TCG. TCG Storage Interface Interactions Specification. Specification Version 1.0. January 27, Contacts:

Similar documents
TCG Storage Interface Interactions Specification (SIIS) Specification Version 1.02 Revision December, 2011 TCG

TCG. TCG Storage Interface Interactions Specification (SIIS) Specification Version 1.08 Revision 1.00 October 26, 2018

TCG. TCG Storage Interface Interactions Specification (SIIS) Specification Version 1.07 Revision 1.00 January 30, 2018

TCG. TCG Storage Interface Interactions Specification (SIIS) Specification Version 1.07 Revision August-17 Committee Draft

FOR TCG ACPI Specification

TCG Storage Opal SSC Feature Set: PSID. Specification Version 1.00 Revision August 5, Contact:

ERRATA FOR. TCG TPM I2C Interface Specification. Errata Version 1.0 April 6, Family 2.0 Level 00 Revision 1.

ERRATA FOR. Protection Profile PC Client Specific TPM. Errata Version 1.0 June 16, 2018 DRAFT. Specification Version 1.

TCG. TCG Storage Opal SSC: Test Cases Specification. Specification Version 2.01 Revision 2.18 January 30, 2018 Published

ERRATA FOR. TCG Platform Attribute Credential Profile. Errata Version Published. Specification Version 1.0 Revision January 2018

TCG Storage Application Note: Encrypting Drives Compliant with Opal SSC

TCG. TCG Certification Program. TNC Certification Program Suite. Document Version 1.1 Revision 1 26 September 2011

TCG Specification TCG. TPM 2.0 Mobile Command Response Buffer Interface. TCG Published. Family 2.0. Level 00 Revision 12.

TCG Physical Security Interoperability Alliance IP Video Use Case 002 (PSI-UC-IPV002) Specification Version 1.0 Revision 0.2

TCG Compliance TNC IF-MAP Metadata for Network Security Compliance Test Plan

R E F E R E N C E TCG. Trusted Multi-Tenant Infrastructure Work Group. Use Cases. Version 1.1. November 15, 2013

SDLC INTELLECTUAL PROPERTY POLICY

Assignments for Trusted Computing Group

ATA Command Pass-Through

26 April r0 SAT-2 WRITE LONG to WRITE UNCORRECTABLE EXT

IETF TRUST. Legal Provisions Relating to IETF Documents. Approved November 6, Effective Date: November 10, 2008

SATA-IO Commands for ATA-8

Revision history Related documents Overview Suggested changes to SAT Approved references

IETF TRUST. Legal Provisions Relating to IETF Documents. February 12, Effective Date: February 15, 2009

3 2 Parameters and states for managing asymmetrical access to SCSI logical units

INTERNATIONAL STANDARD

SCSI Security Nuts and Bolts. Ralph Weber, ENDL Texas

ATA Command Pass-Through

TCG. TCG Storage Core Spec Addendum: Secure Messaging. Specification Version 1.00 Revision August 5, 2015

Suggested Changes. Add to Clause 8 8.AA SECURITY PROTOCOL IN command 8.BB SECURITY PROTOCOL OUT command. Jim Hatfield (Seagate) Page 1 of 5

TCG Storage Work Group. Storage Certification Program. Program Version 1.0 Document Revision 1.22 March 16, Contact: Doug Gemmill, TCG CPM T C G

TCG Physical Presence Interface Specification

TCG Storage Security Subsystem Class: Pyrite. Specification Version 1.00 Revision August 5, Contact:

QPP Proprietary Profile Guide

17 March r1 SAM-4 SAS-2 QUERY UNIT ATTENTION task management function

OpenFlow Switch Errata

Revisions. Introduction. Proposal

ATA Command Pass-Through

INCLUDING MEDICAL ADVICE DISCLAIMER

INTERNATIONAL STANDARD

Revision History Revision 0 (09 December 2007) first revision

AN NTAG I²C plus memory configuration options. Application note COMPANY PUBLIC. Rev June Document information

Packet Trace Guide. Packet Trace Guide. Technical Note

Revisions. Introduction. Proposal

Epic. Epic Systems. Deployment Guide

NTLM NTLM. Feature Description

OpenFlow Controller/Switch NDM Synchronization v1.0

04-372r0 SAM-4 SPC-3 SAS-1.1 I_T NEXUS LOSS task management function 5 November 2004

Enhanced Serial Peripheral Interface (espi) ECN

MERIDIANSOUNDINGBOARD.COM TERMS AND CONDITIONS

RSA Two Factor Authentication

Splunk. Splunk. Deployment Guide

04-372r1 SAM-4 SPC-4 SAS-1.1 I_T NEXUS RESET task management function 13 November 2004

Adobe Connect. Adobe Connect. Deployment Guide

TERMS & CONDITIONS. Complied with GDPR rules and regulation CONDITIONS OF USE PROPRIETARY RIGHTS AND ACCEPTABLE USE OF CONTENT

TrustedFlash Security System Mapping for ATA-ACS8

Device Pack. Network Video Management System Standard Edition. Release Note. Software Version: 9.5a Sony Corporation

End User License Agreement

ACS Proposal Template

2 September r0 SAT-2 ATA PASS-THROUGH sense data format

Tisio CE Release Notes

One Identity Manager Administration Guide for Connecting to SharePoint

Enhanced Serial Peripheral Interface (espi)

VMware vcenter Log Insight Manager. Deployment Guide

JD Edwards EnterpriseOne 8.12 Standalone Client Installation Guide. for the Oracle Application Server

February T11 Network Address Authority (NAA) Naming Format for iscsi Node Names

One Identity Active Roles 7.2. Management Pack Technical Description

Intel Cluster Ready Allowed Hardware Variances

T10/01-134r Page 1 of 13

Terminal I/O Profile Client Implementation Guide

TCG Storage Security Subsystem Class: Opal. Specification Version 2.01 Revision August 5, Contact:

TSS TAB and Resource Manager Specification. Contact: Please provide public review comments by Thursday, March 5, 2015

Quest Enterprise Reporter 2.0 Report Manager USER GUIDE

Migration Tool. Migration Tool (Beta) Technical Note

Open-E Data Storage Server. Intel Modular Server

TCG Storage Workgroup Security Subsystem Class: Optical. Contacts:

Device Pack. Network Video Management System Standard Edition. Release Note. Software Version: Sony Corporation

6 June r0 SAM-4 SCSI Initiator Port and Target Port capabilities attributes

One Identity Manager 8.0. Administration Guide for Connecting to a Universal Cloud Interface

06-378r0: SAT - Miscellaneous changes 18 August 2006

Macrotron Systems, Inc. Flash Media Products. Part Number Family: 2.5 PATA (IDE) SSD (High Performance Series) PA25SMXXXXXMXXMX

Ecma International Policy on Submission, Inclusion and Licensing of Software

SharePoint Farm Reporter Installation Guide

AN S1401 Using BlueMod+S as Beacon

Ecma International Policy on Submission, Inclusion and Licensing of Software

ESS Utility Android App User Guide

Document T10/ rev. 1

Architecture Specification

Optimus.2 Ascend. Rev A August, 2014 RELEASE NOTES.

Small Logger File System

ENDL TEXAS. T10/03-005r0

RapidIO TM Interconnect Specification Part 7: System and Device Inter-operability Specification

Hypervisor Storage Interfaces for Storage Optimization White Paper June 2010

Stellar Phoenix Password Recovery For Windows Server. Version 2.0. User Guide

Getting Started with MTConnect: Architecture

MyCreditChain Terms of Use

Intel Storage System JBOD 2000S3 Product Family

Hyper-V - Windows 2012 and 8. Virtual LoadMaster for Microsoft Hyper-V on Windows Server 2012, 2012 R2 and Windows 8. Installation Guide

SAM4 Reset Controller (RSTC)

AT11512: SAM L Brown Out Detector (BOD) Driver. Introduction. SMART ARM-based Microcontrollers APPLICATION NOTE

Transcription:

TCG Storage Interface Interactions Specification January 27, 2009 Contacts: storagewg@trustedcomputinggroup.org Copyright TCG 2009 TCG

