20145301 "Information Security system Design Fundamentals" 6th Week Study Summary

# 20145301 "Fundamentals of Information Security system Design" 5th Week study Summary

# # Textbook Learning Content Summary

* X86 addressing mode through three generations:
1 The flat mode of the DOS era, not distinguishing between user space and kernel space, very insecure
2-8086 segmented mode
3 IA32 Flat mode with protected mode

* CPU contains a set of 8 registers that store 32-bit values
stored integer data and pointers: EAX,ECX,EDX,EBX,ESI,EDI,ESP,EBP.
In most cases the first six are used as universal registers, and the Eax,ecx,edx storage and recovery conventions are different from Ebx,edi,esi (the first three are saved for the callee, and the last three are for the caller). The last two are used to store pointers, which are important in the process, pointing to the top and bottom of the stack frame, and must be persisted.

* Compile: Gcc-01-o p p1.c,-01: Indicates use of first level optimization. Generally increasing the level of optimization will make the final program run faster, but the compilation time may be longer and debugging the code with the debugging tools will be more difficult. (In practice, the second-level optimization-02 is considered to be a better choice)
* Two types of abstraction:
* Instruction set architecture ISA: is the format and behavior of a machine-level program that defines the state of the processor, the format of the instruction, and the effect of each instruction on the state.
* The memory address used by the machine-level program is a virtual address and looks like a very large byte array, in effect combining multiple hardware memory and operating system software.

* ATT and Intel:intel omit the suffix indicating the size,% in front of the register, and describe the location in the memory in different ways.

* Some machine code that is usually hidden from the C language programmer is visible in IA32:
* Program counter (commonly referred to as "PC" in IA32, denoted by%eip) indicates the address of the next instruction to be executed in memory.
* Integer Register: Contains 8 named locations, storing 32-bit numeric values, which can store addresses (pointers to C language) or integer data, and some registers are used to record some important program state, and other registers are used to hold temporary data, such as local variables of the process and return values of functions.
* Barcode Register: Holds the state information of the most recently executed arithmetic or logic instruction, which is used to implement the condition change in the control or data stream.
* Floating-point registers: A set of floating-point registers holding floating-point data

* Stack frame structure: The machine stacks to pass process parameters, store return information, save registers for later recovery, and local storage. The portion of the stack allocated for a single process is called a stack frame. The topmost stack frame is defined with two pointers, the register%EBP as the frame pointer, and the register%ESP as the stack pointer.

* Assembly Code:
PUSHL%EBP Press the contents of the register%EBP into the program stack
MOVL%ESP,%EBP Gets the new stack low, the current stack top is given a low stack
POPL%EBP procedure call end, restore old stack low
Return instructions for RET subroutines

* Binary files can be viewed with the Od command, or by GDB's X command. Some of the output is too much, you can use the more or less command in conjunction with a pipe view, or you can use output redirection to view it.
OD CODE.O | More
OD code.o > Code.txt

* Gcc-s xxx.c-o xxx.s Get assembly code, can also be used objdump-d XXX disassembly

* 64-bit machine to get 32 code: Gcc-m32-s XXX.C

* Binary files can be viewed with the Od command, or by GDB's X command. There are too many output content

* When a source file generates a '. O ' target binary, it cannot be viewed directly.

* Data transfer instruction has three variants: Movb (transfer byte) MOVW (transfer word) MOVL (double word transfer)

* Register:

ESI EDI can be used to manipulate arrays

ESP EBP used to manipulate stack frames

For registers, especially eax,ebx,ecx,edx in the General register, the ah,al of the ax,8 bits of the 32-bit eax,16 bits are independent.

