]> git.proxmox.com Git - mirror_edk2.git/blob - SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.h
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
SecurityPkg: Fix spelling errors
[mirror_edk2.git] / SecurityPkg / Tcg / Opal / OpalPassword / OpalDriver.h
1 /** @file
2 Values defined and used by the Opal UEFI Driver.
3
4 Copyright (c) 2016 - 2019, Intel Corporation. All rights reserved.<BR>
5 SPDX-License-Identifier: BSD-2-Clause-Patent
6
7 **/
8
9 #ifndef _OPAL_DRIVER_H_
10 #define _OPAL_DRIVER_H_
11
12 #include <PiDxe.h>
13
14 #include <IndustryStandard/Pci.h>
15
16 #include <Protocol/PciIo.h>
17 #include <Protocol/SmmCommunication.h>
18 #include <Protocol/BlockIo.h>
19 #include <Protocol/LoadedImage.h>
20 #include <Protocol/DevicePath.h>
21 #include <Protocol/DevicePathToText.h>
22 #include <Protocol/StorageSecurityCommand.h>
23
24 #include <Guid/EventGroup.h>
25 #include <Guid/S3StorageDeviceInitList.h>
26
27 #include <Library/UefiLib.h>
28 #include <Library/UefiBootServicesTableLib.h>
29 #include <Library/UefiRuntimeServicesTableLib.h>
30 #include <Library/DxeServicesTableLib.h>
31 #include <Library/BaseMemoryLib.h>
32 #include <Library/MemoryAllocationLib.h>
33 #include <Library/BaseLib.h>
34 #include <Library/PrintLib.h>
35 #include <Library/DebugLib.h>
36 #include <Library/DevicePathLib.h>
37 #include <Library/HiiLib.h>
38 #include <Library/UefiHiiServicesLib.h>
39 #include <Library/PciLib.h>
40 #include <Library/LockBoxLib.h>
41 #include <Library/TcgStorageOpalLib.h>
42 #include <Library/Tcg2PhysicalPresenceLib.h>
43
44 #include "OpalPasswordCommon.h"
45 #include "OpalHiiFormValues.h"
46
47 #define EFI_DRIVER_NAME_UNICODE L"1.0 UEFI Opal Driver"
48
49 // UEFI 2.1
50 #define LANGUAGE_RFC_3066_ENGLISH ((CHAR8*)"en")
51
52 // UEFI/EFI < 2.1
53 #define LANGUAGE_ISO_639_2_ENGLISH ((CHAR8*)"eng")
54
55 #define CONCAT_(x, y) x ## y
56 #define CONCAT(x, y) CONCAT_(x, y)
57
58 #define UNICODE_STR(x) CONCAT( L, x )
59
60 extern EFI_DRIVER_BINDING_PROTOCOL gOpalDriverBinding;
61 extern EFI_COMPONENT_NAME_PROTOCOL gOpalComponentName;
62 extern EFI_COMPONENT_NAME2_PROTOCOL gOpalComponentName2;
63
64 #define OPAL_MSID_LENGTH 128
65
66 #define MAX_PASSWORD_TRY_COUNT 5
67
68 // PSID Length
69 #define PSID_CHARACTER_LENGTH 0x20
70 #define MAX_PSID_TRY_COUNT 5
71
72 //
73 // The max timeout value assume the user can wait for the revert action. The unit of this macro is second.
74 // If the revert time value bigger than this one, driver needs to popup a dialog to let user confirm the
75 // revert action.
76 //
77 #define MAX_ACCEPTABLE_REVERTING_TIME 10
78
79 #pragma pack(1)
80
81 //
82 // Structure that is used to represent the available actions for an OpalDisk.
83 // The data can then be utilized to expose/hide certain actions available to an end user
84 // by the consumer of this library.
85 //
86 typedef struct {
87 //
88 // Indicates if the disk can support PSID Revert action. should verify disk supports PSID authority
89 //
90 UINT16 PsidRevert : 1;
91
92 //
93 // Indicates if the disk can support Revert action
94 //
95 UINT16 Revert : 1;
96
97 //
98 // Indicates if the user must keep data for revert action. It is true if no media encryption is supported.
