info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
KESYS may go UEFI
3 views
Skip to first unread message
wolfgang kern
Dec 31, 2023, 7:35:02 AM12/31/23
to
some work to do before I can even start:
need to convert these C-styled documentations into machine code
engineers format [aka RBIL-styled].
__
wolfgang
to be continued ...
need to convert these C-styled documentations into machine code
engineers format [aka RBIL-styled].
__
wolfgang
to be continued ...
wolfgang kern
Jan 5, 2024, 1:30:56 AMJan 5
to
some requirements for a start:
FIRST steps:
create a MBR on either an USB-RAM-stick or an empty SSD.
manually set partition entries as GPT:
MBR:
0000 ... all zero
01BE xx xx xx EE yy yy yy 01 00 00 00 ss ss ss ss
x = start CHS usually 1
y = end CHS usually FFFFFF
0000_0001 start-LBA of GPT image (could be elsewhere also)
s = size of this GPT image (in sectors)
01CE ... all zero
01FE 55 AA
-----------------
GPT header format
0x00 Signature 45 46 49 20 50 41 52 54 ;"EFI PART"
0x08 Revision (for GPT version 1.0 (through at least UEFI version
2.3.1), the value is 00h 00h 01h 00h)
0x0C Header size (in bytes, usually 5Ch 00h 00h 00h)
0x10 CRC32 of header (offset +0 up to header size),
with this field zeroed during calculation
0x14 Reserved; must be zero
0x18 Current LBA (location of this header copy)
0x20 Backup LBA (location of the other header copy)
0x28 First usable LBA for partitions (primary table last LBA + 1)
0x30 Last usable LBA (secondary partition table first LBA - 1)
0x38 Disk GUID (also referred as UUID on UNIXes)
0x48 Starting LBA of array of partition entries (always 2 in primary)
0x50 Number of partition entries in array
0x54 Size of a single partition entry (usually 128)
0x58 CRC32 of partition array
0x5C Reserved; must be zeroes for the rest of the block
(420 bytes for a sector size of 512 bytes; but can be more with
larger sector sizes)
---------------------------
GUID partition entry format
0x00 Partition type GUID
0x10 Unique partition GUID
0x20 First LBA (little endian)
0x28 Last LBA (inclusive, usually odd)
0x30 Attribute flags (e.g. bit 60 denotes read-only)
0x38 72 bytes Partition name (36 UTF-16LE code units)
[128 bytes total]
The 64-bit partition table attributes are shared between 48-bit common
attributes for all partition types, and 16-bit type-specific attributes.
Partition attributes
Bit Content
0 System partition (disk partitioning utilities must preserve the
partition as is)
1 EFI firmware should ignore the content of the partition and not try to
read from it
2 Legacy BIOS bootable (equivalent to active flag (typically bit 7 set)
at offset +0h in partition entries of the MBR partition table)
3–47 Reserved for future use
48–63 Defined and used by the individual partition type
Microsoft defines the type-specific attributes for Basic data partition
according to a TechNet article as:
Basic data partition attributes
Bit Content
60 Read-only
62 Hidden
63 Do not automount (i.e., do not assign drive letter)
just for Info:
Partition type GUIDs
OS type Globally unique identifier (GUID)
(None) Unused 00 00 00 00-00 00 00 00 00 00 00 00-00 00 00 00
MBR 41 EE 4D 02-E7 33 D3 11 9D 69 00 08 C7 81 F3 9F
EFI 28 73 C1 2A-1F F8 D2 11 BA 4B 00 A0 C9 3E C9 3B
ROM-BIOS 48 61 68 21-49 64 6F 6E 74 4E 65 65 64 45 46 49
"Hah!IdontNeedEFI"
M$ Reserved 16 E3 C9 E3 5C 0B B8 4D 81 7D F9 2D F0 02 15 AE
data A2 A0 D0 EB E5 B9 33 44 87 C0 68 B6 B7 26 99 C7
Logical Disk Manager meta-data
AA C8 08 58 8F 7E E0 42 85 D2 E1 E9 04 34 CF B3
Logical Disk Manager data
A0 60 9B AF 31 14 62 4F BC 68 33 11 71 4A 69 AD
Windows Recovery Environment
A4 BB 94 DE D1 06 40 4D A1 6A BF D5 01 79 D6 AC
IBM File System (GPFS) partition
90 FC AF 37 7D EF 96 4E 91 C3 2D 7A E0 55 B1 74
Storage Spaces partition
8F AF 5C E7 80 F6 EE 4C AF A3 B0 01 E5 6E FC 2D
Intel Fast Flash
DE E2 BF D3-AF 3D DF 11 BA 40 E3 A5 56 D8 95 93
Sony boot 32 97 01 F4-6E 06 12 4E 82 73 34 6C 56 41 49 4F
[there are much more... see WIKI if you need any]
----------------
FAT32 formatting (try shortest possible)
------------
the PE-file:
-------------------------------------------------------
0000 w 5a4d "MZ" DOS 2.0 Compatible EXE Header
...
003c q Offset to PE Header (relative to file-start)
0040 ... DOS 2.0 Stub Program & Relocation Information
------------
PE HEADER
pointed to by file-offset 003c q
+[003c]q
label0: ; = imagebase 00400000
0000 q 00004550 "PE"0,0 SIGNATURE
0004 w 0000 Unknown CPU TYPE
014C 80386
014D 80486
014E PentiumTM
???? RYZEN 5/6..
0162 MIPS Mark I (R2000, R3000)
0163 MIPS Mark II (R6000)
0166 MIPS Mark III (R4000)
0006 w number of entries in Object-table
0008 q TIME/DATE STAMP (created/modified)
000c q reserved/ PointerToSymbolTable
0010 q reserved/ NumberOfSymbols
0014 w SizeOfOptionalHeader
0016 w FLAGS /Charcteristics
b0 Relocation info stripped from file.
b1 File is executable (i.e. no unresolved externel references).
b2 Line nunbers stripped from file.
b3 Local symbols stripped from file.
b4 Agressively trim working set
b5,6 ??
b7 Bytes of machine word are reversed.
b8 32 bit word machine.
b9 Debugging info stripped from file in .DBG file
b10 If Image is on removable media, copy and run from the swap file.
b11 If Image is on Net, copy and run from the swap file.
b12 System File.
b13 File is a DLL.
b14 File should only be run on a UP machine
b15 Bytes of machine word are reversed.
0018 w 010b MAGIC # ??
001a b Lmajor linker version
001b b Lminor
001c q SizeOfCode
0020 q SizeOfInitializedData
0024 q SizeOfUninitializedData
0028 q RVA-entry-point /winmain-ImageBase;AddressOfEntryPoint
002c q BaseOfCode
0030 q BaseOfData
0034 q IMAGE BASE
0038 q 1000 SectionAlignment
003c q 0200 FileAlignment
0040 w MajorOperatingSystemVersion
0042 w MinorOperatingSystemVersion
0044 w MajorImageVersion
0046 w MinorImageVersion
0048 w MajorSubsystemVersion
004a w MinorSubsystemVersion
004c q Win32VersionValue
0050 q SizeOfImage
0054 q SizeOfHeaders
0058 q 0 CheckSum
005c w 2 or 3 SUBSYSTEM
0: Unknown subsystem.
1: Image doesn't require a subsystem.
2: Image runs in the Windows GUI subsystem.
3: Image runs in the Windows character subsystem.
5: image runs in the OS/2 character subsystem.
7: image run in the Posix character subsystem.
8: image run in the 8 subsystem.
005e w DLL FLAGS /DllCharacteristics
Indicates special loader requirements.
b0 Per-Process Library Initialization
b1 Per-Process Library Termination
b2 Per-Thread Library Initialization
b3 Per-Thread Library Termination
b15..4 reserved for future use and should be set to zero.
