diff options
author | leegrosenbaum <leegrosenbaum@6f19259b-4bc3-4df7-8a09-765794883524> | 2012-04-11 16:23:41 +0000 |
---|---|---|
committer | leegrosenbaum <leegrosenbaum@6f19259b-4bc3-4df7-8a09-765794883524> | 2012-04-11 16:23:41 +0000 |
commit | 0ff38cbfa31468aaa96fb13aa489a684f22d647f (patch) | |
tree | c4b6459cced68a7a149a8ffac6921e98a74c4ef7 /Nt32Pkg/Library | |
parent | a46c36572d080dbd6c674e156b5ec486517c67c1 (diff) | |
download | edk2-platforms-0ff38cbfa31468aaa96fb13aa489a684f22d647f.tar.xz |
Nt32Pkg: Add Secure Boot build option including Custom Mode setup
If –D SECURE_BOOT_ENABLE is specified with the build command, Secure Boot support is enabled including custom mode setup.
This allows Secure Boot to be configured through setup allowing Nt32Pkg to be a fully functional Secure Boot reference platforms.
Signed-off-by: lee.g.rosenbaum@intel.com
Reviewed-by: jiewen.yao@intel.com
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13186 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'Nt32Pkg/Library')
-rw-r--r-- | Nt32Pkg/Library/PlatformSecureLib/PlatformSecureLib.c | 41 | ||||
-rw-r--r-- | Nt32Pkg/Library/PlatformSecureLib/PlatformSecureLib.inf | 33 |
2 files changed, 74 insertions, 0 deletions
diff --git a/Nt32Pkg/Library/PlatformSecureLib/PlatformSecureLib.c b/Nt32Pkg/Library/PlatformSecureLib/PlatformSecureLib.c new file mode 100644 index 0000000000..e7f33277f5 --- /dev/null +++ b/Nt32Pkg/Library/PlatformSecureLib/PlatformSecureLib.c @@ -0,0 +1,41 @@ +/** @file
+ Provides a platform-specific method to enable Secure Boot Custom Mode setup.
+
+ Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
+ This program and the accompanying materials
+ are licensed and made available under the terms and conditions of the BSD License
+ which accompanies this distribution. The full text of the license may be found at
+ http://opensource.org/licenses/bsd-license.php
+
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+#include <Library/PcdLib.h>
+
+
+/**
+
+ This function provides a platform-specific method to detect whether the platform
+ is operating by a physically present user.
+
+ Programmatic changing of platform security policy (such as disable Secure Boot,
+ or switch between Standard/Custom Secure Boot mode) MUST NOT be possible during
+ Boot Services or after exiting EFI Boot Services. Only a physically present user
+ is allowed to perform these operations.
+
+ NOTE THAT: This function cannot depend on any EFI Variable Service since they are
+ not available when this function is called in AuthenticateVariable driver.
+
+ @retval TRUE The platform is operated by a physically present user.
+ @retval FALSE The platform is NOT operated by a physically present user.
+
+**/
+BOOLEAN
+EFIAPI
+UserPhysicalPresent (
+ VOID
+ )
+{
+ return TRUE;
+}
diff --git a/Nt32Pkg/Library/PlatformSecureLib/PlatformSecureLib.inf b/Nt32Pkg/Library/PlatformSecureLib/PlatformSecureLib.inf new file mode 100644 index 0000000000..a6891dd5f3 --- /dev/null +++ b/Nt32Pkg/Library/PlatformSecureLib/PlatformSecureLib.inf @@ -0,0 +1,33 @@ +## @file
+# Provides a platform-specific method to enable Secure Boot Custom Mode setup.
+#
+# Copyright (c) 2008 - 2012, Intel Corporation. All rights reserved.<BR>
+#
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = PlatformSecureLib
+ FILE_GUID = F263EC2A-F0DB-4640-8B12-4ED22A506FB1
+ MODULE_TYPE = DXE_DRIVER
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = PlatformSecureLib|DXE_RUNTIME_DRIVER DXE_SMM_DRIVER DXE_DRIVER
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+# VALID_ARCHITECTURES = IA32 X64 IPF EBC
+#
+
+[Sources]
+ PlatformSecureLib.c
+
+[Packages]
+ MdePkg/MdePkg.dec
|