MdeModulePkg/Include/Protocol/MediaSanitize.h - edk2 - Git at Google

 /** @file
   This file defines the Media Sanitize Protocol.

   Copyright (c) Microsoft Corporation.<BR>
   SPDX-License-Identifier: BSD-2-Clause-Patent

 **/

 #ifndef MEDIA_SANITIZE_PROTOCOL_H_
 #define MEDIA_SANITIZE_PROTOCOL_H_

 #define MEDIA_SANITIZE_PROTOCOL_GUID \
   { \
     0x0d799a99, 0x25af, 0x429e, { 0x92, 0x72, 0xd0, 0xb2, 0x7d, 0x6d, 0x5f, 0x14 } \
   }

 typedef struct _MEDIA_SANITIZE_PROTOCOL MEDIA_SANITIZE_PROTOCOL;

 #define MEDIA_SANITIZE_PROTOCOL_REVISION  0x00010000

 ///
 /// Sanitize actions for purge operation.
 ///
 /// NOTE: First four actions (no action, overwrite, block erase, crypto erase) cannot
 /// be overlapped. All other fields may be overlapped as they apply.
 ///
 #define PURGE_ACTION_NO_ACTION                         0x00000000 // No purge action requested
 #define PURGE_ACTION_OVERWRITE                         0x00000001 // Overwrite with 32-bit pattern
 #define PURGE_ACTION_BLOCK_ERASE                       0x00000002 // Erase Blocks with indeterminate pattern
 #define PURGE_ACTION_CRYPTO_ERASE                      0x00000004 // Delete encryption keys only
 #define PURGE_ACTION_RESET_REQUIRED                    0x00000008 // Reset required after purge
 #define PURGE_ACTION_NO_DEALLOCATE                     0x00000010 // Do no deallocate (trim) flash medai after sanitize
 #define PURGE_ACTION_INVERT_OW_PATTERN                 0x00000020 // Invert overwrite pattern between passes
 #define PURGE_ACTION_ALLOW_UNRESTRICTED_SANITIZE_EXIT  0x00000040 // Allow exit without restrictions

 ///
 /// Secure erase action for media format operation
 ///
 #define FORMAT_SES_NO_SECURE_ERASE_REQUESTED  0x0 // No secure erase operation requested
 #define FORMAT_SES_USER_DATA_ERASE            0x1 // User Data Erase
 #define FORMAT_SES_CRYPTOGRAPHIC_ERASE        0x2 // Cryptographic Erase

 /**
   Clear Media utilizes transport native WRITE commands to write a fixed pattern
   of non-sensitive data. The size of the overwrite buffer shall be equal to the
   one sector/LBA (in bytes).

   NOTE: This function must be called from TPL aaplication or callback.

   @param[in]       This           Indicates a pointer to the calling context.
   @param[in]       MediaId        The media ID that the clear request is for.
   @param[in]       PassCount      Number of passes to write over the media.
   @param[in]       SectorOwBuffer Pointer to overwrite pattern buffer.

   @retval EFI_SUCCESS             The media clear request completed successfully
                                   on the device.
   @retval EFI_WRITE_PROTECTED     The device can't be cleared due to write
                                   protection.
   @retval EFI_DEVICE_ERROR        The device reported an error while attempting
                                   to perform the clear operation.
   @retval EFI_INVALID_PARAMETER   The clear request contains parameters that
                                   are not valid.
   @retval EFI_NO_MEDIA            There is no media in the device.
   @retval EFI_MEDIA_CHANGED       The MediaId is not for the current media.

 **/
 typedef
 EFI_STATUS
 (EFIAPI *BLOCK_MEDIA_CLEAR)(
   IN     MEDIA_SANITIZE_PROTOCOL   *This,
   IN     UINT32                    MediaId,
   IN     UINT32                    PassCount,
   IN     VOID                      *SectorOwBuffer
   );

 /**
   Purge Media utilizes native Sanitize operations. Transport specific
   overwrite, block erase, or crypto erase functions shall be invoked based
   on transport.

   NOTE: This function must be called from TPL aaplication or callback.

   @param[in] This             Indicates a pointer to the calling context.
   @param[in] MediaId          The media ID that the clear request is for.
   @param[in] PurgeAction      Purge action: overwrite, crypto or block erase.
   @param[in] OverwritePattern 32-bit pattern to overwrite on media.

   @retval EFI_SUCCESS             The media purge request completed successfully
                                   on the device.
   @retval EFI_WRITE_PROTECTED     The device can't be purged due to write
                                   protection.
   @retval EFI_DEVICE_ERROR        The device reported an error while attempting
                                   to perform the purge operation.
   @retval EFI_INVALID_PARAMETER   The purge request contains parameters that
                                   are not valid.
   @retval EFI_NO_MEDIA            There is no media in the device.
   @retval EFI_MEDIA_CHANGED       The MediaId is not for the current media.

 **/
 typedef
 EFI_STATUS
 (EFIAPI *BLOCK_MEDIA_PURGE)(
   IN     MEDIA_SANITIZE_PROTOCOL   *This,
   IN     UINT32                    MediaId,
   IN     UINT32                    PurgeAction,
   IN     UINT32                    OverwritePattern
   );

 /**
   Format Media utilizes native format operations to modify sector/LBA size.
   Secure erase actions are used to define how latent user data is erased.

   NOTE: This function must be called from TPL aaplication or callback.

   @param[in] This              Indicates a pointer to the calling context.
   @param[in] MediaId           The media ID that the clear request is for.
   @param[in] LbaSize           Size of LBA (in terms of power of two: 2^n).
   @param[in] SecureEraseAction Secure erase action, if any, to apply to format.

   @retval EFI_SUCCESS             The media format request comopleted
                                   successfully on the device.
   @retval EFI_WRITE_PROTECTED     The device can't be formatted due to write
                                   protection.
   @retval EFI_DEVICE_ERROR        The device reported an error while attempting
                                   to perform the format operation.
   @retval EFI_INVALID_PARAMETER   The format request contains parameters that
                                   are not valid.
   @retval EFI_NO_MEDIA            There is no media in the device.
   @retval EFI_MEDIA_CHANGED       The MediaId is not for the current media.

  **/
 typedef
 EFI_STATUS
 (EFIAPI *BLOCK_MEDIA_FORMAT)(
   IN     MEDIA_SANITIZE_PROTOCOL  *This,
   IN     UINT32                   MediaId,
   IN     UINT32                   LbaSize,
   IN     UINT32                   SecureEraseAction
   );

 ///
 /// The Media Sanitize Protocol provides the ability for a device to expose
 /// sanitize functionality. This optional protocol is installed on the same handle
 /// as the EFI_BLOCK_IO_PROTOCOL or EFI_BLOCK_IO2_PROTOCOL.
 ///
 struct _MEDIA_SANITIZE_PROTOCOL {
   ///
   /// The revision to which the MEDIA_SANITIZE_PROTOCOL adheres. All future
   /// revisions must be backwards compatible. If a future version is not
   /// backwards compatible, it is not the same GUID.
   ///
   UINT64                Revision;

   ///
   /// A pointer to the EFI_BLOCK_IO_MEDIA data for this device.
   /// Type EFI_BLOCK_IO_MEDIA is defined in BlockIo.h.
   ///
   EFI_BLOCK_IO_MEDIA    *Media;

   ///
   /// SanitizeCapabilities shall which sanitize operations (crypto erase, block
   /// erase, overwrite) is supported by this Block Io device.
   ///
   UINT32                SanitizeCapabilities;

   BLOCK_MEDIA_CLEAR     MediaClear;
   BLOCK_MEDIA_PURGE     MediaPurge;
   BLOCK_MEDIA_FORMAT    MediaFormat;
 };

 extern EFI_GUID  gMediaSanitizeProtocolGuid;

 #endif
	/** @file
	This file defines the Media Sanitize Protocol.

	Copyright (c) Microsoft Corporation.<BR>
	SPDX-License-Identifier: BSD-2-Clause-Patent

	**/

	#ifndef MEDIA_SANITIZE_PROTOCOL_H_
	#define MEDIA_SANITIZE_PROTOCOL_H_

	#define MEDIA_SANITIZE_PROTOCOL_GUID \
	{ \
	0x0d799a99, 0x25af, 0x429e, { 0x92, 0x72, 0xd0, 0xb2, 0x7d, 0x6d, 0x5f, 0x14 } \
	}

	typedef struct _MEDIA_SANITIZE_PROTOCOL MEDIA_SANITIZE_PROTOCOL;

	#define MEDIA_SANITIZE_PROTOCOL_REVISION 0x00010000

	///
	/// Sanitize actions for purge operation.
	///
	/// NOTE: First four actions (no action, overwrite, block erase, crypto erase) cannot
	/// be overlapped. All other fields may be overlapped as they apply.
	///
	#define PURGE_ACTION_NO_ACTION 0x00000000 // No purge action requested
	#define PURGE_ACTION_OVERWRITE 0x00000001 // Overwrite with 32-bit pattern
	#define PURGE_ACTION_BLOCK_ERASE 0x00000002 // Erase Blocks with indeterminate pattern
	#define PURGE_ACTION_CRYPTO_ERASE 0x00000004 // Delete encryption keys only
	#define PURGE_ACTION_RESET_REQUIRED 0x00000008 // Reset required after purge
	#define PURGE_ACTION_NO_DEALLOCATE 0x00000010 // Do no deallocate (trim) flash medai after sanitize
	#define PURGE_ACTION_INVERT_OW_PATTERN 0x00000020 // Invert overwrite pattern between passes
	#define PURGE_ACTION_ALLOW_UNRESTRICTED_SANITIZE_EXIT 0x00000040 // Allow exit without restrictions

	///
	/// Secure erase action for media format operation
	///
	#define FORMAT_SES_NO_SECURE_ERASE_REQUESTED 0x0 // No secure erase operation requested
	#define FORMAT_SES_USER_DATA_ERASE 0x1 // User Data Erase
	#define FORMAT_SES_CRYPTOGRAPHIC_ERASE 0x2 // Cryptographic Erase

	/**
	Clear Media utilizes transport native WRITE commands to write a fixed pattern
	of non-sensitive data. The size of the overwrite buffer shall be equal to the
	one sector/LBA (in bytes).

	NOTE: This function must be called from TPL aaplication or callback.

	@param[in] This Indicates a pointer to the calling context.
	@param[in] MediaId The media ID that the clear request is for.
	@param[in] PassCount Number of passes to write over the media.
	@param[in] SectorOwBuffer Pointer to overwrite pattern buffer.

	@retval EFI_SUCCESS The media clear request completed successfully
	on the device.
	@retval EFI_WRITE_PROTECTED The device can't be cleared due to write
	protection.
	@retval EFI_DEVICE_ERROR The device reported an error while attempting
	to perform the clear operation.
	@retval EFI_INVALID_PARAMETER The clear request contains parameters that
	are not valid.
	@retval EFI_NO_MEDIA There is no media in the device.
	@retval EFI_MEDIA_CHANGED The MediaId is not for the current media.

	**/
	typedef
	EFI_STATUS
	(EFIAPI *BLOCK_MEDIA_CLEAR)(
	IN MEDIA_SANITIZE_PROTOCOL *This,
	IN UINT32 MediaId,
	IN UINT32 PassCount,
	IN VOID *SectorOwBuffer
	);

	/**
	Purge Media utilizes native Sanitize operations. Transport specific
	overwrite, block erase, or crypto erase functions shall be invoked based
	on transport.

	NOTE: This function must be called from TPL aaplication or callback.

	@param[in] This Indicates a pointer to the calling context.
	@param[in] MediaId The media ID that the clear request is for.
	@param[in] PurgeAction Purge action: overwrite, crypto or block erase.
	@param[in] OverwritePattern 32-bit pattern to overwrite on media.

	@retval EFI_SUCCESS The media purge request completed successfully
	on the device.
	@retval EFI_WRITE_PROTECTED The device can't be purged due to write
	protection.
	@retval EFI_DEVICE_ERROR The device reported an error while attempting
	to perform the purge operation.
	@retval EFI_INVALID_PARAMETER The purge request contains parameters that
	are not valid.
	@retval EFI_NO_MEDIA There is no media in the device.
	@retval EFI_MEDIA_CHANGED The MediaId is not for the current media.

	**/
	typedef
	EFI_STATUS
	(EFIAPI *BLOCK_MEDIA_PURGE)(
	IN MEDIA_SANITIZE_PROTOCOL *This,
	IN UINT32 MediaId,
	IN UINT32 PurgeAction,
	IN UINT32 OverwritePattern
	);

	/**
	Format Media utilizes native format operations to modify sector/LBA size.
	Secure erase actions are used to define how latent user data is erased.

	NOTE: This function must be called from TPL aaplication or callback.

	@param[in] This Indicates a pointer to the calling context.
	@param[in] MediaId The media ID that the clear request is for.
	@param[in] LbaSize Size of LBA (in terms of power of two: 2^n).
	@param[in] SecureEraseAction Secure erase action, if any, to apply to format.

	@retval EFI_SUCCESS The media format request comopleted
	successfully on the device.
	@retval EFI_WRITE_PROTECTED The device can't be formatted due to write
	protection.
	@retval EFI_DEVICE_ERROR The device reported an error while attempting
	to perform the format operation.
	@retval EFI_INVALID_PARAMETER The format request contains parameters that
	are not valid.
	@retval EFI_NO_MEDIA There is no media in the device.
	@retval EFI_MEDIA_CHANGED The MediaId is not for the current media.

	**/
	typedef
	EFI_STATUS
	(EFIAPI *BLOCK_MEDIA_FORMAT)(
	IN MEDIA_SANITIZE_PROTOCOL *This,
	IN UINT32 MediaId,
	IN UINT32 LbaSize,
	IN UINT32 SecureEraseAction
	);

	///
	/// The Media Sanitize Protocol provides the ability for a device to expose
	/// sanitize functionality. This optional protocol is installed on the same handle
	/// as the EFI_BLOCK_IO_PROTOCOL or EFI_BLOCK_IO2_PROTOCOL.
	///
	struct _MEDIA_SANITIZE_PROTOCOL {
	///
	/// The revision to which the MEDIA_SANITIZE_PROTOCOL adheres. All future
	/// revisions must be backwards compatible. If a future version is not
	/// backwards compatible, it is not the same GUID.
	///
	UINT64 Revision;

	///
	/// A pointer to the EFI_BLOCK_IO_MEDIA data for this device.
	/// Type EFI_BLOCK_IO_MEDIA is defined in BlockIo.h.
	///
	EFI_BLOCK_IO_MEDIA *Media;

	///
	/// SanitizeCapabilities shall which sanitize operations (crypto erase, block
	/// erase, overwrite) is supported by this Block Io device.
	///
	UINT32 SanitizeCapabilities;

	BLOCK_MEDIA_CLEAR MediaClear;
	BLOCK_MEDIA_PURGE MediaPurge;
	BLOCK_MEDIA_FORMAT MediaFormat;
	};

	extern EFI_GUID gMediaSanitizeProtocolGuid;

	#endif