===================================================== Á¦¸ñ : Executable and Linking Format (Spec 1.2) ÀÛ¼ºÀÚ : Application Binary Interface(ABI) & TIS ÀÛ¼ºÀÏÀÚ : ¾Ë¸®¸¸¹« ¶óÀ̼¾½º : GPL ȨÆäÀÌÁö : http://osx86.codesum.org ºÐ¼®*¹ø¿ª: edward frswz ºÐ¼® ¹öÁ¯: ver 0.0.1 ===================================================== Executable and Linking Format ======================================================= * Áغñ¹° % Linux ȯ°æ¿¡¼­ ASSEMBLEÇÏ´Â °æ¿ì - i386ÀÌ»ó - ¸®´ª½º - NASM - binutils package(gcc, gdb, ld, objcopy, objdump Çʼö) - binutils source - xxd or od or hexedit or hexeditor (¾Ï°Å³ª ÁÖ·Î ¼³¸íÀº hexeditor¸¦ ÀÌ¿ëÇÔ) Àú´Â file format À̳ª linux¿¡ ´ëÇؼ­ °ÅÀÇ ¹®¿ÜÇÑ ÀÌ´Ï Æ²¸° ³»¿ëÀ̳ª ÀÌ»óÇÑ ³»¿ëÀº ¹Ù·Î ¸ÞÀÏ·Î ¾Ã¾îÁÖ¼¼¿ä. Á¦°¡ °ËÁõ ÈÄ ¹Ù·Î °íÃļ­ ¾÷µ¥ÀÌÆ® ÇÏ°Ú½À´Ï´Ù. À̹®¼­´Â °áÄÚ Á¦ °³ÀÎÀÇ Ã¢ÀÛ¹°À̳ª ±×·±°ÍÀÌ ¾Æ´Ñ ´Ù¸¥ÀÌ(TISÆÀ)ÀÇ ¹®¼­¸¦ ¹ø¿ª ºÐ¼®ÀÛ¾÷À» ÇßÀ» »ÓÀÔ´Ï´Ù. ¸¸¾à ÀÌ ¹®¼­ÀÇ ¿øº»À» ÀÛ¼ºÇϽźÐÀÌ ÀÌÀǸ¦ Á¦±âÇÒ °æ¿ì Á¦ ȨÆäÀÌÁö¿¡¼­ Áö¿ï°ÍÀÓÀ» ¾Ë·Áµå¸®´Â ¹ÙÀÔ´Ï´Ù. email : osx86@codesum.org ======================================================= 0. ¼­¹® ELF Æ÷¸ËÀº UNIX SYSTEM Laboratories ÀÇ Application Binary Interface ÆÄÆ®¿¡¼­ °³¹ßÇÏ¿´°í, Tool Interface Standards ¿¡ ÀÇÇØ 32-bit IA ȯ°æÀÇ ´Ù¾çÇÑ OS ÀÇ portable object file format À¸·Î ¹ßÀüµÇ¾ú´Ù°í ÇÕ´Ï´Ù. (±×³É µéÀº°Å¶ó Àß ¸ð¸§.. ´©°¡ ¸¸µé¾ú´ÂÁö °ü½Éµµ ¾øÀ½) 1. ÀÌ ¹®¼­¿¡ ´ëÇØ À̹®¼­´Â ´Ù¾çÇÑ 32bit-IA ȯ°æ¿¡¼­ÀÇ object or executable file format »ý¼º ¿¡ ´ëÇØ ¾Ë¾Æº¸°íÀÚ ÇÑ´Ù. PART 1. "OBJECT FILES" - ELF OBJECT ÆÄÀÏ Æ÷¸Ë¿¡ ´ëÇÑ ¼³¸í PART 2. "Program Loading & Dynamic Linking" - ÆÄÀÏ»ý¼º ¹× ÇÁ·Î±×·¥ ½ÇÇà½Ã, ¿ÀºêÁ§Æ® ÆÄÀÏ Á¤º¸¿Í ½Ã½ºÅÛ ¾×¼Ç¿¡ ´ëÇÑ ¼³¸í PART 3. "C Library" - libsys ¿¡ Æ÷ÇÔµÈ ½É¹ú ¸®½ºÆ® - ANSI C ¿Í libc ·çƾ ±×¸®°í global data symbol ¿¡ libc ǪƾÀÇ ÇÊ¿ä¿¡ ´ëÇÑ ¼³¸í PART 1. OBJECT FILES 1-1. Introduction part1¿¡¼­´Â ELF¶ó ºÒ¸®´Â iABI object file format¿¡ ´ëÇØ ¼³¸íÇÏ°íÀÚ ÇÑ´Ù. ELF ´Â 3°¡Áö main type ÀÌ ÀÖ°í ´ÙÀ½°ú °°´Ù. * relocatable file(Àç¹èÄ¡ °¡´É ÆÄÀÏ) : code¿Í data¸¦ ´Ù¸¥ object file°ú linking ½ÃÄÑ executable or shared object ÆÄÀÏ »ý¼ºÀÌ ¿ëÀÌÇÏ´Ù. * executable file(½ÇÇà °¡´É ÆÄÀÏ) : exec(BA_OS)°¡ ÇÁ·Î±×·¥ ÇÁ·Î¼¼½Ì À̹ÌÁö¸¦ ¾î¶»°Ô ÇÏ´ÂÁö ¾Ë¼öÀÖ´Ù. °Á ½ÇÇàÆÄÀÏÀ̶ó°í ... * shared object file(¾î¼³Ç ¹ø¿ª ¾ÈÇÒ·¡¿ä. ±×³É ±×´ë·Î ÀÌÇØÇϼ¼¿ä) : code¿Í data¸¦ ´Ù¸¥ object file°ú linking(µÎ°¡Áö ¿¹) First, ´Ù¸¥ relocatable file °ú shared object file ¸¦ ÀÌ¿ëÇØ ´Ù¸¥ Object file »ý¼º Second, dynamic linker ¸¦ ÀÌ¿ëÇØ executable file °ú other shared object¸¦ °áÇÕÇØ process image »ý¼º 1-2. File Format Object file Àº program linking °ú execution ¿¡ ÀÌ¿ëµÇ¸ç, fileÀÇ ³»¿ë¿¡ ´ëÇÑ ¾î¶² µ¿ÀÛ¿¡ ´ëÇØ ÇÊ¿äÇÑ ºÎºÐºÎºÐÀ» ¾Ë·ÁÁְԵȴÙ. Figure 1-1 ¿¡¼­ object file ÀÇ ±¸¼ºÀ» ³ªÅ¸³»°í ÀÖ´Ù. Figure 1-1: Object File Format linking view Execution view ------------------------------ ------------------------------ | elf header | | elf header | ------------------------------ ------------------------------ | program header table | | program header table | | optional | | | ------------------------------ ------------------------------ | section 1 | | segment 1 | | ... | | | ------------------------------ ------------------------------ | section n | | segment 2 | | ... | | | ------------------------------ ------------------------------ | ... | | ... | ------------------------------ ------------------------------ | section header table | | section header table | | | | optional | ------------------------------ ------------------------------ * ELF header ´Â ÆÄÀÏ ±¸¼ºÀÇ ½ÃÀÛÁ¡¿¡ Á¸ÀçÇϸç, * section Àº linking view ¿¡ ´ëÇÑ object fileÀÇ ´ëºÎºÐÀÇ Á¤º¸(instructions, data, symbol table, relocation Á¤º¸ µî) ¸¦ °®°í ÀÖÀ¸¸ç, special section¿¡ ´ëÇÑ ³»¿ëÀº part1 µÞºÎºÐ¿¡ ³ª¿À¸ç, part2 ¿¡¼­´Â segment ¿Í program execution view ¿¡ ´ëÇؼ­ ³íÇÏ°Ô µÈ´Ù. * program header table ÀÌ Á¸ÀçÇÑ´Ù¸é system ÀÌ process image ¸¦ ¾î¶»°Ô »ý¼ºÇÏ´ÂÁö¿¡ ´ëÇØ ¾Ë¼öÀÖ°í, process image(execute a program)¿¡´Â Ç×»ó program header table°¡ Á¸Àç ÇÑ´Ù. ¹°·Ð relocatable fileÀº ¿¹¿Ü´Ù. * section header table Àº file ÀÇ section Á¤º¸¸¦ Æ÷ÇÔÇÏ°Ô µÇ¸ç, ¸ðµç section Àº entry(in the table)¸¦ °®°Ô µÇ°í, °¢°¢ÀÇ entry ´Â section name, section size¿Í °°Àº Á¤º¸µéÀ» Æ÷ÇÔÇÑ´Ù. (section header tableÀº linking ÀÛ¾÷À» Çϴµ¥ »ç¿ëµÈ´Ù.) # ¸Ó¶ó°í Áß¾ó °Å¸®´ÂÁö Àúµµ ¸ð¸£°Ú±º¿ä. ÇÏÁö¸¸ °¨Àº ´ëÃæ¿À´Âµ¥, ³ªÁß¿¡ elf-format ÆÄÀÏÀ» ¿­¾î¼­ Çѹø º¸µµ·ÏÇÏÁÒ. =========================================================== ¿©±â¼­ ºÎÅÍ´Â Á¦ »ý°¢´ë·Î ¾²´Â °ø°£ÀÔ´Ï´Ù. ³Ê¹« À̷и¸ ³ª¿À´Â°Å °°¾Æ Àúµµ ¹«½¼¸»ÀÎÁö ÀÌÇØ°¡ Àß ¾ÈµÇ°í, ½ÇÁ¦ ÄÚµå¿Í map À» ¿­¾î¼­ Çѹø ºÃÀ¸¸é ÁÁÀ»°Å °°¾Æ¼­ °£´ÜÇÑ ÇÁ·Î±×·¥À» ÀÛ¼ºÇÏ¿©, Çѹø µ¹·Áº¸°Ú½À´Ï´Ù. ¾ûÅ͸®·Î ¼³¸íÇÏ´Â°Ô ³Ê¹« À§ÇèÇÏ´Ù´Â°É ¾ËÁö¸¸, À̱ÛÀ» ÀÐÀ¸½Ã´Â ºÐµéÀÌ Àú¸¦ °¡¸£ÃÄ ÁÙ¼öµµ ÀÖ´Ù´Â »ý°¢¿¡ ÀÛ¼ºÇÕ´Ï´Ù. ÀÌ»óÇÑ ºÎºÐÀº ²À ¸ÞÀÏ·Î Å뺸ÇØÁÖ¼¼¿ä. #source : test1.c ------------------ int myVar = 5; int main() { } ------------------ # compile & linking & objcopy gcc -c test1.c ld -o test1 -Ttext 0x0 -Tdata 0x1234 -N -e main test.o -M > test1.map objcopy -R .comment -R .note -O binary test1 test1.bin ndisasm -b 32 test1.bin > test1.dmp ÀÏ´Ü ¿©±â±îÁö Çسõ°í ... spec ¿¡ ´ëÇÑ ¼³¸í¿¡ ¸¶Ãç ³ª¿Ã¶§ ¸¶´Ù Çѹø ¿­¾î¼­ È®ÀÎÇغ¾½Ã´Ù. =========================================================== 1.3 Data Representation object file format Àº 7bit¿Í 32bit ¾ÆÅ°ÅØÃÄÀÇ ´Ù¾çÇÑ ÇÁ·Î¼¼¼­¸¦ Áö¿øÇÏÁö¸¸, ´õ ÀÛ°Ô È¤Àº ´õ Å« ¾ÆÅ°ÅØÃÄ¿¡ ´ëÇÑ È®Àåµµ °¡´ÉÇÏ´Ù. ÀÌ´Â ¸Ó½Å µ¶¸³ÀûÀÎ formatÀÇ dataÅÍ È帧À» Ç¥ÇöÇÑ´Ù°í º¼¼öÀÖ´Ù. Figure 1-2: 32-Bit Data Types ------------------------------------------------------------------ Name Size Alignment Purpose ------------------------------------------------------------------ Elf32_Addr 4 4 Unsigned program address Elf32_Half 2 2 Unsigned Medium integer Elf32_Off 4 4 Unsigned file offset Elf32_Sword 4 4 Signed large integer Elf32_Word 4 4 Unsigned large integer unsigned char 1 1 Unsigned small integer ------------------------------------------------------------------ ============ inside the linux =========== #source : /linux/include/linux/elf.h typedef unsigned long Elf32_Addr; typedef unsigned short Elf32_Half; typedef unsigned long Elf32_Off; typedef long Elf32_Sword; typedef unsigned long Elf32_Word; (ÀÌ·±½ÄÀ¸·Î Á¤ÀÇ°¡ µÇ¾îÀֳ׿ä ... ¾Æ¸¶ part1¿¡¼­ ¾²ÀÌ´Â ´ëºÎºÐÀÇ flag³ª º¯¼ö´Â elf.h ¿¡ ÀÖÀ»°Ì´Ï´Ù.) ======================================== object file formatÀÇ ¸ðµç data ±¸Á¶´Â ''natural'' size¿Í alignmentÀÇ Á¤ÀǸ¦ µû¸¥´Ù. ¸¸¾à ÇÊ¿äÇÏ´Ù¸é, data ±¸Á¶´Â 4-byte alignment ÁöÅ°±âÀ§ÇÑ ¸í½ÃÀû padding À» Æ÷ÇÔÇÏ°í, data´Â ÆÄÀÏÀÇ ½ÃÀÛÁ¡À¸·Î ºÎÅÍ alignment¸¦ ¸ÂÃá´Ù. µîµî ¿©·¯°¡Áö Æí¸®ÇÔÀ» ÀÌÀ¯·Î, ELF´Â bit-field ¸¦ »ç¿ëÇÏÁö ¾Ê´Â´Ù. 1.4 Character Representation ¿©±â¼­´Â ELF ÀÇ ±âº» character Ç¥Çö°ú ½Ã½ºÅÛ°£ portable ÇÑ external fileÀ» À§ÇÑ Ç¥ÁØ character set ÀÇ »ç¿ë¿¡ ´ëÇÑ Á¤ÀǸ¦ ³»¸°´Ù. ´ëºÎºÐÀÇ external file format Àº character¸¦ »ç¿ëÇÏ¿© information À» Á¦¾îÇÑ´Ù. ÀÌ·¯ÇÑ single-byte characterµéÀº 7-bit ASCII character set À» »ç¿ëÇϰԵȴÙ. ASCII ¹®ÀÚµéÀ» ¿¹·Îµé¾î '\', '\n' µîÀ» 47°ú 10ÀÇ numerical value ¸¦ »ç¿ëÇÏ°Ô µÈ´Ù. 0~127 À» ¼öÄ¡¸¦ ³Ñ¾î¼± character value ¿¡ ´ëÇؼ­´Â ±×ÀÌ»óÀÇ ¹ÙÀÌÆ®¸¦ ´õ »ç¿ëÇÏ°Ô µÇ°í, ÀÌ¿¡µû¶ó character enconding À» ÇÏ°Ô µÈ´Ù. applicationÀº ÀڽŵéÀÇ character setÀ» ´Ù¸¥ language¿¡ ÀûÀýÇÏ°Ô character set È®ÀåÀ» »ç¿ëÇÏ¿© Á¦¾îÇÒ¼öµµ ÀÖ´Ù. ºñ·Ï TIS-conformance °¡ character set ¿¡ ´ëÇÑ Á¦ÇÑÀº ÇÏÁö ¾Ê´õ¶óµµ, ÀϹÝÀûÀ¸·Î ¸î°¡Áö simple guideline À» µû¸£°ÔµÈ´Ù. 7bit ASCII code´Â À§¿¡¼­ ¸»Çß´Ù½ÃÇÇ, ±×¸®°í ´ëºÎºÐ ¾Ë°í Àִ°Íó·³ 0~127 »çÀÌÀÇ °ª°ú ÀÏÄ¡ÇÏ°Ô µÈ´Ù. multibyte character ÀÇ °æ¿ì self-identifying À» ÇؾßÇÑ´Ù. ¿¹¸¦ µé¾î, ¾î¶² multibyte character°¡ ¾î¶² multibyte characterµé »çÀÌ¿¡ »ðÀԵDZâ À§Çؼ­´Â character interpretaion ¿¡ ¾î¶°ÇÑ º¯È­µµ À־´Â ¾ÈµÈ´Ù´Â ÀǹÌÀÌ´Ù. ÀÌ·¯ÇÑ ÁÖÀÇ°¡ ÇÊ¿äÇÑ ÀÌÀ¯´Â multilingual application ¿¡¼­ ¹®Á¦°¡ µÇ±â ¶§¹®ÀÌ´Ù. 1.5 ELF Header ¾î¶² object file control structure´Â ¼ºÀå°¡´ÉÇÏ´Ù. ¿Ö³Ä¸é ELF header´Â object file ÀÇ ½ÇÁ¦ Å©±â¸¦ Æ÷ÇÔÇϱ⠶§¹®ÀÌ´Ù. ¸¸¾à object file format ÀÌ ¹Ù²î¸é, ÇÁ·Î±×·¥Àº control structure °¡ Ä¿Áö°¡³ª º¸´Ù ÀÛ¾ÆÁú°ÍÀÌ´Ù. µû¶ó¼­ ÇÁ·Î±×·¥Àº ÀÌ·± "extra" information À» ¹«½ÃÇصµ µÈ´Ù. Figure 1-3. ELF Header ====================================================== #source : /linux/include/linux/elf.h #define EI_NIDENT 16 typedef struct { unsigned char e_ident[EI_NIDENT]; Elf32_Half e_type; Elf32_Half e_machine; Elf32_Word e_version; Elf32_Addr e_entry; Elf32_Off e_phoff; Elf32_Off e_shoff; Elf32_Word e_flags; Elf32_Half e_ehsize; Elf32_Half e_phentsize; Elf32_Half e_phnum; Elf32_Half e_shentsize; Elf32_Half e_shnum; Elf32_Half e_shstrndx; } Elf32_Ehdr; ¾ÕÀ¸·Î ³ª¿À´Â defineµÈ °ªÀº ÀÌ elf header ±¸Á¶Ã¼¿¡ °¢ º¯¼öµé¿¡ ´ëÇÑ °ªµé ÀÔ´Ï´Ù. ´«¿¡ È® Áý¾î ³Ö¾î¹ö¸³½Ã´Ù. ³ªÁß¿¡ °è¼Ó ÀÌ°É ºÁ¾ßÇÏ´Â ÀÏÀÌ ¸¹À»°Ì´Ï´Ù. ¿Ô´Ù°¬´Ù ÇϽñ⠱ÍÂúÀ»Å×´Ï... ;) ====================================================== - e_ident : e_ident ´Â file¿¡ initial byte·Î ¸¶Å·µÇ°í, ÆÄÀÏÀÇ contents¸¦ decode¿Íinterpret¸¦ ÅëÇØ machine-independant data¸¦ Á¦°øÇÏ´Â ¿ªÇÒÀ» ÇÑ´Ù. ¿ÏÀüÇÑ description Àº ¾Æ·¡ ELF Identification À» ÂüÁ¶¹Ù¶÷ - e_type : e_type Àº object file typeÀ» ½Äº°ÇÏ´Â ¿ªÇÒÀ» ÇÑ´Ù. =============================================== Name Value Meaning =============================================== ET_NONE 0 No file type ET_REL 1 Relocatable file ET_EXEC 2 Executable file ET_DYN 3 Shared object file ET_CORE 4 Core file ET_LOPROC 0xff00 Processor-specific ET_HIPROC 0xffff Processor-specific #source : /linux/include/linux/elf.h =============================================== ºñ·Ï core file contents ´Â unspecified À̱ä ÇÏÁö¸¸ type ET_CORE ´Â file ŸÀÔÀ» mark ÇϱâÀ§ÇØ ¿¹¾àµÇ¾î ÀÖ´Ù. ET_LOPROC·ÎºÎÅÍ ET_HIPROC ±îÁöÀÇ °ªÀº processor-specific semantics·Î ¿¹¾àµÇ¾î ÀÖ´Ù. ´Ù¸¥ °ªµéÀº new object file typeÀÇ ÇÒ´çÀ» À§ÇØ reserved »óÅÂÀÌ´Ù. HEXÆÄÀÏ ¿­¾î¼­ º¾½Ã´Ù. //////////////////////////////////by edward///////////////////////////////// #source : test1.c (À§¿¡¼­ ³ª¿ÔÀ½) #compile gcc -c test1.c #hex dump hexeditor test1.o #dumped screen File test1.o ASCII Offset : 0x00000000 / 0x000002E9 # unsigned char e_ident[16] 00000000 7F 45 4C 46 ............. .......... ........... .ELF........... # Elf32_Half e_type (2byte) 00000010 01 00 ..... ............. .......... ........... ............... #À¸·Î Ç¥±âµÈ ³»¿ëÀº Á¦°¡ Ãß°¡ÇÑ ³»¿ëÀÔ´Ï´Ù. Áö±Ý º¸¿©Áö°í ÀÖ´Â È­¸éÀº ASCII °ª À§ÁÖÀÇ HEX Ç¥ÇöÀÔ´Ï´Ù. µû¶ó¼­ LSB ŸÀÔÀ¸·Î Àо°¡¾ß °ÚÁÒ. Elf32_Half e_typeÀÎ 0x00000010 À¸·Î ½ÃÀÛÇÏ´Â µ¥ÀÌÅÍ°¡ 01 00 À¸·Î Ç¥ÇöµÇ¾î ÀÖÁö¸¸ ½ÇÁ¦´Â 0001 ÀÇ ÀǹÌÀÔ´Ï´Ù. hexeditor ÀÇ Ç¥ÇöÀ¸·Î º¸½Ã±â ½ÈÀ¸½Ã¸é, od -x test1.o ¶ó°í ŸÀÌÇÎ ÇϽøé LSB ŸÀÔÀ¸·Î Ãâ·ÂÀÌ µË´Ï´Ù. ¿©Æ° e_typeÀÇ 0001(ET_REL) À̹ǷΠÀÌ ÆÄÀÏÀº relocatable file À̶õ ÀǹÌÀÔ´Ï´Ù. ±×·¸´Ù¸é gcc -c test1.c ¶ó°í ÄÄÆÄÀÏ ÇÏÁö¸»°í, ¹Ù·Î -o ¿É¼ÇÀ» Á༭ ½ÇÇàÆÄÀÏÀ» ¸¸µé¾î º¼±î¿ä. # compile gcc -o test1 test1.c #hex dump hexeditor test1 #dumped screen File test1 ASCII Offset : 0x00000000 / 0x000002E9 # unsigned char e_ident[16] 00000000 7F 45 4C 46 ............. .......... ........... .ELF........... # Elf32_Half e_type (2byte) 00000010 02 00 ..... ............. .......... ........... ............... 00000010 02 00 À̶ó°í ³ª¿ÀÁÒ ÀÌ°É LSB Ç¥ÇöÀ¸·Î ¹Ù²Ù¸é, 0002 °¡ µË´Ï´Ù. od -x test1 À¸·Î Ãâ·ÂÇϼż­ º¸½Ã¸é ¾Æ¸¶ ±×·¸°Ô ³ª¿Ã°Ì´Ï´Ù. 0002(ET_EXEC) executable fileÀ̶õ ÀǹÌÁÒ. /////////////////////////////////////////////////////////////////////////////// - e_machine : e_machine Àº °³°³ÀÇ file¿¡ ¿ä±¸µÇ´Â ¾ÆÅ°ÅØÃĸ¦ Ç¥ÇöÇÑ´Ù. ================================================== Name Value Meaning ================================================== ET_NONE 0 No machine <-- ½ºÆåÀÌ À߸øµÈ°É±î¿ä. EM_NONE 0 No machine (ÀÌ°Ô ¸Â°ÚÁÒ. ¼Ò½º¸¦ ¿­¾î È®ÀÎÇغ¸½Ã±æ include/linux/elf.h) EM_M32 1 AT&T WE 32100 EM_SPARC 2 SPARC EM_386 3 Intel Architecture EM_68K 4 Motorola 68000 EM_88K 5 Motorola 88000 EM_860 7 Intel 80860 EM_MIPS 8 MIPS RS3000 Big-Endian EM_MIPS_RS4_BE 10 MIPS RS4000 Big-Endian RESERVED 11-16 Reserved for future use #source : /linux/include/linux/elf.h ================================================== ´Ù¸¥ °ªµéÀº new machineÀ» À§ÇØ reserved »óÅÂÀÌ´Ù. processor-specific ELF nameÀº Machine nameÀ¸·Î ±¸ºÐÇÑ´Ù. ¿¹¸¦µé¾î, WIDGET Ç÷¹±×´Â EF_XYZ machine Àº EF_XYZ_WIDGET À̶ó ºÒ¸°´Ù. À̰͵µ º¼±î¿ä. //////////////////////////////////by edward///////////////////////////////// #source : test1.c (À§¿¡¼­ ³ª¿ÔÀ½) #compile gcc -c test1.c #hex dump hexeditor test1.o #dumped screen File test1.o ASCII Offset : 0x00000000 / 0x000002E9 # unsigned char e_ident[16] 00000000 7F 45 4C 46 ............. .......... ........... .ELF........... # Elf32_Half e_machine (2byte) 00000010 .. .. 