EDIT: It does work. My (GNU) libc spits out version info when executed as an executable.
How does that work? There must be something above ld.so, maybe the OS? Because looking at the ELF header, ld.so is a shared library “Type: DYN (Shared object file)”
$ readelf -hl ld.so
ELF Header:
Magic: 7f454c 46020101030000000000000000
Class: ELF64
Data: 2's complement, little endian
Version: 1 (current)
OS/ABI: UNIX - GNU
ABI Version: 0
Type: DYN (Shared object file)
Machine: Advanced Micro Devices X86-64
Version: 0x1
Entry point address: 0x1d780
Start of program headers: 64 (bytes into file)
Start of section headers: 256264 (bytes into file)
Flags: 0x0
Size of this header: 64 (bytes)
Size of program headers: 56 (bytes)
Number of program headers: 11
Size of section headers: 64 (bytes)
Number of section headers: 23
Section header string table index: 22
Program Headers:
Type Offset VirtAddr PhysAddr
FileSiz MemSiz Flags Align
LOAD 0x00000000000000000x00000000000000000x00000000000000000x0000000000000db80x0000000000000db8 R 0x1000
LOAD 0x00000000000010000x00000000000010000x00000000000010000x00000000000294350x0000000000029435 R E 0x1000
LOAD 0x000000000002b0000x000000000002b0000x000000000002b0000x000000000000a8c00x000000000000a8c0 R 0x1000
LOAD 0x00000000000362e00x00000000000362e00x00000000000362e00x0000000000002e240x0000000000003000 RW 0x1000
DYNAMIC 0x0000000000037e800x0000000000037e800x0000000000037e800x00000000000001800x0000000000000180 RW 0x8
NOTE 0x00000000000002a80x00000000000002a80x00000000000002a80x00000000000000400x0000000000000040 R 0x8
NOTE 0x00000000000002e80x00000000000002e80x00000000000002e80x00000000000000240x0000000000000024 R 0x4
GNU_PROPERTY 0x00000000000002a80x00000000000002a80x00000000000002a80x00000000000000400x0000000000000040 R 0x8
GNU_EH_FRAME 0x00000000000317180x00000000000317180x00000000000317180x00000000000009b40x00000000000009b4 R 0x4
GNU_STACK 0x00000000000000000x00000000000000000x00000000000000000x00000000000000000x0000000000000000 RW 0x10
GNU_RELRO 0x00000000000362e00x00000000000362e00x00000000000362e00x0000000000001d200x0000000000001d20 R 0x1
The program headers don’t have interpreter information either. Compare that to ls “Type: EXEC (Executable file)”.
$ readelf -hl ls
ELF Header:
Magic: 7f454c 46020101000000000000000000
Class: ELF64
Data: 2's complement, little endian
Version: 1 (current)
OS/ABI: UNIX - System V
ABI Version: 0
Type: EXEC (Executable file)
Machine: Advanced Micro Devices X86-64
Version: 0x1
Entry point address: 0x40b6e0
Start of program headers: 64 (bytes into file)
Start of section headers: 1473672 (bytes into file)
Flags: 0x0
Size of this header: 64 (bytes)
Size of program headers: 56 (bytes)
Number of program headers: 14
Size of section headers: 64 (bytes)
Number of section headers: 32
Section header string table index: 31
Program Headers:
Type Offset VirtAddr PhysAddr
FileSiz MemSiz Flags Align
PHDR 0x00000000000000400x00000000004000400x00000000004000400x00000000000003100x0000000000000310 R 0x8
INTERP 0x00000000000003b40x00000000004003b40x00000000004003b40x00000000000000530x0000000000000053 R 0x1
LOAD 0x00000000000000000x00000000004000000x00000000004000000x00000000000075700x0000000000007570 R 0x1000
LOAD 0x00000000000080000x00000000004080000x00000000004080000x00000000000decb10x00000000000decb1 R E 0x1000
LOAD 0x00000000000e70000x00000000004e70000x00000000004e70000x00000000000553a00x00000000000553a0 R 0x1000
LOAD 0x000000000013c9c80x000000000053d9c80x000000000053d9c80x000000000000d01c0x0000000000024748 RW 0x1000
DYNAMIC 0x00000000001480800x00000000005490800x00000000005490800x00000000000002500x0000000000000250 RW 0x8
NOTE 0x00000000000003500x00000000004003500x00000000004003500x00000000000000400x0000000000000040 R 0x8
NOTE 0x00000000000003900x00000000004003900x00000000004003900x00000000000000240x0000000000000024 R 0x4
NOTE 0x000000000013c3800x000000000053c3800x000000000053c3800x00000000000000200x0000000000000020 R 0x4
GNU_PROPERTY 0x00000000000003500x00000000004003500x00000000004003500x00000000000000400x0000000000000040 R 0x8
GNU_EH_FRAME 0x00000000001263180x00000000005263180x00000000005263180x0000000000002eb40x0000000000002eb4 R 0x4
GNU_STACK 0x00000000000000000x00000000000000000x00000000000000000x00000000000000000x0000000000000000 RW 0x10
GNU_RELRO 0x000000000013c9c80x000000000053d9c80x000000000053d9c80x000000000000c6380x000000000000c638 R 0x1
It feels like somewhere in the flow there is the same thing that’s happening in python just more hidden. Python seems to expose it because a file can be a library and an executable at the same time.
