From 5fffb5e30d0d0caa5bd3256fdce3f337bbef1d0f Mon Sep 17 00:00:00 2001 From: Patrick Rudolph Date: Thu, 25 Jul 2019 11:55:30 +0200 Subject: security/intel: Add TXT infrastructure * Add Kconfig to enable TXT * Add possibility to add BIOS and SINIT ACMs * Set default BIOS ACM alignment * Increase FIT space if TXT is enabled The following commits depend on the basic Kconfig infrastructure. Intel TXT isn't supported until all following commits are merged. Change-Id: I5f0f956d2b7ba43d4e7e0062803c6d8ba569a052 Signed-off-by: Patrick Rudolph Reviewed-on: https://review.coreboot.org/c/coreboot/+/34585 Tested-by: build bot (Jenkins) Reviewed-by: David Hendricks --- Documentation/security/intel/txt.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'Documentation/security') diff --git a/Documentation/security/intel/txt.md b/Documentation/security/intel/txt.md index f67b63942e..f80a731e81 100644 --- a/Documentation/security/intel/txt.md +++ b/Documentation/security/intel/txt.md @@ -90,11 +90,11 @@ correct state. If it's not the SINIT ACM will reset the platform. ## For developers ### Configuring Intel TXT in Kconfig -Enable ``TEE_INTEL_TXT`` and set the following: +Enable ``INTEL_TXT`` and set the following: -``TEE_INTEL_TXT_BIOSACM_FILE`` to the path of the BIOS ACM provided by Intel +``INTEL_TXT_BIOSACM_FILE`` to the path of the BIOS ACM provided by Intel -``TEE_INTEL_TXT_SINITACM_FILE`` to the path of the SINIT ACM provided by Intel +``INTEL_TXT_SINITACM_FILE`` to the path of the SINIT ACM provided by Intel ### Print TXT status as early as possible Add platform code to print the TXT status as early as possible, as the register is cleared on cold reset. -- cgit v1.2.3