Re: "ELF-Symbols" tag for relocatable images

[Andrei Borzenkov]

17.03.2017 22:53, Ahmed, Safayet (GE Global Research, US) пишет:
> Hello again,
> 
> I had a question on the function, "grub_multiboot_load_elf(32/64)".
> (grub/grub_core/loader/multiboot_elfxx.c: line 54)
> 
> As a part of parsing an ELF image, the above-named function copies
> the section header table into memory, and copies "unloaded" sections
> into memory (lines 199 - 269). The section table may be passed to an
> OS image as the "ELF-Symbols" tag of the multiboot2 information
> structure.
> 
> Section 2.6.7 of the specification states that "the physical address
> fields of the ELF section header then refer to where the sections are
> in memory".
> 
> Sections that are loaded are handled differently in the code from
> sections that are not loaded. This distinction is made at line  234.
> The loaded sections are ignored.
> 
> The "sh_addr" field of entries in the table for not-loaded sections
> are explicitly updated to point to the address where those sections
> are copied (line 265).
> 
> For "loaded" sections loaded to a fixed address, the "sh_addr" field
> of the section header table entries should be accurate without any
> updates. However, if the image is relocated, the "sh_addr" field of
> the entries for relocated sections are not necessarily accurate.
> 
> Is this a legitimate concern? 

Yes. @Daniel, note that tags 9, 10 are not even documented.

Unfortunately I suspect updating sh_addr may not be enough - this would
require updating every reference to this section address everywhere
else; not sure if this is really possible.

> Alternatively, should the section
> header table be absent from ELF images that contain the "relocatable
> tag" in the multiboot2 header? Under normal circumstances, the
> section header table isn't really necessary for loading.
> 

I guess enforcing it is the more straightforward choice.