SecurityPkg OpalPassword: Add solution without SMM device code

After IOMMU is enabled in S3, original solution with SMM device code (OpalPasswordSmm) to unlock OPAL device for S3 will not work as the DMA operation will be aborted without granted DMA buffer. Instead, this solution is to add OpalPasswordPei to eliminate SMM device code, and OPAL setup UI produced by OpalPasswordDxe will be updated to send requests (set password, update password, and etc), and then the requests will be processed in next boot before SmmReadyToLock, password and device info will be saved to lock box used by OpalPasswordPei to unlock OPAL device for S3. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Eric Dong <eric.dong@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
2018-02-11 11:00:44 +08:00
parent d62cb7bb0c
commit 112e584ba0
20 changed files with 12783 additions and 0 deletions
--- a/SecurityPkg/Tcg/Opal/OpalPassword/OpalPasswordDxe.inf
+++ b/SecurityPkg/Tcg/Opal/OpalPassword/OpalPasswordDxe.inf
@@ -0,0 +1,81 @@
+## @file
+#  This is a OpalPasswordDxe driver.
+#
+#  This module is used to Management the Opal feature
+#  for Opal supported devices.
+#
+# Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR>
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+##
+[Defines]
+  INF_VERSION                    = 0x00010007
+  BASE_NAME                      = OpalPasswordDxe
+  FILE_GUID                      = E3E4048D-6C0C-43E4-AE1C-FFB579D8EF41
+  MODULE_TYPE                    = DXE_DRIVER
+  VERSION_STRING                 = 1.0
+  ENTRY_POINT                    = EfiDriverEntryPoint
+  UNLOAD_IMAGE                   = OpalEfiDriverUnload
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+#  VALID_ARCHITECTURES           = IA32 X64 IPF EBC
+#
+
+[Sources]
+  OpalDriver.c
+  OpalDriver.h
+  OpalPasswordCommon.h
+  OpalHii.c
+  OpalHii.h
+  OpalHiiCallbacks.c
+  OpalHiiFormValues.h
+  OpalHiiFormStrings.uni
+  OpalPasswordForm.vfr
+  ComponentName.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  MdeModulePkg/MdeModulePkg.dec
+  SecurityPkg/SecurityPkg.dec
+
+[LibraryClasses]
+  BaseLib
+  MemoryAllocationLib
+  UefiBootServicesTableLib
+  UefiDriverEntryPoint
+  UefiRuntimeServicesTableLib
+  DxeServicesTableLib
+  UefiHiiServicesLib
+  BaseMemoryLib
+  DebugLib
+  HiiLib
+  PrintLib
+  DevicePathLib
+  UefiLib
+  TcgStorageOpalLib
+  Tcg2PhysicalPresenceLib
+  PciLib
+  S3BootScriptLib
+  LockBoxLib
+
+[Protocols]
+  gEfiHiiConfigAccessProtocolGuid               ## PRODUCES
+  gEfiStorageSecurityCommandProtocolGuid        ## CONSUMES
+  gEfiComponentNameProtocolGuid                 ## PRODUCES
+  gEfiComponentName2ProtocolGuid                ## PRODUCES
+  gEfiBlockIoProtocolGuid                       ## CONSUMES
+  gEfiPciIoProtocolGuid                         ## CONSUMES
+  gEfiDevicePathToTextProtocolGuid              ## CONSUMES
+
+[Guids]
+  gEfiEndOfDxeEventGroupGuid                    ## CONSUMES             ## Event
+
+[Depex]
+  gEfiHiiStringProtocolGuid AND gEfiHiiDatabaseProtocolGuid