From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 8EAA61A1E57 for ; Wed, 31 Aug 2016 19:42:07 -0700 (PDT) Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by orsmga104.jf.intel.com with ESMTP; 31 Aug 2016 19:42:07 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.30,264,1470726000"; d="scan'208";a="163099595" Received: from fmsmsx106.amr.corp.intel.com ([10.18.124.204]) by fmsmga004.fm.intel.com with ESMTP; 31 Aug 2016 19:42:06 -0700 Received: from fmsmsx111.amr.corp.intel.com (10.18.116.5) by FMSMSX106.amr.corp.intel.com (10.18.124.204) with Microsoft SMTP Server (TLS) id 14.3.248.2; Wed, 31 Aug 2016 19:42:06 -0700 Received: from shsmsx102.ccr.corp.intel.com (10.239.4.154) by fmsmsx111.amr.corp.intel.com (10.18.116.5) with Microsoft SMTP Server (TLS) id 14.3.248.2; Wed, 31 Aug 2016 19:42:05 -0700 Received: from shsmsx101.ccr.corp.intel.com ([169.254.1.91]) by shsmsx102.ccr.corp.intel.com ([169.254.2.109]) with mapi id 14.03.0248.002; Thu, 1 Sep 2016 10:42:03 +0800 From: "Tian, Feng" To: Ramesh R. , edk2-devel , "Jin, Eric" CC: "Tian, Feng" Thread-Topic: BootableImageSupportTest\StorageSecurityCommandProtocolTest Thread-Index: AdH+rBKMD33ErVHaTU69l2RWRNE5FAAvq2BQAN3zvKAARX8+gA== Date: Thu, 1 Sep 2016 02:42:02 +0000 Message-ID: <7F1BAD85ADEA444D97065A60D2E97EE566D84D98@SHSMSX101.ccr.corp.intel.com> References: <7F1BAD85ADEA444D97065A60D2E97EE538825C19@SHSMSX101.ccr.corp.intel.com> In-Reply-To: Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: BootableImageSupportTest\StorageSecurityCommandProtocolTest X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Sep 2016 02:42:07 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable I checked the ATA spec, it says the transfer length of "Trust-Send" ATA cmd= should be 512. But for NVMe and other SCSI device, I didn't see any length limitation on "= Security Protocol In" cmd with security protocol field 0 and security proto= col specific field 0. It seems user could pass in any length value to get security protocol infor= mation. And last, user could get the whole one by passing down "supported s= ecurity protocol list length" + 8. Ramesh, do you meet real failure case? Eric, what's your opinion on this? Thanks Feng -----Original Message----- From: Ramesh R. [mailto:rameshr@ami.com]=20 Sent: Wednesday, August 31, 2016 1:20 AM To: Tian, Feng ; edk2-devel ;= Jin, Eric Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest Hi Feng, Any update or suggestion on this? Can we consider this as SCT tool issue = and would be fixed in next version ? Thanks, Ramesh -----Original Message----- From: Tian, Feng [mailto:feng.tian@intel.com]=20 Sent: 26 August 2016 12:54 To: Ramesh R.; edk2-devel; Jin, Eric Cc: Tian, Feng Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest Yes, I agree it's weird.=20 We are looking at this and will get back to you if we have findings. Thanks Feng -----Original Message----- From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Rame= sh R. Sent: Thursday, August 25, 2016 4:44 PM To: edk2-devel Subject: [edk2] BootableImageSupportTest\StorageSecurityCommandProtocolTest Hi, When the we run the "BootableImageSupportTest\StorageSecurityCommandProt= ocolTest" test on the NVME devices we are getting into error because of the= below testing code. // // According to TCG definition, when the Security Protocol field is set= to 00h, and SP // Specific is set to 0000h in a TRUSTED RECEIVE command, return securi= ty protocol // information. This Command is not associated with a security send com= mand // Status =3D StorageSecurityCommand->ReceiveData ( StorageSecurityCommand, BlockIo->Media->MediaId, 100000000, // Tim= eout 10-sec 0, // Sec= urityProtocol 0, // Sec= urityProtocolSpecifcData 10, // Pay= loadBufferSize, DataBuffer, // Pay= loadBuffer &RcvDataSize ); // // for ATA8-ACS SecurityProtocol, 512 byte is a request // if (IsAtaDevice) { if((Status =3D=3D EFI_DEVICE_ERROR) || (Status =3D=3D EFI_WARN_BUFFER= _TOO_SMALL)){ AssertionType =3D EFI_TEST_ASSERTION_PASSED; } else { AssertionType =3D EFI_TEST_ASSERTION_FAILED; } } else { if((!EFI_ERROR(Status)) || (Status =3D=3D EFI_WARN_BUFFER_TOO_SMALL))= { AssertionType =3D EFI_TEST_ASSERTION_PASSED; } else { AssertionType =3D EFI_TEST_ASSERTION_FAILED; } } For Ata devices, EFI_DEVICE_ERROR considered as valid error case and for th= e Nvme ( Non ATA) device it's considered as error. Could you please let us = know why there is difference in this case ?. Thanks, Ramesh _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel