Advanced

 x86:  
BIOS  and  System  Management  Mode  Internals  
Chipset  Architecture  
Xeno  Kovah  &&  Corey  Kallenberg  
LegbaCore,  LLC  
 All materials are licensed under a Creative
Commons “Share Alike” license.
http://creativecommons.org/licenses/by-sa/3.0/

ABribuEon  condiEon:  You  must  indicate  that  derivaEve  work  

"Is  derived  from  John  BuBerworth  &  Xeno  Kovah’s  ’Advanced  Intel  x86:  BIOS  and  SMM’  class  posted  at  hBp://opensecuritytraining.info/IntroBIOS.html”   2
 (Basic) Chipset Architecture

Since  I  always  lose  the  link,  CPU  datasheets  are  here:  

hBp://www.intel.com/content/www/us/en/processors/core/core-­‐technical-­‐resources.html  
 Mobile 4-Series Chipset Block Diagram
• This is a hardware model
the Mobile 4-Series
chipset and its logical
relation to the CPU
• Specialized chips
integrated onto the
motherboard that
interface the processor
to system components.
• Two components make
up the chipset: the
Memory Controller Hub
(MCH) and the I/O
Controller Hub (ICH)
• These components must
be configured to be able
to sustain an Operating
System.
• BIOS performs this
configuration during boot
• I prefer the diagram
from the Desktop 4-
Series Chipset, which
explicitly labels the
MCH
Intel  Mobile  4-­‐Series  Chipset  Datasheet,  pg.  13   4  
 Alternative Block Diagram
• For reference, this is the
diagram layout I
personally (strongly)
prefer
• But it explicitly labels the
MCH
• Also lists the SPI device,
unlike it’s Mobile
counterpart
• However, the MCH on
the 4-Series chipset
connects to an ICH rev.
10 rather than an ICH
rev. 9, which is not
what's present on this
example E6400 system

Intel  4-­‐Series  Chipset  Datasheet,  pg.  25   5  

 Mobile 4-Series Chipset Block Diagram
• Memory Controller Hub
(MCH)
• Interfaces the processor
with the rest of the system
• Connected via a fast
bridge/bus (originally FSB,
became HyperTransport
(AMD) and QuickPath
(Intel), the latter which
became DMI (or DMI 2.0)
– From a logical
perspective it’s
invisible to us for our
purposes
• Sometimes called the
Northbridge
• Contains a Memory
Controller and an interface
for PCI Express graphics
• A ‘G’ in front of MCH
indicates it has on-board
graphics
Intel  Mobile  4-­‐Series  Chipset  Datasheet   6  
 Memory Controller Hub (MCH)

• For this course on BIOS/UEFI security, the aspects of the

MCH (or Platform Controller Hub (PCH) as it has evolved to)
we care about most are:
1. Chipset Configuration registers
2. DRAM Controller Registers
• In PCH systems the DRAM Controller Registers move into
the CPU (we will talk about this in a bit)
Intel  Mobile  4-­‐Series  Chipset  Datasheet,  pg.  13   7  
 • I/O Controller Hub
• Interfaces the MCH
(and thus the
processor) to
system devices

Intel  Mobile  4-­‐Series  Chipset  Datasheet   8  

 Serial-Peripheral Interface (SPI)

(This  is  the  Firmware  Hub  (FWH).    

We’ll  cover  this  briefly  when  we  
• It’s where the BIOS binary resides talk  about  SPI.)  
• CPU execution starts here upon system startup
• Interface to the device is Memory-Mapped
• We’ll cover memory-mapping in the Address Space portion of the
course
• From a software development, configuration is still the same when the
ICH is consolidated into a PCH
Intel  I/O  Controller  Hub  9  Datasheet,  because  it  includes  a  more  complete  block  diagram   9  
 Low-Pin Count (LPC)

• The devices on the ICH which we care about most are:

• LPC (Low-Pin Count) controller device
• Firmware Hub (legacy)
• Trusted Platform Module (TPM)

10  
 Trusted Platform Module (TPM)

• Extends the security functions within the TPM chip to the CPU/
system
• Memory-Mapped (fixed address)
• Software operation is still the same when the ICH is
consolidated into a PCH
Intel  I/O  Controller  Hub  9  Datasheet,  because  it  includes  a  more  complete  block  diagram   11  
 Evolution to Platform Controller Hub (PCH)
• Bottleneck reduction
• Memory Controller
moved into the CPU
– AMD did this in ~2003
with Athlon64
– Intel ~2008 (Core i-
series CPU)
• Graphics processing
unit too
• The Northbridge was
essentially eliminated
to form a single
component (PCH)
• Overall trend is to
move high-bottleneck
areas closer to the
CPU which has the
fastest clock on the
system
Intel  4-­‐Series  Chipset  Datasheet   12  
 Now everything’s just PCHy
• Shown here is the Intel 5-
series chipset
• First iteration of the
consolidation into a
single Platform Controller
Hub (PCH)
• AMD did similar in 2003,
but I don’t want to throw
too many hardware
diagrams at you (despite
being different at the
hardware level, logically
they are similar if not the
(PCH)   same)
• Better to show you just a
few, explain why they are
the way they are so then
you can interpret new/
different ones yourself
• Processor is starting to
resemble a System On a
Chip (SoC)

Intel  Core  i5-­‐600,  i3-­‐500  Desktop  Processor  Series,  Intel  PenEum  Desktop  Processor  6000  Series  datasheet   13  
 Platform Controller Hub (PCH)

(PCH)  

• All the ICH components that we cared about for this course are still
present
– From a software standpoint, even their mode of access is the same
• Functionally speaking, most of what we’ll be looking at is agnostic as
to whether its MCH/ICH or PCH
– There are a few exceptions and those will be addressed as they crop up as
well as how you account for them
Intel  Core  i5-­‐600,  i3-­‐500  Desktop  Processor  Series,  Intel  PenEum  Desktop  Processor  6000  Series  datasheet   14  
Aside:  Yeah  it’s  really  gedng  SoCish:  
Haswell/Broadwell  mobile  

15  
 Aside:  Intel  does  make  some  SoCs,  their  
“Atom”  series.  Out  of  scope  for  today  

From  Intel®  AtomTM  Processor  E6xx  Series  Datasheet  

16  
Software Model
• This is how the processor
sees the chipset devices
• Not actually a complete
diagram, there are more
devices listed in the
datasheet than what Intel
included in this diagram
• Some devices have
additional functions (it’s a
PCI-thing which we’ll talk
about)

* Device 2 won’t be implemented

if there is an external graphics
card.
17  
Device 0: DRAM Controller
• Device 0 – DRAM
Controller
• Configured by BIOS to
define much of the
memory map
– SMM
– PCI Express base
address register
space(PCIEXBAR)
– Etc.

18  
Device 31: LPC Interface Bridge
• Device 31 – Low Pin
Count Interface (LPC)
Bridge
• Located on ICH (or PCH
if it’s a PCH system)
• Implements various
system management
functions
• We reference this
device a lot
• Spec:
http://www.intel.com/
design/chipsets/
industry/25128901.pdf
(Low Pin Count Interface
Specification, Revision
1.1)
19  
 Datasheet will list all PCI Devices

• So as I said, there are devices which were not included in the chipset diagram
provided by Intel in the Mobile 4-Series datasheet.
• They’re not all important from a security perspective, but provided here for
reference
*Intel I/O Controller Hub 9 datasheet20  
 Chipset Identification
• Goal: Identify the Chipset and/or Controller Hub
• Reasons: (1) To find the datasheet, and (2) know the locations
of those registers which we will be probing to determine
whether a system is vulnerable
– Some have stayed the same (same name, same offset) over the years (LPC,
BIOS_CNTL) while others have “bounced around a little”
– Our demonstrations/slides are all on the Mobile 4-Series Chipset and IO
Controller Hub Family 9
– However, the functionality provided by these registers still exist in the latest
architecture (assuming they aren’t just still the “same old registers”)
– We want you to be able to locate/analyze these (ie: teaching you to fish)

• Ok I’m convinced! So how do we find out?

