audk/SecurityPkg/Include/Library/PlatformSecureLib.h

37 lines
1.1 KiB
C
Raw Normal View History

/** @file
Provides a secure platform-specific method to detect physically present user.
Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#ifndef __PLATFORM_SECURE_LIB_H__
#define __PLATFORM_SECURE_LIB_H__
/**
This function provides a platform-specific method to detect whether the platform
is operating by a physically present user.
Programmatic changing of platform security policy (such as disable Secure Boot,
or switch between Standard/Custom Secure Boot mode) MUST NOT be possible during
Boot Services or after exiting EFI Boot Services. Only a physically present user
is allowed to perform these operations.
NOTE THAT: This function cannot depend on any EFI Variable Service since they are
not available when this function is called in AuthenticateVariable driver.
@retval TRUE The platform is operated by a physically present user.
@retval FALSE The platform is NOT operated by a physically present user.
**/
BOOLEAN
EFIAPI
UserPhysicalPresent (
VOID
);
#endif