diff options
author | gdong1 <gdong1@6f19259b-4bc3-4df7-8a09-765794883524> | 2011-09-27 08:44:33 +0000 |
---|---|---|
committer | gdong1 <gdong1@6f19259b-4bc3-4df7-8a09-765794883524> | 2011-09-27 08:44:33 +0000 |
commit | 607599bf3d054da087529e58883650ad693aad3d (patch) | |
tree | f81b7e4da123248735d3bf03ac5754f753e7945a /SecurityPkg/Include/Library/TcgPhysicalPresenceLib.h | |
parent | f00237c1d2577a7bb297e131f29bc29d1f84bfc8 (diff) | |
download | edk2-platforms-607599bf3d054da087529e58883650ad693aad3d.tar.xz |
Implement Tcg physical presence as a library instead of DXE driver in order that TPM can be locked as early as possible.
Signed-off-by: gdong1
Reviewed-by: hhtian
Reviewed-by: niruiyu
Reviewed-by: xdu2
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12447 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'SecurityPkg/Include/Library/TcgPhysicalPresenceLib.h')
-rw-r--r-- | SecurityPkg/Include/Library/TcgPhysicalPresenceLib.h | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/SecurityPkg/Include/Library/TcgPhysicalPresenceLib.h b/SecurityPkg/Include/Library/TcgPhysicalPresenceLib.h new file mode 100644 index 0000000000..05f2b228bf --- /dev/null +++ b/SecurityPkg/Include/Library/TcgPhysicalPresenceLib.h @@ -0,0 +1,38 @@ +/** @file
+ Ihis library is intended to be used by BDS modules.
+ This library will lock TPM after executing TPM request.
+
+Copyright (c) 2011, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#ifndef _TCG_PHYSICAL_PRESENCE_LIB_H_
+#define _TCG_PHYSICAL_PRESENCE_LIB_H_
+
+/**
+ Check and execute the pending TPM request and Lock TPM.
+
+ The TPM request may come from OS or BIOS. This API will display request information and wait
+ for user confirmation if TPM request exists. The TPM request will be sent to TPM device after
+ the TPM request is confirmed, and one or more reset may be required to make TPM request to
+ take effect. At last, it will lock TPM to prevent TPM state change by malware.
+
+ This API should be invoked after console in and console out are all ready as they are required
+ to display request information and get user input to confirm the request. This API should also
+ be invoked as early as possible as TPM is locked in this function.
+
+**/
+VOID
+EFIAPI
+TcgPhysicalPresenceLibProcessRequest (
+ VOID
+ );
+
+#endif
|