Fork: 0
ajax / AMI-Aptio-BIOS-Reversed
Transfer to URL with SHA Find file
Newer
Older
AMI-Aptio-BIOS-Reversed / VerifyFwBootGuard / README.md
@Ajax Dong Ajax Dong 2 days ago 1 KB Init
Raw Blame History

VerifyFwBootGuard

Index Module Size Phase
0229 VerifyFwBootGuard 10,272 bytes (10.0 KB) DXE

Overview

Firmware Boot Guard Verification DXE Driver. Validates Intel Boot Guard (also known as Boot Guard ACM) verification status during DXE initialization. A single-function module that reads Boot Guard verification results and takes appropriate action if verification fails (e.g., logging errors, asserting, or halting boot). Intel Boot Guard is a hardware-protected boot integrity mechanism that verifies the initialization code (IBB) before it executes.

Key Functions

  • ModuleEntryPoint (0x490): UEFI driver entry point; calls sub_4CC for preliminary initialization, sub_788 for Boot Guard verification, and sub_1170 for error handling on failure.

Dependencies

  • Boot Guard hardware status registers: Accessed via MMIO or platform-specific interfaces
  • Intel Boot Guard ACM: Boot Guard Authenticated Code Module verification status
  • UEFI Boot Services: Protocol and event management
  • Related modules: BootGuardPei

Platform

Intel Purley (HR650X server platform), x86-64, PE32+ format, 5 sections (.text, .rdata, .data, section_3, .xdata)