99 //
100 UINT16 RevertKeepDataForced : 1;
101
102 //
103 // Indicates if the disk can support set Admin password
104 //
105 UINT16 AdminPass : 1;
106
107 //
108 // Indicates if the disk can support set User password. This action requires that a user
109 // password is first enabled.
110 //
111 UINT16 UserPass : 1;
112
113 //
114 // Indicates if unlock action is available. Requires disk to be currently locked.
115 //
116 UINT16 Unlock : 1;
117
118 //
119 // Indicates if Secure Erase action is available. Action requires admin credentials and media encryption support.
120 //
121 UINT16 SecureErase : 1;
122
123 //
124 // Indicates if Disable User action is available. Action requires admin credentials.
125 //
126 UINT16 DisableUser : 1;
127 } OPAL_DISK_ACTIONS;
128
129 //
130 // Structure that is used to represent an OPAL_DISK.
131 //
132 typedef struct {
133 UINT32 MsidLength; // Byte length of MSID Pin for device
134 UINT8 Msid[OPAL_MSID_LENGTH]; // MSID Pin for device
135 EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *Sscp;
136 UINT32 MediaId; // MediaId is used by Ssc Protocol.
137 EFI_DEVICE_PATH_PROTOCOL *OpalDevicePath;
138 UINT16 OpalBaseComId; // Opal SSC 1 base com id.
139 OPAL_OWNER_SHIP Owner;
140 OPAL_DISK_SUPPORT_ATTRIBUTE SupportedAttributes;
141 TCG_LOCKING_FEATURE_DESCRIPTOR LockingFeature; // Locking Feature Descriptor retrieved from performing a Level 0 Discovery
142 UINT8 PasswordLength;
143 UINT8 Password[OPAL_MAX_PASSWORD_SIZE];
144
145 UINT32 EstimateTimeCost;
146 BOOLEAN SentBlockSID; // Check whether BlockSid command has been sent.
147 } OPAL_DISK;
148
149 //
150 // Device with block IO protocol
151 //
152 typedef struct _OPAL_DRIVER_DEVICE OPAL_DRIVER_DEVICE;
153
154 struct _OPAL_DRIVER_DEVICE {
155 OPAL_DRIVER_DEVICE *Next; ///< Linked list pointer
156 EFI_HANDLE Handle; ///< Device handle
157 OPAL_DISK OpalDisk; ///< User context
158 CHAR16 *Name16; ///< Allocated/freed by UEFI Filter Driver at device creation/removal
159 CHAR8 *NameZ; ///< Allocated/freed by UEFI Filter Driver at device creation/removal
160 UINT32 MediaId; ///< Required parameter for EFI_STORAGE_SECURITY_COMMAND_PROTOCOL, from BLOCK_IO_MEDIA
161
162 EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *Sscp; /// Device protocols consumed
163 EFI_DEVICE_PATH_PROTOCOL *OpalDevicePath;
164 };
165
166 //
167 // Opal Driver UEFI Driver Model
168 //
169 typedef struct {
170 EFI_HANDLE Handle; ///< Driver image handle
171 OPAL_DRIVER_DEVICE *DeviceList; ///< Linked list of controllers owned by this Driver
172 } OPAL_DRIVER;
173
174 #pragma pack()
175
176 //
177 // Retrieves a OPAL_DRIVER_DEVICE based on the pointer to its StorageSecurity protocol.
178 //
179 #define DRIVER_DEVICE_FROM_OPALDISK(OpalDiskPointer) (OPAL_DRIVER_DEVICE*)(BASE_CR(OpalDiskPointer, OPAL_DRIVER_DEVICE, OpalDisk))
180
181 /**
182 Get devcie list info.
183
184 @retval return the device list pointer.
185 **/
186 OPAL_DRIVER_DEVICE*
187 OpalDriverGetDeviceList(
188 VOID
189 );
190
191 /**
192 Get devcie name through the component name protocol.
193
194 @param[in] Dev The device which need to get name.
