ELF Loader question

Question about which tools to use, bugs, the best way to implement a function, etc should go here. Don't forget to see if your question is answered in the wiki first! When in doubt post here.
Post Reply
stdcall
Member
Member
Posts: 78
Joined: Thu Mar 14, 2013 1:30 am

ELF Loader question

Post by stdcall »

Hi, I'm implementing ELF loader using program headers. I find something quiet strange. I have two program headers that are marked to be 0x1000 aligned.
However, the second program header is marked to be loaded to not 0x1000 aligned address.
Does it make sense ?

Here's the dump of the sections:
DEBUG: Header: 0 Type: 1 Offset: 0x0 V-addr: 0x8048000 P-addr: 0x8048000 FSize: 0x270c MSize: 0x270c Flags: 5 Align: 1000
DEBUG: Header: 1 Type: 1 Offset: 0x270c V-addr: 0x804b70c P-addr: 0x804b70c FSize: 0x2184 MSize: 0x21fc Flags: 6 Align: 1000
“Meaningless! Meaningless!”
says the Teacher.
“Utterly meaningless!
Everything is meaningless.” - Ecclesiastes 1, 2

Educational Purpose Operating System - EPOS
simeonz
Member
Member
Posts: 360
Joined: Fri Aug 19, 2016 10:28 pm

Re: ELF Loader question

Post by simeonz »

Apparently, the requirement is that "p_vaddr should equal p_offset, modulo p_align", as per the man. The man also says that "This member holds the value to which the segments are aligned in memory and in the file", but that statement is it seems a dud. You may also want to check the related SO answer here, which I used for clarification to your question :). The static linker can however achieve actual page alignment of the data, by making sure that p_vaddr is on a page boundary. If not, the role of p_align is to guarantee that the elf segments can be loaded by memory mapping, not copying.

Note also that the virtual addresses are not consecutive with respect to the file offsets. There is a page gap 0x804a70c-0x804b70c in order to allow differential application of page access flags (which involves mapping the file block at 0x2000 from the same physical frame in memory twice in the process address space using different PTEs). Normally, that would be considered security exploit (and I am still not sure that it is not to some degree), but the first segment is usually header information and is hopefully non-impacting after the program loading have finished.

P.S. I hope that someone else will collaborate or contradict this. Although the evidence demonstrates that this is the case, I haven't programmed an actual elf loader, in order to be certain.
Post Reply