]>
Commit | Line | Data |
---|---|---|
9dd05dde ED |
1 | /** @file\r |
2 | Public API for Opal Core library.\r | |
3 | \r | |
a3068f06 | 4 | Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR>\r |
289b714b | 5 | SPDX-License-Identifier: BSD-2-Clause-Patent\r |
9dd05dde ED |
6 | \r |
7 | **/\r | |
59ed6433 | 8 | #include <Uefi.h>\r |
9dd05dde ED |
9 | #include <Library/BaseLib.h>\r |
10 | #include <Library/DebugLib.h>\r | |
11 | #include <Library/TcgStorageOpalLib.h>\r | |
a3068f06 | 12 | #include "TcgStorageOpalLibInternal.h"\r |
9dd05dde | 13 | \r |
d6b926e7 | 14 | #define OPAL_MSID_LENGTH 128\r |
9dd05dde ED |
15 | \r |
16 | /**\r | |
17 | Creates a session with OPAL_UID_ADMIN_SP as OPAL_ADMIN_SP_PSID_AUTHORITY, then reverts device using Admin SP Revert method.\r | |
18 | \r | |
19 | @param[in] Session, The session info for one opal device.\r | |
20 | @param[in] Psid PSID of device to revert.\r | |
21 | @param[in] PsidLength Length of PSID in bytes.\r | |
22 | \r | |
23 | **/\r | |
24 | TCG_RESULT\r | |
25 | EFIAPI\r | |
26 | OpalUtilPsidRevert(\r | |
27 | OPAL_SESSION *Session,\r | |
28 | const VOID *Psid,\r | |
29 | UINT32 PsidLength\r | |
30 | )\r | |
31 | {\r | |
32 | UINT8 MethodStatus;\r | |
33 | TCG_RESULT Ret;\r | |
a3068f06 | 34 | UINT32 RemovalTimeOut;\r |
9dd05dde ED |
35 | \r |
36 | NULL_CHECK(Session);\r | |
37 | NULL_CHECK(Psid);\r | |
38 | \r | |
a3068f06 ED |
39 | RemovalTimeOut = GetRevertTimeOut (Session);\r |
40 | DEBUG ((DEBUG_INFO, "OpalUtilPsidRevert: Timeout value = %d\n", RemovalTimeOut));\r | |
41 | \r | |
9dd05dde ED |
42 | Ret = OpalStartSession(\r |
43 | Session,\r | |
44 | OPAL_UID_ADMIN_SP,\r | |
45 | TRUE,\r | |
46 | PsidLength,\r | |
47 | Psid,\r | |
48 | OPAL_ADMIN_SP_PSID_AUTHORITY,\r | |
49 | &MethodStatus);\r | |
50 | if (Ret == TcgResultSuccess && MethodStatus == TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
a3068f06 | 51 | Ret = OpalPyrite2PsidRevert(Session, RemovalTimeOut);\r |
9dd05dde ED |
52 | if (Ret != TcgResultSuccess) {\r |
53 | //\r | |
54 | // If revert was successful, session was already ended by TPer, so only end session on failure\r | |
55 | //\r | |
56 | OpalEndSession(Session);\r | |
57 | }\r | |
58 | }\r | |
59 | \r | |
60 | if (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
61 | Ret = TcgResultFailure;\r | |
62 | }\r | |
63 | \r | |
64 | return Ret;\r | |
65 | }\r | |
66 | \r | |
67 | /**\r | |
68 | Opens a session with OPAL_UID_ADMIN_SP as OPAL_ADMIN_SP_SID_AUTHORITY,\r | |
69 | sets the OPAL_UID_ADMIN_SP_C_PIN_SID column with the new password,\r | |
70 | and activates the locking SP to copy SID PIN to Admin1 Locking SP PIN\r | |
71 | \r | |
72 | @param[in] Session, The session info for one opal device.\r | |
73 | @param[in] GeneratedSid Generated SID of disk\r | |
74 | @param[in] SidLength Length of generatedSid in bytes\r | |
75 | @param[in] Password New admin password to set\r | |
76 | @param[in] PassLength Length of password in bytes\r | |
77 | \r | |
78 | **/\r | |
79 | TCG_RESULT\r | |
80 | EFIAPI\r | |
81 | OpalUtilSetAdminPasswordAsSid(\r | |
82 | OPAL_SESSION *Session,\r | |
83 | const VOID *GeneratedSid,\r | |
84 | UINT32 SidLength,\r | |
85 | const VOID *Password,\r | |
86 | UINT32 PassLength\r | |
87 | )\r | |
88 | {\r | |
89 | UINT8 MethodStatus;\r | |
90 | TCG_RESULT Ret;\r | |
91 | \r | |
92 | NULL_CHECK(Session);\r | |
93 | NULL_CHECK(GeneratedSid);\r | |
94 | NULL_CHECK(Password);\r | |
95 | \r | |
96 | Ret = OpalStartSession(\r | |
97 | Session,\r | |
98 | OPAL_UID_ADMIN_SP,\r | |
99 | TRUE,\r | |
100 | SidLength,\r | |
101 | GeneratedSid,\r | |
102 | OPAL_ADMIN_SP_SID_AUTHORITY,\r | |
103 | &MethodStatus\r | |
104 | );\r | |
105 | if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
106 | DEBUG ((DEBUG_INFO, "start session with admin SP as SID authority failed: Ret=%d MethodStatus=%u\n", Ret, MethodStatus));\r | |
107 | goto done;\r | |
108 | }\r | |
109 | \r | |
110 | //\r | |
111 | // 1. Update SID = new Password\r | |
112 | //\r | |
113 | Ret = OpalSetPassword(\r | |
114 | Session,\r | |
115 | OPAL_UID_ADMIN_SP_C_PIN_SID,\r | |
116 | Password,\r | |
117 | PassLength,\r | |
118 | &MethodStatus\r | |
119 | );\r | |
120 | \r | |
121 | if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
122 | OpalEndSession(Session);\r | |
123 | DEBUG ((DEBUG_INFO, "set Password failed: Ret=%d MethodStatus=%u\n", Ret, MethodStatus));\r | |
124 | goto done;\r | |
125 | }\r | |
126 | \r | |
127 | //\r | |
128 | // 2. Activate locking SP\r | |
129 | //\r | |
130 | Ret = OpalActivateLockingSp(Session, &MethodStatus);\r | |
131 | OpalEndSession(Session);\r | |
132 | if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
133 | DEBUG ((DEBUG_INFO, "activate locking SP failed: Ret=%d MethodStatus=%u\n", Ret, MethodStatus));\r | |
134 | goto done;\r | |
135 | }\r | |
136 | \r | |
137 | done:\r | |
