2 HDD password driver which is used to support HDD security feature.
4 Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
6 SPDX-License-Identifier: BSD-2-Clause-Patent
10 #include "HddPasswordDxe.h"
12 EFI_GUID mHddPasswordVendorGuid
= HDD_PASSWORD_CONFIG_GUID
;
13 CHAR16 mHddPasswordVendorStorageName
[] = L
"HDD_PASSWORD_CONFIG";
14 LIST_ENTRY mHddPasswordConfigFormList
;
15 UINT32 mNumberOfHddDevices
= 0;
17 EFI_GUID mHddPasswordDeviceInfoGuid
= HDD_PASSWORD_DEVICE_INFO_GUID
;
18 BOOLEAN mHddPasswordEndOfDxe
= FALSE
;
19 HDD_PASSWORD_REQUEST_VARIABLE
*mHddPasswordRequestVariable
= NULL
;
20 UINTN mHddPasswordRequestVariableSize
= 0;
22 HII_VENDOR_DEVICE_PATH mHddPasswordHiiVendorDevicePath
= {
28 (UINT8
) (sizeof (VENDOR_DEVICE_PATH
)),
29 (UINT8
) ((sizeof (VENDOR_DEVICE_PATH
)) >> 8)
32 HDD_PASSWORD_CONFIG_GUID
36 END_ENTIRE_DEVICE_PATH_SUBTYPE
,
38 (UINT8
) (END_DEVICE_PATH_LENGTH
),
39 (UINT8
) ((END_DEVICE_PATH_LENGTH
) >> 8)
46 Check if the password is full zero.
48 @param[in] Password Points to the data buffer
50 @retval TRUE This password string is full zero.
51 @retval FALSE This password string is not full zero.
61 for (Index
= 0; Index
< HDD_PASSWORD_MAX_LENGTH
; Index
++) {
62 if (Password
[Index
] != 0) {
73 @param[in] ConfigFormEntry Points to HDD_PASSWORD_CONFIG_FORM_ENTRY buffer
74 @param[in,out] TempDevInfo Points to HDD_PASSWORD_DEVICE_INFO buffer
79 IN HDD_PASSWORD_CONFIG_FORM_ENTRY
*ConfigFormEntry
,
80 IN OUT HDD_PASSWORD_DEVICE_INFO
*TempDevInfo
83 TempDevInfo
->Device
.Bus
= (UINT8
) ConfigFormEntry
->Bus
;
84 TempDevInfo
->Device
.Device
= (UINT8
) ConfigFormEntry
->Device
;
85 TempDevInfo
->Device
.Function
= (UINT8
) ConfigFormEntry
->Function
;
86 TempDevInfo
->Device
.Port
= ConfigFormEntry
->Port
;
87 TempDevInfo
->Device
.PortMultiplierPort
= ConfigFormEntry
->PortMultiplierPort
;
88 CopyMem (TempDevInfo
->Password
, ConfigFormEntry
->Password
, HDD_PASSWORD_MAX_LENGTH
);
89 TempDevInfo
->DevicePathLength
= (UINT32
) GetDevicePathSize (ConfigFormEntry
->DevicePath
);
90 CopyMem (TempDevInfo
->DevicePath
, ConfigFormEntry
->DevicePath
, TempDevInfo
->DevicePathLength
);
94 Build HDD password device info and save them to LockBox.
98 BuildHddPasswordDeviceInfo (
104 HDD_PASSWORD_CONFIG_FORM_ENTRY
*ConfigFormEntry
;
105 HDD_PASSWORD_DEVICE_INFO
*DevInfo
;
106 HDD_PASSWORD_DEVICE_INFO
*TempDevInfo
;
109 BOOLEAN S3InitDevicesExist
;
110 UINTN S3InitDevicesLength
;
111 EFI_DEVICE_PATH_PROTOCOL
*S3InitDevices
;
112 EFI_DEVICE_PATH_PROTOCOL
*S3InitDevicesBak
;
115 // Build HDD password device info and save them to LockBox.
118 EFI_LIST_FOR_EACH (Entry
, &mHddPasswordConfigFormList
) {
119 ConfigFormEntry
= BASE_CR (Entry
, HDD_PASSWORD_CONFIG_FORM_ENTRY
, Link
);
122 // 1. Handle device which already set password.
123 // 2. When request to send freeze comamnd, driver also needs to handle device
124 // which support security feature.
126 if ((!PasswordIsFullZero (ConfigFormEntry
->Password
)) ||
127 ((ConfigFormEntry
->IfrData
.SecurityStatus
.Supported
!= 0) &&
128 (ConfigFormEntry
->IfrData
.SecurityStatus
.Enabled
== 0))) {
129 DevInfoLength
+= sizeof (HDD_PASSWORD_DEVICE_INFO
) +
130 GetDevicePathSize (ConfigFormEntry
->DevicePath
);
134 if (DevInfoLength
== 0) {
138 S3InitDevicesLength
= sizeof (DummyData
);
139 Status
= RestoreLockBox (
140 &gS3StorageDeviceInitListGuid
,
144 ASSERT ((Status
== EFI_NOT_FOUND
) || (Status
== EFI_BUFFER_TOO_SMALL
));
145 if (Status
== EFI_NOT_FOUND
) {
146 S3InitDevices
= NULL
;
147 S3InitDevicesExist
= FALSE
;
148 } else if (Status
== EFI_BUFFER_TOO_SMALL
) {
149 S3InitDevices
= AllocatePool (S3InitDevicesLength
);
150 ASSERT (S3InitDevices
!= NULL
);
152 Status
= RestoreLockBox (
153 &gS3StorageDeviceInitListGuid
,
157 ASSERT_EFI_ERROR (Status
);
158 S3InitDevicesExist
= TRUE
;
163 DevInfo
= AllocateZeroPool (DevInfoLength
);
164 ASSERT (DevInfo
!= NULL
);
166 TempDevInfo
= DevInfo
;
167 EFI_LIST_FOR_EACH (Entry
, &mHddPasswordConfigFormList
) {
168 ConfigFormEntry
= BASE_CR (Entry
, HDD_PASSWORD_CONFIG_FORM_ENTRY
, Link
);
170 if ((!PasswordIsFullZero (ConfigFormEntry
->Password
)) ||
171 ((ConfigFormEntry
->IfrData
.SecurityStatus
.Supported
!= 0) &&
172 (ConfigFormEntry
->IfrData
.SecurityStatus
.Enabled
== 0))) {
173 SaveDeviceInfo (ConfigFormEntry
, TempDevInfo
);
175 S3InitDevicesBak
= S3InitDevices
;
176 S3InitDevices
= AppendDevicePathInstance (
178 ConfigFormEntry
->DevicePath
180 if (S3InitDevicesBak
!= NULL
) {
181 FreePool (S3InitDevicesBak
);
183 ASSERT (S3InitDevices
!= NULL
);
185 TempDevInfo
= (HDD_PASSWORD_DEVICE_INFO
*) ((UINTN
)TempDevInfo
+
186 sizeof (HDD_PASSWORD_DEVICE_INFO
) +
187 TempDevInfo
->DevicePathLength
);
191 Status
= SaveLockBox (
192 &mHddPasswordDeviceInfoGuid
,
196 ASSERT_EFI_ERROR (Status
);
198 Status
= SetLockBoxAttributes (
199 &mHddPasswordDeviceInfoGuid
,
200 LOCK_BOX_ATTRIBUTE_RESTORE_IN_S3_ONLY
202 ASSERT_EFI_ERROR (Status
);
204 S3InitDevicesLength
= GetDevicePathSize (S3InitDevices
);
205 if (S3InitDevicesExist
) {
206 Status
= UpdateLockBox (
207 &gS3StorageDeviceInitListGuid
,
212 ASSERT_EFI_ERROR (Status
);
214 Status
= SaveLockBox (
215 &gS3StorageDeviceInitListGuid
,
219 ASSERT_EFI_ERROR (Status
);
221 Status
= SetLockBoxAttributes (
222 &gS3StorageDeviceInitListGuid
,
223 LOCK_BOX_ATTRIBUTE_RESTORE_IN_S3_ONLY
225 ASSERT_EFI_ERROR (Status
);
228 ZeroMem (DevInfo
, DevInfoLength
);
230 FreePool (S3InitDevices
);
234 Send freeze lock cmd through Ata Pass Thru Protocol.
236 @param[in] AtaPassThru The pointer to the ATA_PASS_THRU protocol.
237 @param[in] Port The port number of the ATA device to send the command.
238 @param[in] PortMultiplierPort The port multiplier port number of the ATA device to send the command.
239 If there is no port multiplier, then specify 0xFFFF.
241 @retval EFI_SUCCESS Successful to send freeze lock cmd.
242 @retval EFI_INVALID_PARAMETER The parameter passed-in is invalid.
243 @retval EFI_OUT_OF_RESOURCES Not enough memory to send freeze lock cmd.
244 @retval EFI_DEVICE_ERROR Can not send freeze lock cmd.
249 IN EFI_ATA_PASS_THRU_PROTOCOL
*AtaPassThru
,
251 IN UINT16 PortMultiplierPort
255 EFI_ATA_COMMAND_BLOCK Acb
;
256 EFI_ATA_STATUS_BLOCK
*Asb
;
257 EFI_ATA_PASS_THRU_COMMAND_PACKET Packet
;
259 if (AtaPassThru
== NULL
) {
260 return EFI_INVALID_PARAMETER
;
264 // The 'Asb' field (a pointer to the EFI_ATA_STATUS_BLOCK structure) in
265 // EFI_ATA_PASS_THRU_COMMAND_PACKET is required to be aligned specified by
266 // the 'IoAlign' field in the EFI_ATA_PASS_THRU_MODE structure. Meanwhile,
267 // the structure EFI_ATA_STATUS_BLOCK is composed of only UINT8 fields, so it
268 // may not be aligned when allocated on stack for some compilers. Hence, we
269 // use the API AllocateAlignedPages to ensure this structure is properly
272 Asb
= AllocateAlignedPages (
273 EFI_SIZE_TO_PAGES (sizeof (EFI_ATA_STATUS_BLOCK
)),
274 AtaPassThru
->Mode
->IoAlign
277 return EFI_OUT_OF_RESOURCES
;
281 // Prepare for ATA command block.
283 ZeroMem (&Acb
, sizeof (Acb
));
284 ZeroMem (Asb
, sizeof (EFI_ATA_STATUS_BLOCK
));
285 Acb
.AtaCommand
= ATA_SECURITY_FREEZE_LOCK_CMD
;
286 Acb
.AtaDeviceHead
= (UINT8
) (PortMultiplierPort
== 0xFFFF ? 0 : (PortMultiplierPort
<< 4));
289 // Prepare for ATA pass through packet.
291 ZeroMem (&Packet
, sizeof (Packet
));
292 Packet
.Protocol
= EFI_ATA_PASS_THRU_PROTOCOL_ATA_NON_DATA
;
293 Packet
.Length
= EFI_ATA_PASS_THRU_LENGTH_NO_DATA_TRANSFER
;
296 Packet
.Timeout
= ATA_TIMEOUT
;
298 Status
= AtaPassThru
->PassThru (
305 if (!EFI_ERROR (Status
) &&
306 ((Asb
->AtaStatus
& ATA_STSREG_ERR
) != 0) &&
307 ((Asb
->AtaError
& ATA_ERRREG_ABRT
) != 0)) {
308 Status
= EFI_DEVICE_ERROR
;
311 FreeAlignedPages (Asb
, EFI_SIZE_TO_PAGES (sizeof (EFI_ATA_STATUS_BLOCK
)));
313 DEBUG ((DEBUG_INFO
, "%a() - %r\n", __FUNCTION__
, Status
));
318 Get attached harddisk identify data through Ata Pass Thru Protocol.
320 @param[in] AtaPassThru The pointer to the ATA_PASS_THRU protocol.
321 @param[in] Port The port number of the ATA device to send the command.
322 @param[in] PortMultiplierPort The port multiplier port number of the ATA device to send the command.
323 If there is no port multiplier, then specify 0xFFFF.
324 @param[in] IdentifyData The buffer to store identify data.
326 @retval EFI_SUCCESS Successful to get identify data.
327 @retval EFI_INVALID_PARAMETER The parameter passed-in is invalid.
328 @retval EFI_OUT_OF_RESOURCES Not enough memory to get identify data.
329 @retval EFI_DEVICE_ERROR Can not get identify data.
333 GetHddDeviceIdentifyData (
334 IN EFI_ATA_PASS_THRU_PROTOCOL
*AtaPassThru
,
336 IN UINT16 PortMultiplierPort
,
337 IN ATA_IDENTIFY_DATA
*IdentifyData
341 EFI_ATA_COMMAND_BLOCK Acb
;
342 EFI_ATA_STATUS_BLOCK
*Asb
;
343 EFI_ATA_PASS_THRU_COMMAND_PACKET Packet
;
345 if ((AtaPassThru
== NULL
) || (IdentifyData
== NULL
)) {
346 return EFI_INVALID_PARAMETER
;
350 // The 'Asb' field (a pointer to the EFI_ATA_STATUS_BLOCK structure) in
351 // EFI_ATA_PASS_THRU_COMMAND_PACKET is required to be aligned specified by
352 // the 'IoAlign' field in the EFI_ATA_PASS_THRU_MODE structure. Meanwhile,
353 // the structure EFI_ATA_STATUS_BLOCK is composed of only UINT8 fields, so it
354 // may not be aligned when allocated on stack for some compilers. Hence, we
355 // use the API AllocateAlignedPages to ensure this structure is properly
358 Asb
= AllocateAlignedPages (
359 EFI_SIZE_TO_PAGES (sizeof (EFI_ATA_STATUS_BLOCK
)),
360 AtaPassThru
->Mode
->IoAlign
363 return EFI_OUT_OF_RESOURCES
;
367 // Prepare for ATA command block.
