1 //===-- llvm/BinaryFormat/COFF.h --------------------------------*- C++ -*-===//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 //
9 // This file contains an definitions used in Windows COFF Files.
10 //
11 // Structures and enums defined within this file where created using
12 // information from Microsoft's publicly available PE/COFF format document:
13 //
14 // Microsoft Portable Executable and Common Object File Format Specification
15 // Revision 8.1 - February 15, 2008
16 //
17 // As of 5/2/2010, hosted by Microsoft at:
18 // http://www.microsoft.com/whdc/system/platform/firmware/pecoff.mspx
19 //
20 //===----------------------------------------------------------------------===//
21
22 #ifndef LLVM_BINARYFORMAT_COFF_H
23 #define LLVM_BINARYFORMAT_COFF_H
24
25 #include "llvm/Support/Compiler.h"
26 #include "llvm/Support/DataTypes.h"
27 #include <cassert>
28
29 namespace llvm {
30 namespace COFF {
31
32 // The maximum number of sections that a COFF object can have (inclusive).
33 const int32_t MaxNumberOfSections16 = 65279;
34
35 // The PE signature bytes that follows the DOS stub header.
36 static const char PEMagic[] = {'P', 'E', '\0', '\0'};
37
38 static const char BigObjMagic[] = {
39 '\xc7', '\xa1', '\xba', '\xd1', '\xee', '\xba', '\xa9', '\x4b',
40 '\xaf', '\x20', '\xfa', '\xf6', '\x6a', '\xa4', '\xdc', '\xb8',
41 };
42
43 static const char ClGlObjMagic[] = {
44 '\x38', '\xfe', '\xb3', '\x0c', '\xa5', '\xd9', '\xab', '\x4d',
45 '\xac', '\x9b', '\xd6', '\xb6', '\x22', '\x26', '\x53', '\xc2',
46 };
47
48 // The signature bytes that start a .res file.
49 static const char WinResMagic[] = {
50 '\x00', '\x00', '\x00', '\x00', '\x20', '\x00', '\x00', '\x00',
51 '\xff', '\xff', '\x00', '\x00', '\xff', '\xff', '\x00', '\x00',
52 };
53
54 // Sizes in bytes of various things in the COFF format.
55 enum {
56 Header16Size = 20,
57 Header32Size = 56,
58 NameSize = 8,
59 Symbol16Size = 18,
60 Symbol32Size = 20,
61 SectionSize = 40,
62 RelocationSize = 10
63 };
64
65 struct header {
66 uint16_t Machine;
67 int32_t NumberOfSections;
68 uint32_t TimeDateStamp;
69 uint32_t PointerToSymbolTable;
70 uint32_t NumberOfSymbols;
71 uint16_t SizeOfOptionalHeader;
72 uint16_t Characteristics;
73 };
74
75 struct BigObjHeader {
76 enum : uint16_t { MinBigObjectVersion = 2 };
77
78 uint16_t Sig1; ///< Must be IMAGE_FILE_MACHINE_UNKNOWN (0).
79 uint16_t Sig2; ///< Must be 0xFFFF.
80 uint16_t Version;
81 uint16_t Machine;
82 uint32_t TimeDateStamp;
83 uint8_t UUID[16];
84 uint32_t unused1;
85 uint32_t unused2;
86 uint32_t unused3;
87 uint32_t unused4;
88 uint32_t NumberOfSections;
89 uint32_t PointerToSymbolTable;
90 uint32_t NumberOfSymbols;
91 };
92
93 enum MachineTypes : unsigned {
94 MT_Invalid = 0xffff,
95
96 IMAGE_FILE_MACHINE_UNKNOWN = 0x0,
97 IMAGE_FILE_MACHINE_AM33 = 0x1D3,
98 IMAGE_FILE_MACHINE_AMD64 = 0x8664,
99 IMAGE_FILE_MACHINE_ARM = 0x1C0,
100 IMAGE_FILE_MACHINE_ARMNT = 0x1C4,
101 IMAGE_FILE_MACHINE_ARM64 = 0xAA64,
102 IMAGE_FILE_MACHINE_ARM64EC = 0xA641,
103 IMAGE_FILE_MACHINE_ARM64X = 0xA64E,
104 IMAGE_FILE_MACHINE_EBC = 0xEBC,
105 IMAGE_FILE_MACHINE_I386 = 0x14C,
106 IMAGE_FILE_MACHINE_IA64 = 0x200,
107 IMAGE_FILE_MACHINE_M32R = 0x9041,
108 IMAGE_FILE_MACHINE_MIPS16 = 0x266,
109 IMAGE_FILE_MACHINE_MIPSFPU = 0x366,
110 IMAGE_FILE_MACHINE_MIPSFPU16 = 0x466,
111 IMAGE_FILE_MACHINE_POWERPC = 0x1F0,
112 IMAGE_FILE_MACHINE_POWERPCFP = 0x1F1,
113 IMAGE_FILE_MACHINE_R4000 = 0x166,
114 IMAGE_FILE_MACHINE_RISCV32 = 0x5032,
115 IMAGE_FILE_MACHINE_RISCV64 = 0x5064,
116 IMAGE_FILE_MACHINE_RISCV128 = 0x5128,
117 IMAGE_FILE_MACHINE_SH3 = 0x1A2,
118 IMAGE_FILE_MACHINE_SH3DSP = 0x1A3,
119 IMAGE_FILE_MACHINE_SH4 = 0x1A6,
120 IMAGE_FILE_MACHINE_SH5 = 0x1A8,
121 IMAGE_FILE_MACHINE_THUMB = 0x1C2,
122 IMAGE_FILE_MACHINE_WCEMIPSV2 = 0x169
123 };
124
isArm64EC(T Machine)125 template <typename T> bool isArm64EC(T Machine) {
126 return Machine == IMAGE_FILE_MACHINE_ARM64EC ||
127 Machine == IMAGE_FILE_MACHINE_ARM64X;
128 }
129
isAnyArm64(T Machine)130 template <typename T> bool isAnyArm64(T Machine) {
131 return Machine == IMAGE_FILE_MACHINE_ARM64 || isArm64EC(Machine);
132 }
133
is64Bit(T Machine)134 template <typename T> bool is64Bit(T Machine) {
135 return Machine == IMAGE_FILE_MACHINE_AMD64 || isAnyArm64(Machine);
136 }
137
138 enum Characteristics : unsigned {
139 C_Invalid = 0,
140
141 /// The file does not contain base relocations and must be loaded at its
142 /// preferred base. If this cannot be done, the loader will error.
