/** @file | |
HDD password driver which is used to support HDD security feature. | |
Copyright (c) 2019, Intel Corporation. All rights reserved.<BR> | |
Copyright (c) Microsoft Corporation.<BR> | |
SPDX-License-Identifier: BSD-2-Clause-Patent | |
**/ | |
#include "HddPasswordDxe.h" | |
#include <Library/VariablePolicyHelperLib.h> | |
EFI_GUID mHddPasswordVendorGuid = HDD_PASSWORD_CONFIG_GUID; | |
CHAR16 mHddPasswordVendorStorageName[] = L"HDD_PASSWORD_CONFIG"; | |
LIST_ENTRY mHddPasswordConfigFormList; | |
UINT32 mNumberOfHddDevices = 0; | |
EFI_GUID mHddPasswordDeviceInfoGuid = HDD_PASSWORD_DEVICE_INFO_GUID; | |
BOOLEAN mHddPasswordEndOfDxe = FALSE; | |
HDD_PASSWORD_REQUEST_VARIABLE *mHddPasswordRequestVariable = NULL; | |
UINTN mHddPasswordRequestVariableSize = 0; | |
HII_VENDOR_DEVICE_PATH mHddPasswordHiiVendorDevicePath = { | |
{ | |
{ | |
HARDWARE_DEVICE_PATH, | |
HW_VENDOR_DP, | |
{ | |
(UINT8)(sizeof (VENDOR_DEVICE_PATH)), | |
(UINT8)((sizeof (VENDOR_DEVICE_PATH)) >> 8) | |
} | |
}, | |
HDD_PASSWORD_CONFIG_GUID | |
}, | |
{ | |
END_DEVICE_PATH_TYPE, | |
END_ENTIRE_DEVICE_PATH_SUBTYPE, | |
{ | |
(UINT8)(END_DEVICE_PATH_LENGTH), | |
(UINT8)((END_DEVICE_PATH_LENGTH) >> 8) | |
} | |
} | |
}; | |
/** | |
Check if the password is full zero. | |
@param[in] Password Points to the data buffer | |
@retval TRUE This password string is full zero. | |
@retval FALSE This password string is not full zero. | |
**/ | |
BOOLEAN | |
PasswordIsFullZero ( | |
IN CHAR8 *Password | |
) | |
{ | |
UINTN Index; | |
for (Index = 0; Index < HDD_PASSWORD_MAX_LENGTH; Index++) { | |
if (Password[Index] != 0) { | |
return FALSE; | |
} | |
} | |
return TRUE; | |
} | |
/** | |
Save device info. | |
@param[in] ConfigFormEntry Points to HDD_PASSWORD_CONFIG_FORM_ENTRY buffer | |
@param[in,out] TempDevInfo Points to HDD_PASSWORD_DEVICE_INFO buffer | |
**/ | |
VOID | |
SaveDeviceInfo ( | |
IN HDD_PASSWORD_CONFIG_FORM_ENTRY *ConfigFormEntry, | |
IN OUT HDD_PASSWORD_DEVICE_INFO *TempDevInfo | |
) | |
{ | |
TempDevInfo->Device.Bus = (UINT8)ConfigFormEntry->Bus; | |
TempDevInfo->Device.Device = (UINT8)ConfigFormEntry->Device; | |
TempDevInfo->Device.Function = (UINT8)ConfigFormEntry->Function; | |
TempDevInfo->Device.Port = ConfigFormEntry->Port; | |
TempDevInfo->Device.PortMultiplierPort = ConfigFormEntry->PortMultiplierPort; | |
CopyMem (TempDevInfo->Password, ConfigFormEntry->Password, HDD_PASSWORD_MAX_LENGTH); | |
TempDevInfo->DevicePathLength = (UINT32)GetDevicePathSize (ConfigFormEntry->DevicePath); | |
CopyMem (TempDevInfo->DevicePath, ConfigFormEntry->DevicePath, TempDevInfo->DevicePathLength); | |
} | |
/** | |
Build HDD password device info and save them to LockBox. | |
**/ | |
VOID | |
BuildHddPasswordDeviceInfo ( | |
VOID | |
) | |
{ | |
EFI_STATUS Status; | |
LIST_ENTRY *Entry; | |
HDD_PASSWORD_CONFIG_FORM_ENTRY *ConfigFormEntry; | |
HDD_PASSWORD_DEVICE_INFO *DevInfo; | |
HDD_PASSWORD_DEVICE_INFO *TempDevInfo; | |
UINTN DevInfoLength; | |
UINT8 DummyData; | |
BOOLEAN S3InitDevicesExist; | |
UINTN S3InitDevicesLength; | |
EFI_DEVICE_PATH_PROTOCOL *S3InitDevices; | |
EFI_DEVICE_PATH_PROTOCOL *S3InitDevicesBak; | |
// | |
// Build HDD password device info and save them to LockBox. | |
// | |
DevInfoLength = 0; | |
BASE_LIST_FOR_EACH (Entry, &mHddPasswordConfigFormList) { | |
ConfigFormEntry = BASE_CR (Entry, HDD_PASSWORD_CONFIG_FORM_ENTRY, Link); | |
// | |
// 1. Handle device which already set password. | |
// 2. When request to send freeze command, driver also needs to handle device | |
// which support security feature. | |
// | |
if ((!PasswordIsFullZero (ConfigFormEntry->Password)) || | |
((ConfigFormEntry->IfrData.SecurityStatus.Supported != 0) && | |
(ConfigFormEntry->IfrData.SecurityStatus.Enabled == 0))) | |
{ | |
DevInfoLength += sizeof (HDD_PASSWORD_DEVICE_INFO) + | |
GetDevicePathSize (ConfigFormEntry->DevicePath); | |
} | |
} | |
if (DevInfoLength == 0) { | |
return; | |
} | |
S3InitDevicesLength = sizeof (DummyData); | |
Status = RestoreLockBox ( | |
&gS3StorageDeviceInitListGuid, | |
&DummyData, | |
&S3InitDevicesLength | |
); | |
ASSERT ((Status == EFI_NOT_FOUND) || (Status == EFI_BUFFER_TOO_SMALL)); | |
if (Status == EFI_NOT_FOUND) { | |
S3InitDevices = NULL; | |
S3InitDevicesExist = FALSE; | |
} else if (Status == EFI_BUFFER_TOO_SMALL) { | |
S3InitDevices = AllocatePool (S3InitDevicesLength); | |
ASSERT (S3InitDevices != NULL); | |
Status = RestoreLockBox ( | |
&gS3StorageDeviceInitListGuid, | |
S3InitDevices, | |
&S3InitDevicesLength | |
); | |
ASSERT_EFI_ERROR (Status); | |
S3InitDevicesExist = TRUE; | |
} else { | |
return; | |
} | |
DevInfo = AllocateZeroPool (DevInfoLength); | |
ASSERT (DevInfo != NULL); | |
TempDevInfo = DevInfo; | |
BASE_LIST_FOR_EACH (Entry, &mHddPasswordConfigFormList) { | |
ConfigFormEntry = BASE_CR (Entry, HDD_PASSWORD_CONFIG_FORM_ENTRY, Link); | |
if ((!PasswordIsFullZero (ConfigFormEntry->Password)) || | |
((ConfigFormEntry->IfrData.SecurityStatus.Supported != 0) && | |
(ConfigFormEntry->IfrData.SecurityStatus.Enabled == 0))) | |
{ | |
SaveDeviceInfo (ConfigFormEntry, TempDevInfo); | |
S3InitDevicesBak = S3InitDevices; | |
S3InitDevices = AppendDevicePathInstance ( | |
S3InitDevicesBak, | |
ConfigFormEntry->DevicePath | |
); | |
if (S3InitDevicesBak != NULL) { | |
FreePool (S3InitDevicesBak); | |
} | |
ASSERT (S3InitDevices != NULL); | |
TempDevInfo = (HDD_PASSWORD_DEVICE_INFO *)((UINTN)TempDevInfo + | |
sizeof (HDD_PASSWORD_DEVICE_INFO) + | |
TempDevInfo->DevicePathLength); | |
} | |
} | |
Status = SaveLockBox ( | |
&mHddPasswordDeviceInfoGuid, | |
DevInfo, | |
DevInfoLength | |
); | |
ASSERT_EFI_ERROR (Status); | |
Status = SetLockBoxAttributes ( | |
&mHddPasswordDeviceInfoGuid, | |
LOCK_BOX_ATTRIBUTE_RESTORE_IN_S3_ONLY | |
); | |
ASSERT_EFI_ERROR (Status); | |
S3InitDevicesLength = GetDevicePathSize (S3InitDevices); | |
if (S3InitDevicesExist) { | |
Status = UpdateLockBox ( | |
&gS3StorageDeviceInitListGuid, | |
0, | |
S3InitDevices, | |
S3InitDevicesLength | |
); | |
ASSERT_EFI_ERROR (Status); | |
} else { | |
Status = SaveLockBox ( | |
&gS3StorageDeviceInitListGuid, | |
S3InitDevices, | |
S3InitDevicesLength | |
); | |
ASSERT_EFI_ERROR (Status); | |
Status = SetLockBoxAttributes ( | |
&gS3StorageDeviceInitListGuid, | |
LOCK_BOX_ATTRIBUTE_RESTORE_IN_S3_ONLY | |
); | |
ASSERT_EFI_ERROR (Status); | |
} | |
ZeroMem (DevInfo, DevInfoLength); | |
FreePool (DevInfo); | |
FreePool (S3InitDevices); | |
} | |
/** | |
Send freeze lock cmd through Ata Pass Thru Protocol. | |
@param[in] AtaPassThru The pointer to the ATA_PASS_THRU protocol. | |
@param[in] Port The port number of the ATA device to send the command. | |
@param[in] PortMultiplierPort The port multiplier port number of the ATA device to send the command. | |
If there is no port multiplier, then specify 0xFFFF. | |
@retval EFI_SUCCESS Successful to send freeze lock cmd. | |
@retval EFI_INVALID_PARAMETER The parameter passed-in is invalid. | |
@retval EFI_OUT_OF_RESOURCES Not enough memory to send freeze lock cmd. | |
@retval EFI_DEVICE_ERROR Can not send freeze lock cmd. | |
**/ | |
EFI_STATUS | |
FreezeLockDevice ( | |
IN EFI_ATA_PASS_THRU_PROTOCOL *AtaPassThru, | |
IN UINT16 Port, | |
IN UINT16 PortMultiplierPort | |
) | |
{ | |
EFI_STATUS Status; | |
EFI_ATA_COMMAND_BLOCK Acb; | |
EFI_ATA_STATUS_BLOCK *Asb; | |
EFI_ATA_PASS_THRU_COMMAND_PACKET Packet; | |
if (AtaPassThru == NULL) { | |
return EFI_INVALID_PARAMETER; | |
} | |
// | |
// The 'Asb' field (a pointer to the EFI_ATA_STATUS_BLOCK structure) in | |
// EFI_ATA_PASS_THRU_COMMAND_PACKET is required to be aligned specified by | |
// the 'IoAlign' field in the EFI_ATA_PASS_THRU_MODE structure. Meanwhile, | |
// the structure EFI_ATA_STATUS_BLOCK is composed of only UINT8 fields, so it | |
// may not be aligned when allocated on stack for some compilers. Hence, we | |
// use the API AllocateAlignedPages to ensure this structure is properly | |
// aligned. | |
// | |
Asb = AllocateAlignedPages ( | |
EFI_SIZE_TO_PAGES (sizeof (EFI_ATA_STATUS_BLOCK)), | |
AtaPassThru->Mode->IoAlign | |
); | |
if (Asb == NULL) { | |
return EFI_OUT_OF_RESOURCES; | |
} | |
// | |
// Prepare for ATA command block. | |
// | |
ZeroMem (&Acb, sizeof (Acb)); | |
ZeroMem (Asb, sizeof (EFI_ATA_STATUS_BLOCK)); | |
Acb.AtaCommand = ATA_SECURITY_FREEZE_LOCK_CMD; | |
Acb.AtaDeviceHead = (UINT8)(PortMultiplierPort == 0xFFFF ? 0 : (PortMultiplierPort << 4)); | |
// | |
// Prepare for ATA pass through packet. | |
// | |
ZeroMem (&Packet, sizeof (Packet)); | |
Packet.Protocol = EFI_ATA_PASS_THRU_PROTOCOL_ATA_NON_DATA; | |
Packet.Length = EFI_ATA_PASS_THRU_LENGTH_NO_DATA_TRANSFER; | |
Packet.Asb = Asb; | |
Packet.Acb = &Acb; | |
Packet.Timeout = ATA_TIMEOUT; | |
Status = AtaPassThru->PassThru ( | |
AtaPassThru, | |
Port, | |
PortMultiplierPort, | |
&Packet, | |
NULL | |
); | |
if (!EFI_ERROR (Status) && | |
((Asb->AtaStatus & ATA_STSREG_ERR) != 0) && | |
((Asb->AtaError & ATA_ERRREG_ABRT) != 0)) | |
{ | |
Status = EFI_DEVICE_ERROR; | |
} | |
FreeAlignedPages (Asb, EFI_SIZE_TO_PAGES (sizeof (EFI_ATA_STATUS_BLOCK))); | |
DEBUG ((DEBUG_INFO, "%a() - %r\n", __func__, Status)); | |
return Status; | |
} | |
/** | |
Get attached harddisk identify data through Ata Pass Thru Protocol. | |
@param[in] AtaPassThru The pointer to the ATA_PASS_THRU protocol. | |
@param[in] Port The port number of the ATA device to send the command. | |
@param[in] PortMultiplierPort The port multiplier port number of the ATA device to send the command. | |
If there is no port multiplier, then specify 0xFFFF. | |
@param[in] IdentifyData The buffer to store identify data. | |
@retval EFI_SUCCESS Successful to get identify data. | |
@retval EFI_INVALID_PARAMETER The parameter passed-in is invalid. | |
@retval EFI_OUT_OF_RESOURCES Not enough memory to get identify data. | |
@retval EFI_DEVICE_ERROR Can not get identify data. | |
**/ | |
EFI_STATUS | |
GetHddDeviceIdentifyData ( | |
IN EFI_ATA_PASS_THRU_PROTOCOL *AtaPassThru, | |
IN UINT16 Port, | |
IN UINT16 PortMultiplierPort, | |
IN ATA_IDENTIFY_DATA *IdentifyData | |
) | |
{ | |
EFI_STATUS Status; | |
EFI_ATA_COMMAND_BLOCK Acb; | |
EFI_ATA_STATUS_BLOCK *Asb; | |
EFI_ATA_PASS_THRU_COMMAND_PACKET Packet; | |
if ((AtaPassThru == NULL) || (IdentifyData == NULL)) { | |
return EFI_INVALID_PARAMETER; | |
} | |
// | |
// The 'Asb' field (a pointer to the EFI_ATA_STATUS_BLOCK structure) in | |
// EFI_ATA_PASS_THRU_COMMAND_PACKET is required to be aligned specified by | |
// the 'IoAlign' field in the EFI_ATA_PASS_THRU_MODE structure. Meanwhile, | |
// the structure EFI_ATA_STATUS_BLOCK is composed of only UINT8 fields, so it | |
// may not be aligned when allocated on stack for some compilers. Hence, we | |
// use the API AllocateAlignedPages to ensure this structure is properly | |
// aligned. | |
// | |
Asb = AllocateAlignedPages ( | |
EFI_SIZE_TO_PAGES (sizeof (EFI_ATA_STATUS_BLOCK)), | |
