Context Navigation

kLdrModPE.h@ 3567

Visit:

Last change on this file since 3567 was 3567, checked in by bird, 18 years ago
Use the new type system.
Property svn:keywords set to `Id`
File size: 14.9 KB

Line
1	/* $Id: kLdrModPE.h 3567 2007-08-27 19:54:05Z bird $ */
2
3	#ifndef __kLdrModPE_h__
4	#define __kLdrModPE_h__
5
6
7	/*******************************************************************************
8	* Header Files *
9	*******************************************************************************/
10	#include "kLdrBase.h"
11
12
13	/*******************************************************************************
14	* Defined Constants And Macros *
15	*******************************************************************************/
16	#ifndef IMAGE_NT_SIGNATURE
17	# define IMAGE_NT_SIGNATURE KLDR_LE2H_U32('P' \| ('E' << 8))
18	#endif
19
20	/* file header */
21	#define IMAGE_FILE_MACHINE_I386 0x014c
22	#define IMAGE_FILE_MACHINE_AMD64 0x8664
23
24	#define IMAGE_FILE_RELOCS_STRIPPED 0x0001
25	#define IMAGE_FILE_EXECUTABLE_IMAGE 0x0002
26	#define IMAGE_FILE_LINE_NUMS_STRIPPED 0x0004
27	#define IMAGE_FILE_LOCAL_SYMS_STRIPPED 0x0008
28	#define IMAGE_FILE_AGGRESIVE_WS_TRIM 0x0010
29	#define IMAGE_FILE_LARGE_ADDRESS_AWARE 0x0020
30	#define IMAGE_FILE_16BIT_MACHINE 0x0040
31	#define IMAGE_FILE_BYTES_REVERSED_LO 0x0080
32	#define IMAGE_FILE_32BIT_MACHINE 0x0100
33	#define IMAGE_FILE_DEBUG_STRIPPED 0x0200
34	#define IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP 0x0400
35	#define IMAGE_FILE_NET_RUN_FROM_SWAP 0x0800
36	#define IMAGE_FILE_SYSTEM 0x1000
37	#define IMAGE_FILE_DLL 0x2000
38	#define IMAGE_FILE_UP_SYSTEM_ONLY 0x4000
39	#define IMAGE_FILE_BYTES_REVERSED_HI 0x8000
40
41
42	/* optional header */
43	#define IMAGE_NT_OPTIONAL_HDR32_MAGIC 0x10B
44	#define IMAGE_NT_OPTIONAL_HDR64_MAGIC 0x20B
45
46	#define IMAGE_SUBSYSTEM_UNKNOWN 0x0
47	#define IMAGE_SUBSYSTEM_NATIVE 0x1
48	#define IMAGE_SUBSYSTEM_WINDOWS_GUI 0x2
49	#define IMAGE_SUBSYSTEM_WINDOWS_CUI 0x3
50	#define IMAGE_SUBSYSTEM_OS2_GUI 0x4
51	#define IMAGE_SUBSYSTEM_OS2_CUI 0x5
52	#define IMAGE_SUBSYSTEM_POSIX_CUI 0x7
53
54	#define IMAGE_LIBRARY_PROCESS_INIT 0x0001
55	#define IMAGE_LIBRARY_PROCESS_TERM 0x0002
56	#define IMAGE_LIBRARY_THREAD_INIT 0x0004
57	#define IMAGE_LIBRARY_THREAD_TERM 0x0008
58	#define IMAGE_DLLCHARACTERISTICS_NO_ISOLATION 0x0200
59	#define IMAGE_DLLCHARACTERISTICS_NO_SEH 0x0400
60	#define IMAGE_DLLCHARACTERISTICS_NO_BIND 0x0800
61	#define IMAGE_DLLCHARACTERISTICS_WDM_DRIVER 0x2000
62	#define IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE 0x8000
63
64	#define IMAGE_NUMBEROF_DIRECTORY_ENTRIES 0x10
65
66	#define IMAGE_DIRECTORY_ENTRY_EXPORT 0x0
67	#define IMAGE_DIRECTORY_ENTRY_IMPORT 0x1
68	#define IMAGE_DIRECTORY_ENTRY_RESOURCE 0x2
69	#define IMAGE_DIRECTORY_ENTRY_EXCEPTION 0x3
70	#define IMAGE_DIRECTORY_ENTRY_SECURITY 0x4
71	#define IMAGE_DIRECTORY_ENTRY_BASERELOC 0x5
72	#define IMAGE_DIRECTORY_ENTRY_DEBUG 0x6
73	#define IMAGE_DIRECTORY_ENTRY_ARCHITECTURE 0x7
74	#define IMAGE_DIRECTORY_ENTRY_COPYRIGHT IMAGE_DIRECTORY_ENTRY_ARCHITECTURE
75	#define IMAGE_DIRECTORY_ENTRY_GLOBALPTR 0x8
76	#define IMAGE_DIRECTORY_ENTRY_TLS 0x9
77	#define IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG 0xa
78	#define IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT 0xb
79	#define IMAGE_DIRECTORY_ENTRY_IAT 0xc
80	#define IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT 0xd
81	#define IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR 0xe
82
83
84	/* section header */
85	#define IMAGE_SIZEOF_SHORT_NAME 0x8
86
87	#define IMAGE_SCN_TYPE_REG 0x00000000
88	#define IMAGE_SCN_TYPE_DSECT 0x00000001
89	#define IMAGE_SCN_TYPE_NOLOAD 0x00000002
90	#define IMAGE_SCN_TYPE_GROUP 0x00000004
91	#define IMAGE_SCN_TYPE_NO_PAD 0x00000008
92	#define IMAGE_SCN_TYPE_COPY 0x00000010
93
94	#define IMAGE_SCN_CNT_CODE 0x00000020
95	#define IMAGE_SCN_CNT_INITIALIZED_DATA 0x00000040
96	#define IMAGE_SCN_CNT_UNINITIALIZED_DATA 0x00000080
97
98	#define IMAGE_SCN_LNK_OTHER 0x00000100
99	#define IMAGE_SCN_LNK_INFO 0x00000200
100	#define IMAGE_SCN_TYPE_OVER 0x00000400
101	#define IMAGE_SCN_LNK_REMOVE 0x00000800
102	#define IMAGE_SCN_LNK_COMDAT 0x00001000
103	#define IMAGE_SCN_MEM_PROTECTED 0x00004000
104	#define IMAGE_SCN_NO_DEFER_SPEC_EXC 0x00004000
105	#define IMAGE_SCN_GPREL 0x00008000
106	#define IMAGE_SCN_MEM_FARDATA 0x00008000
107	#define IMAGE_SCN_MEM_SYSHEAP 0x00010000
108	#define IMAGE_SCN_MEM_PURGEABLE 0x00020000
109	#define IMAGE_SCN_MEM_16BIT 0x00020000
110	#define IMAGE_SCN_MEM_LOCKED 0x00040000
111	#define IMAGE_SCN_MEM_PRELOAD 0x00080000
112
113	#define IMAGE_SCN_ALIGN_1BYTES 0x00100000
114	#define IMAGE_SCN_ALIGN_2BYTES 0x00200000
115	#define IMAGE_SCN_ALIGN_4BYTES 0x00300000
116	#define IMAGE_SCN_ALIGN_8BYTES 0x00400000
117	#define IMAGE_SCN_ALIGN_16BYTES 0x00500000
118	#define IMAGE_SCN_ALIGN_32BYTES 0x00600000
119	#define IMAGE_SCN_ALIGN_64BYTES 0x00700000
120	#define IMAGE_SCN_ALIGN_128BYTES 0x00800000
121	#define IMAGE_SCN_ALIGN_256BYTES 0x00900000
