diff --git a/src/soc/intel/skylake/chip.h b/src/soc/intel/skylake/chip.h
index 67a6783186..1377237672 100644
--- a/src/soc/intel/skylake/chip.h
+++ b/src/soc/intel/skylake/chip.h
@@ -487,6 +487,14 @@ struct soc_intel_skylake_config {
 	 * 0b - Disabled
 	 */
 	u8 eist_enable;
+	/*
+	 * Skip Spi Flash Lockdown from inside FSP.
+	 * Making this config "0" means FSP won't set the FLOCKDN bit of
+	 * SPIBAR + 0x04 (i.e., Bit 15 of BIOS_HSFSTS_CTL).
+	 * So, it becomes coreboot's responsibility to set this bit before
+	 * end of POST for security concerns.
+	 */
+	u8 SpiFlashCfgLockDown;
 };
 
 typedef struct soc_intel_skylake_config config_t;
diff --git a/src/soc/intel/skylake/chip_fsp20.c b/src/soc/intel/skylake/chip_fsp20.c
index 8a7cb210e0..4cff6688a8 100644
--- a/src/soc/intel/skylake/chip_fsp20.c
+++ b/src/soc/intel/skylake/chip_fsp20.c
@@ -239,6 +239,15 @@ void platform_fsp_silicon_init_params_cb(FSPS_UPD *supd)
 	dev = dev_find_slot(0, PCH_DEVFN_SPI);
 	params->ShowSpiController = dev->enabled;
 
+	/*
+	 * Skip Spi Flash Lockdown from inside FSP.
+	 * Making this config "0" means FSP won't set the FLOCKDN bit of
+	 * SPIBAR + 0x04 (i.e., Bit 15 of BIOS_HSFSTS_CTL).
+	 * So, it becomes coreboot's responsibility to set this bit before
+	 * end of POST for security concerns.
+	 */
+	params->SpiFlashCfgLockDown = config->SpiFlashCfgLockDown;
+
 	/*
 	 * Send VR specific mailbox commands:
 	 * 000b - no VR specific command sent