AtaPassThru->Mode->IoAlign | |
); | |
if (Asb == NULL) { | |
return EFI_OUT_OF_RESOURCES; | |
} | |
// | |
// Prepare for ATA command block. | |
// | |
ZeroMem (&Acb, sizeof (Acb)); | |
ZeroMem (Asb, sizeof (EFI_ATA_STATUS_BLOCK)); | |
Acb.AtaCommand = ATA_CMD_IDENTIFY_DRIVE; | |
Acb.AtaDeviceHead = (UINT8)(BIT7 | BIT6 | BIT5 | (PortMultiplierPort == 0xFFFF ? 0 : (PortMultiplierPort << 4))); | |
// | |
// Prepare for ATA pass through packet. | |
// | |
ZeroMem (&Packet, sizeof (Packet)); | |
Packet.Protocol = EFI_ATA_PASS_THRU_PROTOCOL_PIO_DATA_IN; | |
Packet.Length = EFI_ATA_PASS_THRU_LENGTH_BYTES | EFI_ATA_PASS_THRU_LENGTH_SECTOR_COUNT; | |
Packet.Asb = Asb; | |
Packet.Acb = &Acb; | |
Packet.InDataBuffer = IdentifyData; | |
Packet.InTransferLength = sizeof (ATA_IDENTIFY_DATA); | |
Packet.Timeout = ATA_TIMEOUT; | |
Status = AtaPassThru->PassThru ( | |
AtaPassThru, | |
Port, | |
PortMultiplierPort, | |
&Packet, | |
NULL | |
); | |
FreeAlignedPages (Asb, EFI_SIZE_TO_PAGES (sizeof (EFI_ATA_STATUS_BLOCK))); | |
return Status; | |
} | |
/** | |
Parse security status according to identify data. | |
@param[in] IdentifyData The buffer to store identify data. | |
@param[in, out] IfrData IFR data to hold security status. | |
**/ | |
VOID | |
GetHddPasswordSecurityStatus ( | |
IN ATA_IDENTIFY_DATA *IdentifyData, | |
IN OUT HDD_PASSWORD_CONFIG *IfrData | |
) | |
{ | |
IfrData->SecurityStatus.Supported = (IdentifyData->command_set_supported_82 & BIT1) ? 1 : 0; | |
IfrData->SecurityStatus.Enabled = (IdentifyData->security_status & BIT1) ? 1 : 0; | |
IfrData->SecurityStatus.Locked = (IdentifyData->security_status & BIT2) ? 1 : 0; | |
IfrData->SecurityStatus.Frozen = (IdentifyData->security_status & BIT3) ? 1 : 0; | |
IfrData->SecurityStatus.UserPasswordStatus = IfrData->SecurityStatus.Enabled; | |
IfrData->SecurityStatus.MasterPasswordStatus = IfrData->SecurityStatus.Supported; | |
DEBUG ((DEBUG_INFO, "IfrData->SecurityStatus.Supported = %x\n", IfrData->SecurityStatus.Supported)); | |
DEBUG ((DEBUG_INFO, "IfrData->SecurityStatus.Enabled = %x\n", IfrData->SecurityStatus.Enabled)); | |
DEBUG ((DEBUG_INFO, "IfrData->SecurityStatus.Locked = %x\n", IfrData->SecurityStatus.Locked)); | |
DEBUG ((DEBUG_INFO, "IfrData->SecurityStatus.Frozen = %x\n", IfrData->SecurityStatus.Frozen)); | |
DEBUG ((DEBUG_INFO, "IfrData->SecurityStatus.UserPasswordStatus = %x\n", IfrData->SecurityStatus.UserPasswordStatus)); | |
DEBUG ((DEBUG_INFO, "IfrData->SecurityStatus.MasterPasswordStatus = %x\n", IfrData->SecurityStatus.MasterPasswordStatus)); | |
} | |
/** | |
Notification function of EFI_END_OF_DXE_EVENT_GROUP_GUID event group. | |
This is a notification function registered on EFI_END_OF_DXE_EVENT_GROUP_GUID event group. | |
@param Event Event whose notification function is being invoked. | |
@param Context Pointer to the notification function's context. | |
**/ | |
VOID | |
EFIAPI | |
HddPasswordEndOfDxeEventNotify ( | |
EFI_EVENT Event, | |
VOID *Context | |
) | |
{ | |
LIST_ENTRY *Entry; | |
HDD_PASSWORD_CONFIG_FORM_ENTRY *ConfigFormEntry; | |
EFI_STATUS Status; | |
ATA_IDENTIFY_DATA IdentifyData; | |
DEBUG ((DEBUG_INFO, "%a() - enter\n", __func__)); | |
mHddPasswordEndOfDxe = TRUE; | |
if (mHddPasswordRequestVariable != NULL) { | |
// | |
// Free the HDD password request variable buffer here | |
// as the HDD password requests should have been processed. | |
// | |
FreePool (mHddPasswordRequestVariable); | |
mHddPasswordRequestVariable = NULL; | |
mHddPasswordRequestVariableSize = 0; | |
} | |
// | |
// If no any device, return directly. | |
// | |
if (IsListEmpty (&mHddPasswordConfigFormList)) { | |
gBS->CloseEvent (Event); | |
return; | |
} | |
BuildHddPasswordDeviceInfo (); | |
// | |
// Zero passsword and freeze lock device. | |
// | |
BASE_LIST_FOR_EACH (Entry, &mHddPasswordConfigFormList) { | |
ConfigFormEntry = BASE_CR (Entry, HDD_PASSWORD_CONFIG_FORM_ENTRY, Link); | |
ZeroMem (ConfigFormEntry->Password, HDD_PASSWORD_MAX_LENGTH); | |
// | |
// Check whether need send freeze lock command. | |
// Below device will be froze: | |
// 1. Device not enable password. | |
// 2. Device enable password and unlocked. | |
// | |
if ((ConfigFormEntry->IfrData.SecurityStatus.Supported != 0) && | |
(ConfigFormEntry->IfrData.SecurityStatus.Locked == 0) && | |
(ConfigFormEntry->IfrData.SecurityStatus.Frozen == 0)) | |
{ | |
Status = FreezeLockDevice (ConfigFormEntry->AtaPassThru, ConfigFormEntry->Port, ConfigFormEntry->PortMultiplierPort); | |
DEBUG ((DEBUG_INFO, "FreezeLockDevice return %r!\n", Status)); | |
Status = GetHddDeviceIdentifyData ( | |
ConfigFormEntry->AtaPassThru, | |
ConfigFormEntry->Port, | |
ConfigFormEntry->PortMultiplierPort, | |
&IdentifyData | |
); | |
GetHddPasswordSecurityStatus (&IdentifyData, &ConfigFormEntry->IfrData); | |
} | |
} | |
DEBUG ((DEBUG_INFO, "%a() - exit\n", __func__)); | |
gBS->CloseEvent (Event); | |
} | |
/** | |
Generate Salt value. | |
@param[in, out] SaltValue Points to the salt buffer, 32 bytes | |
**/ | |
VOID | |
GenSalt ( | |
IN OUT UINT8 *SaltValue | |
) | |
{ | |
RandomSeed (NULL, 0); | |
RandomBytes (SaltValue, PASSWORD_SALT_SIZE); | |
} | |
/** | |
Hash the data to get credential. | |
@param[in] Buffer Points to the data buffer | |
@param[in] BufferSize Buffer size | |
@param[in] SaltValue Points to the salt buffer, 32 bytes | |
@param[out] Credential Points to the hashed result | |
@retval TRUE Hash the data successfully. | |
@retval FALSE Failed to hash the data. | |
**/ | |
BOOLEAN | |
GenerateCredential ( | |
IN UINT8 *Buffer, | |
IN UINTN BufferSize, | |
IN UINT8 *SaltValue, | |
OUT UINT8 *Credential | |
) | |
{ | |
BOOLEAN Status; | |
UINTN HashSize; | |
VOID *Hash; | |
VOID *HashData; | |
Hash = NULL; | |
HashData = NULL; | |
Status = FALSE; | |
HashSize = Sha256GetContextSize (); | |
Hash = AllocateZeroPool (HashSize); | |
ASSERT (Hash != NULL); | |
if (Hash == NULL) { | |
goto Done; | |
} | |
Status = Sha256Init (Hash); | |
if (!Status) { | |
goto Done; | |
} | |
HashData = AllocateZeroPool (PASSWORD_SALT_SIZE + BufferSize); | |
ASSERT (HashData != NULL); | |
if (HashData == NULL) { | |
goto Done; | |
} | |
CopyMem (HashData, SaltValue, PASSWORD_SALT_SIZE); | |
CopyMem ((UINT8 *)HashData + PASSWORD_SALT_SIZE, Buffer, BufferSize); | |
Status = Sha256Update (Hash, HashData, PASSWORD_SALT_SIZE + BufferSize); | |
if (!Status) { | |
goto Done; | |
} | |
Status = Sha256Final (Hash, Credential); | |
Done: | |
if (Hash != NULL) { | |
FreePool (Hash); | |
} | |
if (HashData != NULL) { | |
ZeroMem (HashData, PASSWORD_SALT_SIZE + BufferSize); | |
FreePool (HashData); | |
} | |
return Status; | |
} | |
/** | |
Save HDD password variable that will be used to validate HDD password | |
when the device is at frozen state. | |
@param[in] ConfigFormEntry The HDD Password configuration form entry. | |
@param[in] Password The hdd password of attached ATA device. | |
**/ | |
VOID | |
SaveHddPasswordVariable ( | |
IN HDD_PASSWORD_CONFIG_FORM_ENTRY *ConfigFormEntry, | |
IN CHAR8 *Password | |
) | |
{ | |
EFI_STATUS Status; | |
HDD_PASSWORD_VARIABLE *TempVariable; | |
UINTN TempVariableSize; | |
HDD_PASSWORD_VARIABLE *NextNode; | |
HDD_PASSWORD_VARIABLE *Variable; | |
UINTN VariableSize; | |
HDD_PASSWORD_VARIABLE *NewVariable; | |
UINTN NewVariableSize; | |
BOOLEAN Delete; | |
BOOLEAN HashOk; | |
UINT8 HashData[SHA256_DIGEST_SIZE]; | |
UINT8 SaltData[PASSWORD_SALT_SIZE]; | |
DEBUG ((DEBUG_INFO, "%a() - enter\n", __func__)); | |
Delete = FALSE; | |
if (!PasswordIsFullZero (Password)) { | |
// | |
// It is Set/Update HDD Password. | |
// | |
ZeroMem (HashData, sizeof (HashData)); | |
ZeroMem (SaltData, sizeof (SaltData)); | |
GenSalt (SaltData); | |
HashOk = GenerateCredential ((UINT8 *)Password, HDD_PASSWORD_MAX_LENGTH, SaltData, HashData); | |
if (!HashOk) { | |
DEBUG ((DEBUG_INFO, "GenerateCredential failed\n")); | |
return; | |
} | |
} else { | |
// | |
// It is Disable HDD Password. | |
// Go to delete the variable node for the HDD password device. | |
// | |
Delete = TRUE; | |
} | |
Variable = NULL; | |
VariableSize = 0; | |
NewVariable = NULL; | |
NewVariableSize = 0; | |
Status = GetVariable2 ( | |
HDD_PASSWORD_VARIABLE_NAME, | |
&mHddPasswordVendorGuid, | |
(VOID **)&Variable, | |
&VariableSize | |
); | |
if (Delete) { | |
if (!EFI_ERROR (Status) && (Variable != NULL)) { | |
TempVariable = Variable; | |
TempVariableSize = VariableSize; | |
while (TempVariableSize >= sizeof (HDD_PASSWORD_VARIABLE)) { | |
if ((TempVariable->Device.Bus == ConfigFormEntry->Bus) && | |
(TempVariable->Device.Device == ConfigFormEntry->Device) && | |
(TempVariable->Device.Function == ConfigFormEntry->Function) && | |
(TempVariable->Device.Port == ConfigFormEntry->Port) && | |
(TempVariable->Device.PortMultiplierPort == ConfigFormEntry->PortMultiplierPort)) | |
{ | |
// | |
// Found the node for the HDD password device. | |
// Delete the node. | |
// | |
NextNode = TempVariable + 1; | |
CopyMem (TempVariable, NextNode, (UINTN)Variable + VariableSize - (UINTN)NextNode); | |
NewVariable = Variable; | |
NewVariableSize = VariableSize - sizeof (HDD_PASSWORD_VARIABLE); | |
break; | |
} | |
TempVariableSize -= sizeof (HDD_PASSWORD_VARIABLE); | |
TempVariable += 1; | |
} | |
if (NewVariable == NULL) { | |
DEBUG ((DEBUG_INFO, "The variable node for the HDD password device is not found\n")); | |
} | |
} else { | |
DEBUG ((DEBUG_INFO, "HddPassword variable get failed (%r)\n", Status)); | |
} | |
} else { | |
if (!EFI_ERROR (Status) && (Variable != NULL)) { | |
TempVariable = Variable; | |
TempVariableSize = VariableSize; | |
while (TempVariableSize >= sizeof (HDD_PASSWORD_VARIABLE)) { | |
if ((TempVariable->Device.Bus == ConfigFormEntry->Bus) && | |
(TempVariable->Device.Device == ConfigFormEntry->Device) && | |
(TempVariable->Device.Function == ConfigFormEntry->Function) && | |
(TempVariable->Device.Port == ConfigFormEntry->Port) && | |
(TempVariable->Device.PortMultiplierPort == ConfigFormEntry->PortMultiplierPort)) | |
{ | |
// | |
// Found the node for the HDD password device. | |
// Update the node. | |
// | |
CopyMem (TempVariable->PasswordHash, HashData, sizeof (HashData)); | |
CopyMem (TempVariable->PasswordSalt, SaltData, sizeof (SaltData)); | |
NewVariable = Variable; | |
NewVariableSize = VariableSize; | |
break; | |
} | |
TempVariableSize -= sizeof (HDD_PASSWORD_VARIABLE); | |
TempVariable += 1; | |
} | |
if (NewVariable == NULL) { | |
// | |
// The node for the HDD password device is not found. | |
// Create node for the HDD password device. | |
// | |
NewVariableSize = VariableSize + sizeof (HDD_PASSWORD_VARIABLE); | |
NewVariable = AllocateZeroPool (NewVariableSize); | |
ASSERT (NewVariable != NULL); | |
CopyMem (NewVariable, Variable, VariableSize); | |
TempVariable = (HDD_PASSWORD_VARIABLE *)((UINTN)NewVariable + VariableSize); | |
TempVariable->Device.Bus = (UINT8)ConfigFormEntry->Bus; | |
TempVariable->Device.Device = (UINT8)ConfigFormEntry->Device; | |
TempVariable->Device.Function = (UINT8)ConfigFormEntry->Function; | |
TempVariable->Device.Port = ConfigFormEntry->Port; | |
TempVariable->Device.PortMultiplierPort = ConfigFormEntry->PortMultiplierPort; | |
CopyMem (TempVariable->PasswordHash, HashData, sizeof (HashData)); | |
CopyMem (TempVariable->PasswordSalt, SaltData, sizeof (SaltData)); | |
} | |
} else { | |
NewVariableSize = sizeof (HDD_PASSWORD_VARIABLE); | |
NewVariable = AllocateZeroPool (NewVariableSize); | |
ASSERT (NewVariable != NULL); | |
NewVariable->Device.Bus = (UINT8)ConfigFormEntry->Bus; | |
NewVariable->Device.Device = (UINT8)ConfigFormEntry->Device; | |
NewVariable->Device.Function = (UINT8)ConfigFormEntry->Function; | |
NewVariable->Device.Port = ConfigFormEntry->Port; | |
NewVariable->Device.PortMultiplierPort = ConfigFormEntry->PortMultiplierPort; | |
CopyMem (NewVariable->PasswordHash, HashData, sizeof (HashData)); | |
CopyMem (NewVariable->PasswordSalt, SaltData, sizeof (SaltData)); | |
} | |
} | |
if (NewVariable != NULL) { | |
Status = gRT->SetVariable ( | |
HDD_PASSWORD_VARIABLE_NAME, | |
&mHddPasswordVendorGuid, | |
EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS, | |
NewVariableSize, | |
NewVariable | |
); | |
if (EFI_ERROR (Status)) { | |
DEBUG ((DEBUG_INFO, "HddPassword variable set failed (%r)\n", Status)); | |
} | |
} | |
if (NewVariable != Variable) { | |
FreePool (NewVariable); | |
} | |
if (Variable != NULL) { | |
FreePool (Variable); | |
} | |
DEBUG ((DEBUG_INFO, "%a() - exit\n", __func__)); | |
} | |
/** | |
Get saved HDD password variable that will be used to validate HDD password | |
when the device is at frozen state. | |
@param[in] ConfigFormEntry The HDD Password configuration form entry. | |
@param[out] HddPasswordVariable The variable node for the HDD password device. | |
@retval TRUE The variable node for the HDD password device is found and returned. | |
@retval FALSE The variable node for the HDD password device is not found. | |
**/ | |
BOOLEAN | |
GetSavedHddPasswordVariable ( | |
IN HDD_PASSWORD_CONFIG_FORM_ENTRY *ConfigFormEntry, | |
OUT HDD_PASSWORD_VARIABLE *HddPasswordVariable | |
) | |
{ | |
EFI_STATUS Status; | |
HDD_PASSWORD_VARIABLE *TempVariable; | |
HDD_PASSWORD_VARIABLE *Variable; | |
UINTN VariableSize; | |
BOOLEAN Found; | |
DEBUG ((DEBUG_INFO, "%a() - enter\n", __func__)); | |
Variable = NULL; | |
VariableSize = 0; | |
Status = GetVariable2 ( | |
HDD_PASSWORD_VARIABLE_NAME, | |
&mHddPasswordVendorGuid, | |
(VOID **)&Variable, | |
&VariableSize | |
); | |
if (EFI_ERROR (Status) || (Variable == NULL)) { | |
DEBUG ((DEBUG_INFO, "HddPassword variable get failed (%r)\n", Status)); | |
return FALSE; | |
} | |
Found = FALSE; | |
TempVariable = Variable; | |
while (VariableSize >= sizeof (HDD_PASSWORD_VARIABLE)) { | |
if ((TempVariable->Device.Bus == ConfigFormEntry->Bus) && | |
(TempVariable->Device.Device == ConfigFormEntry->Device) && | |
(TempVariable->Device.Function == ConfigFormEntry->Function) && | |
(TempVariable->Device.Port == ConfigFormEntry->Port) && | |
(TempVariable->Device.PortMultiplierPort == ConfigFormEntry->PortMultiplierPort)) | |
{ | |
// | |
// Found the node for the HDD password device. | |
// Get the node. | |
// | |
CopyMem (HddPasswordVariable, TempVariable, sizeof (HDD_PASSWORD_VARIABLE)); | |
Found = TRUE; | |
break; | |
} | |
VariableSize -= sizeof (HDD_PASSWORD_VARIABLE); | |
TempVariable += 1; | |
} | |
FreePool (Variable); | |
if (!Found) { | |
DEBUG ((DEBUG_INFO, "The variable node for the HDD password device is not found\n")); | |
} | |
DEBUG ((DEBUG_INFO, "%a() - exit\n", __func__)); | |
return Found; | |
} | |
/** | |
Use saved HDD password variable to validate HDD password | |
when the device is at frozen state. | |
@param[in] ConfigFormEntry The HDD Password configuration form entry. | |
@param[in] Password The hdd password of attached ATA device. | |
@retval EFI_SUCCESS Pass to validate the HDD password. | |
@retval EFI_NOT_FOUND The variable node for the HDD password device is not found. | |
@retval EFI_DEVICE_ERROR Failed to generate credential for the HDD password. | |
@retval EFI_INVALID_PARAMETER Failed to validate the HDD password. | |
**/ | |
EFI_STATUS | |
ValidateHddPassword ( | |
IN HDD_PASSWORD_CONFIG_FORM_ENTRY *ConfigFormEntry, | |
IN CHAR8 *Password | |
) | |
{ | |
EFI_STATUS Status; | |
HDD_PASSWORD_VARIABLE HddPasswordVariable; | |
BOOLEAN HashOk; | |
UINT8 HashData[SHA256_DIGEST_SIZE]; | |
DEBUG ((DEBUG_INFO, "%a() - enter\n", __func__)); | |
if (!GetSavedHddPasswordVariable (ConfigFormEntry, &HddPasswordVariable)) { | |
DEBUG ((DEBUG_INFO, "GetSavedHddPasswordVariable failed\n")); | |
return EFI_NOT_FOUND; | |
} | |
ZeroMem (HashData, sizeof (HashData)); | |
HashOk = GenerateCredential ((UINT8 *)Password, HDD_PASSWORD_MAX_LENGTH, HddPasswordVariable.PasswordSalt, HashData); | |
if (!HashOk) { | |
DEBUG ((DEBUG_INFO, "GenerateCredential failed\n")); | |
return EFI_DEVICE_ERROR; | |
} | |
if (CompareMem (HddPasswordVariable.PasswordHash, HashData, sizeof (HashData)) != 0) { | |
Status = EFI_INVALID_PARAMETER; | |
} else { | |
Status = EFI_SUCCESS; | |
} | |
DEBUG ((DEBUG_INFO, "%a() - exit (%r)\n", __func__, Status)); | |
return Status; | |
} | |
/** | |
Send unlock hdd password cmd through Ata Pass Thru Protocol. | |
@param[in] AtaPassThru The pointer to the ATA_PASS_THRU protocol. | |
@param[in] Port The port number of the ATA device to send the command. | |
@param[in] PortMultiplierPort The port multiplier port number of the ATA device to send the command. | |
If there is no port multiplier, then specify 0xFFFF. | |
@param[in] Identifier The identifier to set user or master password. | |
@param[in] Password The hdd password of attached ATA device. | |
@retval EFI_SUCCESS Successful to send unlock hdd password cmd. | |
@retval EFI_INVALID_PARAMETER The parameter passed-in is invalid. | |
@retval EFI_OUT_OF_RESOURCES Not enough memory to send unlock hdd password cmd. | |
@retval EFI_DEVICE_ERROR Can not send unlock hdd password cmd. | |
**/ | |
EFI_STATUS | |
UnlockHddPassword ( | |
IN EFI_ATA_PASS_THRU_PROTOCOL *AtaPassThru, | |
IN UINT16 Port, | |
IN UINT16 PortMultiplierPort, | |
IN CHAR8 Identifier, | |
IN CHAR8 *Password | |
) | |
{ | |
EFI_STATUS Status; | |
EFI_ATA_COMMAND_BLOCK Acb; | |
EFI_ATA_STATUS_BLOCK *Asb; | |
EFI_ATA_PASS_THRU_COMMAND_PACKET Packet; | |
UINT8 Buffer[HDD_PAYLOAD]; | |
if ((AtaPassThru == NULL) || (Password == NULL)) { | |
return EFI_INVALID_PARAMETER; | |
} | |
// | |
// The 'Asb' field (a pointer to the EFI_ATA_STATUS_BLOCK structure) in | |
// EFI_ATA_PASS_THRU_COMMAND_PACKET is required to be aligned specified by | |
// the 'IoAlign' field in the EFI_ATA_PASS_THRU_MODE structure. Meanwhile, | |
// the structure EFI_ATA_STATUS_BLOCK is composed of only UINT8 fields, so it | |
// may not be aligned when allocated on stack for some compilers. Hence, we | |
// use the API AllocateAlignedPages to ensure this structure is properly | |
// aligned. | |
// | |
Asb = AllocateAlignedPages ( | |
EFI_SIZE_TO_PAGES (sizeof (EFI_ATA_STATUS_BLOCK)), | |
AtaPassThru->Mode->IoAlign | |
); | |
if (Asb == NULL) { | |
return EFI_OUT_OF_RESOURCES; | |
} | |
// | |
// Prepare for ATA command block. | |
// | |
ZeroMem (&Acb, sizeof (Acb)); | |
ZeroMem (Asb, sizeof (EFI_ATA_STATUS_BLOCK)); | |
Acb.AtaCommand = ATA_SECURITY_UNLOCK_CMD; | |
Acb.AtaDeviceHead = (UINT8)(PortMultiplierPort == 0xFFFF ? 0 : (PortMultiplierPort << 4)); | |
// | |
// Prepare for ATA pass through packet. | |
// | |
ZeroMem (&Packet, sizeof (Packet)); | |
Packet.Protocol = EFI_ATA_PASS_THRU_PROTOCOL_PIO_DATA_OUT; | |
Packet.Length = EFI_ATA_PASS_THRU_LENGTH_BYTES; | |
Packet.Asb = Asb; | |
Packet.Acb = &Acb; | |
((CHAR16 *)Buffer)[0] = Identifier & BIT0; | |
CopyMem (&((CHAR16 *)Buffer)[1], Password, HDD_PASSWORD_MAX_LENGTH); | |
Packet.OutDataBuffer = Buffer; | |
Packet.OutTransferLength = sizeof (Buffer); | |
Packet.Timeout = ATA_TIMEOUT; | |
Status = AtaPassThru->PassThru ( | |
AtaPassThru, | |
Port, | |
PortMultiplierPort, | |
&Packet, | |
NULL | |
); | |
if (!EFI_ERROR (Status) && | |
((Asb->AtaStatus & ATA_STSREG_ERR) != 0) && | |
((Asb->AtaError & ATA_ERRREG_ABRT) != 0)) | |
{ | |
Status = EFI_DEVICE_ERROR; | |
} | |
FreeAlignedPages (Asb, EFI_SIZE_TO_PAGES (sizeof (EFI_ATA_STATUS_BLOCK))); | |
ZeroMem (Buffer, sizeof (Buffer)); | |
DEBUG ((DEBUG_INFO, "%a() - %r\n", __func__, Status)); | |
return Status; | |
} | |
/** | |
Send disable hdd password cmd through Ata Pass Thru Protocol. | |
@param[in] AtaPassThru The pointer to the ATA_PASS_THRU protocol. | |
@param[in] Port The port number of the ATA device to send the command. | |
@param[in] PortMultiplierPort The port multiplier port number of the ATA device to send the command. | |
If there is no port multiplier, then specify 0xFFFF. | |
@param[in] Identifier The identifier to set user or master password. | |
@param[in] Password The hdd password of attached ATA device. | |
@retval EFI_SUCCESS Successful to disable hdd password cmd. | |
@retval EFI_INVALID_PARAMETER The parameter passed-in is invalid. | |
@retval EFI_OUT_OF_RESOURCES Not enough memory to disable hdd password cmd. | |
@retval EFI_DEVICE_ERROR Can not disable hdd password cmd. | |
**/ | |
EFI_STATUS | |
DisableHddPassword ( | |
IN EFI_ATA_PASS_THRU_PROTOCOL *AtaPassThru, | |
IN UINT16 Port, | |
IN UINT16 PortMultiplierPort, | |
IN CHAR8 Identifier, | |
IN CHAR8 *Password | |
) | |
{ | |
EFI_STATUS Status; | |
EFI_ATA_COMMAND_BLOCK Acb; | |
EFI_ATA_STATUS_BLOCK *Asb; | |
EFI_ATA_PASS_THRU_COMMAND_PACKET Packet; | |
UINT8 Buffer[HDD_PAYLOAD]; | |
if ((AtaPassThru == NULL) || (Password == NULL)) { | |
return EFI_INVALID_PARAMETER; | |
} | |
// | |
// The 'Asb' field (a pointer to the EFI_ATA_STATUS_BLOCK structure) in | |
// EFI_ATA_PASS_THRU_COMMAND_PACKET is required to be aligned specified by | |
// the 'IoAlign' field in the EFI_ATA_PASS_THRU_MODE structure. Meanwhile, | |
// the structure EFI_ATA_STATUS_BLOCK is composed of only UINT8 fields, so it | |
// may not be aligned when allocated on stack for some compilers. Hence, we | |
// use the API AllocateAlignedPages to ensure this structure is properly | |
// aligned. | |
// | |
Asb = AllocateAlignedPages ( | |
EFI_SIZE_TO_PAGES (sizeof (EFI_ATA_STATUS_BLOCK)), | |
AtaPassThru->Mode->IoAlign | |
); | |
if (Asb == NULL) { | |
return EFI_OUT_OF_RESOURCES; | |
} | |
// | |
// Prepare for ATA command block. | |
// | |
ZeroMem (&Acb, sizeof (Acb)); | |
ZeroMem (Asb, sizeof (EFI_ATA_STATUS_BLOCK)); | |
Acb.AtaCommand = ATA_SECURITY_DIS_PASSWORD_CMD; | |
Acb.AtaDeviceHead = (UINT8)(PortMultiplierPort == 0xFFFF ? 0 : (PortMultiplierPort << 4)); | |
// | |
// Prepare for ATA pass through packet. | |
// | |
ZeroMem (&Packet, sizeof (Packet)); | |
Packet.Protocol = EFI_ATA_PASS_THRU_PROTOCOL_PIO_DATA_OUT; | |
Packet.Length = EFI_ATA_PASS_THRU_LENGTH_BYTES; | |
