]>
Commit | Line | Data |
---|---|---|
0c18794e | 1 | /** @file\r |
2 | TCG MOR (Memory Overwrite Request) Control Driver.\r | |
3 | \r | |
4 | This driver initilize MemoryOverwriteRequestControl variable. It \r | |
495ee9b8 TF |
5 | will clear MOR_CLEAR_MEMORY_BIT bit if it is set. It will also do TPer Reset for\r |
6 | those encrypted drives through EFI_STORAGE_SECURITY_COMMAND_PROTOCOL at EndOfDxe.\r | |
0c18794e | 7 | \r |
495ee9b8 | 8 | Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>\r |
0c18794e | 9 | This program and the accompanying materials \r |
10 | are licensed and made available under the terms and conditions of the BSD License \r | |
11 | which accompanies this distribution. The full text of the license may be found at \r | |
12 | http://opensource.org/licenses/bsd-license.php\r | |
13 | \r | |
14 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r | |
15 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r | |
16 | \r | |
17 | **/\r | |
18 | \r | |
19 | #include "TcgMor.h"\r | |
20 | \r | |
504dfa9d | 21 | UINT8 mMorControl;\r |
22 | \r | |
23 | /**\r | |
24 | Ready to Boot Event notification handler.\r | |
25 | \r | |
26 | Sequence of OS boot events is measured in this event notification handler.\r | |
27 | \r | |
28 | @param[in] Event Event whose notification function is being invoked\r | |
29 | @param[in] Context Pointer to the notification function's context\r | |
30 | \r | |
31 | **/\r | |
32 | VOID\r | |
33 | EFIAPI\r | |
34 | OnReadyToBoot (\r | |
35 | IN EFI_EVENT Event,\r | |
36 | IN VOID *Context\r | |
37 | )\r | |
38 | {\r | |
8a8c6c96 | 39 | EFI_STATUS Status;\r |
504dfa9d | 40 | UINTN DataSize;\r |
41 | \r | |
42 | if (MOR_CLEAR_MEMORY_VALUE (mMorControl) == 0x0) {\r | |
43 | //\r | |
44 | // MorControl is expected, directly return to avoid unnecessary variable operation\r | |
45 | //\r | |
46 | return ;\r | |
47 | }\r | |
48 | //\r | |
49 | // Clear MOR_CLEAR_MEMORY_BIT\r | |
50 | //\r | |
51 | DEBUG ((EFI_D_INFO, "TcgMor: Clear MorClearMemory bit\n"));\r | |
52 | mMorControl &= 0xFE; \r | |
53 | \r | |
54 | DataSize = sizeof (mMorControl);\r | |
8a8c6c96 DG |
55 | Status = gRT->SetVariable (\r |
56 | MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME, \r | |
57 | &gEfiMemoryOverwriteControlDataGuid, \r | |
58 | EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,\r | |
59 | DataSize, \r | |
60 | &mMorControl\r | |
61 | );\r | |
62 | if (EFI_ERROR (Status)) {\r | |
63 | DEBUG ((EFI_D_ERROR, "TcgMor: Clear MOR_CLEAR_MEMORY_BIT failure, Status = %r\n"));\r | |
64 | }\r | |
504dfa9d | 65 | }\r |
66 | \r | |
495ee9b8 TF |
67 | /**\r |
68 | Send TPer Reset command to reset eDrive to lock all protected bands.\r | |
69 | Typically, there are 2 mechanism for resetting eDrive. They are:\r | |
70 | 1. TPer Reset through IEEE 1667 protocol.\r | |
71 | 2. TPer Reset through native TCG protocol.\r | |
72 | This routine will detect what protocol the attached eDrive comform to, TCG or\r | |
73 | IEEE 1667 protocol. Then send out TPer Reset command separately.\r | |
74 | \r | |
75 | @param[in] Ssp The pointer to EFI_STORAGE_SECURITY_COMMAND_PROTOCOL instance.\r | |
76 | @param[in] MediaId ID of the medium to receive data from or send data to.\r | |
77 | \r | |
78 | **/\r | |
79 | VOID\r | |
80 | InitiateTPerReset (\r | |
81 | IN EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *Ssp,\r | |
