github.com/tailscale/wireguard-go@v0.0.20201119-0.20210522003738-46b531feb08a/tun/wintun/memmod/syscall_windows.go (about) 1 /* SPDX-License-Identifier: MIT 2 * 3 * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved. 4 */ 5 6 package memmod 7 8 import "unsafe" 9 10 const ( 11 IMAGE_DOS_SIGNATURE = 0x5A4D // MZ 12 IMAGE_OS2_SIGNATURE = 0x454E // NE 13 IMAGE_OS2_SIGNATURE_LE = 0x454C // LE 14 IMAGE_VXD_SIGNATURE = 0x454C // LE 15 IMAGE_NT_SIGNATURE = 0x00004550 // PE00 16 ) 17 18 // DOS .EXE header 19 type IMAGE_DOS_HEADER struct { 20 E_magic uint16 // Magic number 21 E_cblp uint16 // Bytes on last page of file 22 E_cp uint16 // Pages in file 23 E_crlc uint16 // Relocations 24 E_cparhdr uint16 // Size of header in paragraphs 25 E_minalloc uint16 // Minimum extra paragraphs needed 26 E_maxalloc uint16 // Maximum extra paragraphs needed 27 E_ss uint16 // Initial (relative) SS value 28 E_sp uint16 // Initial SP value 29 E_csum uint16 // Checksum 30 E_ip uint16 // Initial IP value 31 E_cs uint16 // Initial (relative) CS value 32 E_lfarlc uint16 // File address of relocation table 33 E_ovno uint16 // Overlay number 34 E_res [4]uint16 // Reserved words 35 E_oemid uint16 // OEM identifier (for e_oeminfo) 36 E_oeminfo uint16 // OEM information; e_oemid specific 37 E_res2 [10]uint16 // Reserved words 38 E_lfanew int32 // File address of new exe header 39 } 40 41 // File header format 42 type IMAGE_FILE_HEADER struct { 43 Machine uint16 44 NumberOfSections uint16 45 TimeDateStamp uint32 46 PointerToSymbolTable uint32 47 NumberOfSymbols uint32 48 SizeOfOptionalHeader uint16 49 Characteristics uint16 50 } 51 52 const ( 53 IMAGE_SIZEOF_FILE_HEADER = 20 54 55 IMAGE_FILE_RELOCS_STRIPPED = 0x0001 // Relocation info stripped from file. 56 IMAGE_FILE_EXECUTABLE_IMAGE = 0x0002 // File is executable (i.e. no unresolved external references). 57 IMAGE_FILE_LINE_NUMS_STRIPPED = 0x0004 // Line nunbers stripped from file. 58 IMAGE_FILE_LOCAL_SYMS_STRIPPED = 0x0008 // Local symbols stripped from file. 59 IMAGE_FILE_AGGRESIVE_WS_TRIM = 0x0010 // Aggressively trim working set 60 IMAGE_FILE_LARGE_ADDRESS_AWARE = 0x0020 // App can handle >2gb addresses 61 IMAGE_FILE_BYTES_REVERSED_LO = 0x0080 // Bytes of machine word are reversed. 62 IMAGE_FILE_32BIT_MACHINE = 0x0100 // 32 bit word machine. 63 IMAGE_FILE_DEBUG_STRIPPED = 0x0200 // Debugging info stripped from file in .DBG file 64 IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP = 0x0400 // If Image is on removable media, copy and run from the swap file. 65 IMAGE_FILE_NET_RUN_FROM_SWAP = 0x0800 // If Image is on Net, copy and run from the swap file. 66 IMAGE_FILE_SYSTEM = 0x1000 // System File. 67 IMAGE_FILE_DLL = 0x2000 // File is a DLL. 68 IMAGE_FILE_UP_SYSTEM_ONLY = 0x4000 // File should only be run on a UP machine 69 IMAGE_FILE_BYTES_REVERSED_HI = 0x8000 // Bytes of machine word are reversed. 