From Collaborative RCE Knowledge Library

Jump to: navigation, search

Pinczakko's guide to Award BIOS reverse engineering

Item name: Pinczakko's guide to Award BIOS reverse engineering
Rating: 0.0 (0 votes)
Author: Pinczakko                        
Home URL: http://sites.google.com/site/pinczakko/
Last updated: 2010
Version (if appl.):
Direct D/L link: http://sites.google.com/site/pinczakko/pinczakko-s-guide-to-award-bios-reverse-engineering
Description: 1. Foreword
2. Prerequisite
2.1. PCI BUS
2.2. ISA BUS
3. Some Hardware Peculiarities
3.1. BIOS Chip Addressing
3.2. Obscure Hardware Port
3.3. "Relocatable" Hardware Port
3.4. Expansion ROM Handling
4. Some Software Peculiarities
4.1. Call Instruction Peculiarity
4.2. Retn Instruction Peculiarity
5. Our Tools of Trade
5.1. What do we need anyway?
5.2. Intro to IDA Pro Techniques
5.2.1. Introducing IDA Pro
5.2.2. IDA Pro Scripting and Key Bindings
6. Award BIOS File Structure
6.1. The Compressed Components
6.2. The Pure Binary Components
6.3. The Memory Map In The Real System (Mainboard)
7. Disassembling the BIOS
7.1. Bootblock
7.1.1. "Virtual Shutdown" routine
7.1.2. Chipset_Reg_Early_Init routine
7.1.3. Init_Interrupt_n_PwrMgmt routine
7.1.4. Call To "Early Silicon Support" Routine
7.1.5. Bootblock Is Copied And Executed In RAM
7.1.6. Call to bios decompression routine and the jump into decompressed system bios
7.1.6.1. Enable FFF80000h-FFFDFFFFh decoding
7.1.6.2. Copy lower 128KB of BIOS code from ROM chip into RAM
7.1.6.3. Disable FFF8_0000h-FFFD_FFFFh decoding
7.1.6.4. Verify checksum of the whole compressed BIOS image
7.1.6.5. Look for the decompression engine
7.1.6.6. Decompress the compressed BIOS components
7.1.6.6.a. The format of the LZH level-1 compressed bios components
7.1.6.6.b. The location of various checksums
7.1.6.6.c. The key parts of the decompression routine
7.1.6.7. Shadow the BIOS code
7.1.6.8. Enable the microprocessor cache then jump into the decompressed system BIOS
7.2. System BIOS a.k.a Original.tmp
7.2.1. Entry point from "Bootblock in RAM"
7.2.2. The awardext.rom and Extension BIOS Components (lower 128KB bios-code) Relocation Routine
7.2.3. Call to the POST routine a.k.a "POST jump table execution"
7.2.4. The "segment vector" Routines
7.2.5. "chksum_ROM" Procedure
7.2.6. Original.tmp Decompression Routine for The "Extension_BIOS Components"
7.2.7. Microcode Update Routine
8. Rants and Raves
9. Closing
Related URLs: No related URLs have been submitted for this item yet


RSS feed Feed containing all updates for this item.

You are welcome to add your own useful notes about this tool, for others to see!



If you find that any information for the item above is missing, outdated or incorrect, please edit it!
(please also edit it if you think it fits well in some additional category, since this can also be controlled)


Views
Category Navigation Tree
   Tools