[LinuxBIOS] SMM in LinuxBIOS

Arvind Seshadri arvinds+ at cs.cmu.edu
Fri Jan 12 03:23:55 CET 2007

Hi Carl-Daniel,
Having an IOMMU is not necessary since our goal is only to prevent DMA
write to a region of memory. We have come up with techniques that can
prevent DMA writes on legacy systems without an IOMMU. Also, Pioneer is
not LinuxBIOS-specific. It can be incorporated into any SMM code.


On Fri, 12 Jan 2007, Carl-Daniel Hailfinger wrote:

> Hi Arvind,
> Arvind Seshadri wrote:
> > Pioneer provides the stronger guarantee that the program whose integrity
> > is checked is the one that is invoked for execution. In other words, an
> > attacker cannot modify the program between the time its integrity is
> > checked and the time the program is invoked for execution. Also, where as
> But an attacker can modify the program directly after its execution has
> started. So Pioneer secures exactly one machine instruction more than
> SEBOS. I don't think that this is impressive. With current hardware it
> is impossible (except if you use an IOMMU) to guarantee that a program
> is not modified during execution.
> I hope I didn't discuorage you and am still very interested in the
> results of Pioneer.
> > AEGIS and TCG only measure programs loaded at system boot, Pioneer can
> > measure and launch programs at any point in time. The property provided by
> > Pioneer is, therefore, similar to the late-launch capability of Intel's LT
> > and AMD's SVM, which can be used to design systems with substantially
> > smaller trusted computing bases than AEGIS and TCG. Unlike LT and SVM
> > however, Pioneer is completely software-based and can be used on legacy
> > systems.
> Only on legacy systems with LinuxBIOS or on all legacy systems?
> Regards,
> Carl-Daniel

More information about the coreboot mailing list