EDIT: …with which I meant, modulo brainfart: My libc.so.6 contains a proper entry address, while other libraries are pointing at 0x0 and coredump when executed. libc.so is a linker script, presumably because GNU compulsively overcomplicates everything.
…I guess that’s enough for the kernel. It might be a linux-only thing, maybe even unintended and well linux doesn’t break userspace.
Speaking of, I was playing it a bit fast and loose: _start is merely the default symbol name for the entry label, I’m sure nasm and/or ld have ways to set it to something different.
Btw, ld.so is a symlink to ld-linux-x86-64.so.2 at least on my system. It is an statically linked executable. The ld.so is, in simpler words, an interpreter for the ELF format and you can run it:
ld.so --help
Entry point address: 0x1d780
Which seems to be contained in the only executable section segment of ld.so
LOAD 0x0000000000001000 0x0000000000001000 0x0000000000001000
0x0000000000028bb5 0x0000000000028bb5 R E 0x1000
Edit: My understanding of this quite shallow; the above is a segment that in this case contains the entirety of the .text section.
How does that work? There must be something above
ld.so, maybe the OS? Because looking at the ELF header,ld.sois a shared library “Type: DYN (Shared object file)”$ readelf -hl ld.so ELF Header: Magic: 7f 45 4c 46 02 01 01 03 00 00 00 00 00 00 00 00 Class: ELF64 Data: 2's complement, little endian Version: 1 (current) OS/ABI: UNIX - GNU ABI Version: 0 Type: DYN (Shared object file) Machine: Advanced Micro Devices X86-64 Version: 0x1 Entry point address: 0x1d780 Start of program headers: 64 (bytes into file) Start of section headers: 256264 (bytes into file) Flags: 0x0 Size of this header: 64 (bytes) Size of program headers: 56 (bytes) Number of program headers: 11 Size of section headers: 64 (bytes) Number of section headers: 23 Section header string table index: 22 Program Headers: Type Offset VirtAddr PhysAddr FileSiz MemSiz Flags Align LOAD 0x0000000000000000 0x0000000000000000 0x0000000000000000 0x0000000000000db8 0x0000000000000db8 R 0x1000 LOAD 0x0000000000001000 0x0000000000001000 0x0000000000001000 0x0000000000029435 0x0000000000029435 R E 0x1000 LOAD 0x000000000002b000 0x000000000002b000 0x000000000002b000 0x000000000000a8c0 0x000000000000a8c0 R 0x1000 LOAD 0x00000000000362e0 0x00000000000362e0 0x00000000000362e0 0x0000000000002e24 0x0000000000003000 RW 0x1000 DYNAMIC 0x0000000000037e80 0x0000000000037e80 0x0000000000037e80 0x0000000000000180 0x0000000000000180 RW 0x8 NOTE 0x00000000000002a8 0x00000000000002a8 0x00000000000002a8 0x0000000000000040 0x0000000000000040 R 0x8 NOTE 0x00000000000002e8 0x00000000000002e8 0x00000000000002e8 0x0000000000000024 0x0000000000000024 R 0x4 GNU_PROPERTY 0x00000000000002a8 0x00000000000002a8 0x00000000000002a8 0x0000000000000040 0x0000000000000040 R 0x8 GNU_EH_FRAME 0x0000000000031718 0x0000000000031718 0x0000000000031718 0x00000000000009b4 0x00000000000009b4 R 0x4 GNU_STACK 0x0000000000000000 0x0000000000000000 0x0000000000000000 0x0000000000000000 0x0000000000000000 RW 0x10 GNU_RELRO 0x00000000000362e0 0x00000000000362e0 0x00000000000362e0 0x0000000000001d20 0x0000000000001d20 R 0x1The program headers don’t have interpreter information either. Compare that to
ls“Type: EXEC (Executable file)”.$ readelf -hl ls ELF Header: Magic: 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 Class: ELF64 Data: 2's complement, little endian Version: 1 (current) OS/ABI: UNIX - System V ABI Version: 0 Type: EXEC (Executable file) Machine: Advanced Micro Devices X86-64 Version: 0x1 Entry point address: 0x40b6e0 Start of program headers: 64 (bytes into file) Start of section headers: 1473672 (bytes into file) Flags: 0x0 Size of this header: 64 (bytes) Size of program headers: 56 (bytes) Number of program headers: 14 Size of section headers: 64 (bytes) Number of section headers: 32 Section header string table index: 31 Program Headers: Type Offset VirtAddr PhysAddr FileSiz MemSiz Flags Align PHDR 0x0000000000000040 0x0000000000400040 0x0000000000400040 0x0000000000000310 0x0000000000000310 R 0x8 INTERP 0x00000000000003b4 0x00000000004003b4 0x00000000004003b4 0x0000000000000053 0x0000000000000053 R 0x1 LOAD 0x0000000000000000 0x0000000000400000 0x0000000000400000 0x0000000000007570 0x0000000000007570 R 0x1000 LOAD 0x0000000000008000 0x0000000000408000 0x0000000000408000 0x00000000000decb1 0x00000000000decb1 R E 0x1000 LOAD 0x00000000000e7000 0x00000000004e7000 0x00000000004e7000 0x00000000000553a0 0x00000000000553a0 R 0x1000 LOAD 0x000000000013c9c8 0x000000000053d9c8 0x000000000053d9c8 0x000000000000d01c 0x0000000000024748 RW 0x1000 DYNAMIC 0x0000000000148080 0x0000000000549080 0x0000000000549080 0x0000000000000250 0x0000000000000250 RW 0x8 NOTE 0x0000000000000350 0x0000000000400350 0x0000000000400350 0x0000000000000040 0x0000000000000040 R 0x8 NOTE 0x0000000000000390 0x0000000000400390 0x0000000000400390 0x0000000000000024 0x0000000000000024 R 0x4 NOTE 0x000000000013c380 0x000000000053c380 0x000000000053c380 0x0000000000000020 0x0000000000000020 R 0x4 GNU_PROPERTY 0x0000000000000350 0x0000000000400350 0x0000000000400350 0x0000000000000040 0x0000000000000040 R 0x8 GNU_EH_FRAME 0x0000000000126318 0x0000000000526318 0x0000000000526318 0x0000000000002eb4 0x0000000000002eb4 R 0x4 GNU_STACK 0x0000000000000000 0x0000000000000000 0x0000000000000000 0x0000000000000000 0x0000000000000000 RW 0x10 GNU_RELRO 0x000000000013c9c8 0x000000000053d9c8 0x000000000053d9c8 0x000000000000c638 0x000000000000c638 R 0x1It feels like somewhere in the flow there is the same thing that’s happening in python just more hidden. Python seems to expose it because a file can be a library and an executable at the same time.
Anti Commercial-AI license
Your ld.so contains:EDIT: …with which I meant, modulo brainfart: My
libc.so.6contains a proper entry address, while other libraries are pointing at0x0and coredump when executed.libc.sois a linker script, presumably because GNU compulsively overcomplicates everything.…I guess that’s enough for the kernel. It might be a linux-only thing, maybe even unintended and well linux doesn’t break userspace.
Speaking of, I was playing it a bit fast and loose:
_startis merely the default symbol name for the entry label, I’m sure nasm and/or ld have ways to set it to something different.Btw,
ld.sois a symlink told-linux-x86-64.so.2at least on my system. It is an statically linked executable. Theld.sois, in simpler words, an interpreter for the ELF format and you can run it:ld.so --helpWhich seems to be contained in the only executable
sectionsegment ofld.soLOAD 0x0000000000001000 0x0000000000001000 0x0000000000001000 0x0000000000028bb5 0x0000000000028bb5 R E 0x1000Edit: My understanding of this quite shallow; the above is a segment that in this case contains the entirety of the
.textsection.