Subrata Banik has submitted this change. ( https://review.coreboot.org/c/coreboot/+/45087 )
Change subject: soc/intel/common: Add config option to enable TME/MKTME ......................................................................
soc/intel/common: Add config option to enable TME/MKTME
Add config option to enable TME/MKTME. The spec is available at: "https://software.intel.com/sites/ default/files/managed/a5/16/Multi-Key-Total-Memory-Encryption- Spec.pdf"
Signed-off-by: Pratik Prajapati pratikkumar.v.prajapati@intel.com Change-Id: I181aed2bf4a79005fe42e3e133b5faee91201dad Reviewed-on: https://review.coreboot.org/c/coreboot/+/45087 Tested-by: build bot (Jenkins) no-reply@coreboot.org Reviewed-by: Tim Wawrzynczak twawrzynczak@chromium.org Reviewed-by: Subrata Banik subrata.banik@intel.com --- M src/soc/intel/common/block/cpu/Kconfig 1 file changed, 10 insertions(+), 0 deletions(-)
Approvals: build bot (Jenkins): Verified Subrata Banik: Looks good to me, approved Tim Wawrzynczak: Looks good to me, but someone else must approve
diff --git a/src/soc/intel/common/block/cpu/Kconfig b/src/soc/intel/common/block/cpu/Kconfig index 1351cb8..995a956 100644 --- a/src/soc/intel/common/block/cpu/Kconfig +++ b/src/soc/intel/common/block/cpu/Kconfig @@ -88,3 +88,13 @@ help This option allows FSP to make use of MP services PPI published by coreboot to perform multiprocessor initialization. + +config INTEL_TME + bool "Total Memory Encryption (TME)/Multi-key TME (MKTME)" + default n + help + Enable Total Memory Encryption (TME)/Multi-key TME (MKTME). The spec is + available at "https://software.intel.com/sites/default/files/managed/a5 + /16/Multi-Key-Total-Memory-Encryption-Spec.pdf". If CPU supports TME, + it would get enabled. If CPU supports MKTME, this same config option + enables MKTME.