System Management Mode (SMM) is the highest-privileged operating mode of x86 and x86-64 processors. Through SMM exploitation, attackers can tamper with the Unified Extensible Firmware Interface (UEFI) firmware, disabling the security mechanisms implemented by the operating system and hypervisor. Vulnerabilities enabling SMM code execution are often reported as Common Vulnerabilities and Exposures (CVEs); however, no security mechanisms currently exist to prevent attackers from analyzing those vulnerabilities. To increase the cost of vulnerability analysis of SMM modules, we introduced SmmPack. The core concept of SmmPack involves encrypting an SMM module with the key securely stored in a Trusted Platform Module (TPM). We assessed the effectiveness of SmmPack in preventing attackers from obtaining and analyzing SMM modules using various acquisition methods. Our results show that SmmPack significantly increases the cost by narrowing down the means of module acquisition. Furthermore, we demonstrated that SmmPack operates without compromising the performance of the original SMM modules. We also clarified the management and adoption methods of SmmPack, as well as the procedure for applying BIOS updates, and demonstrated that the implementation of SmmPack is realistic.

翻译：系统管理模式（SMM）是x86及x86-64处理器中权限最高的运行模式。攻击者可通过利用SMM漏洞篡改统一可扩展固件接口（UEFI）固件，禁用操作系统与虚拟机管理程序的安全机制。尽管SMM代码执行漏洞常被登记为通用漏洞披露（CVE），但目前尚无安全机制可阻止攻击者分析这些漏洞。为提升SMM模块漏洞分析的成本，我们提出了SmmPack方案。其核心思想是利用可信平台模块（TPM）中安全存储的密钥对SMM模块进行加密。我们评估了SmmPack在阻止攻击者通过多种获取方法获取并分析SMM模块方面的有效性。结果表明，SmmPack通过收窄模块获取途径显著提高了攻击成本。此外，我们验证了SmmPack的引入不会影响原始SMM模块的性能。我们还明确了SmmPack的管理与采用方法，以及BIOS更新流程，证实了SmmPack的实际可部署性。