GitBucket
Ajax Dong
SmmLockBox
Function Table
| Address | Name | Description |
|---|---|---|
| SmmLockBoxHandler | ||
| LockBoxLock | ||
| LockBoxSave | ||
| LockBoxUpdate | ||
| LockBoxRestore | ||
| LockBoxSetAttributes | ||
| LockBoxRestoreAllInPlace | ||
| ModuleEntryPoint | ||
| ProcessLibraryConstructorList | ||
| RegisterSmmLockBoxHandler | ||
| SmmLockBoxSaveLockBox | ||
| SmmLockBoxUpdateLockBox | ||
| SmmLockBoxRestoreLockBox | ||
| SmmLockBoxSetLockBoxAttributes | ||
| SmmLockBoxRestoreAllLockBoxInPlace | ||
| InternalBaseLibIsListValid | ||
| InsertTailList | ||
| CompareGuid | ||
| ReadUnaligned64 | ||
| SmmBufferValidation | ||
| LogMessage | ||
| AssertEfiError | ||
| SmmLockBoxDestructor | ||
| This | SMM driver provides LockBox save/restore services within SMM. | |
| It | registers an SMI handler that processes LockBox commands sent | |
| via | the SMM Communication Buffer protocol. | |
| Address | Range: 0x2C0 - 0x16C0 (26 functions) | |
| External | Protocol GUIDs (defined in .rdata at 0x2540-0x2590) | |
| Global | Variables (defined in .data segment) | |
| 0x25B8 | EFI_BOOT_SERVICES *gBootServices; // 0x25C0 | |
| 0x25C8 | EFI_RUNTIME_SERVICES *gRuntimeServices; // 0x25D0 | |
| 0x25D8 | UINT64 gSmmDebug2; // 0x25E0 (SMM Debug2 protocol) | |
| 0x25E8 | (AMI SMM Buffer Validation) | |
| 0x25B0 | (boolean, set by LockBox lock) | |
| 0x25F0 | (boolean) | |
| 0x26F8 | (module init status) | |
| 0x2700 | //------------------------------------------------------------------------- | |
| Forward | Declarations | |
| Module | Entry Point | |
| Process | all library constructors (UEFI Boot/Runtime/SMM services tables) | |
| ProcessLibraryConstructorList | (sub_540) | |
| Initializes | all library global pointers: | |
| Then | locates SMM Base2 Protocol and SMM Buffer Validation Protocol. | |
| Locate | SMM Base2 Protocol | |
| Get | SMM System Table from SMM Base2 Protocol | |
| Locate | AMI SMM Buffer Validation Protocol | |
| Install | LockBox Communication Configuration Table | |
| Get | LockBox Context | |
| Searches | the SMM configuration table for the LockBox context. | |
| Returns | NULL if not installed. | |
| Register | SMI Handler (sub_C7C) | |
| Registers | SmmLockBoxHandler as the SMI handler for the | |
| AMI | SMM Communication protocol, plus a SW dispatch callback | |
| Register | the main communication handler via SMM Base2 | |
| Register | the lock callback via SW dispatch | |
| Install | protocol to make the interface available | |
| SmmLockBoxHandler | (sub_988) | |
| Main | SMI handler for LockBox commands. | |
| Dispatches | to sub-handlers based on Command field: | |
| 1 | -> SaveLockBox | |
| 2 | -> UpdateLockBox | |
| 3 | -> RestoreLockBox | |
| 4 | -> SetLockBoxAttributes | |
| 5 | -> RestoreAllLockBoxInPlace | |
| CommunicationBuffer | layout: | |
| Validate | minimum buffer size | |
| Validate | buffer is not in SMRAM or overflow | |
| Default | return status | |
| Mark | as processed | |
| SmmLockBoxSaveLockBox | (sub_1128) | |
| Saves | a data buffer into SMRAM as a new LockBox entry. | |
| Check | if already exists | |
| Allocate | SMRAM pages for the data | |
| Allocate | the entry structure | |
| Copy | data to SMRAM | |
| Initialize | entry | |
| Insert | into queue | |
| SmmLockBoxUpdateLockBox | (sub_135C) | |
| Updates | a portion of an existing LockBox entry at a given offset. | |
| SmmLockBoxRestoreLockBox | (sub_1468) | |
| Restores | data from a LockBox entry back to a caller-provided buffer. | |
| and | use the saved SmramBuffer address (restore-in-place) | |
| Report | required size | |
| Copy | data out of SMRAM | |
| SmmLockBoxSetLockBoxAttributes | (sub_8AC) | |
| Sets | the attributes on an existing LockBox entry. | |
| The | only currently supported attribute is bit 0: | |
| LOCK_BOX_ATTRIBUTE_RESTORE_IN_PLACE | (0x1) | |
| Copy | header (0x28 bytes) | |
| Validate | attributes (only bit 0 is valid) | |
| SmmLockBoxRestoreAllLockBoxInPlace | (from sub_988[command=5]) | |
| Iterates | the LockBox queue and for each entry with the | |
| RESTORE_IN_PLACE | attribute, copies the SMRAM data to the | |
| original | buffer address (stored in the entry). | |
| address | when restore-in-place was requested | |
| Actually | saved destination | |
| InternalFindLockBoxEntry | (sub_10B0) | |
| Walks | the LockBox queue searching for an entry with matching GUID. | |
| Returns | pointer to the entry, or NULL if not found. | |
| InternalBaseLibIsListValid | (sub_15C8) | |
| Validates | a linked list has non-null forward/back links. | |
| InsertTailList | (sub_1634) | |
| Standard | doubly-linked list insert at tail. | |
| CompareGuid | (sub_1560) | |
| Compares | two EFI_GUID structures. | |
| ReadUnaligned64 | (sub_1688) | |
| Reads | a 64-bit value from a potentially unaligned address. | |
| Buffer | Validation (sub_F98) | |
| Validates | that Buffer+Length is NOT in SMRAM and does not overflow. | |
| Uses | the AMI SMM Buffer Validation Protocol if available. | |
| LockBoxLock | (sub_C70) | |
| Sets | the gLocked flag, preventing any further SAVE/UPDATE operations. | |
| This | is called when a SW dispatch event fires (S3 resume, etc.) | |
| Log | Messages (sub_DE8 - DEBUG wrapper) | |
| Wraps | DEBUG print via SMM Debug2 protocol. | |
| Checks | CMOS 0x4C for debug level filtering. | |
| Check | CMOS for debug level | |
| Use | the SMM Debug2 protocol to print | |
| ASSERT_EFI_ERROR | helper | |
| Logs | an assertion failure when Status is an error. | |
| SmmLockBoxDestructor | (sub_824) | |
| Uninstalls | the LockBox communication configuration table. | |
| Called | on module exit/destruction. |
Generated by HR650X BIOS Decompilation Project