游戏修改/软件逆向教程（基于原理的阐述）

本文主要讲原理，工程实践只挑典型和有难度的
本文可能涉及数学或物理即基本原理
本文起名“游戏修改教程”，是为了吸引那些为了某种目的而学习计算机相关技术的人士。为人民服务

游戏修改/软件逆向教程（基于原理的阐述）

Math Foundation

Hex

The Abstraction: The Process

System Call

In computing, a process is the instance of a computer program that is being executed by one or many threads. It contains the program code and its activity. Depending on the operating system （OS）, a process may be made up of multiple threads of execution that execute instructions concurrently.

In computing, a system call （commonly abbreviated to syscall） is the programmatic way in which a computer program requests a service from the kernel of the operating system on which it is executed. This may include hardware-related services (for example, accessing a hard disk drive or accessing the device's camera), creation and execution of new processes, and communication with integral kernel services such as process scheduling. System calls provide an essential interface between a process and the operating system.

在计算中，系统调用（通常缩写为syscall）是计算机程序从执行它的操作系统的内核请求服务的编程方式。这可能包括与硬件相关的服务（例如，访问硬盘驱动器或访问设备的摄像头）、新进程的创建和执行以及与集成内核服务（如进程调度）的通信。系统调用提供了进程和操作系统之间的基本接口。

Mechanism: Limited Direct Execution

本章节讲述系统调用的底层机制（Mechanism）

In order to virtualize the CPU, the operating system needs to somehow share the physical CPU among many jobs running seemingly at the same time. The basic idea is simple: run one process for a little while, then run another one, and so forth. By time sharing the CPU in this manner, virtualization is achieved.

To make a program run as fast as one might expect, not surprisingly OS developers came up with a technique, which we call limited direct execution.

This approach gives rise to a few problems in our quest to virtualize the CPU.

• The first is simple: if we just run a program, how can the OS make sure the program doesn’t do anything that we don’t want it to do, while still running it efficiently?
• The second: when we are running a process, how does the operating system stop it from running and switch to another process, thus implementing the time sharing we require to virtualize the CPU?

Disassembly

Linux

objdump

GCC

• gdb filename
• disas main

ChangeLog

2022.03.21 12:50 没写多少但还会写下去