Patrick Georgi has submitted this change. ( https://review.coreboot.org/c/coreboot/+/42982 )
Change subject: Documentation: Add TODOs for secure SMM when using x86_64 ......................................................................
Documentation: Add TODOs for secure SMM when using x86_64
Change-Id: I157238f18bc1c2eba0adc0b87caa9adaf3fc5d38 Signed-off-by: Patrick Rudolph siro@das-labor.org Reviewed-on: https://review.coreboot.org/c/coreboot/+/42982 Tested-by: build bot (Jenkins) no-reply@coreboot.org Reviewed-by: Arthur Heymans arthur@aheymans.xyz Reviewed-by: Raul Rangel rrangel@chromium.org --- M Documentation/arch/x86/index.md 1 file changed, 9 insertions(+), 0 deletions(-)
Approvals: build bot (Jenkins): Verified Arthur Heymans: Looks good to me, approved Raul Rangel: Looks good to me, approved
diff --git a/Documentation/arch/x86/index.md b/Documentation/arch/x86/index.md index 536dea3..30dcc10 100644 --- a/Documentation/arch/x86/index.md +++ b/Documentation/arch/x86/index.md @@ -49,6 +49,15 @@ * Add assembly code to return to protected mode - *TODO* * Implement reference code for mainboard `emulation/qemu-q35` - *TODO*
+## Future work + +1. Fine grained page tables for SMM: + * Must not have execute and write permissions for the same page. + * Must allow only that TSEG pages can be marked executable + * Must reside in SMRAM +2. Support 64bit PCI BARs above 4GiB +3. Place and run code above 4GiB + ## Porting other boards * Fix compilation errors * Test how well CAR works with x86_64 and paging