diff --git a/AmiModulePkg/AHCI/Ahci/Ahci.c b/AmiModulePkg/AHCI/Ahci/Ahci.c index 00f2724..0a573c3 100644 --- a/AmiModulePkg/AHCI/Ahci/Ahci.c +++ b/AmiModulePkg/AHCI/Ahci/Ahci.c @@ -110,7 +110,7 @@ }; // -// EFI_ATA_PASS_THRU_PROTOCOL instance (stub - minimal implementation) +// EFI_ATA_PASS_THRU_PROTOCOL instance (protocol entrypoints intentionally absent) // EFI_ATA_PASS_THRU_PROTOCOL gAhciAtaPassThru = { 0, @@ -1139,7 +1139,7 @@ ); if (EFI_ERROR (Status)) { AhciDebugPrint (AHCI_DEBUG_ERROR, "\nASSERT_EFI_ERROR (Status = %r)\n", Status); - AhciAssert (__FILE__, 949, "!EFI_ERROR (Status)"); + AhciAssert (__FILE__, __LINE__, "!EFI_ERROR (Status)"); } // @@ -1165,7 +1165,7 @@ ); if (EFI_ERROR (Status)) { AhciDebugPrint (AHCI_DEBUG_ERROR, "\nASSERT_EFI_ERROR (Status = %r)\n", Status); - AhciAssert (__FILE__, 988, "!EFI_ERROR (Status)"); + AhciAssert (__FILE__, __LINE__, "!EFI_ERROR (Status)"); } } @@ -1429,10 +1429,46 @@ return Status; } + if (Capacity != NULL) { + *Capacity = (UINT64)Port->IdentifyData[154] | ((UINT64)Port->IdentifyData[156] << 16); + } + return EFI_SUCCESS; } /** + Applies device feature settings required after identification. + + @param[in] Port Pointer to the AHCI port. + @param[in] Capacity Reported device capacity (currently preserved for callers). + + @retval EFI_SUCCESS Device feature setup completed. +**/ +EFI_STATUS +AhciSetDeviceFeature ( + IN AHCI_PORT *Port, + IN UINT64 Capacity + ) +{ + EFI_STATUS Status; + + // + // Preserve compatibility with prior call-sites that pass this computed value. + // + UNREFERENCED_PARAMETER (Capacity); + + // + // Configure command-mode related features explicitly. + // + Status = AhciSetTransferMode (Port); + if (EFI_ERROR (Status)) { + return Status; + } + + return AhciSetFeatureRwDmaSetup (Port); +} + +/** Sets ATA transfer mode (PIO, Multiword DMA, or Ultra DMA). Uses ATA SET FEATURES command. @@ -3433,7 +3469,7 @@ @param[in] ExpectedMask Mask to apply. @param[in] ExpectedValue Expected masked value. - @retval EFILE_SUCCESS Register matched expected value. + @retval EFI_SUCCESS Register matched expected value. @retval EFI_TIMEOUT Timeout. **/ EFI_STATUS @@ -3481,7 +3517,7 @@ @param[in] Port Pointer to the AHCI_PORT. - @retval EFILE_SUCCESS Port ready. + @retval EFI_SUCCESS Port ready. **/ EFI_STATUS AhciPreparePortAccess ( @@ -3955,11 +3991,14 @@ IN VOID *Buffer ) { + UINT32 Value; + if (Buffer == NULL) { - AhciAssert ("e:\\hs\\MdePkg\\Library\\BaseLib\\Unaligned.c", 192, "Buffer != ((void *) 0)"); + AhciAssert (__FILE__, __LINE__, "Buffer != ((void *) 0)"); } - return *(UINT64 *)Buffer; + CopyMem (&Value, Buffer, sizeof (Value)); + return Value; } /** @@ -3987,22 +4026,22 @@ /** Allocates zero pool memory. - @param[in] n32 Size in bytes. + @param[in] Size Size in bytes. @return Pointer to allocated memory, or NULL. **/ VOID * AhciAllocateZeroPool ( - IN UINTN n32 + IN UINTN Size ) { VOID *Buffer; Buffer = NULL; - gBS->AllocatePool (EfiBootServicesData, n32, &Buffer); + gBS->AllocatePool (EfiBootServicesData, Size, &Buffer); if (Buffer != NULL) { - ZeroMem (Buffer, n32); + ZeroMem (Buffer, Size); } return Buffer; @@ -4121,4 +4160,4 @@ ) { return AhciBlockIoRwExDispatch (This, MediaId, Lba, Token, BufferSize, Buffer, TRUE); -} \ No newline at end of file +} diff --git a/AmiModulePkg/AHCI/Ahci/Ahci.md b/AmiModulePkg/AHCI/Ahci/Ahci.md index 0b064ee..799b84d 100644 --- a/AmiModulePkg/AHCI/Ahci/Ahci.md +++ b/AmiModulePkg/AHCI/Ahci/Ahci.md @@ -19,6 +19,7 @@ | | **AhciIdentifySataPort** | | | | **AhciIdentifyPmPort** | | | | **AhciSetPortInterfacePower** | | +| | **AhciSetDeviceFeature** | | | | **AhciConfigureDevice** | | | | **AhciSetTransferMode** | | | | **AhciSetFeatureRwDmaSetup** | | @@ -96,7 +97,7 @@ | Version | **NULL, // ImageHandle** | | | DriverBindingHandle | **};** | | | EFI_COMPONENT_NAME2_PROTOCOL | **gAhciComponentName2 = {** | | -| EFI_ATA_PASS_THRU_PROTOCOL | **instance (stub - minimal implementation)** | | +| EFI_ATA_PASS_THRU_PROTOCOL | **instance (entry points intentionally absent)** | | | EFI_ATA_PASS_THRU_PROTOCOL | **gAhciAtaPassThru = {** | | | Driver | **name strings** | | | CHAR16 | ***gAhciDriverName[] = {** | | @@ -521,4 +522,4 @@ | return | **(DevicePath[0] == 'e' &&** | | --- -*Generated by HR650X BIOS Decompilation Project* \ No newline at end of file +*Generated by HR650X BIOS Decompilation Project* diff --git a/AmiModulePkg/AHCI/Ahci/README.md b/AmiModulePkg/AHCI/Ahci/README.md index f4fa9c8..a46b761 100644 --- a/AmiModulePkg/AHCI/Ahci/README.md +++ b/AmiModulePkg/AHCI/Ahci/README.md @@ -21,9 +21,9 @@ - `AhciDriverBindingSupported()` -- Tests if a controller is an AHCI-compatible SATA controller - `AhciDriverBindingStart()` -- Initializes the AHCI controller and detects attached devices - `AhciDriverBindingStop()` -- Stops the driver, releases controller resources -- `AhciCreateDevice()` -- Creates a child device handle for a detected SATA device -- `AhciBlockIoReadWrite()` -- Performs block-level read/write via the AHCI HBA -- `AhciAtaPassThru()` -- Implements ATA pass-through commands (IDENTIFY, READ/WRITE, etc.) +- `AhciEnumerateDevice()` -- Detects/configures a port and creates the port context for block I/O child creation +- `AhciBlockIoRead()` / `AhciBlockIoWrite()` -- Block-level read/write via the AHCI HBA +- `AhciSataPhyCommand()` -- Sends low-level SATA PHY/ATA command sequences - `AhciGetHobList()` -- Retrieves HOB list for platform configuration - `AhciReadUint32Le()` -- Reads a little-endian 32-bit AHCI register value @@ -45,4 +45,4 @@ - **Toolchain**: VS2015, X64 DEBUG - **Copyright**: AMI Corporation - **Source**: AmiModulePkg -- **BIOS**: HR650X (HR6N0XMLK) \ No newline at end of file +- **BIOS**: HR650X (HR6N0XMLK) diff --git a/AmiModulePkg/AHCI/AhciSmm/AhciSmm.c b/AmiModulePkg/AHCI/AhciSmm/AhciSmm.c index b9693ac..38144e2 100644 --- a/AmiModulePkg/AHCI/AhciSmm/AhciSmm.c +++ b/AmiModulePkg/AHCI/AhciSmm/AhciSmm.c @@ -43,15 +43,17 @@ AHCI_SMM_HANDLER pAhciPortInitHandler = NULL; // 0x3070 AHCI_SMM_HANDLER pAhciDmaCommandHandler = NULL; // 0x3078 AHCI_SMM_HANDLER pAhciPioDataInHandler = NULL; // 0x3080 -AHCI_SMM_HANDLER pAhciSoftwareResetHandler = NULL; // 0x3088 (sub_1914) -AHCI_SMM_HANDLER pAhciNonDataCommandHandler = NULL; // 0x3090 (sub_1BB8) -AHCI_SMM_HANDLER pAhciFisReceiveHandler = NULL; // 0x3098 (sub_1EBC) -AHCI_SMM_HANDLER pAhciSoftResetHandler = NULL; // 0x30A0 (sub_1F04) +AHCI_SMM_HANDLER pAhciSoftwareResetHandler = NULL; // 0x3088 (AhciAtapiSoftwareResetHandler, sub_1914) +AHCI_SMM_HANDLER pAhciNonDataCommandHandler = NULL; // 0x3090 (AhciAtaNonDataCommandHandler, sub_1BB8) +AHCI_SMM_HANDLER pAhciFisReceiveHandler = NULL; // 0x3098 (AhciCommandCompletionHandler, sub_1EBC) +AHCI_SMM_HANDLER pAhciSoftResetHandler = NULL; // 0x30A0 (AhciPortSoftResetThunk, sub_1F04) // // Recovered semantic aliases for local decompiled symbols: -// sub_49C -> AhciSmmPreInit -// sub_5DC -> AhciSmmRegisterSmiHandlers +// sub_49C -> AhciSmmPreInit: boot/runtime context setup +// sub_5DC -> AhciSmmRegisterSmiHandlers: entry dispatch and SMI registration +// sub_2150 -> AhciSmmInitialize (not yet emitted in this recovery slice) +// sub_1F0C -> AhciSmmInstallSmiCallback (not yet emitted in this recovery slice) // EFI_STATUS EFIAPI diff --git a/AmiModulePkg/AHCI/AhciSmm/AhciSmm.h b/AmiModulePkg/AHCI/AhciSmm/AhciSmm.h index da50349..786e073 100644 --- a/AmiModulePkg/AHCI/AhciSmm/AhciSmm.h +++ b/AmiModulePkg/AHCI/AhciSmm/AhciSmm.h @@ -63,7 +63,7 @@ ); /// -/// sub_49C -- boot/runtime services initialization and context setup +/// AhciSmmPreInit / sub_49C -- boot/runtime services initialization and context setup /// EFI_STATUS EFIAPI @@ -72,7 +72,7 @@ ); /// -/// sub_5DC -- main SMM dispatch/SMI registration entry +/// AhciSmmRegisterSmiHandlers / sub_5DC -- main SMM dispatch/SMI registration entry /// EFI_STATUS EFIAPI @@ -143,9 +143,9 @@ extern AHCI_SMM_HANDLER pAhciPortInitHandler; // 0x3070 extern AHCI_SMM_HANDLER pAhciDmaCommandHandler; // 0x3078 extern AHCI_SMM_HANDLER pAhciPioDataInHandler; // 0x3080 -extern AHCI_SMM_HANDLER pAhciSoftwareResetHandler; // 0x3088 (sub_1914) -extern AHCI_SMM_HANDLER pAhciNonDataCommandHandler; // 0x3090 (sub_1BB8) -extern AHCI_SMM_HANDLER pAhciFisReceiveHandler; // 0x3098 (sub_1EBC) -extern AHCI_SMM_HANDLER pAhciSoftResetHandler; // 0x30A0 (sub_1F04) +extern AHCI_SMM_HANDLER pAhciSoftwareResetHandler; // 0x3088 (AhciAtapiSoftwareResetHandler / sub_1914) +extern AHCI_SMM_HANDLER pAhciNonDataCommandHandler; // 0x3090 (AhciAtaNonDataCommandHandler / sub_1BB8) +extern AHCI_SMM_HANDLER pAhciFisReceiveHandler; // 0x3098 (AhciFisReceiveCompletionHandler / sub_1EBC) +extern AHCI_SMM_HANDLER pAhciSoftResetHandler; // 0x30A0 (AhciPortSoftResetThunk / sub_1F04) #endif /* __AHCISMM_H__ */ diff --git a/AmiModulePkg/AHCI/AhciSmm/AhciSmm.md b/AmiModulePkg/AHCI/AhciSmm/AhciSmm.md index eecb729..9e4ad53 100644 --- a/AmiModulePkg/AHCI/AhciSmm/AhciSmm.md +++ b/AmiModulePkg/AHCI/AhciSmm/AhciSmm.md @@ -13,106 +13,106 @@ | Address | Name | Purpose | |---------|------|---------| | 0x470 | _ModuleEntryPoint | UEFI/SMM driver entry point | -| 0x49C | sub_49C | UEFI boot/run-time services table initialization | -| 0x5DC | sub_5DC | Main driver dispatch: lock, init, register SMI handler | -| 0x2150 | sub_2150 | SMM driver initialization: locate protocols, init H/W, install SMI handlers | -| 0x1F0C | sub_1F0C | SMI handler registration: allocate buffers, register SMI callback via SMM base2 | -| 0x13F4 | sub_13F4 | Soft reset generation for AHCI port (GenerateSoftReset) | -| 0x1F04 | sub_1F04 | Thunk to sub_13F4 (soft reset) | -| 0x19FC | sub_19FC | ATA command completions: read FIS, detect PMP/SATA/ATAPI device type | -| 0x1BB8 | sub_1BB8 | ATA non-data command execution (identify device, etc.) | -| 0x1648 | sub_1648 | ATA PIO data-in command execution | -| 0x17C0 | sub_17C0 | ATA DMA command execution | -| 0x1914 | sub_1914 | ATA software reset execution | -| 0x1D60 | sub_1D60 | AHCI controller initialization (HBA reset, port config) | -| 0x1EBC | sub_1EBC | Port FIS receive / command completion dispatch | -| 0xC0C | sub_C0C | Port command completion handler (FIS receive + SDB notify) | -| 0xE30 | sub_E30 | AHCI port start/stop (command list activation, PxCMD.PxRUN) | -| 0x1014 | sub_1014 | Port PMP status check and error recovery via sub_C0C | -| 0x1274 | sub_1274 | Port multiplier register access (PMP SATA register read/write) | -| 0x9D0 | sub_9D0 | Port reset sequence (wait for device ready, signature, PxSIG) | -| 0x91C | sub_91C | Command issue helper: write PxCMD, clear SError, trigger port start | -| 0x11BC | sub_11BC | Command list entry setup (FIS frame format into PRDT) | -| 0x111C | sub_111C | Command scatter-gather list construction (PRDT entries) | -| 0x10C8 | sub_10C8 | FIS shadow area copy (16 bytes from command table to RFIS) | -| 0x107C | sub_107C | Command header initialization (clear PRD region, set PxISA) | -| 0x7D0 | sub_7D0 | Polling loop for command completion / error (PxIS, PxSERR, timeout) | -| 0x75C | sub_75C | MMIO register bit wait loop (poll for bit clear with timeout) | -| 0x6E4 | sub_6E4 | MMIO register bit match polling (poll for specific bit pattern) | -| 0x9D0 | sub_9D0 | Port signature read (poll PxSIG for device type detection) | -| 0x690 | sub_690 | Microsecond delay based on ACPI PM timer (port 0x508) | -| 0x2720 | sub_2720 | memset implementation (aligned dword fill with residual) | -| 0x2780 | sub_2780 | memmove implementation (overlap-aware, aligned copy) | -| 0x2314 | sub_2314 | Debug logging (vprintf to SMM debug output) | -| 0x235C | sub_235C | ASSERT implementation (conditional via debug protocol) | -| 0x22C4 | sub_22C4 | SMM debug protocol locator (locate gEfiSmmDebug2ProtocolGuid) | -| 0x239C | sub_239C | PCD protocol locator (DxePcdLib, locate mMdePkgPcd) -| 0x2428 | sub_2428 | SMM child protocol installation (SmmBase2 vs BootServices LocateProtocol) | -| 0x24B0 | sub_24B0 | SMI handler protocol installation (SmmBase2 or standalone) | -| 0x2594 | sub_2594 | Runtime services pointer resolution via SMM system table | -| 0x2604 | sub_2604 | memcmp implementation (byte compare against fixed pattern) | -| 0x2680 | sub_2680 | CMOS/CMOS register read for platform debug level detection | -| 0x2A0 | sub_2A0 | SetJump wrapper (save non-volatile register context) | -| 0x340 | sub_340 | LongJump wrapper (restore context via saved frame) | -| 0x227C | sub_227C | Jump buffer validation (alignment check for SetJump) | +| 0x49C | AhciSmmPreInit | UEFI boot/run-time services table initialization | +| 0x5DC | AhciSmmRegisterSmiHandlers | Main driver dispatch: lock, init, register SMI handler | +| 0x2150 | AhciSmmInitialize | SMM driver initialization: locate protocols, init H/W, install SMI handlers | +| 0x1F0C | AhciSmmRegisterCallback | SMI handler registration: allocate buffers, register SMI callback via SMM base2 | +| 0x13F4 | AhciGenerateSoftReset | Soft reset generation for AHCI port | +| 0x1F04 | AhciPortSoftResetThunk | Thunk to sub_13F4 (soft reset) | +| 0x19FC | AhciCommandCompleteType : DetectAtaDeviceType | ATA command