2 This driver is a configuration tool for adding, deleting or modifying user
3 profiles, including gathering the necessary information to ascertain their
4 identity in the future, updating user access policy and identification
7 Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
8 (C) Copyright 2018 Hewlett Packard Enterprise Development LP<BR>
9 This program and the accompanying materials
10 are licensed and made available under the terms and conditions of the BSD License
11 which accompanies this distribution. The full text of the license may be found at
12 http://opensource.org/licenses/bsd-license.php
14 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
15 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
19 #include "UserProfileManager.h"
21 EFI_USER_MANAGER_PROTOCOL
*mUserManager
= NULL
;
22 CREDENTIAL_PROVIDER_INFO
*mProviderInfo
= NULL
;
23 UINT8 mProviderChoice
;
24 UINT8 mConncetLogical
;
25 USER_INFO_ACCESS mAccessInfo
;
27 USER_PROFILE_MANAGER_CALLBACK_INFO
*mCallbackInfo
;
28 HII_VENDOR_DEVICE_PATH mHiiVendorDevicePath
= {
34 (UINT8
) (sizeof (VENDOR_DEVICE_PATH
)),
35 (UINT8
) ((sizeof (VENDOR_DEVICE_PATH
)) >> 8)
38 USER_PROFILE_MANAGER_GUID
42 END_ENTIRE_DEVICE_PATH_SUBTYPE
,
44 (UINT8
) (END_DEVICE_PATH_LENGTH
),
45 (UINT8
) ((END_DEVICE_PATH_LENGTH
) >> 8)
52 Get string by string id from HII Interface.
55 @param[in] Id String ID to get the string from.
57 @retval CHAR16 * String from ID.
58 @retval NULL If error occurs.
67 // Get the current string for the current Language.
69 return HiiGetString (mCallbackInfo
->HiiHandle
, Id
, NULL
);
74 This function gets all the credential providers in the system and saved them
77 @retval EFI_SUCESS Init credential provider database successfully.
78 @retval Others Fail to init credential provider database.
88 EFI_HANDLE
*HandleBuf
;
92 // Try to find all the user credential provider driver.
96 Status
= gBS
->LocateHandleBuffer (
98 &gEfiUserCredential2ProtocolGuid
,
103 if (EFI_ERROR (Status
)) {
108 // Get provider infomation.
110 if (mProviderInfo
!= NULL
) {
111 FreePool (mProviderInfo
);
113 mProviderInfo
= AllocateZeroPool (
114 sizeof (CREDENTIAL_PROVIDER_INFO
) -
115 sizeof (EFI_USER_CREDENTIAL2_PROTOCOL
*) +
116 HandleCount
* sizeof (EFI_USER_CREDENTIAL2_PROTOCOL
*)
118 if (mProviderInfo
== NULL
) {
119 FreePool (HandleBuf
);
120 return EFI_OUT_OF_RESOURCES
;
123 mProviderInfo
->Count
= HandleCount
;
124 for (Index
= 0; Index
< HandleCount
; Index
++) {
125 Status
= gBS
->HandleProtocol (
127 &gEfiUserCredential2ProtocolGuid
,
128 (VOID
**) &mProviderInfo
->Provider
[Index
]
130 if (EFI_ERROR (Status
)) {
131 FreePool (HandleBuf
);
132 FreePool (mProviderInfo
);
133 mProviderInfo
= NULL
;
138 FreePool (HandleBuf
);
144 This function processes changes in user profile configuration.
146 @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
147 @param Action Specifies the type of action taken by the browser.
148 @param QuestionId A unique value which is sent to the original
149 exporting driver so that it can identify the type
151 @param Type The type of value for the question.
152 @param Value A pointer to the data being sent to the original
154 @param ActionRequest On return, points to the action requested by the
157 @retval EFI_SUCCESS The callback successfully handled the action.
158 @retval Others Fail to handle the action.
