Deleted Added
sdiff udiff text old ( 139743 ) new ( 140751 )
full compact
pe_var.h (139743) pe_var.h (140751)
1/*-
2 * Copyright (c) 2003
3 * Bill Paul <wpaul@windriver.com>. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by Bill Paul.
16 * 4. Neither the name of the author nor the names of any co-contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
19 *
20 * THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL Bill Paul OR THE VOICES IN HIS HEAD
24 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
30 * THE POSSIBILITY OF SUCH DAMAGE.
31 *
1/*-
2 * Copyright (c) 2003
3 * Bill Paul <wpaul@windriver.com>. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by Bill Paul.
16 * 4. Neither the name of the author nor the names of any co-contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
19 *
20 * THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL Bill Paul OR THE VOICES IN HIS HEAD
24 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
30 * THE POSSIBILITY OF SUCH DAMAGE.
31 *
32 * $FreeBSD: head/sys/compat/ndis/pe_var.h 139743 2005-01-05 22:34:37Z imp $
32 * $FreeBSD: head/sys/compat/ndis/pe_var.h 140751 2005-01-24 18:18:12Z wpaul $
33 */
34
35#ifndef _PE_VAR_H_
36#define _PE_VAR_H_
37
38/*
39 * Image Format
40 */
41
42#define IMAGE_DOS_SIGNATURE 0x5A4D /* MZ */
43#define IMAGE_OS2_SIGNATURE 0x454E /* NE */
44#define IMAGE_OS2_SIGNATURE_LE 0x454C /* LE */
45#define IMAGE_VXD_SIGNATURE 0x454C /* LE */
46#define IMAGE_NT_SIGNATURE 0x00004550 /* PE00 */
47
48/*
49 * All PE files have one of these, just so if you attempt to
50 * run them, they'll print out a message telling you they can
51 * only be run in Windows.
52 */
53
54struct image_dos_header {
55 uint16_t idh_magic; /* Magic number */
56 uint16_t idh_cblp; /* Bytes on last page of file */
57 uint16_t idh_cp; /* Pages in file */
58 uint16_t idh_crlc; /* Relocations */
59 uint16_t idh_cparhdr; /* Size of header in paragraphs */
60 uint16_t idh_minalloc; /* Minimum extra paragraphs needed */
61 uint16_t idh_maxalloc; /* Maximum extra paragraphs needed */
62 uint16_t idh_ss; /* Initial (relative) SS value */
63 uint16_t idh_sp; /* Initial SP value */
64 uint16_t idh_csum; /* Checksum */
65 uint16_t idh_ip; /* Initial IP value */
66 uint16_t idh_cs; /* Initial (relative) CS value */
67 uint16_t idh_lfarlc; /* File address of relocation table */
68 uint16_t idh_ovno; /* Overlay number */
69 uint16_t idh_rsvd1[4]; /* Reserved words */
70 uint16_t idh_oemid; /* OEM identifier (for idh_oeminfo) */
71 uint16_t idh_oeminfo; /* OEM information; oemid specific */
72 uint16_t idh_rsvd2[10]; /* Reserved words */
73 uint32_t idh_lfanew; /* File address of new exe header */
74};
75
76typedef struct image_dos_header image_dos_header;
77
78/*
79 * File header format.
80 */
81
82struct image_file_header {
83 uint16_t ifh_machine; /* Machine type */
84 uint16_t ifh_numsections; /* # of sections */
85 uint32_t ifh_timestamp; /* Date/time stamp */
86 uint32_t ifh_symtblptr; /* Offset to symbol table */
87 uint32_t ifh_numsyms; /* # of symbols */
88 uint16_t ifh_optionalhdrlen; /* Size of optional header */
89 uint16_t ifh_characteristics; /* Characteristics */
90};
91
92typedef struct image_file_header image_file_header;
93
94/* Machine types */
95
96#define IMAGE_FILE_MACHINE_UNKNOWN 0
97#define IMAGE_FILE_MACHINE_I860 0x014d
98#define IMAGE_FILE_MACHINE_I386 0x014c
99#define IMAGE_FILE_MACHINE_R3000 0x0162
100#define IMAGE_FILE_MACHINE_R4000 0x0166
101#define IMAGE_FILE_MACHINE_R10000 0x0168
102#define IMAGE_FILE_MACHINE_WCEMIPSV2 0x0169
103#define IMAGE_FILE_MACHINE_ALPHA 0x0184
104#define IMAGE_FILE_MACHINE_SH3 0x01a2
105#define IMAGE_FILE_MACHINE_SH3DSP 0x01a3
106#define IMAGE_FILE_MACHINE_SH3E 0x01a4
107#define IMAGE_FILE_MACHINE_SH4 0x01a6
108#define IMAGE_FILE_MACHINE_SH5 0x01a8
109#define IMAGE_FILE_MACHINE_ARM 0x01c0
110#define IMAGE_FILE_MACHINE_THUMB 0x01c2
111#define IMAGE_FILE_MACHINE_AM33 0x01d3
112#define IMAGE_FILE_MACHINE_POWERPC 0x01f0
113#define IMAGE_FILE_MACHINE_POWERPCFP 0x01f1
114#define IMAGE_FILE_MACHINE_IA64 0x0200
115#define IMAGE_FILE_MACHINE_MIPS16 0x0266
116#define IMAGE_FILE_MACHINE_ALPHA64 0x0284
117#define IMAGE_FILE_MACHINE_MIPSFPU 0x0366
118#define IMAGE_FILE_MACHINE_MIPSFPU16 0x0466
119#define IMAGE_FILE_MACHINE_AXP64 IMAGE_FILE_MACHINE_ALPHA64
120#define IMAGE_FILE_MACHINE_TRICORE 0x0520
121#define IMAGE_FILE_MACHINE_CEF 0x0cef
122#define IMAGE_FILE_MACHINE_EBC 0x0ebc
123#define IMAGE_FILE_MACHINE_AMD64 0x8664
124#define IMAGE_FILE_MACHINE_M32R 0x9041
125#define IMAGE_FILE_MACHINE_CEE 0xc0ee
126
127/* Characteristics */
128
129#define IMAGE_FILE_RELOCS_STRIPPED 0x0001 /* No relocation info */
130#define IMAGE_FILE_EXECUTABLE_IMAGE 0x0002
131#define IMAGE_FILE_LINE_NUMS_STRIPPED 0x0004
132#define IMAGE_FILE_LOCAL_SYMS_STRIPPED 0x0008
133#define IMAGE_FILE_AGGRESIVE_WS_TRIM 0x0010
134#define IMAGE_FILE_LARGE_ADDRESS_AWARE 0x0020
135#define IMAGE_FILE_16BIT_MACHINE 0x0040
136#define IMAGE_FILE_BYTES_REVERSED_LO 0x0080
137#define IMAGE_FILE_32BIT_MACHINE 0x0100
138#define IMAGE_FILE_DEBUG_STRIPPED 0x0200
139#define IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP 0x0400
140#define IMAGE_FILE_NET_RUN_FROM_SWAP 0x0800
141#define IMAGE_FILE_SYSTEM 0x1000
142#define IMAGE_FILE_DLL 0x2000
143#define IMAGE_FILE_UP_SYSTEM_ONLY 0x4000
144#define IMAGE_FILE_BYTES_REVERSED_HI 0x8000
145
146#define IMAGE_SIZEOF_FILE_HEADER 20
147
148/*
149 * Directory format.
150 */
151
152struct image_data_directory {
153 uint32_t idd_vaddr; /* virtual address */
154 uint32_t idd_size; /* size */
155};
156
157typedef struct image_data_directory image_data_directory;
158
159#define IMAGE_DIRECTORY_ENTRIES_MAX 16
160
161/*
162 * Optional header format.
163 */
164
165struct image_optional_header {
166
167 /* Standard fields */
168
169 uint16_t ioh_magic;
170 uint8_t ioh_linkerver_major;
171 uint8_t ioh_linkerver_minor;
172 uint32_t ioh_codesize;
173 uint32_t ioh_datasize;
174 uint32_t ioh_bsssize;
175 uint32_t ioh_entryaddr;
176 uint32_t ioh_codebaseaddr;
177 uint32_t ioh_databaseaddr;
178
179 /* NT-specific fields */
180
181 uint32_t ioh_imagebase;
182 uint32_t ioh_sectalign;
183 uint32_t ioh_filealign;
184 uint16_t ioh_osver_major;
185 uint16_t ioh_osver_minor;
186 uint16_t ioh_imagever_major;
187 uint16_t ioh_imagever_minor;
188 uint16_t ioh_subsys_major;
189 uint16_t ioh_subsys_minor;
190 uint32_t ioh_win32ver;
191 uint32_t ioh_imagesize;
192 uint32_t ioh_headersize;
193 uint32_t ioh_csum;
194 uint16_t ioh_subsys;
195 uint16_t ioh_dll_characteristics;
196 uint32_t ioh_stackreservesize;
197 uint32_t ioh_stackcommitsize;
198 uint32_t ioh_heapreservesize;
199 uint32_t ioh_heapcommitsize;
200 uint16_t ioh_loaderflags;
201 uint32_t ioh_rva_size_cnt;
202 image_data_directory ioh_datadir[IMAGE_DIRECTORY_ENTRIES_MAX];
203};
204
205typedef struct image_optional_header image_optional_header;
206
207struct image_nt_header {
208 uint32_t inh_signature;
209 image_file_header inh_filehdr;
210 image_optional_header inh_optionalhdr;
211};
212
213typedef struct image_nt_header image_nt_header;
214
215/* Directory Entries */
216
217#define IMAGE_DIRECTORY_ENTRY_EXPORT 0 /* Export Directory */
218#define IMAGE_DIRECTORY_ENTRY_IMPORT 1 /* Import Directory */
219#define IMAGE_DIRECTORY_ENTRY_RESOURCE 2 /* Resource Directory */
220#define IMAGE_DIRECTORY_ENTRY_EXCEPTION 3 /* Exception Directory */
221#define IMAGE_DIRECTORY_ENTRY_SECURITY 4 /* Security Directory */
222#define IMAGE_DIRECTORY_ENTRY_BASERELOC 5 /* Base Relocation Table */
223#define IMAGE_DIRECTORY_ENTRY_DEBUG 6 /* Debug Directory */
224#define IMAGE_DIRECTORY_ENTRY_COPYRIGHT 7 /* Description String */
