tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

MdeModulePkg: Deprecate EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS 

Mark EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS as deprecated.
1. Make SetVariable/QueryVariableInfo return EFI_UNSUPPORTED with this
   attribute
2. No change to GetVariable/GetNextVariableName
Also update several function descriptors accordingly

Cc: Long Qin <qin.long@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
This commit is contained in:
Zhang, Chao B 2017-10-24 15:04:00 +08:00
parent 403170bbef
commit 4073f85d4a
10 changed files with 32 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
MdeModulePkg/Include/Guid/VariableFormat.h
View File

@ -2,7 +2,7 @@
The variable data structures are related to EDK II-specific implementation of UEFI variables. The variable data structures are related to EDK II-specific implementation of UEFI variables.
VariableFormat.h defines variable data headers and variable storage region headers. VariableFormat.h defines variable data headers and variable storage region headers.
Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR> Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials are licensed and made available under This program and the accompanying materials are licensed and made available under
the terms and conditions of the BSD License that accompanies this distribution. the terms and conditions of the BSD License that accompanies this distribution.
The full text of the license may be found at The full text of the license may be found at
@ -115,11 +115,16 @@ typedef struct {
/// ///
#define VARIABLE_ATTRIBUTE_NV_BS (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS) #define VARIABLE_ATTRIBUTE_NV_BS (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS)
#define VARIABLE_ATTRIBUTE_BS_RT (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS) #define VARIABLE_ATTRIBUTE_BS_RT (EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS)
#define VARIABLE_ATTRIBUTE_AT_AW (EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS)
#define VARIABLE_ATTRIBUTE_BS_RT_AT (VARIABLE_ATTRIBUTE_BS_RT | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) #define VARIABLE_ATTRIBUTE_BS_RT_AT (VARIABLE_ATTRIBUTE_BS_RT | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS)
#define VARIABLE_ATTRIBUTE_NV_BS_RT (VARIABLE_ATTRIBUTE_BS_RT | EFI_VARIABLE_NON_VOLATILE) #define VARIABLE_ATTRIBUTE_NV_BS_RT (VARIABLE_ATTRIBUTE_BS_RT | EFI_VARIABLE_NON_VOLATILE)
#define VARIABLE_ATTRIBUTE_NV_BS_RT_HR (VARIABLE_ATTRIBUTE_NV_BS_RT | EFI_VARIABLE_HARDWARE_ERROR_RECORD) #define VARIABLE_ATTRIBUTE_NV_BS_RT_HR (VARIABLE_ATTRIBUTE_NV_BS_RT | EFI_VARIABLE_HARDWARE_ERROR_RECORD)
#define VARIABLE_ATTRIBUTE_NV_BS_RT_AT (VARIABLE_ATTRIBUTE_NV_BS_RT | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) #define VARIABLE_ATTRIBUTE_NV_BS_RT_AT (VARIABLE_ATTRIBUTE_NV_BS_RT | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS)
#define VARIABLE_ATTRIBUTE_AT EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS
#define VARIABLE_ATTRIBUTE_NV_BS_RT_HR_AT (VARIABLE_ATTRIBUTE_NV_BS_RT_HR | VARIABLE_ATTRIBUTE_AT)
///
/// EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS is deprecated and should be considered as reserved
///
#define VARIABLE_ATTRIBUTE_AT_AW (EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS)
#define VARIABLE_ATTRIBUTE_NV_BS_RT_AW (VARIABLE_ATTRIBUTE_NV_BS_RT | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) #define VARIABLE_ATTRIBUTE_NV_BS_RT_AW (VARIABLE_ATTRIBUTE_NV_BS_RT | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS)
#define VARIABLE_ATTRIBUTE_NV_BS_RT_HR_AT_AW (VARIABLE_ATTRIBUTE_NV_BS_RT_HR | VARIABLE_ATTRIBUTE_AT_AW) #define VARIABLE_ATTRIBUTE_NV_BS_RT_HR_AT_AW (VARIABLE_ATTRIBUTE_NV_BS_RT_HR | VARIABLE_ATTRIBUTE_AT_AW)

