DOCSLIB.ORG

Embedded Intel486™ Processor Hardware Reference Manual

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Embedded Intel486™ Processor Hardware Reference Manual Embedded Intel486™ Processor Hardware Reference Manual Release Date: July 1997 Order Number: 273025-001 The embedded Intel486™ processors may contain design defects known as errata which may cause the products to deviate from published specifications. Currently characterized errata are available on request. Information in this document is provided in connection with Intel products. No license, express or implied, by estoppel or oth- erwise, to any intellectual property rights is granted by this document. Except as provided in Intel’s Terms and Conditions of Sale for such products, Intel assumes no liability whatsoever, and Intel disclaims any express or implied warranty, relating to sale and/or use of Intel products including liability or warranties relating to fitness for a particular purpose, merchantability, or infringement of any patent, copyright or other intellectual property right. Intel products are not intended for use in medical, life saving, or life sustaining applications. Intel retains the right to make changes to specifications and product descriptions at any time, without notice. Contact your local Intel sales office or your distributor to obtain the latest specifications and before placing your product order. Copies of documents which have an ordering number and are referenced in this document, or other Intel literature, may be obtained from: Intel Corporation P.O. Box 7641 Mt. Prospect, IL 60056-7641 or call 1-800-879-4683 or visit Intel’s web site at http:\\www.intel.com Copyright © INTEL CORPORATION, July 1997 *Third-party brands and names are the property of their respective owners. CONTENTS CHAPTER 1 GUIDE TO THIS MANUAL 1.1 MANUAL CONTENTS ................................................................................................... 1-1 1.2 NOTATIONAL CONVENTIONS..................................................................................... 1-3 1.3 SPECIAL TERMINOLOGY ............................................................................................ 1-4 1.4 ELECTRONIC SUPPORT SYSTEMS ........................................................................... 1-5 1.4.1 FaxBack Service ........................................................................................................1-5 1.4.2 World Wide Web ........................................................................................................1-5 1.5 TECHNICAL SUPPORT ................................................................................................ 1-5 1.6 PRODUCT LITERATURE.............................................................................................. 1-6 1.6.1 Related Documents ...................................................................................................1-6 CHAPTER 2 INTRODUCTION 2.1 PROCESSOR FEATURES............................................................................................ 2-2 2.2 Intel486™ PROCESSOR PRODUCT FAMILY.............................................................. 2-4 2.2.1 Operating Modes and Compatibility...........................................................................2-5 2.2.2 Memory Management ................................................................................................2-5 2.2.3 On-chip Cache ...........................................................................................................2-6 2.2.4 Floating-Point Unit .....................................................................................................2-6 2.2.5 Upgrade Power Down Mode......................................................................................2-7 2.3 SYSTEM COMPONENTS ............................................................................................. 2-7 2.4 SYSTEM ARCHITECTURE ........................................................................................... 2-7 2.4.1 Single Processor System...........................................................................................2-8 2.4.2 Loosely Coupled Multi-Processor System .................................................................2-9 2.4.3 External Cache ........................................................................................................2-10 2.5 SYSTEMS APPLICATIONS......................................................................................... 2-11 2.5.1 Embedded Personal Computers..............................................................................2-12 2.5.2 Embedded Controllers .............................................................................................2-12 iii EMBEDDED Intel486™ PROCESSOR HARDWARE REFERENCE MANUAL CHAPTER 3 INTERNAL ARCHITECTURE 3.1 INSTRUCTION PIPELINING ......................................................................................... 3-6 3.2 BUS INTERFACE UNIT................................................................................................. 3-7 3.2.1 Data Transfers ...........................................................................................................3-8 3.2.2 Write Buffers ..............................................................................................................3-8 3.2.3 Locked Cycles............................................................................................................3-9 3.2.4 I/O Transfers ..............................................................................................................3-9 3.3 CACHE UNIT............................................................................................................... 3-10 3.3.1 Cache Structure .......................................................................................................3-10 3.3.2 Cache Updating .......................................................................................................3-12 3.3.3 Cache Replacement ................................................................................................3-12 3.3.4 Cache Configuration ................................................................................................3-12 3.4 INSTRUCTION PREFETCH UNIT............................................................................... 3-13 3.5 INSTRUCTION DECODE UNIT................................................................................... 3-14 3.6 CONTROL UNIT.......................................................................................................... 3-14 3.7 INTEGER (DATAPATH) UNIT..................................................................................... 3-14 3.8 FLOATING-POINT UNIT ............................................................................................. 3-15 3.8.1 IntelDX2™ and IntelDX4™ Processor On-Chip Floating-Point Unit ........................3-15 3.9 SEGMENTATION UNIT............................................................................................... 3-15 3.10 PAGING UNIT ............................................................................................................. 3-16 CHAPTER 4 BUS OPERATION 4.1 DATA TRANSFER MECHANISM.................................................................................. 4-1 4.1.1 Memory and I/O Spaces ............................................................................................4-1 4.1.1.1 Memory and I/O Space Organization....................................................................4-2 4.1.2 Dynamic Data Bus Sizing ..........................................................................................4-3 4.1.3 Interfacing with 8-, 16-, and 32-Bit Memories ............................................................4-5 4.1.4 Dynamic Bus Sizing During Cache Line Fills .............................................................4-9 4.1.5 Operand Alignment ..................................................................................................4-10 4.2 BUS ARBITRATION LOGIC ........................................................................................ 4-12 4.3 BUS FUNCTIONAL DESCRIPTION............................................................................ 4-15 4.3.1 Non-Cacheable Non-Burst Single Cycle..................................................................4-16 4.3.1.1 No Wait States ....................................................................................................4-16 4.3.1.2 Inserting Wait States ...........................................................................................4-17 4.3.2 Multiple and Burst Cycle Bus Transfers...................................................................4-17 4.3.2.1 Burst Cycles ........................................................................................................4-18 4.3.2.2 Terminating Multiple and Burst Cycle Transfers .................................................4-19 4.3.2.3 Non-Cacheable, Non-Burst, Multiple Cycle Transfers.........................................4-19 4.3.2.4 Non-Cacheable Burst Cycles ..............................................................................4-20 4.3.3 Cacheable Cycles ....................................................................................................4-21 4.3.3.1 Byte Enables during a Cache Line Fill ................................................................4-22 iv CONTENTS 4.3.3.2 Non-Burst Cacheable Cycles ..............................................................................4-23 4.3.3.3 Burst Cacheable Cycles......................................................................................4-24 4.3.3.4
Load more

Recommended publications
  • SBC-410 Half-Size 486 All-In-One CPU Card with Cache
    SBC-410 Half-size 486 All-in-One CPU Card with Cache FCC STATEMENT THIS DEVICE COMPLIES WITH PART 15 FCC RULES. OPERA- TION IS SUBJECT TO THE FOLLOWING TWO CONDITIONS: (1) THIS DEVICE MAY NOT CAUSE HARMFUL INTERFER- ENCE. (2) THIS DEVICE MUST ACCEPT ANY INTERFERENCE RECEIVED INCLUDING INTERFERENCE THAT MAY CAUSE UNDESIRED OPERATION. THIS EQUIPMENT HAS BEEN TESTED AND FOUND TO COMPLY WITH THE LIMITS FOR A CLASS "A" DIGITAL DEVICE, PURSUANT TO PART 15 OF THE FCC RULES. THESE LIMITS ARE DESIGNED TO PROVIDE REASON- ABLE PROTECTION AGAINTST HARMFUL INTERFER- ENCE WHEN THE EQUIPMENT IS OPERATED IN A COMMERCIAL ENVIRONMENT. THIS EQUIPMENT GENER- ATES, USES, AND CAN RADIATE RADIO FREQENCY ENERGY AND , IF NOT INSTATLLED AND USED IN ACCOR- DANCE WITH THE INSTRUCTION MANUAL, MAY CAUSE HARMFUL INTERFERENCE TO RADIO COMMUNICA- TIONS. OPERATION OF THIS EQUIPMENT IN A RESIDEN- TIAL AREA IS LIKELY TO CAUSE HARMFUL INTERFER- ENCE IN WHICH CASE THE USER WILL BE REQUIRED TO CORRECT THE INTERFERENCE AT HIS OWN EX- PENSE. Copyright Notice This document is copyrighted, 1997, by AAEON Technology Inc. All rights are reserved. AAEON Technology Inc. reserves the right to make improvements to the products described in this manual at any time without notice. No part of this manual may be reproduced, copied, translated or transmitted in any form or by any means without the prior written permission of AAEON Technology Inc. Information provided in this manual is intended to be accurate and reliable. However, AAEON Technology Inc. assumes no responsibility for its use, nor for any infringements upon the rights of third parties which may result from its use.