369 ZeroMem (&Acb
, sizeof (Acb
));
370 ZeroMem (Asb
, sizeof (EFI_ATA_STATUS_BLOCK
));
371 Acb
.AtaCommand
= ATA_CMD_IDENTIFY_DRIVE
;
372 Acb
.AtaDeviceHead
= (UINT8
) (BIT7
| BIT6
| BIT5
| (PortMultiplierPort
== 0xFFFF ? 0 : (PortMultiplierPort
<< 4)));
375 // Prepare for ATA pass through packet.
377 ZeroMem (&Packet
, sizeof (Packet
));
378 Packet
.Protocol
= EFI_ATA_PASS_THRU_PROTOCOL_PIO_DATA_IN
;
379 Packet
.Length
= EFI_ATA_PASS_THRU_LENGTH_BYTES
| EFI_ATA_PASS_THRU_LENGTH_SECTOR_COUNT
;
382 Packet
.InDataBuffer
= IdentifyData
;
383 Packet
.InTransferLength
= sizeof (ATA_IDENTIFY_DATA
);
384 Packet
.Timeout
= ATA_TIMEOUT
;
386 Status
= AtaPassThru
->PassThru (
394 FreeAlignedPages (Asb
, EFI_SIZE_TO_PAGES (sizeof (EFI_ATA_STATUS_BLOCK
)));
400 Parse security status according to identify data.
402 @param[in] IdentifyData The buffer to store identify data.
403 @param[in, out] IfrData IFR data to hold security status.
407 GetHddPasswordSecurityStatus (
408 IN ATA_IDENTIFY_DATA
*IdentifyData
,
409 IN OUT HDD_PASSWORD_CONFIG
*IfrData
412 IfrData
->SecurityStatus
.Supported
= (IdentifyData
->command_set_supported_82
& BIT1
) ? 1 : 0;
413 IfrData
->SecurityStatus
.Enabled
= (IdentifyData
->security_status
& BIT1
) ? 1 : 0;
414 IfrData
->SecurityStatus
.Locked
= (IdentifyData
->security_status
& BIT2
) ? 1 : 0;
415 IfrData
->SecurityStatus
.Frozen
= (IdentifyData
->security_status
& BIT3
) ? 1 : 0;
416 IfrData
->SecurityStatus
.UserPasswordStatus
= IfrData
->SecurityStatus
.Enabled
;
417 IfrData
->SecurityStatus
.MasterPasswordStatus
= IfrData
->SecurityStatus
.Supported
;
419 DEBUG ((DEBUG_INFO
, "IfrData->SecurityStatus.Supported = %x\n", IfrData
->SecurityStatus
.Supported
));
420 DEBUG ((DEBUG_INFO
, "IfrData->SecurityStatus.Enabled = %x\n", IfrData
->SecurityStatus
.Enabled
));
421 DEBUG ((DEBUG_INFO
, "IfrData->SecurityStatus.Locked = %x\n", IfrData
->SecurityStatus
.Locked
));
422 DEBUG ((DEBUG_INFO
, "IfrData->SecurityStatus.Frozen = %x\n", IfrData
->SecurityStatus
.Frozen
));
423 DEBUG ((DEBUG_INFO
, "IfrData->SecurityStatus.UserPasswordStatus = %x\n", IfrData
->SecurityStatus
.UserPasswordStatus
));
424 DEBUG ((DEBUG_INFO
, "IfrData->SecurityStatus.MasterPasswordStatus = %x\n", IfrData
->SecurityStatus
.MasterPasswordStatus
));
428 Notification function of EFI_END_OF_DXE_EVENT_GROUP_GUID event group.
430 This is a notification function registered on EFI_END_OF_DXE_EVENT_GROUP_GUID event group.
432 @param Event Event whose notification function is being invoked.
433 @param Context Pointer to the notification function's context.
438 HddPasswordEndOfDxeEventNotify (
444 HDD_PASSWORD_CONFIG_FORM_ENTRY
*ConfigFormEntry
;
446 ATA_IDENTIFY_DATA IdentifyData
;
448 DEBUG ((DEBUG_INFO
, "%a() - enter\n", __FUNCTION__
));
450 mHddPasswordEndOfDxe
= TRUE
;
452 if (mHddPasswordRequestVariable
!= NULL
) {
454 // Free the HDD password request variable buffer here
455 // as the HDD password requests should have been processed.
457 FreePool (mHddPasswordRequestVariable
);
458 mHddPasswordRequestVariable
= NULL
;
459 mHddPasswordRequestVariableSize
= 0;
463 // If no any device, return directly.
465 if (IsListEmpty (&mHddPasswordConfigFormList
)) {
466 gBS
->CloseEvent (Event
);
470 BuildHddPasswordDeviceInfo ();
473 // Zero passsword and freeze lock device.
475 EFI_LIST_FOR_EACH (Entry
, &mHddPasswordConfigFormList
) {
476 ConfigFormEntry
= BASE_CR (Entry
, HDD_PASSWORD_CONFIG_FORM_ENTRY
, Link
);
478 ZeroMem (ConfigFormEntry
->Password
, HDD_PASSWORD_MAX_LENGTH
);
481 // Check whether need send freeze lock command.
482 // Below device will be froze:
483 // 1. Device not enable password.
484 // 2. Device enable password and unlocked.
486 if ((ConfigFormEntry
->IfrData
.SecurityStatus
.Supported
!= 0) &&
487 (ConfigFormEntry
->IfrData
.SecurityStatus
.Locked
== 0) &&
488 (ConfigFormEntry
->IfrData
.SecurityStatus
.Frozen
== 0)) {
489 Status
= FreezeLockDevice (ConfigFormEntry
->AtaPassThru
, ConfigFormEntry
->Port
, ConfigFormEntry
->PortMultiplierPort
);
490 DEBUG ((DEBUG_INFO
, "FreezeLockDevice return %r!\n", Status
));
491 Status
= GetHddDeviceIdentifyData (
492 ConfigFormEntry
->AtaPassThru
,
493 ConfigFormEntry
->Port
,
494 ConfigFormEntry
->PortMultiplierPort
,
497 GetHddPasswordSecurityStatus (&IdentifyData
, &ConfigFormEntry
->IfrData
);
501 DEBUG ((DEBUG_INFO
, "%a() - exit\n", __FUNCTION__
));
503 gBS
->CloseEvent (Event
);
509 @param[in, out] SaltValue Points to the salt buffer, 32 bytes
514 IN OUT UINT8
*SaltValue
517 RandomSeed (NULL
, 0);
518 RandomBytes (SaltValue
, PASSWORD_SALT_SIZE
);
522 Hash the data to get credential.
524 @param[in] Buffer Points to the data buffer
525 @param[in] BufferSize Buffer size
526 @param[in] SaltValue Points to the salt buffer, 32 bytes
527 @param[out] Credential Points to the hashed result
529 @retval TRUE Hash the data successfully.
530 @retval FALSE Failed to hash the data.
538 OUT UINT8
*Credential
550 HashSize
= Sha256GetContextSize ();
551 Hash
= AllocateZeroPool (HashSize
);
552 ASSERT (Hash
!= NULL
);
557 Status
= Sha256Init (Hash
);
562 HashData
= AllocateZeroPool (PASSWORD_SALT_SIZE
+ BufferSize
);
563 ASSERT (HashData
!= NULL
);
564 if (HashData
== NULL
) {
568 CopyMem (HashData
, SaltValue
, PASSWORD_SALT_SIZE
);
569 CopyMem ((UINT8
*) HashData
+ PASSWORD_SALT_SIZE
, Buffer
, BufferSize
);
571 Status
= Sha256Update (Hash
, HashData
, PASSWORD_SALT_SIZE
+ BufferSize
);
576 Status
= Sha256Final (Hash
, Credential
);
582 if (HashData
!= NULL
) {
583 ZeroMem (HashData
, PASSWORD_SALT_SIZE
+ BufferSize
);
590 Save HDD password variable that will be used to validate HDD password
591 when the device is at frozen state.
593 @param[in] ConfigFormEntry The HDD Password configuration form entry.
594 @param[in] Password The hdd password of attached ATA device.
598 SaveHddPasswordVariable (
599 IN HDD_PASSWORD_CONFIG_FORM_ENTRY
*ConfigFormEntry
,
604 HDD_PASSWORD_VARIABLE
*TempVariable
;
605 UINTN TempVariableSize
;
606 HDD_PASSWORD_VARIABLE
*NextNode
;
607 HDD_PASSWORD_VARIABLE
*Variable
;
609 HDD_PASSWORD_VARIABLE
*NewVariable
;
610 UINTN NewVariableSize
;
613 UINT8 HashData
[SHA256_DIGEST_SIZE
];
614 UINT8 SaltData
[PASSWORD_SALT_SIZE
];
616 DEBUG ((DEBUG_INFO
, "%a() - enter\n", __FUNCTION__
));
619 if (!PasswordIsFullZero (Password
)) {
621 // It is Set/Update HDD Password.
623 ZeroMem (HashData
, sizeof (HashData
));
624 ZeroMem (SaltData
, sizeof (SaltData
));
626 HashOk
= GenerateCredential ((UINT8
*) Password
, HDD_PASSWORD_MAX_LENGTH
, SaltData
, HashData
);
628 DEBUG ((DEBUG_INFO
, "GenerateCredential failed\n"));
633 // It is Disable HDD Password.
634 // Go to delete the variable node for the HDD password device.
644 Status
= GetVariable2 (
645 HDD_PASSWORD_VARIABLE_NAME
,
646 &mHddPasswordVendorGuid
,
651 if (!EFI_ERROR (Status
) && (Variable
!= NULL
)) {
652 TempVariable
= Variable
;
653 TempVariableSize
= VariableSize
;
654 while (TempVariableSize
>= sizeof (HDD_PASSWORD_VARIABLE
)) {
655 if ((TempVariable
->Device
.Bus
== ConfigFormEntry
->Bus
) &&
656 (TempVariable
->Device
.Device
== ConfigFormEntry
->Device
) &&
657 (TempVariable
->Device
.Function
== ConfigFormEntry
->Function
) &&
658 (TempVariable
->Device
.Port
== ConfigFormEntry
->Port
) &&
659 (TempVariable
->Device
.PortMultiplierPort
== ConfigFormEntry
->PortMultiplierPort
)) {
661 // Found the node for the HDD password device.
664 NextNode
= TempVariable
+ 1;
665 CopyMem (TempVariable
, NextNode
, (UINTN
) Variable
+ VariableSize
- (UINTN
) NextNode
);
666 NewVariable
= Variable
;
667 NewVariableSize
= VariableSize
- sizeof (HDD_PASSWORD_VARIABLE
);
670 TempVariableSize
-= sizeof (HDD_PASSWORD_VARIABLE
);
673 if (NewVariable
== NULL
) {
674 DEBUG ((DEBUG_INFO
, "The variable node for the HDD password device is not found\n"));
677 DEBUG ((DEBUG_INFO
, "HddPassword variable get failed (%r)\n", Status
));
680 if (!EFI_ERROR (Status
) && (Variable
!= NULL
)) {
681 TempVariable
= Variable
;
682 TempVariableSize
= VariableSize
;
683 while (TempVariableSize
>= sizeof (HDD_PASSWORD_VARIABLE
)) {
684 if ((TempVariable
->Device
.Bus
== ConfigFormEntry
->Bus
) &&
685 (TempVariable
->Device
.Device
== ConfigFormEntry
->Device
) &&
686 (TempVariable
->Device
.Function
== ConfigFormEntry
->Function
) &&
687 (TempVariable
->Device
.Port
== ConfigFormEntry
->Port
) &&
688 (TempVariable
->Device
.PortMultiplierPort
== ConfigFormEntry
->PortMultiplierPort
)) {
690 // Found the node for the HDD password device.
693 CopyMem (TempVariable
->PasswordHash
, HashData
, sizeof (HashData
));
694 CopyMem (TempVariable
->PasswordSalt
, SaltData
, sizeof (SaltData
));
695 NewVariable
= Variable
;
696 NewVariableSize
= VariableSize
;
699 TempVariableSize
-= sizeof (HDD_PASSWORD_VARIABLE
);
702 if (NewVariable
== NULL
) {
704 // The node for the HDD password device is not found.
705 // Create node for the HDD password device.
