* BootableImageSupportTest\StorageSecurityCommandProtocolTest
@ 2016-08-25 8:43 Ramesh R.
2016-08-26 7:24 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Tian, Feng
0 siblings, 1 reply; 11+ messages in thread
From: Ramesh R. @ 2016-08-25 8:43 UTC (permalink / raw)
To: edk2-devel
Hi,
When the we run the "BootableImageSupportTest\StorageSecurityCommandProtocolTest" test on the NVME devices we are getting into error because of the below testing code.
//
// According to TCG definition, when the Security Protocol field is set to 00h, and SP
// Specific is set to 0000h in a TRUSTED RECEIVE command, return security protocol
// information. This Command is not associated with a security send command
//
Status = StorageSecurityCommand->ReceiveData (
StorageSecurityCommand,
BlockIo->Media->MediaId,
100000000, // Timeout 10-sec
0, // SecurityProtocol
0, // SecurityProtocolSpecifcData
10, // PayloadBufferSize,
DataBuffer, // PayloadBuffer
&RcvDataSize
);
//
// for ATA8-ACS SecurityProtocol, 512 byte is a request
//
if (IsAtaDevice) {
if((Status == EFI_DEVICE_ERROR) || (Status == EFI_WARN_BUFFER_TOO_SMALL)){
AssertionType = EFI_TEST_ASSERTION_PASSED;
} else {
AssertionType = EFI_TEST_ASSERTION_FAILED;
}
} else {
if((!EFI_ERROR(Status)) || (Status == EFI_WARN_BUFFER_TOO_SMALL)){
AssertionType = EFI_TEST_ASSERTION_PASSED;
} else {
AssertionType = EFI_TEST_ASSERTION_FAILED;
}
}
For Ata devices, EFI_DEVICE_ERROR considered as valid error case and for the Nvme ( Non ATA) device it's considered as error. Could you please let us know why there is difference in this case ?.
Thanks,
Ramesh
^ permalink raw reply [flat|nested] 11+ messages in thread* Re: BootableImageSupportTest\StorageSecurityCommandProtocolTest 2016-08-25 8:43 BootableImageSupportTest\StorageSecurityCommandProtocolTest Ramesh R. @ 2016-08-26 7:24 ` Tian, Feng 2016-08-30 17:19 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Ramesh R. 0 siblings, 1 reply; 11+ messages in thread From: Tian, Feng @ 2016-08-26 7:24 UTC (permalink / raw) To: Ramesh R., edk2-devel, Jin, Eric; +Cc: Tian, Feng Yes, I agree it's weird. We are looking at this and will get back to you if we have findings. Thanks Feng -----Original Message----- From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Ramesh R. Sent: Thursday, August 25, 2016 4:44 PM To: edk2-devel <edk2-devel@lists.01.org> Subject: [edk2] BootableImageSupportTest\StorageSecurityCommandProtocolTest Hi, When the we run the "BootableImageSupportTest\StorageSecurityCommandProtocolTest" test on the NVME devices we are getting into error because of the below testing code. // // According to TCG definition, when the Security Protocol field is set to 00h, and SP // Specific is set to 0000h in a TRUSTED RECEIVE command, return security protocol // information. This Command is not associated with a security send command // Status = StorageSecurityCommand->ReceiveData ( StorageSecurityCommand, BlockIo->Media->MediaId, 100000000, // Timeout 10-sec 0, // SecurityProtocol 0, // SecurityProtocolSpecifcData 10, // PayloadBufferSize, DataBuffer, // PayloadBuffer &RcvDataSize ); // // for ATA8-ACS SecurityProtocol, 512 byte is a request // if (IsAtaDevice) { if((Status == EFI_DEVICE_ERROR) || (Status == EFI_WARN_BUFFER_TOO_SMALL)){ AssertionType = EFI_TEST_ASSERTION_PASSED; } else { AssertionType = EFI_TEST_ASSERTION_FAILED; } } else { if((!EFI_ERROR(Status)) || (Status == EFI_WARN_BUFFER_TOO_SMALL)){ AssertionType = EFI_TEST_ASSERTION_PASSED; } else { AssertionType = EFI_TEST_ASSERTION_FAILED; } } For Ata devices, EFI_DEVICE_ERROR considered as valid error case and for the Nvme ( Non ATA) device it's considered as error. Could you please let us know why there is difference in this case ?. Thanks, Ramesh _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: BootableImageSupportTest\StorageSecurityCommandProtocolTest 2016-08-26 7:24 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Tian, Feng @ 2016-08-30 17:19 ` Ramesh R. 2016-09-01 2:42 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Tian, Feng 0 siblings, 1 reply; 11+ messages in thread From: Ramesh R. @ 2016-08-30 17:19 UTC (permalink / raw) To: Tian, Feng, edk2-devel, Jin, Eric Hi Feng, Any update or suggestion on this? Can we consider this as SCT tool issue and would be fixed in next version ? Thanks, Ramesh -----Original Message----- From: Tian, Feng [mailto:feng.tian@intel.com] Sent: 26 August 2016 12:54 To: Ramesh R.; edk2-devel; Jin, Eric Cc: Tian, Feng Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest Yes, I agree it's weird. We are looking at this and will get back to you if we have findings. Thanks Feng -----Original Message----- From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Ramesh R. Sent: Thursday, August 25, 2016 4:44 PM To: edk2-devel <edk2-devel@lists.01.org> Subject: [edk2] BootableImageSupportTest\StorageSecurityCommandProtocolTest Hi, When the we run the "BootableImageSupportTest\StorageSecurityCommandProtocolTest" test on the NVME devices we are getting into error because of the below testing code. // // According to TCG definition, when the Security Protocol field is set to 00h, and SP // Specific is set to 0000h in a TRUSTED RECEIVE command, return security protocol // information. This Command is not associated with a security send command // Status = StorageSecurityCommand->ReceiveData ( StorageSecurityCommand, BlockIo->Media->MediaId, 100000000, // Timeout 10-sec 0, // SecurityProtocol 0, // SecurityProtocolSpecifcData 10, // PayloadBufferSize, DataBuffer, // PayloadBuffer &RcvDataSize ); // // for ATA8-ACS