x10;
jmp dword far [dword ds:jumpaddress];
...
jumpaddress:
jumpaddress_sel dw 0
jumpaddress_offset dd 0

据组装成功，但是当我试图运行它的处理器获得一个一般性保护错误并重新启动。我不知道发生了什么。

It assembled successfully, but when I tried to run it the processor gets a general protection fault and restarts. I don't know what happened.

我假设的编码是这样的：

I assumed the encoding is like this:

（比如我想跳为0x10：0x8010使用间接跳转）

(for example I want to jump to 0x10:0x8010 using indirect jump)

dw 0x10
dd 0x8010

这可能是什么问题呢？
难道48位的内存值应美元的小尾数C $ CD？
而且它应该是codeD这样？

What could be the wrong with this? Is it that the 48-bit memory value should be coded in little endian? And should it be coded like this?

;0010 0000 8010
dd 0x10,0x80,0,0,0x10,0

我还没有尝试过做最后一个。

I haven't tried doing the last one.

推荐答案

一个常用的伎俩是使用远RET效仿跳跃，如：

A frequently used trick is to emulate the jump using a far ret, such as:

push 0x10
push eax
retf

这篇关于这样做在保护模式下一个间接远跳转/调用的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！