    [Show full text]
  • Intel's SL Enhanced Intel486(TM) Microprocessor Family
    Intel's SL Enhanced Intel486(TM) Microprocessor Family http://www.intel.com/design/intarch/applnots/7014.htm Intel's SL Enhanced Intel486(TM) Microprocessor Family Intel's SL Enhanced Intel486™ Microprocessor Family Technical Backgrounder June 1993 Intel's SL Enhanced Intel486™ Microprocessor Family With the announcement of the SL Enhanced Intel486™ microprocessor family, Intel Corporation brings energy efficiency to its entire line of Intel486™ microprocessors. SL Technology, originally developed for mobile PCs, now provides superior power-management features for desktop computer systems. Such energy-efficient systems will be designed to meet or exceed the Energy Star guidelines set by the Environmental Protection Agency. The EPA's Energy Star program is aimed at reducing power consumption of desktop computer systems, thereby reducing their impact on the environment. In addition, SL Enhanced Intel486™ microprocessors will enable a new class of notebook systems -- high-performance Intel486™ DX2 CPU-based notebooks with color displays that do not sacrifice battery life. The SL Enhanced Intel486™ microprocessor family is available in a complete range of price/performance, package and voltage options. This flexibility allows PC makers to develop products that meet the mobile and desktop needs of all their customers in the mobile and desktop markets, from low-cost, entry-level Intel486™ SX microprocessor-based systems to high-performance, high-end Intel486™ DX2 microprocessor-based systems. Since the SL Technology in SL Enhanced Intel486™ microprocessors is the same as in Intel SL CPUs, computer manufacturers with prior experience developing systems based on existing SL BIOS will be able to incorporate System Management Mode's (SMM) power-management features into new systems.
    [Show full text]
  • Intel® Processor Graphics: Architecture & Programming
    Intel® Processor Graphics: Architecture & Programming Jason Ross – Principal Engineer, GPU Architect Ken Lueh – Sr. Principal Engineer, Compiler Architect Subramaniam Maiyuran – Sr. Principal Engineer, GPU Architect Agenda 1. Introduction (Jason) 2. Compute Architecture Evolution (Jason) 3. Chip Level Architecture (Jason) Subslices, slices, products 4. Gen Compute Architecture (Maiyuran) Execution units 5. Instruction Set Architecture (Ken) 6. Memory Sharing Architecture (Jason) 7. Mapping Programming Models to Architecture (Jason) 8. Summary 2 Compute Applications * “The Intel® Iris™ Pro graphics and the Intel® Core™ i7 processor are … allowing me to do all of this while the graphics and video * never stopping” Dave Helmly, Solution Consulting Pro Video/Audio, Adobe Adobe Premiere Pro demonstration: http://www.youtube.com/watch?v=u0J57J6Hppg “We are very pleased that Intel is fully supporting OpenCL. DirectX11.2 We think there is a bright future for this technology.” Michael Compute Shader Bryant, Director of Marketing, Sony Creative Software Vegas* Software Family by Sony* * Optimized with OpenCL and Intel® Processor Graphics http://www.youtube.com/watch?v=_KHVOCwTdno * “Implementing [OpenCL] in our award-winning video editor, * PowerDirector, has created tremendous value for our customers by enabling big gains in video processing speed and, consequently, a significant reduction in total video editing time.” Louis Chen, Assistant Vice President, CyberLink Corp. * "Capture One Pro introduces …optimizations for Haswell, enabling remarkably
    [Show full text]
  • Iocheck: a Framework to Enhance the Security of I/O Devices at Runtime