Packet.Asb = Asb; | |
Packet.Acb = &Acb; | |
((CHAR16 *)Buffer)[0] = Identifier & BIT0; | |
CopyMem (&((CHAR16 *)Buffer)[1], Password, HDD_PASSWORD_MAX_LENGTH); | |
Packet.OutDataBuffer = Buffer; | |
Packet.OutTransferLength = sizeof (Buffer); | |
Packet.Timeout = ATA_TIMEOUT; | |
Status = AtaPassThru->PassThru ( | |
AtaPassThru, | |
Port, | |
PortMultiplierPort, | |
&Packet, | |
NULL | |
); | |
if (!EFI_ERROR (Status) && | |
((Asb->AtaStatus & ATA_STSREG_ERR) != 0) && | |
((Asb->AtaError & ATA_ERRREG_ABRT) != 0)) | |
{ | |
Status = EFI_DEVICE_ERROR; | |
} | |
FreeAlignedPages (Asb, EFI_SIZE_TO_PAGES (sizeof (EFI_ATA_STATUS_BLOCK))); | |
ZeroMem (Buffer, sizeof (Buffer)); | |
DEBUG ((DEBUG_INFO, "%a() - %r\n", __func__, Status)); | |
return Status; | |
} | |
/** | |
Send set hdd password cmd through Ata Pass Thru Protocol. | |
@param[in] AtaPassThru The pointer to the ATA_PASS_THRU protocol. | |
@param[in] Port The port number of the ATA device to send the command. | |
@param[in] PortMultiplierPort The port multiplier port number of the ATA device to send the command. | |
If there is no port multiplier, then specify 0xFFFF. | |
@param[in] Identifier The identifier to set user or master password. | |
@param[in] SecurityLevel The security level to be set to device. | |
@param[in] MasterPasswordIdentifier The master password identifier to be set to device. | |
@param[in] Password The hdd password of attached ATA device. | |
@retval EFI_SUCCESS Successful to set hdd password cmd. | |
@retval EFI_INVALID_PARAMETER The parameter passed-in is invalid. | |
@retval EFI_OUT_OF_RESOURCES Not enough memory to set hdd password cmd. | |
@retval EFI_DEVICE_ERROR Can not set hdd password cmd. | |
**/ | |
EFI_STATUS | |
SetHddPassword ( | |
IN EFI_ATA_PASS_THRU_PROTOCOL *AtaPassThru, | |
IN UINT16 Port, | |
IN UINT16 PortMultiplierPort, | |
IN CHAR8 Identifier, | |
IN CHAR8 SecurityLevel, | |
IN CHAR16 MasterPasswordIdentifier, | |
IN CHAR8 *Password | |
) | |
{ | |
EFI_STATUS Status; | |
EFI_ATA_COMMAND_BLOCK Acb; | |
EFI_ATA_STATUS_BLOCK *Asb; | |
EFI_ATA_PASS_THRU_COMMAND_PACKET Packet; | |
UINT8 Buffer[HDD_PAYLOAD]; | |
if ((AtaPassThru == NULL) || (Password == NULL)) { | |
return EFI_INVALID_PARAMETER; | |
} | |
// | |
// The 'Asb' field (a pointer to the EFI_ATA_STATUS_BLOCK structure) in | |
// EFI_ATA_PASS_THRU_COMMAND_PACKET is required to be aligned specified by | |
// the 'IoAlign' field in the EFI_ATA_PASS_THRU_MODE structure. Meanwhile, | |
// the structure EFI_ATA_STATUS_BLOCK is composed of only UINT8 fields, so it | |
// may not be aligned when allocated on stack for some compilers. Hence, we | |
// use the API AllocateAlignedPages to ensure this structure is properly | |
// aligned. | |
// | |
Asb = AllocateAlignedPages ( | |
EFI_SIZE_TO_PAGES (sizeof (EFI_ATA_STATUS_BLOCK)), | |
AtaPassThru->Mode->IoAlign | |
); | |
if (Asb == NULL) { | |
return EFI_OUT_OF_RESOURCES; | |
} | |
// | |
// Prepare for ATA command block. | |
// | |
ZeroMem (&Acb, sizeof (Acb)); | |
ZeroMem (Asb, sizeof (EFI_ATA_STATUS_BLOCK)); | |
Acb.AtaCommand = ATA_SECURITY_SET_PASSWORD_CMD; | |
Acb.AtaDeviceHead = (UINT8)(PortMultiplierPort == 0xFFFF ? 0 : (PortMultiplierPort << 4)); | |
// | |
// Prepare for ATA pass through packet. | |
// | |
ZeroMem (&Packet, sizeof (Packet)); | |
Packet.Protocol = EFI_ATA_PASS_THRU_PROTOCOL_PIO_DATA_OUT; | |
Packet.Length = EFI_ATA_PASS_THRU_LENGTH_BYTES; | |
Packet.Asb = Asb; | |
Packet.Acb = &Acb; | |
((CHAR16 *)Buffer)[0] = (Identifier | (UINT16)(SecurityLevel << 8)) & (BIT0 | BIT8); | |
CopyMem (&((CHAR16 *)Buffer)[1], Password, HDD_PASSWORD_MAX_LENGTH); | |
if ((Identifier & BIT0) != 0) { | |
((CHAR16 *)Buffer)[17] = MasterPasswordIdentifier; | |
} | |
Packet.OutDataBuffer = Buffer; | |
Packet.OutTransferLength = sizeof (Buffer); | |
Packet.Timeout = ATA_TIMEOUT; | |
Status = AtaPassThru->PassThru ( | |
AtaPassThru, | |
Port, | |
PortMultiplierPort, | |
&Packet, | |
NULL | |
); | |
if (!EFI_ERROR (Status) && | |
((Asb->AtaStatus & ATA_STSREG_ERR) != 0) && | |
((Asb->AtaError & ATA_ERRREG_ABRT) != 0)) | |
{ | |
Status = EFI_DEVICE_ERROR; | |
} | |
FreeAlignedPages (Asb, EFI_SIZE_TO_PAGES (sizeof (EFI_ATA_STATUS_BLOCK))); | |
ZeroMem (Buffer, sizeof (Buffer)); | |
DEBUG ((DEBUG_INFO, "%a() - %r\n", __func__, Status)); | |
return Status; | |
} | |
/** | |
Get attached harddisk model number from identify data buffer. | |
@param[in] IdentifyData Pointer to identify data buffer. | |
@param[in, out] String The buffer to store harddisk model number. | |
**/ | |
VOID | |
GetHddDeviceModelNumber ( | |
IN ATA_IDENTIFY_DATA *IdentifyData, | |
IN OUT CHAR16 *String | |
) | |
{ | |
UINTN Index; | |
// | |
// Swap the byte order in the original module name. | |
// From Ata spec, the maximum length is 40 bytes. | |
// | |
for (Index = 0; Index < 40; Index += 2) { | |
String[Index] = IdentifyData->ModelName[Index + 1]; | |
String[Index + 1] = IdentifyData->ModelName[Index]; | |
} | |
// | |
// Chap it off after 20 characters | |
// | |
String[20] = L'\0'; | |
return; | |
} | |
/** | |
Get password input from the popup windows. | |
@param[in] PopUpString1 Pop up string 1. | |
@param[in] PopUpString2 Pop up string 2. | |
@param[in, out] Password The buffer to hold the input password. | |
@retval EFI_ABORTED It is given up by pressing 'ESC' key. | |
@retval EFI_SUCCESS Get password input successfully. | |
**/ | |
EFI_STATUS | |
PopupHddPasswordInputWindows ( | |
IN CHAR16 *PopUpString1, | |
IN CHAR16 *PopUpString2, | |
IN OUT CHAR8 *Password | |
) | |
{ | |
EFI_INPUT_KEY Key; | |
UINTN Length; | |
CHAR16 Mask[HDD_PASSWORD_MAX_LENGTH + 1]; | |
CHAR16 Unicode[HDD_PASSWORD_MAX_LENGTH + 1]; | |
CHAR8 Ascii[HDD_PASSWORD_MAX_LENGTH + 1]; | |
ZeroMem (Unicode, sizeof (Unicode)); | |
ZeroMem (Ascii, sizeof (Ascii)); | |
ZeroMem (Mask, sizeof (Mask)); | |
gST->ConOut->ClearScreen (gST->ConOut); | |
Length = 0; | |
while (TRUE) { | |
Mask[Length] = L'_'; | |
if (PopUpString2 == NULL) { | |
CreatePopUp ( | |
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, | |
&Key, | |
PopUpString1, | |
L"---------------------", | |
Mask, | |
NULL | |
); | |
} else { | |
CreatePopUp ( | |
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, | |
&Key, | |
PopUpString1, | |
PopUpString2, | |
L"---------------------", | |
Mask, | |
NULL | |
); | |
} | |
// | |
// Check key. | |
// | |
if (Key.ScanCode == SCAN_NULL) { | |
if (Key.UnicodeChar == CHAR_CARRIAGE_RETURN) { | |
// | |
// Add the null terminator. | |
// | |
Unicode[Length] = 0; | |
break; | |
} else if ((Key.UnicodeChar == CHAR_NULL) || | |
(Key.UnicodeChar == CHAR_TAB) || | |
(Key.UnicodeChar == CHAR_LINEFEED) | |
) | |
{ | |
continue; | |
} else { | |
if (Key.UnicodeChar == CHAR_BACKSPACE) { | |
if (Length > 0) { | |
Unicode[Length] = 0; | |
Mask[Length] = 0; | |
Length--; | |
} | |
} else { | |
Unicode[Length] = Key.UnicodeChar; | |
Mask[Length] = L'*'; | |
Length++; | |
if (Length == HDD_PASSWORD_MAX_LENGTH) { | |
// | |
// Add the null terminator. | |
// | |
Unicode[Length] = 0; | |
Mask[Length] = 0; | |
break; | |
} | |
} | |
} | |
} | |
if (Key.ScanCode == SCAN_ESC) { | |
ZeroMem (Unicode, sizeof (Unicode)); | |
ZeroMem (Ascii, sizeof (Ascii)); | |
gST->ConOut->ClearScreen (gST->ConOut); | |
return EFI_ABORTED; | |
} | |
} | |
UnicodeStrToAsciiStrS (Unicode, Ascii, sizeof (Ascii)); | |
CopyMem (Password, Ascii, HDD_PASSWORD_MAX_LENGTH); | |
ZeroMem (Unicode, sizeof (Unicode)); | |
ZeroMem (Ascii, sizeof (Ascii)); | |
gST->ConOut->ClearScreen (gST->ConOut); | |
return EFI_SUCCESS; | |
} | |
/** | |
Check if disk is locked, show popup window and ask for password if it is. | |
@param[in] AtaPassThru Pointer to ATA_PASSTHRU instance. | |
@param[in] Port The port number of attached ATA device. | |
@param[in] PortMultiplierPort The port number of port multiplier of attached ATA device. | |
@param[in] ConfigFormEntry The HDD Password configuration form entry. | |
**/ | |
VOID | |
HddPasswordRequestPassword ( | |
IN EFI_ATA_PASS_THRU_PROTOCOL *AtaPassThru, | |
IN UINT16 Port, | |
IN UINT16 PortMultiplierPort, | |
IN HDD_PASSWORD_CONFIG_FORM_ENTRY *ConfigFormEntry | |
) | |
{ | |
EFI_STATUS Status; | |
CHAR16 PopUpString[100]; | |
ATA_IDENTIFY_DATA IdentifyData; | |
EFI_INPUT_KEY Key; | |
UINT16 RetryCount; | |
CHAR8 Password[HDD_PASSWORD_MAX_LENGTH]; | |
RetryCount = 0; | |
DEBUG ((DEBUG_INFO, "%a()\n", __func__)); | |
UnicodeSPrint (PopUpString, sizeof (PopUpString), L"Unlock: %s", ConfigFormEntry->HddString); | |
// | |
// Check the device security status. | |
// | |
if ((ConfigFormEntry->IfrData.SecurityStatus.Supported) && | |
(ConfigFormEntry->IfrData.SecurityStatus.Enabled)) | |
{ | |
// | |
// Add PcdSkipHddPasswordPrompt to determin whether to skip password prompt. | |
// Due to board design, device may not power off during system warm boot, which result in | |
// security status remain unlocked status, hence we add device security status check here. | |
// | |
// If device is in the locked status, device keeps locked and system continues booting. | |
// If device is in the unlocked status, system is forced shutdown for security concern. | |
// | |
if (PcdGetBool (PcdSkipHddPasswordPrompt)) { | |
if (ConfigFormEntry->IfrData.SecurityStatus.Locked) { | |
return; | |
} else { | |
gRT->ResetSystem (EfiResetShutdown, EFI_SUCCESS, 0, NULL); | |
} | |
} | |
// | |
// As soon as the HDD password is in enabled state, we pop up a window to unlock hdd | |
// no matter it's really in locked or unlocked state. | |
// This way forces user to enter password every time to provide best safety. | |
// | |
while (TRUE) { | |
Status = PopupHddPasswordInputWindows (PopUpString, NULL, Password); | |
if (!EFI_ERROR (Status)) { | |
// | |
// The HDD is in locked state, unlock it by user input. | |
// | |
if (!PasswordIsFullZero (Password)) { | |
if (!ConfigFormEntry->IfrData.SecurityStatus.Frozen) { | |
Status = UnlockHddPassword (AtaPassThru, Port, PortMultiplierPort, 0, Password); | |
} else { | |
// | |
// Use saved HDD password variable to validate HDD password | |
// when the device is at frozen state. | |
// | |
Status = ValidateHddPassword (ConfigFormEntry, Password); | |
} | |
} else { | |
Status = EFI_INVALID_PARAMETER; | |
} | |
if (!EFI_ERROR (Status)) { | |
CopyMem (ConfigFormEntry->Password, Password, HDD_PASSWORD_MAX_LENGTH); | |
if (!ConfigFormEntry->IfrData.SecurityStatus.Frozen) { | |
SaveHddPasswordVariable (ConfigFormEntry, Password); | |
} | |
ZeroMem (Password, HDD_PASSWORD_MAX_LENGTH); | |
Status = GetHddDeviceIdentifyData (AtaPassThru, Port, PortMultiplierPort, &IdentifyData); | |
ASSERT_EFI_ERROR (Status); | |
// | |
// Check the device security status again. | |
// | |
GetHddPasswordSecurityStatus (&IdentifyData, &ConfigFormEntry->IfrData); | |
return; | |
} | |
ZeroMem (Password, HDD_PASSWORD_MAX_LENGTH); | |
if (EFI_ERROR (Status)) { | |
RetryCount++; | |
if (RetryCount < MAX_HDD_PASSWORD_RETRY_COUNT) { | |
do { | |
CreatePopUp ( | |
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, | |
&Key, | |
L"Invalid password.", | |
L"Press ENTER to retry", | |
NULL | |
); | |
} while (Key.UnicodeChar != CHAR_CARRIAGE_RETURN); | |
continue; | |
} else { | |
do { | |
CreatePopUp ( | |
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, | |
&Key, | |
L"Hdd password retry count is expired. Please shutdown the machine.", | |
L"Press ENTER to shutdown", | |
NULL | |
); | |
} while (Key.UnicodeChar != CHAR_CARRIAGE_RETURN); | |
gRT->ResetSystem (EfiResetShutdown, EFI_SUCCESS, 0, NULL); | |
break; | |
} | |
} | |
} else if (Status == EFI_ABORTED) { | |
if (ConfigFormEntry->IfrData.SecurityStatus.Locked) { | |
// | |
// Current device in the lock status and | |
// User not input password and press ESC, | |
// keep device in lock status and continue boot. | |
// | |
do { | |
CreatePopUp ( | |
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, | |
&Key, | |
L"Press ENTER to skip the request and continue boot,", | |
L"Press ESC to input password again", | |
NULL | |
); | |
} while ((Key.ScanCode != SCAN_ESC) && (Key.UnicodeChar != CHAR_CARRIAGE_RETURN)); | |
if (Key.UnicodeChar == CHAR_CARRIAGE_RETURN) { | |
gST->ConOut->ClearScreen (gST->ConOut); | |
// | |
// Keep lock and continue boot. | |
// | |
return; | |
} else { | |
// | |
// Let user input password again. | |
// | |
continue; | |
} | |
} else { | |
// | |
// Current device in the unlock status and | |
// User not input password and press ESC, | |
// Shutdown the device. | |
// | |
do { | |
CreatePopUp ( | |
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, | |
&Key, | |
L"Press ENTER to shutdown, Press ESC to input password again", | |
NULL | |
); | |
} while ((Key.ScanCode != SCAN_ESC) && (Key.UnicodeChar != CHAR_CARRIAGE_RETURN)); | |
if (Key.UnicodeChar == CHAR_CARRIAGE_RETURN) { | |
gRT->ResetSystem (EfiResetShutdown, EFI_SUCCESS, 0, NULL); | |
} else { | |
// | |
// Let user input password again. | |
// | |
continue; | |
} | |
} | |
} | |
} | |
} | |
} | |
/** | |
Process Set User Pwd HDD password request. | |
@param[in] AtaPassThru Pointer to ATA_PASSTHRU instance. | |
@param[in] Port The port number of attached ATA device. | |
@param[in] PortMultiplierPort The port number of port multiplier of attached ATA device. | |
@param[in] ConfigFormEntry The HDD Password configuration form entry. | |
**/ | |
VOID | |
ProcessHddPasswordRequestSetUserPwd ( | |
IN EFI_ATA_PASS_THRU_PROTOCOL *AtaPassThru, | |
IN UINT16 Port, | |
IN UINT16 PortMultiplierPort, | |
IN HDD_PASSWORD_CONFIG_FORM_ENTRY *ConfigFormEntry | |
) | |
{ | |
EFI_STATUS Status; | |
CHAR16 PopUpString[100]; | |
ATA_IDENTIFY_DATA IdentifyData; | |
EFI_INPUT_KEY Key; | |
UINT16 RetryCount; | |
CHAR8 Password[HDD_PASSWORD_MAX_LENGTH]; | |
CHAR8 PasswordConfirm[HDD_PASSWORD_MAX_LENGTH]; | |
RetryCount = 0; | |
DEBUG ((DEBUG_INFO, "%a()\n", __func__)); | |
if (ConfigFormEntry->IfrData.SecurityStatus.Frozen) { | |
DEBUG ((DEBUG_INFO, "%s is frozen, do nothing\n", ConfigFormEntry->HddString)); | |
return; | |
} | |
if (ConfigFormEntry->IfrData.SecurityStatus.Locked) { | |
DEBUG ((DEBUG_INFO, "%s is locked, do nothing\n", ConfigFormEntry->HddString)); | |
return; | |
} | |
UnicodeSPrint (PopUpString, sizeof (PopUpString), L"Set User Pwd: %s", ConfigFormEntry->HddString); | |
// | |
// Check the device security status. | |
// | |
if (ConfigFormEntry->IfrData.SecurityStatus.Supported) { | |
while (TRUE) { | |
Status = PopupHddPasswordInputWindows (PopUpString, L"Please type in your new password", Password); | |
if (!EFI_ERROR (Status)) { | |
Status = PopupHddPasswordInputWindows (PopUpString, L"Please confirm your new password", PasswordConfirm); | |
if (!EFI_ERROR (Status)) { | |
if (CompareMem (Password, PasswordConfirm, HDD_PASSWORD_MAX_LENGTH) == 0) { | |
if (!PasswordIsFullZero (Password)) { | |
Status = SetHddPassword (AtaPassThru, Port, PortMultiplierPort, 0, 1, 0, Password); | |
} else { | |
if (ConfigFormEntry->IfrData.SecurityStatus.Enabled) { | |
Status = DisableHddPassword (AtaPassThru, Port, PortMultiplierPort, 0, ConfigFormEntry->Password); | |
} else { | |
Status = EFI_INVALID_PARAMETER; | |
} | |
} | |
if (!EFI_ERROR (Status)) { | |
CopyMem (ConfigFormEntry->Password, Password, HDD_PASSWORD_MAX_LENGTH); | |
SaveHddPasswordVariable (ConfigFormEntry, Password); | |
ZeroMem (Password, HDD_PASSWORD_MAX_LENGTH); | |
ZeroMem (PasswordConfirm, HDD_PASSWORD_MAX_LENGTH); | |
Status = GetHddDeviceIdentifyData (AtaPassThru, Port, PortMultiplierPort, &IdentifyData); | |
ASSERT_EFI_ERROR (Status); | |
// | |
// Check the device security status again. | |
// | |
GetHddPasswordSecurityStatus (&IdentifyData, &ConfigFormEntry->IfrData); | |
return; | |
} else { | |
do { | |
CreatePopUp ( | |
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, | |
&Key, | |
L"Set/Disable User Pwd failed or invalid password.", | |
L"Press ENTER to retry", | |
NULL | |
); | |
} while (Key.UnicodeChar != CHAR_CARRIAGE_RETURN); | |
} | |
} else { | |
do { | |
CreatePopUp ( | |
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, | |
&Key, | |
L"Passwords are not the same.", | |
L"Press ENTER to retry", | |
NULL | |
); | |
} while (Key.UnicodeChar != CHAR_CARRIAGE_RETURN); | |
Status = EFI_INVALID_PARAMETER; | |
} | |
} | |
ZeroMem (Password, HDD_PASSWORD_MAX_LENGTH); | |
ZeroMem (PasswordConfirm, HDD_PASSWORD_MAX_LENGTH); | |
if (EFI_ERROR (Status)) { | |
RetryCount++; | |
if (RetryCount >= MAX_HDD_PASSWORD_RETRY_COUNT) { | |
do { | |
CreatePopUp ( | |
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, | |
&Key, | |
L"Hdd password retry count is expired.", | |
L"Press ENTER to skip the request and continue boot", | |
NULL | |
); | |
} while (Key.UnicodeChar != CHAR_CARRIAGE_RETURN); | |
gST->ConOut->ClearScreen (gST->ConOut); | |
return; | |
} | |
} | |
} else if (Status == EFI_ABORTED) { | |
do { | |
CreatePopUp ( | |
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, | |
&Key, | |
L"Press ENTER to skip the request and continue boot,", | |
L"Press ESC to input password again", | |
NULL | |
); | |
} while ((Key.ScanCode != SCAN_ESC) && (Key.UnicodeChar != CHAR_CARRIAGE_RETURN)); | |
if (Key.UnicodeChar == CHAR_CARRIAGE_RETURN) { | |
gST->ConOut->ClearScreen (gST->ConOut); | |
return; | |
} else { | |
// | |
// Let user input password again. | |
// | |
continue; | |
} | |
} | |
} | |
} | |
} | |
/** | |
Process Set Master Pwd HDD password request. | |
@param[in] AtaPassThru Pointer to ATA_PASSTHRU instance. | |
@param[in] Port The port number of attached ATA device. | |
@param[in] PortMultiplierPort The port number of port multiplier of attached ATA device. | |
@param[in] ConfigFormEntry The HDD Password configuration form entry. | |
**/ | |
VOID | |
ProcessHddPasswordRequestSetMasterPwd ( | |
IN EFI_ATA_PASS_THRU_PROTOCOL *AtaPassThru, | |
IN UINT16 Port, | |
IN UINT16 PortMultiplierPort, | |
IN HDD_PASSWORD_CONFIG_FORM_ENTRY *ConfigFormEntry | |
) | |
{ | |
EFI_STATUS Status; | |
CHAR16 PopUpString[100]; | |
EFI_INPUT_KEY Key; | |
UINT16 RetryCount; | |
CHAR8 Password[HDD_PASSWORD_MAX_LENGTH]; | |
CHAR8 PasswordConfirm[HDD_PASSWORD_MAX_LENGTH]; | |
RetryCount = 0; | |
DEBUG ((DEBUG_INFO, "%a()\n", __func__)); | |
if (ConfigFormEntry->IfrData.SecurityStatus.Frozen) { | |
DEBUG ((DEBUG_INFO, "%s is frozen, do nothing\n", ConfigFormEntry->HddString)); | |
return; | |
} | |
if (ConfigFormEntry->IfrData.SecurityStatus.Locked) { | |
DEBUG ((DEBUG_INFO, "%s is locked, do nothing\n", ConfigFormEntry->HddString)); | |
return; | |
} | |
UnicodeSPrint (PopUpString, sizeof (PopUpString), L"Set Master Pwd: %s", ConfigFormEntry->HddString); | |
// | |
// Check the device security status. | |
// | |
if (ConfigFormEntry->IfrData.SecurityStatus.Supported) { | |
while (TRUE) { | |
Status = PopupHddPasswordInputWindows (PopUpString, L"Please type in your new password", Password); | |
if (!EFI_ERROR (Status)) { | |
Status = PopupHddPasswordInputWindows (PopUpString, L"Please confirm your new password", PasswordConfirm); | |
if (!EFI_ERROR (Status)) { | |
if (CompareMem (Password, PasswordConfirm, HDD_PASSWORD_MAX_LENGTH) == 0) { | |
if (!PasswordIsFullZero (Password)) { | |
Status = SetHddPassword (AtaPassThru, Port, PortMultiplierPort, 1, 1, 1, Password); | |
} else { | |
Status = EFI_INVALID_PARAMETER; | |
} | |
if (!EFI_ERROR (Status)) { | |
ZeroMem (Password, HDD_PASSWORD_MAX_LENGTH); | |
ZeroMem (PasswordConfirm, HDD_PASSWORD_MAX_LENGTH); | |
return; | |
} else { | |
do { | |
CreatePopUp ( | |
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, | |
&Key, | |
L"Set Master Pwd failed or invalid password.", | |
L"Press ENTER to retry", | |
NULL | |
); | |
} while (Key.UnicodeChar != CHAR_CARRIAGE_RETURN); | |
} | |
} else { | |
do { | |
CreatePopUp ( | |
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, | |
&Key, | |
L"Passwords are not the same.", | |
L"Press ENTER to retry", | |
NULL | |
); | |
} while (Key.UnicodeChar != CHAR_CARRIAGE_RETURN); | |
Status = EFI_INVALID_PARAMETER; | |
} | |
} | |
ZeroMem (Password, HDD_PASSWORD_MAX_LENGTH); | |
ZeroMem (PasswordConfirm, HDD_PASSWORD_MAX_LENGTH); | |
if (EFI_ERROR (Status)) { | |
RetryCount++; | |
if (RetryCount >= MAX_HDD_PASSWORD_RETRY_COUNT) { | |
do { | |
CreatePopUp ( | |
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, | |
&Key, | |
L"Hdd password retry count is expired.", | |
L"Press ENTER to skip the request and continue boot", | |
NULL | |
); | |
} while (Key.UnicodeChar != CHAR_CARRIAGE_RETURN); | |
gST->ConOut->ClearScreen (gST->ConOut); | |
return; | |
} | |
} | |
} else if (Status == EFI_ABORTED) { | |
do { | |
CreatePopUp ( | |
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, | |
&Key, | |
L"Press ENTER to skip the request and continue boot,", | |
L"Press ESC to input password again", | |
NULL | |
); | |
} while ((Key.ScanCode != SCAN_ESC) && (Key.UnicodeChar != CHAR_CARRIAGE_RETURN)); | |
if (Key.UnicodeChar == CHAR_CARRIAGE_RETURN) { | |
gST->ConOut->ClearScreen (gST->ConOut); | |
return; | |
} else { | |
// | |
// Let user input password again. | |
// | |
continue; | |
} | |
} | |
} | |
} | |
} | |
/** | |
Process HDD password request. | |
@param[in] AtaPassThru Pointer to ATA_PASSTHRU instance. | |
@param[in] Port The port number of attached ATA device. | |
@param[in] PortMultiplierPort The port number of port multiplier of attached ATA device. | |
@param[in] ConfigFormEntry The HDD Password configuration form entry. | |
**/ | |
VOID | |
ProcessHddPasswordRequest ( | |
IN EFI_ATA_PASS_THRU_PROTOCOL *AtaPassThru, | |
IN UINT16 Port, | |
IN UINT16 PortMultiplierPort, | |
IN HDD_PASSWORD_CONFIG_FORM_ENTRY *ConfigFormEntry | |
) | |
{ | |
EFI_STATUS Status; | |
HDD_PASSWORD_REQUEST_VARIABLE *TempVariable; | |
HDD_PASSWORD_REQUEST_VARIABLE *Variable; | |
UINTN VariableSize; | |
DEBUG ((DEBUG_INFO, "%a() - enter\n", __func__)); | |
if (mHddPasswordRequestVariable == NULL) { | |
Status = GetVariable2 ( | |
HDD_PASSWORD_REQUEST_VARIABLE_NAME, | |
&mHddPasswordVendorGuid, | |
(VOID **)&Variable, | |
&VariableSize | |
); | |
if (EFI_ERROR (Status) || (Variable == NULL)) { | |
return; | |
} | |
mHddPasswordRequestVariable = Variable; | |
mHddPasswordRequestVariableSize = VariableSize; | |
// | |
// Delete the HDD password request variable. | |
// | |
Status = gRT->SetVariable ( | |
HDD_PASSWORD_REQUEST_VARIABLE_NAME, | |
&mHddPasswordVendorGuid, | |
0, | |
0, | |
NULL | |
); | |
ASSERT_EFI_ERROR (Status); | |
} else { | |
Variable = mHddPasswordRequestVariable; | |
VariableSize = mHddPasswordRequestVariableSize; | |
} | |
// | |
// Process the HDD password requests. | |
// | |
TempVariable = Variable; | |
while (VariableSize >= sizeof (HDD_PASSWORD_REQUEST_VARIABLE)) { | |
if ((TempVariable->Device.Bus == ConfigFormEntry->Bus) && | |
(TempVariable->Device.Device == ConfigFormEntry->Device) && | |
(TempVariable->Device.Function == ConfigFormEntry->Function) && | |
(TempVariable->Device.Port == ConfigFormEntry->Port) && | |
(TempVariable->Device.PortMultiplierPort == ConfigFormEntry->PortMultiplierPort)) | |
{ | |
// | |
// Found the node for the HDD password device. | |
// | |
if (TempVariable->Request.UserPassword != 0) { | |
ProcessHddPasswordRequestSetUserPwd (AtaPassThru, Port, PortMultiplierPort, ConfigFormEntry); | |
} | |
if (TempVariable->Request.MasterPassword != 0) { | |
ProcessHddPasswordRequestSetMasterPwd (AtaPassThru, Port, PortMultiplierPort, ConfigFormEntry); | |
} | |
break; | |
} | |
VariableSize -= sizeof (HDD_PASSWORD_REQUEST_VARIABLE); | |
TempVariable += 1; | |
} | |
DEBUG ((DEBUG_INFO, "%a() - exit\n", __func__)); | |
} | |
/** | |
Get saved HDD password request. | |
@param[in, out] ConfigFormEntry The HDD Password configuration form entry. | |
**/ | |
VOID | |
GetSavedHddPasswordRequest ( | |
IN OUT HDD_PASSWORD_CONFIG_FORM_ENTRY *ConfigFormEntry | |
) | |
{ | |
EFI_STATUS Status; | |
HDD_PASSWORD_REQUEST_VARIABLE *TempVariable; | |
HDD_PASSWORD_REQUEST_VARIABLE *Variable; | |
UINTN VariableSize; | |
DEBUG ((DEBUG_INFO, "%a() - enter\n", __func__)); | |
Variable = NULL; | |
VariableSize = 0; | |
Status = GetVariable2 ( | |
HDD_PASSWORD_REQUEST_VARIABLE_NAME, | |
&mHddPasswordVendorGuid, | |
(VOID **)&Variable, | |
&VariableSize | |
); | |
if (EFI_ERROR (Status) || (Variable == NULL)) { | |
return; | |
} | |
TempVariable = Variable; | |
while (VariableSize >= sizeof (HDD_PASSWORD_REQUEST_VARIABLE)) { | |
if ((TempVariable->Device.Bus == ConfigFormEntry->Bus) && | |
(TempVariable->Device.Device == ConfigFormEntry->Device) && | |
(TempVariable->Device.Function == ConfigFormEntry->Function) && | |
(TempVariable->Device.Port == ConfigFormEntry->Port) && | |
(TempVariable->Device.PortMultiplierPort == ConfigFormEntry->PortMultiplierPort)) | |
{ | |
// | |
// Found the node for the HDD password device. | |
// Get the HDD password request. | |
// | |
CopyMem (&ConfigFormEntry->IfrData.Request, &TempVariable->Request, sizeof (HDD_PASSWORD_REQUEST)); | |
DEBUG (( | |
DEBUG_INFO, | |
"HddPasswordRequest got: 0x%x\n", | |
ConfigFormEntry->IfrData.Request | |
)); | |
break; | |
} | |
VariableSize -= sizeof (HDD_PASSWORD_REQUEST_VARIABLE); | |
TempVariable += 1; | |
} | |
FreePool (Variable); | |
DEBUG ((DEBUG_INFO, "%a() - exit\n", __func__)); | |
} | |
/** | |
Save HDD password request. | |
@param[in] ConfigFormEntry The HDD Password configuration form entry. | |
**/ | |
VOID | |
SaveHddPasswordRequest ( | |
IN HDD_PASSWORD_CONFIG_FORM_ENTRY *ConfigFormEntry | |
) | |
{ | |
EFI_STATUS Status; | |
HDD_PASSWORD_REQUEST_VARIABLE *TempVariable; | |
UINTN TempVariableSize; | |
HDD_PASSWORD_REQUEST_VARIABLE *Variable; | |
UINTN VariableSize; | |
HDD_PASSWORD_REQUEST_VARIABLE *NewVariable; | |
UINTN NewVariableSize; | |
DEBUG ((DEBUG_INFO, "%a() - enter\n", __func__)); | |
DEBUG (( | |
DEBUG_INFO, | |
"HddPasswordRequest to save: 0x%x\n", | |
ConfigFormEntry->IfrData.Request | |
)); | |
Variable = NULL; | |
VariableSize = 0; | |
NewVariable = NULL; | |
NewVariableSize = 0; | |
Status = GetVariable2 ( | |
HDD_PASSWORD_REQUEST_VARIABLE_NAME, | |
&mHddPasswordVendorGuid, | |
(VOID **)&Variable, | |
&VariableSize | |
); | |
if (!EFI_ERROR (Status) && (Variable != NULL)) { | |
TempVariable = Variable; | |
TempVariableSize = VariableSize; | |
while (TempVariableSize >= sizeof (HDD_PASSWORD_REQUEST_VARIABLE)) { | |
if ((TempVariable->Device.Bus == ConfigFormEntry->Bus) && | |
(TempVariable->Device.Device == ConfigFormEntry->Device) && | |
(TempVariable->Device.Function == ConfigFormEntry->Function) && | |
(TempVariable->Device.Port == ConfigFormEntry->Port) && | |
(TempVariable->Device.PortMultiplierPort == ConfigFormEntry->PortMultiplierPort)) | |
{ | |
// | |
// Found the node for the HDD password device. | |
// Update the HDD password request. | |
// | |
CopyMem (&TempVariable->Request, &ConfigFormEntry->IfrData.Request, sizeof (HDD_PASSWORD_REQUEST)); | |
NewVariable = Variable; | |
NewVariableSize = VariableSize; | |
break; | |
} | |
TempVariableSize -= sizeof (HDD_PASSWORD_REQUEST_VARIABLE); | |
TempVariable += 1; | |
} | |
if (NewVariable == NULL) { | |
// | |
// The node for the HDD password device is not found. | |
// Create node for the HDD password device. | |
// | |
NewVariableSize = VariableSize + sizeof (HDD_PASSWORD_REQUEST_VARIABLE); | |
NewVariable = AllocateZeroPool (NewVariableSize); | |
ASSERT (NewVariable != NULL); | |
CopyMem (NewVariable, Variable, VariableSize); | |
TempVariable = (HDD_PASSWORD_REQUEST_VARIABLE *)((UINTN)NewVariable + VariableSize); | |
TempVariable->Device.Bus = (UINT8)ConfigFormEntry->Bus; | |
TempVariable->Device.Device = (UINT8)ConfigFormEntry->Device; | |
TempVariable->Device.Function = (UINT8)ConfigFormEntry->Function; | |
TempVariable->Device.Port = ConfigFormEntry->Port; | |
TempVariable->Device.PortMultiplierPort = ConfigFormEntry->PortMultiplierPort; | |
CopyMem (&TempVariable->Request, &ConfigFormEntry->IfrData.Request, sizeof (HDD_PASSWORD_REQUEST)); | |
} | |
} else { | |
NewVariableSize = sizeof (HDD_PASSWORD_REQUEST_VARIABLE); | |
NewVariable = AllocateZeroPool (NewVariableSize); | |
ASSERT (NewVariable != NULL); | |
NewVariable->Device.Bus = (UINT8)ConfigFormEntry->Bus; | |
NewVariable->Device.Device = (UINT8)ConfigFormEntry->Device; | |
NewVariable->Device.Function = (UINT8)ConfigFormEntry->Function; | |
NewVariable->Device.Port = ConfigFormEntry->Port; | |
NewVariable->Device.PortMultiplierPort = ConfigFormEntry->PortMultiplierPort; | |
CopyMem (&NewVariable->Request, &ConfigFormEntry->IfrData.Request, sizeof (HDD_PASSWORD_REQUEST)); | |
} | |
Status = gRT->SetVariable ( | |
HDD_PASSWORD_REQUEST_VARIABLE_NAME, | |
&mHddPasswordVendorGuid, | |
EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS, | |
NewVariableSize, | |
NewVariable | |
); | |
if (EFI_ERROR (Status)) { | |
DEBUG ((DEBUG_INFO, "HddPasswordRequest variable set failed (%r)\n", Status)); | |
} | |
if (NewVariable != Variable) { | |
FreePool (NewVariable); | |
} | |
if (Variable != NULL) { | |
FreePool (Variable); | |
} | |
DEBUG ((DEBUG_INFO, "%a() - exit\n", __func__)); | |
} | |
/** | |
Get the HDD Password configuration form entry by the index of the goto opcode activated. | |
@param[in] Index The 0-based index of the goto opcode activated. | |
@return The HDD Password configuration form entry found. | |
**/ | |
HDD_PASSWORD_CONFIG_FORM_ENTRY * | |
HddPasswordGetConfigFormEntryByIndex ( | |
IN UINT32 Index | |
) | |
{ | |
LIST_ENTRY *Entry; | |
UINT32 CurrentIndex; | |
HDD_PASSWORD_CONFIG_FORM_ENTRY *ConfigFormEntry; | |
CurrentIndex = 0; | |
ConfigFormEntry = NULL; | |
BASE_LIST_FOR_EACH (Entry, &mHddPasswordConfigFormList) { | |
if (CurrentIndex == Index) { | |
ConfigFormEntry = BASE_CR (Entry, HDD_PASSWORD_CONFIG_FORM_ENTRY, Link); | |
break; | |
} | |
CurrentIndex++; | |
} | |
return ConfigFormEntry; | |
} | |
/** | |
This function allows the caller to request the current | |
configuration for one or more named elements. The resulting | |
string is in <ConfigAltResp> format. Any and all alternative | |
configuration strings shall also be appended to the end of the | |
current configuration string. If they are, they must appear | |
after the current configuration. They must contain the same | |
routing (GUID, NAME, PATH) as the current configuration string. | |
They must have an additional description indicating the type of | |
alternative configuration the string represents, | |
"ALTCFG=<StringToken>". That <StringToken> (when | |
converted from Hex UNICODE to binary) is a reference to a | |
string in the associated string pack. | |
@param[in] This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL. | |
@param[in] Request A null-terminated Unicode string in | |
<ConfigRequest> format. Note that this | |
includes the routing information as well as | |
the configurable name / value pairs. It is | |
invalid for this string to be in | |
<MultiConfigRequest> format. | |
@param[out] Progress On return, points to a character in the | |
Request string. Points to the string's null | |
terminator if request was successful. Points | |
to the most recent "&" before the first | |
failing name / value pair (or the beginning | |
of the string if the failure is in the first | |
name / value pair) if the request was not | |
successful. | |
@param[out] Results A null-terminated Unicode string in | |
<ConfigAltResp> format which has all values | |
filled in for the names in the Request string. | |
String to be allocated by the called function. | |
@retval EFI_SUCCESS The Results string is filled with the | |
values corresponding to all requested | |
names. | |
@retval EFI_OUT_OF_RESOURCES Not enough memory to store the | |
parts of the results that must be | |
stored awaiting possible future | |
protocols. | |
@retval EFI_INVALID_PARAMETER For example, passing in a NULL | |
for the Request parameter | |
would result in this type of | |
error. In this case, the | |
Progress parameter would be | |
set to NULL. | |
@retval EFI_NOT_FOUND Routing data doesn't match any | |
known driver. Progress set to the | |
first character in the routing header. | |
Note: There is no requirement that the | |
driver validate the routing data. It | |
must skip the <ConfigHdr> in order to | |
process the names. | |
@retval EFI_INVALID_PARAMETER Illegal syntax. Progress set | |
to most recent & before the | |
error or the beginning of the | |
string. | |
@retval EFI_INVALID_PARAMETER Unknown name. Progress points | |
to the & before the name in | |
question.Currently not implemented. | |
**/ | |
EFI_STATUS | |
EFIAPI | |
HddPasswordFormExtractConfig ( | |
IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This, | |
IN CONST EFI_STRING Request, | |
OUT EFI_STRING *Progress, | |
OUT EFI_STRING *Results | |
) | |
{ | |
EFI_STATUS Status; | |
UINTN BufferSize; | |
HDD_PASSWORD_CONFIG *IfrData; | |
HDD_PASSWORD_DXE_PRIVATE_DATA *Private; | |
EFI_STRING ConfigRequestHdr; | |
EFI_STRING ConfigRequest; | |
BOOLEAN AllocatedRequest; | |
UINTN Size; | |
if ((Progress == NULL) || (Results == NULL)) { | |
return EFI_INVALID_PARAMETER; | |
} | |
*Progress = Request; | |
if ((Request != NULL) && !HiiIsConfigHdrMatch (Request, &mHddPasswordVendorGuid, mHddPasswordVendorStorageName)) { | |
return EFI_NOT_FOUND; | |
} | |
ConfigRequestHdr = NULL; | |
ConfigRequest = NULL; | |
AllocatedRequest = FALSE; | |
Size = 0; | |
Private = HDD_PASSWORD_DXE_PRIVATE_FROM_THIS (This); | |
IfrData = AllocateZeroPool (sizeof (HDD_PASSWORD_CONFIG)); | |
ASSERT (IfrData != NULL); | |
if (Private->Current != NULL) { | |
CopyMem (IfrData, &Private->Current->IfrData, sizeof (HDD_PASSWORD_CONFIG)); | |
} | |
// | |
// Convert buffer data to <ConfigResp> by helper function BlockToConfig() | |
// | |
BufferSize = sizeof (HDD_PASSWORD_CONFIG); | |
ConfigRequest = Request; | |
if ((Request == NULL) || (StrStr (Request, L"OFFSET") == NULL)) { | |
// | |
// Request has no request element, construct full request string. | |
// Allocate and fill a buffer large enough to hold the <ConfigHdr> template | |
// followed by "&OFFSET=0&WIDTH=WWWWWWWWWWWWWWWW" followed by a Null-terminator | |
// | |
ConfigRequestHdr = HiiConstructConfigHdr (&mHddPasswordVendorGuid, mHddPasswordVendorStorageName, Private->DriverHandle); | |
Size = (StrLen (ConfigRequestHdr) + 32 + 1) * sizeof (CHAR16); | |
ConfigRequest = AllocateZeroPool (Size); | |
ASSERT (ConfigRequest != NULL); | |
AllocatedRequest = TRUE; | |
UnicodeSPrint (ConfigRequest, Size, L"%s&OFFSET=0&WIDTH=%016LX", ConfigRequestHdr, (UINT64)BufferSize); | |
FreePool (ConfigRequestHdr); | |
} | |
Status = gHiiConfigRouting->BlockToConfig ( | |
gHiiConfigRouting, | |
ConfigRequest, | |
(UINT8 *)IfrData, | |
BufferSize, | |
Results, | |
Progress | |
); | |
FreePool (IfrData); | |
// | |
// Free the allocated config request string. | |
// | |
if (AllocatedRequest) { | |
FreePool (ConfigRequest); | |
ConfigRequest = NULL; | |
} | |
// | |
// Set Progress string to the original request string. | |
// | |
if (Request == NULL) { | |
*Progress = NULL; | |
} else if (StrStr (Request, L"OFFSET") == NULL) { | |
*Progress = Request + StrLen (Request); | |
} | |
return Status; | |
} | |
/** | |
This function applies changes in a driver's configuration. | |
Input is a Configuration, which has the routing data for this | |
driver followed by name / value configuration pairs. The driver | |
must apply those pairs to its configurable storage. If the | |
driver's configuration is stored in a linear block of data | |
and the driver's name / value pairs are in <BlockConfig> | |
format, it may use the ConfigToBlock helper function (above) to | |
simplify the job. Currently not implemented. | |
@param[in] This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL. | |
@param[in] Configuration A null-terminated Unicode string in | |
<ConfigString> format. | |
@param[out] Progress A pointer to a string filled in with the | |
offset of the most recent '&' before the | |
first failing name / value pair (or the | |
beginn ing of the string if the failure | |
is in the first name / value pair) or | |
the terminating NULL if all was | |
successful. | |
@retval EFI_SUCCESS The results have been distributed or are | |
awaiting distribution. | |
@retval EFI_OUT_OF_RESOURCES Not enough memory to store the | |
parts of the results that must be | |
stored awaiting possible future | |
protocols. | |
@retval EFI_INVALID_PARAMETERS Passing in a NULL for the | |
Results parameter would result | |
in this type of error. | |
@retval EFI_NOT_FOUND Target for the specified routing data | |
was not found. | |
**/ | |
EFI_STATUS | |
EFIAPI | |
HddPasswordFormRouteConfig ( | |
IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This, | |
IN CONST EFI_STRING Configuration, | |
OUT EFI_STRING *Progress | |
) | |
{ | |
if ((Configuration == NULL) || (Progress == NULL)) { | |
return EFI_INVALID_PARAMETER; | |
} | |
// | |
// Check routing data in <ConfigHdr>. | |
// Note: if only one Storage is used, then this checking could be skipped. | |
// | |
if (!HiiIsConfigHdrMatch (Configuration, &mHddPasswordVendorGuid, mHddPasswordVendorStorageName)) { | |
*Progress = Configuration; | |
return EFI_NOT_FOUND; | |
} | |
*Progress = Configuration + StrLen (Configuration); | |
return EFI_SUCCESS; | |
} | |
/** | |
This function is called to provide results data to the driver. | |
This data consists of a unique key that is used to identify | |
which data is either being passed back or being asked for. | |
@param[in] This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL. | |
@param[in] Action Specifies the type of action taken by the browser. | |
@param[in] QuestionId A unique value which is sent to the original | |
exporting driver so that it can identify the type | |
of data to expect. The format of the data tends to | |
vary based on the opcode that enerated the callback. | |
@param[in] Type The type of value for the question. | |
@param[in] Value A pointer to the data being sent to the original | |
exporting driver. | |
@param[out] ActionRequest On return, points to the action requested by the | |
callback function. | |
@retval EFI_SUCCESS The callback successfully handled the action. | |
@retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold the | |
variable and its data. | |
@retval EFI_DEVICE_ERROR The variable could not be saved. | |
@retval EFI_UNSUPPORTED The specified Action is not supported by the | |
callback.Currently not implemented. | |
@retval EFI_INVALID_PARAMETERS Passing in wrong parameter. | |
@retval Others Other errors as indicated. | |
**/ | |
EFI_STATUS | |
EFIAPI | |
HddPasswordFormCallback ( | |
IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This, | |
IN EFI_BROWSER_ACTION Action, | |
IN EFI_QUESTION_ID QuestionId, | |
IN UINT8 Type, | |
IN EFI_IFR_TYPE_VALUE *Value, | |
OUT EFI_BROWSER_ACTION_REQUEST *ActionRequest | |
) | |
{ | |
HDD_PASSWORD_DXE_PRIVATE_DATA *Private; | |
EFI_STRING_ID DeviceFormTitleToken; | |
HDD_PASSWORD_CONFIG *IfrData; | |
HDD_PASSWORD_CONFIG_FORM_ENTRY *ConfigFormEntry; | |
if (ActionRequest != NULL) { | |
*ActionRequest = EFI_BROWSER_ACTION_REQUEST_NONE; | |
} else { | |
return EFI_INVALID_PARAMETER; | |
} | |
if ((Action != EFI_BROWSER_ACTION_CHANGING) && (Action != EFI_BROWSER_ACTION_CHANGED)) { | |
// | |
// Do nothing for other UEFI Action. Only do call back when data is changing or changed. | |
// | |
return EFI_UNSUPPORTED; | |
} | |
Private = HDD_PASSWORD_DXE_PRIVATE_FROM_THIS (This); | |
// | |
// Retrive data from Browser | |
// | |
IfrData = AllocateZeroPool (sizeof (HDD_PASSWORD_CONFIG)); | |
ASSERT (IfrData != NULL); | |
if (!HiiGetBrowserData (&mHddPasswordVendorGuid, mHddPasswordVendorStorageName, sizeof (HDD_PASSWORD_CONFIG), (UINT8 *)IfrData)) { | |
FreePool (IfrData); | |
return EFI_NOT_FOUND; | |
} | |
switch (QuestionId) { | |
case KEY_HDD_USER_PASSWORD: | |
if (Action == EFI_BROWSER_ACTION_CHANGED) { | |
DEBUG ((DEBUG_INFO, "KEY_HDD_USER_PASSWORD\n")); | |
ConfigFormEntry = Private->Current; | |
ConfigFormEntry->IfrData.Request.UserPassword = Value->b; | |
SaveHddPasswordRequest (ConfigFormEntry); | |
*ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY; | |
} | |
break; | |
case KEY_HDD_MASTER_PASSWORD: | |
if (Action == EFI_BROWSER_ACTION_CHANGED) { | |
DEBUG ((DEBUG_INFO, "KEY_HDD_MASTER_PASSWORD\n")); | |
ConfigFormEntry = Private->Current; | |
ConfigFormEntry->IfrData.Request.MasterPassword = Value->b; | |
SaveHddPasswordRequest (ConfigFormEntry); | |
*ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY; | |
} | |
break; | |
default: | |
if ((QuestionId >= KEY_HDD_DEVICE_ENTRY_BASE) && (QuestionId < (mNumberOfHddDevices + KEY_HDD_DEVICE_ENTRY_BASE))) { | |
if (Action == EFI_BROWSER_ACTION_CHANGING) { | |
// | |
// In case goto the device configuration form, update the device form title. | |
// | |
ConfigFormEntry = HddPasswordGetConfigFormEntryByIndex ((UINT32)(QuestionId - KEY_HDD_DEVICE_ENTRY_BASE)); | |
ASSERT (ConfigFormEntry != NULL); | |
DeviceFormTitleToken = (EFI_STRING_ID)STR_HDD_SECURITY_HD; | |
HiiSetString (Private->HiiHandle, DeviceFormTitleToken, ConfigFormEntry->HddString, NULL); | |
Private->Current = ConfigFormEntry; | |
CopyMem (IfrData, &ConfigFormEntry->IfrData, sizeof (HDD_PASSWORD_CONFIG)); | |
} | |
} | |
break; | |
} | |
// | |
// Pass changed uncommitted data back to Form Browser | |
// | |
HiiSetBrowserData (&mHddPasswordVendorGuid, mHddPasswordVendorStorageName, sizeof (HDD_PASSWORD_CONFIG), (UINT8 *)IfrData, NULL); | |
FreePool (IfrData); | |
return EFI_SUCCESS; | |
} | |
/** | |
Updates the HDD Password configuration form to add an entry for the attached | |
ata harddisk device specified by the Controller. | |
@param[in] HiiHandle The HII Handle associated with the registered package list. | |
@param[in] AtaPassThru Pointer to ATA_PASSTHRU instance. | |
@param[in] PciIo Pointer to PCI_IO instance. | |
@param[in] Controller The controller handle of the attached ata controller. | |
@param[in] Bus The bus number of ATA controller. | |
@param[in] Device The device number of ATA controller. | |
@param[in] Function The function number of ATA controller. | |
@param[in] Port The port number of attached ATA device. | |
@param[in] PortMultiplierPort The port number of port multiplier of attached ATA device. | |
@retval EFI_SUCCESS The Hdd Password configuration form is updated. | |
@retval EFI_OUT_OF_RESOURCES Failed to allocate memory. | |
@retval Others Other errors as indicated. | |
**/ | |
EFI_STATUS | |
HddPasswordConfigUpdateForm ( | |
IN EFI_HII_HANDLE HiiHandle, | |
IN EFI_ATA_PASS_THRU_PROTOCOL *AtaPassThru, | |
IN EFI_PCI_IO_PROTOCOL *PciIo, | |
IN EFI_HANDLE Controller, | |
IN UINTN Bus, | |
IN UINTN Device, | |
IN UINTN Function, | |
IN UINT16 Port, | |
IN UINT16 PortMultiplierPort | |
) | |
{ | |
LIST_ENTRY *Entry; | |
HDD_PASSWORD_CONFIG_FORM_ENTRY *ConfigFormEntry; | |
BOOLEAN EntryExisted; | |
EFI_STATUS Status; | |
VOID *StartOpCodeHandle; | |
VOID *EndOpCodeHandle; | |
EFI_IFR_GUID_LABEL *StartLabel; | |
EFI_IFR_GUID_LABEL *EndLabel; | |
CHAR16 HddString[40]; | |
ATA_IDENTIFY_DATA IdentifyData; | |
EFI_DEVICE_PATH_PROTOCOL *AtaDeviceNode; | |
ConfigFormEntry = NULL; | |
EntryExisted = FALSE; | |
BASE_LIST_FOR_EACH (Entry, &mHddPasswordConfigFormList) { | |
ConfigFormEntry = BASE_CR (Entry, HDD_PASSWORD_CONFIG_FORM_ENTRY, Link); | |
if ((ConfigFormEntry->Bus == Bus) && | |
(ConfigFormEntry->Device == Device) && | |
(ConfigFormEntry->Function == Function) && | |
(ConfigFormEntry->Port == Port) && | |
(ConfigFormEntry->PortMultiplierPort == PortMultiplierPort)) | |
{ | |
EntryExisted = TRUE; | |
break; | |
} | |
} | |
if (!EntryExisted) { | |
// | |
// Add a new form. | |
// | |
ConfigFormEntry = AllocateZeroPool (sizeof (HDD_PASSWORD_CONFIG_FORM_ENTRY)); | |
if (ConfigFormEntry == NULL) { | |
return EFI_OUT_OF_RESOURCES; | |
} | |
InitializeListHead (&ConfigFormEntry->Link); | |
ConfigFormEntry->Controller = Controller; | |
ConfigFormEntry->Bus = Bus; | |
ConfigFormEntry->Device = Device; | |
ConfigFormEntry->Function = Function; | |
ConfigFormEntry->Port = Port; | |
ConfigFormEntry->PortMultiplierPort = PortMultiplierPort; | |
ConfigFormEntry->AtaPassThru = AtaPassThru; | |
DEBUG ((DEBUG_INFO, "HddPasswordDxe: Create new form for device[%d][%d] at Bus 0x%x Dev 0x%x Func 0x%x\n", Port, PortMultiplierPort, Bus, Device, Function)); | |
// | |
// Construct the device path for the HDD password device | |
// | |
Status = AtaPassThru->BuildDevicePath ( | |
AtaPassThru, | |
Port, | |
PortMultiplierPort, | |
&AtaDeviceNode | |
); | |
if (EFI_ERROR (Status)) { | |
return Status; | |
} | |
ConfigFormEntry->DevicePath = AppendDevicePathNode (DevicePathFromHandle (Controller), AtaDeviceNode); | |
FreePool (AtaDeviceNode); | |
if (ConfigFormEntry->DevicePath == NULL) { | |
return EFI_OUT_OF_RESOURCES; | |
} | |
// | |
// Get attached harddisk model number | |
// | |
Status = GetHddDeviceIdentifyData (AtaPassThru, Port, PortMultiplierPort, &IdentifyData); | |
ASSERT_EFI_ERROR (Status); | |
if (EFI_ERROR (Status)) { | |
return Status; | |
} | |
GetHddDeviceModelNumber (&IdentifyData, HddString); | |
// | |
// Compose the HDD title string and help string of this port and create a new EFI_STRING_ID. | |
// | |
UnicodeSPrint (ConfigFormEntry->HddString, sizeof (ConfigFormEntry->HddString), L"HDD %d:%s", mNumberOfHddDevices, HddString); | |
ConfigFormEntry->TitleToken = HiiSetString (HiiHandle, 0, ConfigFormEntry->HddString, NULL); | |
ConfigFormEntry->TitleHelpToken = HiiSetString (HiiHandle, 0, L"Request to set HDD Password", NULL); | |
GetHddPasswordSecurityStatus (&IdentifyData, &ConfigFormEntry->IfrData); | |
InsertTailList (&mHddPasswordConfigFormList, &ConfigFormEntry->Link); | |
// | |
// Init OpCode Handle | |
// | |
StartOpCodeHandle = HiiAllocateOpCodeHandle (); | |
ASSERT (StartOpCodeHandle != NULL); | |
EndOpCodeHandle = HiiAllocateOpCodeHandle (); | |
ASSERT (EndOpCodeHandle != NULL); | |
// | |
// Create Hii Extend Label OpCode as the start opcode | |
// | |
StartLabel = (EFI_IFR_GUID_LABEL *)HiiCreateGuidOpCode (StartOpCodeHandle, &gEfiIfrTianoGuid, NULL, sizeof (EFI_IFR_GUID_LABEL)); | |
StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL; | |
StartLabel->Number = HDD_DEVICE_ENTRY_LABEL; | |
// | |
// Create Hii Extend Label OpCode as the end opcode | |
// | |
EndLabel = (EFI_IFR_GUID_LABEL *)HiiCreateGuidOpCode (EndOpCodeHandle, &gEfiIfrTianoGuid, NULL, sizeof (EFI_IFR_GUID_LABEL)); | |
EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL; | |
EndLabel->Number = HDD_DEVICE_LABEL_END; | |
mNumberOfHddDevices = 0; | |
BASE_LIST_FOR_EACH (Entry, &mHddPasswordConfigFormList) { | |
ConfigFormEntry = BASE_CR (Entry, HDD_PASSWORD_CONFIG_FORM_ENTRY, Link); | |
HiiCreateGotoOpCode ( | |
StartOpCodeHandle, // Container for dynamic created opcodes | |
FORMID_HDD_DEVICE_FORM, // Target Form ID | |
ConfigFormEntry->TitleToken, // Prompt text | |
ConfigFormEntry->TitleHelpToken, // Help text | |
EFI_IFR_FLAG_CALLBACK, // Question flag | |
(UINT16)(KEY_HDD_DEVICE_ENTRY_BASE + mNumberOfHddDevices) // Question ID | |
); | |
mNumberOfHddDevices++; | |
} | |
HiiUpdateForm ( | |
HiiHandle, | |
&mHddPasswordVendorGuid, | |
FORMID_HDD_MAIN_FORM, | |
StartOpCodeHandle, | |
EndOpCodeHandle | |
); | |
HiiFreeOpCodeHandle (StartOpCodeHandle); | |
HiiFreeOpCodeHandle (EndOpCodeHandle); | |
// | |
// Check if device is locked and prompt for password. | |
// | |
HddPasswordRequestPassword (AtaPassThru, Port, PortMultiplierPort, ConfigFormEntry); | |
// | |
// Process HDD password request from last boot. | |
// | |
ProcessHddPasswordRequest (AtaPassThru, Port, PortMultiplierPort, ConfigFormEntry); | |
} | |
return EFI_SUCCESS; | |
} | |
/** | |
Ata Pass Thru Protocol notification event handler. | |
Check attached harddisk status to see if it's locked. If yes, then pop up a password windows to require user input. | |
It also registers a form for user configuration on Hdd password configuration. | |
@param[in] Event Event whose notification function is being invoked. | |
@param[in] Context Pointer to the notification function's context. | |
**/ | |
VOID | |
EFIAPI | |
HddPasswordNotificationEvent ( | |
IN EFI_EVENT Event, | |
IN VOID *Context | |
) | |
{ | |
EFI_STATUS Status; | |
HDD_PASSWORD_DXE_PRIVATE_DATA *Private; | |
EFI_ATA_PASS_THRU_PROTOCOL *AtaPassThru; | |
UINT16 Port; | |
UINT16 PortMultiplierPort; | |
EFI_HANDLE Controller; | |
EFI_HANDLE *HandleBuffer; | |
UINTN HandleCount; | |
UINTN Index; | |
EFI_PCI_IO_PROTOCOL *PciIo; | |
UINTN SegNum; | |
UINTN BusNum; | |
UINTN DevNum; | |
UINTN FuncNum; | |
if (mHddPasswordEndOfDxe) { | |
gBS->CloseEvent (Event); | |
return; | |
} | |
Private = (HDD_PASSWORD_DXE_PRIVATE_DATA *)Context; | |
// | |
// Locate all handles of AtaPassThru protocol | |
// | |
Status = gBS->LocateHandleBuffer ( | |
ByProtocol, | |
&gEfiAtaPassThruProtocolGuid, | |
NULL, | |
&HandleCount, | |
&HandleBuffer | |
); | |
if (EFI_ERROR (Status)) { | |
return; | |
} | |
// | |
// Check attached hard disk status to see if it's locked | |
// | |
for (Index = 0; Index < HandleCount; Index += 1) { | |
Controller = HandleBuffer[Index]; | |
Status = gBS->HandleProtocol ( | |
Controller, | |
&gEfiAtaPassThruProtocolGuid, | |
(VOID **)&AtaPassThru | |
); | |
if (EFI_ERROR (Status)) { | |
break; | |
} | |
// | |
// Ignore those logical ATA_PASS_THRU instance. | |
// | |
if ((AtaPassThru->Mode->Attributes & EFI_ATA_PASS_THRU_ATTRIBUTES_PHYSICAL) == 0) { | |
continue; | |
} | |
Status = gBS->HandleProtocol ( | |
Controller, | |
&gEfiPciIoProtocolGuid, | |
(VOID **)&PciIo | |
); | |
ASSERT_EFI_ERROR (Status); | |
if (EFI_ERROR (Status)) { | |
break; | |
} | |
Status = PciIo->GetLocation ( | |
PciIo, | |
&SegNum, | |
&BusNum, | |
&DevNum, | |
&FuncNum | |
); | |
ASSERT_EFI_ERROR (Status); | |
if (EFI_ERROR (Status)) { | |
break; | |
} | |
// | |
// Assume and only support Segment == 0. | |
// | |
ASSERT (SegNum == 0); | |
// | |
// traverse all attached harddisk devices to update form and unlock it | |
// | |
Port = 0xFFFF; | |
while (TRUE) { | |
Status = AtaPassThru->GetNextPort (AtaPassThru, &Port); | |
if (EFI_ERROR (Status)) { | |
// | |
// We cannot find more legal port then we are done. | |
// | |
break; | |
} | |
PortMultiplierPort = 0xFFFF; | |
while (TRUE) { | |
Status = AtaPassThru->GetNextDevice (AtaPassThru, Port, &PortMultiplierPort); | |
if (EFI_ERROR (Status)) { | |
// | |
// We cannot find more legal port multiplier port number for ATA device | |
// on the port, then we are done. | |
// | |
break; | |
} | |
// | |
// Find out the attached harddisk devices. | |
// Try to add a HDD Password configuration page for the attached devices. | |
// | |
gBS->RestoreTPL (TPL_APPLICATION); | |
Status = HddPasswordConfigUpdateForm (Private->HiiHandle, AtaPassThru, PciIo, Controller, BusNum, DevNum, FuncNum, Port, PortMultiplierPort); | |
gBS->RaiseTPL (TPL_CALLBACK); | |
if (EFI_ERROR (Status)) { | |
break; | |
} | |
} | |
} | |
} | |
FreePool (HandleBuffer); | |
return; | |
} | |
/** | |
Initialize the HDD Password configuration form. | |
@param[out] Instance Pointer to private instance. | |
@retval EFI_SUCCESS The HDD Password configuration form is initialized. | |
@retval EFI_OUT_OF_RESOURCES Failed to allocate memory. | |
@retval Others Other errors as indicated. | |
**/ | |
EFI_STATUS | |
HddPasswordConfigFormInit ( | |
OUT HDD_PASSWORD_DXE_PRIVATE_DATA **Instance | |
) | |
{ | |
EFI_STATUS Status; | |
HDD_PASSWORD_DXE_PRIVATE_DATA *Private; | |
InitializeListHead (&mHddPasswordConfigFormList); | |
Private = AllocateZeroPool (sizeof (HDD_PASSWORD_DXE_PRIVATE_DATA)); | |
if (Private == NULL) { | |
return EFI_OUT_OF_RESOURCES; | |
} | |
Private->Signature = HDD_PASSWORD_DXE_PRIVATE_SIGNATURE; | |
Private->ConfigAccess.ExtractConfig = HddPasswordFormExtractConfig; | |
Private->ConfigAccess.RouteConfig = HddPasswordFormRouteConfig; | |
Private->ConfigAccess.Callback = HddPasswordFormCallback; | |
// | |
// Install Device Path Protocol and Config Access protocol to driver handle | |
// | |
Status = gBS->InstallMultipleProtocolInterfaces ( | |
&Private->DriverHandle, | |
&gEfiDevicePathProtocolGuid, | |
&mHddPasswordHiiVendorDevicePath, | |
&gEfiHiiConfigAccessProtocolGuid, | |
&Private->ConfigAccess, | |
NULL | |
); | |
ASSERT_EFI_ERROR (Status); | |
if (EFI_ERROR (Status)) { | |
FreePool (Private); | |
return Status; | |
} | |
// | |
// Publish our HII data | |
// | |
Private->HiiHandle = HiiAddPackages ( | |
&mHddPasswordVendorGuid, | |
Private->DriverHandle, | |
HddPasswordDxeStrings, | |
HddPasswordBin, | |
NULL | |
); | |
if (Private->HiiHandle == NULL) { | |
FreePool (Private); | |
return EFI_OUT_OF_RESOURCES; | |
} | |
*Instance = Private; | |
return Status; | |
} | |
/** | |
Main entry for this driver. | |
@param ImageHandle Image handle this driver. | |
@param SystemTable Pointer to SystemTable. | |
@retval EFI_SUCCESS This function always complete successfully. | |
**/ | |
EFI_STATUS | |
EFIAPI | |
HddPasswordDxeInit ( | |
IN EFI_HANDLE ImageHandle, | |
IN EFI_SYSTEM_TABLE *SystemTable | |
) | |
{ | |
EFI_STATUS Status; | |
HDD_PASSWORD_DXE_PRIVATE_DATA *Private; | |
VOID *Registration; | |
EFI_EVENT EndOfDxeEvent; | |
EDKII_VARIABLE_POLICY_PROTOCOL *VariablePolicy; | |
Private = NULL; | |
// | |
// Initialize the configuration form of HDD Password. | |
// | |
Status = HddPasswordConfigFormInit (&Private); | |
if (EFI_ERROR (Status)) { | |
return Status; | |
} | |
// | |
// Register HddPasswordNotificationEvent() notify function. | |
// | |
EfiCreateProtocolNotifyEvent ( | |
&gEfiAtaPassThruProtocolGuid, | |
TPL_CALLBACK, | |
HddPasswordNotificationEvent, | |
(VOID *)Private, | |
&Registration | |
); | |
Status = gBS->CreateEventEx ( | |
EVT_NOTIFY_SIGNAL, | |
TPL_CALLBACK, | |
HddPasswordEndOfDxeEventNotify, | |
NULL, | |
&gEfiEndOfDxeEventGroupGuid, | |
&EndOfDxeEvent | |
); | |
ASSERT_EFI_ERROR (Status); | |
// | |
// Make HDD_PASSWORD_VARIABLE_NAME variable read-only. | |
// | |
Status = gBS->LocateProtocol (&gEdkiiVariablePolicyProtocolGuid, NULL, (VOID **)&VariablePolicy); | |
if (!EFI_ERROR (Status)) { | |
Status = RegisterBasicVariablePolicy ( | |
VariablePolicy, | |
&mHddPasswordVendorGuid, | |
HDD_PASSWORD_VARIABLE_NAME, | |
VARIABLE_POLICY_NO_MIN_SIZE, | |
VARIABLE_POLICY_NO_MAX_SIZE, | |
VARIABLE_POLICY_NO_MUST_ATTR, | |
VARIABLE_POLICY_NO_CANT_ATTR, | |
VARIABLE_POLICY_TYPE_LOCK_NOW | |
); | |
DEBUG ((DEBUG_INFO, "%a(): Lock %s variable (%r)\n", __func__, HDD_PASSWORD_VARIABLE_NAME, Status)); | |
ASSERT_EFI_ERROR (Status); | |
} | |
return Status; | |
} |