This is the mail archive of the
libc-help@sourceware.org
mailing list for the glibc project.
Re: Understanding in detail how linux prepares to execute a program
- From: "Ryan Arnold" <ryan dot arnold at gmail dot com>
- To: "Stephen Torri" <torrisa at auburn dot edu>
- Cc: libc-help at sourceware dot org
- Date: Mon, 13 Oct 2008 09:41:59 -0500
- Subject: Re: Understanding in detail how linux prepares to execute a program
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=NVirGlm/eeW6p2fZwSI/JT8tXGNuz7djDStyVYj9B3s=; b=j51XJW79l1GQUm+bL/SwtsrhbAvK9h/7BqfUXTM64Lsek6+duHHPWFjIgGkgIm8tOf 9VxiEESGekiKanCUHAsk3r9J4jAXKG/Vtg1Hme3JftFJbbgYJs6CFDuaM6Rb8HV1yy0i YOxwOUHqX/PiG7v822p6fdr5KK0lWB6f0Bd5U=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=Sw1AquqayYR48tOcpOaEG9/yk9DoDEi/f9HKbRLHraGI4AFPdwC+ZEZ59w0xTvHNNW os6HIbET0eqzvu/4UL/BK32pLccce6KdFyaVH3L81jQE3gpHoGWkGpVXsff5aeT6xkTS /MVwdLQaAuGVt18OBd1g7zFVh79dFsRN5oZDo=
- References: <1223907624.6090.5.camel@workerbee.gateway.2wire.net>
On Mon, Oct 13, 2008 at 9:20 AM, Stephen Torri <torrisa@auburn.edu> wrote:
> I am investigating reverse engineering of binary programs on the Linux
> platform. Where can I find information of the steps Linux takes to
> execute a program (e.g. /bin/cp)? My search has lead me to think that I
> need to study glibc, specifically ld-<version>.so, for my answer.
Yep, the dynamic linker/loader ld.so is one of the responsible
parties. You don't need to reverse engineer anything. Just use
readelf, objdump, nm, and your architecture's ELF ABI supplement to
figure out what is going on.
There's also a book by John R. Levine called: "Linkers and Loaders"
that may be helpful.
> The question I am trying to answer with the knowledge of the steps Linux
> takes to execute a program is how the segment registers are loaded from
> the information in the ELF header.
The ELF ABI supplement for your architecture should indicate how an
executable file is mapped into memory by the loader.
Ryan S. Arnold