SecurityPkg/HddPassword: Add Security feature set support for ATA dev

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1529 This commit will add the 'Security feature set' support for ATA devices. According to the AT Attachment 8 - ATA/ATAPI Command Set (ATA8-ACS) specification, the Security feature set is an optional feature. In summary, the feature is a password system that restricts access to user data stored on an ATA device. A more detailed introduction of this feature can be referred from the ATA8-ACS spec. The HddPassword driver is composed of 2 parts: * A DXE driver and * A PEI driver The DXE driver consumes EFI_ATA_PASS_THRU_PROTOCOL instances and installs an HII GUI to manage the devices. If the managing device supports Security feature set, the HII page will provide the user with the ability to set/update/disable the password for this device. Also, if a password is being set via the Security feature set, a popup window will show during boot requesting the user to input password. Another feature supported by this driver is that for those managing devices with password set, they will be automatically unlocked during the S3 resume. This is done by the co-work of the DXE driver and the PEI driver: The DXE driver will save the password and the identification information for these devices into a LockBox, which is only allowed to restore during S3 resume. The PEI driver, during S3 resume, will restore the content in the LockBox and will consume EDKII_PEI_ATA_PASS_THRU_PPI instances to unlock devices. Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Ray Ni <ray.ni@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com>
2019-01-15 16:33:09 +08:00
parent a3efbc29c4
commit e8959f8100
11 changed files with 3873 additions and 0 deletions
--- a/SecurityPkg/HddPassword/HddPasswordHiiDataStruc.h
+++ b/SecurityPkg/HddPassword/HddPasswordHiiDataStruc.h
@@ -0,0 +1,63 @@
+/** @file
+  HddPassword HII data structure used by the driver.
+
+  Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
+
+  This program and the accompanying materials
+  are licensed and made available under the terms and conditions
+  of the BSD License which accompanies this distribution.  The
+  full text of the license may be found at
+  http://opensource.org/licenses/bsd-license.php
+
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#ifndef _HDD_PASSWORD_HII_DATASTRUC_H_
+#define _HDD_PASSWORD_HII_DATASTRUC_H_
+
+#include <Guid/HiiPlatformSetupFormset.h>
+
+#define HDD_PASSWORD_CONFIG_GUID \
+  { \
+    0x737cded7, 0x448b, 0x4801, { 0xb5, 0x7d, 0xb1, 0x94, 0x83, 0xec, 0x60, 0x6f } \
+  }
+
+#define FORMID_HDD_MAIN_FORM          1
+#define FORMID_HDD_DEVICE_FORM        2
+
+#define HDD_DEVICE_ENTRY_LABEL        0x1234
+#define HDD_DEVICE_LABEL_END          0xffff
+
+#define KEY_HDD_DEVICE_ENTRY_BASE     0x1000
+
+#define KEY_HDD_USER_PASSWORD         0x101
+#define KEY_HDD_MASTER_PASSWORD       0x102
+
+#pragma pack(1)
+
+typedef struct {
+  UINT8     Supported:1;
+  UINT8     Enabled:1;
+  UINT8     Locked:1;
+  UINT8     Frozen:1;
+  UINT8     UserPasswordStatus:1;
+  UINT8     MasterPasswordStatus:1;
+  UINT8     Reserved:2;
+} HDD_PASSWORD_SECURITY_STATUS;
+
+typedef struct {
+  UINT8     UserPassword:1;
+  UINT8     MasterPassword:1;
+  UINT8     Reserved:6;
+} HDD_PASSWORD_REQUEST;
+
+typedef struct _HDD_PASSWORD_CONFIG {
+  HDD_PASSWORD_SECURITY_STATUS  SecurityStatus;
+  HDD_PASSWORD_REQUEST          Request;
+} HDD_PASSWORD_CONFIG;
+
+#pragma pack()
+
+#endif