82 | IN UINT32 MediaId\r | |
83 | )\r | |
84 | {\r | |
85 | \r | |
86 | EFI_STATUS Status;\r | |
87 | UINT8 *Buffer;\r | |
88 | UINTN XferSize;\r | |
89 | UINTN Len;\r | |
90 | UINTN Index;\r | |
91 | BOOLEAN TcgFlag;\r | |
92 | BOOLEAN IeeeFlag;\r | |
93 | SUPPORTED_SECURITY_PROTOCOLS_PARAMETER_DATA *Data;\r | |
94 | \r | |
95 | Buffer = NULL;\r | |
96 | TcgFlag = FALSE;\r | |
97 | IeeeFlag = FALSE;\r | |
98 | \r | |
99 | //\r | |
100 | // ATA8-ACS 7.57.6.1 indicates the Transfer Length field requirements a multiple of 512.\r | |
101 | // If the length of the TRUSTED RECEIVE parameter data is greater than the Transfer Length,\r | |
102 | // then the device shall return the TRUSTED RECEIVE parameter data truncated to the requested Transfer Length.\r | |
103 | //\r | |
104 | Len = ROUNDUP512(sizeof(SUPPORTED_SECURITY_PROTOCOLS_PARAMETER_DATA));\r | |
105 | Buffer = AllocateZeroPool(Len);\r | |
106 | \r | |
107 | if (Buffer == NULL) {\r | |
108 | return;\r | |
109 | }\r | |
110 | \r | |
111 | //\r | |
112 | // When the Security Protocol field is set to 00h, and SP Specific is set to 0000h in a TRUSTED RECEIVE\r | |
113 | // command, the device basic information data shall be returned.\r | |
114 | //\r | |
115 | Status = Ssp->ReceiveData (\r | |
116 | Ssp,\r | |
117 | MediaId,\r | |
118 | 100000000, // Timeout 10-sec\r | |
119 | 0, // SecurityProtocol\r | |
120 | 0, // SecurityProtocolSpecifcData\r | |
121 | Len, // PayloadBufferSize,\r | |
122 | Buffer, // PayloadBuffer\r | |
123 | &XferSize\r | |
124 | );\r | |
125 | if (EFI_ERROR (Status)) {\r | |
126 | goto Exit;\r | |
127 | }\r | |
128 | \r | |
129 | //\r | |
130 | // In returned data, the ListLength field indicates the total length, in bytes,\r | |
131 | // of the supported security protocol list.\r | |
132 | //\r | |
133 | Data = (SUPPORTED_SECURITY_PROTOCOLS_PARAMETER_DATA*)Buffer;\r | |
134 | Len = ROUNDUP512(sizeof (SUPPORTED_SECURITY_PROTOCOLS_PARAMETER_DATA) +\r | |
135 | (Data->SupportedSecurityListLength[0] << 8) +\r | |
136 | (Data->SupportedSecurityListLength[1])\r | |
137 | );\r | |
138 | \r | |
139 | //\r | |
140 | // Free original buffer and allocate new buffer.\r | |
141 | //\r | |
142 | FreePool(Buffer);\r | |
143 | Buffer = AllocateZeroPool(Len);\r | |
144 | if (Buffer == NULL) {\r | |
145 | return;\r | |
146 | }\r | |
147 | \r | |
148 | //\r | |
149 | // Read full supported security protocol list from device.\r | |
150 | //\r | |
151 | Status = Ssp->ReceiveData (\r | |
152 | Ssp,\r | |
153 | MediaId,\r | |
154 | 100000000, // Timeout 10-sec\r | |
155 | 0, // SecurityProtocol\r | |
156 | 0, // SecurityProtocolSpecifcData\r | |
157 | Len, // PayloadBufferSize,\r | |
158 | Buffer, // PayloadBuffer\r | |
159 | &XferSize\r | |
160 | );\r | |
161 | \r | |
162 | if (EFI_ERROR (Status)) {\r | |
163 | goto Exit;\r | |
164 | }\r | |
165 | \r | |
166 | Data = (SUPPORTED_SECURITY_PROTOCOLS_PARAMETER_DATA*)Buffer;\r | |
167 | Len = (Data->SupportedSecurityListLength[0] << 8) + Data->SupportedSecurityListLength[1];\r | |
168 | \r | |
169 | //\r | |
170 | // Iterate full supported security protocol list to check if TCG or IEEE 1667 protocol\r | |
171 | // is supported.\r | |
172 | //\r | |
173 | for (Index = 0; Index < Len; Index++) {\r | |
174 | if (Data->SupportedSecurityProtocol[Index] == SECURITY_PROTOCOL_TCG) {\r | |
175 | //\r | |
176 | // Found a TCG device.\r | |
