API tools faq
paste
Guest User

Untitled

a guest
Aug 15th, 2018
110
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
ASM (NASM) 2.53 KB | None | 0 0
raw download clone embed print report
  1. virtual8086:
  2.     push eax
  3.     push ebx
  4.     push ecx
  5.     push edx
  6.     push esi
  7.     push edi
  8.     push ebp
  9.  
  10. %define .oldEBP    esp
  11. %define .oldEDI    esp+4
  12. %define .oldESI    esp+8
  13. %define .oldEDX    esp+12
  14. %define .oldECX    esp+16
  15. %define .oldEBX    esp+20
  16. %define .oldEAX    esp+24
  17. %define .errorCode esp+28
  18. %define .oldEIP    esp+32
  19. %define .oldCS     esp+36
  20. %define .oldEFLAGS esp+40
  21. %define .oldESP    esp+44
  22. %define .oldSS     esp+48
  23. %define .oldES     esp+52
  24. %define .oldDS     esp+56
  25. %define .oldFS     esp+60
  26. %define .oldGS     esp+64
  27.  
  28.     mov eax,0x10;KERNEL_DATA_SEG
  29.     mov ds,eax
  30.     mov es,eax
  31.  
  32.     movzx eax,word [.oldCS]
  33.     movzx ebx,word [.oldEIP]
  34.     shl eax,4
  35.     add ebx,eax                  ;ebx = address of instruction that caused GPF
  36.     mov dl,[ebx]                 ;dl = first byte of instruction that caused GPF
  37.  
  38.     cmp dl, 0xcd                 ;Was it a software interrupt?
  39.     jz .vm8086_monitor_int       ; yes
  40.     cmp dl, 0x9c                 ;Was it a PUSHF?
  41.     jz .vm8086_monitor_pushf     ; yes
  42.  
  43.     ;Need to do an error message and abort (can't continue running
  44.     ;  virtual8086 code because we can't handle whatever caused the
  45.     ;  GPF).
  46.  
  47. .abortV86:
  48. ;    sti
  49. cli
  50. .die:
  51.     hlt
  52.     jmp .die
  53.  
  54.  
  55. .vm8086_monitor_int:
  56.     movzx eax,word [.oldSS]
  57.     movzx edi,word [.oldESP]
  58.     shl eax,4
  59.     add edi,eax                  ;edi = address of interrupted code's SS:SP
  60.     mov ax,[.oldCS]
  61.     sub edi,2
  62.     mov [edi],ax                  ;Put original CS on interrupted code's stack
  63.     mov ax,[.oldEIP]
  64.     sub edi,2
  65. add ax, 2
  66.  
  67.     mov [edi],ax                  ;Put original IP on interrupted code's stack
  68.     sub word [.oldESP],4         ;Decrease original SP
  69.     movzx eax,byte [ebx+1]       ;eax = interrupt number
  70.     movzx ecx,word [eax*4]       ;ecx = IP for interrupt
  71.     movzx eax,word [eax*4+2]     ;eax = CS for interrupt
  72.     mov [.oldEIP],ecx            ;Set new return EIP
  73.     mov [.oldCS],eax             ;Set new return CS
  74.     or dword [.oldEFLAGS],(1<<9) ;Set IF flag in original EFLAGS
  75. btc dword [.oldEFLAGS], 9
  76.     jmp .vm8086_monitor_return   ;Return to the requested interrupt handler
  77.                                  ; (which will return to the original code)
  78.  
  79. .vm8086_monitor_pushf:
  80.     jmp .abortV86           ;Until this code is written...
  81.  
  82.  
  83. .vm8086_monitor_return:
  84.     pop ebp                                    
  85.     pop edi
  86.     pop esi
  87.     pop edx
  88.     pop ecx
  89.     pop ebx
  90.     pop eax
  91.     add esp,4               ;Skip over error code
  92.     iret
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!