163 UserProfileManagerCallback (
164 IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL
*This
,
165 IN EFI_BROWSER_ACTION Action
,
166 IN EFI_QUESTION_ID QuestionId
,
168 IN EFI_IFR_TYPE_VALUE
*Value
,
169 OUT EFI_BROWSER_ACTION_REQUEST
*ActionRequest
174 UINT32 CurrentAccessRight
;
177 VOID
*StartOpCodeHandle
;
178 VOID
*EndOpCodeHandle
;
179 EFI_IFR_GUID_LABEL
*StartLabel
;
180 EFI_IFR_GUID_LABEL
*EndLabel
;
181 EFI_USER_PROFILE_HANDLE CurrentUser
;
183 Status
= EFI_SUCCESS
;
186 case EFI_BROWSER_ACTION_FORM_OPEN
:
189 // Update user manage Form when user manage Form is opened.
190 // This will be done only in FORM_OPEN CallBack of question with QUESTIONID_USER_MANAGE from user manage Form.
192 if (QuestionId
!= QUESTIONID_USER_MANAGE
) {
200 mUserManager
->Current (mUserManager
, &CurrentUser
);
201 if (CurrentUser
== NULL
) {
202 DEBUG ((DEBUG_ERROR
, "Error: current user does not exist!\n"));
203 return EFI_NOT_READY
;
207 // Get current user's right information.
209 Status
= GetAccessRight (&CurrentAccessRight
);
210 if (EFI_ERROR (Status
)) {
211 CurrentAccessRight
= EFI_USER_INFO_ACCESS_ENROLL_SELF
;
215 // Init credential provider information.
217 Status
= InitProviderInfo ();
218 if (EFI_ERROR (Status
)) {
223 // Initialize the container for dynamic opcodes.
225 StartOpCodeHandle
= HiiAllocateOpCodeHandle ();
226 ASSERT (StartOpCodeHandle
!= NULL
);
228 EndOpCodeHandle
= HiiAllocateOpCodeHandle ();
229 ASSERT (EndOpCodeHandle
!= NULL
);
232 // Create Hii Extend Label OpCode.
234 StartLabel
= (EFI_IFR_GUID_LABEL
*) HiiCreateGuidOpCode (
238 sizeof (EFI_IFR_GUID_LABEL
)
240 StartLabel
->ExtendOpCode
= EFI_IFR_EXTEND_OP_LABEL
;
241 StartLabel
->Number
= LABEL_USER_MANAGE_FUNC
;
243 EndLabel
= (EFI_IFR_GUID_LABEL
*) HiiCreateGuidOpCode (
247 sizeof (EFI_IFR_GUID_LABEL
)
249 EndLabel
->ExtendOpCode
= EFI_IFR_EXTEND_OP_LABEL
;
250 EndLabel
->Number
= LABEL_END
;
253 // Add user profile option.
255 if ((CurrentAccessRight
== EFI_USER_INFO_ACCESS_MANAGE
) ||
256 (CurrentAccessRight
== EFI_USER_INFO_ACCESS_ENROLL_OTHERS
)
258 HiiCreateActionOpCode (
259 StartOpCodeHandle
, // Container for dynamic created opcodes
260 KEY_ADD_USER
, // Question ID
261 STRING_TOKEN (STR_ADD_USER_TITLE
), // Prompt text
262 STRING_TOKEN (STR_ADD_USER_HELP
), // Help text
263 EFI_IFR_FLAG_CALLBACK
, // Question flag
264 0 // Action String ID
269 // Add modify user profile option.
271 HiiCreateGotoOpCode (
272 StartOpCodeHandle
, // Container for dynamic created opcodes
273 FORMID_MODIFY_USER
, // Target Form ID
274 STRING_TOKEN (STR_MODIFY_USER_TITLE
), // Prompt text
275 STRING_TOKEN (STR_MODIFY_USER_HELP
), // Help text
276 EFI_IFR_FLAG_CALLBACK
, // Question flag
277 KEY_MODIFY_USER
// Question ID
281 // Add delete user profile option
283 if (CurrentAccessRight
== EFI_USER_INFO_ACCESS_MANAGE
) {
284 HiiCreateGotoOpCode (
285 StartOpCodeHandle
, // Container for dynamic created opcodes
286 FORMID_DEL_USER
, // Target Form ID
287 STRING_TOKEN (STR_DELETE_USER_TITLE
), // Prompt text
288 STRING_TOKEN (STR_DELETE_USER_HELP
), // Help text
289 EFI_IFR_FLAG_CALLBACK
, // Question flag
290 KEY_DEL_USER
// Question ID
295 mCallbackInfo
->HiiHandle
, // HII handle
296 &gUserProfileManagerGuid
, // Formset GUID
297 FORMID_USER_MANAGE
, // Form ID
298 StartOpCodeHandle
, // Label for where to insert opcodes
299 EndOpCodeHandle
// Replace data
302 HiiFreeOpCodeHandle (StartOpCodeHandle
);
303 HiiFreeOpCodeHandle (EndOpCodeHandle
);
309 case EFI_BROWSER_ACTION_FORM_CLOSE
:
310 Status
= EFI_SUCCESS
;
313 case EFI_BROWSER_ACTION_CHANGED
:
316 // Handle the request from form.
318 if ((Value
== NULL
) || (ActionRequest
== NULL
)) {
319 return EFI_INVALID_PARAMETER
;
323 // Judge first 2 bits.
325 switch (QuestionId
& KEY_FIRST_FORM_MASK
) {
327 // Add user profile operation.
334 // Delete user profile operation.
338 // Judge next 2 bits.
340 switch (QuestionId
& KEY_SECOND_FORM_MASK
) {
342 // Delete specified user profile.
344 case KEY_SELECT_USER
:
345 DeleteUser ((UINT8
) QuestionId
);
347 // Update select user form after delete a user.
349 SelectUserToDelete ();
358 // Modify user profile operation.
360 case KEY_MODIFY_USER
:
362 // Judge next 2 bits.
364 switch (QuestionId
& KEY_SECOND_FORM_MASK
) {
366 // Enter user profile information form.
368 case KEY_SELECT_USER
:
370 // Judge next 3 bits.
372 switch (QuestionId
& KEY_MODIFY_INFO_MASK
) {
376 case KEY_MODIFY_NAME
:
379 // Update username in parent form.
381 SelectUserToModify ();
385 // Modify identity policy.
391 switch (QuestionId
& KEY_MODIFY_IP_MASK
) {
393 // Change credential provider option.
395 case KEY_MODIFY_PROV
:
396 mProviderChoice
= Value
->u8
;
400 // Change logical connector.
402 case KEY_MODIFY_CONN
:
403 mConncetLogical
= Value
->u8
;
410 AddIdentityPolicyItem ();
414 // Return to user profile information form.
416 case KEY_IP_RETURN_UIF
:
417 SaveIdentityPolicy ();
418 *ActionRequest
= EFI_BROWSER_ACTION_REQUEST_FORM_SUBMIT_EXIT
;
427 // Modify access policy.
431 // Judge next 3 bits.
433 switch (QuestionId
& KEY_MODIFY_AP_MASK
) {
435 // Change access right choice.
437 case KEY_MODIFY_RIGHT
:
438 mAccessInfo
.AccessRight
= Value
->u8
;
442 // Change setup choice.
444 case KEY_MODIFY_SETUP
:
445 mAccessInfo
.AccessSetup
= Value
->u8
;
449 // Change boot order choice.
451 case KEY_MODIFY_BOOT
:
452 mAccessInfo
.AccessBootOrder
= Value
->u32
;
456 // Return to user profile information form.
458 case KEY_AP_RETURN_UIF
:
460 *ActionRequest
= EFI_BROWSER_ACTION_REQUEST_FORM_SUBMIT_EXIT
;
474 // Access policy device path modified.
476 case KEY_MODIFY_AP_DP
:
478 // Judge next 2 bits.
480 switch (QuestionId
& KEY_MODIFY_DP_MASK
) {
482 // Load permit device path modified.
484 case KEY_LOAD_PERMIT_MODIFY
:
485 QuestionStr
= GetStringById (STRING_TOKEN (STR_MOVE_TO_FORBID_LIST
));
486 PromptStr
= GetStringById (STRING_TOKEN (STR_PRESS_KEY_CONTINUE
));
488 EFI_LIGHTGRAY
| EFI_BACKGROUND_BLUE
,
495 FreePool (QuestionStr
);
496 FreePool (PromptStr
);
497 if (Key
.UnicodeChar
!= CHAR_CARRIAGE_RETURN
) {
501 AddToForbidLoad ((UINT16
)(QuestionId
& (KEY_MODIFY_DP_MASK
- 1)));
502 DisplayLoadPermit ();
506 // Load forbid device path modified.
508 case KEY_LOAD_FORBID_MODIFY
:
509 QuestionStr
= GetStringById (STRING_TOKEN (STR_MOVE_TO_PERMIT_LIST
));
510 PromptStr
= GetStringById (STRING_TOKEN (STR_PRESS_KEY_CONTINUE
));
512 EFI_LIGHTGRAY
| EFI_BACKGROUND_BLUE
,
519 FreePool (QuestionStr
);
520 FreePool (PromptStr
);
521 if (Key
.UnicodeChar
!= CHAR_CARRIAGE_RETURN
) {
525 DeleteFromForbidLoad ((UINT16
)(QuestionId
& (KEY_MODIFY_DP_MASK
- 1)));
526 DisplayLoadForbid ();
530 // Connect permit device path modified.
532 case KEY_CONNECT_PERMIT_MODIFY
:
536 // Connect forbid device path modified.
538 case KEY_CONNECT_FORBID_MODIFY
:
558 case EFI_BROWSER_ACTION_CHANGING
:
561 // Handle the request from form.
564 return EFI_INVALID_PARAMETER
;
568 // Judge first 2 bits.
570 switch (QuestionId
& KEY_FIRST_FORM_MASK
) {
572 // Delete user profile operation.
576 // Judge next 2 bits.
578 switch (QuestionId
& KEY_SECOND_FORM_MASK
) {
580 // Enter delete user profile form.
582 case KEY_ENTER_NEXT_FORM
:
583 SelectUserToDelete ();
592 // Modify user profile operation.
594 case KEY_MODIFY_USER
:
596 // Judge next 2 bits.
598 switch (QuestionId
& KEY_SECOND_FORM_MASK
) {
600 // Enter modify user profile form.
602 case KEY_ENTER_NEXT_FORM
:
603 SelectUserToModify ();
607 // Enter user profile information form.
609 case KEY_SELECT_USER
:
611 // Judge next 3 bits.
613 switch (QuestionId
& KEY_MODIFY_INFO_MASK
) {
615 // Display user information form.
617 case KEY_ENTER_NEXT_FORM
:
618 ModifyUserInfo ((UINT8
) QuestionId
);
622 // Modify identity policy.
628 switch (QuestionId
& KEY_MODIFY_IP_MASK
) {
630 // Display identity policy modify form.
632 case KEY_ENTER_NEXT_FORM
:
633 ModifyIdentityPolicy ();
642 // Modify access policy.
646 // Judge next 3 bits.
648 switch (QuestionId
& KEY_MODIFY_AP_MASK
) {
650 // Display access policy modify form.
652 case KEY_ENTER_NEXT_FORM
:
653 ModidyAccessPolicy ();
656 // Load device path form.
658 case KEY_MODIFY_LOAD
:
660 // Judge next 2 bits.
662 switch (QuestionId
& KEY_DISPLAY_DP_MASK
) {
664 // Permit load device path.
666 case KEY_PERMIT_MODIFY
:
667 DisplayLoadPermit ();
671 // Forbid load device path.
673 case KEY_FORBID_MODIFY
:
674 DisplayLoadForbid ();
683 // Connect device path form.
685 case KEY_MODIFY_CONNECT
:
687 // Judge next 2 bits.
689 switch (QuestionId
& KEY_DISPLAY_DP_MASK
) {
691 // Permit connect device path.
693 case KEY_PERMIT_MODIFY
:
694 DisplayConnectPermit ();
698 // Forbid connect device path.
700 case KEY_FORBID_MODIFY
:
701 DisplayConnectForbid ();
732 // All other action return unsupported.
734 Status
= EFI_UNSUPPORTED
;
744 This function allows a caller to extract the current configuration for one
745 or more named elements from the target driver.
748 @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
749 @param Request A null-terminated Unicode string in <ConfigRequest> format.
750 @param Progress On return, points to a character in the Request string.
