From nobody Wed May 8 02:41:34 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+40080+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+40080+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1557209995; cv=none; d=zoho.com; s=zohoarc; b=TK/wHw+KwWNnvOBVw24FAe7ye9eb7/GN60PAJRZHZSCpTpfMa7qym+hOHHCo0xLkuKXNLXJY8n5uHFGR4rjcv2/0MYTMqEEDDid0SXhVtummASUF3IlW2+w06ffRdHTKLQLdiUFiZfUEQCQ8r7k6/rLvP954jd9XRD5rIImSQuo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1557209995; h=Cc:Date:From:List-Id:List-Unsubscribe:Message-ID:Reply-To:Sender:Subject:To:ARC-Authentication-Results; bh=P/BQb5aIjn45abJ5UCxO2h+zw7Ght9+fsdSBm51lRQw=; b=W5HVWJaP4x70wpM2zCtbdeyu2HDEyR69m06neKf6tUqH1m4+Zh75j5xeuzftRu9fBXDNdgPh2grUZ/jn+ahwy1GMhKyaQAFYSMOt8q7PGcIu+5FtOFCiK3jXRcOHyo9a5lOfk9oJxtZ6ny+4exxwwoJnrErfwHMXVicyXRNgxF4= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+40080+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1557209995065441.3058030665097; Mon, 6 May 2019 23:19:55 -0700 (PDT) Return-Path: X-Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) by groups.io with SMTP; Mon, 06 May 2019 23:19:54 -0700 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga104.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 May 2019 23:19:53 -0700 X-ExtLoop1: 1 X-Received: from chumaggi-mobl.gar.corp.intel.com ([10.5.245.221]) by fmsmga001.fm.intel.com with ESMTP; 06 May 2019 23:19:52 -0700 From: "Maggie Chu" To: devel@edk2.groups.io Cc: Chao Zhang , Jiewen Yao , Eric Dong Subject: [edk2-devel] [PATCH] SecurityPkg/OpalPassword: Add warning message for Secure Erase Date: Tue, 7 May 2019 14:19:35 +0800 Message-Id: <20190507061935.18168-1-maggie.chu@intel.com> Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,maggie.chu@intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1557209994; bh=ZRjlxApcd0A6KTHTn2BcFzmWCQpAESDTjo7Oq3uFdVU=; h=Cc:Date:From:Reply-To:Subject:To; b=pkQH4tVqJn2YvBrv02AuZsXYxpuW3z9oSWOir3193ml92LkK5tPe3Tm1ao/xdAV0uqT ZwdPAlVbeqk1q/mta8hlPg7TT3HpcDyGI/xEcVANzbkPG2Uoi7TcZkrYC31w1PA1kQ378 uG7451zXgWYis6f2/YC02OdB1hYKiY3Uz/M= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" https://bugzilla.tianocore.org/show_bug.cgi?id=3D1753 Add pop-up warning messages before secure erase action. In order to notify user the secure erase action will take a longer time. This change also fix some pop-up windows are unable to show up complete message due to some strings are too long. Signed-off-by: Maggie Chu Cc: Chao Zhang Cc: Jiewen Yao Cc: Eric Dong Reviewed-by: Eric Dong --- SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c | 131 ++++++++++++++++++---= ---- SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c | 23 +++-- 2 files changed, 112 insertions(+), 42 deletions(-) diff --git a/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c b/SecurityPkg/T= cg/Opal/OpalPassword/OpalDriver.c index ed7f968255..42999c89f0 100644 --- a/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c +++ b/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c @@ -487,6 +487,7 @@ OpalEndOfDxeEventNotify ( OPAL request. @param[in] PopUpString Pop up string. @param[in] PopUpString2 Pop up string in line 2. + @param[in] PopUpString3 Pop up string in line 3. =20 @param[out] PressEsc Whether