    IOCheck: A Framework to Enhance the Security of I/O Devices at Runtime Fengwei Zhang Center for Secure Information Systems George Mason University Fairfax, VA 22030 [email protected] Abstract—Securing hardware is the foundation for implement- Management Mode (SMM), a CPU mode in the x86 archi- ing a secure system. However, securing hardware devices remains tecture, to quickly check the integrity of I/O configurations an open research problem. In this paper, we present IOCheck, and firmware. Unlike previous systems [11], [12], IOCheck a framework to enhance the security of I/O devices at runtime. enumerates all of the I/O devices on the motherboard, and It leverages System Management Mode (SMM) to quickly check checks the integrity of their corresponding configurations and the integrity of I/O configurations and firmware. IOCheck does not rely on the operating system and is OS-agnostic. In our firmware. IOCheck does not rely on the operating system, preliminary results, IOCheck takes 4 milliseconds to switch to which significantly reduces the Trust Computing Base (TCB). SMM which introduces low performance overhead. In addition, IOCheck is able to achieve better performance compared to TXT or SVM approaches. For example, the SMM Keywords—Integrity, Firmware, I/O Configurations, SMM switching time is much faster than the late launch method in Flicker [10], [13]. We will demonstrate that IOCheck is able to check the integrity of array of I/O devices including the BIOS, I. INTRODUCTION IOMMU, network card, video card, keyboard, and mouse. With the increasing complexity of hardware devices, Contributions. The purpose of this work is to make the firmware functionality is expanding, exposing new vulner- following contributions: abilities to attackers.
    [Show full text]
  • X86 Assembly Language Syllabus for Subject: Assembly (Machine) Language
    VŠB - Technical University of Ostrava Department of Computer Science, FEECS x86 Assembly Language Syllabus for Subject: Assembly (Machine) Language Ing. Petr Olivka, Ph.D. 2021 e-mail: [email protected] http://poli.cs.vsb.cz Contents 1 Processor Intel i486 and Higher – 32-bit Mode3 1.1 Registers of i486.........................3 1.2 Addressing............................6 1.3 Assembly Language, Machine Code...............6 1.4 Data Types............................6 2 Linking Assembly and C Language Programs7 2.1 Linking C and C Module....................7 2.2 Linking C and ASM Module................... 10 2.3 Variables in Assembly Language................ 11 3 Instruction Set 14 3.1 Moving Instruction........................ 14 3.2 Logical and Bitwise Instruction................. 16 3.3 Arithmetical Instruction..................... 18 3.4 Jump Instructions........................ 20 3.5 String Instructions........................ 21 3.6 Control and Auxiliary Instructions............... 23 3.7 Multiplication and Division Instructions............ 24 4 32-bit Interfacing to C Language 25 4.1 Return Values from Functions.................. 25 4.2 Rules of Registers Usage..................... 25 4.3 Calling Function with Arguments................ 26 4.3.1 Order of Passed Arguments............... 26 4.3.2 Calling the Function and Set Register EBP...... 27 4.3.3 Access to Arguments and Local Variables....... 28 4.3.4 Return from Function, the Stack Cleanup....... 28 4.3.5 Function Example.................... 29 4.4 Typical Examples of Arguments Passed to Functions..... 30 4.5 The Example of Using String Instructions........... 34 5 AMD and Intel x86 Processors – 64-bit Mode 36 5.1 Registers.............................. 36 5.2 Addressing in 64-bit Mode.................... 37 6 64-bit Interfacing to C Language 37 6.1 Return Values..........................