751 Points to the string's null terminator if request was successful.
752 Points to the most recent '&' before the first failing name/value
753 pair (or the beginning of the string if the failure is in the
754 first name/value pair) if the request was not successful.
755 @param Results A null-terminated Unicode string in <ConfigAltResp> format which
756 has all values filled in for the names in the Request string.
757 String to be allocated by the called function.
759 @retval EFI_SUCCESS The Results is filled with the requested values.
760 @retval EFI_OUT_OF_RESOURCES Not enough memory to store the results.
761 @retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown name.
762 @retval EFI_NOT_FOUND Routing data doesn't match any storage in this driver.
768 IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL
*This
,
769 IN CONST EFI_STRING Request
,
770 OUT EFI_STRING
*Progress
,
771 OUT EFI_STRING
*Results
774 if (Progress
== NULL
|| Results
== NULL
) {
775 return EFI_INVALID_PARAMETER
;
778 return EFI_NOT_FOUND
;
782 This function processes the results of changes in configuration.
785 @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
786 @param Configuration A null-terminated Unicode string in <ConfigResp> format.
787 @param Progress A pointer to a string filled in with the offset of the most
788 recent '&' before the first failing name/value pair (or the
789 beginning of the string if the failure is in the first
790 name/value pair) or the terminating NULL if all was successful.
792 @retval EFI_SUCCESS The Results is processed successfully.
793 @retval EFI_INVALID_PARAMETER Configuration is NULL.
794 @retval EFI_NOT_FOUND Routing data doesn't match any storage in this driver.
800 IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL
*This
,
801 IN CONST EFI_STRING Configuration
,
802 OUT EFI_STRING
*Progress
805 if (Configuration
== NULL
|| Progress
== NULL
) {
806 return EFI_INVALID_PARAMETER
;
809 *Progress
= Configuration
;
811 return EFI_NOT_FOUND
;
816 Main entry for this driver.
818 @param ImageHandle Image handle this driver.
819 @param SystemTable Pointer to SystemTable.
821 @retval EFI_SUCESS This function always complete successfully.
826 UserProfileManagerInit (
827 IN EFI_HANDLE ImageHandle
,
828 IN EFI_SYSTEM_TABLE
*SystemTable
832 USER_PROFILE_MANAGER_CALLBACK_INFO
*CallbackInfo
;
834 Status
= gBS
->LocateProtocol (
835 &gEfiUserManagerProtocolGuid
,
837 (VOID
**) &mUserManager
839 if (EFI_ERROR (Status
)) {
844 // Initialize driver private data.
846 ZeroMem (&mUserInfo
, sizeof (mUserInfo
));
847 ZeroMem (&mAccessInfo
, sizeof (mAccessInfo
));
849 CallbackInfo
= AllocateZeroPool (sizeof (USER_PROFILE_MANAGER_CALLBACK_INFO
));
850 ASSERT (CallbackInfo
!= NULL
);
852 CallbackInfo
->Signature
= USER_PROFILE_MANAGER_SIGNATURE
;
853 CallbackInfo
->ConfigAccess
.ExtractConfig
= FakeExtractConfig
;
854 CallbackInfo
->ConfigAccess
.RouteConfig
= FakeRouteConfig
;
855 CallbackInfo
->ConfigAccess
.Callback
= UserProfileManagerCallback
;
856 CallbackInfo
->DriverHandle
= NULL
;
859 // Install Device Path Protocol and Config Access protocol to driver handle.
861 Status
= gBS
->InstallMultipleProtocolInterfaces (
862 &CallbackInfo
->DriverHandle
,
863 &gEfiDevicePathProtocolGuid
,
864 &mHiiVendorDevicePath
,
865 &gEfiHiiConfigAccessProtocolGuid
,
866 &CallbackInfo
->ConfigAccess
,
869 ASSERT_EFI_ERROR (Status
);
874 CallbackInfo
->HiiHandle
= HiiAddPackages (
875 &gUserProfileManagerGuid
,
876 CallbackInfo
->DriverHandle
,
877 UserProfileManagerStrings
,
878 UserProfileManagerVfrBin
,
881 ASSERT (CallbackInfo
->HiiHandle
!= NULL
);
882 mCallbackInfo
= CallbackInfo
;