]>
Commit | Line | Data |
---|---|---|
0c18794e | 1 | /** @file\r |
2 | TCG MOR (Memory Overwrite Request) Control Driver.\r | |
3 | \r | |
d6b926e7 | 4 | This driver initialize MemoryOverwriteRequestControl variable. It\r |
495ee9b8 TF |
5 | will clear MOR_CLEAR_MEMORY_BIT bit if it is set. It will also do TPer Reset for\r |
6 | those encrypted drives through EFI_STORAGE_SECURITY_COMMAND_PROTOCOL at EndOfDxe.\r | |
0c18794e | 7 | \r |
b3548d32 | 8 | Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>\r |
289b714b | 9 | SPDX-License-Identifier: BSD-2-Clause-Patent\r |
0c18794e | 10 | \r |
11 | **/\r | |
12 | \r | |
13 | #include "TcgMor.h"\r | |
14 | \r | |
c411b485 | 15 | UINT8 mMorControl;\r |
504dfa9d | 16 | \r |
17 | /**\r | |
18 | Ready to Boot Event notification handler.\r | |
19 | \r | |
504dfa9d | 20 | @param[in] Event Event whose notification function is being invoked\r |
21 | @param[in] Context Pointer to the notification function's context\r | |
22 | \r | |
23 | **/\r | |
24 | VOID\r | |
25 | EFIAPI\r | |
26 | OnReadyToBoot (\r | |
c411b485 MK |
27 | IN EFI_EVENT Event,\r |
28 | IN VOID *Context\r | |
504dfa9d | 29 | )\r |
30 | {\r | |
8a8c6c96 | 31 | EFI_STATUS Status;\r |
504dfa9d | 32 | UINTN DataSize;\r |
b3548d32 | 33 | \r |
504dfa9d | 34 | if (MOR_CLEAR_MEMORY_VALUE (mMorControl) == 0x0) {\r |
35 | //\r | |
36 | // MorControl is expected, directly return to avoid unnecessary variable operation\r | |
37 | //\r | |
c411b485 | 38 | return;\r |
504dfa9d | 39 | }\r |
c411b485 | 40 | \r |
504dfa9d | 41 | //\r |
42 | // Clear MOR_CLEAR_MEMORY_BIT\r | |
43 | //\r | |
e905fbb0 | 44 | DEBUG ((DEBUG_INFO, "TcgMor: Clear MorClearMemory bit\n"));\r |
b3548d32 | 45 | mMorControl &= 0xFE;\r |
504dfa9d | 46 | \r |
47 | DataSize = sizeof (mMorControl);\r | |
8a8c6c96 | 48 | Status = gRT->SetVariable (\r |
c411b485 MK |
49 | MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,\r |
50 | &gEfiMemoryOverwriteControlDataGuid,\r | |
51 | EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,\r | |
52 | DataSize,\r | |
53 | &mMorControl\r | |
54 | );\r | |
8a8c6c96 | 55 | if (EFI_ERROR (Status)) {\r |
edf8bc6d | 56 | DEBUG ((DEBUG_ERROR, "TcgMor: Clear MOR_CLEAR_MEMORY_BIT failure, Status = %r\n", Status));\r |
8a8c6c96 | 57 | }\r |
504dfa9d | 58 | }\r |
59 | \r | |
495ee9b8 TF |
60 | /**\r |
61 | Send TPer Reset command to reset eDrive to lock all protected bands.\r | |
62 | Typically, there are 2 mechanism for resetting eDrive. They are:\r | |
63 | 1. TPer Reset through IEEE 1667 protocol.\r | |
64 | 2. TPer Reset through native TCG protocol.\r | |
dd40a1f8 | 65 | This routine will detect what protocol the attached eDrive conform to, TCG or\r |
495ee9b8 TF |
66 | IEEE 1667 protocol. Then send out TPer Reset command separately.\r |
67 | \r | |
68 | @param[in] Ssp The pointer to EFI_STORAGE_SECURITY_COMMAND_PROTOCOL instance.\r | |
69 | @param[in] MediaId ID of the medium to receive data from or send data to.\r | |
70 | \r | |
71 | **/\r | |
72 | VOID\r | |
73 | InitiateTPerReset (\r | |
c411b485 MK |
74 | IN EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *Ssp,\r |
75 | IN UINT32 MediaId\r | |
495ee9b8 TF |
76 | )\r |
77 | {\r | |
495ee9b8 TF |
78 | EFI_STATUS Status;\r |
79 | UINT8 *Buffer;\r | |
80 | UINTN XferSize;\r | |
81 | UINTN Len;\r | |
82 | UINTN Index;\r | |
83 | BOOLEAN TcgFlag;\r | |
84 | BOOLEAN IeeeFlag;\r | |
85 | SUPPORTED_SECURITY_PROTOCOLS_PARAMETER_DATA *Data;\r | |
86 | \r | |
c411b485 MK |
87 | Buffer = NULL;\r |
88 | TcgFlag = FALSE;\r | |
89 | IeeeFlag = FALSE;\r | |
495ee9b8 TF |
90 | \r |
91 | //\r | |
92 | // ATA8-ACS 7.57.6.1 indicates the Transfer Length field requirements a multiple of 512.\r | |
93 | // If the length of the TRUSTED RECEIVE parameter data is greater than the Transfer Length,\r | |
94 | // then the device shall return the TRUSTED RECEIVE parameter data truncated to the requested Transfer Length.\r | |
95 | //\r | |
c411b485 MK |
96 | Len = ROUNDUP512 (sizeof (SUPPORTED_SECURITY_PROTOCOLS_PARAMETER_DATA));\r |
97 | Buffer = AllocateZeroPool (Len);\r | |
495ee9b8 TF |
98 | \r |
99 | if (Buffer == NULL) {\r | |
100 | return;\r | |
101 | }\r | |
102 | \r | |
103 | //\r | |
104 | // When the Security Protocol field is set to 00h, and SP Specific is set to 0000h in a TRUSTED RECEIVE\r | |
105 | // command, the device basic information data shall be returned.\r | |
106 | //\r | |
107 | Status = Ssp->ReceiveData (\r | |
108 | Ssp,\r | |
109 | MediaId,\r | |
110 | 100000000, // Timeout 10-sec\r | |
111 | 0, // SecurityProtocol\r | |
dd40a1f8 | 112 | 0, // SecurityProtocolSpecificData\r |
495ee9b8 TF |
113 | Len, // PayloadBufferSize,\r |
114 | Buffer, // PayloadBuffer\r | |
115 | &XferSize\r | |
116 | );\r | |
117 | if (EFI_ERROR (Status)) {\r | |
118 | goto Exit;\r | |
119 | }\r | |
120 | \r | |
121 | //\r | |
122 | // In returned data, the ListLength field indicates the total length, in bytes,\r | |
123 | // of the supported security protocol list.\r | |
124 | //\r | |
c411b485 MK |
125 | Data = (SUPPORTED_SECURITY_PROTOCOLS_PARAMETER_DATA *)Buffer;\r |
126 | Len = ROUNDUP512 (\r | |
127 | sizeof (SUPPORTED_SECURITY_PROTOCOLS_PARAMETER_DATA) +\r | |
128 | (Data->SupportedSecurityListLength[0] << 8) +\r | |
129 | (Data->SupportedSecurityListLength[1])\r | |
130 | );\r | |
495ee9b8 TF |
131 | \r |
132 | //\r | |
133 | // Free original buffer and allocate new buffer.\r | |
134 | //\r | |
c411b485 MK |
135 | FreePool (Buffer);\r |
136 | Buffer = AllocateZeroPool (Len);\r | |
495ee9b8 TF |
137 | if (Buffer == NULL) {\r |
138 | return;\r | |
139 | }\r | |
140 | \r | |
141 | //\r | |
142 | // Read full supported security protocol list from device.\r | |
143 | //\r | |
144 | Status = Ssp->ReceiveData (\r | |
145 | Ssp,\r | |
146 | MediaId,\r | |
147 | 100000000, // Timeout 10-sec\r | |
148 | 0, // SecurityProtocol\r | |
dd40a1f8 | 149 | 0, // SecurityProtocolSpecificData\r |
495ee9b8 TF |
150 | Len, // PayloadBufferSize,\r |
151 | Buffer, // PayloadBuffer\r | |
152 | &XferSize\r | |
153 | );\r | |
154 | \r | |
155 | if (EFI_ERROR (Status)) {\r | |
156 | goto Exit;\r | |
157 | }\r | |
158 | \r | |
c411b485 | 159 | Data = (SUPPORTED_SECURITY_PROTOCOLS_PARAMETER_DATA *)Buffer;\r |
495ee9b8 TF |
160 | Len = (Data->SupportedSecurityListLength[0] << 8) + Data->SupportedSecurityListLength[1];\r |
161 | \r | |
162 | //\r | |
163 | // Iterate full supported security protocol list to check if TCG or IEEE 1667 protocol\r | |
164 | // is supported.\r | |
165 | //\r | |
166 | for (Index = 0; Index < Len; Index++) {\r | |
167 | if (Data->SupportedSecurityProtocol[Index] == SECURITY_PROTOCOL_TCG) {\r | |
168 | //\r | |
169 | // Found a TCG device.\r | |
170 | //\r | |
171 | TcgFlag = TRUE;\r | |
e905fbb0 | 172 | DEBUG ((DEBUG_INFO, "This device is a TCG protocol device\n"));\r |
495ee9b8 TF |
173 | break;\r |
174 | }\r | |
175 | \r | |
176 | if (Data->SupportedSecurityProtocol[Index] == SECURITY_PROTOCOL_IEEE1667) {\r | |
177 | //\r | |
178 | // Found a IEEE 1667 device.\r | |
179 | //\r | |
180 | IeeeFlag = TRUE;\r | |
e905fbb0 | 181 | DEBUG ((DEBUG_INFO, "This device is a IEEE 1667 protocol device\n"));\r |
495ee9b8 TF |
182 | break;\r |
183 | }\r | |
184 | }\r | |
185 | \r | |
186 | if (!TcgFlag && !IeeeFlag) {\r | |
e905fbb0 | 187 | DEBUG ((DEBUG_INFO, "Neither a TCG nor IEEE 1667 protocol device is found\n"));\r |
495ee9b8 TF |
188 | goto Exit;\r |
189 | }\r | |
190 | \r | |
191 | if (TcgFlag) {\r | |
192 | //\r | |
193 | // As long as TCG protocol is supported, send out a TPer Reset\r | |
194 | // TCG command to the device via the TrustedSend command with a non-zero Transfer Length.\r | |
195 | //\r | |
196 | Status = Ssp->SendData (\r | |
197 | Ssp,\r | |
198 | MediaId,\r | |
199 | 100000000, // Timeout 10-sec\r | |
200 | SECURITY_PROTOCOL_TCG, // SecurityProtocol\r | |
dd40a1f8 | 201 | 0x0400, // SecurityProtocolSpecificData\r |
495ee9b8 TF |
202 | 512, // PayloadBufferSize,\r |
203 | Buffer // PayloadBuffer\r | |
204 | );\r | |
205 | \r | |
206 | if (!EFI_ERROR (Status)) {\r | |
e905fbb0 | 207 | DEBUG ((DEBUG_INFO, "Send TPer Reset Command Successfully !\n"));\r |
495ee9b8 | 208 | } else {\r |
e905fbb0 | 209 | DEBUG ((DEBUG_INFO, "Send TPer Reset Command Fail !\n"));\r |
495ee9b8 TF |
210 | }\r |
211 | }\r | |
212 | \r | |
213 | if (IeeeFlag) {\r | |
214 | //\r | |
215 | // TBD : Perform a TPer Reset via IEEE 1667 Protocol\r | |
216 | //\r | |
e905fbb0 | 217 | DEBUG ((DEBUG_INFO, "IEEE 1667 Protocol didn't support yet!\n"));\r |
495ee9b8 TF |
218 | }\r |
219 | \r | |
220 | Exit:\r | |
221 | \r | |
222 | if (Buffer != NULL) {\r | |
c411b485 | 223 | FreePool (Buffer);\r |
495ee9b8 TF |
224 | }\r |
225 | }\r | |
226 | \r | |
227 | /**\r | |
228 | Notification function of END_OF_DXE.\r | |
229 | \r | |
495ee9b8 TF |
230 | @param[in] Event Event whose notification function is being invoked.\r |
231 | @param[in] Context Pointer to the notification function's context.\r | |
232 | \r | |
233 | **/\r | |
234 | VOID\r | |
235 | EFIAPI\r | |
236 | TPerResetAtEndOfDxe (\r | |
237 | IN EFI_EVENT Event,\r | |
238 | IN VOID *Context\r | |
239 | )\r | |
240 | {\r | |
c411b485 MK |
241 | EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *Ssp;\r |
242 | EFI_BLOCK_IO_PROTOCOL *BlockIo;\r | |
243 | EFI_STATUS Status;\r | |
244 | UINTN HandleCount;\r | |
245 | EFI_HANDLE *HandleBuffer;\r | |
246 | UINTN Index;\r | |
495ee9b8 TF |
247 | \r |
248 | //\r | |
249 | // Locate all SSP protocol instances.\r | |
250 | //\r | |
251 | HandleCount = 0;\r | |
252 | HandleBuffer = NULL;\r | |
253 | \r | |
254 | Status = gBS->LocateHandleBuffer (\r | |
255 | ByProtocol,\r | |
256 | &gEfiStorageSecurityCommandProtocolGuid,\r | |
257 | NULL,\r | |
258 | &HandleCount,\r | |
259 | &HandleBuffer\r | |
260 | );\r | |
261 | \r | |
262 | if (EFI_ERROR (Status) || (HandleCount == 0) || (HandleBuffer == NULL)) {\r | |
263 | return;\r | |
264 | }\r | |
265 | \r | |
c411b485 | 266 | for (Index = 0; Index < HandleCount; Index++) {\r |
495ee9b8 TF |
267 | //\r |
268 | // Get the SSP interface.\r | |
269 | //\r | |
c411b485 | 270 | Status = gBS->HandleProtocol (\r |
495ee9b8 TF |
271 | HandleBuffer[Index],\r |
272 | &gEfiStorageSecurityCommandProtocolGuid,\r | |
c411b485 | 273 | (VOID **)&Ssp\r |
495ee9b8 TF |
274 | );\r |
275 | \r | |
276 | if (EFI_ERROR (Status)) {\r | |
277 | continue;\r | |
278 | }\r | |
279 | \r | |
c411b485 | 280 | Status = gBS->HandleProtocol (\r |
495ee9b8 TF |
281 | HandleBuffer[Index],\r |
282 | &gEfiBlockIoProtocolGuid,\r | |
c411b485 | 283 | (VOID **)&BlockIo\r |
495ee9b8 TF |
284 | );\r |
285 | \r | |
286 | if (EFI_ERROR (Status)) {\r | |
287 | continue;\r | |
288 | }\r | |
289 | \r | |
290 | InitiateTPerReset (Ssp, BlockIo->Media->MediaId);\r | |
291 | }\r | |
e9dfa1b5 SZ |
292 | \r |
293 | FreePool (HandleBuffer);\r | |
495ee9b8 | 294 | }\r |
504dfa9d | 295 | \r |
0c18794e | 296 | /**\r |
297 | Entry Point for TCG MOR Control driver.\r | |
298 | \r | |
299 | @param[in] ImageHandle Image handle of this driver.\r | |
300 | @param[in] SystemTable A Pointer to the EFI System Table.\r | |
301 | \r | |
d6b926e7 | 302 | @retval EFI_SUCCESS\r |
0c18794e | 303 | @return Others Some error occurs.\r |
304 | **/\r | |
305 | EFI_STATUS\r | |
306 | EFIAPI\r | |
307 | MorDriverEntryPoint (\r | |
308 | IN EFI_HANDLE ImageHandle,\r | |
309 | IN EFI_SYSTEM_TABLE *SystemTable\r | |
310 | )\r | |
311 | {\r | |
312 | EFI_STATUS Status;\r | |
0c18794e | 313 | UINTN DataSize;\r |
504dfa9d | 314 | EFI_EVENT Event;\r |
0c18794e | 315 | \r |
316 | ///\r | |
317 | /// The firmware is required to create the MemoryOverwriteRequestControl UEFI variable.\r | |
318 | ///\r | |
319 | \r | |
504dfa9d | 320 | DataSize = sizeof (mMorControl);\r |
c411b485 MK |
321 | Status = gRT->GetVariable (\r |
322 | MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,\r | |
323 | &gEfiMemoryOverwriteControlDataGuid,\r | |
324 | NULL,\r | |
325 | &DataSize,\r | |
326 | &mMorControl\r | |
327 | );\r | |
0c18794e | 328 | if (EFI_ERROR (Status)) {\r |
329 | //\r | |
330 | // Set default value to 0\r | |
331 | //\r | |
504dfa9d | 332 | mMorControl = 0;\r |
c411b485 MK |
333 | Status = gRT->SetVariable (\r |
334 | MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,\r | |
335 | &gEfiMemoryOverwriteControlDataGuid,\r | |
336 | EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,\r | |
337 | DataSize,\r | |
338 | &mMorControl\r | |
339 | );\r | |
e905fbb0 | 340 | DEBUG ((DEBUG_INFO, "TcgMor: Create MOR variable! Status = %r\n", Status));\r |
0c18794e | 341 | } else {\r |
0c18794e | 342 | //\r |
504dfa9d | 343 | // Create a Ready To Boot Event and Clear the MorControl bit in the call back function.\r |
0c18794e | 344 | //\r |
d6b926e7 | 345 | DEBUG ((DEBUG_INFO, "TcgMor: Create ReadyToBoot Event for MorControl Bit cleaning!\n"));\r |
504dfa9d | 346 | Status = EfiCreateEventReadyToBootEx (\r |
347 | TPL_CALLBACK,\r | |
348 | OnReadyToBoot,\r | |
349 | NULL,\r | |
350 | &Event\r | |
351 | );\r | |
495ee9b8 TF |
352 | if (EFI_ERROR (Status)) {\r |
353 | return Status;\r | |
354 | }\r | |
355 | \r | |
356 | //\r | |
357 | // Register EFI_END_OF_DXE_EVENT_GROUP_GUID event.\r | |
358 | //\r | |
e905fbb0 | 359 | DEBUG ((DEBUG_INFO, "TcgMor: Create EndofDxe Event for Mor TPer Reset!\n"));\r |
495ee9b8 TF |
360 | Status = gBS->CreateEventEx (\r |
361 | EVT_NOTIFY_SIGNAL,\r | |
362 | TPL_CALLBACK,\r | |
363 | TPerResetAtEndOfDxe,\r | |
364 | NULL,\r | |
365 | &gEfiEndOfDxeEventGroupGuid,\r | |
366 | &Event\r | |
367 | );\r | |
368 | if (EFI_ERROR (Status)) {\r | |
369 | return Status;\r | |
370 | }\r | |
371 | }\r | |
372 | \r | |
0c18794e | 373 | return Status;\r |
374 | }\r |