Re: Newbie Question - What is actually executing the binary?

From: Stephen Kuhn (skuhn_at_telpacific.com.au)
Date: 06/06/04

  • Next message: bansilal10000: "Re: Accessing private information"
    To: redhat-list@redhat.com
    Date: Mon, 07 Jun 2004 01:19:13 +1000
    
    

    On Mon, 2004-06-07 at 01:10, snodx@hotmail.com wrote:
    > Hi guys,
    >
    > Thanks for your awnsers. Your awnsers gave me a lot of searching material.
    >
    > I searched for "How the kernel executes binary files" and some such related
    > keywords, keyphrases in google and I came across this URL:
    >
    > http://tech.dupnica.net/understandinlinuxkernel/ch19e.html
    >
    > This webpage deals a lot with the internal working of the kernel. It
    > mentions the functions sys_execve, prepare_binprm and load_binary
    > which perform the binary execution process.
    >
    > But what I was interested in knowing is WHICH kernel module defines
    > these functions? Which library is called by the kernel when it recieves
    > the instruction to execute a binary, the library that contains these
    > symbols?
    >
    > What I basically am interested in is the knowing the complete knowledge
    > of the background? That is when I create an executable of my own using
    > gcc or some other 'C' compiler and run the executable by saying
    > "./executable-name" then which kernel modules are involved, their
    > sequence e.t.c. If I get to know the name of even one kernel module
    > I can search out the whole module sequence from google.
    >
    > By the by in this context I ran the command "ksyms" on a Redhat
    > terminal but I did not come across the aforementioned symbols, not
    > even something close. I guess "ksyms" shows only the externally
    > usable kernel symbols.
    >
    > Sorry for keeping you engaged.
    >
    > SNODX

    Email Linus. He'll tell you everything.

    stephen kuhn - proprietor
    ==============================
    illawarra computer services
    a kuhn media australia company
    http://kma.0catch.com
    mobile: 0410.728.389
    ------------------------------------------------------------------
      * This message was composed on a 100% Microsoft free computer *
      We expressly refuse to utilise Microsoft DRM encoded documents
    ------------------------------------------------------------------
    Apu: You look familiar, sir. Are you on the television or something?
    Homer: Sorry, buddy. You got me confused with Fred Flintstone. Homer's
    Night Out

    -- 
    redhat-list mailing list
    unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
    https://www.redhat.com/mailman/listinfo/redhat-list
    

  • Next message: bansilal10000: "Re: Accessing private information"

    Relevant Pages

    • Re: USB2 + kdb support (UMASS disk dump + USB keyboard)
      ... Instead I want to enforce normal running mode where USB and timer callbacks are handled like normal when in the kernel debugger. ... When the CPU is in the debugger and is asking for USB devices to be polled, is there a way to get the USB threads running again so that callbacks can be handled? ... From within callout handlers and task queue execution environments. ... While in DDB, in general, no further kernel execution is permitted, and we disable interrupts and IPI all CPUs to ensure that is the case. ...
      (freebsd-current)
    • Re: [patch 00/11] ANNOUNCE: "Syslets", generic asynchronous system call support
      ... properly separating the user execution context from the kernel execution ... What about TLS related kernel ...
      (Linux-Kernel)
    • Re: [tip:perfcounters/core] perf_counter: x86: Fix call-chain support to use NMI-safe method
      ... See the numbers in the other mail: about 33 million pagefaults ... speed up the kernel entry and exit, the few tens of cycles we ... Execution of a newly forked/exec'd process instruction causes a fault. ...
      (Linux-Kernel)
    • Re: AT_EXECFN not useful
      ... have to canonicalize the path (call realpath etc). ... AT_EXECFN also may have an advantage when the kernel ... Perhaps glibc cannot verify the value, so that may be a reason to avoid ... the value in the case of suid/sgid execution. ...
      (Linux-Kernel)
    • Re: [Full-disclosure] [Dailydave] What RedHat doesnt want you to know about ExecShield (without
      ... SE Linux has nothing to do with buffer overflows besides checking that the ... highest executable mapping in the address space is executable. ... The mapping addresses are a policy of the kernel. ... Until the kernel address space has no execution permission ...
      (Full-Disclosure)