122	#define IMAGE_SCN_ALIGN_512BYTES 0x00A00000
123	#define IMAGE_SCN_ALIGN_1024BYTES 0x00B00000
124	#define IMAGE_SCN_ALIGN_2048BYTES 0x00C00000
125	#define IMAGE_SCN_ALIGN_4096BYTES 0x00D00000
126	#define IMAGE_SCN_ALIGN_8192BYTES 0x00E00000
127	#define IMAGE_SCN_ALIGN_MASK 0x00F00000
128
129	#define IMAGE_SCN_LNK_NRELOC_OVFL 0x01000000
130	#define IMAGE_SCN_MEM_DISCARDABLE 0x02000000
131	#define IMAGE_SCN_MEM_NOT_CACHED 0x04000000
132	#define IMAGE_SCN_MEM_NOT_PAGED 0x08000000
133	#define IMAGE_SCN_MEM_SHARED 0x10000000
134	#define IMAGE_SCN_MEM_EXECUTE 0x20000000
135	#define IMAGE_SCN_MEM_READ 0x40000000
136	#define IMAGE_SCN_MEM_WRITE 0x80000000
137
138
139	/* relocations */
140	#define IMAGE_REL_BASED_ABSOLUTE 0x0
141	#define IMAGE_REL_BASED_HIGH 0x1
142	#define IMAGE_REL_BASED_LOW 0x2
143	#define IMAGE_REL_BASED_HIGHLOW 0x3
144	#define IMAGE_REL_BASED_HIGHADJ 0x4
145	#define IMAGE_REL_BASED_MIPS_JMPADDR 0x5
146	#define IMAGE_REL_BASED_SECTION 0x6
147	#define IMAGE_REL_BASED_REL32 0x7
148	/#define IMAGE_REL_BASED_RESERVED1 0x8 /
149	#define IMAGE_REL_BASED_MIPS_JMPADDR16 0x9
150	#define IMAGE_REL_BASED_IA64_IMM64 0x9
151	#define IMAGE_REL_BASED_DIR64 0xa
152	#define IMAGE_REL_BASED_HIGH3ADJ 0xb
153
154	/* imports */
155	#define IMAGE_ORDINAL_FLAG32 0x80000000
156	#define IMAGE_ORDINAL32(ord) ((ord) & 0xffff)
157	#define IMAGE_SNAP_BY_ORDINAL32(ord) (!!((ord) & IMAGE_ORDINAL_FLAG32))
158
159	#define IMAGE_ORDINAL_FLAG64 0x8000000000000000ULL
160	#define IMAGE_ORDINAL64(ord) ((ord) & 0xffff)
161	#define IMAGE_SNAP_BY_ORDINAL64(ord) (!!((ord) & IMAGE_ORDINAL_FLAG64))
162
163
164	/* dll/tls entry points argument */
165	#define DLL_PROCESS_DETACH 0
166	#define DLL_PROCESS_ATTACH 1
167	#define DLL_THREAD_ATTACH 2
168	#define DLL_THREAD_DETACH 3
169
170
171	/*******************************************************************************
172	* Structures and Typedefs *
173	*******************************************************************************/
174	#pragma pack(4)
175
176	typedef struct _IMAGE_FILE_HEADER
177	{
178	KU16 Machine;
179	KU16 NumberOfSections;
180	KU32 TimeDateStamp;
181	KU32 PointerToSymbolTable;
182	KU32 NumberOfSymbols;
183	KU16 SizeOfOptionalHeader;
184	KU16 Characteristics;
185	} IMAGE_FILE_HEADER;
186	typedef IMAGE_FILE_HEADER *PIMAGE_FILE_HEADER;
187
188
189	typedef struct _IMAGE_DATA_DIRECTORY
190	{
191	KU32 VirtualAddress;
192	KU32 Size;
193	} IMAGE_DATA_DIRECTORY;
194	typedef IMAGE_DATA_DIRECTORY *PIMAGE_DATA_DIRECTORY;
195
196
