SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.h

   1 /** @file
   2   The header file for user profile manager driver.
   3
   4 Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
   5 This program and the accompanying materials
   6 are licensed and made available under the terms and conditions of the BSD License
   7 which accompanies this distribution.  The full text of the license may be found at
   8 http://opensource.org/licenses/bsd-license.php
   9
  10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
  11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
  12
  13 **/
  14
  15 #ifndef __EFI_USER_PROFILE_MANAGER_H__
  16 #define __EFI_USER_PROFILE_MANAGER_H__
  17
  18 #include <Uefi.h>
  19
  20 #include <Guid/GlobalVariable.h>
  21 #include <Guid/MdeModuleHii.h>
  22
  23 #include <Protocol/HiiConfigAccess.h>
  24 #include <Protocol/DevicePathToText.h>
  25 #include <Protocol/UserCredential.h>
  26 #include <Protocol/UserManager.h>
  27
  28 #include <Library/UefiRuntimeServicesTableLib.h>
  29 #include <Library/UefiBootServicesTableLib.h>
  30 #include <Library/MemoryAllocationLib.h>
  31 #include <Library/BaseMemoryLib.h>
  32 #include <Library/DevicePathLib.h>
  33 #include <Library/DebugLib.h>
  34 #include <Library/UefiLib.h>
  35 #include <Library/PrintLib.h>
  36 #include <Library/HiiLib.h>
  37
  38 #include "UserProfileManagerData.h"
  39
  40 #define  USER_NAME_LENGTH          17
  41
  42 //
  43 // Credential Provider Information.
  44 //
  45 typedef struct {
  46   UINTN                         Count;
  47   EFI_USER_CREDENTIAL_PROTOCOL  *Provider[1];
  48 } CREDENTIAL_PROVIDER_INFO;
  49
  50 //
  51 // User profile information structure.
  52 //
  53 typedef struct {
  54   UINT64    UsageCount;
  55   EFI_TIME  CreateDate;
  56   EFI_TIME  UsageDate;
  57   UINTN     AccessPolicyLen;
  58   UINTN     IdentityPolicyLen;
  59   UINTN     NewIdentityPolicyLen;
  60   UINT8     *AccessPolicy;
  61   UINT8     *IdentityPolicy;
  62   UINT8     *NewIdentityPolicy;
  63   CHAR16    UserName[USER_NAME_LENGTH];
  64   BOOLEAN   CreateDateExist;
  65   BOOLEAN   UsageDateExist;
  66   BOOLEAN   AccessPolicyModified;
  67   BOOLEAN   IdentityPolicyModified;
  68   BOOLEAN   NewIdentityPolicyModified;
  69 } USER_INFO;
  70
  71 //
  72 // User access information structure.
  73 //
  74 typedef struct {
  75   UINTN  LoadPermitLen;
  76   UINTN  LoadForbidLen;
  77   UINTN  ConnectPermitLen;
  78   UINTN  ConnectForbidLen;
  79   UINT8  *LoadPermit;
  80   UINT8  *LoadForbid;
  81   UINT8  *ConnectPermit;
  82   UINT8  *ConnectForbid;
  83   UINT32 AccessBootOrder;
  84   UINT8  AccessRight;
  85   UINT8  AccessSetup;
  86 } USER_INFO_ACCESS;
  87
  88 #define USER_PROFILE_MANAGER_SIGNATURE  SIGNATURE_32 ('U', 'P', 'M', 'S')
  89
  90 typedef struct {
  91   UINTN                           Signature;
  92   EFI_HANDLE                      DriverHandle;
  93   EFI_HII_HANDLE                  HiiHandle;
  94   EFI_HII_CONFIG_ACCESS_PROTOCOL  ConfigAccess;
  95 } USER_PROFILE_MANAGER_CALLBACK_INFO;
  96
  97 //
  98 // HII specific Vendor Device Path definition.
  99 //
 100 typedef struct {
 101   VENDOR_DEVICE_PATH        VendorDevicePath;
 102   EFI_DEVICE_PATH_PROTOCOL  End;
 103 } HII_VENDOR_DEVICE_PATH;
 104
 105 //
 106 // This is the generated IFR binary data for each formset defined in VFR.
 107 //
 108 extern UINT8                               UserProfileManagerVfrBin[];
 109
 110 //
 111 // This is the generated String package data for .UNI file.
 112 //
 113 extern UINT8                               UserProfileManagerStrings[];
 114
 115 //
 116 // The user manager protocol, used in several function.
 117 //
 118 extern EFI_USER_MANAGER_PROTOCOL           *mUserManager;
 119
 120 //
 121 // The credential providers database in system.
 122 //
 123 extern CREDENTIAL_PROVIDER_INFO            *mProviderInfo;
 124
 125 //
 126 // The variables used to update identity policy.
 127 //
 128 extern UINT8                               mProviderChoice;
 129 extern UINT8                               mConncetLogical;
 130
 131 //
 132 // The variables used to update access policy.
 133 //
 134 extern USER_INFO_ACCESS                    mAccessInfo;
 135
 136 //
 137 // The user information used to record all data in UI.
 138 //
 139 extern USER_INFO                           mUserInfo;
 140
 141 extern USER_PROFILE_MANAGER_CALLBACK_INFO  *mCallbackInfo;
 142
 143
 144 /**
 145   Get string by string id from HII Interface.
 146
 147
 148   @param[in] Id      String ID to get the string from.
 149
 150   @retval  CHAR16 *  String from ID.
 151   @retval  NULL      If error occurs.
