From 1d53af842ddbf4ce3dd28f11c74f5d6e997a773e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Andrius=20=C5=A0tikonas?= Date: Tue, 9 Aug 2022 20:04:52 +0100 Subject: [PATCH] Add hex1.hex0. --- amd64/Development/hex0.M1 | 14 +- amd64/Development/hex0.hex2 | 10 +- amd64/Development/hex1.M1 | 66 +++- amd64/Development/hex1.S | 13 +- amd64/Development/hex1.hex2 | 49 ++- amd64/Development/kaem-minimal.M1 | 24 +- amd64/Development/kaem-minimal.hex2 | 20 +- amd64/hex0.hex0 | 12 +- amd64/hex1.hex0 | 529 ++++++++++++++++++++++++++++ amd64/kaem-minimal.hex0 | 20 +- amd64/mescc-tools-mini-kaem.kaem | 5 + 11 files changed, 672 insertions(+), 90 deletions(-) create mode 100644 amd64/hex1.hex0 diff --git a/amd64/Development/hex0.M1 b/amd64/Development/hex0.M1 index 5caff18..76a810e 100644 --- a/amd64/Development/hex0.M1 +++ b/amd64/Development/hex0.M1 @@ -42,7 +42,7 @@ DEFINE COPY_R12_to_R8 4D89E0 DEFINE COPY_R13_to_RCX 4C89E9 DEFINE COPY_R13_to_R8 4D89E8 DEFINE COPY_R14_to_RCX 4C89F1 -DEFINE COPY_R15_to_RCX 4989CF +DEFINE COPY_RCX_to_R15 4989CF DEFINE COPY_R15_to_R9 4D89F9 DEFINE DEC_EBX FFCB DEFINE JE8 74 @@ -59,7 +59,7 @@ DEFINE LOAD64_into_R13_from_Address_RSP_Immediate8 4C8B6C24 DEFINE LOAD64_into_R14_from_Address_RDX_Immediate8 4C8B72 DEFINE LOAD64_into_R14_from_Address_R14_Immediate32 4D8BB6 DEFINE LOAD8_AL_from_Address_RBX 8A03 -DEFINE LOADI64_rel_RDX 488B15 +DEFINE LOAD64_rel_RDX 488B15 DEFINE POP_RAX 58 DEFINE POP_RBX 5B DEFINE POP_RSI 5E @@ -85,16 +85,16 @@ DEFINE TEST_ESI_ESI 85F6 # efi_main(void *image_handle, struct efi_system_table *system) :_start COPY_RSP_to_RBP # save stack pointer - COPY_R15_to_RCX # save image_handle + COPY_RCX_to_R15 # save image_handle LOAD64_into_R14_from_Address_RDX_Immediate8 !96 # system->boot LOAD64_into_R14_from_Address_R14_Immediate32 %280 # system->boot->open_protocol # Open Loaded Image protocol PUSH_RAX # allocate stack for image COPY_RSP_to_R8 # arg3 = &image - LOADI64_rel_RDX %LOADED_IMAGE_PROTOCOL_8 # EFI_LOADED_IMAGE_PROTOCOL_GUID (last 64 bits) + LOAD64_rel_RDX %LOADED_IMAGE_PROTOCOL_8 # EFI_LOADED_IMAGE_PROTOCOL_GUID (last 64 bits) PUSH_RDX # push last 64 bits onto stack - LOADI64_rel_RDX %LOADED_IMAGE_PROTOCOL # EFI_LOADED_IMAGE_PROTOCOL_GUID (first 64 bits) + LOAD64_rel_RDX %LOADED_IMAGE_PROTOCOL # EFI_LOADED_IMAGE_PROTOCOL_GUID (first 64 bits) PUSH_RDX # push first 64 bits onto stack COPY_RSP_to_RDX # arg2 = &guid PUSH !1 # arg6 = EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL @@ -131,9 +131,9 @@ DEFINE TEST_ESI_ESI 85F6 # Get root file system PUSH_RAX # allocate stack for rootfs COPY_RSP_to_R8 # arg3 = &rootfs - LOADI64_rel_RDX %SIMPLE_FS_PROTOCOL_8 # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (last 64 bits) + LOAD64_rel_RDX %SIMPLE_FS_PROTOCOL_8 # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (last 64 bits) PUSH_RDX # push last 64 bits onto stack - LOADI64_rel_RDX %SIMPLE_FS_PROTOCOL # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (first 64 bits) + LOAD64_rel_RDX %SIMPLE_FS_PROTOCOL # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (first 64 bits) PUSH_RDX # push first 64 bits onto stack COPY_RSP_to_RDX # arg2 = &guid PUSH !1 # arg6 = EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL diff --git a/amd64/Development/hex0.hex2 b/amd64/Development/hex0.hex2 index fac0838..e761ddd 100644 --- a/amd64/Development/hex0.hex2 +++ b/amd64/Development/hex0.hex2 @@ -23,16 +23,16 @@ # efi_main(void *image_handle, struct efi_system_table *system) :_start 4889E5 ; COPY_RSP_to_RBP # save stack pointer - 4989CF ; COPY_R15_to_RCX # save image_handle + 4989CF ; COPY_RCX_to_R15 # save image_handle 4C8B72 60 ; LOAD64_into_R14_from_Address_RDX_Immediate8 !96 # system->boot 4D8BB6 18010000 ; LOAD64_into_R14_from_Address_R14_Immediate32 %280 # system->boot->open_protocol # Open Loaded Image protocol 50 ; PUSH_RAX # allocate stack for image 4989E0 ; COPY_RSP_to_R8 # arg3 = &image - 488B15 %LOADED_IMAGE_PROTOCOL_8 ; LOADI64_rel_RDX !LOADED_IMAGE_PROTOCOL_8 # EFI_LOADED_IMAGE_PROTOCOL_GUID (last 64 bits) + 488B15 %LOADED_IMAGE_PROTOCOL_8 ; LOAD64_rel_RDX !LOADED_IMAGE_PROTOCOL_8 # EFI_LOADED_IMAGE_PROTOCOL_GUID (last 64 bits) 52 ; PUSH_RDX # push last 64 bits onto stack - 488B15 %LOADED_IMAGE_PROTOCOL ; LOADI64_rel_RDX !LOADED_IMAGE_PROTOCOL # EFI_LOADED_IMAGE_PROTOCOL_GUID (first 64 bits) + 488B15 %LOADED_IMAGE_PROTOCOL ; LOAD64_rel_RDX !LOADED_IMAGE_PROTOCOL # EFI_LOADED_IMAGE_PROTOCOL_GUID (first 64 bits) 52 ; PUSH_RDX # push first 64 bits onto stack 4889E2 ; COPY_RSP_to_RDX # arg2 = &guid 6A 01 ; PUSH !1 # arg6 = EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL @@ -69,9 +69,9 @@ # Get root file system 50 ; PUSH_RAX # allocate stack for rootfs 4989E0 ; COPY_RSP_to_R8 # arg3 = &rootfs - 488B15 %SIMPLE_FS_PROTOCOL_8 ; LOADI64_rel_RDX %SIMPLE_FS_PROTOCOL_8 # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (last 64 bits) + 488B15 %SIMPLE_FS_PROTOCOL_8 ; LOAD64_rel_RDX %SIMPLE_FS_PROTOCOL_8 # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (last 64 bits) 52 ; PUSH_RDX # push last 64 bits onto stack - 488B15 %SIMPLE_FS_PROTOCOL ; LOADI64_rel_RDX %SIMPLE_FS_PROTOCOL # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (first 64 bits) + 488B15 %SIMPLE_FS_PROTOCOL ; LOAD64_rel_RDX %SIMPLE_FS_PROTOCOL # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (first 64 bits) 52 ; PUSH_RDX # push first 64 bits onto stack 4889E2 ; COPY_RSP_to_RDX # arg2 = &guid 6A 01 ; PUSH !1 # arg6 = EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL diff --git a/amd64/Development/hex1.M1 b/amd64/Development/hex1.M1 index e78263b..41a37d9 100644 --- a/amd64/Development/hex1.M1 +++ b/amd64/Development/hex1.M1 @@ -3,14 +3,15 @@ # # SPDX-License-Identifier: GPL-3.0-or-later -DEFINE ADDI32_to_RAX 4805 DEFINE ADDI32_to_R13 4981C5 DEFINE ADDI8_RBX 4883C3 +DEFINE ADD_RCX_to_RAX 4801C8 DEFINE ADD_R14_to_RAX 4C01F0 DEFINE ADDI8_RSP 4883C4 DEFINE CALLI32 E8 -DEFINE CALL_R14 41FFD6 DEFINE CALL_RCX_Immediate8 FF51 +DEFINE CALL_R14_Immediate8 41FF56 +DEFINE CALL_R14_Immediate32 41FF96 DEFINE CMPI8_AL 3C DEFINE CMPI32_RAX 483D DEFINE CMPI32_R15 4981FF @@ -18,17 +19,17 @@ DEFINE COPY_RAX_to_R14 4989C6 DEFINE COPY_RBX_to_R12 4989DC DEFINE COPY_RBX_to_R13 4989DD DEFINE COPY_RCX_to_RAX 4889C1 +DEFINE COPY_RCX_to_R15 4989CF DEFINE COPY_RSP_to_RBP 4889E5 DEFINE COPY_RSP_to_RDX 4889E2 DEFINE COPY_RSP_to_R8 4989E0 DEFINE COPY_RBP_to_RSP 4889EC -DEFINE COPY_RCX_to_R9 4989C9 DEFINE COPY_RDI_to_RCX 4889F9 DEFINE COPY_R12_to_R8 4D89E0 DEFINE COPY_RBX_to_RCX 4889D9 DEFINE COPY_R13_to_R8 4D89E8 DEFINE COPY_R14_to_RCX 4C89F1 -DEFINE COPY_R15_to_RCX 4989CF +DEFINE