]>
Commit | Line | Data |
---|---|---|
0c18794e | 1 | /** @file\r |
2 | This driver produces PEI_LOCK_PHYSICAL_PRESENCE_PPI to indicate \r | |
3 | whether TPM need be locked or not. It can be replaced by a platform \r | |
4 | specific driver.\r | |
5 | \r | |
6 | Copyright (c) 2005 - 2011, Intel Corporation. All rights reserved.<BR>\r | |
7 | This program and the accompanying materials \r | |
8 | are licensed and made available under the terms and conditions of the BSD License \r | |
9 | which accompanies this distribution. The full text of the license may be found at \r | |
10 | http://opensource.org/licenses/bsd-license.php\r | |
11 | \r | |
12 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r | |
13 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r | |
14 | \r | |
15 | **/\r | |
16 | \r | |
17 | #include <PiPei.h>\r | |
18 | #include <Ppi/LockPhysicalPresence.h>\r | |
19 | #include <Ppi/ReadOnlyVariable2.h>\r | |
20 | #include <Guid/PhysicalPresenceData.h>\r | |
21 | #include <Library/PcdLib.h>\r | |
22 | #include <Library/PeiServicesLib.h>\r | |
23 | \r | |
24 | /**\r | |
25 | This interface returns whether TPM physical presence needs be locked or not.\r | |
26 | \r | |
27 | @param[in] PeiServices The pointer to the PEI Services Table.\r | |
28 | \r | |
29 | @retval TRUE The TPM physical presence should be locked.\r | |
30 | @retval FALSE The TPM physical presence cannot be locked.\r | |
31 | \r | |
32 | **/\r | |
33 | BOOLEAN\r | |
34 | EFIAPI\r | |
35 | LockTpmPhysicalPresence (\r | |
36 | IN CONST EFI_PEI_SERVICES **PeiServices\r | |
37 | );\r | |
38 | \r | |
39 | //\r | |
40 | // Gobal defintions for lock physical presence PPI and its descriptor.\r | |
41 | //\r | |
42 | PEI_LOCK_PHYSICAL_PRESENCE_PPI mLockPhysicalPresencePpi = {\r | |
43 | LockTpmPhysicalPresence\r | |
44 | };\r | |
45 | \r | |
46 | EFI_PEI_PPI_DESCRIPTOR mLockPhysicalPresencePpiList = {\r | |
47 | EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,\r | |
48 | &gPeiLockPhysicalPresencePpiGuid,\r | |
49 | &mLockPhysicalPresencePpi\r | |
50 | };\r | |
51 | \r | |
52 | /**\r | |
53 | This interface returns whether TPM physical presence needs be locked or not.\r | |
54 | \r | |
55 | @param[in] PeiServices The pointer to the PEI Services Table.\r | |
56 | \r | |
57 | @retval TRUE The TPM physical presence should be locked.\r | |
58 | @retval FALSE The TPM physical presence cannot be locked.\r | |
59 | \r | |
60 | **/\r | |
61 | BOOLEAN\r | |
62 | EFIAPI\r | |
63 | LockTpmPhysicalPresence (\r | |
64 | IN CONST EFI_PEI_SERVICES **PeiServices\r | |
65 | )\r | |
66 | {\r | |
67 | EFI_STATUS Status;\r | |
68 | EFI_PEI_READ_ONLY_VARIABLE2_PPI *Variable;\r | |
69 | UINTN DataSize;\r | |
70 | EFI_PHYSICAL_PRESENCE TcgPpData;\r | |
71 | \r | |
72 | //\r | |
73 | // The CRTM has sensed the physical presence assertion of the user. For example, \r | |
74 | // the user has pressed the startup button or inserted a USB dongle. The details \r | |
75 | // of the implementation are vendor-specific. Here we read a PCD value to indicate\r | |
76 | // whether operator physical presence.\r | |
77 | // \r | |
78 | if (!PcdGetBool (PcdTpmPhysicalPresence)) {\r | |
79 | return TRUE;\r | |
80 | }\r | |
81 | \r | |
82 | //\r | |
83 | // Check the pending TPM requests. Lock TPM physical presence if there is no TPM \r | |
84 | // request. \r | |
85 | //\r | |
86 | Status = PeiServicesLocatePpi (\r | |
87 | &gEfiPeiReadOnlyVariable2PpiGuid,\r | |
88 | 0,\r | |
89 | NULL,\r | |
90 | (VOID **)&Variable\r | |
91 | );\r | |
92 | if (!EFI_ERROR (Status)) {\r | |
93 | DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r | |
94 | Status = Variable->GetVariable ( \r | |
95 | Variable, \r | |
96 | PHYSICAL_PRESENCE_VARIABLE,\r | |
97 | &gEfiPhysicalPresenceGuid,\r | |
98 | NULL,\r | |
99 | &DataSize,\r | |
100 | &TcgPpData\r | |
101 | );\r | |
102 | if (!EFI_ERROR (Status)) {\r | |
103 | if (TcgPpData.PPRequest != 0) {\r | |
104 | return FALSE;\r | |
105 | }\r | |
106 | }\r | |
107 | }\r | |
108 | \r | |
109 | //\r | |
110 | // Lock TPM physical presence by default.\r | |
111 | //\r | |
112 | return TRUE;\r | |
113 | }\r | |
114 | \r | |
115 | /**\r | |
116 | Entry point of this module.\r | |
117 | \r | |
118 | It installs lock physical presence PPI. \r | |
119 | \r | |
120 | @param[in] FileHandle Handle of the file being invoked.\r | |
121 | @param[in] PeiServices Describes the list of possible PEI Services.\r | |
122 | \r | |
123 | @return Status of install lock physical presence PPI.\r | |
124 | \r | |
125 | **/\r | |
126 | EFI_STATUS\r | |
127 | EFIAPI\r | |
128 | PeimEntry (\r | |
129 | IN EFI_PEI_FILE_HANDLE FileHandle,\r | |
130 | IN CONST EFI_PEI_SERVICES **PeiServices\r | |
131 | )\r | |
132 | {\r | |
133 | return PeiServicesInstallPpi (&mLockPhysicalPresencePpiList);\r | |
134 | }\r |