]> git.proxmox.com Git - mirror_edk2.git/blob - SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.h
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
SecurityPkg: Clean up source files
[mirror_edk2.git] / SecurityPkg / Tcg / Opal / OpalPassword / OpalDriver.h
1 /** @file
2 Values defined and used by the Opal UEFI Driver.
3
4 Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR>
5 This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php
9
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
12
13 **/
14
15 #ifndef _OPAL_DRIVER_H_
16 #define _OPAL_DRIVER_H_
17
18 #include <PiDxe.h>
19
20 #include <IndustryStandard/Pci.h>
21
22 #include <Protocol/PciIo.h>
23 #include <Protocol/SmmCommunication.h>
24 #include <Protocol/BlockIo.h>
25 #include <Protocol/LoadedImage.h>
26 #include <Protocol/DevicePath.h>
27 #include <Protocol/DevicePathToText.h>
28 #include <Protocol/StorageSecurityCommand.h>
29
30 #include <Guid/EventGroup.h>
31
32 #include <Library/UefiLib.h>
33 #include <Library/UefiBootServicesTableLib.h>
34 #include <Library/UefiRuntimeServicesTableLib.h>
35 #include <Library/DxeServicesTableLib.h>
36 #include <Library/BaseMemoryLib.h>
37 #include <Library/MemoryAllocationLib.h>
38 #include <Library/BaseLib.h>
39 #include <Library/PrintLib.h>
40 #include <Library/DebugLib.h>
41 #include <Library/DevicePathLib.h>
42 #include <Library/HiiLib.h>
43 #include <Library/UefiHiiServicesLib.h>
44 #include <Library/PciLib.h>
45 #include <Library/S3BootScriptLib.h>
46 #include <Library/LockBoxLib.h>
47 #include <Library/TcgStorageOpalLib.h>
48 #include <Library/Tcg2PhysicalPresenceLib.h>
49
50 #include "OpalPasswordCommon.h"
51 #include "OpalHiiFormValues.h"
52
53 #define EFI_DRIVER_NAME_UNICODE L"1.0 UEFI Opal Driver"
54
55 // UEFI 2.1
56 #define LANGUAGE_RFC_3066_ENGLISH ((CHAR8*)"en")
57
58 // UEFI/EFI < 2.1
59 #define LANGUAGE_ISO_639_2_ENGLISH ((CHAR8*)"eng")
60
61 #define CONCAT_(x, y) x ## y
62 #define CONCAT(x, y) CONCAT_(x, y)
63
64 #define UNICODE_STR(x) CONCAT( L, x )
65
66 extern EFI_DRIVER_BINDING_PROTOCOL gOpalDriverBinding;
67 extern EFI_COMPONENT_NAME_PROTOCOL gOpalComponentName;
68 extern EFI_COMPONENT_NAME2_PROTOCOL gOpalComponentName2;
69
70 #define OPAL_MSID_LENGHT 128
71
72 #define MAX_PASSWORD_TRY_COUNT 5
73
74 // PSID Length
75 #define PSID_CHARACTER_LENGTH 0x20
76 #define MAX_PSID_TRY_COUNT 5
77
78 //
79 // The max timeout value assume the user can wait for the revert action. The unit of this macro is second.
80 // If the revert time value bigger than this one, driver needs to popup a dialog to let user confirm the
81 // revert action.
82 //
83 #define MAX_ACCEPTABLE_REVERTING_TIME 10
84
85 #pragma pack(1)
86
87 //
88 // Structure that is used to represent the available actions for an OpalDisk.
89 // The data can then be utilized to expose/hide certain actions available to an end user
90 // by the consumer of this library.
91 //
92 typedef struct {
93 //
94 // Indicates if the disk can support PSID Revert action. should verify disk supports PSID authority
95 //
96 UINT16 PsidRevert : 1;
97
98 //
99 // Indicates if the disk can support Revert action
100 //
101 UINT16 Revert : 1;
102
103 //
104 // Indicates if the user must keep data for revert action. It is true if no media encryption is supported.
105 //
106 UINT16 RevertKeepDataForced : 1;
107
108 //
109 // Indicates if the disk can support set Admin password
110 //
111 UINT16 AdminPass : 1;
112
113 //
114 // Indicates if the disk can support set User password. This action requires that a user
115 // password is first enabled.
116 //
117 UINT16 UserPass : 1;
118
119 //
120 // Indicates if unlock action is available. Requires disk to be currently locked.
121 //
122 UINT16 Unlock : 1;
123
124 //
125 // Indicates if Secure Erase action is available. Action requires admin credentials and media encryption support.
126 //
127 UINT16 SecureErase : 1;
128
129 //
130 // Indicates if Disable User action is available. Action requires admin credentials.
131 //
132 UINT16 DisableUser : 1;
133 } OPAL_DISK_ACTIONS;
134
135 //
136 // Structure that is used to represent an OPAL_DISK.
137 //
138 typedef struct {
139 UINT32 MsidLength; // Byte length of MSID Pin for device
140 UINT8 Msid[OPAL_MSID_LENGHT]; // MSID Pin for device
141 EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *Sscp;
142 UINT32 MediaId; // MediaId is used by Ssc Protocol.
143 EFI_DEVICE_PATH_PROTOCOL *OpalDevicePath;
144 UINT16 OpalBaseComId; // Opal SSC 1 base com id.
145 OPAL_OWNER_SHIP Owner;
146 OPAL_DISK_SUPPORT_ATTRIBUTE SupportedAttributes;
147 TCG_LOCKING_FEATURE_DESCRIPTOR LockingFeature; // Locking Feature Descriptor retrieved from performing a Level 0 Discovery
148 UINT8 PasswordLength;
149 UINT8 Password[OPAL_MAX_PASSWORD_SIZE];
150
151 UINT32 EstimateTimeCost;
152 } OPAL_DISK;
153
154 //
155 // Device with block IO protocol
156 //
157 typedef struct _OPAL_DRIVER_DEVICE OPAL_DRIVER_DEVICE;
158
159 struct _OPAL_DRIVER_DEVICE {
160 OPAL_DRIVER_DEVICE *Next; ///< Linked list pointer
161 EFI_HANDLE Handle; ///< Device handle
162 OPAL_DISK OpalDisk; ///< User context
163 CHAR16 *Name16; ///< Allocated/freed by UEFI Filter Driver at device creation/removal
164 CHAR8 *NameZ; ///< Allocated/freed by UEFI Filter Driver at device creation/removal
165 UINT32 MediaId; ///< Required parameter for EFI_STORAGE_SECURITY_COMMAND_PROTOCOL, from BLOCK_IO_MEDIA
166
167 EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *Sscp; /// Device protocols consumed
168 EFI_DEVICE_PATH_PROTOCOL *OpalDevicePath;
169 };
170
171 //
172 // Opal Driver UEFI Driver Model
173 //
174 typedef struct {
175 EFI_HANDLE Handle; ///< Driver image handle
176 OPAL_DRIVER_DEVICE *DeviceList; ///< Linked list of controllers owned by this Driver
177 } OPAL_DRIVER;
178
179 #pragma pack()
180
181 //
182 // Retrieves a OPAL_DRIVER_DEVICE based on the pointer to its StorageSecurity protocol.
183 //
184 #define DRIVER_DEVICE_FROM_OPALDISK(OpalDiskPointer) (OPAL_DRIVER_DEVICE*)(BASE_CR(OpalDiskPointer, OPAL_DRIVER_DEVICE, OpalDisk))
185
186 /**
187 Get devcie list info.
188
189 @retval return the device list pointer.
190 **/
191 OPAL_DRIVER_DEVICE*
192 OpalDriverGetDeviceList(
193 VOID
194 );
195
196 /**
197 Get devcie name through the component name protocol.
198
199 @param[in] Dev The device which need to get name.
200
201 @retval TRUE Find the name for this device.
202 @retval FALSE Not found the name for this device.
