1 //===-- llvm/BinaryFormat/COFF.h --------------------------------*- C++ -*-===// 2 // 3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 4 // See https://llvm.org/LICENSE.txt for license information. 5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 6 // 7 //===----------------------------------------------------------------------===// 8 // 9 // This file contains an definitions used in Windows COFF Files. 10 // 11 // Structures and enums defined within this file where created using 12 // information from Microsoft's publicly available PE/COFF format document: 13 // 14 // Microsoft Portable Executable and Common Object File Format Specification 15 // Revision 8.1 - February 15, 2008 16 // 17 // As of 5/2/2010, hosted by Microsoft at: 18 // http://www.microsoft.com/whdc/system/platform/firmware/pecoff.mspx 19 // 20 //===----------------------------------------------------------------------===// 21 22 #ifndef LLVM_BINARYFORMAT_COFF_H 23 #define LLVM_BINARYFORMAT_COFF_H 24 25 #include "llvm/Support/DataTypes.h" 26 #include <cassert> 27 28 namespace llvm { 29 namespace COFF { 30 31 // The maximum number of sections that a COFF object can have (inclusive). 32 const int32_t MaxNumberOfSections16 = 65279; 33 34 // The PE signature bytes that follows the DOS stub header. 35 static const char PEMagic[] = {'P', 'E', '\0', '\0'}; 36 37 static const char BigObjMagic[] = { 38 '\xc7', '\xa1', '\xba', '\xd1', '\xee', '\xba', '\xa9', '\x4b', 39 '\xaf', '\x20', '\xfa', '\xf6', '\x6a', '\xa4', '\xdc', '\xb8', 40 }; 41 42 static const char ClGlObjMagic[] = { 43 '\x38', '\xfe', '\xb3', '\x0c', '\xa5', '\xd9', '\xab', '\x4d', 44 '\xac', '\x9b', '\xd6', '\xb6', '\x22', '\x26', '\x53', '\xc2', 45 }; 46 47 // The signature bytes that start a .res file. 48 static const char WinResMagic[] = { 49 '\x00', '\x00', '\x00', '\x00', '\x20', '\x00', '\x00', '\x00', 50 '\xff', '\xff', '\x00', '\x00', '\xff', '\xff', '\x00', '\x00', 51 }; 52 53 // Sizes in bytes of various things in the COFF format. 54 enum { 55 Header16Size = 20, 56 Header32Size = 56, 57 NameSize = 8, 58 Symbol16Size = 18, 59 Symbol32Size = 20, 60 SectionSize = 40, 61 RelocationSize = 10 62 }; 63 64 struct header { 65 uint16_t Machine; 66 int32_t NumberOfSections; 67 uint32_t TimeDateStamp; 68 uint32_t PointerToSymbolTable; 69 uint32_t NumberOfSymbols; 70 uint16_t SizeOfOptionalHeader; 71 uint16_t Characteristics; 72 }; 73 74 struct BigObjHeader { 75 enum : uint16_t { MinBigObjectVersion = 2 }; 76 77 uint16_t Sig1; ///< Must be IMAGE_FILE_MACHINE_UNKNOWN (0). 78 uint16_t Sig2; ///< Must be 0xFFFF. 79 uint16_t Version; 80 uint16_t Machine; 81 uint32_t TimeDateStamp; 82 uint8_t UUID[16]; 83 uint32_t unused1; 84 uint32_t unused2; 85 uint32_t unused3; 86 uint32_t unused4; 87 uint32_t NumberOfSections; 88 uint32_t PointerToSymbolTable; 89 uint32_t NumberOfSymbols; 90 }; 91 92 enum MachineTypes : unsigned { 93 MT_Invalid = 0xffff, 94 95 IMAGE_FILE_MACHINE_UNKNOWN = 0x0, 96 IMAGE_FILE_MACHINE_AM33 = 0x1D3, 97 IMAGE_FILE_MACHINE_AMD64 = 0x8664, 98 IMAGE_FILE_MACHINE_ARM = 0x1C0, 99 IMAGE_FILE_MACHINE_ARMNT = 0x1C4, 100 IMAGE_FILE_MACHINE_ARM64 = 0xAA64, 101 IMAGE_FILE_MACHINE_ARM64EC = 0xA641, 102 IMAGE_FILE_MACHINE_ARM64X = 0xA64E, 103 IMAGE_FILE_MACHINE_EBC = 0xEBC, 104 IMAGE_FILE_MACHINE_I386 = 0x14C, 105 IMAGE_FILE_MACHINE_IA64 = 0x200, 106 IMAGE_FILE_MACHINE_M32R = 0x9041, 107 IMAGE_FILE_MACHINE_MIPS16 = 0x266, 108 IMAGE_FILE_MACHINE_MIPSFPU = 0x366, 109 IMAGE_FILE_MACHINE_MIPSFPU16 = 0x466, 110 IMAGE_FILE_MACHINE_POWERPC = 0x1F0, 111 IMAGE_FILE_MACHINE_POWERPCFP = 0x1F1, 112 IMAGE_FILE_MACHINE_R4000 = 0x166, 113 IMAGE_FILE_MACHINE_RISCV32 = 0x5032, 114 IMAGE_FILE_MACHINE_RISCV64 = 0x5064, 115 IMAGE_FILE_MACHINE_RISCV128 = 0x5128, 116 IMAGE_FILE_MACHINE_SH3 = 0x1A2, 117 IMAGE_FILE_MACHINE_SH3DSP = 0x1A3, 118 IMAGE_FILE_MACHINE_SH4 = 0x1A6, 119 IMAGE_FILE_MACHINE_SH5 = 0x1A8, 120 IMAGE_FILE_MACHINE_THUMB = 0x1C2, 121 IMAGE_FILE_MACHINE_WCEMIPSV2 = 0x169 122 }; 123 124 template <typename T> bool isArm64EC(T Machine) { 125 return Machine == IMAGE_FILE_MACHINE_ARM64EC || 126 Machine == IMAGE_FILE_MACHINE_ARM64X; 127 } 128 129 template <typename T> bool isAnyArm64(T Machine) { 130 return Machine == IMAGE_FILE_MACHINE_ARM64 || isArm64EC(Machine); 131 } 132 133 template <typename T> bool is64Bit(T Machine) { 134 return Machine == IMAGE_FILE_MACHINE_AMD64 || isAnyArm64(Machine); 135 } 136 137 enum Characteristics : unsigned { 138 C_Invalid = 0, 139 140 /// The file does not contain base relocations and must be loaded at its 141 /// preferred base. If this cannot be done, the loader will error. 142 IMAGE_FILE_RELOCS_STRIPPED = 0x0001, 143 /// The file is valid and can be run. 144 IMAGE_FILE_EXECUTABLE_IMAGE = 0x0002, 145 /// COFF line numbers have been stripped. This is deprecated and should be 146 /// 0. 147 IMAGE_FILE_LINE_NUMS_STRIPPED = 0x0004, 148 /// COFF symbol table entries for local symbols have been removed. This is 149 /// deprecated and should be 0. 150 IMAGE_FILE_LOCAL_SYMS_STRIPPED = 0x0008, 151 /// Aggressively trim working set. This is deprecated and must be 0. 152 IMAGE_FILE_AGGRESSIVE_WS_TRIM = 0x0010, 153 /// Image can handle > 2GiB addresses. 154 IMAGE_FILE_LARGE_ADDRESS_AWARE = 0x0020, 155 /// Little endian: the LSB precedes the MSB in memory. This is deprecated 156 /// and should be 0. 157 IMAGE_FILE_BYTES_REVERSED_LO = 0x0080, 158 /// Machine is based on a 32bit word architecture. 159 IMAGE_FILE_32BIT_MACHINE = 0x0100, 160 /// Debugging info has been removed. 161 IMAGE_FILE_DEBUG_STRIPPED = 0x0200, 162 /// If the image is on removable media, fully load it and copy it to swap. 163 IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP = 0x0400, 164 /// If the image is on network media, fully load it and copy it to swap. 165 IMAGE_FILE_NET_RUN_FROM_SWAP = 0x0800, 166 /// The image file is a system file, not a user program. 167 IMAGE_FILE_SYSTEM = 0x1000, 168 /// The image file is a DLL. 169 IMAGE_FILE_DLL = 0x2000, 170 /// This file should only be run on a uniprocessor machine. 171 IMAGE_FILE_UP_SYSTEM_ONLY = 0x4000, 172 /// Big endian: the MSB precedes the LSB in memory. This is deprecated 173 /// and should be 0. 174 IMAGE_FILE_BYTES_REVERSED_HI = 0x8000 175 }; 176 177 enum ResourceTypeID : unsigned { 178 RID_Cursor = 1, 179 RID_Bitmap = 2, 180 RID_Icon = 3, 181 RID_Menu = 4, 182 RID_Dialog = 5, 183 RID_String = 6, 184 RID_FontDir = 7, 185 RID_Font = 8, 186 RID_Accelerator = 9, 187 RID_RCData = 10, 188 RID_MessageTable = 11, 189 RID_Group_Cursor = 12, 190 RID_Group_Icon = 14, 191 RID_Version = 16, 192 RID_DLGInclude = 17, 193 RID_PlugPlay = 19, 194 RID_VXD = 20, 195 RID_AniCursor = 21, 196 RID_AniIcon = 22, 197 RID_HTML = 23, 198 RID_Manifest = 24, 199 }; 200 201 struct symbol { 202 char Name[NameSize]; 203 uint32_t Value; 204 int32_t SectionNumber; 205 uint16_t Type; 206 uint8_t StorageClass; 207 uint8_t NumberOfAuxSymbols; 208 }; 209 210 enum SymbolSectionNumber : int32_t { 211 IMAGE_SYM_DEBUG = -2, 212 IMAGE_SYM_ABSOLUTE = -1, 213 IMAGE_SYM_UNDEFINED = 0 214 }; 215 216 /// Storage class tells where and what the symbol represents 217 enum SymbolStorageClass { 218 SSC_Invalid = 0xff, 219 220 IMAGE_SYM_CLASS_END_OF_FUNCTION = -1, ///< Physical end of function 221 IMAGE_SYM_CLASS_NULL = 0, ///< No symbol 222 IMAGE_SYM_CLASS_AUTOMATIC = 1, ///< Stack variable 223 IMAGE_SYM_CLASS_EXTERNAL = 2, ///< External symbol 224 IMAGE_SYM_CLASS_STATIC = 3, ///< Static 225 