화요일, 9월 29, 2009

pass struct to char pointer(char*) in DLL export function

DLL 에서 export 된 function parameter 로 struct 를 char pointer (char*) 로 전달
( pass struct to char pointer(char*) in DLL export function )

DLL: int testFunc(int a, int* b = 0, char* _items = 0);
exe: struct 변수를 memcpy 로 char type 의 buffer 에 넣어서 buffer address 를 char* 에 넘긴다.

아래는 test code 다.
꼭 사용할 때면 새로 작성을 해서 테스트를 하다보니 여기에 그냥 적어 놓는다. 에휴...

참고로, Delphi 에서 struct 를 char* 로 전달 할 때는 다음과 같이 하자.
int* 는 Pointer( @_array_var_[0] {trick} );
char* 거나 struct 를 char* 로 전달할 때는 PChar(@_struct_var); 이렇게 사용하자.

--- Delphi ---
type
TSubItem = packed record
str: string;
a: integer;
end;
TItems = packed record
flag: boolean;
item1: TSubItem;
item2: TSubItem;
end;
TDllFunc_ = function (...; intArray: Pointer; pStr: PChar;...): HResult; cdecl;
TIntArray = array[0..3] of integer;

var
g_Items: TItems;
g_IntArray: TIntArray;

implementation
//{$R *.dfm}

procedure aaa;
var
...
DllFunc: TDllFunc_;
begin
...
g_IntArray[0] := 1;
g_IntArray[1] := 2;
g_IntArray[2] := 3;
DllFunc( ..., Pointer(@g_IntArray[0]{trick}), PChar(@g_Items), ... );
end;

//
// C/C++
//

--- DLL: test.c ---
#include "windows.h"
#include "iostream"

#define EXTC_API extern "C"
#define CLIB_API /*extern "C"*/ __declspec(dllexport)

extern "C" {
#pragma pack(push)
#pragma pack(1)
typedef struct {
char* pStr;
int a;
int b;
} item_st;

typedef struct {
boolean enableItem1;
boolean enableItem2;
boolean enableItem3;
item_st item1;
item_st item2;
item_st item3;
} items_st;
#pragma pack(pop)
}

EXTC_API CLIB_API int testFunc(int a, int* b = 0, char* _items = 0);

/*static*/ items_st* items = NULL;
EXTC_API CLIB_API int testFunc(int a, int* b, char* _items) {
items = (items_st*)_items; // 'items': Global STATIC variable

for( int i = 0; i < 3; i++ ) fprintf( fp, "[%d] = %d\n", i, *(b+i) ); fprintf( stdout, "%d, %d, %d\n", items->enableItem1, items->enableItem2, items->enableItem3 );
fprintf( stdout, "%s, %d, %d\n", items->item1.pStr, items->item1.a, items->item1.b );
fprintf( stdout, "%s, %d, %d\n", items->item2.pStr, items->item2.a, items->item2.b );
fprintf( stdout, "%s, %d, %d\n", items->item3.pStr, items->item3.a, items->item3.b );

return 0;
}

--- EXE: test_bin.c ---
#include "windows.h"
#include "iostream"

#pragma pack(push)
#pragma pack(1)
typedef struct {
char* pStr;
int a;
int b;
} item_st;

typedef struct {
boolean enableItem1;
boolean enableItem2;
boolean enableItem3;
item_st item1;
item_st item2;
item_st item3;
} items_st;
#pragma pack(pop)

typedef int (*gFP)(int, int*, char*);
int myFunc(void);
int main(void) {
int ret = 0;
ret = myFunc();
return ret;
}
int myFunc(void) {
int ret = 0;
HINSTANCE hInst;

hInst = LoadLibrary("test.dll");

if( !hInst ) {
fprintf( stderr, "[ERROR] Cannot open test.dll\n" );
return 1;
}

gFP gfp = (gFP)GetProcAddress( hInst, "testFunc" );

{
int bufInt[3] = { 0, 1, 2 };
char bufStrItems[sizeof(items_st)] = { 0 };

items_st items = { 0 };
items.enableItem1 = TRUE;
items.enableItem2 = TRUE;
items.enableItem3 = TRUE;

items.item1.pStr = "AAAAABBBBB";
items.item1.a = 10;
items.item1.b = 10;

items.item2.pStr = "CCCCCDDDDD";
items.item2.a = 20;
items.item2.b = 20;

items.item3.pStr = "EEEEEFFFFF";
items.item3.a = 30;
items.item3.b = 30;

memcpy( bufStrItems, &items, sizeof(items_st) );
ret = gfp( 0, (int*)&bufInt, bufStrItems );
}

if( ret )
fprintf( stdout, "Success\n" );
else
fprintf( stderr, "Fail\n" );

FreeLibrary( hInst );

return (ret ? true : false);
}

-----
Cheers,
June

일기 (2009.09.28)

오늘 광주 MBC TV, 문화콘서트 '난장'에서 Acoustic Cafe 콘서트를 했다.

Acoustic Cafe 의 방송 출연은 처음이라고 한다.
처음엔 그냥 많이 들어본 음악이 나오길래 그냥 그런가 보다라고 했는데,
Acoustic Cafe 라고 하자마자 눈이 초롱초롱 해졌다. 귀도 쫑근 해지고... ^^

사실 내가 Acoustic Cafe 팬이다.
아직도 나에겐 Acoustic Cafe 는 Lead Violin - Norihiro Tsuru, Piano - Yuriko Nakamura, Cello - Yoshihiko Maeda 이다.

Norihiro Tsu 의 Violin 의 음색은 아직도 내 귀에 생생하다.
Violin 음색에 내 귀가 민감하게 반응 하는 것은
Beethoven Violin Sonata 에서 "Kreutze" 가 나에겐 그 technique 자체가 충격이였지만,
아무래도 "Last Carnival" 에서 Norihiro Tsuru 의 Violin 영향이 컸던것 같다.

정말 주옥 같은 곡들이 많지만, (사실 제목은 잘 모른다. 오직 음악 밖엔...)
Long Long Ago 와 Last Carnival 은 나에게 음..
뭔가 기운을 넣어주고 날 일으켜 세워준다.
엄마가 자식을 대하듯 다정하고 부드럽게, 때론 야단을 치는것 처럼...

technique 이 훌륭한 다른 좋은 명곡들도 많겠지만,
나에게 와 닿는 것이야 말로 그로 인해 느끼고 숨쉬고 깨닫는 것 같다.
그래서 나의 경우엔 technique 이라고 해서 정석대로 듣고 공부를 해보는 것보다는
내 마음이, 내 귀가 반응하는 그런 음악을 자주 듣게 된다.

오늘 하루 조금 피곤했는데,
월요일 마다 보는 광주 MBC TV, 문화콘서트 '난장' 을 통해서
Acoustic Cafe 를 만나니 너무 좋았고, 마음이 편안 해졌다.

난 언제쯤 편안한 마음으로 진정으로 즐기면서 따뜻하고 포근한 음악을 할 수 있을까?
언젠간 그런 날이 올거라고 믿는다.
사람들에게 마음이 따듯해지는,
희망을 줄수있는 그런 음악을 들려줄 날이... 곧 오기를...

잠자리에 들기전, 한정희씨의 '푸른자전거' 앨범에 있는
"나의 오래된 꿈 하나" 를 들으면서 오늘도 희망을 안아본다.

-----
June

목요일, 9월 24, 2009

Delphi "int Array" to type casting "int*" in C/C++

//
// Delphi (bufInt: Array[..] of integer) to type casting (int* pBufInt) in C/C++;
// http://coding.derkeiler.com/Archive/Delphi/alt.comp.lang.borland-delphi/2004-11/0258.html
//
// Trick: Pointer( @effect[0] )
// Prototype in C/C++: void func(int* pBufInt);
//
// Use in Delphi:
// var bufInt: Array[0..3] of integer;
// func( Pointer(@effect[0]) );
//

-----
Cheers,
June

Delphi: URL Download

간단한 URL Download 이다.