SecurityProtocol, 512 byte is a request // if (IsAtaDevice) { if((Status == EFI_DEVICE_ERROR) || (Status == EFI_WARN_BUFFER_TOO_SMALL)){ AssertionType = EFI_TEST_ASSERTION_PASSED; } else { AssertionType = EFI_TEST_ASSERTION_FAILED; } } else { if((!EFI_ERROR(Status)) || (Status == EFI_WARN_BUFFER_TOO_SMALL)){ AssertionType = EFI_TEST_ASSERTION_PASSED; } else { AssertionType = EFI_TEST_ASSERTION_FAILED; } } For Ata devices, EFI_DEVICE_ERROR considered as valid error case and for the Nvme ( Non ATA) device it's considered as error. Could you please let us know why there is difference in this case ?. Thanks, Ramesh _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: BootableImageSupportTest\StorageSecurityCommandProtocolTest 2016-08-30 17:19 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Ramesh R. @ 2016-09-01 2:42 ` Tian, Feng 2016-09-01 3:47 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Jin, Eric 2016-09-02 18:05 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Ramesh R. 0 siblings, 2 replies; 11+ messages in thread From: Tian, Feng @ 2016-09-01 2:42 UTC (permalink / raw) To: Ramesh R., edk2-devel, Jin, Eric; +Cc: Tian, Feng I checked the ATA spec, it says the transfer length of "Trust-Send" ATA cmd should be 512. But for NVMe and other SCSI device, I didn't see any length limitation on "Security Protocol In" cmd with security protocol field 0 and security protocol specific field 0. It seems user could pass in any length value to get security protocol information. And last, user could get the whole one by passing down "supported security protocol list length" + 8. Ramesh, do you meet real failure case? Eric, what's your opinion on this? Thanks Feng -----Original Message----- From: Ramesh R. [mailto:rameshr@ami.com] Sent: Wednesday, August 31, 2016 1:20 AM To: Tian, Feng <feng.tian@intel.com>; edk2-devel <edk2-devel@lists.01.org>; Jin, Eric <eric.jin@intel.com> Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest Hi Feng, Any update or suggestion on this? Can we consider this as SCT tool issue and would be fixed in next version ? Thanks, Ramesh -----Original Message----- From: Tian, Feng [mailto:feng.tian@intel.com] Sent: 26 August 2016 12:54 To: Ramesh R.; edk2-devel; Jin, Eric Cc: Tian, Feng Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest Yes, I agree it's weird. We are looking at this and will get back to you if we have findings. Thanks Feng -----Original Message----- From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Ramesh R. Sent: Thursday, August 25, 2016 4:44 PM To: edk2-devel <edk2-devel@lists.01.org> Subject: [edk2] BootableImageSupportTest\StorageSecurityCommandProtocolTest Hi, When the we run the "BootableImageSupportTest\StorageSecurityCommandProtocolTest" test on the NVME devices we are getting into error because of the below testing code. // // According to TCG definition, when the Security Protocol field is set to 00h, and SP // Specific is set to 0000h in a TRUSTED RECEIVE command, return security protocol // information. This Command is not associated with a security send command // Status = StorageSecurityCommand->ReceiveData ( StorageSecurityCommand, BlockIo->Media->MediaId, 100000000, // Timeout 10-sec 0, // SecurityProtocol 0, // SecurityProtocolSpecifcData 10, // PayloadBufferSize, DataBuffer, // PayloadBuffer &RcvDataSize ); // // for ATA8-ACS SecurityProtocol, 512 byte is a request // if (IsAtaDevice) { if((Status == EFI_DEVICE_ERROR) || (Status == EFI_WARN_BUFFER_TOO_SMALL)){ AssertionType = EFI_TEST_ASSERTION_PASSED; } else { AssertionType = EFI_TEST_ASSERTION_FAILED; } } else { if((!EFI_ERROR(Status)) || (Status == EFI_WARN_BUFFER_TOO_SMALL)){ AssertionType = EFI_TEST_ASSERTION_PASSED; } else { AssertionType = EFI_TEST_ASSERTION_FAILED; } } For Ata devices, EFI_DEVICE_ERROR considered as valid error case and for the Nvme ( Non ATA) device it's considered as error. Could you please let us know why there is difference in this case ?. Thanks, Ramesh _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: BootableImageSupportTest\StorageSecurityCommandProtocolTest 2016-09-01 2:42 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Tian, Feng @ 2016-09-01 3:47 ` Jin, Eric 2016-09-02 18:05 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Ramesh R. 1 sibling, 0 replies; 11+ messages in thread From: Jin, Eric @ 2016-09-01 3:47 UTC (permalink / raw) To: Tian, Feng, Ramesh R., edk2-devel For the TRUSTED RECEIVE commands of the ATA8-ACS command, in the ATA8-ACS spec, the total data length shall be 512 bytes. Pad bytes are appended as needed to meet this requirement. Pad bytes shall have a value of 00h. For the SECURITY PROTOCOL IN commands of the SPC-4 command, In the SPC-4 spec, when INC_512 is 0, the ALLOCATION LENGTH field expresses the number of bytes to be transferred. It means any value. If the length is larger than 8 bytes, the byte 6-7 indicate the SUPPORTED SECURITY PROTOCOL LIST LENGTH. If the length is larger than (SECURITY PROTOCOL LIST LENGTH + 8), all are returned and plus the pad data. Best Regards Eric -----Original Message----- From: Tian, Feng Sent: Thursday, September 1, 2016 10:42 AM To: Ramesh R. <rameshr@ami.com>; edk2-devel <edk2-devel@lists.01.org>; Jin, Eric <eric.jin@intel.com> Cc: Tian, Feng <feng.tian@intel.com> Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest I checked the ATA spec, it says the transfer length of "Trust-Send" ATA cmd should be 512. But for NVMe and other SCSI device, I didn't see any length limitation on "Security Protocol In" cmd with security protocol field 0 and security protocol specific field 0. It seems user could pass in any length value to get security protocol information. And last, user could get the whole one by passing down "supported security protocol list length" + 8. Ramesh, do you meet real failure case? Eric, what's your opinion on this? Thanks Feng -----Original Message----- From: Ramesh R. [mailto:rameshr@ami.com] Sent: Wednesday, August 31, 2016 1:20 AM To: Tian, Feng <feng.tian@intel.com>; edk2-devel <edk2-devel@lists.01.org>; Jin, Eric <eric.jin@intel.com> Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest Hi Feng, Any update or suggestion on this? Can we consider this as SCT tool issue and would be fixed in next version ? Thanks, Ramesh -----Original Message----- From: Tian, Feng [mailto:feng.tian@intel.com] Sent: 26 August 2016 12:54 To: Ramesh R.; edk2-devel; Jin, Eric Cc: Tian, Feng Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest Yes, I agree it's weird. We are looking at this and will get back to you if we have findings. Thanks Feng -----Original Message----- From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Ramesh R. Sent: Thursday, August 25, 2016 4:44 PM To: edk2-devel <edk2-devel@lists.01.org> Subject: [edk2] BootableImageSupportTest\StorageSecurityCommandProtocolTest Hi, When the we run the "BootableImageSupportTest\StorageSecurityCommandProtocolTest" test on the NVME devices we are getting into error because of the below testing code. // // According to TCG definition, when the Security Protocol field is set to 00h, and SP // Specific is set to 0000h in a TRUSTED RECEIVE command, return security protocol // information. This Command is not associated with a security send command // Status = StorageSecurityCommand->ReceiveData ( StorageSecurityCommand, BlockIo->Media->MediaId, 100000000, // Timeout 10-sec 0, // SecurityProtocol 0, // SecurityProtocolSpecifcData 10, // PayloadBufferSize, DataBuffer, // PayloadBuffer &RcvDataSize ); // // for ATA8-ACS SecurityProtocol, 512 byte is a request // if (IsAtaDevice) { if((Status == EFI_DEVICE_ERROR) || (Status == EFI_WARN_BUFFER_TOO_SMALL)){ AssertionType = EFI_TEST_ASSERTION_PASSED; } else { AssertionType = EFI_TEST_ASSERTION_FAILED; } } else { if((!EFI_ERROR(Status)) || (Status == EFI_WARN_BUFFER_TOO_SMALL)){ AssertionType = EFI_TEST_ASSERTION_PASSED; } else { AssertionType = EFI_TEST_ASSERTION_FAILED; } } For Ata devices, EFI_DEVICE_ERROR considered as valid error case and for the Nvme ( Non ATA) device it's considered as error. Could you please let us know why there is difference in this case ?. Thanks, Ramesh _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: BootableImageSupportTest\StorageSecurityCommandProtocolTest 2016-09-01 2:42 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Tian, Feng 2016-09-01 3:47 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Jin, Eric @ 2016-09-02 18:05 ` Ramesh R. 2016-09-05 3:18 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Tian, Feng 1 sibling, 1 reply; 11+ messages in thread From: Ramesh R. @ 2016-09-02 18:05 UTC (permalink / raw) To: Tian, Feng, edk2-devel, Jin, Eric Hi Feng, Some Nvme devices returns EFI_DEVICE_ERROR for the SCT test code ( when the buffer passed with 10 bytes) and that creates failure in the SCT report. Some Nvme devices returns EFI_SUCCESS also. All the devices return EFI_SUCCESS if the we send the buffer size as "Memory Page size Minimum (MPSMIN)" Thanks, Ramesh -----Original Message----- From: Tian, Feng [mailto:feng.tian@intel.com] Sent: 01 September 2016 8:12 To: Ramesh R.; edk2-devel; Jin, Eric Cc: Tian, Feng Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest I checked the ATA spec, it says the transfer length of "Trust-Send" ATA cmd should be 512. But for NVMe and other SCSI device, I didn't see any length limitation on "Security Protocol In" cmd with security protocol field 0 and security protocol specific field 0. It seems user could pass in any length value to get security protocol information. And last, user could get the whole one by passing down "supported security protocol list length" + 8. Ramesh, do you meet real failure case? Eric, what's your opinion on this? Thanks Feng -----Original Message----- From: Ramesh R. [mailto:rameshr@ami.com] Sent: Wednesday, August 31, 2016 1:20 AM To: Tian, Feng <feng.tian@intel.com>; edk2-devel <edk2-devel@lists.01.org>; Jin, Eric <eric.jin@intel.com> Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest Hi Feng, Any update or suggestion on this? Can we consider this as SCT tool issue and would be fixed in next version ? Thanks, Ramesh -----Original Message----- From: Tian, Feng [mailto:feng.tian@intel.com] Sent: 26 August 2016 12:54 To: Ramesh R.; edk2-devel; Jin, Eric Cc: Tian, Feng Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest Yes, I agree it's weird. We are looking at this and will get back to you if we have findings. Thanks Feng -----Original Message----- From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Ramesh R. Sent: Thursday, August 25, 2016 4:44 PM To: edk2-devel <edk2-devel@lists.01.org> Subject: [edk2] BootableImageSupportTest\StorageSecurityCommandProtocolTest Hi, When the we run the "BootableImageSupportTest\StorageSecurityCommandProtocolTest" test on the NVME devices we are getting into error because of the below testing code. // // According to TCG definition, when the Security Protocol field is set to 00h, and SP // Specific is set to 0000h in a TRUSTED RECEIVE command, return security protocol // information. This Command is not associated with a security send command // Status = StorageSecurityCommand->ReceiveData ( StorageSecurityCommand, BlockIo->Media->MediaId, 100000000, // Timeout 10-sec 0, // SecurityProtocol 0, // SecurityProtocolSpecifcData 10, // PayloadBufferSize, DataBuffer, // PayloadBuffer &RcvDataSize ); // // for ATA8-ACS SecurityProtocol, 512 byte is a request // if (IsAtaDevice) { if((Status == EFI_DEVICE_ERROR) || (Status == EFI_WARN_BUFFER_TOO_SMALL)){ AssertionType = EFI_TEST_ASSERTION_PASSED; } else { AssertionType = EFI_TEST_ASSERTION_FAILED; } } else { if((!EFI_ERROR(Status)) || (Status == EFI_WARN_BUFFER_TOO_SMALL)){ AssertionType = EFI_TEST_ASSERTION_PASSED; } else { AssertionType = EFI_TEST_ASSERTION_FAILED; } } For Ata devices, EFI_DEVICE_ERROR considered as valid error case and for the Nvme ( Non ATA) device it's considered as error. Could you please let us know why there is difference in this case ?. Thanks, Ramesh _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: BootableImageSupportTest\StorageSecurityCommandProtocolTest 2016-09-02 18:05 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Ramesh R. @ 2016-09-05 3:18 ` Tian, Feng 2016-09-05 5:23 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Jin, Eric 2016-09-08 5:11 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Ramesh R. 0 siblings, 2 replies; 11+ messages in thread From: Tian, Feng @ 2016-09-05 3:18 UTC (permalink / raw) To: Ramesh R., edk2-devel, Jin, Eric; +Cc: Tian, Feng Ramesh, I suspect even if you send the buffer size as 512 all the devices should return EFI_SUCCESS as well. As for different NVMe device behavior for length 10, it may be different understanding on spec. Eric, Do you know how to handle such case in SCT? Thanks Feng -----Original Message----- From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Ramesh R. Sent: Saturday, September 3, 2016 2:06 AM To: Tian, Feng <feng.tian@intel.com>; edk2-devel <edk2-devel@lists.01.org>; Jin, Eric <eric.jin@intel.com> Subject: Re: [edk2] BootableImageSupportTest\StorageSecurityCommandProtocolTest Hi Feng, Some Nvme devices returns EFI_DEVICE_ERROR for the SCT test code ( when the buffer passed with 10 bytes) and that creates failure in the SCT report. Some Nvme devices returns EFI_SUCCESS also. All the devices return EFI_SUCCESS if the we send the buffer size as "Memory Page size Minimum (MPSMIN)" Thanks, Ramesh -----Original Message----- From: Tian, Feng [mailto:feng.tian@intel.com] Sent: 01 September 2016 8:12 To: Ramesh R.; edk2-devel; Jin, Eric Cc: Tian, Feng Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest I checked the ATA spec, it says the transfer length of "Trust-Send" ATA cmd should be 512. But for NVMe and other SCSI device, I didn't see any length limitation on "Security Protocol In" cmd with security protocol field 0 and security protocol specific field 0. It seems user could pass in any length value to get security protocol information. And last, user could get the whole one by passing down "supported security protocol list length" + 8. Ramesh, do you meet real failure case? Eric, what's your opinion on this? Thanks Feng -----Original Message----- From: Ramesh R. [mailto:rameshr@ami.com] Sent: Wednesday, August 31, 2016 1:20 AM To: Tian, Feng <feng.tian@intel.com>; edk2-devel <edk2-devel@lists.01.org>; Jin, Eric <eric.jin@intel.com> Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest Hi Feng, Any update or suggestion on this? Can we consider this as SCT tool issue and would be fixed in next version ? Thanks, Ramesh -----Original Message----- From: Tian, Feng [mailto:feng.tian@intel.com] Sent: 26 August 2016 12:54 To: Ramesh R.; edk2-devel; Jin, Eric Cc: Tian, Feng Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest Yes, I agree it's weird. We are looking at this and will get back to you if we have findings. Thanks Feng -----Original Message----- From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Ramesh R. Sent: Thursday, August 25, 2016 4:44 PM To: edk2-devel <edk2-devel@lists.01.org> Subject: [edk2] BootableImageSupportTest\StorageSecurityCommandProtocolTest Hi, When the we run the "BootableImageSupportTest\StorageSecurityCommandProtocolTest" test on the NVME devices we are getting into error because of the below testing code. // // According to TCG definition, when the Security Protocol field is set to 00h, and SP // Specific is set to 0000h in a TRUSTED RECEIVE command, return security protocol // information. This Command is not associated with a security send command // Status = StorageSecurityCommand->ReceiveData ( StorageSecurityCommand, BlockIo->Media->MediaId, 100000000, // Timeout 10-sec 0, // SecurityProtocol 0, // SecurityProtocolSpecifcData 10, // PayloadBufferSize, DataBuffer, // PayloadBuffer &RcvDataSize ); // // for ATA8-ACS SecurityProtocol, 512 byte is a request // if (IsAtaDevice) { if((Status == EFI_DEVICE_ERROR) || (Status == EFI_WARN_BUFFER_TOO_SMALL)){ AssertionType = EFI_TEST_ASSERTION_PASSED; } else { AssertionType = EFI_TEST_ASSERTION_FAILED; } } else { if((!EFI_ERROR(Status)) || (Status == EFI_WARN_BUFFER_TOO_SMALL)){ AssertionType = EFI_TEST_ASSERTION_PASSED; } else { AssertionType = EFI_TEST_ASSERTION_FAILED; } } For Ata devices, EFI_DEVICE_ERROR considered as valid error case and for the Nvme ( Non ATA) device it's considered as error. Could you please let us know why there is difference in this case ?. Thanks, Ramesh _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: BootableImageSupportTest\StorageSecurityCommandProtocolTest 2016-09-05 3:18 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Tian, Feng @ 2016-09-05 5:23 ` Jin, Eric 2016-09-08 5:14 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Ramesh R. 2016-09-08 5:11 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Ramesh R. 1 sibling, 1 reply; 11+ messages in thread From: Jin, Eric @ 2016-09-05 5:23 UTC (permalink / raw) To: Tian, Feng, Ramesh R., edk2-devel "Memory Page size Minimum (MPSMIN)" is Controller Capability and impl-spec. Is it possible for high level driver to get this attribute in UEFI scope? To detect the LIST LENGTH with (>8) buffer size and then get the whole list sounds like a reasonable method. For SCT to handle this case, change the code to if(Status == EFI_SUCCESS) ||(Status == EFI_DEVICE_ERROR) || (Status == EFI_WARN_BUFFER_TOO_SMALL)){ Thanks Eric -----Original Message----- From: Tian, Feng Sent: Monday, September 5, 2016 11:18 AM To: Ramesh R. <rameshr@ami.com>; edk2-devel <edk2-devel@lists.01.org>; Jin, Eric <eric.jin@intel.com> Cc: Tian, Feng <feng.tian@intel.com> Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest Ramesh, I suspect even if you send the buffer size as 512 all the devices should return EFI_SUCCESS as well. As for different NVMe device behavior for length 10, it may be different understanding on spec. Eric, Do you know how to handle such case in SCT? Thanks Feng -----Original Message----- From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Ramesh R. Sent: Saturday, September 3, 2016 2:06 AM To: Tian, Feng <feng.tian@intel.com>; edk2-devel <edk2-devel@lists.01.org>; Jin, Eric <eric.jin@intel.com> Subject: Re: [edk2] BootableImageSupportTest\StorageSecurityCommandProtocolTest Hi Feng, Some Nvme devices returns EFI_DEVICE_ERROR for the SCT test code ( when the buffer passed with 10 bytes) and that creates failure in the SCT report. Some Nvme devices returns EFI_SUCCESS also. All the devices return EFI_SUCCESS if the we send the buffer size as "Memory Page size Minimum (MPSMIN)" Thanks, Ramesh -----Original Message----- From: Tian, Feng [mailto:feng.tian@intel.com] Sent: 01 September 2016 8:12 To: Ramesh R.; edk2-devel; Jin, Eric Cc: Tian, Feng Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest I checked the ATA spec, it says the transfer length of "Trust-Send" ATA cmd should be 512. But for NVMe and other SCSI device, I didn't see any length limitation on "Security Protocol In" cmd with security protocol field 0 and security protocol specific field 0. It seems user could pass in any length value to get security protocol information. And last, user could get the whole one by passing down "supported security protocol list length" + 8. Ramesh, do you meet real failure case? Eric, what's your opinion on this? Thanks Feng -----Original Message----- From: Ramesh R. [mailto:rameshr@ami.com] Sent: Wednesday, August 31, 2016 1:20 AM To: Tian, Feng <feng.tian@intel.com>; edk2-devel <edk2-devel@lists.01.org>; Jin, Eric <eric.jin@intel.com> Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest Hi Feng, Any update or suggestion on this? Can we consider this as SCT tool issue and would be fixed in next version ? Thanks, Ramesh -----Original Message----- From: Tian, Feng [mailto:feng.tian@intel.com] Sent: 26 August 2016 12:54 To: Ramesh R.; edk2-devel; Jin, Eric Cc: Tian, Feng Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest Yes, I agree it's weird. We are looking at this and will get back to you if we have findings. Thanks Feng -----Original Message----- From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Ramesh R. Sent: Thursday, August 25, 2016 4:44 PM To: edk2-devel <edk2-devel@lists.01.org> Subject: [edk2] BootableImageSupportTest\StorageSecurityCommandProtocolTest Hi, When the we run the "BootableImageSupportTest\StorageSecurityCommandProtocolTest" test on the NVME devices we are getting into error because of the below testing code. // // According to TCG definition, when the Security Protocol field is set to 00h, and SP // Specific is set to 0000h in a TRUSTED RECEIVE command, return security protocol // information. This Command is not associated with a security send command // Status = StorageSecurityCommand->ReceiveData ( StorageSecurityCommand, BlockIo->Media->MediaId, 100000000, // Timeout 10-sec 0, // SecurityProtocol 0, // SecurityProtocolSpecifcData 10, // PayloadBufferSize, DataBuffer, // PayloadBuffer &RcvDataSize ); // // for ATA8-ACS SecurityProtocol, 512 byte is a request // if (IsAtaDevice) { if((Status == EFI_DEVICE_ERROR) || (Status == EFI_WARN_BUFFER_TOO_SMALL)){ AssertionType = EFI_TEST_ASSERTION_PASSED; } else { AssertionType = EFI_TEST_ASSERTION_FAILED; } } else { if((!EFI_ERROR(Status)) || (Status == EFI_WARN_BUFFER_TOO_SMALL)){ AssertionType = EFI_TEST_ASSERTION_PASSED; } else { AssertionType = EFI_TEST_ASSERTION_FAILED; } } For Ata devices, EFI_DEVICE_ERROR considered as valid error case and for the Nvme ( Non ATA) device it's considered as error. Could you please let us know why there is difference in this case ?. Thanks, Ramesh _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: BootableImageSupportTest\StorageSecurityCommandProtocolTest 2016-09-05 5:23 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Jin, Eric @ 2016-09-08 5:14 ` Ramesh R. 2016-09-08 5:29 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Jin, Eric 0 siblings, 1 reply; 11+ messages in thread From: Ramesh R. @ 2016-09-08 5:14 UTC (permalink / raw) To: Jin, Eric, Tian, Feng, edk2-devel Cc: Sandip Datta Roy, Srini Narayana, Sundaresan S, RexKuo [郭家成] Hi Eric, Memory Page size Minimum (MPSMIN) is not exposed in the UEFI Scope. Any schedule when this issue would be address in the SCT tool ? Thanks, Ramesh -----Original Message----- From: Jin, Eric [mailto:eric.jin@intel.com] Sent: 05 September 2016 10:54 To: Tian, Feng; Ramesh R.; edk2-devel Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest "Memory Page size Minimum (MPSMIN)" is Controller Capability and impl-spec. Is it possible for high level driver to get this attribute in UEFI scope? To detect the LIST LENGTH with (>8) buffer size and then get the whole list sounds like a reasonable method. For SCT to handle this case, change the code to if(Status == EFI_SUCCESS) ||(Status == EFI_DEVICE_ERROR) || (Status == EFI_WARN_BUFFER_TOO_SMALL)){ Thanks Eric -----Original Message----- From: Tian, Feng Sent: Monday, September 5, 2016 11:18 AM To: Ramesh R. <rameshr@ami.com>; edk2-devel <edk2-devel@lists.01.org>; Jin, Eric <eric.jin@intel.com> Cc: Tian, Feng <feng.tian@intel.com> Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest Ramesh, I suspect even if you send the buffer size as 512 all the devices should return EFI_SUCCESS as well. As for different NVMe device behavior for length 10, it may be different understanding on spec. Eric, Do you know how to handle such case in SCT? Thanks Feng -----Original Message----- From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Ramesh R. Sent: Saturday, September 3, 2016 2:06 AM To: Tian, Feng <feng.tian@intel.com>; edk2-devel <edk2-devel@lists.01.org>; Jin, Eric <eric.jin@intel.com> Subject: Re: [edk2] BootableImageSupportTest\StorageSecurityCommandProtocolTest Hi Feng, Some Nvme devices returns EFI_DEVICE_ERROR for the SCT test code ( when the buffer passed with 10 bytes) and that creates failure in the SCT report. Some Nvme devices returns EFI_SUCCESS also. All the devices return EFI_SUCCESS if the we send the buffer size as "Memory Page size Minimum (MPSMIN)" Thanks, Ramesh -----Original Message----- From: Tian, Feng [mailto:feng.tian@intel.com] Sent: 01 September 2016 8:12 To: Ramesh R.; edk2-devel; Jin, Eric Cc: Tian, Feng Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest I checked the ATA spec, it says the transfer length of "Trust-Send" ATA cmd should be 512. But for NVMe and other SCSI device, I didn't see any length limitation on "Security Protocol In" cmd with security protocol field 0 and security protocol specific field 0. It seems user could pass in any length value to get security protocol information. And last, user could get the whole one by passing down "supported security protocol list length" + 8. Ramesh, do you meet real failure case? Eric, what's your opinion on this? Thanks Feng -----Original Message----- From: Ramesh R. [mailto:rameshr@ami.com] Sent: Wednesday, August 31, 2016 1:20 AM To: Tian, Feng <feng.tian@intel.com>; edk2-devel <edk2-devel@lists.01.org>; Jin, Eric <eric.jin@intel.com> Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest Hi Feng, Any update or suggestion on this? Can we consider this as SCT tool issue and would be fixed in next version ? Thanks, Ramesh -----Original Message----- From: Tian, Feng [mailto:feng.tian@intel.com] Sent: 26 August 2016 12:54 To: Ramesh R.; edk2-devel; Jin, Eric Cc: Tian, Feng Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest Yes, I agree it's weird. We are looking at this and will get back to you if we have findings. Thanks Feng -----Original Message----- From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Ramesh R. Sent: Thursday, August 25, 2016 4:44 PM To: edk2-devel <edk2-devel@lists.01.org> Subject: [edk2] BootableImageSupportTest\StorageSecurityCommandProtocolTest Hi, When the we run the "BootableImageSupportTest\StorageSecurityCommandProtocolTest" test on the NVME devices we are getting into error because of the below testing code. // // According to TCG definition, when the Security Protocol field is set to 00h, and SP // Specific is set to 0000h in a TRUSTED RECEIVE command, return security protocol // information. This Command is not associated with a security send command // Status = StorageSecurityCommand->ReceiveData ( StorageSecurityCommand, BlockIo->Media->MediaId, 100000000, // Timeout 10-sec 0, // SecurityProtocol 0, // SecurityProtocolSpecifcData 10, // PayloadBufferSize, DataBuffer, // PayloadBuffer &RcvDataSize ); // // for ATA8-ACS SecurityProtocol, 512 byte is a request // if (IsAtaDevice) { if((Status == EFI_DEVICE_ERROR) || (Status == EFI_WARN_BUFFER_TOO_SMALL)){ AssertionType = EFI_TEST_ASSERTION_PASSED; } else { AssertionType = EFI_TEST_ASSERTION_FAILED; } } else { if((!EFI_ERROR(Status)) || (Status == EFI_WARN_BUFFER_TOO_SMALL)){ AssertionType = EFI_TEST_ASSERTION_PASSED; } else { AssertionType = EFI_TEST_ASSERTION_FAILED; } } For Ata devices, EFI_DEVICE_ERROR considered as valid error case and for the Nvme ( Non ATA) device it's considered as error. Could you please let us know why there is difference in this case ?. Thanks, Ramesh _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: BootableImageSupportTest\StorageSecurityCommandProtocolTest 2016-09-08 5:14 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Ramesh R. @ 2016-09-08 5:29 ` Jin, Eric 0 siblings, 0 replies; 11+ messages in thread From: Jin, Eric @ 2016-09-08 5:29 UTC (permalink / raw) To: Ramesh R., Tian, Feng, edk2-devel Cc: RexKuo [郭家成], Srini Narayana, Sandip Datta Roy, Sundaresan S If possible, it could be in the version of coming Seattle Plugfest. Thanks Eric -----Original Message----- From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Ramesh R. Sent: Thursday, September 8, 2016 1:14 PM To: Jin, Eric <eric.jin@intel.com>; Tian, Feng <feng.tian@intel.com>; edk2-devel <edk2-devel@lists.01.org> Cc: RexKuo [郭家成] <RexKuo@ami.com.tw>; Srini Narayana <SriniN@ami.com>; Sandip Datta Roy <sandip@ami.com>; Sundaresan S <sundaresans@amiindia.co.in> Subject: Re: [edk2] BootableImageSupportTest\StorageSecurityCommandProtocolTest Hi Eric, Memory Page size Minimum (MPSMIN) is not exposed in the UEFI Scope. Any schedule when this issue would be address in the SCT tool ? Thanks, Ramesh -----Original Message----- From: Jin, Eric [mailto:eric.jin@intel.com] Sent: 05 September 2016 10:54 To: Tian, Feng; Ramesh R.; edk2-devel Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest "Memory Page size Minimum (MPSMIN)" is Controller Capability and impl-spec. Is it possible for high level driver to get this attribute in UEFI scope? To detect the LIST LENGTH with (>8) buffer size and then get the whole list sounds like a reasonable method. For SCT to handle this case, change the code to if(Status == EFI_SUCCESS) ||(Status == EFI_DEVICE_ERROR) || (Status == EFI_WARN_BUFFER_TOO_SMALL)){ Thanks Eric -----Original Message----- From: Tian, Feng Sent: Monday, September 5, 2016 11:18 AM To: Ramesh R. <rameshr@ami.com>; edk2-devel <edk2-devel@lists.01.org>; Jin, Eric <eric.jin@intel.com> Cc: Tian, Feng <feng.tian@intel.com> Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest Ramesh, I suspect even if you send the buffer size as 512 all the devices should return EFI_SUCCESS as well. As for different NVMe device behavior for length 10, it may be different understanding on spec. Eric, Do you know how to handle such case in SCT? Thanks Feng -----Original Message----- From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Ramesh R. Sent: Saturday, September 3, 2016 2:06 AM To: Tian, Feng <feng.tian@intel.com>; edk2-devel <edk2-devel@lists.01.org>; Jin, Eric <eric.jin@intel.com> Subject: Re: [edk2] BootableImageSupportTest\StorageSecurityCommandProtocolTest Hi Feng, Some Nvme devices returns EFI_DEVICE_ERROR for the SCT test code ( when the buffer passed with 10 bytes) and that creates failure in the SCT report. Some Nvme devices returns EFI_SUCCESS also. All the devices return EFI_SUCCESS if the we send the buffer size as "Memory Page size Minimum (MPSMIN)" Thanks, Ramesh -----Original Message----- From: Tian, Feng [mailto:feng.tian@intel.com] Sent: 01 September 2016 8:12 To: Ramesh R.; edk2-devel; Jin, Eric Cc: Tian, Feng Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest I checked the ATA spec, it says the transfer length of "Trust-Send" ATA cmd should be 512. But for NVMe and other SCSI device, I didn't see any length limitation on "Security Protocol In" cmd with security protocol field 0 and security protocol specific field 0. It seems user could pass in any length value to get security protocol information. And last, user could get the whole one by passing down "supported security protocol list length" + 8. Ramesh, do you meet real failure case? Eric, what's your opinion on this? Thanks Feng -----Original Message----- From: Ramesh R. [mailto:rameshr@ami.com] Sent: Wednesday, August 31, 2016 1:20 AM To: Tian, Feng <feng.tian@intel.com>; edk2-devel <edk2-devel@lists.01.org>; Jin, Eric <eric.jin@intel.com> Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest Hi Feng, Any update or suggestion on this? Can we consider this as SCT tool issue and would be fixed in next version ? Thanks, Ramesh -----Original Message----- From: Tian, Feng [mailto:feng.tian@intel.com] Sent: 26 August 2016 12:54 To: Ramesh R.; edk2-devel; Jin, Eric Cc: Tian, Feng Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest Yes, I agree it's weird. We are looking at this and will get back to you if we have findings. Thanks Feng -----Original Message----- From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Ramesh R. Sent: Thursday, August 25, 2016 4:44 PM To: edk2-devel <edk2-devel@lists.01.org> Subject: [edk2] BootableImageSupportTest\StorageSecurityCommandProtocolTest Hi, When the we run the "BootableImageSupportTest\StorageSecurityCommandProtocolTest" test on the NVME devices we are getting into error because of the below testing code. // // According to TCG definition, when the Security Protocol field is set to 00h, and SP // Specific is set to 0000h in a TRUSTED RECEIVE command, return security protocol // information. This Command is not associated with a security send command // Status = StorageSecurityCommand->ReceiveData ( StorageSecurityCommand, BlockIo->Media->MediaId, 100000000, // Timeout 10-sec 0, // SecurityProtocol 0, // SecurityProtocolSpecifcData 10, // PayloadBufferSize, DataBuffer, // PayloadBuffer &RcvDataSize ); // // for ATA8-ACS SecurityProtocol, 512 byte is a request // if (IsAtaDevice) { if((Status == EFI_DEVICE_ERROR) || (Status == EFI_WARN_BUFFER_TOO_SMALL)){ AssertionType = EFI_TEST_ASSERTION_PASSED; } else { AssertionType = EFI_TEST_ASSERTION_FAILED; } } else { if((!EFI_ERROR(Status)) || (Status == EFI_WARN_BUFFER_TOO_SMALL)){ AssertionType = EFI_TEST_ASSERTION_PASSED; } else { AssertionType = EFI_TEST_ASSERTION_FAILED; } } For Ata devices, EFI_DEVICE_ERROR considered as valid error case and for the Nvme ( Non ATA) device it's considered as error. Could you please let us know why there is difference in this case ?. Thanks, Ramesh _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel ^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: BootableImageSupportTest\StorageSecurityCommandProtocolTest 2016-09-05 3:18 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Tian, Feng 2016-09-05 5:23 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Jin, Eric @ 2016-09-08 5:11 ` Ramesh R. 1 sibling, 0 replies; 11+ messages in thread From: Ramesh R. @ 