What is the memory region ?
Jacky
jackyclivia at 163.com
Thu Mar 7 09:08:55 EST 2013
Thanks Prabhunath!
The following is section header table:
==============================
readelf -S /bin/cat
There are 28 section headers, starting at offset 0xb260:
Section Headers:
[Nr] Name Type Addr Off Size ES Flg Lk Inf Al
[ 0] NULL 00000000 000000 000000 00 0 0 0
[ 1] .interp PROGBITS 08048154 000154 000013 00 A 0 0 1
[ 2] .note.ABI-tag NOTE 08048168 000168 000020 00 A 0 0 4
[ 3] .note.gnu.build-i NOTE 08048188 000188 000024 00 A 0 0 4
[ 4] .gnu.hash GNU_HASH 080481ac 0001ac 000044 04 A 5 0 4
[ 5] .dynsym DYNSYM 080481f0 0001f0 0004e0 10 A 6 1 4
[ 6] .dynstr STRTAB 080486d0 0006d0 000349 00 A 0 0 1
[ 7] .gnu.version VERSYM 08048a1a 000a1a 00009c 02 A 5 0 2
[ 8] .gnu.version_r VERNEED 08048ab8 000ab8 000090 00 A 6 1 4
[ 9] .rel.dyn REL 08048b48 000b48 000030 08 A 5 0 4
[10] .rel.plt REL 08048b78 000b78 000228 08 A 5 12 4
[11] .init PROGBITS 08048da0 000da0 000024 00 AX 0 0 4
[12] .plt PROGBITS 08048dd0 000dd0 000460 04 AX 0 0 16
[13] .text PROGBITS 08049230 001230 006f2c 00 AX 0 0 16
[14] .fini PROGBITS 0805015c 00815c 000015 00 AX 0 0 4
[15] .rodata PROGBITS 08050180 008180 000e86 00 A 0 0 32
[16] .eh_frame_hdr PROGBITS 08051008 009008 0002d4 00 A 0 0 4
[17] .eh_frame PROGBITS 080512dc 0092dc 000d30 00 A 0 0 4
[18] .init_array INIT_ARRAY 08053f04 00af04 000004 00 WA 0 0 4
[19] .fini_array FINI_ARRAY 08053f08 00af08 000004 00 WA 0 0 4
[20] .jcr PROGBITS 08053f0c 00af0c 000004 00 WA 0 0 4
[21] .dynamic DYNAMIC 08053f10 00af10 0000e8 08 WA 6 0 4
[22] .got PROGBITS 08053ff8 00aff8 000008 04 WA 0 0 4
[23] .got.plt PROGBITS 08054000 00b000 000120 04 WA 0 0 4
[24] .data PROGBITS 08054120 00b120 00003c 00 WA 0 0 4
[25] .bss NOBITS 08054160 00b15c 0005c4 00 WA 0 0 32
[26] .gnu_debuglink PROGBITS 00000000 00b15c 000008 00 0 0 1
[27] .shstrtab STRTAB 00000000 00b164 0000fc 00 0 0 1
Key to Flags:
W (write), A (alloc), X (execute), M (merge), S (strings)
I (info), L (link order), G (group), T (TLS), E (exclude), x (unknown)
O (extra OS processing required) o (OS specific), p (processor specific)
==============================
But, according the kernel elf loader :
linux-3.7.4/fs/binfmt_elf.c:
static int load_elf_binary(...)
{
...
for(i = 0, elf_ppnt = elf_phdata;
i < loc->elf_ex.e_phnum; i++, elf_ppnt++) {
...
if (elf_ppnt->p_type != PT_LOAD)
continue;
...
}
The kernel elf loader just load PT_LOAD segment, but GNU_RELRO is not PT_LOAD type ?
At 2013-03-07 18:53:46,"Prabhu nath" <gprabhunath at gmail.com> wrote:
Looks like they have added a new section GNU_RELRO in the later versions. The one you are referring is read-only section. It would be nice if you share the section header table.
Plz see inline
Regards,
Prabhunath G
Linux Trainer
Bangalore
On Thu, Mar 7, 2013 at 3:31 PM, Jacky <jackyclivia at 163.com> wrote:
Dear all,
This is the Program Header for "cat" info:
================================
readelf -l /bin/cat
...
Program Headers:
Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align
PHDR 0x000034 0x08048034 0x08048034 0x00120 0x00120 R E 0x4
INTERP 0x000154 0x08048154 0x08048154 0x00013 0x00013 R 0x1
[Requesting program interpreter: /lib/ld-linux.so.2]
LOAD 0x000000 0x08048000 0x08048000 0x0a00c 0x0a00c R E 0x1000
LOAD 0x00af04 0x08053f04 0x08053f04 0x00258 0x00820 RW 0x1000
DYNAMIC 0x00af10 0x08053f10 0x08053f10 0x000e8 0x000e8 RW 0x4
NOTE 0x000168 0x08048168 0x08048168 0x00044 0x00044 R 0x4
GNU_EH_FRAME 0x009008 0x08051008 0x08051008 0x002d4 0x002d4 R 0x4
GNU_STACK 0x000000 0x00000000 0x00000000 0x00000 0x00000 RW 0x4
GNU_RELRO 0x00af04 0x08053f04 0x08053f04 0x000fc 0x000fc R 0x1
==============================
So there are just 2 PT_LOAD segments. But why kernel maps 3 memory regions ? The following is the maps output:
Though the second PT_LOAD starts at the file offset 0xaf04, The first fc bytes belong to GNU_RELRO segment (The last entry in the Program Header). If you add af04 +fc you get afff. Looks like they have placed this section advertently in such a way that the actual DATA segment will start at the next virtual address page boundary 0x08054000. Thus the GNU_RELRO section with read-only permissions is placed in the separate virtual address region.
This is the result of the maps file you see below.
============================
cat /proc/self/maps
08048000-08053000 r-xp 00000000 08:01 261656 /bin/cat
08053000-08054000 r--p 0000a000 08:01 261656 /bin/cat
08054000-08055000 rw-p 0000b000 08:01 261656 /bin/cat
09b58000-09b79000 rw-p 00000000 00:00 0 [heap]
b75bd000-b75be000 rw-p 00000000 00:00 0
b75be000-b7761000 r-xp 00000000 08:01 523958 /lib/i386-linux-gnu/libc-2.15.so
...
==================
The above output, there are 3 memory regions for "/bin/cat", and what is the following segment:
08053000-08054000 r--p 0000a000 08:01 261656 /bin/cat
According the 'cat' program header, there is no "r" segment.
Regards,
Jacky
_______________________________________________
Kernelnewbies mailing list
Kernelnewbies at kernelnewbies.org
http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20130307/bda69c6c/attachment-0001.html
More information about the Kernelnewbies
mailing list