Copyright 2009 Trusted Computing Group, Incorporated. Disclaimer, Notices and License Terms THIS SPECIFICATION IS PROVIDED "AS IS" WITH NO WARRANTIES WHATSOEVER, INCLUDING ANY WARRANTY OF MERCHANTABILITY, NONINFRINGEMENT, FITNESS FOR ANY PARTICULAR PURPOSE, OR ANY WARRANTY OTHERWISE ARISING OUT OF ANY PROPOSAL, SPECIFICATION OR SAMPLE. Without limitation, TCG disclaims all liability, including liability for infringement of any proprietary rights, relating to use of information in this specification and to the implementation of this specification, and TCG disclaims all liability for cost of procurement of substitute goods or services, lost profits, loss of use, loss of data or any incidental, consequential, direct, indirect, or special damages, whether under contract, tort, warranty or otherwise, arising in any way out of use or reliance upon this specification or any information herein. This document is copyrighted by Trusted Computing Group (TCG), and no license, express or implied, is granted herein other than as follows: You may not copy or reproduce the document or distribute it to others without written permission from TCG, except that you may freely do so for the purposes of (a) examining or implementing TCG specifications or (b) developing, testing, or promoting information technology standards and best practices, so long as you distribute the document with these disclaimers, notices, and license terms. Contact the Trusted Computing Group at www.trustedcomputinggroup.org for information on specification licensing through membership agreements. Any marks and brands contained herein are the property of their respective owners. Revision 1.0 Page ii of 15

Table of Contents 1 Introduction... 4 1.1 Document Purpose... 4 1.2 Scope... 4 1.3 Intended Audience... 4 1.4 References to Other Documents... 4 1.5 Definition of Terms... 5 2 Overview... 5 3 SCSI Interface... 6 3.1 Mapping of Resets... 6 3.2 Mapping of IF-SEND and IF-RECV... 8 3.2.1 IF_SEND... 8 3.2.2 IF_RECV... 8 3.3 Handling Common TPer Errors... 9 Invalid Security Protocol ID parameter... 9 3.4 Discovery of Security Capabilities... 10 3.4.1 Security Protocol 0x00... 10 3.5 Miscellaneous Issues... 10 3.5.1 Queued Commands... 10 3.5.2 MBR Interactions... 11 3.5.3 LUN usage... 11 4 ATA Interface... 12 4.1 Mapping of Resets... 12 4.2 Mapping of IF-SEND and IF-RECV... 13 4.2.1 IF_SEND... 13 4.2.2 IF_RECV... 13 4.3 Handling Common TPer Errors... 14 Invalid Security Protocol ID parameter... 14 Invalid Transfer Length parameter on IF-SEND... 14 4.4 Discovery of Security Capabilities... 14 4.4.1 IDENTIFY DEVICE... 14 4.4.2 Security Protocol 0x00... 14 4.5 Miscellaneous Issues... 15 4.5.1 Feature set interactions... 15 Revision 1.0 Page iii of 15

1 Introduction 1.1 Document Purpose The TCG Storage specifications are intended to provide a comprehensive command architecture for putting storage devices under policy control as determined by the trusted platform host, the capabilities of the storage device to conform with the policies of the trusted platform, and the lifecycle state of the storage device as a trusted peripheral (TPer). This document MAY also serve as a specification for TPers if that is deemed appropriate. This document provides the essential mapping between concepts and features of the TCG Storage Architecture Core Specification, and several host/device interfaces. 1.2 Scope The scope of this document is the interaction between the TPer and interface commands and transports. The command interfaces described are ATA and SCSI. SCSI transports described are SAS, FC, and ATAPI. This document is written from the perspective of the storage device, not the host. 1.3 Intended Audience The intended audience for this document is storage device and peripheral device manufacturers and developers that MAY wish to tie storage devices and peripherals into trusted platforms. 1.4 References to Other Documents [1]. IETF RFC 2119, 1997, Key words for use in RFCs to Indicate Requirement Levels [2]. [INCITS T10/1683-D], "Information technology - SCSI Architecture Model - 4 (SAM-4)" [3]. [INCITS T10/1731-D], "Information technology - SCSI Primary Commands - 4 (SPC-4)" [4]. [INCITS T10/1799-D], "Information technology - SCSI Block Commands - 3 (SBC-3)" [5]. [INCITS T13/1700-D], "Information technology - AT Attachment 8 ATA/ATAPI Architecture Model (ATA8-AAM)" [6]. [ANSI INCITS 452-2008], "Information technology AT Attachment 8 - ATA/ATAPI Command Set (ATA8-ACS)" [7]. INCITS T13 proposal E07123R4 ACS-2: REQUEST SENSE for ATA" [8]. INCITS T13 proposal E07172R6 ACS-2 Issues List" (item #18) [9]. [INCITS T10/1828-D], "Information technology - Fibre Channel Protocol for SCSI, Fourth Version (FCP-4)" [10]. [ANSI INCITS 417-2006], "Information technology - Serial Attached SCSI - 1.1 (SAS-1.1) Revision 1.0 Page 4 of 15

