From 6c128c65b5ec0e5b8b5a0ccb165f3afd29e485f8 Mon Sep 17 00:00:00 2001 From: Guo Mang Date: Wed, 2 Aug 2017 09:54:47 +0800 Subject: Remove core packages since we can get them from edk2 repository Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Guo Mang --- SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.c | 384 --------------------- SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.h | 48 --- SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf | 67 ---- SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.uni | Bin 1808 -> 0 bytes .../Tcg/MemoryOverwriteControl/TcgMorExtra.uni | Bin 1352 -> 0 bytes 5 files changed, 499 deletions(-) delete mode 100644 SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.c delete mode 100644 SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.h delete mode 100644 SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf delete mode 100644 SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.uni delete mode 100644 SecurityPkg/Tcg/MemoryOverwriteControl/TcgMorExtra.uni (limited to 'SecurityPkg/Tcg/MemoryOverwriteControl') diff --git a/SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.c b/SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.c deleted file mode 100644 index e691a084d0..0000000000 --- a/SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.c +++ /dev/null @@ -1,384 +0,0 @@ -/** @file - TCG MOR (Memory Overwrite Request) Control Driver. - - This driver initilize MemoryOverwriteRequestControl variable. It - will clear MOR_CLEAR_MEMORY_BIT bit if it is set. It will also do TPer Reset for - those encrypted drives through EFI_STORAGE_SECURITY_COMMAND_PROTOCOL at EndOfDxe. - -Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.
-This program and the accompanying materials -are licensed and made available under the terms and conditions of the BSD License -which accompanies this distribution. The full text of the license may be found at -http://opensource.org/licenses/bsd-license.php - -THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. - -**/ - -#include "TcgMor.h" - -UINT8 mMorControl; - -/** - Ready to Boot Event notification handler. - - Sequence of OS boot events is measured in this event notification handler. - - @param[in] Event Event whose notification function is being invoked - @param[in] Context Pointer to the notification function's context - -**/ -VOID -EFIAPI -OnReadyToBoot ( - IN EFI_EVENT Event, - IN VOID *Context - ) -{ - EFI_STATUS Status; - UINTN DataSize; - - if (MOR_CLEAR_MEMORY_VALUE (mMorControl) == 0x0) { - // - // MorControl is expected, directly return to avoid unnecessary variable operation - // - return ; - } - // - // Clear MOR_CLEAR_MEMORY_BIT - // - DEBUG ((EFI_D_INFO, "TcgMor: Clear MorClearMemory bit\n")); - mMorControl &= 0xFE; - - DataSize = sizeof (mMorControl); - Status = gRT->SetVariable ( - MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME, - &gEfiMemoryOverwriteControlDataGuid, - EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS, - DataSize, - &mMorControl - ); - if (EFI_ERROR (Status)) { - DEBUG ((EFI_D_ERROR, "TcgMor: Clear MOR_CLEAR_MEMORY_BIT failure, Status = %r\n")); - } -} - -/** - Send TPer Reset command to reset eDrive to lock all protected bands. - Typically, there are 2 mechanism for resetting eDrive. They are: - 1. TPer Reset through IEEE 1667 protocol. - 2. TPer Reset through native TCG protocol. - This routine will detect what protocol the attached eDrive comform to, TCG or - IEEE 1667 protocol. Then send out TPer Reset command separately. - - @param[in] Ssp The pointer to EFI_STORAGE_SECURITY_COMMAND_PROTOCOL instance. - @param[in] MediaId ID of the medium to receive data from or send data to. - -**/ -VOID -InitiateTPerReset ( - IN EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *Ssp, - IN UINT32 MediaId - ) -{ - - EFI_STATUS Status; - UINT8 *Buffer; - UINTN XferSize; - UINTN Len; - UINTN Index; - BOOLEAN TcgFlag; - BOOLEAN IeeeFlag; - SUPPORTED_SECURITY_PROTOCOLS_PARAMETER_DATA *Data; - - Buffer = NULL; - TcgFlag = FALSE; - IeeeFlag = FALSE; - - // - // ATA8-ACS 7.57.6.1 indicates the Transfer Length field requirements a multiple of 512. - // If the length of the TRUSTED RECEIVE parameter data is greater than the Transfer Length, - // then the device shall return the TRUSTED RECEIVE parameter data truncated to the requested Transfer Length. - // - Len = ROUNDUP512(sizeof(SUPPORTED_SECURITY_PROTOCOLS_PARAMETER_DATA)); - Buffer = AllocateZeroPool(Len); - - if (Buffer == NULL) { - return; - } - - // - // When the Security Protocol field is set to 00h, and SP Specific is set to 0000h in a TRUSTED RECEIVE - // command, the device basic information data shall be returned. - // - Status = Ssp->ReceiveData ( - Ssp, - MediaId, - 100000000, // Timeout 10-sec - 0, // SecurityProtocol - 0, // SecurityProtocolSpecifcData - Len, // PayloadBufferSize, - Buffer, // PayloadBuffer - &XferSize - ); - if (EFI_ERROR (Status)) { - goto Exit; - } - - // - // In returned data, the ListLength field indicates the total length, in bytes, - // of the supported security protocol list. - // - Data = (SUPPORTED_SECURITY_PROTOCOLS_PARAMETER_DATA*)Buffer; - Len = ROUNDUP512(sizeof (SUPPORTED_SECURITY_PROTOCOLS_PARAMETER_DATA) + - (Data->SupportedSecurityListLength[0] << 8) + - (Data->SupportedSecurityListLength[1]) - ); - - // - // Free original buffer and allocate new buffer. - // - FreePool(Buffer); - Buffer = AllocateZeroPool(Len); - if (Buffer == NULL) { - return; - } - - // - // Read full supported security protocol list from device. - // - Status = Ssp->ReceiveData ( - Ssp, - MediaId, - 100000000, // Timeout 10-sec - 0, // SecurityProtocol - 0, // SecurityProtocolSpecifcData - Len, // PayloadBufferSize, - Buffer, // PayloadBuffer - &XferSize - ); - - if (EFI_ERROR (Status)) { - goto Exit; - } - - Data = (SUPPORTED_SECURITY_PROTOCOLS_PARAMETER_DATA*)Buffer; - Len = (Data->SupportedSecurityListLength[0] << 8) + Data->SupportedSecurityListLength[1]; - - // - // Iterate full supported security protocol list to check if TCG or IEEE 1667 protocol - // is supported. - // - for (Index = 0; Index < Len; Index++) { - if (Data->SupportedSecurityProtocol[Index] == SECURITY_PROTOCOL_TCG) { - // - // Found a TCG device. - // - TcgFlag = TRUE; - DEBUG ((EFI_D_INFO, "This device is a TCG protocol device\n")); - break; - } - - if (Data->SupportedSecurityProtocol[Index] == SECURITY_PROTOCOL_IEEE1667) { - // - // Found a IEEE 1667 device. - // - IeeeFlag = TRUE; - DEBUG ((EFI_D_INFO, "This device is a IEEE 1667 protocol device\n")); - break; - } - } - - if (!TcgFlag && !IeeeFlag) { - DEBUG ((EFI_D_INFO, "Neither a TCG nor IEEE 1667 protocol device is found\n")); - goto Exit; - } - - if (TcgFlag) { - // - // As long as TCG protocol is supported, send out a TPer Reset - // TCG command to the device via the TrustedSend command with a non-zero Transfer Length. - // - Status = Ssp->SendData ( - Ssp, - MediaId, - 100000000, // Timeout 10-sec - SECURITY_PROTOCOL_TCG, // SecurityProtocol - 0x0400, // SecurityProtocolSpecifcData - 512, // PayloadBufferSize, - Buffer // PayloadBuffer - ); - - if (!EFI_ERROR (Status)) { - DEBUG ((EFI_D_INFO, "Send TPer Reset Command Successfully !\n")); - } else { - DEBUG ((EFI_D_INFO, "Send TPer Reset Command Fail !\n")); - } - } - - if (IeeeFlag) { - // - // TBD : Perform a TPer Reset via IEEE 1667 Protocol - // - DEBUG ((EFI_D_INFO, "IEEE 1667 Protocol didn't support yet!