Quote:
Originally Posted by fardad
I am trying to access the stack using "SS:RSP". I know in 32bit arch we need to point to an address which is a combination of SS:SP
|
In 32bit arch you can have a mode in which SS:ESP is a different location than DS:ESP, but Linux and Windows don't do that.
In Linux and Windows, an address on the stack is just an ordinary address.
Quote:
(SS * 0x10 + SP ). SP here is the first 16 significant bit if ESP.
|
(SS * 0x10 + SP ) is the addressing system in 16bit real mode. Even in 16bit Windows it didn't work that way.
Quote:
how does this work for 64 architecture? is it still same as 32 bit architecture?
|
Segment registers in 64 bit mode retain only a trivial fragment of the meaning they had in 32 bit mode. I think SS has zero function in 64 bit mode.
Quote:
I guess my question is if I know SS and RSP, how could I access exact address the combination of these two register point to?
|
The exact virtual address is the value in RSP.
The translation of virtual address to physical address is very similar in 64 bit mode to 32 bit mode. The translation from segment:offset to virtual address is not. In 32bit mode, ordinary OS's trivialize the translation from segment:offset to virtual address by having zero as the base value in the descriptor of most segment registers. In 64bit mode, the hardware design trivializes that translation (no matter what the OS sets up for descriptors SS:RSP is the same address as DS:RSP).