1# 2# Copyright (c) 2011-2013, ARM Limited. All rights reserved. 3# 4# This program and the accompanying materials 5# are licensed and made available under the terms and conditions of the BSD License 6# which accompanies this distribution. The full text of the license may be found at 7# http://opensource.org/licenses/bsd-license.php 8# 9# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, 10# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. 11# 12 13from arm_ds.debugger_v1 import DebugException 14 15import struct 16import string 17 18import edk2_debugger 19 20class EfiFileSection(object): 21 EFI_SECTION_PE32 = 0x10 22 EFI_SECTION_PIC = 0x11 23 EFI_SECTION_TE = 0x12 24 25 EFI_IMAGE_DEBUG_TYPE_CODEVIEW = 0x2 26 27 SIZEOF_EFI_FFS_FILE_HEADER = 0x28 28 29 def __init__(self, ec, base): 30 self.base = base 31 self.ec = ec 32 33 def __str__(self): 34 return "FileSection(type:0x%X, size:0x%x)" % (self.get_type(), self.get_size()) 35 36 def get_base(self): 37 return self.base 38 39 def get_type(self): 40 return struct.unpack("B", self.ec.getMemoryService().read(self.base + 0x3, 1, 8))[0] 41 42 def get_size(self): 43 return (struct.unpack("<I", self.ec.getMemoryService().read(self.base, 4, 32))[0] & 0x00ffffff) 44 45 def get_debug_filepath(self): 46 type = self.get_type() 47 if type == EfiFileSection.EFI_SECTION_TE: 48 section = EfiSectionTE(self, ec, self.base + 0x4) 49 elif type == EfiFileSection.EFI_SECTION_PE32: 50 section = EfiSectionPE32(self, ec, self.base + 0x4) 51 else: 52 raise Exception("EfiFileSection", "No debug section") 53 return section.get_debug_filepath() 54 55class EfiSectionTE: 56 SIZEOF_EFI_TE_IMAGE_HEADER = 0x28 57 EFI_TE_IMAGE_SIGNATURE = ('V','Z') 58 59 def __init__(self, ec, base_te): 60 self.ec = ec 61 self.base_te = int(base_te) 62 te_sig = struct.unpack("cc", self.ec.getMemoryService().read(self.base_te, 2, 32)) 63 if te_sig != EfiSectionTE.EFI_TE_IMAGE_SIGNATURE: 64 raise Exception("EfiFileSectionTE","TE Signature incorrect") 65 66 def get_debug_filepath(self): 67 stripped_size = struct.unpack("<H", self.ec.getMemoryService().read(self.base_te + 0x6, 2, 32))[0] 68 stripped_size -= EfiSectionTE.SIZEOF_EFI_TE_IMAGE_HEADER 69 70 debug_dir_entry_rva = self.ec.getMemoryService().readMemory32(self.base_te + 0x20) 71 if debug_dir_entry_rva == 0: 72 raise Exception("EfiFileSectionTE","No debug directory for image") 73 debug_dir_entry_rva -= stripped_size 74 75 debug_type = self.ec.getMemoryService().readMemory32(self.base_te + debug_dir_entry_rva + 0xC) 76 if (debug_type != 0xdf) and (debug_type != EfiFileSection.EFI_IMAGE_DEBUG_TYPE_CODEVIEW): 77 raise Exception("EfiFileSectionTE","Debug type is not dwarf") 78 79 debug_rva = self.ec.getMemoryService().readMemory32(self.base_te + debug_dir_entry_rva + 0x14) 80 debug_rva -= stripped_size 81 82 dwarf_sig = struct.unpack("cccc", self.ec.getMemoryService().read(self.base_te + debug_rva, 4, 32)) 83 if (dwarf_sig != 0x66727764) and (dwarf_sig != FirmwareFile.CONST_NB10_SIGNATURE): 84 raise Exception("EfiFileSectionTE","Dwarf debug signature not found") 85 86 if dwarf_sig == 0x66727764: 87 filename = self.base_te + debug_rva + 0xc 88 else: 89 filename = self.base_te + debug_rva + 0x10 90 filename = struct.unpack("200s", self.ec.getMemoryService().read(filename, 200, 32))[0] 91 return filename[0:string.find(filename,'\0')] 92 93 def get_debug_elfbase(self): 94 stripped_size = struct.unpack("<H", self.ec.getMemoryService().read(self.base_te + 0x6, 2, 32))[0] 95 stripped_size -= EfiSectionTE.SIZEOF_EFI_TE_IMAGE_HEADER 96 97 base_of_code = self.ec.getMemoryService().readMemory32(self.base_te + 0xC) 98 99 return self.base_te + base_of_code - stripped_size 100 101class EfiSectionPE32: 102 def __init__(self, ec, base_pe32): 103 self.ec = ec 104 self.base_pe32 = base_pe32 105 106 def get_debug_filepath(self): 107 # Offset from dos hdr to PE file hdr 108 file_header_offset = self.ec.getMemoryService().readMemory32(self.base_pe32 + 0x3C) 109 110 # Offset to debug dir in PE hdrs 111 debug_dir_entry_rva = self.ec.getMemoryService().readMemory32(self.base_pe32 + file_header_offset + 0xA8) 112 if debug_dir_entry_rva == 0: 113 raise Exception("EfiFileSectionPE32","No Debug Directory") 114 115 debug_type = self.ec.getMemoryService().readMemory32(self.base_pe32 + debug_dir_entry_rva + 0xC) 116 if (debug_type != 0xdf) and (debug_type != EfiFileSection.EFI_IMAGE_DEBUG_TYPE_CODEVIEW): 117 raise Exception("EfiFileSectionPE32","Debug type is not dwarf") 118 119 120 debug_rva = self.ec.getMemoryService().readMemory32(self.base_pe32 + debug_dir_entry_rva + 0x14) 121 122 dwarf_sig = struct.unpack("cccc", self.ec.getMemoryService().read(str(self.base_pe32 + debug_rva), 4, 32)) 123 if (dwarf_sig != 0x66727764) and (dwarf_sig != FirmwareFile.CONST_NB10_SIGNATURE): 124 raise Exception("EfiFileSectionPE32","Dwarf debug signature not found") 125 126 if dwarf_sig == 0x66727764: 127 filename = self.base_pe32 + debug_rva + 0xc 128 else: 129 filename = self.base_pe32 + debug_rva + 0x10 130 filename = struct.unpack("200s", self.ec.getMemoryService().read(str(filename), 200, 32))[0] 131 return filename[0:string.find(filename,'\0')] 132 133 def get_debug_elfbase(self): 134 # Offset from dos hdr to PE file hdr 135 pe_file_header = self.base_pe32 + self.ec.getMemoryService().readMemory32(self.base_pe32 + 0x3C) 136 137 base_of_code = self.base_pe32 + self.ec.getMemoryService().readMemory32(pe_file_header + 0x28) 138 base_of_data = self.base_pe32 + self.ec.getMemoryService().readMemory32(pe_file_header + 0x2C) 139 140 if (base_of_code < base_of_data) and (base_of_code != 0): 141 return base_of_code 142 else: 143 return base_of_data 144 145class EfiSectionPE64: 146 def __init__(self, ec, base_pe64): 147 self.ec = ec 148 self.base_pe64 = base_pe64 149 150 def get_debug_filepath(self): 151 # Offset from dos hdr to PE file hdr (EFI_IMAGE_NT_HEADERS64) 152 #file_header_offset = self.ec.getMemoryService().readMemory32(self.base_pe64 + 0x3C) 153 file_header_offset = 0x0 154 155 # Offset to debug dir in PE hdrs 156 debug_dir_entry_rva = self.ec.getMemoryService().readMemory32(self.base_pe64 + file_header_offset + 0x138) 157 if debug_dir_entry_rva == 0: 158 raise Exception("EfiFileSectionPE64","No Debug Directory") 159 160 debug_type = self.ec.getMemoryService().readMemory32(self.base_pe64 + debug_dir_entry_rva + 0xC) 161 if (debug_type != 0xdf) and (debug_type != EfiFileSection.EFI_IMAGE_DEBUG_TYPE_CODEVIEW): 162 raise Exception("EfiFileSectionPE64","Debug type is not dwarf") 163 164 165 debug_rva = self.ec.getMemoryService().readMemory32(self.base_pe64 + debug_dir_entry_rva + 0x14) 166 167 dwarf_sig = struct.unpack("cccc", self.ec.getMemoryService().read(str(self.base_pe64 + debug_rva), 4, 32)) 168 if (dwarf_sig != 0x66727764) and (dwarf_sig != FirmwareFile.CONST_NB10_SIGNATURE): 169 raise Exception("EfiFileSectionPE64","Dwarf debug signature not found") 170 171 if dwarf_sig == 0x66727764: 172 filename = self.base_pe64 + debug_rva + 0xc 173 else: 174 filename = self.base_pe64 + debug_rva + 0x10 175 filename = struct.unpack("200s", self.ec.getMemoryService().read(str(filename), 200, 32))[0] 176 return filename[0:string.find(filename,'\0')] 177 178 def get_debug_elfbase(self): 179 # Offset from dos hdr to PE file hdr 180 pe_file_header = self.base_pe64 + self.ec.getMemoryService().readMemory32(self.base_pe64 + 0x3C) 181 182 base_of_code = self.base_pe64 + self.ec.getMemoryService().readMemory32(pe_file_header + 0x28) 183 base_of_data = self.base_pe64 + self.ec.getMemoryService().readMemory32(pe_file_header + 0x2C) 184 185 if (base_of_code < base_of_data) and (base_of_code != 0): 186 return base_of_code 187 else: 188 return base_of_data 189 190class FirmwareFile: 191 EFI_FV_FILETYPE_RAW = 0x01 192 EFI_FV_FILETYPE_FREEFORM = 0x02 193 EFI_FV_FILETYPE_SECURITY_CORE = 0x03 194 EFI_FV_FILETYPE_PEI_CORE = 0x04 195 EFI_FV_FILETYPE_DXE_CORE = 0x05 196 EFI_FV_FILETYPE_PEIM = 0x06 197 EFI_FV_FILETYPE_DRIVER = 0x07 198 EFI_FV_FILETYPE_COMBINED_PEIM_DRIVER = 0x08 199 EFI_FV_FILETYPE_APPLICATION = 0x09 200 EFI_FV_FILETYPE_FIRMWARE_VOLUME_IMAGE = 0x0B 201 EFI_FV_FILETYPE_FFS_MIN = 0xF0 202 203 CONST_NB10_SIGNATURE = ('N','B','1','0') 204 205 def __init__(self, fv, base, ec): 206 self.fv = fv 207 self.base = base 208 self.ec = ec 209 210 def __str__(self): 211 return "FFS(state:0x%x, type:0x%X, size:0x%x)" % (self.get_state(), self.get_type(), self.get_size()) 212 213 def get_base(self): 214 return self.base 215 216 def get_size(self): 217 size = (self.ec.getMemoryService().readMemory32(self.base + 0x14) & 0x00ffffff) 218 219 # Occupied size is the size considering the alignment 220 return size + ((0x8 - (size & 0x7)) & 0x7) 221 222 def get_type(self): 223 return self.ec.getMemoryService().readMemory8(self.base + 0x12) 224 225 def get_state(self): 226 state = self.ec.getMemoryService().readMemory8(self.base + 0x17) 227 228 polarity = self.fv.get_polarity() 229 if polarity: 230 state = ~state 231 232 highest_bit = 0x80; 233 while (highest_bit != 0) and ((highest_bit & state) == 0): 234 highest_bit >>= 1 235 236 return highest_bit 237 238 def get_next_section(self, section=None): 239 if section == None: 240 if self.get_type() != FirmwareFile.EFI_FV_FILETYPE_FFS_MIN: 241 section_base = self.get_base() + 0x18; 242 else: 243 return None 244 else: 245 section_base = int(section.get_base() + section.get_size()) 246 247 # Align to next 4 byte boundary 248 if (section_base & 0x3) != 0: 249 section_base = section_base + 0x4 - (section_base & 0x3) 250 251 if section_base < self.get_base() + self.get_size(): 252 return EfiFileSection(self.ec, section_base) 253 else: 254 return None 255 256class FirmwareVolume: 257 CONST_FV_SIGNATURE = ('_','F','V','H') 258 EFI_FVB2_ERASE_POLARITY = 0x800 259 260 DebugInfos = [] 261 262 def __init__(self, ec, fv_base, fv_size): 263 self.ec = ec 264 self.fv_base = fv_base 265 self.fv_size = fv_size 266 267 try: 268 signature = struct.unpack("cccc", self.ec.getMemoryService().read(fv_base + 0x28, 