user escape function through Press ESC. =20 @@ -498,6 +499,7 @@ OpalDriverPopUpPsidInput ( IN OPAL_DRIVER_DEVICE *Dev, IN CHAR16 *PopUpString, IN CHAR16 *PopUpString2, + IN CHAR16 *PopUpString3, OUT BOOLEAN *PressEsc ) { @@ -527,15 +529,28 @@ OpalDriverPopUpPsidInput ( NULL ); } else { - CreatePopUp ( - EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, - &InputKey, - PopUpString, - PopUpString2, - L"---------------------", - Mask, - NULL - ); + if (PopUpString3 =3D=3D NULL) { + CreatePopUp ( + EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, + &InputKey, + PopUpString, + PopUpString2, + L"---------------------", + Mask, + NULL + ); + } else { + CreatePopUp ( + EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, + &InputKey, + PopUpString, + PopUpString2, + PopUpString3, + L"---------------------", + Mask, + NULL + ); + } } =20 // @@ -625,6 +640,7 @@ OpalDriverPopUpPsidInput ( process OPAL request. @param[in] PopUpString1 Pop up string 1. @param[in] PopUpString2 Pop up string 2. + @param[in] PopUpString3 Pop up string 3. @param[out] PressEsc Whether user escape function through Press ESC. =20 @retval Password string if success. NULL if failed. @@ -635,6 +651,7 @@ OpalDriverPopUpPasswordInput ( IN OPAL_DRIVER_DEVICE *Dev, IN CHAR16 *PopUpString1, IN CHAR16 *PopUpString2, + IN CHAR16 *PopUpString3, OUT BOOLEAN *PressEsc ) { @@ -664,15 +681,28 @@ OpalDriverPopUpPasswordInput ( NULL ); } else { - CreatePopUp ( - EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, - &InputKey, - PopUpString1, - PopUpString2, - L"---------------------", - Mask, - NULL - ); + if (PopUpString3 =3D=3D NULL) { + CreatePopUp ( + EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, + &InputKey, + PopUpString1, + PopUpString2, + L"---------------------", + Mask, + NULL + ); + } else { + CreatePopUp ( + EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, + &InputKey, + PopUpString1, + PopUpString2, + PopUpString3, + L"---------------------", + Mask, + NULL + ); + } } =20 // @@ -823,7 +853,7 @@ OpalDriverRequestPassword ( } =20 while (Count < MAX_PASSWORD_TRY_COUNT) { - Password =3D OpalDriverPopUpPasswordInput (Dev, PopUpString, NULL, &= PressEsc); + Password =3D OpalDriverPopUpPasswordInput (Dev, PopUpString, NULL, N= ULL, &PressEsc); if (PressEsc) { if (IsLocked) { // @@ -988,7 +1018,7 @@ ProcessOpalRequestEnableFeature ( Session.OpalBaseComId =3D Dev->OpalDisk.OpalBaseComId; =20 while (Count < MAX_PASSWORD_TRY_COUNT) { - Password =3D OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please = type in your new password", &PressEsc); + Password =3D OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please = type in your new password", NULL, &PressEsc); if (PressEsc) { do { CreatePopUp ( @@ -1017,7 +1047,7 @@ ProcessOpalRequestEnableFeature ( } PasswordLen =3D (UINT32) AsciiStrLen(Password); =20 - PasswordConfirm =3D OpalDriverPopUpPasswordInput (Dev, PopUpString, L"= Please confirm your new password", &PressEsc); + PasswordConfirm =3D OpalDriverPopUpPasswordInput (Dev, PopUpString, L"= Please confirm your new password", NULL, &PressEsc); if (PasswordConfirm =3D=3D NULL) { ZeroMem (Password, PasswordLen); FreePool (Password); @@ -1132,7 +1162,7 @@ ProcessOpalRequestDisableUser ( Session.OpalBaseComId =3D Dev->OpalDisk.OpalBaseComId; =20 while (Count < MAX_PASSWORD_TRY_COUNT) { - Password =3D OpalDriverPopUpPasswordInput (Dev, PopUpString, NULL, &Pr= essEsc); + Password =3D OpalDriverPopUpPasswordInput (Dev, PopUpString, NULL, NUL= L, &PressEsc); if (PressEsc) { do { CreatePopUp ( @@ -1227,6 +1257,7 @@ ProcessOpalRequestPsidRevert ( TCG_RESULT Ret; CHAR16 *PopUpString; CHAR16 *PopUpString2; + CHAR16 *PopUpString3; UINTN BufferSize; =20 if (Dev =3D=3D NULL) { @@ -1238,17 +1269,19 @@ ProcessOpalRequestPsidRevert ( PopUpString =3D OpalGetPopUpString (Dev, RequestString); =20 if (Dev->OpalDisk.EstimateTimeCost > MAX_ACCEPTABLE_REVERTING_TIME) { - BufferSize =3D StrSize (L"Warning: Revert action will take about #####= ## seconds, DO NOT power off system during the revert action!"); + BufferSize =3D StrSize (L"Warning: Revert action will take about #####= ## seconds"); PopUpString2 =3D AllocateZeroPool (BufferSize); ASSERT (PopUpString2 !=3D NULL); UnicodeSPrint ( PopUpString2, BufferSize, - L"WARNING: Revert action will take about %d seconds, DO NOT power = off system during the revert action!", + L"WARNING: Revert action will take about %d seconds", Dev->OpalDisk.EstimateTimeCost ); + PopUpString3 =3D L"DO NOT power off system during the revert action!"; } else { PopUpString2 =3D NULL; + PopUpString3 =3D NULL; } =20 Count =3D 0; @@ -1259,7 +1292,7 @@ ProcessOpalRequestPsidRevert ( Session.OpalBaseComId =3D Dev->OpalDisk.OpalBaseComId; =20 while (Count < MAX_PSID_TRY_COUNT) { - Psid =3D OpalDriverPopUpPsidInput (Dev, PopUpString, PopUpString2, &Pr= essEsc); + Psid =3D OpalDriverPopUpPsidInput (Dev, PopUpString, PopUpString2, Pop= UpString3, &PressEsc); if (PressEsc) { do { CreatePopUp ( @@ -1361,6 +1394,7 @@ ProcessOpalRequestRevert ( BOOLEAN PasswordFailed; CHAR16 *PopUpString; CHAR16 *PopUpString2; + CHAR16 *PopUpString3; UINTN BufferSize; =20 if (Dev =3D=3D NULL) { @@ -1373,17 +1407,19 @@ ProcessOpalRequestRevert ( =20 if ((!KeepUserData) && (Dev->OpalDisk.EstimateTimeCost > MAX_ACCEPTABLE_REVERTING_TIME)) { - BufferSize =3D StrSize (L"Warning: Revert action will take about #####= ## seconds, DO NOT power off system during the revert action!"); + BufferSize =3D StrSize (L"Warning: Revert action will take about #####= ## seconds"); PopUpString2 =3D AllocateZeroPool (BufferSize); ASSERT (PopUpString2 !=3D NULL); UnicodeSPrint ( PopUpString2, BufferSize, - L"WARNING: Revert action will take about %d seconds, DO NOT power = off system during the revert action!", + L"WARNING: Revert action will take about %d seconds", Dev->OpalDisk.EstimateTimeCost ); + PopUpString3 =3D L"DO NOT power off system during the revert action!"; } else { PopUpString2 =3D NULL; + PopUpString3 =3D NULL; } =20 Count =3D 0; @@ -1394,7 +1430,7 @@ ProcessOpalRequestRevert ( Session.OpalBaseComId =3D Dev->OpalDisk.OpalBaseComId; =20 while (Count < MAX_PASSWORD_TRY_COUNT) { - Password =3D OpalDriverPopUpPasswordInput (Dev, PopUpString, PopUpStri= ng2, &PressEsc); + Password =3D OpalDriverPopUpPasswordInput (Dev, PopUpString, PopUpStri= ng2, PopUpString3, &PressEsc); if (PressEsc) { do { CreatePopUp ( @@ -1520,6 +1556,9 @@ ProcessOpalRequestSecureErase ( TCG_RESULT Ret; BOOLEAN PasswordFailed; CHAR16 *PopUpString; + CHAR16 *PopUpString2; + CHAR16 *PopUpString3; + UINTN BufferSize; =20 if (Dev =3D=3D NULL) { return; @@ -1529,6 +1568,21 @@ ProcessOpalRequestSecureErase ( =20 PopUpString =3D OpalGetPopUpString (Dev, RequestString); =20 + if (Dev->OpalDisk.EstimateTimeCost > MAX_ACCEPTABLE_REVERTING_TIME) { + BufferSize =3D StrSize (L"Warning: Secure erase action will take about= ####### seconds"); + PopUpString2 =3D AllocateZeroPool (BufferSize); + ASSERT (PopUpString2 !=3D NULL); + UnicodeSPrint ( + PopUpString2, + BufferSize, + L"WARNING: Secure erase action will take about %d seconds", + Dev->OpalDisk.EstimateTimeCost + ); + PopUpString3 =3D L"DO NOT power off system during the action!"; + } else { + PopUpString2 =3D NULL; + PopUpString3 =3D NULL; + } Count =3D 0; =20 ZeroMem(&Session, sizeof(Session)); @@ -1537,7 +1591,7 @@ ProcessOpalRequestSecureErase ( Session.OpalBaseComId =3D Dev->OpalDisk.OpalBaseComId; =20 while (Count < MAX_PASSWORD_TRY_COUNT) { - Password =3D OpalDriverPopUpPasswordInput (Dev, PopUpString, NULL, &Pr= essEsc); + Password =3D OpalDriverPopUpPasswordInput (Dev, PopUpString, PopUpStri= ng2, PopUpString3, &PressEsc); if (PressEsc) { do { CreatePopUp ( @@ -1551,7 +1605,7 @@ ProcessOpalRequestSecureErase ( =20 if (Key.UnicodeChar =3D=3D CHAR_CARRIAGE_RETURN) { gST->ConOut->ClearScreen(gST->ConOut); - return; + goto Done; } else { // // Let user input password again. @@ -1608,6 +1662,11 @@ ProcessOpalRequestSecureErase ( } while (Key.UnicodeChar !=3D CHAR_CARRIAGE_RETURN); gST->ConOut->ClearScreen(gST->ConOut); } + +Done: + if (PopUpString2 !=3D NULL) { + FreePool (PopUpString2); + } } =20 /** @@ -1647,7 +1706,7 @@ ProcessOpalRequestSetUserPwd ( Count =3D 0; =20 while (Count < MAX_PASSWORD_TRY_COUNT) { - OldPassword =3D OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Plea= se type in your password", &PressEsc); + OldPassword =3D OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Plea= se type in your password", NULL, &PressEsc); if (PressEsc) { do { CreatePopUp ( @@ -1705,7 +1764,7 @@ ProcessOpalRequestSetUserPwd ( } } =20 - Password =3D OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please = type in your new password", &PressEsc); + Password =3D OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please = type in your new password", NULL, &PressEsc); if (Password =3D=3D NULL) { ZeroMem (OldPassword, OldPasswordLen); FreePool (OldPassword); @@ -1714,7 +1773,7 @@ ProcessOpalRequestSetUserPwd ( } PasswordLen =3D (UINT32) AsciiStrLen(Password); =20 - PasswordConfirm =3D OpalDriverPopUpPasswordInput (Dev, PopUpString, L"= Please confirm your new password", &PressEsc); + PasswordConfirm =3D OpalDriverPopUpPasswordInput (Dev, PopUpString, L"= Please confirm your new password", NULL, &PressEsc); if (PasswordConfirm =3D=3D NULL) { ZeroMem (OldPassword, OldPasswordLen); FreePool (OldPassword); @@ -1846,7 +1905,7 @@ ProcessOpalRequestSetAdminPwd ( Count =3D 0; =20 while (Count < MAX_PASSWORD_TRY_COUNT) { - OldPassword =3D OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Plea= se type in your password", &PressEsc); + OldPassword =3D OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Plea= se type in your password", NULL, &PressEsc); if (PressEsc) { do { CreatePopUp ( @@ -1899,7 +1958,7 @@ ProcessOpalRequestSetAdminPwd ( continue; } =20 - Password =3D OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please = type in your new password", &PressEsc); + Password =3D OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please = type in your new password", NULL, &PressEsc); if (Password =3D=3D NULL) { ZeroMem (OldPassword, OldPasswordLen); FreePool (OldPassword); @@ -1908,7 +1967,7 @@ ProcessOpalRequestSetAdminPwd ( } PasswordLen =3D (UINT32) AsciiStrLen(Password); =20 - PasswordConfirm =3D OpalDriverPopUpPasswordInput (Dev, PopUpString, L"= Please confirm your new password", &PressEsc); + PasswordConfirm =3D OpalDriverPopUpPasswordInput (Dev, PopUpString, L"= Please confirm your new password", NULL, &PressEsc); if (PasswordConfirm =3D=3D NULL) { ZeroMem (OldPassword, OldPasswordLen); FreePool (OldPassword); diff --git a/SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c b/SecurityPkg/Tcg/= Opal/OpalPassword/OpalHii.c index 8abb3d028b..d0f3eda1e8 100644 --- a/SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c +++ b/SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c @@ -511,13 +511,15 @@ GetDiskNameStringId( /** Confirm whether user truly want to do the revert action. =20 - @param OpalDisk The device which need to do the revert ac= tion. + @param OpalDisk The device which need to perform data rem= oval action. + @param ActionString Specifies the action name shown on pop up= menu. =20 @retval EFI_SUCCESS Confirmed user want to do the revert acti= on. **/ EFI_STATUS -HiiConfirmRevertAction ( - IN OPAL_DISK *OpalDisk +HiiConfirmDataRemovalAction ( + IN OPAL_DISK *OpalDisk, + IN CHAR16 *ActionString =20 ) { @@ -537,14 +539,14 @@ HiiConfirmRevertAction ( ApproveResponse =3D L'Y'; RejectResponse =3D L'N'; =20 - UnicodeSPrint(Unicode, StrSize(L"WARNING: Revert device needs about ####= ### seconds"), L"WARNING: Revert device needs about %d seconds", OpalDisk->= EstimateTimeCost); + UnicodeSPrint(Unicode, StrSize(L"WARNING: ############# action needs abo= ut ####### seconds"), L"WARNING: %s action needs about %d seconds", ActionS= tring, OpalDisk->EstimateTimeCost); =20 do { CreatePopUp( EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key, Unicode, - L" System should not be powered off until revert completion ", + L" System should not be powered off until action completion ", L" ", L" Press 'Y/y' to continue, press 'N/n' to cancal ", NULL @@ -634,7 +636,16 @@ DriverCallback( case HII_KEY_ID_PSID_REVERT: OpalDisk =3D HiiGetOpalDiskCB(gHiiConfiguration.SelectedDiskIndex); if (OpalDisk !=3D NULL) { - return HiiConfirmRevertAction (OpalDisk); + return HiiConfirmDataRemovalAction (OpalDisk, L"Revert"); + } else { + ASSERT (FALSE); + return EFI_SUCCESS; + } + + case HII_KEY_ID_SECURE_ERASE: + OpalDisk =3D HiiGetOpalDiskCB(gHiiConfiguration.SelectedDiskIndex); + if (OpalDisk !=3D NULL) { + return HiiConfirmDataRemovalAction (OpalDisk, L"Secure erase"); } else { ASSERT (FALSE); return EFI_SUCCESS; --=20 2.16.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#40080): https://edk2.groups.io/g/devel/message/40080 Mute This Topic: https://groups.io/mt/31380307/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-