IMAGE_SYM_CLASS_REGISTER = 4, ///< Register variable 226 IMAGE_SYM_CLASS_EXTERNAL_DEF = 5, ///< External definition 227 IMAGE_SYM_CLASS_LABEL = 6, ///< Label 228 IMAGE_SYM_CLASS_UNDEFINED_LABEL = 7, ///< Undefined label 229 IMAGE_SYM_CLASS_MEMBER_OF_STRUCT = 8, ///< Member of structure 230 IMAGE_SYM_CLASS_ARGUMENT = 9, ///< Function argument 231 IMAGE_SYM_CLASS_STRUCT_TAG = 10, ///< Structure tag 232 IMAGE_SYM_CLASS_MEMBER_OF_UNION = 11, ///< Member of union 233 IMAGE_SYM_CLASS_UNION_TAG = 12, ///< Union tag 234 IMAGE_SYM_CLASS_TYPE_DEFINITION = 13, ///< Type definition 235 IMAGE_SYM_CLASS_UNDEFINED_STATIC = 14, ///< Undefined static 236 IMAGE_SYM_CLASS_ENUM_TAG = 15, ///< Enumeration tag 237 IMAGE_SYM_CLASS_MEMBER_OF_ENUM = 16, ///< Member of enumeration 238 IMAGE_SYM_CLASS_REGISTER_PARAM = 17, ///< Register parameter 239 IMAGE_SYM_CLASS_BIT_FIELD = 18, ///< Bit field 240 /// ".bb" or ".eb" - beginning or end of block 241 IMAGE_SYM_CLASS_BLOCK = 100, 242 /// ".bf" or ".ef" - beginning or end of function 243 IMAGE_SYM_CLASS_FUNCTION = 101, 244 IMAGE_SYM_CLASS_END_OF_STRUCT = 102, ///< End of structure 245 IMAGE_SYM_CLASS_FILE = 103, ///< File name 246 /// Line number, reformatted as symbol 247 IMAGE_SYM_CLASS_SECTION = 104, 248 IMAGE_SYM_CLASS_WEAK_EXTERNAL = 105, ///< Duplicate tag 249 /// External symbol in dmert public lib 250 IMAGE_SYM_CLASS_CLR_TOKEN = 107 251 }; 252 253 enum SymbolBaseType : unsigned { 254 IMAGE_SYM_TYPE_NULL = 0, ///< No type information or unknown base type. 255 IMAGE_SYM_TYPE_VOID = 1, ///< Used with void pointers and functions. 256 IMAGE_SYM_TYPE_CHAR = 2, ///< A character (signed byte). 257 IMAGE_SYM_TYPE_SHORT = 3, ///< A 2-byte signed integer. 258 IMAGE_SYM_TYPE_INT = 4, ///< A natural integer type on the target. 259 IMAGE_SYM_TYPE_LONG = 5, ///< A 4-byte signed integer. 260 IMAGE_SYM_TYPE_FLOAT = 6, ///< A 4-byte floating-point number. 261 IMAGE_SYM_TYPE_DOUBLE = 7, ///< An 8-byte floating-point number. 262 IMAGE_SYM_TYPE_STRUCT = 8, ///< A structure. 263 IMAGE_SYM_TYPE_UNION = 9, ///< An union. 264 IMAGE_SYM_TYPE_ENUM = 10, ///< An enumerated type. 265 IMAGE_SYM_TYPE_MOE = 11, ///< A member of enumeration (a specific value). 266 IMAGE_SYM_TYPE_BYTE = 12, ///< A byte; unsigned 1-byte integer. 267 IMAGE_SYM_TYPE_WORD = 13, ///< A word; unsigned 2-byte integer. 268 IMAGE_SYM_TYPE_UINT = 14, ///< An unsigned integer of natural size. 269 IMAGE_SYM_TYPE_DWORD = 15 ///< An unsigned 4-byte integer. 270 }; 271 272 enum SymbolComplexType : unsigned { 273 IMAGE_SYM_DTYPE_NULL = 0, ///< No complex type; simple scalar variable. 274 IMAGE_SYM_DTYPE_POINTER = 1, ///< A pointer to base type. 275 IMAGE_SYM_DTYPE_FUNCTION = 2, ///< A function that returns a base type. 276 IMAGE_SYM_DTYPE_ARRAY = 3, ///< An array of base type. 277 278 /// Type is formed as (base + (derived << SCT_COMPLEX_TYPE_SHIFT)) 279 SCT_COMPLEX_TYPE_SHIFT = 4 280 }; 281 282 enum AuxSymbolType { IMAGE_AUX_SYMBOL_TYPE_TOKEN_DEF = 1 }; 283 284 struct section { 285 char Name[NameSize]; 286 uint32_t VirtualSize; 287 uint32_t VirtualAddress; 288 uint32_t SizeOfRawData; 289 uint32_t PointerToRawData; 290 uint32_t PointerToRelocations; 291 uint32_t PointerToLineNumbers; 292 uint16_t NumberOfRelocations; 293 uint16_t NumberOfLineNumbers; 294 uint32_t Characteristics; 295 }; 296 297 enum SectionCharacteristics : uint32_t { 298 SC_Invalid = 0xffffffff, 299 300 IMAGE_SCN_TYPE_NOLOAD = 0x00000002, 301 IMAGE_SCN_TYPE_NO_PAD = 0x00000008, 302 IMAGE_SCN_CNT_CODE = 0x00000020, 303 IMAGE_SCN_CNT_INITIALIZED_DATA = 0x00000040, 304 IMAGE_SCN_CNT_UNINITIALIZED_DATA = 0x00000080, 305 IMAGE_SCN_LNK_OTHER = 0x00000100, 306 IMAGE_SCN_LNK_INFO = 0x00000200, 307 IMAGE_SCN_LNK_REMOVE = 0x00000800, 308 