From 823e73e143197a7ee3df247398587ea86ab6dcfa Mon Sep 17 00:00:00 2001 From: Pratik Prajapati Date: Thu, 3 Sep 2020 11:07:39 -0700 Subject: soc/intel/common: Add config option to enable TME/MKTME Add config option to enable TME/MKTME. The spec is available at: "https://software.intel.com/sites/ default/files/managed/a5/16/Multi-Key-Total-Memory-Encryption- Spec.pdf" Signed-off-by: Pratik Prajapati Change-Id: I181aed2bf4a79005fe42e3e133b5faee91201dad Reviewed-on: https://review.coreboot.org/c/coreboot/+/45087 Tested-by: build bot (Jenkins) Reviewed-by: Tim Wawrzynczak Reviewed-by: Subrata Banik --- src/soc/intel/common/block/cpu/Kconfig | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'src/soc/intel/common') diff --git a/src/soc/intel/common/block/cpu/Kconfig b/src/soc/intel/common/block/cpu/Kconfig index 1351cb8e1d..995a95680c 100644 --- a/src/soc/intel/common/block/cpu/Kconfig +++ b/src/soc/intel/common/block/cpu/Kconfig @@ -88,3 +88,13 @@ config USE_INTEL_FSP_TO_CALL_COREBOOT_PUBLISH_MP_PPI help This option allows FSP to make use of MP services PPI published by coreboot to perform multiprocessor initialization. + +config INTEL_TME + bool "Total Memory Encryption (TME)/Multi-key TME (MKTME)" + default n + help + Enable Total Memory Encryption (TME)/Multi-key TME (MKTME). The spec is + available at "https://software.intel.com/sites/default/files/managed/a5 + /16/Multi-Key-Total-Memory-Encryption-Spec.pdf". If CPU supports TME, + it would get enabled. If CPU supports MKTME, this same config option + enables MKTME. -- cgit v1.2.3