Ciro Santilli's definition: softwareengineering.stackexchange.com/questions/151610/what-exactly-is-system-programming/399625#399625
Ciro's tutorial: Linux Kernel Module Cheat.
Ciro's word of caution for 2019 aspiring system programmers: Should you waste your life with systems programming?
This is basically a direct consequence of backward design.
The higher the level you can operate at, the better.
The ideal level to operate at, and one of humankind's greatest ambitions is "AGI, make me money", the highest possible level.
Only go down a level when it seems necessary.
Magic software that allows you to write a single program that runs on a wide range of hardware.
Bibliography:
Bare metal programming is to run a program without an operating system below it.
Or in other words, it is basically implementing an operating system/firmware yourself ad hoc, together with your actual program.
Zephyr is cool. Its installation setup is annoying. But the project is cool.
Real hardware is for newbs. Real hardware is for newbs.
Tested on Ubuntu 23.10 we approximately follow instructions from: docs.zephyrproject.org/3.4.0/develop/getting_started/index.html stopping before the "Flash the sample" section, as we don't flash QEMU. We just run it.
sudo apt install --no-install-recommends git cmake ninja-build gperf \
ccache dfu-util device-tree-compiler wget \
python3-dev python3-pip python3-setuptools python3-tk python3-wheel xz-utils file \
make gcc gcc-multilib g++-multilib libsdl2-dev libmagic1
python3 -m venv ~/zephyrproject/.venv
source ~/zephyrproject/.venv/bin/activate
pip install west
west init ~/zephyrproject
cd ~/zephyrproject
west update
west zephyr-export
cd ~
wget https://github.com/zephyrproject-rtos/sdk-ng/releases/download/v0.16.1/zephyr-sdk-0.16.1_linux-x86_64.tar.xz
tar xvf zephyr-sdk-0.16.1_linux-x86_64.tar.xz
cd zephyr-sdk-0.16.1
./setup.shThe installation procedure install all compiler toolchains for us, so we can then basically compile for any target. It also fetches the latest Git source code of Zephyr under:
~/zephyrproject/zephyrThe "most default" blinky hello world example which blinks an LED is a bit useless for us because QEMU doesn't have LEDs, so instead we are going to use one of the UART examples which will print characters we can see on QEMU stdout.
Let's start with the hello world example on an x86 target:
and it outputs:
The
cd ~/zephyrproject/zephyr
west build -b qemu_x86 samples/hello_world -t runHello World! qemu_x86qemu_x64 on the output comes from the CONFIG_BOARD macro github.com/zephyrproject-rtos/zephyr/blob/c15ff103001899ba0321b2c38013d1008584edc0/samples/hello_world/src/main.c#L11
#include <zephyr/kernel.h>
int main(void)
{
printk("Hello World! %s\n", CONFIG_BOARD);
return 0;
}The
qemu_x86 board is documented at: docs.zephyrproject.org/3.4.0/boards/x86/qemu_x86/doc/index.htmlYou can also first
cd into the directory that you want to build in to avoid typing samples/hello_world all the time:
cd ~/zephyrproject/zephyr/samples/hello_world
zephyr west build -b qemu_x86 -t runYou can also build and run separately with:
west build -b qemu_x86
west build -t runAnother important option is:
But note that it does not modify your
west build -t menuconfigprj.conf automatically for you.Let's try on another target:
and same output, but on a completely different board! The
rm -rf build
zephyr west build -b qemu_cortex_a53 -t runqemu_cortex_a53 board is documented at: docs.zephyrproject.org/3.4.0/boards/arm64/qemu_cortex_a53/doc/index.htmlThe list of all examples can be seen under:
which for example contains:
ls ~/zephyrproject/zephyr/sampleszephyrproject/zephyr/samples/hello_worldSo run another sample simply select it, e.g. to run
zephyrproject/zephyr/samples/synchronization:
west build -b qemu_cortex_a53 samples/synchronization -t runIt ain't perfect, but it's decent enough.
From a technical point of view, it can do anything that Microsoft Windows can. Except being forcefully installed on every non-MacOS 2019 computer you can buy.
Ciro Santilli's conversion to Linux happened around 2012, and was a central part of Ciro Santilli's Open Source Enlightenment, since it fundamentally enables the discovery and contribution to open source software. Because what awesome open source person would waste time porting their amazing projects to closed source OSes?
Ciro's modest nature can be seen as he likes to compare this event Buddha's Great Renunciation.
Linux should track glibc and POSIX command line utilities in-tree like BSD Operating System, otherwise people have no way to get the thing running in the first place without blobs or large out-of-tree scripts! Another enlightened soul who agrees.
Particularly interesting in the history of Linux is how it won out over the open competitors that were coming up in the time: MINIX (see the chat) and BSD Operating System that got legally bogged down at the critical growth moment.
