]> git.proxmox.com Git - mirror_edk2.git/blob - SecurityPkg/SecurityPkg.dec
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Add security package to repository.
[mirror_edk2.git] / SecurityPkg / SecurityPkg.dec
1 ## @file SecurityPkg.dec
2 # This package includes the security drivers, defintions(including PPIs/PROTOCOLs/GUIDs
3 # and library classes) and libraries instances.
4 #
5 # Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
6 # This program and the accompanying materials are licensed and made available under
7 # the terms and conditions of the BSD License which accompanies this distribution.
8 # The full text of the license may be found at
9 # http://opensource.org/licenses/bsd-license.php
10 #
11 # THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
13 #
14 ##
15
16 [Defines]
17 DEC_SPECIFICATION = 0x00010005
18 PACKAGE_NAME = SecurityPkg
19 PACKAGE_GUID = 24369CAC-6AA6-4fb8-88DB-90BF061668AD
20 PACKAGE_VERSION = 0.91
21
22 [Includes]
23 Include
24
25 [LibraryClasses]
26 ## @libraryclass Definitions for common TPM commands as library API for TPM
27 # module use.
28 TpmCommLib|Include/Library/TpmCommLib.h
29
30 [Guids]
31 ## Security package token space guid
32 # Include/Guid/SecurityPkgTokenSpace.h
33 gEfiSecurityPkgTokenSpaceGuid = { 0xd3fb176, 0x9569, 0x4d51, { 0xa3, 0xef, 0x7d, 0x61, 0xc6, 0x4f, 0xea, 0xba }}
34 ## Guid acted as the authenticated variable store header's signature, and to specify the variable list entries put in the EFI system table.
35 # Include/Guid/AuthenticatedVariableFormat.h
36 gEfiAuthenticatedVariableGuid = { 0xaaf32c78, 0x947b, 0x439a, { 0xa1, 0x80, 0x2e, 0x14, 0x4e, 0xc3, 0x77, 0x92 } }
37
38 ## Include/Guid/TcgEventHob.h
39 gTcgEventEntryHobGuid = { 0x2e3044ac, 0x879f, 0x490f, {0x97, 0x60, 0xbb, 0xdf, 0xaf, 0x69, 0x5f, 0x50 }}
40
41 ## Include/Guid/PhysicalPresenceData.h
42 gEfiPhysicalPresenceGuid = { 0xf6499b1, 0xe9ad, 0x493d, { 0xb9, 0xc2, 0x2f, 0x90, 0x81, 0x5c, 0x6c, 0xbc }}
43
44 [Ppis]
45 ## Include/Ppi/LockPhysicalPresence.h
46 gPeiLockPhysicalPresencePpiGuid = { 0xef9aefe5, 0x2bd3, 0x4031, { 0xaf, 0x7d, 0x5e, 0xfe, 0x5a, 0xbb, 0x9a, 0xd } }
47
48 ## Include/Ppi/TpmInitialized.h
49 gPeiTpmInitializedPpiGuid = { 0xe9db0d58, 0xd48d, 0x47f6, { 0x9c, 0x6e, 0x6f, 0x40, 0xe8, 0x6c, 0x7b, 0x41 }}
50
51 [PcdsFixedAtBuild]
52 ## Pcd for OptionRom.
53 # Image verification policy settings:
54 # ALWAYS_EXECUTE 0x00000000
55 # NEVER_EXECUTE 0x00000001
56 # ALLOW_EXECUTE_ON_SECURITY_VIOLATION 0x00000002
57 # DEFER_EXECUTE_ON_SECURITY_VIOLATION 0x00000003
58 # DENY_EXECUTE_ON_SECURITY_VIOLATION 0x00000004
59 # QUERY_USER_ON_SECURITY_VIOLATION 0x00000005
60 gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x00|UINT32|0x00000001
61
62 ## Pcd for removable media.
63 # Removable media include CD-ROM, Floppy, USB and network.
64 # Image verification policy settings:
65 # ALWAYS_EXECUTE 0x00000000
66 # NEVER_EXECUTE 0x00000001
67 # ALLOW_EXECUTE_ON_SECURITY_VIOLATION 0x00000002
68 # DEFER_EXECUTE_ON_SECURITY_VIOLATION 0x00000003
69 # DENY_EXECUTE_ON_SECURITY_VIOLATION 0x00000004
70 # QUERY_USER_ON_SECURITY_VIOLATION 0x00000005
71 gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy|0x05|UINT32|0x00000002
72
73 ## Pcd for fixed media.
74 # Fixed media include hard disk.
75 # Image verification policy settings:
76 # ALWAYS_EXECUTE 0x00000000
77 # NEVER_EXECUTE 0x00000001
78 # ALLOW_EXECUTE_ON_SECURITY_VIOLATION 0x00000002
79 # DEFER_EXECUTE_ON_SECURITY_VIOLATION 0x00000003
80 # DENY_EXECUTE_ON_SECURITY_VIOLATION 0x00000004
81 # QUERY_USER_ON_SECURITY_VIOLATION 0x00000005
82 gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy|0x05|UINT32|0x00000003
83
84 ## Defer Image Load policy settings.
85 # The policy is bitwise.
86 # If bit is set, the image from corresponding device will be trust when loading.
87 #
88 # IMAGE_UNKNOWN 0x00000001
89 # IMAGE_FROM_FV 0x00000002
90 # IMAGE_FROM_OPTION_ROM 0x00000004
91 # IMAGE_FROM_REMOVABLE_MEDIA 0x00000008
92 # IMAGE_FROM_FIXED_MEDIA 0x00000010
93 gEfiSecurityPkgTokenSpaceGuid.PcdDeferImageLoadPolicy|0x0000001F|UINT32|0x0000004
94
95 ## The token file name used to save credential in USB credential provider driver.
96 # The specified file should be saved at the root directory of USB storage disk.
97 gEfiSecurityPkgTokenSpaceGuid.PcdFixedUsbCredentialProviderTokenFileName|L"Token.bin"|VOID*|0x00000005
98
99 ## The size of Append variable buffer. This buffer is reserved for runtime use, OS can append data into one existing variable.
100 gEfiSecurityPkgTokenSpaceGuid.PcdMaxAppendVariableSize|0x2000|UINT32|0x30000005
101
102 ## This PCD specifies the type of TCG platform that contains TPM chip.
103 # This PCD is only avaiable when PcdTpmPhysicalPresence is TRUE.
104 # If 0, TCG platform type is PC client.
105 # If 1, TCG platform type is server.
106 gEfiSecurityPkgTokenSpaceGuid.PcdTpmPlatformClass|0|UINT8|0x00000006
107
108 ## The PCD is used to control whether to support hiding the TPM.
109 # If TRUE, PcdHideTpm controls whether to hide the TPM.
110 gEfiSecurityPkgTokenSpaceGuid.PcdHideTpmSupport|FALSE|BOOLEAN|0x00000007
111
112 [PcdsDynamic, PcdsDynamicEx]
113 ## The PCD is used to control whether to hide the TPM.
114 gEfiSecurityPkgTokenSpaceGuid.PcdHideTpm|FALSE|BOOLEAN|0x00010002
115
116 ## The PCD is used to specify whether or not MOR (MemoryOverwriteControl) feature is enabled.
117 gEfiSecurityPkgTokenSpaceGuid.PcdMorEnable|FALSE|BOOLEAN|0x00010000
118
119 [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
120 ## This PCD indicates the presence or absence of the platform operator.
121 gEfiSecurityPkgTokenSpaceGuid.PcdTpmPhysicalPresence|TRUE|BOOLEAN|0x00010001
122
EFI Development Kit II mirror for PVE