이건 잊지 말고 항상 설정 해주자.
// For URL Redirection
ctHTTP.HandleRedirects := True;
// for HTTP 404 Forbidden Error; User-Agent
ctHTTP.Request.UserAgent := 'Mozilla/4.0 (compatible; MSIE 5.5)';

//
// URL Download
//
function URLDownload(ctHttp: TIdHTTP; strUrl: String; strOutFilename: String): Boolean;
var
fileStream
fileStream: TFileStream;
recvData: String;
begin
// For URL Redirection
ctHTTP.HandleRedirects := True;
// for HTTP 404 Forbidden Error; User-Agent
ctHTTP.Request.UserAgent := 'Mozilla/4.0 (compatible; MSIE 5.5)';

recvData := ctHTTP.Get( strUrl );

fileStream := TFileStream.Create( strOutFilename, fmCreate );
fileStream.Write( recvData[1], Length(recvData) );
fileStream.Free;

if( Length(recvData) > 0 ) then
Result := True
else
Result := False;
end;

-----
Cheers,
June

금요일, 9월 18, 2009

Linux Assembly Tutorial - Step-by-Step Guide

Linux Assembly Tutorial

Step-by-Step Guide

Written by: Derick Swanepoel (derick@maple.up.ac.za)

Version 1.0 - 2002-04-19, 01:50am

Download as zipfile

JMP Quickstart

1. Introduction

2. Why this Tutorial?

3. The Netwide Assembler (NASM)

3.1 A Note on Assemblers
3.2 Where do I get NASM?

4. Introduction to Linux Assembly

4.1 Main Differences Between DOS and Linux Assembly

4.2 The Parts of an Assembly Program

4.3 Linux System Calls

4.3.1 Reading the Manpages

4.4 "Hello World!" in Linux Assembly

4.5 Compiling and Linking

5. More Advanced Concepts

5.1 Command Line Arguments and the Stack
5.2 "Procedures" and Jumping

6. Conclusion

Appendix A. The terminal is your friend - how to use it

Appendix B. Installing NASM (and other stuff) on Linux

Appendix C. References

1. Introduction

This tutorial is an introduction to coding assembly in Linux. There are two "versions" to accommodate
various people:

The Step-by-Step Guide: This version explains everything in detail. It assumes that you have done at
least a little bit of DOS assembly, and that you have Linux on your computer (although you may not have
used it much yet). Since not everyone may know how to use Linux, there are links to sections where I explain
how to do basic things like use the terminal and the DOS-equivalent commands.
The Quickstart: If you're in a hurry and just want to see a Linux
assembly program, compile it and run it, this is for you. It assumes that you understand basic DOS assembly,
and that you know how to use the terminal. Basically, it just points out the differences between a Linux and
DOS assembly program with just enough explanation not to confuse you.

The assembler I'll be using is NASM (Netwide Assembler). Lots of the stuff in this tutorial came from other
tuts and the NASM documentation – see the References section for more info.

2. Why this Tutorial?

Mainly, the reason for this tutorial is to make assembly programming easier, better and more practical
by doing it in Linux instead of DOS. Also, it may teach you a bit of Linux while you're at it (unless you're already
at home with it).

Programming in assembly may seem quite masochistic (and writing entire programs in it simply ridiculous),
especially in these days of super-optimizing compilers and visual development tools that do just about everything
for you. However, there is an advantage in understanding more about the inner workings of your processor and
kernel, and assembly is a good way of learning this. Sometimes assembly can be extremely useful for sticking inline
in a C/C++ program. And if your program really has a "need for speed", you can tweak and optimize
the assembly generated by the compiler (of course, you need to be pretty elite to produce better code than today's
compilers.)

Since there was this notion that we were to be taught how to use Linux during COS284 (sort of as an aside),
the idea was that we would code assembly in Linux. But not Linux assembly - DOS assembly, in a DOS emulator,
with a DOS text editor. Of course, this entirely defeats the purpose, but maybe it was to be done this way mainly
because there aren't so many Linux assembly tutorials and sample code as for DOS. Well, here is a tutorial that'll
teach you the basics of Linux assembly.

3. The Netwide Assembler (NASM)

3.1 A Note on Assemblers

Linux will almost always be intalled with the default assemblers as and as86 available, and
quite likely also gas. However, we will be using NASM, the Netwide Assembler. It uses the Intel syntax
just like TASM, MASM, and other DOS assemblers, and the structure is also fairly similar. (Useless info: as and
gas use the AT&T syntax, which is somewhat different – eg. all registers must be prefixed
with a %, and the source operand comes before the destination. See the References for a link to a tut using as
and AT&T syntax.)

NASM is cool because it's portable (there are Linux, Unix and DOS versions), it's free and it's powerful with lots of
nice features. Trust me.

3.2 Where do I get NASM?

If you selected "Development Tools" when you installed Linux, chances are you already have NASM. It comes
standard with most Linux distributions, so you don't need to download it. To check if you've got it, just ask Linux,
"Where is NASM?" Here's how:

Open a terminal. (For some basic Linux terminal skills, go to
The terminal is your friend - how to use it)
Type whereis nasm and press ENTER.

If you see a line that says something like nasm: /usr/bin/nasm then you're fine. If all you see is
nasm: then you need to install NASM. Here are some instructions on how to
install NASM (or anything else) on Linux.

If you feel like getting the latest and greatest version of NASM, visit their website
www.cryogen.com/Nasm, or get it with FTP from our local Linux
mirror ftp.kernel.za.org/pub/software/devel/nasm/binaries.

4. Introduction to Linux Assembly

4.1 Main Differences Between DOS and Linux Assembly

In DOS assembly, most things get done with the DOS services interrupt int 21h, and the BIOS
service interrupts like int 10h and int 16h. In Linux, all these functions are handled by the
kernel. Everything gets done with "kernel system calls", and you call the kernel with int 80h. One of
the wonderful things about Linux system calls are that there are fewer of them (about 190) than DOS, but they
are far more practical (you don't have obsolete crap like functions that load casette BASIC and things left over
from DOS 1.0). Linux system calls create files, handle processes and other such useful stuff - no strings attached
(mmm, bad pun ;-)
Linux is a true, 32-bit protected mode operating system, so this enables us to do real, up-to-date 32-bit
assembly. This 32-bit code runs in the flat memory model, which basically means you don't have to worry
about segments at all. This makes life a lot easier, because you never need to use a segment override or modify
any segment register, and every address is 32 bits long and contains only an offset part. (If this is just a lot of
waffling to you, don't worry, just know that it's good and will simplify things for you.)
In 32-bit assembly, you use the extended 32-bit registers EAX, EBX, ECX and so on instead of the normal
16-bit registers AX, BX, CX etc.
DOS is dead. It's 16-bit. It's obsolete. The only people that still write DOS assembly are crazy old hackers that
are too attached to their 386s to throw them away. Linux assembly has practical applications (parts of the OS are
written in assembler, hardware drivers are often coded in assembler).

4.2 The Parts of an Assembly Program

An assembly program can be divided into three sections:

The .data section

This section is for "declaring initialized data", in other words defining "variables" that already contain stuff.
However this data does not change at runtime so they're not really variables. The .data section is used
for things like filenames and buffer sizes, and you can also define constants using the EQU instruction.
Here you can use the DB, DW, DD, DQ and DT instructions. For example:
```
 

section .data

	message:    db 'Hello world!'     ; Declare message to contain the bytes 'Hello world!' (without quotes)

	msglength:  equ 12                ; Declare msglength to have the constant value 12

	buffersize: dw 1024               ; Declare buffersize to be a word containing 1024
```

The .bss section

This section is where you declare your variables. You use the RESB, RESW, RESD, RESQ and REST
instructions to reserve uninitialized space in memory for your variables, like this:

 

section .bss

	filename:   resb    255           ; Reserve 255 bytes

	number:     resb    1             ; Reserve 1 byte

	bignum:     resw    1             ; Reserve 1 word (1 word = 2 bytes)

	realarray:  resq    10            ; Reserve an array of 10 reals

The .text section

This is where the actual assembly code is written. The .text section must begin with the declaration
global _start, which just tells the kernel where the program execution begins. (It's like the main
function in C or Java, only it's not a function, just a starting point.) Eg.:
```
 

section .text

	global _start

 

_start:

	pop    ebx        ; Here is the where the program actually begins

	.

	.

	.
```

As you can see, so far things are still more or less DOSish. Next we'll look at system calls in more detail,
and once that is done you'll be able to write your first Linux assembly program!

