REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2443
Use the pcd PcdPhysicalPresenceUserConfirmTimeout to control the
wait time of user response.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
---
.../DxeTcg2PhysicalPresenceLib.c | 61 ++++++++++++++-----
.../DxeTcg2PhysicalPresenceLib.inf | 4 +-
2 files changed, 49 insertions(+), 16 deletions(-)
diff --git a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c
index 081605f26c..1ae19436c2 100644
--- a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c
+++ b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c
@@ -31,6 +31,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Library/Tpm2CommandLib.h>
#include <Library/Tcg2PhysicalPresenceLib.h>
#include <Library/Tcg2PpVendorLib.h>
+#include <Library/TimerLib.h>
+#include <Library/PcdLib.h>
#define CONFIRM_BUFFER_SIZE 4096
@@ -267,28 +269,57 @@ Tcg2ReadUserKey (
{
EFI_STATUS Status;
EFI_INPUT_KEY Key;
- UINT16 InputKey;
+ UINT16 ConfirmKey;
+ UINTN Interval;
+ INT64 Timeout;
- InputKey = 0;
+ //
+ // delay 100 milli-second
+ //
+ Interval = 100;
+ ConfirmKey = (CautionKey) ? SCAN_F12 : SCAN_F10;
+ Timeout = (INT64)PcdGet32 (PcdPhysicalPresenceUserConfirmTimeout);
+ if (Timeout > 0) {
+ Timeout = (INT64)MultU64x32 ((UINT64)Timeout, 1000);
+ } else {
+ //
+ // Wait forever
+ //
+ Timeout = MAX_INT64;
+ }
+
+ //
+ // Wait for user response within the time-out
+ //
do {
+ MicroSecondDelay (Interval * 1000);
+
Status = gBS->CheckEvent (gST->ConIn->WaitForKey);
if (!EFI_ERROR (Status)) {
Status = gST->ConIn->ReadKeyStroke (gST->ConIn, &Key);
- if (Key.ScanCode == SCAN_ESC) {
- InputKey = Key.ScanCode;
- }
- if ((Key.ScanCode == SCAN_F10) && !CautionKey) {
- InputKey = Key.ScanCode;
- }
- if ((Key.ScanCode == SCAN_F12) && CautionKey) {
- InputKey = Key.ScanCode;
+ if (!EFI_ERROR (Status)) {
+ if (Key.ScanCode == ConfirmKey) {
+ //
+ // User Confirmation
+ //
+ return TRUE;
+ }
+
+ if (Key.ScanCode == SCAN_ESC) {
+ //
+ // User Rejection
+ //
+ return FALSE;
+ }
+ } else if (Status == EFI_DEVICE_ERROR) {
+ //
+ // If error, assume User Rejection
+ //
+ return FALSE;
}
}
- } while (InputKey == 0);
-
- if (InputKey != SCAN_ESC) {
- return TRUE;
- }
+ Timeout -= Interval;
+ } while (Timeout > 0);
return FALSE;
}
diff --git a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf
index e1c7c20d52..afca48356e 100644
--- a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf
+++ b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf
@@ -8,7 +8,7 @@
# This driver will have external input - variable.
# This external input must be validated carefully to avoid security issue.
#
-# Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2013 - 2020, Intel Corporation. All rights reserved.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
##
@@ -50,6 +50,7 @@
HobLib
Tpm2CommandLib
Tcg2PpVendorLib
+ TimerLib
[Protocols]
gEfiTcg2ProtocolGuid ## SOMETIMES_CONSUMES
@@ -57,6 +58,7 @@
[Pcd]
gEfiSecurityPkgTokenSpaceGuid.PcdTcg2PhysicalPresenceFlags ## SOMETIMES_CONSUMES
+ gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceUserConfirmTimeout
[Guids]
## SOMETIMES_CONSUMES ## HII
--
2.21.0.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#52714): https://edk2.groups.io/g/devel/message/52714
Mute This Topic: https://groups.io/mt/69392334/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-