Title Developer/publisher Release date Genre License Mac OS versions A-10 Attack! Parsoft Interactive 1995 Flight simulator Abandonware 7.5–9.2.2. Download Alien Skin Exposure 7 7.1.0.214 for Mac from our software library for free. Our antivirus analysis shows that this Mac download is safe. The file size of the latest setup package available for download is 159.1 MB. The program belongs to Design & Photo Tools. The actual developer of this Mac application is Alien Skin Software, LLC.
Many assembly tutorials and books doesn't coverhow to write a simple assembly program on the Mac OS X.Here are some baby steps that can help people whoare also interested in assembly to get startedeasier.
Mach-O file format
To get started on writing OSX assembly, you need tounderstand OSX executable file format – the Mach-Ofile format. It's similar to ELF, but insteadof sections of data, bss, and text, it has segments thatcontains sections.
A common assembly in Linux like
would translate into this in Mach-O
Mach-O is pretty flexible. You can embed acstring
section in your __TEXT
segment insteadof putting it in __DATA,__data
. Actually this isthe default behavior that compiler does on your Mac.
Hello Assembly
Now we know how to translate common linux assemblyto mac, let's write a basic program – do a system callwith an exit code.
On x86 you do a system call by int x80
instruction. On64 bit machine, you do this by syscall
. Here's the samplecode:
you can compile the code by the following commands:
To perform a system call, you put the system call number in%eax
, and put the actual exit code to %ebx
. The systemcall number can be found in /usr/include/sys/syscall.h
.
The system call number need to add an offset 0x2000000
, becauseOSX has 4 different class of system calls. You can find the referencehere XNU syscall.
System call by using wrapper functions
If you're like me that had no assembly background, you mightfeel that syscall
is alien to you. In C, we usually usewrapper functions to perform the call:
Now we call a libc
function instead of performing a systemcall. To do this we need to link to libc by passing -lc
to linker ld
. There are several things you need to doto make a function call.
Call frame
We need to prepare the stack before we call a function. Elseyou would probably get a segmentation fault.The values in %rsp
and %rbp
is used to preserve frame information.To maintain the stack, you first push the base register %rbp
onto the stack by pushq %rbp
;then you copy the stack register %rsp
to the base register.
If you have local variables, you subtract %rsp
for space.Remember, stack grows down and heap grows up.When releasing the frame, you add the space back to %rsp
.
A live cycle of a function would look like this:
The stack size can be set at link time. On OSX, below are theexample parameters you can pass to ld
to set the stack size:
When setting the stack size, you also have to set the stack address.On the System V Application Binary Interface it says
Although the AMD64 architecture uses 64-bit pointers, implementationsare only required to handle 48-bit addresses. Therefore, conforming processes may onlyuse addresses from 0x00000000 00000000
to 0x00007fff ffffffff
I don't know a good answer of how to chose a good stack address.I just copy whatever a normal code produces.
Parameters passing
Mac Os Catalina
The rules for parameter passing can be found in System VApplication Binary Interface:
- If the class is MEMORY, pass the argument on the stack.If the size of an object is larger than four eight bytes, orit contains unaligned fields, it has class MEMORY.
- If the class is INTEGER, the next available register of the sequence
%rdi
,%rsi
,%rdx
,%rcx
,%r8
and%r9
is used. - If the class is SSE, the next available vector register is used, the registersare taken in the order from
%xmm0
to%xmm7
.
The exit()
function only need one integer parameter, therefore we putthe exit code in %edi
. Since the parameter is type int
, we use 32 bitvariance of register %rdi
and the instruction is movl
(mov long) insteadof movq
(mov quad).
Hello world
Now we know the basics of how to performa system call, and how to call a function.Let's write a hello world program.
The global variable str
can only be accessed through GOT(Global Offset Table). And the GOT needs to be access fromthe instruction pointer %rip
. For more curious you canread Mach-O Programming Topics: x86-64 Code Model.
The register used for syscall
parameters are a littlebit different than the normal function call.It uses %rdi
, %rsi
, %rdx
, %r10
, %r8
and %r9
.You cannot pass more than 6 parameters in syscall
, norcan you put the parameters on the stack.
Hello world using printf
Hello Alien Mac Os Catalina
Now you know the basics of assembly. A hello worldexample using printf should be trivial to read:
Conclusion
The 64 bit assembly looks more vague than the tutorialswritten in X86 assembly. Once you know these basic differences,it's easy for you to learn assembly in depth on your own,even if the material is designed for x86. I highly recommendthe book 'Programming from the ground up'. It is well writtenfor self study purpose.
References
- OS X Assembler Reference Assembler Directives
- Book: Programming from the ground up.