4.3 Linux System Calls

Linux system calls are called in exactly the same way as DOS system calls:

You put the system call number in EAX (we're dealing with 32-bit registers here, remember)
You set up the arguments to the system call in EBX, ECX, etc.
You call the relevant interrupt (for DOS, 21h; for Linux, 80h)
The result is usually returned in EAX

There are six registers that are used for the arguments that the system call takes. The first argument goes
in EBX, the second in ECX, then EDX, ESI, EDI, and finally EBP, if there are so many. If there are more than
six arguments, EBX must contain the memory location where the list of arguments is stored - but don't worry
about this because it's unlikely that you'll use a syscall with more than six arguments. The wonderful thing
about this scheme is that Linux uses it consistently – all system calls are designed this way, there
are no confusing exceptions.

Some example code always helps:

 

	mov	eax,1       ; The exit syscall number

	mov	ebx,0       ; Have an exit code of 0

	int	80h         ; Interrupt 80h, the thing that pokes the kernel and says, "Yo, do this"

But how do you find out what these system calls are, and what they do, and what arguments they take?
Firstly, all the syscalls are listed in /usr/include/asm/unistd.h, together with their numbers
(the value to put in EAX before you call int 80h). However, for your convenience you
can simply find them in this Linux System Call Table, together with some
other useful information (eg. what arguments they take). Take a look at the list of syscalls –
there are things like sys_write (4), sys_nice (34) and of course sys_exit (1).
To find out just what these things do, you can look them up in the Linux manual pages (commonly
called "the manpages"). That is what the next section is about.

4.3.1 Reading the Manpages

First, open a terminal (or switch to one of the 6 consoles with CTRL+ALT+F1 through F6
- to get back to graphical mode press CTRL+ALT+F7). Say now you want to know what the "write"
syscall does. Type man 2 write and press ENTER. This will bring up the manual page on "write"
from section 2 of the manpages.

Under the NAME section is the syscall's name and what it does – in this case:

write - write to a file descriptor

This is the syscall you use to write to, well, a file. But you also use it to print stuff on the screen.
"Why the heck is that?" you ask. See, in Linux everything is a file. Things like the screen, mice, printers,
etc. are special files called "device files", but you read and write to them just like you do to a text file.
This actually makes sense, because reading/writing files is one of the simplest things to do in programming,
so why not do everything in the same simple way - but I digress.

Next, under the SYNOPSIS section you see a fairly ugly line:

ssize_t write(int fd, const void *buf, size_t count);

OK, if you know C it won't be ugly, because this is just the C definition of the syscall. As you can see,
it takes three arguments: the file descriptor, followed by the buffer, and then how many bytes to write,
which should be however long the buffer is. (The DESCRIPTION section tells us what the arguments are
for.) The file descriptor (fd) is an integer, the buffer (buf) is a pointer to a memory
location (that's what the * means), so it's also an integer, and the bytes to write (count) is of
type size_t, which is also an integer. This makes sense because we put values for these arguments in the
registers EBX, ECX and EDX, which are all 32-bit integers. Finally, the write syscall returns a value in EAX:
the number of bytes actually written. This can be used to verify if all went well.

Now we can finally write our first Linux assembly program!

4.4 "Hello World!" in Linux Assembly

Of course, the appropriate way to begin would be to print out "Hello world!" To print to the screen, we write
to the special file called STDOUT (standard output), which is file descriptor 1. Here is the program in full:

 

section .data

	hello:     db 'Hello world!',10    ; 'Hello world!' plus a linefeed character

	helloLen:  equ $-hello             ; Length of the 'Hello world!' string

	                                   ; (I'll explain soon)

 

section .text

	global _start

 

_start:

	mov eax,4            ; The system call for write (sys_write)

	mov ebx,1            ; File descriptor 1 - standard output

	mov ecx,hello        ; Put the offset of hello in ecx

	mov edx,helloLen     ; helloLen is a constant, so we don't need to say

	                     ;  mov edx,[helloLen] to get it's actual value

	int 80h              ; Call the kernel

 

	mov eax,1            ; The system call for exit (sys_exit)

	mov ebx,0            ; Exit with return code of 0 (no error)

	int 80h

Copy this program into a text editor of your choice (I use vi or SciTE),
and save it as hello.asm in your home directory (/home/yourname).

4.5 Compiling and Linking

If you don't have a terminal or console open, open one now.
Make sure you are in the same directory as where you saved hello.asm.
To assemble the program, type

nasm -f elf hello.asm

If there are any errors, NASM will tell you on what line you did what wrong.
Now type ld -s -o hello hello.o

This will link the object file NASM produced into an executable file.
Run your program by typing ./hello

(To run programs/scripts in the current directory, you must always type ./ before the name,
unless the current directory is in the path.)

You should see Hello world! printed to the screen. Congratulations! You have just written your
first assembly program in Linux!

5. More Advanced Concepts

Before I go on, you're probably wondering what that equ $-hello thing is doing in our
Hello World program (line 3). As you may remember, when you use equ to declare a variable (instead of
db, for example), you are actually declaring a constant. Declaring the length of our string as a
constant is sensible because it sure isn't going to change. But how does $-hello turn out to be the
length of 'Hello world!' ? When NASM sees a '$' it replaces it with the assembly position at the beginning of
that line. (That is also the position at the end of the previous line.) So subtracting the position of a variable
from '$' will give us the number of bytes between the variable and '$'. If we want to declare a variable that
contains the length of a string we've declared by saying hello: db 'Hello world!',10 then we just stick
helloLen: equ $-hello on the next line. That will make helloLen equal to the number of bytes
that hello takes up in memory, which in this case is 13 (the linefeed character also counts). Don't
worry if this confuses you – just remember that it's a neat and easy way to declare the length of a string.

If you're more than just casually interested, I'd encourage you to check out the NASM documentation for more
information on these things, and how to use some of the other neat features that I'm not going to mention in
this tutorial.

5.1 Command Line Arguments and the Stack

Getting the command line arguments from a DOS program is not an enjoyable experience, because working with the
PSP and having to worry about segments is simply a pain. In Linux things are much simpler: all arguments are
available on the stack when the program starts, so to get them you just pop them off.

As an example, say you run a program called program and give it three arguments:

 

./program foo bar 42

The stack will then look as follows:

program

foo

bar

Number of arguments (argc), including the program name

Name of the program (argv[0])

Argument 1, the first real argument (argv[1])

Argument 2 (argv[2])

Argument 3 (argv[3]) (Note: this is the string "42", not the number 42)

Now lets write the program program that takes the three arguments:

 

section .text

	global _start

 

_start:

	pop	eax		; Get the number of arguments

	pop	ebx		; Get the program name

	pop	ebx		; Get the first actual argument ("foo")

	pop	ecx		; "bar"

	pop	edx		; "42"

 

	mov	eax,1

	mov	ebx,0

	int	80h		; Exit

After all that popping, EAX contains the number of arguments, EBX points to wherever "foo" is stored
in memory, ECX points to "bar" and EDX to "42". This is obviously way more elegant and simple
than in DOS. It took us just 5 lines to get the arguments and even how many there are, while in DOS it
takes 14 rather complicated lines just to get one argument! Note that the 3^rd pop
overwrites the value we put in EBX with the 2^nd pop (which was the program name).
Unless you have a really good reason, you can usually chuck away the program name as we did here.