COPY_R15_to_RCX 4C89F9 DEFINE COPY_R15_to_R9 4D89F9 DEFINE JE32 0F84 DEFINE JL32 0F8C @@ -45,14 +46,18 @@ DEFINE LOAD64_into_RBX_from_Address_RSP_Immediate8 488B5C24 DEFINE LOAD64_into_R14_from_Address_RDX_Immediate8 4C8B72 DEFINE LOAD64_into_R14_from_Address_R14_Immediate32 4D8BB6 DEFINE LOAD8_AL_from_Address_RBX 8A03 +DEFINE LOADI8_DH B6 DEFINE LOADI32_RAX 48C7C0 DEFINE LOADI32_RDX 48C7C2 DEFINE LOADI32_R13 49C7C5 DEFINE LOADI32_R14 49C7C6 DEFINE LOADI32_R15 49C7C7 -DEFINE LOADI64_rel_RDX 488B15 +DEFINE LOAD64_rel_RCX 488B0D +DEFINE LOAD64_rel_RDX 488B15 +DEFINE LOAD64_rel_R14 4C8B35 DEFINE NOT_R15 49F7D7 DEFINE POP_RAX 58 +DEFINE POP_RCX 59 DEFINE POP_RSI 5E DEFINE POP_R9 4159 DEFINE POP_R14 415E @@ -66,6 +71,8 @@ DEFINE ROR_R9 49D1C9 DEFINE SHL8_R14 49C1E6 DEFINE SHL8_RAX 48C1E0 DEFINE STORE32_R13_to_Address_in_RAX 4C8928 +DEFINE STORE64_rel_R14 4C8935 +DEFINE STORE64_rel_RAX 488905 DEFINE STOREI8_into_Address_RBX C603 DEFINE SUBI8_RSP 4883EC DEFINE SUBI8_from_RAX 4883E8 @@ -76,24 +83,37 @@ DEFINE TEST_ESI_ESI 85F6 # efi_main(void *image_handle, struct efi_system_table *system) :_start COPY_RSP_to_RBP # save stack pointer - COPY_R15_to_RCX # save image_handle + COPY_RCX_to_R15 # save image_handle LOAD64_into_R14_from_Address_RDX_Immediate8 !96 # system->boot - LOAD64_into_R14_from_Address_R14_Immediate32 %280 # system->boot->open_protocol + STORE64_rel_R14 %SystemBoot # save system->boot + + # Allocate pool for single-character label table + PUSH_RDX # allocate stack for table + COPY_RSP_to_R8 # arg3 = &table + XOR_EDX_EDX # zero rdx + LOADI8_DH !0x8 # arg2 = 256 * 8 = 2048 = 0x800 + PUSH !2 + POP_RCX # arg1 = EFI_LOADER_DATA + SUBI8_RSP !24 # allocate shadow stack space for UEFI + CALL_R14_Immediate8 !64 # system->boot->allocate_pool(EFI_LOADER_DATA, 2048, &table) + ADDI8_RSP !24 # deallocate stack + POP_RAX # get table + STORE64_rel_RAX %table # save table # Open Loaded Image protocol PUSH_RAX # allocate stack for image COPY_RSP_to_R8 # arg3 = &image - LOADI64_rel_RDX %LOADED_IMAGE_PROTOCOL_8 # EFI_LOADED_IMAGE_PROTOCOL_GUID (last 64 bits) + LOAD64_rel_RDX %LOADED_IMAGE_PROTOCOL_8 # EFI_LOADED_IMAGE_PROTOCOL_GUID (last 64 bits) PUSH_RDX # push last 64 bits onto stack - LOADI64_rel_RDX %LOADED_IMAGE_PROTOCOL # EFI_LOADED_IMAGE_PROTOCOL_GUID (first 64 bits) + LOAD64_rel_RDX %LOADED_IMAGE_PROTOCOL # EFI_LOADED_IMAGE_PROTOCOL_GUID (first 64 bits) PUSH_RDX # push first 64 bits onto stack COPY_RSP_to_RDX # arg2 = &guid PUSH !1 # arg6 = EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL PUSH !0 # arg5 = NULL - COPY_RCX_to_R9 # arg4 = image_handle - # arg1 = ImageHandle (already set) + COPY_R15_to_R9 # arg4 = image_handle + COPY_R15_to_RCX # arg1 = image_handle SUBI8_RSP !32 # allocate shadow stack space for UEFI function - CALL_R14 # system->boot->open_protocol(image_handle, &guid, &image, image_handle, 0, EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL) + CALL_R14_Immediate32 %280 # system->boot->open_protocol(image_handle, &guid, &image, image_handle, 0, EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL) LOAD64_into_RAX_from_Address_RSP_Immediate8 !64 # get_image COPY_RCX_to_RAX # save image @@ -122,9 +142,9 @@ DEFINE TEST_ESI_ESI 85F6 # Get root file system PUSH_RAX # allocate stack for rootfs COPY_RSP_to_R8 # arg3 = &rootfs - LOADI64_rel_RDX %SIMPLE_FS_PROTOCOL_8 # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (last 64 bits) + LOAD64_rel_RDX %SIMPLE_FS_PROTOCOL_8 # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (last 64 bits) PUSH_RDX # push last 64 bits onto stack - LOADI64_rel_RDX %SIMPLE_FS_PROTOCOL # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (first 64 bits) + LOAD64_rel_RDX %SIMPLE_FS_PROTOCOL # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (first 64 bits) PUSH_RDX # push first 64 bits onto stack COPY_RSP_to_RDX # arg2 = &guid PUSH !1 # arg6 = EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL @@ -132,7 +152,7 @@ DEFINE TEST_ESI_ESI 85F6 COPY_R15_to_R9 # arg4 = image_handle LOAD64_into_RCX_from_Address_RCX_Immediate8 !24 # arg1 = root_device = image->device SUBI8_RSP !32 # allocate shadow stack space for UEFI function - CALL_R14 # system->boot->open_protocol(root_device, &guid, &rootfs, image_handle, 0, EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL) + CALL_R14_Immediate32 %280 # system->boot->open_protocol(root_device, &guid, &rootfs, image_handle, 0, EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL) LOAD64_into_RCX_from_Address_RSP_Immediate8 !64 # get rootfs # Get root directory @@ -347,9 +367,8 @@ DEFINE TEST_ESI_ESI 85F6 ADD_R14_to_RAX # flip the toggle - NOT_R15 + NOT_R15 # R15 = -1 - # Print our first Hex LOADI32_RDX %1 # set the size of chars we want CALLI32 %print_chars @@ -399,7 +418,8 @@ DEFINE TEST_ESI_ESI 85F6 :Get_table_target CALLI32 %Read_byte # Get single char label SHL8_RAX !3 # Each label in table takes 8 bytes to store - ADDI32_to_RAX &table # Calculate offset + LOAD64_rel_RCX %table # Get table + ADD_RCX_to_RAX # Calculate offset RET :StoreLabel @@ -417,7 +437,12 @@ DEFINE TEST_ESI_ESI 85F6 RET :Done - PUSH_RBX # allocate stack + # Free pool + LOAD64_rel_RCX %table # arg1 = table + PUSH_RAX # allocate shadow stack space for UEFI function + LOAD64_rel_R14 %SystemBoot # get system->boot + CALL_R14_Immediate8 !72 # system->boot->free_pool(table) + COPY_RDI_to_RCX # arg1 = fin CALL_RCX_Immediate8 !16 # fin->close() COPY_RBX_to_RCX # arg1 = fout @@ -445,4 +470,7 @@ DEFINE TEST_ESI_ESI 85F6 :table %0 %0 +:SystemBoot + %0 %0 + :PE32_end diff --git a/amd64/Development/hex1.S b/amd64/Development/hex1.S index c097991..ac8f965 100644 --- a/amd64/Development/hex1.S +++ b/amd64/Development/hex1.S @@ -11,7 +11,7 @@ _start: mov rbp, rsp # save stack pointer mov r15, rcx # save image_handle mov r14, [rdx+96] # system->boot - mov [SystemBoot], r14 # save system->boot + mov [rip+SystemBoot], r14 # save system->boot # Allocate pool for single-character label table push rdx # allocate stack for table @@ -24,7 +24,7 @@ _start: call [r14+64] # system->boot->allocate_pool(EFI_LOADER_DATA, 2048, &table) add rsp, 24 # deallocate stack pop rax # get table - mov [table], rax # save table + mov [rip+table], rax # save table # Open Loaded Image protocol push rax # allocate stack for image @@ -345,7 +345,7 @@ print_chars: Get_table_target: call Read_byte # Get single char label shl rax, 3 # Each label in table takes 8 bytes to store - mov rcx, [rip+table] + mov rcx, [rip+table] # Get table add rax, rcx # Calculate offset ret @@ -365,12 +365,11 @@ StorePointer: Done: # Free pool - mov rcx, [table] # arg1 = table + mov