SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.h

   1 /** @file
   2   The header file for user profile manager driver.
   3
   4 Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
   5 This program and the accompanying materials
   6 are licensed and made available under the terms and conditions of the BSD License
   7 which accompanies this distribution.  The full text of the license may be found at
   8 http://opensource.org/licenses/bsd-license.php
   9
  10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
  11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
  12
  13 **/
  14
  15 #ifndef __EFI_USER_PROFILE_MANAGER_H__
  16 #define __EFI_USER_PROFILE_MANAGER_H__
  17
  18 #include <Uefi.h>
  19
  20 #include <Guid/GlobalVariable.h>
  21 #include <Guid/MdeModuleHii.h>
  22
  23 #include <Protocol/HiiConfigAccess.h>
  24 #include <Protocol/DevicePathToText.h>
  25 #include <Protocol/UserCredential.h>
  26 #include <Protocol/UserManager.h>
  27
  28 #include <Library/UefiRuntimeServicesTableLib.h>
  29 #include <Library/UefiBootServicesTableLib.h>
  30 #include <Library/MemoryAllocationLib.h>
  31 #include <Library/BaseMemoryLib.h>
  32 #include <Library/DevicePathLib.h>
  33 #include <Library/DebugLib.h>
  34 #include <Library/UefiLib.h>
  35 #include <Library/PrintLib.h>
  36 #include <Library/HiiLib.h>
  37
  38 #include "UserProfileManagerData.h"
  39
  40 #define  USER_NAME_LENGTH          17
  41
  42 //
  43 // Credential Provider Information.
  44 //
  45 typedef struct {
  46   UINTN                         Count;
  47   EFI_USER_CREDENTIAL_PROTOCOL  *Provider[1];
  48 } CREDENTIAL_PROVIDER_INFO;
  49
  50 //
  51 // User profile information structure.
  52 //
  53 typedef struct {
  54   UINT64    UsageCount;
  55   EFI_TIME  CreateDate;
  56   EFI_TIME  UsageDate;
  57   UINTN     AccessPolicyLen;
  58   UINTN     IdentityPolicyLen;
  59   UINTN     NewIdentityPolicyLen;
  60   UINT8     *AccessPolicy;
  61   UINT8     *IdentityPolicy;
  62   UINT8     *NewIdentityPolicy;
  63   CHAR16    UserName[USER_NAME_LENGTH];
  64   BOOLEAN   CreateDateExist;
  65   BOOLEAN   UsageDateExist;
  66   BOOLEAN   AccessPolicyModified;
  67   BOOLEAN   IdentityPolicyModified;
  68   BOOLEAN   NewIdentityPolicyModified;
  69 } USER_INFO;
  70
  71 //
  72 // User access information structure.
  73 //
  74 typedef struct {
  75   UINTN  LoadPermitLen;
  76   UINTN  LoadForbidLen;
  77   UINTN  ConnectPermitLen;
  78   UINTN  ConnectForbidLen;
  79   UINT8  *LoadPermit;
  80   UINT8  *LoadForbid;
  81   UINT8  *ConnectPermit;
  82   UINT8  *ConnectForbid;
  83   UINT32 AccessBootOrder;
  84   UINT8  AccessRight;
  85   UINT8  AccessSetup;
  86 } USER_INFO_ACCESS;
  87
  88 #define USER_PROFILE_MANAGER_SIGNATURE  SIGNATURE_32 ('U', 'P', 'M', 'S')
  89
  90 typedef struct {
  91   UINTN                           Signature;
  92   EFI_HANDLE                      DriverHandle;
  93   EFI_HII_HANDLE                  HiiHandle;
  94   EFI_HII_CONFIG_ACCESS_PROTOCOL  ConfigAccess;
  95 } USER_PROFILE_MANAGER_CALLBACK_INFO;
  96
  97 //
  98 // HII specific Vendor Device Path definition.
  99 //
 100 typedef struct {
 101   VENDOR_DEVICE_PATH        VendorDevicePath;
 102   EFI_DEVICE_PATH_PROTOCOL  End;
 103 } HII_VENDOR_DEVICE_PATH;
 104
 105 //
 106 // This is the generated IFR binary data for each formset defined in VFR.
 107 //
 108 extern UINT8                               UserProfileManagerVfrBin[];
 109
 110 //
 111 // This is the generated String package data for .UNI file.
 112 //
 113 extern UINT8                               UserProfileManagerStrings[];
 114
 115 //
 116 // Guid used in the form browse.
 117 //
 118 extern EFI_GUID                            mUserProfileManagerGuid;
 119
 120 //
 121 // The user manager protocol, used in several function.
 122 //
 123 extern EFI_USER_MANAGER_PROTOCOL           *mUserManager;
 124
 125 //
 126 // The credential providers database in system.
 127 //
 128 extern CREDENTIAL_PROVIDER_INFO            *mProviderInfo;
 129
 130 //
 131 // The variables used to update identity policy.
 132 //
 133 extern UINT8                               mProviderChoice;
 134 extern UINT8                               mConncetLogical;
 135
 136 //
 137 // The variables used to update access policy.
 138 //
 139 extern USER_INFO_ACCESS                    mAccessInfo;
 140
 141 //
 142 // The user information used to record all data in UI.
 143 //
 144 extern USER_INFO                           mUserInfo;
 145
 146 extern USER_PROFILE_MANAGER_CALLBACK_INFO  *mCallbackInfo;
 147
 148
 149 /**
 150   Get string by string id from HII Interface.
 151
 152
 153   @param[in] Id      String ID to get the string from.
 154
 155   @retval  CHAR16 *  String from ID.
 156   @retval  NULL      If error occurs.
 157
 158 **/
 159 CHAR16 *
 160 GetStringById (
 161   IN EFI_STRING_ID             Id
 162   );
 163
 164 /**
 165   Add a new user profile into the user profile database.
 166
 167 **/
 168 VOID
 169 CallAddUser (
 170   VOID
 171   );
 172
 173 /**
 174   Display user select form; can select a user to modify.
 175
 176 **/
 177 VOID
 178 SelectUserToModify  (
 179   VOID
 180   );
 181
 182 /**
 183   Display user select form, cab select a user to delete.
 184
 185 **/
 186 VOID
 187 SelectUserToDelete (
 188   VOID
 189   );
 190
 191 /**
 192   Delete the user specified by UserIndex in user profile database.
 193
 194   @param[in]  UserIndex    The index of user in the user name list to be deleted.
 195
 196 **/
 197 VOID
 198 DeleteUser (
 199   IN UINT8                                      UserIndex
 200   );
 201
 202 /**
 203   Add a username item in form.
 204
 205   @param[in]  User             Points to the user profile whose username is added.
 206   @param[in]  Index            The index of the user in the user name list.
 207   @param[in]  OpCodeHandle     Points to container for dynamic created opcodes.
 208
 209 **/
 210 VOID
 211 AddUserToForm (
 212   IN  EFI_USER_PROFILE_HANDLE                   User,
 213   IN  UINT16                                    Index,
 214   IN  VOID                                      *OpCodeHandle
 215   );
 216
 217 /**
 218   Display modify user information form
 219
 220   In this form, username, create Date, usage date, usage count, identity policy,
 221   and access policy are displayed.
 222
 223   @param[in] UserIndex       The index of the user in display list to modify.
 224
 225 **/
 226 VOID
 227 ModifyUserInfo (
 228   IN UINT8                                      UserIndex
 229   );
 230
 231 /**
 232   Get the username from user input and update username string in Hii
 233   database with it.
 234
 235 **/
 236 VOID
 237 ModifyUserName (
 238   VOID
 239   );
 240
 241 /**
 242   Display the form of modifying user identity policy.
 243
 244 **/
 245 VOID
 246 ModifyIdentityPolicy (
 247   VOID
 248   );
 249
 250 /**
 251   Update the mUserInfo.NewIdentityPolicy and UI when 'add option' is pressed.
 252
 253 **/
 254 VOID
 255 AddIdentityPolicyItem (
 256   VOID
 257   );
 258
 259 /**
 260   Save the identity policy and update UI with it.
 261
 262   This funciton will verify the new identity policy, in current implementation,
 263   the identity policy can be:  T, P & P & P & ..., P | P | P | ...
 264   Here, "T" means "True", "P" means "Credential Provider", "&" means "and", "|" means "or".
 265   Other identity policies are not supported.
 266
 267 **/
 268 VOID
 269 SaveIdentityPolicy (
 270   VOID
 271   );
 272
 273 /**
 274   Display modify user access policy form
 275
 276   In this form, access right, access setu,p and access boot order are dynamically
 277   added. Load devicepath and connect devicepath are displayed too.
 278
 279 **/
 280 VOID
 281 ModidyAccessPolicy (
 282   VOID
 283   );
 284
 285 /**
 286   Collect all the access policy data to mUserInfo.AccessPolicy,
 287   and save it to user profile.
 288
 289 **/
 290 VOID
 291 SaveAccessPolicy (
 292   VOID
 293   );
 294
 295 /**
 296   Get current user's access rights.
 297
 298   @param[out]  AccessRight   Points to the buffer used for user's access rights.
 299
 300   @retval EFI_SUCCESS        Get current user access rights successfully.
 301   @retval others             Fail to get current user access rights.
 302
 303 **/
 304 EFI_STATUS
 305 GetAccessRight (
 306   OUT  UINT32                                    *AccessRight
 307   );
 308
 309 /**
 310   Display the permit load device path in the loadable device path list.
 311
 312 **/
 313 VOID
 314 DisplayLoadPermit(
 315   VOID
 316   );
 317
 318 /**
 319   Display the forbid load device path list (mAccessInfo.LoadForbid).
 320
 321 **/
 322 VOID
 323 DisplayLoadForbid (
 324   VOID
 325   );
 326
 327 /**
 328   Display the permit connect device path.
 329
 330 **/
 331 VOID
 332 DisplayConnectPermit (
 333   VOID
 334   );
 335
 336 /**
 337   Display the forbid connect device path list.
 338
 339 **/
 340 VOID
 341 DisplayConnectForbid (
 342   VOID
 343   );
 344
 345 /**
 346   Delete the specified device path by DriverIndex from the forbid device path
 347   list (mAccessInfo.LoadForbid).
 348
 349   @param[in]  DriverIndex   The index of driver in a forbidden device path list.
 350
 351 **/
 352 VOID
 353 DeleteFromForbidLoad (
 354   IN  UINT16                                    DriverIndex
 355   );
 356
 357 /**
 358   Add the specified device path by DriverIndex to the forbid device path
 359   list (mAccessInfo.LoadForbid).
 360
 361   @param[in]  DriverIndex   The index of driver saved in driver options.
 362
 363 **/
 364 VOID
 365 AddToForbidLoad (
 366   IN  UINT16                                    DriverIndex
 367   );
 368
 369 /**
 370   Get user name from the popup windows.
 371
 372   @param[in, out]  UserNameLen   On entry, point to the buffer lengh of UserName.
 373                                  On exit, point to the input user name length.
 374   @param[out]      UserName      The buffer to hold the input user name.
 375
 376   @retval EFI_ABORTED            It is given up by pressing 'ESC' key.
 377   @retval EFI_NOT_READY          Not a valid input at all.
 378   @retval EFI_SUCCESS            Get a user name successfully.
 379
 380 **/
 381 EFI_STATUS
 382 GetUserNameInput (
 383   IN OUT  UINTN         *UserNameLen,
 384      OUT  CHAR16        *UserName
 385   );
 386
 387 #endif