Add SimpleText protocols to UEFI

Author: elicn

qiling/os/uefi/UefiSpec.py

@@ -10,6 +10,10 @@
 from .UefiBaseType import *
 from .UefiMultiPhase import *
 
+from .protocols.EfiSimpleTextInProtocol import EFI_SIMPLE_TEXT_INPUT_PROTOCOL
+from .protocols.EfiSimpleTextOutProtocol import EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL
+
+
 # definitions for EFI_TIME.Daylight
 EFI_TIME_ADJUST_DAYLIGHT = (1 << 1)
 EFI_TIME_IN_DAYLIGHT     = (1 << 2)
@@ -223,14 +227,6 @@ class EFI_CONFIGURATION_TABLE(STRUCT):
         ('VendorTable',    PTR(VOID)),
     ]
 
-# TODO: to be implemented
-# @see: MdePkg\Include\Protocol\SimpleTextIn.h
-EFI_SIMPLE_TEXT_INPUT_PROTOCOL = STRUCT
-
-# TODO: to be implemented
-# @see: MdePkg\Include\Protocol\SimpleTextOut.h
-EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL = STRUCT
-
 class EFI_SYSTEM_TABLE(STRUCT):
     _pack_ = 8
 
@@ -264,4 +260,4 @@ class EFI_SYSTEM_TABLE(STRUCT):
     'EFI_DEVICE_PATH_PROTOCOL',
     'EFI_OPEN_PROTOCOL_INFORMATION_ENTRY',
     'EFI_IMAGE_UNLOAD'
-]
+]

qiling/os/uefi/protocols/EfiSimpleTextInProtocol.py

@@ -0,0 +1,56 @@
+#!/usr/bin/env python3
+#
+# Cross Platform and Multi Architecture Advanced Binary Emulation Framework
+#
+
+from qiling.os.const import *
+from qiling.os.uefi.fncc import dxeapi
+from qiling.os.uefi.utils import *
+from qiling.os.uefi.ProcessorBind import *
+from qiling.os.uefi.UefiBaseType import EFI_STATUS, EFI_EVENT
+
+
+# @see: MdePkg/Include/Protocol/SimpleTextIn.h
+class EFI_INPUT_KEY(STRUCT):
+    _fields_ = [
+        ('ScanCode',    UINT16),
+        ('UnicodeChar', CHAR16)
+    ]
+
+class EFI_SIMPLE_TEXT_INPUT_PROTOCOL(STRUCT):
+    EFI_SIMPLE_TEXT_INPUT_PROTOCOL = STRUCT
+
+    _fields_ = [
+        ('Reset',         FUNCPTR(EFI_STATUS, PTR(EFI_SIMPLE_TEXT_INPUT_PROTOCOL), BOOLEAN)),
+        ('ReadKeyStroke', FUNCPTR(EFI_STATUS, PTR(EFI_SIMPLE_TEXT_INPUT_PROTOCOL), PTR(EFI_INPUT_KEY))),
+        ('WaitForKey',    EFI_EVENT)
+    ]
+
+
+@dxeapi(params={
+    "This":	POINTER,              # IN PTR(EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL)
+    "ExtendedVerification": BOOL  # IN BOOLEAN
+})
+def hook_Input_Reset(ql: Qiling, address: int, params):
+    pass
+
+@dxeapi(params={
+    "This":	POINTER,  # IN PTR(EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL)
+    "Key": POINTER    # OUT PTR(EFI_INPUT_KEY)
+})
+def hook_Read_Key_Stroke(ql: Qiling, address: int, params):
+    pass
+
+
+def initialize(ql: Qiling, gIP: int):
+    descriptor = {
+        'struct': EFI_SIMPLE_TEXT_INPUT_PROTOCOL,
+        'fields': (
+            ('Reset',         hook_Input_Reset),
+            ('ReadKeyStroke', hook_Read_Key_Stroke),
+            ('WaitForKey',    None)
+        )
+    }
+
+    instance = init_struct(ql, gIP, descriptor)
+    instance.save_to(ql.mem, gIP)

qiling/os/uefi/protocols/EfiSimpleTextOutProtocol.py

@@ -0,0 +1,128 @@
+#!/usr/bin/env python3
+#
+# Cross Platform and Multi Architecture Advanced Binary Emulation Framework
+#
+
+from qiling.os.const import *
+from qiling.os.uefi.fncc import dxeapi
+from qiling.os.uefi.utils import *
+from qiling.os.uefi.ProcessorBind import *
+from qiling.os.uefi.UefiBaseType import EFI_STATUS
+
+
+# @see: MdePkg/Include/Protocol/SimpleTextOut.h
+class SIMPLE_TEXT_OUTPUT_MODE(STRUCT):
+    _fields_ = [
+        ("MaxMode",       INT32),
+        ("Mode",          INT32),
+        ("Attribute",     INT32),
+        ("CursorColumn",  INT32),
+        ("CursorRow",     INT32),
+        ("CursorVisible", BOOLEAN),
+    ]
+
+
+class EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL(STRUCT):
+    EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL = STRUCT
+
+    _fields_ = [
+        ("Reset",             FUNCPTR(EFI_STATUS, PTR(EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL), BOOLEAN)),
+        ("OutputString",      FUNCPTR(EFI_STATUS, PTR(EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL), PTR(CHAR16))),
+        ("TestString",        FUNCPTR(EFI_STATUS, PTR(EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL), PTR(CHAR16))),
+        ("QueryMode",         FUNCPTR(EFI_STATUS, PTR(EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL), UINTN, PTR(UINTN), PTR(UINTN))),
+        ("SetMode",           FUNCPTR(EFI_STATUS, PTR(EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL), UINTN)),
+        ("SetAttribute",      FUNCPTR(EFI_STATUS, PTR(EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL), UINTN)),
+        ("ClearScreen",       FUNCPTR(EFI_STATUS, PTR(EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL))),
+        ("SetCursorPosition", FUNCPTR(EFI_STATUS, PTR(EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL), UINTN, UINTN)),
+        ("EnableCursor",      FUNCPTR(EFI_STATUS, PTR(EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL), BOOLEAN)),
+        ("Mode",              PTR(SIMPLE_TEXT_OUTPUT_MODE))
+    ]
+
+
+@dxeapi(params={
+    "This":	POINTER,              # IN PTR(EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL)
+    "ExtendedVerification": BOOL  # IN BOOLEAN
+})
+def hook_TextReset(ql: Qiling, address: int, params):
+    pass
+
+@dxeapi(params={
+    "This":	  POINTER,  # IN PTR(EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL)
+    "String": WSTRING   # IN PTR(CHAR16)
+})
+def hook_OutputString(ql: Qiling, address: int, params):
+    print(params['String'])
+
+    return EFI_SUCCESS
+
+@dxeapi(params={
+    "This":	  POINTER,  # IN PTR(EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL)
+    "String": WSTRING   # IN PTR(CHAR16)
+})
+def hook_TestString(ql: Qiling, address: int, params):
+    pass
+
+@dxeapi(params={
+    "This":	POINTER,          # IN PTR(EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL)
+    "ModeNumber": ULONGLONG,  # IN UINTN
+    "Columns": POINTER,       # OUT PTR(UINTN)
+    "Rows": POINTER           # OUT PTR(UINTN)
+})
+def hook_QueryMode(ql: Qiling, address: int, params):
+    pass
+
+@dxeapi(params={
+    "This":	POINTER,         # IN PTR(EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL)
+    "ModeNumber": ULONGLONG  # IN UINTN
+})
+def hook_SetMode(ql: Qiling, address: int, params):
+    pass
+
+@dxeapi(params={
+    "This":	POINTER,        # IN PTR(EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL)
+    "Attribute": ULONGLONG  # IN UINTN
+})
+def hook_SetAttribute(ql: Qiling, address: int, params):
+    pass
+
+@dxeapi(params={
+    "This":	POINTER   # IN PTR(EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL)
+})
+def hook_ClearScreen(ql: Qiling, address: int, params):
+    pass
+
+@dxeapi(params={
+    "This":	POINTER,      # IN PTR(EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL)
+    "Column": ULONGLONG,  # IN UINTN
+    "Row": ULONGLONG      # IN UINTN
+})
+def hook_SetCursorPosition(ql: Qiling, address: int, params):
+    pass
+
+@dxeapi(params={
+    "This":	POINTER,  # IN PTR(EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL)
+    "Visible": BOOL   # IN BOOLEAN
+})
+def hook_EnableCursor(ql: Qiling, address: int, params):
+    pass
+
+
+def initialize(ql: Qiling, base: int):
+    descriptor = {
+        'struct': EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL,
+        'fields': (
+            ('Reset',             hook_TextReset),
+            ('OutputString',      hook_OutputString),
+            ('TestString',        hook_TestString),
+            ('QueryMode',         hook_QueryMode),
+            ('SetMode',           hook_SetMode),
+            ('SetAttribute',      hook_SetAttribute),
+            ('ClearScreen',       hook_ClearScreen),
+            ('SetCursorPosition', hook_SetCursorPosition),
+            ('EnableCursor',      hook_EnableCursor),
+            ('Mode',              None)
+        )
+    }
+
+    instance = init_struct(ql, base, descriptor)
+    instance.save_to(ql.mem, base)

qiling/os/uefi/st.py

@@ -3,58 +3,79 @@
 # Cross Platform and Multi Architecture Advanced Binary Emulation Framework
 #
 
-from qiling import Qiling
+from typing import TYPE_CHECKING
+
 from qiling.os.uefi import bs, rt, ds
 from qiling.os.uefi.context import UefiContext
 from qiling.os.uefi.utils import install_configuration_table
-from qiling.os.uefi.UefiSpec import EFI_SYSTEM_TABLE, EFI_BOOT_SERVICES, EFI_RUNTIME_SERVICES
+from qiling.os.uefi.UefiSpec import EFI_SYSTEM_TABLE, EFI_SIMPLE_TEXT_INPUT_PROTOCOL, EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL, EFI_BOOT_SERVICES, EFI_RUNTIME_SERVICES
+
+import qiling.os.uefi.protocols.EfiSimpleTextInProtocol as txt_in
+import qiling.os.uefi.protocols.EfiSimpleTextOutProtocol as txt_out
+
+
+if TYPE_CHECKING:
+    from qiling import Qiling
 
 # static mem layout:
 #
-#        +-- EFI_SYSTEM_TABLE ---------+
-#        |                             |
-#        | ...                         |
-#        | RuntimeServices*     -> (1) |
-#        | BootServices*        -> (2) |
-#        | NumberOfTableEntries        |
-#        | ConfigurationTable*  -> (4) |
-#        +-----------------------------+
-#    (1) +-- EFI_RUNTIME_SERVICES -----+
-#        |                             |
-#        | ...                         |
-#        +-----------------------------+
-#    (2) +-- EFI_BOOT_SERVICES --------+
-#        |                             |
-#        | ...                         |
-#        +-----------------------------+
-#    (3) +-- EFI_DXE_SERVICES ---------+
-#        |                             |
-#        | ...                         |
-#        +-----------------------------+
-#    (4) +-- EFI_CONFIGURATION_TABLE --+        of HOB_LIST
-#        | VendorGuid                  |
-#        | VendorTable*         -> (5) |
-#        +-----------------------------+
-#        +-- EFI_CONFIGURATION_TABLE --+        of DXE_SERVICE_TABLE
-#        | VendorGuid                  |
-#        | VendorTable*         -> (3) |
-#        +-----------------------------+
+#        +-- EFI_SYSTEM_TABLE -----------------+
+#        |                                     |
+#        | ...                                 |
+#        | ConIn*                       -> (1) |
+#        | ConOut*                      -> (2) |
+#        | RuntimeServices*             -> (3) |
+#        | BootServices*                -> (4) |
+#        | NumberOfTableEntries                |
+#        | ConfigurationTable*          -> (6) |
+#        +-------------------------------------+
+#    (1) +-- EFI_SIMPLE_TEXT_INPUT_PROTOCOL ---+
+#        |                                     |
+#        | ...                                 |
+#        +-------------------------------------+
+#    (2) +-- EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL --+
+#        |                                     |
+#        | ...                                 |
+#        +-------------------------------------+
+#    (3) +-- EFI_RUNTIME_SERVICES -------------+
+#        |                                     |
+#        | ...                                 |
+#        +-------------------------------------+
+#    (4) +-- EFI_BOOT_SERVICES ----------------+
+#        |                                     |
+#        | ...                                 |
+#        +-------------------------------------+
+#    (5) +-- EFI_DXE_SERVICES -----------------+
+#        |                                     |
+#        | ...                                 |
+#        +-------------------------------------+
+#    (6) +-- EFI_CONFIGURATION_TABLE ----------+        of HOB_LIST
+#        | VendorGuid                          |
+#        | VendorTable*                 -> (7) |
+#        +-------------------------------------+
+#        +-- EFI_CONFIGURATION_TABLE ----------+        of DXE_SERVICE_TABLE
+#        | VendorGuid                          |
+#        | VendorTable*                 -> (5) |
+#        +-------------------------------------+
 #
 #        ... the remainder of the chunk may be used for additional EFI_CONFIGURATION_TABLE entries
-
+#
 # dynamically allocated (context.conf_table_data_ptr):
 #
-#    (5) +-- VOID* --------------------+
-#        | ...                         |
-#        +-----------------------------+
+#    (7) +-- VOID* ----------------------------+
+#        | ...                                 |
+#        +-------------------------------------+
+
 
 def initialize(ql: Qiling, context: UefiContext, gST: int):
     ql.loader.gST = gST
 
-    gBS = gST + EFI_SYSTEM_TABLE.sizeof()       # boot services
-    gRT = gBS + EFI_BOOT_SERVICES.sizeof()      # runtime services
-    gDS = gRT + EFI_RUNTIME_SERVICES.sizeof()   # dxe services
-    cfg = gDS + ds.EFI_DXE_SERVICES.sizeof()    # configuration tables array
+    sti = gST + EFI_SYSTEM_TABLE.sizeof()                 # input protocols
+    sto = sti + EFI_SIMPLE_TEXT_INPUT_PROTOCOL.sizeof()   # output protocols
+    gRT = sto + EFI_SIMPLE_TEXT_OUTPUT_PROTOCOL.sizeof()  # runtime services
+    gBS = gRT + EFI_RUNTIME_SERVICES.sizeof()             # boot services
+    gDS = gBS + EFI_BOOT_SERVICES.sizeof()                # dxe services
+    cfg = gDS + ds.EFI_DXE_SERVICES.sizeof()              # configuration tables array
 
     ql.log.info(f'Global tables:')
     ql.log.info(f' | gST   {gST:#010x}')
@@ -63,11 +84,16 @@ def initialize(ql: Qiling, context: UefiContext, gST: int):
     ql.log.info(f' | gDS   {gDS:#010x}')
     ql.log.info(f'')
 
+    txt_in.initialize(ql, sti)
+    txt_out.initialize(ql, sto)
+
     bs.initialize(ql, gBS)
     rt.initialize(ql, gRT)
     ds.initialize(ql, gDS)
 
     EFI_SYSTEM_TABLE(
+        ConIn = sti,
+        ConOut = sto,
         RuntimeServices = gRT,
         BootServices = gBS,
         NumberOfTableEntries = 0,
@@ -79,4 +105,4 @@ def initialize(ql: Qiling, context: UefiContext, gST: int):
 
 __all__ = [
     'initialize'
-]
+]