Linux User-Space Elf Loader

Linux user-space ELF loader

A quick apt-cache search suggests libelf1, libelfg0 and/or libelfsh0. I think the elfsh program (in the namesake package) might be an interesting practical example of how to use libelfsh0.

I haven't tried any myself, but I hope they might be helpful. Good luck :-)

How does the ELF loader mmap sections smaller than a page size?

How does ELF load and mmap them?

The ELF loader doesn't look at, or cares about any sections. In fact section headers can be fully stripped, and the executable will continue to work just fine. Sections are used only at (static) link time.

What the loader does care about are segments. You can see segments (and mapping of sections to segments) with readelf -Wl a.out.

And yes: segments can have non-even page length. The loader doesn't care -- it simply performs mmap() (the kernel rounds the mapping up to whole page size).

See also this partially relevant answer.

how to load an ELF file all at once in linux?

You can have your program call mlockall() when it starts:

mlockall() locks all pages mapped into the address space of the calling process. This includes the pages of the code, data and stack segment, as well as shared libraries, user space kernel data, shared memory, and memory-mapped files. All mapped pages are guaranteed to be resident in RAM when the call returns successfully; the pages are guaranteed to stay in RAM until later unlocked.

Note that you have to be root for this, or have the CAP_IPC_LOCK capability, since ordinary user processes aren't allowed to forcibly hog physical memory this way.

Loading a non-relocatable, static ELF binary in userspace

Archimedes called "heureka" when he found that at a location can only be one object. If your ELF binary must be at one location because you can't rebuild it for another location you have to relocate the loader itself.

The non-relocatable ELF doesn't include enough Information to move it to a different address. You could probably write a decompiler that detects all address references in the code but it's not worth. You will have problems when you try to analyze data references like pointers stored in pre-initialized variables.

Rewrite the loader if you can't get the source code of you ELF binary or a relocatable version.

BTW: Archimedes heureka was deadly for the goldsmith who cheated. I hope it's not so expensive in your case.

Loading/unloading ELF sections on demand?

This is (very probably) already taken care of for you.

The real answer of course will be system-dependent, but in general, modern operating systems (and certainly Linux) use demand paging for executables, so no RAM will be actually allocated for sections of the ELF file you don't reference.


Related Topics

How to Remove All Special Characters in Linux Text

/Proc/$Pid/Maps Shows Pages with No Rwx Permissions on X86_64 Linux

Linux Serial Port Listener and Interpreter

How to Get the Physical Address from the Logical One in a Linux Kernel Module

Minimal Core Dump (Stack Trace + Current Frame Only)

How to Get Exit Status of a Shell Command Used in Gnu Makefile

How to Convert ".." in Path Names to Absolute Name in a Bash Script

One Command to Create and Change Directory

What Do the Counters in /Proc/[Pid]/Io Mean

How to Add Timestamp While Redirecting Stdout to File in Bash

Xvfb-Run on Os X

Using Sed to Remove a Block of Text

How to Find Binary Files in a Directory

How Secure Is Storing Password with Git

Command Not Found via Ssh with Single Command, Found After Connecting to Terminal

Meaning of Pid, Ppid and Tgid

Why Does Unix While Read Not Read Last Line

What Is There Behind a Symbolic Link


Leave a reply



Submit