Patrick Rudolph has uploaded this change for review.

View Change

Documentation: Add TODOs for secure SMM when using x86_64

Change-Id: I157238f18bc1c2eba0adc0b87caa9adaf3fc5d38
Signed-off-by: Patrick Rudolph <siro@das-labor.org>
---
M Documentation/arch/x86/index.md
1 file changed, 9 insertions(+), 0 deletions(-)

git pull ssh://review.coreboot.org:29418/coreboot refs/changes/82/42982/1
diff --git a/Documentation/arch/x86/index.md b/Documentation/arch/x86/index.md
index 462e7e6..5e75b5b 100644
--- a/Documentation/arch/x86/index.md
+++ b/Documentation/arch/x86/index.md
@@ -49,6 +49,15 @@
 * Add assembly code to return to protected mode - *TODO*
 * Implement reference code for mainboard `emulation/qemu-q35` - *TODO*
 
+## Future work
+
+1. Fine grained page tables for SMM:
+   * Must not have execute and write permissions for the same page.
+   * Must allow only that TSEG pages can be marked executable
+   * Must reside in SMRAM
+2. Support 64bit PCI BARs above 4GiB
+3. Place and run code above 4GiB
+
 ## Porting other boards
 * Fix compilation errors
 * Test how well CAR works with x86_64 and paging

To view, visit change 42982. To unsubscribe, or for help writing mail filters, visit settings.

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I157238f18bc1c2eba0adc0b87caa9adaf3fc5d38
Gerrit-Change-Number: 42982
Gerrit-PatchSet: 1
Gerrit-Owner: Patrick Rudolph <siro@das-labor.org>
Gerrit-MessageType: newchange