IMAGE_SCN_LNK_COMDAT = 0x00001000, 309 IMAGE_SCN_GPREL = 0x00008000, 310 IMAGE_SCN_MEM_PURGEABLE = 0x00020000, 311 IMAGE_SCN_MEM_16BIT = 0x00020000, 312 IMAGE_SCN_MEM_LOCKED = 0x00040000, 313 IMAGE_SCN_MEM_PRELOAD = 0x00080000, 314 IMAGE_SCN_ALIGN_1BYTES = 0x00100000, 315 IMAGE_SCN_ALIGN_2BYTES = 0x00200000, 316 IMAGE_SCN_ALIGN_4BYTES = 0x00300000, 317 IMAGE_SCN_ALIGN_8BYTES = 0x00400000, 318 IMAGE_SCN_ALIGN_16BYTES = 0x00500000, 319 IMAGE_SCN_ALIGN_32BYTES = 0x00600000, 320 IMAGE_SCN_ALIGN_64BYTES = 0x00700000, 321 IMAGE_SCN_ALIGN_128BYTES = 0x00800000, 322 IMAGE_SCN_ALIGN_256BYTES = 0x00900000, 323 IMAGE_SCN_ALIGN_512BYTES = 0x00A00000, 324 IMAGE_SCN_ALIGN_1024BYTES = 0x00B00000, 325 IMAGE_SCN_ALIGN_2048BYTES = 0x00C00000, 326 IMAGE_SCN_ALIGN_4096BYTES = 0x00D00000, 327 IMAGE_SCN_ALIGN_8192BYTES = 0x00E00000, 328 IMAGE_SCN_ALIGN_MASK = 0x00F00000, 329 IMAGE_SCN_LNK_NRELOC_OVFL = 0x01000000, 330 IMAGE_SCN_MEM_DISCARDABLE = 0x02000000, 331 IMAGE_SCN_MEM_NOT_CACHED = 0x04000000, 332 IMAGE_SCN_MEM_NOT_PAGED = 0x08000000, 333 IMAGE_SCN_MEM_SHARED = 0x10000000, 334 IMAGE_SCN_MEM_EXECUTE = 0x20000000, 335 IMAGE_SCN_MEM_READ = 0x40000000, 336 IMAGE_SCN_MEM_WRITE = 0x80000000 337 }; 338 339 struct relocation { 340 uint32_t VirtualAddress; 341 uint32_t SymbolTableIndex; 342 uint16_t Type; 343 }; 344 345 enum RelocationTypeI386 : unsigned { 346 IMAGE_REL_I386_ABSOLUTE = 0x0000, 347 IMAGE_REL_I386_DIR16 = 0x0001, 348 IMAGE_REL_I386_REL16 = 0x0002, 349 IMAGE_REL_I386_DIR32 = 0x0006, 350 IMAGE_REL_I386_DIR32NB = 0x0007, 351 IMAGE_REL_I386_SEG12 = 0x0009, 352 IMAGE_REL_I386_SECTION = 0x000A, 353 IMAGE_REL_I386_SECREL = 0x000B, 354 IMAGE_REL_I386_TOKEN = 0x000C, 355 IMAGE_REL_I386_SECREL7 = 0x000D, 356 IMAGE_REL_I386_REL32 = 0x0014 357 }; 358 359 enum RelocationTypeAMD64 : unsigned { 360 IMAGE_REL_AMD64_ABSOLUTE = 0x0000, 361 IMAGE_REL_AMD64_ADDR64 = 0x0001, 362 IMAGE_REL_AMD64_ADDR32 = 0x0002, 363 IMAGE_REL_AMD64_ADDR32NB = 0x0003, 364 IMAGE_REL_AMD64_REL32 = 0x0004, 365 IMAGE_REL_AMD64_REL32_1 = 0x0005, 366 IMAGE_REL_AMD64_REL32_2 = 0x0006, 367 IMAGE_REL_AMD64_REL32_3 = 0x0007, 368 IMAGE_REL_AMD64_REL32_4 = 0x0008, 369 IMAGE_REL_AMD64_REL32_5 = 0x0009, 370 IMAGE_REL_AMD64_SECTION = 0x000A, 371 IMAGE_REL_AMD64_SECREL = 0x000B, 372 IMAGE_REL_AMD64_SECREL7 = 0x000C, 373 IMAGE_REL_AMD64_TOKEN = 0x000D, 374 IMAGE_REL_AMD64_SREL32 = 0x000E, 375 IMAGE_REL_AMD64_PAIR = 0x000F, 376 IMAGE_REL_AMD64_SSPAN32 = 0x0010 377 }; 378 379 enum RelocationTypesARM : unsigned { 380 IMAGE_REL_ARM_ABSOLUTE = 0x0000, 381 IMAGE_REL_ARM_ADDR32 = 0x0001, 382 IMAGE_REL_ARM_ADDR32NB = 0x0002, 383 IMAGE_REL_ARM_BRANCH24 = 0x0003, 384 IMAGE_REL_ARM_BRANCH11 = 0x0004, 385 IMAGE_REL_ARM_TOKEN = 0x0005, 386 IMAGE_REL_ARM_BLX24 = 0x0008, 387 IMAGE_REL_ARM_BLX11 = 0x0009, 388 IMAGE_REL_ARM_REL32 = 0x000A, 389 IMAGE_REL_ARM_SECTION = 0x000E, 390 IMAGE_REL_ARM_SECREL = 0x000F, 391 IMAGE_REL_ARM_MOV32A = 0x0010, 392 IMAGE_REL_ARM_MOV32T = 0x0011, 393 IMAGE_REL_ARM_BRANCH20T = 0x0012, 394 IMAGE_REL_ARM_BRANCH24T = 0x0014, 395 IMAGE_REL_ARM_BLX23T = 0x0015, 396 IMAGE_REL_ARM_PAIR = 0x0016, 397 }; 398 399 enum RelocationTypesARM64 : unsigned { 400 IMAGE_REL_ARM64_ABSOLUTE = 0x0000, 401 IMAGE_REL_ARM64_ADDR32 = 0x0001, 402 IMAGE_REL_ARM64_ADDR32NB = 0x0002, 403 IMAGE_REL_ARM64_BRANCH26 = 0x0003, 404 IMAGE_REL_ARM64_PAGEBASE_REL21 = 0x0004, 405 IMAGE_REL_ARM64_REL21 = 0x0005, 406 IMAGE_REL_ARM64_PAGEOFFSET_12A = 0x0006, 407 IMAGE_REL_ARM64_PAGEOFFSET_12L = 0x0007, 408 IMAGE_REL_ARM64_SECREL = 0x0008, 409 IMAGE_REL_ARM64_SECREL_LOW12A = 0x0009, 410 IMAGE_REL_ARM64_SECREL_HIGH12A = 0x000A, 411 IMAGE_REL_ARM64_SECREL_LOW12L = 0x000B, 412 IMAGE_REL_ARM64_TOKEN = 0x000C, 413 IMAGE_REL_ARM64_SECTION = 0x000D, 414 