[mirror_edk2.git] / SecurityPkg / Tcg / Opal / OpalPasswordSmm / OpalPasswordSmm.h

/** @file\r
  Opal password smm driver which is used to support Opal security feature at s3 path.\r
\r
Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
which accompanies this distribution.  The full text of the license may be found at\r
http://opensource.org/licenses/bsd-license.php\r
\r
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
\r
**/\r
\r
#ifndef _OPAL_PASSWORD_SMM_H_\r
#define _OPAL_PASSWORD_SMM_H_\r
\r
#include <PiSmm.h>\r
#include <IndustryStandard/Atapi.h>\r
\r
#include <Protocol/SmmSwDispatch2.h>\r
#include <Protocol/SmmSxDispatch2.h>\r
#include <Protocol/AtaPassThru.h>\r
#include <Protocol/PciIo.h>\r
#include <Protocol/SmmReadyToLock.h>\r
#include <Protocol/SmmVariable.h>\r
#include <Protocol/VariableLock.h>\r
#include <Protocol/SmmEndOfDxe.h>\r
#include <Protocol/StorageSecurityCommand.h>\r
\r
#include <Library/OpalPasswordSupportLib.h>\r
#include <Library/DebugLib.h>\r
#include <Library/PcdLib.h>\r
#include <Library/IoLib.h>\r
#include <Library/TimerLib.h>\r
#include <Library/PciLib.h>\r
#include <Library/BaseLib.h>\r
#include <Library/BaseMemoryLib.h>\r
#include <Library/SmmServicesTableLib.h>\r
#include <Library/MemoryAllocationLib.h>\r
#include <Library/UefiDriverEntryPoint.h>\r
#include <Library/UefiBootServicesTableLib.h>\r
#include <Library/UefiRuntimeServicesTableLib.h>\r
#include <Library/UefiLib.h>\r
#include <Library/S3BootScriptLib.h>\r
#include <Library/DevicePathLib.h>\r
#include <Library/DxeServicesTableLib.h>\r
#include <Library/SmmIoLib.h>\r
\r
#include <IndustryStandard/Pci22.h>\r
\r
#include <Guid/OpalPasswordExtraInfoVariable.h>\r
\r
#include "OpalAhciMode.h"\r
#include "OpalIdeMode.h"\r
#include "OpalNvmeMode.h"\r
\r
//\r
// Time out Value for ATA pass through protocol\r
//\r
#define ATA_TIMEOUT                      EFI_TIMER_PERIOD_SECONDS (3)\r
\r
//\r
// The payload Length of HDD related ATA commands\r
//\r
#define HDD_PAYLOAD                      512\r
//\r
// According to ATA spec, the max Length of hdd password is 32 bytes\r
//\r
#define OPAL_PASSWORD_MAX_LENGTH         32\r
\r
extern VOID                              *mBuffer;\r
\r
#pragma pack(1)\r
\r
typedef struct {\r
  UINT32                   Address;\r
  S3_BOOT_SCRIPT_LIB_WIDTH Width;\r
} OPAL_HC_PCI_REGISTER_SAVE;\r
\r
\r
typedef struct {\r
  UINT32                SegNum;\r
  UINT32                BusNum;\r
  UINT32                DevNum;\r
  UINT32                FuncNum;\r
} PCI_DEVICE;\r
\r
/**\r
* Opal I/O Type utilized by the Trusted IO callback\r
*\r
* The type indicates if the I/O is a send or receive\r
*/\r
typedef enum {\r
    //\r
    // I/O is a TCG Trusted Send command\r
    //\r
    OpalSend,\r
\r
    //\r
    // I/O is a TCG Trusted Receive command\r
    //\r
    OpalRecv\r
} OPAL_IO_TYPE;\r
\r
\r
#define OPAL_SMM_DEVICE_SIGNATURE SIGNATURE_32 ('o', 's', 'd', 's')\r
\r
typedef struct {\r
  UINTN                                    Signature;\r
  LIST_ENTRY                               Link;\r
\r
  EFI_STORAGE_SECURITY_COMMAND_PROTOCOL    Sscp;\r
\r
  UINT32                                   SegNum;\r
  UINT32                                   BusNum;\r
  UINT32                                   DevNum;\r
  UINT32                                   FuncNum;\r
\r
  UINT8                                    DeviceType;\r
\r
  UINT32                                   SataPort;\r
  UINT32                                   SataPortMultiplierPort;\r
\r
  UINT32                                   NvmeNamespaceId;\r
\r
  UINT8                                    Password[32];\r
  UINT8                                    PasswordLength;\r
\r
  UINT32                                   Length;\r
