Linux ELF文件格式的section和segment有什么区别
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/14361248/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
What's the difference of section and segment in ELF file format
提问by tsing
From wiki Executable and Linkable Format:
来自 wiki Executable and Linkable Format:
The segments contain information that is necessary for runtime execution of the file, while sections contain important data for linking and relocation. Any byte in the entire file can be owned by at most one section, and there can be orphan bytes which are not owned by any section.
段包含文件运行时执行所需的信息,而段包含用于链接和重定位的重要数据。整个文件中的任何字节最多只能由一个节拥有,并且可以存在不为任何节所有的孤立字节。
But what's difference between section and segment? In an executable ELF file, does a segment contain one or more sections?
但是段和段之间有什么区别?在可执行 ELF 文件中,段是否包含一个或多个节?
采纳答案by Employed Russian
But what's difference between section and segment?
但是段和段之间有什么区别?
Exactly what you quoted: the segments contain information needed at runtime, while the sections contain information needed during linking.
正是您引用的内容:段包含运行时所需的信息,而部分包含链接期间所需的信息。
does a segment contain one or more sections?
一个段是否包含一个或多个部分?
A segment can contain 0 or more sections. Example:
一个段可以包含 0 个或多个段。例子:
readelf -l /bin/date
Elf file type is EXEC (Executable file)
Entry point 0x402000
There are 9 program headers, starting at offset 64
Program Headers:
Type Offset VirtAddr PhysAddr
FileSiz MemSiz Flags Align
PHDR 0x0000000000000040 0x0000000000400040 0x0000000000400040
0x00000000000001f8 0x00000000000001f8 R E 8
INTERP 0x0000000000000238 0x0000000000400238 0x0000000000400238
0x000000000000001c 0x000000000000001c R 1
[Requesting program interpreter: /lib64/ld-linux-x86-64.so.2]
LOAD 0x0000000000000000 0x0000000000400000 0x0000000000400000
0x000000000000d5ac 0x000000000000d5ac R E 200000
LOAD 0x000000000000de10 0x000000000060de10 0x000000000060de10
0x0000000000000440 0x0000000000000610 RW 200000
DYNAMIC 0x000000000000de38 0x000000000060de38 0x000000000060de38
0x00000000000001a0 0x00000000000001a0 RW 8
NOTE 0x0000000000000254 0x0000000000400254 0x0000000000400254
0x0000000000000044 0x0000000000000044 R 4
GNU_EH_FRAME 0x000000000000c700 0x000000000040c700 0x000000000040c700
0x00000000000002a4 0x00000000000002a4 R 4
GNU_STACK 0x0000000000000000 0x0000000000000000 0x0000000000000000
0x0000000000000000 0x0000000000000000 RW 8
GNU_RELRO 0x000000000000de10 0x000000000060de10 0x000000000060de10
0x00000000000001f0 0x00000000000001f0 R 1
Section to Segment mapping:
Segment Sections...
00
01 .interp
02 .interp .note.ABI-tag .note.gnu.build-id .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rela.dyn .rela.plt .init .plt .text .fini .rodata .eh_frame_hdr .eh_frame
03 .ctors .dtors .jcr .dynamic .got .got.plt .data .bss
04 .dynamic
05 .note.ABI-tag .note.gnu.build-id
06 .eh_frame_hdr
07
08 .ctors .dtors .jcr .dynamic .got
Here, PHDRsegment contains 0 sections, INTERPsegment contains .interpsection, and the first LOADsegment contains a whole bunch of sections.
这里,PHDRsegment包含0个section,INTERPsegment包含.interpsection,第一个LOADsegment包含一大堆section。
Further readingwith a nice illustration.
回答by zse
Please correct me if I'm wrong, as I wouldn't consider myself an expert on this topic, but according to my research some statements given in the answers/comments seem to be not fully accurate. To elaborate, I'll quote sentences and comment on them:
如果我错了,请纠正我,因为我不会认为自己是该主题的专家,但根据我的研究,答案/评论中给出的一些陈述似乎并不完全准确。为了详细说明,我将引用句子并对其进行评论:
Section contains static for the linker, segment dynamic data for the OS
部分包含链接器的静态数据,OS 的段动态数据
According to thisLWN article, the kernel only uses the segment header of type PT_INTERP, PT_LOAD and PT_GNU_STACK to load executables into memory. But there are other segment types, like PHDR, DYNAMIC, NOTE, GNU_EH_FRAME, GNU_PROPERTY, GNU_RELRO, which are ignored.
根据这篇LWN 文章,内核仅使用 PT_INTERP、PT_LOAD 和 PT_GNU_STACK 类型的段头将可执行文件加载到内存中。但还有其他段类型,如 PHDR、DYNAMIC、NOTE、GNU_EH_FRAME、GNU_PROPERTY、GNU_RELRO,它们被忽略。
Afaiu, the GNU_RELRO segment is like a dummy segment; if it is present the loader uses this as a flag to make the relocation data read-only. But the loader is not part of the OS, at least for Linux.
Afaiu,GNU_RELRO 段就像一个虚拟段;如果它存在,加载器使用它作为一个标志,使重定位数据只读。但是加载程序不是操作系统的一部分,至少对于 Linux 是这样。
As for the other segment types, I haven't found out what they are actually used for. They seem redundant to me, as there are corresponding sections which basically have the same or more information.
至于其他的段类型,我还没有发现它们的实际用途。它们对我来说似乎是多余的,因为有相应的部分基本上具有相同或更多的信息。
Thus, from my understanding that answer is only a simplified approximation of a more messy truth.
因此,根据我的理解,答案只是对更混乱的事实的简化近似。
sections are contained with segments
部分包含在段中
You can have ELF executables with no section headerand relocatable (*.o) files usually do not have segment header. Furthermore, in the readelf output in the accepted answer one can see the .interp section in multiple segments. I do not see any containment restriction.
您可以拥有没有节头的ELF 可执行文件,而可重定位 (*.o) 文件通常没有段头。此外,在已接受答案的 readelf 输出中,您可以在多个段中看到 .interp 部分。我没有看到任何收容限制。
the segments contain information needed at runtime, while the sections contain information needed during linking.
段包含运行时所需的信息,而段包含链接期间所需的信息。
Again this seems like a simplification. The runtime loader (or "interpreter") also needs the sections for loading shared libraries, resolving symbols, doing relocations etc.
这似乎又是一种简化。运行时加载器(或“解释器”)还需要用于加载共享库、解析符号、进行重定位等的部分。
To conclude, while the given answers are probably reasonable general approximations, it apparently gets more complicated when looking at the details.
总而言之,虽然给出的答案可能是合理的一般近似值,但在查看细节时显然会变得更加复杂。
