sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add security package to repository.

Browse Source 
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12261 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
gdong1
2011-09-02 07:49:32 +00:00
parent 986d1dfb08
commit 0c18794ea4
102 changed files with 38487 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

372
SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileAdd.c Normal file
View File

@@ -0,0 +1,372 @@
/** @file
The functions to add a user profile.
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include "UserProfileManager.h"
/**
Get user name from the popup windows.
@param[in, out] UserNameLen On entry, point to UserName buffer lengh, in bytes.
On exit, point to input user name length, in bytes.
@param[out] UserName The buffer to hold the input user name.
@retval EFI_ABORTED It is given up by pressing 'ESC' key.
@retval EFI_NOT_READY Not a valid input at all.
@retval EFI_SUCCESS Get a user name successfully.
**/
EFI_STATUS
GetUserNameInput (
IN OUT UINTN *UserNameLen,
OUT CHAR16 *UserName
)
{
EFI_INPUT_KEY Key;
UINTN NameLen;
CHAR16 Name[USER_NAME_LENGTH];
NameLen = 0;
while (TRUE) {
Name[NameLen] = L'_';
Name[NameLen + 1] = L'\0';
CreatePopUp (
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
&Key,
L"Input User Name",
L"---------------------",
Name,
NULL
);
//
// Check key.
//
if (Key.ScanCode == SCAN_NULL) {
if (Key.UnicodeChar == CHAR_CARRIAGE_RETURN) {
//
// Add the null terminator.
//
Name[NameLen] = 0;
NameLen++;
break;
} else if ((Key.UnicodeChar == CHAR_NULL) ||
(Key.UnicodeChar == CHAR_TAB) ||
(Key.UnicodeChar == CHAR_LINEFEED)
) {
continue;
} else {
if (Key.UnicodeChar == CHAR_BACKSPACE) {
if (NameLen > 0) {
NameLen--;
}
} else {
Name[NameLen] = Key.UnicodeChar;
NameLen++;
if (NameLen + 1 == USER_NAME_LENGTH) {
//
// Add the null terminator.
//
Name[NameLen] = 0;
NameLen++;
break;
}
}
}
}
if (Key.ScanCode == SCAN_ESC) {
return EFI_ABORTED;
}
}
if (NameLen <= 1) {
return EFI_NOT_READY;
}
if (*UserNameLen < NameLen * sizeof (CHAR16)) {
return EFI_NOT_READY;
}
*UserNameLen = NameLen * sizeof (CHAR16);
CopyMem (UserName, Name, *UserNameLen);
return EFI_SUCCESS;
}
/**
Set a user's username.
@param[in] User Handle of a user profile .
@param[in] UserNameLen The lengh of UserName.
@param[in] UserName Point to the buffer of user name.
@retval EFI_NOT_READY The usernme in mAddUserName had been used.
@retval EFI_SUCCESS Change the user's username successfully with
username in mAddUserName.
**/
EFI_STATUS
SetUserName (
IN EFI_USER_PROFILE_HANDLE User,
IN UINTN UserNameLen,
IN CHAR16 *UserName
)
{
EFI_STATUS Status;
EFI_USER_INFO_HANDLE UserInfo;
EFI_USER_PROFILE_HANDLE TempUser;
EFI_USER_INFO *NewUserInfo;
NewUserInfo = AllocateZeroPool (sizeof (EFI_USER_INFO) + UserNameLen);
ASSERT (NewUserInfo != NULL);
NewUserInfo->InfoType = EFI_USER_INFO_NAME_RECORD;
NewUserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
EFI_USER_INFO_PUBLIC |
EFI_USER_INFO_EXCLUSIVE;
NewUserInfo->InfoSize = (UINT32) (sizeof (EFI_USER_INFO) + UserNameLen);
CopyMem ((UINT8 *) (NewUserInfo + 1), UserName, UserNameLen);
TempUser = NULL;
Status = mUserManager->Find (
mUserManager,
&TempUser,
NULL,
NewUserInfo,
NewUserInfo->InfoSize
);
if (!EFI_ERROR (Status)) {
//
// The user name had been used, return error.
//
FreePool (NewUserInfo);
return EFI_NOT_READY;
}
UserInfo = NULL;
mUserManager->SetInfo (
mUserManager,
User,
&UserInfo,
NewUserInfo,
NewUserInfo->InfoSize
);
FreePool (NewUserInfo);
return EFI_SUCCESS;
}
/**
Set create date of the specified user.
@param[in] User Handle of a user profile.
**/
VOID
SetCreateDate (
IN EFI_USER_PROFILE_HANDLE User
)
{
EFI_STATUS Status;
EFI_USER_INFO_HANDLE UserInfo;
EFI_USER_INFO_CREATE_DATE Date;
EFI_USER_INFO *NewUserInfo;
NewUserInfo = AllocateZeroPool (
sizeof (EFI_USER_INFO) +
sizeof (EFI_USER_INFO_CREATE_DATE)
);
ASSERT (NewUserInfo != NULL);
NewUserInfo->InfoType = EFI_USER_INFO_CREATE_DATE_RECORD;
NewUserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
EFI_USER_INFO_PUBLIC |
EFI_USER_INFO_EXCLUSIVE;
NewUserInfo->InfoSize = sizeof (EFI_USER_INFO) + sizeof (EFI_USER_INFO_CREATE_DATE);
Status = gRT->GetTime (&Date, NULL);
if (EFI_ERROR (Status)) {
FreePool (NewUserInfo);
return ;
}
CopyMem ((UINT8 *) (NewUserInfo + 1), &Date, sizeof (EFI_USER_INFO_CREATE_DATE));
UserInfo = NULL;
mUserManager->SetInfo (
mUserManager,
User,
&UserInfo,
NewUserInfo,
NewUserInfo->InfoSize
);
FreePool (NewUserInfo);
}
/**
Set the default identity policy of the specified user.
@param[in] User Handle of a user profile.
**/
VOID
SetIdentityPolicy (
IN EFI_USER_PROFILE_HANDLE User
)
{
EFI_USER_INFO_IDENTITY_POLICY *Policy;
EFI_USER_INFO_HANDLE UserInfo;
EFI_USER_INFO *NewUserInfo;
NewUserInfo = AllocateZeroPool (
sizeof (EFI_USER_INFO) +
sizeof (EFI_USER_INFO_IDENTITY_POLICY)
);
ASSERT (NewUserInfo != NULL);
Policy = (EFI_USER_INFO_IDENTITY_POLICY *) (NewUserInfo + 1);
Policy->Type = EFI_USER_INFO_IDENTITY_TRUE;
Policy->Length = sizeof (EFI_USER_INFO_IDENTITY_POLICY);
NewUserInfo->InfoType = EFI_USER_INFO_IDENTITY_POLICY_RECORD;
NewUserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
EFI_USER_INFO_PRIVATE |
EFI_USER_INFO_EXCLUSIVE;
NewUserInfo->InfoSize = sizeof (EFI_USER_INFO) + Policy->Length;
UserInfo = NULL;
mUserManager->SetInfo (
mUserManager,
User,
&UserInfo,
NewUserInfo,
NewUserInfo->InfoSize
);
FreePool (NewUserInfo);
}
/**
Set the default access policy of the specified user.
@param[in] User Handle of a user profile.
**/
VOID
SetAccessPolicy (
IN EFI_USER_PROFILE_HANDLE User
)
{
EFI_USER_INFO_ACCESS_CONTROL *Control;
EFI_USER_INFO_HANDLE UserInfo;
EFI_USER_INFO *NewUserInfo;
NewUserInfo = AllocateZeroPool (
sizeof (EFI_USER_INFO) +
sizeof (EFI_USER_INFO_ACCESS_CONTROL)
);
ASSERT (NewUserInfo != NULL);
Control = (EFI_USER_INFO_ACCESS_CONTROL *) (NewUserInfo + 1);
Control->Type = EFI_USER_INFO_ACCESS_ENROLL_SELF;
Control->Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL);
NewUserInfo->InfoType = EFI_USER_INFO_ACCESS_POLICY_RECORD;
NewUserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
EFI_USER_INFO_PUBLIC |
EFI_USER_INFO_EXCLUSIVE;
NewUserInfo->InfoSize = sizeof (EFI_USER_INFO) + Control->Size;
UserInfo = NULL;
mUserManager->SetInfo (
mUserManager,
User,
&UserInfo,
NewUserInfo,
NewUserInfo->InfoSize
);
FreePool (NewUserInfo);
}
/**
Add a new user profile into the user profile database.
**/
VOID
CallAddUser (
VOID
)
{
EFI_STATUS Status;
EFI_INPUT_KEY Key;
EFI_USER_PROFILE_HANDLE User;
UINTN UserNameLen;
CHAR16 UserName[USER_NAME_LENGTH];
CHAR16 *QuestionStr;
CHAR16 *PromptStr;
QuestionStr = NULL;
PromptStr = NULL;
//
// Get user name to add.
//
UserNameLen = sizeof (UserName);
Status = GetUserNameInput (&UserNameLen, UserName);
if (EFI_ERROR (Status)) {
if (Status != EFI_ABORTED) {
QuestionStr = GetStringById (STRING_TOKEN (STR_GET_USERNAME_FAILED));
PromptStr = GetStringById (STRING_TOKEN (STR_STROKE_KEY_CONTINUE));
goto Done;
}
return ;
}
//
// Create a new user profile.
//
User = NULL;
Status = mUserManager->Create (mUserManager, &User);
if (EFI_ERROR (Status)) {
QuestionStr = GetStringById (STRING_TOKEN (STR_CREATE_PROFILE_FAILED));
PromptStr = GetStringById (STRING_TOKEN (STR_STROKE_KEY_CONTINUE));
} else {
//
// Add default user information.
//
Status = SetUserName (User, UserNameLen, UserName);
if (EFI_ERROR (Status)) {
QuestionStr = GetStringById (STRING_TOKEN (STR_USER_ALREADY_EXISTED));
PromptStr = GetStringById (STRING_TOKEN (STR_STROKE_KEY_CONTINUE));
goto Done;
}
SetCreateDate (User);
SetIdentityPolicy (User);
SetAccessPolicy (User);
QuestionStr = GetStringById (STRING_TOKEN (STR_CREATE_PROFILE_SUCCESS));
PromptStr = GetStringById (STRING_TOKEN (STR_STROKE_KEY_CONTINUE));
}
Done:
CreatePopUp (
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
&Key,
QuestionStr,
L"",
PromptStr,
NULL
);
FreePool (QuestionStr);
FreePool (PromptStr);
}

314
SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileDelete.c Normal file
View File

@@ -0,0 +1,314 @@
/** @file
The functions to delete a user profile.
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include "UserProfileManager.h"
/**
Get the username from the specified user.
@param[in] User Handle of a user profile.
@retval EFI_STRING_ID The String Id of the user's username.
**/
EFI_STRING_ID
GetUserName (
IN EFI_USER_PROFILE_HANDLE User
)
{
EFI_STATUS Status;
EFI_USER_INFO_HANDLE UserInfo;
EFI_USER_INFO *Info;
UINTN InfoSize;
UINTN MemSize;
UINTN NameLen;
CHAR16 UserName[USER_NAME_LENGTH];
EFI_STRING_ID UserId;
//
// Allocate user information memory.
//
MemSize = sizeof (EFI_USER_INFO) + 63;
Info = AllocateZeroPool (MemSize);
ASSERT (Info != NULL);
//
// Get user name information.
//
UserInfo = NULL;
while (TRUE) {
InfoSize = MemSize;
//
// Get next user information.
//
Status = mUserManager->GetNextInfo (
mUserManager,
User,
&UserInfo
);
if (EFI_ERROR (Status)) {
break;
}
Status = mUserManager->GetInfo (
mUserManager,
User,
UserInfo,
Info,
&InfoSize
);
if (Status == EFI_BUFFER_TOO_SMALL) {
MemSize = InfoSize;
FreePool (Info);
Info = AllocateZeroPool (MemSize);
ASSERT (Info != NULL);
Status = mUserManager->GetInfo (
mUserManager,
User,
UserInfo,
Info,
&InfoSize
);
}
//
// Check user information.
//
if (Status == EFI_SUCCESS) {
if (Info->InfoType == EFI_USER_INFO_NAME_RECORD) {
NameLen = Info->InfoSize - sizeof (EFI_USER_INFO);
if (NameLen > USER_NAME_LENGTH * sizeof (CHAR16)) {
NameLen = USER_NAME_LENGTH * sizeof (CHAR16);
}
ASSERT (NameLen >= sizeof (CHAR16));
CopyMem (UserName, (UINT8 *) (Info + 1), NameLen);
UserName[NameLen / sizeof (CHAR16) - 1] = 0;
UserId = HiiSetString (
mCallbackInfo->HiiHandle,
0,
UserName,
NULL
);
if (UserId != 0) {
FreePool (Info);
return UserId;
}
}
}
}
FreePool (Info);
return 0;
}
/**
Add a username item in form.
@param[in] User Points to the user profile whose username is added.
@param[in] Index The index of the user in the user name list
@param[in] OpCodeHandle Points to container for dynamic created opcodes.
**/
VOID
AddUserToForm (
IN EFI_USER_PROFILE_HANDLE User,
IN UINT16 Index,
IN VOID *OpCodeHandle
)
{
EFI_STRING_ID NameId;
//
// Get user name
//
NameId = GetUserName (User);
if (NameId == 0) {
return ;
}
//
// Create user name option.
//
switch (Index & KEY_FIRST_FORM_MASK) {
case KEY_MODIFY_USER:
HiiCreateGotoOpCode (
OpCodeHandle, // Container for dynamic created opcodes
FORMID_USER_INFO, // Target Form ID
NameId, // Prompt text
STRING_TOKEN (STR_NULL_STRING), // Help text
EFI_IFR_FLAG_CALLBACK, // Question flag
Index // Question ID
);
break;
case KEY_DEL_USER:
HiiCreateActionOpCode (
OpCodeHandle, // Container for dynamic created opcodes
Index, // Question ID
NameId, // Prompt text
STRING_TOKEN (STR_NULL_STRING), // Help text
EFI_IFR_FLAG_CALLBACK, // Question flag
0 // Action String ID
);
break;
default:
break;
}
}
/**
Delete the user specified by UserIndex in user profile database.
@param[in] UserIndex The index of user in the user name list
to be deleted.
**/
VOID
DeleteUser (
IN UINT8 UserIndex
)
{
EFI_STATUS Status;
EFI_USER_PROFILE_HANDLE User;
EFI_INPUT_KEY Key;
//
// Find specified user profile and delete it.
//
User = NULL;
Status = mUserManager->GetNext (mUserManager, &User);
if (EFI_ERROR (Status)) {
goto Done;
}
while (UserIndex > 1) {
Status = mUserManager->GetNext (mUserManager, &User);
if (EFI_ERROR (Status)) {
goto Done;
}
UserIndex--;
}
if (UserIndex == 1) {
Status = mUserManager->Delete (mUserManager, User);
if (EFI_ERROR (Status)) {
goto Done;
}
CreatePopUp (
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
&Key,
L"Delete User Succeed!",
L"",
L"Please Press Any Key to Continue ...",
NULL
);
return ;
}
Done:
CreatePopUp (
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
&Key,
L"Delete User Failed!",
L"",
L"Please Press Any Key to Continue ...",
NULL
);
}
/**
Display user select form, cab select a user to delete.
**/
VOID
SelectUserToDelete (
VOID
)
{
EFI_STATUS Status;
UINT8 Index;
EFI_USER_PROFILE_HANDLE User;
EFI_USER_PROFILE_HANDLE CurrentUser;
VOID *StartOpCodeHandle;
VOID *EndOpCodeHandle;
EFI_IFR_GUID_LABEL *StartLabel;
EFI_IFR_GUID_LABEL *EndLabel;
//
// Initialize the container for dynamic opcodes.
//
StartOpCodeHandle = HiiAllocateOpCodeHandle ();
ASSERT (StartOpCodeHandle != NULL);
EndOpCodeHandle = HiiAllocateOpCodeHandle ();
ASSERT (EndOpCodeHandle != NULL);
//
// Create Hii Extend Label OpCode.
//
StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
StartOpCodeHandle,
&gEfiIfrTianoGuid,
NULL,
sizeof (EFI_IFR_GUID_LABEL)
);
StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
StartLabel->Number = LABEL_USER_DEL_FUNC;
EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
EndOpCodeHandle,
&gEfiIfrTianoGuid,
NULL,
sizeof (EFI_IFR_GUID_LABEL)
);
EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
EndLabel->Number = LABEL_END;
//
// Add each user can be deleted.
//
User = NULL;
Index = 1;
mUserManager->Current (mUserManager, &CurrentUser);
while (TRUE) {
Status = mUserManager->GetNext (mUserManager, &User);
if (EFI_ERROR (Status)) {
break;
}
if (User != CurrentUser) {
AddUserToForm (
User,
(UINT16)(KEY_DEL_USER | KEY_SELECT_USER | Index),
StartOpCodeHandle
);
}
Index++;
}
HiiUpdateForm (
mCallbackInfo->HiiHandle, // HII handle
&mUserProfileManagerGuid, // Formset GUID
FORMID_DEL_USER, // Form ID
StartOpCodeHandle, // Label for where to insert opcodes
EndOpCodeHandle // Replace data
);
HiiFreeOpCodeHandle (StartOpCodeHandle);
HiiFreeOpCodeHandle (EndOpCodeHandle);
}

806
SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.c Normal file
View File

@@ -0,0 +1,806 @@
/** @file
This driver is a configuration tool for adding, deleting or modifying user
profiles, including gathering the necessary information to ascertain their
identity in the future, updating user access policy and identification
policy, etc.
Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include "UserProfileManager.h"
EFI_GUID mUserProfileManagerGuid = USER_PROFILE_MANAGER_GUID;
EFI_USER_MANAGER_PROTOCOL *mUserManager = NULL;
CREDENTIAL_PROVIDER_INFO *mProviderInfo = NULL;
UINT8 mProviderChoice;
UINT8 mConncetLogical;
USER_INFO_ACCESS mAccessInfo;
USER_INFO mUserInfo;
USER_PROFILE_MANAGER_CALLBACK_INFO *mCallbackInfo;
HII_VENDOR_DEVICE_PATH mHiiVendorDevicePath = {
{
{
HARDWARE_DEVICE_PATH,
HW_VENDOR_DP,
{
(UINT8) (sizeof (VENDOR_DEVICE_PATH)),
(UINT8) ((sizeof (VENDOR_DEVICE_PATH)) >> 8)
}
},
{0xad2e3474, 0x93e6, 0x488b, {0x93, 0x19, 0x64, 0x88, 0xfc, 0x68, 0x1f, 0x16}}
},
{
END_DEVICE_PATH_TYPE,
END_ENTIRE_DEVICE_PATH_SUBTYPE,
{
(UINT8) (END_DEVICE_PATH_LENGTH),
(UINT8) ((END_DEVICE_PATH_LENGTH) >> 8)
}
}
};
/**
Get string by string id from HII Interface.
@param[in] Id String ID to get the string from.
@retval CHAR16 * String from ID.
@retval NULL If error occurs.
**/
CHAR16 *
GetStringById (
IN EFI_STRING_ID Id
)
{
//
// Get the current string for the current Language.
//
return HiiGetString (mCallbackInfo->HiiHandle, Id, NULL);
}
/**
This function gets all the credential providers in the system and saved them
to mProviderInfo.
@retval EFI_SUCESS Init credential provider database successfully.
@retval Others Fail to init credential provider database.
**/
EFI_STATUS
InitProviderInfo (
VOID
)
{
EFI_STATUS Status;
UINTN HandleCount;
EFI_HANDLE *HandleBuf;
UINTN Index;
//
// Try to find all the user credential provider driver.
//
HandleCount = 0;
HandleBuf = NULL;
Status = gBS->LocateHandleBuffer (
ByProtocol,
&gEfiUserCredentialProtocolGuid,
NULL,
&HandleCount,
&HandleBuf
);
if (EFI_ERROR (Status)) {
return Status;
}
//
// Get provider infomation.
//
if (mProviderInfo != NULL) {
FreePool (mProviderInfo);
}
mProviderInfo = AllocateZeroPool (
sizeof (CREDENTIAL_PROVIDER_INFO) -
sizeof (EFI_USER_CREDENTIAL_PROTOCOL *) +
HandleCount * sizeof (EFI_USER_CREDENTIAL_PROTOCOL *)
);
if (mProviderInfo == NULL) {
FreePool (HandleBuf);
return EFI_OUT_OF_RESOURCES;
}
mProviderInfo->Count = HandleCount;
for (Index = 0; Index < HandleCount; Index++) {
Status = gBS->HandleProtocol (
HandleBuf[Index],
&gEfiUserCredentialProtocolGuid,
(VOID **) &mProviderInfo->Provider[Index]
);
if (EFI_ERROR (Status)) {
FreePool (HandleBuf);
FreePool (mProviderInfo);
mProviderInfo = NULL;
return Status;
}
}
FreePool (HandleBuf);
return EFI_SUCCESS;
}
/**
This function processes changes in user profile configuration.
@param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
@param Action Specifies the type of action taken by the browser.
@param QuestionId A unique value which is sent to the original
exporting driver so that it can identify the type
of data to expect.
@param Type The type of value for the question.
@param Value A pointer to the data being sent to the original
exporting driver.
@param ActionRequest On return, points to the action requested by the
callback function.
@retval EFI_SUCCESS The callback successfully handled the action.
@retval Others Fail to handle the action.
**/
EFI_STATUS
EFIAPI
UserProfileManagerCallback (
IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
IN EFI_BROWSER_ACTION Action,
IN EFI_QUESTION_ID QuestionId,
IN UINT8 Type,
IN EFI_IFR_TYPE_VALUE *Value,
OUT EFI_BROWSER_ACTION_REQUEST *ActionRequest
)
{
EFI_STATUS Status;
EFI_INPUT_KEY Key;
UINT32 CurrentAccessRight;
CHAR16 *QuestionStr;
CHAR16 *PromptStr;
VOID *StartOpCodeHandle;
VOID *EndOpCodeHandle;
EFI_IFR_GUID_LABEL *StartLabel;
EFI_IFR_GUID_LABEL *EndLabel;
EFI_USER_PROFILE_HANDLE CurrentUser;
Status = EFI_SUCCESS;
switch (Action) {
case EFI_BROWSER_ACTION_FORM_OPEN:
{
//
// Update user manage Form when user manage Form is opened.
// This will be done only in FORM_OPEN CallBack of question with QUESTIONID_USER_MANAGE from user manage Form.
//
if (QuestionId != QUESTIONID_USER_MANAGE) {
return EFI_SUCCESS;
}
//
// Get current user
//
CurrentUser = NULL;
mUserManager->Current (mUserManager, &CurrentUser);
if (CurrentUser == NULL) {
DEBUG ((DEBUG_ERROR, "Error: current user does not exist!\n"));
return EFI_NOT_READY;
}
//
// Get current user's right information.
//
Status = GetAccessRight (&CurrentAccessRight);
if (EFI_ERROR (Status)) {
CurrentAccessRight = EFI_USER_INFO_ACCESS_ENROLL_SELF;
}
//
// Init credential provider information.
//
Status = InitProviderInfo ();
if (EFI_ERROR (Status)) {
return Status;
}
//
// Initialize the container for dynamic opcodes.
//
StartOpCodeHandle = HiiAllocateOpCodeHandle ();
ASSERT (StartOpCodeHandle != NULL);
EndOpCodeHandle = HiiAllocateOpCodeHandle ();
ASSERT (EndOpCodeHandle != NULL);
//
// Create Hii Extend Label OpCode.
//
StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
StartOpCodeHandle,
&gEfiIfrTianoGuid,
NULL,
sizeof (EFI_IFR_GUID_LABEL)
);
StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
StartLabel->Number = LABEL_USER_MANAGE_FUNC;
EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
EndOpCodeHandle,
&gEfiIfrTianoGuid,
NULL,
sizeof (EFI_IFR_GUID_LABEL)
);
EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
EndLabel->Number = LABEL_END;
//
// Add user profile option.
//
if ((CurrentAccessRight == EFI_USER_INFO_ACCESS_MANAGE) ||
(CurrentAccessRight == EFI_USER_INFO_ACCESS_ENROLL_OTHERS)
) {
HiiCreateActionOpCode (
StartOpCodeHandle, // Container for dynamic created opcodes
KEY_ADD_USER, // Question ID
STRING_TOKEN (STR_ADD_USER_TITLE), // Prompt text
STRING_TOKEN (STR_ADD_USER_HELP), // Help text
EFI_IFR_FLAG_CALLBACK, // Question flag
0 // Action String ID
);
}
//
// Add modify user profile option.
//
HiiCreateGotoOpCode (
StartOpCodeHandle, // Container for dynamic created opcodes
FORMID_MODIFY_USER, // Target Form ID
STRING_TOKEN (STR_MODIFY_USER_TITLE), // Prompt text
STRING_TOKEN (STR_MODIFY_USER_HELP), // Help text
EFI_IFR_FLAG_CALLBACK, // Question flag
KEY_MODIFY_USER // Question ID
);
//
// Add delete user profile option
//
if (CurrentAccessRight == EFI_USER_INFO_ACCESS_MANAGE) {
HiiCreateGotoOpCode (
StartOpCodeHandle, // Container for dynamic created opcodes
FORMID_DEL_USER, // Target Form ID
STRING_TOKEN (STR_DELETE_USER_TITLE), // Prompt text
STRING_TOKEN (STR_DELETE_USER_HELP), // Help text
EFI_IFR_FLAG_CALLBACK, // Question flag
KEY_DEL_USER // Question ID
);
}
HiiUpdateForm (
mCallbackInfo->HiiHandle, // HII handle
&mUserProfileManagerGuid, // Formset GUID
FORMID_USER_MANAGE, // Form ID
StartOpCodeHandle, // Label for where to insert opcodes
EndOpCodeHandle // Replace data
);
HiiFreeOpCodeHandle (StartOpCodeHandle);
HiiFreeOpCodeHandle (EndOpCodeHandle);
return EFI_SUCCESS;
}
break;
case EFI_BROWSER_ACTION_FORM_CLOSE:
Status = EFI_SUCCESS;
break;
case EFI_BROWSER_ACTION_CHANGING:
{
//
// Handle the request from form.
//
if ((Value == NULL) || (ActionRequest == NULL)) {
return EFI_INVALID_PARAMETER;
}
//
// Judge first 2 bits.
//
switch (QuestionId & KEY_FIRST_FORM_MASK) {
//
// Add user profile operation.
//
case KEY_ADD_USER:
CallAddUser ();
break;
//
// Delete user profile operation.
//
case KEY_DEL_USER:
//
// Judge next 2 bits.
//
switch (QuestionId & KEY_SECOND_FORM_MASK) {
//
// Enter delete user profile form.
//
case KEY_ENTER_NEXT_FORM:
SelectUserToDelete ();
break;
//
// Delete specified user profile.
//
case KEY_SELECT_USER:
DeleteUser ((UINT8) QuestionId);
//
// Update select user form after delete a user.
//
SelectUserToDelete ();
break;
default:
break;
}
break;
//
// Modify user profile operation.
//
case KEY_MODIFY_USER:
//
// Judge next 2 bits.
//
switch (QuestionId & KEY_SECOND_FORM_MASK) {
//
// Enter modify user profile form.
//
case KEY_ENTER_NEXT_FORM:
SelectUserToModify ();
break;
//
// Enter user profile information form.
//
case KEY_SELECT_USER:
//
// Judge next 3 bits.
//
switch (QuestionId & KEY_MODIFY_INFO_MASK) {
//
// Display user information form.
//
case KEY_ENTER_NEXT_FORM:
ModifyUserInfo ((UINT8) QuestionId);
break;
//
// Modify user name.
//
case KEY_MODIFY_NAME:
ModifyUserName ();
//
// Update username in parent form.
//
SelectUserToModify ();
break;
//
// Modify identity policy.
//
case KEY_MODIFY_IP:
//
// Judge next 3 bits
//
switch (QuestionId & KEY_MODIFY_IP_MASK) {
//
// Display identity policy modify form.
//
case KEY_ENTER_NEXT_FORM:
ModifyIdentityPolicy ();
break;
//
// Change credential provider option.
//
case KEY_MODIFY_PROV:
mProviderChoice = Value->u8;
*ActionRequest = EFI_BROWSER_ACTION_REQUEST_SUBMIT;
break;
//
// Change logical connector.
//
case KEY_MODIFY_CONN:
mConncetLogical = Value->u8;
*ActionRequest = EFI_BROWSER_ACTION_REQUEST_SUBMIT;
break;
//
// Save option.
//
case KEY_ADD_IP_OP:
AddIdentityPolicyItem ();
break;
//
// Return to user profile information form.
//
case KEY_IP_RETURN_UIF:
SaveIdentityPolicy ();
*ActionRequest = EFI_BROWSER_ACTION_REQUEST_SUBMIT;
break;
default:
break;
}
break;
//
// Modify access policy.
//
case KEY_MODIFY_AP:
//
// Judge next 3 bits.
//
switch (QuestionId & KEY_MODIFY_AP_MASK) {
//
// Display access policy modify form.
//
case KEY_ENTER_NEXT_FORM:
ModidyAccessPolicy ();
break;
//
// Change access right choice.
//
case KEY_MODIFY_RIGHT:
mAccessInfo.AccessRight = Value->u8;
*ActionRequest = EFI_BROWSER_ACTION_REQUEST_SUBMIT;
break;
//
// Change setup choice.
//
case KEY_MODIFY_SETUP:
mAccessInfo.AccessSetup= Value->u8;
*ActionRequest = EFI_BROWSER_ACTION_REQUEST_SUBMIT;
break;
//
// Change boot order choice.
//
case KEY_MODIFY_BOOT:
mAccessInfo.AccessBootOrder = Value->u32;
*ActionRequest = EFI_BROWSER_ACTION_REQUEST_SUBMIT;
break;
//
// Load device path form.
//
case KEY_MODIFY_LOAD:
//
// Judge next 2 bits.
//
switch (QuestionId & KEY_DISPLAY_DP_MASK) {
//
// Permit load device path.
//
case KEY_PERMIT_MODIFY:
DisplayLoadPermit ();
break;
//
// Forbid load device path.
//
case KEY_FORBID_MODIFY:
DisplayLoadForbid ();
break;
default:
break;
}
break;
//
// Connect device path form.
//
case KEY_MODIFY_CONNECT:
//
// Judge next 2 bits.
//
switch (QuestionId & KEY_DISPLAY_DP_MASK) {
//
// Permit connect device path.
//
case KEY_PERMIT_MODIFY:
DisplayConnectPermit ();
break;
//
// Forbid connect device path.
//
case KEY_FORBID_MODIFY:
DisplayConnectForbid ();
break;
default:
break;
}
break;
//
// Return to user profile information form.
//
case KEY_AP_RETURN_UIF:
SaveAccessPolicy ();
*ActionRequest = EFI_BROWSER_ACTION_REQUEST_SUBMIT;
break;
default:
break;
}
break;
default:
break;
}
break;
//
// Access policy device path modified.
//
case KEY_MODIFY_AP_DP:
//
// Judge next 2 bits.
//
switch (QuestionId & KEY_MODIFY_DP_MASK) {
//
// Load permit device path modified.
//
case KEY_LOAD_PERMIT_MODIFY:
QuestionStr = GetStringById (STRING_TOKEN (STR_MOVE_TO_FORBID_LIST));
PromptStr = GetStringById (STRING_TOKEN (STR_PRESS_KEY_CONTINUE));
CreatePopUp (
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
&Key,
QuestionStr,
L"",
PromptStr,
NULL
);
FreePool (QuestionStr);
FreePool (PromptStr);
if (Key.UnicodeChar != CHAR_CARRIAGE_RETURN) {
break;
}
AddToForbidLoad ((UINT16)(QuestionId & (KEY_MODIFY_DP_MASK - 1)));
DisplayLoadPermit ();
break;
//
// Load forbid device path modified.
//
case KEY_LOAD_FORBID_MODIFY:
QuestionStr = GetStringById (STRING_TOKEN (STR_MOVE_TO_PERMIT_LIST));
PromptStr = GetStringById (STRING_TOKEN (STR_PRESS_KEY_CONTINUE));
CreatePopUp (
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
&Key,
QuestionStr,
L"",
PromptStr,
NULL
);
FreePool (QuestionStr);
FreePool (PromptStr);
if (Key.UnicodeChar != CHAR_CARRIAGE_RETURN) {
break;
}
DeleteFromForbidLoad ((UINT16)(QuestionId & (KEY_MODIFY_DP_MASK - 1)));
DisplayLoadForbid ();
break;
//
// Connect permit device path modified.
//
case KEY_CONNECT_PERMIT_MODIFY:
break;
//
// Connect forbid device path modified.
//
case KEY_CONNECT_FORBID_MODIFY:
break;
default:
break;
}
break;
default:
break;
}
break;
default:
break;
}
}
break;
default:
//
// All other action return unsupported.
//
Status = EFI_UNSUPPORTED;
break;
}
return Status;
}
/**
This function allows a caller to extract the current configuration for one
or more named elements from the target driver.
@param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
@param Request A null-terminated Unicode string in <ConfigRequest> format.
@param Progress On return, points to a character in the Request string.
Points to the string's null terminator if request was successful.
Points to the most recent '&' before the first failing name/value
pair (or the beginning of the string if the failure is in the
first name/value pair) if the request was not successful.
@param Results A null-terminated Unicode string in <ConfigAltResp> format which
has all values filled in for the names in the Request string.
String to be allocated by the called function.
@retval EFI_SUCCESS The Results is filled with the requested values.
@retval EFI_OUT_OF_RESOURCES Not enough memory to store the results.
@retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown name.
@retval EFI_NOT_FOUND Routing data doesn't match any storage in this driver.
**/
EFI_STATUS
EFIAPI
FakeExtractConfig (
IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
IN CONST EFI_STRING Request,
OUT EFI_STRING *Progress,
OUT EFI_STRING *Results
)
{
if (Progress == NULL || Results == NULL) {
return EFI_INVALID_PARAMETER;
}
*Progress = Request;
return EFI_NOT_FOUND;
}
/**
This function processes the results of changes in configuration.
@param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
@param Configuration A null-terminated Unicode string in <ConfigResp> format.
@param Progress A pointer to a string filled in with the offset of the most
recent '&' before the first failing name/value pair (or the
beginning of the string if the failure is in the first
name/value pair) or the terminating NULL if all was successful.
@retval EFI_SUCCESS The Results is processed successfully.
@retval EFI_INVALID_PARAMETER Configuration is NULL.
@retval EFI_NOT_FOUND Routing data doesn't match any storage in this driver.
**/
EFI_STATUS
EFIAPI
FakeRouteConfig (
IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
IN CONST EFI_STRING Configuration,
OUT EFI_STRING *Progress
)
{
if (Configuration == NULL || Progress == NULL) {
return EFI_INVALID_PARAMETER;
}
return EFI_NOT_FOUND;
}
/**
Main entry for this driver.
@param ImageHandle Image handle this driver.
@param SystemTable Pointer to SystemTable.
@retval EFI_SUCESS This function always complete successfully.
**/
EFI_STATUS
EFIAPI
UserProfileManagerInit (
IN EFI_HANDLE ImageHandle,
IN EFI_SYSTEM_TABLE *SystemTable
)
{
EFI_STATUS Status;
USER_PROFILE_MANAGER_CALLBACK_INFO *CallbackInfo;
Status = gBS->LocateProtocol (
&gEfiUserManagerProtocolGuid,
NULL,
(VOID **) &mUserManager
);
if (EFI_ERROR (Status)) {
return EFI_SUCCESS;
}
//
// Initialize driver private data.
//
ZeroMem (&mUserInfo, sizeof (mUserInfo));
ZeroMem (&mAccessInfo, sizeof (mAccessInfo));
CallbackInfo = AllocateZeroPool (sizeof (USER_PROFILE_MANAGER_CALLBACK_INFO));
ASSERT (CallbackInfo != NULL);
CallbackInfo->Signature = USER_PROFILE_MANAGER_SIGNATURE;
CallbackInfo->ConfigAccess.ExtractConfig = FakeExtractConfig;
CallbackInfo->ConfigAccess.RouteConfig = FakeRouteConfig;
CallbackInfo->ConfigAccess.Callback = UserProfileManagerCallback;
CallbackInfo->DriverHandle = NULL;
//
// Install Device Path Protocol and Config Access protocol to driver handle.
//
Status = gBS->InstallMultipleProtocolInterfaces (
&CallbackInfo->DriverHandle,
&gEfiDevicePathProtocolGuid,
&mHiiVendorDevicePath,
&gEfiHiiConfigAccessProtocolGuid,
&CallbackInfo->ConfigAccess,
NULL
);
ASSERT_EFI_ERROR (Status);
//
// Publish HII data.
//
CallbackInfo->HiiHandle = HiiAddPackages (
&mUserProfileManagerGuid,
CallbackInfo->DriverHandle,
UserProfileManagerStrings,
UserProfileManagerVfrBin,
NULL
);
ASSERT (CallbackInfo->HiiHandle != NULL);
mCallbackInfo = CallbackInfo;
return Status;
}

387
SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.h Normal file
View File

@@ -0,0 +1,387 @@
/** @file
The header file for user profile manager driver.
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef __EFI_USER_PROFILE_MANAGER_H__
#define __EFI_USER_PROFILE_MANAGER_H__
#include <Uefi.h>
#include <Guid/GlobalVariable.h>
#include <Guid/MdeModuleHii.h>
#include <Protocol/HiiConfigAccess.h>
#include <Protocol/DevicePathToText.h>
#include <Protocol/UserCredential.h>
#include <Protocol/UserManager.h>
#include <Library/UefiRuntimeServicesTableLib.h>
#include <Library/UefiBootServicesTableLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/DevicePathLib.h>
#include <Library/DebugLib.h>
#include <Library/UefiLib.h>
#include <Library/PrintLib.h>
#include <Library/HiiLib.h>
#include "UserProfileManagerData.h"
#define USER_NAME_LENGTH 17
//
// Credential Provider Information.
//
typedef struct {
UINTN Count;
EFI_USER_CREDENTIAL_PROTOCOL *Provider[1];
} CREDENTIAL_PROVIDER_INFO;
//
// User profile information structure.
//
typedef struct {
UINT64 UsageCount;
EFI_TIME CreateDate;
EFI_TIME UsageDate;
UINTN AccessPolicyLen;
UINTN IdentityPolicyLen;
UINTN NewIdentityPolicyLen;
UINT8 *AccessPolicy;
UINT8 *IdentityPolicy;
UINT8 *NewIdentityPolicy;
CHAR16 UserName[USER_NAME_LENGTH];
BOOLEAN CreateDateExist;
BOOLEAN UsageDateExist;
BOOLEAN AccessPolicyModified;
BOOLEAN IdentityPolicyModified;
BOOLEAN NewIdentityPolicyModified;
} USER_INFO;
//
// User access information structure.
//
typedef struct {
UINTN LoadPermitLen;
UINTN LoadForbidLen;
UINTN ConnectPermitLen;
UINTN ConnectForbidLen;
UINT8 *LoadPermit;
UINT8 *LoadForbid;
UINT8 *ConnectPermit;
UINT8 *ConnectForbid;
UINT32 AccessBootOrder;
UINT8 AccessRight;
UINT8 AccessSetup;
} USER_INFO_ACCESS;
#define USER_PROFILE_MANAGER_SIGNATURE SIGNATURE_32 ('U', 'P', 'M', 'S')
typedef struct {
UINTN Signature;
EFI_HANDLE DriverHandle;
EFI_HII_HANDLE HiiHandle;
EFI_HII_CONFIG_ACCESS_PROTOCOL ConfigAccess;
} USER_PROFILE_MANAGER_CALLBACK_INFO;
//
// HII specific Vendor Device Path definition.
//
typedef struct {
VENDOR_DEVICE_PATH VendorDevicePath;
EFI_DEVICE_PATH_PROTOCOL End;
} HII_VENDOR_DEVICE_PATH;
//
// This is the generated IFR binary data for each formset defined in VFR.
//
extern UINT8 UserProfileManagerVfrBin[];
//
// This is the generated String package data for .UNI file.
//
extern UINT8 UserProfileManagerStrings[];
//
// Guid used in the form browse.
//
extern EFI_GUID mUserProfileManagerGuid;
//
// The user manager protocol, used in several function.
//
extern EFI_USER_MANAGER_PROTOCOL *mUserManager;
//
// The credential providers database in system.
//
extern CREDENTIAL_PROVIDER_INFO *mProviderInfo;
//
// The variables used to update identity policy.
//
extern UINT8 mProviderChoice;
extern UINT8 mConncetLogical;
//
// The variables used to update access policy.
//
extern USER_INFO_ACCESS mAccessInfo;
//
// The user information used to record all data in UI.
//
extern USER_INFO mUserInfo;
extern USER_PROFILE_MANAGER_CALLBACK_INFO *mCallbackInfo;
/**
Get string by string id from HII Interface.
@param[in] Id String ID to get the string from.
@retval CHAR16 * String from ID.
@retval NULL If error occurs.
**/
CHAR16 *
GetStringById (
IN EFI_STRING_ID Id
);
/**
Add a new user profile into the user profile database.
**/
VOID
CallAddUser (
VOID
);
/**
Display user select form; can select a user to modify.
**/
VOID
SelectUserToModify (
VOID
);
/**
Display user select form, cab select a user to delete.
**/
VOID
SelectUserToDelete (
VOID
);
/**
Delete the user specified by UserIndex in user profile database.
@param[in] UserIndex The index of user in the user name list to be deleted.
**/
VOID
DeleteUser (
IN UINT8 UserIndex
);
/**
Add a username item in form.
@param[in] User Points to the user profile whose username is added.
@param[in] Index The index of the user in the user name list.
@param[in] OpCodeHandle Points to container for dynamic created opcodes.
**/
VOID
AddUserToForm (
IN EFI_USER_PROFILE_HANDLE User,
IN UINT16 Index,
IN VOID *OpCodeHandle
);
/**
Display modify user information form
In this form, username, create Date, usage date, usage count, identity policy,
and access policy are displayed.
@param[in] UserIndex The index of the user in display list to modify.
**/
VOID
ModifyUserInfo (
IN UINT8 UserIndex
);
/**
Get the username from user input and update username string in Hii
database with it.
**/
VOID
ModifyUserName (
VOID
);
/**
Display the form of modifying user identity policy.
**/
VOID
ModifyIdentityPolicy (
VOID
);
/**
Update the mUserInfo.NewIdentityPolicy and UI when 'add option' is pressed.
**/
VOID
AddIdentityPolicyItem (
VOID
);
/**
Save the identity policy and update UI with it.
This funciton will verify the new identity policy, in current implementation,
the identity policy can be: T, P & P & P & ..., P | P | P | ...
Here, "T" means "True", "P" means "Credential Provider", "&" means "and", "|" means "or".
Other identity policies are not supported.
**/
VOID
SaveIdentityPolicy (
VOID
);
/**
Display modify user access policy form
In this form, access right, access setu,p and access boot order are dynamically
added. Load devicepath and connect devicepath are displayed too.
**/
VOID
ModidyAccessPolicy (
VOID
);
/**
Collect all the access policy data to mUserInfo.AccessPolicy,
and save it to user profile.
**/
VOID
SaveAccessPolicy (
VOID
);
/**
Get current user's access rights.
@param[out] AccessRight Points to the buffer used for user's access rights.
@retval EFI_SUCCESS Get current user access rights successfully.
@retval others Fail to get current user access rights.
**/
EFI_STATUS
GetAccessRight (
OUT UINT32 *AccessRight
);
/**
Display the permit load device path in the loadable device path list.
**/
VOID
DisplayLoadPermit(
VOID
);
/**
Display the forbid load device path list (mAccessInfo.LoadForbid).
**/
VOID
DisplayLoadForbid (
VOID
);
/**
Display the permit connect device path.
**/
VOID
DisplayConnectPermit (
VOID
);
/**
Display the forbid connect device path list.
**/
VOID
DisplayConnectForbid (
VOID
);
/**
Delete the specified device path by DriverIndex from the forbid device path
list (mAccessInfo.LoadForbid).
@param[in] DriverIndex The index of driver in a forbidden device path list.
**/
VOID
DeleteFromForbidLoad (
IN UINT16 DriverIndex
);
/**
Add the specified device path by DriverIndex to the forbid device path
list (mAccessInfo.LoadForbid).
@param[in] DriverIndex The index of driver saved in driver options.
**/
VOID
AddToForbidLoad (
IN UINT16 DriverIndex
);
/**
Get user name from the popup windows.
@param[in, out] UserNameLen On entry, point to the buffer lengh of UserName.
On exit, point to the input user name length.
@param[out] UserName The buffer to hold the input user name.
@retval EFI_ABORTED It is given up by pressing 'ESC' key.
@retval EFI_NOT_READY Not a valid input at all.
@retval EFI_SUCCESS Get a user name successfully.
**/
EFI_STATUS
GetUserNameInput (
IN OUT UINTN *UserNameLen,
OUT CHAR16 *UserName
);
#endif

161
SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerData.h Normal file
View File

@@ -0,0 +1,161 @@
/** @file
The form data for user profile manager driver.
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef __USER_PROFILE_MANAGER_DATA_H__
#define __USER_PROFILE_MANAGER_DATA_H__
#define USER_PROFILE_MANAGER_GUID \
{ \
0xc35f272c, 0x97c2, 0x465a, { 0xa2, 0x16, 0x69, 0x6b, 0x66, 0x8a, 0x8c, 0xfe } \
}
//
// Form ID
//
#define FORMID_USER_MANAGE 0x0001
#define FORMID_MODIFY_USER 0x0002
#define FORMID_DEL_USER 0x0003
#define FORMID_USER_INFO 0x0004
#define FORMID_MODIFY_IP 0x0005
#define FORMID_MODIFY_AP 0x0006
#define FORMID_LOAD_DP 0x0007
#define FORMID_CONNECT_DP 0x0008
#define FORMID_PERMIT_LOAD_DP 0x0009
#define FORMID_FORBID_LOAD_DP 0x000A
#define FORMID_PERMIT_CONNECT_DP 0x000B
#define FORMID_FORBID_CONNECT_DP 0x000C
//
// Label ID
//
#define LABEL_USER_MANAGE_FUNC 0x0010
#define LABEL_USER_DEL_FUNC 0x0020
#define LABEL_USER_MOD_FUNC 0x0030
#define LABEL_USER_INFO_FUNC 0x0040
#define LABEL_IP_MOD_FUNC 0x0050
#define LABEL_AP_MOD_FUNC 0x0060
#define LABEL_PERMIT_LOAD_FUNC 0x0070
#define LABLE_FORBID_LOAD_FUNC 0x0080
#define LABEL_END 0x00F0
//
// First form key (Add/modify/del user profile).
// First 2 bits (bit 16~15).
//
#define KEY_MODIFY_USER 0x4000
#define KEY_DEL_USER 0x8000
#define KEY_ADD_USER 0xC000
#define KEY_FIRST_FORM_MASK 0xC000
//
// Second form key (Display new form /Select user / modify device path in access policy).
// Next 2 bits (bit 14~13).
//
#define KEY_ENTER_NEXT_FORM 0x0000
#define KEY_SELECT_USER 0x1000
#define KEY_MODIFY_AP_DP 0x2000
#define KEY_OPEN_CLOSE_FORM_ACTION 0x3000
#define KEY_SECOND_FORM_MASK 0x3000
//
// User profile information form key.
// Next 3 bits (bit 12~10).
//
#define KEY_MODIFY_NAME 0x0200
#define KEY_MODIFY_IP 0x0400
#define KEY_MODIFY_AP 0x0600
#define KEY_MODIFY_INFO_MASK 0x0E00
//
// Specified key, used in VFR (KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_NAME).
//
#define KEY_MODIFY_USER_NAME 0x5200
//
// Modify identity policy form key.
// Next 3 bits (bit 9~7).
//
#define KEY_MODIFY_PROV 0x0040
#define KEY_MODIFY_MTYPE 0x0080
#define KEY_MODIFY_CONN 0x00C0
#define KEY_ADD_IP_OP 0x0100
#define KEY_IP_RETURN_UIF 0x0140
#define KEY_MODIFY_IP_MASK 0x01C0
//
// Specified key.
//
#define KEY_ADD_LOGICAL_OP 0x5500
#define KEY_IP_RETURN 0x5540
//
// Modify access policy form key.
// Next 3 bits (bit 9~7).
//
#define KEY_MODIFY_RIGHT 0x0040
#define KEY_MODIFY_SETUP 0x0080
#define KEY_MODIFY_BOOT 0x00C0
#define KEY_MODIFY_LOAD 0x0100
#define KEY_MODIFY_CONNECT 0x0140
#define KEY_AP_RETURN_UIF 0x0180
#define KEY_MODIFY_AP_MASK 0x01C0
//
// Specified key.
//
#define KEY_LOAD_DP 0x5700
#define KEY_CONN_DP 0x5740
#define KEY_AP_RETURN 0x5780
//
// Device path form key.
// Next 2 bits (bit 6~5).
//
#define KEY_PERMIT_MODIFY 0x0010
#define KEY_FORBID_MODIFY 0x0020
#define KEY_DISPLAY_DP_MASK 0x0030
//
// Specified key.
//
#define KEY_LOAD_PERMIT 0x5710
#define KEY_LOAD_FORBID 0x5720
#define KEY_CONNECT_PERMIT 0x5750
#define KEY_CONNECT_FORBID 0x5760
//
// Device path modify key.
// 2 bits (bit 12~11).
//
#define KEY_LOAD_PERMIT_MODIFY 0x0000
#define KEY_LOAD_FORBID_MODIFY 0x0400
#define KEY_CONNECT_PERMIT_MODIFY 0x0800
#define KEY_CONNECT_FORBID_MODIFY 0x0C00
#define KEY_MODIFY_DP_MASK 0x0C00
//
// The permissions usable when configuring the platform.
//
#define ACCESS_SETUP_RESTRICTED 1
#define ACCESS_SETUP_NORMAL 2
#define ACCESS_SETUP_ADMIN 3
//
// Question ID for the question used in each form (KEY_OPEN_CLOSE_FORM_ACTION | FORMID_FORM_USER_MANAGE)
// This ID is used in FORM OPEN/CLOSE CallBack action.
//
#define QUESTIONID_USER_MANAGE 0x3001
#endif

60
SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerDxe.inf Normal file
View File

@@ -0,0 +1,60 @@
## @file
# Component description file for user profile manager driver.
#
# Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = UserProfileManager
FILE_GUID = E38CB52D-A74D-45db-A8D0-290C9B21BBF2
MODULE_TYPE = DXE_DRIVER
VERSION_STRING = 1.0
ENTRY_POINT = UserProfileManagerInit
[Sources]
UserProfileManager.c
UserProfileManager.h
UserProfileAdd.c
UserProfileDelete.c
UserProfileModify.c
UserProfileManagerData.h
UserProfileManagerStrings.uni
UserProfileManagerVfr.Vfr
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
[LibraryClasses]
UefiRuntimeServicesTableLib
UefiBootServicesTableLib
UefiDriverEntryPoint
MemoryAllocationLib
BaseMemoryLib
DebugLib
HiiLib
UefiLib
[Guids]
gEfiIfrTianoGuid ## CONSUMES ## Guid
gEfiUserInfoAccessSetupAdminGuid ## CONSUMES ## Guid
gEfiUserInfoAccessSetupNormalGuid ## CONSUMES ## Guid
gEfiUserInfoAccessSetupRestrictedGuid ## CONSUMES ## Guid
[Protocols]
gEfiDevicePathProtocolGuid # PROTOCOL ALWAYS_CONSUMED
gEfiHiiConfigAccessProtocolGuid
gEfiUserCredentialProtocolGuid
gEfiUserManagerProtocolGuid
gEfiDevicePathToTextProtocolGuid
[Depex]
gEfiUserManagerProtocolGuid

BIN
SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerStrings.uni Normal file
View File

Binary file not shown.

247
SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerVfr.Vfr Normal file
View File

@@ -0,0 +1,247 @@
/** @file
User Profile Manager formset.
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include "UserProfileManagerData.h"
#define USER_MANAGER_CLASS 0x00
#define USER_MANAGER_SUBCLASS 0x04
formset
guid = USER_PROFILE_MANAGER_GUID,
title = STRING_TOKEN(STR_FORMSET_TITLE),
help = STRING_TOKEN(STR_TITLE_HELP),
class = USER_MANAGER_CLASS,
subclass = USER_MANAGER_SUBCLASS,
// User manager form
form formid = FORMID_USER_MANAGE,
title = STRING_TOKEN(STR_USERMAN_TITLE);
label LABEL_USER_MANAGE_FUNC;
label LABEL_END;
suppressif TRUE;
text
help = STRING_TOKEN(STR_NULL_STRING),
text = STRING_TOKEN(STR_NULL_STRING),
text = STRING_TOKEN(STR_NULL_STRING),
flags = INTERACTIVE,
key = QUESTIONID_USER_MANAGE;
endif;
endform;
// Modify user profile form
form formid = FORMID_MODIFY_USER,
title = STRING_TOKEN(STR_MODIFY_USER_TITLE);
label LABEL_USER_MOD_FUNC;
label LABEL_END;
endform;
// Delete user profile form
form formid = FORMID_DEL_USER,
title = STRING_TOKEN(STR_DELETE_USER_TITLE);
label LABEL_USER_DEL_FUNC;
label LABEL_END;
subtitle
text = STRING_TOKEN(STR_NULL_STRING);
endform;
//
// User profile information form
//
form formid = FORMID_USER_INFO,
title = STRING_TOKEN(STR_USER_INFO);
text
help = STRING_TOKEN(STR_USER_NAME_VAL),
text = STRING_TOKEN(STR_USER_NAME),
flags = INTERACTIVE,
key = KEY_MODIFY_USER_NAME;
text
help = STRING_TOKEN(STR_CREATE_DATE_VAL),
text = STRING_TOKEN(STR_CREATE_DATE);
text
help = STRING_TOKEN(STR_USAGE_DATE_VAL),
text = STRING_TOKEN(STR_USAGE_DATE);
text
help = STRING_TOKEN(STR_USAGE_COUNT_VAL),
text = STRING_TOKEN(STR_USAGE_COUNT);
label LABEL_USER_INFO_FUNC;
label LABEL_END;
endform;
//
// Identify policy modify form
//
form formid = FORMID_MODIFY_IP,
title = STRING_TOKEN(STR_IDENTIFY_POLICY);
text
help = STRING_TOKEN(STR_IDENTIFY_POLICY_HELP),
text = STRING_TOKEN(STR_IDENTIFY_POLICY),
text = STRING_TOKEN(STR_IDENTIFY_POLICY_VALUE);
label LABEL_IP_MOD_FUNC;
label LABEL_END;
text
help = STRING_TOKEN(STR_ADD_OPTION_HELP),
text = STRING_TOKEN(STR_ADD_OPTION),
flags = INTERACTIVE,
key = KEY_ADD_LOGICAL_OP;
subtitle
text = STRING_TOKEN(STR_NULL_STRING);
goto FORMID_USER_INFO,
prompt = STRING_TOKEN(STR_SAVE),
help = STRING_TOKEN(STR_IDENTIFY_SAVE_HELP),
flags = INTERACTIVE,
key = KEY_IP_RETURN;
endform;
//
// Access policy modify form
//
form formid = FORMID_MODIFY_AP,
title = STRING_TOKEN(STR_ACCESS_POLICY);
label LABEL_AP_MOD_FUNC;
label LABEL_END;
goto FORMID_LOAD_DP,
prompt = STRING_TOKEN(STR_LOAD),
help = STRING_TOKEN(STR_LOAD_HELP),
flags = INTERACTIVE,
key = KEY_LOAD_DP;
goto FORMID_CONNECT_DP,
prompt = STRING_TOKEN(STR_CONNECT),
help = STRING_TOKEN(STR_CONNECT_HELP),
flags = INTERACTIVE,
key = KEY_CONN_DP;
subtitle
text = STRING_TOKEN(STR_NULL_STRING);
goto FORMID_USER_INFO,
prompt = STRING_TOKEN(STR_SAVE),
help = STRING_TOKEN(STR_ACCESS_SAVE_HELP),
flags = INTERACTIVE,
key = KEY_AP_RETURN;
endform;
//
// Load device path form
//
form formid = FORMID_LOAD_DP,
title = STRING_TOKEN(STR_LOAD);
goto FORMID_PERMIT_LOAD_DP,
prompt = STRING_TOKEN(STR_LOAD_PERMIT),
help = STRING_TOKEN(STR_LOAD_PERMIT_HELP),
flags = INTERACTIVE,
key = KEY_LOAD_PERMIT;
goto FORMID_FORBID_LOAD_DP,
prompt = STRING_TOKEN(STR_LOAD_FORBID),
help = STRING_TOKEN(STR_LOAD_FORBID_HELP),
flags = INTERACTIVE,
key = KEY_LOAD_FORBID;
endform;
//
// Permit load device path form
//
form formid = FORMID_PERMIT_LOAD_DP,
title = STRING_TOKEN(STR_LOAD_PERMIT);
label LABEL_PERMIT_LOAD_FUNC;
label LABEL_END;
subtitle
text = STRING_TOKEN(STR_NULL_STRING);
endform;
//
// Forbid load device path form
//
form formid = FORMID_FORBID_LOAD_DP,
title = STRING_TOKEN(STR_LOAD_FORBID);
label LABLE_FORBID_LOAD_FUNC;
label LABEL_END;
subtitle
text = STRING_TOKEN(STR_NULL_STRING);
endform;
//
// Connect device path form
//
form formid = FORMID_CONNECT_DP,
title = STRING_TOKEN(STR_CONNECT);
goto FORMID_PERMIT_CONNECT_DP,
prompt = STRING_TOKEN(STR_CONNECT_PERMIT),
help = STRING_TOKEN(STR_CONNECT_PERMIT_HELP),
flags = INTERACTIVE,
key = KEY_CONNECT_PERMIT;
goto FORMID_FORBID_CONNECT_DP,
prompt = STRING_TOKEN(STR_CONNECT_FORBID),
help = STRING_TOKEN(STR_CONNECT_FORBID_HELP),
flags = INTERACTIVE,
key = KEY_CONNECT_FORBID;
endform;
//
// Permit connect device path form
//
form formid = FORMID_PERMIT_CONNECT_DP,
title = STRING_TOKEN(STR_CONNECT_PERMIT);
subtitle
text = STRING_TOKEN(STR_NULL_STRING);
endform;
//
// Forbid connect device path form
//
form formid = FORMID_FORBID_CONNECT_DP,
title = STRING_TOKEN(STR_CONNECT_FORBID);
subtitle
text = STRING_TOKEN(STR_NULL_STRING);
endform;
endformset;

2511
SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileModify.c Normal file
View File

File diff suppressed because it is too large Load Diff