From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <eric.dong@intel.com>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=192.55.52.43; helo=mga05.intel.com;
 envelope-from=eric.dong@intel.com; receiver=edk2-devel@lists.01.org 
Received: from mga05.intel.com (mga05.intel.com [192.55.52.43])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id ABD13202E5303
 for <edk2-devel@lists.01.org>; Mon,  9 Jul 2018 21:01:55 -0700 (PDT)
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from orsmga007.jf.intel.com ([10.7.209.58])
 by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 09 Jul 2018 21:01:55 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.51,332,1526367600"; d="scan'208";a="55297581"
Received: from ydong10-win10.ccr.corp.intel.com ([10.239.9.24])
 by orsmga007.jf.intel.com with ESMTP; 09 Jul 2018 21:01:54 -0700
From: Eric Dong <eric.dong@intel.com>
To: edk2-devel@lists.01.org
Date: Tue, 10 Jul 2018 12:01:50 +0800
Message-Id: <20180710040152.5812-1-eric.dong@intel.com>
X-Mailer: git-send-email 2.15.0.windows.1
Subject: [Patch 0/2] Fixed correct password not works issue
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Jul 2018 04:01:55 -0000

Opal device may have an count in firmware to decide whether to resistent 
user input password. If yes, even correct password will be reject by device
firmware. This count will be reset only after an cold reboot or user input
correct password.

Opal driver also has an internal count to decide whether allowed user to input 
password. A reboot (code or hot) action will reset this count.

Current implementation just base on the count in opal driver to decide whether
allow user to input password again. In this case, if the count in opal device
already exceeded, even an correct password will be rejected.

New solution will check both count, either cout exceed will cause opal driver 
report count exceed and a shutdown required.

Eric Dong (2):
  SecurityPkg/TcgStorageOpalLib: Return AUTHORITY_LOCKED_OUT error.
  SecurityPkg/OpalPassword: Fixed input correct password not works issue

 SecurityPkg/Library/TcgStorageOpalLib/TcgStorageOpalUtil.c | 10 +++++++++-
 SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c             |  9 +++++++++
 2 files changed, 18 insertions(+), 1 deletion(-)

-- 
2.15.0.windows.1