Andrew,
On 10/02/13 00:45, Rich Futyma wrote:
Would happen to know which linux driver handles this interrupt?
SMM code is loaded into SMRAM during BIOS POST. Then the access to SMRAM is locked so that SMRAM is only visible when an SMI is active. The CPU cannot access SMRAM when no SMI is active. The CPU immediately starts to execute code from SMRAM once it receives the SMI.
There is no Linux code involved, this is all initialised before any OS code is loaded.
Also, do you know where is this "correct handshake" described? It seems
that once bit 1 is set it can only be cleared by the reset.
No. This handshake is not public knowledge AFAIK. It would not be much of a protection mechanism if everyone, including the virus writers, knew how to bypass it. I would expect the handshake to involve cryptography as well.
Andrew
CONFIDENTIALITY This e-mail message and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail message, you are hereby notified that any dissemination, distribution or copying of this e-mail message, and any attachments thereto, is strictly prohibited. If you have received this e-mail message in error, please immediately notify the sender and permanently delete the original and any copies of this email and any prints thereof. ABSENT AN EXPRESS STATEMENT TO THE CONTRARY HEREINABOVE, THIS E-MAIL IS NOT INTENDED AS A SUBSTITUTE FOR A WRITING. Notwithstanding the Uniform Electronic Transactions Act or the applicability of any other law of similar substance and effect, absent an express statement to the contrary hereinabove, this e-mail message its contents, and any attachments hereto are not intended to represent an offer or acceptance to enter into a contract and are not otherwise intended to bind the sender, Sanmina Corporation (or any of its subsidiaries), or any other person or entity.