]>
Commit | Line | Data |
---|---|---|
1 | /** @file\r | |
2 | Opal Password PEI driver which is used to unlock Opal Password for S3.\r | |
3 | \r | |
4 | Copyright (c) 2016 - 2019, Intel Corporation. All rights reserved.<BR>\r | |
5 | This program and the accompanying materials\r | |
6 | are licensed and made available under the terms and conditions of the BSD License\r | |
7 | which accompanies this distribution. The full text of the license may be found at\r | |
8 | http://opensource.org/licenses/bsd-license.php\r | |
9 | \r | |
10 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r | |
11 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r | |
12 | \r | |
13 | **/\r | |
14 | \r | |
15 | #include "OpalPasswordPei.h"\r | |
16 | \r | |
17 | EFI_GUID mOpalDeviceLockBoxGuid = OPAL_DEVICE_LOCKBOX_GUID;\r | |
18 | \r | |
19 | \r | |
20 | /**\r | |
21 | Send a security protocol command to a device that receives data and/or the result\r | |
22 | of one or more commands sent by SendData.\r | |
23 | \r | |
24 | The ReceiveData function sends a security protocol command to the given MediaId.\r | |
25 | The security protocol command sent is defined by SecurityProtocolId and contains\r | |
26 | the security protocol specific data SecurityProtocolSpecificData. The function\r | |
27 | returns the data from the security protocol command in PayloadBuffer.\r | |
28 | \r | |
29 | For devices supporting the SCSI command set, the security protocol command is sent\r | |
30 | using the SECURITY PROTOCOL IN command defined in SPC-4.\r | |
31 | \r | |
32 | For devices supporting the ATA command set, the security protocol command is sent\r | |
33 | using one of the TRUSTED RECEIVE commands defined in ATA8-ACS if PayloadBufferSize\r | |
34 | is non-zero.\r | |
35 | \r | |
36 | If the PayloadBufferSize is zero, the security protocol command is sent using the\r | |
37 | Trusted Non-Data command defined in ATA8-ACS.\r | |
38 | \r | |
39 | If PayloadBufferSize is too small to store the available data from the security\r | |
40 | protocol command, the function shall copy PayloadBufferSize bytes into the\r | |
41 | PayloadBuffer and return EFI_WARN_BUFFER_TOO_SMALL.\r | |
42 | \r | |
43 | If PayloadBuffer or PayloadTransferSize is NULL and PayloadBufferSize is non-zero,\r | |
44 | the function shall return EFI_INVALID_PARAMETER.\r | |
45 | \r | |
46 | If the given MediaId does not support security protocol commands, the function shall\r | |
47 | return EFI_UNSUPPORTED. If there is no media in the device, the function returns\r | |
48 | EFI_NO_MEDIA. If the MediaId is not the ID for the current media in the device,\r | |
49 | the function returns EFI_MEDIA_CHANGED.\r | |
50 | \r | |
51 | If the security protocol fails to complete within the Timeout period, the function\r | |
52 | shall return EFI_TIMEOUT.\r | |
53 | \r | |
54 | If the security protocol command completes without an error, the function shall\r | |
55 | return EFI_SUCCESS. If the security protocol command completes with an error, the\r | |
56 | function shall return EFI_DEVICE_ERROR.\r | |
57 | \r | |
58 | @param This Indicates a pointer to the calling context.\r | |
59 | @param MediaId ID of the medium to receive data from.\r | |
60 | @param Timeout The timeout, in 100ns units, to use for the execution\r | |
61 | of the security protocol command. A Timeout value of 0\r | |
62 | means that this function will wait indefinitely for the\r | |
63 | security protocol command to execute. If Timeout is greater\r | |
64 | than zero, then this function will return EFI_TIMEOUT\r | |
65 | if the time required to execute the receive data command\r | |
66 | is greater than Timeout.\r | |
67 | @param SecurityProtocolId The value of the "Security Protocol" parameter of\r | |
68 | the security protocol command to be sent.\r | |
69 | @param SecurityProtocolSpecificData The value of the "Security Protocol Specific" parameter\r | |
70 | of the security protocol command to be sent.\r | |
71 | @param PayloadBufferSize Size in bytes of the payload data buffer.\r | |
72 | @param PayloadBuffer A pointer to a destination buffer to store the security\r | |
73 | protocol command specific payload data for the security\r | |
74 | protocol command. The caller is responsible for having\r | |
75 | either implicit or explicit ownership of the buffer.\r | |
76 | @param PayloadTransferSize A pointer to a buffer to store the size in bytes of the\r | |
77 | data written to the payload data buffer.\r | |
78 | \r | |
79 | @retval EFI_SUCCESS The security protocol command completed successfully.\r | |
80 | @retval EFI_WARN_BUFFER_TOO_SMALL The PayloadBufferSize was too small to store the available\r | |
81 | data from the device. The PayloadBuffer contains the truncated data.\r | |
82 | @retval EFI_UNSUPPORTED The given MediaId does not support security protocol commands.\r | |
83 | @retval EFI_DEVICE_ERROR The security protocol command completed with an error.\r | |
84 | @retval EFI_NO_MEDIA There is no media in the device.\r | |
85 | @retval EFI_MEDIA_CHANGED The MediaId is not for the current media.\r | |
86 | @retval EFI_INVALID_PARAMETER The PayloadBuffer or PayloadTransferSize is NULL and\r | |
87 | PayloadBufferSize is non-zero.\r | |
88 | @retval EFI_TIMEOUT A timeout occurred while waiting for the security\r | |
89 | protocol command to execute.\r | |
90 | \r | |
91 | **/\r | |
92 | EFI_STATUS\r | |
93 | EFIAPI\r | |
94 | SecurityReceiveData (\r | |
95 | IN EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *This,\r | |
96 | IN UINT32 MediaId,\r | |
97 | IN UINT64 Timeout,\r | |
98 | IN UINT8 SecurityProtocolId,\r | |
99 | IN UINT16 SecurityProtocolSpecificData,\r | |
100 | IN UINTN PayloadBufferSize,\r | |
101 | OUT VOID *PayloadBuffer,\r | |
102 | OUT UINTN *PayloadTransferSize\r | |
103 | )\r | |
104 | {\r | |
105 | OPAL_PEI_DEVICE *PeiDev;\r | |
106 | \r | |
107 | PeiDev = OPAL_PEI_DEVICE_FROM_THIS (This);\r | |
108 | if (PeiDev == NULL) {\r | |
109 | return EFI_DEVICE_ERROR;\r | |
110 | }\r | |
111 | \r | |
112 | return PeiDev->SscPpi->ReceiveData (\r | |
113 | PeiDev->SscPpi,\r | |
114 | PeiDev->DeviceIndex,\r | |
115 | SSC_PPI_GENERIC_TIMEOUT,\r | |
116 | SecurityProtocolId,\r | |
117 | SecurityProtocolSpecificData,\r | |
118 | PayloadBufferSize,\r | |
119 | PayloadBuffer,\r | |
120 | PayloadTransferSize\r | |
121 | );\r | |
122 | }\r | |
123 | \r | |
124 | /**\r | |
125 | Send a security protocol command to a device.\r | |
126 | \r | |
127 | The SendData function sends a security protocol command containing the payload\r | |
128 | PayloadBuffer to the given MediaId. The security protocol command sent is\r | |
129 | defined by SecurityProtocolId and contains the security protocol specific data\r | |
130 | SecurityProtocolSpecificData. If the underlying protocol command requires a\r | |
131 | specific padding for the command payload, the SendData function shall add padding\r | |
132 | bytes to the command payload to satisfy the padding requirements.\r | |
133 | \r | |
134 | For devices supporting the SCSI command set, the security protocol command is sent\r | |
135 | using the SECURITY PROTOCOL OUT command defined in SPC-4.\r | |
136 | \r | |
137 | For devices supporting the ATA command set, the security protocol command is sent\r | |
138 | using one of the TRUSTED SEND commands defined in ATA8-ACS if PayloadBufferSize\r | |
139 | is non-zero. If the PayloadBufferSize is zero, the security protocol command is\r | |
140 | sent using the Trusted Non-Data command defined in ATA8-ACS.\r | |
141 | \r | |
142 | If PayloadBuffer is NULL and PayloadBufferSize is non-zero, the function shall\r | |
143 | return EFI_INVALID_PARAMETER.\r | |
144 | \r | |
145 | If the given MediaId does not support security protocol commands, the function\r | |
146 | shall return EFI_UNSUPPORTED. If there is no media in the device, the function\r | |
147 | returns EFI_NO_MEDIA. If the MediaId is not the ID for the current media in the\r | |
148 | device, the function returns EFI_MEDIA_CHANGED.\r | |
149 | \r | |
150 | If the security protocol fails to complete within the Timeout period, the function\r | |
151 | shall return EFI_TIMEOUT.\r | |
152 | \r | |
153 | If the security protocol command completes without an error, the function shall return\r | |
154 | EFI_SUCCESS. If the security protocol command completes with an error, the function\r | |
155 | shall return EFI_DEVICE_ERROR.\r | |
156 | \r | |
157 | @param This Indicates a pointer to the calling context.\r | |
158 | @param MediaId ID of the medium to receive data from.\r | |
159 | @param Timeout The timeout, in 100ns units, to use for the execution\r | |
160 | of the security protocol command. A Timeout value of 0\r | |
161 | means that this function will wait indefinitely for the\r | |
162 | security protocol command to execute. If Timeout is greater\r | |
163 | than zero, then this function will return EFI_TIMEOUT\r | |
164 | if the time required to execute the send data command\r | |
165 | is greater than Timeout.\r | |
166 | @param SecurityProtocolId The value of the "Security Protocol" parameter of\r | |
167 | the security protocol command to be sent.\r | |
168 | @param SecurityProtocolSpecificData The value of the "Security Protocol Specific" parameter\r | |
169 | of the security protocol command to be sent.\r | |
170 | @param PayloadBufferSize Size in bytes of the payload data buffer.\r | |
171 | @param PayloadBuffer A pointer to a destination buffer to store the security\r | |
172 | protocol command specific payload data for the security\r | |
173 | protocol command.\r | |
174 | \r | |
175 | @retval EFI_SUCCESS The security protocol command completed successfully.\r | |
176 | @retval EFI_UNSUPPORTED The given MediaId does not support security protocol commands.\r | |
177 | @retval EFI_DEVICE_ERROR The security protocol command completed with an error.\r | |
178 | @retval EFI_NO_MEDIA There is no media in the device.\r | |
179 | @retval EFI_MEDIA_CHANGED The MediaId is not for the current media.\r | |
180 | @retval EFI_INVALID_PARAMETER The PayloadBuffer is NULL and PayloadBufferSize is non-zero.\r | |
181 | @retval EFI_TIMEOUT A timeout occurred while waiting for the security\r | |
182 | protocol command to execute.\r | |
183 | \r | |
184 | **/\r | |
185 | EFI_STATUS\r | |
186 | EFIAPI\r | |
187 | SecuritySendData (\r | |
188 | IN EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *This,\r | |
189 | IN UINT32 MediaId,\r | |
190 | IN UINT64 Timeout,\r | |
191 | IN UINT8 SecurityProtocolId,\r | |
192 | IN UINT16 SecurityProtocolSpecificData,\r | |
193 | IN UINTN PayloadBufferSize,\r | |
194 | IN VOID *PayloadBuffer\r | |
195 | )\r | |
196 | {\r | |
197 | OPAL_PEI_DEVICE *PeiDev;\r | |
198 | \r | |
199 | PeiDev = OPAL_PEI_DEVICE_FROM_THIS (This);\r | |
200 | if (PeiDev == NULL) {\r | |
201 | return EFI_DEVICE_ERROR;\r | |
202 | }\r | |
203 | \r | |
204 | return PeiDev->SscPpi->SendData (\r | |
205 | PeiDev->SscPpi,\r | |
206 | PeiDev->DeviceIndex,\r | |
207 | SSC_PPI_GENERIC_TIMEOUT,\r | |
208 | SecurityProtocolId,\r | |
209 | SecurityProtocolSpecificData,\r | |
210 | PayloadBufferSize,\r | |
211 | PayloadBuffer\r | |
212 | );\r | |
213 | }\r | |
214 | \r | |
215 | /**\r | |
216 | \r | |
217 | The function returns whether or not the device is Opal Locked.\r | |
218 | TRUE means that the device is partially or fully locked.\r | |
219 | This will perform a Level 0 Discovery and parse the locking feature descriptor\r | |
220 | \r | |
221 | @param[in] OpalDev Opal object to determine if locked.\r | |
222 | @param[out] BlockSidSupported Whether device support BlockSid feature.\r | |
223 | \r | |
224 | **/\r | |
225 | BOOLEAN\r | |
226 | IsOpalDeviceLocked(\r | |
227 | OPAL_PEI_DEVICE *OpalDev,\r | |
228 | BOOLEAN *BlockSidSupported\r | |
229 | )\r | |
230 | {\r | |
231 | OPAL_SESSION Session;\r | |
232 | OPAL_DISK_SUPPORT_ATTRIBUTE SupportedAttributes;\r | |
233 | TCG_LOCKING_FEATURE_DESCRIPTOR LockingFeature;\r | |
234 | UINT16 OpalBaseComId;\r | |
235 | TCG_RESULT Ret;\r | |
236 | \r | |
237 | Session.Sscp = &OpalDev->Sscp;\r | |
238 | Session.MediaId = 0;\r | |
239 | \r | |
240 | Ret = OpalGetSupportedAttributesInfo (&Session, &SupportedAttributes, &OpalBaseComId);\r | |
241 | if (Ret != TcgResultSuccess) {\r | |
242 | return FALSE;\r | |
243 | }\r | |
244 | \r | |
245 | Session.OpalBaseComId = OpalBaseComId;\r | |
246 | *BlockSidSupported = SupportedAttributes.BlockSid == 1 ? TRUE : FALSE;\r | |
247 | \r | |
248 | Ret = OpalGetLockingInfo(&Session, &LockingFeature);\r | |
249 | if (Ret != TcgResultSuccess) {\r | |
250 | return FALSE;\r | |
251 | }\r | |
252 | \r | |
253 | return OpalDeviceLocked (&SupportedAttributes, &LockingFeature);\r | |
254 | }\r | |
255 | \r | |
256 | /**\r | |
257 | Unlock OPAL password for S3.\r | |
258 | \r | |
259 | @param[in] OpalDev Opal object to unlock.\r | |
260 | \r | |
261 | **/\r | |
262 | VOID\r | |
263 | UnlockOpalPassword (\r | |
264 | IN OPAL_PEI_DEVICE *OpalDev\r | |
265 | )\r | |
266 | {\r | |
267 | TCG_RESULT Result;\r | |
268 | OPAL_SESSION Session;\r | |
269 | BOOLEAN BlockSidSupport;\r | |
270 | UINT32 PpStorageFlags;\r | |
271 | BOOLEAN BlockSIDEnabled;\r | |
272 | \r | |
273 | BlockSidSupport = FALSE;\r | |
274 | if (IsOpalDeviceLocked (OpalDev, &BlockSidSupport)) {\r | |
275 | ZeroMem(&Session, sizeof (Session));\r | |
276 | Session.Sscp = &OpalDev->Sscp;\r | |
277 | Session.MediaId = 0;\r | |
278 | Session.OpalBaseComId = OpalDev->Device->OpalBaseComId;\r | |
279 | \r | |
280 | Result = OpalUtilUpdateGlobalLockingRange (\r | |
281 | &Session,\r | |
282 | OpalDev->Device->Password,\r | |
283 | OpalDev->Device->PasswordLength,\r | |
284 | FALSE,\r | |
285 | FALSE\r | |
286 | );\r | |
287 | DEBUG ((\r | |
288 | DEBUG_INFO,\r | |
289 | "%a() OpalUtilUpdateGlobalLockingRange() Result = 0x%x\n",\r | |
290 | __FUNCTION__,\r | |
291 | Result\r | |
292 | ));\r | |
293 | }\r | |
294 | \r | |
295 | PpStorageFlags = Tcg2PhysicalPresenceLibGetManagementFlags ();\r | |
296 | if ((PpStorageFlags & TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_ENABLE_BLOCK_SID) != 0) {\r | |
297 | BlockSIDEnabled = TRUE;\r | |
298 | } else {\r | |
299 | BlockSIDEnabled = FALSE;\r | |
300 | }\r | |
301 | if (BlockSIDEnabled && BlockSidSupport) {\r | |
302 | DEBUG ((DEBUG_INFO, "OpalPassword: S3 phase send BlockSid command to device!\n"));\r | |
303 | ZeroMem(&Session, sizeof (Session));\r | |
304 | Session.Sscp = &OpalDev->Sscp;\r | |
305 | Session.MediaId = 0;\r | |
306 | Session.OpalBaseComId = OpalDev->Device->OpalBaseComId;\r | |
307 | Result = OpalBlockSid (&Session, TRUE);\r | |
308 | DEBUG ((\r | |
309 | DEBUG_INFO,\r | |
310 | "%a() OpalBlockSid() Result = 0x%x\n",\r | |
311 | __FUNCTION__,\r | |
312 | Result\r | |
313 | ));\r | |
314 | }\r | |
315 | }\r | |
316 | \r | |
317 | /**\r | |
318 | Unlock the OPAL NVM Express and ATA devices for S3.\r | |
319 | \r | |
320 | @param[in] SscPpi Pointer to the EDKII_PEI_STORAGE_SECURITY_CMD_PPI instance.\r | |
321 | \r | |
322 | **/\r | |
323 | VOID\r | |
324 | UnlockOpalPasswordDevices (\r | |
325 | IN EDKII_PEI_STORAGE_SECURITY_CMD_PPI *SscPpi\r | |
326 | )\r | |
327 | {\r | |
328 | EFI_STATUS Status;\r | |
329 | UINT8 *DevInfoBuffer;\r | |
330 | UINT8 DummyData;\r | |
331 | OPAL_DEVICE_LOCKBOX_DATA *DevInfo;\r | |
332 | UINTN DevInfoLength;\r | |
333 | EFI_DEVICE_PATH_PROTOCOL *SscDevicePath;\r | |
334 | UINTN SscDevicePathLength;\r | |
335 | UINTN SscDeviceNum;\r | |
336 | UINTN SscDeviceIndex;\r | |
337 | OPAL_PEI_DEVICE OpalDev;\r | |
338 | \r | |
339 | //\r | |
340 | // Get OPAL devices info from LockBox.\r | |
341 | //\r | |
342 | DevInfoBuffer = &DummyData;\r | |
343 | DevInfoLength = sizeof (DummyData);\r | |
344 | Status = RestoreLockBox (&mOpalDeviceLockBoxGuid, DevInfoBuffer, &DevInfoLength);\r | |
345 | if (Status == EFI_BUFFER_TOO_SMALL) {\r | |
346 | DevInfoBuffer = AllocatePages (EFI_SIZE_TO_PAGES (DevInfoLength));\r | |
347 | if (DevInfoBuffer != NULL) {\r | |
348 | Status = RestoreLockBox (&mOpalDeviceLockBoxGuid, DevInfoBuffer, &DevInfoLength);\r | |
349 | }\r | |
350 | }\r | |
351 | if (DevInfoBuffer == NULL || DevInfoBuffer == &DummyData) {\r | |
352 | return;\r | |
353 | } else if (EFI_ERROR (Status)) {\r | |
354 | FreePages (DevInfoBuffer, EFI_SIZE_TO_PAGES (DevInfoLength));\r | |
355 | return;\r | |
356 | }\r | |
357 | \r | |
358 | //\r | |
359 | // Go through all the devices managed by the SSC PPI instance.\r | |
360 | //\r | |
361 | Status = SscPpi->GetNumberofDevices (SscPpi, &SscDeviceNum);\r | |
362 | if (EFI_ERROR (Status)) {\r | |
363 | goto Exit;\r | |
364 | }\r | |
365 | for (SscDeviceIndex = 1; SscDeviceIndex <= SscDeviceNum; SscDeviceIndex++) {\r | |
366 | Status = SscPpi->GetDevicePath (\r | |
367 | SscPpi,\r | |
368 | SscDeviceIndex,\r | |
369 | &SscDevicePathLength,\r | |
370 | &SscDevicePath\r | |
371 | );\r | |
372 | if (SscDevicePathLength <= sizeof (EFI_DEVICE_PATH_PROTOCOL)) {\r | |
373 | //\r | |
374 | // Device path validity check.\r | |
375 | //\r | |
376 | continue;\r | |
377 | }\r | |
378 | \r | |
379 | //\r | |
380 | // Search the device in the restored LockBox.\r | |
381 | //\r | |
382 | for (DevInfo = (OPAL_DEVICE_LOCKBOX_DATA *) DevInfoBuffer;\r | |
383 | (UINTN) DevInfo < ((UINTN) DevInfoBuffer + DevInfoLength);\r | |
