2014-07-22 23:56:53 +02:00
|
|
|
## @file
|
|
|
|
|
# FDF include file with Layout Regions that define an empty variable store.
|
|
|
|
|
#
|
|
|
|
|
# Copyright (C) 2014, Red Hat, Inc.
|
|
|
|
|
# Copyright (c) 2006 - 2013, Intel Corporation. All rights reserved.<BR>
|
|
|
|
|
#
|
|
|
|
|
# This program and the accompanying materials are licensed and made available
|
|
|
|
|
# under the terms and conditions of the BSD License which accompanies this
|
|
|
|
|
# distribution. The full text of the license may be found at
|
|
|
|
|
# http://opensource.org/licenses/bsd-license.php
|
|
|
|
|
#
|
|
|
|
|
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
|
|
|
|
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR
|
|
|
|
|
# IMPLIED.
|
|
|
|
|
#
|
|
|
|
|
##
|
|
|
|
|
|
|
|
|
|
0x00000000|0x0000e000
|
|
|
|
|
#NV_VARIABLE_STORE
|
|
|
|
|
DATA = {
|
|
|
|
|
## This is the EFI_FIRMWARE_VOLUME_HEADER
|
|
|
|
|
# ZeroVector []
|
|
|
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
|
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
|
|
|
# FileSystemGuid: gEfiSystemNvDataFvGuid =
|
|
|
|
|
# { 0xFFF12B8D, 0x7696, 0x4C8B,
|
|
|
|
|
# { 0xA9, 0x85, 0x27, 0x47, 0x07, 0x5B, 0x4F, 0x50 }}
|
|
|
|
|
0x8D, 0x2B, 0xF1, 0xFF, 0x96, 0x76, 0x8B, 0x4C,
|
|
|
|
|
0xA9, 0x85, 0x27, 0x47, 0x07, 0x5B, 0x4F, 0x50,
|
|
|
|
|
# FvLength: 0x20000
|
|
|
|
|
0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
|
|
|
# Signature "_FVH" # Attributes
|
|
|
|
|
0x5f, 0x46, 0x56, 0x48, 0xff, 0xfe, 0x04, 0x00,
|
|
|
|
|
# HeaderLength # CheckSum # ExtHeaderOffset #Reserved #Revision
|
|
|
|
|
0x48, 0x00, 0x19, 0xF9, 0x00, 0x00, 0x00, 0x02,
|
|
|
|
|
# Blockmap[0]: 0x20 Blocks * 0x1000 Bytes / Block
|
|
|
|
|
0x20, 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00,
|
|
|
|
|
# Blockmap[1]: End
|
|
|
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
|
|
|
## This is the VARIABLE_STORE_HEADER
|
OvmfPkg: simplify VARIABLE_STORE_HEADER generation
Before the merger of the authenticated and non-authenticated variable
drivers (commit fa0737a839d0), we had to match the varstore header GUID in
"OvmfPkg/VarStore.fdf.inc" to SECURE_BOOT_ENABLE, because the opposite
GUID would cause either driver to fail an assertion. The header structures
for individual variables residing in the varstore were different
(VARIABLE_HEADER vs. AUTHENTICATED_VARIABLE_HEADER), and each driver could
only handle its own, so this GUID enforcement was necessary.
Since the unification of the variable driver however, it treats (a)
variable store format, and (b) AuthVariableLib instance as independent
characteristics; it can always manipulate variable stores with both header
types. All variations boot now; the difference is whether authenticated
variables, and special variables computed from them (like SecureBoot) are
supported at runtime:
variable store non-auth auth and SB
header GUID AuthVariableLib variables variables
-- --------------------- ------------------- -> --------- -----------
1 Variable SecurityPkg/... supported unsupported
2 Variable AuthVariableLibNull supported unsupported
3 AuthenticatedVariable SecurityPkg/... supported supported
4 AuthenticatedVariable AuthVariableLibNull supported unsupported
At the moment, SECURE_BOOT_ENABLE selects between cases #2 (FALSE) and #3
(TRUE). That is, it controls both the varstore header GUID in
"OvmfPkg/VarStore.fdf.inc", and the AuthVariableLib resolution in the DSC
files.
Exploiting the unified driver's flexibility, we can simplify
"OvmfPkg/VarStore.fdf.inc" by picking the AuthenticatedVariable GUID as a
constant, and letting SECURE_BOOT_ENABLE control only the AuthVariableLib
resolution. This amounts to SECURE_BOOT_ENABLE choosing between cases #3
(TRUE) and #4 (FALSE), with identical results as before.
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Ref: http://thread.gmane.org/gmane.comp.bios.edk2.devel/7319/focus=7344
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
2016-02-05 20:35:30 +01:00
|
|
|
# It is compatible with SECURE_BOOT_ENABLE == FALSE as well.
|
2014-07-22 23:56:53 +02:00
|
|
|
# Signature: gEfiAuthenticatedVariableGuid =
|
|
|
|
|
# { 0xaaf32c78, 0x947b, 0x439a,
|
|
|
|
|
# { 0xa1, 0x80, 0x2e, 0x14, 0x4e, 0xc3, 0x77, 0x92 }}
|
|
|
|
|
0x78, 0x2c, 0xf3, 0xaa, 0x7b, 0x94, 0x9a, 0x43,
|
|
|
|
|
0xa1, 0x80, 0x2e, 0x14, 0x4e, 0xc3, 0x77, 0x92,
|
|
|
|
|
# Size: 0xe000 (gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize) -
|
|
|
|
|
# 0x48 (size of EFI_FIRMWARE_VOLUME_HEADER) = 0xdfb8
|
|
|
|
|
# This can speed up the Variable Dispatch a bit.
|
|
|
|
|
0xB8, 0xDF, 0x00, 0x00,
|
|
|
|
|
# FORMATTED: 0x5A #HEALTHY: 0xFE #Reserved: UINT16 #Reserved1: UINT32
|
|
|
|
|
0x5A, 0xFE, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
0x0000e000|0x00001000
|
|
|
|
|
#NV_EVENT_LOG
|
|
|
|
|
|
|
|
|
|
0x0000f000|0x00001000
|
|
|
|
|
#NV_FTW_WORKING
|
|
|
|
|
DATA = {
|
|
|
|
|
# EFI_FAULT_TOLERANT_WORKING_BLOCK_HEADER->Signature = gEdkiiWorkingBlockSignatureGuid =
|
|
|
|
|
# { 0x9e58292b, 0x7c68, 0x497d, { 0xa0, 0xce, 0x65, 0x0, 0xfd, 0x9f, 0x1b, 0x95 }}
|
|
|
|
|
0x2b, 0x29, 0x58, 0x9e, 0x68, 0x7c, 0x7d, 0x49,
|
|
|
|
|
0xa0, 0xce, 0x65, 0x0, 0xfd, 0x9f, 0x1b, 0x95,
|
|
|
|
|
# Crc:UINT32 #WorkingBlockValid:1, WorkingBlockInvalid:1, Reserved
|
|
|
|
|
0x2c, 0xaf, 0x2c, 0x64, 0xFE, 0xFF, 0xFF, 0xFF,
|
|
|
|
|
# WriteQueueSize: UINT64
|
|
|
|
|
0xE0, 0x0F, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
0x00010000|0x00010000
|
|
|
|
|
#NV_FTW_SPARE
|