195
196 @retval TRUE Find the name for this device.
197 @retval FALSE Not found the name for this device.
198 **/
199 BOOLEAN
200 OpalDriverGetDriverDeviceName(
201 OPAL_DRIVER_DEVICE *Dev
202 );
203
204 /**
205 Get current device count.
206
207 @retval return the current created device count.
208
209 **/
210 UINT8
211 GetDeviceCount (
212 VOID
213 );
214
215 /**
216 Update password for the Opal disk.
217
218 @param[in, out] OpalDisk The disk to update password.
219 @param[in] Password The input password.
220 @param[in] PasswordLength The input password length.
221
222 **/
223 VOID
224 OpalSupportUpdatePassword (
225 IN OUT OPAL_DISK *OpalDisk,
226 IN VOID *Password,
227 IN UINT32 PasswordLength
228 );
229
230 /**
231
232 The function performs determines the available actions for the OPAL_DISK provided.
233
234 @param[in] SupportedAttributes The support attribute for the device.
235 @param[in] LockingFeature The locking status for the device.
236 @param[in] OwnerShip The ownership for the device.
237 @param[out] AvalDiskActions Pointer to fill-out with appropriate disk actions.
238
239 **/
240 TCG_RESULT
241 EFIAPI
242 OpalSupportGetAvailableActions(
243 IN OPAL_DISK_SUPPORT_ATTRIBUTE *SupportedAttributes,
244 IN TCG_LOCKING_FEATURE_DESCRIPTOR *LockingFeature,
245 IN UINT16 OwnerShip,
246 OUT OPAL_DISK_ACTIONS *AvalDiskActions
247 );
248
249 /**
250 Enable Opal Feature for the input device.
251
252 @param[in] Session The opal session for the opal device.
253 @param[in] Msid Msid
254 @param[in] MsidLength Msid Length
255 @param[in] Password Admin password
256 @param[in] PassLength Length of password in bytes
257
258 **/
259 TCG_RESULT
260 EFIAPI
261 OpalSupportEnableOpalFeature (
262 IN OPAL_SESSION *Session,
263 IN VOID *Msid,
264 IN UINT32 MsidLength,
265 IN VOID *Password,
266 IN UINT32 PassLength
267 );
268
269 /**
270 Unloads UEFI Driver. Very useful for debugging and testing.
271
272 @param ImageHandle Image handle this driver.
273
274 @retval EFI_SUCCESS This function always complete successfully.
275 @retval EFI_INVALID_PARAMETER The input ImageHandle is not valid.
276 **/
277 EFI_STATUS
278 EFIAPI
279 EfiDriverUnload(
280 EFI_HANDLE ImageHandle
281 );
282
283
284 /**
285 Test to see if this driver supports Controller.
286
287 @param This Protocol instance pointer.
288 @param ControllerHandle Handle of device to test
289 @param RemainingDevicePath Optional parameter use to pick a specific child
290 device to start.
291
292 @retval EFI_SUCCESS This driver supports this device.
293 @retval EFI_ALREADY_STARTED This driver is already running on this device.
294 @retval other This driver does not support this device.
295
296 **/
297 EFI_STATUS
298 EFIAPI
299 OpalEfiDriverBindingSupported(
300 EFI_DRIVER_BINDING_PROTOCOL* This,
301 EFI_HANDLE Controller,
302 EFI_DEVICE_PATH_PROTOCOL* RemainingDevicePath
303 );
304
305 /**
306 Enables Opal Management on a supported device if available.
307
308 The start function is designed to be called after the Opal UEFI Driver has confirmed the
309 "controller", which is a child handle, contains the EF_STORAGE_SECURITY_COMMAND protocols.
310 This function will complete the other necessary checks, such as verifying the device supports
311 the correct version of Opal. Upon verification, it will add the device to the
312 Opal HII list in order to expose Opal management options.
313
314 @param[in] This A pointer to the EFI_DRIVER_BINDING_PROTOCOL instance.
