]>
Commit | Line | Data |
---|---|---|
0c18794e | 1 | /** @file\r |
2 | TCG MOR (Memory Overwrite Request) Control Driver.\r | |
3 | \r | |
d6b926e7 | 4 | This driver initialize MemoryOverwriteRequestControl variable. It\r |
495ee9b8 TF |
5 | will clear MOR_CLEAR_MEMORY_BIT bit if it is set. It will also do TPer Reset for\r |
6 | those encrypted drives through EFI_STORAGE_SECURITY_COMMAND_PROTOCOL at EndOfDxe.\r | |
0c18794e | 7 | \r |
b3548d32 | 8 | Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>\r |
289b714b | 9 | SPDX-License-Identifier: BSD-2-Clause-Patent\r |
0c18794e | 10 | \r |
11 | **/\r | |
12 | \r | |
13 | #include "TcgMor.h"\r | |
14 | \r | |
504dfa9d | 15 | UINT8 mMorControl;\r |
16 | \r | |
17 | /**\r | |
18 | Ready to Boot Event notification handler.\r | |
19 | \r | |
504dfa9d | 20 | @param[in] Event Event whose notification function is being invoked\r |
21 | @param[in] Context Pointer to the notification function's context\r | |
22 | \r | |
23 | **/\r | |
24 | VOID\r | |
25 | EFIAPI\r | |
26 | OnReadyToBoot (\r | |
27 | IN EFI_EVENT Event,\r | |
28 | IN VOID *Context\r | |
29 | )\r | |
30 | {\r | |
8a8c6c96 | 31 | EFI_STATUS Status;\r |
504dfa9d | 32 | UINTN DataSize;\r |
b3548d32 | 33 | \r |
504dfa9d | 34 | if (MOR_CLEAR_MEMORY_VALUE (mMorControl) == 0x0) {\r |
35 | //\r | |
36 | // MorControl is expected, directly return to avoid unnecessary variable operation\r | |
37 | //\r | |
38 | return ;\r | |
39 | }\r | |
40 | //\r | |
41 | // Clear MOR_CLEAR_MEMORY_BIT\r | |
42 | //\r | |
e905fbb0 | 43 | DEBUG ((DEBUG_INFO, "TcgMor: Clear MorClearMemory bit\n"));\r |
b3548d32 | 44 | mMorControl &= 0xFE;\r |
504dfa9d | 45 | \r |
46 | DataSize = sizeof (mMorControl);\r | |
8a8c6c96 | 47 | Status = gRT->SetVariable (\r |
b3548d32 LG |
48 | MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,\r |
49 | &gEfiMemoryOverwriteControlDataGuid,\r | |
8a8c6c96 | 50 | EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,\r |
b3548d32 | 51 | DataSize,\r |
8a8c6c96 DG |
52 | &mMorControl\r |
53 | );\r | |
54 | if (EFI_ERROR (Status)) {\r | |
edf8bc6d | 55 | DEBUG ((DEBUG_ERROR, "TcgMor: Clear MOR_CLEAR_MEMORY_BIT failure, Status = %r\n", Status));\r |
8a8c6c96 | 56 | }\r |
504dfa9d | 57 | }\r |
58 | \r | |
495ee9b8 TF |
59 | /**\r |
60 | Send TPer Reset command to reset eDrive to lock all protected bands.\r | |
61 | Typically, there are 2 mechanism for resetting eDrive. They are:\r | |
62 | 1. TPer Reset through IEEE 1667 protocol.\r | |
63 | 2. TPer Reset through native TCG protocol.\r | |
dd40a1f8 | 64 | This routine will detect what protocol the attached eDrive conform to, TCG or\r |
495ee9b8 TF |
65 | IEEE 1667 protocol. Then send out TPer Reset command separately.\r |
66 | \r | |
67 | @param[in] Ssp The pointer to EFI_STORAGE_SECURITY_COMMAND_PROTOCOL instance.\r | |
68 | @param[in] MediaId ID of the medium to receive data from or send data to.\r | |
69 | \r | |
70 | **/\r | |
71 | VOID\r | |
72 | InitiateTPerReset (\r | |
73 | IN EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *Ssp,\r | |
74 | IN UINT32 MediaId\r | |
75 | )\r | |
76 | {\r | |
77 | \r | |
78 | EFI_STATUS Status;\r | |
79 | UINT8 *Buffer;\r | |
80 | UINTN XferSize;\r | |
81 | UINTN Len;\r | |
82 | UINTN Index;\r | |
83 | BOOLEAN TcgFlag;\r | |
84 | BOOLEAN IeeeFlag;\r | |
85 | SUPPORTED_SECURITY_PROTOCOLS_PARAMETER_DATA *Data;\r | |
