Fork: 0
ajax / AMI-Aptio-BIOS-Reversed
Transfer to URL with SHA Find file
Newer
Older
AMI-Aptio-BIOS-Reversed / ExportHiiDb / ExportHiiDb.md
@Ajax Dong Ajax Dong 2 days ago 4 KB Init
Raw Blame History

ExportHiiDb

Function Table

Address Name Description
ReadUnaligned64
CompareGuid
IsCpuInfoHob
GetPlatformCmosType
FormatUnsignedDecimal
StringAppend
FormatCpuInfoLine
GetTotalCpuNumber
ExportHiiDbNotify
ExportHiiDbEntryPoint
Global protocol pointer caches (used by standard UEFI library constructors)
EFI_HANDLE gImageHandle = NULL;
Cached copies for direct access within callbacks
STATIC EFI_SYSTEM_TABLE *mSystemTable = NULL; // 0xe50 SystemTable_0
0xe40 BootServices_0
0xe48 RuntimeServices_0
Vendor GUID for the "HiiDB" UEFI variable
STATIC CONST EFI_GUID mHiiDbVariableGuid =
GUID for the HII database protocol that the notification event listens for
STATIC CONST EFI_GUID mHiiDbProtocolGuid =
Cached protocol interface pointer (lazy-init via GetHiiDbProtocol)
STATIC VOID *mHiiDbProtocol = NULL; // 0xe30 qword_E30
Cached HOB list pointer (lazy-init via GetHobList)
STATIC VOID *mHobList = NULL; // 0xe38 qword_E38
Notification event handle
STATIC EFI_EVENT mNotificationEvent; // returned by CreateEventEx
Return cached pointer if already resolved
if (mHiiDbProtocol != NULL) {
OldTpl = gBS->RaiseTPL (TPL_HIGH_LEVEL); // BS+24 (0x18): RaiseTPL
Only proceed if we were at TPL_NOTIFY or below
if (OldTpl <= TPL_NOTIFY) {
unaligned load on x64
actually mCpuInfoHobGuid same bytes as mHiiDbProtocolGuid in this module
that sub_824 compares against. In this driver both protocol and
HOB use the same GUID value for match purposes.
Return cached HOB list pointer
if (mHobList != NULL) {
Check if SystemTable has HOB list (set up by DXE core)
if (mSystemTable->HobList != NULL) {
SystemTable + 0x68: number of entries or HOB end marker
Iterate through HOB entries to find the CPU info GUID
for ( ; ; ) {
skip to data portion
the actual data pointer is at offset 16 from start
Advance to next HOB
HobEntry = (EFI_HOB )((UINTN)HobEntry + (UINT16 *)((UINTN)HobEntry + 4));
End of HOB list
if (mHobList == NULL) {
Dead loop: mHobList should never be NULL if PEI published the CPU info
CpuDeadLoop ();
Read CMOS status register (index 0x4B)
Preserve NMI mask bit (bit 7)
__outbyte **(0x70, (__inbyte (0x70) & 0x80) 0x4B);**
Determine the NV storage type
if (NvStorageType > 3) {
Map type to platform type
if (NvStorageType == 1) {
0x80000004 }
Seek to end of Destination
while (*Destination != L'\0') {
Copy Source characters including terminator
do {
Implementation reads from the CPU info HOB.
If unpopulated, reads from chipset MSR range.
On this platform, total CPU number is derived from
the detected package count.
return 1;
Protocol interface call at offset 0x20 (32):
EFI_STATUS (*GetHiiDbPhysicalAddr)(
IN VOID *This
IN UINTN Flags
OUT EFI_PHYSICAL_ADDRESS *PhysicalAddress
IN UINTN Reserved
Returns EFI_NOT_FOUND (0x8000000000000005) if not yet populated
with HiiDbPhysAddr containing the required buffer size from
On EFI_NOT_FOUND:
UINTN PagesNeeded = EFI_SIZE_TO_PAGES (HiiDbPhysAddr);
Status = gBS->AllocatePages (
1 = AllocateAnyPages
6 = EfiRuntimeServicesData
Retry the read with the allocated physical address
Then publish the variable:
Status = gRT->SetVariable (
EFI_VARIABLE_BOOTSERVICE_ACCESS ** EFI_VARIABLE_RUNTIME_ACCESS**
Close this event one-shot notification
Set up UEFI Library globals
gImageHandle = ImageHandle;
Cache local copies
mSystemTable = SystemTable;
Initialize HOB list
Create a notification event that catches the HII DB protocol install.
Status = gBS->CreateEventEx (
GUID that triggers the event
ASSERT if the event could not be created
if (EFI_ERROR (Status)) {
Line 132 in ExportHiiDb.c: "!EFI_ERROR (Status)"
DEBUG ((EFI_D_ERROR

Generated by HR650X BIOS Decompilation Project