How the Linux kernel loads and launches an executable program-----experiment 7

2015108 Li Zeyuan

How the Linux kernel loads and launches an executable program

1. Understand the process of compiling links and the Elf executable format, and refer to the first section of this week for more information;

2. Programming uses the exec* library function to load an executable file, dynamic link is divided into executables when loading dynamic link and runtime dynamic link, programming exercises dynamic link Library of these two ways of use, the details refer to the second section of this week;

3. Use GDB trace to analyze a EXECVE system call kernel handler function Sys_execve, verify your understanding of the process required to load the executable program of Linux system, the details refer to the third section of this week, the recommendation is to complete the experiment in the lab Building Linux virtual Machine environment.

4. Paying particular attention to where the new executable program starts? Why does the new executable program execute smoothly after the EXECVE system call returns? What is the difference between a static-linked executable program and a dynamically-linked executable EXECVE system call return?

5. According to this week's knowledge analysis exec* function corresponding system call processing process, write a signed blog, and in the blog post "real name (and the name of the final application certificate must be consistent) + Original works reproduced please specify the source +" Linux kernel Analysis "MOOC Course/http mooc.study.163.com/course/ustc-1000029000 ", the specific requirements of the blog content are as follows:

1. The topic is self-contained, and the content revolves around how to load and start an executable program on the Linux kernel;

2. Can be combined with experiments, elf executable file format, user-state related code, etc.;

3. The blog content needs to carefully analyze the execution starting point and corresponding stack state of the new executable program.

4. The summary section needs to clarify its understanding of the "Linux kernel load and start an executable program"

Experimental Purpose:

Use GDB to track the processing of SYS_EXECVE kernel functions, analyze the system call processing of the exec* function, and understand how the Linux kernel loads and launches an executable program.

Experimental process:

Landing Lab Building Virtual machine http://www.shiyanlou.com/courses/195

Open the shell terminal and execute the following command:

CD Linuxkernel

RM-RF Menu

git clone https://github.com/mengning/menu.git

CD Menu

MV TEST_EXEC.C test.c

Make Rootfs

1

You can see that the menuos after startup already contains the EXEC command.

Debug mode can be opened by adding-s-s startup parameters

Qemu-kernel. /linux-3.18.6/arch/x86/boot/bzimage-initrd. /rootfs.img-s-S

Open GDB for remote debugging

Gdb

File: /linux-3.18.6/vmlinux

Target remote:1234

3

Set breakpoints

b sys_execve

b do_execve

b Do_execve_common

b EXEC_BINPRM

b Search_binary_handler

b load_elf_binary

b start_thread

Experimental Analysis:

By looking at the source code, you can see that the EXEC command is implemented by calling the EXECLP function, which belongs to the exec* of the library function, which is the EXECVE package routine.

4

To mount and start an executable program, call the following function in turn:

Sys_execve (), Do_execve (), Do_execve_common (), EXEC_BINPRM (), Search_binary_handler () _binary (), Start_thread ()

Experiment Summary:

When a Linux kernel or program (such as a shell) uses the fork function to create a child process, the child process often calls an EXEC function to execute another program.

When a process calls an EXEC function, the program that executes the process is completely replaced with the new program, and the new program starts with its main function.

Because calling exec does not create a new process, the process ID before and after does not change.

exec simply replaces the body, data, heap, and stack segments of the current process with a completely new program.

Reference: Second edition of Advanced Programming for the UNIX environment

Study notes:

Program Compile link process

Preprocessing: (. C. cpp)

GCC-E-O hello.cpp hello.c-m32

Compiling: (. cpp-S compilation)

Gcc-x cpp-output-s-o hello.s hello.cpp-m32

Compile: (. s. o binary target code)

Gcc-x assembler-c Hello.s-o Hello.o-m32

Link: (. O-a.out) shared library

Gcc-o Hello Hello.o-m32

Static compilation:

Gcc-o hello.static hello.o-m32-static

C language main function format:

int main (int argc, char *argv[])

int main (int argc, char *argv[], char *envp[])

The library function exec* are EXECVE encapsulation routines

EXECVE function Format:

int Execve (const char * filename,char * CONST argv[],CHAR * Const envp[])

EXEC_BINPRM, Do_execve_common, Sys_execve, Do_execve,

is called the EXEC system call, in fact, in Linux, there is no EXEC () function form, exec refers to a set of functions, a total of 6, namely:

int execl (const char *path, const char *arg, ...);

int execv (const char *path, char *const argv[]);

int execle (const char *path, const char *arg, ..., char * const envp[]);

int Execve (const char *path, char *const argv[], char *const envp[]);

int EXECLP (const char *file, const char *arg, ...);

int EXECVP (const char *file, char *const argv[]);

Only EXECVE is the real system call, and the others are packaged library functions on this basis.

Difference One: The first 4 takes the path name as the parameter, the last 2 takes the file name as the parameter;

Difference two: The transfer of the parameter table (l means list,v means vector);

Difference Three: Pass the Environment table to the new program.

Dynamic Links:

Dynamic Link at load time

gcc-shared Shlibexample.c-o Libshlibexample.so-m32

Run-time dynamic linking

gcc-shared Dllibexample.c-o Libdllibexample.so-m32

Keynote Program

GCC main.c-o main-l/path/to/your/dir-l shlibexample-ldl-m32

Aapu Original works reproduced please specify the source "Linux Kernel Analysis" MOOC class

How the Linux kernel loads and launches an executable program-----experiment 7