\r
/**\r
\r
- This function detects whether a secure platform-specific method to clear PK(Platform Key)\r
- is configured by platform owner. This method is provided for users force to clear PK\r
- in case incorrect enrollment mis-haps.\r
+ This function provides a platform-specific method to detect whether the platform\r
+ is operating by a physically present user. \r
\r
- UEFI231 spec chapter 27.5.2 stipulates: The platform key may also be cleared using\r
- a secure platform-specific method. In this case, the global variable SetupMode\r
- must also be updated to 1.\r
+ Programmatic changing of platform security policy (such as disable Secure Boot,\r
+ or switch between Standard/Custom Secure Boot mode) MUST NOT be possible during\r
+ Boot Services or after exiting EFI Boot Services. Only a physically present user\r
+ is allowed to perform these operations.\r
\r
NOTE THAT: This function cannot depend on any EFI Variable Service since they are\r
not available when this function is called in AuthenticateVariable driver.\r
-\r
- @retval TRUE The Platform owner wants to force clear PK.\r
- @retval FALSE The Platform owner doesn't want to force clear PK.\r
-\r
-**/\r
-BOOLEAN\r
-EFIAPI\r
-ForceClearPK (\r
- VOID\r
- )\r
-{\r
- return TRUE;\r
-}\r
-\r
-/**\r
-\r
- This function detects whether current platform is operated by a physical present user.\r
-\r
- @retval TRUE The Platform is operated by a physical present user.\r
- @retval FALSE The Platform is NOT operated by a physical persent user.\r
+ \r
+ @retval TRUE The platform is operated by a physically present user.\r
+ @retval FALSE The platform is NOT operated by a physically present user.\r
\r
**/\r
BOOLEAN\r
projects / mirror_edk2.git / blobdiff