-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathxcoff64.ksy
422 lines (422 loc) · 8.89 KB
/
xcoff64.ksy
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
meta:
id: xcoff64
endian: be
doc-ref: https://www.ibm.com/docs/en/aix/7.2?topic=formats-xcoff-object-file-format
seq:
- id: header
type: header
- id: auxiliary_header
type: auxiliary_header
- id: hpad0 # TODO
type: u8
- id: hpad1
type: u2
- id: section_headers
type: section_header
size: 72
repeat: expr
repeat-expr: header.f_nscns
types:
header:
seq:
- id: f_magic
size: 2
contents: [0x01,0xf7]
- id: f_nscns
type: u2
- id: f_timdat
type: u4
- id: f_symptr
type: u8
- id: f_opthdr
type: u2
- id: f_flags
type: u2
- id: f_nsyms
type: u4
auxiliary_header:
seq:
- id: o_mflag
type: u2
- id: o_vstamp
type: u2
- id: o_debugger
type: u4
- id: o_text_start
type: u8
- id: o_data_start
type: u8
- id: o_toc
type: u8
- id: o_snentry
type: u2
- id: o_sntext
type: u2
- id: o_sndata
type: u2
- id: o_sntoc
type: u2
- id: o_snloader
type: u2
- id: o_snbss
type: u2
- id: o_algntext
type: u2
- id: o_algndata
type: u2
- id: o_modtype
type: u2
- id: o_cpuflag
type: u1
- id: o_cputype
type: u1
- id: o_textpsize
type: u1
- id: o_datapsize
type: u1
- id: o_stackpsize # Documentation mismatch! This can't be at the same offset as o_datapsize!
type: u1
- id: o_flags
type: u1
- id: o_tsize
type: u8
- id: o_dsize
type: u8
- id: o_bsize
type: u8
- id: o_entry
type: u8
- id: o_maxstack
type: u8
- id: o_maxdata
type: u8
- id: o_sntdata
type: u2
- id: o_sntbss
type: u2
- id: o_x64flags
type: u2
section_header:
seq:
- id: s_name
type: strz
encoding: ASCII
size: 8
- id: s_paddr
type: u8
- id: s_vaddr
type: u8
- id: s_size
type: u8
- id: s_scnptr
type: u8
- id: s_relptr
type: u8
- id: s_lnnoptr
type: u8
- id: s_nreloc
type: u4
- id: s_nlnno
type: u4
- id: s_flags_dwraf # Need to split this u4 so we can switch() on the value in Java
type: u2
- id: s_flags
type: u2
- id: spad # See : https://go.googlesource.com/go/+/go1.16.2/src/internal/xcoff/xcoff.go
type: u4
instances:
subsection:
io: _root._io
pos: s_scnptr
size: s_size
type:
switch-on: s_flags # TODO need an enum or something... https://github.com/kaitai-io/kaitai_struct/issues/597
cases:
0x1000: loader_section
_ : common_section
if: s_scnptr != 0
body:
io: _root._io
pos: s_scnptr
size: s_size
if: s_scnptr != 0
relocation_table:
io: _root._io
pos: s_relptr
type: section_relocation_table
enums:
section_flags: # "The low-order 16 bits specify the primary section type. Only a single bit should be set in the low-order 16 bits."
