RFC: Add initial support for .NET Core dlls to objdump
Omair Majid
omajid@redhat.com
Wed Jun 26 18:54:00 GMT 2019
Hi,
Recent versions of .NET Core ship with some dll (PE/COFF) files that
can't be parsed by objdump:
$ objdump -x /usr/lib64/dotnet/shared/Microsoft.NETCore.App/2.1.11/System.dll
objdump: /usr/lib64/dotnet/shared/Microsoft.NETCore.App/2.1.11/System.dll: file format not recognized
It seems like these files have a slightly different value for the
IMAGE_FILE_HEADER.Machine field than normal dlls. In particular, the "normal"
architecture-based magic value is XOR'ed with an OS-specific value to get the
final magic value. [1]
Allowing the new magic values lets objdump get started:
$ ~/local/binutils/bin/objdump -x dotnet/shared/Microsoft.NETCore.App/2.1.11/System.Runtime.dll
dotnet/shared/Microsoft.NETCore.App/2.1.11/System.Runtime.dll: file format pei-x86-64
dotnet/shared/Microsoft.NETCore.App/2.1.11/System.Runtime.dll
architecture: i386:x86-64, flags 0x0000012f:
HAS_RELOC, EXEC_P, HAS_LINENO, HAS_DEBUG, HAS_LOCALS, D_PAGED
Characteristics 0x2022
executable
large address aware
DLL
Time/Date Wed Jun 5 14:49:41 2019
Magic 020b (PE32+)
...
Some open questions:
0. Should this "non-stanard" magic field in the dll be exposed somewhere
in the objdump UI?
1. Should I add tests for these? If so, any pointers on how to do that?
2. I added the new flags for architecture/OS combination for the binaries I
could find. Should I try and find out what the magic flags for other
architecture/OS combinations (bsds? arm64?) are? Even if I don't have
access to binary dlls that demonstrate this?
3. Since this touches shared code, do I need to have this patch reviewed
elsewhere too?
This is my first patch for binutils, so I would appreciate it someone can tell
me about any other mistakes I am making (or about to make) :)
Thanks,
Omair
[1] https://github.com/jbevain/cecil/issues/337
--
PGP Key: B157A9F0 (http://pgp.mit.edu/)
Fingerprint = 9DB5 2F0B FD3E C239 E108 E7BD DF99 7AF8 B157 A9F0
-------------- next part --------------
>From 29de65f827fe804a87dda340091d1c3f7c81f5df Mon Sep 17 00:00:00 2001
From: Omair Majid <omajid@redhat.com>
Date: Tue, 25 Jun 2019 18:03:42 -0400
Subject: [PATCH] Handle some pe files generated by .NET
The System.Runtime.dll files that get shipped with .NET Core 2.1 on
different platforms demonstrate original the problem:
$ objdump -x dotnet/shared/Microsoft.NETCore.App/2.1.11/System.Runtime.dll
objdump: dotnet/shared/Microsoft.NETCore.App/2.1.11/System.Runtime.dll: file format not recognized
After this fix:
$ ~/local/binutils/bin/objdump -x dotnet/shared/Microsoft.NETCore.App/2.1.11/System.Runtime.dll
dotnet/shared/Microsoft.NETCore.App/2.1.11/System.Runtime.dll: file format pei-x86-64
dotnet/shared/Microsoft.NETCore.App/2.1.11/System.Runtime.dll
architecture: i386:x86-64, flags 0x0000012f:
HAS_RELOC, EXEC_P, HAS_LINENO, HAS_DEBUG, HAS_LOCALS, D_PAGED
Characteristics 0x2022
executable
large address aware
DLL
Time/Date Wed Jun 5 14:49:41 2019
Magic 020b (PE32+)
...
These PE files are regular PE/COFF files but have a different value for
IMAGE_FILE_HEADER.Machine to indicate it contains a native image that
targets a non-Windows platform. This value is OS dependent and varies
across systems (linux vs netbsd vs macos).
---
bfd/ChangeLog | 6 ++++++
bfd/coffcode.h | 4 ++++
include/ChangeLog | 11 +++++++++++
include/coff/i386.h | 6 ++++++
include/coff/pe.h | 3 +++
include/coff/x86_64.h | 8 +++++++-
6 files changed, 37 insertions(+), 1 deletion(-)
diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index 0783242758..a0710531ac 100644
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,3 +1,9 @@
+2019-06-26 Omair Majid <omajid@redhat.com>
+
+ * coffcode.h (coff_set_arch_mach_hook): Handle
+ I386_NATIVE_LINUX_MAGIC, I386_NATIVE_APPLE_MAGIC,
+ AMD64_NATIVE_LINUX_MAGIC and AMD64_NATIVE_LINUX_MAGIC.
+
2019-06-25 Jan Beulich <jbeulich@suse.com>
* elf-properties.c (elf_find_and_remove_property): Rename last
diff --git a/bfd/coffcode.h b/bfd/coffcode.h
index c67bfbb0e6..94f0bacc4a 100644
--- a/bfd/coffcode.h
+++ b/bfd/coffcode.h
@@ -2104,6 +2104,8 @@ coff_set_arch_mach_hook (bfd *abfd, void * filehdr)
#endif
#ifdef I386MAGIC
case I386MAGIC:
+ case I386_NATIVE_LINUX_MAGIC:
+ case I386_NATIVE_APPLE_MAGIC:
case I386PTXMAGIC:
case I386AIXMAGIC: /* Danbury PS/2 AIX C Compiler. */
case LYNXCOFFMAGIC:
@@ -2112,6 +2114,8 @@ coff_set_arch_mach_hook (bfd *abfd, void * filehdr)
#endif
#ifdef AMD64MAGIC
case AMD64MAGIC:
+ case AMD64_NATIVE_LINUX_MAGIC:
+ case AMD64_NATIVE_APPLE_MAGIC:
arch = bfd_arch_i386;
machine = bfd_mach_x86_64;
break;
diff --git a/include/ChangeLog b/include/ChangeLog
index 81b6670668..cf841f74f5 100644
--- a/include/ChangeLog
+++ b/include/ChangeLog
@@ -1,3 +1,14 @@
+2019-06-26 Omair Majid <omajid@redhat.com>
+
+ * coff/pe.h (IMAGE_FILE_MACHINE_NATIVE_LINUX_OVERRIDE),
+ (IMAGE_FILE_MACHINE_NATIVE_APPLE_OVERRIDE): Define.
+ * coff/i386.h (I386_NATIVE_LINUX_MAGIC),
+ (I386_NATIVE_APPLE_MAGIC): Define.
+ (I386BADMAG): Extend to include the above.
+ * coff/x86_64.h (AMD64_NATIVE_LINUX_MAGIC),
+ (AMD64_NATIVE_APPLE_MAGIC): Define.
+ (AMD64BADMAG): Extend to include the above.
+
2019-06-19 Nick Alcock <nick.alcock@oracle.com>
* ctf.h (ctf_slice_t): Make cts_offset and cts_bits unsigned
diff --git a/include/coff/i386.h b/include/coff/i386.h
index 1d2ccff6f7..2879072b3d 100644
--- a/include/coff/i386.h
+++ b/include/coff/i386.h
@@ -43,7 +43,13 @@
#define LYNXCOFFMAGIC 0415
+/* Used in .NET DLLs that target non-Windows platforms */
+#define I386_NATIVE_LINUX_MAGIC (I386MAGIC ^ IMAGE_FILE_MACHINE_NATIVE_LINUX_OVERRIDE)
+#define I386_NATIVE_APPLE_MAGIC (I386MAGIC ^ IMAGE_FILE_MACHINE_NATIVE_APPLE_OVERRIDE)
+
#define I386BADMAG(x) ( ((x).f_magic != I386MAGIC) \
+ && (x).f_magic != I386_NATIVE_LINUX_MAGIC \
+ && (x).f_magic != I386_NATIVE_APPLE_MAGIC \
&& (x).f_magic != I386AIXMAGIC \
&& (x).f_magic != I386PTXMAGIC \
&& (x).f_magic != LYNXCOFFMAGIC)
diff --git a/include/coff/pe.h b/include/coff/pe.h
index 85cc331831..c401586b2e 100644
--- a/include/coff/pe.h
+++ b/include/coff/pe.h
@@ -158,6 +158,9 @@
#define IMAGE_FILE_MACHINE_WCEMIPSV2 0x0169
#define IMAGE_FILE_MACHINE_AMD64 0x8664
+#define IMAGE_FILE_MACHINE_NATIVE_LINUX_OVERRIDE 0x7b79
+#define IMAGE_FILE_MACHINE_NATIVE_APPLE_OVERRIDE 0x4644
+
#define IMAGE_SUBSYSTEM_UNKNOWN 0
#define IMAGE_SUBSYSTEM_NATIVE 1
#define IMAGE_SUBSYSTEM_WINDOWS_GUI 2
diff --git a/include/coff/x86_64.h b/include/coff/x86_64.h
index 3d0e6f085d..74947dc5c5 100644
--- a/include/coff/x86_64.h
+++ b/include/coff/x86_64.h
@@ -28,8 +28,14 @@
#define COFF_PAGE_SIZE 0x1000
#define AMD64MAGIC 0x8664
+/* Used in .NET DLLs that target non-Windows platforms */
+#define AMD64_NATIVE_LINUX_MAGIC (AMD64MAGIC ^ IMAGE_FILE_MACHINE_NATIVE_LINUX_OVERRIDE)
+#define AMD64_NATIVE_APPLE_MAGIC (AMD64MAGIC ^ IMAGE_FILE_MACHINE_NATIVE_APPLE_OVERRIDE)
+
+#define AMD64BADMAG(x) (((x).f_magic != AMD64MAGIC) \
+ && ((x).f_magic != AMD64_NATIVE_LINUX_MAGIC) \
+ && ((x).f_magic != AMD64_NATIVE_APPLE_MAGIC))
-#define AMD64BADMAG(x) ((x).f_magic != AMD64MAGIC)
#define IMAGE_NT_OPTIONAL_HDR64_MAGIC 0x20b
#define OMAGIC 0404 /* Object files, eg as output. */
--
2.21.0
More information about the Binutils
mailing list