From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: intel.com, ip: 134.134.136.126, mailfrom: hao.a.wu@intel.com) Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by groups.io with SMTP; Mon, 26 Aug 2019 20:03:22 -0700 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga106.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 26 Aug 2019 20:03:22 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,435,1559545200"; d="scan'208";a="331675536" Received: from fmsmsx107.amr.corp.intel.com ([10.18.124.205]) by orsmga004.jf.intel.com with ESMTP; 26 Aug 2019 20:03:21 -0700 Received: from fmsmsx607.amr.corp.intel.com (10.18.126.87) by fmsmsx107.amr.corp.intel.com (10.18.124.205) with Microsoft SMTP Server (TLS) id 14.3.439.0; Mon, 26 Aug 2019 20:03:21 -0700 Received: from fmsmsx607.amr.corp.intel.com (10.18.126.87) by fmsmsx607.amr.corp.intel.com (10.18.126.87) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5; Mon, 26 Aug 2019 20:03:21 -0700 Received: from shsmsx105.ccr.corp.intel.com (10.239.4.158) by fmsmsx607.amr.corp.intel.com (10.18.126.87) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.1.1713.5 via Frontend Transport; Mon, 26 Aug 2019 20:03:21 -0700 Received: from shsmsx104.ccr.corp.intel.com ([169.254.5.112]) by SHSMSX105.ccr.corp.intel.com ([169.254.11.15]) with mapi id 14.03.0439.000; Tue, 27 Aug 2019 11:03:18 +0800 From: "Wu, Hao A" To: "devel@edk2.groups.io" , "Zurcher, Christopher J" CC: "Kinney, Michael D" , "Yao, Jiewen" , "Wang, Jian J" , "Gao, Liming" Subject: Re: [edk2-devel] [PATCH v5 4/4] MdeModulePkg/ScsiDiskDxe: Support Storage Security Command Protocol Thread-Topic: [edk2-devel] [PATCH v5 4/4] MdeModulePkg/ScsiDiskDxe: Support Storage Security Command Protocol Thread-Index: AQHVWTVRZpz6lggcFUWyoderqu9QvqcORHkQ Date: Tue, 27 Aug 2019 03:03:18 +0000 Message-ID: References: <20190822220215.24536-1-christopher.j.zurcher@intel.com> <20190822220215.24536-5-christopher.j.zurcher@intel.com> In-Reply-To: <20190822220215.24536-5-christopher.j.zurcher@intel.com> Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Return-Path: hao.a.wu@intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable > -----Original Message----- > From: devel@edk2.groups.io [mailto:devel@edk2.groups.io] On Behalf Of > Zurcher, Christopher J > Sent: Friday, August 23, 2019 6:02 AM > To: devel@edk2.groups.io > Cc: Kinney, Michael D; Yao, Jiewen; Wang, Jian J; Gao, Liming > Subject: [edk2-devel] [PATCH v5 4/4] MdeModulePkg/ScsiDiskDxe: Support > Storage Security Command Protocol >=20 > This patch implements the EFI_STORAGE_SECURITY_COMMAND_PROTOCOL > in the > ScsiDiskDxe driver. >=20 > Support is currently limited to the RPMB Well-known LUN for UFS devices. For suggested interface changes for UefiScsiLib APIs: ScsiSecurityProtocolInCommand/ScsiSecurityProtocolOutCommand If you agree those changes for UefiScsiLib APIs, please help to update fun= ctions ScsiDiskReceiveData() and ScsiDiskSendData() accordingly. Thanks. Apart from this, the patch looks good to me. Best Regards, Hao Wu >=20 > Cc: Michael D Kinney > Cc: Jiewen Yao > Cc: Jian J Wang > Cc: Liming Gao > Signed-off-by: Christopher J Zurcher > --- > MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf | 3 +- > MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.h | 171 +++++- > MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.c | 614 > +++++++++++++++++++- > 3 files changed, 772 insertions(+), 16 deletions(-) >=20 > diff --git a/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf > b/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf > index 5500d828e9..40818e669b 100644 > --- a/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf > +++ b/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDiskDxe.inf > @@ -3,7 +3,7 @@ > # It detects the SCSI disk media and installs Block I/O and Block I/O2= Protocol > on > # the device handle. > # > -# Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved. > +# Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved. > # SPDX-License-Identifier: BSD-2-Clause-Patent > # > ## > @@ -52,6 +52,7 @@ > gEfiBlockIoProtocolGuid ## BY_START > gEfiBlockIo2ProtocolGuid ## BY_START > gEfiEraseBlockProtocolGuid ## BY_START > + gEfiStorageSecurityCommandProtocolGuid ## BY_START > gEfiScsiIoProtocolGuid ## TO_START > gEfiScsiPassThruProtocolGuid ## TO_START > gEfiExtScsiPassThruProtocolGuid ## TO_START > diff --git a/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.h > b/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.h > index 42c0aaaa95..2d8679ec6f 100644 > --- a/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.h > +++ b/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.h > @@ -1,7 +1,7 @@ > /** @file > Header file for SCSI Disk Driver. >=20 > -Copyright (c) 2004 - 2018, Intel Corporation. All rights reserved.
> +Copyright (c) 2004 - 2019, Intel Corporation. All rights reserved.
> SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > **/ > @@ -22,6 +22,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent > #include > #include > #include > +#include >=20 >=20 > #include > @@ -38,6 +39,10 @@ SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > #define IS_DEVICE_FIXED(a) (a)->FixedDevice ? 1 : 0 >=20 > +#define IS_ALIGNED(addr, size) (((UINTN) (addr) & (size - 1)) =3D=3D= 0) > + > +#define UFS_WLUN_RPMB 0xC4 > + > typedef struct { > UINT32 MaxLbaCnt; > UINT32 MaxBlkDespCnt; > @@ -51,6 +56,8 @@ typedef struct { >=20 > EFI_HANDLE Handle; >=20 > + EFI_STORAGE_SECURITY_COMMAND_PROTOCOL StorageSecurity; > + > EFI_BLOCK_IO_PROTOCOL BlkIo; > EFI_BLOCK_IO2_PROTOCOL BlkIo2; > EFI_BLOCK_IO_MEDIA BlkIoMedia; > @@ -95,6 +102,7 @@ typedef struct { > #define SCSI_DISK_DEV_FROM_BLKIO(a) CR (a, SCSI_DISK_DEV, BlkIo, > SCSI_DISK_DEV_SIGNATURE) > #define SCSI_DISK_DEV_FROM_BLKIO2(a) CR (a, SCSI_DISK_DEV, BlkIo2, > SCSI_DISK_DEV_SIGNATURE) > #define SCSI_DISK_DEV_FROM_ERASEBLK(a) CR (a, SCSI_DISK_DEV, > EraseBlock, SCSI_DISK_DEV_SIGNATURE) > +#define SCSI_DISK_DEV_FROM_STORSEC(a) CR (a, SCSI_DISK_DEV, > StorageSecurity, SCSI_DISK_DEV_SIGNATURE) >=20 > #define SCSI_DISK_DEV_FROM_DISKINFO(a) CR (a, SCSI_DISK_DEV, > DiskInfo, SCSI_DISK_DEV_SIGNATURE) >=20 > @@ -638,6 +646,151 @@ ScsiDiskEraseBlocks ( > ); >=20 >=20 > +/** > + Send a security protocol command to a device that receives data and/o= r > the result > + of one or more commands sent by SendData. > + > + The ReceiveData function sends a security protocol command to the giv= en > MediaId. > + The security protocol command sent is defined by SecurityProtocolId a= nd > contains > + the security protocol specific data SecurityProtocolSpecificData. The > function > + returns the data from the security protocol command in PayloadBuffer. > + > + For devices supporting the SCSI command set, the security protocol > command is sent > + using the SECURITY PROTOCOL IN command defined in SPC-4. > + > + If PayloadBufferSize is too small to store the available data from th= e > security > + protocol command, the function shall copy PayloadBufferSize bytes int= o > the > + PayloadBuffer and return EFI_WARN_BUFFER_TOO_SMALL. > + > + If PayloadBuffer or PayloadTransferSize is NULL and PayloadBufferSize= is > non-zero, > + the function shall return EFI_INVALID_PARAMETER. > + > + If the given MediaId does not support security protocol commands, the > function shall > + return EFI_UNSUPPORTED. If there is no media in the device, the funct= ion > returns > + EFI_NO_MEDIA. If the MediaId is not the ID for the current media in t= he > device, > + the function returns EFI_MEDIA_CHANGED. > + > + If the security protocol fails to complete within the Timeout period,= the > function > + shall return EFI_TIMEOUT. > + > + If the security protocol command completes without an error, the func= tion > shall > + return EFI_SUCCESS. If the security protocol command completes with a= n > error, the > + function shall return EFI_DEVICE_ERROR. > + > + @param This Indicates a pointer to the calli= ng context. > + @param MediaId ID of the medium to receive data= from. > + @param Timeout The timeout, in 100ns units, to = use for the > execution > + of the security protocol command= . A Timeout value of 0 > + means that this function will wa= it indefinitely for the > + security protocol command to exe= cute. If Timeout is > greater > + than zero, then this function wi= ll return EFI_TIMEOUT if > the > + time required to execute the rec= eive data command is > greater than Timeout. > + @param SecurityProtocolId The value of the "Security Proto= col" > parameter of > + the security protocol command to= be sent. > + @param SecurityProtocolSpecificData The value of the "Security Proto= col > Specific" parameter > + of the security protocol command= to be sent. > + @param PayloadBufferSize Size in bytes of the payload dat= a buffer. > + @param PayloadBuffer A pointer to a destination buffe= r to store > the security > + protocol command specific payloa= d data for the security > + protocol command. The caller is = responsible for having > + either implicit or explicit owne= rship of the buffer. > + @param PayloadTransferSize A pointer to a buffer to store t= he size in > bytes of the > + data written to the payload data= buffer. > + > + @retval EFI_SUCCESS The security protocol command co= mpleted > successfully. > + @retval EFI_WARN_BUFFER_TOO_SMALL The PayloadBufferSize was too > small to store the available > + data from the device. The Payloa= dBuffer contains the > truncated data. > + @retval EFI_UNSUPPORTED The given MediaId does not suppo= rt > security protocol commands. > + @retval EFI_DEVICE_ERROR The security protocol command > completed with an error. > + @retval EFI_NO_MEDIA There is no media in the device. > + @retval EFI_MEDIA_CHANGED The MediaId is not for the curre= nt > media. > + @retval EFI_INVALID_PARAMETER The PayloadBuffer or > PayloadTransferSize is NULL and > + PayloadBufferSize is non-zero. > + @retval EFI_TIMEOUT A timeout occurred while waiting= for the > security > + protocol command to execute. > + > +**/ > +EFI_STATUS > +EFIAPI > +ScsiDiskReceiveData ( > + IN EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *This, > + IN UINT32 MediaId OPTIONAL, > + IN UINT64 Timeout, > + IN UINT8 SecurityProtocolId, > + IN UINT16 SecurityProtocolSpecificD= ata, > + IN UINTN PayloadBufferSize, > + OUT VOID *PayloadBuffer, > + OUT UINTN *PayloadTransferSize > + ); > + > +/** > + Send a security protocol command to a device. > + > + The SendData function sends a security protocol command containing th= e > payload > + PayloadBuffer to the given MediaId. The security protocol command sen= t > is > + defined by SecurityProtocolId and contains the security protocol spec= ific > data > + SecurityProtocolSpecificData. If the underlying protocol command requ= ires > a > + specific padding for the command payload, the SendData function shall > add padding > + bytes to the command payload to satisfy the padding requirements. > + > + For devices supporting the SCSI command set, the security protocol > command is sent > + using the SECURITY PROTOCOL OUT command defined in SPC-4. > + > + If PayloadBuffer is NULL and PayloadBufferSize is non-zero, the funct= ion > shall > + return EFI_INVALID_PARAMETER. > + > + If the given MediaId does not support security protocol commands, the > function > + shall return EFI_UNSUPPORTED. If there is no media in the device, the > function > + returns EFI_NO_MEDIA. If the MediaId is not the ID for the current me= dia > in the > + device, the function returns EFI_MEDIA_CHANGED. > + > + If the security protocol fails to complete within the Timeout period,= the > function > + shall return EFI_TIMEOUT. > + > + If the security protocol command completes without an error, the func= tion > shall return > + EFI_SUCCESS. If the security protocol command completes with an error= , > the function > + shall return EFI_DEVICE_ERROR. > + > + @param This Indicates a pointer to the calli= ng context. > + @param MediaId ID of the medium to receive data= from. > + @param Timeout The timeout, in 100ns units, to = use for the > execution > + of the security protocol command= . A Timeout value of 0 > + means that this function will wa= it indefinitely for the > + security protocol command to exe= cute. If Timeout is > greater > + than zero, then this function wi= ll return EFI_TIMEOUT if > the > + time required to execute the rec= eive data command is > greater than Timeout. > + @param SecurityProtocolId The value of the "Security Proto= col" > parameter of > + the security protocol command to= be sent. > + @param SecurityProtocolSpecificData The value of the "Security Proto= col > Specific" parameter > + of the security protocol command= to be sent. > + @param PayloadBufferSize Size in bytes of the payload dat= a buffer. > + @param PayloadBuffer A pointer to a destination buffe= r to store > the security > + protocol command specific payloa= d data for the security > + protocol command. > + > + @retval EFI_SUCCESS The security protocol command co= mpleted > successfully. > + @retval EFI_UNSUPPORTED The given MediaId does not suppo= rt > security protocol commands. > + @retval EFI_DEVICE_ERROR The security protocol command > completed with an error. > + @retval EFI_NO_MEDIA There is no media in the device. > + @retval EFI_MEDIA_CHANGED The MediaId is not for the curre= nt > media. > + @retval EFI_INVALID_PARAMETER The PayloadBuffer is NULL and > PayloadBufferSize is non-zero. > + @retval EFI_TIMEOUT A timeout occurred while waiting= for the > security > + protocol command to execute. > + > +**/ > +EFI_STATUS > +EFIAPI > +ScsiDiskSendData ( > + IN EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *This, > + IN UINT32 MediaId OPTIONAL, > + IN UINT64 Timeout, > + IN UINT8 SecurityProtocolId, > + IN UINT16 SecurityProtocolSpecificD= ata, > + IN UINTN PayloadBufferSize, > + OUT VOID *PayloadBuffer > + ); > + > + > /** > Provides inquiry information for the controller type. >=20 > @@ -1428,4 +1581,20 @@ DetermineInstallEraseBlock ( > IN EFI_HANDLE ChildHandle > ); >=20 > +/** > + Determine if EFI Storage Security Command Protocol should be produced= . > + > + @param ScsiDiskDevice The pointer of SCSI_DISK_DEV. > + @param ChildHandle Handle of device. > + > + @retval TRUE Should produce EFI Storage Security Command Protocol= . > + @retval FALSE Should not produce EFI Storage Security Command > Protocol. > + > +**/ > +BOOLEAN > +DetermineInstallStorageSecurity ( > + IN SCSI_DISK_DEV *ScsiDiskDevice, > + IN EFI_HANDLE ChildHandle > + ); > + > #endif > diff --git a/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.c > b/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.c > index fbdf927a11..fc14a66d46 100644 > --- a/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.c > +++ b/MdeModulePkg/Bus/Scsi/ScsiDiskDxe/ScsiDisk.c > @@ -1,7 +1,7 @@ > /** @file > SCSI disk driver that layers on every SCSI IO protocol in the system. >=20 > -Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.
> +Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.
> SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > **/ > @@ -151,7 +151,9 @@ ScsiDiskDriverBindingSupported ( >=20 > Status =3D ScsiIo->GetDeviceType (ScsiIo, &DeviceType); > if (!EFI_ERROR (Status)) { > - if ((DeviceType =3D=3D EFI_SCSI_TYPE_DISK) || (DeviceType =3D=3D > EFI_SCSI_TYPE_CDROM)) { > + if ((DeviceType =3D=3D EFI_SCSI_TYPE_DISK) || > + (DeviceType =3D=3D EFI_SCSI_TYPE_CDROM) || > + (DeviceType =3D=3D EFI_SCSI_TYPE_WLUN)) { > Status =3D EFI_SUCCESS; > } else { > Status =3D EFI_UNSUPPORTED; > @@ -238,6 +240,8 @@ ScsiDiskDriverBindingStart ( > ScsiDiskDevice->BlkIo2.ReadBlocksEx =3D ScsiDiskReadBlo= cksEx; > ScsiDiskDevice->BlkIo2.WriteBlocksEx =3D ScsiDiskWriteBl= ocksEx; > ScsiDiskDevice->BlkIo2.FlushBlocksEx =3D ScsiDiskFlushBl= ocksEx; > + ScsiDiskDevice->StorageSecurity.ReceiveData =3D ScsiDiskReceive= Data; > + ScsiDiskDevice->StorageSecurity.SendData =3D ScsiDiskSendDat= a; > ScsiDiskDevice->EraseBlock.Revision =3D > EFI_ERASE_BLOCK_PROTOCOL_REVISION; > ScsiDiskDevice->EraseBlock.EraseLengthGranularity =3D 1; > ScsiDiskDevice->EraseBlock.EraseBlocks =3D ScsiDiskEraseBl= ocks; > @@ -258,6 +262,10 @@ ScsiDiskDriverBindingStart ( > ScsiDiskDevice->BlkIo.Media->ReadOnly =3D TRUE; > MustReadCapacity =3D FALSE; > break; > + > + case EFI_SCSI_TYPE_WLUN: > + MustReadCapacity =3D FALSE; > + break; > } > // > // The Sense Data Array's initial size is 6 > @@ -309,8 +317,8 @@ ScsiDiskDriverBindingStart ( > // Determine if Block IO & Block IO2 should be produced on this con= troller > // handle > // > - if (DetermineInstallBlockIo(Controller)) { > - InitializeInstallDiskInfo(ScsiDiskDevice, Controller); > + if (DetermineInstallBlockIo (Controller)) { > + InitializeInstallDiskInfo (ScsiDiskDevice, Controller); > Status =3D gBS->InstallMultipleProtocolInterfaces ( > &Controller, > &gEfiBlockIoProtocolGuid, > @@ -321,16 +329,27 @@ ScsiDiskDriverBindingStart ( > &ScsiDiskDevice->DiskInfo, > NULL > ); > - if (!EFI_ERROR(Status)) { > - if (DetermineInstallEraseBlock(ScsiDiskDevice, Controller)) { > + if (!EFI_ERROR (Status)) { > + if (DetermineInstallEraseBlock (ScsiDiskDevice, Controller)) { > Status =3D gBS->InstallProtocolInterface ( > &Controller, > &gEfiEraseBlockProtocolGuid, > EFI_NATIVE_INTERFACE, > &ScsiDiskDevice->EraseBlock > ); > - if (EFI_ERROR(Status)) { > - DEBUG ((EFI_D_ERROR, "ScsiDisk: Failed to install the Erase= Block > Protocol! Status =3D %r\n", Status)); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "ScsiDisk: Failed to install the Erase= Block > Protocol! Status =3D %r\n", Status)); > + } > + } > + if (DetermineInstallStorageSecurity (ScsiDiskDevice, Controller= )) { > + Status =3D gBS->InstallProtocolInterface ( > + &Controller, > + &gEfiStorageSecurityCommandProtocolGuid, > + EFI_NATIVE_INTERFACE, > + &ScsiDiskDevice->StorageSecurity > + ); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "ScsiDisk: Failed to install the Stora= ge > Security Command Protocol! Status =3D %r\n", Status)); > } > } > ScsiDiskDevice->ControllerNameTable =3D NULL; > @@ -585,7 +604,7 @@ ScsiDiskReadBlocks ( > &ScsiDiskDevice->BlkIo2, > &ScsiDiskDevice->BlkIo2 > ); > - if (DetermineInstallEraseBlock(ScsiDiskDevice, ScsiDiskDevice->Ha= ndle)) { > + if (DetermineInstallEraseBlock (ScsiDiskDevice, ScsiDiskDevice->H= andle)) > { > gBS->ReinstallProtocolInterface ( > ScsiDiskDevice->Handle, > &gEfiEraseBlockProtocolGuid, > @@ -593,6 +612,14 @@ ScsiDiskReadBlocks ( > &ScsiDiskDevice->EraseBlock > ); > } > + if (DetermineInstallStorageSecurity (ScsiDiskDevice, ScsiDiskDevi= ce- > >Handle)) { > + gBS->ReinstallProtocolInterface ( > + ScsiDiskDevice->Handle, > + &gEfiStorageSecurityCommandProtocolGuid, > + &ScsiDiskDevice->StorageSecurity, > + &ScsiDiskDevice->StorageSecurity > + ); > + } > if (Media->MediaPresent) { > Status =3D EFI_MEDIA_CHANGED; > } else { > @@ -606,6 +633,11 @@ ScsiDiskReadBlocks ( > // > BlockSize =3D Media->BlockSize; >=20 > + if (BlockSize =3D=3D 0) { > + Status =3D EFI_DEVICE_ERROR; > + goto Done; > + } > + > NumberOfBlocks =3D BufferSize / BlockSize; >=20 > if (!(Media->MediaPresent)) { > @@ -721,7 +753,7 @@ ScsiDiskWriteBlocks ( > &ScsiDiskDevice->BlkIo2, > &ScsiDiskDevice->BlkIo2 > ); > - if (DetermineInstallEraseBlock(ScsiDiskDevice, ScsiDiskDevice->Ha= ndle)) { > + if (DetermineInstallEraseBlock (ScsiDiskDevice, ScsiDiskDevice->H= andle)) > { > gBS->ReinstallProtocolInterface ( > ScsiDiskDevice->Handle, > &gEfiEraseBlockProtocolGuid, > @@ -729,6 +761,14 @@ ScsiDiskWriteBlocks ( > &ScsiDiskDevice->EraseBlock > ); > } > + if (DetermineInstallStorageSecurity (ScsiDiskDevice, ScsiDiskDevi= ce- > >Handle)) { > + gBS->ReinstallProtocolInterface ( > + ScsiDiskDevice->Handle, > + &gEfiStorageSecurityCommandProtocolGuid, > + &ScsiDiskDevice->StorageSecurity, > + &ScsiDiskDevice->StorageSecurity > + ); > + } > if (Media->MediaPresent) { > Status =3D EFI_MEDIA_CHANGED; > } else { > @@ -742,6 +782,11 @@ ScsiDiskWriteBlocks ( > // > BlockSize =3D Media->BlockSize; >=20 > + if (BlockSize =3D=3D 0) { > + Status =3D EFI_DEVICE_ERROR; > + goto Done; > + } > + > NumberOfBlocks =3D BufferSize / BlockSize; >=20 > if (!(Media->MediaPresent)) { > @@ -947,7 +992,7 @@ ScsiDiskReadBlocksEx ( > &ScsiDiskDevice->BlkIo2, > &ScsiDiskDevice->BlkIo2 > ); > - if (DetermineInstallEraseBlock(ScsiDiskDevice, ScsiDiskDevice->Ha= ndle)) { > + if (DetermineInstallEraseBlock (ScsiDiskDevice, ScsiDiskDevice->H= andle)) > { > gBS->ReinstallProtocolInterface ( > ScsiDiskDevice->Handle, > &gEfiEraseBlockProtocolGuid, > @@ -955,6 +1000,14 @@ ScsiDiskReadBlocksEx ( > &ScsiDiskDevice->EraseBlock > ); > } > + if (DetermineInstallStorageSecurity (ScsiDiskDevice, ScsiDiskDevi= ce- > >Handle)) { > + gBS->ReinstallProtocolInterface ( > + ScsiDiskDevice->Handle, > + &gEfiStorageSecurityCommandProtocolGuid, > + &ScsiDiskDevice->StorageSecurity, > + &ScsiDiskDevice->StorageSecurity > + ); > + } > if (Media->MediaPresent) { > Status =3D EFI_MEDIA_CHANGED; > } else { > @@ -968,6 +1021,11 @@ ScsiDiskReadBlocksEx ( > // > BlockSize =3D Media->BlockSize; >=20 > + if (BlockSize =3D=3D 0) { > + Status =3D EFI_DEVICE_ERROR; > + goto Done; > + } > + > NumberOfBlocks =3D BufferSize / BlockSize; >=20 > if (!(Media->MediaPresent)) { > @@ -1110,7 +1168,7 @@ ScsiDiskWriteBlocksEx ( > &ScsiDiskDevice->BlkIo2, > &ScsiDiskDevice->BlkIo2 > ); > - if (DetermineInstallEraseBlock(ScsiDiskDevice, ScsiDiskDevice->Ha= ndle)) { > + if (DetermineInstallEraseBlock (ScsiDiskDevice, ScsiDiskDevice->H= andle)) > { > gBS->ReinstallProtocolInterface ( > ScsiDiskDevice->Handle, > &gEfiEraseBlockProtocolGuid, > @@ -1118,6 +1176,14 @@ ScsiDiskWriteBlocksEx ( > &ScsiDiskDevice->EraseBlock > ); > } > + if (DetermineInstallStorageSecurity (ScsiDiskDevice, ScsiDiskDevi= ce- > >Handle)) { > + gBS->ReinstallProtocolInterface ( > + ScsiDiskDevice->Handle, > + &gEfiStorageSecurityCommandProtocolGuid, > + &ScsiDiskDevice->StorageSecurity, > + &ScsiDiskDevice->StorageSecurity > + ); > + } > if (Media->MediaPresent) { > Status =3D EFI_MEDIA_CHANGED; > } else { > @@ -1131,6 +1197,11 @@ ScsiDiskWriteBlocksEx ( > // > BlockSize =3D Media->BlockSize; >=20 > + if (BlockSize =3D=3D 0) { > + Status =3D EFI_DEVICE_ERROR; > + goto Done; > + } > + > NumberOfBlocks =3D BufferSize / BlockSize; >=20 > if (!(Media->MediaPresent)) { > @@ -1263,7 +1334,7 @@ ScsiDiskFlushBlocksEx ( > &ScsiDiskDevice->BlkIo2, > &ScsiDiskDevice->BlkIo2 > ); > - if (DetermineInstallEraseBlock(ScsiDiskDevice, ScsiDiskDevice->Ha= ndle)) { > + if (DetermineInstallEraseBlock (ScsiDiskDevice, ScsiDiskDevice->H= andle)) > { > gBS->ReinstallProtocolInterface ( > ScsiDiskDevice->Handle, > &gEfiEraseBlockProtocolGuid, > @@ -1271,6 +1342,14 @@ ScsiDiskFlushBlocksEx ( > &ScsiDiskDevice->EraseBlock > ); > } > + if (DetermineInstallStorageSecurity (ScsiDiskDevice, ScsiDiskDevi= ce- > >Handle)) { > + gBS->ReinstallProtocolInterface ( > + ScsiDiskDevice->Handle, > + &gEfiStorageSecurityCommandProtocolGuid, > + &ScsiDiskDevice->StorageSecurity, > + &ScsiDiskDevice->StorageSecurity > + ); > + } > if (Media->MediaPresent) { > Status =3D EFI_MEDIA_CHANGED; > } else { > @@ -1644,7 +1723,7 @@ ScsiDiskEraseBlocks ( > &ScsiDiskDevice->BlkIo2, > &ScsiDiskDevice->BlkIo2 > ); > - if (DetermineInstallEraseBlock(ScsiDiskDevice, ScsiDiskDevice->Ha= ndle)) { > + if (DetermineInstallEraseBlock (ScsiDiskDevice, ScsiDiskDevice->H= andle)) > { > gBS->ReinstallProtocolInterface ( > ScsiDiskDevice->Handle, > &gEfiEraseBlockProtocolGuid, > @@ -1652,6 +1731,14 @@ ScsiDiskEraseBlocks ( > &ScsiDiskDevice->EraseBlock > ); > } > + if (DetermineInstallStorageSecurity (ScsiDiskDevice, ScsiDiskDevi= ce- > >Handle)) { > + gBS->ReinstallProtocolInterface ( > + ScsiDiskDevice->Handle, > + &gEfiStorageSecurityCommandProtocolGuid, > + &ScsiDiskDevice->StorageSecurity, > + &ScsiDiskDevice->StorageSecurity > + ); > + } > Status =3D EFI_MEDIA_CHANGED; > goto Done; > } > @@ -1708,6 +1795,429 @@ Done: > return Status; > } >=20 > +/** > + Send a security protocol command to a device that receives data and/o= r > the result > + of one or more commands sent by SendData. > + > + The ReceiveData function sends a security protocol command to the giv= en > MediaId. > + The security protocol command sent is defined by SecurityProtocolId a= nd > contains > + the security protocol specific data SecurityProtocolSpecificData. The > function > + returns the data from the security protocol command in PayloadBuffer. > + > + For devices supporting the SCSI command set, the security protocol > command is sent > + using the SECURITY PROTOCOL IN command defined in SPC-4. > + > + If PayloadBufferSize is too small to store the available data from th= e > security > + protocol command, the function shall copy PayloadBufferSize bytes int= o > the > + PayloadBuffer and return EFI_WARN_BUFFER_TOO_SMALL. > + > + If PayloadBuffer or PayloadTransferSize is NULL and PayloadBufferSize= is > non-zero, > + the function shall return EFI_INVALID_PARAMETER. > + > + If the given MediaId does not support security protocol commands, the > function shall > + return EFI_UNSUPPORTED. If there is no media in the device, the funct= ion > returns > + EFI_NO_MEDIA. If the MediaId is not the ID for the current media in t= he > device, > + the function returns EFI_MEDIA_CHANGED. > + > + If the security protocol fails to complete within the Timeout period,= the > function > + shall return EFI_TIMEOUT. > + > + If the security protocol command completes without an error, the func= tion > shall > + return EFI_SUCCESS. If the security protocol command completes with a= n > error, the > + function shall return EFI_DEVICE_ERROR. > + > + @param This Indicates a pointer to the calli= ng context. > + @param MediaId ID of the medium to receive data= from. > + @param Timeout The timeout, in 100ns units, to = use for the > execution > + of the security protocol command= . A Timeout value of 0 > + means that this function will wa= it indefinitely for the > + security