* [PATCH] SecurityPkg: Remove code under UserIdentification folder.
@ 2019-01-09 1:09 chenche4
2019-01-09 1:38 ` Gao, Liming
0 siblings, 1 reply; 4+ messages in thread
From: chenche4 @ 2019-01-09 1:09 UTC (permalink / raw)
To: edk2-devel; +Cc: chenche4, Zhang Chao B
1. UserIdentifyManagerDxe is used to provide UserManagerProtocol.
2. UserProfileManagerDxe provide UI setting
3. PwdCredentialProviderDxe & UsbCredentialProviderDxe are implementation
examples.
Remove above features because of no platform use it.
Cc: Zhang Chao B <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Chen A Chen <chen.a.chen@intel.com>
---
.../Include/Guid/UsbCredentialProviderHii.h | 29 -
SecurityPkg/Include/Guid/UserIdentifyManagerHii.h | 25 -
SecurityPkg/Include/Guid/UserProfileManagerHii.h | 25 -
SecurityPkg/SecurityPkg.dec | 12 -
SecurityPkg/SecurityPkg.dsc | 4 -
.../PwdCredentialProvider.c | 1464 --------
.../PwdCredentialProvider.h | 374 --
.../PwdCredentialProvider.uni | 21 -
.../PwdCredentialProviderData.h | 30 -
.../PwdCredentialProviderDxe.inf | 65 -
| 19 -
.../PwdCredentialProviderStrings.uni | 38 -
.../PwdCredentialProviderVfr.Vfr | 34 -
.../UsbCredentialProvider.c | 1410 --------
.../UsbCredentialProvider.h | 361 --
.../UsbCredentialProvider.uni | 23 -
.../UsbCredentialProviderDxe.inf | 70 -
| 19 -
.../UsbCredentialProviderStrings.uni | 29 -
.../UserIdentifyManagerDxe/LoadDeferredImage.c | 148 -
.../UserIdentifyManagerDxe/UserIdentifyManager.c | 3766 --------------------
.../UserIdentifyManagerDxe/UserIdentifyManager.h | 413 ---
.../UserIdentifyManagerDxe/UserIdentifyManager.uni | 21 -
.../UserIdentifyManagerData.h | 35 -
.../UserIdentifyManagerDxe.inf | 79 -
| 19 -
.../UserIdentifyManagerStrings.uni | 27 -
.../UserIdentifyManagerVfr.Vfr | 43 -
.../UserProfileManagerDxe/ModifyAccessPolicy.c | 688 ----
.../UserProfileManagerDxe/ModifyIdentityPolicy.c | 516 ---
.../UserProfileManagerDxe/UserProfileAdd.c | 372 --
.../UserProfileManagerDxe/UserProfileDelete.c | 343 --
.../UserProfileManagerDxe/UserProfileManager.c | 887 -----
.../UserProfileManagerDxe/UserProfileManager.h | 444 ---
.../UserProfileManagerDxe/UserProfileManager.uni | 22 -
.../UserProfileManagerDxe/UserProfileManagerData.h | 158 -
.../UserProfileManagerDxe.inf | 72 -
| 19 -
.../UserProfileManagerStrings.uni | 158 -
.../UserProfileManagerVfr.Vfr | 244 --
.../UserProfileManagerDxe/UserProfileModify.c | 1475 --------
41 files changed, 14001 deletions(-)
delete mode 100644 SecurityPkg/Include/Guid/UsbCredentialProviderHii.h
delete mode 100644 SecurityPkg/Include/Guid/UserIdentifyManagerHii.h
delete mode 100644 SecurityPkg/Include/Guid/UserProfileManagerHii.h
delete mode 100644 SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProvider.c
delete mode 100644 SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProvider.h
delete mode 100644 SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProvider.uni
delete mode 100644 SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProviderData.h
delete mode 100644 SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProviderDxe.inf
delete mode 100644 SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProviderExtra.uni
delete mode 100644 SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProviderStrings.uni
delete mode 100644 SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProviderVfr.Vfr
delete mode 100644 SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProvider.c
delete mode 100644 SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProvider.h
delete mode 100644 SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProvider.uni
delete mode 100644 SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProviderDxe.inf
delete mode 100644 SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProviderExtra.uni
delete mode 100644 SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProviderStrings.uni
delete mode 100644 SecurityPkg/UserIdentification/UserIdentifyManagerDxe/LoadDeferredImage.c
delete mode 100644 SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManager.c
delete mode 100644 SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManager.h
delete mode 100644 SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManager.uni
delete mode 100644 SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManagerData.h
delete mode 100644 SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManagerDxe.inf
delete mode 100644 SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManagerExtra.uni
delete mode 100644 SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManagerStrings.uni
delete mode 100644 SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManagerVfr.Vfr
delete mode 100644 SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyAccessPolicy.c
delete mode 100644 SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyIdentityPolicy.c
delete mode 100644 SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileAdd.c
delete mode 100644 SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileDelete.c
delete mode 100644 SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.c
delete mode 100644 SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.h
delete mode 100644 SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.uni
delete mode 100644 SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerData.h
delete mode 100644 SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerDxe.inf
delete mode 100644 SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerExtra.uni
delete mode 100644 SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerStrings.uni
delete mode 100644 SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerVfr.Vfr
delete mode 100644 SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileModify.c
diff --git a/SecurityPkg/Include/Guid/UsbCredentialProviderHii.h b/SecurityPkg/Include/Guid/UsbCredentialProviderHii.h
deleted file mode 100644
index 059d68f32e..0000000000
--- a/SecurityPkg/Include/Guid/UsbCredentialProviderHii.h
+++ /dev/null
@@ -1,29 +0,0 @@
-/** @file
- GUID used as HII Package list GUID in UsbCredentialProviderDxe driver.
-
-Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#ifndef __USB_CREDENTIAL_PROVIDER_HII_H__
-#define __USB_CREDENTIAL_PROVIDER_HII_H__
-
-//
-// Used for save password credential and form browser
-// And used as provider identifier
-//
-#define USB_CREDENTIAL_PROVIDER_GUID \
- { \
- 0xd0849ed1, 0xa88c, 0x4ba6, { 0xb1, 0xd6, 0xab, 0x50, 0xe2, 0x80, 0xb7, 0xa9 }\
- }
-
-extern EFI_GUID gUsbCredentialProviderGuid;
-
-#endif
diff --git a/SecurityPkg/Include/Guid/UserIdentifyManagerHii.h b/SecurityPkg/Include/Guid/UserIdentifyManagerHii.h
deleted file mode 100644
index 323c51f0f6..0000000000
--- a/SecurityPkg/Include/Guid/UserIdentifyManagerHii.h
+++ /dev/null
@@ -1,25 +0,0 @@
-/** @file
- GUID used as HII FormSet and HII Package list GUID in UserIdentifyManagerDxe driver.
-
-Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#ifndef __USER_IDENTIFY_MANAGER_HII_H__
-#define __USER_IDENTIFY_MANAGER_HII_H__
-
-#define USER_IDENTIFY_MANAGER_GUID \
- { \
- 0x3ccd3dd8, 0x8d45, 0x4fed, { 0x96, 0x2d, 0x2b, 0x38, 0xcd, 0x82, 0xb3, 0xc4 } \
- }
-
-extern EFI_GUID gUserIdentifyManagerGuid;
-
-#endif
diff --git a/SecurityPkg/Include/Guid/UserProfileManagerHii.h b/SecurityPkg/Include/Guid/UserProfileManagerHii.h
deleted file mode 100644
index 105059350c..0000000000
--- a/SecurityPkg/Include/Guid/UserProfileManagerHii.h
+++ /dev/null
@@ -1,25 +0,0 @@
-/** @file
- GUID used as HII FormSet and HII Package list GUID in UserProfileManagerDxe driver.
-
-Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#ifndef __USER_PROFILE_MANAGER_HII_H__
-#define __USER_PROFILE_MANAGER_HII_H__
-
-#define USER_PROFILE_MANAGER_GUID \
- { \
- 0xc35f272c, 0x97c2, 0x465a, { 0xa2, 0x16, 0x69, 0x6b, 0x66, 0x8a, 0x8c, 0xfe } \
- }
-
-extern EFI_GUID gUserProfileManagerGuid;
-
-#endif
diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec
index 8d64b4fefe..0c2afe2938 100644
--- a/SecurityPkg/SecurityPkg.dec
+++ b/SecurityPkg/SecurityPkg.dec
@@ -139,22 +139,10 @@
# Include/Guid/Tcg2PhysicalPresenceData.h
gEfiTcg2PhysicalPresenceGuid = { 0xaeb9c5c1, 0x94f1, 0x4d02, { 0xbf, 0xd9, 0x46, 0x2, 0xdb, 0x2d, 0x3c, 0x54 }}
- ## GUID used for form browser, password credential and provider identifier.
- # Include/Guid/PwdCredentialProviderHii.h
- gPwdCredentialProviderGuid = { 0x78b9ec8b, 0xc000, 0x46c5, { 0xac, 0x93, 0x24, 0xa0, 0xc1, 0xbb, 0x0, 0xce }}
-
- ## GUID used for form browser, USB credential and provider identifier.
- # Include/Guid/UsbCredentialProviderHii.h
- gUsbCredentialProviderGuid = { 0xd0849ed1, 0xa88c, 0x4ba6, { 0xb1, 0xd6, 0xab, 0x50, 0xe2, 0x80, 0xb7, 0xa9 }}
-
## GUID used for FormSet guid and user profile variable.
# Include/Guid/UserIdentifyManagerHii.h
gUserIdentifyManagerGuid = { 0x3ccd3dd8, 0x8d45, 0x4fed, { 0x96, 0x2d, 0x2b, 0x38, 0xcd, 0x82, 0xb3, 0xc4 }}
- ## GUID used for FormSet.
- # Include/Guid/UserProfileManagerHii.h
- gUserProfileManagerGuid = { 0xc35f272c, 0x97c2, 0x465a, { 0xa2, 0x16, 0x69, 0x6b, 0x66, 0x8a, 0x8c, 0xfe }}
-
## GUID used for FormSet.
# Include/Guid/TcgConfigHii.h
gTcgConfigFormSetGuid = { 0xb0f901e4, 0xc424, 0x45de, { 0x90, 0x81, 0x95, 0xe2, 0xb, 0xde, 0x6f, 0xb5 }}
diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc
index 68a2953162..19aaebff1f 100644
--- a/SecurityPkg/SecurityPkg.dsc
+++ b/SecurityPkg/SecurityPkg.dsc
@@ -146,8 +146,6 @@
SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
#SecurityPkg/Library/DxeDeferImageLoadLib/DxeDeferImageLoadLib.inf
SecurityPkg/Library/DxeImageAuthenticationStatusLib/DxeImageAuthenticationStatusLib.inf
- #SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManagerDxe.inf
- #SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerDxe.inf
#
# TPM
@@ -200,8 +198,6 @@
SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
[Components.IA32, Components.X64]
-# SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProviderDxe.inf
-# SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProviderDxe.inf
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
#
diff --git a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProvider.c b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProvider.c
deleted file mode 100644
index 52fc68b5ee..0000000000
--- a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProvider.c
+++ /dev/null
@@ -1,1464 +0,0 @@
-/** @file
- Password Credential Provider driver implementation.
-
-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
-(C) Copyright 2018 Hewlett Packard Enterprise Development LP<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#include "PwdCredentialProvider.h"
-
-CREDENTIAL_TABLE *mPwdTable = NULL;
-PWD_PROVIDER_CALLBACK_INFO *mCallbackInfo = NULL;
-PASSWORD_CREDENTIAL_INFO *mPwdInfoHandle = NULL;
-
-HII_VENDOR_DEVICE_PATH mHiiVendorDevicePath = {
- {
- {
- HARDWARE_DEVICE_PATH,
- HW_VENDOR_DP,
- {
- (UINT8) (sizeof (VENDOR_DEVICE_PATH)),
- (UINT8) ((sizeof (VENDOR_DEVICE_PATH)) >> 8)
- }
- },
- PWD_CREDENTIAL_PROVIDER_GUID
- },
- {
- END_DEVICE_PATH_TYPE,
- END_ENTIRE_DEVICE_PATH_SUBTYPE,
- {
- (UINT8) (END_DEVICE_PATH_LENGTH),
- (UINT8) ((END_DEVICE_PATH_LENGTH) >> 8)
- }
- }
-};
-
-EFI_USER_CREDENTIAL2_PROTOCOL gPwdCredentialProviderDriver = {
- PWD_CREDENTIAL_PROVIDER_GUID,
- EFI_USER_CREDENTIAL_CLASS_PASSWORD,
- CredentialEnroll,
- CredentialForm,
- CredentialTile,
- CredentialTitle,
- CredentialUser,
- CredentialSelect,
- CredentialDeselect,
- CredentialDefault,
- CredentialGetInfo,
- CredentialGetNextInfo,
- EFI_CREDENTIAL_CAPABILITIES_ENROLL,
- CredentialDelete
-};
-
-
-/**
- Get string by string id from HII Interface.
-
-
- @param[in] Id String ID to get the string from.
-
- @retval CHAR16 * String from ID.
- @retval NULL If error occurs.
-
-**/
-CHAR16 *
-GetStringById (
- IN EFI_STRING_ID Id
- )
-{
- //
- // Get the current string for the current Language.
- //
- return HiiGetString (mCallbackInfo->HiiHandle, Id, NULL);
-}
-
-
-/**
- Expand password table size.
-
-**/
-VOID
-ExpandTableSize (
- VOID
- )
-{
- CREDENTIAL_TABLE *NewTable;
- UINTN Count;
-
- Count = mPwdTable->MaxCount + PASSWORD_TABLE_INC;
- //
- // Create new credential table.
- //
- NewTable = (CREDENTIAL_TABLE *) AllocateZeroPool (
- sizeof (CREDENTIAL_TABLE) +
- (Count - 1) * sizeof (PASSWORD_INFO)
- );
- ASSERT (NewTable != NULL);
-
- NewTable->MaxCount = Count;
- NewTable->Count = mPwdTable->Count;
- NewTable->ValidIndex = mPwdTable->ValidIndex;
- //
- // Copy old entries
- //
- CopyMem (
- &NewTable->UserInfo,
- &mPwdTable->UserInfo,
- mPwdTable->Count * sizeof (PASSWORD_INFO)
- );
- FreePool (mPwdTable);
- mPwdTable = NewTable;
-}
-
-
-/**
- Add, update or delete info in table, and sync with NV variable.
-
- @param[in] Index The index of the password in table. If index is found in
- table, update the info, else add the into to table.
- @param[in] Info The new password info to add into table.If Info is NULL,
- delete the info by Index.
-
- @retval EFI_INVALID_PARAMETER Info is NULL when save the info.
- @retval EFI_SUCCESS Modify the table successfully.
- @retval Others Failed to modify the table.
-
-**/
-EFI_STATUS
-ModifyTable (
- IN UINTN Index,
- IN PASSWORD_INFO * Info OPTIONAL
- )
-{
- EFI_STATUS Status;
- PASSWORD_INFO *NewPasswordInfo;
-
- NewPasswordInfo = NULL;
-
- if (Index < mPwdTable->Count) {
- if (Info == NULL) {
- //
- // Delete the specified entry.
- //
- mPwdTable->Count--;
- if (Index != mPwdTable->Count) {
- NewPasswordInfo = &mPwdTable->UserInfo[mPwdTable->Count];
- }
- } else {
- //
- // Update the specified entry.
- //
- NewPasswordInfo = Info;
- }
- } else {
- //
- // Add a new password info.
- //
- if (Info == NULL) {
- return EFI_INVALID_PARAMETER;
- }
-
- if (mPwdTable->Count >= mPwdTable->MaxCount) {
- ExpandTableSize ();
- }
-
- NewPasswordInfo = Info;
- mPwdTable->Count++;
- }
-
- if (NewPasswordInfo != NULL) {
- CopyMem (&mPwdTable->UserInfo[Index], NewPasswordInfo, sizeof (PASSWORD_INFO));
- }
-
- //
- // Save the credential table.
- //
- Status = gRT->SetVariable (
- L"PwdCredential",
- &gPwdCredentialProviderGuid,
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,
- mPwdTable->Count * sizeof (PASSWORD_INFO),
- &mPwdTable->UserInfo
- );
- return Status;
-}
-
-
-/**
- Create a password table.
-
- @retval EFI_SUCCESS Create a password table successfully.
- @retval Others Failed to create a password.
-
-**/
-EFI_STATUS
-InitCredentialTable (
- VOID
- )
-{
- EFI_STATUS Status;
- UINT8 *Var;
- UINTN VarSize;
-
- //
- // Get Password credential data from NV variable.
- //
- VarSize = 0;
- Var = NULL;
- Status = gRT->GetVariable (
- L"PwdCredential",
- &gPwdCredentialProviderGuid,
- NULL,
- &VarSize,
- Var
- );
- if (Status == EFI_BUFFER_TOO_SMALL) {
- Var = AllocateZeroPool (VarSize);
- if (Var == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
- Status = gRT->GetVariable (
- L"PwdCredential",
- &gPwdCredentialProviderGuid,
- NULL,
- &VarSize,
- Var
- );
- }
- if (EFI_ERROR (Status) && (Status != EFI_NOT_FOUND)) {
- return Status;
- }
-
- //
- // Create the password credential table.
- //
- mPwdTable = AllocateZeroPool (
- sizeof (CREDENTIAL_TABLE) - sizeof (PASSWORD_INFO) +
- PASSWORD_TABLE_INC * sizeof (PASSWORD_INFO) +
- VarSize
- );
- if (mPwdTable == NULL) {
- FreePool (Var);
- return EFI_OUT_OF_RESOURCES;
- }
-
- mPwdTable->Count = VarSize / sizeof (PASSWORD_INFO);
- mPwdTable->MaxCount = mPwdTable->Count + PASSWORD_TABLE_INC;
- mPwdTable->ValidIndex = 0;
- if (Var != NULL) {
- CopyMem (mPwdTable->UserInfo, Var, VarSize);
- FreePool (Var);
- }
- return EFI_SUCCESS;
-}
-
-
-/**
- Hash the password to get credential.
-
- @param[in] Password Points to the input password.
- @param[in] PasswordSize The size of password, in bytes.
- @param[out] Credential Points to the hashed result.
-
- @retval TRUE Hash the password successfully.
- @retval FALSE Failed to hash the password.
-
-**/
-BOOLEAN
-GenerateCredential (
- IN CHAR16 *Password,
- IN UINTN PasswordSize,
- OUT UINT8 *Credential
- )
-{
- BOOLEAN Status;
- UINTN HashSize;
- VOID *Hash;
-
- HashSize = Sha1GetContextSize ();
- Hash = AllocatePool (HashSize);
- ASSERT (Hash != NULL);
-
- Status = Sha1Init (Hash);
- if (!Status) {
- goto Done;
- }
-
- Status = Sha1Update (Hash, Password, PasswordSize);
- if (!Status) {
- goto Done;
- }
-
- Status = Sha1Final (Hash, Credential);
-
-Done:
- FreePool (Hash);
- return Status;
-}
-
-
-/**
- Get password from user input.
-
- @param[in] FirstPwd If True, prompt to input the first password.
- If False, prompt to input password again.
- @param[out] Credential Points to the input password.
-
-**/
-VOID
-GetPassword (
- IN BOOLEAN FirstPwd,
- OUT CHAR8 *Credential
- )
-{
- EFI_INPUT_KEY Key;
- CHAR16 PasswordMask[CREDENTIAL_LEN + 1];
- CHAR16 Password[CREDENTIAL_LEN];
- UINTN PasswordLen;
- CHAR16 *QuestionStr;
- CHAR16 *LineStr;
-
- PasswordLen = 0;
- while (TRUE) {
- PasswordMask[PasswordLen] = L'_';
- PasswordMask[PasswordLen + 1] = L'\0';
- LineStr = GetStringById (STRING_TOKEN (STR_DRAW_A_LINE));
- if (FirstPwd) {
- QuestionStr = GetStringById (STRING_TOKEN (STR_INPUT_PASSWORD));
- } else {
- QuestionStr = GetStringById (STRING_TOKEN (STR_INPUT_PASSWORD_AGAIN));
- }
- CreatePopUp (
- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
- &Key,
- QuestionStr,
- LineStr,
- PasswordMask,
- NULL
- );
- FreePool (QuestionStr);
- FreePool (LineStr);
-
- //
- // Check key stroke
- //
- if (Key.ScanCode == SCAN_NULL) {
- if (Key.UnicodeChar == CHAR_CARRIAGE_RETURN) {
- break;
- } else if (Key.UnicodeChar == CHAR_BACKSPACE) {
- if (PasswordLen > 0) {
- PasswordLen--;
- }
- } else if ((Key.UnicodeChar == CHAR_NULL) ||
- (Key.UnicodeChar == CHAR_TAB) ||
- (Key.UnicodeChar == CHAR_LINEFEED)) {
- continue;
- } else {
- Password[PasswordLen] = Key.UnicodeChar;
- PasswordMask[PasswordLen] = L'*';
- PasswordLen++;
- if (PasswordLen == CREDENTIAL_LEN) {
- break;
- }
- }
- }
- }
-
- PasswordLen = PasswordLen * sizeof (CHAR16);
- GenerateCredential (Password, PasswordLen, (UINT8 *)Credential);
-}
-
-/**
- Check whether the password can be found on this provider.
-
- @param[in] Password The password to be found.
-
- @retval EFI_SUCCESS Found password sucessfully.
- @retval EFI_NOT_FOUND Fail to find the password.
-
-**/
-EFI_STATUS
-CheckPassword (
- IN CHAR8 *Password
- )
-{
- UINTN Index;
- CHAR8 *Pwd;
-
- //
- // Check password credential.
- //
- mPwdTable->ValidIndex = 0;
- for (Index = 0; Index < mPwdTable->Count; Index++) {
- Pwd = mPwdTable->UserInfo[Index].Password;
- if (CompareMem (Pwd, Password, CREDENTIAL_LEN) == 0) {
- mPwdTable->ValidIndex = Index + 1;
- return EFI_SUCCESS;
- }
- }
-
- return EFI_NOT_FOUND;
-}
-
-
-/**
- Find a user infomation record by the information record type.
-
- This function searches all user information records of User from beginning
- until either the information is found, or there are no more user infomation
- records. A match occurs when a Info.InfoType field matches the user information
- record type.
-
- @param[in] User Points to the user profile record to search.
- @param[in] InfoType The infomation type to be searched.
- @param[out] Info Points to the user info found, the caller is responsible
- to free.
-
- @retval EFI_SUCCESS Find the user information successfully.
- @retval Others Fail to find the user information.
-
-**/
-EFI_STATUS
-FindUserInfoByType (
- IN EFI_USER_PROFILE_HANDLE User,
- IN UINT8 InfoType,
- OUT EFI_USER_INFO **Info
- )
-{
- EFI_STATUS Status;
- EFI_USER_INFO *UserInfo;
- UINTN UserInfoSize;
- EFI_USER_INFO_HANDLE UserInfoHandle;
- EFI_USER_MANAGER_PROTOCOL *UserManager;
-
- //
- // Find user information by information type.
- //
- if (Info == NULL) {
- return EFI_INVALID_PARAMETER;
- }
-
- Status = gBS->LocateProtocol (
- &gEfiUserManagerProtocolGuid,
- NULL,
- (VOID **) &UserManager
- );
- if (EFI_ERROR (Status)) {
- return EFI_NOT_FOUND;
- }
-
- //
- // Get each user information.
- //
-
- UserInfoHandle = NULL;
- UserInfo = NULL;
- UserInfoSize = 0;
- while (TRUE) {
- Status = UserManager->GetNextInfo (UserManager, User, &UserInfoHandle);
- if (EFI_ERROR (Status)) {
- break;
- }
- //
- // Get information.
- //
- Status = UserManager->GetInfo (
- UserManager,
- User,
- UserInfoHandle,
- UserInfo,
- &UserInfoSize
- );
- if (Status == EFI_BUFFER_TOO_SMALL) {
- if (UserInfo != NULL) {
- FreePool (UserInfo);
- }
- UserInfo = AllocateZeroPool (UserInfoSize);
- if (UserInfo == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
- Status = UserManager->GetInfo (
- UserManager,
- User,
- UserInfoHandle,
- UserInfo,
- &UserInfoSize
- );
- }
- if (EFI_ERROR (Status)) {
- break;
- }
-
- ASSERT (UserInfo != NULL);
- if (UserInfo->InfoType == InfoType) {
- *Info = UserInfo;
- return EFI_SUCCESS;
- }
- }
-
- if (UserInfo != NULL) {
- FreePool (UserInfo);
- }
- return Status;
-}
-
-
-/**
- This function processes the results of changes in configuration.
-
- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
- @param Action Specifies the type of action taken by the browser.
- @param QuestionId A unique value which is sent to the original
- exporting driver so that it can identify the type
- of data to expect.
- @param Type The type of value for the question.
- @param Value A pointer to the data being sent to the original
- exporting driver.
- @param ActionRequest On return, points to the action requested by the
- callback function.
-
- @retval EFI_SUCCESS The callback successfully handled the action.
- @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold the
- variable and its data.
- @retval EFI_DEVICE_ERROR The variable could not be saved.
- @retval EFI_UNSUPPORTED The specified Action is not supported by the
- callback.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialDriverCallback (
- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
- IN EFI_BROWSER_ACTION Action,
- IN EFI_QUESTION_ID QuestionId,
- IN UINT8 Type,
- IN EFI_IFR_TYPE_VALUE *Value,
- OUT EFI_BROWSER_ACTION_REQUEST *ActionRequest
- )
-{
- EFI_STATUS Status;
- EFI_INPUT_KEY Key;
- CHAR8 Password[CREDENTIAL_LEN];
- CHAR16 *PromptStr;
-
- if (Action == EFI_BROWSER_ACTION_CHANGED) {
- if (QuestionId == KEY_GET_PASSWORD) {
- //
- // Get and check password.
- //
- GetPassword (TRUE, Password);
- Status = CheckPassword (Password);
- if (EFI_ERROR (Status)) {
- PromptStr = GetStringById (STRING_TOKEN (STR_PASSWORD_INCORRECT));
- CreatePopUp (
- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
- &Key,
- L"",
- PromptStr,
- L"",
- NULL
- );
- FreePool (PromptStr);
- return Status;
- }
- *ActionRequest = EFI_BROWSER_ACTION_REQUEST_EXIT;
- }
- return EFI_SUCCESS;
- }
-
- //
- // All other action return unsupported.
- //
- return EFI_UNSUPPORTED;
-}
-
-
-/**
- This function allows a caller to extract the current configuration for one
- or more named elements from the target driver.
-
-
- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
- @param Request A null-terminated Unicode string in <ConfigRequest> format.
- @param Progress On return, points to a character in the Request string.
- Points to the string's null terminator if request was successful.
- Points to the most recent '&' before the first failing name/value
- pair (or the beginning of the string if the failure is in the
- first name/value pair) if the request was not successful.
- @param Results A null-terminated Unicode string in <ConfigAltResp> format which
- has all values filled in for the names in the Request string.
- String to be allocated by the called function.
-
- @retval EFI_SUCCESS The Results is filled with the requested values.
- @retval EFI_OUT_OF_RESOURCES Not enough memory to store the results.
- @retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown name.
- @retval EFI_NOT_FOUND Routing data doesn't match any storage in this driver.
-
-**/
-EFI_STATUS
-EFIAPI
-FakeExtractConfig (
- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
- IN CONST EFI_STRING Request,
- OUT EFI_STRING *Progress,
- OUT EFI_STRING *Results
- )
-{
- if (Progress == NULL || Results == NULL) {
- return EFI_INVALID_PARAMETER;
- }
- *Progress = Request;
- return EFI_NOT_FOUND;
-}
-
-/**
- This function processes the results of changes in configuration.
-
-
- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
- @param Configuration A null-terminated Unicode string in <ConfigResp> format.
- @param Progress A pointer to a string filled in with the offset of the most
- recent '&' before the first failing name/value pair (or the
- beginning of the string if the failure is in the first
- name/value pair) or the terminating NULL if all was successful.
-
- @retval EFI_SUCCESS The Results is processed successfully.
- @retval EFI_INVALID_PARAMETER Configuration is NULL.
- @retval EFI_NOT_FOUND Routing data doesn't match any storage in this driver.
-
-**/
-EFI_STATUS
-EFIAPI
-FakeRouteConfig (
- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
- IN CONST EFI_STRING Configuration,
- OUT EFI_STRING *Progress
- )
-{
- if (Configuration == NULL || Progress == NULL) {
- return EFI_INVALID_PARAMETER;
- }
-
- *Progress = Configuration;
-
- return EFI_NOT_FOUND;
-}
-
-/**
- This function initialize the data mainly used in form browser.
-
- @retval EFI_SUCCESS Initialize form data successfully.
- @retval Others Fail to Initialize form data.
-
-**/
-EFI_STATUS
-InitFormBrowser (
- VOID
- )
-{
- EFI_STATUS Status;
- PWD_PROVIDER_CALLBACK_INFO *CallbackInfo;
-
- //
- // Initialize driver private data.
- //
- CallbackInfo = AllocateZeroPool (sizeof (PWD_PROVIDER_CALLBACK_INFO));
- if (CallbackInfo == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
-
- CallbackInfo->Signature = PWD_PROVIDER_SIGNATURE;
- CallbackInfo->ConfigAccess.ExtractConfig = FakeExtractConfig;
- CallbackInfo->ConfigAccess.RouteConfig = FakeRouteConfig;
- CallbackInfo->ConfigAccess.Callback = CredentialDriverCallback;
- CallbackInfo->DriverHandle = NULL;
-
- //
- // Install Device Path Protocol and Config Access protocol to driver handle.
- //
- Status = gBS->InstallMultipleProtocolInterfaces (
- &CallbackInfo->DriverHandle,
- &gEfiDevicePathProtocolGuid,
- &mHiiVendorDevicePath,
- &gEfiHiiConfigAccessProtocolGuid,
- &CallbackInfo->ConfigAccess,
- NULL
- );
- ASSERT_EFI_ERROR (Status);
-
- //
- // Publish HII data.
- //
- CallbackInfo->HiiHandle = HiiAddPackages (
- &gPwdCredentialProviderGuid,
- CallbackInfo->DriverHandle,
- PwdCredentialProviderStrings,
- PwdCredentialProviderVfrBin,
- NULL
- );
- if (CallbackInfo->HiiHandle == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
- mCallbackInfo = CallbackInfo;
-
- return Status;
-}
-
-
-/**
- Enroll a user on a credential provider.
-
- This function enrolls a user on this credential provider. If the user exists on
- this credential provider, update the user information on this credential provider;
- otherwise add the user information on credential provider.
-
- @param[in] This Points to this instance of EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in] User The user profile to enroll.
-
- @retval EFI_SUCCESS User profile was successfully enrolled.
- @retval EFI_ACCESS_DENIED Current user profile does not permit enrollment on the
- user profile handle. Either the user profile cannot enroll
- on any user profile or cannot enroll on a user profile
- other than the current user profile.
- @retval EFI_UNSUPPORTED This credential provider does not support enrollment in
- the pre-OS.
- @retval EFI_DEVICE_ERROR The new credential could not be created because of a device
- error.
- @retval EFI_INVALID_PARAMETER User does not refer to a valid user profile handle.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialEnroll (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN EFI_USER_PROFILE_HANDLE User
- )
-{
- EFI_STATUS Status;
- UINTN Index;
- PASSWORD_INFO PwdInfo;
- EFI_USER_INFO *UserInfo;
- CHAR8 Password[CREDENTIAL_LEN];
- EFI_INPUT_KEY Key;
- UINT8 *UserId;
- CHAR16 *QuestionStr;
- CHAR16 *PromptStr;
-
- if ((This == NULL) || (User == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- //
- // Get User Identifier.
- //
- UserInfo = NULL;
- Status = FindUserInfoByType (
- User,
- EFI_USER_INFO_IDENTIFIER_RECORD,
- &UserInfo
- );
- if (EFI_ERROR (Status)) {
- return EFI_INVALID_PARAMETER;
- }
-
- CopyMem (PwdInfo.UserId, (UINT8 *) (UserInfo + 1), sizeof (EFI_USER_INFO_IDENTIFIER));
- FreePool (UserInfo);
-
- //
- // Get password from user.
- //
- while (TRUE) {
- //
- // Input password.
- //
- GetPassword (TRUE, PwdInfo.Password);
-
- //
- // Input password again.
- //
- GetPassword (FALSE, Password);
-
- //
- // Compare the two password consistency.
- //
- if (CompareMem (PwdInfo.Password, Password, CREDENTIAL_LEN) == 0) {
- break;
- }
-
- QuestionStr = GetStringById (STRING_TOKEN (STR_PASSWORD_MISMATCH));
- PromptStr = GetStringById (STRING_TOKEN (STR_INPUT_PASSWORD_AGAIN));
- CreatePopUp (
- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
- &Key,
- QuestionStr,
- L"",
- PromptStr,
- NULL
- );
- FreePool (QuestionStr);
- FreePool (PromptStr);
- }
-
- //
- // Check whether User is ever enrolled in the provider.
- //
- for (Index = 0; Index < mPwdTable->Count; Index++) {
- UserId = (UINT8 *) &mPwdTable->UserInfo[Index].UserId;
- if (CompareMem (UserId, (UINT8 *) &PwdInfo.UserId, sizeof (EFI_USER_INFO_IDENTIFIER)) == 0) {
- //
- // User already exists, update the password.
- //
- break;
- }
- }
-
- //
- // Enroll the User to the provider.
- //
- Status = ModifyTable (Index, &PwdInfo);
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- return EFI_SUCCESS;
-}
-
-
-/**
- Returns the user interface information used during user identification.
-
- This function returns information about the form used when interacting with the
- user during user identification. The form is the first enabled form in the form-set
- class EFI_HII_USER_CREDENTIAL_FORMSET_GUID installed on the HII handle HiiHandle. If
- the user credential provider does not require a form to identify the user, then this
- function should return EFI_NOT_FOUND.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[out] Hii On return, holds the HII database handle.
- @param[out] FormSetId On return, holds the identifier of the form set which contains
- the form used during user identification.
- @param[out] FormId On return, holds the identifier of the form used during user
- identification.
-
- @retval EFI_SUCCESS Form returned successfully.
- @retval EFI_NOT_FOUND Form not returned.
- @retval EFI_INVALID_PARAMETER Hii is NULL or FormSetId is NULL or FormId is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialForm (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- OUT EFI_HII_HANDLE *Hii,
- OUT EFI_GUID *FormSetId,
- OUT EFI_FORM_ID *FormId
- )
-{
- if ((This == NULL) || (Hii == NULL) ||
- (FormSetId == NULL) || (FormId == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- *Hii = mCallbackInfo->HiiHandle;
- *FormId = FORMID_GET_PASSWORD_FORM;
- CopyGuid (FormSetId, &gPwdCredentialProviderGuid);
-
- return EFI_SUCCESS;
-}
-
-
-/**
- Returns bitmap used to describe the credential provider type.
-
- This optional function returns a bitmap that is less than or equal to the number
- of pixels specified by Width and Height. If no such bitmap exists, then EFI_NOT_FOUND
- is returned.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in, out] Width On entry, points to the desired bitmap width. If NULL then no
- bitmap information will be returned. On exit, points to the
- width of the bitmap returned.
- @param[in, out] Height On entry, points to the desired bitmap height. If NULL then no
- bitmap information will be returned. On exit, points to the
- height of the bitmap returned
- @param[out] Hii On return, holds the HII database handle.
- @param[out] Image On return, holds the HII image identifier.
-
- @retval EFI_SUCCESS Image identifier returned successfully.
- @retval EFI_NOT_FOUND Image identifier not returned.
- @retval EFI_INVALID_PARAMETER Hii is NULL or Image is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialTile (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN OUT UINTN *Width,
- IN OUT UINTN *Height,
- OUT EFI_HII_HANDLE *Hii,
- OUT EFI_IMAGE_ID *Image
- )
-{
- if ((This == NULL) || (Hii == NULL) || (Image == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
- return EFI_NOT_FOUND;
-}
-
-
-/**
- Returns string used to describe the credential provider type.
-
- This function returns a string which describes the credential provider. If no
- such string exists, then EFI_NOT_FOUND is returned.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[out] Hii On return, holds the HII database handle.
- @param[out] String On return, holds the HII string identifier.
-
- @retval EFI_SUCCESS String identifier returned successfully.
- @retval EFI_NOT_FOUND String identifier not returned.
- @retval EFI_INVALID_PARAMETER Hii is NULL or String is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialTitle (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- OUT EFI_HII_HANDLE *Hii,
- OUT EFI_STRING_ID *String
- )
-{
- if ((This == NULL) || (Hii == NULL) || (String == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- //
- // Set Hii handle and String ID.
- //
- *Hii = mCallbackInfo->HiiHandle;
- *String = STRING_TOKEN (STR_CREDENTIAL_TITLE);
-
- return EFI_SUCCESS;
-}
-
-
-/**
- Return the user identifier associated with the currently authenticated user.
-
- This function returns the user identifier of the user authenticated by this credential
- provider. This function is called after the credential-related information has been
- submitted on a form, OR after a call to Default() has returned that this credential is
- ready to log on.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in] User The user profile handle of the user profile currently being
- considered by the user identity manager. If NULL, then no user
- profile is currently under consideration.
- @param[out] Identifier On return, points to the user identifier.
-
- @retval EFI_SUCCESS User identifier returned successfully.
- @retval EFI_NOT_READY No user identifier can be returned.
- @retval EFI_ACCESS_DENIED The user has been locked out of this user credential.
- @retval EFI_INVALID_PARAMETER This is NULL, or Identifier is NULL.
- @retval EFI_NOT_FOUND User is not NULL, and the specified user handle can't be
- found in user profile database
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialUser (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN EFI_USER_PROFILE_HANDLE User,
- OUT EFI_USER_INFO_IDENTIFIER *Identifier
- )
-{
- EFI_STATUS Status;
- UINTN Index;
- EFI_USER_INFO *UserInfo;
- UINT8 *UserId;
- UINT8 *NewUserId;
- CHAR8 *Pwd;
- CHAR8 *NewPwd;
-
- if ((This == NULL) || (Identifier == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- if (mPwdTable->ValidIndex == 0) {
- //
- // No password input, or the input password doesn't match
- // anyone in PwdTable.
- //
- return EFI_NOT_READY;
- }
-
- if (User == NULL) {
- //
- // Return the user ID whose password matches the input password.
- //
- CopyMem (
- Identifier,
- &mPwdTable->UserInfo[mPwdTable->ValidIndex - 1].UserId,
- sizeof (EFI_USER_INFO_IDENTIFIER)
- );
- return EFI_SUCCESS;
- }
-
- //
- // Get the User's ID.
- //
- Status = FindUserInfoByType (
- User,
- EFI_USER_INFO_IDENTIFIER_RECORD,
- &UserInfo
- );
- if (EFI_ERROR (Status)) {
- return EFI_NOT_FOUND;
- }
-
- //
- // Check whether the input password matches one in PwdTable.
- //
- for (Index = 0; Index < mPwdTable->Count; Index++) {
- UserId = (UINT8 *) &mPwdTable->UserInfo[Index].UserId;
- NewUserId = (UINT8 *) (UserInfo + 1);
- if (CompareMem (UserId, NewUserId, sizeof (EFI_USER_INFO_IDENTIFIER)) == 0) {
- Pwd = mPwdTable->UserInfo[Index].Password;
- NewPwd = mPwdTable->UserInfo[mPwdTable->ValidIndex - 1].Password;
- if (CompareMem (Pwd, NewPwd, CREDENTIAL_LEN) == 0) {
- CopyMem (Identifier, UserId, sizeof (EFI_USER_INFO_IDENTIFIER));
- FreePool (UserInfo);
- return EFI_SUCCESS;
- }
- }
- }
-
- FreePool (UserInfo);
- return EFI_NOT_READY;
-}
-
-
-/**
- Indicate that user interface interaction has begun for the specified credential.
-
- This function is called when a credential provider is selected by the user. If
- AutoLogon returns FALSE, then the user interface will be constructed by the User
- Identity Manager.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[out] AutoLogon On return, points to the credential provider's capabilities
- after the credential provider has been selected by the user.
-
- @retval EFI_SUCCESS Credential provider successfully selected.
- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialSelect (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
- )
-{
- if ((This == NULL) || (AutoLogon == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
- *AutoLogon = 0;
-
- return EFI_SUCCESS;
-}
-
-
-/**
- Indicate that user interface interaction has ended for the specified credential.
-
- This function is called when a credential provider is deselected by the user.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
-
- @retval EFI_SUCCESS Credential provider successfully deselected.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialDeselect (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This
- )
-{
- if (This == NULL) {
- return EFI_INVALID_PARAMETER;
- }
- return EFI_SUCCESS;
-}
-
-
-/**
- Return the default logon behavior for this user credential.
-
- This function reports the default login behavior regarding this credential provider.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[out] AutoLogon On return, holds whether the credential provider should be used
- by default to automatically log on the user.
-
- @retval EFI_SUCCESS Default information successfully returned.
- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialDefault (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
- )
-{
- if ((This == NULL) || (AutoLogon == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
- *AutoLogon = 0;
-
- return EFI_SUCCESS;
-}
-
-
-/**
- Return information attached to the credential provider.
-
- This function returns user information.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in] UserInfo Handle of the user information data record.
- @param[out] Info On entry, points to a buffer of at least *InfoSize bytes. On
- exit, holds the user information. If the buffer is too small
- to hold the information, then EFI_BUFFER_TOO_SMALL is returned
- and InfoSize is updated to contain the number of bytes actually
- required.
- @param[in, out] InfoSize On entry, points to the size of Info. On return, points to the
- size of the user information.
-
- @retval EFI_SUCCESS Information returned successfully.
- @retval EFI_BUFFER_TOO_SMALL The size specified by InfoSize is too small to hold all of the
- user information. The size required is returned in *InfoSize.
- @retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
- @retval EFI_NOT_FOUND The specified UserInfo does not refer to a valid user info handle.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialGetInfo (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN EFI_USER_INFO_HANDLE UserInfo,
- OUT EFI_USER_INFO *Info,
- IN OUT UINTN *InfoSize
- )
-{
- EFI_USER_INFO *CredentialInfo;
- UINTN Index;
-
- if ((This == NULL) || (InfoSize == NULL) || (Info == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- if ((UserInfo == NULL) || (mPwdInfoHandle == NULL)) {
- return EFI_NOT_FOUND;
- }
-
- //
- // Find information handle in credential info table.
- //
- for (Index = 0; Index < mPwdInfoHandle->Count; Index++) {
- CredentialInfo = mPwdInfoHandle->Info[Index];
- if (UserInfo == (EFI_USER_INFO_HANDLE)CredentialInfo) {
- //
- // The handle is found, copy the user info.
- //
- if (CredentialInfo->InfoSize > *InfoSize) {
- *InfoSize = CredentialInfo->InfoSize;
- return EFI_BUFFER_TOO_SMALL;
- }
- CopyMem (Info, CredentialInfo, CredentialInfo->InfoSize);
- return EFI_SUCCESS;
- }
- }
-
- return EFI_NOT_FOUND;
-}
-
-
-/**
- Enumerate all of the user informations on the credential provider.
-
- This function returns the next user information record. To retrieve the first user
- information record handle, point UserInfo at a NULL. Each subsequent call will retrieve
- another user information record handle until there are no more, at which point UserInfo
- will point to NULL.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in, out] UserInfo On entry, points to the previous user information handle or NULL
- to start enumeration. On exit, points to the next user information
- handle or NULL if there is no more user information.
-
- @retval EFI_SUCCESS User information returned.
- @retval EFI_NOT_FOUND No more user information found.
- @retval EFI_INVALID_PARAMETER UserInfo is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialGetNextInfo (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN OUT EFI_USER_INFO_HANDLE *UserInfo
- )
-{
- EFI_USER_INFO *Info;
- CHAR16 *ProvNameStr;
- UINTN InfoLen;
- UINTN Index;
- UINTN ProvStrLen;
-
- if ((This == NULL) || (UserInfo == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- if (mPwdInfoHandle == NULL) {
- //
- // Initilized user info table. There are 4 user info records in the table.
- //
- InfoLen = sizeof (PASSWORD_CREDENTIAL_INFO) + (4 - 1) * sizeof (EFI_USER_INFO *);
- mPwdInfoHandle = AllocateZeroPool (InfoLen);
- if (mPwdInfoHandle == NULL) {
- *UserInfo = NULL;
- return EFI_NOT_FOUND;
- }
-
- //
- // The first information, Credential Provider info.
- //
- InfoLen = sizeof (EFI_USER_INFO) + sizeof (EFI_GUID);
- Info = AllocateZeroPool (InfoLen);
- ASSERT (Info != NULL);
-
- Info->InfoType = EFI_USER_INFO_CREDENTIAL_PROVIDER_RECORD;
- Info->InfoSize = (UINT32) InfoLen;
- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
- CopyGuid (&Info->Credential, &gPwdCredentialProviderGuid);
- CopyGuid ((EFI_GUID *)(Info + 1), &gPwdCredentialProviderGuid);
-
- mPwdInfoHandle->Info[0] = Info;
- mPwdInfoHandle->Count++;
-
- //
- // The second information, Credential Provider name info.
- //
- ProvNameStr = GetStringById (STRING_TOKEN (STR_PROVIDER_NAME));
- ProvStrLen = StrSize (ProvNameStr);
- InfoLen = sizeof (EFI_USER_INFO) + ProvStrLen;
- Info = AllocateZeroPool (InfoLen);
- ASSERT (Info != NULL);
-
- Info->InfoType = EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD;
- Info->InfoSize = (UINT32) InfoLen;
- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
- CopyGuid (&Info->Credential, &gPwdCredentialProviderGuid);
- CopyMem ((UINT8*)(Info + 1), ProvNameStr, ProvStrLen);
- FreePool (ProvNameStr);
-
- mPwdInfoHandle->Info[1] = Info;
- mPwdInfoHandle->Count++;
-
- //
- // The third information, Credential Provider type info.
- //
- InfoLen = sizeof (EFI_USER_INFO) + sizeof (EFI_GUID);
- Info = AllocateZeroPool (InfoLen);
- ASSERT (Info != NULL);
-
- Info->InfoType = EFI_USER_INFO_CREDENTIAL_TYPE_RECORD;
- Info->InfoSize = (UINT32) InfoLen;
- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
- CopyGuid (&Info->Credential, &gPwdCredentialProviderGuid);
- CopyGuid ((EFI_GUID *)(Info + 1), &gEfiUserCredentialClassPasswordGuid);
-
- mPwdInfoHandle->Info[2] = Info;
- mPwdInfoHandle->Count++;
-
- //
- // The fourth information, Credential Provider type name info.
- //
- ProvNameStr = GetStringById (STRING_TOKEN (STR_PROVIDER_TYPE_NAME));
- ProvStrLen = StrSize (ProvNameStr);
- InfoLen = sizeof (EFI_USER_INFO) + ProvStrLen;
- Info = AllocateZeroPool (InfoLen);
- ASSERT (Info != NULL);
-
- Info->InfoType = EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD;
- Info->InfoSize = (UINT32) InfoLen;
- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
- CopyGuid (&Info->Credential, &gPwdCredentialProviderGuid);
- CopyMem ((UINT8*)(Info + 1), ProvNameStr, ProvStrLen);
- FreePool (ProvNameStr);
-
- mPwdInfoHandle->Info[3] = Info;
- mPwdInfoHandle->Count++;
- }
-
- if (*UserInfo == NULL) {
- //
- // Return the first info handle.
- //
- *UserInfo = (EFI_USER_INFO_HANDLE) mPwdInfoHandle->Info[0];
- return EFI_SUCCESS;
- }
-
- //
- // Find information handle in credential info table.
- //
- for (Index = 0; Index < mPwdInfoHandle->Count; Index++) {
- Info = mPwdInfoHandle->Info[Index];
- if (*UserInfo == (EFI_USER_INFO_HANDLE)Info) {
- //
- // The handle is found, get the next one.
- //
- if (Index == mPwdInfoHandle->Count - 1) {
- //
- // Already last one.
- //
- *UserInfo = NULL;
- return EFI_NOT_FOUND;
- }
-
- Index++;
- *UserInfo = (EFI_USER_INFO_HANDLE)mPwdInfoHandle->Info[Index];
- return EFI_SUCCESS;
- }
- }
-
- *UserInfo = NULL;
- return EFI_NOT_FOUND;
-}
-
-/**
- Delete a user on this credential provider.
-
- This function deletes a user on this credential provider.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in] User The user profile handle to delete.
-
- @retval EFI_SUCCESS User profile was successfully deleted.
- @retval EFI_ACCESS_DENIED Current user profile does not permit deletion on the user profile handle.
- Either the user profile cannot delete on any user profile or cannot delete
- on a user profile other than the current user profile.
- @retval EFI_UNSUPPORTED This credential provider does not support deletion in the pre-OS.
- @retval EFI_DEVICE_ERROR The new credential could not be deleted because of a device error.
- @retval EFI_INVALID_PARAMETER User does not refer to a valid user profile handle.
-**/
-EFI_STATUS
-EFIAPI
-CredentialDelete (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN EFI_USER_PROFILE_HANDLE User
- )
-{
- EFI_STATUS Status;
- EFI_USER_INFO *UserInfo;
- UINT8 *UserId;
- UINT8 *NewUserId;
- UINTN Index;
-
- if ((This == NULL) || (User == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- //
- // Get User Identifier.
- //
- UserInfo = NULL;
- Status = FindUserInfoByType (
- User,
- EFI_USER_INFO_IDENTIFIER_RECORD,
- &UserInfo
- );
- if (EFI_ERROR (Status)) {
- return EFI_INVALID_PARAMETER;
- }
-
- //
- // Find the user by user identifier in mPwdTable.
- //
- for (Index = 0; Index < mPwdTable->Count; Index++) {
- UserId = (UINT8 *) &mPwdTable->UserInfo[Index].UserId;
- NewUserId = (UINT8 *) (UserInfo + 1);
- if (CompareMem (UserId, NewUserId, sizeof (EFI_USER_INFO_IDENTIFIER)) == 0) {
- //
- // Found the user, delete it.
- //
- ModifyTable (Index, NULL);
- break;
- }
- }
-
- FreePool (UserInfo);
- return EFI_SUCCESS;
-}
-
-
-/**
- Main entry for this driver.
-
- @param ImageHandle Image handle this driver.
- @param SystemTable Pointer to SystemTable.
-
- @retval EFI_SUCESS This function always complete successfully.
-
-**/
-EFI_STATUS
-EFIAPI
-PasswordProviderInit (
- IN EFI_HANDLE ImageHandle,
- IN EFI_SYSTEM_TABLE *SystemTable
- )
-{
- EFI_STATUS Status;
-
- //
- // It is NOT robust enough to be included in production.
- //
- #error "This implementation is just a sample, please comment this line if you really want to use this driver."
-
- //
- // Init credential table.
- //
- Status = InitCredentialTable ();
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- //
- // Init Form Browser.
- //
- Status = InitFormBrowser ();
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- //
- // Install protocol interfaces for the password credential provider.
- //
- Status = gBS->InstallProtocolInterface (
- &mCallbackInfo->DriverHandle,
- &gEfiUserCredential2ProtocolGuid,
- EFI_NATIVE_INTERFACE,
- &gPwdCredentialProviderDriver
- );
- return Status;
-}
diff --git a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProvider.h b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProvider.h
deleted file mode 100644
index fd782549fd..0000000000
--- a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProvider.h
+++ /dev/null
@@ -1,374 +0,0 @@
-/** @file
- Password Credential Provider driver header file.
-
-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#ifndef _PASSWORD_CREDENTIAL_PROVIDER_H_
-#define _PASSWORD_CREDENTIAL_PROVIDER_H_
-
-#include <Uefi.h>
-
-#include <Guid/GlobalVariable.h>
-
-#include <Protocol/HiiConfigAccess.h>
-#include <Protocol/UserCredential2.h>
-#include <Protocol/UserManager.h>
-
-#include <Library/UefiRuntimeServicesTableLib.h>
-#include <Library/UefiBootServicesTableLib.h>
-#include <Library/MemoryAllocationLib.h>
-#include <Library/BaseMemoryLib.h>
-#include <Library/DevicePathLib.h>
-#include <Library/DebugLib.h>
-#include <Library/UefiLib.h>
-#include <Library/PrintLib.h>
-#include <Library/HiiLib.h>
-#include <Library/BaseCryptLib.h>
-
-#include "PwdCredentialProviderData.h"
-
-extern UINT8 PwdCredentialProviderStrings[];
-extern UINT8 PwdCredentialProviderVfrBin[];
-
-#define PASSWORD_TABLE_INC 16
-#define CREDENTIAL_LEN 20
-
-//
-// Password credential information.
-//
-typedef struct {
- EFI_USER_INFO_IDENTIFIER UserId;
- CHAR8 Password[CREDENTIAL_LEN];
-} PASSWORD_INFO;
-
-//
-// Password credential table.
-//
-typedef struct {
- UINTN Count;
- UINTN MaxCount;
- UINTN ValidIndex;
- PASSWORD_INFO UserInfo[1];
-} CREDENTIAL_TABLE;
-
-//
-// The user information on the password provider.
-//
-typedef struct {
- UINTN Count;
- EFI_USER_INFO *Info[1];
-} PASSWORD_CREDENTIAL_INFO;
-
-///
-/// HII specific Vendor Device Path definition.
-///
-typedef struct {
- VENDOR_DEVICE_PATH VendorDevicePath;
- EFI_DEVICE_PATH_PROTOCOL End;
-} HII_VENDOR_DEVICE_PATH;
-
-#define PWD_PROVIDER_SIGNATURE SIGNATURE_32 ('P', 'W', 'D', 'P')
-
-typedef struct {
- UINTN Signature;
- EFI_HANDLE DriverHandle;
- EFI_HII_HANDLE HiiHandle;
- //
- // Produced protocol.
- //
- EFI_HII_CONFIG_ACCESS_PROTOCOL ConfigAccess;
-} PWD_PROVIDER_CALLBACK_INFO;
-
-
-/**
- Enroll a user on a credential provider.
-
- This function enrolls a user on this credential provider. If the user exists on
- this credential provider, update the user information on this credential provider;
- otherwise delete the user information on credential provider.
-
- @param[in] This Points to this instance of EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in] User The user profile to enroll.
-
- @retval EFI_SUCCESS User profile was successfully enrolled.
- @retval EFI_ACCESS_DENIED Current user profile does not permit enrollment on the
- user profile handle. Either the user profile cannot enroll
- on any user profile or cannot enroll on a user profile
- other than the current user profile.
- @retval EFI_UNSUPPORTED This credential provider does not support enrollment in
- the pre-OS.
- @retval EFI_DEVICE_ERROR The new credential could not be created because of a device
- error.
- @retval EFI_INVALID_PARAMETER User does not refer to a valid user profile handle.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialEnroll (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN EFI_USER_PROFILE_HANDLE User
- );
-
-/**
- Returns the user interface information used during user identification.
-
- This function returns information about the form used when interacting with the
- user during user identification. The form is the first enabled form in the form-set
- class EFI_HII_USER_CREDENTIAL_FORMSET_GUID installed on the HII handle HiiHandle. If
- the user credential provider does not require a form to identify the user, then this
- function should return EFI_NOT_FOUND.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[out] Hii On return, holds the HII database handle.
- @param[out] FormSetId On return, holds the identifier of the form set which contains
- the form used during user identification.
- @param[out] FormId On return, holds the identifier of the form used during user
- identification.
-
- @retval EFI_SUCCESS Form returned successfully.
- @retval EFI_NOT_FOUND Form not returned.
- @retval EFI_INVALID_PARAMETER Hii is NULL or FormSetId is NULL or FormId is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialForm (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- OUT EFI_HII_HANDLE *Hii,
- OUT EFI_GUID *FormSetId,
- OUT EFI_FORM_ID *FormId
- );
-
-/**
- Returns bitmap used to describe the credential provider type.
-
- This optional function returns a bitmap which is less than or equal to the number
- of pixels specified by Width and Height. If no such bitmap exists, then EFI_NOT_FOUND
- is returned.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in, out] Width On entry, points to the desired bitmap width. If NULL then no
- bitmap information will be returned. On exit, points to the
- width of the bitmap returned.
- @param[in, out] Height On entry, points to the desired bitmap height. If NULL then no
- bitmap information will be returned. On exit, points to the
- height of the bitmap returned
- @param[out] Hii On return, holds the HII database handle.
- @param[out] Image On return, holds the HII image identifier.
-
- @retval EFI_SUCCESS Image identifier returned successfully.
- @retval EFI_NOT_FOUND Image identifier not returned.
- @retval EFI_INVALID_PARAMETER Hii is NULL or Image is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialTile (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN OUT UINTN *Width,
- IN OUT UINTN *Height,
- OUT EFI_HII_HANDLE *Hii,
- OUT EFI_IMAGE_ID *Image
- );
-
-/**
- Returns string used to describe the credential provider type.
-
- This function returns a string which describes the credential provider. If no
- such string exists, then EFI_NOT_FOUND is returned.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[out] Hii On return, holds the HII database handle.
- @param[out] String On return, holds the HII string identifier.
-
- @retval EFI_SUCCESS String identifier returned successfully.
- @retval EFI_NOT_FOUND String identifier not returned.
- @retval EFI_INVALID_PARAMETER Hii is NULL or String is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialTitle (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- OUT EFI_HII_HANDLE *Hii,
- OUT EFI_STRING_ID *String
- );
-
-/**
- Return the user identifier associated with the currently authenticated user.
-
- This function returns the user identifier of the user authenticated by this credential
- provider. This function is called after the credential-related information has been
- submitted on a form OR after a call to Default() has returned that this credential is
- ready to log on.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in] User The user profile handle of the user profile currently being
- considered by the user identity manager. If NULL, then no user
- profile is currently under consideration.
- @param[out] Identifier On return, points to the user identifier.
-
- @retval EFI_SUCCESS User identifier returned successfully.
- @retval EFI_NOT_READY No user identifier can be returned.
- @retval EFI_ACCESS_DENIED The user has been locked out of this user credential.
- @retval EFI_INVALID_PARAMETER This is NULL, or Identifier is NULL.
- @retval EFI_NOT_FOUND User is not NULL, and the specified user handle can't be
- found in user profile database
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialUser (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN EFI_USER_PROFILE_HANDLE User,
- OUT EFI_USER_INFO_IDENTIFIER *Identifier
- );
-
-/**
- Indicate that user interface interaction has begun for the specified credential.
-
- This function is called when a credential provider is selected by the user. If
- AutoLogon returns FALSE, then the user interface will be constructed by the User
- Identity Manager.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[out] AutoLogon On return, points to the credential provider's capabilities
- after the credential provider has been selected by the user.
-
- @retval EFI_SUCCESS Credential provider successfully selected.
- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialSelect (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
- );
-
-/**
- Indicate that user interface interaction has ended for the specified credential.
-
- This function is called when a credential provider is deselected by the user.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
-
- @retval EFI_SUCCESS Credential provider successfully deselected.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialDeselect (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This
- );
-
-/**
- Return the default logon behavior for this user credential.
-
- This function reports the default login behavior regarding this credential provider.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[out] AutoLogon On return, holds whether the credential provider should be used
- by default to automatically log on the user.
-
- @retval EFI_SUCCESS Default information successfully returned.
- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialDefault (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
- );
-
-/**
- Return information attached to the credential provider.
-
- This function returns user information.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in] UserInfo Handle of the user information data record.
- @param[out] Info On entry, points to a buffer of at least *InfoSize bytes. On
- exit, holds the user information. If the buffer is too small
- to hold the information, then EFI_BUFFER_TOO_SMALL is returned
- and InfoSize is updated to contain the number of bytes actually
- required.
- @param[in, out] InfoSize On entry, points to the size of Info. On return, points to the
- size of the user information.
-
- @retval EFI_SUCCESS Information returned successfully.
- @retval EFI_BUFFER_TOO_SMALL The size specified by InfoSize is too small to hold all of the
- user information. The size required is returned in *InfoSize.
- @retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
- @retval EFI_NOT_FOUND The specified UserInfo does not refer to a valid user info handle.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialGetInfo (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN EFI_USER_INFO_HANDLE UserInfo,
- OUT EFI_USER_INFO *Info,
- IN OUT UINTN *InfoSize
- );
-
-
-/**
- Enumerate all of the user informations on the credential provider.
-
- This function returns the next user information record. To retrieve the first user
- information record handle, point UserInfo at a NULL. Each subsequent call will retrieve
- another user information record handle until there are no more, at which point UserInfo
- will point to NULL.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in, out] UserInfo On entry, points to the previous user information handle or NULL
- to start enumeration. On exit, points to the next user information
- handle or NULL if there is no more user information.
-
- @retval EFI_SUCCESS User information returned.
- @retval EFI_NOT_FOUND No more user information found.
- @retval EFI_INVALID_PARAMETER UserInfo is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialGetNextInfo (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN OUT EFI_USER_INFO_HANDLE *UserInfo
- );
-
-/**
- Delete a user on this credential provider.
-
- This function deletes a user on this credential provider.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in] User The user profile handle to delete.
-
- @retval EFI_SUCCESS User profile was successfully deleted.
- @retval EFI_ACCESS_DENIED Current user profile does not permit deletion on the user profile handle.
- Either the user profile cannot delete on any user profile or cannot delete
- on a user profile other than the current user profile.
- @retval EFI_UNSUPPORTED This credential provider does not support deletion in the pre-OS.
- @retval EFI_DEVICE_ERROR The new credential could not be deleted because of a device error.
- @retval EFI_INVALID_PARAMETER User does not refer to a valid user profile handle.
-**/
-EFI_STATUS
-EFIAPI
-CredentialDelete (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN EFI_USER_PROFILE_HANDLE User
- );
-
-#endif
diff --git a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProvider.uni b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProvider.uni
deleted file mode 100644
index 749e9a8f17..0000000000
--- a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProvider.uni
+++ /dev/null
@@ -1,21 +0,0 @@
-// /** @file
-// Provides a password credential provider implementation
-//
-// This module provides a password credential provider implementation.
-//
-// Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
-//
-// This program and the accompanying materials
-// are licensed and made available under the terms and conditions of the BSD License
-// which accompanies this distribution. The full text of the license may be found at
-// http://opensource.org/licenses/bsd-license.php
-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-//
-// **/
-
-
-#string STR_MODULE_ABSTRACT #language en-US "Provides a password credential provider implementation"
-
-#string STR_MODULE_DESCRIPTION #language en-US "This module provides a password credential provider implementation."
-
diff --git a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProviderData.h b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProviderData.h
deleted file mode 100644
index 31bdfe4c50..0000000000
--- a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProviderData.h
+++ /dev/null
@@ -1,30 +0,0 @@
-/** @file
- Data structure used by the Password Credential Provider driver.
-
-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#ifndef _PWD_CREDENTIAL_PROVIDER_DATA_H_
-#define _PWD_CREDENTIAL_PROVIDER_DATA_H_
-
-#include <Guid/PwdCredentialProviderHii.h>
-
-//
-// Forms definition
-//
-#define FORMID_GET_PASSWORD_FORM 1
-
-//
-// Key defination
-//
-#define KEY_GET_PASSWORD 0x1000
-
-#endif
diff --git a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProviderDxe.inf b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProviderDxe.inf
deleted file mode 100644
index ab7ba2c913..0000000000
--- a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProviderDxe.inf
+++ /dev/null
@@ -1,65 +0,0 @@
-## @file
-# Provides a password credential provider implementation
-# This module provides a password credential provider implementation.
-#
-# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
-# This program and the accompanying materials
-# are licensed and made available under the terms and conditions of the BSD License
-# which accompanies this distribution. The full text of the license may be found at
-# http://opensource.org/licenses/bsd-license.php
-# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-#
-##
-
-[Defines]
- INF_VERSION = 0x00010005
- BASE_NAME = PwdCredentialProvider
- MODULE_UNI_FILE = PwdCredentialProvider.uni
- FILE_GUID = D6C589EA-DD29-49ef-97F6-1A9FE19A04E0
- MODULE_TYPE = UEFI_DRIVER
- VERSION_STRING = 1.0
- ENTRY_POINT = PasswordProviderInit
-
-[Sources]
- PwdCredentialProvider.c
- PwdCredentialProvider.h
- PwdCredentialProviderData.h
- PwdCredentialProviderVfr.Vfr
- PwdCredentialProviderStrings.uni
-
-[Packages]
- MdePkg/MdePkg.dec
- MdeModulePkg/MdeModulePkg.dec
- CryptoPkg/CryptoPkg.dec
- SecurityPkg/SecurityPkg.dec
-
-[LibraryClasses]
- UefiRuntimeServicesTableLib
- UefiBootServicesTableLib
- UefiDriverEntryPoint
- MemoryAllocationLib
- BaseMemoryLib
- DebugLib
- HiiLib
- UefiLib
- BaseCryptLib
-
-[Guids]
- gEfiUserCredentialClassPasswordGuid ## SOMETIMES_CONSUMES ## GUID
-
- ## PRODUCES ## Variable:L"PwdCredential"
- ## CONSUMES ## Variable:L"PwdCredential"
- ## CONSUMES ## HII
- ## SOMETIMES_CONSUMES ## GUID # The credential provider identifier
- gPwdCredentialProviderGuid
-
-[Protocols]
- gEfiDevicePathProtocolGuid ## PRODUCES
- gEfiHiiConfigAccessProtocolGuid ## PRODUCES
- gEfiUserCredential2ProtocolGuid ## PRODUCES
- gEfiUserManagerProtocolGuid ## SOMETIMES_CONSUMES
-
-[UserExtensions.TianoCore."ExtraFiles"]
- PwdCredentialProviderExtra.uni
-
diff --git a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProviderExtra.uni b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProviderExtra.uni
deleted file mode 100644
index bcc220a51d..0000000000
--- a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProviderExtra.uni
+++ /dev/null
@@ -1,19 +0,0 @@
-// /** @file
-// PwdCredentialProvider Localized Strings and Content
-//
-// Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
-//
-// This program and the accompanying materials
-// are licensed and made available under the terms and conditions of the BSD License
-// which accompanies this distribution. The full text of the license may be found at
-// http://opensource.org/licenses/bsd-license.php
-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-//
-// **/
-
-#string STR_PROPERTIES_MODULE_NAME
-#language en-US
-"Password Credential Provider"
-
-
diff --git a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProviderStrings.uni b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProviderStrings.uni
deleted file mode 100644
index e7b3126f83..0000000000
--- a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProviderStrings.uni
+++ /dev/null
@@ -1,38 +0,0 @@
-/** @file
- String definitions for the Password Credential Provider.
-
-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php.
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#langdef en-US "English"
-#langdef fr-FR "Francais"
-
-#string STR_CREDENTIAL_TITLE #language en-US "Password Credential Provider"
- #language fr-FR "Password Credential Provider (French)"
-#string STR_FORM_TITLE #language en-US "Get Password"
- #language fr-FR "Get Password(French)"
-#string STR_NULL_STRING #language en-US ""
- #language fr-FR ""
-#string STR_INPUT_PASSWORD #language en-US "Please Input Password"
- #language fr-FR "Please Input Password(French)"
-#string STR_PROVIDER_NAME #language en-US "INTEL Password Credential Provider"
- #language fr-FR "INTEL Password Credential Provider(French)"
-#string STR_PROVIDER_TYPE_NAME #language en-US "Password Credential Provider"
- #language fr-FR "Password Credential Provider(French)"
-#string STR_INPUT_PASSWORD_AGAIN #language en-US "Input Password Again"
- #language fr-FR "Input Password Again (French)"
-#string STR_DRAW_A_LINE #language en-US "-----------------------------"
- #language fr-FR "------------------------------------"
-#string STR_PASSWORD_INCORRECT #language en-US " Incorrect Password! "
- #language fr-FR " Incorrect Password! (French) "
-#string STR_PASSWORD_MISMATCH #language en-US " The Password Mismatch! "
- #language fr-FR " The Password Mismatch! (French) "
-
diff --git a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProviderVfr.Vfr b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProviderVfr.Vfr
deleted file mode 100644
index 60972203b0..0000000000
--- a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProviderVfr.Vfr
+++ /dev/null
@@ -1,34 +0,0 @@
-/** @file
- Password Credential Provider formset.
-
-Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#include "PwdCredentialProviderData.h"
-
-formset
- guid = PWD_CREDENTIAL_PROVIDER_GUID,
- title = STRING_TOKEN(STR_CREDENTIAL_TITLE),
- help = STRING_TOKEN(STR_NULL_STRING),
- classguid = PWD_CREDENTIAL_PROVIDER_GUID,
-
- form formid = FORMID_GET_PASSWORD_FORM,
- title = STRING_TOKEN(STR_FORM_TITLE);
-
- text
- help = STRING_TOKEN(STR_NULL_STRING),
- text = STRING_TOKEN(STR_INPUT_PASSWORD),
- flags = INTERACTIVE,
- key = KEY_GET_PASSWORD;
-
- endform;
-
-endformset;
\ No newline at end of file
diff --git a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProvider.c b/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProvider.c
deleted file mode 100644
index 841e975103..0000000000
--- a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProvider.c
+++ /dev/null
@@ -1,1410 +0,0 @@
-/** @file
- Usb Credential Provider driver implemenetation.
-
-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#include "UsbCredentialProvider.h"
-
-CREDENTIAL_TABLE *mUsbTable = NULL;
-USB_PROVIDER_CALLBACK_INFO *mCallbackInfo = NULL;
-USB_CREDENTIAL_INFO *mUsbInfoHandle = NULL;
-
-EFI_USER_CREDENTIAL2_PROTOCOL gUsbCredentialProviderDriver = {
- USB_CREDENTIAL_PROVIDER_GUID,
- EFI_USER_CREDENTIAL_CLASS_SECURE_CARD,
- CredentialEnroll,
- CredentialForm,
- CredentialTile,
- CredentialTitle,
- CredentialUser,
- CredentialSelect,
- CredentialDeselect,
- CredentialDefault,
- CredentialGetInfo,
- CredentialGetNextInfo,
- EFI_CREDENTIAL_CAPABILITIES_ENROLL,
- CredentialDelete
-};
-
-
-/**
- Get string by string id from HII Interface.
-
-
- @param[in] Id String ID to get the string from.
-
- @retval CHAR16 * String from ID.
- @retval NULL If error occurs.
-
-**/
-CHAR16 *
-GetStringById (
- IN EFI_STRING_ID Id
- )
-{
- //
- // Get the current string for the current Language
- //
- return HiiGetString (mCallbackInfo->HiiHandle, Id, NULL);
-}
-
-
-/**
- Expand password table size.
-
-**/
-VOID
-ExpandTableSize (
- VOID
- )
-{
- CREDENTIAL_TABLE *NewTable;
- UINTN Count;
-
- Count = mUsbTable->MaxCount + USB_TABLE_INC;
- //
- // Create new credential table.
- //
- NewTable = AllocateZeroPool (
- sizeof (CREDENTIAL_TABLE) - sizeof (USB_INFO) +
- Count * sizeof (USB_INFO)
- );
- ASSERT (NewTable != NULL);
-
- NewTable->MaxCount = Count;
- NewTable->Count = mUsbTable->Count;
-
- //
- // Copy old entries.
- //
- CopyMem (
- &NewTable->UserInfo,
- &mUsbTable->UserInfo,
- mUsbTable->Count * sizeof (USB_INFO)
- );
- FreePool (mUsbTable);
- mUsbTable = NewTable;
-}
-
-
-/**
- Add, update or delete info in table, and sync with NV variable.
-
- @param[in] Index The index of the password in table. If index is found in
- table, update the info, else add the into to table.
- @param[in] Info The new credential info to add into table. If Info is NULL,
- delete the info by Index.
-
- @retval EFI_INVALID_PARAMETER Info is NULL when save the info.
- @retval EFI_SUCCESS Modify the table successfully.
- @retval Others Failed to modify the table.
-
-**/
-EFI_STATUS
-ModifyTable (
- IN UINTN Index,
- IN USB_INFO * Info OPTIONAL
- )
-{
- EFI_STATUS Status;
- USB_INFO *NewUsbInfo;
-
- NewUsbInfo = NULL;
- if (Index < mUsbTable->Count) {
- if (Info == NULL) {
- //
- // Delete the specified entry.
- //
- mUsbTable->Count--;
- if (Index != mUsbTable->Count) {
- NewUsbInfo = &mUsbTable->UserInfo[mUsbTable->Count];
- }
- } else {
- //
- // Update the specified entry.
- //
- NewUsbInfo = Info;
- }
- } else {
- //
- // Add a new entry
- //
- if (Info == NULL) {
- return EFI_INVALID_PARAMETER;
- }
-
- if (mUsbTable->Count >= mUsbTable->MaxCount) {
- ExpandTableSize ();
- }
-
- NewUsbInfo = Info;
- mUsbTable->Count++;
- }
-
- if (NewUsbInfo != NULL) {
- CopyMem (&mUsbTable->UserInfo[Index], NewUsbInfo, sizeof (USB_INFO));
- }
-
- //
- // Save the credential table.
- //
- Status = gRT->SetVariable (
- L"UsbCredential",
- &gUsbCredentialProviderGuid,
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,
- mUsbTable->Count * sizeof (USB_INFO),
- &mUsbTable->UserInfo
- );
- return Status;
-}
-
-
-/**
- Create a credential table
-
- @retval EFI_SUCCESS Create a credential table successfully.
- @retval Others Failed to create a password.
-
-**/
-EFI_STATUS
-InitCredentialTable (
- VOID
- )
-{
- EFI_STATUS Status;
- UINT8 *Var;
- UINTN VarSize;
-
- //
- // Get Usb credential data from NV variable.
- //
- VarSize = 0;
- Var = NULL;
- Status = gRT->GetVariable (
- L"UsbCredential",
- &gUsbCredentialProviderGuid,
- NULL,
- &VarSize,
- Var
- );
- if (Status == EFI_BUFFER_TOO_SMALL) {
- Var = AllocateZeroPool (VarSize);
- if (Var == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
- Status = gRT->GetVariable (
- L"UsbCredential",
- &gUsbCredentialProviderGuid,
- NULL,
- &VarSize,
- Var
- );
- }
- if (EFI_ERROR (Status) && (Status != EFI_NOT_FOUND)) {
- return Status;
- }
-
- //
- // Init Usb credential table.
- //
- mUsbTable = AllocateZeroPool (
- sizeof (CREDENTIAL_TABLE) - sizeof (USB_INFO) +
- USB_TABLE_INC * sizeof (USB_INFO) +
- VarSize
- );
- if (mUsbTable == NULL) {
- FreePool (Var);
- return EFI_OUT_OF_RESOURCES;
- }
-
- mUsbTable->Count = VarSize / sizeof (USB_INFO);
- mUsbTable->MaxCount = mUsbTable->Count + USB_TABLE_INC;
- if (Var != NULL) {
- CopyMem (mUsbTable->UserInfo, Var, VarSize);
- FreePool (Var);
- }
- return EFI_SUCCESS;
-}
-
-
-/**
- Read the specified file by FileName in the Usb key and return the file size in BufferSize
- and file content in Buffer.
- Note: the caller is responsible to free the buffer memory.
-
- @param FileName File to read.
- @param Buffer Returned with data read from the file.
- @param BufferSize Size of the data buffer.
