REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1529
This commit will add the 'Security feature set' support for ATA devices.
According to the AT Attachment 8 - ATA/ATAPI Command Set (ATA8-ACS)
specification, the Security feature set is an optional feature. In
summary, the feature is a password system that restricts access to user
data stored on an ATA device. A more detailed introduction of this feature
can be referred from the ATA8-ACS spec.
The HddPassword driver is composed of 2 parts:
* A DXE driver and
* A PEI driver
The DXE driver consumes EFI_ATA_PASS_THRU_PROTOCOL instances and installs
an HII GUI to manage the devices. If the managing device supports Security
feature set, the HII page will provide the user with the ability to
set/update/disable the password for this device. Also, if a password is
being set via the Security feature set, a popup window will show during
boot requesting the user to input password.
Another feature supported by this driver is that for those managing
devices with password set, they will be automatically unlocked during the
S3 resume. This is done by the co-work of the DXE driver and the PEI
driver:
The DXE driver will save the password and the identication information for
these devices into a LockBox, which is only allowed to restore during S3
resume.
The PEI driver, during S3 resume, will restore the content in the LockBox
and will consume EDKII_PEI_ATA_PASS_THRU_PPI instances to unlock devices.
Cc: Eric Dong
Cc: Ray Ni
Cc: Chao Zhang
Cc: Jiewen Yao
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu
---
SecurityPkg/SecurityPkg.dsc |6 +
SecurityPkg/HddPassword/HddPasswordDxe.inf| 75 +
SecurityPkg/HddPassword/HddPasswordPei.inf| 54 +
SecurityPkg/HddPassword/HddPasswordCommon.h | 61 +
SecurityPkg/HddPassword/HddPasswordDxe.h | 148 +
SecurityPkg/HddPassword/HddPasswordHiiDataStruc.h | 63 +
SecurityPkg/HddPassword/HddPasswordPei.h | 64 +
SecurityPkg/HddPassword/HddPassword.vfr | 188 ++
SecurityPkg/HddPassword/HddPasswordDxe.c | 2816
SecurityPkg/HddPassword/HddPasswordPei.c | 461
SecurityPkg/HddPassword/HddPasswordStrings.uni| 48 +
11 files changed, 3984 insertions(+)
diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc
index ab887e8c4d..5577ff0687 100644
--- a/SecurityPkg/SecurityPkg.dsc
+++ b/SecurityPkg/SecurityPkg.dsc
@@ -287,6 +287,12 @@
SecurityPkg/Tcg/Opal/OpalPassword/OpalPasswordDxe.inf
SecurityPkg/Tcg/Opal/OpalPassword/OpalPasswordPei.inf
+ #
+ # HDD Password solution
+ #
+ SecurityPkg/HddPassword/HddPasswordDxe.inf
+ SecurityPkg/HddPassword/HddPasswordPei.inf
+
[BuildOptions]
MSFT:*_*_IA32_DLINK_FLAGS = /ALIGN:256
INTEL:*_*_IA32_DLINK_FLAGS = /ALIGN:256
diff --git a/SecurityPkg/HddPassword/HddPasswordDxe.inf
b/SecurityPkg/HddPassword/HddPasswordDxe.inf
new file mode 100644
index 00..7a3fc2f88c
--- /dev/null
+++ b/SecurityPkg/HddPassword/HddPasswordDxe.inf
@@ -0,0 +1,75 @@
+## @file
+# HddPasswordDxe driver which is used to set/clear hdd password at attached
harddisk
+# devices.
+#
+# Copyright (c) 2019, Intel Corporation. All rights reserved.
+#
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD
License
+# which accompanies this distribution. The full text of the license may be
found at
+# http://opensource.org/licenses/bsd-license.php
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR
IMPLIED.
+#
+##
+
+[Defines]
+ INF_VERSION= 0x00010005
+ BASE_NAME = HddPasswordDxe
+ FILE_GUID = 9BD549CD-86D1-4925-9F7D-3686DDD876FC
+ MODULE_TYPE= DXE_DRIVER
+ VERSION_STRING = 1.0
+ ENTRY_POINT= HddPasswordDxeInit
+
+#
+# The following information is for reference only and not required by the
build tools.
+#
+# VALID_ARCHITECTURES = IA32 X64 IPF EBC
+#
+
+[Sources]
+ HddPasswordDxe.c
+ HddPasswordDxe.h
+ HddPasswordHiiDataStruc.h
+ HddPassword.vfr
+ HddPasswordStrings.uni
+ HddPasswordCommon.h
+
+[Packages]
+ MdePkg/MdePkg.dec
+ MdeModulePkg/MdeModulePkg.dec
+ CryptoPkg/CryptoPkg.dec
+
+[LibraryClasses]
+ BaseLib
+ MemoryAllocationLib
+ UefiBootServicesTableLib
+ UefiDriverEntryPoint
+ UefiHiiServicesLib
+ UefiRuntimeServicesTableLib
+ DxeServicesTableLib
+ BaseMemoryLib
+ DebugLib
+ HiiLib
+ PrintLib
+ UefiLib
+ LockBoxLib
+ S3BootScriptLib
+ PciLib
+ BaseCryptLib
+
+[Guids]
+ gEfiIfrTianoGuid ## CONSUMES ## GUID
+ gEfiEndOfDxeEventGroupGuid## CONSUMES ## Event
+ gS3StorageDeviceInitListGuid ## SOMETIMES_PRODUCES ##
UNDEFINED
+