欲成其事,先利其器
// 生成纯二进制文件,没有任何header信息,用于操作系统和引导程序开发
// 默认是16bit模式, 可以通过[bits 32] [bits 64]切换
nasm -f bin boot_sect_simple.asm
// 生成对象文件
nasm -f elf32 boot_sect_simple.asm
// 反汇编 (CPU架构)
objdump -d boot_sect_simple.o
objdump -d -b binary -m i8086 boot_sect_simple
objdump -d -b binary -m i386 boot_sect_simple
// 查看二进制文件
od -t x1 -A n boot_sect_simple
01-bootsector-barebones
; A simple boot sector program that loops forever
loop:
jmp loop
times 510-($-$$) db 0
dw 0xaa55
02-bootsector-print
mov ah, 0x0e ; tty mode
mov al, 'H'
int 0x10
mov al, 'e'
int 0x10
mov al, 'l'
int 0x10
int 0x10 ; 'l' is still on al, remember?
mov al, 'o'
int 0x10
jmp $ ; jump to current address = infinite loop
; padding and magic number
times 510 - ($-$$) db 0
dw 0xaa55
03-bootsector-memory
mov ah, 0x0e
; attempt 1
; Fails because it tries to print the memory address (i.e. pointer)
; not its actual contents
mov al, "1"
int 0x10
mov al, the_secret
int 0x10
; attempt 2
; It tries to print the memory address of 'the_secret' which is the correct approach.
; However, BIOS places our bootsector binary at address 0x7c00
; so we need to add that padding beforehand. We'll do that in attempt 3
mov al, "2"
int 0x10
mov al, [the_secret]
int 0x10
; attempt 3
; Add the BIOS starting offset 0x7c00 to the memory address of the X
; and then dereference the contents of that pointer.
; We need the help of a different register 'bx' because 'mov al, [ax]' is illegal.
; A register can't be used as source and destination for the same command.
mov al, "3"
int 0x10
mov bx, the_secret
add bx, 0x7c00
mov al, [bx]
int 0x10
; attempt 4
; We try a shortcut since we know that the X is stored at byte 0x2d in our binary
; That's smart but ineffective, we don't want to be recounting label offsets
; every time we change the code
mov al, "4"
int 0x10
mov al, [0x7c2d]
int 0x10
jmp $ ; infinite loop
the_secret:
; ASCII code 0x58 ('X') is stored just before the zero-padding.
; On this code that is at byte 0x2d (check it out using 'xxd file.bin')
db "X"
; zero padding and magic bios number
times 510-($-$$) db 0
dw 0xaa55
[org 0x7c00]
mov ah, 0x0e
; attempt 1
; Will fail again regardless of 'org' because we are still addressing the pointer
; and not the data it points to
mov al, "1"
int 0x10
mov al, the_secret
int 0x10
; attempt 2
; Having solved the memory offset problem with 'org', this is now the correct answer
mov al, "2"
int 0x10
mov al, [the_secret]
int 0x10
; attempt 3
; As you expected, we are adding 0x7c00 twice, so this is not going to work
mov al, "3"
int 0x10
mov bx, the_secret
add bx, 0x7c00
mov al, [bx]
int 0x10
; attempt 4
; This still works because there are no memory references to pointers, so
; the 'org' mode never applies. Directly addressing memory by counting bytes
; is always going to work, but it's inconvenient
mov al, "4"
int 0x10
mov al, [0x7c2d]
int 0x10
jmp $ ; infinite loop
the_secret:
; ASCII code 0x58 ('X') is stored just before the zero-padding.
