Chapter 7 executable program works
First, the study notes
1.ELF
2. Compile program
3. Connect with the library
Second, the test records
1. Start by updating the kernel, then test_exec.c will overwrite test.c
2.test.c document adds exec system call, start a kernel function correctly and check execv
3. Finally, start gdb debugger
4. sys_execve set breakpoints in the other places, and single-step
5. Enter readelf last exit debug mode -h hello hello you can view the EIF head
Visible elf header size is 52 bytes, and analyzed by hexadecimal dump command reads the first 52 bytes
6. command: hexdump -x hello -n 52
Analysis:
First line:
the first four bytes at the beginning of the fixed elf 7f454c46 (0x45,0x4c, 0x46 is 'e', 'l', 'f' corresponding to the encoded ascii), which represents an ELF object. The next byte 01 represents a 32-bit object, the following representation is a little endian byte 01 represents the law, then the next byte 01 indicates a version of the file header. The remaining defaults are set to 0.
The second line:
e_type value of 0x0002 indicate an executable file. e_machine value 0x0003 represents a intel80386 processor architecture. e_version value 0x00000001 Indicates the current version. e_entry 0x04080a8d value represents the entry point. e_phoff offset value of 0x00000034 indicates that the program header table is 0x34 or 52 bytes exactly elf header size.
Third row:
e_shoff 0x000a20f0 value represents the section header table offset address. 0x00000000 indicates an unknown value processor e_flags particular marker. e_ehsize value 0x0034 represents elf file header size 52 bytes. e_phentsize entry indicates the length of a program header table (application head), i.e. the value of 0x0020 is 32 bytes. e_phnum value 0x0006 gives the number of entries in the program header table. e_shentsize value of 0x0028 indicates the section header table entry (header section) size is 40 bytes.
Fourth row:
the e_shnum 0x001f value of the section header table showing the entrance 31. 0x001c e_shstrndx value represents the index section name string table section in the table.
7.exec () Function Structure
int do_execve(struct filename *filename,
const char __user *const __user *__argv,
const char __user *const __user *__envp)
{
return do_execve_common(filename, argv, envp);
}
static int do_execve_common(struct filename *filename,
struct user_arg_ptr argv,
struct user_arg_ptr envp)
{
// 检查进程的数量限制
// 选择最小负载的CPU,以执行新程序
sched_exec();
// 填充 linux_binprm结构体
retval = prepare_binprm(bprm);
// 拷贝文件名、命令行参数、环境变量
retval = copy_strings_kernel(1, &bprm->filename, bprm);
retval = copy_strings(bprm->envc, envp, bprm);
retval = copy_strings(bprm->argc, argv, bprm);
// 调用里面的 search_binary_handler
retval = exec_binprm(bprm);
// exec执行成功
}
static int exec_binprm(struct linux_binprm *bprm)
{
// 扫描formats链表,根据不同的文本格式,选择不同的load函数
ret = search_binary_handler(bprm);
// ...
return ret;
}Third, the summary
From the above code, do_ execve call do_ execve_ common, but do_ execve_ common and mainly rely on the exec_ binprm, have a vital function in the exec_ binprm called search_binary_ handler. This is the internal sys_execve processing.
This week the focus of learning is the process of document processing:
- Pretreatment: gcc -E -o hello.cpp hello.c -m32 (responsible for the include file contains come, macro substitution)
- Compile: gcc -x cpp-output -S hello.s -o hello.cpp -m32 (gcc -S calls ccl, compiling a compendium
-S calls ccl, compiled into assembly code) - Compilation: gcc -x assembler -c hello.s -o hello.o; (gcc -c call as, get binaries)
- Links: gcc -o hello hello.o; (gcc -o ld call form the target executable file)
Links are divided into static linking and dynamic linking. Statically linked ELF object file generated three main:
- Relocatable files: save the code and appropriate data, and other object used to create an executable file or a shared file together. Mainly .o file.
- Executable: Saving a program to be executed, it pointed out that the exec (BA_OS) How to create a program process mapping, documentation and how to load out where to begin.
- Share files: holds code and data used are the following two linker links:
One link compiler, you can create other object files and other relocatable and shared files;
the second is the dynamic linker, a joint executable share files and other files to create a process image. Mainly .so file.
eip is also an important concept for the eip address entry, if it is statically linked executable file, point to the eip elf file header e_entry referred to; if it is dynamically linked, pointing eip dynamic linker. For when execve statically linked program execution, by modifying the value of eip saved kernel stack as a starting point for the new process.