2 Public API for Opal Core library.
4 Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR>
5 SPDX-License-Identifier: BSD-2-Clause-Patent
9 #include <Library/BaseLib.h>
10 #include <Library/DebugLib.h>
11 #include <Library/TcgStorageOpalLib.h>
12 #include "TcgStorageOpalLibInternal.h"
14 #define OPAL_MSID_LENGTH 128
17 Creates a session with OPAL_UID_ADMIN_SP as OPAL_ADMIN_SP_PSID_AUTHORITY, then reverts device using Admin SP Revert method.
19 @param[in] Session, The session info for one opal device.
20 @param[in] Psid PSID of device to revert.
21 @param[in] PsidLength Length of PSID in bytes.
27 OPAL_SESSION
*Session
,
34 UINT32 RemovalTimeOut
;
39 RemovalTimeOut
= GetRevertTimeOut (Session
);
40 DEBUG ((DEBUG_INFO
, "OpalUtilPsidRevert: Timeout value = %d\n", RemovalTimeOut
));
42 Ret
= OpalStartSession(
48 OPAL_ADMIN_SP_PSID_AUTHORITY
,
50 if (Ret
== TcgResultSuccess
&& MethodStatus
== TCG_METHOD_STATUS_CODE_SUCCESS
) {
51 Ret
= OpalPyrite2PsidRevert(Session
, RemovalTimeOut
);
52 if (Ret
!= TcgResultSuccess
) {
54 // If revert was successful, session was already ended by TPer, so only end session on failure
56 OpalEndSession(Session
);
60 if (MethodStatus
!= TCG_METHOD_STATUS_CODE_SUCCESS
) {
61 Ret
= TcgResultFailure
;
68 Opens a session with OPAL_UID_ADMIN_SP as OPAL_ADMIN_SP_SID_AUTHORITY,
69 sets the OPAL_UID_ADMIN_SP_C_PIN_SID column with the new password,
70 and activates the locking SP to copy SID PIN to Admin1 Locking SP PIN
72 @param[in] Session, The session info for one opal device.
73 @param[in] GeneratedSid Generated SID of disk
74 @param[in] SidLength Length of generatedSid in bytes
75 @param[in] Password New admin password to set
76 @param[in] PassLength Length of password in bytes
81 OpalUtilSetAdminPasswordAsSid(
82 OPAL_SESSION
*Session
,
83 const VOID
*GeneratedSid
,
93 NULL_CHECK(GeneratedSid
);
96 Ret
= OpalStartSession(
102 OPAL_ADMIN_SP_SID_AUTHORITY
,
105 if (Ret
!= TcgResultSuccess
|| MethodStatus
!= TCG_METHOD_STATUS_CODE_SUCCESS
) {
106 DEBUG ((DEBUG_INFO
, "start session with admin SP as SID authority failed: Ret=%d MethodStatus=%u\n", Ret
, MethodStatus
));
111 // 1. Update SID = new Password
113 Ret
= OpalSetPassword(
115 OPAL_UID_ADMIN_SP_C_PIN_SID
,
121 if (Ret
!= TcgResultSuccess
|| MethodStatus
!= TCG_METHOD_STATUS_CODE_SUCCESS
) {
122 OpalEndSession(Session
);
123 DEBUG ((DEBUG_INFO
, "set Password failed: Ret=%d MethodStatus=%u\n", Ret
, MethodStatus
));
128 // 2. Activate locking SP
130 Ret
= OpalActivateLockingSp(Session
, &MethodStatus
);
131 OpalEndSession(Session
);
132 if (Ret
!= TcgResultSuccess
|| MethodStatus
!= TCG_METHOD_STATUS_CODE_SUCCESS
) {
133 DEBUG ((DEBUG_INFO
, "activate locking SP failed: Ret=%d MethodStatus=%u\n", Ret
, MethodStatus
));
138 if (MethodStatus
!= TCG_METHOD_STATUS_CODE_SUCCESS
) {
139 Ret
= TcgResultFailure
;
146 Opens a session with OPAL_UID_LOCKING_SP as OPAL_LOCKING_SP_ADMIN1_AUTHORITY,
147 and updates the specified locking range with the provided column values
149 @param[in] Session, The session info for one opal device.
150 @param[in] Password New admin password to set
151 @param[in] PassLength Length of password in bytes
152 @param[in] LockingRangeUid Locking range UID to set values
153 @param[in] RangeStart Value to set RangeStart column for Locking Range
154 @param[in] RangeLength Value to set RangeLength column for Locking Range
155 @param[in] ReadLockEnabled Value to set readLockEnabled column for Locking Range
156 @param[in] WriteLockEnabled Value to set writeLockEnabled column for Locking Range
157 @param[in] ReadLocked Value to set ReadLocked column for Locking Range
158 @param[in] WriteLocked Value to set WriteLocked column for Locking Range
163 OpalUtilSetOpalLockingRange(
164 OPAL_SESSION
*Session
,
165 const VOID
*Password
,
167 TCG_UID LockingRangeUid
,
170 BOOLEAN ReadLockEnabled
,
171 BOOLEAN WriteLockEnabled
,
180 NULL_CHECK(Password
);
183 // Start session with Locking SP using current admin Password
185 Ret
= OpalStartSession(
191 OPAL_LOCKING_SP_ADMIN1_AUTHORITY
,
193 if ((Ret
!= TcgResultSuccess
) || (MethodStatus
!= TCG_METHOD_STATUS_CODE_SUCCESS
)) {
194 DEBUG ((DEBUG_INFO
, "start session with locking SP failed: Ret=%d MethodStatus=%u\n", Ret
, MethodStatus
));
199 // Enable locking range
201 Ret
= OpalSetLockingRange(
212 OpalEndSession(Session
);
213 if (Ret
!= TcgResultSuccess
|| MethodStatus
!= TCG_METHOD_STATUS_CODE_SUCCESS
) {
214 DEBUG ((DEBUG_INFO
, "set locking range failed: Ret=%d MethodStatus=0x%x\n", Ret
, MethodStatus
));
218 if (MethodStatus
!= TCG_METHOD_STATUS_CODE_SUCCESS
) {
219 Ret
= TcgResultFailure
;
225 Opens a session with OPAL_UID_ADMIN_SP as OPAL_ADMIN_SP_SID_AUTHORITY,
226 sets OPAL_UID_ADMIN_SP_C_PIN_SID with the new password,
227 and sets OPAL_LOCKING_SP_C_PIN_ADMIN1 with the new password.
229 @param[in] Session, The session info for one opal device.
230 @param[in] OldPassword Current admin password
231 @param[in] OldPasswordLength Length of current admin password in bytes
232 @param[in] NewPassword New admin password to set
233 @param[in] NewPasswordLength Length of new password in bytes
238 OpalUtilSetAdminPassword(
239 OPAL_SESSION
*Session
,
240 const VOID
*OldPassword
,
241 UINT32 OldPasswordLength
,
242 const VOID
*NewPassword
,
243 UINT32 NewPasswordLength
250 NULL_CHECK(OldPassword
);
251 NULL_CHECK(NewPassword
);
256 Ret
= OpalStartSession(
262 OPAL_ADMIN_SP_SID_AUTHORITY
,
265 if (Ret
!= TcgResultSuccess
|| MethodStatus
!= TCG_METHOD_STATUS_CODE_SUCCESS
) {
266 DEBUG ((DEBUG_INFO
, "start session with admin SP using old Password failed\n"));
271 // Update SID = new pw
273 Ret
= OpalSetPassword(Session
, OPAL_UID_ADMIN_SP_C_PIN_SID
, NewPassword
, NewPasswordLength
, &MethodStatus
);
274 OpalEndSession(Session
);
275 if (Ret
!= TcgResultSuccess
|| MethodStatus
!= TCG_METHOD_STATUS_CODE_SUCCESS
) {
276 DEBUG ((DEBUG_INFO
, "set new admin SP Password failed\n"));
280 Ret
= OpalStartSession(
286 OPAL_LOCKING_SP_ADMIN1_AUTHORITY
,
289 if (Ret
!= TcgResultSuccess
|| MethodStatus
!= TCG_METHOD_STATUS_CODE_SUCCESS
) {
290 DEBUG ((DEBUG_INFO
, "start session with locking SP using old Password failed\n"));
295 // Update admin locking SP to new pw
297 Ret
= OpalSetPassword(Session
, OPAL_LOCKING_SP_C_PIN_ADMIN1
, NewPassword
, NewPasswordLength
, &MethodStatus
);
298 OpalEndSession(Session
);
299 if (Ret
!= TcgResultSuccess
|| MethodStatus
!= TCG_METHOD_STATUS_CODE_SUCCESS
) {
300 DEBUG ((DEBUG_INFO
, "set new locking SP Password failed\n"));
305 if (MethodStatus
!= TCG_METHOD_STATUS_CODE_SUCCESS
) {
306 Ret
= TcgResultFailure
;
312 Starts a session with OPAL_UID_LOCKING_SP as OPAL_LOCKING_SP_USER1_AUTHORITY or OPAL_LOCKING_SP_ADMIN1_AUTHORITY
313 and sets the User1 SP authority to enabled and sets the User1 password.
