Hi Juergen 1) If you are asking SMM profile feature, my comments below:
This SMRAM profile feature is only debug feature. Default is disable. See below: ## The mask is used to control memory profile behavior.<BR><BR> # BIT0 - Enable UEFI memory profile.<BR> # BIT1 - Enable SMRAM profile.<BR> # @Prompt Memory Profile Property. # @Expression 0x80000002 | (gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfilePropertyMask & 0xFC) == 0 gEfiMdeModulePkgTokenSpaceGuid.PcdMemoryProfilePropertyMask|0x0|UINT8|0x30001041 If you want to play with SmramProfile, you can use Quark or MinnowMax as example to enable this feature by yourself. If you want to check the SMRAM usage on a real platform, then you have to contact the BIOS vendor to let them give you a special debug version. 2) If you are asking how to dump SMRAM, my comments below: As Laszlo mentioned, it is a typical security violation. So BIOS should block such request. If you just want to do some POC work, you can use Quark or MinnowMax as example, to skip SMRR and SMRAM lock by updating the BIOS code. If you want to dump SMRAM from a production BIOS, I think it is NOT allowed. Thank you Yao Jiewen From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Laszlo Ersek Sent: Tuesday, May 31, 2016 11:28 PM To: Juergen Rall <r...@sybera.de> Cc: edk2-de...@ml01.01.org Subject: Re: [edk2] UEFI Reading SMRAM Area On 05/31/16 15:51, Juergen Rall wrote: > Hi, > > I want to readout the SMRAM of an existing UEFI-Bios. > Therefore I wrote a UEFI application If that worked, it would be a security vulnerability for your platform. SMRAM is (supposed to be) locked down before third party (= non-platform) code gets executed, including UEFI_DRIVER and UEFI_APPLICATION modules. You may be able to inject an SMI (the specs define controlled and valid ways for this, even for an OS), but then the platform's SMI handler (implemented in the firmware) will take over. If you can influence that handler to do your bidding (such as copy out various SMRAM areas to memory you can later access in your OS or UEFI_APPLICATION), that's a security vulnerability for your platform. > inherited by the EDK2 sample > MemoryProfileInfo: > > EFI_STATUS GetSmramProfileData(VOID) > { > EFI_STATUS Status; > UINTN CommSize; > UINT8* pCommBuffer; > > EFI_SMM_COMMUNICATE_HEADER* pCommHeader; > SMRAM_PROFILE_PARAMETER_GET_PROFILE_INFO* pCommGetProfileInfo; > SMRAM_PROFILE_PARAMETER_GET_PROFILE_DATA* pCommGetProfileData; > > EFI_SMM_COMMUNICATION_PROTOCOL* pSmmCommunicationProt; > > UINT64 ProfileSize; > PHYSICAL_ADDRESS ProfileBuffer; > > //Get SMM communication protocol > Status = gBS->LocateProtocol( > &gEfiSmmCommunicationProtocolGuid, > NULL, > (VOID**)&pSmmCommunicationProt); > > Print(L"LocateProtocol Status: %lx\n", Status); > if (EFI_SUCCESS == Status) > { > //Get buffer > CommSize = sizeof (EFI_GUID) + sizeof (UINTN) + > sizeof (SMRAM_PROFILE_PARAMETER_GET_PROFILE_DATA); > pCommBuffer = AllocateZeroPool(500); > if (pCommBuffer) > { > Print(L"AllocateZeroPool CommSize: %lx\n", CommSize); > > // Get Size > pCommHeader = (EFI_SMM_COMMUNICATE_HEADER*)&pCommBuffer[0]; > CopyMem (&pCommHeader->HeaderGuid, &gEdkiiMemoryProfileGuid, > sizeof (gEdkiiMemoryProfileGuid)); > pCommHeader->MessageLength = > sizeof(SMRAM_PROFILE_PARAMETER_GET_PROFILE_INFO); > > pCommGetProfileInfo = (SMRAM_PROFILE_PARAMETER_GET_PROFILE_INFO > *) &pCommBuffer[OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data)]; > pCommGetProfileInfo->Header.Command = > SMRAM_PROFILE_COMMAND_GET_PROFILE_INFO; > pCommGetProfileInfo->Header.DataLength = sizeof > (*pCommGetProfileInfo); > pCommGetProfileInfo->Header.ReturnStatus = (UINT64)-1; > pCommGetProfileInfo->ProfileSize = 0; > > CommSize = sizeof (EFI_GUID) + sizeof (UINTN) + > pCommHeader->MessageLength; > Status = pSmmCommunicationProt->Communicate( > pSmmCommunicationProt, > pCommBuffer, &CommSize); > > Print(L"pSmmCommunicationProt->Communicate Status:%lx\n", Status); > > > When I call pSmmCommunicationProt->communicate, I get the error 0x000000e, > which I suppose is due to the fact, that I use gEdkiiMemoryProfileGuid, > which isn't existent in the current UEFI Bios (2.40). The above may be a validly formatted and submitted SMM request, but your platform firmware likely doesn't support this specific type of request. > Now what should I do instead ? - Give up on the idea. - Or, well, contact your platform vendor to allow you access to their SMRAM contents... good luck with that! - Take some bus probing etc. hardware to your motherboard. Laszlo _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org> https://lists.01.org/mailman/listinfo/edk2-devel _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