7
MdeModulePkg/Include/Library/AuthVariableLib.h
View File

@ -1,7 +1,7 @@
/** @file /** @file
Provides services to initialize and process authenticated variables. Provides services to initialize and process authenticated variables.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR> Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials are licensed and made available under This program and the accompanying materials are licensed and made available under
the terms and conditions of the BSD License that accompanies this distribution. the terms and conditions of the BSD License that accompanies this distribution.
The full text of the license may be found at The full text of the license may be found at
@ -228,7 +228,7 @@ AuthVariableLibInitialize (
); );
/** /**
Process variable with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS/EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set. Process variable with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set.
@param[in] VariableName Name of the variable. @param[in] VariableName Name of the variable.
@param[in] VendorGuid Variable vendor GUID. @param[in] VendorGuid Variable vendor GUID.
@ -241,8 +241,7 @@ AuthVariableLibInitialize (
@retval EFI_INVALID_PARAMETER Invalid parameter. @retval EFI_INVALID_PARAMETER Invalid parameter.
@retval EFI_WRITE_PROTECTED Variable is write-protected. @retval EFI_WRITE_PROTECTED Variable is write-protected.
@retval EFI_OUT_OF_RESOURCES There is not enough resource. @retval EFI_OUT_OF_RESOURCES There is not enough resource.
@retval EFI_SECURITY_VIOLATION The variable is with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS @retval EFI_SECURITY_VIOLATION The variable is with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACESS
or EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACESS
set, but the AuthInfo does NOT pass the validation set, but the AuthInfo does NOT pass the validation
check carried out by the firmware. check carried out by the firmware.
@retval EFI_UNSUPPORTED Unsupported to process authenticated variable. @retval EFI_UNSUPPORTED Unsupported to process authenticated variable.

7
MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.c
View File

@ -1,7 +1,7 @@
/** @file /** @file
Implements NULL authenticated variable services. Implements NULL authenticated variable services.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR> Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -43,7 +43,7 @@ AuthVariableLibInitialize (
} }
/** /**
Process variable with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS/EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set. Process variable with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set.
@param[in] VariableName Name of the variable. @param[in] VariableName Name of the variable.
@param[in] VendorGuid Variable vendor GUID. @param[in] VendorGuid Variable vendor GUID.
@ -56,8 +56,7 @@ AuthVariableLibInitialize (
@retval EFI_INVALID_PARAMETER Invalid parameter. @retval EFI_INVALID_PARAMETER Invalid parameter.
@retval EFI_WRITE_PROTECTED Variable is write-protected. @retval EFI_WRITE_PROTECTED Variable is write-protected.
@retval EFI_OUT_OF_RESOURCES There is not enough resource. @retval EFI_OUT_OF_RESOURCES There is not enough resource.
@retval EFI_SECURITY_VIOLATION The variable is with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS @retval EFI_SECURITY_VIOLATION The variable is with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACESS
or EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACESS
set, but the AuthInfo does NOT pass the validation set, but the AuthInfo does NOT pass the validation
check carried out by the firmware. check carried out by the firmware.
@retval EFI_UNSUPPORTED Unsupported to process authenticated variable. @retval EFI_UNSUPPORTED Unsupported to process authenticated variable.

8
MdeModulePkg/Library/UefiBootManagerLib/BmMisc.c
View File

@ -305,8 +305,7 @@ BmSetMemoryTypeInformationVariable (
@param VendorGuid A unique identifier for the vendor. @param VendorGuid A unique identifier for the vendor.
@param Attributes Attributes bitmask to set for the variable. @param Attributes Attributes bitmask to set for the variable.
@param DataSize The size in bytes of the Data buffer. Unless the EFI_VARIABLE_APPEND_WRITE, @param DataSize The size in bytes of the Data buffer. Unless the EFI_VARIABLE_APPEND_WRITE,
EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS, or or EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS attribute is set, a size of zero
EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS attribute is set, a size of zero
causes the variable to be deleted. When the EFI_VARIABLE_APPEND_WRITE attribute is causes the variable to be deleted. When the EFI_VARIABLE_APPEND_WRITE attribute is
set, then a SetVariable() call with a DataSize of zero will not cause any change to set, then a SetVariable() call with a DataSize of zero will not cause any change to
the variable value (the timestamp associated with the variable may be updated however the variable value (the timestamp associated with the variable may be updated however
@ -324,9 +323,8 @@ BmSetMemoryTypeInformationVariable (
@retval EFI_DEVICE_ERROR The variable could not be retrieved due to a hardware error. @retval EFI_DEVICE_ERROR The variable could not be retrieved due to a hardware error.
@retval EFI_WRITE_PROTECTED The variable in question is read-only. @retval EFI_WRITE_PROTECTED The variable in question is read-only.
@retval EFI_WRITE_PROTECTED The variable in question cannot be deleted. @retval EFI_WRITE_PROTECTED The variable in question cannot be deleted.
@retval EFI_SECURITY_VIOLATION The variable could not be written due to EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS @retval EFI_SECURITY_VIOLATION The variable could not be written due to EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACESS
or EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACESS being set, but the AuthInfo being set, but the AuthInfo does NOT pass the validation check carried out by the firmware.
does NOT pass the validation check carried out by the firmware.
@retval EFI_NOT_FOUND The variable trying to be updated or deleted was not found. @retval EFI_NOT_FOUND The variable trying to be updated or deleted was not found.
**/ **/

8
MdeModulePkg/Library/UefiBootManagerLib/InternalBm.h
View File

@ -275,8 +275,7 @@ BmStopHotkeyService (
@param VendorGuid A unique identifier for the vendor. @param VendorGuid A unique identifier for the vendor.
@param Attributes Attributes bitmask to set for the variable. @param Attributes Attributes bitmask to set for the variable.
@param DataSize The size in bytes of the Data buffer. Unless the EFI_VARIABLE_APPEND_WRITE, @param DataSize The size in bytes of the Data buffer. Unless the EFI_VARIABLE_APPEND_WRITE,
EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS, or or EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS attribute is set, a size of zero
EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS attribute is set, a size of zero
causes the variable to be deleted. When the EFI_VARIABLE_APPEND_WRITE attribute is causes the variable to be deleted. When the EFI_VARIABLE_APPEND_WRITE attribute is
set, then a SetVariable() call with a DataSize of zero will not cause any change to set, then a SetVariable() call with a DataSize of zero will not cause any change to
the variable value (the timestamp associated with the variable may be updated however the variable value (the timestamp associated with the variable may be updated however
@ -294,9 +293,8 @@ BmStopHotkeyService (
@retval EFI_DEVICE_ERROR The variable could not be retrieved due to a hardware error. @retval EFI_DEVICE_ERROR The variable could not be retrieved due to a hardware error.
@retval EFI_WRITE_PROTECTED The variable in question is read-only. @retval EFI_WRITE_PROTECTED The variable in question is read-only.
@retval EFI_WRITE_PROTECTED The variable in question cannot be deleted. @retval EFI_WRITE_PROTECTED The variable in question cannot be deleted.
@retval EFI_SECURITY_VIOLATION The variable could not be written due to EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS @retval EFI_SECURITY_VIOLATION The variable could not be written due to EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACESS
or EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACESS being set, but the AuthInfo being set, but the AuthInfo does NOT pass the validation check carried out by the firmware.
does NOT pass the validation check carried out by the firmware.
@retval EFI_NOT_FOUND The variable trying to be updated or deleted was not found. @retval EFI_NOT_FOUND The variable trying to be updated or deleted was not found.
**/ **/

10
MdeModulePkg/Universal/BdsDxe/Bds.h
View File

@ -1,7 +1,7 @@
/** @file /** @file
Head file for BDS Architectural Protocol implementation Head file for BDS Architectural Protocol implementation
Copyright (c) 2004 - 2016, Intel Corporation. All rights reserved.<BR> Copyright (c) 2004 - 2017, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -80,8 +80,7 @@ BdsEntry (
@param VendorGuid A unique identifier for the vendor. @param VendorGuid A unique identifier for the vendor.
@param Attributes Attributes bitmask to set for the variable. @param Attributes Attributes bitmask to set for the variable.
@param DataSize The size in bytes of the Data buffer. Unless the EFI_VARIABLE_APPEND_WRITE, @param DataSize The size in bytes of the Data buffer. Unless the EFI_VARIABLE_APPEND_WRITE,
EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS, or or EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS attribute is set, a size of zero
EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS attribute is set, a size of zero
causes the variable to be deleted. When the EFI_VARIABLE_APPEND_WRITE attribute is causes the variable to be deleted. When the EFI_VARIABLE_APPEND_WRITE attribute is
set, then a SetVariable() call with a DataSize of zero will not cause any change to set, then a SetVariable() call with a DataSize of zero will not cause any change to
the variable value (the timestamp associated with the variable may be updated however the variable value (the timestamp associated with the variable may be updated however
@ -99,9 +98,8 @@ BdsEntry (
@retval EFI_DEVICE_ERROR The variable could not be retrieved due to a hardware error. @retval EFI_DEVICE_ERROR The variable could not be retrieved due to a hardware error.
@retval EFI_WRITE_PROTECTED The variable in question is read-only. @retval EFI_WRITE_PROTECTED The variable in question is read-only.
@retval EFI_WRITE_PROTECTED The variable in question cannot be deleted. @retval EFI_WRITE_PROTECTED The variable in question cannot be deleted.
@retval EFI_SECURITY_VIOLATION The variable could not be written due to EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS @retval EFI_SECURITY_VIOLATION The variable could not be written due to EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACESS
or EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACESS being set, but the AuthInfo being set, but the AuthInfo does NOT pass the validation check carried out by the firmware.
does NOT pass the validation check carried out by the firmware.
@retval EFI_NOT_FOUND The variable trying to be updated or deleted was not found. @retval EFI_NOT_FOUND The variable trying to be updated or deleted was not found.
**/ **/

8
MdeModulePkg/Universal/BdsDxe/BdsEntry.c
View File

@ -1112,8 +1112,7 @@ BdsEntry (
@param VendorGuid A unique identifier for the vendor. @param VendorGuid A unique identifier for the vendor.
@param Attributes Attributes bitmask to set for the variable. @param Attributes Attributes bitmask to set for the variable.
@param DataSize The size in bytes of the Data buffer. Unless the EFI_VARIABLE_APPEND_WRITE, @param DataSize The size in bytes of the Data buffer. Unless the EFI_VARIABLE_APPEND_WRITE,
EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS, or or EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS attribute is set, a size of zero
EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS attribute is set, a size of zero
causes the variable to be deleted. When the EFI_VARIABLE_APPEND_WRITE attribute is causes the variable to be deleted. When the EFI_VARIABLE_APPEND_WRITE attribute is
set, then a SetVariable() call with a DataSize of zero will not cause any change to set, then a SetVariable() call with a DataSize of zero will not cause any change to
the variable value (the timestamp associated with the variable may be updated however the variable value (the timestamp associated with the variable may be updated however
@ -1131,9 +1130,8 @@ BdsEntry (
@retval EFI_DEVICE_ERROR The variable could not be retrieved due to a hardware error. @retval EFI_DEVICE_ERROR The variable could not be retrieved due to a hardware error.
@retval EFI_WRITE_PROTECTED The variable in question is read-only. @retval EFI_WRITE_PROTECTED The variable in question is read-only.
@retval EFI_WRITE_PROTECTED The variable in question cannot be deleted. @retval EFI_WRITE_PROTECTED The variable in question cannot be deleted.
@retval EFI_SECURITY_VIOLATION The variable could not be written due to EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS @retval EFI_SECURITY_VIOLATION The variable could not be written due to EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACESS
or EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACESS being set, but the AuthInfo being set, but the AuthInfo does NOT pass the validation check carried out by the firmware.
does NOT pass the validation check carried out by the firmware.
@retval EFI_NOT_FOUND The variable trying to be updated or deleted was not found. @retval EFI_NOT_FOUND The variable trying to be updated or deleted was not found.
**/ **/

4
MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c
View File

@ -4,7 +4,7 @@
This module initilizes MemoryOverwriteRequestControlLock variable. This module initilizes MemoryOverwriteRequestControlLock variable.
This module adds Variable Hook and check MemoryOverwriteRequestControlLock. This module adds Variable Hook and check MemoryOverwriteRequestControlLock.
Copyright (c) 2016, Intel Corporation. All rights reserved.<BR> Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -116,7 +116,7 @@ IsMorLockVariable (
@retval EFI_DEVICE_ERROR The variable could not be saved due to a hardware failure. @retval EFI_DEVICE_ERROR The variable could not be saved due to a hardware failure.
@retval EFI_WRITE_PROTECTED The variable in question is read-only. @retval EFI_WRITE_PROTECTED The variable in question is read-only.
@retval EFI_WRITE_PROTECTED The variable in question cannot be deleted. @retval EFI_WRITE_PROTECTED The variable in question cannot be deleted.
@retval EFI_SECURITY_VIOLATION The variable could not be written due to EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS @retval EFI_SECURITY_VIOLATION The variable could not be written due to EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS
set but the AuthInfo does NOT pass the validation check carried set but the AuthInfo does NOT pass the validation check carried
out by the firmware. out by the firmware.
@retval EFI_NOT_FOUND The variable trying to be updated or deleted was not found. @retval EFI_NOT_FOUND The variable trying to be updated or deleted was not found.

5
MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
View File

@ -3133,8 +3133,11 @@ VariableServiceSetVariable (
// //
// Check for reserverd bit in variable attribute. // Check for reserverd bit in variable attribute.
// EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS is deprecated but we still allow
// the delete operation of common authenticated variable at user physical presence.
// So leave EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS attribute check to AuthVariableLib
// //
if ((Attributes & (~EFI_VARIABLE_ATTRIBUTES_MASK)) != 0) { if ((Attributes & (~(EFI_VARIABLE_ATTRIBUTES_MASK | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS))) != 0) {
return EFI_INVALID_PARAMETER; return EFI_INVALID_PARAMETER;
} }

1
MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h
View File

@ -50,7 +50,6 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
EFI_VARIABLE_BOOTSERVICE_ACCESS | \ EFI_VARIABLE_BOOTSERVICE_ACCESS | \
EFI_VARIABLE_RUNTIME_ACCESS | \ EFI_VARIABLE_RUNTIME_ACCESS | \
EFI_VARIABLE_HARDWARE_ERROR_RECORD | \ EFI_VARIABLE_HARDWARE_ERROR_RECORD | \
EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS | \
EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS | \ EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS | \
EFI_VARIABLE_APPEND_WRITE) EFI_VARIABLE_APPEND_WRITE)