From Collaborative RCE Knowledge Library

Jump to: navigation, search

OS Independent Internals Tidbits


Item name: Pinczakko's guide to Award BIOS reverse engineering
Rating: 0.0 (0 votes)
Author: Pinczakko                        
Home URL: http://sites.google.com/site/pinczakko/
Last updated: 2010
Version (if appl.):
Direct D/L link: http://sites.google.com/site/pinczakko/pinczakko-s-guide-to-award-bios-reverse-engineering
Description: 1. Foreword
2. Prerequisite
2.1. PCI BUS
2.2. ISA BUS
3. Some Hardware Peculiarities
3.1. BIOS Chip Addressing
3.2. Obscure Hardware Port
3.3. "Relocatable" Hardware Port
3.4. Expansion ROM Handling
4. Some Software Peculiarities
4.1. Call Instruction Peculiarity
4.2. Retn Instruction Peculiarity
5. Our Tools of Trade
5.1. What do we need anyway?
5.2. Intro to IDA Pro Techniques
5.2.1. Introducing IDA Pro
5.2.2. IDA Pro Scripting and Key Bindings
6. Award BIOS File Structure
6.1. The Compressed Components
6.2. The Pure Binary Components
6.3. The Memory Map In The Real System (Mainboard)
7. Disassembling the BIOS
7.1. Bootblock
7.1.1. "Virtual Shutdown" routine
7.1.2. Chipset_Reg_Early_Init routine
7.1.3. Init_Interrupt_n_PwrMgmt routine
7.1.4. Call To "Early Silicon Support" Routine
7.1.5. Bootblock Is Copied And Executed In RAM
7.1.6. Call to bios decompression routine and the jump into decompressed system bios
7.1.6.1. Enable FFF80000h-FFFDFFFFh decoding
7.1.6.2. Copy lower 128KB of BIOS code from ROM chip into RAM
7.1.6.3. Disable FFF8_0000h-FFFD_FFFFh decoding
7.1.6.4. Verify checksum of the whole compressed BIOS image
7.1.6.5. Look for the decompression engine
7.1.6.6. Decompress the compressed BIOS components
7.1.6.6.a. The format of the LZH level-1 compressed bios components
7.1.6.6.b. The location of various checksums
7.1.6.6.c. The key parts of the decompression routine
7.1.6.7. Shadow the BIOS code
7.1.6.8. Enable the microprocessor cache then jump into the decompressed system BIOS
7.2. System BIOS a.k.a Original.tmp
7.2.1. Entry point from "Bootblock in RAM"
7.2.2. The awardext.rom and Extension BIOS Components (lower 128KB bios-code) Relocation Routine
7.2.3. Call to the POST routine a.k.a "POST jump table execution"
7.2.4. The "segment vector" Routines
7.2.5. "chksum_ROM" Procedure
7.2.6. Original.tmp Decompression Routine for The "Extension_BIOS Components"
7.2.7. Microcode Update Routine
8. Rants and Raves
9. Closing
Also listed in: X86 Internals Tidbits
More details: Click here for more details, images, related URLs & comments for this item! (or to update its entry)




RSS feed Feed containing all updates and additions for this category.

RSS feed Feed containing all updates and additions for this category, including sub-categories.


Subcategories

There are 5 subcategories to this category.




No items can be added directly to this category, please rather select one of its sub-categories above to submit an item!

Views
Category Navigation Tree
   Tools