TianoCore EDK2 master
|
#include <Guid/VariableFormat.h>
Go to the source code of this file.
Macros | |
#define | EFI_SECURE_BOOT_ENABLE_DISABLE { 0xf0a30bc7, 0xaf08, 0x4556, { 0x99, 0xc4, 0x0, 0x10, 0x9, 0xc9, 0x3a, 0x44 } } |
#define | EFI_SECURE_BOOT_ENABLE_NAME L"SecureBootEnable" |
#define | SECURE_BOOT_ENABLE 1 |
#define | SECURE_BOOT_DISABLE 0 |
#define | EFI_CUSTOM_MODE_NAME L"CustomMode" |
#define | CUSTOM_SECURE_BOOT_MODE 1 |
#define | STANDARD_SECURE_BOOT_MODE 0 |
#define | EFI_VENDOR_KEYS_NV_VARIABLE_NAME L"VendorKeysNv" |
#define | VENDOR_KEYS_VALID 1 |
#define | VENDOR_KEYS_MODIFIED 0 |
Variables | |
EFI_GUID | gEfiSecureBootEnableDisableGuid |
EFI_GUID | gEfiCertDbGuid |
EFI_GUID | gEfiCustomModeEnableGuid |
EFI_GUID | gEfiVendorKeysNvGuid |
The variable data structures are related to EDKII-specific implementation of UEFI authenticated variables. AuthenticatedVariableFormat.h defines variable data headers and variable storage region headers that has been moved to VariableFormat.h.
Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent
Definition in file AuthenticatedVariableFormat.h.
#define CUSTOM_SECURE_BOOT_MODE 1 |
Definition at line 52 of file AuthenticatedVariableFormat.h.
#define EFI_CUSTOM_MODE_NAME L"CustomMode" |
"CustomMode" variable for two Secure Boot modes feature: "Custom" and "Standard". Standard Secure Boot mode is the default mode as UEFI Spec's description. Custom Secure Boot mode allows for more flexibility as specified in the following: Can enroll or delete PK without existing PK's private key. Can enroll or delete KEK without existing PK's private key. Can enroll or delete signature from DB/DBX without KEK's private key.
GUID: gEfiCustomModeEnableGuid
Format: UINT8
Definition at line 51 of file AuthenticatedVariableFormat.h.
#define EFI_SECURE_BOOT_ENABLE_DISABLE { 0xf0a30bc7, 0xaf08, 0x4556, { 0x99, 0xc4, 0x0, 0x10, 0x9, 0xc9, 0x3a, 0x44 } } |
Definition at line 18 of file AuthenticatedVariableFormat.h.
#define EFI_SECURE_BOOT_ENABLE_NAME L"SecureBootEnable" |
"SecureBootEnable" variable for the Secure Boot feature enable/disable. This variable is used for allowing a physically present user to disable Secure Boot via firmware setup without the possession of PKpriv.
GUID: gEfiSecureBootEnableDisableGuid
Format: UINT8
Definition at line 35 of file AuthenticatedVariableFormat.h.
#define EFI_VENDOR_KEYS_NV_VARIABLE_NAME L"VendorKeysNv" |
"VendorKeysNv" variable to record the out of band secure boot keys modification. This variable is a read-only NV variable that indicates whether someone other than the platform vendor has used a mechanism not defined by the UEFI Specification to transition the system to setup mode or to update secure boot keys.
GUID: gEfiVendorKeysNvGuid
Format: UINT8
Definition at line 65 of file AuthenticatedVariableFormat.h.
#define SECURE_BOOT_DISABLE 0 |
Definition at line 37 of file AuthenticatedVariableFormat.h.
#define SECURE_BOOT_ENABLE 1 |
Definition at line 36 of file AuthenticatedVariableFormat.h.
#define STANDARD_SECURE_BOOT_MODE 0 |
Definition at line 53 of file AuthenticatedVariableFormat.h.
#define VENDOR_KEYS_MODIFIED 0 |
Definition at line 67 of file AuthenticatedVariableFormat.h.
#define VENDOR_KEYS_VALID 1 |
Definition at line 66 of file AuthenticatedVariableFormat.h.