315 @param[in] ControllerHandle The handle of the controller to start. This handle
316 must support a protocol interface that supplies
317 an I/O abstraction to the driver.
318 @param[in] RemainingDevicePath A pointer to the remaining portion of a device path. This
319 parameter is ignored by device drivers, and is optional for bus
320 drivers. For a bus driver, if this parameter is NULL, then handles
321 for all the children of Controller are created by this driver.
322 If this parameter is not NULL and the first Device Path Node is
323 not the End of Device Path Node, then only the handle for the
324 child device specified by the first Device Path Node of
325 RemainingDevicePath is created by this driver.
326 If the first Device Path Node of RemainingDevicePath is
327 the End of Device Path Node, no child handle is created by this
328 driver.
329
330 @retval EFI_SUCCESS Opal management was enabled.
331 @retval EFI_DEVICE_ERROR The device could not be started due to a device error.Currently not implemented.
332 @retval EFI_OUT_OF_RESOURCES The request could not be completed due to a lack of resources.
333 @retval Others The driver failed to start the device.
334
335 **/
336 EFI_STATUS
337 EFIAPI
338 OpalEfiDriverBindingStart(
339 EFI_DRIVER_BINDING_PROTOCOL* This,
340 EFI_HANDLE Controller,
341 EFI_DEVICE_PATH_PROTOCOL* RemainingDevicePath
342 );
343
344 /**
345 Stop this driver on Controller.
346
347 @param This Protocol instance pointer.
348 @param Controller Handle of device to stop driver on
349 @param NumberOfChildren Number of Handles in ChildHandleBuffer. If number of
350 children is zero stop the entire bus driver.
351 @param ChildHandleBuffer List of Child Handles to Stop.
352
353 @retval EFI_SUCCESS This driver is removed Controller.
354 @retval other This driver could not be removed from this device.
355
356 **/
357 EFI_STATUS
358 EFIAPI
359 OpalEfiDriverBindingStop(
360 EFI_DRIVER_BINDING_PROTOCOL* This,
361 EFI_HANDLE Controller,
362 UINTN NumberOfChildren,
363 EFI_HANDLE* ChildHandleBuffer
364 );
365
366 /**
367 Retrieves a Unicode string that is the user readable name of the driver.
368
369 This function retrieves the user readable name of a driver in the form of a
370 Unicode string. If the driver specified by This has a user readable name in
371 the language specified by Language, then a pointer to the driver name is
372 returned in DriverName, and EFI_SUCCESS is returned. If the driver specified
373 by This does not support the language specified by Language,
374 then EFI_UNSUPPORTED is returned.
375
376 @param This[in] A pointer to the EFI_COMPONENT_NAME2_PROTOCOL or
377 EFI_COMPONENT_NAME_PROTOCOL instance.
378
379 @param Language[in] A pointer to a Null-terminated ASCII string
380 array indicating the language. This is the
381 language of the driver name that the caller is
382 requesting, and it must match one of the
383 languages specified in SupportedLanguages. The
384 number of languages supported by a driver is up
385 to the driver writer. Language is specified
386 in RFC 4646 or ISO 639-2 language code format.
387
388 @param DriverName[out] A pointer to the Unicode string to return.
389 This Unicode string is the name of the
390 driver specified by This in the language
391 specified by Language.
392
393 @retval EFI_SUCCESS The Unicode string for the Driver specified by
394 This and the language specified by Language was
395 returned in DriverName.
396
397 @retval EFI_INVALID_PARAMETER Language is NULL.
398
399 @retval EFI_INVALID_PARAMETER DriverName is NULL.
400
401 @retval EFI_UNSUPPORTED The driver specified by This does not support
402 the language specified by Language.
403
404 **/
405 EFI_STATUS
406 EFIAPI
407 OpalEfiDriverComponentNameGetDriverName(
408 EFI_COMPONENT_NAME_PROTOCOL* This,
409 CHAR8* Language,
410 CHAR16** DriverName
411 );
412
413 /**
414 Retrieves a Unicode string that is the user readable name of the controller
415 that is being managed by a driver.
416
417 This function retrieves the user readable name of the controller specified by
418 ControllerHandle and ChildHandle in the form of a Unicode string. If the
419 driver specified by This has a user readable name in the language specified by
420 Language, then a pointer to the controller name is returned in ControllerName,
421 and EFI_SUCCESS is returned. If the driver specified by This is not currently
422 managing the controller specified by ControllerHandle and ChildHandle,
423 then EFI_UNSUPPORTED is returned. If the driver specified by This does not
424 support the language specified by Language, then EFI_UNSUPPORTED is returned.
425
426 @param This[in] A pointer to the EFI_COMPONENT_NAME2_PROTOCOL or
427 EFI_COMPONENT_NAME_PROTOCOL instance.
428
429 @param ControllerHandle[in] The handle of a controller that the driver
430 specified by This is managing. This handle
431 specifies the controller whose name is to be
432 returned.
433
434 @param ChildHandle[in] The handle of the child controller to retrieve
435 the name of. This is an optional parameter that
436 may be NULL. It will be NULL for device
437 drivers. It will also be NULL for a bus drivers
438 that wish to retrieve the name of the bus
439 controller. It will not be NULL for a bus
440 driver that wishes to retrieve the name of a
441 child controller.
442
443 @param Language[in] A pointer to a Null-terminated ASCII string
444 array indicating the language. This is the
445 language of the driver name that the caller is
446 requesting, and it must match one of the
447 languages specified in SupportedLanguages. The
448 number of languages supported by a driver is up
449 to the driver writer. Language is specified in
450 RFC 4646 or ISO 639-2 language code format.
451
452 @param ControllerName[out] A pointer to the Unicode string to return.
453 This Unicode string is the name of the
454 controller specified by ControllerHandle and
455 ChildHandle in the language specified by
456 Language from the point of view of the driver
457 specified by This.
458
459 @retval EFI_SUCCESS The Unicode string for the user readable name in
460 the language specified by Language for the
461 driver specified by This was returned in
462 DriverName.
463
464 @retval EFI_INVALID_PARAMETER ControllerHandle is NULL.
465
466 @retval EFI_INVALID_PARAMETER ChildHandle is not NULL and it is not a valid
467 EFI_HANDLE.
468
469 @retval EFI_INVALID_PARAMETER Language is NULL.
470
471 @retval EFI_INVALID_PARAMETER ControllerName is NULL.
472
473 @retval EFI_UNSUPPORTED The driver specified by This is not currently
474 managing the controller specified by
475 ControllerHandle and ChildHandle.
476
477 @retval EFI_UNSUPPORTED The driver specified by This does not support
478 the language specified by Language.
479
480 **/
481 EFI_STATUS
482 EFIAPI
483 OpalEfiDriverComponentNameGetControllerName(
484 EFI_COMPONENT_NAME_PROTOCOL* This,
485 EFI_HANDLE ControllerHandle,
486 EFI_HANDLE ChildHandle,
487 CHAR8* Language,
488 CHAR16** ControllerName
489 );
490
491 /**
492 Retrieves a Unicode string that is the user readable name of the driver.
493
494 This function retrieves the user readable name of a driver in the form of a
495 Unicode string. If the driver specified by This has a user readable name in
496 the language specified by Language, then a pointer to the driver name is
497 returned in DriverName, and EFI_SUCCESS is returned. If the driver specified
498 by This does not support the language specified by Language,
499 then EFI_UNSUPPORTED is returned.
500
501 @param This[in] A pointer to the EFI_COMPONENT_NAME2_PROTOCOL or
502 EFI_COMPONENT_NAME_PROTOCOL instance.
503
504 @param Language[in] A pointer to a Null-terminated ASCII string
505 array indicating the language. This is the
506 language of the driver name that the caller is
507 requesting, and it must match one of the
508 languages specified in SupportedLanguages. The
509 number of languages supported by a driver is up
510 to the driver writer. Language is specified
511 in RFC 4646 or ISO 639-2 language code format.
512
513 @param DriverName[out] A pointer to the Unicode string to return.
514 This Unicode string is the name of the
515 driver specified by This in the language
516 specified by Language.
517
518 @retval EFI_SUCCESS The Unicode string for the Driver specified by
519 This and the language specified by Language was
520 returned in DriverName.
521
522 @retval EFI_INVALID_PARAMETER Language is NULL.
523
524 @retval EFI_INVALID_PARAMETER DriverName is NULL.
525
526 @retval EFI_UNSUPPORTED The driver specified by This does not support
527 the language specified by Language.
528
529 **/
530 EFI_STATUS
531 EFIAPI
532 OpalEfiDriverComponentName2GetDriverName(
533 EFI_COMPONENT_NAME2_PROTOCOL* This,
534 CHAR8* Language,
535 CHAR16** DriverName
536 );
537
538 /**
539 Retrieves a Unicode string that is the user readable name of the controller
540 that is being managed by a driver.
541
542 This function retrieves the user readable name of the controller specified by
543 ControllerHandle and ChildHandle in the form of a Unicode string. If the
544 driver specified by This has a user readable name in the language specified by
545 Language, then a pointer to the controller name is returned in ControllerName,
546 and EFI_SUCCESS is returned. If the driver specified by This is not currently
547 managing the controller specified by ControllerHandle and ChildHandle,
548 then EFI_UNSUPPORTED is returned. If the driver specified by This does not
549 support the language specified by Language, then EFI_UNSUPPORTED is returned.
550
551 @param This[in] A pointer to the EFI_COMPONENT_NAME2_PROTOCOL or
552 EFI_COMPONENT_NAME_PROTOCOL instance.
553
554 @param ControllerHandle[in] The handle of a controller that the driver
555 specified by This is managing. This handle
556 specifies the controller whose name is to be
557 returned.
558
559 @param ChildHandle[in] The handle of the child controller to retrieve
560 the name of. This is an optional parameter that
561 may be NULL. It will be NULL for device
562 drivers. It will also be NULL for a bus drivers
563 that wish to retrieve the name of the bus
564 controller. It will not be NULL for a bus
565 driver that wishes to retrieve the name of a
566 child controller.
567
568 @param Language[in] A pointer to a Null-terminated ASCII string
569 array indicating the language. This is the
570 language of the driver name that the caller is
571 requesting, and it must match one of the
572 languages specified in SupportedLanguages. The
573 number of languages supported by a driver is up
574 to the driver writer. Language is specified in
575 RFC 4646 or ISO 639-2 language code format.
576
577 @param ControllerName[out] A pointer to the Unicode string to return.
578 This Unicode string is the name of the
579 controller specified by ControllerHandle and
580 ChildHandle in the language specified by
581 Language from the point of view of the driver
582 specified by This.
583
584 @retval EFI_SUCCESS The Unicode string for the user readable name in
585 the language specified by Language for the
586 driver specified by This was returned in
587 DriverName.
588
589 @retval EFI_INVALID_PARAMETER ControllerHandle is NULL.
590
591 @retval EFI_INVALID_PARAMETER ChildHandle is not NULL and it is not a valid
592 EFI_HANDLE.
593
594 @retval EFI_INVALID_PARAMETER Language is NULL.
595
596 @retval EFI_INVALID_PARAMETER ControllerName is NULL.
597
598 @retval EFI_UNSUPPORTED The driver specified by This is not currently
599 managing the controller specified by
600 ControllerHandle and ChildHandle.
601
602 @retval EFI_UNSUPPORTED The driver specified by This does not support
603 the language specified by Language.
604
605 **/
606 EFI_STATUS
607 EFIAPI
608 OpalEfiDriverComponentName2GetControllerName(
609 EFI_COMPONENT_NAME2_PROTOCOL* This,
610 EFI_HANDLE ControllerHandle,
611 EFI_HANDLE ChildHandle,
612 CHAR8* Language,
613 CHAR16** ControllerName
614 );
615
616 #endif //_OPAL_DRIVER_H_
EFI Development Kit II mirror for PVE