Patrick Rudolph has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/42982 )
Change subject: Documentation: Add TODOs for secure SMM when using x86_64 ......................................................................
Documentation: Add TODOs for secure SMM when using x86_64
Change-Id: I157238f18bc1c2eba0adc0b87caa9adaf3fc5d38 Signed-off-by: Patrick Rudolph siro@das-labor.org --- M Documentation/arch/x86/index.md 1 file changed, 9 insertions(+), 0 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/82/42982/1
diff --git a/Documentation/arch/x86/index.md b/Documentation/arch/x86/index.md index 462e7e6..5e75b5b 100644 --- a/Documentation/arch/x86/index.md +++ b/Documentation/arch/x86/index.md @@ -49,6 +49,15 @@ * Add assembly code to return to protected mode - *TODO* * Implement reference code for mainboard `emulation/qemu-q35` - *TODO*
+## Future work + +1. Fine grained page tables for SMM: + * Must not have execute and write permissions for the same page. + * Must allow only that TSEG pages can be marked executable + * Must reside in SMRAM +2. Support 64bit PCI BARs above 4GiB +3. Place and run code above 4GiB + ## Porting other boards * Fix compilation errors * Test how well CAR works with x86_64 and paging