* Three types of operands: immediate count, register, memory

Immediate Number: Constant value

Register: Indicates the contents of a register

Memory: Access to a memory location based on the computed address (usually called a valid address)

* LEAL instruction: Reads data from memory to register, is to write valid address to the destination operand (does not change any condition code)
* CMP: Similar to sub directives, but only set condition code two does not change the value of the destination register
* TEST: Similar to and directive, but only set condition code two does not change the value of the destination register
* JMP is unconditional jump, can be direct, also can be indirect jump; conditional jump can only be jump directly
* Stack frame structure: machine stack to pass process parameters, store return information, save register for later recovery, and local storage
* The portion of the stack allocated for a single process is called the stack frame, the register%EBP is the frame pointer, and the%ESP is the stack pointer
* Call Command: Returns the address into the stack, and jumps to the beginning of the called process, the return address is in the program immediately after the address of the instruction
* ret instruction pops the address from the stack and jumps to this location
Registers%eax,%edx,%ecx are divided into caller-save registers, register%EBX,%esi,%edi are divided into callee-saved registers
* Call command: The Invoke command has a target, which indicates the address of the instruction at the beginning of the called process; and jumps to the beginning of the called procedure.
* RET instruction: RET refers to the pop-out address from the stack and jumps to this position; the RET instruction returns to the command after the call instruction.
* Leave instruction: Leave instruction can make the stack ready to return, the use of leave instruction before returning, both reset the stack pointer, also reset the frame pointer
* Using GDB's stack trace feature (GDB has many commands for the call stack, requiring a target stack frame, such as a command to print local variable values)

1. Toggle between stack Frames

Frame args sets the current stack frame to the specified stack frame of args (numbered or address) and prints a brief information about the stack frame.

Up n rolls back n stack frames (outer layer), n defaults to 1.

Down n advances n stack frames (more inner), n defaults to 1.

2. Print stack frame information (do not move the stack frame)

Frame prints brief information about the current stack frame.

Info Frame Prints the details of the current stack frame.

Info Frame args Prints Detailed information about the specified stack frame.

Info args Print function parameter information.

Info Locals prints information about the currently accessible local variables.

3. Print the Call stack

BackTrace Print summary information for all stack frames, press CTRL-C to terminate printing.

BackTrace N Prints a brief information of the top n stack frames.

Backtrace-n prints a brief message of the outermost n stack frame.

BackTrace Full prints detailed information about all stack frames.

BackTrace Full n Prints the details of the top n stack frames.

BackTrace Full-n Prints the details of the outermost n stack frame.

# # Problems and solutions in textbook learning
3.2 In the exercise about changing the command suffix of the push $0xff, ask the classmate understand for the stack operation is a double word operation, so whether it is pop or push should use PUSHL and POPL

# # Problems and the process of solving after-school homework

# # this week code hosting
-[Code link] ([HTTP://GIT.OSCHINA.NET/5301Z/XXAQXT/TREE/WEEK5])

# # Other (sentiment, thinking, etc., optional)
This week's learning involves a lot of compilation knowledge, which requires us to review and review the relevant knowledge of the compilation and deepen the understanding of the compendium. And the combination of experimental content, from the experience of the difference between their hands and above his business, at that time on the compilation of knowledge smattering, perhaps more reason is not to do hands-on operation, hope that through this study can be a compilation of knowledge to really learn.

# # Learning Progress bar

| | Lines of code (new/cumulative) | Blog volume (Add/accumulate) | Learning time (NEW/cumulative) | Important growth |
| -------- | :----------------:|:----------------:|:---------------: |:-----:|
| Target | 4000 Rows | 24 articles | 400 hours | |
| First week | 150/150 | 1/1 | 15/15 | Have a preliminary understanding of Linux
| The second week | 200/350| Use of 1/2|20/35|vim |
| The third week |250/600|1/4|20/55| various information representation methods
| Fifth week |250/850|1/5|25/80| compilation and disassembly

# # References
-[Learning Guide for in-depth understanding of computer system V2] ([http://www.cnblogs.com/rocedu/p/5826467.html])

-[Introduction to Linux Basics (new version)] ([https://www.shiyanlou.com/courses/1#])

-[Teaching of information security system design basics] ([http://www.cnblogs.com/rocedu/p/5826175.html])
-[2016-2017-1 Teaching process of information security system design basics] ([http://www.cnblogs.com/rocedu/p/5826112.html])

20145301 "Information Security system Design Fundamentals" 6th Week Study summary