Here is my notes on Practical Reverse Engineering chapter : x86 and x64
Operating systems uses rings to distinguish between privileges. Rings 0-3.
Ring 0 = Highest privilege level (Kernel)
Ring 3 = Lowest privilege level
ECX - Counter In loops
ESI - Source in string / memory operations
EDI - Destination in string / memory operations
EBP - Base Frame pointer
ESP - Stack Frame pointer
Bytes - 8 bits example: AL,BL,CL
Word - 16 bits example: Ax,BX,CX
Double Word - 32 bits example: EAX,EBX,ECX
Quad Word - 64 bits
In ARM it takes more instructions to complete tasks. For example to add something you must first Load the register, then add , then store it back. But in x86 you can simply do " inc dword ptr [eax]".
The format for memory access is called address index mode.
mul ecx ; EDX = EAX *ECX
On x86 with physical address extension (PAE) a virtual memory address can be divide into indices into 3 tables and offset. PDPT, PD ,PT and PTE
On x64 most parameters are passed through registers not the stack.