[edk2-devel] [PATCH] SecurityPkg/SecurityPkg.dec: add PCD for status of variable integrity
Wang, Jian J
jian.j.wang at intel.com
Mon Nov 2 16:40:49 UTC 2020
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594
This patch adds PCD PcdStatusCodeVariableIntegrity used to report the
result of variable integrity check to platform, which should choose
appropriate methods to handle the situation of the compromised variable
or other error conditions.
This patch is part of bz2594 and supposed to be check in the tree in
advance in order to coordinate the development works for bz2594 between
edk2 and platform.
Cc: Xiaoyu Lu <xiaoyux.lu at intel.com>
Cc: Jiewen Yao <jiewen.yao at intel.com>
Cc: Guomin Jiang <guomin.jiang at intel.com>
Cc: Nishant C Mistry <nishant.c.mistry at intel.com>
Signed-off-by: Jian J Wang <jian.j.wang at intel.com>
---
SecurityPkg/SecurityPkg.dec | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec
index 1b7d62e802..2e87cb3c31 100644
--- a/SecurityPkg/SecurityPkg.dec
+++ b/SecurityPkg/SecurityPkg.dec
@@ -290,6 +290,11 @@
gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeFvVerificationPass|0x0303100A|UINT32|0x00010030
gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeFvVerificationFail|0x0303100B|UINT32|0x00010031
+ ## Progress Code for variable integrity check result.<BR><BR>
+ # DEFAULT<pass>: (EFI_PERIPHERAL_FIXED_MEDIA | 0)
+ # @Prompt Status Code for variable integiry check result
+ gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeVariableIntegrity|0x01070000|UINT32|0x00010032
+
[PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
## Image verification policy for OptionRom. Only following values are valid:<BR><BR>
# NOTE: Do NOT use 0x5 and 0x2 since it violates the UEFI specification and has been removed.<BR>
--
2.27.0.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#66865): https://edk2.groups.io/g/devel/message/66865
Mute This Topic: https://groups.io/mt/77985476/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list