]> git.proxmox.com Git - mirror_edk2.git/blame - NetworkPkg/IpSecDxe/IpSecConfigImpl.h
projects / mirror_edk2.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
NetworkPkg: Replace BSD License with BSD+Patent License
[mirror_edk2.git] / NetworkPkg / IpSecDxe / IpSecConfigImpl.h
CommitLineData
a3bcde70
HT		 1/** @file\r
2 Definitions related to IPSEC_CONFIG_PROTOCOL implementations.\r
3\r
f75a7f56 4 Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>\r
a3bcde70 5\r
ecf98fbc 6 SPDX-License-Identifier: BSD-2-Clause-Patent\r
a3bcde70
HT		 7\r
8**/\r
9\r
10#ifndef _IPSEC_CONFIG_IMPL_H_\r
11#define _IPSEC_CONFIG_IMPL_H_\r
12\r
13#include <Protocol/IpSec.h>\r
14#include <Protocol/IpSecConfig.h>\r
15\r
16#include <Library/BaseLib.h>\r
17#include <Library/BaseMemoryLib.h>\r
18#include <Library/PrintLib.h>\r
19#include <Library/MemoryAllocationLib.h>\r
20#include <Library/UefiRuntimeServicesTableLib.h>\r
21#include <Library/UefiBootServicesTableLib.h>\r
22#include <Library/DebugLib.h>\r
23\r
24#include "IpSecImpl.h"\r
25\r
26#define EFI_IPSEC_ANY_PROTOCOL 0xFFFF\r
27#define EFI_IPSEC_ANY_PORT 0\r
28\r
29#define IPSEC_VAR_ITEM_HEADER_LOGO_BIT 0x80\r
30#define IPSEC_VAR_ITEM_HEADER_CONTENT_BIT 0x7F\r
31\r
32#define IPSECCONFIG_VARIABLE_NAME L"IpSecConfig"\r
33#define IPSECCONFIG_STATUS_NAME L"IpSecStatus"\r
34\r
ce5c3273 35#define SIZE_OF_SPD_SELECTOR(x) (sizeof (EFI_IPSEC_SPD_SELECTOR) \\r
a3bcde70
HT		 36 + sizeof (EFI_IP_ADDRESS_INFO) * ((x)->LocalAddressCount + (x)->RemoteAddressCount))\r
37\r
38#define FIX_REF_BUF_ADDR(addr, base) addr = (VOID *) ((UINTN) (addr) - (UINTN) (base))\r
39#define UNFIX_REF_BUF_ADDR(addr, base) addr = (VOID *) ((UINTN) (addr) + (UINTN) (base))\r
40\r
41//\r
42// The data structure used to store the genernall information of IPsec configuration.\r
43//\r
44typedef struct {\r
45 UINT32 VariableCount; // the total number of the IPsecConfig variables.\r
46 UINT32 VariableSize; // The total size of all IpsecConfig variables.\r
47 UINT32 SingleVariableSize; // The max size of single variable\r
48} IP_SEC_VARIABLE_INFO;\r
49\r
50typedef struct {\r
51 EFI_IPSEC_CONFIG_SELECTOR *Selector;\r
52 VOID *Data;\r
53 LIST_ENTRY List;\r
54} IPSEC_COMMON_POLICY_ENTRY;\r
55\r
56typedef struct {\r
57 UINT8 *Ptr;\r
58 UINTN Size;\r
59 UINTN Capacity;\r
60} IPSEC_VARIABLE_BUFFER;\r
61\r
62#pragma pack(1)\r
63typedef struct {\r
64 UINT8 Type;\r
65 UINT16 Size;\r
66} IPSEC_VAR_ITEM_HEADER;\r
67#pragma pack()\r
68\r
69/**\r
70 The prototype of Copy Source Selector to the Destination Selector.\r
71\r
76389e18 72 @param[in, out] DstSel Pointer of Destination Selector. It would be\r
a3bcde70
HT		 73 SPD Selector, or SAD Selector or PAD Selector.\r
74 @param[in] SrcSel Pointer of Source Selector. It would be\r
75 SPD Selector, or SAD Selector or PAD Selector.\r
76389e18 76 @param[in, out] Size The size of the Destination Selector. If it\r
a3bcde70
HT		 77 is not NULL and its value is less than the size of\r
78 Source Selector, the value of Source Selector's\r
79 size will be passed to the caller by this parameter.\r
80\r
81 @retval EFI_INVALID_PARAMETER If the Destination or Source Selector is NULL.\r
82 @retval EFI_BUFFER_TOO_SMALL If the input Size is less than size of Source Selector.\r
83 @retval EFI_SUCCESS Copy Source Selector to the Destination\r
84 Selector successfully.\r
85\r
86**/\r
87typedef\r
88EFI_STATUS\r
89(*IPSEC_DUPLICATE_SELECTOR) (\r
90 IN OUT EFI_IPSEC_CONFIG_SELECTOR *DstSel,\r
91 IN EFI_IPSEC_CONFIG_SELECTOR *SrcSel,\r
92 IN OUT UINTN *Size\r
93 );\r
94\r
95/**\r
96 It is prototype of compare two Selectors. The Selector would be SPD Selector,\r
97 or SAD Selector, or PAD selector.\r
98\r
99 @param[in] Selector1 Pointer of the first Selector.\r
100 @param[in] Selector2 Pointer of the second Selector.\r
101\r
102 @retval TRUE These two Selectors have the same value in certain fields.\r
103 @retval FALSE Not all fields have the same value in these two Selectors.\r
104\r
105**/\r
106typedef\r
107BOOLEAN\r
108(*IPSEC_COMPARE_SELECTOR) (\r
109 IN EFI_IPSEC_CONFIG_SELECTOR *Selector1,\r
110 IN EFI_IPSEC_CONFIG_SELECTOR *Selector2\r
111 );\r
112\r
113/**\r
114 The prototype of a function to check if the Selector is Zero by its certain fields.\r
115\r
116 @param[in] Selector Pointer of the Selector.\r
117\r
118 @retval TRUE If the Selector is Zero.\r
119 @retval FALSE If the Selector is not Zero.\r
