The source code to the kernel's elf "binfmt"[0] is very readable. The elf binfmt is registered (along with a few others like `binfmt_misc`) and you get dispatched there via `exec_binprm`[1] which is invoked by the `execve` syscall[2]. When loading a shared library, you also dispatch to a binfmt via the `uselib`[3] syscall.
It used to be available online for free at <https://www.iecc.com/linker/>, but isn't any more.
You could get it from archive.org though, and I think I've seen mirrors in other formats on Hacker News in previous discussions about the book.
Yes; but there's also descriptions of legacy container formats no one cares about any more. I still recommend it and have my own copy, I just recall skipping over quite a bit of material.
If you're interested in or already comfortable with Rust, Amos (fasterthanlime) has a nice long-form series that goes into this, basically building a custom ELF loader in the end. The writing style isn't everyone's cup of tea, but maybe you like it: https://fasterthanli.me/series/making-our-own-executable-pac...
[0] https://github.com/torvalds/linux/blob/9fdfb15a3dbf818e06be5...
[1] https://github.com/torvalds/linux/blob/9fdfb15a3dbf818e06be5...
[2] https://github.com/torvalds/linux/blob/9fdfb15a3dbf818e06be5...
[3] https://github.com/torvalds/linux/blob/9fdfb15a3dbf818e06be5...