Fork: 0
ajax / AMI-Aptio-BIOS-Reversed
Transfer to URL with SHA Find file
Newer
Older
AMI-Aptio-BIOS-Reversed / PurleyPlatPkg / Ras / AddressTran / AddressTranslationDsmMemRas / AddressTranslationDsmMemRas.md
@Ajax Dong Ajax Dong 2 days ago 4 KB Restructure the repo
Raw Blame History

AddressTranslationDsmMemRas

Function Table

Address Name Description
UefiBootServicesTableLibConstructor
DebugPrint
DebugAssert
IsAddressInSmram
FreeMemory
SetJump
LongJump
AddressTranslationDsmEntry
RegisterSwSmi
SwSmiHandler
InstallSsdt
GetSectionFromFv
ModuleEntryPoint
Global variables
EFI_HANDLE *gImageHandle = NULL;
SMI communication buffer (0x100 bytes allocated via AllocatePool)
ADDRESS_TRANSLATION_DSM_COMMUNICATION_BUFFER *mCommunicationBuffer = NULL;
SMRAM ranges for memory allocation tracking
EFI_SMRAM_DESCRIPTOR *mSmramRanges = NULL;
Module status tracking
EFI_STATUS mModuleStatus = EFI_SUCCESS;
Protocol GUIDs (platform-specific)
EFI_GUID gMemRasProtocolGuid = { 0x6D7E4A32, 0x9A73, 0x46BA, { 0x94, 0xA1, 0x5F, 0x2F, 0x25, 0xEF, 0x3E, 0x29 } };
Locate SMM Base2 protocol to get SMM System Table
Status = gBS->LocateProtocol (&gEfiSmmBase2ProtocolGuid, NULL, (VOID )&gSmst);**
Get SMM Access2 protocol for SMRAM discovery
Status = gBS->LocateProtocol (&gEfiSmmAccess2ProtocolGuid, NULL, (VOID )&SmmAccess);**
Query SMRAM capabilities (expected to return EFI_BUFFER_TOO_SMALL initially)
Status = SmmAccess->GetCapabilities (SmmAccess, &SmramSize, NULL);
Allocate SMRAM ranges descriptor
mSmramRanges = (EFI_SMRAM_DESCRIPTOR *)SmramAllocatePool (SmramSize);
Each descriptor is 0x20 (32) bytes
mSmramRangeCount = SmramSize >> 5;
Check CMOS debug level at offset 0x4C
DebugLevel = IoRead8 (0x70);
Save non-volatile GPRs
Locate MemRas protocol
Status = gSmst->SmmLocateProtocol (&gMemRasProtocolGuid, NULL, (VOID )&mMemRas);**
Allocate communication buffer (sizeof = 0x100 bytes)
Status = gBootServices->AllocatePool (
Register SW SMI handler
Status = RegisterSwSmi ();
Install patched SSDT
Status = InstallSsdt ();
Locate SMM SW Dispatch2 protocol
Status = gSmst->SmmLocateProtocol (
Register SMI handler with input value 0x97 (151)
Store the SW SMI input value in the communication header
If already registered, treat as unsupported
if (Status == EFI_ALREADY_STARTED) {
Check MemRas protocol availability
if (mMemRas == NULL) {
Clear stack buffer
ZeroMem (&Buffer, sizeof (Buffer));
Set status to "in progress" (2)
if (CommBuffer->Command == COMMAND_GET_ERROR_LOG) {
if (CommBuffer->Command == COMMAND_CLEAR_ERROR_LOG) {
Copy input data from communication buffer
CopyMem (&Buffer, (VOID *)(UINTN)CommBuffer->Address0, sizeof (Buffer));
If command succeeded, copy results back with sentinel handling.
Fields are conditionally written: if the output field value equals the
sentinel (-1 for QWORD/DWORD, 0xFF for BYTE), the original value is preserved.
if (CommBuffer->Status == COMMAND_STATUS_SUCCESS) {
Locate ACPI Table protocol
Status = gBootServices->LocateProtocol (
Read SSDT firmware file by GUID from Firmware Volume
Status = GetSectionFromFv (
Search for the SSDT signature pattern to patch.
Offset = (UINTN)SsdtData + 36;
ExtOpPrefix Data[1] == 0x80 && // CreateField/OpRegion
DWordConst Data[12] == 0x0C) { // DWordConst
Patch the buffer address to point to the communication buffer
Install the SSDT ACPI table
Locate firmware volume protocol by image handle
if (gImageHandle == NULL) {
Read the raw file section
Status = FvProtocol->ReadSection (
Initialize boot services and SMM globals
UefiBootServicesTableLibConstructor (ImageHandle, SystemTable);
Set module status to EFI_SUCCESS initially
mModuleStatus = 0x8000000000000001uLL;
Attempt to initialize with SetJump for error recovery
if (SetJump (&JumpBuffer) == 0) {
Update module status if needed
if **(Status >= 0 mModuleStatus < 0) {**
Check final status and free memory if failed
Status = mModuleStatus;

Generated by HR650X BIOS Decompilation Project