Li Chenxi Original works reproduced please specify the source "Linux kernel Analysis" MOOC course http://mooc.study.163.com/course/USTC-1000029000
I. Preprocessing, compiling, linking, and formatting of the target file1, the executable program is how to get
Procedures for compiling links
1. Preprocessing phase
GCC-E-O XX.cpp xx.c-m32
XX.cpp is a preprocessing file
2. Compiler generation assembly Code phase
Gcc-x cpp-output-s-o hello.s hello.cpp-m32
XX.S is the assembly code
3. Assembler Generation target Code phase
Gcc-x assembler-c Hello.s-o Hello.o-m32
XX.O is the target code
4. Linker Generation Executable Phase
Gcc-o hello.static hello.c-m32-static
5. See the difference between Hello and hello.static:
Ls-l
6. Supplement:
- Hello and hello.o are elf files
- The. static file puts all of the C library files into this executable program (so takes up more space)
Two. Format of the target file elf
1. Common Target file formats:
- A.out, COFF, PE (Windows)/elf (Linux)
2. Target file is also called ABI: Application Binary interface
3.ABI is binary compatible : The target file has been adapted to a binary directive on some CPU architecture
3 types of target files in 4.ELF format:
- The destination file can be relocated. Contains binary code and data in a form that can be combined with other relocatable target files at compile time to create an executable target file
- Executable target file: Contains binary code and data, the form can be copied directly to the memory and executed
- Shared destination file: A special type of relocatable target file that can be dynamically loaded into storage and linked at load or run time
5. Statically linked elf executable file and process address space
When the elf executable is loaded into the process's address space:
- The default load start address is 0x8048000
- Elf head size is different, the program entry point will be different, the program entrance is defined in the head: thatEntry point addressis, the executable file loaded into memory to begin execution of the first line of code
- A general static link places all the code in a single code snippet
- A dynamically linked process can have more than one code snippet, more complex
Three. executable files, shared libraries, and dynamic links
- Executable Environment for executable programs
- Typically we execute a shell environment for a program, and our experiment directly uses the EXECVE system call.
- The shell itself does not limit the number of command-line arguments, the number of command-line arguments is limited by the command itself
- For example, int main (int argc, char *argv[])
- Also, int main (int argc, char argv[], char envp[])//ENVP is the execution environment of the shell
- The shell calls Execve to pass command-line arguments and environment parameters to the main function of the executable program.
- int Execve (const char * filename,char * CONST argv[],CHAR * Const envp[]);
2. Command-line arguments and environment strings are placed in the user-state stack
3. How are command-line parameters and environment variables saved and passed?
The child process that is created completely replicates the parent process, the executable that is loaded when calling Execve, the process environment is overwritten, the child process user-state stack is emptied, and the command-line arguments and environment variables are stored in the new executable program's user-state stack?
Parameter passing procedure:Shell program, EXECVE system call, Sys_execve kernel handler is copied when initializing the new program stack
The function calls the parameter pass, then the system calls the parameter pass: when calling Execve, the parameter is pressed on the shell's current process stack, the new executable is loaded, and the kernel creates a new process user-state stack, which copies the parameters.
4. Dynamic link and runtime dynamic link application at load time
-
- Dynamic linking is divided into executable program loading dynamic link and runtime dynamic link (most use the former);
- Example 1 (dynamic linking of shared libraries)
-
Prepare the. So file (dynamic link file format under Linux,. dll in Windows)
#ifndef _SH_LIB_EXAMPLE_H_
#define _SH_LIB_EXAMPLE_H_
#define SUCCESS 0
#define FAILURE (-1)
#ifdef __cplusplus
extern "C" {
#endif
/ *
* Shared Lib API Example
* input: none
* output: none
* return: SUCCESS (0) / FAILURE (-1)
*
* /
int SharedLibApi (); // The content has only one function header definition
#ifdef __cplusplus
}
#endif
#endif / * _SH_LIB_EXAMPLE_H_ * /
/ * ------------------------------------------------ ------ * /
#include <stdio.h>
#include "shlibexample.h"
int SharedLibApi ()
{
printf ("This is a shared libary! \ n");
return SUCCESS;
} / * _SH_LIB_EXAMPLE_C_ * /
-
-
compiling into. so files
$ gcc -shared shlibexample.c -o libshlibexample.so -m32
5. Compiling
1. $ gcc main.c -o main -L / path / to / your / dir -lshlibexample -ldl -m32 #Only provide shlibexample -L (the directory where the interface header files corresponding to the library are located, which is path to your dir ) And -l (library names, such as libshlibexample.so, remove parts of lib and .so), did not provide information about dllibexample, but only specified -ldl
2. $ export LD_LIBRARY_PATH = $ PWD #Add the current directory to the default path, otherwise main cannot find the dependent library files, of course, you can also copy the library files to the default path.