315 @param[in] Session, The session info for one opal device.
316 @param[in] OldPassword Current admin password
317 @param[in] OldPasswordLength Length of current admin password in bytes
318 @param[in] NewPassword New admin password to set
319 @param[in] NewPasswordLength Length of new password in bytes
324 OpalUtilSetUserPassword(
325 OPAL_SESSION
*Session
,
326 const VOID
*OldPassword
,
327 UINT32 OldPasswordLength
,
328 const VOID
*NewPassword
,
329 UINT32 NewPasswordLength
336 NULL_CHECK(OldPassword
);
337 NULL_CHECK(NewPassword
);
340 // See if updating user1 authority
342 Ret
= OpalStartSession(
348 OPAL_LOCKING_SP_USER1_AUTHORITY
,
351 if (Ret
== TcgResultSuccess
&& MethodStatus
== TCG_METHOD_STATUS_CODE_SUCCESS
) {
352 Ret
= OpalSetPassword(
354 OPAL_LOCKING_SP_C_PIN_USER1
,
359 OpalEndSession(Session
);
360 if (Ret
== TcgResultSuccess
&& MethodStatus
== TCG_METHOD_STATUS_CODE_SUCCESS
) {
366 // Setting Password for first time or setting Password as admin
370 // Start session with Locking SP using current admin Password
372 Ret
= OpalStartSession(
378 OPAL_LOCKING_SP_ADMIN1_AUTHORITY
,
381 if (Ret
!= TcgResultSuccess
|| MethodStatus
!= TCG_METHOD_STATUS_CODE_SUCCESS
) {
382 DEBUG ((DEBUG_INFO
, "StartSession with locking SP as admin1 authority failed\n"));
387 // Enable User1 and set its PIN
389 Ret
= OpalSetLockingSpAuthorityEnabledAndPin(
391 OPAL_LOCKING_SP_C_PIN_USER1
,
392 OPAL_LOCKING_SP_USER1_AUTHORITY
,
397 OpalEndSession(Session
);
398 if (Ret
!= TcgResultSuccess
|| MethodStatus
!= TCG_METHOD_STATUS_CODE_SUCCESS
) {
399 DEBUG ((DEBUG_INFO
, "OpalSetLockingSpAuthorityEnabledAndPin failed\n"));
404 if (MethodStatus
!= TCG_METHOD_STATUS_CODE_SUCCESS
) {
405 Ret
= TcgResultFailure
;
411 Verify whether user input the correct password.
413 @param[in] Session, The session info for one opal device.
414 @param[in] Password Admin password
415 @param[in] PasswordLength Length of password in bytes
416 @param[in/out] HostSigningAuthority Use the Host signing authority type.
421 OpalUtilVerifyPassword (
422 OPAL_SESSION
*Session
,
423 const VOID
*Password
,
424 UINT32 PasswordLength
,
425 TCG_UID HostSigningAuthority
432 NULL_CHECK(Password
);
434 Ret
= OpalStartSession(
440 HostSigningAuthority
,
442 if (Ret
== TcgResultSuccess
&& MethodStatus
== TCG_METHOD_STATUS_CODE_SUCCESS
) {
443 OpalEndSession(Session
);
444 return TcgResultSuccess
;
447 return TcgResultFailure
;
451 Starts a session with OPAL_UID_LOCKING_SP as OPAL_LOCKING_SP_USER1_AUTHORITY or OPAL_LOCKING_SP_ADMIN1_AUTHORITY
452 and generates a new global locking range key to erase the Data.
454 @param[in] Session, The session info for one opal device.
455 @param[in] Password Admin or user password
456 @param[in] PasswordLength Length of password in bytes
457 @param[in/out] PasswordFailed indicates if password failed (start session didn't work)
463 OPAL_SESSION
*Session
,
464 const VOID
*Password
,
465 UINT32 PasswordLength
,
466 BOOLEAN
*PasswordFailed
473 NULL_CHECK(Password
);
474 NULL_CHECK(PasswordFailed
);
477 // Try to generate a new key with admin1
479 Ret
= OpalStartSession(
485 OPAL_LOCKING_SP_ADMIN1_AUTHORITY
,
489 if (Ret
== TcgResultSuccess
&& MethodStatus
== TCG_METHOD_STATUS_CODE_SUCCESS
) {
490 Ret
= OpalGlobalLockingRangeGenKey(Session
, &MethodStatus
);
491 *PasswordFailed
= FALSE
;
492 OpalEndSession(Session
);
495 // Try to generate a new key with user1
497 Ret
= OpalStartSession(
503 OPAL_LOCKING_SP_USER1_AUTHORITY
,
507 if (Ret
== TcgResultSuccess
&& MethodStatus
== TCG_METHOD_STATUS_CODE_SUCCESS
) {
508 Ret
= OpalGlobalLockingRangeGenKey(Session
, &MethodStatus
);
509 *PasswordFailed
= FALSE
;
510 OpalEndSession(Session
);
512 *PasswordFailed
= TRUE
;
516 if (MethodStatus
!= TCG_METHOD_STATUS_CODE_SUCCESS
) {
517 Ret
= TcgResultFailure
;
523 Starts a session with OPAL_UID_LOCKING_SP as OPAL_LOCKING_SP_ADMIN1_AUTHORITY and disables the User1 authority.
525 @param[in] Session, The session info for one opal device.
526 @param[in] Password Admin password
527 @param[in] PasswordLength Length of password in bytes
528 @param[in/out] PasswordFailed indicates if password failed (start session didn't work)
534 OPAL_SESSION
*Session
,
535 const VOID
*Password
,
536 UINT32 PasswordLength
,
537 BOOLEAN
*PasswordFailed
544 NULL_CHECK(Password
);
545 NULL_CHECK(PasswordFailed
);
548 // Start session with Locking SP using current admin Password
550 Ret
= OpalStartSession(
556 OPAL_LOCKING_SP_ADMIN1_AUTHORITY
,
559 if (Ret
!= TcgResultSuccess
|| MethodStatus
!= TCG_METHOD_STATUS_CODE_SUCCESS
) {
560 DEBUG ((DEBUG_INFO
, "StartSession with Locking SP as Admin1 failed\n"));
561 *PasswordFailed
= TRUE
;
565 *PasswordFailed
= FALSE
;
566 Ret
= OpalDisableUser(Session
, &MethodStatus
);
567 OpalEndSession(Session
);
570 if (MethodStatus
!= TCG_METHOD_STATUS_CODE_SUCCESS
) {
571 Ret
= TcgResultFailure
;
577 Opens a session with OPAL_UID_ADMIN_SP as OPAL_ADMIN_SP_PSID_AUTHORITY, then reverts the device using the RevertSP method.
579 @param[in] Session, The session info for one opal device.
580 @param[in] KeepUserData TRUE to keep existing Data on the disk, or FALSE to erase it
581 @param[in] Password Admin password
582 @param[in] PasswordLength Length of password in bytes
583 @param[in/out] PasswordFailed indicates if password failed (start session didn't work)
584 @param[in] Msid Msid info.
585 @param[in] MsidLength Msid data length.
591 OPAL_SESSION
*Session
,
592 BOOLEAN KeepUserData
,
593 const VOID
*Password
,
594 UINT32 PasswordLength
,
595 BOOLEAN
*PasswordFailed
,
602 UINT32 RemovalTimeOut
;
606 NULL_CHECK(Password
);
607 NULL_CHECK(PasswordFailed
);
609 RemovalTimeOut
= GetRevertTimeOut (Session
);
610 DEBUG ((DEBUG_INFO
, "OpalUtilRevert: Timeout value = %d\n", RemovalTimeOut
));
612 Ret
= OpalStartSession(
618 OPAL_LOCKING_SP_ADMIN1_AUTHORITY
,
622 if (Ret
!= TcgResultSuccess
|| MethodStatus
!= TCG_METHOD_STATUS_CODE_SUCCESS
) {
623 DEBUG ((DEBUG_INFO
, "error starting session: Ret=%d, MethodStatus=%u\n", Ret
, MethodStatus
));
624 *PasswordFailed
= TRUE
;
628 *PasswordFailed
= FALSE
;
630 // Try to revert with admin1
632 Ret
= OpalPyrite2AdminRevert(Session
, KeepUserData
, &MethodStatus
, RemovalTimeOut
);
633 if (Ret
!= TcgResultSuccess
|| MethodStatus
!= TCG_METHOD_STATUS_CODE_SUCCESS
) {
635 // Device ends the session on successful revert, so only call OpalEndSession when fail.
637 DEBUG ((DEBUG_INFO
, "OpalAdminRevert as admin failed\n"));
638 OpalEndSession(Session
);
641 Ret
= OpalUtilSetSIDtoMSID (Session
, Password
, PasswordLength
, Msid
, MsidLength
);
644 if (MethodStatus
!= TCG_METHOD_STATUS_CODE_SUCCESS
) {
645 Ret
= TcgResultFailure
;
651 After revert success, set SID to MSID.
653 @param Session, The session info for one opal device.
654 @param Password, Input password info.
655 @param PasswordLength, Input password length.
656 @param Msid Msid info.
657 @param MsidLength Msid data length.
662 OpalUtilSetSIDtoMSID (
663 OPAL_SESSION
*Session
,
664 const VOID
*Password
,
665 UINT32 PasswordLength
,
675 NULL_CHECK(Password
);
678 // Start session with admin sp to update SID to MSID
680 Ret
= OpalStartSession(
686 OPAL_ADMIN_SP_SID_AUTHORITY
,
689 if (Ret
!= TcgResultSuccess
|| MethodStatus
!= TCG_METHOD_STATUS_CODE_SUCCESS
) {
696 Ret
= OpalSetPassword(Session
, OPAL_UID_ADMIN_SP_C_PIN_SID
, Msid
, MsidLength
, &MethodStatus
);
697 OpalEndSession(Session
);
700 if (MethodStatus
!= TCG_METHOD_STATUS_CODE_SUCCESS
) {
701 Ret
= TcgResultFailure
;
708 Update global locking range.
710 @param Session, The session info for one opal device.
711 @param Password, Input password info.
712 @param PasswordLength, Input password length.
713 @param ReadLocked, Read lock info.
714 @param WriteLocked write lock info.
719 OpalUtilUpdateGlobalLockingRange(
720 OPAL_SESSION
*Session
,
721 const VOID
*Password
,
722 UINT32 PasswordLength
,
731 NULL_CHECK(Password
);
734 // Try to start session with Locking SP as admin1 authority
736 Ret
= OpalStartSession(
742 OPAL_LOCKING_SP_ADMIN1_AUTHORITY
,
745 if (Ret
== TcgResultSuccess
&& MethodStatus
== TCG_METHOD_STATUS_CODE_SUCCESS
) {
746 Ret
= OpalUpdateGlobalLockingRange(
752 OpalEndSession(Session
);
753 if (Ret
== TcgResultSuccess
&& MethodStatus
== TCG_METHOD_STATUS_CODE_SUCCESS
) {
758 if (MethodStatus
== TCG_METHOD_STATUS_CODE_AUTHORITY_LOCKED_OUT
) {
759 DEBUG ((DEBUG_INFO
, "unlock as admin failed with AUTHORITY_LOCKED_OUT\n"));
763 // Try user1 authority
765 Ret
= OpalStartSession(
771 OPAL_LOCKING_SP_USER1_AUTHORITY
,
774 if (Ret
!= TcgResultSuccess
|| MethodStatus
!= TCG_METHOD_STATUS_CODE_SUCCESS
) {
775 DEBUG ((DEBUG_INFO
, "StartSession with Locking SP as User1 failed\n"));
779 Ret
= OpalUpdateGlobalLockingRange(Session
, ReadLocked
, WriteLocked
, &MethodStatus
);
780 OpalEndSession(Session
);
783 if (MethodStatus
!= TCG_METHOD_STATUS_CODE_SUCCESS
) {
784 if (MethodStatus
== TCG_METHOD_STATUS_CODE_AUTHORITY_LOCKED_OUT
) {
786 // Caller need to know this special error, but return status not has type for it.
787 // so here use TcgResultFailureInvalidType as an replacement.
789 Ret
= TcgResultFailureInvalidType
;
791 Ret
= TcgResultFailure
;
798 Update global locking range.
800 @param Session, The session info for one opal device.
801 @param Msid, The data buffer to save Msid info.
802 @param MsidBufferLength, The data buffer length for Msid.
803 @param MsidLength, The actual data length for Msid.
809 OPAL_SESSION
*Session
,
811 UINT32 MsidBufferLength
,
820 NULL_CHECK(MsidLength
);
822 Ret
= OpalStartSession(
831 if ((Ret
== TcgResultSuccess
) && (MethodStatus
== TCG_METHOD_STATUS_CODE_SUCCESS
)) {
832 Ret
= OpalGetMsid (Session
, MsidBufferLength
, Msid
, MsidLength
);
833 OpalEndSession (Session
);
836 if (MethodStatus
!= TCG_METHOD_STATUS_CODE_SUCCESS
) {
837 Ret
= TcgResultFailure
;
845 The function determines who owns the device by attempting to start a session with different credentials.
846 If the SID PIN matches the MSID PIN, the no one owns the device.
847 If the SID PIN matches the ourSidPin, then "Us" owns the device. Otherwise it is unknown.
850 @param[in] Session The session info for one opal device.
851 @param Msid, The Msid info.
852 @param MsidLength, The data length for Msid.
857 OpalUtilDetermineOwnership(
858 OPAL_SESSION
*Session
,
865 OPAL_OWNER_SHIP Owner
;
867 if ((Session
== NULL
) || (Msid
== NULL
)) {
868 return OpalOwnershipUnknown
;
871 Owner
= OpalOwnershipUnknown
;
873 // Start Session as SID_UID with ADMIN_SP using MSID PIN
875 Ret
= OpalStartSession(
881 OPAL_ADMIN_SP_SID_AUTHORITY
,
883 if ((Ret
== TcgResultSuccess
) && (MethodStatus
== TCG_METHOD_STATUS_CODE_SUCCESS
)) {
885 // now we know that SID PIN == MSID PIN
887 Owner
= OpalOwnershipNobody
;
889 OpalEndSession(Session
);
897 The function returns if admin password exists.
899 @param[in] OwnerShip The owner ship of the opal device.
900 @param[in] LockingFeature The locking info of the opal device.
902 @retval TRUE Admin password existed.
903 @retval FALSE Admin password not existed.
908 OpalUtilAdminPasswordExists(
910 IN TCG_LOCKING_FEATURE_DESCRIPTOR
*LockingFeature
913 NULL_CHECK(LockingFeature
);
915 // if it is Unknown who owns the device
916 // then someone has set password previously through our UI
917 // because the SID would no longer match the generated SID (ownership us)
918 // or someone has set password using 3rd party software
921 // Locking sp enabled is checked b/c it must be enabled to change the PIN of the Admin1.
923 return (OwnerShip
== OpalOwnershipUnknown
&& LockingFeature
->LockingEnabled
);
927 Get Active Data Removal Mechanism Value.
929 @param[in] Session The session info for one opal device.
930 @param[in] GeneratedSid Generated SID of disk
931 @param[in] SidLength Length of generatedSid in bytes
932 @param[out] ActiveDataRemovalMechanism Return the active data removal mechanism.
937 OpalUtilGetActiveDataRemovalMechanism (
938 OPAL_SESSION
*Session
,
939 const VOID
*GeneratedSid
,
941 UINT8
*ActiveDataRemovalMechanism
948 NULL_CHECK(GeneratedSid
);
949 NULL_CHECK(ActiveDataRemovalMechanism
);
951 Ret
= OpalStartSession(
957 OPAL_ADMIN_SP_ANYBODY_AUTHORITY
,
960 if (Ret
!= TcgResultSuccess
|| MethodStatus
!= TCG_METHOD_STATUS_CODE_SUCCESS
) {
961 DEBUG ((DEBUG_INFO
, "Start session with admin SP as SID authority failed: Ret=%d MethodStatus=%u\n", Ret
, MethodStatus
));
962 if (MethodStatus
!= TCG_METHOD_STATUS_CODE_SUCCESS
) {
963 Ret
= TcgResultFailure
;
968 Ret
= OpalPyrite2GetActiveDataRemovalMechanism (
970 ActiveDataRemovalMechanism
973 if (Ret
!= TcgResultSuccess
) {
974 DEBUG ((DEBUG_INFO
, "Pyrite2 Get Active Data Removal Mechanism failed: Ret=%d\n", Ret
));
977 OpalEndSession(Session
);
983 Calculate the estimated time.
985 @param[in] IsMinute Whether the input time value is minute type or second type.
986 @param[in] Time The input time value.
990 CalculateDataRemovalTime (
996 return Time
* 2 * 60;
1003 Return the estimated time for specific type.
1005 @param[in] Index The input data removal type.
1006 @param[in] Descriptor DATA_REMOVAL_FEATURE_DESCRIPTOR
1010 GetDataRemovalTime (
1012 IN DATA_REMOVAL_FEATURE_DESCRIPTOR
*Descriptor
1016 case OverwriteDataErase
:
1017 return CalculateDataRemovalTime (Descriptor
->FormatBit0
, SwapBytes16 (Descriptor
->TimeBit0
));
1020 return CalculateDataRemovalTime (Descriptor
->FormatBit1
, SwapBytes16 (Descriptor
->TimeBit1
));
1023 return CalculateDataRemovalTime (Descriptor
->FormatBit2
, SwapBytes16 (Descriptor
->TimeBit2
));
1026 return CalculateDataRemovalTime (Descriptor
->FormatBit3
, SwapBytes16 (Descriptor
->TimeBit3
));
1028 case ResetWritePointers
:
1029 return CalculateDataRemovalTime (Descriptor
->FormatBit4
, SwapBytes16 (Descriptor
->TimeBit4
));
1031 case VendorSpecificErase
:
1032 return CalculateDataRemovalTime (Descriptor
->FormatBit5
, SwapBytes16 (Descriptor
->TimeBit5
));
1040 Get the supported Data Removal Mechanism list.
1042 @param[in] Session The session info for one opal device.
1043 @param[out] RemovalMechanismLists Return the supported data removal mechanism lists.
1048 OpalUtilGetDataRemovalMechanismLists (
1049 IN OPAL_SESSION
*Session
,
1050 OUT UINT32
*RemovalMechanismLists
1055 DATA_REMOVAL_FEATURE_DESCRIPTOR Descriptor
;
1059 NULL_CHECK(Session
);
1060 NULL_CHECK(RemovalMechanismLists
);
1062 DataSize
= sizeof (Descriptor
);
1063 Ret
= OpalGetFeatureDescriptor (Session
, TCG_FEATURE_DATA_REMOVAL
, &DataSize
, &Descriptor
);
1064 if (Ret
!= TcgResultSuccess
) {
1065 return TcgResultFailure
;
1068 ASSERT (Descriptor
.RemovalMechanism
!= 0);
1070 for (Index
= 0; Index
< ResearvedMechanism
; Index
++) {
1071 BitValue
= (BOOLEAN
) BitFieldRead8 (Descriptor
.RemovalMechanism
, Index
, Index
);
1073 if (BitValue
== 0) {
1074 RemovalMechanismLists
[Index
] = 0;
1076 RemovalMechanismLists
[Index
] = GetDataRemovalTime (Index
, &Descriptor
);
1080 return TcgResultSuccess
;
1084 Get revert timeout value.
1086 @param[in] Session The session info for one opal device.
1091 IN OPAL_SESSION
*Session
1094 TCG_RESULT TcgResult
;
1095 OPAL_DISK_SUPPORT_ATTRIBUTE SupportedAttributes
;
1098 UINT8 Msid
[OPAL_MSID_LENGTH
];
1099 UINT32 RemovalMechanishLists
[ResearvedMechanism
];
1100 UINT8 ActiveDataRemovalMechanism
;
1102 TcgResult
= OpalGetSupportedAttributesInfo (Session
, &SupportedAttributes
, &BaseComId
);
1103 if (TcgResult
!= TcgResultSuccess
|| SupportedAttributes
.DataRemoval
== 0) {
1107 TcgResult
= OpalUtilGetMsid (Session
, Msid
, OPAL_MSID_LENGTH
, &MsidLength
);
1108 if (TcgResult
!= TcgResultSuccess
) {
1112 TcgResult
= OpalUtilGetDataRemovalMechanismLists (Session
, RemovalMechanishLists
);
1113 if (TcgResult
!= TcgResultSuccess
) {
1117 TcgResult
= OpalUtilGetActiveDataRemovalMechanism (Session
, Msid
, MsidLength
, &ActiveDataRemovalMechanism
);
1118 if (TcgResult
!= TcgResultSuccess
) {
1122 return RemovalMechanishLists
[ActiveDataRemovalMechanism
];