Let's move SMM out of firmware and into the kernel

Download button

level: expert

SMM is a nightmare. It's a binary blob, which enters 16-bit mode due to a possibly non-maskable interrupt. The 16-bit code is a giant attack surface. The code it calls is hidden from the kernel and does things we might not want done. While almost all SMM can be turned off, for some reason SMI will not go away, and
chipset and platform vendors still seem to want it available.

For the first seven years of LinuxBIOS we did not enable SMM, as it looked like nothing but trouble. Laptops required SMM, and in 2006 it appeared in the tree.

Even SMM which we own source to does not eliminate the problem with the core concept of SMM: it's a lightning bolt that strikes and deranges the processor for an unknown period of time, with unknowable consequences. It would be far better were SMM under better control, and one way to do that is have SMIs redirected to the kernel. In this talk, I'll discuss my experiences with directing SMI to the Linux kernel trampoline and running SMM code in the kernel.


Speakers: Ron Minnich