  PCI_DEVICE                               *PciBridgeNode;\r
\r
  UINT16                                   OpalBaseComId;\r
} OPAL_SMM_DEVICE;\r
\r
#define OPAL_SMM_DEVICE_FROM_THIS(a)  CR (a, OPAL_SMM_DEVICE, Sscp, OPAL_SMM_DEVICE_SIGNATURE)\r
\r
#pragma pack()\r
\r
/**\r
  Send a security protocol command to a device that receives data and/or the result\r
  of one or more commands sent by SendData.\r
\r
  The ReceiveData function sends a security protocol command to the given MediaId.\r
  The security protocol command sent is defined by SecurityProtocolId and contains\r
  the security protocol specific data SecurityProtocolSpecificData. The function\r
  returns the data from the security protocol command in PayloadBuffer.\r
\r
  For devices supporting the SCSI command set, the security protocol command is sent\r
  using the SECURITY PROTOCOL IN command defined in SPC-4.\r
\r
  For devices supporting the ATA command set, the security protocol command is sent\r
  using one of the TRUSTED RECEIVE commands defined in ATA8-ACS if PayloadBufferSize\r
  is non-zero.\r
\r
  If the PayloadBufferSize is zero, the security protocol command is sent using the\r
  Trusted Non-Data command defined in ATA8-ACS.\r
\r
  If PayloadBufferSize is too small to store the available data from the security\r
  protocol command, the function shall copy PayloadBufferSize bytes into the\r
  PayloadBuffer and return EFI_WARN_BUFFER_TOO_SMALL.\r
\r
  If PayloadBuffer or PayloadTransferSize is NULL and PayloadBufferSize is non-zero,\r
  the function shall return EFI_INVALID_PARAMETER.\r
\r
  If the given MediaId does not support security protocol commands, the function shall\r
  return EFI_UNSUPPORTED. If there is no media in the device, the function returns\r
  EFI_NO_MEDIA. If the MediaId is not the ID for the current media in the device,\r
  the function returns EFI_MEDIA_CHANGED.\r
\r
  If the security protocol fails to complete within the Timeout period, the function\r
  shall return EFI_TIMEOUT.\r
\r
  If the security protocol command completes without an error, the function shall\r
  return EFI_SUCCESS. If the security protocol command completes with an error, the\r
  function shall return EFI_DEVICE_ERROR.\r
\r
  @param  This                         Indicates a pointer to the calling context.\r
  @param  MediaId                      ID of the medium to receive data from.\r
  @param  Timeout                      The timeout, in 100ns units, to use for the execution\r
                                       of the security protocol command. A Timeout value of 0\r
                                       means that this function will wait indefinitely for the\r
                                       security protocol command to execute. If Timeout is greater\r
                                       than zero, then this function will return EFI_TIMEOUT\r
                                       if the time required to execute the receive data command\r
                                       is greater than Timeout.\r
  @param  SecurityProtocolId           The value of the "Security Protocol" parameter of\r
                                       the security protocol command to be sent.\r
  @param  SecurityProtocolSpecificData The value of the "Security Protocol Specific" parameter\r
                                       of the security protocol command to be sent.\r
  @param  PayloadBufferSize            Size in bytes of the payload data buffer.\r
  @param  PayloadBuffer                A pointer to a destination buffer to store the security\r
                                       protocol command specific payload data for the security\r
                                       protocol command. The caller is responsible for having\r
                                       either implicit or explicit ownership of the buffer.\r
  @param  PayloadTransferSize          A pointer to a buffer to store the size in bytes of the\r
                                       data written to the payload data buffer.\r
\r
  @retval EFI_SUCCESS                  The security protocol command completed successfully.\r
  @retval EFI_WARN_BUFFER_TOO_SMALL    The PayloadBufferSize was too small to store the available\r
                                       data from the device. The PayloadBuffer contains the truncated data.\r
  @retval EFI_UNSUPPORTED              The given MediaId does not support security protocol commands.\r
  @retval EFI_DEVICE_ERROR             The security protocol command completed with an error.\r
  @retval EFI_NO_MEDIA                 There is no media in the device.\r
  @retval EFI_MEDIA_CHANGED            The MediaId is not for the current media.\r
  @retval EFI_INVALID_PARAMETER        The PayloadBuffer or PayloadTransferSize is NULL and\r
                                       PayloadBufferSize is non-zero.\r
  @retval EFI_TIMEOUT                  A timeout occurred while waiting for the security\r
                                       protocol command to execute.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
SecurityReceiveData (\r
  IN  EFI_STORAGE_SECURITY_COMMAND_PROTOCOL   *This,\r
  IN  UINT32                                  MediaId,\r
  IN  UINT64                                  Timeout,\r
  IN  UINT8                                   SecurityProtocolId,\r
  IN  UINT16                                  SecurityProtocolSpecificData,\r
  IN  UINTN                                   PayloadBufferSize,\r
  OUT VOID                                    *PayloadBuffer,\r
  OUT UINTN                                   *PayloadTransferSize\r
  );\r
\r
/**\r
  Send a security protocol command to a device.\r
\r
  The SendData function sends a security protocol command containing the payload\r
  PayloadBuffer to the given MediaId. The security protocol command sent is\r
  defined by SecurityProtocolId and contains the security protocol specific data\r
  SecurityProtocolSpecificData. If the underlying protocol command requires a\r
  specific padding for the command payload, the SendData function shall add padding\r
  bytes to the command payload to satisfy the padding requirements.\r
\r
  For devices supporting the SCSI command set, the security protocol command is sent\r
  using the SECURITY PROTOCOL OUT command defined in SPC-4.\r
\r
  For devices supporting the ATA command set, the security protocol command is sent\r
  using one of the TRUSTED SEND commands defined in ATA8-ACS if PayloadBufferSize\r
  is non-zero. If the PayloadBufferSize is zero, the security protocol command is\r
  sent using the Trusted Non-Data command defined in ATA8-ACS.\r
\r
  If PayloadBuffer is NULL and PayloadBufferSize is non-zero, the function shall\r
  return EFI_INVALID_PARAMETER.\r
\r
  If the given MediaId does not support security protocol commands, the function\r
  shall return EFI_UNSUPPORTED. If there is no media in the device, the function\r
  returns EFI_NO_MEDIA. If the MediaId is not the ID for the current media in the\r
  device, the function returns EFI_MEDIA_CHANGED.\r
\r
  If the security protocol fails to complete within the Timeout period, the function\r
  shall return EFI_TIMEOUT.\r
\r
  If the security protocol command completes without an error, the function shall return\r
  EFI_SUCCESS. If the security protocol command completes with an error, the function\r
  shall return EFI_DEVICE_ERROR.\r
\r
  @param  This                         Indicates a pointer to the calling context.\r
  @param  MediaId                      ID of the medium to receive data from.\r
  @param  Timeout                      The timeout, in 100ns units, to use for the execution\r
                                       of the security protocol command. A Timeout value of 0\r
                                       means that this function will wait indefinitely for the\r
                                       security protocol command to execute. If Timeout is greater\r
                                       than zero, then this function will return EFI_TIMEOUT\r
                                       if the time required to execute the receive data command\r
                                       is greater than Timeout.\r
  @param  SecurityProtocolId           The value of the "Security Protocol" parameter of\r
                                       the security protocol command to be sent.\r
  @param  SecurityProtocolSpecificData The value of the "Security Protocol Specific" parameter\r
                                       of the security protocol command to be sent.\r
  @param  PayloadBufferSize            Size in bytes of the payload data buffer.\r
  @param  PayloadBuffer                A pointer to a destination buffer to store the security\r
                                       protocol command specific payload data for the security\r
                                       protocol command.\r
\r
  @retval EFI_SUCCESS                  The security protocol command completed successfully.\r
  @retval EFI_UNSUPPORTED              The given MediaId does not support security protocol commands.\r
  @retval EFI_DEVICE_ERROR             The security protocol command completed with an error.\r
  @retval EFI_NO_MEDIA                 There is no media in the device.\r
  @retval EFI_MEDIA_CHANGED            The MediaId is not for the current media.\r
  @retval EFI_INVALID_PARAMETER        The PayloadBuffer is NULL and PayloadBufferSize is non-zero.\r
  @retval EFI_TIMEOUT                  A timeout occurred while waiting for the security\r
                                       protocol command to execute.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
SecuritySendData (\r
  IN EFI_STORAGE_SECURITY_COMMAND_PROTOCOL    *This,\r
  IN UINT32                                   MediaId,\r
  IN UINT64                                   Timeout,\r
  IN UINT8                                    SecurityProtocolId,\r
  IN UINT16                                   SecurityProtocolSpecificData,\r
  IN UINTN                                    PayloadBufferSize,\r
  IN VOID                                     *PayloadBuffer\r
  );\r
\r
#endif // _OPAL_PASSWORD_SMM_H_\r
\r
Commit	Line	Data
cb274a27 ED	1	/** @file\r
	2	Opal password smm driver which is used to support Opal security feature at s3 path.\r
	3	\r
	4	Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>\r
	5	This program and the accompanying materials\r
	6	are licensed and made available under the terms and conditions of the BSD License\r
	7	which accompanies this distribution. The full text of the license may be found at\r
	8	http://opensource.org/licenses/bsd-license.php\r
	9	\r
	10	THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
	11	WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
	12	\r
	13	**/\r
	14	\r
	15	#ifndef _OPAL_PASSWORD_SMM_H_\r
	16	#define _OPAL_PASSWORD_SMM_H_\r
	17	\r
	18	#include <PiSmm.h>\r
	19	#include <IndustryStandard/Atapi.h>\r
	20	\r
	21	#include <Protocol/SmmSwDispatch2.h>\r
	22	#include <Protocol/SmmSxDispatch2.h>\r
	23	#include <Protocol/AtaPassThru.h>\r
	24	#include <Protocol/PciIo.h>\r
	25	#include <Protocol/SmmReadyToLock.h>\r
	26	#include <Protocol/SmmVariable.h>\r
	27	#include <Protocol/VariableLock.h>\r
009264f5	28	#include <Protocol/SmmEndOfDxe.h>\r
cb274a27 ED	29	#include <Protocol/StorageSecurityCommand.h>\r
