Talk:System Management Mode

From Wikipedia, the free encyclopedia
Jump to: navigation, search
WikiProject Computing (Rated Stub-class)
WikiProject icon This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
Stub-Class article Stub  This article has been rated as Stub-Class on the project's quality scale.
 ???  This article has not yet received a rating on the project's importance scale.
Note icon
This article has been automatically rated by a bot or other tool as Stub-Class because it uses a stub template. Please ensure the assessment is correct before removing the |auto= parameter.

Is System Management Mode a rootkit?[edit]

Should the article be added to Category:Rootkits? I think that SMM technically is a rootkit because it executes at a higher privilege level than both hypervisors and operating systems are able to attain, and the user has no choice on whether or not this is installed in his or her computer.

Unfortunately, SMM is now used by motherboards to handle power and thermal management when such management should be handled by an OS or a hypervisor driver. Jesse Viviano (talk) 06:30, 30 November 2010 (UTC)

Technically this is a special mode of motherboard firmware (SMI defined by BIOS Firmware, user selects motherboard with BIOS firmware included and he can't uninstall BIOS from board without breaking it). SMM was created at time when 80486 was fastest CPU and no OS (e.g. DOS) or hypervisor (there were none) was able to do motherboard management. It can be used to hide rootkits, but any BOOT ROM can has rootkit stored inside it (both BIOS rootkits and PCI Boot Rom rootkits). BIOS itself and PCI boot roms are not a rootkits, it is just a place, where attacker can store a rootkit. So, no category of Rootkit is here will. `a5b (talk) 13:36, 4 August 2011 (UTC)

Intel protection from cache poisoning a SMI handlers[edit]

United States Patent 7698507 "Protecting system management mode (SMM) spaces against cache attacks" `a5b (talk) 13:36, 4 August 2011 (UTC)