Static Address vs. Execution Address In An Elf Loader

2
votes

I am writing an Elf Loader for ARM/ARM64. While processing the dynamic relocations I became a bit confused by some of the terms/symbols in the documentation I am following. On Pg.14 it is stated,

"S (when used on its own) is the address of the symbol." "P is the address of the place being relocated (derived from r_offset)."

"Delta(S) if S is a normal symbol, resolves to the difference between the static link address of S and the execution address of S. If S is the null symbol (ELF symbol index 0), resolves to the difference between the static link address of P and the execution address of P."

From what I gather, I believe the "execution address" of S (or P) to be the address of the symbol in the process's memory space but am unsure what is meant by "static link address".

If someone can clarify the terminology that would be great, thank you.

1
linkerarmelfarm64relocation

1 Answers

0
votes

what is meant by "static link address".

A non-PIE executable is linked to load at a particular address. For example, on x86_64 Linux default static link address is 0x400000:

echo "int main() { return 0; }" | gcc -xc - -no-pie

readelf -Wl a.out | grep LOAD
  LOAD           0x000000 0x0000000000400000 0x0000000000400000 0x000618 0x000618 R E 0x200000
  LOAD           0x000e50 0x0000000000600e50 0x0000000000600e50 0x0001d8 0x0001e0 RW  0x200000

This binary is linked with static link address of 0x400000, and symbols in it reflect that:

nm a.out | grep ' main'
0000000000400487 T main

This executable must be loaded at 0x400000, and will not work correctly if loaded anywhere else.

Note that default non-PIE static link address

  • is different for different architectures (i386 default is 0x8048000), and
  • can be changed at static link time via linker script and/or linker flags.

Contrast this with a PIE executable, which is typically linked at static link address 0:

echo "int main() { return 0; }" | gcc -xc - -fPIE -pie
 readelf -Wl a.out | grep LOAD
  LOAD           0x000000 0x0000000000000000 0x0000000000000000 0x0007d8 0x0007d8 R E 0x200000
  LOAD           0x000e18 0x0000000000200e18 0x0000000000200e18 0x000210 0x000218 RW  0x200000

nm a.out | grep ' main'
00000000000005fa T main

So the static link address of main is 0x400487 in the non-PIE case, and 0x5fa in the PIE case.