4, 32)) 269 except DebugException: 270 raise Exception("FirmwareVolume", "Not possible to access the defined firmware volume at [0x%X,0x%X]. Could be the used build report does not correspond to your current debugging context." % (int(fv_base),int(fv_base+fv_size))) 271 if signature != FirmwareVolume.CONST_FV_SIGNATURE: 272 raise Exception("FirmwareVolume", "This is not a valid firmware volume") 273 274 def get_size(self): 275 return self.ec.getMemoryService().readMemory32(self.fv_base + 0x20) 276 277 def get_attributes(self): 278 return self.ec.getMemoryService().readMemory32(self.fv_base + 0x2C) 279 280 def get_polarity(self): 281 attributes = self.get_attributes() 282 if attributes & FirmwareVolume.EFI_FVB2_ERASE_POLARITY: 283 return 1 284 else: 285 return 0 286 287 def get_next_ffs(self, ffs=None): 288 if ffs == None: 289 # Get the offset of the first FFS file from the FV header 290 ffs_base = self.fv_base + self.ec.getMemoryService().readMemory16(self.fv_base + 0x30) 291 else: 292 # Goto the next FFS file 293 ffs_base = int(ffs.get_base() + ffs.get_size()) 294 295 # Align to next 8 byte boundary 296 if (ffs_base & 0x7) != 0: 297 ffs_base = ffs_base + 0x8 - (ffs_base & 0x7) 298 299 if ffs_base < self.fv_base + self.get_size(): 300 return FirmwareFile(self, ffs_base, self.ec) 301 else: 302 return None 303 304 def get_debug_info(self): 305 self.DebugInfos = [] 306 307 ffs = self.get_next_ffs() 308 while ffs != None: 309 section = ffs.get_next_section() 310 while section != None: 311 type = section.get_type() 312 if (type == EfiFileSection.EFI_SECTION_TE) or (type == EfiFileSection.EFI_SECTION_PE32): 313 self.DebugInfos.append((section.get_base(), section.get_size(), section.get_type())) 314 section = ffs.get_next_section(section) 315 ffs = self.get_next_ffs(ffs) 316 317 def load_symbols_at(self, addr, verbose = False): 318 if self.DebugInfos == []: 319 self.get_debug_info() 320 321 for debug_info in self.DebugInfos: 322 if (addr >= debug_info[0]) and (addr < debug_info[0] + debug_info[1]): 323 if debug_info[2] == EfiFileSection.EFI_SECTION_TE: 324 section = EfiSectionTE(self.ec, debug_info[0] + 0x4) 325 elif debug_info[2] == EfiFileSection.EFI_SECTION_PE32: 326 section = EfiSectionPE32(self.ec, debug_info[0] + 0x4) 327 else: 328 raise Exception('FirmwareVolume','Section Type not supported') 329 330 try: 331 edk2_debugger.load_symbol_from_file(self.ec, section.get_debug_filepath(), section.get_debug_elfbase(), verbose) 332 except Exception, (ErrorClass, ErrorMessage): 333 if verbose: 334 print "Error while loading a symbol file (%s: %s)" % (ErrorClass, ErrorMessage) 335 336 return debug_info 337 338 def load_all_symbols(self, verbose = False): 339 if self.DebugInfos == []: 340 self.get_debug_info() 341 342 for debug_info in self.DebugInfos: 343 if debug_info[2] == EfiFileSection.EFI_SECTION_TE: 344 section = EfiSectionTE(self.ec, debug_info[0] + 0x4) 345 elif debug_info[2] == EfiFileSection.EFI_SECTION_PE32: 346 section = EfiSectionPE32(self.ec, debug_info[0] + 0x4) 347 else: 348 continue 349 350 try: 351 edk2_debugger.load_symbol_from_file(self.ec, section.get_debug_filepath(), section.get_debug_elfbase(), verbose) 352 except Exception, (ErrorClass, ErrorMessage): 353 if verbose: 354 print "Error while loading a symbol file (%s: %s)" % (ErrorClass, ErrorMessage) 355 356