Re: Port binding under linux in ASM

Chuck Crayne wrote:
On Sat, 19 Apr 2008 21:38:40 -0700 (PDT)
tin.cans.and.string@xxxxxxxxx wrote:

Seeing as they're not explicitly pointed to by any register at
the time of the syscall, I couldn't see that there was much use
specifically defining them as data.

They are components of the sparms field, which is pointed to by the ecx
register. The association is done with a technique in Fasm which may
have to be changed a bit if you are using some other assembler.

Specifically, Fasm allows the following declaration,

virtual at sparms
p0 dd ?
p1 dd ?
p2 dd ?
p3 dd ?
p4 dd ?
p5 dd ?
end virtual

which is similar to a union or common declaration.

I can see how "tin cans and string" could be confused by this, if he wasn't familiar with the idiom. The whole "socketcall" setup is confusing. C examples use "wrappers" that make "socket", "connect", "bind", "listen", etc. look like separate calls, and the asmutils macros will let you do the same thing. But at the "sys_call" level, there's really only one - "mov eax, 102" - ebx takes the "command", or "subfunction", "SYS_SOCKET", "SYS_BIND", "SYS_CONNECT", etc. and ecx takes a pointer to a "parameter structure". The meanings of the parameters differs depending on which "subfunction" we're doing, but (for some reason) we recycle the same "structure".

A naive way might be to do:

parameters_for_socket_socket:
dd PF_INET
dd SOCK_STREAM
dd 0 ; ?

parameters_for_socket_bind:
fd dd 0 ; has to be filled in at runtime!
dd sin ; address of socket address structure
dd sin_length ; length of same

parameters_for_..... but this would get old pretty quick. So I guess it makes sense to recycle this structure - "socket programming" seems always to do it that way - but it can make it hard to see what's going on.

This example shows memory for the parameter structure allocated in static memory... "sparms rd 6"... that's in ".bss" I guess? Could go on the stack, as "tin cans and string" suspected...

push ebp
mov ebp, esp
sub esp, 12 ; do we need more than three, ever?
%define sparm ebp - 12
%define p0 sparm + 0
%define p1 sparm + 4
%define p2 sparm + 8
; then go on to:
mov [p0],PF_INET
mov [p1],SOCK_STREAM
etc...


(that would be Nasm syntax... just "define" for Fasm??? What assembler are you using, TC&S?)

Best,
Frank
.