Correct, im using my own GUID and Name, they started to name theses variables Private Authenticated Variables since UEFI 2.7 as stated in the session on how the firmware validate the payload to SetVariable using EFI_VARIABLE_AUTHENTICATION2 descriptor:

"Otherwise, if the variable is none of the above, it shall be designated a Private Authenticated Variable..."

In my case the first write is failing, i got a Security Violation return when trying to create the variable, you used Key/cert which chains to PK/KEK when creating variables on production devices? Maybe im missing something. Let me know if i need to provide more information, as i stated before i can provide the same scripts/sources im using.

Thanks in advance.

Em 23/11/2019 01:59, Eugene Khoruzhenko escreveu:

Hi Paulo,

Just to be clear - your variables have your own GUID and Name, so your variables are "common" Authenticated Variables, correct? What exactly is failing in your case:

You cannot write your variable first time, so it does not get created?

Or you can create, but cannot update after it's been created?

I seem to be able to create my Authenticated Variables on a number of production devices, including Dell, but then these variables cannot be deleted. I see exactly why deletion does not work - bug https://bugzilla.tianocore.org/show_bug.cgi?id=2374, but this issue is specific to deletion only.