<p>This talk deals with how to containerize a malicious system mode interrupt handlers on the AMD-V platform so that System Mangement Mode code will not be able to bypass the memory protections added by the virtualization extensions.<br><br>In recent years we've heard about System Management Mode(SMM) Rootkits and seen how they can be used to bypass Intel's Trusted Execution Technology. AMD-V is a different design than the Intel-VX / VT-D. The talk covers the differences, reviews system management mode and the relationship between SMM and Virtualization on the AMD-V platform. After the review, how one installs a SMI handler is covered followed by a discussion of how to construct a hypervisor that can containerize system management interrupt handling code so that it runs inside of a guest virtual machine.</p>