	30	\r
	31	#include <Library/OpalPasswordSupportLib.h>\r
	32	#include <Library/DebugLib.h>\r
	33	#include <Library/PcdLib.h>\r
	34	#include <Library/IoLib.h>\r
	35	#include <Library/TimerLib.h>\r
	36	#include <Library/PciLib.h>\r
	37	#include <Library/BaseLib.h>\r
	38	#include <Library/BaseMemoryLib.h>\r
	39	#include <Library/SmmServicesTableLib.h>\r
	40	#include <Library/MemoryAllocationLib.h>\r
	41	#include <Library/UefiDriverEntryPoint.h>\r
	42	#include <Library/UefiBootServicesTableLib.h>\r
	43	#include <Library/UefiRuntimeServicesTableLib.h>\r
	44	#include <Library/UefiLib.h>\r
	45	#include <Library/S3BootScriptLib.h>\r
	46	#include <Library/DevicePathLib.h>\r
cb274a27	47	#include <Library/DxeServicesTableLib.h>\r
50e6bb98	48	#include <Library/SmmIoLib.h>\r
cb274a27 ED	49	\r
	50	#include <IndustryStandard/Pci22.h>\r
	51	\r
	52	#include <Guid/OpalPasswordExtraInfoVariable.h>\r
	53	\r
	54	#include "OpalAhciMode.h"\r
	55	#include "OpalIdeMode.h"\r
	56	#include "OpalNvmeMode.h"\r
	57	\r
	58	//\r
	59	// Time out Value for ATA pass through protocol\r
	60	//\r
	61	#define ATA_TIMEOUT EFI_TIMER_PERIOD_SECONDS (3)\r
	62	\r
	63	//\r
	64	// The payload Length of HDD related ATA commands\r
	65	//\r
	66	#define HDD_PAYLOAD 512\r
	67	//\r
	68	// According to ATA spec, the max Length of hdd password is 32 bytes\r
	69	//\r
	70	#define OPAL_PASSWORD_MAX_LENGTH 32\r
	71	\r
	72	extern VOID *mBuffer;\r
	73	\r
	74	#pragma pack(1)\r
	75	\r
	76	typedef struct {\r
	77	UINT32 Address;\r
	78	S3_BOOT_SCRIPT_LIB_WIDTH Width;\r
	79	} OPAL_HC_PCI_REGISTER_SAVE;\r
	80	\r
	81	\r
	82	typedef struct {\r
	83	UINT32 SegNum;\r
	84	UINT32 BusNum;\r
	85	UINT32 DevNum;\r
	86	UINT32 FuncNum;\r
	87	} PCI_DEVICE;\r
	88	\r
	89	/**\r
	90	* Opal I/O Type utilized by the Trusted IO callback\r
	91	*\r
	92	* The type indicates if the I/O is a send or receive\r
	93	*/\r
	94	typedef enum {\r
	95	//\r
	96	// I/O is a TCG Trusted Send command\r
	97	//\r
	98	OpalSend,\r
	99	\r
	100	//\r
	101	// I/O is a TCG Trusted Receive command\r
	102	//\r
	103	OpalRecv\r
	104	} OPAL_IO_TYPE;\r
	105	\r
	106	\r
	107	#define OPAL_SMM_DEVICE_SIGNATURE SIGNATURE_32 ('o', 's', 'd', 's')\r
	108	\r
	109	typedef struct {\r
	110	UINTN Signature;\r
	111	LIST_ENTRY Link;\r
	112	\r
113	EFI_STORAGE_SECURITY_COMMAND_PROTOCOL Sscp;\r
114	\r
115	UINT32 SegNum;\r
116	UINT32 BusNum;\r
117	UINT32 DevNum;\r
118	UINT32 FuncNum;\r
119	\r
120	UINT8 DeviceType;\r
121	\r
122	UINT32 SataPort;\r
123	UINT32 SataPortMultiplierPort;\r
124	\r
125	UINT32 NvmeNamespaceId;\r
126	\r
127	UINT8 Password[32];\r
128	UINT8 PasswordLength;\r
129	\r
130	UINT32 Length;\r
131	PCI_DEVICE *PciBridgeNode;\r
132	\r
133	UINT16 OpalBaseComId;\r
134	} OPAL_SMM_DEVICE;\r
135	\r
136	#define OPAL_SMM_DEVICE_FROM_THIS(a) CR (a, OPAL_SMM_DEVICE, Sscp, OPAL_SMM_DEVICE_SIGNATURE)\r
137	\r
138	#pragma pack()\r
139	\r
140	/**\r
141	Send a security protocol command to a device that receives data and/or the result\r
142	of one or more commands sent by SendData.\r
143	\r
144	The ReceiveData function sends a security protocol command to the given MediaId.\r
145	The security protocol command sent is defined by SecurityProtocolId and contains\r
146	the security protocol specific data SecurityProtocolSpecificData. The function\r
147	returns the data from the security protocol command in PayloadBuffer.\r
148	\r
149	For devices supporting the SCSI command set, the security protocol command is sent\r
150	using the SECURITY PROTOCOL IN command defined in SPC-4.\r
151	\r
152	For devices supporting the ATA command set, the security protocol command is sent\r
153	using one of the TRUSTED RECEIVE commands defined in ATA8-ACS if PayloadBufferSize\r
154	is non-zero.\r
155	\r
156	If the PayloadBufferSize is zero, the security protocol command is sent using the\r