03 00 ............. .......... ........... ............... 03 00 À̸é 0003(EM_386) ÀÌ µÇ°ÚÁÒ. µû¶ó¼­ machine Àº Intel Architecture 386 °è¿­À̶õ Àǹ̸¦ °®½À´Ï´Ù. ÀÌÇØ°¡½ÃÁÒ. Å©·Î½º ÄÄÆÄÀÏÀ» ÇßÀ»°æ¿ì ¾î¶² °á°ú°¡ ³ª¿ÃÁö ±Ã±ÝÇϱäÇÏÁö¸¸ ¾Æ¸¶µµ ±× »ó´ë machine ¿¡ ¸Â´Â °ªÀÌ ³ª¿À°ÚÁÒ. ¾ÈÇغÁ¼­ ¸ð¸£°Ú½À´Ï´Ù. ½Ã°£³ª¸é Çغ¸µµ·Ï ÇÏÁÒ. /////////////////////////////////////////////////////////////////////////////// -e_version : e_version Àº object file version À» ½Äº°ÇÑ´Ù. ===================================== Name Value Meaning ===================================== EV_NONE 0 Invalid versionn EV_CURRENT 1 Current version ===================================== ========================================== #source : /linux/include/linux/elf.h #define EV_NONE 0 #define EV_CURRENT 1 #define EV_NUM 2 ========================================== e_version °ªÀÌ 1 À̸é original file formatÀ» ³ªÅ¸³»¸ç, extension ÇÑ °æ¿ì´Â ±× ÀÌ»óÀÇ number¸¦ °®°ÔµÈ´Ù. EV_CURRENT °ªÀº current version number¿¡ µû¶ó ¹Ý¿µµÇ°Ô µÇ¹Ç·Î ÇÊ¿ä¿¡ µû¶ó ¹Ù²î°Ô µÈ´Ù. À̰͵µ º¼±î¿ä. //////////////////////////////////by edward///////////////////////////////// #source : test1.c (À§¿¡¼­ ³ª¿ÔÀ½) #compile gcc -c test1.c #hex dump hexeditor test1.o #dumped screen File test1.o ASCII Offset : 0x00000000 / 0x000002E9 # unsigned char e_ident[16] 00000000 7F 45 4C 46 ........... .......... ........... .ELF........... # Elf32_Word e_version (4byte) 00000010 .. .. .. .. 01 00 00 00 .......... ........... ............... 4byte LSB ·Î ¸ÂÃ纸¸é 00000001(EV_CURRENT) ÀÌ µÇÁÒ. /////////////////////////////////////////////////////////////////////////////// - e_entry : e_entry ´Â ½Ã½ºÅÛÀÌ Ã³À½À¸·Î ½ÇÇàÇϱâÀ§ÇØ Á¦¾îÇØ¾ß ÇÒ virtual address¸¦ °®°ÔµÈ´Ù. =================================================================== ld .... -e main -e : ÇÁ·Î±×·¥ ½ÇÇà½Ã Á© óÀ½ ½ÃÀ۵Ǵ entry name ld ÀÇ entry point ÂüÁ¶ the `-e' entry command-line option; the ENTRY(symbol) command in a linker control script; the value of the symbol start, if present; the address of the first byte of the .text section, if present; The address 0. =================================================================== ¸¸¾à ÆÄÀÏ¿¡ ´ëÇÑ entry point ¸íÇÏÁö ¾Ê´Â´Ù¸é, zero °ªÀ¸·Î À¯ÁöµÈ´Ù. //////////////////////////////////by edward///////////////////////////////// #source : test1.c (À§¿¡¼­ ³ª¿ÔÀ½) #compile gcc -c test1.c #hex dump hexeditor test1.o #dumped screen File test1.o ASCII Offset : 0x00000000 / 0x000002E9 # unsigned char e_ident[16] 00000000 7F 45 4C 46 ........... ........... ........... .ELF........... # Elf32_Word e_entry (4byte) 00000010 .. .. .. .. .. .. .. .. 00 00 00 00 ........... ............... e_entry ´Â 00000000 À̳׿ä. entry point ¸¦ ¸í½ÃÇÏÁö ¾Ê¾Ò±â ¶§¹®ÀÌ°ÚÁÒ. ±×·³ ¸í½Ã¸¦ Çغ¼±î¿ä ? # linker ld -o test1 -e main test1.o # hex dump hexeditor test1 #dumped screen File test1.o ASCII Offset : 0x00000000 / 0x000002E9 # unsigned char e_ident[16] 00000000 7F 45 4C 46 ........... ........... ........... .ELF........... # Elf32_Word e_entry (4byte) 00000010 .. .. .. .. .. .. .. .. 74 80 04 08 ........... ............... Àú°É LSB Ç¥ÇöÀ¸·Î º¸¸é 08048074 °¡ µÇ°ÚÁÒ. ÀÌ°Ô entry point °ªÀ̶ó¸é map ÆÄÀÏÀ» ¿­¾î¼­ ºÁ¾ß°ÚÁÒ. # linker ld -o test1 -e main test1.o -M > test1.map # vi display vi test1.map # display screen ........... Linker script and memory map # ¿©±â´Â ld ¿¡¼­ -T linker script¸¦ ÀÌ¿ëÇØ ¸¸µç µ¥ÀÌÅÍ°¡ ³ª¿À°ÚÁÒ. ¿É¼ÇÀ» ÁÖÁö ¾Ê¾ÒÀ¸¹Ç·Î µ¥ÀÌÅÍ°¡ ¾ø½À´Ï´Ù. LOAD test.o 0x08048074 . = (0x8048000 + SIZEOF_HEADERS) ............ ¿çÄÉ ³ª¿ÀÁÒ ... test.o °¡ LOAD µÉ¶§ÀÇ entry point °ªÀÌ Àú±â ³ª¿À´Â±º¿ä. ±×·³ 8048Àº base , 0074°¡ SIZEOF_HEADERS ¸¦ ³ªÅ¸³»´Â±º¿ä. /////////////////////////////////////////////////////////////////////////////// - e_phoff : e_phoff ´Â program header tableÀÇ file offsetÀ» °®´Â´Ù. ¸¸¾à ÆÄÀÏÀÌ program header table À» °®°í ÀÖÁö ¾Ê´Ù¸é, °ªÀº 0 ÀÌ µÉ°ÍÀÌ´Ù. ================================================== #source : /linux/include/linux/elf.h typedef struct elf32_phdr{ Elf32_Word p_type; Elf32_Off p_offset; Elf32_Addr p_vaddr; Elf32_Addr p_paddr; Elf32_Word p_filesz; Elf32_Word p_memsz; Elf32_Word p_flags; Elf32_Word p_align; } Elf32_Phdr; ================================================== //////////////////////////////////by edward///////////////////////////////// #source : test1.c #compile gcc -c test1.c #hex dump hexeditor test1.o #dumped screen File test1.o ASCII Offset : 0x00000000 / 0x000002E9 # unsigned char e_ident[16] 00000000 7F 45 4C 46 ........... ........... ........... .ELF........... # Elf32_Word e_phoff (4byte) 00000010 .. .. .. .. .. .. .. .. .. .. .. .. 00 00 00 00 ............... ¿ª½Ã³ª relocatable file ÀÇ °æ¿ì program header table À» °®°í ÀÖÁö ¾Ê°í ±×°á°ú 0°ªÀ» °®°ÔµÈ´Ù. ±×·³ executable file À» ¿­¾îº¸ÀÚ. #compile gcc -o test1 test1.c #hex dump hexeditor test1 #dumped screen File test1.o ASCII Offset : 0x00000000 / 0x000002E9 # unsigned char e_ident[16] 00000000 7F 45 4C 46 ........... ........... ........... .ELF........... # Elf32_Word e_phoff (4byte) 00000010 .. .. .. .. .. .. .. .. .. .. .. .. 34 00 00 00 ............... 