Changeset 2963 for trunk/kLdr/kLdrModMachO.c

Timestamp:

Feb 13, 2007, 9:40:28 AM (19 years ago)

Author:

bird

Message:

Implemented generic fixups for 32-bit symbol tables.

File:

• trunk/kLdr/kLdrModMachO.c (modified) (46 diffs)

trunk/kLdr/kLdrModMachO.c

@@ -64 +64 @@
     /** The RVA of this section. */
     KLDRADDR                RVA;
-    /** The file offset of this section. 
+    /** The file offset of this section.
      * This is -1 if the section doesn't have a file backing. */
     off_t                   offFile;
@@ -71 +71 @@
     /** The array of fixups. (lazy loaded) */
     macho_relocation_info_t *paFixups;
-    /** The file offset of the fixups for this section. 
+    /** The file offset of the fixups for this section.
      * This is -1 if the section doesn't have any fixups. */
     off_t                   offFixups;
@@ -79 +79 @@
     uint32_t                iSegment;
     /** Pointer to the Mach-O section structure. */
-    void                   *pvMachoSection;                                      
+    void                   *pvMachoSection;
 } KLDRMODMACHOSECT, *PKLDRMODMACHOSECT;
 
 /**
  * Extra per-segment info.
- * 
+ *
  * This is corresponds to a kLdr segment, not a Mach-O segment!
  */
@@ -91 +91 @@
     /** The number of sections in the segment. */
     uint32_t                cSections;
-    /** Pointer to the sections belonging to this segment. 
-     * The array resides in the big memory chunk allocated for 
+    /** Pointer to the sections belonging to this segment.
+     * The array resides in the big memory chunk allocated for
      * the module handle, so it doesn't need freeing. */
     PKLDRMODMACHOSECT       paSections;
@@ -167 +167 @@
 static int  kldrModMachOLoadObjSymTab(PKLDRMODMACHO pModMachO);
 static int  kldrModMachOLoadFixups(PKLDRMODMACHO pModMachO, off_t offFixups, uint32_t cFixups, void **pvFixups);
+static int  kldrModMachOMapVirginBits(PKLDRMODMACHO pModMachO);
 
 static int  kldrModMachODoQuerySymbol32Bit(PKLDRMODMACHO pModMachO, const macho_nlist_32_t *paSyms, uint32_t cSyms, const char *pchStrings,
-                                           uint32_t cchStrings, KLDRADDR BaseAddress, uint32_t iSymbol, const char *pchSymbol, 
+                                           uint32_t cchStrings, KLDRADDR BaseAddress, uint32_t iSymbol, const char *pchSymbol,
                                            size_t cchSymbol, PKLDRADDR puValue, uint32_t *pfKind);
-static int  kldrModMachODoEnumSymbols32Bit(PKLDRMODMACHO pModMachO, const macho_nlist_32_t *paSyms, uint32_t cSyms, 
+static int  kldrModMachODoEnumSymbols32Bit(PKLDRMODMACHO pModMachO, const macho_nlist_32_t *paSyms, uint32_t cSyms,
                                            const char *pchStrings, uint32_t cchStrings, KLDRADDR BaseAddress,
                                            uint32_t fFlags, PFNKLDRMODENUMSYMS pfnCallback, void *pvUser);
 static int  kldrModMachOObjDoImports(PKLDRMODMACHO pModMachO, PFNKLDRMODGETIMPORT pfnGetImport, void *pvUser);
 static int  kldrModMachOObjDoFixups(PKLDRMODMACHO pModMachO, void *pvMapping, KLDRADDR NewBaseAddress);
-static int  kldrModMachOObjFixupSectionGeneric(PKLDRMODMACHO pModMachO, uint8_t *pbSectBits, size_t cbSectBits, 
-                                               off_t offFile, const macho_relocation_info_t *paRelocs, uint32_t cRelocs,
-                                               KLDRADDR NewBaseAddress);
+static int  kldrModMachOFixupSectionGeneric32Bit(PKLDRMODMACHO pModMachO, uint8_t *pbSectBits, PKLDRMODMACHOSECT pFixupSect,
+                                                 macho_nlist_32_t *paSyms, uint32_t cSyms, KLDRADDR NewBaseAddress);
 
 /*static int  kldrModMachODoFixups(PKLDRMODMACHO pModMachO, void *pvMapping, KLDRADDR NewBaseAddress, KLDRADDR OldBaseAddress);
@@ -297 +297 @@
      */
     cchFilename = kLdrHlpStrLen(kLdrRdrName(pRdr));
-    cb = KLDR_ALIGN_Z(  KLDR_OFFSETOF(KLDRMODMACHO, aSegments[cSegments]) 
+    cb = KLDR_ALIGN_Z(  KLDR_OFFSETOF(KLDRMODMACHO, aSegments[cSegments])
                       + sizeof(KLDRMODMACHOSECT) * cSections, 16)
        + KLDR_OFFSETOF(KLDRMOD, aSegments[cSegments])
@@ -524 +524 @@
                 cSegmentCommands++;
 
-                /* 
-                 * convert, validate and parse the sections. 
+                /*
+                 * convert, validate and parse the sections.
                  */
                 cSectionsLeft = u.pSeg32->nsects;
@@ -556 +556 @@
                         case S_REGULAR:
                         case S_CSTRING_LITERALS:
+                        case S_COALESCED:
                             if (pSect->reserved1 || pSect->reserved2)
                                 return KLDR_ERR_MACHO_BAD_SECTION;
@@ -570 +571 @@
                         case S_16BYTE_LITERALS:
                         case S_SYMBOL_STUBS:
-                        case S_COALESCED:
                         case S_MOD_INIT_FUNC_POINTERS:
                         case S_MOD_TERM_FUNC_POINTERS:
@@ -583 +583 @@
                                          | S_ATTR_LOC_RELOC | SECTION_TYPE))
                         return KLDR_ERR_MACHO_BAD_SECTION;
-                    if (!pSect->size)
-                        return KLDR_ERR_MACHO_BAD_SECTION;
                     if (    pSect->addr - u.pSeg32->vmaddr > u.pSeg32->vmsize
                         ||  pSect->addr - u.pSeg32->vmaddr + pSect->size > u.pSeg32->vmsize)
@@ -592 +590 @@
                         ||  (((1 << pSect->align) - 1) & u.pSeg32->vmaddr))
                         return KLDR_ERR_MACHO_BAD_SECTION;
-                    if (    fFileBits 
+                    if (    fFileBits
                         &&  (   pSect->offset > cbFile
                              || (uint64_t)pSect->offset + pSect->size > cbFile))
@@ -600 +598 @@
                     if (!pSect->nreloc && pSect->reloff)
                         return KLDR_ERR_MACHO_BAD_SECTION;
-                    if (    pSect->nreloc 
+                    if (    pSect->nreloc
                         &&  (   pSect->reloff > cbFile
                              || (uint64_t)pSect->reloff + (off_t)pSect->nreloc * sizeof(macho_relocation_info_t)) > cbFile)
@@ -647 +645 @@
 
             /*case LC_SEGMENT_64:
-                 copy 32-bit code 
+                 copy 32-bit code
                 break;
             */
@@ -665 +663 @@
                 cbSym = pHdr->magic == IMAGE_MACHO32_SIGNATURE
                      || pHdr->magic == IMAGE_MACHO32_SIGNATURE_OE
-                      ? sizeof(macho_nlist_32_t) 
+                      ? sizeof(macho_nlist_32_t)
                       : sizeof(macho_nlist_64_t);
                 if (    u.pSymTab->symoff >= cbFile
@@ -681 +679 @@
                 break;
             }
+
+            case LC_DYSYMTAB:
+                /** @todo deal with this! */
+                break;
 
             case LC_THREAD:
@@ -727 +729 @@
             case LC_FVMFILE:
             case LC_PREPAGE:
-            case LC_DYSYMTAB:
             case LC_LOAD_DYLIB:
             case LC_ID_DYLIB:
@@ -820 +821 @@
                 pModMachO->LinkAddress = u.pSeg32->vmaddr;
 
