Reviewed-by: Eric Dong <eric.d...@intel.com> > -----Original Message----- > From: Chu, Maggie > Sent: Monday, April 29, 2019 11:36 AM > To: devel@edk2.groups.io > Cc: Zhang, Chao B <chao.b.zh...@intel.com>; Yao, Jiewen > <jiewen....@intel.com>; Dong, Eric <eric.d...@intel.com> > Subject: [PATCH] SecurityPkg/OpalPassword: Add warning message for > Secure Erase > > https://bugzilla.tianocore.org/show_bug.cgi?id=1753 > Add pop-up warning messages before secure erase action. > In order to notify user the secure erase action will take a longer time. > This change also fix some pop-up windows are unable to show up complete > message due to some strings are too long. > > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Maggie Chu <maggie....@intel.com> > Cc: Chao Zhang <chao.b.zh...@intel.com> > Cc: Jiewen Yao <jiewen....@intel.com> > Cc: Eric Dong <eric.d...@intel.com> > --- > SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c | 129 > ++++++++++++++++++------- > SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c | 23 +++-- > 2 files changed, 110 insertions(+), 42 deletions(-) > > diff --git a/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c > b/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c > index ed7f968255..ada2a4ca5a 100644 > --- a/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c > +++ b/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c > @@ -498,6 +498,7 @@ OpalDriverPopUpPsidInput ( > IN OPAL_DRIVER_DEVICE *Dev, > IN CHAR16 *PopUpString, > IN CHAR16 *PopUpString2, > + IN CHAR16 *PopUpString3, > OUT BOOLEAN *PressEsc > ) > { > @@ -527,15 +528,28 @@ OpalDriverPopUpPsidInput ( > NULL > ); > } else { > - CreatePopUp ( > - EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, > - &InputKey, > - PopUpString, > - PopUpString2, > - L"---------------------", > - Mask, > - NULL > - ); > + if (PopUpString3 == NULL) { > + CreatePopUp ( > + EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, > + &InputKey, > + PopUpString, > + PopUpString2, > + L"---------------------", > + Mask, > + NULL > + ); > + } else { > + CreatePopUp ( > + EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, > + &InputKey, > + PopUpString, > + PopUpString2, > + PopUpString3, > + L"---------------------", > + Mask, > + NULL > + ); > + } > } > > // > @@ -635,6 +649,7 @@ OpalDriverPopUpPasswordInput ( > IN OPAL_DRIVER_DEVICE *Dev, > IN CHAR16 *PopUpString1, > IN CHAR16 *PopUpString2, > + IN CHAR16 *PopUpString3, > OUT BOOLEAN *PressEsc > ) > { > @@ -664,15 +679,28 @@ OpalDriverPopUpPasswordInput ( > NULL > ); > } else { > - CreatePopUp ( > - EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, > - &InputKey, > - PopUpString1, > - PopUpString2, > - L"---------------------", > - Mask, > - NULL > - ); > + if (PopUpString3 == NULL) { > + CreatePopUp ( > + EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, > + &InputKey, > + PopUpString1, > + PopUpString2, > + L"---------------------", > + Mask, > + NULL > + ); > + } else { > + CreatePopUp ( > + EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, > + &InputKey, > + PopUpString1, > + PopUpString2, > + PopUpString3, > + L"---------------------", > + Mask, > + NULL > + ); > + } > } > > // > @@ -823,7 +851,7 @@ OpalDriverRequestPassword ( > } > > while (Count < MAX_PASSWORD_TRY_COUNT) { > - Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, NULL, > &PressEsc); > + Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, NULL, > + NULL, &PressEsc); > if (PressEsc) { > if (IsLocked) { > // > @@ -988,7 +1016,7 @@ ProcessOpalRequestEnableFeature ( > Session.OpalBaseComId = Dev->OpalDisk.OpalBaseComId; > > while (Count < MAX_PASSWORD_TRY_COUNT) { > - Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please > type in your new password", &PressEsc); > + Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please > + type in your new password", NULL, &PressEsc); > if (PressEsc) { > do { > CreatePopUp ( > @@ -1017,7 +1045,7 @@ ProcessOpalRequestEnableFeature ( > } > PasswordLen = (UINT32) AsciiStrLen(Password); > > - PasswordConfirm = OpalDriverPopUpPasswordInput (Dev, PopUpString, > L"Please confirm your new password", &PressEsc); > + PasswordConfirm = OpalDriverPopUpPasswordInput (Dev, PopUpString, > + L"Please confirm your new password", NULL, &PressEsc); > if (PasswordConfirm == NULL) { > ZeroMem (Password, PasswordLen); > FreePool (Password); > @@ -1132,7 +1160,7 @@ ProcessOpalRequestDisableUser ( > Session.OpalBaseComId = Dev->OpalDisk.OpalBaseComId; > > while (Count < MAX_PASSWORD_TRY_COUNT) { > - Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, NULL, > &PressEsc); > + Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, NULL, > + NULL, &PressEsc); > if (PressEsc) { > do { > CreatePopUp ( > @@ -1227,6 +1255,7 @@ ProcessOpalRequestPsidRevert ( > TCG_RESULT Ret; > CHAR16 *PopUpString; > CHAR16 *PopUpString2; > + CHAR16 *PopUpString3; > UINTN BufferSize; > > if (Dev == NULL) { > @@ -1238,17 +1267,19 @@ ProcessOpalRequestPsidRevert ( > PopUpString = OpalGetPopUpString (Dev, RequestString); > > if (Dev->OpalDisk.EstimateTimeCost > > MAX_ACCEPTABLE_REVERTING_TIME) { > - BufferSize = StrSize (L"Warning: Revert action will take about ####### > seconds, DO NOT power off system during the revert action!"); > + BufferSize = StrSize (L"Warning: Revert action will take about > + ####### seconds"); > PopUpString2 = AllocateZeroPool (BufferSize); > ASSERT (PopUpString2 != NULL); > UnicodeSPrint ( > PopUpString2, > BufferSize, > - L"WARNING: Revert action will take about %d seconds, DO NOT power > off system during the revert action!", > + L"WARNING: Revert action will take about %d seconds", > Dev->OpalDisk.EstimateTimeCost > ); > + PopUpString3 = L"DO NOT power off system during the revert > + action!"; > } else { > PopUpString2 = NULL; > + PopUpString3 = NULL; > } > > Count = 0; > @@ -1259,7 +1290,7 @@ ProcessOpalRequestPsidRevert ( > Session.OpalBaseComId = Dev->OpalDisk.OpalBaseComId; > > while (Count < MAX_PSID_TRY_COUNT) { > - Psid = OpalDriverPopUpPsidInput (Dev, PopUpString, PopUpString2, > &PressEsc); > + Psid = OpalDriverPopUpPsidInput (Dev, PopUpString, PopUpString2, > + PopUpString3, &PressEsc); > if (PressEsc) { > do { > CreatePopUp ( > @@ -1361,6 +1392,7 @@ ProcessOpalRequestRevert ( > BOOLEAN PasswordFailed; > CHAR16 *PopUpString; > CHAR16 *PopUpString2; > + CHAR16 *PopUpString3; > UINTN BufferSize; > > if (Dev == NULL) { > @@ -1373,17 +1405,19 @@ ProcessOpalRequestRevert ( > > if ((!KeepUserData) && > (Dev->OpalDisk.EstimateTimeCost > > MAX_ACCEPTABLE_REVERTING_TIME)) { > - BufferSize = StrSize (L"Warning: Revert action will take about ####### > seconds, DO NOT power off system during the revert action!"); > + BufferSize = StrSize (L"Warning: Revert action will take about > + ####### seconds"); > PopUpString2 = AllocateZeroPool (BufferSize); > ASSERT (PopUpString2 != NULL); > UnicodeSPrint ( > PopUpString2, > BufferSize, > - L"WARNING: Revert action will take about %d seconds, DO NOT power > off system during the revert action!", > + L"WARNING: Revert action will take about %d seconds", > Dev->OpalDisk.EstimateTimeCost > ); > + PopUpString3 = L"DO NOT power off system during the revert > + action!"; > } else { > PopUpString2 = NULL; > + PopUpString3 = NULL; > } > > Count = 0; > @@ -1394,7 +1428,7 @@ ProcessOpalRequestRevert ( > Session.OpalBaseComId = Dev->OpalDisk.OpalBaseComId; > > while (Count < MAX_PASSWORD_TRY_COUNT) { > - Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, > PopUpString2, &PressEsc); > + Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, > + PopUpString2, PopUpString3, &PressEsc); > if (PressEsc) { > do { > CreatePopUp ( > @@ -1520,6 +1554,9 @@ ProcessOpalRequestSecureErase ( > TCG_RESULT Ret; > BOOLEAN PasswordFailed; > CHAR16 *PopUpString; > + CHAR16 *PopUpString2; > + CHAR16 *PopUpString3; > + UINTN BufferSize; > > if (Dev == NULL) { > return; > @@ -1529,6 +1566,21 @@ ProcessOpalRequestSecureErase ( > > PopUpString = OpalGetPopUpString (Dev, RequestString); > > + if (Dev->OpalDisk.EstimateTimeCost > > MAX_ACCEPTABLE_REVERTING_TIME) { > + BufferSize = StrSize (L"Warning: Secure erase action will take about > ####### seconds"); > + PopUpString2 = AllocateZeroPool (BufferSize); > + ASSERT (PopUpString2 != NULL); > + UnicodeSPrint ( > + PopUpString2, > + BufferSize, > + L"WARNING: Secure erase action will take about %d seconds", > + Dev->OpalDisk.EstimateTimeCost > + ); > + PopUpString3 = L"DO NOT power off system during the action!"; } > + else { > + PopUpString2 = NULL; > + PopUpString3 = NULL; > + } > Count = 0; > > ZeroMem(&Session, sizeof(Session)); > @@ -1537,7 +1589,7 @@ ProcessOpalRequestSecureErase ( > Session.OpalBaseComId = Dev->OpalDisk.OpalBaseComId; > > while (Count < MAX_PASSWORD_TRY_COUNT) { > - Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, NULL, > &PressEsc); > + Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, > + PopUpString2, PopUpString3, &PressEsc); > if (PressEsc) { > do { > CreatePopUp ( > @@ -1551,7 +1603,7 @@ ProcessOpalRequestSecureErase ( > > if (Key.UnicodeChar == CHAR_CARRIAGE_RETURN) { > gST->ConOut->ClearScreen(gST->ConOut); > - return; > + goto Done; > } else { > // > // Let user input password again. > @@ -1608,6 +1660,11 @@ ProcessOpalRequestSecureErase ( > } while (Key.UnicodeChar != CHAR_CARRIAGE_RETURN); > gST->ConOut->ClearScreen(gST->ConOut); > } > + > +Done: > + if (PopUpString2 != NULL) { > + FreePool (PopUpString2); > + } > } > > /** > @@ -1647,7 +1704,7 @@ ProcessOpalRequestSetUserPwd ( > Count = 0; > > while (Count < MAX_PASSWORD_TRY_COUNT) { > - OldPassword = OpalDriverPopUpPasswordInput (Dev, PopUpString, > L"Please type in your password", &PressEsc); > + OldPassword = OpalDriverPopUpPasswordInput (Dev, PopUpString, > + L"Please type in your password", NULL, &PressEsc); > if (PressEsc) { > do { > CreatePopUp ( > @@ -1705,7 +1762,7 @@ ProcessOpalRequestSetUserPwd ( > } > } > > - Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please > type in your new password", &PressEsc); > + Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please > + type in your new password", NULL, &PressEsc); > if (Password == NULL) { > ZeroMem (OldPassword, OldPasswordLen); > FreePool (OldPassword); > @@ -1714,7 +1771,7 @@ ProcessOpalRequestSetUserPwd ( > } > PasswordLen = (UINT32) AsciiStrLen(Password); > > - PasswordConfirm = OpalDriverPopUpPasswordInput (Dev, PopUpString, > L"Please confirm your new password", &PressEsc); > + PasswordConfirm = OpalDriverPopUpPasswordInput (Dev, PopUpString, > + L"Please confirm your new password", NULL, &PressEsc); > if (PasswordConfirm == NULL) { > ZeroMem (OldPassword, OldPasswordLen); > FreePool (OldPassword); > @@ -1846,7 +1903,7 @@ ProcessOpalRequestSetAdminPwd ( > Count = 0; > > while (Count < MAX_PASSWORD_TRY_COUNT) { > - OldPassword = OpalDriverPopUpPasswordInput (Dev, PopUpString, > L"Please type in your password", &PressEsc); > + OldPassword = OpalDriverPopUpPasswordInput (Dev, PopUpString, > + L"Please type in your password", NULL, &PressEsc); > if (PressEsc) { > do { > CreatePopUp ( > @@ -1899,7 +1956,7 @@ ProcessOpalRequestSetAdminPwd ( > continue; > } > > - Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please > type in your new password", &PressEsc); > + Password = OpalDriverPopUpPasswordInput (Dev, PopUpString, L"Please > + type in your new password", NULL, &PressEsc); > if (Password == NULL) { > ZeroMem (OldPassword, OldPasswordLen); > FreePool (OldPassword); > @@ -1908,7 +1965,7 @@ ProcessOpalRequestSetAdminPwd ( > } > PasswordLen = (UINT32) AsciiStrLen(Password); > > - PasswordConfirm = OpalDriverPopUpPasswordInput (Dev, PopUpString, > L"Please confirm your new password", &PressEsc); > + PasswordConfirm = OpalDriverPopUpPasswordInput (Dev, PopUpString, > + L"Please confirm your new password", NULL, &PressEsc); > if (PasswordConfirm == NULL) { > ZeroMem (OldPassword, OldPasswordLen); > FreePool (OldPassword); > diff --git a/SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c > b/SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c > index 8abb3d028b..d0f3eda1e8 100644 > --- a/SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c > +++ b/SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c > @@ -511,13 +511,15 @@ GetDiskNameStringId( > /** > Confirm whether user truly want to do the revert action. > > - @param OpalDisk The device which need to do the revert > action. > + @param OpalDisk The device which need to perform data > removal > action. > + @param ActionString Specifies the action name shown on pop up > menu. > > @retval EFI_SUCCESS Confirmed user want to do the revert action. > **/ > EFI_STATUS > -HiiConfirmRevertAction ( > - IN OPAL_DISK *OpalDisk > +HiiConfirmDataRemovalAction ( > + IN OPAL_DISK *OpalDisk, > + IN CHAR16 *ActionString > > ) > { > @@ -537,14 +539,14 @@ HiiConfirmRevertAction ( > ApproveResponse = L'Y'; > RejectResponse = L'N'; > > - UnicodeSPrint(Unicode, StrSize(L"WARNING: Revert device needs about > ####### seconds"), L"WARNING: Revert device needs about %d seconds", > OpalDisk->EstimateTimeCost); > + UnicodeSPrint(Unicode, StrSize(L"WARNING: ############# action > needs > + about ####### seconds"), L"WARNING: %s action needs about %d > seconds", > + ActionString, OpalDisk->EstimateTimeCost); > > do { > CreatePopUp( > EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, > &Key, > Unicode, > - L" System should not be powered off until revert completion ", > + L" System should not be powered off until action completion ", > L" ", > L" Press 'Y/y' to continue, press 'N/n' to cancal ", > NULL > @@ -634,7 +636,16 @@ DriverCallback( > case HII_KEY_ID_PSID_REVERT: > OpalDisk = HiiGetOpalDiskCB(gHiiConfiguration.SelectedDiskIndex); > if (OpalDisk != NULL) { > - return HiiConfirmRevertAction (OpalDisk); > + return HiiConfirmDataRemovalAction (OpalDisk, L"Revert"); > + } else { > + ASSERT (FALSE); > + return EFI_SUCCESS; > + } > + > + case HII_KEY_ID_SECURE_ERASE: > + OpalDisk = HiiGetOpalDiskCB(gHiiConfiguration.SelectedDiskIndex); > + if (OpalDisk != NULL) { > + return HiiConfirmDataRemovalAction (OpalDisk, L"Secure > + erase"); > } else { > ASSERT (FALSE); > return EFI_SUCCESS; > -- > 2.16.2.windows.1
-=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#39737): https://edk2.groups.io/g/devel/message/39737 Mute This Topic: https://groups.io/mt/31380307/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
