From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=134.134.136.24; helo=mga09.intel.com; envelope-from=star.zeng@intel.com; receiver=edk2-devel@lists.01.org Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 417E5209574C2 for ; Tue, 6 Mar 2018 06:21:49 -0800 (PST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga102.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Mar 2018 06:28:03 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.47,431,1515484800"; d="scan'208";a="180345392" Received: from shwdeopenpsi068.ccr.corp.intel.com ([10.239.158.46]) by orsmga004.jf.intel.com with ESMTP; 06 Mar 2018 06:28:02 -0800 From: Star Zeng To: edk2-devel@lists.01.org Cc: Star Zeng , Jiewen Yao , Eric Dong , Chao Zhang Date: Tue, 6 Mar 2018 22:27:53 +0800 Message-Id: <1520346480-65348-1-git-send-email-star.zeng@intel.com> X-Mailer: git-send-email 2.7.0.windows.1 Subject: [PATCH 0/7] OpalPassword: New solution without SMM device code X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Mar 2018 14:21:50 -0000 The patch series is also at https://github.com/lzeng14/edk2 OpalPasswordNew branch. After IOMMU is enabled in S3, original solution with SMM device code (OpalPasswordSmm) to unlock OPAL device for S3 will not work as the DMA operation will be aborted without granted DMA buffer. Instead, this solution is to add OpalPasswordPei to eliminate SMM device code, and OPAL setup UI produced by OpalPasswordDxe will be updated to send requests (set password, update password, and etc), and then the requests will be processed in next boot before SmmReadyToLock, password and device info will be saved to lock box used by OpalPasswordPei to unlock OPAL device for S3. The old solution related codes are also removed. Cc: Jiewen Yao Cc: Eric Dong Cc: Chao Zhang Star Zeng (7): MdeModulePkg LockBoxLib: Support LOCK_BOX_ATTRIBUTE_RESTORE_IN_S3_ONLY SecurityPkg TcgStorageOpalLib: Make it be base type really SecurityPkg TcgStorageCoreLib: Make it be base type really SecurityPkg OpalPassword: Add solution without SMM device code SecurityPkg OpalPassword: Remove old solution SecurityPkg OpalPasswordSupportLib: Remove it SecurityPkg OpalPasswordExtraInfoVariable.h: Remove it MdeModulePkg/Include/Library/LockBoxLib.h | 14 +- .../Library/SmmLockBoxLib/SmmLockBoxDxeLib.c | 4 +- .../Library/SmmLockBoxLib/SmmLockBoxSmmLib.c | 227 +- .../Library/SmmLockBoxLib/SmmLockBoxSmmLib.inf | 10 +- .../Include/Guid/OpalPasswordExtraInfoVariable.h | 27 - .../Include/Library/OpalPasswordSupportLib.h | 289 -- .../OpalPasswordSupportLib.c | 781 ----- .../OpalPasswordSupportLib.inf | 55 - .../OpalPasswordSupportNotify.h | 55 - .../TcgStorageCoreLib/TcgStorageCoreLib.inf | 4 +- .../TcgStorageOpalLib/TcgStorageOpalLib.inf | 8 +- SecurityPkg/SecurityPkg.dec | 4 - SecurityPkg/SecurityPkg.dsc | 6 +- .../ComponentName.c | 0 .../OpalAhciMode.c | 492 ++-- .../OpalAhciMode.h | 93 +- SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c | 2988 ++++++++++++++++++++ .../{OpalPasswordDxe => OpalPassword}/OpalDriver.h | 202 +- .../{OpalPasswordDxe => OpalPassword}/OpalHii.c | 825 ++---- .../OpalHiiPrivate.h => OpalPassword/OpalHii.h} | 150 +- .../OpalHiiCallbacks.c | 6 +- .../OpalHiiFormStrings.uni | 49 +- .../OpalHiiFormValues.h | 74 +- .../OpalNvmeMode.c | 95 +- .../OpalNvmeMode.h | 19 +- .../OpalNvmeReg.h | 5 +- .../Tcg/Opal/OpalPassword/OpalPasswordCommon.h | 65 + .../OpalPasswordDxe.inf | 25 +- .../OpalPasswordForm.vfr | 250 +- .../Tcg/Opal/OpalPassword/OpalPasswordPei.c | 940 ++++++ .../Tcg/Opal/OpalPassword/OpalPasswordPei.h | 133 + .../Tcg/Opal/OpalPassword/OpalPasswordPei.inf | 63 + SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalDriver.c | 1091 ------- .../Tcg/Opal/OpalPasswordDxe/OpalDriverPrivate.h | 102 - SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalHii.h | 146 - SecurityPkg/Tcg/Opal/OpalPasswordSmm/OpalIdeMode.c | 767 ----- SecurityPkg/Tcg/Opal/OpalPasswordSmm/OpalIdeMode.h | 173 -- .../Tcg/Opal/OpalPasswordSmm/OpalPasswordSmm.c | 1088 ------- .../Tcg/Opal/OpalPasswordSmm/OpalPasswordSmm.h | 299 -- .../Tcg/Opal/OpalPasswordSmm/OpalPasswordSmm.inf | 77 - 40 files changed, 5536 insertions(+), 6165 deletions(-) delete mode 100644 SecurityPkg/Include/Guid/OpalPasswordExtraInfoVariable.h delete mode 100644 SecurityPkg/Include/Library/OpalPasswordSupportLib.h delete mode 100644 SecurityPkg/Library/OpalPasswordSupportLib/OpalPasswordSupportLib.c delete mode 100644 SecurityPkg/Library/OpalPasswordSupportLib/OpalPasswordSupportLib.inf delete mode 100644 SecurityPkg/Library/OpalPasswordSupportLib/OpalPasswordSupportNotify.h rename SecurityPkg/Tcg/Opal/{OpalPasswordDxe => OpalPassword}/ComponentName.c (100%) rename SecurityPkg/Tcg/Opal/{OpalPasswordSmm => OpalPassword}/OpalAhciMode.c (68%) rename SecurityPkg/Tcg/Opal/{OpalPasswordSmm => OpalPassword}/OpalAhciMode.h (85%) create mode 100644 SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c rename SecurityPkg/Tcg/Opal/{OpalPasswordDxe => OpalPassword}/OpalDriver.h (72%) rename SecurityPkg/Tcg/Opal/{OpalPasswordDxe => OpalPassword}/OpalHii.c (57%) rename SecurityPkg/Tcg/Opal/{OpalPasswordDxe/OpalHiiPrivate.h => OpalPassword/OpalHii.h} (72%) rename SecurityPkg/Tcg/Opal/{OpalPasswordDxe => OpalPassword}/OpalHiiCallbacks.c (91%) rename SecurityPkg/Tcg/Opal/{OpalPasswordDxe => OpalPassword}/OpalHiiFormStrings.uni (66%) rename SecurityPkg/Tcg/Opal/{OpalPasswordDxe => OpalPassword}/OpalHiiFormValues.h (64%) rename SecurityPkg/Tcg/Opal/{OpalPasswordSmm => OpalPassword}/OpalNvmeMode.c (93%) rename SecurityPkg/Tcg/Opal/{OpalPasswordSmm => OpalPassword}/OpalNvmeMode.h (93%) rename SecurityPkg/Tcg/Opal/{OpalPasswordSmm => OpalPassword}/OpalNvmeReg.h (96%) create mode 100644 SecurityPkg/Tcg/Opal/OpalPassword/OpalPasswordCommon.h rename SecurityPkg/Tcg/Opal/{OpalPasswordDxe => OpalPassword}/OpalPasswordDxe.inf (80%) rename SecurityPkg/Tcg/Opal/{OpalPasswordDxe => OpalPassword}/OpalPasswordForm.vfr (59%) create mode 100644 SecurityPkg/Tcg/Opal/OpalPassword/OpalPasswordPei.c create mode 100644 SecurityPkg/Tcg/Opal/OpalPassword/OpalPasswordPei.h create mode 100644 SecurityPkg/Tcg/Opal/OpalPassword/OpalPasswordPei.inf delete mode 100644 SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalDriver.c delete mode 100644 SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalDriverPrivate.h delete mode 100644 SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalHii.h delete mode 100644 SecurityPkg/Tcg/Opal/OpalPasswordSmm/OpalIdeMode.c delete mode 100644 SecurityPkg/Tcg/Opal/OpalPasswordSmm/OpalIdeMode.h delete mode 100644 SecurityPkg/Tcg/Opal/OpalPasswordSmm/OpalPasswordSmm.c delete mode 100644 SecurityPkg/Tcg/Opal/OpalPasswordSmm/OpalPasswordSmm.h delete mode 100644 SecurityPkg/Tcg/Opal/OpalPasswordSmm/OpalPasswordSmm.inf -- 2.7.0.windows.1