+++ /dev/null
-/** @file\r
- Definitions related to IPSEC_CONFIG_PROTOCOL implementations.\r
-\r
- Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>\r
-\r
- SPDX-License-Identifier: BSD-2-Clause-Patent\r
-\r
-**/\r
-\r
-#ifndef _IPSEC_CONFIG_IMPL_H_\r
-#define _IPSEC_CONFIG_IMPL_H_\r
-\r
-#include <Protocol/IpSec.h>\r
-#include <Protocol/IpSecConfig.h>\r
-\r
-#include <Library/BaseLib.h>\r
-#include <Library/BaseMemoryLib.h>\r
-#include <Library/PrintLib.h>\r
-#include <Library/MemoryAllocationLib.h>\r
-#include <Library/UefiRuntimeServicesTableLib.h>\r
-#include <Library/UefiBootServicesTableLib.h>\r
-#include <Library/DebugLib.h>\r
-\r
-#include "IpSecImpl.h"\r
-\r
-#define EFI_IPSEC_ANY_PROTOCOL 0xFFFF\r
-#define EFI_IPSEC_ANY_PORT 0\r
-\r
-#define IPSEC_VAR_ITEM_HEADER_LOGO_BIT 0x80\r
-#define IPSEC_VAR_ITEM_HEADER_CONTENT_BIT 0x7F\r
-\r
-#define IPSECCONFIG_VARIABLE_NAME L"IpSecConfig"\r
-#define IPSECCONFIG_STATUS_NAME L"IpSecStatus"\r
-\r
-#define SIZE_OF_SPD_SELECTOR(x) (sizeof (EFI_IPSEC_SPD_SELECTOR) \\r
- + sizeof (EFI_IP_ADDRESS_INFO) * ((x)->LocalAddressCount + (x)->RemoteAddressCount))\r
-\r
-#define FIX_REF_BUF_ADDR(addr, base) addr = (VOID *) ((UINTN) (addr) - (UINTN) (base))\r
-#define UNFIX_REF_BUF_ADDR(addr, base) addr = (VOID *) ((UINTN) (addr) + (UINTN) (base))\r
-\r
-//\r
-// The data structure used to store the genernall information of IPsec configuration.\r
-//\r
-typedef struct {\r
- UINT32 VariableCount; // the total number of the IPsecConfig variables.\r
- UINT32 VariableSize; // The total size of all IpsecConfig variables.\r
- UINT32 SingleVariableSize; // The max size of single variable\r
-} IP_SEC_VARIABLE_INFO;\r
-\r
-typedef struct {\r
- EFI_IPSEC_CONFIG_SELECTOR *Selector;\r
- VOID *Data;\r
- LIST_ENTRY List;\r
-} IPSEC_COMMON_POLICY_ENTRY;\r
-\r
-typedef struct {\r
- UINT8 *Ptr;\r
- UINTN Size;\r
- UINTN Capacity;\r
-} IPSEC_VARIABLE_BUFFER;\r
-\r
-#pragma pack(1)\r
-typedef struct {\r
- UINT8 Type;\r
- UINT16 Size;\r
-} IPSEC_VAR_ITEM_HEADER;\r
-#pragma pack()\r
-\r
-/**\r
- The prototype of Copy Source Selector to the Destination Selector.\r
-\r
- @param[in, out] DstSel Pointer of Destination Selector. It would be\r
- SPD Selector, or SAD Selector or PAD Selector.\r
- @param[in] SrcSel Pointer of Source Selector. It would be\r
- SPD Selector, or SAD Selector or PAD Selector.\r
- @param[in, out] Size The size of the Destination Selector. If it\r
- is not NULL and its value is less than the size of\r
- Source Selector, the value of Source Selector's\r
- size will be passed to the caller by this parameter.\r
-\r
- @retval EFI_INVALID_PARAMETER If the Destination or Source Selector is NULL.\r
- @retval EFI_BUFFER_TOO_SMALL If the input Size is less than size of Source Selector.\r
- @retval EFI_SUCCESS Copy Source Selector to the Destination\r
- Selector successfully.\r
-\r
-**/\r
-typedef\r
-EFI_STATUS\r
-(*IPSEC_DUPLICATE_SELECTOR) (\r
- IN OUT EFI_IPSEC_CONFIG_SELECTOR *DstSel,\r
- IN EFI_IPSEC_CONFIG_SELECTOR *SrcSel,\r
- IN OUT UINTN *Size\r
- );\r
-\r
-/**\r
- It is prototype of compare two Selectors. The Selector would be SPD Selector,\r
- or SAD Selector, or PAD selector.\r
-\r
- @param[in] Selector1 Pointer of the first Selector.\r
- @param[in] Selector2 Pointer of the second Selector.\r
-\r
- @retval TRUE These two Selectors have the same value in certain fields.\r
- @retval FALSE Not all fields have the same value in these two Selectors.\r
-\r
-**/\r
-typedef\r
-BOOLEAN\r
-(*IPSEC_COMPARE_SELECTOR) (\r
- IN EFI_IPSEC_CONFIG_SELECTOR *Selector1,\r
- IN EFI_IPSEC_CONFIG_SELECTOR *Selector2\r
- );\r
-\r
-/**\r
- The prototype of a function to check if the Selector is Zero by its certain fields.\r
-\r
- @param[in] Selector Pointer of the Selector.\r
-\r
- @retval TRUE If the Selector is Zero.\r
- @retval FALSE If the Selector is not Zero.\r
-\r
-**/\r
-typedef\r
-BOOLEAN\r
-(*IPSEC_IS_ZERO_SELECTOR) (\r
- IN EFI_IPSEC_CONFIG_SELECTOR *Selector\r
- );\r
-\r
-/**\r
- The prototype of a function to fix the value of particular members of the Selector.\r
-\r
- @param[in] Selector Pointer of Selector.\r
- @param[in] Data Pointer of Data.\r
-\r
-**/\r
-typedef\r
-VOID\r
-(*IPSEC_FIX_POLICY_ENTRY) (\r
- IN EFI_IPSEC_CONFIG_SELECTOR *Selector,\r
- IN VOID *Data\r
- );\r
-\r
-/**\r
- It is prototype function to define a routine function by the caller of IpSecVisitConfigData().\r
-\r
- @param[in] Type A specified IPSEC_CONFIG_DATA_TYPE.\r
- @param[in] Selector Points to EFI_IPSEC_CONFIG_SELECTOR to be copied\r
- to the buffer.\r
- @param[in] Data Points to data to be copied to the buffer. The\r
- Data type is related to the Type.\r
- @param[in] SelectorSize The size of the Selector.\r
- @param[in] DataSize The size of the Data.\r
- @param[in, out] Buffer The buffer to store the Selector and Data.\r
-\r
- @retval EFI_SUCCESS Copied the Selector and Data to a buffer successfully.\r
- @retval EFI_OUT_OF_RESOURCES The required system resource could not be allocated.\r
-\r
-**/\r
-typedef\r
-EFI_STATUS\r
-(*IPSEC_COPY_POLICY_ENTRY) (\r
- IN EFI_IPSEC_CONFIG_DATA_TYPE Type,\r
- IN EFI_IPSEC_CONFIG_SELECTOR *Selector,\r
- IN VOID *Data,\r
- IN UINTN SelectorSize,\r
- IN UINTN DataSize,\r
- IN OUT VOID *Context\r
- );\r
-\r
-/**\r
- Set the security policy information for the EFI IPsec driver.\r
-\r
- The IPsec configuration data has a unique selector/identifier separately to\r
- identify a data entry.\r
-\r
- @param[in] Selector Pointer to an entry selector on operated\r
- configuration data specified by DataType.\r
- A NULL Selector causes the entire specified-type\r
- configuration information to be flushed.\r
- @param[in] Data The data buffer to be set.\r
- @param[in] Context Pointer to one entry selector that describes\r
- the expected position the new data entry will\r
- be added. If Context is NULL, the new entry will\r
- be appended to the end of the database.\r
-\r
- @retval EFI_INVALID_PARAMETER Certain Parameters are not correct. The Parameter\r
- requiring a check depends on the Selector type.\r
- @retval EFI_OUT_OF_RESOURCED The required system resource could not be allocated.\r
- @retval EFI_SUCCESS The specified configuration data was obtained successfully.\r
-\r
-**/\r
-typedef\r
-EFI_STATUS\r
-(*IPSEC_SET_POLICY_ENTRY) (\r
- IN EFI_IPSEC_CONFIG_SELECTOR *Selector,\r
- IN VOID *Data,\r
- IN VOID *Context OPTIONAL\r
- );\r
-\r
-/**\r
- A prototype function definition to lookup the data entry from IPsec. Return the configuration\r
- value of the specified Entry.\r
-\r
- @param[in] Selector Pointer to an entry selector that is an identifier\r
- of the entry.\r
- @param[in, out] DataSize On output, the size of data returned in Data.\r
- @param[out] Data The buffer to return the contents of the IPsec\r
- configuration data. The type of the data buffer\r
- is associated with the DataType.\r
-\r
- @retval EFI_SUCCESS The specified configuration data was obtained successfully.\r
- @retval EFI_INVALID_PARAMETER Data is NULL and *DataSize is not zero.\r
- @retval EFI_NOT_FOUND The configuration data specified by Selector is not found.\r
- @retval EFI_BUFFER_TOO_SMALL The DataSize is too small for the result. DataSize has been\r
- updated with the size needed to complete the request.\r
-\r
-**/\r
-typedef\r
-EFI_STATUS\r
-(*IPSEC_GET_POLICY_ENTRY) (\r
- IN EFI_IPSEC_CONFIG_SELECTOR *Selector,\r
- IN OUT UINTN *DataSize,\r
- IN VOID *Data\r
- );\r
-\r
-/**\r
- Compare two SPD Selectors.\r
-\r
- Compare two SPD Selector by the fields of LocalAddressCount/RemoteAddressCount/\r
- NextLayerProtocol/LocalPort/LocalPortRange/RemotePort/RemotePortRange and the\r
- Local Addresses and remote Addresses.\r
-\r
- @param[in] Selector1 Pointer of the first SPD Selector.\r
- @param[in] Selector2 Pointer of the second SPD Selector.\r
-\r
- @retval TRUE These two Selectors have the same value in above fields.\r
- @retval FALSE Not all of the above fields have the same value in these two Selectors.\r
-\r
-**/\r
-BOOLEAN\r
-CompareSpdSelector (\r
- IN EFI_IPSEC_CONFIG_SELECTOR *Selector1,\r
- IN EFI_IPSEC_CONFIG_SELECTOR *Selector2\r
- );\r
-\r
-\r
-/**\r
