比较64位x86平台上的PIE,PIC代码和可执行文件有什么区别? [英] What are the differences comparing PIE, PIC code and executable on 64-bit x86 platform?
问题描述
该测试是在64位Ubuntu 12.04上进行的. x86体系结构.
The test is on Ubuntu 12.04 64-bit. x86 architecture.
我对位置独立可执行(PIE)和位置独立代码(PIC)的概念感到困惑,我想它们不是正交的.
I am confused about the concept Position Independent Executable (PIE) and Position Independent code (PIC), and I guess they are not orthogonal.
这是我的快速实验.
gcc -fPIC -pie quickSort.c -o a_pie.out
gcc -fPIC quickSort.c -o a_pic.out
gcc a.out
objdump -Dr -j .text a.out > a1.temp
objdump -Dr -j .text a_pic.out > a2.temp
objdump -Dr -j .text a_pie.out > a3.temp
我有以下发现.
A. a.out包含一些PIC代码,但仅拒绝libc序言和结语函数,如下所示:
A. a.out contains some PIC code, but only resists in the libc prologue and epilogue functions, as shown in below:
4004d0: 48 83 3d 70 09 20 00 cmpq $0x0,0x200970(%rip) # 600e48 <__JCR_END__>
在我的简单quicksort程序的汇编指令中,我没有找到任何PIC指令.
In the assembly instructions of my simple quicksort program, I didn't find any PIC instructions.
B..a_pic.out包含PIC代码,我没有找到任何 non-PIC 指令...在我的quicksort程序的指令中,所有像这样的PIC指令可以访问全局数据:
B. a_pic.out contains PIC code, and I didn't find any non-PIC instructions... In the instructions of my quicksort program, all the global data are accessed by PIC instructions like this:
40053b: 48 8d 05 ea 02 00 00 lea 0x2ea(%rip),%rax # 40082c <_IO_stdin_used+0x4>
C..a_pie.out包含与a_pic.out相比语法相同的指令.但是,a_pie.out的 .text 部分的内存地址范围为0x630至0xa57,而a_pic.out的同一部分范围为0x400410至0x400817.
C. a_pie.out contains syntax-identical instructions comparing with a_pic.out. However, the memory addresses of a_pie.out's .text section range from 0x630 to 0xa57, while the same section of a_pic.out ranges from 0x400410 to 0x400817.
有人可以给我一些关于这些现象的解释吗?特别是发现 C .再次,我对 PIE与PIC 感到困惑,不知道如何解释 C 的发现.
Could anyone give me some explanations of these phenomenons? Especially the finding C. Again, I am really confused about PIE vs. PIC, and have no idea how to explain the finding C..
推荐答案
我对位置独立可执行(PIE)和位置独立代码(PIC)的概念感到困惑,我想它们不是正交的.
I am confused about the concept Position Independent Executable (PIE) and Position Independent code (PIC), and I guess they are not orthogonal.
PIE和PIC之间唯一的真正区别是允许您在PIC中插入插入符号,但在PIE中不允许插入.除此之外,它们几乎是等效的.
The only real difference between PIE and PIC is that you are allowed to interpose symbols in PIC, but not in PIE. Except for that, they are pretty much equivalent.
您可以在此处了解有关符号插入的信息.
You can read about symbol interposition here.
C. a_pie.out包含与a_pic.out相比语法相同的指令.但是,a_pie.out的.text部分的内存地址范围是0x630到0xa57,而a_pic.out的同一部分的内存地址范围是0x400410到0x400817.
C. a_pie.out contains syntax-identical instructions comparing with a_pic.out. However, the memory addresses of a_pie.out's .text section range from 0x630 to 0xa57, while the same section of a_pic.out ranges from 0x400410 to 0x400817.
很难理解您对此感到惊讶的地方.
It's hard to understand what you find surprising about this.
PIE二进制文件就像共享库一样链接,因此其默认加载地址(第一个LOAD段的.p_vaddr)为零.期望某些东西可以将该二进制文件从零页位置移开,然后将其加载到某个随机地址.
The PIE binary is linked just as a shared library, and so its default load address (the .p_vaddr of the first LOAD segment) is zero. The expectation is that something will relocate this binary away from zero page, and load it at some random address.
另一方面,非PIE可执行文件总是 加载到其链接地址.在Linux上,x86_64二进制文件的默认地址为0x400000,因此.text的结尾不远.
On the other hand, a non-PIE executable is always loaded at its linked-at address. On Linux, the default address for x86_64 binaries is 0x400000, and so the .text ends up not far from there.
这篇关于比较64位x86平台上的PIE,PIC代码和可执行文件有什么区别?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
