CHIPSEC is a “extensible framework for analyzing platform level security of hardware, devices, system firmware, low-level protection mechanisms, and the configuration of various platform components. It contains a set of modules, including simple tests for hardware protections and correct configuration, tests for vulnerabilities in firmware and platform components, security assessment and fuzzing tools for various platform devices and interfaces, and tools acquiring critical firmware and device artifacts”.
CHIPSEC is mostly written in Python for portability and can run in the UEFI shell as well as on Windows, Linux and OSX.
As I was having some difficulty with authenticated variables, I decided to use CHIPSEC to see what was going on by listing all the NVRAM variables. The platform I used was a Lenovo T480. Booting into a UEFI Shell, I used the following CHIPSEC v1.8.1 command chipsec_util uefi nvram T480_EFI_Variables.txt to produce output, part of which is shown below.
-------------------------------- EFI Variable (offset = 0x0): -------------------------------- Name : 8C1645001776 Guid : 937FE521-95AE-4D1A-8929-48BCD90AD31A Attributes: 0x3 ( NV+BS ) Data: DF 7F 55 11 CB E0 03 00 34 00 35 00 08 00 00 00 | U 4 5 01 00 00 00 30 00 36 00 04 00 00 00 02 00 00 00 | 0 6 2C 00 00 00 04 00 00 00 03 00 00 00 01 00 00 00 | , 01 00 00 00 8E 16 45 FF FE 00 17 76 | E v -------------------------------- EFI Variable (offset = 0x0): -------------------------------- Name : AMTSTATE Guid : 158DEF5A-F656-419C-B027-7A3192C079D2 Attributes: 0x3 ( NV+BS ) Data: 53 00 54 00 45 00 50 00 31 00 38 00 5F 00 30 00 | S T E P 1 8 _ 0 00 00 | -------------------------------- EFI Variable (offset = 0x0): -------------------------------- Name : AcpiGlobalVariable Guid : C020489E-6DB2-4EF2-9AA5-CA06FC11D36A Attributes: 0x3 ( NV+BS ) Data: 00 D0 F3 7F 00 00 00 00 |
The full output is quite large so I am not going to include all of it in this blog. If you wish to examine the complete output you can examine or retrieve the full output file at my public Download Area.
I massaged this output file to produce more useful output (to me) using the following bash script:
#!/bin/bash egrep '^Name|^Guid|^Attribute' T480_EFI_Variables.txt > t cut -b 13- t | awk 'NF==1 { print }; NF==4 { print $1$2$3$4 }' > t1 sed 's/0x[0-9]\+//' t1 > t2 paste -d' ' - - - < t2 | column -t > t3 sort -f t3 > efivars1.txt rm t t1 t2 t3
The following tags are used to denote the lifetime and visibility of a UEFI variable. Note that CHIPSEC uses different tags for authenticated variables than UEFI shell utilities such as dmpstore.
- Non-Volatile (NV) : Stored in SPI Flash based NVRAM
- Boot Service (BS) : Accessible to DXE drivers / Boot Loaders at boot time
- Run-Time (RT) : Accessible to the OS through run-time UEFI SetVariable/GetVariable API
- Time-Based Authenticated Write Access (TBAWS) : See the CHIPSEC secureboot variables section
- Authenticated Write Access (AWS) : See the CHIPSEC secureboot variables section
Here is the output after the above shell script was run on the output file, i.e. T480_EFI_Variables.txt.
$ cat efivars.txt1 8C1645001776 937FE521-95AE-4D1A-8929-48BCD90AD31A (NV+BS) AcpiGlobalVariable C020489E-6DB2-4EF2-9AA5-CA06FC11D36A (NV+BS) AMTSTATE 158DEF5A-F656-419C-B027-7A3192C079D2 (NV+BS) AuthVarKeyDatabase AAF32C78-947B-439A-A180-2E144EC37792 (NV+BS+RT+AWS) BiosSetup 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS+AWS) Boot0000 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0001 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0010 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0011 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0012 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0013 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0014 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0015 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0016 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0017 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0018 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0019 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot001A 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot001B 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot001C 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot001D 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot001E 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot001F 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0020 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0021 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0022 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0023 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0024 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) BootAllCDROM 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS) BootAllHDD 