– We are “pretending” that we don’t have eyes on the platform itself:
– In other words, we are using RW-Everything in this example, but RW-E
accesses the PCI configuration space which we also could do
programmatically

21  
 Strategy:
• Many of the registers we care about
are located in two separate devices:
(1) LPC Device, and (2) DRAM-
Controller
• In legacy Chipsets the LPC device is
located in the IO Controller Hub and
DRAM  Controller  
the DRAM-Controller is located in the
Memory Controller Hub
Chipset     • The datasheet containing the
Datasheet   information related to the DRAM
controller will be found in the Chipset
datasheet
LPC  Device   • The datasheet containing the LPC-
related information will be found in the
“I/O Controller Hub” datasheet
ICH  
Datasheet  
22  
 Strategy:
• Many of the registers we care about
are located in two separate devices:
(1) LPC Device, and (2) DRAM-
Controller
DRAM  Controller  
• In Modern "Chipsets" (PCH) the LPC
CPU   device is located in the Platform
Datasheet   Controller Hub and the DRAM-
Controller is located in the Processor
• The datasheet containing the
LPC  Device   information related to the DRAM
controller will be found in the
processor datasheet
"Chipset"  
Datasheet   • The datasheet containing the LPC-
related information will be found in the
Chipset datasheet

23  
Strategy:
• If your PCI LCP device ID lookup says
something like “Wildcat Point-LP”, that
means you’re using a Broadwell/5th
generation chip
• The DRAM controller / Host Device ID
will still be in the CPU specification
update
• The LCP device ID can be found in
the CPU’s associated “IO datasheet”

24  
 Strategy: Additional Notes
1. You do not have to know in advance whether the architecture is
a modern chipset or otherwise, the process of identifying the
device ID’s will tell you that

2. Because we’re identifying PCI devices, this same strategy will

work on an AMD system (which is completely left out in this
course)
– However, identifying the applicable registers and offsets is an exercise left
to you (or me if I get my hands on an enterprise system with an AMD
processor)

25  
 Get the LPC Device ID

• Will tell us the Controller Hub family (therefore either ICH datasheet
if legacy or chipset datasheet otherwise)
• Bus 0, Device 31 (1Fh), Function 0, Offset 2 (2-bytes)
• Not sure where RW Everything gets the names of its PCI devices
from
• In this example, the LPC Device ID is 0x2917
26  
 Device ID Lookup
• http://pciids.sourceforge.net
• http://pci-ids.ucw.cz/ (same site, alternate location)

• Device ID 0x2917 is part of the ICH9M-E family

• http://www.intel.com/content/www/us/en/io/io-controller-hub-9-datasheet.html
27  
 Get the Memory Controller Device ID

• Read the 2-byte Device ID of the Memory Controller:

• Bus 0, Device 0, Function 0, Offset 2
• In this case RW Everything calls it a Host bridge, but as you can see
at offset 0x0E in it’s header, it is not a bridge
– PCI-related fact which we’ll cover in PCI
• In this sample case the Memory Controller Device ID is 0x2A40
28  
 Device ID Lookup
• http://pciids.sourceforge.net
• http://pci-ids.ucw.cz/ (same site, alternate location)

• Device ID 0x2a40 is part of the Mobile 4-Series chipset family

• http://www.intel.com/assets/PDF/datasheet/320122.pdf
29  
 So what we have learned about this E6400
• The LPC Device ID is 2917h
– ICH9M-E Controller Hub
– Member of the IO Controller Hub 9 family
• The Memory Controller Device ID is 2A40h
– Mobile 4-Series Chipset Memory Controller
• Therefore this is a legacy chipset
– DRAM controller is located in the chipset
– LPC is located in the IO Controller Hub
• The same steps will work on a new system
– The DRAM controller will be located on the processor
– The LPC device will be located in the chipset (aka: platform controller
hub)
• Sometimes there may be ambiguity. A discussion of how to
resolve some forms of ambiguity was moved to the backup
slides for this slide deck for time reasons.
30  
 Beware: Gotcha #1