; On this code that is at byte 0x2d (check it out using 'xxd file.bin')
db "X"
; zero padding and magic bios number
times 510-($-$$) db 0
dw 0xaa55
04-bootsector-stack
mov ah, 0x0e ; tty mode
mov bp, 0x8000 ; this is an address far away from 0x7c00 so that we don't get overwritten
mov sp, bp ; if the stack is empty then sp points to bp
push 'AD'
push 'B'
push 'C'
; to show how the stack grows downwards
mov al, [0x7ffe] ; 0x8000 - 2
int 0x10
; however, don't try to access [0x8000] now, because it won't work
; you can only access the stack top so, at this point, only 0x7ffe (look above)
mov al, [0x8000]
int 0x10
; recover our characters using the standard procedure: 'pop'
; We can only pop full words so we need an auxiliary register to manipulate
; the lower byte
pop bx
mov al, bl
int 0x10 ; prints C
pop bx
mov al, bl
int 0x10 ; prints B
pop bx
mov al, bl
int 0x10 ; prints A
; data that has been pop'd from the stack is garbage now
mov al, [0x8000]
int 0x10
jmp $
times 510-($-$$) db 0
dw 0xaa55
05-bootsector-functions-strings
boot_sect_main.asm
[org 0x7c00] ; tell the assembler that our offset is bootsector code
; The main routine makes sure the parameters are ready and then calls the function
mov bx, HELLO
call print
call print_nl
mov dx,print
call print_hex
call print_nl
mov dx,print_nl
call print_hex
call print_nl
mov bx, GOODBYE
call print
call print_nl
mov dx, 0x12fe
call print_hex
call print_nl
mov bp,0x8000
mov sp,bp
push 'A'
mov dx,sp
call print_hex
; that's it! we can hang now
jmp $
; remember to include subroutines below the hang
%include "boot_sect_print.asm"
%include "boot_sect_print_hex.asm"
; data
HELLO:
db 'Hello, World', 0
GOODBYE:
db 'Goodbye', 0
; padding and magic number
times 510-($-$$) db 0
dw 0xaa55
boot_sect_print.asm
print:
pusha
; keep this in mind:
; while (string[i] != 0) { print string[i]; i++ }
; the comparison for string end (null byte)
start:
mov al, [bx] ; 'bx' is the base address for the string
cmp al, 0
je done
; the part where we print with the BIOS help
mov ah, 0x0e
int 0x10 ; 'al' already contains the char
; increment pointer and do next loop
add bx, 1
jmp start
done:
popa
ret
print_nl:
pusha
mov ah, 0x0e
mov al, 0x0a ; newline char
int 0x10
mov al, 0x0d ; carriage return
int 0x10
popa
ret
boot_sect_print_hex.asm
; receiving the data in 'dx'
; For the examples we'll assume that we're called with dx=0x1234
print_hex:
pusha
mov cx, 0 ; our index variable
; Strategy: get the last char of 'dx', then convert to ASCII
; Numeric ASCII values: '0' (ASCII 0x30) to '9' (0x39), so just add 0x30 to byte N.
; For alphabetic characters A-F: 'A' (ASCII 0x41) to 'F' (0x46) we'll add 0x40
; Then, move the ASCII byte to the correct position on the resulting string
hex_loop:
cmp cx, 4 ; loop 4 times
je end
; 1. convert last char of 'dx' to ascii
mov ax, dx ; we will use 'ax' as our working register
and ax, 0x000f ; 0x1234 -> 0x0004 by masking first three to zeros
add al, 0x30 ; add 0x30 to N to convert it to ASCII "N"
cmp al, 0x39 ; if > 9, add extra 8 to represent 'A' to 'F'
jle step2
add al, 7 ; 'A' is ASCII 65 instead of 58, so 65-58=7
step2:
; 2. get the correct position of the string to place our ASCII char
; bx <- base address + string length - index of char
mov bx, HEX_OUT + 5 ; base + length
sub bx, cx ; our index variable
mov [bx], al ; copy the ASCII char on 'al' to the position pointed by 'bx'
ror dx, 4 ; 0x1234 -> 0x4123 -> 0x3412 -> 0x2341 -> 0x1234
; increment index and loop
add cx, 1
jmp hex_loop
end:
; prepare the parameter and call the function
; remember that print receives parameters in 'bx'
mov bx, HEX_OUT
call print
popa
ret
HEX_OUT:
db '0x0000',0 ; reserve memory for our new string
boot_sect_segmentation.asm
mov ah, 0x0e ; tty
mov al, [the_secret]
int 0x10 ; we already saw this doesn't work, right?
mov bx, 0x7c0 ; remember, the segment is automatically <<4 for you
mov ds, bx
; WARNING: from now on all memory references will be offset by 'ds' implicitly
mov al, [the_secret]
int 0x10
mov al, [es:the_secret]
int 0x10 ; doesn't look right... isn't 'es' currently 0x000?
mov bx, 0x7c0
mov es, bx
mov al, [es:the_secret]
int 0x10
jmp $
the_secret:
db "X"
times 510 - ($-$$) db 0
dw 0xaa55
网友评论