197	typedef struct _IMAGE_OPTIONAL_HEADER32
198	{
199	KU16 Magic;
200	KU8 MajorLinkerVersion;
201	KU8 MinorLinkerVersion;
202	KU32 SizeOfCode;
203	KU32 SizeOfInitializedData;
204	KU32 SizeOfUninitializedData;
205	KU32 AddressOfEntryPoint;
206	KU32 BaseOfCode;
207	KU32 BaseOfData;
208	KU32 ImageBase;
209	KU32 SectionAlignment;
210	KU32 FileAlignment;
211	KU16 MajorOperatingSystemVersion;
212	KU16 MinorOperatingSystemVersion;
213	KU16 MajorImageVersion;
214	KU16 MinorImageVersion;
215	KU16 MajorSubsystemVersion;
216	KU16 MinorSubsystemVersion;
217	KU32 Win32VersionValue;
218	KU32 SizeOfImage;
219	KU32 SizeOfHeaders;
220	KU32 CheckSum;
221	KU16 Subsystem;
222	KU16 DllCharacteristics;
223	KU32 SizeOfStackReserve;
224	KU32 SizeOfStackCommit;
225	KU32 SizeOfHeapReserve;
226	KU32 SizeOfHeapCommit;
227	KU32 LoaderFlags;
228	KU32 NumberOfRvaAndSizes;
229	IMAGE_DATA_DIRECTORY DataDirectory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES];
230	} IMAGE_OPTIONAL_HEADER32;
231	typedef IMAGE_OPTIONAL_HEADER32 *PIMAGE_OPTIONAL_HEADER32;
232
233	typedef struct _IMAGE_OPTIONAL_HEADER64
234	{
235	KU16 Magic;
236	KU8 MajorLinkerVersion;
237	KU8 MinorLinkerVersion;
238	KU32 SizeOfCode;
239	KU32 SizeOfInitializedData;
240	KU32 SizeOfUninitializedData;
241	KU32 AddressOfEntryPoint;
242	KU32 BaseOfCode;
243	KU64 ImageBase;
244	KU32 SectionAlignment;
245	KU32 FileAlignment;
246	KU16 MajorOperatingSystemVersion;
247	KU16 MinorOperatingSystemVersion;
248	KU16 MajorImageVersion;
249	KU16 MinorImageVersion;
250	KU16 MajorSubsystemVersion;
251	KU16 MinorSubsystemVersion;
252	KU32 Win32VersionValue;
253	KU32 SizeOfImage;
254	KU32 SizeOfHeaders;
255	KU32 CheckSum;
256	KU16 Subsystem;
257	KU16 DllCharacteristics;
258	KU64 SizeOfStackReserve;
259	KU64 SizeOfStackCommit;
260	KU64 SizeOfHeapReserve;
261	KU64 SizeOfHeapCommit;
262	KU32 LoaderFlags;
263	KU32 NumberOfRvaAndSizes;
264	IMAGE_DATA_DIRECTORY DataDirectory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES];
265	} IMAGE_OPTIONAL_HEADER64;
266	typedef IMAGE_OPTIONAL_HEADER64 *PIMAGE_OPTIONAL_HEADER64;
267
268
269	typedef struct _IMAGE_NT_HEADERS
270	{
271	KU32 Signature;
272	IMAGE_FILE_HEADER FileHeader;
273	IMAGE_OPTIONAL_HEADER32 OptionalHeader;
274	} IMAGE_NT_HEADERS32;
275	typedef IMAGE_NT_HEADERS32 *PIMAGE_NT_HEADERS32;
276
277	typedef struct _IMAGE_NT_HEADERS64
278	{
279	KU32 Signature;
280	IMAGE_FILE_HEADER FileHeader;
281	IMAGE_OPTIONAL_HEADER64 OptionalHeader;
282	} IMAGE_NT_HEADERS64;
283	typedef IMAGE_NT_HEADERS64 *PIMAGE_NT_HEADERS64;
284
285
