Switching to SMM with FreeBSD 6.2 onwards
Andriy Gapon
avg at icyb.net.ua
Fri Mar 27 07:41:39 PDT 2009
on 27/03/2009 15:47 Won De Erick said the following:
> --- On Fri, 3/27/09, Andriy Gapon <avg at icyb.net.ua> wrote:
>> on 27/03/2009 12:35 Ivan Voras said the following:
>>> One thing that comes to my mind is this:
>>> http://invisiblethingslab.com/resources/misc09/smm_cache_fun.pdf
>
> I will add that to the ff:
>
> http://www.ssi.gouv.fr/fr/sciences/fichiers/lti/cansecwest2006-duflot-paper.pdf
>
>
> I've made the Exploit code found at the appendix runnable on FreeBSD 7.1
> replacing some of the unsupported functions, but I'm still finding ways how to
> verify whether I've written successfully a data to the intended address or not.
> I've replaced '/dev/xf86 with '/dev/mem'. Then opened 'dev/io' instead of using
> 'i386_get_ioperm()'. Am I on the right track?
I believe yes. I made identical changes to Joanna/Rafal's code that gets a glimpse
of what SMI handler does via CPU cache. Interesting read :)
--
Andriy Gapon
More information about the freebsd-hackers
mailing list