--- /dev/null
+/** @file\r
+ This driver produces PEI_LOCK_PHYSICAL_PRESENCE_PPI to indicate \r
+ whether TPM need be locked or not. It can be replaced by a platform \r
+ specific driver.\r
+\r
+Copyright (c) 2005 - 2011, Intel Corporation. All rights reserved.<BR>\r
+This program and the accompanying materials \r
+are licensed and made available under the terms and conditions of the BSD License \r
+which accompanies this distribution. The full text of the license may be found at \r
+http://opensource.org/licenses/bsd-license.php\r
+\r
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+\r
+**/\r
+\r
+#include <PiPei.h>\r
+#include <Ppi/LockPhysicalPresence.h>\r
+#include <Ppi/ReadOnlyVariable2.h>\r
+#include <Guid/PhysicalPresenceData.h>\r
+#include <Library/PcdLib.h>\r
+#include <Library/PeiServicesLib.h>\r
+\r
+/**\r
+ This interface returns whether TPM physical presence needs be locked or not.\r
+\r
+ @param[in] PeiServices The pointer to the PEI Services Table.\r
+\r
+ @retval TRUE The TPM physical presence should be locked.\r
+ @retval FALSE The TPM physical presence cannot be locked.\r
+\r
+**/\r
+BOOLEAN\r
+EFIAPI\r
+LockTpmPhysicalPresence (\r
+ IN CONST EFI_PEI_SERVICES **PeiServices\r
+ );\r
+\r
+//\r
+// Gobal defintions for lock physical presence PPI and its descriptor.\r
+//\r
+PEI_LOCK_PHYSICAL_PRESENCE_PPI mLockPhysicalPresencePpi = {\r
+ LockTpmPhysicalPresence\r
+};\r
+\r
+EFI_PEI_PPI_DESCRIPTOR mLockPhysicalPresencePpiList = {\r
+ EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,\r
+ &gPeiLockPhysicalPresencePpiGuid,\r
+ &mLockPhysicalPresencePpi\r
+};\r
+\r
+/**\r
+ This interface returns whether TPM physical presence needs be locked or not.\r
+\r
+ @param[in] PeiServices The pointer to the PEI Services Table.\r
+\r
+ @retval TRUE The TPM physical presence should be locked.\r
+ @retval FALSE The TPM physical presence cannot be locked.\r
+\r
+**/\r
+BOOLEAN\r
+EFIAPI\r
+LockTpmPhysicalPresence (\r
+ IN CONST EFI_PEI_SERVICES **PeiServices\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ EFI_PEI_READ_ONLY_VARIABLE2_PPI *Variable;\r
+ UINTN DataSize;\r
+ EFI_PHYSICAL_PRESENCE TcgPpData;\r
+\r
+ //\r
+ // The CRTM has sensed the physical presence assertion of the user. For example, \r
+ // the user has pressed the startup button or inserted a USB dongle. The details \r
+ // of the implementation are vendor-specific. Here we read a PCD value to indicate\r
+ // whether operator physical presence.\r
+ // \r
+ if (!PcdGetBool (PcdTpmPhysicalPresence)) {\r
+ return TRUE;\r
+ }\r
+\r
+ //\r
+ // Check the pending TPM requests. Lock TPM physical presence if there is no TPM \r
+ // request. \r
+ //\r
+ Status = PeiServicesLocatePpi (\r
+ &gEfiPeiReadOnlyVariable2PpiGuid,\r
+ 0,\r
+ NULL,\r
+ (VOID **)&Variable\r
+ );\r
+ if (!EFI_ERROR (Status)) {\r
+ DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r
+ Status = Variable->GetVariable ( \r
+ Variable, \r
+ PHYSICAL_PRESENCE_VARIABLE,\r
+ &gEfiPhysicalPresenceGuid,\r
+ NULL,\r
+ &DataSize,\r
+ &TcgPpData\r
+ );\r
+ if (!EFI_ERROR (Status)) {\r
+ if (TcgPpData.PPRequest != 0) {\r
+ return FALSE;\r
+ }\r
+ }\r
+ }\r
+\r
+ //\r
+ // Lock TPM physical presence by default.\r
+ //\r
+ return TRUE;\r
+}\r
+\r
+/**\r
+ Entry point of this module.\r
+\r
+ It installs lock physical presence PPI. \r
+\r
+ @param[in] FileHandle Handle of the file being invoked.\r
+ @param[in] PeiServices Describes the list of possible PEI Services.\r
+\r
+ @return Status of install lock physical presence PPI.\r
+\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+PeimEntry (\r
+ IN EFI_PEI_FILE_HANDLE FileHandle,\r
+ IN CONST EFI_PEI_SERVICES **PeiServices\r
+ )\r
+{\r
+ return PeiServicesInstallPpi (&mLockPhysicalPresencePpiList);\r
+}\r
projects / mirror_edk2.git / blobdiff