]>
Commit | Line | Data |
---|---|---|
b303605e MK |
1 | /** @file\r |
2 | Provides a secure platform-specific method to detect physically present user.\r | |
3 | \r | |
b7d5f6ca | 4 | Copyright (c) 2013 - 2016 Intel Corporation.\r |
b303605e | 5 | \r |
0eb3de2e | 6 | SPDX-License-Identifier: BSD-2-Clause-Patent\r |
b303605e MK |
7 | \r |
8 | **/\r | |
9 | \r | |
10 | #include <PiDxe.h>\r | |
11 | #include <Library/PlatformHelperLib.h>\r | |
12 | #include <Library/DebugLib.h>\r | |
13 | #include <Library/UefiBootServicesTableLib.h>\r | |
14 | #include <Library/I2cLib.h>\r | |
15 | \r | |
16 | #include <PlatformBoards.h>\r | |
17 | #include <Pcal9555.h>\r | |
18 | #include <QNCAccess.h>\r | |
19 | \r | |
20 | //\r | |
21 | // Global variable to cache pointer to I2C protocol.\r | |
22 | //\r | |
23 | EFI_PLATFORM_TYPE mPlatformType = TypeUnknown;\r | |
24 | \r | |
25 | BOOLEAN\r | |
26 | CheckResetButtonState (\r | |
27 | VOID\r | |
28 | )\r | |
29 | {\r | |
30 | EFI_STATUS Status;\r | |
31 | EFI_I2C_DEVICE_ADDRESS I2CSlaveAddress;\r | |
32 | UINTN Length;\r | |
33 | UINTN ReadLength;\r | |
34 | UINT8 Buffer[2];\r | |
35 | \r | |
b7d5f6ca | 36 | DEBUG ((EFI_D_INFO, "CheckResetButtonState(): mPlatformType == %d\n", mPlatformType));\r |
b303605e | 37 | if (mPlatformType == GalileoGen2) {\r |
b303605e MK |
38 | //\r |
39 | // Read state of Reset Button - EXP2.P1_7\r | |
40 | // This GPIO is pulled high when the button is not pressed\r | |
41 | // This GPIO reads low when button is pressed\r | |
42 | //\r | |
43 | return PlatformPcal9555GpioGetState (\r | |
44 | GALILEO_GEN2_IOEXP2_7BIT_SLAVE_ADDR, // IO Expander 2.\r | |
45 | 15 // P1-7.\r | |
46 | );\r | |
47 | }\r | |
48 | if (mPlatformType == Galileo) {\r | |
49 | //\r | |
50 | // Detect the I2C Slave Address of the GPIO Expander\r | |
51 | //\r | |
52 | if (PlatformLegacyGpioGetLevel (R_QNC_GPIO_RGLVL_RESUME_WELL, GALILEO_DETERMINE_IOEXP_SLA_RESUMEWELL_GPIO)) {\r | |
53 | I2CSlaveAddress.I2CDeviceAddress = GALILEO_IOEXP_J2HI_7BIT_SLAVE_ADDR;\r | |
54 | } else {\r | |
55 | I2CSlaveAddress.I2CDeviceAddress = GALILEO_IOEXP_J2LO_7BIT_SLAVE_ADDR;\r | |
56 | }\r | |
b7d5f6ca | 57 | DEBUG ((EFI_D_INFO, "Galileo GPIO Expender Slave Address = %02x\n", I2CSlaveAddress.I2CDeviceAddress));\r |
b303605e MK |
58 | \r |
59 | //\r | |
b7d5f6ca | 60 | // Read state of RESET_N_SHLD (GPORT5_BIT0)\r |
b303605e MK |
61 | //\r |
62 | Buffer[1] = 5;\r | |
63 | Length = 1;\r | |
64 | ReadLength = 1;\r | |
b303605e MK |
65 | Status = I2cReadMultipleByte (\r |
66 | I2CSlaveAddress,\r | |
67 | EfiI2CSevenBitAddrMode,\r | |
68 | &Length,\r | |
69 | &ReadLength,\r | |
70 | &Buffer[1]\r | |
71 | );\r | |
72 | ASSERT_EFI_ERROR (Status);\r | |
73 | \r | |
74 | //\r | |
b7d5f6ca | 75 | // Return the state of GPORT5_BIT0\r |
b303605e MK |
76 | //\r |
77 | return ((Buffer[1] & BIT0) != 0);\r | |
78 | }\r | |
79 | return TRUE;\r | |
80 | }\r | |
81 | \r | |
82 | /**\r | |
