flat assembler
Message board for the users of flat assembler.
Index
> OS Construction > UEFI PECOFF real specs? |
Author |
|
bitRAKE 12 Apr 2022, 19:20
AFAIK the lowest valid PE address is 0x10000. The UEFI spec just defers to PE spec in this regard - MS was on the committee.
32-bit code has a default load address of 0x40'0000 64-bit code defaults to 0x1'4000'0000 (Although I haven't experienced it, wouldn't surprise me if some BIOS assumed images always have this base.) There are technical reasons. Some conventions are not spelled out in the specification, afaik. The 0x200 is probably due to the default alignment being sector size. So, the header load would be a single sector and following sections would be greater than that. _________________ ¯\(°_o)/¯ “languages are not safe - uses can be” Bjarne Stroustrup |
|||
12 Apr 2022, 19:20 |
|
revolution 12 Apr 2022, 19:55
The PE format doesn't have these constraints. It is the implementation, or the CPU, that imposes them.
To enumerate them in the PE spec is not correct because later a different implementation using a different CPU may allow the use of address 0x0000 (or whatever). By convention we use address 0x0000 as a NULL pointer. But this isn't the only choice. For example the Itanium has register tags that allow the use of all addresses as valid and the NULL is an entirely separate tag setting. That is, NULL != 0x0000 in Itanium. In fact NULL != any value. So on an Itanium, with a different BIOS/EFI, addresses from 0x0000 could be used without any issue. |
|||
12 Apr 2022, 19:55 |
|
sylware 13 Apr 2022, 01:41
Then where I can find the contraints for a PE+ exe running in UEFI for x86_64/x64?
I was talking about the RVA (Relative Virtual Address from image_base), not the absolute virtual address. Additionally, there are contradictions: for instance the Linux UEFI OS loader use 0x20 alignment for the virtual address space and the file, even though what I could find on the net seems to say that 0x200 is a minimum. It is really frustrating, like they provided on purpose actually unusable specs for real implementations... wait... you said microsoft? |
|||
13 Apr 2022, 01:41 |
|
Ali.Z 13 Apr 2022, 03:14
sylware wrote: It is really frustrating, like they provided on purpose actually unusable specs for real implementations... wait... you said microsoft? just because it is a real implementation, it doesn't imply that their engineers are capable or there isn't something else... also as a reminder, microsfot had their agreement with intel since the 80s; so they (microsoft) are the one limiting their software to intel based architectures. (though this is not technically true, as there are some other architectures as well, but that is not the point, the point is they most likely build their specs based on intel architecture) for Zero address, here are some implications, ... bios/uefi rom ... boot code ... translating physical addresses ... among bunch of other things. _________________ Asm For Wise Humans |
|||
13 Apr 2022, 03:14 |
|
sylware 13 Apr 2022, 14:34
I am not looking for excuses here, those are literaly trash specs, microsoft again, period.
Now, I have been reading the official online specs (https://docs.microsoft.com/en-us/windows/win32/debug/pe-format) and linux UEFI Os Loader code. And I managed to find some of the needles I was looking for in this haystack:
I guess I have my answers now. I wonder if I choose a section alignment of 8k and load my sections from RVA 0 (which is specs compliant) what would happen with common UEFI Os Loaders... |
|||
13 Apr 2022, 14:34 |
|
Tomasz Grysztar 13 Apr 2022, 15:26
sylware wrote: And I managed to find some of the needles I was looking for in this haystack |
|||
13 Apr 2022, 15:26 |
|
sylware 13 Apr 2022, 19:44
Yep, thx. That's what I was looking for. You found out most of the needles and put them in your documents.
Back to UEFI: I did try with a SectionAlignment of 8192, and tried to load the '.text'/code section at RVA 0, namely at IMAGE_BASE (with an entry point a bit further down since it cannot be 0). Ofc, the UEFI loader did not accept that, namely only the "special case" of the virtual address space layout = file layout seems accepted. Ofc, I am unable to locate in the latest UEFI specs anything related to this. Maybe I did not try hard enough or my UEFI loader is actually garbage. I did clone tianocore EDK II repo and I am looking for their PECOFF loader code to see if I can get some clues. Last think I do I guess before continuing on my UEFI OS Loader using the "virtual address space layout = file layout" mode. |
|||
13 Apr 2022, 19:44 |
|
sylware 13 Apr 2022, 20:46
from tianocore EDK II, in file MdePkg/Library/BasePeCoffLib/BasePeCoff.c:
Code: // // Section data should bigger than the Pe header. // if ((SectionHeader.VirtualAddress < ImageContext->SizeOfHeaders) || (SectionHeader.PointerToRawData < ImageContext->SizeOfHeaders)) { ImageContext->ImageError = IMAGE_ERROR_UNSUPPORTED; return RETURN_UNSUPPORTED; } This is what I thought: if you try in the virtual address space or in the file to "map a section"/"include a section" below the size of the PECOFF headers, you are toast. It is obvious in the case of the file, but for the virtual address space, well, not at all (very probably some microsoft legacy trash, because I default those guys as guilty untily proven otherwise). I guess and I hope I did enough investigation. I'll stick to the "virtual address space layout" = "file layout" mode enabled with SectionAlignment = FileAlignment < 4KiB (I did check, this value is hardcoded in tianocore EDK II). |
|||
13 Apr 2022, 20:46 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.