diff options
| author | Michael Kinney <michael.d.kinney@intel.com> | 2015-12-15 19:23:57 +0000 |
|---|---|---|
| committer | mdkinney <mdkinney@Edk2> | 2015-12-15 19:23:57 +0000 |
| commit | b303605e1b7e113b4311daf161c6c3289350447b (patch) | |
| tree | 67bf068eb99ea84822f234b7194ee1084ee5455a /QuarkPlatformPkg/Library/PlatformSecureLib/PlatformSecureLib.c | |
| parent | 9b6bbcdbfdf5e54c6d1ed538ea8076d0858fb164 (diff) | |
| download | edk2-platforms-b303605e1b7e113b4311daf161c6c3289350447b.tar.xz | |
QuarkPlatformPkg: Add new package for Galileo boards
Changes for V4
==============
1) Move delete of QuarkSocPkg\QuarkNorthCluster\Binary\QuarkMicrocode
from QuarkPlatformPkg commit to QuarkSocPkg commit
2) Fix incorrect license header in PlatformSecLibModStrs.uni
Changes for V3
==============
1) Set PcdResetOnMemoryTypeInformationChange FALSE in QuarkMin.dsc
This is required because QuarkMin.dsc uses the emulated variable
driver that does not preserve any non-volatile UEFI variables
across reset. If the condition is met where the memory type
information variable needs to be updated, then the system will reset
every time the UEFI Shell is run. By setting this PCD to FALSE,
then reset action is disabled.
2) Move one binary file to QuarkSocBinPkg
3) Change RMU.bin FILE statements to INF statement in DSC FD region
to be compatible with PACKAGES_PATH search for QuarkSocBinPkg
Changes for V2
==============
1) Use new generic PCI serial driver PciSioSerialDxe in MdeModulePkg
2) Configure PcdPciSerialParameters for PCI serial driver for Quark
3) Use new MtrrLib API to reduce time to set MTRRs for all DRAM
4) Convert all UNI files to utf-8
5) Replace tabs with spaces and remove trailing spaces
6) Add License.txt
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Michael Kinney <michael.d.kinney@intel.com>
Acked-by: Jordan Justen <jordan.l.justen@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19287 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'QuarkPlatformPkg/Library/PlatformSecureLib/PlatformSecureLib.c')
| -rw-r--r-- | QuarkPlatformPkg/Library/PlatformSecureLib/PlatformSecureLib.c | 231 |
1 files changed, 231 insertions, 0 deletions
diff --git a/QuarkPlatformPkg/Library/PlatformSecureLib/PlatformSecureLib.c b/QuarkPlatformPkg/Library/PlatformSecureLib/PlatformSecureLib.c new file mode 100644 index 0000000000..169980c1b8 --- /dev/null +++ b/QuarkPlatformPkg/Library/PlatformSecureLib/PlatformSecureLib.c @@ -0,0 +1,231 @@ +/** @file
+Provides a secure platform-specific method to detect physically present user.
+
+Copyright (c) 2013 Intel Corporation.
+
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <PiDxe.h>
+#include <Library/PlatformHelperLib.h>
+#include <Library/DebugLib.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include <Library/I2cLib.h>
+
+#include <PlatformBoards.h>
+#include <Pcal9555.h>
+#include <QNCAccess.h>
+
+//
+// Global variable to cache pointer to I2C protocol.
+//
+EFI_PLATFORM_TYPE mPlatformType = TypeUnknown;
+
+BOOLEAN
+CheckResetButtonState (
+ VOID
+ )
+{
+ EFI_STATUS Status;
+ EFI_I2C_DEVICE_ADDRESS I2CSlaveAddress;
+ UINTN Length;
+ UINTN ReadLength;
+ UINT8 Buffer[2];
+
+ DEBUG ((EFI_D_ERROR, "CheckResetButtonState(): mPlatformType == %d\n", mPlatformType));
+ if (mPlatformType == GalileoGen2) {
+ //
+ // Reset Button - EXP2.P1_7 should be configured as an input.
+ //
+ PlatformPcal9555GpioSetDir (
+ GALILEO_GEN2_IOEXP2_7BIT_SLAVE_ADDR, // IO Expander 2.
+ 15, // P1-7.
+ FALSE
+ );
+
+ //
+ // Reset Button - EXP2.P1_7 pullup should be disabled.
+ //
+ PlatformPcal9555GpioDisablePull (
+ GALILEO_GEN2_IOEXP2_7BIT_SLAVE_ADDR, // IO Expander 2.
+ 15 // P1-7.
+ );
+
+ //
+ // Read state of Reset Button - EXP2.P1_7
+ // This GPIO is pulled high when the button is not pressed
+ // This GPIO reads low when button is pressed
+ //
+ return PlatformPcal9555GpioGetState (
+ GALILEO_GEN2_IOEXP2_7BIT_SLAVE_ADDR, // IO Expander 2.
+ 15 // P1-7.
