2 * Portable Executable binary format structures
4 * Copyright (c) 2016 Alexander Graf
8 * SPDX-License-Identifier: GPL-2.0+
14 typedef struct _IMAGE_DOS_HEADER
{
15 uint16_t e_magic
; /* 00: MZ Header signature */
16 uint16_t e_cblp
; /* 02: Bytes on last page of file */
17 uint16_t e_cp
; /* 04: Pages in file */
18 uint16_t e_crlc
; /* 06: Relocations */
19 uint16_t e_cparhdr
; /* 08: Size of header in paragraphs */
20 uint16_t e_minalloc
; /* 0a: Minimum extra paragraphs needed */
21 uint16_t e_maxalloc
; /* 0c: Maximum extra paragraphs needed */
22 uint16_t e_ss
; /* 0e: Initial (relative) SS value */
23 uint16_t e_sp
; /* 10: Initial SP value */
24 uint16_t e_csum
; /* 12: Checksum */
25 uint16_t e_ip
; /* 14: Initial IP value */
26 uint16_t e_cs
; /* 16: Initial (relative) CS value */
27 uint16_t e_lfarlc
; /* 18: File address of relocation table */
28 uint16_t e_ovno
; /* 1a: Overlay number */
29 uint16_t e_res
[4]; /* 1c: Reserved words */
30 uint16_t e_oemid
; /* 24: OEM identifier (for e_oeminfo) */
31 uint16_t e_oeminfo
; /* 26: OEM information; e_oemid specific */
32 uint16_t e_res2
[10]; /* 28: Reserved words */
33 uint32_t e_lfanew
; /* 3c: Offset to extended header */
34 } IMAGE_DOS_HEADER
, *PIMAGE_DOS_HEADER
;
36 #define IMAGE_DOS_SIGNATURE 0x5A4D /* MZ */
37 #define IMAGE_NT_SIGNATURE 0x00004550 /* PE00 */
39 #define IMAGE_FILE_MACHINE_ARM 0x01c0
40 #define IMAGE_FILE_MACHINE_THUMB 0x01c2
41 #define IMAGE_FILE_MACHINE_ARMNT 0x01c4
42 #define IMAGE_FILE_MACHINE_AMD64 0x8664
43 #define IMAGE_FILE_MACHINE_ARM64 0xaa64
44 #define IMAGE_NT_OPTIONAL_HDR32_MAGIC 0x10b
45 #define IMAGE_NT_OPTIONAL_HDR64_MAGIC 0x20b
46 #define IMAGE_SUBSYSTEM_EFI_APPLICATION 10
48 typedef struct _IMAGE_FILE_HEADER
{
50 uint16_t NumberOfSections
;
51 uint32_t TimeDateStamp
;
52 uint32_t PointerToSymbolTable
;
53 uint32_t NumberOfSymbols
;
54 uint16_t SizeOfOptionalHeader
;
55 uint16_t Characteristics
;
56 } IMAGE_FILE_HEADER
, *PIMAGE_FILE_HEADER
;
58 typedef struct _IMAGE_DATA_DIRECTORY
{
59 uint32_t VirtualAddress
;
61 } IMAGE_DATA_DIRECTORY
, *PIMAGE_DATA_DIRECTORY
;
63 #define IMAGE_NUMBEROF_DIRECTORY_ENTRIES 16
65 /* PE32+ Subsystem type for EFI images */
66 #define IMAGE_SUBSYSTEM_EFI_APPLICATION 10
67 #define IMAGE_SUBSYSTEM_EFI_BOOT_SERVICE_DRIVER 11
68 #define IMAGE_SUBSYSTEM_EFI_RUNTIME_DRIVER 12
69 #define IMAGE_SUBSYSTEM_SAL_RUNTIME_DRIVER 13
71 typedef struct _IMAGE_OPTIONAL_HEADER64
{
72 uint16_t Magic
; /* 0x20b */
73 uint8_t MajorLinkerVersion
;
74 uint8_t MinorLinkerVersion
;
76 uint32_t SizeOfInitializedData
;
77 uint32_t SizeOfUninitializedData
;
78 uint32_t AddressOfEntryPoint
;
81 uint32_t SectionAlignment
;
82 uint32_t FileAlignment
;
83 uint16_t MajorOperatingSystemVersion
;
84 uint16_t MinorOperatingSystemVersion
;
85 uint16_t MajorImageVersion
;
86 uint16_t MinorImageVersion
;
87 uint16_t MajorSubsystemVersion
;
88 uint16_t MinorSubsystemVersion