0060 q STACK RESERVE SIZE SizeOfStackReserve
0064 q STACK COMMIT SIZE SizeOfStackCommit
0068 q HEAP RESERVE SIZE SizeOfHeapReserve
006c q HEAP COMMIT SIZE SizeOfHeapCommit
0070 q reserved /NumberOfRvaAndSize (entries in the data dir)
<Image Data Directory>:
0074 q EXPORT TABLE RVA /Export Directory
0078 q TOTAL EXPORT DATA SIZE
007c q IMPORT TABLE RVA /Import Directory
0080 q TOTAL IMPORT DATA SIZE
0084 q RESOURCE TABLE RVA /Resource Directory
0088 q TOTAL RESOURCE DATA SIZE
008c q EXCEPTION TABLE RVA /Exception Directory
0090 q TOTAL EXCEPTION DATA SIZE
0094 q SECURITY TABLE RVA /Security Directory
0098 q TOTAL SECURITY DATA SIZE
009c q FIXUP TABLE RVA /Base Relocation Table
00a0 q TOTAL FIXUP DATA SIZE
00a4 q DEBUG TABLE RVA /Debug Directory
00a8 q TOTAL DEBUG DIRECTORIES
00ac q IMAGE DESCRIPTION RVA /Description String
00b0 q TOTAL DESCRIPTION SIZE
00b4 q MACHINE SPECIFIC RVA /Machine Value (MIPS GP)
00b8 q MACHINE SPECIFIC SIZE
00bc q THREAD LOCAL STORAGE (TLS)RVA /TLS Directory
00c4 q TOTAL TLS SIZE
00d0 q RVA/Load Configuration Directory
00d4 q SIZE
00d8 q RVA/Bound Import Directory in headers
00dc q SIZE
00e0 q RVA/Import Address Table "IAT"
00e4 q SIZE
00e8 q RVA/14
00ec q SIZE
00f0 q RVA/15
00f4 q SIZE
00f8 q RVA/16
00fc q SIZE
-----------------------
<Image Sections Header>
object table:
Each Object Table entry has this format (40 byte):
000 s OBJECT NAME (ascii8 Z-pad)
008 q VIRTUAL SIZE /(VSizeOf_text/VSizeOf_idat/VSizeOf_udat)
00c q RVA /VBaseOf_text
010 q PHYSICAL SIZE /FSizeOf_text ;raw data
014 q PHYSICAL OFFSET /FBaseOf_text ;raw data
018 q RESERVED /pointer to relocatins
01c q RESERVED /pointer to line numbers
020 w /number of relocations
022 w /number of line numbers
024 q OBJECT FLAGS /characteristics (E0000020/40/80)
b5 Code object
b6 Initialized data object
b7 Uninitialized data object
b26 Object must not be cached
b27 Object is not pageable
b28 Object is shared
b29 Executable object
b30 Readable object
b31 Writeable object
All other bits are reserved and should be set to zero.
----------------
FIRST steps:
create a MBR on either an USB-RAM-stick or an empty SSD.
manually set partition entries as GPT:
MBR:
0000 ... all zero
01BE xx xx xx EE yy yy yy 01 00 00 00 ss ss ss ss
x = start CHS usually 1
y = end CHS usually FFFFFF
0000_0001 start-LBA of GPT image (could be elsewhere also)
s = size of this GPT image (in sectors)
01CE ... all zero
01FE 55 AA
-----------------
GPT header format
0x00 Signature 45 46 49 20 50 41 52 54 ;"EFI PART"
0x08 Revision (for GPT version 1.0 (through at least UEFI version
2.3.1), the value is 00h 00h 01h 00h)
0x0C Header size (in bytes, usually 5Ch 00h 00h 00h)
0x10 CRC32 of header (offset +0 up to header size),
with this field zeroed during calculation
0x14 Reserved; must be zero
0x18 Current LBA (location of this header copy)
0x20 Backup LBA (location of the other header copy)
0x28 First usable LBA for partitions (primary table last LBA + 1)
0x30 Last usable LBA (secondary partition table first LBA - 1)
0x38 Disk GUID (also referred as UUID on UNIXes)
0x48 Starting LBA of array of partition entries (always 2 in primary)
0x50 Number of partition entries in array
0x54 Size of a single partition entry (usually 128)
0x58 CRC32 of partition array
0x5C Reserved; must be zeroes for the rest of the block
(420 bytes for a sector size of 512 bytes; but can be more with
larger sector sizes)
---------------------------
GUID partition entry format
0x00 Partition type GUID
0x10 Unique partition GUID
0x20 First LBA (little endian)
0x28 Last LBA (inclusive, usually odd)
0x30 Attribute flags (e.g. bit 60 denotes read-only)
0x38 72 bytes Partition name (36 UTF-16LE code units)
[128 bytes total]
The 64-bit partition table attributes are shared between 48-bit common
attributes for all partition types, and 16-bit type-specific attributes.
Partition attributes
Bit Content
0 System partition (disk partitioning utilities must preserve the
partition as is)
1 EFI firmware should ignore the content of the partition and not try to
read from it
2 Legacy BIOS bootable (equivalent to active flag (typically bit 7 set)
at offset +0h in partition entries of the MBR partition table)
3–47 Reserved for future use
48–63 Defined and used by the individual partition type
Microsoft defines the type-specific attributes for Basic data partition
according to a TechNet article as:
Basic data partition attributes
Bit Content
60 Read-only
62 Hidden
63 Do not automount (i.e., do not assign drive letter)
just for Info:
Partition type GUIDs
OS type Globally unique identifier (GUID)
(None) Unused 00 00 00 00-00 00 00 00 00 00 00 00-00 00 00 00
MBR 41 EE 4D 02-E7 33 D3 11 9D 69 00 08 C7 81 F3 9F
EFI 28 73 C1 2A-1F F8 D2 11 BA 4B 00 A0 C9 3E C9 3B
ROM-BIOS 48 61 68 21-49 64 6F 6E 74 4E 65 65 64 45 46 49
"Hah!IdontNeedEFI"
M$ Reserved 16 E3 C9 E3 5C 0B B8 4D 81 7D F9 2D F0 02 15 AE
data A2 A0 D0 EB E5 B9 33 44 87 C0 68 B6 B7 26 99 C7
Logical Disk Manager meta-data
AA C8 08 58 8F 7E E0 42 85 D2 E1 E9 04 34 CF B3
Logical Disk Manager data
A0 60 9B AF 31 14 62 4F BC 68 33 11 71 4A 69 AD
Windows Recovery Environment
A4 BB 94 DE D1 06 40 4D A1 6A BF D5 01 79 D6 AC
IBM File System (GPFS) partition
90 FC AF 37 7D EF 96 4E 91 C3 2D 7A E0 55 B1 74
Storage Spaces partition
8F AF 5C E7 80 F6 EE 4C AF A3 B0 01 E5 6E FC 2D
Intel Fast Flash
DE E2 BF D3-AF 3D DF 11 BA 40 E3 A5 56 D8 95 93
Sony boot 32 97 01 F4-6E 06 12 4E 82 73 34 6C 56 41 49 4F
[there are much more... see WIKI if you need any]
----------------
FAT32 formatting (try shortest possible)
------------
the PE-file:
-------------------------------------------------------
0000 w 5a4d "MZ" DOS 2.0 Compatible EXE Header
...
003c q Offset to PE Header (relative to file-start)
0040 ... DOS 2.0 Stub Program & Relocation Information
------------
PE HEADER
pointed to by file-offset 003c q
+[003c]q
label0: ; = imagebase 00400000
0000 q 00004550 "PE"0,0 SIGNATURE
0004 w 0000 Unknown CPU TYPE
014C 80386
014D 80486
014E PentiumTM
???? RYZEN 5/6..
0162 MIPS Mark I (R2000, R3000)
0163 MIPS Mark II (R6000)
0166 MIPS Mark III (R4000)
0006 w number of entries in Object-table
0008 q TIME/DATE STAMP (created/modified)
000c q reserved/ PointerToSymbolTable
0010 q reserved/ NumberOfSymbols
0014 w SizeOfOptionalHeader
0016 w FLAGS /Charcteristics
b0 Relocation info stripped from file.
b1 File is executable (i.e. no unresolved externel references).
b2 Line nunbers stripped from file.
b3 Local symbols stripped from file.
b4 Agressively trim working set
b5,6 ??
b7 Bytes of machine word are reversed.
b8 32 bit word machine.
b9 Debugging info stripped from file in .DBG file
b10 If Image is on removable media, copy and run from the swap file.
b11 If Image is on Net, copy and run from the swap file.
b12 System File.
b13 File is a DLL.
b14 File should only be run on a UP machine
b15 Bytes of machine word are reversed.
0018 w 010b MAGIC # ??