2016-09-08 5:11 UTC (permalink / raw) To: Tian, Feng, edk2-devel, Jin, Eric Cc: Sandip Datta Roy, Srini Narayana, Sundaresan S Hi Feng, With the device we have , we tried 512 as size and all the devices returns EFI_SUCCESS. Thanks, Ramesh -----Original Message----- From: Tian, Feng [mailto:feng.tian@intel.com] Sent: 05 September 2016 08:48 To: Ramesh R.; edk2-devel; Jin, Eric Cc: Tian, Feng Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest Ramesh, I suspect even if you send the buffer size as 512 all the devices should return EFI_SUCCESS as well. As for different NVMe device behavior for length 10, it may be different understanding on spec. Eric, Do you know how to handle such case in SCT? Thanks Feng -----Original Message----- From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Ramesh R. Sent: Saturday, September 3, 2016 2:06 AM To: Tian, Feng <feng.tian@intel.com>; edk2-devel <edk2-devel@lists.01.org>; Jin, Eric <eric.jin@intel.com> Subject: Re: [edk2] BootableImageSupportTest\StorageSecurityCommandProtocolTest Hi Feng, Some Nvme devices returns EFI_DEVICE_ERROR for the SCT test code ( when the buffer passed with 10 bytes) and that creates failure in the SCT report. Some Nvme devices returns EFI_SUCCESS also. All the devices return EFI_SUCCESS if the we send the buffer size as "Memory Page size Minimum (MPSMIN)" Thanks, Ramesh -----Original Message----- From: Tian, Feng [mailto:feng.tian@intel.com] Sent: 01 September 2016 8:12 To: Ramesh R.; edk2-devel; Jin, Eric Cc: Tian, Feng Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest I checked the ATA spec, it says the transfer length of "Trust-Send" ATA cmd should be 512. But for NVMe and other SCSI device, I didn't see any length limitation on "Security Protocol In" cmd with security protocol field 0 and security protocol specific field 0. It seems user could pass in any length value to get security protocol information. And last, user could get the whole one by passing down "supported security protocol list length" + 8. Ramesh, do you meet real failure case? Eric, what's your opinion on this? Thanks Feng -----Original Message----- From: Ramesh R. [mailto:rameshr@ami.com] Sent: Wednesday, August 31, 2016 1:20 AM To: Tian, Feng <feng.tian@intel.com>; edk2-devel <edk2-devel@lists.01.org>; Jin, Eric <eric.jin@intel.com> Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest Hi Feng, Any update or suggestion on this? Can we consider this as SCT tool issue and would be fixed in next version ? Thanks, Ramesh -----Original Message----- From: Tian, Feng [mailto:feng.tian@intel.com] Sent: 26 August 2016 12:54 To: Ramesh R.; edk2-devel; Jin, Eric Cc: Tian, Feng Subject: RE: BootableImageSupportTest\StorageSecurityCommandProtocolTest Yes, I agree it's weird. We are looking at this and will get back to you if we have findings. Thanks Feng -----Original Message----- From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Ramesh R. Sent: Thursday, August 25, 2016 4:44 PM To: edk2-devel <edk2-devel@lists.01.org> Subject: [edk2] BootableImageSupportTest\StorageSecurityCommandProtocolTest Hi, When the we run the "BootableImageSupportTest\StorageSecurityCommandProtocolTest" test on the NVME devices we are getting into error because of the below testing code. // // According to TCG definition, when the Security Protocol field is set to 00h, and SP // Specific is set to 0000h in a TRUSTED RECEIVE command, return security protocol // information. This Command is not associated with a security send command // Status = StorageSecurityCommand->ReceiveData ( StorageSecurityCommand, BlockIo->Media->MediaId, 100000000, // Timeout 10-sec 0, // SecurityProtocol 0, // SecurityProtocolSpecifcData 10, // PayloadBufferSize, DataBuffer, // PayloadBuffer &RcvDataSize ); // // for ATA8-ACS SecurityProtocol, 512 byte is a request // if (IsAtaDevice) { if((Status == EFI_DEVICE_ERROR) || (Status == EFI_WARN_BUFFER_TOO_SMALL)){ AssertionType = EFI_TEST_ASSERTION_PASSED; } else { AssertionType = EFI_TEST_ASSERTION_FAILED; } } else { if((!EFI_ERROR(Status)) || (Status == EFI_WARN_BUFFER_TOO_SMALL)){ AssertionType = EFI_TEST_ASSERTION_PASSED; } else { AssertionType = EFI_TEST_ASSERTION_FAILED; } } For Ata devices, EFI_DEVICE_ERROR considered as valid error case and for the Nvme ( Non ATA) device it's considered as error. Could you please let us know why there is difference in this case ?. Thanks, Ramesh _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel ^ permalink raw reply [flat|nested] 11+ messages in thread
end of thread, other threads:[~2016-09-08 5:29 UTC | newest] Thread overview: 11+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2016-08-25 8:43 BootableImageSupportTest\StorageSecurityCommandProtocolTest Ramesh R. 2016-08-26 7:24 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Tian, Feng 2016-08-30 17:19 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Ramesh R. 2016-09-01 2:42 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Tian, Feng 2016-09-01 3:47 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Jin, Eric 2016-09-02 18:05 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Ramesh R. 2016-09-05 3:18 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Tian, Feng 2016-09-05 5:23 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Jin, Eric 2016-09-08 5:14 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Ramesh R. 2016-09-08 5:29 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Jin, Eric 2016-09-08 5:11 ` BootableImageSupportTest\StorageSecurityCommandProtocolTest Ramesh R.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox