1. Technical Field
The present invention relates to operational modes of computer systems in general, and in particular to a method and apparatus for protecting a privilege level of system management mode of a computer system.
2. Description of Related Art
Intel Corporation provides a protection mechanism for the Intel's processor and chipset called Intel Trusted Execution Technology (TXT) that includes enhanced security features for protecting a computer system from a malicious program. TXT employs an operational mode called system management mode (SMM) in Intel's X86 processor series. SMM is intended to provide an operating environment independent of an operating system (OS) for the control of power, temperature, and the like of a computer system.
In a protected mode within an OS operating environment, there are four privilege levels: from ring 0 allowing execution of kernel code to ring 3 allowing execution of user programs. In SMM, on the other hand, a privilege level similar to the privilege level of ring 0 in protected mode in the OS operating environment is provided in an operational mode in which code loaded in a protected special memory area is executed when a system management interrupt (SMI) is asserted. Accordingly, if the privilege level of SMM (hereafter referred to as the SMM privilege) is acquired by a malicious program, the main code of a computer system is rewritten. Since the OS is unable to recognize which program uses the SMM privilege, this poses a serious threat to system security.