30 Jun
2017
30 Jun
'17
9:51 a.m.
Hi Ron,
On 30.06.2017 06:25, ron minnich wrote:
there's something I am certain I don't understand about SMM on intel chipsets.
The question is pretty simple. Consider a system with a recent intel chipset and flash. Is there some special secret sauce that disables writing to flash unless in SMM and if so, what is it?
it's a bit in the SPI configuration that Intel encourages everybody to set (to give SMM a bigger attack surface and make the platform overall less secure, I suppose?).
Thanks to anyone who can point me to chapter and verse of a data sheet.
Search for BIOS_CNTL / SMM_BWP in your PCH datasheet or (BIOS_SPI_BC / EISS from Skylake/100 series on).
Nico