tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

1. Set the secure boot state to Standard Mode when user leaving secure boot setup page. 

2. Add “Current SecureBoot State” field to reflect current secure boot status of the platform.

Signed-off-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14042 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
sfu5 2013-01-09 05:19:43 +00:00
parent 83758cdc84
commit f71ed839e1
5 changed files with 167 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
View File

@ -356,30 +356,23 @@ AutenticatedVariableServiceInitialize (
DEBUG ((EFI_D_INFO, "Variable %s is %x\n", EFI_SECURE_BOOT_ENABLE_NAME, SecureBootEnable)); DEBUG ((EFI_D_INFO, "Variable %s is %x\n", EFI_SECURE_BOOT_ENABLE_NAME, SecureBootEnable));
// //
// Check "CustomMode" variable's existence. // Initialize "CustomMode" in STANDARD_SECURE_BOOT_MODE state.
// //
FindVariable (EFI_CUSTOM_MODE_NAME, &gEfiCustomModeEnableGuid, &Variable, &mVariableModuleGlobal->VariableGlobal, FALSE); FindVariable (EFI_CUSTOM_MODE_NAME, &gEfiCustomModeEnableGuid, &Variable, &mVariableModuleGlobal->VariableGlobal, FALSE);
if (Variable.CurrPtr != NULL) { CustomMode = STANDARD_SECURE_BOOT_MODE;
CustomMode = *(GetVariableDataPtr (Variable.CurrPtr)); Status = UpdateVariable (
} else { EFI_CUSTOM_MODE_NAME,
// &gEfiCustomModeEnableGuid,
// "CustomMode" not exist, initialize it in STANDARD_SECURE_BOOT_MODE. &CustomMode,
// sizeof (UINT8),
CustomMode = STANDARD_SECURE_BOOT_MODE; EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,
Status = UpdateVariable ( 0,
EFI_CUSTOM_MODE_NAME, 0,
&gEfiCustomModeEnableGuid, &Variable,
&CustomMode, NULL
sizeof (UINT8), );
EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS, if (EFI_ERROR (Status)) {
0, return Status;
0,
&Variable,
NULL
);
if (EFI_ERROR (Status)) {
return Status;
}
} }
DEBUG ((EFI_D_INFO, "Variable %s is %x\n", EFI_CUSTOM_MODE_NAME, CustomMode)); DEBUG ((EFI_D_INFO, "Variable %s is %x\n", EFI_CUSTOM_MODE_NAME, CustomMode));

11
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
View File

@ -1,7 +1,7 @@
/** @file /** @file
VFR file used by the SecureBoot configuration component. VFR file used by the SecureBoot configuration component.
Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.<BR> Copyright (c) 2011 - 2013, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -32,7 +32,12 @@ formset
title = STRING_TOKEN(STR_SECUREBOOT_TITLE); title = STRING_TOKEN(STR_SECUREBOOT_TITLE);
subtitle text = STRING_TOKEN(STR_NULL); subtitle text = STRING_TOKEN(STR_NULL);
text
help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),
text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),
text = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);
// //
// Define of Check Box: Attempt Secure Boot // Define of Check Box: Attempt Secure Boot
// //
@ -47,7 +52,7 @@ formset
// Display of Check Box: Attempt Secure Boot // Display of Check Box: Attempt Secure Boot
// //
grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1; grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;
checkbox varid = SECUREBOOT_CONFIGURATION.SecureBootState, checkbox varid = SECUREBOOT_CONFIGURATION.AttemptSecureBoot,
questionid = KEY_SECURE_BOOT_ENABLE, questionid = KEY_SECURE_BOOT_ENABLE,
prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT), prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),
help = STRING_TOKEN(STR_SECURE_BOOT_HELP), help = STRING_TOKEN(STR_SECURE_BOOT_HELP),