0x0: styp_reserved0
0x1: styp_reserved1
0x2: styp_reserved2
0x4: styp_reserved4
0x8: styp_pad
0x10: styp_dwarf
0x20: styp_text
0x40: styp_data
0x80: styp_bss
0x100: styp_except
0x200: styp_info
0x400: styp_tdata
0x800: styp_tbss
0x1000: styp_loader
0x2000: styp_debug
0x4000: styp_typchk
0x8000: styp_ovrflo
file_symbol_table:
seq:
- id: symbol_entries
type: file_symbol_entry
repeat: eos
file_symbol_entry:
seq:
- id: n_value
type: u8
- id: n_offset
type: u4
- id: n_scnum
type: u2
- id: n_type
type: u2
- id: n_sclass
type: u1
- id: n_numaux
type: u1
- id: aux_entries
type: file_aux_sym_entry_dummy
repeat: expr
repeat-expr: n_numaux
file_aux_sym_entry_dummy:
seq:
- id: dummy
size: 18
file_aux_sym_entry_file:
seq:
- id: dummy # TODO This section of the docs is messed up
size: 18
file_aux_sym_entry_csect:
seq:
- id: x_sclen_lo
type: u4
- id: x_parmhash
type: u4
- id: x_snhash
type: u2
- id: x_smtyp
type: u1
- id: x_smclass
type: u1
- id: x_sclen_hi
type: u1
- id: padding
type: u1
- id: x_auxtype
type: u1
file_aux_sym_entry_function:
seq:
- id: x_lnnoptr
type: u8
- id: x_fsize
type: u4
- id: x_endndx
type: u4
- id: padding
type: u1
- id: x_auxtype
type: u1
file_aux_sym_entry_exception:
seq:
- id: x_exptr
type: u8
- id: x_fize
type: u4
- id: x_endndx
type: u4
- id: padding
type: u1
- id: x_auxtype
type: u1
file_aux_sym_entry_block:
seq:
- id: x_lnno
type: u4
- id: reserved
size: 13
- id: x_auxtype
type: u1
file_aux_sym_entry_section:
seq:
- id: x_sclen
type: u4
- id: x_nreloc
type: u2
- id: x_nlinno
type: u2
- id: reserved
size: 10
symbol_table:
seq:
- id: symbol_entries
type: symbol_entry
repeat: expr
repeat-expr: _parent.l_nsyms
string_table:
seq:
- id: string_entries
type: string_entry
repeat: eos
string_entry:
seq:
- id: strlen
type: u2
- id: str
type: strz
encoding: ASCII
size: strlen
symbol_entry:
seq:
- id: l_value
type: u8
- id: l_nameptr
type: symbol_name
size: 4
- id: l_scnum
type: u2
- id: l_smtype
type: symbol_type
- id: l_smclas
type: u1
- id: l_ifile
type: u4
- id: l_param
type: u4
symbol_name:
seq:
- id: l_offset
type: u4
instances:
l_strname:
io: _parent._parent._parent.l_string_table._io
pos: l_offset
type: strz
encoding: ASCII
symbol_type:
seq:
- id: sym_reserved0
type: b1
- id: sym_imported
type: b1
- id: sym_entrypoint
type: b1
- id: sym_exported
type: b1
- id: sym_weak
type: b1
- id: sym_type
type: b3
import_table:
seq:
- id: import_entries
type: import_entry
repeat: expr
repeat-expr: _parent.l_nimpid
import_entry:
seq:
- id: l_impidpath
type: strz
encoding: ASCII
- id: l_impidbase
type: strz
encoding: ASCII
- id: l_impidmem
type: strz
encoding: ASCII
loader_relocation_table:
seq:
- id: relocation_entries
type: loader_relocation_entry
repeat: expr
repeat-expr: _parent.l_nreloc
section_relocation_table:
seq:
- id: relocation_entries
type: relocation_entry
repeat: expr
repeat-expr: _parent.s_nreloc
loader_relocation_entry:
seq:
- id: l_vaddr
type: u8
- id: l_value
type: u2
- id: l_rsecnm
type: u2
- id: l_symndx
type: u4
- id: l_rtype # TODO
type: u4
relocation_entry:
seq:
- id: r_vaddr
type: u8
- id: r_symndx
type: u4
- id: r_size
type: u1
- id: r_rtype
type: u1
loader_section:
seq:
- id: l_version
type: u4
- id: l_nsyms
type: u4
- id: l_nreloc
type: u4
- id: l_istlen
type: u4
- id: l_nimpid
type: u4
- id: l_stlen
type: u4
- id: l_impoff
type: u8
- id: l_stoff
type: u8
- id: l_symoff
type: u8
#- id: l_dummy0 # 16 byte gap according to docs, but I don't get sensible results
# type: u8
#- id: l_dummy1
# type: u8
- id: l_rldoff
type: u4
instances:
l_symbol_table:
io: _io
pos: l_symoff
type: symbol_table
l_string_table:
io: _io
pos: l_stoff
type: string_table
size: l_stlen
l_import_table:
io: _io
pos: l_impoff
type: import_table
l_reloc_table:
io: _io
pos: l_rldoff
type: loader_relocation_table
if: l_rldoff != 0
common_section:
seq:
- id: body
size: _parent.s_size
instances:
symbol_table:
io: _io
pos: header.f_symptr
type: file_symbol_table
size: header.f_nsyms*18 # Symbol entries and aux. entries are always 18 bytes long