5.2 "Procedures" and Jumping

NB: NASM doesn't have procedure definitions like you may have used in TASM. That's because procedures
don't really exist in assembly: everything is a label. So if you want to write a "procedure" in NASM,
you don't use proc and endp, but instead just put a label (eg. fileWrite:)
at the beginning of the "procedure's" code. If you want to, you can put comments at the start and end
of the code just to make it look a bit more like a procedure. Here's an example in both Linux and DOS:

Linux

DOS

 

; proc fileWrite - write a string to a file

fileWrite:

   mov eax,4               ; write system call

   mov ebx,[filedesc]      ; File descriptor

   mov ecx,stuffToWrite

   mov edx,[stuffLen]

   int 80h

   ret

; endp fileWrite

 

 

proc fileWrite

   mov ah,40h              ; write DOS service

   mov bx,[filehandle]     ; File handle

   mov cl,[stuffLen]

   mov dx,offset stuffToWrite

   int 21h

   ret

endp fileWrite

NB²: I assume that you're familiar with labels and jumping to them with instructions
like JMP, JE or JGE. Now that you've seen that "procedures" are actually labels,
there is one very important thing to remember: If you are planning to return from a procedure (with the
RET instruction), don't jump to it! As in "never!" Doing that will cause a segmentation
fault on Linux (which is OK – all your program does is terminate), but in DOS it may blow up in your
face with various degrees of terribleness. The rule to remember is:

You may jump to labels, but you must call a procedure.

Calling a procedure is of course done with the CALL instruction. This makes life a bit difficult
when you want to do things like "if-then-else". If you have a situation such as "if this happens, call
procedure 1, else call procedure 2" there's only one thing to do: Jump around like a kangaroo weaving a
spaghetti code masterpiece. Lets look at an example. First, here is some normal, sane code:

 

	if (AX == 'w') {

	   writeFile();

	} else {

	   doSomethingElse();

	}

This is how you would do it in assembly:

 

	cmp	AX,'w'		; Does AX contain 'w'?

	jne	skipWrite	; If not, skip writing by jumping to another label, and doSomethingElse there...

	call	writeFile	; ...else call the writeFile procedure...

	jmp	outOfThisMess	; ...and jump past all of this spaghetti

 

skipWrite:

	call	doSomethingElse

outOfThisMess:

	...			; The rest of the program goes on here

Note that this is applicable to any assembly, not just Linux or NASM.

5.3 A Program with Everything

Now we can finally take a look at a program that does something remotely useful, containing
almost everything we've covered. In the Quickstart version of this tutorial, I have included a
Linux and a DOS version of the program we wrote in Practical 3 (the one that writes 'Hello world!'
to the file given as a command line argument). Check it out
and see how much simpler and logical the Linux program is compared to the DOS one.

6. Conclusion

Well, that's about it for this tutorial. I hope this has been a suitable introduction to doing
assembly programming in Linux. If you have any questions, suggestions or problems, feel free to
e-mail me at derick@maple.up.ac.za. This is my first
tutorial and I'm no assembly hacker either, so I welcome your comments.

Good luck and happy coding!

Appendix A. The terminal is your friend - how to use it

The terminal / console is an integral and very useful part of Linux. Linux has an excellent set of
command line utilities and programs, and you can control the whole system without a GUI. Sometimes
this is actually easier and faster. For programming in assembly you are obviously going to have to
work in the terminal, and this part will show you how.

Before you start, keep in mind that Unix/Linux is case sensitive, so
"Blah" is not the same as "blah" or "blaH".

Opening a terminal: If you're in KDE or Gnome, simply click on the terminal icon or
browse the "Start"-menu for a terminal program. Alternatively you can switch to one of the 6 text-mode
consoles by pressing CTRL+ALT+F1 through F6. To get back to graphics mode press
CTRL+ALT+F7. When you open a terminal or log in on a console, you are plonked into your
home directory, which is called whatever your username is. You are presented with a prompt that
looks something like this:
```
 

[delta@quantumcow asmtut]$
```
The part before the '@' tells you your username (mine is delta), then the computer name
(quantumcow), and then the top-level current directory (asmtut).
Finding out where you are: At the prompt, type pwd. This will show you the
"present working directory", in other words where you are now. For example:
```
 

[delta@quantumcow asmtut]$ pwd

/home/delta/asmtut
```
Changing directories: To change to another directory you use the cd command.
Note that it works a bit different than the DOS cd. Firstly, there must be a space between
"cd" and the directory name. Secondly, in Unix/Linux, the directory separator is a forward slash (/)
not a backslash (\). To change to the parent directory of the current one, you go cd ...
To go up two levels in the directory tree, type cd ../... Here are some examples – try them out:
```
 

[delta@quantumcow asmtut]$ cd /usr/share/doc

[delta@quantumcow doc]$ pwd

/usr/share/doc

[delta@quantumcow doc]$ cd ..

[delta@quantumcow share]$ cd ../..

[delta@quantumcow /]$
```
At the end of this example, you end up in the root directory, / (similar to C:\). Now to
get back to your home directory, type cd ~

The tilde (~) is a shortcut for your home directory.
Finding out what's in a directory: To list the current directory's contents, type ls.
If you're in your home directory and haven't used Linux much, there probably won't be many files.
Change to a directory like /etc and list its contents – lots of files! (The /etc directory
is where most of the system's configuration files are stored.) To get some more info, you can do a
"long list" by typing ls -l or simply ll. In my home directory it looks like this:

Directories are highlighted in blue, executable files in green, compressed archives in red and images in purple.
Finding out what's in a file: You can use either cat or less to view the contents
of a file. Use less when you know the output will be more than one screen long, because less
will pause at every screen of text, and allows you to scroll up and down.
```
 

[delta@quantumcow asmtut]$ cat foo.txt

Hello, world!
```
The wonders of tab-completion: Linux has a wonderful feature called tab-completion. Almost anywhere,
when you are typing in the name of a file or directory, you can press the TAB key and Linux will complete
the name for you. This is especially useful when you're dealing with things that have long names. Try find a
directory with really long directory names in it, and then cd to one of them using tab-completion.
For example, type cd /usr/share/doc/cons and press TAB. Tada! Linux has completed
the name for you, (console-tools-19990829/) and you can just press ENTER.

If you try typing cd /usr/share/doc/proc and then press TAB you'll hear a beep. That's because
there are more than one directory in /usr/share/doc that starts with "proc", so Linux doesn't know which one you
want. If you press TAB again it will display the directories starting with "proc". Now you can type some
more letters of the directory you want (just enough to identify it uniquely will do), and press TAB again.
Neat, isn't it?

It is often useful to have more than just one terminal open, for example one to compile your program in and another
to read manpages with. Also, most window managers (KDE, Gnome, IceWM are window managers) allow you to work on
multiple desktops. So when one desktop gets cluttered with windows, just go to another one and "start with a clean
slate!" In KDE and Gnome you'll see four numbered little squares on the taskbar. Click on one and it takes you to
that desktop. (You can have up to 10 desktops if you want.) I have on one rare occasion worked on 4 consoles and
3 desktops at the same time because of all the different stuff I was doing!

Appendix B. Installing NASM (and other stuff) on Linux

In order to install programs on your Linux system, you must be root (administrator). You can decide whether you
want to do this with the GUI utilities or in a terminal – I recommend you try both, for the added experience ;)

Using KDE / Gnome

If you're working in KDE / Gnome, installing things is fairly straightforward:

If you are logged in as a normal user, log out and log in as root.
Pop your Linux CD in your CD-ROM drive, and it should be automounted (NASM is on the 2^nd CD).
You can then use a file manager (Konqueror, Nautilus) to go to /mnt/cdrom where you should see the
contents of the Linux CD. If there's nothing, go to the desktop, right-click on the CD-ROM icon and click "Mount".
In /mnt/cdrom, go to RedHat, then RPMS. You should see a lot of files with the extension
.RPM – look for nasm-0.98-8.i386.rpm.
Click/double-click on it to open it with the package manager. From there it shouldn't be too much of a
mission to install. Also install nasm-doc-0.98-8.i386.rpm, the documentation for NASM.

