SecurityPkg/OpalPassword: Add warning message for Secure Erase

author Chu, Maggie <maggie.chu@intel.com>

Tue, 7 May 2019 06:19:35 +0000 (14:19 +0800)

committer Eric Dong <eric.dong@intel.com>

Wed, 8 May 2019 01:17:36 +0000 (09:17 +0800)
author Chu, Maggie <maggie.chu@intel.com>
Tue, 7 May 2019 06:19:35 +0000 (14:19 +0800)
committer Eric Dong <eric.dong@intel.com>
Wed, 8 May 2019 01:17:36 +0000 (09:17 +0800)
diff --git a/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c b/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c

index ed7f9682559a6208f30478a52912301e71f3ebcd..42999c89f0fb48673346b10b9c6e50053c416744 100644 (file)
--- a/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c
+++ b/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c
@@ -487,6 +487,7 @@ OpalEndOfDxeEventNotify (
                              OPAL request.\r
    @param[in]  PopUpString   Pop up string.\r
    @param[in]  PopUpString2  Pop up string in line 2.\r
+  @param[in]  PopUpString3  Pop up string in line 3.\r
  \r
    @param[out] PressEsc      Whether user escape function through Press ESC.\r
  \r
@@ -498,6 +499,7 @@ OpalDriverPopUpPsidInput (
    IN OPAL_DRIVER_DEVICE     *Dev,\r
    IN CHAR16                 *PopUpString,\r
    IN CHAR16                 *PopUpString2,\r
+  IN CHAR16                 *PopUpString3,\r
    OUT BOOLEAN               *PressEsc\r
    )\r
  {\r
@@ -527,15 +529,28 @@ OpalDriverPopUpPsidInput (
          NULL\r
        );\r
      } else {\r
-      CreatePopUp (\r
-        EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,\r
-        &InputKey,\r
-        PopUpString,\r
-        PopUpString2,\r
-        L"---------------------",\r
-        Mask,\r
-        NULL\r
-      );\r
+      if (PopUpString3 == NULL) {\r
+        CreatePopUp (\r
+          EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,\r
+          &InputKey,\r
+          PopUpString,\r
+          PopUpString2,\r
+          L"---------------------",\r
+          Mask,\r
+          NULL\r
+        );\r
+      } else {\r
+        CreatePopUp (\r
+          EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,\r
+          &InputKey,\r
+          PopUpString,\r
+          PopUpString2,\r
+          PopUpString3,\r
+          L"---------------------",\r
+          Mask,\r
+          NULL\r
+        );\r
+      }\r
      }\r
  \r
      //\r
@@ -625,6 +640,7 @@ OpalDriverPopUpPsidInput (
                              process OPAL request.\r
    @param[in]  PopUpString1  Pop up string 1.\r
    @param[in]  PopUpString2  Pop up string 2.\r
+  @param[in]  PopUpString3  Pop up string 3.\r
    @param[out] PressEsc      Whether user escape function through Press ESC.\r
  \r
    @retval Password string if success. NULL if failed.\r
@@ -635,6 +651,7 @@ OpalDriverPopUpPasswordInput (
    IN OPAL_DRIVER_DEVICE     *Dev,\r
    IN CHAR16                 *PopUpString1,\r
    IN CHAR16                 *PopUpString2,\r
+  IN CHAR16                 *PopUpString3,\r
    OUT BOOLEAN               *PressEsc\r
    )\r
  {\r
@@ -664,15 +681,28 @@ OpalDriverPopUpPasswordInput (
          NULL\r
        );\r
      } else {\r
-      CreatePopUp (\r
-        EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,\r
-        &InputKey,\r
-        PopUpString1,\r
-        PopUpString2,\r
-        L"---------------------",\r
-        Mask,\r
-        NULL\r
-      );\r
+      if (PopUpString3 == NULL) {\r
+        CreatePopUp (\r
+          EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,\r
+          &InputKey,\r
+          PopUpString1,\r
+          PopUpString2,\r
+          L"---------------------",\r
+          Mask,\r
+          NULL\r
+        );\r
+      } else {\r
+        CreatePopUp (\r
+          EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,\r
+          &InputKey,\r
+          PopUpString1,\r
+          PopUpString2,\r
+          PopUpString3,\r
+          L"---------------------",\r
+          Mask,\r
+          NULL\r
+        );\r
+      }\r
      }\r
  \r
      //\r
@@ -823,7 +853,7 @@ OpalDriverRequestPassword (
      }\r
  \r
      while (Count < MAX_PASSWORD_TRY_COUNT) {\r
-      Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, NULL, &PressEsc);\r