707 NewVariableSize
= VariableSize
+ sizeof (HDD_PASSWORD_VARIABLE
);
708 NewVariable
= AllocateZeroPool (NewVariableSize
);
709 ASSERT (NewVariable
!= NULL
);
710 CopyMem (NewVariable
, Variable
, VariableSize
);
711 TempVariable
= (HDD_PASSWORD_VARIABLE
*) ((UINTN
) NewVariable
+ VariableSize
);
712 TempVariable
->Device
.Bus
= (UINT8
) ConfigFormEntry
->Bus
;
713 TempVariable
->Device
.Device
= (UINT8
) ConfigFormEntry
->Device
;
714 TempVariable
->Device
.Function
= (UINT8
) ConfigFormEntry
->Function
;
715 TempVariable
->Device
.Port
= ConfigFormEntry
->Port
;
716 TempVariable
->Device
.PortMultiplierPort
= ConfigFormEntry
->PortMultiplierPort
;
717 CopyMem (TempVariable
->PasswordHash
, HashData
, sizeof (HashData
));
718 CopyMem (TempVariable
->PasswordSalt
, SaltData
, sizeof (SaltData
));
721 NewVariableSize
= sizeof (HDD_PASSWORD_VARIABLE
);
722 NewVariable
= AllocateZeroPool (NewVariableSize
);
723 ASSERT (NewVariable
!= NULL
);
724 NewVariable
->Device
.Bus
= (UINT8
) ConfigFormEntry
->Bus
;
725 NewVariable
->Device
.Device
= (UINT8
) ConfigFormEntry
->Device
;
726 NewVariable
->Device
.Function
= (UINT8
) ConfigFormEntry
->Function
;
727 NewVariable
->Device
.Port
= ConfigFormEntry
->Port
;
728 NewVariable
->Device
.PortMultiplierPort
= ConfigFormEntry
->PortMultiplierPort
;
729 CopyMem (NewVariable
->PasswordHash
, HashData
, sizeof (HashData
));
730 CopyMem (NewVariable
->PasswordSalt
, SaltData
, sizeof (SaltData
));
734 if (NewVariable
!= NULL
) {
735 Status
= gRT
->SetVariable (
736 HDD_PASSWORD_VARIABLE_NAME
,
737 &mHddPasswordVendorGuid
,
738 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
,
742 if (EFI_ERROR (Status
)) {
743 DEBUG ((DEBUG_INFO
, "HddPassword variable set failed (%r)\n", Status
));
747 if (NewVariable
!= Variable
) {
748 FreePool (NewVariable
);
750 if (Variable
!= NULL
) {
754 DEBUG ((DEBUG_INFO
, "%a() - exit\n", __FUNCTION__
));
758 Get saved HDD password variable that will be used to validate HDD password
759 when the device is at frozen state.
761 @param[in] ConfigFormEntry The HDD Password configuration form entry.
762 @param[out] HddPasswordVariable The variable node for the HDD password device.
764 @retval TRUE The variable node for the HDD password device is found and returned.
765 @retval FALSE The variable node for the HDD password device is not found.
769 GetSavedHddPasswordVariable (
770 IN HDD_PASSWORD_CONFIG_FORM_ENTRY
*ConfigFormEntry
,
771 OUT HDD_PASSWORD_VARIABLE
*HddPasswordVariable
775 HDD_PASSWORD_VARIABLE
*TempVariable
;
776 HDD_PASSWORD_VARIABLE
*Variable
;
780 DEBUG ((DEBUG_INFO
, "%a() - enter\n", __FUNCTION__
));
785 Status
= GetVariable2 (
786 HDD_PASSWORD_VARIABLE_NAME
,
787 &mHddPasswordVendorGuid
,
791 if (EFI_ERROR (Status
) || (Variable
== NULL
)) {
792 DEBUG ((DEBUG_INFO
, "HddPassword variable get failed (%r)\n", Status
));
797 TempVariable
= Variable
;
798 while (VariableSize
>= sizeof (HDD_PASSWORD_VARIABLE
)) {
799 if ((TempVariable
->Device
.Bus
== ConfigFormEntry
->Bus
) &&
800 (TempVariable
->Device
.Device
== ConfigFormEntry
->Device
) &&
801 (TempVariable
->Device
.Function
== ConfigFormEntry
->Function
) &&
802 (TempVariable
->Device
.Port
== ConfigFormEntry
->Port
) &&
803 (TempVariable
->Device
.PortMultiplierPort
== ConfigFormEntry
->PortMultiplierPort
)) {
805 // Found the node for the HDD password device.
808 CopyMem (HddPasswordVariable
, TempVariable
, sizeof (HDD_PASSWORD_VARIABLE
));
812 VariableSize
-= sizeof (HDD_PASSWORD_VARIABLE
);
819 DEBUG ((DEBUG_INFO
, "The variable node for the HDD password device is not found\n"));
822 DEBUG ((DEBUG_INFO
, "%a() - exit\n", __FUNCTION__
));
828 Use saved HDD password variable to validate HDD password
829 when the device is at frozen state.
831 @param[in] ConfigFormEntry The HDD Password configuration form entry.
832 @param[in] Password The hdd password of attached ATA device.
834 @retval EFI_SUCCESS Pass to validate the HDD password.
835 @retval EFI_NOT_FOUND The variable node for the HDD password device is not found.
836 @retval EFI_DEVICE_ERROR Failed to generate credential for the HDD password.
837 @retval EFI_INVALID_PARAMETER Failed to validate the HDD password.
841 ValidateHddPassword (
842 IN HDD_PASSWORD_CONFIG_FORM_ENTRY
*ConfigFormEntry
,
847 HDD_PASSWORD_VARIABLE HddPasswordVariable
;
849 UINT8 HashData
[SHA256_DIGEST_SIZE
];
851 DEBUG ((DEBUG_INFO
, "%a() - enter\n", __FUNCTION__
));
853 if (!GetSavedHddPasswordVariable (ConfigFormEntry
, &HddPasswordVariable
)) {
854 DEBUG ((DEBUG_INFO
, "GetSavedHddPasswordVariable failed\n"));
855 return EFI_NOT_FOUND
;
858 ZeroMem (HashData
, sizeof (HashData
));
859 HashOk
= GenerateCredential ((UINT8
*) Password
, HDD_PASSWORD_MAX_LENGTH
, HddPasswordVariable
.PasswordSalt
, HashData
);
861 DEBUG ((DEBUG_INFO
, "GenerateCredential failed\n"));
862 return EFI_DEVICE_ERROR
;
865 if (CompareMem (HddPasswordVariable
.PasswordHash
, HashData
, sizeof (HashData
)) != 0) {
866 Status
= EFI_INVALID_PARAMETER
;
868 Status
= EFI_SUCCESS
;
871 DEBUG ((DEBUG_INFO
, "%a() - exit (%r)\n", __FUNCTION__
, Status
));
876 Send unlock hdd password cmd through Ata Pass Thru Protocol.
878 @param[in] AtaPassThru The pointer to the ATA_PASS_THRU protocol.
879 @param[in] Port The port number of the ATA device to send the command.
880 @param[in] PortMultiplierPort The port multiplier port number of the ATA device to send the command.
881 If there is no port multiplier, then specify 0xFFFF.
882 @param[in] Identifier The identifier to set user or master password.
883 @param[in] Password The hdd password of attached ATA device.
885 @retval EFI_SUCCESS Successful to send unlock hdd password cmd.
886 @retval EFI_INVALID_PARAMETER The parameter passed-in is invalid.
887 @retval EFI_OUT_OF_RESOURCES Not enough memory to send unlock hdd password cmd.
888 @retval EFI_DEVICE_ERROR Can not send unlock hdd password cmd.
893 IN EFI_ATA_PASS_THRU_PROTOCOL
*AtaPassThru
,
895 IN UINT16 PortMultiplierPort
,
901 EFI_ATA_COMMAND_BLOCK Acb
;
902 EFI_ATA_STATUS_BLOCK
*Asb
;
903 EFI_ATA_PASS_THRU_COMMAND_PACKET Packet
;
904 UINT8 Buffer
[HDD_PAYLOAD
];
906 if ((AtaPassThru
== NULL
) || (Password
== NULL
)) {
907 return EFI_INVALID_PARAMETER
;
911 // The 'Asb' field (a pointer to the EFI_ATA_STATUS_BLOCK structure) in
912 // EFI_ATA_PASS_THRU_COMMAND_PACKET is required to be aligned specified by
913 // the 'IoAlign' field in the EFI_ATA_PASS_THRU_MODE structure. Meanwhile,
914 // the structure EFI_ATA_STATUS_BLOCK is composed of only UINT8 fields, so it
915 // may not be aligned when allocated on stack for some compilers. Hence, we
916 // use the API AllocateAlignedPages to ensure this structure is properly
919 Asb
= AllocateAlignedPages (
920 EFI_SIZE_TO_PAGES (sizeof (EFI_ATA_STATUS_BLOCK
)),
921 AtaPassThru
->Mode
->IoAlign
924 return EFI_OUT_OF_RESOURCES
;
928 // Prepare for ATA command block.
930 ZeroMem (&Acb
, sizeof (Acb
));
931 ZeroMem (Asb
, sizeof (EFI_ATA_STATUS_BLOCK
));
932 Acb
.AtaCommand
= ATA_SECURITY_UNLOCK_CMD
;
933 Acb
.AtaDeviceHead
= (UINT8
) (PortMultiplierPort
== 0xFFFF ? 0 : (PortMultiplierPort
<< 4));
936 // Prepare for ATA pass through packet.
938 ZeroMem (&Packet
, sizeof (Packet
));
939 Packet
.Protocol
= EFI_ATA_PASS_THRU_PROTOCOL_PIO_DATA_OUT
;
940 Packet
.Length
= EFI_ATA_PASS_THRU_LENGTH_BYTES
;
944 ((CHAR16
*) Buffer
)[0] = Identifier
& BIT0
;
945 CopyMem (&((CHAR16
*) Buffer
)[1], Password
, HDD_PASSWORD_MAX_LENGTH
);
947 Packet
.OutDataBuffer
= Buffer
;
948 Packet
.OutTransferLength
= sizeof (Buffer
);
949 Packet
.Timeout
= ATA_TIMEOUT
;
951 Status
= AtaPassThru
->PassThru (
958 if (!EFI_ERROR (Status
) &&
959 ((Asb
->AtaStatus
& ATA_STSREG_ERR
) != 0) &&
960 ((Asb
->AtaError
& ATA_ERRREG_ABRT
) != 0)) {
961 Status
= EFI_DEVICE_ERROR
;
964 FreeAlignedPages (Asb
, EFI_SIZE_TO_PAGES (sizeof (EFI_ATA_STATUS_BLOCK
)));
966 ZeroMem (Buffer
, sizeof (Buffer
));
968 DEBUG ((DEBUG_INFO
, "%a() - %r\n", __FUNCTION__
, Status
));
973 Send disable hdd password cmd through Ata Pass Thru Protocol.
975 @param[in] AtaPassThru The pointer to the ATA_PASS_THRU protocol.
976 @param[in] Port The port number of the ATA device to send the command.
977 @param[in] PortMultiplierPort The port multiplier port number of the ATA device to send the command.
978 If there is no port multiplier, then specify 0xFFFF.
979 @param[in] Identifier The identifier to set user or master password.
980 @param[in] Password The hdd password of attached ATA device.
982 @retval EFI_SUCCESS Successful to disable hdd password cmd.
983 @retval EFI_INVALID_PARAMETER The parameter passed-in is invalid.
984 @retval EFI_OUT_OF_RESOURCES Not enough memory to disable hdd password cmd.
985 @retval EFI_DEVICE_ERROR Can not disable hdd password cmd.
990 IN EFI_ATA_PASS_THRU_PROTOCOL
*AtaPassThru
,
992 IN UINT16 PortMultiplierPort
,
998 EFI_ATA_COMMAND_BLOCK Acb
;
999 EFI_ATA_STATUS_BLOCK
*Asb
;
1000 EFI_ATA_PASS_THRU_COMMAND_PACKET Packet
;
1001 UINT8 Buffer
[HDD_PAYLOAD
];
1003 if ((AtaPassThru
== NULL
) || (Password
== NULL
)) {
1004 return EFI_INVALID_PARAMETER
;
1008 // The 'Asb' field (a pointer to the EFI_ATA_STATUS_BLOCK structure) in
1009 // EFI_ATA_PASS_THRU_COMMAND_PACKET is required to be aligned specified by
1010 // the 'IoAlign' field in the EFI_ATA_PASS_THRU_MODE structure. Meanwhile,
1011 // the structure EFI_ATA_STATUS_BLOCK is composed of only UINT8 fields, so it
1012 // may not be aligned when allocated on stack for some compilers. Hence, we
1013 // use the API AllocateAlignedPages to ensure this structure is properly
1016 Asb
= AllocateAlignedPages (
1017 EFI_SIZE_TO_PAGES (sizeof (EFI_ATA_STATUS_BLOCK
)),
1018 AtaPassThru
->Mode
->IoAlign
1021 return EFI_OUT_OF_RESOURCES
;
1025 // Prepare for ATA command block.
1027 ZeroMem (&Acb
, sizeof (Acb
));
1028 ZeroMem (Asb
, sizeof (EFI_ATA_STATUS_BLOCK
));
1029 Acb
.AtaCommand
= ATA_SECURITY_DIS_PASSWORD_CMD
;
1030 Acb
.AtaDeviceHead
= (UINT8
) (PortMultiplierPort
== 0xFFFF ? 0 : (PortMultiplierPort
<< 4));
1033 // Prepare for ATA pass through packet.