IMAGE_REL_ARM64_ADDR64 = 0x000E, 415 IMAGE_REL_ARM64_BRANCH19 = 0x000F, 416 IMAGE_REL_ARM64_BRANCH14 = 0x0010, 417 IMAGE_REL_ARM64_REL32 = 0x0011, 418 }; 419 420 enum RelocationTypesMips : unsigned { 421 IMAGE_REL_MIPS_ABSOLUTE = 0x0000, 422 IMAGE_REL_MIPS_REFHALF = 0x0001, 423 IMAGE_REL_MIPS_REFWORD = 0x0002, 424 IMAGE_REL_MIPS_JMPADDR = 0x0003, 425 IMAGE_REL_MIPS_REFHI = 0x0004, 426 IMAGE_REL_MIPS_REFLO = 0x0005, 427 IMAGE_REL_MIPS_GPREL = 0x0006, 428 IMAGE_REL_MIPS_LITERAL = 0x0007, 429 IMAGE_REL_MIPS_SECTION = 0x000A, 430 IMAGE_REL_MIPS_SECREL = 0x000B, 431 IMAGE_REL_MIPS_SECRELLO = 0x000C, 432 IMAGE_REL_MIPS_SECRELHI = 0x000D, 433 IMAGE_REL_MIPS_JMPADDR16 = 0x0010, 434 IMAGE_REL_MIPS_REFWORDNB = 0x0022, 435 IMAGE_REL_MIPS_PAIR = 0x0025, 436 }; 437 438 enum DynamicRelocationType : unsigned { 439 IMAGE_DYNAMIC_RELOCATION_GUARD_RF_PROLOGUE = 1, 440 IMAGE_DYNAMIC_RELOCATION_GUARD_RF_EPILOGUE = 2, 441 IMAGE_DYNAMIC_RELOCATION_GUARD_IMPORT_CONTROL_TRANSFER = 3, 442 IMAGE_DYNAMIC_RELOCATION_GUARD_INDIR_CONTROL_TRANSFER = 4, 443 IMAGE_DYNAMIC_RELOCATION_GUARD_SWITCHTABLE_BRANCH = 5, 444 IMAGE_DYNAMIC_RELOCATION_ARM64X = 6, 445 }; 446 447 enum Arm64XFixupType : uint8_t { 448 IMAGE_DVRT_ARM64X_FIXUP_TYPE_ZEROFILL = 0, 449 IMAGE_DVRT_ARM64X_FIXUP_TYPE_VALUE = 1, 450 IMAGE_DVRT_ARM64X_FIXUP_TYPE_DELTA = 2, 451 }; 452 453 enum COMDATType : uint8_t { 454 IMAGE_COMDAT_SELECT_NODUPLICATES = 1, 455 IMAGE_COMDAT_SELECT_ANY, 456 IMAGE_COMDAT_SELECT_SAME_SIZE, 457 IMAGE_COMDAT_SELECT_EXACT_MATCH, 458 IMAGE_COMDAT_SELECT_ASSOCIATIVE, 459 IMAGE_COMDAT_SELECT_LARGEST, 460 IMAGE_COMDAT_SELECT_NEWEST 461 }; 462 463 // Auxiliary Symbol Formats 464 struct AuxiliaryFunctionDefinition { 465 uint32_t TagIndex; 466 uint32_t TotalSize; 467 uint32_t PointerToLinenumber; 468 uint32_t PointerToNextFunction; 469 char unused[2]; 470 }; 471 472 struct AuxiliarybfAndefSymbol { 473 uint8_t unused1[4]; 474 uint16_t Linenumber; 475 uint8_t unused2[6]; 476 uint32_t PointerToNextFunction; 477 uint8_t unused3[2]; 478 }; 479 480 struct AuxiliaryWeakExternal { 481 uint32_t TagIndex; 482 uint32_t Characteristics; 483 uint8_t unused[10]; 484 }; 485 486 enum WeakExternalCharacteristics : unsigned { 487 IMAGE_WEAK_EXTERN_SEARCH_NOLIBRARY = 1, 488 IMAGE_WEAK_EXTERN_SEARCH_LIBRARY = 2, 489 IMAGE_WEAK_EXTERN_SEARCH_ALIAS = 3, 490 IMAGE_WEAK_EXTERN_ANTI_DEPENDENCY = 4 491 }; 492 493 struct AuxiliarySectionDefinition { 494 uint32_t Length; 495 uint16_t NumberOfRelocations; 496 uint16_t NumberOfLinenumbers; 497 uint32_t CheckSum; 498 uint32_t Number; 499 uint8_t Selection; 500 char unused; 501 }; 502 503 struct AuxiliaryCLRToken { 504 uint8_t AuxType; 505 uint8_t unused1; 506 uint32_t SymbolTableIndex; 507 char unused2[12]; 508 }; 509 510 union Auxiliary { 511 AuxiliaryFunctionDefinition FunctionDefinition; 512 AuxiliarybfAndefSymbol bfAndefSymbol; 513 AuxiliaryWeakExternal WeakExternal; 514 AuxiliarySectionDefinition SectionDefinition; 515 }; 516 517 /// The Import Directory Table. 518 /// 519 /// There is a single array of these and one entry per imported DLL. 520 struct ImportDirectoryTableEntry { 521 uint32_t ImportLookupTableRVA; 522 uint32_t TimeDateStamp; 523 uint32_t ForwarderChain; 524 uint32_t NameRVA; 525 uint32_t ImportAddressTableRVA; 526 }; 527 528 /// The PE32 Import Lookup Table. 529 /// 530 /// There is an array of these for each imported DLL. It represents either 531 /// the ordinal to import from the target DLL, or a name to lookup and import 532 /// from the target DLL. 533 /// 534 /// This also happens to be the same format used by the Import Address Table 535 /// when it is initially written out to the image. 