Image of Modern Operating Systems (3rd Edition)
Image of Android Wireless Application Development
Image of Operating System Concepts
Image of XSLT 2.0 and XPath 2.0 Programmer's Reference (Programmer to Programmer)

Using PCI.IDS Database to Show PCI Vendor and Device Information in UEFI Shell

The UEFI Shell has a built-in command called pci for enumerating PCI (Peripheral Component Interconnect) devices. Here is what is outputted for a Lenovo T450 using this command: fs1:> pci Seg Bus Dev Func — — — —- 00 00 00 00 ==> Bridge Device – Host/PCI bridge Vendor 8086 Device 1604 Prog Interface 0 00 00 02 00 ==> Display Controller – VGA/8514 controller Vendor 8086 Device 1616 Prog Interface 0 00 00 03 00 ==> Multimedia Device – Mixed mode device Vendor 8086 Device 160C Prog Interface 0 00 00 14 00 ==> Serial Bus Controllers – USB

Using the EFI_SHELL_PROTOCOL To Read a File

In this post, I provide the source code for a working UEFI shell application which displays the contents of an ASCII file using functionality provided by the EFI_SHELL_PROTOCOL protocol. The current version of the EFI_SHELL_PROTOCOL is 2.1 and here are the exposed protocol interfaces: typedef struct _EFI_SHELL_PROTOCOL { EFI_SHELL_EXECUTE Execute; EFI_SHELL_GET_ENV GetEnv; EFI_SHELL_SET_ENV SetEnv; EFI_SHELL_GET_ALIAS GetAlias; EFI_SHELL_SET_ALIAS SetAlias; EFI_SHELL_GET_HELP_TEXT GetHelpText; EFI_SHELL_GET_DEVICE_PATH_FROM_MAP GetDevicePathFromMap; EFI_SHELL_GET_MAP_FROM_DEVICE_PATH GetMapFromDevicePath; EFI_SHELL_GET_DEVICE_PATH_FROM_FILE_PATH GetDevicePathFromFilePath; EFI_SHELL_GET_FILE_PATH_FROM_DEVICE_PATH GetFilePathFromDevicePath; EFI_SHELL_SET_MAP SetMap; EFI_SHELL_GET_CUR_DIR GetCurDir; EFI_SHELL_SET_CUR_DIR SetCurDir; EFI_SHELL_OPEN_FILE_LIST OpenFileList; EFI_SHELL_FREE_FILE_LIST FreeFileList; EFI_SHELL_REMOVE_DUP_IN_FILE_LIST RemoveDupInFileList; EFI_SHELL_BATCH_IS_ACTIVE BatchIsActive; EFI_SHELL_IS_ROOT_SHELL IsRootShell; EFI_SHELL_ENABLE_PAGE_BREAK EnablePageBreak; EFI_SHELL_DISABLE_PAGE_BREAK DisablePageBreak; EFI_SHELL_GET_PAGE_BREAK GetPageBreak; EFI_SHELL_GET_DEVICE_NAME GetDeviceName; EFI_SHELL_GET_FILE_INFO GetFileInfo; EFI_SHELL_SET_FILE_INFO SetFileInfo; EFI_SHELL_OPEN_FILE_BY_NAME OpenFileByName; EFI_SHELL_CLOSE_FILE CloseFile;

UEFI Utility to Read TPM 2.0 PCRs

In a previous post, I discussed how to retrieve Platform Configuration Register (PCR) values from a discrete TPM (Trusted Platform Module) 1.2 chip (dTPM 1.2) and provided source code for a UEFI shell utility to display the digests from the first 16 PCRs. In this post, I discuss a number of key TPM 2.0 features and provide the source code for a UEFI shell utility to display the digests from the first 24 PCRs of a TPM 2.0 implementation. What is driving the move to TPM 2.0? Simple, TPM 1.2 ((ISO/IEC 11889) only supports one hash algorithm, i.e. SHA1, and

UEFI Utility to Read TPM 1.2 PCRs

A Trusted Platform Module (TPM) supports many security functions including a number of special registers called Platform Configuration Registers (PCRs) which can hold data in a shielded location in a manner that prevents tampering or spoofing. A PCR is a 20-byte register. which incidentally is the length of a SHA-1 (Secure Hash Algorithm) hash. Most modern TPMs have 24 or even more PCRs; older ones have 16 PCRs. The TPM 1.2 specification, developed by the Trusted Computing Group (TCG) only requires 16 PCRs. Typically PCRs are used to store measurements. Measurements can be of code, data structures, configuration, information, or

Examining Intel Microcode in Lenovo Firmware Updates

Recently, I decided to examine the contents of a Lenovo T450 firmware update before installing the firmware update and noticed that it included a number of Intel processor microcode updates. This blog post explores what information you can glean from these microcode updates and confirms the existence of an additional undocumented header in Intel microcode updates which was initially described by Chen and Ahn in their December 2014 paper Security Analysis of x86 Processor Microcode. Here is the contents of the latest firmware update (as of November 2016) for the Lenovo T450 laptop. It is a self extracting executable named