ELF Execution
ELF Execution
- The shell makes an
execvc system call to run an
executable binary, and the kernel responds with
sys_execve which calls the do_execve
function.
- It opens the executable binary and does some preparation. It
calls
search_binary_handler. That will call
load_elf_binary in our case.
- It allocates memory segments for the program headers and zeroes
out the BSS section by calling the
padzero
function.
load_elf_binary also checks for the INTERP segment.
According to AMD64 SysV ABI, the only valid interpreter is
/lib/ld64.so.1.- If there's a loader, it'll call
load_elf_interp
function to load the interpreter as well.
- Finally it calls
start_thread and passes control to
either the binary or the interpreter.
ELF Execution
ELF Execution
- The shell makes an
execvc system call to run an
executable binary, and the kernel responds with sys_execve
which calls the do_execve function.
- It opens the executable binary and does some preparation. It calls
search_binary_handler. That will call
load_elf_binary in our case.
- It allocates memory segments for the program headers and zeroes out
the BSS section by calling the
padzero function.
load_elf_binary also checks for the INTERP segment.
According to AMD64 SysV ABI, the only valid interpreter is
/lib/ld64.so.1.- If there's a loader, it'll call
load_elf_interp
function to load the interpreter as well.
- Finally it calls
start_thread and passes control to
either the binary or the interpreter.