 152
 153 **/
 154 CHAR16 *
 155 GetStringById (
 156   IN EFI_STRING_ID             Id
 157   );
 158
 159 /**
 160   Add a new user profile into the user profile database.
 161
 162 **/
 163 VOID
 164 CallAddUser (
 165   VOID
 166   );
 167
 168 /**
 169   Display user select form; can select a user to modify.
 170
 171 **/
 172 VOID
 173 SelectUserToModify  (
 174   VOID
 175   );
 176
 177 /**
 178   Display user select form, cab select a user to delete.
 179
 180 **/
 181 VOID
 182 SelectUserToDelete (
 183   VOID
 184   );
 185
 186 /**
 187   Delete the user specified by UserIndex in user profile database.
 188
 189   @param[in]  UserIndex    The index of user in the user name list to be deleted.
 190
 191 **/
 192 VOID
 193 DeleteUser (
 194   IN UINT8                                      UserIndex
 195   );
 196
 197 /**
 198   Add a username item in form.
 199
 200   @param[in]  User             Points to the user profile whose username is added.
 201   @param[in]  Index            The index of the user in the user name list.
 202   @param[in]  OpCodeHandle     Points to container for dynamic created opcodes.
 203
 204 **/
 205 VOID
 206 AddUserToForm (
 207   IN  EFI_USER_PROFILE_HANDLE                   User,
 208   IN  UINT16                                    Index,
 209   IN  VOID                                      *OpCodeHandle
 210   );
 211
 212 /**
 213   Display modify user information form
 214
 215   In this form, username, create Date, usage date, usage count, identity policy,
 216   and access policy are displayed.
 217
 218   @param[in] UserIndex       The index of the user in display list to modify.
 219
 220 **/
 221 VOID
 222 ModifyUserInfo (
 223   IN UINT8                                      UserIndex
 224   );
 225
 226 /**
 227   Get the username from user input and update username string in Hii
 228   database with it.
 229
 230 **/
 231 VOID
 232 ModifyUserName (
 233   VOID
 234   );
 235
 236 /**
 237   Display the form of modifying user identity policy.
 238
 239 **/
 240 VOID
 241 ModifyIdentityPolicy (
 242   VOID
 243   );
 244
 245 /**
 246   Update the mUserInfo.NewIdentityPolicy and UI when 'add option' is pressed.
 247
 248 **/
 249 VOID
 250 AddIdentityPolicyItem (
 251   VOID
 252   );
 253
 254 /**
 255   Save the identity policy and update UI with it.
 256
 257   This funciton will verify the new identity policy, in current implementation,
 258   the identity policy can be:  T, P & P & P & ..., P | P | P | ...
 259   Here, "T" means "True", "P" means "Credential Provider", "&" means "and", "|" means "or".
 260   Other identity policies are not supported.
 261
 262 **/
 263 VOID
 264 SaveIdentityPolicy (
 265   VOID
 266   );
 267
 268 /**
 269   Display modify user access policy form
 270
 271   In this form, access right, access setu,p and access boot order are dynamically
 272   added. Load devicepath and connect devicepath are displayed too.
 273
 274 **/
 275 VOID
 276 ModidyAccessPolicy (
 277   VOID
 278   );
 279
 280 /**
 281   Collect all the access policy data to mUserInfo.AccessPolicy,
 282   and save it to user profile.
 283
 284 **/
 285 VOID
 286 SaveAccessPolicy (
 287   VOID
 288   );
 289
 290 /**
 291   Get current user's access rights.
 292
 293   @param[out]  AccessRight   Points to the buffer used for user's access rights.
 294
 295   @retval EFI_SUCCESS        Get current user access rights successfully.
 296   @retval others             Fail to get current user access rights.
 297
 298 **/
 299 EFI_STATUS
 300 GetAccessRight (
 301   OUT  UINT32                                    *AccessRight
 302   );
 303
 304 /**
 305   Display the permit load device path in the loadable device path list.
 306
 307 **/
 308 VOID
 309 DisplayLoadPermit(
 310   VOID
 311   );
 312
 313 /**
 314   Display the forbid load device path list (mAccessInfo.LoadForbid).
 315
 316 **/
 317 VOID
 318 DisplayLoadForbid (
 319   VOID
 320   );
 321
 322 /**
 323   Display the permit connect device path.
 324
 325 **/
 326 VOID
 327 DisplayConnectPermit (
 328   VOID
 329   );
 330
 331 /**
 332   Display the forbid connect device path list.
 333
 334 **/
 335 VOID
 336 DisplayConnectForbid (
 337   VOID
 338   );
 339
 340 /**
 341   Delete the specified device path by DriverIndex from the forbid device path
 342   list (mAccessInfo.LoadForbid).
 343
 344   @param[in]  DriverIndex   The index of driver in a forbidden device path list.
 345
 346 **/
 347 VOID
 348 DeleteFromForbidLoad (
 349   IN  UINT16                                    DriverIndex
 350   );
 351
 352 /**
 353   Add the specified device path by DriverIndex to the forbid device path
 354   list (mAccessInfo.LoadForbid).
 355
 356   @param[in]  DriverIndex   The index of driver saved in driver options.
 357
 358 **/
 359 VOID
 360 AddToForbidLoad (
 361   IN  UINT16                                    DriverIndex
 362   );
 363
 364 /**
 365   Get user name from the popup windows.
 366
 367   @param[in, out]  UserNameLen   On entry, point to the buffer lengh of UserName.
 368                                  On exit, point to the input user name length.
 369   @param[out]      UserName      The buffer to hold the input user name.
 370
 371   @retval EFI_ABORTED            It is given up by pressing 'ESC' key.
 372   @retval EFI_NOT_READY          Not a valid input at all.
 373   @retval EFI_SUCCESS            Get a user name successfully.
 374
 375 **/
 376 EFI_STATUS
 377 GetUserNameInput (
 378   IN OUT  UINTN         *UserNameLen,
 379      OUT  CHAR16        *UserName
 380   );
 381
 382 #endif