Miguel -
There is no provision for such protection in UEFI. UEFI does not provide the
type of secure environment that would enforce such protections. For example,
another driver executing could look in your driver, since they share a single
memory space.
All keys used by the UEFI firmware are public keys, as you noted.
Tim
From: [email protected] [mailto:[email protected]]
Sent: Friday, February 21, 2014 2:42 AM
To: [email protected]
Subject: [edk2] UEFI writing protection variable
Hello all,
I'm a master's student and for my final thesis I am writing a UEFI
Application/Driver.
In my UEFI Application/Driver I need to have access to a non volatile variable
that must be visible (write permission) only to my UEFI Application/Driver and
invisible (no read permission) for other drivers, applications or operating
systems.
Does UEFI provide any mechanism to create a non volatile variable (or some kind
of data storage) that is only accessible to my driver? Can I have some hints on
how to do this?
I have been reading about the Secure Boot secure variables and Key Managment
Service but, the first does not seem to provide reading protection and the
second does not specify read/write protections for the saved keys.
Regards
Miguel Rocha
------------------------------------------------------------------------------
Managing the Performance of Cloud-Based Applications
Take advantage of what the Cloud has to offer - Avoid Common Pitfalls.
Read the Whitepaper.
http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk
_______________________________________________
edk2-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/edk2-devel