225#define IMAGE_DIRECTORY_ENTRY_GLOBALPTR 8 /* Machine Value (MIPS GP) */
226#define IMAGE_DIRECTORY_ENTRY_TLS 9 /* TLS Directory */
227#define IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG 10 /* Load Configuration Directory */
228#define IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT 11 /* Bound Import Directory in headers */
229#define IMAGE_DIRECTORY_ENTRY_IAT 12 /* Import Address Table */
230#define IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT 13
231#define IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR 14
232
233/* Resource types */
234
235#define RT_CURSOR 1
236#define RT_BITMAP 2
237#define RT_ICON 3
238#define RT_MENU 4
239#define RT_DIALOG 5
240#define RT_STRING 6
241#define RT_FONTDIR 7
242#define RT_FONT 8
243#define RT_ACCELERATOR 9
244#define RT_RCDATA 10
245#define RT_MESSAGETABLE 11
246#define RT_GROUP_CURSOR 12
247#define RT_GROUP_ICON 14
248#define RT_VERSION 16
249#define RT_DLGINCLUDE 17
250#define RT_PLUGPLAY 19
251#define RT_VXD 20
252#define RT_ANICURSOR 21
253#define RT_ANIICON 22
254#define RT_HTML 23
255
256/*
257 * Section header format.
258 */
259
260#define IMAGE_SHORT_NAME_LEN 8
261
262struct image_section_header {
263 uint8_t ish_name[IMAGE_SHORT_NAME_LEN];
264 union {
265 uint32_t ish_paddr;
266 uint32_t ish_vsize;
267 } ish_misc;
268 uint32_t ish_vaddr;
269 uint32_t ish_rawdatasize;
270 uint32_t ish_rawdataaddr;
271 uint32_t ish_relocaddr;
272 uint32_t ish_linenumaddr;
273 uint16_t ish_numrelocs;
274 uint16_t ish_numlinenums;
275 uint32_t ish_characteristics;
276};
277
278typedef struct image_section_header image_section_header;
279
280#define IMAGE_SIZEOF_SECTION_HEADER 40
281
282/*
283 * Import format
284 */
285
286struct image_import_by_name {
287 uint16_t iibn_hint;
288 u_int8_t iibn_name[1];
289};
290
291#define IMAGE_ORDINAL_FLAG 0x80000000
292#define IMAGE_ORDINAL(Ordinal) (Ordinal & 0xffff)
293
294struct image_import_descriptor {
295 uint32_t iid_import_name_table_addr;
296 uint32_t iid_timestamp;
297 uint32_t iid_forwardchain;
298 uint32_t iid_nameaddr;
299 uint32_t iid_import_address_table_addr;
300};
301
302typedef struct image_import_descriptor image_import_descriptor;
303
304struct image_base_reloc {
305 uint32_t ibr_vaddr;
306 uint32_t ibr_blocksize;
307 uint16_t ibr_rel[1];
308};
309
310typedef struct image_base_reloc image_base_reloc;
311
312#define IMR_RELTYPE(x) ((x >> 12) & 0xF)
313#define IMR_RELOFFSET(x) (x & 0xFFF)
314
315/* generic relocation types */
316#define IMAGE_REL_BASED_ABSOLUTE 0
317#define IMAGE_REL_BASED_HIGH 1
318#define IMAGE_REL_BASED_LOW 2
319#define IMAGE_REL_BASED_HIGHLOW 3
320#define IMAGE_REL_BASED_HIGHADJ 4
321#define IMAGE_REL_BASED_MIPS_JMPADDR 5
322#define IMAGE_REL_BASED_SECTION 6
323#define IMAGE_REL_BASED_REL 7
324#define IMAGE_REL_BASED_MIPS_JMPADDR16 9
325#define IMAGE_REL_BASED_IA64_IMM64 9 /* yes, 9 too */
326#define IMAGE_REL_BASED_DIR64 10
327#define IMAGE_REL_BASED_HIGH3ADJ 11
328
329struct image_resource_directory_entry {
330 uint32_t irde_name;
331 uint32_t irde_dataoff;
332};
333
334typedef struct image_resource_directory_entry image_resource_directory_entry;
335
336#define RESOURCE_NAME_STR 0x80000000
337#define RESOURCE_DIR_FLAG 0x80000000
338
339struct image_resource_directory {
340 uint32_t ird_characteristics;
341 uint32_t ird_timestamp;
342 uint16_t ird_majorver;
343 uint16_t ird_minorver;
344 uint16_t ird_named_entries;
345 uint16_t ird_id_entries;
346#ifdef notdef
347 image_resource_directory_entry ird_entries[1];
348#endif
349};
350
351typedef struct image_resource_directory image_resource_directory;
352
353struct image_resource_directory_string {
354 uint16_t irds_len;
355 char irds_name[1];
356};
357
358typedef struct image_resource_directory_string image_resource_directory_string;
359
360struct image_resource_directory_string_u {
361 uint16_t irds_len;
362 char irds_name[1];
363};
364
365typedef struct image_resource_directory_string_u
366 image_resource_directory_string_u;
367
368struct image_resource_data_entry {
369 uint32_t irde_offset;
370 uint32_t irde_size;
371 uint32_t irde_codepage;
372 uint32_t irde_rsvd;
373};
374
375typedef struct image_resource_data_entry image_resource_data_entry;
376
377struct message_resource_data {
378 uint32_t mrd_numblocks;
379#ifdef notdef
380 message_resource_block mrd_blocks[1];
381#endif
382};
383
384typedef struct message_resource_data message_resource_data;
385
386struct message_resource_block {
387 uint32_t mrb_lowid;
388 uint32_t mrb_highid;
389 uint32_t mrb_entryoff;
390};
391
392typedef struct message_resource_block message_resource_block;
393
394struct message_resource_entry {
395 uint16_t mre_len;
396 uint16_t mre_flags;
397 char mre_text[];
398};
399
400typedef struct message_resource_entry message_resource_entry;
401
402#define MESSAGE_RESOURCE_UNICODE 0x0001
403
404struct image_patch_table {
405 char *ipt_name;
406 void (*ipt_func)(void);
407};
408
409typedef struct image_patch_table image_patch_table;
410
411/*
412 * Note: Windows uses the _stdcall calling convention. This means
413 * that the callback functions provided in the function table must
414 * be declared using __attribute__((__stdcall__)), otherwise the
415 * Windows code will likely screw up the %esp register and cause
416 * us to jump to an invalid address when it returns.
417 */
418
419#ifdef __amd64__
420#define __stdcall
421#define __regcall
422#define __fastcall
423#define REGARGS1(decl1) decl1
424#define REGARGS2(decl1, decl2) decl1, decl2
425#define REGCALL1(arg1) arg1
426#define REGCALL2(arg1, arg2) arg1, arg2
427#else
428#define __stdcall __attribute__((__stdcall__))
429#define __regcall __attribute__((__regparm__(3)))
430#define __fastcall __stdcall __regcall
431#define REGARGS1(decl1) int dummy1, int dummy2, decl1
432#define REGARGS2(decl1, decl2) int dummy1, decl2, decl1
433#define REGCALL1(arg1) 0, 0, arg1
434#define REGCALL2(arg1, arg2) 0, arg2, arg1
435#endif
436
437
438/*
439 * This mess allows us to call a _fastcall style routine with our
440 * version of gcc, which lacks __attribute__((__fastcall__)). Only
441 * has meaning on x86; everywhere else, it's a no-op.
442 */
443
444#ifdef __i386__
445typedef __fastcall int (*fcall1)(REGARGS1(uint32_t));
446typedef __fastcall int (*fcall2)(REGARGS2(uint32_t, uint32_t));
447typedef __fastcall int (*fcall3)(REGARGS2(uint32_t, uint32_t), uint32_t);
448
449static __inline uint32_t
450fastcall1(fcall1 f, uint32_t a)
451{
452 return(f(REGCALL1(a)));
453}
454
455static __inline uint32_t
456fastcall2(fcall2 f, uint32_t a, uint32_t b)
457{
458 return(f(REGCALL2(a, b)));
459}
460
461static __inline uint32_t
462fastcall3(fcall3 f, uint32_t a, uint32_t b, uint32_t c)
463{
464 return(f(REGCALL2(a, b), c));
465}
466
467#define FASTCALL1(f, a) \
468 fastcall1((fcall1)(f), (uint32_t)(a))
469#define FASTCALL2(f, a, b) \
470 fastcall2((fcall2)(f), (uint32_t)(a), (uint32_t)(b))
471#define FASTCALL3(f, a, b, c) \
472 fastcall3((fcall3)(f), (uint32_t)(a), (uint32_t)(b), (uint32_t)(c))
473#else
474#define FASTCALL1(f, a) (f)((a))
475#define FASTCALL2(f, a, b) (f)((a), (b))
476#define FASTCALL3(f, a, b, c) (f)((a), (b), (c))
477#endif /* __i386__ */
478
33 */
34
35#ifndef _PE_VAR_H_
36#define _PE_VAR_H_
37
38/*
39 * Image Format
40 */
41
42#define IMAGE_DOS_SIGNATURE 0x5A4D /* MZ */
43#define IMAGE_OS2_SIGNATURE 0x454E /* NE */
44#define IMAGE_OS2_SIGNATURE_LE 0x454C /* LE */
45#define IMAGE_VXD_SIGNATURE 0x454C /* LE */
46#define IMAGE_NT_SIGNATURE 0x00004550 /* PE00 */
47
48/*
49 * All PE files have one of these, just so if you attempt to
50 * run them, they'll print out a message telling you they can
51 * only be run in Windows.
52 */
53
54struct image_dos_header {
55 uint16_t idh_magic; /* Magic number */
56 uint16_t idh_cblp; /* Bytes on last page of file */
57 uint16_t idh_cp; /* Pages in file */
58 uint16_t idh_crlc; /* Relocations */
59 uint16_t idh_cparhdr; /* Size of header in paragraphs */
60 uint16_t idh_minalloc; /* Minimum extra paragraphs needed */
61 uint16_t idh_maxalloc; /* Maximum extra paragraphs needed */
62 uint16_t idh_ss; /* Initial (relative) SS value */
63 uint16_t idh_sp; /* Initial SP value */
64 uint16_t idh_csum; /* Checksum */
65 uint16_t idh_ip; /* Initial IP value */
66 uint16_t idh_cs; /* Initial (relative) CS value */
67 uint16_t idh_lfarlc; /* File address of relocation table */
68 uint16_t idh_ovno; /* Overlay number */
69 uint16_t idh_rsvd1[4]; /* Reserved words */
70 uint16_t idh_oemid; /* OEM identifier (for idh_oeminfo) */
71 uint16_t idh_oeminfo; /* OEM information; oemid specific */
72 uint16_t idh_rsvd2[10]; /* Reserved words */
73 uint32_t idh_lfanew; /* File address of new exe header */
74};
75
76typedef struct image_dos_header image_dos_header;
77
78/*
79 * File header format.
80 */
81
82struct image_file_header {
83 uint16_t ifh_machine; /* Machine type */
84 uint16_t ifh_numsections; /* # of sections */
85 uint32_t ifh_timestamp; /* Date/time stamp */
86 uint32_t ifh_symtblptr; /* Offset to symbol table */
87 uint32_t ifh_numsyms; /* # of symbols */
88 uint16_t ifh_optionalhdrlen; /* Size of optional header */
89 uint16_t ifh_characteristics; /* Characteristics */
90};
91
92typedef struct image_file_header image_file_header;
93
94/* Machine types */
95
96#define IMAGE_FILE_MACHINE_UNKNOWN 0
97#define IMAGE_FILE_MACHINE_I860 0x014d
98#define IMAGE_FILE_MACHINE_I386 0x014c
99#define IMAGE_FILE_MACHINE_R3000 0x0162
100#define IMAGE_FILE_MACHINE_R4000 0x0166
101#define IMAGE_FILE_MACHINE_R10000 0x0168
102#define IMAGE_FILE_MACHINE_WCEMIPSV2 0x0169
103#define IMAGE_FILE_MACHINE_ALPHA 0x0184
104#define IMAGE_FILE_MACHINE_SH3 0x01a2
105#define IMAGE_FILE_MACHINE_SH3DSP 0x01a3
106#define IMAGE_FILE_MACHINE_SH3E 0x01a4
107#define IMAGE_FILE_MACHINE_SH4 0x01a6
108#define IMAGE_FILE_MACHINE_SH5 0x01a8
109#define IMAGE_FILE_MACHINE_ARM 0x01c0
110#define IMAGE_FILE_MACHINE_THUMB 0x01c2
111#define IMAGE_FILE_MACHINE_AM33 0x01d3
112#define IMAGE_FILE_MACHINE_POWERPC 0x01f0
113#define IMAGE_FILE_MACHINE_POWERPCFP 0x01f1
114#define IMAGE_FILE_MACHINE_IA64 0x0200
115#define IMAGE_FILE_MACHINE_MIPS16 0x0266
116#define IMAGE_FILE_MACHINE_ALPHA64 0x0284
117#define IMAGE_FILE_MACHINE_MIPSFPU 0x0366
118#define IMAGE_FILE_MACHINE_MIPSFPU16 0x0466
119#define IMAGE_FILE_MACHINE_AXP64 IMAGE_FILE_MACHINE_ALPHA64
120#define IMAGE_FILE_MACHINE_TRICORE 0x0520
121#define IMAGE_FILE_MACHINE_CEF 0x0cef
122#define IMAGE_FILE_MACHINE_EBC 0x0ebc
123#define IMAGE_FILE_MACHINE_AMD64 0x8664
124#define IMAGE_FILE_MACHINE_M32R 0x9041
125#define IMAGE_FILE_MACHINE_CEE 0xc0ee
126
127/* Characteristics */
128
129#define IMAGE_FILE_RELOCS_STRIPPED 0x0001 /* No relocation info */
130#define IMAGE_FILE_EXECUTABLE_IMAGE 0x0002
131#define IMAGE_FILE_LINE_NUMS_STRIPPED 0x0004
132#define IMAGE_FILE_LOCAL_SYMS_STRIPPED 0x0008
133#define IMAGE_FILE_AGGRESIVE_WS_TRIM 0x0010
134#define IMAGE_FILE_LARGE_ADDRESS_AWARE 0x0020
135#define IMAGE_FILE_16BIT_MACHINE 0x0040
136#define IMAGE_FILE_BYTES_REVERSED_LO 0x0080
137#define IMAGE_FILE_32BIT_MACHINE 0x0100
138#define IMAGE_FILE_DEBUG_STRIPPED 0x0200
139#define IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP 0x0400
140#define IMAGE_FILE_NET_RUN_FROM_SWAP 0x0800
141#define IMAGE_FILE_SYSTEM 0x1000
142#define IMAGE_FILE_DLL 0x2000
143#define IMAGE_FILE_UP_SYSTEM_ONLY 0x4000
144#define IMAGE_FILE_BYTES_REVERSED_HI 0x8000
145
146#define IMAGE_SIZEOF_FILE_HEADER 20
147
148/*
149 * Directory format.
150 */
151
152struct image_data_directory {
153 uint32_t idd_vaddr; /* virtual address */
154 uint32_t idd_size; /* size */
155};
156
157typedef struct image_data_directory image_data_directory;
158
159#define IMAGE_DIRECTORY_ENTRIES_MAX 16
160
161/*
162 * Optional header format.
163 */
164
165struct image_optional_header {
166
167 /* Standard fields */
168
169 uint16_t ioh_magic;
170 uint8_t ioh_linkerver_major;
171 uint8_t ioh_linkerver_minor;
172 uint32_t ioh_codesize;
173 uint32_t ioh_datasize;
174 uint32_t ioh_bsssize;
175 uint32_t ioh_entryaddr;
176 uint32_t ioh_codebaseaddr;
177 uint32_t ioh_databaseaddr;
178
179 /* NT-specific fields */
180
181 uint32_t ioh_imagebase;
182 uint32_t ioh_sectalign;
183 uint32_t ioh_filealign;
184 uint16_t ioh_osver_major;
185 uint16_t ioh_osver_minor;
186 uint16_t ioh_imagever_major;
187 uint16_t ioh_imagever_minor;
188 uint16_t ioh_subsys_major;
189 uint16_t ioh_subsys_minor;
190 uint32_t ioh_win32ver;
191 uint32_t ioh_imagesize;
192 uint32_t ioh_headersize;
193 uint32_t ioh_csum;
194 uint16_t ioh_subsys;
195 uint16_t ioh_dll_characteristics;
196 uint32_t ioh_stackreservesize;
197 uint32_t ioh_stackcommitsize;
198 uint32_t ioh_heapreservesize;
199 uint32_t ioh_heapcommitsize;
200 uint16_t ioh_loaderflags;
201 uint32_t ioh_rva_size_cnt;
202 image_data_directory ioh_datadir[IMAGE_DIRECTORY_ENTRIES_MAX];
203};
204
205typedef struct image_optional_header image_optional_header;
206
207struct image_nt_header {
208 uint32_t inh_signature;
209 image_file_header inh_filehdr;
210 image_optional_header inh_optionalhdr;
211};
212
213typedef struct image_nt_header image_nt_header;
214
215/* Directory Entries */
216
217#define IMAGE_DIRECTORY_ENTRY_EXPORT 0 /* Export Directory */
218#define IMAGE_DIRECTORY_ENTRY_IMPORT 1 /* Import Directory */
219#define IMAGE_DIRECTORY_ENTRY_RESOURCE 2 /* Resource Directory */
220#define IMAGE_DIRECTORY_ENTRY_EXCEPTION 3 /* Exception Directory */
221#define IMAGE_DIRECTORY_ENTRY_SECURITY 4 /* Security Directory */
222#define IMAGE_DIRECTORY_ENTRY_BASERELOC 5 /* Base Relocation Table */
223#define IMAGE_DIRECTORY_ENTRY_DEBUG 6 /* Debug Directory */
224#define IMAGE_DIRECTORY_ENTRY_COPYRIGHT 7 /* Description String */
225#define IMAGE_DIRECTORY_ENTRY_GLOBALPTR 8 /* Machine Value (MIPS GP) */
226#define IMAGE_DIRECTORY_ENTRY_TLS 9 /* TLS Directory */
227#define IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG 10 /* Load Configuration Directory */
228#define IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT 11 /* Bound Import Directory in headers */
229#define IMAGE_DIRECTORY_ENTRY_IAT 12 /* Import Address Table */
230#define IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT 13
231#define IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR 14
232
233/* Resource types */
234
235#define RT_CURSOR 1
236#define RT_BITMAP 2
237#define RT_ICON 3
238#define RT_MENU 4
239#define RT_DIALOG 5
240#define RT_STRING 6
241#define RT_FONTDIR 7
242#define RT_FONT 8
243#define RT_ACCELERATOR 9
244#define RT_RCDATA 10
245#define RT_MESSAGETABLE 11
246#define RT_GROUP_CURSOR 12
247#define RT_GROUP_ICON 14
248#define RT_VERSION 16
249#define RT_DLGINCLUDE 17
250#define RT_PLUGPLAY 19
251#define RT_VXD 20
252#define RT_ANICURSOR 21
253#define RT_ANIICON 22
254#define RT_HTML 23
255
256/*
257 * Section header format.
258 */
259
260#define IMAGE_SHORT_NAME_LEN 8
261
262struct image_section_header {
263 uint8_t ish_name[IMAGE_SHORT_NAME_LEN];
264 union {
265 uint32_t ish_paddr;
266 uint32_t ish_vsize;
267 } ish_misc;
268 uint32_t ish_vaddr;
269 uint32_t ish_rawdatasize;
270 uint32_t ish_rawdataaddr;
271 uint32_t ish_relocaddr;
272 uint32_t ish_linenumaddr;
273 uint16_t ish_numrelocs;
274 uint16_t ish_numlinenums;
275 uint32_t ish_characteristics;
276};
277
278typedef struct image_section_header image_section_header;
279
280#define IMAGE_SIZEOF_SECTION_HEADER 40
281
282/*
283 * Import format
284 */
285
286struct image_import_by_name {
287 uint16_t iibn_hint;
288 u_int8_t iibn_name[1];
289};
290
291#define IMAGE_ORDINAL_FLAG 0x80000000
292#define IMAGE_ORDINAL(Ordinal) (Ordinal & 0xffff)
293
294struct image_import_descriptor {
295 uint32_t iid_import_name_table_addr;
296 uint32_t iid_timestamp;
297 uint32_t iid_forwardchain;
298 uint32_t iid_nameaddr;
299 uint32_t iid_import_address_table_addr;
300};
301
302typedef struct image_import_descriptor image_import_descriptor;
303
304struct image_base_reloc {
305 uint32_t ibr_vaddr;
306 uint32_t ibr_blocksize;
307 uint16_t ibr_rel[1];
308};
309
310typedef struct image_base_reloc image_base_reloc;
311
312#define IMR_RELTYPE(x) ((x >> 12) & 0xF)
313#define IMR_RELOFFSET(x) (x & 0xFFF)
314
315/* generic relocation types */
316#define IMAGE_REL_BASED_ABSOLUTE 0
317#define IMAGE_REL_BASED_HIGH 1
318#define IMAGE_REL_BASED_LOW 2
319#define IMAGE_REL_BASED_HIGHLOW 3
320#define IMAGE_REL_BASED_HIGHADJ 4
321#define IMAGE_REL_BASED_MIPS_JMPADDR 5
322#define IMAGE_REL_BASED_SECTION 6
323#define IMAGE_REL_BASED_REL 7
324#define IMAGE_REL_BASED_MIPS_JMPADDR16 9
325#define IMAGE_REL_BASED_IA64_IMM64 9 /* yes, 9 too */
326#define IMAGE_REL_BASED_DIR64 10
327#define IMAGE_REL_BASED_HIGH3ADJ 11
328
329struct image_resource_directory_entry {
330 uint32_t irde_name;
331 uint32_t irde_dataoff;
332};
333
334typedef struct image_resource_directory_entry image_resource_directory_entry;
335
336#define RESOURCE_NAME_STR 0x80000000
337#define RESOURCE_DIR_FLAG 0x80000000
338
339struct image_resource_directory {
340 uint32_t ird_characteristics;
341 uint32_t ird_timestamp;
342 uint16_t ird_majorver;
343 uint16_t ird_minorver;
344 uint16_t ird_named_entries;
345 uint16_t ird_id_entries;
346#ifdef notdef
347 image_resource_directory_entry ird_entries[1];
348#endif
349};
350
351typedef struct image_resource_directory image_resource_directory;
352
353struct image_resource_directory_string {
354 uint16_t irds_len;
355 char irds_name[1];
356};
357
358typedef struct image_resource_directory_string image_resource_directory_string;
359
360struct image_resource_directory_string_u {
361 uint16_t irds_len;
362 char irds_name[1];
363};
364
365typedef struct image_resource_directory_string_u
366 image_resource_directory_string_u;
367
368struct image_resource_data_entry {
369 uint32_t irde_offset;
370 uint32_t irde_size;
371 uint32_t irde_codepage;
372 uint32_t irde_rsvd;
373};
374
375typedef struct image_resource_data_entry image_resource_data_entry;
376
377struct message_resource_data {
378 uint32_t mrd_numblocks;
379#ifdef notdef
380 message_resource_block mrd_blocks[1];
381#endif
382};
383
384typedef struct message_resource_data message_resource_data;
385
386struct message_resource_block {
387 uint32_t mrb_lowid;
388 uint32_t mrb_highid;
389 uint32_t mrb_entryoff;
390};
391
392typedef struct message_resource_block message_resource_block;
393
394struct message_resource_entry {
395 uint16_t mre_len;
396 uint16_t mre_flags;
397 char mre_text[];
398};
399
400typedef struct message_resource_entry message_resource_entry;
401
402#define MESSAGE_RESOURCE_UNICODE 0x0001
403
404struct image_patch_table {
405 char *ipt_name;
406 void (*ipt_func)(void);
407};
408
409typedef struct image_patch_table image_patch_table;
410
411/*
412 * Note: Windows uses the _stdcall calling convention. This means
413 * that the callback functions provided in the function table must
414 * be declared using __attribute__((__stdcall__)), otherwise the
415 * Windows code will likely screw up the %esp register and cause
416 * us to jump to an invalid address when it returns.
