c777fc45 |
1 | /** @file\r |
05c82e51 |
2 | EFI Storage Security Command Protocol as defined in UEFI 2.3.1 specification.\r |
c777fc45 |
3 | This protocol is used to abstract mass storage devices to allow code running in\r |
4 | the EFI boot services environment to send security protocol commands to mass\r |
5 | storage devices without specific knowledge of the type of device or controller\r |
6 | that manages the device.\r |
7 | \r |
8 | Copyright (c) 2011, Intel Corporation. All rights reserved.<BR>\r |
9 | This program and the accompanying materials\r |
10 | are licensed and made available under the terms and conditions of the BSD License\r |
11 | which accompanies this distribution. The full text of the license may be found at\r |
12 | http://opensource.org/licenses/bsd-license.php\r |
13 | \r |
14 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r |
15 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r |
16 | \r |
17 | **/\r |
18 | \r |
19 | #ifndef __STORAGE_SECURITY_COMMAND_H__\r |
20 | #define __STORAGE_SECURITY_COMMAND_H__\r |
21 | \r |
22 | #define EFI_STORAGE_SECURITY_COMMAND_PROTOCOL_GUID \\r |
23 | { \\r |
24 | 0xC88B0B6D, 0x0DFC, 0x49A7, {0x9C, 0xB4, 0x49, 0x07, 0x4B, 0x4C, 0x3A, 0x78 } \\r |
25 | }\r |
26 | \r |
27 | typedef struct _EFI_STORAGE_SECURITY_COMMAND_PROTOCOL EFI_STORAGE_SECURITY_COMMAND_PROTOCOL;\r |
28 | \r |
29 | /**\r |
30 | Send a security protocol command to a device that receives data and/or the result\r |
31 | of one or more commands sent by SendData.\r |
32 | \r |
33 | The ReceiveData function sends a security protocol command to the given MediaId.\r |
34 | The security protocol command sent is defined by SecurityProtocolId and contains\r |
35 | the security protocol specific data SecurityProtocolSpecificData. The function\r |
36 | returns the data from the security protocol command in PayloadBuffer.\r |
37 | \r |
38 | For devices supporting the SCSI command set, the security protocol command is sent\r |
39 | using the SECURITY PROTOCOL IN command defined in SPC-4.\r |
40 | \r |
41 | For devices supporting the ATA command set, the security protocol command is sent\r |
42 | using one of the TRUSTED RECEIVE commands defined in ATA8-ACS if PayloadBufferSize\r |
43 | is non-zero.\r |
44 | \r |
45 | If the PayloadBufferSize is zero, the security protocol command is sent using the\r |
46 | Trusted Non-Data command defined in ATA8-ACS.\r |
47 | \r |
48 | If PayloadBufferSize is too small to store the available data from the security\r |
49 | protocol command, the function shall copy PayloadBufferSize bytes into the\r |
50 | PayloadBuffer and return EFI_WARN_BUFFER_TOO_SMALL.\r |
51 | \r |
52 | If PayloadBuffer or PayloadTransferSize is NULL and PayloadBufferSize is non-zero,\r |
53 | the function shall return EFI_INVALID_PARAMETER.\r |
54 | \r |
55 | If the given MediaId does not support security protocol commands, the function shall\r |
56 | return EFI_UNSUPPORTED. If there is no media in the device, the function returns\r |
57 | EFI_NO_MEDIA. If the MediaId is not the ID for the current media in the device,\r |
58 | the function returns EFI_MEDIA_CHANGED.\r |
59 | \r |
60 | If the security protocol fails to complete within the Timeout period, the function\r |
61 | shall return EFI_TIMEOUT.\r |
62 | \r |
63 | If the security protocol command completes without an error, the function shall\r |
64 | return EFI_SUCCESS. If the security protocol command completes with an error, the\r |
65 | function shall return EFI_DEVICE_ERROR.\r |
66 | \r |
67 | @param This Indicates a pointer to the calling context.\r |
68 | @param MediaId ID of the medium to receive data from.\r |
69 | @param Timeout The timeout, in 100ns units, to use for the execution\r |
70 | of the security protocol command. A Timeout value of 0\r |
71 | means that this function will wait indefinitely for the\r |
72 | security protocol command to execute. If Timeout is greater\r |
73 | than zero, then this function will return EFI_TIMEOUT if the\r |
74 | time required to execute the receive data command is greater than Timeout.\r |
75 | @param SecurityProtocolId The value of the "Security Protocol" parameter of\r |
76 | the security protocol command to be sent.\r |
77 | @param SecurityProtocolSpecificData The value of the "Security Protocol Specific" parameter\r |
78 | of the security protocol command to be sent.\r |
79 | @param PayloadBufferSize Size in bytes of the payload data buffer.\r |
80 | @param PayloadBuffer A pointer to a destination buffer to store the security\r |
81 | protocol command specific payload data for the security\r |
82 | protocol command. The caller is responsible for having\r |
83 | either implicit or explicit ownership of the buffer.\r |
84 | @param PayloadTransferSize A pointer to a buffer to store the size in bytes of the\r |
85 | data written to the payload data buffer.\r |
86 | \r |
87 | @retval EFI_SUCCESS The security protocol command completed successfully.\r |
88 | @retval EFI_WARN_BUFFER_TOO_SMALL The PayloadBufferSize was too small to store the available\r |
89 | data from the device. The PayloadBuffer contains the truncated data.\r |
90 | @retval EFI_UNSUPPORTED The given MediaId does not support security protocol commands.\r |
91 | @retval EFI_DEVICE_ERROR The security protocol command completed with an error.\r |
92 | @retval EFI_NO_MEDIA There is no media in the device.\r |
93 | @retval EFI_MEDIA_CHANGED The MediaId is not for the current media.\r |
94 | @retval EFI_INVALID_PARAMETER The PayloadBuffer or PayloadTransferSize is NULL and\r |
95 | PayloadBufferSize is non-zero.\r |
96 | @retval EFI_TIMEOUT A timeout occurred while waiting for the security\r |
97 | protocol command to execute.\r |
98 | \r |
99 | **/\r |
100 | typedef\r |
101 | EFI_STATUS\r |
102 | (EFIAPI *EFI_STORAGE_SECURITY_RECEIVE_DATA)(\r |
103 | IN EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *This,\r |
104 | IN UINT32 MediaId,\r |
105 | IN UINT64 Timeout,\r |
106 | IN UINT8 SecurityProtocolId,\r |
107 | IN UINT16 SecurityProtocolSpecificData,\r |
108 | IN UINTN PayloadBufferSize,\r |
109 | OUT VOID *PayloadBuffer,\r |
110 | OUT UINTN *PayloadTransferSize\r |
111 | );\r |
112 | \r |
113 | /**\r |
114 | Send a security protocol command to a device.\r |
115 | \r |
116 | The SendData function sends a security protocol command containing the payload\r |
117 | PayloadBuffer to the given MediaId. The security protocol command sent is\r |
118 | defined by SecurityProtocolId and contains the security protocol specific data\r |
119 | SecurityProtocolSpecificData. If the underlying protocol command requires a\r |
120 | specific padding for the command payload, the SendData function shall add padding\r |
121 | bytes to the command payload to satisfy the padding requirements.\r |
122 | \r |
123 | For devices supporting the SCSI command set, the security protocol command is sent\r |
124 | using the SECURITY PROTOCOL OUT command defined in SPC-4.\r |
125 | \r |
126 | For devices supporting the ATA command set, the security protocol command is sent\r |
127 | using one of the TRUSTED SEND commands defined in ATA8-ACS if PayloadBufferSize\r |
128 | is non-zero. If the PayloadBufferSize is zero, the security protocol command is\r |
129 | sent using the Trusted Non-Data command defined in ATA8-ACS.\r |
130 | \r |
131 | If PayloadBuffer is NULL and PayloadBufferSize is non-zero, the function shall\r |
132 | return EFI_INVALID_PARAMETER.\r |
133 | \r |
134 | If the given MediaId does not support security protocol commands, the function\r |
135 | shall return EFI_UNSUPPORTED. If there is no media in the device, the function\r |
136 | returns EFI_NO_MEDIA. If the MediaId is not the ID for the current media in the\r |
137 | device, the function returns EFI_MEDIA_CHANGED.\r |
138 | \r |
139 | If the security protocol fails to complete within the Timeout period, the function\r |
140 | shall return EFI_TIMEOUT.\r |
141 | \r |
142 | If the security protocol command completes without an error, the function shall return\r |
143 | EFI_SUCCESS. If the security protocol command completes with an error, the function\r |
144 | shall return EFI_DEVICE_ERROR.\r |
145 | \r |
146 | @param This Indicates a pointer to the calling context.\r |
147 | @param MediaId ID of the medium to receive data from.\r |
148 | @param Timeout The timeout, in 100ns units, to use for the execution\r |
149 | of the security protocol command. A Timeout value of 0\r |
150 | means that this function will wait indefinitely for the\r |
151 | security protocol command to execute. If Timeout is greater\r |
152 | than zero, then this function will return EFI_TIMEOUT if the \r |
153 | time required to execute the receive data command is greater than Timeout.\r |
154 | @param SecurityProtocolId The value of the "Security Protocol" parameter of\r |
155 | the security protocol command to be sent.\r |
156 | @param SecurityProtocolSpecificData The value of the "Security Protocol Specific" parameter\r |
157 | of the security protocol command to be sent.\r |
158 | @param PayloadBufferSize Size in bytes of the payload data buffer.\r |
159 | @param PayloadBuffer A pointer to a destination buffer to store the security\r |
160 | protocol command specific payload data for the security\r |
161 | protocol command.\r |
162 | \r |
163 | @retval EFI_SUCCESS The security protocol command completed successfully.\r |
164 | @retval EFI_UNSUPPORTED The given MediaId does not support security protocol commands.\r |
165 | @retval EFI_DEVICE_ERROR The security protocol command completed with an error.\r |
166 | @retval EFI_NO_MEDIA There is no media in the device.\r |
167 | @retval EFI_MEDIA_CHANGED The MediaId is not for the current media.\r |
168 | @retval EFI_INVALID_PARAMETER The PayloadBuffer is NULL and PayloadBufferSize is non-zero.\r |
169 | @retval EFI_TIMEOUT A timeout occurred while waiting for the security\r |
170 | protocol command to execute.\r |
171 | \r |
172 | **/\r |
173 | typedef\r |
174 | EFI_STATUS\r |
175 | (EFIAPI *EFI_STORAGE_SECURITY_SEND_DATA) (\r |
176 | IN EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *This,\r |
177 | IN UINT32 MediaId,\r |
178 | IN UINT64 Timeout,\r |
179 | IN UINT8 SecurityProtocolId,\r |
180 | IN UINT16 SecurityProtocolSpecificData,\r |
181 | IN UINTN PayloadBufferSize,\r |
182 | IN VOID *PayloadBuffer\r |
183 | );\r |
184 | \r |
185 | ///\r |
186 | /// The EFI_STORAGE_SECURITY_COMMAND_PROTOCOL is used to send security protocol\r |
187 | /// commands to a mass storage device. Two types of security protocol commands\r |
188 | /// are supported. SendData sends a command with data to a device. ReceiveData\r |
189 | /// sends a command that receives data and/or the result of one or more commands\r |
190 | /// sent by SendData.\r |
191 | ///\r |
192 | /// The security protocol command formats supported shall be based on the definition\r |
193 | /// of the SECURITY PROTOCOL IN and SECURITY PROTOCOL OUT commands defined in SPC-4.\r |
194 | /// If the device uses the SCSI command set, no translation is needed in the firmware\r |
195 | /// and the firmware can package the parameters into a SECURITY PROTOCOL IN or SECURITY\r |
196 | /// PROTOCOL OUT command and send the command to the device. If the device uses a\r |
197 | /// non-SCSI command set, the firmware shall map the command and data payload to the\r |
198 | /// corresponding command and payload format defined in the non-SCSI command set\r |
199 | /// (for example, TRUSTED RECEIVE and TRUSTED SEND in ATA8-ACS).\r |
200 | ///\r |
201 | /// The firmware shall automatically add an EFI_STORAGE_SECURITY_COMMAND_PROTOCOL\r |
202 | /// for any storage devices detected during system boot that support SPC-4, ATA8-ACS\r |
203 | /// or their successors.\r |
204 | ///\r |
205 | struct _EFI_STORAGE_SECURITY_COMMAND_PROTOCOL {\r |
206 | EFI_STORAGE_SECURITY_RECEIVE_DATA ReceiveData;\r |
207 | EFI_STORAGE_SECURITY_SEND_DATA SendData;\r |
208 | };\r |
209 | \r |
210 | extern EFI_GUID gEfiStorageSecurityCommandProtocolGuid;\r |
211 | \r |
212 | #endif\r |