This lib is to indicate if the password is cleared. Cc: Qin Long <qin.l...@intel.com> Cc: Chao Zhang <chao.b.zh...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiewen Yao <jiewen....@intel.com> --- SecurityPkg/Include/Library/PlatformPasswordLib.h | 54 ++++++++++++++++++++ SecurityPkg/SecurityPkg.dec | 4 ++ 2 files changed, 58 insertions(+)
diff --git a/SecurityPkg/Include/Library/PlatformPasswordLib.h b/SecurityPkg/Include/Library/PlatformPasswordLib.h new file mode 100644 index 0000000..79067d2 --- /dev/null +++ b/SecurityPkg/Include/Library/PlatformPasswordLib.h @@ -0,0 +1,54 @@ +/** @file + Provides a platform-specific method to return password policy. + +Copyright (c) 2017, Intel Corporation. All rights reserved.<BR> +This program and the accompanying materials +are licensed and made available under the terms and conditions of the BSD License +which accompanies this distribution. The full text of the license may be found at +http://opensource.org/licenses/bsd-license.php + +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#ifndef __PLATFORM_PASSWORD_LIB_H__ +#define __PLATFORM_PASSWORD_LIB_H__ + +/** + This function is called at password driver entrypoint. + This function should be called only once, to clear the password. + + This function provides a way to reset the password, just in case + the platform owner forgets the password. + The platform should provide a secure way to make sure + only the platform owner is allowed to clear password. + + Once the password is cleared, the platform should provide a way + to set a new password. + + @retval TRUE There is a platform request to clear the password. + @retval FALSE There is no platform request to clear the password. +**/ +BOOLEAN +EFIAPI +IsPasswordCleared ( + VOID + ); + +/** + This function is called if the password driver finds that the password is not enrolled, + when the password is required to input. + + This function should return the action accroding to platform policy. + + @retval TRUE The caller should force the user to enroll the password. + @retval FALSE The caller may skip the password enroll. +**/ +BOOLEAN +EFIAPI +NeedEnrollPassword ( + VOID + ); + +#endif diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec index da2f84f..7050d3e 100644 --- a/SecurityPkg/SecurityPkg.dec +++ b/SecurityPkg/SecurityPkg.dec @@ -93,6 +93,10 @@ # OpalPasswordSupportLib|Include/Library/OpalPasswordSupportLib.h + ## @libraryclass Provides a platform-specific method to return password policy. + # + PlatformPasswordLib|Include/Library/PlatformPasswordLib.h + [Guids] ## Security package token space guid. # Include/Guid/SecurityPkgTokenSpace.h -- 2.7.4.windows.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