1035 ZeroMem (&Packet
, sizeof (Packet
));
1036 Packet
.Protocol
= EFI_ATA_PASS_THRU_PROTOCOL_PIO_DATA_OUT
;
1037 Packet
.Length
= EFI_ATA_PASS_THRU_LENGTH_BYTES
;
1041 ((CHAR16
*) Buffer
)[0] = Identifier
& BIT0
;
1042 CopyMem (&((CHAR16
*) Buffer
)[1], Password
, HDD_PASSWORD_MAX_LENGTH
);
1044 Packet
.OutDataBuffer
= Buffer
;
1045 Packet
.OutTransferLength
= sizeof (Buffer
);
1046 Packet
.Timeout
= ATA_TIMEOUT
;
1048 Status
= AtaPassThru
->PassThru (
1055 if (!EFI_ERROR (Status
) &&
1056 ((Asb
->AtaStatus
& ATA_STSREG_ERR
) != 0) &&
1057 ((Asb
->AtaError
& ATA_ERRREG_ABRT
) != 0)) {
1058 Status
= EFI_DEVICE_ERROR
;
1061 FreeAlignedPages (Asb
, EFI_SIZE_TO_PAGES (sizeof (EFI_ATA_STATUS_BLOCK
)));
1063 ZeroMem (Buffer
, sizeof (Buffer
));
1065 DEBUG ((DEBUG_INFO
, "%a() - %r\n", __FUNCTION__
, Status
));
1070 Send set hdd password cmd through Ata Pass Thru Protocol.
1072 @param[in] AtaPassThru The pointer to the ATA_PASS_THRU protocol.
1073 @param[in] Port The port number of the ATA device to send the command.
1074 @param[in] PortMultiplierPort The port multiplier port number of the ATA device to send the command.
1075 If there is no port multiplier, then specify 0xFFFF.
1076 @param[in] Identifier The identifier to set user or master password.
1077 @param[in] SecurityLevel The security level to be set to device.
1078 @param[in] MasterPasswordIdentifier The master password identifier to be set to device.
1079 @param[in] Password The hdd password of attached ATA device.
1081 @retval EFI_SUCCESS Successful to set hdd password cmd.
1082 @retval EFI_INVALID_PARAMETER The parameter passed-in is invalid.
1083 @retval EFI_OUT_OF_RESOURCES Not enough memory to set hdd password cmd.
1084 @retval EFI_DEVICE_ERROR Can not set hdd password cmd.
1089 IN EFI_ATA_PASS_THRU_PROTOCOL
*AtaPassThru
,
1091 IN UINT16 PortMultiplierPort
,
1092 IN CHAR8 Identifier
,
1093 IN CHAR8 SecurityLevel
,
1094 IN CHAR16 MasterPasswordIdentifier
,
1099 EFI_ATA_COMMAND_BLOCK Acb
;
1100 EFI_ATA_STATUS_BLOCK
*Asb
;
1101 EFI_ATA_PASS_THRU_COMMAND_PACKET Packet
;
1102 UINT8 Buffer
[HDD_PAYLOAD
];
1104 if ((AtaPassThru
== NULL
) || (Password
== NULL
)) {
1105 return EFI_INVALID_PARAMETER
;
1109 // The 'Asb' field (a pointer to the EFI_ATA_STATUS_BLOCK structure) in
1110 // EFI_ATA_PASS_THRU_COMMAND_PACKET is required to be aligned specified by
1111 // the 'IoAlign' field in the EFI_ATA_PASS_THRU_MODE structure. Meanwhile,
1112 // the structure EFI_ATA_STATUS_BLOCK is composed of only UINT8 fields, so it
1113 // may not be aligned when allocated on stack for some compilers. Hence, we
1114 // use the API AllocateAlignedPages to ensure this structure is properly
1117 Asb
= AllocateAlignedPages (
1118 EFI_SIZE_TO_PAGES (sizeof (EFI_ATA_STATUS_BLOCK
)),
1119 AtaPassThru
->Mode
->IoAlign
1122 return EFI_OUT_OF_RESOURCES
;
1126 // Prepare for ATA command block.
1128 ZeroMem (&Acb
, sizeof (Acb
));
1129 ZeroMem (Asb
, sizeof (EFI_ATA_STATUS_BLOCK
));
1130 Acb
.AtaCommand
= ATA_SECURITY_SET_PASSWORD_CMD
;
1131 Acb
.AtaDeviceHead
= (UINT8
) (PortMultiplierPort
== 0xFFFF ? 0 : (PortMultiplierPort
<< 4));
1134 // Prepare for ATA pass through packet.
1136 ZeroMem (&Packet
, sizeof (Packet
));
1137 Packet
.Protocol
= EFI_ATA_PASS_THRU_PROTOCOL_PIO_DATA_OUT
;
1138 Packet
.Length
= EFI_ATA_PASS_THRU_LENGTH_BYTES
;
1142 ((CHAR16
*) Buffer
)[0] = (Identifier
| (UINT16
)(SecurityLevel
<< 8)) & (BIT0
| BIT8
);
1143 CopyMem (&((CHAR16
*) Buffer
)[1], Password
, HDD_PASSWORD_MAX_LENGTH
);
1144 if ((Identifier
& BIT0
) != 0) {
1145 ((CHAR16
*) Buffer
)[17] = MasterPasswordIdentifier
;
1148 Packet
.OutDataBuffer
= Buffer
;
1149 Packet
.OutTransferLength
= sizeof (Buffer
);
1150 Packet
.Timeout
= ATA_TIMEOUT
;
1152 Status
= AtaPassThru
->PassThru (
1159 if (!EFI_ERROR (Status
) &&
1160 ((Asb
->AtaStatus
& ATA_STSREG_ERR
) != 0) &&
1161 ((Asb
->AtaError
& ATA_ERRREG_ABRT
) != 0)) {
1162 Status
= EFI_DEVICE_ERROR
;
1165 FreeAlignedPages (Asb
, EFI_SIZE_TO_PAGES (sizeof (EFI_ATA_STATUS_BLOCK
)));
1167 ZeroMem (Buffer
, sizeof (Buffer
));
1169 DEBUG ((DEBUG_INFO
, "%a() - %r\n", __FUNCTION__
, Status
));
1174 Get attached harddisk model number from identify data buffer.
1176 @param[in] IdentifyData Pointer to identify data buffer.
1177 @param[in, out] String The buffer to store harddisk model number.
1181 GetHddDeviceModelNumber (
1182 IN ATA_IDENTIFY_DATA
*IdentifyData
,
1183 IN OUT CHAR16
*String
1189 // Swap the byte order in the original module name.
1190 // From Ata spec, the maximum length is 40 bytes.
1192 for (Index
= 0; Index
< 40; Index
+= 2) {
1193 String
[Index
] = IdentifyData
->ModelName
[Index
+ 1];
1194 String
[Index
+ 1] = IdentifyData
->ModelName
[Index
];
1198 // Chap it off after 20 characters
1206 Get password input from the popup windows.
1208 @param[in] PopUpString1 Pop up string 1.
1209 @param[in] PopUpString2 Pop up string 2.
1210 @param[in, out] Password The buffer to hold the input password.
1212 @retval EFI_ABORTED It is given up by pressing 'ESC' key.
1213 @retval EFI_SUCCESS Get password input successfully.
1217 PopupHddPasswordInputWindows (
1218 IN CHAR16
*PopUpString1
,
1219 IN CHAR16
*PopUpString2
,
1220 IN OUT CHAR8
*Password
1225 CHAR16 Mask
[HDD_PASSWORD_MAX_LENGTH
+ 1];
1226 CHAR16 Unicode
[HDD_PASSWORD_MAX_LENGTH
+ 1];
1227 CHAR8 Ascii
[HDD_PASSWORD_MAX_LENGTH
+ 1];
1229 ZeroMem (Unicode
, sizeof (Unicode
));
1230 ZeroMem (Ascii
, sizeof (Ascii
));
1231 ZeroMem (Mask
, sizeof (Mask
));
1233 gST
->ConOut
->ClearScreen(gST
->ConOut
);
1237 Mask
[Length
] = L
'_';
1238 if (PopUpString2
== NULL
) {
1240 EFI_LIGHTGRAY
| EFI_BACKGROUND_BLUE
,
1243 L
"---------------------",
1249 EFI_LIGHTGRAY
| EFI_BACKGROUND_BLUE
,
1253 L
"---------------------",
1261 if (Key
.ScanCode
== SCAN_NULL
) {
1262 if (Key
.UnicodeChar
== CHAR_CARRIAGE_RETURN
) {
1264 // Add the null terminator.
1266 Unicode
[Length
] = 0;
1268 } else if ((Key
.UnicodeChar
== CHAR_NULL
) ||
1269 (Key
.UnicodeChar
== CHAR_TAB
) ||
1270 (Key
.UnicodeChar
== CHAR_LINEFEED
)
1274 if (Key
.UnicodeChar
== CHAR_BACKSPACE
) {
1276 Unicode
[Length
] = 0;
1281 Unicode
[Length
] = Key
.UnicodeChar
;
1282 Mask
[Length
] = L
'*';
1284 if (Length
== HDD_PASSWORD_MAX_LENGTH
) {
1286 // Add the null terminator.
1288 Unicode
[Length
] = 0;
1296 if (Key
.ScanCode
== SCAN_ESC
) {
1297 ZeroMem (Unicode
, sizeof (Unicode
));
1298 ZeroMem (Ascii
, sizeof (Ascii
));
1299 gST
->ConOut
->ClearScreen(gST
->ConOut
);
1304 UnicodeStrToAsciiStrS (Unicode
, Ascii
, sizeof (Ascii
));
1305 CopyMem (Password
, Ascii
, HDD_PASSWORD_MAX_LENGTH
);
1306 ZeroMem (Unicode
, sizeof (Unicode
));
1307 ZeroMem (Ascii
, sizeof (Ascii
));
1309 gST
->ConOut
->ClearScreen(gST
->ConOut
);
1314 Check if disk is locked, show popup window and ask for password if it is.
1316 @param[in] AtaPassThru Pointer to ATA_PASSTHRU instance.
1317 @param[in] Port The port number of attached ATA device.
1318 @param[in] PortMultiplierPort The port number of port multiplier of attached ATA device.
1319 @param[in] ConfigFormEntry The HDD Password configuration form entry.
1323 HddPasswordRequestPassword (
1324 IN EFI_ATA_PASS_THRU_PROTOCOL
*AtaPassThru
,
1326 IN UINT16 PortMultiplierPort
,
1327 IN HDD_PASSWORD_CONFIG_FORM_ENTRY
*ConfigFormEntry
1331 CHAR16 PopUpString
[100];
1332 ATA_IDENTIFY_DATA IdentifyData
;
1335 CHAR8 Password
[HDD_PASSWORD_MAX_LENGTH
];
1339 DEBUG ((DEBUG_INFO
, "%a()\n", __FUNCTION__
));
1341 UnicodeSPrint (PopUpString
, sizeof (PopUpString
), L
"Unlock: %s", ConfigFormEntry
->HddString
);
1344 // Check the device security status.
1346 if ((ConfigFormEntry
->IfrData
.SecurityStatus
.Supported
) &&
1347 (ConfigFormEntry
->IfrData
.SecurityStatus
.Enabled
)) {
1350 // Add PcdSkipHddPasswordPrompt to determin whether to skip password prompt.
1351 // Due to board design, device may not power off during system warm boot, which result in
1352 // security status remain unlocked status, hence we add device security status check here.
1354 // If device is in the locked status, device keeps locked and system continues booting.
1355 // If device is in the unlocked status, system is forced shutdown for security concern.
1357 if (PcdGetBool (PcdSkipHddPasswordPrompt
)) {
1358 if (ConfigFormEntry
->IfrData
.SecurityStatus
.Locked
) {
1361 gRT
->ResetSystem (EfiResetShutdown
, EFI_SUCCESS
, 0, NULL
);
1365 // As soon as the HDD password is in enabled state, we pop up a window to unlock hdd
1366 // no matter it's really in locked or unlocked state.
1367 // This way forces user to enter password every time to provide best safety.
1370 Status
= PopupHddPasswordInputWindows (PopUpString
, NULL
, Password
);
1371 if (!EFI_ERROR (Status
)) {
1373 // The HDD is in locked state, unlock it by user input.
1375 if (!PasswordIsFullZero (Password
)) {
1376 if (!ConfigFormEntry
->IfrData
.SecurityStatus
.Frozen
) {
1377 Status
= UnlockHddPassword (AtaPassThru
, Port
, PortMultiplierPort
, 0, Password
);
1380 // Use saved HDD password variable to validate HDD password
1381 // when the device is at frozen state.
1383 Status
= ValidateHddPassword (ConfigFormEntry
, Password
);
1386 Status
= EFI_INVALID_PARAMETER
;
1388 if (!EFI_ERROR (Status
)) {
1389 CopyMem (ConfigFormEntry
->Password
, Password
, HDD_PASSWORD_MAX_LENGTH
);
1390 if (!ConfigFormEntry
->IfrData
.SecurityStatus
.Frozen
) {
1391 SaveHddPasswordVariable (ConfigFormEntry
, Password
);
1393 ZeroMem (Password
, HDD_PASSWORD_MAX_LENGTH
);
1394 Status
= GetHddDeviceIdentifyData (AtaPassThru
, Port
, PortMultiplierPort
, &IdentifyData
);
1395 ASSERT_EFI_ERROR (Status
);
1398 // Check the device security status again.
