]> git.proxmox.com Git - mirror_edk2.git/blob - SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.h
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
SecurityPkg OpalPassword: Add solution without SMM device code
[mirror_edk2.git] / SecurityPkg / Tcg / Opal / OpalPassword / OpalDriver.h
1 /** @file
2 Values defined and used by the Opal UEFI Driver.
3
4 Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR>
5 This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php
9
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
12
13 **/
14
15 #ifndef _OPAL_DRIVER_H_
16 #define _OPAL_DRIVER_H_
17
18 #include <PiDxe.h>
19
20 #include <IndustryStandard/Pci.h>
21
22 #include <Protocol/PciIo.h>
23 #include <Protocol/SmmCommunication.h>
24 #include <Protocol/BlockIo.h>
25 #include <Protocol/LoadedImage.h>
26 #include <Protocol/DevicePath.h>
27 #include <Protocol/DevicePathToText.h>
28 #include <Protocol/StorageSecurityCommand.h>
29
30 #include <Guid/EventGroup.h>
31
32 #include <Library/UefiLib.h>
33 #include <Library/UefiBootServicesTableLib.h>
34 #include <Library/UefiRuntimeServicesTableLib.h>
35 #include <Library/DxeServicesTableLib.h>
36 #include <Library/BaseMemoryLib.h>
37 #include <Library/MemoryAllocationLib.h>
38 #include <Library/BaseLib.h>
39 #include <Library/PrintLib.h>
40 #include <Library/DebugLib.h>
41 #include <Library/DevicePathLib.h>
42 #include <Library/HiiLib.h>
43 #include <Library/UefiHiiServicesLib.h>
44 #include <Library/PciLib.h>
45 #include <Library/S3BootScriptLib.h>
46 #include <Library/LockBoxLib.h>
47 #include <Library/TcgStorageOpalLib.h>
48 #include <Library/Tcg2PhysicalPresenceLib.h>
49
50 #include "OpalPasswordCommon.h"
51 #include "OpalHiiFormValues.h"
52
53 #define EFI_DRIVER_NAME_UNICODE L"1.0 UEFI Opal Driver"
54
55 // UEFI 2.1
56 #define LANGUAGE_RFC_3066_ENGLISH ((CHAR8*)"en")
57
58 // UEFI/EFI < 2.1
59 #define LANGUAGE_ISO_639_2_ENGLISH ((CHAR8*)"eng")
60
61 #define CONCAT_(x, y) x ## y
62 #define CONCAT(x, y) CONCAT_(x, y)
63
64 #define UNICODE_STR(x) CONCAT( L, x )
65
66 extern EFI_DRIVER_BINDING_PROTOCOL gOpalDriverBinding;
67 extern EFI_COMPONENT_NAME_PROTOCOL gOpalComponentName;
68 extern EFI_COMPONENT_NAME2_PROTOCOL gOpalComponentName2;
69
70 #define OPAL_MSID_LENGHT 128
71
72 #define MAX_PASSWORD_TRY_COUNT 5
73
74 // PSID Length
75 #define PSID_CHARACTER_LENGTH 0x20
76 #define MAX_PSID_TRY_COUNT 5
77
78 #pragma pack(1)
79
80 //
81 // Structure that is used to represent the available actions for an OpalDisk.
82 // The data can then be utilized to expose/hide certain actions available to an end user
83 // by the consumer of this library.
84 //
85 typedef struct {
86 //
87 // Indicates if the disk can support PSID Revert action. should verify disk supports PSID authority
88 //
89 UINT16 PsidRevert : 1;
90
91 //
92 // Indicates if the disk can support Revert action
93 //
94 UINT16 Revert : 1;
95
96 //
97 // Indicates if the user must keep data for revert action. It is true if no media encryption is supported.
98 //
99 UINT16 RevertKeepDataForced : 1;
100
101 //
102 // Indicates if the disk can support set Admin password
103 //
104 UINT16 AdminPass : 1;
105
106 //
107 // Indicates if the disk can support set User password. This action requires that a user
108 // password is first enabled.
