GitBucket
Ajax Dong
SmmAccessPei Module Analysis
Module Information
| Field | Value |
|---|---|
| Module Name | SmmAccessPei.efi |
| Index | 0358 |
| MD5 | c85821f577b2bd2503af9491efa78481 |
| SHA256 | ee3db7e65870c79bb4d463ea5eb90951965d62f6d030cfd49c19c6cbf422a006 |
| Architecture | IA32 (32-bit) |
| Base Address | 0xffd6bc7c |
| Image Size | 0x1060 (4,192 bytes) |
Segment Layout
| Segment | Start | End | Size | Permissions |
|---|---|---|---|---|
| HEADER | 0xffd6bc7c | 0xffd6bedc | 0x260 (608) | --- |
| .text | 0xffd6bedc | 0xffd6c73c | 0x860 (2,144) | rx |
| .rdata | 0xffd6c73c | 0xffd6cbfc | 0x4c0 (1,216) | r |
| .data | 0xffd6cbfc | 0xffd6cc5c | 0x60 (96) | rw |
| .reloc | 0xffd6cc5c | 0xffd6ccdc | 0x80 (128) | r |
| GAP | 0xffd6ccdc | 0xffd6dc7c | 0xfa0 (4,000) | rw |
Functions (18 total, 1 named, 17 unnamed originally)
| Address | Name | Size | Type |
|---|---|---|---|
| 0xffd6bedc | InternalCopyMemBackwards | 0x3f | Overlapping-safe memory copy |
| 0xffd6bf3c | SetMem | 0x15 | memset wrapper |
| 0xffd6bf5c | SetMem32Loop | 0x1f | Internal SetMem32 loop |
| 0xffd6bf7c | SetMem32 | 0x15 | memset32 wrapper |
| 0xffd6bf91 | _ModuleEntryPoint | 0x465 | Module entry point / dispatcher |
| 0xffd6c3f6 | GetFirstHob | 0x6e | Get first HOB from PEI services |
| 0xffd6c464 | GetNextHobByType | 0x45 | Find next HOB by type (GUID extension) |
| 0xffd6c4a9 | GetNextGuidHob | 0x3a | Find next HOB by GUID |
| 0xffd6c4e3 | GetDebugInterface | 0x31 | Get debug protocol interface |
| 0xffd6c514 | DebugPrint | 0x2a | Debug message print |
| 0xffd6c53e | DebugAssert | 0x1e | Debug assert handler |
| 0xffd6c55c | AllocatePool | 0x2a | PEI pool allocation |
| 0xffd6c586 | CopyMem | 0x71 | CopyMem with validation |
| 0xffd6c5f7 | CompareGuid | 0x5f | GUID comparison |
| 0xffd6c656 | GetDebugErrorLevel | 0x4f | Get debug level from CMOS (0x4A) |
| 0xffd6c6a5 | ReadUnaligned64 | 0x2c | 64-bit unaligned read |
| 0xffd6c6d1 | GetPeiServicesTable | 0x32 | Get PEI services from IDT |
| 0xffd6c703 | ReadIdtr | 0x23 | Read IDT register (SIDT) |
Purpose
This PEIM provides the SMM Access PPI for Purley platforms. It performs the following:
-
HOB Discovery: Locates two GUID HOBs:
gSmmAccessPrivateGuid-- contains TSEG reserved region descriptorsgSmmBaseHobGuid-- contains TSEG size, IED base/size, SMM base info
-
SMM Region Management: Copies SMM reserved region descriptors from HOBs into private context and validates region count (max 4).
-
PPI Installation: Installs
EFI_PEI_SMM_ACCESS_PPIwhich exposes:- Open -- opens a specific SMRAM descriptor for access
- Close -- closes a specific SMRAM descriptor
- Lock -- locks a specific SMRAM descriptor permanently
- GetCapabilities -- returns SMRAM descriptor capabilities
-
Debug Output: Logs TSEG/IED/SMM base and size information.
Key Data
CMOS Debug Level Register (0x4A)
The debug error level is read from CMOS register 0x4A (via port 0x70/0x71):
- 0x00: No debug output
- 0x01: EFI_D_INFO / EFI_D_ERROR output
- Values read through a special mechanism at memory 0xFDAF0490
Build Information
- Platform: PurleySktPkg
- Build: HR6N0XMLK / DEBUG_VS2015 / IA32
- PDB: PurleySktPkg/Smm/SmmAccessPei/SmmAccessPei/DEBUG/SmmAccessPei.pdb
Source Files
| File | Description |
|---|---|
| SmmAccessPei.c | Main module source |
| SmmAccessPei.h | Module header with data structure definitions |
IDA Database
IDB saved to original location:/private/ajax/bios/HR650X_3647_AJAX_BIOS_ORIGINAL.pe_structured/pe_files/0358_SmmAccessPei_ee3db7e65870/SmmAccessPei.efi.i64