>I'd assume once you're in OS, all bets are off in terms of who can do what to the hardware.
A common misconception. Even if you are running as ring-0, there are things that you cannot do, and only BIOS can. For example, executing code in SMM mode, mapping/hiding portions of memory, or changing some PCI configuration options that get "locked" after BIOS.
A common misconception. Even if you are running as ring-0, there are things that you cannot do, and only BIOS can. For example, executing code in SMM mode, mapping/hiding portions of memory, or changing some PCI configuration options that get "locked" after BIOS.