109 //
110 UINT16 UserPass : 1;
111
112 //
113 // Indicates if unlock action is available. Requires disk to be currently locked.
114 //
115 UINT16 Unlock : 1;
116
117 //
118 // Indicates if Secure Erase action is available. Action requires admin credentials and media encryption support.
119 //
120 UINT16 SecureErase : 1;
121
122 //
123 // Indicates if Disable User action is available. Action requires admin credentials.
124 //
125 UINT16 DisableUser : 1;
126 } OPAL_DISK_ACTIONS;
127
128 //
129 // Structure that is used to represent an OPAL_DISK.
130 //
131 typedef struct {
132 UINT32 MsidLength; // Byte length of MSID Pin for device
133 UINT8 Msid[OPAL_MSID_LENGHT]; // MSID Pin for device
134 EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *Sscp;
135 UINT32 MediaId; // MediaId is used by Ssc Protocol.
136 EFI_DEVICE_PATH_PROTOCOL *OpalDevicePath;
137 UINT16 OpalBaseComId; // Opal SSC 1 base com id.
138 OPAL_OWNER_SHIP Owner;
139 OPAL_DISK_SUPPORT_ATTRIBUTE SupportedAttributes;
140 TCG_LOCKING_FEATURE_DESCRIPTOR LockingFeature; // Locking Feature Descriptor retrieved from performing a Level 0 Discovery
141 UINT8 PasswordLength;
142 UINT8 Password[OPAL_MAX_PASSWORD_SIZE];
143 } OPAL_DISK;
144
145 //
146 // Device with block IO protocol
147 //
148 typedef struct _OPAL_DRIVER_DEVICE OPAL_DRIVER_DEVICE;
149
150 struct _OPAL_DRIVER_DEVICE {
151 OPAL_DRIVER_DEVICE *Next; ///< Linked list pointer
152 EFI_HANDLE Handle; ///< Device handle
153 OPAL_DISK OpalDisk; ///< User context
154 CHAR16 *Name16; ///< Allocated/freed by UEFI Filter Driver at device creation/removal
155 CHAR8 *NameZ; ///< Allocated/freed by UEFI Filter Driver at device creation/removal
156 UINT32 MediaId; ///< Required parameter for EFI_STORAGE_SECURITY_COMMAND_PROTOCOL, from BLOCK_IO_MEDIA
157
158 EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *Sscp; /// Device protocols consumed
159 EFI_DEVICE_PATH_PROTOCOL *OpalDevicePath;
160 };
161
162 //
163 // Opal Driver UEFI Driver Model
164 //
165 typedef struct {
166 EFI_HANDLE Handle; ///< Driver image handle
167 OPAL_DRIVER_DEVICE *DeviceList; ///< Linked list of controllers owned by this Driver
168 } OPAL_DRIVER;
169
170 #pragma pack()
171
172 //
173 // Retrieves a OPAL_DRIVER_DEVICE based on the pointer to its StorageSecurity protocol.
174 //
175 #define DRIVER_DEVICE_FROM_OPALDISK(OpalDiskPointer) (OPAL_DRIVER_DEVICE*)(BASE_CR(OpalDiskPointer, OPAL_DRIVER_DEVICE, OpalDisk))
176
177 /**
178 Get devcie list info.
179
180 @retval return the device list pointer.
181 **/
182 OPAL_DRIVER_DEVICE*
183 OpalDriverGetDeviceList(
184 VOID
185 );
186
187 /**
188 Get devcie name through the component name protocol.
189
190 @param[in] Dev The device which need to get name.
191
192 @retval TRUE Find the name for this device.
193 @retval FALSE Not found the name for this device.
194 **/
195 BOOLEAN
196 OpalDriverGetDriverDeviceName(
197 OPAL_DRIVER_DEVICE *Dev
198 );
199
200 /**
201 Get current device count.
202
203 @retval return the current created device count.
