From owner-freebsd-hackers@FreeBSD.ORG Fri Mar 27 15:06:23 2009 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E71D61065674 for ; Fri, 27 Mar 2009 15:06:23 +0000 (UTC) (envelope-from won.derick@yahoo.com) Received: from n61.bullet.mail.sp1.yahoo.com (n61.bullet.mail.sp1.yahoo.com [98.136.44.37]) by mx1.freebsd.org (Postfix) with SMTP id A9C0F8FC13 for ; Fri, 27 Mar 2009 15:06:23 +0000 (UTC) (envelope-from won.derick@yahoo.com) Received: from [216.252.122.218] by n61.bullet.mail.sp1.yahoo.com with NNFMP; 27 Mar 2009 15:06:23 -0000 Received: from [69.147.84.116] by t3.bullet.sp1.yahoo.com with NNFMP; 27 Mar 2009 15:06:23 -0000 Received: from [127.0.0.1] by omp208.mail.sp1.yahoo.com with NNFMP; 27 Mar 2009 15:06:23 -0000 X-Yahoo-Newman-Property: ymail-3 X-Yahoo-Newman-Id: 437671.86943.bm@omp208.mail.sp1.yahoo.com Received: (qmail 79004 invoked by uid 60001); 27 Mar 2009 15:06:23 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1238166383; bh=3VsQOYqxv9a3vmSfzZbqu4nLCP7Po7hbbVMgx+1L7ec=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:Cc:MIME-Version:Content-Type; b=3kO/zl9bjDKdujmr4ewTzR1Yg3rj+NVbFyZnyS3SvXgJCp6FUxBSUTFtLhYxM4a7nloU0S/QoINW6Z7CqwqPLzcvDtW6T5ItDUZG2hsBoipw3wJVdN+Hu9i2Zd/r8hO/9gx7x8fy9XiZhsjW/Rxm1n0Kq+OK16f6YlJRjnH/Dak= DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:Cc:MIME-Version:Content-Type; b=JxQFL9gBh3zOBHHnZmtb3F1XOvQvlhtyFM5/W+IOnHSpyoXI52fPGQBWpeXIrx7F2sSHp5JsGDLtEtpsobWM7DXbbcNGqFCYmLChv9uibEReob6rfQQlr0KkIRDphvAjh7CButg29b+GKwMpXJXx2x4eRPd0UBllrjknd+4rCVo=; Message-ID: <313076.76815.qm@web45801.mail.sp1.yahoo.com> X-YMail-OSG: 9_syW4UVM1krDgO3XCjtNVnPyAMjXWHDKkHtqUMCQRv58wFazvGQy6EqodJHaVkWdDj0NB1XOF1R0q9JNofEjiq09k5RGdqs95LgNXxHTngbZ0W1wpNBGAtDS64.OUoB0TrV4ORztyRXhkNt8ExpqvCBpku9wHCPI0HmbRnpLuRJmVpFBgiAs_BjcnTf4PvzU3fW6kd1PLWFSoBAmvUXAsNudnkQsCIcUwEQ18wX7Xep.UIarF1py7iGou8QJki_Ri_Te4RkOQA0re376nhNYOc- Received: from [58.71.34.137] by web45801.mail.sp1.yahoo.com via HTTP; Fri, 27 Mar 2009 08:06:23 PDT X-Mailer: YahooMailClassic/5.1.20 YahooMailWebService/0.7.289.1 Date: Fri, 27 Mar 2009 08:06:23 -0700 (PDT) From: Won De Erick To: Andriy Gapon MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: freebsd-hackers@freebsd.org Subject: Re: Switching to SMM with FreeBSD 6.2 onwards X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Mar 2009 15:06:24 -0000 --- On Fri, 3/27/09, Andriy Gapon wrote: > on 27/03/2009 15:47 Won De Erick said > the following: > > --- On Fri, 3/27/09, Andriy Gapon > wrote: > >> on 27/03/2009 12:35 Ivan Voras said the > following: > >>> One thing that comes to my mind is this: > >>> http://invisiblethingslab.com/resources/misc09/smm_cache_fun.pdf > > > > I will add that to the ff: > > > > http://www.ssi.gouv.fr/fr/sciences/fichiers/lti/cansecwest2006-duflot-paper.pdf > > > > > > I've made the Exploit code found at the appendix > runnable on FreeBSD 7.1 > > replacing some of the unsupported functions, but I'm > still finding ways how to > > verify whether I've written successfully a data to the > intended address or not. > > I've replaced '/dev/xf86 with '/dev/mem'. Then opened > 'dev/io' instead of using > > 'i386_get_ioperm()'. Am I on the right track? > > I believe yes. I made identical changes to Joanna/Rafal's > code that gets a glimpse > of what SMI handler does via CPU cache. Interesting read > :) Have you tried modifying some chipset configurations? Can I know what part? I am using IBM x3650 with dual core Xeon processor. > > -- > Andriy Gapon > Hi all, is there any tool that I can use to view the memory map I/O?