157	Trusted Non-Data command defined in ATA8-ACS.\r
158	\r
159	If PayloadBufferSize is too small to store the available data from the security\r
160	protocol command, the function shall copy PayloadBufferSize bytes into the\r
161	PayloadBuffer and return EFI_WARN_BUFFER_TOO_SMALL.\r
162	\r
163	If PayloadBuffer or PayloadTransferSize is NULL and PayloadBufferSize is non-zero,\r
164	the function shall return EFI_INVALID_PARAMETER.\r
165	\r
166	If the given MediaId does not support security protocol commands, the function shall\r
167	return EFI_UNSUPPORTED. If there is no media in the device, the function returns\r
168	EFI_NO_MEDIA. If the MediaId is not the ID for the current media in the device,\r
169	the function returns EFI_MEDIA_CHANGED.\r
170	\r
171	If the security protocol fails to complete within the Timeout period, the function\r
172	shall return EFI_TIMEOUT.\r
173	\r
174	If the security protocol command completes without an error, the function shall\r
175	return EFI_SUCCESS. If the security protocol command completes with an error, the\r
176	function shall return EFI_DEVICE_ERROR.\r
177	\r
178	@param This Indicates a pointer to the calling context.\r
179	@param MediaId ID of the medium to receive data from.\r
180	@param Timeout The timeout, in 100ns units, to use for the execution\r
181	of the security protocol command. A Timeout value of 0\r
182	means that this function will wait indefinitely for the\r
183	security protocol command to execute. If Timeout is greater\r
184	than zero, then this function will return EFI_TIMEOUT\r
185	if the time required to execute the receive data command\r
186	is greater than Timeout.\r
187	@param SecurityProtocolId The value of the "Security Protocol" parameter of\r
188	the security protocol command to be sent.\r
189	@param SecurityProtocolSpecificData The value of the "Security Protocol Specific" parameter\r
190	of the security protocol command to be sent.\r
191	@param PayloadBufferSize Size in bytes of the payload data buffer.\r
192	@param PayloadBuffer A pointer to a destination buffer to store the security\r
193	protocol command specific payload data for the security\r
194	protocol command. The caller is responsible for having\r
195	either implicit or explicit ownership of the buffer.\r
196	@param PayloadTransferSize A pointer to a buffer to store the size in bytes of the\r
197	data written to the payload data buffer.\r
198	\r
199	@retval EFI_SUCCESS The security protocol command completed successfully.\r
200	@retval EFI_WARN_BUFFER_TOO_SMALL The PayloadBufferSize was too small to store the available\r
201	data from the device. The PayloadBuffer contains the truncated data.\r
202	@retval EFI_UNSUPPORTED The given MediaId does not support security protocol commands.\r
203	@retval EFI_DEVICE_ERROR The security protocol command completed with an error.\r
204	@retval EFI_NO_MEDIA There is no media in the device.\r
205	@retval EFI_MEDIA_CHANGED The MediaId is not for the current media.\r
206	@retval EFI_INVALID_PARAMETER The PayloadBuffer or PayloadTransferSize is NULL and\r
207	PayloadBufferSize is non-zero.\r
208	@retval EFI_TIMEOUT A timeout occurred while waiting for the security\r
209	protocol command to execute.\r
210	\r
211	**/\r
212	EFI_STATUS\r
213	EFIAPI\r
214	SecurityReceiveData (\r
215	IN EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *This,\r
216	IN UINT32 MediaId,\r
217	IN UINT64 Timeout,\r
218	IN UINT8 SecurityProtocolId,\r
219	IN UINT16 SecurityProtocolSpecificData,\r
220	IN UINTN PayloadBufferSize,\r
221	OUT VOID *PayloadBuffer,\r
222	OUT UINTN *PayloadTransferSize\r
223	);\r
224	\r
225	/**\r
226	Send a security protocol command to a device.\r
227	\r
228	The SendData function sends a security protocol command containing the payload\r
