Linux Kernel Analysis Seventh Week study summary-executable program loading

Linux Kernel Analysis Sixth Week study summary--description of the process and creation of the process

Zhang Yi (Original works reproduced please specify the source)

"Linux kernel Analysis" MOOC course http://mooc.study.163.com/course/USTC-1000029000

I. SUMMARY OF KNOWLEDGE

(a) preprocessing, compiling, linking, and format of the target file

1. How can I get the executable program?

2. Format of the target file elf

3. Statically linked elf executable file and process address space

(ii) executable programs, shared libraries, and dynamic loading

1. Work before loading the executable program

2. Load-time dynamic link and runtime dynamic link application Example

(iii) Loading of executable programs

1. Analysis of key issues related to the loading of executable programs

Internal process of 2.sys_execve

3. Using GDB to track the processing of SYS_EXECVE kernel functions

4. Executable program loading and Zhuangsheng dream Butterfly Story

5. Analysis of dynamic linked executable program loading

Second, study notes

(a) preprocessing, compiling, linking, and format of the target file

1. How can I get the executable program?

C code--preprocessing--assembly code--Target code--executable file

Preprocessing is responsible for including the include file and macro replacement work.

Both Hello and hello.o are files in the elf format.

2. Format of the target file elf

(1) a.out COFF PE, ELF (Linux)

(2) abi--Application Binary interface

(3) Type:

1. A relocatable (relocatable) file holds the code and the appropriate data to create an executable file or a shared file with other object files.
2. An executable (executable) file holds a program for execution, which indicates how EXEC (BA_OS) creates the process image of the program.
3. A shared object file holds the code and the appropriate data to be linked by the following two linker. The first is the connection editor [see LD (SD_CMD)], which can be used to relocate and share an object file to create additional objects . The second is a dynamic linker that unites an executable file and other shared object files to create a process image.

3. Statically linked elf executable file and process address space

(1) The corresponding relationship between Elf and Linux process virtual space memory is as follows:

The program starts with 0x804800.

The first line of code that the executable file loads into memory to begin execution.

A general static link will put all the code in the same code snippet.

A dynamically connected process will have multiple code snippets.

(ii) executable programs, shared libraries, and dynamic loading

1. Work before loading the executable program

(1) command-line arguments and the shell environment, generally we execute a program of the shell environment, our experiment directly using the EXECVE system call.

• $ ls-l/usr/bin Listing directory information under/usr/bin
• The shell itself does not limit the number of command-line arguments, the number of command-line arguments is limited by the command itself
  • For example, int main (int argc, char *argv[])
  • Also, int main (int argc, char *argv[], char *envp[])
• The shell calls Execve to pass command-line arguments and environment parameters to the main function of the executable program.
  • int Execve (const char * filename,char * CONST argv[],CHAR * Const envp[]);
  • The library function exec* are EXECVE encapsulation routines

(2) How command-line arguments and environment variables are passed and saved

command-line arguments and environment strings are placed in the user-state stack

Shell--execv--sys_execv

2. Load-time dynamic link and runtime dynamic link application Example

Dynamic linking is divided into the dynamic link and runtime dynamic link when the executable program is loaded, and the following code demonstrates these two kinds of dynamic links.

• Prepare the. So file

Shlibexample.h (1.3 KB)-Interface of Shared Lib Example
SHLIBEXAMPLE.C (1.2 KB)-Implement of Shared Lib Example

Compiling into a libshlibexample.so file

$ gcc-shared Shlibexample.c-o Libshlibexample.so-m32

Dllibexample.h (1.3 KB)-Interface of dynamical Loading Lib Example
DLLIBEXAMPLE.C (1.3 KB)-Implement of dynamical Loading Lib Example

Compiling into a libdllibexample.so file

$ gcc-shared dllibexample.c-o libdllibexample.so-m32 #编译方式和上面一样

• Use libshlibexample.so files and libdllibexample.so files in shared libraries and dynamically loaded shared libraries, respectively

MAIN.C (1.9 KB)-Main Program
Compile main, note that this provides only shlibexample-L (the directory where the interface header file for the library is located) and-L (the library name, If libshlibexample.so remove Lib and. So parts), and does not provide information about Dllibexample, but indicates the-LDL

$ gcc main.c-o main-l/path/to/your/dir-lshlibexample-ldl-m32$ export ld_library_path= $PWD #将当前目录加入默认路径, otherwise main cannot find a dependent library File, and of course you can copy the library file to the default path. $./mainthis is a Main program! Calling Sharedlibapi () function of libshlibexample.so! This is a shared libary! Calling Dynamicalloadinglibapi () function of libdllibexample.so! This is a dynamical Loading libary!

(iii) Loading of executable programs

1. Analysis of key issues related to the loading of executable programs

Sys_execve Internal Parse executable file format

• Do_execve, Do_execve_common, EXEC_BINPRM
• The Search_binary_handler conforms to the parsing module corresponding to the search file format, as follows:

1369    list_for_each_entry (FMT, &formats, LH) {1370        if (!try_module_get (fmt->module)) 1371            continue;1372        Read_unlock (&binfmt_lock); 1373        bprm->recursion_depth++;1374        retval = fmt-> Load_binary (BPRM); 1375        Read_lock (&binfmt_lock);

• For the elf-formatted executable fmt->load_binary (BPRM), the execution should be load_elf_binary its interior is and the elf file format parsing part needs to be read with the elf file format standard
• How does the Linux kernel support a variety of different executable file formats?

82static struct Linux_binfmt Elf_format = {  . module     = this_module,84  . load_binary    = load_elf_ binary,//function pointer  -load_shlib = load_elf_library,86  . Core_dump  = elf_core_dump,87  . min_coredump   = elf_exec_pagesize,88};

2198static int __init init_elf_binfmt (void) 2199{2200    register_binfmt (&elf_format); #注册2201    return 0; 2202}

• Elf_format and Init_elf_binfmt, is this the observer in the Observer pattern?

Internal process of 2.sys_execve

To mount and start an executable program, call the following function in turn:

Sys_execve (), Do_execve (), Do_execve_common (), EXEC_BINPRM (), Search_binary_handler () _binary (), Start_thread ()

3. Use GDB to track the processing of SYS_EXECVE kernel functions (see Homework after Class)

4. Executable program loading and Zhuangsheng dream Butterfly Story

Where is the starting point for executable execution? How can I get the EXECVE system call back to the user state when the new program is executed?

• Zhuangsheng Dream Butterfly--Wake up confused is Zhuang Zhou dream of butterfly or butterfly dream of Zhuang Zhou?

• Zhuang Zhou (call Execve's executable program) to sleep (call Execve into the kernel), Wake up (System call Execve back to the user state) found himself a butterfly (executable program loaded by EXECVE)

   (￣▽￣) "The original Dream, sleep is a good thing,   sleep before the sp/ip change into a new program, which I think

• Modifying an EIP for an int 0x80 into the kernel stack

• Load_elf_binary-Start_thread

5. Analysis of dynamic linked executable program loading

(1) You can focus on interp and dynamic in the ELF format.

(2) The loading process of a dynamic link library is a graph traversal.

(3) After loading and connecting the LD gives the CPU control to the executable program.

Third, after-school homework

1. Understand the process of compiling links and the elf executable file format, refer to the first section of this week for details;

The answer to the second part of the study note (i) preprocessing, compilation, linking and the format of the target file

2. Programming using the exec* library function to load an executable file, dynamic link is divided into executables when loading dynamic link and runtime dynamic link, programming exercises dynamic link Library of these two ways of use, the details refer to the second section of this week;

The answer to the second part of the study notes (ii) executable programs, shared libraries, and dynamic loading

3. Use GDB trace to analyze a EXECVE system call kernel processing function SYS_EXECVE, verify your understanding of the process required to load the executable program Linux system, the details of this week in the third section, recommended in the experimental Building Linux virtual machine environment to complete the experiment.

The specific code of the program is as follows:

Makefile:

Make Rootfs:

To start Debugging:

Three execution to the following interface:

Where exec discovery executes at this point

List the code that was executed:

4. Paying particular attention to the commencement of the new executable process? Why does the new executable program execute smoothly after the EXECVE system call returns? What is the difference between a static-linked executable program and a dynamically-linked executable EXECVE system call return?

The answer to the second part of the study note (iii) loading of executable programs

5. According to this week's knowledge analysis exec* function corresponding system call processing process, write a signed blog, and in the blog post "real name (and the name of the final application certificate must be consistent) + Original works reproduced please specify the source +" Linux kernel Analysis "MOOC course http:/ mooc.study.163.com/course/ustc-1000029000 "

Summary section: Clarify your understanding of the "Linux kernel load and start an executable program"

• When a Linux kernel or program (such as a shell) uses the fork function to create a child process, the child process often calls an EXEC function to execute another program.
• When a process calls an EXEC function, the program that executes the process is completely replaced with the new program, and the new program starts with its main function.
• Because calling exec does not create a new process, the process ID before and after does not change.
• exec simply replaces the body, data, heap, and stack segments of the current process with a completely new program.

Linux kernel Analysis Seventh Week study summary-executable program loading