1*4882a593Smuzhiyun /* 2*4882a593Smuzhiyun * Portable Executable binary format structures 3*4882a593Smuzhiyun * 4*4882a593Smuzhiyun * Copyright (c) 2016 Alexander Graf 5*4882a593Smuzhiyun * 6*4882a593Smuzhiyun * Based on wine code 7*4882a593Smuzhiyun * 8*4882a593Smuzhiyun * SPDX-License-Identifier: GPL-2.0+ 9*4882a593Smuzhiyun */ 10*4882a593Smuzhiyun 11*4882a593Smuzhiyun #ifndef _PE_H 12*4882a593Smuzhiyun #define _PE_H 13*4882a593Smuzhiyun 14*4882a593Smuzhiyun typedef struct _IMAGE_DOS_HEADER { 15*4882a593Smuzhiyun uint16_t e_magic; /* 00: MZ Header signature */ 16*4882a593Smuzhiyun uint16_t e_cblp; /* 02: Bytes on last page of file */ 17*4882a593Smuzhiyun uint16_t e_cp; /* 04: Pages in file */ 18*4882a593Smuzhiyun uint16_t e_crlc; /* 06: Relocations */ 19*4882a593Smuzhiyun uint16_t e_cparhdr; /* 08: Size of header in paragraphs */ 20*4882a593Smuzhiyun uint16_t e_minalloc; /* 0a: Minimum extra paragraphs needed */ 21*4882a593Smuzhiyun uint16_t e_maxalloc; /* 0c: Maximum extra paragraphs needed */ 22*4882a593Smuzhiyun uint16_t e_ss; /* 0e: Initial (relative) SS value */ 23*4882a593Smuzhiyun uint16_t e_sp; /* 10: Initial SP value */ 24*4882a593Smuzhiyun uint16_t e_csum; /* 12: Checksum */ 25*4882a593Smuzhiyun uint16_t e_ip; /* 14: Initial IP value */ 26*4882a593Smuzhiyun uint16_t e_cs; /* 16: Initial (relative) CS value */ 27*4882a593Smuzhiyun uint16_t e_lfarlc; /* 18: File address of relocation table */ 28*4882a593Smuzhiyun uint16_t e_ovno; /* 1a: Overlay number */ 29*4882a593Smuzhiyun uint16_t e_res[4]; /* 1c: Reserved words */ 30*4882a593Smuzhiyun uint16_t e_oemid; /* 24: OEM identifier (for e_oeminfo) */ 31*4882a593Smuzhiyun uint16_t e_oeminfo; /* 26: OEM information; e_oemid specific */ 32*4882a593Smuzhiyun uint16_t e_res2[10]; /* 28: Reserved words */ 33*4882a593Smuzhiyun uint32_t e_lfanew; /* 3c: Offset to extended header */ 34*4882a593Smuzhiyun } IMAGE_DOS_HEADER, *PIMAGE_DOS_HEADER; 35*4882a593Smuzhiyun 36*4882a593Smuzhiyun #define IMAGE_DOS_SIGNATURE 0x5A4D /* MZ */ 37*4882a593Smuzhiyun #define IMAGE_NT_SIGNATURE 0x00004550 /* PE00 */ 38*4882a593Smuzhiyun 39*4882a593Smuzhiyun #define IMAGE_FILE_MACHINE_ARM 0x01c0 40*4882a593Smuzhiyun #define IMAGE_FILE_MACHINE_THUMB 0x01c2 41*4882a593Smuzhiyun #define IMAGE_FILE_MACHINE_ARMNT 0x01c4 42*4882a593Smuzhiyun #define IMAGE_FILE_MACHINE_AMD64 0x8664 43*4882a593Smuzhiyun #define IMAGE_FILE_MACHINE_ARM64 0xaa64 44*4882a593Smuzhiyun #define IMAGE_NT_OPTIONAL_HDR32_MAGIC 0x10b 45*4882a593Smuzhiyun #define IMAGE_NT_OPTIONAL_HDR64_MAGIC 0x20b 46*4882a593Smuzhiyun #define IMAGE_SUBSYSTEM_EFI_APPLICATION 10 47*4882a593Smuzhiyun 48*4882a593Smuzhiyun typedef struct _IMAGE_FILE_HEADER { 49*4882a593Smuzhiyun uint16_t Machine; 50*4882a593Smuzhiyun uint16_t NumberOfSections; 51*4882a593Smuzhiyun uint32_t TimeDateStamp; 52*4882a593Smuzhiyun uint32_t PointerToSymbolTable; 53*4882a593Smuzhiyun uint32_t NumberOfSymbols; 54*4882a593Smuzhiyun uint16_t SizeOfOptionalHeader; 55*4882a593Smuzhiyun uint16_t Characteristics; 56*4882a593Smuzhiyun } IMAGE_FILE_HEADER, *PIMAGE_FILE_HEADER; 57*4882a593Smuzhiyun 58*4882a593Smuzhiyun typedef struct _IMAGE_DATA_DIRECTORY { 59*4882a593Smuzhiyun uint32_t VirtualAddress; 60*4882a593Smuzhiyun uint32_t Size; 61*4882a593Smuzhiyun } IMAGE_DATA_DIRECTORY, *PIMAGE_DATA_DIRECTORY; 62*4882a593Smuzhiyun 63*4882a593Smuzhiyun #define IMAGE_NUMBEROF_DIRECTORY_ENTRIES 16 64*4882a593Smuzhiyun 65*4882a593Smuzhiyun typedef struct _IMAGE_OPTIONAL_HEADER64 { 66*4882a593Smuzhiyun uint16_t Magic; /* 0x20b */ 67*4882a593Smuzhiyun uint8_t MajorLinkerVersion; 68*4882a593Smuzhiyun uint8_t MinorLinkerVersion; 69*4882a593Smuzhiyun uint32_t SizeOfCode; 70*4882a593Smuzhiyun uint32_t SizeOfInitializedData; 71*4882a593Smuzhiyun uint32_t SizeOfUninitializedData; 72*4882a593Smuzhiyun uint32_t AddressOfEntryPoint; 73*4882a593Smuzhiyun uint32_t BaseOfCode; 74*4882a593Smuzhiyun uint64_t ImageBase; 75*4882a593Smuzhiyun uint32_t SectionAlignment; 76*4882a593Smuzhiyun uint32_t FileAlignment; 77*4882a593Smuzhiyun uint16_t MajorOperatingSystemVersion; 78*4882a593Smuzhiyun uint16_t MinorOperatingSystemVersion; 79*4882a593Smuzhiyun uint16_t MajorImageVersion; 80*4882a593Smuzhiyun uint16_t MinorImageVersion; 81*4882a593Smuzhiyun uint16_t MajorSubsystemVersion; 82*4882a593Smuzhiyun uint16_t MinorSubsystemVersion; 83*4882a593Smuzhiyun uint32_t Win32VersionValue; 84*4882a593Smuzhiyun uint32_t SizeOfImage; 85*4882a593Smuzhiyun uint32_t SizeOfHeaders; 86*4882a593Smuzhiyun uint32_t CheckSum; 87*4882a593Smuzhiyun uint16_t Subsystem; 88*4882a593Smuzhiyun uint16_t DllCharacteristics; 89*4882a593Smuzhiyun uint64_t SizeOfStackReserve; 90*4882a593Smuzhiyun uint64_t SizeOfStackCommit; 91*4882a593Smuzhiyun uint64_t SizeOfHeapReserve; 92*4882a593Smuzhiyun uint64_t SizeOfHeapCommit; 93*4882a593Smuzhiyun uint32_t LoaderFlags; 94*4882a593Smuzhiyun uint32_t NumberOfRvaAndSizes; 95*4882a593Smuzhiyun IMAGE_DATA_DIRECTORY DataDirectory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES]; 96*4882a593Smuzhiyun } IMAGE_OPTIONAL_HEADER64, *PIMAGE_OPTIONAL_HEADER64; 97*4882a593Smuzhiyun 98*4882a593Smuzhiyun typedef struct _IMAGE_NT_HEADERS64 { 99*4882a593Smuzhiyun uint32_t Signature; 100*4882a593Smuzhiyun IMAGE_FILE_HEADER FileHeader; 101*4882a593Smuzhiyun IMAGE_OPTIONAL_HEADER64 OptionalHeader; 102*4882a593Smuzhiyun } IMAGE_NT_HEADERS64, *PIMAGE_NT_HEADERS64; 103*4882a593Smuzhiyun 104*4882a593Smuzhiyun typedef struct _IMAGE_OPTIONAL_HEADER { 105*4882a593Smuzhiyun 106*4882a593Smuzhiyun /* Standard fields */ 107*4882a593Smuzhiyun 