Skip to main content

UEFI Modules

To obfuscate UEFI modules using CodeDefender, it's important to consider a few key points during the build process. One of the edk2 build steps involves running GenFw.exe, a tool documented on the EDK2 Tools List.

The build process calls GenFw.exe, which zeros out the exception directory in the PE image. CodeDefender relies heavily on this exception directory to discover functions and other crucial elements for obfuscation.

Key Considerations

  1. GenFw.exe Behavior
    By default, the tool zeros out the exception directory. You can view the relevant code for this behavior here.

  2. Disabling the Exception Directory Zeroing
    To prevent this from interfering with CodeDefender, you need to enable the --keepexceptiontable flag for your release binaries. This can be done by modifying the tools_def.txt file.

    • You can find the template for tools_def.txt here.

By following the steps above and ensuring the exception directory is preserved, you can proceed with obfuscating your UEFI modules securely and effectively.