Switching modes with Style

	pushl $(0xcb<<24)|0x08
	call .-1

What does this instruction sequence do? (This was a collaborative effort by Chuck Gray, Myria and Michael.)

(The solution has been added to the comments.)

10 thoughts on “Switching modes with Style

  1. ugh

    it pushes a selector of your choice (0x8 in this case) into the stack, then it makes a relative call to -1, which contains the 0xcb ocode (far return). 0x8 is the selector of the first usable gdt entry (which has a ring0 DPL in windows).

  2. Michael Steil

    The full answer is: The code loads CS with 0x08. There is no “mov cs” instruction in the x86 instruction set, so if you just want to reload CS, for example after a GDT reload, you can either do a far jump – or this, which is much more elegant. It requires a working stack, though.

    In my case, I am using this code to switch to 64 bit mode on an x86_64 CPU.

  3. Pingback: TrackbackGenerator

  4. Pingback: Muscle Gain Truth

  5. Prosecutor

    OMFG.. How can this be “more elegant”?
    Let’s compare it in some categories.. Result: exactly the same, Speed: slower, requirements: more (stack), length of source: equal, readability: much worse.
    And now let’s come to the category “elegance”… encoding an instruction into the parameters of another instruction, because it magically fits in there is really ugly practice of pseudo 1337 kiddies and should be punished with eternal epic fail!


Leave a Reply

Your email address will not be published. Required fields are marked *