286	typedef struct _IMAGE_SECTION_HEADER
287	{
288	KU8 Name[IMAGE_SIZEOF_SHORT_NAME];
289	union
290	{
291	KU32 PhysicalAddress;
292	KU32 VirtualSize;
293	} Misc;
294	KU32 VirtualAddress;
295	KU32 SizeOfRawData;
296	KU32 PointerToRawData;
297	KU32 PointerToRelocations;
298	KU32 PointerToLinenumbers;
299	KU16 NumberOfRelocations;
300	KU16 NumberOfLinenumbers;
301	KU32 Characteristics;
302	} IMAGE_SECTION_HEADER;
303	typedef IMAGE_SECTION_HEADER *PIMAGE_SECTION_HEADER;
304
305
306	typedef struct _IMAGE_BASE_RELOCATION
307	{
308	KU32 VirtualAddress;
309	KU32 SizeOfBlock;
310	} IMAGE_BASE_RELOCATION;
311	typedef IMAGE_BASE_RELOCATION *PIMAGE_BASE_RELOCATION;
312
313
314	typedef struct _IMAGE_EXPORT_DIRECTORY
315	{
316	KU32 Characteristics;
317	KU32 TimeDateStamp;
318	KU16 MajorVersion;
319	KU16 MinorVersion;
320	KU32 Name;
321	KU32 Base;
322	KU32 NumberOfFunctions;
323	KU32 NumberOfNames;
324	KU32 AddressOfFunctions;
325	KU32 AddressOfNames;
326	KU32 AddressOfNameOrdinals;
327	} IMAGE_EXPORT_DIRECTORY, *PIMAGE_EXPORT_DIRECTORY;
328
329
330	typedef struct _IMAGE_IMPORT_DESCRIPTOR
331	{
332	union
333	{
334	KU32 Characteristics;
335	KU32 OriginalFirstThunk;
336	} u;
337	KU32 TimeDateStamp;
338	KU32 ForwarderChain;
339	KU32 Name;
340	KU32 FirstThunk;
341	} IMAGE_IMPORT_DESCRIPTOR;
342	typedef IMAGE_IMPORT_DESCRIPTOR *PIMAGE_IMPORT_DESCRIPTOR;
343
344
345	typedef struct _IMAGE_IMPORT_BY_NAME
346	{
347	KU16 Hint;
348	KU8 Name[1];
349	} IMAGE_IMPORT_BY_NAME;
350	typedef IMAGE_IMPORT_BY_NAME *PIMAGE_IMPORT_BY_NAME;
351
352
353	/* The image_thunk_data32/64 structures are not very helpful except for getting RSI. keep them around till all the code has been converted. */
354	typedef struct _IMAGE_THUNK_DATA64
355	{
356	union
357	{
358	KU64 ForwarderString;
359	KU64 Function;
360	KU64 Ordinal;
361	KU64 AddressOfData;
362	} u1;
363	} IMAGE_THUNK_DATA64;
364	typedef IMAGE_THUNK_DATA64 *PIMAGE_THUNK_DATA64;
365
366	typedef struct _IMAGE_THUNK_DATA32
367	{
368	union
369	{
370	KU32 ForwarderString;
371	KU32 Function;
372	KU32 Ordinal;
373	KU32 AddressOfData;
374	} u1;
375	} IMAGE_THUNK_DATA32;
376	typedef IMAGE_THUNK_DATA32 *PIMAGE_THUNK_DATA32;
377
378
379	typedef struct _IMAGE_LOAD_CONFIG_DIRECTORY32
380	{
381	KU32 Size;
382	KU32 TimeDateStamp;
383	KU16 MajorVersion;
384	KU16 MinorVersion;
385	KU32 GlobalFlagsClear;
386	KU32 GlobalFlagsSet;
387	KU32 CriticalSectionDefaultTimeout;
388	KU32 DeCommitFreeBlockThreshold;
389	KU32 DeCommitTotalFreeThreshold;
390	KU32 LockPrefixTable;
391	KU32 MaximumAllocationSize;
