PDF《TXT》

t execute SCLEAN module after an unexpected platform shutdown oc- curred, so no clean TXT exit was performed, the chipset will block access to DRAM until SCLEAN module is loaded an ex- ecuted. This will e?ectively make the platform bricked , as we have an occasion to witness ourselves a few times. . . 3Intel pointed out that SINIT will fail if loaded using EN- TERACCS. 4In fact the primary'

s job of SINIT module is to verify the ACPI tables, not to really use the information they provide. SINIT module is smart enough to extract most (all?) informa- tion that the ACPI tables communicate using various chipset registers, often undocumented. However, verifying ACPI ta- bles correctness is an important task because the MLE (e.g. a hypervisor) that loads later relies on those ACPI tables. SINIT code for Sandy Bridge processors (disassem- bly created using the objdump tool, comments added manually): 6675: mov (%edi),%esi 6677: cmpl $0x52414d44,(%esi) ;

(DWORD*)esi == '

DMAR'

? 667d: je 0x6697 ... 6697: mov (%edi),%edi 6699: mov %edi,%es:0xa57 ;

var_a57 = &

dmar 66a0: mov 0x4(%edi),%ecx ;

ecx = dmar.len 66a3: push %ecx 66a4: add %edi,%ecx 66a6: mov %ecx,%es:0xa5b ;

var_a5b = &

dmar + dmar.len ... 6701: mov %es:0xa47,%edi ;

edi = var_a47 (memory on the TXT heap) 6708: mov (%edi),%eax 670a: mov %es:0xa5b,%ebx ;

ebx = &

dmar + dmar.len 6711: sub %es:0xa57,%ebx ;

ebx = dmar.len ... 6738: mov %es:0xa57,%esi ;

var_a57 = &

dmar 673f: mov %ebx,%ecx 6741: rep movsb %ds:(%esi),%es:(%edi) ;

memcpy (var_a47, dmar, dmar.len) We see that the above code fragment ?rst reads the DMAR ACPI table length, as indicated by the length ?eld in the untrusted ACPI DMAR hea........