From f8ca8c0c008980352c2b3eee6eda21f395bde4cf Mon Sep 17 00:00:00 2001
From: Matthijs Lavrijsen <mattiwatti@gmail.com>
Date: Sat, 30 Jan 2021 04:42:06 +0100
Subject: Use PE runtime function tables for finding function start addresses

---
 EfiGuardDxe/pe.h | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

(limited to 'EfiGuardDxe/pe.h')

diff --git a/EfiGuardDxe/pe.h b/EfiGuardDxe/pe.h
index cf47119..1104dfd 100644
--- a/EfiGuardDxe/pe.h
+++ b/EfiGuardDxe/pe.h
@@ -40,6 +40,8 @@ typedef EFI_IMAGE_EXPORT_DIRECTORY *PEFI_IMAGE_EXPORT_DIRECTORY;
 #define VS_VERSION_INFO									1
 #define VS_FF_DEBUG										(0x00000001L)
 
+#define RUNTIME_FUNCTION_INDIRECT						0x1
+
 #define IMAGE32(NtHeaders) ((NtHeaders)->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC)
 #define IMAGE64(NtHeaders) ((NtHeaders)->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC)
 
@@ -172,6 +174,21 @@ typedef struct _VS_VERSIONINFO
 } VS_VERSIONINFO, *PVS_VERSIONINFO;
 
 
+//
+// Function table entry data
+//
+typedef struct _RUNTIME_FUNCTION
+{
+	UINT32 BeginAddress;
+	UINT32 EndAddress;
+	union
+	{
+		UINT32 UnwindInfoAddress;
+		UINT32 UnwindData;
+	} u;
+} RUNTIME_FUNCTION, *PRUNTIME_FUNCTION;
+
+
 //
 // Function declarations
 //
-- 
cgit v1.2.3