[coreboot] question on SMM

Igor Skochinsky skochinsky at mail.ru
Fri Jun 30 10:01:44 CEST 2017

Hello ron,

Friday, June 30, 2017, 6:25:06 AM, you wrote:

rm> there's something I am certain I don't understand about SMM on intel chipsets.
rm> The question is pretty simple. Consider a system with a recent
rm> intel chipset and flash. Is there some special secret sauce that
rm> disables writing to flash unless in SMM and if so, what is it?

Originally there were two bits in BIOS_CNTL used to effectively enable this[1]:

> When BIOS_CNTL.BLE is set to 1, attempts to write enable the BIOS by
> setting BIOS_CNTL.BIOSWE to 1 will immediately generate a System
> Management Interrupt (SMI). It is the job of this SMI to determine
> whether or not it is permissible to write enable to the BIOS, and if
> not, immediately set BIOS_CNTL.BIOSWE back to 0; the end result being
> that the BIOS is not writable.

As described in the link, this logic is vulnerable to race conditions,
so Intel added yet another bit:

> This issue is mitigated by setting the SMM_BWP bit in the BIOS
> Control Register along with setting BIOS Lock Enable (BLE) and
> clearing BIOS Write Enable (BIOSWE). The SMM_BWP bit requires the
> processor to be in SMM in order to honor writes to the BIOS region
> of SPI flash, thereby mitigating the issue.

So in theory all recent BIOSes should set SMM_BWP. Whether they
actually do it can be checked with Chipsec[4].

For more background see [2] and [3]

[1] https://www.kb.cert.org/vuls/id/766164

[2] http://opensecuritytraining.info/IntroBIOS_files/Day2_03_Advanced%20x86%20-%20BIOS%20and%20SMM%20Internals%20-%20SPI%20Flash%20Protection%20Mechanisms.pdf

[3] http://composter.com.ua/documents/Exploiting_Flash_Protection_Race_Condition.pdf

[4] https://github.com/chipsec/chipsec/blob/master/chipsec/modules/common/bios_wp.py
 Igor                            mailto:roxfan at skynet.be

More information about the coreboot mailing list