536 struct ImportLookupTableEntry32 { 537 uint32_t data; 538 539 /// Is this entry specified by ordinal, or name? 540 bool isOrdinal() const { return data & 0x80000000; } 541 542 /// Get the ordinal value of this entry. isOrdinal must be true. 543 uint16_t getOrdinal() const { 544 assert(isOrdinal() && "ILT entry is not an ordinal!"); 545 return data & 0xFFFF; 546 } 547 548 /// Set the ordinal value and set isOrdinal to true. 549 void setOrdinal(uint16_t o) { 550 data = o; 551 data |= 0x80000000; 552 } 553 554 /// Get the Hint/Name entry RVA. isOrdinal must be false. 555 uint32_t getHintNameRVA() const { 556 assert(!isOrdinal() && "ILT entry is not a Hint/Name RVA!"); 557 return data; 558 } 559 560 /// Set the Hint/Name entry RVA and set isOrdinal to false. 561 void setHintNameRVA(uint32_t rva) { data = rva; } 562 }; 563 564 /// The DOS compatible header at the front of all PEs. 565 struct DOSHeader { 566 uint16_t Magic; 567 uint16_t UsedBytesInTheLastPage; 568 uint16_t FileSizeInPages; 569 uint16_t NumberOfRelocationItems; 570 uint16_t HeaderSizeInParagraphs; 571 uint16_t MinimumExtraParagraphs; 572 uint16_t MaximumExtraParagraphs; 573 uint16_t InitialRelativeSS; 574 uint16_t InitialSP; 575 uint16_t Checksum; 576 uint16_t InitialIP; 577 uint16_t InitialRelativeCS; 578 uint16_t AddressOfRelocationTable; 579 uint16_t OverlayNumber; 580 uint16_t Reserved[4]; 581 uint16_t OEMid; 582 uint16_t OEMinfo; 583 uint16_t Reserved2[10]; 584 uint32_t AddressOfNewExeHeader; 585 }; 586 587 struct PE32Header { 588 enum { PE32 = 0x10b, PE32_PLUS = 0x20b }; 589 590 uint16_t Magic; 591 uint8_t MajorLinkerVersion; 592 uint8_t MinorLinkerVersion; 593 uint32_t SizeOfCode; 594 uint32_t SizeOfInitializedData; 595 uint32_t SizeOfUninitializedData; 596 uint32_t AddressOfEntryPoint; // RVA 597 uint32_t BaseOfCode; // RVA 598 uint32_t BaseOfData; // RVA 599 uint64_t ImageBase; 600 uint32_t SectionAlignment; 601 uint32_t FileAlignment; 602 uint16_t MajorOperatingSystemVersion; 603 uint16_t MinorOperatingSystemVersion; 604 uint16_t MajorImageVersion; 605 uint16_t MinorImageVersion; 606 uint16_t MajorSubsystemVersion; 607 uint16_t MinorSubsystemVersion; 608 uint32_t Win32VersionValue; 609 uint32_t SizeOfImage; 610 uint32_t SizeOfHeaders; 611 uint32_t CheckSum; 612 uint16_t Subsystem; 613 // FIXME: This should be DllCharacteristics to match the COFF spec. 614 uint16_t DLLCharacteristics; 615 uint64_t SizeOfStackReserve; 616 uint64_t SizeOfStackCommit; 617 uint64_t SizeOfHeapReserve; 618 uint64_t SizeOfHeapCommit; 619 uint32_t LoaderFlags; 620 // FIXME: This should be NumberOfRvaAndSizes to match the COFF spec. 621 uint32_t NumberOfRvaAndSize; 622 }; 623 624 struct DataDirectory { 625 uint32_t RelativeVirtualAddress; 626 uint32_t Size; 627 }; 628 629 enum DataDirectoryIndex : unsigned { 630 EXPORT_TABLE = 0, 631 IMPORT_TABLE, 632 RESOURCE_TABLE, 633 EXCEPTION_TABLE, 634 CERTIFICATE_TABLE, 635 BASE_RELOCATION_TABLE, 636 DEBUG_DIRECTORY, 637 ARCHITECTURE, 638 GLOBAL_PTR, 639 TLS_TABLE, 640 LOAD_CONFIG_TABLE, 641 BOUND_IMPORT, 642 IAT, 643 DELAY_IMPORT_DESCRIPTOR, 644 CLR_RUNTIME_HEADER, 645 646 NUM_DATA_DIRECTORIES 647 }; 648 649 enum WindowsSubsystem : unsigned { 650 IMAGE_SUBSYSTEM_UNKNOWN = 0, ///< An unknown subsystem. 651 IMAGE_SUBSYSTEM_NATIVE = 1, ///< Device drivers and native Windows processes 652 IMAGE_SUBSYSTEM_WINDOWS_GUI = 2, ///< The Windows GUI subsystem. 653 IMAGE_SUBSYSTEM_WINDOWS_CUI = 3, ///< The Windows character subsystem. 654 IMAGE_SUBSYSTEM_OS2_CUI = 5, ///< The OS/2 character subsystem. 655 IMAGE_SUBSYSTEM_POSIX_CUI = 7, ///< The POSIX character subsystem. 656 IMAGE_SUBSYSTEM_NATIVE_WINDOWS = 8, ///< Native Windows 9x driver. 657 IMAGE_SUBSYSTEM_WINDOWS_CE_GUI = 9, ///< Windows CE. 658 IMAGE_SUBSYSTEM_EFI_APPLICATION = 10, ///< An EFI application. 659 IMAGE_SUBSYSTEM_EFI_BOOT_SERVICE_DRIVER = 11, ///< An EFI driver with boot 660 /// services. 661 IMAGE_SUBSYSTEM_EFI_RUNTIME_DRIVER = 12, ///< An EFI driver with run-time 662 /// services. 663 IMAGE_SUBSYSTEM_EFI_ROM = 13, ///< An EFI ROM image. 664 IMAGE_SUBSYSTEM_XBOX = 14, ///< XBOX. 665 IMAGE_SUBSYSTEM_WINDOWS_BOOT_APPLICATION = 16 ///< A BCD application. 666 }; 667 668 enum DLLCharacteristics : unsigned { 669 /// ASLR with 64 bit address space. 670 IMAGE_DLL_CHARACTERISTICS_HIGH_ENTROPY_VA = 0x0020, 671 /// DLL can be relocated at load time. 672 IMAGE_DLL_CHARACTERISTICS_DYNAMIC_BASE = 0x0040, 673 /// Code integrity checks are enforced. 674 IMAGE_DLL_CHARACTERISTICS_FORCE_INTEGRITY = 0x0080, 675 ///< Image is NX compatible. 676 IMAGE_DLL_CHARACTERISTICS_NX_COMPAT = 0x0100, 677 /// Isolation aware, but do not isolate the image. 678 IMAGE_DLL_CHARACTERISTICS_NO_ISOLATION = 0x0200, 679 /// Does not use structured exception handling (SEH). No SEH handler may be 680 /// called in this image. 681 IMAGE_DLL_CHARACTERISTICS_NO_SEH = 0x0400, 682 /// Do not bind the image. 683 IMAGE_DLL_CHARACTERISTICS_NO_BIND = 0x0800, 684 ///< Image should execute in an AppContainer. 685 IMAGE_DLL_CHARACTERISTICS_APPCONTAINER = 0x1000, 686 ///< A WDM driver. 687 IMAGE_DLL_CHARACTERISTICS_WDM_DRIVER = 0x2000, 688 ///< Image supports Control Flow Guard. 689 IMAGE_DLL_CHARACTERISTICS_GUARD_CF = 0x4000, 690 /// Terminal Server aware. 691 IMAGE_DLL_CHARACTERISTICS_TERMINAL_SERVER_AWARE = 0x8000 692 }; 693 694 enum ExtendedDLLCharacteristics : unsigned { 695 /// Image is CET compatible 696 IMAGE_DLL_CHARACTERISTICS_EX_CET_COMPAT = 0x0001 697 }; 698 699 enum DebugType : unsigned { 700 IMAGE_DEBUG_TYPE_UNKNOWN = 0, 701 IMAGE_DEBUG_TYPE_COFF = 1, 702 IMAGE_DEBUG_TYPE_CODEVIEW = 2, 703 IMAGE_DEBUG_TYPE_FPO = 3, 704 IMAGE_DEBUG_TYPE_MISC = 4, 705 IMAGE_DEBUG_TYPE_EXCEPTION = 5, 706 IMAGE_DEBUG_TYPE_FIXUP = 6, 707 IMAGE_DEBUG_TYPE_OMAP_TO_SRC = 7, 708 IMAGE_DEBUG_TYPE_OMAP_FROM_SRC = 8, 709 IMAGE_DEBUG_TYPE_BORLAND = 9, 710 IMAGE_DEBUG_TYPE_RESERVED10 = 10, 711 IMAGE_DEBUG_TYPE_CLSID = 11, 712 IMAGE_DEBUG_TYPE_VC_FEATURE = 12, 713 IMAGE_DEBUG_TYPE_POGO = 13, 714 IMAGE_DEBUG_TYPE_ILTCG = 14, 715 IMAGE_DEBUG_TYPE_MPX = 15, 716 IMAGE_DEBUG_TYPE_REPRO = 16, 717 IMAGE_DEBUG_TYPE_EX_DLLCHARACTERISTICS = 20, 718 }; 719 720 enum BaseRelocationType : unsigned { 721 IMAGE_REL_BASED_ABSOLUTE = 0, 722 IMAGE_REL_BASED_HIGH = 1, 723 IMAGE_REL_BASED_LOW = 2, 724 IMAGE_REL_BASED_HIGHLOW = 3, 725 IMAGE_REL_BASED_HIGHADJ = 4, 726 IMAGE_REL_BASED_MIPS_JMPADDR = 5, 727 IMAGE_REL_BASED_ARM_MOV32A = 5, 728 IMAGE_REL_BASED_ARM_MOV32T = 7, 729 IMAGE_REL_BASED_MIPS_JMPADDR16 = 9, 730 IMAGE_REL_BASED_DIR64 = 10 731 }; 732 733 enum ImportType : unsigned { 734 IMPORT_CODE = 0, 735 IMPORT_DATA = 1, 736 IMPORT_CONST = 2 737 }; 738 739 enum ImportNameType : unsigned { 740 /// Import is by ordinal. This indicates that the value in the Ordinal/Hint 741 /// field of the import header is the import's ordinal. If this constant is 742 /// not specified, then the Ordinal/Hint field should always be interpreted 743 /// as the import's hint. 744 IMPORT_ORDINAL = 0, 745 /// The import name is identical to the public symbol name 746 IMPORT_NAME = 1, 747 /// The import name is the public symbol name, but skipping the leading ?, 748 /// @, or optionally _. 749 IMPORT_NAME_NOPREFIX = 2, 750 /// The import name is the public symbol name, but skipping the leading ?, 751 /// @, or optionally _, and truncating at the first @. 752 IMPORT_NAME_UNDECORATE = 3, 753 /// The import name is specified as a separate string in the import library 754 /// object file. 755 IMPORT_NAME_EXPORTAS = 4 756 }; 757 758 enum class GuardFlags : uint32_t { 759 /// Module performs control flow integrity checks using system-supplied 760 /// support. 