384 | DevInfo = (OPAL_DEVICE_LOCKBOX_DATA *) ((UINTN) DevInfo + DevInfo->Length)) {\r | |
385 | //\r | |
386 | // Find the matching device.\r | |
387 | //\r | |
388 | if ((DevInfo->DevicePathLength >= SscDevicePathLength) &&\r | |
389 | (CompareMem (\r | |
390 | DevInfo->DevicePath,\r | |
391 | SscDevicePath,\r | |
392 | SscDevicePathLength - sizeof (EFI_DEVICE_PATH_PROTOCOL)) == 0)) {\r | |
393 | OpalDev.Signature = OPAL_PEI_DEVICE_SIGNATURE;\r | |
394 | OpalDev.Sscp.ReceiveData = SecurityReceiveData;\r | |
395 | OpalDev.Sscp.SendData = SecuritySendData;\r | |
396 | OpalDev.Device = DevInfo;\r | |
397 | OpalDev.Context = NULL;\r | |
398 | OpalDev.SscPpi = SscPpi;\r | |
399 | OpalDev.DeviceIndex = SscDeviceIndex;\r | |
400 | UnlockOpalPassword (&OpalDev);\r | |
401 | break;\r | |
402 | }\r | |
403 | }\r | |
404 | }\r | |
405 | \r | |
406 | Exit:\r | |
407 | ZeroMem (DevInfoBuffer, DevInfoLength);\r | |
408 | FreePages (DevInfoBuffer, EFI_SIZE_TO_PAGES (DevInfoLength));\r | |
409 | \r | |
410 | }\r | |
411 | \r | |
412 | /**\r | |
413 | One notified function at the installation of EDKII_PEI_STORAGE_SECURITY_CMD_PPI.\r | |
414 | It is to unlock OPAL password for S3.\r | |
415 | \r | |
416 | @param[in] PeiServices Indirect reference to the PEI Services Table.\r | |
417 | @param[in] NotifyDescriptor Address of the notification descriptor data structure.\r | |
418 | @param[in] Ppi Address of the PPI that was installed.\r | |
419 | \r | |
420 | @return Status of the notification.\r | |
421 | The status code returned from this function is ignored.\r | |
422 | \r | |
423 | **/\r | |
424 | EFI_STATUS\r | |
425 | EFIAPI\r | |
426 | OpalPasswordStorageSecurityPpiNotify (\r | |
427 | IN EFI_PEI_SERVICES **PeiServices,\r | |
428 | IN EFI_PEI_NOTIFY_DESCRIPTOR *NotifyDesc,\r | |
429 | IN VOID *Ppi\r | |
430 | )\r | |
431 | {\r | |
432 | DEBUG ((DEBUG_INFO, "%a entered at S3 resume!\n", __FUNCTION__));\r | |
433 | \r | |
434 | UnlockOpalPasswordDevices ((EDKII_PEI_STORAGE_SECURITY_CMD_PPI *) Ppi);\r | |
435 | \r | |
436 | DEBUG ((DEBUG_INFO, "%a exit at S3 resume!\n", __FUNCTION__));\r | |
437 | \r | |
438 | return EFI_SUCCESS;\r | |
439 | }\r | |
440 | \r | |
441 | \r | |
442 | EFI_PEI_NOTIFY_DESCRIPTOR mOpalPasswordStorageSecurityPpiNotifyDesc = {\r | |
443 | (EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST),\r | |
444 | &gEdkiiPeiStorageSecurityCommandPpiGuid,\r | |
445 | OpalPasswordStorageSecurityPpiNotify\r | |
446 | };\r | |
447 | \r | |
448 | \r | |
449 | /**\r | |
450 | Main entry for this module.\r | |
451 | \r | |
452 | @param FileHandle Handle of the file being invoked.\r | |
453 | @param PeiServices Pointer to PEI Services table.\r | |
454 | \r | |
455 | @return Status from PeiServicesNotifyPpi.\r | |
456 | \r | |
457 | **/\r | |
458 | EFI_STATUS\r | |
459 | EFIAPI\r | |
460 | OpalPasswordPeiInit (\r | |
461 | IN EFI_PEI_FILE_HANDLE FileHandle,\r | |
462 | IN CONST EFI_PEI_SERVICES **PeiServices\r | |
463 | )\r | |
464 | {\r | |
465 | EFI_STATUS Status;\r | |
466 | EFI_BOOT_MODE BootMode;\r | |
467 | \r | |
468 | Status = PeiServicesGetBootMode (&BootMode);\r | |
469 | if ((EFI_ERROR (Status)) || (BootMode != BOOT_ON_S3_RESUME)) {\r | |
470 | return EFI_UNSUPPORTED;\r | |
471 | }\r | |
472 | \r | |
473 | DEBUG ((DEBUG_INFO, "%a: Enters in S3 path.\n", __FUNCTION__));\r | |
474 | \r | |
475 | Status = PeiServicesNotifyPpi (&mOpalPasswordStorageSecurityPpiNotifyDesc);\r | |
476 | ASSERT_EFI_ERROR (Status);\r | |
477 | return Status;\r | |
478 | }\r |