Experiment Seven: How the Linux kernel loads and starts an executable program

Source: Internet
Author: User

Experiment Seven: How the Linux kernel loads and starts an executable program

Name: Wang Zhaoxian

Study No.: 20135114

Note: Original works reproduced please specify the source + "Linux kernel analysis" MOOC course http://mooc.study.163.com/course/USTC-1000029000

Creation of executable files

C code (. C)-pre-processing by the compiler, compiled into assembler code (. asm)-assembler, generate target code (. O)-linker, link to executable (. Out)-The OS loads the executable file into memory.

1. preprocessing

GCC-E-o hello.cpp hello.c-m32 preprocessing (text file)
Preprocessing is responsible for the inclusion of the file included in the macro replacement and other work

2. Compiling
Gcc-x cpp-output-s-o hello.s hello.cpp-m32 compiled into assembly code (text file)

3. compilation
Gcc-x assembler-c hello.s-o hello.o -m32 compiled into target code (ELF format, binary file, some machine instructions, just not yet run)

4. links
Gcc-o Hello hello.o-m32 link to executable file (elf format, binary file)
A shared library is used inside the hello executable, and functions in the PRINTF,LIBC library are called
Gcc-o hello.static hello.o-m32-static static link
Put everything you need to rely on for execution inside the program.

(2) Elf three main target files:

1. Relocatable: Save code and appropriate data to create executable/shared files with other object files, mainly. o Files

2. Executable: Indicates how exec created the program process image, how it was loaded, and where to start execution

3. Share the object file: Save the code and the appropriate data to be linked by the following two connectors.

(1) Connect to the editor to relocate and share the object file. That is, the load link.

(2) Dynamic linker, Federated executable, other shared object file to create process image. That is, the run-time link.


(3) Execution Environment of executable program

    • command-line arguments and shell environments, typically we execute a shell environment for a program, and our experiment directly uses the EXECVE system call.

      • $ ls-l/usr/bin Listing directory information under/usr/bin

      • The shell itself does not limit the number of command-line arguments, the number of command-line arguments is limited by the command itself

        • For example, int main (int argc, char *argv[])

        • Also, int main (int argc, char *argv[], char *envp[])

      • The shell calls Execve to pass command-line arguments and environment parameters to the main function of the executable program.

        • int Execve (const char * filename,char * CONST argv[],CHAR * Const envp[]);

        • The library function exec* are EXECVE encapsulation routines

(4) Loading of executable program

    • command-line arguments and shell environments, typically we execute a shell environment for a program, and our experiment directly uses the EXECVE system call.

      • The shell itself does not limit the number of command-line arguments, the number of command-line arguments is limited by the command itself

        • For example, int main (int argc, char *argv[])

        • Also, int main (int argc, char *argv[], char *envp[])

      • The shell calls Execve to pass command-line arguments and environment parameters to the main function of the executable program.

        • int Execve (const char * filename,char * CONST argv[],CHAR * Const envp[]);

        • The library function exec* are EXECVE encapsulation routines

    • Sys_execve Internal Parse executable file format

Experimental steps:

1, first the menu to delete, in a clone, with TEST_EXEC.C cover off test.c.

2, open the test.c. Found an added sentence of Menuconfig.

3, open makefile, first statically compiled hello.c, generated the root file system when the init and hello are put into the rootfs image inside, so when the exec will automatically help us load hello this file.

4. Execution result Hello world! is the output of a newly loaded executable program.

5,-s-s Single Step debugging, window is frozen.

6, set three breakpoints: Sys_execve,load_elf_binary,start_thread.

7, list to track, enter s can enter the interior of DO_EXECVE. Press C to continue execution and run to load_elf_binary. List View Code, enter n a sentence tracking, NNNC, tracking to Start_thread.

8, observe hello this executable program of the entrance, found also 0x8048d0a, and new_ip the same position. NEW_IP is the address of the first instruction returned to the user state.

9. New_ip and NEW_SP are assigned, and a new stack is set up.

Experiment:

Linux System Load Executable procedure understanding

When the EXECVE () system call terminates and the process resumes its execution in the user state, the execution context is drastically changed, and the new program to be executed has been mapped to process space, starting with the program entry point in the ELF header to execute the new program.

If the new program is statically linked, the program can run independently, and the entry address in the ELF header is the entry address of the program.

If the new program is dynamically linked, then the shared library needs to be loaded at this point, and the entry address of the ELF header is the entry address of the dynamic linker ld.

The new executable program executes, which requires the following:
1. The library functions it requires.
2. The process space that belongs to it: Code snippet, data segment, kernel stack, user stack, etc.
3. The operating parameters it requires.
4. The system resources it requires.

The EXECVE system call calls Sys_execve, then Sys_execve calls Do_execve, then Do_execve calls Do_execve_common, and Do_execve_common calls EXEC_BINPRM, In the EXEC_BINPRM:

For the elf file format, the FMT function pointer actually executes load_elf_binary,load_elf_binary calls Start_thread, in Start_thread by modifying the value of the EIP in the kernel stack to point to the elf_ Entry, jump to Elf_entry execution.
For statically linked executable programs, Elf_entry is the starting point for the new program's execution. For dynamically linked executable programs, you need to load the linker ld first,
Elf_entry = Load_elf_interp (...)
The CPU control is given to the LD to load the dependent library, and the LD returns the CPU control to the new process after the loading work is completed.

Summarize:

Create a new process

The new process calls the EXECVE () system call to execute the specified elf file

Call the kernel's entry function Sys_execve (), and the Sys_execve () service routine modifies the execution context of the current process;

Experiment Seven: How the Linux kernel loads and starts an executable program

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.