86 | \r | |
87 | Buffer = NULL;\r | |
88 | TcgFlag = FALSE;\r | |
89 | IeeeFlag = FALSE;\r | |
90 | \r | |
91 | //\r | |
92 | // ATA8-ACS 7.57.6.1 indicates the Transfer Length field requirements a multiple of 512.\r | |
93 | // If the length of the TRUSTED RECEIVE parameter data is greater than the Transfer Length,\r | |
94 | // then the device shall return the TRUSTED RECEIVE parameter data truncated to the requested Transfer Length.\r | |
95 | //\r | |
96 | Len = ROUNDUP512(sizeof(SUPPORTED_SECURITY_PROTOCOLS_PARAMETER_DATA));\r | |
97 | Buffer = AllocateZeroPool(Len);\r | |
98 | \r | |
99 | if (Buffer == NULL) {\r | |
100 | return;\r | |
101 | }\r | |
102 | \r | |
103 | //\r | |
104 | // When the Security Protocol field is set to 00h, and SP Specific is set to 0000h in a TRUSTED RECEIVE\r | |
105 | // command, the device basic information data shall be returned.\r | |
106 | //\r | |
107 | Status = Ssp->ReceiveData (\r | |
108 | Ssp,\r | |
109 | MediaId,\r | |
110 | 100000000, // Timeout 10-sec\r | |
111 | 0, // SecurityProtocol\r | |
dd40a1f8 | 112 | 0, // SecurityProtocolSpecificData\r |
495ee9b8 TF |
113 | Len, // PayloadBufferSize,\r |
114 | Buffer, // PayloadBuffer\r | |
115 | &XferSize\r | |
116 | );\r | |
117 | if (EFI_ERROR (Status)) {\r | |
118 | goto Exit;\r | |
119 | }\r | |
120 | \r | |
121 | //\r | |
122 | // In returned data, the ListLength field indicates the total length, in bytes,\r | |
123 | // of the supported security protocol list.\r | |
124 | //\r | |
125 | Data = (SUPPORTED_SECURITY_PROTOCOLS_PARAMETER_DATA*)Buffer;\r | |
126 | Len = ROUNDUP512(sizeof (SUPPORTED_SECURITY_PROTOCOLS_PARAMETER_DATA) +\r | |
127 | (Data->SupportedSecurityListLength[0] << 8) +\r | |
128 | (Data->SupportedSecurityListLength[1])\r | |
129 | );\r | |
130 | \r | |
131 | //\r | |
132 | // Free original buffer and allocate new buffer.\r | |
133 | //\r | |
134 | FreePool(Buffer);\r | |
135 | Buffer = AllocateZeroPool(Len);\r | |
136 | if (Buffer == NULL) {\r | |
137 | return;\r | |
138 | }\r | |
139 | \r | |
140 | //\r | |
141 | // Read full supported security protocol list from device.\r | |
142 | //\r | |
143 | Status = Ssp->ReceiveData (\r | |
144 | Ssp,\r | |
145 | MediaId,\r | |
146 | 100000000, // Timeout 10-sec\r | |
147 | 0, // SecurityProtocol\r | |
dd40a1f8 | 148 | 0, // SecurityProtocolSpecificData\r |
495ee9b8 TF |
149 | Len, // PayloadBufferSize,\r |
150 | Buffer, // PayloadBuffer\r | |
151 | &XferSize\r | |
152 | );\r | |
153 | \r | |
154 | if (EFI_ERROR (Status)) {\r | |
155 | goto Exit;\r | |
156 | }\r | |
157 | \r | |
158 | Data = (SUPPORTED_SECURITY_PROTOCOLS_PARAMETER_DATA*)Buffer;\r | |
159 | Len = (Data->SupportedSecurityListLength[0] << 8) + Data->SupportedSecurityListLength[1];\r | |
160 | \r | |
161 | //\r | |
162 | // Iterate full supported security protocol list to check if TCG or IEEE 1667 protocol\r | |
163 | // is supported.\r | |
164 | //\r | |
165 | for (Index = 0; Index < Len; Index++) {\r | |
166 | if (Data->SupportedSecurityProtocol[Index] == SECURITY_PROTOCOL_TCG) {\r | |
167 | //\r | |
168 | // Found a TCG device.\r | |
169 | //\r | |
170 | TcgFlag = TRUE;\r | |
e905fbb0 | 171 | DEBUG ((DEBUG_INFO, "This device is a TCG protocol device\n"));\r |
495ee9b8 TF |
172 | break;\r |
173 | }\r | |
174 | \r | |