protocol command to exe= cute. If Timeout is > greater > + than zero, then this function wi= ll return EFI_TIMEOUT if > the > + time required to execute the rec= eive data command is > greater than Timeout. > + @param SecurityProtocolId The value of the "Security Proto= col" > parameter of > + the security protocol command to= be sent. > + @param SecurityProtocolSpecificData The value of the "Security Proto= col > Specific" parameter > + of the security protocol command= to be sent. > + @param PayloadBufferSize Size in bytes of the payload dat= a buffer. > + @param PayloadBuffer A pointer to a destination buffe= r to store > the security > + protocol command specific payloa= d data for the security > + protocol command. The caller is = responsible for having > + either implicit or explicit owne= rship of the buffer. > + @param PayloadTransferSize A pointer to a buffer to store t= he size in > bytes of the > + data written to the payload data= buffer. > + > + @retval EFI_SUCCESS The security protocol command co= mpleted > successfully. > + @retval EFI_WARN_BUFFER_TOO_SMALL The PayloadBufferSize was too > small to store the available > + data from the device. The Payloa= dBuffer contains the > truncated data. > + @retval EFI_UNSUPPORTED The given MediaId does not suppo= rt > security protocol commands. > + @retval EFI_DEVICE_ERROR The security protocol command > completed with an error. > + @retval EFI_NO_MEDIA There is no media in the device. > + @retval EFI_MEDIA_CHANGED The MediaId is not for the curre= nt > media. > + @retval EFI_INVALID_PARAMETER The PayloadBuffer or > PayloadTransferSize is NULL and > + PayloadBufferSize is non-zero. > + @retval EFI_TIMEOUT A timeout occurred while waiting= for the > security > + protocol command to execute. > + > +**/ > +EFI_STATUS > +EFIAPI > +ScsiDiskReceiveData ( > + IN EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *This, > + IN UINT32 MediaId OPTIONAL, > + IN UINT64 Timeout, > + IN UINT8 SecurityProtocolId, > + IN UINT16 SecurityProtocolSpecificD= ata, > + IN UINTN PayloadBufferSize, > + OUT VOID *PayloadBuffer, > + OUT UINTN *PayloadTransferSize > + ) > +{ > + SCSI_DISK_DEV *ScsiDiskDevice; > + EFI_BLOCK_IO_MEDIA *Media; > + EFI_STATUS Status; > + BOOLEAN MediaChange; > + EFI_TPL OldTpl; > + UINT8 SenseDataLength; > + UINT8 HostAdapterStatus; > + UINT8 TargetStatus; > + VOID *AlignedBuffer; > + BOOLEAN AlignedBufferAllocated; > + > + AlignedBuffer =3D NULL; > + MediaChange =3D FALSE; > + AlignedBufferAllocated =3D FALSE; > + OldTpl =3D gBS->RaiseTPL (TPL_CALLBACK); > + ScsiDiskDevice =3D SCSI_DISK_DEV_FROM_STORSEC (This); > + Media =3D ScsiDiskDevice->BlkIo.Media; > + > + SenseDataLength =3D (UINT8) (ScsiDiskDevice->SenseDataNumber * sizeof > (EFI_SCSI_SENSE_DATA)); > + > + if (!IS_DEVICE_FIXED (ScsiDiskDevice)) { > + Status =3D ScsiDiskDetectMedia (ScsiDiskDevice, FALSE, &MediaChange= ); > + if (EFI_ERROR (Status)) { > + Status =3D EFI_DEVICE_ERROR; > + goto Done; > + } > + > + if (MediaChange) { > + gBS->ReinstallProtocolInterface ( > + ScsiDiskDevice->Handle, > + &gEfiBlockIoProtocolGuid, > + &ScsiDiskDevice->BlkIo, > + &ScsiDiskDevice->BlkIo > + ); > + gBS->ReinstallProtocolInterface ( > + ScsiDiskDevice->Handle, > + &gEfiBlockIo2ProtocolGuid, > + &ScsiDiskDevice->BlkIo2, > + &ScsiDiskDevice->BlkIo2 > + ); > + if (DetermineInstallEraseBlock (ScsiDiskDevice, ScsiDiskDevice->H= andle)) > { > + gBS->ReinstallProtocolInterface ( > + ScsiDiskDevice->Handle, > + &gEfiEraseBlockProtocolGuid, > + &ScsiDiskDevice->EraseBlock, > + &ScsiDiskDevice->EraseBlock > + ); > + } > + if (DetermineInstallStorageSecurity (ScsiDiskDevice, ScsiDiskDevi= ce- > >Handle)) { > + gBS->ReinstallProtocolInterface ( > + ScsiDiskDevice->Handle, > + &gEfiStorageSecurityCommandProtocolGuid, > + &ScsiDiskDevice->StorageSecurity, > + &ScsiDiskDevice->StorageSecurity > + ); > + } > + if (Media->MediaPresent) { > + Status =3D EFI_MEDIA_CHANGED; > + } else { > + Status =3D EFI_NO_MEDIA; > + } > + goto Done; > + } > + } > + > + // > + // Validate Media > + // > + if (!(Media->MediaPresent)) { > + Status =3D EFI_NO_MEDIA; > + goto Done; > + } > + > + if ((MediaId !=3D 0) && (MediaId !=3D Media->MediaId)) { > + Status =3D EFI_MEDIA_CHANGED; > + goto Done; > + } > + > + if (PayloadBufferSize !=3D 0) { > + if ((PayloadBuffer =3D=3D NULL) || (PayloadTransferSize =3D=3D NULL= )) { > + Status =3D EFI_INVALID_PARAMETER; > + goto Done; > + } > + > + if ((ScsiDiskDevice->ScsiIo->IoAlign > 1) && !IS_ALIGNED (PayloadBu= ffer, > ScsiDiskDevice->ScsiIo->IoAlign)) { > + AlignedBuffer =3D AllocateAlignedBuffer (ScsiDiskDevice, > PayloadBufferSize); > + if (AlignedBuffer =3D=3D NULL) { > + Status =3D EFI_OUT_OF_RESOURCES; > + goto Done; > + } > + ZeroMem (AlignedBuffer, PayloadBufferSize); > + AlignedBufferAllocated =3D TRUE; > + } else { > + AlignedBuffer =3D PayloadBuffer; > + } > + } > + > + Status =3D ScsiSecurityProtocolInCommand ( > + ScsiDiskDevice->ScsiIo, > + Timeout, > + ScsiDiskDevice->SenseData, > + &SenseDataLength, > + &HostAdapterStatus, > + &TargetStatus, > + SecurityProtocolId, > + SecurityProtocolSpecificData, > + (UINT32) PayloadBufferSize, > + AlignedBuffer, > + (UINT32 *) PayloadTransferSize > + ); > + if (EFI_ERROR (Status)) { > + goto Done; > + } > + > + if (AlignedBufferAllocated) { > + CopyMem (PayloadBuffer, AlignedBuffer, PayloadBufferSize); > + } > + > + if (PayloadBufferSize < *PayloadTransferSize) { > + Status =3D EFI_WARN_BUFFER_TOO_SMALL; > + goto Done; > + } > + > + Status =3D CheckHostAdapterStatus (HostAdapterStatus); > + if (EFI_ERROR (Status)) { > + goto Done; > + } > + > + Status =3D CheckTargetStatus (TargetStatus); > + if (EFI_ERROR (Status)) { > + goto Done; > + } > + > +Done: > + if (AlignedBufferAllocated) { > + ZeroMem (AlignedBuffer, PayloadBufferSize); > + FreeAlignedBuffer (AlignedBuffer, PayloadBufferSize); > + } > + gBS->RestoreTPL (OldTpl); > + return Status; > +} > + > +/** > + Send a security protocol command to a device. > + > + The SendData function sends a security protocol command containing th= e > payload > + PayloadBuffer to the given MediaId. The security protocol command sen= t > is > + defined by SecurityProtocolId and contains the security protocol spec= ific > data > + SecurityProtocolSpecificData. If the underlying protocol command requ= ires > a > + specific padding for the command payload, the SendData function shall > add padding > + bytes to the command payload to satisfy the padding requirements. > + > + For devices supporting the SCSI command set, the security protocol > command is sent > + using the SECURITY PROTOCOL OUT command defined in SPC-4. > + > + If PayloadBuffer is NULL and PayloadBufferSize is non-zero, the funct= ion > shall > + return EFI_INVALID_PARAMETER. > + > + If the given MediaId does not support security protocol commands, the > function > + shall return EFI_UNSUPPORTED. If there is no media in the device, the > function > + returns EFI_NO_MEDIA. If the MediaId is not the ID for the current me= dia > in the > + device, the function returns EFI_MEDIA_CHANGED. > + > + If the security protocol fails to complete within the Timeout period,= the > function > + shall return EFI_TIMEOUT. > + > + If the security protocol command completes without an error, the func= tion > shall return > + EFI_SUCCESS. If the security protocol command completes with an error= , > the function > + shall return EFI_DEVICE_ERROR. > + > + @param This Indicates a pointer to the calli= ng context. > + @param MediaId ID of the medium to receive data= from. > + @param Timeout The timeout, in 100ns units, to = use for the > execution > + of the security protocol command= . A Timeout value of 0 > + means that this function will wa= it indefinitely for the > + security protocol command to exe= cute. If Timeout is > greater > + than zero, then this function wi= ll return EFI_TIMEOUT if > the > + time required to execute the rec= eive data command is > greater than Timeout. > + @param SecurityProtocolId The value of the "Security Proto= col" > parameter of > + the security protocol command to= be sent. > + @param SecurityProtocolSpecificData The value of the "Security Proto= col > Specific" parameter > + of the security protocol command= to be sent. > + @param PayloadBufferSize Size in bytes of the payload dat= a buffer. > + @param PayloadBuffer A pointer to a destination buffe= r to store > the security > + protocol command specific payloa= d data for the security > + protocol command. > + > + @retval EFI_SUCCESS The security protocol command co= mpleted > successfully. > + @retval EFI_UNSUPPORTED The given MediaId does not suppo= rt > security protocol commands. > + @retval EFI_DEVICE_ERROR The security protocol command > completed with an error. > + @retval EFI_NO_MEDIA There is no media in the device. > + @retval EFI_MEDIA_CHANGED The MediaId is not for the curre= nt > media. > + @retval EFI_INVALID_PARAMETER The PayloadBuffer is NULL and > PayloadBufferSize is non-zero. > + @retval EFI_TIMEOUT A timeout occurred while waiting= for the > security > + protocol command to execute. > + > +**/ > +EFI_STATUS > +EFIAPI > +ScsiDiskSendData ( > + IN EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *This, > + IN UINT32 MediaId OPTIONAL, > + IN UINT64 Timeout, > + IN UINT8 SecurityProtocolId, > + IN UINT16 SecurityProtocolSpecificD= ata, > + IN UINTN PayloadBufferSize, > + OUT VOID *PayloadBuffer > + ) > +{ > + SCSI_DISK_DEV *ScsiDiskDevice; > + EFI_BLOCK_IO_MEDIA *Media; > + EFI_STATUS Status; > + BOOLEAN MediaChange; > + EFI_TPL OldTpl; > + UINT8 SenseDataLength; > + UINT8 HostAdapterStatus; > + UINT8 TargetStatus; > + VOID *AlignedBuffer; > + BOOLEAN AlignedBufferAllocated; > + > + AlignedBuffer =3D NULL; > + MediaChange =3D FALSE; > + AlignedBufferAllocated =3D FALSE; > + OldTpl =3D gBS->RaiseTPL (TPL_CALLBACK); > + ScsiDiskDevice =3D SCSI_DISK_DEV_FROM_STORSEC (This); > + Media =3D ScsiDiskDevice->BlkIo.Media; > + > + SenseDataLength =3D (UINT8) (ScsiDiskDevice->SenseDataNumber * sizeof > (EFI_SCSI_SENSE_DATA)); > + > + if (!IS_DEVICE_FIXED (ScsiDiskDevice)) { > + Status =3D ScsiDiskDetectMedia (ScsiDiskDevice, FALSE, &MediaChange= ); > + if (EFI_ERROR (Status)) { > + Status =3D EFI_DEVICE_ERROR; > + goto Done; > + } > + > + if (MediaChange) { > + gBS->ReinstallProtocolInterface ( > + ScsiDiskDevice->Handle, > + &gEfiBlockIoProtocolGuid, > + &ScsiDiskDevice->BlkIo, > + &ScsiDiskDevice->BlkIo > + ); > + gBS->ReinstallProtocolInterface ( > + ScsiDiskDevice->Handle, > + &gEfiBlockIo2ProtocolGuid, > + &ScsiDiskDevice->BlkIo2, > + &ScsiDiskDevice->BlkIo2 > + ); > + if (DetermineInstallEraseBlock (ScsiDiskDevice, ScsiDiskDevice->H= andle)) > { > + gBS->ReinstallProtocolInterface ( > + ScsiDiskDevice->Handle, > + &gEfiEraseBlockProtocolGuid, > + &ScsiDiskDevice->EraseBlock, > + &ScsiDiskDevice->EraseBlock > + ); > + } > + if (DetermineInstallStorageSecurity (ScsiDiskDevice, ScsiDiskDevi= ce- > >Handle)) { > + gBS->ReinstallProtocolInterface ( > + ScsiDiskDevice->Handle, > + &gEfiStorageSecurityCommandProtocolGuid, > + &ScsiDiskDevice->StorageSecurity, > + &ScsiDiskDevice->StorageSecurity > + ); > + } > + if (Media->MediaPresent) { > + Status =3D EFI_MEDIA_CHANGED; > + } else { > + Status =3D EFI_NO_MEDIA; > + } > + goto Done; > + } > + } > + > + // > + // Validate Media > + // > + if (!(Media->MediaPresent)) { > + Status =3D EFI_NO_MEDIA; > + goto Done; > + } > + > + if ((MediaId !=3D 0) && (MediaId !=3D Media->MediaId)) { > + Status =3D EFI_MEDIA_CHANGED; > + goto Done; > + } > + > + if (Media->ReadOnly) { > + Status =3D EFI_WRITE_PROTECTED; > + goto Done; > + } > + > + if (PayloadBufferSize !=3D 0) { > + if (PayloadBuffer =3D=3D NULL) { > + Status =3D EFI_INVALID_PARAMETER; > + goto Done; > + } > + > + if ((ScsiDiskDevice->ScsiIo->IoAlign > 1) && !IS_ALIGNED (PayloadBu= ffer, > ScsiDiskDevice->ScsiIo->IoAlign)) { > + AlignedBuffer =3D AllocateAlignedBuffer (ScsiDiskDevice, > PayloadBufferSize); > + if (AlignedBuffer =3D=3D NULL) { > + Status =3D EFI_OUT_OF_RESOURCES; > + goto Done; > + } > + CopyMem (AlignedBuffer, PayloadBuffer, PayloadBufferSize); > + AlignedBufferAllocated =3D TRUE; > + } else { > + AlignedBuffer =3D PayloadBuffer; > + } > + } > + > + Status =3D ScsiSecurityProtocolOutCommand ( > + ScsiDiskDevice->ScsiIo, > + Timeout, > + ScsiDiskDevice->SenseData, > + &SenseDataLength, > + &HostAdapterStatus, > + &TargetStatus, > + SecurityProtocolId, > + SecurityProtocolSpecificData, > + (UINT32) PayloadBufferSize, > + AlignedBuffer > + ); > + if (EFI_ERROR (Status)) { > + goto Done; > + } > + > + Status =3D CheckHostAdapterStatus (HostAdapterStatus); > + if (EFI_ERROR (Status)) { > + goto Done; > + } > + > + Status =3D CheckTargetStatus (TargetStatus); > + if (EFI_ERROR (Status)) { > + goto Done; > + } > + > +Done: > + if (AlignedBufferAllocated) { > + ZeroMem (AlignedBuffer, PayloadBufferSize); > + FreeAlignedBuffer (AlignedBuffer, PayloadBufferSize); > + } > + gBS->RestoreTPL (OldTpl); > + return Status; > +} > + >=20 > /** > Detect Device and read out capacity ,if error occurs, parse the sense= key. > @@ -1812,6 +2322,15 @@ ScsiDiskDetectMedia ( > NeedReadCapacity =3D TRUE; > } >=20 > + // > + // READ_CAPACITY command is not supported by any of the UFS WLUNs. > + // > + if (ScsiDiskDevice->DeviceType =3D=3D EFI_SCSI_TYPE_WLUN) { > + NeedReadCapacity =3D FALSE; > + MustReadCapacity =3D FALSE; > + ScsiDiskDevice->BlkIo.Media->MediaPresent =3D TRUE; > + } > + > // > // either NeedReadCapacity is TRUE, or MustReadCapacity is TRUE, > // retrieve capacity via Read Capacity command > @@ -5358,6 +5877,14 @@ DetermineInstallEraseBlock ( > RetVal =3D TRUE; > CapacityData16 =3D NULL; >=20 > + // > + // UNMAP command is not supported by any of the UFS WLUNs. > + // > + if (ScsiDiskDevice->DeviceType =3D=3D EFI_SCSI_TYPE_WLUN) { > + RetVal =3D FALSE; > + goto Done; > + } > + > Status =3D gBS->HandleProtocol ( > ChildHandle, > &gEfiDevicePathProtocolGuid, > @@ -5460,6 +5987,65 @@ Done: > return RetVal; > } >=20 > +/** > + Determine if EFI Storage Security Command Protocol should be produced= . > + > + @param ScsiDiskDevice The pointer of SCSI_DISK_DEV. > + @param ChildHandle Handle of device. > + > + @retval TRUE Should produce EFI Storage Security Command Protocol= . > + @retval FALSE Should not produce EFI Storage Security Command > Protocol. > + > +**/ > +BOOLEAN > +DetermineInstallStorageSecurity ( > + IN SCSI_DISK_DEV *ScsiDiskDevice, > + IN EFI_HANDLE ChildHandle > + ) > +{ > + EFI_STATUS Status; > + UFS_DEVICE_PATH *UfsDevice; > + BOOLEAN RetVal; > + EFI_DEVICE_PATH_PROTOCOL *DevicePathNode; > + > + UfsDevice =3D NULL; > + RetVal =3D TRUE; > + > + Status =3D gBS->HandleProtocol ( > + ChildHandle, > + &gEfiDevicePathProtocolGuid, > + (VOID **) &DevicePathNode > + ); > + // > + // Device Path protocol must be installed on the device handle. > + // > + ASSERT_EFI_ERROR (Status); > + > + while (!IsDevicePathEndType (DevicePathNode)) { > + // > + // For now, only support Storage Security Command Protocol on UFS > devices. > + // > + if ((DevicePathNode->Type =3D=3D MESSAGING_DEVICE_PATH) && > + (DevicePathNode->SubType =3D=3D MSG_UFS_DP)) { > + UfsDevice =3D (UFS_DEVICE_PATH *) DevicePathNode; > + break; > + } > + > + DevicePathNode =3D NextDevicePathNode (DevicePathNode); > + } > + if (UfsDevice =3D=3D NULL) { > + RetVal =3D FALSE; > + goto Done; > + } > + > + if (UfsDevice->Lun !=3D UFS_WLUN_RPMB) { > + RetVal =3D FALSE; > + } > + > +Done: > + return RetVal; > +} > + > /** > Provides inquiry information for the controller type. >=20 > -- > 2.16.2.windows.1 >=20 >=20 >=20