System Management Mode

The System Management Mode (SMM ) is an execution mode of processors of the x86 architecture. It was introduced with the Intel386 SL and is for hardware control, thought energy management and vendor-specific applications. The firmware running in SMM interrupts the operating system and running applications in a transparent manner.

Characteristics

The transition from the protected mode, the Virtual 8086 mode or the real mode in the SMM is always via an external, non- maskable system management interrupt (SMI). The processor context is saved and restored it after the end of the SMM with the RSM instruction.

Within the SMM can, such as a high privilege, all IO and system commands. It is a separate addressing mode is used, the SMRAM is called. Still can be accessed for the entire physical memory.

Interrupts are disabled in SMM, so only after they leave application can be processed. In particular, can not pass a nested execution of the SMM, since the occurrence of SMIs while running in the SMM is not possible.

Problems

Security

Since the execution in SMM for the operating system and the running applications ( such as virus scanner ) is not visible, the SMM a desirable mode of operation for malicious software dar.

Real time

By executing in SMM latencies can occur in the millisecond range on x86- real-time systems. Two aspects make a violation of the real- time bounds are possible:

Linux has a kernel module to detect time to run in SMM because of the operating system " stolen ".