SecurityPkg OpalPasswordSmm: Enhance BlockSid Logic.

BlockSid feature can be retrieve from the header info.
Update the logic, check BlockSid capability before use it.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>
This commit is contained in:
Eric Dong 2016-05-04 12:48:50 +08:00 committed by Liming Gao
parent be08755355
commit 69cd129471
1 changed files with 10 additions and 5 deletions

View File

@ -181,11 +181,13 @@ ExtractDeviceInfoFromDevicePath (
This will perform a Level 0 Discovery and parse the locking feature descriptor
@param[in] OpalDev Opal object to determine if locked
@param[out] BlockSidSupported Whether device support BlockSid feature.
**/
BOOLEAN
IsOpalDeviceLocked(
OPAL_SMM_DEVICE *OpalDev
OPAL_SMM_DEVICE *OpalDev,
BOOLEAN *BlockSidSupported
)
{
OPAL_SESSION Session;
@ -204,6 +206,7 @@ IsOpalDeviceLocked(
OpalDev->OpalBaseComId = OpalBaseComId;
Session.OpalBaseComId = OpalBaseComId;
*BlockSidSupported = SupportedAttributes.BlockSid == 1 ? TRUE : FALSE;
Ret = OpalGetLockingInfo(&Session, &LockingFeature);
if (Ret != TcgResultSuccess) {
@ -346,6 +349,7 @@ SmmUnlockOpalPassword (
UINTN MemoryBase;
UINTN MemoryLength;
OPAL_SESSION Session;
BOOLEAN BlockSidSupport;
ZeroMem (StorePcieConfDataList, sizeof (StorePcieConfDataList));
Status = EFI_DEVICE_ERROR;
@ -431,13 +435,14 @@ SmmUnlockOpalPassword (
}
Status = EFI_DEVICE_ERROR;
if (IsOpalDeviceLocked(OpalDev)) {
BlockSidSupport = FALSE;
if (IsOpalDeviceLocked (OpalDev, &BlockSidSupport)) {
ZeroMem(&Session, sizeof(Session));
Session.Sscp = &OpalDev->Sscp;
Session.MediaId = 0;
Session.OpalBaseComId = OpalDev->OpalBaseComId;
if (mSendBlockSID) {
if (mSendBlockSID && BlockSidSupport) {
Result = OpalBlockSid (&Session, TRUE);
if (Result != TcgResultSuccess) {
break;