In my last article, I outlined a short embedded JTAG-based ‘C’ routine to dump machine check errors in the event of a system crash or hang. In today’s blog, I look at this in the larger context of diagnosing the root cause of system wedges, and what embedded ITP techniques can be used to gather as much forensics data as possible.
ASSET implements in-situ diagnostics via direct support of the x86 JTAG-based run-control API down on the target. The run-control API are synonymous with lower-level Intel In-Target Probe (ITP) procedures. What follows is a sample ‘C’ routine written to dump the contents of the machine check registers, in the event of a system wedge (for example, a three-strike event).
System Management Mode (SMM) is an x86 operating mode in which all normal execution, including the operating system, is suspended. SMM is of interest to cybersecurity specialists (black hat and white hat) because it can also be abused to run high-privileged rootkits. This week, I decided to use SourcePoint to explore some of its mysteries.