108*4882a593Smuzhiyun uint16_t Magic; /* 0x10b or 0x107 */ /* 0x00 */ 109*4882a593Smuzhiyun uint8_t MajorLinkerVersion; 110*4882a593Smuzhiyun uint8_t MinorLinkerVersion; 111*4882a593Smuzhiyun uint32_t SizeOfCode; 112*4882a593Smuzhiyun uint32_t SizeOfInitializedData; 113*4882a593Smuzhiyun uint32_t SizeOfUninitializedData; 114*4882a593Smuzhiyun uint32_t AddressOfEntryPoint; /* 0x10 */ 115*4882a593Smuzhiyun uint32_t BaseOfCode; 116*4882a593Smuzhiyun uint32_t BaseOfData; 117*4882a593Smuzhiyun 118*4882a593Smuzhiyun /* NT additional fields */ 119*4882a593Smuzhiyun 120*4882a593Smuzhiyun uint32_t ImageBase; 121*4882a593Smuzhiyun uint32_t SectionAlignment; /* 0x20 */ 122*4882a593Smuzhiyun uint32_t FileAlignment; 123*4882a593Smuzhiyun uint16_t MajorOperatingSystemVersion; 124*4882a593Smuzhiyun uint16_t MinorOperatingSystemVersion; 125*4882a593Smuzhiyun uint16_t MajorImageVersion; 126*4882a593Smuzhiyun uint16_t MinorImageVersion; 127*4882a593Smuzhiyun uint16_t MajorSubsystemVersion; /* 0x30 */ 128*4882a593Smuzhiyun uint16_t MinorSubsystemVersion; 129*4882a593Smuzhiyun uint32_t Win32VersionValue; 130*4882a593Smuzhiyun uint32_t SizeOfImage; 131*4882a593Smuzhiyun uint32_t SizeOfHeaders; 132*4882a593Smuzhiyun uint32_t CheckSum; /* 0x40 */ 133*4882a593Smuzhiyun uint16_t Subsystem; 134*4882a593Smuzhiyun uint16_t DllCharacteristics; 135*4882a593Smuzhiyun uint32_t SizeOfStackReserve; 136*4882a593Smuzhiyun uint32_t SizeOfStackCommit; 137*4882a593Smuzhiyun uint32_t SizeOfHeapReserve; /* 0x50 */ 138*4882a593Smuzhiyun uint32_t SizeOfHeapCommit; 139*4882a593Smuzhiyun uint32_t LoaderFlags; 140*4882a593Smuzhiyun uint32_t NumberOfRvaAndSizes; 141*4882a593Smuzhiyun IMAGE_DATA_DIRECTORY DataDirectory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES]; /* 0x60 */ 142*4882a593Smuzhiyun /* 0xE0 */ 143*4882a593Smuzhiyun } IMAGE_OPTIONAL_HEADER32, *PIMAGE_OPTIONAL_HEADER32; 144*4882a593Smuzhiyun 145*4882a593Smuzhiyun typedef struct _IMAGE_NT_HEADERS { 146*4882a593Smuzhiyun uint32_t Signature; /* "PE"\0\0 */ /* 0x00 */ 147*4882a593Smuzhiyun IMAGE_FILE_HEADER FileHeader; /* 0x04 */ 148*4882a593Smuzhiyun IMAGE_OPTIONAL_HEADER32 OptionalHeader; /* 0x18 */ 149*4882a593Smuzhiyun } IMAGE_NT_HEADERS32, *PIMAGE_NT_HEADERS32; 150*4882a593Smuzhiyun 151*4882a593Smuzhiyun #define IMAGE_SIZEOF_SHORT_NAME 8 152*4882a593Smuzhiyun 153*4882a593Smuzhiyun typedef struct _IMAGE_SECTION_HEADER { 154*4882a593Smuzhiyun uint8_t Name[IMAGE_SIZEOF_SHORT_NAME]; 155*4882a593Smuzhiyun union { 156*4882a593Smuzhiyun uint32_t PhysicalAddress; 157*4882a593Smuzhiyun uint32_t VirtualSize; 158*4882a593Smuzhiyun } Misc; 159*4882a593Smuzhiyun uint32_t VirtualAddress; 160*4882a593Smuzhiyun uint32_t SizeOfRawData; 161*4882a593Smuzhiyun uint32_t PointerToRawData; 162*4882a593Smuzhiyun uint32_t PointerToRelocations; 163*4882a593Smuzhiyun uint32_t PointerToLinenumbers; 164*4882a593Smuzhiyun uint16_t NumberOfRelocations; 165*4882a593Smuzhiyun uint16_t NumberOfLinenumbers; 166*4882a593Smuzhiyun uint32_t Characteristics; 167*4882a593Smuzhiyun } IMAGE_SECTION_HEADER, *PIMAGE_SECTION_HEADER; 168*4882a593Smuzhiyun 169*4882a593Smuzhiyun #define IMAGE_DIRECTORY_ENTRY_BASERELOC 5 170*4882a593Smuzhiyun 171*4882a593Smuzhiyun typedef struct _IMAGE_BASE_RELOCATION 172*4882a593Smuzhiyun { 173*4882a593Smuzhiyun uint32_t VirtualAddress; 174*4882a593Smuzhiyun uint32_t SizeOfBlock; 175*4882a593Smuzhiyun /* WORD TypeOffset[1]; */ 176*4882a593Smuzhiyun } IMAGE_BASE_RELOCATION,*PIMAGE_BASE_RELOCATION; 177*4882a593Smuzhiyun 178*4882a593Smuzhiyun typedef struct _IMAGE_RELOCATION 179*4882a593Smuzhiyun { 180*4882a593Smuzhiyun union { 181*4882a593Smuzhiyun uint32_t VirtualAddress; 182*4882a593Smuzhiyun uint32_t RelocCount; 183*4882a593Smuzhiyun } DUMMYUNIONNAME; 184*4882a593Smuzhiyun uint32_t SymbolTableIndex; 185*4882a593Smuzhiyun uint16_t Type; 186*4882a593Smuzhiyun } IMAGE_RELOCATION, *PIMAGE_RELOCATION; 187*4882a593Smuzhiyun 188*4882a593Smuzhiyun #define IMAGE_SIZEOF_RELOCATION 10 189*4882a593Smuzhiyun 190*4882a593Smuzhiyun /* generic relocation types */ 191*4882a593Smuzhiyun #define IMAGE_REL_BASED_ABSOLUTE 0 192*4882a593Smuzhiyun #define IMAGE_REL_BASED_HIGH 1 193*4882a593Smuzhiyun #define IMAGE_REL_BASED_LOW 2 194*4882a593Smuzhiyun #define IMAGE_REL_BASED_HIGHLOW 3 195*4882a593Smuzhiyun #define IMAGE_REL_BASED_HIGHADJ 4 196*4882a593Smuzhiyun #define IMAGE_REL_BASED_MIPS_JMPADDR 5 197*4882a593Smuzhiyun #define IMAGE_REL_BASED_ARM_MOV32A 5 /* yes, 5 too */ 198*4882a593Smuzhiyun #define IMAGE_REL_BASED_ARM_MOV32 5 /* yes, 5 too */ 199*4882a593Smuzhiyun #define IMAGE_REL_BASED_SECTION 6 200*4882a593Smuzhiyun #define IMAGE_REL_BASED_REL 7 201*4882a593Smuzhiyun #define IMAGE_REL_BASED_ARM_MOV32T 7 /* yes, 7 too */ 202*4882a593Smuzhiyun #define IMAGE_REL_BASED_THUMB_MOV32 7 /* yes, 7 too */ 203*4882a593Smuzhiyun #define IMAGE_REL_BASED_MIPS_JMPADDR16 9 204*4882a593Smuzhiyun #define IMAGE_REL_BASED_IA64_IMM64 9 /* yes, 9 too */ 205*4882a593Smuzhiyun #define IMAGE_REL_BASED_DIR64 10 206*4882a593Smuzhiyun #define IMAGE_REL_BASED_HIGH3ADJ 11 207*4882a593Smuzhiyun 208*4882a593Smuzhiyun /* ARM relocation types */ 209*4882a593Smuzhiyun #define IMAGE_REL_ARM_ABSOLUTE 0x0000 210*4882a593Smuzhiyun #define IMAGE_REL_ARM_ADDR 0x0001 211*4882a593Smuzhiyun #define IMAGE_REL_ARM_ADDR32NB 0x0002 212*4882a593Smuzhiyun #define IMAGE_REL_ARM_BRANCH24 0x0003 213*4882a593Smuzhiyun #define IMAGE_REL_ARM_BRANCH11 0x0004 214*4882a593Smuzhiyun #define IMAGE_REL_ARM_TOKEN 0x0005 215*4882a593Smuzhiyun #define IMAGE_REL_ARM_GPREL12 0x0006 