Welcome to the dark corner of BIOS reverse engineering, code injection and various modification techniques only deemed by those immensely curious about BIOS

Tuesday, August 27, 2013

AMBA-PCIe Interoperability

The native bus in ARM systems, Advanced Microcontroller Bus Architecture (AMBA)
[see: http://en.wikipedia.org/wiki/Advanced_Microcontroller_Bus_Architecture] has been interoperable with
PCI Express (PCIe) for several years now. These are related documentation that helps understanding
how it works:
1. Designing an AMBA-based SoC with a PCI Express Interface,
   link: http://www.pcisig.com/developers/main/training_materials/get_document?doc_id=fcb3ebb3b4537c401230b3f3cd71e7895b7c5518

2. Building a Bridge from PCI Express to AMBA 3 AXI On-Chip Bus,
   link: http://www.synopsys.com/dw/dwtb.php?a=pcie_tb_axi
 
3. This one is even more interesting: Implementing a PCI-Express AMBA interface controller on a Spartan6 FPGA,   link: http://publications.lib.chalmers.se/records/fulltext/176608/176608.pdf
 
This shows how far the layered design of PCIe could interoperate with AMBA bus from ARM.

Thursday, August 8, 2013

UEFI replacement for BIOS Int 15h AX=E820h Interface

Those who play with low level code are familiar with the BIOS Int 15h AX=E820h interface to query memory map of the system (x86/x64). In fact, it's probably the safest way to do that.

In EFI/UEFI, the interface is replaced by a new function call interface. The function name is GetMemoryMap() and it's part of EFI/UEFI boot services. The definition of this function as follows:
typedef
EFI_STATUS
GetMemoryMap (
    IN OUT UINTN *MemoryMapSize,
    IN OUT EFI_MEMORY_DESCRIPTOR *MemoryMap,
    OUT UINTN *MapKey,
    OUT UINTN *DescriptorSize,
    OUT UINT32 *DescriptorVersion
);
The meaning of the parameters as follows:
  • MemoryMapSize; A pointer to the size, in bytes, of the MemoryMap buffer. On input, this is the size of the buffer allocated by the caller. On output, it is the size of the buffer returned by the firmware if the buffer was large enough, or the size of the buffer needed to contain the map if the buffer was too small.
  • MemoryMap; A pointer to the buffer in which firmware places the current memory map. The map is an array of EFI_MEMORY_DESCRIPTORs.
  • MapKey; A pointer to the location in which firmware returns the key for the current memory map.
  • DescriptorSize; A pointer to the location in which firmware returns the size, in bytes, of an individual EFI_MEMORY_DESCRIPTOR.
  • DescriptorVersion; A pointer to the location in which firmware returns the version number associated with the EFI_MEMORY_DESCRIPTOR. See “Related Definitions.”
The definition of the EFI_MEMORY_DESCRIPTOR structure as follows:
//*******************************************************
//EFI_MEMORY_DESCRIPTOR
//*******************************************************
typedef struct {
    UINT32 Type;
    EFI_PHYSICAL_ADDRESS PhysicalStart;
    EFI_VIRTUAL_ADDRESS VirtualStart;
    UINT64 NumberOfPages;
    UINT64 Attribute;
} EFI_MEMORY_DESCRIPTOR
The description above is based on UEFI Spec. v2.3.1 Errata C.