tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
audk/SecurityPkg/Tcg/Opal/OpalPassword/OpalPasswordPei.h

61 lines
1.7 KiB
C
Raw Normal View History

SecurityPkg OpalPassword: Add solution without SMM device code After IOMMU is enabled in S3, original solution with SMM device code (OpalPasswordSmm) to unlock OPAL device for S3 will not work as the DMA operation will be aborted without granted DMA buffer. Instead, this solution is to add OpalPasswordPei to eliminate SMM device code, and OPAL setup UI produced by OpalPasswordDxe will be updated to send requests (set password, update password, and etc), and then the requests will be processed in next boot before SmmReadyToLock, password and device info will be saved to lock box used by OpalPasswordPei to unlock OPAL device for S3. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
2018-02-11 04:00:44 +01:00
/** @file
Opal Password PEI driver which is used to unlock Opal Password for S3.
SecurityPkg/OpalPassword: Remove HW init codes and consume SSC PPI REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1409 For the current implementation of OpalPassword drivers, it has a feature to support devices being automatically unlocked in the S3 resume. For this feature, two types of devices are supported: * ATA hard disks working under AHCI mode * NVM Express devices The support of this feature requires the above 2 types of device to be initialized at the PEI phase during S3 resume, which is done by the co-work of the OpalPasswordDxe driver and the OpalPasswordPei driver. More specifically, the OpalPasswordDxe will handle: * Pre-allocate MMIO resource and save it in a driver internal LockBox for OpalPasswordPei to retrieve; * Save the PCI configuration space of ATA controllers into boot script. Meanwhile, the OpalPasswordPei will handle: * Rely on the boot script for the PCI configuration space program of ATA controllers; * Restore the driver internal LockBox to get the MMIO resource; * Complete the PCI configuration space program for ATA and NVME controllers; * Initialize ATA and NVME controllers and devices. This commit will remove these hardware initialization related codes from the OpalPassword drivers. The hardware initialization will be covered by PEI storage device drivers (e.g. NvmExpressPei & AhciPei in the MdeModulePkg). After such codes removal, the OpalPasswordDxe will only handle: * Construct/update the S3StorageDeviceInitList LockBox with the managing ATA and NVME devices. And the OpalPasswordPei will only handle: * Locate Storage Security Command PPI instances to perform the device automatic unlock during the S3 resume. Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com>
2018-08-27 10:52:13 +02:00
Copyright (c) 2016 - 2019, Intel Corporation. All rights reserved.<BR>
SecurityPkg: Replace BSD License with BSD+Patent License https://bugzilla.tianocore.org/show_bug.cgi?id=1373 Replace BSD 2-Clause License with BSD+Patent License. This change is based on the following emails: https://lists.01.org/pipermail/edk2-devel/2019-February/036260.html https://lists.01.org/pipermail/edk2-devel/2018-October/030385.html RFCs with detailed process for the license change: V3: https://lists.01.org/pipermail/edk2-devel/2019-March/038116.html V2: https://lists.01.org/pipermail/edk2-devel/2019-March/037669.html V1: https://lists.01.org/pipermail/edk2-devel/2019-March/037500.html Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com> Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
2019-04-04 01:06:56 +02:00
SPDX-License-Identifier: BSD-2-Clause-Patent
SecurityPkg OpalPassword: Add solution without SMM device code After IOMMU is enabled in S3, original solution with SMM device code (OpalPasswordSmm) to unlock OPAL device for S3 will not work as the DMA operation will be aborted without granted DMA buffer. Instead, this solution is to add OpalPasswordPei to eliminate SMM device code, and OPAL setup UI produced by OpalPasswordDxe will be updated to send requests (set password, update password, and etc), and then the requests will be processed in next boot before SmmReadyToLock, password and device info will be saved to lock box used by OpalPasswordPei to unlock OPAL device for S3. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
2018-02-11 04:00:44 +01:00
**/
#ifndef _OPAL_PASSWORD_PEI_H_
#define _OPAL_PASSWORD_PEI_H_
#include <PiPei.h>
#include <Library/DebugLib.h>
#include <Library/IoLib.h>
#include <Library/PciLib.h>
#include <Library/BaseLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/PeimEntryPoint.h>
