From b2a59c532279fff7ed980e5ff2222adcd59c8a84 Mon Sep 17 00:00:00 2001 From: Chao Zhang Date: Thu, 10 Dec 2015 07:16:34 +0000 Subject: MdePkg: Add AuditMode/DeployedMode name definition Add AuditMode/DeployedMode definition from Enable Secure Boot feature defined in UEFI2.5 Mantis 1263. https://mantis.uefi.org/mantis/view.php?id=1263 (Sync patch r19130 from main trunk.) Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang Reviewed-by: Zeng Star Reviewed-by: Long Qin git-svn-id: https://svn.code.sf.net/p/edk2/code/branches/UDK2015@19186 6f19259b-4bc3-4df7-8a09-765794883524 --- MdePkg/Include/Guid/GlobalVariable.h | 14 ++++++++++++++ MdePkg/Include/Guid/ImageAuthentication.h | 9 ++++++--- 2 files changed, 20 insertions(+), 3 deletions(-) diff --git a/MdePkg/Include/Guid/GlobalVariable.h b/MdePkg/Include/Guid/GlobalVariable.h index 1e4fbc8227..e58f7a1e8c 100644 --- a/MdePkg/Include/Guid/GlobalVariable.h +++ b/MdePkg/Include/Guid/GlobalVariable.h @@ -126,6 +126,20 @@ extern EFI_GUID gEfiGlobalVariableGuid; /// #define EFI_SETUP_MODE_NAME L"SetupMode" /// +/// Whether the system is operating in audit mode (1) or not (0). +/// All other values are reserved. Should be treated as read-only except when DeployedMode is 0. +/// Always becomes read-only after ExitBootServices() is called. +/// Its attribute is BS+RT. +/// +#define EFI_AUDIT_MODE_NAME L"AuditMode" +/// +/// Whether the system is operating in deployed mode (1) or not (0). +/// All other values are reserved. Should be treated as read-only when its value is 1. +/// Always becomes read-only after ExitBootServices() is called. +/// Its attribute is BS+RT. +/// +#define EFI_DEPLOYED_MODE_NAME L"DeployedMode" +/// /// The Key Exchange Key Signature Database. /// Its attribute is NV+BS+RT+AT. /// diff --git a/MdePkg/Include/Guid/ImageAuthentication.h b/MdePkg/Include/Guid/ImageAuthentication.h index 4f4296086d..2f51935c0c 100644 --- a/MdePkg/Include/Guid/ImageAuthentication.h +++ b/MdePkg/Include/Guid/ImageAuthentication.h @@ -43,9 +43,12 @@ #define SECURE_BOOT_MODE_ENABLE 1 #define SECURE_BOOT_MODE_DISABLE 0 -#define SETUP_MODE 1 -#define USER_MODE 0 - +#define SETUP_MODE_ENABLE 1 +#define SETUP_MODE_DISABLE 0 +#define DEPLOYED_MODE_ENABLE 1 +#define DEPLOYED_MODE_DISABLE 0 +#define AUDIT_MODE_ENABLE 1 +#define AUDIT_MODE_DISABLE 0 //*********************************************************************** // Signature Database -- cgit v1.2.3