--- /dev/null
+/** @file\r
+ UEFI 2.2 User Credential Protocol definition.\r
+\r
+ Attached to a device handle, this protocol identifies a single means of identifying the user.\r
+\r
+ Copyright (c) 2009, Intel Corporation \r
+ All rights reserved. This program and the accompanying materials \r
+ are licensed and made available under the terms and conditions of the BSD License \r
+ which accompanies this distribution. The full text of the license may be found at \r
+ http://opensource.org/licenses/bsd-license.php \r
+\r
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. \r
+\r
+**/\r
+\r
+#ifndef __USER_CREDENTIAL_H__\r
+#define __USER_CREDENTIAL_H__\r
+\r
+#define EFI_USER_CREDENTIAL_PROTOCOL_GUID \\r
+ { \\r
+ 0x71ee5e94, 0x65b9, 0x45d5, { 0x82, 0x1a, 0x3a, 0x4d, 0x86, 0xcf, 0xe6, 0xbe } \\r
+ }\r
+\r
+typedef VOID *EFI_USER_PROFILE_HANDLE;\r
+typedef VOID *EFI_USER_INFO_HANDLE;\r
+\r
+///\r
+/// The attributes of the user profile information.\r
+///\r
+typedef UINT16 EFI_USER_INFO_ATTRIBS;\r
+#define EFI_USER_INFO_STORAGE 0x000F\r
+#define EFI_USER_INFO_STORAGE_VOLATILE 0x0000\r
+#define EFI_USER_INFO_STORAGE_CREDENTIAL_NV 0x0001\r
+#define EFI_USER_INFO_STORAGE_PLATFORM_NV 0x0002\r
+\r
+#define EFI_USER_INFO_ACCESS 0x0070\r
+#define EFI_USER_INFO_PUBLIC 0x0010\r
+#define EFI_USER_INFO_PRIVATE 0x0020\r
+#define EFI_USER_INFO_PROTECTED 0x0030\r
+#define EFI_USER_INFO_EXCLUSIVE 0x0080\r
+\r
+///\r
+/// User infromation structure\r
+///\r
+typedef struct {\r
+ ///\r
+ /// The user credential identifier associated with this user information or else Nil if the \r
+ /// information is not associated with any specific credential.\r
+ ///\r
+ EFI_GUID Credential;\r
+ ///\r
+ /// The type of user information.\r
+ ///\r
+ UINT8 InfoType;\r
+ ///\r
+ /// Must be set to 0.\r
+ ///\r
+ UINT8 Reserved1;\r
+ ///\r
+ /// The attributes of the user profile information.\r
+ ///\r
+ EFI_USER_INFO_ATTRIBS InfoAttribs;\r
+ ///\r
+ /// The size of the user information, in bytes, including this header.\r
+ ///\r
+ UINT32 InfoSize;\r
+} EFI_USER_INFO;\r
+\r
+///\r
+/// User credential class GUIDs\r
+///\r
+#define EFI_USER_CREDENTIAL_CLASS_UNKNOWN \\r
+ { 0x5cf32e68, 0x7660, 0x449b, { 0x80, 0xe6, 0x7e, 0xa3, 0x6e, 0x3, 0xf6, 0xa8 } }\r
+#define EFI_USER_CREDENTIAL_CLASS_PASSWORD \\r
+ { 0xf8e5058c, 0xccb6, 0x4714, { 0xb2, 0x20, 0x3f, 0x7e, 0x3a, 0x64, 0xb, 0xd1 } }\r
+#define EFI_USER_CREDENTIAL_CLASS_SMART_CARD \\r
+ { 0x5f03ba33, 0x8c6b, 0x4c24, { 0xaa, 0x2e, 0x14, 0xa2, 0x65, 0x7b, 0xd4, 0x54 } }\r
+#define EFI_USER_CREDENTIAL_CLASS_FINGERPRINT \\r
+ { 0x32cba21f, 0xf308, 0x4cbc, { 0x9a, 0xb5, 0xf5, 0xa3, 0x69, 0x9f, 0x4, 0x4a } }\r
+#define EFI_USER_CREDENTIAL_CLASS_HANDPRINT \\r
+ { 0x5917ef16, 0xf723, 0x4bb9, { 0xa6, 0x4b, 0xd8, 0xc5, 0x32, 0xf4, 0xd8, 0xb5 } }\r
+#define EFI_USER_CREDENTIAL_CLASS_SECURE_CARD \\r
+ { 0x8a6b4a83, 0x42fe, 0x45d2, { 0xa2, 0xef, 0x46, 0xf0, 0x6c, 0x7d, 0x98, 0x52 } }\r
+\r
+typedef UINT64 EFI_CREDENTIAL_CAPABILITIES;\r
+#define EFI_CREDENTIAL_CAPABILITIES_ENROLL 0x0000000000000001\r
+\r
+///\r
+/// Credential logon flags \r
+///\r
+typedef UINT32 EFI_CREDENTIAL_LOGON_FLAGS;\r
+#define EFI_CREDENTIAL_LOGON_FLAG_AUTO 0x00000001\r
+#define EFI_CREDENTIAL_LOGON_FLAG_DEFAULT 0x00000002\r
+\r
+///\r
+/// User information record types\r
+///\r
+\r
+///\r
+/// No information.\r
+///\r
+#define EFI_USER_INFO_EMPTY_RECORD 0x00\r
+///\r
+/// Provide the user's name for the enrolled user.\r
+///\r
+#define EFI_USER_INFO_NAME_RECORD 0x01\r
+typedef CHAR16 *EFI_USER_INFO_NAME;\r
+///\r
+/// Provides the date and time when the user profile was created.\r
+///\r
+#define EFI_USER_INFO_CREATE_DATE_RECORD 0x02\r
+typedef EFI_TIME EFI_USER_INFO_CREATE_DATE;\r
+///\r
+/// Provides the date and time when the user profile was selected.\r
+///\r
+#define EFI_USER_INFO_USAGE_DATE_RECORD 0x03\r
+typedef EFI_TIME EFI_USER_INFO_USAGE_DATE;\r
+///\r
+/// Provides the number of times that the user profile has been selected.\r
+///\r
+#define EFI_USER_INFO_USAGE_COUNT_RECORD 0x04\r
+typedef UINT64 EFI_USER_INFO_USAGE_COUNT;\r
+///\r
+/// Provides a unique non-volatile user identifier for each enrolled user.\r
+///\r
+#define EFI_USER_INFO_IDENTIFIER_RECORD 0x05\r
+typedef UINT8 EFI_USER_INFO_IDENTIFIER[16];\r
+///\r
+/// Specifies the type of a particular credential associated with the user profile.\r
+///\r