Using the Terminal

Installing stuff by means of a terminal isn't difficult either:

If you weren't logged in as root, become root in the terminal by typing su
(for "substitute user"). After entering your password, you will now be logged in on that terminal as root.
Mount the CD-ROM by typing mount /dev/cdrom
Change to the packages directory: cd /mnt/cdrom/RedHat/RPMS
Install NASM with the RedHat Package Manager, by typing: rpm -i nasm-0.98-8.i386.rpm

(Hint: use tab-completion!)

Also install nasm-doc-0.98-8.i386.rpm, the documentation for NASM.
If you su'd to become root, type exit to log out and stop being root.

If everything was successful, congratulations! You're well on your way to becoming an elite Linux user.
If something broke, feel free to e-mail me and I'll do my best to help. Good luck, and happy hacking in Linux!

Appendix C. References

Writing a useful program with NASM

The NASM documentation

Introduction to UNIX assembly programming

Linux Assembler Tutorial by Robin Miyagi

Section 2 of the manpages

-----
Cheers,
June

Linux System Call Table (Linux Kernel 2.2.x)

Linux System Call Table

The following table lists the system calls for the Linux 2.2 kernel. It could also be thought of as an API for the interface between user space and kernel space. My motivation for making this table was to make programming in assembly language easier when using only system calls and not the C library (for more information on this topic, go to http://www.linuxassembly.org). On the left are the numbers of the system calls. This number will be put in register %eax. On the right of the table are the types of values to be put into the remaining registers before calling the software interrupt 'int 0x80'. After each syscall, an integer is returned in %eax.

For convenience, the kernel source file where each system call is located is linked to in the column labelled "Source". In order to use the hyperlinks, you must first copy this page to your own machine because the links take you directly to the source code on your system. You must have the kernel source installed (or linked from) under '/usr/src/linux' for this to work.

%eax Name Source %ebx %ecx %edx %esx %edi
1 sys_exit kernel/exit.c int - - - -
2 sys_fork arch/i386/kernel/process.c struct pt_regs - - - -
3 sys_read fs/read_write.c unsigned int char * size_t - -
4 sys_write fs/read_write.c unsigned int const char * size_t - -
5 sys_open fs/open.c const char * int int - -
6 sys_close fs/open.c unsigned int - - - -
7 sys_waitpid kernel/exit.c pid_t unsigned int * int - -
8 sys_creat fs/open.c const char * int - - -
9 sys_link fs/namei.c const char * const char * - - -
10 sys_unlink fs/namei.c const char * - - - -
11 sys_execve arch/i386/kernel/process.c struct pt_regs - - - -
12 sys_chdir fs/open.c const char * - - - -
13 sys_time kernel/time.c int * - - - -
14 sys_mknod fs/namei.c const char * int dev_t - -
15 sys_chmod fs/open.c const char * mode_t - - -
16 sys_lchown fs/open.c const char * uid_t gid_t - -
18 sys_stat fs/stat.c char * struct __old_kernel_stat * - - -
19 sys_lseek fs/read_write.c unsigned int off_t unsigned int - -
20 sys_getpid kernel/sched.c - - - - -
21 sys_mount fs/super.c char * char * char * - -
22 sys_oldumount fs/super.c char * - - - -
23 sys_setuid kernel/sys.c uid_t - - - -
24 sys_getuid kernel/sched.c - - - - -
25 sys_stime kernel/time.c int * - - - -
26 sys_ptrace arch/i386/kernel/ptrace.c long long long long -
27 sys_alarm kernel/sched.c unsigned int - - - -
28 sys_fstat fs/stat.c unsigned int struct __old_kernel_stat * - - -
29 sys_pause arch/i386/kernel/sys_i386.c - - - - -
30 sys_utime fs/open.c char * struct utimbuf * - - -
33 sys_access fs/open.c const char * int - - -
34 sys_nice kernel/sched.c int - - - -
36 sys_sync fs/buffer.c - - - - -
37 sys_kill kernel/signal.c int int - - -
38 sys_rename fs/namei.c const char * const char * - - -
39 sys_mkdir fs/namei.c const char * int - - -
40 sys_rmdir fs/namei.c const char * - - - -
41 sys_dup fs/fcntl.c unsigned int - - - -
42 sys_pipe arch/i386/kernel/sys_i386.c unsigned long * - - - -
43 sys_times kernel/sys.c struct tms * - - - -
45 sys_brk mm/mmap.c unsigned long - - - -
46 sys_setgid kernel/sys.c gid_t - - - -
47 sys_getgid kernel/sched.c - - - - -
48 sys_signal kernel/signal.c int __sighandler_t - - -
49 sys_geteuid kernel/sched.c - - - - -
50 sys_getegid kernel/sched.c - - - - -
51 sys_acct kernel/acct.c const char * - - - -
52 sys_umount fs/super.c char * int - - -
54 sys_ioctl fs/ioctl.c unsigned int unsigned int unsigned long - -
55 sys_fcntl fs/fcntl.c unsigned int unsigned int unsigned long - -
57 sys_setpgid kernel/sys.c pid_t pid_t - - -
59 sys_olduname arch/i386/kernel/sys_i386.c struct oldold_utsname * - - - -
60 sys_umask kernel/sys.c int - - - -
61 sys_chroot fs/open.c const char * - - - -
62 sys_ustat fs/super.c dev_t struct ustat * - - -
63 sys_dup2 fs/fcntl.c unsigned int unsigned int - - -
64 sys_getppid kernel/sched.c - - - - -
65 sys_getpgrp kernel/sys.c - - - - -
66 sys_setsid kernel/sys.c - - - - -
67 sys_sigaction arch/i386/kernel/signal.c int const struct old_sigaction * struct old_sigaction * - -
68 sys_sgetmask kernel/signal.c - - - - -
69 sys_ssetmask kernel/signal.c int - - - -
70 sys_setreuid kernel/sys.c uid_t uid_t - - -
71 sys_setregid kernel/sys.c gid_t gid_t - - -
72 sys_sigsuspend arch/i386/kernel/signal.c int int old_sigset_t - -
73 sys_sigpending kernel/signal.c old_sigset_t * - - - -
74 sys_sethostname kernel/sys.c char * int - - -
75 sys_setrlimit kernel/sys.c unsigned int struct rlimit * - - -
76 sys_getrlimit kernel/sys.c unsigned int struct rlimit * - - -
77 sys_getrusage kernel/sys.c int struct rusage * - - -
78 sys_gettimeofday kernel/time.c struct timeval * struct timezone * - - -
79 sys_settimeofday kernel/time.c struct timeval * struct timezone * - - -
80 sys_getgroups kernel/sys.c int gid_t * - - -
81 sys_setgroups kernel/sys.c int gid_t * - - -
82 old_select arch/i386/kernel/sys_i386.c struct sel_arg_struct * - - - -
83 sys_symlink fs/namei.c const char * const char * - - -
84 sys_lstat fs/stat.c char * struct __old_kernel_stat * - - -
85 sys_readlink fs/stat.c const char * char * int - -
86 sys_uselib fs/exec.c const char * - - - -
87 sys_swapon mm/swapfile.c const char * int - - -
88 sys_reboot kernel/sys.c int int int void * -
89 old_readdir fs/readdir.c unsigned int void * unsigned int - -
90 old_mmap arch/i386/kernel/sys_i386.c struct mmap_arg_struct * - - - -
91 sys_munmap mm/mmap.c unsigned long size_t - - -
92 sys_truncate fs/open.c const char * unsigned long - - -
93 sys_ftruncate fs/open.c unsigned int unsigned long - - -
94 sys_fchmod fs/open.c unsigned int mode_t - - -
95 sys_fchown fs/open.c unsigned int uid_t gid_t - -
96 sys_getpriority kernel/sys.c int int - - -
97 sys_setpriority kernel/sys.c int int int - -
99 sys_statfs fs/open.c const char * struct statfs * - - -
100 sys_fstatfs fs/open.c unsigned int struct statfs * - - -
101 sys_ioperm arch/i386/kernel/ioport.c unsigned long unsigned long int - -
102 sys_socketcall net/socket.c int unsigned long * - - -
103 sys_syslog kernel/printk.c int char * int - -
104 sys_setitimer kernel/itimer.c int struct itimerval * struct itimerval * - -
105 sys_getitimer kernel/itimer.c int struct itimerval * - - -
106 sys_newstat fs/stat.c char * struct stat * - - -
107 sys_newlstat fs/stat.c char * struct stat * - - -
108 sys_newfstat fs/stat.c unsigned int struct stat * - - -
109 sys_uname arch/i386/kernel/sys_i386.c struct old_utsname * - - - -
110 sys_iopl arch/i386/kernel/ioport.c unsigned long - - - -
111 sys_vhangup fs/open.c - - - - -
112 sys_idle arch/i386/kernel/process.c - - - - -
113 sys_vm86old arch/i386/kernel/vm86.c unsigned long struct vm86plus_struct * - - -
114 sys_wait4 kernel/exit.c pid_t unsigned long * int options struct rusage * -
115 sys_swapoff mm/swapfile.c const char * - - - -
116 sys_sysinfo kernel/info.c struct sysinfo * - - - -
117 sys_ipc (*Note) arch/i386/kernel/sys_i386.c uint int int int void *
118 sys_fsync fs/buffer.c unsigned int - - - -
119 sys_sigreturn arch/i386/kernel/signal.c unsigned long - - - -
120 sys_clone arch/i386/kernel/process.c struct pt_regs - - - -
121 sys_setdomainname kernel/sys.c char * int - - -
122 sys_newuname kernel/sys.c struct new_utsname * - - - -
123 sys_modify_ldt arch/i386/kernel/ldt.c int void * unsigned long - -
124 sys_adjtimex kernel/time.c struct timex * - - - -
125 sys_mprotect mm/mprotect.c unsigned long size_t unsigned long - -
126 sys_sigprocmask kernel/signal.c int old_sigset_t * old_sigset_t * - -
127 sys_create_module kernel/module.c const char * size_t - - -
128 sys_init_module kernel/module.c const char * struct module * - - -
129 sys_delete_module kernel/module.c const char * - - - -
130 sys_get_kernel_syms kernel/module.c struct kernel_sym * - - - -
131 sys_quotactl fs/dquot.c int const char * int caddr_t -
132 sys_getpgid kernel/sys.c pid_t - - - -
133 sys_fchdir fs/open.c unsigned int - - - -
134 sys_bdflush fs/buffer.c int long - - -
135 sys_sysfs fs/super.c int unsigned long unsigned long - -
136 sys_personality kernel/exec_domain.c unsigned long - - - -
138 sys_setfsuid kernel/sys.c uid_t - - - -
139 sys_setfsgid kernel/sys.c gid_t - - - -
140 sys_llseek fs/read_write.c unsigned int unsigned long unsigned long loff_t * unsigned int
141 sys_getdents fs/readdir.c unsigned int void * unsigned int - -
142 sys_select fs/select.c int fd_set * fd_set * fd_set * struct timeval *
143 sys_flock fs/locks.c unsigned int unsigned int - - -
144 sys_msync mm/filemap.c unsigned long size_t int - -
145 sys_readv fs/read_write.c unsigned long const struct iovec * unsigned long - -
146 sys_writev fs/read_write.c unsigned long const struct iovec * unsigned long - -
147 sys_getsid kernel/sys.c pid_t - - - -
148 sys_fdatasync fs/buffer.c unsigned int - - - -
149 sys_sysctl kernel/sysctl.c struct __sysctl_args * - - - -
150 sys_mlock mm/mlock.c unsigned long size_t - - -
151 sys_munlock mm/mlock.c unsigned long size_t - - -
152 sys_mlockall mm/mlock.c int - - - -
153 sys_munlockall mm/mlock.c - - - - -
154 sys_sched_setparam kernel/sched.c pid_t struct sched_param * - - -
155 sys_sched_getparam kernel/sched.c pid_t struct sched_param * - - -
156 sys_sched_setscheduler kernel/sched.c pid_t int struct sched_param * - -
157 sys_sched_getscheduler kernel/sched.c pid_t - - - -
158 sys_sched_yield kernel/sched.c - - - - -
159 sys_sched_get_priority_max kernel/sched.c int - - - -
160 sys_sched_get_priority_min kernel/sched.c int - - - -
161 sys_sched_rr_get_interval kernel/sched.c pid_t struct timespec * - - -
162 sys_nanosleep kernel/sched.c struct timespec * struct timespec * - - -
163 sys_mremap mm/mremap.c unsigned long unsigned long unsigned long unsigned long -
164 sys_setresuid kernel/sys.c uid_t uid_t uid_t - -
165 sys_getresuid kernel/sys.c uid_t * uid_t * uid_t * - -
166 sys_vm86 arch/i386/kernel/vm86.c struct vm86_struct * - - - -
167 sys_query_module kernel/module.c const char * int char * size_t size_t *
168 sys_poll fs/select.c struct pollfd * unsigned int long - -
169 sys_nfsservctl fs/filesystems.c int void * void * - -
170 sys_setresgid kernel/sys.c gid_t gid_t gid_t - -
171 sys_getresgid kernel/sys.c gid_t * gid_t * gid_t * - -
172 sys_prctl kernel/sys.c int unsigned long unsigned long unsigned long unsigned long
173 sys_rt_sigreturn arch/i386/kernel/signal.c unsigned long - - - -
174 sys_rt_sigaction kernel/signal.c int const struct sigaction * struct sigaction * size_t -
175 sys_rt_sigprocmask kernel/signal.c int sigset_t * sigset_t * size_t -
176 sys_rt_sigpending kernel/signal.c sigset_t * size_t - - -
177 sys_rt_sigtimedwait kernel/signal.c const sigset_t * siginfo_t * const struct timespec * size_t -
178 sys_rt_sigqueueinfo kernel/signal.c int int siginfo_t * - -
179 sys_rt_sigsuspend arch/i386/kernel/signal.c sigset_t * size_t - - -
180 sys_pread fs/read_write.c unsigned int char * size_t loff_t -
181 sys_pwrite fs/read_write.c unsigned int const char * size_t loff_t -
182 sys_chown fs/open.c const char * uid_t gid_t - -
183 sys_getcwd fs/dcache.c char * unsigned long - - -
184 sys_capget kernel/capability.c cap_user_header_t cap_user_data_t - - -
185 sys_capset kernel/capability.c cap_user_header_t const cap_user_data_t - - -
186 sys_sigaltstack arch/i386/kernel/signal.c const stack_t * stack_t * - - -
187 sys_sendfile mm/filemap.c int int off_t * size_t -
190 sys_vfork arch/i386/kernel/process.c struct pt_regs - - - -
Note for sys_ipc (117): this syscall takes six arguments, so it can't fit into the five registers %ebx - %edi; the last parameter (not shown) is of type 'long'. This syscall requires a special call method where a pointer is put in %ebx which points to an array containing the six arguments.

I will now explain exactly where in the kernel source that I got the information in the table above. I do this because 1) changes in the source are bound to happen, 2) you might be curious, or 3) I might've made an error.

System Call Numbers

For the numbers of the syscalls, look in arch/i386/kernel/entry.S for sys_call_table. The syscall numbers are offsets into that table. Several spots in the table are occupied by the syscall sys_ni_syscall. This is a placeholder that either replaces an obsolete syscall or reserves a spot for future syscalls.

