blob: 4e95427b8662ff88acc935511646e3aa58ae9d61 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
# x86 System Managment Mode
## Introduction
The code running in System Management Mode (SMM) provides runtime services
to applications running in [ring0]. It has a higher privilege level than
[ring0] and resides in the SMRAM region which cannot be accessed from [ring0].
SMM can be entered by issuing System Managment Interrupts (SMIs).
## Secure data exchange
In order to not leak SMM internals or accidentally overwrite parts of SMM,
[ring0] provided data (pointers, offsets, sizes, ...) must be checked before
using them in SMM.
There exist two methods to verify data:
```C
/* Returns true if the region overlaps with the SMM */
bool smm_region_overlaps_handler(struct region *r);
```
```C
/* Returns true if the memory pointed to overlaps with SMM reserved memory. */
static inline bool smm_points_to_smram(const void *ptr, const size_t len);
```
[ring0]: https://en.wikipedia.org/wiki/Protection_ring
|