94fe086a06
Actual support CBnT will be added later on. Change-Id: Icc35c5e6c74d002efee43cc05ecc8023e00631e0 Signed-off-by: Arthur Heymans <arthur@aheymans.xyz> Reviewed-on: https://review.coreboot.org/c/coreboot/+/46456 Reviewed-by: Angel Pons <th3fanbus@gmail.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
28 lines
806 B
Plaintext
28 lines
806 B
Plaintext
# SPDX-License-Identifier: GPL-2.0-only
|
|
|
|
config INTEL_CBNT_SUPPORT
|
|
bool "Intel CBnT support"
|
|
default n
|
|
depends on CPU_INTEL_FIRMWARE_INTERFACE_TABLE
|
|
#depends on PLATFORM_HAS_DRAM_CLEAR
|
|
select INTEL_TXT
|
|
help
|
|
Enables Intel Converged Bootguard and Trusted Execution Technology
|
|
Support. This will enable one to add a Key Manifest (KM) and a Boot
|
|
Policy Manifest (BPM) to the filesystem. It will also wrap a FIT around
|
|
the firmware and update appropriate entries.
|
|
|
|
if INTEL_CBNT_SUPPORT
|
|
|
|
config INTEL_CBNT_KEY_MANIFEST_BINARY
|
|
string "KM (Key Manifest) binary location"
|
|
help
|
|
Location of the Key Manifest (KM)
|
|
|
|
config INTEL_CBNT_BOOT_POLICY_MANIFEST_BINARY
|
|
string "BPM (Boot Policy Manifest) binary location"
|
|
help
|
|
Location of the Boot Policy Manifest (BPM)
|
|
|
|
endif # INTEL_CBNT_SUPPORT
|