    [Show full text]
  • Multiprocessing Contents
    Multiprocessing Contents 1 Multiprocessing 1 1.1 Pre-history .............................................. 1 1.2 Key topics ............................................... 1 1.2.1 Processor symmetry ...................................... 1 1.2.2 Instruction and data streams ................................. 1 1.2.3 Processor coupling ...................................... 2 1.2.4 Multiprocessor Communication Architecture ......................... 2 1.3 Flynn’s taxonomy ........................................... 2 1.3.1 SISD multiprocessing ..................................... 2 1.3.2 SIMD multiprocessing .................................... 2 1.3.3 MISD multiprocessing .................................... 3 1.3.4 MIMD multiprocessing .................................... 3 1.4 See also ................................................ 3 1.5 References ............................................... 3 2 Computer multitasking 5 2.1 Multiprogramming .......................................... 5 2.2 Cooperative multitasking ....................................... 6 2.3 Preemptive multitasking ....................................... 6 2.4 Real time ............................................... 7 2.5 Multithreading ............................................ 7 2.6 Memory protection .......................................... 7 2.7 Memory swapping .......................................... 7 2.8 Programming ............................................. 7 2.9 See also ................................................ 8 2.10 References .............................................
    [Show full text]
  • IXP400 Software's Programmer's Guide
    Intel® IXP400 Software Programmer’s Guide June 2004 Document Number: 252539-002c Intel® IXP400 Software Contents INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL® PRODUCTS. EXCEPT AS PROVIDED IN INTEL'S TERMS AND CONDITIONS OF SALE FOR SUCH PRODUCTS, INTEL ASSUMES NO LIABILITY WHATSOEVER, AND INTEL DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY RELATING TO SALE AND/OR USE OF INTEL PRODUCTS, INCLUDING LIABILITY OR WARRANTIES RELATING TO FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR INFRINGEMENT OF ANY PATENT, COPYRIGHT, OR OTHER INTELLECTUAL PROPERTY RIGHT. Intel Corporation may have patents or pending patent applications, trademarks, copyrights, or other intellectual property rights that relate to the presented subject matter. The furnishing of documents and other materials and information does not provide any license, express or implied, by estoppel or otherwise, to any such patents, trademarks, copyrights, or other intellectual property rights. Intel products are not intended for use in medical, life saving, life sustaining, critical control or safety systems, or in nuclear facility applications. The Intel® IXP400 Software v1.2.2 may contain design defects or errors known as errata which may cause the product to deviate from published specifications. Current characterized errata are available on request. MPEG is an international standard for video compression/decompression promoted by ISO. Implementations of MPEG CODECs, or MPEG enabled platforms may require licenses from various entities, including Intel Corporation. This document and the software described in it are furnished under license and may only be used or copied in accordance with the terms of the license. The information in this document is furnished for informational use only, is subject to change without notice, and should not be construed as a commitment by Intel Corporation.
    [Show full text]
  • The Intel X86 Microarchitectures Map Version 2.0
    The Intel x86 Microarchitectures Map Version 2.0 P6 (1995, 0.50 to 0.35 μm) 8086 (1978, 3 µm) 80386 (1985, 1.5 to 1 µm) P5 (1993, 0.80 to 0.35 μm) NetBurst (2000 , 180 to 130 nm) Skylake (2015, 14 nm) Alternative Names: i686 Series: Alternative Names: iAPX 386, 386, i386 Alternative Names: Pentium, 80586, 586, i586 Alternative Names: Pentium 4, Pentium IV, P4 Alternative Names: SKL (Desktop and Mobile), SKX (Server) Series: Pentium Pro (used in desktops and servers) • 16-bit data bus: 8086 (iAPX Series: Series: Series: Series: • Variant: Klamath (1997, 0.35 μm) 86) • Desktop/Server: i386DX Desktop/Server: P5, P54C • Desktop: Willamette (180 nm) • Desktop: Desktop 6th Generation Core i5 (Skylake-S and Skylake-H) • Alternative Names: Pentium