• Verify the Device ID you look up is for the correct vendor

– Different Vendors can use the same Device IDs
– Vendor ID’s are allocated by the PCI SIG and are always unique
• The above Memory Controller Device ID of 0104h returns
multiple hits on http://pci-ids.ucw.cz
– But it’s the 8086h (Intel) one that we want
31  
 Beware: Gotcha #2
• It’s good to cross-reference more than one source...
• Where one fails (either returns an incorrect device, or finds no
device at all), another may succeed
• www.PCIDatabase.com

32  
 Specification Updates
• For an Intel system, a given device family (Processor, IO
Controller Hub, Chipset) will have a separate datasheet
entitled “Specification Update”
• The spec update provides typo-fixes and such but also
provides the device ID’s for each revision within that particular
device family

ICH  Family  9  SpecificaEon  Update  

33  
 In  Summary  
• DRAM  Controller  /  Host  Bridge  PCI  “Device  IDs”  
can  be  found  in  MCH  or  CPU  datasheets  
– This  device  will  be  used  to  find  SPI  flash  programming  
registers  
• LPC  Controller  PCI  “Device  IDs”  can  be  found  in  
the  ICH,  PCH,  or  CPU’s  “IO”  “specificaEon  
update”  datasheets  
– This  device  will  be  used  to  find  SPI  flash  access  control  
registers  
• These  two  device  IDs  together  provide  all  the  
informaEon  we  need  for  idenEficaEon  of  
hardware  for  BIOS  security  checks  

34  
 Device  IDs  
• I’m  starEng  to  get  Ered  of  spending  the  Eme  it  
takes  to  have  everyone  look  this  up,  so  I’ve  
started  to  make  a  cheat  sheet  ;)  
 DRAM  Controller/Host  Bridge  
• Cheat  sheet  

36  
MCH/3-­‐series-­‐chipset-­‐family-­‐datasheet.pdf  
37  
MCH/3-­‐series-­‐express-­‐chipset-­‐family-­‐datasheet.pdf  
38  
MCH/4-­‐series-­‐chipset-­‐family-­‐datasheet.pdf   39  
MCH/4-­‐series-­‐express-­‐chipset-­‐family-­‐datasheet.pdf   40  
CPU/1stGen(Nehalem)/Mobile/core-­‐mobile-­‐datasheet-­‐vol-­‐2.pdf  

CPU/1stGen(Nehalem)/Mobile/core-­‐mobile-­‐spec-­‐update.pdf  

41  
CPU/2ndGen(SandyBridge)/Mobile/2nd-­‐gen-­‐core-­‐family-­‐mobile-­‐vol-­‐2-­‐datasheet.pdf  

CPU/2ndGen(SandyBridge)/Mobile/core-­‐i7-­‐900-­‐mobile-­‐ee-­‐and-­‐mobile-­‐processor-­‐series-­‐spec-­‐update.pdf  

42  
CPU/2ndGen(SandyBridge)/Mobile/2nd-­‐gen-­‐core-­‐family-­‐mobile-­‐vol-­‐2-­‐datasheet.pdf  

CPU/2ndGen(SandyBridge)/Mobile/2nd-­‐gen-­‐core-­‐family-­‐mobile-­‐specificaEon-­‐update.pdf   43  
CPU/3rdGen(IvyBridge)/Mobile/3rd-­‐gen-­‐core-­‐family-­‐mobile-­‐vol-­‐2-­‐datasheet.pdf  

CPU/3rdGen(IvyBridge)/Mobile/3rd-­‐gen-­‐core-­‐family-­‐mobile-­‐specificaEon-­‐update.pdf   44  
4th-­‐gen-­‐core-­‐family-­‐mobile-­‐m-­‐h-­‐processor-­‐lines-­‐vol-­‐2-­‐datasheet.pdf   45  
CPU/4thGen(Haswell)/Mobile/4th-­‐gen-­‐core-­‐family-­‐mobile-­‐u-­‐y-­‐processor-­‐lines-­‐vol-­‐2-­‐datasheet.pdf   46  
CPU/4thGen(Haswell)/Mobile/4th-­‐gen-­‐core-­‐family-­‐mobile-­‐specificaEon-­‐update.pdf  
47  
CPU/5thGen(Broadwell)/5th-­‐gen-­‐core-­‐family-­‐datasheet-­‐vol-­‐2.pdf  

CPU/5thGen(Broadwell)/5th-­‐gen-­‐core-­‐family-­‐spec-­‐update.pdf  

48  
LPC  Device  datasheets  

49  
ICH/io-­‐controller-­‐hub-­‐7-­‐datasheet.pdf  
ICH/io-­‐controller-­‐hub-­‐8-­‐datasheet.pdf  
ICH/io-­‐controller-­‐hub-­‐9-­‐datasheet.pdf  
ICH/io-­‐controller-­‐hub-­‐10-­‐datasheet.pdf  
PCH/5-­‐series-­‐chipset-­‐3400-­‐chipset-­‐datasheet.pdf  
PCH/6-­‐series-­‐chipset-­‐c200-­‐chipset-­‐datasheet.pdf  
PCH/7-­‐series-­‐chipset-­‐pch-­‐datasheet.pdf  
PCH/8-­‐series-­‐chipset-­‐pch-­‐datasheet.pdf  
PCH/9-­‐series-­‐chipset-­‐pch-­‐datasheet.pdf  
CPU/5thGen(Broadwell)/5th-­‐gen-­‐core-­‐family-­‐plakorm-­‐i-­‐o-­‐datasheet.pdf   59  
Backup  

60  
 Solving Ambiguity: Get LPC Device

• As before, Read the 2-byte Device ID of the LPC device:

• Bus 0, Device 31d (1Fh), Function 0, Offset 2
• If the Controller Hub is referred to as the Chipset, it’s a PCH device.
• So in a PCH system, the LPC controller will tell us the chipset family
• So this is a QM67 Express Chipset (6-series chipset)
• Datasheet:
http://www.intel.com/content/www/us/en/chipsets/6-chipset-c200-
chipset-datasheet.html 61  
 Identify the MCH Device ID

• As before, Read the 2-byte Device ID of the MCH (DRAM Controller):

• Bus 0, Device 0, Function 0, Offset 2
• In this sample case the Memory Controller Device ID is 0x0104
• 2nd Generation Core processor Family
• However there are separate datasheets for the 2nd generation Mobile
and Desktop family datasheets
• To identify the CPU, we have to download the Specification updates for
each
62  
 Hmm…Either Mobile or Desktop* CPU
• Download the Specification Updates for both the Desktop and
Mobile family (2nd generation Core series processor)
– http://www.intel.com/content/dam/www/public/us/en/documents/
specification-updates/2nd-gen-core-family-mobile-specification-
update.pdf
– http://www.intel.com/content/dam/www/public/us/en/documents/
specification-updates/2nd-gen-core-desktop-specification-update.pdf

• In this case, the DRAM Controller (MCH) device ID of 0104h

is defined in the Mobile series specification update
*We’re  operaEng  under  the  assumpEon  that  this  is  being  done  remotely  so  we  can’t  just  “look.”  63  
 Get the CPU Stepping Information

• When EAX initialized with a value of ‘1’, CPUID returns the

Extended Family, Extended Model, Processor Type, Family Code,
Model Number and Stepping ID value (in EAX)
• You can run CPUID in RW Everything
– CPUID requires no privileges to run
64  
 Identify the CPU Stepping Information

Gen2  Core  SpecificaBon  Update  Datasheet  

• Extended family tells you which processor family the CPU is of

(Pentium, Pentium Pro, Intel Core, etc.)
• Extended Model identifies the particular model within the family
• Processor Type tells you if it’s OEM, etc.
• Family Code corresponds to EDX bits [11:8] at system reset
• The Model Number corresponds to EDX bits [7:4] at system reset
• This is a PCH example and so this CPUID return will differ from our EDX
value from the entry vector portion of the course which was of the E6400
– Stepping ID is the revision number of this CPU model
65