-
- @retval EFI_SUCCESS The command completed successfully.
- @retval EFI_OUT_OF_RESOURCES Resource allocation failed.
- @retval EFI_NOT_FOUND File not found.
- @retval EFI_DEVICE_ERROR Device I/O error.
-
-**/
-EFI_STATUS
-GetFileData (
- IN CHAR16 *FileName,
- OUT VOID **Buffer,
- OUT UINTN *BufferSize
- )
-{
- EFI_STATUS Status;
- UINTN Index;
- UINTN HandleCount;
- UINTN ScratchBufferSize;
- EFI_HANDLE *HandleBuffer;
- EFI_FILE *RootFs;
- EFI_FILE *FileHandle;
- EFI_FILE_INFO *FileInfo;
- EFI_SIMPLE_FILE_SYSTEM_PROTOCOL *SimpleFileSystem;
- EFI_BLOCK_IO_PROTOCOL *BlkIo;
-
- FileInfo = NULL;
- FileHandle = NULL;
-
- Status = gBS->LocateHandleBuffer (
- ByProtocol,
- &gEfiSimpleFileSystemProtocolGuid,
- NULL,
- &HandleCount,
- &HandleBuffer
- );
- if (EFI_ERROR (Status)) {
- DEBUG ((DEBUG_ERROR, "Can not Locate SimpleFileSystemProtocol\n"));
- goto Done;
- }
-
- //
- // Find and open the file in removable media disk.
- //
- for (Index = 0; Index < HandleCount; Index++) {
- Status = gBS->HandleProtocol (
- HandleBuffer[Index],
- &gEfiBlockIoProtocolGuid,
- (VOID **) &BlkIo
- );
- if (EFI_ERROR (Status)) {
- continue;
- }
-
- if (BlkIo->Media->RemovableMedia) {
- Status = gBS->HandleProtocol (
- HandleBuffer[Index],
- &gEfiSimpleFileSystemProtocolGuid,
- (VOID **) &SimpleFileSystem
- );
- if (EFI_ERROR (Status)) {
- continue;
- }
-
- Status = SimpleFileSystem->OpenVolume (
- SimpleFileSystem,
- &RootFs
- );
- if (EFI_ERROR (Status)) {
- continue;
- }
-
- Status = RootFs->Open (
- RootFs,
- &FileHandle,
- FileName,
- EFI_FILE_MODE_READ,
- 0
- );
- if (!EFI_ERROR (Status)) {
- break;
- }
- }
- }
-
- FreePool (HandleBuffer);
-
- if (Index >= HandleCount) {
- DEBUG ((DEBUG_ERROR, "Can not found the token file!\n"));
- Status = EFI_NOT_FOUND;
- goto Done;
- }
-
- //
- // Figure out how big the file is.
- //
- ScratchBufferSize = 0;
- Status = FileHandle->GetInfo (
- FileHandle,
- &gEfiFileInfoGuid,
- &ScratchBufferSize,
- NULL
- );
- if (EFI_ERROR (Status) && (Status != EFI_BUFFER_TOO_SMALL)) {
- DEBUG ((DEBUG_ERROR, "Can not obtain file size info!\n"));
- Status = EFI_DEVICE_ERROR;
- goto Done;
- }
-
- FileInfo = AllocateZeroPool (ScratchBufferSize);
- if (FileInfo == NULL) {
- DEBUG ((DEBUG_ERROR, "Can not allocate enough memory for the token file!\n"));
- Status = EFI_OUT_OF_RESOURCES;
- goto Done;
- }
-
- Status = FileHandle->GetInfo (
- FileHandle,
- &gEfiFileInfoGuid,
- &ScratchBufferSize,
- FileInfo
- );
- if (EFI_ERROR (Status)) {
- DEBUG ((DEBUG_ERROR, "Can not obtain file info from the token file!\n"));
- Status = EFI_DEVICE_ERROR;
- goto Done;
- }
-
- //
- // Allocate a buffer for the file.
- //
- *BufferSize = (UINT32) FileInfo->FileSize;
- *Buffer = AllocateZeroPool (*BufferSize);
- if (*Buffer == NULL) {
- DEBUG ((DEBUG_ERROR, "Can not allocate a buffer for the file!\n"));
- Status = EFI_OUT_OF_RESOURCES;
- goto Done;
- }
-
- //
- // Load file into the allocated memory.
- //
- Status = FileHandle->Read (FileHandle, BufferSize, *Buffer);
- if (EFI_ERROR (Status)) {
- FreePool (*Buffer);
- DEBUG ((DEBUG_ERROR, "Can not read the token file!\n"));
- Status = EFI_DEVICE_ERROR;
- goto Done;
- }
-
- //
- // Close file.
- //
- Status = FileHandle->Close (FileHandle);
- if (EFI_ERROR (Status)) {
- FreePool (*Buffer);
- DEBUG ((DEBUG_ERROR, "Can not close the token file !\n"));
- Status = EFI_DEVICE_ERROR;
- }
-
-Done:
-
- if (FileInfo != NULL) {
- FreePool (FileInfo);
- }
-
- return Status;
-}
-
-
-/**
- Hash the data to get credential.
-
- @param[in] Buffer Points to the data buffer
- @param[in] BufferSize The size of data in buffer, in bytes.
- @param[out] Credential Points to the hashed result
-
- @retval TRUE Hash the data successfully.
- @retval FALSE Failed to hash the data.
-
-**/
-BOOLEAN
-GenerateCredential (
- IN UINT8 *Buffer,
- IN UINTN BufferSize,
- OUT UINT8 *Credential
- )
-{
- BOOLEAN Status;
- UINTN HashSize;
- VOID *Hash;
-
- HashSize = Sha1GetContextSize ();
- Hash = AllocatePool (HashSize);
- ASSERT (Hash != NULL);
-
- Status = Sha1Init (Hash);
- if (!Status) {
- goto Done;
- }
-
- Status = Sha1Update (Hash, Buffer, BufferSize);
- if (!Status) {
- goto Done;
- }
-
- Status = Sha1Final (Hash, Credential);
-
-Done:
- FreePool (Hash);
- return Status;
-}
-
-
-/**
- Read the token file, and default the Token is saved at the begining of the file.
-
- @param[out] Token Token read from a Token file.
-
- @retval EFI_SUCCESS Read a Token successfully.
- @retval Others Fails to read a Token.
-
-**/
-EFI_STATUS
-GetToken (
- OUT UINT8 *Token
- )
-{
- EFI_STATUS Status;
- UINT8 *Buffer;
- UINTN BufSize;
- CHAR16 *TokenFile;
-
- BufSize = 0;
- Buffer = NULL;
- TokenFile = PcdGetPtr (PcdFixedUsbCredentialProviderTokenFileName);
- Status = GetFileData (TokenFile, (VOID *)&Buffer, &BufSize);
- if (EFI_ERROR (Status)) {
- DEBUG ((DEBUG_ERROR, "Read file %s from USB error! Status=(%r)\n", TokenFile, Status));
- return Status;
- }
-
- if (!GenerateCredential (Buffer, BufSize, Token)) {
- DEBUG ((DEBUG_ERROR, "Generate credential from read data failed!\n"));
- FreePool (Buffer);
- return EFI_SECURITY_VIOLATION;
- }
-
- FreePool (Buffer);
- return EFI_SUCCESS;
-}
-
-
-/**
- Find a user infomation record by the information record type.
-
- This function searches all user information records of User from beginning
- until either the information is found or there are no more user infomation
- record. A match occurs when a Info.InfoType field matches the user information
- record type.
-
- @param[in] User Points to the user profile record to search.
- @param[in] InfoType The infomation type to be searched.
- @param[out] Info Points to the user info found, the caller is responsible
- to free.
-
- @retval EFI_SUCCESS Find the user information successfully.
- @retval Others Fail to find the user information.
-
-**/
-EFI_STATUS
-FindUserInfoByType (
- IN EFI_USER_PROFILE_HANDLE User,
- IN UINT8 InfoType,
- OUT EFI_USER_INFO **Info
- )
-{
- EFI_STATUS Status;
- EFI_USER_INFO *UserInfo;
- UINTN UserInfoSize;
- EFI_USER_INFO_HANDLE UserInfoHandle;
- EFI_USER_MANAGER_PROTOCOL *UserManager;
-
- //
- // Find user information by information type.
- //
- if (Info == NULL) {
- return EFI_INVALID_PARAMETER;
- }
-
- Status = gBS->LocateProtocol (
- &gEfiUserManagerProtocolGuid,
- NULL,
- (VOID **) &UserManager
- );
- if (EFI_ERROR (Status)) {
- return EFI_NOT_FOUND;
- }
-
- //
- // Get each user information.
- //
-
- UserInfoHandle = NULL;
- UserInfo = NULL;
- UserInfoSize = 0;
- while (TRUE) {
- Status = UserManager->GetNextInfo (UserManager, User, &UserInfoHandle);
- if (EFI_ERROR (Status)) {
- break;
- }
- //
- // Get information.
- //
- Status = UserManager->GetInfo (
- UserManager,
- User,
- UserInfoHandle,
- UserInfo,
- &UserInfoSize
- );
- if (Status == EFI_BUFFER_TOO_SMALL) {
- if (UserInfo != NULL) {
- FreePool (UserInfo);
- }
- UserInfo = AllocateZeroPool (UserInfoSize);
- if (UserInfo == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
- Status = UserManager->GetInfo (
- UserManager,
- User,
- UserInfoHandle,
- UserInfo,
- &UserInfoSize
- );
- }
- if (EFI_ERROR (Status)) {
- break;
- }
-
- ASSERT (UserInfo != NULL);
- if (UserInfo->InfoType == InfoType) {
- *Info = UserInfo;
- return EFI_SUCCESS;
- }
- }
-
- if (UserInfo != NULL) {
- FreePool (UserInfo);
- }
- return Status;
-}
-
-
-/**
- This function initialize the data mainly used in form browser.
-
- @retval EFI_SUCCESS Initialize form data successfully.
- @retval Others Fail to Initialize form data.
-
-**/
-EFI_STATUS
-InitFormBrowser (
- VOID
- )
-{
- USB_PROVIDER_CALLBACK_INFO *CallbackInfo;
-
- //
- // Initialize driver private data.
- //
- CallbackInfo = AllocateZeroPool (sizeof (USB_PROVIDER_CALLBACK_INFO));
- if (CallbackInfo == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
-
- CallbackInfo->DriverHandle = NULL;
-
- //
- // Publish HII data.
- //
- CallbackInfo->HiiHandle = HiiAddPackages (
- &gUsbCredentialProviderGuid,
- CallbackInfo->DriverHandle,
- UsbCredentialProviderStrings,
- NULL
- );
- if (CallbackInfo->HiiHandle == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
- mCallbackInfo = CallbackInfo;
-
- return EFI_SUCCESS;
-}
-
-
-/**
- Enroll a user on a credential provider.
-
- This function enrolls a user on this credential provider. If the user exists on
- this credential provider, update the user information on this credential provider;
- otherwise add the user information on credential provider.
-
- @param[in] This Points to this instance of EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in] User The user profile to enroll.
-
- @retval EFI_SUCCESS User profile was successfully enrolled.
- @retval EFI_ACCESS_DENIED Current user profile does not permit enrollment on the
- user profile handle. Either the user profile cannot enroll
- on any user profile or cannot enroll on a user profile
- other than the current user profile.
- @retval EFI_UNSUPPORTED This credential provider does not support enrollment in
- the pre-OS.
- @retval EFI_DEVICE_ERROR The new credential could not be created because of a device
- error.
- @retval EFI_INVALID_PARAMETER User does not refer to a valid user profile handle.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialEnroll (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN EFI_USER_PROFILE_HANDLE User
- )
-{
- EFI_STATUS Status;
- UINTN Index;
- USB_INFO UsbInfo;
- EFI_USER_INFO *UserInfo;
- EFI_INPUT_KEY Key;
- UINT8 *UserId;
- CHAR16 *QuestionStr;
- CHAR16 *PromptStr;
-
- if ((This == NULL) || (User == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- //
- // Get User Identifier
- //
- UserInfo = NULL;
- Status = FindUserInfoByType (
- User,
- EFI_USER_INFO_IDENTIFIER_RECORD,
- &UserInfo
- );
- if (EFI_ERROR (Status)) {
- return EFI_INVALID_PARAMETER;
- }
-
- CopyMem (UsbInfo.UserId, (UINT8 *) (UserInfo + 1), sizeof (EFI_USER_INFO_IDENTIFIER));
- FreePool (UserInfo);
-
- //
- // Get Token and User ID to UsbInfo.
- //
- Status = GetToken (UsbInfo.Token);
- if (EFI_ERROR (Status)) {
- QuestionStr = GetStringById (STRING_TOKEN (STR_READ_USB_TOKEN_ERROR));
- PromptStr = GetStringById (STRING_TOKEN (STR_INSERT_USB_TOKEN));
- CreatePopUp (
- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
- &Key,
- QuestionStr,
- L"",
- PromptStr,
- NULL
- );
- FreePool (QuestionStr);
- FreePool (PromptStr);
- return Status;
- }
-
- //
- // Check whether User is ever enrolled in the provider.
- //
- for (Index = 0; Index < mUsbTable->Count; Index++) {
- UserId = (UINT8 *) &mUsbTable->UserInfo[Index].UserId;
- if (CompareMem (UserId, (UINT8 *) &UsbInfo.UserId, sizeof (EFI_USER_INFO_IDENTIFIER)) == 0) {
- //
- // User already exists, update the password.
- //
- break;
- }
- }
-
- //
- // Enroll the User to the provider.
- //
- Status = ModifyTable (Index, &UsbInfo);
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- return EFI_SUCCESS;
-}
-
-
-/**
- Returns the user interface information used during user identification.
-
- This function returns information about the form used when interacting with the
- user during user identification. The form is the first enabled form in the form-set
- class EFI_HII_USER_CREDENTIAL_FORMSET_GUID installed on the HII handle HiiHandle. If
- the user credential provider does not require a form to identify the user, then this
- function should return EFI_NOT_FOUND.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[out] Hii On return, holds the HII database handle.
- @param[out] FormSetId On return, holds the identifier of the form set which contains
- the form used during user identification.
- @param[out] FormId On return, holds the identifier of the form used during user
- identification.
-
- @retval EFI_SUCCESS Form returned successfully.
- @retval EFI_NOT_FOUND Form not returned.
- @retval EFI_INVALID_PARAMETER Hii is NULL or FormSetId is NULL or FormId is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialForm (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- OUT EFI_HII_HANDLE *Hii,
- OUT EFI_GUID *FormSetId,
- OUT EFI_FORM_ID *FormId
- )
-{
- if ((This == NULL) || (Hii == NULL) ||
- (FormSetId == NULL) || (FormId == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
- return EFI_NOT_FOUND;
-}
-
-
-/**
- Returns bitmap used to describe the credential provider type.
-
- This optional function returns a bitmap which is less than or equal to the number
- of pixels specified by Width and Height. If no such bitmap exists, then EFI_NOT_FOUND
- is returned.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in, out] Width On entry, points to the desired bitmap width. If NULL then no
- bitmap information will be returned. On exit, points to the
- width of the bitmap returned.
- @param[in, out] Height On entry, points to the desired bitmap height. If NULL then no
- bitmap information will be returned. On exit, points to the
- height of the bitmap returned.
- @param[out] Hii On return, holds the HII database handle.
- @param[out] Image On return, holds the HII image identifier.
-
- @retval EFI_SUCCESS Image identifier returned successfully.
- @retval EFI_NOT_FOUND Image identifier not returned.
- @retval EFI_INVALID_PARAMETER Hii is NULL or Image is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialTile (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN OUT UINTN *Width,
- IN OUT UINTN *Height,
- OUT EFI_HII_HANDLE *Hii,
- OUT EFI_IMAGE_ID *Image
- )
-{
- if ((This == NULL) || (Hii == NULL) || (Image == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
- return EFI_NOT_FOUND;
-}
-
-
-/**
- Returns string used to describe the credential provider type.
-
- This function returns a string which describes the credential provider. If no
- such string exists, then EFI_NOT_FOUND is returned.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[out] Hii On return, holds the HII database handle.
- @param[out] String On return, holds the HII string identifier.
-
- @retval EFI_SUCCESS String identifier returned successfully.
- @retval EFI_NOT_FOUND String identifier not returned.
- @retval EFI_INVALID_PARAMETER Hii is NULL or String is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialTitle (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- OUT EFI_HII_HANDLE *Hii,
- OUT EFI_STRING_ID *String
- )
-{
- if ((This == NULL) || (Hii == NULL) || (String == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
- //
- // Set Hii handle and String ID.
- //
- *Hii = mCallbackInfo->HiiHandle;
- *String = STRING_TOKEN (STR_CREDENTIAL_TITLE);
-
- return EFI_SUCCESS;
-}
-
-
-/**
- Return the user identifier associated with the currently authenticated user.
-
- This function returns the user identifier of the user authenticated by this credential
- provider. This function is called after the credential-related information has been
- submitted on a form OR after a call to Default() has returned that this credential is
- ready to log on.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in] User The user profile handle of the user profile currently being
- considered by the user identity manager. If NULL, then no user
- profile is currently under consideration.
- @param[out] Identifier On return, points to the user identifier.
-
- @retval EFI_SUCCESS User identifier returned successfully.
- @retval EFI_NOT_READY No user identifier can be returned.
- @retval EFI_ACCESS_DENIED The user has been locked out of this user credential.
- @retval EFI_INVALID_PARAMETER This is NULL, or Identifier is NULL.
- @retval EFI_NOT_FOUND User is not NULL, and the specified user handle can't be
- found in user profile database.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialUser (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN EFI_USER_PROFILE_HANDLE User,
- OUT EFI_USER_INFO_IDENTIFIER *Identifier
- )
-{
- EFI_STATUS Status;
- UINTN Index;
- EFI_USER_INFO *UserInfo;
- UINT8 *UserId;
- UINT8 *NewUserId;
- UINT8 *UserToken;
- UINT8 ReadToken[HASHED_CREDENTIAL_LEN];
- EFI_INPUT_KEY Key;
- CHAR16 *QuestionStr;
- CHAR16 *PromptStr;
-
- if ((This == NULL) || (Identifier == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- if (User == NULL) {
- //
- // Verify the auto logon user, get user id by matched token.
- //
- if (mUsbTable->Count == 0) {
- return EFI_NOT_READY;
- }
-
- //
- // No user selected, get token first and verify the user existed in user database.
- //
- Status = GetToken (ReadToken);
- if (EFI_ERROR (Status)) {
- return EFI_NOT_READY;
- }
-
- for (Index = 0; Index < mUsbTable->Count; Index++) {
- //
- // find the specified credential in the Usb credential database.
- //
- UserToken = mUsbTable->UserInfo[Index].Token;
- if (CompareMem (UserToken, ReadToken, HASHED_CREDENTIAL_LEN) == 0) {
- UserId = (UINT8 *) &mUsbTable->UserInfo[Index].UserId;
- CopyMem (Identifier, UserId, sizeof (EFI_USER_INFO_IDENTIFIER));
- return EFI_SUCCESS;
- }
- }
-
- return EFI_NOT_READY;
- }
-
- //
- // User is not NULL here. Read a token, and check whether the token matches with
- // the selected user's Token. If not, try to find a token in token DB to matches
- // with read token.
- //
-
- Status = GetToken (ReadToken);
- if (EFI_ERROR (Status)) {
- QuestionStr = GetStringById (STRING_TOKEN (STR_READ_USB_TOKEN_ERROR));
- PromptStr = GetStringById (STRING_TOKEN (STR_INSERT_USB_TOKEN));
- CreatePopUp (
- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
- &Key,
- QuestionStr,
- L"",
- PromptStr,
- NULL
- );
- FreePool (QuestionStr);
- FreePool (PromptStr);
- return EFI_NOT_FOUND;
- }
-
- //
- // Get the selected user's identifier.
- //
- Status = FindUserInfoByType (User, EFI_USER_INFO_IDENTIFIER_RECORD, &UserInfo);
- if (EFI_ERROR (Status)) {
- return EFI_NOT_FOUND;
- }
-
- //
- // Check the selected user's Token with the read token.
- //
- for (Index = 0; Index < mUsbTable->Count; Index++) {
- UserId = (UINT8 *) &mUsbTable->UserInfo[Index].UserId;
- NewUserId = (UINT8 *) (UserInfo + 1);
- if (CompareMem (UserId, NewUserId, sizeof (EFI_USER_INFO_IDENTIFIER)) == 0) {
- //
- // The user's ID is found in the UsbTable.
- //
- UserToken = mUsbTable->UserInfo[Index].Token;
- if (CompareMem (UserToken, ReadToken, HASHED_CREDENTIAL_LEN) == 0) {
- //
- // The read token matches with the one in UsbTable.
- //
- CopyMem (Identifier, UserId, sizeof (EFI_USER_INFO_IDENTIFIER));
- FreePool (UserInfo);
- return EFI_SUCCESS;
- }
- }
- }
-
- FreePool (UserInfo);
-
- return EFI_NOT_READY;
-}
-
-
-/**
- Indicate that user interface interaction has begun for the specified credential.
-
- This function is called when a credential provider is selected by the user. If
- AutoLogon returns FALSE, then the user interface will be constructed by the User
- Identity Manager.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[out] AutoLogon On return, points to the credential provider's capabilities
- after the credential provider has been selected by the user.
-
- @retval EFI_SUCCESS Credential provider successfully selected.
- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialSelect (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
- )
-{
- if ((This == NULL) || (AutoLogon == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- *AutoLogon = EFI_CREDENTIAL_LOGON_FLAG_DEFAULT | EFI_CREDENTIAL_LOGON_FLAG_AUTO;
-
- return EFI_SUCCESS;
-}
-
-
-/**
- Indicate that user interface interaction has ended for the specified credential.
-
- This function is called when a credential provider is deselected by the user.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
-
- @retval EFI_SUCCESS Credential provider successfully deselected.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialDeselect (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This
- )
-{
- if (This == NULL) {
- return EFI_INVALID_PARAMETER;
- }
- return EFI_SUCCESS;
-}
-
-
-/**
- Return the default logon behavior for this user credential.
-
- This function reports the default login behavior regarding this credential provider.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[out] AutoLogon On return, holds whether the credential provider should be used
- by default to automatically log on the user.
-
- @retval EFI_SUCCESS Default information successfully returned.
- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialDefault (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
- )
-{
- if ((This == NULL) || (AutoLogon == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- *AutoLogon = EFI_CREDENTIAL_LOGON_FLAG_DEFAULT | EFI_CREDENTIAL_LOGON_FLAG_AUTO;
- return EFI_SUCCESS;
-}
-
-
-/**
- Return information attached to the credential provider.
-
- This function returns user information.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in] UserInfo Handle of the user information data record.
- @param[out] Info On entry, points to a buffer of at least *InfoSize bytes. On
- exit, holds the user information. If the buffer is too small
- to hold the information, then EFI_BUFFER_TOO_SMALL is returned
- and InfoSize is updated to contain the number of bytes actually
- required.
- @param[in, out] InfoSize On entry, points to the size of Info. On return, points to the
- size of the user information.
-
- @retval EFI_SUCCESS Information returned successfully.
- @retval EFI_BUFFER_TOO_SMALL The size specified by InfoSize is too small to hold all of the
- user information. The size required is returned in *InfoSize.
- @retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
- @retval EFI_NOT_FOUND The specified UserInfo does not refer to a valid user info handle.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialGetInfo (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN EFI_USER_INFO_HANDLE UserInfo,
- OUT EFI_USER_INFO *Info,
- IN OUT UINTN *InfoSize
- )
-{
- EFI_USER_INFO *CredentialInfo;
- UINTN Index;
-
- if ((This == NULL) || (InfoSize == NULL) || (Info == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- if ((UserInfo == NULL) || (mUsbInfoHandle == NULL)) {
- return EFI_NOT_FOUND;
- }
-
- //
- // Find information handle in credential info table.
- //
- for (Index = 0; Index < mUsbInfoHandle->Count; Index++) {
- CredentialInfo = mUsbInfoHandle->Info[Index];
- if (UserInfo == (EFI_USER_INFO_HANDLE)CredentialInfo) {
- //
- // The handle is found, copy the user info.
- //
- if (CredentialInfo->InfoSize > *InfoSize) {
- *InfoSize = CredentialInfo->InfoSize;
- return EFI_BUFFER_TOO_SMALL;
- }
-
- CopyMem (Info, CredentialInfo, CredentialInfo->InfoSize);
- return EFI_SUCCESS;
- }
- }
-
- return EFI_NOT_FOUND;
-}
-
-
-/**
- Enumerate all of the user informations on the credential provider.
-
- This function returns the next user information record. To retrieve the first user
- information record handle, point UserInfo at a NULL. Each subsequent call will retrieve
- another user information record handle until there are no more, at which point UserInfo
- will point to NULL.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in, out] UserInfo On entry, points to the previous user information handle or NULL
- to start enumeration. On exit, points to the next user information
- handle or NULL if there is no more user information.
-
- @retval EFI_SUCCESS User information returned.
- @retval EFI_NOT_FOUND No more user information found.
- @retval EFI_INVALID_PARAMETER UserInfo is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialGetNextInfo (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN OUT EFI_USER_INFO_HANDLE *UserInfo
- )
-{
- EFI_USER_INFO *Info;
- CHAR16 *ProvNameStr;
- UINTN InfoLen;
- UINTN Index;
- UINTN ProvStrLen;
-
- if ((This == NULL) || (UserInfo == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- if (mUsbInfoHandle == NULL) {
- //
- // Initilized user info table. There are 4 user info records in the table.
- //
- InfoLen = sizeof (USB_CREDENTIAL_INFO) + (4 - 1) * sizeof (EFI_USER_INFO *);
- mUsbInfoHandle = AllocateZeroPool (InfoLen);
- if (mUsbInfoHandle == NULL) {
- *UserInfo = NULL;
- return EFI_NOT_FOUND;
- }
-
- //
- // The first information, Credential Provider info.
- //
- InfoLen = sizeof (EFI_USER_INFO) + sizeof (EFI_GUID);
- Info = AllocateZeroPool (InfoLen);
- ASSERT (Info != NULL);
-
- Info->InfoType = EFI_USER_INFO_CREDENTIAL_PROVIDER_RECORD;
- Info->InfoSize = (UINT32) InfoLen;
- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
- CopyGuid (&Info->Credential, &gUsbCredentialProviderGuid);
- CopyGuid ((EFI_GUID *)(Info + 1), &gUsbCredentialProviderGuid);
-
- mUsbInfoHandle->Info[0] = Info;
- mUsbInfoHandle->Count++;
-
- //
- // The second information, Credential Provider name info.
- //
- ProvNameStr = GetStringById (STRING_TOKEN (STR_PROVIDER_NAME));
- ProvStrLen = StrSize (ProvNameStr);
- InfoLen = sizeof (EFI_USER_INFO) + ProvStrLen;
- Info = AllocateZeroPool (InfoLen);
- ASSERT (Info != NULL);
-
- Info->InfoType = EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD;
- Info->InfoSize = (UINT32) InfoLen;
- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
- CopyGuid (&Info->Credential, &gUsbCredentialProviderGuid);
- CopyMem ((UINT8*)(Info + 1), ProvNameStr, ProvStrLen);
- FreePool (ProvNameStr);
-
- mUsbInfoHandle->Info[1] = Info;
- mUsbInfoHandle->Count++;
-
- //
- // The third information, Credential Provider type info.
- //
- InfoLen = sizeof (EFI_USER_INFO) + sizeof (EFI_GUID);
- Info = AllocateZeroPool (InfoLen);
- ASSERT (Info != NULL);
-
- Info->InfoType = EFI_USER_INFO_CREDENTIAL_TYPE_RECORD;
- Info->InfoSize = (UINT32) InfoLen;
- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
- CopyGuid (&Info->Credential, &gUsbCredentialProviderGuid);
- CopyGuid ((EFI_GUID *)(Info + 1), &gEfiUserCredentialClassSecureCardGuid);
-
- mUsbInfoHandle->Info[2] = Info;
- mUsbInfoHandle->Count++;
-
- //
- // The fourth information, Credential Provider type name info.
- //
- ProvNameStr = GetStringById (STRING_TOKEN (STR_PROVIDER_TYPE_NAME));
- ProvStrLen = StrSize (ProvNameStr);
- InfoLen = sizeof (EFI_USER_INFO) + ProvStrLen;
- Info = AllocateZeroPool (InfoLen);
- ASSERT (Info != NULL);
-
- Info->InfoType = EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD;
- Info->InfoSize = (UINT32) InfoLen;
- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
- CopyGuid (&Info->Credential, &gUsbCredentialProviderGuid);
- CopyMem ((UINT8*)(Info + 1), ProvNameStr, ProvStrLen);
- FreePool (ProvNameStr);
-
- mUsbInfoHandle->Info[3] = Info;
- mUsbInfoHandle->Count++;
- }
-
- if (*UserInfo == NULL) {
- //
- // Return the first info handle.
- //
- *UserInfo = (EFI_USER_INFO_HANDLE) mUsbInfoHandle->Info[0];
- return EFI_SUCCESS;
- }
-
- //
- // Find information handle in credential info table.
- //
- for (Index = 0; Index < mUsbInfoHandle->Count; Index++) {
- Info = mUsbInfoHandle->Info[Index];
- if (*UserInfo == (EFI_USER_INFO_HANDLE)Info) {
- //
- // The handle is found, get the next one.
- //
- if (Index == mUsbInfoHandle->Count - 1) {
- //
- // Already last one.
- //
- *UserInfo = NULL;
- return EFI_NOT_FOUND;
- }
- Index++;
- *UserInfo = (EFI_USER_INFO_HANDLE)mUsbInfoHandle->Info[Index];
- return EFI_SUCCESS;
- }
- }
-
- *UserInfo = NULL;
- return EFI_NOT_FOUND;
-}
-
-
-/**
- Delete a user on this credential provider.
-
- This function deletes a user on this credential provider.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in] User The user profile handle to delete.
-
- @retval EFI_SUCCESS User profile was successfully deleted.
- @retval EFI_ACCESS_DENIED Current user profile does not permit deletion on the user profile handle.
- Either the user profile cannot delete on any user profile or cannot delete
- on a user profile other than the current user profile.
- @retval EFI_UNSUPPORTED This credential provider does not support deletion in the pre-OS.
- @retval EFI_DEVICE_ERROR The new credential could not be deleted because of a device error.
- @retval EFI_INVALID_PARAMETER User does not refer to a valid user profile handle.
-**/
-EFI_STATUS
-EFIAPI
-CredentialDelete (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN EFI_USER_PROFILE_HANDLE User
- )
-{
- EFI_STATUS Status;
- EFI_USER_INFO *UserInfo;
- UINT8 *UserId;
- UINT8 *NewUserId;
- UINTN Index;
-
- if ((This == NULL) || (User == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- //
- // Get User Identifier.
- //
- UserInfo = NULL;
- Status = FindUserInfoByType (
- User,
- EFI_USER_INFO_IDENTIFIER_RECORD,
- &UserInfo
- );
- if (EFI_ERROR (Status)) {
- return EFI_INVALID_PARAMETER;
- }
-
- //
- // Find the user by user identifier in mPwdTable.
- //
- for (Index = 0; Index < mUsbTable->Count; Index++) {
- UserId = (UINT8 *) &mUsbTable->UserInfo[Index].UserId;
- NewUserId = (UINT8 *) (UserInfo + 1);
- if (CompareMem (UserId, NewUserId, sizeof (EFI_USER_INFO_IDENTIFIER)) == 0) {
- //
- // Found the user, delete it.
- //
- ModifyTable (Index, NULL);
- break;
- }
- }
-
- FreePool (UserInfo);
- return EFI_SUCCESS;
-}
-
-
-/**
- Main entry for this driver.
-
- @param ImageHandle Image handle this driver.
- @param SystemTable Pointer to SystemTable.
-
- @retval EFI_SUCESS This function always complete successfully.
-
-**/
-EFI_STATUS
-EFIAPI
-UsbProviderInit (
- IN EFI_HANDLE ImageHandle,
- IN EFI_SYSTEM_TABLE *SystemTable
- )
-{
- EFI_STATUS Status;
-
- //
- // It is NOT robust enough to be included in production.
- //
- #error "This implementation is just a sample, please comment this line if you really want to use this driver."
-
- //
- // Init credential table.
- //
- Status = InitCredentialTable ();
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- //
- // Init Form Browser
- //
- Status = InitFormBrowser ();
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- //
- // Install protocol interfaces for the Usb Credential Provider.
- //
- Status = gBS->InstallProtocolInterface (
- &mCallbackInfo->DriverHandle,
- &gEfiUserCredential2ProtocolGuid,
- EFI_NATIVE_INTERFACE,
- &gUsbCredentialProviderDriver
- );
- return Status;
-}
diff --git a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProvider.h b/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProvider.h
deleted file mode 100644
index 63f6576045..0000000000
--- a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProvider.h
+++ /dev/null
@@ -1,361 +0,0 @@
-/** @file
- Usb Credential Provider driver header file.
-
-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#ifndef _USB_CREDENTIAL_PROVIDER_H_
-#define _USB_CREDENTIAL_PROVIDER_H_
-
-#include <Uefi.h>
-
-#include <Guid/GlobalVariable.h>
-#include <Guid/FileInfo.h>
-#include <Guid/SecurityPkgTokenSpace.h>
-#include <Guid/UsbCredentialProviderHii.h>
-
-#include <Protocol/SimpleFileSystem.h>
-#include <Protocol/BlockIo.h>
-#include <Protocol/UserCredential2.h>
-#include <Protocol/UserManager.h>
-
-#include <Library/UefiRuntimeServicesTableLib.h>
-#include <Library/UefiBootServicesTableLib.h>
-#include <Library/MemoryAllocationLib.h>
-#include <Library/BaseMemoryLib.h>
-#include <Library/DevicePathLib.h>
-#include <Library/BaseCryptLib.h>
-#include <Library/DebugLib.h>
-#include <Library/UefiLib.h>
-#include <Library/PrintLib.h>
-#include <Library/HiiLib.h>
-#include <Library/PcdLib.h>
-
-extern UINT8 UsbCredentialProviderStrings[];
-
-#define USB_TABLE_INC 16
-#define HASHED_CREDENTIAL_LEN 20
-
-//
-// Save the enroll user credential Information.
-//
-typedef struct {
- EFI_USER_INFO_IDENTIFIER UserId;
- UINT8 Token[HASHED_CREDENTIAL_LEN];
-} USB_INFO;
-
-//
-// USB Credential Table.
-//
-typedef struct {
- UINTN Count;
- UINTN MaxCount;
- USB_INFO UserInfo[1];
-} CREDENTIAL_TABLE;
-
-//
-// The user information on the USB provider.
-//
-typedef struct {
- UINTN Count;
- EFI_USER_INFO *Info[1];
-} USB_CREDENTIAL_INFO;
-
-#define USB_PROVIDER_SIGNATURE SIGNATURE_32 ('U', 'S', 'B', 'P')
-
-typedef struct {
- UINTN Signature;
- EFI_HANDLE DriverHandle;
- EFI_HII_HANDLE HiiHandle;
-} USB_PROVIDER_CALLBACK_INFO;
-
-/**
- Enroll a user on a credential provider.
-
- This function enrolls and deletes a user profile using this credential provider.
- If a user profile is successfully enrolled, it calls the User Manager Protocol
- function Notify() to notify the user manager driver that credential information
- has changed. If an enrolled user does exist, delete the user on the credential
- provider.
-
- @param[in] This Points to this instance of EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in] User The user profile to enroll.
-
- @retval EFI_SUCCESS User profile was successfully enrolled.
- @retval EFI_ACCESS_DENIED Current user profile does not permit enrollment on the
- user profile handle. Either the user profile cannot enroll
- on any user profile or cannot enroll on a user profile
- other than the current user profile.
- @retval EFI_UNSUPPORTED This credential provider does not support enrollment in
- the pre-OS.
- @retval EFI_DEVICE_ERROR The new credential could not be created because of a device
- error.
- @retval EFI_INVALID_PARAMETER User does not refer to a valid user profile handle.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialEnroll (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN EFI_USER_PROFILE_HANDLE User
- );
-
-/**
- Returns the user interface information used during user identification.
-
- This function enrolls a user on this credential provider. If the user exists on
- this credential provider, update the user information on this credential provider;
- otherwise delete the user information on credential provider.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[out] Hii On return, holds the HII database handle.
- @param[out] FormSetId On return, holds the identifier of the form set which contains
- the form used during user identification.
- @param[out] FormId On return, holds the identifier of the form used during user
- identification.
-
- @retval EFI_SUCCESS Form returned successfully.
- @retval EFI_NOT_FOUND Form not returned.
- @retval EFI_INVALID_PARAMETER Hii is NULL or FormSetId is NULL or FormId is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialForm (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- OUT EFI_HII_HANDLE *Hii,
- OUT EFI_GUID *FormSetId,
- OUT EFI_FORM_ID *FormId
- );
-
-/**
- Returns bitmap used to describe the credential provider type.
-
- This optional function returns a bitmap which is less than or equal to the number
- of pixels specified by Width and Height. If no such bitmap exists, then EFI_NOT_FOUND
- is returned.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in, out] Width On entry, points to the desired bitmap width. If NULL then no
- bitmap information will be returned. On exit, points to the
- width of the bitmap returned.
- @param[in, out] Height On entry, points to the desired bitmap height. If NULL then no
- bitmap information will be returned. On exit, points to the
- height of the bitmap returned.
- @param[out] Hii On return, holds the HII database handle.
- @param[out] Image On return, holds the HII image identifier.
-
- @retval EFI_SUCCESS Image identifier returned successfully.
- @retval EFI_NOT_FOUND Image identifier not returned.
- @retval EFI_INVALID_PARAMETER Hii is NULL or Image is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialTile (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN OUT UINTN *Width,
- IN OUT UINTN *Height,
- OUT EFI_HII_HANDLE *Hii,
- OUT EFI_IMAGE_ID *Image
- );
-
-/**
- Returns string used to describe the credential provider type.
-
- This function returns a string which describes the credential provider. If no
- such string exists, then EFI_NOT_FOUND is returned.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[out] Hii On return, holds the HII database handle.
- @param[out] String On return, holds the HII string identifier.
-
- @retval EFI_SUCCESS String identifier returned successfully.
- @retval EFI_NOT_FOUND String identifier not returned.
- @retval EFI_INVALID_PARAMETER Hii is NULL or String is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialTitle (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- OUT EFI_HII_HANDLE *Hii,
- OUT EFI_STRING_ID *String
- );
-
-/**
- Return the user identifier associated with the currently authenticated user.
-
- This function returns the user identifier of the user authenticated by this credential
- provider. This function is called after the credential-related information has been
- submitted on a form OR after a call to Default() has returned that this credential is
- ready to log on.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in] User The user profile handle of the user profile currently being
- considered by the user identity manager. If NULL, then no user
- profile is currently under consideration.
- @param[out] Identifier On return, points to the user identifier.
-
- @retval EFI_SUCCESS User identifier returned successfully.
- @retval EFI_NOT_READY No user identifier can be returned.
- @retval EFI_ACCESS_DENIED The user has been locked out of this user credential.
- @retval EFI_INVALID_PARAMETER This is NULL, or Identifier is NULL.
- @retval EFI_NOT_FOUND User is not NULL, and the specified user handle can't be
- found in user profile database.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialUser (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN EFI_USER_PROFILE_HANDLE User,
- OUT EFI_USER_INFO_IDENTIFIER *Identifier
- );
-
-/**
- Indicate that user interface interaction has begun for the specified credential.
-
- This function is called when a credential provider is selected by the user. If
- AutoLogon returns FALSE, then the user interface will be constructed by the User
- Identity Manager.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[out] AutoLogon On return, points to the credential provider's capabilities
- after the credential provider has been selected by the user.
-
- @retval EFI_SUCCESS Credential provider successfully selected.
- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialSelect (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
- );
-
-/**
- Indicate that user interface interaction has ended for the specified credential.
-
- This function is called when a credential provider is deselected by the user.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
-
- @retval EFI_SUCCESS Credential provider successfully deselected.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialDeselect (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This
- );
-
-/**
- Return the default logon behavior for this user credential.
-
- This function reports the default login behavior regarding this credential provider.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[out] AutoLogon On return, holds whether the credential provider should be used
- by default to automatically log on the user.
-
- @retval EFI_SUCCESS Default information successfully returned.
- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialDefault (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
- );
-
-/**
- Return information attached to the credential provider.
-
- This function returns user information.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in] UserInfo Handle of the user information data record.
- @param[out] Info On entry, points to a buffer of at least *InfoSize bytes. On
- exit, holds the user information. If the buffer is too small
- to hold the information, then EFI_BUFFER_TOO_SMALL is returned
- and InfoSize is updated to contain the number of bytes actually
- required.
- @param[in, out] InfoSize On entry, points to the size of Info. On return, points to the
- size of the user information.
-
- @retval EFI_SUCCESS Information returned successfully.
- @retval EFI_BUFFER_TOO_SMALL The size specified by InfoSize is too small to hold all of the
- user information. The size required is returned in *InfoSize.
- @retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
- @retval EFI_NOT_FOUND The specified UserInfo does not refer to a valid user info handle.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialGetInfo (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN EFI_USER_INFO_HANDLE UserInfo,
- OUT EFI_USER_INFO *Info,
- IN OUT UINTN *InfoSize
- );
-
-/**
- Enumerate all of the user informations on the credential provider.
-
- This function returns the next user information record. To retrieve the first user
- information record handle, point UserInfo at a NULL. Each subsequent call will retrieve
- another user information record handle until there are no more, at which point UserInfo
- will point to NULL.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in, out] UserInfo On entry, points to the previous user information handle or NULL
- to start enumeration. On exit, points to the next user information
- handle or NULL if there is no more user information.
-
- @retval EFI_SUCCESS User information returned.
- @retval EFI_NOT_FOUND No more user information found.
- @retval EFI_INVALID_PARAMETER UserInfo is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-CredentialGetNextInfo (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN OUT EFI_USER_INFO_HANDLE *UserInfo
- );
-
-/**
- Delete a user on this credential provider.
-
- This function deletes a user on this credential provider.
-
- @param[in] This Points to this instance of the EFI_USER_CREDENTIAL2_PROTOCOL.
- @param[in] User The user profile handle to delete.
-
- @retval EFI_SUCCESS User profile was successfully deleted.
- @retval EFI_ACCESS_DENIED Current user profile does not permit deletion on the user profile handle.
- Either the user profile cannot delete on any user profile or cannot delete
- on a user profile other than the current user profile.
- @retval EFI_UNSUPPORTED This credential provider does not support deletion in the pre-OS.
- @retval EFI_DEVICE_ERROR The new credential could not be deleted because of a device error.
- @retval EFI_INVALID_PARAMETER User does not refer to a valid user profile handle.
-**/
-EFI_STATUS
-EFIAPI
-CredentialDelete (
- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
- IN EFI_USER_PROFILE_HANDLE User
- );
-
-#endif
diff --git a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProvider.uni b/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProvider.uni
deleted file mode 100644
index 961e09f360..0000000000
--- a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProvider.uni
+++ /dev/null
@@ -1,23 +0,0 @@
-// /** @file
-// Provides a USB credential provider implementation
-//
-// This module reads a token from a token file that is saved in the root
-// folder of a USB stick. The token file name can be specified by the PCD
-// PcdFixedUsbCredentialProviderTokenFileName.
-//
-// Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
-//
-// This program and the accompanying materials
-// are licensed and made available under the terms and conditions of the BSD License
-// which accompanies this distribution. The full text of the license may be found at
-// http://opensource.org/licenses/bsd-license.php
-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-//
-// **/
-
-
-#string STR_MODULE_ABSTRACT #language en-US "Provides a USB credential provider implementation"
-
-#string STR_MODULE_DESCRIPTION #language en-US "This module reads a token from a token file that is saved in the root folder of a USB stick. The token file name can be specified by the PCD PcdFixedUsbCredentialProviderTokenFileName."
-
diff --git a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProviderDxe.inf b/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProviderDxe.inf
deleted file mode 100644
index 1e8e42332f..0000000000
--- a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProviderDxe.inf
+++ /dev/null
@@ -1,70 +0,0 @@
-## @file
-# Provides a USB credential provider implementation
-#
-# This module reads a token from a token file that is saved in the root
-# folder of a USB stick. The token file name can be specified by the PCD
-# PcdFixedUsbCredentialProviderTokenFileName.
-#
-# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
-# This program and the accompanying materials
-# are licensed and made available under the terms and conditions of the BSD License
-# which accompanies this distribution. The full text of the license may be found at
-# http://opensource.org/licenses/bsd-license.php
-# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-#
-##
-
-[Defines]
- INF_VERSION = 0x00010005
- BASE_NAME = UsbCredentialProvider
- MODULE_UNI_FILE = UsbCredentialProvider.uni
- FILE_GUID = 672A0C68-2BF0-46f9-93C3-C4E7DC0FA555
- MODULE_TYPE = UEFI_DRIVER
- VERSION_STRING = 1.0
- ENTRY_POINT = UsbProviderInit
-
-[Sources]
- UsbCredentialProvider.c
- UsbCredentialProvider.h
- UsbCredentialProviderStrings.uni
-
-[Packages]
- MdePkg/MdePkg.dec
- MdeModulePkg/MdeModulePkg.dec
- CryptoPkg/CryptoPkg.dec
- SecurityPkg/SecurityPkg.dec
-
-[LibraryClasses]
- UefiRuntimeServicesTableLib
- UefiBootServicesTableLib
- UefiDriverEntryPoint
- MemoryAllocationLib
- BaseMemoryLib
- DebugLib
- HiiLib
- UefiLib
- BaseCryptLib
-
-[Guids]
- ## PRODUCES ## Variable:L"UsbCredential"
- ## CONSUMES ## Variable:L"UsbCredential"
- ## CONSUMES ## HII
- ## SOMETIMES_CONSUMES ## GUID # The credential provider identifier
- gUsbCredentialProviderGuid
-
- gEfiFileInfoGuid ## SOMETIMES_CONSUMES ## GUID
- gEfiUserCredentialClassSecureCardGuid ## SOMETIMES_CONSUMES ## GUID
-
-[Pcd]
- gEfiSecurityPkgTokenSpaceGuid.PcdFixedUsbCredentialProviderTokenFileName ## SOMETIMES_CONSUMES
-
-[Protocols]
- gEfiUserCredential2ProtocolGuid ## PRODUCES
- gEfiUserManagerProtocolGuid ## SOMETIMES_CONSUMES
- gEfiBlockIoProtocolGuid ## SOMETIMES_CONSUMES
- gEfiSimpleFileSystemProtocolGuid ## SOMETIMES_CONSUMES
-
-[UserExtensions.TianoCore."ExtraFiles"]
- UsbCredentialProviderExtra.uni
-
diff --git a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProviderExtra.uni b/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProviderExtra.uni
deleted file mode 100644
index a20917d5f7..0000000000
--- a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProviderExtra.uni
+++ /dev/null
@@ -1,19 +0,0 @@
-// /** @file
-// UsbCredentialProvider Localized Strings and Content
-//
-// Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
-//
-// This program and the accompanying materials
-// are licensed and made available under the terms and conditions of the BSD License
-// which accompanies this distribution. The full text of the license may be found at
-// http://opensource.org/licenses/bsd-license.php
-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-//
-// **/
-
-#string STR_PROPERTIES_MODULE_NAME
-#language en-US
-"USB Credential Provider"
-
-
diff --git a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProviderStrings.uni b/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProviderStrings.uni
deleted file mode 100644
index f306d50a4e..0000000000
--- a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProviderStrings.uni
+++ /dev/null
@@ -1,29 +0,0 @@
-/** @file
- String definitions for the USB Credential Provider.
-
-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php.
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#langdef en-US "English"
-#langdef fr-FR "Francais"
-
-#string STR_CREDENTIAL_TITLE #language en-US "USB Credential Provider"
- #language fr-FR "USB Credential Provider (French)"
-#string STR_NULL_STRING #language en-US ""
- #language fr-FR ""
-#string STR_PROVIDER_NAME #language en-US "INTEL USB Credential Provider"
- #language fr-FR "INTEL USB Credential Provider (French)"
-#string STR_PROVIDER_TYPE_NAME #language en-US "Secure Card Credential Provider"
- #language fr-FR "Secure Card Credential Provider (French)"
-#string STR_READ_USB_TOKEN_ERROR #language en-US "Read USB Token File Error!"
- #language fr-FR "Read USB Token File Error! (French)"
-#string STR_INSERT_USB_TOKEN #language en-US "Please insert USB key with Token"
- #language fr-FR "Please insert USB key with Token (French)"
diff --git a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/LoadDeferredImage.c b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/LoadDeferredImage.c
deleted file mode 100644
index 2cfe130db8..0000000000
--- a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/LoadDeferredImage.c
+++ /dev/null
@@ -1,148 +0,0 @@
-/** @file
- Load the deferred images after user is identified.
-
-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#include "UserIdentifyManager.h"
-
-EFI_HANDLE mDeferredImageHandle;
-
-/**
- The function will load all the deferred images again. If the deferred image is loaded
- successfully, try to start it.
-
- @param Event Event whose notification function is being invoked.
- @param Context Pointer to the notification function's context
-
-**/
-VOID
-EFIAPI
-LoadDeferredImage (
- IN EFI_EVENT Event,
- IN VOID *Context
- )
-{
- EFI_STATUS Status;
- EFI_DEFERRED_IMAGE_LOAD_PROTOCOL *DeferredImage;
- UINTN HandleCount;
- EFI_HANDLE *HandleBuf;
- UINTN Index;
- UINTN DriverIndex;
- EFI_DEVICE_PATH_PROTOCOL *ImageDevicePath;
- VOID *DriverImage;
- UINTN ImageSize;
- BOOLEAN BootOption;
- EFI_HANDLE ImageHandle;
- UINTN ExitDataSize;
- CHAR16 *ExitData;
-
- //
- // Find all the deferred image load protocols.
- //
- HandleCount = 0;
- HandleBuf = NULL;
- Status = gBS->LocateHandleBuffer (
- ByProtocol,
- &gEfiDeferredImageLoadProtocolGuid,
- NULL,
- &HandleCount,
- &HandleBuf
- );
- if (EFI_ERROR (Status)) {
- return ;
- }
-
- for (Index = 0; Index < HandleCount; Index++) {
- Status = gBS->HandleProtocol (
- HandleBuf[Index],
- &gEfiDeferredImageLoadProtocolGuid,
- (VOID **) &DeferredImage
- );
- if (EFI_ERROR (Status)) {
- continue ;
- }
-
- DriverIndex = 0;
- do {
- //
- // Load all the deferred images in this protocol instance.
- //
- Status = DeferredImage->GetImageInfo(
- DeferredImage,
- DriverIndex,
- &ImageDevicePath,
- (VOID **) &DriverImage,
- &ImageSize,
- &BootOption
- );
- if (EFI_ERROR (Status)) {
- break;
- }
-
- //
- // Load and start the image.
- //
- Status = gBS->LoadImage (
- BootOption,
- mDeferredImageHandle,
- ImageDevicePath,
- NULL,
- 0,
- &ImageHandle
- );
- if (!EFI_ERROR (Status)) {
- //
- // Before calling the image, enable the Watchdog Timer for
- // a 5 Minute period
- //
- gBS->SetWatchdogTimer (5 * 60, 0x0000, 0x00, NULL);
- Status = gBS->StartImage (ImageHandle, &ExitDataSize, &ExitData);
-
- //
- // Clear the Watchdog Timer after the image returns.
- //
- gBS->SetWatchdogTimer (0x0000, 0x0000, 0x0000, NULL);
- }
- DriverIndex++;
- } while (TRUE);
- }
- FreePool (HandleBuf);
-}
-
-
-/**
- Register an event notification function for user profile changed.
-
- @param[in] ImageHandle Image handle this driver.
-
-**/
-VOID
-LoadDeferredImageInit (
- IN EFI_HANDLE ImageHandle
- )
-{
- EFI_STATUS Status;
- EFI_EVENT Event;
-
- mDeferredImageHandle = ImageHandle;
-
- Status = gBS->CreateEventEx (
- EVT_NOTIFY_SIGNAL,
- TPL_CALLBACK,
- LoadDeferredImage,
- NULL,
- &gEfiEventUserProfileChangedGuid,
- &Event
- );
-
- ASSERT (Status == EFI_SUCCESS);
-}
diff --git a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManager.c b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManager.c
deleted file mode 100644
index fd941792c1..0000000000
--- a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManager.c
+++ /dev/null
@@ -1,3766 +0,0 @@
-/** @file
- This driver manages user information and produces user manager protocol.
-
-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
-(C) Copyright 2018 Hewlett Packard Enterprise Development LP<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#include "UserIdentifyManager.h"
-
-//
-// Default user name.
-//
-CHAR16 mUserName[] = L"Administrator";
-
-//
-// Points to the user profile database.
-//
-USER_PROFILE_DB *mUserProfileDb = NULL;
-
-//
-// Points to the credential providers found in system.
-//
-CREDENTIAL_PROVIDER_INFO *mProviderDb = NULL;
-
-//
-// Current user shared in multi function.
-//
-EFI_USER_PROFILE_HANDLE mCurrentUser = NULL;
-
-//
-// Flag indicates a user is identified.
-//
-BOOLEAN mIdentified = FALSE;
-USER_MANAGER_CALLBACK_INFO *mCallbackInfo = NULL;
-HII_VENDOR_DEVICE_PATH mHiiVendorDevicePath = {
- {
- {
- HARDWARE_DEVICE_PATH,
- HW_VENDOR_DP,
- {
- (UINT8) (sizeof (VENDOR_DEVICE_PATH)),
- (UINT8) ((sizeof (VENDOR_DEVICE_PATH)) >> 8)
- }
- },
- USER_IDENTIFY_MANAGER_GUID
- },
- {
- END_DEVICE_PATH_TYPE,
- END_ENTIRE_DEVICE_PATH_SUBTYPE,
- {
- (UINT8) (END_DEVICE_PATH_LENGTH),
- (UINT8) ((END_DEVICE_PATH_LENGTH) >> 8)
- }
- }
-};
-
-
-EFI_USER_MANAGER_PROTOCOL gUserIdentifyManager = {
- UserProfileCreate,
- UserProfileDelete,
- UserProfileGetNext,
- UserProfileCurrent,
- UserProfileIdentify,
- UserProfileFind,
- UserProfileNotify,
- UserProfileGetInfo,
- UserProfileSetInfo,
- UserProfileDeleteInfo,
- UserProfileGetNextInfo,
-};
-
-
-/**
- Find the specified user in the user database.
-
- This function searches the specified user from the beginning of the user database.
- And if NextUser is TRUE, return the next User in the user database.
-
- @param[in, out] User On entry, points to the user profile entry to search.
- On return, points to the user profile entry or NULL if not found.
- @param[in] NextUser If FALSE, find the user in user profile database specifyed by User
- If TRUE, find the next user in user profile database specifyed
- by User.
- @param[out] ProfileIndex A pointer to the index of user profile database that matches the
- user specifyed by User.
-
- @retval EFI_NOT_FOUND User was NULL, or User was not found, or the next user was not found.
- @retval EFI_SUCCESS User or the next user are found in user profile database
-
-**/
-EFI_STATUS
-FindUserProfile (
- IN OUT USER_PROFILE_ENTRY **User,
- IN BOOLEAN NextUser,
- OUT UINTN *ProfileIndex OPTIONAL
- )
-{
- UINTN Index;
-
- //
- // Check parameters
- //
- if ((mUserProfileDb == NULL) || (User == NULL)) {
- return EFI_NOT_FOUND;
- }
-
- //
- // Check whether the user profile is in the user profile database.
- //
- for (Index = 0; Index < mUserProfileDb->UserProfileNum; Index++) {
- if (mUserProfileDb->UserProfile[Index] == *User) {
- if (ProfileIndex != NULL) {
- *ProfileIndex = Index;
- }
- break;
- }
- }
-
- if (NextUser) {
- //
- // Find the next user profile.
- //
- Index++;
- if (Index < mUserProfileDb->UserProfileNum) {
- *User = mUserProfileDb->UserProfile[Index];
- } else if (Index == mUserProfileDb->UserProfileNum) {
- *User = NULL;
- return EFI_NOT_FOUND;
- } else {
- if ((mUserProfileDb->UserProfileNum > 0) && (*User == NULL)) {
- *User = mUserProfileDb->UserProfile[0];
- } else {
- *User = NULL;
- return EFI_NOT_FOUND;
- }
- }
- } else if (Index == mUserProfileDb->UserProfileNum) {
- return EFI_NOT_FOUND;
- }
-
- return EFI_SUCCESS;
-}
-
-/**
- Find the specified user information record in the specified User profile.
-
- This function searches the specified user information record from the beginning of the user
- profile. And if NextInfo is TRUE, return the next info in the user profile.
-
- @param[in] User Points to the user profile entry.
- @param[in, out] Info On entry, points to the user information record or NULL to start
- searching with the first user information record.
- On return, points to the user information record or NULL if not found.
- @param[in] NextInfo If FALSE, find the user information record in profile specifyed by User.
- If TRUE, find the next user information record in profile specifyed
- by User.
- @param[out] Offset A pointer to the offset of the information record in the user profile.
-
- @retval EFI_INVALID_PARAMETER Info is NULL
- @retval EFI_NOT_FOUND Info was not found, or the next Info was not found.
- @retval EFI_SUCCESS Info or the next info are found in user profile.
-
-**/
-EFI_STATUS
-FindUserInfo (
- IN USER_PROFILE_ENTRY * User,
- IN OUT EFI_USER_INFO **Info,
- IN BOOLEAN NextInfo,
- OUT UINTN *Offset OPTIONAL
- )
-{
- EFI_STATUS Status;
- EFI_USER_INFO *UserInfo;
- UINTN InfoLen;
-
- if (Info == NULL) {
- return EFI_INVALID_PARAMETER;
- }
-
- //
- // Check user profile entry
- //
- Status = FindUserProfile (&User, FALSE, NULL);
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- //
- // Find user information in the specified user record.
- //
- InfoLen = 0;
- while (InfoLen < User->UserProfileSize) {
- UserInfo = (EFI_USER_INFO *) (User->ProfileInfo + InfoLen);
- if (UserInfo == *Info) {
- if (Offset != NULL) {
- *Offset = InfoLen;
- }
- break;
- }
- InfoLen += ALIGN_VARIABLE (UserInfo->InfoSize);
- }
-
- //
- // Check whether to find the next user information.
- //
- if (NextInfo) {
- if (InfoLen < User->UserProfileSize) {
- UserInfo = (EFI_USER_INFO *) (User->ProfileInfo + InfoLen);
- InfoLen += ALIGN_VARIABLE (UserInfo->InfoSize);
- if (InfoLen < User->UserProfileSize) {
- *Info = (EFI_USER_INFO *) (User->ProfileInfo + InfoLen);
- if (Offset != NULL) {
- *Offset = InfoLen;
- }
- } else if (InfoLen == User->UserProfileSize) {
- *Info = NULL;
- return EFI_NOT_FOUND;
- }
- } else {
- if (*Info == NULL) {
- *Info = (EFI_USER_INFO *) User->ProfileInfo;
- if (Offset != NULL) {
- *Offset = 0;
- }
- } else {
- *Info = NULL;
- return EFI_NOT_FOUND;
- }
- }
- } else if (InfoLen == User->UserProfileSize) {
- return EFI_NOT_FOUND;
- }
-
- return EFI_SUCCESS;
-}
-
-/**
- Find a user infomation record by the information record type.
-
- This function searches all user information records of User. The search starts with the
- user information record following Info and continues until either the information is found
- or there are no more user infomation record.
- A match occurs when a Info.InfoType field matches the user information record type.
-
- @param[in] User Points to the user profile record to search.
- @param[in, out] Info On entry, points to the user information record or NULL to start
- searching with the first user information record.
- On return, points to the user information record or NULL if not found.
- @param[in] InfoType The infomation type to be searched.
-
- @retval EFI_SUCCESS User information was found. Info points to the user information record.
- @retval EFI_NOT_FOUND User information was not found.
- @retval EFI_INVALID_PARAMETER User is NULL or Info is NULL.
-
-**/
-EFI_STATUS
-FindUserInfoByType (
- IN USER_PROFILE_ENTRY *User,
- IN OUT EFI_USER_INFO **Info,
- IN UINT8 InfoType
- )
-{
- EFI_STATUS Status;
- EFI_USER_INFO *UserInfo;
- UINTN InfoLen;
-
- if (Info == NULL) {
- return EFI_INVALID_PARAMETER;
- }
-
- //
- // Check whether the user has the specified user information.
- //
- InfoLen = 0;
- if (*Info == NULL) {
- Status = FindUserProfile (&User, FALSE, NULL);
- } else {
- Status = FindUserInfo (User, Info, TRUE, &InfoLen);
- }
-
- if (EFI_ERROR (Status)) {
- return EFI_NOT_FOUND;
- }
-
- while (InfoLen < User->UserProfileSize) {
- UserInfo = (EFI_USER_INFO *) (User->ProfileInfo + InfoLen);
- if (UserInfo->InfoType == InfoType) {
- if (UserInfo != *Info) {
- *Info = UserInfo;
- return EFI_SUCCESS;
- }
- }
-
- InfoLen += ALIGN_VARIABLE (UserInfo->InfoSize);
- }
-
- *Info = NULL;
- return EFI_NOT_FOUND;
-}
-
-/**
- Find a user using a user information record.
-
- This function searches all user profiles for the specified user information record. The
- search starts with the user information record handle following UserInfo and continues
- until either the information is found or there are no more user profiles.
- A match occurs when the Info.InfoType field matches the user information record type and the
- user information record data matches the portion of Info passed the EFI_USER_INFO header.
-
- @param[in, out] User On entry, points to the previously returned user profile record,
- or NULL to start searching with the first user profile.
- On return, points to the user profile entry, or NULL if not found.
- @param[in, out] UserInfo On entry, points to the previously returned user information record,
- or NULL to start searching with the first.
- On return, points to the user information record, or NULL if not found.
- @param[in] Info Points to the buffer containing the user information to be compared
- to the user information record.
- @param[in] InfoSize The size of Info, in bytes. Same as Info->InfoSize.
-
- @retval EFI_SUCCESS User information was found. User points to the user profile record,
- and UserInfo points to the user information record.
- @retval EFI_NOT_FOUND User information was not found.
- @retval EFI_INVALID_PARAMETER User is NULL; Info is NULL; or, InfoSize is too small.
-
-**/
-EFI_STATUS
-FindUserProfileByInfo (
- IN OUT USER_PROFILE_ENTRY **User,
- IN OUT EFI_USER_INFO **UserInfo, OPTIONAL
- IN EFI_USER_INFO *Info,
- IN UINTN InfoSize
- )
-{
- EFI_STATUS Status;
- EFI_USER_INFO *InfoEntry;
-
-
- if ((User == NULL) || (Info == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- if (InfoSize < sizeof (EFI_USER_INFO)) {
- return EFI_INVALID_PARAMETER;
- }
-
- if (UserInfo != NULL) {
- InfoEntry = *UserInfo;
- } else {
- InfoEntry = NULL;
- }
- //
- // Find user profile according to information.
- //
- if (*User == NULL) {
- *User = mUserProfileDb->UserProfile[0];
- }
-
- //
- // Check user profile handle.
- //
- Status = FindUserProfile (User, FALSE, NULL);
-
- while (!EFI_ERROR (Status)) {
- //
- // Find the user information in a user profile.
- //
- while (TRUE) {
- Status = FindUserInfoByType (*User, &InfoEntry, Info->InfoType);
- if (EFI_ERROR (Status)) {
- break;
- }
-
- if (InfoSize == Info->InfoSize) {
- if (CompareMem ((UINT8 *) (InfoEntry + 1), (UINT8 *) (Info + 1), InfoSize - sizeof (EFI_USER_INFO)) == 0) {
- //
- // Found the infomation record.
- //
- if (UserInfo != NULL) {
- *UserInfo = InfoEntry;
- }
- return EFI_SUCCESS;
- }
- }
- }
-
- //
- // Get next user profile.
- //
- InfoEntry = NULL;
- Status = FindUserProfile (User, TRUE, NULL);
- }
-
- return EFI_NOT_FOUND;
-}
-
-
-/**
- Check whether the access policy is valid.
-
- @param[in] PolicyInfo Point to the access policy.
- @param[in] InfoLen The policy length.
-
- @retval TRUE The policy is a valid access policy.
- @retval FALSE The access policy is not a valid access policy.
-
-**/
-BOOLEAN
-CheckAccessPolicy (
- IN UINT8 *PolicyInfo,
- IN UINTN InfoLen
- )
-{
- UINTN TotalLen;
- UINTN ValueLen;
- UINTN OffSet;
- EFI_USER_INFO_ACCESS_CONTROL Access;
- EFI_DEVICE_PATH_PROTOCOL *Path;
- UINTN PathSize;
-
- TotalLen = 0;
- while (TotalLen < InfoLen) {
- //
- // Check access policy according to type.
- //
- CopyMem (&Access, PolicyInfo + TotalLen, sizeof (Access));
- ValueLen = Access.Size - sizeof (EFI_USER_INFO_ACCESS_CONTROL);
- switch (Access.Type) {
- case EFI_USER_INFO_ACCESS_FORBID_LOAD:
- case EFI_USER_INFO_ACCESS_PERMIT_LOAD:
- case EFI_USER_INFO_ACCESS_FORBID_CONNECT:
- case EFI_USER_INFO_ACCESS_PERMIT_CONNECT:
- OffSet = 0;
- while (OffSet < ValueLen) {
- Path = (EFI_DEVICE_PATH_PROTOCOL *) (PolicyInfo + TotalLen + sizeof (Access) + OffSet);
- PathSize = GetDevicePathSize (Path);
- OffSet += PathSize;
- }
- if (OffSet != ValueLen) {
- return FALSE;
- }
- break;
-
- case EFI_USER_INFO_ACCESS_SETUP:
- if (ValueLen % sizeof (EFI_GUID) != 0) {
- return FALSE;
- }
- break;
-
- case EFI_USER_INFO_ACCESS_BOOT_ORDER:
- if (ValueLen % sizeof (EFI_USER_INFO_ACCESS_BOOT_ORDER_HDR) != 0) {
- return FALSE;
- }
- break;
-
- case EFI_USER_INFO_ACCESS_ENROLL_SELF:
- case EFI_USER_INFO_ACCESS_ENROLL_OTHERS:
- case EFI_USER_INFO_ACCESS_MANAGE:
- if (ValueLen != 0) {
- return FALSE;
- }
- break;
-
- default:
- return FALSE;
- break;
- }
-
- TotalLen += Access.Size;
- }
-
- if (TotalLen != InfoLen) {
- return FALSE;
- }
-
- return TRUE;
-}
-
-
-/**
- Check whether the identity policy is valid.
-
- @param[in] PolicyInfo Point to the identity policy.
- @param[in] InfoLen The policy length.
-
- @retval TRUE The policy is a valid identity policy.
- @retval FALSE The access policy is not a valid identity policy.
-
-**/
-BOOLEAN
-CheckIdentityPolicy (
- IN UINT8 *PolicyInfo,
- IN UINTN InfoLen
- )
-{
- UINTN TotalLen;
- UINTN ValueLen;
- EFI_USER_INFO_IDENTITY_POLICY *Identity;
-
- TotalLen = 0;
-
- //
- // Check each part of policy expression.
- //
- while (TotalLen < InfoLen) {
- //
- // Check access polisy according to type.
- //
- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) (PolicyInfo + TotalLen);
- ValueLen = Identity->Length - sizeof (EFI_USER_INFO_IDENTITY_POLICY);
- switch (Identity->Type) {
- //
- // Check False option.
- //
- case EFI_USER_INFO_IDENTITY_FALSE:
- if (ValueLen != 0) {
- return FALSE;
- }
- break;
-
- //
- // Check True option.
- //
- case EFI_USER_INFO_IDENTITY_TRUE:
- if (ValueLen != 0) {
- return FALSE;
- }
- break;
-
- //
- // Check negative operation.
- //
- case EFI_USER_INFO_IDENTITY_NOT:
- if (ValueLen != 0) {
- return FALSE;
- }
- break;
-
- //
- // Check and operation.
- //
- case EFI_USER_INFO_IDENTITY_AND:
- if (ValueLen != 0) {
- return FALSE;
- }
- break;
-
- //
- // Check or operation.
- //
- case EFI_USER_INFO_IDENTITY_OR:
- if (ValueLen != 0) {
- return FALSE;
- }
- break;
-
- //
- // Check credential provider by type.
- //
- case EFI_USER_INFO_IDENTITY_CREDENTIAL_TYPE:
- if (ValueLen != sizeof (EFI_GUID)) {
- return FALSE;
- }
- break;
-
- //
- // Check credential provider by ID.
- //
- case EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER:
- if (ValueLen != sizeof (EFI_GUID)) {
- return FALSE;
- }
- break;
-
- default:
- return FALSE;
- break;
- }
-
- TotalLen += Identity->Length;
- }
-
- if (TotalLen != InfoLen) {
- return FALSE;
- }
-
- return TRUE;
-}
-
-
-/**
- Check whether the user information is a valid user information record.
-
- @param[in] Info points to the user information.
-
- @retval TRUE The info is a valid user information record.
- @retval FALSE The info is not a valid user information record.
-
-**/
-BOOLEAN
-CheckUserInfo (
- IN CONST EFI_USER_INFO *Info
- )
-{
- UINTN InfoLen;
-
- if (Info == NULL) {
- return FALSE;
- }
- //
- // Check user information according to information type.
- //
- InfoLen = Info->InfoSize - sizeof (EFI_USER_INFO);
- switch (Info->InfoType) {
- case EFI_USER_INFO_EMPTY_RECORD:
- if (InfoLen != 0) {
- return FALSE;
- }
- break;
-
- case EFI_USER_INFO_NAME_RECORD:
- case EFI_USER_INFO_CREDENTIAL_TYPE_NAME_RECORD:
- case EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD:
- break;
-
- case EFI_USER_INFO_CREATE_DATE_RECORD:
- case EFI_USER_INFO_USAGE_DATE_RECORD:
- if (InfoLen != sizeof (EFI_TIME)) {
- return FALSE;
- }
- break;
-
- case EFI_USER_INFO_USAGE_COUNT_RECORD:
- if (InfoLen != sizeof (UINT64)) {
- return FALSE;
- }
- break;
-
- case EFI_USER_INFO_IDENTIFIER_RECORD:
- if (InfoLen != 16) {
- return FALSE;
- }
- break;
-
- case EFI_USER_INFO_CREDENTIAL_TYPE_RECORD:
- case EFI_USER_INFO_CREDENTIAL_PROVIDER_RECORD:
- case EFI_USER_INFO_GUID_RECORD:
- if (InfoLen != sizeof (EFI_GUID)) {
- return FALSE;
- }
- break;
-
- case EFI_USER_INFO_PKCS11_RECORD:
- case EFI_USER_INFO_CBEFF_RECORD:
- break;
-
- case EFI_USER_INFO_FAR_RECORD:
- case EFI_USER_INFO_RETRY_RECORD:
- if (InfoLen != 1) {
- return FALSE;
- }
- break;
-
- case EFI_USER_INFO_ACCESS_POLICY_RECORD:
- if(!CheckAccessPolicy ((UINT8 *) (Info + 1), InfoLen)) {
- return FALSE;
- }
- break;
-
- case EFI_USER_INFO_IDENTITY_POLICY_RECORD:
- if (!CheckIdentityPolicy ((UINT8 *) (Info + 1), InfoLen)) {
- return FALSE;
- }
- break;
-
- default:
- return FALSE;
- break;
- }
-
- return TRUE;
-}
-
-
-/**
- Check the user profile data format to be added.
-
- @param[in] UserProfileInfo Points to the user profile data.
- @param[in] UserProfileSize The length of user profile data.
-
- @retval TRUE It is a valid user profile.
- @retval FALSE It is not a valid user profile.
-
-**/
-BOOLEAN
-CheckProfileInfo (
- IN UINT8 *UserProfileInfo,
- IN UINTN UserProfileSize
- )
-{
- UINTN ChkLen;
- EFI_USER_INFO *Info;
-
- if (UserProfileInfo == NULL) {
- return FALSE;
- }
-
- //
- // Check user profile information length.
- //
- ChkLen = 0;
- while (ChkLen < UserProfileSize) {
- Info = (EFI_USER_INFO *) (UserProfileInfo + ChkLen);
- //
- // Check user information format.
- //
- if (!CheckUserInfo (Info)) {
- return FALSE;
- }
-
- ChkLen += ALIGN_VARIABLE (Info->InfoSize);
- }
-
- if (ChkLen != UserProfileSize) {
- return FALSE;
- }
-
- return TRUE;
-}
-
-
-/**
- Find the specified RightType in current user profile.
-
- @param[in] RightType Could be EFI_USER_INFO_ACCESS_MANAGE,
- EFI_USER_INFO_ACCESS_ENROLL_OTHERS or
- EFI_USER_INFO_ACCESS_ENROLL_SELF.
-
- @retval TRUE Find the specified RightType in current user profile.
- @retval FALSE Can't find the right in the profile.
-
-**/
-BOOLEAN
-CheckCurrentUserAccessRight (
- IN UINT32 RightType
- )
-{
- EFI_STATUS Status;
- EFI_USER_INFO *Info;
- UINTN TotalLen;
- UINTN CheckLen;
- EFI_USER_INFO_ACCESS_CONTROL Access;
-
- //
- // Get user access right information.
- //
- Info = NULL;
- Status = FindUserInfoByType (
- (USER_PROFILE_ENTRY *) mCurrentUser,
- &Info,
- EFI_USER_INFO_ACCESS_POLICY_RECORD
- );
- if (EFI_ERROR (Status)) {
- return FALSE;
- }
-
- ASSERT (Info != NULL);
- TotalLen = Info->InfoSize - sizeof (EFI_USER_INFO);
- CheckLen = 0;
- while (CheckLen < TotalLen) {
- //
- // Check right according to access type.
- //
- CopyMem (&Access, (UINT8 *) (Info + 1) + CheckLen, sizeof (Access));
- if (Access.Type == RightType) {
- return TRUE;;
- }
-
- CheckLen += Access.Size;
- }
-
- return FALSE;
-}
-
-
-/**
- Create a unique user identifier.
-
- @param[out] Identifier This points to the identifier.
-
-**/
-VOID
-GenerateIdentifier (
- OUT UINT8 *Identifier
- )
-{
- EFI_TIME Time;
- UINT64 MonotonicCount;
- UINT32 *MonotonicPointer;
- UINTN Index;
-
- //
- // Create a unique user identifier.
- //
- gRT->GetTime (&Time, NULL);
- CopyMem (Identifier, &Time, sizeof (EFI_TIME));
- //
- // Remove zeros.
- //
- for (Index = 0; Index < sizeof (EFI_TIME); Index++) {
- if (Identifier[Index] == 0) {
- Identifier[Index] = 0x5a;
- }
- }
-
- MonotonicPointer = (UINT32 *) Identifier;
- gBS->GetNextMonotonicCount (&MonotonicCount);
- MonotonicPointer[0] += (UINT32) MonotonicCount;
- MonotonicPointer[1] += (UINT32) MonotonicCount;
- MonotonicPointer[2] += (UINT32) MonotonicCount;
- MonotonicPointer[3] += (UINT32) MonotonicCount;
-}
-
-
-/**
- Generate unique user ID.
-
- @param[out] UserId Points to the user identifer.
-
-**/
-VOID
-GenerateUserId (
- OUT UINT8 *UserId
- )
-{
- EFI_STATUS Status;
- USER_PROFILE_ENTRY *UserProfile;
- EFI_USER_INFO *UserInfo;
- UINTN Index;
-
- //
- // Generate unique user ID
- //
- while (TRUE) {
- GenerateIdentifier (UserId);
- //
- // Check whether it's unique in user profile database.
- //
- if (mUserProfileDb == NULL) {
- return ;
- }
-
- for (Index = 0; Index < mUserProfileDb->UserProfileNum; Index++) {
- UserProfile = (USER_PROFILE_ENTRY *) (mUserProfileDb->UserProfile[Index]);
- UserInfo = NULL;
- Status = FindUserInfoByType (UserProfile, &UserInfo, EFI_USER_INFO_IDENTIFIER_RECORD);
- if (EFI_ERROR (Status)) {
- continue;
- }
-
- if (CompareMem ((UINT8 *) (UserInfo + 1), UserId, sizeof (EFI_USER_INFO_IDENTIFIER)) == 0) {
- break;
- }
- }
-
- if (Index == mUserProfileDb->UserProfileNum) {
- return ;
- }
- }
-}
-
-
-/**
- Expand user profile database.
-
- @retval TRUE Success to expand user profile database.
- @retval FALSE Fail to expand user profile database.
-
-**/
-BOOLEAN
-ExpandUsermUserProfileDb (
- VOID
- )
-{
- UINTN MaxNum;
- USER_PROFILE_DB *NewDataBase;
-
- //
- // Create new user profile database.
- //
- if (mUserProfileDb == NULL) {
- MaxNum = USER_NUMBER_INC;
- } else {
- MaxNum = mUserProfileDb->MaxProfileNum + USER_NUMBER_INC;
- }
-
- NewDataBase = AllocateZeroPool (
- sizeof (USER_PROFILE_DB) - sizeof (EFI_USER_PROFILE_HANDLE) +
- MaxNum * sizeof (EFI_USER_PROFILE_HANDLE)
- );
- if (NewDataBase == NULL) {
- return FALSE;
- }
-
- NewDataBase->MaxProfileNum = MaxNum;
-
- //
- // Copy old user profile database value
- //
- if (mUserProfileDb == NULL) {
- NewDataBase->UserProfileNum = 0;
- } else {
- NewDataBase->UserProfileNum = mUserProfileDb->UserProfileNum;
- CopyMem (
- NewDataBase->UserProfile,
- mUserProfileDb->UserProfile,
- NewDataBase->UserProfileNum * sizeof (EFI_USER_PROFILE_HANDLE)
- );
- FreePool (mUserProfileDb);
- }
-
- mUserProfileDb = NewDataBase;
- return TRUE;
-}
-
-
-/**
- Expand user profile
-
- @param[in] User Points to user profile.
- @param[in] ExpandSize The size of user profile.
-
- @retval TRUE Success to expand user profile size.
- @retval FALSE Fail to expand user profile size.
-
-**/
-BOOLEAN
-ExpandUserProfile (
- IN USER_PROFILE_ENTRY *User,
- IN UINTN ExpandSize
- )
-{
- UINT8 *Info;
- UINTN InfoSizeInc;
-
- //
- // Allocate new memory.
- //
- InfoSizeInc = 128;
- User->MaxProfileSize += ((ExpandSize + InfoSizeInc - 1) / InfoSizeInc) * InfoSizeInc;
- Info = AllocateZeroPool (User->MaxProfileSize);
- if (Info == NULL) {
- return FALSE;
- }
-
- //
- // Copy exist information.
- //
- if (User->UserProfileSize > 0) {
- CopyMem (Info, User->ProfileInfo, User->UserProfileSize);
- FreePool (User->ProfileInfo);
- }
-
- User->ProfileInfo = Info;
- return TRUE;
-}
-
-
-/**
- Save the user profile to non-volatile memory, or delete it from non-volatile memory.
-
- @param[in] User Point to the user profile
- @param[in] Delete If TRUE, delete the found user profile.
- If FALSE, save the user profile.
- @retval EFI_SUCCESS Save or delete user profile successfully.
- @retval Others Fail to change the profile.
-
-**/
-EFI_STATUS
-SaveNvUserProfile (
- IN USER_PROFILE_ENTRY *User,
- IN BOOLEAN Delete
- )
-{
- EFI_STATUS Status;
-
- //
- // Check user profile entry.
- //
- Status = FindUserProfile (&User, FALSE, NULL);
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- //
- // Save the user profile to non-volatile memory.
- //
- Status = gRT->SetVariable (
- User->UserVarName,
- &gUserIdentifyManagerGuid,
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,
- Delete ? 0 : User->UserProfileSize,
- User->ProfileInfo
- );
- return Status;
-}
-
-/**
- Add one new user info into the user's profile.
-
- @param[in] User point to the user profile
- @param[in] Info Points to the user information payload.
- @param[in] InfoSize The size of the user information payload, in bytes.
- @param[out] UserInfo Point to the new info in user profile
- @param[in] Save If TRUE, save the profile to NV flash.
- If FALSE, don't need to save the profile to NV flash.
-
- @retval EFI_SUCCESS Add user info to user profile successfully.
- @retval Others Fail to add user info to user profile.
-
-**/
-EFI_STATUS
-AddUserInfo (
- IN USER_PROFILE_ENTRY *User,
- IN UINT8 *Info,
- IN UINTN InfoSize,
- OUT EFI_USER_INFO **UserInfo, OPTIONAL
- IN BOOLEAN Save
- )
-{
- EFI_STATUS Status;
-
- if ((Info == NULL) || (User == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- //
- // Check user profile handle.
- //
- Status = FindUserProfile (&User, FALSE, NULL);
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- //
- // Check user information memory size.
- //
- if (User->MaxProfileSize - User->UserProfileSize < ALIGN_VARIABLE (InfoSize)) {
- if (!ExpandUserProfile (User, ALIGN_VARIABLE (InfoSize))) {
- return EFI_OUT_OF_RESOURCES;
- }
- }
-
- //
- // Add new user information.
- //
- CopyMem (User->ProfileInfo + User->UserProfileSize, Info, InfoSize);
- if (UserInfo != NULL) {
- *UserInfo = (EFI_USER_INFO *) (User->ProfileInfo + User->UserProfileSize);
- }
- User->UserProfileSize += ALIGN_VARIABLE (InfoSize);
-
- //
- // Save user profile information.
- //
- if (Save) {
- Status = SaveNvUserProfile (User, FALSE);
- }
-
- return Status;
-}
-
-
-/**
- Get the user info from the specified user info handle.
-
- @param[in] User Point to the user profile.
- @param[in] UserInfo Point to the user information record to get.
- @param[out] Info On entry, points to a buffer of at least *InfoSize bytes.
- On exit, holds the user information.
- @param[in, out] InfoSize On entry, points to the size of Info.
- On return, points to the size of the user information.
- @param[in] ChkRight If TRUE, check the user info attribute.
- If FALSE, don't check the user info attribute.
-
-
- @retval EFI_ACCESS_DENIED The information cannot be accessed by the current user.
- @retval EFI_INVALID_PARAMETER InfoSize is NULL or UserInfo is NULL.
- @retval EFI_BUFFER_TOO_SMALL The number of bytes specified by *InfoSize is too small to hold the
- returned data. The actual size required is returned in *InfoSize.
- @retval EFI_SUCCESS Information returned successfully.
-
-**/
-EFI_STATUS
-GetUserInfo (
- IN USER_PROFILE_ENTRY *User,
- IN EFI_USER_INFO *UserInfo,
- OUT EFI_USER_INFO *Info,
- IN OUT UINTN *InfoSize,
- IN BOOLEAN ChkRight
- )
-{
- EFI_STATUS Status;
-
- if ((InfoSize == NULL) || (UserInfo == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- if ((*InfoSize != 0) && (Info == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- //
- // Find the user information to get.
- //
- Status = FindUserInfo (User, &UserInfo, FALSE, NULL);
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- //
- // Check information attributes.
- //
- if (ChkRight) {
- switch (UserInfo->InfoAttribs & EFI_USER_INFO_ACCESS) {
- case EFI_USER_INFO_PRIVATE:
- case EFI_USER_INFO_PROTECTED:
- if (User != mCurrentUser) {
- return EFI_ACCESS_DENIED;
- }
- break;
-
- case EFI_USER_INFO_PUBLIC:
- break;
-
- default:
- return EFI_INVALID_PARAMETER;
- break;
- }
- }
-
- //
- // Get user information.
- //
- if (UserInfo->InfoSize > *InfoSize) {
- *InfoSize = UserInfo->InfoSize;
- return EFI_BUFFER_TOO_SMALL;
- }
-
- *InfoSize = UserInfo->InfoSize;
- if (Info != NULL) {
- CopyMem (Info, UserInfo, *InfoSize);
- }
-
- return EFI_SUCCESS;
-}
-
-
-/**
- Delete the specified user information from user profile.
-
- @param[in] User Point to the user profile.
- @param[in] Info Point to the user information record to delete.
- @param[in] Save If TRUE, save the profile to NV flash.
- If FALSE, don't need to save the profile to NV flash.
-
- @retval EFI_SUCCESS Delete user info from user profile successfully.
- @retval Others Fail to delete user info from user profile.
-
-**/
-EFI_STATUS
-DelUserInfo (
- IN USER_PROFILE_ENTRY *User,
- IN EFI_USER_INFO *Info,
- IN BOOLEAN Save
- )
-{
- EFI_STATUS Status;
- UINTN Offset;
- UINTN NextOffset;
-
- //
- // Check user information handle.
- //
- Status = FindUserInfo (User, &Info, FALSE, &Offset);
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- if (Info->InfoType == EFI_USER_INFO_IDENTIFIER_RECORD) {
- return EFI_ACCESS_DENIED;
- }
-
- //
- // Delete the specified user information.
- //
- NextOffset = Offset + ALIGN_VARIABLE (Info->InfoSize);
- User->UserProfileSize -= ALIGN_VARIABLE (Info->InfoSize);
- if (Offset < User->UserProfileSize) {
- CopyMem (User->ProfileInfo + Offset, User->ProfileInfo + NextOffset, User->UserProfileSize - Offset);
- }
-
- if (Save) {
- Status = SaveNvUserProfile (User, FALSE);
- }
-
- return Status;
-}
-
-
-/**
- Add or update user information.
-
- @param[in] User Point to the user profile.
- @param[in, out] UserInfo On entry, points to the user information to modify,
- or NULL to add a new UserInfo.
- On return, points to the modified user information.
- @param[in] Info Points to the new user information.
- @param[in] InfoSize The size of Info,in bytes.
-
- @retval EFI_INVALID_PARAMETER UserInfo is NULL or Info is NULL.
- @retval EFI_ACCESS_DENIED The record is exclusive.
- @retval EFI_SUCCESS User information was successfully changed/added.
-
-**/
-EFI_STATUS
-ModifyUserInfo (
- IN USER_PROFILE_ENTRY *User,
- IN OUT EFI_USER_INFO **UserInfo,
- IN CONST EFI_USER_INFO *Info,
- IN UINTN InfoSize
- )
-{
- EFI_STATUS Status;
- UINTN PayloadLen;
- EFI_USER_INFO *OldInfo;
-
- if ((UserInfo == NULL) || (Info == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- if (InfoSize < sizeof (EFI_USER_INFO) || InfoSize != Info->InfoSize) {
- return EFI_INVALID_PARAMETER;
- }
-
- //
- // Check user information.
- //
- if (Info->InfoType == EFI_USER_INFO_IDENTIFIER_RECORD) {
- return EFI_ACCESS_DENIED;
- }
-
- if (!CheckUserInfo (Info)) {
- return EFI_INVALID_PARAMETER;
- }
-
-
- if (*UserInfo == NULL) {
- //
- // Add new user information.
- //
- OldInfo = NULL;
- do {
- Status = FindUserInfoByType (User, &OldInfo, Info->InfoType);
- if (EFI_ERROR (Status)) {
- break;
- }
- ASSERT (OldInfo != NULL);
-
- if (((OldInfo->InfoAttribs & EFI_USER_INFO_EXCLUSIVE) != 0) ||
- ((Info->InfoAttribs & EFI_USER_INFO_EXCLUSIVE) != 0)) {
- //
- // Same type can not co-exist for exclusive information.
- //
- return EFI_ACCESS_DENIED;
- }
-
- //
- // Check whether it exists in DB.
- //
- if (Info->InfoSize != OldInfo->InfoSize) {
- continue;
- }
-
- if (!CompareGuid (&OldInfo->Credential, &Info->Credential)) {
- continue;
- }
-
- PayloadLen = Info->InfoSize - sizeof (EFI_USER_INFO);
- if (PayloadLen == 0) {
- continue;
- }
-
- if (CompareMem ((UINT8 *)(OldInfo + 1), (UINT8 *)(Info + 1), PayloadLen) != 0) {
- continue;
- }
-
- //
- // Yes. The new info is as same as the one in profile.
- //
- return EFI_SUCCESS;
- } while (!EFI_ERROR (Status));
-
- Status = AddUserInfo (User, (UINT8 *) Info, InfoSize, UserInfo, TRUE);
- return Status;
- }
-
- //
- // Modify existing user information.
- //
- OldInfo = *UserInfo;
- if (OldInfo->InfoType != Info->InfoType) {
- return EFI_INVALID_PARAMETER;
- }
-
- if (((Info->InfoAttribs & EFI_USER_INFO_EXCLUSIVE) != 0) &&
- (OldInfo->InfoAttribs & EFI_USER_INFO_EXCLUSIVE) == 0) {
- //
- // Try to add exclusive attrib in new info.
- // Check whether there is another information with the same type in profile.
- //
- OldInfo = NULL;
- do {
- Status = FindUserInfoByType (User, &OldInfo, Info->InfoType);
- if (EFI_ERROR (Status)) {
- break;
- }
- if (OldInfo != *UserInfo) {
- //
- // There is another information with the same type in profile.
- // Therefore, can't modify existing user information to add exclusive attribute.
- //
- return EFI_ACCESS_DENIED;
- }
- } while (TRUE);
- }
-
- Status = DelUserInfo (User, *UserInfo, FALSE);
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- return AddUserInfo (User, (UINT8 *) Info, InfoSize, UserInfo, TRUE);
-}
-
-
-/**
- Delete the user profile from non-volatile memory and database.
-
- @param[in] User Points to the user profile.
-
- @retval EFI_SUCCESS Delete user from the user profile successfully.
- @retval Others Fail to delete user from user profile
-
-**/
-EFI_STATUS
-DelUserProfile (
- IN USER_PROFILE_ENTRY *User
- )
-{
- EFI_STATUS Status;
- UINTN Index;
-
- //
- // Check whether it is in the user profile database.
- //
- Status = FindUserProfile (&User, FALSE, &Index);
- if (EFI_ERROR (Status)) {
- return EFI_INVALID_PARAMETER;
- }
-
- //
- // Check whether it is the current user.
- //
- if (User == mCurrentUser) {
- return EFI_ACCESS_DENIED;
- }
-
- //
- // Delete user profile from the non-volatile memory.
- //
- Status = SaveNvUserProfile (mUserProfileDb->UserProfile[mUserProfileDb->UserProfileNum - 1], TRUE);
- if (EFI_ERROR (Status)) {
- return Status;
- }
- mUserProfileDb->UserProfileNum--;
-
- //
- // Modify user profile database.
- //
- if (Index != mUserProfileDb->UserProfileNum) {
- mUserProfileDb->UserProfile[Index] = mUserProfileDb->UserProfile[mUserProfileDb->UserProfileNum];
- CopyMem (
- ((USER_PROFILE_ENTRY *) mUserProfileDb->UserProfile[Index])->UserVarName,
- User->UserVarName,
- sizeof (User->UserVarName)
- );
- Status = SaveNvUserProfile (mUserProfileDb->UserProfile[Index], FALSE);
- if (EFI_ERROR (Status)) {
- return Status;
- }
- }
- //
- // Delete user profile information.
- //
- if (User->ProfileInfo != NULL) {
- FreePool (User->ProfileInfo);
- }
-
- FreePool (User);
- return EFI_SUCCESS;
-}
-
-
-/**
- Add user profile to user profile database.
-
- @param[out] UserProfile Point to the newly added user profile.
- @param[in] ProfileSize The size of the user profile.
- @param[in] ProfileInfo Point to the user profie data.
- @param[in] Save If TRUE, save the new added profile to NV flash.
- If FALSE, don't save the profile to NV flash.
-
- @retval EFI_SUCCESS Add user profile to user profile database successfully.
- @retval Others Fail to add user profile to user profile database.
-
-**/
-EFI_STATUS
-AddUserProfile (
- OUT USER_PROFILE_ENTRY **UserProfile, OPTIONAL
- IN UINTN ProfileSize,
- IN UINT8 *ProfileInfo,
- IN BOOLEAN Save
- )
-{
- EFI_STATUS Status;
- USER_PROFILE_ENTRY *User;
-
- //
- // Check the data format to be added.
- //
- if (!CheckProfileInfo (ProfileInfo, ProfileSize)) {
- return EFI_SECURITY_VIOLATION;
- }
-
- //
- // Create user profile entry.
- //
- User = AllocateZeroPool (sizeof (USER_PROFILE_ENTRY));
- if (User == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
- //
- // Add the entry to the user profile database.
- //
- if (mUserProfileDb->UserProfileNum == mUserProfileDb->MaxProfileNum) {
- if (!ExpandUsermUserProfileDb ()) {
- FreePool (User);
- return EFI_OUT_OF_RESOURCES;
- }
- }
-
- UnicodeSPrint (
- User->UserVarName,
- sizeof (User->UserVarName),
- L"User%04x",
- mUserProfileDb->UserProfileNum
- );
- User->UserProfileSize = 0;
- User->MaxProfileSize = 0;
- User->ProfileInfo = NULL;
- mUserProfileDb->UserProfile[mUserProfileDb->UserProfileNum] = (EFI_USER_PROFILE_HANDLE) User;
- mUserProfileDb->UserProfileNum++;
-
- //
- // Add user profile information.
- //
- Status = AddUserInfo (User, ProfileInfo, ProfileSize, NULL, Save);
- if (EFI_ERROR (Status)) {
- DelUserProfile (User);
- return Status;
- }
- //
- // Set new user profile handle.
- //
- if (UserProfile != NULL) {
- *UserProfile = User;
- }
-
- return EFI_SUCCESS;
-}
-
-
-/**
- This function creates a new user profile with only a new user identifier
- attached and returns its handle. The user profile is non-volatile, but the
- handle User can change across reboots.
-
- @param[out] User Handle of a new user profile.
-
- @retval EFI_SUCCESS User profile was successfully created.
- @retval Others Fail to create user profile
-
-**/
-EFI_STATUS
-CreateUserProfile (
- OUT USER_PROFILE_ENTRY **User
- )
-{
- EFI_STATUS Status;
- EFI_USER_INFO *UserInfo;
-
- if (User == NULL) {
- return EFI_INVALID_PARAMETER;
- }
- //
- // Generate user id information.
- //
- UserInfo = AllocateZeroPool (sizeof (EFI_USER_INFO) + sizeof (EFI_USER_INFO_IDENTIFIER));
- if (UserInfo == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
-
- UserInfo->InfoType = EFI_USER_INFO_IDENTIFIER_RECORD;
- UserInfo->InfoSize = sizeof (EFI_USER_INFO) + sizeof (EFI_USER_INFO_IDENTIFIER);
- UserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV | EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
- GenerateUserId ((UINT8 *) (UserInfo + 1));
-
- //
- // Add user profile to the user profile database.
- //
- Status = AddUserProfile (User, UserInfo->InfoSize, (UINT8 *) UserInfo, TRUE);
- FreePool (UserInfo);
- return Status;
-}
-
-
-/**
- Add a default user profile to user profile database.
-
- @retval EFI_SUCCESS A default user profile is added successfully.
- @retval Others Fail to add a default user profile
-
-**/
-EFI_STATUS
-AddDefaultUserProfile (
- VOID
- )
-{
- EFI_STATUS Status;
- USER_PROFILE_ENTRY *User;
- EFI_USER_INFO *Info;
- EFI_USER_INFO *NewInfo;
- EFI_USER_INFO_CREATE_DATE CreateDate;
- EFI_USER_INFO_USAGE_COUNT UsageCount;
- EFI_USER_INFO_ACCESS_CONTROL *Access;
- EFI_USER_INFO_IDENTITY_POLICY *Policy;
-
- //
- // Create a user profile.
- //
- Status = CreateUserProfile (&User);
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- //
- // Allocate a buffer to add all default user information.
- //
- Info = AllocateZeroPool (sizeof (EFI_USER_INFO) + INFO_PAYLOAD_SIZE);
- if (Info == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
-
- //
- // Add user name.
- //
- Info->InfoType = EFI_USER_INFO_NAME_RECORD;
- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV | EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
- Info->InfoSize = sizeof (EFI_USER_INFO) + sizeof (mUserName);
- CopyMem ((UINT8 *) (Info + 1), mUserName, sizeof (mUserName));
- NewInfo = NULL;
- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
- if (EFI_ERROR (Status)) {
- goto Done;
- }
-
- //
- // Add user profile create date record.
- //
- Info->InfoType = EFI_USER_INFO_CREATE_DATE_RECORD;
- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV | EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
- Info->InfoSize = sizeof (EFI_USER_INFO) + sizeof (EFI_USER_INFO_CREATE_DATE);
- Status = gRT->GetTime (&CreateDate, NULL);
- if (EFI_ERROR (Status)) {
- goto Done;
- }
-
- CopyMem ((UINT8 *) (Info + 1), &CreateDate, sizeof (EFI_USER_INFO_CREATE_DATE));
- NewInfo = NULL;
- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
- if (EFI_ERROR (Status)) {
- goto Done;
- }
-
- //
- // Add user profile usage count record.
- //
- Info->InfoType = EFI_USER_INFO_USAGE_COUNT_RECORD;
- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV | EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
- Info->InfoSize = sizeof (EFI_USER_INFO) + sizeof (EFI_USER_INFO_USAGE_COUNT);
- UsageCount = 0;
- CopyMem ((UINT8 *) (Info + 1), &UsageCount, sizeof (EFI_USER_INFO_USAGE_COUNT));
- NewInfo = NULL;
- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
- if (EFI_ERROR (Status)) {
- goto Done;
- }
-
- //
- // Add user access right.
- //
- Info->InfoType = EFI_USER_INFO_ACCESS_POLICY_RECORD;
- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV | EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
- Access = (EFI_USER_INFO_ACCESS_CONTROL *) (Info + 1);
- Access->Type = EFI_USER_INFO_ACCESS_MANAGE;
- Access->Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL);
- Info->InfoSize = sizeof (EFI_USER_INFO) + Access->Size;
- NewInfo = NULL;
- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
- if (EFI_ERROR (Status)) {
- goto Done;
- }
-
- //
- // Add user identity policy.
- //
- Info->InfoType = EFI_USER_INFO_IDENTITY_POLICY_RECORD;
- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV | EFI_USER_INFO_PRIVATE | EFI_USER_INFO_EXCLUSIVE;
- Policy = (EFI_USER_INFO_IDENTITY_POLICY *) (Info + 1);
- Policy->Type = EFI_USER_INFO_IDENTITY_TRUE;
- Policy->Length = sizeof (EFI_USER_INFO_IDENTITY_POLICY);
- Info->InfoSize = sizeof (EFI_USER_INFO) + Policy->Length;
- NewInfo = NULL;
- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
-
-Done:
- FreePool (Info);
- return Status;
-}
-
-
-/**
- Publish current user information into EFI System Configuration Table.
-
- By UEFI spec, the User Identity Manager will publish the current user profile
- into the EFI System Configuration Table. Currently, only the user identifier and user
- name are published.
-
- @retval EFI_SUCCESS Current user information is published successfully.
- @retval Others Fail to publish current user information
-
-**/
-EFI_STATUS
-PublishUserTable (
- VOID
- )
-{
- EFI_STATUS Status;
- EFI_CONFIGURATION_TABLE *EfiConfigurationTable;
- EFI_USER_INFO_TABLE *UserInfoTable;
- EFI_USER_INFO *IdInfo;
- EFI_USER_INFO *NameInfo;
-
- Status = EfiGetSystemConfigurationTable (
- &gEfiUserManagerProtocolGuid,
- (VOID **) &EfiConfigurationTable
- );
- if (!EFI_ERROR (Status)) {
- //
- // The table existed!
- //
- return EFI_SUCCESS;
- }
-
- //
- // Get user ID information.
- //
- IdInfo = NULL;
- Status = FindUserInfoByType (mCurrentUser, &IdInfo, EFI_USER_INFO_IDENTIFIER_RECORD);
- if (EFI_ERROR (Status)) {
- return Status;
-
- }
- //
- // Get user name information.
- //
- NameInfo = NULL;
- Status = FindUserInfoByType (mCurrentUser, &NameInfo, EFI_USER_INFO_NAME_RECORD);
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- //
- // Allocate a buffer for user information table.
- //
- UserInfoTable = (EFI_USER_INFO_TABLE *) AllocateRuntimePool (
- sizeof (EFI_USER_INFO_TABLE) +
- IdInfo->InfoSize +
- NameInfo->InfoSize
- );
- if (UserInfoTable == NULL) {
- Status = EFI_OUT_OF_RESOURCES;
- return Status;
- }
-
- UserInfoTable->Size = sizeof (EFI_USER_INFO_TABLE);
-
- //
- // Append the user information to the user info table
- //
- CopyMem ((UINT8 *) UserInfoTable + UserInfoTable->Size, (UINT8 *) IdInfo, IdInfo->InfoSize);
- UserInfoTable->Size += IdInfo->InfoSize;
-
- CopyMem ((UINT8 *) UserInfoTable + UserInfoTable->Size, (UINT8 *) NameInfo, NameInfo->InfoSize);
- UserInfoTable->Size += NameInfo->InfoSize;
-
- Status = gBS->InstallConfigurationTable (&gEfiUserManagerProtocolGuid, (VOID *) UserInfoTable);
- return Status;
-}
-
-
-/**
- Get the user's identity type.
-
- The identify manager only supports the identity policy in which the credential
- provider handles are connected by the operator 'AND' or 'OR'.
-
-
- @param[in] User Handle of a user profile.
- @param[out] PolicyType Point to the identity type.
-
- @retval EFI_SUCCESS Get user's identity type successfully.
- @retval Others Fail to get user's identity type.
-
-**/
-EFI_STATUS
-GetIdentifyType (
- IN EFI_USER_PROFILE_HANDLE User,
- OUT UINT8 *PolicyType
- )
-{
- EFI_STATUS Status;
- EFI_USER_INFO *IdentifyInfo;
- UINTN TotalLen;
- EFI_USER_INFO_IDENTITY_POLICY *Identity;
-
- //
- // Get user identify policy information.
- //
- IdentifyInfo = NULL;
- Status = FindUserInfoByType (User, &IdentifyInfo, EFI_USER_INFO_IDENTITY_POLICY_RECORD);
- if (EFI_ERROR (Status)) {
- return Status;
- }
- ASSERT (IdentifyInfo != NULL);
-
- //
- // Search the user identify policy according to type.
- //
- TotalLen = 0;
- *PolicyType = EFI_USER_INFO_IDENTITY_FALSE;
- while (TotalLen < IdentifyInfo->InfoSize - sizeof (EFI_USER_INFO)) {
- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) ((UINT8 *) (IdentifyInfo + 1) + TotalLen);
- if (Identity->Type == EFI_USER_INFO_IDENTITY_AND) {
- *PolicyType = EFI_USER_INFO_IDENTITY_AND;
- break;
- }
-
- if (Identity->Type == EFI_USER_INFO_IDENTITY_OR) {
- *PolicyType = EFI_USER_INFO_IDENTITY_OR;
- break;
- }
- TotalLen += Identity->Length;
- }
- return EFI_SUCCESS;
-}
-
-
-/**
- Identify the User by the specfied provider.
-
- @param[in] User Handle of a user profile.
- @param[in] Provider Points to the identifier of credential provider.
-
- @retval EFI_INVALID_PARAMETER Provider is NULL.
- @retval EFI_NOT_FOUND Fail to identify the specified user.
- @retval EFI_SUCCESS User is identified successfully.
-
-**/
-EFI_STATUS
-IdentifyByProviderId (
- IN EFI_USER_PROFILE_HANDLE User,
- IN EFI_GUID *Provider
- )
-{
- EFI_STATUS Status;
- EFI_USER_INFO_IDENTIFIER UserId;
- UINTN Index;
- EFI_CREDENTIAL_LOGON_FLAGS AutoLogon;
- EFI_HII_HANDLE HiiHandle;
- EFI_GUID FormSetId;
- EFI_FORM_ID FormId;
- EFI_USER_CREDENTIAL2_PROTOCOL *UserCredential;
-
- if (Provider == NULL) {
- return EFI_INVALID_PARAMETER;
- }
-
- //
- // Check the user ID identified by the specified credential provider.
- //
- for (Index = 0; Index < mProviderDb->Count; Index++) {
- //
- // Check credential provider class.
- //
- UserCredential = mProviderDb->Provider[Index];
- if (CompareGuid (&UserCredential->Identifier, Provider)) {
- Status = UserCredential->Select (UserCredential, &AutoLogon);
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- if ((AutoLogon & EFI_CREDENTIAL_LOGON_FLAG_AUTO) == 0) {
- //
- // Get credential provider form.
- //
- Status = UserCredential->Form (
- UserCredential,
- &HiiHandle,
- &FormSetId,
- &FormId
- );
- if (!EFI_ERROR (Status)) {
- //
- // Send form to get user input.
- //
- Status = mCallbackInfo->FormBrowser2->SendForm (
- mCallbackInfo->FormBrowser2,
- &HiiHandle,
- 1,
- &FormSetId,
- FormId,
- NULL,
- NULL
- );
- if (EFI_ERROR (Status)) {
- return Status;
- }
- }
- }
-
- Status = UserCredential->User (UserCredential, User, &UserId);
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- Status = UserCredential->Deselect (UserCredential);
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- return EFI_SUCCESS;
- }
- }
-
- return EFI_NOT_FOUND;
-}
-
-
-/**
- Update user information when user is logon on successfully.
-
- @param[in] User Points to user profile.
-
- @retval EFI_SUCCESS Update user information successfully.
- @retval Others Fail to update user information.
-
-**/
-EFI_STATUS
-UpdateUserInfo (
- IN USER_PROFILE_ENTRY *User
- )
-{
- EFI_STATUS Status;
- EFI_USER_INFO *Info;
- EFI_USER_INFO *NewInfo;
- EFI_USER_INFO_CREATE_DATE Date;
- EFI_USER_INFO_USAGE_COUNT UsageCount;
- UINTN InfoLen;
-
- //
- // Allocate a buffer to update user's date record and usage record.
- //
- InfoLen = MAX (sizeof (EFI_USER_INFO_CREATE_DATE), sizeof (EFI_USER_INFO_USAGE_COUNT));
- Info = AllocateZeroPool (sizeof (EFI_USER_INFO) + InfoLen);
- if (Info == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
-
- //
- // Check create date record.
- //
- NewInfo = NULL;
- Status = FindUserInfoByType (User, &NewInfo, EFI_USER_INFO_CREATE_DATE_RECORD);
- if (Status == EFI_NOT_FOUND) {
- Info->InfoType = EFI_USER_INFO_CREATE_DATE_RECORD;
- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV | EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
- Info->InfoSize = sizeof (EFI_USER_INFO) + sizeof (EFI_USER_INFO_CREATE_DATE);
- Status = gRT->GetTime (&Date, NULL);
- if (EFI_ERROR (Status)) {
- FreePool (Info);
- return Status;
- }
-
- CopyMem ((UINT8 *) (Info + 1), &Date, sizeof (EFI_USER_INFO_CREATE_DATE));
- NewInfo = NULL;
- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
- if (EFI_ERROR (Status)) {
- FreePool (Info);
- return Status;
- }
- }
-
- //
- // Update usage date record.
- //
- NewInfo = NULL;
- Status = FindUserInfoByType (User, &NewInfo, EFI_USER_INFO_USAGE_DATE_RECORD);
- if ((Status == EFI_SUCCESS) || (Status == EFI_NOT_FOUND)) {
- Info->InfoType = EFI_USER_INFO_USAGE_DATE_RECORD;
- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV | EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
- Info->InfoSize = sizeof (EFI_USER_INFO) + sizeof (EFI_USER_INFO_USAGE_DATE);
- Status = gRT->GetTime (&Date, NULL);
- if (EFI_ERROR (Status)) {
- FreePool (Info);
- return Status;
- }
-
- CopyMem ((UINT8 *) (Info + 1), &Date, sizeof (EFI_USER_INFO_USAGE_DATE));
- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
- if (EFI_ERROR (Status)) {
- FreePool (Info);
- return Status;
- }
- }
-
- //
- // Update usage count record.
- //
- UsageCount = 0;
- NewInfo = NULL;
- Status = FindUserInfoByType (User, &NewInfo, EFI_USER_INFO_USAGE_COUNT_RECORD);
- //
- // Get usage count.
- //
- if (Status == EFI_SUCCESS) {
- CopyMem (&UsageCount, (UINT8 *) (NewInfo + 1), sizeof (EFI_USER_INFO_USAGE_COUNT));
- }
-
- UsageCount++;
- if ((Status == EFI_SUCCESS) || (Status == EFI_NOT_FOUND)) {
- Info->InfoType = EFI_USER_INFO_USAGE_COUNT_RECORD;
- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV | EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
- Info->InfoSize = sizeof (EFI_USER_INFO) + sizeof (EFI_USER_INFO_USAGE_COUNT);
- CopyMem ((UINT8 *) (Info + 1), &UsageCount, sizeof (EFI_USER_INFO_USAGE_COUNT));
- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
- if (EFI_ERROR (Status)) {
- FreePool (Info);
- return Status;
- }
- }
-
- FreePool (Info);
- return EFI_SUCCESS;
-}
-
-
-/**
- Add a credenetial provider item in form.
-
- @param[in] ProviderGuid Points to the identifir of credential provider.
- @param[in] OpCodeHandle Points to container for dynamic created opcodes.
-
-**/
-VOID
-AddProviderSelection (
- IN EFI_GUID *ProviderGuid,
- IN VOID *OpCodeHandle
- )
-{
- EFI_HII_HANDLE HiiHandle;
- EFI_STRING_ID ProvID;
- CHAR16 *ProvStr;
- UINTN Index;
- EFI_USER_CREDENTIAL2_PROTOCOL *UserCredential;
-
- for (Index = 0; Index < mProviderDb->Count; Index++) {
- UserCredential = mProviderDb->Provider[Index];
- if (CompareGuid (&UserCredential->Identifier, ProviderGuid)) {
- //
- // Add credential provider selection.
- //
- UserCredential->Title (UserCredential, &HiiHandle, &ProvID);
- ProvStr = HiiGetString (HiiHandle, ProvID, NULL);
- if (ProvStr == NULL) {
- continue ;
- }
- ProvID = HiiSetString (mCallbackInfo->HiiHandle, 0, ProvStr, NULL);
- FreePool (ProvStr);
- HiiCreateActionOpCode (
- OpCodeHandle, // Container for dynamic created opcodes
- (EFI_QUESTION_ID)(LABEL_PROVIDER_NAME + Index), // Question ID
- ProvID, // Prompt text
- STRING_TOKEN (STR_NULL_STRING), // Help text
- EFI_IFR_FLAG_CALLBACK, // Question flag
- 0 // Action String ID
- );
- break;
- }
- }
-}
-
-
-/**
- Add a username item in form.
-
- @param[in] Index The index of the user in the user name list.
- @param[in] User Points to the user profile whose username is added.
- @param[in] OpCodeHandle Points to container for dynamic created opcodes.
-
- @retval EFI_SUCCESS Add a username successfully.
- @retval Others Fail to add a username.
-
-**/
-EFI_STATUS
-AddUserSelection (
- IN UINT16 Index,
- IN USER_PROFILE_ENTRY *User,
- IN VOID *OpCodeHandle
- )
-{
- EFI_STRING_ID UserName;
- EFI_STATUS Status;
- EFI_USER_INFO *UserInfo;
-
- UserInfo = NULL;
- Status = FindUserInfoByType (User, &UserInfo, EFI_USER_INFO_NAME_RECORD);
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- //
- // Add user name selection.
- //
- UserName = HiiSetString (mCallbackInfo->HiiHandle, 0, (EFI_STRING) (UserInfo + 1), NULL);
- if (UserName == 0) {
- return EFI_OUT_OF_RESOURCES;
- }
-
- HiiCreateGotoOpCode (
- OpCodeHandle, // Container for dynamic created opcodes
- FORMID_PROVIDER_FORM, // Target Form ID
- UserName, // Prompt text
- STRING_TOKEN (STR_NULL_STRING), // Help text
- EFI_IFR_FLAG_CALLBACK, // Question flag
- (UINT16) Index // Question ID
- );
-
- return EFI_SUCCESS;
-}
-
-
-/**
- Identify the user whose identity policy does not contain the operator 'OR'.
-
- @param[in] User Points to the user profile.
-
- @retval EFI_SUCCESS The specified user is identified successfully.
- @retval Others Fail to identify the user.
-
-**/
-EFI_STATUS
-IdentifyAndTypeUser (
- IN USER_PROFILE_ENTRY *User
- )
-{
- EFI_STATUS Status;
- EFI_USER_INFO *IdentifyInfo;
- BOOLEAN Success;
- UINTN TotalLen;
- UINTN ValueLen;
- EFI_USER_INFO_IDENTITY_POLICY *Identity;
-
- //
- // Get user identify policy information.
- //
- IdentifyInfo = NULL;
- Status = FindUserInfoByType (User, &IdentifyInfo, EFI_USER_INFO_IDENTITY_POLICY_RECORD);
- if (EFI_ERROR (Status)) {
- return Status;
- }
- ASSERT (IdentifyInfo != NULL);
-
- //
- // Check each part of identification policy expression.
- //
- Success = FALSE;
- TotalLen = 0;
- while (TotalLen < IdentifyInfo->InfoSize - sizeof (EFI_USER_INFO)) {
- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) ((UINT8 *) (IdentifyInfo + 1) + TotalLen);
- ValueLen = Identity->Length - sizeof (EFI_USER_INFO_IDENTITY_POLICY);
- switch (Identity->Type) {
-
- case EFI_USER_INFO_IDENTITY_FALSE:
- //
- // Check False option.
- //
- Success = FALSE;
- break;
-
- case EFI_USER_INFO_IDENTITY_TRUE:
- //
- // Check True option.
- //
- Success = TRUE;
- break;
-
- case EFI_USER_INFO_IDENTITY_NOT:
- //
- // Check negative operation.
- //
- break;
-
- case EFI_USER_INFO_IDENTITY_AND:
- //
- // Check and operation.
- //
- if (!Success) {
- return EFI_NOT_READY;
- }
-
- Success = FALSE;
- break;
-
- case EFI_USER_INFO_IDENTITY_OR:
- //
- // Check or operation.
- //
- if (Success) {
- return EFI_SUCCESS;
- }
- break;
-
- case EFI_USER_INFO_IDENTITY_CREDENTIAL_TYPE:
- //
- // Check credential provider by type.
- //
- break;
-
- case EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER:
- //
- // Check credential provider by ID.
- //
- if (ValueLen != sizeof (EFI_GUID)) {
- return EFI_INVALID_PARAMETER;
- }
-
- Status = IdentifyByProviderId (User, (EFI_GUID *) (Identity + 1));
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- Success = TRUE;
- break;
-
- default:
- return EFI_INVALID_PARAMETER;
- break;
- }
-
- TotalLen += Identity->Length;
- }
-
- if (TotalLen != IdentifyInfo->InfoSize - sizeof (EFI_USER_INFO)) {
- return EFI_INVALID_PARAMETER;
- }
-
- if (!Success) {
- return EFI_NOT_READY;
- }
-
- return EFI_SUCCESS;
-}
-
-
-/**
- Identify the user whose identity policy does not contain the operator 'AND'.
-
- @param[in] User Points to the user profile.
-
- @retval EFI_SUCCESS The specified user is identified successfully.
- @retval Others Fail to identify the user.
-
-**/
-EFI_STATUS
-IdentifyOrTypeUser (
- IN USER_PROFILE_ENTRY *User
- )
-{
- EFI_STATUS Status;
- EFI_USER_INFO *IdentifyInfo;
- UINTN TotalLen;
- UINTN ValueLen;
- EFI_USER_INFO_IDENTITY_POLICY *Identity;
- VOID *StartOpCodeHandle;
- VOID *EndOpCodeHandle;
- EFI_IFR_GUID_LABEL *StartLabel;
- EFI_IFR_GUID_LABEL *EndLabel;
-
- //
- // Get user identify policy information.
- //
- IdentifyInfo = NULL;
- Status = FindUserInfoByType (User, &IdentifyInfo, EFI_USER_INFO_IDENTITY_POLICY_RECORD);
- if (EFI_ERROR (Status)) {
- return Status;
- }
- ASSERT (IdentifyInfo != NULL);
-
- //
- // Initialize the container for dynamic opcodes.
- //
- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
- ASSERT (StartOpCodeHandle != NULL);
-
- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
- ASSERT (EndOpCodeHandle != NULL);
-
- //
- // Create Hii Extend Label OpCode.
- //
- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
- StartOpCodeHandle,
- &gEfiIfrTianoGuid,
- NULL,
- sizeof (EFI_IFR_GUID_LABEL)
- );
- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
- StartLabel->Number = LABEL_PROVIDER_NAME;
-
- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
- EndOpCodeHandle,
- &gEfiIfrTianoGuid,
- NULL,
- sizeof (EFI_IFR_GUID_LABEL)
- );
- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
- EndLabel->Number = LABEL_END;
-
- //
- // Add the providers that exists in the user's policy.
- //
- TotalLen = 0;
- while (TotalLen < IdentifyInfo->InfoSize - sizeof (EFI_USER_INFO)) {
- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) ((UINT8 *) (IdentifyInfo + 1) + TotalLen);
- ValueLen = Identity->Length - sizeof (EFI_USER_INFO_IDENTITY_POLICY);
- if (Identity->Type == EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER) {
- AddProviderSelection ((EFI_GUID *) (Identity + 1), StartOpCodeHandle);
- }
-
- TotalLen += Identity->Length;
- }
-
- HiiUpdateForm (
- mCallbackInfo->HiiHandle, // HII handle
- &gUserIdentifyManagerGuid,// Formset GUID
- FORMID_PROVIDER_FORM, // Form ID
- StartOpCodeHandle, // Label for where to insert opcodes
- EndOpCodeHandle // Replace data
- );
-
- HiiFreeOpCodeHandle (StartOpCodeHandle);
- HiiFreeOpCodeHandle (EndOpCodeHandle);
-
- return EFI_SUCCESS;
-}
-
-
-/**
- This function processes the results of changes in configuration.
-
- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
- @param Action Specifies the type of action taken by the browser.
- @param QuestionId A unique value which is sent to the original
- exporting driver so that it can identify the type
- of data to expect.
- @param Type The type of value for the question.
- @param Value A pointer to the data being sent to the original
- exporting driver.
- @param ActionRequest On return, points to the action requested by the
- callback function.
-
- @retval EFI_SUCCESS The callback successfully handled the action.
- @retval Others Fail to handle the action.
-
-**/
-EFI_STATUS
-EFIAPI
-UserIdentifyManagerCallback (
- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
- IN EFI_BROWSER_ACTION Action,
- IN EFI_QUESTION_ID QuestionId,
- IN UINT8 Type,
- IN EFI_IFR_TYPE_VALUE *Value,
- OUT EFI_BROWSER_ACTION_REQUEST *ActionRequest
- )
-{
- EFI_STATUS Status;
- USER_PROFILE_ENTRY *User;
- UINT8 PolicyType;
- UINT16 Index;
- VOID *StartOpCodeHandle;
- VOID *EndOpCodeHandle;
- EFI_IFR_GUID_LABEL *StartLabel;
- EFI_IFR_GUID_LABEL *EndLabel;
-
- Status = EFI_SUCCESS;
-
- switch (Action) {
- case EFI_BROWSER_ACTION_FORM_OPEN:
- {
- //
- // Update user Form when user Form is opened.
- // This will be done only in FORM_OPEN CallBack of question with FORM_OPEN_QUESTION_ID from user Form.
- //
- if (QuestionId != FORM_OPEN_QUESTION_ID) {
- return EFI_SUCCESS;
- }
-
- //
- // Initialize the container for dynamic opcodes.
- //
- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
- ASSERT (StartOpCodeHandle != NULL);
-
- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
- ASSERT (EndOpCodeHandle != NULL);
-
- //
- // Create Hii Extend Label OpCode.
- //
- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
- StartOpCodeHandle,
- &gEfiIfrTianoGuid,
- NULL,
- sizeof (EFI_IFR_GUID_LABEL)
- );
- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
- StartLabel->Number = LABEL_USER_NAME;
-
- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
- EndOpCodeHandle,
- &gEfiIfrTianoGuid,
- NULL,
- sizeof (EFI_IFR_GUID_LABEL)
- );
- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
- EndLabel->Number = LABEL_END;
-
- //
- // Add all the user profile in the user profile database.
- //
- for (Index = 0; Index < mUserProfileDb->UserProfileNum; Index++) {
- User = (USER_PROFILE_ENTRY *) mUserProfileDb->UserProfile[Index];
- AddUserSelection ((UINT16)(LABEL_USER_NAME + Index), User, StartOpCodeHandle);
- }
-
- HiiUpdateForm (
- mCallbackInfo->HiiHandle, // HII handle
- &gUserIdentifyManagerGuid,// Formset GUID
- FORMID_USER_FORM, // Form ID
- StartOpCodeHandle, // Label for where to insert opcodes
- EndOpCodeHandle // Replace data
- );
-
- HiiFreeOpCodeHandle (StartOpCodeHandle);
- HiiFreeOpCodeHandle (EndOpCodeHandle);
-
- return EFI_SUCCESS;
- }
- break;
-
- case EFI_BROWSER_ACTION_FORM_CLOSE:
- Status = EFI_SUCCESS;
- break;
-
- case EFI_BROWSER_ACTION_CHANGED:
- if (QuestionId >= LABEL_PROVIDER_NAME) {
- //
- // QuestionId comes from the second Form (Select a Credential Provider if identity
- // policy is OR type). Identify the user by the selected provider.
- //
- Status = IdentifyByProviderId (mCurrentUser, &mProviderDb->Provider[QuestionId & 0xFFF]->Identifier);
- if (Status == EFI_SUCCESS) {
- mIdentified = TRUE;
- *ActionRequest = EFI_BROWSER_ACTION_REQUEST_EXIT;
- }
- return EFI_SUCCESS;
- }
- break;
-
- case EFI_BROWSER_ACTION_CHANGING:
- //
- // QuestionId comes from the first Form (Select a user to identify).
- //
- if (QuestionId >= LABEL_PROVIDER_NAME) {
- return EFI_SUCCESS;
- }
-
- User = (USER_PROFILE_ENTRY *) mUserProfileDb->UserProfile[QuestionId & 0xFFF];
- Status = GetIdentifyType (User, &PolicyType);
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- if (PolicyType == EFI_USER_INFO_IDENTITY_OR) {
- //
- // Identify the user by "OR" logical.
- //
- Status = IdentifyOrTypeUser (User);
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- mCurrentUser = (EFI_USER_PROFILE_HANDLE) User;
- } else {
- //
- // Identify the user by "AND" logical.
- //
- Status = IdentifyAndTypeUser (User);
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- mCurrentUser = (EFI_USER_PROFILE_HANDLE) User;
- mIdentified = TRUE;
- if (Type == EFI_IFR_TYPE_REF) {
- Value->ref.FormId = FORMID_INVALID_FORM;
- }
- }
- break;
-
- default:
- //
- // All other action return unsupported.
- //
- Status = EFI_UNSUPPORTED;
- break;
- }
-
-
- return Status;
-}
-
-
-/**
- This function construct user profile database from user data saved in the Flash.
- If no user is found in Flash, add one default user "administrator" in the user
- profile database.
-
- @retval EFI_SUCCESS Init user profile database successfully.
- @retval Others Fail to init user profile database.
-
-**/
-EFI_STATUS
-InitUserProfileDb (
- VOID
- )
-{
- EFI_STATUS Status;
- UINT8 *VarData;
- UINTN VarSize;
- UINTN CurVarSize;
- CHAR16 VarName[10];
- UINTN Index;
- UINT32 VarAttr;
-
- if (mUserProfileDb != NULL) {
- //
- // The user profiles had been already initialized.
- //
- return EFI_SUCCESS;
- }
-
- //
- // Init user profile database structure.
- //
- if (!ExpandUsermUserProfileDb ()) {
- return EFI_OUT_OF_RESOURCES;
- }
-
- CurVarSize = DEFAULT_PROFILE_SIZE;
- VarData = AllocateZeroPool (CurVarSize);
- if (VarData == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
-
- //
- // Get all user proifle entries.
- //
- Index = 0;
- while (TRUE) {
- //
- // Get variable name.
- //
- UnicodeSPrint (
- VarName,
- sizeof (VarName),
- L"User%04x",
- Index
- );
- Index++;
-
- //
- // Get variable value.
- //
- VarSize = CurVarSize;
- Status = gRT->GetVariable (VarName, &gUserIdentifyManagerGuid, &VarAttr, &VarSize, VarData);
- if (Status == EFI_BUFFER_TOO_SMALL) {
- FreePool (VarData);
- VarData = AllocatePool (VarSize);
- if (VarData == NULL) {
- Status = EFI_OUT_OF_RESOURCES;
- break;
- }
-
- CurVarSize = VarSize;
- Status = gRT->GetVariable (VarName, &gUserIdentifyManagerGuid, &VarAttr, &VarSize, VarData);
- }
-
- if (EFI_ERROR (Status)) {
- if (Status == EFI_NOT_FOUND) {
- Status = EFI_SUCCESS;
- }
- break;
- }
-
- //
- // Check variable attributes.
- //
- if (VarAttr != (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS)) {
- Status = gRT->SetVariable (VarName, &gUserIdentifyManagerGuid, VarAttr, 0, NULL);
- continue;
- }
-
- //
- // Add user profile to the user profile database.
- //
- Status = AddUserProfile (NULL, VarSize, VarData, FALSE);
- if (EFI_ERROR (Status)) {
- if (Status == EFI_SECURITY_VIOLATION) {
- //
- // Delete invalid user profile
- //
- gRT->SetVariable (VarName, &gUserIdentifyManagerGuid, VarAttr, 0, NULL);
- } else if (Status == EFI_OUT_OF_RESOURCES) {
- break;
- }
- } else {
- //
- // Delete and save the profile again if some invalid profiles are deleted.
- //
- if (mUserProfileDb->UserProfileNum < Index) {
- gRT->SetVariable (VarName, &gUserIdentifyManagerGuid, VarAttr, 0, NULL);
- SaveNvUserProfile (mUserProfileDb->UserProfile[mUserProfileDb->UserProfileNum - 1], FALSE);
- }
- }
- }
-
- if (VarData != NULL) {
- FreePool (VarData);
- }
-
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- //
- // Check whether the user profile database is empty.
- //
- if (mUserProfileDb->UserProfileNum == 0) {
- Status = AddDefaultUserProfile ();
- }
-
- return Status;
-}
-
-
-/**
- This function collects all the credential providers and saves to mProviderDb.
-
- @retval EFI_SUCCESS Collect credential providers successfully.
- @retval Others Fail to collect credential providers.
-
-**/
-EFI_STATUS
-InitProviderInfo (
- VOID
- )
-{
- EFI_STATUS Status;
- UINTN HandleCount;
- EFI_HANDLE *HandleBuf;
- UINTN Index;
-
- if (mProviderDb != NULL) {
- //
- // The credential providers had been collected before.
- //
- return EFI_SUCCESS;
- }
-
- //
- // Try to find all the user credential provider driver.
- //
- HandleCount = 0;
- HandleBuf = NULL;
- Status = gBS->LocateHandleBuffer (
- ByProtocol,
- &gEfiUserCredential2ProtocolGuid,
- NULL,
- &HandleCount,
- &HandleBuf
- );
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- //
- // Get provider infomation.
- //
- mProviderDb = AllocateZeroPool (
- sizeof (CREDENTIAL_PROVIDER_INFO) -
- sizeof (EFI_USER_CREDENTIAL2_PROTOCOL *) +
- HandleCount * sizeof (EFI_USER_CREDENTIAL2_PROTOCOL *)
- );
- if (mProviderDb == NULL) {
- FreePool (HandleBuf);
- return EFI_OUT_OF_RESOURCES;
- }
-
- mProviderDb->Count = HandleCount;
- for (Index = 0; Index < HandleCount; Index++) {
- Status = gBS->HandleProtocol (
- HandleBuf[Index],
- &gEfiUserCredential2ProtocolGuid,
- (VOID **) &mProviderDb->Provider[Index]
- );
- if (EFI_ERROR (Status)) {
- FreePool (HandleBuf);
- FreePool (mProviderDb);
- mProviderDb = NULL;
- return Status;
- }
- }
-
- FreePool (HandleBuf);
- return EFI_SUCCESS;
-}
-
-
-/**
- This function allows a caller to extract the current configuration for one
- or more named elements from the target driver.
-
-
- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
- @param Request A null-terminated Unicode string in <ConfigRequest> format.
- @param Progress On return, points to a character in the Request string.
- Points to the string's null terminator if request was successful.
- Points to the most recent '&' before the first failing name/value
- pair (or the beginning of the string if the failure is in the
- first name/value pair) if the request was not successful.
- @param Results A null-terminated Unicode string in <ConfigAltResp> format which
- has all values filled in for the names in the Request string.
- String to be allocated by the called function.
-
- @retval EFI_SUCCESS The Results is filled with the requested values.
- @retval EFI_OUT_OF_RESOURCES Not enough memory to store the results.
- @retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown name.
- @retval EFI_NOT_FOUND Routing data doesn't match any storage in this driver.
-
-**/
-EFI_STATUS
-EFIAPI
-FakeExtractConfig (
- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
- IN CONST EFI_STRING Request,
- OUT EFI_STRING *Progress,
- OUT EFI_STRING *Results
- )
-{
- if (Progress == NULL || Results == NULL) {
- return EFI_INVALID_PARAMETER;
- }
- *Progress = Request;
- return EFI_NOT_FOUND;
-}
-
-/**
- This function processes the results of changes in configuration.
-
-
- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
- @param Configuration A null-terminated Unicode string in <ConfigResp> format.
- @param Progress A pointer to a string filled in with the offset of the most
- recent '&' before the first failing name/value pair (or the
- beginning of the string if the failure is in the first
- name/value pair) or the terminating NULL if all was successful.
-
- @retval EFI_SUCCESS The Results is processed successfully.
- @retval EFI_INVALID_PARAMETER Configuration is NULL.
- @retval EFI_NOT_FOUND Routing data doesn't match any storage in this driver.
-
-**/
-EFI_STATUS
-EFIAPI
-FakeRouteConfig (
- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
- IN CONST EFI_STRING Configuration,
- OUT EFI_STRING *Progress
- )
-{
- if (Configuration == NULL || Progress == NULL) {
- return EFI_INVALID_PARAMETER;
- }
-
- *Progress = Configuration;
-
- return EFI_NOT_FOUND;
-}
-
-
-/**
- This function initialize the data mainly used in form browser.
-
- @retval EFI_SUCCESS Initialize form data successfully.
- @retval Others Fail to Initialize form data.
-
-**/
-EFI_STATUS
-InitFormBrowser (
- VOID
- )
-{
- EFI_STATUS Status;
- USER_MANAGER_CALLBACK_INFO *CallbackInfo;
- EFI_HII_DATABASE_PROTOCOL *HiiDatabase;
- EFI_HII_STRING_PROTOCOL *HiiString;
- EFI_FORM_BROWSER2_PROTOCOL *FormBrowser2;
-
- //
- // Initialize driver private data.
- //
- CallbackInfo = AllocateZeroPool (sizeof (USER_MANAGER_CALLBACK_INFO));
- if (CallbackInfo == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
-
- CallbackInfo->Signature = USER_MANAGER_SIGNATURE;
- CallbackInfo->ConfigAccess.ExtractConfig = FakeExtractConfig;
- CallbackInfo->ConfigAccess.RouteConfig = FakeRouteConfig;
- CallbackInfo->ConfigAccess.Callback = UserIdentifyManagerCallback;
-
- //
- // Locate Hii Database protocol.
- //
- Status = gBS->LocateProtocol (&gEfiHiiDatabaseProtocolGuid, NULL, (VOID **) &HiiDatabase);
- if (EFI_ERROR (Status)) {
- return Status;
- }
- CallbackInfo->HiiDatabase = HiiDatabase;
-
- //
- // Locate HiiString protocol.
- //
- Status = gBS->LocateProtocol (&gEfiHiiStringProtocolGuid, NULL, (VOID **) &HiiString);
- if (EFI_ERROR (Status)) {
- return Status;
- }
- CallbackInfo->HiiString = HiiString;
-
- //
- // Locate Formbrowser2 protocol.
- //
- Status = gBS->LocateProtocol (&gEfiFormBrowser2ProtocolGuid, NULL, (VOID **) &FormBrowser2);
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- CallbackInfo->FormBrowser2 = FormBrowser2;
- CallbackInfo->DriverHandle = NULL;
-
- //
- // Install Device Path Protocol and Config Access protocol to driver handle.
- //
- Status = gBS->InstallMultipleProtocolInterfaces (
- &CallbackInfo->DriverHandle,
- &gEfiDevicePathProtocolGuid,
- &mHiiVendorDevicePath,
- &gEfiHiiConfigAccessProtocolGuid,
- &CallbackInfo->ConfigAccess,
- NULL
- );
- ASSERT_EFI_ERROR (Status);
-
- //
- // Publish HII data.
- //
- CallbackInfo->HiiHandle = HiiAddPackages (
- &gUserIdentifyManagerGuid,
- CallbackInfo->DriverHandle,
- UserIdentifyManagerStrings,
- UserIdentifyManagerVfrBin,
- NULL
- );
- if (CallbackInfo->HiiHandle == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
-
- mCallbackInfo = CallbackInfo;
-
- return EFI_SUCCESS;
-}
-
-
-/**
- Identify the user whose identification policy supports auto logon.
-
- @param[in] ProviderIndex The provider index in the provider list.
- @param[out] User Points to user user profile if a user is identified successfully.
-
- @retval EFI_SUCCESS Identify a user with the specified provider successfully.
- @retval Others Fail to identify a user.
-
-**/
-EFI_STATUS
-IdentifyAutoLogonUser (
- IN UINTN ProviderIndex,
- OUT USER_PROFILE_ENTRY **User
- )
-{
- EFI_STATUS Status;
- EFI_USER_INFO *Info;
- UINT8 PolicyType;
-
- Info = AllocateZeroPool (sizeof (EFI_USER_INFO) + sizeof (EFI_USER_INFO_IDENTIFIER));
- if (Info == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
-
- Info->InfoType = EFI_USER_INFO_IDENTIFIER_RECORD;
- Info->InfoSize = sizeof (EFI_USER_INFO) + sizeof (EFI_USER_INFO_IDENTIFIER);
-
- //
- // Identify the specified credential provider's auto logon user.
- //
- Status = mProviderDb->Provider[ProviderIndex]->User (
- mProviderDb->Provider[ProviderIndex],
- NULL,
- (EFI_USER_INFO_IDENTIFIER *) (Info + 1)
- );
- if (EFI_ERROR (Status)) {
- FreePool (Info);
- return Status;
- }
-
- //
- // Find user with the specified user ID.
- //
- *User = NULL;
- Status = FindUserProfileByInfo (User, NULL, Info, Info->InfoSize);
- FreePool (Info);
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- Status = GetIdentifyType ((EFI_USER_PROFILE_HANDLE) * User, &PolicyType);
- if (PolicyType == EFI_USER_INFO_IDENTITY_AND) {
- //
- // The identified user need also identified by other credential provider.
- // This can handle through select user.
- //
- return EFI_NOT_READY;
- }
-
- return Status;
-}
-
-
-/**
- Check whether the given console is ready.
-
- @param[in] ProtocolGuid Points to the protocol guid of sonsole .
-
- @retval TRUE The given console is ready.
- @retval FALSE The given console is not ready.
-
-**/
-BOOLEAN
-CheckConsole (
- EFI_GUID *ProtocolGuid
- )
-{
- EFI_STATUS Status;
- UINTN HandleCount;
- EFI_HANDLE *HandleBuf;
- UINTN Index;
- EFI_DEVICE_PATH_PROTOCOL *DevicePath;
-
- //
- // Try to find all the handle driver.
- //
- HandleCount = 0;
- HandleBuf = NULL;
- Status = gBS->LocateHandleBuffer (
- ByProtocol,
- ProtocolGuid,
- NULL,
- &HandleCount,
- &HandleBuf
- );
- if (EFI_ERROR (Status)) {
- return FALSE;
- }
-
- for (Index = 0; Index < HandleCount; Index++) {
- DevicePath = DevicePathFromHandle (HandleBuf[Index]);
- if (DevicePath != NULL) {
- FreePool (HandleBuf);
- return TRUE;
- }
- }
- FreePool (HandleBuf);
- return FALSE;
-}
-
-
-/**
- Check whether the console is ready.
-
- @retval TRUE The console is ready.
- @retval FALSE The console is not ready.
-
-**/
-BOOLEAN
-IsConsoleReady (
- VOID
- )
-{
- if (!CheckConsole (&gEfiSimpleTextOutProtocolGuid)) {
- return FALSE;
- }
-
- if (!CheckConsole (&gEfiSimpleTextInProtocolGuid)) {
- if (!CheckConsole (&gEfiSimpleTextInputExProtocolGuid)) {
- return FALSE;
- }
- }
-
- return TRUE;
-}
-
-
-/**
- Identify a user to logon.
-
- @param[out] User Points to user user profile if a user is identified successfully.
-
- @retval EFI_SUCCESS Identify a user successfully.
-
-**/
-EFI_STATUS
-IdentifyUser (
- OUT USER_PROFILE_ENTRY **User
- )
-{
- EFI_STATUS Status;
- UINTN Index;
- EFI_CREDENTIAL_LOGON_FLAGS AutoLogon;
- EFI_USER_INFO *IdentifyInfo;
- EFI_USER_INFO_IDENTITY_POLICY *Identity;
- EFI_USER_CREDENTIAL2_PROTOCOL *UserCredential;
- USER_PROFILE_ENTRY *UserEntry;
-
- //
- // Initialize credential providers.
- //
- InitProviderInfo ();
-
- //
- // Initialize user profile database.
- //
- InitUserProfileDb ();
-
- //
- // If only one user in system, and its identify policy is TRUE, then auto logon.
- //
- if (mUserProfileDb->UserProfileNum == 1) {
- UserEntry = (USER_PROFILE_ENTRY *) mUserProfileDb->UserProfile[0];
- IdentifyInfo = NULL;
- Status = FindUserInfoByType (UserEntry, &IdentifyInfo, EFI_USER_INFO_IDENTITY_POLICY_RECORD);
- if (EFI_ERROR (Status)) {
- return Status;
- }
- ASSERT (IdentifyInfo != NULL);
-
- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) ((UINT8 *) (IdentifyInfo + 1));
- if (Identity->Type == EFI_USER_INFO_IDENTITY_TRUE) {
- mCurrentUser = (EFI_USER_PROFILE_HANDLE) UserEntry;
- UpdateUserInfo (UserEntry);
- *User = UserEntry;
- return EFI_SUCCESS;
- }
- }
-
- //
- // Find and login the default & AutoLogon user.
- //
- for (Index = 0; Index < mProviderDb->Count; Index++) {
- UserCredential = mProviderDb->Provider[Index];
- Status = UserCredential->Default (UserCredential, &AutoLogon);
- if (EFI_ERROR (Status)) {
- continue;
- }
-
- if ((AutoLogon & (EFI_CREDENTIAL_LOGON_FLAG_DEFAULT | EFI_CREDENTIAL_LOGON_FLAG_AUTO)) != 0) {
- Status = IdentifyAutoLogonUser (Index, &UserEntry);
- if (Status == EFI_SUCCESS) {
- mCurrentUser = (EFI_USER_PROFILE_HANDLE) UserEntry;
- UpdateUserInfo (UserEntry);
- *User = UserEntry;
- return EFI_SUCCESS;
- }
- }
- }
-
- if (!IsConsoleReady ()) {
- //
- // The console is still not ready for user selection.
- //
- return EFI_ACCESS_DENIED;
- }
-
- //
- // Select a user and identify it.
- //
- mCallbackInfo->FormBrowser2->SendForm (
- mCallbackInfo->FormBrowser2,
- &mCallbackInfo->HiiHandle,
- 1,
- &gUserIdentifyManagerGuid,
- 0,
- NULL,
- NULL
- );
-
- if (mIdentified) {
- *User = (USER_PROFILE_ENTRY *) mCurrentUser;
- UpdateUserInfo (*User);
- return EFI_SUCCESS;
- }
-
- return EFI_ACCESS_DENIED;
-}
-
-
-/**
- An empty function to pass error checking of CreateEventEx ().
-
- @param Event Event whose notification function is being invoked.
- @param Context Pointer to the notification function's context,
- which is implementation-dependent.
-
-**/
-VOID
-EFIAPI
-InternalEmptyFuntion (
- IN EFI_EVENT Event,
- IN VOID *Context
- )
-{
-}
-
-
-/**
- Create, Signal, and Close the User Profile Changed event.
-
-**/
-VOID
-SignalEventUserProfileChanged (
- VOID
- )
-{
- EFI_STATUS Status;
- EFI_EVENT Event;
-
- Status = gBS->CreateEventEx (
- EVT_NOTIFY_SIGNAL,
- TPL_CALLBACK,
- InternalEmptyFuntion,
- NULL,
- &gEfiEventUserProfileChangedGuid,
- &Event
- );
- ASSERT_EFI_ERROR (Status);
- gBS->SignalEvent (Event);
- gBS->CloseEvent (Event);
-}
-
-
-/**
- Create a new user profile.
-
- This function creates a new user profile with only a new user identifier attached and returns
- its handle. The user profile is non-volatile, but the handle User can change across reboots.
-
- @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL.
- @param[out] User On return, points to the new user profile handle.
- The user profile handle is unique only during this boot.
-
- @retval EFI_SUCCESS User profile was successfully created.
- @retval EFI_ACCESS_DENIED Current user does not have sufficient permissions to create a
- user profile.
- @retval EFI_UNSUPPORTED Creation of new user profiles is not supported.
- @retval EFI_INVALID_PARAMETER The User parameter is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-UserProfileCreate (
- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
- OUT EFI_USER_PROFILE_HANDLE *User
- )
-{
- EFI_STATUS Status;
-
- if ((This == NULL) || (User == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- //
- // Check the right of the current user.
- //
- if (!CheckCurrentUserAccessRight (EFI_USER_INFO_ACCESS_MANAGE)) {
- if (!CheckCurrentUserAccessRight (EFI_USER_INFO_ACCESS_ENROLL_OTHERS)) {
- return EFI_ACCESS_DENIED;
- }
- }
-
- //
- // Create new user profile
- //
- Status = CreateUserProfile ((USER_PROFILE_ENTRY **) User);
- if (EFI_ERROR (Status)) {
- return EFI_ACCESS_DENIED;
- }
- return EFI_SUCCESS;
-}
-
-
-/**
- Delete an existing user profile.
-
- @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL.
- @param[in] User User profile handle.
-
- @retval EFI_SUCCESS User profile was successfully deleted.
- @retval EFI_ACCESS_DENIED Current user does not have sufficient permissions to delete a user
- profile or there is only one user profile.
- @retval EFI_UNSUPPORTED Deletion of new user profiles is not supported.
- @retval EFI_INVALID_PARAMETER User does not refer to a valid user profile.
-
-**/
-EFI_STATUS
-EFIAPI
-UserProfileDelete (
- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
- IN EFI_USER_PROFILE_HANDLE User
- )
-{
- EFI_STATUS Status;
-
- if (This == NULL) {
- return EFI_INVALID_PARAMETER;
- }
-
- //
- // Check the right of the current user.
- //
- if (!CheckCurrentUserAccessRight (EFI_USER_INFO_ACCESS_MANAGE)) {
- return EFI_ACCESS_DENIED;
- }
-
- //
- // Delete user profile.
- //
- Status = DelUserProfile (User);
- if (EFI_ERROR (Status)) {
- if (Status != EFI_INVALID_PARAMETER) {
- return EFI_ACCESS_DENIED;
- }
- return EFI_INVALID_PARAMETER;
- }
-
- return EFI_SUCCESS;
-}
-
-
-/**
- Enumerate all of the enrolled users on the platform.
-
- This function returns the next enrolled user profile. To retrieve the first user profile handle,
- point User at a NULL. Each subsequent call will retrieve another user profile handle until there
- are no more, at which point User will point to NULL.
-
- @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL.
- @param[in, out] User On entry, points to the previous user profile handle or NULL to
- start enumeration. On exit, points to the next user profile handle
- or NULL if there are no more user profiles.
-
- @retval EFI_SUCCESS Next enrolled user profile successfully returned.
- @retval EFI_ACCESS_DENIED Next enrolled user profile was not successfully returned.
- @retval EFI_INVALID_PARAMETER The User parameter is NULL.
-**/
-EFI_STATUS
-EFIAPI
-UserProfileGetNext (
- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
- IN OUT EFI_USER_PROFILE_HANDLE *User
- )
-{
- EFI_STATUS Status;
-
- if ((This == NULL) || (User == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- Status = FindUserProfile ((USER_PROFILE_ENTRY **) User, TRUE, NULL);
- if (EFI_ERROR (Status)) {
- return EFI_ACCESS_DENIED;
- }
- return EFI_SUCCESS;
-}
-
-
-/**
- Return the current user profile handle.
-
- @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL.
- @param[out] CurrentUser On return, points to the current user profile handle.
-
- @retval EFI_SUCCESS Current user profile handle returned successfully.
- @retval EFI_INVALID_PARAMETER The CurrentUser parameter is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-UserProfileCurrent (
- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
- OUT EFI_USER_PROFILE_HANDLE *CurrentUser
- )
-{
- //
- // Get current user profile.
- //
- if ((This == NULL) || (CurrentUser == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- *CurrentUser = mCurrentUser;
- return EFI_SUCCESS;
-}
-
-
-/**
- Identify a user.
-
- Identify the user and, if authenticated, returns the user handle and changes the current
- user profile. All user information marked as private in a previously selected profile
- is no longer available for inspection.
- Whenever the current user profile is changed then the an event with the GUID
- EFI_EVENT_GROUP_USER_PROFILE_CHANGED is signaled.
-
- @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL.
- @param[out] User On return, points to the user profile handle for the current
- user profile.
-
- @retval EFI_SUCCESS User was successfully identified.
- @retval EFI_ACCESS_DENIED User was not successfully identified.
- @retval EFI_INVALID_PARAMETER The User parameter is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-UserProfileIdentify (
- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
- OUT EFI_USER_PROFILE_HANDLE *User
- )
-{
- EFI_STATUS Status;
-
- if ((This == NULL) || (User == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- if (mCurrentUser != NULL) {
- *User = mCurrentUser;
- return EFI_SUCCESS;
- }
-
- //
- // Identify user
- //
- Status = IdentifyUser ((USER_PROFILE_ENTRY **) User);
- if (EFI_ERROR (Status)) {
- return EFI_ACCESS_DENIED;
- }
-
- //
- // Publish the user info into the EFI system configuration table.
- //
- PublishUserTable ();
-
- //
- // Signal User Profile Changed event.
- //
- SignalEventUserProfileChanged ();
- return EFI_SUCCESS;
-}
-
-/**
- Find a user using a user information record.
-
- This function searches all user profiles for the specified user information record.
- The search starts with the user information record handle following UserInfo and
- continues until either the information is found or there are no more user profiles.
- A match occurs when the Info.InfoType field matches the user information record
- type and the user information record data matches the portion of Info.
-
- @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL.
- @param[in, out] User On entry, points to the previously returned user profile
- handle, or NULL to start searching with the first user profile.
- On return, points to the user profile handle, or NULL if not
- found.
- @param[in, out] UserInfo On entry, points to the previously returned user information
- handle, or NULL to start searching with the first. On return,
- points to the user information handle of the user information
- record, or NULL if not found. Can be NULL, in which case only
- one user information record per user can be returned.
- @param[in] Info Points to the buffer containing the user information to be
- compared to the user information record. If the user information
- record data is empty, then only the user information record type
- is compared. If InfoSize is 0, then the user information record
- must be empty.
-
- @param[in] InfoSize The size of Info, in bytes.
-
- @retval EFI_SUCCESS User information was found. User points to the user profile
- handle, and UserInfo points to the user information handle.
- @retval EFI_NOT_FOUND User information was not found. User points to NULL, and
- UserInfo points to NULL.
- @retval EFI_INVALID_PARAMETER User is NULL. Or Info is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-UserProfileFind (
- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
- IN OUT EFI_USER_PROFILE_HANDLE *User,
- IN OUT EFI_USER_INFO_HANDLE *UserInfo OPTIONAL,
- IN CONST EFI_USER_INFO *Info,
- IN UINTN InfoSize
- )
-{
- EFI_STATUS Status;
- UINTN Size;
-
- if ((This == NULL) || (User == NULL) || (Info == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- if (InfoSize == 0) {
- //
- // If InfoSize is 0, then the user information record must be empty.
- //
- if (Info->InfoSize != sizeof (EFI_USER_INFO)) {
- return EFI_INVALID_PARAMETER;
- }
- } else {
- if (InfoSize != Info->InfoSize) {
- return EFI_INVALID_PARAMETER;
- }
- }
- Size = Info->InfoSize;
-
- //
- // Find user profile accdoring to user information.
- //
- Status = FindUserProfileByInfo (
- (USER_PROFILE_ENTRY **) User,
- (EFI_USER_INFO **) UserInfo,
- (EFI_USER_INFO *) Info,
- Size
- );
- if (EFI_ERROR (Status)) {
- *User = NULL;
- if (UserInfo != NULL) {
- *UserInfo = NULL;
- }
- return EFI_NOT_FOUND;
- }
-
- return EFI_SUCCESS;
-}
-
-
-/**
- Return information attached to the user.
-
- This function returns user information. The format of the information is described in User
- Information. The function may return EFI_ACCESS_DENIED if the information is marked private
- and the handle specified by User is not the current user profile. The function may return
- EFI_ACCESS_DENIED if the information is marked protected and the information is associated
- with a credential provider for which the user has not been authenticated.
-
- @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL.
- @param[in] User Handle of the user whose profile will be retrieved.
- @param[in] UserInfo Handle of the user information data record.
- @param[out] Info On entry, points to a buffer of at least *InfoSize bytes. On exit,
- holds the user information. If the buffer is too small to hold the
- information, then EFI_BUFFER_TOO_SMALL is returned and InfoSize is
- updated to contain the number of bytes actually required.
- @param[in, out] InfoSize On entry, points to the size of Info. On return, points to the size
- of the user information.
-
- @retval EFI_SUCCESS Information returned successfully.
- @retval EFI_ACCESS_DENIED The information about the specified user cannot be accessed by the
- current user.
