Las module we started talking about the internals of a CPU. Today we are going to take a look at a specific portion of those internals. The register set.
Registers: What are they?
Registers are data storage locations that the CPU uses during execution of a program. They can be used to access memory locations, do arithmetic, pass information between parts of a program, keep track of results of an operation, and many other things. The number of registers and the size of the registers depends on the architecture of the CPU.
Types of Registers:
There are different types of registers used for different things in a CPU. We are going to start with the x86 family of processors and compare that with the ARMv8 processor.
There are 8 general purpose registers in the x86 CPU’s. They are used for the various operations that a CPU requires to execute a program. An incomplete list of those operations are as follows: keeping track of memory addresses, holding data, performing arithmetic operations on data, passing data between functions, keeping track of the stack, and so on. Each one of these registers may have a specific role, or may have multiple roles. For example the register that points to the top of the stack is always pointing to the top of the stack, that is the only thing it does. We will get into which register does what during the assembly language modules.
There are 6 segment registers which point to different segments in memory. When a program is loaded into memory it is split into different regions called segments. For example there is the code segment, data segment, stack segment, etc.
There is the EFLAGS register that holds information about the results of an operation. For example if we check a register to see if it holds zero there is a bit in the EFLAGS register that is set to indicate the result. If the result of an operation is negative there’s a bit for that as well, and so on. We will be seeing this register a lot in the assembly section as well.
There is a register set aside to mark the current instruction the CPU is on. As the program executes this register will always point to the place the CPU is at in the program.
There is also a set of floating-point registers that operate in a special way. We mentioned previously that those are the x87 registers. They will show up when we use floating-point numbers in our programs. We will take a closer look at these in the assembly section as well.
You can find a detailed description of these registers, and a whole lot more, in the Intel manuals. I have linked those manuals in the books section of the front page. If you haven’t done so yet go and grab them and look inside them. They are a wealth of information and free. Now that we have discussed an overview of x86 registers lets look at the ARMv8 registers
For the ARMv8 there are 31 general purpose registers. There is a register dedicated to pointing at the top of the stack. Another register that is dedicated to pointing at the current instruction. There is a register that is for status control as well.
There are special floating point registers that have combined functionality as Single Instruction Multiple Data (SIMD) registers.
There are also registers called system registers. These registers perform functions such as identifying access rights of the executable, facilitating debugging, etc. Included in system registers are special purpose registers for managing timers an exceptions.
This has been a brief overview of what registers are and what they do. The real detail about registers will show up as we start looking at binaries in the assembly modules. Register naming, size, and usage is dependent on the CPU that we are discussing. For that reason we will be making heavy use of manuals and Google as we are going through our reverse engineering exercises.