completions: read FIS, detect PMP/SATA/ATAPI device type | +| 0x1BB8 | AhciNonDataCommandHandler | ATA non-data command execution (identify device, etc.) | +| 0x1648 | AhciPioDataInCommand | ATA PIO data-in command execution | +| 0x17C0 | AhciDmaDataCommand | ATA DMA command execution | +| 0x1914 | AhciSoftwareResetCommand | ATA software reset execution | +| 0x1D60 | AhciControllerInit | AHCI controller initialization (HBA reset, port config) | +| 0x1EBC | AhciFisReceiveHandler | Port FIS receive / command completion dispatch | +| 0xC0C | AhciPortCommandComplete | Port command completion handler (FIS receive + SDB notify) | +| 0xE30 | AhciPortStartStop | AHCI port start/stop (command list activation, PxCMD.PxRUN) | +| 0x1014 | AhciCheckDevicePresenceAndRecover | Port PMP status check and error recovery via sub_C0C | +| 0x1274 | AhciPmpRegisterAccess | Port multiplier register access (PMP SATA register read/write) | +| 0x9D0 | AhciPortResetSequence | Port reset sequence (wait for device ready, signature, PxSIG) | +| 0x91C | AhciIssuePortCommand | Command issue helper: write PxCMD, clear SError, trigger port start | +| 0x11BC | AhciBuildCommandFis | Command list entry setup (FIS frame format into PRDT) | +| 0x111C | AhciBuildPrdt | Command scatter-gather list construction (PRDT entries) | +| 0x10C8 | AhciCopyReceivedFis | FIS shadow area copy (16 bytes from command table to RFIS) | +| 0x107C | AhciInitCommandHeader | Command header initialization (clear PRD region, set PxISA) | +| 0x7D0 | AhciPollForCommandCompletion | Polling loop for command completion / error (PxIS, PxSERR, timeout) | +| 0x75C | AhciWaitForBitClear | MMIO register bit wait loop (poll for bit clear with timeout) | +| 0x6E4 | AhciWaitForBitMatch | MMIO register bit match polling (poll for specific bit pattern) | +| 0x9D0 | AhciGetPortSignature | Port signature read (poll PxSIG for device type detection) | +| 0x690 | AhciUsDelay | Microsecond delay based on ACPI PM timer (port 0x508) | +| 0x2720 | AhciMemset | memset implementation (aligned dword fill with residual) | +| 0x2780 | AhciMemmove | memmove implementation (overlap-aware, aligned copy) | +| 0x2314 | AhciDebugPrint | Debug logging (vprintf to SMM debug output) | +| 0x235C | AhciDebugAssert | ASSERT implementation (conditional via debug protocol) | +| 0x22C4 | AhciLocateDebugProtocol | SMM debug protocol locator (locate gEfiSmmDebug2ProtocolGuid) | +| 0x239C | AhciLocatePcdProtocol | PCD protocol locator (DxePcdLib, locate mMdePkgPcd) +| 0x2428 | AhciInstallChildProtocol | SMM child protocol installation (SmmBase2 vs BootServices LocateProtocol) | +| 0x24B0 | AhciInstallSmiHandlerProtocol | SMI handler protocol installation (SmmBase2 or standalone) | +| 0x2594 | AhciResolveRuntimeServices | Runtime services pointer resolution via SMM system table | +| 0x2604 | AhciMemcmpPattern | memcmp implementation (byte compare against fixed pattern) | +| 0x2680 | AhciReadDebugLevelFromCmos | CMOS/CMOS register read for platform debug level detection | +| 0x2A0 | AhciSetJump | SetJump wrapper (save non-volatile register context) | +| 0x340 | AhciLongJump | LongJump wrapper (restore context via saved frame) | +| 0x227C | AhciValidateJumpFrame | Jump buffer validation (alignment check for SetJump) | ## Entry Points (Public API) -- **0x470** `_ModuleEntryPoint`: Standard UEFI SMM driver entry point. Calls sub_49C to initialize UEFI boot/runtime services globals, then calls sub_5DC which handles the SMM dispatch table registration. +- **0x470** `_ModuleEntryPoint`: Standard UEFI SMM driver entry point. Calls `AhciSmmPreInit` (`sub_49C`) to initialize UEFI boot/runtime services globals, then calls `AhciSmmRegisterSmiHandlers` (`sub_5DC`) which handles the SMM dispatch table registration. -- **0x2150** `sub_2150`: SMM driver initialization. Locates gEfiSmmCpuIo2ProtocolGuid protocol at GUID `unk_2E30`, probes presence via call into `qword_2EB0+8`, resolves runtime services via `sub_2594`, installs child protocols via `sub_2428` and `sub_24B0`, then calls `sub_1F0C` to register the SMI handler. +- **0x2150** `AhciSmmInitialize` (`sub_2150`): SMM driver initialization. Locates gEfiSmmCpuIo2ProtocolGuid protocol at GUID `unk_2E30`, probes presence via call into `qword_2EB0+8`, resolves runtime services via `AhciResolveRuntimeServices` (`sub_2594`), installs child protocols via `AhciInstallChildProtocol` (`sub_2428`) and `AhciInstallSmiHandlerProtocol` (`sub_24B0`), then calls `AhciSmmRegisterCallback` (`sub_1F0C`) to register the SMI handler. -- **0x1D60** `sub_1D60`: AHCI controller HBA-level initialization. Programs port registers (PxCMD start, PxIE interrupt enable, PxSERR clear, PxCFG), sets command list/FIS base addresses via `qword_3018`. Called via function pointer stored at `psub_1D60` (0x3070). +- **0x1D60** `AhciControllerInit` (`sub_1D60`): AHCI controller HBA-level initialization. Programs port registers (PxCMD start, PxIE interrupt enable, PxSERR clear, PxCFG), sets command list/FIS base addresses via `qword_3018`. Called via function pointer stored at `pAhciPortInitHandler` (0x3070). ## Internal Helpers - **AHCI Low-Level MMIO:** - - `0x75C` `sub_75C`: Polls an AHCI port MMIO register, waiting for a bitmask to clear with configurable timeout. Base register = `a1 + ((a2 + 2) << 7)` where a2 is port number. - - `0x6E4` `sub_6E4`: Polls an AHCI port MMIO register, waiting for `(reg_value & mask) == match_value`. Used for status transitions. - - `0x690` `sub_690`: Microsecond delay using ACPI PM timer I/O port 0x508. Calculates delay based on timer ticks. - - `0x1274` `sub_1274`: SATA port multiplier register access. Builds a PMP register read/write FIS, sends it via command list, waits for completion, reads result from RFIS buffer. + - `0x75C` `AhciWaitForBitClear` (`sub_75C`): Polls an AHCI port MMIO register, waiting for a bitmask to clear with configurable timeout. Base register = `a1 + ((a2 + 2) << 7)` where a2 is port number. + - `0x6E4` `AhciWaitForBitMatch` (`sub_6E4`): Polls an AHCI port MMIO register, waiting for `(reg_value & mask) == match_value`. Used for status transitions. + - `0x690` `AhciUsDelay` (`sub_690`): Microsecond delay using ACPI PM timer I/O port 0x508. Calculates delay based on timer ticks. + - `0x1274` `AhciPmpRegisterAccess` (`sub_1274`): SATA port multiplier register access. Builds a PMP register read/write FIS, sends it via command list, waits for completion, reads result from RFIS buffer. - **Command Processing Pipeline:** - - `0x11BC` `sub_11BC`: Builds a command list entry (49 bytes FIS frame starting at a4+0). Sets command FIS type, port multiplier, ATA registers (features, sector count, LBA, command). Sets CFL=5 and W=1 bits in PxCMD. - - `0x111C` `sub_111C`: Constructs PRDT (Physical Region Descriptor Table) entries. Walks the data buffer scatter-gather list, setting DBA/DBC/DI bits per 4MB-aligned region. Last entry gets EOF flag. - - `0x107C` `sub_107C`: Initializes a command header slot. Zeroes PRD region. Sets PxISA (port multiplier) bits. Sets PRDTL (PRD table length). - - `0x10C8` `sub_10C8`: Copies 16 bytes from command FIS to received FIS (RFIS) area in the command table. Handles overlap-safe copy. + - `0x11BC` `AhciBuildCommandFis` (`sub_11BC`): Builds a command list entry (49 bytes FIS frame starting at a4+0). Sets command FIS type, port multiplier, ATA registers (features, sector count, LBA, command). Sets CFL=5 and W=1 bits in PxCMD. + - `0x111C` `AhciBuildPrdt` (`sub_111C`): Constructs PRDT (Physical Region Descriptor Table) entries. Walks the data buffer scatter-gather list, setting DBA/DBC/DI bits per 4MB-aligned region. Last entry gets EOF flag. + - `0x107C` `AhciInitCommandHeader` (`sub_107C`): Initializes a command header slot. Zeroes PRD region. Sets PxISA (port multiplier) bits. Sets PRDTL (PRD table length). + - `0x10C8` `AhciCopyReceivedFis` (`sub_10C8`): Copies 16 bytes from command FIS to received FIS (RFIS) area in the command table. Handles overlap-safe copy. - **ATA Command Execution:** - - `0x1648` `sub_1648`: ATA PIO data-in command (READ SECTOR(S), IDENTIFY, etc.). Calls sub_E30 (port start), sub_1014 (PMP check), builds FIS, issues command, polls completion via sub_7D0. - - `0x17C0` `sub_17C0`: ATA DMA command (READ DMA, WRITE DMA). Similar flow to PIO but for DMA transfers. - - `0x1914` `sub_1914`: ATA software reset command. Sends SRST via command list, polls completion. - - `0x1EBC` `sub_1EBC`: Port FIS receive handler. Extracts port number and PMP status from register, dispatches to sub_C0C for command completion processing. - - `0x1BB8` `sub_1BB8`: ATA non-data command execution. Used for IDENTIFY DEVICE, SET FEATURES, etc. Builds FIS, issues command, polls completion. On error with specific conditions, retries via sub_19FC. + - `0x1648` `AhciPioDataInCommand` (`sub_1648`): ATA PIO data-in command (READ SECTOR(S), IDENTIFY, etc.). Calls `AhciPortStartStop` (`sub_E30`) (port start), `AhciCheckDevicePresenceAndRecover` (`sub_1014`) (PMP check), builds FIS, issues command, polls completion via `AhciPollForCommandCompletion` (`sub_7D0`). + - `0x17C0` `AhciDmaDataCommand` (`sub_17C0`): ATA DMA command (READ DMA, WRITE DMA). Similar flow to PIO but for DMA transfers. + - `0x1914` `AhciSoftwareResetCommand` (`sub_1914`): ATA software reset command. Sends SRST via command list, polls completion. + - `0x1EBC` `AhciFisReceiveHandler` (`sub_1EBC`): Port FIS receive handler. Extracts port number and PMP status from register, dispatches to `AhciPortCommandComplete` (`sub_C0C`) for command completion processing. + - `0x1BB8` `AhciNonDataCommandHandler` (`sub_1BB8`): ATA non-data command execution. Used for IDENTIFY DEVICE, SET FEATURES, etc. Builds FIS, issues command, polls completion. On error with specific conditions, retries via `AhciCommandCompleteType` (`sub_19FC`). - **AHCI Port Management:** - - `0xE30` `sub_E30`: Port start/stop. Saves/restores command list and FIS base addresses (stored in qword_3010/qword_3018). Stops PxCMD.PxRUN, clears PxCMD.ST, calls sub_C0C for error recovery if needed, restores base registers. - - `0x91C` `sub_91C`: Port command issue. Clears PxSERR, sets PxIE, starts port via PxCMD.PxRUN, waits for PxCMD.PxGO. Clears command slot and receiver buffers. - - `0x7D0` `sub_7D0`: Command completion polling. Monitors PxIS (interrupt status) and PxSERR (error status) with timeout. Returns error on BSY/DRQ bits or timeout. - - `0x1014` `sub_1014`: Checks port multiplier status (PxSSTS.DET). If device not present, returns success. If error, calls sub_C0C for recovery. + - `0xE30` `AhciPortStartStop` (`sub_E30`): Port start/stop. Saves/restores command list and FIS base addresses (stored in qword_3010/qword_3018). Stops PxCMD.PxRUN, clears PxCMD.ST, calls `AhciPortCommandComplete` (`sub_C0C`) for error recovery if needed, restores base registers. + - `0x91C` `AhciIssuePortCommand` (`sub_91C`): Port command issue. Clears PxSERR, sets PxIE, starts port via PxCMD.PxRUN, waits for PxCMD.PxGO. Clears command slot and receiver buffers. + - `0x7D0` `AhciPollForCommandCompletion` (`sub_7D0`): Command completion polling. Monitors PxIS (interrupt status) and PxSERR (error status) with timeout. Returns error on BSY/DRQ bits or timeout. + - `0x1014` `AhciCheckDevicePresenceAndRecover` (`sub_1014`): Checks port multiplier status (PxSSTS.DET). If device not present, returns success. If error, calls `AhciPortCommandComplete` (`sub_C0C`) for recovery. - **Debug and Error Handling:** - - `0x2314` `sub_2314`: Debug/log message printf. Calls sub_22C4 to get SMM debug2 protocol, checks debug mask from sub_2680, and prints via protocol's vprintf. - - `0x235C` `sub_235C`: ASSERT implementation. Calls sub_22C4 for debug protocol, then calls the protocol's assert handler with file/line/message. - - `0x22C4` `sub_22C4`: Locates gEfiSmmDebug2ProtocolGuid via SMM system table. Caches in qword_2E98. - - `0x2680` `sub_2680`: Reads CMOS register 0x4C to determine platform debug level. Returns EFI debug masks (0x8000000C or 0x80000006) based on value. - - `0x2604` `sub_2604`: memcmp against a fixed pattern at `unk_2E40` (16 bytes). Used for runtime services table scanning. - - `0x2594` `sub_2594`: Resolves EFI runtime services pointer by scanning SMM system table's SMM runtime services table for a non-NULL entry. + - `0x2314` `AhciDebugPrint` (`sub_2314`): Debug/log message printf. Calls `AhciLocateDebugProtocol` (`sub_22C4`) to get SMM debug2 protocol, checks debug mask from `AhciReadDebugLevelFromCmos` (`sub_2680`), and prints via protocol's vprintf. + - `0x235C` `AhciDebugAssert` (`sub_235C`): ASSERT implementation. Calls `AhciLocateDebugProtocol` (`sub_22C4`) for debug protocol, then calls the protocol's assert handler with file/line/message. + - `0x22C4` `AhciLocateDebugProtocol` (`sub_22C4`): Locates gEfiSmmDebug2ProtocolGuid via SMM system table. Caches in qword_2E98. + - `0x2680` `AhciReadDebugLevelFromCmos` (`sub_2680`): Reads CMOS register 0x4C to determine platform debug level. Returns EFI debug masks (0x8000000C or 0x80000006) based on value. + - `0x2604` `AhciMemcmpPattern` (`sub_2604`): memcmp against a fixed pattern at `unk_2E40` (16 bytes). Used for runtime services table scanning. + - `0x2594` `AhciResolveRuntimeServices` (`sub_2594`): Resolves EFI runtime services pointer by scanning SMM system table's SMM runtime services table for a non-NULL entry. - **Port Reset:** - - `0x9D0` `sub_9D0`: Complete port reset sequence. Polls PxSIG for device signature (ATA, ATAPI, PMP), waits for PxCMD.PxGO and BSY clear, checks PxSERR error bits. Returns status based on device detection. - - `0x13F4` `sub_13F4`: Soft reset. Stops port, sends SRST FIS, waits for completion, starts port, checks signature. - - `0xC0C` `sub_C0C`: Port command completion handler. Called by sub_1EBC. Programs the command list base, clears PxSERR, sends SDB (Set Device Bits) FIS notification, triggers port reset via sub_9D0 if needed. Works with port multipliers. + - `0x9D0` `AhciPortResetSequence` (`sub_9D0`): Complete port reset sequence. Polls PxSIG for device signature (ATA, ATAPI, PMP), waits for PxCMD.PxGO and BSY clear, checks PxSERR error bits. Returns status based on device detection. + - `0x13F4` `AhciGenerateSoftReset` (`sub_13F4`): Soft reset. Stops port, sends SRST FIS, waits for completion, starts port, checks signature. + - `0xC0C` `AhciPortCommandComplete` (`sub_C0C`): Port command completion handler. Called by `AhciFisReceiveHandler` (`sub_1EBC`). Programs the command list base, clears PxSERR, sends SDB (Set Device Bits) FIS notification, triggers port reset via `AhciPortResetSequence` (`sub_9D0`) if needed. Works with port multipliers. - **Library Functions:** - - `0x2720` `sub_2720`: memset - aligned dword fill with residual byte fill. - - `0x2780` `sub_2780`: memmove - overlap-safe memory copy. Checks src/dst overlap direction (forward/backward), uses aligned qword copy for large blocks. - - `0x2A0` `sub_2A0`: SetJump - saves all non-volatile registers (rbx, rbp, rdi, rsi, r12-r15), MXCSR, and XMM6-XMM15. Stores at offset 0x72 for return address. - - `0x340` `sub_340`: LongJump - restores MXCSR from saved frame, jumps to saved return address. + - `0x2720` `AhciMemset` (`sub_2720`): memset - aligned dword fill with residual byte fill. + - `0x2780` `AhciMemmove` (`sub_2780`): memmove - overlap-safe memory copy. Checks src/dst overlap direction (forward/backward), uses aligned qword copy for large blocks. + - `0x2A0` `AhciSetJump` (`sub_2A0`): SetJump - saves all non-volatile registers (rbx, rbp, rdi, rsi, r12-r15), MXCSR, and XMM6-XMM15. Stores at offset 0x72 for return address. + - `0x340` `AhciLongJump` (`sub_340`): LongJump - restores MXCSR from saved frame, jumps to saved return address. ## State Management -**SMM Protocol Cache (initialized in sub_49C/sub_2150):** +**SMM Protocol Cache (initialized in `AhciSmmPreInit`/`AhciSmmInitialize`):** - `qword_2E80` (0x2E80): gImageHandle (cached) - `qword_2E70` (0x2E70): gST (SystemTable) - `qword_2E78` (0x2E78): gBS (BootServices) @@ -120,7 +120,7 @@ - `qword_2E90` (0x2E90): gSmst (SMM System Table) - `qword_2EA0` (0x2EA0): mPcd (PCD protocol, resolved lazily) -**SMM Driver Globals (initialized in sub_2150):** +**SMM Driver Globals (initialized in AhciSmmInitialize):** - `qword_2EB0` (0x2EB0): SMM CPU I/O2 protocol instance - `byte_2EB8` (0x2EB8): SMM mode flag (1 = SMM, 0 = DXE) - `qword_2EE8` (0x2EE8): SmmServicesTableBase2 protocol @@ -139,15 +139,15 @@ - `dword_3020` (0x3020): SMI callback registration handle **SMI Handler Function Pointers (at 0x3070-0x30A0):** -- `psub_1D60` (0x3070): HBA initialization handler -- `psub_17C0` (0x3078): ATA DMA command handler -- `psub_1648` (0x3080): ATA PIO data-in command handler -- `psub_1914` (0x3088): ATA software reset handler -- `psub_1BB8` (0x3090): ATA non-data command handler -- `psub_1F04` (0x30A0): ATA soft reset (port-level) handler -- `psub_1EBC` (0x3098): FIS receive / command completion handler +- `pAhciPortInitHandler` (0x3070): `AhciControllerInit` (HBA initialization handler) +- `pAhciDmaCommandHandler` (0x3078): `AhciDmaDataCommand` (ATA DMA command handler) +- `pAhciPioDataInHandler` (0x3080): `AhciPioDataInCommand` (ATA PIO data-in command handler) +- `pAhciSoftwareResetHandler` (0x3088): `AhciSoftwareResetCommand` (ATA software reset handler) +- `pAhciNonDataCommandHandler` (0x3090): `AhciNonDataCommandHandler` (ATA non-data command handler) +- `pAhciFisReceiveHandler` (0x3098): `AhciFisReceiveHandler` (FIS receive / command completion handler) +- `pAhciSoftResetHandler` (0x30A0): `AhciPortSoftResetThunk` (ATA soft reset port-level handler) -**Buffers (allocated in sub_1F0C):** +**Buffers (allocated in `AhciSmmRegisterCallback` / sub_1F0C):** - `buf` at `qword_2E68` (0x2E68): 256-byte buffer for command response data - `qword_3038` (0x3038): 256-byte command list for SMM - `qword_3030` (0x3030): 1024-byte AHCI receive area @@ -238,47 +238,51 @@ ## Calling Patterns 1. **Driver Entry and Initialization:** - `_ModuleEntryPoint` -> `sub_49C` (init UEFI globals) -> `sub_5DC` (main dispatch) + `_ModuleEntryPoint` -> `AhciSmmPreInit` (`sub_49C`) (init UEFI globals) -> `AhciSmmRegisterSmiHandlers` (`sub_5DC`) (main dispatch) -2. **SMM Driver Registration (sub_5DC flow):** - `sub_5DC` -> `sub_2A0` (SetJump/lock) -> `sub_2150` (init SMM) -> `sub_227C` (validate) -> `sub_340` (LongJump/unlock) +2. **SMM Driver Registration (`AhciSmmRegisterSmiHandlers` flow):** + `AhciSmmRegisterSmiHandlers` (`sub_5DC`) -> `AhciSetJump` (`sub_2A0`) (SetJump/lock) -> `AhciSmmInitialize` (`sub_2150`) (init SMM) -> `AhciValidateJumpFrame` (`sub_227C`) (validate) -> `AhciLongJump` (`sub_340`) (LongJump/unlock) -3. **SMM Initialization Chain (sub_2150):** - `sub_2150` -> `sub_239C` (PCD) -> LocateProtocol(SmmCpuIo2) -> Probe -> `sub_2594` (Runtime) -> `sub_2428` (child proto) -> `sub_24B0` (SMI handler) -> `sub_1F0C` (register callback) +3. **SMM Initialization Chain (`AhciSmmInitialize`):** + `AhciSmmInitialize` (`sub_2150`) -> `AhciLocatePcdProtocol` (`sub_239C`) (PCD) -> LocateProtocol(SmmCpuIo2) -> Probe -> `AhciResolveRuntimeServices` (`sub_2594`) (Runtime) -> `AhciInstallChildProtocol` (`sub_2428`) (child proto) -> `AhciInstallSmiHandlerProtocol` (`sub_24B0`) (SMI handler) -> `AhciSmmRegisterCallback` (`sub_1F0C`) (register callback) -4. **SMI Handler Registration (sub_1F0C):** - Allocate buffer -> zero -> `sub_2720` (memset) -> Set function pointers -> Locate SMM base2 -> Register SmiHandler with GUID `unk_2DF0` -> Return +4. **SMI Handler Registration (`AhciSmmRegisterCallback`):** + Allocate buffer -> zero -> `AhciMemset` (`sub_2720`) -> Set function pointers -> Locate SMM base2 -> Register SmiHandler with GUID `unk_2DF0` -> Return 5. **ATA Command Execution Flow:** - `sub_1648`/`sub_17C0`/`sub_1914`/`sub_1BB8`: - - `sub_E30` (start port, arg=1) - - `sub_1014` (PMP check) - - `sub_107C` (init cmd header) - - `sub_11BC` (write FIS to command list) - - `sub_91C` (issue command / start DMA) - - `sub_7D0` (poll for completion) - - `sub_E30` (stop port, arg=0) + `AhciPioDataInCommand`/`AhciDmaDataCommand`/`AhciSoftwareResetCommand`/`AhciNonDataCommandHandler`: + - `AhciPortStartStop` (`sub_E30`) (start port, arg=1) + - `AhciCheckDevicePresenceAndRecover` (`sub_1014`) (PMP check) + - `AhciInitCommandHeader` (`sub_107C`) (init cmd header) + - `AhciBuildCommandFis` (`sub_11BC`) (write FIS to command list) + - `AhciIssuePortCommand` (`sub_91C`) (issue command / start DMA) + - `AhciPollForCommandCompletion` (`sub_7D0`) (poll for completion) + - `AhciPortStartStop` (`sub_E30`) (stop port, arg=0) 6. **Command Completion Path:** - `sub_1EBC` -> `sub_C0C` -> `sub_9D0` (port reset if error) + `AhciFisReceiveHandler` (`sub_1EBC`) -> `AhciPortCommandComplete` (`sub_C0C`) -> `AhciPortResetSequence` (`sub_9D0`) (port reset if error) 7. **Debug Logging:** - `sub_2314` -> `sub_22C4` (locate debug protocol) -> `sub_2680` (check CMOS debug level) -> protocol vprintf + `AhciDebugPrint` (`sub_2314`) -> `AhciLocateDebugProtocol` (`sub_22C4`) (locate debug protocol) -> `AhciReadDebugLevelFromCmos` (`sub_2680`) (check CMOS debug level) -> protocol vprintf 8. **Soft Reset Flow:** - `sub_13F4` (or thunked via `sub_1F04`): + `AhciGenerateSoftReset` (`sub_13F4`) (or thunked via `AhciPortSoftResetThunk` (`sub_1F04`)): - Check reentry guard (`byte_2E61`) - - `sub_E30` (start port) + - `AhciPortStartStop` (`sub_E30`) (start port) - `sub_107C` + `sub_11BC` (build SRST FIS) - - `sub_91C` (issue) + - `AhciIssuePortCommand` (`sub_91C`) (issue) - Poll PxCMD.PxRUN - - `sub_690` (100us delay) + - `AhciUsDelay` (`sub_690`) (100us delay) - Re-read FIS - - `sub_7D0` (poll command completion with 30s timeout) - - `sub_E30` (stop port) + - `AhciPollForCommandCompletion` (`sub_7D0`) (poll command completion with 30s timeout) + - `AhciPortStartStop` (`sub_E30`) (stop port) ## Dependencies +## Module/File Split Notes +- `AhciSmm.h` stores recovered symbol declarations, global state mapping, and protocol/function dispatch aliases. +- `AhciSmm.c` stores recovered runtime scaffolding and stubbed entrypoint implementations used to anchor symbol recovery. + ### Consumed (this module calls) - **SMM System Table (gSmst)**: LocateProtocol, SmiHandlerRegister (via qword_2EE8 offsets 208, etc.) - **UEFI Boot Services (gBS)**: LocateProtocol, AllocatePages (offset 64), Stall (offset 24/32) @@ -303,4 +307,4 @@ - Command completion polling (sub_7D0) has timeout of 30000ms for most commands, 1000ms for PMP register access. - Reentry guards (byte_2E60, byte_2E61) prevent recursive calls into the port completion and soft reset handlers. - The debug print level is controlled by CMOS register 0x4C (bitmask), read via I/O ports 0x70/0x71. -- Function pointer table at 0x3070-0x30A0 is populated during initialization in sub_1F0C and used by the SMI dispatch to route ATA commands. \ No newline at end of file +- Function pointer table at 0x3070-0x30A0 is populated during initialization in sub_1F0C and used by the SMI dispatch to route ATA commands. diff --git a/AmiModulePkg/AHCI/AhciSmm/README.md b/AmiModulePkg/AHCI/AhciSmm/README.md index 87314e0..445134a 100644 --- a/AmiModulePkg/AHCI/AhciSmm/README.md +++ b/AmiModulePkg/AHCI/AhciSmm/README.md @@ -16,16 +16,46 @@ AhciSmm is an SMM driver that manages AHCI (Advanced Host Controller Interface) SATA controllers within System Management Mode. It provides SMI handling for SATA controller events including port errors, hot-plug events, and device interrupts. This driver is essential for proper error recovery and management of SATA storage devices during platform runtime management scenarios. ## Key Functions -- **_ModuleEntryPoint** (0x470): Entry point; initializes AHCI SMM context and registers SMI handlers for SATA controller events. -- **sub_49C**: Pre-initialization routine that reads AHCI base address registers. -- **sub_5DC**: Main SMM entry; registers the SMI handler for SATA/AHCI controller interrupts. -- **sub_E30 (3 callees)**: AHCI SMI handler; processes port-level SATA interrupts including device errors and hot-plug events. -- **sub_1274 (9 callees)**: Internal AHCI command execution within SMM context; issues soft resets and diagnostic commands. -- **sub_7D0 (2 callees)**: Port error status analysis and recovery for SATA link errors. +- **_ModuleEntryPoint** (0x470): Canonical entry point; initializes AHCI SMM context and dispatches SMI registration. +- **AhciSmmPreInit** (`sub_49C`): Pre-initialization routine that reads AHCI base address registers. +- **AhciSmmRegisterSmiHandlers** (`sub_5DC`): Main SMM entry; registers the SMI handler for SATA/AHCI controller interrupts. +- **AhciPortStartStop** (`sub_E30`): Port-level start/stop control used by command and reset execution. +- **AhciPmpRegisterAccess** (`sub_1274`): Internal AHCI command execution path for PMP register read/write. +- **AhciPollForCommandCompletion** (`sub_7D0`): Port command completion and error-status polling helper. ### Recovered Naming Notes - `_ModuleEntryPoint` is the canonical entry point name from decompilation notes. -- `ModuleEntryPoint` is kept as the compatibility wrapper name used by existing module wrappers. +- `ModuleEntryPoint` is kept as a compatibility wrapper name used by existing module wrappers. + +### Module/File Split Notes +- `AhciSmm.c` carries the recovered runtime symbols and entrypoint flow stubs for this module snapshot. +- `AhciSmm.h` carries canonical symbol declarations: globals, handler signatures, and compatibility `sub_*` aliases. + +## Recovered Variable Naming +- `gImageHandle` (0x2E80) +- `gST` (0x2E70) +- `gBS` (0x2E78) +- `gRT` (0x2E88) +- `gSmst` (0x2E90) +- `mPcd` (0x2EA0) +- `gSmmCpuIo2Protocol` (0x2EB0) +- `mSmmMode` (0x2EB8) +- `gSmmServicesTableBase2` (0x2EE8) +- `gSmmChildProtocol` (0x2EC0) +- `gDxeProtocol` (0x2ED8) +- `gSmiHandlerProtocol` (0x2ED0) +- `gDxeSmiHandlerProtocol` (0x2EF0) +- `gSmmProtocolReady` (0x2EC8) +- `gBuf` (0x2E68) +- `gAhciSavedPxClb` (0x3010) +- `gAhciSavedPxFb` (0x3018) +- `gAhciReturnStatus` (0x3008) +- `gPortCompletionInProgress` (0x2E60) +- `gSoftResetInProgress` (0x2E61) +- `gSmiCallbackHandle` (0x3020) +- `gAhciCommandList` (0x3038) +- `gAhciReceiveArea` (0x3030) +- `gAhciCommandTable` (0x3028) ## Strings - "AHCI_SMM : PxSERR Port Serial ATA Error Data32_SERR:%x Data32_IS :%x" diff --git a/AmiModulePkg/AHCI/SataController/README.md b/AmiModulePkg/AHCI/SataController/README.md index 1779fbf..1a9580b 100644 --- a/AmiModulePkg/AHCI/SataController/README.md +++ b/AmiModulePkg/AHCI/SataController/README.md @@ -2,6 +2,9 @@ **Index:** 0128 | **Size:** 158.0 KB | **Phase:** DXE | **Arch:** X64 +**Source:** `AmiModulePkg/AHCI/SataController/SataController.c` with declarations in +`SataController.h`. + ## Overview SATA host controller driver implementing the EFI_IDE_CONTROLLER_INIT_PROTOCOL for Intel PCH SATA controllers on the Purley platform. Manages channel enumeration, device identification (IDENTIFY DEVICE), PIO/DMA mode calculation, and asynchronous command submission. Also integrates S3 boot script management -- saves/restores SATA controller configuration to/from the SMM LockBox for S3 resume path. @@ -23,4 +26,26 @@ ## Platform -Intel Purley platform (PurleySktPkg), Lenovo HR650X. PCH SATA controller with S3 resume support. \ No newline at end of file +Intel Purley platform (PurleySktPkg), Lenovo HR650X. PCH SATA controller with S3 resume support. + +## Module/File Split Notes + +- `SataController.c`: recovered implementations for the EFI_IDE_CONTROLLER_INIT_PROTOCOL surface, mode calculation, PCH detection, S3 boot-script lifecycle, and SMM LockBox wrappers. +- `SataController.h`: recovered canonical exports and parameter contracts for all recovered symbols. + +## Recovered Variable Naming + +- `gBootScriptContext` +- `gAltBootScriptContext` +- `gBootScriptAllocated` +- `gBootScriptFinalGuid` +- `gBootScriptCloseGuid` +- `gLockBoxGuid2` +- `gEventExitBootSvc` +- `gEventSetVirtualAddrMap` +- `gEventReadyToLock` +- `gSmst` +- `gSmstAllocated` +- `gDxeSmmReadyToLockEvent` +- `gLockBoxCommBuffer` +- `gPchSeries` diff --git a/AmiModulePkg/AHCI/SataController/SataController.c b/AmiModulePkg/AHCI/SataController/SataController.c index 3faa049..8a81631 100644 --- a/AmiModulePkg/AHCI/SataController/SataController.c +++ b/AmiModulePkg/AHCI/SataController/SataController.c @@ -44,8 +44,9 @@ return EFI_INVALID_PARAMETER; } - if (Channel >= SataPrivateData->IdeRegistersBase) { + if (NumberOfChannels == NULL || MaximumDevicesPerChannel == NULL) { *NumberOfChannels = 0; + *MaximumDevicesPerChannel = 0; return EFI_INVALID_PARAMETER; } @@ -1342,4 +1343,4 @@ } return EFI_UNSUPPORTED; -} \ No newline at end of file +} diff --git a/AmiModulePkg/AHCI/SataController/SataController.h b/AmiModulePkg/AHCI/SataController/SataController.h index 93ffebd..0d7ac69 100644 --- a/AmiModulePkg/AHCI/SataController/SataController.h +++ b/AmiModulePkg/AHCI/SataController/SataController.h @@ -10,589 +10,169 @@ #include "../uefi_headers/Uefi.h" // -// Function Prototypes +// EFI_IDE_CONTROLLER_INIT_PROTOCOL implementation // - EFI_STATUS EFIAPI -SataGetDeviceCount( - VOID -); +SataGetDeviceCount ( + IN EFI_IDE_CONTROLLER_INIT_PROTOCOL *This, + OUT UINT8 *NumberOfChannels, + OUT UINT8 *MaximumDevicesPerChannel + ); EFI_STATUS EFIAPI -SataGetDevice( - VOID -); +SataGetDevice ( + IN EFI_IDE_CONTROLLER_INIT_PROTOCOL *This, + IN UINT8 Channel, + OUT UINT8 *Device + ); EFI_STATUS EFIAPI -SataIdentifyDevice( - VOID -); +SataIdentifyDevice ( + IN EFI_IDE_CONTROLLER_INIT_PROTOCOL *This, + IN UINT8 Channel, + IN UINT8 Device, + IN EFI_IDE_IDENTIFY_DATA *IdentifyData + ); EFI_STATUS EFIAPI -SataModifyDevice( - VOID -); +SataModifyDevice ( + IN EFI_IDE_CONTROLLER_INIT_PROTOCOL *This, + IN UINT8 Channel, + IN UINT8 Device, + IN EFI_IDE_CHANNEL_INFO *ChannelInfo + ); EFI_STATUS EFIAPI -SataSubmitAsyncCommand( - VOID -); +SataSubmitAsyncCommand ( + IN EFI_IDE_CONTROLLER_INIT_PROTOCOL *This, + IN UINT8 Channel, + IN UINT8 Device + ); EFI_STATUS EFIAPI -SataStopDevice( - VOID -); +SataStopDevice ( + IN EFI_IDE_CONTROLLER_INIT_PROTOCOL *This, + IN UINT8 Channel, + IN UINT8 Device + ); EFI_STATUS EFIAPI -SataCalculateBestPioMode( - VOID -); +SataCalculateBestPioMode ( + IN EFI_IDE_IDENTIFY_DATA *IdentifyData, + IN UINT16 *ChannelInfoMaxMode OPTIONAL, + OUT UINT16 *BestMode + ); -EFI_STATUS -EFIAPI -PchGetPchSeries( +UINTN +PchGetPchSeries ( VOID -); + ); EFI_STATUS -EFIAPI -S3BootScriptLibInit( +S3BootScriptLibInit ( VOID -); + ); -EFI_STATUS +VOID EFIAPI -S3BootScriptEventNotify( - VOID -); +S3BootScriptEventNotify ( + IN EFI_EVENT Event, + IN VOID *Context + ); -EFI_STATUS -EFIAPI -S3BootScriptFinalize( +VOID +S3BootScriptFinalize ( VOID -); + ); -EFI_STATUS +VOID EFIAPI -S3ReadyToLockNotify( - VOID -); +S3ReadyToLockNotify ( + IN EFI_EVENT Event, + IN VOID *Context + ); EFI_STATUS -EFIAPI -S3BootScriptCloseEvent( +S3BootScriptCloseEvent ( VOID -); + ); -EFI_STATUS +VOID EFIAPI -S3BootScriptCloseNotify( - VOID -); +S3BootScriptCloseNotify ( + IN EFI_EVENT Event, + IN VOID *Context + ); EFI_STATUS -EFIAPI -SaveBootScriptDataToLockBox( +SaveBootScriptDataToLockBox ( VOID -); + ); -EFI_STATUS -EFIAPI -SmmLockBoxSave( +SMM_LOCK_BOX_PROTOCOL * +GetSmmLockBoxProtocol ( VOID -); + ); -EFI_STATUS -EFIAPI -SmmLockBoxSetAttributes( +VOID * +SmmLockBoxGetCommBuffer ( VOID -); + ); EFI_STATUS -EFIAPI -SmmLockBoxRestore( - VOID -); +SmmLockBoxSave ( + IN EFI_GUID *Guid, + IN VOID *Buffer, + IN UINTN Length + ); EFI_STATUS -EFIAPI -S3BootScriptLibDeinit( - VOID -); +SmmLockBoxSetAttributes ( + IN EFI_GUID *Guid + ); EFI_STATUS -EFIAPI -SataComponentNameGetDriverName( - VOID -); +SmmLockBoxRestore ( + IN EFI_GUID *Guid + ); EFI_STATUS -EFIAPI -SataComponentNameGetControllerName( +S3BootScriptLibDeinit ( VOID -); + ); EFI_STATUS EFIAPI -LookupStringTable( - VOID -); +SataComponentNameGetDriverName ( + IN EFI_COMPONENT_NAME_PROTOCOL *This, + IN CHAR8 *Language, + OUT CHAR16 **DriverName + ); EFI_STATUS EFIAPI -implementation( - VOID -); +SataComponentNameGetControllerName ( + IN EFI_COMPONENT_NAME_PROTOCOL *This, + IN EFI_HANDLE ControllerHandle, + IN EFI_HANDLE ChildHandle OPTIONAL, + IN CHAR8 *Language, + OUT CHAR16 **ControllerName + ); EFI_STATUS -EFIAPI -result buffer for caller( - VOID -); +LookupStringTable ( + IN CHAR8 *Language, + IN CHAR8 **SupportedLanguages, + IN VOID *StringTable, + OUT CHAR16 **FoundString, + IN BOOLEAN IsComponentName2 + ); -EFI_STATUS -EFIAPI -= AllocatePool (sizeof (EFI_IDE_CHANNEL_INFO));( - VOID -); - -EFI_STATUS -EFIAPI -best PIO mode( - VOID -); - -EFI_STATUS -EFIAPI -= 0;( - VOID -); - -EFI_STATUS -EFIAPI -valid( - VOID -); - -EFI_STATUS -EFIAPI -invalid( - VOID -); - -EFI_STATUS -EFIAPI -DMA capability( - VOID -); - -EFI_STATUS -EFIAPI -(SataPrivateData->DeviceIdentifyData[Channel][106] & 4) {( - VOID -); - -EFI_STATUS -EFIAPI -supports DMA - calculate best DMA mode( - VOID -); - -EFI_STATUS -EFIAPI -DmaMode = 0;( - VOID -); - -EFI_STATUS -EFIAPI -DMA( - VOID -); - -EFI_STATUS -EFIAPI -Mode Calculation( - VOID -); - -EFI_STATUS -EFIAPI -103: IORDY support and mode info( - VOID -); - -EFI_STATUS -EFIAPI -= IdentifyData->Field103;( - VOID -); - -EFI_STATUS -EFIAPI -IORDY - use PIO mode 0-2 only( - VOID -); - -EFI_STATUS -EFIAPI -= Field103;( - VOID -); - -EFI_STATUS -EFIAPI -supported - determine PIO mode 0-4( - VOID -); - -EFI_STATUS -EFIAPI -PIO mode from timing( - VOID -); - -EFI_STATUS -EFIAPI -(PioModeBits <= 0x78) {( - VOID -); - -EFI_STATUS -EFIAPI -Series Detection( - VOID -); - -EFI_STATUS -EFIAPI -if device ID falls in SPT range (0x9D00-0x9D3F with mask 0xFF70)( - VOID -); - -EFI_STATUS -EFIAPI -(((LpcDeviceId + 24128) & 0xFF70) != 0) {( - VOID -); - -EFI_STATUS -EFIAPI -CNP range( - VOID -); - -EFI_STATUS -EFIAPI -((UINT16)(LpcDeviceId + 25280) <= 8) {( - VOID -); - -EFI_STATUS -EFIAPI -Point( - VOID -); - -EFI_STATUS -EFIAPI -Boot Script Library( - VOID -); - -EFI_STATUS -EFIAPI -EfiReservedMemory for boot script context( - VOID -); - -EFI_STATUS -EFIAPI -= GetPcdDbProtocol ();( - VOID -); - -EFI_STATUS -EFIAPI -SMM protocol( - VOID -); - -EFI_STATUS -EFIAPI -= gBS->LocateProtocol (&gEfiSmmBase2ProtocolGuid, NULL, &gSmst);( - VOID -); - -EFI_STATUS -EFIAPI -S3 boot script close notification( - VOID -); - -EFI_STATUS -EFIAPI -= gBS->CreateEvent (( - VOID -); - -EFI_STATUS -EFIAPI -= gBS->RegisterProtocolNotify (( - VOID -); - -EFI_STATUS -EFIAPI -Boot Script Event Notify Callbacks( - VOID -); - -EFI_STATUS -EFIAPI -SMM - check if already saved( - VOID -); - -EFI_STATUS -EFIAPI -(gBootScriptContext != NULL && !gBootScriptContext->FlagSaved) {( - VOID -); - -EFI_STATUS -EFIAPI -Boot Script Data save to LockBox( - VOID -); - -EFI_STATUS -EFIAPI -1: Save boot script context to lockbox( - VOID -); - -EFI_STATUS -EFIAPI -= SmmLockBoxSave (&gBootScriptFinalGuid( - VOID -); - -EFI_STATUS -EFIAPI -2: Get memory map( - VOID -); - -EFI_STATUS -EFIAPI -3: Allocate memory ranges structure( - VOID -); - -EFI_STATUS -EFIAPI -= (EFI_PHYSICAL_ADDRESS)(UINTN)-1;( - VOID -); - -EFI_STATUS -EFIAPI -ranges that are not MMIO( - VOID -); - -EFI_STATUS -EFIAPI -(Index = 0; Index < MemoryMapSize / MapDescriptorSize; Index++) {( - VOID -); - -EFI_STATUS -EFIAPI -memory ranges buffer( - VOID -); - -EFI_STATUS -EFIAPI -= MemoryRanges->NumberOfMemoryRanges * sizeof (MEMORY_RANGE_ENTRY);( - VOID -); - -EFI_STATUS -EFIAPI -4: Fill memory ranges( - VOID -); - -EFI_STATUS -EFIAPI -5: Save memory ranges to lockbox( - VOID -); - -EFI_STATUS -EFIAPI -= SmmLockBoxSave (&gBootScriptFinalGuid, MemoryRanges( - VOID -); - -EFI_STATUS -EFIAPI -LockBox Wrappers( - VOID -); - -EFI_STATUS -EFIAPI -*(UINT32 *)(CommBuffer + 24) = 1; // Function: Save( - VOID -); - -EFI_STATUS -EFIAPI -CopyMem (CommBuffer + 40, Guid, 16);( - VOID -); - -EFI_STATUS -EFIAPI -DxeSmmReadyToLock event( - VOID -); - -EFI_STATUS -EFIAPI -(gDxeSmmReadyToLockEvent != NULL) {( - VOID -); - -EFI_STATUS -EFIAPI -notifies( - VOID -); - -EFI_STATUS -EFIAPI -(gSmst != NULL) {( - VOID -); - -EFI_STATUS -EFIAPI -boot script buffer( - VOID -); - -EFI_STATUS -EFIAPI -(gBootScriptAllocated && gBootScriptContext != NULL) {( - VOID -); - -EFI_STATUS -EFIAPI -SMM allocated buffer( - VOID -); - -EFI_STATUS -EFIAPI -(gSmstAllocated && gSmst != NULL) {( - VOID -); - -EFI_STATUS -EFIAPI -Name Protocol( - VOID -); - -EFI_STATUS -EFIAPI -the controller is managed by this driver( - VOID -); - -EFI_STATUS -EFIAPI -Status;( - VOID -); - -EFI_STATUS -EFIAPI -PCI IO - return unsupported( - VOID -); - -EFI_STATUS -EFIAPI -(Status != EFI_UNSUPPORTED) {( - VOID -); - -EFI_STATUS -EFIAPI -Table Lookup( - VOID -); - -EFI_STATUS -EFIAPI -4646 language tags: compare 3-byte prefix( - VOID -); - -EFI_STATUS -EFIAPI -(ReadUint24 ((UINT32 *)Lang) == ReadUint24 ((UINT32 *)SupportedLanguages)) {( - VOID -); - -EFI_STATUS -EFIAPI -639-2: split by ';', compare each( - VOID -); - -EFI_STATUS -EFIAPI -to next language token( - VOID -); - -EFI_STATUS -EFIAPI -+= TokenLen;( - VOID -); - -EFI_STATUS -EFIAPI -entry token with language( - VOID -); - -EFI_STATUS -EFIAPI -*StrTok = *Entry;( - VOID -); - -EFI_STATUS -EFIAPI -semicolons( - VOID -); - -#endif /* __SATACONTROLLER_H__ */ \ No newline at end of file +#endif /* __SATACONTROLLER_H__ */ diff --git a/AmiModulePkg/AHCI/SataController/SataController.md b/AmiModulePkg/AHCI/SataController/SataController.md index 7a6a341..965321c 100644 --- a/AmiModulePkg/AHCI/SataController/SataController.md +++ b/AmiModulePkg/AHCI/SataController/SataController.md @@ -4,103 +4,64 @@ | Address | Name | Description | |---------|------|-------------| -| | **SataGetDeviceCount** | | -| | **SataGetDevice** | | -| | **SataIdentifyDevice** | | -| | **SataModifyDevice** | | -| | **SataSubmitAsyncCommand** | | -| | **SataStopDevice** | | -| | **SataCalculateBestPioMode** | | -| | **PchGetPchSeries** | | -| | **S3BootScriptLibInit** | | -| | **S3BootScriptEventNotify** | | -| | **S3BootScriptFinalize** | | -| | **S3ReadyToLockNotify** | | -| | **S3BootScriptCloseEvent** | | -| | **S3BootScriptCloseNotify** | | -| | **SaveBootScriptDataToLockBox** | | -| | **SmmLockBoxSave** | | -| | **SmmLockBoxSetAttributes** | | -| | **SmmLockBoxRestore** | | -| | **S3BootScriptLibDeinit** | | -| | **SataComponentNameGetDriverName** | | -| | **SataComponentNameGetControllerName** | | -| | **LookupStringTable** | | -| EFI_IDE_CONTROLLER_INIT_PROTOCOL | **implementation** | | -| Allocate | **result buffer for caller** | | -| ResultBuffer | **= AllocatePool (sizeof (EFI_IDE_CHANNEL_INFO));** | | -| Query | **best PIO mode** | | -| MaxMode | **= 0;** | | -| Mode | **valid** | | -| Mode | **invalid** | | -| Check | **DMA capability** | | -| if | **(SataPrivateData->DeviceIdentifyData[Channel][106] & 4) {** | | -| Device | **supports DMA - calculate best DMA mode** | | -| UINT16 | **DmaMode = 0;** | | -| No | **DMA** | | -| PIO | **Mode Calculation** | | -| Field | **103: IORDY support and mode info** | | -| Field103 | **= IdentifyData->Field103;** | | -| No | **IORDY - use PIO mode 0-2 only** | | -| BestPio | **= Field103;** | | -| IORDY | **supported - determine PIO mode 0-4** | | -| Determine | **PIO mode from timing** | | -| if | **(PioModeBits <= 0x78) {** | | -| PCH | **Series Detection** | | -| Check | **if device ID falls in SPT range (0x9D00-0x9D3F with mask 0xFF70)** | | -| if | **(((LpcDeviceId + 24128) & 0xFF70) != 0) {** | | -| Check | **CNP range** | | -| if | **((UINT16)(LpcDeviceId + 25280) <= 8) {** | | -| Cannon | **Point** | | -| S3 | **Boot Script Library** | | -| Allocate | **EfiReservedMemory for boot script context** | | -| Status | **= GetPcdDbProtocol ();** | | -| Locate | **SMM protocol** | | -| Status | **= gBS->LocateProtocol (&gEfiSmmBase2ProtocolGuid, NULL, &gSmst);** | | -| Register | **S3 boot script close notification** | | -| Status | **= gBS->CreateEvent (** | | -| Status | **= gBS->RegisterProtocolNotify (** | | -| S3 | **Boot Script Event Notify Callbacks** | | -| Inside | **SMM - check if already saved** | | -| if | **(gBootScriptContext != NULL && !gBootScriptContext->FlagSaved) {** | | -| S3 | **Boot Script Data save to LockBox** | | -| Step | **1: Save boot script context to lockbox** | | -| Status | **= SmmLockBoxSave (&gBootScriptFinalGuid** | | -| Step | **2: Get memory map** | | -| Step | **3: Allocate memory ranges structure** | | -| PagesAddr | **= (EFI_PHYSICAL_ADDRESS)(UINTN)-1;** | | -| Count | **ranges that are not MMIO** | | -| for | **(Index = 0; Index < MemoryMapSize / MapDescriptorSize; Index++) {** | | -| Allocate | **memory ranges buffer** | | -| BufferSize | **= MemoryRanges->NumberOfMemoryRanges * sizeof (MEMORY_RANGE_ENTRY);** | | -| Step | **4: Fill memory ranges** | | -| Step | **5: Save memory ranges to lockbox** | | -| Status | **= SmmLockBoxSave (&gBootScriptFinalGuid, MemoryRanges** | | -| SMM | **LockBox Wrappers** | | -| ReturnStatus | ***(UINT32 *)(CommBuffer + 24) = 1; // Function: Save** | | -| HeaderSize | **CopyMem (CommBuffer + 40, Guid, 16);** | | -| Close | **DxeSmmReadyToLock event** | | -| if | **(gDxeSmmReadyToLockEvent != NULL) {** | | -| Unregister | **notifies** | | -| if | **(gSmst != NULL) {** | | -| Free | **boot script buffer** | | -| if | **(gBootScriptAllocated && gBootScriptContext != NULL) {** | | -| Free | **SMM allocated buffer** | | -| if | **(gSmstAllocated && gSmst != NULL) {** | | -| Component | **Name Protocol** | | -| Verify | **the controller is managed by this driver** | | -| EFI_STATUS | **Status;** | | -| Not | **PCI IO - return unsupported** | | -| if | **(Status != EFI_UNSUPPORTED) {** | | -| String | **Table Lookup** | | -| RFC | **4646 language tags: compare 3-byte prefix** | | -| if | **(ReadUint24 ((UINT32 *)Lang) == ReadUint24 ((UINT32 *)SupportedLanguages)) {** | | -| ISO | **639-2: split by ';', compare each** | | -| Skip | **to next language token** | | -| Lang | **+= TokenLen;** | | -| Compare | **entry token with language** | | -| CHAR8 | ***StrTok = *Entry;** | | -| Skip | **semicolons** | | +| 0000 | **SataGetDeviceCount** | Return total channels and maximum devices per channel | +| 0000 | **SataGetDevice** | Validate channel index and device presence | +| 0000 | **SataIdentifyDevice** | Copy 512-byte IDENTIFY DEVICE payload for a channel | +| 0000 | **SataModifyDevice** | Copy 44-byte `EFI_IDE_CHANNEL_INFO` for the selected channel | +| 0000 | **SataSubmitAsyncCommand** | Build caller result buffer and return negotiated PIO/DMA modes | +| 0000 | **SataStopDevice** | No-op stop routine | +| 0000 | **SataCalculateBestPioMode** | Compute preferred PIO mode from IDENTIFY Field103/128/136 | +| 0000 | **PchGetPchSeries** | Detect PCH family (SPT, CNP, fallback) from LPC device ID | +| 0000 | **S3BootScriptLibInit** | Initialize S3 boot-script save context and callback registrations | +| 0000 | **S3BootScriptEventNotify** | SMM/DXE finalization notify handler | +| 0000 | **S3BootScriptFinalize** | Append S3 boot-script terminator | +| 0000 | **S3ReadyToLockNotify** | Copy boot-script state into ready-to-lock SMM context | +| 0000 | **S3BootScriptCloseEvent** | Persist boot-script close metadata into S3 LockBox | +| 0000 | **S3BootScriptCloseNotify** | Handle boot-script close event, save entries and mark completion | +| 0000 | **SaveBootScriptDataToLockBox** | Save boot script and qualifying memory ranges into LockBox | +| 0000 | **SmmLockBoxSave** | Write an entry into SMM LockBox communication buffer | +| 0000 | **SmmLockBoxSetAttributes** | Apply LockBox attributes to an entry | +| 0000 | **SmmLockBoxRestore** | Restore a LockBox entry | +| 0000 | **S3BootScriptLibDeinit** | Release events, protocol state, and reserved pages | +| 0000 | **SataComponentNameGetDriverName** | Return component driver name | +| 0000 | **SataComponentNameGetControllerName** | Return controller-specific component name | +| 0000 | **LookupStringTable** | Resolve ISO-639-2 / RFC-4646 localized strings | +| 0000 | **GetSmmLockBoxProtocol** | Cached getter for `gEfiSmmLockBoxProtocolGuid` | +| 0000 | **SmmLockBoxGetCommBuffer** | Resolve/return Pi SMM communication region buffer | ---- -*Generated by HR650X BIOS Decompilation Project* \ No newline at end of file +## Recovered Naming Notes + +- `SmmLockBoxSave`, `SmmLockBoxSetAttributes`, and `SmmLockBoxRestore` are canonical names used by the LockBox wrapper layer in this module. +- `SmmBootScript`-related callbacks are recovered as distinct notify/finalize/close entry points: + `S3BootScriptEventNotify`, `S3BootScriptFinalize`, `S3ReadyToLockNotify`, + `S3BootScriptCloseEvent`, `S3BootScriptCloseNotify`. +- `PchGetPchSeries` return values are interpreted as: + - `1`: SPT + - `2`: CNP / Cannon Point family + - `3`: unknown/default path + +## Module/File Split Notes + +- `SataController.c` contains the recovered implementations for protocol handlers, S3 management flows, and LockBox plumbing. +- `SataController.h` now contains normalized function prototypes and types derived from decompiled usage: + `SataGetDeviceCount`, `SataGetDevice`, `SataIdentifyDevice`, `SataModifyDevice`, + `SataSubmitAsyncCommand`, `SataStopDevice`, `SataCalculateBestPioMode`, + `S3BootScript*`, `SmmLockBox*`, and component-name lookup helpers. + +## Recovered Variable Naming + +- `gPchSeries` +- `gBootScriptContext` +- `gAltBootScriptContext` +- `gBootScriptAllocated` +- `gBootScriptCloseGuid` +- `gBootScriptFinalGuid` +- `gEventExitBootSvc` +- `gEventSetVirtualAddrMap` +- `gEventReadyToLock` +- `gDxeSmmReadyToLockEvent` +- `gSmst` +- `gSmstAllocated` +- `gLockBoxCommBuffer` +- `gControllerHandle` +- `gBootScriptContext->MemoryRanges` diff --git a/AmiModulePkg/CSM/Aint13/Aint13.c b/AmiModulePkg/CSM/Aint13/Aint13.c index c7e9732..07c16a8 100644 --- a/AmiModulePkg/CSM/Aint13/Aint13.c +++ b/AmiModulePkg/CSM/Aint13/Aint13.c @@ -9,11 +9,45 @@ #include "Aint13.h" +typedef EFI_STATUS (EFIAPI *AINT13_INIT_FUNCTION)(VOID); + +// +// Placeholder-address aliases preserved for recovery notes. +// +#define byte_2149 mAint13InitDone +#define n8_2148 mAint13DiskCount +#define qword_2140 mInt13VectorTableBase +#define qword_2150 mPciIoCached +#define dword_21C0 mPciMmrAddress +#define qword_21B8 mPciWindowBase +#define qword_21C8 mAtapiMbrReadBuffer +#define qword_21D0 mInt13WorkBuffer +#define unk_21E0 mAint13DriveIdMap +#define qword_2180 mDebugProtocol +#define qword_2188 mCachedHobList + // Recovered module-scope state used by the decompiled entry path. STATIC EFI_HANDLE mImageHandle; -STATIC EFI_SYSTEM_TABLE *mSystemTable = NULL; -STATIC EFI_BOOT_SERVICES *mBootServices = NULL; -STATIC EFI_RUNTIME_SERVICES *mRuntimeServices = NULL; +STATIC EFI_SYSTEM_TABLE *mSystemTable = NULL; +STATIC EFI_BOOT_SERVICES *mBootServices = NULL; +STATIC EFI_RUNTIME_SERVICES *mRuntimeServices = NULL; + +STATIC BOOLEAN mAint13InitDone = FALSE; +STATIC UINT8 mAint13DiskCount = 0; +STATIC UINT8 mAint13DriveIdMap[24] = { 0 }; // 8 entries x 3 bytes +STATIC AINT13_INIT_FUNCTION mAint13ProtocolThunk = sub_624; +STATIC UINT64 mInt13VectorTableBase = 0; +STATIC VOID *mPciIoCached = NULL; +STATIC UINT32 mPciMmrAddress = 0; +STATIC UINT64 mPciWindowBase = 0; +STATIC VOID *mAtapiMbrReadBuffer = NULL; +STATIC VOID *mInt13WorkBuffer = NULL; + +STATIC VOID *mCachedHobList = NULL; + +STATIC VOID *mDebugProtocol = NULL; +STATIC VOID *mAint13ChipsetProtocol = NULL; +STATIC VOID *mAint13AuxProtocol = NULL; // Module protocol GUID recovered from local docs. STATIC EFI_GUID mAint13ProtocolGuid = { @@ -21,10 +55,10 @@ }; // Recovered helper signatures (reconstruction). -// Full implementations are intentionally omitted as this pass is symbol-focused. // -// Split note: -// - sub_1634 is chipset-specific and belongs to AInt13Csp.c in the recovered tree. +// Subsystem split note: +// - AInt13Csp.c hosts the chipset-specific INT13h register programming path (sub_1634). +// - This file contains entry-point wiring and shared INT13h scaffolding helpers. EFI_STATUS EFIAPI sub_18BC( IN CHAR8 *FileName, @@ -44,6 +78,22 @@ } EFI_STATUS EFIAPI +sub_10CC( + IN VOID *PciIo + ) +{ + return EFI_SUCCESS; +} + +EFI_STATUS EFIAPI +sub_E88( + IN VOID *DiskInfo + ) +{ + return EFI_SUCCESS; +} + +EFI_STATUS EFIAPI sub_624( VOID ) @@ -59,6 +109,122 @@ return EFI_UNSUPPORTED; } +EFI_STATUS EFIAPI +sub_BD4( + IN UINT8 *DeviceId, + IN UINT8 Channel, + IN VOID *AtaIdentify, + IN UINTN AtaIdentifySize, + IN BOOLEAN Atapi + ) +{ + return EFI_SUCCESS; +} + +EFI_STATUS EFIAPI +sub_A50( + IN UINT8 *IdentifyData, + OUT VOID *GeometryOut + ) +{ + return EFI_SUCCESS; +} + +EFI_STATUS EFIAPI +sub_86C( + IN UINT8 *MbRBuffer, + IN UINTN BufferSize, + OUT VOID *ChsOut + ) +{ + return EFI_SUCCESS; +} + +EFI_STATUS EFIAPI +sub_794( + IN UINT64 LbaSectors, + OUT VOID *GeometryOut + ) +{ + return EFI_SUCCESS; +} + +EFI_STATUS EFIAPI +sub_17F4( + VOID + ) +{ + return EFI_SUCCESS; +} + +VOID EFIAPI +sub_1874( + IN CHAR8 *Format, + ... + ) +{ + (VOID)Format; +} + +UINT32 EFIAPI +sub_19D4( + VOID + ) +{ + return 0; +} + +BOOLEAN EFIAPI +sub_1A24( + IN CONST EFI_GUID *Left, + IN CONST EFI_GUID *Right + ) +{ + if (Left == NULL || Right == NULL) { + return FALSE; + } + + return (Left->Data1 == Right->Data1) && + (Left->Data2 == Right->Data2) && + (Left->Data3 == Right->Data3) && + (Left->Data4[0] == Right->Data4[0]) && + (Left->Data4[1] == Right->Data4[1]) && + (Left->Data4[2] == Right->Data4[2]) && + (Left->Data4[3] == Right->Data4[3]) && + (Left->Data4[4] == Right->Data4[4]) && + (Left->Data4[5] == Right->Data4[5]) && + (Left->Data4[6] == Right->Data4[6]) && + (Left->Data4[7] == Right->Data4[7]); +} + +UINT64 EFIAPI +sub_1A94( + IN VOID *Address + ) +{ + return *(UINT64 *)Address; +} + +EFI_STATUS EFIAPI +sub_52C( + IN EFI_EVENT Event, + IN VOID *Context + ) +{ + (VOID)Event; + (VOID)Context; + return EFI_SUCCESS; +} + +EFI_STATUS EFIAPI +sub_480( + IN VOID *PciIoList + ) +{ + (VOID)PciIoList; + return EFI_SUCCESS; +} + // Function: _ModuleEntryPoint EFI_STATUS EFIAPI _ModuleEntryPoint( @@ -70,7 +236,6 @@ EFI_RUNTIME_SERVICES *RuntimeServices; EFI_HANDLE ImageHandle_1; EFI_STATUS Status; - VOID *Interface = (VOID *)&sub_624; mImageHandle = ImageHandle; if (!mImageHandle) { @@ -99,13 +264,14 @@ RuntimeServices = mRuntimeServices; (VOID)BootServices; (VOID)RuntimeServices; + mAint13ProtocolThunk = sub_624; Status = ((EFI_STATUS (*)(EFI_HANDLE *, VOID *, UINT32, VOID *)) mBootServices->InstallProtocolInterface)( &ImageHandle_1, &mAint13ProtocolGuid, 0, - Interface); + (VOID *)mAint13ProtocolThunk); return Status; } diff --git a/AmiModulePkg/CSM/Aint13/Aint13.h b/AmiModulePkg/CSM/Aint13/Aint13.h index c3fe512..c0ca967 100644 --- a/AmiModulePkg/CSM/Aint13/Aint13.h +++ b/AmiModulePkg/CSM/Aint13/Aint13.h @@ -21,6 +21,9 @@ EFI_SYSTEM_TABLE *SystemTable ); +// +// ModuleEntryPoint -- compatibility alias for _ModuleEntryPoint. +// EFI_STATUS EFIAPI ModuleEntryPoint( @@ -28,10 +31,12 @@ EFI_SYSTEM_TABLE *SystemTable ); -// Recovered function names from local docs. // // Module split: -// - AInt13Csp.c: sub_1634 and chipset-specific INT13h register programming. +// - Aint13.c: module entry, generic discovery, timer glue, and shared helpers. +// - AInt13Csp.c: chipset-specific INT13h register programming (sub_1634). +// + EFI_STATUS EFIAPI sub_1634( @@ -58,7 +63,93 @@ VOID ); -// Recovered module split note: -// AInt13Csp.c contains chipset-specific helpers such as sub_1634. +EFI_STATUS +EFIAPI +sub_10CC( + IN VOID *PciIo + ); + +EFI_STATUS +EFIAPI +sub_E88( + IN VOID *DiskInfo + ); + +EFI_STATUS +EFIAPI +sub_BD4( + IN UINT8 *DeviceId, + IN UINT8 Channel, + IN VOID *AtaIdentify, + IN UINTN AtaIdentifySize, + IN BOOLEAN Atapi + ); + +EFI_STATUS +EFIAPI +sub_A50( + IN UINT8 *IdentifyData, + OUT VOID *GeometryOut + ); + +EFI_STATUS +EFIAPI +sub_86C( + IN UINT8 *MbRBuffer, + IN UINTN BufferSize, + OUT VOID *ChsOut + ); + +EFI_STATUS +EFIAPI +sub_794( + IN UINT64 LbaSectors, + OUT VOID *GeometryOut + ); + +EFI_STATUS +EFIAPI +sub_17F4( + VOID + ); + +VOID +EFIAPI +sub_1874( + IN CHAR8 *Format, + ... + ); + +UINT32 +EFIAPI +sub_19D4( + VOID + ); + +BOOLEAN +EFIAPI +sub_1A24( + IN CONST EFI_GUID *Left, + IN CONST EFI_GUID *Right + ); + +UINT64 +EFIAPI +sub_1A94( + IN VOID *Address + ); + +EFI_STATUS +EFIAPI +sub_52C( + IN EFI_EVENT Event, + IN VOID *Context + ); + +EFI_STATUS +EFIAPI +sub_480( + IN VOID *PciIoList + ); #endif /* __AINT13_H__ */ diff --git a/AmiModulePkg/CSM/Aint13/Aint13.md b/AmiModulePkg/CSM/Aint13/Aint13.md index d5cbc11..cd4d7aa 100644 --- a/AmiModulePkg/CSM/Aint13/Aint13.md +++ b/AmiModulePkg/CSM/Aint13/Aint13.md @@ -5,6 +5,7 @@ | Address | Name | Description | |---------|------|-------------| | 0x370 | **_ModuleEntryPoint** | UEFI entry point | +| n/a | **ModuleEntryPoint** | Compatibility alias for `_ModuleEntryPoint` | | 0x624 | **sub_624** | Module initialization callback exposed through protocol install | | 0x480 | **sub_480** | PCI/ATA device enumeration helper | | 0x52C | **sub_52C** | Timer callback that refreshes INT13h vectors | @@ -37,11 +38,17 @@ - `qword_21B8` (`mPciWindowBase`) - `qword_21C8` (`mAtapiMbrReadBuffer`) - `qword_21D0` (`mInt13WorkBuffer`) -- `unk_21E0` (`mDiskIndexMap`) +- `unk_21E0` (`mAint13DriveIdMap`) +- `qword_2180` (`mDebugProtocol`) +- `qword_2188` (`mCachedHobList`) +- `mAint13ProtocolThunk` (`psub_624`) +- `mAint13ChipsetProtocol` (chipset dependency protocol cache, DB9A1E3D-...) +- `mAint13AuxProtocol` (auxiliary dependency protocol cache, 8E008510-...) -## Split Recovery +## File Split -- The local analysis and previous recovery track `sub_1634` in a companion `AInt13Csp.c` (chipset-specific split unit). +- `Aint13.c`: entry point, protocol installation, periodic timer callback hookup, and shared helper scaffolding. +- `AInt13Csp.c`: chipset-specific `sub_1634` flow that programs INT13h register vectors and chip-level state. --- *Generated by HR650X BIOS Decompilation Project* diff --git a/AmiModulePkg/CSM/Aint13/README.md b/AmiModulePkg/CSM/Aint13/README.md index ea51727..0a02732 100644 --- a/AmiModulePkg/CSM/Aint13/README.md +++ b/AmiModulePkg/CSM/Aint13/README.md @@ -6,11 +6,12 @@ ## Key Functions - **_ModuleEntryPoint** -- DXE entry: saves globals, calls `sub_18FC`, installs protocol interface with `sub_624` callback. +- **ModuleEntryPoint** -- Compatibility alias of `_ModuleEntryPoint`. - **sub_624** -- Module init: PCI enumeration via PciIo protocol, memory allocation, timer registration (`88ms`). +- **sub_10CC** -- Core dispatcher: opens PCI bridge, locates chipset-specific protocols, calls geometry setup per disk. - **sub_18BC** -- ASSERT/debug helper used in entry/init validation. - **sub_18FC** -- HOB table initialization helper. - **sub_1634** -- Chipset-specific INT 13h vector programming (`AInt13Csp.c` split file). -- **sub_10CC** -- Core dispatcher: opens PCI bridge, locates chipset-specific protocols, calls geometry setup per disk. - **sub_BD4** -- Per-disk geometry setup: 42-byte descriptor builder. - **sub_A50** -- ATA geometry extraction from identify data. - **sub_86C** -- MBR/EBR CHS geometry adjustment. @@ -24,10 +25,10 @@ - **sub_1A24** -- GUID compare helper. - **sub_1A94** -- Unaligned 64-bit read helper. -## Module split +## File split -- `Aint13.c` contains module entry/recovery scaffolding. -- `AInt13Csp.c` contains platform chipset behavior, including `sub_1634` and hardware programming details. +- `Aint13.c`: module entry, protocol install, and shared INT13h helper scaffolding (discovery, timer refresh, utility helpers). +- `AInt13Csp.c`: chipset-specific `sub_1634` flow that programs INT13h controller registers and chip-level vectoring behavior. ## Recovered Variables - `mImageHandle` @@ -37,14 +38,29 @@ - `mAint13ProtocolGuid` - `byte_2149` (`mAint13InitDone`) - `n8_2148` (`mAint13DiskCount`) -- `psub_624` (`mModuleProtocolThunk`) +- `mAint13ProtocolThunk` (`psub_624`) - `qword_2140` (`mInt13VectorTableBase`) +- `qword_2150` (`mPciIoCached`) - `dword_21C0` (`mPciMmrAddress`) +- `qword_21B8` (`mPciWindowBase`) +- `qword_21C8` (`mAtapiMbrReadBuffer`) +- `qword_21D0` (`mInt13WorkBuffer`) +- `unk_21E0` (`mAint13DriveIdMap`) +- `qword_2180` (`mDebugProtocol`) +- `qword_2188` (`mCachedHobList`) +- `mAint13ChipsetProtocol` (chipset dependency protocol cache, DB9A1E3D-...) +- `mAint13AuxProtocol` (auxiliary dependency protocol cache, 8E008510-...) + +## File split + +- `Aint13.c`: entry point, protocol install, and generic INT13h helper scaffolding (discovery, timer refresh, utility helpers). +- `AInt13Csp.c`: chipset-specific `sub_1634` path that programs INT13h controller registers and chip-specific vectoring behavior. ## Protocols/Dependencies - PCI I/O Protocol (B2FA4764-...), UEFI Boot Services -- Chipset-specific protocol A (DB9A1E3D-...) for PCI bridge config +- Chipset-specific protocol A (DB9A1E3D-...) for PCI bridge config / low-level INT13h register I/O +- Unknown protocol B (8E008510-...) for supplemental controller operations - CMOS/RTC I/O (ports 0x70/0x71) for debug level ## Platform -Intel Purley (Xeon Scalable), HR650X -- AMI AmiModulePkg/AHCI/Aint13/ +Intel Purley (Xeon Scalable), HR650X -- AMI AmiModulePkg/CSM/Aint13/ diff --git a/AmiModulePkg/TcgStorageSecurity/SmmTcgStorageSec/README.md b/AmiModulePkg/TcgStorageSecurity/SmmTcgStorageSec/README.md index dd4ac2c..f56d706 100644 --- a/AmiModulePkg/TcgStorageSecurity/SmmTcgStorageSec/README.md +++ b/AmiModulePkg/TcgStorageSecurity/SmmTcgStorageSec/README.md @@ -14,9 +14,9 @@ ## Key Functions - **ModuleEntryPoint**: Entry point that initializes storage security services and registers SMM communication handlers. -- **sub_53C**: TCG storage protocol initialization and SMM handler dispatch registration. -- **sub_A9C**: Core storage security command processing pipeline. -- **sub_9D8**: Error handling path for failed storage security operations. +- **TcgStorageSecurityInit** (`sub_53C`): TCG storage protocol initialization and SMM handler dispatch registration. +- **TcgStorageSecurityProcessCommands** (`sub_A9C`): Core storage security command processing pipeline. +- **TcgStorageSecurityHandleInitializeError** (`sub_9D8`): Error handling path for failed storage security operations. ## Dependencies @@ -28,4 +28,4 @@ ## Platform -HR650X server platform, x64 architecture. Runs in SMM context for TCG storage security operations. \ No newline at end of file +HR650X server platform, x64 architecture. Runs in SMM context for TCG storage security operations. diff --git a/AmiModulePkg/TcgStorageSecurity/SmmTcgStorageSec/SmmTcgStorageSec.c b/AmiModulePkg/TcgStorageSecurity/SmmTcgStorageSec/SmmTcgStorageSec.c index b059e57..2fca959 100644 --- a/AmiModulePkg/TcgStorageSecurity/SmmTcgStorageSec/SmmTcgStorageSec.c +++ b/AmiModulePkg/TcgStorageSecurity/SmmTcgStorageSec/SmmTcgStorageSec.c @@ -13,11 +13,12 @@ // Function: ModuleEntryPoint EFI_STATUS ModuleEntryPoint(EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE *SystemTable) { - signed __int64 v2; // rbx + EFI_STATUS Status; - sub_53C(ImageHandle, SystemTable); - v2 = sub_A9C(); - if ( v2 < 0 ) - sub_9D8(); - return v2; + TcgStorageSecurityInit(ImageHandle, SystemTable); + Status = TcgStorageSecurityProcessCommands(); + if ( Status < 0 ) { + TcgStorageSecurityHandleInitializeError(); + } + return Status; } diff --git a/AmiModulePkg/TcgStorageSecurity/SmmTcgStorageSec/SmmTcgStorageSec.h b/AmiModulePkg/TcgStorageSecurity/SmmTcgStorageSec/SmmTcgStorageSec.h index aaa3511..3fc81e2 100644 --- a/AmiModulePkg/TcgStorageSecurity/SmmTcgStorageSec/SmmTcgStorageSec.h +++ b/AmiModulePkg/TcgStorageSecurity/SmmTcgStorageSec/SmmTcgStorageSec.h @@ -20,34 +20,43 @@ EFI_STATUS EFIAPI ModuleEntryPoint( - VOID + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable ); /// -/// sub_53C +/// Initialize image/table context for SMM TCG storage security. /// EFI_STATUS EFIAPI -sub_53C( - VOID +TcgStorageSecurityInit( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable ); /// -/// sub_A9C +/// Run the core TCG storage command processing pipeline. /// EFI_STATUS EFIAPI -sub_A9C( +TcgStorageSecurityProcessCommands( VOID ); /// -/// sub_9D8 +/// Handle initialization error cleanup for TCG storage security setup. /// EFI_STATUS EFIAPI -sub_9D8( +TcgStorageSecurityHandleInitializeError( VOID ); -#endif /* __SMMTCGSTORAGESEC_H__ */ \ No newline at end of file +/** + Compatibility aliases retained for symbol-forensics continuity. +*/ +#define sub_53C TcgStorageSecurityInit +#define sub_A9C TcgStorageSecurityProcessCommands +#define sub_9D8 TcgStorageSecurityHandleInitializeError + +#endif /* __SMMTCGSTORAGESEC_H__ */ diff --git a/AmiModulePkg/TcgStorageSecurity/SmmTcgStorageSec/SmmTcgStorageSec.md b/AmiModulePkg/TcgStorageSecurity/SmmTcgStorageSec/SmmTcgStorageSec.md index 220d6ea..8e1c81b 100644 --- a/AmiModulePkg/TcgStorageSecurity/SmmTcgStorageSec/SmmTcgStorageSec.md +++ b/AmiModulePkg/TcgStorageSecurity/SmmTcgStorageSec/SmmTcgStorageSec.md @@ -4,8 +4,14 @@ | Address | Name | Description | |---------|------|-------------| -| | **ModuleEntryPoint** | | -| rbx | **sub_53C(ImageHandle, SystemTable); v2 = sub_A9C(); if ( v2 < 0 ) sub_9D8(); return v2; }** | | +| | **ModuleEntryPoint** | Main SMM entry point. Calls `TcgStorageSecurityInit`, then executes `TcgStorageSecurityProcessCommands` and handles errors via `TcgStorageSecurityHandleInitializeError`. | +| rbx | **sub_53C(ImageHandle, SystemTable); v2 = sub_A9C(); if ( v2 < 0 ) sub_9D8(); return v2; }** | Decompiled control flow (raw) | + +### Recovered Symbols + +- `TcgStorageSecurityInit` (`sub_53C`) +- `TcgStorageSecurityProcessCommands` (`sub_A9C`) +- `TcgStorageSecurityHandleInitializeError` (`sub_9D8`) --- -*Generated by HR650X BIOS Decompilation Project* \ No newline at end of file +*Generated by HR650X BIOS Decompilation Project* diff --git a/CpPlatPkg/Whea/WheaErrorLog/README.md b/CpPlatPkg/Whea/WheaErrorLog/README.md index 0b5181c..ab07710 100644 --- a/CpPlatPkg/Whea/WheaErrorLog/README.md +++ b/CpPlatPkg/Whea/WheaErrorLog/README.md @@ -2,19 +2,30 @@ **Index:** 0226 | **Size:** 38,368 bytes (153,472 body) | **Phase:** SMM ## Overview -SMM WHEA (Windows Hardware Error Architecture) error logging driver for Intel Purley platform. Initializes WHEA error record storage in SMRAM, registers SMI handlers for error record update and notification callbacks, and interfaces with platform MP sync data and PCIe MM config space. Acts as the SMM-side counterpart to DXE WHEA infrastructure, providing persistent error record buffers across SMI entries. Processes CPER error data from 5 WHEA error source GUID types (Corrected Machine Check, Recoverable, PCIe Corrected, Fatal/Non-Maskable, Corrected Machine Check variant). +SMM WHEA (Windows Hardware Error Architecture) error logging driver for Intel Purley platform. It initializes WHEA error record storage in SMRAM, registers SMI handlers and notification callbacks, and coordinates platform MP sync state and MM config-space access. It is the SMM counterpart to DXE WHEA infrastructure and persists error-record buffers across SMI reentry. -## Key Functions -- **_ModuleEntryPoint** -- DXE/SMM entry: constructor chain (14 init functions), main init, and unload on failure -- **sub_21C0** -- Constructor chain for early module initialization (`ASSERT`/state setup path) -- **sub_25EC** -- Main init entry (calls SMI protocol setup and dispatch registration) -- **sub_26F4** -- Main protocol installation: locates all protocols, registers SMI handlers -- **sub_2C04** -- Core WHEA error handler: processes error records, matches to error status blocks -- **sub_2688/sub_2664** -- SMI handlers for SwSmi 157/158: enable/disable WHEA logging -- **sub_1F04** -- Error record classification: determines subtype, translates IDs via lookup table -- **sub_26AC** -- Find error status block by severity level -- **sub_13B0** -- MP sync data table init: per-CPU structures for up to 512 CPUs -- **sub_257C** -- Unload/cleanup helper used when `sub_25EC` fails +## Public Flow +- **_ModuleEntryPoint** -- SMM/DXE driver entry, chains context initialization, main init, and failure cleanup. +- **WheaErrorLogInitializeContext** -- Constructor/constructor-like chain pre-initialization (`ASSERT`-checked setup path). +- **WheaErrorLogInitialize** -- Main SMM init path that sets up protocol installs and dispatch registration. +- **WheaErrorLogCleanupOnError** -- Unload/cleanup helper used when `WheaErrorLogInitialize` returns failure. + +## Internal Functions (Recovered Names) +- **WheaErrorLogRegisterSmiHandlers** -- Protocol resolution and SMI registration orchestration. +- **WheaErrorLogHandler** -- Core WHEA error record SMI handler. +- **WheaErrorLogEnableLoggingCallback** -- SwSmi callback to enable WHEA logging. +- **WheaErrorLogDisableLoggingCallback** -- SwSmi callback to disable WHEA logging. +- **WheaErrorLogSmiNotifyCallback** -- SMM notify callback that clears transient logging flags. +- **WheaErrorLogClassifyErrorRecord** -- Error record subtype classification and GUID handling. +- **WheaErrorLogGetStatusBlockBySeverity** -- Selects status block for corrected / nonfatal severity. +- **WheaErrorLogInitMPSyncData** -- Builds per-CPU sync-data arrays for up to 512 CPUs. + +## Recovered State Variables +- `gWheaErrorLoggingEnabled` (formerly `byte_40A0`) -- master gate for WHEA logging. +- `gWheaStatusBlockReady` (formerly `byte_40A3`) -- set when per-entry status blocks are ready. +- `gWheaErrorStatusBlockTable` (at `0x3F28`) -- status block array and entry count at `qword_3F90`. +- `gWheaPcdToken5` (formerly `qword_40E0`) -- cached