417 */
418
419#ifdef __amd64__
420#define __stdcall
421#define __regcall
422#define __fastcall
423#define REGARGS1(decl1) decl1
424#define REGARGS2(decl1, decl2) decl1, decl2
425#define REGCALL1(arg1) arg1
426#define REGCALL2(arg1, arg2) arg1, arg2
427#else
428#define __stdcall __attribute__((__stdcall__))
429#define __regcall __attribute__((__regparm__(3)))
430#define __fastcall __stdcall __regcall
431#define REGARGS1(decl1) int dummy1, int dummy2, decl1
432#define REGARGS2(decl1, decl2) int dummy1, decl2, decl1
433#define REGCALL1(arg1) 0, 0, arg1
434#define REGCALL2(arg1, arg2) 0, arg2, arg1
435#endif
436
437
438/*
439 * This mess allows us to call a _fastcall style routine with our
440 * version of gcc, which lacks __attribute__((__fastcall__)). Only
441 * has meaning on x86; everywhere else, it's a no-op.
442 */
443
444#ifdef __i386__
445typedef __fastcall int (*fcall1)(REGARGS1(uint32_t));
446typedef __fastcall int (*fcall2)(REGARGS2(uint32_t, uint32_t));
447typedef __fastcall int (*fcall3)(REGARGS2(uint32_t, uint32_t), uint32_t);
448
449static __inline uint32_t
450fastcall1(fcall1 f, uint32_t a)
451{
452 return(f(REGCALL1(a)));
453}
454
455static __inline uint32_t
456fastcall2(fcall2 f, uint32_t a, uint32_t b)
457{
458 return(f(REGCALL2(a, b)));
459}
460
461static __inline uint32_t
462fastcall3(fcall3 f, uint32_t a, uint32_t b, uint32_t c)
463{
464 return(f(REGCALL2(a, b), c));
465}
466
467#define FASTCALL1(f, a) \
468 fastcall1((fcall1)(f), (uint32_t)(a))
469#define FASTCALL2(f, a, b) \
470 fastcall2((fcall2)(f), (uint32_t)(a), (uint32_t)(b))
471#define FASTCALL3(f, a, b, c) \
472 fastcall3((fcall3)(f), (uint32_t)(a), (uint32_t)(b), (uint32_t)(c))
473#else
474#define FASTCALL1(f, a) (f)((a))
475#define FASTCALL2(f, a, b) (f)((a), (b))
476#define FASTCALL3(f, a, b, c) (f)((a), (b), (c))
477#endif /* __i386__ */
478
479#define FUNC void(*)(void)
480#define IMPORT_FUNC(x) { #x, (FUNC)x }
481#define IMPORT_FUNC_MAP(x, y) { #x, (FUNC)y }
482
479__BEGIN_DECLS
480extern int pe_get_dos_header(vm_offset_t, image_dos_header *);
481extern int pe_is_nt_image(vm_offset_t);
482extern int pe_get_optional_header(vm_offset_t, image_optional_header *);
483extern int pe_get_file_header(vm_offset_t, image_file_header *);
484extern int pe_get_section_header(vm_offset_t, image_section_header *);
485extern int pe_numsections(vm_offset_t);
486extern vm_offset_t pe_imagebase(vm_offset_t);
487extern vm_offset_t pe_directory_offset(vm_offset_t, uint32_t);
488extern vm_offset_t pe_translate_addr (vm_offset_t, uint32_t);
489extern int pe_get_section(vm_offset_t, image_section_header *, const char *);
490extern int pe_relocate(vm_offset_t);
491extern int pe_get_import_descriptor(vm_offset_t, image_import_descriptor *, char *);
492extern int pe_patch_imports(vm_offset_t, char *, image_patch_table *);
493extern int pe_get_messagetable(vm_offset_t, message_resource_data **);
494extern int pe_get_message(vm_offset_t, uint32_t, char **, int *, uint16_t *);
495__END_DECLS
496
497#endif /* _PE_VAR_H_ */
483__BEGIN_DECLS
484extern int pe_get_dos_header(vm_offset_t, image_dos_header *);
485extern int pe_is_nt_image(vm_offset_t);
486extern int pe_get_optional_header(vm_offset_t, image_optional_header *);
487extern int pe_get_file_header(vm_offset_t, image_file_header *);
488extern int pe_get_section_header(vm_offset_t, image_section_header *);
489extern int pe_numsections(vm_offset_t);
490extern vm_offset_t pe_imagebase(vm_offset_t);
491extern vm_offset_t pe_directory_offset(vm_offset_t, uint32_t);
492extern vm_offset_t pe_translate_addr (vm_offset_t, uint32_t);
493extern int pe_get_section(vm_offset_t, image_section_header *, const char *);
494extern int pe_relocate(vm_offset_t);
495extern int pe_get_import_descriptor(vm_offset_t, image_import_descriptor *, char *);
496extern int pe_patch_imports(vm_offset_t, char *, image_patch_table *);
497extern int pe_get_messagetable(vm_offset_t, message_resource_data **);
498extern int pe_get_message(vm_offset_t, uint32_t, char **, int *, uint16_t *);
499__END_DECLS
500
501#endif /* _PE_VAR_H_ */