-                /* 
-                 * convert, validate and parse the sections. 
+                /*
+                 * convert, validate and parse the sections.
                  */
                 cSectionsLeft = u.pSeg32->nsects;
@@ -888 +889 @@
                                     return KLDR_ERR_MACHO_BAD_SECTION; /** @todo move up! */
 
-                                /* If there are file bits, ensure they are in the current flow. 
+                                /* If there are file bits, ensure they are in the current flow.
                                    (yes, we are very very careful here, I know.) */
-                                if (    pSect->offset 
+                                if (    pSect->offset
                                     &&  pSeg[-1].cbFile == pSeg[-1].cb)
                                 {
@@ -899 +900 @@
                                     if (fOk)
                                         pSeg[-1].cbFile = (off_t)(pSect->addr - pSeg[-1].LinkAddress) + pSect->size;
-                                    else 
+                                    else
                                     {
-                                        
+
                                         pSeg[-1].cbFile = pSeg[-1].offFile = -1;
                                         pModMachO->fMapUsingLoadCommandSections = 1;
@@ -947 +948 @@
         pSegExtra[-1].cSections = pSectExtra - pSegExtra[-1].paSections;
 
-    /* 
+    /*
      * Adjust mapping addresses calculating the image size.
      */
@@ -1055 +1056 @@
      * Refuse segmented requests for now.
      */
-    if (    pfKind 
+    if (    pfKind
         &&  (*pfKind & KLDRSYMKIND_REQ_TYPE_MASK) != KLDRSYMKIND_REQ_FLAT)
         return KLDR_ERR_TODO;
@@ -1069 +1070 @@
             if (    pModMachO->Hdr.magic == IMAGE_MACHO32_SIGNATURE
                 ||  pModMachO->Hdr.magic == IMAGE_MACHO32_SIGNATURE_OE)
-                rc = kldrModMachODoQuerySymbol32Bit(pModMachO, (macho_nlist_32_t *)pModMachO->pvaSymbols, pModMachO->cSymbols, 
-                                                    pModMachO->pchStrings, pModMachO->cchStrings, BaseAddress, iSymbol, pchSymbol, 
+                rc = kldrModMachODoQuerySymbol32Bit(pModMachO, (macho_nlist_32_t *)pModMachO->pvaSymbols, pModMachO->cSymbols,
+                                                    pModMachO->pchStrings, pModMachO->cchStrings, BaseAddress, iSymbol, pchSymbol,
                                                     cchSymbol, puValue, pfKind);
             else
                 rc = KLDR_ERR_TODO; /** @todo duplicate kldrModMachOQuerySymbol32 for parsing 64-bit symbols when everything is working. */
-                /*rc = kldrModMachODoQuerySymbol64Bit(pModMachO, (macho_nlist_64_t *)pModMachO->pvaSymbols, pModMachO->cSymbols, 
-                                                    pModMachO->pchStrings, pModMachO->cchStrings, BaseAddress, iSymbol, pchSymbol, 
+                /*rc = kldrModMachODoQuerySymbol64Bit(pModMachO, (macho_nlist_64_t *)pModMachO->pvaSymbols, pModMachO->cSymbols,
+                                                    pModMachO->pchStrings, pModMachO->cchStrings, BaseAddress, iSymbol, pchSymbol,
                                                     cchSymbol, puValue, pfKind);*/
 
@@ -1090 +1091 @@
 /**
  * Lookup a symbol in a 32-bit symbol table.
- * 
+ *
  * @returns See kLdrModQuerySymbol.
- * @param   pModMachO   
+ * @param   pModMachO
  * @param   paSyms      Pointer to the symbol table.
  * @param   cSyms       Number of symbols in the table.
  * @param   pchStrings  Pointer to the string table.
  * @param   cchStrings  Size of the string table.
- * @param   BaseAddress Adjusted base address, see kLdrModQuerySymbol. 
+ * @param   BaseAddress Adjusted base address, see kLdrModQuerySymbol.
  * @param   iSymbol     See kLdrModQuerySymbol.
  * @param   pchSymbol   See kLdrModQuerySymbol.
@@ -1118 +1119 @@
         cchStrings -= cchSymbol;
 
