1. 简单的elf 汇编程序, 用它直接生成二进制文件
cat asm2.s
BITS 32
org 0x08048000
ehdr: ; Elf32_Ehdr
db 0x7F, "ELF", 1, 1, 1, 0 ; e_ident
times 8 db 0
dw 2 ; e_type (可运行 exec)
dw 3 ; e_machine (386)
dd 1 ; e_version
dd _start ; e_entry (入口点)
dd phdr - $$ ; e_phoff (phdr 表偏移量 52)
dd 0 ; e_shoff
dd 0 ; e_flags
dw ehdrsize ; e_ehsize (52)
dw phdrsize ; e_phentsize (32)
dw 1 ; e_phnum
dw 0 ; e_shentsize
dw 0 ; e_shnum
dw 0 ; e_shstrndx
ehdrsize equ $ - ehdr
phdr: ; Elf32_Phdr
dd 1 ; p_type (可加载)
dd 0 ; p_offset
dd $$ ; p_vaddr
dd $$ ; p_paddr
dd filesize ; p_filesz
dd filesize ; p_memsz
dd 5 ; p_flags
dd 0x1000 ; p_align
phdrsize equ $ - phdr
_start:
; your program here
mov bl, 42 ; return value B3 2A
xor eax, eax ; __NR_EXIT 31 C0
inc eax ; 40
int 0x80 ; CD 80
filesize equ $ - $$
2. 编译生成elf 文件
nasm -f bin -o asm2 asm2.s
chmod +x asm2
3. 这个elf 简短,只有91个字节,
$ hexdump -C asm2
00000000 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00 |.ELF............|
00000010 02 00 03 00 01 00 00 00 54 80 04 08 34 00 00 00 |........T...4...|
00000020 00 00 00 00 00 00 00 00 34 00 20 00 01 00 00 00 |........4. .....|
00000030 00 00 00 00 01 00 00 00 00 00 00 00 00 80 04 08 |................|
00000040 00 80 04 08 5b 00 00 00 5b 00 00 00 05 00 00 00 |....[...[.......|
00000050 00 10 00 00 b3 2a 31 c0 40 cd 80 |.....*1.@..|
你可以执行这个elf:
$ ./asm2
$ echo $?
42
4. 这个elf,
file工具认为它缺少section header, objdump, nm 也导不出东西。但readelf 可以导出它的头信息
$file asm2
asm2: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, corrupted section header size
$ objdump -d asm2
asm2: file format elf32-i386
nspiron:~/MyTest/test$ nm -D asm2
nm: asm2: no symbols
$ readelf -a asm2
ELF Header:
Magic: 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00
Class: ELF32
Data: 2's complement, little endian
Version: 1 (current)
OS/ABI: UNIX - System V
ABI Version: 0
Type: EXEC (Executable file)
Machine: Intel 80386
Version: 0x1
Entry point address: 0x8048054
Start of program headers: 52 (bytes into file)
Start of section headers: 0 (bytes into file)
Flags: 0x0
Size of this header: 52 (bytes)
Size of program headers: 32 (bytes)
Number of program headers: 1
Size of section headers: 0 (bytes)
Number of section headers: 0
Section header string table index: 0
There are no sections in this file.
There are no sections to group in this file.
Program Headers:
Type Offset VirtAddr PhysAddr FileSiz MemSiz Flg Align
LOAD 0x000000 0x08048000 0x08048000 0x0005b 0x0005b R E 0x1000
There is no dynamic section in this file.
There are no relocations in this file.
The decoding of unwind sections for machine type Intel 80386 is not currently supported.
Dynamic symbol information is not available for displaying symbols.
No version information found in this file.
这篇就作为elf 的开始篇
935
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
