SecurityPkg: SecureBootConfigDxe: Remove SecureBoot UI change for Customized Secure Boot

Remove SecureBoot UI support for Customized SecureBoot Mode transition according to Mantis 1263.
The feature has been moved to
  https://github.com/tianocore/edk2-staging/tree/Customized-Secure-Boot
Previous check-in hash is
  SHA-1: 96832eefea

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: El-Haj-Mahmoud Samer <samer.el-haj-mahmoud@hpe.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
This commit is contained in:
Zhang, Chao B 2016-04-28 15:27:09 +08:00
parent 560ac77ea1
commit 12087ff6d6
4 changed files with 32 additions and 417 deletions

View File

@ -33,14 +33,6 @@ formset
subtitle text = STRING_TOKEN(STR_NULL);
//
// Display current secure boot mode(one of SetupMode/AuditMode/UserMode/DeployedMode)
//
text
help = STRING_TOKEN(STR_CUR_SECURE_BOOT_MODE_HELP),
text = STRING_TOKEN(STR_CUR_SECURE_BOOT_MODE_PROMPT),
text = STRING_TOKEN(STR_CUR_SECURE_BOOT_MODE_CONTENT);
text
help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),
text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),
@ -71,7 +63,7 @@ formset
endoneof;
//
// Display PK include page
// Display of 'Current Secure Boot Mode'
//
suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD;
grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;
@ -93,33 +85,6 @@ formset
subtitle text = STRING_TOKEN(STR_NULL);
//
// Display of SetupMode/UserMode/AuditMode/DeployedMode transition
//
oneof name = TransSecureBootMode,
questionid = KEY_TRANS_SECURE_BOOT_MODE,
prompt = STRING_TOKEN(STR_TRANS_SECURE_BOOT_MODE_PROMPT),
help = STRING_TOKEN(STR_TRANS_SECURE_BOOT_MODE_HELP),
flags = INTERACTIVE | NUMERIC_SIZE_1,
suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_AUDIT_MODE
OR (ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_DEPLOYED_MODE AND
ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 0);
option text = STRING_TOKEN(STR_USER_MODE), value = SECURE_BOOT_MODE_USER_MODE, flags = 0;
endif
suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_AUDIT_MODE;
option text = STRING_TOKEN(STR_SETUP_MODE), value = SECURE_BOOT_MODE_SETUP_MODE, flags = 0;
endif
suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_DEPLOYED_MODE;
option text = STRING_TOKEN(STR_AUDIT_MODE), value = SECURE_BOOT_MODE_AUDIT_MODE, flags = 0;
endif
suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_SETUP_MODE;
option text = STRING_TOKEN(STR_DEPLOYED_MODE), value = SECURE_BOOT_MODE_DEPLOYED_MODE, flags = 0;
endif
endoneof;
subtitle text = STRING_TOKEN(STR_NULL);
goto FORMID_SECURE_BOOT_PK_OPTION_FORM,
prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),
help = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP),

View File

@ -49,8 +49,6 @@ HII_VENDOR_DEVICE_PATH mSecureBootHiiVendorDevicePath = {
BOOLEAN mIsEnterSecureBootForm = FALSE;
BOOLEAN mIsSelectedSecureBootModeForm = FALSE;
BOOLEAN mIsSecureBootModeChanged = FALSE;
//
// OID ASN.1 Value for Hash Algorithms
@ -2832,256 +2830,6 @@ ON_EXIT:
);
}
/**
Perform secure boot mode transition from User Mode by setting AuditMode
or DeployedMode variable.
@param[in] NewMode New secure boot mode.
@retval EFI_SUCCESS Secure Boot mode transition is successful.
**/
EFI_STATUS
TransitionFromUserMode(
IN UINT8 NewMode
)
{
UINT8 Data;
EFI_STATUS Status;
if (NewMode == SECURE_BOOT_MODE_AUDIT_MODE) {
Data = 1;
Status = gRT->SetVariable(
EFI_AUDIT_MODE_NAME,
&gEfiGlobalVariableGuid,
EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
sizeof(UINT8),
&Data
);
return Status;
} else if (NewMode == SECURE_BOOT_MODE_DEPLOYED_MODE) {
Data = 1;
Status = gRT->SetVariable(
EFI_DEPLOYED_MODE_NAME,
&gEfiGlobalVariableGuid,
EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
sizeof(UINT8),
&Data
);
return Status;
}
//
// Other case do nothing here. May Goto enroll PK page.