II, PII • 8-bit data bus: 8088 (iAPX • Desktop lower-performance: i386SX Desktop/Server higher-performance: P54CQS, P54CS • Desktop higher-performance: Northwood Pentium 4 (130 nm), Northwood B Pentium 4 HT (130 nm), • Desktop higher-performance: Desktop 6th Generation Core i7 (Skylake-S and Skylake-H), Desktop 7th Generation Core i7 X (Skylake-X), • Series: Klamath (used in desktops) 88) • Mobile: i386SL, 80376, i386EX, Mobile: P54C, P54LM Northwood C Pentium 4 HT (130 nm), Gallatin (Pentium 4 Extreme Edition 130 nm) Desktop 7th Generation Core i9 X (Skylake-X), Desktop 9th Generation Core i7 X (Skylake-X), Desktop 9th Generation Core i9 X (Skylake-X) • Variant: Deschutes (1998, 0.25 to 0.18 μm) i386CXSA, i386SXSA, i386CXSB Compatibility: Pentium OverDrive • Desktop lower-performance: Willamette-128
    [Show full text]
  • Technical Product Summary Classic/PCI I486 Baby-AT Motherboard
    INTEL OEM PRODUCTS AND SERVICES DIVISION PRELIMINARY - REV 0.1 ® Technical Product Summary Classic/PCI i486TM Baby-AT Motherboard Models: BP4S33AT BP4D33AT BP4D266AT Preliminary Version 0.1 April, 1993 Order Number PRELIMINARY Classic/PCI i486 Baby-AT Motherboard Technical Product Summary · Page 1 INTEL OEM PRODUCTS AND SERVICES DIVISION PRELIMINARY - REV 0.1 Intel Corporation makes no warranty for the use of its products and assumes no responsibility for any errors which may appear in this document nor does it make a commitment to update the information contained herein. Intel Corporation retains the right to make changes to these specifications at any time, without notice. Contact your local sales office to obtain the latest specifications before placing your order. The following are trademarks of Intel Corporation and may only be used to identify Intel products: 376Ô i750â MAPNETÔ AboveÔ i860Ô MatchedÔ ActionMediaâ i960â MCSâ BITBUSÔ Intel287Ô Media MailÔ Code BuilderÔ Intel386Ô NetPortÔ DeskWareÔ Intel387Ô NetSentryÔ Digital StudioÔ Intel486Ô OpenNETÔ DVIâ Intel487Ô OverDriveÔ EtherExpressÔ Intelâ ParagonÔ ETOXÔ intel inside.Ô PentiumÔ ExCAÔ Intellecâ ProSolverÔ Exchange and GoÔ iPSCâ READY-LANÔ FaxBACKÔ iRMXâ Reference Pointâ FlashFileÔ iSBCâ RMX/80Ô Grand ChallengeÔ iSBXÔ RxServerÔ iâ iWARPÔ SatisFAXtionâ ICEÔ LANDeskÔ SnapIn 386Ô iLBXÔ LANPrintâ Storage BrokerÔ InboardÔ LANProtectÔ SuperTunedÔ i287Ô LANSelectâ The Computer Inside.Ô i386Ô LANShellâ TokenExpressÔ i387Ô LANSightÔ Visual EdgeÔ i486Ô LANSpaceâ WYPIWYFâ i487Ô LANSpoolâ IntelTechDirectÔ MDS is an ordering code only and is not used as a product name or trademark. MDS is a registered trademark of Mohawk Data Sciences Corporation. CHMOS and HMOS are patented processes of Intel Corp. Intel Corporation and Intel's FASTPATH are not affiliated with Kinetics, a division of Excelan, Inc.
    [Show full text]
  • 586 Vs. 586 CPU Proliferation Creates Need for Benchmarks to Sort Them Out
    MICROPROCESSOR REPORT THE PUBLISHER’S VIEW Coming Next Year: 586 vs. 586 CPU Proliferation Creates Need for Benchmarks To Sort Them Out Not so long ago, the name—or, more likely, the tion. Unlike the Nx586, these two chips will have FPUs, number—for a microprocessor was a technical issue of and they will be pin-compatible with Pentium. little importance. Beyond providing an association with Based on the design techniques used—such as reg- the supplier, microprocessor designations were chosen to ister renaming and out-of-order execution—the Nx586, reflect the technical features of the chip. K5, and M1 all go beyond Pentium. In some ways, they The emergence of personal computers as consumer may resemble Intel’s P6 more than Pentium. Neverthe- items has brought a new set of priorities for micropro- less, none of them qualify as a 686, because they don’t cessor names. Intel is investing hundreds of millions of come close to doubling Pentium performance and fall dollars to establish the Pentium name, and the Intel short of P6’s expected performance. name itself, as household words. At the same time, a pro- The 586 name won’t refer to a particular pin config- liferation of differing microprocessor designs from half a uration, feature set, or microarchitecture. What it does dozen vendors has made the naming challenge more refer to is a performance level, what we have called Pen- complex than ever before. tium-class performance: 60–100 SPECint92 today, with The x86 naming scheme used to be simple. From floating-point scores modestly lower than integer.