+ );
+ }
+ if (mPlatformType == Galileo) {
+ //
+ // Detect the I2C Slave Address of the GPIO Expander
+ //
+ if (PlatformLegacyGpioGetLevel (R_QNC_GPIO_RGLVL_RESUME_WELL, GALILEO_DETERMINE_IOEXP_SLA_RESUMEWELL_GPIO)) {
+ I2CSlaveAddress.I2CDeviceAddress = GALILEO_IOEXP_J2HI_7BIT_SLAVE_ADDR;
+ } else {
+ I2CSlaveAddress.I2CDeviceAddress = GALILEO_IOEXP_J2LO_7BIT_SLAVE_ADDR;
+ }
+
+ //
+ // Select Port 5
+ //
+ Length = 2;
+ Buffer[0] = 0x18;
+ Buffer[1] = 0x05;
+ Status = I2cWriteMultipleByte (
+ I2CSlaveAddress,
+ EfiI2CSevenBitAddrMode,
+ &Length,
+ &Buffer
+ );
+ ASSERT_EFI_ERROR (Status);
+
+ //
+ // Read "Pin Direction" of Port 5
+ //
+ Length = 1;
+ ReadLength = 1;
+ Buffer[1] = 0x1C;
+ Status = I2cReadMultipleByte (
+ I2CSlaveAddress,
+ EfiI2CSevenBitAddrMode,
+ &Length,
+ &ReadLength,
+ &Buffer[1]
+ );
+ ASSERT_EFI_ERROR (Status);
+
+ //
+ // Set "Pin Direction" of Port 5, Bit 0 as input
+ //
+ Length = 2;
+ Buffer[0] = 0x1C;
+ Buffer[1] = Buffer[1] | BIT0;
+
+ Status = I2cWriteMultipleByte (
+ I2CSlaveAddress,
+ EfiI2CSevenBitAddrMode,
+ &Length,
+ &Buffer
+ );
+ ASSERT_EFI_ERROR (Status);
+
+ //
+ // Read Port 5
+ //
+ Buffer[1] = 5;
+ Length = 1;
+ ReadLength = 1;
+
+ Status = I2cReadMultipleByte (
+ I2CSlaveAddress,
+ EfiI2CSevenBitAddrMode,
+ &Length,
+ &ReadLength,
+ &Buffer[1]
+ );
+ ASSERT_EFI_ERROR (Status);
+
+ //
+ // Return the state of Port 5, Bit 0
+ //
+ return ((Buffer[1] & BIT0) != 0);
+ }
+ return TRUE;
+}
+
+/**
+
+ This function provides a platform-specific method to detect whether the platform
+ is operating by a physically present user.
+
+ Programmatic changing of platform security policy (such as disable Secure Boot,
+ or switch between Standard/Custom Secure Boot mode) MUST NOT be possible during
+ Boot Services or after exiting EFI Boot Services. Only a physically present user
+ is allowed to perform these operations.
+
+ NOTE THAT: This function cannot depend on any EFI Variable Service since they are
+ not available when this function is called in AuthenticateVariable driver.
+
+ @retval TRUE The platform is operated by a physically present user.
+ @retval FALSE The platform is NOT operated by a physically present user.
+
+**/
+BOOLEAN
+EFIAPI
+UserPhysicalPresent (
+ VOID
+ )
+{
+ EFI_STATUS Status;
+
+ //
+ // If user has already been detected as present, then return TRUE
+ //
+ if (PcdGetBool (PcdUserIsPhysicallyPresent)) {
+ return TRUE;
+ }
+
+ //
+ // Check to see if user is present now
+ //
+ if (CheckResetButtonState ()) {
+ //
+ // User is still not present, then return FALSE
+ //
+ return FALSE;
+ }
+
+ //
+ // User has gone from not present to present state, so set
+ // PcdUserIsPhysicallyPresent to TRUE
+ //
+ Status = PcdSetBoolS (PcdUserIsPhysicallyPresent, TRUE);
+ ASSERT_EFI_ERROR (Status);
+
+ return TRUE;
+}
+
+/**
+ Determines if a user is physically present by reading the reset button state.
+
+ @param ImageHandle The image handle of this driver.
+ @param SystemTable A pointer to the EFI System Table.
+
+ @retval EFI_SUCCESS Install the Secure Boot Helper Protocol successfully.
+
+**/
+EFI_STATUS
+EFIAPI
+PlatformSecureLibInitialize (
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_SYSTEM_TABLE *SystemTable
+ )
+{
+ EFI_STATUS Status;
+
+ //
+ // Get the platform type
+ //
+ mPlatformType = (EFI_PLATFORM_TYPE)PcdGet16 (PcdPlatformType);
+
+ //
+ // Read the state of the reset button when the library is initialized
+ //
+ Status = PcdSetBoolS (PcdUserIsPhysicallyPresent, !CheckResetButtonState ());
+ ASSERT_EFI_ERROR (Status);
+
+ return EFI_SUCCESS;
+}
|