//
return EFI_SUCCESS;
}
/**
Perform secure boot mode transition from Setup Mode by setting AuditMode
variable.
@param[in] NewMode New secure boot mode.
@retval EFI_SUCCESS Secure Boot mode transition is successful.
**/
EFI_STATUS
TransitionFromSetupMode(
IN UINT8 NewMode
)
{
UINT8 Data;
EFI_STATUS Status;
Status = EFI_INVALID_PARAMETER;
if (NewMode == SECURE_BOOT_MODE_AUDIT_MODE) {
Data = 1;
Status = gRT->SetVariable(
EFI_AUDIT_MODE_NAME,
&gEfiGlobalVariableGuid,
EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
sizeof(UINT8),
&Data
);
return Status;
}
//
// Other case do nothing here. May Goto enroll PK page.
//
return EFI_SUCCESS;
}
/**
Perform secure boot mode transition from Audit Mode. Nothing is done here,
should goto enroll PK page.
@param[in] NewMode New secure boot mode.
@retval EFI_SUCCESS Secure Boot mode transition is successful.
**/
EFI_STATUS
TransitionFromAuditMode(
IN UINT8 NewMode
)
{
//
// Other case do nothing here. Should Goto enroll PK page.
//
return EFI_SUCCESS;
}
/**
Perform secure boot mode transition from Deployed Mode by setting Deployed Mode
variable to 0.
@param[in] NewMode New secure boot mode.
@retval EFI_SUCCESS Secure Boot mode transition is successful.
**/
EFI_STATUS
TransitionFromDeployedMode(
IN UINT8 NewMode
)
{
UINT8 Data;
EFI_STATUS Status;
//
// Platform specific logic. when physical presence, Allow to set DeployedMode =:0
// to switch back to UserMode
//
if (NewMode == SECURE_BOOT_MODE_USER_MODE) {
Data = 0;
Status = gRT->SetVariable(
EFI_DEPLOYED_MODE_NAME,
&gEfiGlobalVariableGuid,
EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
sizeof(UINT8),
&Data
);
DEBUG((EFI_D_INFO, "DeployedMode Status %x\n", Status));
return Status;
}
return EFI_SUCCESS;
}
/**
Perform main secure boot mode transition.
@param[in] CurMode New secure boot mode.
@param[in] NewMode New secure boot mode.
@retval EFI_SUCCESS Secure Boot mode transition is successful.
**/
EFI_STATUS
SecureBootModeTransition(
IN UINT8 CurMode,
IN UINT8 NewMode
)
{
EFI_STATUS Status;
//
// Set platform to be customized mode to ensure platform specific mode switch sucess
//
Status = SetSecureBootMode(CUSTOM_SECURE_BOOT_MODE);
if (EFI_ERROR (Status)) {
return Status;
}
//
// SecureBootMode transition
//
switch (CurMode) {
case SECURE_BOOT_MODE_USER_MODE:
Status = TransitionFromUserMode(NewMode);
break;
case SECURE_BOOT_MODE_SETUP_MODE:
Status = TransitionFromSetupMode(NewMode);
break;
case SECURE_BOOT_MODE_AUDIT_MODE:
Status = TransitionFromAuditMode(NewMode);
break;
case SECURE_BOOT_MODE_DEPLOYED_MODE:
Status = TransitionFromDeployedMode(NewMode);
break;
default:
Status = EFI_INVALID_PARAMETER;
ASSERT(FALSE);
}
return Status;
}
/**
Get current secure boot mode by retrieve data from SetupMode/AuditMode/DeployedMode.
@param[out] SecureBootMode Current secure boot mode.
**/
VOID
ExtractSecureBootModeFromVariable(
OUT UINT8 *SecureBootMode
)
{
UINT8 *SetupMode;
UINT8 *AuditMode;
UINT8 *DeployedMode;
SetupMode = NULL;
AuditMode = NULL;
DeployedMode = NULL;
//
// Get AuditMode/DeployedMode from variable
//
GetVariable2 (EFI_SETUP_MODE_NAME, &gEfiGlobalVariableGuid, (VOID**)&SetupMode, NULL);
GetVariable2 (EFI_AUDIT_MODE_NAME, &gEfiGlobalVariableGuid, (VOID**)&AuditMode, NULL);
GetVariable2 (EFI_DEPLOYED_MODE_NAME, &gEfiGlobalVariableGuid, (VOID**)&DeployedMode, NULL);
if (SetupMode != NULL && AuditMode != NULL && DeployedMode != NULL) {
if (*SetupMode == 0 && *AuditMode == 0 && *DeployedMode == 0) {
//
// User Mode
//
*SecureBootMode = SECURE_BOOT_MODE_USER_MODE;
} else if (*SetupMode == 1 && *AuditMode == 0 && *DeployedMode == 0) {
//
// Setup Mode
//
*SecureBootMode = SECURE_BOOT_MODE_SETUP_MODE;
} else if (*SetupMode == 1 && *AuditMode == 1 && *DeployedMode == 0) {
//
// Audit Mode
//
*SecureBootMode = SECURE_BOOT_MODE_AUDIT_MODE;
} else if (*SetupMode == 0 && *AuditMode == 0 && *DeployedMode == 1) {
//
// Deployed Mode
//
*SecureBootMode = SECURE_BOOT_MODE_DEPLOYED_MODE;
} else {
ASSERT(FALSE);
}
}else {
ASSERT(FALSE);
}
if (SetupMode != NULL) {
FreePool (SetupMode);
}
if (DeployedMode != NULL) {
FreePool (DeployedMode);
}
if (AuditMode != NULL) {
FreePool (AuditMode);
}
}
/**
Update SecureBoot strings based on new Secure Boot Mode State. String includes STR_SECURE_BOOT_STATE_CONTENT
@ -3098,7 +2846,6 @@ UpdateSecureBootString(
IN SECUREBOOT_CONFIG_PRIVATE_DATA *Private
)
{
UINT8 CurSecureBootMode;
UINT8 *SecureBoot;
SecureBoot = NULL;
@ -3116,20 +2863,6 @@ UpdateSecureBootString(
} else {
HiiSetString (Private->HiiHandle, STRING_TOKEN (STR_SECURE_BOOT_STATE_CONTENT), L"Disabled", NULL);
}
//
// Get current secure boot mode.
//
ExtractSecureBootModeFromVariable(&CurSecureBootMode);
if (CurSecureBootMode == SECURE_BOOT_MODE_USER_MODE) {
HiiSetString (Private->HiiHandle, STRING_TOKEN (STR_CUR_SECURE_BOOT_MODE_CONTENT), L"UserMode", NULL);
} else if (CurSecureBootMode == SECURE_BOOT_MODE_SETUP_MODE) {
HiiSetString (Private->HiiHandle, STRING_TOKEN (STR_CUR_SECURE_BOOT_MODE_CONTENT), L"SetupMode", NULL);
} else if (CurSecureBootMode == SECURE_BOOT_MODE_AUDIT_MODE) {
HiiSetString (Private->HiiHandle, STRING_TOKEN (STR_CUR_SECURE_BOOT_MODE_CONTENT), L"AuditMode", NULL);
} else if (CurSecureBootMode == SECURE_BOOT_MODE_DEPLOYED_MODE) {
HiiSetString (Private->HiiHandle, STRING_TOKEN (STR_CUR_SECURE_BOOT_MODE_CONTENT), L"DeployedMode", NULL);
}
FreePool(SecureBoot);
@ -3148,10 +2881,12 @@ SecureBootExtractConfigFromVariable (
)
{
UINT8 *SecureBootEnable;
UINT8 *SetupMode;
UINT8 *SecureBootMode;
EFI_TIME CurrTime;
SecureBootEnable = NULL;
SetupMode = NULL;
SecureBootMode = NULL;
//
@ -3177,25 +2912,11 @@ SecureBootExtractConfigFromVariable (
ConfigData->PhysicalPresent = FALSE;
}
//
// Get the SecureBootMode from CustomMode variable.
//
GetVariable2 (EFI_CUSTOM_MODE_NAME, &gEfiCustomModeEnableGuid, (VOID**)&SecureBootMode, NULL);
if (SecureBootMode == NULL) {
ConfigData->SecureBootMode = STANDARD_SECURE_BOOT_MODE;
} else {
ConfigData->SecureBootMode = *(SecureBootMode);
}
//
// Extact current Secure Boot Mode
//
ExtractSecureBootModeFromVariable(&ConfigData->CurSecureBootMode);
//
// If there is no PK then the Delete Pk button will be gray.
