Update UID drivers to align with latest UEFI spec 2.3.1.
Signed-off-by: gdong1 Reviewed-by: tye Reviewed-by: qianouyang git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12567 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
@@ -0,0 +1,702 @@
|
||||
/** @file
|
||||
The functions for access policy modification.
|
||||
|
||||
Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
|
||||
This program and the accompanying materials
|
||||
are licensed and made available under the terms and conditions of the BSD License
|
||||
which accompanies this distribution. The full text of the license may be found at
|
||||
http://opensource.org/licenses/bsd-license.php
|
||||
|
||||
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||
|
||||
**/
|
||||
|
||||
#include "UserProfileManager.h"
|
||||
|
||||
/**
|
||||
Collect all the access policy data to mUserInfo.AccessPolicy,
|
||||
and save it to user profile.
|
||||
|
||||
**/
|
||||
VOID
|
||||
SaveAccessPolicy (
|
||||
VOID
|
||||
)
|
||||
{
|
||||
EFI_STATUS Status;
|
||||
UINTN OffSet;
|
||||
UINTN Size;
|
||||
EFI_USER_INFO_ACCESS_CONTROL Control;
|
||||
EFI_USER_INFO_HANDLE UserInfo;
|
||||
EFI_USER_INFO *Info;
|
||||
|
||||
if (mUserInfo.AccessPolicy != NULL) {
|
||||
FreePool (mUserInfo.AccessPolicy);
|
||||
}
|
||||
mUserInfo.AccessPolicy = NULL;
|
||||
mUserInfo.AccessPolicyLen = 0;
|
||||
mUserInfo.AccessPolicyModified = TRUE;
|
||||
OffSet = 0;
|
||||
|
||||
//
|
||||
// Save access right.
|
||||
//
|
||||
Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL);
|
||||
if (mUserInfo.AccessPolicyLen - OffSet < Size) {
|
||||
ExpandMemory (OffSet, Size);
|
||||
}
|
||||
|
||||
Control.Type = mAccessInfo.AccessRight;
|
||||
Control.Size = (UINT32) Size;
|
||||
CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
|
||||
OffSet += sizeof (Control);
|
||||
|
||||
//
|
||||
// Save access setup.
|
||||
//
|
||||
Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) + sizeof (EFI_GUID);
|
||||
if (mUserInfo.AccessPolicyLen - OffSet < Size) {
|
||||
ExpandMemory (OffSet, Size);
|
||||
}
|
||||
|
||||
Control.Type = EFI_USER_INFO_ACCESS_SETUP;
|
||||
Control.Size = (UINT32) Size;
|
||||
CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
|
||||
OffSet += sizeof (Control);
|
||||
|
||||
if (mAccessInfo.AccessSetup == ACCESS_SETUP_NORMAL) {
|
||||
CopyGuid ((EFI_GUID *) (mUserInfo.AccessPolicy + OffSet), &gEfiUserInfoAccessSetupNormalGuid);
|
||||
} else if (mAccessInfo.AccessSetup == ACCESS_SETUP_RESTRICTED) {
|
||||
CopyGuid ((EFI_GUID *) (mUserInfo.AccessPolicy + OffSet), &gEfiUserInfoAccessSetupRestrictedGuid);
|
||||
} else if (mAccessInfo.AccessSetup == ACCESS_SETUP_ADMIN) {
|
||||
CopyGuid ((EFI_GUID *) (mUserInfo.AccessPolicy + OffSet), &gEfiUserInfoAccessSetupAdminGuid);
|
||||
}
|
||||
OffSet += sizeof (EFI_GUID);
|
||||
|
||||
//
|
||||
// Save access of boot order.
|
||||
//
|
||||
Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) + sizeof (UINT32);
|
||||
if (mUserInfo.AccessPolicyLen - OffSet < Size) {
|
||||
ExpandMemory (OffSet, Size);
|
||||
}
|
||||
|
||||
Control.Type = EFI_USER_INFO_ACCESS_BOOT_ORDER;
|
||||
Control.Size = (UINT32) Size;
|
||||
CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
|
||||
OffSet += sizeof (Control);
|
||||
|
||||
CopyMem ((UINT8 *) (mUserInfo.AccessPolicy + OffSet), &mAccessInfo.AccessBootOrder, sizeof (UINT32));
|
||||
OffSet += sizeof (UINT32);
|
||||
|
||||
//
|
||||
// Save permit load.
|
||||
//
|
||||
if (mAccessInfo.LoadPermitLen > 0) {
|
||||
Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) + mAccessInfo.LoadPermitLen;
|
||||
if (mUserInfo.AccessPolicyLen - OffSet < Size) {
|
||||
ExpandMemory (OffSet, Size);
|
||||
}
|
||||
|
||||
Control.Type = EFI_USER_INFO_ACCESS_PERMIT_LOAD;
|
||||
Control.Size = (UINT32) Size;
|
||||
CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
|
||||
OffSet += sizeof (Control);
|
||||
|
||||
CopyMem (mUserInfo.AccessPolicy + OffSet, mAccessInfo.LoadPermit, mAccessInfo.LoadPermitLen);
|
||||
OffSet += mAccessInfo.LoadPermitLen;
|
||||
}
|
||||
|
||||
//
|
||||
// Save forbid load.
|
||||
//
|
||||
if (mAccessInfo.LoadForbidLen > 0) {
|
||||
Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) + mAccessInfo.LoadForbidLen;
|
||||
if (mUserInfo.AccessPolicyLen - OffSet < Size) {
|
||||
ExpandMemory (OffSet, Size);
|
||||
}
|
||||
|
||||
Control.Type = EFI_USER_INFO_ACCESS_FORBID_LOAD;
|
||||
Control.Size = (UINT32) Size;
|
||||
CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
|
||||
OffSet += sizeof (Control);
|
||||
|
||||
CopyMem (mUserInfo.AccessPolicy + OffSet, mAccessInfo.LoadForbid, mAccessInfo.LoadForbidLen);
|
||||
OffSet += mAccessInfo.LoadForbidLen;
|
||||
}
|
||||
|
||||
//
|
||||
// Save permit connect.
|
||||
//
|
||||
if (mAccessInfo.ConnectPermitLen > 0) {
|
||||
Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) + mAccessInfo.ConnectPermitLen;
|
||||
if (mUserInfo.AccessPolicyLen - OffSet < Size) {
|
||||
ExpandMemory (OffSet, Size);
|
||||
}
|
||||
|
||||
Control.Type = EFI_USER_INFO_ACCESS_PERMIT_CONNECT;
|
||||
Control.Size = (UINT32) Size;
|
||||
CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
|
||||
OffSet += sizeof (Control);
|
||||
|
||||
CopyMem (mUserInfo.AccessPolicy + OffSet, mAccessInfo.ConnectPermit, mAccessInfo.ConnectPermitLen);
|
||||
OffSet += mAccessInfo.ConnectPermitLen;
|
||||
}
|
||||
|
||||
//
|
||||
// Save forbid connect.
|
||||
//
|
||||
if (mAccessInfo.ConnectForbidLen > 0) {
|
||||
Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) + mAccessInfo.ConnectForbidLen;
|
||||
if (mUserInfo.AccessPolicyLen - OffSet < Size) {
|
||||
ExpandMemory (OffSet, Size);
|
||||
}
|
||||
|
||||
Control.Type = EFI_USER_INFO_ACCESS_FORBID_CONNECT;
|
||||
Control.Size = (UINT32) Size;
|
||||
CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
|
||||
OffSet += sizeof (Control);
|
||||
|
||||
CopyMem (mUserInfo.AccessPolicy + OffSet, mAccessInfo.ConnectForbid, mAccessInfo.ConnectForbidLen);
|
||||
OffSet += mAccessInfo.ConnectForbidLen;
|
||||
}
|
||||
|
||||
mUserInfo.AccessPolicyLen = OffSet;
|
||||
|
||||
//
|
||||
// Save access policy.
|
||||
//
|
||||
if (mUserInfo.AccessPolicyModified && (mUserInfo.AccessPolicyLen > 0)) {
|
||||
Info = AllocateZeroPool (sizeof (EFI_USER_INFO) + mUserInfo.AccessPolicyLen);
|
||||
if (Info == NULL) {
|
||||
return ;
|
||||
}
|
||||
|
||||
Status = FindInfoByType (mModifyUser, EFI_USER_INFO_ACCESS_POLICY_RECORD, &UserInfo);
|
||||
if (!EFI_ERROR (Status)) {
|
||||
Info->InfoType = EFI_USER_INFO_ACCESS_POLICY_RECORD;
|
||||
Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
|
||||
EFI_USER_INFO_PUBLIC |
|
||||
EFI_USER_INFO_EXCLUSIVE;
|
||||
Info->InfoSize = (UINT32) (sizeof (EFI_USER_INFO) + mUserInfo.AccessPolicyLen);
|
||||
CopyMem ((UINT8 *) (Info + 1), mUserInfo.AccessPolicy, mUserInfo.AccessPolicyLen);
|
||||
Status = mUserManager->SetInfo (
|
||||
mUserManager,
|
||||
mModifyUser,
|
||||
&UserInfo,
|
||||
Info,
|
||||
Info->InfoSize
|
||||
);
|
||||
mUserInfo.AccessPolicyModified = FALSE;
|
||||
}
|
||||
FreePool (Info);
|
||||
}
|
||||
|
||||
if (mAccessInfo.ConnectForbid != NULL) {
|
||||
FreePool (mAccessInfo.ConnectForbid);
|
||||
mAccessInfo.ConnectForbid = NULL;
|
||||
}
|
||||
|
||||
if (mAccessInfo.ConnectPermit != NULL) {
|
||||
FreePool (mAccessInfo.ConnectPermit);
|
||||
mAccessInfo.ConnectPermit = NULL;
|
||||
}
|
||||
|
||||
if (mAccessInfo.LoadForbid != NULL) {
|
||||
FreePool (mAccessInfo.LoadForbid);
|
||||
mAccessInfo.LoadForbid = NULL;
|
||||
}
|
||||
|
||||
if (mAccessInfo.LoadPermit != NULL) {
|
||||
FreePool (mAccessInfo.LoadPermit);
|
||||
mAccessInfo.LoadPermit = NULL;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
Create an action OpCode with QuestionID and DevicePath on a given OpCodeHandle.
|
||||
|
||||
@param[in] QuestionID The question ID.
|
||||
@param[in] DevicePath Points to device path.
|
||||
@param[in] OpCodeHandle Points to container for dynamic created opcodes.
|
||||
|
||||
**/
|
||||
VOID
|
||||
AddDevicePath (
|
||||
IN UINTN QuestionID,
|
||||
IN EFI_DEVICE_PATH_PROTOCOL *DevicePath,
|
||||
IN VOID *OpCodeHandle
|
||||
)
|
||||
{
|
||||
EFI_STATUS Status;
|
||||
EFI_DEVICE_PATH_PROTOCOL *Next;
|
||||
EFI_STRING_ID NameID;
|
||||
EFI_STRING DriverName;
|
||||
EFI_DEVICE_PATH_TO_TEXT_PROTOCOL *DevicePathText;
|
||||
|
||||
//
|
||||
// Locate device path to text protocol.
|
||||
//
|
||||
Status = gBS->LocateProtocol (
|
||||
&gEfiDevicePathToTextProtocolGuid,
|
||||
NULL,
|
||||
(VOID **) &DevicePathText
|
||||
);
|
||||
if (EFI_ERROR (Status)) {
|
||||
return ;
|
||||
}
|
||||
|
||||
//
|
||||
// Get driver file name node.
|
||||
//
|
||||
Next = DevicePath;
|
||||
while (!IsDevicePathEnd (Next)) {
|
||||
DevicePath = Next;
|
||||
Next = NextDevicePathNode (Next);
|
||||
}
|
||||
|
||||
//
|
||||
// Display the device path in form.
|
||||
//
|
||||
DriverName = DevicePathText->ConvertDevicePathToText (DevicePath, FALSE, FALSE);
|
||||
NameID = HiiSetString (mCallbackInfo->HiiHandle, 0, DriverName, NULL);
|
||||
FreePool (DriverName);
|
||||
if (NameID == 0) {
|
||||
return ;
|
||||
}
|
||||
|
||||
HiiCreateActionOpCode (
|
||||
OpCodeHandle, // Container for dynamic created opcodes
|
||||
(UINT16) QuestionID, // Question ID
|
||||
NameID, // Prompt text
|
||||
STRING_TOKEN (STR_NULL_STRING), // Help text
|
||||
EFI_IFR_FLAG_CALLBACK, // Question flag
|
||||
0 // Action String ID
|
||||
);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
Check whether the DevicePath is in the device path forbid list
|
||||
(mAccessInfo.LoadForbid).
|
||||
|
||||
@param[in] DevicePath Points to device path.
|
||||
|
||||
@retval TRUE The DevicePath is in the device path forbid list.
|
||||
@retval FALSE The DevicePath is not in the device path forbid list.
|
||||
|
||||
**/
|
||||
BOOLEAN
|
||||
IsLoadForbidden (
|
||||
IN EFI_DEVICE_PATH_PROTOCOL *DevicePath
|
||||
)
|
||||
{
|
||||
UINTN OffSet;
|
||||
UINTN DPSize;
|
||||
UINTN Size;
|
||||
EFI_DEVICE_PATH_PROTOCOL *Dp;
|
||||
|
||||
OffSet = 0;
|
||||
Size = GetDevicePathSize (DevicePath);
|
||||
//
|
||||
// Check each device path.
|
||||
//
|
||||
while (OffSet < mAccessInfo.LoadForbidLen) {
|
||||
Dp = (EFI_DEVICE_PATH_PROTOCOL *) (mAccessInfo.LoadForbid + OffSet);
|
||||
DPSize = GetDevicePathSize (Dp);
|
||||
//
|
||||
// Compare device path.
|
||||
//
|
||||
if ((DPSize == Size) && (CompareMem (DevicePath, Dp, Size) == 0)) {
|
||||
return TRUE;
|
||||
}
|
||||
OffSet += DPSize;
|
||||
}
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
Display the permit load device path in the loadable device path list.
|
||||
|
||||
**/
|
||||
VOID
|
||||
DisplayLoadPermit(
|
||||
VOID
|
||||
)
|
||||
{
|
||||
EFI_STATUS Status;
|
||||
CHAR16 *Order;
|
||||
UINTN OrderSize;
|
||||
UINTN ListCount;
|
||||
UINTN Index;
|
||||
UINT8 *Var;
|
||||
UINT8 *VarPtr;
|
||||
CHAR16 VarName[12];
|
||||
VOID *StartOpCodeHandle;
|
||||
VOID *EndOpCodeHandle;
|
||||
EFI_IFR_GUID_LABEL *StartLabel;
|
||||
EFI_IFR_GUID_LABEL *EndLabel;
|
||||
|
||||
//
|
||||
// Get DriverOrder.
|
||||
//
|
||||
OrderSize = 0;
|
||||
Status = gRT->GetVariable (
|
||||
L"DriverOrder",
|
||||
&gEfiGlobalVariableGuid,
|
||||
NULL,
|
||||
&OrderSize,
|
||||
NULL
|
||||
);
|
||||
if (Status != EFI_BUFFER_TOO_SMALL) {
|
||||
return ;
|
||||
}
|
||||
|
||||
Order = AllocateZeroPool (OrderSize);
|
||||
if (Order == NULL) {
|
||||
return ;
|
||||
}
|
||||
|
||||
Status = gRT->GetVariable (
|
||||
L"DriverOrder",
|
||||
&gEfiGlobalVariableGuid,
|
||||
NULL,
|
||||
&OrderSize,
|
||||
Order
|
||||
);
|
||||
if (EFI_ERROR (Status)) {
|
||||
return ;
|
||||
}
|
||||
|
||||
//
|
||||
// Initialize the container for dynamic opcodes.
|
||||
//
|
||||
StartOpCodeHandle = HiiAllocateOpCodeHandle ();
|
||||
ASSERT (StartOpCodeHandle != NULL);
|
||||
|
||||
EndOpCodeHandle = HiiAllocateOpCodeHandle ();
|
||||
ASSERT (EndOpCodeHandle != NULL);
|
||||
|
||||
//
|
||||
// Create Hii Extend Label OpCode.
|
||||
//
|
||||
StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
|
||||
StartOpCodeHandle,
|
||||
&gEfiIfrTianoGuid,
|
||||
NULL,
|
||||
sizeof (EFI_IFR_GUID_LABEL)
|
||||
);
|
||||
StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
|
||||
StartLabel->Number = LABEL_PERMIT_LOAD_FUNC;
|
||||
|
||||
EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
|
||||
EndOpCodeHandle,
|
||||
&gEfiIfrTianoGuid,
|
||||
NULL,
|
||||
sizeof (EFI_IFR_GUID_LABEL)
|
||||
);
|
||||
EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
|
||||
EndLabel->Number = LABEL_END;
|
||||
|
||||
//
|
||||
// Add each driver option.
|
||||
//
|
||||
Var = NULL;
|
||||
ListCount = OrderSize / sizeof (UINT16);
|
||||
for (Index = 0; Index < ListCount; Index++) {
|
||||
//
|
||||
// Get driver device path.
|
||||
//
|
||||
UnicodeSPrint (VarName, sizeof (VarName), L"Driver%04x", Order[Index]);
|
||||
Var = GetEfiGlobalVariable (VarName);
|
||||
if (Var == NULL) {
|
||||
continue;
|
||||
}
|
||||
|
||||
//
|
||||
// Check whether the driver is already forbidden.
|
||||
//
|
||||
|
||||
VarPtr = Var;
|
||||
//
|
||||
// Skip attribute.
|
||||
//
|
||||
VarPtr += sizeof (UINT32);
|
||||
|
||||
//
|
||||
// Skip device path lenth.
|
||||
//
|
||||
VarPtr += sizeof (UINT16);
|
||||
|
||||
//
|
||||
// Skip descript string.
|
||||
//
|
||||
VarPtr += StrSize ((UINT16 *) VarPtr);
|
||||
|
||||
if (IsLoadForbidden ((EFI_DEVICE_PATH_PROTOCOL *) VarPtr)) {
|
||||
FreePool (Var);
|
||||
Var = NULL;
|
||||
continue;
|
||||
}
|
||||
|
||||
AddDevicePath (
|
||||
KEY_MODIFY_USER | KEY_MODIFY_AP_DP | KEY_LOAD_PERMIT_MODIFY | Order[Index],
|
||||
(EFI_DEVICE_PATH_PROTOCOL *) VarPtr,
|
||||
StartOpCodeHandle
|
||||
);
|
||||
FreePool (Var);
|
||||
Var = NULL;
|
||||
}
|
||||
|
||||
HiiUpdateForm (
|
||||
mCallbackInfo->HiiHandle, // HII handle
|
||||
&gUserProfileManagerGuid, // Formset GUID
|
||||
FORMID_PERMIT_LOAD_DP, // Form ID
|
||||
StartOpCodeHandle, // Label for where to insert opcodes
|
||||
EndOpCodeHandle // Replace data
|
||||
);
|
||||
|
||||
HiiFreeOpCodeHandle (StartOpCodeHandle);
|
||||
HiiFreeOpCodeHandle (EndOpCodeHandle);
|
||||
|
||||
//
|
||||
// Clear Environment.
|
||||
//
|
||||
if (Var != NULL) {
|
||||
FreePool (Var);
|
||||
}
|
||||
FreePool (Order);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
Display the forbid load device path list (mAccessInfo.LoadForbid).
|
||||
|
||||
**/
|
||||
VOID
|
||||
DisplayLoadForbid (
|
||||
VOID
|
||||
)
|
||||
{
|
||||
UINTN Offset;
|
||||
UINTN DPSize;
|
||||
UINTN Index;
|
||||
EFI_DEVICE_PATH_PROTOCOL *Dp;
|
||||
VOID *StartOpCodeHandle;
|
||||
VOID *EndOpCodeHandle;
|
||||
EFI_IFR_GUID_LABEL *StartLabel;
|
||||
EFI_IFR_GUID_LABEL *EndLabel;
|
||||
|
||||
//
|
||||
// Initialize the container for dynamic opcodes.
|
||||
//
|
||||
StartOpCodeHandle = HiiAllocateOpCodeHandle ();
|
||||
ASSERT (StartOpCodeHandle != NULL);
|
||||
|
||||
EndOpCodeHandle = HiiAllocateOpCodeHandle ();
|
||||
ASSERT (EndOpCodeHandle != NULL);
|
||||
|
||||
//
|
||||
// Create Hii Extend Label OpCode.
|
||||
//
|
||||
StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
|
||||
StartOpCodeHandle,
|
||||
&gEfiIfrTianoGuid,
|
||||
NULL,
|
||||
sizeof (EFI_IFR_GUID_LABEL)
|
||||
);
|
||||
StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
|
||||
StartLabel->Number = LABLE_FORBID_LOAD_FUNC;
|
||||
|
||||
EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
|
||||
EndOpCodeHandle,
|
||||
&gEfiIfrTianoGuid,
|
||||
NULL,
|
||||
sizeof (EFI_IFR_GUID_LABEL)
|
||||
);
|
||||
EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
|
||||
EndLabel->Number = LABEL_END;
|
||||
|
||||
//
|
||||
// Add each forbid load drivers.
|
||||
//
|
||||
Offset = 0;
|
||||
Index = 0;
|
||||
while (Offset < mAccessInfo.LoadForbidLen) {
|
||||
Dp = (EFI_DEVICE_PATH_PROTOCOL *) (mAccessInfo.LoadForbid + Offset);
|
||||
DPSize = GetDevicePathSize (Dp);
|
||||
AddDevicePath (
|
||||
KEY_MODIFY_USER | KEY_MODIFY_AP_DP | KEY_LOAD_FORBID_MODIFY | Index,
|
||||
Dp,
|
||||
StartOpCodeHandle
|
||||
);
|
||||
Index++;
|
||||
Offset += DPSize;
|
||||
}
|
||||
|
||||
HiiUpdateForm (
|
||||
mCallbackInfo->HiiHandle, // HII handle
|
||||
&gUserProfileManagerGuid, // Formset GUID
|
||||
FORMID_FORBID_LOAD_DP, // Form ID
|
||||
StartOpCodeHandle, // Label for where to insert opcodes
|
||||
EndOpCodeHandle // Replace data
|
||||
);
|
||||
|
||||
HiiFreeOpCodeHandle (StartOpCodeHandle);
|
||||
HiiFreeOpCodeHandle (EndOpCodeHandle);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
Display the permit connect device path.
|
||||
|
||||
**/
|
||||
VOID
|
||||
DisplayConnectPermit (
|
||||
VOID
|
||||
)
|
||||
{
|
||||
//
|
||||
// Note:
|
||||
// As no architect protocol/interface to be called in ConnectController()
|
||||
// to verify the device path, just add a place holder for permitted connect
|
||||
// device path.
|
||||
//
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
Display the forbid connect device path list.
|
||||
|
||||
**/
|
||||
VOID
|
||||
DisplayConnectForbid (
|
||||
VOID
|
||||
)
|
||||
{
|
||||
//
|
||||
// Note:
|
||||
// As no architect protocol/interface to be called in ConnectController()
|
||||
// to verify the device path, just add a place holder for forbidden connect
|
||||
// device path.
|
||||
//
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
Delete the specified device path by DriverIndex from the forbid device path
|
||||
list (mAccessInfo.LoadForbid).
|
||||
|
||||
@param[in] DriverIndex The index of driver in forbidden device path list.
|
||||
|
||||
**/
|
||||
VOID
|
||||
DeleteFromForbidLoad (
|
||||
IN UINT16 DriverIndex
|
||||
)
|
||||
{
|
||||
UINTN OffSet;
|
||||
UINTN DPSize;
|
||||
UINTN OffLen;
|
||||
EFI_DEVICE_PATH_PROTOCOL *Dp;
|
||||
|
||||
OffSet = 0;
|
||||
//
|
||||
// Find the specified device path.
|
||||
//
|
||||
while ((OffSet < mAccessInfo.LoadForbidLen) && (DriverIndex > 0)) {
|
||||
Dp = (EFI_DEVICE_PATH_PROTOCOL *) (mAccessInfo.LoadForbid + OffSet);
|
||||
DPSize = GetDevicePathSize (Dp);
|
||||
OffSet += DPSize;
|
||||
DriverIndex--;
|
||||
}
|
||||
|
||||
//
|
||||
// Specified device path found.
|
||||
//
|
||||
if (DriverIndex == 0) {
|
||||
Dp = (EFI_DEVICE_PATH_PROTOCOL *) (mAccessInfo.LoadForbid + OffSet);
|
||||
DPSize = GetDevicePathSize (Dp);
|
||||
OffLen = mAccessInfo.LoadForbidLen - OffSet - DPSize;
|
||||
if (OffLen > 0) {
|
||||
CopyMem (
|
||||
mAccessInfo.LoadForbid + OffSet,
|
||||
mAccessInfo.LoadForbid + OffSet + DPSize,
|
||||
OffLen
|
||||
);
|
||||
}
|
||||
mAccessInfo.LoadForbidLen -= DPSize;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
Add the specified device path by DriverIndex to the forbid device path
|
||||
list (mAccessInfo.LoadForbid).
|
||||
|
||||
@param[in] DriverIndex The index of driver saved in driver options.
|
||||
|
||||
**/
|
||||
VOID
|
||||
AddToForbidLoad (
|
||||
IN UINT16 DriverIndex
|
||||
)
|
||||
{
|
||||
UINTN DevicePathLen;
|
||||
UINT8 *Var;
|
||||
UINT8 *VarPtr;
|
||||
UINTN NewLen;
|
||||
UINT8 *NewFL;
|
||||
CHAR16 VarName[13];
|
||||
|
||||
//
|
||||
// Get loadable driver device path.
|
||||
//
|
||||
UnicodeSPrint (VarName, sizeof (VarName), L"Driver%04x", DriverIndex);
|
||||
Var = GetEfiGlobalVariable (VarName);
|
||||
if (Var == NULL) {
|
||||
return;
|
||||
}
|
||||
|
||||
//
|
||||
// Save forbid load driver.
|
||||
//
|
||||
|
||||
VarPtr = Var;
|
||||
//
|
||||
// Skip attribute.
|
||||
//
|
||||
VarPtr += sizeof (UINT32);
|
||||
|
||||
DevicePathLen = *(UINT16 *) VarPtr;
|
||||
//
|
||||
// Skip device path length.
|
||||
//
|
||||
VarPtr += sizeof (UINT16);
|
||||
|
||||
//
|
||||
// Skip description string.
|
||||
//
|
||||
VarPtr += StrSize ((UINT16 *) VarPtr);
|
||||
|
||||
NewLen = mAccessInfo.LoadForbidLen + DevicePathLen;
|
||||
NewFL = AllocateZeroPool (NewLen);
|
||||
if (NewFL == NULL) {
|
||||
FreePool (Var);
|
||||
return ;
|
||||
}
|
||||
|
||||
if (mAccessInfo.LoadForbidLen > 0) {
|
||||
CopyMem (NewFL, mAccessInfo.LoadForbid, mAccessInfo.LoadForbidLen);
|
||||
FreePool (mAccessInfo.LoadForbid);
|
||||
}
|
||||
|
||||
CopyMem (NewFL + mAccessInfo.LoadForbidLen, VarPtr, DevicePathLen);
|
||||
mAccessInfo.LoadForbidLen = NewLen;
|
||||
mAccessInfo.LoadForbid = NewFL;
|
||||
FreePool (Var);
|
||||
}
|
||||
|
||||
|
@@ -0,0 +1,518 @@
|
||||
/** @file
|
||||
The functions for identification policy modification.
|
||||
|
||||
Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
|
||||
This program and the accompanying materials
|
||||
are licensed and made available under the terms and conditions of the BSD License
|
||||
which accompanies this distribution. The full text of the license may be found at
|
||||
http://opensource.org/licenses/bsd-license.php
|
||||
|
||||
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||
|
||||
**/
|
||||
|
||||
#include "UserProfileManager.h"
|
||||
|
||||
|
||||
/**
|
||||
Verify the new identity policy in the current implementation. The same credential
|
||||
provider can't appear twice in one identity policy.
|
||||
|
||||
@param[in] NewGuid Points to the credential provider guid.
|
||||
|
||||
@retval TRUE The NewGuid was found in the identity policy.
|
||||
@retval FALSE The NewGuid was not found.
|
||||
|
||||
**/
|
||||
BOOLEAN
|
||||
ProviderAlreadyInPolicy (
|
||||
IN EFI_GUID *NewGuid
|
||||
)
|
||||
{
|
||||
UINTN Offset;
|
||||
EFI_USER_INFO_IDENTITY_POLICY *Identity;
|
||||
EFI_INPUT_KEY Key;
|
||||
|
||||
Offset = 0;
|
||||
while (Offset < mUserInfo.NewIdentityPolicyLen) {
|
||||
Identity = (EFI_USER_INFO_IDENTITY_POLICY *) (mUserInfo.NewIdentityPolicy + Offset);
|
||||
if (Identity->Type == EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER) {
|
||||
if (CompareGuid (NewGuid, (EFI_GUID *) (Identity + 1))) {
|
||||
CreatePopUp (
|
||||
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
|
||||
&Key,
|
||||
L"This Credential Provider Are Already Used!",
|
||||
L"",
|
||||
L"Press Any Key to Continue ...",
|
||||
NULL
|
||||
);
|
||||
return TRUE;
|
||||
}
|
||||
}
|
||||
Offset += Identity->Length;
|
||||
}
|
||||
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
Add or delete the user's credential record in the provider.
|
||||
|
||||
@param[in] ProviderGuid Point to credential provider guid.
|
||||
@param[in] User Points to user profile.
|
||||
|
||||
@retval EFI_SUCCESS Add or delete record successfully.
|
||||
@retval Others Fail to add or delete record.
|
||||
|
||||
**/
|
||||
EFI_STATUS
|
||||
EnrollUserOnProvider (
|
||||
IN EFI_USER_INFO_IDENTITY_POLICY *Identity,
|
||||
IN EFI_USER_PROFILE_HANDLE User
|
||||
)
|
||||
{
|
||||
UINTN Index;
|
||||
EFI_USER_CREDENTIAL2_PROTOCOL *UserCredential;
|
||||
|
||||
//
|
||||
// Find the specified credential provider.
|
||||
//
|
||||
for (Index = 0; Index < mProviderInfo->Count; Index++) {
|
||||
UserCredential = mProviderInfo->Provider[Index];
|
||||
if (CompareGuid ((EFI_GUID *)(Identity + 1), &UserCredential->Identifier)) {
|
||||
return UserCredential->Enroll (UserCredential, User);
|
||||
}
|
||||
}
|
||||
|
||||
return EFI_NOT_FOUND;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
Delete the User's credential record on the provider.
|
||||
|
||||
@param[in] Identity Point to EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER user info.
|
||||
@param[in] User Points to user profile.
|
||||
|
||||
@retval EFI_SUCCESS Delete User's credential record successfully.
|
||||
@retval Others Fail to add or delete record.
|
||||
|
||||
**/
|
||||
EFI_STATUS
|
||||
DeleteUserOnProvider (
|
||||
IN EFI_USER_INFO_IDENTITY_POLICY *Identity,
|
||||
IN EFI_USER_PROFILE_HANDLE User
|
||||
)
|
||||
{
|
||||
UINTN Index;
|
||||
EFI_USER_CREDENTIAL2_PROTOCOL *UserCredential;
|
||||
|
||||
//
|
||||
// Find the specified credential provider.
|
||||
//
|
||||
for (Index = 0; Index < mProviderInfo->Count; Index++) {
|
||||
UserCredential = mProviderInfo->Provider[Index];
|
||||
if (CompareGuid ((EFI_GUID *)(Identity + 1), &UserCredential->Identifier)) {
|
||||
return UserCredential->Delete (UserCredential, User);
|
||||
}
|
||||
}
|
||||
|
||||
return EFI_NOT_FOUND;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
Delete User's credental from all the providers that exist in User's identity policy.
|
||||
|
||||
@param[in] IdentityPolicy Point to User's identity policy.
|
||||
@param[in] IdentityPolicyLen The length of the identity policy.
|
||||
@param[in] User Points to user profile.
|
||||
|
||||
**/
|
||||
VOID
|
||||
DeleteCredentialFromProviders (
|
||||
IN UINT8 *IdentityPolicy,
|
||||
IN UINTN IdentityPolicyLen,
|
||||
IN EFI_USER_PROFILE_HANDLE User
|
||||
)
|
||||
{
|
||||
EFI_USER_INFO_IDENTITY_POLICY *Identity;
|
||||
UINTN Offset;
|
||||
|
||||
Offset = 0;
|
||||
while (Offset < IdentityPolicyLen) {
|
||||
Identity = (EFI_USER_INFO_IDENTITY_POLICY *) (IdentityPolicy + Offset);
|
||||
if (Identity->Type == EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER) {
|
||||
//
|
||||
// Delete the user on this provider.
|
||||
//
|
||||
DeleteUserOnProvider (Identity, User);
|
||||
}
|
||||
Offset += Identity->Length;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
Remove the provider in FindIdentity from the user identification information record.
|
||||
|
||||
@param[in, out] NewInfo On entry, points to the user information to remove provider.
|
||||
On return, points to the user information the provider is removed.
|
||||
@param[in] FindIdentity Point to the user identity policy.
|
||||
|
||||
@retval TRUE The provider is removed successfully.
|
||||
@retval FALSE Fail to remove the provider.
