Skip to main content

Secured-Core

ItemOperationDescription

Secured-Core

Secured-Core

  • Custom(Default)

  • Enabled

Enable Secured-Core support.

When “Enabled” is selected, the 6 related settings are 'Enabled' and locked.

When “Custom” is selected, the related settings can be changed independently as needed. If all 6 related settings are 'Enabled', it is effectively equivalent to Secured-core being 'Enabled'.

IOMMU

  • Disabled

  • Enabled(Default)

Enable or disable IOMMU.

DMAr Support

  • Disabled(Default)

  • Enabled

Enable DMAr system protection during POST.

DMA Protection

  • Disabled(Default)

  • Enabled

Enable DMA remap support in IVRS IVinfo Field.

DRTM Virtual Device Support

  • Disabled(Default)

  • Enabled

Enable DRTM ACPI virtual device.

TSME

  • Disabled(Default)

  • Enabled

Transparent SME:

  • AddrTweakEn = 1

  • ForceEncrEn = 0

  • DataEncrEn = 1

Auto is the default setting.

DRTM Memory Reservation

  • Disabled(Default)

  • Enabled

Reserve 128MB memory below Bottom IO for DRTM. It is required to be enabled for Secured-Core Server function.