1400 GetHddPasswordSecurityStatus (&IdentifyData
, &ConfigFormEntry
->IfrData
);
1404 ZeroMem (Password
, HDD_PASSWORD_MAX_LENGTH
);
1406 if (EFI_ERROR (Status
)) {
1408 if (RetryCount
< MAX_HDD_PASSWORD_RETRY_COUNT
) {
1411 EFI_LIGHTGRAY
| EFI_BACKGROUND_BLUE
,
1413 L
"Invalid password.",
1414 L
"Press ENTER to retry",
1417 } while (Key
.UnicodeChar
!= CHAR_CARRIAGE_RETURN
);
1422 EFI_LIGHTGRAY
| EFI_BACKGROUND_BLUE
,
1424 L
"Hdd password retry count is expired. Please shutdown the machine.",
1425 L
"Press ENTER to shutdown",
1428 } while (Key
.UnicodeChar
!= CHAR_CARRIAGE_RETURN
);
1429 gRT
->ResetSystem (EfiResetShutdown
, EFI_SUCCESS
, 0, NULL
);
1433 } else if (Status
== EFI_ABORTED
) {
1434 if (ConfigFormEntry
->IfrData
.SecurityStatus
.Locked
) {
1436 // Current device in the lock status and
1437 // User not input password and press ESC,
1438 // keep device in lock status and continue boot.
1442 EFI_LIGHTGRAY
| EFI_BACKGROUND_BLUE
,
1444 L
"Press ENTER to skip the request and continue boot,",
1445 L
"Press ESC to input password again",
1448 } while ((Key
.ScanCode
!= SCAN_ESC
) && (Key
.UnicodeChar
!= CHAR_CARRIAGE_RETURN
));
1450 if (Key
.UnicodeChar
== CHAR_CARRIAGE_RETURN
) {
1451 gST
->ConOut
->ClearScreen(gST
->ConOut
);
1453 // Keep lock and continue boot.
1458 // Let user input password again.
1464 // Current device in the unlock status and
1465 // User not input password and press ESC,
1466 // Shutdown the device.
1470 EFI_LIGHTGRAY
| EFI_BACKGROUND_BLUE
,
1472 L
"Press ENTER to shutdown, Press ESC to input password again",
1475 } while ((Key
.ScanCode
!= SCAN_ESC
) && (Key
.UnicodeChar
!= CHAR_CARRIAGE_RETURN
));
1477 if (Key
.UnicodeChar
== CHAR_CARRIAGE_RETURN
) {
1478 gRT
->ResetSystem (EfiResetShutdown
, EFI_SUCCESS
, 0, NULL
);
1481 // Let user input password again.
1492 Process Set User Pwd HDD password request.
1494 @param[in] AtaPassThru Pointer to ATA_PASSTHRU instance.
1495 @param[in] Port The port number of attached ATA device.
1496 @param[in] PortMultiplierPort The port number of port multiplier of attached ATA device.
1497 @param[in] ConfigFormEntry The HDD Password configuration form entry.
1501 ProcessHddPasswordRequestSetUserPwd (
1502 IN EFI_ATA_PASS_THRU_PROTOCOL
*AtaPassThru
,
1504 IN UINT16 PortMultiplierPort
,
1505 IN HDD_PASSWORD_CONFIG_FORM_ENTRY
*ConfigFormEntry
1509 CHAR16 PopUpString
[100];
1510 ATA_IDENTIFY_DATA IdentifyData
;
1513 CHAR8 Password
[HDD_PASSWORD_MAX_LENGTH
];
1514 CHAR8 PasswordConfirm
[HDD_PASSWORD_MAX_LENGTH
];
1518 DEBUG ((DEBUG_INFO
, "%a()\n", __FUNCTION__
));
1520 if (ConfigFormEntry
->IfrData
.SecurityStatus
.Frozen
) {
1521 DEBUG ((DEBUG_INFO
, "%s is frozen, do nothing\n", ConfigFormEntry
->HddString
));
1525 if (ConfigFormEntry
->IfrData
.SecurityStatus
.Locked
) {
1526 DEBUG ((DEBUG_INFO
, "%s is locked, do nothing\n", ConfigFormEntry
->HddString
));
1530 UnicodeSPrint (PopUpString
, sizeof (PopUpString
), L
"Set User Pwd: %s", ConfigFormEntry
->HddString
);
1533 // Check the device security status.
1535 if (ConfigFormEntry
->IfrData
.SecurityStatus
.Supported
) {
1537 Status
= PopupHddPasswordInputWindows (PopUpString
, L
"Please type in your new password", Password
);
1538 if (!EFI_ERROR (Status
)) {
1539 Status
= PopupHddPasswordInputWindows (PopUpString
, L
"Please confirm your new password", PasswordConfirm
);
1540 if (!EFI_ERROR (Status
)) {
1541 if (CompareMem (Password
, PasswordConfirm
, HDD_PASSWORD_MAX_LENGTH
) == 0) {
1542 if (!PasswordIsFullZero (Password
)) {
1543 Status
= SetHddPassword (AtaPassThru
, Port
, PortMultiplierPort
, 0, 1, 0, Password
);
1545 if (ConfigFormEntry
->IfrData
.SecurityStatus
.Enabled
) {
1546 Status
= DisableHddPassword (AtaPassThru
, Port
, PortMultiplierPort
, 0, ConfigFormEntry
->Password
);
1548 Status
= EFI_INVALID_PARAMETER
;
1551 if (!EFI_ERROR (Status
)) {
1552 CopyMem (ConfigFormEntry
->Password
, Password
, HDD_PASSWORD_MAX_LENGTH
);
1553 SaveHddPasswordVariable (ConfigFormEntry
, Password
);
1554 ZeroMem (Password
, HDD_PASSWORD_MAX_LENGTH
);
1555 ZeroMem (PasswordConfirm
, HDD_PASSWORD_MAX_LENGTH
);
1556 Status
= GetHddDeviceIdentifyData (AtaPassThru
, Port
, PortMultiplierPort
, &IdentifyData
);
1557 ASSERT_EFI_ERROR (Status
);
1560 // Check the device security status again.
1562 GetHddPasswordSecurityStatus (&IdentifyData
, &ConfigFormEntry
->IfrData
);
1567 EFI_LIGHTGRAY
| EFI_BACKGROUND_BLUE
,
1569 L
"Set/Disable User Pwd failed or invalid password.",
1570 L
"Press ENTER to retry",
1573 } while (Key
.UnicodeChar
!= CHAR_CARRIAGE_RETURN
);
1578 EFI_LIGHTGRAY
| EFI_BACKGROUND_BLUE
,
1580 L
"Passwords are not the same.",
1581 L
"Press ENTER to retry",
1584 } while (Key
.UnicodeChar
!= CHAR_CARRIAGE_RETURN
);
1585 Status
= EFI_INVALID_PARAMETER
;
1589 ZeroMem (Password
, HDD_PASSWORD_MAX_LENGTH
);
1590 ZeroMem (PasswordConfirm
, HDD_PASSWORD_MAX_LENGTH
);
1592 if (EFI_ERROR (Status
)) {
1594 if (RetryCount
>= MAX_HDD_PASSWORD_RETRY_COUNT
) {
1597 EFI_LIGHTGRAY
| EFI_BACKGROUND_BLUE
,
1599 L
"Hdd password retry count is expired.",
1600 L
"Press ENTER to skip the request and continue boot",
1603 } while (Key
.UnicodeChar
!= CHAR_CARRIAGE_RETURN
);
1604 gST
->ConOut
->ClearScreen(gST
->ConOut
);
1608 } else if (Status
== EFI_ABORTED
) {
1611 EFI_LIGHTGRAY
| EFI_BACKGROUND_BLUE
,
1613 L
"Press ENTER to skip the request and continue boot,",
1614 L
"Press ESC to input password again",
1617 } while ((Key
.ScanCode
!= SCAN_ESC
) && (Key
.UnicodeChar
!= CHAR_CARRIAGE_RETURN
));
1619 if (Key
.UnicodeChar
== CHAR_CARRIAGE_RETURN
) {
1620 gST
->ConOut
->ClearScreen(gST
->ConOut
);
1624 // Let user input password again.
1634 Process Set Master Pwd HDD password request.
1636 @param[in] AtaPassThru Pointer to ATA_PASSTHRU instance.
1637 @param[in] Port The port number of attached ATA device.
1638 @param[in] PortMultiplierPort The port number of port multiplier of attached ATA device.
1639 @param[in] ConfigFormEntry The HDD Password configuration form entry.
1643 ProcessHddPasswordRequestSetMasterPwd (
1644 IN EFI_ATA_PASS_THRU_PROTOCOL
*AtaPassThru
,
1646 IN UINT16 PortMultiplierPort
,
1647 IN HDD_PASSWORD_CONFIG_FORM_ENTRY
*ConfigFormEntry
1651 CHAR16 PopUpString
[100];
1654 CHAR8 Password
[HDD_PASSWORD_MAX_LENGTH
];
1655 CHAR8 PasswordConfirm
[HDD_PASSWORD_MAX_LENGTH
];
1659 DEBUG ((DEBUG_INFO
, "%a()\n", __FUNCTION__
));
1661 if (ConfigFormEntry
->IfrData
.SecurityStatus
.Frozen
) {
1662 DEBUG ((DEBUG_INFO
, "%s is frozen, do nothing\n", ConfigFormEntry
->HddString
));
1666 if (ConfigFormEntry
->IfrData
.SecurityStatus
.Locked
) {
1667 DEBUG ((DEBUG_INFO
, "%s is locked, do nothing\n", ConfigFormEntry
->HddString
));
1671 UnicodeSPrint (PopUpString
, sizeof (PopUpString
), L
"Set Master Pwd: %s", ConfigFormEntry
->HddString
);
1674 // Check the device security status.
1676 if (ConfigFormEntry
->IfrData
.SecurityStatus
.Supported
) {
1678 Status
= PopupHddPasswordInputWindows (PopUpString
, L
"Please type in your new password", Password
);
1679 if (!EFI_ERROR (Status
)) {
1680 Status
= PopupHddPasswordInputWindows (PopUpString
, L
"Please confirm your new password", PasswordConfirm
);
1681 if (!EFI_ERROR (Status
)) {
1682 if (CompareMem (Password
, PasswordConfirm
, HDD_PASSWORD_MAX_LENGTH
) == 0) {
1683 if (!PasswordIsFullZero (Password
)) {
1684 Status
= SetHddPassword (AtaPassThru
, Port
, PortMultiplierPort
, 1, 1, 1, Password
);
1686 Status
= EFI_INVALID_PARAMETER
;
1688 if (!EFI_ERROR (Status
)) {
1689 ZeroMem (Password
, HDD_PASSWORD_MAX_LENGTH
);
1690 ZeroMem (PasswordConfirm
, HDD_PASSWORD_MAX_LENGTH
);
1695 EFI_LIGHTGRAY
| EFI_BACKGROUND_BLUE
,
1697 L
"Set Master Pwd failed or invalid password.",
1698 L
"Press ENTER to retry",
1701 } while (Key
.UnicodeChar
!= CHAR_CARRIAGE_RETURN
);
1706 EFI_LIGHTGRAY
| EFI_BACKGROUND_BLUE
,
1708 L
"Passwords are not the same.",
1709 L
"Press ENTER to retry",
1712 } while (Key
.UnicodeChar
!= CHAR_CARRIAGE_RETURN
);
1713 Status
= EFI_INVALID_PARAMETER
;
1717 ZeroMem (Password
, HDD_PASSWORD_MAX_LENGTH
);
1718 ZeroMem (PasswordConfirm
, HDD_PASSWORD_MAX_LENGTH
);
1720 if (EFI_ERROR (Status
)) {
1722 if (RetryCount
>= MAX_HDD_PASSWORD_RETRY_COUNT
) {
1725 EFI_LIGHTGRAY
| EFI_BACKGROUND_BLUE
,
1727 L
"Hdd password retry count is expired.",
1728 L
"Press ENTER to skip the request and continue boot",
1731 } while (Key
.UnicodeChar
!= CHAR_CARRIAGE_RETURN
);
1732 gST
->ConOut
->ClearScreen(gST
->ConOut
);
1736 } else if (Status
== EFI_ABORTED
) {
1739 EFI_LIGHTGRAY
| EFI_BACKGROUND_BLUE
,
1741 L
"Press ENTER to skip the request and continue boot,",
1742 L
"Press ESC to input password again",
1745 } while ((Key
.ScanCode
!= SCAN_ESC
) && (Key
.UnicodeChar
!= CHAR_CARRIAGE_RETURN
));
1747 if (Key
.UnicodeChar
== CHAR_CARRIAGE_RETURN
) {
1748 gST
->ConOut
->ClearScreen(gST
->ConOut
);
1752 // Let user input password again.
1762 Process HDD password request.
1764 @param[in] AtaPassThru Pointer to ATA_PASSTHRU instance.