1.5 Definition of Terms Term IF-RECV IF-SEND Locking SP SSC TCG Reset TPer Trusted Peripheral Definition An interface command used to retrieve security protocol data from the TPer. An interface command used to transmit security protocol data to the TPer. A security provider that incorporates the Locking Template as described in the Core Spec. Security Subsystem Class. SSC specifications describe profiled sets of TCG functionality A high-level reset type defined in the Core Spec. The TCG security subsystem within a storage device. A TPer. 2 Overview This document defines for each interface: Mapping of interface events to TCG resets Mapping of IF-SEND, IF-RECV Handling of common TPer errors Discovery of security capabilities Miscellaneous issues Revision 1.0 Page 5 of 15

3 SCSI Interface See [2], [3], [4], [9] and [10] for details on SCSI architecture, commands and transports. See [6] for details on ATAPI commands. 3.1 Mapping of Resets Table 1 - SAS Resets Mapped to TCG reset_type Maps to TCG SAS Event reset_type Power on reset Power cycle I-T Nexus Loss (none) Task Management-Abort Task (none) Task Management-Abort Task Set (none) Task Management-Clear Task Set (none) Task Management-Clear ACA (none) Task Management-I-T Nexus reset (none) Task Management-LUN Reset Hardware Reset Link Reset Sequence (none) Link reset sequence with hard reset Hardware Reset Table 2 - Fibre Channel Resets Mapped to TCG reset_type Maps to TCG FC Event reset_type Other Comments Power on reset Power cycle I-T Nexus Loss (none) Task Management-Abort Task (none) Task Management-Abort Task Set (none) Task Management-Clear Task Set (none) Task Management-Clear ACA (none) Task Management-I-T Nexus reset (none) Task Management-LUN Reset Hardware Reset Task Management-Target reset Hardware Reset LIP(AL_PD,AL_PS) Hardware Reset LIP directed reset LIP(FF,AL_PS) Hardware Reset LIP Global reset Port Login (none) Process Login (none) Revision 1.0 Page 6 of 15

Table 3 - ATAPI Resets Mapped to TCG reset_type ATAPI Event Maps to TCG reset_type Power on reset Power cycle Hardware reset PATA: Hardware Reset SATA: If Software Settings Preservation is enabled, then COMRESET is not a TCG Hardware Reset. If Software Settings Preservation is disabled, then COMRESET is a TCG Hardware Reset. Software reset DEVICE RESET command (none) (none) Revision 1.0 Page 7 of 15

3.2 Mapping of IF-SEND and IF-RECV 3.2.1 IF_SEND IF_SEND SHALL be implemented with the SECURITY PROTOCOL OUT [3] command, with additional requirements on the CDB as specified in Table 4. Table 4 - IF-SEND CDB field contents (SCSI) SECURITY PROTOCOL SECURITY PROTOCOL SPECIFIC INC_512 0x01 a ComID 1 0x02 a ComID 1 0x06 a ComID 0 TRANSFER LENGTH Non-zero number of 512-byte data units. Non-zero number of 512-byte data units. Non-zero number of bytes of data. 3.2.2 IF_RECV IF_RECV SHALL be implemented with the SECURITY PROTOCOL IN [3] command, with additional requirements on the CDB as described in Table 5. Table 5 - IF-RECV CDB field contents (SCSI) SECURITY PROTOCOL SECURITY PROTOCOL SPECIFIC INC_512 ALLOCATION LENGTH 0x00 (See SPC-4 for details) 0 or 1 0x01 a ComID 1 0x02 a ComID 1 0x06 a ComID 0 INC_512=0: Non-zero number of bytes of data. INC_512=1: Non-zero number of 512-byte data units. Non-zero number of 512-byte data units. Non-zero number of 512-byte data units. Non-zero number of bytes of data. Revision 1.0 Page 8 of 15

