NE Alpha 42

This commit is contained in:
Cr4sh 2017-07-31 09:06:11 +03:00
parent 9b85fac61b
commit fc579533e8
8 changed files with 167 additions and 63 deletions

View File

@ -17,7 +17,7 @@
UEFITool::UEFITool(QWidget *parent) : UEFITool::UEFITool(QWidget *parent) :
QMainWindow(parent), QMainWindow(parent),
ui(new Ui::UEFITool), ui(new Ui::UEFITool),
version(tr("NE alpha 41")) version(tr("NE alpha 42"))
{ {
clipboard = QApplication::clipboard(); clipboard = QApplication::clipboard();

View File

@ -162,7 +162,7 @@ typedef struct EFI_TIME_ {
UINT8 : 8; UINT8 : 8;
} EFI_TIME; } EFI_TIME;
// Aling to 4 or 8 bytes // Align to 4 or 8 bytes
#define ALIGN4(Value) (((Value)+3) & ~3) #define ALIGN4(Value) (((Value)+3) & ~3)
#define ALIGN8(Value) (((Value)+7) & ~7) #define ALIGN8(Value) (((Value)+7) & ~7)

View File

@ -2867,7 +2867,6 @@ USTATUS FfsParser::parseFit(const UModelIndex & index)
return U_SUCCESS; return U_SUCCESS;
// Explicitly set the item as fixed // Explicitly set the item as fixed
// TODO: update info
model->setFixed(fitIndex, true); model->setFixed(fitIndex, true);
// Special case of FIT header // Special case of FIT header
@ -2923,10 +2922,10 @@ USTATUS FfsParser::parseFit(const UModelIndex & index)
case FIT_TYPE_MICROCODE: { case FIT_TYPE_MICROCODE: {
//TODO: refactor into function with error reporting //TODO: refactor into function with error reporting
if (currentEntry->Address > addressDiff && currentEntry->Address < 0xFFFFFFFFUL) { if (currentEntry->Address > addressDiff && currentEntry->Address < 0xFFFFFFFFUL) {
UINT32 offset = (UINT32)currentEntry->Address - addressDiff; UINT32 offset = (UINT32)(currentEntry->Address - addressDiff);
UModelIndex mcIndex = model->findByOffset(offset); UModelIndex mcIndex = model->findByOffset(offset);
if (mcIndex.isValid()) {
UByteArray mcFile = model->header(mcIndex) + model->body(mcIndex) + model->tail(mcIndex); UByteArray mcFile = model->header(mcIndex) + model->body(mcIndex) + model->tail(mcIndex);
UINT32 mcOffset = offset - model->offset(mcIndex); UINT32 mcOffset = offset - model->offset(mcIndex);
if (mcOffset + sizeof(INTEL_MICROCODE_HEADER) <= (UINT32)mcFile.size()) { if (mcOffset + sizeof(INTEL_MICROCODE_HEADER) <= (UINT32)mcFile.size()) {
const INTEL_MICROCODE_HEADER* header = (const INTEL_MICROCODE_HEADER*)(mcFile.constData() + mcOffset); const INTEL_MICROCODE_HEADER* header = (const INTEL_MICROCODE_HEADER*)(mcFile.constData() + mcOffset);
@ -2940,6 +2939,7 @@ USTATUS FfsParser::parseFit(const UModelIndex & index)
if (reservedBytesValid) { if (reservedBytesValid) {
UINT32 mcSize = header->TotalSize; UINT32 mcSize = header->TotalSize;
if (mcOffset + mcSize <= (UINT32)mcFile.size()) { if (mcOffset + mcSize <= (UINT32)mcFile.size()) {
// Valid microcode found
info = usprintf("LocalOffset %08Xh, CPUID %08Xh, Revision %08Xh, Date %08Xh", info = usprintf("LocalOffset %08Xh, CPUID %08Xh, Revision %08Xh, Date %08Xh",
mcOffset, mcOffset,
header->CpuSignature, header->CpuSignature,
@ -2952,6 +2952,7 @@ USTATUS FfsParser::parseFit(const UModelIndex & index)
} }
} }
} }
}
} break; } break;
case FIT_TYPE_BIOS_AC_MODULE: case FIT_TYPE_BIOS_AC_MODULE:
@ -2963,8 +2964,7 @@ USTATUS FfsParser::parseFit(const UModelIndex & index)
case FIT_TYPE_AC_BOOT_POLICY: case FIT_TYPE_AC_BOOT_POLICY:
default: default:
if (currentEntry->Address > addressDiff && currentEntry->Address < 0xFFFFFFFFUL) { if (currentEntry->Address > addressDiff && currentEntry->Address < 0xFFFFFFFFUL) {
UINT32 offset = (UINT32)currentEntry->Address - addressDiff; itemIndex = model->findByOffset((UINT32)(currentEntry->Address - addressDiff));
itemIndex = model->findByOffset(offset);
} }
msgModifiedImageMayNotWork = true; msgModifiedImageMayNotWork = true;
@ -3032,7 +3032,7 @@ USTATUS FfsParser::addMemoryAddressesRecursive(const UModelIndex & index)
// Set address value for non-compressed data // Set address value for non-compressed data
if (!model->compressed(index)) { if (!model->compressed(index)) {
// Check address sanity // Check address sanity
UINT64 address = (const UINT64)addressDiff + model->offset(index); UINT64 address = addressDiff + model->offset(index);
if (address <= 0xFFFFFFFFUL) { if (address <= 0xFFFFFFFFUL) {
// Update info // Update info
UINT32 headerSize = model->header(index).size(); UINT32 headerSize = model->header(index).size();

