SecurityPkg: Clean up source files

[mirror_edk2.git] / SecurityPkg / Include / Library / PlatformSecureLib.h

diff --git a/SecurityPkg/Include/Library/PlatformSecureLib.h b/SecurityPkg/Include/Library/PlatformSecureLib.h
index c544719ba21ec18628c87a522e59f51f51a81e3e..d645376917cbdc6986b7f4a904b08827d79abde9 100644 (file)
--- a/SecurityPkg/Include/Library/PlatformSecureLib.h
+++ b/SecurityPkg/Include/Library/PlatformSecureLib.h
@@ -1,13 +1,13 @@
 /** @file\r
-  Provides a secure platform-specific method to clear PK(Platform Key).\r
+  Provides a secure platform-specific method to detect physically present user.\r
 \r
-Copyright (c) 2011, Intel Corporation. All rights reserved.<BR>\r
-This program and the accompanying materials \r
-are licensed and made available under the terms and conditions of the BSD License \r
-which accompanies this distribution.  The full text of the license may be found at \r
+Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>\r
+This program and the accompanying materials\r
+are licensed and made available under the terms and conditions of the BSD License\r
+which accompanies this distribution.  The full text of the license may be found at\r
 http://opensource.org/licenses/bsd-license.php\r
 \r
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
 \r
 **/\r
@@ -18,25 +18,25 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 \r
 /**\r
 \r
-  This function detects whether a secure platform-specific method to clear PK(Platform Key)\r
-  is configured by platform owner. This method is provided for users force to clear PK \r
-  in case incorrect enrollment mis-haps.\r
-  \r
-  UEFI231 spec chapter 27.5.2 stipulates: The platform key may also be cleared using \r
-  a secure platform-specific method. In  this case, the global variable SetupMode \r
-  must also be updated to 1.\r
+  This function provides a platform-specific method to detect whether the platform\r
+  is operating by a physically present user.\r
+\r
+  Programmatic changing of platform security policy (such as disable Secure Boot,\r
+  or switch between Standard/Custom Secure Boot mode) MUST NOT be possible during\r
+  Boot Services or after exiting EFI Boot Services. Only a physically present user\r
+  is allowed to perform these operations.\r
 \r
   NOTE THAT: This function cannot depend on any EFI Variable Service since they are\r
   not available when this function is called in AuthenticateVariable driver.\r
-  \r
-  @retval  TRUE       The Platform owner wants to force clear PK.\r
-  @retval  FALSE      The Platform owner doesn't want to force clear PK. \r
+\r
+  @retval  TRUE       The platform is operated by a physically present user.\r
+  @retval  FALSE      The platform is NOT operated by a physically present user.\r
 \r
 **/\r
 BOOLEAN\r
 EFIAPI\r
-ForceClearPK (\r
+UserPhysicalPresent (\r
   VOID\r
   );\r
 \r
-#endif
\ No newline at end of file
+#endif\r