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS) BootAllPciLan 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS) BootCurrent 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (BS+RT) BootDebugPolicyApplied 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS) BootingDeviceTypeInfo 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS) BootMenu 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS+AWS) BootOptionNo_01 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS) BootOptionNo_02 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS) BootOptionNo_03 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS) BootOptionSupport 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (BS+RT) BootOrder 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) BootOrderDefault 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS+RT+AWS) BootState 60B5E939-0FCF-4227-BA83-6BBED45BC0E3 (NV+BS+RT) BugCheckCode BA57E015-65B3-4C3C-B274-659192F699E3 (NV+BS+RT) BugCheckParameter1 BA57E015-65B3-4C3C-B274-659192F699E3 (NV+BS+RT) BugCheckProgress BA57E015-65B3-4C3C-B274-659192F699E3 (NV+BS+RT) CapsuleLongModeBuffer 711C703F-C285-4B10-A3B0-36ECBD3C8BE2 (NV+BS+RT) cat 0053D9D6-2659-4599-A26B-EF4536E631A9 (BS) cd.. 0053D9D6-2659-4599-A26B-EF4536E631A9 (BS) cd\ 0053D9D6-2659-4599-A26B-EF4536E631A9 (BS) certdb D9BEE56E-75DC-49D9-B4D7-B534210F637A (NV+BS+RT+TBAWS) ClientId 9FB9A8A1-2F4A-43A6-889C-D0F7B6C47AD5 (NV+BS) ColdReset EC87D643-EBA4-4BB5-A1E5-3F3E36B20DA9 (BS) ConIn 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) ConInDev 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (BS+RT) ConOut 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) ConOutDev 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (BS+RT) copy 0053D9D6-2659-4599-A26B-EF4536E631A9 (BS) CpuColdReset B08F97FF-E6E8-4193-A997-5E9E9B0ADB32 (BS) CpuSetup B08F97FF-E6E8-4193-A997-5E9E9B0ADB32 (NV+BS+RT) CpuSetupVolatileData B08F97FF-E6E8-4193-A997-5E9E9B0ADB32 (BS+RT) CpuSmm 90D93E09-4E91-4B3D-8C77-C82FF10E3C81 (NV+BS) CurrentActivePolicy 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS) CurrentPolicy 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS+RT+TBAWS) CustomMode C076EC0C-7028-4399-A072-71EE5C448B9F (NV+BS) cwd 158DEF5A-F656-419C-B027-7A3192C079D2 (BS) db D719B2CB-3D3A-4596-A3BC-DAD00E67656F (NV+BS+RT+TBAWS) dbx D719B2CB-3D3A-4596-A3BC-DAD00E67656F (NV+BS+RT+TBAWS) del 0053D9D6-2659-4599-A26B-EF4536E631A9 (BS) DIAGSPLSHSCRN A7D8D9A6-6AB0-4AEB-AD9D-163E59A7A380 (BS+RT) dir 0053D9D6-2659-4599-A26B-EF4536E631A9 (BS) E86A643B281A 5B446ED1-E30B-4FAA-871A-3654ECA36080 (NV+BS) EPCBIOS C60AA7F6-E8D6-4956-8BA1-FE26298F5E87 (NV+BS+RT) EPCSW D69A279B-58EB-45D1-A148-771BB9EB5251 (NV+BS+RT) ErrOutDev 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (BS+RT) ESRTPLATFORMENTRY B87A926D-189C-49A1-B1FF-921099B1DE89 (NV+BS+RT) EventLog 57A34C69-4D62-0B7E-86E4-939C5C9B7C93 (BS+RT) FirmwarePerformance C095791A-3001-47B2-80C9-EAC7319F2FA4 (NV+BS) HSTI_RESULTS 8732B833-5367-422C-A77D-99E5B51039A8 (NV+BS) IccMbpData 64192DCA-D034-49D2-A6DE-65A829EB4C74 (BS) InitSetupVariable EC87D643-EBA4-4BB5-A1E5-3F3E36B20DA9 (NV+BS+RT) KEK 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT+TBAWS) Kernel_ATPSiStatus 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS+RT) Kernel_DriverSiStatus 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS+RT) Kernel_EntRevokeSiStatus 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS+RT) Kernel_RvkSiStatus 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS+RT) Kernel_SiStatus 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS+RT) Kernel_SkuSiStatus 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS+RT) Kernel_WinSiStatus 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS+RT) Key0000 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Key0001 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Key0002 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Key0003 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Key0004 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Key0005 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Key0006 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Key0007 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) LastBootCurrent 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS+RT) LastBootOrder 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS+RT) lasterror 158DEF5A-F656-419C-B027-7A3192C079D2 (BS) LastMemoryMapInfomation 2A4DC6B7-41F5-45DD-B46F-2DD334C1CF65 (NV+BS) LBC 2A4DC6B7-41F5-45DD-B46F-2DD334C1CF65 (NV+BS+RT) LBL 2A4DC6B7-41F5-45DD-B46F-2DD334C1CF65 (NV+BS+RT+AWS) lBoot0000 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0001 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0010 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0011 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0012 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0013 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0014 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0015 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0016 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0017 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0018 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0019 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot001A 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot001B 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot001C 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot001D 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot001E 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot001F 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0020 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0021 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0022 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0023 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0024 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) LenovoBDG 49AD5446-9D32-4455-AF9B-D774BDA2CF8B (NV+BS+RT) LenovoConfig 2A4DC6B7-41F5-45DD-B46F-2DD334C1CF65 (NV+BS+RT) LenovoFprData 54447606-288E-4136-9804-BD4F170D8695 (NV+BS+RT) LenovoFunctionConfig 580020C3-6C9C-4F93-8008-7FADC1FCFEDD (NV+BS+RT) LenovoHddSecInfoVar 2D8FBE63-3A04-4EF8-A8A4-77321DB5A9AB (BS) LenovoHiddenSetting 1827CFC7-4E61-4273-B796-D35F4B0C88FC (NV+BS+RT) LenovoLogging 37D3E8E0-8858-4B84-A106-244BB8CBFDC3 (NV+BS+RT) LenovoMSScratch FEFB2903-93D9-474B-8685-4EA6BB4FB5FB (NV+BS+AWS) LenovoPciResource EC0CF62F-0742-4C78-A738-8D66158969D4 (NV+BS) LenovoScratchData 67C3208E-4FCB-498F-9729-0760BB4109A7 (NV+BS+RT) LenovoSecurityConfig A2C1808F-0D4F-4CC9-A619-D1E641D39D49 (NV+BS+RT+AWS) LenovoSystemConfig 2A4DC6B7-41F5-45DD-B46F-2DD334C1CF65 (NV+BS+RT) LenovoSystemUniqueInformation 54447606-288E-4136-9804-BD4F170D8695 (BS) LenovoThermalShutdown 943D1460-DA6E-499A-AF6D-4593B12BC4D7 (NV+BS+RT) LenovoTpmFwUpdate 38243F72-E87F-468F-B19C-478598C46C3F (NV+BS+RT) LenovoWmaSupport 286091EF-33A8-48E6-AF77-1E03344C7A18 (NV+BS) LenovoWolInfo 0AF4027F-9B58-41C0-B62F-CD3A1CEF54EE (NV+BS+RT) LnvSysCfgReq 7B07D184-02D0-4BFD-AD6E-554C39353A13 (NV+BS+RT) LWO 2A4DC6B7-41F5-45DD-B46F-2DD334C1CF65 (NV+BS+RT) MailBoxQ 67C3208E-4FCB-498F-9729-0760BB4109A7 (NV+BS+RT) MATP 4D07921A-D613-48F0-8537-BA489342D757 (NV+BS) md 0053D9D6-2659-4599-A26B-EF4536E631A9 (BS) MeColdReset 5432122D-D034-49D2-A6DE-65A829EB4C74 (BS) MeInfoSetup 78259433-7B6D-4DB3-9AE8-36C4C2C3A17D (BS) mem 0053D9D6-2659-4599-A26B-EF4536E631A9 (BS) MemoryConfig C94F8C4D-9B9A-45FE-8A55-238B67302643 (NV+BS) MemoryOverwriteRequestControl E20939BE-32D4-41BE-A150-897F85D49829 (NV+BS+RT) MemoryOverwriteRequestControlLock BB983CCF-151D-40E1-A07B-4A17BE168292 (NV+BS+RT) MemoryTypeInformation 4C19049F-4137-4DD3-9C10-8B97A83FFDFA (NV+BS) MemoryTypeInformationBackup 4C19049F-4137-4DD3-9C10-8B97A83FFDFA (NV+BS) MeSetup 5432122D-D034-49D2-A6DE-65A829EB4C74 (NV+BS) MeSetupStorage 5432122D-D034-49D2-A6DE-65A829EB4C74 (NV+BS) mount 0053D9D6-2659-4599-A26B-EF4536E631A9 (BS) move 0053D9D6-2659-4599-A26B-EF4536E631A9 (BS) MTC EB704011-1402-11D3-8E77-00A0C969723B (NV+BS+RT) nonesting 158DEF5A-F656-419C-B027-7A3192C079D2 (BS) OfflineUniqueIDEKPub EAEC226F-C9A3-477A-A826-DDC716CDC0E3 (NV+BS+RT) OfflineUniqueIDEKPubCRC EAEC226F-C9A3-477A-A826-DDC716CDC0E3 (NV+BS+RT) OsIndicationsSupported 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (BS+RT) OsProfile E59376D7-2DD9-42A3-9EC8-1D71D5E3C1EC (NV+BS+RT) path 158DEF5A-F656-419C-B027-7A3192C079D2 (BS) PbaStatusVar 0EC1A7F5-4904-40A0-8EAB-4BCC4666DA45 (NV+BS+RT) PBRDevicePath A9B5F8D2-CB6D-42C2-BC01-B5FFAAE4335E (NV+BS+RT) PchColdReset 4570B7F1-ADE8-4943-8DC3-406472842384 (BS) PchSetup 4570B7F1-ADE8-4943-8DC3-406472842384 (NV+BS+RT) PhysicalPresence 0F6499B1-E9AD-493D-B9C2-2F90815C6CBC (NV+BS+RT) PhysicalPresenceFlags 0F6499B1-E9AD-493D-B9C2-2F90815C6CBC (NV+BS+RT) PK 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT+TBAWS) PlatformConfigurationChange E3CACF62-3062-4E1D-978E-46807AB9747D (NV+BS) PlatformInfo 54C61C94-287D-4DC5-99D5-D38D1A53AE6B (NV+BS) PlatformLang 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) PlatformLangCodes 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (BS+RT) PNP0400_0_NV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0400_0_VV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0400_1_NV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0400_1_VV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0400_2_NV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0400_2_VV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0501_0_NV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0501_0_VV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0501_2_NV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0501_2_VV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0501_3_NV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0501_3_VV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0501_4_NV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0501_4_VV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0510_1_NV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0510_1_VV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0604_0_NV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0604_0_VV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0604_1_NV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0604_1_VV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0604_2_NV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0604_2_VV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) profiles 158DEF5A-F656-419C-B027-7A3192C079D2 (BS) ProtectedBootOptions 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS+RT+AWS) rc 158DEF5A-F656-419C-B027-7A3192C079D2 (NV+BS) ren 0053D9D6-2659-4599-A26B-EF4536E631A9 (BS) RnRPresenceLastBoot FA69B2AE-EE73-4097-B2FB-238B3C54EE7F (NV+BS) RstOptaneConfig 4DA4F952-2516-4D06-8975-65036403A8C7 (NV+BS+RT) RTC 378D7B65-8DA9-4773-B6E4-A47826A833E1 (NV+BS+RT) S3MemoryVariable 973218B9-1697-432A-8B34-4884B5DFB359 (NV+BS) SaColdReset 72C5E28C-7783-43A1-8767-FAD73FCCAFA4 (BS) SaPegData B414CAF8-8225-4D6F-B918-CDE5CB84CF0B (NV+BS) SaSetup 72C5E28C-7783-43A1-8767-FAD73FCCAFA4 (NV+BS+RT) SctCapResvMemAddr D79833DD-F670-468A-978B-EC883CDF5C88 (BS) SctCapResvMemSize D79833DD-F670-468A-978B-EC883CDF5C88 (BS) SctHotkey 4650C401-93F1-4AEB-B87D-C8204C047DEC (BS) SctLoadDefaultCreateFlag FACF6142-F416-45BE-A9B1-51A65D929D9F (NV+BS) SecureBoot 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (BS+RT) SecureBootEnable F0A30BC7-AF08-4556-99C4-001009C93A44 (NV+BS) Setup EC87D643-EBA4-4BB5-A1E5-3F3E36B20DA9 (NV+BS+RT) SetupCpuFeatures EC87D643-EBA4-4BB5-A1E5-3F3E36B20DA9 (NV+BS+RT) SetupHotKey A7D8D9A6-6AB0-4AEB-AD9D-163E59A7A380 (NV+BS+RT) SetupMode 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (BS+RT) SetupVolatileData EC87D643-EBA4-4BB5-A1E5-3F3E36B20DA9 (BS) SignatureSupport 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (BS+RT) SinitSvn ACDC5EEE-9014-4DA4-820F-D43B78010EC3 (NV+BS) SMBIOSELOG000 C3EEAE98-23BF-412B-AB60-EFCBB48E1534 (NV+BS+RT) SMBIOSELOGNUMBER C3EEAE98-23BF-412B-AB60-EFCBB48E1534 (NV+BS+RT) SMBIOSMEMSIZE C3EEAE98-23BF-412B-AB60-EFCBB48E1534 (NV+BS+RT) SOFTWAREGUARDSTATUS 9CB2E73F-7325-40F4-A484-659BB344C3CD (BS+RT) System E947FCF9-DD01-4965-B808-32A7B6815657 (NV+BS+RT) SystemAccess E770BB69-BCB4-4D04-9E97-23FF9456FEAC (NV+BS) Tcg2PhysicalPresence AEB9C5C1-94F1-4D02-BFD9-4602DB2D3C54 (NV+BS+RT) Tcg2PhysicalPresenceFlags AEB9C5C1-94F1-4D02-BFD9-4602DB2D3C54 (NV+BS+RT) TCG2_CONFIGURATION 6339D487-26BA-424B-9A5D-687E25D740BC (NV+BS) TcgSetup EC87D643-EBA4-4BB5-A1E5-3F3E36B20DA9 (NV+BS) Timeout 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) TpAcpiNvs E6F014AB-CB0E-456E-8AF7-7221EDB702F7 (NV+BS) TPMSTEPNEXT 158DEF5A-F656-419C-B027-7A3192C079D2 (NV+BS) UCR 14A22A97-8424-489E-9EAD-DC09255658B5 (NV+BS+RT) uefishellsupport 158DEF5A-F656-419C-B027-7A3192C079D2 (BS) uefishellversion 158DEF5A-F656-419C-B027-7A3192C079D2 (BS) uefiversion 158DEF5A-F656-419C-B027-7A3192C079D2 (BS) UnlockID EAEC226F-C9A3-477A-A826-DDC716CDC0E3 (NV+BS) UnlockIDCopy EAEC226F-C9A3-477A-A826-DDC716CDC0E3 (NV+BS+RT) UsbTypeC FC876842-D8F0-4844-AE32-1FF843797B17 (NV+BS) VarErrorFlag 04B37FE8-F6AE-480B-BDD5-37D98C5E89AA (NV+BS+RT) VendorKeys 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (BS+RT) VendorKeysNv 9073E4E0-60EC-4B6E-9903-4C223C260F3C (NV+BS+TBAWS) VsmLocalKey2 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS) WdtPersistentData 78CE2354-CFBC-4643-AEBA-07A27FA892BF (NV+BS) WindowsBootChainSvn 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS)
Some of these UEFI variables are new to me and I will probably explore them in a future blog.
As a comparison, I massaged the output of the standard UEFI Shell utility dmpstore using the following shell script
#!/bin/bash iconv -f UTF-16 -t UTF-8 T480_dmpstore.txt > T480_dmpstore_UTF8.txt awk '{ print $3, $2 }' T480_dmpstore_UTF8.txt > t sed -e "s/'//g" -e "s/:/ /g" t > t1 awk '{ print $2, $1, "("$3")" }' t1 | column -t | sort > efivars2.txt sed -i -E 's/RT\+BS/BS\+RT/' efivars2.txt rm t t1
to produce formatted and sorted output similar to efivars1.txt. Note that the dmpstore utility does not differentiate between Time-Based Authenticated Write Access (TBAWS) variables and Authenticated Write Access (AWS) variables in it’s output. Instead it simply tags both types as Authenticated Write (AW) variables. Also note the need to convert the dmpstore output from UTF-16 to UTF-8 if you are using a standard configured locale on a Unix or Linux system as the UEFI shell always outputs text in UTF-16 format.
Here is the full massaged output from dmpstore after the above shell script is run:
$ cat efivars2.txt 8C1645001776 5B446ED1-E30B-4FAA-871A-3654ECA36080 (NV+BS) 8C1645001776 937FE521-95AE-4D1A-8929-48BCD90AD31A (NV+BS) AcpiGlobalVariable C020489E-6DB2-4EF2-9AA5-CA06FC11D36A (NV+BS) AMTSTATE 158DEF5A-F656-419C-B027-7A3192C079D2 (NV+BS) AuthVarKeyDatabase AAF32C78-947B-439A-A180-2E144EC37792 (NV+BS+RT+AW) BiosSetup 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS+AW) Boot0000 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0001 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0010 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0011 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0012 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0013 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0014 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0015 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0016 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0017 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0018 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0019 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot001A 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot001B 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot001C 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot001D 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot001E 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot001F 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0020 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0021 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0022 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0023 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Boot0024 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) BootAllCDROM 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS) BootAllHDD 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS) BootAllPciLan 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS) BootCurrent 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (BS+RT) BootDebugPolicyApplied 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS) BootingDeviceTypeInfo 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS) BootMenu 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS+AW) BootOptionNo_01 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS) BootOptionNo_02 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS) BootOptionNo_03 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS) BootOptionSupport 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (BS+RT) BootOrder 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) BootOrderDefault 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS+RT+AW) BootState 60B5E939-0FCF-4227-BA83-6BBED45BC0E3 (NV+BS+RT) BugCheckCode BA57E015-65B3-4C3C-B274-659192F699E3 (NV+BS+RT) BugCheckParameter1 BA57E015-65B3-4C3C-B274-659192F699E3 (NV+BS+RT) BugCheckProgress BA57E015-65B3-4C3C-B274-659192F699E3 (NV+BS+RT) CapsuleLongModeBuffer 711C703F-C285-4B10-A3B0-36ECBD3C8BE2 (NV+BS+RT) cat 0053D9D6-2659-4599-A26B-EF4536E631A9 (BS) cd.. 0053D9D6-2659-4599-A26B-EF4536E631A9 (BS) cd\ 0053D9D6-2659-4599-A26B-EF4536E631A9 (BS) certdb D9BEE56E-75DC-49D9-B4D7-B534210F637A (NV+BS+RT+AT) ClientId 9FB9A8A1-2F4A-43A6-889C-D0F7B6C47AD5 (NV+BS) ColdReset EC87D643-EBA4-4BB5-A1E5-3F3E36B20DA9 (BS) ConIn 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) ConInDev 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (BS+RT) ConOut 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) ConOutDev 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (BS+RT) copy 0053D9D6-2659-4599-A26B-EF4536E631A9 (BS) CpuColdReset B08F97FF-E6E8-4193-A997-5E9E9B0ADB32 (BS) CpuSetup B08F97FF-E6E8-4193-A997-5E9E9B0ADB32 (NV+BS+RT) CpuSetupVolatileData B08F97FF-E6E8-4193-A997-5E9E9B0ADB32 (BS+RT) CpuSmm 90D93E09-4E91-4B3D-8C77-C82FF10E3C81 (NV+BS) CurrentActivePolicy 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS) CurrentPolicy 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS+RT+AT) CustomMode C076EC0C-7028-4399-A072-71EE5C448B9F (NV+BS) cwd 158DEF5A-F656-419C-B027-7A3192C079D2 (BS) db D719B2CB-3D3A-4596-A3BC-DAD00E67656F (NV+BS+RT+AT) dbx D719B2CB-3D3A-4596-A3BC-DAD00E67656F (NV+BS+RT+AT) del 0053D9D6-2659-4599-A26B-EF4536E631A9 (BS) DIAGSPLSHSCRN A7D8D9A6-6AB0-4AEB-AD9D-163E59A7A380 (BS+RT) dir 0053D9D6-2659-4599-A26B-EF4536E631A9 (BS) E86A643B281A 5B446ED1-E30B-4FAA-871A-3654ECA36080 (NV+BS) E86A643B281A 937FE521-95AE-4D1A-8929-48BCD90AD31A (NV+BS) EPCBIOS C60AA7F6-E8D6-4956-8BA1-FE26298F5E87 (NV+BS+RT) EPCSW D69A279B-58EB-45D1-A148-771BB9EB5251 (NV+BS+RT) ErrOutDev 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (BS+RT) ESRTPLATFORMENTRY B87A926D-189C-49A1-B1FF-921099B1DE89 (NV+BS+RT) EventLog 57A34C69-4D62-0B7E-86E4-939C5C9B7C93 (BS+RT) FirmwarePerformance C095791A-3001-47B2-80C9-EAC7319F2FA4 (NV+BS) HSTI_RESULTS 8732B833-5367-422C-A77D-99E5B51039A8 (NV+BS) IccMbpData 64192DCA-D034-49D2-A6DE-65A829EB4C74 (BS) InitSetupVariable EC87D643-EBA4-4BB5-A1E5-3F3E36B20DA9 (NV+BS+RT) KEK 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT+AT) Kernel_ATPSiStatus 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS+RT) Kernel_DriverSiStatus 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS+RT) Kernel_EntRevokeSiStatus 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS+RT) Kernel_RvkSiStatus 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS+RT) Kernel_SiStatus 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS+RT) Kernel_SkuSiStatus 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS+RT) Kernel_WinSiStatus 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS+RT) Key0000 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Key0001 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Key0002 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Key0003 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Key0004 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Key0005 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Key0006 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) Key0007 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) LastBootCurrent 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS+RT) LastBootOrder 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS+RT) lasterror 158DEF5A-F656-419C-B027-7A3192C079D2 (BS) LastMemoryMapInfomation 2A4DC6B7-41F5-45DD-B46F-2DD334C1CF65 (NV+BS) LBC 2A4DC6B7-41F5-45DD-B46F-2DD334C1CF65 (NV+BS+RT) LBL 2A4DC6B7-41F5-45DD-B46F-2DD334C1CF65 (NV+BS+RT+AW) lBoot0000 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0001 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0010 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0011 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0012 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0013 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0014 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0015 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0016 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0017 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0018 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0019 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot001A 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot001B 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot001C 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot001D 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot001E 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot001F 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0020 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0021 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0022 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0023 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) lBoot0024 146B234D-4052-4E07-B326-11220F8E1FE8 (BS+RT) LenovoBDG 49AD5446-9D32-4455-AF9B-D774BDA2CF8B (NV+BS+RT) LenovoConfig 2A4DC6B7-41F5-45DD-B46F-2DD334C1CF65 (NV+BS+RT) LenovoFprData 54447606-288E-4136-9804-BD4F170D8695 (NV+BS+RT) LenovoFunctionConfig 580020C3-6C9C-4F93-8008-7FADC1FCFEDD (NV+BS+RT) LenovoHddSecInfoVar 2D8FBE63-3A04-4EF8-A8A4-77321DB5A9AB (BS) LenovoHiddenSetting 1827CFC7-4E61-4273-B796-D35F4B0C88FC (NV+BS+RT) LenovoLogging 37D3E8E0-8858-4B84-A106-244BB8CBFDC3 (NV+BS+RT) LenovoMSScratch FEFB2903-93D9-474B-8685-4EA6BB4FB5FB (NV+BS+AW) LenovoPciResource EC0CF62F-0742-4C78-A738-8D66158969D4 (NV+BS) LenovoScratchData 67C3208E-4FCB-498F-9729-0760BB4109A7 (NV+BS+RT) LenovoSecurityConfig A2C1808F-0D4F-4CC9-A619-D1E641D39D49 (NV+BS+RT+AW) LenovoSystemConfig 2A4DC6B7-41F5-45DD-B46F-2DD334C1CF65 (NV+BS+RT) LenovoSystemUniqueInformation 54447606-288E-4136-9804-BD4F170D8695 (BS) LenovoThermalShutdown 943D1460-DA6E-499A-AF6D-4593B12BC4D7 (NV+BS+RT) LenovoTpmFwUpdate 38243F72-E87F-468F-B19C-478598C46C3F (NV+BS+RT) LenovoWmaSupport 286091EF-33A8-48E6-AF77-1E03344C7A18 (NV+BS) LenovoWolInfo 0AF4027F-9B58-41C0-B62F-CD3A1CEF54EE (NV+BS+RT) LnvSysCfgReq 7B07D184-02D0-4BFD-AD6E-554C39353A13 (NV+BS+RT) LWO 2A4DC6B7-41F5-45DD-B46F-2DD334C1CF65 (NV+BS+RT) MailBoxQ 67C3208E-4FCB-498F-9729-0760BB4109A7 (NV+BS+RT) MATP 4D07921A-D613-48F0-8537-BA489342D757 (NV+BS) md 0053D9D6-2659-4599-A26B-EF4536E631A9 (BS) MeColdReset 5432122D-D034-49D2-A6DE-65A829EB4C74 (BS) MeInfoSetup 78259433-7B6D-4DB3-9AE8-36C4C2C3A17D (BS) mem 0053D9D6-2659-4599-A26B-EF4536E631A9 (BS) MemoryConfig C94F8C4D-9B9A-45FE-8A55-238B67302643 (NV+BS) MemoryOverwriteRequestControl E20939BE-32D4-41BE-A150-897F85D49829 (NV+BS+RT) MemoryOverwriteRequestControlLock BB983CCF-151D-40E1-A07B-4A17BE168292 (NV+BS+RT) MemoryTypeInformation 4C19049F-4137-4DD3-9C10-8B97A83FFDFA (NV+BS) MemoryTypeInformationBackup 4C19049F-4137-4DD3-9C10-8B97A83FFDFA (NV+BS) MeSetup 5432122D-D034-49D2-A6DE-65A829EB4C74 (NV+BS) MeSetupStorage 5432122D-D034-49D2-A6DE-65A829EB4C74 (NV+BS) mount 0053D9D6-2659-4599-A26B-EF4536E631A9 (BS) move 0053D9D6-2659-4599-A26B-EF4536E631A9 (BS) MTC EB704011-1402-11D3-8E77-00A0C969723B (NV+BS+RT) nonesting 158DEF5A-F656-419C-B027-7A3192C079D2 (BS) OfflineUniqueIDEKPub EAEC226F-C9A3-477A-A826-DDC716CDC0E3 (NV+BS+RT) OfflineUniqueIDEKPubCRC EAEC226F-C9A3-477A-A826-DDC716CDC0E3 (NV+BS+RT) OsIndicationsSupported 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (BS+RT) OsProfile E59376D7-2DD9-42A3-9EC8-1D71D5E3C1EC (NV+BS+RT) path 158DEF5A-F656-419C-B027-7A3192C079D2 (BS) PbaStatusVar 0EC1A7F5-4904-40A0-8EAB-4BCC4666DA45 (NV+BS+RT) PBRDevicePath A9B5F8D2-CB6D-42C2-BC01-B5FFAAE4335E (NV+BS+RT) PchColdReset 4570B7F1-ADE8-4943-8DC3-406472842384 (BS) PchSetup 4570B7F1-ADE8-4943-8DC3-406472842384 (NV+BS+RT) PhysicalPresence 0F6499B1-E9AD-493D-B9C2-2F90815C6CBC (NV+BS+RT) PhysicalPresenceFlags 0F6499B1-E9AD-493D-B9C2-2F90815C6CBC (NV+BS+RT) PK 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT+AT) PlatformConfigurationChange E3CACF62-3062-4E1D-978E-46807AB9747D (NV+BS) PlatformInfo 54C61C94-287D-4DC5-99D5-D38D1A53AE6B (NV+BS) PlatformLang 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) PlatformLangCodes 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (BS+RT) PNP0400_0_NV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0400_0_VV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0400_1_NV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0400_1_VV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0400_2_NV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0400_2_VV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0501_0_NV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0501_0_VV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0501_2_NV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0501_2_VV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0501_3_NV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0501_3_VV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0501_4_NV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0501_4_VV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0510_1_NV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0510_1_VV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0604_0_NV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0604_0_VV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0604_1_NV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0604_1_VV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0604_2_NV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) PNP0604_2_VV 560BF58A-1E0D-4D7E-953F-2980A261E031 (NV+BS) profiles 158DEF5A-F656-419C-B027-7A3192C079D2 (BS) ProtectedBootOptions 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS+RT+AW) rc 158DEF5A-F656-419C-B027-7A3192C079D2 (NV+BS) ren 0053D9D6-2659-4599-A26B-EF4536E631A9 (BS) RnRPresenceLastBoot FA69B2AE-EE73-4097-B2FB-238B3C54EE7F (NV+BS) RstOptaneConfig 4DA4F952-2516-4D06-8975-65036403A8C7 (NV+BS+RT) RTC 378D7B65-8DA9-4773-B6E4-A47826A833E1 (NV+BS+RT) S3MemoryVariable 973218B9-1697-432A-8B34-4884B5DFB359 (NV+BS) SaColdReset 72C5E28C-7783-43A1-8767-FAD73FCCAFA4 (BS) SaPegData B414CAF8-8225-4D6F-B918-CDE5CB84CF0B (NV+BS) SaSetup 72C5E28C-7783-43A1-8767-FAD73FCCAFA4 (NV+BS+RT) SctCapResvMemAddr D79833DD-F670-468A-978B-EC883CDF5C88 (BS) SctCapResvMemSize D79833DD-F670-468A-978B-EC883CDF5C88 (BS) SctHotkey 4650C401-93F1-4AEB-B87D-C8204C047DEC (BS) SctLoadDefaultCreateFlag FACF6142-F416-45BE-A9B1-51A65D929D9F (NV+BS) SecureBoot 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (BS+RT) SecureBootEnable F0A30BC7-AF08-4556-99C4-001009C93A44 (NV+BS) Setup EC87D643-EBA4-4BB5-A1E5-3F3E36B20DA9 (NV+BS+RT) SetupCpuFeatures EC87D643-EBA4-4BB5-A1E5-3F3E36B20DA9 (NV+BS+RT) SetupHotKey A7D8D9A6-6AB0-4AEB-AD9D-163E59A7A380 (NV+BS+RT) SetupMode 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (BS+RT) SetupVolatileData