3.3 Handling Common TPer Errors There are some common errors detected by the TPer. This section describes how they are reported via the SCSI interface. Table 6 - TPer Errors (SCSI) TPer Error ID Status Sense Key ASC/ASCQ Comments Invalid Security Protocol ID parameter Invalid Transfer Length parameter on IF-SEND Other Invalid Command Parameter CHECK CONDITION CHECK CONDITION CHECK CONDITION ILLEGAL REQUEST ILLEGAL REQUEST ILLEGAL REQUEST INVALID FIELD IN CDB INVALID FIELD IN CDB INVALID FIELD IN CDB No data shall be transferred No data shall be No data shall be Synchronous Protocol Violation CHECK CONDITION ILLEGAL REQUEST COMMAND SEQUENCE ERROR No data shall be Data Protection Error CHECK CONDITION DATA PROTECT ACCESS DENIED NO ACCESS RIGHTS No data shall be Revision 1.0 Page 9 of 15

3.4 Discovery of Security Capabilities 3.4.1 Security Protocol 0x00 See the description of SECURITY PROTOCOL IN [3] for information on Security Protocol 0x00. 3.5 Miscellaneous Issues 3.5.1 Queued Commands The TPer requires that for a given ComID the order of the IF-SEND and IF-RECV command completion be the same as the order that the host application sent the commands. Some transport protocols MAY NOT guarantee ordering of delivery or ordering of IF-SEND and IF-RECV command completion. Therefore, the host application communicating with the TPer should ensure that a prior IF-SEND or IF-RECV has completed prior to issuing another, or use mechanisms in the interface protocol to ensure ordering (e.g. ORDERED Task Attribute for SCSI Transport protocols). NOTE: The following definition of synchronous behavior does not affect the queuing behavior (if any) of the device interface. On queuing devices, synchronicity is enforced at the time IF- SEND/RECV commands are dequeued for processing by the drive. For non-queuing devices, synchronicity is enforced at the time the IF-SEND/RECV is initially received by the device. If queuing behavior is supported, the host should use Ordered Queuing for IF-SEND/RECV commands or indeterminate behavior may result. It is assumed that the drive can only process one IF-SEND/RECV interface command at a time. Revision 1.0 Page 10 of 15

3.5.2 MBR Interactions The LUN associated with the MBR is the boot LUN. 3.5.3 LUN usage A target that has multiple LUNs MAY have multiple TPers. Each TPer SHALL be associated with a different LUN. Every LUN on a device is not required to have a TPer, but LUNs that support the TCG Core specification commands and functionality SHALL have a TPer. A TPer SHALL only be associated with exactly one LUN. A LUN MAY have no TPer. Figure 1 - SCSI target: port, LUN and TPer relationships port A port B LUN 0 LUN 1 LUN N TPer TPer Revision 1.0 Page 11 of 15

4 ATA Interface See [5] and [6] for details on ATA architecture, commands and transports. See [7] and [8] for details on the optional Enhanced Status Reporting feature set. This has been accepted by T13 for inclusion in a new draft standard (ACS-2). 4.1 Mapping of Resets Table 7 - ATA Resets Mapped to TCG reset_type ATA Event Maps to TCG reset_type Power on reset Power Cycle Software reset (none) Hardware reset PATA: Hardware Reset SATA: If Software Settings Preservation is enabled, then COMRESET is not a TCG Hardware Reset. If Software Settings Preservation is disabled, then COMRESET is a TCG Hardware Reset. Revision 1.0 Page 12 of 15

