From 79e7b6472797f156d1ff28f3022b25d9c6f250f9 Mon Sep 17 00:00:00 2001 From: Chao Zhang Date: Mon, 7 Dec 2015 06:15:20 +0000 Subject: [PATCH] MdePkg: Add AuditMode/DeployedMode name definition Add AuditMode/DeployedMode definition from Enable Secure Boot feature defined in UEFI2.5 Mantis 1263. https://mantis.uefi.org/mantis/view.php?id=1263 Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang Reviewed-by: Zeng Star Reviewed-by: Long Qin git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19130 6f19259b-4bc3-4df7-8a09-765794883524 --- MdePkg/Include/Guid/GlobalVariable.h | 14 ++++++++++++++ MdePkg/Include/Guid/ImageAuthentication.h | 9 ++++++--- 2 files changed, 20 insertions(+), 3 deletions(-) diff --git a/MdePkg/Include/Guid/GlobalVariable.h b/MdePkg/Include/Guid/GlobalVariable.h index 1e4fbc8227..e58f7a1e8c 100644 --- a/MdePkg/Include/Guid/GlobalVariable.h +++ b/MdePkg/Include/Guid/GlobalVariable.h @@ -126,6 +126,20 @@ extern EFI_GUID gEfiGlobalVariableGuid; /// #define EFI_SETUP_MODE_NAME L"SetupMode" /// +/// Whether the system is operating in audit mode (1) or not (0). +/// All other values are reserved. Should be treated as read-only except when DeployedMode is 0. +/// Always becomes read-only after ExitBootServices() is called. +/// Its attribute is BS+RT. +/// +#define EFI_AUDIT_MODE_NAME L"AuditMode" +/// +/// Whether the system is operating in deployed mode (1) or not (0). +/// All other values are reserved. Should be treated as read-only when its value is 1. +/// Always becomes read-only after ExitBootServices() is called. +/// Its attribute is BS+RT. +/// +#define EFI_DEPLOYED_MODE_NAME L"DeployedMode" +/// /// The Key Exchange Key Signature Database. /// Its attribute is NV+BS+RT+AT. /// diff --git a/MdePkg/Include/Guid/ImageAuthentication.h b/MdePkg/Include/Guid/ImageAuthentication.h index 4f4296086d..2f51935c0c 100644 --- a/MdePkg/Include/Guid/ImageAuthentication.h +++ b/MdePkg/Include/Guid/ImageAuthentication.h @@ -43,9 +43,12 @@ #define SECURE_BOOT_MODE_ENABLE 1 #define SECURE_BOOT_MODE_DISABLE 0 -#define SETUP_MODE 1 -#define USER_MODE 0 - +#define SETUP_MODE_ENABLE 1 +#define SETUP_MODE_DISABLE 0 +#define DEPLOYED_MODE_ENABLE 1 +#define DEPLOYED_MODE_DISABLE 0 +#define AUDIT_MODE_ENABLE 1 +#define AUDIT_MODE_DISABLE 0 //*********************************************************************** // Signature Database -- 2.39.2