Attention is currently required from: Benjamin Doron, Patrick Georgi.

Nico Huber has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/79095?usp=email )

Change subject: Documentation: Describe how SMMSTORE can be used safely ......................................................................

Patch Set 2: Code-Review+1

(2 comments)

Patchset:

PS2: Thanks for the write-up!

I think it leaves a few questions open. But given the scope "Design rationale", I see no need to bikeshed anything. If this is going to be implemented, it may not be 100% what was proposed anyway. But this is definitely a very good starting point.

File Documentation/drivers/smmstore.md:

https://review.coreboot.org/c/coreboot/+/79095/comment/40cd836a_f28b4b3c : PS2, Line 145: - while doing so, process authentication data and reject invalid blocks; I always imagined something with two flash regions: One that is updated during boot after authentication and write-protected from then on, and one that is always writeable and filled by SMMSTORE. I believe such a partial write protection is possible with both AMD and Intel chipsets.

I guess it would allow something like an authenticated CLEAR. We'd always have the old version from the last boot in NVM.

If that sounds reasonable, maybe it's worth to mention here.