4.2 Mapping of IF-SEND and IF-RECV 4.2.1 IF_SEND IF_SEND SHALL be implemented with either the TRUSTED SEND or TRUSTED SEND DMA commands, with additional requirements on the inputs as described in Table 8: Table 8 - IF-SEND command parameters (ATA) Security Protocol SP_Specific Transfer Length 0x01 a ComID Non-zero number of 512-byte data units. 0x02 a ComID Non-zero number of 512-byte data units. 0x06 N/A Protocol 0x06 is defined for SCSI only. 4.2.2 IF_RECV IF_RECV SHALL be implemented with either the TRUSTED RECEIVE or TRUSTED RECEIVE DMA commands, with additional requirements on the inputs as described in Table 9: Table 9 - IF-RECV command parameters (ATA) Security Protocol SP_Specific Transfer Length 0x00 (See [6]) Non-zero number of 512-byte data units. 0x01 a ComID Non-zero number of 512-byte data units. 0x02 a ComID Non-zero number of 512-byte data units. 0x06 N/A Protocol 0x06 is defined for SCSI only. Revision 1.0 Page 13 of 15

4.3 Handling Common TPer Errors There are some common errors detected by the TPer. This section describes how they are reported via the ATA interface. See [7] and [8] for information about the Enhanced Status Reporting (ESR) feature set. The error reporting method is different when ESR is supported and enabled than otherwise. Table 10 - TPer Errors (ATA) Enhanced Status Reporting is Enabled TPer Error ID Invalid Security Protocol ID parameter Invalid Transfer Length parameter on IF-SEND Other Invalid Command Parameter Synchronous Protocol Violation Data Protection Error ESR Supported and Enabled ATA Status Field ATA Error Field Sense Key ASC/ASCQ Comments No 0x51 0x04 N/A N/A No data shall be Yes 0x51 0x7F ILLEGAL INVALID FIELD transferred REQUEST IN CDB No 0x51 0x04 N/A N/A No data shall be Yes 0x51 0x7F ILLEGAL INVALID FIELD REQUEST IN CDB No 0x51 0x04 N/A N/A No data shall be Yes 0x51 0x7F ILLEGAL INVALID FIELD REQUEST IN CDB No 0x51 0x04 N/A N/A No data shall be Yes 0x51 0x7F ILLEGAL REQUEST COMMAND SEQUENCE ERROR No 0x51 0x04 N/A N/A No data shall be Yes 0x51 0x7F DATA PROTECT ACCESS DENIED NO ACCESS RIGHTS 4.4 Discovery of Security Capabilities 4.4.1 IDENTIFY DEVICE The IDENTIFY DEVICE command (see [6]) indicates whether the device has support for the ATA Security feature set or the Trusted Computing feature set. See IDENTIFY DEVICE data words 48, 82, and 128 for further information. 4.4.2 Security Protocol 0x00 The TRUSTED RECEIVE command (see [6]) describes Security Protocol 0x00. Revision 1.0 Page 14 of 15

4.5 Miscellaneous Issues 4.5.1 Feature set interactions 4.5.1.1 Trusted Computing feature set The Trusted Computing feature set SHALL be supported by the device. 4.5.1.2 Extended Status Reporting feature The ACS-2 Extended Status Reporting feature SHOULD be supported by the device. It is automatically disabled by a power on reset. If it is supported, it MAY be enabled via the SET FEATURES command after every power on reset 4.5.1.3 Locking SP Life Cycle interactions with the ATA Security feature set The storage device MAY support the ATA Security feature set when the Locking SP is in the Nonexistent state (for TPers that support issuance of the Locking SP) or the Manufactured-Inactive state (for TPers that contain a manufactured Locking SP). In all other life cycle states for the Locking SP, the storage device SHALL report that the ATA Security feature set is not supported (IDENTIFY DEVICE, word 82, bit 1 = 0). When ATA Security is Enabled (a User Password is set), the TPer SHALL prohibit issuance of the Locking SP, and SHALL prohibit a manufactured Locking SP from transitioning out of the Manufactured-Inactive state. Revision 1.0 Page 15 of 15

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback