pe.h revision 295577 
1/*-
2 * Copyright (c) 2015 Kai Wang
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 *    notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 *    notice, this list of conditions and the following disclaimer in the
12 *    documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24 * SUCH DAMAGE.
25 *
26 * $Id: pe.h 3312 2016-01-10 09:23:51Z kaiwang27 $
27 */
28
29#ifndef	_PE_H_
30#define	_PE_H_
31
32#include <stdint.h>
33
34/*
35 * MS-DOS header.
36 */
37
38typedef struct _PE_DosHdr {
39	char dh_magic[2];
40	uint16_t dh_lastsize;
41	uint16_t dh_nblock;
42	uint16_t dh_nreloc;
43	uint16_t dh_hdrsize;
44	uint16_t dh_minalloc;
45	uint16_t dh_maxalloc;
46	uint16_t dh_ss;
47	uint16_t dh_sp;
48	uint16_t dh_checksum;
49	uint16_t dh_ip;
50	uint16_t dh_cs;
51	uint16_t dh_relocpos;
52	uint16_t dh_noverlay;
53	uint16_t dh_reserved1[4];
54	uint16_t dh_oemid;
55	uint16_t dh_oeminfo;
56	uint16_t dh_reserved2[10];
57	uint32_t dh_lfanew;
58} PE_DosHdr;
59
60/*
61 * Rich header.
62 */
63
64typedef struct _PE_RichHdr {
65	uint32_t rh_xor;
66	uint32_t rh_total;
67	uint32_t *rh_compid;
68	uint32_t *rh_cnt;
69} PE_RichHdr;
70
71/*
72 * COFF header: Machine Types.
73 */
74
75#define	IMAGE_FILE_MACHINE_UNKNOWN	0x0	/* not specified */
76#define	IMAGE_FILE_MACHINE_AM33		0x1d3	/* Matsushita AM33 */
77#define	IMAGE_FILE_MACHINE_AMD64	0x8664	/* x86-64 */
78#define	IMAGE_FILE_MACHINE_ARM		0x1c0	/* ARM LE */
79#define	IMAGE_FILE_MACHINE_ARMNT	0x1c4	/* ARMv7(or higher) Thumb */
80#define	IMAGE_FILE_MACHINE_ARM64	0xaa64	/* ARMv8 64-bit */
81#define	IMAGE_FILE_MACHINE_EBC		0xebc	/* EFI byte code */
82#define	IMAGE_FILE_MACHINE_I386		0x14c	/* x86 */
83#define	IMAGE_FILE_MACHINE_IA64		0x200	/* IA64 */
84#define	IMAGE_FILE_MACHINE_M32R		0x9041	/* Mitsubishi M32R LE */
85#define	IMAGE_FILE_MACHINE_MIPS16	0x266	/* MIPS16 */
86#define	IMAGE_FILE_MACHINE_MIPSFPU	0x366	/* MIPS with FPU */
87#define	IMAGE_FILE_MACHINE_MIPSFPU16	0x466	/* MIPS16 with FPU */
88#define	IMAGE_FILE_MACHINE_POWERPC	0x1f0	/* Power PC LE */
89#define	IMAGE_FILE_MACHINE_POWERPCFP	0x1f1	/* Power PC floating point */
90#define	IMAGE_FILE_MACHINE_R4000	0x166	/* MIPS R4000 LE */
91#define	IMAGE_FILE_MACHINE_SH3		0x1a2	/* Hitachi SH3 */
92#define	IMAGE_FILE_MACHINE_SH3DSP	0x1a3	/* Hitachi SH3 DSP */
93#define	IMAGE_FILE_MACHINE_SH4		0x1a6	/* Hitachi SH4 */
94#define	IMAGE_FILE_MACHINE_SH5		0x1a8	/* Hitachi SH5 */
95#define	IMAGE_FILE_MACHINE_THUMB	0x1c2	/* ARM or Thumb interworking */
96#define	IMAGE_FILE_MACHINE_WCEMIPSV2	0x169	/* MIPS LE WCE v2 */
97
98/*
99 * COFF header: Characteristics
100 */
101
102#define	IMAGE_FILE_RELOCS_STRIPPED		0x0001
103#define	IMAGE_FILE_EXECUTABLE_IMAGE		0x0002
104#define	IMAGE_FILE_LINE_NUMS_STRIPPED		0x0004
105#define	IMAGE_FILE_LOCAL_SYMS_STRIPPED		0x0008
106#define	IMAGE_FILE_AGGRESSIVE_WS_TRIM		0x0010
107#define	IMAGE_FILE_LARGE_ADDRESS_AWARE		0x0020
108#define	IMAGE_FILE_BYTES_REVERSED_LO		0x0080
109#define	IMAGE_FILE_32BIT_MACHINE		0x0100
110#define	IMAGE_FILE_DEBUG_STRIPPED		0x0200
111#define	IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP	0x0400
112#define	IMAGE_FILE_NET_RUN_FROM_SWAP		0x0800
113#define	IMAGE_FILE_SYSTEM			0x1000
114#define	IMAGE_FILE_DLL				0x2000
115#define	IMAGE_FILE_UP_SYSTEM_ONLY		0x4000
116#define	IMAGE_FILE_BYTES_REVERSED_HI		0x8000
117
118/*
119 * COFF Header.
120 */
121
122typedef struct _PE_CoffHdr {
123	uint16_t ch_machine;
124	uint16_t ch_nsec;
125	uint32_t ch_timestamp;
126	uint32_t ch_symptr;
127	uint32_t ch_nsym;
128	uint16_t ch_optsize;
129	uint16_t ch_char;
130} PE_CoffHdr;
131
132
133/*
134 * Optional Header: Subsystem.
135 */
136
137#define	IMAGE_SUBSYSTEM_UNKNOWN			0
138#define	IMAGE_SUBSYSTEM_NATIVE			1
139#define	IMAGE_SUBSYSTEM_WINDOWS_GUI		2
140#define	IMAGE_SUBSYSTEM_WINDOWS_CUI		3
141#define	IMAGE_SUBSYSTEM_POSIX_CUI		7
142#define	IMAGE_SUBSYSTEM_WINDOWS_CE_GUI		9
143#define	IMAGE_SUBSYSTEM_EFI_APPLICATION		10
144#define	IMAGE_SUBSYSTEM_EFI_BOOT_SERVICE_DRIVER	11
145#define	IMAGE_SUBSYSTEM_EFI_RUNTIME_DRIVER	12
146#define	IMAGE_SUBSYSTEM_EFI_ROM			13
147#define	IMAGE_SUBSYSTEM_XBOX			14
148
149/*
150 * Optional Header: DLL Characteristics
151 */
152
153#define	IMAGE_DLL_CHARACTERISTICS_DYNAMIC_BASE		0x0040
154#define	IMAGE_DLL_CHARACTERISTICS_FORCE_INTEGRITY	0x0080
155#define	IMAGE_DLL_CHARACTERISTICS_NX_COMPAT		0x0100
156#define	IMAGE_DLL_CHARACTERISTICS_NO_ISOLATION		0x0200
157#define	IMAGE_DLL_CHARACTERISTICS_NO_SEH		0x0400
158#define	IMAGE_DLL_CHARACTERISTICS_NO_BIND		0x0800
159#define	IMAGE_DLL_CHARACTERISTICS_WDM_DRIVER		0x2000
160#define	IMAGE_DLL_CHARACTERISTICS_TERMINAL_SERVER_AWARE	0x8000
161
162/*
163 * Optional Header.
164 */
165
166#define	PE_FORMAT_ROM		0x107
167#define	PE_FORMAT_32		0x10b
168#define	PE_FORMAT_32P		0x20b
169
170typedef struct _PE_OptHdr {
171	uint16_t oh_magic;
172	uint8_t oh_ldvermajor;
173	uint8_t oh_ldverminor;
174	uint32_t oh_textsize;
175	uint32_t oh_datasize;
176	uint32_t oh_bsssize;
177	uint32_t oh_entry;
178	uint32_t oh_textbase;
179	uint32_t oh_database;
180	uint64_t oh_imgbase;
181	uint32_t oh_secalign;
182	uint32_t oh_filealign;
183	uint16_t oh_osvermajor;
184	uint16_t oh_osverminor;
185	uint16_t oh_imgvermajor;
186	uint16_t oh_imgverminor;
187	uint16_t oh_subvermajor;
188	uint16_t oh_subverminor;
189	uint32_t oh_win32ver;
190	uint32_t oh_imgsize;
191	uint32_t oh_hdrsize;
192	uint32_t oh_checksum;
193	uint16_t oh_subsystem;
194	uint16_t oh_dllchar;
195	uint64_t oh_stacksizer;
196	uint64_t oh_stacksizec;
197	uint64_t oh_heapsizer;
198	uint64_t oh_heapsizec;
199	uint32_t oh_ldrflags;
200	uint32_t oh_ndatadir;
201} PE_OptHdr;
202
203/*
204 * Optional Header: Data Directories.
205 */
206
207#define	PE_DD_EXPORT		0
208#define	PE_DD_IMPORT		1
209#define	PE_DD_RESROUCE		2
210#define	PE_DD_EXCEPTION		3
211#define	PE_DD_CERTIFICATE	4
212#define	PE_DD_BASERELOC		5
213#define	PE_DD_DEBUG		6
214#define	PE_DD_ARCH		7
215#define	PE_DD_GLOBALPTR		8
216#define	PE_DD_TLS		9
217#define	PE_DD_LOADCONFIG	10
218#define	PE_DD_BOUNDIMPORT	11
219#define	PE_DD_IAT		12
220#define	PE_DD_DELAYIMPORT	13
221#define	PE_DD_CLRRUNTIME	14
222#define	PE_DD_RESERVED		15
223#define	PE_DD_MAX		16
224
225typedef struct _PE_DataDirEntry {
226	uint32_t de_addr;
227	uint32_t de_size;
228} PE_DataDirEntry;
229
230typedef struct _PE_DataDir {
231	PE_DataDirEntry dd_e[PE_DD_MAX];
232	uint32_t dd_total;
233} PE_DataDir;
234
235/*
236 * Section Headers: Section flags.
237 */
238
239#define	IMAGE_SCN_TYPE_NO_PAD			0x00000008
240#define	IMAGE_SCN_CNT_CODE			0x00000020
241#define	IMAGE_SCN_CNT_INITIALIZED_DATA		0x00000040
242#define	IMAGE_SCN_CNT_UNINITIALIZED_DATA	0x00000080
243#define	IMAGE_SCN_LNK_OTHER			0x00000100
244#define	IMAGE_SCN_LNK_INFO			0x00000200
245#define	IMAGE_SCN_LNK_REMOVE			0x00000800
246#define	IMAGE_SCN_LNK_COMDAT			0x00001000
247#define	IMAGE_SCN_GPREL				0x00008000
248#define	IMAGE_SCN_MEM_PURGEABLE			0x00020000
249#define	IMAGE_SCN_MEM_16BIT			0x00020000
250#define	IMAGE_SCN_MEM_LOCKED			0x00040000
251#define	IMAGE_SCN_MEM_PRELOAD			0x00080000
252#define	IMAGE_SCN_ALIGN_1BYTES			0x00100000
253#define	IMAGE_SCN_ALIGN_2BYTES			0x00200000
254#define	IMAGE_SCN_ALIGN_4BYTES			0x00300000
255#define	IMAGE_SCN_ALIGN_8BYTES			0x00400000
256#define	IMAGE_SCN_ALIGN_16BYTES			0x00500000
257#define	IMAGE_SCN_ALIGN_32BYTES			0x00600000
258#define	IMAGE_SCN_ALIGN_64BYTES			0x00700000
259#define	IMAGE_SCN_ALIGN_128BYTES		0x00800000
260#define	IMAGE_SCN_ALIGN_256BYTES		0x00900000
261#define	IMAGE_SCN_ALIGN_512BYTES		0x00A00000
262#define	IMAGE_SCN_ALIGN_1024BYTES		0x00B00000
263#define	IMAGE_SCN_ALIGN_2048BYTES		0x00C00000
264#define	IMAGE_SCN_ALIGN_4096BYTES		0x00D00000
265#define	IMAGE_SCN_ALIGN_8192BYTES		0x00E00000
266#define	IMAGE_SCN_LNK_NRELOC_OVFL		0x01000000
267#define	IMAGE_SCN_MEM_DISCARDABLE		0x02000000
268#define	IMAGE_SCN_MEM_NOT_CACHED		0x04000000
269#define	IMAGE_SCN_MEM_NOT_PAGED			0x08000000
270#define	IMAGE_SCN_MEM_SHARED			0x10000000
271#define	IMAGE_SCN_MEM_EXECUTE			0x20000000
272#define	IMAGE_SCN_MEM_READ			0x40000000
273#define	IMAGE_SCN_MEM_WRITE			0x80000000
274
275/*
276 * Section Headers.
277 */
278
279typedef struct _PE_SecHdr {
280	char sh_name[8];
281	uint32_t sh_virtsize;
282	uint32_t sh_addr;
283	uint32_t sh_rawsize;
284	uint32_t sh_rawptr;
285	uint32_t sh_relocptr;
286	uint32_t sh_lineptr;
287	uint16_t sh_nreloc;
288	uint16_t sh_nline;
289	uint32_t sh_char;
290} PE_SecHdr;
291
292#endif	/* !_PE_H_ */
293