#include <Library/PeiServicesLib.h>
#include <Library/LockBoxLib.h>
#include <Library/TcgStorageOpalLib.h>
#include <Library/Tcg2PhysicalPresenceLib.h>
SecurityPkg/OpalPassword: Remove HW init codes and consume SSC PPI REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1409 For the current implementation of OpalPassword drivers, it has a feature to support devices being automatically unlocked in the S3 resume. For this feature, two types of devices are supported: * ATA hard disks working under AHCI mode * NVM Express devices The support of this feature requires the above 2 types of device to be initialized at the PEI phase during S3 resume, which is done by the co-work of the OpalPasswordDxe driver and the OpalPasswordPei driver. More specifically, the OpalPasswordDxe will handle: * Pre-allocate MMIO resource and save it in a driver internal LockBox for OpalPasswordPei to retrieve; * Save the PCI configuration space of ATA controllers into boot script. Meanwhile, the OpalPasswordPei will handle: * Rely on the boot script for the PCI configuration space program of ATA controllers; * Restore the driver internal LockBox to get the MMIO resource; * Complete the PCI configuration space program for ATA and NVME controllers; * Initialize ATA and NVME controllers and devices. This commit will remove these hardware initialization related codes from the OpalPassword drivers. The hardware initialization will be covered by PEI storage device drivers (e.g. NvmExpressPei & AhciPei in the MdeModulePkg). After such codes removal, the OpalPasswordDxe will only handle: * Construct/update the S3StorageDeviceInitList LockBox with the managing ATA and NVME devices. And the OpalPasswordPei will only handle: * Locate Storage Security Command PPI instances to perform the device automatic unlock during the S3 resume. Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com>
2018-08-27 10:52:13 +02:00
#include <Library/PeiServicesTablePointerLib.h>
SecurityPkg OpalPassword: Add solution without SMM device code After IOMMU is enabled in S3, original solution with SMM device code (OpalPasswordSmm) to unlock OPAL device for S3 will not work as the DMA operation will be aborted without granted DMA buffer. Instead, this solution is to add OpalPasswordPei to eliminate SMM device code, and OPAL setup UI produced by OpalPasswordDxe will be updated to send requests (set password, update password, and etc), and then the requests will be processed in next boot before SmmReadyToLock, password and device info will be saved to lock box used by OpalPasswordPei to unlock OPAL device for S3. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
2018-02-11 04:00:44 +01:00
#include <Protocol/StorageSecurityCommand.h>
#include <Ppi/IoMmu.h>
SecurityPkg/OpalPassword: Remove HW init codes and consume SSC PPI REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1409 For the current implementation of OpalPassword drivers, it has a feature to support devices being automatically unlocked in the S3 resume. For this feature, two types of devices are supported: * ATA hard disks working under AHCI mode * NVM Express devices The support of this feature requires the above 2 types of device to be initialized at the PEI phase during S3 resume, which is done by the co-work of the OpalPasswordDxe driver and the OpalPasswordPei driver. More specifically, the OpalPasswordDxe will handle: * Pre-allocate MMIO resource and save it in a driver internal LockBox for OpalPasswordPei to retrieve; * Save the PCI configuration space of ATA controllers into boot script. Meanwhile, the OpalPasswordPei will handle: * Rely on the boot script for the PCI configuration space program of ATA controllers; * Restore the driver internal LockBox to get the MMIO resource; * Complete the PCI configuration space program for ATA and NVME controllers; * Initialize ATA and NVME controllers and devices. This commit will remove these hardware initialization related codes from the OpalPassword drivers. The hardware initialization will be covered by PEI storage device drivers (e.g. NvmExpressPei & AhciPei in the MdeModulePkg). After such codes removal, the OpalPasswordDxe will only handle: * Construct/update the S3StorageDeviceInitList LockBox with the managing ATA and NVME devices. And the OpalPasswordPei will only handle: * Locate Storage Security Command PPI instances to perform the device automatic unlock during the S3 resume. Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com>
2018-08-27 10:52:13 +02:00
#include <Ppi/StorageSecurityCommand.h>
