EFI switch Graphic Mode

UEFI switch between graphic/Text mode example. 

  EFI_CONSOLE_CONTROL_PROTOCOL  *ConsoleControl = NULL;

  Status = gBS->LocateProtocol (&gEfiConsoleControlProtocolGuid, NULL, (VOID**)&ConsoleControl);

  if (ConsoleControl != NULL)

  {

    ConsoleControl->SetMode(ConsoleControl, EfiConsoleControlScreenGraphics);

  }

Only below two modes can choose from.

  EfiConsoleControlScreenText,

  EfiConsoleControlScreenGraphics

Learn one thing. Even switch to graphic mode, you can still use EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL or even Print.

How to include and make use of .uni files to your EDKII/UDK applications.

Well. Today i need to build up a helper to my efi application. I check for the sample in network package. I found one way. Steps as below.

1.  put all your helper text into a uni file. for example: myhelp.uni
2. add myhelp.uni to [Sources]. This will trigger the HII compiler to autogen related HII data structure.
3. Initialize your HII handle with HiiAddPackages                                                                mHiiHandle = HiiAddPackages (&gEfiCallerIdGuid, ImageHandle, BASE_NAMEStrings, NULL);                                                                                         IMPORTANT! the third parameter should be your BASE_NAME in your inf file with "Strings" appended. This is due to autogen will use this fixed variable name.
4. You can use ShellPrintHiiEx function to display Messages.                                           ShellPrintHiiEx (-1, -1, NULL, STRING_TOKEN (STR_PING6_INVALID_INPUT), mHiiHandle);

While Secure Boot Active run Shell Application

As you know, secure boot is one of the crucial features that MS Win8 emphasize on. To protect the entire system since the boot time. Albeit secure boot feature is not explicitly exclude tradition CSM, but current IBV implementation put secure boot under CSMless mode. This will lead to user can not boot from USB dongle into DOS to access traditional tools like IRU or flash rom. Instead, UEFI shell kick in. But there's some tricky steps to enable boot to UEFI shell when secure boot enable.

• You need to generate a certificate. To achieve this, you need to install latest Windows Kit. Under it's install directory find an executable file named "makecert.exe" depend on your working computer's X86 or X64. execute following command.

makecert -n "CN=PkRoot" -r -sv PkRoot.pvk PkRoot.cer
You can replace "PkRoot" whatever name you like. This will generate a private key and a certificate. Remember the password you type.

• Then proceed to generate Kek key and certificate using the platform key you just generated.

makecert -n "CN= KekRoot " -iv PkRoot.pvk -ic PkRoot.cer -sv KekRoot.pvk KekRoot.cer
Also memorize Kek key password. It will be used to sign efi applications.

• Transform kek private key to pfx format (PKCS#12)

pvk2pfx.exe –pvk KekRoot.pvk –pi xxx –spc KekRoot.cer –pfx KekRoot.pfx –f
xxx is the password for kek private key.

• Now you can use KekRoot.cer and KekRoot.pfx to sign whatever efi application or driver you want to execute on your platform. Command as below.

SignTool.exe sign /ac KekRoot.cer /f KekRoot.pfx /p xxx /fd sha256 MyDriver.efi
xxx still be password of Kekroot.pvk

But there's one VERY critical step left.

• You need to include the KekRoot.cer to your BIOS image and put it in ALLOW certificate. Different IBV should probably have different ways to include ALLOW certificate. You should check with your IBV for detail.

Ok. Now you can run your shell applications in your USB CFD. Remember that the first application you should sign is your bootIA32.efi/bootX64.efi! Enjoy!

Blt function in GOP driver

Blt function is one of the three functions defined in UEFI GOP driver spec. And it is the only function that actually perform the draw operations. It has 4 operation modes.

1. EfiBltVideoFill: Fill the rectangle of (DestinationX,DestinationY) to (DestinationX+Width,DestinationY+Height) wih BltBuffer pixel (0,0), only 1 pixel in BltBuffer is used.
2. EfiBltVideoToBltBuffer: Read data from Video Buffer to BltBuffer (delta is used here)
3. EfiBltBufferToVideo: Write data from BltBuffer to Video Buffer
4. EfiBltVideoToVideo: Copy data from a rectangle in the VideoBuffer to another position in the VideoBuffer (BltBuffer and delta not used) 

One thing need to pay attention: Before doing memory operation, should raise TPL to avoid interrupted by timer event)

EFI GOP Driver

GOP (Graphic Output Protocol) driver 是 EFI架構下取代傳統VBIOS 黑箱的 EFI Driver, 另外for embedded system bootloader 上的graphic driver叫EPOG(embedded Pre-OS Graphic).

GOP Driver 的共有GUID

#define EFI_GRAPHICS_OUTPUT_PROTOCOL_GUID \
  {0x9042a9de,0x23dc,0x4a38, \
  0x96,0xfb,0x7a,0xde,0xd0,0x80,0x51,0x6a}

Protocol 主要包含3個function 及 1個data structure

typedef struct EFI_GRAPHICS_OUTPUT_PROTCOL {
  EFI_GRAPHICS_OUTPUT_PROTOCOL_QUERY_MODE QueryMode;
  EFI_GRAPHICS_OUTPUT_PROTOCOL_SET_MODE   SetMode;
  EFI_GRAPHICS_OUTPUT_PROTOCOL_BLT        Blt;
  EFI_GRAPHICS_OUTPUT_PROTOCOL_MODE       *Mode;
} EFI_GRAPHICS_OUTPUT_PROTOCOL;

1. QueryMode: Returns information for an available graphics mode that the graphics device and the set of active video output devices supports.(是詢問graphic controller 和 系統所有接上的顯示器所支援的顯示模式)
2. SetMode:Set the video device into the specified mode and clears the visible portions of the output display to black. 則是設定顯示裝置一個特定的顯示模式
3. Blt:Software abstraction to draw on the video device’s frame buffer.則是直接透過寫入framebuffer  畫矩形圖片

取材UEFI spec 2.3 chap. 11.9 

PCD 類型介紹

主要分為五種類型

1. FIX_AT_BUILD : 類似C 裡面的const
2. PATCHABLE_IN_MODULE: 類似EFI裡的variable, 存在flash 裡, 可以用工具程式修改PatchPcdValue.exe GenPatchPcdTable.exe
3. DYNAMIC: 類似C裡面的變數, 執行期間可修改, 但是關機會消失
4. DYNAMIC_EX:和DYNAMIC一樣,只是要多傳一個參數 TokenSpaceGuid
5. FEATURE:用於platform building時用於替代!ifdef !endif 

原文網址

EDK2 image generate stages

Step 1: Process Meta-Files  start from Module Top-level dsc file. Then .fdf files then list of inf files to generate multiple level of makefile
Step 2: Start Compiling with nmake/gunmake recursively to generate COFF/PE32 files then execute GenFW to convert to EFI image files
Step 3. If top-level .dsc file contain define of
            FLASH_DEFINITION = XXXX.fdf
            then will invoke gendfs to generate final image file. If no such definition, step 3 will not go. (For those only hope to generate EFI application or driver, can use -m parameter to specify a XXX.inf which should already be listed in top-level dsc file to only compile that specific module)

UEFI Shell 指令

有部落客整理
貼一下link在慢慢看

EFI 開機碟製作 (UFD)

format UFD to FAT
put shell.efi you build or get from UDK to
\efi\boot\

rename to:
ia32 arch==>bootia32.efi
x64 arch===>bootx64.efi

----------------------------------
another note for edk build command parameter
-a IA32/X64/IPF
-t VS2008/VS2008x86 etc
-b RELEASE/DEBUG
-p platform descriptor file  etc Nt32Pkg\Nt32Pkg.dsc
-m module  build a specific module in platform descriptor
-n CPU thread number (can speed up build time!)
-j logfile.txt specify the logfile
Build tools default use /conf/tools.def.txt to define used tools.
default tools chain is MYTOOLS which direct to VS2008 which you should manually modify if you are using another tools.
If you are going to build Nt32pkg, since this is a simulator on win32 environment. It will link to some window library. Therefore you should setup building environment to a specific by passing a "--nt32" parameter when running DOS batch file edksetup.bat.

MBR and GPT

MBR (Master Boot Record) 舊式 Legacy 時代的啟動磁區
共512 byte
前446 byte 是bootloader code
接著 64byte 紀錄4個 partition table 各 16 byte
最後兩個byte是 0x55AA
單一partition最大2TB

GPT(GUID partition table)
EFI 規格的一部分, 只有EFI BIOS才有支援
GPT  table 以LBA(logical block)為單位 1 LBA = 512 BYTE
LBA 0 是 protective MBR
In the GPT specification, the location corresponding to the MBR in MBR-based disks is structured in a way that prevents MBR-based disk utilities from mis-recognizing, and possibly over-writing, GPT disks. This is referred to as a "protective MBR"  In operating systems that support GPT-based boot, it is also used to store the first stage of the bootloader code. A single partition type of 0xEE, encompassing the entire GPT drive, is indicated and identifies it as GPT. 
LBA 1 Partition Table Header

The partition table header defines the usable blocks on the disk. It also defines the number and size of the partition entries that make up the partition table. On 64-bit Windows Server 2003 machines, 128 partitions can be created. There are 128 partition entries reserved, each 128 bytes long. (The EFI specification requires that a minimum of 16,384 bytes be reserved for the partition table, so this gives space for 128 partition entries.)

The header contains the disk GUID (Globally Unique Identifier). It records its own size and location (always LBA 1) and the size and location of the secondary GPT header and table (always the last sectors on the disk). Importantly, it also contains a CRC32 checksum for itself and for the partition table, which may be verified by the firmware, bootloader and/or operating system on boot. Because of this, hex editors should not be used to modify the contents of the GPT. Such modification would render the checksum invalid. In this case, the primary GPT may be overwritten with the secondary one by disk recovery software. If both GPTs contain invalid checksums, the disk would be unusable.

LBA 2~33
128BYTES per partition 
LBA = 4 Partition 
total 4X32=128 partitions
Each partition cap to 8 ZB

Some Useful EFI blogs

• http://feishare.com/ , a Good UEFI/BIOS resource website
• http://uefi.blogspot.com , Harnessing The UEFI Shell,  Auther: Tim Lewis’Blog
• http://www.uefi.org , UEFI Forum official website
• http://wiki.phoenix.com, Phoenix SCT 2 Wiki
• http://blogs.phoenix.com/, Phoenix Developer Blogs
• http://www.biosren.com/ , Chinese online forum,
• http://www.ufoit.com/, Chinese online forum, Legacy BIOS/Spec.