1. Problem Description
In the previous article, you learned how to create a new process for tracking in the Linux system, this article will focus on the process of compiling and linking of ELF executable file format, the Linux kernel is loaded and starts an executable program.
2. settlement process
2.1 ELF file
(1) relocatable files: store the code and data appropriate for other object files and create an executable file or shared with, i.e. .o file.
(2) the executable file: save the program to be executed, the paper noted that the exec (BA_OS) How to create a program process image.
(3) shared object file: a shared library refers to the destination file may be used by other executable files or libraries, such as the standard C library file libc.so, only a pile of function calls available to other executable files.
2.2 ELF files compiled
After a four-step procedure:
Pretreatment: C header file compiler is compiled in a program, as well as replacing the macro can be used to reference the parameter -E gcc.
gcc -E louhao.c -o louhao.i
compiler: the compiler at this stage mainly to do lexical analysis, syntax analysis, semantic analysis, after checking in error, the code is translated into assembly language. Gcc -S parameters available for reference.
gcc -S louhao.i -o louhao.s
Assembler: Assembler as louhao.s will translate into machine language stored in louhao.o in (binary text form).
gcc -c louhao.s -o louhao.o
link: Link is responsible for handling incorporate multiple .o files, the result louhao file, which is an executable object file.
gcc louhao.o -o louhao
2.3 static linking and dynamic linking
Static links: at compile time required to execute code directly copied into the final executable file, the advantage of fast loading speed code, execution speed is faster, low dependence on the external environment. Put all the code needed are linked in, the application is relatively large compilation. The disadvantage is that if multiple applications use the same library function, can be loaded multiple times, wasting memory.
Dynamic Link: do not directly copy the executable code at compile time, but through a series of symbols and parameters, when the program is run or pass this information to load the operating system. When the operating system is responsible for the dynamic libraries required to load into memory, and then run the program in the specified code to perform dynamic shared libraries already loaded in memory to execute code, and ultimately achieve the purpose of the link is running. Advantage is that multiple programs can share the same piece of code, without the need to store a plurality of replicated on the disk. Loaded at run time when the shortcomings, may affect the performance of the early implementation of the program, and the high dependence on libraries.
2.4 loading and starting an executable program
The delete menu directory, using a new clone git command menu directory, and then covered with test_exec.c test.c:
recompiling the rootfs:
see test.c added to the exec function, an exec instruction as shown below:
Back LinuxKernel directory, shift + ctrl + o split level, to set a breakpoint with GDB:
C start_thread breakpoint to pause execution:
input exec:
proceed:
Close Qume, see hello executable file menu in the directory:
given exec function analysis :
int do_execve(struct filename *filename,
const char __user *const __user *__argv,
const char __user *const __user *__envp)
{
return do_execve_common(filename, argv, envp);
}
static int do_execve_common(struct filename *filename,
struct user_arg_ptr argv,
struct user_arg_ptr envp)
{
// 检查进程的数量限制
// 选择最小负载的CPU,以执行新程序
sched_exec();
// 填充 linux_binprm结构体
retval = prepare_binprm(bprm);
// 拷贝文件名、命令行参数、环境变量
retval = copy_strings_kernel(1, &bprm->filename, bprm);
retval = copy_strings(bprm->envc, envp, bprm);
retval = copy_strings(bprm->argc, argv, bprm);
// 调用里面的 search_binary_handler
retval = exec_binprm(bprm);
// exec执行成功
}
static int exec_binprm(struct linux_binprm *bprm)
{
// 扫描formats链表,根据不同的文本格式,选择不同的load函数
ret = search_binary_handler(bprm);
// ...
return ret;
}3. Summary
This paper studied the process of compiling and linking of ELF executable file format, the Linux kernel is loaded and starts an executable program. The value of the starting point of the executable file started when modifying calls execve system call kernel stack pushed the EIP register, in which case the current process marks the executable file has been completely replaced with a new executable file, but actually started executable instructions further need to wait until the position of the inlet execution address defined in the executable file. If the entry address is statically linked executable file, then the point eip elf header file referred e_entry; if it is a dynamic link, pointing to eip dynamic linker.