175 | if (Data->SupportedSecurityProtocol[Index] == SECURITY_PROTOCOL_IEEE1667) {\r | |
176 | //\r | |
177 | // Found a IEEE 1667 device.\r | |
178 | //\r | |
179 | IeeeFlag = TRUE;\r | |
e905fbb0 | 180 | DEBUG ((DEBUG_INFO, "This device is a IEEE 1667 protocol device\n"));\r |
495ee9b8 TF |
181 | break;\r |
182 | }\r | |
183 | }\r | |
184 | \r | |
185 | if (!TcgFlag && !IeeeFlag) {\r | |
e905fbb0 | 186 | DEBUG ((DEBUG_INFO, "Neither a TCG nor IEEE 1667 protocol device is found\n"));\r |
495ee9b8 TF |
187 | goto Exit;\r |
188 | }\r | |
189 | \r | |
190 | if (TcgFlag) {\r | |
191 | //\r | |
192 | // As long as TCG protocol is supported, send out a TPer Reset\r | |
193 | // TCG command to the device via the TrustedSend command with a non-zero Transfer Length.\r | |
194 | //\r | |
195 | Status = Ssp->SendData (\r | |
196 | Ssp,\r | |
197 | MediaId,\r | |
198 | 100000000, // Timeout 10-sec\r | |
199 | SECURITY_PROTOCOL_TCG, // SecurityProtocol\r | |
dd40a1f8 | 200 | 0x0400, // SecurityProtocolSpecificData\r |
495ee9b8 TF |
201 | 512, // PayloadBufferSize,\r |
202 | Buffer // PayloadBuffer\r | |
203 | );\r | |
204 | \r | |
205 | if (!EFI_ERROR (Status)) {\r | |
e905fbb0 | 206 | DEBUG ((DEBUG_INFO, "Send TPer Reset Command Successfully !\n"));\r |
495ee9b8 | 207 | } else {\r |
e905fbb0 | 208 | DEBUG ((DEBUG_INFO, "Send TPer Reset Command Fail !\n"));\r |
495ee9b8 TF |
209 | }\r |
210 | }\r | |
211 | \r | |
212 | if (IeeeFlag) {\r | |
213 | //\r | |
214 | // TBD : Perform a TPer Reset via IEEE 1667 Protocol\r | |
215 | //\r | |
e905fbb0 | 216 | DEBUG ((DEBUG_INFO, "IEEE 1667 Protocol didn't support yet!\n"));\r |
495ee9b8 TF |
217 | }\r |
218 | \r | |
219 | Exit:\r | |
220 | \r | |
221 | if (Buffer != NULL) {\r | |
222 | FreePool(Buffer);\r | |
223 | }\r | |
224 | }\r | |
225 | \r | |
226 | /**\r | |
227 | Notification function of END_OF_DXE.\r | |
228 | \r | |
495ee9b8 TF |
229 | @param[in] Event Event whose notification function is being invoked.\r |
230 | @param[in] Context Pointer to the notification function's context.\r | |
231 | \r | |
232 | **/\r | |
233 | VOID\r | |
234 | EFIAPI\r | |
235 | TPerResetAtEndOfDxe (\r | |
236 | IN EFI_EVENT Event,\r | |
237 | IN VOID *Context\r | |
238 | )\r | |
239 | {\r | |
240 | EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *Ssp;\r | |
241 | EFI_BLOCK_IO_PROTOCOL *BlockIo;\r | |
242 | EFI_STATUS Status;\r | |
243 | UINTN HandleCount;\r | |
244 | EFI_HANDLE *HandleBuffer;\r | |
245 | UINTN Index;\r | |
246 | \r | |
247 | //\r | |
248 | // Locate all SSP protocol instances.\r | |
249 | //\r | |
250 | HandleCount = 0;\r | |
251 | HandleBuffer = NULL;\r | |
252 | \r | |
253 | Status = gBS->LocateHandleBuffer (\r | |
254 | ByProtocol,\r | |
255 | &gEfiStorageSecurityCommandProtocolGuid,\r | |
256 | NULL,\r | |
257 | &HandleCount,\r | |
258 | &HandleBuffer\r | |
259 | );\r | |
260 | \r | |
261 | if (EFI_ERROR (Status) || (HandleCount == 0) || (HandleBuffer == NULL)) {\r | |
262 | return;\r | |
263 | }\r | |
264 | \r | |
265 | for (Index = 0; Index < HandleCount; Index ++) {\r | |
266 | //\r | |
267 | // Get the SSP interface.\r | |
268 | //\r | |
269 | Status = gBS->HandleProtocol(\r | |
270 | HandleBuffer[Index],\r | |
271 | &gEfiStorageSecurityCommandProtocolGuid,\r | |
272 | (VOID **) &Ssp\r | |
273 | );\r | |
274 | \r | |
275 | if (EFI_ERROR (Status)) {\r | |
276 | continue;\r | |
277 | }\r | |
278 | \r | |
279 | Status = gBS->HandleProtocol(\r | |
280 | HandleBuffer[Index],\r | |
281 | &gEfiBlockIoProtocolGuid,\r | |
282 | (VOID **) &BlockIo\r | |
283 | );\r | |
284 | \r | |
285 | if (EFI_ERROR (Status)) {\r | |
286 | continue;\r | |
287 | }\r | |
288 | \r | |
289 | InitiateTPerReset (Ssp, BlockIo->Media->MediaId);\r | |
290 | }\r | |
e9dfa1b5 SZ |
291 | \r |
292 | FreePool (HandleBuffer);\r | |
495ee9b8 | 293 | }\r |
504dfa9d | 294 | \r |
0c18794e | 295 | /**\r |
296 | Entry Point for TCG MOR Control driver.\r | |
297 | \r | |
298 | @param[in] ImageHandle Image handle of this driver.\r | |
299 | @param[in] SystemTable A Pointer to the EFI System Table.\r | |
300 | \r | |
d6b926e7 | 301 | @retval EFI_SUCCESS\r |
0c18794e | 302 | @return Others Some error occurs.\r |
303 | **/\r | |
304 | EFI_STATUS\r | |
305 | EFIAPI\r | |
306 | MorDriverEntryPoint (\r | |
307 | IN EFI_HANDLE ImageHandle,\r | |
308 | IN EFI_SYSTEM_TABLE *SystemTable\r | |
309 | )\r | |
310 | {\r | |
311 | EFI_STATUS Status;\r | |
0c18794e | 312 | UINTN DataSize;\r |
504dfa9d | 313 | EFI_EVENT Event;\r |
0c18794e | 314 | \r |
315 | ///\r | |
316 | /// The firmware is required to create the MemoryOverwriteRequestControl UEFI variable.\r | |
317 | ///\r | |
318 | \r | |
504dfa9d | 319 | DataSize = sizeof (mMorControl);\r |
0c18794e | 320 | Status = gRT->GetVariable (\r |
b3548d32 LG |
321 | MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,\r |
322 | &gEfiMemoryOverwriteControlDataGuid,\r | |
323 | NULL,\r | |
324 | &DataSize,\r | |
504dfa9d | 325 | &mMorControl\r |
0c18794e | 326 | );\r |
327 | if (EFI_ERROR (Status)) {\r | |
328 | //\r | |
329 | // Set default value to 0\r | |
330 | //\r | |
504dfa9d | 331 | mMorControl = 0;\r |
504dfa9d | 332 | Status = gRT->SetVariable (\r |
b3548d32 LG |
333 | MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,\r |
334 | &gEfiMemoryOverwriteControlDataGuid,\r | |
504dfa9d | 335 | EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,\r |
b3548d32 | 336 | DataSize,\r |
504dfa9d | 337 | &mMorControl\r |
338 | );\r | |
e905fbb0 | 339 | DEBUG ((DEBUG_INFO, "TcgMor: Create MOR variable! Status = %r\n", Status));\r |
0c18794e | 340 | } else {\r |
0c18794e | 341 | //\r |
504dfa9d | 342 | // Create a Ready To Boot Event and Clear the MorControl bit in the call back function.\r |
0c18794e | 343 | //\r |
d6b926e7 | 344 | DEBUG ((DEBUG_INFO, "TcgMor: Create ReadyToBoot Event for MorControl Bit cleaning!\n"));\r |
504dfa9d | 345 | Status = EfiCreateEventReadyToBootEx (\r |
346 | TPL_CALLBACK,\r | |
347 | OnReadyToBoot,\r | |
348 | NULL,\r | |
349 | &Event\r | |
350 | );\r | |
495ee9b8 TF |
351 | if (EFI_ERROR (Status)) {\r |
352 | return Status;\r | |
353 | }\r | |
354 | \r | |
355 | //\r | |
356 | // Register EFI_END_OF_DXE_EVENT_GROUP_GUID event.\r | |
357 | //\r | |
e905fbb0 | 358 | DEBUG ((DEBUG_INFO, "TcgMor: Create EndofDxe Event for Mor TPer Reset!\n"));\r |
495ee9b8 TF |
359 | Status = gBS->CreateEventEx (\r |
360 | EVT_NOTIFY_SIGNAL,\r | |
361 | TPL_CALLBACK,\r | |
362 | TPerResetAtEndOfDxe,\r | |
363 | NULL,\r | |
364 | &gEfiEndOfDxeEventGroupGuid,\r | |
365 | &Event\r | |
366 | );\r | |
367 | if (EFI_ERROR (Status)) {\r | |
368 | return Status;\r | |
369 | }\r | |
370 | }\r | |
371 | \r | |
0c18794e | 372 | return Status;\r |
373 | }\r |