761 CF_INSTRUMENTED = 0x100, 762 /// Module performs control flow and write integrity checks. 763 CFW_INSTRUMENTED = 0x200, 764 /// Module contains valid control flow target metadata. 765 CF_FUNCTION_TABLE_PRESENT = 0x400, 766 /// Module does not make use of the /GS security cookie. 767 SECURITY_COOKIE_UNUSED = 0x800, 768 /// Module supports read only delay load IAT. 769 PROTECT_DELAYLOAD_IAT = 0x1000, 770 /// Delayload import table in its own .didat section (with nothing else in it) 771 /// that can be freely reprotected. 772 DELAYLOAD_IAT_IN_ITS_OWN_SECTION = 0x2000, 773 /// Module contains suppressed export information. This also infers that the 774 /// address taken IAT table is also present in the load config. 775 CF_EXPORT_SUPPRESSION_INFO_PRESENT = 0x4000, 776 /// Module enables suppression of exports. 777 CF_ENABLE_EXPORT_SUPPRESSION = 0x8000, 778 /// Module contains longjmp target information. 779 CF_LONGJUMP_TABLE_PRESENT = 0x10000, 780 /// Module contains EH continuation target information. 781 EH_CONTINUATION_TABLE_PRESENT = 0x400000, 782 /// Mask for the subfield that contains the stride of Control Flow Guard 783 /// function table entries (that is, the additional count of bytes per table 784 /// entry). 785 CF_FUNCTION_TABLE_SIZE_MASK = 0xF0000000, 786 CF_FUNCTION_TABLE_SIZE_5BYTES = 0x10000000, 787 CF_FUNCTION_TABLE_SIZE_6BYTES = 0x20000000, 788 CF_FUNCTION_TABLE_SIZE_7BYTES = 0x30000000, 789 CF_FUNCTION_TABLE_SIZE_8BYTES = 0x40000000, 790 CF_FUNCTION_TABLE_SIZE_9BYTES = 0x50000000, 791 CF_FUNCTION_TABLE_SIZE_10BYTES = 0x60000000, 792 CF_FUNCTION_TABLE_SIZE_11BYTES = 0x70000000, 793 CF_FUNCTION_TABLE_SIZE_12BYTES = 0x80000000, 794 CF_FUNCTION_TABLE_SIZE_13BYTES = 0x90000000, 795 CF_FUNCTION_TABLE_SIZE_14BYTES = 0xA0000000, 796 CF_FUNCTION_TABLE_SIZE_15BYTES = 0xB0000000, 797 CF_FUNCTION_TABLE_SIZE_16BYTES = 0xC0000000, 798 CF_FUNCTION_TABLE_SIZE_17BYTES = 0xD0000000, 799 CF_FUNCTION_TABLE_SIZE_18BYTES = 0xE0000000, 800 CF_FUNCTION_TABLE_SIZE_19BYTES = 0xF0000000, 801 }; 802 803 struct ImportHeader { 804 uint16_t Sig1; ///< Must be IMAGE_FILE_MACHINE_UNKNOWN (0). 805 uint16_t Sig2; ///< Must be 0xFFFF. 806 uint16_t Version; 807 uint16_t Machine; 808 uint32_t TimeDateStamp; 809 uint32_t SizeOfData; 810 uint16_t OrdinalHint; 811 uint16_t TypeInfo; 812 813 ImportType getType() const { return static_cast<ImportType>(TypeInfo & 0x3); } 814 815 ImportNameType getNameType() const { 816 return static_cast<ImportNameType>((TypeInfo & 0x1C) >> 2); 817 } 818 }; 819 820 enum CodeViewIdentifiers { 821 DEBUG_SECTION_MAGIC = 0x4, 822 DEBUG_HASHES_SECTION_MAGIC = 0x133C9C5 823 }; 824 825 // These flags show up in the @feat.00 symbol. They appear to be some kind of 826 // compiler features bitfield read by link.exe. 827 enum Feat00Flags : uint32_t { 828 // Object is compatible with /safeseh. 829 SafeSEH = 0x1, 830 // Object was compiled with /GS. 831 GuardStack = 0x100, 832 // Object was compiled with /sdl. 833 SDL = 0x200, 834 // Object was compiled with /guard:cf. 835 GuardCF = 0x800, 836 // Object was compiled with /guard:ehcont. 837 GuardEHCont = 0x4000, 838 // Object was compiled with /kernel. 839 Kernel = 0x40000000, 840 }; 841 842 enum Arm64ECThunkType : uint8_t { 843 GuestExit = 0, 844 Entry = 1, 845 Exit = 4, 846 }; 847 848 inline bool isReservedSectionNumber(int32_t SectionNumber) { 849 return SectionNumber <= 0; 850 } 851 852 /// Encode section name based on string table offset. 853 /// The size of Out must be at least COFF::NameSize. 854 bool encodeSectionName(char *Out, uint64_t Offset); 855 856 } // End namespace COFF. 857 } // End namespace llvm. 858 859 #endif 860