diff options
Diffstat (limited to 'SecurityPkg/Include')
-rw-r--r-- | SecurityPkg/Include/Library/OpalPasswordSupportLib.h | 289 |
1 files changed, 0 insertions, 289 deletions
diff --git a/SecurityPkg/Include/Library/OpalPasswordSupportLib.h b/SecurityPkg/Include/Library/OpalPasswordSupportLib.h deleted file mode 100644 index e616c763f0..0000000000 --- a/SecurityPkg/Include/Library/OpalPasswordSupportLib.h +++ /dev/null @@ -1,289 +0,0 @@ -/** @file
- Header file of Opal password support library.
-
-Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-
-#ifndef _OPAL_PASSWORD_SUPPORT_LIB_H_
-#define _OPAL_PASSWORD_SUPPORT_LIB_H_
-
-#include <Protocol/DevicePath.h>
-#include <Library/TcgStorageOpalLib.h>
-
-
-#pragma pack(1)
-
-//
-// Structure that is used to represent the available actions for an OpalDisk.
-// The data can then be utilized to expose/hide certain actions available to an end user
-// by the consumer of this library.
-//
-typedef struct {
- //
- // Indicates if the disk can support PSID Revert action. should verify disk supports PSID authority
- //
- UINT16 PsidRevert : 1;
-
- //
- // Indicates if the disk can support Revert action
- //
- UINT16 Revert : 1;
-
- //
- // Indicates if the user must keep data for revert action. It is true if no media encryption is supported.
- //
- UINT16 RevertKeepDataForced : 1;
-
- //
- // Indicates if the disk can support set Admin password
- //
- UINT16 AdminPass : 1;
-
- //
- // Indicates if the disk can support set User password. This action requires that a user
- // password is first enabled.
- //
- UINT16 UserPass : 1;
-
- //
- // Indicates if unlock action is available. Requires disk to be currently locked.
- //
- UINT16 Unlock : 1;
-
- //
- // Indicates if Secure Erase action is available. Action requires admin credentials and media encryption support.
- //
- UINT16 SecureErase : 1;
-
- //
- // Indicates if Disable User action is available. Action requires admin credentials.
- //
- UINT16 DisableUser : 1;
-} OPAL_DISK_ACTIONS;
-
-//
-// Structure that is used to represent the Opal device with password info.
-//
-typedef struct {
- LIST_ENTRY Link;
-
- UINT8 Password[32];
- UINT8 PasswordLength;
-
- EFI_DEVICE_PATH_PROTOCOL OpalDevicePath;
-} OPAL_DISK_AND_PASSWORD_INFO;
-
-#pragma pack()
-
-/**
-
- The function performs determines the available actions for the OPAL_DISK provided.
-
- @param[in] SupportedAttributes The support attribute for the device.
- @param[in] LockingFeature The locking status for the device.
- @param[in] OwnerShip The ownership for the device.
- @param[out] AvalDiskActions Pointer to fill-out with appropriate disk actions.
-
-**/
-TCG_RESULT
-EFIAPI
-OpalSupportGetAvailableActions(
- IN OPAL_DISK_SUPPORT_ATTRIBUTE *SupportedAttributes,
- IN TCG_LOCKING_FEATURE_DESCRIPTOR *LockingFeature,
- IN UINT16 OwnerShip,
- OUT OPAL_DISK_ACTIONS *AvalDiskActions
- );
-
-/**
- Enable Opal Feature for the input device.
-
- @param[in] Session The opal session for the opal device.
- @param[in] Msid Msid
- @param[in] MsidLength Msid Length
- @param[in] Password Admin password
- @param[in] PassLength Length of password in bytes
- @param[in] DevicePath The device path for the opal devcie.
-
-**/
-TCG_RESULT
-EFIAPI
-OpalSupportEnableOpalFeature(
- IN OPAL_SESSION *Session,
- IN VOID *Msid,
- IN UINT32 MsidLength,
- IN VOID *Password,
- IN UINT32 PassLength,
- IN EFI_DEVICE_PATH_PROTOCOL *DevicePath
- );
-
-/**
- Creates a session with OPAL_UID_ADMIN_SP as OPAL_ADMIN_SP_PSID_AUTHORITY, then reverts device using Admin SP Revert method.
-
- @param[in] Session The opal session for the opal device.
- @param[in] Psid PSID of device to revert.
- @param[in] PsidLength Length of PSID in bytes.
- @param[in] DevicePath The device path for the opal devcie.
-
-**/
-TCG_RESULT
-EFIAPI
-OpalSupportPsidRevert(
- IN OPAL_SESSION *Session,
- IN VOID *Psid,
- IN UINT32 PsidLength,
- IN EFI_DEVICE_PATH_PROTOCOL *DevicePath
- );
-
-/**
- Opens a session with OPAL_UID_ADMIN_SP as OPAL_ADMIN_SP_PSID_AUTHORITY, then reverts the device using the RevertSP method.
-
- @param[in] Session The opal session for the opal device.
- @param[in] KeepUserData TRUE to keep existing Data on the disk, or FALSE to erase it
- @param[in] Password Admin password
- @param[in] PasswordLength Length of password in bytes
- @param[in] Msid Msid
- @param[in] MsidLength Msid Length
- @param[out] PasswordFailed indicates if password failed (start session didn't work)
- @param[in] DevicePath The device path for the opal devcie.
-
-**/
-TCG_RESULT
-EFIAPI
-OpalSupportRevert(
- IN OPAL_SESSION *Session,
- IN BOOLEAN KeepUserData,
- IN VOID *Password,
- IN UINT32 PasswordLength,
- IN VOID *Msid,
- IN UINT32 MsidLength,
- OUT BOOLEAN *PasswordFailed,
- IN EFI_DEVICE_PATH_PROTOCOL *DevicePath
- );
-
-/**
- Set new password.
-
- @param[in] Session The opal session for the opal device.
- @param[in] OldPassword Current admin password
- @param[in] OldPasswordLength Length of current admin password in bytes
- @param[in] NewPassword New admin password to set
- @param[in] NewPasswordLength Length of new password in bytes
- @param[in] DevicePath The device path for the opal devcie.
- @param[in] SetAdmin Whether set admin password or user password.
- TRUE for admin, FALSE for user.
-
-**/
-TCG_RESULT
-EFIAPI
-OpalSupportSetPassword(
- IN OPAL_SESSION *Session,
- IN VOID *OldPassword,
- IN UINT32 OldPasswordLength,
- IN VOID *NewPassword,
- IN UINT32 NewPasswordLength,
- IN EFI_DEVICE_PATH_PROTOCOL *DevicePath,
- IN BOOLEAN SetAdmin
- );
-
-/**
- Starts a session with OPAL_UID_LOCKING_SP as OPAL_LOCKING_SP_ADMIN1_AUTHORITY and disables the User1 authority.
-
- @param[in] Session The opal session for the opal device.
- @param[in] Password Admin password
- @param[in] PasswordLength Length of password in bytes
- @param[out] PasswordFailed Indicates if password failed (start session didn't work)
- @param[in] DevicePath The device path for the opal devcie.
-
-**/
-TCG_RESULT
-EFIAPI
-OpalSupportDisableUser(
- IN OPAL_SESSION *Session,
- IN VOID *Password,
- IN UINT32 PasswordLength,
- OUT BOOLEAN *PasswordFailed,
- IN EFI_DEVICE_PATH_PROTOCOL *DevicePath
- );
-
-/**
- Starts a session with OPAL_UID_LOCKING_SP as OPAL_LOCKING_SP_USER1_AUTHORITY or OPAL_LOCKING_SP_ADMIN1_AUTHORITY
- and updates the global locking range ReadLocked and WriteLocked columns to FALSE.
-
- @param[in] Session The opal session for the opal device.
- @param[in] Password Admin or user password
- @param[in] PasswordLength Length of password in bytes
- @param[in] DevicePath The device path for the opal devcie.
-
-**/
-TCG_RESULT
-EFIAPI
-OpalSupportUnlock(
- IN OPAL_SESSION *Session,
- IN VOID *Password,
- IN UINT32 PasswordLength,
- IN EFI_DEVICE_PATH_PROTOCOL *DevicePath
- );
-
-/**
- Starts a session with OPAL_UID_LOCKING_SP as OPAL_LOCKING_SP_USER1_AUTHORITY or OPAL_LOCKING_SP_ADMIN1_AUTHORITY
- and updates the global locking range ReadLocked and WriteLocked columns to TRUE.
-
- @param[in] Session The opal session for the opal device.
- @param[in] Password Admin or user password
- @param[in] PasswordLength Length of password in bytes
- @param[in] DevicePath The device path for the opal devcie.
-
-**/
-TCG_RESULT
-EFIAPI
-OpalSupportLock(
- IN OPAL_SESSION *Session,
- IN VOID *Password,
- IN UINT32 PasswordLength,
- IN EFI_DEVICE_PATH_PROTOCOL *DevicePath
- );
-
-/**
- Check if the password is full zero.
-
- @param[in] Password Points to the Data Buffer
-
- @retval TRUE This password string is full zero.
- @retval FALSE This password string is not full zero.
-
-**/
-LIST_ENTRY *
-EFIAPI
-OpalSupportGetOpalDeviceList (
- VOID
- );
-
-/**
- Transfer the password to the smm driver.
-
- @param[in] DevicePath The device path for the opal devcie.
- @param PasswordLen The input password length.
- @param Password Input password buffer.
-
- @retval EFI_SUCCESS Do the required action success.
- @retval Others Error occured.
-
-**/
-EFI_STATUS
-EFIAPI
-OpalSupportSendPasword(
- EFI_DEVICE_PATH_PROTOCOL *DevicePath,
- UINTN PasswordLen,
- VOID *Password
- );
-
-#endif // _OPAL_CORE_H_
|