70 71 IMAGE_FILE_MACHINE_UNKNOWN = 0 72 IMAGE_FILE_MACHINE_TARGET_HOST = 0x0001 // Useful for indicating we want to interact with the host and not a WoW guest. 73 IMAGE_FILE_MACHINE_I386 = 0x014c // Intel 386. 74 IMAGE_FILE_MACHINE_R3000 = 0x0162 // MIPS little-endian, 0x160 big-endian 75 IMAGE_FILE_MACHINE_R4000 = 0x0166 // MIPS little-endian 76 IMAGE_FILE_MACHINE_R10000 = 0x0168 // MIPS little-endian 77 IMAGE_FILE_MACHINE_WCEMIPSV2 = 0x0169 // MIPS little-endian WCE v2 78 IMAGE_FILE_MACHINE_ALPHA = 0x0184 // Alpha_AXP 79 IMAGE_FILE_MACHINE_SH3 = 0x01a2 // SH3 little-endian 80 IMAGE_FILE_MACHINE_SH3DSP = 0x01a3 81 IMAGE_FILE_MACHINE_SH3E = 0x01a4 // SH3E little-endian 82 IMAGE_FILE_MACHINE_SH4 = 0x01a6 // SH4 little-endian 83 IMAGE_FILE_MACHINE_SH5 = 0x01a8 // SH5 84 IMAGE_FILE_MACHINE_ARM = 0x01c0 // ARM Little-Endian 85 IMAGE_FILE_MACHINE_THUMB = 0x01c2 // ARM Thumb/Thumb-2 Little-Endian 86 IMAGE_FILE_MACHINE_ARMNT = 0x01c4 // ARM Thumb-2 Little-Endian 87 IMAGE_FILE_MACHINE_AM33 = 0x01d3 88 IMAGE_FILE_MACHINE_POWERPC = 0x01F0 // IBM PowerPC Little-Endian 89 IMAGE_FILE_MACHINE_POWERPCFP = 0x01f1 90 IMAGE_FILE_MACHINE_IA64 = 0x0200 // Intel 64 91 IMAGE_FILE_MACHINE_MIPS16 = 0x0266 // MIPS 92 IMAGE_FILE_MACHINE_ALPHA64 = 0x0284 // ALPHA64 93 IMAGE_FILE_MACHINE_MIPSFPU = 0x0366 // MIPS 94 IMAGE_FILE_MACHINE_MIPSFPU16 = 0x0466 // MIPS 95 IMAGE_FILE_MACHINE_AXP64 = IMAGE_FILE_MACHINE_ALPHA64 96 IMAGE_FILE_MACHINE_TRICORE = 0x0520 // Infineon 97 IMAGE_FILE_MACHINE_CEF = 0x0CEF 98 IMAGE_FILE_MACHINE_EBC = 0x0EBC // EFI Byte Code 99 IMAGE_FILE_MACHINE_AMD64 = 0x8664 // AMD64 (K8) 100 IMAGE_FILE_MACHINE_M32R = 0x9041 // M32R little-endian 101 IMAGE_FILE_MACHINE_ARM64 = 0xAA64 // ARM64 Little-Endian 102 IMAGE_FILE_MACHINE_CEE = 0xC0EE 103 ) 104 105 // Directory format 106 type IMAGE_DATA_DIRECTORY struct { 107 VirtualAddress uint32 108 Size uint32 109 } 110 111 const IMAGE_NUMBEROF_DIRECTORY_ENTRIES = 16 112 113 type IMAGE_NT_HEADERS struct { 114 Signature uint32 115 FileHeader IMAGE_FILE_HEADER 116 OptionalHeader IMAGE_OPTIONAL_HEADER 117 } 118 119 func (ntheader *IMAGE_NT_HEADERS) Sections() []IMAGE_SECTION_HEADER { 120 return (*[0xffff]IMAGE_SECTION_HEADER)(unsafe.Pointer( 121 (uintptr)(unsafe.Pointer(ntheader)) + 122 unsafe.Offsetof(ntheader.OptionalHeader) + 123 uintptr(ntheader.FileHeader.SizeOfOptionalHeader)))[:ntheader.FileHeader.NumberOfSections] 124 } 125 126 const ( 127 IMAGE_DIRECTORY_ENTRY_EXPORT = 0 // Export Directory 128 IMAGE_DIRECTORY_ENTRY_IMPORT = 1 // Import Directory 129 IMAGE_DIRECTORY_ENTRY_RESOURCE = 2 // Resource Directory 130 IMAGE_DIRECTORY_ENTRY_EXCEPTION = 3 // Exception Directory 131 IMAGE_DIRECTORY_ENTRY_SECURITY = 4 // Security Directory 132 IMAGE_DIRECTORY_ENTRY_BASERELOC = 5 // Base Relocation Table 133 IMAGE_DIRECTORY_ENTRY_DEBUG = 6 // Debug Directory 134 IMAGE_DIRECTORY_ENTRY_COPYRIGHT = 7 // (X86 usage) 135 IMAGE_DIRECTORY_ENTRY_ARCHITECTURE = 7 // Architecture Specific Data 136 IMAGE_DIRECTORY_ENTRY_GLOBALPTR = 8 // RVA of GP 137 IMAGE_DIRECTORY_ENTRY_TLS = 9 // TLS Directory 138 IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG = 10 // Load Configuration Directory 139 IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT = 11 // Bound Import Directory in headers 140 IMAGE_DIRECTORY_ENTRY_IAT = 12 // Import Address Table 141 IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT = 13 // Delay Load Import Descriptors 142 IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR = 14 // COM Runtime descriptor 143 ) 144 145 const IMAGE_SIZEOF_SHORT_NAME = 8 146 147 // Section header format 148 type IMAGE_SECTION_HEADER struct { 149 Name [IMAGE_SIZEOF_SHORT_NAME]byte 150 physicalAddressOrVirtualSize uint32 151 VirtualAddress uint32 152 SizeOfRawData uint32 153 PointerToRawData uint32 154 PointerToRelocations uint32 155 PointerToLinenumbers uint32 156 NumberOfRelocations uint16 157 NumberOfLinenumbers uint16 158 Characteristics uint32 159 } 160 161 func (ishdr *IMAGE_SECTION_HEADER) PhysicalAddress() uint32 { 162 return ishdr.physicalAddressOrVirtualSize 163 } 164 165 func (ishdr *IMAGE_SECTION_HEADER) SetPhysicalAddress(addr uint32) { 166 ishdr.physicalAddressOrVirtualSize = addr 167 } 168 169 func (ishdr *IMAGE_SECTION_HEADER) VirtualSize() uint32 { 170 return ishdr.physicalAddressOrVirtualSize 171 } 172 173 func (ishdr *IMAGE_SECTION_HEADER) SetVirtualSize(addr uint32) { 174 ishdr.physicalAddressOrVirtualSize = addr 175 } 176 177 const ( 178 // Section characteristics. 179 IMAGE_SCN_TYPE_REG = 0x00000000 // Reserved. 180 IMAGE_SCN_TYPE_DSECT = 0x00000001 // Reserved. 181 IMAGE_SCN_TYPE_NOLOAD = 0x00000002 // Reserved. 182 IMAGE_SCN_TYPE_GROUP = 0x00000004 // Reserved. 183 IMAGE_SCN_TYPE_NO_PAD = 0x00000008 // Reserved. 184 IMAGE_SCN_TYPE_COPY = 0x00000010 // Reserved. 185 186 IMAGE_SCN_CNT_CODE = 0x00000020 // Section contains code. 187 IMAGE_SCN_CNT_INITIALIZED_DATA = 0x00000040 // Section contains initialized data. 188 IMAGE_SCN_CNT_UNINITIALIZED_DATA = 0x00000080 // Section contains uninitialized data. 189 190 IMAGE_SCN_LNK_OTHER = 0x00000100 // Reserved. 