/** @file\r
- Provides a secure platform-specific method to clear PK(Platform Key).\r
+ Provides a secure platform-specific method to detect physically present user.\r
\r
-Copyright (c) 2011, Intel Corporation. All rights reserved.<BR>\r
-This program and the accompanying materials \r
-are licensed and made available under the terms and conditions of the BSD License \r
-which accompanies this distribution. The full text of the license may be found at \r
+Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>\r
+This program and the accompanying materials\r
+are licensed and made available under the terms and conditions of the BSD License\r
+which accompanies this distribution. The full text of the license may be found at\r
http://opensource.org/licenses/bsd-license.php\r
\r
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
\r
**/\r
\r
/**\r
\r
- This function detects whether a secure platform-specific method to clear PK(Platform Key)\r
- is configured by platform owner. This method is provided for users force to clear PK \r
- in case incorrect enrollment mis-haps.\r
- \r
- UEFI231 spec chapter 27.5.2 stipulates: The platform key may also be cleared using \r
- a secure platform-specific method. In this case, the global variable SetupMode \r
- must also be updated to 1.\r
+ This function provides a platform-specific method to detect whether the platform\r
+ is operating by a physically present user.\r
+\r
+ Programmatic changing of platform security policy (such as disable Secure Boot,\r
+ or switch between Standard/Custom Secure Boot mode) MUST NOT be possible during\r
+ Boot Services or after exiting EFI Boot Services. Only a physically present user\r
+ is allowed to perform these operations.\r
\r
NOTE THAT: This function cannot depend on any EFI Variable Service since they are\r
not available when this function is called in AuthenticateVariable driver.\r
- \r
- @retval TRUE The Platform owner wants to force clear PK.\r
- @retval FALSE The Platform owner doesn't want to force clear PK. \r
+\r
+ @retval TRUE The platform is operated by a physically present user.\r
+ @retval FALSE The platform is NOT operated by a physically present user.\r
\r
**/\r
BOOLEAN\r
EFIAPI\r
-ForceClearPK (\r
+UserPhysicalPresent (\r
VOID\r
);\r
\r
-#endif
\ No newline at end of file
+#endif\r