From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by mx.groups.io with SMTP id smtpd.web12.11272.1602766274745852299 for ; Thu, 15 Oct 2020 05:51:14 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=vCQaxUPA; spf=pass (domain: intel.com, ip: 192.55.52.93, mailfrom: jiewen.yao@intel.com) IronPort-SDR: m1wlQCbp45zQ8u8OrIpOS8o+cjbzGmnDb7qCSpTdghh6Z2rdIy3bYJRlaB5GTC1dawm0AUEOOf uz0ciaR2tNBA== X-IronPort-AV: E=McAfee;i="6000,8403,9774"; a="162872594" X-IronPort-AV: E=Sophos;i="5.77,379,1596524400"; d="scan'208";a="162872594" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga007.jf.intel.com ([10.7.209.58]) by fmsmga102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Oct 2020 05:51:13 -0700 IronPort-SDR: BSMHviIT/+ZiBFZCgO7e7zAh4dfSIFC2hYOhxTn2ZbvBE9NY7eZyZuYiK4pPUbvmxi73w633F1 z3tDlAyDgOSQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.77,379,1596524400"; d="scan'208";a="357704161" Received: from fmsmsx606.amr.corp.intel.com ([10.18.126.86]) by orsmga007.jf.intel.com with ESMTP; 15 Oct 2020 05:51:13 -0700 Received: from fmsmsx603.amr.corp.intel.com (10.18.126.83) by fmsmsx606.amr.corp.intel.com (10.18.126.86) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5; Thu, 15 Oct 2020 05:51:13 -0700 Received: from fmsedg601.ED.cps.intel.com (10.1.192.135) by fmsmsx603.amr.corp.intel.com (10.18.126.83) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5 via Frontend Transport; Thu, 15 Oct 2020 05:51:13 -0700 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (104.47.57.168) by edgegateway.intel.com (192.55.55.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.1713.5; Thu, 15 Oct 2020 05:51:12 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=CmiNr+4npTprj66sir7JhD8kxgYtvHe/dWxCNuoxDDhU9UNJpQJO5Oa3ie+DGKQddmNrNnePj/8+JMftd6ruBGcV0rWgwrJnLCjl8NlIahjtrmjVQX/xRszML8ltwHT/sdNiAi3UyE1OKFbE3zR2DpWn/IAwqLqQ81Q7tw4vkUfyqhXjtA/AlDTDg4N3YjOCmYp9whnV+GrNJZWS9h2OrTXn3u7R4xcp73OxryaOC+jCByIEqg5zpnnDeCJSvgFCisLxu7jFxza5W7EotyrUs9H2IuMOj5nf8ze3A40amN6sBmweUuwUvpjZZP8Pju6qkOW/ZaZrJv/mLcYLV28jNw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=l4l6W5eb3An0e5iVQtRV8741W4Dv9Gx8fPv4m5dmRMI=; b=Z5WijRRPupB19RWTFgEi0F/lQyMi8PL8o7gU3GHUHUI5phSXOm8iOr+K3dcWD6nLt/QWqw257d/8RzV8a4lS8wSKoym1XImF24VX1otp5I7LyUxhxfBdFhh5HvbuM89AKgySKWB2Kd3ItgWs+7NPFp9Ng8Y/x6eWuutHYD0o3UGwZPsjVje/kmoaOttbOs7+YWE9M6MWDlAN5/sKe1wUggy6vWVPh8gejIjO0MmmC2C8kWrdZROiFPcKaSTvl20nEjlC119Wjr2HcBeHPRf1MYbDv7LBuXrbIlpX5xNZptjLnaXFHRr4mvaAaaWMzdi05ufBS8rauNcf4tykfm5QPQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=l4l6W5eb3An0e5iVQtRV8741W4Dv9Gx8fPv4m5dmRMI=; b=vCQaxUPA61x4PcXXpFzQWoNPYdpQ2sx22eWmliHAvx/OZK1DZuSpL+EdtU23WhvnGk/oNbrLZQ9w5BhE81b5xgvjnyQQWNDsfr13ZujEJWcmkjqdL+ELc0Goo82cVkh0qmurKV76AlOS82y5gSgaaHPO1pOGMTavs4MycFscuQk= Received: from CY4PR11MB1288.namprd11.prod.outlook.com (2603:10b6:903:23::8) by CY4PR11MB1606.namprd11.prod.outlook.com (2603:10b6:910:d::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3477.20; Thu, 15 Oct 2020 12:51:12 +0000 Received: from CY4PR11MB1288.namprd11.prod.outlook.com ([fe80::8948:caa4:ca1a:23ac]) by CY4PR11MB1288.namprd11.prod.outlook.com ([fe80::8948:caa4:ca1a:23ac%10]) with mapi id 15.20.3477.020; Thu, 15 Oct 2020 12:51:11 +0000 From: "Yao, Jiewen" To: "Chu, Maggie" , "devel@edk2.groups.io" CC: "Dong, Eric" , "Wang, Jian J" , "Zhang, Qi1" , "Kumar, Rahul1" Subject: Re: [PATCH] SecurityPkg/OpalPassword: Secure erase is available if encryption is supported Thread-Topic: [PATCH] SecurityPkg/OpalPassword: Secure erase is available if encryption is supported Thread-Index: AQHWosLzzf/1zAVLz0Ow+XOo+cWEzKmYnh6w Date: Thu, 15 Oct 2020 12:51:11 +0000 Message-ID: References: <20201015071442.955-1-Maggie.Chu@intel.com> In-Reply-To: <20201015071442.955-1-Maggie.Chu@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-version: 11.5.1.3 dlp-product: dlpe-windows dlp-reaction: no-action authentication-results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=intel.com; x-originating-ip: [192.198.147.216] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 105213b8-6f34-41b0-4fa3-08d87108feb6 x-ms-traffictypediagnostic: CY4PR11MB1606: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:85; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: pu0O3NX/bvmKx9z/yiVsgZns5wj/b6/5/1rWuDjBuMsGTSaHzxA77oqfhGphPv+Wi/kLvZXaKV9oc8rZVlwINbbBqiiGdZDs0DoxqD9bxiWKKqBkgoCyDbziLO9tiXaF/gc2DPz6l35AXXAD41UnWiz39YB877mEGHgBPofSOD82IfhMFLQUUPgt81TZC3g1gZI3M2F2KhaDuOTh5q+00Eszj0wHhk6a7yNQvXnJIaKE9WpAPC+uB7kwzG9aqPHaDTzLHp5Zch74ilryzPBATpvcwq82XUDOvO6l9VphDKTr74ESxurmzGBZ1rug/2qTRpAZD2k8dAGHZ/ElmhVA2aSb+YTN8B4CxhLbKQvpy1Np++66Lh1wnkno0XUGhV3a/eawp4bio10EQDjULGKT+w== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:CY4PR11MB1288.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(396003)(346002)(376002)(39860400002)(136003)(366004)(2906002)(66476007)(66556008)(66446008)(15650500001)(64756008)(76116006)(7696005)(83380400001)(6506007)(66946007)(53546011)(8936002)(83080400001)(71200400001)(9686003)(966005)(110136005)(52536014)(8676002)(5660300002)(316002)(54906003)(55016002)(86362001)(4326008)(26005)(186003)(478600001)(107886003)(33656002);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata: NDH9saPHoqQfik9kg6/EmD/XMMNLDg2m1IFPaCweyAjSWS4Xd7SbVyzgp0JomwTW/D4ZCW4vfj1JWUfbq789l6FzWvUEEfCyrKcPc+h4jEZVGTfTONykxCRZbG2ItxY98/lxaRnQSuSjpJ3aF6aetbweO0HQQW4JgxmbZXqtTQVLhtYbtysR116jPsU+b9Dgu2VjCTpeff5Lx0wIskXGrzIRCo0q2zPADxujYhWU/XIbKZM53lZ4ab+KCHT2rX5TU0EDua6+AJv1EmmoGx93uVGBf1ytsqD/kdHbbGPXngZe3bYtSNgWM3dunkHQwEmgMtRW9f9/mES9B+e3rvHxcjRvMNyK8YpofgBGhgddyNmtgtuTFQuNuqmYM7Vf1avwgZIWA8IFF3DaHdGExVRHCzdCirO6K8mkQp41zaXFDNUcTw2xk8RLPAELJom42meBFjyL3k9FneDMvRh8SO2OExqcjxNJ6mzkW+XOuLcnzVTiWl5ZmM2aR81XNv7u5Aaz/D1SdUZw3eG5En1gZYlnQmOrpU9qmeX4BWdLqVFxt2q/m2X4ro0/8B8hnycEMXGBA9X7yZRGZI23+vJvaV1wm0bxtA5fPHdmfasI9Rq/WWwW+ccjtbLLv0WYoyMiZa7PoW/I4aWUY31tOC6OXJIYVA== MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: CY4PR11MB1288.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 105213b8-6f34-41b0-4fa3-08d87108feb6 X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Oct 2020 12:51:11.8603 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: hBkDzmjKs4njFhBYU8JVYAoKj5wy8c7Hi52HAsilWJSrswHc7L9vGDNqbRMxjxCeSKksjL9GhwWD4nnH/Lb1Rw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR11MB1606 Return-Path: jiewen.yao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Jiewen Yao > -----Original Message----- > From: Chu, Maggie > Sent: Thursday, October 15, 2020 3:15 PM > To: devel@edk2.groups.io > Cc: Chu, Maggie ; Dong, Eric ; > Wang, Jian J ; Yao, Jiewen ; > Zhang, Qi1 ; Kumar, Rahul1 > Subject: [PATCH] SecurityPkg/OpalPassword: Secure erase is available if > encryption is supported >=20 > From: Maggie Chu >=20 > https://bugzilla.tianocore.org/show_bug.cgi?id=3D3004 >=20 > Secure erase is performed by generating a new encryption key, > this is only available if encryption is supported. > This commit will hide "secure erase" option from setup page > if connected device doesn't support encryption. >=20 > Signed-off-by: Maggie Chu > Cc: Eric Dong > Cc: Jian J Wang > Cc: Jiewen Yao > Cc: Qi Zhang > Cc: Rahul Kumar > --- > SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c | 6 +++++- > 1 file changed, 5 insertions(+), 1 deletion(-) >=20 > diff --git a/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c > b/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c > index b5b6aec98c..bf5e374163 100644 > --- a/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c > +++ b/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c > @@ -88,7 +88,11 @@ OpalSupportGetAvailableActions( > // Secure erase is performed by generating a new encryption key >=20 > // this is only available if encryption is supported >=20 > // >=20 > - AvalDiskActions->SecureErase =3D 1; >=20 > + if (SupportedAttributes->MediaEncryption) { >=20 > + AvalDiskActions->SecureErase =3D 1; >=20 > + } else { >=20 > + AvalDiskActions->SecureErase =3D 0; >=20 > + } >=20 > } else { >=20 > AvalDiskActions->PsidRevert =3D 0; >=20 > AvalDiskActions->SecureErase =3D 0; >=20 > -- > 2.16.2.windows.1