]>
Commit | Line | Data |
---|---|---|
cb274a27 ED |
1 | /** @file\r |
2 | Opal password smm driver which is used to support Opal security feature at s3 path.\r | |
3 | \r | |
4 | Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>\r | |
5 | This program and the accompanying materials\r | |
6 | are licensed and made available under the terms and conditions of the BSD License\r | |
7 | which accompanies this distribution. The full text of the license may be found at\r | |
8 | http://opensource.org/licenses/bsd-license.php\r | |
9 | \r | |
10 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r | |
11 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r | |
12 | \r | |
13 | **/\r | |
14 | \r | |
15 | #include "OpalPasswordSmm.h"\r | |
16 | \r | |
17 | #define SMM_SIZE_ALLOC_BYTES (512)\r | |
18 | #define RESPONSE_SIZE (200)\r | |
19 | \r | |
20 | #define PCI_CLASS_MASS_STORAGE_AHCI (0x06)\r | |
21 | \r | |
22 | #define OPAL_PCIE_ROOTPORT_SAVESIZE (0x40)\r | |
23 | #define STORE_INVALID_ROOTPORT_INDEX ((UINT8) -1)\r | |
24 | #define OPAL_DEVICE_TYPE_SATA 0x1\r | |
25 | #define OPAL_DEVICE_TYPE_NVME 0x2\r | |
26 | #define OPAL_DEVICE_TYPE_UNKNOWN 0xFF\r | |
27 | \r | |
28 | //\r | |
29 | // To unlock the Intel SATA controller at S3 Resume, restored the following registers.\r | |
30 | //\r | |
31 | const OPAL_HC_PCI_REGISTER_SAVE mSataHcRegisterSaveTemplate[] = {\r | |
32 | {0x9, S3BootScriptWidthUint8},\r | |
33 | {0x10, S3BootScriptWidthUint32},\r | |
34 | {0x14, S3BootScriptWidthUint32},\r | |
35 | {0x18, S3BootScriptWidthUint32},\r | |
36 | {0x1C, S3BootScriptWidthUint32},\r | |
37 | {0x20, S3BootScriptWidthUint32},\r | |
38 | {0x24, S3BootScriptWidthUint32},\r | |
39 | {0x3c, S3BootScriptWidthUint8},\r | |
40 | {0x3d, S3BootScriptWidthUint8},\r | |
41 | {0x40, S3BootScriptWidthUint16},\r | |
42 | {0x42, S3BootScriptWidthUint16},\r | |
43 | {0x92, S3BootScriptWidthUint16},\r | |
44 | {0x94, S3BootScriptWidthUint32},\r | |
45 | {0x9C, S3BootScriptWidthUint32},\r | |
46 | {0x4, S3BootScriptWidthUint16},\r | |
47 | };\r | |
48 | \r | |
49 | \r | |
50 | UINT8 mSwSmiValue;\r | |
51 | LIST_ENTRY *mOpalDeviceList;\r | |
52 | LIST_ENTRY mSmmDeviceList = INITIALIZE_LIST_HEAD_VARIABLE (mSmmDeviceList);\r | |
53 | \r | |
54 | BOOLEAN mSendBlockSID = FALSE;\r | |
55 | \r | |
56 | // AHCI\r | |
57 | UINT32 mAhciBar = 0;\r | |
58 | EFI_AHCI_REGISTERS mAhciRegisters;\r | |
59 | VOID *mBuffer = NULL; // DMA can not read/write Data to smram, so we pre-allocates Buffer from AcpiNVS.\r | |
60 | //\r | |
61 | // NVME\r | |
62 | NVME_CONTEXT mNvmeContext;\r | |
63 | \r | |
009264f5 ED |
64 | EFI_GCD_MEMORY_SPACE_DESCRIPTOR *mGcdMemSpace = NULL;\r |
65 | UINTN mNumberOfDescriptors = 0;\r | |
66 | \r | |
cb274a27 ED |
67 | /**\r |
68 | Add new bridge node or nvme device info to the device list.\r | |
69 | \r | |
70 | @param[in] BusNum The bus number.\r | |
71 | @param[in] DevNum The device number.\r | |
72 | @param[in] FuncNum The function number.\r | |
73 | @param[in] Dev The device which need to add device node info.\r | |
74 | \r | |
75 | **/\r | |
76 | VOID\r | |
77 | AddPciDeviceNode (\r | |
78 | UINT32 BusNum,\r | |
79 | UINT32 DevNum,\r | |
80 | UINT32 FuncNum,\r | |
81 | OPAL_SMM_DEVICE *Dev\r | |
82 | )\r | |
83 | {\r | |
84 | UINT8 *DevList;\r | |
85 | PCI_DEVICE *DeviceNode;\r | |
86 | \r | |
87 | DevList = AllocateZeroPool (sizeof (PCI_DEVICE) + Dev->Length);\r | |
88 | ASSERT (DevList != NULL);\r | |
89 | \r | |
90 | if (Dev->Length != 0) {\r | |
91 | CopyMem (DevList, Dev->PciBridgeNode, Dev->Length);\r | |
92 | FreePool (Dev->PciBridgeNode);\r | |
93 | }\r | |
94 | \r | |
95 | DeviceNode = (PCI_DEVICE *) (DevList + Dev->Length);\r | |
96 | \r | |
97 | DeviceNode->BusNum = BusNum;\r | |
98 | DeviceNode->DevNum = DevNum;\r | |
99 | DeviceNode->FuncNum = FuncNum;\r | |
100 | \r | |
101 | Dev->Length += sizeof (PCI_DEVICE);\r | |
102 | Dev->PciBridgeNode = (PCI_DEVICE *)DevList;\r | |
103 | }\r | |
104 | \r | |
105 | /**\r | |
106 | Extract device info from the input device path.\r | |
107 | \r | |
108 | @param[in] DevicePath Device path info for the device.\r | |
109 | @param[in,out] Dev The device which new inputed.\r | |
110 | \r | |
111 | **/\r | |
112 | VOID\r | |
113 | ExtractDeviceInfoFromDevicePath (\r | |
114 | IN EFI_DEVICE_PATH_PROTOCOL *DevicePath,\r | |
115 | IN OUT OPAL_SMM_DEVICE *Dev\r | |
116 | )\r | |
117 | {\r | |
118 | EFI_DEVICE_PATH_PROTOCOL *TmpDevPath;\r | |
119 | EFI_DEVICE_PATH_PROTOCOL *TmpDevPath2;\r | |
120 | PCI_DEVICE_PATH *PciDevPath;\r | |
121 | SATA_DEVICE_PATH *SataDevPath;\r | |
122 | NVME_NAMESPACE_DEVICE_PATH *NvmeDevPath;\r | |
123 | UINTN BusNum;\r | |
124 | \r | |
125 | TmpDevPath = DevicePath;\r | |
126 | Dev->DeviceType = OPAL_DEVICE_TYPE_UNKNOWN;\r | |
127 | \r | |
128 | while (!IsDevicePathEnd(TmpDevPath)) {\r | |
129 | if (TmpDevPath->Type == MESSAGING_DEVICE_PATH && TmpDevPath->SubType == MSG_SATA_DP) {\r | |
130 | //\r | |
131 | // SATA\r | |
132 | //\r | |
133 | SataDevPath = ( SATA_DEVICE_PATH* )TmpDevPath;\r | |
134 | Dev->SataPort = SataDevPath->HBAPortNumber;\r | |
135 | Dev->SataPortMultiplierPort = SataDevPath->PortMultiplierPortNumber;\r | |
136 | Dev->DeviceType = OPAL_DEVICE_TYPE_SATA;\r | |
137 | break;\r | |
138 | } else if (TmpDevPath->Type == MESSAGING_DEVICE_PATH && TmpDevPath->SubType == MSG_NVME_NAMESPACE_DP) {\r | |
139 | //\r | |
140 | // NVMe\r | |
141 | //\r | |
142 | NvmeDevPath = ( NVME_NAMESPACE_DEVICE_PATH* )TmpDevPath;\r | |
143 | Dev->NvmeNamespaceId = NvmeDevPath->NamespaceId;\r | |
144 | Dev->DeviceType = OPAL_DEVICE_TYPE_NVME;\r | |
145 | break;\r | |
146 | }\r | |
147 | TmpDevPath = NextDevicePathNode (TmpDevPath);\r | |
148 | }\r | |
149 | \r | |
150 | //\r | |