Incidentally, the system calls are called from the function system_call in the same file; in particular, they are called with the assembly instruction 'call *SYMBOL_NAME(sys_call_table)(,%eax,4)'. The part '*SYMBOL_NAME(sys_call_table)' just gets replaced by a symbol name in sys_call_table. SYMBOL_NAME is a macro defined in include/linux/linkage.h, and it just replaces itself with its argument.

Typedefs

Here are the typedef declarations in the prototypes above:

atomic_t include/asm/atomic.h:
#ifdef __SMP__
typedef struct { volatile int counter; } atomic_t;
#else
typedef struct { int counter; } atomic_t;
#endif
caddr_t include/asm/posix_types.h:typedef char * __kernel_caddr_t;
include/linux/types.h:typedef __kernel_caddr_t caddr_t;
cap_user_header_t include/linux/capability.h:
typedef struct __user_cap_header_struct {
__u32 version;
int pid;
} *cap_user_header_t;
cap_user_data_t include/linux/capability.h:
typedef struct __user_cap_data_struct {
__u32 effective;
__u32 permitted;
__u32 inheritable;
} *cap_user_data_t;
clock_t include/asm/posix_types.h:typedef long __kernel_clock_t;
include/linux/types.h:typedef __kernel_clock_t clock_t;
dev_t include/asm/posix_types.h:typedef unsigned short __kernel_dev_t;
include/linux/types.h:typedef __kernel_dev_t dev_t;
fdset include/linux/posix_types.h
#define __FD_SETSIZE 1024
#define __NFDBITS (8 * sizeof(unsigned long))
#define __FDSET_LONGS (__FD_SETSIZE/__NFDBITS)
(==> __FDSET_LONGS == 32)

typedef struct {
unsigned long fds_bits [__FDSET_LONGS];
} __kernel_fd_set;
include/linux/types.h:typedef __kernel_fd_set fd_set;
gid_t include/asm/posix_types.h:typedef unsigned short __kernel_gid_t;
include/linux/types.h:typedef __kernel_gid_t gid_t;
__kernel_daddr_t include/asm/posix_types.h:typedef int __kernel_daddr_t;
__kernel_fsid_t include/asm/posix_types.h:
typedef struct {
int __val[2];
} __kernel_fsid_t;

__kernel_ino_t include/asm/posix_types.h:typedef unsigned long __kernel_ino_t;
__kernel_size_t include/asm/posix_types.h:typedef unsigned int __kernel_size_t;
loff_t include/asm/posix_types.h:typedef long long __kernel_loff_t;
include/linux/types.h:typedef __kernel_loff_t loff_t;
mode_t include/asm/posix_types.h:typedef unsigned short __kernel_mode_t;
include/linux/types.h:typedef __kernel_mode_t mode_t;
off_t include/asm/posix_types.h:typedef long __kernel_off_t; include/linux/types.h:typedef __kernel_off_t off_t;
old_sigset_t include/asm/signal.h:typedef unsigned long old_sigset_t;
pid_t include/asm/posix_types.h:typedef int __kernel_pid_t;
include/linux/types.h:typedef __kernel_pid_t pid_t;
__sighandler_t include/asm/signal.h:typedef void (*__sighandler_t)(int);
siginfo_t include/asm/siginfo.h:
#define SI_MAX_SIZE 128
#define SI_PAD_SIZE ((SI_MAX_SIZE/sizeof(int)) - 3)
(==> SI_PAD_SIZE == 29)

typedef struct siginfo {
int si_signo;
int si_errno;
int si_code;

union {
int _pad[SI_PAD_SIZE];

/* kill() */
struct {
pid_t _pid; /* sender's pid */
uid_t _uid; /* sender's uid */
} _kill;

/* POSIX.1b timers */
struct {
unsigned int _timer1;
unsigned int _timer2;
} _timer;

/* POSIX.1b signals */
struct {
pid_t _pid; /* sender's pid */
uid_t _uid; /* sender's uid */
sigval_t _sigval;
} _rt;

/* SIGCHLD */
struct {
pid_t _pid; /* which child */
uid_t _uid; /* sender's uid */
int _status; /* exit code */
clock_t _utime;
clock_t _stime;
} _sigchld;

/* SIGILL, SIGFPE, SIGSEGV, SIGBUS */
struct {
void *_addr; /* faulting insn/memory ref. */
} _sigfault;

/* SIGPOLL */
struct {
int _band; /* POLL_IN, POLL_OUT, POLL_MSG */
int _fd;
} _sigpoll;
} _sifields;
} siginfo_t;
sigset_t include/asm/signal.h:typedef unsigned long sigset_t;
size_t include/asm/posix_types.h:typedef unsigned int __kernel_size_t;
include/linux/types.h:typedef __kernel_size_t size_t;
ssize_t include/asm/posix_types.h:typedef int __kernel_ssize_t;
include/linux/types.h:typedef __kernel_ssize_t ssize_t;
stack_t include/asm/signal.h:
typedef struct sigaltstack {
void *ss_sp;
int ss_flags;
size_t ss_size;
} stack_t;
suseconds_t include/asm/posix_types.h:typedef long __kernel_suseconds_t;
include/linux/types.h:typedef __kernel_suseconds_t suseconds_t;
time_t include/asm/posix_types.h:typedef long __kernel_time_t; include/linux/types.h:typedef __kernel_time_t time_t;
uid_t include/asm/posix_types.h:typedef unsigned short __kernel_uid_t;
include/linux/types.h:typedef __kernel_uid_t uid_t;
uint include/linux/types.h:typedef unsigned int uint;
__u32 include/asm/types.h:typedef unsigned int __u32;

Struct Declarations

Here are the struct declarations for the table at the top:

exception_table_entry include/linux/module.h:
struct exception_table_entry {
unsigned long insn, fixup;
};
iovec include/linux/uio.h:
struct iovec {
void *iov_base;
__kernel_size_t iov_len; };
itimerval include/linux/time.h:
struct itimerval {
struct timeval it_interval; /* timer interval */
struct timeval it_value; /* current value */
};
kernel_sym include/linux/module.h:
struct kernel_sym {
unsigned long value;
char name[60];
};
mmap_arg_struct arch/i386/kernel/sys_i386.c:
struct mmap_arg_struct {
unsigned long addr;
unsigned long len;
unsigned long prot;
unsigned long flags;
unsigned long fd;
unsigned long offset;
};
module include/linux/module.h:
struct module {
unsigned long size_of_struct; /* sizeof(module) */
struct module *next;
const char *name;
unsigned long size;
union {
atomic_t usecount;
long pad;
} uc;
unsigned long flags; /* AUTOCLEAN et al */
unsigned nsyms;
unsigned ndeps;