216*4882a593Smuzhiyun #define IMAGE_REL_ARM_GPREL7 0x0007 217*4882a593Smuzhiyun #define IMAGE_REL_ARM_BLX24 0x0008 218*4882a593Smuzhiyun #define IMAGE_REL_ARM_BLX11 0x0009 219*4882a593Smuzhiyun #define IMAGE_REL_ARM_SECTION 0x000E 220*4882a593Smuzhiyun #define IMAGE_REL_ARM_SECREL 0x000F 221*4882a593Smuzhiyun #define IMAGE_REL_ARM_MOV32A 0x0010 222*4882a593Smuzhiyun #define IMAGE_REL_ARM_MOV32T 0x0011 223*4882a593Smuzhiyun #define IMAGE_REL_ARM_BRANCH20T 0x0012 224*4882a593Smuzhiyun #define IMAGE_REL_ARM_BRANCH24T 0x0014 225*4882a593Smuzhiyun #define IMAGE_REL_ARM_BLX23T 0x0015 226*4882a593Smuzhiyun 227*4882a593Smuzhiyun /* ARM64 relocation types */ 228*4882a593Smuzhiyun #define IMAGE_REL_ARM64_ABSOLUTE 0x0000 229*4882a593Smuzhiyun #define IMAGE_REL_ARM64_ADDR32 0x0001 230*4882a593Smuzhiyun #define IMAGE_REL_ARM64_ADDR32NB 0x0002 231*4882a593Smuzhiyun #define IMAGE_REL_ARM64_BRANCH26 0x0003 232*4882a593Smuzhiyun #define IMAGE_REL_ARM64_PAGEBASE_REL21 0x0004 233*4882a593Smuzhiyun #define IMAGE_REL_ARM64_REL21 0x0005 234*4882a593Smuzhiyun #define IMAGE_REL_ARM64_PAGEOFFSET_12A 0x0006 235*4882a593Smuzhiyun #define IMAGE_REL_ARM64_PAGEOFFSET_12L 0x0007 236*4882a593Smuzhiyun #define IMAGE_REL_ARM64_SECREL 0x0008 237*4882a593Smuzhiyun #define IMAGE_REL_ARM64_SECREL_LOW12A 0x0009 238*4882a593Smuzhiyun #define IMAGE_REL_ARM64_SECREL_HIGH12A 0x000A 239*4882a593Smuzhiyun #define IMAGE_REL_ARM64_SECREL_LOW12L 0x000B 240*4882a593Smuzhiyun #define IMAGE_REL_ARM64_TOKEN 0x000C 241*4882a593Smuzhiyun #define IMAGE_REL_ARM64_SECTION 0x000D 242*4882a593Smuzhiyun #define IMAGE_REL_ARM64_ADDR64 0x000E 243*4882a593Smuzhiyun 244*4882a593Smuzhiyun /* AMD64 relocation types */ 245*4882a593Smuzhiyun #define IMAGE_REL_AMD64_ABSOLUTE 0x0000 246*4882a593Smuzhiyun #define IMAGE_REL_AMD64_ADDR64 0x0001 247*4882a593Smuzhiyun #define IMAGE_REL_AMD64_ADDR32 0x0002 248*4882a593Smuzhiyun #define IMAGE_REL_AMD64_ADDR32NB 0x0003 249*4882a593Smuzhiyun #define IMAGE_REL_AMD64_REL32 0x0004 250*4882a593Smuzhiyun #define IMAGE_REL_AMD64_REL32_1 0x0005 251*4882a593Smuzhiyun #define IMAGE_REL_AMD64_REL32_2 0x0006 252*4882a593Smuzhiyun #define IMAGE_REL_AMD64_REL32_3 0x0007 253*4882a593Smuzhiyun #define IMAGE_REL_AMD64_REL32_4 0x0008 254*4882a593Smuzhiyun #define IMAGE_REL_AMD64_REL32_5 0x0009 255*4882a593Smuzhiyun #define IMAGE_REL_AMD64_SECTION 0x000A 256*4882a593Smuzhiyun #define IMAGE_REL_AMD64_SECREL 0x000B 257*4882a593Smuzhiyun #define IMAGE_REL_AMD64_SECREL7 0x000C 258*4882a593Smuzhiyun #define IMAGE_REL_AMD64_TOKEN 0x000D 259*4882a593Smuzhiyun #define IMAGE_REL_AMD64_SREL32 0x000E 260*4882a593Smuzhiyun #define IMAGE_REL_AMD64_PAIR 0x000F 261*4882a593Smuzhiyun #define IMAGE_REL_AMD64_SSPAN32 0x0010 262*4882a593Smuzhiyun 263*4882a593Smuzhiyun #endif /* _PE_H */ 264