From ac8c378777d861000d82eea1c7439f16dcd45797 Mon Sep 17 00:00:00 2001
From: Robert Zieba <robertzieba@google.com>
Date: Wed, 7 Sep 2022 16:25:15 -0600
Subject: cpu/x86/smm: Add PCI resource store functionality

In certain cases data within protected memmory areas like SMRAM could
be leaked or modified if an attacker remaps PCI BARs to point within
that area. Add support to the existing SMM runtime to allow storing
PCI resources in SMRAM and then later retrieving them.

BRANCH=guybrush
BUG=b:186792595
TEST=builds

Signed-off-by: Robert Zieba <robertzieba@google.com>
Change-Id: I23fb1e935dd1b89f1cc5c834cc2025f0fe5fda37
Reviewed-on: https://review.coreboot.org/c/coreboot/+/67931
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Karthik Ramasubramanian <kramasub@google.com>
---
 src/cpu/x86/Kconfig | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'src/cpu/x86/Kconfig')

diff --git a/src/cpu/x86/Kconfig b/src/cpu/x86/Kconfig
index edba27bd40..d95e6cc4c3 100644
--- a/src/cpu/x86/Kconfig
+++ b/src/cpu/x86/Kconfig
@@ -168,6 +168,19 @@ config SMM_LAPIC_REMAP_MITIGATION
 		|| NORTHBRIDGE_INTEL_E7505 || NORTHBRIDGE_INTEL_IRONLAKE
 	default n
 
+config SMM_PCI_RESOURCE_STORE
+	bool
+	default n
+	help
+	  This option enables support for storing PCI resources in SMRAM so
+	  SMM can tell if they've been altered.
+
+config SMM_PCI_RESOURCE_STORE_NUM_SLOTS
+	int
+	default 8
+	help
+	  Number of slots available to store PCI BARs in SMRAM
+
 config X86_AMD_FIXED_MTRRS
 	bool
 	default n
-- 
cgit v1.2.3