From af1a266670d040d2f4083ff309d732d648afba2a Mon Sep 17 00:00:00 2001 From: Angelos Mouzakitis Date: Tue, 10 Oct 2023 14:33:42 +0000 Subject: Add submodule dependency files Change-Id: Iaf8d18082d3991dec7c0ebbea540f092188eb4ec --- .../PlatformSecureLibNull/PlatformSecureLibNull.c | 59 ++++++++++++++++++++++ .../PlatformSecureLibNull.inf | 39 ++++++++++++++ .../PlatformSecureLibNull.uni | 19 +++++++ 3 files changed, 117 insertions(+) create mode 100644 roms/edk2/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.c create mode 100644 roms/edk2/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.inf create mode 100644 roms/edk2/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.uni (limited to 'roms/edk2/SecurityPkg/Library/PlatformSecureLibNull') diff --git a/roms/edk2/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.c b/roms/edk2/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.c new file mode 100644 index 000000000..c5a9d676c --- /dev/null +++ b/roms/edk2/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.c @@ -0,0 +1,59 @@ +/** @file + NULL PlatformSecureLib instance does NOT really detect whether a physical present + user exists but return TRUE directly. This instance can be used to verify security + related features during platform enabling and development. It should be replaced + by a platform-specific method(e.g. Button pressed) in a real platform for product. + +Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include + +BOOLEAN mUserPhysicalPresence = FALSE; + +/** + + This function provides a platform-specific method to detect whether the platform + is operating by a physically present user. + + Programmatic changing of platform security policy (such as disable Secure Boot, + or switch between Standard/Custom Secure Boot mode) MUST NOT be possible during + Boot Services or after exiting EFI Boot Services. Only a physically present user + is allowed to perform these operations. + + NOTE THAT: This function cannot depend on any EFI Variable Service since they are + not available when this function is called in AuthenticateVariable driver. + + @retval TRUE The platform is operated by a physically present user. + @retval FALSE The platform is NOT operated by a physically present user. + +**/ +BOOLEAN +EFIAPI +UserPhysicalPresent ( + VOID + ) +{ + return mUserPhysicalPresence; +} + + +/** + Save user physical presence state from a PCD to mUserPhysicalPresence. + + @retval EFI_SUCCESS PcdUserPhysicalPresence is got successfully. + +**/ +RETURN_STATUS +EFIAPI +PlatformSecureLibNullConstructor ( + VOID + ) +{ + + mUserPhysicalPresence = PcdGetBool(PcdUserPhysicalPresence); + + return RETURN_SUCCESS; +} diff --git a/roms/edk2/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.inf b/roms/edk2/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.inf new file mode 100644 index 000000000..85607aa64 --- /dev/null +++ b/roms/edk2/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.inf @@ -0,0 +1,39 @@ +## @file +# NULL platform secure library instance that always returns TRUE for a user physical present +# +# NULL PlatformSecureLib instance does NOT really detect whether a physical present +# user exists but returns TRUE directly. This instance can be used to verify security +# related features during platform enabling and development. It should be replaced +# by a platform-specific method(e.g. Button pressed) in a real platform for product. +# +# Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.
+# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +[Defines] + INF_VERSION = 0x00010005 + BASE_NAME = PlatformSecureLibNull + MODULE_UNI_FILE = PlatformSecureLibNull.uni + FILE_GUID = 7FA68D82-10A4-4e71-9524-D3D9500D3CDF + MODULE_TYPE = BASE + VERSION_STRING = 1.0 + LIBRARY_CLASS = PlatformSecureLib|DXE_RUNTIME_DRIVER DXE_SMM_DRIVER DXE_DRIVER MM_STANDALONE + CONSTRUCTOR = PlatformSecureLibNullConstructor + +# +# The following information is for reference only and not required by the build tools. +# +# VALID_ARCHITECTURES = IA32 X64 EBC +# + +[Sources] + PlatformSecureLibNull.c + +[Packages] + MdePkg/MdePkg.dec + SecurityPkg/SecurityPkg.dec + +[Pcd] + gEfiSecurityPkgTokenSpaceGuid.PcdUserPhysicalPresence ## CONSUMES + diff --git a/roms/edk2/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.uni b/roms/edk2/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.uni new file mode 100644 index 000000000..860b8cbb5 --- /dev/null +++ b/roms/edk2/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.uni @@ -0,0 +1,19 @@ +// /** @file +// NULL platform secure library instance that always returns TRUE for a user physical present +// +// NULL PlatformSecureLib instance does NOT really detect whether a physical present +// user exists but returns TRUE directly. This instance can be used to verify security +// related features during platform enabling and development. It should be replaced +// by a platform-specific method(e.g. Button pressed) in a real platform for product. +// +// Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.
+// +// SPDX-License-Identifier: BSD-2-Clause-Patent +// +// **/ + + +#string STR_MODULE_ABSTRACT #language en-US "NULL platform secure library instance that always returns TRUE for a user physical present" + +#string STR_MODULE_DESCRIPTION #language en-US "NULL PlatformSecureLib instance does NOT really detect whether a physical present user exists but returns TRUE directly. This instance can be used to verify security related features during platform enabling and development. It should be replaced by a platform-specific method(e.g. Button pressed) in a real platform for product." + -- cgit 1.2.3-korg