151 | // Get bridge node info for the nvme device.\r | |
152 | //\r | |
153 | BusNum = 0;\r | |
154 | TmpDevPath = DevicePath;\r | |
155 | TmpDevPath2 = NextDevicePathNode (DevicePath);\r | |
156 | while (!IsDevicePathEnd(TmpDevPath2)) {\r | |
157 | if (TmpDevPath->Type == HARDWARE_DEVICE_PATH && TmpDevPath->SubType == HW_PCI_DP) {\r | |
158 | PciDevPath = (PCI_DEVICE_PATH *) TmpDevPath;\r | |
159 | if ((TmpDevPath2->Type == MESSAGING_DEVICE_PATH && TmpDevPath2->SubType == MSG_NVME_NAMESPACE_DP)||\r | |
160 | (TmpDevPath2->Type == MESSAGING_DEVICE_PATH && TmpDevPath2->SubType == MSG_SATA_DP)) {\r | |
161 | Dev->BusNum = (UINT32)BusNum;\r | |
162 | Dev->DevNum = PciDevPath->Device;\r | |
163 | Dev->FuncNum = PciDevPath->Function;\r | |
164 | } else {\r | |
165 | AddPciDeviceNode((UINT32)BusNum, PciDevPath->Device, PciDevPath->Function, Dev);\r | |
166 | if (TmpDevPath2->Type == HARDWARE_DEVICE_PATH && TmpDevPath2->SubType == HW_PCI_DP) {\r | |
167 | BusNum = PciRead8 (PCI_LIB_ADDRESS (BusNum, PciDevPath->Device, PciDevPath->Function, NVME_PCIE_SEC_BNUM));\r | |
168 | }\r | |
169 | }\r | |
170 | }\r | |
171 | \r | |
172 | TmpDevPath = NextDevicePathNode (TmpDevPath);\r | |
173 | TmpDevPath2 = NextDevicePathNode (TmpDevPath2);\r | |
174 | }\r | |
175 | }\r | |
176 | \r | |
177 | /**\r | |
178 | \r | |
179 | The function returns whether or not the device is Opal Locked.\r | |
180 | TRUE means that the device is partially or fully locked.\r | |
181 | This will perform a Level 0 Discovery and parse the locking feature descriptor\r | |
182 | \r | |
69cd1294 ED |
183 | @param[in] OpalDev Opal object to determine if locked\r |
184 | @param[out] BlockSidSupported Whether device support BlockSid feature.\r | |
cb274a27 ED |
185 | \r |
186 | **/\r | |
187 | BOOLEAN\r | |
188 | IsOpalDeviceLocked(\r | |
69cd1294 ED |
189 | OPAL_SMM_DEVICE *OpalDev,\r |
190 | BOOLEAN *BlockSidSupported\r | |
cb274a27 ED |
191 | )\r |
192 | {\r | |
193 | OPAL_SESSION Session;\r | |
194 | OPAL_DISK_SUPPORT_ATTRIBUTE SupportedAttributes;\r | |
195 | TCG_LOCKING_FEATURE_DESCRIPTOR LockingFeature;\r | |
196 | UINT16 OpalBaseComId;\r | |
197 | TCG_RESULT Ret;\r | |
198 | \r | |
199 | Session.Sscp = &OpalDev->Sscp;\r | |
200 | Session.MediaId = 0;\r | |
201 | \r | |
202 | Ret = OpalGetSupportedAttributesInfo (&Session, &SupportedAttributes, &OpalBaseComId);\r | |
203 | if (Ret != TcgResultSuccess) {\r | |
204 | return FALSE;\r | |
205 | }\r | |
206 | \r | |
207 | OpalDev->OpalBaseComId = OpalBaseComId;\r | |
69cd1294 ED |
208 | Session.OpalBaseComId = OpalBaseComId;\r |
209 | *BlockSidSupported = SupportedAttributes.BlockSid == 1 ? TRUE : FALSE;\r | |
cb274a27 ED |
210 | \r |
211 | Ret = OpalGetLockingInfo(&Session, &LockingFeature);\r | |
212 | if (Ret != TcgResultSuccess) {\r | |
213 | return FALSE;\r | |
214 | }\r | |
215 | \r | |
216 | return OpalDeviceLocked (&SupportedAttributes, &LockingFeature);\r | |
217 | }\r | |
218 | \r | |
219 | /**\r | |
220 | Save/Restore RootPort configuration space.\r | |
221 | \r | |
222 | @param[in] DeviceNode - The device node.\r | |
223 | @param[in] SaveAction - TRUE: Save, FALSE: Restore\r | |
224 | @param[in,out] PcieConfBufferList - Configuration space data buffer for save/restore\r | |
225 | \r | |
226 | @retval - PCIE base address of this RootPort\r | |
227 | **/\r | |
228 | UINTN\r | |
229 | SaveRestoreRootportConfSpace (\r | |
230 | IN OPAL_SMM_DEVICE *DeviceNode,\r | |
231 | IN BOOLEAN SaveAction,\r | |
232 | IN OUT UINT8 **PcieConfBufferList\r | |
233 | )\r | |
234 | {\r | |
235 | UINTN RpBase;\r | |
236 | UINTN Length;\r | |
237 | PCI_DEVICE *DevNode;\r | |
238 | UINT8 *StorePcieConfData;\r | |
239 | UINTN Index;\r | |
240 | \r | |
241 | Length = 0;\r | |
242 | Index = 0;\r | |
243 | RpBase = 0;\r | |
244 | \r | |
245 | while (Length < DeviceNode->Length) {\r | |
246 | DevNode = (PCI_DEVICE *)((UINT8*)DeviceNode->PciBridgeNode + Length);\r | |
247 | RpBase = PCI_LIB_ADDRESS (DevNode->BusNum, DevNode->DevNum, DevNode->FuncNum, 0x0);\r | |
248 | \r | |
249 | if (PcieConfBufferList != NULL) {\r | |
250 | if (SaveAction) {\r | |
251 | StorePcieConfData = (UINT8 *) AllocateZeroPool (OPAL_PCIE_ROOTPORT_SAVESIZE);\r | |
252 | ASSERT (StorePcieConfData != NULL);\r | |
253 | OpalPciRead (StorePcieConfData, RpBase, OPAL_PCIE_ROOTPORT_SAVESIZE);\r | |
254 | PcieConfBufferList[Index] = StorePcieConfData;\r | |
255 | } else {\r | |
256 | // Skip PCIe Command & Status registers\r | |
257 | StorePcieConfData = PcieConfBufferList[Index];\r | |
258 | OpalPciWrite (RpBase, StorePcieConfData, 4);\r | |
259 | OpalPciWrite (RpBase + 8, StorePcieConfData + 8, OPAL_PCIE_ROOTPORT_SAVESIZE - 8);\r | |
260 | \r | |
261 | FreePool (StorePcieConfData);\r | |
262 | }\r | |
263 | }\r | |
264 | \r | |
265 | Length += sizeof (PCI_DEVICE);\r | |
266 | Index ++;\r | |
267 | }\r | |
268 | \r | |
269 | return RpBase;\r | |
270 | }\r | |
271 | \r | |
272 | /**\r | |
273 | Configure RootPort for downstream PCIe NAND devices.\r | |
274 | \r | |
275 | @param[in] RpBase - PCIe configuration space address of this RootPort\r | |
276 | @param[in] BusNumber - Bus number\r | |
277 | @param[in] MemoryBase - Memory base address\r | |
278 | @param[in] MemoryLength - Memory size\r | |
279 | \r | |
280 | **/\r | |
281 | VOID\r | |
282 | ConfigureRootPortForPcieNand (\r | |
283 | IN UINTN RpBase,\r | |
284 | IN UINTN BusNumber,\r | |
285 | IN UINT32 MemoryBase,\r | |
286 | IN UINT32 MemoryLength\r | |
287 | )\r | |
288 | {\r | |
289 | UINT32 MemoryLimit;\r | |
290 | \r | |
291 | DEBUG ((DEBUG_INFO, "ConfigureRootPortForPcieNand, BusNumber: %x, MemoryBase: %x, MemoryLength: %x\n",\r | |
292 | BusNumber, MemoryBase, MemoryLength));\r | |
293 | \r | |
294 | if (MemoryLength == 0) {\r | |
295 | MemoryLimit = MemoryBase;\r | |
