|
|
|
|
|
|
by United857
4592 days ago
|
|
|
A good intro but doesn't go in depth enough, and it glosses over the interface between user and kernel mode. Particularly, in modern Linux binaries, syscalls are not hardcoded as int instructions, but are dynamically mapped via a "virtual DSO" mechanism to the best instruction for the current architecture (int 80, or syscall/sysenter). Also, in practice, the ELF would be dynamically linking to libc, and libc would be making the calls. |
|
|
"This is the whole file, however, most ELF files contain many more elements. Explanations are simplified, for conciseness."