struct module_symbol *syms;
struct module_ref *deps;
struct module_ref *refs;
int (*init)(void);
void (*cleanup)(void);
const struct exception_table_entry *ex_table_start;
const struct exception_table_entry *ex_table_end;
/* Members past this point are extensions to the basic
module support and are optional. Use mod_opt_member()
to examine them. */
const struct module_persist *persist_start;
const struct module_persist *persist_end;
int (*can_unload)(void);
};
module_persist include/linux/module.h:
struct module_persist; /* yes, it's empty */
module_ref include/linux/module.h:
struct module_ref {
struct module *dep; /* "parent" pointer */
struct module *ref; /* "child" pointer */
struct module_ref *next_ref;
};
module_symbol include/linux/module.h:
struct module_symbol {
unsigned long value;
const char *name;
};
new_utsname include/linux/utsname.h:
struct new_utsname {
char sysname[65];
char nodename[65];
char release[65];
char version[65];
char machine[65];
char domainname[65];
};
__old_kernel_stat include/asm/stat.h:
struct __old_kernel_stat {
unsigned short st_dev;
unsigned short st_ino;
unsigned short st_mode;
unsigned short st_nlink;
unsigned short st_uid;
unsigned short st_gid;
unsigned short st_rdev;
unsigned long st_size;
unsigned long st_atime;
unsigned long st_mtime;
unsigned long st_ctime;
};
oldold_utsname include/linux/utsname.h:
struct oldold_utsname {
char sysname[9];
char nodename[9];
char release[9];
char version[9];
char machine[9];
};
old_sigaction include/asm/signal.h:
struct old_sigaction {
__sighandler_t sa_handler;
old_sigset_t sa_mask;
unsigned long sa_flags;
void (*sa_restorer)(void);
};
old_utsname include/linux/utsname.h:
struct old_utsname {
char sysname[65];
char nodename[65];
char release[65];
char version[65];
char machine[65];
};
pollfd include/asm/poll.h:
struct pollfd {
int fd;
short events;
short revents;
};
pt_regs include/asm/ptrace.h:
struct pt_regs {
long ebx;
long ecx;
long edx;
long esi;
long edi;
long ebp;
long eax;
int xds;
int xes;
long orig_eax;
long eip;
int xcs;
long eflags;
long esp;
int xss;
};
revectored_struct include/asm/vm86.h:
struct revectored_struct {
unsigned long __map[8];
};
rlimit include/linux/resource.h:
struct rlimit {
long rlim_cur;
long rlim_max;
};
rusage include/linux/resource.h:
struct rusage {
struct timeval ru_utime; /* user time used */
struct timeval ru_stime; /* system time used */
long ru_maxrss; /* maximum resident set size */
long ru_ixrss; /* integral shared memory size */
long ru_idrss; /* integral unshared data size */
long ru_isrss; /* integral unshared stack size */
long ru_minflt; /* page reclaims */
long ru_majflt; /* page faults */
long ru_nswap; /* swaps */
long ru_inblock; /* block input operations */
long ru_oublock; /* block output operations */
long ru_msgsnd; /* messages sent */
long ru_msgrcv; /* messages received */
long ru_nsignals; /* signals received */
long ru_nvcsw; /* voluntary context switches */
long ru_nivcsw; /* involuntary '' */
};
sched_param include/linux/sched.h:
struct sched_param {
int sched_priority;
};
sel_arg_struct arch/i386/kernel/sys_i386.c:
struct sel_arg_struct {
unsigned long n;
fd_set *inp, *outp, *exp;
struct timeval *tvp;
};
sigaction include/asm/signal.h:
struct sigaction {
__sighandler_t sa_handler;
unsigned long sa_flags;
void (*sa_restorer)(void);
sigset_t sa_mask; /* mask last for extensibility */
};
stat include/asm/stat.h:
struct stat {
unsigned short st_dev;
unsigned short __pad1;
unsigned long st_ino;
unsigned short st_mode;
unsigned short st_nlink;
unsigned short st_uid;
unsigned short st_gid;
unsigned short st_rdev;
unsigned short __pad2;
unsigned long st_size;
unsigned long st_blksize;
unsigned long st_blocks;
unsigned long st_atime;
unsigned long __unused1;
unsigned long st_mtime;
unsigned long __unused2;
unsigned long st_ctime;
unsigned long __unused3;
unsigned long __unused4;
unsigned long __unused5;
statfs include/asm/statfs.h:
struct statfs {
long f_type;
long f_bsize;
long f_blocks;
long f_bfree;
long f_bavail;
long f_files;
long f_ffree;
__kernel_fsid_t f_fsid;
long f_namelen;
long f_spare[6];
};
__sysctl_args include/linux/sysctl.h
struct __sysctl_args {
int *name;
int nlen;
void *oldval;
size_t *oldlenp;
void *newval;
size_t newlen;
unsigned long __unused[4];
};
sysinfo include/linux/kernel.h:
struct sysinfo {
long uptime; /* Seconds since boot */
unsigned long loads[3]; /* 1, 5, and 15 minute load averages */
unsigned long totalram; /* Total usable main memory size */
unsigned long freeram; /* Available memory size */
unsigned long sharedram; /* Amount of shared memory */
unsigned long bufferram; /* Memory used by buffers */
unsigned long totalswap; /* Total swap space size */
unsigned long freeswap; /* swap space still available */
unsigned short procs; /* Number of current processes */
char _f[22]; /* Pads structure to 64 bytes */
};
timex include/linux/timex.h:
struct timex {
unsigned int modes; /* mode selector */
long offset; /* time offset (usec) */
long freq; /* frequency offset (scaled ppm) */
long maxerror; /* maximum error (usec) */
long esterror; /* estimated error (usec) */
int status; /* clock command/status */
long constant; /* pll time constant */
long precision; /* clock precision (usec) (read only) */
long tolerance; /* clock frequency tolerance (ppm)
* (read only)
*/
struct timeval time; /* (read only) */
long tick; /* (modified) usecs between clock ticks */
long ppsfreq; /* pps frequency (scaled ppm) (ro) */
long jitter; /* pps jitter (us) (ro) */
int shift; /* interval duration (s) (shift) (ro) */
long stabil; /* pps stability (scaled ppm) (ro) */
long jitcnt; /* jitter limit exceeded (ro) */
long calcnt; /* calibration intervals (ro) */
long errcnt; /* calibration errors (ro) */
long stbcnt; /* stability limit exceeded (ro) */

int :32; int :32; int :32; int :32;
int :32; int :32; int :32; int :32;
int :32; int :32; int :32; int :32;
};
timespec include/linux/time.h:
struct timespec {
time_t tv_sec; /* seconds */
long tv_nsec; /* nanoseconds */
};
timeval include/linux/time.h:
struct timeval {
time_t tv_sec; /* seconds */
suseconds_t tv_usec; /* microseconds */
};
timezone include/linux/time.h:
struct timezone {
int tz_minuteswest; /* minutes west of Greenwich */
int tz_dsttime; /* type of dst correction */
};
tms include/linux/times.h
struct tms {
clock_t tms_utime;
clock_t tms_stime;
clock_t tms_cutime;
clock_t tms_cstime;
};
ustat include/linux/types.h:
struct ustat {
__kernel_daddr_t f_tfree;
__kernel_ino_t f_tinode;
char f_fname[6];
char f_fpack[6];
};
utimbuf include/linux/utime.h:
struct utimbuf {
time_t actime;
time_t modtime;
};
vm86plus_info_struct include/asm/vm86.h:
struct vm86plus_info_struct {
unsigned long force_return_for_pic:1;
unsigned long vm86dbg_active:1;
unsigned long vm86dbg_TFpendig:1;
unsigned long unused:28;
unsigned long is_vm86pus:1;
unsigned char vm86dbg_intxxtab[32];
};
vm86plus_struct include/asm/vm86.h:
struct vm86plus_struct {
struct vm86_regs regs;
unsigned long flags;
unsigned long screen_bitmap;
unsigned long cpu_type;
struct revectored_struct int_revectored;
struct revectored_struct int21_revectored;
struct vm86plus_info_struct vm86plus;
};
vm86_regs include/asm/vm86.h:
struct vm86_regs {
/* normal regs, with special meaning for the segment descriptors.. */
long ebx;
long ecx;
long edx;
long esi;
long edi;
long ebp;
long eax;
long __null_ds;
long __null_es;
long __null_fs;
long __null_gs;
long orig_eax;
long eip;
unsigned short cs, __csh;
long eflags;
long esp;
unsigned short ss, __ssh;
/* these are specific to v86 mode: */
unsigned short es, __esh;
unsigned short ds, __dsh;
unsigned short fs, __fsh;
unsigned short gs, __gsh;
};
vm86_struct include/asm/vm86.h:
struct vm86_struct {
struct vm86_regs regs;
unsigned long flags;
unsigned long screen_bitmap;
unsigned long cpu_type;
struct revectored_struct int_revectored;
struct revectored_struct int21_revectored;
};

-----
Cheers,
June