Skip to main content

Secured-Core

ItemOperationDescription

Secured-Core

Secured-Core

  • Custom (Default)

  • Enabled

Enable Secured-Core support.

When Secured-core is “Enabled”, the 4 related settings are 'Enabled' and locked.

When Secured-core is “Custom” ,the related settings can be changed independently as needed. If all 4 related settings are 'Enabled', it is effectively equivalent to Secured-core being 'Enabled'.

IOMMU

  • Disabled

  • Enabled (Default)

Enable/Disable IOMMU.

DMAr Support

  • Disabled (Default)

  • Enabled

Enable DMAr system protection during POST.

DMA Protection

  • Disabled (Default)

  • Enabled

Enable DMA remap support in IVRS IVinfo Field.

DRTM Virtual Device Support

  • Disabled (Default)

  • Enabled

Enable DRTM ACPI virtual device.

TSME

  • Disabled (Default)

  • Enabled

Transparent SME:

  • AddrTweakEn = 1

  • ForceEncrEn = 0

  • DataEncrEn = 1

DRTM Memory Reservation

  • Disabled (Default)

  • Enabled

Reserve 128MB memory below Bottom IO for DRTM. It is required to be enabled for Secured-Core Server function.