00000034 °ªÀÌ ³ª¿ÔÀ¸´Ï ÀÌ´Â ÆÄÀÏ¿¡¼­ program header tableÀÇ offset À» ¾Ë·ÁÁÖ´Â °ªÀÌ´Ù. ////////////////////////////////////////////////////////////////////// È®ÀÎÀÛ¾÷ ========================= by edward =================================== À§¿¡ test1.c ¼Ò½º°¡ ÀÖÁÒ À̳ðÀÇ program header ¸¦ º¼·Á¸é, objdump -p test1.o <-- relocatable file À̶ó°íÇÏ¸é ¾Æ¸¶ /////////////////////////////////////////////////////////////////////// #[object name] [file format] <-- #ó¸®µÈ ³»¿ëÀº »ðÀÔÇÑ ³»¿ëÀÔ´Ï´Ù. test : file format elf32-i386 /////////////////////////////////////////////////////////////////////// µîÀ¸·Î ¾Æ¹«·± Á¤º¸°¡ ³ª¿ÀÁö ¾ÊÀ»°Ì´Ï´Ù. ÇÏÁö¸¸ ld -o test1 -Ttext 0x0 -Tdata 0x1234 -e main test1.o -M > test1.map ¶ó°í entry point ¸¦ main À¸·Î ÁְԵǸé /////////////////////////////////////////////////////////////////////// #[object name] [file format] <-- #ó¸®µÈ ³»¿ëÀº »ðÀÔÇÑ ³»¿ëÀÔ´Ï´Ù. test : file format elf32-i386 # [ÇÁ·Î±×·¥ Çì´õ] Program Header: # [offset] [°¡»óÁÖ¼Ò] [ÇÁ·Î±×·¥ÁÖ¼Ò] LOAD off 0x00000074 vaddr 0x00000000 paddr 0x00000000 align 2**2 # [file size] [mem size] filesz 0x00000005 memsz 0x00000005 flags rwx # [°¡»óÁÖ¼Ò] [ÇÁ·Î±×·¥ÁÖ¼Ò] LOAD off 0x0000007c vaddr 0x00001234 paddr 0x00001234 align 2**2 # [file size] [mem size] filesz 0x00000004 memsz 0x00000004 flags rw- /////////////////////////////////////////////////////////////////////// ¿Í °°ÀÌ ³ª¿Ã°Ì´Ï´Ù. ¿©±â¼­ ¾Æ±î ld -M¿É¼ÇÀ¸·Î ÀÎÇØ »ý¼ºµÈ test1.map À» ¿­¾î¼­ Á© À­ºÎºÐ¿¡ º¸½Ã¸é ÀÌ·¸°Ô µÇ¾î ÀÖÀ»°Ì´Ï´Ù. vi test1.map /////////////////////////// map file ////////////////////////////////// ........... Linker script and memory map # ld ÀÇ -Ttext 0x0 -Tdata 0x1234 ·Î ÀÎÇØ Á¤ÀÇµÈ section ÁÖ¼Ò Address of section .text set to 0x0 Address of section .data set to 0x1234 LOAD test.o 0x08048074 . = (0x8048000 + SIZEOF_HEADERS) ............ /////////////////////////////////////////////////////////////////////// relocatable file À» ´ýÇÁÇغ¸´Ï program header table offetÀÌ ³ª¿ÀÁö ¾ÊÀ½À» ¾Ë¼ö ÀÖ½À´Ï´Ù. ÀÌÁ¦ executable file À» ´ýÇÁÇغ¼±î¿ä ... # compile gcc -o test1 test1.c # objdump objdump -p test1 | more # display screen /////////////////////////////////////////////////////////////////////// #[object name] [file format] <-- #ó¸®µÈ ³»¿ëÀº »ðÀÔÇÑ ³»¿ëÀÔ´Ï´Ù. test : file format elf32-i386 # [ÇÁ·Î±×·¥ Çì´õ] Program Header: # [offset] [°¡»óÁÖ¼Ò] [ÇÁ·Î±×·¥ÁÖ¼Ò] PHDR off 0x00000034 vaddr 0x08048034 paddr 0x08048034 align 2**2 # [file size] [mem size] filesz 0x000000c0 memsz 0x000000c0 flags r-x ...................................................... µîµî »ó´çÈ÷ ¸¹Àº Á¤º¸°¡ Ãâ·ÂµÈ´Ù /////////////////////////////////////////////////////////////////////// ¿©Æ° ÇÁ·Î±×·¥ Çì´õÀÇ offset Á¤º¸´Â ¿©±â±îÁö´Ù. PHDR off ÀÇ offset °ªÀº 0x00000034 ¶ó ÇÏ°í, À̸¦ virtual address ·Î ³ªÅ¸³»¸é 0x08048034 ¶Ç physical address ¶ÇÇÑ 0x08048034 ÀÓÀ» ¾Ë¼öÀÖ´Ù. # map ¿¡ ´ëÇØ ´õ ÀÚ¼¼È÷ ¾Ë±âÀ§Çؼ­´Â ¾Æ·¡ help¸¦ ÂüÁ¶Çϼ¼¿ä ... :) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~help~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SECTIONS { . = SIZEOF_HEADERS; .interp : { *(.interp) } :text :interp .text : { *(.text) } :text .rodata : { *(.rodata) } /* defaults to :text */ ... . = . + 0x1000; /* move to a new page in memory */ .data : { *(.data) } :data .dynamic : { *(.dynamic) } :data :dynamic ... } OVERLAY 0x1000 : AT (0x4000) { .text0 { o1/*.o(.text) } .text1 { o2/*.o(.text) } } .text0 0x1000 : AT (0x4000) { o1/*.o(.text) } __load_start_text0 = LOADADDR (.text0); __load_stop_text0 = LOADADDR (.text0) + SIZEOF (.text0); .text1 0x1000 : AT (0x4000 + SIZEOF (.text0)) { o2/*.o(.text) } __load_start_text1 = LOADADDR (.text1); __load_stop_text1 = LOADADDR (.text1) + SIZEOF (.text1); . = 0x1000 + MAX (SIZEOF (.text0), SIZEOF (.text1)); ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ÀÌ ³»¿ëÀº À§¿Í °°Àº ld ¸Å´º¾óÀ» ÂüÁ¶ÇÏ°í, ´ëÃæ ÀúÀÇ °¨À¸·Î ¶§·ÁÀâÀº ³»¿ëÀ̹ǷΠƲ·ÈÀ» °æ¿ì ¹«¾ùÀÌ Æ²·È´ÂÁö ¾Ë·ÁÁÖ¼¼¿ä. -_-;; Çسõ°íµµ È®ÀÎÀ» ¸øÇÏ´Â ¾î¸®¼®Àº ÀڷκÎÅÍ... _(__)_ ======================================================================== - e_shoff : e_shoff ´Â section header tableÀÇ file offsetÀ» °®´Â´Ù. ¸¸¾à fileÀÌ section header table À» °®°í ÀÖÁö ¾Ê´Ù¸é, ÀÌ °ªÀº 0 ÀÌ µÈ´Ù. //////////////////////////////////by edward///////////////////////////////// #source : test1.c #compile gcc -c test1.c #hex dump hexeditor test1.o #dumped screen File test1.o ASCII Offset : 0x00000000 / 0x000002E9 # unsigned char e_ident[16] 00000000 7F 45 4C 46 ........... ........... ........... .ELF........... 00000010 .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ............... # Elf32_Off e_shoff (4byte) 00000020 C0 00 00 00 ........... ........... ........... ............... relocatable fileÀÌ °®´Â section header table offset°ªÀº 0000000C ¸¦ ³ªÅ¸³½´Ù. executable fileÀÌ °®´Â section header table offset°ªÀº ¾î¶»°Ô µÉ±î #source : test1.c #compile gcc -o test1 test1.c #hex dump hexeditor test1 #dumped screen File test1 ASCII Offset : 0x00000000 / 0x00001266 # unsigned char e_ident[16] 00000000 7F 45 4C 46 ........... ........... ........... .ELF........... 00000010 .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ............... # Elf32_Off e_shoff (4byte) 00000020 98 07 00 00 ........... ........... ........... ............... executable fileÀÌ °®´Â section header table offset °ªÀº 00000798 À» ³ªÅ¸³½´Ù. //////////////////////////////////////////////////////////////////////////// - e_flags : e_flags ´Â processor-specific flag ÀÌ´Ù. flag ¸íÀº "EF_[machine]_flag" ·Î Á¤ÇØÁø´Ù. //////////////////////////////////by edward///////////////////////////////// #source : test1.c #compile gcc -c test1.c #hex dump hexeditor test1.o #dumped screen File test1.o ASCII Offset : 0x00000000 / 0x000002E9 # unsigned char e_ident[16] 00000000 7F 45 4C 46 ........... ........... ........... .ELF........... 00000010 .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ............... # Elf32_Off e_flags (4byte) 00000020 .. .. .. .. 00 00 00 00 ........... ........... ............... relocatable file ÀÇ °æ¿ì 00000000À» Ãâ·Â executable file ÀÇ °æ¿ìµµ ¸¶Âù°¡Áö´Ù. ////////////////////////////////////////////////////////////////////////////////// - e_ehsize e_ehsize ´Â ELF headerÀÇ size¸¦ ³ªÅ¸³½´Ù. //////////////////////////////////by edward///////////////////////////////// #hex dump hexeditor test1.o #dumped screen File test1.o ASCII Offset : 0x00000000 / 0x000002E9 # unsigned char e_ident[16] 00000000 7F 45 4C 46 ........... ........... ........... .ELF........... 00000010 .