summaryrefslogtreecommitdiffstats
path: root/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c
diff options
context:
space:
mode:
Diffstat (limited to 'SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c')
-rw-r--r--SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c62
1 files changed, 54 insertions, 8 deletions
diff --git a/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c b/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c
index 4133e503e2..8733564f00 100644
--- a/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c
+++ b/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c
@@ -105,13 +105,12 @@ OpalSupportGetAvailableActions(
}
//
- // Psid revert is available for any device with media encryption support
- // Revert is allowed for any device with media encryption support, however it requires
+ // Psid revert is available for any device with media encryption support or pyrite 2.0 type support.
//
- if (SupportedAttributes->MediaEncryption) {
+ if (SupportedAttributes->PyriteSscV2 || SupportedAttributes->MediaEncryption) {
//
- // Only allow psid revert if media encryption is enabled.
+ // Only allow psid revert if media encryption is enabled or pyrite 2.0 type support..
// Otherwise, someone who steals a disk can psid revert the disk and the user Data is still
// intact and accessible
//
@@ -657,6 +656,8 @@ OpalEndOfDxeEventNotify (
@param[in] Dev The device which need Psid to process Psid Revert
OPAL request.
@param[in] PopUpString Pop up string.
+ @param[in] PopUpString2 Pop up string in line 2.
+
@param[out] PressEsc Whether user escape function through Press ESC.
@retval Psid string if success. NULL if failed.
@@ -666,6 +667,7 @@ CHAR8 *
OpalDriverPopUpPsidInput (
IN OPAL_DRIVER_DEVICE *Dev,
IN CHAR16 *PopUpString,
+ IN CHAR16 *PopUpString2,
OUT BOOLEAN *PressEsc
)
{
@@ -689,6 +691,7 @@ OpalDriverPopUpPsidInput (
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
&InputKey,
PopUpString,
+ PopUpString2,
L"---------------------",
Mask,
NULL
@@ -1369,6 +1372,8 @@ ProcessOpalRequestPsidRevert (
EFI_INPUT_KEY Key;
TCG_RESULT Ret;
CHAR16 *PopUpString;
+ CHAR16 *PopUpString2;
+ UINTN BufferSize;
if (Dev == NULL) {
return;
@@ -1378,6 +1383,20 @@ ProcessOpalRequestPsidRevert (
PopUpString = OpalGetPopUpString (Dev, RequestString);
+ if (Dev->OpalDisk.EstimateTimeCost > MAX_ACCEPTABLE_REVERTING_TIME) {
+ BufferSize = StrSize (L"Warning: Revert action will take about ####### seconds, DO NOT power off system during the revert action!");
+ PopUpString2 = AllocateZeroPool (BufferSize);
+ ASSERT (PopUpString2 != NULL);
+ UnicodeSPrint (
+ PopUpString2,
+ BufferSize,
+ L"WARNING: Revert action will take about %d seconds, DO NOT power off system during the revert action!",
+ Dev->OpalDisk.EstimateTimeCost
+ );
+ } else {
+ PopUpString2 = NULL;
+ }
+
Count = 0;
ZeroMem(&Session, sizeof(Session));
@@ -1386,7 +1405,7 @@ ProcessOpalRequestPsidRevert (
Session.OpalBaseComId = Dev->OpalDisk.OpalBaseComId;
while (Count < MAX_PSID_TRY_COUNT) {
- Psid = OpalDriverPopUpPsidInput (Dev, PopUpString, &PressEsc);
+ Psid = OpalDriverPopUpPsidInput (Dev, PopUpString, PopUpString2, &PressEsc);
if (PressEsc) {
do {
CreatePopUp (
@@ -1400,7 +1419,7 @@ ProcessOpalRequestPsidRevert (
if (Key.UnicodeChar == CHAR_CARRIAGE_RETURN) {
gST->ConOut->ClearScreen(gST->ConOut);
- return;
+ goto Done;
} else {
//
// Let user input Psid again.
@@ -1456,6 +1475,11 @@ ProcessOpalRequestPsidRevert (
} while (Key.UnicodeChar != CHAR_CARRIAGE_RETURN);
gST->ConOut->ClearScreen(gST->ConOut);
}
+
+Done:
+ if (PopUpString2 != NULL) {
+ FreePool (PopUpString2);
+ }
}
/**
@@ -1482,6 +1506,8 @@ ProcessOpalRequestRevert (
TCG_RESULT Ret;
BOOLEAN PasswordFailed;
CHAR16 *PopUpString;
+ CHAR16 *PopUpString2;
+ UINTN BufferSize;
if (Dev == NULL) {
return;
@@ -1491,6 +1517,20 @@ ProcessOpalRequestRevert (
PopUpString = OpalGetPopUpString (Dev, RequestString);
+ if (Dev->OpalDisk.EstimateTimeCost > MAX_ACCEPTABLE_REVERTING_TIME) {
+ BufferSize = StrSize (L"Warning: Revert action will take about ####### seconds, DO NOT power off system during the revert action!");
+ PopUpString2 = AllocateZeroPool (BufferSize);
+ ASSERT (PopUpString2 != NULL);
+ UnicodeSPrint (
+ PopUpString2,
+ BufferSize,
+ L"WARNING: Revert action will take about %d seconds, DO NOT power off system during the revert action!",
+ Dev->OpalDisk.EstimateTimeCost
+ );
+ } else {
+ PopUpString2 = NULL;
+ }
+
Count = 0;
ZeroMem(&Session, sizeof(Session));
@@ -1499,7 +1539,7 @@ ProcessOpalRequestRevert (
Session.OpalBaseComId = Dev->OpalDisk.OpalBaseComId;
while (Count < MAX_PASSWORD_TRY_COUNT) {
- Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, NULL, &PressEsc);
+ Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, PopUpString2, &PressEsc);
if (PressEsc) {
do {
CreatePopUp (
@@ -1513,7 +1553,7 @@ ProcessOpalRequestRevert (
if (Key.UnicodeChar == CHAR_CARRIAGE_RETURN) {
gST->ConOut->ClearScreen(gST->ConOut);
- return;
+ goto Done;
} else {
//
// Let user input password again.
@@ -1596,6 +1636,11 @@ ProcessOpalRequestRevert (
} while (Key.UnicodeChar != CHAR_CARRIAGE_RETURN);
gST->ConOut->ClearScreen(gST->ConOut);
}
+
+Done:
+ if (PopUpString2 != NULL) {
+ FreePool (PopUpString2);
+ }
}
/**
@@ -2337,6 +2382,7 @@ ReadyToBootCallback (
Session.MediaId = Itr->OpalDisk.MediaId;
Session.OpalBaseComId = Itr->OpalDisk.OpalBaseComId;
+ DEBUG ((DEBUG_INFO, "OpalPassword: ReadyToBoot point, send BlockSid command to device!\n"));
Result = OpalBlockSid (&Session, TRUE); // HardwareReset must always be TRUE
if (Result != TcgResultSuccess) {
DEBUG ((DEBUG_ERROR, "OpalBlockSid fail\n"));
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-08 21:59:34 +0000