143 IMAGE_FILE_RELOCS_STRIPPED = 0x0001,
144 /// The file is valid and can be run.
145 IMAGE_FILE_EXECUTABLE_IMAGE = 0x0002,
146 /// COFF line numbers have been stripped. This is deprecated and should be
147 /// 0.
148 IMAGE_FILE_LINE_NUMS_STRIPPED = 0x0004,
149 /// COFF symbol table entries for local symbols have been removed. This is
150 /// deprecated and should be 0.
151 IMAGE_FILE_LOCAL_SYMS_STRIPPED = 0x0008,
152 /// Aggressively trim working set. This is deprecated and must be 0.
153 IMAGE_FILE_AGGRESSIVE_WS_TRIM = 0x0010,
154 /// Image can handle > 2GiB addresses.
155 IMAGE_FILE_LARGE_ADDRESS_AWARE = 0x0020,
156 /// Little endian: the LSB precedes the MSB in memory. This is deprecated
157 /// and should be 0.
158 IMAGE_FILE_BYTES_REVERSED_LO = 0x0080,
159 /// Machine is based on a 32bit word architecture.
160 IMAGE_FILE_32BIT_MACHINE = 0x0100,
161 /// Debugging info has been removed.
162 IMAGE_FILE_DEBUG_STRIPPED = 0x0200,
163 /// If the image is on removable media, fully load it and copy it to swap.
164 IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP = 0x0400,
165 /// If the image is on network media, fully load it and copy it to swap.
166 IMAGE_FILE_NET_RUN_FROM_SWAP = 0x0800,
167 /// The image file is a system file, not a user program.
168 IMAGE_FILE_SYSTEM = 0x1000,
169 /// The image file is a DLL.
170 IMAGE_FILE_DLL = 0x2000,
171 /// This file should only be run on a uniprocessor machine.
172 IMAGE_FILE_UP_SYSTEM_ONLY = 0x4000,
173 /// Big endian: the MSB precedes the LSB in memory. This is deprecated
174 /// and should be 0.
175 IMAGE_FILE_BYTES_REVERSED_HI = 0x8000
176 };
177
178 enum ResourceTypeID : unsigned {
179 RID_Cursor = 1,
180 RID_Bitmap = 2,
181 RID_Icon = 3,
182 RID_Menu = 4,
183 RID_Dialog = 5,
184 RID_String = 6,
185 RID_FontDir = 7,
186 RID_Font = 8,
187 RID_Accelerator = 9,
188 RID_RCData = 10,
189 RID_MessageTable = 11,
190 RID_Group_Cursor = 12,
191 RID_Group_Icon = 14,
192 RID_Version = 16,
193 RID_DLGInclude = 17,
194 RID_PlugPlay = 19,
195 RID_VXD = 20,
196 RID_AniCursor = 21,
197 RID_AniIcon = 22,
198 RID_HTML = 23,
199 RID_Manifest = 24,
200 };
201
202 struct symbol {
203 char Name[NameSize];
204 uint32_t Value;
205 int32_t SectionNumber;
206 uint16_t Type;
207 uint8_t StorageClass;
208 uint8_t NumberOfAuxSymbols;
209 };
210
211 enum SymbolSectionNumber : int32_t {
212 IMAGE_SYM_DEBUG = -2,
213 IMAGE_SYM_ABSOLUTE = -1,
214 IMAGE_SYM_UNDEFINED = 0
215 };
216
217 /// Storage class tells where and what the symbol represents
218 enum SymbolStorageClass {
219 SSC_Invalid = 0xff,
220
221 IMAGE_SYM_CLASS_END_OF_FUNCTION = -1, ///< Physical end of function
222 IMAGE_SYM_CLASS_NULL = 0, ///< No symbol
223 IMAGE_SYM_CLASS_AUTOMATIC = 1, ///< Stack variable
224 IMAGE_SYM_CLASS_EXTERNAL = 2, ///< External symbol
225 IMAGE_SYM_CLASS_STATIC = 3, ///< Static
226 IMAGE_SYM_CLASS_REGISTER = 4, ///< Register variable
227 IMAGE_SYM_CLASS_EXTERNAL_DEF = 5, ///< External definition
228 IMAGE_SYM_CLASS_LABEL = 6, ///< Label
229 IMAGE_SYM_CLASS_UNDEFINED_LABEL = 7, ///< Undefined label
230 IMAGE_SYM_CLASS_MEMBER_OF_STRUCT = 8, ///< Member of structure
231 IMAGE_SYM_CLASS_ARGUMENT = 9, ///< Function argument
232 IMAGE_SYM_CLASS_STRUCT_TAG = 10, ///< Structure tag
233 IMAGE_SYM_CLASS_MEMBER_OF_UNION = 11, ///< Member of union
234 IMAGE_SYM_CLASS_UNION_TAG = 12, ///< Union tag
235 IMAGE_SYM_CLASS_TYPE_DEFINITION = 13, ///< Type definition
236 IMAGE_SYM_CLASS_UNDEFINED_STATIC = 14, ///< Undefined static
237 IMAGE_SYM_CLASS_ENUM_TAG = 15, ///< Enumeration tag
238 IMAGE_SYM_CLASS_MEMBER_OF_ENUM = 16, ///< Member of enumeration
239 IMAGE_SYM_CLASS_REGISTER_PARAM = 17, ///< Register parameter
240 IMAGE_SYM_CLASS_BIT_FIELD = 18, ///< Bit field
241 /// ".bb" or ".eb" - beginning or end of block
242 IMAGE_SYM_CLASS_BLOCK = 100,
243 /// ".bf" or ".ef" - beginning or end of function
244 IMAGE_SYM_CLASS_FUNCTION = 101,
245 IMAGE_SYM_CLASS_END_OF_STRUCT = 102, ///< End of structure
246 IMAGE_SYM_CLASS_FILE = 103, ///< File name
247 /// Line number, reformatted as symbol
248 IMAGE_SYM_CLASS_SECTION = 104,
249 IMAGE_SYM_CLASS_WEAK_EXTERNAL = 105, ///< Duplicate tag
250 /// External symbol in dmert public lib
251 IMAGE_SYM_CLASS_CLR_TOKEN = 107
252 };