rcx, [rip+table] # arg1 = table push rax # allocate shadow stack space for UEFI function - mov r14, [SystemBoot] # get system->boot - call [r14+72] # system->boot->free_pool(commmand) + mov r14, [rip+SystemBoot] # get system->boot + call [r14+72] # system->boot->free_pool(table) - push rbx # allocate stack mov rcx, rdi # arg1 = fin call [rcx+16] # fin->close() mov rcx, rbx # arg1 = fout diff --git a/amd64/Development/hex1.hex2 b/amd64/Development/hex1.hex2 index b4f6d93..822f953 100644 --- a/amd64/Development/hex1.hex2 +++ b/amd64/Development/hex1.hex2 @@ -7,24 +7,37 @@ # efi_main(void *image_handle, struct efi_system_table *system) :_start 4889E5 ; COPY_RSP_to_RBP # save stack pointer - 4989CF ; COPY_R15_to_RCX # save image_handle + 4989CF ; COPY_RCX_to_R15 # save image_handle 4C8B72 60 ; LOAD64_into_R14_from_Address_RDX_Immediate8 !96 # system->boot - 4D8BB6 18010000 ; LOAD64_into_R14_from_Address_R14_Immediate32 %280 # system->boot->open_protocol + 4C8935 %SystemBoot ; STORE64_rel_R14 %SystemBoot # save system->boot + + # Allocate pool for single-character label table + 52 ; PUSH_RDX # allocate stack for table + 4989E0 ; COPY_RSP_to_R8 # arg3 = &table + 31D2 ; XOR_EDX_EDX # zero rdx + B6 08 ; LOADI8_DH !0x8 # arg2 = 256 * 8 = 2048 = 0x800 + 6A 02 ; PUSH !2 + 59 ; POP_RCX # arg1 = EFI_LOADER_DATA + 4883EC 18 ; SUBI8_RSP !24 # allocate shadow stack space for UEFI + 41FF56 40 ; CALL_R14_Immediate8 !64 # system->boot->allocate_pool(EFI_LOADER_DATA, 2048, &table) + 4883C4 18 ; ADDI8_RSP !24 # deallocate stack + 58 ; POP_RAX # get table + 488905 %table ; STORE64_rel_RAX %table # save table # Open Loaded Image protocol 50 ; PUSH_RAX # allocate stack for image 4989E0 ; COPY_RSP_to_R8 # arg3 = &image - 488B15 %LOADED_IMAGE_PROTOCOL_8 ; LOADI64_rel_RDX !LOADED_IMAGE_PROTOCOL_8 # EFI_LOADED_IMAGE_PROTOCOL_GUID (last 64 bits) + 488B15 %LOADED_IMAGE_PROTOCOL_8 ; LOAD64_rel_RDX !LOADED_IMAGE_PROTOCOL_8 # EFI_LOADED_IMAGE_PROTOCOL_GUID (last 64 bits) 52 ; PUSH_RDX # push last 64 bits onto stack - 488B15 %LOADED_IMAGE_PROTOCOL ; LOADI64_rel_RDX !LOADED_IMAGE_PROTOCOL # EFI_LOADED_IMAGE_PROTOCOL_GUID (first 64 bits) + 488B15 %LOADED_IMAGE_PROTOCOL ; LOAD64_rel_RDX !LOADED_IMAGE_PROTOCOL # EFI_LOADED_IMAGE_PROTOCOL_GUID (first 64 bits) 52 ; PUSH_RDX # push first 64 bits onto stack 4889E2 ; COPY_RSP_to_RDX # arg2 = &guid 6A 01 ; PUSH !1 # arg6 = EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL 6A 00 ; PUSH !0 # arg5 = NULL - 4989C9 ; COPY_RCX_to_R9 # arg4 = image_handle - # arg1 = ImageHandle (already set) + 4D89F9 ; COPY_R15_to_R9 # arg4 = image_handle + 4C89F9 ; COPY_R15_to_RCX # arg1 = image_handle 4883EC 20 ; SUBI8_RSP !32 # allocate shadow stack space for UEFI function - 41FFD6 ; CALL_R14 # system->boot->open_protocol(image_handle, &guid, &image, image_handle, 0, EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL) + 41FF96 18010000 ; CALL_R14_Immediate32 %280 # system->boot->open_protocol(image_handle, &guid, &image, image_handle, 0, EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL) 488B4424 40 ; LOAD64_into_RAX_from_Address_RSP_Immediate8 !64 # get_image 4889C1 ; COPY_RCX_to_RAX # save image @@ -53,9 +66,9 @@ # Get root file system 50 ; PUSH_RAX # allocate stack for rootfs 4989E0 ; COPY_RSP_to_R8 # arg3 = &rootfs - 488B15 %SIMPLE_FS_PROTOCOL_8 ; LOADI64_rel_RDX %SIMPLE_FS_PROTOCOL_8 # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (last 64 bits) + 488B15 %SIMPLE_FS_PROTOCOL_8 ; LOAD64_rel_RDX %SIMPLE_FS_PROTOCOL_8 # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (last 64 bits) 52 ; PUSH_RDX # push last 64 bits onto stack - 488B15 %SIMPLE_FS_PROTOCOL ; LOADI64_rel_RDX %SIMPLE_FS_PROTOCOL # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (first 64 bits) + 488B15 %SIMPLE_FS_PROTOCOL ; LOAD64_rel_RDX %SIMPLE_FS_PROTOCOL # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (first 64 bits) 52 ; PUSH_RDX # push first 64 bits onto stack 4889E2 ; COPY_RSP_to_RDX # arg2 = &guid 6A 01 ; PUSH !1 # arg6 = EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL @@ -63,7 +76,7 @@ 4D89F9 ; COPY_R15_to_R9 # arg4 = image_handle 488B49 18 ; LOAD64_into_RCX_from_Address_RCX_Immediate8 !24 # arg1 = root_device = image->device 4883EC 20 ; SUBI8_RSP !32 # allocate shadow stack space for UEFI function - 41FFD6 ; CALL_R14 # system->boot->open_protocol(root_device, &guid, &rootfs, image_handle, 0, EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL) + 41FF96 18010000 ; CALL_R14_Immediate32 %280 # system->boot->open_protocol(root_device, &guid, &rootfs, image_handle, 0, EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL) 488B4C24 40 ; LOAD64_into_RCX_from_Address_RSP_Immediate8 !64 # get rootfs # Get root directory @@ -278,9 +291,8 @@ 4C01F0 ; ADD_R14_to_RAX # flip the toggle - 49F7D7 ; NOT_R15 + 49F7D7 ; NOT_R15 # R15 = -1 - # Print our first Hex 48C7C2 01000000 ; LOADI32_RDX %1 # set the size of chars we want E8 %print_chars ; CALLI32 %print_chars @@ -330,7 +342,8 @@ :Get_table_target E8 %Read_byte ; CALLI32 %Read_byte # Get single char label 48C1E0 03 ; SHL8_RAX !3 # Each label in table takes 8 bytes to store - 4805 &table ; ADDI32_to_RAX &table # Calculate offset + 488B0D %table ; LOAD64_rel_RCX %table # Get table + 4801C8 ; ADD_RCX_to_RAX # Calculate offset C3 ; RET :StoreLabel @@ -348,7 +361,12 @@ C3 ; RET :Done - 53 ; PUSH_RBX # allocate stack + # Free pool + 488B0D %table ; LOAD64_rel_RCX %table # arg1 = table + 50 ; PUSH_RAX # allocate shadow stack space for UEFI function + 4C8B35 %SystemBoot ; LOAD64_rel_R14 %SystemBoot # get system->boot + 41FF56 48 ; CALL_R14_Immediate8 !72 # system->boot->free_pool(table) + 4889F9 ; COPY_RDI_to_RCX # arg1 = fin FF51 10 ; CALL_RCX_Immediate8 !16 # fin->close() 4889D9 ; COPY_RBX_to_RCX # arg1 = fout @@ -376,4 +394,7 @@ :table 00000000 00000000 +:SystemBoot + 00000000 00000000 + :PE32_end diff --git a/amd64/Development/kaem-minimal.M1 b/amd64/Development/kaem-minimal.M1 index ba4bc9f..6eeab3e 100644 --- a/amd64/Development/kaem-minimal.M1 +++ b/amd64/Development/kaem-minimal.M1 @@ -56,8 +56,8 @@ DEFINE LOAD64_into_RDX_rel32 488B15 DEFINE LOAD64_into_R9_rel32 4C8B0D DEFINE LOAD8_AL_from_Address_RBX 8A03 DEFINE LOADI8_DH B6 -DEFINE LOADI64_rel_RCX 488B0D -DEFINE LOADI64_rel_RDX 488B15 +DEFINE LOAD64_rel_RCX 488B0D +DEFINE LOAD64_rel_RDX 488B15 DEFINE POP_RAX 58 DEFINE POP_RBX 5B DEFINE POP_RCX 59 @@ -125,9 +125,9 @@ DEFINE XOR_R15_R15 4D31FF # Open Loaded Image protocol PUSH_RAX # allocate stack for image COPY_RSP_to_R8 # arg3 = &image - LOADI64_rel_RDX %LOADED_IMAGE_PROTOCOL_8 # EFI_LOADED_IMAGE_PROTOCOL_GUID (last 64 bits) + LOAD64_rel_RDX %LOADED_IMAGE_PROTOCOL_8 # EFI_LOADED_IMAGE_PROTOCOL_GUID (last 64 bits) PUSH_RDX # push last 64 bits onto stack - LOADI64_rel_RDX %LOADED_IMAGE_PROTOCOL # EFI_LOADED_IMAGE_PROTOCOL_GUID (first 64 bits) + LOAD64_rel_RDX %LOADED_IMAGE_PROTOCOL # EFI_LOADED_IMAGE_PROTOCOL_GUID (first 64 bits) PUSH_RDX # push first 64 bits onto stack COPY_RSP_to_RDX # arg2 = &guid PUSH !1 # arg6 = EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL @@ -164,9 +164,9 @@ DEFINE XOR_R15_R15 4D31FF # Get root file system PUSH_RAX # allocate stack for rootfs COPY_RSP_to_R8 # arg3 = &rootfs - LOADI64_rel_RDX %SIMPLE_FS_PROTOCOL_8 # SIMPLE_FS_PROTOCOL (last 64 bits) + LOAD64_rel_RDX %SIMPLE_FS_PROTOCOL_8 # SIMPLE_FS_PROTOCOL (last 64 bits) PUSH_RDX # push last 64 bits onto stack - LOADI64_rel_RDX %SIMPLE_FS_PROTOCOL # SIMPLE_FS_PROTOCOL (first 64 bits) + LOAD64_rel_RDX %SIMPLE_FS_PROTOCOL # SIMPLE_FS_PROTOCOL (first 64 bits) PUSH_RDX # push first 64 bits onto stack COPY_RSP_to_RDX # arg2 = &guid PUSH !1 # arg6 = EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL @@ -308,9 +308,9 @@ DEFINE XOR_R15_R15 4D31FF PUSH_RAX # allocate stack for file_size COPY_RSP_to_R8 # arg3 = &file_size STOREI32_into_Address_R8 %0x1000 # file_size = 0x1000 - LOADI64_rel_RDX %SIMPLE_FS_PROTOCOL_8 # EFI_FILE_INFO_PROTOCOL (last 64 bits) + LOAD64_rel_RDX %SIMPLE_FS_PROTOCOL_8 # EFI_FILE_INFO_PROTOCOL (last 64 bits) PUSH_RDX # push last 64 bits onto stack - LOADI64_rel_RDX %FILE_INFO_PROTOCOL # EFI_FILE_INFO_PROTOCOL (first 64 bits) + LOAD64_rel_RDX %FILE_INFO_PROTOCOL # EFI_FILE_INFO_PROTOCOL (first 64 bits) PUSH_RDX # push first 64 bits onto stack COPY_RSP_to_RDX # arg2 = &guid COPY_RDI_to_RCX # arg1 = fcmd @@ -431,9 +431,9 @@ DEFINE XOR_R15_R15 4D31FF # Open Child Image PUSH_RAX # allocate stack for child_image COPY_RSP_to_R8 # arg3 = &child_image - LOADI64_rel_RDX %LOADED_IMAGE_PROTOCOL_8 # EFI_LOADED_IMAGE_PROTOCOL_GUID (last 64 bits) + LOAD64_rel_RDX %LOADED_IMAGE_PROTOCOL_8 # EFI_LOADED_IMAGE_PROTOCOL_GUID (last 64 bits) PUSH_RDX # push last 64 bits onto stack - LOADI64_rel_RDX %LOADED_IMAGE_PROTOCOL # EFI_LOADED_IMAGE_PROTOCOL_GUID (first 64 bits) + LOAD64_rel_RDX %LOADED_IMAGE_PROTOCOL # EFI_LOADED_IMAGE_PROTOCOL_GUID (first 64 bits) PUSH_RDX # push first 64 bits onto stack COPY_RSP_to_RDX # arg2 = &guid PUSH !1 # arg6 = EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL @@ -447,7 +447,7 @@ DEFINE XOR_R15_R15 4D31FF STORE64_from_RBX_into_Address_RAX_Immediate8 !56 # child_image->load_options = command STORE64_from_RSI_into_Address_RAX_Immediate8 !48 # set child_image->load_options_size - LOADI64_rel_RCX %image # get image + LOAD64_rel_RCX %image # get image LOAD64_into_RCX_from_Address_RCX_Immediate8 !24 # image->device STORE64_from_RCX_into_Address_RCX_Immediate8 !24 # child_image->device = image->device @@ -494,7 +494,7 @@ DEFINE XOR_R15_R15 4D31FF # File_Print function # Receives WCHAR* in RDX :File_Print - LOADI64_rel_RCX %system_out # get system_out + LOAD64_rel_RCX %system_out # get system_out PUSH_RAX # allocate shadow stack space for UEFI function PUSH_RAX # allocate shadow stack space for UEFI function CALL_RCX_Immediate8 !8 # system->out->output_string(system->out, WCHAR*) diff --git a/amd64/Development/kaem-minimal.hex2 b/amd64/Development/kaem-minimal.hex2 index aae23d3..c48e300 100644 --- a/amd64/Development/kaem-minimal.hex2 +++ b/amd64/Development/kaem-minimal.hex2 @@ -21,9 +21,9 @@ # Open Loaded Image protocol 50 ; PUSH_RAX # allocate stack for image 4989E0 ; COPY_RSP_to_R8 # arg3 = &image - 488B15 %LOADED_IMAGE_PROTOCOL_8 ; LOADI64_rel_RDX %LOADED_IMAGE_PROTOCOL_8 # EFI_LOADED_IMAGE_PROTOCOL_GUID (last 64 bits) + 488B15 %LOADED_IMAGE_PROTOCOL_8 ; LOAD64_rel_RDX %LOADED_IMAGE_PROTOCOL_8 # EFI_LOADED_IMAGE_PROTOCOL_GUID (last 64 bits) 52 ; PUSH_RDX # push last 64 bits onto stack - 488B15 %LOADED_IMAGE_PROTOCOL ; LOADI64_rel_RDX %LOADED_IMAGE_PROTOCOL # EFI_LOADED_IMAGE_PROTOCOL_GUID (first 64 bits) + 488B15 %LOADED_IMAGE_PROTOCOL ; LOAD64_rel_RDX %LOADED_IMAGE_PROTOCOL # EFI_LOADED_IMAGE_PROTOCOL_GUID (first 64 bits) 52 ; PUSH_RDX # push first 64 bits onto 4889E2 ; COPY_RSP_to_RDX # arg2 = &guid 6A 01 ; PUSH !1 # arg6 = EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL @@ -60,9 +60,9 @@ # Get root file system 50 ; PUSH_RAX # allocate stack for rootfs 4989E0 ; COPY_RSP_to_R8 # arg3 = &rootfs - 488B15 %SIMPLE_FS_PROTOCOL_8 ; LOADI64_rel_RDX %SIMPLE_FS_PROTOCOL_8 # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (last 64 bits) + 488B15 %SIMPLE_FS_PROTOCOL_8 ; LOAD64_rel_RDX %SIMPLE_FS_PROTOCOL_8 # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (last 64 bits) 52 ; PUSH_RDX # push last 64 bits onto stack - 488B15 %SIMPLE_FS_PROTOCOL ; LOADI64_rel_RDX %SIMPLE_FS_PROTOCOL # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (first 64 bits) + 488B15 %SIMPLE_FS_PROTOCOL ; LOAD64_rel_RDX %SIMPLE_FS_PROTOCOL # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (first 64 bits) 52 ; PUSH_RDX # push first 64 bits onto stack 4889E2 ; COPY_RSP_to_RDX # arg2 = &guid 6A 01 ; PUSH !1 # arg6 = EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL @@ -204,9 +204,9 @@ 50 ; PUSH_RAX # allocate stack for file_size 4989E0 ; COPY_RSP_to_R8 # arg3 = &file_size 49C700 00100000 ; STOREI32_into_Address_R8 %0x1000 # file_size = 0x1000 - 488B15 %SIMPLE_FS_PROTOCOL_8 ; LOADI64_rel_RDX %SIMPLE_FS_PROTOCOL_8 # EFI_FILE_INFO_PROTOCOL (last 64 bits) + 488B15 %SIMPLE_FS_PROTOCOL_8 ; LOAD64_rel_RDX %SIMPLE_FS_PROTOCOL_8 # EFI_FILE_INFO_PROTOCOL (last 64 bits) 52 ; PUSH_RDX # push last 64 bits onto stack - 488B15 %FILE_INFO_PROTOCOL ; LOADI64_rel_RDX %FILE_INFO_PROTOCOL # EFI_FILE_INFO_PROTOCOL (first 64 bits) + 488B15 %FILE_INFO_PROTOCOL ; LOAD64_rel_RDX %FILE_INFO_PROTOCOL # EFI_FILE_INFO_PROTOCOL (first 64 bits) 52 ; PUSH_RDX # push first 64 bits onto stack 4889E2 ; COPY_RSP_to_RDX # arg2 = &guid 4889F9 ; COPY_RDI_to_RCX # arg1 = fcmd @@ -327,9 +327,9 @@ # Open Child Image 50 ; PUSH_RAX # allocate stack for child_image 4989E0 ; COPY_RSP_to_R8 # arg3 = &child_image - 488B15 %LOADED_IMAGE_PROTOCOL_8 ; LOADI64_rel_RDX %LOADED_IMAGE_PROTOCOL_8 # EFI_LOADED_IMAGE_PROTOCOL_GUID (last 64 bits) + 488B15 %LOADED_IMAGE_PROTOCOL_8 ; LOAD64_rel_RDX %LOADED_IMAGE_PROTOCOL_8 # EFI_LOADED_IMAGE_PROTOCOL_GUID (last 64 bits) 52 ; PUSH_RDX # push last 64 bits onto stack - 488B15 %LOADED_IMAGE_PROTOCOL ; LOADI64_rel_RDX %LOADED_IMAGE_PROTOCOL # EFI_LOADED_IMAGE_PROTOCOL_GUID (first 64 bits) + 488B15 %LOADED_IMAGE_PROTOCOL ; LOAD64_rel_RDX %LOADED_IMAGE_PROTOCOL # EFI_LOADED_IMAGE_PROTOCOL_GUID (first 64 bits) 52 ; PUSH_RDX # push first 