177 | //\r | |
178 | TcgFlag = TRUE;\r | |
179 | DEBUG ((EFI_D_INFO, "This device is a TCG protocol device\n"));\r | |
180 | break;\r | |
181 | }\r | |
182 | \r | |
183 | if (Data->SupportedSecurityProtocol[Index] == SECURITY_PROTOCOL_IEEE1667) {\r | |
184 | //\r | |
185 | // Found a IEEE 1667 device.\r | |
186 | //\r | |
187 | IeeeFlag = TRUE;\r | |
188 | DEBUG ((EFI_D_INFO, "This device is a IEEE 1667 protocol device\n"));\r | |
189 | break;\r | |
190 | }\r | |
191 | }\r | |
192 | \r | |
193 | if (!TcgFlag && !IeeeFlag) {\r | |
194 | DEBUG ((EFI_D_INFO, "Neither a TCG nor IEEE 1667 protocol device is found\n"));\r | |
195 | goto Exit;\r | |
196 | }\r | |
197 | \r | |
198 | if (TcgFlag) {\r | |
199 | //\r | |
200 | // As long as TCG protocol is supported, send out a TPer Reset\r | |
201 | // TCG command to the device via the TrustedSend command with a non-zero Transfer Length.\r | |
202 | //\r | |
203 | Status = Ssp->SendData (\r | |
204 | Ssp,\r | |
205 | MediaId,\r | |
206 | 100000000, // Timeout 10-sec\r | |
207 | SECURITY_PROTOCOL_TCG, // SecurityProtocol\r | |
208 | 0x0400, // SecurityProtocolSpecifcData\r | |
209 | 512, // PayloadBufferSize,\r | |
210 | Buffer // PayloadBuffer\r | |
211 | );\r | |
212 | \r | |
213 | if (!EFI_ERROR (Status)) {\r | |
214 | DEBUG ((EFI_D_INFO, "Send TPer Reset Command Successfully !\n"));\r | |
215 | } else {\r | |
216 | DEBUG ((EFI_D_INFO, "Send TPer Reset Command Fail !\n"));\r | |
217 | }\r | |
218 | }\r | |
219 | \r | |
220 | if (IeeeFlag) {\r | |
221 | //\r | |
222 | // TBD : Perform a TPer Reset via IEEE 1667 Protocol\r | |
223 | //\r | |
224 | DEBUG ((EFI_D_INFO, "IEEE 1667 Protocol didn't support yet!\n"));\r | |
225 | }\r | |
226 | \r | |
227 | Exit:\r | |
228 | \r | |
229 | if (Buffer != NULL) {\r | |
230 | FreePool(Buffer);\r | |
231 | }\r | |
232 | }\r | |
233 | \r | |
234 | /**\r | |
235 | Notification function of END_OF_DXE.\r | |
236 | \r | |
237 | This is a notification function registered on END_OF_DXE event.\r | |
238 | It is to get VarCheckPcdBin.\r | |
239 | \r | |
240 | @param[in] Event Event whose notification function is being invoked.\r | |
241 | @param[in] Context Pointer to the notification function's context.\r | |
242 | \r | |
243 | **/\r | |
244 | VOID\r | |
245 | EFIAPI\r | |
246 | TPerResetAtEndOfDxe (\r | |
247 | IN EFI_EVENT Event,\r | |
248 | IN VOID *Context\r | |
249 | )\r | |
250 | {\r | |
251 | EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *Ssp;\r | |
252 | EFI_BLOCK_IO_PROTOCOL *BlockIo;\r | |
253 | EFI_STATUS Status;\r | |
254 | UINTN HandleCount;\r | |
255 | EFI_HANDLE *HandleBuffer;\r | |
256 | UINTN Index;\r | |
257 | \r | |
258 | //\r | |
259 | // Locate all SSP protocol instances.\r | |
260 | //\r | |
261 | HandleCount = 0;\r | |
262 | HandleBuffer = NULL;\r | |
263 | \r | |
264 | Status = gBS->LocateHandleBuffer (\r | |
265 | ByProtocol,\r | |
266 | &gEfiStorageSecurityCommandProtocolGuid,\r | |
267 | NULL,\r | |
268 | &HandleCount,\r | |
269 | &HandleBuffer\r | |
270 | );\r | |
271 | \r | |
272 | if (EFI_ERROR (Status) || (HandleCount == 0) || (HandleBuffer == NULL)) {\r | |
273 | return;\r | |
274 | }\r | |
275 | \r | |
276 | for (Index = 0; Index < HandleCount; Index ++) {\r | |
277 | //\r | |
278 | // Get the SSP interface.\r | |
279 | //\r | |
280 | Status = gBS->HandleProtocol(\r | |
281 | HandleBuffer[Index],\r | |
