2

A great comment on my answer describing how to use linker scripts to make a ctor-like function list pointed out that recent GNU ld has much improved support for grafting new sections into system linker scripts with -Wl,-T... and INSERT BEFORE/INSERT AFTER. This got me thinking about other linker script tricks.

For a network card firmware I modified the linker script to group together the runtime modules of the firmware so that they would all be in a contiguous block that could be in L1 cache without conflicts. To clean up stragglers (where I couldn't group by .o) I used section attributes on individual functions. Performance counters verified that it actually worked (reduced L1 instruction cache misses to almost nothing).

What other clever things have you accomplished with linker scripts?

4

1 回答 1

3

在某个平台上,由于我不会进入的原因,我需要有一段可执行文件,我可以在加载后丢弃它。现在不幸的是,无法为可执行文件取消映射内存,所以我不得不求助于链接器诡计。

我最终做的是引入一个别名为 bss 的可执行文件部分。这样,假设我可以尽早偷偷一些代码,我可以复制数据,重新初始化 bss,只要我的别名部分小于可执行文件的总 bss,就无需为特权支付任何费用。有几个问题是我根本无法真正更改 crt,而且我可以注入代码的最早点仍然是在 tls 初始化(使用了一些 bss)之后,但没有什么是不可能解决的。

我仍然对它的工作感到惊讶,我原以为在加载所有程序部分后,bss 是由 crt 初始化的。我没有在可以访问加载程序或 crt 源的任何平台上尝试过它。

于 2010-11-12T17:15:37.123 回答