tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SecurityPkg/OpalPassword: Add warning message for Secure Erase 

https://bugzilla.tianocore.org/show_bug.cgi?id=1753
Add pop-up warning messages before secure erase action.
In order to notify user the secure erase action will take a longer time.
This change also fix some pop-up windows are unable to show up
complete message due to some strings are too long.

Signed-off-by: Maggie Chu <maggie.chu@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
This commit is contained in:
Chu, Maggie 2019-05-07 14:19:35 +08:00 committed by Eric Dong
parent fbb0ec7ea4
commit f5245a1db1
2 changed files with 112 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

131
SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c
View File

@ -487,6 +487,7 @@ OpalEndOfDxeEventNotify (
OPAL request. OPAL request.
@param[in] PopUpString Pop up string. @param[in] PopUpString Pop up string.
@param[in] PopUpString2 Pop up string in line 2. @param[in] PopUpString2 Pop up string in line 2.
@param[in] PopUpString3 Pop up string in line 3.
@param[out] PressEsc Whether user escape function through Press ESC. @param[out] PressEsc Whether user escape function through Press ESC.
@ -498,6 +499,7 @@ OpalDriverPopUpPsidInput (
IN OPAL_DRIVER_DEVICE *Dev, IN OPAL_DRIVER_DEVICE *Dev,
IN CHAR16 *PopUpString, IN CHAR16 *PopUpString,
IN CHAR16 *PopUpString2, IN CHAR16 *PopUpString2,
IN CHAR16 *PopUpString3,
OUT BOOLEAN *PressEsc OUT BOOLEAN *PressEsc
) )
{ {
@ -527,15 +529,28 @@ OpalDriverPopUpPsidInput (
NULL NULL
); );
} else { } else {
CreatePopUp ( if (PopUpString3 == NULL) {
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, CreatePopUp (
&InputKey, EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
PopUpString, &InputKey,
PopUpString2, PopUpString,
L"---------------------", PopUpString2,
Mask, L"---------------------",
NULL Mask,
); NULL
);
} else {
CreatePopUp (
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
&InputKey,
PopUpString,
PopUpString2,
PopUpString3,
L"---------------------",
Mask,
NULL
);
}
} }
// //
@ -625,6 +640,7 @@ OpalDriverPopUpPsidInput (
process OPAL request. process OPAL request.
@param[in] PopUpString1 Pop up string 1. @param[in] PopUpString1 Pop up string 1.
@param[in] PopUpString2 Pop up string 2. @param[in] PopUpString2 Pop up string 2.
@param[in] PopUpString3 Pop up string 3.
@param[out] PressEsc Whether user escape function through Press ESC. @param[out] PressEsc Whether user escape function through Press ESC.
@retval Password string if success. NULL if failed. @retval Password string if success. NULL if failed.