64 bits onto 4889E2 ; COPY_RSP_to_RDX # arg2 = &guid 6A 01 ; PUSH !1 # arg6 = EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL @@ -343,7 +343,7 @@ 488958 38 ; STORE64_from_RBX_into_Address_RAX_Immediate8 !56 # child_image->load_options = command 488970 30 ; STORE64_from_RSI_into_Address_RAX_Immediate8 !48 # set child_image->load_options_size - 488B0D %image ; LOADI64_rel_RCX %image # get image + 488B0D %image ; LOAD64_rel_RCX %image # get image 488B49 18 ; LOAD64_into_RCX_from_Address_RCX_Immediate8 !24 # image->device 488948 18 ; STORE64_from_RCX_into_Address_RCX_Immediate8 !24 # child_image->device = image->device @@ -388,7 +388,7 @@ C3 ; RET :File_Print - 488B0D %system_out ; LOADI64_rel_RCX %system_out # get system_out + 488B0D %system_out ; LOAD64_rel_RCX %system_out # get system_out 50 ; PUSH_RAX # allocate shadow stack space for UEFI function 50 ; PUSH_RAX # allocate shadow stack space for UEFI function FF51 08 ; CALL_RCX_Immediate8 !8 # system->out->output_string(system->out, WCHAR*) diff --git a/amd64/hex0.hex0 b/amd64/hex0.hex0 index 3000d41..bedd8c3 100644 --- a/amd64/hex0.hex0 +++ b/amd64/hex0.hex0 @@ -151,17 +151,17 @@ A3 01 00 00 ; SizeOfRawData # efi_main(void *image_handle, struct efi_system_table *system) # :_start 4889E5 ; COPY_RSP_to_RBP # save stack pointer - 4989CF ; COPY_R15_to_RCX # save image_handle + 4989CF ; COPY_RCX_to_R15 # save image_handle 4C8B72 60 ; LOAD64_into_R14_from_Address_RDX_Immediate8 !96 # system->boot 4D8BB6 18010000 ; LOAD64_into_R14_from_Address_R14_Immediate32 %280 # system->boot->open_protocol # Open Loaded Image protocol 50 ; PUSH_RAX # allocate stack for image 4989E0 ; COPY_RSP_to_R8 # arg3 = &image - 488B15 6F010000 ; LOADI64_rel_RDX !LOADED_IMAGE_PROTOCOL_8 # EFI_LOADED_IMAGE_PROTOCOL_GUID (last 64 bits) + 488B15 6F010000 ; LOAD64_rel_RDX !LOADED_IMAGE_PROTOCOL_8 # EFI_LOADED_IMAGE_PROTOCOL_GUID (last 64 bits) # [_start+0x1C] 52 ; PUSH_RDX # push last 64 bits onto stack - 488B15 5F010000 ; LOADI64_rel_RDX !LOADED_IMAGE_PROTOCOL # EFI_LOADED_IMAGE_PROTOCOL_GUID (first 64 bits) + 488B15 5F010000 ; LOAD64_rel_RDX !LOADED_IMAGE_PROTOCOL # EFI_LOADED_IMAGE_PROTOCOL_GUID (first 64 bits) # [_start+0x24] 52 ; PUSH_RDX # push first 64 bits onto stack 4889E2 ; COPY_RSP_to_RDX # arg2 = &guid @@ -199,9 +199,9 @@ A3 01 00 00 ; SizeOfRawData # Get root file system [_start+0x67] 50 ; PUSH_RAX # allocate stack for rootfs 4989E0 ; COPY_R8_to_RSP # arg3 = &rootfs - 488B15 29010000 ; LOADI64_rel_RDX %SIMPLE_FS_PROTOCOL_8 # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (last 64 bits) + 488B15 29010000 ; LOAD64_rel_RDX %SIMPLE_FS_PROTOCOL_8 # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (last 64 bits) 52 ; PUSH_RDX # push last 64 bits onto stack - 488B15 19010000 ; LOADI64_rel_RDX %SIMPLE_FS_PROTOCOL # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (first 64 bits) + 488B15 19010000 ; LOAD64_rel_RDX %SIMPLE_FS_PROTOCOL # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (first 64 bits) 52 ; PUSH_RDX # push first 64 bits onto stack 4889E2 ; COPY_RSP_to_RDX # arg2 = &guid 6A 01 ; PUSH !1 # arg6 = EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL @@ -254,7 +254,7 @@ A3 01 00 00 ; SizeOfRawData # temp storage for the sum 31FF ; XOR_EDI_EDI # rdi = 0 -# :loop # [_start+0xE2] +# :loop [_start+0xE2] # Read a byte E8 6F000000 ; CALLI32 %read_byte diff --git a/amd64/hex1.hex0 b/amd64/hex1.hex0 new file mode 100644 index 0000000..dc939aa --- /dev/null +++ b/amd64/hex1.hex0 @@ -0,0 +1,529 @@ +# SPDX-FileCopyrightText: 2022 Andrius Štikonas +# SPDX-FileCopyrightText: 2017 Jeremiah Orians +# +# SPDX-License-Identifier: GPL-3.0-or-later + +# DOS MZ header +4D 5A # Signature +00 00 # Number of bytes in the last page. +00 00 # Number of whole/partial pages +00 00 # Number of entries in the relocation table. +00 00 # Header size +00 00 # Minimum allocation +00 00 # Maximum allocation +00 00 # Relocatable segment address for SS +00 00 # Initial value for SP +00 00 # Checksum (I don't think is looked at) +00 00 # Initial value for IP (Seems ignored) +00 00 # Relocatable segment address for CS (Seems ignored) +00 00 # The (absolute) offset to the relocation table. +00 00 # Value used for overlay management. If zero, this is the main executable +00 00 00 00 00 00 00 00 # Reserved in PE +00 00 # OEM identifier +00 00 # OEM info +00 00 00 00 00 00 00 00 00 00 # The required reserved 20 bytes of NULLS +00 00 00 00 00 00 00 00 00 00 +40 00 00 00 # Starting address of the PE header + +# [0x40] +# PE header +50 45 00 00 # Signature "PE" +64 86 # Machine +01 00 # number of sections +00 00 00 00 # Timestamp supposedly +00 00 00 00 # PointerToSymbolTable +00 00 00 00 # number of symbols +F0 00 # SizeOfOptionalHeader +00 00 # 'Characteristics' + +# [0x58] +# COFF header bits +0B 02 # Magic PE32+ (64 bit) +00 00 # Linker version +00 00 00 00 # size of code +00 00 00 00 # sizeOfInitializedData +00 00 00 00 # SizeOfUninitializedData +00 10 00 00 # AddressOfEntryPoint +00 10 00 00 # BaseOfCode +00 00 00 80 01 00 00 00 # ImageBase +01 00 00 00 # SectionAlignment +01 00 00 00 # FileAlignment +00 00 00 00 # OperatingSystemVersion +00 00 00 00 # ImageVersion +00 00 00 00 # SubsystemVersion +00 00 00 00 # Win32VersionValue +00 20 00 00 # SizeOfImage +70 01 00 00 # SizeOfHeaders +00 00 00 00 # CheckSum (isn't used at all) +0A 00 # Subsystem +00 00 # DllCharacteristics +00 00 00 00 # SizeOfStackReserve +00 00 00 00 # SizeOfStackCommit +00 00 00 00 # SizeOfHeapReserve +00 00 00 00 # SizeOfHeapCommit +00 00 00 00 # LoaderFlags +00 00 00 00 # NumberOfRvaAndSizes + +# [0xB8] +# Data directories (has to be 16 entries always 16bytes per entry) +00 00 00 00 # Export Table +00 00 00 00 # Size of Export Table + +00 00 00 00 # Import Table +10 00 00 00 # Size of Import Table + +00 00 00 00 # Resource Table +00 00 00 00 # Size of Resource Table + +00 00 00 00 # Exception Table +00 00 00 00 # Size of Exception Table + +00 00 00 00 # Certificate Table +00 00 00 00 # Size of Certificate Table + +00 00 00 00 # Base Relocation Table +00 00 00 00 # Size of Base Relocation Table + +00 00 00 00 # Debug Table +00 00 00 00 # Size of Debug Table + +00 00 00 00 # Architecture Data Table +00 00 00 00 # Size of Architecture Data Table + +00 00 00 00 # Global Pointer +00 00 00 00 # NULL + +00 00 00 00 # TLS Table +00 00 00 00 # Size of TLS Table + +00 00 00 00 # Load Config Table +00 00 00 00 # Size of Load Config Table + +00 00 00 00 # Bound Import Table +00 00 00 00 # Size of Bound Import Table + +00 00 00 00 # Import Address Table +00 00 00 00 # Size of Import Address Table + +00 00 00 00 # Delay Import Descriptor Table +00 00 00 00 # Size of Delay Import Descriptor Table + +00 00 00 00 # CLR Runtime header table +00 00 00 00 # Size of CLR Runtime Header table + +00 00 00 00 00 00 00 00 # MUST BE NULL + +# no idea what it is yet +00 00 00 00 00 00 00 00 +00 00 00 00 00 00 00 00 + +# [0x148] +# Start of section headers +00 00 00 00 00 00 00 00 ; Name of the section (empty) but could set to ".text" +D4 03 00 00 ; VirtualSize +00 10 00 00 ; VirtualAddress +D4 03 00 00 ; SizeOfRawData +70 01 00 00 ; PointerToRawData +00 00 00 00 ; PointerToRelocations +00 00 00 00 ; PointerToLinenumbers +00 00 ; NumberOfRelocations +00 00 ; NumberOfLinenumbers +00 00 00 00 ; 'Characteristics' + +# [0x170] + +# efi_main(void *image_handle, struct efi_system_table *system) +# :_start + 4889E5 ; COPY_RSP_to_RBP # save stack pointer + 4989CF ; COPY_RCX_to_R15 # save image_handle + 4C8B72 60 ; LOAD64_into_R14_from_Address_RDX_Immediate8 !96 # system->boot + 4C8935 BB030000 ; STORE64_rel_R14 %SystemBoot # save system->boot + + # Allocate pool for single-character label table + 52 ; PUSH_RDX # allocate stack for table + 4989E0 ; COPY_RSP_to_R8 # arg3 = &table + 31D2 ; XOR_EDX_EDX # zero rdx + B6 08 ; LOADI8_DH !0x8 # arg2 = 256 * 8 = 2048 = 0x800 + 6A 02 ; PUSH !2 + 59 ; POP_RCX # arg1 = EFI_LOADER_DATA + 4883EC 18 ; SUBI8_RSP !24 # allocate shadow stack space for UEFI + 41FF56 40 ; CALL_R14_Immediate8 !64 # system->boot->allocate_pool(EFI_LOADER_DATA, 2048, &table) + 4883C4 18 ; ADDI8_RSP !24 # deallocate stack + 58 ; POP_RAX # get table + 488905 94030000 ; STORE64_rel_RAX %table # save table + + # Open Loaded Image protocol + 50 ; PUSH_RAX # allocate stack for image + 4989E0 ; COPY_RSP_to_R8 # arg3 = &image + 488B15 71030000 ; LOAD64_rel_RDX !LOADED_IMAGE_PROTOCOL_8 # EFI_LOADED_IMAGE_PROTOCOL_GUID (last 64 bits) + 52 ; PUSH_RDX # push last 64 bits onto stack + 488B15 61030000 ; LOAD64_rel_RDX !LOADED_IMAGE_PROTOCOL # EFI_LOADED_IMAGE_PROTOCOL_GUID (first 64 bits) + 52 ; PUSH_RDX # push first 64 bits onto stack + 4889E2 ; COPY_RSP_to_RDX # arg2 = &guid + 6A 01 ; PUSH !1 # arg6 = EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL + 6A 00 ; PUSH !0 # arg5 = NULL + 4D89F9 ; COPY_R15_to_R9 # arg4 = image_handle + 4C89F9 ; COPY_R15_to_RCX # arg1 = image_handle + 4883EC 20 ; SUBI8_RSP !32 # allocate shadow stack space for UEFI function + 41FF96 18010000 ; CALL_R14_Immediate32 %280 # system->boot->open_protocol(image_handle, &guid, &image, image_handle, 0, EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL) + 488B4424 40 ; LOAD64_into_RAX_from_Address_RSP_Immediate8 !64 # get_image + 4889C1 ; COPY_RCX_to_RAX # save image + + # Command line args + 488B58 38 ; LOAD64_into_RBX_from_Address_RAX_Immediate8 !56 # options = image->load_options + +# :loop_options1 [_start+0x68] # Skip application name + 4883C3 02 ; ADDI8_RBX !2 # ++options + 8A03 ; LOAD8_AL_from_Address_RBX # *options + 3C 20 ; CMPI8_AL !0x20 # if *options != ' ' + 75 F6 ; JNE8 !loop_options1 # then jump + + 4883C3 02 ; ADDI8_RBX !2 # ++options + 4989DC ; COPY_RBX_to_R12 # save input file + +# :loop_options2 [_start+0x79] # Skip argv[1] + 4883C3 02 ; ADDI8_RBX !2 # ++options + 8A03 ; LOAD8_AL_from_Address_RBX # *options + 3C 20 ; CMPI8_AL !0x20 # if *options != ' ' + 75 F6 ; JNE8 !loop_options2 # then jump + + C603 00 ; STOREI8_into_Address_RBX !0 # *options = 0; + 4883C3 02 ; ADDI8_RBX !2 # ++options + 4989DD ; COPY_RBX_to_R13 # save output file + + # Get root file system + 50 ; PUSH_RAX # allocate stack for rootfs + 4989E0 ; COPY_RSP_to_R8 # arg3 = &rootfs + 488B15 24030000 ; LOAD64_rel_RDX %SIMPLE_FS_PROTOCOL_8 # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (last 64 bits) + 52 ; PUSH_RDX # push last 64 bits onto stack + 488B15 14030000 ; LOAD64_rel_RDX %SIMPLE_FS_PROTOCOL # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (first 64 bits) + 52 ; PUSH_RDX # push first 64 bits onto stack + 4889E2 ; COPY_RSP_to_RDX # arg2 = &guid + 6A 01 ; PUSH !1 # arg6 = EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL + 6A 00 ; PUSH !0 # arg5 = NULL + 4D89F9 ; COPY_R15_to_R9 # arg4 = image_handle + 488B49 18 ; LOAD64_into_RCX_from_Address_RCX_Immediate8 !24 # arg1 = root_device = image->device + 4883EC 20 ; SUBI8_RSP !32 # allocate shadow stack space for UEFI function + 41FF96 18010000 ; CALL_R14_Immediate32 %280 # system->boot->open_protocol(root_device, &guid, &rootfs, image_handle, 0, EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL) + 488B4C24 40 ; LOAD64_into_RCX_from_Address_RSP_Immediate8 !64 # get rootfs + + # Get root directory + 52 ; PUSH_RDX # allocate stack for rootdir + 4889E2 ; COPY_RSP_to_RDX # arg2 = &rootdir + 50 ; PUSH_RAX # allocate shadow stack space for UEFI function + 50 ; PUSH_RAX # allocate shadow stack space for UEFI function + FF51 08 ; CALL_RCX_Immediate8 !8 # rootfs->open_volume(rootfs, &rootdir) + 58 ; POP_RAX # deallocate stack + 58 ; POP_RAX # deallocate stack + 415E ; POP_R14 # save &rootdir + + # Open file for reading + 52 ; PUSH_RDX # allocate stack for fin + 4889E2 ; COPY_RSP_to_RDX # arg2 = &fin + 6A 01 ; PUSH !1 # arg5 = EFI_FILE_READ_ONLY + 6A 01 ; PUSH !1 # prepare to set arg4 to EFI_FILE_MODE_READ + 4159 ; POP_R9 # arg4 = EFI_FILE_MODE_READ + 4D89E0 ; COPY_R12_to_R8 # arg3 = in + 4C89F1 ; COPY_R14_to_RCX # arg1 = rootdir + 4883EC 20 ; SUBI8_RSP !32 # allocate shadow stack space for UEFI function + FF51 08 ; CALL_RCX_Immediate8 !8 # rootdir->open() + 488B7C24 28 ; LOAD64_into_RDI_from_Address_RSP_Immediate8 !40 # get fin + + # Open file for writing + 52 ; PUSH_RDX # allocate stack for fout + 4889E2 ; COPY_RSP_to_RDX # arg2 = &fout + 6A 00 ; PUSH !0 # arg5 = 0 + 6A 07 ; PUSH !7 # to get 0x8000000000000003 we set the rightmost 3 bits + 4159 ; POP_R9 # and then do right rotation by 1 + 49D1C9 ; ROR_R9 # arg4 = EFI_FILE_MODE_CREATE| EFI_FILE_MODE_WRITE | EFI_FILE_MODE_READ + 4D89E8 ; COPY_R13_to_R8 # arg3 = out + 4C89F1 ; COPY_R14_to_RCX # arg1 = rootdir + 4883EC 20 ; SUBI8_RSP !32 # allocate shadow stack space for UEFI function + FF51 08 ; CALL_RCX_Immediate8 !8 # rootdir->open() + 488B5C24 28 ; LOAD64_into_RBX_from_Address_RSP_Immediate8 !40 # get fout + +# [_start+0x107] + 49C7C7 FFFFFFFF ; LOADI32_R15 %-1 # Our flag for byte processing + 49C7C6 00000000 ; LOADI32_R14 %0 # temp storage for the sum + 49C7C5 00000000 ; LOADI32_R13 %0 # Our starting IP + E8 2B000000 ; CALLI32 %First_pass # Process it + + # rewind input file + 4889F9 ; COPY_RDI_to_RCX # Using our input file + 31D2 ; XOR_EDX_EDX # Offset Zero + 50 ; PUSH_RAX # allocate shadow stack space for UEFI function + 50 ; PUSH_RAX # allocate shadow stack space for UEFI function + FF51 38 ; CALL_RCX_Immediate8 !56 # fin->set_position(fin, 0) + 58 ; POP_RAX # deallocate stack + 58 ; POP_RAX # deallocate stack + + 49C7C7 FFFFFFFF ; LOADI32_R15 %-1 # Our flag for byte processing + 49C7C6 00000000 ; LOADI32_R14 %0 # temp storage for the sum + 49C7C5 00000000 ; LOADI32_R13 %0 # Our starting IP + E8 EF000000 ; CALLI32 %Second_pass # Process it + + E9 35020000 ; JMP32 %Done + +# :First_pass [_start+0x14C] + E8 BB010000 ; CALLI32 %Read_byte + + # Deal with EOF + 483D FCFFFFFF ; CMPI32_RAX %-4 + 0F84 67000000 ; JE32 %First_pass_done + + # Check for : + 483D 3A000000 ; CMPI32_RAX %0x3a + 0F85 05000000 ; JNE32 %First_pass_0 + + # Deal with label + E8 EB010000 ; CALLI32 %StoreLabel + +# :First_pass_0 [_start+0x16E] + # Check for % + 483D 25000000 ; CMPI32_RAX %0x25 + 0F84 39000000 ; JE32 %First_pass_pointer + + # Deal with everything else + E8 46000000 ; CALLI32 %hex # Process our char + + # Deal with EOF + 483D FCFFFFFF ; CMPI32_RAX %-4 + 0F84 39000000 ; JE32 %First_pass_done + + # deal with -1 values + 483D 00000000 ; CMPI32_RAX %0 + 0F8C B5FFFFFF ; JL32 %First_pass + + # deal with toggle + 4981FF 00000000 ; CMPI32_R15 %0 + 0F84 07000000 ; JE32 %First_pass_1 + 4981C5 01000000 ; ADDI32_to_R13 %1 # Increment IP + +# :First_pass_1 [_start+0xAB] + 49F7D7 ; NOT_R15 + E9 99FFFFFF ; JMP32 %First_pass + +# :First_pass_pointer [_start+0x1B3] + # Deal with Pointer to label + E8 54010000 ; CALLI32 %Read_byte # Drop the char + 4981C5 04000000 ; ADDI32_to_R13 %4 # Increment IP + E9 88FFFFFF ; JMP32 %First_pass # Loop again + +# :First_pass_done [_start+0x1C4] + C3 ; RET + +# :hex [_start+0x1C5] + # deal with EOF + 483D FCFFFFFF ; CMPI32_RAX %-4 + 0F84 DC000000 ; JE32 %EOF + # deal with line comments starting with # + 483D 23000000 ; CMPI32_RAX %0x23 + 0F84 E8000000 ; JE32 %ascii_comment + # deal with line comments starting with ; + 483D 3B000000 ; CMPI32_RAX %0x3b + 0F84 DC000000 ; JE32 %ascii_comment + # deal all ascii less than 0 + 483D 30000000 ; CMPI32_RAX %0x30 + 0F8C C8000000 ; JL32 %ascii_other + # deal with 0-9 + 483D 3A000000 ; CMPI32_RAX %0x3a + 0F8C AD000000 ; JL32 %ascii_num + # deal with all ascii less than A + 483D 41000000 ; CMPI32_RAX %0x41 + 0F8C B0000000 ; JL32 %ascii_other + # deal with A-F + 483D 47000000 ; CMPI32_RAX %0x47 + 0F8C 9F000000 ; JL32 %ascii_high + # deal with all ascii less than a + 483D 61000000 ; CMPI32_RAX %0x61 + 0F8C 98000000 ; JL32 %ascii_other + # deal with a-f + 483D 67000000 ; CMPI32_RAX %0x67 + 0F8C 82000000 ; JL32 %ascii_low + # The rest that remains needs to be ignored + E9 87000000 ; JMP32 %ascii_other + +# :Second_pass [_start+0x236] + E8 D1000000 ; CALLI32 %Read_byte + + # Deal with EOF + 483D FCFFFFFF ; CMPI32_RAX %-4 + 0F84 65000000 ; JE32 %Second_pass_done + + # Simply drop the label + 483D 3A000000 ; CMPI32_RAX %0x3a + 0F85 0A000000 ; JNE32 %Second_pass_0 + + E8 B4000000 ; CALLI32 %Read_byte + E9 D9FFFFFF ; JMP32 %Second_pass + +# :Second_pass_0 [_start+0x25D] + # Deal with % pointer + 483D 25000000 ; CMPI32_RAX %0x25 + 0F85 0A000000 ; JNE32 %Second_pass_1 + + E8 F4000000 ; CALLI32 %StorePointer + E9 C3FFFFFF ; JMP32 %Second_pass + +# :Second_pass_1 [_start+0x273] + # Deal with everything else + E8 4DFFFFFF ; CALLI32 %hex # Process our char + + # Deal with EOF + 483D FCFFFFFF ; CMPI32_RAX %-4 + 0F84 28000000 ; JE32 %Second_pass_done + + # deal with -1 values + 483D 00000000 ; CMPI32_RAX %0 + 0F8C A6FFFFFF ; JL32 %Second_pass + + # deal with toggle + 4981FF 00000000 ; CMPI32_R15 %0 + 0F84 4D000000 ; JE32 %print + + # process first byte of pair + 4989C6 ; COPY_RAX_to_R14 + 49C7C7 00000000 ; LOADI32_R15 %0 + E9 8AFFFFFF ; JMP32 %Second_pass + +# :Second_pass_done [_start+0x2AC] + C3 ; RET + +# :EOF [_start+0x2AD] + C3 ; RET +# :ascii_num [_start+0x2AE] + 4883E8 30 ; SUBI8_from_RAX !0x30 + C3 ; RET +# :ascii_low [_start+0x2B3] + 4883E8 57 ; SUBI8_from_RAX !0x57 + C3 ; RET +# :ascii_high [_start+0x2B8] + 4883E8 37 ; SUBI8_from_RAX !0x37 + C3 ; RET +# :ascii_other [_start+0x2BD] + 48C7C0 FFFFFFFF ; LOADI32_RAX %-1 + C3 ; RET +# :ascii_comment [_start+0x2C5] + E8 42000000 ; CALLI32 %Read_byte + 483D 0D000000 ; CMPI32_RAX %0xd + 0F84 0C000000 ; JE32 %ascii_comment_cr + 483D 0A000000 ; CMPI32_RAX %0xa + 0F85 E3FFFFFF ; JNE32 %ascii_comment +# :ascii_comment_cr [_start+0x2E2] + 48C7C0 FFFFFFFF ; LOADI32_RAX %-1 + C3 ; RET + +# process second byte of pair +# :print [_start+0x2EA] + # update the sum and store in output + 49C1E6 04 ; SHL8_R14 !4 + 4C01F0 ; ADD_R14_to_RAX + + # flip the toggle + 49F7D7 ; NOT_R15 # R15 = -1 + + 48C7C2 01000000 ; LOADI32_RDX %1 # set the size of chars we want + E8 2F000000 ; CALLI32 %print_chars + + 4981C5 01000000 ; ADDI32_to_R13 %1 # Increment IP + E9 2AFFFFFF ; JMP32 %Second_pass + + +# :Read_byte [_start+0x30C] + 4889F9 ; COPY_RDI_to_RCX # arg1 = fin + 6A 01 ; PUSH !1 # size = 1 + 4889E2 ; COPY_RSP_to_RDX # arg2 = &size + 56 ; PUSH_RSI # allocate stack + 4989E0 ; COPY_RSP_to_R8 # arg3 = &input + 50 ; PUSH_RAX # allocate shadow stack space for UEFI function + 50 ; PUSH_RAX # allocate shadow stack space for UEFI function + 50 ; PUSH_RAX # allocate shadow stack space for UEFI function + FF51 20 ; CALL_RCX_Immediate8 !32 # fin->read() + 58 ; POP_RAX # deallocate stack + 58 ; POP_RAX # deallocate stack + 58 ; POP_RAX # deallocate stack + 58 ; POP_RAX # save input to rax + 5E ; POP_RSI # save size to rsi + + # If the file ended (0 bytes read) return EOF + 85F6 ; TEST_ESI_ESI # if size = 0 + 75 07 ; JNE8 !Read_byte_1 + 48C7C0 FCFFFFFF ; LOADI32_RAX %-4 # Put EOF in rax + +# :Read_byte_1 [_start+0x32E] + C3 ; RET # return + +# Writes bytes stored in rax +# :print_chars [_start+0x32F] + 4889D9 ; COPY_RBX_to_RCX # arg1 = fout + 52 ; PUSH_RDX # set size + 4889E2 ; COPY_RSP_to_RDX # arg2 = &size + 50 ; PUSH_RAX # allocate stack + 4989E0 ; COPY_RSP_to_R8 # arg3 = &output + 50 ; PUSH_RAX # allocate shadow stack space for UEFI function + 50 ; PUSH_RAX # allocate shadow stack space for UEFI function + 50 ; PUSH_RAX # allocate shadow stack space for UEFI function + FF51 28 ; CALL_RCX_Immediate8 !40 # fout->write() + 4883C4 28 ; ADDI8_RSP !40 # deallocate stack + + C3 ; RET # return + +# :Get_table_target [_start+0x345] + E8 C2FFFFFF ; CALLI32 %Read_byte # Get single char label + 48C1E0 03 ; SHL8_RAX !3 # Each label in table takes 8 bytes to store + 488B0D 6F000000 ; LOAD64_rel_RCX %table # Get table + 4801C8 ; ADD_RCX_to_RAX # Calculate offset + C3 ; RET + +# :StoreLabel [_start+0x359] + E8 E7FFFFFF ; CALLI32 %Get_table_target + 4C8928 ; STORE32_R13_to_Address_in_RAX # Write out