Add security package to repository.
[mirror_edk2.git] / SecurityPkg / UserIdentification / UserProfileManagerDxe / UserProfileManager.h
CommitLineData
0c18794e 1/** @file\r
2 The header file for user profile manager driver.\r
3 \r
4Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>\r
5This program and the accompanying materials \r
6are licensed and made available under the terms and conditions of the BSD License \r
7which accompanies this distribution. The full text of the license may be found at \r
8http://opensource.org/licenses/bsd-license.php\r
9\r
10THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
11WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
12\r
13**/\r
14\r
15#ifndef __EFI_USER_PROFILE_MANAGER_H__\r
16#define __EFI_USER_PROFILE_MANAGER_H__\r
17\r
18#include <Uefi.h>\r
19\r
20#include <Guid/GlobalVariable.h>\r
21#include <Guid/MdeModuleHii.h>\r
22\r
23#include <Protocol/HiiConfigAccess.h>\r
24#include <Protocol/DevicePathToText.h>\r
25#include <Protocol/UserCredential.h>\r
26#include <Protocol/UserManager.h>\r
27\r
28#include <Library/UefiRuntimeServicesTableLib.h>\r
29#include <Library/UefiBootServicesTableLib.h>\r
30#include <Library/MemoryAllocationLib.h>\r
31#include <Library/BaseMemoryLib.h>\r
32#include <Library/DevicePathLib.h>\r
33#include <Library/DebugLib.h>\r
34#include <Library/UefiLib.h>\r
35#include <Library/PrintLib.h>\r
36#include <Library/HiiLib.h>\r
37\r
38#include "UserProfileManagerData.h"\r
39\r
40#define USER_NAME_LENGTH 17\r
41\r
42//\r
43// Credential Provider Information.\r
44//\r
45typedef struct {\r
46 UINTN Count;\r
47 EFI_USER_CREDENTIAL_PROTOCOL *Provider[1];\r
48} CREDENTIAL_PROVIDER_INFO;\r
49\r
50//\r
51// User profile information structure.\r
52//\r
53typedef struct {\r
54 UINT64 UsageCount;\r
55 EFI_TIME CreateDate;\r
56 EFI_TIME UsageDate;\r
57 UINTN AccessPolicyLen;\r
58 UINTN IdentityPolicyLen;\r
59 UINTN NewIdentityPolicyLen; \r
60 UINT8 *AccessPolicy;\r
61 UINT8 *IdentityPolicy;\r
62 UINT8 *NewIdentityPolicy;\r
63 CHAR16 UserName[USER_NAME_LENGTH];\r
64 BOOLEAN CreateDateExist;\r
65 BOOLEAN UsageDateExist;\r
66 BOOLEAN AccessPolicyModified;\r
67 BOOLEAN IdentityPolicyModified;\r
68 BOOLEAN NewIdentityPolicyModified;\r
69} USER_INFO;\r
70\r
71//\r
72// User access information structure.\r
73//\r
74typedef struct {\r
75 UINTN LoadPermitLen;\r
76 UINTN LoadForbidLen;\r
77 UINTN ConnectPermitLen;\r
78 UINTN ConnectForbidLen;\r
79 UINT8 *LoadPermit;\r
80 UINT8 *LoadForbid;\r
81 UINT8 *ConnectPermit;\r
82 UINT8 *ConnectForbid;\r
83 UINT32 AccessBootOrder;\r
84 UINT8 AccessRight;\r
85 UINT8 AccessSetup;\r
86} USER_INFO_ACCESS;\r
87\r
88#define USER_PROFILE_MANAGER_SIGNATURE SIGNATURE_32 ('U', 'P', 'M', 'S')\r
89\r
90typedef struct {\r
91 UINTN Signature;\r
92 EFI_HANDLE DriverHandle;\r
93 EFI_HII_HANDLE HiiHandle;\r
94 EFI_HII_CONFIG_ACCESS_PROTOCOL ConfigAccess;\r
95} USER_PROFILE_MANAGER_CALLBACK_INFO;\r
96\r
97//\r
98// HII specific Vendor Device Path definition.\r
99//\r
100typedef struct {\r
101 VENDOR_DEVICE_PATH VendorDevicePath;\r
102 EFI_DEVICE_PATH_PROTOCOL End;\r
103} HII_VENDOR_DEVICE_PATH;\r
104\r
105//\r
106// This is the generated IFR binary data for each formset defined in VFR.\r
107//\r
108extern UINT8 UserProfileManagerVfrBin[];\r
109\r
110//\r
111// This is the generated String package data for .UNI file.\r
112//\r
113extern UINT8 UserProfileManagerStrings[];\r
114\r
115//\r
116// Guid used in the form browse.\r
117//\r
118extern EFI_GUID mUserProfileManagerGuid;\r
119\r
120//\r
121// The user manager protocol, used in several function.\r
122//\r
123extern EFI_USER_MANAGER_PROTOCOL *mUserManager;\r
124\r
125//\r
126// The credential providers database in system.\r
127//\r
128extern CREDENTIAL_PROVIDER_INFO *mProviderInfo;\r
129\r
130//\r
131// The variables used to update identity policy.\r
132//\r
133extern UINT8 mProviderChoice;\r
134extern UINT8 mConncetLogical;\r
135\r
136//\r
137// The variables used to update access policy.\r
138//\r
139extern USER_INFO_ACCESS mAccessInfo;\r
140\r
141//\r
142// The user information used to record all data in UI.\r
143//\r
144extern USER_INFO mUserInfo;\r
145\r
146extern USER_PROFILE_MANAGER_CALLBACK_INFO *mCallbackInfo;\r
147\r
148\r
149/**\r
150 Get string by string id from HII Interface.\r
151\r
152\r
153 @param[in] Id String ID to get the string from.\r
154\r
155 @retval CHAR16 * String from ID.\r
156 @retval NULL If error occurs.\r
157\r
158**/\r
159CHAR16 *\r
160GetStringById (\r
161 IN EFI_STRING_ID Id\r
162 );\r
163\r
164/**\r
165 Add a new user profile into the user profile database.\r
166\r
167**/\r
168VOID\r
169CallAddUser (\r
170 VOID\r
171 );\r
172\r
173/**\r
174 Display user select form; can select a user to modify.\r
175\r
176**/\r
177VOID\r
178SelectUserToModify (\r
179 VOID\r
180 );\r
181\r
182/**\r
183 Display user select form, cab select a user to delete.\r
184\r
185**/\r
186VOID\r
187SelectUserToDelete (\r
188 VOID\r
189 );\r
190\r
191/**\r
192 Delete the user specified by UserIndex in user profile database.\r
193\r
194 @param[in] UserIndex The index of user in the user name list to be deleted.\r
195\r
196**/\r
197VOID\r
198DeleteUser (\r
199 IN UINT8 UserIndex\r
200 );\r
201\r
202/**\r
203 Add a username item in form.\r
204\r
205 @param[in] User Points to the user profile whose username is added. \r
206 @param[in] Index The index of the user in the user name list.\r
207 @param[in] OpCodeHandle Points to container for dynamic created opcodes.\r
208\r
209**/\r
210VOID\r
211AddUserToForm (\r
212 IN EFI_USER_PROFILE_HANDLE User,\r
213 IN UINT16 Index,\r
214 IN VOID *OpCodeHandle\r
215 );\r
216\r
217/**\r
218 Display modify user information form\r
219\r
220 In this form, username, create Date, usage date, usage count, identity policy,\r
221 and access policy are displayed.\r
222\r
223 @param[in] UserIndex The index of the user in display list to modify.\r
224 \r
225**/\r
226VOID\r
227ModifyUserInfo (\r
228 IN UINT8 UserIndex\r
229 );\r
230\r
231/**\r
232 Get the username from user input and update username string in Hii \r
233 database with it.\r
234\r
235**/\r
236VOID\r
237ModifyUserName (\r
238 VOID\r
239 );\r
240\r
241/**\r
242 Display the form of modifying user identity policy.\r
243\r
244**/\r
245VOID\r
246ModifyIdentityPolicy (\r
247 VOID\r
248 );\r
249\r
250/**\r
251 Update the mUserInfo.NewIdentityPolicy and UI when 'add option' is pressed.\r
252\r
253**/\r
254VOID\r
255AddIdentityPolicyItem (\r
256 VOID\r
257 );\r
258\r
259/**\r
260 Save the identity policy and update UI with it.\r
261 \r
262 This funciton will verify the new identity policy, in current implementation, \r
263 the identity policy can be: T, P & P & P & ..., P | P | P | ...\r
264 Here, "T" means "True", "P" means "Credential Provider", "&" means "and", "|" means "or".\r
265 Other identity policies are not supported. \r
266\r
267**/\r
268VOID\r
269SaveIdentityPolicy (\r
270 VOID\r
271 );\r
272\r
273/**\r
274 Display modify user access policy form\r
275\r
276 In this form, access right, access setu,p and access boot order are dynamically\r
277 added. Load devicepath and connect devicepath are displayed too.\r
278 \r
279**/\r
280VOID\r
281ModidyAccessPolicy (\r
282 VOID\r
283 );\r
284\r
285/**\r
286 Collect all the access policy data to mUserInfo.AccessPolicy, \r
287 and save it to user profile.\r
288\r
289**/\r
290VOID\r
291SaveAccessPolicy (\r
292 VOID\r
293 );\r
294\r
295/**\r
296 Get current user's access rights.\r
297\r
298 @param[out] AccessRight Points to the buffer used for user's access rights.\r
299\r
300 @retval EFI_SUCCESS Get current user access rights successfully.\r
301 @retval others Fail to get current user access rights.\r
302\r
303**/\r
304EFI_STATUS\r
305GetAccessRight (\r
306 OUT UINT32 *AccessRight\r
307 );\r
308\r
309/**\r
310 Display the permit load device path in the loadable device path list.\r
311\r
312**/\r
313VOID\r
314DisplayLoadPermit(\r
315 VOID\r
316 );\r
317\r
318/**\r
319 Display the forbid load device path list (mAccessInfo.LoadForbid).\r
320\r
321**/\r
322VOID\r
323DisplayLoadForbid (\r
324 VOID\r
325 );\r
326\r
327/**\r
328 Display the permit connect device path.\r
329\r
330**/\r
331VOID\r
332DisplayConnectPermit (\r
333 VOID\r
334 );\r
335\r
336/**\r
337 Display the forbid connect device path list.\r
338\r
339**/\r
340VOID\r
341DisplayConnectForbid (\r
342 VOID\r
343 );\r
344\r
345/**\r
346 Delete the specified device path by DriverIndex from the forbid device path \r
347 list (mAccessInfo.LoadForbid).\r
348\r
349 @param[in] DriverIndex The index of driver in a forbidden device path list.\r
350 \r
351**/\r
352VOID\r
353DeleteFromForbidLoad (\r
354 IN UINT16 DriverIndex\r
355 );\r
356 \r
357/**\r
358 Add the specified device path by DriverIndex to the forbid device path \r
359 list (mAccessInfo.LoadForbid).\r
360\r
361 @param[in] DriverIndex The index of driver saved in driver options.\r
362 \r
363**/\r
364VOID\r
365AddToForbidLoad (\r
366 IN UINT16 DriverIndex\r
367 );\r
368\r
369/**\r
370 Get user name from the popup windows.\r
371 \r
372 @param[in, out] UserNameLen On entry, point to the buffer lengh of UserName.\r
373 On exit, point to the input user name length.\r
374 @param[out] UserName The buffer to hold the input user name.\r
375 \r
376 @retval EFI_ABORTED It is given up by pressing 'ESC' key.\r
377 @retval EFI_NOT_READY Not a valid input at all.\r
378 @retval EFI_SUCCESS Get a user name successfully.\r
379\r
380**/\r
381EFI_STATUS\r
382GetUserNameInput (\r
383 IN OUT UINTN *UserNameLen,\r
384 OUT CHAR16 *UserName\r
385 );\r
386 \r
387#endif\r