296 | } else {\r | |
297 | MemoryLimit = MemoryBase + MemoryLength + 0xFFFFF; // 1M\r | |
298 | }\r | |
299 | \r | |
300 | ///\r | |
301 | /// Configue PCIE configuration space for RootPort\r | |
302 | ///\r | |
303 | PciWrite8 (RpBase + NVME_PCIE_BNUM + 1, (UINT8) BusNumber); // Secondary Bus Number registers\r | |
304 | PciWrite8 (RpBase + NVME_PCIE_BNUM + 2, (UINT8) BusNumber); // Subordinate Bus Number registers\r | |
305 | PciWrite8 (RpBase + NVME_PCIE_IOBL, 0xFF); // I/O Base registers\r | |
306 | PciWrite8 (RpBase + NVME_PCIE_IOBL + 1, 0x00); // I/O Limit registers\r | |
307 | PciWrite16 (RpBase + NVME_PCIE_MBL, (UINT16) RShiftU64 ((UINTN)MemoryBase, 16)); // Memory Base register\r | |
308 | PciWrite16 (RpBase + NVME_PCIE_MBL + 2, (UINT16) RShiftU64 ((UINTN)MemoryLimit, 16)); // Memory Limit register\r | |
309 | PciWrite16 (RpBase + NVME_PCIE_PMBL, 0xFFFF); // Prefetchable Memory Base registers\r | |
310 | PciWrite16 (RpBase + NVME_PCIE_PMBL + 2, 0x0000); // Prefetchable Memory Limit registers\r | |
311 | PciWrite32 (RpBase + NVME_PCIE_PMBU32, 0xFFFFFFFF); // Prefetchable Memory Upper Base registers\r | |
312 | PciWrite32 (RpBase + NVME_PCIE_PMLU32, 0x00000000); // Prefetchable Memory Upper Limit registers\r | |
313 | }\r | |
314 | \r | |
315 | \r | |
316 | /**\r | |
317 | Dispatch function for a Software SMI handler.\r | |
318 | \r | |
319 | @param[in] DispatchHandle The unique handle assigned to this handler by SmiHandlerRegister().\r | |
320 | @param[in] RegisterContext Points to an optional handler context which was specified when the\r | |
321 | handler was registered.\r | |
322 | @param[in, out] CommBuffer A pointer to a collection of Data in memory that will\r | |
323 | be conveyed from a non-SMM environment into an SMM environment.\r | |
324 | @param[in, out] CommBufferSize The Size of the CommBuffer.\r | |
325 | \r | |
326 | @retval EFI_SUCCESS The interrupt was handled and quiesced. No other handlers\r | |
327 | should still be called.\r | |
328 | @retval Others Other execution results.\r | |
329 | **/\r | |
330 | EFI_STATUS\r | |
331 | EFIAPI\r | |
332 | SmmUnlockOpalPassword (\r | |
333 | IN EFI_HANDLE DispatchHandle,\r | |
334 | IN CONST VOID *RegisterContext,\r | |
335 | IN OUT VOID *CommBuffer,\r | |
336 | IN OUT UINTN *CommBufferSize\r | |
337 | )\r | |
338 | {\r | |
339 | EFI_STATUS Status;\r | |
340 | OPAL_SMM_DEVICE *OpalDev;\r | |
341 | LIST_ENTRY *Entry;\r | |
342 | UINT8 BaseClassCode;\r | |
343 | UINT8 SubClassCode;\r | |
344 | UINT8 ProgInt;\r | |
345 | TCG_RESULT Result;\r | |
346 | UINT8 SataCmdSt;\r | |
347 | UINT8 *StorePcieConfDataList[16];\r | |
348 | UINTN RpBase;\r | |
349 | UINTN MemoryBase;\r | |
350 | UINTN MemoryLength;\r | |
351 | OPAL_SESSION Session;\r | |
69cd1294 | 352 | BOOLEAN BlockSidSupport;\r |
cb274a27 ED |
353 | \r |
354 | ZeroMem (StorePcieConfDataList, sizeof (StorePcieConfDataList));\r | |
355 | Status = EFI_DEVICE_ERROR;\r | |
356 | \r | |
357 | //\r | |
358 | // try to unlock all locked hdd disks.\r | |
359 | //\r | |
360 | for (Entry = mSmmDeviceList.ForwardLink; Entry != &mSmmDeviceList; Entry = Entry->ForwardLink) {\r | |
361 | OpalDev = BASE_CR(Entry, OPAL_SMM_DEVICE, Link);\r | |
362 | \r | |
363 | RpBase = 0;\r | |
364 | SataCmdSt = 0;\r | |
365 | \r | |
366 | ///\r | |
367 | /// Configure RootPort for PCIe AHCI/NVME devices.\r | |
368 | ///\r | |
369 | if (OpalDev->DeviceType == OPAL_DEVICE_TYPE_NVME) {\r | |
370 | ///\r | |
371 | /// Save original RootPort configuration space to heap\r | |
372 | ///\r | |
373 | RpBase = SaveRestoreRootportConfSpace (\r | |
374 | OpalDev,\r | |
375 | TRUE,\r | |
376 | StorePcieConfDataList\r | |
377 | );\r | |
378 | MemoryBase = mNvmeContext.Nbar;\r | |
379 | MemoryLength = 0;\r | |
380 | ConfigureRootPortForPcieNand (RpBase, OpalDev->BusNum, (UINT32) MemoryBase, (UINT32) MemoryLength);\r | |
381 | \r | |
382 | ///\r | |
383 | /// Enable PCIE decode for RootPort\r | |
384 | ///\r | |
385 | SataCmdSt = PciRead8 (RpBase + NVME_PCIE_PCICMD);\r | |
386 | PciWrite8 (RpBase + NVME_PCIE_PCICMD, 0x6);\r | |
387 | } else {\r | |
388 | SataCmdSt = PciRead8 (PCI_LIB_ADDRESS (OpalDev->BusNum, OpalDev->DevNum, OpalDev->FuncNum, NVME_PCIE_PCICMD));\r | |
389 | PciWrite8 (PCI_LIB_ADDRESS (OpalDev->BusNum, OpalDev->DevNum, OpalDev->FuncNum, NVME_PCIE_PCICMD), 0x6);\r | |
390 | }\r | |
391 | \r | |
392 | BaseClassCode = PciRead8 (PCI_LIB_ADDRESS (OpalDev->BusNum, OpalDev->DevNum, OpalDev->FuncNum, 0x0B));\r | |
393 | SubClassCode = PciRead8 (PCI_LIB_ADDRESS (OpalDev->BusNum, OpalDev->DevNum, OpalDev->FuncNum, 0x0A));\r | |
394 | ProgInt = PciRead8 (PCI_LIB_ADDRESS (OpalDev->BusNum, OpalDev->DevNum, OpalDev->FuncNum, 0x09));\r | |
395 | if (BaseClassCode != PCI_CLASS_MASS_STORAGE) {\r | |
396 | Status = EFI_INVALID_PARAMETER;\r | |
397 | break;\r | |
398 | }\r | |
399 | \r | |
400 | Status = EFI_DEVICE_ERROR;\r | |
401 | if (OpalDev->DeviceType == OPAL_DEVICE_TYPE_SATA) {\r | |
402 | if ((SubClassCode == PCI_CLASS_MASS_STORAGE_AHCI) || (SubClassCode == PCI_CLASS_MASS_STORAGE_RAID)) {\r | |
403 | Status = GetAhciBaseAddress (OpalDev->BusNum, OpalDev->DevNum, OpalDev->FuncNum);\r | |
404 | if (EFI_ERROR (Status)) {\r | |
405 | DEBUG ((DEBUG_ERROR, "GetAhciBaseAddress error, Status: %r\n", Status));\r | |
406 | goto done;\r | |
407 | }\r | |
408 | Status = AhciModeInitialize ((UINT8)OpalDev->SataPort);\r | |
409 | ASSERT_EFI_ERROR (Status);\r | |
410 | if (EFI_ERROR (Status)) {\r | |
411 | DEBUG ((DEBUG_ERROR, "AhciModeInitialize error, Status: %r\n", Status));\r | |
412 | goto done;\r | |
413 | }\r | |
414 | } else {\r | |
415 | DEBUG ((DEBUG_ERROR, "SubClassCode not support for SATA device\n"));\r | |
416 | }\r | |
417 | } else if (OpalDev->DeviceType == OPAL_DEVICE_TYPE_NVME) {\r | |
418 | if (SubClassCode == PCI_CLASS_MASS_STORAGE_NVM) {\r | |
419 | if (ProgInt != PCI_IF_NVMHCI) {\r | |
420 | DEBUG ((DEBUG_ERROR, "PI not support, skipped\n"));\r | |
421 | Status = EFI_NOT_FOUND;\r | |
422 | goto done;\r | |
423 | }\r | |
424 | \r | |
425 | mNvmeContext.PciBase = PCI_LIB_ADDRESS (OpalDev->BusNum, OpalDev->DevNum, OpalDev->FuncNum, 0x0);\r | |
426 | mNvmeContext.NvmeInitWaitTime = 0;\r | |
427 | mNvmeContext.Nsid = OpalDev->NvmeNamespaceId;\r | |
428 | Status = NvmeControllerInit (&mNvmeContext);\r | |
429 | } else {\r | |
430 | DEBUG ((DEBUG_ERROR, "SubClassCode not support for NVME device\n"));\r | |
431 | }\r | |
432 | } else {\r | |
433 | DEBUG ((DEBUG_ERROR, "Invalid Devicetype\n"));\r | |
434 | goto done;\r | |
435 | }\r | |
436 | \r | |
437 | Status = EFI_DEVICE_ERROR;\r | |
69cd1294 ED |
438 | BlockSidSupport = FALSE;\r |
439 | if (IsOpalDeviceLocked (OpalDev, &BlockSidSupport)) {\r | |
cb274a27 ED |
440 | ZeroMem(&Session, sizeof(Session));\r |
441 | Session.Sscp = &OpalDev->Sscp;\r | |
442 | Session.MediaId = 0;\r | |
443 | Session.OpalBaseComId = OpalDev->OpalBaseComId;\r | |
444 | \r | |
69cd1294 | 445 | if (mSendBlockSID && BlockSidSupport) {\r |
cb274a27 ED |
446 | Result = OpalBlockSid (&Session, TRUE);\r |
447 | if (Result != TcgResultSuccess) {\r | |
448 | break;\r | |
449 | }\r | |
450 | }\r | |
451 | \r | |
452 | Result = OpalSupportUnlock (&Session, OpalDev->Password, OpalDev->PasswordLength, NULL);\r | |
453 | if (Result == TcgResultSuccess) {\r | |
454 | Status = EFI_SUCCESS;\r | |
455 | }\r | |
456 | }\r | |
457 | \r | |
458 | if (OpalDev->DeviceType == OPAL_DEVICE_TYPE_NVME) {\r | |
459 | if (SubClassCode == PCI_CLASS_MASS_STORAGE_NVM) {\r | |
460 | Status = NvmeControllerExit (&mNvmeContext);\r | |
461 | }\r | |
462 | }\r | |
463 | \r | |
464 | done:\r | |
465 | if (OpalDev->DeviceType == OPAL_DEVICE_TYPE_NVME) {\r | |
466 | ASSERT (RpBase != 0);\r | |
467 | PciWrite8 (RpBase + NVME_PCIE_PCICMD, 0);\r | |
468 | RpBase = SaveRestoreRootportConfSpace (\r | |
469 | OpalDev,\r | |
470 | FALSE, // restore\r | |
471 | StorePcieConfDataList\r | |
472 | );\r | |
473 | PciWrite8 (RpBase + NVME_PCIE_PCICMD, SataCmdSt);\r | |
474 | } else {\r | |
475 | PciWrite8 (PCI_LIB_ADDRESS (OpalDev->BusNum, OpalDev->DevNum, OpalDev->FuncNum, NVME_PCIE_PCICMD), SataCmdSt);\r | |
476 | }\r | |
477 | \r | |
478 | if (EFI_ERROR (Status)) {\r | |
479 | break;\r | |
480 | }\r | |
481 | }\r | |
482 | \r | |
483 | return Status;\r | |
484 | }\r | |
485 | \r | |
486 | \r | |
487 | /**\r | |
488 | Main entry point for an SMM handler dispatch or communicate-based callback.\r | |
489 | \r | |
490 | @param[in] DispatchHandle The unique handle assigned to this handler by SmiHandlerRegister().\r | |
491 | @param[in] Context Points to an optional handler context which was specified when the\r | |
492 | handler was registered.\r | |
493 | @param[in,out] CommBuffer A pointer to a collection of Data in memory that will\r | |
494 | be conveyed from a non-SMM environment into an SMM environment.\r | |
495 | @param[in,out] CommBufferSize The Size of the CommBuffer.\r | |
496 | \r | |
497 | @retval EFI_SUCCESS The interrupt was handled and quiesced. No other handlers\r | |
498 | should still be called.\r | |
499 | @retval EFI_WARN_INTERRUPT_SOURCE_QUIESCED The interrupt has been quiesced but other handlers should\r | |
500 | still be called.\r | |
501 | @retval EFI_WARN_INTERRUPT_SOURCE_PENDING The interrupt is still pending and other handlers should still\r | |
502 | be called.\r | |
503 | @retval EFI_INTERRUPT_PENDING The interrupt could not be quiesced.\r | |
504 | **/\r | |
505 | EFI_STATUS\r | |
506 | EFIAPI\r | |
507 | S3SleepEntryCallBack (\r | |
508 | IN EFI_HANDLE DispatchHandle,\r | |
509 | IN CONST VOID *Context OPTIONAL,\r | |
510 | IN OUT VOID *CommBuffer OPTIONAL,\r | |
511 | IN OUT UINTN *CommBufferSize OPTIONAL\r | |
512 | )\r | |
513 | {\r | |
514 | UINTN Bus;\r | |
515 | UINTN Device;\r | |
516 | UINTN Function;\r | |
517 | UINTN Index;\r | |
518 | EFI_STATUS Status;\r | |
519 | LIST_ENTRY *Entry;\r | |
520 | UINTN Offset;\r | |
521 | UINT64 Address;\r | |
522 | S3_BOOT_SCRIPT_LIB_WIDTH Width;\r | |
523 | UINT32 Data;\r | |
524 | OPAL_DISK_AND_PASSWORD_INFO *PciDev;\r | |
525 | OPAL_HC_PCI_REGISTER_SAVE *HcRegisterSaveListPtr;\r | |
526 | UINTN Count;\r | |
527 | OPAL_SMM_DEVICE *SmmDev;\r | |
528 | \r | |
529 | Data = 0;\r | |
530 | Status = EFI_SUCCESS;\r | |
531 | \r | |
532 | mOpalDeviceList = OpalSupportGetOpalDeviceList();\r | |
533 | \r | |
534 | for (Entry = mOpalDeviceList->ForwardLink; Entry != mOpalDeviceList; Entry = Entry->ForwardLink) {\r | |
535 | PciDev = BASE_CR (Entry, OPAL_DISK_AND_PASSWORD_INFO, Link);\r | |
536 | \r | |
537 | SmmDev = AllocateZeroPool (sizeof (OPAL_SMM_DEVICE));\r | |
538 | if (SmmDev == NULL) {\r | |
539 | return EFI_OUT_OF_RESOURCES;\r | |
540 | }\r | |
541 | SmmDev->Signature = OPAL_SMM_DEVICE_SIGNATURE;\r | |
542 | \r | |
543 | ExtractDeviceInfoFromDevicePath(&PciDev->OpalDevicePath, SmmDev);\r | |
544 | \r | |
545 | SmmDev->PasswordLength = PciDev->PasswordLength;\r | |
546 | CopyMem(&(SmmDev->Password), PciDev->Password, OPAL_PASSWORD_MAX_LENGTH);\r | |
547 | \r | |
548 | SmmDev->Sscp.ReceiveData = SecurityReceiveData;\r | |
549 | SmmDev->Sscp.SendData = SecuritySendData;\r | |
550 | \r | |
551 | InsertHeadList (&mSmmDeviceList, &SmmDev->Link);\r | |
552 | \r | |
553 | if (SmmDev->DeviceType == OPAL_DEVICE_TYPE_NVME) {\r | |
554 | continue;\r | |
555 | }\r | |
556 | \r | |
557 | //\r | |
558 | // Save register Data for S3. Sata controller only.\r | |
559 | //\r | |
560 | Bus = SmmDev->BusNum;\r | |
561 | Device = SmmDev->DevNum;\r | |
562 | Function = SmmDev->FuncNum;\r | |
563 | \r | |
564 | ASSERT (SmmDev->DeviceType == OPAL_DEVICE_TYPE_SATA);\r | |
565 | HcRegisterSaveListPtr = (OPAL_HC_PCI_REGISTER_SAVE *) mSataHcRegisterSaveTemplate;\r | |
566 | Count = sizeof (mSataHcRegisterSaveTemplate) / sizeof (OPAL_HC_PCI_REGISTER_SAVE);\r | |
567 | \r | |
568 | for (Index = 0; Index < Count; Index += 1) {\r | |
569 | Offset = HcRegisterSaveListPtr[Index].Address;\r | |
570 | Width = HcRegisterSaveListPtr[Index].Width;\r | |
571 | \r | |
572 | switch (Width) {\r | |
573 | case S3BootScriptWidthUint8:\r | |
574 | Data = (UINT32)PciRead8 (PCI_LIB_ADDRESS(Bus,Device,Function,Offset));\r | |
575 | break;\r | |
576 | case S3BootScriptWidthUint16:\r | |
577 | Data = (UINT32)PciRead16 (PCI_LIB_ADDRESS(Bus,Device,Function,Offset));\r | |
578 | break;\r | |
579 | case S3BootScriptWidthUint32:\r | |
580 | Data = PciRead32 (PCI_LIB_ADDRESS(Bus,Device,Function,Offset));\r | |
581 | break;\r | |
582 | default:\r | |
583 | ASSERT (FALSE);\r | |
584 | break;\r | |
585 | }\r | |
586 | \r | |
587 | Address = S3_BOOT_SCRIPT_LIB_PCI_ADDRESS (Bus, Device, Function, Offset);\r | |
588 | Status = S3BootScriptSavePciCfgWrite (Width, Address, 1, &Data);\r | |
589 | if (EFI_ERROR (Status)) {\r | |
590 | return Status;\r | |
591 | }\r | |
592 | }\r | |
593 | }\r | |
594 | \r | |
595 | if (!IsListEmpty (mOpalDeviceList)) {\r | |
596 | Status = S3BootScriptSaveIoWrite (S3BootScriptWidthUint8, 0xB2, 1, &mSwSmiValue);\r | |
597 | ASSERT_EFI_ERROR (Status);\r | |
598 | }\r | |
599 | \r | |
600 | return Status;\r | |
601 | }\r | |
602 | \r | |
009264f5 ED |
603 | /**\r |
604 | OpalPassword Notification for SMM EndOfDxe protocol.\r | |
605 | \r | |
606 | @param[in] Protocol Points to the protocol's unique identifier.\r | |
607 | @param[in] Interface Points to the interface instance.\r | |
608 | @param[in] Handle The handle on which the interface was installed.\r | |
609 | \r | |
610 | @retval EFI_SUCCESS Notification runs successfully.\r | |
611 | **/\r | |
612 | EFI_STATUS\r | |
613 | EFIAPI\r | |
614 | OpalPasswordEndOfDxeNotification (\r | |
615 | IN CONST EFI_GUID *Protocol,\r | |
616 | IN VOID *Interface,\r | |
617 | IN EFI_HANDLE Handle\r | |
618 | )\r | |
619 | {\r | |
620 | UINTN NumberOfDescriptors;\r | |
621 | EFI_GCD_MEMORY_SPACE_DESCRIPTOR *MemSpaceMap;\r | |
622 | EFI_STATUS Status;\r | |
623 | \r | |
624 | Status = gDS->GetMemorySpaceMap (&NumberOfDescriptors, &MemSpaceMap);\r | |
625 | if (EFI_ERROR (Status)) {\r | |
626 | return Status;\r | |
627 | }\r | |
628 | \r | |
629 | mGcdMemSpace = AllocateCopyPool (NumberOfDescriptors * sizeof (EFI_GCD_MEMORY_SPACE_DESCRIPTOR), MemSpaceMap);\r | |
630 | if (EFI_ERROR (Status)) {\r | |
631 | gBS->FreePool (MemSpaceMap);\r | |
632 | return Status;\r | |
633 | }\r | |
634 | \r | |
635 | mNumberOfDescriptors = NumberOfDescriptors;\r | |
636 | gBS->FreePool (MemSpaceMap);\r | |
637 | \r | |
638 | return EFI_SUCCESS;\r | |
639 | }\r | |
640 | \r | |
cb274a27 ED |
641 | /**\r |
642 | Main entry for this driver.\r | |
643 | \r | |
644 | @param ImageHandle Image handle this driver.\r | |
645 | @param SystemTable Pointer to SystemTable.\r | |
646 | \r | |
647 | @retval EFI_SUCESS This function always complete successfully.\r | |
648 | \r | |
649 | **/\r | |
650 | EFI_STATUS\r | |
651 | EFIAPI\r | |
652 | OpalPasswordSmmInit (\r | |
653 | IN EFI_HANDLE ImageHandle,\r | |
654 | IN EFI_SYSTEM_TABLE *SystemTable\r | |
655 | )\r | |
656 | {\r | |
657 | EFI_STATUS Status;\r | |
658 | EFI_SMM_SW_DISPATCH2_PROTOCOL *SwDispatch;\r | |
659 | EFI_SMM_SX_DISPATCH2_PROTOCOL *SxDispatch;\r | |
660 | EFI_HANDLE SwHandle;\r | |
661 | EFI_SMM_SW_REGISTER_CONTEXT Context;\r | |
662 | EFI_HANDLE S3SleepEntryHandle;\r | |
663 | EFI_SMM_SX_REGISTER_CONTEXT EntryRegisterContext;\r | |
664 | EFI_SMM_VARIABLE_PROTOCOL *SmmVariable;\r | |
665 | OPAL_EXTRA_INFO_VAR OpalExtraInfo;\r | |
666 | UINTN DataSize;\r | |
009264f5 | 667 | EFI_EVENT EndOfDxeEvent;\r |
cb274a27 ED |
668 | EFI_PHYSICAL_ADDRESS Address;\r |
669 | \r | |
670 | mBuffer = NULL;\r | |
671 | SwHandle = NULL;\r | |
672 | S3SleepEntryHandle = NULL;\r | |
673 | ZeroMem (&mNvmeContext, sizeof (NVME_CONTEXT));\r | |
674 | \r | |
675 | Status = gSmst->SmmLocateProtocol (\r | |
676 | &gEfiSmmSwDispatch2ProtocolGuid,\r | |
677 | NULL,\r | |
678 | (VOID **)&SwDispatch\r | |
679 | );\r | |
680 | ASSERT_EFI_ERROR (Status);\r | |
681 | if (EFI_ERROR (Status)) {\r | |
682 | DEBUG((DEBUG_ERROR, " SmmLocateProtocol gEfiSmmSwDispatch2ProtocolGuid fail, Status: %r\n", Status));\r | |
683 | return Status;\r | |
684 | }\r | |
685 | \r | |
686 | Status = gSmst->SmmLocateProtocol (\r | |
687 | &gEfiSmmSxDispatch2ProtocolGuid,\r | |
688 | NULL,\r | |
689 | (VOID **)&SxDispatch\r | |
690 | );\r | |
691 | ASSERT_EFI_ERROR (Status);\r | |
692 | if (EFI_ERROR (Status)) {\r | |
693 | DEBUG((DEBUG_ERROR, " SmmLocateProtocol gEfiSmmSxDispatch2ProtocolGuid fail, Status: %r\n", Status));\r | |
694 | return Status;\r | |
695 | }\r | |
696 | \r | |
697 | //\r | |
698 | // Preallocate a 512 bytes Buffer to perform trusted I/O.\r | |
699 | // Assume this is big enough for unlock commands\r | |
700 | // It's because DMA can not access smmram stack at the cmd execution.\r | |
701 | //\r | |
702 | Address = 0xFFFFFFFF;\r | |
703 | Status = gBS->AllocatePages (\r | |
704 | AllocateMaxAddress,\r | |
705 | EfiACPIMemoryNVS,\r | |
706 | EFI_SIZE_TO_PAGES (SMM_SIZE_ALLOC_BYTES),\r | |
707 | &Address\r | |
708 | );\r | |
709 | if (EFI_ERROR (Status)) {\r | |
710 | DEBUG((DEBUG_ERROR, " AllocatePages for SATA DAM fail, Status: %r\n", Status));\r | |
711 | return EFI_OUT_OF_RESOURCES;\r | |
712 | }\r | |
713 | \r | |
714 | mBuffer = (VOID *)(UINTN)Address;\r | |
715 | ZeroMem ((VOID *)(UINTN)mBuffer, SMM_SIZE_ALLOC_BYTES);\r | |
716 | \r | |
717 | //\r | |
718 | // Preallocate resource for AHCI transfer descriptor.\r | |
719 | //\r | |
720 | Status = AhciAllocateResource ();\r | |
721 | if (EFI_ERROR (Status)) {\r | |
722 | DEBUG((DEBUG_ERROR, " AhciAllocateResource fail, Status: %r\n", Status));\r | |
723 | Status = EFI_OUT_OF_RESOURCES;\r | |
724 | goto EXIT;\r | |
725 | }\r | |
726 | \r | |
727 | //\r | |
728 | // Preallocate resource for NVMe configuration space.\r | |
729 | //\r | |
730 | Status = NvmeAllocateResource (ImageHandle, &mNvmeContext);\r | |
731 | if (EFI_ERROR (Status)) {\r | |
732 | DEBUG((DEBUG_ERROR, " NvmeAllocateResource fail, Status: %r\n", Status));\r | |
733 | Status = EFI_OUT_OF_RESOURCES;\r | |
734 | goto EXIT;\r | |
735 | }\r | |
736 | \r | |
737 | //\r | |
738 | // Register a S3 entry callback function to store ATA host controller context to boot script.\r | |
739 | // These boot scripts would be invoked at S3 path to recovery ATA host controller h/w context\r | |
740 | // for executing HDD unlock cmd.\r | |
741 | //\r | |
742 | EntryRegisterContext.Type = SxS3;\r | |
743 | EntryRegisterContext.Phase = SxEntry;\r | |
744 | Status = SxDispatch->Register (\r | |
745 | SxDispatch,\r | |
746 | S3SleepEntryCallBack,\r | |
747 | &EntryRegisterContext,\r | |
748 | &S3SleepEntryHandle\r | |
749 | );\r | |
750 | ASSERT_EFI_ERROR (Status);\r | |
751 | if (EFI_ERROR (Status)) {\r | |
752 | goto EXIT;\r | |
753 | }\r | |
754 | \r | |
755 | //\r | |
756 | // Register Opal password smm unlock handler\r | |
757 | //\r | |
758 | Context.SwSmiInputValue = (UINTN) -1;\r | |
759 | Status = SwDispatch->Register (\r | |
760 | SwDispatch,\r | |
761 | SmmUnlockOpalPassword,\r | |
762 | &Context,\r | |
763 | &SwHandle\r | |
764 | );\r | |
765 | ASSERT_EFI_ERROR (Status);\r | |
766 | if (EFI_ERROR (Status)) {\r | |
767 | DEBUG((DEBUG_ERROR, " SwDispatch->Register fail, Status: %r\n", Status));\r | |
768 | goto EXIT;\r | |
769 | }\r | |
770 | \r | |
771 | //\r | |
772 | // trigger smi to unlock hdd if it's locked.\r | |
773 | //\r | |
774 | mSwSmiValue = (UINT8) Context.SwSmiInputValue;\r | |
775 | \r | |
009264f5 ED |
776 | //\r |
777 | // Create event to record GCD descriptors at end of dxe for judging AHCI/NVMe PCI Bar\r | |
778 | // is in MMIO space to avoid attack.\r | |
779 | //\r | |
780 | Status = gSmst->SmmRegisterProtocolNotify (&gEfiSmmEndOfDxeProtocolGuid, OpalPasswordEndOfDxeNotification, &EndOfDxeEvent);\r | |
781 | if (EFI_ERROR (Status)) {\r | |
782 | DEBUG((DEBUG_ERROR, "OpalPasswordSmm: Register SmmEndOfDxe fail, Status: %r\n", Status));\r | |
783 | goto EXIT;\r | |
784 | }\r | |
cb274a27 ED |
785 | Status = gSmst->SmmLocateProtocol (&gEfiSmmVariableProtocolGuid, NULL, (VOID**)&SmmVariable);\r |
786 | if (!EFI_ERROR (Status)) {\r | |
787 | DataSize = sizeof (OPAL_EXTRA_INFO_VAR);\r | |
788 | Status = SmmVariable->SmmGetVariable (\r | |
789 | OPAL_EXTRA_INFO_VAR_NAME,\r | |
790 | &gOpalExtraInfoVariableGuid,\r | |
791 | NULL,\r | |
792 | &DataSize,\r | |
793 | &OpalExtraInfo\r | |
794 | );\r | |
795 | if (!EFI_ERROR (Status)) {\r | |
796 | mSendBlockSID = OpalExtraInfo.EnableBlockSid;\r | |
797 | }\r | |
798 | }\r | |
799 | \r | |
800 | return EFI_SUCCESS;\r | |
801 | \r | |
802 | EXIT:\r | |
803 | if (S3SleepEntryHandle != NULL) {\r | |
804 | SxDispatch->UnRegister (SxDispatch, S3SleepEntryHandle);\r | |
805 | }\r | |
806 | \r | |
807 | AhciFreeResource ();\r | |
808 | \r | |
809 | NvmeFreeResource (&mNvmeContext);\r | |
810 | \r | |
811 | if (mBuffer != NULL) {\r | |
812 | gBS->FreePages ((EFI_PHYSICAL_ADDRESS)(UINTN) mBuffer, EFI_SIZE_TO_PAGES (SMM_SIZE_ALLOC_BYTES));\r | |
813 | }\r | |
814 | \r | |
815 | return Status;\r | |
816 | }\r | |
817 | \r | |
818 | /**\r | |
819 | Provide Io action support.\r | |
820 | \r | |
821 | @param[in] SmmDev the opal device need to perform trust io.\r | |
822 | @param[in] IoType OPAL_IO_TYPE indicating whether to perform a Trusted Send or Trusted Receive.\r | |
823 | @param[in] SecurityProtocol Security Protocol\r | |
824 | @param[in] SpSpecific Security Protocol Specific\r | |
825 | @param[in] TransferLength Transfer Length of Buffer (in bytes) - always a multiple of 512\r | |
826 | @param[in] Buffer Address of Data to transfer\r | |
827 | \r | |
828 | @retval TcgResultSuccess Perform the io action success.\r | |
829 | @retval TcgResultFailure Perform the io action failed.\r | |
830 | \r | |
831 | **/\r | |
832 | EFI_STATUS\r | |
833 | PerformTrustedIo (\r | |
834 | OPAL_SMM_DEVICE *SmmDev,\r | |
835 | OPAL_IO_TYPE IoType,\r | |
836 | UINT8 SecurityProtocol,\r | |
837 | UINT16 SpSpecific,\r | |
838 | UINTN TransferLength,\r | |
839 | VOID *Buffer\r | |
840 | )\r | |
841 | {\r | |
842 | EFI_STATUS Status;\r | |
843 | UINTN BufferSizeBlocks;\r | |
844 | EFI_ATA_COMMAND_BLOCK AtaCommandBlock;\r | |
845 | \r | |
846 | Status = EFI_DEVICE_ERROR;\r | |
847 | if (SmmDev->DeviceType == OPAL_DEVICE_TYPE_SATA) {\r | |
848 | BufferSizeBlocks = TransferLength / 512;\r | |
849 | \r | |
850 | ZeroMem( &AtaCommandBlock, sizeof( EFI_ATA_COMMAND_BLOCK ) );\r | |
851 | AtaCommandBlock.AtaCommand = ( IoType == OpalSend ) ? ATA_COMMAND_TRUSTED_SEND : ATA_COMMAND_TRUSTED_RECEIVE;\r | |
852 | AtaCommandBlock.AtaSectorCount = ( UINT8 )BufferSizeBlocks;\r | |
853 | AtaCommandBlock.AtaSectorNumber = ( UINT8 )( BufferSizeBlocks >> 8 );\r | |
854 | AtaCommandBlock.AtaFeatures = SecurityProtocol;\r | |
855 | AtaCommandBlock.AtaCylinderLow = ( UINT8 )( SpSpecific >> 8 );\r | |
856 | AtaCommandBlock.AtaCylinderHigh = ( UINT8 )( SpSpecific );\r | |
857 | AtaCommandBlock.AtaDeviceHead = ATA_DEVICE_LBA;\r | |
858 | \r | |
859 | \r | |
860 | ZeroMem( mBuffer, HDD_PAYLOAD );\r | |
861 | ASSERT( TransferLength <= HDD_PAYLOAD );\r | |
862 | \r | |
