From: Jiewen Yao <jiewen.yao@intel.com>
To: edk2-devel@lists.01.org
Cc: Qin Long <qin.long@intel.com>, Chao Zhang <chao.b.zhang@intel.com>
Subject: [PATCH V2 3/6] SecurityPkg/include: Add PlatformPasswordLib lib class.
Date: Tue, 7 Feb 2017 00:24:23 -0800 [thread overview]
Message-ID: <1486455866-7896-4-git-send-email-jiewen.yao@intel.com> (raw)
In-Reply-To: <1486455866-7896-1-git-send-email-jiewen.yao@intel.com>
This lib is to indicate if the password is cleared.
Cc: Qin Long <qin.long@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
---
SecurityPkg/Include/Library/PlatformPasswordLib.h | 54 ++++++++++++++++++++
SecurityPkg/SecurityPkg.dec | 4 ++
2 files changed, 58 insertions(+)
diff --git a/SecurityPkg/Include/Library/PlatformPasswordLib.h b/SecurityPkg/Include/Library/PlatformPasswordLib.h
new file mode 100644
index 0000000..79067d2
--- /dev/null
+++ b/SecurityPkg/Include/Library/PlatformPasswordLib.h
@@ -0,0 +1,54 @@
+/** @file
+ Provides a platform-specific method to return password policy.
+
+Copyright (c) 2017, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#ifndef __PLATFORM_PASSWORD_LIB_H__
+#define __PLATFORM_PASSWORD_LIB_H__
+
+/**
+ This function is called at password driver entrypoint.
+ This function should be called only once, to clear the password.
+
+ This function provides a way to reset the password, just in case
+ the platform owner forgets the password.
+ The platform should provide a secure way to make sure
+ only the platform owner is allowed to clear password.
+
+ Once the password is cleared, the platform should provide a way
+ to set a new password.
+
+ @retval TRUE There is a platform request to clear the password.
+ @retval FALSE There is no platform request to clear the password.
+**/
+BOOLEAN
+EFIAPI
+IsPasswordCleared (
+ VOID
+ );
+
+/**
+ This function is called if the password driver finds that the password is not enrolled,
+ when the password is required to input.
+
+ This function should return the action accroding to platform policy.
+
+ @retval TRUE The caller should force the user to enroll the password.
+ @retval FALSE The caller may skip the password enroll.
+**/
+BOOLEAN
+EFIAPI
+NeedEnrollPassword (
+ VOID
+ );
+
+#endif
diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec
index da2f84f..7050d3e 100644
--- a/SecurityPkg/SecurityPkg.dec
+++ b/SecurityPkg/SecurityPkg.dec
@@ -93,6 +93,10 @@
#
OpalPasswordSupportLib|Include/Library/OpalPasswordSupportLib.h
+ ## @libraryclass Provides a platform-specific method to return password policy.
+ #
+ PlatformPasswordLib|Include/Library/PlatformPasswordLib.h
+
[Guids]
## Security package token space guid.
# Include/Guid/SecurityPkgTokenSpace.h
--
2.7.4.windows.1
next prev parent reply other threads:[~2017-02-07 8:24 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-07 8:24 [PATCH V2 0/6] Add password support Jiewen Yao
2017-02-07 8:24 ` [PATCH V2 1/6] CryptoPkg:SmmCryptLib: Add real Pkcs5Pbkdf2.c Jiewen Yao
2017-02-09 0:37 ` Long, Qin
2017-02-07 8:24 ` [PATCH V2 2/6] SecurityPkg/dec: Add PcdPasswordCleared Jiewen Yao
2017-02-09 0:41 ` Long, Qin
2017-02-09 6:04 ` Yao, Jiewen
2017-02-07 8:24 ` Jiewen Yao [this message]
2017-02-09 0:39 ` [PATCH V2 3/6] SecurityPkg/include: Add PlatformPasswordLib lib class Long, Qin
2017-02-09 6:04 ` Yao, Jiewen
2017-02-07 8:24 ` [PATCH V2 4/6] SecurityPkg/PlatformPasswordLibNull: Add PlatformPasswordLib instance Jiewen Yao
2017-02-09 0:42 ` Long, Qin
2017-02-07 8:24 ` [PATCH V2 5/6] SecurityPkg/Password: Add Password based UserAuthentication modules Jiewen Yao
2017-02-09 0:49 ` Long, Qin
2017-02-09 1:03 ` Yao, Jiewen
2017-02-09 1:29 ` Long, Qin
2017-02-07 8:24 ` [PATCH V2 6/6] SecurityPkg/dsc: add Password authentication module Jiewen Yao
2017-02-09 0:49 ` Long, Qin
2017-02-09 1:05 ` [PATCH V2 0/6] Add password support Zhang, Chao B
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1486455866-7896-4-git-send-email-jiewen.yao@intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox