Opened 9 years ago

Closed 7 years ago

#42 closed defect (fixed)

Disable SMM on K8 platforms

Reported by: stepan Owned by: stepan
Priority: major Milestone: Going mainstream
Component: coreboot Keywords: SMM, security
Cc: Dependencies:
Patch Status: patch needs review


This was a while ago, but it got forgotten.

Loïc Duflot, security engineer and researcher for the scientific division of the french Central Directorate for Information Systems Security ("french version of the NSA"), gives some insight on fun that can be had with the system management mode (SMM) of x86 CPUs.

See for more information.

While, as Loïc writes later in his article, the whole issue of exploiting SMM is pretty pointless in Linux as the super user can conquer ring 0 without further effort, the idea of fixing what we can fix on the bios level seems worthwhile.

If something seems as simple as setting the D_LCK bit of SMM, we should definitely do it.. It will at least be a marketable feature against other upcoming firmware implementations.

Carl-Daniel Hailfinger said:

I believe that setting D_LCK will mitigate a few attacks but I strongly
doubt that it cannot be cleared during system operation. Yes, the manual
specifies it, but manuals have been underspecified before. Since we don't
use SMM for anything, we might as well
* clear D_OPEN
* set D_CLOSE
* clear "Enable"
* set D_LCK.

So, by all means, do it now. Until somebody figures out a way to disable
D_LCK again we offer a much higher degree of security than everybody

Ok, D_LCK/D_OPEN/D_CLOSE is intel vocabulary. There is no such thing on AMD. They call it SMMLOCK in their BKDG:

6.11.6 Locking SMM

The SMM registers can be locked by setting the SMMLOCK (HWCR, bit 0). Once set, the SMM_BASE, the SMM_ADDR, all but the two close bits of SMM_MASK and the RSMSPCYCDIS, SMISPCYCDIS, and SMMLOCK bits of HWCR are locked and cannot be changed. The only way to unlock the SMM registers is to assert reset. This provides security to the SMM mechanism. The BIOS can lock the SMM environment after setting it up so that it can not be tampered with.

So I propose the following patch for LinuxBIOS to fix the SMM problem for all supported AMD K8 mainboards:

Set SMMLOCK on K8 to avoid exploits messing with SMM 

Signed-off-by: Stefan Reinauer <>

Index: src/cpu/amd/model_fxx/model_fxx_init.c
--- src/cpu/amd/model_fxx/model_fxx_init.c      (revision 2302)
+++ src/cpu/amd/model_fxx/model_fxx_init.c      (working copy)
@@ -454,6 +454,12 @@


+       /* Set SMMLOCK to avoid exploits messing with SMM */
+       msr = rdmsr(HWCR_MSR);
+       msr.lo |= (1 << 0);
+       wrmsr(HWCR_MSR, msr);

        /* Enable the local cpu apics */

Attachments (0)

Change History (9)

comment:1 in reply to: ↑ description Changed 9 years ago by segher

You'll need to lock SMM on the chipset too, if you don't already. It's amazing how much fun can be had there otherwise :-)

comment:2 Changed 9 years ago by Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006@…>

What settings for SMM_BASE, the SMM_ADDR, RSMSPCYCDIS, SMISPCYCDIS do we need? Not specifiying them probably leaves them at default values and I don't know whether the default settings leave some exploits unfixed.

comment:3 Changed 9 years ago by uwe

  • Keywords security added

This is great stuff! I'd definately make this a Kconfig option in LBv3 with a good help text...

comment:4 follow-up: Changed 9 years ago by stepan

  • Status changed from new to assigned

SMM is a CPU/Northbridge thing on AMD64 processors. No need to do anything with the chipset. Check out chapter 6 of the the BKDG at

What we _might_ want do though is add a small SMM handler at 38000 but that is a completely different issue.

SMM_BASE register holds the base of the system management memory region, and its default value is 30000h. The first SMI handler instruction is fetched at SMM_BASE + 8000h.

comment:5 in reply to: ↑ 4 Changed 9 years ago by segher

Replying to stepan:

SMM is a CPU/Northbridge thing on AMD64 processors. No need to do anything with the chipset.

Well you need to make sure that SMI (and SCI) are correctly handled, so they cannot hang the system. It's not obvious to me that this is automatically the case, but you know this stuff better I'm sure :-)

The other thing the chipset can do is disable certain regions of memory while not in SMM, but that's not too interesting if you don't do SMM at all :-)


comment:6 Changed 9 years ago by nemesis@…

Most BIOSes relocate SMBASE to 0xA0000 so as to map it into the VGA framebuffer area instead of on top of memory.

comment:7 Changed 9 years ago by uwe

  • Patch Status changed from there is no patch to patch needs review

comment:8 Changed 7 years ago by hailfinger

What's the status of this patch?

comment:9 Changed 7 years ago by stepan

  • Resolution set to fixed
  • Status changed from assigned to closed

Add Comment

Modify Ticket

as closed The owner will remain stepan.
The resolution will be deleted. Next status will be 'reopened'.

E-mail address and user name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.