KernelRelocate is one of the most interesting function I found in WinCE. Frankly, I am feeling happy to share the details and how exactly it works.
The pTOC variable is in nk.exe which is feed by ROMIMAGE
This function copies all the copy entries described by the pTOC to RAM. The process of changing an EXE or DLL program file after it has been loaded to reflect the actual load address is called “fixing up”. The variable pTOC actually have information about all dll and exe and where it has to be relocated. It know where RAM starts as ROMIMAGE use config.bib to feed the information. The information is feed by ROMIMAGE tool.
There is basic requirement of the relocation that when nk.exe call any of the dll or exe. It actually calls at RAM location to execution function instead of where it was copied by steploader. Also a steploader just copied data bit by bit although that is RAM. But NK.exe always access different address.
This is actually what is happening. pTOC variable have every information about RAM and where the dll and exe is lie in.
- //
- // KernelRelocate: move global variables to RAM
- //
- static BOOL KernelRelocate (ROMHDR *const pTOC)
- {
- ULONG loop;
- COPYentry *cptr;
- if (pTOC == (ROMHDR *const) -1) {
- return FALSE; // spin forever!
- }
- // This is where the data sections become valid... don't read globals until after this
- for (loop = 0; loop <>ulCopyEntries; loop++) {
- cptr = (COPYentry *)(pTOC->ulCopyOffset + loop*sizeof(COPYentry));
- if (cptr->ulCopyLen)
- memcpy((LPVOID)cptr->ulDest,(LPVOID)cptr->ulSource,cptr->ulCopyLen);
- if (cptr->ulCopyLen != cptr->ulDestLen)
- memset((LPVOID)(cptr->ulDest+cptr->ulCopyLen),0,cptr->ulDestLen-cptr->ulCopyLen);
- }
- return TRUE;
- }
Good Post, widen the code portion on the screen so it can be read. Add a bit more explanation.
ReplyDeleteBijan G.