### Assembly

Course
Time
13 hours 15 minutes
Difficulty
Beginner
CEU/CPE
14

### Video Transcription

00:01
Hello. This is Dr Miller, and this is Episode 2.2 of Assembly.
00:06
Today we're gonna talk about logical operators and the memory hierarchy.
00:11
Logical operators.
00:13
So we have four logical operators that we're going to talk about today. And these all operate on binary data.
00:19
And this is how computers will do different types of operations that a computer needs to use.
00:26
So we have. And so with an if both bits are one, then one is a result and zero otherwise,
00:33
or if either *** a one than one is the result and zero otherwise. So if they're both zero, then you get a zero.
00:41
Not every zero becomes the one and everyone becomes zero
00:46
and then X, or if the bits are different, the result is a one and then we have a zero. Otherwise
00:52
so let's do an example for each one of these. You should try and figure out what it is before I go through it.
00:58
It's a bit wise. And so if both of them are one, our result is a one.
01:03
If both of them are a zero or one of them is a zero. Sorry,
01:07
then our results is going to be a zero, so we can see that these two should be one. And the rest of these should all be zeros
01:15
bit wise. Or
01:18
again try it on your own.
01:21
So with a bit wise, or if either one of them is the one that our result is one. So we have a one. A one a one, a one, a one,
01:30
a zero, a one and a zero
01:37
for not every zero becomes the one and everyone becomes a zero. So here is our number and we just have one that we're knotting.
01:44
And so everything has been flipped just like we did when we talked about two's complement
01:51
and then x alor So with X or if they are different than we get a one. So they're not different. They're not different. They are different right
02:00
there. See, these two are different. These air not different. These air different and these are not different.
02:08
And so there's our results.
02:10
One of the interesting things with X or is that if you take and do the reverse, then we end up with the same results. So if I take
02:19
a and I explore that with result,
02:23
I end up with B,
02:25
and so one and zero becomes 11 and zero becomes 10 and one becomes one. So these air different
02:32
and then these are all the same.
02:36
And so the reason why we talk about X or is X R is used encryption in encryption.
02:42
So if a is our key and B is our text that we want to encrypt, we explore them together and we end up with are encrypted result
02:52
and then to reverse the operation. We take our key and are encrypted result, and we explore them together and we end up with our plain text data.
03:01
So let's go ahead and try and do an example with this
03:07
03:08
build a project
03:24
so we'll just move some data into some of these registers.
03:38
Well, let's try this
03:45
our example. Before we had a
03:49
and then we can try some zeros,
04:00
Then we can go ahead and do a logical operator on it. So let's, for example, do X or
04:11
*** type.
04:14
So this will do an X or of yaks and EBX and in store the result in the X
04:24
and then I can print out when my registers are. So let's go ahead and print them before
04:34
go ahead and write and quit my file.
04:42
04:46
So because
04:47
these start with letters, it thinks that they are identifiers. So if you have ah, number that starts with letters,
04:56
you need to put a zero in front of it.
05:25
All right. And then I had to put a
05:28
h at the end to tell that these tell the assembly that these were Hexi decimal numbers. It was getting confused, thinking they were
05:35
for a decibel memories.
05:38
All right,
05:41
so we've built our project. If we do in l s,
05:44
we can see that
05:46
we have our resulting binary
05:54
and so we can see what a looked like, right? It has the value that we moved into it.
05:59
We can see what be look like.
06:00
And then it did the X or and we ended up with the result in E X.
06:05
And so we got
06:08
sixes and then bees, right, Exploring something with zero. You end up with that thing again. But if we excell er
06:15
a and C,
06:15
we get the number six
06:18
and so you should go ahead and try that on your own. If you get out a pen and paper
06:23
and try a different result and then put it into your program, build it and then run it and you should see your result.
06:33
All right, the memory hierarchy.
06:38
So with X 86 processors we've talked about that there is a arithmetic logic unit or Alieu, that can do mathematical operations. We also have our floating point unit,
06:48
and then we have things like the data bus. So this is how data gets moved from one location to another.
06:55
It is a shared communication media, meaning that
06:58
multiple processors might have to use the same medium.
07:01
We've have registers which we've talked about these air small and very fast. They run at the clock rate of the sister and the system, and the clock is
07:12
it has water called cycles. Right. So a cycle is the smallest amount of time that you can execute a single instruction.
07:18
Now there are some instructions that take more time than others. And so they might be a repeat instruction my go over and over again. And so it might take more than one operation or some of the multiplication
07:30
takes longer than doing, for example, shifting.
07:34
And then recently we've It's come to light about
07:38
branch prediction and how that has been used to do different attacks. And so branch protect prediction means that
07:45
the processor is gonna basically guess which branch. When we talk about branching, which branch is the most likely to
07:53
be used, and then it will automatically execute that before it actually knows the result of the previous operation.
08:01
And so we have, ah, hierarchy of of access times for our memory. So again, registers are in the one nanosecond to two nanoseconds Elise, as fast as we can go.
08:11
And then we have these caches in here. And so these caches are faster than main memory, but they're slower than the registers. And so they act as a buffer to
08:22
where you can read data into the cash and then re read it over and over again without having to go to memory.
08:28
So one of things to note here is that for example, if you're looking at two nanoseconds for a register, access and main memory is 90 nanoseconds,
08:37
then it is much, much slower right than a register
08:41
08:48
And then you start getting into things like hard drives, which are quite slow, or tape back up and they don't list. Even here,
08:54
it could be on the network. Right. So when you're pulling code from the network, it has to go all the way out to the Internet and come all the way back.
09:01
And so, in order to make our processors as efficient as possible, we want to use the fastest of amount of memory that we can at any time.
09:11
And so it's fundamental to try and keep these caches cohesive and having the right data in them such that our result is going to go as fast as possible. We can do as much processing is possible in that
09:24
machine.
09:26
So again, this cycle is we're gonna fetch Well, it actually has to load it from somewhere. So
09:31
you're executed Wall might be on the Internet, so you download it to your hard disk and your hard disk is gonna be where you'd cash it for a little while. And then when you want to run it, you might load it into ram or main memory. And then, as it's executing on the processor, the OS will load different parts into these different caches. Level one, level two and level three.
09:52
And so that way, if it just keeps going back to that level one cash, I don't have to go all the way to May memory or all the way to the hard disk, which are extremely slow.
10:00
And then, after you fetched it, then you go ahead and decoded and executed and then you store it, and that storage might be in cash. You might be in RAM. It might be on your hard disk or the Internet,
10:11
right? And so we have to go through all of these different hierarchies when we're executing instructions on the front end and then on the back end in the middle. It's just all running on the processor,
10:26
and then when you have a program like we did in our example, right, that's actually stored on disk,
10:31
and so the operating system is going to search what's called the path and the path is going to tell it. Where do you look for programs? So, for example, most Lennix systems have slash been or slash user slash been
10:45
And so the OS will look in those places for inexcusable. So when you say ls it's gonna look in slash been and see. Is there an L s command in the bin
10:54
folder? If it exists, then what it does is it takes that program, it loads it into ram, and then it creates a process for it. It's a process as a p I D or process identify air
11:05
that says which process that is. So if your program goes haywire and is not working, then you can use things like kill in order to stop that process.
11:16
So that way you know which process it is. And there might be 20 people running bash, right?
11:22
And so if they're all running bash, I need to know which process identify air of bash. It is that I want to kill.
11:28
And so once it's loaded, that processing created it. Then it starts executing it,
11:33
and every process thinks that they are unique. So they think that they're the only one running on the processor.
11:39
So they think they have access to all the memory and all the instructions. Now that's not really true. but that's the way we conceptualize it.
11:46
And then, generally the operating system will handle. The resource is like disc Io. So reading and writing from disk reading data and writing data reading data from the keyboard, moving graphics into the display, or at least onto the graphics cards that then they can be put on the display
12:03
and then switching between different tasks that are running.
12:07
So when we switch between task, the OS sort of automatically does this. It switches between processes really fast. So back in the day there were only single core processors. And so in order for you to be watching a video and typing on a word processor at the same time,
12:26
the U. S. Would switch rapidly back and forth Opinion pong right back and forth
12:31
and then processes might be waiting, and so then other processes can run. So, for example, a process might try to read data from a disc or right data to a network or wait for the user to type in something.
12:43
And so if those air waiting, then it goes ahead and execute some other process that has some work that needs to be done,
12:50
and then the OS will generally have a priority list saying What processes air high priority, what processes a low priority.
12:56
And so if something high priority comes in, it will automatically execute that and pause low priority.
13:03
So, for example, if you're watching a video, you probably want that to be high priority. But if your computer is doing an A V scan, you might want that to be low priority. So when I'm not using my computer, great run a Navy scam. But if I'm watching a four K video
13:18
on Netflix, I want that to be very high priority.
13:20
And when it switches these tasks, it saves water called the context. So the context is basically the state of all of the different registers.
13:28
So we've talked about registers like EA x ebx ccx. So it saves those values and then loads a different processes,
13:37
registers into memory, and then it starts running of that new process.
13:45
And then there's been a lot of talk in the past about Risk versus Sisk. So risk is the reduced instruction set computer and Sisk is the complex instruction set computer.
13:56
So generally we see a Intel processor as the complex right so we have larger op codes. We have a lot of instructions, but we have fewer instructions
14:07
that do things right, so there are lots of complicated instructions. And so, for example, there's lots of multimedia instructions or multiple data instructions, and so we can run one instruction instead of running 20.
14:20
But the reduced. We have smaller op codes, and we have more instructions. And so this tends to be armed.
14:26
And so a lot of our desktop computers are Intel, and they use a lot more power than these Sisk arm processors, which have smaller op codes, which means they have less transistors, which means that they actually use less power.
14:41
And so that's why cell phones and I pads have really good battery life because they're running a reduced instruction set
14:48
that consumes less power per instruction that it has to execute.
14:54
So in summary today, we talked about logical operators and then the memory hierarchy.
15:00
Looking forward, we're going to talk about segments and functions and calling functions that are built into our libraries.
15:07
If you have questions, you can contact me at Miller MJ at you and Kate I e. To you
15:11
and on Twitter. I'm at Milhouse 30

### Assembly

This course will provide background and information related to programming in assembly. Assembly is the lowest level programming language which is useful in reverse engineering and malware analysis.

### Instructed By

Matthew Miller
Assistant Professor at the University of Nebraska at Kearney
Instructor