204
205 **/
206 UINT8
207 GetDeviceCount (
208 VOID
209 );
210
211 /**
212 Update password for the Opal disk.
213
214 @param[in, out] OpalDisk The disk to update password.
215 @param[in] Password The input password.
216 @param[in] PasswordLength The input password length.
217
218 **/
219 VOID
220 OpalSupportUpdatePassword (
221 IN OUT OPAL_DISK *OpalDisk,
222 IN VOID *Password,
223 IN UINT32 PasswordLength
224 );
225
226 /**
227
228 The function performs determines the available actions for the OPAL_DISK provided.
229
230 @param[in] SupportedAttributes The support attribute for the device.
231 @param[in] LockingFeature The locking status for the device.
232 @param[in] OwnerShip The ownership for the device.
233 @param[out] AvalDiskActions Pointer to fill-out with appropriate disk actions.
234
235 **/
236 TCG_RESULT
237 EFIAPI
238 OpalSupportGetAvailableActions(
239 IN OPAL_DISK_SUPPORT_ATTRIBUTE *SupportedAttributes,
240 IN TCG_LOCKING_FEATURE_DESCRIPTOR *LockingFeature,
241 IN UINT16 OwnerShip,
242 OUT OPAL_DISK_ACTIONS *AvalDiskActions
243 );
244
245 /**
246 Enable Opal Feature for the input device.
247
248 @param[in] Session The opal session for the opal device.
249 @param[in] Msid Msid
250 @param[in] MsidLength Msid Length
251 @param[in] Password Admin password
252 @param[in] PassLength Length of password in bytes
253
254 **/
255 TCG_RESULT
256 EFIAPI
257 OpalSupportEnableOpalFeature (
258 IN OPAL_SESSION *Session,
259 IN VOID *Msid,
260 IN UINT32 MsidLength,
261 IN VOID *Password,
262 IN UINT32 PassLength
263 );
264
265 /**
266 Unloads UEFI Driver. Very useful for debugging and testing.
267
268 @param ImageHandle Image handle this driver.
269
270 @retval EFI_SUCCESS This function always complete successfully.
271 @retval EFI_INVALID_PARAMETER The input ImageHandle is not valid.
272 **/
273 EFI_STATUS
274 EFIAPI
275 EfiDriverUnload(
276 EFI_HANDLE ImageHandle
277 );
278
279
280 /**
281 Test to see if this driver supports Controller.
282
283 @param This Protocol instance pointer.
284 @param ControllerHandle Handle of device to test
285 @param RemainingDevicePath Optional parameter use to pick a specific child
286 device to start.
287
288 @retval EFI_SUCCESS This driver supports this device.
289 @retval EFI_ALREADY_STARTED This driver is already running on this device.
290 @retval other This driver does not support this device.
291
292 **/
293 EFI_STATUS
294 EFIAPI
295 OpalEfiDriverBindingSupported(
296 EFI_DRIVER_BINDING_PROTOCOL* This,
297 EFI_HANDLE Controller,
298 EFI_DEVICE_PATH_PROTOCOL* RemainingDevicePath
299 );
300
301 /**
302 Enables Opal Management on a supported device if available.
303
304 The start function is designed to be called after the Opal UEFI Driver has confirmed the
305 "controller", which is a child handle, contains the EF_STORAGE_SECURITY_COMMAND protocols.
306 This function will complete the other necessary checks, such as verifying the device supports
307 the correct version of Opal. Upon verification, it will add the device to the
308 Opal HII list in order to expose Opal managmeent options.
309
310 @param[in] This A pointer to the EFI_DRIVER_BINDING_PROTOCOL instance.
311 @param[in] ControllerHandle The handle of the controller to start. This handle
312 must support a protocol interface that supplies
313 an I/O abstraction to the driver.
314 @param[in] RemainingDevicePath A pointer to the remaining portion of a device path. This
315 parameter is ignored by device drivers, and is optional for bus
316 drivers. For a bus driver, if this parameter is NULL, then handles
317 for all the children of Controller are created by this driver.
318 If this parameter is not NULL and the first Device Path Node is
319 not the End of Device Path Node, then only the handle for the
320 child device specified by the first Device Path Node of
321 RemainingDevicePath is created by this driver.
322 If the first Device Path Node of RemainingDevicePath is
323 the End of Device Path Node, no child handle is created by this
324 driver.
325
326 @retval EFI_SUCCESS Opal management was enabled.
327 @retval EFI_DEVICE_ERROR The device could not be started due to a device error.Currently not implemented.
328 @retval EFI_OUT_OF_RESOURCES The request could not be completed due to a lack of resources.
329 @retval Others The driver failed to start the device.
330
331 **/
332 EFI_STATUS
333 EFIAPI
334 OpalEfiDriverBindingStart(
335 EFI_DRIVER_BINDING_PROTOCOL* This,
336 EFI_HANDLE Controller,
337 EFI_DEVICE_PATH_PROTOCOL* RemainingDevicePath
338 );
339
340 /**
341 Stop this driver on Controller.
342
343 @param This Protocol instance pointer.
344 @param Controller Handle of device to stop driver on
345 @param NumberOfChildren Number of Handles in ChildHandleBuffer. If number of
346 children is zero stop the entire bus driver.
347 @param ChildHandleBuffer List of Child Handles to Stop.
348
349 @retval EFI_SUCCESS This driver is removed Controller.
350 @retval other This driver could not be removed from this device.
351
352 **/
353 EFI_STATUS
354 EFIAPI
355 OpalEfiDriverBindingStop(
356 EFI_DRIVER_BINDING_PROTOCOL* This,
357 EFI_HANDLE Controller,
358 UINTN NumberOfChildren,
359 EFI_HANDLE* ChildHandleBuffer
360 );
361
362 /**
363 Retrieves a Unicode string that is the user readable name of the driver.
364
365 This function retrieves the user readable name of a driver in the form of a
366 Unicode string. If the driver specified by This has a user readable name in
367 the language specified by Language, then a pointer to the driver name is
368 returned in DriverName, and EFI_SUCCESS is returned. If the driver specified
369 by This does not support the language specified by Language,
370 then EFI_UNSUPPORTED is returned.
371
372 @param This[in] A pointer to the EFI_COMPONENT_NAME2_PROTOCOL or
373 EFI_COMPONENT_NAME_PROTOCOL instance.
374
375 @param Language[in] A pointer to a Null-terminated ASCII string
376 array indicating the language. This is the
377 language of the driver name that the caller is
378 requesting, and it must match one of the
379 languages specified in SupportedLanguages. The
380 number of languages supported by a driver is up
381 to the driver writer. Language is specified
382 in RFC 4646 or ISO 639-2 language code format.
383
384 @param DriverName[out] A pointer to the Unicode string to return.
385 This Unicode string is the name of the
386 driver specified by This in the language
387 specified by Language.
388
389 @retval EFI_SUCCESS The Unicode string for the Driver specified by
390 This and the language specified by Language was
391 returned in DriverName.
392
393 @retval EFI_INVALID_PARAMETER Language is NULL.
394
395 @retval EFI_INVALID_PARAMETER DriverName is NULL.
396
397 @retval EFI_UNSUPPORTED The driver specified by This does not support
398 the language specified by Language.
399
400 **/
401 EFI_STATUS
402 EFIAPI
403 OpalEfiDriverComponentNameGetDriverName(
404 EFI_COMPONENT_NAME_PROTOCOL* This,
405 CHAR8* Language,
406 CHAR16** DriverName
407 );
408
409 /**
410 Retrieves a Unicode string that is the user readable name of the controller
411 that is being managed by a driver.
412
413 This function retrieves the user readable name of the controller specified by
414 ControllerHandle and ChildHandle in the form of a Unicode string. If the
415 driver specified by This has a user readable name in the language specified by
416 Language, then a pointer to the controller name is returned in ControllerName,
417 and EFI_SUCCESS is returned. If the driver specified by This is not currently
418 managing the controller specified by ControllerHandle and ChildHandle,
419 then EFI_UNSUPPORTED is returned. If the driver specified by This does not
420 support the language specified by Language, then EFI_UNSUPPORTED is returned.
421
422 @param This[in] A pointer to the EFI_COMPONENT_NAME2_PROTOCOL or
423 EFI_COMPONENT_NAME_PROTOCOL instance.
424
425 @param ControllerHandle[in] The handle of a controller that the driver
426 specified by This is managing. This handle
427 specifies the controller whose name is to be
428 returned.
429
430 @param ChildHandle[in] The handle of the child controller to retrieve
431 the name of. This is an optional parameter that
432 may be NULL. It will be NULL for device
433 drivers. It will also be NULL for a bus drivers
434 that wish to retrieve the name of the bus
435 controller. It will not be NULL for a bus
436 driver that wishes to retrieve the name of a
437 child controller.
438
439 @param Language[in] A pointer to a Null-terminated ASCII string
440 array indicating the language. This is the
441 language of the driver name that the caller is
442 requesting, and it must match one of the
443 languages specified in SupportedLanguages. The
444 number of languages supported by a driver is up
445 to the driver writer. Language is specified in
446 RFC 4646 or ISO 639-2 language code format.
447
448 @param ControllerName[out] A pointer to the Unicode string to return.
449 This Unicode string is the name of the
450 controller specified by ControllerHandle and
451 ChildHandle in the language specified by
452 Language from the point of view of the driver
453 specified by This.
454
455 @retval EFI_SUCCESS The Unicode string for the user readable name in
456 the language specified by Language for the
457 driver specified by This was returned in
458 DriverName.
459
460 @retval EFI_INVALID_PARAMETER ControllerHandle is NULL.
461
462 @retval EFI_INVALID_PARAMETER ChildHandle is not NULL and it is not a valid
463 EFI_HANDLE.
464
465 @retval EFI_INVALID_PARAMETER Language is NULL.
466
467 @retval EFI_INVALID_PARAMETER ControllerName is NULL.
468
469 @retval EFI_UNSUPPORTED The driver specified by This is not currently
470 managing the controller specified by
471 ControllerHandle and ChildHandle.
472
473 @retval EFI_UNSUPPORTED The driver specified by This does not support
474 the language specified by Language.
475
476 **/
477 EFI_STATUS
478 EFIAPI
479 OpalEfiDriverComponentNameGetControllerName(
480 EFI_COMPONENT_NAME_PROTOCOL* This,
481 EFI_HANDLE ControllerHandle,
482 EFI_HANDLE ChildHandle,
483 CHAR8* Language,
484 CHAR16** ControllerName
485 );
486
487 /**
488 Retrieves a Unicode string that is the user readable name of the driver.
489
490 This function retrieves the user readable name of a driver in the form of a
491 Unicode string. If the driver specified by This has a user readable name in
492 the language specified by Language, then a pointer to the driver name is
493 returned in DriverName, and EFI_SUCCESS is returned. If the driver specified
494 by This does not support the language specified by Language,
495 then EFI_UNSUPPORTED is returned.
496
497 @param This[in] A pointer to the EFI_COMPONENT_NAME2_PROTOCOL or
498 EFI_COMPONENT_NAME_PROTOCOL instance.
499
500 @param Language[in] A pointer to a Null-terminated ASCII string
501 array indicating the language. This is the
502 language of the driver name that the caller is
503 requesting, and it must match one of the
504 languages specified in SupportedLanguages. The
505 number of languages supported by a driver is up
506 to the driver writer. Language is specified
507 in RFC 4646 or ISO 639-2 language code format.
508
509 @param DriverName[out] A pointer to the Unicode string to return.
510 This Unicode string is the name of the
511 driver specified by This in the language
512 specified by Language.
513
514 @retval EFI_SUCCESS The Unicode string for the Driver specified by
515 This and the language specified by Language was
516 returned in DriverName.
517
518 @retval EFI_INVALID_PARAMETER Language is NULL.
519
520 @retval EFI_INVALID_PARAMETER DriverName is NULL.
521
522 @retval EFI_UNSUPPORTED The driver specified by This does not support
523 the language specified by Language.
524
525 **/
526 EFI_STATUS
527 EFIAPI
528 OpalEfiDriverComponentName2GetDriverName(
529 EFI_COMPONENT_NAME2_PROTOCOL* This,
530 CHAR8* Language,
531 CHAR16** DriverName
532 );
533
534 /**
535 Retrieves a Unicode string that is the user readable name of the controller
536 that is being managed by a driver.
537
538 This function retrieves the user readable name of the controller specified by
539 ControllerHandle and ChildHandle in the form of a Unicode string. If the
540 driver specified by This has a user readable name in the language specified by
541 Language, then a pointer to the controller name is returned in ControllerName,
542 and EFI_SUCCESS is returned. If the driver specified by This is not currently
543 managing the controller specified by ControllerHandle and ChildHandle,
544 then EFI_UNSUPPORTED is returned. If the driver specified by This does not
545 support the language specified by Language, then EFI_UNSUPPORTED is returned.
546
547 @param This[in] A pointer to the EFI_COMPONENT_NAME2_PROTOCOL or
548 EFI_COMPONENT_NAME_PROTOCOL instance.
549
550 @param ControllerHandle[in] The handle of a controller that the driver
551 specified by This is managing. This handle
552 specifies the controller whose name is to be
553 returned.
554
555 @param ChildHandle[in] The handle of the child controller to retrieve
556 the name of. This is an optional parameter that
557 may be NULL. It will be NULL for device
558 drivers. It will also be NULL for a bus drivers
559 that wish to retrieve the name of the bus
560 controller. It will not be NULL for a bus
561 driver that wishes to retrieve the name of a
562 child controller.
563
564 @param Language[in] A pointer to a Null-terminated ASCII string
565 array indicating the language. This is the
566 language of the driver name that the caller is
567 requesting, and it must match one of the
568 languages specified in SupportedLanguages. The
569 number of languages supported by a driver is up
570 to the driver writer. Language is specified in
571 RFC 4646 or ISO 639-2 language code format.
572
573 @param ControllerName[out] A pointer to the Unicode string to return.
574 This Unicode string is the name of the
575 controller specified by ControllerHandle and
576 ChildHandle in the language specified by
577 Language from the point of view of the driver
578 specified by This.
579
580 @retval EFI_SUCCESS The Unicode string for the user readable name in
581 the language specified by Language for the
582 driver specified by This was returned in
583 DriverName.
584
585 @retval EFI_INVALID_PARAMETER ControllerHandle is NULL.
586
587 @retval EFI_INVALID_PARAMETER ChildHandle is not NULL and it is not a valid
588 EFI_HANDLE.
589
590 @retval EFI_INVALID_PARAMETER Language is NULL.
591
592 @retval EFI_INVALID_PARAMETER ControllerName is NULL.
593
594 @retval EFI_UNSUPPORTED The driver specified by This is not currently
595 managing the controller specified by
596 ControllerHandle and ChildHandle.
597
598 @retval EFI_UNSUPPORTED The driver specified by This does not support
599 the language specified by Language.
600
601 **/
602 EFI_STATUS
603 EFIAPI
604 OpalEfiDriverComponentName2GetControllerName(
605 EFI_COMPONENT_NAME2_PROTOCOL* This,
606 EFI_HANDLE ControllerHandle,
607 EFI_HANDLE ChildHandle,
608 CHAR8* Language,
609 CHAR16** ControllerName
610 );
611
612 #endif //_OPAL_DRIVER_H_
EFI Development Kit II mirror for PVE