Fork: 0
ajax / AMI-Aptio-BIOS-Reversed
Transfer to URL with SHA Find file
Newer
Older
AMI-Aptio-BIOS-Reversed / HttpDxe / HttpDxe.md
@Ajax Dong Ajax Dong 2 days ago 13 KB Init
Raw Blame History

HttpDxe

Function Table

Address Name Description
DebugAssert
HttpDxeDriverEntryPoint
HttpDxeDriverEntry
HttpDriverBindingSupported
HttpDriverBindingStart
HttpDriverBindingStop
HttpServiceBindingCreateChild
HttpServiceBindingDestroyChild
HttpGetModeData
HtpConfigure
HttpRequest
HttpCancel
HttpResponse
HttpPoll
ComponentNameGetDriverName
ComponentNameGetControllerName
DriverConfigurationSetOptions
DriverConfigurationGetOptions
DriverConfigurationOptionsValid
HttpConfigureTcp4
HttpConfigureTcp6
HttpCloseConnection
HttpCancelAllTokens
HttpSendMessage
HttpReceiveMessage
HttpTcpReceiveNotify
HttpTcpReceiveNotifyDpc
HttpDns
HttpTlsConnect
HttpTlsClose
HttpTlsIsSessionActive
HttpInitSession
HttpCreateEvent
HttpGenerateRequest
HttpFreeRequestString
HttpSetResponseStatus
HttpFreeResponse
StrLenS
AsciiStrLenS
AsciiStrDecimalToUintnS
AsciiStrHexToUintnS
UnicodeStrToAsciiStrS
AsciiStrToUnicodeStrS
InitializeListHead
InsertHeadList
InsertTailList
IsListEmpty
InternalBaseLibIsListValid
External GUIDs (from .rdata section)
EFI_GUID gEfiLoadedImageProtocolGuid =
Custom AMI HTTP protocol GUIDs
EFI_GUID gAmiHttpServiceBindingProtocolGuid =
HTTP Protocol function table (installed on child handle)
EFI_HTTP_PROTOCOL mHttpProtocolTemplate = {
Driver Binding Protocol function table
EFI_DRIVER_BINDING_PROTOCOL mDriverBinding = {
Version NULL, // ImageHandle (filled in at entry)
DriverBindingHandle (filled in by Install)
Component Name 2 Protocol
EFI_COMPONENT_NAME2_PROTOCOL mComponentName2 = {
Supported Languages
EFI Driver Configuration 2 Protocol
EFI_DRIVER_CONFIGURATION2_PROTOCOL mDriverConfiguration2 = {
Service Binding Protocol - installed per controller handle
EFI_SERVICE_BINDING_PROTOCOL mHttpServiceBinding = {
DEBUG / ASSERT support protocol GUID
EFI_GUID gDebugProtocolGuid = {
ASSERT_EFI_ERROR macro with debug output
Check CPU index via CMOS port 0x70/0x71
CpuIndex **= IoRead8 (0x70) & 0x80 0x4B;**
Locate protocol only if CPU index is valid (1-3)
if ((CpuIndex - 1) <= 0xFD) {
DRIVER ENTRY POINT
Initialize library globals
ProcessLibraryConstructorList (ImageHandle, SystemTable);
Locate Loaded Image Protocol for this driver
Status = gBS->OpenProtocol (
Store the driver's unload handler
Install all driver protocols
return HttpDxeDriverEntry (ImageHandle);
Locate the DPC protocol
Status = gBS->LocateProtocol (
Install Driver Binding, Component Name, and Driver Configuration
Status = EfiLibInstallAllDriverProtocols2 (
No Component Name
DRIVER BINDING PROTOCOL
Check if controller already has our HTTP service binding protocol
Allocate and initialize service instance
HttpService = (HTTP_SERVICE *) AllocateZeroPool (sizeof (HTTP_SERVICE));
Locate all handles on the system
Status = gBS->LoocateHandleBuffer (
Searrch handles for child handles of this driver's controller
for (Index = 0; Index < HandleCount; Index++) {
Open driver binding protocol
Check if this handle's parent is our controller
if (LoadedImage->ParentDeviceHandle == ControllerHandle) {
Found a child handle - install our protocols on it
Open IP4 Config2 protocol on child
Install the service binding protocol on the parent
Status = gBS->InstallMultipleProtocolInterfaces (
Check if we installed a service binding
if (!EFI_ERROR (Status)) {
Iterate handles again to propagate IP4 Config2 and TCP protocols
for (ChildIndex = 0; ChildIndex < HandleCount; ChildIndex++) {
Open Ip4Config2
Install Ip4Config2 on our child
Get our driver binding context from the controller
Destroy all child instances if requested
if (NumberOfChildren == 0) {
Destroy all children
while (!IsListEmpty (&HttpService->ChildrenList)) {
Uninstall our protocols from the controller
Status = gBS->UninstallMultipleProtocolInterfaces (
Free the service instance
FreePool (HttpService);
Destroy specific children
for (Index = 0; Index < NumberOfChildren; Index++) {
Retrieve service instance from the protocol
HttpService = BASE_CR (This, HTTP_SERVICE, ServiceBinding);
Allocate the HTTP instance
Instance = (HTTP_INSTANCE *) AllocateZeroPool (sizeof (HTTP_INSTANCE));
Initialize instance fields
Not configured yet
Copy the HTTP protocol template
CopyMem (&Instance->HttpProtocol, &mHttpProtocolTemplate, sizeof (EFI_HTTP_PROTOCOL));
Initialize request and response net buffers
NetMapInit (&Instance->RequestMap);
Locate the HTTP Utilities protocol for message parsing
Allocate a handle for the child
Add instance to service's child list
InsertTailList (&HttpService->ChildrenList, &Instance->Link);
Retrieive the HTTP protocol from child handle
Veriify instance signature
if (Instance->Signature != HTTP_INSTANCE_SIGNATURE) {
Close and clean up TCP connections
Status = HttpCloseConnection (Instance);
Clean up any cached body data
if (Instance->CacheBody != NULL) {
Clean up message parser
if (Instance->MsgParser != NULL) {
Remove from parent's child list
RemoveEntryList (&Instance->Link);
Uninstall the HTTP protocol and free the instance
HTTP PROTOCOL IMPLEMENTATION
Return the stored configuration
Omit other fields...
If already configured, close existing connection
if (Instance->LocalAddressIsConfigured) {
Store configuration
Configure Tcp6
Status = HttpConfigureTcp6 (Instance);
Configure Tcp4
Status = HttpConfigureTcp4 (Instance);
Verify state
if (Instance->Service == NULL) {
Allocate token wrapper
Wrap = (HTTP_TOKEN_WRAP *) AllocateZeroPool (sizeof (HTTP_TOKEN_WRAP));
Check if using HTTPS
if (Instance->UseHttps) {
TLS handshake first
Status = HttpTlsConnect (Instance);
Send the request via TCP
Status = HttpSendMessage (Wrap);
Track concurrent request limit
if (Instance->ConcurrentRequestCount <= 1) {
Clean up on failure
if (Wrap->Tcp4Token.CompletionToken.Event != NULL) {
Check if the instance is configured for IPv6
if (Instance->LocalAddressIsIPv6 != 0 && Instance->LocalAddressIsIPv6 != 4) {
Delegate to the internal cancel handler
return HttpCancelInternal (Instance, HttpToken);
Validate input
if (HttpToken->HttpMessage->Data == NULL && HttpToken->HttpMessage->BodyLength > 0) {
Check signature
Create token wrapper and add to response queue
Add the token wrapper to the response event list
Status = NetEventAdd (
If using HTTPS, receive through TLS
Trigger TCP receive
if (!Instance->LocalAddressIsConfigured) {
Check if instance has TCP protocol
if (Instance->LocalAddressIsIPv6) {
COMPONENT NAME PROTOCOL
Check if "en" language is supported
if (AsciiStrCmp (Language, "en") != 0) {
DRIVER CONFIGURATION 2 PROTOCOL
TCP CONNECTION MANAGEMENT (HttpProto.c)
Oen TCP4 protocol on the child handle
Status = NetLibCreateServiceChild (
Set up for receive notification
Status = HttpCreateEvent (
Oen TCP6 protocol on the child handle
Stp pending callbacks
HttpCancelAllTokens (Instance);
Clean up cache
Close TCP protocols
if (Instance->Tcp4 != NULL) {
Cance cancel Tcp4 tokens
Destroy service child for Tcp4
NetLibDestroyServiceChild (
Cancel Tcp6 tokens
Destroy service child for Tcp6
Iterate through request map and cancel all pending tokens
Clear response map too
HTTP MESSAGE SENDING / RECEIVING (HttpProto.c)
Build the HTTP request string from the message
Status = HttpGenerateRequest (
Send via Tcp4 or Tcp6
Set up the TCP6 transmit token
Will be filled by caller
Build fragment from net buffer
Trnsnsmit via Tcp6
Status = Instance->Tcp6->Transmit (Instance->Tcp6, Tcp6Token);
Set up the TCP4 transmit token
Transmit via Tcp4
Status = Instance->Tcp4->Transmit (Instance->Tcp4, Tcp4Token);
Free the net buffer
NetbufFree (Nbuf);
Set up TCP6 receive token
Status = Instance->Tcp6->Receive (Instance->Tcp6, Tcp6Token);
Set up TCP4 receive token
Status = Instance->Tcp4->Receive (Instance->Tcp4, Tcp4Token);
TCP RECEIVE NOTIFICATION (Event/DPC Hander)
Queue a DPC for processing
Get the TCP receive status
Process received data through message parser
Parser = Instance->MsgParser;
Parse the received data
Data = Instance->ReceiveBuffer;
Feed data to HTTP parser
Status = HttpParseMessageBody (Parser, Data, &BufferLength);
Check if full response has been received
if (HttpIsMessageComplete (Parser)) {
Parse out response status
HttpGetStatus (Parser, &Instance->ResponseStatus);
Extract body data
HttpGetEntityLength (Parser, &Instance->ResponseBodyLength);
Signal completion to the token
Signal the waiting token
if (Wrap->HttpMsg->Data.Event != NULL) {
DNS RESOLUTION (HttpDns.c)
Use the HTTP Utilities protocol to resolve the host name
DataLength = sizeof (EFI_IP_ADDRESS);
Locate TLS protocol
Set TLS session data
Do TLS handshake
Status = Tls->Connect (Tls, Instance->RemoteHost);
Check TLS session state
DataSize = sizeof (EFI_TLS_SESSION_STATE);
Store TLS data in instance
HTTP INITILIZATIONIZATION AND URL URL PARSING
Check for HTTPS protocol
if (AsciiStrStr (Url, HTTPS_PREFIX) == Url) {
Parse the URL
Status = HttpUrlParse (
FALSE = no path required
Extract host name
Resolve DNS if host is not an IP address
if (!HttpUrlIsIpAddress (Instance->RemoteHost)) {
Store resolved address
Extract path if present
EVENT CREATION AND AND MAP MANAGEMENT
Create event for TCP receive
Status = gBS->CreateEvent (
No context, set later
HTTP MESSAGE GENERATION
Calculate total header size
HeaderSize = HttpCalculateHeaderSize (HttpMsg->Headers, HttpMsg->HeaderCount);
Allocate buffer for request string
RequestString = (CHARR *) AllocateZeroPool (HeaderSize + 256); // Extra for request line and CRLF
Render the HTTP request line (METHOD URI HTTP/1.1)
Status = HttpRenderRequestLine (
Append headers
Status = HttpRenderHeaders (
Append body
if (HttpMsg->BodyLength > 0) {
Create net buffer from the request string
STATUSUS CODES
Free message parser
Free any cached body
LIBRARY FUNCTIONS (linked statically)
Skip leading whitespace
while *(String == ' ' String == '\t') {*
Skip leading zeros
while (*String == '0') {
Check for 0x or 0X prefix
if *(String == 'x' String == 'X') {*
LINKED LIST UTILIIES
Veriify list validation
InternalBaseLibIsListValid (ListHead);

Generated by HR650X BIOS Decompilation Project