83 | \r | |
84 | This function provides a platform-specific method to detect whether the platform\r | |
85 | is operating by a physically present user.\r | |
86 | \r | |
87 | Programmatic changing of platform security policy (such as disable Secure Boot,\r | |
88 | or switch between Standard/Custom Secure Boot mode) MUST NOT be possible during\r | |
89 | Boot Services or after exiting EFI Boot Services. Only a physically present user\r | |
90 | is allowed to perform these operations.\r | |
91 | \r | |
92 | NOTE THAT: This function cannot depend on any EFI Variable Service since they are\r | |
93 | not available when this function is called in AuthenticateVariable driver.\r | |
94 | \r | |
95 | @retval TRUE The platform is operated by a physically present user.\r | |
96 | @retval FALSE The platform is NOT operated by a physically present user.\r | |
97 | \r | |
98 | **/\r | |
99 | BOOLEAN\r | |
100 | EFIAPI\r | |
101 | UserPhysicalPresent (\r | |
102 | VOID\r | |
103 | )\r | |
104 | {\r | |
105 | EFI_STATUS Status;\r | |
106 | \r | |
107 | //\r | |
108 | // If user has already been detected as present, then return TRUE\r | |
109 | //\r | |
110 | if (PcdGetBool (PcdUserIsPhysicallyPresent)) {\r | |
111 | return TRUE;\r | |
112 | }\r | |
113 | \r | |
114 | //\r | |
115 | // Check to see if user is present now\r | |
116 | //\r | |
117 | if (CheckResetButtonState ()) {\r | |
118 | //\r | |
119 | // User is still not present, then return FALSE\r | |
120 | //\r | |
121 | return FALSE;\r | |
122 | }\r | |
123 | \r | |
124 | //\r | |
125 | // User has gone from not present to present state, so set\r | |
126 | // PcdUserIsPhysicallyPresent to TRUE\r | |
127 | //\r | |
128 | Status = PcdSetBoolS (PcdUserIsPhysicallyPresent, TRUE);\r | |
129 | ASSERT_EFI_ERROR (Status);\r | |
130 | \r | |
131 | return TRUE;\r | |
132 | }\r | |
133 | \r | |
134 | /**\r | |
135 | Determines if a user is physically present by reading the reset button state.\r | |
136 | \r | |
137 | @param ImageHandle The image handle of this driver.\r | |
138 | @param SystemTable A pointer to the EFI System Table.\r | |
139 | \r | |
140 | @retval EFI_SUCCESS Install the Secure Boot Helper Protocol successfully.\r | |
141 | \r | |
142 | **/\r | |
143 | EFI_STATUS\r | |
144 | EFIAPI\r | |
145 | PlatformSecureLibInitialize (\r | |
146 | IN EFI_HANDLE ImageHandle,\r | |
147 | IN EFI_SYSTEM_TABLE *SystemTable\r | |
148 | )\r | |
149 | {\r | |
150 | EFI_STATUS Status;\r | |
151 | \r | |
152 | //\r | |
153 | // Get the platform type\r | |
154 | //\r | |
155 | mPlatformType = (EFI_PLATFORM_TYPE)PcdGet16 (PcdPlatformType);\r | |
156 | \r | |
157 | //\r | |
158 | // Read the state of the reset button when the library is initialized\r | |
159 | //\r | |
160 | Status = PcdSetBoolS (PcdUserIsPhysicallyPresent, !CheckResetButtonState ());\r | |
161 | ASSERT_EFI_ERROR (Status);\r | |
162 | \r | |
163 | return EFI_SUCCESS;\r | |
164 | }\r |