138 | if (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
139 | Ret = TcgResultFailure;\r | |
140 | }\r | |
141 | return Ret;\r | |
142 | }\r | |
143 | \r | |
144 | /**\r | |
145 | \r | |
146 | Opens a session with OPAL_UID_LOCKING_SP as OPAL_LOCKING_SP_ADMIN1_AUTHORITY,\r | |
147 | and updates the specified locking range with the provided column values\r | |
148 | \r | |
149 | @param[in] Session, The session info for one opal device.\r | |
150 | @param[in] Password New admin password to set\r | |
151 | @param[in] PassLength Length of password in bytes\r | |
152 | @param[in] LockingRangeUid Locking range UID to set values\r | |
153 | @param[in] RangeStart Value to set RangeStart column for Locking Range\r | |
154 | @param[in] RangeLength Value to set RangeLength column for Locking Range\r | |
155 | @param[in] ReadLockEnabled Value to set readLockEnabled column for Locking Range\r | |
156 | @param[in] WriteLockEnabled Value to set writeLockEnabled column for Locking Range\r | |
157 | @param[in] ReadLocked Value to set ReadLocked column for Locking Range\r | |
158 | @param[in] WriteLocked Value to set WriteLocked column for Locking Range\r | |
159 | \r | |
160 | **/\r | |
161 | TCG_RESULT\r | |
162 | EFIAPI\r | |
163 | OpalUtilSetOpalLockingRange(\r | |
164 | OPAL_SESSION *Session,\r | |
165 | const VOID *Password,\r | |
166 | UINT32 PassLength,\r | |
167 | TCG_UID LockingRangeUid,\r | |
168 | UINT64 RangeStart,\r | |
169 | UINT64 RangeLength,\r | |
170 | BOOLEAN ReadLockEnabled,\r | |
171 | BOOLEAN WriteLockEnabled,\r | |
172 | BOOLEAN ReadLocked,\r | |
173 | BOOLEAN WriteLocked\r | |
174 | )\r | |
175 | {\r | |
176 | UINT8 MethodStatus;\r | |
177 | TCG_RESULT Ret;\r | |
178 | \r | |
179 | NULL_CHECK(Session);\r | |
180 | NULL_CHECK(Password);\r | |
181 | \r | |
182 | //\r | |
183 | // Start session with Locking SP using current admin Password\r | |
184 | //\r | |
185 | Ret = OpalStartSession(\r | |
186 | Session,\r | |
187 | OPAL_UID_LOCKING_SP,\r | |
188 | TRUE,\r | |
189 | PassLength,\r | |
190 | Password,\r | |
191 | OPAL_LOCKING_SP_ADMIN1_AUTHORITY,\r | |
192 | &MethodStatus);\r | |
193 | if ((Ret != TcgResultSuccess) || (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS)) {\r | |
194 | DEBUG ((DEBUG_INFO, "start session with locking SP failed: Ret=%d MethodStatus=%u\n", Ret, MethodStatus));\r | |
195 | goto done;\r | |
196 | }\r | |
197 | \r | |
198 | //\r | |
199 | // Enable locking range\r | |
200 | //\r | |
201 | Ret = OpalSetLockingRange(\r | |
202 | Session,\r | |
203 | LockingRangeUid,\r | |
204 | RangeStart,\r | |
205 | RangeLength,\r | |
206 | ReadLockEnabled,\r | |
207 | WriteLockEnabled,\r | |
208 | ReadLocked,\r | |
209 | WriteLocked,\r | |
210 | &MethodStatus);\r | |
211 | \r | |
212 | OpalEndSession(Session);\r | |
213 | if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
214 | DEBUG ((DEBUG_INFO, "set locking range failed: Ret=%d MethodStatus=0x%x\n", Ret, MethodStatus));\r | |
215 | }\r | |
216 | \r | |
217 | done:\r | |
218 | if (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
219 | Ret = TcgResultFailure;\r | |
220 | }\r | |
221 | return Ret;\r | |
222 | }\r | |
223 | \r | |
224 | /**\r | |
225 | Opens a session with OPAL_UID_ADMIN_SP as OPAL_ADMIN_SP_SID_AUTHORITY,\r | |
226 | sets OPAL_UID_ADMIN_SP_C_PIN_SID with the new password,\r | |
227 | and sets OPAL_LOCKING_SP_C_PIN_ADMIN1 with the new password.\r | |
228 | \r | |
229 | @param[in] Session, The session info for one opal device.\r | |
230 | @param[in] OldPassword Current admin password\r | |
231 | @param[in] OldPasswordLength Length of current admin password in bytes\r | |
232 | @param[in] NewPassword New admin password to set\r | |
233 | @param[in] NewPasswordLength Length of new password in bytes\r | |
234 | \r | |
235 | **/\r | |
236 | TCG_RESULT\r | |
237 | EFIAPI\r | |
238 | OpalUtilSetAdminPassword(\r | |
239 | OPAL_SESSION *Session,\r | |
240 | const VOID *OldPassword,\r | |
241 | UINT32 OldPasswordLength,\r | |
242 | const VOID *NewPassword,\r | |
243 | UINT32 NewPasswordLength\r | |
244 | )\r | |
245 | {\r | |
246 | TCG_RESULT Ret;\r | |
247 | UINT8 MethodStatus;\r | |
248 | \r | |
249 | NULL_CHECK(Session);\r | |
250 | NULL_CHECK(OldPassword);\r | |
251 | NULL_CHECK(NewPassword);\r | |
252 | \r | |
253 | //\r | |
254 | // Unknown ownership\r | |
255 | //\r | |
256 | Ret = OpalStartSession(\r | |
257 | Session,\r | |
258 | OPAL_UID_ADMIN_SP,\r | |
259 | TRUE,\r | |
260 | OldPasswordLength,\r | |
261 | OldPassword,\r | |
262 | OPAL_ADMIN_SP_SID_AUTHORITY,\r | |
263 | &MethodStatus\r | |
264 | );\r | |
265 | if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
266 | DEBUG ((DEBUG_INFO, "start session with admin SP using old Password failed\n"));\r | |
267 | goto done;\r | |
268 | }\r | |
269 | \r | |
270 | //\r | |
271 | // Update SID = new pw\r | |
272 | //\r | |
273 | Ret = OpalSetPassword(Session, OPAL_UID_ADMIN_SP_C_PIN_SID, NewPassword, NewPasswordLength, &MethodStatus);\r | |
274 | OpalEndSession(Session);\r | |
275 | if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
276 | DEBUG ((DEBUG_INFO, "set new admin SP Password failed\n"));\r | |
277 | goto done;\r | |
278 | }\r | |
279 | \r | |
280 | Ret = OpalStartSession(\r | |
281 | Session,\r | |
282 | OPAL_UID_LOCKING_SP,\r | |
283 | TRUE,\r | |
284 | OldPasswordLength,\r | |
285 | OldPassword,\r | |
286 | OPAL_LOCKING_SP_ADMIN1_AUTHORITY,\r | |
287 | &MethodStatus\r | |
288 | );\r | |
289 | if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
290 | DEBUG ((DEBUG_INFO, "start session with locking SP using old Password failed\n"));\r | |
291 | goto done;\r | |
292 | }\r | |
293 | \r | |
294 | //\r | |
295 | // Update admin locking SP to new pw\r | |
296 | //\r | |
297 | Ret = OpalSetPassword(Session, OPAL_LOCKING_SP_C_PIN_ADMIN1, NewPassword, NewPasswordLength, &MethodStatus);\r | |
298 | OpalEndSession(Session);\r | |
299 | if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
300 | DEBUG ((DEBUG_INFO, "set new locking SP Password failed\n"));\r | |
301 | goto done;\r | |
302 | }\r | |
303 | \r | |
304 | done:\r | |
305 | if (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
306 | Ret = TcgResultFailure;\r | |
307 | }\r | |
308 | return Ret;\r | |
309 | }\r | |
310 | \r | |
311 | /**\r | |
312 | Starts a session with OPAL_UID_LOCKING_SP as OPAL_LOCKING_SP_USER1_AUTHORITY or OPAL_LOCKING_SP_ADMIN1_AUTHORITY\r | |
313 | and sets the User1 SP authority to enabled and sets the User1 password.\r | |
314 | \r | |
315 | @param[in] Session, The session info for one opal device.\r | |
316 | @param[in] OldPassword Current admin password\r | |
317 | @param[in] OldPasswordLength Length of current admin password in bytes\r | |
318 | @param[in] NewPassword New admin password to set\r | |
319 | @param[in] NewPasswordLength Length of new password in bytes\r | |
320 | \r | |
321 | **/\r | |
322 | TCG_RESULT\r | |
323 | EFIAPI\r | |
324 | OpalUtilSetUserPassword(\r | |
325 | OPAL_SESSION *Session,\r | |
326 | const VOID *OldPassword,\r | |
327 | UINT32 OldPasswordLength,\r | |
328 | const VOID *NewPassword,\r | |
329 | UINT32 NewPasswordLength\r | |
330 | )\r | |
331 | {\r | |
332 | UINT8 MethodStatus;\r | |
333 | TCG_RESULT Ret;\r | |
334 | \r | |
335 | NULL_CHECK(Session);\r | |
336 | NULL_CHECK(OldPassword);\r | |
337 | NULL_CHECK(NewPassword);\r | |
338 | \r | |
339 | //\r | |
340 | // See if updating user1 authority\r | |
341 | //\r | |
342 | Ret = OpalStartSession(\r | |
343 | Session,\r | |
344 | OPAL_UID_LOCKING_SP,\r | |
345 | TRUE,\r | |
346 | OldPasswordLength,\r | |
347 | OldPassword,\r | |
348 | OPAL_LOCKING_SP_USER1_AUTHORITY,\r | |
349 | &MethodStatus\r | |
350 | );\r | |
351 | if (Ret == TcgResultSuccess && MethodStatus == TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
352 | Ret = OpalSetPassword(\r | |
353 | Session,\r | |
354 | OPAL_LOCKING_SP_C_PIN_USER1,\r | |
355 | NewPassword,\r | |
356 | NewPasswordLength,\r | |
357 | &MethodStatus\r | |
358 | );\r | |
359 | OpalEndSession(Session);\r | |
360 | if (Ret == TcgResultSuccess && MethodStatus == TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
361 | return Ret;\r | |
362 | }\r | |
363 | }\r | |
364 | \r | |
365 | //\r | |
366 | // Setting Password for first time or setting Password as admin\r | |
367 | //\r | |
368 | \r | |
369 | //\r | |
370 | // Start session with Locking SP using current admin Password\r | |
371 | //\r | |
372 | Ret = OpalStartSession(\r | |
373 | Session,\r | |
374 | OPAL_UID_LOCKING_SP,\r | |
375 | TRUE,\r | |
376 | OldPasswordLength,\r | |
377 | OldPassword,\r | |
378 | OPAL_LOCKING_SP_ADMIN1_AUTHORITY,\r | |
379 | &MethodStatus\r | |
380 | );\r | |
381 | if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
382 | DEBUG ((DEBUG_INFO, "StartSession with locking SP as admin1 authority failed\n"));\r | |
383 | goto done;\r | |
384 | }\r | |
385 | \r | |
386 | //\r | |
387 | // Enable User1 and set its PIN\r | |
388 | //\r | |
389 | Ret = OpalSetLockingSpAuthorityEnabledAndPin(\r | |
390 | Session,\r | |
391 | OPAL_LOCKING_SP_C_PIN_USER1,\r | |
392 | OPAL_LOCKING_SP_USER1_AUTHORITY,\r | |
393 | NewPassword,\r | |
394 | NewPasswordLength,\r | |
395 | &MethodStatus\r | |
396 | );\r | |
397 | OpalEndSession(Session);\r | |
398 | if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
399 | DEBUG ((DEBUG_INFO, "OpalSetLockingSpAuthorityEnabledAndPin failed\n"));\r | |
400 | goto done;\r | |
401 | }\r | |
402 | \r | |
403 | done:\r | |
404 | if (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
405 | Ret = TcgResultFailure;\r | |
406 | }\r | |
407 | return Ret;\r | |
408 | }\r | |
409 | \r | |
410 | /**\r | |
411 | Verify whether user input the correct password.\r | |
412 | \r | |
413 | @param[in] Session, The session info for one opal device.\r | |
414 | @param[in] Password Admin password\r | |
415 | @param[in] PasswordLength Length of password in bytes\r | |
416 | @param[in/out] HostSigningAuthority Use the Host signing authority type.\r | |
417 | \r | |
418 | **/\r | |
419 | TCG_RESULT\r | |
420 | EFIAPI\r | |
421 | OpalUtilVerifyPassword (\r | |
422 | OPAL_SESSION *Session,\r | |
423 | const VOID *Password,\r | |
424 | UINT32 PasswordLength,\r | |
425 | TCG_UID HostSigningAuthority\r | |
426 | )\r | |
427 | {\r | |
428 | TCG_RESULT Ret;\r | |
429 | UINT8 MethodStatus;\r | |
430 | \r | |
431 | NULL_CHECK(Session);\r | |
432 | NULL_CHECK(Password);\r | |
433 | \r | |
434 | Ret = OpalStartSession(\r | |
435 | Session,\r | |
436 | OPAL_UID_LOCKING_SP,\r | |
437 | TRUE,\r | |
438 | PasswordLength,\r | |
439 | Password,\r | |
440 | HostSigningAuthority,\r | |
441 | &MethodStatus);\r | |
442 | if (Ret == TcgResultSuccess && MethodStatus == TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
443 | OpalEndSession(Session);\r | |
444 | return TcgResultSuccess;\r | |
445 | }\r | |
446 | \r | |
447 | return TcgResultFailure;\r | |
448 | }\r | |
449 | \r | |
450 | /**\r | |
451 | Starts a session with OPAL_UID_LOCKING_SP as OPAL_LOCKING_SP_USER1_AUTHORITY or OPAL_LOCKING_SP_ADMIN1_AUTHORITY\r | |
452 | and generates a new global locking range key to erase the Data.\r | |
453 | \r | |
454 | @param[in] Session, The session info for one opal device.\r | |
455 | @param[in] Password Admin or user password\r | |
456 | @param[in] PasswordLength Length of password in bytes\r | |
457 | @param[in/out] PasswordFailed indicates if password failed (start session didn't work)\r | |
458 | \r | |
459 | **/\r | |
460 | TCG_RESULT\r | |
461 | EFIAPI\r | |
462 | OpalUtilSecureErase(\r | |
463 | OPAL_SESSION *Session,\r | |
464 | const VOID *Password,\r | |
465 | UINT32 PasswordLength,\r | |
466 | BOOLEAN *PasswordFailed\r | |
467 | )\r | |
468 | {\r | |
469 | UINT8 MethodStatus;\r | |
470 | TCG_RESULT Ret;\r | |
471 | \r | |
472 | NULL_CHECK(Session);\r | |
473 | NULL_CHECK(Password);\r | |
474 | NULL_CHECK(PasswordFailed);\r | |
475 | \r | |
476 | //\r | |
477 | // Try to generate a new key with admin1\r | |
478 | //\r | |
479 | Ret = OpalStartSession(\r | |
480 | Session,\r | |
481 | OPAL_UID_LOCKING_SP,\r | |
482 | TRUE,\r | |
483 | PasswordLength,\r | |
484 | Password,\r | |
485 | OPAL_LOCKING_SP_ADMIN1_AUTHORITY,\r | |
486 | &MethodStatus\r | |
487 | );\r | |
488 | \r | |
489 | if (Ret == TcgResultSuccess && MethodStatus == TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
490 | Ret = OpalGlobalLockingRangeGenKey(Session, &MethodStatus);\r | |
491 | *PasswordFailed = FALSE;\r | |
492 | OpalEndSession(Session);\r | |
493 | } else {\r | |
494 | //\r | |
495 | // Try to generate a new key with user1\r | |
496 | //\r | |
497 | Ret = OpalStartSession(\r | |
498 | Session,\r | |
499 | OPAL_UID_LOCKING_SP,\r | |
500 | TRUE,\r | |
501 | PasswordLength,\r | |
502 | Password,\r | |
503 | OPAL_LOCKING_SP_USER1_AUTHORITY,\r | |
504 | &MethodStatus\r | |
505 | );\r | |
506 | \r | |
507 | if (Ret == TcgResultSuccess && MethodStatus == TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
508 | Ret = OpalGlobalLockingRangeGenKey(Session, &MethodStatus);\r | |
509 | *PasswordFailed = FALSE;\r | |
510 | OpalEndSession(Session);\r | |
511 | } else {\r | |
512 | *PasswordFailed = TRUE;\r | |
513 | }\r | |
514 | }\r | |
515 | \r | |
516 | if (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
517 | Ret = TcgResultFailure;\r | |
518 | }\r | |
519 | return Ret;\r | |
520 | }\r | |
521 | \r | |
522 | /**\r | |
523 | Starts a session with OPAL_UID_LOCKING_SP as OPAL_LOCKING_SP_ADMIN1_AUTHORITY and disables the User1 authority.\r | |
524 | \r | |
525 | @param[in] Session, The session info for one opal device.\r | |
526 | @param[in] Password Admin password\r | |
527 | @param[in] PasswordLength Length of password in bytes\r | |
528 | @param[in/out] PasswordFailed indicates if password failed (start session didn't work)\r | |
529 | \r | |
530 | **/\r | |
531 | TCG_RESULT\r | |
532 | EFIAPI\r | |
533 | OpalUtilDisableUser(\r | |
534 | OPAL_SESSION *Session,\r | |
535 | const VOID *Password,\r | |
536 | UINT32 PasswordLength,\r | |
537 | BOOLEAN *PasswordFailed\r | |
538 | )\r | |
539 | {\r | |
540 | UINT8 MethodStatus;\r | |
541 | TCG_RESULT Ret;\r | |
542 | \r | |
543 | NULL_CHECK(Session);\r | |
544 | NULL_CHECK(Password);\r | |
545 | NULL_CHECK(PasswordFailed);\r | |
546 | \r | |
547 | //\r | |
548 | // Start session with Locking SP using current admin Password\r | |
549 | //\r | |
550 | Ret = OpalStartSession(\r | |
551 | Session,\r | |
552 | OPAL_UID_LOCKING_SP,\r | |
553 | TRUE,\r | |
554 | PasswordLength,\r | |
555 | Password,\r | |
556 | OPAL_LOCKING_SP_ADMIN1_AUTHORITY,\r | |
557 | &MethodStatus\r | |
558 | );\r | |
559 | if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
560 | DEBUG ((DEBUG_INFO, "StartSession with Locking SP as Admin1 failed\n"));\r | |
561 | *PasswordFailed = TRUE;\r | |
562 | goto done;\r | |
563 | }\r | |
564 | \r | |
565 | *PasswordFailed = FALSE;\r | |
566 | Ret = OpalDisableUser(Session, &MethodStatus);\r | |
567 | OpalEndSession(Session);\r | |
568 | \r | |
569 | done:\r | |
570 | if (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
571 | Ret = TcgResultFailure;\r | |
572 | }\r | |
573 | return Ret;\r | |
574 | }\r | |
575 | \r | |
576 | /**\r | |
577 | Opens a session with OPAL_UID_ADMIN_SP as OPAL_ADMIN_SP_PSID_AUTHORITY, then reverts the device using the RevertSP method.\r | |
578 | \r | |
579 | @param[in] Session, The session info for one opal device.\r | |
580 | @param[in] KeepUserData TRUE to keep existing Data on the disk, or FALSE to erase it\r | |
581 | @param[in] Password Admin password\r | |
582 | @param[in] PasswordLength Length of password in bytes\r | |
583 | @param[in/out] PasswordFailed indicates if password failed (start session didn't work)\r | |
584 | @param[in] Msid Msid info.\r | |
585 | @param[in] MsidLength Msid data length.\r | |
586 | \r | |
587 | **/\r | |
588 | TCG_RESULT\r | |
589 | EFIAPI\r | |
590 | OpalUtilRevert(\r | |
591 | OPAL_SESSION *Session,\r | |
592 | BOOLEAN KeepUserData,\r | |
593 | const VOID *Password,\r | |
594 | UINT32 PasswordLength,\r | |
595 | BOOLEAN *PasswordFailed,\r | |
596 | UINT8 *Msid,\r | |
597 | UINT32 MsidLength\r | |
598 | )\r | |
599 | {\r | |
600 | UINT8 MethodStatus;\r | |
601 | TCG_RESULT Ret;\r | |
a3068f06 | 602 | UINT32 RemovalTimeOut;\r |
9dd05dde ED |
603 | \r |
604 | NULL_CHECK(Session);\r | |
605 | NULL_CHECK(Msid);\r | |
606 | NULL_CHECK(Password);\r | |
607 | NULL_CHECK(PasswordFailed);\r | |
608 | \r | |
a3068f06 ED |
609 | RemovalTimeOut = GetRevertTimeOut (Session);\r |
610 | DEBUG ((DEBUG_INFO, "OpalUtilRevert: Timeout value = %d\n", RemovalTimeOut));\r | |
611 | \r | |
9dd05dde ED |
612 | Ret = OpalStartSession(\r |
613 | Session,\r | |
614 | OPAL_UID_LOCKING_SP,\r | |
615 | TRUE,\r | |
616 | PasswordLength,\r | |
617 | Password,\r | |
618 | OPAL_LOCKING_SP_ADMIN1_AUTHORITY,\r | |
619 | &MethodStatus\r | |
620 | );\r | |
621 | \r | |
622 | if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
623 | DEBUG ((DEBUG_INFO, "error starting session: Ret=%d, MethodStatus=%u\n", Ret, MethodStatus));\r | |
624 | *PasswordFailed = TRUE;\r | |
625 | goto done;\r | |
626 | }\r | |
627 | \r | |
628 | *PasswordFailed = FALSE;\r | |
629 | //\r | |
630 | // Try to revert with admin1\r | |
631 | //\r | |
a3068f06 | 632 | Ret = OpalPyrite2AdminRevert(Session, KeepUserData, &MethodStatus, RemovalTimeOut);\r |
1e6844db | 633 | if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {\r |
9dd05dde ED |
634 | //\r |
635 | // Device ends the session on successful revert, so only call OpalEndSession when fail.\r | |
636 | //\r | |
637 | DEBUG ((DEBUG_INFO, "OpalAdminRevert as admin failed\n"));\r | |
638 | OpalEndSession(Session);\r | |
639 | }\r | |
640 | \r | |
641 | Ret = OpalUtilSetSIDtoMSID (Session, Password, PasswordLength, Msid, MsidLength);\r | |
642 | \r | |
643 | done:\r | |
644 | if (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
645 | Ret = TcgResultFailure;\r | |
646 | }\r | |
647 | return Ret;\r | |
648 | }\r | |
649 | \r | |
650 | /**\r | |
651 | After revert success, set SID to MSID.\r | |
652 | \r | |
653 | @param Session, The session info for one opal device.\r | |
654 | @param Password, Input password info.\r | |
655 | @param PasswordLength, Input password length.\r | |
656 | @param Msid Msid info.\r | |
657 | @param MsidLength Msid data length.\r | |
658 | \r | |
659 | **/\r | |
660 | TCG_RESULT\r | |
661 | EFIAPI\r | |
662 | OpalUtilSetSIDtoMSID (\r | |
663 | OPAL_SESSION *Session,\r | |
664 | const VOID *Password,\r | |
665 | UINT32 PasswordLength,\r | |
666 | UINT8 *Msid,\r | |
667 | UINT32 MsidLength\r | |
668 | )\r | |
669 | {\r | |
670 | TCG_RESULT Ret;\r | |
671 | UINT8 MethodStatus;\r | |
672 | \r | |
673 | NULL_CHECK(Session);\r | |
674 | NULL_CHECK(Msid);\r | |
675 | NULL_CHECK(Password);\r | |
676 | \r | |
677 | //\r | |
678 | // Start session with admin sp to update SID to MSID\r | |
679 | //\r | |
680 | Ret = OpalStartSession(\r | |
681 | Session,\r | |
682 | OPAL_UID_ADMIN_SP,\r | |
683 | TRUE,\r | |
684 | PasswordLength,\r | |
685 | Password,\r | |
686 | OPAL_ADMIN_SP_SID_AUTHORITY,\r | |
687 | &MethodStatus\r | |
688 | );\r | |
689 | if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
690 | goto done;\r | |
691 | }\r | |
692 | \r | |
693 | //\r | |
694 | // Update SID pin\r | |
695 | //\r | |
696 | Ret = OpalSetPassword(Session, OPAL_UID_ADMIN_SP_C_PIN_SID, Msid, MsidLength, &MethodStatus);\r | |
697 | OpalEndSession(Session);\r | |
698 | \r | |
699 | done:\r | |
700 | if (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
701 | Ret = TcgResultFailure;\r | |
702 | }\r | |
703 | \r | |
704 | return Ret;\r | |
705 | }\r | |
706 | \r | |
707 | /**\r | |
708 | Update global locking range.\r | |
709 | \r | |
710 | @param Session, The session info for one opal device.\r | |
711 | @param Password, Input password info.\r | |
712 | @param PasswordLength, Input password length.\r | |
713 | @param ReadLocked, Read lock info.\r | |
714 | @param WriteLocked write lock info.\r | |
715 | \r | |
716 | **/\r | |
717 | TCG_RESULT\r | |
718 | EFIAPI\r | |
719 | OpalUtilUpdateGlobalLockingRange(\r | |
720 | OPAL_SESSION *Session,\r | |
721 | const VOID *Password,\r | |
722 | UINT32 PasswordLength,\r | |
723 | BOOLEAN ReadLocked,\r | |
724 | BOOLEAN WriteLocked\r | |
725 | )\r | |
726 | {\r | |
727 | UINT8 MethodStatus;\r | |
728 | TCG_RESULT Ret;\r | |
729 | \r | |
730 | NULL_CHECK(Session);\r | |
731 | NULL_CHECK(Password);\r | |
732 | \r | |
733 | //\r | |
734 | // Try to start session with Locking SP as admin1 authority\r | |
735 | //\r | |
736 | Ret = OpalStartSession(\r | |
737 | Session,\r | |
738 | OPAL_UID_LOCKING_SP,\r | |
739 | TRUE,\r | |
740 | PasswordLength,\r | |
741 | Password,\r | |
742 | OPAL_LOCKING_SP_ADMIN1_AUTHORITY,\r | |
743 | &MethodStatus\r | |
744 | );\r | |
745 | if (Ret == TcgResultSuccess && MethodStatus == TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
746 | Ret = OpalUpdateGlobalLockingRange(\r | |
747 | Session,\r | |
748 | ReadLocked,\r | |
749 | WriteLocked,\r | |
750 | &MethodStatus\r | |
751 | );\r | |
752 | OpalEndSession(Session);\r | |
753 | if (Ret == TcgResultSuccess && MethodStatus == TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
754 | goto done;\r | |
755 | }\r | |
756 | }\r | |
757 | \r | |
758 | if (MethodStatus == TCG_METHOD_STATUS_CODE_AUTHORITY_LOCKED_OUT) {\r | |
759 | DEBUG ((DEBUG_INFO, "unlock as admin failed with AUTHORITY_LOCKED_OUT\n"));\r | |
9dd05dde ED |
760 | }\r |
761 | \r | |
762 | //\r | |
763 | // Try user1 authority\r | |
764 | //\r | |
765 | Ret = OpalStartSession(\r | |
766 | Session,\r | |
767 | OPAL_UID_LOCKING_SP,\r | |
768 | TRUE,\r | |
769 | PasswordLength,\r | |
770 | Password,\r | |
771 | OPAL_LOCKING_SP_USER1_AUTHORITY,\r | |
772 | &MethodStatus\r | |
773 | );\r | |
774 | if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
775 | DEBUG ((DEBUG_INFO, "StartSession with Locking SP as User1 failed\n"));\r | |
776 | goto done;\r | |
777 | }\r | |
778 | \r | |
779 | Ret = OpalUpdateGlobalLockingRange(Session, ReadLocked, WriteLocked, &MethodStatus);\r | |
780 | OpalEndSession(Session);\r | |
781 | \r | |
782 | done:\r | |
783 | if (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
54ae532c ED |
784 | if (MethodStatus == TCG_METHOD_STATUS_CODE_AUTHORITY_LOCKED_OUT) {\r |
785 | //\r | |
786 | // Caller need to know this special error, but return status not has type for it.\r | |
787 | // so here use TcgResultFailureInvalidType as an replacement.\r | |
788 | //\r | |
789 | Ret = TcgResultFailureInvalidType;\r | |
790 | } else {\r | |
791 | Ret = TcgResultFailure;\r | |
792 | }\r | |
9dd05dde ED |
793 | }\r |
794 | return Ret;\r | |
795 | }\r | |
796 | \r | |
797 | /**\r | |
798 | Update global locking range.\r | |
799 | \r | |
800 | @param Session, The session info for one opal device.\r | |
801 | @param Msid, The data buffer to save Msid info.\r | |
802 | @param MsidBufferLength, The data buffer length for Msid.\r | |
803 | @param MsidLength, The actual data length for Msid.\r | |
804 | \r | |
805 | **/\r | |
806 | TCG_RESULT\r | |
807 | EFIAPI\r | |
808 | OpalUtilGetMsid(\r | |
809 | OPAL_SESSION *Session,\r | |
810 | UINT8 *Msid,\r | |
811 | UINT32 MsidBufferLength,\r | |
812 | UINT32 *MsidLength\r | |
813 | )\r | |
814 | {\r | |
815 | UINT8 MethodStatus;\r | |
816 | TCG_RESULT Ret;\r | |
817 | \r | |
818 | NULL_CHECK(Session);\r | |
819 | NULL_CHECK(Msid);\r | |
820 | NULL_CHECK(MsidLength);\r | |
821 | \r | |
822 | Ret = OpalStartSession(\r | |
823 | Session,\r | |
824 | OPAL_UID_ADMIN_SP,\r | |
825 | TRUE,\r | |
826 | 0,\r | |
827 | NULL,\r | |
828 | TCG_UID_NULL,\r | |
829 | &MethodStatus\r | |
830 | );\r | |
831 | if ((Ret == TcgResultSuccess) && (MethodStatus == TCG_METHOD_STATUS_CODE_SUCCESS)) {\r | |
832 | Ret = OpalGetMsid (Session, MsidBufferLength, Msid, MsidLength);\r | |
833 | OpalEndSession (Session);\r | |
834 | }\r | |
835 | \r | |
836 | if (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
837 | Ret = TcgResultFailure;\r | |
838 | }\r | |
839 | \r | |
840 | return Ret;\r | |
841 | }\r | |
842 | \r | |
843 | /**\r | |
844 | \r | |
845 | The function determines who owns the device by attempting to start a session with different credentials.\r | |
846 | If the SID PIN matches the MSID PIN, the no one owns the device.\r | |
847 | If the SID PIN matches the ourSidPin, then "Us" owns the device. Otherwise it is unknown.\r | |
848 | \r | |
849 | \r | |
850 | @param[in] Session The session info for one opal device.\r | |
851 | @param Msid, The Msid info.\r | |
852 | @param MsidLength, The data length for Msid.\r | |
853 | \r | |
854 | **/\r | |
855 | OPAL_OWNER_SHIP\r | |
856 | EFIAPI\r | |
857 | OpalUtilDetermineOwnership(\r | |
858 | OPAL_SESSION *Session,\r | |
859 | UINT8 *Msid,\r | |
860 | UINT32 MsidLength\r | |
861 | )\r | |
862 | {\r | |
863 | UINT8 MethodStatus;\r | |
864 | TCG_RESULT Ret;\r | |
865 | OPAL_OWNER_SHIP Owner;\r | |
866 | \r | |
59ed6433 ED |
867 | if ((Session == NULL) || (Msid == NULL)) {\r |
868 | return OpalOwnershipUnknown;\r | |
869 | }\r | |
9dd05dde ED |
870 | \r |
871 | Owner = OpalOwnershipUnknown;\r | |
872 | //\r | |
873 | // Start Session as SID_UID with ADMIN_SP using MSID PIN\r | |
874 | //\r | |
875 | Ret = OpalStartSession(\r | |
876 | Session,\r | |
877 | OPAL_UID_ADMIN_SP,\r | |
878 | TRUE,\r | |
879 | MsidLength,\r | |
880 | Msid,\r | |
881 | OPAL_ADMIN_SP_SID_AUTHORITY,\r | |
882 | &MethodStatus);\r | |
883 | if ((Ret == TcgResultSuccess) && (MethodStatus == TCG_METHOD_STATUS_CODE_SUCCESS)) {\r | |
884 | //\r | |
885 | // now we know that SID PIN == MSID PIN\r | |
886 | //\r | |
887 | Owner = OpalOwnershipNobody;\r | |
888 | \r | |
889 | OpalEndSession(Session);\r | |
890 | }\r | |
891 | \r | |
892 | return Owner;\r | |
893 | }\r | |
894 | \r | |
895 | /**\r | |
896 | \r | |
897 | The function returns if admin password exists.\r | |
898 | \r | |
899 | @param[in] OwnerShip The owner ship of the opal device.\r | |
900 | @param[in] LockingFeature The locking info of the opal device.\r | |
901 | \r | |
902 | @retval TRUE Admin password existed.\r | |
903 | @retval FALSE Admin password not existed.\r | |
904 | \r | |
905 | **/\r | |
906 | BOOLEAN\r | |
907 | EFIAPI\r | |
908 | OpalUtilAdminPasswordExists(\r | |
909 | IN UINT16 OwnerShip,\r | |
910 | IN TCG_LOCKING_FEATURE_DESCRIPTOR *LockingFeature\r | |
911 | )\r | |
912 | {\r | |
913 | NULL_CHECK(LockingFeature);\r | |
914 | \r | |
915 | // if it is Unknown who owns the device\r | |
916 | // then someone has set password previously through our UI\r | |
917 | // because the SID would no longer match the generated SID (ownership us)\r | |
918 | // or someone has set password using 3rd party software\r | |
919 | \r | |
920 | //\r | |
921 | // Locking sp enabled is checked b/c it must be enabled to change the PIN of the Admin1.\r | |
922 | //\r | |
923 | return (OwnerShip == OpalOwnershipUnknown && LockingFeature->LockingEnabled);\r | |
924 | }\r | |
925 | \r | |
a3068f06 ED |
926 | /**\r |
927 | Get Active Data Removal Mechanism Value.\r | |
928 | \r | |
929 | @param[in] Session The session info for one opal device.\r | |
930 | @param[in] GeneratedSid Generated SID of disk\r | |
931 | @param[in] SidLength Length of generatedSid in bytes\r | |
932 | @param[out] ActiveDataRemovalMechanism Return the active data removal mechanism.\r | |
933 | \r | |
934 | **/\r | |
935 | TCG_RESULT\r | |
936 | EFIAPI\r | |
937 | OpalUtilGetActiveDataRemovalMechanism (\r | |
938 | OPAL_SESSION *Session,\r | |
939 | const VOID *GeneratedSid,\r | |
940 | UINT32 SidLength,\r | |
941 | UINT8 *ActiveDataRemovalMechanism\r | |
942 | )\r | |
943 | {\r | |
944 | TCG_RESULT Ret;\r | |
945 | UINT8 MethodStatus;\r | |
946 | \r | |
947 | NULL_CHECK(Session);\r | |
948 | NULL_CHECK(GeneratedSid);\r | |
949 | NULL_CHECK(ActiveDataRemovalMechanism);\r | |
950 | \r | |
951 | Ret = OpalStartSession(\r | |
952 | Session,\r | |
953 | OPAL_UID_ADMIN_SP,\r | |
954 | TRUE,\r | |
955 | SidLength,\r | |
956 | GeneratedSid,\r | |
957 | OPAL_ADMIN_SP_ANYBODY_AUTHORITY,\r | |
958 | &MethodStatus\r | |
959 | );\r | |
960 | if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
961 | DEBUG ((DEBUG_INFO, "Start session with admin SP as SID authority failed: Ret=%d MethodStatus=%u\n", Ret, MethodStatus));\r | |
962 | if (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {\r | |
963 | Ret = TcgResultFailure;\r | |
964 | }\r | |
965 | return Ret;\r | |
966 | }\r | |
967 | \r | |
968 | Ret = OpalPyrite2GetActiveDataRemovalMechanism (\r | |
969 | Session,\r | |
970 | ActiveDataRemovalMechanism\r | |
971 | );\r | |
972 | \r | |
973 | if (Ret != TcgResultSuccess) {\r | |
974 | DEBUG ((DEBUG_INFO, "Pyrite2 Get Active Data Removal Mechanism failed: Ret=%d\n", Ret));\r | |
975 | }\r | |
976 | \r | |
977 | OpalEndSession(Session);\r | |
978 | \r | |
979 | return Ret;\r | |
980 | }\r | |
981 | \r | |
982 | /**\r | |
983 | Calculate the estimated time.\r | |
984 | \r | |
4b8552d7 | 985 | @param[in] IsMinute Whether the input time value is minute type or second type.\r |
a3068f06 ED |
986 | @param[in] Time The input time value.\r |
987 | \r | |
988 | **/\r | |
989 | UINT32\r | |
990 | CalculateDataRemovalTime (\r | |
991 | IN BOOLEAN IsMinute,\r | |
992 | IN UINT16 Time\r | |
993 | )\r | |
994 | {\r | |
995 | if (IsMinute) {\r | |
996 | return Time * 2 * 60;\r | |
997 | } else {\r | |
998 | return Time * 2;\r | |
999 | }\r | |
1000 | }\r | |
1001 | \r | |
1002 | /**\r | |
1003 | Return the estimated time for specific type.\r | |
1004 | \r | |
1005 | @param[in] Index The input data removal type.\r | |
1006 | @param[in] Descriptor DATA_REMOVAL_FEATURE_DESCRIPTOR\r | |
1007 | \r | |
1008 | **/\r | |
1009 | UINT32\r | |
1010 | GetDataRemovalTime (\r | |
1011 | IN UINT8 Index,\r | |
1012 | IN DATA_REMOVAL_FEATURE_DESCRIPTOR *Descriptor\r | |
1013 | )\r | |
1014 | {\r | |
1015 | switch (Index) {\r | |
1016 | case OverwriteDataErase:\r | |
1017 | return CalculateDataRemovalTime (Descriptor->FormatBit0, SwapBytes16 (Descriptor->TimeBit0));\r | |
1018 | \r | |
1019 | case BlockErase:\r | |
1020 | return CalculateDataRemovalTime (Descriptor->FormatBit1, SwapBytes16 (Descriptor->TimeBit1));\r | |
1021 | \r | |
1022 | case CryptoErase:\r | |
1023 | return CalculateDataRemovalTime (Descriptor->FormatBit2, SwapBytes16 (Descriptor->TimeBit2));\r | |
1024 | \r | |
1025 | case Unmap:\r | |
1026 | return CalculateDataRemovalTime (Descriptor->FormatBit3, SwapBytes16 (Descriptor->TimeBit3));\r | |
1027 | \r | |
1028 | case ResetWritePointers:\r | |
1029 | return CalculateDataRemovalTime (Descriptor->FormatBit4, SwapBytes16 (Descriptor->TimeBit4));\r | |
1030 | \r | |
1031 | case VendorSpecificErase:\r | |
1032 | return CalculateDataRemovalTime (Descriptor->FormatBit5, SwapBytes16 (Descriptor->TimeBit5));\r | |
1033 | \r | |
1034 | default:\r | |
1035 | return 0;\r | |
1036 | }\r | |
1037 | }\r | |
1038 | \r | |
1039 | /**\r | |
1040 | Get the supported Data Removal Mechanism list.\r | |
1041 | \r | |
1042 | @param[in] Session The session info for one opal device.\r | |
1043 | @param[out] RemovalMechanismLists Return the supported data removal mechanism lists.\r | |
1044 | \r | |
1045 | **/\r | |
1046 | TCG_RESULT\r | |
1047 | EFIAPI\r | |
1048 | OpalUtilGetDataRemovalMechanismLists (\r | |
1049 | IN OPAL_SESSION *Session,\r | |
1050 | OUT UINT32 *RemovalMechanismLists\r | |
1051 | )\r | |
1052 | {\r | |
1053 | TCG_RESULT Ret;\r | |
1054 | UINTN DataSize;\r | |
1055 | DATA_REMOVAL_FEATURE_DESCRIPTOR Descriptor;\r | |
1056 | UINT8 Index;\r | |
1057 | UINT8 BitValue;\r | |
1058 | \r | |
1059 | NULL_CHECK(Session);\r | |
1060 | NULL_CHECK(RemovalMechanismLists);\r | |
1061 | \r | |
1062 | DataSize = sizeof (Descriptor);\r | |
1063 | Ret = OpalGetFeatureDescriptor (Session, TCG_FEATURE_DATA_REMOVAL, &DataSize, &Descriptor);\r | |
1064 | if (Ret != TcgResultSuccess) {\r | |
1065 | return TcgResultFailure;\r | |
1066 | }\r | |
1067 | \r | |
1068 | ASSERT (Descriptor.RemovalMechanism != 0);\r | |
1069 | \r | |
1070 | for (Index = 0; Index < ResearvedMechanism; Index ++) {\r | |
1071 | BitValue = (BOOLEAN) BitFieldRead8 (Descriptor.RemovalMechanism, Index, Index);\r | |
1072 | \r | |
1073 | if (BitValue == 0) {\r | |
1074 | RemovalMechanismLists[Index] = 0;\r | |
1075 | } else {\r | |
1076 | RemovalMechanismLists[Index] = GetDataRemovalTime (Index, &Descriptor);\r | |
1077 | }\r | |
1078 | }\r | |
1079 | \r | |
1080 | return TcgResultSuccess;\r | |
1081 | }\r | |
1082 | \r | |
1083 | /**\r | |
1084 | Get revert timeout value.\r | |
1085 | \r | |
1086 | @param[in] Session The session info for one opal device.\r | |
1087 | \r | |
1088 | **/\r | |
1089 | UINT32\r | |
1090 | GetRevertTimeOut (\r | |
1091 | IN OPAL_SESSION *Session\r | |
1092 | )\r | |
1093 | {\r | |
1094 | TCG_RESULT TcgResult;\r | |
1095 | OPAL_DISK_SUPPORT_ATTRIBUTE SupportedAttributes;\r | |
1096 | UINT16 BaseComId;\r | |
1097 | UINT32 MsidLength;\r | |
d6b926e7 | 1098 | UINT8 Msid[OPAL_MSID_LENGTH];\r |
a3068f06 ED |
1099 | UINT32 RemovalMechanishLists[ResearvedMechanism];\r |
1100 | UINT8 ActiveDataRemovalMechanism;\r | |
1101 | \r | |
1102 | TcgResult = OpalGetSupportedAttributesInfo (Session, &SupportedAttributes, &BaseComId);\r | |
1103 | if (TcgResult != TcgResultSuccess || SupportedAttributes.DataRemoval == 0) {\r | |
1104 | return 0;\r | |
1105 | }\r | |
1106 | \r | |
d6b926e7 | 1107 | TcgResult = OpalUtilGetMsid (Session, Msid, OPAL_MSID_LENGTH, &MsidLength);\r |
a3068f06 ED |
1108 | if (TcgResult != TcgResultSuccess) {\r |
1109 | return 0;\r | |
1110 | }\r | |
1111 | \r | |
1112 | TcgResult = OpalUtilGetDataRemovalMechanismLists (Session, RemovalMechanishLists);\r | |
1113 | if (TcgResult != TcgResultSuccess) {\r | |
1114 | return 0;\r | |
1115 | }\r | |
1116 | \r | |
1117 | TcgResult = OpalUtilGetActiveDataRemovalMechanism (Session, Msid, MsidLength, &ActiveDataRemovalMechanism);\r | |
1118 | if (TcgResult != TcgResultSuccess) {\r | |
1119 | return 0;\r | |
1120 | }\r | |
1121 | \r | |
1122 | return RemovalMechanishLists[ActiveDataRemovalMechanism];\r | |
1123 | }\r |