什么是“mov rax，QWORD PTR fs：0x28”汇编指令呢？ [英] What does the "mov rax, QWORD PTR fs:0x28" assembly instruction do?

问题描述

另外我想知道如何从GDB的这个内存区域读取数据，命令是什么 和 gs 寄存器指向特定于线程的操作系统和其他操作系统定义的结构。修改段寄存器是一个受保护的指令，所以只有操作系统可以为你设置它们。

这个问题应该有助于解释： amd64 fs / gs注册在linux 。

fs 寄存器的实际值不是地址。它是一个选择器 - GDT中的偏移量，它描述了该段可以/不能用于的内容。您无法看到隐藏的fs基址和限制寄存器的值是什么 - 它们是内部CPU寄存器，只有通过向fs写入新的选择器（在此处基准/限制寄存器从GDT更新）才会更新。

Immediately before this instruction is executed fs contains 0x0.

Also I'd like to know how I can read from this memory area in GDB, what would the command for that be?

解决方案

The fs and gs registers in modern OSes like Linux and Windows point to thread-specific and other OS-defined structures. Modifying the segment register is a protected instruction, so only the OS can set these up for you.

This question should help explain what exactly the point to: amd64 fs/gs registers in linux.

The actual value of the fs register isn't an address. It is a selector - an offset into the GDT, that describes what that segment can/cannot be used for. You cannot see what the values of the hidden fs base and limit registers are - they are internal CPU registers that are only updated by writing a new "selector" to fs (at which point the base/limit registers are updated from the GDT).

这篇关于什么是“mov rax，QWORD PTR fs：0x28”汇编指令呢？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！