863 | if (IoType == OpalSend) {\r | |
864 | CopyMem( mBuffer, Buffer, TransferLength );\r | |
865 | }\r | |
866 | \r | |
867 | Status = AhciPioTransfer(\r | |
868 | &mAhciRegisters,\r | |
869 | (UINT8) SmmDev->SataPort,\r | |
870 | (UINT8) SmmDev->SataPortMultiplierPort,\r | |
871 | NULL,\r | |
872 | 0,\r | |
873 | ( IoType == OpalSend ) ? FALSE : TRUE, // i/o direction\r | |
874 | &AtaCommandBlock,\r | |
875 | NULL,\r | |
876 | mBuffer,\r | |
877 | (UINT32)TransferLength,\r | |
878 | ATA_TIMEOUT\r | |
879 | );\r | |
880 | \r | |
881 | if (IoType == OpalRecv) {\r | |
882 | CopyMem( Buffer, mBuffer, TransferLength );\r | |
883 | }\r | |
884 | } else if (SmmDev->DeviceType == OPAL_DEVICE_TYPE_NVME) {\r | |
885 | Status = NvmeSecuritySendReceive (\r | |
886 | &mNvmeContext,\r | |
887 | IoType == OpalSend,\r | |
888 | SecurityProtocol,\r | |
889 | SwapBytes16(SpSpecific),\r | |
890 | TransferLength,\r | |
891 | Buffer\r | |
892 | );\r | |
893 | } else {\r | |
894 | DEBUG((DEBUG_ERROR, "DeviceType(%x) not support.\n", SmmDev->DeviceType));\r | |
895 | }\r | |
896 | \r | |
897 | return Status;\r | |
898 | }\r | |
899 | \r | |
900 | /**\r | |
901 | Send a security protocol command to a device that receives data and/or the result\r | |
902 | of one or more commands sent by SendData.\r | |
903 | \r | |
904 | The ReceiveData function sends a security protocol command to the given MediaId.\r | |
905 | The security protocol command sent is defined by SecurityProtocolId and contains\r | |
906 | the security protocol specific data SecurityProtocolSpecificData. The function\r | |
907 | returns the data from the security protocol command in PayloadBuffer.\r | |
908 | \r | |
909 | For devices supporting the SCSI command set, the security protocol command is sent\r | |
910 | using the SECURITY PROTOCOL IN command defined in SPC-4.\r | |
911 | \r | |
912 | For devices supporting the ATA command set, the security protocol command is sent\r | |
913 | using one of the TRUSTED RECEIVE commands defined in ATA8-ACS if PayloadBufferSize\r | |
914 | is non-zero.\r | |
915 | \r | |
916 | If the PayloadBufferSize is zero, the security protocol command is sent using the\r | |
917 | Trusted Non-Data command defined in ATA8-ACS.\r | |
918 | \r | |
919 | If PayloadBufferSize is too small to store the available data from the security\r | |
920 | protocol command, the function shall copy PayloadBufferSize bytes into the\r | |
921 | PayloadBuffer and return EFI_WARN_BUFFER_TOO_SMALL.\r | |
922 | \r | |
923 | If PayloadBuffer or PayloadTransferSize is NULL and PayloadBufferSize is non-zero,\r | |
924 | the function shall return EFI_INVALID_PARAMETER.\r | |
925 | \r | |
926 | If the given MediaId does not support security protocol commands, the function shall\r | |
927 | return EFI_UNSUPPORTED. If there is no media in the device, the function returns\r | |
928 | EFI_NO_MEDIA. If the MediaId is not the ID for the current media in the device,\r | |
929 | the function returns EFI_MEDIA_CHANGED.\r | |
930 | \r | |
931 | If the security protocol fails to complete within the Timeout period, the function\r | |
932 | shall return EFI_TIMEOUT.\r | |
933 | \r | |
934 | If the security protocol command completes without an error, the function shall\r | |
935 | return EFI_SUCCESS. If the security protocol command completes with an error, the\r | |
936 | function shall return EFI_DEVICE_ERROR.\r | |
937 | \r | |
938 | @param This Indicates a pointer to the calling context.\r | |
939 | @param MediaId ID of the medium to receive data from.\r | |
940 | @param Timeout The timeout, in 100ns units, to use for the execution\r | |
941 | of the security protocol command. A Timeout value of 0\r | |
942 | means that this function will wait indefinitely for the\r | |
943 | security protocol command to execute. If Timeout is greater\r | |
944 | than zero, then this function will return EFI_TIMEOUT\r | |
945 | if the time required to execute the receive data command\r | |
946 | is greater than Timeout.\r | |
947 | @param SecurityProtocolId The value of the "Security Protocol" parameter of\r | |
948 | the security protocol command to be sent.\r | |
949 | @param SecurityProtocolSpecificData The value of the "Security Protocol Specific" parameter\r | |
950 | of the security protocol command to be sent.\r | |
951 | @param PayloadBufferSize Size in bytes of the payload data buffer.\r | |
952 | @param PayloadBuffer A pointer to a destination buffer to store the security\r | |
953 | protocol command specific payload data for the security\r | |
954 | protocol command. The caller is responsible for having\r | |
955 | either implicit or explicit ownership of the buffer.\r | |
956 | @param PayloadTransferSize A pointer to a buffer to store the size in bytes of the\r | |
957 | data written to the payload data buffer.\r | |
958 | \r | |
959 | @retval EFI_SUCCESS The security protocol command completed successfully.\r | |
960 | @retval EFI_WARN_BUFFER_TOO_SMALL The PayloadBufferSize was too small to store the available\r | |
961 | data from the device. The PayloadBuffer contains the truncated data.\r | |
962 | @retval EFI_UNSUPPORTED The given MediaId does not support security protocol commands.\r | |
963 | @retval EFI_DEVICE_ERROR The security protocol command completed with an error.\r | |
964 | @retval EFI_NO_MEDIA There is no media in the device.\r | |
965 | @retval EFI_MEDIA_CHANGED The MediaId is not for the current media.\r | |
966 | @retval EFI_INVALID_PARAMETER The PayloadBuffer or PayloadTransferSize is NULL and\r | |
967 | PayloadBufferSize is non-zero.\r | |
968 | @retval EFI_TIMEOUT A timeout occurred while waiting for the security\r | |
969 | protocol command to execute.\r | |
970 | \r | |
971 | **/\r | |
972 | EFI_STATUS\r | |