203 **/
204 BOOLEAN
205 OpalDriverGetDriverDeviceName(
206 OPAL_DRIVER_DEVICE *Dev
207 );
208
209 /**
210 Get current device count.
211
212 @retval return the current created device count.
213
214 **/
215 UINT8
216 GetDeviceCount (
217 VOID
218 );
219
220 /**
221 Update password for the Opal disk.
222
223 @param[in, out] OpalDisk The disk to update password.
224 @param[in] Password The input password.
225 @param[in] PasswordLength The input password length.
226
227 **/
228 VOID
229 OpalSupportUpdatePassword (
230 IN OUT OPAL_DISK *OpalDisk,
231 IN VOID *Password,
232 IN UINT32 PasswordLength
233 );
234
235 /**
236
237 The function performs determines the available actions for the OPAL_DISK provided.
238
239 @param[in] SupportedAttributes The support attribute for the device.
240 @param[in] LockingFeature The locking status for the device.
241 @param[in] OwnerShip The ownership for the device.
242 @param[out] AvalDiskActions Pointer to fill-out with appropriate disk actions.
243
244 **/
245 TCG_RESULT
246 EFIAPI
247 OpalSupportGetAvailableActions(
248 IN OPAL_DISK_SUPPORT_ATTRIBUTE *SupportedAttributes,
249 IN TCG_LOCKING_FEATURE_DESCRIPTOR *LockingFeature,
250 IN UINT16 OwnerShip,
251 OUT OPAL_DISK_ACTIONS *AvalDiskActions
252 );
253
254 /**
255 Enable Opal Feature for the input device.
256
257 @param[in] Session The opal session for the opal device.
258 @param[in] Msid Msid
259 @param[in] MsidLength Msid Length
260 @param[in] Password Admin password
261 @param[in] PassLength Length of password in bytes
262
263 **/
264 TCG_RESULT
265 EFIAPI
266 OpalSupportEnableOpalFeature (
267 IN OPAL_SESSION *Session,
268 IN VOID *Msid,
269 IN UINT32 MsidLength,
270 IN VOID *Password,
271 IN UINT32 PassLength
272 );
273
274 /**
275 Unloads UEFI Driver. Very useful for debugging and testing.
276
277 @param ImageHandle Image handle this driver.
278
279 @retval EFI_SUCCESS This function always complete successfully.
280 @retval EFI_INVALID_PARAMETER The input ImageHandle is not valid.
281 **/
282 EFI_STATUS
283 EFIAPI
284 EfiDriverUnload(
285 EFI_HANDLE ImageHandle
286 );
287
288
289 /**
290 Test to see if this driver supports Controller.
291
292 @param This Protocol instance pointer.
293 @param ControllerHandle Handle of device to test
294 @param RemainingDevicePath Optional parameter use to pick a specific child
295 device to start.
296
297 @retval EFI_SUCCESS This driver supports this device.
298 @retval EFI_ALREADY_STARTED This driver is already running on this device.
299 @retval other This driver does not support this device.
300
301 **/
302 EFI_STATUS
303 EFIAPI
304 OpalEfiDriverBindingSupported(
305 EFI_DRIVER_BINDING_PROTOCOL* This,
306 EFI_HANDLE Controller,
307 EFI_DEVICE_PATH_PROTOCOL* RemainingDevicePath
308 );
309
310 /**
311 Enables Opal Management on a supported device if available.
312
313 The start function is designed to be called after the Opal UEFI Driver has confirmed the
314 "controller", which is a child handle, contains the EF_STORAGE_SECURITY_COMMAND protocols.
315 This function will complete the other necessary checks, such as verifying the device supports
316 the correct version of Opal. Upon verification, it will add the device to the
317 Opal HII list in order to expose Opal managmeent options.
318
319 @param[in] This A pointer to the EFI_DRIVER_BINDING_PROTOCOL instance.
320 @param[in] ControllerHandle The handle of the controller to start. This handle
321 must support a protocol interface that supplies
322 an I/O abstraction to the driver.
323 @param[in] RemainingDevicePath A pointer to the remaining portion of a device path. This
324 parameter is ignored by device drivers, and is optional for bus
325 drivers. For a bus driver, if this parameter is NULL, then handles
326 for all the children of Controller are created by this driver.
327 If this parameter is not NULL and the first Device Path Node is
328 not the End of Device Path Node, then only the handle for the
329 child device specified by the first Device Path Node of
330 RemainingDevicePath is created by this driver.
331 If the first Device Path Node of RemainingDevicePath is
332 the End of Device Path Node, no child handle is created by this
333 driver.
334
335 @retval EFI_SUCCESS Opal management was enabled.
336 @retval EFI_DEVICE_ERROR The device could not be started due to a device error.Currently not implemented.
337 @retval EFI_OUT_OF_RESOURCES The request could not be completed due to a lack of resources.
338 @retval Others The driver failed to start the device.
339
340 **/
341 EFI_STATUS
342 EFIAPI
343 OpalEfiDriverBindingStart(
344 EFI_DRIVER_BINDING_PROTOCOL* This,
345 EFI_HANDLE Controller,
346 EFI_DEVICE_PATH_PROTOCOL* RemainingDevicePath
347 );
348
349 /**
350 Stop this driver on Controller.
351
352 @param This Protocol instance pointer.
353 @param Controller Handle of device to stop driver on
354 @param NumberOfChildren Number of Handles in ChildHandleBuffer. If number of
355 children is zero stop the entire bus driver.
356 @param ChildHandleBuffer List of Child Handles to Stop.
357
358 @retval EFI_SUCCESS This driver is removed Controller.
359 @retval other This driver could not be removed from this device.
360
361 **/
362 EFI_STATUS
363 EFIAPI
364 OpalEfiDriverBindingStop(
365 EFI_DRIVER_BINDING_PROTOCOL* This,
366 EFI_HANDLE Controller,
367 UINTN NumberOfChildren,
368 EFI_HANDLE* ChildHandleBuffer
369 );
370
371 /**
372 Retrieves a Unicode string that is the user readable name of the driver.
373
374 This function retrieves the user readable name of a driver in the form of a
375 Unicode string. If the driver specified by This has a user readable name in
376 the language specified by Language, then a pointer to the driver name is
377 returned in DriverName, and EFI_SUCCESS is returned. If the driver specified
378 by This does not support the language specified by Language,
379 then EFI_UNSUPPORTED is returned.
380
381 @param This[in] A pointer to the EFI_COMPONENT_NAME2_PROTOCOL or
382 EFI_COMPONENT_NAME_PROTOCOL instance.
383
384 @param Language[in] A pointer to a Null-terminated ASCII string
385 array indicating the language. This is the
386 language of the driver name that the caller is
387 requesting, and it must match one of the
388 languages specified in SupportedLanguages. The
389 number of languages supported by a driver is up
390 to the driver writer. Language is specified
391 in RFC 4646 or ISO 639-2 language code format.
392
393 @param DriverName[out] A pointer to the Unicode string to return.
394 This Unicode string is the name of the
395 driver specified by This in the language
396 specified by Language.
397
398 @retval EFI_SUCCESS The Unicode string for the Driver specified by
399 This and the language specified by Language was
400 returned in DriverName.
401
402 @retval EFI_INVALID_PARAMETER Language is NULL.
403
404 @retval EFI_INVALID_PARAMETER DriverName is NULL.
405
406 @retval EFI_UNSUPPORTED The driver specified by This does not support
407 the language specified by Language.
408
409 **/
410 EFI_STATUS
411 EFIAPI
412 OpalEfiDriverComponentNameGetDriverName(
413 EFI_COMPONENT_NAME_PROTOCOL* This,
414 CHAR8* Language,
415 CHAR16** DriverName
416 );
417
418 /**
419 Retrieves a Unicode string that is the user readable name of the controller
420 that is being managed by a driver.
421
422 This function retrieves the user readable name of the controller specified by
423 ControllerHandle and ChildHandle in the form of a Unicode string. If the
424 driver specified by This has a user readable name in the language specified by
425 Language, then a pointer to the controller name is returned in ControllerName,
426 and EFI_SUCCESS is returned. If the driver specified by This is not currently
427 managing the controller specified by ControllerHandle and ChildHandle,
428 then EFI_UNSUPPORTED is returned. If the driver specified by This does not
429 support the language specified by Language, then EFI_UNSUPPORTED is returned.
430
431 @param This[in] A pointer to the EFI_COMPONENT_NAME2_PROTOCOL or
432 EFI_COMPONENT_NAME_PROTOCOL instance.
433
434 @param ControllerHandle[in] The handle of a controller that the driver
435 specified by This is managing. This handle
436 specifies the controller whose name is to be
437 returned.
438
439 @param ChildHandle[in] The handle of the child controller to retrieve
440 the name of. This is an optional parameter that
441 may be NULL. It will be NULL for device
442 drivers. It will also be NULL for a bus drivers
443 that wish to retrieve the name of the bus
444 controller. It will not be NULL for a bus
445 driver that wishes to retrieve the name of a
446 child controller.
447
448 @param Language[in] A pointer to a Null-terminated ASCII string
449 array indicating the language. This is the
450 language of the driver name that the caller is
451 requesting, and it must match one of the
452 languages specified in SupportedLanguages. The
453 number of languages supported by a driver is up
454 to the driver writer. Language is specified in
455 RFC 4646 or ISO 639-2 language code format.
456
457 @param ControllerName[out] A pointer to the Unicode string to return.
458 This Unicode string is the name of the
459 controller specified by ControllerHandle and
460 ChildHandle in the language specified by
461 Language from the point of view of the driver
462 specified by This.
463
464 @retval EFI_SUCCESS The Unicode string for the user readable name in
465 the language specified by Language for the
466 driver specified by This was returned in
467 DriverName.
468
469 @retval EFI_INVALID_PARAMETER ControllerHandle is NULL.
470
471 @retval EFI_INVALID_PARAMETER ChildHandle is not NULL and it is not a valid
472 EFI_HANDLE.
473
474 @retval EFI_INVALID_PARAMETER Language is NULL.
475
476 @retval EFI_INVALID_PARAMETER ControllerName is NULL.
477
478 @retval EFI_UNSUPPORTED The driver specified by This is not currently
479 managing the controller specified by
480 ControllerHandle and ChildHandle.
481
482 @retval EFI_UNSUPPORTED The driver specified by This does not support
483 the language specified by Language.
484
485 **/
486 EFI_STATUS
487 EFIAPI
488 OpalEfiDriverComponentNameGetControllerName(
489 EFI_COMPONENT_NAME_PROTOCOL* This,
490 EFI_HANDLE ControllerHandle,
491 EFI_HANDLE ChildHandle,
492 CHAR8* Language,
493 CHAR16** ControllerName
494 );
495
496 /**
497 Retrieves a Unicode string that is the user readable name of the driver.
498
499 This function retrieves the user readable name of a driver in the form of a
500 Unicode string. If the driver specified by This has a user readable name in
501 the language specified by Language, then a pointer to the driver name is
502 returned in DriverName, and EFI_SUCCESS is returned. If the driver specified
503 by This does not support the language specified by Language,
504 then EFI_UNSUPPORTED is returned.
505
506 @param This[in] A pointer to the EFI_COMPONENT_NAME2_PROTOCOL or
507 EFI_COMPONENT_NAME_PROTOCOL instance.
508
509 @param Language[in] A pointer to a Null-terminated ASCII string
510 array indicating the language. This is the
511 language of the driver name that the caller is
512 requesting, and it must match one of the
513 languages specified in SupportedLanguages. The
514 number of languages supported by a driver is up
515 to the driver writer. Language is specified
516 in RFC 4646 or ISO 639-2 language code format.
517
518 @param DriverName[out] A pointer to the Unicode string to return.
519 This Unicode string is the name of the
520 driver specified by This in the language
521 specified by Language.
522
523 @retval EFI_SUCCESS The Unicode string for the Driver specified by
524 This and the language specified by Language was
525 returned in DriverName.
526
527 @retval EFI_INVALID_PARAMETER Language is NULL.
528
529 @retval EFI_INVALID_PARAMETER DriverName is NULL.
530
531 @retval EFI_UNSUPPORTED The driver specified by This does not support
532 the language specified by Language.
533
534 **/
535 EFI_STATUS
536 EFIAPI
537 OpalEfiDriverComponentName2GetDriverName(
538 EFI_COMPONENT_NAME2_PROTOCOL* This,
539 CHAR8* Language,
540 CHAR16** DriverName
541 );
542
543 /**
544 Retrieves a Unicode string that is the user readable name of the controller
545 that is being managed by a driver.
546
547 This function retrieves the user readable name of the controller specified by
548 ControllerHandle and ChildHandle in the form of a Unicode string. If the
549 driver specified by This has a user readable name in the language specified by
550 Language, then a pointer to the controller name is returned in ControllerName,
551 and EFI_SUCCESS is returned. If the driver specified by This is not currently
552 managing the controller specified by ControllerHandle and ChildHandle,
553 then EFI_UNSUPPORTED is returned. If the driver specified by This does not
554 support the language specified by Language, then EFI_UNSUPPORTED is returned.
555
556 @param This[in] A pointer to the EFI_COMPONENT_NAME2_PROTOCOL or
557 EFI_COMPONENT_NAME_PROTOCOL instance.
558
559 @param ControllerHandle[in] The handle of a controller that the driver
560 specified by This is managing. This handle
561 specifies the controller whose name is to be
562 returned.
563
564 @param ChildHandle[in] The handle of the child controller to retrieve
565 the name of. This is an optional parameter that
566 may be NULL. It will be NULL for device
567 drivers. It will also be NULL for a bus drivers
568 that wish to retrieve the name of the bus
569 controller. It will not be NULL for a bus
570 driver that wishes to retrieve the name of a
571 child controller.
572
573 @param Language[in] A pointer to a Null-terminated ASCII string
574 array indicating the language. This is the
575 language of the driver name that the caller is
576 requesting, and it must match one of the
577 languages specified in SupportedLanguages. The
578 number of languages supported by a driver is up
579 to the driver writer. Language is specified in
580 RFC 4646 or ISO 639-2 language code format.
581
582 @param ControllerName[out] A pointer to the Unicode string to return.
583 This Unicode string is the name of the
584 controller specified by ControllerHandle and
585 ChildHandle in the language specified by
586 Language from the point of view of the driver
587 specified by This.
588
589 @retval EFI_SUCCESS The Unicode string for the user readable name in
590 the language specified by Language for the
591 driver specified by This was returned in
592 DriverName.
593
594 @retval EFI_INVALID_PARAMETER ControllerHandle is NULL.
595
596 @retval EFI_INVALID_PARAMETER ChildHandle is not NULL and it is not a valid
597 EFI_HANDLE.
598
599 @retval EFI_INVALID_PARAMETER Language is NULL.
600
601 @retval EFI_INVALID_PARAMETER ControllerName is NULL.
602
603 @retval EFI_UNSUPPORTED The driver specified by This is not currently
604 managing the controller specified by
605 ControllerHandle and ChildHandle.
606
607 @retval EFI_UNSUPPORTED The driver specified by This does not support
608 the language specified by Language.
609
610 **/
611 EFI_STATUS
612 EFIAPI
613 OpalEfiDriverComponentName2GetControllerName(
614 EFI_COMPONENT_NAME2_PROTOCOL* This,
615 EFI_HANDLE ControllerHandle,
616 EFI_HANDLE ChildHandle,
617 CHAR8* Language,
618 CHAR16** ControllerName
619 );
620
621 #endif //_OPAL_DRIVER_H_
EFI Development Kit II mirror for PVE