Source code debugging of OVMF

[Johannes Swoboda <johannes.swoboda@student.tuwien.ac.at>]

Hello everyone,

I'm doing a research project on efi security. I would like to do source 
code debugging of OVMF. I want to step through the OVMF source code, set 
break points, et cetera, preferably with gdb. I want to debug the 
overall boot process. Is that possible?

I understand I can start qemu with the options -s -S. This gives me a 
virtual machine that awaits connection of a gdb debugger and further 
instructions.

After connecting with gdb, I can instruct the machine to continue 
execution. Unsurprisingly, there is nothing else I can do, because gdb 
lacks the relevant symbols.
I tried to read in the OVMF.fd file, as i would do with a binary that I 
would debug, but gdb can't handle the file.
It seems to be possible to load an efi app with the file command, but 
not this one.

I found one other person trying to achieve the same five years ago. [3] 
suggests that something like this
> (gdb) add-symbol-file ../edk2/Build/OvmfX64/DEBUG_GCC5/X64/Shell.debug
> The address where ../edk2/Build/OvmfX64/DEBUG_GCC5/X64/Shell.debug has 
> been loaded is missing
might be possible. However, it appears to me this is may contain 
information regarding Shell.efi, an efi-app; but I don't want to debug 
an app. I want to debug the overall boot process.

I'm quoting some terminal output to clarify what I'm trying to achieve:
[johannes@johannes-laptop OVMF_efi_hello_world]$ gdb
[...]
(gdb) file OVMF.fd
"/home/johannes/18S/bakk/uefi_virtual/OVMF_efi_hello_world/OVMF.fd": not 
in executable format: File format not recognized
(gdb) target remote localhost:1234
Remote debugging using localhost:1234
warning: No executable has been specified and target does not support
determining executable automatically.  Try using the "file" command.
0x000000000000fff0 in ?? ()
(gdb) step
Cannot find bounds of current function
(gdb) list
No symbol table is loaded.  Use the "file" command.
(gdb) continue
Continuing.
[ovmf loads in qemu window]

I can redirect ovmf debug messages into a text file[1].
As far as I understand, there is a way to do source code level debugging 
*with* ovmf, to debug efi-apps that are e.g. run via the efi shell[2], 
with the help of SourceLevelDebugPkg[4], but this package cannot be used 
to source level debug the overall boot process, right?

Is it possible to do source level debugging of ovmf?
Is it possible to step through ovmf, one instruction or function call at 
a time?
How are you ovmf developer debugging it?

If you could point me to the right direction, that would be great.

Kind regards,
Johannes

[1]: I managed to do so via the qemu options -global 
isa-debugcon.iobase=0x402 -debugcon file:qemu.ovmf.log" as demonstrated 
here
https://www.linux-kvm.org/downloads/lersek/ovmf-whitepaper-c770f8c.txt
[2]:https://github.com/tianocore/tianocore.github.io/wiki/OVMF-FAQ#how-do-i-enable-source-level-debugging-with-ovmf
[3]: 
http://edk2-devel.narkive.com/LRWe2mSQ/using-gdb-on-ovmf-with-symbols
[4]: 
https://github.com/tianocore/tianocore.github.io/wiki/SourceLevelDebugPkg