Fork: 0
ajax / AMI-Aptio-BIOS-Reversed
Transfer to URL with SHA Find file
Newer
Older
AMI-Aptio-BIOS-Reversed / AmiModulePkg / SecureBoot / SecureBootDXE / README.md
@Ajax Dong Ajax Dong 2 days ago 1 KB Full restructure
Raw Blame History

SecureBootDXE, 0098, 0x1ce0 (7392 bytes), Phase 2

UEFI Secure Boot policy DXE driver for Lenovo HR650X. Initializes UEFI standard table pointers, reads the proprietary "SecureBootSetup" variable (GUID {7B59104A-...}) to determine Secure Boot enable/disable state, provisions default Secure Boot databases (db, dbx, dbt, dbr, KEK, PK) from firmware volumes into UEFI Runtime Variables, and sets the SetupMode variable based on provisioning state. Supports multiple certificate types including X.509, SHA-256, SHA-384, and RSA 2048.

Key Functions

  • ModuleEntryPoint -- loads SecureBootSetup variable and provisions databases
  • SecureBootProvisionDefault -- iterates firmware volumes for default Secure Boot data
  • SecureBootSetSetupMode -- sets SetupMode variable per provisioning outcome

Protocols/Dependencies

  • EFI_FIRMWARE_VOLUME2_PROTOCOL, RNG Protocol, UEFI Runtime Variable Services
  • SecureBootSetup (proprietary variable), GlobalVariable (EfiGlobalVariable)

Platform

x86-64, UEFI DXE_DRIVER, VS2015 DEBUG, AmiModulePkg