cpu/x86/smm: Add PCI resource store functionality

In certain cases data within protected memmory areas like SMRAM could be leaked or modified if an attacker remaps PCI BARs to point within that area. Add support to the existing SMM runtime to allow storing PCI resources in SMRAM and then later retrieving them. BRANCH=guybrush BUG=b:186792595 TEST=builds Signed-off-by: Robert Zieba <robertzieba@google.com> Change-Id: I23fb1e935dd1b89f1cc5c834cc2025f0fe5fda37 Reviewed-on: https://review.coreboot.org/c/coreboot/+/67931 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Karthik Ramasubramanian <kramasub@google.com>
author: Robert Zieba <robertzieba@google.com> 2022-09-07 16:25:15 -0600
committer: Martin L Roth <gaumless@gmail.com> 2023-03-05 15:31:07 +0000
commit: ac8c378777d861000d82eea1c7439f16dcd45797 (patch)
tree: 58dafb5dd844410cec91e56c6f7ec5c8defd8fd5 /src/cpu/x86/Kconfig
parent: f1a4cffc88d8a5490c444f41b60eaaf544399998 (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/src/cpu/x86/Kconfig b/src/cpu/x86/Kconfig
index edba27bd40..d95e6cc4c3 100644
--- a/src/cpu/x86/Kconfig
+++ b/src/cpu/x86/Kconfig
@@ -168,6 +168,19 @@ config SMM_LAPIC_REMAP_MITIGATION
 		|| NORTHBRIDGE_INTEL_E7505 || NORTHBRIDGE_INTEL_IRONLAKE
 	default n
 
+config SMM_PCI_RESOURCE_STORE
+	bool
+	default n
+	help
+	  This option enables support for storing PCI resources in SMRAM so
+	  SMM can tell if they've been altered.
+
+config SMM_PCI_RESOURCE_STORE_NUM_SLOTS
+	int
+	default 8
+	help
+	  Number of slots available to store PCI BARs in SMRAM
+
 config X86_AMD_FIXED_MTRRS
 	bool
 	default n
author	Robert Zieba <robertzieba@google.com>	2022-09-07 16:25:15 -0600
committer	Martin L Roth <gaumless@gmail.com>	2023-03-05 15:31:07 +0000
commit	ac8c378777d861000d82eea1c7439f16dcd45797 (patch)
tree	58dafb5dd844410cec91e56c6f7ec5c8defd8fd5 /src/cpu/x86/Kconfig
parent	f1a4cffc88d8a5490c444f41b60eaaf544399998 (diff)