-        for (iSymbol = 0; iSymbol < cSyms; iSymbol++)
+        /* external symbols are usually at the end, so search the other way. */
+        for (iSymbol = cSyms - 1; iSymbol != UINT32_MAX; iSymbol--)
         {
             const char *psz;
@@ -1131 +1133 @@
             if (paSyms[iSymbol].n_type & MACHO_N_PEXT) /*??*/
                 continue;
-            
+
             /* get name */
-            if (!paSyms[iSymbol].n_un.n_strx) 
+            if (!paSyms[iSymbol].n_un.n_strx)
                 continue;
             if ((uint32_t)paSyms[iSymbol].n_un.n_strx >= cchStrings)
@@ -1146 +1148 @@
             break;
         }
-        if (iSymbol >= cSyms)
+        if (iSymbol == UINT32_MAX)
             return KLDR_ERR_SYMBOL_NOT_FOUND;
     }
@@ -1159 +1161 @@
     }
 
-    /* 
+    /*
      * Calc the return values.
      */
     if (pfKind)
     {
-        if (    pModMachO->Hdr.magic == IMAGE_MACHO32_SIGNATURE 
+        if (    pModMachO->Hdr.magic == IMAGE_MACHO32_SIGNATURE
             ||  pModMachO->Hdr.magic == IMAGE_MACHO32_SIGNATURE_OE)
             *pfKind = KLDRSYMKIND_32BIT | KLDRSYMKIND_NO_TYPE;
@@ -1189 +1191 @@
                 *puValue = RVA + BaseAddress;
 
-            if (    pfKind 
+            if (    pfKind
                 &&  (pSect->fFlags & (S_ATTR_PURE_INSTRUCTIONS | S_ATTR_SELF_MODIFYING_CODE)))
                 *pfKind = (*pfKind & ~KLDRSYMKIND_TYPE_MASK) | KLDRSYMKIND_CODE;
@@ -1238 +1240 @@
             if (    pModMachO->Hdr.magic == IMAGE_MACHO32_SIGNATURE
                 ||  pModMachO->Hdr.magic == IMAGE_MACHO32_SIGNATURE_OE)
-                rc = kldrModMachODoEnumSymbols32Bit(pModMachO, (macho_nlist_32_t *)pModMachO->pvaSymbols, pModMachO->cSymbols, 
-                                                    pModMachO->pchStrings, pModMachO->cchStrings, BaseAddress, 
+                rc = kldrModMachODoEnumSymbols32Bit(pModMachO, (macho_nlist_32_t *)pModMachO->pvaSymbols, pModMachO->cSymbols,
+                                                    pModMachO->pchStrings, pModMachO->cchStrings, BaseAddress,
                                                     fFlags, pfnCallback, pvUser);
             else
                 rc = KLDR_ERR_TODO; /** @todo duplicate kldrModMachOQuerySymbol32 for parsing 64-bit symbols when everything is working. */
-                /*rc = kldrModMachODoEnumSymbols32Bit(pModMachO, (macho_nlist_32_t *)pModMachO->pvaSymbols, pModMachO->cSymbols, 
+                /*rc = kldrModMachODoEnumSymbols32Bit(pModMachO, (macho_nlist_32_t *)pModMachO->pvaSymbols, pModMachO->cSymbols,
                                                     pModMachO->pchStrings, pModMachO->cchStrings, BaseAddress, pfnCallback, pvUser);*/
         }
@@ -1256 +1258 @@
 /**
  * Enum a 32-bit symbol table.
- * 
+ *
  * @returns See kLdrModQuerySymbol.
- * @param   pModMachO   
+ * @param   pModMachO
  * @param   paSyms      Pointer to the symbol table.
  * @param   cSyms       Number of symbols in the table.
  * @param   pchStrings  Pointer to the string table.
  * @param   cchStrings  Size of the string table.
- * @param   BaseAddress Adjusted base address, see kLdrModEnumSymbols. 
+ * @param   BaseAddress Adjusted base address, see kLdrModEnumSymbols.
  * @param   fFlags      See kLdrModEnumSymbols.
  * @param   pfnCallback See kLdrModEnumSymbols.
  * @param   pvUser      See kLdrModEnumSymbols.
  */
-static int kldrModMachODoEnumSymbols32Bit(PKLDRMODMACHO pModMachO, const macho_nlist_32_t *paSyms, uint32_t cSyms, 
+static int kldrModMachODoEnumSymbols32Bit(PKLDRMODMACHO pModMachO, const macho_nlist_32_t *paSyms, uint32_t cSyms,
                                           const char *pchStrings, uint32_t cchStrings, KLDRADDR BaseAddress,
                                           uint32_t fFlags, PFNKLDRMODENUMSYMS pfnCallback, void *pvUser)
@@ -1301 +1303 @@
             if (paSyms[iSym].n_type & MACHO_N_PEXT) /*??*/
                 continue;
-            if (!paSyms[iSym].n_un.n_strx) 
+            if (!paSyms[iSym].n_un.n_strx)
                 continue;
         }
 