//
if (ConfigData->CurSecureBootMode == SECURE_BOOT_MODE_SETUP_MODE || ConfigData->CurSecureBootMode == SECURE_BOOT_MODE_AUDIT_MODE) {
GetVariable2 (EFI_SETUP_MODE_NAME, &gEfiGlobalVariableGuid, (VOID**)&SetupMode, NULL);
if (SetupMode == NULL || (*SetupMode) == SETUP_MODE) {
ConfigData->HasPk = FALSE;
} else {
ConfigData->HasPk = TRUE;
@ -3212,7 +2933,7 @@ SecureBootExtractConfigFromVariable (
//
// Fix Pk, SecureBootEnable inconsistence
//
if (ConfigData->CurSecureBootMode == SECURE_BOOT_MODE_USER_MODE || ConfigData->CurSecureBootMode == SECURE_BOOT_MODE_DEPLOYED_MODE) {
if ((*SetupMode) == USER_MODE) {
ConfigData->HideSecureBoot = FALSE;
if ((SecureBootEnable != NULL) && (*SecureBootEnable == SECURE_BOOT_ENABLE)) {
ConfigData->AttemptSecureBoot = TRUE;
@ -3221,10 +2942,22 @@ SecureBootExtractConfigFromVariable (
ConfigData->HideSecureBoot = TRUE;
}
//
// Get the SecureBootMode from CustomMode variable.
//
GetVariable2 (EFI_CUSTOM_MODE_NAME, &gEfiCustomModeEnableGuid, (VOID**)&SecureBootMode, NULL);
if (SecureBootMode == NULL) {
ConfigData->SecureBootMode = STANDARD_SECURE_BOOT_MODE;
} else {
ConfigData->SecureBootMode = *(SecureBootMode);
}
if (SecureBootEnable != NULL) {
FreePool (SecureBootEnable);
}
if (SetupMode != NULL) {
FreePool (SetupMode);
}
if (SecureBootMode != NULL) {
FreePool (SecureBootMode);
}
@ -3458,18 +3191,20 @@ SecureBootCallback (
UINT8 *SecureBootEnable;
UINT8 *Pk;
UINT8 *SecureBootMode;
UINT8 *SetupMode;
CHAR16 PromptString[100];
UINT8 CurSecureBootMode;
EFI_DEVICE_PATH_PROTOCOL *File;
Status = EFI_SUCCESS;
SecureBootEnable = NULL;
SecureBootMode = NULL;
SetupMode = NULL;
File = NULL;
if ((This == NULL) || (Value == NULL) || (ActionRequest == NULL)) {
return EFI_INVALID_PARAMETER;
}
Private = SECUREBOOT_CONFIG_PRIVATE_FROM_THIS (This);
gSecureBootPrivateData = Private;
@ -3493,13 +3228,6 @@ SecureBootCallback (
Status = UpdateSecureBootString(Private);
SecureBootExtractConfigFromVariable (IfrNvData);
mIsEnterSecureBootForm = TRUE;
} else if (QuestionId == KEY_TRANS_SECURE_BOOT_MODE){
//
// Secure Boot Policy variable changes after transition. Re-sync CurSecureBootMode
//
ExtractSecureBootModeFromVariable(&IfrNvData->CurSecureBootMode);
mIsSelectedSecureBootModeForm = TRUE;
mIsSecureBootModeChanged = FALSE;
}
goto EXIT;
}
@ -3511,11 +3239,6 @@ SecureBootCallback (
Value->u8 = SECURE_BOOT_MODE_STANDARD;
Status = EFI_SUCCESS;
}
} else if (QuestionId == KEY_TRANS_SECURE_BOOT_MODE) {
if (mIsSelectedSecureBootModeForm) {
Value->u8 = IfrNvData->CurSecureBootMode;
Status = EFI_SUCCESS;
}
}
goto EXIT;
}
@ -3770,57 +3493,6 @@ SecureBootCallback (
);
}
break;
case KEY_TRANS_SECURE_BOOT_MODE:
//
// Pop up to alert user want to change secure boot mode
//
if ((IfrNvData->CurSecureBootMode == SECURE_BOOT_MODE_USER_MODE &&
(Value->u8 == SECURE_BOOT_MODE_AUDIT_MODE || Value->u8 == SECURE_BOOT_MODE_DEPLOYED_MODE))
||(IfrNvData->CurSecureBootMode == SECURE_BOOT_MODE_SETUP_MODE &&
Value->u8 == SECURE_BOOT_MODE_AUDIT_MODE)
||(IfrNvData->CurSecureBootMode == SECURE_BOOT_MODE_DEPLOYED_MODE &&
Value->u8 == SECURE_BOOT_MODE_USER_MODE && IfrNvData->PhysicalPresent == 1)){
