[coreboot] Re : restrict SMI

echelon at free.fr echelon at free.fr
Mon Jul 30 19:49:04 CEST 2018

 Thank you Ron,
 Just curious, about who could be the originator of this "future OS requirement", but I guess that anyone can guess his identity.. ;-)
 Anyway is good to see that common sense prevails (SMM dies) .. finally .. but I fear that the "clients" that until now were dependent of this kind of service will "migrate" to another "service provider".. (give me a "M", give me a "E", .. oh nevermind.. sorry just jocking .. lets not start another flame war.. ;-))

----- Mail d'origine -----
De: ron minnich <rminnich at gmail.com>
À: coreboot <coreboot at coreboot.org>
Envoyé: Sun, 29 Jul 2018 23:54:19 +0200 (CEST)
Objet: [coreboot] restrict SMI

Florentin wrote this:
I just peeked inside the pdf and tumbled upon the following statement
"The latest reasoning for replacement of SMI is driven by a future OS
requirement that
restricts the use of SMI as a means to communicate with the system
Can someone enlighten me what this "future OS requirement" means?..
Thanks in advance,

OK, the future OS requirement is not complicated in my view. Nobody trusts
SMM, or should ever have trusted SMM from the beginning, and many companies
have reached the decision that SMM is a monstrous security hole and must
die. SMI being the way one gets into SMM, both SMI and SMM are, we hope,
soon to be a thing of the past. Not soon enough for me ...


More information about the coreboot mailing list