Understanding ELF using readelf and objdump
What is ELF? ELF (Executable and Linking Format) is file format that defines how an object file
is composed and organized. With this information, your kernel and the binary loader know how to
load the file, where to look for the code, where to look the initialized data, which shared library
that needs to be loaded and so on.
First of all, you should know about different kind of ELF object:
• Relocatable file: an object file that holds code and data suitable
for linking with other object files to create an executable or a
shared object file. In other word, you can say that relocatable
file is a foundation for creating executables and libraries.
This is kind of file you get if you compile a source code like this:
$ gcc -c test.c
That will produce test.o, which is a relocatable file.
Kernel module (either suffixed with .o or .ko) is also a form of
relocatable file.
• Executable file: object file that holds a program suitable for
execution. Yes, that means, your XMMS mp3 player, your vcd software
player, even your text editor are all ELF executable files.
This is also a familiar file if you compile a program:
$ gcc -o test test.c
After you make sure the executable bit of "test" is enabled, you
can execute it. The question is, what about shell script? Shell
script is NOT ELF executable, but the interpreter IS.
• Shared object file: This file holds code and data suitable for
linking in two contexts:
1. The link editor may process it with other relocatable and
shared object file to create another object file.
2. The dynamic linker combines it with an executable file and
other shared objects to create a process image.
In simple words, these are the files that you usually see with
剩余13页未读,继续阅读
资源评论
球爸
- 粉丝: 2
- 资源: 14