You must watch this: truth Happens advertisement by Red Hat.
xkcd 619: Supported Features
. Source. This perfectly illustrates Linux development. First features that matter. Then useless features.Ciro Santilli has a tutorial at Linux Kernel Module Cheat.
The fact that this foundation has a bunch of paid, closed, certification courses makes Ciro Santilli not respect them at all. They should be making open access content instead!
Documents the Linux kernel. Somewhat of a competitor to Linux Kernel Module Cheat, but more wordy and less automated.
- stackoverflow.com/questions/11408041/how-to-debug-the-linux-kernel-with-gdb-and-qemu/33203642#33203642 How to debug the Linux kernel with GDB and QEMU?
- cirosantilli.com/linux-kernel-module-cheat/gdb
As of 2020, no one knows how to build the major desktop distros fully from source into the ISO, and especially so in a reproducible build way. Everything is done in build servers somewhere with complicated layers of prebuilds. It's crap.
No:
merlijn.sebrechts.be/blog/2020-08-02-why-one-snap-store/ has some very good comments on how
snap is more closed than Flatpak.Snap's permission system is extremely annoying, notably restricting access to home files. They need a popup that says "permission required by app, accept?" urgently!!!
- the best full featured free OS we have today, since POSIX gave up short of any UI specification, and Chrome OS is not there yet
- usable and likely efficient Java API for apps if Oracle doesn't manage to destroy it with its lawsuit
However, many, many, many terrible horrors come with it:
- it hasn't made the move to desktop for too many years. It could destroy Microsoft Windows and replace it with open source, but they just won't budge towards an unified mobile/desktop setup.
- vendors litter it with uninstallable bloatware that should be illegal. European Union to the rescue!!! www.cnbc.com/2020/12/15/digital-markets-act-eus-new-rules-on-big-tech.html
- vendors lock down devices so it is very hard to get sudo, let alone to modify their images!
- there isn't enough hardware standardization for open source distros to thrive like on desktop
- code drops mean that "master" is useless and trying to contribute from outside vendors' closed walls is a waste of time: stackoverflow.com/questions/1809774/how-to-compile-the-android-aosp-kernel-and-test-it-with-the-android-emulator/48310014#48310014
- if you ever go below the Java API, e.g. to C++ or AOSP build, everything is horrendous and undocumented
- Google doesn't care about the CLI, even the hello world requires creating infinite out-of-control boilerplate from a GUI: stackoverflow.com/questions/20801042/how-to-create-android-project-with-gradle-from-command-line/46994747#46994747
- the boot is uber bloated and takes forever in cycle simulators
The video folder is
DCIM/Camera.Respect. Big respect. Those people are hardcore from scratch hackers, and their wiki is amazing: wiki.archlinux.org/
It's just that Buildroot is more hardcore ;-)
But can you build the ISO full from source: Linux distribution buildable from source
The basis for Linux Kernel Module Cheat.
Buildroot is good.
This thing is sexy.
Ciro Santilli's Linux distro of choice as of 2019.
It ain't perfect, but it's decent enough.
The greatest advantage of it being that it has the likely largest desktop user base, and therefore the highest likelihood that your problems are solved on Ask Ubuntu, and goes together with Ciro's philosophy that "people should do everything in the same way to factor stuff out", especially the open source losers.
Ciro considers that the killer flaw of Ubuntu, and most desktop distros of 2020, is that no one under the Sun knows how to build them fully from source: Linux distribution buildable from source. This is why Ciro based the Linux Kernel Module Cheat on Buildroot, see also: Linux distribution buildable from source.
On Ubuntu 23.10, a crash led to the creation of:After that simply running apport-cli as: led to the creation of: bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/2049368 a bug on the
/var/crash/_usr_bin_gnome-shell.1000.crashapport-cli gnome-shellgnome-shell package.Their crash system does not have an amazing user interface.
Tested on Ubuntu 21.10.
After something crashes, look under
/var/crash for a crash file, which helps to determine which package to report under on Launchpad.E.g. a file
/var/crash/_usr_sbin_gdm3.0.crash makes you want to file the bug under gdm at: bugs.launchpad.net/ubuntu/+source/gdm/+filebugThen, while reporting the bug, you want to give the developpers access to that
Ubuntu's crash report system has already uploaded the
.crash file. But you can't publicly upload it because it contains memory dumps and could contain secret information. The way to do it is to look at the ID under:
sudo cat /var/crash/_usr_sbin_gdm3.0.uploaded.crash for you, so you just have to confirm it and give the ID on the ticket.You can view a list of all your uploaded errors at:
and each of those contain a link to:
which you yourself cannot see.
xdg-open https://errors.ubuntu.com/user/$(sudo cat /var/lib/whoopsie/whoopsie-id)https://errors.ubuntu.com/oops/<.uloaded error id>askubuntu.com/questions/434431/how-can-i-read-a-crash-file-from-var-crash asks how to read the
.crash files.Running:
splits it up into a few files, but does not make any major improvements.
sudo apport-unpack /var/crash/_usr_sbin_gdm3.0.crash /tmp/appapport-retrace
sudo apt install apport-retrace
sudo chmod 666 /var/crash/_usr_sbin_gdm3.0.crash
apport-retrace -g /var/crash/_usr_sbin_gdm3.0.crashTried:
but then
echo "deb http://ddebs.ubuntu.com $(lsb_release -cs) main restricted universe multiverse" | sudo tee -a /etc/apt/sources.list.d/ddebs.list
echo -e "deb http://ddebs.ubuntu.com $(lsb_release -cs)-updates main restricted universe multiverse\ndeb http://ddebs.ubuntu.com $(lsb_release -cs)-proposed main restricted universe multiverse" | sudo tee -a /etc/apt/sources.list.d/ddebs.list
sudo apt install ubuntu-dbgsym-keyringsudo apt update fails with:
E: The repository 'http://ddebs.ubuntu.com impish-security Release' does not have a Release file.Ciro Santilli reproduced on Dell Inspiron 15 3520 with factory defaults. This bug prevents "wipe windows" installation without workarounds, one of which is to disable encryption in Windows.
Happens at startup without doing anything, and then keeps happening randomly infinitely many times... on a almost clean 24.04 ISO install on Dell Inspiron 15 3520... God how can it be so bad.
Viewing the apport issue a bit further shows title:
nautilus crashed with sigabrt in g_assertion_message_exprPossibly related:
- www.reddit.com/r/Ubuntu/comments/1ce1027/2404_is_a_terrible_release/
- bugs.launchpad.net/ubuntu/+source/nautilus/+bug/1795210
- bugs.launchpad.net/ubuntu/+source/nautilus/+bug/1823529
- askubuntu.com/questions/1406294/nautilus-keeps-crashing-in-22-04
- superuser.com/questions/42068/application-are-closed-down-unexpectedly-under-ubuntu
- ubuntuforums.org/showthread.php?t=2466502
- x.com/cirosantilli/status/1792792620323967227
Had this happen on P14s on Ubuntu 23.10 while causally using Chromium. The screen went blank for a few seconds, but it apparently managed to reboot itself, and things started working again, except that and most windows were killed:It appears to be a bug in the AMDGPU open source driver.
[drm:gfx_v11_0_priv_reg_irq [amdgpu]] *ERROR* Illegal register access in command stream
[drm:amdgpu_job_timedout [amdgpu]] *ERROR* ring gfx_0.0.0 timeout, signaled seq=5774109, emitted seq=5774111
[drm:amdgpu_job_timedout [amdgpu]] *ERROR* Process information: process chrome pid 14023 thread chrome:cs0 pid 14087
amdgpu 0000:64:00.0: amdgpu: GPU reset begin!
[drm:mes_v11_0_submit_pkt_and_poll_completion.constprop.0 [amdgpu]] *ERROR* MES failed to response msg=3
[drm:amdgpu_mes_unmap_legacy_queue [amdgpu]] *ERROR* failed to unmap legacy queue
[drm:mes_v11_0_submit_pkt_and_poll_completion.constprop.0 [amdgpu]] *ERROR* MES failed to response msg=3
[drm:amdgpu_mes_unmap_legacy_queue [amdgpu]] *ERROR* failed to unmap legacy queue
[drm:mes_v11_0_submit_pkt_and_poll_completion.constprop.0 [amdgpu]] *ERROR* MES failed to response msg=3
[drm:amdgpu_mes_unmap_legacy_queue [amdgpu]] *ERROR* failed to unmap legacy queue
[drm:mes_v11_0_submit_pkt_and_poll_completion.constprop.0 [amdgpu]] *ERROR* MES failed to response msg=3
[drm:amdgpu_mes_unmap_legacy_queue [amdgpu]] *ERROR* failed to unmap legacy queue
[drm:mes_v11_0_submit_pkt_and_poll_completion.constprop.0 [amdgpu]] *ERROR* MES failed to response msg=3
[drm:amdgpu_mes_unmap_legacy_queue [amdgpu]] *ERROR* failed to unmap legacy queue
[drm:mes_v11_0_submit_pkt_and_poll_completion.constprop.0 [amdgpu]] *ERROR* MES failed to response msg=3
[drm:amdgpu_mes_unmap_legacy_queue [amdgpu]] *ERROR* failed to unmap legacy queue
[drm:mes_v11_0_submit_pkt_and_poll_completion.constprop.0 [amdgpu]] *ERROR* MES failed to response msg=3
[drm:amdgpu_mes_unmap_legacy_queue [amdgpu]] *ERROR* failed to unmap legacy queue
[drm:mes_v11_0_submit_pkt_and_poll_completion.constprop.0 [amdgpu]] *ERROR* MES failed to response msg=3
[drm:amdgpu_mes_unmap_legacy_queue [amdgpu]] *ERROR* failed to unmap legacy queue
[drm:mes_v11_0_submit_pkt_and_poll_completion.constprop.0 [amdgpu]] *ERROR* MES failed to response msg=3
[drm:amdgpu_mes_unmap_legacy_queue [amdgpu]] *ERROR* failed to unmap legacy queue
[drm:gfx_v11_0_cp_gfx_enable.isra.0 [amdgpu]] *ERROR* failed to halt cp gfx
Dec 27 15:03:38 ciro-p14s kernel: amdgpu 0000:64:00.0: amdgpu: MODE2 reset
Dec 27 15:03:38 ciro-p14s kernel: amdgpu 0000:64:00.0: amdgpu: GPU reset succeeded, trying to resume
Dec 27 15:03:38 ciro-p14s kernel: [drm] PCIE GART of 512M enabled (table at 0x0000008000900Related reports:
I think this was on Wayland. Possibly relatd but on X Window System, crashed the UI, showed message "oh no! Something has gone wrong."
2024-01-13_21-55-07@ciro@ciro-p14s$ cat /var/log/apport.log
ERROR: apport (pid 975172) 2024-01-13 21:41:02,087: host pid 3528 crashed in a separate mount namespace, ignoring
INFO: apport (pid 975227) 2024-01-13 21:41:02,398: called for pid 2728, signal 5, core limit 0, dump mode 1
INFO: apport (pid 975227) 2024-01-13 21:41:02,401: executable: /usr/bin/gnome-shell (command line "/usr/bin/gnome-shell")
INFO: apport (pid 975227) 2024-01-13 21:41:12,667: wrote report /var/crash/_usr_bin_gnome-shell.1000.crashHappened on P14s on Ubuntu 23.10, which started with fresh Ubuntu 23.10 install.
However it did not happen on Lenovo ThinkPad P51 (2017) also on Ubuntu 23.10 which had been upgraded several times from God knows what starting point... At first one had X11 (forced by Nvidia drivers) and the other Wayland, but moving to p14s X11 changed nothing.
Both were running GNOME Display Manager.
Same happens with Super + L, but also CLI commands: askubuntu.com/questions/7776/how-do-i-lock-the-desktop-screen-via-command-line
Bibliography:
- askubuntu.com/questions/1242110/after-upgrading-to-ubuntu-20-04-lockscreen-not-working canon
- askubuntu.com/questions/1246622/ubuntu-20-04-unable-to-lock-screen
- askubuntu.com/questions/1245071/cant-lock-screen-with-shortcut-on-ubuntu-20-04-gnome
- askubuntu.com/questions/1248756/super-l-not-working-on-ubuntu-20-04
Switching to the other installed kernel, 5.9 made boot work.
The solution on kernel 6.2 was:
as per comments under: bugs.launchpad.net/ubuntu/+source/linux/+bug/2012559. This also made the nvidia driver work: Find GPU information in Ubuntu.
sudo apt instal nvidia-driver-515Previously I had:
and it blew up before reaching disk decryption.
nvidia-driver-510I also tried:
but that broke in a different way:
nvidia-driver-525Finished apport-autoreport.service - Process error reports when automatic reporting is enabled.
nvidia-modeset: ERROR: GPU:0: Idling display engine timed out: 0x0000947d:0:0:407
(1 of 2) Job systemd-backlight@backlight: nvidia_e.service/start running (32s no limit)Some threads:
Happening multiple times a day on Ubuntu 22.04 for Chromium, even though I turn computer on and off daily, unbearable:
- askubuntu.com/questions/1412575/pending-update-of-snap-store
- askubuntu.com/questions/1412140/pending-update-of-firefox-snap-close-the-app-to-avoid-disruptions
- forum.snapcraft.io/t/how-to-disable-snapd-update-notifications-permanently/31117 Settings > Notifications > Snapd User Session Agent
- www.reddit.com/r/Ubuntu/comments/v1s919/disable_pending_update_of_snap_message_kiosk/
- forum.snapcraft.io/t/refresh-app-awareness-call-for-testing/29123
GDM crashes sometimes when switching windows right after opening a new window: bugs.launchpad.net/ubuntu/+source/gdm/+bug/1956299
Please refer to Video "Linus Torvalds saying "Nvidia Fuck You" (2012)".
Does not happen every time, only some times. Can't figure out why. Usually happens when has suspended for a longer time.
bugs.launchpad.net/ubuntu/+source/nvidia-graphics-drivers-470/+bug/1946303 sounds like a likely report, Nvidia driver version 470, but can't find those error messages anywhere. The last line of:
once was:
which is when sleep starts.
journalctl -o short-precise -k -b -1PM: suspend entry (deep)This suggests that it is not a video bug then, seems that it is not waking up at all? Gotta try to SSH into it. OK. I did SSH into it, and that was fine, so it is just the video that won't start.
PM: suspend exitbugs.launchpad.net/ubuntu/+source/linux/+bug/1949977 is another possible bug, based on kernel version. I'm running 5.13, which is one of the failing versions on the report. Can't find any interesting dmesg though.
In another crash:
had the following interesting lines:
and there was a corresponding
journalctl -o short-precise -k -b -1nvidia-modeset: WARNING: GPU:0: Lost display notification (0:0x00000000); continuing.
[24307.640014] NVRM: GPU at PCI:0000:01:00: GPU-18af74bb-7c72-ff70-e447-87d48378ea20
[24307.640018] NVRM: Xid (PCI:0000:01:00): 79, pid=8828, GPU has fallen off the bus.
[24307.640021] NVRM: GPU 0000:01:00.0: GPU has fallen off the bus.
[24328.054022] nvidia-modeset: ERROR: GPU:0: The requested configuration of display devices (LGD (DP-4)) is not supported on this GPU.
[repeats several more times]
[24328.056767] nvidia-modeset: ERROR: GPU:0: The requested configuration of display devices (LGD (DP-4)) is not supported on this GPU.
[24328.056951] nvidia-modeset: ERROR: GPU:0: Failed to query display engine channel state: 0x0000927c:0:0:0x0000000f
[24328.056955] nvidia-modeset: ERROR: GPU:0: Failed to query display engine channel state: 0x0000927c:1:0:0x0000000f
[24328.056959] nvidia-modeset: ERROR: GPU:0: Failed to query display engine channel state: 0x0000927c:2:0:0x0000000f
[24328.056962] nvidia-modeset: ERROR: GPU:0: Failed to query display engine channel state: 0x0000927c:3:0:0x0000000f
[24328.056983] nvidia-modeset: ERROR: GPU:0: DP-4: Failed to disable DisplayPort audio stream-0
[24328.056992] nvidia-modeset: ERROR: GPU:0: Failed to query display engine channel state: 0x0000947d:0:0:0x0000000f/var/crash/_usr_sbin_gdm3.0.crash.Related "GPU has fallen off the bus": askubuntu.com/questions/868321/gpu-has-fallen-off-the-bus-nvidia
Sometimes it just feels like Ubuntu devs don't actually use Ubuntu as a desktop.
Some extremelly anoying problems are introduced and just never get fixed, even though they feel so obvious!
Would never happen on Mac...
This BS started after the move to ZFS. The temporary solution appears to be: askubuntu.com/questions/1293685/out-of-space-on-boot-zpool-and-cant-run-updates-anymore/1374204#1374204
And then this to disable automatic snapshots in the future: askubuntu.com/questions/1233049/disable-automatic-zsys-snapshots-zfs-on-root/1279593#1279593
sudo mv /etc/apt/apt.conf.d/90_zsys_system_autosnapshot /etc/apt/apt.conf.d/90_zsys_system_autosnapshot.disabledGod, this is so annoying:
This has annoyed Ciro Santilli for many years, it is just too wasteful of screen space on laptops!
Or likely more generally, on GNOME desktop, which is the default desktop environment as of Ubuntu 22.10.
Issues:
Legal issues stalled them at the turning point of the Internet, and Linux won. Can't change history.
Did Apple just fork it and made Mac OS X without giving anything back?
The real explanation: stackoverflow.com/questions/1780599/what-is-the-meaning-of-posix/31865755#31865755
Non-POSIX only here.
If you are a programmer,
grep becomes a verb: "to grep" means "to search text files", much like "to Google" means "to search random stuff online".This is a weak point of grep, it can't handle large lines that don't fit fully into memory:
- superuser.com/questions/1703029/is-there-a-limit-for-a-line-length-for-grep-command-to-process-correctly what is the grep line limit?
- unix.stackexchange.com/questions/223078/best-way-to-grep-big-binary-file/758528#758528 Ciro's
bgrepcanon - large not required but mentioning bgrep anyways:
- superuser.com/questions/1368263/use-grep-for-a-long-line-to-get-the-part-of-the-line/1811969#1811969
- unix.stackexchange.com/questions/217936/equivalent-command-to-grep-binary-files/758544#758544
- stackoverflow.com/questions/2034799/how-to-truncate-long-matching-lines-returned-by-grep-or-ack/77263826#77263826
- stackoverflow.com/questions/9988379/how-to-grep-a-text-file-which-contains-some-binary-data leaving this one alone for now
- stackoverflow.com/questions/65674717/how-to-check-if-a-binary-file-is-contained-inside-another-binary-from-the-linux search pattern from file
Getting started tutorial: unix.stackexchange.com/questions/223078/best-way-to-grep-a-big-binary-file/758528#758528
The OS that the Gods ordered be made.
One is reminded of Ulillillia, see also: www.youtube.com/watch?v=9-79yOZ13qg The Story of Ulillillia by Atrocity Guide (2019)
We are all somewhere in the spectrum.
For a quick and dirty introduction to the format, see: ELF Hello World Tutorial.
Introductory analysis of a simple example of the executable and Linkable Format.
Extracted from this Stack Overflow answer.
ELF is the dominating file format for Linux. It competes with Mach-O for OS X and PE for Windows.
ELF supersedes
.coff, which supersedes a.out.ELF is specified by the LSB:
The LSB basically links to other standards with minor extensions, in particular:
- Generic (both by SCO):
- System V ABI 4.1 (1997) www.sco.com/developers/devspecs/gabi41.pdf, no 64 bit, although a magic number is reserved for it. Same for core files. This is the first document you should look at when searching for information.
- System V ABI Update DRAFT 17 (2003) www.sco.com/developers/gabi/2003-12-17/contents.html, adds 64 bit. Only updates chapters 4 and 5 of the previous document: the others remain valid and are still referenced.
- Architecture specific (by the processor vendor):
A handy summary can be found at:
man elfSpin like mad between:
- standards
- high level generators. We use the assembler
asand linkerld. - hexdumps
- file decompilers. We use
readelf. It makes it faster to read the ELF file by turning it into human readable output. But you must have seen one byte-by-byte example first, and think howreadelfoutput maps to the standard. - low-level generators: stand-alone libraries that let you control every field of the ELF files you generated. github.com/BR903/ELFkickers, github.com/sqall01/ZwoELF and many more on GitHub.
- consumer: the
execsystem call of the Linux kernel can parse ELF files to starts processes: github.com/torvalds/linux/blob/v4.11/fs/binfmt_elf.c, stackoverflow.com/questions/8352535/how-does-kernel-get-an-executable-binary-file-running-under-linux/31394861#31394861
The ELF standard specifies multiple file formats:
- Object files (
.o).Intermediate step to generating executables and other formats:Source code | | Compilation | v Object file | | Linking | v ExecutableObject files exist to make compilation faster: withmake, we only have to recompile the modified source files based on timestamps.We have to do the linking step every time, but it is much less expensive.
- Executable files (no standard Linux extension).This is what the Linux kernel can actually run.
- Archive files (
.a).Libraries meant to be embedded into executables during the Linking step.
- Shared object files (
.so).Libraries meant to be loaded when the executable starts running.
- Core dumps.Such files may be generated by the Linux kernel when the program does naughty things, e.g. segfault.They exist to help debugging the program.
In this tutorial, we consider only object and executable files.
- Compiler toolchains generate and read ELF files.Sane compilers should use a separate standalone library to do the dirty work. E.g., Binutils uses BFD (in-tree and canonical source).
- Operating systems read and run ELF files.Kernels cannot link to a library nor use the C stlib, so they are more likely to implement it themselves.This is the case of the Linux kernel 4.2 which implements it in th file
fs/binfmt_elf.c.
- Specialized libraries. Examples:
It is non-trivial to determine what is the smallest legal ELF file, or the smaller one that will do something trivial in Linux.
Some impressive attempts:
In this example we will consider a saner
hello world example that will better capture real life cases.Let's break down a minimal runnable Linux x86-64 example:
hello_world.asm
section .data
hello_world db "Hello world!", 10
hello_world_len equ $ - hello_world
section .text
global _start
_start:
mov rax, 1
mov rdi, 1
mov rsi, hello_world
mov rdx, hello_world_len
syscall
mov rax, 60
mov rdi, 0
syscallCompiled with:
nasm -w+all -f elf64 -o 'hello_world.o' 'hello_world.asm'
ld -o 'hello_world.out' 'hello_world.o'TODO: use a minimal linker script with
-T to be more precise and minimal.Versions:
- NASM 2.10.09
- Binutils version 2.24 (contains
ld) - Ubuntu 14.04
We don't use a C program as that would complicate the analysis, that will be level 2 :-)
Running:
gives:
hd hello_world.o00000000 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 |.ELF............|
00000010 01 00 3e 00 01 00 00 00 00 00 00 00 00 00 00 00 |..>.............|
00000020 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 |........@.......|
00000030 00 00 00 00 40 00 00 00 00 00 40 00 07 00 03 00 |....@.....@.....|
00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00000080 01 00 00 00 01 00 00 00 03 00 00 00 00 00 00 00 |................|
00000090 00 00 00 00 00 00 00 00 00 02 00 00 00 00 00 00 |................|
000000a0 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000000b0 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000000c0 07 00 00 00 01 00 00 00 06 00 00 00 00 00 00 00 |................|
000000d0 00 00 00 00 00 00 00 00 10 02 00 00 00 00 00 00 |................|
000000e0 27 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |'...............|
000000f0 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000100 0d 00 00 00 03 00 00 00 00 00 00 00 00 00 00 00 |................|
00000110 00 00 00 00 00 00 00 00 40 02 00 00 00 00 00 00 |........@.......|
00000120 32 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |2...............|
00000130 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000140 17 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 |................|
00000150 00 00 00 00 00 00 00 00 80 02 00 00 00 00 00 00 |................|
00000160 a8 00 00 00 00 00 00 00 05 00 00 00 06 00 00 00 |................|
00000170 04 00 00 00 00 00 00 00 18 00 00 00 00 00 00 00 |................|
00000180 1f 00 00 00 03 00 00 00 00 00 00 00 00 00 00 00 |................|
00000190 00 00 00 00 00 00 00 00 30 03 00 00 00 00 00 00 |........0.......|
000001a0 34 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |4...............|
000001b0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000001c0 27 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 |'...............|
000001d0 00 00 00 00 00 00 00 00 70 03 00 00 00 00 00 00 |........p.......|
000001e0 18 00 00 00 00 00 00 00 04 00 00 00 02 00 00 00 |................|
000001f0 04 00 00 00 00 00 00 00 18 00 00 00 00 00 00 00 |................|
00000200 48 65 6c 6c 6f 20 77 6f 72 6c 64 21 0a 00 00 00 |Hello world!....|
00000210 b8 01 00 00 00 bf 01 00 00 00 48 be 00 00 00 00 |..........H.....|
00000220 00 00 00 00 ba 0d 00 00 00 0f 05 b8 3c 00 00 00 |............<...|
00000230 bf 00 00 00 00 0f 05 00 00 00 00 00 00 00 00 00 |................|
00000240 00 2e 64 61 74 61 00 2e 74 65 78 74 00 2e 73 68 |..data..text..sh|
00000250 73 74 72 74 61 62 00 2e 73 79 6d 74 61 62 00 2e |strtab..symtab..|
00000260 73 74 72 74 61 62 00 2e 72 65 6c 61 2e 74 65 78 |strtab..rela.tex|
00000270 74 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |t...............|
00000280 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000290 00 00 00 00 00 00 00 00 01 00 00 00 04 00 f1 ff |................|
000002a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000002b0 00 00 00 00 03 00 01 00 00 00 00 00 00 00 00 00 |................|
000002c0 00 00 00 00 00 00 00 00 00 00 00 00 03 00 02 00 |................|
000002d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000002e0 11 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 |................|
000002f0 00 00 00 00 00 00 00 00 1d 00 00 00 00 00 f1 ff |................|
00000300 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000310 2d 00 00 00 10 00 02 00 00 00 00 00 00 00 00 00 |-...............|
00000320 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000330 00 68 65 6c 6c 6f 5f 77 6f 72 6c 64 2e 61 73 6d |.hello_world.asm|
00000340 00 68 65 6c 6c 6f 5f 77 6f 72 6c 64 00 68 65 6c |.hello_world.hel|
00000350 6c 6f 5f 77 6f 72 6c 64 5f 6c 65 6e 00 5f 73 74 |lo_world_len._st|
00000360 61 72 74 00 00 00 00 00 00 00 00 00 00 00 00 00 |art.............|
00000370 0c 00 00 00 00 00 00 00 01 00 00 00 02 00 00 00 |................|
00000380 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000390Running:
gives:
hd hello_world.out00000000 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 |.ELF............|
00000010 02 00 3e 00 01 00 00 00 b0 00 40 00 00 00 00 00 |..>.......@.....|
00000020 40 00 00 00 00 00 00 00 10 01 00 00 00 00 00 00 |@...............|
00000030 00 00 00 00 40 00 38 00 02 00 40 00 06 00 03 00 |....@.8...@.....|
00000040 01 00 00 00 05 00 00 00 00 00 00 00 00 00 00 00 |................|
00000050 00 00 40 00 00 00 00 00 00 00 40 00 00 00 00 00 |..@.......@.....|
00000060 d7 00 00 00 00 00 00 00 d7 00 00 00 00 00 00 00 |................|
00000070 00 00 20 00 00 00 00 00 01 00 00 00 06 00 00 00 |.. .............|
00000080 d8 00 00 00 00 00 00 00 d8 00 60 00 00 00 00 00 |..........`.....|
00000090 d8 00 60 00 00 00 00 00 0d 00 00 00 00 00 00 00 |..`.............|
000000a0 0d 00 00 00 00 00 00 00 00 00 20 00 00 00 00 00 |.......... .....|
000000b0 b8 01 00 00 00 bf 01 00 00 00 48 be d8 00 60 00 |..........H...`.|
000000c0 00 00 00 00 ba 0d 00 00 00 0f 05 b8 3c 00 00 00 |............<...|
000000d0 bf 00 00 00 00 0f 05 00 48 65 6c 6c 6f 20 77 6f |........Hello wo|
000000e0 72 6c 64 21 0a 00 2e 73 79 6d 74 61 62 00 2e 73 |rld!...symtab..s|
000000f0 74 72 74 61 62 00 2e 73 68 73 74 72 74 61 62 00 |trtab..shstrtab.|
00000100 2e 74 65 78 74 00 2e 64 61 74 61 00 00 00 00 00 |.text..data.....|
00000110 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00000150 1b 00 00 00 01 00 00 00 06 00 00 00 00 00 00 00 |................|
00000160 b0 00 40 00 00 00 00 00 b0 00 00 00 00 00 00 00 |..@.............|
00000170 27 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |'...............|
00000180 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000190 21 00 00 00 01 00 00 00 03 00 00 00 00 00 00 00 |!...............|
000001a0 d8 00 60 00 00 00 00 00 d8 00 00 00 00 00 00 00 |..`.............|
000001b0 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000001c0 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000001d0 11 00 00 00 03 00 00 00 00 00 00 00 00 00 00 00 |................|
000001e0 00 00 00 00 00 00 00 00 e5 00 00 00 00 00 00 00 |................|
000001f0 27 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |'...............|
00000200 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000210 01 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 |................|
00000220 00 00 00 00 00 00 00 00 90 02 00 00 00 00 00 00 |................|
00000230 08 01 00 00 00 00 00 00 05 00 00 00 07 00 00 00 |................|
00000240 08 00 00 00 00 00 00 00 18 00 00 00 00 00 00 00 |................|
00000250 09 00 00 00 03 00 00 00 00 00 00 00 00 00 00 00 |................|
00000260 00 00 00 00 00 00 00 00 98 03 00 00 00 00 00 00 |................|
00000270 4c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |L...............|
00000280 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000290 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000002a0 00 00 00 00 00 00 00 00 00 00 00 00 03 00 01 00 |................|
000002b0 b0 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 |..@.............|
000002c0 00 00 00 00 03 00 02 00 d8 00 60 00 00 00 00 00 |..........`.....|
000002d0 00 00 00 00 00 00 00 00 01 00 00 00 04 00 f1 ff |................|
000002e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
000002f0 11 00 00 00 00 00 02 00 d8 00 60 00 00 00 00 00 |..........`.....|
00000300 00 00 00 00 00 00 00 00 1d 00 00 00 00 00 f1 ff |................|
00000310 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000320 00 00 00 00 04 00 f1 ff 00 00 00 00 00 00 00 00 |................|
00000330 00 00 00 00 00 00 00 00 2d 00 00 00 10 00 01 00 |........-.......|
00000340 b0 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 |..@.............|
00000350 34 00 00 00 10 00 02 00 e5 00 60 00 00 00 00 00 |4.........`.....|
00000360 00 00 00 00 00 00 00 00 40 00 00 00 10 00 02 00 |........@.......|
00000370 e5 00 60 00 00 00 00 00 00 00 00 00 00 00 00 00 |..`.............|
00000380 47 00 00 00 10 00 02 00 e8 00 60 00 00 00 00 00 |G.........`.....|
00000390 00 00 00 00 00 00 00 00 00 68 65 6c 6c 6f 5f 77 |.........hello_w|
000003a0 6f 72 6c 64 2e 61 73 6d 00 68 65 6c 6c 6f 5f 77 |orld.asm.hello_w|
000003b0 6f 72 6c 64 00 68 65 6c 6c 6f 5f 77 6f 72 6c 64 |orld.hello_world|
000003c0 5f 6c 65 6e 00 5f 73 74 61 72 74 00 5f 5f 62 73 |_len._start.__bs|
000003d0 73 5f 73 74 61 72 74 00 5f 65 64 61 74 61 00 5f |s_start._edata._|
000003e0 65 6e 64 00 |end.|
000003e4Articles by others on the same topic
There are currently no matching articles.