From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga07.intel.com (mga07.intel.com [134.134.136.100]) by mx.groups.io with SMTP id smtpd.web10.3609.1602806750135284598 for ; Thu, 15 Oct 2020 17:05:50 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=EjKaRrq+; spf=pass (domain: intel.com, ip: 134.134.136.100, mailfrom: eric.dong@intel.com) IronPort-SDR: G68+0z7AiOy4grtof4T74e7d6trmNMtjzS/G3FWmjA2qa5MH9OyIxCaOOT0QXdRRAlfyhBOrbe 7tM9oPcBcYCQ== X-IronPort-AV: E=McAfee;i="6000,8403,9775"; a="230682484" X-IronPort-AV: E=Sophos;i="5.77,380,1596524400"; d="scan'208";a="230682484" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga006.jf.intel.com ([10.7.209.51]) by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Oct 2020 17:05:47 -0700 IronPort-SDR: fhRv6+l5BU2epJ2612Df/9dX9baBoviGu5//qV4GSNMy6XNCUzK0N5au7sK9FBPwZvaKdBSSVh ZuZuAc3JqJ9w== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.77,380,1596524400"; d="scan'208";a="319227314" Received: from orsmsx601.amr.corp.intel.com ([10.22.229.14]) by orsmga006.jf.intel.com with ESMTP; 15 Oct 2020 17:05:47 -0700 Received: from orsmsx608.amr.corp.intel.com (10.22.229.21) by ORSMSX601.amr.corp.intel.com (10.22.229.14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5; Thu, 15 Oct 2020 17:05:47 -0700 Received: from orsmsx601.amr.corp.intel.com (10.22.229.14) by ORSMSX608.amr.corp.intel.com (10.22.229.21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5; Thu, 15 Oct 2020 17:05:47 -0700 Received: from ORSEDG601.ED.cps.intel.com (10.7.248.6) by orsmsx601.amr.corp.intel.com (10.22.229.14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5 via Frontend Transport; Thu, 15 Oct 2020 17:05:47 -0700 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (104.47.70.104) by edgegateway.intel.com (134.134.137.102) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.1713.5; Thu, 15 Oct 2020 17:05:45 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Z7tmegayWUSUMYVWuS8ZsR6rN8B33aQeuE+B9/w3pG4Ljf9QDoF0YpQ1ZXSDSD5DgiV2qkhExtdJPzZcXX+Ji2kcBnNYgRkuwrl3f4Yibm9e2/hxQBH2zaVpJHVAju0byq1m5nBcKgxt5G40FDR8Hv4G5uB4DhoINlrcUrnQmWjRBmblt2uT1sbTafEpa7gMgxaUEePhIa1R6I/i1z2LWwTb/Rhlb4BG+J2MbUglJAPjsAPhz2hzsku1vAsPt7Keu/WUnBOCviQlvLcsjEuRXThuK++dfMJNi5SBwi5ZhIgRUs6/x8ASuvwrMBDIhZL58J1hTlGiVCmT+3gxJcExRg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Itr6JCXZFvmH7WWYoJ6z37PObAttBAEnuDJ/Dm7W6os=; b=IlX4JDwmEXZQEAe58wCb2yrxGhsCkDuQEMx6zX7PTRhfjSIo9Wdbdv8kAWZeVZriG18A0PFxozZG6SJLiEVta8LfgL0bfKwe7DaAQm3Qbv/AGp5iRkNNYe0K+GUC8mnqWMK0FMR+3uv58URsNeDi/IBckTdISIDw976ih8xZt6cR3nycxRG+8EPWWBKgMq+8S+DqT9YxZMotSGriiY9AeyuCrn8yIWcdeEuvAJ6AIwFaPyH3KClQOe+zKiSwyAJ/WXfNwcJABfjTf1um+EXD2sI9dsTySrP/7frXANdQ+hs0p5WgYcMhoEBEV84deqL6Xt3aUly6FslnjZas/zP0YA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Itr6JCXZFvmH7WWYoJ6z37PObAttBAEnuDJ/Dm7W6os=; b=EjKaRrq+PGOjPXVXrHeQT6NsX8xE5NQsdtVvlk1rWT8cnQTTsO/Tkq/YOevWdXKjzxPTtXsnYQEer5jeMpgGdBGzzC93C4z35kEJ3c6zaKG66jXK2Fts91MPA4RpINeC5IK7JdPyP6SlJUY3kRUKLTLeZXN8rQE/u4Rv8dlGItg= Received: from CY4PR11MB1272.namprd11.prod.outlook.com (2603:10b6:903:29::9) by CY4PR11MB1896.namprd11.prod.outlook.com (2603:10b6:903:11a::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3477.20; Fri, 16 Oct 2020 00:05:44 +0000 Received: from CY4PR11MB1272.namprd11.prod.outlook.com ([fe80::dc7f:73e1:7c43:158b]) by CY4PR11MB1272.namprd11.prod.outlook.com ([fe80::dc7f:73e1:7c43:158b%11]) with mapi id 15.20.3455.031; Fri, 16 Oct 2020 00:05:44 +0000 From: "Dong, Eric" To: "Chu, Maggie" , "devel@edk2.groups.io" CC: "Wang, Jian J" , "Yao, Jiewen" , "Zhang, Qi1" , "Kumar, Rahul1" Subject: Re: [PATCH] SecurityPkg/OpalPassword: Secure erase is available if encryption is supported Thread-Topic: [PATCH] SecurityPkg/OpalPassword: Secure erase is available if encryption is supported Thread-Index: AQHWosLzhKclwHktQEey7jqckEdf0amZWovw Date: Fri, 16 Oct 2020 00:05:44 +0000 Message-ID: References: <20201015071442.955-1-Maggie.Chu@intel.com> In-Reply-To: <20201015071442.955-1-Maggie.Chu@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=intel.com; x-originating-ip: [192.55.46.46] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 9b72f7e7-ebb5-4b5d-6bcb-08d871673a31 x-ms-traffictypediagnostic: CY4PR11MB1896: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:85; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: xhAT02rVQaPPlk+jYAi7TUL7m8Q+SrXM5OuocPMsNm3/fNrQXLNGif12MqlBP/UONHra+viuAJCgXYfWFJhdZQZA6IQuSXix6+8ibIQV8+XoLX6M9mmF1xtxCN4HsIUz74JDHZABUFBxzruS+444LtR3te/BIp1uW6o2qFU3M58xgFGMFViJmMdBpmidSQPxNYdTO1WuK/0L4Cxt8HiS4BKnwYx5urDUksk3x2y3QMvuNGrqcTlFjJNF1Gw8DR+BLQqtarHSFxQQVmZ22BkvT06FVQPO73Jincru87axY3K69MLTTik2BieaOFlODv33nMXbxpVMgdAo+NUYYuN+kU/nzB6k+A9JeeBm5YE1EtgXhNShY9bNfvWSXBgLt9Yw6v2hcxJvHaHctVH/vAyvwA== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:CY4PR11MB1272.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(136003)(396003)(376002)(346002)(366004)(39860400002)(64756008)(66476007)(76116006)(966005)(8676002)(83380400001)(107886003)(186003)(54906003)(110136005)(52536014)(66556008)(66446008)(4326008)(66946007)(478600001)(6506007)(7696005)(8936002)(26005)(53546011)(316002)(33656002)(9686003)(71200400001)(5660300002)(55016002)(15650500001)(2906002)(86362001);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata: VHjsXl26FD8nMvZSU3xNSYJ7n0TC2ncRqBQZONlcXFwUU4yA3kWptDdmDFBX3rpjgbery26G2D+KKTnXq2jBZWCz/nOUsLy2wFEILlavDF7GBivKFrkEJboB11V+L0097excd4AlyyVqYOldL8jXjOHQhfEqKyJFmVCUx9U29eQpA2YXf4+ea74iYm90MJcdDyJQpOmldaX+bEVy9QPTTBwj7IEFkg0j5LHe2X0m9h8J2X8jMDrpF7Iqyd/0mpjtMz4tSEEYg2UuTl2ZSw9qSozPmhYX37VrIbsD7iS7ulwAzAXWa+mUEV8vo+vtWhMcgTaAeaGFVPSfFt6HbxNA6nAG5Q2dK+o54BidZfvYRk+xMsL6huZ7dgUS/uj2H+gTGqsv4wveKBvL4YGpDNDi7fZEs4NP/ZU1RDI1WMLTp4xnRMGTU/fkrwLZzE9yezuJwX0Wbp/Opd0XFaBfuhPksylM+BTXxSHSIBmfC2Fxgaxmh5uFEehKisjf4I4bXgKP+3Svnzi4vPcXWO2Tg/UdIia72GjDPq7x6o1qmoUVen6Nfd6Wh9gET4e5DfGuG8vTizS8GHOdHeob0kW7clfOVB8Zg52F8Z+0WyVsfEy80CeErdeSky9B4DAV+9KstNj3oE+j/HM10f1OaRM7pYsCTw== MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: CY4PR11MB1272.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 9b72f7e7-ebb5-4b5d-6bcb-08d871673a31 X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Oct 2020 00:05:44.2203 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: Me65KzNhyT1uhp2ujMVCOkZbeNSN9rfwnHJpGKwkYfVXkCvo+ER6Q3Ztfr4L/2tIeR3h53qKR9u7DEUXzMV3aQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR11MB1896 Return-Path: eric.dong@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Eric Dong -----Original Message----- From: Chu, Maggie =20 Sent: Thursday, October 15, 2020 3:15 PM To: devel@edk2.groups.io Cc: Chu, Maggie ; Dong, Eric ; W= ang, Jian J ; Yao, Jiewen ; Zh= ang, Qi1 ; Kumar, Rahul1 Subject: [PATCH] SecurityPkg/OpalPassword: Secure erase is available if enc= ryption is supported From: Maggie Chu https://bugzilla.tianocore.org/show_bug.cgi?id=3D3004 Secure erase is performed by generating a new encryption key, this is only available if encryption is supported. This commit will hide "secure erase" option from setup page if connected device doesn't support encryption. Signed-off-by: Maggie Chu Cc: Eric Dong Cc: Jian J Wang Cc: Jiewen Yao Cc: Qi Zhang Cc: Rahul Kumar --- SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c b/SecurityPkg/T= cg/Opal/OpalPassword/OpalDriver.c index b5b6aec98c..bf5e374163 100644 --- a/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c +++ b/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c @@ -88,7 +88,11 @@ OpalSupportGetAvailableActions( // Secure erase is performed by generating a new encryption key // this is only available if encryption is supported // - AvalDiskActions->SecureErase =3D 1; + if (SupportedAttributes->MediaEncryption) { + AvalDiskActions->SecureErase =3D 1; + } else { + AvalDiskActions->SecureErase =3D 0; + } } else { AvalDiskActions->PsidRevert =3D 0; AvalDiskActions->SecureErase =3D 0; --=20 2.16.2.windows.1