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ............... # Elf32_Half e_ehsize (2byte) 00000020 .. .. .. .. .. .. .. .. 34 00 .. .. ........... ............... #hex dump hexeditor test1 #dumped screen File test1 ASCII Offset : 0x00000000 / 0x00001266 # unsigned char e_ident[16] 00000000 7F 45 4C 46 ........... ........... ........... .ELF........... 00000010 .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ............... # Elf32_Off e_ehsize (4byte) 00000020 .. .. .. .. .. .. .. .. 34 00 .. .. ........... ............... relocatable file ÀÇ °æ¿ì 0034(decimal 52)À» Ãâ·ÂÇϸç, ÀÌ´Â elf header ±âº» »çÀÌÁî¿Í ÀÏÄ¡ÇÑ´Ù. executable file ÀÇ °æ¿ìµµ 0034¸¦ °®´Â´Ù. ////////////////////////////////////////////////////////////////////////////////// - e_phentsize : e_phentsize ´Â fileÀÇ program header table ¿£Æ®¸®ÀÇ Å©±â¸¦ ³ªÅ¸³½´Ù. ¸ðµç entryµéÀº Å©±â°¡ °°´Ù(?) //////////////////////////////////by edward///////////////////////////////// #hex dump hexeditor test1.o #dumped screen File test1.o ASCII Offset : 0x00000000 / 0x000002E9 # unsigned char e_ident[16] 00000000 7F 45 4C 46 ........... ........... ........... .ELF........... 00000010 .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ............... # Elf32_Half e_phentsize (2byte) 00000020 .. .. .. .. .. .. .. .. .. .. 00 00 .. .. .. .. ............... #hex dump hexeditor test1 #dumped screen File test1.o ASCII Offset : 0x00000000 / 0x00001226 # unsigned char e_ident[16] 00000000 7F 45 4C 46 ........... ........... ........... .ELF........... 00000010 .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ............... # Elf32_Off e_phentsize (2byte) 00000020 .. .. .. .. .. .. .. .. .. .. 20 00 .. .. .. .. ............... ÂüÁ¶ ================================================== #source : /linux/include/linux/elf.h typedef struct elf32_phdr{ Elf32_Word p_type; Elf32_Off p_offset; Elf32_Addr p_vaddr; Elf32_Addr p_paddr; Elf32_Word p_filesz; Elf32_Word p_memsz; Elf32_Word p_flags; Elf32_Word p_align; } Elf32_Phdr; ================================================== relocatable 0000, executable 0020(decimal value 32 == phdr) /////////////////////////////////////////////////////////////////////////////// - e_phnum : e_phnum ´Â program header table ÀÇ ¿£Æ®¸®ÀÇ ¼ö¸¦ ³ªÅ¸³½´Ù. µû¶ó¼­ e_phentsize¿Í e_phnumÀ¸ ¾Ë¸é table ÀÇ Å©±â¸¦ byte ·Î ³ªÅ¸³¾¼ö ÀÖ´Ù. ¸¸¾à file¿¡ program header table ÀÌ ¾ø´Ù¸é, e_phnum °ªÀº 0 ÀÌ µÈ´Ù. //////////////////////////////////by edward///////////////////////////////// #hex dump hexeditor test1.o #dumped screen File test1.o ASCII Offset : 0x00000000 / 0x000002E9 # unsigned char e_ident[16] 00000000 7F 45 4C 46 ........... ........... ........... .ELF........... 00000010 .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ............... # Elf32_Half e_phnum (2byte) 00000020 .. .. .. .. .. .. .. .. .. .. .. .. 00 00 .. .. ............... #hex dump hexeditor test1 #dumped screen File test1.o ASCII Offset : 0x00000000 / 0x000002E9 # unsigned char e_ident[16] 00000000 7F 45 4C 46 ........... ........... ........... .ELF........... 00000010 .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ............... # Elf32_Half e_phnum (2byte) 00000020 .. .. .. .. .. .. .. .. .. .. .. .. 02 00 .. .. ............... relocatable 0000(program header table ÀÌ ¾øÀ¸¹Ç·Î °ªÀÌ 0 ÀÌ µÈ´Ù.) executable 0002(program header table ÀÇ ¿£Æ®¸®ÀÇ ¼ö´Â 2 °¡ µÈ´Ù.) [È®ÀÎÀÛ¾÷] objdump -p test1.o <-- relocatable file program header table ÀÌ ¾øÀ¸¹Ç·Î ¾Æ¹«·± °ª Ãâ·ÂÀÌ ¾ø´Ù. objdump -p test1 <-- executable file [È­¸é Ãâ·Â] --------------------------------------------------------------------------- #[object name] [file format] <-- #ó¸®µÈ ³»¿ëÀº »ðÀÔÇÑ ³»¿ëÀÔ´Ï´Ù. test : file format elf32-i386 # [ÇÁ·Î±×·¥ Çì´õ] Program Header: LOAD off 0x00000074 vaddr 0x00000000 paddr 0x00000000 align 2**2 filesz 0x00000005 memsz 0x00000005 flags rwx LOAD off 0x0000007c vaddr 0x00001234 paddr 0x00001234 align 2**2 filesz 0x00000004 memsz 0x00000004 flags rw- --------------------------------------------------------------------------- /////////////////////////////////////////////////////////////////////////////// - e_shentsize : e_shentsize ´Â section headerÀÇ Å©±â¸¦ ¹ÙÀÌÆ®·Î ³ªÅ¸³½´Ù. //////////////////////////////////by edward///////////////////////////////// #hex dump hexeditor test1.o #dumped screen File test1.o ASCII Offset : 0x00000000 / 0x000002E9 # unsigned char e_ident[16] 00000000 7F 45 4C 46 ........... ........... ........... .ELF........... 00000010 .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ............... # Elf32_Half e_shentsize (2byte) 00000020 .. .. .. .. .. .. .. .. .. .. .. .. .. .. 28 00 ............... #hex dump hexeditor test1 #dumped screen File test1.o ASCII Offset : 0x00000000 / 0x000002E9 # unsigned char e_ident[16] 00000000 7F 45 4C 46 ........... ........... ........... .ELF........... 00000010 .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ............... # Elf32_Half e_shentsize (2byte) 00000020 .. .. .. .. .. .. .. .. .. .. .. .. .. .. 28 00 ............... ------------------------------------- #source : linux/include/linux/elf.h typedef struct { Elf32_Word sh_name; Elf32_Word sh_type; Elf32_Word sh_flags; Elf32_Addr sh_addr; Elf32_Off sh_offset; Elf32_Word sh_size; Elf32_Word sh_link; Elf32_Word sh_info; Elf32_Word sh_addralign; Elf32_Word sh_entsize; } Elf32_Shdr; ------------------------------------- relocatable 0028, executable 0028 section header size ´Â 0028, À§ÀÇ elf.h ¿¡ section header ±¸Á¶Ã¼¸¦ º¸¸é 40 byte °¡ µÈ´Ù. 0x0028 == 40 ÀÌ µÇÁÒ. section header ´Â relocatable À̳ª executable À̳ª °°ÀÌ Á¸ÀçÇϳª º¸±º¿ä. /////////////////////////////////////////////////////////////////////////////// - e_shnum : e_shnum ´Â section header tableÀÇ entry number¸¦ ³ªÅ¸³½´Ù. µû¶ó¼­ e_shentsize ¿Í e_shnum ·Î section header table ÀÇ size ¸¦ ¾Ë¼ö ÀÖ´Ù. ¸¸¾à ÆÄÀÏ¿¡ section header table ÀÌ ¾ø´Ù¸é, e_shnumÀÇ °ªÀº 0 ÀÌ µÈ´Ù. //////////////////////////////////by edward///////////////////////////////// #hex dump hexeditor test1.o #dumped screen File test1.o ASCII Offset : 0x00000000 / 0x000002E9 # unsigned char e_ident[16] 00000000 7F 45 4C 46 ........... ........... ........... .ELF........... 00000010 .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ............... 00000020 .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ............... # Elf32_Half e_shnum (2byte) 00000030 09 00 .. .. .. .. .. .. .. .. .. .. .. .. .. .. ............... #hex dump hexeditor test1 #dumped screen File test1.o ASCII Offset : 0x00000000 / 0x000002E9 # unsigned char e_ident[16] 00000000 7F 45 4C 46 ........... ........... ........... .ELF........... 00000010 .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ............... 00000020 .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ............... # Elf32_Half e_shnum (2byte) 00000030 0A 00 .. .. .. .. .. .. .. .. .. .. .. .. .. .. ............... relocatable 0009, executable 000A /////////////////////////////////////////////////////////////////////////////// - e_shstrndx : e_shstrndx ´Â entryÀÇ section header table index¿Í °ü·ÃµÈ section name string tableÀ» ³ªÅ¸³½´Ù. ¸¸¾à ÆÄÀÏÀÌ section name string table À» °®Áö ¾Ê´Â´Ù¸é, ÀÌ°ªÀº SHN_UNDEF °ªÀ» °®°Ô µÈ´Ù. ÀÌ¿¡ ´ëÇؼ­´Â ¾Æ·¡¿¡ ³ª¿Ã Sections ¿Í String Table ¿¡¼­ ´õ ÀÚ¼¼È÷ ¾Ë¾Æº¸ÀÚ //////////////////////////////////by edward///////////////////////////////// #hex dump hexeditor test1.o #dumped screen File test1.o ASCII Offset : 0x00000000 / 0x000002E9 # unsigned char e_ident[16] 00000000 7F 45 4C 46 ........... ........... ........... .ELF........... 00000010 .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ............... 00000020 .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ............... # Elf32_Half e_shstrndx (2byte) 00000030 .. .. 06 00 .. .. .. .. .. .. .. .. .. .. .. .. ............... #hex dump hexeditor test1 #dumped screen File test1 ASCII Offset : 0x00000000 / 0x000002E9 # unsigned char e_ident[16] 00000000 7F 45 4C 46 ........... ........... ........... .ELF........... 00000010 .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ............... 00000020 .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ............... # Elf32_Half e_shstrndx (2byte) 00000030 .. .. 07 00 .. .. .. .. .. .. .. .. .. .. .. .. ............... relocatable 0006, executable 0007 objdump -h test1.o 0 .text ............ ............ 1 .data ............ ............ 2 .bss ............ ............ 3 .note ............ ............ 4 .comment ............ ............ objdump -h test1 0 .text ............ ............ 1 .data ............ ............ 2 .sbss ............ ............ 3 .bss ............ ............ 4 .note ............ ............ 5 .comment ............ ............ ÀÚ¼¼ÇÑ ¼³¸íÀº Sections ¿Í String Table ¿¡¼­ °øºÎÇÑÈÄ ´Ù½Ã ¼öÁ¤ ÇÏ°Ú½À´Ï´Ù. /////////////////////////////////////////////////////////////////////////////// 1.6 ELF Identification À§¿¡¼­ ¾ð±ÞÇßµíÀÌ elf ´Â ´Ù¾çÇÑ processor,data encoding, machine µéÀ» Áö¿øÇϱâ À§ÇØ object file framework¸¦ Á¦°øÇÑ´Ù. ÀÌ object file family ¸¦ Áö¿øÇϱâ À§Çؼ­ fileÀÇ Ãʱ⠹ÙÀÌÆ®´Â ÀÌ ÆÄÀÏÀ» ¾î¶»°Ô interpret ÇÒ°ÍÀΰ¡ Çϴ°͵éÀ» ±¸Ã¼ÀûÀ¸·Î ³ªÅ¸³»°í, ÆÄÀÏÀÇ ³ª¸ÓÁö ³»¿ëÀº processor ¿¡ ´ëÇØ µ¶¸³ÀûÀÌ´Ù. ELF header ÀÇ Ãʱ⠹ÙÀÌÆ®´Â e_ident memberÀÇ index´Â ´ÙÀ½°ú °°´Ù. (¹è¿­ À妽º °°³×¿ä ...) Figure 1-3 Àç¹æ¼Û. ELF Header ====================================================== #source : /linux/include/linux/elf.h #define EI_NIDENT 16 typedef struct { unsigned char e_ident[EI_NIDENT]; Elf32_Half e_type; Elf32_Half e_machine; Elf32_Word e_version; Elf32_Addr e_entry; Elf32_Off e_phoff; Elf32_Off e_shoff; Elf32_Word e_flags; Elf32_Half e_ehsize; Elf32_Half e_phentsize; Elf32_Half e_phnum; Elf32_Half e_shentsize; Elf32_Half e_shnum; Elf32_Half e_shstrndx; } Elf32_Ehdr; ======================================================= Figure 1-4. e_ident[] Identification Indexes ========================================================= Name Value Purpose ========================================================= EI_MAG0 0 File identification EI_MAG1 1 File identification EI_MAG2 2 File identification EI_MAG3 3 File identification EI_CLASS 4 File class EI_DATA 5 Data encoding EI_VERSION 6 File version EI_PAD 7 Start of padding bytes EI_NIDENT 16 Size of e_ident[] ========================================================= ÀÌ indexµéÀº ´ÙÀ½ °ªµéÀ» °®°Ô µÈ´Ù. ÀÌ ¾Æ·¡ ³»¿ë µéÀº ÀÌ index ¿¡ ´ëÇÑ ¼³¸íÀÌ´Ù. - EI_MAG0 to EI_MAG3 : ÆÄÀÏÀÇ Ã¹ 4byte´Â ELF object fileÀÓÀ» ¾Ë·ÁÁÖ´Â magic number¸¦ °®°ÔµÈ´Ù. ================================================= Name Value Meaning ================================================= ELFMAG0 0x7f e_ident[EI_MAG0] ELFMAG1 ¡¯E¡¯ e_ident[EI_MAG1] ELFMAG2 ¡¯L¡¯ e_ident[EI_MAG2] ELFMAG3 ¡¯F¡¯ e_ident[EI_MAG3] ================================================= ////////////////////////by edward////////////////////////////////////////////// #source : test1.c (À§¿¡¼­ ³ª¿ÔÀ½) #compile gcc -c test1.c #hex dump hexeditor test1.o #dumped screen File test1.o ASCII Offset : 0x00000000 / 0x000002E9 00000000 7F 45 4C 46 ............. .......... ........... .ELF........... ´ëÃæ ÀÌ·¸°Ô ³ª¿ÀÁÒ ... À§ÀÇ 4byte°¡ e_ident array ÀÇ Ã¹ 4 byteÀÎ ELF MAGIC NUMBER ÀÔ´Ï´Ù. ±×·³ ELFMAG0´Â 0x7F ÀÌ°í 45´Â Decimal number ·Î ¹Ù²Ù¸é 69°¡ µÇÁÒ. 65ºÎÅÍ 'A' ´Ï±î 'E'´Â 69°ªÀÌ µÇÁÒ. 4C´Â 'L' 46Àº 'F' /////////////////////////////////////////////////////////////////////////////// - EI_CLASS : e_ident[EI_CLASS] ´Â ÆÄÀÏÀÇ class ¶Ç´Â capacity ¸¦ ¾Ë·ÁÁÖ°Ô µÈ´Ù. ================================================= Name Value Meaning ================================================= ELFCLASSNONE 0 Invalid class ELFCLASS32 1 32-bit objects ELFCLASS64 2 64-bit objects ================================================= % ½ºÆå¿¡´Â ºüÁ®ÀÖÁö¸¸ ELFCLASSNUM À̶õ°Íµµ ÀÖ±º¿ä. ¾Æ¸¶ ½ºÆåÀÌÈÄ¿¡ ÀçÁ¤ÀÇµÈ ELF ¶ó¼­ ±×·±°¡º¾´Ï´Ù. #define ELFCLASSNUM 3 ÆÄÀÏ Æ÷¸ËÀº ´Ù¾çÇÑ sizeÀÇ machine¿¡ ´ëÇØ portable ÇÏ°Ô µðÀÚÀÎ µÇ¾ú´Âµ¥, ÃÖ¼Ò sizeÀÇ machine ¿¡ ÃÖ´ë size¸¦ »ç¿ëÇÏÁö´Â ¾ÊÀ¸¸ç, Class ELFCLASS32 ´Â machineÀÇ file °ú virtual address space¸¦ ÃÖ´ë 4gb¸¦ Áö¿øÇÑ´Ù. ( ±âº» ŸÀÔ : ELFCLASS32 ) Class ELFCLASS ´Â ºÒ¿ÏÀüÇÏÁö¸¸ 64-bit architecture ¸¦ Áö¿øÇÑ´Ù. ´Ù¸¥ class µéÀº ÇÊ¿ä¿¡ µû¶ó object file data¸¦ À§ÇÑ ´Ù¸¥ basic type °ú size ¸¦ Á¤ÀÇÇÏ¸é µÈ´Ù. ¸Â´ÂÁö È®ÀÎÇغ¼±î¿ä ? ////////////////////////by edward////////////////////////////////////////////// #hex dump hexeditor test1.o #dumped screen File test1.o ASCII Offset : 0x00000000 / 0x000002E9 00000000 7F 45 4C 46 01 ........ .......... ........... .ELF........... ÀÌ·¸°Ô ³ª¿ÀÁÒ ... 5¹ø° byte´Â e_ident array ÀÇ 5¹ø° ¹ÙÀÌÆ®·Î 01 À» ³ªÅ¸³»°í ÀÖ±º¿ä. EI_CLASS(file class)´Â ELFCLASS32 ·Î 32-bit objects ÀÓÀ» ³ªÅ¸³À´Ï´Ù. /////////////////////////////////////////////////////////////////////////////// -EI_DATA : e_ident[EI_DATA]´Â object fileÀÇ processor-specific data·Î data encoding ÇÏ´Â ±â´ÉÀ» Á¦°øÇÑ´Ù. ================================================ Name Value Meaning ================================================ ELFDATANONE 0 Invalid data encoding ELFDATA2LSB 1 See below ELFDATA2MSB 2 See below ================================================ ´Ù¸¥ °ªµéÀº »õ·Î¿î encoding ¹æ¹ýÀÌ ÇÊ¿äÇÒ¶§¸¦ À§ÇØ reserved »óÅ·Π³²°ÜµÐ´Ù. ÆÄÀÏÀÇ data encodingÀº basic object °¡ ¾î¶»°Ô interpret ÇØ¾ß ÇÏ´ÂÁö¸¦ °áÁ¤ÇÑ´Ù. À§¿¡¼­ ¼­¼úÇÑ´ë·Î, class ELFCLASS32 ÆÄÀÏÀº 1,2 ±×¸®°í 4byte object¸¦ »ç¿ëÇÑ´Ù. ¾Æ·¡ Á¤ÀÇµÈ encoding Ç¥ÇöÀ» º¸´Â ¹æ¹ýÀº byte number´Â boxÀÇ ¿ÞÂÊ »ó´Ü ¸ð¼­¸®¿¡ Ç¥ÇöÇÏ°í data ´Â boxÀÇ Áß¾Ó¿¡ À§Ä¡ÇÑ´Ù. % object ? object ÆÄÀÏÀ̶ó´Â ³»¿ëÀ¸·Îµµ ³ª¿ÀÁö¸¸, Áö±ÝÀº data encoding type (1byte,2byte,4byte) ÀÌ·¯ÇÑ Çϳª Çϳª¸¦ object¶ó°í ºÎ¸£±âµµ ÇÑ´Ù. ¿©±â¼­ oop Ã¥¾²´Â ÀúÀÚµéÀÌ ÀÚÁÖ ¹üÇÏ´Â ½Ç¼ö¸¦ ¹Ýº¹ÇÏ°í ½ÍÁö¾Ê´Ù. ±×Àú object ·Î Ç¥Çö Çسõ¾ÒÀ¸´Ï... Àд ¿©·¯ºÐÀÌ ±×¶§ ±×¶§ »óȲÀ» º¸¾Æ ... Àß ÀÌÇØÇϱ⠹ٶõ´Ù. ¿Ö³Ä¸é ³»°¡ ½Ç¼ö·Î À߸øÇسõÀ¸¸é ¾È±×·¡µµ ¿À¿ªµé·Î ³ÑÃijª´Â ¹®¼­°¡ ¿©·¯ºÐ¿¡°Ô ÇÇÇظ¦ °¡Áß½ÃÅ°±â ¶§¹®ÀÌ´Ù. Figure 1-5. Data Encoding ELFDATA2LSB ================================================================= ------------ |0 | | | 0x01 | 01 | | | | | ------------ ------------------------ |0 |1 | | | | 0x0102 | 02 | 01 | | | | | | | ------------------------ ------------------------------------------------ |0 |1 |2 |3 | | | | | | 0x01020304 | 04 | 03 | 02 | 01 | | | | | | | | | | | ------------------------------------------------ ================================================================= ELFDATA2LSB´Â 2ÀÇ º¸¼ö°ª(2's complement values)¸¦ Ç¥ÇöÇϸç, Least Significant Byte ´Â lowest address¸¦ Â÷ÁöÇÏ°Ô µÊÀ» ¾Ë¼öÀÖ´Ù. Figure 1-6. Data Encoding ELFDATA2MSB ================================================================= ------------ |0 | | | 0x01 | 01 | | | | | ------------ ------------------------ |0 |1 | | | | 0x0102 | 01 | 02 | | | | | | | ------------------------ ------------------------------------------------ |0 |1 |2 |3 | | | | | | 0x01020304 | 01 | 02 | 03 | 04 | | | | | | | | | | | ------------------------------------------------ ================================================================= % ÀÌ·¯ÇÑ ½ÄÀ¸·Î ÀÌ·ç¾îÁø´Ù°í ÇÑ´Ù. -_-;; c calling convension ¹®¼­¸¦ º¸½Å ºÐµéÀº ¾Ë°ÚÁö¸¸ i386Àº ELFDATA1LSB¸¦ ÃëÇÑ´Ù. ¸Â³ª -_-;; ¸ÂÀ»°ÍÀÌ´Ù. ±×·¡µµ Àǽɽº·´´Ù¸é ... C ·Î ÇÁ·Î±×·¥À» ÀÛ¼ºÇÏ¿© ´ýÇÁÇغ¸ÀÚ. ////////////////////////by edward////////////////////////////////////////////// #hex dump hexeditor test1.o #dumped screen File test1.o ASCII Offset : 0x00000000 / 0x000002E9 00000000 7F 45 4C 46 01 01 .... .......... ........... .ELF........... 6¹ø° byte´Â e_ident array ÀÇ 6¹ø° ¹ÙÀÌÆ®·Î 01 À» ³ªÅ¸³»°í ÀÖ±º¿ä. EI_DATA(data encoding)´Â ELFDATA2LSB ¸¦ ³ªÅ¸³»´Â±º¿ä. /////////////////////////////////////////////////////////////////////////////// - EI_VERSION : e_ident[EI_VERSION]Àº ELF header version number¸¦ ³ªÅ¸³½´Ù. ÇöÀç ÀÌ°ªÀº EV_CURRENT °ªÀ» °®´Â´Ù. Àú À§¿¡¼­ ±Ü¾î¿ÔÀ½. ===================================== Name Value Meaning ===================================== EV_NONE 0 Invalid versionn EV_CURRENT 1 Current version ===================================== ////////////////////////by edward////////////////////////////////////////////// #hex dump hexeditor test1.o #dumped screen File test1.o ASCII Offset : 0x00000000 / 0x000002E9 00000000 7F 45 4C 46 01 01 01 .. .......... ........... .ELF........... 7¹ø° byte´Â e_ident array ÀÇ 7¹ø° ¹ÙÀÌÆ®·Î 01 À» ³ªÅ¸³»°í ÀÖ±º¿ä. EI_VERSION(file version)´Â EV_CURRENT ¸¦ ³ªÅ¸³»´Â±º¿ä. /////////////////////////////////////////////////////////////////////////////// - EI_PAD : EI_PAD°ªÀº »ç¿ëµÇÁö ¾Ê´Â ¹ÙÀÌÆ®ÀÇ ½ÃÀÛÁ¡À» Ç¥½ÃÇϸç, ÀÌ °ªÀº reserved »óÅÂÀ̸ç, 0 À¸·Î set µÇ¾îÀÖ´Ù. ÇÁ·Î±×·¥Àº object fileÀ» ÀÐÀ»¶§ ÀÌ °ªÀ» ¹«½ÃÇÑ´Ù. ±×¸®°í EI_PAD °ªÀº Áö±ÝÀº ¾È¾²Áö¸¸ ¾ÕÀ¸·Î´Â ¹Ù²î°Ô µÉ°ÍÀÌ´Ù. ////////////////////////by edward////////////////////////////////////////////// #hex dump hexeditor test1.o #dumped screen File test1.o ASCII Offset : 0x00000000 / 0x000002E9 00000000 7F 45 4C 46 01 01 01 00 .......... ........... .ELF........... 8¹ø° byte´Â e_ident array ÀÇ 8¹ø° ¹ÙÀÌÆ®·Î 00 À» ³ªÅ¸³»°í ÀÖ±º¿ä. EI_PAD(start of padding bytes)´Â 0¸¦ ³ªÅ¸³»´Â±º¿ä. /////////////////////////////////////////////////////////////////////////////// %Áö±Ý±îÁö elf ident(e_ident)¿¡ ´ëÇؼ­ º¸¾Ò½À´Ï´Ù. ´ëÃæ ¸Â´Â°Å °°ÁÒ... 1.7 Sections object fileÀÇ section header tableÀº ÆÄÀϳ»ÀÇ ¸ðµç sectionÀ» ÇÑ°÷¿¡ À§Ä¡½ÃŲ´Ù. ±×¸®°í section header tableÀº Elf32_Shdr ¶ó´Â ±¸Á¶¸¦ °®´Â´Ù. ============================================ # source : linux/include/linux/elf.h typedef struct { Elf32_Word sh_name; Elf32_Word sh_type; Elf32_Word sh_flags; Elf32_Addr sh_addr; Elf32_Off sh_offset; Elf32_Word sh_size; Elf32_Word sh_link; Elf32_Word sh_info; Elf32_Word sh_addralign; Elf32_Word sh_entsize; } Elf32_Shdr; % ¾Æ¹«Æ° ELF ´Â Âü °í¸¶¿î°Í °°´Ù. ¸®´ª½º Ä¿³Îó·³ À̸®Àú¸® ¿Ô´Ù°¬´Ù ÇÏÁö ¾Ê¾Æµµ µÇ°Ô ÇÑÆÄÀÏ¿¡ ´Ù Á¤¸®¸¦ ÇسõÀ¸´Ï ¾ó¸¶³ª ÁÁÀº°¡ ºÐ¼®ÇÏ´Â ÀÔÀå¿¡¼­ -_-;; ============================================ Figure 1-3 Àç¹æ¼Û2. ELF Header ====================================================== #source : /linux/include/linux/elf.h #define EI_NIDENT 16 typedef struct { unsigned char e_ident[EI_NIDENT]; Elf32_Half e_type; Elf32_Half e_machine; Elf32_Word e_version; Elf32_Addr e_entry; Elf32_Off e_phoff; Elf32_Off e_shoff; Elf32_Word e_flags; Elf32_Half e_ehsize; Elf32_Half e_phentsize; Elf32_Half e_phnum; Elf32_Half e_shentsize; Elf32_Half e_shnum; Elf32_Half e_shstrndx; } Elf32_Ehdr; ======================================================= section header table index ´Â ¾Æ·¡¿Í °°ÀÌ ¹è¿­µÇ¾î ÀÖ´Ù. ELF headerÀÇ e_shoff member´Â fileÀÇ ½ÃÀÛºÎÅÍ section header table ±îÁöÀÇ byte offset À» °®´Â´Ù. e_shnumÀº section header table ¿¡ ¸î°³ÀÇ entry °¡ Æ÷ÇԵǾî ÀÖ´ÂÁö ¾Ë·ÁÁÖ¸ç, e_shentsize ´Â °¢°¢ÀÇ entryÀÇ byte size¸¦ ³ªÅ¸³½´Ù. ¸î¸î section header table index´Â reserved »óÅÂÀÌ´Ù. object file Àº ÀÌ·¯ÇÑ special section index¸¦ À§ÇÑ sectionÀ» °®Áö ¾ÊÀ»°ÍÀÌ´Ù. Figure 1-7. Special Section Indexes ==================================================== Name Value ==================================================== SHN_UNDEF 0 SHN_LORESERVE 0xff00 SHN_LOPROC 0xff00 SHN_HIPROC 0xff1f SHN_ABS 0xfff1 SHN_COMMON 0xfff2 SHN_HIRESERVE 0xffff ==================================================== - SHN_UNDEF : ÀÌ °ªÀº undefined, missing, irrelevant ¶Ç´Â meaningless section reference ¿¡ ´ëÇØ ³ªÅ¸³½´Ù. ¿¹¸¦µé¾î , symbolÀÌ section number(SHN_UNDEF)·Î Á¤ÀǵǾú´Ù¸é undefined symbol ÀÌ´Ù. - SHN_LORESERVE : SHN_LORESERVE °ªÀº reserverd indexÀÇ ¹üÀ§Áß lower bound¸¦ Ç¥ÇöÇÑ´Ù. - SHN_LOPROC through SHN_HIPROC: ÀÌ °ªµéÀº processor-specific sematic À» À§ÇØ reserved µÇ¾îÀÖ´Â Æ÷°ýÀûÀÎ ¹üÀ§ÀÇ °ªÀÌ´Ù. - SHN_ABS : SHN_ABS °ªÀº corresponding reference¸¦ À§ÇÑ Àý´ë°ªÀ» ³ªÅ¸³½´Ù. ¿¹¸¦µé¾î, SHN_ABS Àý´ë°ªÀ» °®°í, relocation¿¡ ÀÇÇØ ¿µÇâÀ» ¹ÌÄ¡Áö ¾Ê´Â symbol Á¤ÀǸ¦ Ç¥ÇöÇÑ´Ù. - SHN_COMMON : SHN_COMMON Àº symbolÀÌ ¸¶Ä¡ FORTRAN_COMMON ¶Ç´Â ÇÒ´çµÇÁö ¾ÊÀº C external variable °°ÀÌ Á¤ÀǵÊÀ» ³ªÅ¸³½´Ù. - SHN_HIRESERVE : SHN_HIRESERVE °ªÀº reserved index ¹üÀ§ÀÇ upper bound °ªÀ» °®°ÔµÈ´Ù. ½Ã½ºÅÛÀº SHN_LORESERVE¿Í SHN_HIRESERVE»çÀÌ¿¡ index¸¦ reserveÇÑ´Ù. ÀÌ °ªÀº section header tableÀ» ÂüÁ¶ÇÏÁö ¾ÊÀ¸¸ç, ÀÌ´Â section header table ÀÌ reserved index¸¦ À§ÇÑ entry µéÀ» Æ÷ÇÔ ÇÏÁö ¾ÊÀ½À» ÀǹÌÇÑ´Ù. sectionÀº ELF header,program header table, section header tableÀ» Á¦¿ÜÇÑ object file ¿¡ ´ëÇÑ ¸ðµç Á¤º¸¸¦ Æ÷ÇÔÇÒ»Ó¸¸ ¾Æ´Ï¶ó, object fileÀÇ sectionµéÀº ¸î°¡Áö Á¶°ÇµéÀ» ÃæÁ·½ÃŲ´Ù. * object fileÀÇ ¸ðµç section µéÀº Á¤È®È÷ ÇϳªÀÇ section header·Î ¹¦»çµÈ´Ù. * °¢°¢ÀÇ section µéÀº ÆÄÀÏ ³»¿¡¼­ ¼øÂ÷ÀûÀ¸·Î À̾îÁø byte ÀÌ´Ù. * ÆÄÀϾȿ¡ sectionµéÀº Áߺ¹µÇÁö ¾Ê´Â´Ù. * Object file Àº inactive space ¸¦ °®´Â´Ù. section header ´Â ´ÙÀ½°ú °°Àº ±¸Á¶¸¦ °®´Â´Ù. Figure 1-8. Section Header ==================================== typedef struct { Elf32_Word sh_name; Elf32_Word sh_type; Elf32_Word sh_flags; Elf32_Addr sh_addr; Elf32_Off sh_offset; Elf32_Word sh_size; Elf32_Word sh_link; Elf32_Word sh_info; Elf32_Word sh_addralign; Elf32_Word sh_entsize; } Elf32_Shdr; ==================================== - sh_name : sh_nameÀº section nameÀ» °®´Â´Ù. Á¤È®È÷ ¸»Çϸé ÀÌ °ªÀº section header string table ¿¡ ´ëÇÑ index¸¦ °®´Â´Ù. - sh_type sh_typeÀº sectionÀÇ contents¿Í semantics·Î ºÐ·ùÇÑ´Ù. section type°ú type¿¡ ´ëÇÑ descriptionÀº ¾Æ·¡¿¡ ³ª¿Â´Ù. - sh_flags SectionµéÀº °®°¡Áö ¼Ó¼ºÀ» ¹¦»çÇÏ´Â 1-bit flag¸¦ Áö¿øÇÑ´Ù. flag¿¡ ´ëÇؼ­´Â ¾Æ·¡¿¡ ³ª¿Â´Ù. - sh_addr ¸¸¾à sectionÀÌ processÀÇ memory image¸¦ ³ªÅ¸³¾°ÍÀ̶ó¸é, sh_addr¿¡´Â sectionÀÇ Ã¹¹ø° byte ÁÖ¼Ò°¡ ÁÖ¾îÁö°í, ¾Æ´Ï¶ó¸é sh_addr¿¡´Â 0 °ªÀ» °®°ÔµÈ´Ù. - sh_offset sh_offsetÀº fileÀÇ ½ÃÀÛÁ¡¿¡¼­ ºÎÅÍ sectionÀÇ Ã¹¹ÙÀÌÆ® ±îÁöÀÇ byte offset °ªÀ» °®´Â´Ù. ¾Æ·¡¿¡ ¹¦»çµÈ SHT_NOBITS °°Àº ÇϳªÀÇ section typeÀº ÆÄÀÏ¿¡¼­ space¸¦ Â÷ÁöÇÏÁö ¾Ê´Â´Ù. - sh_size sh_size´Â sectionÀÇ size¸¦ byte·Î ³ªÅ¸³½´Ù. section typeÀÌ SHT_NOBITS°¡ ¾Æ´Ï¶ó¸é, section Àº ÆÄÀÏ¿¡¼­ sh_sizeÀÇ °ø°£À» °®°ÔµÈ´Ù. section typeÀÌ SHT_NOBITSÀÏ °æ¿ì non-zero size¸¦ °®°ÔµÇÁö¸¸, ±×°ÍÀÌ ÆÄÀϳ»¿¡¼­ °ø°£À» Â÷ÁöÇϴ°ÍÀº ¾Æ´Ï´Ù. (½ºÆå ÀÚüµµ ³Ê¹« Ãà¾àÇüÅ·Π¼³¸íÀ» ÇسõÀ¸´Ï ... ÀÏÀÏÀÌ ¹«½¼¸»ÀÎÁö È®ÀÎ ÀÛ¾÷À» ÇÏÁö ¾ÊÀ¸¸é ¾Ë¼ö°¡ ¾ø°Ú±º¿ä. ´ëÃ溸¸é °ªÀº 0ÀÌ ¾Æ´ÏÁö¸¸ 0ÀÌ ¾Æ´Ñ ´Ù¸¥°ªÀÌ ÆÄÀϳ»ÀÇ °ø°£À» Â÷ÁöÇÑ´Ù´Â Àǹ̰¡ ¾Æ´Ï¶õ°ÇÁö ...) - sh_link sh_link´Â section type¿¡ ÀÇÁ¸ÇÏ´Â interpretationÀ» À§ÇÑ section header table index link¸¦ °®´Â´Ù. - sh_info sh_info´Â section type¿¡ ÀÇÁ¸ÇÏ´Â interpretationÀ» À§ÇÑ extra informationÀ» °®´Â´Ù. - sh_addralign ¾î¶² sectionµéÀº address alignment »óŸ¦ °®´Â´Ù. ¿¹¸¦µé¾î, ÇÑ sectionÀÌ doubleword¸¦ °®´Â´Ù¸é, ½Ã½ºÅÛÀº Àüü sectionÀ» À§ÇØ doubleword alignment ¸¦ ÁöÅ°°Ô µÈ´Ù. sh_addr °ªÀº '0'°ú '2^¾çÀÇÁ¤¼ö' °ªÀ» °®°Ô µÈ´Ù. 0 °ú 1 ÀÇ Àǹ̴ sectionÀÌ alignment ´ëÇÑ Á¦¾àÀ» ¹ÞÁö ¾Ê´Â´Ù´Â ÀǹÌÀÌ´Ù. - sh_entsize ¾î¶² sectionµéÀº symbol table°ú °°Àº °íÁ¤µÈ Å©±âÀÇ table ¿£Æ®¸®µéÀ» °®´Â´Ù sh_entsize´Â ¾î¶² ÇÑ sectionÀ» À§ÇÑ °¢°¢ÀÇ entryÀÇ Å©±â¸¦ byte·Î ³ªÅ¸³½´Ù. ÀÌ °ªÀÌ 0À̶ó¸é, section Àº °íÁ¤µÈ Å©±âÀÇ table entryµéÀ» °®Áö ¾Ê´Â´Ù´Â °ÍÀÌ´Ù. section headerÀÇ sh_type °¡ ³ªÅ¸³»´Â section's semantics ============================================ Figure 1-9. Section Types, sh_type ============================================ Name Value SHT_NULL 0 SHT_PROGBITS 1 SHT_SYMTAB 2 SHT_STRTAB 3 SHT_RELA 4 SHT_HASH 5 SHT_DYNAMIC 6 SHT_NOTE 7 SHT_NOBITS 8 SHT_REL 9 SHT_SHLIB 10 SHT_DYNSYM 11 SHT_LOPROC 0x70000000 SHT_HIPROC 0x7fffffff SHT_LOUSER 0x80000000 SHT_HIUSER 0xffffffff ============================================ ////////////////////////////////by edward//////////////////////////////////// ELF MAP 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 # unsigned char e_ident[16] 00000000 MAG0 MAG1 MAG2 MAG3 CLASS DATA VERSION PAD .. .. .. .. NIDENT 00000010 [e_type ] [e_machine] [ e_version ] [ e_entry ] [ e_phoff ] 00000020 [ e_shoff ] [ e_flags ] [e_ehsize] [e_phentsize] [e_phnum][e_shentsize] 00000030 [e_shnum][e_shstrndx]