security/intel: Add TXT infrastructure

* Add Kconfig to enable TXT * Add possibility to add BIOS and SINIT ACMs * Set default BIOS ACM alignment * Increase FIT space if TXT is enabled The following commits depend on the basic Kconfig infrastructure. Intel TXT isn't supported until all following commits are merged. Change-Id: I5f0f956d2b7ba43d4e7e0062803c6d8ba569a052 Signed-off-by: Patrick Rudolph <patrick.rudolph@9elements.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/34585 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: David Hendricks <david.hendricks@gmail.com>
2019-07-25 11:55:30 +02:00
parent d947c691bc
commit 5fffb5e30d
10 changed files with 109 additions and 3 deletions
--- a/src/soc/intel/skylake/Kconfig
+++ b/src/soc/intel/skylake/Kconfig
@@ -302,4 +302,8 @@ config IFD_CHIPSET
 	string
 	default "sklkbl"

+config INTEL_TXT_BIOSACM_ALIGNMENT
+	hex
+	default 0x40000 # 256KB
+
 endif