- @retval EFI_BUFFER_TOO_SMALL The number of bytes specified by *InfoSize is too small to hold the
- returned data. The actual size required is returned in *InfoSize.
- @retval EFI_NOT_FOUND User does not refer to a valid user profile or UserInfo does not refer
- to a valid user info handle.
- @retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-UserProfileGetInfo (
- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
- IN EFI_USER_PROFILE_HANDLE User,
- IN EFI_USER_INFO_HANDLE UserInfo,
- OUT EFI_USER_INFO *Info,
- IN OUT UINTN *InfoSize
- )
-{
- EFI_STATUS Status;
-
- if ((This == NULL) || (InfoSize == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- if ((*InfoSize != 0) && (Info == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- if ((User == NULL) || (UserInfo == NULL)) {
- return EFI_NOT_FOUND;
- }
-
- Status = GetUserInfo (User, UserInfo, Info, InfoSize, TRUE);
- if (EFI_ERROR (Status)) {
- if (Status == EFI_BUFFER_TOO_SMALL) {
- return EFI_BUFFER_TOO_SMALL;
- }
- return EFI_ACCESS_DENIED;
- }
- return EFI_SUCCESS;
-}
-
-
-/**
- Add or update user information.
-
- This function changes user information. If NULL is pointed to by UserInfo, then a new user
- information record is created and its handle is returned in UserInfo. Otherwise, the existing
- one is replaced.
- If EFI_USER_INFO_IDENITTY_POLICY_RECORD is changed, it is the caller's responsibility to keep
- it to be synced with the information on credential providers.
- If EFI_USER_INFO_EXCLUSIVE is specified in Info and a user information record of the same
- type already exists in the user profile, then EFI_ACCESS_DENIED will be returned and UserInfo
- will point to the handle of the existing record.
-
- @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL.
- @param[in] User Handle of the user whose profile will be retrieved.
- @param[in, out] UserInfo Handle of the user information data record.
- @param[in] Info On entry, points to a buffer of at least *InfoSize bytes. On exit,
- holds the user information. If the buffer is too small to hold the
- information, then EFI_BUFFER_TOO_SMALL is returned and InfoSize is
- updated to contain the number of bytes actually required.
- @param[in] InfoSize On entry, points to the size of Info. On return, points to the size
- of the user information.
-
- @retval EFI_SUCCESS Information returned successfully.
- @retval EFI_ACCESS_DENIED The record is exclusive.
- @retval EFI_SECURITY_VIOLATION The current user does not have permission to change the specified
- user profile or user information record.
- @retval EFI_NOT_FOUND User does not refer to a valid user profile or UserInfo does not
- refer to a valid user info handle.
- @retval EFI_INVALID_PARAMETER UserInfo is NULL or Info is NULL.
-**/
-EFI_STATUS
-EFIAPI
-UserProfileSetInfo (
- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
- IN EFI_USER_PROFILE_HANDLE User,
- IN OUT EFI_USER_INFO_HANDLE *UserInfo,
- IN CONST EFI_USER_INFO *Info,
- IN UINTN InfoSize
- )
-{
- EFI_STATUS Status;
-
- if ((This == NULL) || (User == NULL) || (UserInfo == NULL) || (Info == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- //
- // Check the right of the current user.
- //
- if (User != mCurrentUser) {
- if (!CheckCurrentUserAccessRight (EFI_USER_INFO_ACCESS_MANAGE)) {
- if (*UserInfo != NULL) {
- //
- // Can't update info in other profiles without MANAGE right.
- //
- return EFI_SECURITY_VIOLATION;
- }
-
- if (!CheckCurrentUserAccessRight (EFI_USER_INFO_ACCESS_ENROLL_OTHERS)) {
- //
- // Can't add info into other profiles.
- //
- return EFI_SECURITY_VIOLATION;
- }
- }
- }
-
- if (User == mCurrentUser) {
- if (CheckCurrentUserAccessRight (EFI_USER_INFO_ACCESS_ENROLL_SELF)) {
- //
- // Only identify policy can be added/updated.
- //
- if (Info->InfoType != EFI_USER_INFO_IDENTITY_POLICY_RECORD) {
- return EFI_SECURITY_VIOLATION;
- }
- }
- }
-
- //
- // Modify user information.
- //
- Status = ModifyUserInfo (User, (EFI_USER_INFO **) UserInfo, Info, InfoSize);
- if (EFI_ERROR (Status)) {
- if (Status == EFI_ACCESS_DENIED) {
- return EFI_ACCESS_DENIED;
- }
- return EFI_SECURITY_VIOLATION;
- }
- return EFI_SUCCESS;
-}
-
-
-/**
- Called by credential provider to notify of information change.
-
- This function allows the credential provider to notify the User Identity Manager when user status
- has changed.
- If the User Identity Manager doesn't support asynchronous changes in credentials, then this function
- should return EFI_UNSUPPORTED.
- If current user does not exist, and the credential provider can identify a user, then make the user
- to be current user and signal the EFI_EVENT_GROUP_USER_PROFILE_CHANGED event.
- If current user already exists, and the credential provider can identify another user, then switch
- current user to the newly identified user, and signal the EFI_EVENT_GROUP_USER_PROFILE_CHANGED event.
- If current user was identified by this credential provider and now the credential provider cannot identify
- current user, then logout current user and signal the EFI_EVENT_GROUP_USER_PROFILE_CHANGED event.
-
- @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL.
- @param[in] Changed Handle on which is installed an instance of the EFI_USER_CREDENTIAL2_PROTOCOL
- where the user has changed.
-
- @retval EFI_SUCCESS The User Identity Manager has handled the notification.
- @retval EFI_NOT_READY The function was called while the specified credential provider was not selected.
- @retval EFI_UNSUPPORTED The User Identity Manager doesn't support asynchronous notifications.
-
-**/
-EFI_STATUS
-EFIAPI
-UserProfileNotify (
- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
- IN EFI_HANDLE Changed
- )
-{
- return EFI_UNSUPPORTED;
-}
-
-
-/**
- Delete user information.
-
- Delete the user information attached to the user profile specified by the UserInfo.
-
- @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL.
- @param[in] User Handle of the user whose information will be deleted.
- @param[in] UserInfo Handle of the user information to remove.
-
- @retval EFI_SUCCESS User information deleted successfully.
- @retval EFI_NOT_FOUND User information record UserInfo does not exist in the user profile.
- @retval EFI_ACCESS_DENIED The current user does not have permission to delete this user information.
-
-**/
-EFI_STATUS
-EFIAPI
-UserProfileDeleteInfo (
- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
- IN EFI_USER_PROFILE_HANDLE User,
- IN EFI_USER_INFO_HANDLE UserInfo
- )
-{
- EFI_STATUS Status;
-
- if (This == NULL) {
- return EFI_INVALID_PARAMETER;
- }
-
- //
- // Check the right of the current user.
- //
- if (User != mCurrentUser) {
- if (!CheckCurrentUserAccessRight (EFI_USER_INFO_ACCESS_MANAGE)) {
- return EFI_ACCESS_DENIED;
- }
- }
-
- //
- // Delete user information.
- //
- Status = DelUserInfo (User, UserInfo, TRUE);
- if (EFI_ERROR (Status)) {
- if (Status == EFI_NOT_FOUND) {
- return EFI_NOT_FOUND;
- }
- return EFI_ACCESS_DENIED;
- }
- return EFI_SUCCESS;
-}
-
-
-/**
- Enumerate user information of all the enrolled users on the platform.
-
- This function returns the next user information record. To retrieve the first user
- information record handle, point UserInfo at a NULL. Each subsequent call will retrieve
- another user information record handle until there are no more, at which point UserInfo
- will point to NULL.
-
- @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL.
- @param[in] User Handle of the user whose information will be deleted.
- @param[in, out] UserInfo Handle of the user information to remove.
-
- @retval EFI_SUCCESS User information returned.
- @retval EFI_NOT_FOUND No more user information found.
- @retval EFI_INVALID_PARAMETER UserInfo is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-UserProfileGetNextInfo (
- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
- IN EFI_USER_PROFILE_HANDLE User,
- IN OUT EFI_USER_INFO_HANDLE *UserInfo
- )
-{
- if ((This == NULL) || (UserInfo == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
- //
- // Get next user information entry.
- //
- return FindUserInfo (User, (EFI_USER_INFO **) UserInfo, TRUE, NULL);
-}
-
-
-/**
- Main entry for this driver.
-
- @param[in] ImageHandle Image handle this driver.
- @param[in] SystemTable Pointer to SystemTable.
-
- @retval EFI_SUCESS This function always complete successfully.
-
-**/
-EFI_STATUS
-EFIAPI
-UserIdentifyManagerInit (
- IN EFI_HANDLE ImageHandle,
- IN EFI_SYSTEM_TABLE *SystemTable
- )
-{
-
- EFI_STATUS Status;
-
- //
- // It is NOT robust enough to be included in production.
- //
- #error "This implementation is just a sample, please comment this line if you really want to use this driver."
-
- //
- // Initiate form browser.
- //
- InitFormBrowser ();
-
- //
- // Install protocol interfaces for the User Identity Manager.
- //
- Status = gBS->InstallProtocolInterface (
- &mCallbackInfo->DriverHandle,
- &gEfiUserManagerProtocolGuid,
- EFI_NATIVE_INTERFACE,
- &gUserIdentifyManager
- );
- ASSERT_EFI_ERROR (Status);
-
- LoadDeferredImageInit (ImageHandle);
- return EFI_SUCCESS;
-}
-
-
diff --git a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManager.h b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManager.h
deleted file mode 100644
index 1c449b0128..0000000000
--- a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManager.h
+++ /dev/null
@@ -1,413 +0,0 @@
-/** @file
- The header file for User identify Manager driver.
-
-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#ifndef _USER_IDENTIFY_MANAGER_H_
-#define _USER_IDENTIFY_MANAGER_H_
-
-#include <Uefi.h>
-
-#include <Guid/GlobalVariable.h>
-#include <Guid/MdeModuleHii.h>
-
-#include <Protocol/FormBrowser2.h>
-#include <Protocol/HiiDatabase.h>
-#include <Protocol/HiiConfigAccess.h>
-#include <Protocol/HiiString.h>
-#include <Protocol/HiiConfigRouting.h>
-#include <Protocol/UserCredential2.h>
-#include <Protocol/UserManager.h>
-#include <Protocol/DeferredImageLoad.h>
-#include <Protocol/SimpleTextOut.h>
-#include <Protocol/SimpleTextIn.h>
-#include <Protocol/SimpleTextInEx.h>
-
-#include <Library/UefiRuntimeServicesTableLib.h>
-#include <Library/UefiBootServicesTableLib.h>
-#include <Library/MemoryAllocationLib.h>
-#include <Library/BaseMemoryLib.h>
-#include <Library/DevicePathLib.h>
-#include <Library/DebugLib.h>
-#include <Library/UefiLib.h>
-#include <Library/PrintLib.h>
-#include <Library/HiiLib.h>
-
-#include "UserIdentifyManagerData.h"
-
-//
-// This is the generated IFR binary data for each formset defined in VFR.
-// This data array is ready to be used as input of HiiAddPackages() to
-// create a packagelist.
-//
-extern UINT8 UserIdentifyManagerVfrBin[];
-
-//
-// This is the generated String package data for all .UNI files.
-// This data array is ready to be used as input of HiiAddPackages() to
-// create a packagelist.
-//
-extern UINT8 UserIdentifyManagerStrings[];
-
-#define USER_NUMBER_INC 32
-#define DEFAULT_PROFILE_SIZE 512
-#define INFO_PAYLOAD_SIZE 64
-
-//
-// Credential Provider Information.
-//
-typedef struct {
- UINTN Count;
- EFI_USER_CREDENTIAL2_PROTOCOL *Provider[1];
-} CREDENTIAL_PROVIDER_INFO;
-
-//
-// Internal user profile entry.
-//
-typedef struct {
- UINTN MaxProfileSize;
- UINTN UserProfileSize;
- CHAR16 UserVarName[9];
- UINT8 *ProfileInfo;
-} USER_PROFILE_ENTRY;
-
-//
-// Internal user profile database.
-//
-typedef struct {
- UINTN UserProfileNum;
- UINTN MaxProfileNum;
- EFI_USER_PROFILE_HANDLE UserProfile[1];
-} USER_PROFILE_DB;
-
-#define USER_MANAGER_SIGNATURE SIGNATURE_32 ('U', 'I', 'M', 'S')
-
-typedef struct {
- UINTN Signature;
- EFI_HANDLE DriverHandle;
- EFI_HII_HANDLE HiiHandle;
-
- //
- // Consumed protocol.
- //
- EFI_HII_DATABASE_PROTOCOL *HiiDatabase;
- EFI_HII_STRING_PROTOCOL *HiiString;
- EFI_HII_CONFIG_ROUTING_PROTOCOL *HiiConfigRouting;
- EFI_FORM_BROWSER2_PROTOCOL *FormBrowser2;
-
- //
- // Produced protocol.
- //
- EFI_HII_CONFIG_ACCESS_PROTOCOL ConfigAccess;
-} USER_MANAGER_CALLBACK_INFO;
-
-///
-/// HII specific Vendor Device Path definition.
-///
-typedef struct {
- VENDOR_DEVICE_PATH VendorDevicePath;
- EFI_DEVICE_PATH_PROTOCOL End;
-} HII_VENDOR_DEVICE_PATH;
-
-/**
- Register an event notification function for the user profile changed.
-
- @param[in] ImageHandle Image handle this driver.
-
-**/
-VOID
-LoadDeferredImageInit (
- IN EFI_HANDLE ImageHandle
- );
-
-
-/**
- This function creates a new user profile with only
- a new user identifier attached and returns its handle.
- The user profile is non-volatile, but the handle User
- can change across reboots.
-
- @param[in] This Protocol EFI_USER_MANAGER_PROTOCOL instance
- pointer.
- @param[out] User Handle of a new user profile.
-
- @retval EFI_SUCCESS User profile was successfully created.
- @retval EFI_ACCESS_DENIED Current user does not have sufficient permissions
- to create a user profile.
- @retval EFI_UNSUPPORTED Creation of new user profiles is not supported.
- @retval EFI_INVALID_PARAMETER User is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-UserProfileCreate (
- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
- OUT EFI_USER_PROFILE_HANDLE *User
- );
-
-
-/**
- Delete an existing user profile.
-
- @param This Protocol EFI_USER_MANAGER_PROTOCOL instance
- pointer.
- @param User User profile handle.
-
- @retval EFI_SUCCESS User profile was successfully deleted.
- @retval EFI_ACCESS_DENIED Current user does not have sufficient permissions
- to delete a user profile or there is only one
- user profile.
- @retval EFI_UNSUPPORTED Deletion of new user profiles is not supported.
- @retval EFI_INVALID_PARAMETER User does not refer to a valid user profile.
-
-**/
-EFI_STATUS
-EFIAPI
-UserProfileDelete (
- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
- IN EFI_USER_PROFILE_HANDLE User
- );
-
-
-/**
- Get next user profile from the user profile database.
-
- @param[in] This Protocol EFI_USER_MANAGER_PROTOCOL instance
- pointer.
- @param[in, out] User User profile handle.
-
- @retval EFI_SUCCESS Next enrolled user profile successfully returned.
- @retval EFI_INVALID_PARAMETER User is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-UserProfileGetNext (
- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
- IN OUT EFI_USER_PROFILE_HANDLE *User
- );
-
-
-/**
- This function returns the current user profile handle.
-
- @param[in] This Protocol EFI_USER_MANAGER_PROTOCOL instance pointer.
- @param[out] CurrentUser User profile handle.
-
- @retval EFI_SUCCESS Current user profile handle returned successfully.
- @retval EFI_INVALID_PARAMETER CurrentUser is NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-UserProfileCurrent (
- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
- OUT EFI_USER_PROFILE_HANDLE *CurrentUser
- );
-
-
-/**
- Identify the user and, if authenticated, returns the user handle and changes
- the current user profile.
-
- @param This Protocol EFI_USER_MANAGER_PROTOCOL instance pointer.
- @param CurrentUser User profile handle.
-
- @retval EFI_SUCCESS User was successfully identified.
- @retval EFI_INVALID_PARAMETER User is NULL.
- @retval EFI_ACCESS_DENIED User was not successfully identified.
-
-**/
-EFI_STATUS
-EFIAPI
-UserProfileIdentify (
- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
- OUT EFI_USER_PROFILE_HANDLE *User
- );
-
-
-/**
- Find a user using a user information record.
-
- This function searches all user profiles for the specified user information record.
- The search starts with the user information record handle following UserInfo and
- continues until either the information is found or there are no more user profiles.
- A match occurs when the Info.InfoType field matches the user information record
- type and the user information record data matches the portion of Info passed the
- EFI_USER_INFO header.
-
- @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL.
- @param[in, out] User On entry, points to the previously returned user profile
- handle, or NULL to start searching with the first user profile.
- On return, points to the user profile handle, or NULL if not
- found.
- @param[in, out] UserInfo On entry, points to the previously returned user information
- handle, or NULL to start searching with the first. On return,
- points to the user information handle of the user information
- record, or NULL if not found. Can be NULL, in which case only
- one user information record per user can be returned.
- @param[in] Info Points to the buffer containing the user information to be
- compared to the user information record. If NULL, then only
- the user information record type is compared. If InfoSize is 0,
- then the user information record must be empty.
-
- @param[in] InfoSize The size of Info, in bytes.
-
- @retval EFI_SUCCESS User information was found. User points to the user profile handle,
- and UserInfo points to the user information handle.
- @retval EFI_NOT_FOUND User information was not found. User points to NULL and UserInfo
- points to NULL.
-
-**/
-EFI_STATUS
-EFIAPI
-UserProfileFind (
- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
- IN OUT EFI_USER_PROFILE_HANDLE *User,
- IN OUT EFI_USER_INFO_HANDLE *UserInfo OPTIONAL,
- IN CONST EFI_USER_INFO *Info,
- IN UINTN InfoSize
- );
-
-
-/**
- This function returns user information.
-
- @param This Protocol EFI_USER_MANAGER_PROTOCOL instance
- pointer.
- @param User Handle of the user whose profile will be
- retrieved.
- @param UserInfo Handle of the user information data record.
- @param Info On entry, points to a buffer of at least
- *InfoSize bytes. On exit, holds the user
- information.
- @param InfoSize On entry, points to the size of Info. On return,
- points to the size of the user information.
-
- @retval EFI_SUCCESS Information returned successfully.
- @retval EFI_ACCESS_DENIED The information about the specified user cannot
- be accessed by the current user.
- EFI_BUFFER_TOO_SMALL- The number of bytes
- specified by *InfoSize is too small to hold the
- returned data.
-
-**/
-EFI_STATUS
-EFIAPI
-UserProfileGetInfo (
- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
- IN EFI_USER_PROFILE_HANDLE User,
- IN EFI_USER_INFO_HANDLE UserInfo,
- OUT EFI_USER_INFO *Info,
- IN OUT UINTN *InfoSize
- );
-
-
-/**
- This function changes user information.
-
- @param This Protocol EFI_USER_MANAGER_PROTOCOL instance
- pointer.
- @param User Handle of the user whose profile will be
- retrieved.
- @param UserInfo Handle of the user information data record.
- @param Info Points to the user information.
- @param InfoSize The size of Info, in bytes.
-
- @retval EFI_SUCCESS User profile information was successfully
- changed/added.
- @retval EFI_ACCESS_DENIED The record is exclusive.
- @retval EFI_SECURITY_VIOLATION The current user does not have permission to
- change the specified user profile or user
- information record.
-
-**/
-EFI_STATUS
-EFIAPI
-UserProfileSetInfo (
- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
- IN EFI_USER_PROFILE_HANDLE User,
- IN OUT EFI_USER_INFO_HANDLE *UserInfo,
- IN CONST EFI_USER_INFO *Info,
- IN UINTN InfoSize
- );
-
-
-/**
- This function allows the credential provider to notify the User Identity Manager
- when user status has changed while deselected.
-
- @param This Protocol EFI_USER_MANAGER_PROTOCOL instance
- pointer.
- @param Changed Points to the instance of the
- EFI_USER_CREDENTIAL_PROTOCOL where the user has
- changed.
-
- @retval EFI_SUCCESS The User Identity Manager has handled the
- notification.
- @retval EFI_NOT_READY The function was called while the specified
- credential provider was not selected.
- @retval EFI_UNSUPPORTED The User Identity Manager doesn't support
- asynchronous notifications.
-
-**/
-EFI_STATUS
-EFIAPI
-UserProfileNotify (
- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
- IN EFI_HANDLE Changed
- );
-
-
-/**
- Delete the user information attached to the user profile specified by the UserInfo.
-
- @param This Protocol EFI_USER_MANAGER_PROTOCOL instance pointer.
- @param User Handle of the user whose profile will be retrieved.
- @param UserInfo Handle of the user information data record.
-
- @retval EFI_SUCCESS User information deleted successfully.
- @retval EFI_ACCESS_DENIED The current user does not have permission to
- delete this user in-formation.
- @retval EFI_NOT_FOUND User information record UserInfo does not exist
- in the user pro-file.
-
-**/
-EFI_STATUS
-EFIAPI
-UserProfileDeleteInfo (
- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
- IN EFI_USER_PROFILE_HANDLE User,
- IN EFI_USER_INFO_HANDLE UserInfo
- );
-
-
-/**
- This function returns the next user information record.
-
- @param This Protocol EFI_USER_MANAGER_PROTOCOL instance pointer.
- @param User Handle of the user whose profile will be retrieved.
- @param UserInfo Handle of the user information data record.
-
- @retval EFI_SUCCESS User information returned.
- @retval EFI_NOT_FOUND No more user information found.
-
-**/
-EFI_STATUS
-EFIAPI
-UserProfileGetNextInfo (
- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
- IN EFI_USER_PROFILE_HANDLE User,
- IN OUT EFI_USER_INFO_HANDLE *UserInfo
- );
-
-#endif
diff --git a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManager.uni b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManager.uni
deleted file mode 100644
index 82c72baeeb..0000000000
--- a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManager.uni
+++ /dev/null
@@ -1,21 +0,0 @@
-// /** @file
-// Produces user manager protocol
-//
-// This module manages user information and produces user manager protocol.
-//
-// Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
-//
-// This program and the accompanying materials
-// are licensed and made available under the terms and conditions of the BSD License
-// which accompanies this distribution. The full text of the license may be found at
-// http://opensource.org/licenses/bsd-license.php
-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-//
-// **/
-
-
-#string STR_MODULE_ABSTRACT #language en-US "Produces user manager protocol"
-
-#string STR_MODULE_DESCRIPTION #language en-US "This module manages user information and produces user manager protocol."
-
diff --git a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManagerData.h b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManagerData.h
deleted file mode 100644
index 4e07ddd309..0000000000
--- a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManagerData.h
+++ /dev/null
@@ -1,35 +0,0 @@
-/** @file
- Data structure used by the user identify manager driver.
-
-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#ifndef _USER_IDENTIFY_MANAGER_DATA_H_
-#define _USER_IDENTIFY_MANAGER_DATA_H_
-
-#include <Guid/UserIdentifyManagerHii.h>
-
-//
-// Forms definition.
-//
-#define FORMID_USER_FORM 1
-#define FORMID_PROVIDER_FORM 2
-#define FORMID_INVALID_FORM 0x0FFF
-
-//
-// Labels definition.
-//
-#define LABEL_USER_NAME 0x1000
-#define LABEL_PROVIDER_NAME 0x3000
-#define LABEL_END 0xffff
-#define FORM_OPEN_QUESTION_ID 0xfffe
-
-#endif
diff --git a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManagerDxe.inf b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManagerDxe.inf
deleted file mode 100644
index 27e8ba19ad..0000000000
--- a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManagerDxe.inf
+++ /dev/null
@@ -1,79 +0,0 @@
-## @file
-# Produces user manager protocol
-#
-# This module manages user information and produces user manager protocol.
-#
-# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
-# This program and the accompanying materials
-# are licensed and made available under the terms and conditions of the BSD License
-# which accompanies this distribution. The full text of the license may be found at
-# http://opensource.org/licenses/bsd-license.php
-# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-#
-##
-
-[defines]
- INF_VERSION = 0x00010005
- BASE_NAME = UserIdentifyManager
- MODULE_UNI_FILE = UserIdentifyManager.uni
- FILE_GUID = C5D3191B-27D5-4873-8DF2-628136991A21
- MODULE_TYPE = DXE_DRIVER
- VERSION_STRING = 1.0
- ENTRY_POINT = UserIdentifyManagerInit
-
-[sources]
- UserIdentifyManager.c
- LoadDeferredImage.c
- UserIdentifyManager.h
- UserIdentifyManagerData.h
- UserIdentifyManagerStrings.uni
- UserIdentifyManagerVfr.Vfr
-
-[Packages]
- MdePkg/MdePkg.dec
- MdeModulePkg/MdeModulePkg.dec
- SecurityPkg/SecurityPkg.dec
-
-[LibraryClasses]
- UefiRuntimeServicesTableLib
- UefiBootServicesTableLib
- UefiDriverEntryPoint
- MemoryAllocationLib
- BaseMemoryLib
- DebugLib
- HiiLib
- UefiLib
-
-[Guids]
- gEfiIfrTianoGuid ## SOMETIMES_CONSUMES ## GUID
- gEfiEventUserProfileChangedGuid ## SOMETIMES_PRODUCES ## Event
-
- ## SOMETIMES_PRODUCES ## Variable:L"Userxxxx"
- ## SOMETIMES_CONSUMES ## Variable:L"Userxxxx"
- ## CONSUMES ## HII
- gUserIdentifyManagerGuid
-
-[Protocols]
- gEfiFormBrowser2ProtocolGuid ## CONSUMES
- gEfiHiiDatabaseProtocolGuid ## CONSUMES
- gEfiUserCredential2ProtocolGuid ## SOMETIMES_CONSUMES
- gEfiDeferredImageLoadProtocolGuid ## SOMETIMES_CONSUMES
- gEfiSimpleTextOutProtocolGuid ## SOMETIMES_CONSUMES
- gEfiSimpleTextInProtocolGuid ## SOMETIMES_CONSUMES
- gEfiSimpleTextInputExProtocolGuid ## SOMETIMES_CONSUMES
- gEfiHiiConfigAccessProtocolGuid ## PRODUCES
- gEfiDevicePathProtocolGuid ## PRODUCES
-
- ## PRODUCES
- ## SOMETIMES_PRODUCES ## SystemTable
- gEfiUserManagerProtocolGuid
-
-[Depex]
- gEfiHiiDatabaseProtocolGuid AND
- gEfiHiiStringProtocolGuid AND
- gEfiFormBrowser2ProtocolGuid
-
-[UserExtensions.TianoCore."ExtraFiles"]
- UserIdentifyManagerExtra.uni
-
diff --git a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManagerExtra.uni b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManagerExtra.uni
deleted file mode 100644
index 8b7cba7b32..0000000000
--- a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManagerExtra.uni
+++ /dev/null
@@ -1,19 +0,0 @@
-// /** @file
-// UserIdentifyManager Localized Strings and Content
-//
-// Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
-//
-// This program and the accompanying materials
-// are licensed and made available under the terms and conditions of the BSD License
-// which accompanies this distribution. The full text of the license may be found at
-// http://opensource.org/licenses/bsd-license.php
-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-//
-// **/
-
-#string STR_PROPERTIES_MODULE_NAME
-#language en-US
-"User Identify Manager"
-
-
diff --git a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManagerStrings.uni b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManagerStrings.uni
deleted file mode 100644
index fcbf5005cd..0000000000
--- a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManagerStrings.uni
+++ /dev/null
@@ -1,27 +0,0 @@
-/** @file
- String definitions for the User Identify Manager driver.
-
-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php.
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#langdef en-US "English"
-#langdef fr-FR "Francais"
-
-#string STR_TITLE #language en-US "User Identity Manager"
- #language fr-FR "User Identity Manager(French)"
-#string STR_USER_SELECT #language en-US "User Selection"
- #language fr-FR "User Selection(French)"
-#string STR_PROVIDER_SELECT #language en-US "Provider Selection"
- #language fr-FR "User Selection(French)"
-#string STR_NULL_STRING #language en-US ""
- #language fr-FR ""
-
-
diff --git a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManagerVfr.Vfr b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManagerVfr.Vfr
deleted file mode 100644
index 306679776d..0000000000
--- a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManagerVfr.Vfr
+++ /dev/null
@@ -1,43 +0,0 @@
-/** @file
- User identify manager formset.
-
-Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#include "UserIdentifyManagerData.h"
-
-formset
- guid = USER_IDENTIFY_MANAGER_GUID,
- title = STRING_TOKEN(STR_TITLE),
- help = STRING_TOKEN(STR_NULL_STRING),
- classguid = USER_IDENTIFY_MANAGER_GUID,
-
- form formid = FORMID_USER_FORM,
- title = STRING_TOKEN(STR_USER_SELECT);
-
- suppressif TRUE;
- text
- help = STRING_TOKEN(STR_NULL_STRING),
- text = STRING_TOKEN(STR_NULL_STRING),
- flags = INTERACTIVE,
- key = FORM_OPEN_QUESTION_ID;
- endif;
-
- label LABEL_USER_NAME;
- label LABEL_END;
- endform;
-
- form formid = FORMID_PROVIDER_FORM,
- title = STRING_TOKEN(STR_PROVIDER_SELECT);
- label LABEL_PROVIDER_NAME;
- label LABEL_END;
- endform;
-endformset;
\ No newline at end of file
diff --git a/SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyAccessPolicy.c b/SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyAccessPolicy.c
deleted file mode 100644
index 56d3b1df98..0000000000
--- a/SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyAccessPolicy.c
+++ /dev/null
@@ -1,688 +0,0 @@
-/** @file
- The functions for access policy modification.
-
-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#include "UserProfileManager.h"
-
-/**
- Collect all the access policy data to mUserInfo.AccessPolicy,
- and save it to user profile.
-
-**/
-VOID
-SaveAccessPolicy (
- VOID
- )
-{
- EFI_STATUS Status;
- UINTN OffSet;
- UINTN Size;
- EFI_USER_INFO_ACCESS_CONTROL Control;
- EFI_USER_INFO_HANDLE UserInfo;
- EFI_USER_INFO *Info;
-
- if (mUserInfo.AccessPolicy != NULL) {
- FreePool (mUserInfo.AccessPolicy);
- }
- mUserInfo.AccessPolicy = NULL;
- mUserInfo.AccessPolicyLen = 0;
- mUserInfo.AccessPolicyModified = TRUE;
- OffSet = 0;
-
- //
- // Save access right.
- //
- Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL);
- if (mUserInfo.AccessPolicyLen - OffSet < Size) {
- ExpandMemory (OffSet, Size);
- }
-
- Control.Type = mAccessInfo.AccessRight;
- Control.Size = (UINT32) Size;
- CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
- OffSet += sizeof (Control);
-
- //
- // Save access setup.
- //
- Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) + sizeof (EFI_GUID);
- if (mUserInfo.AccessPolicyLen - OffSet < Size) {
- ExpandMemory (OffSet, Size);
- }
-
- Control.Type = EFI_USER_INFO_ACCESS_SETUP;
- Control.Size = (UINT32) Size;
- CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
- OffSet += sizeof (Control);
-
- if (mAccessInfo.AccessSetup == ACCESS_SETUP_NORMAL) {
- CopyGuid ((EFI_GUID *) (mUserInfo.AccessPolicy + OffSet), &gEfiUserInfoAccessSetupNormalGuid);
- } else if (mAccessInfo.AccessSetup == ACCESS_SETUP_RESTRICTED) {
- CopyGuid ((EFI_GUID *) (mUserInfo.AccessPolicy + OffSet), &gEfiUserInfoAccessSetupRestrictedGuid);
- } else if (mAccessInfo.AccessSetup == ACCESS_SETUP_ADMIN) {
- CopyGuid ((EFI_GUID *) (mUserInfo.AccessPolicy + OffSet), &gEfiUserInfoAccessSetupAdminGuid);
- }
- OffSet += sizeof (EFI_GUID);
-
- //
- // Save access of boot order.
- //
- Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) + sizeof (UINT32);
- if (mUserInfo.AccessPolicyLen - OffSet < Size) {
- ExpandMemory (OffSet, Size);
- }
-
- Control.Type = EFI_USER_INFO_ACCESS_BOOT_ORDER;
- Control.Size = (UINT32) Size;
- CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
- OffSet += sizeof (Control);
-
- CopyMem ((UINT8 *) (mUserInfo.AccessPolicy + OffSet), &mAccessInfo.AccessBootOrder, sizeof (UINT32));
- OffSet += sizeof (UINT32);
-
- //
- // Save permit load.
- //
- if (mAccessInfo.LoadPermitLen > 0) {
- Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) + mAccessInfo.LoadPermitLen;
- if (mUserInfo.AccessPolicyLen - OffSet < Size) {
- ExpandMemory (OffSet, Size);
- }
-
- Control.Type = EFI_USER_INFO_ACCESS_PERMIT_LOAD;
- Control.Size = (UINT32) Size;
- CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
- OffSet += sizeof (Control);
-
- CopyMem (mUserInfo.AccessPolicy + OffSet, mAccessInfo.LoadPermit, mAccessInfo.LoadPermitLen);
- OffSet += mAccessInfo.LoadPermitLen;
- }
-
- //
- // Save forbid load.
- //
- if (mAccessInfo.LoadForbidLen > 0) {
- Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) + mAccessInfo.LoadForbidLen;
- if (mUserInfo.AccessPolicyLen - OffSet < Size) {
- ExpandMemory (OffSet, Size);
- }
-
- Control.Type = EFI_USER_INFO_ACCESS_FORBID_LOAD;
- Control.Size = (UINT32) Size;
- CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
- OffSet += sizeof (Control);
-
- CopyMem (mUserInfo.AccessPolicy + OffSet, mAccessInfo.LoadForbid, mAccessInfo.LoadForbidLen);
- OffSet += mAccessInfo.LoadForbidLen;
- }
-
- //
- // Save permit connect.
- //
- if (mAccessInfo.ConnectPermitLen > 0) {
- Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) + mAccessInfo.ConnectPermitLen;
- if (mUserInfo.AccessPolicyLen - OffSet < Size) {
- ExpandMemory (OffSet, Size);
- }
-
- Control.Type = EFI_USER_INFO_ACCESS_PERMIT_CONNECT;
- Control.Size = (UINT32) Size;
- CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
- OffSet += sizeof (Control);
-
- CopyMem (mUserInfo.AccessPolicy + OffSet, mAccessInfo.ConnectPermit, mAccessInfo.ConnectPermitLen);
- OffSet += mAccessInfo.ConnectPermitLen;
- }
-
- //
- // Save forbid connect.
- //
- if (mAccessInfo.ConnectForbidLen > 0) {
- Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) + mAccessInfo.ConnectForbidLen;
- if (mUserInfo.AccessPolicyLen - OffSet < Size) {
- ExpandMemory (OffSet, Size);
- }
-
- Control.Type = EFI_USER_INFO_ACCESS_FORBID_CONNECT;
- Control.Size = (UINT32) Size;
- CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
- OffSet += sizeof (Control);
-
- CopyMem (mUserInfo.AccessPolicy + OffSet, mAccessInfo.ConnectForbid, mAccessInfo.ConnectForbidLen);
- OffSet += mAccessInfo.ConnectForbidLen;
- }
-
- mUserInfo.AccessPolicyLen = OffSet;
-
- //
- // Save access policy.
- //
- if (mUserInfo.AccessPolicyModified && (mUserInfo.AccessPolicyLen > 0) && (mUserInfo.AccessPolicy != NULL)) {
- Info = AllocateZeroPool (sizeof (EFI_USER_INFO) + mUserInfo.AccessPolicyLen);
- if (Info == NULL) {
- return ;
- }
-
- Status = FindInfoByType (mModifyUser, EFI_USER_INFO_ACCESS_POLICY_RECORD, &UserInfo);
- if (!EFI_ERROR (Status)) {
- Info->InfoType = EFI_USER_INFO_ACCESS_POLICY_RECORD;
- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
- EFI_USER_INFO_PUBLIC |
- EFI_USER_INFO_EXCLUSIVE;
- Info->InfoSize = (UINT32) (sizeof (EFI_USER_INFO) + mUserInfo.AccessPolicyLen);
- CopyMem ((UINT8 *) (Info + 1), mUserInfo.AccessPolicy, mUserInfo.AccessPolicyLen);
- Status = mUserManager->SetInfo (
- mUserManager,
- mModifyUser,
- &UserInfo,
- Info,
- Info->InfoSize
- );
- mUserInfo.AccessPolicyModified = FALSE;
- }
- FreePool (Info);
- }
-
- if (mAccessInfo.ConnectForbid != NULL) {
- FreePool (mAccessInfo.ConnectForbid);
- mAccessInfo.ConnectForbid = NULL;
- }
-
- if (mAccessInfo.ConnectPermit != NULL) {
- FreePool (mAccessInfo.ConnectPermit);
- mAccessInfo.ConnectPermit = NULL;
- }
-
- if (mAccessInfo.LoadForbid != NULL) {
- FreePool (mAccessInfo.LoadForbid);
- mAccessInfo.LoadForbid = NULL;
- }
-
- if (mAccessInfo.LoadPermit != NULL) {
- FreePool (mAccessInfo.LoadPermit);
- mAccessInfo.LoadPermit = NULL;
- }
-}
-
-/**
- Create an action OpCode with QuestionID and DevicePath on a given OpCodeHandle.
-
- @param[in] QuestionID The question ID.
- @param[in] DevicePath Points to device path.
- @param[in] OpCodeHandle Points to container for dynamic created opcodes.
-
-**/
-VOID
-AddDevicePath (
- IN UINTN QuestionID,
- IN EFI_DEVICE_PATH_PROTOCOL *DevicePath,
- IN VOID *OpCodeHandle
- )
-{
- EFI_DEVICE_PATH_PROTOCOL *Next;
- EFI_STRING_ID NameID;
- EFI_STRING DriverName;
-
- //
- // Get driver file name node.
- //
- Next = DevicePath;
- while (!IsDevicePathEnd (Next)) {
- DevicePath = Next;
- Next = NextDevicePathNode (Next);
- }
-
- //
- // Display the device path in form.
- //
- DriverName = ConvertDevicePathToText (DevicePath, FALSE, FALSE);
- NameID = HiiSetString (mCallbackInfo->HiiHandle, 0, DriverName, NULL);
- FreePool (DriverName);
- if (NameID == 0) {
- return ;
- }
-
- HiiCreateActionOpCode (
- OpCodeHandle, // Container for dynamic created opcodes
- (UINT16) QuestionID, // Question ID
- NameID, // Prompt text
- STRING_TOKEN (STR_NULL_STRING), // Help text
- EFI_IFR_FLAG_CALLBACK, // Question flag
- 0 // Action String ID
- );
-}
-
-
-/**
- Check whether the DevicePath is in the device path forbid list
- (mAccessInfo.LoadForbid).
-
- @param[in] DevicePath Points to device path.
-
- @retval TRUE The DevicePath is in the device path forbid list.
- @retval FALSE The DevicePath is not in the device path forbid list.
-
-**/
-BOOLEAN
-IsLoadForbidden (
- IN EFI_DEVICE_PATH_PROTOCOL *DevicePath
- )
-{
- UINTN OffSet;
- UINTN DPSize;
- UINTN Size;
- EFI_DEVICE_PATH_PROTOCOL *Dp;
-
- OffSet = 0;
- Size = GetDevicePathSize (DevicePath);
- //
- // Check each device path.
- //
- while (OffSet < mAccessInfo.LoadForbidLen) {
- Dp = (EFI_DEVICE_PATH_PROTOCOL *) (mAccessInfo.LoadForbid + OffSet);
- DPSize = GetDevicePathSize (Dp);
- //
- // Compare device path.
- //
- if ((DPSize == Size) && (CompareMem (DevicePath, Dp, Size) == 0)) {
- return TRUE;
- }
- OffSet += DPSize;
- }
- return FALSE;
-}
-
-
-/**
- Display the permit load device path in the loadable device path list.
-
-**/
-VOID
-DisplayLoadPermit(
- VOID
- )
-{
- EFI_STATUS Status;
- CHAR16 *Order;
- UINTN OrderSize;
- UINTN ListCount;
- UINTN Index;
- UINT8 *Var;
- UINT8 *VarPtr;
- CHAR16 VarName[12];
- VOID *StartOpCodeHandle;
- VOID *EndOpCodeHandle;
- EFI_IFR_GUID_LABEL *StartLabel;
- EFI_IFR_GUID_LABEL *EndLabel;
-
- //
- // Get DriverOrder.
- //
- OrderSize = 0;
- Status = gRT->GetVariable (
- L"DriverOrder",
- &gEfiGlobalVariableGuid,
- NULL,
- &OrderSize,
- NULL
- );
- if (Status != EFI_BUFFER_TOO_SMALL) {
- return ;
- }
-
- Order = AllocateZeroPool (OrderSize);
- if (Order == NULL) {
- return ;
- }
-
- Status = gRT->GetVariable (
- L"DriverOrder",
- &gEfiGlobalVariableGuid,
- NULL,
- &OrderSize,
- Order
- );
- if (EFI_ERROR (Status)) {
- return ;
- }
-
- //
- // Initialize the container for dynamic opcodes.
- //
- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
- ASSERT (StartOpCodeHandle != NULL);
-
- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
- ASSERT (EndOpCodeHandle != NULL);
-
- //
- // Create Hii Extend Label OpCode.
- //
- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
- StartOpCodeHandle,
- &gEfiIfrTianoGuid,
- NULL,
- sizeof (EFI_IFR_GUID_LABEL)
- );
- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
- StartLabel->Number = LABEL_PERMIT_LOAD_FUNC;
-
- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
- EndOpCodeHandle,
- &gEfiIfrTianoGuid,
- NULL,
- sizeof (EFI_IFR_GUID_LABEL)
- );
- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
- EndLabel->Number = LABEL_END;
-
- //
- // Add each driver option.
- //
- Var = NULL;
- ListCount = OrderSize / sizeof (UINT16);
- for (Index = 0; Index < ListCount; Index++) {
- //
- // Get driver device path.
- //
- UnicodeSPrint (VarName, sizeof (VarName), L"Driver%04x", Order[Index]);
- GetEfiGlobalVariable2 (VarName, (VOID**)&Var, NULL);
- if (Var == NULL) {
- continue;
- }
-
- //
- // Check whether the driver is already forbidden.
- //
-
- VarPtr = Var;
- //
- // Skip attribute.
- //
- VarPtr += sizeof (UINT32);
-
- //
- // Skip device path lenth.
- //
- VarPtr += sizeof (UINT16);
-
- //
- // Skip descript string.
- //
- VarPtr += StrSize ((UINT16 *) VarPtr);
-
- if (IsLoadForbidden ((EFI_DEVICE_PATH_PROTOCOL *) VarPtr)) {
- FreePool (Var);
- Var = NULL;
- continue;
- }
-
- AddDevicePath (
- KEY_MODIFY_USER | KEY_MODIFY_AP_DP | KEY_LOAD_PERMIT_MODIFY | Order[Index],
- (EFI_DEVICE_PATH_PROTOCOL *) VarPtr,
- StartOpCodeHandle
- );
- FreePool (Var);
- Var = NULL;
- }
-
- HiiUpdateForm (
- mCallbackInfo->HiiHandle, // HII handle
- &gUserProfileManagerGuid, // Formset GUID
- FORMID_PERMIT_LOAD_DP, // Form ID
- StartOpCodeHandle, // Label for where to insert opcodes
- EndOpCodeHandle // Replace data
- );
-
- HiiFreeOpCodeHandle (StartOpCodeHandle);
- HiiFreeOpCodeHandle (EndOpCodeHandle);
-
- //
- // Clear Environment.
- //
- if (Var != NULL) {
- FreePool (Var);
- }
- FreePool (Order);
-}
-
-
-/**
- Display the forbid load device path list (mAccessInfo.LoadForbid).
-
-**/
-VOID
-DisplayLoadForbid (
- VOID
- )
-{
- UINTN Offset;
- UINTN DPSize;
- UINTN Index;
- EFI_DEVICE_PATH_PROTOCOL *Dp;
- VOID *StartOpCodeHandle;
- VOID *EndOpCodeHandle;
- EFI_IFR_GUID_LABEL *StartLabel;
- EFI_IFR_GUID_LABEL *EndLabel;
-
- //
- // Initialize the container for dynamic opcodes.
- //
- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
- ASSERT (StartOpCodeHandle != NULL);
-
- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
- ASSERT (EndOpCodeHandle != NULL);
-
- //
- // Create Hii Extend Label OpCode.
- //
- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
- StartOpCodeHandle,
- &gEfiIfrTianoGuid,
- NULL,
- sizeof (EFI_IFR_GUID_LABEL)
- );
- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
- StartLabel->Number = LABLE_FORBID_LOAD_FUNC;
-
- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
- EndOpCodeHandle,
- &gEfiIfrTianoGuid,
- NULL,
- sizeof (EFI_IFR_GUID_LABEL)
- );
- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
- EndLabel->Number = LABEL_END;
-
- //
- // Add each forbid load drivers.
- //
- Offset = 0;
- Index = 0;
- while (Offset < mAccessInfo.LoadForbidLen) {
- Dp = (EFI_DEVICE_PATH_PROTOCOL *) (mAccessInfo.LoadForbid + Offset);
- DPSize = GetDevicePathSize (Dp);
- AddDevicePath (
- KEY_MODIFY_USER | KEY_MODIFY_AP_DP | KEY_LOAD_FORBID_MODIFY | Index,
- Dp,
- StartOpCodeHandle
- );
- Index++;
- Offset += DPSize;
- }
-
- HiiUpdateForm (
- mCallbackInfo->HiiHandle, // HII handle
- &gUserProfileManagerGuid, // Formset GUID
- FORMID_FORBID_LOAD_DP, // Form ID
- StartOpCodeHandle, // Label for where to insert opcodes
- EndOpCodeHandle // Replace data
- );
-
- HiiFreeOpCodeHandle (StartOpCodeHandle);
- HiiFreeOpCodeHandle (EndOpCodeHandle);
-}
-
-
-/**
- Display the permit connect device path.
-
-**/
-VOID
-DisplayConnectPermit (
- VOID
- )
-{
- //
- // Note:
- // As no architect protocol/interface to be called in ConnectController()
- // to verify the device path, just add a place holder for permitted connect
- // device path.
- //
-}
-
-
-/**
- Display the forbid connect device path list.
-
-**/
-VOID
-DisplayConnectForbid (
- VOID
- )
-{
- //
- // Note:
- // As no architect protocol/interface to be called in ConnectController()
- // to verify the device path, just add a place holder for forbidden connect
- // device path.
- //
-}
-
-
-/**
- Delete the specified device path by DriverIndex from the forbid device path
- list (mAccessInfo.LoadForbid).
-
- @param[in] DriverIndex The index of driver in forbidden device path list.
-
-**/
-VOID
-DeleteFromForbidLoad (
- IN UINT16 DriverIndex
- )
-{
- UINTN OffSet;
- UINTN DPSize;
- UINTN OffLen;
- EFI_DEVICE_PATH_PROTOCOL *Dp;
-
- OffSet = 0;
- //
- // Find the specified device path.
- //
- while ((OffSet < mAccessInfo.LoadForbidLen) && (DriverIndex > 0)) {
- Dp = (EFI_DEVICE_PATH_PROTOCOL *) (mAccessInfo.LoadForbid + OffSet);
- DPSize = GetDevicePathSize (Dp);
- OffSet += DPSize;
- DriverIndex--;
- }
-
- //
- // Specified device path found.
- //
- if (DriverIndex == 0) {
- Dp = (EFI_DEVICE_PATH_PROTOCOL *) (mAccessInfo.LoadForbid + OffSet);
- DPSize = GetDevicePathSize (Dp);
- OffLen = mAccessInfo.LoadForbidLen - OffSet - DPSize;
- if (OffLen > 0) {
- CopyMem (
- mAccessInfo.LoadForbid + OffSet,
- mAccessInfo.LoadForbid + OffSet + DPSize,
- OffLen
- );
- }
- mAccessInfo.LoadForbidLen -= DPSize;
- }
-}
-
-
-/**
- Add the specified device path by DriverIndex to the forbid device path
- list (mAccessInfo.LoadForbid).
-
- @param[in] DriverIndex The index of driver saved in driver options.
-
-**/
-VOID
-AddToForbidLoad (
- IN UINT16 DriverIndex
- )
-{
- UINTN DevicePathLen;
- UINT8 *Var;
- UINT8 *VarPtr;
- UINTN NewLen;
- UINT8 *NewFL;
- CHAR16 VarName[13];
-
- //
- // Get loadable driver device path.
- //
- UnicodeSPrint (VarName, sizeof (VarName), L"Driver%04x", DriverIndex);
- GetEfiGlobalVariable2 (VarName, (VOID**)&Var, NULL);
- if (Var == NULL) {
- return;
- }
-
- //
- // Save forbid load driver.
- //
-
- VarPtr = Var;
- //
- // Skip attribute.
- //
- VarPtr += sizeof (UINT32);
-
- DevicePathLen = *(UINT16 *) VarPtr;
- //
- // Skip device path length.
- //
- VarPtr += sizeof (UINT16);
-
- //
- // Skip description string.
- //
- VarPtr += StrSize ((UINT16 *) VarPtr);
-
- NewLen = mAccessInfo.LoadForbidLen + DevicePathLen;
- NewFL = AllocateZeroPool (NewLen);
- if (NewFL == NULL) {
- FreePool (Var);
- return ;
- }
-
- if (mAccessInfo.LoadForbidLen > 0) {
- CopyMem (NewFL, mAccessInfo.LoadForbid, mAccessInfo.LoadForbidLen);
- FreePool (mAccessInfo.LoadForbid);
- }
-
- CopyMem (NewFL + mAccessInfo.LoadForbidLen, VarPtr, DevicePathLen);
- mAccessInfo.LoadForbidLen = NewLen;
- mAccessInfo.LoadForbid = NewFL;
- FreePool (Var);
-}
-
-
diff --git a/SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyIdentityPolicy.c b/SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyIdentityPolicy.c
deleted file mode 100644
index 602c4a8397..0000000000
--- a/SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyIdentityPolicy.c
+++ /dev/null
@@ -1,516 +0,0 @@
-/** @file
- The functions for identification policy modification.
-
-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#include "UserProfileManager.h"
-
-
-/**
- Verify the new identity policy in the current implementation. The same credential
- provider can't appear twice in one identity policy.
-
- @param[in] NewGuid Points to the credential provider guid.
-
- @retval TRUE The NewGuid was found in the identity policy.
- @retval FALSE The NewGuid was not found.
-
-**/
-BOOLEAN
-ProviderAlreadyInPolicy (
- IN EFI_GUID *NewGuid
- )
-{
- UINTN Offset;
- EFI_USER_INFO_IDENTITY_POLICY *Identity;
- EFI_INPUT_KEY Key;
-
- Offset = 0;
- while (Offset < mUserInfo.NewIdentityPolicyLen) {
- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) (mUserInfo.NewIdentityPolicy + Offset);
- if (Identity->Type == EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER) {
- if (CompareGuid (NewGuid, (EFI_GUID *) (Identity + 1))) {
- CreatePopUp (
- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
- &Key,
- L"This Credential Provider Are Already Used!",
- L"",
- L"Press Any Key to Continue ...",
- NULL
- );
- return TRUE;
- }
- }
- Offset += Identity->Length;
- }
-
- return FALSE;
-}
-
-
-/**
- Add the user's credential record in the provider.
-
- @param[in] Identity Identity policy item including credential provider.
- @param[in] User Points to user profile.
-
- @retval EFI_SUCCESS Add or delete record successfully.
- @retval Others Fail to add or delete record.
-
-**/
-EFI_STATUS
-EnrollUserOnProvider (
- IN EFI_USER_INFO_IDENTITY_POLICY *Identity,
- IN EFI_USER_PROFILE_HANDLE User
- )
-{
- UINTN Index;
- EFI_USER_CREDENTIAL2_PROTOCOL *UserCredential;
-
- //
- // Find the specified credential provider.
- //
- for (Index = 0; Index < mProviderInfo->Count; Index++) {
- UserCredential = mProviderInfo->Provider[Index];
- if (CompareGuid ((EFI_GUID *)(Identity + 1), &UserCredential->Identifier)) {
- return UserCredential->Enroll (UserCredential, User);
- }
- }
-
- return EFI_NOT_FOUND;
-}
-
-
-/**
- Delete the User's credential record on the provider.
-
- @param[in] Identity Point to EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER user info.
- @param[in] User Points to user profile.
-
- @retval EFI_SUCCESS Delete User's credential record successfully.
- @retval Others Fail to add or delete record.
-
-**/
-EFI_STATUS
-DeleteUserOnProvider (
- IN EFI_USER_INFO_IDENTITY_POLICY *Identity,
- IN EFI_USER_PROFILE_HANDLE User
- )
-{
- UINTN Index;
- EFI_USER_CREDENTIAL2_PROTOCOL *UserCredential;
-
- //
- // Find the specified credential provider.
- //
- for (Index = 0; Index < mProviderInfo->Count; Index++) {
- UserCredential = mProviderInfo->Provider[Index];
- if (CompareGuid ((EFI_GUID *)(Identity + 1), &UserCredential->Identifier)) {
- return UserCredential->Delete (UserCredential, User);
- }
- }
-
- return EFI_NOT_FOUND;
-}
-
-
-/**
- Delete User's credental from all the providers that exist in User's identity policy.
-
- @param[in] IdentityPolicy Point to User's identity policy.
- @param[in] IdentityPolicyLen The length of the identity policy.
- @param[in] User Points to user profile.
-
-**/
-VOID
-DeleteCredentialFromProviders (
- IN UINT8 *IdentityPolicy,
- IN UINTN IdentityPolicyLen,
- IN EFI_USER_PROFILE_HANDLE User
- )
-{
- EFI_USER_INFO_IDENTITY_POLICY *Identity;
- UINTN Offset;
-
- Offset = 0;
- while (Offset < IdentityPolicyLen) {
- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) (IdentityPolicy + Offset);
- if (Identity->Type == EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER) {
- //
- // Delete the user on this provider.
- //
- DeleteUserOnProvider (Identity, User);
- }
- Offset += Identity->Length;
- }
-
-}
-
-
-/**
- Remove the provider specified by Offset from the new user identification record.
-
- @param[in] IdentityPolicy Point to user identity item in new identification policy.
- @param[in] Offset The item offset in the new identification policy.
-
-**/
-VOID
-DeleteProviderFromPolicy (
- IN EFI_USER_INFO_IDENTITY_POLICY *IdentityPolicy,
- IN UINTN Offset
- )
-{
- UINTN RemainingLen;
- UINTN DeleteLen;
-
- if (IdentityPolicy->Length == mUserInfo.NewIdentityPolicyLen) {
- //
- // Only one credential provider in the identification policy.
- // Set the new policy to be TRUE after removed the provider.
- //
- IdentityPolicy->Type = EFI_USER_INFO_IDENTITY_TRUE;
- IdentityPolicy->Length = sizeof (EFI_USER_INFO_IDENTITY_POLICY);
- mUserInfo.NewIdentityPolicyLen = IdentityPolicy->Length;
- return ;
- }
-
- DeleteLen = IdentityPolicy->Length + sizeof(EFI_USER_INFO_IDENTITY_POLICY);
- if ((Offset + IdentityPolicy->Length) != mUserInfo.NewIdentityPolicyLen) {
- //
- // This provider is not the last item in the identification policy, delete it and the connector.
- //
- RemainingLen = mUserInfo.NewIdentityPolicyLen - Offset - DeleteLen;
- CopyMem ((UINT8 *) IdentityPolicy, (UINT8 *) IdentityPolicy + DeleteLen, RemainingLen);
- }
- mUserInfo.NewIdentityPolicyLen -= DeleteLen;
-}
-
-
-/**
- Add a new provider to the mUserInfo.NewIdentityPolicy.
-
- It is invoked when 'add option' in UI is pressed.
-
- @param[in] NewGuid Points to the credential provider guid.
-
-**/
-VOID
-AddProviderToPolicy (
- IN EFI_GUID *NewGuid
- )
-{
- UINT8 *NewPolicyInfo;
- UINTN NewPolicyInfoLen;
- EFI_USER_INFO_IDENTITY_POLICY *Policy;
-
- //
- // Allocate memory for the new identity policy.
- //
- NewPolicyInfoLen = mUserInfo.NewIdentityPolicyLen + sizeof (EFI_USER_INFO_IDENTITY_POLICY) + sizeof (EFI_GUID);
- if (mUserInfo.NewIdentityPolicyLen > 0) {
- //
- // It is not the first provider in the policy. Add a connector before provider.
- //
- NewPolicyInfoLen += sizeof (EFI_USER_INFO_IDENTITY_POLICY);
- }
- NewPolicyInfo = AllocateZeroPool (NewPolicyInfoLen);
- if (NewPolicyInfo == NULL) {
- return ;
- }
-
- NewPolicyInfoLen = 0;
- if (mUserInfo.NewIdentityPolicyLen > 0) {
- //
- // Save orginal policy.
- //
- CopyMem (NewPolicyInfo, mUserInfo.NewIdentityPolicy, mUserInfo.NewIdentityPolicyLen);
-
- //
- // Save logical connector.
- //
- Policy = (EFI_USER_INFO_IDENTITY_POLICY *) (NewPolicyInfo + mUserInfo.NewIdentityPolicyLen);
- if (mConncetLogical == 0) {
- Policy->Type = EFI_USER_INFO_IDENTITY_AND;
- } else {
- Policy->Type = EFI_USER_INFO_IDENTITY_OR;
- }
-
- Policy->Length = sizeof (EFI_USER_INFO_IDENTITY_POLICY);
- NewPolicyInfoLen = mUserInfo.NewIdentityPolicyLen + Policy->Length;
- FreePool (mUserInfo.NewIdentityPolicy);
- }
-
- //
- // Save credential provider.
- //
- Policy = (EFI_USER_INFO_IDENTITY_POLICY *) (NewPolicyInfo + NewPolicyInfoLen);
- Policy->Length = sizeof (EFI_USER_INFO_IDENTITY_POLICY) + sizeof (EFI_GUID);
- Policy->Type = EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER;
- CopyGuid ((EFI_GUID *) (Policy + 1), NewGuid);
- NewPolicyInfoLen += Policy->Length;
-
- //
- // Update identity policy choice.
- //
- mUserInfo.NewIdentityPolicy = NewPolicyInfo;
- mUserInfo.NewIdentityPolicyLen = NewPolicyInfoLen;
- mUserInfo.NewIdentityPolicyModified = TRUE;
-}
-
-
-/**
- This function replaces the old identity policy with a new identity policy.
-
- This function delete the user identity policy information.
- If enroll new credential failed, recover the old identity policy.
-
- @retval EFI_SUCCESS Modify user identity policy successfully.
- @retval Others Fail to modify user identity policy.
-
-**/
-EFI_STATUS
-UpdateCredentialProvider (
- )
-{
- EFI_STATUS Status;
- EFI_USER_INFO_IDENTITY_POLICY *Identity;
- UINTN Offset;
-
- //
- // Delete the old identification policy.
- //
- DeleteCredentialFromProviders (mUserInfo.IdentityPolicy, mUserInfo.IdentityPolicyLen, mModifyUser);
-
- //
- // Add the new identification policy.
- //
- Offset = 0;
- while (Offset < mUserInfo.NewIdentityPolicyLen) {
- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) (mUserInfo.NewIdentityPolicy + Offset);
- if (Identity->Type == EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER) {
- //
- // Enroll the user on this provider
- //
- Status = EnrollUserOnProvider (Identity, mModifyUser);
- if (EFI_ERROR (Status)) {
- //
- // Failed to enroll the user by new identification policy.
- // So removed the credential provider from the identification policy
- //
- DeleteProviderFromPolicy (Identity, Offset);
- continue;
- }
- }
- Offset += Identity->Length;
- }
-
- return EFI_SUCCESS;
-}
-
-
-/**
- Check whether the identity policy is valid.
-
- @param[in] PolicyInfo Point to the identity policy.
- @param[in] PolicyInfoLen The policy length.
-
- @retval TRUE The policy is a valid identity policy.
- @retval FALSE The policy is not a valid identity policy.
-
-**/
-BOOLEAN
-CheckNewIdentityPolicy (
- IN UINT8 *PolicyInfo,
- IN UINTN PolicyInfoLen
- )
-{
- EFI_USER_INFO_IDENTITY_POLICY *Identity;
- EFI_INPUT_KEY Key;
- UINTN Offset;
- UINT32 OpCode;
-
- //
- // Check policy expression.
- //
- OpCode = EFI_USER_INFO_IDENTITY_FALSE;
- Offset = 0;
- while (Offset < PolicyInfoLen) {
- //
- // Check identification policy according to type
- //
- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) (PolicyInfo + Offset);
- switch (Identity->Type) {
-
- case EFI_USER_INFO_IDENTITY_TRUE:
- break;
-
- case EFI_USER_INFO_IDENTITY_OR:
- if (OpCode == EFI_USER_INFO_IDENTITY_AND) {
- CreatePopUp (
- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
- &Key,
- L"Invalid Identity Policy, Mixed Connector Unsupport!",
- L"",
- L"Press Any Key to Continue ...",
- NULL
- );
- return FALSE;
- }
-
- OpCode = EFI_USER_INFO_IDENTITY_OR;
- break;
-
- case EFI_USER_INFO_IDENTITY_AND:
- if (OpCode == EFI_USER_INFO_IDENTITY_OR) {
- CreatePopUp (
- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
- &Key,
- L"Invalid Identity Policy, Mixed Connector Unsupport!",
- L"",
- L"Press Any Key to Continue ...",
- NULL
- );
- return FALSE;
- }
-
- OpCode = EFI_USER_INFO_IDENTITY_AND;
- break;
-
- case EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER:
- break;
-
- default:
- CreatePopUp (
- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
- &Key,
- L"Unsupport parameter",
- L"",
- L"Press Any Key to Continue ...",
- NULL
- );
- return FALSE;
- }
- Offset += Identity->Length;
- }
-
- return TRUE;
-}
-
-
-/**
- Save the identity policy and update UI with it.
-
- This function will verify the new identity policy, in current implementation,
- the identity policy can be: T, P & P & P & ..., P | P | P | ...
- Here, "T" means "True", "P" means "Credential Provider", "&" means "and", "|" means "or".
- Other identity policies are not supported.
-
-**/
-VOID
-SaveIdentityPolicy (
- VOID
- )
-{
- EFI_STATUS Status;
- EFI_USER_INFO_HANDLE UserInfo;
- EFI_USER_INFO *Info;
-
- if (!mUserInfo.NewIdentityPolicyModified || (mUserInfo.NewIdentityPolicyLen == 0)) {
- return;
- }
-
- //
- // Check policy expression.
- //
- if (!CheckNewIdentityPolicy (mUserInfo.NewIdentityPolicy, mUserInfo.NewIdentityPolicyLen)) {
- return;
- }
-
- Status = FindInfoByType (mModifyUser, EFI_USER_INFO_IDENTITY_POLICY_RECORD, &UserInfo);
- if (EFI_ERROR (Status)) {
- return ;
- }
-
- //
- // Update the informantion on credential provider.
- //
- Status = UpdateCredentialProvider ();
- if (EFI_ERROR (Status)) {
- return ;
- }
-
- //
- // Save new identification policy.
- //
- Info = AllocateZeroPool (sizeof (EFI_USER_INFO) + mUserInfo.NewIdentityPolicyLen);
- ASSERT (Info != NULL);
-
- Info->InfoType = EFI_USER_INFO_IDENTITY_POLICY_RECORD;
- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV | EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
- Info->InfoSize = (UINT32) (sizeof (EFI_USER_INFO) + mUserInfo.NewIdentityPolicyLen);
- CopyMem ((UINT8 *) (Info + 1), mUserInfo.NewIdentityPolicy, mUserInfo.NewIdentityPolicyLen);
-
- Status = mUserManager->SetInfo (mUserManager, mModifyUser, &UserInfo, Info, Info->InfoSize);
- FreePool (Info);
-
- //
- // Update the mUserInfo.IdentityPolicy by mUserInfo.NewIdentityPolicy
- //
- if (mUserInfo.IdentityPolicy != NULL) {
- FreePool (mUserInfo.IdentityPolicy);
- }
- mUserInfo.IdentityPolicy = mUserInfo.NewIdentityPolicy;
- mUserInfo.IdentityPolicyLen = mUserInfo.NewIdentityPolicyLen;
-
- mUserInfo.NewIdentityPolicy = NULL;
- mUserInfo.NewIdentityPolicyLen = 0;
- mUserInfo.NewIdentityPolicyModified = FALSE;
-
- //
- // Update identity policy choice.
- //
- ResolveIdentityPolicy (mUserInfo.IdentityPolicy, mUserInfo.IdentityPolicyLen, STRING_TOKEN (STR_IDENTIFY_POLICY_VAL));
-}
-
-
-/**
- Update the mUserInfo.NewIdentityPolicy, and UI when 'add option' is pressed.
-
-**/
-VOID
-AddIdentityPolicyItem (
- VOID
- )
-{
- if (mProviderInfo->Count == 0) {
- return ;
- }
-
- //
- // Check the identity policy.
- //
- if (ProviderAlreadyInPolicy (&mProviderInfo->Provider[mProviderChoice]->Identifier)) {
- return;
- }
-
- //
- // Add it to identification policy
- //
- AddProviderToPolicy (&mProviderInfo->Provider[mProviderChoice]->Identifier);
-
- //
- // Update identity policy choice.
- //
- ResolveIdentityPolicy (mUserInfo.NewIdentityPolicy, mUserInfo.NewIdentityPolicyLen, STRING_TOKEN (STR_IDENTIFY_POLICY_VALUE));
-}
-
-
diff --git a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileAdd.c b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileAdd.c
deleted file mode 100644
index 6de7e75e79..0000000000
--- a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileAdd.c
+++ /dev/null
@@ -1,372 +0,0 @@
-/** @file
- The functions to add a user profile.
-
-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#include "UserProfileManager.h"
-
-
-/**
- Get user name from the popup windows.
-
- @param[in, out] UserNameLen On entry, point to UserName buffer lengh, in bytes.
- On exit, point to input user name length, in bytes.
- @param[out] UserName The buffer to hold the input user name.
-
- @retval EFI_ABORTED It is given up by pressing 'ESC' key.
- @retval EFI_NOT_READY Not a valid input at all.
- @retval EFI_SUCCESS Get a user name successfully.
-
-**/
-EFI_STATUS
-GetUserNameInput (
- IN OUT UINTN *UserNameLen,
- OUT CHAR16 *UserName
- )
-{
- EFI_INPUT_KEY Key;
- UINTN NameLen;
- CHAR16 Name[USER_NAME_LENGTH];
-
- NameLen = 0;
- while (TRUE) {
- Name[NameLen] = L'_';
- Name[NameLen + 1] = L'\0';
- CreatePopUp (
- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
- &Key,
- L"Input User Name",
- L"---------------------",
- Name,
- NULL
- );
- //
- // Check key.
- //
- if (Key.ScanCode == SCAN_NULL) {
- if (Key.UnicodeChar == CHAR_CARRIAGE_RETURN) {
- //
- // Add the null terminator.
- //
- Name[NameLen] = 0;
- NameLen++;
- break;
- } else if ((Key.UnicodeChar == CHAR_NULL) ||
- (Key.UnicodeChar == CHAR_TAB) ||
- (Key.UnicodeChar == CHAR_LINEFEED)
- ) {
- continue;
- } else {
- if (Key.UnicodeChar == CHAR_BACKSPACE) {
- if (NameLen > 0) {
- NameLen--;
- }
- } else {
- Name[NameLen] = Key.UnicodeChar;
- NameLen++;
- if (NameLen + 1 == USER_NAME_LENGTH) {
- //
- // Add the null terminator.
- //
- Name[NameLen] = 0;
- NameLen++;
- break;
- }
- }
- }
- }
-
- if (Key.ScanCode == SCAN_ESC) {
- return EFI_ABORTED;
- }
- }
-
- if (NameLen <= 1) {
- return EFI_NOT_READY;
- }
-
- if (*UserNameLen < NameLen * sizeof (CHAR16)) {
- return EFI_NOT_READY;
- }
-
- *UserNameLen = NameLen * sizeof (CHAR16);
- CopyMem (UserName, Name, *UserNameLen);
-
- return EFI_SUCCESS;
-}
-
-/**
- Set a user's username.
-
- @param[in] User Handle of a user profile .
- @param[in] UserNameLen The lengh of UserName.
- @param[in] UserName Point to the buffer of user name.
-
- @retval EFI_NOT_READY The usernme in mAddUserName had been used.
- @retval EFI_SUCCESS Change the user's username successfully with
- username in mAddUserName.
-
-**/
-EFI_STATUS
-SetUserName (
- IN EFI_USER_PROFILE_HANDLE User,
- IN UINTN UserNameLen,
- IN CHAR16 *UserName
- )
-{
- EFI_STATUS Status;
- EFI_USER_INFO_HANDLE UserInfo;
- EFI_USER_PROFILE_HANDLE TempUser;
- EFI_USER_INFO *NewUserInfo;
-
- NewUserInfo = AllocateZeroPool (sizeof (EFI_USER_INFO) + UserNameLen);
- ASSERT (NewUserInfo != NULL);
-
- NewUserInfo->InfoType = EFI_USER_INFO_NAME_RECORD;
- NewUserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
- EFI_USER_INFO_PUBLIC |
- EFI_USER_INFO_EXCLUSIVE;
- NewUserInfo->InfoSize = (UINT32) (sizeof (EFI_USER_INFO) + UserNameLen);
- CopyMem ((UINT8 *) (NewUserInfo + 1), UserName, UserNameLen);
- TempUser = NULL;
- Status = mUserManager->Find (
- mUserManager,
- &TempUser,
- NULL,
- NewUserInfo,
- NewUserInfo->InfoSize
- );
- if (!EFI_ERROR (Status)) {
- //
- // The user name had been used, return error.
- //
- FreePool (NewUserInfo);
- return EFI_NOT_READY;
- }
-
- UserInfo = NULL;
- mUserManager->SetInfo (
- mUserManager,
- User,
- &UserInfo,
- NewUserInfo,
- NewUserInfo->InfoSize
- );
- FreePool (NewUserInfo);
- return EFI_SUCCESS;
-}
-
-
-/**
- Set create date of the specified user.
-
- @param[in] User Handle of a user profile.
-
-**/
-VOID
-SetCreateDate (
- IN EFI_USER_PROFILE_HANDLE User
- )
-{
- EFI_STATUS Status;
- EFI_USER_INFO_HANDLE UserInfo;
- EFI_USER_INFO_CREATE_DATE Date;
- EFI_USER_INFO *NewUserInfo;
-
- NewUserInfo = AllocateZeroPool (
- sizeof (EFI_USER_INFO) +
- sizeof (EFI_USER_INFO_CREATE_DATE)
- );
- ASSERT (NewUserInfo != NULL);
-
- NewUserInfo->InfoType = EFI_USER_INFO_CREATE_DATE_RECORD;
- NewUserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
- EFI_USER_INFO_PUBLIC |
- EFI_USER_INFO_EXCLUSIVE;
- NewUserInfo->InfoSize = sizeof (EFI_USER_INFO) + sizeof (EFI_USER_INFO_CREATE_DATE);
- Status = gRT->GetTime (&Date, NULL);
- if (EFI_ERROR (Status)) {
- FreePool (NewUserInfo);
- return ;
- }
-
- CopyMem ((UINT8 *) (NewUserInfo + 1), &Date, sizeof (EFI_USER_INFO_CREATE_DATE));
- UserInfo = NULL;
- mUserManager->SetInfo (
- mUserManager,
- User,
- &UserInfo,
- NewUserInfo,
- NewUserInfo->InfoSize
- );
- FreePool (NewUserInfo);
-}
-
-
-/**
- Set the default identity policy of the specified user.
-
- @param[in] User Handle of a user profile.
-
-**/
-VOID
-SetIdentityPolicy (
- IN EFI_USER_PROFILE_HANDLE User
- )
-{
- EFI_USER_INFO_IDENTITY_POLICY *Policy;
- EFI_USER_INFO_HANDLE UserInfo;
- EFI_USER_INFO *NewUserInfo;
-
- NewUserInfo = AllocateZeroPool (
- sizeof (EFI_USER_INFO) +
- sizeof (EFI_USER_INFO_IDENTITY_POLICY)
- );
- ASSERT (NewUserInfo != NULL);
-
- Policy = (EFI_USER_INFO_IDENTITY_POLICY *) (NewUserInfo + 1);
- Policy->Type = EFI_USER_INFO_IDENTITY_TRUE;
- Policy->Length = sizeof (EFI_USER_INFO_IDENTITY_POLICY);
-
- NewUserInfo->InfoType = EFI_USER_INFO_IDENTITY_POLICY_RECORD;
- NewUserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
- EFI_USER_INFO_PUBLIC |
- EFI_USER_INFO_EXCLUSIVE;
- NewUserInfo->InfoSize = sizeof (EFI_USER_INFO) + Policy->Length;
- UserInfo = NULL;
- mUserManager->SetInfo (
- mUserManager,
- User,
- &UserInfo,
- NewUserInfo,
- NewUserInfo->InfoSize
- );
- FreePool (NewUserInfo);
-}
-
-
-/**
- Set the default access policy of the specified user.
-
- @param[in] User Handle of a user profile.
-
-**/
-VOID
-SetAccessPolicy (
- IN EFI_USER_PROFILE_HANDLE User
- )
-{
- EFI_USER_INFO_ACCESS_CONTROL *Control;
- EFI_USER_INFO_HANDLE UserInfo;
- EFI_USER_INFO *NewUserInfo;
-
- NewUserInfo = AllocateZeroPool (
- sizeof (EFI_USER_INFO) +
- sizeof (EFI_USER_INFO_ACCESS_CONTROL)
- );
- ASSERT (NewUserInfo != NULL);
-
- Control = (EFI_USER_INFO_ACCESS_CONTROL *) (NewUserInfo + 1);
- Control->Type = EFI_USER_INFO_ACCESS_ENROLL_SELF;
- Control->Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL);
-
- NewUserInfo->InfoType = EFI_USER_INFO_ACCESS_POLICY_RECORD;
- NewUserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
- EFI_USER_INFO_PUBLIC |
- EFI_USER_INFO_EXCLUSIVE;
- NewUserInfo->InfoSize = sizeof (EFI_USER_INFO) + Control->Size;
- UserInfo = NULL;
- mUserManager->SetInfo (
- mUserManager,
- User,
- &UserInfo,
- NewUserInfo,
- NewUserInfo->InfoSize
- );
- FreePool (NewUserInfo);
-}
-
-
-/**
- Add a new user profile into the user profile database.
-
-**/
-VOID
-CallAddUser (
- VOID
- )
-{
- EFI_STATUS Status;
- EFI_INPUT_KEY Key;
- EFI_USER_PROFILE_HANDLE User;
- UINTN UserNameLen;
- CHAR16 UserName[USER_NAME_LENGTH];
- CHAR16 *QuestionStr;
- CHAR16 *PromptStr;
-
- QuestionStr = NULL;
- PromptStr = NULL;
-
- //
- // Get user name to add.
- //
- UserNameLen = sizeof (UserName);
- Status = GetUserNameInput (&UserNameLen, UserName);
- if (EFI_ERROR (Status)) {
- if (Status != EFI_ABORTED) {
- QuestionStr = GetStringById (STRING_TOKEN (STR_GET_USERNAME_FAILED));
- PromptStr = GetStringById (STRING_TOKEN (STR_STROKE_KEY_CONTINUE));
- goto Done;
- }
- return ;
- }
-
- //
- // Create a new user profile.
- //
- User = NULL;
- Status = mUserManager->Create (mUserManager, &User);
- if (EFI_ERROR (Status)) {
- QuestionStr = GetStringById (STRING_TOKEN (STR_CREATE_PROFILE_FAILED));
- PromptStr = GetStringById (STRING_TOKEN (STR_STROKE_KEY_CONTINUE));
- } else {
- //
- // Add default user information.
- //
- Status = SetUserName (User, UserNameLen, UserName);
- if (EFI_ERROR (Status)) {
- QuestionStr = GetStringById (STRING_TOKEN (STR_USER_ALREADY_EXISTED));
- PromptStr = GetStringById (STRING_TOKEN (STR_STROKE_KEY_CONTINUE));
- goto Done;
- }
-
- SetCreateDate (User);
- SetIdentityPolicy (User);
- SetAccessPolicy (User);
-
- QuestionStr = GetStringById (STRING_TOKEN (STR_CREATE_PROFILE_SUCCESS));
- PromptStr = GetStringById (STRING_TOKEN (STR_STROKE_KEY_CONTINUE));
- }
-
-Done:
- CreatePopUp (
- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
- &Key,
- QuestionStr,
- L"",
- PromptStr,
- NULL
- );
- FreePool (QuestionStr);
- FreePool (PromptStr);
-}
-
diff --git a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileDelete.c b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileDelete.c
deleted file mode 100644
index af5d3109dd..0000000000
--- a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileDelete.c
+++ /dev/null
@@ -1,343 +0,0 @@
-/** @file
- The functions to delete a user profile.
-
-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#include "UserProfileManager.h"
-
-/**
- Get the username from the specified user.
-
- @param[in] User Handle of a user profile.
-
- @retval EFI_STRING_ID The String Id of the user's username.
-
-**/
-EFI_STRING_ID
-GetUserName (
- IN EFI_USER_PROFILE_HANDLE User
- )
-{
- EFI_STATUS Status;
- EFI_USER_INFO_HANDLE UserInfo;
- EFI_USER_INFO *Info;
- UINTN InfoSize;
- UINTN MemSize;
- UINTN NameLen;
- CHAR16 UserName[USER_NAME_LENGTH];
- EFI_STRING_ID UserId;
-
- //
- // Allocate user information memory.
- //
- MemSize = sizeof (EFI_USER_INFO) + 63;
- Info = AllocateZeroPool (MemSize);
- ASSERT (Info != NULL);
-
- //
- // Get user name information.
- //
- UserInfo = NULL;
- while (TRUE) {
- InfoSize = MemSize;
- //
- // Get next user information.
- //
- Status = mUserManager->GetNextInfo (
- mUserManager,
- User,
- &UserInfo
- );
- if (EFI_ERROR (Status)) {
- break;
- }
-
- Status = mUserManager->GetInfo (
- mUserManager,
- User,
- UserInfo,
- Info,
- &InfoSize
- );
- if (Status == EFI_BUFFER_TOO_SMALL) {
- MemSize = InfoSize;
- FreePool (Info);
- Info = AllocateZeroPool (MemSize);
- ASSERT (Info != NULL);
-
- Status = mUserManager->GetInfo (
- mUserManager,
- User,
- UserInfo,
- Info,
- &InfoSize
- );
- }
- //
- // Check user information.
- //
- if (Status == EFI_SUCCESS) {
- if (Info->InfoType == EFI_USER_INFO_NAME_RECORD) {
- NameLen = Info->InfoSize - sizeof (EFI_USER_INFO);
- if (NameLen > USER_NAME_LENGTH * sizeof (CHAR16)) {
- NameLen = USER_NAME_LENGTH * sizeof (CHAR16);
- }
- ASSERT (NameLen >= sizeof (CHAR16));
- CopyMem (UserName, (UINT8 *) (Info + 1), NameLen);
- UserName[NameLen / sizeof (CHAR16) - 1] = 0;
- UserId = HiiSetString (
- mCallbackInfo->HiiHandle,
- 0,
- UserName,
- NULL
- );
- if (UserId != 0) {
- FreePool (Info);
- return UserId;
- }
- }
- }
- }
-
- FreePool (Info);
- return 0;
-}
-
-
-/**
- Add a username item in form.
-
- @param[in] User Points to the user profile whose username is added.
- @param[in] Index The index of the user in the user name list
- @param[in] OpCodeHandle Points to container for dynamic created opcodes.
-
-**/
-VOID
-AddUserToForm (
- IN EFI_USER_PROFILE_HANDLE User,
- IN UINT16 Index,
- IN VOID *OpCodeHandle
- )
-{
- EFI_STRING_ID NameId;
-
- //
- // Get user name
- //
- NameId = GetUserName (User);
- if (NameId == 0) {
- return ;
- }
-
- //
- // Create user name option.
- //
- switch (Index & KEY_FIRST_FORM_MASK) {
- case KEY_MODIFY_USER:
- HiiCreateGotoOpCode (
- OpCodeHandle, // Container for dynamic created opcodes
- FORMID_USER_INFO, // Target Form ID
- NameId, // Prompt text
- STRING_TOKEN (STR_NULL_STRING), // Help text
- EFI_IFR_FLAG_CALLBACK, // Question flag
- Index // Question ID
- );
- break;
-
- case KEY_DEL_USER:
- HiiCreateActionOpCode (
- OpCodeHandle, // Container for dynamic created opcodes
- Index, // Question ID
- NameId, // Prompt text
- STRING_TOKEN (STR_NULL_STRING), // Help text
- EFI_IFR_FLAG_CALLBACK, // Question flag
- 0 // Action String ID
- );
- break;
-
- default:
- break;
- }
-}
-
-
-/**
- Delete the user specified by UserIndex in user profile database.
-
- @param[in] UserIndex The index of user in the user name list
- to be deleted.
-
-**/
-VOID
-DeleteUser (
- IN UINT8 UserIndex
- )
-{
- EFI_STATUS Status;
- EFI_USER_PROFILE_HANDLE User;
- EFI_INPUT_KEY Key;
- EFI_USER_INFO_HANDLE UserInfo;
- EFI_USER_INFO *Info;
- UINTN InfoSize;
-
- //
- // Find specified user profile and delete it.
- //
- User = NULL;
- Status = mUserManager->GetNext (mUserManager, &User);
- if (EFI_ERROR (Status)) {
- goto Done;
- }
-
- while (UserIndex > 1) {
- Status = mUserManager->GetNext (mUserManager, &User);
- if (EFI_ERROR (Status)) {
- goto Done;
- }
- UserIndex--;
- }
-
- if (UserIndex == 1) {
- //
- // Get the identification policy.
- //
- Status = FindInfoByType (User, EFI_USER_INFO_IDENTITY_POLICY_RECORD, &UserInfo);
- if (EFI_ERROR (Status)) {
- goto Done;
- }
-
- InfoSize = 0;
- Info = NULL;
- Status = mUserManager->GetInfo (mUserManager, User, UserInfo, Info, &InfoSize);
- if (Status == EFI_BUFFER_TOO_SMALL) {
- Info = AllocateZeroPool (InfoSize);
- if (Info == NULL) {
- goto Done;
- }
- Status = mUserManager->GetInfo (mUserManager, User, UserInfo, Info, &InfoSize);
- }
-
- //
- // Delete the user on the credential providers by its identification policy.
- //
- ASSERT (Info != NULL);
- DeleteCredentialFromProviders ((UINT8 *)(Info + 1), Info->InfoSize - sizeof (EFI_USER_INFO), User);
- FreePool (Info);
-
- Status = mUserManager->Delete (mUserManager, User);
- if (EFI_ERROR (Status)) {
- goto Done;
- }
- CreatePopUp (
- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
- &Key,
- L"Delete User Succeed!",
- L"",
- L"Please Press Any Key to Continue ...",
- NULL
- );
- return ;
- }
-
-Done:
- CreatePopUp (
- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
- &Key,
- L"Delete User Failed!",
- L"",
- L"Please Press Any Key to Continue ...",
- NULL
- );
-}
-
-
-/**
- Display user select form, cab select a user to delete.
-
-**/
-VOID
-SelectUserToDelete (
- VOID
- )
-{
- EFI_STATUS Status;
- UINT8 Index;
- EFI_USER_PROFILE_HANDLE User;
- EFI_USER_PROFILE_HANDLE CurrentUser;
- VOID *StartOpCodeHandle;
- VOID *EndOpCodeHandle;
- EFI_IFR_GUID_LABEL *StartLabel;
- EFI_IFR_GUID_LABEL *EndLabel;
-
- //
- // Initialize the container for dynamic opcodes.
- //
- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
- ASSERT (StartOpCodeHandle != NULL);
-
- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
- ASSERT (EndOpCodeHandle != NULL);
-
- //
- // Create Hii Extend Label OpCode.
- //
- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
- StartOpCodeHandle,
- &gEfiIfrTianoGuid,
- NULL,
- sizeof (EFI_IFR_GUID_LABEL)
- );
- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
- StartLabel->Number = LABEL_USER_DEL_FUNC;
-
- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
- EndOpCodeHandle,
- &gEfiIfrTianoGuid,
- NULL,
- sizeof (EFI_IFR_GUID_LABEL)
- );
- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
- EndLabel->Number = LABEL_END;
-
- //
- // Add each user can be deleted.
- //
- User = NULL;
- Index = 1;
- mUserManager->Current (mUserManager, &CurrentUser);
- while (TRUE) {
- Status = mUserManager->GetNext (mUserManager, &User);
- if (EFI_ERROR (Status)) {
- break;
- }
-
- if (User != CurrentUser) {
- AddUserToForm (
- User,
- (UINT16)(KEY_DEL_USER | KEY_SELECT_USER | Index),
- StartOpCodeHandle
- );
- }
- Index++;
- }
-
- HiiUpdateForm (
- mCallbackInfo->HiiHandle, // HII handle
- &gUserProfileManagerGuid, // Formset GUID
- FORMID_DEL_USER, // Form ID
- StartOpCodeHandle, // Label for where to insert opcodes
- EndOpCodeHandle // Replace data
- );
-
- HiiFreeOpCodeHandle (StartOpCodeHandle);
- HiiFreeOpCodeHandle (EndOpCodeHandle);
-}
diff --git a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.c b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.c
deleted file mode 100644
index e73ba3a8fc..0000000000
--- a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.c
+++ /dev/null
@@ -1,887 +0,0 @@
-/** @file
- This driver is a configuration tool for adding, deleting or modifying user
- profiles, including gathering the necessary information to ascertain their
- identity in the future, updating user access policy and identification
- policy, etc.
-
-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
-(C) Copyright 2018 Hewlett Packard Enterprise Development LP<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#include "UserProfileManager.h"
-
-EFI_USER_MANAGER_PROTOCOL *mUserManager = NULL;
-CREDENTIAL_PROVIDER_INFO *mProviderInfo = NULL;
-UINT8 mProviderChoice;
-UINT8 mConncetLogical;
-USER_INFO_ACCESS mAccessInfo;
-USER_INFO mUserInfo;
-USER_PROFILE_MANAGER_CALLBACK_INFO *mCallbackInfo;
-HII_VENDOR_DEVICE_PATH mHiiVendorDevicePath = {
- {
- {
- HARDWARE_DEVICE_PATH,
- HW_VENDOR_DP,
- {
- (UINT8) (sizeof (VENDOR_DEVICE_PATH)),
- (UINT8) ((sizeof (VENDOR_DEVICE_PATH)) >> 8)
- }
- },
- USER_PROFILE_MANAGER_GUID
- },
- {
- END_DEVICE_PATH_TYPE,
- END_ENTIRE_DEVICE_PATH_SUBTYPE,
- {
- (UINT8) (END_DEVICE_PATH_LENGTH),
- (UINT8) ((END_DEVICE_PATH_LENGTH) >> 8)
- }
- }
-};
-
-
-/**
- Get string by string id from HII Interface.
-
-
- @param[in] Id String ID to get the string from.
-
- @retval CHAR16 * String from ID.
- @retval NULL If error occurs.
-
-**/
-CHAR16 *
-GetStringById (
- IN EFI_STRING_ID Id
- )
-{
- //
- // Get the current string for the current Language.
- //
- return HiiGetString (mCallbackInfo->HiiHandle, Id, NULL);
-}
-
-
-/**
- This function gets all the credential providers in the system and saved them
- to mProviderInfo.
-
- @retval EFI_SUCESS Init credential provider database successfully.
- @retval Others Fail to init credential provider database.
-
-**/
-EFI_STATUS
-InitProviderInfo (
- VOID
- )
-{
- EFI_STATUS Status;
- UINTN HandleCount;
- EFI_HANDLE *HandleBuf;
- UINTN Index;
-
- //
- // Try to find all the user credential provider driver.
- //
- HandleCount = 0;
- HandleBuf = NULL;
- Status = gBS->LocateHandleBuffer (
- ByProtocol,
- &gEfiUserCredential2ProtocolGuid,
- NULL,
- &HandleCount,
- &HandleBuf
- );
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- //
- // Get provider infomation.
- //
- if (mProviderInfo != NULL) {
- FreePool (mProviderInfo);
- }
- mProviderInfo = AllocateZeroPool (
- sizeof (CREDENTIAL_PROVIDER_INFO) -
- sizeof (EFI_USER_CREDENTIAL2_PROTOCOL *) +
- HandleCount * sizeof (EFI_USER_CREDENTIAL2_PROTOCOL *)
- );
- if (mProviderInfo == NULL) {
- FreePool (HandleBuf);
- return EFI_OUT_OF_RESOURCES;
- }
-
- mProviderInfo->Count = HandleCount;
- for (Index = 0; Index < HandleCount; Index++) {
- Status = gBS->HandleProtocol (
- HandleBuf[Index],
- &gEfiUserCredential2ProtocolGuid,
- (VOID **) &mProviderInfo->Provider[Index]
- );
- if (EFI_ERROR (Status)) {
- FreePool (HandleBuf);
- FreePool (mProviderInfo);
- mProviderInfo = NULL;
- return Status;
- }
- }
-
- FreePool (HandleBuf);
- return EFI_SUCCESS;
-}
-
-
-/**
- This function processes changes in user profile configuration.
-
- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
- @param Action Specifies the type of action taken by the browser.
- @param QuestionId A unique value which is sent to the original
- exporting driver so that it can identify the type
- of data to expect.
- @param Type The type of value for the question.
- @param Value A pointer to the data being sent to the original
- exporting driver.
- @param ActionRequest On return, points to the action requested by the
- callback function.
-
- @retval EFI_SUCCESS The callback successfully handled the action.
- @retval Others Fail to handle the action.
-
-**/
-EFI_STATUS
-EFIAPI
-UserProfileManagerCallback (
- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
- IN EFI_BROWSER_ACTION Action,
- IN EFI_QUESTION_ID QuestionId,
- IN UINT8 Type,
- IN EFI_IFR_TYPE_VALUE *Value,
- OUT EFI_BROWSER_ACTION_REQUEST *ActionRequest
- )
-{
- EFI_STATUS Status;
- EFI_INPUT_KEY Key;
- UINT32 CurrentAccessRight;
- CHAR16 *QuestionStr;
- CHAR16 *PromptStr;
- VOID *StartOpCodeHandle;
- VOID *EndOpCodeHandle;
- EFI_IFR_GUID_LABEL *StartLabel;
- EFI_IFR_GUID_LABEL *EndLabel;
- EFI_USER_PROFILE_HANDLE CurrentUser;
-
- Status = EFI_SUCCESS;
-
- switch (Action) {
- case EFI_BROWSER_ACTION_FORM_OPEN:
- {
- //
- // Update user manage Form when user manage Form is opened.
- // This will be done only in FORM_OPEN CallBack of question with QUESTIONID_USER_MANAGE from user manage Form.
- //
- if (QuestionId != QUESTIONID_USER_MANAGE) {
- return EFI_SUCCESS;
- }
-
- //
- // Get current user
- //
- CurrentUser = NULL;
- mUserManager->Current (mUserManager, &CurrentUser);
- if (CurrentUser == NULL) {
- DEBUG ((DEBUG_ERROR, "Error: current user does not exist!\n"));
- return EFI_NOT_READY;
- }
-
- //
- // Get current user's right information.
- //
- Status = GetAccessRight (&CurrentAccessRight);
- if (EFI_ERROR (Status)) {
- CurrentAccessRight = EFI_USER_INFO_ACCESS_ENROLL_SELF;
- }
-
- //
- // Init credential provider information.
- //
- Status = InitProviderInfo ();
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- //
- // Initialize the container for dynamic opcodes.
- //
- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
- ASSERT (StartOpCodeHandle != NULL);
-
- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
- ASSERT (EndOpCodeHandle != NULL);
-
- //
- // Create Hii Extend Label OpCode.
- //
- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
- StartOpCodeHandle,
- &gEfiIfrTianoGuid,
- NULL,
- sizeof (EFI_IFR_GUID_LABEL)
- );
- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
- StartLabel->Number = LABEL_USER_MANAGE_FUNC;
-
- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
- EndOpCodeHandle,
- &gEfiIfrTianoGuid,
- NULL,
- sizeof (EFI_IFR_GUID_LABEL)
- );
- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
- EndLabel->Number = LABEL_END;
-
- //
- // Add user profile option.
- //
- if ((CurrentAccessRight == EFI_USER_INFO_ACCESS_MANAGE) ||
- (CurrentAccessRight == EFI_USER_INFO_ACCESS_ENROLL_OTHERS)
- ) {
- HiiCreateActionOpCode (
- StartOpCodeHandle, // Container for dynamic created opcodes
- KEY_ADD_USER, // Question ID
- STRING_TOKEN (STR_ADD_USER_TITLE), // Prompt text
- STRING_TOKEN (STR_ADD_USER_HELP), // Help text
- EFI_IFR_FLAG_CALLBACK, // Question flag
- 0 // Action String ID
- );
- }
-
- //
- // Add modify user profile option.
- //
- HiiCreateGotoOpCode (
- StartOpCodeHandle, // Container for dynamic created opcodes
- FORMID_MODIFY_USER, // Target Form ID
- STRING_TOKEN (STR_MODIFY_USER_TITLE), // Prompt text
- STRING_TOKEN (STR_MODIFY_USER_HELP), // Help text
- EFI_IFR_FLAG_CALLBACK, // Question flag
- KEY_MODIFY_USER // Question ID
- );
-
- //
- // Add delete user profile option
- //
- if (CurrentAccessRight == EFI_USER_INFO_ACCESS_MANAGE) {
- HiiCreateGotoOpCode (
- StartOpCodeHandle, // Container for dynamic created opcodes
- FORMID_DEL_USER, // Target Form ID
- STRING_TOKEN (STR_DELETE_USER_TITLE), // Prompt text
- STRING_TOKEN (STR_DELETE_USER_HELP), // Help text
- EFI_IFR_FLAG_CALLBACK, // Question flag
- KEY_DEL_USER // Question ID
- );
- }
-
- HiiUpdateForm (
- mCallbackInfo->HiiHandle, // HII handle
- &gUserProfileManagerGuid, // Formset GUID
- FORMID_USER_MANAGE, // Form ID
- StartOpCodeHandle, // Label for where to insert opcodes
- EndOpCodeHandle // Replace data
- );
-
- HiiFreeOpCodeHandle (StartOpCodeHandle);
- HiiFreeOpCodeHandle (EndOpCodeHandle);
-
- return EFI_SUCCESS;
- }
- break;
-
- case EFI_BROWSER_ACTION_FORM_CLOSE:
- Status = EFI_SUCCESS;
- break;
-
- case EFI_BROWSER_ACTION_CHANGED:
- {
- //
- // Handle the request from form.
- //
- if ((Value == NULL) || (ActionRequest == NULL)) {
- return EFI_INVALID_PARAMETER;
- }
-
- //
- // Judge first 2 bits.
- //
- switch (QuestionId & KEY_FIRST_FORM_MASK) {
- //
- // Add user profile operation.
- //
- case KEY_ADD_USER:
- CallAddUser ();
- break;
-
- //
- // Delete user profile operation.
- //
- case KEY_DEL_USER:
- //
- // Judge next 2 bits.
- //
- switch (QuestionId & KEY_SECOND_FORM_MASK) {
- //
- // Delete specified user profile.
- //
- case KEY_SELECT_USER:
- DeleteUser ((UINT8) QuestionId);
- //
- // Update select user form after delete a user.
- //
- SelectUserToDelete ();
- break;
-
- default:
- break;
- }
- break;
-
- //
- // Modify user profile operation.
- //
- case KEY_MODIFY_USER:
- //
- // Judge next 2 bits.
- //
- switch (QuestionId & KEY_SECOND_FORM_MASK) {
- //
- // Enter user profile information form.
- //
- case KEY_SELECT_USER:
- //
- // Judge next 3 bits.
- //
- switch (QuestionId & KEY_MODIFY_INFO_MASK) {
- //
- // Modify user name.
- //
- case KEY_MODIFY_NAME:
- ModifyUserName ();
- //
- // Update username in parent form.
- //
- SelectUserToModify ();
- break;
-
- //
- // Modify identity policy.
- //
- case KEY_MODIFY_IP:
- //
- // Judge next 3 bits
- //
- switch (QuestionId & KEY_MODIFY_IP_MASK) {
- //
- // Change credential provider option.
- //
- case KEY_MODIFY_PROV:
- mProviderChoice = Value->u8;
- break;
-
- //
- // Change logical connector.
- //
- case KEY_MODIFY_CONN:
- mConncetLogical = Value->u8;
- break;
-
- //
- // Save option.
- //
- case KEY_ADD_IP_OP:
- AddIdentityPolicyItem ();
- break;
-
- //
- // Return to user profile information form.
- //
- case KEY_IP_RETURN_UIF:
- SaveIdentityPolicy ();
- *ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_SUBMIT_EXIT;
- break;
-
- default:
- break;
- }
- break;
-
- //
- // Modify access policy.
- //
- case KEY_MODIFY_AP:
- //
- // Judge next 3 bits.
- //
- switch (QuestionId & KEY_MODIFY_AP_MASK) {
- //
- // Change access right choice.
- //
- case KEY_MODIFY_RIGHT:
- mAccessInfo.AccessRight = Value->u8;
- break;
-
- //
- // Change setup choice.
- //
- case KEY_MODIFY_SETUP:
- mAccessInfo.AccessSetup= Value->u8;
- break;
-
- //
- // Change boot order choice.
- //
- case KEY_MODIFY_BOOT:
- mAccessInfo.AccessBootOrder = Value->u32;
- break;
-
- //
- // Return to user profile information form.
- //
- case KEY_AP_RETURN_UIF:
- SaveAccessPolicy ();
- *ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_SUBMIT_EXIT;
- break;
-
- default:
- break;
- }
- break;
-
- default:
- break;
- }
- break;
-
- //
- // Access policy device path modified.
- //
- case KEY_MODIFY_AP_DP:
- //
- // Judge next 2 bits.
- //
- switch (QuestionId & KEY_MODIFY_DP_MASK) {
- //
- // Load permit device path modified.
- //
- case KEY_LOAD_PERMIT_MODIFY:
- QuestionStr = GetStringById (STRING_TOKEN (STR_MOVE_TO_FORBID_LIST));
- PromptStr = GetStringById (STRING_TOKEN (STR_PRESS_KEY_CONTINUE));
- CreatePopUp (
- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
- &Key,
- QuestionStr,
- L"",
- PromptStr,
- NULL
- );
- FreePool (QuestionStr);
- FreePool (PromptStr);
- if (Key.UnicodeChar != CHAR_CARRIAGE_RETURN) {
- break;
- }
-
- AddToForbidLoad ((UINT16)(QuestionId & (KEY_MODIFY_DP_MASK - 1)));
- DisplayLoadPermit ();
- break;
-
- //
- // Load forbid device path modified.
- //
- case KEY_LOAD_FORBID_MODIFY:
- QuestionStr = GetStringById (STRING_TOKEN (STR_MOVE_TO_PERMIT_LIST));
- PromptStr = GetStringById (STRING_TOKEN (STR_PRESS_KEY_CONTINUE));
- CreatePopUp (
- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
- &Key,
- QuestionStr,
- L"",
- PromptStr,
- NULL
- );
- FreePool (QuestionStr);
- FreePool (PromptStr);
- if (Key.UnicodeChar != CHAR_CARRIAGE_RETURN) {
- break;
- }
-
- DeleteFromForbidLoad ((UINT16)(QuestionId & (KEY_MODIFY_DP_MASK - 1)));
- DisplayLoadForbid ();
- break;
-
- //
- // Connect permit device path modified.
- //
- case KEY_CONNECT_PERMIT_MODIFY:
- break;
-
- //
- // Connect forbid device path modified.
- //
- case KEY_CONNECT_FORBID_MODIFY:
- break;
-
- default:
- break;
- }
- break;
-
- default:
- break;
- }
- break;
-
- default:
- break;
- }
- }
- break;
-
-
- case EFI_BROWSER_ACTION_CHANGING:
- {
- //
- // Handle the request from form.
- //
- if (Value == NULL) {
- return EFI_INVALID_PARAMETER;
- }
-
- //
- // Judge first 2 bits.
- //
- switch (QuestionId & KEY_FIRST_FORM_MASK) {
- //
- // Delete user profile operation.
- //
- case KEY_DEL_USER:
- //
- // Judge next 2 bits.
- //
- switch (QuestionId & KEY_SECOND_FORM_MASK) {
- //
- // Enter delete user profile form.
- //
- case KEY_ENTER_NEXT_FORM:
- SelectUserToDelete ();
- break;
-
- default:
- break;
- }
- break;
-
- //
- // Modify user profile operation.
- //
- case KEY_MODIFY_USER:
- //
- // Judge next 2 bits.
- //
- switch (QuestionId & KEY_SECOND_FORM_MASK) {
- //
- // Enter modify user profile form.
- //
- case KEY_ENTER_NEXT_FORM:
- SelectUserToModify ();
- break;
-
- //
- // Enter user profile information form.
- //
- case KEY_SELECT_USER:
- //
- // Judge next 3 bits.
- //
- switch (QuestionId & KEY_MODIFY_INFO_MASK) {
- //
- // Display user information form.
- //
- case KEY_ENTER_NEXT_FORM:
- ModifyUserInfo ((UINT8) QuestionId);
- break;
-
- //
- // Modify identity policy.
- //
- case KEY_MODIFY_IP:
- //
- // Judge next 3 bits
- //
- switch (QuestionId & KEY_MODIFY_IP_MASK) {
- //
- // Display identity policy modify form.
- //
- case KEY_ENTER_NEXT_FORM:
- ModifyIdentityPolicy ();
- break;
-
- default:
- break;
- }
- break;
-
- //
- // Modify access policy.
- //
- case KEY_MODIFY_AP:
- //
- // Judge next 3 bits.
- //
- switch (QuestionId & KEY_MODIFY_AP_MASK) {
- //
- // Display access policy modify form.
- //
- case KEY_ENTER_NEXT_FORM:
- ModidyAccessPolicy ();
- break;
- //
- // Load device path form.
- //
- case KEY_MODIFY_LOAD:
- //
- // Judge next 2 bits.
- //
- switch (QuestionId & KEY_DISPLAY_DP_MASK) {
- //
- // Permit load device path.
- //
- case KEY_PERMIT_MODIFY:
- DisplayLoadPermit ();
- break;
-
- //
- // Forbid load device path.
- //
- case KEY_FORBID_MODIFY:
- DisplayLoadForbid ();
- break;
-
- default:
- break;
- }
- break;
-
- //
- // Connect device path form.
- //
- case KEY_MODIFY_CONNECT:
- //
- // Judge next 2 bits.
- //
- switch (QuestionId & KEY_DISPLAY_DP_MASK) {
- //
- // Permit connect device path.
- //
- case KEY_PERMIT_MODIFY:
- DisplayConnectPermit ();
- break;
-
- //
- // Forbid connect device path.
- //
- case KEY_FORBID_MODIFY:
- DisplayConnectForbid ();
- break;
-
- default:
- break;
- }
- break;
-
- default:
- break;
- }
- break;
-
- default:
- break;
- }
- break;
-
- default:
- break;
- }
- break;
-
- default:
- break;
- }
- }
- break;
-
- default:
- //
- // All other action return unsupported.
- //
- Status = EFI_UNSUPPORTED;
- break;
- }
-
-
- return Status;
-}
-
-
-/**
- This function allows a caller to extract the current configuration for one
- or more named elements from the target driver.
-
-
- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
- @param Request A null-terminated Unicode string in <ConfigRequest> format.
- @param Progress On return, points to a character in the Request string.
- Points to the string's null terminator if request was successful.
- Points to the most recent '&' before the first failing name/value
- pair (or the beginning of the string if the failure is in the
- first name/value pair) if the request was not successful.
- @param Results A null-terminated Unicode string in <ConfigAltResp> format which
- has all values filled in for the names in the Request string.
- String to be allocated by the called function.
-
- @retval EFI_SUCCESS The Results is filled with the requested values.
- @retval EFI_OUT_OF_RESOURCES Not enough memory to store the results.
- @retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown name.
- @retval EFI_NOT_FOUND Routing data doesn't match any storage in this driver.
-
-**/
-EFI_STATUS
-EFIAPI
-FakeExtractConfig (
- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
- IN CONST EFI_STRING Request,
- OUT EFI_STRING *Progress,
- OUT EFI_STRING *Results
- )
-{
- if (Progress == NULL || Results == NULL) {
- return EFI_INVALID_PARAMETER;
- }
- *Progress = Request;
- return EFI_NOT_FOUND;
-}
-
-/**
- This function processes the results of changes in configuration.
-
-
- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
- @param Configuration A null-terminated Unicode string in <ConfigResp> format.
- @param Progress A pointer to a string filled in with the offset of the most
- recent '&' before the first failing name/value pair (or the
- beginning of the string if the failure is in the first
- name/value pair) or the terminating NULL if all was successful.
-
- @retval EFI_SUCCESS The Results is processed successfully.
- @retval EFI_INVALID_PARAMETER Configuration is NULL.
- @retval EFI_NOT_FOUND Routing data doesn't match any storage in this driver.
-
-**/
-EFI_STATUS
-EFIAPI
-FakeRouteConfig (
- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
- IN CONST EFI_STRING Configuration,
- OUT EFI_STRING *Progress
- )
-{
- if (Configuration == NULL || Progress == NULL) {
- return EFI_INVALID_PARAMETER;
- }
-
- *Progress = Configuration;
-
- return EFI_NOT_FOUND;
-}
-
-
-/**
- Main entry for this driver.
-
- @param ImageHandle Image handle this driver.
- @param SystemTable Pointer to SystemTable.
-
- @retval EFI_SUCESS This function always complete successfully.
-
-**/
-EFI_STATUS
-EFIAPI
-UserProfileManagerInit (
- IN EFI_HANDLE ImageHandle,
- IN EFI_SYSTEM_TABLE *SystemTable
- )
-{
- EFI_STATUS Status;
- USER_PROFILE_MANAGER_CALLBACK_INFO *CallbackInfo;
-
- Status = gBS->LocateProtocol (
- &gEfiUserManagerProtocolGuid,
- NULL,
- (VOID **) &mUserManager
- );
- if (EFI_ERROR (Status)) {
- return EFI_SUCCESS;
- }
-
- //
- // Initialize driver private data.
- //
- ZeroMem (&mUserInfo, sizeof (mUserInfo));
- ZeroMem (&mAccessInfo, sizeof (mAccessInfo));
-
- CallbackInfo = AllocateZeroPool (sizeof (USER_PROFILE_MANAGER_CALLBACK_INFO));
- ASSERT (CallbackInfo != NULL);
-
- CallbackInfo->Signature = USER_PROFILE_MANAGER_SIGNATURE;
- CallbackInfo->ConfigAccess.ExtractConfig = FakeExtractConfig;
- CallbackInfo->ConfigAccess.RouteConfig = FakeRouteConfig;
- CallbackInfo->ConfigAccess.Callback = UserProfileManagerCallback;
- CallbackInfo->DriverHandle = NULL;
-
- //
- // Install Device Path Protocol and Config Access protocol to driver handle.
- //
- Status = gBS->InstallMultipleProtocolInterfaces (
- &CallbackInfo->DriverHandle,
- &gEfiDevicePathProtocolGuid,
- &mHiiVendorDevicePath,
- &gEfiHiiConfigAccessProtocolGuid,
- &CallbackInfo->ConfigAccess,
- NULL
- );
- ASSERT_EFI_ERROR (Status);
-
- //
- // Publish HII data.
- //
- CallbackInfo->HiiHandle = HiiAddPackages (
- &gUserProfileManagerGuid,
- CallbackInfo->DriverHandle,
- UserProfileManagerStrings,
- UserProfileManagerVfrBin,
- NULL
- );
- ASSERT (CallbackInfo->HiiHandle != NULL);
- mCallbackInfo = CallbackInfo;
-
- return Status;
-}
-
-
diff --git a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.h b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.h
deleted file mode 100644
index aff1e28d9d..0000000000
--- a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.h
+++ /dev/null
@@ -1,444 +0,0 @@
-/** @file
- The header file for user profile manager driver.
-
-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#ifndef __EFI_USER_PROFILE_MANAGER_H__
-#define __EFI_USER_PROFILE_MANAGER_H__
-
-#include <Uefi.h>
-
-#include <Guid/GlobalVariable.h>
-#include <Guid/MdeModuleHii.h>
-
-#include <Protocol/HiiConfigAccess.h>
-#include <Protocol/UserCredential2.h>
-#include <Protocol/UserManager.h>
-
-#include <Library/UefiRuntimeServicesTableLib.h>
-#include <Library/UefiBootServicesTableLib.h>
-#include <Library/MemoryAllocationLib.h>
-#include <Library/BaseMemoryLib.h>
-#include <Library/DevicePathLib.h>
-#include <Library/DebugLib.h>
-#include <Library/UefiLib.h>
-#include <Library/PrintLib.h>
-#include <Library/HiiLib.h>
-
-#include "UserProfileManagerData.h"
-
-#define USER_NAME_LENGTH 17
-
-//
-// Credential Provider Information.
-//
-typedef struct {
- UINTN Count;
- EFI_USER_CREDENTIAL2_PROTOCOL *Provider[1];
-} CREDENTIAL_PROVIDER_INFO;
-
-//
-// User profile information structure.
-//
-typedef struct {
- UINT64 UsageCount;
- EFI_TIME CreateDate;
- EFI_TIME UsageDate;
- UINTN AccessPolicyLen;
- UINTN IdentityPolicyLen;
- UINTN NewIdentityPolicyLen;
- UINT8 *AccessPolicy;
- UINT8 *IdentityPolicy;
- UINT8 *NewIdentityPolicy;
- CHAR16 UserName[USER_NAME_LENGTH];
- BOOLEAN CreateDateExist;
- BOOLEAN UsageDateExist;
- BOOLEAN AccessPolicyModified;
- BOOLEAN IdentityPolicyModified;
- BOOLEAN NewIdentityPolicyModified;
-} USER_INFO;
-
-//
-// User access information structure.
-//
-typedef struct {
- UINTN LoadPermitLen;
- UINTN LoadForbidLen;
- UINTN ConnectPermitLen;
- UINTN ConnectForbidLen;
- UINT8 *LoadPermit;
- UINT8 *LoadForbid;
- UINT8 *ConnectPermit;
- UINT8 *ConnectForbid;
- UINT32 AccessBootOrder;
- UINT8 AccessRight;
- UINT8 AccessSetup;
-} USER_INFO_ACCESS;
-
-#define USER_PROFILE_MANAGER_SIGNATURE SIGNATURE_32 ('U', 'P', 'M', 'S')
-
-typedef struct {
- UINTN Signature;
- EFI_HANDLE DriverHandle;
- EFI_HII_HANDLE HiiHandle;
- EFI_HII_CONFIG_ACCESS_PROTOCOL ConfigAccess;
-} USER_PROFILE_MANAGER_CALLBACK_INFO;
-
-//
-// HII specific Vendor Device Path definition.
-//
-typedef struct {
- VENDOR_DEVICE_PATH VendorDevicePath;
- EFI_DEVICE_PATH_PROTOCOL End;
-} HII_VENDOR_DEVICE_PATH;
-
-//
-// This is the generated IFR binary data for each formset defined in VFR.
-//
-extern UINT8 UserProfileManagerVfrBin[];
-
-//
-// This is the generated String package data for .UNI file.
-//
-extern UINT8 UserProfileManagerStrings[];
-
-//
-// The user manager protocol, used in several function.
-//
-extern EFI_USER_MANAGER_PROTOCOL *mUserManager;
-
-//
-// The credential providers database in system.
-//
-extern CREDENTIAL_PROVIDER_INFO *mProviderInfo;
-
-//
-// The variables used to update identity policy.
-//
-extern UINT8 mProviderChoice;
-extern UINT8 mConncetLogical;
-
-//
-// The variables used to update access policy.
-//
-extern USER_INFO_ACCESS mAccessInfo;
-
-//
-// The user information used to record all data in UI.
-//
-extern USER_INFO mUserInfo;
-
-extern USER_PROFILE_MANAGER_CALLBACK_INFO *mCallbackInfo;
-
-extern EFI_USER_PROFILE_HANDLE mModifyUser;
-
-/**
- Get string by string id from HII Interface.
-
-
- @param[in] Id String ID to get the string from.
-
- @retval CHAR16 * String from ID.
- @retval NULL If error occurs.
-
-**/
-CHAR16 *
-GetStringById (
- IN EFI_STRING_ID Id
- );
-
-/**
- Add a new user profile into the user profile database.
-
-**/
-VOID
-CallAddUser (
- VOID
- );
-
-/**
- Display user select form; can select a user to modify.
-
-**/
-VOID
-SelectUserToModify (
- VOID
- );
-
-/**
- Display user select form, cab select a user to delete.
-
-**/
-VOID
-SelectUserToDelete (
- VOID
- );
-
-/**
- Delete the user specified by UserIndex in user profile database.
-
- @param[in] UserIndex The index of user in the user name list to be deleted.
-
-**/
-VOID
-DeleteUser (
- IN UINT8 UserIndex
- );
-
-/**
- Add a username item in form.
-
- @param[in] User Points to the user profile whose username is added.
- @param[in] Index The index of the user in the user name list.
- @param[in] OpCodeHandle Points to container for dynamic created opcodes.
-
-**/
-VOID
-AddUserToForm (
- IN EFI_USER_PROFILE_HANDLE User,
- IN UINT16 Index,
- IN VOID *OpCodeHandle
- );
-
-/**
- Display modify user information form
-
- In this form, username, create Date, usage date, usage count, identity policy,
- and access policy are displayed.
-
- @param[in] UserIndex The index of the user in display list to modify.
-
-**/
-VOID
-ModifyUserInfo (
- IN UINT8 UserIndex
- );
-
-/**
- Get the username from user input and update username string in Hii
- database with it.
-
-**/
-VOID
-ModifyUserName (
- VOID
- );
-
-/**
- Display the form of modifying user identity policy.
-
-**/
-VOID
-ModifyIdentityPolicy (
- VOID
- );
-
-/**
- Update the mUserInfo.NewIdentityPolicy and UI when 'add option' is pressed.
-
-**/
-VOID
-AddIdentityPolicyItem (
- VOID
- );
-
-/**
- Save the identity policy and update UI with it.
-
- This function will verify the new identity policy, in current implementation,
- the identity policy can be: T, P & P & P & ..., P | P | P | ...
- Here, "T" means "True", "P" means "Credential Provider", "&" means "and", "|" means "or".
- Other identity policies are not supported.
-
-**/
-VOID
-SaveIdentityPolicy (
- VOID
- );
-
-/**
- Display modify user access policy form
-
- In this form, access right, access setu,p and access boot order are dynamically
- added. Load devicepath and connect devicepath are displayed too.
-
-**/
-VOID
-ModidyAccessPolicy (
- VOID
- );
-
-/**
- Collect all the access policy data to mUserInfo.AccessPolicy,
- and save it to user profile.
-
-**/
-VOID
-SaveAccessPolicy (
- VOID
- );
-
-/**
- Get current user's access rights.
-
- @param[out] AccessRight Points to the buffer used for user's access rights.
-
- @retval EFI_SUCCESS Get current user access rights successfully.
- @retval others Fail to get current user access rights.
-
-**/
-EFI_STATUS
-GetAccessRight (
- OUT UINT32 *AccessRight
- );
-
-/**
- Display the permit load device path in the loadable device path list.
-
-**/
-VOID
-DisplayLoadPermit(
- VOID
- );
-
-/**
- Display the forbid load device path list (mAccessInfo.LoadForbid).
-
-**/
-VOID
-DisplayLoadForbid (
- VOID
- );
-
-/**
- Display the permit connect device path.
-
-**/
-VOID
-DisplayConnectPermit (
- VOID
- );
-
-/**
- Display the forbid connect device path list.
-
-**/
-VOID
-DisplayConnectForbid (
- VOID
- );
-
-/**
- Delete the specified device path by DriverIndex from the forbid device path
- list (mAccessInfo.LoadForbid).
-
- @param[in] DriverIndex The index of driver in a forbidden device path list.
-
-**/
-VOID
-DeleteFromForbidLoad (
- IN UINT16 DriverIndex
- );
-
-/**
- Add the specified device path by DriverIndex to the forbid device path
- list (mAccessInfo.LoadForbid).
-
- @param[in] DriverIndex The index of driver saved in driver options.
-
-**/
-VOID
-AddToForbidLoad (
- IN UINT16 DriverIndex
- );
-
-/**
- Get user name from the popup windows.
-
- @param[in, out] UserNameLen On entry, point to the buffer lengh of UserName.
- On exit, point to the input user name length.
- @param[out] UserName The buffer to hold the input user name.
-
- @retval EFI_ABORTED It is given up by pressing 'ESC' key.
- @retval EFI_NOT_READY Not a valid input at all.
- @retval EFI_SUCCESS Get a user name successfully.
-
-**/
-EFI_STATUS
-GetUserNameInput (
- IN OUT UINTN *UserNameLen,
- OUT CHAR16 *UserName
- );
-
-/**
- Find the specified info in User profile by the InfoType.
-
- @param[in] User Handle of the user whose information will be searched.
- @param[in] InfoType The user information type to find.
- @param[out] UserInfo Points to user information handle found.
-
- @retval EFI_SUCCESS Find the user information successfully.
- @retval Others Fail to find the user information.
-
-**/
-EFI_STATUS
-FindInfoByType (
- IN EFI_USER_PROFILE_HANDLE User,
- IN UINT8 InfoType,
- OUT EFI_USER_INFO_HANDLE *UserInfo
- );
-
-/**
- Convert the identity policy to a unicode string and update the Hii database
- IpStringId string with it.
-
- @param[in] Ip Points to identity policy.
- @param[in] IpLen The identity policy length.
- @param[in] IpStringId String ID in the HII database to be replaced.
-
-**/
-VOID
-ResolveIdentityPolicy (
- IN UINT8 *Ip,
- IN UINTN IpLen,
- IN EFI_STRING_ID IpStringId
- );
-
-/**
- Expand access policy memory size.
-
- @param[in] ValidLen The valid access policy length.
- @param[in] ExpandLen The length that is needed to expand.
-
-**/
-VOID
-ExpandMemory (
- IN UINTN ValidLen,
- IN UINTN ExpandLen
- );
-
-/**
- Delete User's credental from all the providers that exist in User's identity policy.
-
- @param[in] IdentityPolicy Point to User's identity policy.
- @param[in] IdentityPolicyLen The length of the identity policy.
- @param[in] User Points to user profile.
-
-**/
-VOID
-DeleteCredentialFromProviders (
- IN UINT8 *IdentityPolicy,
- IN UINTN IdentityPolicyLen,
- IN EFI_USER_PROFILE_HANDLE User
- );
-
-#endif
diff --git a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.uni b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.uni
deleted file mode 100644
index e4a768e00a..0000000000
--- a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.uni
+++ /dev/null
@@ -1,22 +0,0 @@
-// /** @file
-// A UI tool to manage user profiles
-//
-// By this module, user can add/update/delete user profiles, and can also
-// modify the user access policy and the user identification policy.
-//
-// Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
-//
-// This program and the accompanying materials
-// are licensed and made available under the terms and conditions of the BSD License
-// which accompanies this distribution. The full text of the license may be found at
-// http://opensource.org/licenses/bsd-license.php
-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-//
-// **/
-
-
-#string STR_MODULE_ABSTRACT #language en-US "A UI tool to manage user profiles"
-
-#string STR_MODULE_DESCRIPTION #language en-US "By this module, user can add/update/delete user profiles, and can also modify the user access policy and the user identification policy."
-
diff --git a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerData.h b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerData.h
deleted file mode 100644
index a83caac9ba..0000000000
--- a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerData.h
+++ /dev/null
@@ -1,158 +0,0 @@
-/** @file
- The form data for user profile manager driver.
-
-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#ifndef __USER_PROFILE_MANAGER_DATA_H__
-#define __USER_PROFILE_MANAGER_DATA_H__
-
-#include <Guid/UserProfileManagerHii.h>
-
-//
-// Form ID
-//
-#define FORMID_USER_MANAGE 0x0001
-#define FORMID_MODIFY_USER 0x0002
-#define FORMID_DEL_USER 0x0003
-#define FORMID_USER_INFO 0x0004
-#define FORMID_MODIFY_IP 0x0005
-#define FORMID_MODIFY_AP 0x0006
-#define FORMID_LOAD_DP 0x0007
-#define FORMID_CONNECT_DP 0x0008
-#define FORMID_PERMIT_LOAD_DP 0x0009
-#define FORMID_FORBID_LOAD_DP 0x000A
-#define FORMID_PERMIT_CONNECT_DP 0x000B
-#define FORMID_FORBID_CONNECT_DP 0x000C
-
-//
-// Label ID
-//
-#define LABEL_USER_MANAGE_FUNC 0x0010
-#define LABEL_USER_DEL_FUNC 0x0020
-#define LABEL_USER_MOD_FUNC 0x0030
-#define LABEL_USER_INFO_FUNC 0x0040
-#define LABEL_IP_MOD_FUNC 0x0050
-#define LABEL_AP_MOD_FUNC 0x0060
-#define LABEL_PERMIT_LOAD_FUNC 0x0070
-#define LABLE_FORBID_LOAD_FUNC 0x0080
-#define LABEL_END 0x00F0
-
-//
-// First form key (Add/modify/del user profile).
-// First 2 bits (bit 16~15).
-//
-#define KEY_MODIFY_USER 0x4000
-#define KEY_DEL_USER 0x8000
-#define KEY_ADD_USER 0xC000
-#define KEY_FIRST_FORM_MASK 0xC000
-
-//
-// Second form key (Display new form /Select user / modify device path in access policy).
-// Next 2 bits (bit 14~13).
-//
-#define KEY_ENTER_NEXT_FORM 0x0000
-#define KEY_SELECT_USER 0x1000
-#define KEY_MODIFY_AP_DP 0x2000
-#define KEY_OPEN_CLOSE_FORM_ACTION 0x3000
-#define KEY_SECOND_FORM_MASK 0x3000
-
-//
-// User profile information form key.
-// Next 3 bits (bit 12~10).
-//
-#define KEY_MODIFY_NAME 0x0200
-#define KEY_MODIFY_IP 0x0400
-#define KEY_MODIFY_AP 0x0600
-#define KEY_MODIFY_INFO_MASK 0x0E00
-
-//
-// Specified key, used in VFR (KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_NAME).
-//
-#define KEY_MODIFY_USER_NAME 0x5200
-
-//
-// Modify identity policy form key.
-// Next 3 bits (bit 9~7).
-//
-#define KEY_MODIFY_PROV 0x0040
-#define KEY_MODIFY_MTYPE 0x0080
-#define KEY_MODIFY_CONN 0x00C0
-#define KEY_ADD_IP_OP 0x0100
-#define KEY_IP_RETURN_UIF 0x0140
-#define KEY_MODIFY_IP_MASK 0x01C0
-
-//
-// Specified key.
-//
-#define KEY_ADD_LOGICAL_OP 0x5500
-#define KEY_IP_RETURN 0x5540
-
-//
-// Modify access policy form key.
-// Next 3 bits (bit 9~7).
-//
-#define KEY_MODIFY_RIGHT 0x0040
-#define KEY_MODIFY_SETUP 0x0080
-#define KEY_MODIFY_BOOT 0x00C0
-#define KEY_MODIFY_LOAD 0x0100
-#define KEY_MODIFY_CONNECT 0x0140
-#define KEY_AP_RETURN_UIF 0x0180
-#define KEY_MODIFY_AP_MASK 0x01C0
-
-//
-// Specified key.
-//
-#define KEY_LOAD_DP 0x5700
-#define KEY_CONN_DP 0x5740
-#define KEY_AP_RETURN 0x5780
-
-//
-// Device path form key.
-// Next 2 bits (bit 6~5).
-//
-#define KEY_PERMIT_MODIFY 0x0010
-#define KEY_FORBID_MODIFY 0x0020
-#define KEY_DISPLAY_DP_MASK 0x0030
-
-//
-// Specified key.
-//
-#define KEY_LOAD_PERMIT 0x5710
-#define KEY_LOAD_FORBID 0x5720
-#define KEY_CONNECT_PERMIT 0x5750
-#define KEY_CONNECT_FORBID 0x5760
-
-//
-// Device path modify key.
-// 2 bits (bit 12~11).
-//
-#define KEY_LOAD_PERMIT_MODIFY 0x0000
-#define KEY_LOAD_FORBID_MODIFY 0x0400
-#define KEY_CONNECT_PERMIT_MODIFY 0x0800
-#define KEY_CONNECT_FORBID_MODIFY 0x0C00
-#define KEY_MODIFY_DP_MASK 0x0C00
-
-
-//
-// The permissions usable when configuring the platform.
-//
-#define ACCESS_SETUP_RESTRICTED 1
-#define ACCESS_SETUP_NORMAL 2
-#define ACCESS_SETUP_ADMIN 3
-
-//
-// Question ID for the question used in each form (KEY_OPEN_CLOSE_FORM_ACTION | FORMID_FORM_USER_MANAGE)
-// This ID is used in FORM OPEN/CLOSE CallBack action.
-//
-#define QUESTIONID_USER_MANAGE 0x3001
-
-#endif
diff --git a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerDxe.inf b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerDxe.inf
deleted file mode 100644
index cdd97731b2..0000000000
--- a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerDxe.inf
+++ /dev/null
@@ -1,72 +0,0 @@
-## @file
-# A UI tool to manage user profiles
-#
-# By this module, user can add/update/delete user profiles, and can also
-# modify the user access policy and the user identification policy.
-#
-# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
-# This program and the accompanying materials
-# are licensed and made available under the terms and conditions of the BSD License
-# which accompanies this distribution. The full text of the license may be found at
-# http://opensource.org/licenses/bsd-license.php
-# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-#
-##
-
-[Defines]
- INF_VERSION = 0x00010005
- BASE_NAME = UserProfileManager
- MODULE_UNI_FILE = UserProfileManager.uni
- FILE_GUID = E38CB52D-A74D-45db-A8D0-290C9B21BBF2
- MODULE_TYPE = DXE_DRIVER
- VERSION_STRING = 1.0
- ENTRY_POINT = UserProfileManagerInit
-
-[Sources]
- UserProfileManager.c
- UserProfileManager.h
- UserProfileAdd.c
- UserProfileDelete.c
- UserProfileModify.c
- ModifyIdentityPolicy.c
- ModifyAccessPolicy.c
- UserProfileManagerData.h
- UserProfileManagerStrings.uni
- UserProfileManagerVfr.Vfr
-
-[Packages]
- MdePkg/MdePkg.dec
- MdeModulePkg/MdeModulePkg.dec
- SecurityPkg/SecurityPkg.dec
-
-[LibraryClasses]
- UefiRuntimeServicesTableLib
- UefiBootServicesTableLib
- UefiDriverEntryPoint
- MemoryAllocationLib
- BaseMemoryLib
- DebugLib
- HiiLib
- UefiLib
- DevicePathLib
-
-[Guids]
- gEfiIfrTianoGuid ## SOMETIMES_CONSUMES ## GUID
- gEfiUserInfoAccessSetupAdminGuid ## SOMETIMES_CONSUMES ## GUID
- gEfiUserInfoAccessSetupNormalGuid ## SOMETIMES_CONSUMES ## GUID
- gEfiUserInfoAccessSetupRestrictedGuid ## SOMETIMES_CONSUMES ## GUID
- gUserProfileManagerGuid ## CONSUMES ## HII
-
-[Protocols]
- gEfiDevicePathProtocolGuid ## PRODUCES
- gEfiHiiConfigAccessProtocolGuid ## PRODUCES
- gEfiUserCredential2ProtocolGuid ## SOMETIMES_CONSUMES
- gEfiUserManagerProtocolGuid ## CONSUMES
-
-[Depex]
- gEfiUserManagerProtocolGuid
-
-[UserExtensions.TianoCore."ExtraFiles"]
- UserProfileManagerExtra.uni
-
diff --git a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerExtra.uni b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerExtra.uni
deleted file mode 100644
index bf7ac7dc04..0000000000
--- a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerExtra.uni
+++ /dev/null
@@ -1,19 +0,0 @@
-// /** @file
-// UserProfileManager Localized Strings and Content
-//
-// Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
-//
-// This program and the accompanying materials
-// are licensed and made available under the terms and conditions of the BSD License
-// which accompanies this distribution. The full text of the license may be found at
-// http://opensource.org/licenses/bsd-license.php
-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-//
-// **/
-
-#string STR_PROPERTIES_MODULE_NAME
-#language en-US
-"User Profile Manager"
-
-
diff --git a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerStrings.uni b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerStrings.uni
deleted file mode 100644
index 3a003a9883..0000000000
--- a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerStrings.uni
+++ /dev/null
@@ -1,158 +0,0 @@
-/** @file
- String definitions for User Profile Manager driver.
-
-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#langdef en-US "English"
-#langdef fr-FR "Français"
-
-#string STR_NULL_STRING #language en-US ""
- #language fr-FR ""
-#string STR_FORMSET_TITLE #language en-US "User Manager"
- #language fr-FR "User Manager(French)"
-#string STR_TITLE_HELP #language en-US "This selection will take you to the User Manager"
- #language fr-FR "This selection will take you to the User Manager(French)"
-#string STR_USERMAN_TITLE #language en-US "User Manager"
- #language fr-FR "User Manager(French)"
-#string STR_ADD_USER_TITLE #language en-US "Add User Profile"
- #language fr-FR "Add User Profile(French)"
-#string STR_ADD_USER_HELP #language en-US "Add User Profile to User Database"
- #language fr-FR "Add User Profile to User Database(French)"
-#string STR_MODIFY_USER_TITLE #language en-US "Modify User Profile"
- #language fr-FR "Modify User Profile(French)"
-#string STR_MODIFY_USER_HELP #language en-US "Modify User Profile Information"
- #language fr-FR "Modify User Profile Information(French)"
-#string STR_DELETE_USER_TITLE #language en-US "Delete User Profile"
- #language fr-FR "Delete User Profile(French)"
-#string STR_DELETE_USER_HELP #language en-US "Delete User Profile from User Database"
- #language fr-FR "Delete User Profile from User Database(French)"
-#string STR_USER_INFO #language en-US "User Profile Information"
- #language fr-FR "User Profile Information(French)"
-#string STR_USER_NAME #language en-US "User Name"
- #language fr-FR "User Name(French)"
-#string STR_USER_NAME_VAL #language en-US ""
- #language fr-FR ""
-#string STR_CREATE_DATE #language en-US "Create Date"
- #language fr-FR "Create Date(French)"
-#string STR_CREATE_DATE_VAL #language en-US ""
- #language fr-FR ""
-#string STR_USAGE_DATE #language en-US "Usage Date"
- #language fr-FR "Usage Date(French)"
-#string STR_USAGE_DATE_VAL #language en-US ""
- #language fr-FR ""
-#string STR_USAGE_COUNT #language en-US "Usage Count"
- #language fr-FR "Usage Count(French)"
-#string STR_USAGE_COUNT_VAL #language en-US ""
- #language fr-FR ""
-#string STR_IDENTIFY_POLICY #language en-US "Identify Policy"
- #language fr-FR "Identify Policy(French)"
-#string STR_IDENTIFY_POLICY_VAL #language en-US ""
- #language fr-FR ""
-#string STR_ACCESS_POLICY #language en-US "Access Policy"
- #language fr-FR "Access Policy(French)"
-#string STR_SAVE #language en-US "Save & Exit"
- #language fr-FR "Save & Exit(French)"
-#string STR_IDENTIFY_SAVE_HELP #language en-US "Save Identify Policy and Exit"
- #language fr-FR "Save Identify Policy and Exit(French)"
-#string STR_PROVIDER #language en-US "Credential Provider"
- #language fr-FR "Credential Provider(French)"
-#string STR_PROVIDER_HELP #language en-US "Select Credential Provider Option"
- #language fr-FR "Select Credential Provider Option(French)"
-#string STR_OR_CON #language en-US "Or"
- #language fr-FR "Or(French)"
-#string STR_AND_CON #language en-US "And"
- #language fr-FR "And(French)"
-#string STR_CONNECTOR #language en-US "Logical Connector"
- #language fr-FR "Logical Connector(French)"
-#string STR_CONNECTOR_HELP #language en-US "Select Logical Connector Option"
- #language fr-FR "Select Logical Connector Option(French)"
-#string STR_IDENTIFY_POLICY_VALUE #language en-US ""
- #language fr-FR ""
-#string STR_IDENTIFY_POLICY_HELP #language en-US "Current Identify Policy"
- #language fr-FR "Current Identify Policy(French)"
-#string STR_ADD_OPTION #language en-US "Add Option"
- #language fr-FR "Add Option(French)"
-#string STR_ADD_OPTION_HELP #language en-US "Add This Option to Identify Policy"
- #language fr-FR "Add This Option to Identify Policy(French)"
-#string STR_ACCESS_SAVE_HELP #language en-US "Save Access Policy and Exit"
- #language fr-FR "Save Access Policy and Exit(French)"
-#string STR_ACCESS_RIGHT #language en-US "Access Right"
- #language fr-FR "Access Right(French)"
-#string STR_ACCESS_RIGHT_HELP #language en-US "Select Access Right Option"
- #language fr-FR "Select Access Right Option(French)"
-#string STR_NORMAL #language en-US "Normal"
- #language fr-FR "Normal(French)"
-#string STR_ENROLL #language en-US "Enroll"
- #language fr-FR "Enroll(French)"
-#string STR_MANAGE #language en-US "Manage"
- #language fr-FR "Manage(French)"
-#string STR_ACCESS_SETUP #language en-US "Access Setup"
- #language fr-FR "Access Setup(French)"
-#string STR_ACCESS_SETUP_HELP #language en-US "Select Access Setup Option"
- #language fr-FR "Selelct Access Setup Option(French)"
-#string STR_RESTRICTED #language en-US "Restricted"
- #language fr-FR "Restricted(French)"
-#string STR_ADMIN #language en-US "Admin"
- #language fr-FR "Admin(French)"
-#string STR_BOOR_ORDER #language en-US "Access Boot Order"
- #language fr-FR "Access Boot Order(French)"
-#string STR_BOOT_ORDER_HELP #language en-US "Select Access Boot Order Option"
- #language fr-FR "Select Access Boot Order Option(French)"
-#string STR_INSERT #language en-US "Insert"
- #language fr-FR "Insert(French)"
-#string STR_APPEND #language en-US "Append"
- #language fr-FR "Append(French)"
-#string STR_REPLACE #language en-US "Replace"
- #language fr-FR "Replace(French)"
-#string STR_NODEFAULT #language en-US "Nodefault"
- #language fr-FR "Nodefault(French)"
-#string STR_LOAD #language en-US "Load Device Path"
- #language fr-FR "Load Device Path(French)"
-#string STR_LOAD_HELP #language en-US "Select Permit/Forbid Load Device Path"
- #language fr-FR "Select Permit/Forbid Load Device Path(French)"
-#string STR_CONNECT #language en-US "Connect Device Path"
- #language fr-FR "Connect Device Path(French)"
-#string STR_CONNECT_HELP #language en-US "Select Permit/Forbid Connect Device Path"
- #language fr-FR "Select Permit/Forbid Connect Device Path(French)"
-#string STR_LOAD_PERMIT #language en-US "Permit Load Device Path"
- #language fr-FR "Permit Load Device Path(French)"
-#string STR_LOAD_PERMIT_HELP #language en-US "Change Permit Load Device Path to Forbid"
- #language fr-FR "Change Permit Load Device Path to Forbid(French)"
-#string STR_LOAD_FORBID #language en-US "Forbid Load Device Path"
- #language fr-FR "Forbid Load Device Path(French)"
-#string STR_LOAD_FORBID_HELP #language en-US "Change Forbid Load Device Path to Permit"
- #language fr-FR "Change Forbid Load Device Path to Permit(French)"
-#string STR_CONNECT_PERMIT #language en-US "Permit Connect Device Path"
- #language fr-FR "Permit Connect Device Path(French)"
-#string STR_CONNECT_PERMIT_HELP #language en-US "Change Permit Connect Device Path to Forbid"
- #language fr-FR "Change Permit Connect Device Path to Forbid(French)"
-#string STR_CONNECT_FORBID #language en-US "Forbid Connect Device Path"
- #language fr-FR "Forbid Connect Device Path(French)"
-#string STR_CONNECT_FORBID_HELP #language en-US "Change Forbid Connect Device Path to Permit"
- #language fr-FR "Change Forbid Connect Device Path to Permit(French)"
-#string STR_PRESS_KEY_CONTINUE #language en-US "Press ENTER to Continue, Other Key to Cancel ..."
- #language fr-FR "Press ENTER to Continue, Other Key to Cancel ...(French)"
-#string STR_MOVE_TO_FORBID_LIST #language en-US "Are You Sure to Move It to Forbid List?"
- #language fr-FR "Are You Sure to Move It to Forbid List?(French)"
-#string STR_MOVE_TO_PERMIT_LIST #language en-US "Are You Sure to Move It to Permit List?"
- #language fr-FR "Are You Sure to Move It to Permit List?(French)"
-#string STR_STROKE_KEY_CONTINUE #language en-US "Please Press Any Key to Continue ..."
- #language fr-FR "Please Press Any Key to Continue ... (French)"
-#string STR_CREATE_PROFILE_FAILED #language en-US "Create New User Profile Failed!"
- #language fr-FR "Create New User Profile Failed! (French)"
-#string STR_CREATE_PROFILE_SUCCESS #language en-US "Create New User Profile Succeed!"
- #language fr-FR "Create New User Profile Succeed! (French)"
-#string STR_USER_ALREADY_EXISTED #language en-US "User Name Had Already Existed."
- #language fr-FR "User Name Had Already Existed. (French)"
-#string STR_GET_USERNAME_FAILED #language en-US "Failed To Get User Name."
- #language fr-FR "Failed To Get User Name. (French)"
-
diff --git a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerVfr.Vfr b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerVfr.Vfr
deleted file mode 100644
index 2cf3359f2a..0000000000
--- a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManagerVfr.Vfr
+++ /dev/null
@@ -1,244 +0,0 @@
-/** @file
- User Profile Manager formset.
-
-Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#include "UserProfileManagerData.h"
-
-#define USER_MANAGER_CLASS 0x00
-#define USER_MANAGER_SUBCLASS 0x04
-
-formset
- guid = USER_PROFILE_MANAGER_GUID,
- title = STRING_TOKEN(STR_FORMSET_TITLE),
- help = STRING_TOKEN(STR_TITLE_HELP),
-
- // User manager form
- form formid = FORMID_USER_MANAGE,
- title = STRING_TOKEN(STR_USERMAN_TITLE);
-
- label LABEL_USER_MANAGE_FUNC;
- label LABEL_END;
-
- suppressif TRUE;
- text
- help = STRING_TOKEN(STR_NULL_STRING),
- text = STRING_TOKEN(STR_NULL_STRING),
- flags = INTERACTIVE,
- key = QUESTIONID_USER_MANAGE;
- endif;
-
- endform;
-
- // Modify user profile form
- form formid = FORMID_MODIFY_USER,
- title = STRING_TOKEN(STR_MODIFY_USER_TITLE);
-
- label LABEL_USER_MOD_FUNC;
- label LABEL_END;
-
- endform;
-
- // Delete user profile form
- form formid = FORMID_DEL_USER,
- title = STRING_TOKEN(STR_DELETE_USER_TITLE);
-
- label LABEL_USER_DEL_FUNC;
- label LABEL_END;
-
- subtitle
- text = STRING_TOKEN(STR_NULL_STRING);
- endform;
-
- //
- // User profile information form
- //
- form formid = FORMID_USER_INFO,
- title = STRING_TOKEN(STR_USER_INFO);
-
- text
- help = STRING_TOKEN(STR_USER_NAME_VAL),
- text = STRING_TOKEN(STR_USER_NAME),
- flags = INTERACTIVE,
- key = KEY_MODIFY_USER_NAME;
-
- text
- help = STRING_TOKEN(STR_CREATE_DATE_VAL),
- text = STRING_TOKEN(STR_CREATE_DATE);
-
- text
- help = STRING_TOKEN(STR_USAGE_DATE_VAL),
- text = STRING_TOKEN(STR_USAGE_DATE);
-
- text
- help = STRING_TOKEN(STR_USAGE_COUNT_VAL),
- text = STRING_TOKEN(STR_USAGE_COUNT);
-
- label LABEL_USER_INFO_FUNC;
- label LABEL_END;
-
- endform;
-
- //
- // Identify policy modify form
- //
- form formid = FORMID_MODIFY_IP,
- title = STRING_TOKEN(STR_IDENTIFY_POLICY);
-
- text
- help = STRING_TOKEN(STR_IDENTIFY_POLICY_HELP),
- text = STRING_TOKEN(STR_IDENTIFY_POLICY),
- text = STRING_TOKEN(STR_IDENTIFY_POLICY_VALUE);
-
- label LABEL_IP_MOD_FUNC;
- label LABEL_END;
-
- text
- help = STRING_TOKEN(STR_ADD_OPTION_HELP),
- text = STRING_TOKEN(STR_ADD_OPTION),
- flags = INTERACTIVE,
- key = KEY_ADD_LOGICAL_OP;
-
- subtitle
- text = STRING_TOKEN(STR_NULL_STRING);
-
- text
- help = STRING_TOKEN(STR_IDENTIFY_SAVE_HELP),
- text = STRING_TOKEN(STR_SAVE),
- flags = INTERACTIVE,
- key = KEY_IP_RETURN;
-
- endform;
-
- //
- // Access policy modify form
- //
- form formid = FORMID_MODIFY_AP,
- title = STRING_TOKEN(STR_ACCESS_POLICY);
-
- label LABEL_AP_MOD_FUNC;
- label LABEL_END;
-
- goto FORMID_LOAD_DP,
- prompt = STRING_TOKEN(STR_LOAD),
- help = STRING_TOKEN(STR_LOAD_HELP),
- flags = INTERACTIVE,
- key = KEY_LOAD_DP;
-
- goto FORMID_CONNECT_DP,
- prompt = STRING_TOKEN(STR_CONNECT),
- help = STRING_TOKEN(STR_CONNECT_HELP),
- flags = INTERACTIVE,
- key = KEY_CONN_DP;
-
- subtitle
- text = STRING_TOKEN(STR_NULL_STRING);
-
- text
- help = STRING_TOKEN(STR_ACCESS_SAVE_HELP),
- text = STRING_TOKEN(STR_SAVE),
- flags = INTERACTIVE,
- key = KEY_AP_RETURN;
-
- endform;
-
- //
- // Load device path form
- //
- form formid = FORMID_LOAD_DP,
- title = STRING_TOKEN(STR_LOAD);
-
- goto FORMID_PERMIT_LOAD_DP,
- prompt = STRING_TOKEN(STR_LOAD_PERMIT),
- help = STRING_TOKEN(STR_LOAD_PERMIT_HELP),
- flags = INTERACTIVE,
- key = KEY_LOAD_PERMIT;
-
- goto FORMID_FORBID_LOAD_DP,
- prompt = STRING_TOKEN(STR_LOAD_FORBID),
- help = STRING_TOKEN(STR_LOAD_FORBID_HELP),
- flags = INTERACTIVE,
- key = KEY_LOAD_FORBID;
-
- endform;
-
- //
- // Permit load device path form
- //
- form formid = FORMID_PERMIT_LOAD_DP,
- title = STRING_TOKEN(STR_LOAD_PERMIT);
-
- label LABEL_PERMIT_LOAD_FUNC;
- label LABEL_END;
-
- subtitle
- text = STRING_TOKEN(STR_NULL_STRING);
-
- endform;
-
- //
- // Forbid load device path form
- //
- form formid = FORMID_FORBID_LOAD_DP,
- title = STRING_TOKEN(STR_LOAD_FORBID);
-
- label LABLE_FORBID_LOAD_FUNC;
- label LABEL_END;
-
- subtitle
- text = STRING_TOKEN(STR_NULL_STRING);
-
- endform;
-
- //
- // Connect device path form
- //
- form formid = FORMID_CONNECT_DP,
- title = STRING_TOKEN(STR_CONNECT);
-
- goto FORMID_PERMIT_CONNECT_DP,
- prompt = STRING_TOKEN(STR_CONNECT_PERMIT),
- help = STRING_TOKEN(STR_CONNECT_PERMIT_HELP),
- flags = INTERACTIVE,
- key = KEY_CONNECT_PERMIT;
-
- goto FORMID_FORBID_CONNECT_DP,
- prompt = STRING_TOKEN(STR_CONNECT_FORBID),
- help = STRING_TOKEN(STR_CONNECT_FORBID_HELP),
- flags = INTERACTIVE,
- key = KEY_CONNECT_FORBID;
-
- endform;
-
- //
- // Permit connect device path form
- //
- form formid = FORMID_PERMIT_CONNECT_DP,
- title = STRING_TOKEN(STR_CONNECT_PERMIT);
-
- subtitle
- text = STRING_TOKEN(STR_NULL_STRING);
-
- endform;
-
- //
- // Forbid connect device path form
- //
- form formid = FORMID_FORBID_CONNECT_DP,
- title = STRING_TOKEN(STR_CONNECT_FORBID);
-
- subtitle
- text = STRING_TOKEN(STR_NULL_STRING);
-
- endform;
-
-endformset;
diff --git a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileModify.c b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileModify.c
deleted file mode 100644
index d165e5ae9b..0000000000
--- a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileModify.c
+++ /dev/null
@@ -1,1475 +0,0 @@
-/** @file
- The functions to modify a user profile.
-
-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#include "UserProfileManager.h"
-
-EFI_USER_PROFILE_HANDLE mModifyUser = NULL;
-
-/**
- Display user select form, cab select a user to modify.
-
-**/
-VOID
-SelectUserToModify (
- VOID
- )
-{
- EFI_STATUS Status;
- UINT8 Index;
- EFI_USER_PROFILE_HANDLE User;
- EFI_USER_PROFILE_HANDLE CurrentUser;
- UINT32 CurrentAccessRight;
- VOID *StartOpCodeHandle;
- VOID *EndOpCodeHandle;
- EFI_IFR_GUID_LABEL *StartLabel;
- EFI_IFR_GUID_LABEL *EndLabel;
-
- //
- // Initialize the container for dynamic opcodes.
- //
- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
- ASSERT (StartOpCodeHandle != NULL);
-
- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
- ASSERT (EndOpCodeHandle != NULL);
-
- //
- // Create Hii Extend Label OpCode.
- //
- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
- StartOpCodeHandle,
- &gEfiIfrTianoGuid,
- NULL,
- sizeof (EFI_IFR_GUID_LABEL)
- );
- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
- StartLabel->Number = LABEL_USER_MOD_FUNC;
-
- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
- EndOpCodeHandle,
- &gEfiIfrTianoGuid,
- NULL,
- sizeof (EFI_IFR_GUID_LABEL)
- );
- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
- EndLabel->Number = LABEL_END;
-
- //
- // Add each user can be modified.
- //
- User = NULL;
- Index = 1;
- mUserManager->Current (mUserManager, &CurrentUser);
- while (TRUE) {
- Status = mUserManager->GetNext (mUserManager, &User);
- if (EFI_ERROR (Status)) {
- break;
- }
-
- Status = GetAccessRight (&CurrentAccessRight);
- if (EFI_ERROR (Status)) {
- CurrentAccessRight = EFI_USER_INFO_ACCESS_ENROLL_SELF;
- }
-
- if ((CurrentAccessRight == EFI_USER_INFO_ACCESS_MANAGE) || (User == CurrentUser)) {
- AddUserToForm (User, (UINT16)(KEY_MODIFY_USER | KEY_SELECT_USER | Index), StartOpCodeHandle);
- }
- Index++;
- }
-
- HiiUpdateForm (
- mCallbackInfo->HiiHandle, // HII handle
- &gUserProfileManagerGuid, // Formset GUID
- FORMID_MODIFY_USER, // Form ID
- StartOpCodeHandle, // Label for where to insert opcodes
- EndOpCodeHandle // Replace data
- );
-
- HiiFreeOpCodeHandle (StartOpCodeHandle);
- HiiFreeOpCodeHandle (EndOpCodeHandle);
-}
-
-
-/**
- Get all the user info from mModifyUser in the user manager, and save on the
- global variable.
-
-**/
-VOID
-GetAllUserInfo (
- VOID
- )
-{
- EFI_STATUS Status;
- EFI_USER_INFO_HANDLE UserInfo;
- EFI_USER_INFO *Info;
- UINTN InfoSize;
- UINTN MemSize;
- UINTN DataLen;
-
- //
- // Init variable to default value.
- //
- mProviderChoice = 0;
- mConncetLogical = 0;
-
- mUserInfo.CreateDateExist = FALSE;
- mUserInfo.UsageDateExist = FALSE;
- mUserInfo.UsageCount = 0;
-
- mUserInfo.AccessPolicyLen = 0;
- mUserInfo.AccessPolicyModified = FALSE;
- if (mUserInfo.AccessPolicy != NULL) {
- FreePool (mUserInfo.AccessPolicy);
- mUserInfo.AccessPolicy = NULL;
- }
- mUserInfo.IdentityPolicyLen = 0;
- mUserInfo.IdentityPolicyModified = FALSE;
- if (mUserInfo.IdentityPolicy != NULL) {
- FreePool (mUserInfo.IdentityPolicy);
- mUserInfo.IdentityPolicy = NULL;
- }
-
- //
- // Allocate user information memory.
- //
- MemSize = sizeof (EFI_USER_INFO) + 63;
- Info = AllocateZeroPool (MemSize);
- if (Info == NULL) {
- return ;
- }
-
- //
- // Get each user information.
- //
- UserInfo = NULL;
- while (TRUE) {
- Status = mUserManager->GetNextInfo (mUserManager, mModifyUser, &UserInfo);
- if (EFI_ERROR (Status)) {
- break;
- }
- //
- // Get information.
