static EFI_SYSTEM_TABLE ST; /*0x10009cb8 */static EFI_RUNTIME_SERIVCES R

1.  
2. static EFI_SYSTEM_TABLE ST;     /*0x10009cb8 */
3. static EFI_RUNTIME_SERIVCES RTS; /*0x10009cc8 */
4. static EFI_BOOT_SERVICES BS;    /*0x10009cc0 */
5.  
6.  
7. static uint64_t global1 = 0xb60; /*0x10000ba0 */
8. static uint64_t global2 = 0xa82e620d; /*0x10000d10 */
9. static uint64_t global3 = 0;    /*0x10009ce8 */
10.  
11. typedef struct
12. {
13.   uint64_t num;
14.   uint64_t b;
15.   uint64_t v[0];                /*num of these */
16. } THING;
17.  
18. EFI_GUID guid_d2b2b828 = { 0xd2b2b828, 0x0826, 0x48a7, 0xb3, 0xdf, 0x98, 0x3c, 0x00, 0x60, 0x24, 0xf0 }; /* 0x10009b68 */
19.  
20. struct _proto_d2b2b828
21. {
22.   EFI_STATUS (*fn0) (uint32_t, uint32_t, uint32_t, uint32_t);
23. } PROTO_d2b2b828;
24.  
25. static PROTO_d2b2b828 *iface_d2b2b828; /*0x10009cd0 */
26.  
27. static EFI_GUID guid_ea816d2c = { 0xea816d2c, 0xcee5, 0x4f02, 0x99, 0xb5, 0xd3, 0x90, 0x5c, 0xbb, 0xd0, 0x77 }; /*0x10009b58 */
28.  
29. typedef struct _proto_ea816d2c
30. {
31.   void (*fn0) (struct _proto_ea816d2c *, THING *, void *);
32. } PROTO_ea816d2c;
33.  
34. static PROTO_ea816d2c *iface_ea816d2c; /*0x10009cf0 */
35.  
36. static EFI_GUID guid_cec2f4f9 = { 0xcec2f4f9, 0xc82d, 0x49ea, 0x81, 0xca, 0xe6, 0xbc, 0x87, 0x57, 0xde, 0x4c }; /*0x10009c20 */
37.  
38. typedef struct _proto_cec2f4f9
39. {
40.   uint8_t (*fn0) (uint64_t, uint64_t);
41. } PROTO_cec2f4f9;
42.  
43. static PROTO_cec2f4f9 iface_cec2f4f9; /*0x10009ce0 */
44.  
45.  
46.  
47. static EFI_STATUS
48. save_pointers (EFI_SYSTEM_TABLE * table) /*0x1000067b */
49. {
50.   ST = table;
51.   RTS = table->RunTimeServices;
52.   BS = table->BootServices;
53.  
54.   retrun EFI_SUCCESS;
55. }
56.  
57.  
58. static EFI_STATUS
59. call_d2b2b828 (uint32_t arg0, uint32_T arg1, uint32_t arg2, uint32_t arg3) /*0x1000069a */
60. {
61.  
62.   if (!iface_d2b2b828)
63.     {
64.       if ((BS->LocateProtocol (&guid_d2b2b828, 0, &iface_d2b2b828) !=
65.            EFI_SUCCESS) || !iface_d2b2b828)
66.         return EFI_UNSUPPORTED;
67.     }
68.  
69.   return iface_d2b2b828->fn0 (arg0, arg1, arg2, arg3);
70. }
71.  
72.  
73. void *
74. allocate (uint64_t size)        /*0x1000079c */
75. {
76.   void *ret;
77.  
78.   BS->AllocatePool (EfiBootServicesData, size, &ret);
79.  
80.   return ret;
81. }
82.  
83.  
84.  
85. static void *
86. allocate_zeroed (uint64_t size) /*0x100007cc */
87. {
88.   void *ret = allocate (size);
89.  
90.   if (ret)
91.     BS->SetMem (ret, size, 0);
92.  
93.  
94.   return ret;
95. }
96.  
97.  
98.  
99.  
100. static void
101. allocate_and_populate (uint64_t n, void *b, ...) /*0x10000a18 */
102. {
103.   THING *ret;
104.   void **ptr;
105.  
106.   va_list ap;
107.  
108.   va_start (ap, v);
109.  
110.   ret = allocate_zeroed (n * sizeof (void *) + sizeof (THING));
111.  
112.   ret->n = n;
113.   ret->b = b;
114.  
115.   ptr = ret->v;
116.  
117.  
118. /* It's this loop your patch disables, leaving the rest of the structure unpopulated */
119.  
120.   while (n--)
121.     *(ptr++) = va_arg (ap, void *);
122.  
123.   va_end (ap);
124.  
125.   return ret;
126. }
127.  
128.  
129. static uint8_t
130. fn0 (uint64_t a0, uint64_t a1)  /*0x100005f4 */
131. {
132.  
133.  
134.  
135.  
136.  
137.   return ...;
138. }
139.  
140.  
141. EFI_STATUS entry_point (EFI_HANDLE image_handle, EFI_SYSTEM_TABLE * table) /*entry 0x1000066c */
142. {
143.   EFI_HANDLE handle;
144.   THING *thing;
145.  
146.   save_pointers (table);
147.  
148.   call_d2b2b828 (1, 0x80008020, 0, 0);
149.  
150.   (void) malloc_zeroed (0x64);
151.  
152.   BS->LocateProtocol (&guid_ea816d2c, 0, &iface_ea816d2c);
153.  
154.   thing = allocate_and_populate (1, &global1, &global2);
155.  
156.   iface_ea816d2c (iface_ea816d2c, thing, &global3);
157.  
158.  
159.   BS->FreePool (thing);
160.  
161.   iface_cec2f4f9.fn0 = fn0;
162.  
163.   BS->InstallProtocolInterface (&handle, &guid_cec2f4f9, EFI_NATIVE_INTERFACE,
164.                                 &iface_cec2f4f9);
165.  
166.   return EFI_SUCCESS;
167. }