001a b Lmajor linker version
001b b Lminor
001c q SizeOfCode
0020 q SizeOfInitializedData
0024 q SizeOfUninitializedData
0028 q RVA-entry-point /winmain-ImageBase;AddressOfEntryPoint
002c q BaseOfCode
0030 q BaseOfData
0034 q IMAGE BASE
0038 q 1000 SectionAlignment
003c q 0200 FileAlignment
0040 w MajorOperatingSystemVersion
0042 w MinorOperatingSystemVersion
0044 w MajorImageVersion
0046 w MinorImageVersion
0048 w MajorSubsystemVersion
004a w MinorSubsystemVersion
004c q Win32VersionValue
0050 q SizeOfImage
0054 q SizeOfHeaders
0058 q 0 CheckSum
005c w 2 or 3 SUBSYSTEM
0: Unknown subsystem.
1: Image doesn't require a subsystem.
2: Image runs in the Windows GUI subsystem.
3: Image runs in the Windows character subsystem.
5: image runs in the OS/2 character subsystem.
7: image run in the Posix character subsystem.
8: image run in the 8 subsystem.
005e w DLL FLAGS /DllCharacteristics
Indicates special loader requirements.
b0 Per-Process Library Initialization
b1 Per-Process Library Termination
b2 Per-Thread Library Initialization
b3 Per-Thread Library Termination
b15..4 reserved for future use and should be set to zero.
0060 q STACK RESERVE SIZE SizeOfStackReserve
0064 q STACK COMMIT SIZE SizeOfStackCommit
0068 q HEAP RESERVE SIZE SizeOfHeapReserve
006c q HEAP COMMIT SIZE SizeOfHeapCommit
0070 q reserved /NumberOfRvaAndSize (entries in the data dir)
<Image Data Directory>:
0074 q EXPORT TABLE RVA /Export Directory
0078 q TOTAL EXPORT DATA SIZE
007c q IMPORT TABLE RVA /Import Directory
0080 q TOTAL IMPORT DATA SIZE
0084 q RESOURCE TABLE RVA /Resource Directory
0088 q TOTAL RESOURCE DATA SIZE
008c q EXCEPTION TABLE RVA /Exception Directory
0090 q TOTAL EXCEPTION DATA SIZE
0094 q SECURITY TABLE RVA /Security Directory
0098 q TOTAL SECURITY DATA SIZE
009c q FIXUP TABLE RVA /Base Relocation Table
00a0 q TOTAL FIXUP DATA SIZE
00a4 q DEBUG TABLE RVA /Debug Directory
00a8 q TOTAL DEBUG DIRECTORIES
00ac q IMAGE DESCRIPTION RVA /Description String
00b0 q TOTAL DESCRIPTION SIZE
00b4 q MACHINE SPECIFIC RVA /Machine Value (MIPS GP)
00b8 q MACHINE SPECIFIC SIZE
00bc q THREAD LOCAL STORAGE (TLS)RVA /TLS Directory
00c4 q TOTAL TLS SIZE
00d0 q RVA/Load Configuration Directory
00d4 q SIZE
00d8 q RVA/Bound Import Directory in headers
00dc q SIZE
00e0 q RVA/Import Address Table "IAT"
00e4 q SIZE
00e8 q RVA/14
00ec q SIZE
00f0 q RVA/15
00f4 q SIZE
00f8 q RVA/16
00fc q SIZE
-----------------------
<Image Sections Header>
object table:
Each Object Table entry has this format (40 byte):
000 s OBJECT NAME (ascii8 Z-pad)
008 q VIRTUAL SIZE /(VSizeOf_text/VSizeOf_idat/VSizeOf_udat)
00c q RVA /VBaseOf_text
010 q PHYSICAL SIZE /FSizeOf_text ;raw data
014 q PHYSICAL OFFSET /FBaseOf_text ;raw data
018 q RESERVED /pointer to relocatins
01c q RESERVED /pointer to line numbers
020 w /number of relocations
022 w /number of line numbers
024 q OBJECT FLAGS /characteristics (E0000020/40/80)
b5 Code object
b6 Initialized data object
b7 Uninitialized data object
b26 Object must not be cached
b27 Object is not pageable
b28 Object is shared
b29 Executable object
b30 Readable object
b31 Writeable object
All other bits are reserved and should be set to zero.
----------------
0 new messages