- //
- InfoSize = MemSize;
- Status = mUserManager->GetInfo (
- mUserManager,
- mModifyUser,
- UserInfo,
- Info,
- &InfoSize
- );
- if (Status == EFI_BUFFER_TOO_SMALL) {
- MemSize = InfoSize;
- FreePool (Info);
- Info = AllocateZeroPool (MemSize);
- if (Info == NULL) {
- return ;
- }
-
- Status = mUserManager->GetInfo (
- mUserManager,
- mModifyUser,
- UserInfo,
- Info,
- &InfoSize
- );
- }
-
- if (Status == EFI_SUCCESS) {
- //
- // Deal with each information according to informaiton type.
- //
- DataLen = Info->InfoSize - sizeof (EFI_USER_INFO);
- switch (Info->InfoType) {
- case EFI_USER_INFO_NAME_RECORD:
- CopyMem (&mUserInfo.UserName, (UINT8 *) (Info + 1), DataLen);
- break;
-
- case EFI_USER_INFO_CREATE_DATE_RECORD:
- CopyMem (&mUserInfo.CreateDate, (UINT8 *) (Info + 1), DataLen);
- mUserInfo.CreateDateExist = TRUE;
- break;
-
- case EFI_USER_INFO_USAGE_DATE_RECORD:
- CopyMem (&mUserInfo.UsageDate, (UINT8 *) (Info + 1), DataLen);
- mUserInfo.UsageDateExist = TRUE;
- break;
-
- case EFI_USER_INFO_USAGE_COUNT_RECORD:
- CopyMem (&mUserInfo.UsageCount, (UINT8 *) (Info + 1), DataLen);
- break;
-
- case EFI_USER_INFO_ACCESS_POLICY_RECORD:
- mUserInfo.AccessPolicy = AllocateZeroPool (DataLen);
- if (mUserInfo.AccessPolicy == NULL) {
- break;
- }
-
- CopyMem (mUserInfo.AccessPolicy, (UINT8 *) (Info + 1), DataLen);
- mUserInfo.AccessPolicyLen = DataLen;
- break;
-
- case EFI_USER_INFO_IDENTITY_POLICY_RECORD:
- mUserInfo.IdentityPolicy = AllocateZeroPool (DataLen);
- if (mUserInfo.IdentityPolicy == NULL) {
- break;
- }
-
- CopyMem (mUserInfo.IdentityPolicy, (UINT8 *) (Info + 1), DataLen);
- mUserInfo.IdentityPolicyLen = DataLen;
- break;
-
- default:
- break;
- }
- }
- }
- FreePool (Info);
-}
-
-
-/**
- Convert the Date to a string, and update the Hii database DateID string with it.
-
- @param[in] Date Points to the date to be converted.
- @param[in] DateId String ID in the HII database to be replaced.
-
-**/
-VOID
-ResolveDate (
- IN EFI_TIME *Date,
- IN EFI_STRING_ID DateId
- )
-{
- CHAR16 *Str;
- UINTN DateBufLen;
-
- //
- // Convert date to string.
- //
- DateBufLen = 64;
- Str = AllocateZeroPool (DateBufLen);
- if (Str == NULL) {
- return ;
- }
-
- UnicodeSPrint (
- Str,
- DateBufLen,
- L"%4d-%2d-%2d ",
- Date->Year,
- Date->Month,
- Date->Day
- );
-
- //
- // Convert time to string.
- //
- DateBufLen -= StrLen (Str);
- UnicodeSPrint (
- Str + StrLen (Str),
- DateBufLen,
- L"%2d:%2d:%2d",
- Date->Hour,
- Date->Minute,
- Date->Second
- );
-
- HiiSetString (mCallbackInfo->HiiHandle, DateId, Str, NULL);
- FreePool (Str);
-}
-
-
-/**
- Convert the CountVal to a string, and update the Hii database CountId string
- with it.
-
- @param[in] CountVal The hex value to convert.
- @param[in] CountId String ID in the HII database to be replaced.
-
-**/
-VOID
-ResolveCount (
- IN UINT32 CountVal,
- IN EFI_STRING_ID CountId
- )
-{
- CHAR16 Count[10];
-
- UnicodeSPrint (Count, 20, L"%d", CountVal);
- HiiSetString (mCallbackInfo->HiiHandle, CountId, Count, NULL);
-}
-
-
-/**
- Concatenates one Null-terminated Unicode string to another Null-terminated
- Unicode string.
-
- @param[in, out] Source1 On entry, point to a Null-terminated Unicode string.
- On exit, point to a new concatenated Unicode string
- @param[in] Source2 Pointer to a Null-terminated Unicode string.
-
-**/
-VOID
-AddStr (
- IN OUT CHAR16 **Source1,
- IN CONST CHAR16 *Source2
- )
-{
- CHAR16 *TmpStr;
- UINTN StrLength;
-
- ASSERT (Source1 != NULL);
- ASSERT (Source2 != NULL);
-
- if (*Source1 == NULL) {
- StrLength = StrSize (Source2);
- } else {
- StrLength = StrSize (*Source1);
- StrLength += StrSize (Source2) - 2;
- }
-
- TmpStr = AllocateZeroPool (StrLength);
- ASSERT (TmpStr != NULL);
-
- if (*Source1 == NULL) {
- StrCpyS (TmpStr, StrLength / sizeof (CHAR16), Source2);
- } else {
- StrCpyS (TmpStr, StrLength / sizeof (CHAR16), *Source1);
- FreePool (*Source1);
- StrCatS (TmpStr, StrLength / sizeof (CHAR16),Source2);
- }
-
- *Source1 = TmpStr;
-}
-
-
-/**
- Convert the identity policy to a unicode string and update the Hii database
- IpStringId string with it.
-
- @param[in] Ip Points to identity policy.
- @param[in] IpLen The identity policy length.
- @param[in] IpStringId String ID in the HII database to be replaced.
-
-**/
-VOID
-ResolveIdentityPolicy (
- IN UINT8 *Ip,
- IN UINTN IpLen,
- IN EFI_STRING_ID IpStringId
- )
-{
- CHAR16 *TmpStr;
- UINTN ChkLen;
- EFI_USER_INFO_IDENTITY_POLICY *Identity;
- UINT16 Index;
- CHAR16 *ProvStr;
- EFI_STRING_ID ProvId;
- EFI_HII_HANDLE HiiHandle;
- EFI_USER_CREDENTIAL2_PROTOCOL *UserCredential;
-
- TmpStr = NULL;
-
- //
- // Resolve each policy.
- //
- ChkLen = 0;
- while (ChkLen < IpLen) {
- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) (Ip + ChkLen);
- switch (Identity->Type) {
- case EFI_USER_INFO_IDENTITY_FALSE:
- AddStr (&TmpStr, L"False");
- break;
-
- case EFI_USER_INFO_IDENTITY_TRUE:
- AddStr (&TmpStr, L"None");
- break;
-
- case EFI_USER_INFO_IDENTITY_NOT:
- AddStr (&TmpStr, L"! ");
- break;
-
- case EFI_USER_INFO_IDENTITY_AND:
- AddStr (&TmpStr, L" && ");
- break;
-
- case EFI_USER_INFO_IDENTITY_OR:
- AddStr (&TmpStr, L" || ");
- break;
-
- case EFI_USER_INFO_IDENTITY_CREDENTIAL_TYPE:
- for (Index = 0; Index < mProviderInfo->Count; Index++) {
- UserCredential = mProviderInfo->Provider[Index];
- if (CompareGuid ((EFI_GUID *) (Identity + 1), &UserCredential->Type)) {
- UserCredential->Title (
- UserCredential,
- &HiiHandle,
- &ProvId
- );
- ProvStr = HiiGetString (HiiHandle, ProvId, NULL);
- if (ProvStr != NULL) {
- AddStr (&TmpStr, ProvStr);
- FreePool (ProvStr);
- }
- break;
- }
- }
- break;
-
- case EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER:
- for (Index = 0; Index < mProviderInfo->Count; Index++) {
- UserCredential = mProviderInfo->Provider[Index];
- if (CompareGuid ((EFI_GUID *) (Identity + 1), &UserCredential->Identifier)) {
- UserCredential->Title (
- UserCredential,
- &HiiHandle,
- &ProvId
- );
- ProvStr = HiiGetString (HiiHandle, ProvId, NULL);
- if (ProvStr != NULL) {
- AddStr (&TmpStr, ProvStr);
- FreePool (ProvStr);
- }
- break;
- }
- }
- break;
- }
-
- ChkLen += Identity->Length;
- }
-
- if (TmpStr != NULL) {
- HiiSetString (mCallbackInfo->HiiHandle, IpStringId, TmpStr, NULL);
- FreePool (TmpStr);
- }
-}
-
-
-/**
- Display modify user information form.
-
- This form displays, username, create Date, usage date, usage count, identity policy,
- and access policy.
-
- @param[in] UserIndex The index of the user in display list to modify.
-
-**/
-VOID
-ModifyUserInfo (
- IN UINT8 UserIndex
- )
-{
- EFI_STATUS Status;
- EFI_USER_PROFILE_HANDLE CurrentUser;
- UINT32 CurrentAccessRight;
- VOID *StartOpCodeHandle;
- VOID *EndOpCodeHandle;
- EFI_IFR_GUID_LABEL *StartLabel;
- EFI_IFR_GUID_LABEL *EndLabel;
-
- //
- // Initialize the container for dynamic opcodes.
- //
- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
- ASSERT (StartOpCodeHandle != NULL);
-
- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
- ASSERT (EndOpCodeHandle != NULL);
-
- //
- // Create Hii Extend Label OpCode.
- //
- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
- StartOpCodeHandle,
- &gEfiIfrTianoGuid,
- NULL,
- sizeof (EFI_IFR_GUID_LABEL)
- );
- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
- StartLabel->Number = LABEL_USER_INFO_FUNC;
-
- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
- EndOpCodeHandle,
- &gEfiIfrTianoGuid,
- NULL,
- sizeof (EFI_IFR_GUID_LABEL)
- );
- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
- EndLabel->Number = LABEL_END;
-
- //
- // Find the user profile to be modified.
- //
- mModifyUser = NULL;
- Status = mUserManager->GetNext (mUserManager, &mModifyUser);
- if (EFI_ERROR (Status)) {
- return ;
- }
-
- while (UserIndex > 1) {
- Status = mUserManager->GetNext (mUserManager, &mModifyUser);
- if (EFI_ERROR (Status)) {
- return ;
- }
- UserIndex--;
- }
-
- //
- // Get user profile information.
- //
- GetAllUserInfo ();
-
- //
- // Update user name.
- HiiSetString (
- mCallbackInfo->HiiHandle,
- STRING_TOKEN (STR_USER_NAME_VAL),
- mUserInfo.UserName,
- NULL
- );
-
- //
- // Update create date.
- //
- if (mUserInfo.CreateDateExist) {
- ResolveDate (&mUserInfo.CreateDate, STRING_TOKEN (STR_CREATE_DATE_VAL));
- } else {
- HiiSetString (
- mCallbackInfo->HiiHandle,
- STRING_TOKEN (STR_CREATE_DATE_VAL),
- L"",
- NULL
- );
- }
-
- //
- // Add usage date.
- //
- if (mUserInfo.UsageDateExist) {
- ResolveDate (&mUserInfo.UsageDate, STRING_TOKEN (STR_USAGE_DATE_VAL));
- } else {
- HiiSetString (
- mCallbackInfo->HiiHandle,
- STRING_TOKEN (STR_USAGE_DATE_VAL),
- L"",
- NULL
- );
- }
-
- //
- // Add usage count.
- //
- ResolveCount ((UINT32) mUserInfo.UsageCount, STRING_TOKEN (STR_USAGE_COUNT_VAL));
-
- //
- // Add identity policy.
- //
- mUserManager->Current (mUserManager, &CurrentUser);
- if (mModifyUser == CurrentUser) {
- ResolveIdentityPolicy (
- mUserInfo.IdentityPolicy,
- mUserInfo.IdentityPolicyLen,
- STRING_TOKEN (STR_IDENTIFY_POLICY_VAL)
- );
- HiiCreateGotoOpCode (
- StartOpCodeHandle, // Container for opcodes
- FORMID_MODIFY_IP, // Target Form ID
- STRING_TOKEN (STR_IDENTIFY_POLICY), // Prompt text
- STRING_TOKEN (STR_IDENTIFY_POLICY_VAL), // Help text
- EFI_IFR_FLAG_CALLBACK, // Question flag
- KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_IP // Question ID
- );
- }
-
- //
- // Add access policy.
- //
- Status = GetAccessRight (&CurrentAccessRight);
- if (EFI_ERROR (Status)) {
- CurrentAccessRight = EFI_USER_INFO_ACCESS_ENROLL_SELF;
- }
-
- if (CurrentAccessRight == EFI_USER_INFO_ACCESS_MANAGE) {
- HiiCreateGotoOpCode (
- StartOpCodeHandle, // Container for opcodes
- FORMID_MODIFY_AP, // Target Form ID
- STRING_TOKEN (STR_ACCESS_POLICY), // Prompt text
- STRING_TOKEN (STR_NULL_STRING), // Help text
- EFI_IFR_FLAG_CALLBACK, // Question flag
- KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_AP // Question ID
- );
- }
-
- HiiUpdateForm (
- mCallbackInfo->HiiHandle, // HII handle
- &gUserProfileManagerGuid, // Formset GUID
- FORMID_USER_INFO, // Form ID
- StartOpCodeHandle, // Label
- EndOpCodeHandle // Replace data
- );
-
- HiiFreeOpCodeHandle (StartOpCodeHandle);
- HiiFreeOpCodeHandle (EndOpCodeHandle);
-}
-
-
-/**
- Get all the access policy info from current user info, and save in the global
- variable.
-
-**/
-VOID
-ResolveAccessPolicy (
- VOID
- )
-{
- UINTN OffSet;
- EFI_USER_INFO_ACCESS_CONTROL Control;
- UINTN ValLen;
- UINT8 *AccessData;
-
- //
- // Set default value
- //
- mAccessInfo.AccessRight = EFI_USER_INFO_ACCESS_ENROLL_SELF;
- mAccessInfo.AccessSetup = ACCESS_SETUP_RESTRICTED;
- mAccessInfo.AccessBootOrder = EFI_USER_INFO_ACCESS_BOOT_ORDER_INSERT;
-
- mAccessInfo.LoadPermitLen = 0;
- mAccessInfo.LoadForbidLen = 0;
- mAccessInfo.ConnectPermitLen = 0;
- mAccessInfo.ConnectForbidLen = 0;
-
- //
- // Get each user access policy.
- //
- OffSet = 0;
- while (OffSet < mUserInfo.AccessPolicyLen) {
- CopyMem (&Control, mUserInfo.AccessPolicy + OffSet, sizeof (Control));
- ValLen = Control.Size - sizeof (Control);
- switch (Control.Type) {
- case EFI_USER_INFO_ACCESS_ENROLL_SELF:
- mAccessInfo.AccessRight = EFI_USER_INFO_ACCESS_ENROLL_SELF;
- break;
-
- case EFI_USER_INFO_ACCESS_ENROLL_OTHERS:
- mAccessInfo.AccessRight = EFI_USER_INFO_ACCESS_ENROLL_OTHERS;
- break;
-
- case EFI_USER_INFO_ACCESS_MANAGE:
- mAccessInfo.AccessRight = EFI_USER_INFO_ACCESS_MANAGE;
- break;
-
- case EFI_USER_INFO_ACCESS_SETUP:
- AccessData = mUserInfo.AccessPolicy + OffSet + sizeof (Control);
- if (CompareGuid ((EFI_GUID *) AccessData, &gEfiUserInfoAccessSetupNormalGuid)) {
- mAccessInfo.AccessSetup = ACCESS_SETUP_NORMAL;
- } else if (CompareGuid ((EFI_GUID *) AccessData, &gEfiUserInfoAccessSetupRestrictedGuid)) {
- mAccessInfo.AccessSetup = ACCESS_SETUP_RESTRICTED;
- } else if (CompareGuid ((EFI_GUID *) AccessData, &gEfiUserInfoAccessSetupAdminGuid)) {
- mAccessInfo.AccessSetup = ACCESS_SETUP_ADMIN;
- }
- break;
-
- case EFI_USER_INFO_ACCESS_BOOT_ORDER:
- AccessData = mUserInfo.AccessPolicy + OffSet + sizeof (Control);
- CopyMem (&mAccessInfo.AccessBootOrder, AccessData, sizeof (UINT32));
- break;
-
- case EFI_USER_INFO_ACCESS_FORBID_LOAD:
- if (mAccessInfo.LoadForbid != NULL) {
- FreePool (mAccessInfo.LoadForbid);
- }
-
- mAccessInfo.LoadForbid = AllocateZeroPool (ValLen);
- if (mAccessInfo.LoadForbid != NULL) {
- AccessData = mUserInfo.AccessPolicy + OffSet + sizeof (Control);
- CopyMem (mAccessInfo.LoadForbid, AccessData, ValLen);
- mAccessInfo.LoadForbidLen = ValLen;
- }
- break;
-
- case EFI_USER_INFO_ACCESS_PERMIT_LOAD:
- if (mAccessInfo.LoadPermit != NULL) {
- FreePool (mAccessInfo.LoadPermit);
- }
-
- mAccessInfo.LoadPermit = AllocateZeroPool (ValLen);
- if (mAccessInfo.LoadPermit != NULL) {
- AccessData = mUserInfo.AccessPolicy + OffSet + sizeof (Control);
- CopyMem (mAccessInfo.LoadPermit, AccessData, ValLen);
- mAccessInfo.LoadPermitLen = ValLen;
- }
- break;
-
- case EFI_USER_INFO_ACCESS_FORBID_CONNECT:
- if (mAccessInfo.ConnectForbid != NULL) {
- FreePool (mAccessInfo.ConnectForbid);
- }
-
- mAccessInfo.ConnectForbid = AllocateZeroPool (ValLen);
- if (mAccessInfo.ConnectForbid != NULL) {
- AccessData = mUserInfo.AccessPolicy + OffSet + sizeof (Control);
- CopyMem (mAccessInfo.ConnectForbid, AccessData, ValLen);
- mAccessInfo.ConnectForbidLen = ValLen;
- }
- break;
-
- case EFI_USER_INFO_ACCESS_PERMIT_CONNECT:
- if (mAccessInfo.ConnectPermit != NULL) {
- FreePool (mAccessInfo.ConnectPermit);
- }
-
- mAccessInfo.ConnectPermit = AllocateZeroPool (ValLen);
- if (mAccessInfo.ConnectPermit != NULL) {
- AccessData = mUserInfo.AccessPolicy + OffSet + sizeof (Control);
- CopyMem (mAccessInfo.ConnectPermit, AccessData, ValLen);
- mAccessInfo.ConnectPermitLen = ValLen;
- }
- break;
- }
-
- OffSet += Control.Size;
- }
-}
-
-
-/**
- Find the specified info in User profile by the InfoType.
-
- @param[in] User Handle of the user whose information will be searched.
- @param[in] InfoType The user information type to find.
- @param[out] UserInfo Points to user information handle found.
-
- @retval EFI_SUCCESS Find the user information successfully.
- @retval Others Fail to find the user information.
-
-**/
-EFI_STATUS
-FindInfoByType (
- IN EFI_USER_PROFILE_HANDLE User,
- IN UINT8 InfoType,
- OUT EFI_USER_INFO_HANDLE *UserInfo
- )
-{
- EFI_STATUS Status;
- EFI_USER_INFO *Info;
- UINTN InfoSize;
- UINTN MemSize;
-
- if (UserInfo == NULL) {
- return EFI_INVALID_PARAMETER;
- }
-
- *UserInfo = NULL;
- //
- // Allocate user information memory.
- //
- MemSize = sizeof (EFI_USER_INFO) + 63;
- Info = AllocateZeroPool (MemSize);
- if (Info == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
-
- //
- // Get each user information.
- //
- while (TRUE) {
- Status = mUserManager->GetNextInfo (mUserManager, User, UserInfo);
- if (EFI_ERROR (Status)) {
- break;
- }
- //
- // Get information.
- //
- InfoSize = MemSize;
- Status = mUserManager->GetInfo (
- mUserManager,
- User,
- *UserInfo,
- Info,
- &InfoSize
- );
- if (Status == EFI_BUFFER_TOO_SMALL) {
- MemSize = InfoSize;
- FreePool (Info);
- Info = AllocateZeroPool (MemSize);
- if (Info == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
- Status = mUserManager->GetInfo (
- mUserManager,
- User,
- *UserInfo,
- Info,
- &InfoSize
- );
- }
- if (Status == EFI_SUCCESS) {
- if (Info->InfoType == InfoType) {
- break;
- }
- }
- }
-
- FreePool (Info);
- return Status;
-}
-
-
-/**
- Display modify user access policy form.
-
- In this form, access right, access setup and access boot order are dynamically
- added. Load devicepath and connect devicepath are displayed too.
-
-**/
-VOID
-ModidyAccessPolicy (
- VOID
- )
-{
- VOID *StartOpCodeHandle;
- VOID *EndOpCodeHandle;
- VOID *OptionsOpCodeHandle;
- EFI_IFR_GUID_LABEL *StartLabel;
- EFI_IFR_GUID_LABEL *EndLabel;
- VOID *DefaultOpCodeHandle;
-
- //
- // Initialize the container for dynamic opcodes.
- //
- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
- ASSERT (StartOpCodeHandle != NULL);
-
- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
- ASSERT (EndOpCodeHandle != NULL);
-
- //
- // Create Hii Extend Label OpCode.
- //
- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
- StartOpCodeHandle,
- &gEfiIfrTianoGuid,
- NULL,
- sizeof (EFI_IFR_GUID_LABEL)
- );
- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
- StartLabel->Number = LABEL_AP_MOD_FUNC;
-
- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
- EndOpCodeHandle,
- &gEfiIfrTianoGuid,
- NULL,
- sizeof (EFI_IFR_GUID_LABEL)
- );
- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
- EndLabel->Number = LABEL_END;
-
-
- //
- // Resolve access policy information.
- //
- ResolveAccessPolicy ();
-
- //
- // Add access right one-of-code.
- //
- OptionsOpCodeHandle = HiiAllocateOpCodeHandle ();
- ASSERT (OptionsOpCodeHandle != NULL);
- DefaultOpCodeHandle = HiiAllocateOpCodeHandle ();
- ASSERT (DefaultOpCodeHandle != NULL);
-
- HiiCreateOneOfOptionOpCode (
- OptionsOpCodeHandle,
- STRING_TOKEN (STR_NORMAL),
- 0,
- EFI_IFR_NUMERIC_SIZE_1,
- EFI_USER_INFO_ACCESS_ENROLL_SELF
- );
-
- HiiCreateOneOfOptionOpCode (
- OptionsOpCodeHandle,
- STRING_TOKEN (STR_ENROLL),
- 0,
- EFI_IFR_NUMERIC_SIZE_1,
- EFI_USER_INFO_ACCESS_ENROLL_OTHERS
- );
-
- HiiCreateOneOfOptionOpCode (
- OptionsOpCodeHandle,
- STRING_TOKEN (STR_MANAGE),
- 0,
- EFI_IFR_NUMERIC_SIZE_1,
- EFI_USER_INFO_ACCESS_MANAGE
- );
-
- HiiCreateDefaultOpCode (
- DefaultOpCodeHandle,
- EFI_HII_DEFAULT_CLASS_STANDARD,
- EFI_IFR_NUMERIC_SIZE_1,
- mAccessInfo.AccessRight
- );
-
- HiiCreateOneOfOpCode (
- StartOpCodeHandle, // Container for dynamic created opcodes
- KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_AP | KEY_MODIFY_RIGHT, // Question ID
- 0, // VarStore ID
- 0, // Offset in Buffer Storage
- STRING_TOKEN (STR_ACCESS_RIGHT), // Question prompt text
- STRING_TOKEN (STR_ACCESS_RIGHT_HELP), // Question help text
- EFI_IFR_FLAG_CALLBACK, // Question flag
- EFI_IFR_NUMERIC_SIZE_1, // Data type of Question Value
- OptionsOpCodeHandle, // Option Opcode list
- DefaultOpCodeHandle // Default Opcode
- );
- HiiFreeOpCodeHandle (DefaultOpCodeHandle);
- HiiFreeOpCodeHandle (OptionsOpCodeHandle);
-
-
- //
- // Add setup type one-of-code.
- //
- OptionsOpCodeHandle = HiiAllocateOpCodeHandle ();
- ASSERT (OptionsOpCodeHandle != NULL);
- DefaultOpCodeHandle = HiiAllocateOpCodeHandle ();
- ASSERT (DefaultOpCodeHandle != NULL);
-
- HiiCreateOneOfOptionOpCode (
- OptionsOpCodeHandle,
- STRING_TOKEN (STR_RESTRICTED),
- 0,
- EFI_IFR_NUMERIC_SIZE_1,
- ACCESS_SETUP_RESTRICTED
- );
-
- HiiCreateOneOfOptionOpCode (
- OptionsOpCodeHandle,
- STRING_TOKEN (STR_NORMAL),
- 0,
- EFI_IFR_NUMERIC_SIZE_1,
- ACCESS_SETUP_NORMAL
- );
-
- HiiCreateOneOfOptionOpCode (
- OptionsOpCodeHandle,
- STRING_TOKEN (STR_ADMIN),
- 0,
- EFI_IFR_NUMERIC_SIZE_1,
- ACCESS_SETUP_ADMIN
- );
-
- HiiCreateDefaultOpCode (
- DefaultOpCodeHandle,
- EFI_HII_DEFAULT_CLASS_STANDARD,
- EFI_IFR_NUMERIC_SIZE_1,
- mAccessInfo.AccessSetup
- );
-
- HiiCreateOneOfOpCode (
- StartOpCodeHandle, // Container for dynamic created opcodes
- KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_AP | KEY_MODIFY_SETUP, // Question ID
- 0, // VarStore ID
- 0, // Offset in Buffer Storage
- STRING_TOKEN (STR_ACCESS_SETUP), // Question prompt text
- STRING_TOKEN (STR_ACCESS_SETUP_HELP), // Question help text
- EFI_IFR_FLAG_CALLBACK, // Question flag
- EFI_IFR_NUMERIC_SIZE_1, // Data type of Question Value
- OptionsOpCodeHandle, // Option Opcode list
- DefaultOpCodeHandle // Default Opcode
- );
- HiiFreeOpCodeHandle (DefaultOpCodeHandle);
- HiiFreeOpCodeHandle (OptionsOpCodeHandle);
-
- //
- // Add boot order one-of-code.
- //
- OptionsOpCodeHandle = HiiAllocateOpCodeHandle ();
- ASSERT (OptionsOpCodeHandle != NULL);
- DefaultOpCodeHandle = HiiAllocateOpCodeHandle ();
- ASSERT (DefaultOpCodeHandle != NULL);
-
- HiiCreateOneOfOptionOpCode (
- OptionsOpCodeHandle,
- STRING_TOKEN (STR_INSERT),
- 0,
- EFI_IFR_NUMERIC_SIZE_4,
- EFI_USER_INFO_ACCESS_BOOT_ORDER_INSERT
- );
-
- HiiCreateOneOfOptionOpCode (
- OptionsOpCodeHandle,
- STRING_TOKEN (STR_APPEND),
- 0,
- EFI_IFR_NUMERIC_SIZE_4,
- EFI_USER_INFO_ACCESS_BOOT_ORDER_APPEND
- );
-
- HiiCreateOneOfOptionOpCode (
- OptionsOpCodeHandle,
- STRING_TOKEN (STR_REPLACE),
- 0,
- EFI_IFR_NUMERIC_SIZE_4,
- EFI_USER_INFO_ACCESS_BOOT_ORDER_REPLACE
- );
-
- HiiCreateOneOfOptionOpCode (
- OptionsOpCodeHandle,
- STRING_TOKEN (STR_NODEFAULT),
- 0,
- EFI_IFR_NUMERIC_SIZE_4,
- EFI_USER_INFO_ACCESS_BOOT_ORDER_NODEFAULT
- );
-
- HiiCreateDefaultOpCode (
- DefaultOpCodeHandle,
- EFI_HII_DEFAULT_CLASS_STANDARD,
- EFI_IFR_NUMERIC_SIZE_4,
- mAccessInfo.AccessBootOrder
- );
-
- HiiCreateOneOfOpCode (
- StartOpCodeHandle, // Container for dynamic created opcodes
- KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_AP | KEY_MODIFY_BOOT, // Question ID
- 0, // VarStore ID
- 0, // Offset in Buffer Storage
- STRING_TOKEN (STR_BOOR_ORDER), // Question prompt text
- STRING_TOKEN (STR_BOOT_ORDER_HELP), // Question help text
- EFI_IFR_FLAG_CALLBACK, // Question flag
- EFI_IFR_NUMERIC_SIZE_1, // Data type of Question Value
- OptionsOpCodeHandle, // Option Opcode list
- DefaultOpCodeHandle // Default Opcode
- );
- HiiFreeOpCodeHandle (DefaultOpCodeHandle);
- HiiFreeOpCodeHandle (OptionsOpCodeHandle);
-
- //
- // Update Form.
- //
- HiiUpdateForm (
- mCallbackInfo->HiiHandle, // HII handle
- &gUserProfileManagerGuid, // Formset GUID
- FORMID_MODIFY_AP, // Form ID
- StartOpCodeHandle, // Label for where to insert opcodes
- EndOpCodeHandle // Replace data
- );
-
- HiiFreeOpCodeHandle (StartOpCodeHandle);
- HiiFreeOpCodeHandle (EndOpCodeHandle);
-}
-
-
-/**
- Expand access policy memory size.
-
- @param[in] ValidLen The valid access policy length.
- @param[in] ExpandLen The length that is needed to expand.
-
-**/
-VOID
-ExpandMemory (
- IN UINTN ValidLen,
- IN UINTN ExpandLen
- )
-{
- UINT8 *Mem;
- UINTN Len;
-
- //
- // Expand memory.
- //
- Len = mUserInfo.AccessPolicyLen + (ExpandLen / 64 + 1) * 64;
- Mem = AllocateZeroPool (Len);
- ASSERT (Mem != NULL);
-
- if (mUserInfo.AccessPolicy != NULL) {
- CopyMem (Mem, mUserInfo.AccessPolicy, ValidLen);
- FreePool (mUserInfo.AccessPolicy);
- }
-
- mUserInfo.AccessPolicy = Mem;
- mUserInfo.AccessPolicyLen = Len;
-}
-
-
-/**
- Get the username from user input, and update username string in the Hii
- database with it.
-
-**/
-VOID
-ModifyUserName (
- VOID
- )
-{
- EFI_STATUS Status;
- CHAR16 UserName[USER_NAME_LENGTH];
- UINTN Len;
- EFI_INPUT_KEY Key;
- EFI_USER_INFO_HANDLE UserInfo;
- EFI_USER_INFO *Info;
- EFI_USER_PROFILE_HANDLE TempUser;
-
- //
- // Get the new user name.
- //
- Len = sizeof (UserName);
- Status = GetUserNameInput (&Len, UserName);
- if (EFI_ERROR (Status)) {
- if (Status != EFI_ABORTED) {
- CreatePopUp (
- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
- &Key,
- L"Failed To Get User Name.",
- L"",
- L"Please Press Any Key to Continue ...",
- NULL
- );
- }
- return ;
- }
-
- //
- // Check whether the username had been used or not.
- //
- Info = AllocateZeroPool (sizeof (EFI_USER_INFO) + Len);
- if (Info == NULL) {
- return ;
- }
-
- Info->InfoType = EFI_USER_INFO_NAME_RECORD;
- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
- EFI_USER_INFO_PUBLIC |
- EFI_USER_INFO_EXCLUSIVE;
- Info->InfoSize = (UINT32) (sizeof (EFI_USER_INFO) + Len);
- CopyMem ((UINT8 *) (Info + 1), UserName, Len);
-
- TempUser = NULL;
- Status = mUserManager->Find (
- mUserManager,
- &TempUser,
- NULL,
- Info,
- Info->InfoSize
- );
- if (!EFI_ERROR (Status)) {
- CreatePopUp (
- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
- &Key,
- L"The User Name Had Been Used.",
- L"",
- L"Please Use Other User Name",
- NULL
- );
- FreePool (Info);
- return ;
- }
-
- //
- // Update username display in the form.
- //
- CopyMem (mUserInfo.UserName, UserName, Len);
- HiiSetString (
- mCallbackInfo->HiiHandle,
- STRING_TOKEN (STR_USER_NAME_VAL),
- mUserInfo.UserName,
- NULL
- );
-
- //
- // Save the user name.
- //
- Status = FindInfoByType (mModifyUser, EFI_USER_INFO_NAME_RECORD, &UserInfo);
- if (!EFI_ERROR (Status)) {
- mUserManager->SetInfo (
- mUserManager,
- mModifyUser,
- &UserInfo,
- Info,
- Info->InfoSize
- );
- }
- FreePool (Info);
-}
-
-
-/**
- Display the form of the modifying user identity policy.
-
-**/
-VOID
-ModifyIdentityPolicy (
- VOID
- )
-{
- UINTN Index;
- CHAR16 *ProvStr;
- EFI_STRING_ID ProvID;
- EFI_HII_HANDLE HiiHandle;
- VOID *OptionsOpCodeHandle;
- VOID *StartOpCodeHandle;
- VOID *EndOpCodeHandle;
- EFI_IFR_GUID_LABEL *StartLabel;
- EFI_IFR_GUID_LABEL *EndLabel;
-
- //
- // Initialize the container for dynamic opcodes.
- //
- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
- ASSERT (StartOpCodeHandle != NULL);
-
- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
- ASSERT (EndOpCodeHandle != NULL);
-
- //
- // Create Hii Extend Label OpCode.
- //
- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
- StartOpCodeHandle,
- &gEfiIfrTianoGuid,
- NULL,
- sizeof (EFI_IFR_GUID_LABEL)
- );
- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
- StartLabel->Number = LABEL_IP_MOD_FUNC;
-
- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
- EndOpCodeHandle,
- &gEfiIfrTianoGuid,
- NULL,
- sizeof (EFI_IFR_GUID_LABEL)
- );
- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
- EndLabel->Number = LABEL_END;
-
- //
- // Add credential providers
- //.
- if (mProviderInfo->Count > 0) {
- OptionsOpCodeHandle = HiiAllocateOpCodeHandle ();
- ASSERT (OptionsOpCodeHandle != NULL);
-
- //
- // Add credential provider Option OpCode.
- //
- for (Index = 0; Index < mProviderInfo->Count; Index++) {
- mProviderInfo->Provider[Index]->Title (
- mProviderInfo->Provider[Index],
- &HiiHandle,
- &ProvID
- );
- ProvStr = HiiGetString (HiiHandle, ProvID, NULL);
- ProvID = HiiSetString (mCallbackInfo->HiiHandle, 0, ProvStr, NULL);
- FreePool (ProvStr);
- if (ProvID == 0) {
- return ;
- }
-
- HiiCreateOneOfOptionOpCode (
- OptionsOpCodeHandle,
- ProvID,
- 0,
- EFI_IFR_NUMERIC_SIZE_1,
- (UINT8) Index
- );
- }
-
- HiiCreateOneOfOpCode (
- StartOpCodeHandle, // Container for dynamic created opcodes
- KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_IP | KEY_MODIFY_PROV, // Question ID
- 0, // VarStore ID
- 0, // Offset in Buffer Storage
- STRING_TOKEN (STR_PROVIDER), // Question prompt text
- STRING_TOKEN (STR_PROVIDER_HELP), // Question help text
- EFI_IFR_FLAG_CALLBACK, // Question flag
- EFI_IFR_NUMERIC_SIZE_1, // Data type of Question Value
- OptionsOpCodeHandle, // Option Opcode list
- NULL // Default Opcode is NULl
- );
-
- HiiFreeOpCodeHandle (OptionsOpCodeHandle);
- }
-
- //
- // Add logical connector Option OpCode.
- //
- OptionsOpCodeHandle = HiiAllocateOpCodeHandle ();
- ASSERT (OptionsOpCodeHandle != NULL);
-
- HiiCreateOneOfOptionOpCode (
- OptionsOpCodeHandle,
- STRING_TOKEN (STR_AND_CON),
- 0,
- EFI_IFR_NUMERIC_SIZE_1,
- 0
- );
-
- HiiCreateOneOfOptionOpCode (
- OptionsOpCodeHandle,
- STRING_TOKEN (STR_OR_CON),
- 0,
- EFI_IFR_NUMERIC_SIZE_1,
- 1
- );
-
- HiiCreateOneOfOpCode (
- StartOpCodeHandle, // Container for dynamic created opcodes
- KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_IP | KEY_MODIFY_CONN, // Question ID
- 0, // VarStore ID
- 0, // Offset in Buffer Storage
- STRING_TOKEN (STR_CONNECTOR), // Question prompt text
- STRING_TOKEN (STR_CONNECTOR_HELP), // Question help text
- EFI_IFR_FLAG_CALLBACK, // Question flag
- EFI_IFR_NUMERIC_SIZE_1, // Data type of Question Value
- OptionsOpCodeHandle, // Option Opcode list
- NULL // Default Opcode is NULl
- );
-
- HiiFreeOpCodeHandle (OptionsOpCodeHandle);
-
- //
- // Update identity policy in the form.
- //
- ResolveIdentityPolicy (
- mUserInfo.IdentityPolicy,
- mUserInfo.IdentityPolicyLen,
- STRING_TOKEN (STR_IDENTIFY_POLICY_VALUE)
- );
-
- if (mUserInfo.NewIdentityPolicy != NULL) {
- FreePool (mUserInfo.NewIdentityPolicy);
- mUserInfo.NewIdentityPolicy = NULL;
- mUserInfo.NewIdentityPolicyLen = 0;
- mUserInfo.NewIdentityPolicyModified = FALSE;
- }
- mProviderChoice = 0;
- mConncetLogical = 0;
-
- HiiUpdateForm (
- mCallbackInfo->HiiHandle, // HII handle
- &gUserProfileManagerGuid, // Formset GUID
- FORMID_MODIFY_IP, // Form ID
- StartOpCodeHandle, // Label for where to insert opcodes
- EndOpCodeHandle // Replace data
- );
-
- HiiFreeOpCodeHandle (StartOpCodeHandle);
- HiiFreeOpCodeHandle (EndOpCodeHandle);
-}
-
-
-/**
- Get current user's access right.
-
- @param[out] AccessRight Points to the buffer used for user's access right.
-
- @retval EFI_SUCCESS Get current user access right successfully.
- @retval others Fail to get current user access right.
-
-**/
-EFI_STATUS
-GetAccessRight (
- OUT UINT32 *AccessRight
- )
-{
- EFI_STATUS Status;
- EFI_USER_INFO_HANDLE UserInfo;
- EFI_USER_INFO *Info;
- UINTN InfoSize;
- UINTN MemSize;
- EFI_USER_INFO_ACCESS_CONTROL Access;
- EFI_USER_PROFILE_HANDLE CurrentUser;
- UINTN TotalLen;
- UINTN CheckLen;
-
- //
- // Allocate user information memory.
- //
- MemSize = sizeof (EFI_USER_INFO) + 63;
- Info = AllocateZeroPool (MemSize);
- if (Info == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
-
- //
- // Get user access information.
- //
- UserInfo = NULL;
- mUserManager->Current (mUserManager, &CurrentUser);
- while (TRUE) {
- InfoSize = MemSize;
- //
- // Get next user information.
- //
- Status = mUserManager->GetNextInfo (mUserManager, CurrentUser, &UserInfo);
- if (EFI_ERROR (Status)) {
- break;
- }
-
- Status = mUserManager->GetInfo (
- mUserManager,
- CurrentUser,
- UserInfo,
- Info,
- &InfoSize
- );
- if (Status == EFI_BUFFER_TOO_SMALL) {
- MemSize = InfoSize;
- FreePool (Info);
- Info = AllocateZeroPool (MemSize);
- if (Info == NULL) {
- return EFI_OUT_OF_RESOURCES;
- }
- Status = mUserManager->GetInfo (
- mUserManager,
- CurrentUser,
- UserInfo,
- Info,
- &InfoSize
- );
- }
- if (EFI_ERROR (Status)) {
- break;
- }
-
- //
- // Check user information.
- //
- if (Info->InfoType == EFI_USER_INFO_ACCESS_POLICY_RECORD) {
- TotalLen = Info->InfoSize - sizeof (EFI_USER_INFO);
- CheckLen = 0;
- //
- // Get specified access information.
- //
- while (CheckLen < TotalLen) {
- CopyMem (&Access, (UINT8 *) (Info + 1) + CheckLen, sizeof (Access));
- if ((Access.Type == EFI_USER_INFO_ACCESS_ENROLL_SELF) ||
- (Access.Type == EFI_USER_INFO_ACCESS_ENROLL_OTHERS) ||
- (Access.Type == EFI_USER_INFO_ACCESS_MANAGE)
- ) {
- *AccessRight = Access.Type;
- FreePool (Info);
- return EFI_SUCCESS;
- }
- CheckLen += Access.Size;
- }
- }
- }
- FreePool (Info);
- return EFI_NOT_FOUND;
-}
-
--
2.16.2.windows.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] SecurityPkg: Remove code under UserIdentification folder.
2019-01-09 1:09 [PATCH] SecurityPkg: Remove code under UserIdentification folder chenche4
@ 2019-01-09 1:38 ` Gao, Liming
2019-01-09 1:54 ` Chen, Chen A
0 siblings, 1 reply; 4+ messages in thread
From: Gao, Liming @ 2019-01-09 1:38 UTC (permalink / raw)
To: Chen, Chen A, edk2-devel@lists.01.org; +Cc: Zhang, Chao B
Could you create BZ for this change?
>-----Original Message-----
>From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of
>chenche4
>Sent: Wednesday, January 09, 2019 9:09 AM
>To: edk2-devel@lists.01.org
>Cc: Zhang, Chao B <chao.b.zhang@intel.com>
>Subject: [edk2] [PATCH] SecurityPkg: Remove code under UserIdentification
>folder.
>
>1. UserIdentifyManagerDxe is used to provide UserManagerProtocol.
>2. UserProfileManagerDxe provide UI setting
>3. PwdCredentialProviderDxe & UsbCredentialProviderDxe are
>implementation
> examples.
>
>Remove above features because of no platform use it.
>
>Cc: Zhang Chao B <chao.b.zhang@intel.com>
>Contributed-under: TianoCore Contribution Agreement 1.1
>Signed-off-by: Chen A Chen <chen.a.chen@intel.com>
>---
> .../Include/Guid/UsbCredentialProviderHii.h | 29 -
> SecurityPkg/Include/Guid/UserIdentifyManagerHii.h | 25 -
> SecurityPkg/Include/Guid/UserProfileManagerHii.h | 25 -
> SecurityPkg/SecurityPkg.dec | 12 -
> SecurityPkg/SecurityPkg.dsc | 4 -
> .../PwdCredentialProvider.c | 1464 --------
> .../PwdCredentialProvider.h | 374 --
> .../PwdCredentialProvider.uni | 21 -
> .../PwdCredentialProviderData.h | 30 -
> .../PwdCredentialProviderDxe.inf | 65 -
> .../PwdCredentialProviderExtra.uni | 19 -
> .../PwdCredentialProviderStrings.uni | 38 -
> .../PwdCredentialProviderVfr.Vfr | 34 -
> .../UsbCredentialProvider.c | 1410 --------
> .../UsbCredentialProvider.h | 361 --
> .../UsbCredentialProvider.uni | 23 -
> .../UsbCredentialProviderDxe.inf | 70 -
> .../UsbCredentialProviderExtra.uni | 19 -
> .../UsbCredentialProviderStrings.uni | 29 -
> .../UserIdentifyManagerDxe/LoadDeferredImage.c | 148 -
> .../UserIdentifyManagerDxe/UserIdentifyManager.c | 3766 --------------------
> .../UserIdentifyManagerDxe/UserIdentifyManager.h | 413 ---
> .../UserIdentifyManagerDxe/UserIdentifyManager.uni | 21 -
> .../UserIdentifyManagerData.h | 35 -
> .../UserIdentifyManagerDxe.inf | 79 -
> .../UserIdentifyManagerExtra.uni | 19 -
> .../UserIdentifyManagerStrings.uni | 27 -
> .../UserIdentifyManagerVfr.Vfr | 43 -
> .../UserProfileManagerDxe/ModifyAccessPolicy.c | 688 ----
> .../UserProfileManagerDxe/ModifyIdentityPolicy.c | 516 ---
> .../UserProfileManagerDxe/UserProfileAdd.c | 372 --
> .../UserProfileManagerDxe/UserProfileDelete.c | 343 --
> .../UserProfileManagerDxe/UserProfileManager.c | 887 -----
> .../UserProfileManagerDxe/UserProfileManager.h | 444 ---
> .../UserProfileManagerDxe/UserProfileManager.uni | 22 -
> .../UserProfileManagerDxe/UserProfileManagerData.h | 158 -
> .../UserProfileManagerDxe.inf | 72 -
> .../UserProfileManagerExtra.uni | 19 -
> .../UserProfileManagerStrings.uni | 158 -
> .../UserProfileManagerVfr.Vfr | 244 --
> .../UserProfileManagerDxe/UserProfileModify.c | 1475 --------
> 41 files changed, 14001 deletions(-)
> delete mode 100644 SecurityPkg/Include/Guid/UsbCredentialProviderHii.h
> delete mode 100644 SecurityPkg/Include/Guid/UserIdentifyManagerHii.h
> delete mode 100644 SecurityPkg/Include/Guid/UserProfileManagerHii.h
> delete mode 100644
>SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialPro
>vider.c
> delete mode 100644
>SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialPro
>vider.h
> delete mode 100644
>SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialPro
>vider.uni
> delete mode 100644
>SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialPro
>viderData.h
> delete mode 100644
>SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialPro
>viderDxe.inf
> delete mode 100644
>SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialPro
>viderExtra.uni
> delete mode 100644
>SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialPro
>viderStrings.uni
> delete mode 100644
>SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialPro
>viderVfr.Vfr
> delete mode 100644
>SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPro
>vider.c
> delete mode 100644
>SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPro
>vider.h
> delete mode 100644
>SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPro
>vider.uni
> delete mode 100644
>SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPro
>viderDxe.inf
> delete mode 100644
>SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPro
>viderExtra.uni
> delete mode 100644
>SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPro
>viderStrings.uni
> delete mode 100644
>SecurityPkg/UserIdentification/UserIdentifyManagerDxe/LoadDeferredImag
>e.c
> delete mode 100644
>SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManag
>er.c
> delete mode 100644
>SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManag
>er.h
> delete mode 100644
>SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManag
>er.uni
> delete mode 100644
>SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManag
>erData.h
> delete mode 100644
>SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManag
>erDxe.inf
> delete mode 100644
>SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManag
>erExtra.uni
> delete mode 100644
>SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManag
>erStrings.uni
> delete mode 100644
>SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManag
>erVfr.Vfr
> delete mode 100644
>SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyAccessPolicy.
>c
> delete mode 100644
>SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyIdentityPolicy
>.c
> delete mode 100644
>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileAdd.c
> delete mode 100644
>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileDelete.c
> delete mode 100644
>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.
>c
> delete mode 100644
>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.
>h
> delete mode 100644
>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.
>uni
> delete mode 100644
>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager
>Data.h
> delete mode 100644
>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager
>Dxe.inf
> delete mode 100644
>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager
>Extra.uni
> delete mode 100644
>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager
>Strings.uni
> delete mode 100644
>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager
>Vfr.Vfr
> delete mode 100644
>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileModify.c
>
>diff --git a/SecurityPkg/Include/Guid/UsbCredentialProviderHii.h
>b/SecurityPkg/Include/Guid/UsbCredentialProviderHii.h
>deleted file mode 100644
>index 059d68f32e..0000000000
>--- a/SecurityPkg/Include/Guid/UsbCredentialProviderHii.h
>+++ /dev/null
>@@ -1,29 +0,0 @@
>-/** @file
>- GUID used as HII Package list GUID in UsbCredentialProviderDxe driver.
>-
>-Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#ifndef __USB_CREDENTIAL_PROVIDER_HII_H__
>-#define __USB_CREDENTIAL_PROVIDER_HII_H__
>-
>-//
>-// Used for save password credential and form browser
>-// And used as provider identifier
>-//
>-#define USB_CREDENTIAL_PROVIDER_GUID \
>- { \
>- 0xd0849ed1, 0xa88c, 0x4ba6, { 0xb1, 0xd6, 0xab, 0x50, 0xe2, 0x80, 0xb7,
>0xa9 }\
>- }
>-
>-extern EFI_GUID gUsbCredentialProviderGuid;
>-
>-#endif
>diff --git a/SecurityPkg/Include/Guid/UserIdentifyManagerHii.h
>b/SecurityPkg/Include/Guid/UserIdentifyManagerHii.h
>deleted file mode 100644
>index 323c51f0f6..0000000000
>--- a/SecurityPkg/Include/Guid/UserIdentifyManagerHii.h
>+++ /dev/null
>@@ -1,25 +0,0 @@
>-/** @file
>- GUID used as HII FormSet and HII Package list GUID in
>UserIdentifyManagerDxe driver.
>-
>-Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#ifndef __USER_IDENTIFY_MANAGER_HII_H__
>-#define __USER_IDENTIFY_MANAGER_HII_H__
>-
>-#define USER_IDENTIFY_MANAGER_GUID \
>- { \
>- 0x3ccd3dd8, 0x8d45, 0x4fed, { 0x96, 0x2d, 0x2b, 0x38, 0xcd, 0x82, 0xb3,
>0xc4 } \
>- }
>-
>-extern EFI_GUID gUserIdentifyManagerGuid;
>-
>-#endif
>diff --git a/SecurityPkg/Include/Guid/UserProfileManagerHii.h
>b/SecurityPkg/Include/Guid/UserProfileManagerHii.h
>deleted file mode 100644
>index 105059350c..0000000000
>--- a/SecurityPkg/Include/Guid/UserProfileManagerHii.h
>+++ /dev/null
>@@ -1,25 +0,0 @@
>-/** @file
>- GUID used as HII FormSet and HII Package list GUID in
>UserProfileManagerDxe driver.
>-
>-Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#ifndef __USER_PROFILE_MANAGER_HII_H__
>-#define __USER_PROFILE_MANAGER_HII_H__
>-
>-#define USER_PROFILE_MANAGER_GUID \
>- { \
>- 0xc35f272c, 0x97c2, 0x465a, { 0xa2, 0x16, 0x69, 0x6b, 0x66, 0x8a, 0x8c, 0xfe }
>\
>- }
>-
>-extern EFI_GUID gUserProfileManagerGuid;
>-
>-#endif
>diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec
>index 8d64b4fefe..0c2afe2938 100644
>--- a/SecurityPkg/SecurityPkg.dec
>+++ b/SecurityPkg/SecurityPkg.dec
>@@ -139,22 +139,10 @@
> # Include/Guid/Tcg2PhysicalPresenceData.h
> gEfiTcg2PhysicalPresenceGuid = { 0xaeb9c5c1, 0x94f1, 0x4d02, { 0xbf, 0xd9,
>0x46, 0x2, 0xdb, 0x2d, 0x3c, 0x54 }}
>
>- ## GUID used for form browser, password credential and provider identifier.
>- # Include/Guid/PwdCredentialProviderHii.h
>- gPwdCredentialProviderGuid = { 0x78b9ec8b, 0xc000, 0x46c5, { 0xac,
>0x93, 0x24, 0xa0, 0xc1, 0xbb, 0x0, 0xce }}
>-
>- ## GUID used for form browser, USB credential and provider identifier.
>- # Include/Guid/UsbCredentialProviderHii.h
>- gUsbCredentialProviderGuid = { 0xd0849ed1, 0xa88c, 0x4ba6, { 0xb1,
>0xd6, 0xab, 0x50, 0xe2, 0x80, 0xb7, 0xa9 }}
>-
> ## GUID used for FormSet guid and user profile variable.
> # Include/Guid/UserIdentifyManagerHii.h
> gUserIdentifyManagerGuid = { 0x3ccd3dd8, 0x8d45, 0x4fed, { 0x96,
>0x2d, 0x2b, 0x38, 0xcd, 0x82, 0xb3, 0xc4 }}
>
>- ## GUID used for FormSet.
>- # Include/Guid/UserProfileManagerHii.h
>- gUserProfileManagerGuid = { 0xc35f272c, 0x97c2, 0x465a, { 0xa2, 0x16,
>0x69, 0x6b, 0x66, 0x8a, 0x8c, 0xfe }}
>-
> ## GUID used for FormSet.
> # Include/Guid/TcgConfigHii.h
> gTcgConfigFormSetGuid = { 0xb0f901e4, 0xc424, 0x45de, { 0x90, 0x81,
>0x95, 0xe2, 0xb, 0xde, 0x6f, 0xb5 }}
>diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc
>index 68a2953162..19aaebff1f 100644
>--- a/SecurityPkg/SecurityPkg.dsc
>+++ b/SecurityPkg/SecurityPkg.dsc
>@@ -146,8 +146,6 @@
> SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
> #SecurityPkg/Library/DxeDeferImageLoadLib/DxeDeferImageLoadLib.inf
>
>SecurityPkg/Library/DxeImageAuthenticationStatusLib/DxeImageAuthenticati
>onStatusLib.inf
>-
>#SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMana
>gerDxe.inf
>-
>#SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManage
>rDxe.inf
>
> #
> # TPM
>@@ -200,8 +198,6 @@
> SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
>
> [Components.IA32, Components.X64]
>-#
>SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialPro
>viderDxe.inf
>-#
>SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPro
>viderDxe.inf
>
>SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig
>Dxe.inf
>
> #
>diff --git
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>rovider.c
>b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>Provider.c
>deleted file mode 100644
>index 52fc68b5ee..0000000000
>---
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>rovider.c
>+++ /dev/null
>@@ -1,1464 +0,0 @@
>-/** @file
>- Password Credential Provider driver implementation.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-(C) Copyright 2018 Hewlett Packard Enterprise Development LP<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#include "PwdCredentialProvider.h"
>-
>-CREDENTIAL_TABLE *mPwdTable = NULL;
>-PWD_PROVIDER_CALLBACK_INFO *mCallbackInfo = NULL;
>-PASSWORD_CREDENTIAL_INFO *mPwdInfoHandle = NULL;
>-
>-HII_VENDOR_DEVICE_PATH mHiiVendorDevicePath = {
>- {
>- {
>- HARDWARE_DEVICE_PATH,
>- HW_VENDOR_DP,
>- {
>- (UINT8) (sizeof (VENDOR_DEVICE_PATH)),
>- (UINT8) ((sizeof (VENDOR_DEVICE_PATH)) >> 8)
>- }
>- },
>- PWD_CREDENTIAL_PROVIDER_GUID
>- },
>- {
>- END_DEVICE_PATH_TYPE,
>- END_ENTIRE_DEVICE_PATH_SUBTYPE,
>- {
>- (UINT8) (END_DEVICE_PATH_LENGTH),
>- (UINT8) ((END_DEVICE_PATH_LENGTH) >> 8)
>- }
>- }
>-};
>-
>-EFI_USER_CREDENTIAL2_PROTOCOL gPwdCredentialProviderDriver = {
>- PWD_CREDENTIAL_PROVIDER_GUID,
>- EFI_USER_CREDENTIAL_CLASS_PASSWORD,
>- CredentialEnroll,
>- CredentialForm,
>- CredentialTile,
>- CredentialTitle,
>- CredentialUser,
>- CredentialSelect,
>- CredentialDeselect,
>- CredentialDefault,
>- CredentialGetInfo,
>- CredentialGetNextInfo,
>- EFI_CREDENTIAL_CAPABILITIES_ENROLL,
>- CredentialDelete
>-};
>-
>-
>-/**
>- Get string by string id from HII Interface.
>-
>-
>- @param[in] Id String ID to get the string from.
>-
>- @retval CHAR16 * String from ID.
>- @retval NULL If error occurs.
>-
>-**/
>-CHAR16 *
>-GetStringById (
>- IN EFI_STRING_ID Id
>- )
>-{
>- //
>- // Get the current string for the current Language.
>- //
>- return HiiGetString (mCallbackInfo->HiiHandle, Id, NULL);
>-}
>-
>-
>-/**
>- Expand password table size.
>-
>-**/
>-VOID
>-ExpandTableSize (
>- VOID
>- )
>-{
>- CREDENTIAL_TABLE *NewTable;
>- UINTN Count;
>-
>- Count = mPwdTable->MaxCount + PASSWORD_TABLE_INC;
>- //
>- // Create new credential table.
>- //
>- NewTable = (CREDENTIAL_TABLE *) AllocateZeroPool (
>- sizeof (CREDENTIAL_TABLE) +
>- (Count - 1) * sizeof (PASSWORD_INFO)
>- );
>- ASSERT (NewTable != NULL);
>-
>- NewTable->MaxCount = Count;
>- NewTable->Count = mPwdTable->Count;
>- NewTable->ValidIndex = mPwdTable->ValidIndex;
>- //
>- // Copy old entries
>- //
>- CopyMem (
>- &NewTable->UserInfo,
>- &mPwdTable->UserInfo,
>- mPwdTable->Count * sizeof (PASSWORD_INFO)
>- );
>- FreePool (mPwdTable);
>- mPwdTable = NewTable;
>-}
>-
>-
>-/**
>- Add, update or delete info in table, and sync with NV variable.
>-
>- @param[in] Index The index of the password in table. If index is found in
>- table, update the info, else add the into to table.
>- @param[in] Info The new password info to add into table.If Info is NULL,
>- delete the info by Index.
>-
>- @retval EFI_INVALID_PARAMETER Info is NULL when save the info.
>- @retval EFI_SUCCESS Modify the table successfully.
>- @retval Others Failed to modify the table.
>-
>-**/
>-EFI_STATUS
>-ModifyTable (
>- IN UINTN Index,
>- IN PASSWORD_INFO * Info OPTIONAL
>- )
>-{
>- EFI_STATUS Status;
>- PASSWORD_INFO *NewPasswordInfo;
>-
>- NewPasswordInfo = NULL;
>-
>- if (Index < mPwdTable->Count) {
>- if (Info == NULL) {
>- //
>- // Delete the specified entry.
>- //
>- mPwdTable->Count--;
>- if (Index != mPwdTable->Count) {
>- NewPasswordInfo = &mPwdTable->UserInfo[mPwdTable->Count];
>- }
>- } else {
>- //
>- // Update the specified entry.
>- //
>- NewPasswordInfo = Info;
>- }
>- } else {
>- //
>- // Add a new password info.
>- //
>- if (Info == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if (mPwdTable->Count >= mPwdTable->MaxCount) {
>- ExpandTableSize ();
>- }
>-
>- NewPasswordInfo = Info;
>- mPwdTable->Count++;
>- }
>-
>- if (NewPasswordInfo != NULL) {
>- CopyMem (&mPwdTable->UserInfo[Index], NewPasswordInfo, sizeof
>(PASSWORD_INFO));
>- }
>-
>- //
>- // Save the credential table.
>- //
>- Status = gRT->SetVariable (
>- L"PwdCredential",
>- &gPwdCredentialProviderGuid,
>- EFI_VARIABLE_NON_VOLATILE |
>EFI_VARIABLE_BOOTSERVICE_ACCESS,
>- mPwdTable->Count * sizeof (PASSWORD_INFO),
>- &mPwdTable->UserInfo
>- );
>- return Status;
>-}
>-
>-
>-/**
>- Create a password table.
>-
>- @retval EFI_SUCCESS Create a password table successfully.
>- @retval Others Failed to create a password.
>-
>-**/
>-EFI_STATUS
>-InitCredentialTable (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- UINT8 *Var;
>- UINTN VarSize;
>-
>- //
>- // Get Password credential data from NV variable.
>- //
>- VarSize = 0;
>- Var = NULL;
>- Status = gRT->GetVariable (
>- L"PwdCredential",
>- &gPwdCredentialProviderGuid,
>- NULL,
>- &VarSize,
>- Var
>- );
>- if (Status == EFI_BUFFER_TOO_SMALL) {
>- Var = AllocateZeroPool (VarSize);
>- if (Var == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>- Status = gRT->GetVariable (
>- L"PwdCredential",
>- &gPwdCredentialProviderGuid,
>- NULL,
>- &VarSize,
>- Var
>- );
>- }
>- if (EFI_ERROR (Status) && (Status != EFI_NOT_FOUND)) {
>- return Status;
>- }
>-
>- //
>- // Create the password credential table.
>- //
>- mPwdTable = AllocateZeroPool (
>- sizeof (CREDENTIAL_TABLE) - sizeof (PASSWORD_INFO) +
>- PASSWORD_TABLE_INC * sizeof (PASSWORD_INFO) +
>- VarSize
>- );
>- if (mPwdTable == NULL) {
>- FreePool (Var);
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- mPwdTable->Count = VarSize / sizeof (PASSWORD_INFO);
>- mPwdTable->MaxCount = mPwdTable->Count + PASSWORD_TABLE_INC;
>- mPwdTable->ValidIndex = 0;
>- if (Var != NULL) {
>- CopyMem (mPwdTable->UserInfo, Var, VarSize);
>- FreePool (Var);
>- }
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Hash the password to get credential.
>-
>- @param[in] Password Points to the input password.
>- @param[in] PasswordSize The size of password, in bytes.
>- @param[out] Credential Points to the hashed result.
>-
>- @retval TRUE Hash the password successfully.
>- @retval FALSE Failed to hash the password.
>-
>-**/
>-BOOLEAN
>-GenerateCredential (
>- IN CHAR16 *Password,
>- IN UINTN PasswordSize,
>- OUT UINT8 *Credential
>- )
>-{
>- BOOLEAN Status;
>- UINTN HashSize;
>- VOID *Hash;
>-
>- HashSize = Sha1GetContextSize ();
>- Hash = AllocatePool (HashSize);
>- ASSERT (Hash != NULL);
>-
>- Status = Sha1Init (Hash);
>- if (!Status) {
>- goto Done;
>- }
>-
>- Status = Sha1Update (Hash, Password, PasswordSize);
>- if (!Status) {
>- goto Done;
>- }
>-
>- Status = Sha1Final (Hash, Credential);
>-
>-Done:
>- FreePool (Hash);
>- return Status;
>-}
>-
>-
>-/**
>- Get password from user input.
>-
>- @param[in] FirstPwd If True, prompt to input the first password.
>- If False, prompt to input password again.
>- @param[out] Credential Points to the input password.
>-
>-**/
>-VOID
>-GetPassword (
>- IN BOOLEAN FirstPwd,
>- OUT CHAR8 *Credential
>- )
>-{
>- EFI_INPUT_KEY Key;
>- CHAR16 PasswordMask[CREDENTIAL_LEN + 1];
>- CHAR16 Password[CREDENTIAL_LEN];
>- UINTN PasswordLen;
>- CHAR16 *QuestionStr;
>- CHAR16 *LineStr;
>-
>- PasswordLen = 0;
>- while (TRUE) {
>- PasswordMask[PasswordLen] = L'_';
>- PasswordMask[PasswordLen + 1] = L'\0';
>- LineStr = GetStringById (STRING_TOKEN (STR_DRAW_A_LINE));
>- if (FirstPwd) {
>- QuestionStr = GetStringById (STRING_TOKEN (STR_INPUT_PASSWORD));
>- } else {
>- QuestionStr = GetStringById (STRING_TOKEN
>(STR_INPUT_PASSWORD_AGAIN));
>- }
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- QuestionStr,
>- LineStr,
>- PasswordMask,
>- NULL
>- );
>- FreePool (QuestionStr);
>- FreePool (LineStr);
>-
>- //
>- // Check key stroke
>- //
>- if (Key.ScanCode == SCAN_NULL) {
>- if (Key.UnicodeChar == CHAR_CARRIAGE_RETURN) {
>- break;
>- } else if (Key.UnicodeChar == CHAR_BACKSPACE) {
>- if (PasswordLen > 0) {
>- PasswordLen--;
>- }
>- } else if ((Key.UnicodeChar == CHAR_NULL) ||
>- (Key.UnicodeChar == CHAR_TAB) ||
>- (Key.UnicodeChar == CHAR_LINEFEED)) {
>- continue;
>- } else {
>- Password[PasswordLen] = Key.UnicodeChar;
>- PasswordMask[PasswordLen] = L'*';
>- PasswordLen++;
>- if (PasswordLen == CREDENTIAL_LEN) {
>- break;
>- }
>- }
>- }
>- }
>-
>- PasswordLen = PasswordLen * sizeof (CHAR16);
>- GenerateCredential (Password, PasswordLen, (UINT8 *)Credential);
>-}
>-
>-/**
>- Check whether the password can be found on this provider.
>-
>- @param[in] Password The password to be found.
>-
>- @retval EFI_SUCCESS Found password sucessfully.
>- @retval EFI_NOT_FOUND Fail to find the password.
>-
>-**/
>-EFI_STATUS
>-CheckPassword (
>- IN CHAR8 *Password
>- )
>-{
>- UINTN Index;
>- CHAR8 *Pwd;
>-
>- //
>- // Check password credential.
>- //
>- mPwdTable->ValidIndex = 0;
>- for (Index = 0; Index < mPwdTable->Count; Index++) {
>- Pwd = mPwdTable->UserInfo[Index].Password;
>- if (CompareMem (Pwd, Password, CREDENTIAL_LEN) == 0) {
>- mPwdTable->ValidIndex = Index + 1;
>- return EFI_SUCCESS;
>- }
>- }
>-
>- return EFI_NOT_FOUND;
>-}
>-
>-
>-/**
>- Find a user infomation record by the information record type.
>-
>- This function searches all user information records of User from beginning
>- until either the information is found, or there are no more user infomation
>- records. A match occurs when a Info.InfoType field matches the user
>information
>- record type.
>-
>- @param[in] User Points to the user profile record to search.
>- @param[in] InfoType The infomation type to be searched.
>- @param[out] Info Points to the user info found, the caller is responsible
>- to free.
>-
>- @retval EFI_SUCCESS Find the user information successfully.
>- @retval Others Fail to find the user information.
>-
>-**/
>-EFI_STATUS
>-FindUserInfoByType (
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN UINT8 InfoType,
>- OUT EFI_USER_INFO **Info
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *UserInfo;
>- UINTN UserInfoSize;
>- EFI_USER_INFO_HANDLE UserInfoHandle;
>- EFI_USER_MANAGER_PROTOCOL *UserManager;
>-
>- //
>- // Find user information by information type.
>- //
>- if (Info == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- Status = gBS->LocateProtocol (
>- &gEfiUserManagerProtocolGuid,
>- NULL,
>- (VOID **) &UserManager
>- );
>- if (EFI_ERROR (Status)) {
>- return EFI_NOT_FOUND;
>- }
>-
>- //
>- // Get each user information.
>- //
>-
>- UserInfoHandle = NULL;
>- UserInfo = NULL;
>- UserInfoSize = 0;
>- while (TRUE) {
>- Status = UserManager->GetNextInfo (UserManager, User,
>&UserInfoHandle);
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>- //
>- // Get information.
>- //
>- Status = UserManager->GetInfo (
>- UserManager,
>- User,
>- UserInfoHandle,
>- UserInfo,
>- &UserInfoSize
>- );
>- if (Status == EFI_BUFFER_TOO_SMALL) {
>- if (UserInfo != NULL) {
>- FreePool (UserInfo);
>- }
>- UserInfo = AllocateZeroPool (UserInfoSize);
>- if (UserInfo == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>- Status = UserManager->GetInfo (
>- UserManager,
>- User,
>- UserInfoHandle,
>- UserInfo,
>- &UserInfoSize
>- );
>- }
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>-
>- ASSERT (UserInfo != NULL);
>- if (UserInfo->InfoType == InfoType) {
>- *Info = UserInfo;
>- return EFI_SUCCESS;
>- }
>- }
>-
>- if (UserInfo != NULL) {
>- FreePool (UserInfo);
>- }
>- return Status;
>-}
>-
>-
>-/**
>- This function processes the results of changes in configuration.
>-
>- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
>- @param Action Specifies the type of action taken by the browser.
>- @param QuestionId A unique value which is sent to the original
>- exporting driver so that it can identify the type
>- of data to expect.
>- @param Type The type of value for the question.
>- @param Value A pointer to the data being sent to the original
>- exporting driver.
>- @param ActionRequest On return, points to the action requested by
>the
>- callback function.
>-
>- @retval EFI_SUCCESS The callback successfully handled the action.
>- @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold
>the
>- variable and its data.
>- @retval EFI_DEVICE_ERROR The variable could not be saved.
>- @retval EFI_UNSUPPORTED The specified Action is not supported by the
>- callback.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialDriverCallback (
>- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
>- IN EFI_BROWSER_ACTION Action,
>- IN EFI_QUESTION_ID QuestionId,
>- IN UINT8 Type,
>- IN EFI_IFR_TYPE_VALUE *Value,
>- OUT EFI_BROWSER_ACTION_REQUEST *ActionRequest
>- )
>-{
>- EFI_STATUS Status;
>- EFI_INPUT_KEY Key;
>- CHAR8 Password[CREDENTIAL_LEN];
>- CHAR16 *PromptStr;
>-
>- if (Action == EFI_BROWSER_ACTION_CHANGED) {
>- if (QuestionId == KEY_GET_PASSWORD) {
>- //
>- // Get and check password.
>- //
>- GetPassword (TRUE, Password);
>- Status = CheckPassword (Password);
>- if (EFI_ERROR (Status)) {
>- PromptStr = GetStringById (STRING_TOKEN
>(STR_PASSWORD_INCORRECT));
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- L"",
>- PromptStr,
>- L"",
>- NULL
>- );
>- FreePool (PromptStr);
>- return Status;
>- }
>- *ActionRequest = EFI_BROWSER_ACTION_REQUEST_EXIT;
>- }
>- return EFI_SUCCESS;
>- }
>-
>- //
>- // All other action return unsupported.
>- //
>- return EFI_UNSUPPORTED;
>-}
>-
>-
>-/**
>- This function allows a caller to extract the current configuration for one
>- or more named elements from the target driver.
>-
>-
>- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
>- @param Request A null-terminated Unicode string in <ConfigRequest>
>format.
>- @param Progress On return, points to a character in the Request string.
>- Points to the string's null terminator if request was successful.
>- Points to the most recent '&' before the first failing name/value
>- pair (or the beginning of the string if the failure is in the
>- first name/value pair) if the request was not successful.
>- @param Results A null-terminated Unicode string in <ConfigAltResp>
>format which
>- has all values filled in for the names in the Request string.
>- String to be allocated by the called function.
>-
>- @retval EFI_SUCCESS The Results is filled with the requested values.
>- @retval EFI_OUT_OF_RESOURCES Not enough memory to store the
>results.
>- @retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown
>name.
>- @retval EFI_NOT_FOUND Routing data doesn't match any storage in
>this driver.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-FakeExtractConfig (
>- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
>- IN CONST EFI_STRING Request,
>- OUT EFI_STRING *Progress,
>- OUT EFI_STRING *Results
>- )
>-{
>- if (Progress == NULL || Results == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>- *Progress = Request;
>- return EFI_NOT_FOUND;
>-}
>-
>-/**
>- This function processes the results of changes in configuration.
>-
>-
>- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
>- @param Configuration A null-terminated Unicode string in <ConfigResp>
>format.
>- @param Progress A pointer to a string filled in with the offset of the
>most
>- recent '&' before the first failing name/value pair (or the
>- beginning of the string if the failure is in the first
>- name/value pair) or the terminating NULL if all was successful.
>-
>- @retval EFI_SUCCESS The Results is processed successfully.
>- @retval EFI_INVALID_PARAMETER Configuration is NULL.
>- @retval EFI_NOT_FOUND Routing data doesn't match any storage in
>this driver.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-FakeRouteConfig (
>- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
>- IN CONST EFI_STRING Configuration,
>- OUT EFI_STRING *Progress
>- )
>-{
>- if (Configuration == NULL || Progress == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- *Progress = Configuration;
>-
>- return EFI_NOT_FOUND;
>-}
>-
>-/**
>- This function initialize the data mainly used in form browser.
>-
>- @retval EFI_SUCCESS Initialize form data successfully.
>- @retval Others Fail to Initialize form data.
>-
>-**/
>-EFI_STATUS
>-InitFormBrowser (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- PWD_PROVIDER_CALLBACK_INFO *CallbackInfo;
>-
>- //
>- // Initialize driver private data.
>- //
>- CallbackInfo = AllocateZeroPool (sizeof (PWD_PROVIDER_CALLBACK_INFO));
>- if (CallbackInfo == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- CallbackInfo->Signature = PWD_PROVIDER_SIGNATURE;
>- CallbackInfo->ConfigAccess.ExtractConfig = FakeExtractConfig;
>- CallbackInfo->ConfigAccess.RouteConfig = FakeRouteConfig;
>- CallbackInfo->ConfigAccess.Callback = CredentialDriverCallback;
>- CallbackInfo->DriverHandle = NULL;
>-
>- //
>- // Install Device Path Protocol and Config Access protocol to driver handle.
>- //
>- Status = gBS->InstallMultipleProtocolInterfaces (
>- &CallbackInfo->DriverHandle,
>- &gEfiDevicePathProtocolGuid,
>- &mHiiVendorDevicePath,
>- &gEfiHiiConfigAccessProtocolGuid,
>- &CallbackInfo->ConfigAccess,
>- NULL
>- );
>- ASSERT_EFI_ERROR (Status);
>-
>- //
>- // Publish HII data.
>- //
>- CallbackInfo->HiiHandle = HiiAddPackages (
>- &gPwdCredentialProviderGuid,
>- CallbackInfo->DriverHandle,
>- PwdCredentialProviderStrings,
>- PwdCredentialProviderVfrBin,
>- NULL
>- );
>- if (CallbackInfo->HiiHandle == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>- mCallbackInfo = CallbackInfo;
>-
>- return Status;
>-}
>-
>-
>-/**
>- Enroll a user on a credential provider.
>-
>- This function enrolls a user on this credential provider. If the user exists on
>- this credential provider, update the user information on this credential
>provider;
>- otherwise add the user information on credential provider.
>-
>- @param[in] This Points to this instance of
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] User The user profile to enroll.
>-
>- @retval EFI_SUCCESS User profile was successfully enrolled.
>- @retval EFI_ACCESS_DENIED Current user profile does not permit
>enrollment on the
>- user profile handle. Either the user profile cannot enroll
>- on any user profile or cannot enroll on a user profile
>- other than the current user profile.
>- @retval EFI_UNSUPPORTED This credential provider does not support
>enrollment in
>- the pre-OS.
>- @retval EFI_DEVICE_ERROR The new credential could not be created
>because of a device
>- error.
>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>profile handle.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialEnroll (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User
>- )
>-{
>- EFI_STATUS Status;
>- UINTN Index;
>- PASSWORD_INFO PwdInfo;
>- EFI_USER_INFO *UserInfo;
>- CHAR8 Password[CREDENTIAL_LEN];
>- EFI_INPUT_KEY Key;
>- UINT8 *UserId;
>- CHAR16 *QuestionStr;
>- CHAR16 *PromptStr;
>-
>- if ((This == NULL) || (User == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Get User Identifier.
>- //
>- UserInfo = NULL;
>- Status = FindUserInfoByType (
>- User,
>- EFI_USER_INFO_IDENTIFIER_RECORD,
>- &UserInfo
>- );
>- if (EFI_ERROR (Status)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- CopyMem (PwdInfo.UserId, (UINT8 *) (UserInfo + 1), sizeof
>(EFI_USER_INFO_IDENTIFIER));
>- FreePool (UserInfo);
>-
>- //
>- // Get password from user.
>- //
>- while (TRUE) {
>- //
>- // Input password.
