config SECUREBOOT
    default y
    help
        Enable and enforce secure boot

# @TODO RTC:178520 Remove this in the future
config SECUREBOOT_BEST_EFFORT
    default n
    depends on SECUREBOOT
    help
        Enable Best effort Secureboot. Should only be used for
        phasing in new secureboot functionality.

config DRTM #TODO RTC: 170487 Disable for relevant platforms
    default n
    depends on (SECUREBOOT && TPMDD)
    help
        Enable DRTM support

config DRTM_TRIGGERING #TODO RTC: 170487 Disable for relevant platforms
    default y if DRTM
    depends on DRTM
    help
        Enable triggering DRTM from Hostboot when the
        ATTR_FORCE_PRE_PAYLOAD_DRTM attribute is overridden

config TPM_NVIDX_VALIDATE
    default y if TPMDD
    depends on TPMDD
    help
        Validate TPM MFG NV Index Provisioning during IPL