;
89 uint32_t Win32VersionValue
;
91 uint32_t SizeOfHeaders
;
94 uint16_t DllCharacteristics
;
95 uint64_t SizeOfStackReserve
;
96 uint64_t SizeOfStackCommit
;
97 uint64_t SizeOfHeapReserve
;
98 uint64_t SizeOfHeapCommit
;
100 uint32_t NumberOfRvaAndSizes
;
101 IMAGE_DATA_DIRECTORY DataDirectory
[IMAGE_NUMBEROF_DIRECTORY_ENTRIES
];
102 } IMAGE_OPTIONAL_HEADER64
, *PIMAGE_OPTIONAL_HEADER64
;
104 typedef struct _IMAGE_NT_HEADERS64
{
106 IMAGE_FILE_HEADER FileHeader
;
107 IMAGE_OPTIONAL_HEADER64 OptionalHeader
;
108 } IMAGE_NT_HEADERS64
, *PIMAGE_NT_HEADERS64
;
110 typedef struct _IMAGE_OPTIONAL_HEADER
{
112 /* Standard fields */
114 uint16_t Magic
; /* 0x10b or 0x107 */ /* 0x00 */
115 uint8_t MajorLinkerVersion
;
116 uint8_t MinorLinkerVersion
;
118 uint32_t SizeOfInitializedData
;
119 uint32_t SizeOfUninitializedData
;
120 uint32_t AddressOfEntryPoint
; /* 0x10 */
124 /* NT additional fields */
127 uint32_t SectionAlignment
; /* 0x20 */
128 uint32_t FileAlignment
;
129 uint16_t MajorOperatingSystemVersion
;
130 uint16_t MinorOperatingSystemVersion
;
131 uint16_t MajorImageVersion
;
132 uint16_t MinorImageVersion
;
133 uint16_t MajorSubsystemVersion
; /* 0x30 */
134 uint16_t MinorSubsystemVersion
;
135 uint32_t Win32VersionValue
;
136 uint32_t SizeOfImage
;
137 uint32_t SizeOfHeaders
;
138 uint32_t CheckSum
; /* 0x40 */
140 uint16_t DllCharacteristics
;
141 uint32_t SizeOfStackReserve
;
142 uint32_t SizeOfStackCommit
;
143 uint32_t SizeOfHeapReserve
; /* 0x50 */
144 uint32_t SizeOfHeapCommit
;
145 uint32_t LoaderFlags
;
146 uint32_t NumberOfRvaAndSizes
;
147 IMAGE_DATA_DIRECTORY DataDirectory
[IMAGE_NUMBEROF_DIRECTORY_ENTRIES
]; /* 0x60 */
149 } IMAGE_OPTIONAL_HEADER32
, *PIMAGE_OPTIONAL_HEADER32
;
151 typedef struct _IMAGE_NT_HEADERS
{
152 uint32_t Signature
; /* "PE"\0\0 */ /* 0x00 */
153 IMAGE_FILE_HEADER FileHeader
; /* 0x04 */
154 IMAGE_OPTIONAL_HEADER32 OptionalHeader
; /* 0x18 */
155 } IMAGE_NT_HEADERS32
, *PIMAGE_NT_HEADERS32
;
157 #define IMAGE_SIZEOF_SHORT_NAME 8
159 typedef struct _IMAGE_SECTION_HEADER
{
160 uint8_t Name
[IMAGE_SIZEOF_SHORT_NAME
];
162 uint32_t PhysicalAddress
;
163 uint32_t VirtualSize
;
165 uint32_t VirtualAddress
;
166 uint32_t SizeOfRawData
;
167 uint32_t PointerToRawData
;
168 uint32_t PointerToRelocations
;
169 uint32_t PointerToLinenumbers
;
170 uint16_t NumberOfRelocations
;
171 uint16_t NumberOfLinenumbers
;
172 uint32_t Characteristics
;
173 } IMAGE_SECTION_HEADER
, *PIMAGE_SECTION_HEADER
;
175 #define IMAGE_DIRECTORY_ENTRY_BASERELOC 5
177 typedef struct _IMAGE_BASE_RELOCATION
179 uint32_t VirtualAddress
;
180 uint32_t SizeOfBlock
;
181 /* WORD TypeOffset[1]; */
182 } IMAGE_BASE_RELOCATION
,*PIMAGE_BASE_RELOCATION
;
184 typedef struct _IMAGE_RELOCATION
187 uint32_t VirtualAddress
;
190 uint32_t SymbolTableIndex
;
192 } IMAGE_RELOCATION
, *PIMAGE_RELOCATION
;
194 #define IMAGE_SIZEOF_RELOCATION 10
196 /* generic relocation types */
197 #define IMAGE_REL_BASED_ABSOLUTE 0
198 #define IMAGE_REL_BASED_HIGH 1
199 #define IMAGE_REL_BASED_LOW 2
200 #define IMAGE_REL_BASED_HIGHLOW 3
201 #define IMAGE_REL_BASED_HIGHADJ 4
202 #define IMAGE_REL_BASED_MIPS_JMPADDR 5
203 #define IMAGE_REL_BASED_ARM_MOV32A 5 /* yes, 5 too */
204 #define IMAGE_REL_BASED_ARM_MOV32 5 /* yes, 5 too */
205 #define IMAGE_REL_BASED_SECTION 6
206 #define IMAGE_REL_BASED_REL 7
207 #define IMAGE_REL_BASED_ARM_MOV32T 7 /* yes, 7 too */
208 #define IMAGE_REL_BASED_THUMB_MOV32 7 /* yes, 7 too */
209 #define IMAGE_REL_BASED_MIPS_JMPADDR16 9
210 #define IMAGE_REL_BASED_IA64_IMM64 9 /* yes, 9 too */
211 #define IMAGE_REL_BASED_DIR64 10
212 #define IMAGE_REL_BASED_HIGH3ADJ 11
214 /* ARM relocation types */
215 #define IMAGE_REL_ARM_ABSOLUTE 0x0000
216 #define IMAGE_REL_ARM_ADDR 0x0001
217 #define IMAGE_REL_ARM_ADDR32NB 0x0002
218 #define IMAGE_REL_ARM_BRANCH24 0x0003
219 #define IMAGE_REL_ARM_BRANCH11 0x0004
220 #define IMAGE_REL_ARM_TOKEN 0x0005
221 #define IMAGE_REL_ARM_GPREL12 0x0006
222 #define IMAGE_REL_ARM_GPREL7 0x0007
223 #define IMAGE_REL_ARM_BLX24 0x0008
224 #define IMAGE_REL_ARM_BLX11 0x0009
225 #define IMAGE_REL_ARM_SECTION 0x000E
226 #define IMAGE_REL_ARM_SECREL 0x000F
227 #define IMAGE_REL_ARM_MOV32A 0x0010
228 #define IMAGE_REL_ARM_MOV32T 0x0011
229 #define IMAGE_REL_ARM_BRANCH20T 0x0012
230 #define IMAGE_REL_ARM_BRANCH24T 0x0014
231 #define IMAGE_REL_ARM_BLX23T 0x0015
233 /* ARM64 relocation types */
234 #define IMAGE_REL_ARM64_ABSOLUTE 0x0000
235 #define IMAGE_REL_ARM64_ADDR32 0x0001
236 #define IMAGE_REL_ARM64_ADDR32NB 0x0002
237 #define IMAGE_REL_ARM64_BRANCH26 0x0003
238 #define IMAGE_REL_ARM64_PAGEBASE_REL21 0x0004
239 #define IMAGE_REL_ARM64_REL21 0x0005
240 #define IMAGE_REL_ARM64_PAGEOFFSET_12A 0x0006
241 #define IMAGE_REL_ARM64_PAGEOFFSET_12L 0x0007
242 #define IMAGE_REL_ARM64_SECREL 0x0008
243 #define IMAGE_REL_ARM64_SECREL_LOW12A 0x0009
244 #define IMAGE_REL_ARM64_SECREL_HIGH12A 0x000A
245 #define IMAGE_REL_ARM64_SECREL_LOW12L 0x000B
246 #define IMAGE_REL_ARM64_TOKEN 0x000C
247 #define IMAGE_REL_ARM64_SECTION 0x000D
248 #define IMAGE_REL_ARM64_ADDR64 0x000E
250 /* AMD64 relocation types */
251 #define IMAGE_REL_AMD64_ABSOLUTE 0x0000
252 #define IMAGE_REL_AMD64_ADDR64 0x0001
253 #define IMAGE_REL_AMD64_ADDR32 0x0002
254 #define IMAGE_REL_AMD64_ADDR32NB 0x0003
255 #define IMAGE_REL_AMD64_REL32 0x0004
256 #define IMAGE_REL_AMD64_REL32_1 0x0005
257 #define IMAGE_REL_AMD64_REL32_2 0x0006
258 #define IMAGE_REL_AMD64_REL32_3 0x0007
259 #define IMAGE_REL_AMD64_REL32_4 0x0008
260 #define IMAGE_REL_AMD64_REL32_5 0x0009
261 #define IMAGE_REL_AMD64_SECTION 0x000A
262 #define IMAGE_REL_AMD64_SECREL 0x000B
263 #define IMAGE_REL_AMD64_SECREL7 0x000C
264 #define IMAGE_REL_AMD64_TOKEN 0x000D
265 #define IMAGE_REL_AMD64_SREL32 0x000E
266 #define IMAGE_REL_AMD64_PAIR 0x000F
267 #define IMAGE_REL_AMD64_SSPAN32 0x0010