Published on

COMP3703 WK1 Thursday

Table of Contents

elf + intro to x86

Lazy Binding

  • A program, loaded to memory, functions from shared library are given dummy addresses
    • Process of resolving them is relocation
      • Relocations done when an unresolved symbol is first referenced
  • Requires two sections: Procedure Linkage Table (.plt) and Global Offset Table (.got/.got.plt)

Relocation Sections

  • Indicated by SHT_REL and SHT_RELA
    • SHT_REL -> Table of relocation entries + instructions on how to resolve the value
  • Linker performs the relocations

Program Headers

  • Provides a segment view as opposed to a section view
    • Contain information about what segments need to be loaded to what sections in memory and what flags need to be assigned
  • Segment consists of zero or more sections
  • Only used in executable ELF

Section vs Segment

  • A section is a collection of bytes in file itself
  • A segment is a collection of sections

Intro to x86

Layout

Has the following:

  • CPU Instructions
  • Directions -> Commands to tell the assembler to produce/place a piece of data in a particular section
  • Labels -> Symbolic names for instructions/data
  • Comments -> Human readable

Memory Operands

  • Specified memory address where CPU should fetch one or more bytes

  • Of the form: [base] + [index*scale] + [displacement]

    • base, index -> Register or memory location
    • scale -> Multiplier for index. An integer value with value 1,2,4 or 8, Default is 1
    • displacement -> a 32-bit constant or symbol. Default is 0

The Stack

  • Downward growing
  • Last-in-first-out (LIFO) order
    • Pop or push
  • Lower memory addresses are usually at the top of the stack

Function calls and frames

  • Each function has its own function frame or stack frame

  • rbp -> Base Pointer (points to the bottom of the stack)

  • rsp -> Stack Pointer (points to the top of the stack)

  • Access to elements in a stack frame is usually specified as an offset relative to the rbp

    • rsp relative offsetting also possible

Function Prologues and Local variables

  • Function prologues are the first instructions of a function

    • Save content of rbp register on stack
    • Copy rsp into rbp

  • After prologue, space for local variables is reserved by decrementing rsp

    • i.e. sub rsp, 0x10 -> reserves 0x10 (16) bytes for local variable(s)

Passing variables

  • Passed in registers: rdi, rsi, rdx, rcx, r8, r9
    • If more than 6 arguments, remaining arguments are stored on the stack

Returning from a function

  • Return values stored in rax
  • To exit, an epilogue is called to clean up the frame, see also the instruction leave
mov rsp, rbp; # restore stack pointer
pop rbp; # restore base pointer

Conditional jumps

  • Implemented using cmp (compare) instruction
    • Status:
      • Zero flag (ZF)
      • Sign flag (SF)
      • Overflow flag (OF)