-        /* 
-         * Gather symbol info 
+        /*
+         * Gather symbol info
          */
 
@@ -1679 +1681 @@
      * Resolve imports and apply base relocations.
      */
-    rc = kldrModMachORelocateBits(pMod, pModMachO->pvMapping, (uintptr_t)pModMachO->pvMapping, pModMachO->LinkAddress, 
+    rc = kldrModMachORelocateBits(pMod, pModMachO->pvMapping, (uintptr_t)pModMachO->pvMapping, pModMachO->LinkAddress,
                                   pfnGetImport, pvUser);
 
@@ -1720 +1722 @@
      * We currently ignore REFERENCE_TYPE.
      */
-    if (    pModMachO->Hdr.magic == IMAGE_MACHO32_SIGNATURE 
+    if (    pModMachO->Hdr.magic == IMAGE_MACHO32_SIGNATURE
         ||  pModMachO->Hdr.magic == IMAGE_MACHO32_SIGNATURE_OE)
     {
@@ -1735 +1737 @@
                 size_t cchSymbol;
                 uint32_t fKind = KLDRSYMKIND_REQ_FLAT;
-                KLDRADDR Value; 
+                KLDRADDR Value;
 
                 /** @todo Implement N_REF_TO_WEAK. */
@@ -1783 +1785 @@
                 size_t cchSymbol;
                 uint32_t fKind = KLDRSYMKIND_REQ_FLAT;
-                KLDRADDR Value; 
+                KLDRADDR Value;
 
                 /** @todo Implement N_REF_TO_WEAK. */
@@ -1834 +1836 @@
     uint32_t iSeg;
     int rc;
-    int (*pfnFixupSection)(PKLDRMODMACHO, uint8_t *, size_t, off_t, const macho_relocation_info_t *, uint32_t, KLDRADDR);
 
 
@@ -1847 +1848 @@
      * Iterate over the segments and their sections and apply fixups.
      */
-    pfnFixupSection = NULL;
     for (iSeg = rc = 0; !rc && iSeg < pModMachO->pMod->cSegments; iSeg++)
     {
@@ -1873 +1873 @@
              * Apply the fixups.
              */
-            if (!pfnFixupSection)
-            {
-                /* determin the function for applying fixups. */
-                if (    pModMachO->Hdr.magic == IMAGE_MACHO32_SIGNATURE
-                    ||  pModMachO->Hdr.magic == IMAGE_MACHO64_SIGNATURE)
-                    pfnFixupSection = kldrModMachOObjFixupSectionGeneric;
-                else
-                {
-                    rc = KLDR_ERR_TODO; /* save space for now. */
-                    break;
-                }
-            }
-
             pbSectBits = (uint8_t *)pvMapping + (uintptr_t)pSect->RVA;
-            rc = pfnFixupSection(pModMachO, pbSectBits, (size_t)pSect->cb, pSect->offFile,
-                                 pSect->paFixups, pSect->cFixups, NewBaseAddress);
+            if (pModMachO->Hdr.magic == IMAGE_MACHO32_SIGNATURE) /** @todo this aint right. */
+                rc = kldrModMachOFixupSectionGeneric32Bit(pModMachO, pbSectBits, pSect,
+                                                          (macho_nlist_32_t *)pModMachO->pvaSymbols,
+                                                          pModMachO->cSymbols, NewBaseAddress);
+            else
+                rc = KLDR_ERR_TODO; /* save space for now. */
             if (rc)
                 break;
@@ -1898 +1889 @@
 
