Welcome to the dark corner of BIOS reverse engineering, code injection and various modification techniques only deemed by those immensely curious about BIOS

Thursday, October 7, 2010

How to Read The ACPI Specification

The ACPI specification is a huge documentation. Especially ACPI v4.0 spec. It's 727 pages. The how to read it? It depends. For now, I'd like to focus from the perspective of someone who read ASL (ACPI Source Language) source code. Reading ASL code is particularly rather frustrating for beginners. Here's how to do it:
  1. If you're total newbie to ACPI, read Chapter 1. Otherwise, proceed to step 2.
  2. Read Chapter 4 - ACPI Hardware Specification briefly.
  3. Read Chapter 5 - ACPI Software Programming Model briefly.
  4. Read Chapter 18 - ACPI Source Language Reference briefly.
Now, go back to the ASL source code that you want to understand and look-up the meaning of the operators in Chapter 18 - ACPI Source Language Reference. Sometimes, you have to repeat this several times to get used to the operator. Now, let's see an example:
// Define a Lid switch
OperationRegion(\PHO, SystemIO, 0x201, 0x1)
       Field(\PHO, ByteAcc, NoLock, Preserve) {
          LPOL, 1 // Lid polarity control bit
       }

Device(\_SB.LID){
       Name(_HID, EISAID(“PNP0C0D”))
       Method(_LID){Return(LPOL)}
       Name(_PRW, Package(2){
          1, // bit 1 of GPE to enable Lid wakeup
          0x04} // can wakeup from S4 state
       )
}

Scope(\_GPE){ // Root level event handlers
       Method(_L01){ // uses bit 1 of GP0_STS register
          Not(LPOL, LPOL) // Flip the lid polarity bit
          Notify(LID, 0x80) // Notify OS of event
     }
}
In the code above, the words: OperationRegion, Method, Scope, Name, and Field are ASL "operators". Therefore, to know what these operators do, look at the ASL Operator Reference in Chapter 18 (section 18.5) in ACPI specification revision 4.0. There are more things left to be explained to understand the ASL source code above. I'll leave for another time. The most important thing is: now we can read the ACPI specification much more efficiently. Cheers :)

Last news about BIOS Disassembly Ninjutsu Uncovered 2nd Edition

OK. First, I'd like to apologize because of the very lengthy delay on the BIOS Disassembly Ninjutsu Uncovered 2nd Edition. I've got the got to go sign from No Starch Press, but I'm still waiting for my co-author (Luis Miras) to be ready. For sure, you'll get more computer-security-related stuff in the second edition. I have finished the materials for several hardware oriented chapters but they still requires a huge amount of edits. Well, hopefully this second edition don't need to wait until Christmas to complete. I'll be posting more regularly in this blog from now on.

BIOS Security Training

It's been ages since I update this blog. Sorry guys. Anyway, I gave a BIOS Security Training a while ago in Europe and I'd like to inform you that if you are interested about such a training, you can contact me by email and we can talk about it. I prefer it to be a small class when giving a training so that the interaction will be more engaging and you can get the most out of it.