Computing devices are initialized by firmware included within the device and this firmware provides a range of software services which facilitate the boot of the operating system (OS) as well as providing a subset of these services that continue to be available after the operating system has booted. Firmware is software supplied by a system manufacturer and written onto Read-Only Memory (ROM) modules including, but not limited to, ROM, PROM, EPROM, EEPROM, and Flash memory (collectively referred to hereafter as “ROM”). Among other roles, the firmware is responsible for operation of the computing device until a boot process can be run which loads an operating system for the computing device into memory. Once loaded, the operating system is in charge of normal operation of the computing device although the provision of certain services after loading of the operating system may require a transition of control from the operating system back to the firmware for security and other reasons.
Unified Extensible Firmware Interface (UEFI) is a specification created by a non-profit industry body detailing a programming interface between the Operating System and the included firmware of a computing device such as, but not limited to, a Personal Computer (PC). The UEFI specification describes a set of tools by which a computing device can move in an organized fashion from the initial ‘power-applied’ state to ‘fully operational.’ The specification tells the desired result but deliberately does not specify the internal firmware implementation. The UEFI firmware specification replaces earlier OS/firmware interfaces previously used by the industry and commonly known as legacy BIOS.
When implemented in a computing device, the machine codes for UEFI firmware and all permanent data used by the firmware reside in Read Only Memory (ROM). In many cases the ROM is an Electrically Erasable silicon device known as a flash ROM. Flash ROM has the characteristic that it can be erased by electrical command and individual elements may then be written and the device will retain the data indefinitely. When power is first applied to the computing device, the system executes a process called reset which clears the state to a known condition and begins execution of the firmware. The firmware is read from the flash ROM or other ROM in the computing device.
The operation of the firmware is controlled by updatable storage within flash ROM or other device. This updatable storage for options and data is typically organized according to UEFI specification chapters pertaining to UEFI Variables. Variables in the UEFI specification are defined as key/value pairs that include identifying variable name information plus attributes (a key) and one or more associated data bytes (the value). The variable name is composed of two parts, firstly a computer encoded string and secondly a 128-bit Globally Unique Identifier of GUID. The GUID is used to partition the variable namespace so that duplicate uses of the same name string for different purposes is statistically unlikely. Among their uses, the variables store data that is passed between the firmware environment and agents/applications executing in the operating system environment. The variables may be accessed from the operating system environment through a UEFI specification-defined interface using firmware service calls defined in the UEFI specification as GetVariable and SetVariable functions which respectively retrieve a variable value or set the value of a specified variable stored in firmware. GetVariable and SetVariable are used in the firmware phase of system boot and additionally the use of the GetVariable and SetVariable calls are supported by many of today's operating systems after the operating system has booted. A subset of the UEFI variables are created with additional protection attributes and are known as Authenticated Variables. These Authenticated Variables in a computing device equipped with UEFI-compliant firmware are intended to be protected from software modification except by authorized agents holding an update signing key.