Dynamic Linking [PE32, GOT, PLT]

[pagefault]

I could do with a bit of help with this. I've got some basic ELF program loading done, running in ring 0. No multitasking yet, so everything happens in direct sequence. Anyway, I'm working on a dynamic linker, so that when I want to I can put a driver into a separate file, and treat it like I've compiled it into my core kernel to begin with.

I've parsed the dynamic section, and got hashed lookups working. But I'm lost beyond this. How do I link the DSO to the core kernel and vice versa? I think that I'd like on-demand method linking, but don't know how to work with the GOT and PLT.

[kmcguire]

This helped me, and maybe it can help you.
http://www.iecc.com/linker/linker10.html

See, Lazy procedure linkage with the PLT.

[pagefault]

Thanks for the link. I've reread it again, and learned a fair bit. So I only need to patch the second and third entries of the GOT at first - I can leave the PLT alone. I've got one or two questions though.

First, (GOT+8) contains the dynamic linker routine. Now, (GOT+4) and another number is passed as parameters to this routine. When this routine is called, I presume I need to patch the GOT manually, and then jump off to the method in question. I want to check that I've gotten the code for the dynamic linking routine right
1. The second pushed number is a relocation offset
2. Add the relocation offset to the relocation table to get the needed element
3. The needed element points to the element in the file's symbol table
3a. Is this the dynamic symbol table?
3b. Which field is the pointer in?
4. The symbol table element points to the GOT entry
4a. Again, which field is the pointer?
4b. If the pointer value is 0x10, is it the 0x10th GOT entry, or the fourth (GOT+0x10)?
5. I need to put the address of the symbol table element into the needed GOT entry
6. Pop off the two parameters
7. Jump to the code

Finally, I'd be interested to know if hashed lookups come into it anywhere...