From 73bc29b75fab3f08f2895878d0c055772c65e4a2 Mon Sep 17 00:00:00 2001 From: vit9696 Date: Tue, 19 Nov 2019 01:02:03 +0300 Subject: [PATCH] OcFirmwareRuntime: Extent with fallback var --- Include/Protocol/OcFirmwareRuntime.h | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/Include/Protocol/OcFirmwareRuntime.h b/Include/Protocol/OcFirmwareRuntime.h index 0cc2fb01..ea945d3b 100644 --- a/Include/Protocol/OcFirmwareRuntime.h +++ b/Include/Protocol/OcFirmwareRuntime.h @@ -39,6 +39,15 @@ typedef struct OC_FWRT_CONFIG_ { /// BOOLEAN BootVariableRedirect; /// + /// Route boot variables back to EfiGlobalVariable when they are compatible. + /// In general we do not want this, as this basically escapes OpenCore security + /// jail, and permits booting operating systems bypassing OpenCore. + /// However, some firmwares, namely ASUS APTIO V, will freeze/fail to boot + /// by manually adding boot entries for Windows after Windows itself did not + /// create them. + /// + BOOLEAN BootVariableFallback; + /// /// Make SetVariable do nothing and always return EFI_SECURITY_VIOLATION. /// When we do not want variables to be stored in NVRAM or NVRAM implementation /// is buggy we can disable variable writing.