Hacker News new | past | comments | ask | show | jobs | submit login
How does Linux start a process (thc.org)
276 points by 10xJobs_net on Sept 15, 2023 | hide | past | favorite | 29 comments



A good walkthrough, but it doesn't mention how the ELF headers are interpreted and how the corresponding file sections (code, data, rodata) are mapped into the virtual address space of the process. It only covers the setup of the stack and the invocation of main.


The first thing I thought of when I saw the article title here was “How programs get run”[1], a series on LWN; the second installment[2] describes the ELF parts of the story.

(The exposition in his two-parter “Anatomy of a system call”[3,4] is similarly brilliant.)

If all you want is a non-Linux-specific description of how to write a static ELF loader (which is surprisingly simple), you can also take a look at the description on the OSDev Wiki[5] (but be mindful of the somewhat uneven code quality on that website) and at Libelf by example[6] (but libelf may be a bit too much abstraction than you really need if you’re trying to understand the format itself).

[1] https://lwn.net/Articles/630727/

[2] https://lwn.net/Articles/631631/

[3] https://lwn.net/Articles/604287/

[4] https://lwn.net/Articles/604515/

[5] https://wiki.osdev.org/ELF

[6] https://sourceforge.net/projects/elftoolchain/files/Document...


Any good resources to learn about that?


The source code to the kernel's elf "binfmt"[0] is very readable. The elf binfmt is registered (along with a few others like `binfmt_misc`) and you get dispatched there via `exec_binprm`[1] which is invoked by the `execve` syscall[2]. When loading a shared library, you also dispatch to a binfmt via the `uselib`[3] syscall.

[0] https://github.com/torvalds/linux/blob/9fdfb15a3dbf818e06be5...

[1] https://github.com/torvalds/linux/blob/9fdfb15a3dbf818e06be5...

[2] https://github.com/torvalds/linux/blob/9fdfb15a3dbf818e06be5...

[3] https://github.com/torvalds/linux/blob/9fdfb15a3dbf818e06be5...


CPU Land is an accessible introduction. This chapter covers ELF https://cpu.land/becoming-an-elf-lord


The book "Linkers an Loaders" by Levine is the Bible on the subject


It used to be available online for free at <https://www.iecc.com/linker/>, but isn't any more. You could get it from archive.org though, and I think I've seen mirrors in other formats on Hacker News in previous discussions about the book.


Yes; but there's also descriptions of legacy container formats no one cares about any more. I still recommend it and have my own copy, I just recall skipping over quite a bit of material.


There's a great summary from LWN[1] with lots of references and links to other articles for further reading.

[1] https://lwn.net/Articles/631631


If you're interested in or already comfortable with Rust, Amos (fasterthanlime) has a nice long-form series that goes into this, basically building a custom ELF loader in the end. The writing style isn't everyone's cup of tea, but maybe you like it: https://fasterthanli.me/series/making-our-own-executable-pac...


"man 5 elf" should be the ultimate source of truth :-)



I've found that searching for stories with ELF in the title then trawling through the comments for the links is really informative.


I just hope they catch this Sauron before it’s too late…


Instead of only hiding the arguments, is it also possible to change them? and even change argv[0]?


see exec builtin in the bash shell. otherwise man execvp etc.


No reference to fork anywhere?


This could be deliberate. Either to not derail focus from `execve` or perhaps the author assumed that the readers are already well-versed with `fork`.


[flagged]


Can we not, “Dude weed lmao,” here? Have something substantial to add please


> Have something substantial to add please

The comment was indeed about a matter of substance


Let's compromise and make sure all the weed jokes fall under the replies to my top level comment.


This creates noise. Regular users shouldn’t be commenting on the quality and usefulness of other people’s comments.

Oh wait..


Is denouncing that which is not your personal brand of humor a substantial addition?


It’s not about my brand of humor, any comment that is just a quip is unsubstantial and against community guidelines here. What exactly is the point of your comment other than to try and make us more like Reddit, the website HN was designed to not be.


The irony in complaining about the guidelines, while dismissing the very last item. Classic.


Perhaps just downvote and/or move on.


The THC group has been around since basically the very early days of www so… No. Not waste.

Although, I do believe some of the people involved in THC were also involved in creation of the Joint Routing Protocol :) http://darklab.org/jrp.txt


Seems apt: The Hacker's Choice


let’s not turn this into reddit




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: