7.5 Configuration
This section defines the configurable items that must be available to achieve Stage IV functionality.
These definitions may be both source and binary in nature.
7.5.1 Security Related Configuration
Component |
Name |
Producer |
Consumer |
Purpose |
Porting Category |
|---|---|---|---|---|---|
| Post Build | PK | Board | Core | PK variable | Platform Policy: UEFI Secure Boot |
| KEK | Board | Core | KEK variable | Platform Policy: UEFI Secure Boot | |
| db | Board | Core | db variable | Platform Policy: UEFI Secure Boot | |
| dbx | Board | Core | dbx variable | Platform Policy: UEFI Secure Boot | |
| PcdTpmInstance Guid |
GUID | Board | Core | Select TPM instance | Platform Policy: TCG trusted boot |
| PcdTpm2 InitializationPolicy |
UINT8 | Board | Core | Choose if TPM driver need send Tpm2Init. | Platform Policy: TCG trusted boot |
| PcdTpm2Self TestPolicy |
UINT8 | Board | Core | Choose if TPM driver need send Tpm2SelfTest | Platform Policy: TCG trusted boot |
| PRE_MEM_SILICON_POLICY | MOR data | Board | Silicon | The board code consumes the MOR variable and pass it to MemoryInit module as policy | Platform Policy: TCG MOR |
| L"MemoryOverwrite RequestControl" |
MOR Variable | OS | Board | OS indicates to UEFI FW the MOR request. | Platform Policy: TCG MOR |
| PcdVTdPolicy PropertyMask |
VTd policy mask | Platform | Core | VTd policy | Platform Policy: DMA |
Table 62 Stage V Security Configuration
7.5.2 FV Related Configuration
PCD |
Purpose |
|---|---|
| gEfiMdeModulePkgTokenSpaceGuid. PcdFlashNvStorageVariableBase | Base address of the NV variable range in flash device. |
| gEfiMdeModulePkgTokenSpaceGuid. PcdFlashNvStorageVariableSize | Size of the non-volatile variable range. Note that this value should less than or equal to PcdFlashNvStorageFtwSpareSize. |
| gEfiMdeModulePkgTokenSpaceGuid. PcdFlashNvStorageFtwWorkingBase | Base address of the FTW working block range in flash device. |
| gEfiMdeModulePkgTokenSpaceGuid. PcdFlashNvStorageFtwWorkingSize | Size of the FTW working block range. |
| gEfiMdeModulePkgTokenSpaceGuid. PcdFlashNvStorageFtwSpareBase | Base address of the FTW spare block range in flash device. Note that this value should be block size aligned. |
| gEfiMdeModulePkgTokenSpaceGuid. PcdFlashNvStorageFtwSpareSize | Size of the FTW spare block range. Note that this value should larger than PcdFlashNvStorageVariableSize and block size aligned. |
| gMinPlatformPkgTokenSpaceGuid. PcdFlashFvSecurityBase | Security FV base address. |
| gMinPlatformPkgTokenSpaceGuid. PcdFlashFvSecuritySize | Security FV size. |
Table 63 Stage V Flash Map Configuration PCDs
7.5.3 Feature Related Configuration
PCD |
Purpose |
|---|---|
| gMinPlatformModuleTokenSpaceGuid.PcdSmiHandlerProfileEnable | Enable SMI handler profile. |
| gMinPlatformModuleTokenSpaceGuid.PcdTpm2Enable | Enable TPM2. |
| gMinPlatformModuleTokenSpaceGuid.PcdUefiSecureBootEnable | Enable UEFI Secure Boot. |