EC87D643-EBA4-4BB5-A1E5-3F3E36B20DA9 (BS) SignatureSupport 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (BS+RT) SinitSvn ACDC5EEE-9014-4DA4-820F-D43B78010EC3 (NV+BS) SiPolicyOneTimeFix 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS) SMBIOSELOG000 C3EEAE98-23BF-412B-AB60-EFCBB48E1534 (NV+BS+RT) SMBIOSELOGNUMBER C3EEAE98-23BF-412B-AB60-EFCBB48E1534 (NV+BS+RT) SMBIOSMEMSIZE C3EEAE98-23BF-412B-AB60-EFCBB48E1534 (NV+BS+RT) SOFTWAREGUARDSTATUS 9CB2E73F-7325-40F4-A484-659BB344C3CD (BS+RT) System E947FCF9-DD01-4965-B808-32A7B6815657 (NV+BS+RT) SystemAccess E770BB69-BCB4-4D04-9E97-23FF9456FEAC (NV+BS) Tcg2PhysicalPresence AEB9C5C1-94F1-4D02-BFD9-4602DB2D3C54 (NV+BS+RT) Tcg2PhysicalPresenceFlags AEB9C5C1-94F1-4D02-BFD9-4602DB2D3C54 (NV+BS+RT) TCG2_CONFIGURATION 6339D487-26BA-424B-9A5D-687E25D740BC (NV+BS) TcgSetup EC87D643-EBA4-4BB5-A1E5-3F3E36B20DA9 (NV+BS) Timeout 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT) TpAcpiNvs E6F014AB-CB0E-456E-8AF7-7221EDB702F7 (NV+BS) TPMSTEPNEXT 158DEF5A-F656-419C-B027-7A3192C079D2 (NV+BS) UCR 14A22A97-8424-489E-9EAD-DC09255658B5 (NV+BS+RT) uefishellsupport 158DEF5A-F656-419C-B027-7A3192C079D2 (BS) uefishellversion 158DEF5A-F656-419C-B027-7A3192C079D2 (BS) uefiversion 158DEF5A-F656-419C-B027-7A3192C079D2 (BS) UnlockID EAEC226F-C9A3-477A-A826-DDC716CDC0E3 (NV+BS) UnlockIDCopy EAEC226F-C9A3-477A-A826-DDC716CDC0E3 (NV+BS+RT) UsbTypeC FC876842-D8F0-4844-AE32-1FF843797B17 (NV+BS) VarErrorFlag 04B37FE8-F6AE-480B-BDD5-37D98C5E89AA (NV+BS+RT) VendorKeys 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (BS+RT) VendorKeysNv 9073E4E0-60EC-4B6E-9903-4C223C260F3C (NV+BS+AT) VsmLocalKey2 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS) WdtPersistentData 78CE2354-CFBC-4643-AEBA-07A27FA892BF (NV+BS) WindowsBootChainSvn 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS)
Diffing the two formatted and sorted output files produces the following output:
0a1 > 8C1645001776 5B446ED1-E30B-4FAA-871A-3654ECA36080 (NV+BS) 4,5c5,6 < AuthVarKeyDatabase AAF32C78-947B-439A-A180-2E144EC37792 (NV+BS+RT+AWS) < BiosSetup 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS+AWS) --- > AuthVarKeyDatabase AAF32C78-947B-439A-A180-2E144EC37792 (NV+BS+RT+AW) > BiosSetup 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS+AW) 35c36 < BootMenu 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS+AWS) --- > BootMenu 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS+AW) 41c42 < BootOrderDefault 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS+RT+AWS) --- > BootOrderDefault 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS+RT+AW) 50c51 < certdb D9BEE56E-75DC-49D9-B4D7-B534210F637A (NV+BS+RT+TBAWS) --- > certdb D9BEE56E-75DC-49D9-B4D7-B534210F637A (NV+BS+RT+AT) 63c64 < CurrentPolicy 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS+RT+TBAWS) --- > CurrentPolicy 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS+RT+AT) 66,67c67,68 < db D719B2CB-3D3A-4596-A3BC-DAD00E67656F (NV+BS+RT+TBAWS) < dbx D719B2CB-3D3A-4596-A3BC-DAD00E67656F (NV+BS+RT+TBAWS) --- > db D719B2CB-3D3A-4596-A3BC-DAD00E67656F (NV+BS+RT+AT) > dbx D719B2CB-3D3A-4596-A3BC-DAD00E67656F (NV+BS+RT+AT) 71a73 > E86A643B281A 937FE521-95AE-4D1A-8929-48BCD90AD31A (NV+BS) 81c83 < KEK 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT+TBAWS) --- > KEK 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT+AT) 102c104 < LBL 2A4DC6B7-41F5-45DD-B46F-2DD334C1CF65 (NV+BS+RT+AWS) --- > LBL 2A4DC6B7-41F5-45DD-B46F-2DD334C1CF65 (NV+BS+RT+AW) 133c135 < LenovoMSScratch FEFB2903-93D9-474B-8685-4EA6BB4FB5FB (NV+BS+AWS) --- > LenovoMSScratch FEFB2903-93D9-474B-8685-4EA6BB4FB5FB (NV+BS+AW) 136c138 < LenovoSecurityConfig A2C1808F-0D4F-4CC9-A619-D1E641D39D49 (NV+BS+RT+AWS) --- > LenovoSecurityConfig A2C1808F-0D4F-4CC9-A619-D1E641D39D49 (NV+BS+RT+AW) 173c175 < PK 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT+TBAWS) --- > PK 8BE4DF61-93CA-11D2-AA0D-00E098032B8C (NV+BS+RT+AT) 201c203 < ProtectedBootOptions 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS+RT+AWS) --- > ProtectedBootOptions 0B7646A4-6B44-4332-8588-C8998117F2EF (NV+BS+RT+AW) 223a226 > SiPolicyOneTimeFix 77FA9ABD-0359-4D32-BD60-28F4E78F784B (NV+BS) 246c249 < VendorKeysNv 9073E4E0-60EC-4B6E-9903-4C223C260F3C (NV+BS+TBAWS) --- > VendorKeysNv 9073E4E0-60EC-4B6E-9903-4C223C260F3C (NV+BS+AT)
Note the second 8C1645001776 variable, together with the E86A643B281A and SiPolicyOneTimeFix variables, that are listed by dmpstore but not by CHIPSEC. These three variables warrant further investigation to figure out why CHIPSEC is not finding them.
Enjoy!