diff options
author | Fu Siyuan <siyuan.fu@intel.com> | 2013-09-12 05:23:28 +0000 |
---|---|---|
committer | sfu5 <sfu5@6f19259b-4bc3-4df7-8a09-765794883524> | 2013-09-12 05:23:28 +0000 |
commit | a555940b2d4cb525d8c2bfcf16fbaab89157556f (patch) | |
tree | b59fc67f918f1d85ad924d8755ee5afcec9c055c /SecurityPkg/Include | |
parent | 4c58575ecc274fc2e1630a7df3a3169a88ebf682 (diff) | |
download | edk2-a555940b2d4cb525d8c2bfcf16fbaab89157556f.zip edk2-a555940b2d4cb525d8c2bfcf16fbaab89157556f.tar.gz edk2-a555940b2d4cb525d8c2bfcf16fbaab89157556f.tar.bz2 |
Add “VendorKeys” variable for indicating out of band key modification.
Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14660 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'SecurityPkg/Include')
-rw-r--r-- | SecurityPkg/Include/Guid/AuthenticatedVariableFormat.h | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/SecurityPkg/Include/Guid/AuthenticatedVariableFormat.h b/SecurityPkg/Include/Guid/AuthenticatedVariableFormat.h index 6ffd9f1..66947e1 100644 --- a/SecurityPkg/Include/Guid/AuthenticatedVariableFormat.h +++ b/SecurityPkg/Include/Guid/AuthenticatedVariableFormat.h @@ -4,7 +4,7 @@ AuthenticatedVariableFormat.h defines variable data headers
and variable storage region headers.
-Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -29,6 +29,7 @@ extern EFI_GUID gEfiAuthenticatedVariableGuid; extern EFI_GUID gEfiSecureBootEnableDisableGuid;
extern EFI_GUID gEfiCertDbGuid;
extern EFI_GUID gEfiCustomModeEnableGuid;
+extern EFI_GUID gEfiVendorKeysNvGuid;
///
/// "SecureBootEnable" variable for the Secure Boot feature enable/disable.
@@ -52,6 +53,16 @@ extern EFI_GUID gEfiCustomModeEnableGuid; #define STANDARD_SECURE_BOOT_MODE 0
///
+/// "VendorKeysNv" variable to record the out of band secure boot keys modification.
+/// This variable is a read-only NV varaible that indicates whether someone other than
+/// the platform vendor has used a mechanism not defined by the UEFI Specification to
+/// transition the system to setup mode or to update secure boot keys.
+///
+#define EFI_VENDOR_KEYS_NV_VARIABLE_NAME L"VendorKeysNv"
+#define VENDOR_KEYS_VALID 1
+#define VENDOR_KEYS_MODIFIED 0
+
+///
/// Alignment of variable name and data, according to the architecture:
/// * For IA-32 and Intel(R) 64 architectures: 1.
/// * For IA-64 architecture: 8.
|