 
-static int  kldrModMachOObjFixupSectionGeneric(PKLDRMODMACHO pModMachO, uint8_t *pbSectBits, size_t cbSectBits, 
-                                               off_t offFile, const macho_relocation_info_t *paRelocs, uint32_t cRelocs,
-                                               KLDRADDR NewBaseAddress)
-{
+/**
+ * Applies generic fixups to a section in an image of the same endian-ness
+ * as the host CPU.
+ *
+ * @returns 0 on success, non-zero kLdr status code on failure.
+ * @param   pModMachO       The Mach-O module interpreter instance.
+ * @param   pbSectBits      Pointer to the section bits.
+ * @param   pFixupSect      The section being fixed up.
+ * @param   NewBaseAddress  The new base image address.
+ */
+static int  kldrModMachOFixupSectionGeneric32Bit(PKLDRMODMACHO pModMachO, uint8_t *pbSectBits, PKLDRMODMACHOSECT pFixupSect,
+                                                 macho_nlist_32_t *paSyms, uint32_t cSyms, KLDRADDR NewBaseAddress)
+{
+    const macho_relocation_info_t *paFixups = pFixupSect->paFixups;
+    const uint32_t cFixups = pFixupSect->cFixups;
+    size_t cbSectBits = (size_t)pFixupSect->cb;
+    const uint8_t *pbSectVirginBits;
+    uint32_t iFixup;
+    KLDRPU uFixVirgin;
+    KLDRPU uFix;
+    KLDRADDR SymAddr;
+    int rc;
+
+    /*
+     * Find the virgin bits.
+     */
+    if (pFixupSect->offFile != -1)
+    {
+        rc = kldrModMachOMapVirginBits(pModMachO);
+        if (rc)
+            return rc;
+        pbSectVirginBits = (const uint8_t *)pModMachO->pvBits + pFixupSect->offFile;
+    }
+    else
+        pbSectVirginBits = NULL;
+
+    /*
+     * Iterate the fixups and apply them.
+     */
+    for (iFixup = 0; iFixup < cFixups; iFixup++)
+    {
+        union
+        {
+            macho_relocation_info_t     r;
+            scattered_relocation_info_t s;
+        } Fixup;
+        Fixup.r = paFixups[iFixup];
+
+        if (!(Fixup.r.r_address & R_SCATTERED))
+        {
+            /* sanity */
+            if ((uint32_t)Fixup.r.r_address >= cbSectBits)
+                return KLDR_ERR_BAD_FIXUP;
+
+            /* calc fixup addresses. */
+            uFix.pv = pbSectBits + Fixup.r.r_address;
+            uFixVirgin.pv = pbSectVirginBits ? (uint8_t *)pbSectVirginBits + Fixup.r.r_address : 0;
+
+            /*
+             * Calc the symbol value.
+             */
+            /* The addend is stored in the code. */
+            /** @todo Deal with unaligned accesses on non x86 platforms. */
+            switch (Fixup.r.r_length)
+            {
+                case 0: SymAddr = *uFixVirgin.pi8; break;
+                case 1: SymAddr = *uFixVirgin.pi16; break;
+                case 2: SymAddr = *uFixVirgin.pi32; break;
+                case 3: SymAddr = *uFixVirgin.pi64; break;
+            }
+
+            /* Add symbol / section address. */
+            if (Fixup.r.r_extern)
+            {
+                const macho_nlist_32_t *pSym;
+                if (Fixup.r.r_symbolnum >= cSyms)
+                    return KLDR_ERR_BAD_FIXUP;
+                pSym = &paSyms[Fixup.r.r_symbolnum];
+
+                if (pSym->n_type & MACHO_N_STAB)
+                    return KLDR_ERR_BAD_FIXUP;
+
+                switch (pSym->n_type & MACHO_N_TYPE)
+                {
+                    case MACHO_N_SECT:
+                    {
+                        PKLDRMODMACHOSECT pSymSect;
+                        if ((uint32_t)pSym->n_sect - 1 > pModMachO->cSections)
+                            return KLDR_ERR_MACHO_BAD_SYMBOL;
+                        pSymSect = &pModMachO->paSections[pSym->n_sect - 1];
+
+                        SymAddr += pSym->n_value - pModMachO->LinkAddress + pSymSect->RVA;
+                        break;
+                    }
+
+                    case MACHO_N_UNDF:
+                    case MACHO_N_ABS:
+                        SymAddr += pSym->n_value;
+                        break;
+
+                    case MACHO_N_INDR:
+                    case MACHO_N_PBUD:
+                        return KLDR_ERR_TODO;
+                    default:
+                        return KLDR_ERR_MACHO_BAD_SYMBOL;
+                }
+            }
+            else if (Fixup.r.r_symbolnum != R_ABS)
+            {
+                PKLDRMODMACHOSECT pSymSect;
+                if (Fixup.r.r_symbolnum > pModMachO->cSections)
+                    return KLDR_ERR_BAD_FIXUP;
+                pSymSect = &pModMachO->paSections[Fixup.r.r_symbolnum - 1];
+                SymAddr += NewBaseAddress + pSymSect->RVA;
+            }
+
+            /* adjust for PC relative */
+            if (Fixup.r.r_pcrel)
+                SymAddr -= Fixup.r.r_address + pFixupSect->RVA + NewBaseAddress;
+        }
+        else
+        {
+            PKLDRMODMACHOSECT pSymSect;
+            uint32_t iSymSect;
+            KLDRADDR Value;
+
+            /* sanity */
+            KLDRMODMACHO_ASSERT(Fixup.s.r_scattered);
+            if ((uint32_t)Fixup.s.r_address >= cbSectBits)
+                return KLDR_ERR_BAD_FIXUP;
+
+            /* calc fixup addresses. */
+            uFix.pv = pbSectBits + Fixup.s.r_address;
+            uFixVirgin.pv = pbSectVirginBits ? (uint8_t *)pbSectVirginBits + Fixup.s.r_address : 0;
+
+            /*
+             * Calc the symbol value.
+             */
+            /* The addend is stored in the code. */
+            switch (Fixup.s.r_length)
+            {
+                case 0: SymAddr = *uFixVirgin.pi8; break;
+                case 1: SymAddr = *uFixVirgin.pi16; break;
+                case 2: SymAddr = *uFixVirgin.pi32; break;
+                case 3: SymAddr = *uFixVirgin.pi64; break;
+            }
+
+            /* Calc the section number from the r_value and adjust the value. */
+            pSymSect = NULL;
+            Value = Fixup.s.r_value - pModMachO->LinkAddress;
+            for (iSymSect = 0; iSymSect < pModMachO->cSections; iSymSect++)
+            {
+                KLDRADDR off = Value - pModMachO->paSections[iSymSect].RVA;
+                if (off < pModMachO->paSections[iSymSect].cb)
+                {
+                    pSymSect = &pModMachO->paSections[iSymSect];
+                    break;
+                }
+                else if (off == pModMachO->paSections[iSymSect].cb) /* edge case */
+                    pSymSect = &pModMachO->paSections[iSymSect];
+            }
+            if (!pSymSect)
+                return KLDR_ERR_BAD_FIXUP;
+
+            /** @todo this looking up of the r_value section isn't strictly required unless we're going to remove sections from the link. */
+            SymAddr += NewBaseAddress + pSymSect->RVA + (Value - pSymSect->RVA);
+
+            /* adjust for PC relative */
+            if (Fixup.s.r_pcrel)
+                SymAddr -= Fixup.s.r_address + pFixupSect->RVA + NewBaseAddress;
+
+            Fixup.r.r_length = ((scattered_relocation_info_t *)&paFixups[iFixup])->r_length;
+            Fixup.r.r_type   = ((scattered_relocation_info_t *)&paFixups[iFixup])->r_type;
+        }
+
+        /*
+         * Write back the fixed up value.
+         */
+        if (Fixup.r.r_type == GENERIC_RELOC_VANILLA)
+        {
+            switch (Fixup.r.r_length)
+            {
+                case 0: *uFix.pu8  = (uint8_t)SymAddr; break;
+                case 1: *uFix.pu16 = (uint16_t)SymAddr; break;
+                case 2: *uFix.pu32 = (uint32_t)SymAddr; break;
+                case 3: *uFix.pu64 = (uint64_t)SymAddr; break;
+            }
+        }
+        else if (Fixup.r.r_type <= GENERIC_RELOC_LOCAL_SECTDIFF)
+            return KLDR_ERR_TODO;
+        else
+            return KLDR_ERR_BAD_FIXUP;
+    }
 
     return 0;
@@ -1909 +2089 @@
 /**
  * Loads the symbol table for a MH_OBJECT file.
- * 
+ *
  * The symbol table is pointed to by KLDRMODMACHO::pvaSymbols.
- * 
+ *
  * @returns 0 on success, non-zero kLdr status code on failure.
- * @param   pModMachO       The Mach-O module interpret instance.
+ * @param   pModMachO       The Mach-O module interpreter instance.
  */
 static int  kldrModMachOLoadObjSymTab(PKLDRMODMACHO pModMachO)
@@ -1919 +2099 @@
     int rc = 0;
 
-    if (    !pModMachO->pvaSymbols 
+    if (    !pModMachO->pvaSymbols
         &&  pModMachO->cSymbols)
     {
@@ -1958 +2138 @@
                     pModMachO->pvaSymbols = pvSyms;
                     pModMachO->pchStrings = (char *)pvStrings;
-    
+
                     /* perform endian conversion? */
                     if (pModMachO->Hdr.magic == IMAGE_MACHO32_SIGNATURE_OE)
@@ -1971 +2151 @@
                             pSym++;
                         }
-                    } 
+                    }
                     else if (pModMachO->Hdr.magic == IMAGE_MACHO64_SIGNATURE_OE)
                     {
@@ -2000 +2180 @@
 
 /**
- * Loads the fixups at the given address and performs endian 
+ * Loads the fixups at the given address and performs endian
  * conversion if necessary.
- * 
+ *
  * @returns 0 on success, non-zero kLdr status code on failure.
- * @param   pModMachO       The Mach-O module interpret instance.
+ * @param   pModMachO       The Mach-O module interpreter instance.
  * @param   offFixups       The file offset of the fixups.
  * @param   cFixups         The number of fixups to load.
@@ -2030 +2210 @@
 
         /* do endian conversion if necessary. */
-        if (    pModMachO->Hdr.magic == IMAGE_MACHO32_SIGNATURE_OE 
+        if (    pModMachO->Hdr.magic == IMAGE_MACHO32_SIGNATURE_OE
             ||  pModMachO->Hdr.magic == IMAGE_MACHO64_SIGNATURE_OE)
         {
@@ -2044 +2224 @@
     else
         kldrHlpFree(paFixups);
+    return rc;
+}
+
+
+/**
+ * Maps the virgin file bits into memory if not already done.
+ *
+ * @returns 0 on success, non-zero kLdr status code on failure.
+ * @param   pModMachO       The Mach-O module interpreter instance.
+ */
+static int kldrModMachOMapVirginBits(PKLDRMODMACHO pModMachO)
+{
+    int rc = 0;
+    if (!pModMachO->pvBits)
+        rc = kLdrRdrAllMap(pModMachO->pMod->pRdr, &pModMachO->pvBits);
     return rc;
 }