|
||||
|
||||
**/
|
||||
BOOLEAN
|
||||
DeleteProviderFromPolicy (
|
||||
IN EFI_USER_INFO_IDENTITY_POLICY *IdentityPolicy,
|
||||
IN UINTN Offset
|
||||
)
|
||||
{
|
||||
UINTN RemainingLen;
|
||||
UINTN DeleteLen;
|
||||
|
||||
if (IdentityPolicy->Length == mUserInfo.NewIdentityPolicyLen) {
|
||||
//
|
||||
// Only one credential provider in the identification policy.
|
||||
// Set the new policy to be TRUE after removed the provider.
|
||||
//
|
||||
IdentityPolicy->Type = EFI_USER_INFO_IDENTITY_TRUE;
|
||||
IdentityPolicy->Length = sizeof (EFI_USER_INFO_IDENTITY_POLICY);
|
||||
mUserInfo.NewIdentityPolicyLen = IdentityPolicy->Length;
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
DeleteLen = IdentityPolicy->Length + sizeof(EFI_USER_INFO_IDENTITY_POLICY);
|
||||
if ((Offset + IdentityPolicy->Length) != mUserInfo.NewIdentityPolicyLen) {
|
||||
//
|
||||
// This provider is not the last item in the identification policy, delete it and the connector.
|
||||
//
|
||||
RemainingLen = mUserInfo.NewIdentityPolicyLen - Offset - DeleteLen;
|
||||
CopyMem ((UINT8 *) IdentityPolicy, (UINT8 *) IdentityPolicy + DeleteLen, RemainingLen);
|
||||
}
|
||||
mUserInfo.NewIdentityPolicyLen -= DeleteLen;
|
||||
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
Update the mUserInfo.NewIdentityPolicy, and UI when 'add option' is pressed.
|
||||
|
||||
**/
|
||||
VOID
|
||||
AddProviderToPolicy (
|
||||
IN EFI_GUID *NewGuid
|
||||
)
|
||||
{
|
||||
UINT8 *NewPolicyInfo;
|
||||
UINTN NewPolicyInfoLen;
|
||||
EFI_USER_INFO_IDENTITY_POLICY *Policy;
|
||||
|
||||
//
|
||||
// Allocate memory for the new identity policy.
|
||||
//
|
||||
NewPolicyInfoLen = mUserInfo.NewIdentityPolicyLen + sizeof (EFI_USER_INFO_IDENTITY_POLICY) + sizeof (EFI_GUID);
|
||||
if (mUserInfo.NewIdentityPolicyLen > 0) {
|
||||
//
|
||||
// It is not the first provider in the policy. Add a connector before provider.
|
||||
//
|
||||
NewPolicyInfoLen += sizeof (EFI_USER_INFO_IDENTITY_POLICY);
|
||||
}
|
||||
NewPolicyInfo = AllocateZeroPool (NewPolicyInfoLen);
|
||||
if (NewPolicyInfo == NULL) {
|
||||
return ;
|
||||
}
|
||||
|
||||
NewPolicyInfoLen = 0;
|
||||
if (mUserInfo.NewIdentityPolicyLen > 0) {
|
||||
//
|
||||
// Save orginal policy.
|
||||
//
|
||||
CopyMem (NewPolicyInfo, mUserInfo.NewIdentityPolicy, mUserInfo.NewIdentityPolicyLen);
|
||||
|
||||
//
|
||||
// Save logical connector.
|
||||
//
|
||||
Policy = (EFI_USER_INFO_IDENTITY_POLICY *) (NewPolicyInfo + mUserInfo.NewIdentityPolicyLen);
|
||||
if (mConncetLogical == 0) {
|
||||
Policy->Type = EFI_USER_INFO_IDENTITY_AND;
|
||||
} else {
|
||||
Policy->Type = EFI_USER_INFO_IDENTITY_OR;
|
||||
}
|
||||
|
||||
Policy->Length = sizeof (EFI_USER_INFO_IDENTITY_POLICY);
|
||||
NewPolicyInfoLen = mUserInfo.NewIdentityPolicyLen + Policy->Length;
|
||||
FreePool (mUserInfo.NewIdentityPolicy);
|
||||
}
|
||||
|
||||
//
|
||||
// Save credential provider.
|
||||
//
|
||||
Policy = (EFI_USER_INFO_IDENTITY_POLICY *) (NewPolicyInfo + NewPolicyInfoLen);
|
||||
Policy->Length = sizeof (EFI_USER_INFO_IDENTITY_POLICY) + sizeof (EFI_GUID);
|
||||
Policy->Type = EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER;
|
||||
CopyGuid ((EFI_GUID *) (Policy + 1), NewGuid);
|
||||
NewPolicyInfoLen += Policy->Length;
|
||||
|
||||
//
|
||||
// Update identity policy choice.
|
||||
//
|
||||
mUserInfo.NewIdentityPolicy = NewPolicyInfo;
|
||||
mUserInfo.NewIdentityPolicyLen = NewPolicyInfoLen;
|
||||
mUserInfo.NewIdentityPolicyModified = TRUE;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
This function replaces the old identity policy with a new identity policy.
|
||||
|
||||
This function delete the user identity policy information.
|
||||
If enroll new credential failed, recover the old identity policy.
|
||||
|
||||
@retval EFI_SUCCESS Modify user identity policy successfully.
|
||||
@retval Others Fail to modify user identity policy.
|
||||
|
||||
**/
|
||||
EFI_STATUS
|
||||
UpdateCredentialProvider (
|
||||
)
|
||||
{
|
||||
EFI_STATUS Status;
|
||||
EFI_USER_INFO_IDENTITY_POLICY *Identity;
|
||||
UINTN Offset;
|
||||
|
||||
//
|
||||
// Delete the old identification policy.
|
||||
//
|
||||
DeleteCredentialFromProviders (mUserInfo.IdentityPolicy, mUserInfo.IdentityPolicyLen, mModifyUser);
|
||||
|
||||
//
|
||||
// Add the new identification policy.
|
||||
//
|
||||
Offset = 0;
|
||||
while (Offset < mUserInfo.NewIdentityPolicyLen) {
|
||||
Identity = (EFI_USER_INFO_IDENTITY_POLICY *) (mUserInfo.NewIdentityPolicy + Offset);
|
||||
if (Identity->Type == EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER) {
|
||||
//
|
||||
// Enroll the user on this provider
|
||||
//
|
||||
Status = EnrollUserOnProvider (Identity, mModifyUser);
|
||||
if (EFI_ERROR (Status)) {
|
||||
//
|
||||
// Failed to enroll the user by new identification policy.
|
||||
// So removed the credential provider from the identification policy
|
||||
//
|
||||
DeleteProviderFromPolicy (Identity, Offset);
|
||||
continue;
|
||||
}
|
||||
}
|
||||
Offset += Identity->Length;
|
||||
}
|
||||
|
||||
return EFI_SUCCESS;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
Check whether the identity policy is valid.
|
||||
|
||||
@param[in] PolicyInfo Point to the identity policy.
|
||||
@param[in] PolicyInfoLen The policy length.
|
||||
|
||||
@retval TRUE The policy is a valid identity policy.
|
||||
@retval FALSE The policy is not a valid identity policy.
|
||||
|
||||
**/
|
||||
BOOLEAN
|
||||
CheckNewIdentityPolicy (
|
||||
IN UINT8 *PolicyInfo,
|
||||
IN UINTN PolicyInfoLen
|
||||
)
|
||||
{
|
||||
EFI_USER_INFO_IDENTITY_POLICY *Identity;
|
||||
EFI_INPUT_KEY Key;
|
||||
UINTN Offset;
|
||||
UINT32 OpCode;
|
||||
|
||||
//
|
||||
// Check policy expression.
|
||||
//
|
||||
OpCode = EFI_USER_INFO_IDENTITY_FALSE;
|
||||
Offset = 0;
|
||||
while (Offset < PolicyInfoLen) {
|
||||
//
|
||||
// Check identification policy according to type
|
||||
//
|
||||
Identity = (EFI_USER_INFO_IDENTITY_POLICY *) (PolicyInfo + Offset);
|
||||
switch (Identity->Type) {
|
||||
|
||||
case EFI_USER_INFO_IDENTITY_TRUE:
|
||||
break;
|
||||
|
||||
case EFI_USER_INFO_IDENTITY_OR:
|
||||
if (OpCode == EFI_USER_INFO_IDENTITY_AND) {
|
||||
CreatePopUp (
|
||||
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
|
||||
&Key,
|
||||
L"Invalid Identity Policy, Mixed Connector Unsupport!",
|
||||
L"",
|
||||
L"Press Any Key to Continue ...",
|
||||
NULL
|
||||
);
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
OpCode = EFI_USER_INFO_IDENTITY_OR;
|
||||
break;
|
||||
|
||||
case EFI_USER_INFO_IDENTITY_AND:
|
||||
if (OpCode == EFI_USER_INFO_IDENTITY_OR) {
|
||||
CreatePopUp (
|
||||
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
|
||||
&Key,
|
||||
L"Invalid Identity Policy, Mixed Connector Unsupport!",
|
||||
L"",
|
||||
L"Press Any Key to Continue ...",
|
||||
NULL
|
||||
);
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
OpCode = EFI_USER_INFO_IDENTITY_AND;
|
||||
break;
|
||||
|
||||
case EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER:
|
||||
break;
|
||||
|
||||
default:
|
||||
CreatePopUp (
|
||||
EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
|
||||
&Key,
|
||||
L"Unsupport parameter",
|
||||
L"",
|
||||
L"Press Any Key to Continue ...",
|
||||
NULL
|
||||
);
|
||||
return FALSE;
|
||||
}
|
||||
Offset += Identity->Length;
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
Save the identity policy and update UI with it.
|
||||
|
||||
This funciton will verify the new identity policy, in current implementation,
|
||||
the identity policy can be: T, P & P & P & ..., P | P | P | ...
|
||||
Here, "T" means "True", "P" means "Credential Provider", "&" means "and", "|" means "or".
|
||||
Other identity policies are not supported.
|
||||
|
||||
**/
|
||||
VOID
|
||||
SaveIdentityPolicy (
|
||||
VOID
|
||||
)
|
||||
{
|
||||
EFI_STATUS Status;
|
||||
EFI_USER_INFO_HANDLE UserInfo;
|
||||
EFI_USER_INFO *Info;
|
||||
|
||||
if (!mUserInfo.NewIdentityPolicyModified || (mUserInfo.NewIdentityPolicyLen == 0)) {
|
||||
return;
|
||||
}
|
||||
|
||||
//
|
||||
// Check policy expression.
|
||||
//
|
||||
if (!CheckNewIdentityPolicy (mUserInfo.NewIdentityPolicy, mUserInfo.NewIdentityPolicyLen)) {
|
||||
return;
|
||||
}
|
||||
|
||||
Status = FindInfoByType (mModifyUser, EFI_USER_INFO_IDENTITY_POLICY_RECORD, &UserInfo);
|
||||
if (EFI_ERROR (Status)) {
|
||||
return ;
|
||||
}
|
||||
|
||||
//
|
||||
// Update the informantion on credential provider.
|
||||
//
|
||||
Status = UpdateCredentialProvider ();
|
||||
if (EFI_ERROR (Status)) {
|
||||
return ;
|
||||
}
|
||||
|
||||
//
|
||||
// Save new identification policy.
|
||||
//
|
||||
Info = AllocateZeroPool (sizeof (EFI_USER_INFO) + mUserInfo.NewIdentityPolicyLen);
|
||||
ASSERT (Info != NULL);
|
||||
|
||||
Info->InfoType = EFI_USER_INFO_IDENTITY_POLICY_RECORD;
|
||||
Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV | EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
|
||||
Info->InfoSize = (UINT32) (sizeof (EFI_USER_INFO) + mUserInfo.NewIdentityPolicyLen);
|
||||
CopyMem ((UINT8 *) (Info + 1), mUserInfo.NewIdentityPolicy, mUserInfo.NewIdentityPolicyLen);
|
||||
|
||||
Status = mUserManager->SetInfo (mUserManager, mModifyUser, &UserInfo, Info, Info->InfoSize);
|
||||
FreePool (Info);
|
||||
|
||||
//
|
||||
// Update the mUserInfo.IdentityPolicy by mUserInfo.NewIdentityPolicy
|
||||
//
|
||||
if (mUserInfo.IdentityPolicy != NULL) {
|
||||
FreePool (mUserInfo.IdentityPolicy);
|
||||
}
|
||||
mUserInfo.IdentityPolicy = mUserInfo.NewIdentityPolicy;
|
||||
mUserInfo.IdentityPolicyLen = mUserInfo.NewIdentityPolicyLen;
|
||||
|
||||
mUserInfo.NewIdentityPolicy = NULL;
|
||||
mUserInfo.NewIdentityPolicyLen = 0;
|
||||
mUserInfo.NewIdentityPolicyModified = FALSE;
|
||||
|
||||
//
|
||||
// Update identity policy choice.
|
||||
//
|
||||
ResolveIdentityPolicy (mUserInfo.IdentityPolicy, mUserInfo.IdentityPolicyLen, STRING_TOKEN (STR_IDENTIFY_POLICY_VAL));
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
Update the mUserInfo.NewIdentityPolicy, and UI when 'add option' is pressed.
|
||||
|
||||
**/
|
||||
VOID
|
||||
AddIdentityPolicyItem (
|
||||
VOID
|
||||
)
|
||||
{
|
||||
if (mProviderInfo->Count == 0) {
|
||||
return ;
|
||||
}
|
||||
|
||||
//
|
||||
// Check the identity policy.
|
||||
//
|
||||
if (ProviderAlreadyInPolicy (&mProviderInfo->Provider[mProviderChoice]->Identifier)) {
|
||||
return;
|
||||
}
|
||||
|
||||
//
|
||||
// Add it to identification policy
|
||||
//
|
||||
AddProviderToPolicy (&mProviderInfo->Provider[mProviderChoice]->Identifier);
|
||||
|
||||
//
|
||||
// Update identity policy choice.
|
||||
//
|
||||
ResolveIdentityPolicy (mUserInfo.NewIdentityPolicy, mUserInfo.NewIdentityPolicyLen, STRING_TOKEN (STR_IDENTIFY_POLICY_VALUE));
|
||||
}
|
||||
|
||||
|
@@ -1,7 +1,7 @@
|
||||
/** @file
|
||||
The functions to add a user profile.
|
||||
|
||||
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
|
||||
Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
|
||||
This program and the accompanying materials
|
||||
are licensed and made available under the terms and conditions of the BSD License
|
||||
which accompanies this distribution. The full text of the license may be found at
|
||||
@@ -239,7 +239,7 @@ SetIdentityPolicy (
|
||||
|
||||
NewUserInfo->InfoType = EFI_USER_INFO_IDENTITY_POLICY_RECORD;
|
||||
NewUserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
|
||||
EFI_USER_INFO_PRIVATE |
|
||||
EFI_USER_INFO_PUBLIC |
|
||||
EFI_USER_INFO_EXCLUSIVE;
|
||||
NewUserInfo->InfoSize = sizeof (EFI_USER_INFO) + Policy->Length;
|
||||
UserInfo = NULL;
|
||||
|
@@ -185,6 +185,9 @@ DeleteUser (
|
||||
EFI_STATUS Status;
|
||||
EFI_USER_PROFILE_HANDLE User;
|
||||
EFI_INPUT_KEY Key;
|
||||
EFI_USER_INFO_HANDLE UserInfo;
|
||||
EFI_USER_INFO *Info;
|
||||
UINTN InfoSize;
|
||||
|
||||
//
|
||||
// Find specified user profile and delete it.
|
||||
@@ -204,6 +207,31 @@ DeleteUser (
|
||||
}
|
||||
|
||||
if (UserIndex == 1) {
|
||||
//
|
||||
// Get the identification policy.
|
||||
//
|
||||
Status = FindInfoByType (User, EFI_USER_INFO_IDENTITY_POLICY_RECORD, &UserInfo);
|
||||
if (EFI_ERROR (Status)) {
|
||||
goto Done;
|
||||
}
|
||||
|
||||
InfoSize = 0;
|
||||
Info = NULL;
|
||||
Status = mUserManager->GetInfo (mUserManager, User, UserInfo, Info, &InfoSize);
|
||||
if (Status == EFI_BUFFER_TOO_SMALL) {
|
||||
Info = AllocateZeroPool (InfoSize);
|
||||
if (Info == NULL) {
|
||||
goto Done;
|
||||
}
|
||||
Status = mUserManager->GetInfo (mUserManager, User, UserInfo, Info, &InfoSize);
|
||||
}
|
||||
|
||||
//
|
||||
// Delete the user on the credential providers by its identification policy.
|
||||
//
|
||||
DeleteCredentialFromProviders ((UINT8 *)(Info + 1), Info->InfoSize - sizeof (EFI_USER_INFO), User);
|
||||
FreePool (Info);
|
||||
|
||||
Status = mUserManager->Delete (mUserManager, User);
|
||||
if (EFI_ERROR (Status)) {
|
||||
goto Done;
|
||||
|
@@ -140,6 +140,7 @@ extern USER_INFO mUserInfo;
|
||||
|
||||
extern USER_PROFILE_MANAGER_CALLBACK_INFO *mCallbackInfo;
|
||||
|
||||
extern EFI_USER_PROFILE_HANDLE mModifyUser;
|
||||
|
||||
/**
|
||||
Get string by string id from HII Interface.
|
||||
@@ -378,5 +379,67 @@ GetUserNameInput (
|
||||
IN OUT UINTN *UserNameLen,
|
||||
OUT CHAR16 *UserName
|
||||
);
|
||||
|
||||
/**
|
||||
Find the specified info in User profile by the InfoType.
|
||||
|
||||
@param[in] User Handle of the user whose information will be searched.
|
||||
@param[in] InfoType The user information type to find.
|
||||
@param[out] UserInfo Points to user information handle found.
|
||||
|
||||
@retval EFI_SUCCESS Find the user information successfully.
|
||||
@retval Others Fail to find the user information.
|
||||
|
||||
**/
|
||||
EFI_STATUS
|
||||
FindInfoByType (
|
||||
IN EFI_USER_PROFILE_HANDLE User,
|
||||
IN UINT8 InfoType,
|
||||
OUT EFI_USER_INFO_HANDLE *UserInfo
|
||||
);
|
||||
|
||||
/**
|
||||
Convert the identity policy to a unicode string and update the Hii database
|
||||
IpStringId string with it.
|
||||
|
||||
@param[in] Ip Points to identity policy.
|
||||
@param[in] IpLen The identity policy length.
|
||||
@param[in] IpStringId String ID in the HII database to be replaced.
|
||||
|
||||
**/
|
||||
VOID
|
||||
ResolveIdentityPolicy (
|
||||
IN UINT8 *Ip,
|
||||
IN UINTN IpLen,
|
||||
IN EFI_STRING_ID IpStringId
|
||||
);
|
||||
|
||||
/**
|
||||
Expand access policy memory size.
|
||||
|
||||
@param[in] ValidLen The valid access policy length.
|
||||
@param[in] ExpandLen The length that is needed to expand.
|
||||
|
||||
**/
|
||||
VOID
|
||||
ExpandMemory (
|
||||
IN UINTN ValidLen,
|
||||
IN UINTN ExpandLen
|
||||
);
|
||||
|
||||
/**
|
||||
Delete User's credental from all the providers that exist in User's identity policy.
|
||||
|
||||
@param[in] IdentityPolicy Point to User's identity policy.
|
||||
@param[in] IdentityPolicyLen The length of the identity policy.
|
||||
@param[in] User Points to user profile.
|
||||
|
||||
**/
|
||||
VOID
|
||||
DeleteCredentialFromProviders (
|
||||
IN UINT8 *IdentityPolicy,
|
||||
IN UINTN IdentityPolicyLen,
|
||||
IN EFI_USER_PROFILE_HANDLE User
|
||||
);
|
||||
|
||||
#endif
|
||||
|
@@ -25,6 +25,8 @@
|
||||
UserProfileAdd.c
|
||||
UserProfileDelete.c
|
||||
UserProfileModify.c
|
||||
ModifyIdentityPolicy.c
|
||||
ModifyAccessPolicy.c
|
||||
UserProfileManagerData.h
|
||||
UserProfileManagerStrings.uni
|
||||
UserProfileManagerVfr.Vfr
|
||||
|
File diff suppressed because it is too large
Load Diff
Reference in New Issue
Block a user