120\r
121**/\r
122typedef\r
123BOOLEAN\r
124(*IPSEC_IS_ZERO_SELECTOR) (\r
125 IN EFI_IPSEC_CONFIG_SELECTOR *Selector\r
126 );\r
127\r
128/**\r
129 The prototype of a function to fix the value of particular members of the Selector.\r
130\r
131 @param[in] Selector Pointer of Selector.\r
132 @param[in] Data Pointer of Data.\r
133\r
134**/\r
135typedef\r
136VOID\r
137(*IPSEC_FIX_POLICY_ENTRY) (\r
138 IN EFI_IPSEC_CONFIG_SELECTOR *Selector,\r
139 IN VOID *Data\r
140 );\r
141\r
142/**\r
143 It is prototype function to define a routine function by the caller of IpSecVisitConfigData().\r
144\r
145 @param[in] Type A specified IPSEC_CONFIG_DATA_TYPE.\r
146 @param[in] Selector Points to EFI_IPSEC_CONFIG_SELECTOR to be copied\r
147 to the buffer.\r
148 @param[in] Data Points to data to be copied to the buffer. The\r
149 Data type is related to the Type.\r
150 @param[in] SelectorSize The size of the Selector.\r
151 @param[in] DataSize The size of the Data.\r
76389e18 152 @param[in, out] Buffer The buffer to store the Selector and Data.\r
a3bcde70
HT		 153\r
154 @retval EFI_SUCCESS Copied the Selector and Data to a buffer successfully.\r
155 @retval EFI_OUT_OF_RESOURCES The required system resource could not be allocated.\r
156\r
157**/\r
158typedef\r
159EFI_STATUS\r
160(*IPSEC_COPY_POLICY_ENTRY) (\r
161 IN EFI_IPSEC_CONFIG_DATA_TYPE Type,\r
162 IN EFI_IPSEC_CONFIG_SELECTOR *Selector,\r
163 IN VOID *Data,\r
164 IN UINTN SelectorSize,\r
165 IN UINTN DataSize,\r
166 IN OUT VOID *Context\r
167 );\r
168\r
169/**\r
170 Set the security policy information for the EFI IPsec driver.\r
171\r
172 The IPsec configuration data has a unique selector/identifier separately to\r
173 identify a data entry.\r
174\r
175 @param[in] Selector Pointer to an entry selector on operated\r
176 configuration data specified by DataType.\r
177 A NULL Selector causes the entire specified-type\r
178 configuration information to be flushed.\r
179 @param[in] Data The data buffer to be set.\r
180 @param[in] Context Pointer to one entry selector that describes\r
181 the expected position the new data entry will\r
182 be added. If Context is NULL, the new entry will\r
183 be appended to the end of the database.\r
184\r
185 @retval EFI_INVALID_PARAMETER Certain Parameters are not correct. The Parameter\r
186 requiring a check depends on the Selector type.\r
187 @retval EFI_OUT_OF_RESOURCED The required system resource could not be allocated.\r
188 @retval EFI_SUCCESS The specified configuration data was obtained successfully.\r
189\r
190**/\r
191typedef\r
192EFI_STATUS\r
193(*IPSEC_SET_POLICY_ENTRY) (\r
194 IN EFI_IPSEC_CONFIG_SELECTOR *Selector,\r
195 IN VOID *Data,\r
196 IN VOID *Context OPTIONAL\r
197 );\r
198\r
199/**\r
200 A prototype function definition to lookup the data entry from IPsec. Return the configuration\r
201 value of the specified Entry.\r
202\r
203 @param[in] Selector Pointer to an entry selector that is an identifier\r
204 of the entry.\r
205 @param[in, out] DataSize On output, the size of data returned in Data.\r
206 @param[out] Data The buffer to return the contents of the IPsec\r
207 configuration data. The type of the data buffer\r
208 is associated with the DataType.\r
209\r
210 @retval EFI_SUCCESS The specified configuration data was obtained successfully.\r
211 @retval EFI_INVALID_PARAMETER Data is NULL and *DataSize is not zero.\r
212 @retval EFI_NOT_FOUND The configuration data specified by Selector is not found.\r
213 @retval EFI_BUFFER_TOO_SMALL The DataSize is too small for the result. DataSize has been\r
214 updated with the size needed to complete the request.\r
215\r
216**/\r
217typedef\r
218EFI_STATUS\r
219(*IPSEC_GET_POLICY_ENTRY) (\r
220 IN EFI_IPSEC_CONFIG_SELECTOR *Selector,\r
221 IN OUT UINTN *DataSize,\r
222 IN VOID *Data\r
223 );\r
224\r
225/**\r
226 Compare two SPD Selectors.\r
227\r
228 Compare two SPD Selector by the fields of LocalAddressCount/RemoteAddressCount/\r
229 NextLayerProtocol/LocalPort/LocalPortRange/RemotePort/RemotePortRange and the\r
230 Local Addresses and remote Addresses.\r
231\r
232 @param[in] Selector1 Pointer of the first SPD Selector.\r
233 @param[in] Selector2 Pointer of the second SPD Selector.\r
234\r
235 @retval TRUE These two Selectors have the same value in above fields.\r
236 @retval FALSE Not all of the above fields have the same value in these two Selectors.\r
237\r
238**/\r
239BOOLEAN\r
240CompareSpdSelector (\r
241 IN EFI_IPSEC_CONFIG_SELECTOR *Selector1,\r
242 IN EFI_IPSEC_CONFIG_SELECTOR *Selector2\r
243 );\r
244\r
245\r
246/**\r
247 Visit all IPsec Configurations of specified Type and call the caller defined\r
248 interface.\r
249\r
250 @param[in] DataType The specified IPsec Config Data Type.\r
251 @param[in] Routine The function caller defined.\r
252 @param[in] Context The data passed to the Routine.\r
253\r
254 @retval EFI_OUT_OF_RESOURCES The required system resource could not be allocated.\r
255 @retval EFI_SUCCESS This function complete successfully.\r
256\r
257**/\r
258EFI_STATUS\r
259IpSecVisitConfigData (\r
260 IN EFI_IPSEC_CONFIG_DATA_TYPE DataType,\r
261 IN IPSEC_COPY_POLICY_ENTRY Routine,\r
262 IN VOID *Context\r
263 );\r
264\r
265\r
266/**\r
267 This function is the subfunction of the EFIIpSecConfigSetData.\r
268\r
269 This function call IpSecSetVaraible to set the IPsec Configuration into the firmware.\r
270\r
271 @retval EFI_OUT_OF_RESOURCES The required system resource could not be allocated.\r
272 @retval EFI_SUCCESS Saved the configration successfully.\r
273 @retval Others Other errors were found while obtaining the variable.\r
274\r
275**/\r
276EFI_STATUS\r
277IpSecConfigSave (\r
278 VOID\r
279 );\r
280\r
281/**\r
282 Initialize IPsecConfig protocol\r
283\r
284 @param[in, out] Private Pointer to IPSEC_PRIVATE_DATA. After this function finish,\r
285 the pointer of IPsecConfig Protocol implementation will copy\r
286 into its IPsecConfig member.\r
287\r
288 @retval EFI_SUCCESS Initialized the IPsecConfig Protocol successfully.\r
289 @retval Others Initializing the IPsecConfig Protocol failed.\r
290\r
291**/\r
292EFI_STATUS\r
293IpSecConfigInitialize (\r
294 IN OUT IPSEC_PRIVATE_DATA *Private\r
295 );\r
296\r
297/**\r
298 Calculate the entire size of EFI_IPSEC_SPD_DATA, which includes the buffer size pointed\r
299 by the pointer members.\r
300\r
301 @param[in] SpdData Pointer to a specified EFI_IPSEC_SPD_DATA.\r
302\r
303 @return The entire size of the specified EFI_IPSEC_SPD_DATA.\r
304\r
305**/\r
306UINTN\r
307IpSecGetSizeOfEfiSpdData (\r
308 IN EFI_IPSEC_SPD_DATA *SpdData\r
309 );\r
310\r
311/**\r
312 Calculate the a entire size of IPSEC_SPD_DATA, which includes the buffer size pointed\r
313 by the pointer members and the buffer size used by Sa List.\r
314\r
315 @param[in] SpdData Pointer to the specified IPSEC_SPD_DATA.\r
316\r
317 @return The entire size of IPSEC_SPD_DATA.\r
318\r
319**/\r
320UINTN\r
321IpSecGetSizeOfSpdData (\r
322 IN IPSEC_SPD_DATA *SpdData\r
323 );\r
324\r
325/**\r
326 Copy Source Process Policy to the Destination Process Policy.\r
327\r
328 @param[in] Dst Pointer to the Source Process Policy.\r
329 @param[in] Src Pointer to the Destination Process Policy.\r
330\r
331**/\r
332VOID\r
333IpSecDuplicateProcessPolicy (\r
334 IN EFI_IPSEC_PROCESS_POLICY *Dst,\r
335 IN EFI_IPSEC_PROCESS_POLICY *Src\r
336 );\r
337\r
338/**\r
9166f840 339 Find if the two SPD Selectors has subordinative.\r
a3bcde70
HT		 340\r
341 Compare two SPD Selector by the fields of LocalAddressCount/RemoteAddressCount/\r
f75a7f56 342 NextLayerProtocol/LocalPort/LocalPortRange/RemotePort/RemotePortRange and the\r
a3bcde70
HT		 343 Local Addresses and remote Addresses.\r
344\r
9166f840 345 @param[in] Selector1 Pointer of first SPD Selector.\r
346 @param[in] Selector2 Pointer of second SPD Selector.\r
a3bcde70 347\r
9166f840 348 @retval TRUE The first SPD Selector is subordinate Selector of second SPD Selector.\r
f75a7f56 349 @retval FALSE The first SPD Selector is not subordinate Selector of second\r
9166f840 350 SPD Selector.\r
f75a7f56 351\r
a3bcde70
HT		 352**/\r
353BOOLEAN\r
9166f840 354IsSubSpdSelector (\r
a3bcde70
HT		 355 IN EFI_IPSEC_CONFIG_SELECTOR *Selector1,\r
356 IN EFI_IPSEC_CONFIG_SELECTOR *Selector2\r
357 );\r
358\r
359/**\r
360 Compare two SA IDs.\r
361\r
362 @param[in] Selector1 Pointer of the first SA ID.\r
363 @param[in] Selector2 Pointer of the second SA ID.\r
364\r
365 @retval TRUE This two Selectors have the same SA ID.\r
366 @retval FALSE This two Selecotrs don't have the same SA ID.\r
367\r
368**/\r
369BOOLEAN\r
370CompareSaId (\r
371 IN EFI_IPSEC_CONFIG_SELECTOR *Selector1,\r
372 IN EFI_IPSEC_CONFIG_SELECTOR *Selector2\r
373 );\r
374\r
375/**\r
376 Compare two PAD IDs.\r
377\r
378 @param[in] Selector1 Pointer of the first PAD ID.\r
379 @param[in] Selector2 Pointer of the second PAD ID.\r
380\r
381 @retval TRUE This two Selectors have the same PAD ID.\r
382 @retval FALSE This two Selecotrs don't have the same PAD ID.\r
383\r
384**/\r
385BOOLEAN\r
386ComparePadId (\r
387 IN EFI_IPSEC_CONFIG_SELECTOR *Selector1,\r
388 IN EFI_IPSEC_CONFIG_SELECTOR *Selector2\r
389 );\r
390\r
391/**\r
392 Check if the SPD Selector is Zero by its LocalAddressCount and RemoteAddressCount\r
393 fields.\r
394\r
395 @param[in] Selector Pointer of the SPD Selector.\r
396\r
397 @retval TRUE If the SPD Selector is Zero.\r
398 @retval FALSE If the SPD Selector is not Zero.\r
399\r
400**/\r
401BOOLEAN\r
402IsZeroSpdSelector (\r
403 IN EFI_IPSEC_CONFIG_SELECTOR *Selector\r
404 );\r
405\r
406/**\r
407 Check if the SA ID is Zero by its DestAddress.\r
408\r
409 @param[in] Selector Pointer of the SA ID.\r
410\r
411 @retval TRUE If the SA ID is Zero.\r
412 @retval FALSE If the SA ID is not Zero.\r
413\r
414**/\r
415BOOLEAN\r
416IsZeroSaId (\r
417 IN EFI_IPSEC_CONFIG_SELECTOR *Selector\r
418 );\r
419\r
420/**\r
421 Check if the PAD ID is Zero.\r
422\r
423 @param[in] Selector Pointer of the PAD ID.\r
424\r
425 @retval TRUE If the PAD ID is Zero.\r
426 @retval FALSE If the PAD ID is not Zero.\r
427\r
428**/\r
429BOOLEAN\r
430IsZeroPadId (\r
431 IN EFI_IPSEC_CONFIG_SELECTOR *Selector\r
432 );\r
433\r
434/**\r
435 Copy Source SPD Selector to the Destination SPD Selector.\r
436\r
437 @param[in, out] DstSel Pointer of Destination SPD Selector.\r
438 @param[in] SrcSel Pointer of Source SPD Selector.\r
439 @param[in, out] Size The size of the Destination SPD Selector. If\r
440 it is not NULL and its value is less than the\r
441 size of Source SPD Selector, the value of\r
442 Source SPD Selector's size will be passed to\r
443 the caller by this parameter.\r
444\r
445 @retval EFI_INVALID_PARAMETER If the Destination or Source SPD Selector is NULL.\r
446 @retval EFI_BUFFER_TOO_SMALL If the input Size is less than size of Source SPD Selector.\r
447 @retval EFI_SUCCESS Copy Source SPD Selector to the Destination SPD\r
448 Selector successfully.\r
449\r
450**/\r
451EFI_STATUS\r
452DuplicateSpdSelector (\r
453 IN OUT EFI_IPSEC_CONFIG_SELECTOR *DstSel,\r
454 IN EFI_IPSEC_CONFIG_SELECTOR *SrcSel,\r
455 IN OUT UINTN *Size\r
456 );\r
457\r
458/**\r
459 Copy Source SA ID to the Destination SA ID.\r
460\r
461 @param[in, out] DstSel Pointer of the Destination SA ID.\r
462 @param[in] SrcSel Pointer of the Source SA ID.\r
463 @param[in, out] Size The size of the Destination SA ID. If it\r
464 not NULL, and its value is less than the size of\r
465 Source SA ID, the value of Source SA ID's size\r
466 will be passed to the caller by this parameter.\r
467\r
468 @retval EFI_INVALID_PARAMETER If the Destination or Source SA ID is NULL.\r
469 @retval EFI_BUFFER_TOO_SMALL If the input Size less than size of source SA ID.\r
470 @retval EFI_SUCCESS Copied Source SA ID to the Destination SA ID successfully.\r
471\r
472**/\r
473EFI_STATUS\r
474DuplicateSaId (\r
475 IN OUT EFI_IPSEC_CONFIG_SELECTOR *DstSel,\r
476 IN EFI_IPSEC_CONFIG_SELECTOR *SrcSel,\r
477 IN OUT UINTN *Size\r
478 );\r
479\r
480/**\r
481 Copy Source PAD ID to the Destination PAD ID.\r
482\r
483 @param[in, out] DstSel Pointer of Destination PAD ID.\r
484 @param[in] SrcSel Pointer of Source PAD ID.\r
485 @param[in, out] Size The size of the Destination PAD ID. If it\r
486 not NULL, and its value less than the size of\r
487 Source PAD ID, the value of Source PAD ID's size\r
488 will be passed to the caller by this parameter.\r
489\r
490 @retval EFI_INVALID_PARAMETER If the Destination or Source PAD ID is NULL.\r
491 @retval EFI_BUFFER_TOO_SMALL If the input Size less than size of source PAD ID.\r
492 @retval EFI_SUCCESS Copied Source PAD ID to the Destination PAD ID successfully.\r
493\r
494**/\r
495EFI_STATUS\r
496DuplicatePadId (\r
497 IN OUT EFI_IPSEC_CONFIG_SELECTOR *DstSel,\r
498 IN EFI_IPSEC_CONFIG_SELECTOR *SrcSel,\r
499 IN OUT UINTN *Size\r
500 );\r
501\r
502/**\r
503 Fix the value of some members of the SPD Selector.\r
504\r
505 This function is called by IpSecCopyPolicyEntry(), which copies the Policy\r
506 Entry into the Variable. Since some members in SPD Selector are pointers,\r
507 a physical address to relative address conversion is required before copying\r
508 this SPD entry into the variable.\r
509\r
510 @param[in] Selector Pointer of SPD Selector.\r
511 @param[in, out] Data Pointer of SPD Data.\r
512\r
513**/\r
514VOID\r
515FixSpdEntry (\r
516 IN EFI_IPSEC_SPD_SELECTOR *Selector,\r
517 IN OUT EFI_IPSEC_SPD_DATA *Data\r
518 );\r
519\r
520/**\r
521 Fix the value of some members of SA ID.\r
522\r
523 This function is called by IpSecCopyPolicyEntry(), which copies the Policy\r
524 Entry into the Variable. Since some members in SA ID are pointers,\r
525 a physical address to relative address conversion is required before copying\r
526 this SAD into the variable.\r
527\r
528 @param[in] SaId Pointer of SA ID.\r
529 @param[in, out] Data Pointer of SA Data.\r
530\r
531**/\r
532VOID\r
533FixSadEntry (\r
534 IN EFI_IPSEC_SA_ID *SaId,\r
9166f840 535 IN OUT EFI_IPSEC_SA_DATA2 *Data\r
a3bcde70
HT		 536 );\r
537\r
538/**\r
539 Fix the value of some members of PAD ID.\r
540\r
541 This function is called by IpSecCopyPolicyEntry(), which copy the Policy\r
542 Entry into the Variable. Since some members in PAD ID are pointers,\r
543 a physical address to relative address conversion is required before copying\r
544 this PAD into the variable.\r
545\r
546 @param[in] PadId Pointer of PAD ID.\r
547 @param[in, out] Data Pointer of PAD Data.\r
548\r
549**/\r
550VOID\r
551FixPadEntry (\r
552 IN EFI_IPSEC_PAD_ID *PadId,\r
553 IN OUT EFI_IPSEC_PAD_DATA *Data\r
554 );\r
555\r
556/**\r
557 Recover the value of some members of SPD Selector.\r
558\r
559 This function is corresponding to FixSpdEntry(). It recovers the value of members\r
560 of SPD Selector which fix by the FixSpdEntry().\r
561\r
562 @param[in, out] Selector Pointer of SPD Selector.\r
563 @param[in, out] Data Pointer of SPD Data.\r
564\r
565**/\r
566VOID\r
567UnfixSpdEntry (\r
568 IN OUT EFI_IPSEC_SPD_SELECTOR *Selector,\r
569 IN OUT EFI_IPSEC_SPD_DATA *Data\r
570 );\r
571\r
572\r
573/**\r
574 Recover the value of some members of SA ID.\r
575\r
576 This function is corresponding to FixSadEntry(). It recovers the value of members\r
577 of SAD ID which fix by the FixSadEntry().\r
578\r
579 @param[in, out] SaId Pointer of SAD ID\r
580 @param[in, out] Data Pointer of SAD Data.\r
581\r
582**/\r
583VOID\r
584UnfixSadEntry (\r
585 IN OUT EFI_IPSEC_SA_ID *SaId,\r
9166f840 586 IN OUT EFI_IPSEC_SA_DATA2 *Data\r
a3bcde70
HT		 587 );\r
588\r
589/**\r
590 Recover the value of some members of PAD ID.\r
591\r
592 This function is corresponding to FixPadEntry(). It recovers the value of members\r
593 of PAD ID which fix by the FixPadEntry().\r
594\r
595 @param[in] PadId Pointer of PAD ID\r
596 @param[in, out] Data Pointer of PAD Data.\r
597\r
598**/\r
599VOID\r
600UnfixPadEntry (\r
601 IN EFI_IPSEC_PAD_ID *PadId,\r
602 IN OUT EFI_IPSEC_PAD_DATA *Data\r
603 );\r
604\r
605/**\r
606 Set the security policy information for the EFI IPsec driver.\r
607\r
608 The IPsec configuration data has a unique selector/identifier separately to\r
609 identify a data entry.\r
610\r
611 @param[in] Selector Pointer to an entry selector on operated\r
612 configuration data specified by DataType.\r
613 A NULL Selector causes the entire specified-type\r
614 configuration information to be flushed.\r
615 @param[in] Data The data buffer to be set. The structure\r
616 of the data buffer should be EFI_IPSEC_SPD_DATA.\r
617 @param[in] Context Pointer to one entry selector that describes\r
618 the expected position the new data entry will\r
619 be added. If Context is NULL,the new entry will\r
620 be appended the end of database.\r
621\r
622 @retval EFI_INVALID_PARAMETER One or more of the following are TRUE:\r
623 - Selector is not NULL and its LocalAddress\r
624 is NULL or its RemoteAddress is NULL.\r
625 - Data is not NULL, its Action is Protected,\r
626 and its policy is NULL.\r
627 - Data is not NULL and its Action is not protected\r
628 and its policy is not NULL.\r
629 - The Action of Data is Protected, its policy\r
630 mode is Tunnel, and its tunnel option is NULL.\r
631 - The Action of Data is protected, its policy\r
632 mode is not Tunnel, and it tunnel option is not NULL.\r
633 @retval EFI_OUT_OF_RESOURCED The required system resource could not be allocated.\r
634 @retval EFI_SUCCESS The specified configuration data was obtained successfully.\r
635\r
636**/\r
637EFI_STATUS\r
638SetSpdEntry (\r
639 IN EFI_IPSEC_CONFIG_SELECTOR *Selector,\r
640 IN VOID *Data,\r
641 IN VOID *Context OPTIONAL\r
642 );\r
643\r
644/**\r
645 Set the security association information for the EFI IPsec driver.\r
646\r
647 The IPsec configuration data has a unique selector/identifier separately to\r
648 identify a data entry.\r
649\r
650 @param[in] Selector Pointer to an entry selector on operated\r
651 configuration data specified by DataType.\r
652 A NULL Selector causes the entire specified-type\r
653 configuration information to be flushed.\r
654 @param[in] Data The data buffer to be set. The structure\r
655 of the data buffer should be EFI_IPSEC_SA_DATA.\r
656 @param[in] Context Pointer to one entry selector which describes\r
657 the expected position the new data entry will\r
658 be added. If Context is NULL,the new entry will\r
659 be appended to the end of database.\r
660\r
661 @retval EFI_OUT_OF_RESOURCED The required system resource could not be allocated.\r
662 @retval EFI_SUCCESS The specified configuration data was obtained successfully.\r
663\r
664**/\r
665EFI_STATUS\r
666SetSadEntry (\r
667 IN EFI_IPSEC_CONFIG_SELECTOR *Selector,\r
668 IN VOID *Data,\r
669 IN VOID *Context OPTIONAL\r
670 );\r
671\r
672/**\r
673 Set the peer authorization configuration information for the EFI IPsec driver.\r
674\r
675 The IPsec configuration data has a unique selector/identifier separately to\r
676 identify a data entry.\r
677\r
678 @param[in] Selector Pointer to an entry selector on operated\r
679 configuration data specified by DataType.\r
680 A NULL Selector causes the entire specified-type\r
681 configuration information to be flushed.\r
682 @param[in] Data The data buffer to be set. The structure\r
683 of the data buffer should be EFI_IPSEC_PAD_DATA.\r
684 @param[in] Context Pointer to one entry selector that describes\r
685 the expected position where the new data entry will\r
686 be added. If Context is NULL, the new entry will\r
687 be appended the end of database.\r
688\r
689 @retval EFI_OUT_OF_RESOURCED The required system resource could not be allocated.\r
690 @retval EFI_SUCCESS The specified configuration data was obtained successfully.\r
691\r
692**/\r
693EFI_STATUS\r
694SetPadEntry (\r
695 IN EFI_IPSEC_CONFIG_SELECTOR *Selector,\r
696 IN VOID *Data,\r
697 IN VOID *Context OPTIONAL\r
698 );\r
699\r
700/**\r
701 This function looks up the data entry from IPsec SPD, and returns the configuration\r
702 value of the specified SPD Entry.\r
703\r
704 @param[in] Selector Pointer to an entry selector which is an identifier\r
705 of the SPD entry.\r
706 @param[in, out] DataSize On output the size of data returned in Data.\r
707 @param[out] Data The buffer to return the contents of the IPsec\r
708 configuration data. The type of the data buffer\r
709 is associated with the DataType.\r
710\r
711 @retval EFI_SUCCESS The specified configuration data was obtained successfully.\r
712 @retval EFI_INVALID_PARAMETER Data is NULL and *DataSize is not zero.\r
713 @retval EFI_NOT_FOUND The configuration data specified by Selector is not found.\r
714 @retval EFI_BUFFER_TOO_SMALL The DataSize is too small for the result. DataSize has been\r
715 updated with the size needed to complete the request.\r
716\r
717**/\r
718EFI_STATUS\r
719GetSpdEntry (\r
720 IN EFI_IPSEC_CONFIG_SELECTOR *Selector,\r
721 IN OUT UINTN *DataSize,\r
722 OUT VOID *Data\r
723 );\r
724\r
725/**\r
726 This function looks up the data entry from IPsec SAD and returns the configuration\r
727 value of the specified SAD Entry.\r
728\r
729 @param[in] Selector Pointer to an entry selector that is an identifier\r
730 of the SAD entry.\r
731 @param[in, out] DataSize On output, the size of data returned in Data.\r
732 @param[out] Data The buffer to return the contents of the IPsec\r
733 configuration data. This type of the data buffer\r
734 is associated with the DataType.\r
735\r
736 @retval EFI_SUCCESS The specified configuration data was obtained successfully.\r
737 @retval EFI_NOT_FOUND The configuration data specified by Selector is not found.\r
738 @retval EFI_BUFFER_TOO_SMALL The DataSize is too small for the result. DataSize has been\r
739 updated with the size needed to complete the request.\r
740\r
741**/\r
742EFI_STATUS\r
743GetSadEntry (\r
744 IN EFI_IPSEC_CONFIG_SELECTOR *Selector,\r
745 IN OUT UINTN *DataSize,\r
746 OUT VOID *Data\r
747 );\r
748\r
749/**\r
750 This function looks up the data entry from IPsec PADand returns the configuration\r
751 value of the specified PAD Entry.\r
752\r
753 @param[in] Selector Pointer to an entry selector that is an identifier\r
754 of the PAD entry.\r
755 @param[in, out] DataSize On output the size of data returned in Data.\r
756 @param[out] Data The buffer to return the contents of the IPsec\r
757 configuration data. This type of the data buffer\r
758 is associated with the DataType.\r
759\r
760 @retval EFI_SUCCESS The specified configuration data was obtained successfully.\r
761 @retval EFI_NOT_FOUND The configuration data specified by Selector is not found.\r
762 @retval EFI_BUFFER_TOO_SMALL The DataSize is too small for the result. DataSize has been\r
763 updated with the size needed to complete the request.\r
764\r
765**/\r
766EFI_STATUS\r
767GetPadEntry (\r
768 IN EFI_IPSEC_CONFIG_SELECTOR *Selector,\r
769 IN OUT UINTN *DataSize,\r
770 OUT VOID *Data\r
771 );\r
772\r
773/**\r
774 Return the configuration value for the EFI IPsec driver.\r
775\r
776 This function lookup the data entry from IPsec database or IKEv2 configuration\r
777 information. The expected data type and unique identification are described in\r
778 DataType and Selector parameters.\r
779\r
780 @param[in] This Pointer to the EFI_IPSEC_CONFIG_PROTOCOL instance.\r
781 @param[in] DataType The type of data to retrieve.\r
782 @param[in] Selector Pointer to an entry selector that is an identifier of the IPsec\r
783 configuration data entry.\r
784 @param[in, out] DataSize On output the size of data returned in Data.\r
785 @param[out] Data The buffer to return the contents of the IPsec configuration data.\r
786 The type of the data buffer is associated with the DataType.\r
787\r
788 @retval EFI_SUCCESS The specified configuration data was obtained successfully.\r
789 @retval EFI_INVALID_PARAMETER One or more of the followings are TRUE:\r
790 - This is NULL.\r
791 - Selector is NULL.\r
792 - DataSize is NULL.\r
793 - Data is NULL and *DataSize is not zero\r
794 @retval EFI_NOT_FOUND The configuration data specified by Selector is not found.\r
795 @retval EFI_UNSUPPORTED The specified DataType is not supported.\r
796 @retval EFI_BUFFER_TOO_SMALL The DataSize is too small for the result. DataSize has been\r
797 updated with the size needed to complete the request.\r
798\r
799**/\r
800EFI_STATUS\r
801EFIAPI\r
802EfiIpSecConfigGetData (\r
803 IN EFI_IPSEC_CONFIG_PROTOCOL *This,\r
804 IN EFI_IPSEC_CONFIG_DATA_TYPE DataType,\r
805 IN EFI_IPSEC_CONFIG_SELECTOR *Selector,\r
806 IN OUT UINTN *DataSize,\r
807 OUT VOID *Data\r
808 );\r
809\r
810/**\r
811 Set the security association, security policy and peer authorization configuration\r
812 information for the EFI IPsec driver.\r
813\r
814 This function is used to set the IPsec configuration information of type DataType for\r
815 the EFI IPsec driver.\r
816 The IPsec configuration data has a unique selector/identifier separately to identify\r
817 a data entry. The selector structure depends on DataType's definition.\r
818 Using SetData() with a Data of NULL causes the IPsec configuration data entry identified\r
819 by DataType and Selector to be deleted.\r
820\r
821 @param[in] This Pointer to the EFI_IPSEC_CONFIG_PROTOCOL instance.\r
822 @param[in] DataType The type of data to be set.\r
823 @param[in] Selector Pointer to an entry selector on operated configuration data\r
824 specified by DataType. A NULL Selector causes the entire\r
825 specified-type configuration information to be flushed.\r
826 @param[in] Data The data buffer to be set. The structure of the data buffer is\r
827 associated with the DataType.\r
828 @param[in] InsertBefore Pointer to one entry selector which describes the expected\r
829 position the new data entry will be added. If InsertBefore is NULL,\r
830 the new entry will be appended the end of database.\r
831\r
832 @retval EFI_SUCCESS The specified configuration entry data was set successfully.\r
833 @retval EFI_INVALID_PARAMETER One or more of the following are TRUE:\r
834 - This is NULL.\r
835 @retval EFI_UNSUPPORTED The specified DataType is not supported.\r
836 @retval EFI_OUT_OF_RESOURCED The required system resource could not be allocated.\r
837\r
838**/\r
839EFI_STATUS\r
840EFIAPI\r
841EfiIpSecConfigSetData (\r
842 IN EFI_IPSEC_CONFIG_PROTOCOL *This,\r
843 IN EFI_IPSEC_CONFIG_DATA_TYPE DataType,\r
844 IN EFI_IPSEC_CONFIG_SELECTOR *Selector,\r
845 IN VOID *Data,\r
846 IN EFI_IPSEC_CONFIG_SELECTOR *InsertBefore OPTIONAL\r
847 );\r
848\r
849/**\r
850 Enumerates the current selector for IPsec configuration data entry.\r
851\r
852 This function is called multiple times to retrieve the entry Selector in IPsec\r
853 configuration database. On each call to GetNextSelector(), the next entry\r
854 Selector are retrieved into the output interface.\r
855\r
856 If the entire IPsec configuration database has been iterated, the error\r
857 EFI_NOT_FOUND is returned.\r
858 If the Selector buffer is too small for the next Selector copy, an\r
859 EFI_BUFFER_TOO_SMALL error is returned, and SelectorSize is updated to reflect\r
860 the size of buffer needed.\r
861\r
862 On the initial call to GetNextSelector() to start the IPsec configuration database\r
863 search, a pointer to the buffer with all zero value is passed in Selector. Calls\r
864 to SetData() between calls to GetNextSelector may produce unpredictable results.\r
865\r
866 @param[in] This Pointer to the EFI_IPSEC_CONFIG_PROTOCOL instance.\r
867 @param[in] DataType The type of IPsec configuration data to retrieve.\r
868 @param[in, out] SelectorSize The size of the Selector buffer.\r
869 @param[in, out] Selector On input, supplies the pointer to last Selector that was\r
870 returned by GetNextSelector().\r
871 On output, returns one copy of the current entry Selector\r
872 of a given DataType.\r
873\r
874 @retval EFI_SUCCESS The specified configuration data was obtained successfully.\r
875 @retval EFI_INVALID_PARAMETER One or more of the followings are TRUE:\r
876 - This is NULL.\r
877 - SelectorSize is NULL.\r
878 - Selector is NULL.\r
879 @retval EFI_NOT_FOUND The next configuration data entry was not found.\r
880 @retval EFI_UNSUPPORTED The specified DataType is not supported.\r
881 @retval EFI_BUFFER_TOO_SMALL The SelectorSize is too small for the result. This parameter\r
882 has been updated with the size needed to complete the search\r
883 request.\r
884\r
885**/\r
886EFI_STATUS\r
887EFIAPI\r
888EfiIpSecConfigGetNextSelector (\r
889 IN EFI_IPSEC_CONFIG_PROTOCOL *This,\r
890 IN EFI_IPSEC_CONFIG_DATA_TYPE DataType,\r
891 IN OUT UINTN *SelectorSize,\r
892 IN OUT EFI_IPSEC_CONFIG_SELECTOR *Selector\r
893 );\r
894\r
895/**\r
896 Register an event that is to be signaled whenever a configuration process on the\r
897 specified IPsec configuration information is done.\r
898\r
899 The register function is not surpport now and always returns EFI_UNSUPPORTED.\r
900\r
901 @param[in] This Pointer to the EFI_IPSEC_CONFIG_PROTOCOL instance.\r
902 @param[in] DataType The type of data to be registered the event for.\r
903 @param[in] Event The event to be registered.\r
904\r
905 @retval EFI_SUCCESS The event is registered successfully.\r
906 @retval EFI_INVALID_PARAMETER This is NULL, or Event is NULL.\r
907 @retval EFI_ACCESS_DENIED The Event is already registered for the DataType.\r
908 @retval EFI_UNSUPPORTED The notify registration unsupported, or the specified\r
909 DataType is not supported.\r
910\r
911**/\r
912EFI_STATUS\r
913EFIAPI\r
914EfiIpSecConfigRegisterNotify (\r
915 IN EFI_IPSEC_CONFIG_PROTOCOL *This,\r
916 IN EFI_IPSEC_CONFIG_DATA_TYPE DataType,\r
917 IN EFI_EVENT Event\r
918 );\r
919\r
920\r
921/**\r
922 Remove the specified event that was previously registered on the specified IPsec\r
923 configuration data.\r
924\r
925 This function is not supported now and always returns EFI_UNSUPPORTED.\r
926\r
927 @param[in] This Pointer to the EFI_IPSEC_CONFIG_PROTOCOL instance.\r
928 @param[in] DataType The configuration data type to remove the registered event for.\r
929 @param[in] Event The event to be unregistered.\r
930\r
931 @retval EFI_SUCCESS The event was removed successfully.\r
932 @retval EFI_NOT_FOUND The Event specified by DataType could not be found in the\r
933 database.\r
934 @retval EFI_INVALID_PARAMETER This is NULL or Event is NULL.\r
935 @retval EFI_UNSUPPORTED The notify registration unsupported or the specified\r
936 DataType is not supported.\r
937\r
938**/\r
939EFI_STATUS\r
940EFIAPI\r
941EfiIpSecConfigUnregisterNotify (\r
942 IN EFI_IPSEC_CONFIG_PROTOCOL *This,\r
943 IN EFI_IPSEC_CONFIG_DATA_TYPE DataType,\r
944 IN EFI_EVENT Event\r
945 );\r
946\r
9166f840 947extern LIST_ENTRY mConfigData[IPsecConfigDataTypeMaximum];\r
948\r
a3bcde70 949#endif\r
EFI Development Kit II mirror for PVE