>- //
>- GetPassword (TRUE, PwdInfo.Password);
>-
>- //
>- // Input password again.
>- //
>- GetPassword (FALSE, Password);
>-
>- //
>- // Compare the two password consistency.
>- //
>- if (CompareMem (PwdInfo.Password, Password, CREDENTIAL_LEN) == 0) {
>- break;
>- }
>-
>- QuestionStr = GetStringById (STRING_TOKEN
>(STR_PASSWORD_MISMATCH));
>- PromptStr = GetStringById (STRING_TOKEN
>(STR_INPUT_PASSWORD_AGAIN));
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- QuestionStr,
>- L"",
>- PromptStr,
>- NULL
>- );
>- FreePool (QuestionStr);
>- FreePool (PromptStr);
>- }
>-
>- //
>- // Check whether User is ever enrolled in the provider.
>- //
>- for (Index = 0; Index < mPwdTable->Count; Index++) {
>- UserId = (UINT8 *) &mPwdTable->UserInfo[Index].UserId;
>- if (CompareMem (UserId, (UINT8 *) &PwdInfo.UserId, sizeof
>(EFI_USER_INFO_IDENTIFIER)) == 0) {
>- //
>- // User already exists, update the password.
>- //
>- break;
>- }
>- }
>-
>- //
>- // Enroll the User to the provider.
>- //
>- Status = ModifyTable (Index, &PwdInfo);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Returns the user interface information used during user identification.
>-
>- This function returns information about the form used when interacting
>with the
>- user during user identification. The form is the first enabled form in the
>form-set
>- class EFI_HII_USER_CREDENTIAL_FORMSET_GUID installed on the HII
>handle HiiHandle. If
>- the user credential provider does not require a form to identify the user,
>then this
>- function should return EFI_NOT_FOUND.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] Hii On return, holds the HII database handle.
>- @param[out] FormSetId On return, holds the identifier of the form set
>which contains
>- the form used during user identification.
>- @param[out] FormId On return, holds the identifier of the form used
>during user
>- identification.
>-
>- @retval EFI_SUCCESS Form returned successfully.
>- @retval EFI_NOT_FOUND Form not returned.
>- @retval EFI_INVALID_PARAMETER Hii is NULL or FormSetId is NULL or
>FormId is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialForm (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_HII_HANDLE *Hii,
>- OUT EFI_GUID *FormSetId,
>- OUT EFI_FORM_ID *FormId
>- )
>-{
>- if ((This == NULL) || (Hii == NULL) ||
>- (FormSetId == NULL) || (FormId == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- *Hii = mCallbackInfo->HiiHandle;
>- *FormId = FORMID_GET_PASSWORD_FORM;
>- CopyGuid (FormSetId, &gPwdCredentialProviderGuid);
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Returns bitmap used to describe the credential provider type.
>-
>- This optional function returns a bitmap that is less than or equal to the
>number
>- of pixels specified by Width and Height. If no such bitmap exists, then
>EFI_NOT_FOUND
>- is returned.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in, out] Width On entry, points to the desired bitmap width. If
>NULL then no
>- bitmap information will be returned. On exit, points to the
>- width of the bitmap returned.
>- @param[in, out] Height On entry, points to the desired bitmap height. If
>NULL then no
>- bitmap information will be returned. On exit, points to the
>- height of the bitmap returned
>- @param[out] Hii On return, holds the HII database handle.
>- @param[out] Image On return, holds the HII image identifier.
>-
>- @retval EFI_SUCCESS Image identifier returned successfully.
>- @retval EFI_NOT_FOUND Image identifier not returned.
>- @retval EFI_INVALID_PARAMETER Hii is NULL or Image is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialTile (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN OUT UINTN *Width,
>- IN OUT UINTN *Height,
>- OUT EFI_HII_HANDLE *Hii,
>- OUT EFI_IMAGE_ID *Image
>- )
>-{
>- if ((This == NULL) || (Hii == NULL) || (Image == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>- return EFI_NOT_FOUND;
>-}
>-
>-
>-/**
>- Returns string used to describe the credential provider type.
>-
>- This function returns a string which describes the credential provider. If no
>- such string exists, then EFI_NOT_FOUND is returned.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] Hii On return, holds the HII database handle.
>- @param[out] String On return, holds the HII string identifier.
>-
>- @retval EFI_SUCCESS String identifier returned successfully.
>- @retval EFI_NOT_FOUND String identifier not returned.
>- @retval EFI_INVALID_PARAMETER Hii is NULL or String is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialTitle (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_HII_HANDLE *Hii,
>- OUT EFI_STRING_ID *String
>- )
>-{
>- if ((This == NULL) || (Hii == NULL) || (String == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Set Hii handle and String ID.
>- //
>- *Hii = mCallbackInfo->HiiHandle;
>- *String = STRING_TOKEN (STR_CREDENTIAL_TITLE);
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Return the user identifier associated with the currently authenticated user.
>-
>- This function returns the user identifier of the user authenticated by this
>credential
>- provider. This function is called after the credential-related information has
>been
>- submitted on a form, OR after a call to Default() has returned that this
>credential is
>- ready to log on.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] User The user profile handle of the user profile currently
>being
>- considered by the user identity manager. If NULL, then no user
>- profile is currently under consideration.
>- @param[out] Identifier On return, points to the user identifier.
>-
>- @retval EFI_SUCCESS User identifier returned successfully.
>- @retval EFI_NOT_READY No user identifier can be returned.
>- @retval EFI_ACCESS_DENIED The user has been locked out of this user
>credential.
>- @retval EFI_INVALID_PARAMETER This is NULL, or Identifier is NULL.
>- @retval EFI_NOT_FOUND User is not NULL, and the specified user
>handle can't be
>- found in user profile database
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialUser (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User,
>- OUT EFI_USER_INFO_IDENTIFIER *Identifier
>- )
>-{
>- EFI_STATUS Status;
>- UINTN Index;
>- EFI_USER_INFO *UserInfo;
>- UINT8 *UserId;
>- UINT8 *NewUserId;
>- CHAR8 *Pwd;
>- CHAR8 *NewPwd;
>-
>- if ((This == NULL) || (Identifier == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if (mPwdTable->ValidIndex == 0) {
>- //
>- // No password input, or the input password doesn't match
>- // anyone in PwdTable.
>- //
>- return EFI_NOT_READY;
>- }
>-
>- if (User == NULL) {
>- //
>- // Return the user ID whose password matches the input password.
>- //
>- CopyMem (
>- Identifier,
>- &mPwdTable->UserInfo[mPwdTable->ValidIndex - 1].UserId,
>- sizeof (EFI_USER_INFO_IDENTIFIER)
>- );
>- return EFI_SUCCESS;
>- }
>-
>- //
>- // Get the User's ID.
>- //
>- Status = FindUserInfoByType (
>- User,
>- EFI_USER_INFO_IDENTIFIER_RECORD,
>- &UserInfo
>- );
>- if (EFI_ERROR (Status)) {
>- return EFI_NOT_FOUND;
>- }
>-
>- //
>- // Check whether the input password matches one in PwdTable.
>- //
>- for (Index = 0; Index < mPwdTable->Count; Index++) {
>- UserId = (UINT8 *) &mPwdTable->UserInfo[Index].UserId;
>- NewUserId = (UINT8 *) (UserInfo + 1);
>- if (CompareMem (UserId, NewUserId, sizeof (EFI_USER_INFO_IDENTIFIER))
>== 0) {
>- Pwd = mPwdTable->UserInfo[Index].Password;
>- NewPwd = mPwdTable->UserInfo[mPwdTable->ValidIndex - 1].Password;
>- if (CompareMem (Pwd, NewPwd, CREDENTIAL_LEN) == 0) {
>- CopyMem (Identifier, UserId, sizeof (EFI_USER_INFO_IDENTIFIER));
>- FreePool (UserInfo);
>- return EFI_SUCCESS;
>- }
>- }
>- }
>-
>- FreePool (UserInfo);
>- return EFI_NOT_READY;
>-}
>-
>-
>-/**
>- Indicate that user interface interaction has begun for the specified
>credential.
>-
>- This function is called when a credential provider is selected by the user. If
>- AutoLogon returns FALSE, then the user interface will be constructed by the
>User
>- Identity Manager.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] AutoLogon On return, points to the credential provider's
>capabilities
>- after the credential provider has been selected by the user.
>-
>- @retval EFI_SUCCESS Credential provider successfully selected.
>- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialSelect (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
>- )
>-{
>- if ((This == NULL) || (AutoLogon == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>- *AutoLogon = 0;
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Indicate that user interface interaction has ended for the specified
>credential.
>-
>- This function is called when a credential provider is deselected by the user.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>-
>- @retval EFI_SUCCESS Credential provider successfully deselected.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialDeselect (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This
>- )
>-{
>- if (This == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Return the default logon behavior for this user credential.
>-
>- This function reports the default login behavior regarding this credential
>provider.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] AutoLogon On return, holds whether the credential provider
>should be used
>- by default to automatically log on the user.
>-
>- @retval EFI_SUCCESS Default information successfully returned.
>- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialDefault (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
>- )
>-{
>- if ((This == NULL) || (AutoLogon == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>- *AutoLogon = 0;
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Return information attached to the credential provider.
>-
>- This function returns user information.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] UserInfo Handle of the user information data record.
>- @param[out] Info On entry, points to a buffer of at least *InfoSize
>bytes. On
>- exit, holds the user information. If the buffer is too small
>- to hold the information, then EFI_BUFFER_TOO_SMALL is
>returned
>- and InfoSize is updated to contain the number of bytes
>actually
>- required.
>- @param[in, out] InfoSize On entry, points to the size of Info. On return,
>points to the
>- size of the user information.
>-
>- @retval EFI_SUCCESS Information returned successfully.
>- @retval EFI_BUFFER_TOO_SMALL The size specified by InfoSize is too small
>to hold all of the
>- user information. The size required is returned in *InfoSize.
>- @retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
>- @retval EFI_NOT_FOUND The specified UserInfo does not refer to a
>valid user info handle.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialGetInfo (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_INFO_HANDLE UserInfo,
>- OUT EFI_USER_INFO *Info,
>- IN OUT UINTN *InfoSize
>- )
>-{
>- EFI_USER_INFO *CredentialInfo;
>- UINTN Index;
>-
>- if ((This == NULL) || (InfoSize == NULL) || (Info == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if ((UserInfo == NULL) || (mPwdInfoHandle == NULL)) {
>- return EFI_NOT_FOUND;
>- }
>-
>- //
>- // Find information handle in credential info table.
>- //
>- for (Index = 0; Index < mPwdInfoHandle->Count; Index++) {
>- CredentialInfo = mPwdInfoHandle->Info[Index];
>- if (UserInfo == (EFI_USER_INFO_HANDLE)CredentialInfo) {
>- //
>- // The handle is found, copy the user info.
>- //
>- if (CredentialInfo->InfoSize > *InfoSize) {
>- *InfoSize = CredentialInfo->InfoSize;
>- return EFI_BUFFER_TOO_SMALL;
>- }
>- CopyMem (Info, CredentialInfo, CredentialInfo->InfoSize);
>- return EFI_SUCCESS;
>- }
>- }
>-
>- return EFI_NOT_FOUND;
>-}
>-
>-
>-/**
>- Enumerate all of the user informations on the credential provider.
>-
>- This function returns the next user information record. To retrieve the first
>user
>- information record handle, point UserInfo at a NULL. Each subsequent call
>will retrieve
>- another user information record handle until there are no more, at which
>point UserInfo
>- will point to NULL.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in, out] UserInfo On entry, points to the previous user information
>handle or NULL
>- to start enumeration. On exit, points to the next user
>information
>- handle or NULL if there is no more user information.
>-
>- @retval EFI_SUCCESS User information returned.
>- @retval EFI_NOT_FOUND No more user information found.
>- @retval EFI_INVALID_PARAMETER UserInfo is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialGetNextInfo (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN OUT EFI_USER_INFO_HANDLE *UserInfo
>- )
>-{
>- EFI_USER_INFO *Info;
>- CHAR16 *ProvNameStr;
>- UINTN InfoLen;
>- UINTN Index;
>- UINTN ProvStrLen;
>-
>- if ((This == NULL) || (UserInfo == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if (mPwdInfoHandle == NULL) {
>- //
>- // Initilized user info table. There are 4 user info records in the table.
>- //
>- InfoLen = sizeof (PASSWORD_CREDENTIAL_INFO) + (4 - 1) * sizeof
>(EFI_USER_INFO *);
>- mPwdInfoHandle = AllocateZeroPool (InfoLen);
>- if (mPwdInfoHandle == NULL) {
>- *UserInfo = NULL;
>- return EFI_NOT_FOUND;
>- }
>-
>- //
>- // The first information, Credential Provider info.
>- //
>- InfoLen = sizeof (EFI_USER_INFO) + sizeof (EFI_GUID);
>- Info = AllocateZeroPool (InfoLen);
>- ASSERT (Info != NULL);
>-
>- Info->InfoType = EFI_USER_INFO_CREDENTIAL_PROVIDER_RECORD;
>- Info->InfoSize = (UINT32) InfoLen;
>- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
>- CopyGuid (&Info->Credential, &gPwdCredentialProviderGuid);
>- CopyGuid ((EFI_GUID *)(Info + 1), &gPwdCredentialProviderGuid);
>-
>- mPwdInfoHandle->Info[0] = Info;
>- mPwdInfoHandle->Count++;
>-
>- //
>- // The second information, Credential Provider name info.
>- //
>- ProvNameStr = GetStringById (STRING_TOKEN (STR_PROVIDER_NAME));
>- ProvStrLen = StrSize (ProvNameStr);
>- InfoLen = sizeof (EFI_USER_INFO) + ProvStrLen;
>- Info = AllocateZeroPool (InfoLen);
>- ASSERT (Info != NULL);
>-
>- Info->InfoType =
>EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD;
>- Info->InfoSize = (UINT32) InfoLen;
>- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
>- CopyGuid (&Info->Credential, &gPwdCredentialProviderGuid);
>- CopyMem ((UINT8*)(Info + 1), ProvNameStr, ProvStrLen);
>- FreePool (ProvNameStr);
>-
>- mPwdInfoHandle->Info[1] = Info;
>- mPwdInfoHandle->Count++;
>-
>- //
>- // The third information, Credential Provider type info.
>- //
>- InfoLen = sizeof (EFI_USER_INFO) + sizeof (EFI_GUID);
>- Info = AllocateZeroPool (InfoLen);
>- ASSERT (Info != NULL);
>-
>- Info->InfoType = EFI_USER_INFO_CREDENTIAL_TYPE_RECORD;
>- Info->InfoSize = (UINT32) InfoLen;
>- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
>- CopyGuid (&Info->Credential, &gPwdCredentialProviderGuid);
>- CopyGuid ((EFI_GUID *)(Info + 1), &gEfiUserCredentialClassPasswordGuid);
>-
>- mPwdInfoHandle->Info[2] = Info;
>- mPwdInfoHandle->Count++;
>-
>- //
>- // The fourth information, Credential Provider type name info.
>- //
>- ProvNameStr = GetStringById (STRING_TOKEN
>(STR_PROVIDER_TYPE_NAME));
>- ProvStrLen = StrSize (ProvNameStr);
>- InfoLen = sizeof (EFI_USER_INFO) + ProvStrLen;
>- Info = AllocateZeroPool (InfoLen);
>- ASSERT (Info != NULL);
>-
>- Info->InfoType =
>EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD;
>- Info->InfoSize = (UINT32) InfoLen;
>- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
>- CopyGuid (&Info->Credential, &gPwdCredentialProviderGuid);
>- CopyMem ((UINT8*)(Info + 1), ProvNameStr, ProvStrLen);
>- FreePool (ProvNameStr);
>-
>- mPwdInfoHandle->Info[3] = Info;
>- mPwdInfoHandle->Count++;
>- }
>-
>- if (*UserInfo == NULL) {
>- //
>- // Return the first info handle.
>- //
>- *UserInfo = (EFI_USER_INFO_HANDLE) mPwdInfoHandle->Info[0];
>- return EFI_SUCCESS;
>- }
>-
>- //
>- // Find information handle in credential info table.
>- //
>- for (Index = 0; Index < mPwdInfoHandle->Count; Index++) {
>- Info = mPwdInfoHandle->Info[Index];
>- if (*UserInfo == (EFI_USER_INFO_HANDLE)Info) {
>- //
>- // The handle is found, get the next one.
>- //
>- if (Index == mPwdInfoHandle->Count - 1) {
>- //
>- // Already last one.
>- //
>- *UserInfo = NULL;
>- return EFI_NOT_FOUND;
>- }
>-
>- Index++;
>- *UserInfo = (EFI_USER_INFO_HANDLE)mPwdInfoHandle->Info[Index];
>- return EFI_SUCCESS;
>- }
>- }
>-
>- *UserInfo = NULL;
>- return EFI_NOT_FOUND;
>-}
>-
>-/**
>- Delete a user on this credential provider.
>-
>- This function deletes a user on this credential provider.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] User The user profile handle to delete.
>-
>- @retval EFI_SUCCESS User profile was successfully deleted.
>- @retval EFI_ACCESS_DENIED Current user profile does not permit
>deletion on the user profile handle.
>- Either the user profile cannot delete on any user profile or
>cannot delete
>- on a user profile other than the current user profile.
>- @retval EFI_UNSUPPORTED This credential provider does not support
>deletion in the pre-OS.
>- @retval EFI_DEVICE_ERROR The new credential could not be deleted
>because of a device error.
>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>profile handle.
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialDelete (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *UserInfo;
>- UINT8 *UserId;
>- UINT8 *NewUserId;
>- UINTN Index;
>-
>- if ((This == NULL) || (User == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Get User Identifier.
>- //
>- UserInfo = NULL;
>- Status = FindUserInfoByType (
>- User,
>- EFI_USER_INFO_IDENTIFIER_RECORD,
>- &UserInfo
>- );
>- if (EFI_ERROR (Status)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Find the user by user identifier in mPwdTable.
>- //
>- for (Index = 0; Index < mPwdTable->Count; Index++) {
>- UserId = (UINT8 *) &mPwdTable->UserInfo[Index].UserId;
>- NewUserId = (UINT8 *) (UserInfo + 1);
>- if (CompareMem (UserId, NewUserId, sizeof (EFI_USER_INFO_IDENTIFIER))
>== 0) {
>- //
>- // Found the user, delete it.
>- //
>- ModifyTable (Index, NULL);
>- break;
>- }
>- }
>-
>- FreePool (UserInfo);
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Main entry for this driver.
>-
>- @param ImageHandle Image handle this driver.
>- @param SystemTable Pointer to SystemTable.
>-
>- @retval EFI_SUCESS This function always complete successfully.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-PasswordProviderInit (
>- IN EFI_HANDLE ImageHandle,
>- IN EFI_SYSTEM_TABLE *SystemTable
>- )
>-{
>- EFI_STATUS Status;
>-
>- //
>- // It is NOT robust enough to be included in production.
>- //
>- #error "This implementation is just a sample, please comment this line if you
>really want to use this driver."
>-
>- //
>- // Init credential table.
>- //
>- Status = InitCredentialTable ();
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Init Form Browser.
>- //
>- Status = InitFormBrowser ();
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Install protocol interfaces for the password credential provider.
>- //
>- Status = gBS->InstallProtocolInterface (
>- &mCallbackInfo->DriverHandle,
>- &gEfiUserCredential2ProtocolGuid,
>- EFI_NATIVE_INTERFACE,
>- &gPwdCredentialProviderDriver
>- );
>- return Status;
>-}
>diff --git
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>rovider.h
>b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>Provider.h
>deleted file mode 100644
>index fd782549fd..0000000000
>---
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>rovider.h
>+++ /dev/null
>@@ -1,374 +0,0 @@
>-/** @file
>- Password Credential Provider driver header file.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#ifndef _PASSWORD_CREDENTIAL_PROVIDER_H_
>-#define _PASSWORD_CREDENTIAL_PROVIDER_H_
>-
>-#include <Uefi.h>
>-
>-#include <Guid/GlobalVariable.h>
>-
>-#include <Protocol/HiiConfigAccess.h>
>-#include <Protocol/UserCredential2.h>
>-#include <Protocol/UserManager.h>
>-
>-#include <Library/UefiRuntimeServicesTableLib.h>
>-#include <Library/UefiBootServicesTableLib.h>
>-#include <Library/MemoryAllocationLib.h>
>-#include <Library/BaseMemoryLib.h>
>-#include <Library/DevicePathLib.h>
>-#include <Library/DebugLib.h>
>-#include <Library/UefiLib.h>
>-#include <Library/PrintLib.h>
>-#include <Library/HiiLib.h>
>-#include <Library/BaseCryptLib.h>
>-
>-#include "PwdCredentialProviderData.h"
>-
>-extern UINT8 PwdCredentialProviderStrings[];
>-extern UINT8 PwdCredentialProviderVfrBin[];
>-
>-#define PASSWORD_TABLE_INC 16
>-#define CREDENTIAL_LEN 20
>-
>-//
>-// Password credential information.
>-//
>-typedef struct {
>- EFI_USER_INFO_IDENTIFIER UserId;
>- CHAR8 Password[CREDENTIAL_LEN];
>-} PASSWORD_INFO;
>-
>-//
>-// Password credential table.
>-//
>-typedef struct {
>- UINTN Count;
>- UINTN MaxCount;
>- UINTN ValidIndex;
>- PASSWORD_INFO UserInfo[1];
>-} CREDENTIAL_TABLE;
>-
>-//
>-// The user information on the password provider.
>-//
>-typedef struct {
>- UINTN Count;
>- EFI_USER_INFO *Info[1];
>-} PASSWORD_CREDENTIAL_INFO;
>-
>-///
>-/// HII specific Vendor Device Path definition.
>-///
>-typedef struct {
>- VENDOR_DEVICE_PATH VendorDevicePath;
>- EFI_DEVICE_PATH_PROTOCOL End;
>-} HII_VENDOR_DEVICE_PATH;
>-
>-#define PWD_PROVIDER_SIGNATURE SIGNATURE_32 ('P', 'W', 'D', 'P')
>-
>-typedef struct {
>- UINTN Signature;
>- EFI_HANDLE DriverHandle;
>- EFI_HII_HANDLE HiiHandle;
>- //
>- // Produced protocol.
>- //
>- EFI_HII_CONFIG_ACCESS_PROTOCOL ConfigAccess;
>-} PWD_PROVIDER_CALLBACK_INFO;
>-
>-
>-/**
>- Enroll a user on a credential provider.
>-
>- This function enrolls a user on this credential provider. If the user exists on
>- this credential provider, update the user information on this credential
>provider;
>- otherwise delete the user information on credential provider.
>-
>- @param[in] This Points to this instance of
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] User The user profile to enroll.
>-
>- @retval EFI_SUCCESS User profile was successfully enrolled.
>- @retval EFI_ACCESS_DENIED Current user profile does not permit
>enrollment on the
>- user profile handle. Either the user profile cannot enroll
>- on any user profile or cannot enroll on a user profile
>- other than the current user profile.
>- @retval EFI_UNSUPPORTED This credential provider does not support
>enrollment in
>- the pre-OS.
>- @retval EFI_DEVICE_ERROR The new credential could not be created
>because of a device
>- error.
>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>profile handle.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialEnroll (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User
>- );
>-
>-/**
>- Returns the user interface information used during user identification.
>-
>- This function returns information about the form used when interacting
>with the
>- user during user identification. The form is the first enabled form in the
>form-set
>- class EFI_HII_USER_CREDENTIAL_FORMSET_GUID installed on the HII
>handle HiiHandle. If
>- the user credential provider does not require a form to identify the user,
>then this
>- function should return EFI_NOT_FOUND.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] Hii On return, holds the HII database handle.
>- @param[out] FormSetId On return, holds the identifier of the form set
>which contains
>- the form used during user identification.
>- @param[out] FormId On return, holds the identifier of the form used
>during user
>- identification.
>-
>- @retval EFI_SUCCESS Form returned successfully.
>- @retval EFI_NOT_FOUND Form not returned.
>- @retval EFI_INVALID_PARAMETER Hii is NULL or FormSetId is NULL or
>FormId is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialForm (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_HII_HANDLE *Hii,
>- OUT EFI_GUID *FormSetId,
>- OUT EFI_FORM_ID *FormId
>- );
>-
>-/**
>- Returns bitmap used to describe the credential provider type.
>-
>- This optional function returns a bitmap which is less than or equal to the
>number
>- of pixels specified by Width and Height. If no such bitmap exists, then
>EFI_NOT_FOUND
>- is returned.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in, out] Width On entry, points to the desired bitmap width. If
>NULL then no
>- bitmap information will be returned. On exit, points to the
>- width of the bitmap returned.
>- @param[in, out] Height On entry, points to the desired bitmap height. If
>NULL then no
>- bitmap information will be returned. On exit, points to the
>- height of the bitmap returned
>- @param[out] Hii On return, holds the HII database handle.
>- @param[out] Image On return, holds the HII image identifier.
>-
>- @retval EFI_SUCCESS Image identifier returned successfully.
>- @retval EFI_NOT_FOUND Image identifier not returned.
>- @retval EFI_INVALID_PARAMETER Hii is NULL or Image is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialTile (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN OUT UINTN *Width,
>- IN OUT UINTN *Height,
>- OUT EFI_HII_HANDLE *Hii,
>- OUT EFI_IMAGE_ID *Image
>- );
>-
>-/**
>- Returns string used to describe the credential provider type.
>-
>- This function returns a string which describes the credential provider. If no
>- such string exists, then EFI_NOT_FOUND is returned.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] Hii On return, holds the HII database handle.
>- @param[out] String On return, holds the HII string identifier.
>-
>- @retval EFI_SUCCESS String identifier returned successfully.
>- @retval EFI_NOT_FOUND String identifier not returned.
>- @retval EFI_INVALID_PARAMETER Hii is NULL or String is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialTitle (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_HII_HANDLE *Hii,
>- OUT EFI_STRING_ID *String
>- );
>-
>-/**
>- Return the user identifier associated with the currently authenticated user.
>-
>- This function returns the user identifier of the user authenticated by this
>credential
>- provider. This function is called after the credential-related information has
>been
>- submitted on a form OR after a call to Default() has returned that this
>credential is
>- ready to log on.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] User The user profile handle of the user profile currently
>being
>- considered by the user identity manager. If NULL, then no user
>- profile is currently under consideration.
>- @param[out] Identifier On return, points to the user identifier.
>-
>- @retval EFI_SUCCESS User identifier returned successfully.
>- @retval EFI_NOT_READY No user identifier can be returned.
>- @retval EFI_ACCESS_DENIED The user has been locked out of this user
>credential.
>- @retval EFI_INVALID_PARAMETER This is NULL, or Identifier is NULL.
>- @retval EFI_NOT_FOUND User is not NULL, and the specified user
>handle can't be
>- found in user profile database
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialUser (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User,
>- OUT EFI_USER_INFO_IDENTIFIER *Identifier
>- );
>-
>-/**
>- Indicate that user interface interaction has begun for the specified
>credential.
>-
>- This function is called when a credential provider is selected by the user. If
>- AutoLogon returns FALSE, then the user interface will be constructed by the
>User
>- Identity Manager.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] AutoLogon On return, points to the credential provider's
>capabilities
>- after the credential provider has been selected by the user.
>-
>- @retval EFI_SUCCESS Credential provider successfully selected.
>- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialSelect (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
>- );
>-
>-/**
>- Indicate that user interface interaction has ended for the specified
>credential.
>-
>- This function is called when a credential provider is deselected by the user.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>-
>- @retval EFI_SUCCESS Credential provider successfully deselected.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialDeselect (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This
>- );
>-
>-/**
>- Return the default logon behavior for this user credential.
>-
>- This function reports the default login behavior regarding this credential
>provider.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] AutoLogon On return, holds whether the credential provider
>should be used
>- by default to automatically log on the user.
>-
>- @retval EFI_SUCCESS Default information successfully returned.
>- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialDefault (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
>- );
>-
>-/**
>- Return information attached to the credential provider.
>-
>- This function returns user information.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] UserInfo Handle of the user information data record.
>- @param[out] Info On entry, points to a buffer of at least *InfoSize
>bytes. On
>- exit, holds the user information. If the buffer is too small
>- to hold the information, then EFI_BUFFER_TOO_SMALL is
>returned
>- and InfoSize is updated to contain the number of bytes
>actually
>- required.
>- @param[in, out] InfoSize On entry, points to the size of Info. On return,
>points to the
>- size of the user information.
>-
>- @retval EFI_SUCCESS Information returned successfully.
>- @retval EFI_BUFFER_TOO_SMALL The size specified by InfoSize is too small
>to hold all of the
>- user information. The size required is returned in *InfoSize.
>- @retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
>- @retval EFI_NOT_FOUND The specified UserInfo does not refer to a
>valid user info handle.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialGetInfo (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_INFO_HANDLE UserInfo,
>- OUT EFI_USER_INFO *Info,
>- IN OUT UINTN *InfoSize
>- );
>-
>-
>-/**
>- Enumerate all of the user informations on the credential provider.
>-
>- This function returns the next user information record. To retrieve the first
>user
>- information record handle, point UserInfo at a NULL. Each subsequent call
>will retrieve
>- another user information record handle until there are no more, at which
>point UserInfo
>- will point to NULL.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in, out] UserInfo On entry, points to the previous user information
>handle or NULL
>- to start enumeration. On exit, points to the next user
>information
>- handle or NULL if there is no more user information.
>-
>- @retval EFI_SUCCESS User information returned.
>- @retval EFI_NOT_FOUND No more user information found.
>- @retval EFI_INVALID_PARAMETER UserInfo is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialGetNextInfo (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN OUT EFI_USER_INFO_HANDLE *UserInfo
>- );
>-
>-/**
>- Delete a user on this credential provider.
>-
>- This function deletes a user on this credential provider.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] User The user profile handle to delete.
>-
>- @retval EFI_SUCCESS User profile was successfully deleted.
>- @retval EFI_ACCESS_DENIED Current user profile does not permit
>deletion on the user profile handle.
>- Either the user profile cannot delete on any user profile or
>cannot delete
>- on a user profile other than the current user profile.
>- @retval EFI_UNSUPPORTED This credential provider does not support
>deletion in the pre-OS.
>- @retval EFI_DEVICE_ERROR The new credential could not be deleted
>because of a device error.
>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>profile handle.
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialDelete (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User
>- );
>-
>-#endif
>diff --git
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>rovider.uni
>b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>Provider.uni
>deleted file mode 100644
>index 749e9a8f17..0000000000
>---
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>rovider.uni
>+++ /dev/null
>@@ -1,21 +0,0 @@
>-// /** @file
>-// Provides a password credential provider implementation
>-//
>-// This module provides a password credential provider implementation.
>-//
>-// Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
>-//
>-// This program and the accompanying materials
>-// are licensed and made available under the terms and conditions of the BSD
>License
>-// which accompanies this distribution. The full text of the license may be
>found at
>-// http://opensource.org/licenses/bsd-license.php
>-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-//
>-// **/
>-
>-
>-#string STR_MODULE_ABSTRACT #language en-US "Provides a
>password credential provider implementation"
>-
>-#string STR_MODULE_DESCRIPTION #language en-US "This module
>provides a password credential provider implementation."
>-
>diff --git
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>roviderData.h
>b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>ProviderData.h
>deleted file mode 100644
>index 31bdfe4c50..0000000000
>---
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>roviderData.h
>+++ /dev/null
>@@ -1,30 +0,0 @@
>-/** @file
>- Data structure used by the Password Credential Provider driver.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#ifndef _PWD_CREDENTIAL_PROVIDER_DATA_H_
>-#define _PWD_CREDENTIAL_PROVIDER_DATA_H_
>-
>-#include <Guid/PwdCredentialProviderHii.h>
>-
>-//
>-// Forms definition
>-//
>-#define FORMID_GET_PASSWORD_FORM 1
>-
>-//
>-// Key defination
>-//
>-#define KEY_GET_PASSWORD 0x1000
>-
>-#endif
>diff --git
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>roviderDxe.inf
>b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>ProviderDxe.inf
>deleted file mode 100644
>index ab7ba2c913..0000000000
>---
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>roviderDxe.inf
>+++ /dev/null
>@@ -1,65 +0,0 @@
>-## @file
>-# Provides a password credential provider implementation
>-# This module provides a password credential provider implementation.
>-#
>-# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-# This program and the accompanying materials
>-# are licensed and made available under the terms and conditions of the BSD
>License
>-# which accompanies this distribution. The full text of the license may be
>found at
>-# http://opensource.org/licenses/bsd-license.php
>-# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>-# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-#
>-##
>-
>-[Defines]
>- INF_VERSION = 0x00010005
>- BASE_NAME = PwdCredentialProvider
>- MODULE_UNI_FILE = PwdCredentialProvider.uni
>- FILE_GUID = D6C589EA-DD29-49ef-97F6-1A9FE19A04E0
>- MODULE_TYPE = UEFI_DRIVER
>- VERSION_STRING = 1.0
>- ENTRY_POINT = PasswordProviderInit
>-
>-[Sources]
>- PwdCredentialProvider.c
>- PwdCredentialProvider.h
>- PwdCredentialProviderData.h
>- PwdCredentialProviderVfr.Vfr
>- PwdCredentialProviderStrings.uni
>-
>-[Packages]
>- MdePkg/MdePkg.dec
>- MdeModulePkg/MdeModulePkg.dec
>- CryptoPkg/CryptoPkg.dec
>- SecurityPkg/SecurityPkg.dec
>-
>-[LibraryClasses]
>- UefiRuntimeServicesTableLib
>- UefiBootServicesTableLib
>- UefiDriverEntryPoint
>- MemoryAllocationLib
>- BaseMemoryLib
>- DebugLib
>- HiiLib
>- UefiLib
>- BaseCryptLib
>-
>-[Guids]
>- gEfiUserCredentialClassPasswordGuid ## SOMETIMES_CONSUMES
>## GUID
>-
>- ## PRODUCES ## Variable:L"PwdCredential"
>- ## CONSUMES ## Variable:L"PwdCredential"
>- ## CONSUMES ## HII
>- ## SOMETIMES_CONSUMES ## GUID # The credential provider
>identifier
>- gPwdCredentialProviderGuid
>-
>-[Protocols]
>- gEfiDevicePathProtocolGuid ## PRODUCES
>- gEfiHiiConfigAccessProtocolGuid ## PRODUCES
>- gEfiUserCredential2ProtocolGuid ## PRODUCES
>- gEfiUserManagerProtocolGuid ## SOMETIMES_CONSUMES
>-
>-[UserExtensions.TianoCore."ExtraFiles"]
>- PwdCredentialProviderExtra.uni
>-
>diff --git
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>roviderExtra.uni
>b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>ProviderExtra.uni
>deleted file mode 100644
>index bcc220a51d..0000000000
>---
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>roviderExtra.uni
>+++ /dev/null
>@@ -1,19 +0,0 @@
>-// /** @file
>-// PwdCredentialProvider Localized Strings and Content
>-//
>-// Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
>-//
>-// This program and the accompanying materials
>-// are licensed and made available under the terms and conditions of the BSD
>License
>-// which accompanies this distribution. The full text of the license may be
>found at
>-// http://opensource.org/licenses/bsd-license.php
>-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-//
>-// **/
>-
>-#string STR_PROPERTIES_MODULE_NAME
>-#language en-US
>-"Password Credential Provider"
>-
>-
>diff --git
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>roviderStrings.uni
>b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>ProviderStrings.uni
>deleted file mode 100644
>index e7b3126f83..0000000000
>---
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>roviderStrings.uni
>+++ /dev/null
>@@ -1,38 +0,0 @@
>-/** @file
>- String definitions for the Password Credential Provider.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php.
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#langdef en-US "English"
>-#langdef fr-FR "Francais"
>-
>-#string STR_CREDENTIAL_TITLE #language en-US "Password
>Credential Provider"
>- #language fr-FR "Password Credential Provider
>(French)"
>-#string STR_FORM_TITLE #language en-US "Get Password"
>- #language fr-FR "Get Password(French)"
>-#string STR_NULL_STRING #language en-US ""
>- #language fr-FR ""
>-#string STR_INPUT_PASSWORD #language en-US "Please Input
>Password"
>- #language fr-FR "Please Input Password(French)"
>-#string STR_PROVIDER_NAME #language en-US "INTEL
>Password Credential Provider"
>- #language fr-FR "INTEL Password Credential
>Provider(French)"
>-#string STR_PROVIDER_TYPE_NAME #language en-US "Password
>Credential Provider"
>- #language fr-FR "Password Credential
>Provider(French)"
>-#string STR_INPUT_PASSWORD_AGAIN #language en-US "Input
>Password Again"
>- #language fr-FR "Input Password Again (French)"
>-#string STR_DRAW_A_LINE #language en-US "---------------------
>--------"
>- #language fr-FR "------------------------------------"
>-#string STR_PASSWORD_INCORRECT #language en-US " Incorrect
>Password! "
>- #language fr-FR " Incorrect Password! (French) "
>-#string STR_PASSWORD_MISMATCH #language en-US " The
>Password Mismatch! "
>- #language fr-FR " The Password Mismatch! (French)
>"
>-
>diff --git
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>roviderVfr.Vfr
>b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>ProviderVfr.Vfr
>deleted file mode 100644
>index 60972203b0..0000000000
>---
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>roviderVfr.Vfr
>+++ /dev/null
>@@ -1,34 +0,0 @@
>-/** @file
>- Password Credential Provider formset.
>-
>-Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#include "PwdCredentialProviderData.h"
>-
>-formset
>- guid = PWD_CREDENTIAL_PROVIDER_GUID,
>- title = STRING_TOKEN(STR_CREDENTIAL_TITLE),
>- help = STRING_TOKEN(STR_NULL_STRING),
>- classguid = PWD_CREDENTIAL_PROVIDER_GUID,
>-
>- form formid = FORMID_GET_PASSWORD_FORM,
>- title = STRING_TOKEN(STR_FORM_TITLE);
>-
>- text
>- help = STRING_TOKEN(STR_NULL_STRING),
>- text = STRING_TOKEN(STR_INPUT_PASSWORD),
>- flags = INTERACTIVE,
>- key = KEY_GET_PASSWORD;
>-
>- endform;
>-
>-endformset;
>\ No newline at end of file
>diff --git
>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>ovider.c
>b/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>ovider.c
>deleted file mode 100644
>index 841e975103..0000000000
>---
>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>ovider.c
>+++ /dev/null
>@@ -1,1410 +0,0 @@
>-/** @file
>- Usb Credential Provider driver implemenetation.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#include "UsbCredentialProvider.h"
>-
>-CREDENTIAL_TABLE *mUsbTable = NULL;
>-USB_PROVIDER_CALLBACK_INFO *mCallbackInfo = NULL;
>-USB_CREDENTIAL_INFO *mUsbInfoHandle = NULL;
>-
>-EFI_USER_CREDENTIAL2_PROTOCOL gUsbCredentialProviderDriver = {
>- USB_CREDENTIAL_PROVIDER_GUID,
>- EFI_USER_CREDENTIAL_CLASS_SECURE_CARD,
>- CredentialEnroll,
>- CredentialForm,
>- CredentialTile,
>- CredentialTitle,
>- CredentialUser,
>- CredentialSelect,
>- CredentialDeselect,
>- CredentialDefault,
>- CredentialGetInfo,
>- CredentialGetNextInfo,
>- EFI_CREDENTIAL_CAPABILITIES_ENROLL,
>- CredentialDelete
>-};
>-
>-
>-/**
>- Get string by string id from HII Interface.
>-
>-
>- @param[in] Id String ID to get the string from.
>-
>- @retval CHAR16 * String from ID.
>- @retval NULL If error occurs.
>-
>-**/
>-CHAR16 *
>-GetStringById (
>- IN EFI_STRING_ID Id
>- )
>-{
>- //
>- // Get the current string for the current Language
>- //
>- return HiiGetString (mCallbackInfo->HiiHandle, Id, NULL);
>-}
>-
>-
>-/**
>- Expand password table size.
>-
>-**/
>-VOID
>-ExpandTableSize (
>- VOID
>- )
>-{
>- CREDENTIAL_TABLE *NewTable;
>- UINTN Count;
>-
>- Count = mUsbTable->MaxCount + USB_TABLE_INC;
>- //
>- // Create new credential table.
>- //
>- NewTable = AllocateZeroPool (
>- sizeof (CREDENTIAL_TABLE) - sizeof (USB_INFO) +
>- Count * sizeof (USB_INFO)
>- );
>- ASSERT (NewTable != NULL);
>-
>- NewTable->MaxCount = Count;
>- NewTable->Count = mUsbTable->Count;
>-
>- //
>- // Copy old entries.
>- //
>- CopyMem (
>- &NewTable->UserInfo,
>- &mUsbTable->UserInfo,
>- mUsbTable->Count * sizeof (USB_INFO)
>- );
>- FreePool (mUsbTable);
>- mUsbTable = NewTable;
>-}
>-
>-
>-/**
>- Add, update or delete info in table, and sync with NV variable.
>-
>- @param[in] Index The index of the password in table. If index is found in
>- table, update the info, else add the into to table.
>- @param[in] Info The new credential info to add into table. If Info is NULL,
>- delete the info by Index.
>-
>- @retval EFI_INVALID_PARAMETER Info is NULL when save the info.
>- @retval EFI_SUCCESS Modify the table successfully.
>- @retval Others Failed to modify the table.
>-
>-**/
>-EFI_STATUS
>-ModifyTable (
>- IN UINTN Index,
>- IN USB_INFO * Info OPTIONAL
>- )
>-{
>- EFI_STATUS Status;
>- USB_INFO *NewUsbInfo;
>-
>- NewUsbInfo = NULL;
>- if (Index < mUsbTable->Count) {
>- if (Info == NULL) {
>- //
>- // Delete the specified entry.
>- //
>- mUsbTable->Count--;
>- if (Index != mUsbTable->Count) {
>- NewUsbInfo = &mUsbTable->UserInfo[mUsbTable->Count];
>- }
>- } else {
>- //
>- // Update the specified entry.
>- //
>- NewUsbInfo = Info;
>- }
>- } else {
>- //
>- // Add a new entry
>- //
>- if (Info == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if (mUsbTable->Count >= mUsbTable->MaxCount) {
>- ExpandTableSize ();
>- }
>-
>- NewUsbInfo = Info;
>- mUsbTable->Count++;
>- }
>-
>- if (NewUsbInfo != NULL) {
>- CopyMem (&mUsbTable->UserInfo[Index], NewUsbInfo, sizeof
>(USB_INFO));
>- }
>-
>- //
>- // Save the credential table.
>- //
>- Status = gRT->SetVariable (
>- L"UsbCredential",
>- &gUsbCredentialProviderGuid,
>- EFI_VARIABLE_NON_VOLATILE |
>EFI_VARIABLE_BOOTSERVICE_ACCESS,
>- mUsbTable->Count * sizeof (USB_INFO),
>- &mUsbTable->UserInfo
>- );
>- return Status;
>-}
>-
>-
>-/**
>- Create a credential table
>-
>- @retval EFI_SUCCESS Create a credential table successfully.
>- @retval Others Failed to create a password.
>-
>-**/
>-EFI_STATUS
>-InitCredentialTable (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- UINT8 *Var;
>- UINTN VarSize;
>-
>- //
>- // Get Usb credential data from NV variable.
>- //
>- VarSize = 0;
>- Var = NULL;
>- Status = gRT->GetVariable (
>- L"UsbCredential",
>- &gUsbCredentialProviderGuid,
>- NULL,
>- &VarSize,
>- Var
>- );
>- if (Status == EFI_BUFFER_TOO_SMALL) {
>- Var = AllocateZeroPool (VarSize);
>- if (Var == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>- Status = gRT->GetVariable (
>- L"UsbCredential",
>- &gUsbCredentialProviderGuid,
>- NULL,
>- &VarSize,
>- Var
>- );
>- }
>- if (EFI_ERROR (Status) && (Status != EFI_NOT_FOUND)) {
>- return Status;
>- }
>-
>- //
>- // Init Usb credential table.
>- //
>- mUsbTable = AllocateZeroPool (
>- sizeof (CREDENTIAL_TABLE) - sizeof (USB_INFO) +
>- USB_TABLE_INC * sizeof (USB_INFO) +
>- VarSize
>- );
>- if (mUsbTable == NULL) {
>- FreePool (Var);
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- mUsbTable->Count = VarSize / sizeof (USB_INFO);
>- mUsbTable->MaxCount = mUsbTable->Count + USB_TABLE_INC;
>- if (Var != NULL) {
>- CopyMem (mUsbTable->UserInfo, Var, VarSize);
>- FreePool (Var);
>- }
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Read the specified file by FileName in the Usb key and return the file size in
>BufferSize
>- and file content in Buffer.
>- Note: the caller is responsible to free the buffer memory.
>-
>- @param FileName File to read.
>- @param Buffer Returned with data read from the file.
>- @param BufferSize Size of the data buffer.
>-
>- @retval EFI_SUCCESS The command completed successfully.
>- @retval EFI_OUT_OF_RESOURCES Resource allocation failed.
>- @retval EFI_NOT_FOUND File not found.
>- @retval EFI_DEVICE_ERROR Device I/O error.
>-
>-**/
>-EFI_STATUS
>-GetFileData (
>- IN CHAR16 *FileName,
>- OUT VOID **Buffer,
>- OUT UINTN *BufferSize
>- )
>-{
>- EFI_STATUS Status;
>- UINTN Index;
>- UINTN HandleCount;
>- UINTN ScratchBufferSize;
>- EFI_HANDLE *HandleBuffer;
>- EFI_FILE *RootFs;
>- EFI_FILE *FileHandle;
>- EFI_FILE_INFO *FileInfo;
>- EFI_SIMPLE_FILE_SYSTEM_PROTOCOL *SimpleFileSystem;
>- EFI_BLOCK_IO_PROTOCOL *BlkIo;
>-
>- FileInfo = NULL;
>- FileHandle = NULL;
>-
>- Status = gBS->LocateHandleBuffer (
>- ByProtocol,
>- &gEfiSimpleFileSystemProtocolGuid,
>- NULL,
>- &HandleCount,
>- &HandleBuffer
>- );
>- if (EFI_ERROR (Status)) {
>- DEBUG ((DEBUG_ERROR, "Can not Locate SimpleFileSystemProtocol\n"));
>- goto Done;
>- }
>-
>- //
>- // Find and open the file in removable media disk.
>- //
>- for (Index = 0; Index < HandleCount; Index++) {
>- Status = gBS->HandleProtocol (
>- HandleBuffer[Index],
>- &gEfiBlockIoProtocolGuid,
>- (VOID **) &BlkIo
>- );
>- if (EFI_ERROR (Status)) {
>- continue;
>- }
>-
>- if (BlkIo->Media->RemovableMedia) {
>- Status = gBS->HandleProtocol (
>- HandleBuffer[Index],
>- &gEfiSimpleFileSystemProtocolGuid,
>- (VOID **) &SimpleFileSystem
>- );
>- if (EFI_ERROR (Status)) {
>- continue;
>- }
>-
>- Status = SimpleFileSystem->OpenVolume (
>- SimpleFileSystem,
>- &RootFs
>- );
>- if (EFI_ERROR (Status)) {
>- continue;
>- }
>-
>- Status = RootFs->Open (
>- RootFs,
>- &FileHandle,
>- FileName,
>- EFI_FILE_MODE_READ,
>- 0
>- );
>- if (!EFI_ERROR (Status)) {
>- break;
>- }
>- }
>- }
>-
>- FreePool (HandleBuffer);
>-
>- if (Index >= HandleCount) {
>- DEBUG ((DEBUG_ERROR, "Can not found the token file!\n"));
>- Status = EFI_NOT_FOUND;
>- goto Done;
>- }
>-
>- //
>- // Figure out how big the file is.
>- //
>- ScratchBufferSize = 0;
>- Status = FileHandle->GetInfo (
>- FileHandle,
>- &gEfiFileInfoGuid,
>- &ScratchBufferSize,
>- NULL
>- );
>- if (EFI_ERROR (Status) && (Status != EFI_BUFFER_TOO_SMALL)) {
>- DEBUG ((DEBUG_ERROR, "Can not obtain file size info!\n"));
>- Status = EFI_DEVICE_ERROR;
>- goto Done;
>- }
>-
>- FileInfo = AllocateZeroPool (ScratchBufferSize);
>- if (FileInfo == NULL) {
>- DEBUG ((DEBUG_ERROR, "Can not allocate enough memory for the token
>file!\n"));
>- Status = EFI_OUT_OF_RESOURCES;
>- goto Done;
>- }
>-
>- Status = FileHandle->GetInfo (
>- FileHandle,
>- &gEfiFileInfoGuid,
>- &ScratchBufferSize,
>- FileInfo
>- );
>- if (EFI_ERROR (Status)) {
>- DEBUG ((DEBUG_ERROR, "Can not obtain file info from the token file!\n"));
>- Status = EFI_DEVICE_ERROR;
>- goto Done;
>- }
>-
>- //
>- // Allocate a buffer for the file.
>- //
>- *BufferSize = (UINT32) FileInfo->FileSize;
>- *Buffer = AllocateZeroPool (*BufferSize);
>- if (*Buffer == NULL) {
>- DEBUG ((DEBUG_ERROR, "Can not allocate a buffer for the file!\n"));
>- Status = EFI_OUT_OF_RESOURCES;
>- goto Done;
>- }
>-
>- //
>- // Load file into the allocated memory.
>- //
>- Status = FileHandle->Read (FileHandle, BufferSize, *Buffer);
>- if (EFI_ERROR (Status)) {
>- FreePool (*Buffer);
>- DEBUG ((DEBUG_ERROR, "Can not read the token file!\n"));
>- Status = EFI_DEVICE_ERROR;
>- goto Done;
>- }
>-
>- //
>- // Close file.
>- //
>- Status = FileHandle->Close (FileHandle);
>- if (EFI_ERROR (Status)) {
>- FreePool (*Buffer);
>- DEBUG ((DEBUG_ERROR, "Can not close the token file !\n"));
>- Status = EFI_DEVICE_ERROR;
>- }
>-
>-Done:
>-
>- if (FileInfo != NULL) {
>- FreePool (FileInfo);
>- }
>-
>- return Status;
>-}
>-
>-
>-/**
>- Hash the data to get credential.
>-
>- @param[in] Buffer Points to the data buffer
>- @param[in] BufferSize The size of data in buffer, in bytes.
>- @param[out] Credential Points to the hashed result
>-
>- @retval TRUE Hash the data successfully.
>- @retval FALSE Failed to hash the data.
>-
>-**/
>-BOOLEAN
>-GenerateCredential (
>- IN UINT8 *Buffer,
>- IN UINTN BufferSize,
>- OUT UINT8 *Credential
>- )
>-{
>- BOOLEAN Status;
>- UINTN HashSize;
>- VOID *Hash;
>-
>- HashSize = Sha1GetContextSize ();
>- Hash = AllocatePool (HashSize);
>- ASSERT (Hash != NULL);
>-
>- Status = Sha1Init (Hash);
>- if (!Status) {
>- goto Done;
>- }
>-
>- Status = Sha1Update (Hash, Buffer, BufferSize);
>- if (!Status) {
>- goto Done;
>- }
>-
>- Status = Sha1Final (Hash, Credential);
>-
>-Done:
>- FreePool (Hash);
>- return Status;
>-}
>-
>-
>-/**
>- Read the token file, and default the Token is saved at the begining of the file.
>-
>- @param[out] Token Token read from a Token file.
>-
>- @retval EFI_SUCCESS Read a Token successfully.
>- @retval Others Fails to read a Token.
>-
>-**/
>-EFI_STATUS
>-GetToken (
>- OUT UINT8 *Token
>- )
>-{
>- EFI_STATUS Status;
>- UINT8 *Buffer;
>- UINTN BufSize;
>- CHAR16 *TokenFile;
>-
>- BufSize = 0;
>- Buffer = NULL;
>- TokenFile = PcdGetPtr (PcdFixedUsbCredentialProviderTokenFileName);
>- Status = GetFileData (TokenFile, (VOID *)&Buffer, &BufSize);
>- if (EFI_ERROR (Status)) {
>- DEBUG ((DEBUG_ERROR, "Read file %s from USB error! Status=(%r)\n",
>TokenFile, Status));
>- return Status;
>- }
>-
>- if (!GenerateCredential (Buffer, BufSize, Token)) {
>- DEBUG ((DEBUG_ERROR, "Generate credential from read data failed!\n"));
>- FreePool (Buffer);
>- return EFI_SECURITY_VIOLATION;
>- }
>-
>- FreePool (Buffer);
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Find a user infomation record by the information record type.
>-
>- This function searches all user information records of User from beginning
>- until either the information is found or there are no more user infomation
>- record. A match occurs when a Info.InfoType field matches the user
>information
>- record type.
>-
>- @param[in] User Points to the user profile record to search.
>- @param[in] InfoType The infomation type to be searched.
>- @param[out] Info Points to the user info found, the caller is responsible
>- to free.
>-
>- @retval EFI_SUCCESS Find the user information successfully.
>- @retval Others Fail to find the user information.
>-
>-**/
>-EFI_STATUS
>-FindUserInfoByType (
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN UINT8 InfoType,
>- OUT EFI_USER_INFO **Info
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *UserInfo;
>- UINTN UserInfoSize;
>- EFI_USER_INFO_HANDLE UserInfoHandle;
>- EFI_USER_MANAGER_PROTOCOL *UserManager;
>-
>- //
>- // Find user information by information type.
>- //
>- if (Info == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- Status = gBS->LocateProtocol (
>- &gEfiUserManagerProtocolGuid,
>- NULL,
>- (VOID **) &UserManager
>- );
>- if (EFI_ERROR (Status)) {
>- return EFI_NOT_FOUND;
>- }
>-
>- //
>- // Get each user information.
>- //
>-
>- UserInfoHandle = NULL;
>- UserInfo = NULL;
>- UserInfoSize = 0;
>- while (TRUE) {
>- Status = UserManager->GetNextInfo (UserManager, User,
>&UserInfoHandle);
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>- //
>- // Get information.
>- //
>- Status = UserManager->GetInfo (
>- UserManager,
>- User,
>- UserInfoHandle,
>- UserInfo,
>- &UserInfoSize
>- );
>- if (Status == EFI_BUFFER_TOO_SMALL) {
>- if (UserInfo != NULL) {
>- FreePool (UserInfo);
>- }
>- UserInfo = AllocateZeroPool (UserInfoSize);
>- if (UserInfo == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>- Status = UserManager->GetInfo (
>- UserManager,
>- User,
>- UserInfoHandle,
>- UserInfo,
>- &UserInfoSize
>- );
>- }
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>-
>- ASSERT (UserInfo != NULL);
>- if (UserInfo->InfoType == InfoType) {
>- *Info = UserInfo;
>- return EFI_SUCCESS;
>- }
>- }
>-
>- if (UserInfo != NULL) {
>- FreePool (UserInfo);
>- }
>- return Status;
>-}
>-
>-
>-/**
>- This function initialize the data mainly used in form browser.
>-
>- @retval EFI_SUCCESS Initialize form data successfully.
>- @retval Others Fail to Initialize form data.
>-
>-**/
>-EFI_STATUS
>-InitFormBrowser (
>- VOID
>- )
>-{
>- USB_PROVIDER_CALLBACK_INFO *CallbackInfo;
>-
>- //
>- // Initialize driver private data.
>- //
>- CallbackInfo = AllocateZeroPool (sizeof (USB_PROVIDER_CALLBACK_INFO));
>- if (CallbackInfo == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- CallbackInfo->DriverHandle = NULL;
>-
>- //
>- // Publish HII data.
>- //
>- CallbackInfo->HiiHandle = HiiAddPackages (
>- &gUsbCredentialProviderGuid,
>- CallbackInfo->DriverHandle,
>- UsbCredentialProviderStrings,
>- NULL
>- );
>- if (CallbackInfo->HiiHandle == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>- mCallbackInfo = CallbackInfo;
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Enroll a user on a credential provider.
>-
>- This function enrolls a user on this credential provider. If the user exists on
>- this credential provider, update the user information on this credential
>provider;
>- otherwise add the user information on credential provider.
>-
>- @param[in] This Points to this instance of
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] User The user profile to enroll.
>-
>- @retval EFI_SUCCESS User profile was successfully enrolled.
>- @retval EFI_ACCESS_DENIED Current user profile does not permit
>enrollment on the
>- user profile handle. Either the user profile cannot enroll
>- on any user profile or cannot enroll on a user profile
>- other than the current user profile.
>- @retval EFI_UNSUPPORTED This credential provider does not support
>enrollment in
>- the pre-OS.
>- @retval EFI_DEVICE_ERROR The new credential could not be created
>because of a device
>- error.
>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>profile handle.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialEnroll (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User
>- )
>-{
>- EFI_STATUS Status;
>- UINTN Index;
>- USB_INFO UsbInfo;
>- EFI_USER_INFO *UserInfo;
>- EFI_INPUT_KEY Key;
>- UINT8 *UserId;
>- CHAR16 *QuestionStr;
>- CHAR16 *PromptStr;
>-
>- if ((This == NULL) || (User == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Get User Identifier
>- //
>- UserInfo = NULL;
>- Status = FindUserInfoByType (
>- User,
>- EFI_USER_INFO_IDENTIFIER_RECORD,
>- &UserInfo
>- );
>- if (EFI_ERROR (Status)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- CopyMem (UsbInfo.UserId, (UINT8 *) (UserInfo + 1), sizeof
>(EFI_USER_INFO_IDENTIFIER));
>- FreePool (UserInfo);
>-
>- //
>- // Get Token and User ID to UsbInfo.
>- //
>- Status = GetToken (UsbInfo.Token);
>- if (EFI_ERROR (Status)) {
>- QuestionStr = GetStringById (STRING_TOKEN
>(STR_READ_USB_TOKEN_ERROR));
>- PromptStr = GetStringById (STRING_TOKEN (STR_INSERT_USB_TOKEN));
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- QuestionStr,
>- L"",
>- PromptStr,
>- NULL
>- );
>- FreePool (QuestionStr);
>- FreePool (PromptStr);
>- return Status;
>- }
>-
>- //
>- // Check whether User is ever enrolled in the provider.
>- //
>- for (Index = 0; Index < mUsbTable->Count; Index++) {
>- UserId = (UINT8 *) &mUsbTable->UserInfo[Index].UserId;
>- if (CompareMem (UserId, (UINT8 *) &UsbInfo.UserId, sizeof
>(EFI_USER_INFO_IDENTIFIER)) == 0) {
>- //
>- // User already exists, update the password.
>- //
>- break;
>- }
>- }
>-
>- //
>- // Enroll the User to the provider.
>- //
>- Status = ModifyTable (Index, &UsbInfo);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Returns the user interface information used during user identification.
>-
>- This function returns information about the form used when interacting
>with the
>- user during user identification. The form is the first enabled form in the
>form-set
>- class EFI_HII_USER_CREDENTIAL_FORMSET_GUID installed on the HII
>handle HiiHandle. If
>- the user credential provider does not require a form to identify the user,
>then this
>- function should return EFI_NOT_FOUND.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] Hii On return, holds the HII database handle.
>- @param[out] FormSetId On return, holds the identifier of the form set
>which contains
>- the form used during user identification.
>- @param[out] FormId On return, holds the identifier of the form used
>during user
>- identification.
>-
>- @retval EFI_SUCCESS Form returned successfully.
>- @retval EFI_NOT_FOUND Form not returned.
>- @retval EFI_INVALID_PARAMETER Hii is NULL or FormSetId is NULL or
>FormId is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialForm (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_HII_HANDLE *Hii,
>- OUT EFI_GUID *FormSetId,
>- OUT EFI_FORM_ID *FormId
>- )
>-{
>- if ((This == NULL) || (Hii == NULL) ||
>- (FormSetId == NULL) || (FormId == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>- return EFI_NOT_FOUND;
>-}
>-
>-
>-/**
>- Returns bitmap used to describe the credential provider type.
>-
>- This optional function returns a bitmap which is less than or equal to the
>number
>- of pixels specified by Width and Height. If no such bitmap exists, then
>EFI_NOT_FOUND
>- is returned.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in, out] Width On entry, points to the desired bitmap width. If
>NULL then no
>- bitmap information will be returned. On exit, points to the
>- width of the bitmap returned.
>- @param[in, out] Height On entry, points to the desired bitmap height. If
>NULL then no
>- bitmap information will be returned. On exit, points to the
>- height of the bitmap returned.
>- @param[out] Hii On return, holds the HII database handle.
>- @param[out] Image On return, holds the HII image identifier.
>-
>- @retval EFI_SUCCESS Image identifier returned successfully.
>- @retval EFI_NOT_FOUND Image identifier not returned.
>- @retval EFI_INVALID_PARAMETER Hii is NULL or Image is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialTile (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN OUT UINTN *Width,
>- IN OUT UINTN *Height,
>- OUT EFI_HII_HANDLE *Hii,
>- OUT EFI_IMAGE_ID *Image
>- )
>-{
>- if ((This == NULL) || (Hii == NULL) || (Image == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>- return EFI_NOT_FOUND;
>-}
>-
>-
>-/**
>- Returns string used to describe the credential provider type.
>-
>- This function returns a string which describes the credential provider. If no
>- such string exists, then EFI_NOT_FOUND is returned.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] Hii On return, holds the HII database handle.
>- @param[out] String On return, holds the HII string identifier.
>-
>- @retval EFI_SUCCESS String identifier returned successfully.
>- @retval EFI_NOT_FOUND String identifier not returned.
>- @retval EFI_INVALID_PARAMETER Hii is NULL or String is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialTitle (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_HII_HANDLE *Hii,
>- OUT EFI_STRING_ID *String
>- )
>-{
>- if ((This == NULL) || (Hii == NULL) || (String == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>- //
>- // Set Hii handle and String ID.
>- //
>- *Hii = mCallbackInfo->HiiHandle;
>- *String = STRING_TOKEN (STR_CREDENTIAL_TITLE);
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Return the user identifier associated with the currently authenticated user.
>-
>- This function returns the user identifier of the user authenticated by this
>credential
>- provider. This function is called after the credential-related information has
>been
>- submitted on a form OR after a call to Default() has returned that this
>credential is
>- ready to log on.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] User The user profile handle of the user profile currently
>being
>- considered by the user identity manager. If NULL, then no user
>- profile is currently under consideration.
>- @param[out] Identifier On return, points to the user identifier.
>-
>- @retval EFI_SUCCESS User identifier returned successfully.
>- @retval EFI_NOT_READY No user identifier can be returned.
>- @retval EFI_ACCESS_DENIED The user has been locked out of this user
>credential.
>- @retval EFI_INVALID_PARAMETER This is NULL, or Identifier is NULL.
>- @retval EFI_NOT_FOUND User is not NULL, and the specified user
>handle can't be
>- found in user profile database.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialUser (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User,
>- OUT EFI_USER_INFO_IDENTIFIER *Identifier
>- )
>-{
>- EFI_STATUS Status;
>- UINTN Index;
>- EFI_USER_INFO *UserInfo;
>- UINT8 *UserId;
>- UINT8 *NewUserId;
>- UINT8 *UserToken;
>- UINT8 ReadToken[HASHED_CREDENTIAL_LEN];
>- EFI_INPUT_KEY Key;
>- CHAR16 *QuestionStr;
>- CHAR16 *PromptStr;
>-
>- if ((This == NULL) || (Identifier == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if (User == NULL) {
>- //
>- // Verify the auto logon user, get user id by matched token.
>- //
>- if (mUsbTable->Count == 0) {
>- return EFI_NOT_READY;
>- }
>-
>- //
>- // No user selected, get token first and verify the user existed in user
>database.
>- //
>- Status = GetToken (ReadToken);
>- if (EFI_ERROR (Status)) {
>- return EFI_NOT_READY;
>- }
>-
>- for (Index = 0; Index < mUsbTable->Count; Index++) {
>- //
>- // find the specified credential in the Usb credential database.
>- //
>- UserToken = mUsbTable->UserInfo[Index].Token;
>- if (CompareMem (UserToken, ReadToken, HASHED_CREDENTIAL_LEN) ==
>0) {
>- UserId = (UINT8 *) &mUsbTable->UserInfo[Index].UserId;
>- CopyMem (Identifier, UserId, sizeof (EFI_USER_INFO_IDENTIFIER));
>- return EFI_SUCCESS;
>- }
>- }
>-
>- return EFI_NOT_READY;
>- }
>-
>- //
>- // User is not NULL here. Read a token, and check whether the token
>matches with
>- // the selected user's Token. If not, try to find a token in token DB to
>matches
>- // with read token.
>- //
>-
>- Status = GetToken (ReadToken);
>- if (EFI_ERROR (Status)) {
>- QuestionStr = GetStringById (STRING_TOKEN
>(STR_READ_USB_TOKEN_ERROR));
>- PromptStr = GetStringById (STRING_TOKEN (STR_INSERT_USB_TOKEN));
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- QuestionStr,
>- L"",
>- PromptStr,
>- NULL
>- );
>- FreePool (QuestionStr);
>- FreePool (PromptStr);
>- return EFI_NOT_FOUND;
>- }
>-
>- //
>- // Get the selected user's identifier.
>- //
>- Status = FindUserInfoByType (User, EFI_USER_INFO_IDENTIFIER_RECORD,
>&UserInfo);
>- if (EFI_ERROR (Status)) {
>- return EFI_NOT_FOUND;
>- }
>-
>- //
>- // Check the selected user's Token with the read token.
>- //
>- for (Index = 0; Index < mUsbTable->Count; Index++) {
>- UserId = (UINT8 *) &mUsbTable->UserInfo[Index].UserId;
>- NewUserId = (UINT8 *) (UserInfo + 1);
>- if (CompareMem (UserId, NewUserId, sizeof (EFI_USER_INFO_IDENTIFIER))
>== 0) {
>- //
>- // The user's ID is found in the UsbTable.
>- //
>- UserToken = mUsbTable->UserInfo[Index].Token;
>- if (CompareMem (UserToken, ReadToken, HASHED_CREDENTIAL_LEN) ==
>0) {
>- //
>- // The read token matches with the one in UsbTable.
>- //
>- CopyMem (Identifier, UserId, sizeof (EFI_USER_INFO_IDENTIFIER));
>- FreePool (UserInfo);
>- return EFI_SUCCESS;
>- }
>- }
>- }
>-
>- FreePool (UserInfo);
>-
>- return EFI_NOT_READY;
>-}
>-
>-
>-/**
>- Indicate that user interface interaction has begun for the specified
>credential.
>-
>- This function is called when a credential provider is selected by the user. If
>- AutoLogon returns FALSE, then the user interface will be constructed by the
>User
>- Identity Manager.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] AutoLogon On return, points to the credential provider's
>capabilities
>- after the credential provider has been selected by the user.
>-
>- @retval EFI_SUCCESS Credential provider successfully selected.
>- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialSelect (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
>- )
>-{
>- if ((This == NULL) || (AutoLogon == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- *AutoLogon = EFI_CREDENTIAL_LOGON_FLAG_DEFAULT |
>EFI_CREDENTIAL_LOGON_FLAG_AUTO;
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Indicate that user interface interaction has ended for the specified
>credential.
>-
>- This function is called when a credential provider is deselected by the user.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>-
>- @retval EFI_SUCCESS Credential provider successfully deselected.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialDeselect (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This
>- )
>-{
>- if (This == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Return the default logon behavior for this user credential.
>-
>- This function reports the default login behavior regarding this credential
>provider.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] AutoLogon On return, holds whether the credential provider
>should be used
>- by default to automatically log on the user.
>-
>- @retval EFI_SUCCESS Default information successfully returned.
>- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialDefault (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
>- )
>-{
>- if ((This == NULL) || (AutoLogon == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- *AutoLogon = EFI_CREDENTIAL_LOGON_FLAG_DEFAULT |
>EFI_CREDENTIAL_LOGON_FLAG_AUTO;
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Return information attached to the credential provider.
>-
>- This function returns user information.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] UserInfo Handle of the user information data record.
>- @param[out] Info On entry, points to a buffer of at least *InfoSize
>bytes. On
>- exit, holds the user information. If the buffer is too small
>- to hold the information, then EFI_BUFFER_TOO_SMALL is
>returned
>- and InfoSize is updated to contain the number of bytes
>actually
>- required.
>- @param[in, out] InfoSize On entry, points to the size of Info. On return,
>points to the
>- size of the user information.
>-
>- @retval EFI_SUCCESS Information returned successfully.
>- @retval EFI_BUFFER_TOO_SMALL The size specified by InfoSize is too small
>to hold all of the
>- user information. The size required is returned in *InfoSize.
>- @retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
>- @retval EFI_NOT_FOUND The specified UserInfo does not refer to a
>valid user info handle.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialGetInfo (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_INFO_HANDLE UserInfo,
>- OUT EFI_USER_INFO *Info,
>- IN OUT UINTN *InfoSize
>- )
>-{
>- EFI_USER_INFO *CredentialInfo;
>- UINTN Index;
>-
>- if ((This == NULL) || (InfoSize == NULL) || (Info == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if ((UserInfo == NULL) || (mUsbInfoHandle == NULL)) {
>- return EFI_NOT_FOUND;
>- }
>-
>- //
>- // Find information handle in credential info table.
>- //
>- for (Index = 0; Index < mUsbInfoHandle->Count; Index++) {
>- CredentialInfo = mUsbInfoHandle->Info[Index];
>- if (UserInfo == (EFI_USER_INFO_HANDLE)CredentialInfo) {
>- //
>- // The handle is found, copy the user info.
>- //
>- if (CredentialInfo->InfoSize > *InfoSize) {
>- *InfoSize = CredentialInfo->InfoSize;
>- return EFI_BUFFER_TOO_SMALL;
>- }
>-
>- CopyMem (Info, CredentialInfo, CredentialInfo->InfoSize);
>- return EFI_SUCCESS;
>- }
>- }
>-
>- return EFI_NOT_FOUND;
>-}
>-
>-
>-/**
>- Enumerate all of the user informations on the credential provider.
>-
>- This function returns the next user information record. To retrieve the first
>user
>- information record handle, point UserInfo at a NULL. Each subsequent call
>will retrieve
>- another user information record handle until there are no more, at which
>point UserInfo
>- will point to NULL.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in, out] UserInfo On entry, points to the previous user information
>handle or NULL
>- to start enumeration. On exit, points to the next user
>information
>- handle or NULL if there is no more user information.
>-
>- @retval EFI_SUCCESS User information returned.
>- @retval EFI_NOT_FOUND No more user information found.
>- @retval EFI_INVALID_PARAMETER UserInfo is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialGetNextInfo (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN OUT EFI_USER_INFO_HANDLE *UserInfo
>- )
>-{
>- EFI_USER_INFO *Info;
>- CHAR16 *ProvNameStr;
>- UINTN InfoLen;
>- UINTN Index;
>- UINTN ProvStrLen;
>-
>- if ((This == NULL) || (UserInfo == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if (mUsbInfoHandle == NULL) {
>- //
>- // Initilized user info table. There are 4 user info records in the table.
>- //
>- InfoLen = sizeof (USB_CREDENTIAL_INFO) + (4 - 1) * sizeof
>(EFI_USER_INFO *);
>- mUsbInfoHandle = AllocateZeroPool (InfoLen);
>- if (mUsbInfoHandle == NULL) {
>- *UserInfo = NULL;
>- return EFI_NOT_FOUND;
>- }
>-
>- //
>- // The first information, Credential Provider info.
>- //
>- InfoLen = sizeof (EFI_USER_INFO) + sizeof (EFI_GUID);
>- Info = AllocateZeroPool (InfoLen);
>- ASSERT (Info != NULL);
>-
>- Info->InfoType = EFI_USER_INFO_CREDENTIAL_PROVIDER_RECORD;
>- Info->InfoSize = (UINT32) InfoLen;
>- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
>- CopyGuid (&Info->Credential, &gUsbCredentialProviderGuid);
>- CopyGuid ((EFI_GUID *)(Info + 1), &gUsbCredentialProviderGuid);
>-
>- mUsbInfoHandle->Info[0] = Info;
>- mUsbInfoHandle->Count++;
>-
>- //
>- // The second information, Credential Provider name info.
>- //
>- ProvNameStr = GetStringById (STRING_TOKEN (STR_PROVIDER_NAME));
>- ProvStrLen = StrSize (ProvNameStr);
>- InfoLen = sizeof (EFI_USER_INFO) + ProvStrLen;
>- Info = AllocateZeroPool (InfoLen);
>- ASSERT (Info != NULL);
>-
>- Info->InfoType =
>EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD;
>- Info->InfoSize = (UINT32) InfoLen;
>- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
>- CopyGuid (&Info->Credential, &gUsbCredentialProviderGuid);
>- CopyMem ((UINT8*)(Info + 1), ProvNameStr, ProvStrLen);
>- FreePool (ProvNameStr);
>-
>- mUsbInfoHandle->Info[1] = Info;
>- mUsbInfoHandle->Count++;
>-
>- //
>- // The third information, Credential Provider type info.
>- //
>- InfoLen = sizeof (EFI_USER_INFO) + sizeof (EFI_GUID);
>- Info = AllocateZeroPool (InfoLen);
>- ASSERT (Info != NULL);
>-
>- Info->InfoType = EFI_USER_INFO_CREDENTIAL_TYPE_RECORD;
>- Info->InfoSize = (UINT32) InfoLen;
>- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
>- CopyGuid (&Info->Credential, &gUsbCredentialProviderGuid);
>- CopyGuid ((EFI_GUID *)(Info + 1),
>&gEfiUserCredentialClassSecureCardGuid);
>-
>- mUsbInfoHandle->Info[2] = Info;
>- mUsbInfoHandle->Count++;
>-
>- //
>- // The fourth information, Credential Provider type name info.
>- //
>- ProvNameStr = GetStringById (STRING_TOKEN
>(STR_PROVIDER_TYPE_NAME));
>- ProvStrLen = StrSize (ProvNameStr);
>- InfoLen = sizeof (EFI_USER_INFO) + ProvStrLen;
>- Info = AllocateZeroPool (InfoLen);
>- ASSERT (Info != NULL);
>-
>- Info->InfoType =
>EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD;
>- Info->InfoSize = (UINT32) InfoLen;
>- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
>- CopyGuid (&Info->Credential, &gUsbCredentialProviderGuid);
>- CopyMem ((UINT8*)(Info + 1), ProvNameStr, ProvStrLen);
>- FreePool (ProvNameStr);
>-
>- mUsbInfoHandle->Info[3] = Info;
>- mUsbInfoHandle->Count++;
>- }
>-
>- if (*UserInfo == NULL) {
>- //
>- // Return the first info handle.
>- //
>- *UserInfo = (EFI_USER_INFO_HANDLE) mUsbInfoHandle->Info[0];
>- return EFI_SUCCESS;
>- }
>-
>- //
>- // Find information handle in credential info table.
>- //
>- for (Index = 0; Index < mUsbInfoHandle->Count; Index++) {
>- Info = mUsbInfoHandle->Info[Index];
>- if (*UserInfo == (EFI_USER_INFO_HANDLE)Info) {
>- //
>- // The handle is found, get the next one.
>- //
>- if (Index == mUsbInfoHandle->Count - 1) {
>- //
>- // Already last one.