CreatePopUp (
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
&Key,
L"Are you sure you want to switch secure boot mode?",
L"Press 'Y' to switch secure boot mode, 'N' to discard change and return",
NULL
);
if (Key.UnicodeChar != 'y' && Key.UnicodeChar != 'Y') {
//
// If not 'Y'/''y' restore to defualt secure boot mode
//
Value->u8 = IfrNvData->CurSecureBootMode;
goto EXIT;
}
} else if ((IfrNvData->CurSecureBootMode == SECURE_BOOT_MODE_SETUP_MODE && Value->u8 == SECURE_BOOT_MODE_USER_MODE)
||(IfrNvData->CurSecureBootMode == SECURE_BOOT_MODE_USER_MODE && Value->u8 == SECURE_BOOT_MODE_SETUP_MODE)
||(IfrNvData->CurSecureBootMode == SECURE_BOOT_MODE_AUDIT_MODE && Value->u8 == SECURE_BOOT_MODE_DEPLOYED_MODE)
||(IfrNvData->CurSecureBootMode == SECURE_BOOT_MODE_DEPLOYED_MODE && Value->u8 == SECURE_BOOT_MODE_SETUP_MODE)) {
CreatePopUp (
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
&Key,
L"Secure boot mode transition requires PK change",
L"Please go to link below to update PK",
NULL
);
} else {
Status = EFI_INVALID_PARAMETER;
goto EXIT;
}
Status = SecureBootModeTransition(IfrNvData->CurSecureBootMode, Value->u8);
//
// Secure Boot Policy variable may change after transition. Re-sync CurSecureBootMode
//
ExtractSecureBootModeFromVariable(&CurSecureBootMode);
if (IfrNvData->CurSecureBootMode != CurSecureBootMode) {
IfrNvData->CurSecureBootMode = CurSecureBootMode;
mIsSecureBootModeChanged = TRUE;
}
break;
default:
if ((QuestionId >= OPTION_DEL_KEK_QUESTION_ID) &&
(QuestionId < (OPTION_DEL_KEK_QUESTION_ID + OPTION_CONFIG_RANGE))) {
@ -3889,13 +3561,6 @@ SecureBootCallback (
case KEY_SECURE_BOOT_MODE:
mIsEnterSecureBootForm = FALSE;
break;
case KEY_TRANS_SECURE_BOOT_MODE:
mIsSelectedSecureBootModeForm = FALSE;
if (mIsSecureBootModeChanged) {
*ActionRequest = EFI_BROWSER_ACTION_REQUEST_RESET;
}
mIsSecureBootModeChanged = FALSE;
break;
case KEY_SECURE_BOOT_KEK_GUID:
case KEY_SECURE_BOOT_SIGNATURE_GUID_DB:
case KEY_SECURE_BOOT_SIGNATURE_GUID_DBX:
@ -3914,7 +3579,8 @@ SecureBootCallback (
break;
case KEY_SECURE_BOOT_DELETE_PK:
if (IfrNvData->CurSecureBootMode == SECURE_BOOT_MODE_USER_MODE || IfrNvData->CurSecureBootMode == SECURE_BOOT_MODE_DEPLOYED_MODE) {
GetVariable2 (EFI_SETUP_MODE_NAME, &gEfiGlobalVariableGuid, (VOID**)&SetupMode, NULL);
if (SetupMode == NULL || (*SetupMode) == SETUP_MODE) {
IfrNvData->DeletePk = TRUE;
IfrNvData->HasPk = FALSE;
*ActionRequest = EFI_BROWSER_ACTION_REQUEST_SUBMIT;
@ -3923,6 +3589,9 @@ SecureBootCallback (
IfrNvData->HasPk = TRUE;
*ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;
}
if (SetupMode != NULL) {
FreePool (SetupMode);
}
break;
default:
break;

View File

@ -56,7 +56,6 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#define KEY_HIDE_SECURE_BOOT 0x100c
#define KEY_VALUE_SAVE_AND_EXIT_DBT 0x100d
#define KEY_VALUE_NO_SAVE_AND_EXIT_DBT 0x100e
#define KEY_TRANS_SECURE_BOOT_MODE 0x100f
#define KEY_SECURE_BOOT_OPTION 0x1100
#define KEY_SECURE_BOOT_PK_OPTION 0x1101
@ -108,10 +107,6 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#define SECURE_BOOT_GUID_SIZE 36