SecurityPkg OpalPassword: Add solution without SMM device code After IOMMU is enabled in S3, original solution with SMM device code (OpalPasswordSmm) to unlock OPAL device for S3 will not work as the DMA operation will be aborted without granted DMA buffer. Instead, this solution is to add OpalPasswordPei to eliminate SMM device code, and OPAL setup UI produced by OpalPasswordDxe will be updated to send requests (set password, update password, and etc), and then the requests will be processed in next boot before SmmReadyToLock, password and device info will be saved to lock box used by OpalPasswordPei to unlock OPAL device for S3. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
2018-02-11 04:00:44 +01:00
#include "OpalPasswordCommon.h"
//
SecurityPkg/OpalPassword: Remove HW init codes and consume SSC PPI REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1409 For the current implementation of OpalPassword drivers, it has a feature to support devices being automatically unlocked in the S3 resume. For this feature, two types of devices are supported: * ATA hard disks working under AHCI mode * NVM Express devices The support of this feature requires the above 2 types of device to be initialized at the PEI phase during S3 resume, which is done by the co-work of the OpalPasswordDxe driver and the OpalPasswordPei driver. More specifically, the OpalPasswordDxe will handle: * Pre-allocate MMIO resource and save it in a driver internal LockBox for OpalPasswordPei to retrieve; * Save the PCI configuration space of ATA controllers into boot script. Meanwhile, the OpalPasswordPei will handle: * Rely on the boot script for the PCI configuration space program of ATA controllers; * Restore the driver internal LockBox to get the MMIO resource; * Complete the PCI configuration space program for ATA and NVME controllers; * Initialize ATA and NVME controllers and devices. This commit will remove these hardware initialization related codes from the OpalPassword drivers. The hardware initialization will be covered by PEI storage device drivers (e.g. NvmExpressPei & AhciPei in the MdeModulePkg). After such codes removal, the OpalPasswordDxe will only handle: * Construct/update the S3StorageDeviceInitList LockBox with the managing ATA and NVME devices. And the OpalPasswordPei will only handle: * Locate Storage Security Command PPI instances to perform the device automatic unlock during the S3 resume. Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com>
2018-08-27 10:52:13 +02:00
// The generic command timeout value (unit in us) for Storage Security Command
// PPI ReceiveData/SendData services
SecurityPkg OpalPassword: Add solution without SMM device code After IOMMU is enabled in S3, original solution with SMM device code (OpalPasswordSmm) to unlock OPAL device for S3 will not work as the DMA operation will be aborted without granted DMA buffer. Instead, this solution is to add OpalPasswordPei to eliminate SMM device code, and OPAL setup UI produced by OpalPasswordDxe will be updated to send requests (set password, update password, and etc), and then the requests will be processed in next boot before SmmReadyToLock, password and device info will be saved to lock box used by OpalPasswordPei to unlock OPAL device for S3. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
2018-02-11 04:00:44 +01:00
//
SecurityPkg/OpalPassword: Remove HW init codes and consume SSC PPI REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1409 For the current implementation of OpalPassword drivers, it has a feature to support devices being automatically unlocked in the S3 resume. For this feature, two types of devices are supported: * ATA hard disks working under AHCI mode * NVM Express devices The support of this feature requires the above 2 types of device to be initialized at the PEI phase during S3 resume, which is done by the co-work of the OpalPasswordDxe driver and the OpalPasswordPei driver. More specifically, the OpalPasswordDxe will handle: * Pre-allocate MMIO resource and save it in a driver internal LockBox for OpalPasswordPei to retrieve; * Save the PCI configuration space of ATA controllers into boot script. Meanwhile, the OpalPasswordPei will handle: * Rely on the boot script for the PCI configuration space program of ATA controllers; * Restore the driver internal LockBox to get the MMIO resource; * Complete the PCI configuration space program for ATA and NVME controllers; * Initialize ATA and NVME controllers and devices. This commit will remove these hardware initialization related codes from the OpalPassword drivers. The hardware initialization will be covered by PEI storage device drivers (e.g. NvmExpressPei & AhciPei in the MdeModulePkg). After such codes removal, the OpalPasswordDxe will only handle: * Construct/update the S3StorageDeviceInitList LockBox with the managing ATA and NVME devices. And the OpalPasswordPei will only handle: * Locate Storage Security Command PPI instances to perform the device automatic unlock during the S3 resume. Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com>
2018-08-27 10:52:13 +02:00
#define SSC_PPI_GENERIC_TIMEOUT 30000000
SecurityPkg OpalPassword: Add solution without SMM device code After IOMMU is enabled in S3, original solution with SMM device code (OpalPasswordSmm) to unlock OPAL device for S3 will not work as the DMA operation will be aborted without granted DMA buffer. Instead, this solution is to add OpalPasswordPei to eliminate SMM device code, and OPAL setup UI produced by OpalPasswordDxe will be updated to send requests (set password, update password, and etc), and then the requests will be processed in next boot before SmmReadyToLock, password and device info will be saved to lock box used by OpalPasswordPei to unlock OPAL device for S3. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
2018-02-11 04:00:44 +01:00
#pragma pack(1)
SecurityPkg/OpalPassword: Remove HW init codes and consume SSC PPI REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1409 For the current implementation of OpalPassword drivers, it has a feature to support devices being automatically unlocked in the S3 resume. For this feature, two types of devices are supported: * ATA hard disks working under AHCI mode * NVM Express devices The support of this feature requires the above 2 types of device to be initialized at the PEI phase during S3 resume, which is done by the co-work of the OpalPasswordDxe driver and the OpalPasswordPei driver. More specifically, the OpalPasswordDxe will handle: * Pre-allocate MMIO resource and save it in a driver internal LockBox for OpalPasswordPei to retrieve; * Save the PCI configuration space of ATA controllers into boot script. Meanwhile, the OpalPasswordPei will handle: * Rely on the boot script for the PCI configuration space program of ATA controllers; * Restore the driver internal LockBox to get the MMIO resource; * Complete the PCI configuration space program for ATA and NVME controllers; * Initialize ATA and NVME controllers and devices. This commit will remove these hardware initialization related codes from the OpalPassword drivers. The hardware initialization will be covered by PEI storage device drivers (e.g. NvmExpressPei & AhciPei in the MdeModulePkg). After such codes removal, the OpalPasswordDxe will only handle: * Construct/update the S3StorageDeviceInitList LockBox with the managing ATA and NVME devices. And the OpalPasswordPei will only handle: * Locate Storage Security Command PPI instances to perform the device automatic unlock during the S3 resume. Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com>
2018-08-27 10:52:13 +02:00
#define OPAL_PEI_DEVICE_SIGNATURE SIGNATURE_32 ('o', 'p', 'd', 's')
SecurityPkg OpalPassword: Add solution without SMM device code After IOMMU is enabled in S3, original solution with SMM device code (OpalPasswordSmm) to unlock OPAL device for S3 will not work as the DMA operation will be aborted without granted DMA buffer. Instead, this solution is to add OpalPasswordPei to eliminate SMM device code, and OPAL setup UI produced by OpalPasswordDxe will be updated to send requests (set password, update password, and etc), and then the requests will be processed in next boot before SmmReadyToLock, password and device info will be saved to lock box used by OpalPasswordPei to unlock OPAL device for S3. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
2018-02-11 04:00:44 +01:00
typedef struct {
SecurityPkg/OpalPassword: Remove HW init codes and consume SSC PPI REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1409 For the current implementation of OpalPassword drivers, it has a feature to support devices being automatically unlocked in the S3 resume. For this feature, two types of devices are supported: * ATA hard disks working under AHCI mode * NVM Express devices The support of this feature requires the above 2 types of device to be initialized at the PEI phase during S3 resume, which is done by the co-work of the OpalPasswordDxe driver and the OpalPasswordPei driver. More specifically, the OpalPasswordDxe will handle: * Pre-allocate MMIO resource and save it in a driver internal LockBox for OpalPasswordPei to retrieve; * Save the PCI configuration space of ATA controllers into boot script. Meanwhile, the OpalPasswordPei will handle: * Rely on the boot script for the PCI configuration space program of ATA controllers; * Restore the driver internal LockBox to get the MMIO resource; * Complete the PCI configuration space program for ATA and NVME controllers; * Initialize ATA and NVME controllers and devices. This commit will remove these hardware initialization related codes from the OpalPassword drivers. The hardware initialization will be covered by PEI storage device drivers (e.g. NvmExpressPei & AhciPei in the MdeModulePkg). After such codes removal, the OpalPasswordDxe will only handle: * Construct/update the S3StorageDeviceInitList LockBox with the managing ATA and NVME devices. And the OpalPasswordPei will only handle: * Locate Storage Security Command PPI instances to perform the device automatic unlock during the S3 resume. Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com>
2018-08-27 10:52:13 +02:00
UINTN Signature;
EFI_STORAGE_SECURITY_COMMAND_PROTOCOL Sscp;
OPAL_DEVICE_LOCKBOX_DATA *Device;
VOID *Context;
EDKII_PEI_STORAGE_SECURITY_CMD_PPI *SscPpi;
UINTN DeviceIndex;
SecurityPkg OpalPassword: Add solution without SMM device code After IOMMU is enabled in S3, original solution with SMM device code (OpalPasswordSmm) to unlock OPAL device for S3 will not work as the DMA operation will be aborted without granted DMA buffer. Instead, this solution is to add OpalPasswordPei to eliminate SMM device code, and OPAL setup UI produced by OpalPasswordDxe will be updated to send requests (set password, update password, and etc), and then the requests will be processed in next boot before SmmReadyToLock, password and device info will be saved to lock box used by OpalPasswordPei to unlock OPAL device for S3. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
2018-02-11 04:00:44 +01:00
} OPAL_PEI_DEVICE;
SecurityPkg/OpalPassword: Remove HW init codes and consume SSC PPI REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1409 For the current implementation of OpalPassword drivers, it has a feature to support devices being automatically unlocked in the S3 resume. For this feature, two types of devices are supported: * ATA hard disks working under AHCI mode * NVM Express devices The support of this feature requires the above 2 types of device to be initialized at the PEI phase during S3 resume, which is done by the co-work of the OpalPasswordDxe driver and the OpalPasswordPei driver. More specifically, the OpalPasswordDxe will handle: * Pre-allocate MMIO resource and save it in a driver internal LockBox for OpalPasswordPei to retrieve; * Save the PCI configuration space of ATA controllers into boot script. Meanwhile, the OpalPasswordPei will handle: * Rely on the boot script for the PCI configuration space program of ATA controllers; * Restore the driver internal LockBox to get the MMIO resource; * Complete the PCI configuration space program for ATA and NVME controllers; * Initialize ATA and NVME controllers and devices. This commit will remove these hardware initialization related codes from the OpalPassword drivers. The hardware initialization will be covered by PEI storage device drivers (e.g. NvmExpressPei & AhciPei in the MdeModulePkg). After such codes removal, the OpalPasswordDxe will only handle: * Construct/update the S3StorageDeviceInitList LockBox with the managing ATA and NVME devices. And the OpalPasswordPei will only handle: * Locate Storage Security Command PPI instances to perform the device automatic unlock during the S3 resume. Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com>
2018-08-27 10:52:13 +02:00
#define OPAL_PEI_DEVICE_FROM_THIS(a) \
CR (a, OPAL_PEI_DEVICE, Sscp, OPAL_PEI_DEVICE_SIGNATURE)
SecurityPkg OpalPassword: Add solution without SMM device code After IOMMU is enabled in S3, original solution with SMM device code (OpalPasswordSmm) to unlock OPAL device for S3 will not work as the DMA operation will be aborted without granted DMA buffer. Instead, this solution is to add OpalPasswordPei to eliminate SMM device code, and OPAL setup UI produced by OpalPasswordDxe will be updated to send requests (set password, update password, and etc), and then the requests will be processed in next boot before SmmReadyToLock, password and device info will be saved to lock box used by OpalPasswordPei to unlock OPAL device for S3. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
2018-02-11 04:00:44 +01:00
#pragma pack()
#endif // _OPAL_PASSWORD_PEI_H_