+#define EFI_USER_INFO_CREDENTIAL_TYPE_RECORD 0x06\r
+typedef EFI_GUID EFI_USER_INFO_CREDENTIAL_TYPE;\r
+///\r
+/// Specifies the user-readable name of a particular credential type.\r
+///\r
+#define EFI_USER_INFO_CREDENTIAL_TYPE_NAME_RECORD 0x07\r
+typedef CHAR16 *EFI_USER_INFO_CREDENTIAL_TYPE_NAME;\r
+///\r
+/// Specifies the credential provider.\r
+///\r
+#define EFI_USER_INFO_CREDENTIAL_PROVIDER_RECORD 0x08\r
+typedef EFI_GUID EFI_USER_INFO_CREDENTIAL_PROVIDER;\r
+///\r
+/// Specifies the user-readable name of a particular credential's provider.\r
+///\r
+#define EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD 0x09\r
+typedef CHAR16 *EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME;\r
+///\r
+/// Provides PKCS#11 credential information from a smart card.\r
+///\r
+#define EFI_USER_INFO_PKCS11_RECORD 0x0A\r
+///\r
+/// Provides standard biometric information in the format specified by the ISO 19785 (Common \r
+/// Biometric Exchange Formats Framework) specification.\r
+///\r
+#define EFI_USER_INFO_CBEFF_RECORD 0x0B\r
+typedef VOID *EFI_USER_INFO_CBEFF;\r
+///\r
+/// Indicates how close of a match the fingerprint must be in order to be considered a match.\r
+///\r
+#define EFI_USER_INFO_FAR_RECORD 0x0C\r
+typedef UINT8 EFI_USER_INFO_FAR;\r
+///\r
+/// Indicates how many attempts the user has to with a particular credential before the system prevents \r
+/// further attempts.\r
+///\r
+#define EFI_USER_INFO_RETRY_RECORD 0x0D\r
+typedef UINT8 EFI_USER_INFO_RETRY;\r
+///\r
+/// Provides the user's pre-OS access rights.\r
+///\r
+#define EFI_USER_INFO_ACCESS_POLICY_RECORD 0x0E\r
+\r
+typedef struct {\r
+ UINT32 Type; ///< Specifies the type of user access control.\r
+ UINT32 Size; ///< Specifies the size of the user access control record, in bytes, including this header.\r
+} EFI_USER_INFO_ACCESS_CONTROL;\r
+\r
+typedef EFI_USER_INFO_ACCESS_CONTROL EFI_USER_INFO_ACCESS_POLICY;\r
+\r
+///\r
+/// User Information access types\r
+///\r
+\r
+///\r
+/// Forbids the user from booting or loading executables from the specified device path or any child \r
+/// device paths.\r
+///\r
+#define EFI_USER_INFO_ACCESS_FORBID_LOAD 0x00000001\r
+///\r
+///\r
+/// Permits the user from booting or loading executables from the specified device path or any child \r
+/// device paths.\r
+///\r
+#define EFI_USER_INFO_ACCESS_PERMIT_LOAD 0x00000002\r
+///\r
+/// Presence of this record indicates that a user can update enrollment information.\r
+///\r
+#define EFI_USER_INFO_ACCESS_ENROLL_SELF 0x00000003\r
+///\r
+/// Presence of this record indicates that a user can enroll new users.\r
+///\r
+#define EFI_USER_INFO_ACCESS_ENROLL_OTHERS 0x00000004\r
+///\r
+/// Presence of this record indicates that a user can update the user information of any user.\r
+///\r
+#define EFI_USER_INFO_ACCESS_MANAGE 0x00000005\r
+///\r
+/// Describes permissions usable when configuring the platform.\r
+///\r
+#define EFI_USER_INFO_ACCESS_SETUP 0x00000006\r
+///\r
+/// Standard GUIDs for access to configure the platform.\r
+///\r
+#define EFI_USER_INFO_ACCESS_SETUP_ADMIN_GUID \\r
+ { 0x85b75607, 0xf7ce, 0x471e, { 0xb7, 0xe4, 0x2a, 0xea, 0x5f, 0x72, 0x32, 0xee } }\r
+#define EFI_USER_INFO_ACCESS_SETUP_NORMAL_GUID \\r
+ { 0x1db29ae0, 0x9dcb, 0x43bc, { 0x8d, 0x87, 0x5d, 0xa1, 0x49, 0x64, 0xdd, 0xe2 } }\r
+#define EFI_USER_INFO_ACCESS_SETUP_RESTRICTED_GUID \\r
+ { 0xbdb38125, 0x4d63, 0x49f4, { 0x82, 0x12, 0x61, 0xcf, 0x5a, 0x19, 0xa, 0xf8 } }\r
+\r
+///\r
+/// Forbids UEFI drivers from being started from the specified device path(s) or any child device paths.\r
+///\r
+#define EFI_USER_INFO_ACCESS_FORBID_CONNECT 0x00000007\r
+///\r
+/// Permits UEFI drivers to be started on the specified device path(s) or any child device paths.\r
+///\r
+#define EFI_USER_INFO_ACCESS_PERMIT_CONNECT 0x00000008\r
+///\r
+/// Modifies the boot order.\r
+///\r
+#define EFI_USER_INFO_ACCESS_BOOT_ORDER 0x00000009\r
+typedef UINT32 EFI_USER_INFO_ACCESS_BOOT_ORDER_HDR;\r
+\r
+#define EFI_USER_INFO_ACCESS_BOOT_ORDER_MASK 0x0000000F\r
+///\r
+/// Insert new boot options at the beginning of the boot order.\r
+///\r
+#define EFI_USER_INFO_ACCESS_BOOT_ORDER_INSERT 0x00000000\r
+///\r
+/// Append new boot options to the end of the boot order.\r
+///\r
+#define EFI_USER_INFO_ACCESS_BOOT_ORDER_APPEND 0x00000001\r
+///\r
+/// Replace the entire boot order.\r
+///\r
