Is there any way in GCC to represent inline __asm__ as char[] array? I want to have something like:
void my_func();
char my_code[] = {
__asm__("callq %0" :: "r" (my_func))
};
Later my_code will be used as run-time patch, i.e.
void another_function();
mprotect(another_function, getpagesize(), PROT_WRITE | PROT_READ | PROT_EXEC);
memcpy(another_function + offset, my_code, sizeof(my_code));
Any ideas?
You can just define a function, compile it, then get it's source machine code?
#include <stdio.h>
#include <stdint.h>
#include <stddef.h>
void my_func(void) {}
extern void my_code(void);
extern void my_code_end(void);
__attribute__((__used__)) static void _my_code(void) {
asm volatile(
".globl my_code\n"
"my_code:\n"
" callq *%0\n"
" nop\n"
" ret\n"
".globl my_code_end\n"
"my_code_end:\n"
:: "r" (my_func)
);
}
int main() {
size_t my_code_len = (uintptr_t)my_code_end - (uintptr_t)my_code;
const unsigned char *arr = (const char*)my_code;
printf("my_code[%zu]=", my_code_len);
for (size_t i = 0; i < my_code_len; ++i) {
printf("%02x", arr[i]);
}
printf("\n");
return 0;
}
Example output:
my_code[4]=ffd090c3
We can check it's ok from the assembly output:
$ objdump -D ./a.out
...
0000000000000727 <my_code>:
727: ff d0 callq *%rax
729: 90 nop
72a: c3 retq
...
_my_code contains a prologue added by GCC?
my_code within _my_code, so if it does contain any prologue, it will be before my_code anyway. Probably should refactor a bit, so it's more readable.
.globl my_code and so on inside the inline asm, put it at global scope instead of inside another function with a confusingly similar name. It's not safe to actually call that function (because it clobbers the red zone without telling the compiler)._my_code to my_code_end, to get the instruction that puts my_func into the register that the asm chose. And if it did that with a RIP-relative LEA (PIE or shared library) instead of an absolute mov eax, imm32 (non-PIE executable), copying the instruction somewhere else within the same program will change the address.