#define SECURE_BOOT_GUID_STORAGE_SIZE 37
#define SECURE_BOOT_MODE_USER_MODE 0
#define SECURE_BOOT_MODE_SETUP_MODE 1
#define SECURE_BOOT_MODE_AUDIT_MODE 2
#define SECURE_BOOT_MODE_DEPLOYED_MODE 3
//
// Nv Data structure referenced by IFR
@ -122,8 +117,6 @@ typedef struct {
CHAR16 SignatureGuid[SECURE_BOOT_GUID_STORAGE_SIZE];
BOOLEAN PhysicalPresent; // If a Physical Present User
UINT8 SecureBootMode; // Secure Boot Mode: Standard Or Custom
UINT8 CurSecureBootMode; // Current SecureBoot Mode SetupMode/UserMode/AuditMode/DeployedMode
UINT8 TransSecureBootMode; // Trans Next SecureBoot Mode
BOOLEAN DeletePk;
BOOLEAN HasPk; // If Pk is existed it is true
BOOLEAN AlwaysRevocation; // If the certificate is always revoked. Revocation time is hidden

View File

@ -26,10 +26,6 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#string STR_SECURE_BOOT_PROMPT #language en-US "Attempt Secure Boot"
#string STR_SECURE_BOOT_HELP #language en-US "Enable/Disable the Secure Boot feature after platform reset"
#string STR_CUR_SECURE_BOOT_MODE_PROMPT #language en-US "Current Secure Boot Mode"
#string STR_CUR_SECURE_BOOT_MODE_HELP #language en-US "Current Secure Boot Mode: SetupMode/AuditMode/UserMode/DeployedMode."
#string STR_CUR_SECURE_BOOT_MODE_CONTENT #language en-US " "
#string STR_SECURE_BOOT_ENROLL_SIGNATURE #language en-US "Enroll Signature"
#string STR_SECURE_BOOT_DELETE_SIGNATURE #language en-US "Delete Signature"
@ -60,11 +56,11 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#string STR_FILE_EXPLORER_TITLE #language en-US "File Explorer"
#string STR_SECURE_BOOT_MODE_PROMPT #language en-US "Customize Secure Boot"
#string STR_SECURE_BOOT_MODE_HELP #language en-US "Customize Secure Boot: Standard/Customized. Secure Boot Policy variables can be configured without authentication in customized option"
#string STR_SECURE_BOOT_MODE_PROMPT #language en-US "Secure Boot Mode"
#string STR_SECURE_BOOT_MODE_HELP #language en-US "Secure Boot Mode: Custom Mode or Standard Mode"
#string STR_STANDARD_MODE #language en-US "Standard"
#string STR_CUSTOM_MODE #language en-US "Customized"
#string STR_STANDARD_MODE #language en-US "Standard Mode"
#string STR_CUSTOM_MODE #language en-US "Custom Mode"
#string STR_SECURE_BOOT_OPTION #language en-US "Custom Secure Boot Options"
#string STR_SECURE_BOOT_OPTION_HELP #language en-US "Enter into Custom Secure Boot Options Form"
@ -111,11 +107,3 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#string STR_CERT_TYPE_X509_SHA256_GUID #language en-US "X509_SHA256_GUID"
#string STR_CERT_TYPE_X509_SHA384_GUID #language en-US "X509_SHA384_GUID"
#string STR_CERT_TYPE_X509_SHA512_GUID #language en-US "X509_SHA512_GUID"
#string STR_TRANS_SECURE_BOOT_MODE_PROMPT #language en-US "Secure Boot Mode Transition"
#string STR_TRANS_SECURE_BOOT_MODE_HELP #language en-US "Secure Boot Mode Transition: SetupMode/UserMode/AuditMode/DeployedMode"
#string STR_USER_MODE #language en-US "User Mode"
#string STR_SETUP_MODE #language en-US "Setup Mode"
#string STR_AUDIT_MODE #language en-US "Audit Mode"
#string STR_DEPLOYED_MODE #language en-US "Deployed Mode"