+      Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, NULL, NULL, &PressEsc);\r
        if (PressEsc) {\r
          if (IsLocked) {\r
            //\r
@@ -988,7 +1018,7 @@ ProcessOpalRequestEnableFeature (
    Session.OpalBaseComId = Dev->OpalDisk.OpalBaseComId;\r
  \r
    while (Count < MAX_PASSWORD_TRY_COUNT) {\r
-    Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please type in your new password", &PressEsc);\r
+    Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please type in your new password", NULL, &PressEsc);\r
      if (PressEsc) {\r
          do {\r
            CreatePopUp (\r
@@ -1017,7 +1047,7 @@ ProcessOpalRequestEnableFeature (
      }\r
      PasswordLen = (UINT32) AsciiStrLen(Password);\r
  \r
-    PasswordConfirm = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please confirm your new password", &PressEsc);\r
+    PasswordConfirm = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please confirm your new password", NULL, &PressEsc);\r
      if (PasswordConfirm == NULL) {\r
        ZeroMem (Password, PasswordLen);\r
        FreePool (Password);\r
@@ -1132,7 +1162,7 @@ ProcessOpalRequestDisableUser (
    Session.OpalBaseComId = Dev->OpalDisk.OpalBaseComId;\r
  \r
    while (Count < MAX_PASSWORD_TRY_COUNT) {\r
-    Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, NULL, &PressEsc);\r
+    Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, NULL, NULL, &PressEsc);\r
      if (PressEsc) {\r
          do {\r
            CreatePopUp (\r
@@ -1227,6 +1257,7 @@ ProcessOpalRequestPsidRevert (
    TCG_RESULT            Ret;\r
    CHAR16                *PopUpString;\r
    CHAR16                *PopUpString2;\r
+  CHAR16                *PopUpString3;\r
    UINTN                 BufferSize;\r
  \r
    if (Dev == NULL) {\r
@@ -1238,17 +1269,19 @@ ProcessOpalRequestPsidRevert (
    PopUpString = OpalGetPopUpString (Dev, RequestString);\r
  \r
    if (Dev->OpalDisk.EstimateTimeCost > MAX_ACCEPTABLE_REVERTING_TIME) {\r
-    BufferSize = StrSize (L"Warning: Revert action will take about ####### seconds, DO NOT power off system during the revert action!");\r
+    BufferSize = StrSize (L"Warning: Revert action will take about ####### seconds");\r
      PopUpString2 = AllocateZeroPool (BufferSize);\r
      ASSERT (PopUpString2 != NULL);\r
      UnicodeSPrint (\r
          PopUpString2,\r
          BufferSize,\r
-        L"WARNING: Revert action will take about %d seconds, DO NOT power off system during the revert action!",\r
+        L"WARNING: Revert action will take about %d seconds",\r
          Dev->OpalDisk.EstimateTimeCost\r
        );\r
+    PopUpString3 = L"DO NOT power off system during the revert action!";\r
    } else {\r
      PopUpString2 = NULL;\r
+    PopUpString3 = NULL;\r
    }\r
  \r
    Count = 0;\r
@@ -1259,7 +1292,7 @@ ProcessOpalRequestPsidRevert (
    Session.OpalBaseComId = Dev->OpalDisk.OpalBaseComId;\r
  \r
    while (Count < MAX_PSID_TRY_COUNT) {\r
-    Psid = OpalDriverPopUpPsidInput (Dev, PopUpString, PopUpString2, &PressEsc);\r
+    Psid = OpalDriverPopUpPsidInput (Dev, PopUpString, PopUpString2, PopUpString3, &PressEsc);\r
      if (PressEsc) {\r
          do {\r
            CreatePopUp (\r
@@ -1361,6 +1394,7 @@ ProcessOpalRequestRevert (
    BOOLEAN               PasswordFailed;\r
    CHAR16                *PopUpString;\r
    CHAR16                *PopUpString2;\r
+  CHAR16                *PopUpString3;\r
    UINTN                 BufferSize;\r
  \r
    if (Dev == NULL) {\r
@@ -1373,17 +1407,19 @@ ProcessOpalRequestRevert (
  \r
    if ((!KeepUserData) &&\r
        (Dev->OpalDisk.EstimateTimeCost > MAX_ACCEPTABLE_REVERTING_TIME)) {\r
-    BufferSize = StrSize (L"Warning: Revert action will take about ####### seconds, DO NOT power off system during the revert action!");\r
+    BufferSize = StrSize (L"Warning: Revert action will take about ####### seconds");\r
      PopUpString2 = AllocateZeroPool (BufferSize);\r
      ASSERT (PopUpString2 != NULL);\r
      UnicodeSPrint (\r
          PopUpString2,\r
          BufferSize,\r
-        L"WARNING: Revert action will take about %d seconds, DO NOT power off system during the revert action!",\r
+        L"WARNING: Revert action will take about %d seconds",\r
          Dev->OpalDisk.EstimateTimeCost\r
        );\r
+    PopUpString3 = L"DO NOT power off system during the revert action!";\r
    } else {\r
      PopUpString2 = NULL;\r
+    PopUpString3 = NULL;\r
    }\r
  \r
    Count = 0;\r
@@ -1394,7 +1430,7 @@ ProcessOpalRequestRevert (
    Session.OpalBaseComId = Dev->OpalDisk.OpalBaseComId;\r
  \r
    while (Count < MAX_PASSWORD_TRY_COUNT) {\r
-    Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, PopUpString2, &PressEsc);\r
+    Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, PopUpString2, PopUpString3, &PressEsc);\r
      if (PressEsc) {\r
          do {\r
            CreatePopUp (\r
@@ -1520,6 +1556,9 @@ ProcessOpalRequestSecureErase (
    TCG_RESULT            Ret;\r
    BOOLEAN               PasswordFailed;\r
    CHAR16                *PopUpString;\r
+  CHAR16                *PopUpString2;\r
+  CHAR16                *PopUpString3;\r
+  UINTN                 BufferSize;\r
  \r
    if (Dev == NULL) {\r
      return;\r
@@ -1529,6 +1568,21 @@ ProcessOpalRequestSecureErase (
  \r
    PopUpString = OpalGetPopUpString (Dev, RequestString);\r
  \r
+  if (Dev->OpalDisk.EstimateTimeCost > MAX_ACCEPTABLE_REVERTING_TIME) {\r
+    BufferSize = StrSize (L"Warning: Secure erase action will take about ####### seconds");\r
+    PopUpString2 = AllocateZeroPool (BufferSize);\r
+    ASSERT (PopUpString2 != NULL);\r
+    UnicodeSPrint (\r
+        PopUpString2,\r
+        BufferSize,\r
+        L"WARNING: Secure erase action will take about %d seconds",\r
+        Dev->OpalDisk.EstimateTimeCost\r
+      );\r
+    PopUpString3 = L"DO NOT power off system during the action!";\r
+  } else {\r
+    PopUpString2 = NULL;\r
+    PopUpString3 = NULL;\r
+  }\r
    Count = 0;\r
  \r
    ZeroMem(&Session, sizeof(Session));\r
@@ -1537,7 +1591,7 @@ ProcessOpalRequestSecureErase (
    Session.OpalBaseComId = Dev->OpalDisk.OpalBaseComId;\r
  \r
    while (Count < MAX_PASSWORD_TRY_COUNT) {\r
-    Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, NULL, &PressEsc);\r
+    Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, PopUpString2, PopUpString3, &PressEsc);\r
      if (PressEsc) {\r
          do {\r
            CreatePopUp (\r
@@ -1551,7 +1605,7 @@ ProcessOpalRequestSecureErase (
  \r
          if (Key.UnicodeChar == CHAR_CARRIAGE_RETURN) {\r
            gST->ConOut->ClearScreen(gST->ConOut);\r
-          return;\r
+          goto Done;\r
          } else {\r
            //\r
            // Let user input password again.\r
@@ -1608,6 +1662,11 @@ ProcessOpalRequestSecureErase (
      } while (Key.UnicodeChar != CHAR_CARRIAGE_RETURN);\r
      gST->ConOut->ClearScreen(gST->ConOut);\r
    }\r
+\r
+Done:\r
+  if (PopUpString2 != NULL) {\r
+    FreePool (PopUpString2);\r
+  }\r
  }\r
  \r
  /**\r
@@ -1647,7 +1706,7 @@ ProcessOpalRequestSetUserPwd (
    Count = 0;\r
  \r
    while (Count < MAX_PASSWORD_TRY_COUNT) {\r
-    OldPassword = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please type in your password", &PressEsc);\r
+    OldPassword = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please type in your password", NULL, &PressEsc);\r
      if (PressEsc) {\r
          do {\r
            CreatePopUp (\r
@@ -1705,7 +1764,7 @@ ProcessOpalRequestSetUserPwd (
        }\r
      }\r
  \r
-    Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please type in your new password", &PressEsc);\r
+    Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please type in your new password", NULL, &PressEsc);\r
      if (Password == NULL) {\r
        ZeroMem (OldPassword, OldPasswordLen);\r
        FreePool (OldPassword);\r
@@ -1714,7 +1773,7 @@ ProcessOpalRequestSetUserPwd (
      }\r
      PasswordLen = (UINT32) AsciiStrLen(Password);\r
  \r
-    PasswordConfirm = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please confirm your new password", &PressEsc);\r
+    PasswordConfirm = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please confirm your new password", NULL, &PressEsc);\r
      if (PasswordConfirm == NULL) {\r
        ZeroMem (OldPassword, OldPasswordLen);\r
        FreePool (OldPassword);\r
@@ -1846,7 +1905,7 @@ ProcessOpalRequestSetAdminPwd (
    Count = 0;\r
  \r
    while (Count < MAX_PASSWORD_TRY_COUNT) {\r
-    OldPassword = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please type in your password", &PressEsc);\r
+    OldPassword = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please type in your password", NULL, &PressEsc);\r
      if (PressEsc) {\r
          do {\r
            CreatePopUp (\r
@@ -1899,7 +1958,7 @@ ProcessOpalRequestSetAdminPwd (
        continue;\r
      }\r
  \r
-    Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please type in your new password", &PressEsc);\r
+    Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please type in your new password", NULL, &PressEsc);\r
      if (Password == NULL) {\r
        ZeroMem (OldPassword, OldPasswordLen);\r
        FreePool (OldPassword);\r
@@ -1908,7 +1967,7 @@ ProcessOpalRequestSetAdminPwd (
      }\r
      PasswordLen = (UINT32) AsciiStrLen(Password);\r
  \r
-    PasswordConfirm = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please confirm your new password", &PressEsc);\r
+    PasswordConfirm = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please confirm your new password", NULL, &PressEsc);\r
      if (PasswordConfirm == NULL) {\r
        ZeroMem (OldPassword, OldPasswordLen);\r
        FreePool (OldPassword);\r
diff --git a/SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c b/SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c

index 8abb3d028b2f5b77b61548218935ca5edef88acc..d0f3eda1e8437e3ec908aa0bd8d77a5f13ca1602 100644 (file)
--- a/SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c
+++ b/SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c
@@ -511,13 +511,15 @@ GetDiskNameStringId(
  /**\r
    Confirm whether user truly want to do the revert action.\r
  \r
-  @param     OpalDisk            The device which need to do the revert action.\r
+  @param     OpalDisk            The device which need to perform data removal action.\r
+  @param     ActionString        Specifies the action name shown on pop up menu.\r
  \r
    @retval  EFI_SUCCESS           Confirmed user want to do the revert action.\r
  **/\r
  EFI_STATUS\r
-HiiConfirmRevertAction (\r
-  IN OPAL_DISK                  *OpalDisk\r
+HiiConfirmDataRemovalAction (\r
+  IN OPAL_DISK                  *OpalDisk,\r
+  IN CHAR16                     *ActionString\r
  \r
    )\r
  {\r
@@ -537,14 +539,14 @@ HiiConfirmRevertAction (
    ApproveResponse = L'Y';\r
    RejectResponse  = L'N';\r
  \r
-  UnicodeSPrint(Unicode, StrSize(L"WARNING: Revert device needs about ####### seconds"), L"WARNING: Revert device needs about %d seconds", OpalDisk->EstimateTimeCost);\r
+  UnicodeSPrint(Unicode, StrSize(L"WARNING: ############# action needs about ####### seconds"), L"WARNING: %s action needs about %d seconds", ActionString, OpalDisk->EstimateTimeCost);\r
  \r
    do {\r
      CreatePopUp(\r
          EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,\r
          &Key,\r
          Unicode,\r
-        L" System should not be powered off until revert completion ",\r
+        L" System should not be powered off until action completion ",\r
          L" ",\r
          L" Press 'Y/y' to continue, press 'N/n' to cancal ",\r
          NULL\r
@@ -634,7 +636,16 @@ DriverCallback(
        case HII_KEY_ID_PSID_REVERT:\r
          OpalDisk = HiiGetOpalDiskCB(gHiiConfiguration.SelectedDiskIndex);\r
          if (OpalDisk != NULL) {\r
-          return HiiConfirmRevertAction (OpalDisk);\r
+          return HiiConfirmDataRemovalAction (OpalDisk, L"Revert");\r
+        } else {\r
+          ASSERT (FALSE);\r
+          return EFI_SUCCESS;\r
+        }\r
+\r
+      case HII_KEY_ID_SECURE_ERASE:\r
+        OpalDisk = HiiGetOpalDiskCB(gHiiConfiguration.SelectedDiskIndex);\r
+        if (OpalDisk != NULL) {\r
+          return HiiConfirmDataRemovalAction (OpalDisk, L"Secure erase");\r
          } else {\r
            ASSERT (FALSE);\r
            return EFI_SUCCESS;\r
author	Chu, Maggie <maggie.chu@intel.com>
	Tue, 7 May 2019 06:19:35 +0000 (14:19 +0800)
committer	Eric Dong <eric.dong@intel.com>
	Wed, 8 May 2019 01:17:36 +0000 (09:17 +0800)
SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c		patch \| blob \| blame \| history
SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c		patch \| blob \| blame \| history