Documentation: syfs-class-firmware-attributes: Lenovo Opcode support

Newer Lenovo BIOS's have an opcode GUID support interface which provides - improved password setting control - ability to set System, hard drive and NVMe passwords Add the support for these new passwords, and the ability to select user/master mode and the drive index. Signed-off-by: Mark Pearson <markpearson@lenovo.com> Link: https://lore.kernel.org/r/20211117184453.2476-1-markpearson@lenovo.comReviewed-by: Hans de Goede <hdegoede@redhat.com> Signed-off-by: Hans de Goede <hdegoede@redhat.com>

Documentation: syfs-class-firmware-attributes: Lenovo Opcode support
Newer Lenovo BIOS's have an opcode GUID support interface which provides - improved password setting control - ability to set System, hard drive and NVMe passwords Add the support for these new passwords, and the ability to select user/master mode and the drive index. Signed-off-by: Mark Pearson <markpearson@lenovo.com> Link: https://lore.kernel.org/r/20211117184453.2476-1-markpearson@lenovo.comReviewed-by: Hans de Goede <hdegoede@redhat.com> Signed-off-by: Hans de Goede <hdegoede@redhat.com>
adca4b68 · Mark Pearson · Hans de Goede · b3c3d588 · adca4b68
Commit adca4b68 authored Nov 17, 2021 by Mark Pearson Committed by Hans de Goede Nov 18, 2021
Hide whitespace changes
Inline Side-by-side

Showing with 32 additions and 0 deletions

Documentation/ABI/testing/sysfs-class-firmware-attributes Documentation/ABI/testing/sysfs-class-firmware-attributes +32 -0

No files found.
--- a/Documentation/ABI/testing/sysfs-class-firmware-attributes
+++ b/Documentation/ABI/testing/sysfs-class-firmware-attributes
@@ -161,6 +161,15 @@ Description:
 						power-on:
 							Representing a password required to use
 							the system
+						system-mgmt:
+							Representing System Management password.
+							See Lenovo extensions section for details
+						HDD:
+							Representing HDD password
+							See Lenovo extensions section for details
+						NVMe:
+							Representing NVMe password
+							See Lenovo extensions section for details

 		mechanism:
 					The means of authentication.  This attribute is mandatory.
@@ -207,6 +216,13 @@ Description:

 		On Lenovo systems the following additional settings are available:

+		role: system-mgmt	This gives the same authority as the bios-admin password to control
+					security related features. The authorities allocated can be set via
+					the BIOS menu SMP Access Control Policy
+
+		role: HDD & NVMe	This password is used to unlock access to the drive at boot. Note see
+					'level' and 'index' extensions below.
+
 		lenovo_encoding:
 					The encoding method that is used. This can be either "ascii"
 					or "scancode". Default is set to "ascii"
@@ -216,6 +232,22 @@ Description:
 					two char code (e.g. "us", "fr", "gr") and may vary per platform.
 					Default is set to "us"

+		level:
+					Available for HDD and NVMe authentication to set 'user' or 'master'
+					privilege level.
+					If only the user password is configured then this should be used to
+					unlock the drive at boot. If both master and user passwords are set
+					then either can be used. If a master password is set a user password
+					is required.
+					This attribute defaults to 'user' level
+
+		index:
+					Used with HDD and NVME authentication to set the drive index
+					that is being referenced (e.g hdd0, hdd1 etc)
+					This attribute defaults to device 0.
+
+
+
 What:		/sys/class/firmware-attributes/*/attributes/pending_reboot
 Date:		February 2021
 KernelVersion:	5.11