ELF format: Modifying an executable to create another

ELF format: Modifying an executable to create another

Post by Bob Ada » Mon, 26 Nov 2001 09:43:57



Hi,
 I am trying to save the image of a running Linux process into
 another executable file so that when the newly created
 executable is invoked it will start off where the original
 one was saved. The way I do it is to create another executable
 which is very much like the original except it has extra sections
 and segments in the ELF file. The original .bss section is concatenated
 with the original .data section to get a larger .data section and is
 filled with the current values in the memory. Similarly the areas of the
 heap that are in use are identified by reading /proc/<getpid()>/maps file
 and and extra ELF section and and extra ELF segment is created for
 each such area in the heap.
 The saving of the stack and open files/sockets is done seperately and
 their details are not needed in order to answer my questions below.

 When I try to add an ELF section/segment to the executable file to create
 a new executable the new executable does not work. It SEGVs before main
 is invoked. I have painstakingly tried to make sure that the new
 executable is in the correct format. i.e the ELF header, Program header
 and section headers as well as the contents of the sections themselves
 have the correct values.
 Does anyone have a clue as to what could be going on?
 Are there any assumptions made by Linux as to the order of headers and
 sections?
 Is my approach correct? It does work on Solaris.
 Are there other alternatives approaches I could try out?
 Are there any good books/web sites that could provide more info.
Thank you very much,
Bob

 
 
 

ELF format: Modifying an executable to create another

Post by John Reise » Mon, 26 Nov 2001 10:09:03


Quote:>  I am trying to save the image of a running Linux process into
>  another executable file so that when the newly created
>  executable is invoked it will start off where the original
>  one was saved. ...

>  When I try to add an ELF section/segment to the executable file to create
>  a new executable the new executable does not work. It SEGVs before main
>  is invoked. ...

Probably you have been tripped by the way that the PT_INTERP
/lib/ld-linux.so.2 modifies the DYNAMIC section during early
user-mode execution.  Compare "objdump --private-headers a.elf"
when run on the new file versus the original.  Either you need
to undo the modifications, or you need to make a new PT_INTERP
with different assumptions about initial conditions.

Or, it could be something else entirely.  What is the _smallest_
executable program for which your method fails, yet still names
/lib/ld-linux.so.2 as PT_INTERP?  The answer should be something
like 300 bytes or less.  Then you work with strace and gdb ...

--


 
 
 

ELF format: Modifying an executable to create another

Post by bdonla » Mon, 26 Nov 2001 11:09:44



> Hi,
>  I am trying to save the image of a running Linux process into
>  another executable file so that when the newly created
>  executable is invoked it will start off where the original
>  one was saved. The way I do it is to create another executable
>  which is very much like the original except it has extra sections
>  and segments in the ELF file. The original .bss section is concatenated
>  with the original .data section to get a larger .data section and is
>  filled with the current values in the memory. Similarly the areas of the
>  heap that are in use are identified by reading /proc/<getpid()>/maps file
>  and and extra ELF section and and extra ELF segment is created for
>  each such area in the heap.
>  The saving of the stack and open files/sockets is done seperately and
>  their details are not needed in order to answer my questions below.

>  When I try to add an ELF section/segment to the executable file to create
>  a new executable the new executable does not work. It SEGVs before main
>  is invoked. I have painstakingly tried to make sure that the new
>  executable is in the correct format. i.e the ELF header, Program header
>  and section headers as well as the contents of the sections themselves
>  have the correct values.
>  Does anyone have a clue as to what could be going on?
>  Are there any assumptions made by Linux as to the order of headers and
>  sections?
>  Is my approach correct? It does work on Solaris.
>  Are there other alternatives approaches I could try out?
>  Are there any good books/web sites that could provide more info.
> Thank you very much,
> Bob

If you do get it to work, could you write a library that'll automate the
process?

--
make me
---
make: *** No rule to make target `me'.  Stop.

 
 
 

ELF format: Modifying an executable to create another

Post by Paul Pluzhniko » Mon, 26 Nov 2001 15:41:04



Quote:>  I am trying to save the image of a running Linux process into
>  another executable file so that when the newly created
>  executable is invoked it will start off where the original
>  one was saved.
...
>  Are there other alternatives approaches I could try out?

Have a look at "Condor" and their checkpointing library:
http://www.cs.wisc.edu/condor/checkpointing.html