Tag: Eric Dong

UEFI boot support for locked SEDs updated

~ hucktech ~ Leave a comment

Eric Dong of Intel has updated UEFI’s TCG OVAL support, used with SEDs, how the UEFI-based system will work with the locked SEDs, when the user has no valid password:

[Patch] SecurityPkg OpalPasswordDxe: Enhance input password process.

Enhance the input password process, when device in unlock status and user press ESC, shutdown the device. If user reach the max try number, shutdown the device.

+  L”Confirm: Not unlock device and continue boot?.”,
+  L”Press ENTER to confirm, Press Esc to input password”,
+  L”Warning: system in unkown status, must shutdown!”,
+  L”Press ENTER to shutdown.”,

– L”Opal password retry count is expired. Keep lock and continue boot.”,
+ L”Opal password retry count exceeds the limit. Must shutdown!”,
  L”Press ENTER to continue”,

For more information, see the patch on the edk2-devel list:
https://lists.01.org/mailman/listinfo/edk2-devel

UEFI support for TCG OVAL passwords

~ hucktech ~ Leave a comment

Eric Dong of Intel has submitted an 8-part patch to enable TCG OPAL password support in UEFI:

Enable Opal password solution: These patches used to enable opal password solution in BIOS. Opal feature defined in TCG storage Opal spec. This opal solution is a sample driver shows how to use opal feature in bios. It enables user to config opal feature in the setup page and popup dialog to let user unlock device in boot phase. It auto unlock opal device in S3 resume phase.

  MdePkg: Add definition for TCG Storage Core and Opal specs.
  SecurityPkg: TcgStorageCoreLib: Add TCG storage core library.
  SecurityPkg: TcgStorageOpalLib: Add TCG storage opal library.
  SecurityPkg: OpalPasswordSupportLib: Add Opal password support
    library.
  SecurityPkg: Add library header file definition to package.
  SecurityPkg: OpalPasswordDxe: Add Opal password dxe driver.
  SecurityPkg: OpalPasswordSmm: Add Opal password Smm driver.
  SecurityPkg: Enable Opal password solution build in Security package
    build.

 39 files changed, 21524 insertions(+)

For more information:
https://lists.01.org/mailman/listinfo/edk2-devel