platform configuration token result. +- `gWheaSmramDescriptorCount` / `gWheaSmramDescriptors` (`0x25328/0x25330`) -- SMRAM range metadata. ## Protocols/Dependencies - EFI_SMM_BASE2_PROTOCOL, EFI_SMM_CPU_PROTOCOL, EFI_SMM_SW_DISPATCH2 diff --git a/CpPlatPkg/Whea/WheaErrorLog/WheaErrorLog.c b/CpPlatPkg/Whea/WheaErrorLog/WheaErrorLog.c index 958fe84..e8716a1 100644 --- a/CpPlatPkg/Whea/WheaErrorLog/WheaErrorLog.c +++ b/CpPlatPkg/Whea/WheaErrorLog/WheaErrorLog.c @@ -19,11 +19,11 @@ { EFI_STATUS Status; - // Constructor chain: sub_21C0() -> driver entry -> unload on failure. - sub_21C0(); - Status = sub_25EC(ImageHandle, SystemTable); + // Constructor chain: WheaErrorLogInitializeContext() -> main init -> cleanup on failure. + WheaErrorLogInitializeContext(); + Status = WheaErrorLogInitialize(ImageHandle, SystemTable); if (Status < 0) { - sub_257C(ImageHandle, SystemTable); + WheaErrorLogCleanupOnError(ImageHandle, SystemTable); } return Status; diff --git a/CpPlatPkg/Whea/WheaErrorLog/WheaErrorLog.h b/CpPlatPkg/Whea/WheaErrorLog/WheaErrorLog.h index 3d2d86f..7e4fde2 100644 --- a/CpPlatPkg/Whea/WheaErrorLog/WheaErrorLog.h +++ b/CpPlatPkg/Whea/WheaErrorLog/WheaErrorLog.h @@ -25,30 +25,32 @@ ); /// -/// sub_21C0 +/// WheaErrorLogInitializeContext -- Constructor-like context init stage. /// EFI_STATUS EFIAPI -sub_21C0( +WheaErrorLogInitializeContext( VOID ); /// -/// sub_25EC +/// WheaErrorLogInitialize -- Main initialization routine. /// EFI_STATUS EFIAPI -sub_25EC( - VOID +WheaErrorLogInitialize( + EFI_HANDLE ImageHandle, + EFI_SYSTEM_TABLE *SystemTable ); /// -/// sub_257C +/// WheaErrorLogCleanupOnError -- Cleanup path executed when init fails. /// EFI_STATUS EFIAPI -sub_257C( - VOID +WheaErrorLogCleanupOnError( + EFI_HANDLE ImageHandle, + EFI_SYSTEM_TABLE *SystemTable ); #endif /* __WHEAERRORLOG_H__ */ diff --git a/CpPlatPkg/Whea/WheaErrorLog/WheaErrorLog.md b/CpPlatPkg/Whea/WheaErrorLog/WheaErrorLog.md index d632647..fc69429 100644 --- a/CpPlatPkg/Whea/WheaErrorLog/WheaErrorLog.md +++ b/CpPlatPkg/Whea/WheaErrorLog/WheaErrorLog.md @@ -2,18 +2,40 @@ ## Function Table -| Address | Name | Description | -|---------|------|-------------| -| N/A | **_ModuleEntryPoint** | SMM/DXE entry point dispatcher. | -| N/A | **sub_21C0()** | Constructor chain for module initialization. | -| N/A | **sub_25EC(ImageHandle, SystemTable)** | Main initialization routine. | -| N/A | **sub_257C(ImageHandle, SystemTable)** | Error-path unload/cleanup callback. | -| N/A | **sub_26F4** | Protocol installation and SMI handler registration. | -| N/A | **sub_2C04** | Core WHEA error handler; processes error records and status blocks. | -| N/A | **sub_2688 / sub_2664** | SMI handlers to enable/disable WHEA logging (SwSmi 157/158). | -| N/A | **sub_1F04** | Error record classification and ID translation for CPER subtype. | -| N/A | **sub_26AC** | Locate error status block by severity level. | -| N/A | **sub_13B0** | MP sync data table initialization for per-CPU structures. | +### Public API + +| Name | Description | +|------|-------------| +| `_ModuleEntryPoint` | SMM/DXE entry point dispatcher. | +| `WheaErrorLogInitializeContext` | Constructor chain for module initialization (`ASSERT`-checked setup path). | +| `WheaErrorLogInitialize` | Main initialization routine: install protocol hooks and register handlers. | +| `WheaErrorLogCleanupOnError` | Error-path unload/cleanup callback when init fails. | + +### Internal Recovered Symbols + +| Name | Description | +|------|-------------| +| `WheaErrorLogRegisterSmiHandlers` | Protocol installation and SMI handler registration (`sub_26F4`). | +| `WheaErrorLogHandler` | Core WHEA error handler: parses/normalizes records and updates status blocks. | +| `WheaErrorLogEnableLoggingCallback` | SwSmi path to enable WHEA logging. | +| `WheaErrorLogDisableLoggingCallback` | SwSmi path to disable WHEA logging. | +| `WheaErrorLogSmiNotifyCallback` | Notifies and resets transient WHEA state flags on SMM events. | +| `WheaErrorLogClassifyErrorRecord` | Error record classification and CPER subtype/ID translation bridge. | +| `WheaErrorLogGetStatusBlockBySeverity` | Locate error status block by severity level. | +| `WheaErrorLogInitMPSyncData` | MP sync table initialization for per-CPU structures. | + +## Global Variable Recovery + +| Address Hint | Recovered Name | Purpose | +|--------------|----------------|---------| +| `0x40A0` | `gWheaErrorLoggingEnabled` | Master WHEA logging gate. | +| `0x40A1/0x40A2/0x40A3` | `gWheaPendingErrorFlags` | Socket/rank pending/error-state bitfield flags. | +| `0x3F28` | `gWheaErrorStatusTable` | Status block pointer array (24-byte entries). | +| `0x3F90` | `gWheaErrorStatusTableEntries` | Number of status-block entries. | +| `0x40E0` | `gWheaPcdToken5` | Cached PCD-derived platform setting value. | +| `0x4108` | `gWheaMPSyncData` | Per-CPU MP sync working region. | +| `0x4148` | `gWheaSiliconConfig` | WHEA silicon config data pointer (from HOB walk). | +| `0x9320/0x9B20` | `gWheaCpuMap` | Per-CPU status and APIC-ID mapping arrays. | --- *Generated by HR650X BIOS Decompilation Project* diff --git a/PurleyPlatPkg/Ras/Smm/ErrHandling/FpgaErrorHandler/FpgaErrorHandler/FpgaErrorHandler.c b/PurleyPlatPkg/Ras/Smm/ErrHandling/FpgaErrorHandler/FpgaErrorHandler/FpgaErrorHandler.c index 1c8a73c..62135bb 100644 --- a/PurleyPlatPkg/Ras/Smm/ErrHandling/FpgaErrorHandler/FpgaErrorHandler/FpgaErrorHandler.c +++ b/PurleyPlatPkg/Ras/Smm/ErrHandling/FpgaErrorHandler/FpgaErrorHandler/FpgaErrorHandler.c @@ -2,13 +2,22 @@ FpgaErrorHandler.c -- FpgaErrorHandler Auto-converted from IDA decompiler output. - Functions: 1 + Recovered symbol names aligned to local module documentation. Copyright (c) HR650X BIOS Decompilation Project **/ #include "FpgaErrorHandler.h" +// +// Recovered .data symbols from decompilation maps. +// + +EFI_STATUS mFpgaErrorHandlerModuleStatus = 0x8000000000000001ULL; +UINT8 mFpgaErrorHandlerJumpBuffer[0xF8]; + +#define qword_2FA8 mFpgaErrorHandlerModuleStatus +#define unk_2EB0 mFpgaErrorHandlerJumpBuffer // // Function: _ModuleEntryPoint (recovered entry symbol from docs) @@ -16,38 +25,43 @@ EFI_STATUS EFIAPI _ModuleEntryPoint( - EFI_HANDLE ImageHandle, - EFI_SYSTEM_TABLE *SystemTable + EFI_HANDLE ImageHandle, + EFI_SYSTEM_TABLE *SystemTable ) { EFI_STATUS HandlerSetupStatus; EFI_STATUS ReturnStatus; VOID *SetJumpState = NULL; - sub_5C0(ImageHandle, SystemTable); + FpgaErrorHandlerInitializeContext(ImageHandle, SystemTable); qword_2FA8 = 0x8000000000000001uLL; SetJumpState = &unk_2EB0; - if ( !sub_280(SetJumpState) ) + if ( !FpgaErrorHandlerSetJumpStateSave(SetJumpState) ) { - HandlerSetupStatus = sub_EAC(); + HandlerSetupStatus = RegisterFpgaErrorCallbacks(); if ( HandlerSetupStatus >= 0 || qword_2FA8 < 0 ) + { qword_2FA8 = HandlerSetupStatus; - sub_11E0(SetJumpState); - sub_320(SetJumpState, -1); - sub_11A0( - "e:\\hs\\Build\\HR6N0XMLK\\DEBUG_VS2015\\X64\\PurleyPlatPkg\\Ras\\Smm\\ErrHandling\\FpgaErrorHandler\\FpgaErrorHand" - "ler\\DEBUG\\AutoGen.c", + } + + FpgaErrorHandlerSetJumpStateCheck(SetJumpState); + FpgaErrorHandlerSetJumpRecover(SetJumpState, -1); + FpgaErrorHandlerAssert( + "e:\\hs\\Build\\HR6N0XMLK\\DEBUG_VS2015\\X64\\PurleyPlatPkg\\Ras\\Smm\\ErrHandling\\FpgaErrorHandler\\FpgaErrorHandler\\" + "DEBUG\\AutoGen.c", 611, "((BOOLEAN)(0==1))"); - sub_11A0( - "e:\\hs\\Build\\HR6N0XMLK\\DEBUG_VS2015\\X64\\PurleyPlatPkg\\Ras\\Smm\\ErrHandling\\FpgaErrorHandler\\FpgaErrorHand" - "ler\\DEBUG\\AutoGen.c", + FpgaErrorHandlerAssert( + "e:\\hs\\Build\\HR6N0XMLK\\DEBUG_VS2015\\X64\\PurleyPlatPkg\\Ras\\Smm\\ErrHandling\\FpgaErrorHandler\\FpgaErrorHandler\\" + "DEBUG\\AutoGen.c", 626, "((BOOLEAN)(0==1))"); } ReturnStatus = qword_2FA8; if ( qword_2FA8 < 0 ) - sub_13D4(); + { + FpgaErrorHandlerCleanup(); + } return ReturnStatus; } @@ -57,9 +71,10 @@ EFI_STATUS EFIAPI ModuleEntryPoint( - EFI_HANDLE ImageHandle, - EFI_SYSTEM_TABLE *SystemTable + EFI_HANDLE ImageHandle, + EFI_SYSTEM_TABLE *SystemTable ) { return _ModuleEntryPoint(ImageHandle, SystemTable); } + diff --git a/PurleyPlatPkg/Ras/Smm/ErrHandling/FpgaErrorHandler/FpgaErrorHandler/FpgaErrorHandler.h b/PurleyPlatPkg/Ras/Smm/ErrHandling/FpgaErrorHandler/FpgaErrorHandler/FpgaErrorHandler.h index 9372f26..bedfe8b 100644 --- a/PurleyPlatPkg/Ras/Smm/ErrHandling/FpgaErrorHandler/FpgaErrorHandler/FpgaErrorHandler.h +++ b/PurleyPlatPkg/Ras/Smm/ErrHandling/FpgaErrorHandler/FpgaErrorHandler/FpgaErrorHandler.h @@ -13,42 +13,48 @@ #include "../uefi_headers/Uefi.h" // -// Function Prototypes +// Public entry symbols // /// -/// ModuleEntryPoint -- UEFI entry point / initialization function -/// -EFI_STATUS -EFIAPI -ModuleEntryPoint( - EFI_HANDLE ImageHandle, - EFI_SYSTEM_TABLE *SystemTable -); - -/// -/// _ModuleEntryPoint -- decompiled entrypoint symbol +/// _ModuleEntryPoint -- internal entry symbol recovered from AutoGen path /// EFI_STATUS EFIAPI _ModuleEntryPoint( - EFI_HANDLE ImageHandle, - EFI_SYSTEM_TABLE *SystemTable + EFI_HANDLE ImageHandle, + EFI_SYSTEM_TABLE *SystemTable ); /// -/// sub_5C0 +/// ModuleEntryPoint -- compatibility wrapper that forwards to _ModuleEntryPoint /// EFI_STATUS EFIAPI +ModuleEntryPoint( + EFI_HANDLE ImageHandle, + EFI_SYSTEM_TABLE *SystemTable +); + +// +// Recovered helper aliases from local docs. +// + +/// +/// FpgaErrorHandlerInitializeContext -- AutoGen init helper (`sub_5C0`). +/// +#define FpgaErrorHandlerInitializeContext sub_5C0 +EFI_STATUS +EFIAPI sub_5C0( - EFI_HANDLE ImageHandle, - EFI_SYSTEM_TABLE *SystemTable + EFI_HANDLE ImageHandle, + EFI_SYSTEM_TABLE *SystemTable ); /// -/// sub_EAC +/// RegisterFpgaErrorCallbacks -- module setup routine (`sub_EAC`). /// +#define RegisterFpgaErrorCallbacks sub_EAC EFI_STATUS EFIAPI sub_EAC( @@ -56,8 +62,19 @@ ); /// -/// sub_11E0 +/// FpgaErrorHandlerSetJumpStateSave -- context save (`sub_280`). /// +#define FpgaErrorHandlerSetJumpStateSave sub_280 +EFI_STATUS +EFIAPI +sub_280( + VOID * +); + +/// +/// FpgaErrorHandlerSetJumpStateCheck -- set-jump context validator (`sub_11E0`). +/// +#define FpgaErrorHandlerSetJumpStateCheck sub_11E0 EFI_STATUS EFIAPI sub_11E0( @@ -65,8 +82,9 @@ ); /// -/// sub_320 +/// FpgaErrorHandlerSetJumpRecover -- context restore/longjmp (`sub_320`). /// +#define FpgaErrorHandlerSetJumpRecover sub_320 EFI_STATUS EFIAPI sub_320( @@ -75,8 +93,9 @@ ); /// -/// sub_11A0 +/// FpgaErrorHandlerAssert -- debug assert logging (`sub_11A0`). /// +#define FpgaErrorHandlerAssert sub_11A0 EFI_STATUS EFIAPI sub_11A0( @@ -86,21 +105,28 @@ ); /// -/// sub_280 +/// FpgaErrorHandlerCleanup -- SMM pool/free failure path (`sub_13D4`). /// -EFI_STATUS -EFIAPI -sub_280( - VOID * -); - -/// -/// sub_13D4 -/// +#define FpgaErrorHandlerCleanup sub_13D4 EFI_STATUS EFIAPI sub_13D4( VOID ); +// +// Recovered state aliases +// + +/// +/// Module return status register (`qword_2FA8`). +/// +extern EFI_STATUS mFpgaErrorHandlerModuleStatus; + +/// +/// Module set-jump context object (`unk_2EB0`), 0xF8 bytes. +/// +extern UINT8 mFpgaErrorHandlerJumpBuffer[0xF8]; + #endif /* __FPGAERRORHANDLER_H__ */ + diff --git a/PurleyPlatPkg/Ras/Smm/ErrHandling/FpgaErrorHandler/FpgaErrorHandler/FpgaErrorHandler.md b/PurleyPlatPkg/Ras/Smm/ErrHandling/FpgaErrorHandler/FpgaErrorHandler/FpgaErrorHandler.md index 64733b5..05c8114 100644 --- a/PurleyPlatPkg/Ras/Smm/ErrHandling/FpgaErrorHandler/FpgaErrorHandler/FpgaErrorHandler.md +++ b/PurleyPlatPkg/Ras/Smm/ErrHandling/FpgaErrorHandler/FpgaErrorHandler/FpgaErrorHandler.md @@ -2,22 +2,39 @@ ## Function Table -| Address | Name | Description | -|---------|------|-------------| -| _ModuleEntryPoint | Module entry recovered from decomp docs. Initializes via `sub_5C0(ImageHandle, SystemTable)`, uses `sub_280/11E0/320` with `unk_2EB0` context, runs `sub_EAC()`, and finalizes through `qword_2FA8` / `sub_13D4()` on error path. | -| ModuleEntryPoint | Compatibility wrapper that forwards to `_ModuleEntryPoint`. | -| sub_5C0 | UEFI/SMI initialization hook (`ImageHandle`, `SystemTable`). | -| sub_EAC | Main FPGA error-handler setup: protocol discovery/registration for callback framework. | -| sub_280 | Save point context capture for SetJump-like error protection (`unk_2EB0`). | -| sub_11E0 | SetJump context validation for `unk_2EB0`. | -| sub_320 | LongJump-like restoration using `unk_2EB0` and return token. | -| sub_11A0 | Debug assertion logging helper invoked from impossible AutoGen control-flow edges. | -| sub_13D4 | SMM pool/free cleanup helper used on failed entry return path. | +| Address | Name | Recovered Alias | Description | +|---------|------|-----------------|-------------| +| _ModuleEntryPoint | `_ModuleEntryPoint` | n/a | Decomp entry symbol recovered from AutoGen path. Runs set-jump-protected setup flow and returns recovered module status (`qword_2FA8`). | +| ModuleEntryPoint | `ModuleEntryPoint` | n/a | Compatibility wrapper for `_ModuleEntryPoint`. | +| 0x5C0 | sub_5C0 | FpgaErrorHandlerInitializeContext | Auto-generated context init helper (`ImageHandle`, `SystemTable`). | +| 0xEAC | sub_EAC | RegisterFpgaErrorCallbacks | Main FPGA callback registration/setup routine. | +| 0x280 | sub_280 | FpgaErrorHandlerSetJumpStateSave | Captures set-jump context into `unk_2EB0`. | +| 0x11E0 | sub_11E0 | FpgaErrorHandlerSetJumpStateCheck | Validates captured set-jump state. | +| 0x320 | sub_320 | FpgaErrorHandlerSetJumpRecover | Restores control flow from set-jump context and return token. | +| 0x11A0 | sub_11A0 | FpgaErrorHandlerAssert | Debug assertion/logging callsite for impossible AutoGen branches. | +| 0x13D4 | sub_13D4 | FpgaErrorHandlerCleanup | SMM cleanup path used when `qword_2FA8 < 0`. | + +## Recovered Internal Variables + +- `qword_2FA8` — module return status word. Recovered as `mFpgaErrorHandlerModuleStatus` in `FpgaErrorHandler.h`. +- `unk_2EB0` — set-jump context object. Recovered as `mFpgaErrorHandlerJumpBuffer[0xF8]`. + +## Callback Family (documented context) + +- `sub_B38` — FPGA presence check callback. +- `sub_B48` — FPGA error clear callback. +- `sub_BF0` — FPGA buffer clear callback. +- `sub_C90` — FPGA status query callback. +- `sub_CB4` — FPGA fatal error callback. +- `sub_D48` — FPGA poll callback. +- `sub_DFC` — FPGA error collection routine (per-socket status staging). +- `sub_A30` — FPGA error logging helper. +- `sub_1580` — MpSyncData topology/bootstrap helper. ### Recovered Local Variables in Entry Flow -- `qword_2FA8` — module return status word (seeded before init flow). -- `unk_2EB0` — SetJump context object used by `sub_280` and `sub_320`. +- `mFpgaErrorHandlerModuleStatus` / `qword_2FA8` — module return status word seeded before init flow. +- `mFpgaErrorHandlerJumpBuffer` / `unk_2EB0` — set-jump context object (0xF8 bytes) used by `sub_280/sub_11E0/sub_320`. --- *Generated by HR650X BIOS Decompilation Project* diff --git a/PurleyPlatPkg/Ras/Smm/ErrHandling/FpgaErrorHandler/FpgaErrorHandler/README.md b/PurleyPlatPkg/Ras/Smm/ErrHandling/FpgaErrorHandler/FpgaErrorHandler/README.md index f74e2af..702ae14 100644 --- a/PurleyPlatPkg/Ras/Smm/ErrHandling/FpgaErrorHandler/FpgaErrorHandler/README.md +++ b/PurleyPlatPkg/Ras/Smm/ErrHandling/FpgaErrorHandler/FpgaErrorHandler/README.md @@ -2,18 +2,27 @@ **Index:** 0220 | **Size:** 36,864 bytes (148,352 body) | **Phase:** SMM ## Overview -SMM driver that handles FPGA (Field Programmable Gate Array) error status monitoring and correction for the Intel Purley platform. Monitors FPGA error registers via MMIO, performs error acknowledgment, and triggers warm reset via I/O port 0xCF9 when critical FPGA errors are detected. Integrates with the MpSyncData library for multi-processor synchronization. Supports up to 4 sockets with per-socket FPGA error register access. +SMM driver for FPGA error handling on Intel Purley. Source recovery is anchored on `FpgaErrorHandler.md` and the local decompiler naming map. + +The public entry remains `ModuleEntryPoint`, which forwards into the recovered AutoGen entry symbol `_ModuleEntryPoint`. + +Split in this module: +- `FpgaErrorHandler.c`: recovered entry logic and alias usage. +- `FpgaErrorHandler.h`: recovered helper aliases and state symbol declarations. +- `FpgaErrorHandler.md`: recovered symbol table and detailed behavior notes. ## Key Functions -- **_ModuleEntryPoint** -- SMM module entry point: initializes error handler, registers 6 FPGA callbacks -- **ModuleEntryPoint** -- Compatibility wrapper forwarding to `_ModuleEntryPoint` -- **sub_EAC** -- Main FPGA error handler setup: locates MmPciBase, FPGA callback, MpSyncData protocols -- **sub_DFC** -- Error status collection: reads FPGA error registers per socket via MMIO -- **sub_D48** -- Error polling: checks FPGA error pending bits, logs via sub_A30 -- **sub_CB4** -- Fatal error handler: writes GPIO, triggers warm reset via 0xCF9 -- **sub_B38/sub_B48/sub_BF0/sub_C90** -- FPGA callback array: presence check, clear, buffer clear, status query -- **qword_2FA8** -- Recovered module status return register for entry flow -- **unk_2EB0** -- Recovered SetJump context used by `sub_280`, `sub_11E0`, and `sub_320` +- **_ModuleEntryPoint** -- recovered AutoGen module entry symbol. +- **ModuleEntryPoint** -- compatibility wrapper to `_ModuleEntryPoint`. +- **sub_5C0 / FpgaErrorHandlerInitializeContext** -- entry init capture. +- **sub_EAC / RegisterFpgaErrorCallbacks** -- primary setup routine. +- **sub_280 / FpgaErrorHandlerSetJumpStateSave** -- set-jump capture. +- **sub_11E0 / FpgaErrorHandlerSetJumpStateCheck** -- set-jump validation. +- **sub_320 / FpgaErrorHandlerSetJumpRecover** -- set-jump recovery (`longjmp` equivalent). +- **sub_11A0 / FpgaErrorHandlerAssert** -- decompiler recovery assertion/log edge. +- **sub_13D4 / FpgaErrorHandlerCleanup** -- cleanup routine. +- **qword_2FA8 / mFpgaErrorHandlerModuleStatus** -- recovered module return status. +- **unk_2EB0 / mFpgaErrorHandlerJumpBuffer** -- recovered 0xF8-byte jump buffer. ## Protocols/Dependencies - MmPciBase Protocol, FPGA Callback Registration Protocol diff --git a/PurleyPlatPkg/Ras/Smm/ErrHandling/PlatformErrorHandler/PlatformErrorHandler.c b/PurleyPlatPkg/Ras/Smm/ErrHandling/PlatformErrorHandler/PlatformErrorHandler.c index 39866d4..719d9b7 100644 --- a/PurleyPlatPkg/Ras/Smm/ErrHandling/PlatformErrorHandler/PlatformErrorHandler.c +++ b/PurleyPlatPkg/Ras/Smm/ErrHandling/PlatformErrorHandler/PlatformErrorHandler.c @@ -1,28 +1,33 @@ -/** @file +/** PlatformErrorHandler.c -- PlatformErrorHandler - Auto-converted from IDA decompiler output. - Recovered function names are aligned to local module documentation. - Copyright (c) HR650X BIOS Decompilation Project **/ #include "PlatformErrorHandler.h" -// Function: ModuleEntryPoint -- DXE/SMM entry point (_ModuleEntryPoint) EFI_STATUS -ModuleEntryPoint( +_ModuleEntryPoint( EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE *SystemTable ) { EFI_STATUS Status; - // Recovered constructor + init flow: sub_30D8 -> sub_3550 -> sub_34E0(on error) + // Constructor chain -> register/init -> fallback on failure. PlatformErrorHandlerConstructors(); Status = RegisterPlatformErrorHandler(ImageHandle, SystemTable); if ( EFI_ERROR (Status) ) PlatformErrorHandlerFallbackInit(ImageHandle, SystemTable); return Status; } + +EFI_STATUS +ModuleEntryPoint( + EFI_HANDLE ImageHandle, + EFI_SYSTEM_TABLE *SystemTable + ) +{ + return _ModuleEntryPoint(ImageHandle, SystemTable); +} diff --git a/PurleyPlatPkg/Ras/Smm/ErrHandling/PlatformErrorHandler/PlatformErrorHandler.h b/PurleyPlatPkg/Ras/Smm/ErrHandling/PlatformErrorHandler/PlatformErrorHandler.h index 63be696..11a4cf9 100644 --- a/PurleyPlatPkg/Ras/Smm/ErrHandling/PlatformErrorHandler/PlatformErrorHandler.h +++ b/PurleyPlatPkg/Ras/Smm/ErrHandling/PlatformErrorHandler/PlatformErrorHandler.h @@ -11,11 +11,15 @@ #include "../uefi_headers/Uefi.h" // -// Function prototypes (recovered naming from local module docs). +// Recovered public symbols from local module analysis. // -// -// _ModuleEntryPoint / ModuleEntryPoint -- standard DXE/SMM entry point -// +EFI_STATUS +EFIAPI +_ModuleEntryPoint( + EFI_HANDLE ImageHandle, + EFI_SYSTEM_TABLE *SystemTable +); + EFI_STATUS EFIAPI ModuleEntryPoint( @@ -23,60 +27,33 @@ EFI_SYSTEM_TABLE *SystemTable ); -// -// sub_30D8 -- library constructor dispatcher -// EFI_STATUS EFIAPI -sub_30D8( +PlatformErrorHandlerConstructors( VOID ); -// Recovered alias for sub_30D8 -#define PlatformErrorHandlerConstructors sub_30D8 - -// -// sub_3550 -- main PlatformErrorHandler init -// EFI_STATUS EFIAPI -sub_3550( +RegisterPlatformErrorHandler( EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE *SystemTable ); -// Recovered alias for sub_3550 -#define RegisterPlatformErrorHandler sub_3550 - -// -// sub_34E0 -- fallback init/cleanup path -// EFI_STATUS EFIAPI -sub_34E0( +PlatformErrorHandlerFallbackInit( EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE *SystemTable ); -// Recovered alias for sub_34E0 -#define PlatformErrorHandlerFallbackInit sub_34E0 - -// -// sub_594 -- observed in local analysis as secondary SMM entry -// EFI_STATUS EFIAPI -sub_594( +PlatformErrorHandlerSmmEntry( EFI_HANDLE ImageHandle, EFI_SYSTEM_TABLE *SystemTable ); -// Recovered alias for sub_594 -#define PlatformErrorHandlerSmmEntry sub_594 - -// -// Public callback API recovered from module docs. -// EFI_STATUS EFIAPI RegisterErrorNotificationCallback( @@ -102,4 +79,21 @@ VOID *Context ); +// Sub_XXX compatibility aliases preserved for traceability. +#define sub_30D8 PlatformErrorHandlerConstructors +#define sub_3550 RegisterPlatformErrorHandler +#define sub_34E0 PlatformErrorHandlerFallbackInit +#define sub_594 PlatformErrorHandlerSmmEntry + +// +// Recovered linked-list globals from decompiled analysis. +// +extern EFI_STATUS PlatformErrorHandlerStatus; +extern VOID *ErrorSourceListHead; +extern VOID *ErrorSourceListTail; +extern VOID *NotificationCallbackHead; +extern VOID *NotificationCallbackTail; +extern VOID *EmcaPlatformProtocol; +extern VOID *SmmIpmiTransportProtocol; + #endif /* __PLATFORMERRORHANDLER_H__ */ diff --git a/PurleyPlatPkg/Ras/Smm/ErrHandling/PlatformErrorHandler/PlatformErrorHandler.md b/PurleyPlatPkg/Ras/Smm/ErrHandling/PlatformErrorHandler/PlatformErrorHandler.md index 9d8f8e0..1d7dd48 100644 --- a/PurleyPlatPkg/Ras/Smm/ErrHandling/PlatformErrorHandler/PlatformErrorHandler.md +++ b/PurleyPlatPkg/Ras/Smm/ErrHandling/PlatformErrorHandler/PlatformErrorHandler.md @@ -4,16 +4,17 @@ | Address | Name | Description | |---------|------|-------------| -| 0x5CC | **_ModuleEntryPoint** (`ModuleEntryPoint`) | DXE/SMM entry point: constructor sequence (`sub_30D8`), then main init (`sub_3550`), fallback (`sub_34E0`) on failure | -| (rsi) | **sub_30D8** (`PlatformErrorHandlerConstructors`) | AutoGen constructor dispatcher / library initialization path | -| (rsi) | **sub_3550** (`RegisterPlatformErrorHandler`) | Main PlatformErrorHandler initialization | -| (rsi) | **sub_34E0** (`PlatformErrorHandlerFallbackInit`) | Fallback/teardown initialization helper | -| (rsi) | **sub_594** (`PlatformErrorHandlerSmmEntry`) | Secondary SMM entry observed in local analysis | +| 0x5CC | **_ModuleEntryPoint** (`ModuleEntryPoint`) | DXE/SMM entry point: constructor sequence (`sub_30D8` -> `PlatformErrorHandlerConstructors`), then main init (`sub_3550` -> `RegisterPlatformErrorHandler`), fallback (`sub_34E0` -> `PlatformErrorHandlerFallbackInit`) on failure | +| (rsi) | **PlatformErrorHandlerConstructors** (`sub_30D8`) | AutoGen constructor dispatcher / library initialization path | +| (rsi) | **RegisterPlatformErrorHandler** (`sub_3550`) | Main PlatformErrorHandler initialization | +| (rsi) | **PlatformErrorHandlerFallbackInit** (`sub_34E0`) | Fallback/cleanup initialization helper | +| (rsi) | **PlatformErrorHandlerSmmEntry** (`sub_594`) | Secondary SMM entry observed in local analysis | ## Recovered Globals | Recovered Name | Original Symbol | Purpose | |----------------|-----------------|---------| +| PlatformErrorHandlerStatus | qword_72D8 | Module status/result cache (initialized to `EFI_NOT_FOUND`) | | ErrorSourceListHead | qword_72E0 | Head of registered error-source list | | ErrorSourceListTail | qword_72E8 | Tail of registered error-source list | | NotificationCallbackHead | qword_72F0 | Head of notification callback list | @@ -24,7 +25,10 @@ ## Module File Split - `_ModuleEntryPoint`/`sub_594` are entry paths in `PlatformErrorHandler.c`. -- Functions `sub_1D8C`/`sub_1E3C` families referenced by the module analysis are documented in `emcaplatformhookslib.c`. +- `PlatformErrorHandlerConstructors`, `RegisterPlatformErrorHandler`, `PlatformErrorHandlerFallbackInit`, + `RegisterErrorNotificationCallback`, `RegisterErrorSource`, `DispatchNotification`, + and `DispatchWithEarlyOut` are in this module directory and are exposed for cross-file linking. +- Helpers for MC-bank access (`sub_1D8C` / `sub_1DE4` / `sub_1E3C`) are still documented in `emcaplatformhookslib.c`. --- *Generated by HR650X BIOS Decompilation Project* diff --git a/PurleyPlatPkg/Ras/Smm/ErrHandling/PlatformErrorHandler/README.md b/PurleyPlatPkg/Ras/Smm/ErrHandling/PlatformErrorHandler/README.md index e7ac7db..80d8389 100644 --- a/PurleyPlatPkg/Ras/Smm/ErrHandling/PlatformErrorHandler/README.md +++ b/PurleyPlatPkg/Ras/Smm/ErrHandling/PlatformErrorHandler/README.md @@ -15,6 +15,17 @@ - **RegisterErrorNotificationCallback** (`sub_36B8`) -- priority-sorted callback registration - **RegisterErrorSource** (`sub_35C8`) -- source-registration linked list insertion +## Recovered Module Variables +- `PlatformErrorHandlerStatus` (`qword_72D8`) +- `ErrorSourceListHead` / `ErrorSourceListTail` (`qword_72E0` / `qword_72E8`) +- `NotificationCallbackHead` / `NotificationCallbackTail` (`qword_72F0` / `qword_72F8`) +- `EmcaPlatformProtocol` (`qword_7368`) +- `SmmIpmiTransportProtocol` (`qword_73C0`) + +## File Split Notes +- `_ModuleEntryPoint` and `PlatformErrorHandlerSmmEntry` entry paths are in this file. +- SMM subroutines for MC bank lookup (`sub_1D8C`, `sub_1DE4`, `sub_1E3C`) are documented in `emcaplatformhookslib.c`, and this file is expected to consume that API. + ## Protocols/Dependencies - EMCA Platform Protocol ({F4CCBFB7-...}), SMM MC Bank Protocol - SMM IPMI Transport Protocol, SMM Variable Protocol