165
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
View File

@ -1,7 +1,7 @@
/** @file /** @file
HII Config Access protocol implementation of SecureBoot configuration module. HII Config Access protocol implementation of SecureBoot configuration module.
Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.<BR> Copyright (c) 2011 - 2013, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -253,6 +253,7 @@ DeleteVariable (
if (Variable == NULL) { if (Variable == NULL) {
return EFI_SUCCESS; return EFI_SUCCESS;
} }
FreePool (Variable);
Data = NULL; Data = NULL;
DataSize = 0; DataSize = 0;
@ -278,6 +279,31 @@ DeleteVariable (
return Status; return Status;
} }
/**
Set the platform secure boot mode into "Custom" or "Standard" mode.
@param[in] SecureBootMode New secure boot mode: STANDARD_SECURE_BOOT_MODE or
CUSTOM_SECURE_BOOT_MODE.
@return EFI_SUCCESS The platform has switched to the special mode successfully.
@return other Fail to operate the secure boot mode.
**/
EFI_STATUS
SetSecureBootMode (
IN UINT8 SecureBootMode
)
{
return gRT->SetVariable (
EFI_CUSTOM_MODE_NAME,
&gEfiCustomModeEnableGuid,
EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,
sizeof (UINT8),
&SecureBootMode
);
}
/** /**
Generate the PK signature list from the X509 Certificate storing file (.cer) Generate the PK signature list from the X509 Certificate storing file (.cer)
@ -380,6 +406,11 @@ EnrollPlatformKey (
PkCert = NULL; PkCert = NULL;
Status = SetSecureBootMode(CUSTOM_SECURE_BOOT_MODE);
if (EFI_ERROR (Status)) {
return Status;
}
// //
// Parse the file's postfix. Only support DER encoded X.509 certificate files. // Parse the file's postfix. Only support DER encoded X.509 certificate files.
// //
@ -457,6 +488,11 @@ DeletePlatformKey (
{ {
EFI_STATUS Status; EFI_STATUS Status;
Status = SetSecureBootMode(CUSTOM_SECURE_BOOT_MODE);
if (EFI_ERROR (Status)) {
return Status;
}
Status = DeleteVariable ( Status = DeleteVariable (
EFI_PLATFORM_KEY_NAME, EFI_PLATFORM_KEY_NAME,
&gEfiGlobalVariableGuid &gEfiGlobalVariableGuid
@ -766,11 +802,17 @@ EnrollKeyExchangeKey (
) )
{ {
UINT16* FilePostFix; UINT16* FilePostFix;
EFI_STATUS Status;
if ((Private->FileContext->FileName == NULL) || (Private->SignatureGUID == NULL)) { if ((Private->FileContext->FileName == NULL) || (Private->SignatureGUID == NULL)) {
return EFI_INVALID_PARAMETER; return EFI_INVALID_PARAMETER;
} }
Status = SetSecureBootMode(CUSTOM_SECURE_BOOT_MODE);
if (EFI_ERROR (Status)) {
return Status;
}
// //
// Parse the file's postfix. Supports DER-encoded X509 certificate, // Parse the file's postfix. Supports DER-encoded X509 certificate,
// and .pbk as RSA public key file. // and .pbk as RSA public key file.
@ -1508,11 +1550,17 @@ EnrollSignatureDatabase (
) )
{ {
UINT16* FilePostFix; UINT16* FilePostFix;
EFI_STATUS Status;
if ((Private->FileContext->FileName == NULL) || (Private->FileContext->FHandle == NULL) || (Private->SignatureGUID == NULL)) { if ((Private->FileContext->FileName == NULL) || (Private->FileContext->FHandle == NULL) || (Private->SignatureGUID == NULL)) {
return EFI_INVALID_PARAMETER; return EFI_INVALID_PARAMETER;
} }
Status = SetSecureBootMode(CUSTOM_SECURE_BOOT_MODE);
if (EFI_ERROR (Status)) {
return Status;
}
// //
// Parse the file's postfix. // Parse the file's postfix.
// //
@ -1756,6 +1804,11 @@ DeleteKeyExchangeKey (
Cert = NULL; Cert = NULL;
Attr = 0; Attr = 0;
DeleteKekIndex = QuestionId - OPTION_DEL_KEK_QUESTION_ID; DeleteKekIndex = QuestionId - OPTION_DEL_KEK_QUESTION_ID;
Status = SetSecureBootMode(CUSTOM_SECURE_BOOT_MODE);
if (EFI_ERROR (Status)) {
return Status;
}
// //
// Get original KEK variable. // Get original KEK variable.
@ -1944,6 +1997,11 @@ DeleteSignature (
Cert = NULL; Cert = NULL;
Attr = 0; Attr = 0;
Status = SetSecureBootMode(CUSTOM_SECURE_BOOT_MODE);
if (EFI_ERROR (Status)) {
return Status;
}
// //
// Get original signature list data. // Get original signature list data.
// //
@ -2103,23 +2161,25 @@ SecureBootExtractConfigFromVariable (
{ {
UINT8 *SecureBootEnable; UINT8 *SecureBootEnable;
UINT8 *SetupMode; UINT8 *SetupMode;
UINT8 *SecureBoot;
UINT8 *SecureBootMode; UINT8 *SecureBootMode;
SecureBootEnable = NULL; SecureBootEnable = NULL;
SetupMode = NULL; SetupMode = NULL;
SecureBoot = NULL;
SecureBootMode = NULL; SecureBootMode = NULL;
// //
// If the SecureBootEnable Variable doesn't exist, hide the SecureBoot Enable/Disable // If the SecureBootEnable Variable doesn't exist, hide the SecureBoot Enable/Disable
// Checkbox. // Checkbox.
// //
ConfigData->AttemptSecureBoot = FALSE;
GetVariable2 (EFI_SECURE_BOOT_ENABLE_NAME, &gEfiSecureBootEnableDisableGuid, (VOID**)&SecureBootEnable, NULL); GetVariable2 (EFI_SECURE_BOOT_ENABLE_NAME, &gEfiSecureBootEnableDisableGuid, (VOID**)&SecureBootEnable, NULL);
if (SecureBootEnable == NULL) { if (SecureBootEnable == NULL) {
ConfigData->HideSecureBoot = TRUE; ConfigData->HideSecureBoot = TRUE;
} else { } else {
ConfigData->HideSecureBoot = FALSE; ConfigData->HideSecureBoot = FALSE;
if ((*SecureBootEnable) == SECURE_BOOT_ENABLE) {
ConfigData->AttemptSecureBoot = TRUE;
}
} }
// //
@ -2140,16 +2200,6 @@ SecureBootExtractConfigFromVariable (
} else { } else {
ConfigData->HasPk = TRUE; ConfigData->HasPk = TRUE;
} }
//
// If the value of SecureBoot variable is 1, the platform is operating in secure boot mode.
//
GetVariable2 (EFI_SECURE_BOOT_MODE_NAME, &gEfiGlobalVariableGuid, (VOID**)&SecureBoot, NULL);
if (SecureBoot != NULL && *SecureBoot == SECURE_BOOT_MODE_ENABLE) {
ConfigData->SecureBootState = TRUE;
} else {
ConfigData->SecureBootState = FALSE;
}
// //
// Get the SecureBootMode from CustomMode variable. // Get the SecureBootMode from CustomMode variable.
@ -2160,7 +2210,16 @@ SecureBootExtractConfigFromVariable (
} else { } else {
ConfigData->SecureBootMode = *(SecureBootMode); ConfigData->SecureBootMode = *(SecureBootMode);
} }
if (SecureBootEnable != NULL) {
FreePool (SecureBootEnable);
}
if (SetupMode != NULL) {
FreePool (SetupMode);
}
if (SecureBootMode != NULL) {
FreePool (SecureBootMode);
}
} }
/** /**
@ -2206,6 +2265,7 @@ SecureBootExtractConfig (
EFI_STRING ConfigRequestHdr; EFI_STRING ConfigRequestHdr;
SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData; SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData;
BOOLEAN AllocatedRequest; BOOLEAN AllocatedRequest;
UINT8 *SecureBoot;
if (Progress == NULL || Results == NULL) { if (Progress == NULL || Results == NULL) {
return EFI_INVALID_PARAMETER; return EFI_INVALID_PARAMETER;
@ -2215,6 +2275,7 @@ SecureBootExtractConfig (
ConfigRequestHdr = NULL; ConfigRequestHdr = NULL;
ConfigRequest = NULL; ConfigRequest = NULL;
Size = 0; Size = 0;
SecureBoot = NULL;
ZeroMem (&Configuration, sizeof (Configuration)); ZeroMem (&Configuration, sizeof (Configuration));
PrivateData = SECUREBOOT_CONFIG_PRIVATE_FROM_THIS (This); PrivateData = SECUREBOOT_CONFIG_PRIVATE_FROM_THIS (This);
@ -2228,6 +2289,19 @@ SecureBootExtractConfig (
// Get Configuration from Variable. // Get Configuration from Variable.
// //
SecureBootExtractConfigFromVariable (&Configuration); SecureBootExtractConfigFromVariable (&Configuration);
//
// Update current secure boot state.
//
GetVariable2 (EFI_SECURE_BOOT_MODE_NAME, &gEfiGlobalVariableGuid, (VOID**)&SecureBoot, NULL);
if (SecureBoot != NULL && *SecureBoot == SECURE_BOOT_MODE_ENABLE) {
HiiSetString (PrivateData->HiiHandle, STRING_TOKEN (STR_SECURE_BOOT_STATE_CONTENT), L"Enabled", NULL);
} else {
HiiSetString (PrivateData->HiiHandle, STRING_TOKEN (STR_SECURE_BOOT_STATE_CONTENT), L"Disabled", NULL);
}
if (SecureBoot != NULL) {
FreePool (SecureBoot);
}
BufferSize = sizeof (SECUREBOOT_CONFIGURATION); BufferSize = sizeof (SECUREBOOT_CONFIGURATION);
ConfigRequest = Request; ConfigRequest = Request;
@ -2355,15 +2429,21 @@ SecureBootCallback (
SECUREBOOT_CONFIGURATION *IfrNvData; SECUREBOOT_CONFIGURATION *IfrNvData;
UINT16 LabelId; UINT16 LabelId;
UINT8 *SecureBootEnable; UINT8 *SecureBootEnable;
UINT8 *SecureBootMode;
UINT8 *SetupMode;
CHAR16 PromptString[100]; CHAR16 PromptString[100];
SecureBootEnable = NULL; SecureBootEnable = NULL;
SecureBootMode = NULL;
SetupMode = NULL;
if ((This == NULL) || (Value == NULL) || (ActionRequest == NULL)) { if ((This == NULL) || (Value == NULL) || (ActionRequest == NULL)) {
return EFI_INVALID_PARAMETER; return EFI_INVALID_PARAMETER;
} }
if ((Action != EFI_BROWSER_ACTION_CHANGED) && (Action != EFI_BROWSER_ACTION_CHANGING)) { if ((Action != EFI_BROWSER_ACTION_CHANGED) &&
(Action != EFI_BROWSER_ACTION_CHANGING) &&
(Action != EFI_BROWSER_ACTION_FORM_CLOSE)) {
return EFI_UNSUPPORTED; return EFI_UNSUPPORTED;
} }
@ -2388,6 +2468,7 @@ SecureBootCallback (
case KEY_SECURE_BOOT_ENABLE: case KEY_SECURE_BOOT_ENABLE:
GetVariable2 (EFI_SECURE_BOOT_ENABLE_NAME, &gEfiSecureBootEnableDisableGuid, (VOID**)&SecureBootEnable, NULL); GetVariable2 (EFI_SECURE_BOOT_ENABLE_NAME, &gEfiSecureBootEnableDisableGuid, (VOID**)&SecureBootEnable, NULL);
if (NULL != SecureBootEnable) { if (NULL != SecureBootEnable) {
FreePool (SecureBootEnable);
if (EFI_ERROR (SaveSecureBootVariable (Value->u8))) { if (EFI_ERROR (SaveSecureBootVariable (Value->u8))) {
CreatePopUp ( CreatePopUp (
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
@ -2400,11 +2481,10 @@ SecureBootCallback (
CreatePopUp ( CreatePopUp (
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
&Key, &Key,
L"Secure boot configuration is changed, please reset the platform to take effect!", L"Configuration changed, please reset the platform to take effect!",
NULL NULL
); );
} }
*ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;
} }
break; break;
@ -2461,10 +2541,26 @@ SecureBootCallback (
break; break;
case KEY_SECURE_BOOT_DELETE_PK: case KEY_SECURE_BOOT_DELETE_PK:
if (Value->u8) { if (Value->u8) {
CreatePopUp (
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
&Key,
L"Are you sure you want to delete PK? Secure boot will be disabled!",
L"Press 'Y' to delete PK and exit, 'N' to discard change and return",
NULL
);
if (Key.UnicodeChar == 'y' || Key.UnicodeChar == 'Y') {
Status = DeletePlatformKey (); Status = DeletePlatformKey ();
*ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY; if (EFI_ERROR (Status)) {
CreatePopUp (
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
&Key,
L"Only Physical Presence User could delete PK in custom mode!",
NULL
);
}
} }
}
break; break;
case KEY_DELETE_KEK: case KEY_DELETE_KEK:
@ -2547,7 +2643,7 @@ SecureBootCallback (
} else if (Action == EFI_BROWSER_ACTION_CHANGED) { } else if (Action == EFI_BROWSER_ACTION_CHANGED) {
switch (QuestionId) { switch (QuestionId) {
case KEY_SECURE_BOOT_ENABLE: case KEY_SECURE_BOOT_ENABLE:
*ActionRequest = EFI_BROWSER_ACTION_REQUEST_SUBMIT; *ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;
break; break;
case KEY_VALUE_SAVE_AND_EXIT_PK: case KEY_VALUE_SAVE_AND_EXIT_PK:
Status = EnrollPlatformKey (Private); Status = EnrollPlatformKey (Private);
@ -2588,8 +2684,8 @@ SecureBootCallback (
break; break;
case KEY_SECURE_BOOT_MODE: case KEY_SECURE_BOOT_MODE:
GetVariable2 (EFI_CUSTOM_MODE_NAME, &gEfiCustomModeEnableGuid, (VOID**)&SecureBootEnable, NULL); GetVariable2 (EFI_CUSTOM_MODE_NAME, &gEfiCustomModeEnableGuid, (VOID**)&SecureBootMode, NULL);
if (NULL != SecureBootEnable) { if (NULL != SecureBootMode) {
Status = gRT->SetVariable ( Status = gRT->SetVariable (
EFI_CUSTOM_MODE_NAME, EFI_CUSTOM_MODE_NAME,
&gEfiCustomModeEnableGuid, &gEfiCustomModeEnableGuid,
@ -2599,6 +2695,7 @@ SecureBootCallback (
); );
*ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY; *ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;
IfrNvData->SecureBootMode = Value->u8; IfrNvData->SecureBootMode = Value->u8;
FreePool (SecureBootMode);
} }
break; break;
@ -2619,11 +2716,33 @@ SecureBootCallback (
break; break;
case KEY_SECURE_BOOT_DELETE_PK: case KEY_SECURE_BOOT_DELETE_PK:
if (Value->u8) { GetVariable2 (EFI_SETUP_MODE_NAME, &gEfiGlobalVariableGuid, (VOID**)&SetupMode, NULL);
if (SetupMode == NULL || (*SetupMode) == SETUP_MODE) {
IfrNvData->DeletePk = TRUE;
IfrNvData->HasPk = FALSE;
*ActionRequest = EFI_BROWSER_ACTION_REQUEST_SUBMIT; *ActionRequest = EFI_BROWSER_ACTION_REQUEST_SUBMIT;
} else {
IfrNvData->DeletePk = FALSE;
IfrNvData->HasPk = TRUE;
*ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;
}
if (SetupMode != NULL) {
FreePool (SetupMode);
} }
break; break;
} }
} else if (Action == EFI_BROWSER_ACTION_FORM_CLOSE) {
//
// Force the platform back to Standard Mode once user leave the setup screen.
//
GetVariable2 (EFI_CUSTOM_MODE_NAME, &gEfiCustomModeEnableGuid, (VOID**)&SecureBootMode, NULL);
if (NULL != SecureBootMode && *SecureBootMode == CUSTOM_SECURE_BOOT_MODE) {
IfrNvData->SecureBootMode = STANDARD_SECURE_BOOT_MODE;
SetSecureBootMode(STANDARD_SECURE_BOOT_MODE);
}
if (SecureBootMode != NULL) {
FreePool (SecureBootMode);
}
} }
if (!EFI_ERROR (Status)) { if (!EFI_ERROR (Status)) {

4
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigNvData.h
View File

@ -1,7 +1,7 @@
/** @file /** @file
Header file for NV data structure definition. Header file for NV data structure definition.
Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.<BR> Copyright (c) 2011 - 2013, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -106,7 +106,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
// Nv Data structure referenced by IFR // Nv Data structure referenced by IFR
// //
typedef struct { typedef struct {
BOOLEAN SecureBootState; //Secure Boot Disable/Enable; BOOLEAN AttemptSecureBoot; //Attempt to enable/disable Secure Boot.
BOOLEAN HideSecureBoot; //Hiden Attempt Secure Boot BOOLEAN HideSecureBoot; //Hiden Attempt Secure Boot
CHAR16 SignatureGuid[SECURE_BOOT_GUID_STORAGE_SIZE]; CHAR16 SignatureGuid[SECURE_BOOT_GUID_STORAGE_SIZE];
BOOLEAN PhysicalPresent; //If a Physical Present User; BOOLEAN PhysicalPresent; //If a Physical Present User;

BIN
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigStrings.uni
View File

Binary file not shown.