191 IMAGE_SCN_LNK_INFO = 0x00000200 // Section contains comments or some other type of information. 192 IMAGE_SCN_TYPE_OVER = 0x00000400 // Reserved. 193 IMAGE_SCN_LNK_REMOVE = 0x00000800 // Section contents will not become part of image. 194 IMAGE_SCN_LNK_COMDAT = 0x00001000 // Section contents comdat. 195 IMAGE_SCN_MEM_PROTECTED = 0x00004000 // Obsolete. 196 IMAGE_SCN_NO_DEFER_SPEC_EXC = 0x00004000 // Reset speculative exceptions handling bits in the TLB entries for this section. 197 IMAGE_SCN_GPREL = 0x00008000 // Section content can be accessed relative to GP 198 IMAGE_SCN_MEM_FARDATA = 0x00008000 199 IMAGE_SCN_MEM_SYSHEAP = 0x00010000 // Obsolete. 200 IMAGE_SCN_MEM_PURGEABLE = 0x00020000 201 IMAGE_SCN_MEM_16BIT = 0x00020000 202 IMAGE_SCN_MEM_LOCKED = 0x00040000 203 IMAGE_SCN_MEM_PRELOAD = 0x00080000 204 205 IMAGE_SCN_ALIGN_1BYTES = 0x00100000 // 206 IMAGE_SCN_ALIGN_2BYTES = 0x00200000 // 207 IMAGE_SCN_ALIGN_4BYTES = 0x00300000 // 208 IMAGE_SCN_ALIGN_8BYTES = 0x00400000 // 209 IMAGE_SCN_ALIGN_16BYTES = 0x00500000 // Default alignment if no others are specified. 210 IMAGE_SCN_ALIGN_32BYTES = 0x00600000 // 211 IMAGE_SCN_ALIGN_64BYTES = 0x00700000 // 212 IMAGE_SCN_ALIGN_128BYTES = 0x00800000 // 213 IMAGE_SCN_ALIGN_256BYTES = 0x00900000 // 214 IMAGE_SCN_ALIGN_512BYTES = 0x00A00000 // 215 IMAGE_SCN_ALIGN_1024BYTES = 0x00B00000 // 216 IMAGE_SCN_ALIGN_2048BYTES = 0x00C00000 // 217 IMAGE_SCN_ALIGN_4096BYTES = 0x00D00000 // 218 IMAGE_SCN_ALIGN_8192BYTES = 0x00E00000 // 219 IMAGE_SCN_ALIGN_MASK = 0x00F00000 220 221 IMAGE_SCN_LNK_NRELOC_OVFL = 0x01000000 // Section contains extended relocations. 222 IMAGE_SCN_MEM_DISCARDABLE = 0x02000000 // Section can be discarded. 223 IMAGE_SCN_MEM_NOT_CACHED = 0x04000000 // Section is not cachable. 224 IMAGE_SCN_MEM_NOT_PAGED = 0x08000000 // Section is not pageable. 225 IMAGE_SCN_MEM_SHARED = 0x10000000 // Section is shareable. 226 IMAGE_SCN_MEM_EXECUTE = 0x20000000 // Section is executable. 227 IMAGE_SCN_MEM_READ = 0x40000000 // Section is readable. 228 IMAGE_SCN_MEM_WRITE = 0x80000000 // Section is writeable. 229 230 // TLS Characteristic Flags 231 IMAGE_SCN_SCALE_INDEX = 0x00000001 // Tls index is scaled. 232 ) 233 234 // Based relocation format 235 type IMAGE_BASE_RELOCATION struct { 236 VirtualAddress uint32 237 SizeOfBlock uint32 238 } 239 240 const ( 241 IMAGE_REL_BASED_ABSOLUTE = 0 242 IMAGE_REL_BASED_HIGH = 1 243 IMAGE_REL_BASED_LOW = 2 244 IMAGE_REL_BASED_HIGHLOW = 3 245 IMAGE_REL_BASED_HIGHADJ = 4 246 IMAGE_REL_BASED_MACHINE_SPECIFIC_5 = 5 247 IMAGE_REL_BASED_RESERVED = 6 248 IMAGE_REL_BASED_MACHINE_SPECIFIC_7 = 7 249 IMAGE_REL_BASED_MACHINE_SPECIFIC_8 = 8 250 IMAGE_REL_BASED_MACHINE_SPECIFIC_9 = 9 251 IMAGE_REL_BASED_DIR64 = 10 252 253 IMAGE_REL_BASED_IA64_IMM64 = 9 254 255 IMAGE_REL_BASED_MIPS_JMPADDR = 5 256 IMAGE_REL_BASED_MIPS_JMPADDR16 = 9 257 258 IMAGE_REL_BASED_ARM_MOV32 = 5 259 IMAGE_REL_BASED_THUMB_MOV32 = 7 260 ) 261 262 // Export Format 263 type IMAGE_EXPORT_DIRECTORY struct { 264 Characteristics uint32 265 TimeDateStamp uint32 266 MajorVersion uint16 267 MinorVersion uint16 268 Name uint32 269 Base uint32 270 NumberOfFunctions uint32 271 NumberOfNames uint32 272 AddressOfFunctions uint32 // RVA from base of image 273 AddressOfNames uint32 // RVA from base of image 274 AddressOfNameOrdinals uint32 // RVA from base of image 275 } 276 277 type IMAGE_IMPORT_BY_NAME struct { 278 Hint uint16 279 Name [1]byte 280 } 281 282 func IMAGE_ORDINAL(ordinal uintptr) uintptr { 283 return ordinal & 0xffff 284 } 285 286 func IMAGE_SNAP_BY_ORDINAL(ordinal uintptr) bool { 287 return (ordinal & IMAGE_ORDINAL_FLAG) != 0 288 } 289 290 // Thread Local Storage 291 type IMAGE_TLS_DIRECTORY struct { 292 StartAddressOfRawData uintptr 293 EndAddressOfRawData uintptr 294 AddressOfIndex uintptr // PDWORD 295 AddressOfCallbacks uintptr // PIMAGE_TLS_CALLBACK *; 296 SizeOfZeroFill uint32 297 Characteristics uint32 298 } 299 300 type IMAGE_IMPORT_DESCRIPTOR struct { 301 characteristicsOrOriginalFirstThunk uint32 // 0 for terminating null import descriptor 302 // RVA to original unbound IAT (PIMAGE_THUNK_DATA) 303 TimeDateStamp uint32 // 0 if not bound, 304 // -1 if bound, and real date\time stamp 305 // in IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT (new BIND) 306 // O.W. date/time stamp of DLL bound to (Old BIND) 307 ForwarderChain uint32 // -1 if no forwarders 308 Name uint32 309 FirstThunk uint32 // RVA to IAT (if bound this IAT has actual addresses) 310 } 311 312 func (imgimpdesc *IMAGE_IMPORT_DESCRIPTOR) Characteristics() uint32 { 313 return imgimpdesc.characteristicsOrOriginalFirstThunk 314 } 315 316 func (imgimpdesc *IMAGE_IMPORT_DESCRIPTOR) OriginalFirstThunk() uint32 { 317 return imgimpdesc.characteristicsOrOriginalFirstThunk 318 } 319 320 const ( 321 DLL_PROCESS_ATTACH = 1 322 DLL_THREAD_ATTACH = 2 323 DLL_THREAD_DETACH = 3 324 DLL_PROCESS_DETACH = 0 325 ) 326 327 type SYSTEM_INFO struct { 328 ProcessorArchitecture uint16 329 Reserved uint16 330 PageSize uint32 331 MinimumApplicationAddress uintptr 332 MaximumApplicationAddress uintptr 333 ActiveProcessorMask uintptr 334 NumberOfProcessors uint32 335 ProcessorType uint32 336 AllocationGranularity uint32 337 ProcessorLevel uint16 338 ProcessorRevision uint16 339 }