@ -635,6 +651,7 @@ OpalDriverPopUpPasswordInput (
IN OPAL_DRIVER_DEVICE *Dev, IN OPAL_DRIVER_DEVICE *Dev,
IN CHAR16 *PopUpString1, IN CHAR16 *PopUpString1,
IN CHAR16 *PopUpString2, IN CHAR16 *PopUpString2,
IN CHAR16 *PopUpString3,
OUT BOOLEAN *PressEsc OUT BOOLEAN *PressEsc
) )
{ {
@ -664,15 +681,28 @@ OpalDriverPopUpPasswordInput (
NULL NULL
); );
} else { } else {
CreatePopUp ( if (PopUpString3 == NULL) {
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, CreatePopUp (
&InputKey, EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
PopUpString1, &InputKey,
PopUpString2, PopUpString1,
L"---------------------", PopUpString2,
Mask, L"---------------------",
NULL Mask,
); NULL
);
} else {
CreatePopUp (
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
&InputKey,
PopUpString1,
PopUpString2,
PopUpString3,
L"---------------------",
Mask,
NULL
);
}
} }
// //
@ -823,7 +853,7 @@ OpalDriverRequestPassword (
} }
while (Count < MAX_PASSWORD_TRY_COUNT) { while (Count < MAX_PASSWORD_TRY_COUNT) {
Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, NULL, &PressEsc); Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, NULL, NULL, &PressEsc);
if (PressEsc) { if (PressEsc) {
if (IsLocked) { if (IsLocked) {
// //
@ -988,7 +1018,7 @@ ProcessOpalRequestEnableFeature (
Session.OpalBaseComId = Dev->OpalDisk.OpalBaseComId; Session.OpalBaseComId = Dev->OpalDisk.OpalBaseComId;
while (Count < MAX_PASSWORD_TRY_COUNT) { while (Count < MAX_PASSWORD_TRY_COUNT) {
Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please type in your new password", &PressEsc); Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please type in your new password", NULL, &PressEsc);
if (PressEsc) { if (PressEsc) {
do { do {
CreatePopUp ( CreatePopUp (
@ -1017,7 +1047,7 @@ ProcessOpalRequestEnableFeature (
} }
PasswordLen = (UINT32) AsciiStrLen(Password); PasswordLen = (UINT32) AsciiStrLen(Password);
PasswordConfirm = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please confirm your new password", &PressEsc); PasswordConfirm = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please confirm your new password", NULL, &PressEsc);
if (PasswordConfirm == NULL) { if (PasswordConfirm == NULL) {
ZeroMem (Password, PasswordLen); ZeroMem (Password, PasswordLen);
FreePool (Password); FreePool (Password);
@ -1132,7 +1162,7 @@ ProcessOpalRequestDisableUser (
Session.OpalBaseComId = Dev->OpalDisk.OpalBaseComId; Session.OpalBaseComId = Dev->OpalDisk.OpalBaseComId;
while (Count < MAX_PASSWORD_TRY_COUNT) { while (Count < MAX_PASSWORD_TRY_COUNT) {
Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, NULL, &PressEsc); Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, NULL, NULL, &PressEsc);
if (PressEsc) { if (PressEsc) {
do { do {
CreatePopUp ( CreatePopUp (
@ -1227,6 +1257,7 @@ ProcessOpalRequestPsidRevert (
TCG_RESULT Ret; TCG_RESULT Ret;
CHAR16 *PopUpString; CHAR16 *PopUpString;
CHAR16 *PopUpString2; CHAR16 *PopUpString2;
CHAR16 *PopUpString3;
UINTN BufferSize; UINTN BufferSize;
if (Dev == NULL) { if (Dev == NULL) {
@ -1238,17 +1269,19 @@ ProcessOpalRequestPsidRevert (
PopUpString = OpalGetPopUpString (Dev, RequestString); PopUpString = OpalGetPopUpString (Dev, RequestString);
if (Dev->OpalDisk.EstimateTimeCost > MAX_ACCEPTABLE_REVERTING_TIME) { if (Dev->OpalDisk.EstimateTimeCost > MAX_ACCEPTABLE_REVERTING_TIME) {
BufferSize = StrSize (L"Warning: Revert action will take about ####### seconds, DO NOT power off system during the revert action!"); BufferSize = StrSize (L"Warning: Revert action will take about ####### seconds");
PopUpString2 = AllocateZeroPool (BufferSize); PopUpString2 = AllocateZeroPool (BufferSize);
ASSERT (PopUpString2 != NULL); ASSERT (PopUpString2 != NULL);
UnicodeSPrint ( UnicodeSPrint (
PopUpString2, PopUpString2,
BufferSize, BufferSize,
L"WARNING: Revert action will take about %d seconds, DO NOT power off system during the revert action!", L"WARNING: Revert action will take about %d seconds",
Dev->OpalDisk.EstimateTimeCost Dev->OpalDisk.EstimateTimeCost
); );
PopUpString3 = L"DO NOT power off system during the revert action!";
} else { } else {
PopUpString2 = NULL; PopUpString2 = NULL;
PopUpString3 = NULL;
} }
Count = 0; Count = 0;
@ -1259,7 +1292,7 @@ ProcessOpalRequestPsidRevert (
Session.OpalBaseComId = Dev->OpalDisk.OpalBaseComId; Session.OpalBaseComId = Dev->OpalDisk.OpalBaseComId;
while (Count < MAX_PSID_TRY_COUNT) { while (Count < MAX_PSID_TRY_COUNT) {
Psid = OpalDriverPopUpPsidInput (Dev, PopUpString, PopUpString2, &PressEsc); Psid = OpalDriverPopUpPsidInput (Dev, PopUpString, PopUpString2, PopUpString3, &PressEsc);
if (PressEsc) { if (PressEsc) {
do { do {
CreatePopUp ( CreatePopUp (
@ -1361,6 +1394,7 @@ ProcessOpalRequestRevert (
BOOLEAN PasswordFailed; BOOLEAN PasswordFailed;
CHAR16 *PopUpString; CHAR16 *PopUpString;
CHAR16 *PopUpString2; CHAR16 *PopUpString2;
CHAR16 *PopUpString3;
UINTN BufferSize; UINTN BufferSize;
if (Dev == NULL) { if (Dev == NULL) {
@ -1373,17 +1407,19 @@ ProcessOpalRequestRevert (
if ((!KeepUserData) && if ((!KeepUserData) &&
(Dev->OpalDisk.EstimateTimeCost > MAX_ACCEPTABLE_REVERTING_TIME)) { (Dev->OpalDisk.EstimateTimeCost > MAX_ACCEPTABLE_REVERTING_TIME)) {
BufferSize = StrSize (L"Warning: Revert action will take about ####### seconds, DO NOT power off system during the revert action!"); BufferSize = StrSize (L"Warning: Revert action will take about ####### seconds");
PopUpString2 = AllocateZeroPool (BufferSize); PopUpString2 = AllocateZeroPool (BufferSize);
ASSERT (PopUpString2 != NULL); ASSERT (PopUpString2 != NULL);
UnicodeSPrint ( UnicodeSPrint (
PopUpString2, PopUpString2,
BufferSize, BufferSize,
L"WARNING: Revert action will take about %d seconds, DO NOT power off system during the revert action!", L"WARNING: Revert action will take about %d seconds",
Dev->OpalDisk.EstimateTimeCost Dev->OpalDisk.EstimateTimeCost
); );
PopUpString3 = L"DO NOT power off system during the revert action!";
} else { } else {
PopUpString2 = NULL; PopUpString2 = NULL;
PopUpString3 = NULL;
} }
Count = 0; Count = 0;
@ -1394,7 +1430,7 @@ ProcessOpalRequestRevert (
Session.OpalBaseComId = Dev->OpalDisk.OpalBaseComId; Session.OpalBaseComId = Dev->OpalDisk.OpalBaseComId;
while (Count < MAX_PASSWORD_TRY_COUNT) { while (Count < MAX_PASSWORD_TRY_COUNT) {
Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, PopUpString2, &PressEsc); Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, PopUpString2, PopUpString3, &PressEsc);
if (PressEsc) { if (PressEsc) {
do { do {
CreatePopUp ( CreatePopUp (
@ -1520,6 +1556,9 @@ ProcessOpalRequestSecureErase (
TCG_RESULT Ret; TCG_RESULT Ret;
BOOLEAN PasswordFailed; BOOLEAN PasswordFailed;
CHAR16 *PopUpString; CHAR16 *PopUpString;
CHAR16 *PopUpString2;
CHAR16 *PopUpString3;
UINTN BufferSize;
if (Dev == NULL) { if (Dev == NULL) {
return; return;
@ -1529,6 +1568,21 @@ ProcessOpalRequestSecureErase (
PopUpString = OpalGetPopUpString (Dev, RequestString); PopUpString = OpalGetPopUpString (Dev, RequestString);