pointer to table + C3 ; RET + +# :StorePointer [_start+0x362] + 4981C5 04000000 ; ADDI32_to_R13 %4 # Increment IP + E8 D7FFFFFF ; CALLI32 %Get_table_target # Get address of pointer + 678B00 ; LOAD32_Address_in_RAX_into_RAX # Get pointer + 4C29E8 ; SUB_R13_from_RAX # target - ip + 48C7C2 04000000 ; LOADI32_RDX %4 # set the size of chars we want + E8 AFFFFFFF ; CALLI32 %print_chars + C3 ; RET + +# :Done [_start+0x381] + # Free pool + 488B0D 3C000000 ; LOAD64_rel_RCX %table # arg1 = table + 50 ; PUSH_RAX # allocate shadow stack space for UEFI function + 4C8B35 3C000000 ; LOAD64_rel_R14 %SystemBoot # get system->boot + 41FF56 48 ; CALL_R14_Immediate8 !72 # system->boot->free_pool(table) + + 4889F9 ; COPY_RDI_to_RCX # arg1 = fin + FF51 10 ; CALL_RCX_Immediate8 !16 # fin->close() + 4889D9 ; COPY_RBX_to_RCX # arg1 = fout + FF51 10 ; CALL_RCX_Immediate8 !16 # fout->close() + + 4889EC ; COPY_RBP_to_RSP # restore stack + C3 ; RET # return to UEFI + + +# Protocol GUIDs +# :LOADED_IMAGE_PROTOCOL [_start+0x3A4] + A1 31 1B 5B ; %0x5b1b31a1 + 62 95 ; @0x9562 + D2 11 ; @0x11d2 +# :LOADED_IMAGE_PROTOCOL_8 [_start+0x3AC] + 8E 3F 00 A0 C9 69 72 3B ; !0x8e !0x3f !0 !0xa0 !0xc9 !0x69 !0x72 !0x3b + +# :SIMPLE_FS_PROTOCOL [_start+0x3B4] + 22 5B 4E 96 ; %0x0964e5b22 + 59 64 ; @0x6459 + D2 11 ; @0x11d2 +# :SIMPLE_FS_PROTOCOL_8 [_start+0x3BC] + 8E 39 00 A0 C9 69 72 3B ; !0x8e !0x39 !0 !0xa0 !0xc9 !0x69 !0x72 !0x3b + +# :table [_start+0x3C4] + 00000000 00000000 + +# :SystemBoot [_start+0x3CC] + 00000000 00000000 + +# :PE32_end [_start+0x3D4] diff --git a/amd64/kaem-minimal.hex0 b/amd64/kaem-minimal.hex0 index d9f4fe1..ddc1185 100644 --- a/amd64/kaem-minimal.hex0 +++ b/amd64/kaem-minimal.hex0 @@ -152,9 +152,9 @@ F6 03 00 00 ; SizeOfRawData # Open Loaded Image protocol 50 ; PUSH_RAX # allocate stack for image 4989E0 ; COPY_RSP_to_R8 # arg3 = &image - 488B15 3F030000 ; LOADI64_rel_RDX %LOADED_IMAGE_PROTOCOL_8 # EFI_LOADED_IMAGE_PROTOCOL_GUID (last 64 bits) + 488B15 3F030000 ; LOAD64_rel_RDX %LOADED_IMAGE_PROTOCOL_8 # EFI_LOADED_IMAGE_PROTOCOL_GUID (last 64 bits) 52 ; PUSH_RDX # push last 64 bits onto stack - 488B15 2F030000 ; LOADI64_rel_RDX %LOADED_IMAGE_PROTOCOL # EFI_LOADED_IMAGE_PROTOCOL_GUID (first 64 bits) + 488B15 2F030000 ; LOAD64_rel_RDX %LOADED_IMAGE_PROTOCOL # EFI_LOADED_IMAGE_PROTOCOL_GUID (first 64 bits) 52 ; PUSH_RDX # push first 64 bits onto 4889E2 ; COPY_RSP_to_RDX # arg2 = &guid 6A 01 ; PUSH !1 # arg6 = EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL @@ -191,9 +191,9 @@ F6 03 00 00 ; SizeOfRawData # Get root file system 50 ; PUSH_RAX # allocate stack for rootfs 4989E0 ; COPY_RSP_to_R8 # arg3 = &rootfs - 488B15 EE020000 ; LOADI64_rel_RDX %SIMPLE_FS_PROTOCOL_8 # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (last 64 bits) + 488B15 EE020000 ; LOAD64_rel_RDX %SIMPLE_FS_PROTOCOL_8 # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (last 64 bits) 52 ; PUSH_RDX # push last 64 bits onto stack - 488B15 DE020000 ; LOADI64_rel_RDX %SIMPLE_FS_PROTOCOL # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (first 64 bits) + 488B15 DE020000 ; LOAD64_rel_RDX %SIMPLE_FS_PROTOCOL # EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID (first 64 bits) 52 ; PUSH_RDX # push first 64 bits onto stack 4889E2 ; COPY_RSP_to_RDX # arg2 = &guid 6A 01 ; PUSH !1 # arg6 = EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL @@ -335,9 +335,9 @@ F6 03 00 00 ; SizeOfRawData 50 ; PUSH_RAX # allocate stack for file_size 4989E0 ; COPY_RSP_to_R8 # arg3 = &file_size 49C700 00100000 ; STOREI32_into_Address_R8 %0x1000 # file_size = 0x1000 - 488B15 B2010000 ; LOADI64_rel_RDX %SIMPLE_FS_PROTOCOL_8 # EFI_FILE_INFO_PROTOCOL (last 64 bits) + 488B15 B2010000 ; LOAD64_rel_RDX %SIMPLE_FS_PROTOCOL_8 # EFI_FILE_INFO_PROTOCOL (last 64 bits) 52 ; PUSH_RDX # push last 64 bits onto stack - 488B15 B2010000 ; LOADI64_rel_RDX %FILE_INFO_PROTOCOL # EFI_FILE_INFO_PROTOCOL (first 64 bits) + 488B15 B2010000 ; LOAD64_rel_RDX %FILE_INFO_PROTOCOL # EFI_FILE_INFO_PROTOCOL (first 64 bits) 52 ; PUSH_RDX # push first 64 bits onto stack 4889E2 ; COPY_RSP_to_RDX # arg2 = &guid 4889F9 ; COPY_RDI_to_RCX # arg1 = fcmd @@ -458,9 +458,9 @@ F6 03 00 00 ; SizeOfRawData # Open Child Image 50 ; PUSH_RAX # allocate stack for child_image 4989E0 ; COPY_RSP_to_R8 # arg3 = &child_image - 488B15 B1000000 ; LOADI64_rel_RDX %LOADED_IMAGE_PROTOCOL_8 # EFI_LOADED_IMAGE_PROTOCOL_GUID (last 64 bits) + 488B15 B1000000 ; LOAD64_rel_RDX %LOADED_IMAGE_PROTOCOL_8 # EFI_LOADED_IMAGE_PROTOCOL_GUID (last 64 bits) 52 ; PUSH_RDX # push last 64 bits onto stack - 488B15 A1000000 ; LOADI64_rel_RDX %LOADED_IMAGE_PROTOCOL # EFI_LOADED_IMAGE_PROTOCOL_GUID (first 64 bits) + 488B15 A1000000 ; LOAD64_rel_RDX %LOADED_IMAGE_PROTOCOL # EFI_LOADED_IMAGE_PROTOCOL_GUID (first 64 bits) 52 ; PUSH_RDX # push first 64 bits onto 4889E2 ; COPY_RSP_to_RDX # arg2 = &guid 6A 01 ; PUSH !1 # arg6 = EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL @@ -474,7 +474,7 @@ F6 03 00 00 ; SizeOfRawData 488958 38 ; STORE64_from_RBX_into_Address_RAX_Immediate8 !56 # child_image->load_options = command 488970 30 ; STORE64_from_RSI_into_Address_RAX_Immediate8 !48 # set child_image->load_options_size - 488B0D EA000000 ; LOADI64_rel_RCX %image # get image + 488B0D EA000000 ; LOAD64_rel_RCX %image # get image 488B49 18 ; LOAD64_into_RCX_from_Address_RCX_Immediate8 !24 # image->device 488948 18 ; STORE64_from_RCX_into_Address_RCX_Immediate8 !24 # child_image->device = image->device @@ -519,7 +519,7 @@ F6 03 00 00 ; SizeOfRawData C3 ; RET # :File_Print [_start+0x345] - 488B0D A2000000 ; LOADI64_rel_RCX %system_out # get system_out + 488B0D A2000000 ; LOAD64_rel_RCX %system_out # get system_out 50 ; PUSH_RAX # allocate shadow stack space for UEFI function 50 ; PUSH_RAX # allocate shadow stack space for UEFI function FF51 08 ; CALL_RCX_Immediate8 !8 # system->out->output_string(system->out, WCHAR*) diff --git a/amd64/mescc-tools-mini-kaem.kaem b/amd64/mescc-tools-mini-kaem.kaem index 85c0587..cf809ae 100644 --- a/amd64/mescc-tools-mini-kaem.kaem +++ b/amd64/mescc-tools-mini-kaem.kaem @@ -1,7 +1,12 @@ # SPDX-FileCopyrightText: 2022 Andrius Štikonas +# SPDX-FileCopyrightText: 2017 Jeremiah Orians +# SPDX-FileCopyrightText: 2017 2017 Jan Nieuwenhuizen # # SPDX-License-Identifier: GPL-3.0-or-later ################################# # Phase-1 Build hex1 from hex0 # ################################# +amd64\artifact\hex0.efi amd64\hex1.hex0 amd64\artifact\hex1.efi +# hex1 adds support for single character labels and is available in various forms +# in mescc-tools/amd64_bootstrap to allow you various ways to verify correctness