253
254 enum SymbolBaseType : unsigned {
255 IMAGE_SYM_TYPE_NULL = 0, ///< No type information or unknown base type.
256 IMAGE_SYM_TYPE_VOID = 1, ///< Used with void pointers and functions.
257 IMAGE_SYM_TYPE_CHAR = 2, ///< A character (signed byte).
258 IMAGE_SYM_TYPE_SHORT = 3, ///< A 2-byte signed integer.
259 IMAGE_SYM_TYPE_INT = 4, ///< A natural integer type on the target.
260 IMAGE_SYM_TYPE_LONG = 5, ///< A 4-byte signed integer.
261 IMAGE_SYM_TYPE_FLOAT = 6, ///< A 4-byte floating-point number.
262 IMAGE_SYM_TYPE_DOUBLE = 7, ///< An 8-byte floating-point number.
263 IMAGE_SYM_TYPE_STRUCT = 8, ///< A structure.
264 IMAGE_SYM_TYPE_UNION = 9, ///< An union.
265 IMAGE_SYM_TYPE_ENUM = 10, ///< An enumerated type.
266 IMAGE_SYM_TYPE_MOE = 11, ///< A member of enumeration (a specific value).
267 IMAGE_SYM_TYPE_BYTE = 12, ///< A byte; unsigned 1-byte integer.
268 IMAGE_SYM_TYPE_WORD = 13, ///< A word; unsigned 2-byte integer.
269 IMAGE_SYM_TYPE_UINT = 14, ///< An unsigned integer of natural size.
270 IMAGE_SYM_TYPE_DWORD = 15 ///< An unsigned 4-byte integer.
271 };
272
273 enum SymbolComplexType : unsigned {
274 IMAGE_SYM_DTYPE_NULL = 0, ///< No complex type; simple scalar variable.
275 IMAGE_SYM_DTYPE_POINTER = 1, ///< A pointer to base type.
276 IMAGE_SYM_DTYPE_FUNCTION = 2, ///< A function that returns a base type.
277 IMAGE_SYM_DTYPE_ARRAY = 3, ///< An array of base type.
278
279 /// Type is formed as (base + (derived << SCT_COMPLEX_TYPE_SHIFT))
280 SCT_COMPLEX_TYPE_SHIFT = 4
281 };
282
283 enum AuxSymbolType { IMAGE_AUX_SYMBOL_TYPE_TOKEN_DEF = 1 };
284
285 struct section {
286 char Name[NameSize];
287 uint32_t VirtualSize;
288 uint32_t VirtualAddress;
289 uint32_t SizeOfRawData;
290 uint32_t PointerToRawData;
291 uint32_t PointerToRelocations;
292 uint32_t PointerToLineNumbers;
293 uint16_t NumberOfRelocations;
294 uint16_t NumberOfLineNumbers;
295 uint32_t Characteristics;
296 };
297
298 enum SectionCharacteristics : uint32_t {
299 SC_Invalid = 0xffffffff,
300
301 IMAGE_SCN_TYPE_NOLOAD = 0x00000002,
302 IMAGE_SCN_TYPE_NO_PAD = 0x00000008,
303 IMAGE_SCN_CNT_CODE = 0x00000020,
304 IMAGE_SCN_CNT_INITIALIZED_DATA = 0x00000040,
305 IMAGE_SCN_CNT_UNINITIALIZED_DATA = 0x00000080,
306 IMAGE_SCN_LNK_OTHER = 0x00000100,
307 IMAGE_SCN_LNK_INFO = 0x00000200,
308 IMAGE_SCN_LNK_REMOVE = 0x00000800,
309 IMAGE_SCN_LNK_COMDAT = 0x00001000,
310 IMAGE_SCN_GPREL = 0x00008000,
311 IMAGE_SCN_MEM_PURGEABLE = 0x00020000,
312 IMAGE_SCN_MEM_16BIT = 0x00020000,
313 IMAGE_SCN_MEM_LOCKED = 0x00040000,
314 IMAGE_SCN_MEM_PRELOAD = 0x00080000,
315 IMAGE_SCN_ALIGN_1BYTES = 0x00100000,
316 IMAGE_SCN_ALIGN_2BYTES = 0x00200000,
317 IMAGE_SCN_ALIGN_4BYTES = 0x00300000,
318 IMAGE_SCN_ALIGN_8BYTES = 0x00400000,
319 IMAGE_SCN_ALIGN_16BYTES = 0x00500000,
320 IMAGE_SCN_ALIGN_32BYTES = 0x00600000,
321 IMAGE_SCN_ALIGN_64BYTES = 0x00700000,
322 IMAGE_SCN_ALIGN_128BYTES = 0x00800000,
323 IMAGE_SCN_ALIGN_256BYTES = 0x00900000,
324 IMAGE_SCN_ALIGN_512BYTES = 0x00A00000,
325 IMAGE_SCN_ALIGN_1024BYTES = 0x00B00000,
326 IMAGE_SCN_ALIGN_2048BYTES = 0x00C00000,
327 IMAGE_SCN_ALIGN_4096BYTES = 0x00D00000,
328 IMAGE_SCN_ALIGN_8192BYTES = 0x00E00000,
329 IMAGE_SCN_ALIGN_MASK = 0x00F00000,
330 IMAGE_SCN_LNK_NRELOC_OVFL = 0x01000000,
331 IMAGE_SCN_MEM_DISCARDABLE = 0x02000000,
332 IMAGE_SCN_MEM_NOT_CACHED = 0x04000000,
333 IMAGE_SCN_MEM_NOT_PAGED = 0x08000000,
334 IMAGE_SCN_MEM_SHARED = 0x10000000,
335 IMAGE_SCN_MEM_EXECUTE = 0x20000000,
336 IMAGE_SCN_MEM_READ = 0x40000000,
337 IMAGE_SCN_MEM_WRITE = 0x80000000
338 };
339
340 struct relocation {
341 uint32_t VirtualAddress;
342 uint32_t SymbolTableIndex;
343 uint16_t Type;
344 };
345
346 enum RelocationTypeI386 : unsigned {
347 IMAGE_REL_I386_ABSOLUTE = 0x0000,
348 IMAGE_REL_I386_DIR16 = 0x0001,
349 IMAGE_REL_I386_REL16 = 0x0002,
350 IMAGE_REL_I386_DIR32 = 0x0006,
351 IMAGE_REL_I386_DIR32NB = 0x0007,
352 IMAGE_REL_I386_SEG12 = 0x0009,
353 IMAGE_REL_I386_SECTION = 0x000A,
354 IMAGE_REL_I386_SECREL = 0x000B,
355 IMAGE_REL_I386_TOKEN = 0x000C,
356 IMAGE_REL_I386_SECREL7 = 0x000D,
357 IMAGE_REL_I386_REL32 = 0x0014
358 };
359
360 enum RelocationTypeAMD64 : unsigned {
361 IMAGE_REL_AMD64_ABSOLUTE = 0x0000,
362 IMAGE_REL_AMD64_ADDR64 = 0x0001,
363 IMAGE_REL_AMD64_ADDR32 = 0x0002,
364 IMAGE_REL_AMD64_ADDR32NB = 0x0003,
365 IMAGE_REL_AMD64_REL32 = 0x0004,
366 IMAGE_REL_AMD64_REL32_1 = 0x0005,
367 IMAGE_REL_AMD64_REL32_2 = 0x0006,
368 IMAGE_REL_AMD64_REL32_3 = 0x0007,
369 IMAGE_REL_AMD64_REL32_4 = 0x0008,
370 IMAGE_REL_AMD64_REL32_5 = 0x0009,
371 IMAGE_REL_AMD64_SECTION = 0x000A,
372 IMAGE_REL_AMD64_SECREL = 0x000B,
373 IMAGE_REL_AMD64_SECREL7 = 0x000C,
374 IMAGE_REL_AMD64_TOKEN = 0x000D,
375 IMAGE_REL_AMD64_SREL32 = 0x000E,
376 IMAGE_REL_AMD64_PAIR = 0x000F,
377 IMAGE_REL_AMD64_SSPAN32 = 0x0010
378 };
379
380 enum RelocationTypesARM : unsigned {
381 IMAGE_REL_ARM_ABSOLUTE = 0x0000,
382 IMAGE_REL_ARM_ADDR32 = 0x0001,
383 IMAGE_REL_ARM_ADDR32NB = 0x0002,
384 IMAGE_REL_ARM_BRANCH24 = 0x0003,
385 IMAGE_REL_ARM_BRANCH11 = 0x0004,
386 IMAGE_REL_ARM_TOKEN = 0x0005,
387 IMAGE_REL_ARM_BLX24 = 0x0008,
388 IMAGE_REL_ARM_BLX11 = 0x0009,
389 IMAGE_REL_ARM_REL32 = 0x000A,
390 IMAGE_REL_ARM_SECTION = 0x000E,
391 IMAGE_REL_ARM_SECREL = 0x000F,
392 IMAGE_REL_ARM_MOV32A = 0x0010,
393 IMAGE_REL_ARM_MOV32T = 0x0011,
394 IMAGE_REL_ARM_BRANCH20T = 0x0012,
395 IMAGE_REL_ARM_BRANCH24T = 0x0014,
396 IMAGE_REL_ARM_BLX23T = 0x0015,
397 IMAGE_REL_ARM_PAIR = 0x0016,
398 };
399
400 enum RelocationTypesARM64 : unsigned {
401 IMAGE_REL_ARM64_ABSOLUTE = 0x0000,
402 IMAGE_REL_ARM64_ADDR32 = 0x0001,
403 IMAGE_REL_ARM64_ADDR32NB = 0x0002,
404 IMAGE_REL_ARM64_BRANCH26 = 0x0003,
405 IMAGE_REL_ARM64_PAGEBASE_REL21 = 0x0004,
406 IMAGE_REL_ARM64_REL21 = 0x0005,
407 IMAGE_REL_ARM64_PAGEOFFSET_12A = 0x0006,
408 IMAGE_REL_ARM64_PAGEOFFSET_12L = 0x0007,
409 IMAGE_REL_ARM64_SECREL = 0x0008,
410 IMAGE_REL_ARM64_SECREL_LOW12A = 0x0009,
411 IMAGE_REL_ARM64_SECREL_HIGH12A = 0x000A,
412 IMAGE_REL_ARM64_SECREL_LOW12L = 0x000B,
413 IMAGE_REL_ARM64_TOKEN = 0x000C,
414 IMAGE_REL_ARM64_SECTION = 0x000D,
415 IMAGE_REL_ARM64_ADDR64 = 0x000E,
416 IMAGE_REL_ARM64_BRANCH19 = 0x000F,
417 IMAGE_REL_ARM64_BRANCH14 = 0x0010,
418 IMAGE_REL_ARM64_REL32 = 0x0011,
419 };
420
421 enum RelocationTypesMips : unsigned {
422 IMAGE_REL_MIPS_ABSOLUTE = 0x0000,
423 IMAGE_REL_MIPS_REFHALF = 0x0001,
424 IMAGE_REL_MIPS_REFWORD = 0x0002,
425 IMAGE_REL_MIPS_JMPADDR = 0x0003,
426 IMAGE_REL_MIPS_REFHI = 0x0004,
427 IMAGE_REL_MIPS_REFLO = 0x0005,
428 IMAGE_REL_MIPS_GPREL = 0x0006,
429 IMAGE_REL_MIPS_LITERAL = 0x0007,
430 IMAGE_REL_MIPS_SECTION = 0x000A,
431 IMAGE_REL_MIPS_SECREL = 0x000B,
432 IMAGE_REL_MIPS_SECRELLO = 0x000C,
433 IMAGE_REL_MIPS_SECRELHI = 0x000D,
434 IMAGE_REL_MIPS_JMPADDR16 = 0x0010,
435 IMAGE_REL_MIPS_REFWORDNB = 0x0022,
436 IMAGE_REL_MIPS_PAIR = 0x0025,
437 };
438
439 enum DynamicRelocationType : unsigned {
440 IMAGE_DYNAMIC_RELOCATION_GUARD_RF_PROLOGUE = 1,
441 IMAGE_DYNAMIC_RELOCATION_GUARD_RF_EPILOGUE = 2,
442 IMAGE_DYNAMIC_RELOCATION_GUARD_IMPORT_CONTROL_TRANSFER = 3,
443 IMAGE_DYNAMIC_RELOCATION_GUARD_INDIR_CONTROL_TRANSFER = 4,
444 IMAGE_DYNAMIC_RELOCATION_GUARD_SWITCHTABLE_BRANCH = 5,
445 IMAGE_DYNAMIC_RELOCATION_ARM64X = 6,
446 };
447
448 enum Arm64XFixupType : uint8_t {
449 IMAGE_DVRT_ARM64X_FIXUP_TYPE_ZEROFILL = 0,
450 IMAGE_DVRT_ARM64X_FIXUP_TYPE_VALUE = 1,
451 IMAGE_DVRT_ARM64X_FIXUP_TYPE_DELTA = 2,
452 };
453
454 enum COMDATType : uint8_t {
455 IMAGE_COMDAT_SELECT_NODUPLICATES = 1,
456 IMAGE_COMDAT_SELECT_ANY,
457 IMAGE_COMDAT_SELECT_SAME_SIZE,
458 IMAGE_COMDAT_SELECT_EXACT_MATCH,
459 IMAGE_COMDAT_SELECT_ASSOCIATIVE,
460 IMAGE_COMDAT_SELECT_LARGEST,
461 IMAGE_COMDAT_SELECT_NEWEST
462 };
463
464 // Auxiliary Symbol Formats
465 struct AuxiliaryFunctionDefinition {
466 uint32_t TagIndex;
467 uint32_t TotalSize;
468 uint32_t PointerToLinenumber;
469 uint32_t PointerToNextFunction;
470 char unused[2];
471 };
472
473 struct AuxiliarybfAndefSymbol {
474 uint8_t unused1[4];
475 uint16_t Linenumber;
476 uint8_t unused2[6];
477 uint32_t PointerToNextFunction;
478 uint8_t unused3[2];
479 };
480
481 struct AuxiliaryWeakExternal {
482 uint32_t TagIndex;
483 uint32_t Characteristics;
484 uint8_t unused[10];
485 };
486
487 enum WeakExternalCharacteristics : unsigned {
488 IMAGE_WEAK_EXTERN_SEARCH_NOLIBRARY = 1,
489 IMAGE_WEAK_EXTERN_SEARCH_LIBRARY = 2,
490 IMAGE_WEAK_EXTERN_SEARCH_ALIAS = 3,
491 IMAGE_WEAK_EXTERN_ANTI_DEPENDENCY = 4
492 };
493
494 struct AuxiliarySectionDefinition {
495 uint32_t Length;
496 uint16_t NumberOfRelocations;
497 uint16_t NumberOfLinenumbers;
498 uint32_t CheckSum;
499 uint32_t Number;
500 uint8_t Selection;
501 char unused;
502 };
503
504 struct AuxiliaryCLRToken {
505 uint8_t AuxType;
506 uint8_t unused1;
507 uint32_t SymbolTableIndex;
508 char unused2[12];
509 };
510
511 union Auxiliary {
512 AuxiliaryFunctionDefinition FunctionDefinition;
513 AuxiliarybfAndefSymbol bfAndefSymbol;
514 AuxiliaryWeakExternal WeakExternal;
515 AuxiliarySectionDefinition SectionDefinition;
516 };
517
518 /// The Import Directory Table.
519 ///
520 /// There is a single array of these and one entry per imported DLL.
521 struct ImportDirectoryTableEntry {
522 uint32_t ImportLookupTableRVA;
523 uint32_t TimeDateStamp;
524 uint32_t ForwarderChain;
525 uint32_t NameRVA;
526 uint32_t ImportAddressTableRVA;
527 };
528
529 /// The PE32 Import Lookup Table.
530 ///
531 /// There is an array of these for each imported DLL. It represents either
532 /// the ordinal to import from the target DLL, or a name to lookup and import
533 /// from the target DLL.
534 ///
535 /// This also happens to be the same format used by the Import Address Table
536 /// when it is initially written out to the image.
537 struct ImportLookupTableEntry32 {
538 uint32_t data;
539
540 /// Is this entry specified by ordinal, or name?
isOrdinalImportLookupTableEntry32541 bool isOrdinal() const { return data & 0x80000000; }
542
543 /// Get the ordinal value of this entry. isOrdinal must be true.
getOrdinalImportLookupTableEntry32544 uint16_t getOrdinal() const {
545 assert(isOrdinal() && "ILT entry is not an ordinal!");
546 return data & 0xFFFF;
547 }
548
549 /// Set the ordinal value and set isOrdinal to true.
setOrdinalImportLookupTableEntry32550 void setOrdinal(uint16_t o) {
551 data = o;
552 data |= 0x80000000;
553 }
554
555 /// Get the Hint/Name entry RVA. isOrdinal must be false.
getHintNameRVAImportLookupTableEntry32556 uint32_t getHintNameRVA() const {
557 assert(!isOrdinal() && "ILT entry is not a Hint/Name RVA!");
558 return data;
559 }
560
561 /// Set the Hint/Name entry RVA and set isOrdinal to false.
setHintNameRVAImportLookupTableEntry32562 void setHintNameRVA(uint32_t rva) { data = rva; }
563 };
564
565 /// The DOS compatible header at the front of all PEs.
566 struct DOSHeader {
567 uint16_t Magic;
568 uint16_t UsedBytesInTheLastPage;
569 uint16_t FileSizeInPages;
570 uint16_t NumberOfRelocationItems;
571 uint16_t HeaderSizeInParagraphs;
572 uint16_t MinimumExtraParagraphs;
573 uint16_t MaximumExtraParagraphs;
574 uint16_t InitialRelativeSS;
575 uint16_t InitialSP;
576 uint16_t Checksum;
577 uint16_t InitialIP;
578 uint16_t InitialRelativeCS;
579 uint16_t AddressOfRelocationTable;
580 uint16_t OverlayNumber;
581 uint16_t Reserved[4];
582 uint16_t OEMid;
583 uint16_t OEMinfo;
584 uint16_t Reserved2[10];
585 uint32_t AddressOfNewExeHeader;
586 };
587
588 struct PE32Header {
589 enum { PE32 = 0x10b, PE32_PLUS = 0x20b };
590
591 uint16_t Magic;
592 uint8_t MajorLinkerVersion;
593 uint8_t MinorLinkerVersion;
594 uint32_t SizeOfCode;
595 uint32_t SizeOfInitializedData;
596 uint32_t SizeOfUninitializedData;
597 uint32_t AddressOfEntryPoint; // RVA
598 uint32_t BaseOfCode; // RVA
599 uint32_t BaseOfData; // RVA
600 uint64_t ImageBase;
601 uint32_t SectionAlignment;
602 uint32_t FileAlignment;
603 uint16_t MajorOperatingSystemVersion;
604 uint16_t MinorOperatingSystemVersion;
605 uint16_t MajorImageVersion;
606 uint16_t MinorImageVersion;
607 uint16_t MajorSubsystemVersion;
608 uint16_t MinorSubsystemVersion;
609 uint32_t Win32VersionValue;
610 uint32_t SizeOfImage;
611 uint32_t SizeOfHeaders;
612 uint32_t CheckSum;
613 uint16_t Subsystem;
614 // FIXME: This should be DllCharacteristics to match the COFF spec.
615 uint16_t DLLCharacteristics;
616 uint64_t SizeOfStackReserve;
617 uint64_t SizeOfStackCommit;
618 uint64_t SizeOfHeapReserve;
619 uint64_t SizeOfHeapCommit;
620 uint32_t LoaderFlags;
621 // FIXME: This should be NumberOfRvaAndSizes to match the COFF spec.
622 uint32_t NumberOfRvaAndSize;
623 };
624
625 struct DataDirectory {
626 uint32_t RelativeVirtualAddress;
627 uint32_t Size;
628 };
629
630 enum DataDirectoryIndex : unsigned {
631 EXPORT_TABLE = 0,
632 IMPORT_TABLE,
633 RESOURCE_TABLE,
634 EXCEPTION_TABLE,
635 CERTIFICATE_TABLE,
636 BASE_RELOCATION_TABLE,
637 DEBUG_DIRECTORY,
638 ARCHITECTURE,
639 GLOBAL_PTR,
640 TLS_TABLE,
641 LOAD_CONFIG_TABLE,
642 BOUND_IMPORT,
643 IAT,
644 DELAY_IMPORT_DESCRIPTOR,
645 CLR_RUNTIME_HEADER,
646
647 NUM_DATA_DIRECTORIES
648 };
649
650 enum WindowsSubsystem : unsigned {
651 IMAGE_SUBSYSTEM_UNKNOWN = 0, ///< An unknown subsystem.
652 IMAGE_SUBSYSTEM_NATIVE = 1, ///< Device drivers and native Windows processes
653 IMAGE_SUBSYSTEM_WINDOWS_GUI = 2, ///< The Windows GUI subsystem.
654 IMAGE_SUBSYSTEM_WINDOWS_CUI = 3, ///< The Windows character subsystem.
655 IMAGE_SUBSYSTEM_OS2_CUI = 5, ///< The OS/2 character subsystem.
656 IMAGE_SUBSYSTEM_POSIX_CUI = 7, ///< The POSIX character subsystem.
657 IMAGE_SUBSYSTEM_NATIVE_WINDOWS = 8, ///< Native Windows 9x driver.
658 IMAGE_SUBSYSTEM_WINDOWS_CE_GUI = 9, ///< Windows CE.
659 IMAGE_SUBSYSTEM_EFI_APPLICATION = 10, ///< An EFI application.
660 IMAGE_SUBSYSTEM_EFI_BOOT_SERVICE_DRIVER = 11, ///< An EFI driver with boot
661 /// services.
