Universal-IFR-Extractor

Nikolaj Schlej has a gork of Universal-IFR-Extractor. IFR is the UEFI forms language.

https://github.com/LongSoft/Universal-IFR-Extractor/releases/tag/v0.2

https://github.com/tomrus88/Universal-IFR-Extractor

William Leara on using the UDK

William Leara of Dell has a new blog post, with a tutorial on writing a UEFI hello-world app using the UDK.

“Hello World” Quick-Start with UDK2015

The objective of this post is to explain how to get started with UEFI development by getting the UDK2015 development environment up and running, creating a Hello, World example program, and running it in the UEFI shell. Once you can get a simple application built and running in a UEFI Shell, you can begin extending it to greater and greater sophistication![…]

http://www.basicinputoutput.com/2017/06/hello-world-quick-start-with-udk2015.html

William reviews CrScreenshotDxe

William has done another tool review, this time of Nikolaj’s CrScreenshotDxe tool. He does must longer blog posts on tool reviews than me, so it is always nice to see another review from him. 🙂

[…] “Nikolaj did us all a great service by posting this utility on Github.  It was easy to integrate and worked flawlessly.” […]

http://www.basicinputoutput.com/2016/08/the-joy-of-crscreenshotdxe.html

https://github.com/LongSoft/CrScreenshotDxe

https://firmwaresecurity.com/2016/01/04/screenshot-taking-uefi-dxe-driver/

William Leara’s intro to FWTS

William Leara, a UEFI engineer at Dell, has a new blog post giving an introduction to FWTS, Canonical’s FirmWare Test Suite. It is a very complete introduction to FWTS, with many pointers to all of the relevant resources.

http://www.basicinputoutput.com/2016/03/introduction-to-firmware-test-suite-fwts.html

 

Nikolaj Schlej audits Intel Quark BSP

William Leara of Dell has a new blog post about Nikolaj Schlej’s new blog post analyzing Intel Quark’s BSP:

Another tip of the cap to Nikolaj Schlej, this time for an interesting article where he examined the Intel Quark Board Support Package (BSP) source code with the static source code analyzer PVS-Studio. The Intel Quark is an SoC used in embedded systems applications.  For example, it runs the Intel Galileo family of development boards.  Galileo is a small computer board comparable to the Arduino family of products, and is targeted to maker and educational customers. The BSP is a set of documentation and EDKII source code that allows a developer to build his own bootable firmware image for the Quark. Nikolaj discovered many serious problems, and I found it educational to read through them.  This is helpful so that you can discover the typical mistakes people make in UEFI development, and also so that you won’t make the same mistakes yourself! […]

http://www.basicinputoutput.com/2016/03/nikolaj-schlej-analyzing-intel-galileo.html
https://habrahabr.ru/post/258721/
http://www.viva64.com/en/b/0326/

William Leara reviews UEFI Tool

William Leara, a firmware engineer at Dell, has a new blog post on Nikolaj Schlej’s UEFI Tool. He shows how to use it, starting with using Intel’s Flash Programing Tool (FPT) to acquire a BIOS image. Lots of screenshots of the various menu UI components of this GUI tool.

“It is extremely useful for interrogating and manipulating the components of a UEFI BIOS image.  Download it and give it a test drive today!”

Full post:
http://www.basicinputoutput.com/2016/02/uefitool.html

interview with AMI founder, Subramonian Shankar

http://www.basicinputoutput.com/2016/01/must-see-tvs-shankar.html

As reported by William Leara, a BIOS engineer at Dell, the “This Week In Tech” (TWIT episode 226) podcast did an inteview with Mr. Subramonian Shankar, founder of AMI in November. Excerpting from William’s blog post:

The interview discusses everything from how Shankar started AMI, to what he’s up to today, with lots of colorful anecdotes along the way.  I especially appreciated all the old Michael Dell stories, among other great stories.  It turns out Dell Inc. and AMI were allies from their infancy and helped each other grow to be the large, successful companies they are today.  It was also interesting to hear about the new Android products AMI is working on, especially AMIDuOS—and it’s only $10!

https://twit.tv/shows/triangulation/episodes/226?autostart=false

EDK-II Build Data Viewer

William Leara has a new blog post on Intel’s EDK-II Build Data Viewer tool; it is a detailed post with multiple screenshots and images:

http://www.basicinputoutput.com/2015/12/the-edkii-build-data-viewer.html

Wow, I missed this tool from Intel when it first came out, so I’m very glad for this post! Note this source project is hosted on 01.org, not tianocore.org.

Unfortunately, it sounds like the tool may be difficult to use:

The EDKII Build Data Viewer is beautifully designed.  The documentation is top notch.  It provides a wealth of information in one place that would be time-consuming to discover independently.  Unfortunately I was not able to get it to run on the production BIOS source trees I have available to me, but hopefully you have better luck.”

If anyone gets it working, please leave a comment with a pointer to more info.

https://github.com/01org/edkiibuilddataviewer

Two UEFI Form tools, plus one UEFI C Module complexity tool

UEFI has a “Browser”, and the browser shows various “Forms”. The browser is what you see when you get the OEM/IBV BIOS boot menu. OEMs/OBVs can reskin the browser, to add value, so the user experience will vary by vendor. In addition to the OEM/IBV, IHVs and ISVs can also add forms to a system’s browser. Each .efi binary contains resource strings, which get compiled into UEFI’s form language. The raw strings are IFR, Internal Forms Representation. The resulting view for the end user is VFR, Visual Forms Representation.  The UEFI browser is dynamic, you can programatically add new menu options by running an app. If you add foo.efi to your system, when you run the BIOS boot menu you may now see a new entry for the foo device, service, or application. For example, if you plug in a new device, that IHV’s config code will likely be now be in the BIOS boot menu. This is much nicer than having to run a DOS config.exe command (if you even have the ability to boot DOS), or boot into the vendor’s OEM firmware update CD (if they provide one).

At design-time, the EDK-II contains tools to build forms from source code. See TianoCore.org’s EDK-II tools and sample parsing code (in C and Python). Also see Intel SSG’s training courseware and labs, they have UI examples.

http://tianocore.sourceforge.net/wiki/EDK_II_Specifications
http://tianocore.sourceforge.net/wiki/EDK_II_Tools_List
http://tianocore.sourceforge.net/wiki/HII
http://sourceforge.net/projects/edk2/files/Training/TrainingMaterial/

At run-time, existing ROM images or .efi images may have an IFR in the binary. If you don’t have the source code, how do you evaluate the UI included, besides running it?

1) One tool is the “Universal IFR Extractor”, by Donovan6000. This tool can extract the internal forms representation from both EFI and UEFI modules and convert it into a human readable format. It is a Windows-centric tool, being an old-school native GDI GUI appplication written in C++. It may work on *nix via WINE, I’ve not tried it yet.

https://github.com/donovan6000/Universal-IFR-Extractor

2) Another tool is “Language applications for UEFI BIOS”, by William Leara. This was his University of Texas thesis; he is now a BIOS engineer at Dell. Besides the thesis, there is a github project with source code. He created an ANTLR grammar for VFR and a tool that gives an HTML preview of what the form would look like.

3) He also created an ANTLR grammar for UEFI-based C source code, and performs complexity analysis application uses general-purpose and domain-specific measures to give a complexity score to UEFI BIOS modules. This second tool isn’t form-centric, but it is also interesting, perhaps more interesting to some security researchers; it’s a good foundation to create more sophisticated tools of this kind, too…

https://github.com/WilliamLeara/LangAppUEFIBIOS
http://catalog.lib.utexas.edu/record=b8952762~S29
http://repositories.lib.utexas.edu/handle/2152/26306
http://www.basicinputoutput.com/p/aboutme.html

Dell Firmware blog and Intel UEFI training

I just became aware of another firmware blog, by William Leara of Dell:

http://www.basicinputoutput.com/

If you’ve not seen it, it’s worth reading, if you care about UEFI.

In this article, he mentions some of Intel’s UEFI web-based training:

http://www.basicinputoutput.com/2015/05/the-best-movies-youve-probably-never.html

In addition to this Flash-based training, Intel SSG also has a 3-day class for Intel employees, which they upload the labs and presentation materials to the public. They maintain this courseware, new versions of the presentations/labs are occasionally updated. If you are a Windows/Visual Studio user, you’ll be right at home with the labs. If you are a Linux user, there is a small amount of content focused on Linux, otherwise you’ll have to ignore all the screenshots of Visual Studio users clicking and right clicking. In the future, I wish Intel SSG would add audio/video layers, in addition to presentation and labs. Download Lab-Material-FW.zip and the most recent Presentations<YYMMDD>.zip from:

http://sourceforge.net/projects/edk2/files/Training/TrainingMaterial/