392	KU32 VirtualMemoryThreshold;
393	KU32 ProcessHeapFlags;
394	KU32 ProcessAffinityMask;
395	KU16 CSDVersion;
396	KU16 Reserved1;
397	KU32 EditList;
398	KU32 SecurityCookie;
399	KU32 SEHandlerTable;
400	KU32 SEHandlerCount;
401	} IMAGE_LOAD_CONFIG_DIRECTORY32;
402	typedef IMAGE_LOAD_CONFIG_DIRECTORY32 PIMAGE_LOAD_CONFIG_DIRECTORY32;
403
404	typedef struct _IMAGE_LOAD_CONFIG_DIRECTORY64
405	{
406	KU32 Size;
407	KU32 TimeDateStamp;
408	KU16 MajorVersion;
409	KU16 MinorVersion;
410	KU32 GlobalFlagsClear;
411	KU32 GlobalFlagsSet;
412	KU32 CriticalSectionDefaultTimeout;
413	KU64 DeCommitFreeBlockThreshold;
414	KU64 DeCommitTotalFreeThreshold;
415	KU64 LockPrefixTable;
416	KU64 MaximumAllocationSize;
417	KU64 VirtualMemoryThreshold;
418	KU64 ProcessAffinityMask;
419	KU32 ProcessHeapFlags;
420	KU16 CSDVersion;
421	KU16 Reserved1;
422	KU64 EditList;
423	KU64 SecurityCookie;
424	KU64 SEHandlerTable;
425	KU64 SEHandlerCount;
426	} IMAGE_LOAD_CONFIG_DIRECTORY64;
427	typedef IMAGE_LOAD_CONFIG_DIRECTORY64 *PIMAGE_LOAD_CONFIG_DIRECTORY64;
428
429	typedef struct _IMAGE_DEBUG_DIRECTORY
430	{
431	KU32 Characteristics;
432	KU32 TimeDateStamp;
433	KU16 MajorVersion;
434	KU16 MinorVersion;
435	KU32 Type;
436	KU32 SizeOfData;
437	KU32 AddressOfRawData;
438	KU32 PointerToRawData;
439	} IMAGE_DEBUG_DIRECTORY;
440	typedef IMAGE_DEBUG_DIRECTORY *PIMAGE_DEBUG_DIRECTORY;
441
442	#define IMAGE_DEBUG_TYPE_UNKNOWN 0
443	#define IMAGE_DEBUG_TYPE_COFF 1
444	#define IMAGE_DEBUG_TYPE_CODEVIEW 2 /* 4.0 */
445	#define IMAGE_DEBUG_TYPE_FPO 3 /* FPO = frame pointer omission */
446	#define IMAGE_DEBUG_TYPE_MISC 4
447	#define IMAGE_DEBUG_TYPE_EXCEPTION 5
448	#define IMAGE_DEBUG_TYPE_FIXUP 6
449	#define IMAGE_DEBUG_TYPE_BORLAND 9
450
451	typedef struct _IMAGE_TLS_DIRECTORY32
452	{
453	KU32 StartAddressOfRawData;
454	KU32 EndAddressOfRawData;
455	KU32 AddressOfIndex;
456	KU32 AddressOfCallBacks;
457	KU32 SizeOfZeroFill;
458	KU32 Characteristics;
459	} IMAGE_TLS_DIRECTORY32;
460	typedef IMAGE_TLS_DIRECTORY32 *PIMAGE_TLS_DIRECTORY32;
461
462	typedef struct _IMAGE_TLS_DIRECTORY64
463	{
464	KU64 StartAddressOfRawData;
465	KU64 EndAddressOfRawData;
466	KU64 AddressOfIndex;
467	KU64 AddressOfCallBacks;
468	KU32 SizeOfZeroFill;
469	KU32 Characteristics;
470	} IMAGE_TLS_DIRECTORY64;
471	typedef IMAGE_TLS_DIRECTORY64 *PIMAGE_TLS_DIRECTORY64;
472
473
474	#pragma pack()
475
476	#endif
477

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: trunk/kStuff/kLdr/kLdrModPE.h@ 3567

Download in other formats: