upvote

points

by 2019844 hours ago |
comments
upvoteby sjmulder3 hours ago|
[-]
Doesn't the loaded code have to be patched for relocations?
reply
upvoteby ptspts3 hours ago|
parent|
next
[-]
It does, so not 100% is reused. The patched parts are in different sections though, so the entire .text (code) section ends up being reused.
reply
upvoteby monocasa3 hours ago|
parent|
prev|
next
[-]
Not on modern archs that provide decent support for PIE (position independent executables).
reply
upvoteby 2019842 hours ago|
parent|
[-]
How do you think position independent code can call functions from other .so's without being patched with their addresses?

They can't, so even PIC code still has to have a relocation table that gets patched. It's in a different page than the code though, so code does still get reused.

reply
upvoteby monocasa2 hours ago|
parent|
[-]
That's not really patching though, any more than any use of function pointers is patching.
reply
upvoteby 20198444 minutes ago|
parent|
[-]
There's a part of the .so ELF file (the Global Offset Table aka GOT) that has to be modified with all the addresses of the functions being imported, which of course vary from process to process.

If not patching, what exactly would you call modifying part of the file?

reply
upvoteby monocasa1 minutes ago|
parent|
[-]
And the got is just a big table of pointers like any other table of pointers your application manipulates as it runs.

This isn't meant as a reductive take, but instead that there is a difference between completely describable in C like the contents of the .got section, and something like a .reloc section that actually has to understand the generated assembly in order to build the relocation table to load and link the executable. Both are linking, but I've saved "patching" for more brain surgery esque techniques. Like on mips, the jump instruction immediate is the bottom 26 bits of the absolute address of the target, so you're going through and modifying all of the jump instructions if you load it to somewhere it wasn't linked at.

reply
upvoteby t-33 hours ago|
parent|
prev|
[-]
Not if it's position-independent.
reply