From: "Dong, Eric" <eric.dong@intel.com>
To: "Chu, Maggie" <maggie.chu@intel.com>,
"devel@edk2.groups.io" <devel@edk2.groups.io>
Cc: "Wang, Jian J" <jian.j.wang@intel.com>,
"Yao, Jiewen" <jiewen.yao@intel.com>,
"Zhang, Qi1" <qi1.zhang@intel.com>,
"Kumar, Rahul1" <rahul1.kumar@intel.com>
Subject: Re: [PATCH] SecurityPkg/OpalPassword: Secure erase is available if encryption is supported
Date: Fri, 16 Oct 2020 00:05:44 +0000 [thread overview]
Message-ID: <CY4PR11MB12722D412828316F23CC4896FE030@CY4PR11MB1272.namprd11.prod.outlook.com> (raw)
In-Reply-To: <20201015071442.955-1-Maggie.Chu@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
-----Original Message-----
From: Chu, Maggie <maggie.chu@intel.com>
Sent: Thursday, October 15, 2020 3:15 PM
To: devel@edk2.groups.io
Cc: Chu, Maggie <maggie.chu@intel.com>; Dong, Eric <eric.dong@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Zhang, Qi1 <qi1.zhang@intel.com>; Kumar, Rahul1 <rahul1.kumar@intel.com>
Subject: [PATCH] SecurityPkg/OpalPassword: Secure erase is available if encryption is supported
From: Maggie Chu <maggie.chu@intel.com>
https://bugzilla.tianocore.org/show_bug.cgi?id=3004
Secure erase is performed by generating a new encryption key,
this is only available if encryption is supported.
This commit will hide "secure erase" option from setup page
if connected device doesn't support encryption.
Signed-off-by: Maggie Chu <maggie.chu@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
---
SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c b/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c
index b5b6aec98c..bf5e374163 100644
--- a/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c
+++ b/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c
@@ -88,7 +88,11 @@ OpalSupportGetAvailableActions(
// Secure erase is performed by generating a new encryption key
// this is only available if encryption is supported
//
- AvalDiskActions->SecureErase = 1;
+ if (SupportedAttributes->MediaEncryption) {
+ AvalDiskActions->SecureErase = 1;
+ } else {
+ AvalDiskActions->SecureErase = 0;
+ }
} else {
AvalDiskActions->PsidRevert = 0;
AvalDiskActions->SecureErase = 0;
--
2.16.2.windows.1
next prev parent reply other threads:[~2020-10-16 0:05 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-15 7:14 [PATCH] SecurityPkg/OpalPassword: Secure erase is available if encryption is supported Maggie Chu
2020-10-15 12:51 ` Yao, Jiewen
2020-10-16 0:05 ` Dong, Eric [this message]
2020-10-23 23:05 ` Yao, Jiewen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CY4PR11MB12722D412828316F23CC4896FE030@CY4PR11MB1272.namprd11.prod.outlook.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox