SecurityPkg/Include/Library/PlatformSecureLib.h

   1 /** @file
   2   Provides a secure platform-specific method to detect physically present user.
   3
   4 Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
   5 SPDX-License-Identifier: BSD-2-Clause-Patent
   6
   7 **/
   8
   9 #ifndef __PLATFORM_SECURE_LIB_H__
  10 #define __PLATFORM_SECURE_LIB_H__
  11
  12 /**
  13
  14   This function provides a platform-specific method to detect whether the platform
  15   is operating by a physically present user.
  16
  17   Programmatic changing of platform security policy (such as disable Secure Boot,
  18   or switch between Standard/Custom Secure Boot mode) MUST NOT be possible during
  19   Boot Services or after exiting EFI Boot Services. Only a physically present user
  20   is allowed to perform these operations.
  21
  22   NOTE THAT: This function cannot depend on any EFI Variable Service since they are
  23   not available when this function is called in AuthenticateVariable driver.
  24
  25   @retval  TRUE       The platform is operated by a physically present user.
  26   @retval  FALSE      The platform is NOT operated by a physically present user.
  27
  28 **/
  29 BOOLEAN
  30 EFIAPI
  31 UserPhysicalPresent (
  32   VOID
  33   );
  34
  35 #endif