282 | &gEfiStorageSecurityCommandProtocolGuid,\r | |
283 | (VOID **) &Ssp\r | |
284 | );\r | |
285 | \r | |
286 | if (EFI_ERROR (Status)) {\r | |
287 | continue;\r | |
288 | }\r | |
289 | \r | |
290 | Status = gBS->HandleProtocol(\r | |
291 | HandleBuffer[Index],\r | |
292 | &gEfiBlockIoProtocolGuid,\r | |
293 | (VOID **) &BlockIo\r | |
294 | );\r | |
295 | \r | |
296 | if (EFI_ERROR (Status)) {\r | |
297 | continue;\r | |
298 | }\r | |
299 | \r | |
300 | InitiateTPerReset (Ssp, BlockIo->Media->MediaId);\r | |
301 | }\r | |
302 | }\r | |
504dfa9d | 303 | \r |
0c18794e | 304 | /**\r |
305 | Entry Point for TCG MOR Control driver.\r | |
306 | \r | |
307 | @param[in] ImageHandle Image handle of this driver.\r | |
308 | @param[in] SystemTable A Pointer to the EFI System Table.\r | |
309 | \r | |
310 | @retval EFI_SUCEESS \r | |
311 | @return Others Some error occurs.\r | |
312 | **/\r | |
313 | EFI_STATUS\r | |
314 | EFIAPI\r | |
315 | MorDriverEntryPoint (\r | |
316 | IN EFI_HANDLE ImageHandle,\r | |
317 | IN EFI_SYSTEM_TABLE *SystemTable\r | |
318 | )\r | |
319 | {\r | |
320 | EFI_STATUS Status;\r | |
0c18794e | 321 | UINTN DataSize;\r |
504dfa9d | 322 | EFI_EVENT Event;\r |
0c18794e | 323 | \r |
324 | ///\r | |
325 | /// The firmware is required to create the MemoryOverwriteRequestControl UEFI variable.\r | |
326 | ///\r | |
327 | \r | |
504dfa9d | 328 | DataSize = sizeof (mMorControl);\r |
0c18794e | 329 | Status = gRT->GetVariable (\r |
330 | MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME, \r | |
331 | &gEfiMemoryOverwriteControlDataGuid, \r | |
332 | NULL, \r | |
333 | &DataSize, \r | |
504dfa9d | 334 | &mMorControl\r |
0c18794e | 335 | );\r |
336 | if (EFI_ERROR (Status)) {\r | |
337 | //\r | |
338 | // Set default value to 0\r | |
339 | //\r | |
504dfa9d | 340 | mMorControl = 0;\r |
504dfa9d | 341 | Status = gRT->SetVariable (\r |
342 | MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME, \r | |
343 | &gEfiMemoryOverwriteControlDataGuid, \r | |
344 | EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,\r | |
345 | DataSize, \r | |
346 | &mMorControl\r | |
347 | );\r | |
8a8c6c96 | 348 | DEBUG ((EFI_D_INFO, "TcgMor: Create MOR variable! Status = %r\n", Status));\r |
0c18794e | 349 | } else {\r |
0c18794e | 350 | //\r |
504dfa9d | 351 | // Create a Ready To Boot Event and Clear the MorControl bit in the call back function.\r |
0c18794e | 352 | //\r |
504dfa9d | 353 | DEBUG ((EFI_D_INFO, "TcgMor: Create ReadyToBoot Event for MorControl Bit cleanning!\n"));\r |
354 | Status = EfiCreateEventReadyToBootEx (\r | |
355 | TPL_CALLBACK,\r | |
356 | OnReadyToBoot,\r | |
357 | NULL,\r | |
358 | &Event\r | |
359 | );\r | |
495ee9b8 TF |
360 | if (EFI_ERROR (Status)) {\r |
361 | return Status;\r | |
362 | }\r | |
363 | \r | |
364 | //\r | |
365 | // Register EFI_END_OF_DXE_EVENT_GROUP_GUID event.\r | |
366 | //\r | |
367 | DEBUG ((EFI_D_INFO, "TcgMor: Create EndofDxe Event for Mor TPer Reset!\n"));\r | |
368 | Status = gBS->CreateEventEx (\r | |
369 | EVT_NOTIFY_SIGNAL,\r | |
370 | TPL_CALLBACK,\r | |
371 | TPerResetAtEndOfDxe,\r | |
372 | NULL,\r | |
373 | &gEfiEndOfDxeEventGroupGuid,\r | |
374 | &Event\r | |
375 | );\r | |
376 | if (EFI_ERROR (Status)) {\r | |
377 | return Status;\r | |
378 | }\r | |
379 | }\r | |
380 | \r | |
0c18794e | 381 | return Status;\r |
382 | }\r | |
383 | \r | |
384 | \r |