    [Show full text]
  • Sok: Hardware Security Support for Trustworthy Execution
    SoK: Hardware Security Support for Trustworthy Execution Lianying Zhao1, He Shuang2, Shengjie Xu2, Wei Huang2, Rongzhen Cui2, Pushkar Bettadpur2, and David Lie2 1Carleton Universityz, Ottawa, ON, Canada 2University of Toronto, Toronto, ON, Canada Abstract—In recent years, there have emerged many new hard- contribute to lowering power consumption, which is critical ware mechanisms for improving the security of our computer for resource-constrained devices. systems. Hardware offers many advantages over pure software Furthermore, hardware is the Root of Trust (RoT) [48], as approaches: immutability of mechanisms to software attacks, better execution and power efficiency and a smaller interface it bridges the physical world (where human users reside) and allowing it to better maintain secrets. This has given birth to the digital world (where tasks run as software). To securely a plethora of hardware mechanisms providing trusted execution perform a task or store a secret, the user trusts at least part of environments (TEEs), support for integrity checking and memory the computer hardware. safety and widespread uses of hardware roots of trust. Dedicated hardware security support has seen its prolif- In this paper, we systematize these approaches through the lens eration since the early days of computers. It can take a of abstraction. Abstraction is key to computing systems, and the interface between hardware and software contains many abstrac- straightforward form as discrete components to assist the tions. We find that these abstractions, when poorly designed, can CPU, ranging from the industrial-grade tamper-responding both obscure information that is needed for security enforcement, IBM Cryptocards (e.g., 4758 [37]), Apple’s proprietary secure as well as reveal information that needs to be kept secret, leading enclave processor (SEP [84]) for consumer electronics, to the to vulnerabilities.
    [Show full text]
  • SMM) Xeno Kovah && Corey Kallenberg Legbacore, LLC All Materials Are Licensed Under a Creative Commons “Share Alike” License
    Advanced x86: BIOS and System Management Mode Internals System Management Mode (SMM) Xeno Kovah && Corey Kallenberg LegbaCore, LLC All materials are licensed under a Creative Commons “Share Alike” license. http://creativecommons.org/licenses/by-sa/3.0/ ABribuEon condiEon: You must indicate that derivave work "Is derived from John BuBerworth & Xeno Kovah’s ’Advanced Intel x86: BIOS and SMM’ class posted at hBp://opensecuritytraining.info/IntroBIOS.html” 2 System Management Mode (SMM) God Mode AcEvate 3 Batteries Not Included! From http://support.amd.com/us/Processor_TechDocs/24593.pdf 4 System Management Mode (SMM) Overview • Most privileged x86 processor operating mode • Runs transparent to the operating system • When the processor enters SMM, all other running tasks are suspended • SMM can be invoked only by a System Management Interrupt (SMI) and exited only by the RSM (resume) instruction • Intended use is to provide an isolated operating environment for – Power/Battery management – Controlling system hardware – Running proprietary OEM code – etc. (anything that should run privileged and uninterrupted) 5 System Management Mode (SMM) Overview • The code that executes in SMM (called the SMI handler) is instantiated from the BIOS flash • Protecting SMM is a matter of protecting both the active (running) SMRAM address space but also protecting the flash chip from which it is derived – Protect itself (SMBASE (location), SMRAM Permissions) – Write-Protect Flash • So far in our research, only about 5% of SMRAM configurations were directly unlocked and vulnerable to overwrite • However, since > 50% of the BIOS flash chips we've seen are vulnerable, that means > 50% of SMRAM will follow suit 6 System Management Interrupt (SMI) • SMM can only be invoked by signaling a System Management Interrupt (SMI) • SMI’s can be received via the SMI# pin on the processor or through the APIC bus • SMI’s cannot be masked like normal interrupts (e.g.
    [Show full text]