[mirror_edk2.git] / SecurityPkg / Library / PlatformSecureLibNull / PlatformSecureLibNull.c

/** @file\r
  NULL PlatformSecureLib instance does NOT really detect whether a physical present\r
  user exists but return TRUE directly. This instance can be used to verify security\r
  related features during platform enabling and development. It should be replaced\r
  by a platform-specific method(e.g. Button pressed) in a real platform for product.\r
\r
Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>\r
SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
#include <Uefi/UefiBaseType.h>\r
\r
BOOLEAN       mUserPhysicalPresence      = FALSE;\r
\r
/**\r
\r
  This function provides a platform-specific method to detect whether the platform\r
  is operating by a physically present user.\r
\r
  Programmatic changing of platform security policy (such as disable Secure Boot,\r
  or switch between Standard/Custom Secure Boot mode) MUST NOT be possible during\r
  Boot Services or after exiting EFI Boot Services. Only a physically present user\r
  is allowed to perform these operations.\r
\r
  NOTE THAT: This function cannot depend on any EFI Variable Service since they are\r
  not available when this function is called in AuthenticateVariable driver.\r
\r
  @retval  TRUE       The platform is operated by a physically present user.\r
  @retval  FALSE      The platform is NOT operated by a physically present user.\r
\r
**/\r
BOOLEAN\r
EFIAPI\r
UserPhysicalPresent (\r
  VOID\r
  )\r
{\r
  return mUserPhysicalPresence;\r
}\r
\r
\r
/**\r
  Save user physical presence state from a PCD to mUserPhysicalPresence.\r
\r
  @retval  EFI_SUCCESS          PcdUserPhysicalPresence is got successfully.\r
\r
**/\r
RETURN_STATUS\r
EFIAPI\r
PlatformSecureLibNullConstructor (\r
  VOID\r
  )\r
{\r
\r
  mUserPhysicalPresence = PcdGetBool(PcdUserPhysicalPresence);\r
\r
  return RETURN_SUCCESS;\r
}\r
Commit	Line	Data
	1	/** @file\r
	2	NULL PlatformSecureLib instance does NOT really detect whether a physical present\r
	3	user exists but return TRUE directly. This instance can be used to verify security\r
	4	related features during platform enabling and development. It should be replaced\r
	5	by a platform-specific method(e.g. Button pressed) in a real platform for product.\r
	6	\r
	7	Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>\r
	8	SPDX-License-Identifier: BSD-2-Clause-Patent\r
	9	\r
	10	**/\r
	11	\r
	12	#include <Uefi/UefiBaseType.h>\r
	13	\r
	14	BOOLEAN mUserPhysicalPresence = FALSE;\r
	15	\r
	16	/**\r
	17	\r
	18	This function provides a platform-specific method to detect whether the platform\r
	19	is operating by a physically present user.\r
	20	\r
	21	Programmatic changing of platform security policy (such as disable Secure Boot,\r
	22	or switch between Standard/Custom Secure Boot mode) MUST NOT be possible during\r
	23	Boot Services or after exiting EFI Boot Services. Only a physically present user\r
	24	is allowed to perform these operations.\r
	25	\r
	26	NOTE THAT: This function cannot depend on any EFI Variable Service since they are\r
	27	not available when this function is called in AuthenticateVariable driver.\r
	28	\r
	29	@retval TRUE The platform is operated by a physically present user.\r
	30	@retval FALSE The platform is NOT operated by a physically present user.\r
	31	\r
	32	**/\r
	33	BOOLEAN\r
	34	EFIAPI\r
	35	UserPhysicalPresent (\r
	36	VOID\r
	37	)\r
	38	{\r
	39	return mUserPhysicalPresence;\r
	40	}\r
	41	\r
	42	\r
	43	/**\r
	44	Save user physical presence state from a PCD to mUserPhysicalPresence.\r
	45	\r
	46	@retval EFI_SUCCESS PcdUserPhysicalPresence is got successfully.\r
	47	\r
	48	**/\r
	49	RETURN_STATUS\r
	50	EFIAPI\r
	51	PlatformSecureLibNullConstructor (\r
	52	VOID\r
	53	)\r
	54	{\r
	55	\r
	56	mUserPhysicalPresence = PcdGetBool(PcdUserPhysicalPresence);\r
	57	\r
	58	return RETURN_SUCCESS;\r
	59	}\r