From: Alison Schofield <alison.schofield@xxxxxxxxx>
Signed-off-by: Alison Schofield <alison.schofield@xxxxxxxxx>
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@xxxxxxxxxxxxxxx>
---
Documentation/x86/mktme/index.rst | 1 +
Documentation/x86/mktme/mktme_configuration.rst | 17 +++++++++++++++++
2 files changed, 18 insertions(+)
create mode 100644 Documentation/x86/mktme/mktme_configuration.rst
diff --git a/Documentation/x86/mktme/index.rst b/Documentation/x86/mktme/index.rst
index a3a29577b013..0f021cc4a2db 100644
--- a/Documentation/x86/mktme/index.rst
+++ b/Documentation/x86/mktme/index.rst
@@ -7,3 +7,4 @@ Multi-Key Total Memory Encryption (MKTME)
mktme_overview
mktme_mitigations
+ mktme_configuration
diff --git a/Documentation/x86/mktme/mktme_configuration.rst b/Documentation/x86/mktme/mktme_configuration.rst
new file mode 100644
index 000000000000..91d2f80c736e
--- /dev/null
+++ b/Documentation/x86/mktme/mktme_configuration.rst
@@ -0,0 +1,17 @@
+MKTME Configuration
+===================
+
+CONFIG_X86_INTEL_MKTME
+ MKTME is enabled by selecting CONFIG_X86_INTEL_MKTME on Intel
+ platforms supporting the MKTME feature.
+
+mktme_storekeys
+ mktme_storekeys is a kernel cmdline parameter.
+
+ This parameter allows the kernel to store the user specified
+ MKTME key payload. Storing this payload means that the MKTME
+ Key Service can always allow the addition of new physical
+ packages. If the mktme_storekeys parameter is not present,
+ users key data will not be stored, and new physical packages
+ may only be added to the system if no user type MKTME keys
+ are programmed.
--
2.20.1