973 | EFIAPI\r | |
974 | SecurityReceiveData (\r | |
975 | IN EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *This,\r | |
976 | IN UINT32 MediaId,\r | |
977 | IN UINT64 Timeout,\r | |
978 | IN UINT8 SecurityProtocolId,\r | |
979 | IN UINT16 SecurityProtocolSpecificData,\r | |
980 | IN UINTN PayloadBufferSize,\r | |
981 | OUT VOID *PayloadBuffer,\r | |
982 | OUT UINTN *PayloadTransferSize\r | |
983 | )\r | |
984 | {\r | |
985 | OPAL_SMM_DEVICE *SmmDev;\r | |
986 | \r | |
987 | SmmDev = OPAL_SMM_DEVICE_FROM_THIS (This);\r | |
988 | if (SmmDev == NULL) {\r | |
989 | return EFI_DEVICE_ERROR;\r | |
990 | }\r | |
991 | \r | |
992 | return PerformTrustedIo (\r | |
993 | SmmDev,\r | |
994 | OpalRecv,\r | |
995 | SecurityProtocolId,\r | |
996 | SecurityProtocolSpecificData,\r | |
997 | PayloadBufferSize,\r | |
998 | PayloadBuffer\r | |
999 | );\r | |
1000 | }\r | |
1001 | \r | |
1002 | /**\r | |
1003 | Send a security protocol command to a device.\r | |
1004 | \r | |
1005 | The SendData function sends a security protocol command containing the payload\r | |
1006 | PayloadBuffer to the given MediaId. The security protocol command sent is\r | |
1007 | defined by SecurityProtocolId and contains the security protocol specific data\r | |
1008 | SecurityProtocolSpecificData. If the underlying protocol command requires a\r | |
1009 | specific padding for the command payload, the SendData function shall add padding\r | |
1010 | bytes to the command payload to satisfy the padding requirements.\r | |
1011 | \r | |
1012 | For devices supporting the SCSI command set, the security protocol command is sent\r | |
1013 | using the SECURITY PROTOCOL OUT command defined in SPC-4.\r | |
1014 | \r | |
1015 | For devices supporting the ATA command set, the security protocol command is sent\r | |
1016 | using one of the TRUSTED SEND commands defined in ATA8-ACS if PayloadBufferSize\r | |
1017 | is non-zero. If the PayloadBufferSize is zero, the security protocol command is\r | |
1018 | sent using the Trusted Non-Data command defined in ATA8-ACS.\r | |
1019 | \r | |
1020 | If PayloadBuffer is NULL and PayloadBufferSize is non-zero, the function shall\r | |
1021 | return EFI_INVALID_PARAMETER.\r | |
1022 | \r | |
1023 | If the given MediaId does not support security protocol commands, the function\r | |
1024 | shall return EFI_UNSUPPORTED. If there is no media in the device, the function\r | |
1025 | returns EFI_NO_MEDIA. If the MediaId is not the ID for the current media in the\r | |
1026 | device, the function returns EFI_MEDIA_CHANGED.\r | |
1027 | \r | |
1028 | If the security protocol fails to complete within the Timeout period, the function\r | |
1029 | shall return EFI_TIMEOUT.\r | |
1030 | \r | |
1031 | If the security protocol command completes without an error, the function shall return\r | |
1032 | EFI_SUCCESS. If the security protocol command completes with an error, the function\r | |
1033 | shall return EFI_DEVICE_ERROR.\r | |
1034 | \r | |
1035 | @param This Indicates a pointer to the calling context.\r | |
1036 | @param MediaId ID of the medium to receive data from.\r | |
1037 | @param Timeout The timeout, in 100ns units, to use for the execution\r | |
1038 | of the security protocol command. A Timeout value of 0\r | |
1039 | means that this function will wait indefinitely for the\r | |
1040 | security protocol command to execute. If Timeout is greater\r | |
1041 | than zero, then this function will return EFI_TIMEOUT\r | |
1042 | if the time required to execute the send data command\r | |
1043 | is greater than Timeout.\r | |
1044 | @param SecurityProtocolId The value of the "Security Protocol" parameter of\r | |
1045 | the security protocol command to be sent.\r | |
1046 | @param SecurityProtocolSpecificData The value of the "Security Protocol Specific" parameter\r | |
1047 | of the security protocol command to be sent.\r | |
1048 | @param PayloadBufferSize Size in bytes of the payload data buffer.\r | |
1049 | @param PayloadBuffer A pointer to a destination buffer to store the security\r | |
1050 | protocol command specific payload data for the security\r | |
1051 | protocol command.\r | |
1052 | \r | |
1053 | @retval EFI_SUCCESS The security protocol command completed successfully.\r | |
1054 | @retval EFI_UNSUPPORTED The given MediaId does not support security protocol commands.\r | |
1055 | @retval EFI_DEVICE_ERROR The security protocol command completed with an error.\r | |
1056 | @retval EFI_NO_MEDIA There is no media in the device.\r | |
1057 | @retval EFI_MEDIA_CHANGED The MediaId is not for the current media.\r | |
1058 | @retval EFI_INVALID_PARAMETER The PayloadBuffer is NULL and PayloadBufferSize is non-zero.\r | |
1059 | @retval EFI_TIMEOUT A timeout occurred while waiting for the security\r | |
1060 | protocol command to execute.\r | |
1061 | \r | |
1062 | **/\r | |
1063 | EFI_STATUS\r | |
1064 | EFIAPI\r | |
1065 | SecuritySendData (\r | |
1066 | IN EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *This,\r | |
1067 | IN UINT32 MediaId,\r | |
1068 | IN UINT64 Timeout,\r | |
1069 | IN UINT8 SecurityProtocolId,\r | |
1070 | IN UINT16 SecurityProtocolSpecificData,\r | |
1071 | IN UINTN PayloadBufferSize,\r | |
1072 | IN VOID *PayloadBuffer\r | |
1073 | )\r | |
1074 | {\r | |
1075 | OPAL_SMM_DEVICE *SmmDev;\r | |
1076 | \r | |
1077 | SmmDev = OPAL_SMM_DEVICE_FROM_THIS (This);\r | |
1078 | if (SmmDev == NULL) {\r | |
1079 | return EFI_DEVICE_ERROR;\r | |
1080 | }\r | |
1081 | \r | |
1082 | return PerformTrustedIo (\r | |
1083 | SmmDev,\r | |
1084 | OpalSend,\r | |
1085 | SecurityProtocolId,\r | |
1086 | SecurityProtocolSpecificData,\r | |
1087 | PayloadBufferSize,\r | |
1088 | PayloadBuffer\r | |
1089 | );\r | |
1090 | \r | |
1091 | }\r | |
1092 | \r |