3

In ARM assembly codes I can see something like these... (especially in shellcodes)

svc 0x0090003f
svc 0x001ff3bf
swi 0x0900ff0b

I know that 'svc(or swi)' is the 'supervisor call' like 'int 0x80' or 'SYSENTER' from Intel. but, how can I interpret the 'svc' numbers?? where can I get the listing of it's information?? What about thumb 'svc' instruction??

The arm instruction manual doesn't seem to be explaining these...

Can someone help me? Thank you in advance.

4

3 回答 3

1

The SVC value gets stored in the 16-bits low bits of the ESR register

The ARMv8 Architecture Reference D12.2.36 "ESR_EL1, Exception Syndrome Register (EL1)" says that if the EC bits are 0b010101 then the ISS field is documented at "ISS encoding for an exception from HVC or SVC instruction execution".

That section then says that the lower 16 bits are imm16, which if you look at the SVC definition is the name given to the 16-bit argument.

Finally, the SVC calls you shows on your question are not valid in ARMv8 GNU GAS, because they are larger than 16-bits. For example:

SVC 0xABCDE

correctly fails to assemble with:

Error: immediate value out of range 0 to 65535 at operand 1 -- `svc 0xABCDE

Runnable example

Here is a minimalistic aarch64 baremetal runnable example that does an SVC and prints out all registers during the handler, including ESR https://github.com/cirosantilli/linux-kernel-module-cheat/tree/b1bfd46efebabcba4f1ab1cbddf99611550e2dc2#arm-svc-instruction

于 2019-07-16T19:16:55.347 回答
-1

6.2.8. SVC handlers

An exception handler might have to determine whether the processor was in ARM or Thumb state when the exception occurred.

SVC handlers, especially, might have to read the processor state. This is done by examining the SPSR T-bit. This bit is set for Thumb state and clear for ARM state.

Both ARM and Thumb instruction sets have the SVC instruction. When calling SVCs from Thumb state, you must consider the following:

The instruction address is at lr-2, rather than lr-4.

The instruction itself is 16-bit, and so requires a halfword load, see Figure 6.3.

The SVC number is held in 8 bits instead of the 24 bits in ARM state.

Read more at http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.dui0203j/Cacdfeci.html

于 2014-06-11T11:52:05.433 回答
-1

From 6.2.8. SVC handlers

Whenever any svc/swi is encountered, control will be transferred to the svc handler. in SVC handler these numbers will be used to identify what subroutine needs to be called so these are the index values which will be taken by handler and processed accordingly.

Example 6.11. SVC handler in C function

void C_SVC_handler (unsigned number)
{
    switch (number)
    {
        case 0 :                 /* SVC number 0 code */
            ...
            break;
        case 1 :                 /* SVC number 1 code */
            ...
            break;
        ...
        default :                /* Unknown SVC - report error */
    }
}

Reference- 6.2.8. SVC handlers

于 2019-07-10T13:28:38.340 回答