- Visit all IPsec Configurations of specified Type and call the caller defined\r
- interface.\r
-\r
- @param[in] DataType The specified IPsec Config Data Type.\r
- @param[in] Routine The function caller defined.\r
- @param[in] Context The data passed to the Routine.\r
-\r
- @retval EFI_OUT_OF_RESOURCES The required system resource could not be allocated.\r
- @retval EFI_SUCCESS This function complete successfully.\r
-\r
-**/\r
-EFI_STATUS\r
-IpSecVisitConfigData (\r
- IN EFI_IPSEC_CONFIG_DATA_TYPE DataType,\r
- IN IPSEC_COPY_POLICY_ENTRY Routine,\r
- IN VOID *Context\r
- );\r
-\r
-\r
-/**\r
- This function is the subfunction of the EFIIpSecConfigSetData.\r
-\r
- This function call IpSecSetVaraible to set the IPsec Configuration into the firmware.\r
-\r
- @retval EFI_OUT_OF_RESOURCES The required system resource could not be allocated.\r
- @retval EFI_SUCCESS Saved the configration successfully.\r
- @retval Others Other errors were found while obtaining the variable.\r
-\r
-**/\r
-EFI_STATUS\r
-IpSecConfigSave (\r
- VOID\r
- );\r
-\r
-/**\r
- Initialize IPsecConfig protocol\r
-\r
- @param[in, out] Private Pointer to IPSEC_PRIVATE_DATA. After this function finish,\r
- the pointer of IPsecConfig Protocol implementation will copy\r
- into its IPsecConfig member.\r
-\r
- @retval EFI_SUCCESS Initialized the IPsecConfig Protocol successfully.\r
- @retval Others Initializing the IPsecConfig Protocol failed.\r
-\r
-**/\r
-EFI_STATUS\r
-IpSecConfigInitialize (\r
- IN OUT IPSEC_PRIVATE_DATA *Private\r
- );\r
-\r
-/**\r
- Calculate the entire size of EFI_IPSEC_SPD_DATA, which includes the buffer size pointed\r
- by the pointer members.\r
-\r
- @param[in] SpdData Pointer to a specified EFI_IPSEC_SPD_DATA.\r
-\r
- @return The entire size of the specified EFI_IPSEC_SPD_DATA.\r
-\r
-**/\r
-UINTN\r
-IpSecGetSizeOfEfiSpdData (\r
- IN EFI_IPSEC_SPD_DATA *SpdData\r
- );\r
-\r
-/**\r
- Calculate the a entire size of IPSEC_SPD_DATA, which includes the buffer size pointed\r
- by the pointer members and the buffer size used by Sa List.\r
-\r
- @param[in] SpdData Pointer to the specified IPSEC_SPD_DATA.\r
-\r
- @return The entire size of IPSEC_SPD_DATA.\r
-\r
-**/\r
-UINTN\r
-IpSecGetSizeOfSpdData (\r
- IN IPSEC_SPD_DATA *SpdData\r
- );\r
-\r
-/**\r
- Copy Source Process Policy to the Destination Process Policy.\r
-\r
- @param[in] Dst Pointer to the Source Process Policy.\r
- @param[in] Src Pointer to the Destination Process Policy.\r
-\r
-**/\r
-VOID\r
-IpSecDuplicateProcessPolicy (\r
- IN EFI_IPSEC_PROCESS_POLICY *Dst,\r
- IN EFI_IPSEC_PROCESS_POLICY *Src\r
- );\r
-\r
-/**\r
- Find if the two SPD Selectors has subordinative.\r
-\r
- Compare two SPD Selector by the fields of LocalAddressCount/RemoteAddressCount/\r
- NextLayerProtocol/LocalPort/LocalPortRange/RemotePort/RemotePortRange and the\r
- Local Addresses and remote Addresses.\r
-\r
- @param[in] Selector1 Pointer of first SPD Selector.\r
- @param[in] Selector2 Pointer of second SPD Selector.\r
-\r
- @retval TRUE The first SPD Selector is subordinate Selector of second SPD Selector.\r
- @retval FALSE The first SPD Selector is not subordinate Selector of second\r
- SPD Selector.\r
-\r
-**/\r
-BOOLEAN\r
-IsSubSpdSelector (\r
- IN EFI_IPSEC_CONFIG_SELECTOR *Selector1,\r
- IN EFI_IPSEC_CONFIG_SELECTOR *Selector2\r
- );\r
-\r
-/**\r
- Compare two SA IDs.\r
-\r
- @param[in] Selector1 Pointer of the first SA ID.\r
- @param[in] Selector2 Pointer of the second SA ID.\r
-\r
- @retval TRUE This two Selectors have the same SA ID.\r
- @retval FALSE This two Selecotrs don't have the same SA ID.\r
-\r
-**/\r
-BOOLEAN\r
-CompareSaId (\r
- IN EFI_IPSEC_CONFIG_SELECTOR *Selector1,\r
- IN EFI_IPSEC_CONFIG_SELECTOR *Selector2\r
- );\r
-\r
-/**\r
- Compare two PAD IDs.\r
-\r
- @param[in] Selector1 Pointer of the first PAD ID.\r
- @param[in] Selector2 Pointer of the second PAD ID.\r
-\r
- @retval TRUE This two Selectors have the same PAD ID.\r
- @retval FALSE This two Selecotrs don't have the same PAD ID.\r
-\r
-**/\r
-BOOLEAN\r
-ComparePadId (\r
- IN EFI_IPSEC_CONFIG_SELECTOR *Selector1,\r
- IN EFI_IPSEC_CONFIG_SELECTOR *Selector2\r
- );\r
-\r
-/**\r
- Check if the SPD Selector is Zero by its LocalAddressCount and RemoteAddressCount\r
- fields.\r
-\r
- @param[in] Selector Pointer of the SPD Selector.\r
-\r
- @retval TRUE If the SPD Selector is Zero.\r
- @retval FALSE If the SPD Selector is not Zero.\r
-\r
-**/\r
-BOOLEAN\r
-IsZeroSpdSelector (\r
- IN EFI_IPSEC_CONFIG_SELECTOR *Selector\r
- );\r
-\r
-/**\r
- Check if the SA ID is Zero by its DestAddress.\r
-\r
- @param[in] Selector Pointer of the SA ID.\r
-\r
- @retval TRUE If the SA ID is Zero.\r
- @retval FALSE If the SA ID is not Zero.\r
-\r
-**/\r
-BOOLEAN\r
-IsZeroSaId (\r
- IN EFI_IPSEC_CONFIG_SELECTOR *Selector\r
- );\r
-\r
-/**\r
- Check if the PAD ID is Zero.\r
-\r
- @param[in] Selector Pointer of the PAD ID.\r
-\r
- @retval TRUE If the PAD ID is Zero.\r
- @retval FALSE If the PAD ID is not Zero.\r
-\r
-**/\r
-BOOLEAN\r
-IsZeroPadId (\r
- IN EFI_IPSEC_CONFIG_SELECTOR *Selector\r
- );\r
-\r
-/**\r
- Copy Source SPD Selector to the Destination SPD Selector.\r
-\r
- @param[in, out] DstSel Pointer of Destination SPD Selector.\r
- @param[in] SrcSel Pointer of Source SPD Selector.\r
- @param[in, out] Size The size of the Destination SPD Selector. If\r
- it is not NULL and its value is less than the\r
- size of Source SPD Selector, the value of\r
- Source SPD Selector's size will be passed to\r
- the caller by this parameter.\r
-\r
- @retval EFI_INVALID_PARAMETER If the Destination or Source SPD Selector is NULL.\r
- @retval EFI_BUFFER_TOO_SMALL If the input Size is less than size of Source SPD Selector.\r
- @retval EFI_SUCCESS Copy Source SPD Selector to the Destination SPD\r
- Selector successfully.\r
-\r
-**/\r
-EFI_STATUS\r
-DuplicateSpdSelector (\r
- IN OUT EFI_IPSEC_CONFIG_SELECTOR *DstSel,\r
- IN EFI_IPSEC_CONFIG_SELECTOR *SrcSel,\r
- IN OUT UINTN *Size\r
- );\r
-\r
-/**\r
- Copy Source SA ID to the Destination SA ID.\r
-\r
- @param[in, out] DstSel Pointer of the Destination SA ID.\r
- @param[in] SrcSel Pointer of the Source SA ID.\r
- @param[in, out] Size The size of the Destination SA ID. If it\r
- not NULL, and its value is less than the size of\r
- Source SA ID, the value of Source SA ID's size\r
- will be passed to the caller by this parameter.\r
-\r
- @retval EFI_INVALID_PARAMETER If the Destination or Source SA ID is NULL.\r
- @retval EFI_BUFFER_TOO_SMALL If the input Size less than size of source SA ID.\r
- @retval EFI_SUCCESS Copied Source SA ID to the Destination SA ID successfully.\r
-\r
-**/\r
-EFI_STATUS\r
-DuplicateSaId (\r
- IN OUT EFI_IPSEC_CONFIG_SELECTOR *DstSel,\r
- IN EFI_IPSEC_CONFIG_SELECTOR *SrcSel,\r
- IN OUT UINTN *Size\r
- );\r
-\r
-/**\r
- Copy Source PAD ID to the Destination PAD ID.\r
-\r
- @param[in, out] DstSel Pointer of Destination PAD ID.\r
- @param[in] SrcSel Pointer of Source PAD ID.\r
- @param[in, out] Size The size of the Destination PAD ID. If it\r
- not NULL, and its value less than the size of\r
- Source PAD ID, the value of Source PAD ID's size\r
- will be passed to the caller by this parameter.\r
-\r
- @retval EFI_INVALID_PARAMETER If the Destination or Source PAD ID is NULL.\r
- @retval EFI_BUFFER_TOO_SMALL If the input Size less than size of source PAD ID.\r
- @retval EFI_SUCCESS Copied Source PAD ID to the Destination PAD ID successfully.\r
-\r
-**/\r
-EFI_STATUS\r
-DuplicatePadId (\r
- IN OUT EFI_IPSEC_CONFIG_SELECTOR *DstSel,\r
- IN EFI_IPSEC_CONFIG_SELECTOR *SrcSel,\r
- IN OUT UINTN *Size\r
- );\r
-\r
-/**\r
- Fix the value of some members of the SPD Selector.\r
-\r
- This function is called by IpSecCopyPolicyEntry(), which copies the Policy\r
- Entry into the Variable. Since some members in SPD Selector are pointers,\r
- a physical address to relative address conversion is required before copying\r
- this SPD entry into the variable.\r
-\r
- @param[in] Selector Pointer of SPD Selector.\r
- @param[in, out] Data Pointer of SPD Data.\r
-\r
-**/\r
-VOID\r
-FixSpdEntry (\r
- IN EFI_IPSEC_SPD_SELECTOR *Selector,\r
- IN OUT EFI_IPSEC_SPD_DATA *Data\r
- );\r
-\r
-/**\r
- Fix the value of some members of SA ID.\r
-\r
- This function is called by IpSecCopyPolicyEntry(), which copies the Policy\r
- Entry into the Variable. Since some members in SA ID are pointers,\r
- a physical address to relative address conversion is required before copying\r
- this SAD into the variable.\r
-\r
- @param[in] SaId Pointer of SA ID.\r
- @param[in, out] Data Pointer of SA Data.\r
-\r
-**/\r
-VOID\r
-FixSadEntry (\r
- IN EFI_IPSEC_SA_ID *SaId,\r
- IN OUT EFI_IPSEC_SA_DATA2 *Data\r
- );\r
-\r
-/**\r
- Fix the value of some members of PAD ID.\r
-\r
- This function is called by IpSecCopyPolicyEntry(), which copy the Policy\r
- Entry into the Variable. Since some members in PAD ID are pointers,\r
- a physical address to relative address conversion is required before copying\r
- this PAD into the variable.\r
-\r
- @param[in] PadId Pointer of PAD ID.\r
- @param[in, out] Data Pointer of PAD Data.\r
-\r
-**/\r
-VOID\r
-FixPadEntry (\r
- IN EFI_IPSEC_PAD_ID *PadId,\r
- IN OUT EFI_IPSEC_PAD_DATA *Data\r
- );\r
-\r
-/**\r
- Recover the value of some members of SPD Selector.\r
-\r
- This function is corresponding to FixSpdEntry(). It recovers the value of members\r
- of SPD Selector which fix by the FixSpdEntry().\r
-\r
- @param[in, out] Selector Pointer of SPD Selector.\r
- @param[in, out] Data Pointer of SPD Data.\r
-\r
-**/\r
-VOID\r
-UnfixSpdEntry (\r
- IN OUT EFI_IPSEC_SPD_SELECTOR *Selector,\r
- IN OUT EFI_IPSEC_SPD_DATA *Data\r
- );\r
-\r
-\r
-/**\r
- Recover the value of some members of SA ID.\r
-\r
- This function is corresponding to FixSadEntry(). It recovers the value of members\r
- of SAD ID which fix by the FixSadEntry().\r
-\r
- @param[in, out] SaId Pointer of SAD ID\r
- @param[in, out] Data Pointer of SAD Data.\r
-\r
-**/\r
-VOID\r
-UnfixSadEntry (\r
- IN OUT EFI_IPSEC_SA_ID *SaId,\r
- IN OUT EFI_IPSEC_SA_DATA2 *Data\r
- );\r
-\r
-/**\r
- Recover the value of some members of PAD ID.\r
-\r
- This function is corresponding to FixPadEntry(). It recovers the value of members\r
- of PAD ID which fix by the FixPadEntry().\r
-\r
- @param[in] PadId Pointer of PAD ID\r
- @param[in, out] Data Pointer of PAD Data.\r
-\r
-**/\r
-VOID\r
-UnfixPadEntry (\r
- IN EFI_IPSEC_PAD_ID *PadId,\r
- IN OUT EFI_IPSEC_PAD_DATA *Data\r
- );\r
-\r
-/**\r
- Set the security policy information for the EFI IPsec driver.\r
-\r
- The IPsec configuration data has a unique selector/identifier separately to\r
- identify a data entry.\r
-\r
- @param[in] Selector Pointer to an entry selector on operated\r
- configuration data specified by DataType.\r
- A NULL Selector causes the entire specified-type\r
- configuration information to be flushed.\r
- @param[in] Data The data buffer to be set. The structure\r
- of the data buffer should be EFI_IPSEC_SPD_DATA.\r
- @param[in] Context Pointer to one entry selector that describes\r
- the expected position the new data entry will\r
- be added. If Context is NULL,the new entry will\r
- be appended the end of database.\r
-\r
- @retval EFI_INVALID_PARAMETER One or more of the following are TRUE:\r
- - Selector is not NULL and its LocalAddress\r
- is NULL or its RemoteAddress is NULL.\r
- - Data is not NULL, its Action is Protected,\r
- and its policy is NULL.\r
- - Data is not NULL and its Action is not protected\r
- and its policy is not NULL.\r
- - The Action of Data is Protected, its policy\r
- mode is Tunnel, and its tunnel option is NULL.\r
- - The Action of Data is protected, its policy\r
- mode is not Tunnel, and it tunnel option is not NULL.\r
- @retval EFI_OUT_OF_RESOURCED The required system resource could not be allocated.\r
- @retval EFI_SUCCESS The specified configuration data was obtained successfully.\r
-\r
-**/\r
-EFI_STATUS\r
-SetSpdEntry (\r
- IN EFI_IPSEC_CONFIG_SELECTOR *Selector,\r
- IN VOID *Data,\r
- IN VOID *Context OPTIONAL\r
- );\r
-\r
-/**\r
- Set the security association information for the EFI IPsec driver.\r
-\r
- The IPsec configuration data has a unique selector/identifier separately to\r
- identify a data entry.\r
-\r
- @param[in] Selector Pointer to an entry selector on operated\r
- configuration data specified by DataType.\r
- A NULL Selector causes the entire specified-type\r
- configuration information to be flushed.\r
- @param[in] Data The data buffer to be set. The structure\r
- of the data buffer should be EFI_IPSEC_SA_DATA.\r
- @param[in] Context Pointer to one entry selector which describes\r
- the expected position the new data entry will\r
- be added. If Context is NULL,the new entry will\r
- be appended to the end of database.\r
-\r
- @retval EFI_OUT_OF_RESOURCED The required system resource could not be allocated.\r
- @retval EFI_SUCCESS The specified configuration data was obtained successfully.\r
-\r
-**/\r
-EFI_STATUS\r
-SetSadEntry (\r
- IN EFI_IPSEC_CONFIG_SELECTOR *Selector,\r
- IN VOID *Data,\r
- IN VOID *Context OPTIONAL\r
- );\r
-\r
-/**\r
- Set the peer authorization configuration information for the EFI IPsec driver.\r
-\r
- The IPsec configuration data has a unique selector/identifier separately to\r
- identify a data entry.\r
-\r
- @param[in] Selector Pointer to an entry selector on operated\r
- configuration data specified by DataType.\r
- A NULL Selector causes the entire specified-type\r
- configuration information to be flushed.\r
- @param[in] Data The data buffer to be set. The structure\r
- of the data buffer should be EFI_IPSEC_PAD_DATA.\r
- @param[in] Context Pointer to one entry selector that describes\r
- the expected position where the new data entry will\r
- be added. If Context is NULL, the new entry will\r
- be appended the end of database.\r
-\r
- @retval EFI_OUT_OF_RESOURCED The required system resource could not be allocated.\r
- @retval EFI_SUCCESS The specified configuration data was obtained successfully.\r
-\r
-**/\r
-EFI_STATUS\r
-SetPadEntry (\r
- IN EFI_IPSEC_CONFIG_SELECTOR *Selector,\r
- IN VOID *Data,\r
- IN VOID *Context OPTIONAL\r
- );\r
-\r
-/**\r
- This function looks up the data entry from IPsec SPD, and returns the configuration\r
- value of the specified SPD Entry.\r
-\r
- @param[in] Selector Pointer to an entry selector which is an identifier\r
- of the SPD entry.\r
- @param[in, out] DataSize On output the size of data returned in Data.\r
- @param[out] Data The buffer to return the contents of the IPsec\r
- configuration data. The type of the data buffer\r
- is associated with the DataType.\r
-\r
- @retval EFI_SUCCESS The specified configuration data was obtained successfully.\r
- @retval EFI_INVALID_PARAMETER Data is NULL and *DataSize is not zero.\r
- @retval EFI_NOT_FOUND The configuration data specified by Selector is not found.\r
- @retval EFI_BUFFER_TOO_SMALL The DataSize is too small for the result. DataSize has been\r
- updated with the size needed to complete the request.\r
-\r
-**/\r
-EFI_STATUS\r
-GetSpdEntry (\r
- IN EFI_IPSEC_CONFIG_SELECTOR *Selector,\r
- IN OUT UINTN *DataSize,\r
- OUT VOID *Data\r
- );\r
-\r
-/**\r
- This function looks up the data entry from IPsec SAD and returns the configuration\r
- value of the specified SAD Entry.\r
-\r
- @param[in] Selector Pointer to an entry selector that is an identifier\r
- of the SAD entry.\r
- @param[in, out] DataSize On output, the size of data returned in Data.\r
- @param[out] Data The buffer to return the contents of the IPsec\r
- configuration data. This type of the data buffer\r
- is associated with the DataType.\r
-\r
- @retval EFI_SUCCESS The specified configuration data was obtained successfully.\r
- @retval EFI_NOT_FOUND The configuration data specified by Selector is not found.\r
- @retval EFI_BUFFER_TOO_SMALL The DataSize is too small for the result. DataSize has been\r
- updated with the size needed to complete the request.\r
-\r
-**/\r
-EFI_STATUS\r
-GetSadEntry (\r
- IN EFI_IPSEC_CONFIG_SELECTOR *Selector,\r
- IN OUT UINTN *DataSize,\r
- OUT VOID *Data\r
- );\r
-\r
-/**\r
- This function looks up the data entry from IPsec PADand returns the configuration\r
- value of the specified PAD Entry.\r
-\r
- @param[in] Selector Pointer to an entry selector that is an identifier\r
- of the PAD entry.\r
- @param[in, out] DataSize On output the size of data returned in Data.\r
- @param[out] Data The buffer to return the contents of the IPsec\r
- configuration data. This type of the data buffer\r
- is associated with the DataType.\r
-\r
- @retval EFI_SUCCESS The specified configuration data was obtained successfully.\r
- @retval EFI_NOT_FOUND The configuration data specified by Selector is not found.\r
- @retval EFI_BUFFER_TOO_SMALL The DataSize is too small for the result. DataSize has been\r
- updated with the size needed to complete the request.\r
-\r
-**/\r
-EFI_STATUS\r
-GetPadEntry (\r
- IN EFI_IPSEC_CONFIG_SELECTOR *Selector,\r
- IN OUT UINTN *DataSize,\r
- OUT VOID *Data\r
- );\r
-\r
-/**\r
- Return the configuration value for the EFI IPsec driver.\r
-\r
- This function lookup the data entry from IPsec database or IKEv2 configuration\r
- information. The expected data type and unique identification are described in\r
- DataType and Selector parameters.\r
-\r
- @param[in] This Pointer to the EFI_IPSEC_CONFIG_PROTOCOL instance.\r
- @param[in] DataType The type of data to retrieve.\r
- @param[in] Selector Pointer to an entry selector that is an identifier of the IPsec\r
- configuration data entry.\r
- @param[in, out] DataSize On output the size of data returned in Data.\r
- @param[out] Data The buffer to return the contents of the IPsec configuration data.\r
- The type of the data buffer is associated with the DataType.\r
-\r
- @retval EFI_SUCCESS The specified configuration data was obtained successfully.\r
- @retval EFI_INVALID_PARAMETER One or more of the followings are TRUE:\r
- - This is NULL.\r
- - Selector is NULL.\r
- - DataSize is NULL.\r
- - Data is NULL and *DataSize is not zero\r
- @retval EFI_NOT_FOUND The configuration data specified by Selector is not found.\r
- @retval EFI_UNSUPPORTED The specified DataType is not supported.\r
- @retval EFI_BUFFER_TOO_SMALL The DataSize is too small for the result. DataSize has been\r
- updated with the size needed to complete the request.\r
-\r
-**/\r
-EFI_STATUS\r
-EFIAPI\r
-EfiIpSecConfigGetData (\r
- IN EFI_IPSEC_CONFIG_PROTOCOL *This,\r
- IN EFI_IPSEC_CONFIG_DATA_TYPE DataType,\r
- IN EFI_IPSEC_CONFIG_SELECTOR *Selector,\r
- IN OUT UINTN *DataSize,\r
- OUT VOID *Data\r
- );\r
-\r
-/**\r
- Set the security association, security policy and peer authorization configuration\r
- information for the EFI IPsec driver.\r
-\r
- This function is used to set the IPsec configuration information of type DataType for\r
- the EFI IPsec driver.\r
- The IPsec configuration data has a unique selector/identifier separately to identify\r
- a data entry. The selector structure depends on DataType's definition.\r
- Using SetData() with a Data of NULL causes the IPsec configuration data entry identified\r
- by DataType and Selector to be deleted.\r
-\r
- @param[in] This Pointer to the EFI_IPSEC_CONFIG_PROTOCOL instance.\r
- @param[in] DataType The type of data to be set.\r
- @param[in] Selector Pointer to an entry selector on operated configuration data\r
- specified by DataType. A NULL Selector causes the entire\r
- specified-type configuration information to be flushed.\r
- @param[in] Data The data buffer to be set. The structure of the data buffer is\r
- associated with the DataType.\r
- @param[in] InsertBefore Pointer to one entry selector which describes the expected\r
- position the new data entry will be added. If InsertBefore is NULL,\r
- the new entry will be appended the end of database.\r
-\r
- @retval EFI_SUCCESS The specified configuration entry data was set successfully.\r
- @retval EFI_INVALID_PARAMETER One or more of the following are TRUE:\r
- - This is NULL.\r
- @retval EFI_UNSUPPORTED The specified DataType is not supported.\r
- @retval EFI_OUT_OF_RESOURCED The required system resource could not be allocated.\r
-\r
-**/\r
-EFI_STATUS\r
-EFIAPI\r
-EfiIpSecConfigSetData (\r
- IN EFI_IPSEC_CONFIG_PROTOCOL *This,\r
- IN EFI_IPSEC_CONFIG_DATA_TYPE DataType,\r
- IN EFI_IPSEC_CONFIG_SELECTOR *Selector,\r
- IN VOID *Data,\r
- IN EFI_IPSEC_CONFIG_SELECTOR *InsertBefore OPTIONAL\r
- );\r
-\r
-/**\r
- Enumerates the current selector for IPsec configuration data entry.\r
-\r
- This function is called multiple times to retrieve the entry Selector in IPsec\r
- configuration database. On each call to GetNextSelector(), the next entry\r
- Selector are retrieved into the output interface.\r
-\r
- If the entire IPsec configuration database has been iterated, the error\r
- EFI_NOT_FOUND is returned.\r
- If the Selector buffer is too small for the next Selector copy, an\r
- EFI_BUFFER_TOO_SMALL error is returned, and SelectorSize is updated to reflect\r
- the size of buffer needed.\r
-\r
- On the initial call to GetNextSelector() to start the IPsec configuration database\r
- search, a pointer to the buffer with all zero value is passed in Selector. Calls\r
- to SetData() between calls to GetNextSelector may produce unpredictable results.\r
-\r
- @param[in] This Pointer to the EFI_IPSEC_CONFIG_PROTOCOL instance.\r
- @param[in] DataType The type of IPsec configuration data to retrieve.\r
- @param[in, out] SelectorSize The size of the Selector buffer.\r
- @param[in, out] Selector On input, supplies the pointer to last Selector that was\r
- returned by GetNextSelector().\r
- On output, returns one copy of the current entry Selector\r
- of a given DataType.\r
-\r
- @retval EFI_SUCCESS The specified configuration data was obtained successfully.\r
- @retval EFI_INVALID_PARAMETER One or more of the followings are TRUE:\r
- - This is NULL.\r
- - SelectorSize is NULL.\r
- - Selector is NULL.\r
- @retval EFI_NOT_FOUND The next configuration data entry was not found.\r
- @retval EFI_UNSUPPORTED The specified DataType is not supported.\r
- @retval EFI_BUFFER_TOO_SMALL The SelectorSize is too small for the result. This parameter\r
- has been updated with the size needed to complete the search\r
- request.\r
-\r
-**/\r
-EFI_STATUS\r
-EFIAPI\r
-EfiIpSecConfigGetNextSelector (\r
- IN EFI_IPSEC_CONFIG_PROTOCOL *This,\r
- IN EFI_IPSEC_CONFIG_DATA_TYPE DataType,\r
- IN OUT UINTN *SelectorSize,\r
- IN OUT EFI_IPSEC_CONFIG_SELECTOR *Selector\r
- );\r
-\r
-/**\r
- Register an event that is to be signaled whenever a configuration process on the\r
- specified IPsec configuration information is done.\r
-\r
- The register function is not surpport now and always returns EFI_UNSUPPORTED.\r
-\r
- @param[in] This Pointer to the EFI_IPSEC_CONFIG_PROTOCOL instance.\r
- @param[in] DataType The type of data to be registered the event for.\r
- @param[in] Event The event to be registered.\r
-\r
- @retval EFI_SUCCESS The event is registered successfully.\r
- @retval EFI_INVALID_PARAMETER This is NULL, or Event is NULL.\r
- @retval EFI_ACCESS_DENIED The Event is already registered for the DataType.\r
- @retval EFI_UNSUPPORTED The notify registration unsupported, or the specified\r
- DataType is not supported.\r
-\r
-**/\r
-EFI_STATUS\r
-EFIAPI\r
-EfiIpSecConfigRegisterNotify (\r
- IN EFI_IPSEC_CONFIG_PROTOCOL *This,\r
- IN EFI_IPSEC_CONFIG_DATA_TYPE DataType,\r
- IN EFI_EVENT Event\r
- );\r
-\r
-\r
-/**\r
- Remove the specified event that was previously registered on the specified IPsec\r
- configuration data.\r
-\r
- This function is not supported now and always returns EFI_UNSUPPORTED.\r
-\r
- @param[in] This Pointer to the EFI_IPSEC_CONFIG_PROTOCOL instance.\r
- @param[in] DataType The configuration data type to remove the registered event for.\r
- @param[in] Event The event to be unregistered.\r
-\r
- @retval EFI_SUCCESS The event was removed successfully.\r
- @retval EFI_NOT_FOUND The Event specified by DataType could not be found in the\r
- database.\r
- @retval EFI_INVALID_PARAMETER This is NULL or Event is NULL.\r
- @retval EFI_UNSUPPORTED The notify registration unsupported or the specified\r
- DataType is not supported.\r
-\r
-**/\r
-EFI_STATUS\r
-EFIAPI\r
-EfiIpSecConfigUnregisterNotify (\r
- IN EFI_IPSEC_CONFIG_PROTOCOL *This,\r
- IN EFI_IPSEC_CONFIG_DATA_TYPE DataType,\r
- IN EFI_EVENT Event\r
- );\r
-\r
-extern LIST_ENTRY mConfigData[IPsecConfigDataTypeMaximum];\r
-\r
-#endif\r