Introduction to ARM assembly (I)-knowledge preparation and arm preparation

Introduction to ARM assembly (I)-knowledge preparation and arm preparation

I read the prose of Shi Tiesheng, and it involves the memories that I have never experienced in my life, just like the sad treasure travel in the thick soil of Huangshan in the north, those who believe in the same sunshine and devout people in the sun. I think there will be a long trip, in the broken time and the road, to observe all the distant ways of life, and people. I found that I fell in love with the north of China. Full of cool breath: The Yellow land that is split and barren, dry and burning like the river bed that is generally extended by the vein, those who are black and wrinkled like the old skin of the cypress tree... people and the earth have a primitive and simple appearance, reflecting ordinary history. -- Qi jinnian

Registers are used almost everywhere in ARM assembly code. Registers are high-speed storage units unique to the processor for saving commands, data, and addresses. For example, when a variable in a high-level language is included in an assembly, its value may be stored in a register.

 

R0, R2, and SP in the above Code are ARM registers.

The ARM processor has 31 general-purpose registers and 6 State registers. However, in a certain processor mode, it is used as a part, including 15 general-purpose registers (R0 ~ R14), one or two status registers (CPSR/SPSR) and program counters (PC/R15 ).

R0 ~ R14 can be divided into two types: Non-grouping registers (R0 ~ R7) and grouping register (R8 ~ R14 ). The non-grouping means that the Register shares the same physical Register in each processor mode. The so-called grouping means that the Register corresponds to different physical registers in different processor modes.

The Group Register (R8 ~ R14) can be divided into two categories: (1) R8 ~ R12 has two sets of physical registers: one for FIQ mode, and the other for all modes except FIQ. (2) R13 ~ R14 has six groups of physical registers, one for user mode and system mode, and the other five for five exception modes respectively.

In addition, R13 is generally used as a stack pointer, known as SP; R14 as a link register and called LR. CPSR is the current program status register, and SPSR is the program state storage register. When an exception occurs, SPSR is used to save the state of CPSR.

Finally, the ARM processor uses a three-level pipeline mechanism to speed up instruction processing. Therefore, the PC always points to the address of the next two commands of the current command, that is, the current command address value plus 8 bytes.

ARM processors support 7 operating modes:

• User Mode (usr)
• Fast interrupt mode (fiq)
• External Interrupt mode (irq)
• Management Mode (svc)
• Data Access termination mode (abt)
• System Mode (sys)
• Undefined command stop mode (und)

In addition to the user mode, all other modes are "privileged". The processor can access protected system resources, while Reverse Analysis of ARM programs generally only involves the user mode. In user mode, the processor can access R0 ~ R14, PC (R15), CPSR, no SPSR.

The ARM processor has two working states: (1) ARM State: executing 32-bit aligned ARM commands; (2) Thumb state: executing 16-bit Thumb commands.

The Register names in the two States are partially different. The following lists only the different parts:

• The FP in the Thumb State corresponds to the R11 in the ARM state.
• The IP address in the Thumb State corresponds to the R12 in the ARM state.
• The SP in the Thumb State corresponds to the R13 in the ARM state.
• LR in Thumb State corresponds to R14 in ARM State
• The PC in the Thumb State corresponds to the R15 in the ARM state.

The ARM assembly on the Android platform is gnu arm assembly and uses GAS (GNU Compiler, GNU Compiler ).

Learning Materials: [Android software security and Reverse Analysis]