diff options
Diffstat (limited to 'SecurityPkg/Tcg/Opal')
7 files changed, 60 insertions, 164 deletions
diff --git a/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalDriver.c b/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalDriver.c index 1c26a5e353..91324cd61d 100644 --- a/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalDriver.c +++ b/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalDriver.c @@ -417,15 +417,28 @@ ReadyToBootCallback ( IN VOID *Context
)
{
- OPAL_DRIVER_DEVICE *Itr;
- TCG_RESULT Result;
- OPAL_SESSION Session;
- UINT32 PpStorageFlag;
+ EFI_STATUS Status;
+ OPAL_DRIVER_DEVICE* Itr;
+ TCG_RESULT Result;
+ OPAL_EXTRA_INFO_VAR OpalExtraInfo;
+ UINTN DataSize;
+ OPAL_SESSION Session;
gBS->CloseEvent (Event);
- PpStorageFlag = TcgPhysicalPresenceStorageLibReturnStorageFlags();
- if ((PpStorageFlag & TCG_BIOS_STORAGE_MANAGEMENT_FLAG_ENABLE_BLOCK_SID) != 0) {
+ DataSize = sizeof (OPAL_EXTRA_INFO_VAR);
+ Status = gRT->GetVariable (
+ OPAL_EXTRA_INFO_VAR_NAME,
+ &gOpalExtraInfoVariableGuid,
+ NULL,
+ &DataSize,
+ &OpalExtraInfo
+ );
+ if (EFI_ERROR (Status)) {
+ return;
+ }
+
+ if (OpalExtraInfo.EnableBlockSid == TRUE) {
//
// Send BlockSID command to each Opal disk
//
diff --git a/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalDriver.h b/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalDriver.h index b04d0532d8..213c139e01 100644 --- a/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalDriver.h +++ b/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalDriver.h @@ -16,7 +16,8 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #define _OPAL_DRIVER_H_
#include <PiDxe.h>
-#include <IndustryStandard/TcgPhysicalPresence.h>
+
+#include <Guid/OpalPasswordExtraInfoVariable.h>
#include <Protocol/PciIo.h>
#include <Protocol/SmmCommunication.h>
@@ -39,7 +40,6 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include <Library/UefiHiiServicesLib.h>
#include <Library/TcgStorageOpalLib.h>
#include <Library/OpalPasswordSupportLib.h>
-#include <Library/TcgPhysicalPresenceStorageLib.h>
#define EFI_DRIVER_NAME_UNICODE L"1.0 UEFI Opal Driver"
diff --git a/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalHii.c b/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalHii.c index 7371b7e892..1e4987f9a0 100644 --- a/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalHii.c +++ b/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalHii.c @@ -90,63 +90,23 @@ HiiSetCurrentConfiguration( VOID
)
{
- UINT32 PpStorageFlag;
- EFI_STRING NewString;
+ EFI_STATUS Status;
+ OPAL_EXTRA_INFO_VAR OpalExtraInfo;
+ UINTN DataSize;
gHiiConfiguration.NumDisks = GetDeviceCount();
- //
- // Update the BlockSID status string.
- //
- PpStorageFlag = TcgPhysicalPresenceStorageLibReturnStorageFlags();
-
- if ((PpStorageFlag & TCG_BIOS_STORAGE_MANAGEMENT_FLAG_ENABLE_BLOCK_SID) != 0) {
- NewString = HiiGetString (gHiiPackageListHandle, STRING_TOKEN(STR_ENABLED), NULL);
- if (NewString == NULL) {
- DEBUG ((DEBUG_INFO, "HiiSetCurrentConfiguration: HiiGetString( ) failed\n"));
- return;
- }
- } else {
- NewString = HiiGetString (gHiiPackageListHandle, STRING_TOKEN(STR_DISABLED), NULL);
- if (NewString == NULL) {
- DEBUG ((DEBUG_INFO, "HiiSetCurrentConfiguration: HiiGetString( ) failed\n"));
- return;
- }
- }
- HiiSetString(gHiiPackageListHandle, STRING_TOKEN(STR_BLOCKSID_STATUS1), NewString, NULL);
- FreePool (NewString);
-
- if ((PpStorageFlag & TCG_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_ENABLE_BLOCK_SID) != 0) {
- NewString = HiiGetString (gHiiPackageListHandle, STRING_TOKEN(STR_DISK_INFO_ENABLE_BLOCKSID_TRUE), NULL);
- if (NewString == NULL) {
- DEBUG ((DEBUG_INFO, "HiiSetCurrentConfiguration: HiiGetString( ) failed\n"));
- return;
- }
- } else {
- NewString = HiiGetString (gHiiPackageListHandle, STRING_TOKEN(STR_DISK_INFO_ENABLE_BLOCKSID_FALSE), NULL);
- if (NewString == NULL) {
- DEBUG ((DEBUG_INFO, "HiiSetCurrentConfiguration: HiiGetString( ) failed\n"));
- return;
- }
- }
- HiiSetString(gHiiPackageListHandle, STRING_TOKEN(STR_BLOCKSID_STATUS2), NewString, NULL);
- FreePool (NewString);
-
- if ((PpStorageFlag & TCG_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_DISABLE_BLOCK_SID) != 0) {
- NewString = HiiGetString (gHiiPackageListHandle, STRING_TOKEN(STR_DISK_INFO_DISABLE_BLOCKSID_TRUE), NULL);
- if (NewString == NULL) {
- DEBUG ((DEBUG_INFO, "HiiSetCurrentConfiguration: HiiGetString( ) failed\n"));
- return;
- }
- } else {
- NewString = HiiGetString (gHiiPackageListHandle, STRING_TOKEN(STR_DISK_INFO_DISABLE_BLOCKSID_FALSE), NULL);
- if (NewString == NULL) {
- DEBUG ((DEBUG_INFO, "HiiSetCurrentConfiguration: HiiGetString( ) failed\n"));
- return;
- }
+ DataSize = sizeof (OPAL_EXTRA_INFO_VAR);
+ Status = gRT->GetVariable (
+ OPAL_EXTRA_INFO_VAR_NAME,
+ &gOpalExtraInfoVariableGuid,
+ NULL,
+ &DataSize,
+ &OpalExtraInfo
+ );
+ if (!EFI_ERROR (Status)) {
+ gHiiConfiguration.EnableBlockSid = OpalExtraInfo.EnableBlockSid;
}
- HiiSetString(gHiiPackageListHandle, STRING_TOKEN(STR_BLOCKSID_STATUS3), NewString, NULL);
- FreePool (NewString);
}
/**
@@ -440,7 +400,6 @@ DriverCallback( {
HII_KEY HiiKey;
UINT8 HiiKeyId;
- UINT32 PpRequest;
if (ActionRequest != NULL) {
*ActionRequest = EFI_BROWSER_ACTION_REQUEST_NONE;
@@ -509,47 +468,9 @@ DriverCallback( } else if (Action == EFI_BROWSER_ACTION_CHANGED) {
switch (HiiKeyId) {
case HII_KEY_ID_BLOCKSID:
- switch (Value->u8) {
- case 0:
- PpRequest = TCG2_PHYSICAL_PRESENCE_NO_ACTION;
- break;
-
- case 1:
- PpRequest = TCG2_PHYSICAL_PRESENCE_ENABLE_BLOCK_SID;
- break;
-
- case 2:
- PpRequest = TCG2_PHYSICAL_PRESENCE_DISABLE_BLOCK_SID;
- break;
-
- case 3:
- PpRequest = TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_ENABLE_BLOCK_SID_FUNC_TRUE;
- break;
-
- case 4:
- PpRequest = TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_ENABLE_BLOCK_SID_FUNC_FALSE;
- break;
-
- case 5:
- PpRequest = TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_DISABLE_BLOCK_SID_FUNC_TRUE;
- break;
-
- case 6:
- PpRequest = TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_DISABLE_BLOCK_SID_FUNC_FALSE;
- break;
-
- default:
- PpRequest = TCG2_PHYSICAL_PRESENCE_NO_ACTION;
- DEBUG ((DEBUG_ERROR, "Invalid value input!\n"));
- break;
- }
- HiiSetBlockSidAction(PpRequest);
-
+ HiiSetBlockSid(Value->b);
*ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;
return EFI_SUCCESS;
-
- default:
- break;
}
}
@@ -1183,27 +1104,25 @@ HiiPasswordEntered( **/
EFI_STATUS
-HiiSetBlockSidAction (
- IN UINT32 PpRequest
+HiiSetBlockSid (
+ BOOLEAN Enable
)
{
- UINT32 ReturnCode;
- EFI_STATUS Status;
-
- //
- // Process TCG Physical Presence request just after trusted console is ready
- // Platform can connect trusted consoles and then call the below function.
- //
- ReturnCode = TcgPhysicalPresenceStorageLibSubmitRequestToPreOSFunction (PpRequest, 0);
- if (ReturnCode == TCG_PP_SUBMIT_REQUEST_TO_PREOS_SUCCESS) {
- Status = EFI_SUCCESS;
- } else if (ReturnCode == TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE) {
- Status = EFI_OUT_OF_RESOURCES;
- } else if (ReturnCode == TCG_PP_SUBMIT_REQUEST_TO_PREOS_NOT_IMPLEMENTED) {
- Status = EFI_UNSUPPORTED;
- } else {
- Status = EFI_DEVICE_ERROR;
- }
+ EFI_STATUS Status;
+ OPAL_EXTRA_INFO_VAR OpalExtraInfo;
+ UINTN DataSize;
+
+ Status = EFI_SUCCESS;
+
+ OpalExtraInfo.EnableBlockSid = Enable;
+ DataSize = sizeof (OPAL_EXTRA_INFO_VAR);
+ Status = gRT->SetVariable (
+ OPAL_EXTRA_INFO_VAR_NAME,
+ &gOpalExtraInfoVariableGuid,
+ EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_NON_VOLATILE,
+ DataSize,
+ &OpalExtraInfo
+ );
return Status;
}
diff --git a/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalHiiFormStrings.uni b/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalHiiFormStrings.uni index 4cfbde3f84..754dbf776b 100644 --- a/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalHiiFormStrings.uni +++ b/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalHiiFormStrings.uni @@ -54,21 +54,9 @@ #string STR_DISK_INFO_REVERT #language en-US "Admin Revert to factory default and Disable"
#string STR_DISK_INFO_DISABLE_USER #language en-US "Disable User"
#string STR_DISK_INFO_ENABLE_FEATURE #language en-US "Enable Feature"
-#string STR_DISK_INFO_ENABLE_BLOCKSID #language en-US "TCG Storage Action"
-#string STR_ENABLED #language en-US "Enable BlockSID"
-#string STR_DISABLED #language en-US "Disable BlockSID"
-
-#string STR_NONE #language en-US "None"
-#string STR_DISK_INFO_ENABLE_BLOCKSID_TRUE #language en-US "Require physical presence when remote enable BlockSID"
-#string STR_DISK_INFO_ENABLE_BLOCKSID_FALSE #language en-US "Not require physical presence when remote enable BlockSID"
-#string STR_DISK_INFO_DISABLE_BLOCKSID_TRUE #language en-US "Require physical presence when remote disable BlockSID"
-#string STR_DISK_INFO_DISABLE_BLOCKSID_FALSE #language en-US "Not require physical presence when remote disable BlockSID"
-
-#string STR_BLOCKSID_STATUS_HELP #language en-US "BlockSID action change status"
-#string STR_BLOCKSID_STATUS #language en-US "Current BlockSID Status:"
-#string STR_BLOCKSID_STATUS1 #language en-US ""
-#string STR_BLOCKSID_STATUS2 #language en-US ""
-#string STR_BLOCKSID_STATUS3 #language en-US ""
+#string STR_DISK_INFO_ENABLE_BLOCKSID #language en-US "Enable BlockSID"
+#string STR_ENABLED #language en-US "Enabled"
+#string STR_DISABLED #language en-US "Disabled"
#string STR_DISK_INFO_GOTO_LOCK_HELP #language en-US "Lock the disk"
#string STR_DISK_INFO_GOTO_UNLOCK_HELP #language en-US "Unlock the disk"
@@ -78,7 +66,7 @@ #string STR_DISK_INFO_GOTO_PSID_REVERT_HELP #language en-US "Revert the disk to factory defaults"
#string STR_DISK_INFO_GOTO_DISABLE_USER_HELP #language en-US "Disable User"
#string STR_DISK_INFO_GOTO_ENABLE_FEATURE_HELP #language en-US "Enable Feature"
-#string STR_DISK_INFO_GOTO_ENABLE_BLOCKSID_HELP #language en-US "Change BlockSID actions, includes enable or disable BlockSID, Require or not require physical presence when remote enable or disable BlockSID"
+#string STR_DISK_INFO_GOTO_ENABLE_BLOCKSID_HELP #language en-US "Enable to send BlockSID command"
///////////////////////////////// DISK ACTION MENU FORM /////////////////////////////////
#string STR_DISK_ACTION_LBL #language en-US " "
diff --git a/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalHiiPrivate.h b/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalHiiPrivate.h index ec5a93cf3f..1f1afbc21e 100644 --- a/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalHiiPrivate.h +++ b/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalHiiPrivate.h @@ -211,15 +211,15 @@ HiiPasswordEntered( /**
Update block sid info.
- @param PpRequest Input the Pp Request.
+ @param Enable Enable/disable BlockSid.
@retval EFI_SUCCESS Do the required action success.
@retval Others Other error occur.
**/
EFI_STATUS
-HiiSetBlockSidAction (
- UINT32 PpRequest
+HiiSetBlockSid (
+ BOOLEAN Enable
);
/**
diff --git a/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalPasswordDxe.inf b/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalPasswordDxe.inf index 91c4bfc696..703c1b6039 100644 --- a/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalPasswordDxe.inf +++ b/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalPasswordDxe.inf @@ -62,7 +62,6 @@ OpalPasswordSupportLib
UefiLib
TcgStorageOpalLib
- TcgPhysicalPresenceStorageLib
[Protocols]
gEfiHiiConfigAccessProtocolGuid ## PRODUCES
diff --git a/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalPasswordForm.vfr b/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalPasswordForm.vfr index 218e0f442c..88cc2a1c4e 100644 --- a/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalPasswordForm.vfr +++ b/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalPasswordForm.vfr @@ -118,38 +118,15 @@ form formid = FORMID_VALUE_MAIN_MENU, subtitle text = STRING_TOKEN(STR_NULL);
- grayoutif TRUE;
- text
- help = STRING_TOKEN(STR_BLOCKSID_STATUS_HELP),
- text = STRING_TOKEN(STR_BLOCKSID_STATUS);
- text
- help = STRING_TOKEN(STR_BLOCKSID_STATUS_HELP),
- text = STRING_TOKEN(STR_BLOCKSID_STATUS1);
- text
- help = STRING_TOKEN(STR_BLOCKSID_STATUS_HELP),
- text = STRING_TOKEN(STR_BLOCKSID_STATUS2);
- text
- help = STRING_TOKEN(STR_BLOCKSID_STATUS_HELP),
- text = STRING_TOKEN(STR_BLOCKSID_STATUS3);
- subtitle text = STRING_TOKEN(STR_NULL);
- endif;
-
oneof varid = OpalHiiConfig.EnableBlockSid,
questionid = 0x8017, // 32791,
prompt = STRING_TOKEN(STR_DISK_INFO_ENABLE_BLOCKSID),
help = STRING_TOKEN(STR_DISK_INFO_GOTO_ENABLE_BLOCKSID_HELP),
flags = INTERACTIVE,
- option text = STRING_TOKEN(STR_NONE), value = 0, flags = DEFAULT | MANUFACTURING | RESET_REQUIRED;
+ option text = STRING_TOKEN(STR_DISABLED), value = 0, flags = DEFAULT | MANUFACTURING | RESET_REQUIRED;
option text = STRING_TOKEN(STR_ENABLED), value = 1, flags = RESET_REQUIRED;
- option text = STRING_TOKEN(STR_DISABLED), value = 2, flags = RESET_REQUIRED;
- option text = STRING_TOKEN(STR_DISK_INFO_ENABLE_BLOCKSID_TRUE), value = 3, flags = RESET_REQUIRED;
- option text = STRING_TOKEN(STR_DISK_INFO_ENABLE_BLOCKSID_FALSE), value = 4, flags = RESET_REQUIRED;
- option text = STRING_TOKEN(STR_DISK_INFO_DISABLE_BLOCKSID_TRUE), value = 5, flags = RESET_REQUIRED;
- option text = STRING_TOKEN(STR_DISK_INFO_DISABLE_BLOCKSID_FALSE), value = 6, flags = RESET_REQUIRED;
endoneof;
-
-
endform; // MAIN MENU FORM
//
|