UEFI SMM payload mapper with hot reload for on-hardware development
I made this project because working on SMM drivers directly on hardware is problematic. Instead of having to reflash your SPI chip every time you want to test a new version of your module, now you can just map your SMM payloads through an SMM host and swap them out from disk or even hot reload them from Windows
- x64 UEFI firmware with AMI Aptio V style PI SMM support
- Windows 10 or Windows 11 for the Windows client
- ACPI WMI command for triggering and reloading mapped payloads from usermode
- Tested on ASUS TUF X870 with an AMD AM5 platform (Should also work on Intel)
- Open an x64 Visual Studio developer command prompt and run
src\build.cmd - Add
DxeBridge.efiandSmmHost.efito your firmware and flash it onto your board. Easiest way is to just replace existing DXE and SMM modules (check out the general UEFITool guide) - Drop your payload at
\EFI\SMM\PAYLOAD.EFIon something UEFI can read at boot, like the EFI partition or a FAT32 USB stick - Boot up your target and watch the serial output for
DXE init,SMM init, and payload load messages. You’ll need a COM port reader hooked up to the serial header - From Windows, use
SmmClient.exeto reload, unload, ping, check status, or ring the payload doorbell. It uses the ACPI WMI for that and does not need a kernel driver
Note about payloads: SmmHost handles mapping on its own, not UEFI image loader. That means you should avoid using imports entirely, since they won't get resolved. If your payload has any absolute addresses, make sure to use relocations
If you are not sure how this project works or how to use it, just open an issue and I will help you out