229	PayloadBuffer to the given MediaId. The security protocol command sent is\r
230	defined by SecurityProtocolId and contains the security protocol specific data\r
231	SecurityProtocolSpecificData. If the underlying protocol command requires a\r
232	specific padding for the command payload, the SendData function shall add padding\r
233	bytes to the command payload to satisfy the padding requirements.\r
234	\r
235	For devices supporting the SCSI command set, the security protocol command is sent\r
236	using the SECURITY PROTOCOL OUT command defined in SPC-4.\r
237	\r
238	For devices supporting the ATA command set, the security protocol command is sent\r
239	using one of the TRUSTED SEND commands defined in ATA8-ACS if PayloadBufferSize\r
240	is non-zero. If the PayloadBufferSize is zero, the security protocol command is\r
241	sent using the Trusted Non-Data command defined in ATA8-ACS.\r
242	\r
243	If PayloadBuffer is NULL and PayloadBufferSize is non-zero, the function shall\r
244	return EFI_INVALID_PARAMETER.\r
245	\r
246	If the given MediaId does not support security protocol commands, the function\r
247	shall return EFI_UNSUPPORTED. If there is no media in the device, the function\r
248	returns EFI_NO_MEDIA. If the MediaId is not the ID for the current media in the\r
249	device, the function returns EFI_MEDIA_CHANGED.\r
250	\r
251	If the security protocol fails to complete within the Timeout period, the function\r
252	shall return EFI_TIMEOUT.\r
253	\r
254	If the security protocol command completes without an error, the function shall return\r
255	EFI_SUCCESS. If the security protocol command completes with an error, the function\r
256	shall return EFI_DEVICE_ERROR.\r
257	\r
258	@param This Indicates a pointer to the calling context.\r
259	@param MediaId ID of the medium to receive data from.\r
260	@param Timeout The timeout, in 100ns units, to use for the execution\r
261	of the security protocol command. A Timeout value of 0\r
262	means that this function will wait indefinitely for the\r
263	security protocol command to execute. If Timeout is greater\r
264	than zero, then this function will return EFI_TIMEOUT\r
265	if the time required to execute the receive data command\r
266	is greater than Timeout.\r
267	@param SecurityProtocolId The value of the "Security Protocol" parameter of\r
268	the security protocol command to be sent.\r
269	@param SecurityProtocolSpecificData The value of the "Security Protocol Specific" parameter\r
270	of the security protocol command to be sent.\r
271	@param PayloadBufferSize Size in bytes of the payload data buffer.\r
272	@param PayloadBuffer A pointer to a destination buffer to store the security\r
273	protocol command specific payload data for the security\r
274	protocol command.\r
275	\r
276	@retval EFI_SUCCESS The security protocol command completed successfully.\r
277	@retval EFI_UNSUPPORTED The given MediaId does not support security protocol commands.\r
278	@retval EFI_DEVICE_ERROR The security protocol command completed with an error.\r
279	@retval EFI_NO_MEDIA There is no media in the device.\r
280	@retval EFI_MEDIA_CHANGED The MediaId is not for the current media.\r
281	@retval EFI_INVALID_PARAMETER The PayloadBuffer is NULL and PayloadBufferSize is non-zero.\r
282	@retval EFI_TIMEOUT A timeout occurred while waiting for the security\r
283	protocol command to execute.\r
284	\r
285	**/\r
286	EFI_STATUS\r
287	EFIAPI\r
288	SecuritySendData (\r
289	IN EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *This,\r
290	IN UINT32 MediaId,\r
291	IN UINT64 Timeout,\r
292	IN UINT8 SecurityProtocolId,\r
293	IN UINT16 SecurityProtocolSpecificData,\r
294	IN UINTN PayloadBufferSize,\r
295	IN VOID *PayloadBuffer\r
296	);\r
297	\r
298	#endif // _OPAL_PASSWORD_SMM_H_\r
299	\r