]> git.proxmox.com Git - mirror_edk2.git/blame - NetworkPkg/IpSecDxe/IpSecDriver.c
projects / mirror_edk2.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
NetworkPkg: Replace BSD License with BSD+Patent License
[mirror_edk2.git] / NetworkPkg / IpSecDxe / IpSecDriver.c
CommitLineData
a3bcde70
HT		 1/** @file\r
2 Driver Binding Protocol for IPsec Driver.\r
3\r
f75a7f56 4 Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>\r
a3bcde70 5\r
ecf98fbc 6 SPDX-License-Identifier: BSD-2-Clause-Patent\r
a3bcde70
HT		 7\r
8**/\r
9\r
9166f840 10#include <Library/BaseCryptLib.h>\r
11\r
a3bcde70 12#include "IpSecConfigImpl.h"\r
9166f840 13#include "IkeService.h"\r
a3bcde70
HT		 14#include "IpSecDebug.h"\r
15\r
16/**\r
6879581d 17 Test to see if this driver supports ControllerHandle. This is the worker function\r
18 for IpSec4(6)DriverbindingSupported.\r
a3bcde70
HT		 19\r
20 @param[in] This Protocol instance pointer.\r
21 @param[in] ControllerHandle Handle of device to test.\r
22 @param[in] RemainingDevicePath Optional parameter used to pick a specific child\r
23 device to start.\r
6879581d 24 @param[in] IpVersion IP_VERSION_4 or IP_VERSION_6.\r
f75a7f56 25\r
a3bcde70
HT		 26 @retval EFI_SUCCES This driver supports this device.\r
27 @retval EFI_ALREADY_STARTED This driver is already running on this device.\r
28 @retval other This driver does not support this device.\r
29\r
30**/\r
31EFI_STATUS\r
32EFIAPI\r
6879581d 33IpSecSupported (\r
a3bcde70
HT		 34 IN EFI_DRIVER_BINDING_PROTOCOL *This,\r
35 IN EFI_HANDLE ControllerHandle,\r
6879581d 36 IN EFI_DEVICE_PATH_PROTOCOL *RemainingDevicePath OPTIONAL,\r
37 IN UINT8 IpVersion\r
a3bcde70
HT		 38 )\r
39{\r
6879581d 40 EFI_STATUS Status;\r
41 EFI_GUID *UdpServiceBindingGuid;\r
f75a7f56 42\r
6879581d 43 if (IpVersion == IP_VERSION_4) {\r
44 UdpServiceBindingGuid = &gEfiUdp4ServiceBindingProtocolGuid;\r
45 } else {\r
46 UdpServiceBindingGuid = &gEfiUdp6ServiceBindingProtocolGuid;\r
9166f840 47 }\r
48\r
6879581d 49 Status = gBS->OpenProtocol (\r
50 ControllerHandle,\r
51 UdpServiceBindingGuid,\r
52 NULL,\r
53 This->DriverBindingHandle,\r
54 ControllerHandle,\r
55 EFI_OPEN_PROTOCOL_TEST_PROTOCOL\r
56 );\r
57 if (EFI_ERROR (Status)) {\r
58 return EFI_UNSUPPORTED;\r
59 }\r
60 return EFI_SUCCESS;\r
a3bcde70
HT		 61}\r
62\r
63/**\r
6879581d 64 Start this driver on ControllerHandle. This is the worker function\r
65 for IpSec4(6)DriverbindingStart.\r
a3bcde70
HT		 66\r
67 @param[in] This Protocol instance pointer.\r
68 @param[in] ControllerHandle Handle of device to bind driver to.\r
69 @param[in] RemainingDevicePath Optional parameter used to pick a specific child\r
70 device to start.\r
6879581d 71 @param[in] IpVersion IP_VERSION_4 or IP_VERSION_6.\r
a3bcde70
HT		 72\r
73 @retval EFI_SUCCES This driver is added to ControllerHandle\r
74 @retval EFI_ALREADY_STARTED This driver is already running on ControllerHandle\r
6cf9230f 75 @retval EFI_DEVICE_ERROR The device could not be started due to a device error.\r
a3bcde70
HT		 76 Currently not implemented.\r
77 @retval other This driver does not support this device\r
78\r
79**/\r
80EFI_STATUS\r
81EFIAPI\r
6879581d 82IpSecStart (\r
a3bcde70
HT		 83 IN EFI_DRIVER_BINDING_PROTOCOL *This,\r
84 IN EFI_HANDLE ControllerHandle,\r
6879581d 85 IN EFI_DEVICE_PATH_PROTOCOL *RemainingDevicePath OPTIONAL,\r
86 IN UINT8 IpVersion\r
a3bcde70
HT		 87 )\r
88{\r
0a7294f7 89 EFI_IPSEC2_PROTOCOL *IpSec;\r
9166f840 90 EFI_STATUS Status;\r
9166f840 91 IPSEC_PRIVATE_DATA *Private;\r
92\r
a3bcde70 93 //\r
9166f840 94 // Ipsec protocol should be installed when load image.\r
a3bcde70 95 //\r
0a7294f7 96 Status = gBS->LocateProtocol (&gEfiIpSec2ProtocolGuid, NULL, (VOID **) &IpSec);\r
9166f840 97\r
98 if (EFI_ERROR (Status)) {\r
99 return Status;\r
100 }\r
101\r
102 Private = IPSEC_PRIVATE_DATA_FROM_IPSEC (IpSec);\r
103\r
6879581d 104 if (IpVersion == IP_VERSION_4) {\r
105 //\r
106 // Try to open a udp4 io for input.\r
107 //\r
108 Status = gBS->OpenProtocol (\r
109 ControllerHandle,\r
110 &gEfiUdp4ServiceBindingProtocolGuid,\r
111 NULL,\r
112 This->DriverBindingHandle,\r
113 ControllerHandle,\r
114 EFI_OPEN_PROTOCOL_TEST_PROTOCOL\r
115 );\r
116\r
117 if (!EFI_ERROR (Status)) {\r
118 Status = IkeOpenInputUdp4 (Private, ControllerHandle, This->DriverBindingHandle);\r
119 }\r
120 } else {\r
121 //\r
122 // Try to open a udp6 io for input.\r
123 //\r
124 Status = gBS->OpenProtocol (\r
125 ControllerHandle,\r
126 &gEfiUdp6ServiceBindingProtocolGuid,\r
127 NULL,\r
128 This->DriverBindingHandle,\r
129 ControllerHandle,\r
130 EFI_OPEN_PROTOCOL_TEST_PROTOCOL\r
131 );\r
132\r
133 if (!EFI_ERROR (Status)) {\r
134 Status = IkeOpenInputUdp6 (Private, ControllerHandle, This->DriverBindingHandle);\r
135 }\r
9166f840 136 }\r
137\r
6879581d 138 if (EFI_ERROR (Status)) {\r
139 return EFI_DEVICE_ERROR;\r
9166f840 140 }\r
6879581d 141 return EFI_SUCCESS;\r
a3bcde70
HT		 142}\r
143\r
144/**\r
6879581d 145 Stop this driver on ControllerHandle. This is the worker function\r
146 for IpSec4(6)DriverbindingStop.\r
a3bcde70
HT		 147\r
148 @param[in] This Protocol instance pointer.\r
149 @param[in] ControllerHandle Handle of a device to stop the driver on.\r
150 @param[in] NumberOfChildren Number of Handles in ChildHandleBuffer. If the number of\r
151 children is zero, stop the entire bus driver.\r
152 @param[in] ChildHandleBuffer List of Child Handles to Stop.\r
6879581d 153 @param[in] IpVersion IP_VERSION_4 or IP_VERSION_6.\r
a3bcde70
HT		 154\r
155 @retval EFI_SUCCES This driver removed ControllerHandle.\r
156 @retval other This driver was not removed from this device.\r
157\r
158**/\r
159EFI_STATUS\r
160EFIAPI\r
6879581d 161IpSecStop (\r
a3bcde70
HT		 162 IN EFI_DRIVER_BINDING_PROTOCOL *This,\r
163 IN EFI_HANDLE ControllerHandle,\r
164 IN UINTN NumberOfChildren,\r
6879581d 165 IN EFI_HANDLE *ChildHandleBuffer,\r
166 IN UINT8 IpVersion\r
a3bcde70
HT		 167 )\r
168{\r
0a7294f7 169 EFI_IPSEC2_PROTOCOL *IpSec;\r
9166f840 170 EFI_STATUS Status;\r
171 IPSEC_PRIVATE_DATA *Private;\r
172 IKE_UDP_SERVICE *UdpSrv;\r
173 LIST_ENTRY *Entry;\r
174 LIST_ENTRY *Next;\r
5dd08a46 175 IKEV2_SA_SESSION *Ikev2SaSession;\r
9166f840 176\r
a3bcde70 177 //\r
9166f840 178 // Locate ipsec protocol to get private data.\r
a3bcde70 179 //\r
0a7294f7 180 Status = gBS->LocateProtocol (&gEfiIpSec2ProtocolGuid, NULL, (VOID **) &IpSec);\r
9166f840 181\r
182 if (EFI_ERROR (Status)) {\r
183 return Status;\r
184 }\r
185\r
186 Private = IPSEC_PRIVATE_DATA_FROM_IPSEC (IpSec);\r
187\r
6cf9230f 188 //\r
6879581d 189 // The SAs are shared by both IP4 and IP6 stack. So we skip the cleanup\r
190 // and leave the SAs unchanged if the other IP stack is still running.\r
9166f840 191 //\r
6879581d 192 if ((IpVersion == IP_VERSION_4 && Private->Udp6Num ==0) ||\r
193 (IpVersion == IP_VERSION_6 && Private->Udp4Num ==0)) {\r
5dd08a46
JW		 194 //\r
195 // If IKEv2 SAs are under establishing, delete it directly.\r
196 //\r
197 if (!IsListEmpty (&Private->Ikev2SessionList)) {\r
198 NET_LIST_FOR_EACH_SAFE (Entry, Next, &Private->Ikev2SessionList) {\r
199 Ikev2SaSession = IKEV2_SA_SESSION_BY_SESSION (Entry);\r
200 RemoveEntryList (&Ikev2SaSession->BySessionTable);\r
201 Ikev2SaSessionFree (Ikev2SaSession);\r
202 }\r
203 }\r
204\r
205 //\r
206 // Delete established IKEv2 SAs.\r
207 //\r
208 if (!IsListEmpty (&Private->Ikev2EstablishedList)) {\r
209 NET_LIST_FOR_EACH_SAFE (Entry, Next, &Private->Ikev2EstablishedList) {\r
f75a7f56 210 Ikev2SaSession = IKEV2_SA_SESSION_BY_SESSION (Entry);\r
5dd08a46
JW		 211 RemoveEntryList (&Ikev2SaSession->BySessionTable);\r
212 Ikev2SaSessionFree (Ikev2SaSession);\r
213 }\r
214 }\r
6879581d 215 }\r
9166f840 216\r
6879581d 217 if (IpVersion == IP_VERSION_4) {\r
9166f840 218 //\r
6879581d 219 // If has udp4 io opened on the controller, close and free it.\r
9166f840 220 //\r
6879581d 221 NET_LIST_FOR_EACH_SAFE (Entry, Next, &Private->Udp4List) {\r
222\r
223 UdpSrv = IPSEC_UDP_SERVICE_FROM_LIST (Entry);\r
224 //\r
225 // Find the right udp service which installed on the appointed nic handle.\r
226 //\r
227 if (UdpSrv->Input != NULL && ControllerHandle == UdpSrv->Input->UdpHandle) {\r
228 UdpIoFreeIo (UdpSrv->Input);\r
229 UdpSrv->Input = NULL;\r
230 }\r
231\r
232 if (UdpSrv->Output != NULL && ControllerHandle == UdpSrv->Output->UdpHandle) {\r
233 UdpIoFreeIo (UdpSrv->Output);\r
234 UdpSrv->Output = NULL;\r
235 }\r
236\r
237 if (UdpSrv->Input == NULL && UdpSrv->Output == NULL) {\r
238 RemoveEntryList (&UdpSrv->List);\r
239 FreePool (UdpSrv);\r
240 ASSERT (Private->Udp4Num > 0);\r
241 Private->Udp4Num--;\r
242 }\r
9166f840 243 }\r
6879581d 244 } else {\r
9166f840 245 //\r
6879581d 246 // If has udp6 io opened on the controller, close and free it.\r
9166f840 247 //\r
6879581d 248 NET_LIST_FOR_EACH_SAFE (Entry, Next, &Private->Udp6List) {\r
249\r
250 UdpSrv = IPSEC_UDP_SERVICE_FROM_LIST (Entry);\r
251 //\r
252 // Find the right udp service which installed on the appointed nic handle.\r
253 //\r
254 if (UdpSrv->Input != NULL && ControllerHandle == UdpSrv->Input->UdpHandle) {\r
255 UdpIoFreeIo (UdpSrv->Input);\r
256 UdpSrv->Input = NULL;\r
257 }\r
258\r
259 if (UdpSrv->Output != NULL && ControllerHandle == UdpSrv->Output->UdpHandle) {\r
260 UdpIoFreeIo (UdpSrv->Output);\r
261 UdpSrv->Output = NULL;\r
262 }\r
263\r
264 if (UdpSrv->Input == NULL && UdpSrv->Output == NULL) {\r
265 RemoveEntryList (&UdpSrv->List);\r
266 FreePool (UdpSrv);\r
267 ASSERT (Private->Udp6Num > 0);\r
268 Private->Udp6Num--;\r
269 }\r
9166f840 270 }\r
271 }\r
272\r
273 return EFI_SUCCESS;\r
a3bcde70
HT		 274}\r
275\r
6879581d 276/**\r
277 Test to see if this driver supports ControllerHandle.\r
278\r
279 @param[in] This Protocol instance pointer.\r
280 @param[in] ControllerHandle Handle of device to test.\r
281 @param[in] RemainingDevicePath Optional parameter used to pick a specific child\r
282 device to start.\r
283\r
284 @retval EFI_SUCCES This driver supports this device.\r
285 @retval EFI_ALREADY_STARTED This driver is already running on this device.\r
286 @retval other This driver does not support this device.\r
287\r
288**/\r
289EFI_STATUS\r
290EFIAPI\r
291IpSec4DriverBindingSupported (\r
292 IN EFI_DRIVER_BINDING_PROTOCOL *This,\r
293 IN EFI_HANDLE ControllerHandle,\r
294 IN EFI_DEVICE_PATH_PROTOCOL *RemainingDevicePath OPTIONAL\r
295 )\r
296{\r
297 return IpSecSupported (\r
298 This,\r
299 ControllerHandle,\r
300 RemainingDevicePath,\r
301 IP_VERSION_4\r
302 );\r
303}\r
304\r
305/**\r
306 Start this driver on ControllerHandle.\r
307\r
308 @param[in] This Protocol instance pointer.\r
309 @param[in] ControllerHandle Handle of device to bind driver to.\r
310 @param[in] RemainingDevicePath Optional parameter used to pick a specific child\r
311 device to start.\r
312\r
313 @retval EFI_SUCCES This driver is added to ControllerHandle\r
314 @retval EFI_ALREADY_STARTED This driver is already running on ControllerHandle\r
315 @retval EFI_DEVICE_ERROR The device could not be started due to a device error.\r
316 Currently not implemented.\r
317 @retval other This driver does not support this device\r
318\r
319**/\r
320EFI_STATUS\r
321EFIAPI\r
322IpSec4DriverBindingStart (\r
323 IN EFI_DRIVER_BINDING_PROTOCOL *This,\r
324 IN EFI_HANDLE ControllerHandle,\r
325 IN EFI_DEVICE_PATH_PROTOCOL *RemainingDevicePath OPTIONAL\r
326 )\r
327{\r
328 return IpSecStart (\r
329 This,\r
330 ControllerHandle,\r
331 RemainingDevicePath,\r
332 IP_VERSION_4\r
333 );\r
334}\r
335\r
336/**\r
337 Stop this driver on ControllerHandle.\r
338\r
339 @param[in] This Protocol instance pointer.\r
340 @param[in] ControllerHandle Handle of a device to stop the driver on.\r
341 @param[in] NumberOfChildren Number of Handles in ChildHandleBuffer. If the number of\r
342 children is zero, stop the entire bus driver.\r
343 @param[in] ChildHandleBuffer List of Child Handles to Stop.\r
344\r
345 @retval EFI_SUCCES This driver removed ControllerHandle.\r
346 @retval other This driver was not removed from this device.\r
347\r
348**/\r
349EFI_STATUS\r
350EFIAPI\r
351IpSec4DriverBindingStop (\r
352 IN EFI_DRIVER_BINDING_PROTOCOL *This,\r
353 IN EFI_HANDLE ControllerHandle,\r
354 IN UINTN NumberOfChildren,\r
355 IN EFI_HANDLE *ChildHandleBuffer\r
356 )\r
357{\r
358 return IpSecStop (\r
359 This,\r
360 ControllerHandle,\r
361 NumberOfChildren,\r
362 ChildHandleBuffer,\r
363 IP_VERSION_4\r
364 );\r
365}\r
366\r
367/**\r
368 Test to see if this driver supports ControllerHandle.\r
369\r
370 @param[in] This Protocol instance pointer.\r
371 @param[in] ControllerHandle Handle of device to test.\r
372 @param[in] RemainingDevicePath Optional parameter used to pick a specific child\r
373 device to start.\r
374\r
375 @retval EFI_SUCCES This driver supports this device.\r
376 @retval EFI_ALREADY_STARTED This driver is already running on this device.\r
377 @retval other This driver does not support this device.\r
378\r
379**/\r
380EFI_STATUS\r
381EFIAPI\r
382IpSec6DriverBindingSupported (\r
383 IN EFI_DRIVER_BINDING_PROTOCOL *This,\r
384 IN EFI_HANDLE ControllerHandle,\r
385 IN EFI_DEVICE_PATH_PROTOCOL *RemainingDevicePath OPTIONAL\r
386 )\r
387{\r
388 return IpSecSupported (\r
389 This,\r
390 ControllerHandle,\r
391 RemainingDevicePath,\r
392 IP_VERSION_6\r
393 );\r
394}\r
395\r
396/**\r
397 Start this driver on ControllerHandle.\r
398\r
399 @param[in] This Protocol instance pointer.\r
400 @param[in] ControllerHandle Handle of device to bind driver to.\r
401 @param[in] RemainingDevicePath Optional parameter used to pick a specific child\r
402 device to start.\r
403\r
404 @retval EFI_SUCCES This driver is added to ControllerHandle\r
405 @retval EFI_ALREADY_STARTED This driver is already running on ControllerHandle\r
406 @retval EFI_DEVICE_ERROR The device could not be started due to a device error.\r
407 Currently not implemented.\r
408 @retval other This driver does not support this device\r
409\r
410**/\r
411EFI_STATUS\r
412EFIAPI\r
413IpSec6DriverBindingStart (\r
414 IN EFI_DRIVER_BINDING_PROTOCOL *This,\r
415 IN EFI_HANDLE ControllerHandle,\r
416 IN EFI_DEVICE_PATH_PROTOCOL *RemainingDevicePath OPTIONAL\r
417 )\r
418{\r
419 return IpSecStart (\r
420 This,\r
421 ControllerHandle,\r
422 RemainingDevicePath,\r
423 IP_VERSION_6\r
424 );\r
425}\r
426\r
427/**\r
428 Stop this driver on ControllerHandle.\r
429\r
430 @param[in] This Protocol instance pointer.\r
431 @param[in] ControllerHandle Handle of a device to stop the driver on.\r
432 @param[in] NumberOfChildren Number of Handles in ChildHandleBuffer. If the number of\r
433 children is zero, stop the entire bus driver.\r
434 @param[in] ChildHandleBuffer List of Child Handles to Stop.\r
435\r
436 @retval EFI_SUCCES This driver removed ControllerHandle.\r
437 @retval other This driver was not removed from this device.\r
438\r
439**/\r
440EFI_STATUS\r
441EFIAPI\r
442IpSec6DriverBindingStop (\r
443 IN EFI_DRIVER_BINDING_PROTOCOL *This,\r
444 IN EFI_HANDLE ControllerHandle,\r
445 IN UINTN NumberOfChildren,\r
446 IN EFI_HANDLE *ChildHandleBuffer\r
447 )\r
448{\r
449 return IpSecStop (\r
450 This,\r
451 ControllerHandle,\r
452 NumberOfChildren,\r
453 ChildHandleBuffer,\r
454 IP_VERSION_6\r
455 );\r
456}\r
457\r
458EFI_DRIVER_BINDING_PROTOCOL gIpSec4DriverBinding = {\r
459 IpSec4DriverBindingSupported,\r
460 IpSec4DriverBindingStart,\r
461 IpSec4DriverBindingStop,\r
462 0xa,\r
463 NULL,\r
464 NULL\r
465};\r
466\r
467EFI_DRIVER_BINDING_PROTOCOL gIpSec6DriverBinding = {\r
468 IpSec6DriverBindingSupported,\r
469 IpSec6DriverBindingStart,\r
470 IpSec6DriverBindingStop,\r
a3bcde70
HT		 471 0xa,\r
472 NULL,\r
473 NULL\r
474};\r
475\r
476/**\r
477 This is a callback function when the mIpSecInstance.DisabledEvent is signaled.\r
6cf9230f 478\r
a3bcde70 479 @param[in] Event Event whose notification function is being invoked.\r
6cf9230f 480 @param[in] Context Pointer to the notification function's context.\r
a3bcde70
HT		 481\r
482**/\r
483VOID\r
484EFIAPI\r
485IpSecCleanupAllSa (\r
486 IN EFI_EVENT Event,\r
487 IN VOID *Context\r
488 )\r
489{\r
490 IPSEC_PRIVATE_DATA *Private;\r
9166f840 491 Private = (IPSEC_PRIVATE_DATA *) Context;\r
492 Private->IsIPsecDisabling = TRUE;\r
6cf9230f 493 IkeDeleteAllSas (Private, TRUE);\r
a3bcde70
HT		 494}\r
495\r
496/**\r
497 This is the declaration of an EFI image entry point. This entry point is\r
498 the same for UEFI Applications, UEFI OS Loaders, and UEFI Drivers, including\r
499 both device drivers and bus drivers.\r
6cf9230f 500\r
501 The entry point for IPsec driver which installs the driver binding,\r
a3bcde70
HT		 502 component name protocol, IPsec Config protcolon, and IPsec protocol in\r
503 its ImageHandle.\r
504\r
505 @param[in] ImageHandle The firmware allocated handle for the UEFI image.\r
506 @param[in] SystemTable A pointer to the EFI System Table.\r
507\r
508 @retval EFI_SUCCESS The operation completed successfully.\r
509 @retval EFI_ALREADY_STARTED The IPsec driver has been already loaded.\r
510 @retval EFI_OUT_OF_RESOURCES The request could not be completed due to a lack of resources.\r
6cf9230f 511 @retval Others The operation is failed.\r
a3bcde70
HT		 512\r
513**/\r
514EFI_STATUS\r
515EFIAPI\r
516IpSecDriverEntryPoint (\r
517 IN EFI_HANDLE ImageHandle,\r
518 IN EFI_SYSTEM_TABLE *SystemTable\r
519 )\r
520{\r
521 EFI_STATUS Status;\r
522 IPSEC_PRIVATE_DATA *Private;\r
0a7294f7 523 EFI_IPSEC2_PROTOCOL *IpSec;\r
a3bcde70
HT		 524\r
525 //\r
526 // Check whether ipsec protocol has already been installed.\r
527 //\r
0a7294f7 528 Status = gBS->LocateProtocol (&gEfiIpSec2ProtocolGuid, NULL, (VOID **) &IpSec);\r
a3bcde70
HT		 529\r
530 if (!EFI_ERROR (Status)) {\r
531 DEBUG ((DEBUG_WARN, "_ModuleEntryPoint: IpSec has been already loaded\n"));\r
532 Status = EFI_ALREADY_STARTED;\r
533 goto ON_EXIT;\r
534 }\r
535\r
536 Status = gBS->LocateProtocol (&gEfiDpcProtocolGuid, NULL, (VOID **) &mDpc);\r
537\r
538 if (EFI_ERROR (Status)) {\r
539 DEBUG ((DEBUG_ERROR, "_ModuleEntryPoint: Failed to locate EfiDpcProtocol\n"));\r
540 goto ON_EXIT;\r
541 }\r
542\r
543 Private = AllocateZeroPool (sizeof (IPSEC_PRIVATE_DATA));\r
544\r
545 if (Private == NULL) {\r
546 DEBUG ((DEBUG_ERROR, "_ModuleEntryPoint: Failed to allocate private data\n"));\r
547 Status = EFI_OUT_OF_RESOURCES;\r
548 goto ON_EXIT;\r
549 }\r
550 //\r
9166f840 551 // Create disable event to cleanup all SA when ipsec disabled by user.\r
a3bcde70
HT		 552 //\r
553 Status = gBS->CreateEvent (\r
554 EVT_NOTIFY_SIGNAL,\r
555 TPL_CALLBACK,\r
556 IpSecCleanupAllSa,\r
557 Private,\r
558 &mIpSecInstance.DisabledEvent\r
559 );\r
560 if (EFI_ERROR (Status)) {\r
561 DEBUG ((DEBUG_ERROR, "_ModuleEntryPoint: Failed to create disable event\n"));\r
562 goto ON_FREE_PRIVATE;\r
563 }\r
564\r
565 Private->Signature = IPSEC_PRIVATE_DATA_SIGNATURE;\r
566 Private->ImageHandle = ImageHandle;\r
0a7294f7 567 CopyMem (&Private->IpSec, &mIpSecInstance, sizeof (EFI_IPSEC2_PROTOCOL));\r
6cf9230f 568\r
a3bcde70
HT		 569 //\r
570 // Initilize Private's members. Thess members is used for IKE.\r
571 //\r
572 InitializeListHead (&Private->Udp4List);\r
573 InitializeListHead (&Private->Udp6List);\r
574 InitializeListHead (&Private->Ikev1SessionList);\r
575 InitializeListHead (&Private->Ikev1EstablishedList);\r
576 InitializeListHead (&Private->Ikev2SessionList);\r
577 InitializeListHead (&Private->Ikev2EstablishedList);\r
6cf9230f 578\r
9166f840 579 RandomSeed (NULL, 0);\r
a3bcde70
HT		 580 //\r
581 // Initialize the ipsec config data and restore it from variable.\r
582 //\r
583 Status = IpSecConfigInitialize (Private);\r
584 if (EFI_ERROR (Status)) {\r
585 DEBUG ((DEBUG_ERROR, "_ModuleEntryPoint: Failed to initialize IpSecConfig\n"));\r
586 goto ON_CLOSE_EVENT;\r
587 }\r
588 //\r
589 // Install ipsec protocol which is used by ip driver to process ipsec header.\r
590 //\r
591 Status = gBS->InstallMultipleProtocolInterfaces (\r
592 &Private->Handle,\r
0a7294f7 593 &gEfiIpSec2ProtocolGuid,\r
a3bcde70
HT		 594 &Private->IpSec,\r
595 NULL\r
596 );\r
597 if (EFI_ERROR (Status)) {\r
598 goto ON_UNINSTALL_CONFIG;\r
599 }\r
600\r
601 Status = EfiLibInstallDriverBindingComponentName2 (\r
602 ImageHandle,\r
603 SystemTable,\r
6879581d 604 &gIpSec4DriverBinding,\r
a3bcde70
HT		 605 ImageHandle,\r
606 &gIpSecComponentName,\r
607 &gIpSecComponentName2\r
608 );\r
609 if (EFI_ERROR (Status)) {\r
9166f840 610 goto ON_UNINSTALL_IPSEC;\r
a3bcde70 611 }\r
6cf9230f 612\r
6879581d 613 Status = EfiLibInstallDriverBindingComponentName2 (\r
614 ImageHandle,\r
615 SystemTable,\r
616 &gIpSec6DriverBinding,\r
617 NULL,\r
618 &gIpSecComponentName,\r
619 &gIpSecComponentName2\r
620 );\r
621 if (EFI_ERROR (Status)) {\r
622 goto ON_UNINSTALL_IPSEC4_DB;\r
623 }\r
624\r
a3bcde70
HT		 625 return Status;\r
626\r
6879581d 627ON_UNINSTALL_IPSEC4_DB:\r
22b35e8b
AS		 628 EfiLibUninstallDriverBindingComponentName2 (\r
629 &gIpSec4DriverBinding,\r
630 &gIpSecComponentName,\r
631 &gIpSecComponentName2\r
632 );\r
6879581d 633\r
9166f840 634ON_UNINSTALL_IPSEC:\r
635 gBS->UninstallProtocolInterface (\r
636 Private->Handle,\r
0a7294f7 637 &gEfiIpSec2ProtocolGuid,\r
9166f840 638 &Private->IpSec\r
639 );\r
a3bcde70
HT		 640ON_UNINSTALL_CONFIG:\r
641 gBS->UninstallProtocolInterface (\r
642 Private->Handle,\r
643 &gEfiIpSecConfigProtocolGuid,\r
644 &Private->IpSecConfig\r
645 );\r
646ON_CLOSE_EVENT:\r
647 gBS->CloseEvent (mIpSecInstance.DisabledEvent);\r
648 mIpSecInstance.DisabledEvent = NULL;\r
649ON_FREE_PRIVATE:\r
650 FreePool (Private);\r
651ON_EXIT:\r
652 return Status;\r
653}\r
654\r
EFI Development Kit II mirror for PVE