Program Execution and ELF Files Extended System Programming Laboratory (ESPL) CS BGU Fall 2013/2014 Abed Asi
Runs programs – command line Not the only program that runs other programs make gcc and more … How this happens ? Who is responsible for that? Operating System System call exec family - execvp, execl, execv, … 2
These functions receive the path of the program executable file receive a list of the program arguments loads the program into memory, and run it … Last lecture, fork( ) and exec( ) why these function are used together ? 3
Unix has several different types of executable files You are already familiar with some of them: Binary files Bash script more ? Are these files executed similarly by the OS ? 4
Binary file Compiled – intermediate binary Loading data and code to memory Moving control to the entry point Running the machine-code Scripts No compilation We don’t have the binary code nor the memory content A specified program parses and runs the commands Commands are interpreted line-by-line How do we specify which interpreter runs the script ? 5
The first line - #!/bin/sh exec( ) uses this to determine the type of the executable shebang is encountered it is a script file The first line contains the path of the relevant program too What can we do with it ? 6
No sanity checks for the shebang line Every program/utility could appear there 7 #!/bin/cat Hello world #!/bin/rm ls -l
8
ELF defines a format of executable binary files There are three main types Relocatable ▪ Created by compilers or assemblers. Need to be processed by the linker before running Executable ▪ Have all relocation done and all symbol resolved except perhaps shared library symbols that must be resolved at run time Shared Object ▪ Shared library containing both symbol information for the linker and directly runnable code for run time 9
Compilers, assemblers, and linkers treat the file as a set of logical sections The system loader treats the file as a set of segments 10 Sections are intended for further processing by a linker Segments are intended to be mapped into memory
Program and section header table offsets
12 section.text global _start ; _start: ;tell linker entry point mov edx,len ;message length mov ecx,msg ;message to write mov ebx,1 ;file descriptor (stdout) mov eax,4 ;system call number (sys_write) int 0x80 ;call kernel mov eax,1 ;system call number (sys_exit) int 0x80 ;call kernel section.data msg db 'Hello world!',0xa ;our dear string len equ $ - msg ;length of our dear string
13 Magic: 7f 45 4c Class: ELF32 Data: 2's complement, little endian Version: 1 (current) OS/ABI: UNIX - System V ABI Version: 0 Type: EXEC (Executable file) Machine: Intel Version:0x1 Entry point address:0x Start of program headers: 52 (bytes into file) Start of section headers: 256 (bytes into file) Flags: 0x0 Size of this header: 52 (bytes) Size of program headers: 32 (bytes) Number of program headers: 2 Size of section headers: 40 (bytes) Number of section headers: 7 Section header string table index: 4
A relocatable or shared object file is a collection of sections Each section contains a single type of information, such as program code, read-only data, read/write data, symbols Every symbol’s address is defined relative to a section For example, the entry point is relative to the code section 14
15 [Nr] Name Type Addr Off Size [ 0] NULL [ 1].text PROGBITS d [ 2].data PROGBITS a0 0000a e [ 3].comment PROGBITS ae 00001f [ 4].shstrtab STRTAB cd [ 5].symtab SYMTAB b0 [ 6].strtab STRTAB c
An object file symbol table holds information needed to locate and relocate a program’s symbolic definition and references 16 Num: Value Size Type Bind Vis Ndx Name 0: NOTYPE LOCAL DEFAULT UND 1: FILE LOCAL DEFAULT ABS hello.asm 2: SECTION LOCAL DEFAULT 1 3: SECTION LOCAL DEFAULT 2 4: NOTYPE LOCAL DEFAULT 2 msg 5: e 0 NOTYPE LOCAL DEFAULT ABS len 6: e 0 NOTYPE LOCAL DEFAULT ABS len 7: NOTYPE GLOBAL DEFAULT 1 _start 8: ae 0 NOTYPE GLOBAL DEFAULT ABS __bss_start 9: ae 0 NOTYPE GLOBAL DEFAULT ABS _edata 10: b0 0 NOTYPE GLOBAL DEFAULT ABS _end
17
18