1 files changed, 14 insertions, 8 deletions
diff --git a/SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h b/SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h
index ec4b3d97f..83b0f2362 100644
--- a/SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h
+++ b/SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h
@@ -12,7 +12,7 @@
   may not be modified without authorization. If platform fails to protect these resources,
   the authentication service provided in this driver will be broken, and the behavior is undefined.
 
-Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
@@ -86,8 +86,10 @@ typedef struct {
 #pragma pack()
 
 ///
-/// "certdb" variable stores the signer's certificates for non PK/KEK/DB/DBX
-/// variables with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set.
+///  "certdb" variable stores the signer's certificates for non PK/KEK/DB/DBX
+/// variables with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS|EFI_VARIABLE_NON_VOLATILE set.
+///  "certdbv" variable stores the signer's certificates for non PK/KEK/DB/DBX
+/// variables with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set
 ///
 /// GUID: gEfiCertDbGuid
 ///
@@ -104,7 +106,8 @@ typedef struct {
 /// | AUTH_CERT_DB_DATA          | <-- Last CERT
 /// +----------------------------+
 ///
-#define EFI_CERT_DB_NAME        L"certdb"
+#define EFI_CERT_DB_NAME                 L"certdb"
+#define EFI_CERT_DB_VOLATILE_NAME        L"certdbv"
 
 #pragma pack(1)
 typedef struct {
@@ -229,13 +232,15 @@ VerifyTimeBasedPayloadAndUpdate (
 
 /**
   Delete matching signer's certificates when deleting common authenticated
-  variable by corresponding VariableName and VendorGuid from "certdb".
+  variable by corresponding VariableName and VendorGuid from "certdb" or 
+  "certdbv" according to authenticated variable attributes.
 
   @param[in]  VariableName   Name of authenticated Variable.
   @param[in]  VendorGuid     Vendor GUID of authenticated Variable.
+  @param[in]  Attributes        Attributes of authenticated variable.
 
   @retval  EFI_INVALID_PARAMETER Any input parameter is invalid.
-  @retval  EFI_NOT_FOUND         Fail to find "certdb" or matching certs.
+  @retval  EFI_NOT_FOUND         Fail to find "certdb"/"certdbv" or matching certs.
   @retval  EFI_OUT_OF_RESOURCES  The operation is failed due to lack of resources.
   @retval  EFI_SUCCESS           The operation is completed successfully.
 
@@ -243,7 +248,8 @@ VerifyTimeBasedPayloadAndUpdate (
 EFI_STATUS
 DeleteCertsFromDb (
   IN     CHAR16           *VariableName,
-  IN     EFI_GUID         *VendorGuid
+  IN     EFI_GUID         *VendorGuid,
+  IN     UINT32           Attributes
   );
 
 /**
@@ -410,7 +416,7 @@ ProcessVariable (
   IN     EFI_GUID                           *VendorGuid,
   IN     VOID                               *Data,
   IN     UINTN                              DataSize,
-  IN     UINT32                             Attributes OPTIONAL
+  IN     UINT32                             Attributes
   );
 
 /**