From mboxrd@z Thu Jan  1 00:00:00 1970
Authentication-Results: mx.groups.io;
 dkim=missing; spf=pass (domain: intel.com, ip: 134.134.136.65, mailfrom: hao.a.wu@intel.com)
Received: from mga03.intel.com (mga03.intel.com [134.134.136.65])
 by groups.io with SMTP; Wed, 08 May 2019 20:03:50 -0700
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga006.fm.intel.com ([10.253.24.20])
  by orsmga103.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 08 May 2019 20:03:49 -0700
X-ExtLoop1: 1
Received: from fmsmsx103.amr.corp.intel.com ([10.18.124.201])
  by fmsmga006.fm.intel.com with ESMTP; 08 May 2019 20:03:49 -0700
Received: from fmsmsx154.amr.corp.intel.com (10.18.116.70) by
 FMSMSX103.amr.corp.intel.com (10.18.124.201) with Microsoft SMTP Server (TLS)
 id 14.3.408.0; Wed, 8 May 2019 20:03:49 -0700
Received: from shsmsx151.ccr.corp.intel.com (10.239.6.50) by
 FMSMSX154.amr.corp.intel.com (10.18.116.70) with Microsoft SMTP Server (TLS)
 id 14.3.408.0; Wed, 8 May 2019 20:03:48 -0700
Received: from shsmsx104.ccr.corp.intel.com ([169.254.5.33]) by
 SHSMSX151.ccr.corp.intel.com ([169.254.3.216]) with mapi id 14.03.0415.000;
 Thu, 9 May 2019 11:03:46 +0800
From: "Wu, Hao A" <hao.a.wu@intel.com>
To: "devel@edk2.groups.io" <devel@edk2.groups.io>, "Dong, Eric"
	<eric.dong@intel.com>
Subject: Re: [edk2-devel] [Patch v2 3/3] SecurityPkg/OpalPassword: Fix "Enable Feature" Menu disappear issue.
Thread-Topic: [edk2-devel] [Patch v2 3/3] SecurityPkg/OpalPassword: Fix
 "Enable Feature" Menu disappear issue.
Thread-Index: AQHVBUp2B3Ol45lQt0i6cvZ0/BJO+KZiHNqQ
Date: Thu, 9 May 2019 03:03:46 +0000
Message-ID: <B80AF82E9BFB8E4FBD8C89DA810C6A093C8D191F@SHSMSX104.ccr.corp.intel.com>
References: <20190508030150.3968-1-eric.dong@intel.com>
 <20190508030150.3968-4-eric.dong@intel.com>
In-Reply-To: <20190508030150.3968-4-eric.dong@intel.com>
Accept-Language: zh-CN, en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.239.127.40]
MIME-Version: 1.0
Return-Path: hao.a.wu@intel.com
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

> -----Original Message-----
> From: devel@edk2.groups.io [mailto:devel@edk2.groups.io] On Behalf Of Do=
ng,
> Eric
> Sent: Wednesday, May 08, 2019 11:02 AM
> To: devel@edk2.groups.io
> Cc: Wu, Hao A
> Subject: [edk2-devel] [Patch v2 3/3] SecurityPkg/OpalPassword: Fix "Enab=
le
> Feature" Menu disappear issue.
>=20
> https://bugzilla.tianocore.org/show_bug.cgi?id=3D1782
>=20
> After change behavior to send BlockSid command at EndOfDxe point,
> check device ownership command will return un-authority error, it
> finally caused opal driver can't show "Enable Feature" menu.
>=20
> Update the code logic to send detect device ownership command
> before send BlockSID command.

Reviewed-by: Hao A Wu <hao.a.wu@intel.com>

Best Regards,
Hao Wu

>=20
> Signed-off-by: Eric Dong <eric.dong@intel.com>
> Cc: Hao Wu <hao.a.wu@intel.com>
> ---
>  .../Tcg/Opal/OpalPassword/OpalDriver.c        | 11 +++++
>  .../Tcg/Opal/OpalPassword/OpalDriver.h        |  1 +
>  SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c   | 46 +++++++++++++++----
>  SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.h   | 15 ++++++
>  4 files changed, 63 insertions(+), 10 deletions(-)
>=20
> diff --git a/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c
> b/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c
> index 009a97f66f..965205c0b2 100644
> --- a/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c
> +++ b/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c
> @@ -458,6 +458,11 @@ SendBlockSidCommand (
>            DEBUG ((DEBUG_ERROR, "OpalBlockSid fail\n"));
>            break;
>          }
> +
> +        //
> +        // Record BlockSID command has been sent.
> +        //
> +        Itr->OpalDisk.SentBlockSID =3D TRUE;
>        }
>=20
>        Itr =3D Itr->Next;
> @@ -2204,6 +2209,12 @@ ProcessOpalRequest (
>          ProcessOpalRequestEnableFeature (Dev, L"Enable Feature:");
>        }
>=20
> +      //
> +      // Update Device ownership.
> +      // Later BlockSID command may block the update.
> +      //
> +      OpalDiskUpdateOwnerShip (&Dev->OpalDisk);
> +
>        break;
>      }
>=20
> diff --git a/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.h
> b/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.h
> index a056e06106..beeabb1c0a 100644
> --- a/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.h
> +++ b/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.h
> @@ -143,6 +143,7 @@ typedef struct {
>    UINT8                                           Password[OPAL_MAX_PAS=
SWORD_SIZE];
>=20
>    UINT32                                          EstimateTimeCost;
> +  BOOLEAN                                         SentBlockSID;        =
   // Check whether
> BlockSid command has been sent.
>  } OPAL_DISK;
>=20
>  //
> diff --git a/SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c
> b/SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c
> index d0f3eda1e8..f101ca1c20 100644
> --- a/SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c
> +++ b/SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c
> @@ -1215,6 +1215,40 @@ OpalDiskInitialize (
>    return OpalDiskUpdateStatus (&Dev->OpalDisk);
>  }
>=20
> +/**
> +  Update the device ownship
> +
> +  @param OpalDisk                The Opal device.
> +
> +  @retval EFI_SUCESS             Get ownership success.
> +  @retval EFI_ACCESS_DENIED      Has send BlockSID command, can't chang=
e
> ownership.
> +  @retval EFI_INVALID_PARAMETER  Not get Msid info before get ownership
> info.
> +
> +**/
> +EFI_STATUS
> +OpalDiskUpdateOwnerShip (
> +  OPAL_DISK        *OpalDisk
> +  )
> +{
>=20
> +  OPAL_SESSION  Session;
> +
> +  if (OpalDisk->MsidLength =3D=3D 0) {
> +    return EFI_INVALID_PARAMETER;
> +  }
> +
> +  if (OpalDisk->SentBlockSID) {
> +    return EFI_ACCESS_DENIED;
> +  }
> +
> +  ZeroMem(&Session, sizeof(Session));
> +  Session.Sscp =3D OpalDisk->Sscp;
> +  Session.MediaId =3D OpalDisk->MediaId;
> +  Session.OpalBaseComId =3D OpalDisk->OpalBaseComId;
> +
> +  OpalDisk->Owner =3D OpalUtilDetermineOwnership(&Session, OpalDisk->Ms=
id,
> OpalDisk->MsidLength);
>=20
> +  return EFI_SUCCESS;
> +}
> +
>  /**
>    Update the device info.
>=20
> @@ -1223,6 +1257,7 @@ OpalDiskInitialize (
>    @retval EFI_SUCESS             Initialize the device success.
>    @retval EFI_DEVICE_ERROR       Get info from device failed.
>    @retval EFI_INVALID_PARAMETER  Not get Msid info before get ownership
> info.
> +  @retval EFI_ACCESS_DENIED      Has send BlockSID command, can't chang=
e
> ownership.
>=20
>  **/
>  EFI_STATUS
> @@ -1243,15 +1278,6 @@ OpalDiskUpdateStatus (
>      return EFI_DEVICE_ERROR;
>    }
>=20
> -  if (OpalDisk->MsidLength =3D=3D 0) {
> -    return EFI_INVALID_PARAMETER;
> -  } else {
> -    //
> -    // Base on the Msid info to get the ownership, so Msid info must ge=
t first.
> -    //
> -    OpalDisk->Owner =3D OpalUtilDetermineOwnership(&Session, OpalDisk-
> >Msid, OpalDisk->MsidLength);
> -  }
> -
> -  return EFI_SUCCESS;
> +  return OpalDiskUpdateOwnerShip (OpalDisk);
>  }
>=20
> diff --git a/SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.h
> b/SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.h
> index d3e236e2fe..89c709df99 100644
> --- a/SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.h
> +++ b/SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.h
> @@ -357,4 +357,19 @@ OpalDiskInitialize (
>    IN OPAL_DRIVER_DEVICE          *Dev
>    );
>=20
> +/**
> +  Update the device ownership
> +
> +  @param OpalDisk                The Opal device.
> +
> +  @retval EFI_SUCESS             Get ownership success.
> +  @retval EFI_ACCESS_DENIED      Has send BlockSID command, can't chang=
e
> ownership.
> +  @retval EFI_INVALID_PARAMETER  Not get Msid info before get ownership
> info.
> +
> +**/
> +EFI_STATUS
> +OpalDiskUpdateOwnerShip (
> +  OPAL_DISK        *OpalDisk
> +  );
> +
>  #endif // _HII_H_
> --
> 2.21.0.windows.1
>=20
>=20
>=20