\n")); - } - -Exit: - - if (Buffer != NULL) { - FreePool(Buffer); - } -} - -/** - Notification function of END_OF_DXE. - - This is a notification function registered on END_OF_DXE event. - It is to get VarCheckPcdBin. - - @param[in] Event Event whose notification function is being invoked. - @param[in] Context Pointer to the notification function's context. - -**/ -VOID -EFIAPI -TPerResetAtEndOfDxe ( - IN EFI_EVENT Event, - IN VOID *Context - ) -{ - EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *Ssp; - EFI_BLOCK_IO_PROTOCOL *BlockIo; - EFI_STATUS Status; - UINTN HandleCount; - EFI_HANDLE *HandleBuffer; - UINTN Index; - - // - // Locate all SSP protocol instances. - // - HandleCount = 0; - HandleBuffer = NULL; - - Status = gBS->LocateHandleBuffer ( - ByProtocol, - &gEfiStorageSecurityCommandProtocolGuid, - NULL, - &HandleCount, - &HandleBuffer - ); - - if (EFI_ERROR (Status) || (HandleCount == 0) || (HandleBuffer == NULL)) { - return; - } - - for (Index = 0; Index < HandleCount; Index ++) { - // - // Get the SSP interface. - // - Status = gBS->HandleProtocol( - HandleBuffer[Index], - &gEfiStorageSecurityCommandProtocolGuid, - (VOID **) &Ssp - ); - - if (EFI_ERROR (Status)) { - continue; - } - - Status = gBS->HandleProtocol( - HandleBuffer[Index], - &gEfiBlockIoProtocolGuid, - (VOID **) &BlockIo - ); - - if (EFI_ERROR (Status)) { - continue; - } - - InitiateTPerReset (Ssp, BlockIo->Media->MediaId); - } -} - -/** - Entry Point for TCG MOR Control driver. - - @param[in] ImageHandle Image handle of this driver. - @param[in] SystemTable A Pointer to the EFI System Table. - - @retval EFI_SUCEESS - @return Others Some error occurs. -**/ -EFI_STATUS -EFIAPI -MorDriverEntryPoint ( - IN EFI_HANDLE ImageHandle, - IN EFI_SYSTEM_TABLE *SystemTable - ) -{ - EFI_STATUS Status; - UINTN DataSize; - EFI_EVENT Event; - - /// - /// The firmware is required to create the MemoryOverwriteRequestControl UEFI variable. - /// - - DataSize = sizeof (mMorControl); - Status = gRT->GetVariable ( - MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME, - &gEfiMemoryOverwriteControlDataGuid, - NULL, - &DataSize, - &mMorControl - ); - if (EFI_ERROR (Status)) { - // - // Set default value to 0 - // - mMorControl = 0; - Status = gRT->SetVariable ( - MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME, - &gEfiMemoryOverwriteControlDataGuid, - EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS, - DataSize, - &mMorControl - ); - DEBUG ((EFI_D_INFO, "TcgMor: Create MOR variable! Status = %r\n", Status)); - } else { - // - // Create a Ready To Boot Event and Clear the MorControl bit in the call back function. - // - DEBUG ((EFI_D_INFO, "TcgMor: Create ReadyToBoot Event for MorControl Bit cleanning!\n")); - Status = EfiCreateEventReadyToBootEx ( - TPL_CALLBACK, - OnReadyToBoot, - NULL, - &Event - ); - if (EFI_ERROR (Status)) { - return Status; - } - - // - // Register EFI_END_OF_DXE_EVENT_GROUP_GUID event. - // - DEBUG ((EFI_D_INFO, "TcgMor: Create EndofDxe Event for Mor TPer Reset!\n")); - Status = gBS->CreateEventEx ( - EVT_NOTIFY_SIGNAL, - TPL_CALLBACK, - TPerResetAtEndOfDxe, - NULL, - &gEfiEndOfDxeEventGroupGuid, - &Event - ); - if (EFI_ERROR (Status)) { - return Status; - } - } - - return Status; -} - - diff --git a/SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.h b/SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.h deleted file mode 100644 index a4aae48a5f..0000000000 --- a/SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.h +++ /dev/null @@ -1,48 +0,0 @@ -/** @file - The header file for TcgMor. - -Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.
-This program and the accompanying materials -are licensed and made available under the terms and conditions of the BSD License -which accompanies this distribution. The full text of the license may be found at -http://opensource.org/licenses/bsd-license.php - -THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. - -**/ - -#ifndef __TCG_MOR_H__ -#define __TCG_MOR_H__ - -#include - -#include - -#include -#include -#include -#include -#include -#include - -#include -#include - -// -// Supported Security Protocols List Description. -// Refer to ATA8-ACS Spec 7.57.6.2 Table 69 or SPC4 7.7.1.3 Table 511. -// -typedef struct { - UINT8 Reserved1[6]; - UINT8 SupportedSecurityListLength[2]; - UINT8 SupportedSecurityProtocol[1]; -} SUPPORTED_SECURITY_PROTOCOLS_PARAMETER_DATA; - -#define SECURITY_PROTOCOL_TCG 0x02 -#define SECURITY_PROTOCOL_IEEE1667 0xEE - -#define ROUNDUP512(x) (((x) % 512 == 0) ? (x) : ((x) / 512 + 1) * 512) - -#endif - diff --git a/SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf b/SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf deleted file mode 100644 index d5a7da8343..0000000000 --- a/SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf +++ /dev/null @@ -1,67 +0,0 @@ -## @file -# Initilizes MemoryOverwriteRequestControl variable -# -# This module will clear MOR_CLEAR_MEMORY_BIT bit if it is set. It will also do -# TPer Reset for those encrypted drives through EFI_STORAGE_SECURITY_COMMAND_PROTOCOL -# at EndOfDxe. -# -# Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.
-# This program and the accompanying materials -# are licensed and made available under the terms and conditions of the BSD License -# which accompanies this distribution. The full text of the license may be found at -# http://opensource.org/licenses/bsd-license.php -# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. -# -## - -[Defines] - INF_VERSION = 0x00010005 - BASE_NAME = TcgMor - MODULE_UNI_FILE = TcgMor.uni - FILE_GUID = AD416CE3-A483-45b1-94C2-4B4E4D575562 - MODULE_TYPE = DXE_DRIVER - VERSION_STRING = 1.0 - - ENTRY_POINT = MorDriverEntryPoint - -# -# The following information is for reference only and not required by the build tools. -# -# VALID_ARCHITECTURES = IA32 X64 IPF EBC -# - -[Sources] - TcgMor.c - TcgMor.h - -[Packages] - MdePkg/MdePkg.dec - SecurityPkg/SecurityPkg.dec - -[LibraryClasses] - UefiDriverEntryPoint - UefiBootServicesTableLib - UefiRuntimeServicesTableLib - ReportStatusCodeLib - DebugLib - UefiLib - MemoryAllocationLib - -[Guids] - ## SOMETIMES_CONSUMES ## Variable:L"MemoryOverwriteRequestControl" - ## PRODUCES ## Variable:L"MemoryOverwriteRequestControl" - gEfiMemoryOverwriteControlDataGuid - gEfiEndOfDxeEventGroupGuid ## SOMETIMES_CONSUMES ## Event - -[Protocols] - gEfiStorageSecurityCommandProtocolGuid ## SOMETIMES_CONSUMES - gEfiBlockIoProtocolGuid ## SOMETIMES_CONSUMES - -[Depex] - gEfiVariableArchProtocolGuid AND - gEfiVariableWriteArchProtocolGuid AND - ( gEfiTcgProtocolGuid OR gEfiTrEEProtocolGuid ) - -[UserExtensions.TianoCore."ExtraFiles"] - TcgMorExtra.uni diff --git a/SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.uni b/SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.uni deleted file mode 100644 index d9d947299f..0000000000 Binary files a/SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.uni and /dev/null differ diff --git a/SecurityPkg/Tcg/MemoryOverwriteControl/TcgMorExtra.uni b/SecurityPkg/Tcg/MemoryOverwriteControl/TcgMorExtra.uni deleted file mode 100644 index acf6ca8b25..0000000000 Binary files a/SecurityPkg/Tcg/MemoryOverwriteControl/TcgMorExtra.uni and /dev/null differ -- cgit v1.2.3