6c3ece9c9e
These issues were found and fixed by codespell, a useful tool for finding spelling errors. Signed-off-by: Martin Roth <martin@coreboot.org> Change-Id: If2a8e97911420c19e9365d5c28810b998f2c2ac8 Reviewed-on: https://review.coreboot.org/c/coreboot/+/58078 Reviewed-by: Felix Held <felix-coreboot@felixheld.de> Reviewed-by: Angel Pons <th3fanbus@gmail.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
29 lines
917 B
Markdown
29 lines
917 B
Markdown
# x86 System Management Mode
|
|
|
|
## Introduction
|
|
|
|
The code running in System Management Mode (SMM) provides runtime services
|
|
to applications running in [ring0]. It has a higher privilege level than
|
|
[ring0] and resides in the SMRAM region which cannot be accessed from [ring0].
|
|
|
|
SMM can be entered by issuing System Management Interrupts (SMIs).
|
|
|
|
## Secure data exchange
|
|
|
|
In order to not leak SMM internals or accidentally overwrite parts of SMM,
|
|
[ring0] provided data (pointers, offsets, sizes, ...) must be checked before
|
|
using them in SMM.
|
|
|
|
There exist two methods to verify data:
|
|
|
|
```C
|
|
/* Returns true if the region overlaps with the SMM */
|
|
bool smm_region_overlaps_handler(struct region *r);
|
|
```
|
|
|
|
```C
|
|
/* Returns true if the memory pointed to overlaps with SMM reserved memory. */
|
|
static inline bool smm_points_to_smram(const void *ptr, const size_t len);
|
|
```
|
|
|
|
[ring0]: https://en.wikipedia.org/wiki/Protection_ring
|