if (Dev->OpalDisk.EstimateTimeCost > MAX_ACCEPTABLE_REVERTING_TIME) {
BufferSize = StrSize (L"Warning: Secure erase action will take about ####### seconds");
PopUpString2 = AllocateZeroPool (BufferSize);
ASSERT (PopUpString2 != NULL);
UnicodeSPrint (
PopUpString2,
BufferSize,
L"WARNING: Secure erase action will take about %d seconds",
Dev->OpalDisk.EstimateTimeCost
);
PopUpString3 = L"DO NOT power off system during the action!";
} else {
PopUpString2 = NULL;
PopUpString3 = NULL;
}
Count = 0; Count = 0;
ZeroMem(&Session, sizeof(Session)); ZeroMem(&Session, sizeof(Session));
@ -1537,7 +1591,7 @@ ProcessOpalRequestSecureErase (
Session.OpalBaseComId = Dev->OpalDisk.OpalBaseComId; Session.OpalBaseComId = Dev->OpalDisk.OpalBaseComId;
while (Count < MAX_PASSWORD_TRY_COUNT) { while (Count < MAX_PASSWORD_TRY_COUNT) {
Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, NULL, &PressEsc); Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, PopUpString2, PopUpString3, &PressEsc);
if (PressEsc) { if (PressEsc) {
do { do {
CreatePopUp ( CreatePopUp (
@ -1551,7 +1605,7 @@ ProcessOpalRequestSecureErase (
if (Key.UnicodeChar == CHAR_CARRIAGE_RETURN) { if (Key.UnicodeChar == CHAR_CARRIAGE_RETURN) {
gST->ConOut->ClearScreen(gST->ConOut); gST->ConOut->ClearScreen(gST->ConOut);
return; goto Done;
} else { } else {
// //
// Let user input password again. // Let user input password again.
@ -1608,6 +1662,11 @@ ProcessOpalRequestSecureErase (
} while (Key.UnicodeChar != CHAR_CARRIAGE_RETURN); } while (Key.UnicodeChar != CHAR_CARRIAGE_RETURN);
gST->ConOut->ClearScreen(gST->ConOut); gST->ConOut->ClearScreen(gST->ConOut);
} }
Done:
if (PopUpString2 != NULL) {
FreePool (PopUpString2);
}
} }
/** /**
@ -1647,7 +1706,7 @@ ProcessOpalRequestSetUserPwd (
Count = 0; Count = 0;
while (Count < MAX_PASSWORD_TRY_COUNT) { while (Count < MAX_PASSWORD_TRY_COUNT) {
OldPassword = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please type in your password", &PressEsc); OldPassword = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please type in your password", NULL, &PressEsc);
if (PressEsc) { if (PressEsc) {
do { do {
CreatePopUp ( CreatePopUp (
@ -1705,7 +1764,7 @@ ProcessOpalRequestSetUserPwd (
} }
} }
Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please type in your new password", &PressEsc); Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please type in your new password", NULL, &PressEsc);
if (Password == NULL) { if (Password == NULL) {
ZeroMem (OldPassword, OldPasswordLen); ZeroMem (OldPassword, OldPasswordLen);
FreePool (OldPassword); FreePool (OldPassword);
@ -1714,7 +1773,7 @@ ProcessOpalRequestSetUserPwd (
} }
PasswordLen = (UINT32) AsciiStrLen(Password); PasswordLen = (UINT32) AsciiStrLen(Password);
PasswordConfirm = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please confirm your new password", &PressEsc); PasswordConfirm = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please confirm your new password", NULL, &PressEsc);
if (PasswordConfirm == NULL) { if (PasswordConfirm == NULL) {
ZeroMem (OldPassword, OldPasswordLen); ZeroMem (OldPassword, OldPasswordLen);
FreePool (OldPassword); FreePool (OldPassword);
@ -1846,7 +1905,7 @@ ProcessOpalRequestSetAdminPwd (
Count = 0; Count = 0;
while (Count < MAX_PASSWORD_TRY_COUNT) { while (Count < MAX_PASSWORD_TRY_COUNT) {
OldPassword = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please type in your password", &PressEsc); OldPassword = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please type in your password", NULL, &PressEsc);
if (PressEsc) { if (PressEsc) {
do { do {
CreatePopUp ( CreatePopUp (
@ -1899,7 +1958,7 @@ ProcessOpalRequestSetAdminPwd (
continue; continue;
} }
Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please type in your new password", &PressEsc); Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please type in your new password", NULL, &PressEsc);
if (Password == NULL) { if (Password == NULL) {
ZeroMem (OldPassword, OldPasswordLen); ZeroMem (OldPassword, OldPasswordLen);
FreePool (OldPassword); FreePool (OldPassword);
@ -1908,7 +1967,7 @@ ProcessOpalRequestSetAdminPwd (
} }
PasswordLen = (UINT32) AsciiStrLen(Password); PasswordLen = (UINT32) AsciiStrLen(Password);
PasswordConfirm = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please confirm your new password", &PressEsc); PasswordConfirm = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please confirm your new password", NULL, &PressEsc);
if (PasswordConfirm == NULL) { if (PasswordConfirm == NULL) {
ZeroMem (OldPassword, OldPasswordLen); ZeroMem (OldPassword, OldPasswordLen);
FreePool (OldPassword); FreePool (OldPassword);

23
SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c
View File

@ -511,13 +511,15 @@ GetDiskNameStringId(
/** /**
Confirm whether user truly want to do the revert action. Confirm whether user truly want to do the revert action.
@param OpalDisk The device which need to do the revert action. @param OpalDisk The device which need to perform data removal action.
@param ActionString Specifies the action name shown on pop up menu.
@retval EFI_SUCCESS Confirmed user want to do the revert action. @retval EFI_SUCCESS Confirmed user want to do the revert action.
**/ **/
EFI_STATUS EFI_STATUS
HiiConfirmRevertAction ( HiiConfirmDataRemovalAction (
IN OPAL_DISK *OpalDisk IN OPAL_DISK *OpalDisk,
IN CHAR16 *ActionString
) )
{ {
@ -537,14 +539,14 @@ HiiConfirmRevertAction (
ApproveResponse = L'Y'; ApproveResponse = L'Y';
RejectResponse = L'N'; RejectResponse = L'N';
UnicodeSPrint(Unicode, StrSize(L"WARNING: Revert device needs about ####### seconds"), L"WARNING: Revert device needs about %d seconds", OpalDisk->EstimateTimeCost); UnicodeSPrint(Unicode, StrSize(L"WARNING: ############# action needs about ####### seconds"), L"WARNING: %s action needs about %d seconds", ActionString, OpalDisk->EstimateTimeCost);
do { do {
CreatePopUp( CreatePopUp(
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
&Key, &Key,
Unicode, Unicode,
L" System should not be powered off until revert completion ", L" System should not be powered off until action completion ",
L" ", L" ",
L" Press 'Y/y' to continue, press 'N/n' to cancal ", L" Press 'Y/y' to continue, press 'N/n' to cancal ",
NULL NULL
@ -634,7 +636,16 @@ DriverCallback(
case HII_KEY_ID_PSID_REVERT: case HII_KEY_ID_PSID_REVERT:
OpalDisk = HiiGetOpalDiskCB(gHiiConfiguration.SelectedDiskIndex); OpalDisk = HiiGetOpalDiskCB(gHiiConfiguration.SelectedDiskIndex);
if (OpalDisk != NULL) { if (OpalDisk != NULL) {
return HiiConfirmRevertAction (OpalDisk); return HiiConfirmDataRemovalAction (OpalDisk, L"Revert");
} else {
ASSERT (FALSE);
return EFI_SUCCESS;
}
case HII_KEY_ID_SECURE_ERASE:
OpalDisk = HiiGetOpalDiskCB(gHiiConfiguration.SelectedDiskIndex);
if (OpalDisk != NULL) {
return HiiConfirmDataRemovalAction (OpalDisk, L"Secure erase");
} else { } else {
ASSERT (FALSE); ASSERT (FALSE);
return EFI_SUCCESS; return EFI_SUCCESS;