+#define EFI_USER_INFO_ACCESS_BOOT_ORDER_REPLACE 0x00000002\r
+///\r
+/// The Boot Manager will not attempt find a default boot device \r
+/// when the default boot order is does not lead to a bootable device.\r
+///\r
+#define EFI_USER_INFO_ACCESS_BOOT_ORDER_NODEFAULT 0x00000010\r
+\r
+///\r
+/// Provides the expression which determines which credentials are required to assert user identity.\r
+///\r
+#define EFI_USER_INFO_IDENTITY_POLICY_RECORD 0x0F\r
+\r
+typedef struct {\r
+ UINT32 Type; ///< Specifies either an operator or a data item. \r
+ UINT32 Length; ///< The length of this block, in bytes, including this header.\r
+} EFI_USER_INFO_IDENTITY_POLICY;\r
+\r
+///\r
+/// User identity policy expression operators.\r
+///\r
+#define EFI_USER_INFO_IDENTITY_FALSE 0x00\r
+#define EFI_USER_INFO_IDENTITY_TRUE 0x01\r
+#define EFI_USER_INFO_IDENTITY_CREDENTIAL_TYPE 0x02\r
+#define EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER 0x03\r
+#define EFI_USER_INFO_IDENTITY_NOT 0x10\r
+#define EFI_USER_INFO_IDENTITY_AND 0x11\r
+#define EFI_USER_INFO_IDENTITY_OR 0x12\r
+\r
+///\r
+/// Provides placeholder for additional user profile information identified by a GUID.\r
+///\r
+#define EFI_USER_INFO_GUID_RECORD 0xFF\r
+typedef EFI_GUID EFI_USER_INFO_GUID;\r
+\r
+///\r
+/// User information table\r
+/// A collection of EFI_USER_INFO records, prefixed with this header.\r
+///\r
+typedef struct {\r
+ UINT64 Size; ///< Total size of the user information table, in bytes.\r
+} EFI_USER_INFO_TABLE;\r
+\r
+typedef struct _EFI_USER_CREDENTIAL_PROTOCOL EFI_USER_CREDENTIAL_PROTOCOL;\r
+\r
+/**\r
+ Enroll a user on a credential provider.\r
+\r
+ This function enrolls a user profile using this credential provider. If a user profile is successfully \r
+ enrolled, it calls the User Manager Protocol function Notify() to notify the user manager driver \r
+ that credential information has changed.\r
+\r
+ @param[in] This Points to this instance of the EFI_USER_CREDENTIAL_PROTOCOL.\r
+ @param[in] User The user profile to enroll.\r
+ \r
+ @retval EFI_SUCCESS User profile was successfully enrolled.\r
+ @retval EFI_ACCESS_DENIED Current user profile does not permit enrollment on the user profile \r
+ handle. Either the user profile cannot enroll on any user profile or \r
+ cannot enroll on a user profile other than the current user profile.\r
+ @retval EFI_UNSUPPORTED This credential provider does not support enrollment in the pre-OS.\r
+ @retval EFI_DEVICE_ERROR The new credential could not be created because of a device error.\r
+ @retval EFI_INVALID_PARAMETER User does not refer to a valid user profile handle.\r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *EFI_CREDENTIAL_ENROLL)(\r
+ IN CONST EFI_USER_CREDENTIAL_PROTOCOL *This,\r
+ IN EFI_USER_PROFILE_HANDLE User\r
+ );\r
+\r
+/**\r
+ Returns the user interface information used during user identification.\r
+\r
+ This function returns information about the form used when interacting with the user during user \r
+ identification. The form is the first enabled form in the form-set class \r
+ EFI_HII_USER_CREDENTIAL_FORMSET_GUID installed on the HII handle HiiHandle. If \r
+ the user credential provider does not require a form to identify the user, then this function should \r
+ return EFI_NOT_FOUND.\r
+\r
+ @param[in] This Points to this instance of the EFI_USER_CREDENTIAL_PROTOCOL.\r
+ @param[out] Hii On return, holds the HII database handle.\r
+ @param[out] FormSetId On return, holds the identifier of the form set which contains\r
+ the form used during user identification.\r
+ @param[out] FormId On return, holds the identifier of the form used during user identification.\r
+ \r
+ @retval EFI_SUCCESS Form returned successfully.\r
+ @retval EFI_NOT_FOUND Form not returned.\r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *EFI_CREDENTIAL_FORM)(\r
+ IN CONST EFI_USER_CREDENTIAL_PROTOCOL *This,\r
+ OUT EFI_HII_HANDLE *Hii,\r
+ OUT EFI_GUID *FormSetId,\r
+ OUT EFI_FORM_ID *FormId\r
+ );\r
+\r
+/**\r
+ Returns bitmap used to describe the credential provider type.\r
+\r
+ This optional function returns a bitmap which is less than or equal to the number of pixels specified \r
+ by Width and Height. If no such bitmap exists, then EFI_NOT_FOUND is returned. \r
+\r
+ @param[in] This Points to this instance of the EFI_USER_CREDENTIAL_PROTOCOL.\r
+ @param[in,out] Width On entry, points to the desired bitmap width. If NULL then no bitmap information will \r
+ be returned. On exit, points to the width of the bitmap returned.\r
+ @param[in,out] Height On entry, points to the desired bitmap height. If NULL then no bitmap information will \r
+ be returned. On exit, points to the height of the bitmap returned\r
+ @param[out] Hii On return, holds the HII database handle. \r
+ @param[out] Image On return, holds the HII image identifier. \r
+ \r
+ @retval EFI_SUCCESS Image identifier returned successfully.\r
+ @retval EFI_NOT_FOUND Image identifier not returned.\r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *EFI_CREDENTIAL_TILE)(\r
+ IN CONST EFI_USER_CREDENTIAL_PROTOCOL *This,\r
+ IN OUT UINTN *Width,\r
+ IN OUT UINTN *Height,\r
+ OUT EFI_HII_HANDLE *Hii,\r
+ OUT EFI_IMAGE_ID *Image\r
+ );\r
+\r
+/**\r
+ Returns string used to describe the credential provider type.\r
+\r
+ This function returns a string which describes the credential provider. If no such string exists, then \r
+ EFI_NOT_FOUND is returned. \r
+\r
+ @param[in] This Points to this instance of the EFI_USER_CREDENTIAL_PROTOCOL.\r
+ @param[out] Hii On return, holds the HII database handle.\r
+ @param[out] String On return, holds the HII string identifier.\r
+ \r
+ @retval EFI_SUCCESS String identifier returned successfully.\r
+ @retval EFI_NOT_FOUND String identifier not returned.\r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *EFI_CREDENTIAL_TITLE)(\r
+ IN CONST EFI_USER_CREDENTIAL_PROTOCOL *This,\r
+ OUT EFI_HII_HANDLE *Hii,\r
+ OUT EFI_STRING_ID *String\r
+ );\r
+\r
+/**\r
+ Return the user identifier associated with the currently authenticated user.\r
+\r
+ This function returns the user identifier of the user authenticated by this credential provider. This \r
+ function is called after the credential-related information has been submitted on a form OR after a \r
+ call to Default() has returned that this credential is ready to log on.\r
+\r
+ @param[in] This Points to this instance of the EFI_USER_CREDENTIAL_PROTOCOL.\r
+ @param[in] User The user profile handle of the user profile currently being considered by the user \r
+ identity manager. If NULL, then no user profile is currently under consideration.\r
+ @param[out] Identifier On return, points to the user identifier. \r
+ \r
+ @retval EFI_SUCCESS User identifier returned successfully.\r
+ @retval EFI_NOT_READY No user identifier can be returned.\r
+ @retval EFI_ACCESS_DENIED The user has been locked out of this user credential.\r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *EFI_CREDENTIAL_USER)(\r
+ IN CONST EFI_USER_CREDENTIAL_PROTOCOL *This,\r
+ IN EFI_USER_PROFILE_HANDLE User,\r
+ OUT EFI_USER_INFO_IDENTIFIER *Identifier\r
+ );\r
+\r
+/**\r
+ Indicate that user interface interaction has begun for the specified credential.\r
+\r
+ This function is called when a credential provider is selected by the user. If AutoLogon returns \r
+ FALSE, then the user interface will be constructed by the User Identity Manager. \r
+\r
+ @param[in] This Points to this instance of the EFI_USER_CREDENTIAL_PROTOCOL.\r
+ @param[out] AutoLogon On return, points to the credential provider's capabilities after the credential provider \r
+ has been selected by the user. \r
+ \r
+ @retval EFI_SUCCESS Credential provider successfully selected.\r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *EFI_CREDENTIAL_SELECT)(\r
+ IN CONST EFI_USER_CREDENTIAL_PROTOCOL *This,\r
+ OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon\r
+ ); \r
+\r
+/**\r
+ Indicate that user interface interaction has ended for the specified credential.\r
+\r
+ This function is called when a credential provider is deselected by the user.\r
+\r
+ @param[in] This Points to this instance of the EFI_USER_CREDENTIAL_PROTOCOL.\r
+ \r
+ @retval EFI_SUCCESS Credential provider successfully deselected.\r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *EFI_CREDENTIAL_DESELECT)(\r
+ IN CONST EFI_USER_CREDENTIAL_PROTOCOL *This\r
+ );\r
+\r
+/**\r
+ Return the default logon behavior for this user credential.\r
+\r
+ This function reports the default login behavior regarding this credential provider. \r
+\r
+ @param[in] This Points to this instance of the EFI_USER_CREDENTIAL_PROTOCOL.\r
+ @param[out] AutoLogon On return, holds whether the credential provider should be used by default to \r
+ automatically log on the user. \r
+ \r
+ @retval EFI_SUCCESS Default information successfully returned.\r
+**/\r
+typedef \r
+EFI_STATUS\r
+(EFIAPI *EFI_CREDENTIAL_DEFAULT)(\r
+ IN CONST EFI_USER_CREDENTIAL_PROTOCOL *This,\r
+ OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon\r
+ );\r
+\r
+/**\r
+ Return information attached to the credential provider.\r
+\r
+ This function returns user information. \r
+\r
+ @param[in] This Points to this instance of the EFI_USER_CREDENTIAL_PROTOCOL.\r
+ @param[in] UserInfo Handle of the user information data record. \r
+ @param[out] Info On entry, points to a buffer of at least *InfoSize bytes. On exit, holds the user \r
+ information. If the buffer is too small to hold the information, then \r
+ EFI_BUFFER_TOO_SMALL is returned and InfoSize is updated to contain the \r
+ number of bytes actually required.\r
+ @param[in,out] InfoSize On entry, points to the size of Info. On return, points to the size of the user \r
+ information. \r
+ \r
+ @retval EFI_SUCCESS Information returned successfully.\r
+ @retval EFI_ACCESS_DENIED The information about the specified user cannot be accessed by the \r
+ current user.\r
+ @retval EFI_BUFFER_TOO_SMALL The size specified by InfoSize is too small to hold all of the user \r
+ information. The size required is returned in *InfoSize.\r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *EFI_CREDENTIAL_GET_INFO)(\r
+ IN CONST EFI_USER_CREDENTIAL_PROTOCOL *This,\r
+ IN EFI_USER_INFO_HANDLE UserInfo,\r
+ OUT EFI_USER_INFO *Info,\r
+ IN OUT UINTN *InfoSize\r
+ );\r
+\r
+/**\r
+ Enumerate all of the enrolled users on the platform.\r
+\r
+ This function returns the next user information record. To retrieve the first user information record \r
+ handle, point UserInfo at a NULL. Each subsequent call will retrieve another user information \r
+ record handle until there are no more, at which point UserInfo will point to NULL. \r
+\r
+ @param[in] This Points to this instance of the EFI_USER_CREDENTIAL_PROTOCOL.\r
+ @param[in,out] UserInfo On entry, points to the previous user information handle or NULL to start \r
+ enumeration. On exit, points to the next user information handle or NULL if there is \r
+ no more user information.\r
+ \r
+ @retval EFI_SUCCESS User information returned.\r
+ @retval EFI_NOT_FOUND No more user information found.\r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *EFI_CREDENTIAL_GET_NEXT_INFO)(\r
+ IN CONST EFI_USER_CREDENTIAL_PROTOCOL *This,\r
+ IN OUT EFI_USER_INFO_HANDLE *UserInfo\r
+ );\r
+\r
+///\r
+/// This protocol provides support for a single class of credentials\r
+///\r
+struct _EFI_USER_CREDENTIAL_PROTOCOL {\r
+ EFI_GUID Identifier; ///< Uniquely identifies this credential provider.\r
+ EFI_GUID Type; ///< Identifies this class of User Credential Provider.\r
+ EFI_CREDENTIAL_ENROLL Enroll;\r
+ EFI_CREDENTIAL_FORM Form;\r
+ EFI_CREDENTIAL_TILE Tile;\r
+ EFI_CREDENTIAL_TITLE Title;\r
+ EFI_CREDENTIAL_USER User;\r
+ EFI_CREDENTIAL_SELECT Select; \r
+ EFI_CREDENTIAL_DESELECT Deselect;\r
+ EFI_CREDENTIAL_DEFAULT Default;\r
+ EFI_CREDENTIAL_GET_INFO GetInfo;\r
+ EFI_CREDENTIAL_GET_NEXT_INFO GetNextInfo;\r
+ EFI_CREDENTIAL_CAPABILITIES Capabilities;\r
+};\r
+\r
+extern EFI_GUID gEfiUserCredentialProtocolGuid;\r
+\r
+#endif\r
--- /dev/null
+/** @file\r
+ UEFI 2.2 User Manager Protocol definition.\r
+\r
+ This protocol manages user profiles.\r
+\r
+ Copyright (c) 2009, Intel Corporation \r
+ All rights reserved. This program and the accompanying materials \r
+ are licensed and made available under the terms and conditions of the BSD License \r
+ which accompanies this distribution. The full text of the license may be found at \r
+ http://opensource.org/licenses/bsd-license.php \r
+\r
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. \r
+\r
+**/\r
+\r
+#ifndef __USER_MANAGER_H__\r
+#define __USER_MANAGER_H__\r
+\r
+#include <Protocol/UserCredential.h>\r
+\r
+///\r
+/// Global ID for the User Manager Protocol\r
+///\r
+#define EFI_USER_MANAGER_PROTOCOL_GUID \\r
+ { \\r
+ 0x6fd5b00c, 0xd426, 0x4283, { 0x98, 0x87, 0x6c, 0xf5, 0xcf, 0x1c, 0xb1, 0xfe } \\r
+ }\r
+\r
+#define EFI_EVENT_GROUP_USER_PROFILE_CHANGED \\r
+ { \\r
+ 0xbaf1e6de, 0x209e, 0x4adb, { 0x8d, 0x96, 0xfd, 0x8b, 0x71, 0xf3, 0xf6, 0x83 } \\r
+ }\r
+\r
+typedef struct _EFI_USER_MANAGER_PROTOCOL EFI_USER_MANAGER_PROTOCOL;\r
+\r
+/**\r
+ Create a new user profile.\r
+\r
+ This function creates a new user profile with only a new user identifier attached and returns its \r
+ handle. The user profile is non-volatile, but the handle User can change across reboots.\r
+\r
+ @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL.\r
+ @param[out] User On return, points to the new user profile handle. \r
+ The user profile handle is unique only during this boot.\r
+ \r
+ @retval EFI_SUCCESS User profile was successfully created.\r
+ @retval EFI_ACCESS_DENIED Current user does not have sufficient permissions to create a user profile.\r
+ @retval EFI_UNSUPPORTED Creation of new user profiles is not supported.\r
+ @retval EFI_INVALID_PARAMETER The User parameter is NULL.\r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *EFI_USER_PROFILE_CREATE)(\r
+ IN CONST EFI_USER_MANAGER_PROTOCOL *This,\r
+ OUT EFI_USER_PROFILE_HANDLE *User\r
+ );\r
+\r
+/**\r
+ Delete an existing user profile.\r
+\r
+ @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL.\r
+ @param[in] User User profile handle. \r
+\r
+ @retval EFI_SUCCESS User profile was successfully deleted.\r
+ @retval EFI_ACCESS_DENIED Current user does not have sufficient permissions to delete a user\r
+ profile or there is only one user profile.\r
+ @retval EFI_UNSUPPORTED Deletion of new user profiles is not supported.\r
+ @retval EFI_INVALID_PARAMETER User does not refer to a valid user profile.\r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *EFI_USER_PROFILE_DELETE)(\r
+ IN CONST EFI_USER_MANAGER_PROTOCOL *This,\r
+ IN EFI_USER_PROFILE_HANDLE User\r
+ );\r
+\r
+/**\r
+ Enumerate all of the enrolled users on the platform.\r
+\r
+ This function returns the next enrolled user profile. To retrieve the first user profile handle, point \r
+ User at a NULL. Each subsequent call will retrieve another user profile handle until there are no \r
+ more, at which point User will point to NULL. \r
+\r
+ @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL.\r
+ @param[in,out] User On entry, points to the previous user profile handle or NULL to \r
+ start enumeration. On exit, points to the next user profile handle\r
+ or NULL if there are no more user profiles.\r
+\r
+ @retval EFI_SUCCESS Next enrolled user profile successfully returned. \r
+ @retval EFI_ACCESS_DENIED Next enrolled user profile was not successfully returned.\r
+ @retval EFI_INVALID_PARAMETER The User parameter is NULL.\r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *EFI_USER_PROFILE_GET_NEXT)(\r
+ IN CONST EFI_USER_MANAGER_PROTOCOL *This,\r
+ IN OUT EFI_USER_PROFILE_HANDLE *User\r
+ );\r
+\r
+/**\r
+ Return the current user profile handle.\r
+\r
+ @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL.\r
+ @param[out] CurrentUser On return, points to the current user profile handle.\r
+\r
+ @retval EFI_SUCCESS Current user profile handle returned successfully. \r
+ @retval EFI_INVALID_PARAMETER The CurrentUser parameter is NULL.\r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *EFI_USER_PROFILE_CURRENT)(\r
+ IN CONST EFI_USER_MANAGER_PROTOCOL *This,\r
+ OUT EFI_USER_PROFILE_HANDLE *CurrentUser\r
+ );\r
+\r
+/**\r
+ Identify a user.\r
+\r
+ Identify the user and, if authenticated, returns the user handle and changes the current user profile.\r
+ All user information marked as private in a previously selected profile is no longer available for \r
+ inspection. \r
+ Whenever the current user profile is changed then the an event with the GUID \r
+ EFI_EVENT_GROUP_USER_PROFILE_CHANGED is signaled.\r
+\r
+ @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL.\r
+ @param[out] User On return, points to the user profile handle for the current user profile.\r
+\r
+ @retval EFI_SUCCESS User was successfully identified.\r
+ @retval EFI_ACCESS_DENIED User was not successfully identified.\r
+ @retval EFI_INVALID_PARAMETER The User parameter is NULL.\r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *EFI_USER_PROFILE_IDENTIFY)(\r
+ IN CONST EFI_USER_MANAGER_PROTOCOL *This,\r
+ OUT EFI_USER_PROFILE_HANDLE *User\r
+ );\r
+\r
+/**\r
+ Find a user using a user information record.\r
+\r
+ This function searches all user profiles for the specified user information record. The search starts \r
+ with the user information record handle following UserInfo and continues until either the \r
+ information is found or there are no more user profiles.\r
+ A match occurs when the Info.InfoType field matches the user information record type and the \r
+ user information record data matches the portion of Info passed the EFI_USER_INFO header.\r
+\r
+ @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL.\r
+ @param[in,out] User On entry, points to the previously returned user profile handle or NULL to start \r
+ searching with the first user profile. On return, points to the user profile handle or \r
+ NULL if not found.\r
+ @param[in,out] UserInfo On entry, points to the previously returned user information handle or NULL to start \r
+ searching with the first. On return, points to the user information handle of the user \r
+ information record or NULL if not found. Can be NULL, in which case only one user \r
+ information record per user can be returned. \r
+ @param[in] Info Points to the buffer containing the user information to be compared to the user \r
+ information record. If NULL, then only the user information record type is compared. \r
+ If InfoSize is 0, then the user information record must be empty.\r
+\r
+ @param[in] InfoSize The size of Info, in bytes. \r
+\r
+ @retval EFI_SUCCESS User information was found. User points to the user profile handle and \r
+ UserInfo points to the user information handle.\r
+ @retval EFI_NOT_FOUND User information was not found. User points to NULL and UserInfo points to NULL.\r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *EFI_USER_PROFILE_FIND)(\r
+ IN CONST EFI_USER_MANAGER_PROTOCOL *This,\r
+ IN OUT EFI_USER_PROFILE_HANDLE *User,\r
+ IN OUT EFI_USER_INFO_HANDLE *UserInfo OPTIONAL,\r
+ IN CONST EFI_USER_INFO *Info,\r
+ IN UINTN InfoSize\r
+ );\r
+\r
+/**\r
+ Called by credential provider to notify of information change.\r
+\r
+ This function allows the credential provider to notify the User Identity Manager when user status has \r
+ changed while deselected.\r
+ If the User Identity Manager doesn't support asynchronous changes in credentials, then this function \r
+ should return EFI_UNSUPPORTED. \r
+ If the User Identity Manager supports this, it will call User() to get the user identifier and then \r
+ GetNextInfo() and GetInfo() in the User Credential Protocol to get all of the information \r
+ from the credential and add it.\r
+\r
+ @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL.\r
+ @param[in] Changed Handle on which is installed an instance of the\r
+ EFI_USER_CREDENTIAL_PROTOCOL where the user has changed.\r
+\r
+ @retval EFI_SUCCESS The User Identity Manager has handled the notification.\r
+ @retval EFI_NOT_READY The function was called while the specified credential provider was not selected.\r
+ @retval EFI_UNSUPPORTED The User Identity Manager doesn't support asynchronous notifications.\r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *EFI_USER_PROFILE_NOTIFY)(\r
+ IN CONST EFI_USER_MANAGER_PROTOCOL *This,\r
+ IN EFI_HANDLE Changed\r
+ );\r
+\r
+/**\r
+ Return information attached to the user.\r
+\r
+ This function returns user information. The format of the information is described in User \r
+ Information. The function may return EFI_ACCESS_DENIED if the information is marked private \r
+ and the handle specified by User is not the current user profile. The function may return \r
+ EFI_ACCESS_DENIED if the information is marked protected and the information is associated \r
+ with a credential provider for which the user has not been authenticated.\r
+\r
+ @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL.\r
+ @param[in] User Handle of the user whose profile will be retrieved. \r
+ @param[in] UserInfo Handle of the user information data record. \r
+ @param[out] Info On entry, points to a buffer of at least *InfoSize bytes. On exit, holds the user \r
+ information. If the buffer is too small to hold the information, then \r
+ EFI_BUFFER_TOO_SMALL is returned and InfoSize is updated to contain the \r
+ number of bytes actually required. \r
+ @param[in,out] InfoSize On entry, points to the size of Info. On return, points to the size of the user \r
+ information. \r
+\r
+ @retval EFI_SUCCESS Information returned successfully.\r
+ @retval EFI_ACCESS_DENIED The information about the specified user cannot be accessed by the current user.\r
+ @retval EFI_BUFFER_TOO_SMALL The number of bytes specified by *InfoSize is too small to hold \r
+ the returned data. The actual size required is returned in *InfoSize.\r
+**/ \r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *EFI_USER_PROFILE_GET_INFO)(\r
+ IN CONST EFI_USER_MANAGER_PROTOCOL *This,\r
+ IN EFI_USER_PROFILE_HANDLE User,\r
+ IN EFI_USER_INFO_HANDLE UserInfo,\r
+ OUT EFI_USER_INFO *Info,\r
+ IN OUT UINTN *InfoSize\r
+ );\r
+\r
+/**\r
+ Add or update user information.\r
+\r
+ This function changes user information. If NULL is pointed to by UserInfo, then a new user \r
+ information record is created and its handle is returned in UserInfo. Otherwise, the existing one is \r
+ replaced.\r
+ If EFI_USER_INFO_EXCLUSIVE is specified in Info and a user information record of the same \r
+ type already exists in the user profile, then EFI_ACCESS_DENIED will be returned and \r
+ UserInfo will point to the handle of the existing record.\r
+\r
+ @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL.\r
+ @param[in] User Handle of the user whose profile will be retrieved. \r
+ @param[in,out] UserInfo Handle of the user information data record. \r
+ @param[in] Info On entry, points to a buffer of at least *InfoSize bytes. On exit, holds the user \r
+ information. If the buffer is too small to hold the information, then \r
+ EFI_BUFFER_TOO_SMALL is returned and InfoSize is updated to contain the \r
+ number of bytes actually required. \r
+ @param[in] InfoSize On entry, points to the size of Info. On return, points to the size of the user \r
+ information. \r
+\r
+ @retval EFI_SUCCESS Information returned successfully.\r
+ @retval EFI_ACCESS_DENIED The record is exclusive.\r
+ @retval EFI_SECURITY_VIOLATION The current user does not have permission to change the specified \r
+ user profile or user information record.\r
+**/ \r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *EFI_USER_PROFILE_SET_INFO)(\r
+ IN CONST EFI_USER_MANAGER_PROTOCOL *This,\r
+ IN EFI_USER_PROFILE_HANDLE User,\r
+ IN OUT EFI_USER_INFO_HANDLE *UserInfo,\r
+ IN CONST EFI_USER_INFO *Info,\r
+ IN UINTN InfoSize\r
+ );\r
+\r
+/**\r
+ Delete user information.\r
+\r
+ Delete the user information attached to the user profile specified by the UserInfo.\r
+\r
+ @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL.\r
+ @param[in] User Handle of the user whose information will be deleted.\r
+ @param[in] UserInfo Handle of the user information to remove.\r
+\r
+ @retval EFI_SUCCESS User information deleted successfully.\r
+ @retval EFI_NOT_FOUND User information record UserInfo does not exist in the user profile.\r
+ @retval EFI_ACCESS_DENIED The current user does not have permission to delete this user information. \r
+**/ \r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *EFI_USER_PROFILE_DELETE_INFO)(\r
+ IN CONST EFI_USER_MANAGER_PROTOCOL *This,\r
+ IN EFI_USER_PROFILE_HANDLE User,\r
+ IN EFI_USER_INFO_HANDLE UserInfo\r
+ );\r
+\r
+/**\r
+ Enumerate user information of all the enrolled users on the platform.\r
+\r
+ This function returns the next user information record. To retrieve the first user information record \r
+ handle, point UserInfo at a NULL. Each subsequent call will retrieve another user information \r
+ record handle until there are no more, at which point UserInfo will point to NULL. \r
+\r
+ @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL.\r
+ @param[in] User Handle of the user whose information will be deleted.\r
+ @param[in,out] UserInfo Handle of the user information to remove.\r
+\r
+ @retval EFI_SUCCESS User information returned.\r
+ @retval EFI_NOT_FOUND No more user information found.\r
+**/ \r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *EFI_USER_PROFILE_GET_NEXT_INFO)(\r
+ IN CONST EFI_USER_MANAGER_PROTOCOL *This,\r
+ IN EFI_USER_PROFILE_HANDLE User,\r
+ IN OUT EFI_USER_INFO_HANDLE *UserInfo\r
+ );\r
+\r
+///\r
+/// This protocol provides the services used to manage user profiles.\r
+///\r
+struct _EFI_USER_MANAGER_PROTOCOL {\r
+ EFI_USER_PROFILE_CREATE Create;\r
+ EFI_USER_PROFILE_DELETE Delete;\r
+ EFI_USER_PROFILE_GET_NEXT GetNext;\r
+ EFI_USER_PROFILE_CURRENT Current;\r
+ EFI_USER_PROFILE_IDENTIFY Identify;\r
+ EFI_USER_PROFILE_FIND Find;\r
+ EFI_USER_PROFILE_NOTIFY Notify;\r
+ EFI_USER_PROFILE_GET_INFO GetInfo;\r
+ EFI_USER_PROFILE_SET_INFO SetInfo;\r
+ EFI_USER_PROFILE_DELETE_INFO DeleteInfo;\r
+ EFI_USER_PROFILE_GET_NEXT_INFO GetNextInfo;\r
+};\r
+\r
+extern EFI_GUID gEfiUserManagerProtocolGuid;\r
+\r
+#endif\r