7.5 Configuration

7.5 Configuration
This section defines the configurable items that must be available to achieve Stage IV functionality.
These definitions may be both source and binary in nature.
7.5.1 Security Related Configuration
Component
Name
Producer
Consumer
Purpose
Porting Category
Post Build
PK
Board
Core
PK variable
Platform Policy: UEFI Secure Boot
​
KEK
Board
Core
KEK variable
Platform Policy: UEFI Secure Boot
​
db
Board
Core
db variable
Platform Policy: UEFI Secure Boot
​
dbx
Board
Core
dbx variable
Platform Policy: UEFI Secure Boot
PcdTpmInstance
Guid
GUID
Board
Core
Select TPM instance
Platform Policy: TCG trusted boot
PcdTpm2
InitializationPolicy
UINT8
Board
Core
Choose if TPM driver need send Tpm2Init.
Platform Policy: TCG trusted boot
PcdTpm2Self
TestPolicy
UINT8
Board
Core
Choose if TPM driver need send Tpm2SelfTest
Platform Policy: TCG trusted boot
PRE_MEM_SILICON_POLICY
MOR data
Board
Silicon
The board code consumes the MOR variable and pass it to MemoryInit module as policy
Platform Policy: TCG MOR
L"MemoryOverwrite
RequestControl"
MOR Variable
OS
Board
OS indicates to UEFI FW the MOR request.
Platform Policy: TCG MOR
PcdVTdPolicy
PropertyMask
VTd policy mask
Platform
Core
VTd policy
Platform Policy: DMA
Table 62 Stage V Security Configuration
7.5.2 FV Related Configuration
PCD
Purpose
gEfiMdeModulePkgTokenSpaceGuid. PcdFlashNvStorageVariableBase
Base address of the NV variable range in flash device.
gEfiMdeModulePkgTokenSpaceGuid. PcdFlashNvStorageVariableSize
Size of the non-volatile variable range. Note that this value should less than or equal to PcdFlashNvStorageFtwSpareSize.
gEfiMdeModulePkgTokenSpaceGuid. PcdFlashNvStorageFtwWorkingBase
Base address of the FTW working block range in flash device.
gEfiMdeModulePkgTokenSpaceGuid. PcdFlashNvStorageFtwWorkingSize
Size of the FTW working block range.
gEfiMdeModulePkgTokenSpaceGuid. PcdFlashNvStorageFtwSpareBase
Base address of the FTW spare block range in flash device. Note that this value should be block size aligned.
gEfiMdeModulePkgTokenSpaceGuid. PcdFlashNvStorageFtwSpareSize
Size of the FTW spare block range. Note that this value should larger than PcdFlashNvStorageVariableSize and block size aligned.
gMinPlatformPkgTokenSpaceGuid. PcdFlashFvSecurityBase
Security FV base address.
gMinPlatformPkgTokenSpaceGuid. PcdFlashFvSecuritySize
Security FV size.
Table 63 Stage V Flash Map Configuration PCDs
7.5.3 Feature Related Configuration
PCD
Purpose
gMinPlatformModuleTokenSpaceGuid.PcdSmiHandlerProfileEnable
Enable SMI handler profile.
gMinPlatformModuleTokenSpaceGuid.PcdTpm2Enable
Enable TPM2.
gMinPlatformModuleTokenSpaceGuid.PcdUefiSecureBootEnable
Enable UEFI Secure Boot.
Table 64 Stage V Feature Configuration

7.4 Required Functions

7.6 Data Flows

Last updated 9 months ago

`Component`	`Name`	`Producer`	`Consumer`	`Purpose`	`Porting Category`
Post Build	PK	Board	Core	PK variable	Platform Policy: UEFI Secure Boot
	KEK	Board	Core	KEK variable	Platform Policy: UEFI Secure Boot
	db	Board	Core	db variable	Platform Policy: UEFI Secure Boot
	dbx	Board	Core	dbx variable	Platform Policy: UEFI Secure Boot
PcdTpmInstance Guid	GUID	Board	Core	Select TPM instance	Platform Policy: TCG trusted boot
PcdTpm2 InitializationPolicy	UINT8	Board	Core	Choose if TPM driver need send Tpm2Init.	Platform Policy: TCG trusted boot
PcdTpm2Self TestPolicy	UINT8	Board	Core	Choose if TPM driver need send Tpm2SelfTest	Platform Policy: TCG trusted boot
PRE_MEM_SILICON_POLICY	MOR data	Board	Silicon	The board code consumes the MOR variable and pass it to MemoryInit module as policy	Platform Policy: TCG MOR
L"MemoryOverwrite RequestControl"	MOR Variable	OS	Board	OS indicates to UEFI FW the MOR request.	Platform Policy: TCG MOR
PcdVTdPolicy PropertyMask	VTd policy mask	Platform	Core	VTd policy	Platform Policy: DMA

`PCD`	`Purpose`
gEfiMdeModulePkgTokenSpaceGuid. PcdFlashNvStorageVariableBase	Base address of the NV variable range in flash device.
gEfiMdeModulePkgTokenSpaceGuid. PcdFlashNvStorageVariableSize	Size of the non-volatile variable range. Note that this value should less than or equal to PcdFlashNvStorageFtwSpareSize.
gEfiMdeModulePkgTokenSpaceGuid. PcdFlashNvStorageFtwWorkingBase	Base address of the FTW working block range in flash device.
gEfiMdeModulePkgTokenSpaceGuid. PcdFlashNvStorageFtwWorkingSize	Size of the FTW working block range.
gEfiMdeModulePkgTokenSpaceGuid. PcdFlashNvStorageFtwSpareBase	Base address of the FTW spare block range in flash device. Note that this value should be block size aligned.
gEfiMdeModulePkgTokenSpaceGuid. PcdFlashNvStorageFtwSpareSize	Size of the FTW spare block range. Note that this value should larger than PcdFlashNvStorageVariableSize and block size aligned.
gMinPlatformPkgTokenSpaceGuid. PcdFlashFvSecurityBase	Security FV base address.
gMinPlatformPkgTokenSpaceGuid. PcdFlashFvSecuritySize	Security FV size.

`PCD`	`Purpose`
gMinPlatformModuleTokenSpaceGuid.PcdSmiHandlerProfileEnable	Enable SMI handler profile.
gMinPlatformModuleTokenSpaceGuid.PcdTpm2Enable	Enable TPM2.
gMinPlatformModuleTokenSpaceGuid.PcdUefiSecureBootEnable	Enable UEFI Secure Boot.