soc/intel/{common,tgl,adl}: guard TME Kconfig option by SoC support

Currently, Intel TME (Total Memory Encryption) can be enabled regardless
of SoC support. Add a Kconfig to guard the option depending on actual
support.

Signed-off-by: Michael Niewöhner <foss@mniewoehner.de>
Change-Id: Ia20152bb0fc56b0aec3019c592dd6d484829aefe
Reviewed-on: https://review.coreboot.org/c/coreboot/+/57762
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Paul Menzel <paulepanter@mailbox.org>
Reviewed-by: Nico Huber <nico.h@gmx.de>

src/soc/intel/alderlake/Kconfig

@@ -18,6 +18,7 @@ config CPU_SPECIFIC_OPTIONS
 	select CACHE_MRC_SETTINGS
 	select CPU_INTEL_COMMON
 	select CPU_INTEL_FIRMWARE_INTERFACE_TABLE
+	select CPU_SUPPORTS_INTEL_TME
 	select CPU_SUPPORTS_PM_TIMER_EMULATION
 	select DRIVERS_USB_ACPI
 	select FSP_COMPRESS_FSP_S_LZ4

src/soc/intel/common/block/cpu/Kconfig

@@ -101,8 +101,15 @@ config USE_INTEL_FSP_TO_CALL_COREBOOT_PUBLISH_MP_PPI
 	  This option allows FSP to make use of MP services PPI published by
 	  coreboot to perform multiprocessor initialization.
 
+config CPU_SUPPORTS_INTEL_TME
+	bool
+	default n
+	help
+	  Select this if the SoC supports Intel Total Memory Encryption (TME).
+
 config INTEL_TME
 	bool "Total Memory Encryption (TME)/Multi-key TME (MKTME)"
+	depends on CPU_SUPPORTS_INTEL_TME
 	default n
 	help
 	 Enable Total Memory Encryption (TME)/Multi-key TME (MKTME). The spec is

src/soc/intel/tigerlake/Kconfig

@@ -16,6 +16,7 @@ config CPU_SPECIFIC_OPTIONS
 	select CACHE_MRC_SETTINGS
 	select CPU_INTEL_COMMON
 	select CPU_INTEL_FIRMWARE_INTERFACE_TABLE
+	select CPU_SUPPORTS_INTEL_TME
 	select CPU_SUPPORTS_PM_TIMER_EMULATION
 	select DRIVERS_USB_ACPI
 	select FAST_SPI_SUPPORTS_EXT_BIOS_WINDOW