AuthenticatedVariableFormat.h defines variable data headers \r
and variable storage region headers.\r
\r
-Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials \r
are licensed and made available under the terms and conditions of the BSD License \r
which accompanies this distribution. The full text of the license may be found at \r
\r
extern EFI_GUID gEfiAuthenticatedVariableGuid;\r
extern EFI_GUID gEfiSecureBootEnableDisableGuid;\r
+extern EFI_GUID gEfiCertDbGuid;\r
+extern EFI_GUID gEfiCustomModeEnableGuid;\r
+extern EFI_GUID gEfiVendorKeysNvGuid;\r
\r
///\r
/// "SecureBootEnable" variable for the Secure Boot feature enable/disable.\r
#define SECURE_BOOT_ENABLE 1\r
#define SECURE_BOOT_DISABLE 0\r
\r
-extern EFI_GUID gEfiCustomModeEnableGuid;\r
-\r
///\r
/// "CustomMode" variable for two Secure Boot modes feature: "Custom" and "Standard".\r
/// Standard Secure Boot mode is the default mode as UEFI Spec's description.\r
#define STANDARD_SECURE_BOOT_MODE 0\r
\r
///\r
-/// "certdb" variable stores the signer's certificates for non PK/KEK/DB/DBX\r
-/// variables with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set.\r
-/// \r
+/// "VendorKeysNv" variable to record the out of band secure boot keys modification.\r
+/// This variable is a read-only NV varaible that indicates whether someone other than\r
+/// the platform vendor has used a mechanism not defined by the UEFI Specification to\r
+/// transition the system to setup mode or to update secure boot keys.\r
///\r
-#define EFI_CERT_DB_NAME L"certdb"\r
-\r
-extern EFI_GUID gEfiCertDbGuid;\r
+#define EFI_VENDOR_KEYS_NV_VARIABLE_NAME L"VendorKeysNv"\r
+#define VENDOR_KEYS_VALID 1\r
+#define VENDOR_KEYS_MODIFIED 0\r
\r
///\r
/// Alignment of variable name and data, according to the architecture:\r
#define VAR_ADDED 0x3f ///< Variable has been completely added.\r
\r
///\r
+/// Variable Attribute combinations.\r
+///\r
+#define VARIABLE_ATTRIBUTE_NV_BS (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS)\r
+#define VARIABLE_ATTRIBUTE_BS_RT (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS)\r
+#define VARIABLE_ATTRIBUTE_AT_AW (EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS)\r
+#define VARIABLE_ATTRIBUTE_NV_BS_RT (VARIABLE_ATTRIBUTE_BS_RT | EFI_VARIABLE_NON_VOLATILE)\r
+#define VARIABLE_ATTRIBUTE_NV_BS_RT_HR (VARIABLE_ATTRIBUTE_NV_BS_RT | EFI_VARIABLE_HARDWARE_ERROR_RECORD)\r
+#define VARIABLE_ATTRIBUTE_NV_BS_RT_AT (VARIABLE_ATTRIBUTE_NV_BS_RT | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS)\r
+#define VARIABLE_ATTRIBUTE_NV_BS_RT_AW (VARIABLE_ATTRIBUTE_NV_BS_RT | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS)\r
+#define VARIABLE_ATTRIBUTE_NV_BS_RT_HR_AT_AW (VARIABLE_ATTRIBUTE_NV_BS_RT_HR | VARIABLE_ATTRIBUTE_AT_AW)\r
+\r
/// Single Variable Data Header Structure.\r
///\r
typedef struct {\r
EFI_GUID VendorGuid;\r
} VARIABLE_HEADER;\r
\r
+typedef struct {\r
+ EFI_GUID *Guid;\r
+ CHAR16 *Name;\r
+ UINTN VariableSize;\r
+} VARIABLE_ENTRY_CONSISTENCY;\r
+\r
#pragma pack()\r
\r
typedef struct _VARIABLE_INFO_ENTRY VARIABLE_INFO_ENTRY;\r