3. $ ./main
4.This is a Main program!
5.Calling SharedLibApi () function of libshlibexample.so!
6.This is a shared libary!
7.Calling DynamicalLoadingLibApi () function of libdllibexample.so!
8.This is a Dynamical Loading libary!
Four. Loading of executable programs
1. Special system calls:
- Fork: Two returns, the first time the parent process returns, the child process also returns to a specific point: executes from ret_ from_fork and then returns to the user state.
- EXECVE: Fall into the kernel state call Execve load executable program, the current program is overwritten, return is a new executable program. Return is the starting point of execution of the new program, usually the main function, to build a good execution environment.
The executable file format is parsed internally by 2.sys_execve:
Do_ Execve, Do_ execve_ Common, EXEC_BINPRM
Internal process of 3.sys_execve
Do_ execve (getname (filename), argv,envp), Do_ execve_ Common (FILENAME,ARGV,ENVP):
- 1. Do_ open_ exec Open the executable file to load
- 2, create the structure BPRM, copy the parameters into the structure of the body
- 3, Exec_ BINPRM: The process of the executable file, the key code Search_ BINARY_ handler look for executable files, which is the key list_ for_ Each_ (FMT, entry, LH) Looking for a kernel module in the list that can parse the elf format, Fmt->load_ binary (BPRM) finds the FMT node, points to the module that can parse the ELF format, loads the handler, executes the Load_ elf_binary, see above
load_ elf_binary: Rigorous parsing of elf format files, core work: Mapping Elf executables to process address space (default loading start address is 0x8048000)
Start_ thread (regs,elf_ entry,bprm->p):
- For statically linked file Elf_entry is the starting point for the execution of the new program (defined by the header of the executable file)
- The dynamically linked executable needs to load the connector LD First, load the dynamic library Elf_entry = Load_elf_interp, and point to the starting point of the dynamic linker.
Five. Experiments
1. Build the Environment:
cd LinuxKernel
rm menu -rf
git clone https://github.com/mengning/menu.git
cd menu
mv test_exec.c test.c
vi test.c // Added exec
vi MakeFile
make rootfs
2. Updating the menu kernel
View TEST.c File
Direct e-hello.c switch to HELLO.C
View Makefile
Start the kernel and verify the EXECV function
Freeze the kernel and start GDB debugging
For debugging
- Stop at Sys_execve and set other breakpoints; Press C all the way down until the breakpoint Sys_execve
- Press S to jump into function stepping
- NEW_IP is the first instruction to return to the user state
Exit the debug state, enter redelf-h hello to see the EIF header of Hello
Six. Summary
Analyze the system call processing process for the exec* function:
1. Loading of dynamically linked executables: Elf format files rely on dynamic-link libraries, dynamic-link libraries. So may also rely on other dynamic link libraries, in fact the dependency of a dynamically linked library forms a graph. Executables that need to be dynamically linked load the connector ld,elf_entry point to the dynamic linker's starting point, and then see if the dynamic link library also relies on other dynamic link libraries, in fact, the whole process is to traverse a graph and load all the dependent dynamic link libraries. LD gives control of the CPU to the executable program, mainly by LD, not the kernel.
2. Zhuang Zhou Dream Butterfly--Zhuangzhou (call Execve executable program) to sleep (call Execve into the kernel), Wake up (System call Execve back to the user state) found himself a butterfly (executable program loaded by EXECVE)
20135201 Li Chenxi "Linux kernel analysis" Seventh Airplanes Execution program loading