Lines Matching +full:attribute +full:- +full:set
1 What: /sys/class/firmware-attributes/*/attributes/*/
12 Unless otherwise specified in an attribute description all attributes are optional
13 and will accept UTF-8 input.
16 A file that can be read to obtain the type of attribute.
17 This attribute is mandatory.
21 - enumeration: a set of pre-defined valid values
22 - integer: a range of numerical values
23 - string
26 -----------------
27 - ordered-list - a set of ordered list valid values
30 All attribute types support the following values:
39 This attribute is mandatory.
54 "enumeration"-type specific properties:
59 semi-colon (``;``).
61 "integer"-type specific properties:
73 increments of current_value this attribute accepts.
75 "string"-type specific properties:
86 ------------------------------
91 A file that can be read to obtain attribute-level
92 dependency rule. It says an attribute X will become read-only or
93 suppressed, if/if-not attribute Y is configured.
97 [ReadOnlyIf:<attribute>=<value>]
98 [ReadOnlyIfNot:<attribute>=<value>]
99 [SuppressIf:<attribute>=<value>]
100 [SuppressIfNot:<attribute>=<value>]
108 attribute is not "SelectDays" and its value will not be effective
114 A file that can be read to obtain value-level dependency.
116 attribute's current value will be forcefully changed based
121 <value>[ForceIf:<attribute>=<value>]
122 <value>[ForceIfNot:<attribute>=<value>]
135 ------------------------------
139 "ordered-list"-type specific properties:
144 semi-colon (``;``) and listed according to their priority.
147 the priority order for the particular attribute.
149 What: /sys/class/firmware-attributes/*/authentication/
159 For example a "BIOS Admin" password and "System" Password can be set,
162 - An "Admin" password is used for preventing modification to the BIOS
164 - A "System" password is required to boot a machine.
172 This attribute is mandatory.
176 This attribute is mandatory.
179 bios-admin:
181 power-on:
184 system-mgmt:
195 The means of authentication. This attribute is mandatory.
208 setting attributes when a system or admin password is set
211 This attribute is mandatory when mechanism == "password".
217 Note, password management is session specific. If Admin password is set,
219 password-validation) and must be cleared once the session is over.
226 Drivers may emit a CHANGE uevent when a password is set or unset
229 On Dell, Lenovo and HP systems, if Admin password is set, then all BIOS attributes
235 --------------------------------
239 role: system-mgmt This gives the same authority as the bios-admin password to control
240 security related features. The authorities allocated can be set via
248 or "scancode". Default is set to "ascii"
253 Default is set to "us"
256 Available for HDD and NVMe authentication to set 'user' or 'master'
259 unlock the drive at boot. If both master and user passwords are set
260 then either can be used. If a master password is set a user password
262 This attribute defaults to 'user' level
265 Used with HDD and NVME authentication to set the drive index
267 This attribute defaults to device 1.
273 The user writes to the attribute(s) with a BASE64 encoded string obtained
298 echo Enable > attribute/PasswordBeep/current_value
301 has not been set.
302 Clearing the certificate results in no bios-admin authentication method
308 Read only attribute used to display the MD5, SHA1 and SHA256 thumbprints
312 Write only attribute used to switch from certificate based authentication
320 --------------------------------
324 role: enhanced-bios-auth:
325 This role is specific to Secure Platform Management (SPM) attribute.
329 What: /sys/class/firmware-attributes/*/attributes/pending_reboot
336 A read-only attribute reads 1 if a reboot is necessary to apply
337 pending BIOS attribute changes. Also, an uevent_KOBJ_CHANGE is
343 attribute changes applied
349 1. Check if admin password is set. If yes, follow session method for
351 2. Before setting any attribute, check if it has any modifiers
353 attribute.
358 What: /sys/class/firmware-attributes/*/attributes/reset_bios
365 This attribute can be used to reset the BIOS Configuration.
371 - 'builtinsafe' (Built in safe configuration profile)
372 - 'lastknowngood' (Last known good saved configuration profile)
373 - 'factory' (Default factory settings configuration profile)
374 - 'custom' (Custom saved configuration profile)
379 # echo "factory" > /sys/class/firmware-attributes/*/device/attributes/reset_bios
380 # cat /sys/class/firmware-attributes/*/device/attributes/reset_bios
383 Note that any changes to this attribute requires a reboot
386 What: /sys/class/firmware-attributes/*/attributes/debug_cmd
391 This write only attribute can be used to send debug commands to the BIOS.
395 Note that any changes to this attribute requires a reboot for changes to take effect.
398 HP specific class extensions - Secure Platform Manager (SPM)
399 --------------------------------
401 What: /sys/class/firmware-attributes/*/authentication/SPM/kek
406 'kek' Key-Encryption-Key is a write-only file that can be used to configure the
413 What: /sys/class/firmware-attributes/*/authentication/SPM/sk
418 'sk' Signature Key is a write-only file that can be used to configure the RSA
424 What: /sys/class/firmware-attributes/*/authentication/SPM/status
429 'status' is a read-only file that returns ASCII text in JSON format reporting
434 "Nonce": <16-bit unsigned number display in base 10>,
435 "FeaturesInUse": <16-bit unsigned number display in base 10>,
439 What: /sys/class/firmware-attributes/*/attributes/Sure_Start/audit_log_entries
444 'audit_log_entries' is a read-only file that returns the events in the log.
448 Byte 0-15: Requested Audit Log entry (Each Audit log is 16 bytes)
449 Byte 16-127: Unused
451 What: /sys/class/firmware-attributes/*/attributes/Sure_Start/audit_log_entry_count
456 'audit_log_entry_count' is a read-only file that returns the number of existing