1765 @param[in] Port The port number of attached ATA device.
1766 @param[in] PortMultiplierPort The port number of port multiplier of attached ATA device.
1767 @param[in] ConfigFormEntry The HDD Password configuration form entry.
1771 ProcessHddPasswordRequest (
1772 IN EFI_ATA_PASS_THRU_PROTOCOL
*AtaPassThru
,
1774 IN UINT16 PortMultiplierPort
,
1775 IN HDD_PASSWORD_CONFIG_FORM_ENTRY
*ConfigFormEntry
1779 HDD_PASSWORD_REQUEST_VARIABLE
*TempVariable
;
1780 HDD_PASSWORD_REQUEST_VARIABLE
*Variable
;
1783 DEBUG ((DEBUG_INFO
, "%a() - enter\n", __FUNCTION__
));
1785 if (mHddPasswordRequestVariable
== NULL
) {
1786 Status
= GetVariable2 (
1787 HDD_PASSWORD_REQUEST_VARIABLE_NAME
,
1788 &mHddPasswordVendorGuid
,
1789 (VOID
**) &Variable
,
1792 if (EFI_ERROR (Status
) || (Variable
== NULL
)) {
1795 mHddPasswordRequestVariable
= Variable
;
1796 mHddPasswordRequestVariableSize
= VariableSize
;
1799 // Delete the HDD password request variable.
1801 Status
= gRT
->SetVariable (
1802 HDD_PASSWORD_REQUEST_VARIABLE_NAME
,
1803 &mHddPasswordVendorGuid
,
1808 ASSERT_EFI_ERROR (Status
);
1810 Variable
= mHddPasswordRequestVariable
;
1811 VariableSize
= mHddPasswordRequestVariableSize
;
1815 // Process the HDD password requests.
1817 TempVariable
= Variable
;
1818 while (VariableSize
>= sizeof (HDD_PASSWORD_REQUEST_VARIABLE
)) {
1819 if ((TempVariable
->Device
.Bus
== ConfigFormEntry
->Bus
) &&
1820 (TempVariable
->Device
.Device
== ConfigFormEntry
->Device
) &&
1821 (TempVariable
->Device
.Function
== ConfigFormEntry
->Function
) &&
1822 (TempVariable
->Device
.Port
== ConfigFormEntry
->Port
) &&
1823 (TempVariable
->Device
.PortMultiplierPort
== ConfigFormEntry
->PortMultiplierPort
)) {
1825 // Found the node for the HDD password device.
1827 if (TempVariable
->Request
.UserPassword
!= 0) {
1828 ProcessHddPasswordRequestSetUserPwd (AtaPassThru
, Port
, PortMultiplierPort
, ConfigFormEntry
);
1830 if (TempVariable
->Request
.MasterPassword
!= 0) {
1831 ProcessHddPasswordRequestSetMasterPwd (AtaPassThru
, Port
, PortMultiplierPort
, ConfigFormEntry
);
1837 VariableSize
-= sizeof (HDD_PASSWORD_REQUEST_VARIABLE
);
1841 DEBUG ((DEBUG_INFO
, "%a() - exit\n", __FUNCTION__
));
1845 Get saved HDD password request.
1847 @param[in, out] ConfigFormEntry The HDD Password configuration form entry.
1851 GetSavedHddPasswordRequest (
1852 IN OUT HDD_PASSWORD_CONFIG_FORM_ENTRY
*ConfigFormEntry
1856 HDD_PASSWORD_REQUEST_VARIABLE
*TempVariable
;
1857 HDD_PASSWORD_REQUEST_VARIABLE
*Variable
;
1860 DEBUG ((DEBUG_INFO
, "%a() - enter\n", __FUNCTION__
));
1865 Status
= GetVariable2 (
1866 HDD_PASSWORD_REQUEST_VARIABLE_NAME
,
1867 &mHddPasswordVendorGuid
,
1868 (VOID
**) &Variable
,
1871 if (EFI_ERROR (Status
) || (Variable
== NULL
)) {
1875 TempVariable
= Variable
;
1876 while (VariableSize
>= sizeof (HDD_PASSWORD_REQUEST_VARIABLE
)) {
1877 if ((TempVariable
->Device
.Bus
== ConfigFormEntry
->Bus
) &&
1878 (TempVariable
->Device
.Device
== ConfigFormEntry
->Device
) &&
1879 (TempVariable
->Device
.Function
== ConfigFormEntry
->Function
) &&
1880 (TempVariable
->Device
.Port
== ConfigFormEntry
->Port
) &&
1881 (TempVariable
->Device
.PortMultiplierPort
== ConfigFormEntry
->PortMultiplierPort
)) {
1883 // Found the node for the HDD password device.
1884 // Get the HDD password request.
1886 CopyMem (&ConfigFormEntry
->IfrData
.Request
, &TempVariable
->Request
, sizeof (HDD_PASSWORD_REQUEST
));
1889 "HddPasswordRequest got: 0x%x\n",
1890 ConfigFormEntry
->IfrData
.Request
1894 VariableSize
-= sizeof (HDD_PASSWORD_REQUEST_VARIABLE
);
1898 FreePool (Variable
);
1900 DEBUG ((DEBUG_INFO
, "%a() - exit\n", __FUNCTION__
));
1904 Save HDD password request.
1906 @param[in] ConfigFormEntry The HDD Password configuration form entry.
1910 SaveHddPasswordRequest (
1911 IN HDD_PASSWORD_CONFIG_FORM_ENTRY
*ConfigFormEntry
1915 HDD_PASSWORD_REQUEST_VARIABLE
*TempVariable
;
1916 UINTN TempVariableSize
;
1917 HDD_PASSWORD_REQUEST_VARIABLE
*Variable
;
1919 HDD_PASSWORD_REQUEST_VARIABLE
*NewVariable
;
1920 UINTN NewVariableSize
;
1922 DEBUG ((DEBUG_INFO
, "%a() - enter\n", __FUNCTION__
));
1926 "HddPasswordRequest to save: 0x%x\n",
1927 ConfigFormEntry
->IfrData
.Request
1933 NewVariableSize
= 0;
1935 Status
= GetVariable2 (
1936 HDD_PASSWORD_REQUEST_VARIABLE_NAME
,
1937 &mHddPasswordVendorGuid
,
1938 (VOID
**) &Variable
,
1941 if (!EFI_ERROR (Status
) && (Variable
!= NULL
)) {
1942 TempVariable
= Variable
;
1943 TempVariableSize
= VariableSize
;
1944 while (TempVariableSize
>= sizeof (HDD_PASSWORD_REQUEST_VARIABLE
)) {
1945 if ((TempVariable
->Device
.Bus
== ConfigFormEntry
->Bus
) &&
1946 (TempVariable
->Device
.Device
== ConfigFormEntry
->Device
) &&
1947 (TempVariable
->Device
.Function
== ConfigFormEntry
->Function
) &&
1948 (TempVariable
->Device
.Port
== ConfigFormEntry
->Port
) &&
1949 (TempVariable
->Device
.PortMultiplierPort
== ConfigFormEntry
->PortMultiplierPort
)) {
1951 // Found the node for the HDD password device.
1952 // Update the HDD password request.
1954 CopyMem (&TempVariable
->Request
, &ConfigFormEntry
->IfrData
.Request
, sizeof (HDD_PASSWORD_REQUEST
));
1955 NewVariable
= Variable
;
1956 NewVariableSize
= VariableSize
;
1959 TempVariableSize
-= sizeof (HDD_PASSWORD_REQUEST_VARIABLE
);
1962 if (NewVariable
== NULL
) {
1964 // The node for the HDD password device is not found.
1965 // Create node for the HDD password device.
1967 NewVariableSize
= VariableSize
+ sizeof (HDD_PASSWORD_REQUEST_VARIABLE
);
1968 NewVariable
= AllocateZeroPool (NewVariableSize
);
1969 ASSERT (NewVariable
!= NULL
);
1970 CopyMem (NewVariable
, Variable
, VariableSize
);
1971 TempVariable
= (HDD_PASSWORD_REQUEST_VARIABLE
*) ((UINTN
) NewVariable
+ VariableSize
);
1972 TempVariable
->Device
.Bus
= (UINT8
) ConfigFormEntry
->Bus
;
1973 TempVariable
->Device
.Device
= (UINT8
) ConfigFormEntry
->Device
;
1974 TempVariable
->Device
.Function
= (UINT8
) ConfigFormEntry
->Function
;
1975 TempVariable
->Device
.Port
= ConfigFormEntry
->Port
;
1976 TempVariable
->Device
.PortMultiplierPort
= ConfigFormEntry
->PortMultiplierPort
;
1977 CopyMem (&TempVariable
->Request
, &ConfigFormEntry
->IfrData
.Request
, sizeof (HDD_PASSWORD_REQUEST
));
1980 NewVariableSize
= sizeof (HDD_PASSWORD_REQUEST_VARIABLE
);
1981 NewVariable
= AllocateZeroPool (NewVariableSize
);
1982 ASSERT (NewVariable
!= NULL
);
1983 NewVariable
->Device
.Bus
= (UINT8
) ConfigFormEntry
->Bus
;
1984 NewVariable
->Device
.Device
= (UINT8
) ConfigFormEntry
->Device
;
1985 NewVariable
->Device
.Function
= (UINT8
) ConfigFormEntry
->Function
;
1986 NewVariable
->Device
.Port
= ConfigFormEntry
->Port
;
1987 NewVariable
->Device
.PortMultiplierPort
= ConfigFormEntry
->PortMultiplierPort
;
1988 CopyMem (&NewVariable
->Request
, &ConfigFormEntry
->IfrData
.Request
, sizeof (HDD_PASSWORD_REQUEST
));
1990 Status
= gRT
->SetVariable (
1991 HDD_PASSWORD_REQUEST_VARIABLE_NAME
,
1992 &mHddPasswordVendorGuid
,
1993 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
,
1997 if (EFI_ERROR (Status
)) {
1998 DEBUG ((DEBUG_INFO
, "HddPasswordRequest variable set failed (%r)\n", Status
));
2000 if (NewVariable
!= Variable
) {
2001 FreePool (NewVariable
);
2003 if (Variable
!= NULL
) {
2004 FreePool (Variable
);
2007 DEBUG ((DEBUG_INFO
, "%a() - exit\n", __FUNCTION__
));
2011 Get the HDD Password configuration form entry by the index of the goto opcode actived.
2013 @param[in] Index The 0-based index of the goto opcode actived.
2015 @return The HDD Password configuration form entry found.
2017 HDD_PASSWORD_CONFIG_FORM_ENTRY
*
2018 HddPasswordGetConfigFormEntryByIndex (
2023 UINT32 CurrentIndex
;
2024 HDD_PASSWORD_CONFIG_FORM_ENTRY
*ConfigFormEntry
;
2027 ConfigFormEntry
= NULL
;
2029 EFI_LIST_FOR_EACH (Entry
, &mHddPasswordConfigFormList
) {
2030 if (CurrentIndex
== Index
) {
2031 ConfigFormEntry
= BASE_CR (Entry
, HDD_PASSWORD_CONFIG_FORM_ENTRY
, Link
);
2038 return ConfigFormEntry
;
2042 This function allows the caller to request the current
2043 configuration for one or more named elements. The resulting
2044 string is in <ConfigAltResp> format. Any and all alternative
2045 configuration strings shall also be appended to the end of the
2046 current configuration string. If they are, they must appear
2047 after the current configuration. They must contain the same
2048 routing (GUID, NAME, PATH) as the current configuration string.
2049 They must have an additional description indicating the type of
2050 alternative configuration the string represents,
2051 "ALTCFG=<StringToken>". That <StringToken> (when
2052 converted from Hex UNICODE to binary) is a reference to a
2053 string in the associated string pack.
2055 @param[in] This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
2056 @param[in] Request A null-terminated Unicode string in
2057 <ConfigRequest> format. Note that this
2058 includes the routing information as well as
2059 the configurable name / value pairs. It is
2060 invalid for this string to be in
2061 <MultiConfigRequest> format.
2062 @param[out] Progress On return, points to a character in the
2063 Request string. Points to the string's null
2064 terminator if request was successful. Points
2065 to the most recent "&" before the first
2066 failing name / value pair (or the beginning
2067 of the string if the failure is in the first
2068 name / value pair) if the request was not
2070 @param[out] Results A null-terminated Unicode string in
2071 <ConfigAltResp> format which has all values
2072 filled in for the names in the Request string.
2073 String to be allocated by the called function.
2075 @retval EFI_SUCCESS The Results string is filled with the
2076 values corresponding to all requested
2078 @retval EFI_OUT_OF_RESOURCES Not enough memory to store the
2079 parts of the results that must be
2080 stored awaiting possible future
2082 @retval EFI_INVALID_PARAMETER For example, passing in a NULL
2083 for the Request parameter
2084 would result in this type of
2085 error. In this case, the
2086 Progress parameter would be
2088 @retval EFI_NOT_FOUND Routing data doesn't match any
2089 known driver. Progress set to the
2090 first character in the routing header.
