From d5321bf2fb6ddbceea21e8b8e38ae89288fcfb1a Mon Sep 17 00:00:00 2001
From: Patrick Rudolph <siro@das-labor.org>
Date: Tue, 30 Jun 2020 20:24:11 +0200
Subject: Documentation: Add TODOs for secure SMM when using x86_64

Change-Id: I157238f18bc1c2eba0adc0b87caa9adaf3fc5d38
Signed-off-by: Patrick Rudolph <siro@das-labor.org>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/42982
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Arthur Heymans <arthur@aheymans.xyz>
Reviewed-by: Raul Rangel <rrangel@chromium.org>
---
 Documentation/arch/x86/index.md | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/Documentation/arch/x86/index.md b/Documentation/arch/x86/index.md
index 536dea3951..30dcc10e91 100644
--- a/Documentation/arch/x86/index.md
+++ b/Documentation/arch/x86/index.md
@@ -49,6 +49,15 @@ At the moment *$n* is 4, which results in identity mapping the lower 4 GiB.
 * Add assembly code to return to protected mode - *TODO*
 * Implement reference code for mainboard `emulation/qemu-q35` - *TODO*
 
+## Future work
+
+1. Fine grained page tables for SMM:
+   * Must not have execute and write permissions for the same page.
+   * Must allow only that TSEG pages can be marked executable
+   * Must reside in SMRAM
+2. Support 64bit PCI BARs above 4GiB
+3. Place and run code above 4GiB
+
 ## Porting other boards
 * Fix compilation errors
 * Test how well CAR works with x86_64 and paging
-- 
cgit v1.2.3