DEBUG ((DEBUG_ERROR, "OpalBlockSid fail\n"));\r
break;\r
}\r
+\r
+ //\r
+ // Record BlockSID command has been sent.\r
+ //\r
+ Itr->OpalDisk.SentBlockSID = TRUE;\r
}\r
\r
Itr = Itr->Next;\r
\r
IsLocked = OpalDeviceLocked (&Dev->OpalDisk.SupportedAttributes, &Dev->OpalDisk.LockingFeature);\r
\r
- if (IsLocked && PcdGetBool (PcdSkipOpalDxeUnlock)) {\r
- return;\r
+ //\r
+ // Add PcdSkipOpalPasswordPrompt to determin whether to skip password prompt.\r
+ // Due to board design, device may not power off during system warm boot, which result in\r
+ // security status remain unlocked status, hence we add device security status check here.\r
+ //\r
+ // If device is in the locked status, device keeps locked and system continues booting.\r
+ // If device is in the unlocked status, system is forced shutdown to support security requirement.\r
+ //\r
+ if (PcdGetBool (PcdSkipOpalPasswordPrompt)) {\r
+ if (IsLocked) {\r
+ return;\r
+ } else {\r
+ gRT->ResetSystem (EfiResetShutdown, EFI_SUCCESS, 0, NULL);\r
+ }\r
}\r
\r
while (Count < MAX_PASSWORD_TRY_COUNT) {\r
ProcessOpalRequestEnableFeature (Dev, L"Enable Feature:");\r
}\r
\r
+ //\r
+ // Update Device ownership.\r
+ // Later BlockSID command may block the update.\r
+ //\r
+ OpalDiskUpdateOwnerShip (&Dev->OpalDisk);\r
+\r
break;\r
}\r
\r
projects / mirror_edk2.git / blobdiff