View File

@ -63,6 +63,7 @@ typedef struct NVAR_ENTRY_HEADER_ {
#define NVRAM_NVAR_ENTRY_EXT_AUTH_WRITE 0x10 #define NVRAM_NVAR_ENTRY_EXT_AUTH_WRITE 0x10
#define NVRAM_NVAR_ENTRY_EXT_TIME_BASED 0x20 #define NVRAM_NVAR_ENTRY_EXT_TIME_BASED 0x20
#define NVRAM_NVAR_ENTRY_EXT_UNKNOWN_MASK 0xCE #define NVRAM_NVAR_ENTRY_EXT_UNKNOWN_MASK 0xCE
// //
// TianoCore VSS store and variables // TianoCore VSS store and variables
// //
@ -158,6 +159,31 @@ typedef struct VSS_AUTH_VARIABLE_HEADER_ {
extern UString vssAttributesToUString(const UINT32 attributes); extern UString vssAttributesToUString(const UINT32 attributes);
//
// Lenovo VSS variables
//
//aaf32c78-947b-439a-a180-2e144ec37792
#define LENOVO_AUTH_VAR_KEY_DATABASE_GUID_PART1 0xaaf32c78
const UByteArray LENOVO_AUTH_VAR_KEY_DATABASE_GUID
("\x78\x2C\xF3\xAA\x7B\x94\x9A\x43\xA1\x80\x2E\x14\x4E\xC3\x77\x92");
#define LENOVO_VSS_STORE_GUID_PART1 0xddcf3617
const UByteArray LENOVO_VSS_STORE_GUID
("\x17\x36\xCF\xDD\x75\x32\x64\x41\x98\xB6\xFE\x85\x70\x7F\xFE\x7D");
// Variable store header
typedef struct LENOVO_VSS_VARIABLE_STORE_HEADER_ {
EFI_GUID Signature;
UINT32 Size; // Size of variable store, including store header
UINT8 Format; // Store format state
UINT8 State; // Store health state
UINT16 Unknown;
UINT32 : 32;
} LENOVO_VSS_VARIABLE_STORE_HEADER;
// VSS entries are 4-bytes aligned in Lenovo stores
// //
// _FDC region // _FDC region
// //
@ -182,6 +208,10 @@ typedef struct FDC_VOLUME_HEADER_ {
const UByteArray EDKII_WORKING_BLOCK_SIGNATURE_GUID const UByteArray EDKII_WORKING_BLOCK_SIGNATURE_GUID
("\x2B\x29\x58\x9E\x68\x7C\x7D\x49\x0A\xCE\x65\x00\xFD\x9F\x1B\x95", 16); ("\x2B\x29\x58\x9E\x68\x7C\x7D\x49\x0A\xCE\x65\x00\xFD\x9F\x1B\x95", 16);
// 9E58292B-7C68-497D-A0CE6500FD9F1B95
const UByteArray LENOVO_WORKING_BLOCK_SIGNATURE_GUID
("\x2B\x29\x58\x9E\x68\x7C\x7D\x49\xA0\xCE\x65\x00\xFD\x9F\x1B\x95", 16);
#define NVRAM_MAIN_STORE_VOLUME_GUID_DATA1 0xFFF12B8D #define NVRAM_MAIN_STORE_VOLUME_GUID_DATA1 0xFFF12B8D
#define EDKII_WORKING_BLOCK_SIGNATURE_GUID_DATA1 0x9E58292B #define EDKII_WORKING_BLOCK_SIGNATURE_GUID_DATA1 0x9E58292B

View File

@ -497,7 +497,8 @@ USTATUS NvramParser::parseNvramVolumeBody(const UModelIndex & index)
UModelIndex current = index.child(i, 0); UModelIndex current = index.child(i, 0);
switch (model->type(current)) { switch (model->type(current)) {
case Types::VssStore: case Types::VssStore:
case Types::FdcStore: parseVssStoreBody(current); break; case Types::FdcStore: parseVssStoreBody(current, 0); break;
case Types::LenovoVssStore: parseVssStoreBody(current, 4); break;
case Types::FsysStore: parseFsysStoreBody(current); break; case Types::FsysStore: parseFsysStoreBody(current); break;
case Types::EvsaStore: parseEvsaStoreBody(current); break; case Types::EvsaStore: parseEvsaStoreBody(current); break;
case Types::FlashMapStore: parseFlashMapBody(current); break; case Types::FlashMapStore: parseFlashMapBody(current); break;
@ -530,6 +531,23 @@ USTATUS NvramParser::findNextStore(const UModelIndex & index, const UByteArray &
// All checks passed, store found // All checks passed, store found
break; break;
} }
else if (*currentPos == LENOVO_AUTH_VAR_KEY_DATABASE_GUID_PART1 || *currentPos == LENOVO_VSS_STORE_GUID_PART1) { //Lenovo VSS store signatures found, perform checks
UByteArray guid = UByteArray(volume.constData() + offset, sizeof(EFI_GUID));
if (guid != LENOVO_AUTH_VAR_KEY_DATABASE_GUID && guid != LENOVO_VSS_STORE_GUID) // Check the whole signature
continue;
const LENOVO_VSS_VARIABLE_STORE_HEADER* vssHeader = (const LENOVO_VSS_VARIABLE_STORE_HEADER*)currentPos;
if (vssHeader->Format != NVRAM_VSS_VARIABLE_STORE_FORMATTED) {
msg(usprintf("findNextStore: Lenovo VSS store candidate at offset %Xh skipped, has invalid format %02Xh", localOffset + offset, vssHeader->Format), index);
continue;
}
if (vssHeader->Size == 0 || vssHeader->Size == 0xFFFFFFFF) {
msg(usprintf("findNextStore: Lenovo VSS store candidate at offset %Xh skipped, has invalid size %Xh", localOffset + offset, vssHeader->Size), index);
continue;
}
// All checks passed, store found
break;
}
else if (*currentPos == NVRAM_FDC_VOLUME_SIGNATURE) { //FDC signature found else if (*currentPos == NVRAM_FDC_VOLUME_SIGNATURE) { //FDC signature found
const FDC_VOLUME_HEADER* fdcHeader = (const FDC_VOLUME_HEADER*)currentPos; const FDC_VOLUME_HEADER* fdcHeader = (const FDC_VOLUME_HEADER*)currentPos;
if (fdcHeader->Size == 0 || fdcHeader->Size == 0xFFFFFFFF) { if (fdcHeader->Size == 0 || fdcHeader->Size == 0xFFFFFFFF) {
@ -567,7 +585,7 @@ USTATUS NvramParser::findNextStore(const UModelIndex & index, const UByteArray &
} }
else if (*currentPos == NVRAM_MAIN_STORE_VOLUME_GUID_DATA1 || *currentPos == EDKII_WORKING_BLOCK_SIGNATURE_GUID_DATA1) { //Possible FTW block signature found else if (*currentPos == NVRAM_MAIN_STORE_VOLUME_GUID_DATA1 || *currentPos == EDKII_WORKING_BLOCK_SIGNATURE_GUID_DATA1) { //Possible FTW block signature found
UByteArray guid = UByteArray(volume.constData() + offset, sizeof(EFI_GUID)); UByteArray guid = UByteArray(volume.constData() + offset, sizeof(EFI_GUID));
if (guid != NVRAM_MAIN_STORE_VOLUME_GUID && guid != EDKII_WORKING_BLOCK_SIGNATURE_GUID) // Check the whole signature if (guid != NVRAM_MAIN_STORE_VOLUME_GUID && guid != EDKII_WORKING_BLOCK_SIGNATURE_GUID && guid != LENOVO_WORKING_BLOCK_SIGNATURE_GUID) // Check the whole signature
continue; continue;
// Detect header variant based on WriteQueueSize // Detect header variant based on WriteQueueSize
@ -678,6 +696,10 @@ USTATUS NvramParser::getStoreSize(const UByteArray & data, const UINT32 storeOff
const VSS_VARIABLE_STORE_HEADER* vssHeader = (const VSS_VARIABLE_STORE_HEADER*)signature; const VSS_VARIABLE_STORE_HEADER* vssHeader = (const VSS_VARIABLE_STORE_HEADER*)signature;
storeSize = vssHeader->Size; storeSize = vssHeader->Size;
} }
else if (*signature == LENOVO_AUTH_VAR_KEY_DATABASE_GUID_PART1 || *signature == LENOVO_VSS_STORE_GUID_PART1) {
const LENOVO_VSS_VARIABLE_STORE_HEADER* vssHeader = (const LENOVO_VSS_VARIABLE_STORE_HEADER*)signature;
storeSize = vssHeader->Size;
}
else if (*signature == NVRAM_FDC_VOLUME_SIGNATURE) { else if (*signature == NVRAM_FDC_VOLUME_SIGNATURE) {
const FDC_VOLUME_HEADER* fdcHeader = (const FDC_VOLUME_HEADER*)signature; const FDC_VOLUME_HEADER* fdcHeader = (const FDC_VOLUME_HEADER*)signature;
storeSize = fdcHeader->Size; storeSize = fdcHeader->Size;
@ -765,6 +787,48 @@ USTATUS NvramParser::parseVssStoreHeader(const UByteArray & store, const UINT32
return U_SUCCESS; return U_SUCCESS;
} }
USTATUS NvramParser::parseLenovoVssStoreHeader(const UByteArray & store, const UINT32 localOffset, const UModelIndex & parent, UModelIndex & index)
{
const UINT32 dataSize = (const UINT32)store.size();
// Check store size
if (dataSize < sizeof(LENOVO_VSS_VARIABLE_STORE_HEADER)) {
msg(UString("parseLenovoVssStoreHeader: volume body is too small even for VSS store header"), parent);
return U_SUCCESS;
}
// Get VSS store header
const LENOVO_VSS_VARIABLE_STORE_HEADER* vssStoreHeader = (const LENOVO_VSS_VARIABLE_STORE_HEADER*)store.constData();
// Check store size
if (dataSize < vssStoreHeader->Size) {
msg(usprintf("parseLenovoVssStoreHeader: VSS store size %Xh (%u) is greater than volume body size %Xh (%u)",
vssStoreHeader->Size, vssStoreHeader->Size,
dataSize, dataSize), parent);
return U_SUCCESS;
}
// Construct header and body
UByteArray header = store.left(sizeof(LENOVO_VSS_VARIABLE_STORE_HEADER));
UByteArray body = store.mid(sizeof(LENOVO_VSS_VARIABLE_STORE_HEADER), vssStoreHeader->Size - sizeof(LENOVO_VSS_VARIABLE_STORE_HEADER));
// Add info
UString name = UString("Lenovo VSS store");
UString info = UString("Signature: ") + guidToUString(vssStoreHeader->Signature, false) +
usprintf("\nFull size: %Xh (%u)\nHeader size: %Xh (%u)\nBody size: %Xh (%u)\nFormat: %02Xh\nState: %02Xh\nUnknown: %04Xh",
vssStoreHeader->Size, vssStoreHeader->Size,
header.size(), header.size(),
body.size(), body.size(),
vssStoreHeader->Format,
vssStoreHeader->State,
vssStoreHeader->Unknown);
// Add tree item
index = model->addItem(localOffset, Types::LenovoVssStore, 0, name, UString(), info, header, body, UByteArray(), Fixed, parent);
return U_SUCCESS;
}
USTATUS NvramParser::parseFtwStoreHeader(const UByteArray & store, const UINT32 localOffset, const UModelIndex & parent, UModelIndex & index) USTATUS NvramParser::parseFtwStoreHeader(const UByteArray & store, const UINT32 localOffset, const UModelIndex & parent, UModelIndex & index)
{ {
const UINT32 dataSize = (const UINT32)store.size(); const UINT32 dataSize = (const UINT32)store.size();
@ -1217,6 +1281,9 @@ USTATUS NvramParser::parseStoreHeader(const UByteArray & store, const UINT32 loc
// VSS/SVS store // VSS/SVS store
if (*signature == NVRAM_VSS_STORE_SIGNATURE || *signature == NVRAM_APPLE_SVS_STORE_SIGNATURE) if (*signature == NVRAM_VSS_STORE_SIGNATURE || *signature == NVRAM_APPLE_SVS_STORE_SIGNATURE)
return parseVssStoreHeader(store, localOffset, parent, index); return parseVssStoreHeader(store, localOffset, parent, index);
// Lenovo VSS store
if (*signature == LENOVO_AUTH_VAR_KEY_DATABASE_GUID_PART1 || *signature == LENOVO_VSS_STORE_GUID_PART1)
return parseLenovoVssStoreHeader(store, localOffset, parent, index);
// FTW store // FTW store
else if (*signature == NVRAM_MAIN_STORE_VOLUME_GUID_DATA1 || *signature == EDKII_WORKING_BLOCK_SIGNATURE_GUID_DATA1) else if (*signature == NVRAM_MAIN_STORE_VOLUME_GUID_DATA1 || *signature == EDKII_WORKING_BLOCK_SIGNATURE_GUID_DATA1)
return parseFtwStoreHeader(store, localOffset, parent, index); return parseFtwStoreHeader(store, localOffset, parent, index);
@ -1250,7 +1317,7 @@ USTATUS NvramParser::parseStoreHeader(const UByteArray & store, const UINT32 loc
return U_SUCCESS; return U_SUCCESS;
} }
USTATUS NvramParser::parseVssStoreBody(const UModelIndex & index) USTATUS NvramParser::parseVssStoreBody(const UModelIndex & index, UINT8 alignment)
{ {
// Sanity check // Sanity check
if (!index.isValid()) if (!index.isValid())
@ -1365,8 +1432,6 @@ USTATUS NvramParser::parseVssStoreBody(const UModelIndex & index)
body = data.mid(offset + header.size(), variableHeader->DataSize); body = data.mid(offset + header.size(), variableHeader->DataSize);
} }
// There is also a case of authenticated Apple variables, but I haven't seen one yet
// Check variable state // Check variable state
if (variableHeader->State != NVRAM_VSS_VARIABLE_ADDED && variableHeader->State != NVRAM_VSS_VARIABLE_HEADER_VALID) { if (variableHeader->State != NVRAM_VSS_VARIABLE_ADDED && variableHeader->State != NVRAM_VSS_VARIABLE_HEADER_VALID) {
isInvalid = true; isInvalid = true;
@ -1442,6 +1507,11 @@ USTATUS NvramParser::parseVssStoreBody(const UModelIndex & index)
// Add tree item // Add tree item
model->addItem(localOffset + offset, Types::VssEntry, subtype, name, text, info, header, body, UByteArray(), Movable, index); model->addItem(localOffset + offset, Types::VssEntry, subtype, name, text, info, header, body, UByteArray(), Movable, index);
// Apply alignment, if needed
if (alignment) {
variableSize = ((variableSize + alignment - 1) & (~(alignment - 1)));
}
// Move to next variable // Move to next variable
offset += variableSize; offset += variableSize;
} }

View File

@ -51,6 +51,7 @@ private:
USTATUS parseStoreHeader(const UByteArray & store, const UINT32 localOffset, const UModelIndex & parent, UModelIndex & index); USTATUS parseStoreHeader(const UByteArray & store, const UINT32 localOffset, const UModelIndex & parent, UModelIndex & index);
USTATUS parseVssStoreHeader(const UByteArray & store, const UINT32 localOffset, const UModelIndex & parent, UModelIndex & index); USTATUS parseVssStoreHeader(const UByteArray & store, const UINT32 localOffset, const UModelIndex & parent, UModelIndex & index);
USTATUS parseLenovoVssStoreHeader(const UByteArray & store, const UINT32 localOffset, const UModelIndex & parent, UModelIndex & index);
USTATUS parseFtwStoreHeader(const UByteArray & store, const UINT32 localOffset, const UModelIndex & parent, UModelIndex & index); USTATUS parseFtwStoreHeader(const UByteArray & store, const UINT32 localOffset, const UModelIndex & parent, UModelIndex & index);
USTATUS parseFdcStoreHeader(const UByteArray & store, const UINT32 localOffset, const UModelIndex & parent, UModelIndex & index); USTATUS parseFdcStoreHeader(const UByteArray & store, const UINT32 localOffset, const UModelIndex & parent, UModelIndex & index);
USTATUS parseFsysStoreHeader(const UByteArray & store, const UINT32 localOffset, const UModelIndex & parent, UModelIndex & index); USTATUS parseFsysStoreHeader(const UByteArray & store, const UINT32 localOffset, const UModelIndex & parent, UModelIndex & index);
@ -61,7 +62,7 @@ private:
USTATUS parseSlicMarkerHeader(const UByteArray & store, const UINT32 localOffset, const UModelIndex & parent, UModelIndex & index); USTATUS parseSlicMarkerHeader(const UByteArray & store, const UINT32 localOffset, const UModelIndex & parent, UModelIndex & index);
USTATUS parseIntelMicrocodeHeader(const UByteArray & store, const UINT32 localOffset, const UModelIndex & parent, UModelIndex & index); USTATUS parseIntelMicrocodeHeader(const UByteArray & store, const UINT32 localOffset, const UModelIndex & parent, UModelIndex & index);
USTATUS parseVssStoreBody(const UModelIndex & index); USTATUS parseVssStoreBody(const UModelIndex & index, const UINT8 alignment);
USTATUS parseFsysStoreBody(const UModelIndex & index); USTATUS parseFsysStoreBody(const UModelIndex & index);
USTATUS parseEvsaStoreBody(const UModelIndex & index); USTATUS parseEvsaStoreBody(const UModelIndex & index);
USTATUS parseFlashMapBody(const UModelIndex & index); USTATUS parseFlashMapBody(const UModelIndex & index);

View File

@ -46,6 +46,7 @@ UString itemTypeToUString(const UINT8 type)
case Types::Section: return UString("Section"); case Types::Section: return UString("Section");
case Types::FreeSpace: return UString("Free space"); case Types::FreeSpace: return UString("Free space");
case Types::VssStore: return UString("VSS store"); case Types::VssStore: return UString("VSS store");
case Types::LenovoVssStore: return UString("Lenovo VSS store");
case Types::FtwStore: return UString("FTW store"); case Types::FtwStore: return UString("FTW store");
case Types::FdcStore: return UString("FDC store"); case Types::FdcStore: return UString("FDC store");
case Types::FsysStore: return UString("Fsys store"); case Types::FsysStore: return UString("Fsys store");
@ -70,6 +71,7 @@ UString itemSubtypeToUString(const UINT8 type, const UINT8 subtype)
case Types::Root: case Types::Root:
case Types::FreeSpace: case Types::FreeSpace:
case Types::VssStore: case Types::VssStore:
case Types::LenovoVssStore:
case Types::FdcStore: case Types::FdcStore:
case Types::FsysStore: case Types::FsysStore:
case Types::EvsaStore: case Types::EvsaStore:

View File

@ -44,6 +44,7 @@ namespace Types {
Section, Section,
FreeSpace, FreeSpace,
VssStore, VssStore,
LenovoVssStore,
FtwStore, FtwStore,
FdcStore, FdcStore,
FsysStore, FsysStore,