2091 Note: There is no requirement that the
2092 driver validate the routing data. It
2093 must skip the <ConfigHdr> in order to
2095 @retval EFI_INVALID_PARAMETER Illegal syntax. Progress set
2096 to most recent & before the
2097 error or the beginning of the
2099 @retval EFI_INVALID_PARAMETER Unknown name. Progress points
2100 to the & before the name in
2101 question.Currently not implemented.
2105 HddPasswordFormExtractConfig (
2106 IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL
*This
,
2107 IN CONST EFI_STRING Request
,
2108 OUT EFI_STRING
*Progress
,
2109 OUT EFI_STRING
*Results
2114 HDD_PASSWORD_CONFIG
*IfrData
;
2115 HDD_PASSWORD_DXE_PRIVATE_DATA
*Private
;
2116 EFI_STRING ConfigRequestHdr
;
2117 EFI_STRING ConfigRequest
;
2118 BOOLEAN AllocatedRequest
;
2121 if (Progress
== NULL
|| Results
== NULL
) {
2122 return EFI_INVALID_PARAMETER
;
2125 *Progress
= Request
;
2126 if ((Request
!= NULL
) && !HiiIsConfigHdrMatch (Request
, &mHddPasswordVendorGuid
, mHddPasswordVendorStorageName
)) {
2127 return EFI_NOT_FOUND
;
2130 ConfigRequestHdr
= NULL
;
2131 ConfigRequest
= NULL
;
2132 AllocatedRequest
= FALSE
;
2135 Private
= HDD_PASSWORD_DXE_PRIVATE_FROM_THIS (This
);
2136 IfrData
= AllocateZeroPool (sizeof (HDD_PASSWORD_CONFIG
));
2137 ASSERT (IfrData
!= NULL
);
2138 if (Private
->Current
!= NULL
) {
2139 CopyMem (IfrData
, &Private
->Current
->IfrData
, sizeof (HDD_PASSWORD_CONFIG
));
2143 // Convert buffer data to <ConfigResp> by helper function BlockToConfig()
2145 BufferSize
= sizeof (HDD_PASSWORD_CONFIG
);
2146 ConfigRequest
= Request
;
2147 if ((Request
== NULL
) || (StrStr (Request
, L
"OFFSET") == NULL
)) {
2149 // Request has no request element, construct full request string.
2150 // Allocate and fill a buffer large enough to hold the <ConfigHdr> template
2151 // followed by "&OFFSET=0&WIDTH=WWWWWWWWWWWWWWWW" followed by a Null-terminator
2153 ConfigRequestHdr
= HiiConstructConfigHdr (&mHddPasswordVendorGuid
, mHddPasswordVendorStorageName
, Private
->DriverHandle
);
2154 Size
= (StrLen (ConfigRequestHdr
) + 32 + 1) * sizeof (CHAR16
);
2155 ConfigRequest
= AllocateZeroPool (Size
);
2156 ASSERT (ConfigRequest
!= NULL
);
2157 AllocatedRequest
= TRUE
;
2158 UnicodeSPrint (ConfigRequest
, Size
, L
"%s&OFFSET=0&WIDTH=%016LX", ConfigRequestHdr
, (UINT64
)BufferSize
);
2159 FreePool (ConfigRequestHdr
);
2161 Status
= gHiiConfigRouting
->BlockToConfig (
2171 // Free the allocated config request string.
2173 if (AllocatedRequest
) {
2174 FreePool (ConfigRequest
);
2175 ConfigRequest
= NULL
;
2179 // Set Progress string to the original request string.
2181 if (Request
== NULL
) {
2183 } else if (StrStr (Request
, L
"OFFSET") == NULL
) {
2184 *Progress
= Request
+ StrLen (Request
);
2191 This function applies changes in a driver's configuration.
2192 Input is a Configuration, which has the routing data for this
2193 driver followed by name / value configuration pairs. The driver
2194 must apply those pairs to its configurable storage. If the
2195 driver's configuration is stored in a linear block of data
2196 and the driver's name / value pairs are in <BlockConfig>
2197 format, it may use the ConfigToBlock helper function (above) to
2198 simplify the job. Currently not implemented.
2200 @param[in] This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
2201 @param[in] Configuration A null-terminated Unicode string in
2202 <ConfigString> format.
2203 @param[out] Progress A pointer to a string filled in with the
2204 offset of the most recent '&' before the
2205 first failing name / value pair (or the
2206 beginn ing of the string if the failure
2207 is in the first name / value pair) or
2208 the terminating NULL if all was
2211 @retval EFI_SUCCESS The results have been distributed or are
2212 awaiting distribution.
2213 @retval EFI_OUT_OF_RESOURCES Not enough memory to store the
2214 parts of the results that must be
2215 stored awaiting possible future
2217 @retval EFI_INVALID_PARAMETERS Passing in a NULL for the
2218 Results parameter would result
2219 in this type of error.
2220 @retval EFI_NOT_FOUND Target for the specified routing data
2225 HddPasswordFormRouteConfig (
2226 IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL
*This
,
2227 IN CONST EFI_STRING Configuration
,
2228 OUT EFI_STRING
*Progress
2231 if (Configuration
== NULL
|| Progress
== NULL
) {
2232 return EFI_INVALID_PARAMETER
;
2236 // Check routing data in <ConfigHdr>.
2237 // Note: if only one Storage is used, then this checking could be skipped.
2239 if (!HiiIsConfigHdrMatch (Configuration
, &mHddPasswordVendorGuid
, mHddPasswordVendorStorageName
)) {
2240 *Progress
= Configuration
;
2241 return EFI_NOT_FOUND
;
2244 *Progress
= Configuration
+ StrLen (Configuration
);
2249 This function is called to provide results data to the driver.
2250 This data consists of a unique key that is used to identify
2251 which data is either being passed back or being asked for.
2253 @param[in] This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
2254 @param[in] Action Specifies the type of action taken by the browser.
2255 @param[in] QuestionId A unique value which is sent to the original
2256 exporting driver so that it can identify the type
2257 of data to expect. The format of the data tends to
2258 vary based on the opcode that enerated the callback.
2259 @param[in] Type The type of value for the question.
2260 @param[in] Value A pointer to the data being sent to the original
2262 @param[out] ActionRequest On return, points to the action requested by the
2265 @retval EFI_SUCCESS The callback successfully handled the action.
2266 @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold the
2267 variable and its data.
2268 @retval EFI_DEVICE_ERROR The variable could not be saved.
2269 @retval EFI_UNSUPPORTED The specified Action is not supported by the
2270 callback.Currently not implemented.
2271 @retval EFI_INVALID_PARAMETERS Passing in wrong parameter.
2272 @retval Others Other errors as indicated.
2276 HddPasswordFormCallback (
2277 IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL
*This
,
2278 IN EFI_BROWSER_ACTION Action
,
2279 IN EFI_QUESTION_ID QuestionId
,
2281 IN EFI_IFR_TYPE_VALUE
*Value
,
2282 OUT EFI_BROWSER_ACTION_REQUEST
*ActionRequest
2285 HDD_PASSWORD_DXE_PRIVATE_DATA
*Private
;
2286 EFI_STRING_ID DeviceFormTitleToken
;
2287 HDD_PASSWORD_CONFIG
*IfrData
;
2288 HDD_PASSWORD_CONFIG_FORM_ENTRY
*ConfigFormEntry
;
2290 if (ActionRequest
!= NULL
) {
2291 *ActionRequest
= EFI_BROWSER_ACTION_REQUEST_NONE
;
2293 return EFI_INVALID_PARAMETER
;
2296 if ((Action
!= EFI_BROWSER_ACTION_CHANGING
) && (Action
!= EFI_BROWSER_ACTION_CHANGED
)) {
2298 // Do nothing for other UEFI Action. Only do call back when data is changing or changed.
2300 return EFI_UNSUPPORTED
;
2303 Private
= HDD_PASSWORD_DXE_PRIVATE_FROM_THIS (This
);
2306 // Retrive data from Browser
2308 IfrData
= AllocateZeroPool (sizeof (HDD_PASSWORD_CONFIG
));
2309 ASSERT (IfrData
!= NULL
);
2310 if (!HiiGetBrowserData (&mHddPasswordVendorGuid
, mHddPasswordVendorStorageName
, sizeof (HDD_PASSWORD_CONFIG
), (UINT8
*) IfrData
)) {
2312 return EFI_NOT_FOUND
;
2315 switch (QuestionId
) {
2316 case KEY_HDD_USER_PASSWORD
:
2317 if (Action
== EFI_BROWSER_ACTION_CHANGED
) {
2318 DEBUG ((DEBUG_INFO
, "KEY_HDD_USER_PASSWORD\n"));
2319 ConfigFormEntry
= Private
->Current
;
2320 ConfigFormEntry
->IfrData
.Request
.UserPassword
= Value
->b
;
2321 SaveHddPasswordRequest (ConfigFormEntry
);
2322 *ActionRequest
= EFI_BROWSER_ACTION_REQUEST_FORM_APPLY
;
2325 case KEY_HDD_MASTER_PASSWORD
:
2326 if (Action
== EFI_BROWSER_ACTION_CHANGED
) {
2327 DEBUG ((DEBUG_INFO
, "KEY_HDD_MASTER_PASSWORD\n"));
2328 ConfigFormEntry
= Private
->Current
;
2329 ConfigFormEntry
->IfrData
.Request
.MasterPassword
= Value
->b
;
2330 SaveHddPasswordRequest (ConfigFormEntry
);
2331 *ActionRequest
= EFI_BROWSER_ACTION_REQUEST_FORM_APPLY
;
2336 if ((QuestionId
>= KEY_HDD_DEVICE_ENTRY_BASE
) && (QuestionId
< (mNumberOfHddDevices
+ KEY_HDD_DEVICE_ENTRY_BASE
))) {
2337 if (Action
== EFI_BROWSER_ACTION_CHANGING
) {
2339 // In case goto the device configuration form, update the device form title.
2341 ConfigFormEntry
= HddPasswordGetConfigFormEntryByIndex ((UINT32
) (QuestionId
- KEY_HDD_DEVICE_ENTRY_BASE
));
2342 ASSERT (ConfigFormEntry
!= NULL
);
2344 DeviceFormTitleToken
= (EFI_STRING_ID
) STR_HDD_SECURITY_HD
;
2345 HiiSetString (Private
->HiiHandle
, DeviceFormTitleToken
, ConfigFormEntry
->HddString
, NULL
);
2347 Private
->Current
= ConfigFormEntry
;
2348 CopyMem (IfrData
, &ConfigFormEntry
->IfrData
, sizeof (HDD_PASSWORD_CONFIG
));
2356 // Pass changed uncommitted data back to Form Browser
2358 HiiSetBrowserData (&mHddPasswordVendorGuid
, mHddPasswordVendorStorageName
, sizeof (HDD_PASSWORD_CONFIG
), (UINT8
*) IfrData
, NULL
);
2365 Updates the HDD Password configuration form to add an entry for the attached
2366 ata harddisk device specified by the Controller.
2368 @param[in] HiiHandle The HII Handle associated with the registered package list.
2369 @param[in] AtaPassThru Pointer to ATA_PASSTHRU instance.
2370 @param[in] PciIo Pointer to PCI_IO instance.
2371 @param[in] Controller The controller handle of the attached ata controller.
2372 @param[in] Bus The bus number of ATA controller.
2373 @param[in] Device The device number of ATA controller.
2374 @param[in] Function The function number of ATA controller.
2375 @param[in] Port The port number of attached ATA device.
2376 @param[in] PortMultiplierPort The port number of port multiplier of attached ATA device.
2378 @retval EFI_SUCCESS The Hdd Password configuration form is updated.
2379 @retval EFI_OUT_OF_RESOURCES Failed to allocate memory.
2380 @retval Others Other errors as indicated.
2384 HddPasswordConfigUpdateForm (
2385 IN EFI_HII_HANDLE HiiHandle
,
2386 IN EFI_ATA_PASS_THRU_PROTOCOL
*AtaPassThru
,
2387 IN EFI_PCI_IO_PROTOCOL
*PciIo
,
2388 IN EFI_HANDLE Controller
,
2393 IN UINT16 PortMultiplierPort
2397 HDD_PASSWORD_CONFIG_FORM_ENTRY
*ConfigFormEntry
;
2398 BOOLEAN EntryExisted
;
2400 VOID
*StartOpCodeHandle
;
2401 VOID
*EndOpCodeHandle
;
2402 EFI_IFR_GUID_LABEL
*StartLabel
;
2403 EFI_IFR_GUID_LABEL
*EndLabel
;
2404 CHAR16 HddString
[40];
2405 ATA_IDENTIFY_DATA IdentifyData
;
2406 EFI_DEVICE_PATH_PROTOCOL
*AtaDeviceNode
;
2408 ConfigFormEntry
= NULL
;
2409 EntryExisted
= FALSE
;
2411 EFI_LIST_FOR_EACH (Entry
, &mHddPasswordConfigFormList
) {
2412 ConfigFormEntry
= BASE_CR (Entry
, HDD_PASSWORD_CONFIG_FORM_ENTRY
, Link
);
2414 if ((ConfigFormEntry
->Bus
== Bus
) &&
2415 (ConfigFormEntry
->Device
== Device
) &&
2416 (ConfigFormEntry
->Function
== Function
) &&
2417 (ConfigFormEntry
->Port
== Port
) &&
2418 (ConfigFormEntry
->PortMultiplierPort
== PortMultiplierPort
)) {
2419 EntryExisted
= TRUE
;
2424 if (!EntryExisted
) {
2428 ConfigFormEntry
= AllocateZeroPool (sizeof (HDD_PASSWORD_CONFIG_FORM_ENTRY
));
2429 if (ConfigFormEntry
== NULL
) {
2430 return EFI_OUT_OF_RESOURCES
;
2433 InitializeListHead (&ConfigFormEntry
->Link
);
2434 ConfigFormEntry
->Controller
= Controller
;
2435 ConfigFormEntry
->Bus
= Bus
;
2436 ConfigFormEntry
->Device
= Device
;
2437 ConfigFormEntry
->Function
= Function
;
2438 ConfigFormEntry
->Port
= Port
;
2439 ConfigFormEntry
->PortMultiplierPort
= PortMultiplierPort
;
2440 ConfigFormEntry
->AtaPassThru
= AtaPassThru
;
2442 DEBUG ((DEBUG_INFO
, "HddPasswordDxe: Create new form for device[%d][%d] at Bus 0x%x Dev 0x%x Func 0x%x\n", Port
, PortMultiplierPort
, Bus
, Device
, Function
));
2445 // Construct the device path for the HDD password device
2447 Status
= AtaPassThru
->BuildDevicePath (
2453 if (EFI_ERROR (Status
)) {
2456 ConfigFormEntry
->DevicePath
= AppendDevicePathNode (DevicePathFromHandle (Controller
), AtaDeviceNode
);
2457 FreePool (AtaDeviceNode
);
2458 if (ConfigFormEntry
->DevicePath
== NULL
) {
2459 return EFI_OUT_OF_RESOURCES
;
2463 // Get attached harddisk model number
2465 Status
= GetHddDeviceIdentifyData (AtaPassThru
, Port
, PortMultiplierPort
, &IdentifyData
);
2466 ASSERT_EFI_ERROR (Status
);
2467 if (EFI_ERROR (Status
)) {
2470 GetHddDeviceModelNumber (&IdentifyData
, HddString
);
2472 // Compose the HDD title string and help string of this port and create a new EFI_STRING_ID.
2474 UnicodeSPrint (ConfigFormEntry
->HddString
, sizeof (ConfigFormEntry
->HddString
), L
"HDD %d:%s", mNumberOfHddDevices
, HddString
);
2475 ConfigFormEntry
->TitleToken
= HiiSetString (HiiHandle
, 0, ConfigFormEntry
->HddString
, NULL
);
2476 ConfigFormEntry
->TitleHelpToken
= HiiSetString (HiiHandle
, 0, L
"Request to set HDD Password", NULL
);
2478 GetHddPasswordSecurityStatus (&IdentifyData
, &ConfigFormEntry
->IfrData
);
2480 InsertTailList (&mHddPasswordConfigFormList
, &ConfigFormEntry
->Link
);
2483 // Init OpCode Handle
2485 StartOpCodeHandle
= HiiAllocateOpCodeHandle ();
2486 ASSERT (StartOpCodeHandle
!= NULL
);
2488 EndOpCodeHandle
= HiiAllocateOpCodeHandle ();
2489 ASSERT (EndOpCodeHandle
!= NULL
);
2492 // Create Hii Extend Label OpCode as the start opcode
2494 StartLabel
= (EFI_IFR_GUID_LABEL
*) HiiCreateGuidOpCode (StartOpCodeHandle
, &gEfiIfrTianoGuid
, NULL
, sizeof (EFI_IFR_GUID_LABEL
));
2495 StartLabel
->ExtendOpCode
= EFI_IFR_EXTEND_OP_LABEL
;
2496 StartLabel
->Number
= HDD_DEVICE_ENTRY_LABEL
;
2499 // Create Hii Extend Label OpCode as the end opcode
2501 EndLabel
= (EFI_IFR_GUID_LABEL
*) HiiCreateGuidOpCode (EndOpCodeHandle
, &gEfiIfrTianoGuid
, NULL
, sizeof (EFI_IFR_GUID_LABEL
));
2502 EndLabel
->ExtendOpCode
= EFI_IFR_EXTEND_OP_LABEL
;
2503 EndLabel
->Number
= HDD_DEVICE_LABEL_END
;
2505 mNumberOfHddDevices
= 0;
2506 EFI_LIST_FOR_EACH (Entry
, &mHddPasswordConfigFormList
) {
2507 ConfigFormEntry
= BASE_CR (Entry
, HDD_PASSWORD_CONFIG_FORM_ENTRY
, Link
);
2509 HiiCreateGotoOpCode (
2510 StartOpCodeHandle
, // Container for dynamic created opcodes
2511 FORMID_HDD_DEVICE_FORM
, // Target Form ID
2512 ConfigFormEntry
->TitleToken
, // Prompt text
2513 ConfigFormEntry
->TitleHelpToken
, // Help text
2514 EFI_IFR_FLAG_CALLBACK
, // Question flag
2515 (UINT16
) (KEY_HDD_DEVICE_ENTRY_BASE
+ mNumberOfHddDevices
) // Question ID
2518 mNumberOfHddDevices
++;
2523 &mHddPasswordVendorGuid
,
2524 FORMID_HDD_MAIN_FORM
,
2529 HiiFreeOpCodeHandle (StartOpCodeHandle
);
2530 HiiFreeOpCodeHandle (EndOpCodeHandle
);
2533 // Check if device is locked and prompt for password.
2535 HddPasswordRequestPassword (AtaPassThru
, Port
, PortMultiplierPort
, ConfigFormEntry
);
2538 // Process HDD password request from last boot.
2540 ProcessHddPasswordRequest (AtaPassThru
, Port
, PortMultiplierPort
, ConfigFormEntry
);
2547 Ata Pass Thru Protocol notification event handler.
2549 Check attached harddisk status to see if it's locked. If yes, then pop up a password windows to require user input.
2550 It also registers a form for user configuration on Hdd password configuration.
2552 @param[in] Event Event whose notification function is being invoked.
2553 @param[in] Context Pointer to the notification function's context.
2558 HddPasswordNotificationEvent (
2564 HDD_PASSWORD_DXE_PRIVATE_DATA
*Private
;
2565 EFI_ATA_PASS_THRU_PROTOCOL
*AtaPassThru
;
2567 UINT16 PortMultiplierPort
;
2568 EFI_HANDLE Controller
;
2569 EFI_HANDLE
*HandleBuffer
;
2572 EFI_PCI_IO_PROTOCOL
*PciIo
;
2578 if (mHddPasswordEndOfDxe
) {
2579 gBS
->CloseEvent (Event
);
2583 Private
= (HDD_PASSWORD_DXE_PRIVATE_DATA
*)Context
;
2586 // Locate all handles of AtaPassThru protocol
2588 Status
= gBS
->LocateHandleBuffer (
2590 &gEfiAtaPassThruProtocolGuid
,
2595 if (EFI_ERROR (Status
)) {
2600 // Check attached hard disk status to see if it's locked
2602 for (Index
= 0; Index
< HandleCount
; Index
+= 1) {
2603 Controller
= HandleBuffer
[Index
];
2604 Status
= gBS
->HandleProtocol (
2606 &gEfiAtaPassThruProtocolGuid
,
2607 (VOID
**) &AtaPassThru
2609 if (EFI_ERROR (Status
)) {
2614 // Ignore those logical ATA_PASS_THRU instance.
2616 if ((AtaPassThru
->Mode
->Attributes
& EFI_ATA_PASS_THRU_ATTRIBUTES_PHYSICAL
) == 0) {
2620 Status
= gBS
->HandleProtocol (
2622 &gEfiPciIoProtocolGuid
,
2625 ASSERT_EFI_ERROR (Status
);
2626 if (EFI_ERROR (Status
)) {
2630 Status
= PciIo
->GetLocation (
2637 ASSERT_EFI_ERROR (Status
);
2638 if (EFI_ERROR (Status
)) {
2643 // Assume and only support Segment == 0.
2645 ASSERT (SegNum
== 0);
2648 // traverse all attached harddisk devices to update form and unlock it
2653 Status
= AtaPassThru
->GetNextPort (AtaPassThru
, &Port
);
2654 if (EFI_ERROR (Status
)) {
2656 // We cannot find more legal port then we are done.
2661 PortMultiplierPort
= 0xFFFF;
2663 Status
= AtaPassThru
->GetNextDevice (AtaPassThru
, Port
, &PortMultiplierPort
);
2664 if (EFI_ERROR (Status
)) {
2666 // We cannot find more legal port multiplier port number for ATA device
2667 // on the port, then we are done.
2672 // Find out the attached harddisk devices.
2673 // Try to add a HDD Password configuration page for the attached devices.
2675 gBS
->RestoreTPL (TPL_APPLICATION
);
2676 Status
= HddPasswordConfigUpdateForm (Private
->HiiHandle
, AtaPassThru
, PciIo
, Controller
, BusNum
, DevNum
, FuncNum
, Port
, PortMultiplierPort
);
2677 gBS
->RaiseTPL (TPL_CALLBACK
);
2678 if (EFI_ERROR (Status
)) {
2685 FreePool (HandleBuffer
);
2690 Initialize the HDD Password configuration form.
2692 @param[out] Instance Pointer to private instance.
2694 @retval EFI_SUCCESS The HDD Password configuration form is initialized.
2695 @retval EFI_OUT_OF_RESOURCES Failed to allocate memory.
2696 @retval Others Other errors as indicated.
2699 HddPasswordConfigFormInit (
2700 OUT HDD_PASSWORD_DXE_PRIVATE_DATA
**Instance
2704 HDD_PASSWORD_DXE_PRIVATE_DATA
*Private
;
2706 InitializeListHead (&mHddPasswordConfigFormList
);
2708 Private
= AllocateZeroPool (sizeof (HDD_PASSWORD_DXE_PRIVATE_DATA
));
2709 if (Private
== NULL
) {
2710 return EFI_OUT_OF_RESOURCES
;
2713 Private
->Signature
= HDD_PASSWORD_DXE_PRIVATE_SIGNATURE
;
2715 Private
->ConfigAccess
.ExtractConfig
= HddPasswordFormExtractConfig
;
2716 Private
->ConfigAccess
.RouteConfig
= HddPasswordFormRouteConfig
;
2717 Private
->ConfigAccess
.Callback
= HddPasswordFormCallback
;
2720 // Install Device Path Protocol and Config Access protocol to driver handle
2722 Status
= gBS
->InstallMultipleProtocolInterfaces (
2723 &Private
->DriverHandle
,
2724 &gEfiDevicePathProtocolGuid
,
2725 &mHddPasswordHiiVendorDevicePath
,
2726 &gEfiHiiConfigAccessProtocolGuid
,
2727 &Private
->ConfigAccess
,
2730 ASSERT_EFI_ERROR (Status
);
2731 if (EFI_ERROR (Status
)) {
2737 // Publish our HII data
2739 Private
->HiiHandle
= HiiAddPackages (
2740 &mHddPasswordVendorGuid
,
2741 Private
->DriverHandle
,
2742 HddPasswordDxeStrings
,
2746 if (Private
->HiiHandle
== NULL
) {
2748 return EFI_OUT_OF_RESOURCES
;
2751 *Instance
= Private
;
2756 Main entry for this driver.
2758 @param ImageHandle Image handle this driver.
2759 @param SystemTable Pointer to SystemTable.
2761 @retval EFI_SUCESS This function always complete successfully.
2766 HddPasswordDxeInit (
2767 IN EFI_HANDLE ImageHandle
,
2768 IN EFI_SYSTEM_TABLE
*SystemTable
2772 HDD_PASSWORD_DXE_PRIVATE_DATA
*Private
;
2773 EFI_EVENT Registration
;
2774 EFI_EVENT EndOfDxeEvent
;
2775 EDKII_VARIABLE_LOCK_PROTOCOL
*VariableLock
;
2780 // Initialize the configuration form of HDD Password.
2782 Status
= HddPasswordConfigFormInit (&Private
);
2783 if (EFI_ERROR (Status
)) {
2788 // Register HddPasswordNotificationEvent() notify function.
2790 EfiCreateProtocolNotifyEvent (
2791 &gEfiAtaPassThruProtocolGuid
,
2793 HddPasswordNotificationEvent
,
2798 Status
= gBS
->CreateEventEx (
2801 HddPasswordEndOfDxeEventNotify
,
2803 &gEfiEndOfDxeEventGroupGuid
,
2806 ASSERT_EFI_ERROR (Status
);
2809 // Make HDD_PASSWORD_VARIABLE_NAME varible read-only.
2811 Status
= gBS
->LocateProtocol (&gEdkiiVariableLockProtocolGuid
, NULL
, (VOID
**) &VariableLock
);
2812 if (!EFI_ERROR (Status
)) {
2813 Status
= VariableLock
->RequestToLock (
2815 HDD_PASSWORD_VARIABLE_NAME
,
2816 &mHddPasswordVendorGuid
2818 DEBUG ((DEBUG_INFO
, "%a(): Lock %s variable (%r)\n", __FUNCTION__
, HDD_PASSWORD_VARIABLE_NAME
, Status
));
2819 ASSERT_EFI_ERROR (Status
);