662 IMAGE_SUBSYSTEM_EFI_RUNTIME_DRIVER = 12, ///< An EFI driver with run-time
663 /// services.
664 IMAGE_SUBSYSTEM_EFI_ROM = 13, ///< An EFI ROM image.
665 IMAGE_SUBSYSTEM_XBOX = 14, ///< XBOX.
666 IMAGE_SUBSYSTEM_WINDOWS_BOOT_APPLICATION = 16 ///< A BCD application.
667 };
668
669 enum DLLCharacteristics : unsigned {
670 /// ASLR with 64 bit address space.
671 IMAGE_DLL_CHARACTERISTICS_HIGH_ENTROPY_VA = 0x0020,
672 /// DLL can be relocated at load time.
673 IMAGE_DLL_CHARACTERISTICS_DYNAMIC_BASE = 0x0040,
674 /// Code integrity checks are enforced.
675 IMAGE_DLL_CHARACTERISTICS_FORCE_INTEGRITY = 0x0080,
676 ///< Image is NX compatible.
677 IMAGE_DLL_CHARACTERISTICS_NX_COMPAT = 0x0100,
678 /// Isolation aware, but do not isolate the image.
679 IMAGE_DLL_CHARACTERISTICS_NO_ISOLATION = 0x0200,
680 /// Does not use structured exception handling (SEH). No SEH handler may be
681 /// called in this image.
682 IMAGE_DLL_CHARACTERISTICS_NO_SEH = 0x0400,
683 /// Do not bind the image.
684 IMAGE_DLL_CHARACTERISTICS_NO_BIND = 0x0800,
685 ///< Image should execute in an AppContainer.
686 IMAGE_DLL_CHARACTERISTICS_APPCONTAINER = 0x1000,
687 ///< A WDM driver.
688 IMAGE_DLL_CHARACTERISTICS_WDM_DRIVER = 0x2000,
689 ///< Image supports Control Flow Guard.
690 IMAGE_DLL_CHARACTERISTICS_GUARD_CF = 0x4000,
691 /// Terminal Server aware.
692 IMAGE_DLL_CHARACTERISTICS_TERMINAL_SERVER_AWARE = 0x8000
693 };
694
695 enum ExtendedDLLCharacteristics : unsigned {
696 /// Image is CET compatible
697 IMAGE_DLL_CHARACTERISTICS_EX_CET_COMPAT = 0x0001
698 };
699
700 enum DebugType : unsigned {
701 IMAGE_DEBUG_TYPE_UNKNOWN = 0,
702 IMAGE_DEBUG_TYPE_COFF = 1,
703 IMAGE_DEBUG_TYPE_CODEVIEW = 2,
704 IMAGE_DEBUG_TYPE_FPO = 3,
705 IMAGE_DEBUG_TYPE_MISC = 4,
706 IMAGE_DEBUG_TYPE_EXCEPTION = 5,
707 IMAGE_DEBUG_TYPE_FIXUP = 6,
708 IMAGE_DEBUG_TYPE_OMAP_TO_SRC = 7,
709 IMAGE_DEBUG_TYPE_OMAP_FROM_SRC = 8,
710 IMAGE_DEBUG_TYPE_BORLAND = 9,
711 IMAGE_DEBUG_TYPE_RESERVED10 = 10,
712 IMAGE_DEBUG_TYPE_CLSID = 11,
713 IMAGE_DEBUG_TYPE_VC_FEATURE = 12,
714 IMAGE_DEBUG_TYPE_POGO = 13,
715 IMAGE_DEBUG_TYPE_ILTCG = 14,
716 IMAGE_DEBUG_TYPE_MPX = 15,
717 IMAGE_DEBUG_TYPE_REPRO = 16,
718 IMAGE_DEBUG_TYPE_EX_DLLCHARACTERISTICS = 20,
719 };
720
721 enum BaseRelocationType : unsigned {
722 IMAGE_REL_BASED_ABSOLUTE = 0,
723 IMAGE_REL_BASED_HIGH = 1,
724 IMAGE_REL_BASED_LOW = 2,
725 IMAGE_REL_BASED_HIGHLOW = 3,
726 IMAGE_REL_BASED_HIGHADJ = 4,
727 IMAGE_REL_BASED_MIPS_JMPADDR = 5,
728 IMAGE_REL_BASED_ARM_MOV32A = 5,
729 IMAGE_REL_BASED_ARM_MOV32T = 7,
730 IMAGE_REL_BASED_MIPS_JMPADDR16 = 9,
731 IMAGE_REL_BASED_DIR64 = 10
732 };
733
734 enum ImportType : unsigned {
735 IMPORT_CODE = 0,
736 IMPORT_DATA = 1,
737 IMPORT_CONST = 2
738 };
739
740 enum ImportNameType : unsigned {
741 /// Import is by ordinal. This indicates that the value in the Ordinal/Hint
742 /// field of the import header is the import's ordinal. If this constant is
743 /// not specified, then the Ordinal/Hint field should always be interpreted
744 /// as the import's hint.
745 IMPORT_ORDINAL = 0,
746 /// The import name is identical to the public symbol name
747 IMPORT_NAME = 1,
748 /// The import name is the public symbol name, but skipping the leading ?,
749 /// @, or optionally _.
750 IMPORT_NAME_NOPREFIX = 2,
751 /// The import name is the public symbol name, but skipping the leading ?,
752 /// @, or optionally _, and truncating at the first @.
753 IMPORT_NAME_UNDECORATE = 3,
754 /// The import name is specified as a separate string in the import library
755 /// object file.
756 IMPORT_NAME_EXPORTAS = 4
757 };
758
759 enum class GuardFlags : uint32_t {
760 /// Module performs control flow integrity checks using system-supplied
761 /// support.
762 CF_INSTRUMENTED = 0x100,
763 /// Module performs control flow and write integrity checks.
764 CFW_INSTRUMENTED = 0x200,
765 /// Module contains valid control flow target metadata.
766 CF_FUNCTION_TABLE_PRESENT = 0x400,
767 /// Module does not make use of the /GS security cookie.
768 SECURITY_COOKIE_UNUSED = 0x800,
769 /// Module supports read only delay load IAT.
770 PROTECT_DELAYLOAD_IAT = 0x1000,
771 /// Delayload import table in its own .didat section (with nothing else in it)
772 /// that can be freely reprotected.
773 DELAYLOAD_IAT_IN_ITS_OWN_SECTION = 0x2000,
774 /// Module contains suppressed export information. This also infers that the
775 /// address taken IAT table is also present in the load config.
776 CF_EXPORT_SUPPRESSION_INFO_PRESENT = 0x4000,
777 /// Module enables suppression of exports.
778 CF_ENABLE_EXPORT_SUPPRESSION = 0x8000,
779 /// Module contains longjmp target information.
780 CF_LONGJUMP_TABLE_PRESENT = 0x10000,
781 /// Module contains EH continuation target information.
782 EH_CONTINUATION_TABLE_PRESENT = 0x400000,
783 /// Mask for the subfield that contains the stride of Control Flow Guard
784 /// function table entries (that is, the additional count of bytes per table
785 /// entry).
786 CF_FUNCTION_TABLE_SIZE_MASK = 0xF0000000,
787 CF_FUNCTION_TABLE_SIZE_5BYTES = 0x10000000,
788 CF_FUNCTION_TABLE_SIZE_6BYTES = 0x20000000,
789 CF_FUNCTION_TABLE_SIZE_7BYTES = 0x30000000,
790 CF_FUNCTION_TABLE_SIZE_8BYTES = 0x40000000,
791 CF_FUNCTION_TABLE_SIZE_9BYTES = 0x50000000,
792 CF_FUNCTION_TABLE_SIZE_10BYTES = 0x60000000,
793 CF_FUNCTION_TABLE_SIZE_11BYTES = 0x70000000,
794 CF_FUNCTION_TABLE_SIZE_12BYTES = 0x80000000,
795 CF_FUNCTION_TABLE_SIZE_13BYTES = 0x90000000,
796 CF_FUNCTION_TABLE_SIZE_14BYTES = 0xA0000000,
797 CF_FUNCTION_TABLE_SIZE_15BYTES = 0xB0000000,
798 CF_FUNCTION_TABLE_SIZE_16BYTES = 0xC0000000,
799 CF_FUNCTION_TABLE_SIZE_17BYTES = 0xD0000000,
800 CF_FUNCTION_TABLE_SIZE_18BYTES = 0xE0000000,
801 CF_FUNCTION_TABLE_SIZE_19BYTES = 0xF0000000,
802 };
803
804 struct ImportHeader {
805 uint16_t Sig1; ///< Must be IMAGE_FILE_MACHINE_UNKNOWN (0).
806 uint16_t Sig2; ///< Must be 0xFFFF.
807 uint16_t Version;
808 uint16_t Machine;
809 uint32_t TimeDateStamp;
810 uint32_t SizeOfData;
811 uint16_t OrdinalHint;
812 uint16_t TypeInfo;
813
getTypeImportHeader814 ImportType getType() const { return static_cast<ImportType>(TypeInfo & 0x3); }
815
getNameTypeImportHeader816 ImportNameType getNameType() const {
817 return static_cast<ImportNameType>((TypeInfo & 0x1C) >> 2);
818 }
819 };
820
821 enum CodeViewIdentifiers {
822 DEBUG_SECTION_MAGIC = 0x4,
823 DEBUG_HASHES_SECTION_MAGIC = 0x133C9C5
824 };
825
826 // These flags show up in the @feat.00 symbol. They appear to be some kind of
827 // compiler features bitfield read by link.exe.
828 enum Feat00Flags : uint32_t {
829 // Object is compatible with /safeseh.
830 SafeSEH = 0x1,
831 // Object was compiled with /GS.
832 GuardStack = 0x100,
833 // Object was compiled with /sdl.
834 SDL = 0x200,
835 // Object was compiled with /guard:cf.
836 GuardCF = 0x800,
837 // Object was compiled with /guard:ehcont.
838 GuardEHCont = 0x4000,
839 // Object was compiled with /kernel.
840 Kernel = 0x40000000,
841 };
842
843 enum Arm64ECThunkType : uint8_t {
844 GuestExit = 0,
845 Entry = 1,
846 Exit = 4,
847 };
848
isReservedSectionNumber(int32_t SectionNumber)849 inline bool isReservedSectionNumber(int32_t SectionNumber) {
850 return SectionNumber <= 0;
851 }
852
853 /// Encode section name based on string table offset.
854 /// The size of Out must be at least COFF::NameSize.
855 LLVM_ABI bool encodeSectionName(char *Out, uint64_t Offset);
856
857 } // End namespace COFF.
858 } // End namespace llvm.
859
860 #endif
861