This preview shows page 1. Sign up to view the full content.
Unformatted text preview: g SMM. For this reason, references to the SMRAM area must not be cached if any part of the SMRAM shadows (overlays) non-SMRAM memory; that is, system DRAM or video RAM. It is the obligation of the system to ensure that all memory references to overlapped areas are uncached; that is, the KEN# pin is sampled inactive during all references to the SMRAM area for the Pentium® processor. The WBINVD instruction should be used to ensure cache coherency at the end of a cached SMM execution in systems that have a protected SMM memory region provided by the chipset. The P6 family of processors have no external equivalent of the KEN# pin. All memory accesses are typed via the MTRRs. It is not practical therefore to have memory access to a certain address be cached in one access and not cached in another. Intel does not recommend the caching of SMM space in any overlapping memory environment on the P6 family of processors. 12.5. SMI HANDLER EXECUTION ENVIRONMENT
After saving the current context of the processor, the processor initializes its core registers to the values shown in Table 12-2. Upon entering SMM, the PE and PG flags in control register CR0 are cleared, which places the processor is in an environment similar to real-address mode. The differences between the SMM execution environment and the real-address mode execution environment are as follows: • • • The addressable SMRAM address space ranges from 0 to FFFFFFFFH (4 GBytes). (The physical address extension (enabled with the PAE flag in control register CR4) is not supported in SMM.) The normal 64-KByte segment limit for real-address mode is increased to 4 GBytes. The default operand and address sizes are set to 16 bits, which restricts the addressable SMRAM address space to the 1-MByte real-address mode limit for native real-addressmode code. However, operand-size and address-size override prefixes can be used to access the address space beyond the 1-MByte. Near jumps and calls can be made to anywhere in the 4-GByte address space if a 32-bit operand-size override prefix is used. Due to the real-address-mode style of base-address formation, a far call or jump cannot transfer control to a segment with a base address of more than 20 bits (1 MByte). However, since the segment limit in SMM is 4 GBytes, offsets into a segment that go beyond the 1-MByte limit are allowed when using 32-bit operand-size override prefixes. Any program control transfer that does not have a 32-bit operand-size override prefix truncates the EIP value to the 16 low-order bits. • 12-8 SYSTEM MANAGEMENT MODE (SMM) Table 12-2. Processor Register Initialization in SMM
Register General-purpose registers EFLAGS EIP CS selector CS base DS, ES, FS, GS, SS Selectors DS, ES, FS, GS, SS Bases DS, ES, FS, GS, SS Limits CR0 DR6 DR7 Undefined 00000002H 00008000H SMM Base shifted right 4 bits (default 3000H) SMM Base (default 30000H) 0000H 000000000H 0FFFFFFFFH PE, EM, TS and PG flags set to 0; others unmodified Undefined 00000400H Contents • Data and the stack can be located anywhere in the 4-GByte address space, but can be accessed only with a 32-bit address-size override if they are located above 1 MByte. As with the code segment, the base address for a data or stack segment cannot be more than 20 bits. The value in segment register CS is automatically set to the default of 30000H for the SMBASE shifted 4 bits to the right; that is, 3000H. The EIP register is set to 8000H. When the EIP value is added to shifted CS value (the SMBASE), the resulting linear address points to the first instruction of the SMI handler. The other segment registers (DS, SS, ES, FS, and GS) are cleared to 0 and their segment limits are set to 4 GBytes. In this state, the SMRAM address space may be treated as a single flat 4Gbyte linear address space. If a segment register is loaded with a 16-bit value, that value is then shifted left by 4 bits and loaded into the segment base (hidden part of the segment register). The limits and attributes are not modified. Maskable hardware interrupts, exceptions, NMI interrupts, SMI interrupts, A20M interrupts, single-step traps, breakpoint traps, and INIT operations are inhibited when the processor enters SMM. Maskable hardware interrupts, exceptions, single-step traps, and breakpoint traps can be enabled in SMM if the SMM execution environment provides and initializes an interrupt table and the necessary interrupt and exception handlers (refer to Section 12.6., “Exceptions and Interrupts Within SMM”). 12-9 SYSTEM MANAGEMENT MODE (SMM) 12.6. EXCEPTIONS AND INTERRUPTS WITHIN SMM
When the processor enters SMM, all hardware interrupts are disabled in the following manner: • • • • The IF flag in the EFLAGS register is cleared, which inhibits maskable hardware interrupts from being generated. The TF flag in the EFLAGS register is cleared, which disables single-step traps Debug register DR7 is cleared, which disables breakpoint traps. (This action prevents a debugger from accidentally breaking i...
View Full Document
This note was uploaded on 06/07/2013 for the course ECE 1234 taught by Professor Kwhon during the Spring '10 term at Berkeley.
- Spring '10