>- //
>- *UserInfo = NULL;
>- return EFI_NOT_FOUND;
>- }
>- Index++;
>- *UserInfo = (EFI_USER_INFO_HANDLE)mUsbInfoHandle->Info[Index];
>- return EFI_SUCCESS;
>- }
>- }
>-
>- *UserInfo = NULL;
>- return EFI_NOT_FOUND;
>-}
>-
>-
>-/**
>- Delete a user on this credential provider.
>-
>- This function deletes a user on this credential provider.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] User The user profile handle to delete.
>-
>- @retval EFI_SUCCESS User profile was successfully deleted.
>- @retval EFI_ACCESS_DENIED Current user profile does not permit
>deletion on the user profile handle.
>- Either the user profile cannot delete on any user profile or
>cannot delete
>- on a user profile other than the current user profile.
>- @retval EFI_UNSUPPORTED This credential provider does not support
>deletion in the pre-OS.
>- @retval EFI_DEVICE_ERROR The new credential could not be deleted
>because of a device error.
>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>profile handle.
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialDelete (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *UserInfo;
>- UINT8 *UserId;
>- UINT8 *NewUserId;
>- UINTN Index;
>-
>- if ((This == NULL) || (User == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Get User Identifier.
>- //
>- UserInfo = NULL;
>- Status = FindUserInfoByType (
>- User,
>- EFI_USER_INFO_IDENTIFIER_RECORD,
>- &UserInfo
>- );
>- if (EFI_ERROR (Status)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Find the user by user identifier in mPwdTable.
>- //
>- for (Index = 0; Index < mUsbTable->Count; Index++) {
>- UserId = (UINT8 *) &mUsbTable->UserInfo[Index].UserId;
>- NewUserId = (UINT8 *) (UserInfo + 1);
>- if (CompareMem (UserId, NewUserId, sizeof (EFI_USER_INFO_IDENTIFIER))
>== 0) {
>- //
>- // Found the user, delete it.
>- //
>- ModifyTable (Index, NULL);
>- break;
>- }
>- }
>-
>- FreePool (UserInfo);
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Main entry for this driver.
>-
>- @param ImageHandle Image handle this driver.
>- @param SystemTable Pointer to SystemTable.
>-
>- @retval EFI_SUCESS This function always complete successfully.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UsbProviderInit (
>- IN EFI_HANDLE ImageHandle,
>- IN EFI_SYSTEM_TABLE *SystemTable
>- )
>-{
>- EFI_STATUS Status;
>-
>- //
>- // It is NOT robust enough to be included in production.
>- //
>- #error "This implementation is just a sample, please comment this line if you
>really want to use this driver."
>-
>- //
>- // Init credential table.
>- //
>- Status = InitCredentialTable ();
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Init Form Browser
>- //
>- Status = InitFormBrowser ();
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Install protocol interfaces for the Usb Credential Provider.
>- //
>- Status = gBS->InstallProtocolInterface (
>- &mCallbackInfo->DriverHandle,
>- &gEfiUserCredential2ProtocolGuid,
>- EFI_NATIVE_INTERFACE,
>- &gUsbCredentialProviderDriver
>- );
>- return Status;
>-}
>diff --git
>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>ovider.h
>b/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>ovider.h
>deleted file mode 100644
>index 63f6576045..0000000000
>---
>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>ovider.h
>+++ /dev/null
>@@ -1,361 +0,0 @@
>-/** @file
>- Usb Credential Provider driver header file.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#ifndef _USB_CREDENTIAL_PROVIDER_H_
>-#define _USB_CREDENTIAL_PROVIDER_H_
>-
>-#include <Uefi.h>
>-
>-#include <Guid/GlobalVariable.h>
>-#include <Guid/FileInfo.h>
>-#include <Guid/SecurityPkgTokenSpace.h>
>-#include <Guid/UsbCredentialProviderHii.h>
>-
>-#include <Protocol/SimpleFileSystem.h>
>-#include <Protocol/BlockIo.h>
>-#include <Protocol/UserCredential2.h>
>-#include <Protocol/UserManager.h>
>-
>-#include <Library/UefiRuntimeServicesTableLib.h>
>-#include <Library/UefiBootServicesTableLib.h>
>-#include <Library/MemoryAllocationLib.h>
>-#include <Library/BaseMemoryLib.h>
>-#include <Library/DevicePathLib.h>
>-#include <Library/BaseCryptLib.h>
>-#include <Library/DebugLib.h>
>-#include <Library/UefiLib.h>
>-#include <Library/PrintLib.h>
>-#include <Library/HiiLib.h>
>-#include <Library/PcdLib.h>
>-
>-extern UINT8 UsbCredentialProviderStrings[];
>-
>-#define USB_TABLE_INC 16
>-#define HASHED_CREDENTIAL_LEN 20
>-
>-//
>-// Save the enroll user credential Information.
>-//
>-typedef struct {
>- EFI_USER_INFO_IDENTIFIER UserId;
>- UINT8 Token[HASHED_CREDENTIAL_LEN];
>-} USB_INFO;
>-
>-//
>-// USB Credential Table.
>-//
>-typedef struct {
>- UINTN Count;
>- UINTN MaxCount;
>- USB_INFO UserInfo[1];
>-} CREDENTIAL_TABLE;
>-
>-//
>-// The user information on the USB provider.
>-//
>-typedef struct {
>- UINTN Count;
>- EFI_USER_INFO *Info[1];
>-} USB_CREDENTIAL_INFO;
>-
>-#define USB_PROVIDER_SIGNATURE SIGNATURE_32 ('U', 'S', 'B', 'P')
>-
>-typedef struct {
>- UINTN Signature;
>- EFI_HANDLE DriverHandle;
>- EFI_HII_HANDLE HiiHandle;
>-} USB_PROVIDER_CALLBACK_INFO;
>-
>-/**
>- Enroll a user on a credential provider.
>-
>- This function enrolls and deletes a user profile using this credential provider.
>- If a user profile is successfully enrolled, it calls the User Manager Protocol
>- function Notify() to notify the user manager driver that credential
>information
>- has changed. If an enrolled user does exist, delete the user on the
>credential
>- provider.
>-
>- @param[in] This Points to this instance of
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] User The user profile to enroll.
>-
>- @retval EFI_SUCCESS User profile was successfully enrolled.
>- @retval EFI_ACCESS_DENIED Current user profile does not permit
>enrollment on the
>- user profile handle. Either the user profile cannot enroll
>- on any user profile or cannot enroll on a user profile
>- other than the current user profile.
>- @retval EFI_UNSUPPORTED This credential provider does not support
>enrollment in
>- the pre-OS.
>- @retval EFI_DEVICE_ERROR The new credential could not be created
>because of a device
>- error.
>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>profile handle.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialEnroll (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User
>- );
>-
>-/**
>- Returns the user interface information used during user identification.
>-
>- This function enrolls a user on this credential provider. If the user exists on
>- this credential provider, update the user information on this credential
>provider;
>- otherwise delete the user information on credential provider.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] Hii On return, holds the HII database handle.
>- @param[out] FormSetId On return, holds the identifier of the form set
>which contains
>- the form used during user identification.
>- @param[out] FormId On return, holds the identifier of the form used
>during user
>- identification.
>-
>- @retval EFI_SUCCESS Form returned successfully.
>- @retval EFI_NOT_FOUND Form not returned.
>- @retval EFI_INVALID_PARAMETER Hii is NULL or FormSetId is NULL or
>FormId is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialForm (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_HII_HANDLE *Hii,
>- OUT EFI_GUID *FormSetId,
>- OUT EFI_FORM_ID *FormId
>- );
>-
>-/**
>- Returns bitmap used to describe the credential provider type.
>-
>- This optional function returns a bitmap which is less than or equal to the
>number
>- of pixels specified by Width and Height. If no such bitmap exists, then
>EFI_NOT_FOUND
>- is returned.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in, out] Width On entry, points to the desired bitmap width. If
>NULL then no
>- bitmap information will be returned. On exit, points to the
>- width of the bitmap returned.
>- @param[in, out] Height On entry, points to the desired bitmap height. If
>NULL then no
>- bitmap information will be returned. On exit, points to the
>- height of the bitmap returned.
>- @param[out] Hii On return, holds the HII database handle.
>- @param[out] Image On return, holds the HII image identifier.
>-
>- @retval EFI_SUCCESS Image identifier returned successfully.
>- @retval EFI_NOT_FOUND Image identifier not returned.
>- @retval EFI_INVALID_PARAMETER Hii is NULL or Image is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialTile (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN OUT UINTN *Width,
>- IN OUT UINTN *Height,
>- OUT EFI_HII_HANDLE *Hii,
>- OUT EFI_IMAGE_ID *Image
>- );
>-
>-/**
>- Returns string used to describe the credential provider type.
>-
>- This function returns a string which describes the credential provider. If no
>- such string exists, then EFI_NOT_FOUND is returned.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] Hii On return, holds the HII database handle.
>- @param[out] String On return, holds the HII string identifier.
>-
>- @retval EFI_SUCCESS String identifier returned successfully.
>- @retval EFI_NOT_FOUND String identifier not returned.
>- @retval EFI_INVALID_PARAMETER Hii is NULL or String is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialTitle (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_HII_HANDLE *Hii,
>- OUT EFI_STRING_ID *String
>- );
>-
>-/**
>- Return the user identifier associated with the currently authenticated user.
>-
>- This function returns the user identifier of the user authenticated by this
>credential
>- provider. This function is called after the credential-related information has
>been
>- submitted on a form OR after a call to Default() has returned that this
>credential is
>- ready to log on.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] User The user profile handle of the user profile currently
>being
>- considered by the user identity manager. If NULL, then no user
>- profile is currently under consideration.
>- @param[out] Identifier On return, points to the user identifier.
>-
>- @retval EFI_SUCCESS User identifier returned successfully.
>- @retval EFI_NOT_READY No user identifier can be returned.
>- @retval EFI_ACCESS_DENIED The user has been locked out of this user
>credential.
>- @retval EFI_INVALID_PARAMETER This is NULL, or Identifier is NULL.
>- @retval EFI_NOT_FOUND User is not NULL, and the specified user
>handle can't be
>- found in user profile database.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialUser (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User,
>- OUT EFI_USER_INFO_IDENTIFIER *Identifier
>- );
>-
>-/**
>- Indicate that user interface interaction has begun for the specified
>credential.
>-
>- This function is called when a credential provider is selected by the user. If
>- AutoLogon returns FALSE, then the user interface will be constructed by the
>User
>- Identity Manager.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] AutoLogon On return, points to the credential provider's
>capabilities
>- after the credential provider has been selected by the user.
>-
>- @retval EFI_SUCCESS Credential provider successfully selected.
>- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialSelect (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
>- );
>-
>-/**
>- Indicate that user interface interaction has ended for the specified
>credential.
>-
>- This function is called when a credential provider is deselected by the user.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>-
>- @retval EFI_SUCCESS Credential provider successfully deselected.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialDeselect (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This
>- );
>-
>-/**
>- Return the default logon behavior for this user credential.
>-
>- This function reports the default login behavior regarding this credential
>provider.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] AutoLogon On return, holds whether the credential provider
>should be used
>- by default to automatically log on the user.
>-
>- @retval EFI_SUCCESS Default information successfully returned.
>- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialDefault (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
>- );
>-
>-/**
>- Return information attached to the credential provider.
>-
>- This function returns user information.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] UserInfo Handle of the user information data record.
>- @param[out] Info On entry, points to a buffer of at least *InfoSize
>bytes. On
>- exit, holds the user information. If the buffer is too small
>- to hold the information, then EFI_BUFFER_TOO_SMALL is
>returned
>- and InfoSize is updated to contain the number of bytes
>actually
>- required.
>- @param[in, out] InfoSize On entry, points to the size of Info. On return,
>points to the
>- size of the user information.
>-
>- @retval EFI_SUCCESS Information returned successfully.
>- @retval EFI_BUFFER_TOO_SMALL The size specified by InfoSize is too small
>to hold all of the
>- user information. The size required is returned in *InfoSize.
>- @retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
>- @retval EFI_NOT_FOUND The specified UserInfo does not refer to a
>valid user info handle.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialGetInfo (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_INFO_HANDLE UserInfo,
>- OUT EFI_USER_INFO *Info,
>- IN OUT UINTN *InfoSize
>- );
>-
>-/**
>- Enumerate all of the user informations on the credential provider.
>-
>- This function returns the next user information record. To retrieve the first
>user
>- information record handle, point UserInfo at a NULL. Each subsequent call
>will retrieve
>- another user information record handle until there are no more, at which
>point UserInfo
>- will point to NULL.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in, out] UserInfo On entry, points to the previous user information
>handle or NULL
>- to start enumeration. On exit, points to the next user
>information
>- handle or NULL if there is no more user information.
>-
>- @retval EFI_SUCCESS User information returned.
>- @retval EFI_NOT_FOUND No more user information found.
>- @retval EFI_INVALID_PARAMETER UserInfo is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialGetNextInfo (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN OUT EFI_USER_INFO_HANDLE *UserInfo
>- );
>-
>-/**
>- Delete a user on this credential provider.
>-
>- This function deletes a user on this credential provider.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] User The user profile handle to delete.
>-
>- @retval EFI_SUCCESS User profile was successfully deleted.
>- @retval EFI_ACCESS_DENIED Current user profile does not permit
>deletion on the user profile handle.
>- Either the user profile cannot delete on any user profile or
>cannot delete
>- on a user profile other than the current user profile.
>- @retval EFI_UNSUPPORTED This credential provider does not support
>deletion in the pre-OS.
>- @retval EFI_DEVICE_ERROR The new credential could not be deleted
>because of a device error.
>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>profile handle.
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialDelete (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User
>- );
>-
>-#endif
>diff --git
>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>ovider.uni
>b/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>ovider.uni
>deleted file mode 100644
>index 961e09f360..0000000000
>---
>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>ovider.uni
>+++ /dev/null
>@@ -1,23 +0,0 @@
>-// /** @file
>-// Provides a USB credential provider implementation
>-//
>-// This module reads a token from a token file that is saved in the root
>-// folder of a USB stick. The token file name can be specified by the PCD
>-// PcdFixedUsbCredentialProviderTokenFileName.
>-//
>-// Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
>-//
>-// This program and the accompanying materials
>-// are licensed and made available under the terms and conditions of the BSD
>License
>-// which accompanies this distribution. The full text of the license may be
>found at
>-// http://opensource.org/licenses/bsd-license.php
>-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-//
>-// **/
>-
>-
>-#string STR_MODULE_ABSTRACT #language en-US "Provides a USB
>credential provider implementation"
>-
>-#string STR_MODULE_DESCRIPTION #language en-US "This module
>reads a token from a token file that is saved in the root folder of a USB stick.
>The token file name can be specified by the PCD
>PcdFixedUsbCredentialProviderTokenFileName."
>-
>diff --git
>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>oviderDxe.inf
>b/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>oviderDxe.inf
>deleted file mode 100644
>index 1e8e42332f..0000000000
>---
>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>oviderDxe.inf
>+++ /dev/null
>@@ -1,70 +0,0 @@
>-## @file
>-# Provides a USB credential provider implementation
>-#
>-# This module reads a token from a token file that is saved in the root
>-# folder of a USB stick. The token file name can be specified by the PCD
>-# PcdFixedUsbCredentialProviderTokenFileName.
>-#
>-# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-# This program and the accompanying materials
>-# are licensed and made available under the terms and conditions of the BSD
>License
>-# which accompanies this distribution. The full text of the license may be
>found at
>-# http://opensource.org/licenses/bsd-license.php
>-# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>-# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-#
>-##
>-
>-[Defines]
>- INF_VERSION = 0x00010005
>- BASE_NAME = UsbCredentialProvider
>- MODULE_UNI_FILE = UsbCredentialProvider.uni
>- FILE_GUID = 672A0C68-2BF0-46f9-93C3-C4E7DC0FA555
>- MODULE_TYPE = UEFI_DRIVER
>- VERSION_STRING = 1.0
>- ENTRY_POINT = UsbProviderInit
>-
>-[Sources]
>- UsbCredentialProvider.c
>- UsbCredentialProvider.h
>- UsbCredentialProviderStrings.uni
>-
>-[Packages]
>- MdePkg/MdePkg.dec
>- MdeModulePkg/MdeModulePkg.dec
>- CryptoPkg/CryptoPkg.dec
>- SecurityPkg/SecurityPkg.dec
>-
>-[LibraryClasses]
>- UefiRuntimeServicesTableLib
>- UefiBootServicesTableLib
>- UefiDriverEntryPoint
>- MemoryAllocationLib
>- BaseMemoryLib
>- DebugLib
>- HiiLib
>- UefiLib
>- BaseCryptLib
>-
>-[Guids]
>- ## PRODUCES ## Variable:L"UsbCredential"
>- ## CONSUMES ## Variable:L"UsbCredential"
>- ## CONSUMES ## HII
>- ## SOMETIMES_CONSUMES ## GUID # The credential provider
>identifier
>- gUsbCredentialProviderGuid
>-
>- gEfiFileInfoGuid ## SOMETIMES_CONSUMES ## GUID
>- gEfiUserCredentialClassSecureCardGuid ## SOMETIMES_CONSUMES
>## GUID
>-
>-[Pcd]
>-
>gEfiSecurityPkgTokenSpaceGuid.PcdFixedUsbCredentialProviderTokenFileNa
>me ## SOMETIMES_CONSUMES
>-
>-[Protocols]
>- gEfiUserCredential2ProtocolGuid ## PRODUCES
>- gEfiUserManagerProtocolGuid ## SOMETIMES_CONSUMES
>- gEfiBlockIoProtocolGuid ## SOMETIMES_CONSUMES
>- gEfiSimpleFileSystemProtocolGuid ## SOMETIMES_CONSUMES
>-
>-[UserExtensions.TianoCore."ExtraFiles"]
>- UsbCredentialProviderExtra.uni
>-
>diff --git
>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>oviderExtra.uni
>b/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>oviderExtra.uni
>deleted file mode 100644
>index a20917d5f7..0000000000
>---
>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>oviderExtra.uni
>+++ /dev/null
>@@ -1,19 +0,0 @@
>-// /** @file
>-// UsbCredentialProvider Localized Strings and Content
>-//
>-// Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
>-//
>-// This program and the accompanying materials
>-// are licensed and made available under the terms and conditions of the BSD
>License
>-// which accompanies this distribution. The full text of the license may be
>found at
>-// http://opensource.org/licenses/bsd-license.php
>-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-//
>-// **/
>-
>-#string STR_PROPERTIES_MODULE_NAME
>-#language en-US
>-"USB Credential Provider"
>-
>-
>diff --git
>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>oviderStrings.uni
>b/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>oviderStrings.uni
>deleted file mode 100644
>index f306d50a4e..0000000000
>---
>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>oviderStrings.uni
>+++ /dev/null
>@@ -1,29 +0,0 @@
>-/** @file
>- String definitions for the USB Credential Provider.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php.
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#langdef en-US "English"
>-#langdef fr-FR "Francais"
>-
>-#string STR_CREDENTIAL_TITLE #language en-US "USB Credential
>Provider"
>- #language fr-FR "USB Credential Provider (French)"
>-#string STR_NULL_STRING #language en-US ""
>- #language fr-FR ""
>-#string STR_PROVIDER_NAME #language en-US "INTEL USB
>Credential Provider"
>- #language fr-FR "INTEL USB Credential Provider
>(French)"
>-#string STR_PROVIDER_TYPE_NAME #language en-US "Secure Card
>Credential Provider"
>- #language fr-FR "Secure Card Credential Provider
>(French)"
>-#string STR_READ_USB_TOKEN_ERROR #language en-US "Read USB
>Token File Error!"
>- #language fr-FR "Read USB Token File Error!
>(French)"
>-#string STR_INSERT_USB_TOKEN #language en-US "Please insert
>USB key with Token"
>- #language fr-FR "Please insert USB key with Token
>(French)"
>diff --git
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/LoadDeferredIma
>ge.c
>b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/LoadDeferredIm
>age.c
>deleted file mode 100644
>index 2cfe130db8..0000000000
>---
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/LoadDeferredIma
>ge.c
>+++ /dev/null
>@@ -1,148 +0,0 @@
>-/** @file
>- Load the deferred images after user is identified.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#include "UserIdentifyManager.h"
>-
>-EFI_HANDLE mDeferredImageHandle;
>-
>-/**
>- The function will load all the deferred images again. If the deferred image is
>loaded
>- successfully, try to start it.
>-
>- @param Event Event whose notification function is being invoked.
>- @param Context Pointer to the notification function's context
>-
>-**/
>-VOID
>-EFIAPI
>-LoadDeferredImage (
>- IN EFI_EVENT Event,
>- IN VOID *Context
>- )
>-{
>- EFI_STATUS Status;
>- EFI_DEFERRED_IMAGE_LOAD_PROTOCOL *DeferredImage;
>- UINTN HandleCount;
>- EFI_HANDLE *HandleBuf;
>- UINTN Index;
>- UINTN DriverIndex;
>- EFI_DEVICE_PATH_PROTOCOL *ImageDevicePath;
>- VOID *DriverImage;
>- UINTN ImageSize;
>- BOOLEAN BootOption;
>- EFI_HANDLE ImageHandle;
>- UINTN ExitDataSize;
>- CHAR16 *ExitData;
>-
>- //
>- // Find all the deferred image load protocols.
>- //
>- HandleCount = 0;
>- HandleBuf = NULL;
>- Status = gBS->LocateHandleBuffer (
>- ByProtocol,
>- &gEfiDeferredImageLoadProtocolGuid,
>- NULL,
>- &HandleCount,
>- &HandleBuf
>- );
>- if (EFI_ERROR (Status)) {
>- return ;
>- }
>-
>- for (Index = 0; Index < HandleCount; Index++) {
>- Status = gBS->HandleProtocol (
>- HandleBuf[Index],
>- &gEfiDeferredImageLoadProtocolGuid,
>- (VOID **) &DeferredImage
>- );
>- if (EFI_ERROR (Status)) {
>- continue ;
>- }
>-
>- DriverIndex = 0;
>- do {
>- //
>- // Load all the deferred images in this protocol instance.
>- //
>- Status = DeferredImage->GetImageInfo(
>- DeferredImage,
>- DriverIndex,
>- &ImageDevicePath,
>- (VOID **) &DriverImage,
>- &ImageSize,
>- &BootOption
>- );
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>-
>- //
>- // Load and start the image.
>- //
>- Status = gBS->LoadImage (
>- BootOption,
>- mDeferredImageHandle,
>- ImageDevicePath,
>- NULL,
>- 0,
>- &ImageHandle
>- );
>- if (!EFI_ERROR (Status)) {
>- //
>- // Before calling the image, enable the Watchdog Timer for
>- // a 5 Minute period
>- //
>- gBS->SetWatchdogTimer (5 * 60, 0x0000, 0x00, NULL);
>- Status = gBS->StartImage (ImageHandle, &ExitDataSize, &ExitData);
>-
>- //
>- // Clear the Watchdog Timer after the image returns.
>- //
>- gBS->SetWatchdogTimer (0x0000, 0x0000, 0x0000, NULL);
>- }
>- DriverIndex++;
>- } while (TRUE);
>- }
>- FreePool (HandleBuf);
>-}
>-
>-
>-/**
>- Register an event notification function for user profile changed.
>-
>- @param[in] ImageHandle Image handle this driver.
>-
>-**/
>-VOID
>-LoadDeferredImageInit (
>- IN EFI_HANDLE ImageHandle
>- )
>-{
>- EFI_STATUS Status;
>- EFI_EVENT Event;
>-
>- mDeferredImageHandle = ImageHandle;
>-
>- Status = gBS->CreateEventEx (
>- EVT_NOTIFY_SIGNAL,
>- TPL_CALLBACK,
>- LoadDeferredImage,
>- NULL,
>- &gEfiEventUserProfileChangedGuid,
>- &Event
>- );
>-
>- ASSERT (Status == EFI_SUCCESS);
>-}
>diff --git
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>ager.c
>b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>ager.c
>deleted file mode 100644
>index fd941792c1..0000000000
>---
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>ager.c
>+++ /dev/null
>@@ -1,3766 +0,0 @@
>-/** @file
>- This driver manages user information and produces user manager protocol.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-(C) Copyright 2018 Hewlett Packard Enterprise Development LP<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#include "UserIdentifyManager.h"
>-
>-//
>-// Default user name.
>-//
>-CHAR16 mUserName[] = L"Administrator";
>-
>-//
>-// Points to the user profile database.
>-//
>-USER_PROFILE_DB *mUserProfileDb = NULL;
>-
>-//
>-// Points to the credential providers found in system.
>-//
>-CREDENTIAL_PROVIDER_INFO *mProviderDb = NULL;
>-
>-//
>-// Current user shared in multi function.
>-//
>-EFI_USER_PROFILE_HANDLE mCurrentUser = NULL;
>-
>-//
>-// Flag indicates a user is identified.
>-//
>-BOOLEAN mIdentified = FALSE;
>-USER_MANAGER_CALLBACK_INFO *mCallbackInfo = NULL;
>-HII_VENDOR_DEVICE_PATH mHiiVendorDevicePath = {
>- {
>- {
>- HARDWARE_DEVICE_PATH,
>- HW_VENDOR_DP,
>- {
>- (UINT8) (sizeof (VENDOR_DEVICE_PATH)),
>- (UINT8) ((sizeof (VENDOR_DEVICE_PATH)) >> 8)
>- }
>- },
>- USER_IDENTIFY_MANAGER_GUID
>- },
>- {
>- END_DEVICE_PATH_TYPE,
>- END_ENTIRE_DEVICE_PATH_SUBTYPE,
>- {
>- (UINT8) (END_DEVICE_PATH_LENGTH),
>- (UINT8) ((END_DEVICE_PATH_LENGTH) >> 8)
>- }
>- }
>-};
>-
>-
>-EFI_USER_MANAGER_PROTOCOL gUserIdentifyManager = {
>- UserProfileCreate,
>- UserProfileDelete,
>- UserProfileGetNext,
>- UserProfileCurrent,
>- UserProfileIdentify,
>- UserProfileFind,
>- UserProfileNotify,
>- UserProfileGetInfo,
>- UserProfileSetInfo,
>- UserProfileDeleteInfo,
>- UserProfileGetNextInfo,
>-};
>-
>-
>-/**
>- Find the specified user in the user database.
>-
>- This function searches the specified user from the beginning of the user
>database.
>- And if NextUser is TRUE, return the next User in the user database.
>-
>- @param[in, out] User On entry, points to the user profile entry to
>search.
>- On return, points to the user profile entry or NULL if not
>found.
>- @param[in] NextUser If FALSE, find the user in user profile database
>specifyed by User
>- If TRUE, find the next user in user profile database specifyed
>- by User.
>- @param[out] ProfileIndex A pointer to the index of user profile database
>that matches the
>- user specifyed by User.
>-
>- @retval EFI_NOT_FOUND User was NULL, or User was not found, or the
>next user was not found.
>- @retval EFI_SUCCESS User or the next user are found in user profile
>database
>-
>-**/
>-EFI_STATUS
>-FindUserProfile (
>- IN OUT USER_PROFILE_ENTRY **User,
>- IN BOOLEAN NextUser,
>- OUT UINTN *ProfileIndex OPTIONAL
>- )
>-{
>- UINTN Index;
>-
>- //
>- // Check parameters
>- //
>- if ((mUserProfileDb == NULL) || (User == NULL)) {
>- return EFI_NOT_FOUND;
>- }
>-
>- //
>- // Check whether the user profile is in the user profile database.
>- //
>- for (Index = 0; Index < mUserProfileDb->UserProfileNum; Index++) {
>- if (mUserProfileDb->UserProfile[Index] == *User) {
>- if (ProfileIndex != NULL) {
>- *ProfileIndex = Index;
>- }
>- break;
>- }
>- }
>-
>- if (NextUser) {
>- //
>- // Find the next user profile.
>- //
>- Index++;
>- if (Index < mUserProfileDb->UserProfileNum) {
>- *User = mUserProfileDb->UserProfile[Index];
>- } else if (Index == mUserProfileDb->UserProfileNum) {
>- *User = NULL;
>- return EFI_NOT_FOUND;
>- } else {
>- if ((mUserProfileDb->UserProfileNum > 0) && (*User == NULL)) {
>- *User = mUserProfileDb->UserProfile[0];
>- } else {
>- *User = NULL;
>- return EFI_NOT_FOUND;
>- }
>- }
>- } else if (Index == mUserProfileDb->UserProfileNum) {
>- return EFI_NOT_FOUND;
>- }
>-
>- return EFI_SUCCESS;
>-}
>-
>-/**
>- Find the specified user information record in the specified User profile.
>-
>- This function searches the specified user information record from the
>beginning of the user
>- profile. And if NextInfo is TRUE, return the next info in the user profile.
>-
>- @param[in] User Points to the user profile entry.
>- @param[in, out] Info On entry, points to the user information record or
>NULL to start
>- searching with the first user information record.
>- On return, points to the user information record or NULL if not
>found.
>- @param[in] NextInfo If FALSE, find the user information record in profile
>specifyed by User.
>- If TRUE, find the next user information record in profile
>specifyed
>- by User.
>- @param[out] Offset A pointer to the offset of the information record in
>the user profile.
>-
>- @retval EFI_INVALID_PARAMETER Info is NULL
>- @retval EFI_NOT_FOUND Info was not found, or the next Info was not
>found.
>- @retval EFI_SUCCESS Info or the next info are found in user profile.
>-
>-**/
>-EFI_STATUS
>-FindUserInfo (
>- IN USER_PROFILE_ENTRY * User,
>- IN OUT EFI_USER_INFO **Info,
>- IN BOOLEAN NextInfo,
>- OUT UINTN *Offset OPTIONAL
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *UserInfo;
>- UINTN InfoLen;
>-
>- if (Info == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Check user profile entry
>- //
>- Status = FindUserProfile (&User, FALSE, NULL);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Find user information in the specified user record.
>- //
>- InfoLen = 0;
>- while (InfoLen < User->UserProfileSize) {
>- UserInfo = (EFI_USER_INFO *) (User->ProfileInfo + InfoLen);
>- if (UserInfo == *Info) {
>- if (Offset != NULL) {
>- *Offset = InfoLen;
>- }
>- break;
>- }
>- InfoLen += ALIGN_VARIABLE (UserInfo->InfoSize);
>- }
>-
>- //
>- // Check whether to find the next user information.
>- //
>- if (NextInfo) {
>- if (InfoLen < User->UserProfileSize) {
>- UserInfo = (EFI_USER_INFO *) (User->ProfileInfo + InfoLen);
>- InfoLen += ALIGN_VARIABLE (UserInfo->InfoSize);
>- if (InfoLen < User->UserProfileSize) {
>- *Info = (EFI_USER_INFO *) (User->ProfileInfo + InfoLen);
>- if (Offset != NULL) {
>- *Offset = InfoLen;
>- }
>- } else if (InfoLen == User->UserProfileSize) {
>- *Info = NULL;
>- return EFI_NOT_FOUND;
>- }
>- } else {
>- if (*Info == NULL) {
>- *Info = (EFI_USER_INFO *) User->ProfileInfo;
>- if (Offset != NULL) {
>- *Offset = 0;
>- }
>- } else {
>- *Info = NULL;
>- return EFI_NOT_FOUND;
>- }
>- }
>- } else if (InfoLen == User->UserProfileSize) {
>- return EFI_NOT_FOUND;
>- }
>-
>- return EFI_SUCCESS;
>-}
>-
>-/**
>- Find a user infomation record by the information record type.
>-
>- This function searches all user information records of User. The search starts
>with the
>- user information record following Info and continues until either the
>information is found
>- or there are no more user infomation record.
>- A match occurs when a Info.InfoType field matches the user information
>record type.
>-
>- @param[in] User Points to the user profile record to search.
>- @param[in, out] Info On entry, points to the user information record or
>NULL to start
>- searching with the first user information record.
>- On return, points to the user information record or NULL if not
>found.
>- @param[in] InfoType The infomation type to be searched.
>-
>- @retval EFI_SUCCESS User information was found. Info points to the
>user information record.
>- @retval EFI_NOT_FOUND User information was not found.
>- @retval EFI_INVALID_PARAMETER User is NULL or Info is NULL.
>-
>-**/
>-EFI_STATUS
>-FindUserInfoByType (
>- IN USER_PROFILE_ENTRY *User,
>- IN OUT EFI_USER_INFO **Info,
>- IN UINT8 InfoType
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *UserInfo;
>- UINTN InfoLen;
>-
>- if (Info == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Check whether the user has the specified user information.
>- //
>- InfoLen = 0;
>- if (*Info == NULL) {
>- Status = FindUserProfile (&User, FALSE, NULL);
>- } else {
>- Status = FindUserInfo (User, Info, TRUE, &InfoLen);
>- }
>-
>- if (EFI_ERROR (Status)) {
>- return EFI_NOT_FOUND;
>- }
>-
>- while (InfoLen < User->UserProfileSize) {
>- UserInfo = (EFI_USER_INFO *) (User->ProfileInfo + InfoLen);
>- if (UserInfo->InfoType == InfoType) {
>- if (UserInfo != *Info) {
>- *Info = UserInfo;
>- return EFI_SUCCESS;
>- }
>- }
>-
>- InfoLen += ALIGN_VARIABLE (UserInfo->InfoSize);
>- }
>-
>- *Info = NULL;
>- return EFI_NOT_FOUND;
>-}
>-
>-/**
>- Find a user using a user information record.
>-
>- This function searches all user profiles for the specified user information
>record. The
>- search starts with the user information record handle following UserInfo
>and continues
>- until either the information is found or there are no more user profiles.
>- A match occurs when the Info.InfoType field matches the user information
>record type and the
>- user information record data matches the portion of Info passed the
>EFI_USER_INFO header.
>-
>- @param[in, out] User On entry, points to the previously returned user
>profile record,
>- or NULL to start searching with the first user profile.
>- On return, points to the user profile entry, or NULL if not found.
>- @param[in, out] UserInfo On entry, points to the previously returned user
>information record,
>- or NULL to start searching with the first.
>- On return, points to the user information record, or NULL if not
>found.
>- @param[in] Info Points to the buffer containing the user information to
>be compared
>- to the user information record.
>- @param[in] InfoSize The size of Info, in bytes. Same as Info->InfoSize.
>-
>- @retval EFI_SUCCESS User information was found. User points to the
>user profile record,
>- and UserInfo points to the user information record.
>- @retval EFI_NOT_FOUND User information was not found.
>- @retval EFI_INVALID_PARAMETER User is NULL; Info is NULL; or, InfoSize is
>too small.
>-
>-**/
>-EFI_STATUS
>-FindUserProfileByInfo (
>- IN OUT USER_PROFILE_ENTRY **User,
>- IN OUT EFI_USER_INFO **UserInfo, OPTIONAL
>- IN EFI_USER_INFO *Info,
>- IN UINTN InfoSize
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *InfoEntry;
>-
>-
>- if ((User == NULL) || (Info == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if (InfoSize < sizeof (EFI_USER_INFO)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if (UserInfo != NULL) {
>- InfoEntry = *UserInfo;
>- } else {
>- InfoEntry = NULL;
>- }
>- //
>- // Find user profile according to information.
>- //
>- if (*User == NULL) {
>- *User = mUserProfileDb->UserProfile[0];
>- }
>-
>- //
>- // Check user profile handle.
>- //
>- Status = FindUserProfile (User, FALSE, NULL);
>-
>- while (!EFI_ERROR (Status)) {
>- //
>- // Find the user information in a user profile.
>- //
>- while (TRUE) {
>- Status = FindUserInfoByType (*User, &InfoEntry, Info->InfoType);
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>-
>- if (InfoSize == Info->InfoSize) {
>- if (CompareMem ((UINT8 *) (InfoEntry + 1), (UINT8 *) (Info + 1), InfoSize
>- sizeof (EFI_USER_INFO)) == 0) {
>- //
>- // Found the infomation record.
>- //
>- if (UserInfo != NULL) {
>- *UserInfo = InfoEntry;
>- }
>- return EFI_SUCCESS;
>- }
>- }
>- }
>-
>- //
>- // Get next user profile.
>- //
>- InfoEntry = NULL;
>- Status = FindUserProfile (User, TRUE, NULL);
>- }
>-
>- return EFI_NOT_FOUND;
>-}
>-
>-
>-/**
>- Check whether the access policy is valid.
>-
>- @param[in] PolicyInfo Point to the access policy.
>- @param[in] InfoLen The policy length.
>-
>- @retval TRUE The policy is a valid access policy.
>- @retval FALSE The access policy is not a valid access policy.
>-
>-**/
>-BOOLEAN
>-CheckAccessPolicy (
>- IN UINT8 *PolicyInfo,
>- IN UINTN InfoLen
>- )
>-{
>- UINTN TotalLen;
>- UINTN ValueLen;
>- UINTN OffSet;
>- EFI_USER_INFO_ACCESS_CONTROL Access;
>- EFI_DEVICE_PATH_PROTOCOL *Path;
>- UINTN PathSize;
>-
>- TotalLen = 0;
>- while (TotalLen < InfoLen) {
>- //
>- // Check access policy according to type.
>- //
>- CopyMem (&Access, PolicyInfo + TotalLen, sizeof (Access));
>- ValueLen = Access.Size - sizeof (EFI_USER_INFO_ACCESS_CONTROL);
>- switch (Access.Type) {
>- case EFI_USER_INFO_ACCESS_FORBID_LOAD:
>- case EFI_USER_INFO_ACCESS_PERMIT_LOAD:
>- case EFI_USER_INFO_ACCESS_FORBID_CONNECT:
>- case EFI_USER_INFO_ACCESS_PERMIT_CONNECT:
>- OffSet = 0;
>- while (OffSet < ValueLen) {
>- Path = (EFI_DEVICE_PATH_PROTOCOL *) (PolicyInfo + TotalLen +
>sizeof (Access) + OffSet);
>- PathSize = GetDevicePathSize (Path);
>- OffSet += PathSize;
>- }
>- if (OffSet != ValueLen) {
>- return FALSE;
>- }
>- break;
>-
>- case EFI_USER_INFO_ACCESS_SETUP:
>- if (ValueLen % sizeof (EFI_GUID) != 0) {
>- return FALSE;
>- }
>- break;
>-
>- case EFI_USER_INFO_ACCESS_BOOT_ORDER:
>- if (ValueLen % sizeof (EFI_USER_INFO_ACCESS_BOOT_ORDER_HDR) != 0)
>{
>- return FALSE;
>- }
>- break;
>-
>- case EFI_USER_INFO_ACCESS_ENROLL_SELF:
>- case EFI_USER_INFO_ACCESS_ENROLL_OTHERS:
>- case EFI_USER_INFO_ACCESS_MANAGE:
>- if (ValueLen != 0) {
>- return FALSE;
>- }
>- break;
>-
>- default:
>- return FALSE;
>- break;
>- }
>-
>- TotalLen += Access.Size;
>- }
>-
>- if (TotalLen != InfoLen) {
>- return FALSE;
>- }
>-
>- return TRUE;
>-}
>-
>-
>-/**
>- Check whether the identity policy is valid.
>-
>- @param[in] PolicyInfo Point to the identity policy.
>- @param[in] InfoLen The policy length.
>-
>- @retval TRUE The policy is a valid identity policy.
>- @retval FALSE The access policy is not a valid identity policy.
>-
>-**/
>-BOOLEAN
>-CheckIdentityPolicy (
>- IN UINT8 *PolicyInfo,
>- IN UINTN InfoLen
>- )
>-{
>- UINTN TotalLen;
>- UINTN ValueLen;
>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>-
>- TotalLen = 0;
>-
>- //
>- // Check each part of policy expression.
>- //
>- while (TotalLen < InfoLen) {
>- //
>- // Check access polisy according to type.
>- //
>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) (PolicyInfo + TotalLen);
>- ValueLen = Identity->Length - sizeof (EFI_USER_INFO_IDENTITY_POLICY);
>- switch (Identity->Type) {
>- //
>- // Check False option.
>- //
>- case EFI_USER_INFO_IDENTITY_FALSE:
>- if (ValueLen != 0) {
>- return FALSE;
>- }
>- break;
>-
>- //
>- // Check True option.
>- //
>- case EFI_USER_INFO_IDENTITY_TRUE:
>- if (ValueLen != 0) {
>- return FALSE;
>- }
>- break;
>-
>- //
>- // Check negative operation.
>- //
>- case EFI_USER_INFO_IDENTITY_NOT:
>- if (ValueLen != 0) {
>- return FALSE;
>- }
>- break;
>-
>- //
>- // Check and operation.
>- //
>- case EFI_USER_INFO_IDENTITY_AND:
>- if (ValueLen != 0) {
>- return FALSE;
>- }
>- break;
>-
>- //
>- // Check or operation.
>- //
>- case EFI_USER_INFO_IDENTITY_OR:
>- if (ValueLen != 0) {
>- return FALSE;
>- }
>- break;
>-
>- //
>- // Check credential provider by type.
>- //
>- case EFI_USER_INFO_IDENTITY_CREDENTIAL_TYPE:
>- if (ValueLen != sizeof (EFI_GUID)) {
>- return FALSE;
>- }
>- break;
>-
>- //
>- // Check credential provider by ID.
>- //
>- case EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER:
>- if (ValueLen != sizeof (EFI_GUID)) {
>- return FALSE;
>- }
>- break;
>-
>- default:
>- return FALSE;
>- break;
>- }
>-
>- TotalLen += Identity->Length;
>- }
>-
>- if (TotalLen != InfoLen) {
>- return FALSE;
>- }
>-
>- return TRUE;
>-}
>-
>-
>-/**
>- Check whether the user information is a valid user information record.
>-
>- @param[in] Info points to the user information.
>-
>- @retval TRUE The info is a valid user information record.
>- @retval FALSE The info is not a valid user information record.
>-
>-**/
>-BOOLEAN
>-CheckUserInfo (
>- IN CONST EFI_USER_INFO *Info
>- )
>-{
>- UINTN InfoLen;
>-
>- if (Info == NULL) {
>- return FALSE;
>- }
>- //
>- // Check user information according to information type.
>- //
>- InfoLen = Info->InfoSize - sizeof (EFI_USER_INFO);
>- switch (Info->InfoType) {
>- case EFI_USER_INFO_EMPTY_RECORD:
>- if (InfoLen != 0) {
>- return FALSE;
>- }
>- break;
>-
>- case EFI_USER_INFO_NAME_RECORD:
>- case EFI_USER_INFO_CREDENTIAL_TYPE_NAME_RECORD:
>- case EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD:
>- break;
>-
>- case EFI_USER_INFO_CREATE_DATE_RECORD:
>- case EFI_USER_INFO_USAGE_DATE_RECORD:
>- if (InfoLen != sizeof (EFI_TIME)) {
>- return FALSE;
>- }
>- break;
>-
>- case EFI_USER_INFO_USAGE_COUNT_RECORD:
>- if (InfoLen != sizeof (UINT64)) {
>- return FALSE;
>- }
>- break;
>-
>- case EFI_USER_INFO_IDENTIFIER_RECORD:
>- if (InfoLen != 16) {
>- return FALSE;
>- }
>- break;
>-
>- case EFI_USER_INFO_CREDENTIAL_TYPE_RECORD:
>- case EFI_USER_INFO_CREDENTIAL_PROVIDER_RECORD:
>- case EFI_USER_INFO_GUID_RECORD:
>- if (InfoLen != sizeof (EFI_GUID)) {
>- return FALSE;
>- }
>- break;
>-
>- case EFI_USER_INFO_PKCS11_RECORD:
>- case EFI_USER_INFO_CBEFF_RECORD:
>- break;
>-
>- case EFI_USER_INFO_FAR_RECORD:
>- case EFI_USER_INFO_RETRY_RECORD:
>- if (InfoLen != 1) {
>- return FALSE;
>- }
>- break;
>-
>- case EFI_USER_INFO_ACCESS_POLICY_RECORD:
>- if(!CheckAccessPolicy ((UINT8 *) (Info + 1), InfoLen)) {
>- return FALSE;
>- }
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_POLICY_RECORD:
>- if (!CheckIdentityPolicy ((UINT8 *) (Info + 1), InfoLen)) {
>- return FALSE;
>- }
>- break;
>-
>- default:
>- return FALSE;
>- break;
>- }
>-
>- return TRUE;
>-}
>-
>-
>-/**
>- Check the user profile data format to be added.
>-
>- @param[in] UserProfileInfo Points to the user profile data.
>- @param[in] UserProfileSize The length of user profile data.
>-
>- @retval TRUE It is a valid user profile.
>- @retval FALSE It is not a valid user profile.
>-
>-**/
>-BOOLEAN
>-CheckProfileInfo (
>- IN UINT8 *UserProfileInfo,
>- IN UINTN UserProfileSize
>- )
>-{
>- UINTN ChkLen;
>- EFI_USER_INFO *Info;
>-
>- if (UserProfileInfo == NULL) {
>- return FALSE;
>- }
>-
>- //
>- // Check user profile information length.
>- //
>- ChkLen = 0;
>- while (ChkLen < UserProfileSize) {
>- Info = (EFI_USER_INFO *) (UserProfileInfo + ChkLen);
>- //
>- // Check user information format.
>- //
>- if (!CheckUserInfo (Info)) {
>- return FALSE;
>- }
>-
>- ChkLen += ALIGN_VARIABLE (Info->InfoSize);
>- }
>-
>- if (ChkLen != UserProfileSize) {
>- return FALSE;
>- }
>-
>- return TRUE;
>-}
>-
>-
>-/**
>- Find the specified RightType in current user profile.
>-
>- @param[in] RightType Could be EFI_USER_INFO_ACCESS_MANAGE,
>- EFI_USER_INFO_ACCESS_ENROLL_OTHERS or
>- EFI_USER_INFO_ACCESS_ENROLL_SELF.
>-
>- @retval TRUE Find the specified RightType in current user profile.
>- @retval FALSE Can't find the right in the profile.
>-
>-**/
>-BOOLEAN
>-CheckCurrentUserAccessRight (
>- IN UINT32 RightType
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *Info;
>- UINTN TotalLen;
>- UINTN CheckLen;
>- EFI_USER_INFO_ACCESS_CONTROL Access;
>-
>- //
>- // Get user access right information.
>- //
>- Info = NULL;
>- Status = FindUserInfoByType (
>- (USER_PROFILE_ENTRY *) mCurrentUser,
>- &Info,
>- EFI_USER_INFO_ACCESS_POLICY_RECORD
>- );
>- if (EFI_ERROR (Status)) {
>- return FALSE;
>- }
>-
>- ASSERT (Info != NULL);
>- TotalLen = Info->InfoSize - sizeof (EFI_USER_INFO);
>- CheckLen = 0;
>- while (CheckLen < TotalLen) {
>- //
>- // Check right according to access type.
>- //
>- CopyMem (&Access, (UINT8 *) (Info + 1) + CheckLen, sizeof (Access));
>- if (Access.Type == RightType) {
>- return TRUE;;
>- }
>-
>- CheckLen += Access.Size;
>- }
>-
>- return FALSE;
>-}
>-
>-
>-/**
>- Create a unique user identifier.
>-
>- @param[out] Identifier This points to the identifier.
>-
>-**/
>-VOID
>-GenerateIdentifier (
>- OUT UINT8 *Identifier
>- )
>-{
>- EFI_TIME Time;
>- UINT64 MonotonicCount;
>- UINT32 *MonotonicPointer;
>- UINTN Index;
>-
>- //
>- // Create a unique user identifier.
>- //
>- gRT->GetTime (&Time, NULL);
>- CopyMem (Identifier, &Time, sizeof (EFI_TIME));
>- //
>- // Remove zeros.
>- //
>- for (Index = 0; Index < sizeof (EFI_TIME); Index++) {
>- if (Identifier[Index] == 0) {
>- Identifier[Index] = 0x5a;
>- }
>- }
>-
>- MonotonicPointer = (UINT32 *) Identifier;
>- gBS->GetNextMonotonicCount (&MonotonicCount);
>- MonotonicPointer[0] += (UINT32) MonotonicCount;
>- MonotonicPointer[1] += (UINT32) MonotonicCount;
>- MonotonicPointer[2] += (UINT32) MonotonicCount;
>- MonotonicPointer[3] += (UINT32) MonotonicCount;
>-}
>-
>-
>-/**
>- Generate unique user ID.
>-
>- @param[out] UserId Points to the user identifer.
>-
>-**/
>-VOID
>-GenerateUserId (
>- OUT UINT8 *UserId
>- )
>-{
>- EFI_STATUS Status;
>- USER_PROFILE_ENTRY *UserProfile;
>- EFI_USER_INFO *UserInfo;
>- UINTN Index;
>-
>- //
>- // Generate unique user ID
>- //
>- while (TRUE) {
>- GenerateIdentifier (UserId);
>- //
>- // Check whether it's unique in user profile database.
>- //
>- if (mUserProfileDb == NULL) {
>- return ;
>- }
>-
>- for (Index = 0; Index < mUserProfileDb->UserProfileNum; Index++) {
>- UserProfile = (USER_PROFILE_ENTRY *) (mUserProfileDb-
>>UserProfile[Index]);
>- UserInfo = NULL;
>- Status = FindUserInfoByType (UserProfile, &UserInfo,
>EFI_USER_INFO_IDENTIFIER_RECORD);
>- if (EFI_ERROR (Status)) {
>- continue;
>- }
>-
>- if (CompareMem ((UINT8 *) (UserInfo + 1), UserId, sizeof
>(EFI_USER_INFO_IDENTIFIER)) == 0) {
>- break;
>- }
>- }
>-
>- if (Index == mUserProfileDb->UserProfileNum) {
>- return ;
>- }
>- }
>-}
>-
>-
>-/**
>- Expand user profile database.
>-
>- @retval TRUE Success to expand user profile database.
>- @retval FALSE Fail to expand user profile database.
>-
>-**/
>-BOOLEAN
>-ExpandUsermUserProfileDb (
>- VOID
>- )
>-{
>- UINTN MaxNum;
>- USER_PROFILE_DB *NewDataBase;
>-
>- //
>- // Create new user profile database.
>- //
>- if (mUserProfileDb == NULL) {
>- MaxNum = USER_NUMBER_INC;
>- } else {
>- MaxNum = mUserProfileDb->MaxProfileNum + USER_NUMBER_INC;
>- }
>-
>- NewDataBase = AllocateZeroPool (
>- sizeof (USER_PROFILE_DB) - sizeof (EFI_USER_PROFILE_HANDLE) +
>- MaxNum * sizeof (EFI_USER_PROFILE_HANDLE)
>- );
>- if (NewDataBase == NULL) {
>- return FALSE;
>- }
>-
>- NewDataBase->MaxProfileNum = MaxNum;
>-
>- //
>- // Copy old user profile database value
>- //
>- if (mUserProfileDb == NULL) {
>- NewDataBase->UserProfileNum = 0;
>- } else {
>- NewDataBase->UserProfileNum = mUserProfileDb->UserProfileNum;
>- CopyMem (
>- NewDataBase->UserProfile,
>- mUserProfileDb->UserProfile,
>- NewDataBase->UserProfileNum * sizeof (EFI_USER_PROFILE_HANDLE)
>- );
>- FreePool (mUserProfileDb);
>- }
>-
>- mUserProfileDb = NewDataBase;
>- return TRUE;
>-}
>-
>-
>-/**
>- Expand user profile
>-
>- @param[in] User Points to user profile.
>- @param[in] ExpandSize The size of user profile.
>-
>- @retval TRUE Success to expand user profile size.
>- @retval FALSE Fail to expand user profile size.
>-
>-**/
>-BOOLEAN
>-ExpandUserProfile (
>- IN USER_PROFILE_ENTRY *User,
>- IN UINTN ExpandSize
>- )
>-{
>- UINT8 *Info;
>- UINTN InfoSizeInc;
>-
>- //
>- // Allocate new memory.
>- //
>- InfoSizeInc = 128;
>- User->MaxProfileSize += ((ExpandSize + InfoSizeInc - 1) / InfoSizeInc) *
>InfoSizeInc;
>- Info = AllocateZeroPool (User->MaxProfileSize);
>- if (Info == NULL) {
>- return FALSE;
>- }
>-
>- //
>- // Copy exist information.
>- //
>- if (User->UserProfileSize > 0) {
>- CopyMem (Info, User->ProfileInfo, User->UserProfileSize);
>- FreePool (User->ProfileInfo);
>- }
>-
>- User->ProfileInfo = Info;
>- return TRUE;
>-}
>-
>-
>-/**
>- Save the user profile to non-volatile memory, or delete it from non-volatile
>memory.
>-
>- @param[in] User Point to the user profile
>- @param[in] Delete If TRUE, delete the found user profile.
>- If FALSE, save the user profile.
>- @retval EFI_SUCCESS Save or delete user profile successfully.
>- @retval Others Fail to change the profile.
>-
>-**/
>-EFI_STATUS
>-SaveNvUserProfile (
>- IN USER_PROFILE_ENTRY *User,
>- IN BOOLEAN Delete
>- )
>-{
>- EFI_STATUS Status;
>-
>- //
>- // Check user profile entry.
>- //
>- Status = FindUserProfile (&User, FALSE, NULL);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Save the user profile to non-volatile memory.
>- //
>- Status = gRT->SetVariable (
>- User->UserVarName,
>- &gUserIdentifyManagerGuid,
>- EFI_VARIABLE_NON_VOLATILE |
>EFI_VARIABLE_BOOTSERVICE_ACCESS,
>- Delete ? 0 : User->UserProfileSize,
>- User->ProfileInfo
>- );
>- return Status;
>-}
>-
>-/**
>- Add one new user info into the user's profile.
>-
>- @param[in] User point to the user profile
>- @param[in] Info Points to the user information payload.
>- @param[in] InfoSize The size of the user information payload, in bytes.
>- @param[out] UserInfo Point to the new info in user profile
>- @param[in] Save If TRUE, save the profile to NV flash.
>- If FALSE, don't need to save the profile to NV flash.
>-
>- @retval EFI_SUCCESS Add user info to user profile successfully.
>- @retval Others Fail to add user info to user profile.
>-
>-**/
>-EFI_STATUS
>-AddUserInfo (
>- IN USER_PROFILE_ENTRY *User,
>- IN UINT8 *Info,
>- IN UINTN InfoSize,
>- OUT EFI_USER_INFO **UserInfo, OPTIONAL
>- IN BOOLEAN Save
>- )
>-{
>- EFI_STATUS Status;
>-
>- if ((Info == NULL) || (User == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Check user profile handle.
>- //
>- Status = FindUserProfile (&User, FALSE, NULL);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Check user information memory size.
>- //
>- if (User->MaxProfileSize - User->UserProfileSize < ALIGN_VARIABLE
>(InfoSize)) {
>- if (!ExpandUserProfile (User, ALIGN_VARIABLE (InfoSize))) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>- }
>-
>- //
>- // Add new user information.
>- //
>- CopyMem (User->ProfileInfo + User->UserProfileSize, Info, InfoSize);
>- if (UserInfo != NULL) {
>- *UserInfo = (EFI_USER_INFO *) (User->ProfileInfo + User-
>>UserProfileSize);
>- }
>- User->UserProfileSize += ALIGN_VARIABLE (InfoSize);
>-
>- //
>- // Save user profile information.
>- //
>- if (Save) {
>- Status = SaveNvUserProfile (User, FALSE);
>- }
>-
>- return Status;
>-}
>-
>-
>-/**
>- Get the user info from the specified user info handle.
>-
>- @param[in] User Point to the user profile.
>- @param[in] UserInfo Point to the user information record to get.
>- @param[out] Info On entry, points to a buffer of at least *InfoSize
>bytes.
>- On exit, holds the user information.
>- @param[in, out] InfoSize On entry, points to the size of Info.
>- On return, points to the size of the user information.
>- @param[in] ChkRight If TRUE, check the user info attribute.
>- If FALSE, don't check the user info attribute.
>-
>-
>- @retval EFI_ACCESS_DENIED The information cannot be accessed by the
>current user.
>- @retval EFI_INVALID_PARAMETER InfoSize is NULL or UserInfo is NULL.
>- @retval EFI_BUFFER_TOO_SMALL The number of bytes specified by
>*InfoSize is too small to hold the
>- returned data. The actual size required is returned in
>*InfoSize.
>- @retval EFI_SUCCESS Information returned successfully.
>-
>-**/
>-EFI_STATUS
>-GetUserInfo (
>- IN USER_PROFILE_ENTRY *User,
>- IN EFI_USER_INFO *UserInfo,
>- OUT EFI_USER_INFO *Info,
>- IN OUT UINTN *InfoSize,
>- IN BOOLEAN ChkRight
>- )
>-{
>- EFI_STATUS Status;
>-
>- if ((InfoSize == NULL) || (UserInfo == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if ((*InfoSize != 0) && (Info == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Find the user information to get.
>- //
>- Status = FindUserInfo (User, &UserInfo, FALSE, NULL);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Check information attributes.
>- //
>- if (ChkRight) {
>- switch (UserInfo->InfoAttribs & EFI_USER_INFO_ACCESS) {
>- case EFI_USER_INFO_PRIVATE:
>- case EFI_USER_INFO_PROTECTED:
>- if (User != mCurrentUser) {
>- return EFI_ACCESS_DENIED;
>- }
>- break;
>-
>- case EFI_USER_INFO_PUBLIC:
>- break;
>-
>- default:
>- return EFI_INVALID_PARAMETER;
>- break;
>- }
>- }
>-
>- //
>- // Get user information.
>- //
>- if (UserInfo->InfoSize > *InfoSize) {
>- *InfoSize = UserInfo->InfoSize;
>- return EFI_BUFFER_TOO_SMALL;
>- }
>-
>- *InfoSize = UserInfo->InfoSize;
>- if (Info != NULL) {
>- CopyMem (Info, UserInfo, *InfoSize);
>- }
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Delete the specified user information from user profile.
>-
>- @param[in] User Point to the user profile.
>- @param[in] Info Point to the user information record to delete.
>- @param[in] Save If TRUE, save the profile to NV flash.
>- If FALSE, don't need to save the profile to NV flash.
>-
>- @retval EFI_SUCCESS Delete user info from user profile successfully.
>- @retval Others Fail to delete user info from user profile.
>-
>-**/
>-EFI_STATUS
>-DelUserInfo (
>- IN USER_PROFILE_ENTRY *User,
>- IN EFI_USER_INFO *Info,
>- IN BOOLEAN Save
>- )
>-{
>- EFI_STATUS Status;
>- UINTN Offset;
>- UINTN NextOffset;
>-
>- //
>- // Check user information handle.
>- //
>- Status = FindUserInfo (User, &Info, FALSE, &Offset);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- if (Info->InfoType == EFI_USER_INFO_IDENTIFIER_RECORD) {
>- return EFI_ACCESS_DENIED;
>- }
>-
>- //
>- // Delete the specified user information.
>- //
>- NextOffset = Offset + ALIGN_VARIABLE (Info->InfoSize);
>- User->UserProfileSize -= ALIGN_VARIABLE (Info->InfoSize);
>- if (Offset < User->UserProfileSize) {
>- CopyMem (User->ProfileInfo + Offset, User->ProfileInfo + NextOffset,
>User->UserProfileSize - Offset);
>- }
>-
>- if (Save) {
>- Status = SaveNvUserProfile (User, FALSE);
>- }
>-
>- return Status;
>-}
>-
>-
>-/**
>- Add or update user information.
>-
>- @param[in] User Point to the user profile.
>- @param[in, out] UserInfo On entry, points to the user information to
>modify,
>- or NULL to add a new UserInfo.
>- On return, points to the modified user information.
>- @param[in] Info Points to the new user information.
>- @param[in] InfoSize The size of Info,in bytes.
>-
>- @retval EFI_INVALID_PARAMETER UserInfo is NULL or Info is NULL.
>- @retval EFI_ACCESS_DENIED The record is exclusive.
>- @retval EFI_SUCCESS User information was successfully
>changed/added.
>-
>-**/
>-EFI_STATUS
>-ModifyUserInfo (
>- IN USER_PROFILE_ENTRY *User,
>- IN OUT EFI_USER_INFO **UserInfo,
>- IN CONST EFI_USER_INFO *Info,
>- IN UINTN InfoSize
>- )
>-{
>- EFI_STATUS Status;
>- UINTN PayloadLen;
>- EFI_USER_INFO *OldInfo;
>-
>- if ((UserInfo == NULL) || (Info == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if (InfoSize < sizeof (EFI_USER_INFO) || InfoSize != Info->InfoSize) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Check user information.
>- //
>- if (Info->InfoType == EFI_USER_INFO_IDENTIFIER_RECORD) {
>- return EFI_ACCESS_DENIED;
>- }
>-
>- if (!CheckUserInfo (Info)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>-
>- if (*UserInfo == NULL) {
>- //
>- // Add new user information.
>- //
>- OldInfo = NULL;
>- do {
>- Status = FindUserInfoByType (User, &OldInfo, Info->InfoType);
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>- ASSERT (OldInfo != NULL);
>-
>- if (((OldInfo->InfoAttribs & EFI_USER_INFO_EXCLUSIVE) != 0) ||
>- ((Info->InfoAttribs & EFI_USER_INFO_EXCLUSIVE) != 0)) {
>- //
>- // Same type can not co-exist for exclusive information.
>- //
>- return EFI_ACCESS_DENIED;
>- }
>-
>- //
>- // Check whether it exists in DB.
>- //
>- if (Info->InfoSize != OldInfo->InfoSize) {
>- continue;
>- }
>-
>- if (!CompareGuid (&OldInfo->Credential, &Info->Credential)) {
>- continue;
>- }
>-
>- PayloadLen = Info->InfoSize - sizeof (EFI_USER_INFO);
>- if (PayloadLen == 0) {
>- continue;
>- }
>-
>- if (CompareMem ((UINT8 *)(OldInfo + 1), (UINT8 *)(Info + 1),
>PayloadLen) != 0) {
>- continue;
>- }
>-
>- //
>- // Yes. The new info is as same as the one in profile.
>- //
>- return EFI_SUCCESS;
>- } while (!EFI_ERROR (Status));
>-
>- Status = AddUserInfo (User, (UINT8 *) Info, InfoSize, UserInfo, TRUE);
>- return Status;
>- }
>-
>- //
>- // Modify existing user information.
>- //
>- OldInfo = *UserInfo;
>- if (OldInfo->InfoType != Info->InfoType) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if (((Info->InfoAttribs & EFI_USER_INFO_EXCLUSIVE) != 0) &&
>- (OldInfo->InfoAttribs & EFI_USER_INFO_EXCLUSIVE) == 0) {
>- //
>- // Try to add exclusive attrib in new info.
>- // Check whether there is another information with the same type in
>profile.
>- //
>- OldInfo = NULL;
>- do {
>- Status = FindUserInfoByType (User, &OldInfo, Info->InfoType);
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>- if (OldInfo != *UserInfo) {
>- //
>- // There is another information with the same type in profile.
>- // Therefore, can't modify existing user information to add exclusive
>attribute.
>- //
>- return EFI_ACCESS_DENIED;
>- }
>- } while (TRUE);
>- }
>-
>- Status = DelUserInfo (User, *UserInfo, FALSE);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- return AddUserInfo (User, (UINT8 *) Info, InfoSize, UserInfo, TRUE);
>-}
>-
>-
>-/**
>- Delete the user profile from non-volatile memory and database.
>-
>- @param[in] User Points to the user profile.
>-
>- @retval EFI_SUCCESS Delete user from the user profile successfully.
>- @retval Others Fail to delete user from user profile
>-
>-**/
>-EFI_STATUS
>-DelUserProfile (
>- IN USER_PROFILE_ENTRY *User
>- )
>-{
>- EFI_STATUS Status;
>- UINTN Index;
>-
>- //
>- // Check whether it is in the user profile database.
>- //
>- Status = FindUserProfile (&User, FALSE, &Index);
>- if (EFI_ERROR (Status)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Check whether it is the current user.
>- //
>- if (User == mCurrentUser) {
>- return EFI_ACCESS_DENIED;
>- }
>-
>- //
>- // Delete user profile from the non-volatile memory.
>- //
>- Status = SaveNvUserProfile (mUserProfileDb-
>>UserProfile[mUserProfileDb->UserProfileNum - 1], TRUE);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>- mUserProfileDb->UserProfileNum--;
>-
>- //
>- // Modify user profile database.
>- //
>- if (Index != mUserProfileDb->UserProfileNum) {
>- mUserProfileDb->UserProfile[Index] = mUserProfileDb-
>>UserProfile[mUserProfileDb->UserProfileNum];
>- CopyMem (
>- ((USER_PROFILE_ENTRY *) mUserProfileDb->UserProfile[Index])-
>>UserVarName,
>- User->UserVarName,
>- sizeof (User->UserVarName)
>- );
>- Status = SaveNvUserProfile (mUserProfileDb->UserProfile[Index], FALSE);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>- }
>- //
>- // Delete user profile information.
>- //
>- if (User->ProfileInfo != NULL) {
>- FreePool (User->ProfileInfo);
>- }
>-
>- FreePool (User);
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Add user profile to user profile database.
>-
>- @param[out] UserProfile Point to the newly added user profile.
>- @param[in] ProfileSize The size of the user profile.
>- @param[in] ProfileInfo Point to the user profie data.
>- @param[in] Save If TRUE, save the new added profile to NV flash.
>- If FALSE, don't save the profile to NV flash.
>-
>- @retval EFI_SUCCESS Add user profile to user profile database
>successfully.
>- @retval Others Fail to add user profile to user profile database.
>-
>-**/
>-EFI_STATUS
>-AddUserProfile (
>- OUT USER_PROFILE_ENTRY **UserProfile, OPTIONAL
>- IN UINTN ProfileSize,
>- IN UINT8 *ProfileInfo,
>- IN BOOLEAN Save
>- )
>-{
>- EFI_STATUS Status;
>- USER_PROFILE_ENTRY *User;
>-
>- //
>- // Check the data format to be added.
>- //
>- if (!CheckProfileInfo (ProfileInfo, ProfileSize)) {
>- return EFI_SECURITY_VIOLATION;
>- }
>-
>- //
>- // Create user profile entry.
>- //
>- User = AllocateZeroPool (sizeof (USER_PROFILE_ENTRY));
>- if (User == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>- //
>- // Add the entry to the user profile database.
>- //
>- if (mUserProfileDb->UserProfileNum == mUserProfileDb->MaxProfileNum)
>{
>- if (!ExpandUsermUserProfileDb ()) {
>- FreePool (User);
>- return EFI_OUT_OF_RESOURCES;
>- }
>- }
>-
>- UnicodeSPrint (
>- User->UserVarName,
>- sizeof (User->UserVarName),
>- L"User%04x",
>- mUserProfileDb->UserProfileNum
>- );
>- User->UserProfileSize = 0;
>- User->MaxProfileSize = 0;
>- User->ProfileInfo = NULL;
>- mUserProfileDb->UserProfile[mUserProfileDb->UserProfileNum] =
>(EFI_USER_PROFILE_HANDLE) User;
>- mUserProfileDb->UserProfileNum++;
>-
>- //
>- // Add user profile information.
>- //
>- Status = AddUserInfo (User, ProfileInfo, ProfileSize, NULL, Save);
>- if (EFI_ERROR (Status)) {
>- DelUserProfile (User);
>- return Status;
>- }
>- //
>- // Set new user profile handle.
>- //
>- if (UserProfile != NULL) {
>- *UserProfile = User;
>- }
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- This function creates a new user profile with only a new user identifier
>- attached and returns its handle. The user profile is non-volatile, but the
>- handle User can change across reboots.
>-
>- @param[out] User Handle of a new user profile.
>-
>- @retval EFI_SUCCESS User profile was successfully created.
>- @retval Others Fail to create user profile
>-
>-**/
>-EFI_STATUS
>-CreateUserProfile (
>- OUT USER_PROFILE_ENTRY **User
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *UserInfo;
>-
>- if (User == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>- //
>- // Generate user id information.
>- //
>- UserInfo = AllocateZeroPool (sizeof (EFI_USER_INFO) + sizeof
>(EFI_USER_INFO_IDENTIFIER));
>- if (UserInfo == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- UserInfo->InfoType = EFI_USER_INFO_IDENTIFIER_RECORD;
>- UserInfo->InfoSize = sizeof (EFI_USER_INFO) + sizeof
>(EFI_USER_INFO_IDENTIFIER);
>- UserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
>- GenerateUserId ((UINT8 *) (UserInfo + 1));
>-
>- //
>- // Add user profile to the user profile database.
>- //
>- Status = AddUserProfile (User, UserInfo->InfoSize, (UINT8 *) UserInfo,
>TRUE);
>- FreePool (UserInfo);
>- return Status;
>-}
>-
>-
>-/**
>- Add a default user profile to user profile database.
>-
>- @retval EFI_SUCCESS A default user profile is added successfully.
>- @retval Others Fail to add a default user profile
>-
>-**/
>-EFI_STATUS
>-AddDefaultUserProfile (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- USER_PROFILE_ENTRY *User;
>- EFI_USER_INFO *Info;
>- EFI_USER_INFO *NewInfo;
>- EFI_USER_INFO_CREATE_DATE CreateDate;
>- EFI_USER_INFO_USAGE_COUNT UsageCount;
>- EFI_USER_INFO_ACCESS_CONTROL *Access;
>- EFI_USER_INFO_IDENTITY_POLICY *Policy;
>-
>- //
>- // Create a user profile.
>- //
>- Status = CreateUserProfile (&User);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Allocate a buffer to add all default user information.
>- //
>- Info = AllocateZeroPool (sizeof (EFI_USER_INFO) + INFO_PAYLOAD_SIZE);
>- if (Info == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- //
>- // Add user name.
>- //
>- Info->InfoType = EFI_USER_INFO_NAME_RECORD;
>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
>- Info->InfoSize = sizeof (EFI_USER_INFO) + sizeof (mUserName);
>- CopyMem ((UINT8 *) (Info + 1), mUserName, sizeof (mUserName));
>- NewInfo = NULL;
>- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
>- if (EFI_ERROR (Status)) {
>- goto Done;
>- }
>-
>- //
>- // Add user profile create date record.
>- //
>- Info->InfoType = EFI_USER_INFO_CREATE_DATE_RECORD;
>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
>- Info->InfoSize = sizeof (EFI_USER_INFO) + sizeof
>(EFI_USER_INFO_CREATE_DATE);
>- Status = gRT->GetTime (&CreateDate, NULL);
>- if (EFI_ERROR (Status)) {
>- goto Done;
>- }
>-
>- CopyMem ((UINT8 *) (Info + 1), &CreateDate, sizeof
>(EFI_USER_INFO_CREATE_DATE));
>- NewInfo = NULL;
>- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
>- if (EFI_ERROR (Status)) {
>- goto Done;
>- }
>-
>- //
>- // Add user profile usage count record.
>- //
>- Info->InfoType = EFI_USER_INFO_USAGE_COUNT_RECORD;
>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
>- Info->InfoSize = sizeof (EFI_USER_INFO) + sizeof
>(EFI_USER_INFO_USAGE_COUNT);
>- UsageCount = 0;
>- CopyMem ((UINT8 *) (Info + 1), &UsageCount, sizeof
>(EFI_USER_INFO_USAGE_COUNT));
>- NewInfo = NULL;
>- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
>- if (EFI_ERROR (Status)) {
>- goto Done;
>- }
>-
>- //
>- // Add user access right.
>- //
>- Info->InfoType = EFI_USER_INFO_ACCESS_POLICY_RECORD;
>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
>- Access = (EFI_USER_INFO_ACCESS_CONTROL *) (Info + 1);
>- Access->Type = EFI_USER_INFO_ACCESS_MANAGE;
>- Access->Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL);
>- Info->InfoSize = sizeof (EFI_USER_INFO) + Access->Size;
>- NewInfo = NULL;
>- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
>- if (EFI_ERROR (Status)) {
>- goto Done;
>- }
>-
>- //
>- // Add user identity policy.
>- //
>- Info->InfoType = EFI_USER_INFO_IDENTITY_POLICY_RECORD;
>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>EFI_USER_INFO_PRIVATE | EFI_USER_INFO_EXCLUSIVE;
>- Policy = (EFI_USER_INFO_IDENTITY_POLICY *) (Info + 1);
>- Policy->Type = EFI_USER_INFO_IDENTITY_TRUE;
>- Policy->Length = sizeof (EFI_USER_INFO_IDENTITY_POLICY);
>- Info->InfoSize = sizeof (EFI_USER_INFO) + Policy->Length;
>- NewInfo = NULL;
>- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
>-
>-Done:
>- FreePool (Info);
>- return Status;
>-}
>-
>-
>-/**
>- Publish current user information into EFI System Configuration Table.
>-
>- By UEFI spec, the User Identity Manager will publish the current user profile
>- into the EFI System Configuration Table. Currently, only the user identifier
>and user
>- name are published.
>-
>- @retval EFI_SUCCESS Current user information is published successfully.
>- @retval Others Fail to publish current user information
>-
>-**/
>-EFI_STATUS
>-PublishUserTable (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- EFI_CONFIGURATION_TABLE *EfiConfigurationTable;
>- EFI_USER_INFO_TABLE *UserInfoTable;
>- EFI_USER_INFO *IdInfo;
>- EFI_USER_INFO *NameInfo;
>-
>- Status = EfiGetSystemConfigurationTable (
>- &gEfiUserManagerProtocolGuid,
>- (VOID **) &EfiConfigurationTable
>- );
>- if (!EFI_ERROR (Status)) {
>- //
>- // The table existed!
>- //
>- return EFI_SUCCESS;
>- }
>-
>- //
>- // Get user ID information.
>- //
>- IdInfo = NULL;
>- Status = FindUserInfoByType (mCurrentUser, &IdInfo,
>EFI_USER_INFO_IDENTIFIER_RECORD);
>- if (EFI_ERROR (Status)) {
>- return Status;
>-
>- }
>- //
>- // Get user name information.
>- //
>- NameInfo = NULL;
>- Status = FindUserInfoByType (mCurrentUser, &NameInfo,
>EFI_USER_INFO_NAME_RECORD);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Allocate a buffer for user information table.
>- //
>- UserInfoTable = (EFI_USER_INFO_TABLE *) AllocateRuntimePool (
>- sizeof (EFI_USER_INFO_TABLE) +
>- IdInfo->InfoSize +
>- NameInfo->InfoSize
>- );
>- if (UserInfoTable == NULL) {
>- Status = EFI_OUT_OF_RESOURCES;
>- return Status;
>- }
>-
>- UserInfoTable->Size = sizeof (EFI_USER_INFO_TABLE);
>-
>- //
>- // Append the user information to the user info table
>- //
>- CopyMem ((UINT8 *) UserInfoTable + UserInfoTable->Size, (UINT8 *) IdInfo,
>IdInfo->InfoSize);
>- UserInfoTable->Size += IdInfo->InfoSize;
>-
>- CopyMem ((UINT8 *) UserInfoTable + UserInfoTable->Size, (UINT8 *)
>NameInfo, NameInfo->InfoSize);
>- UserInfoTable->Size += NameInfo->InfoSize;
>-
>- Status = gBS->InstallConfigurationTable (&gEfiUserManagerProtocolGuid,
>(VOID *) UserInfoTable);
>- return Status;
>-}
>-
>-
>-/**
>- Get the user's identity type.
>-
>- The identify manager only supports the identity policy in which the
>credential
>- provider handles are connected by the operator 'AND' or 'OR'.
>-
>-
>- @param[in] User Handle of a user profile.
>- @param[out] PolicyType Point to the identity type.
>-
>- @retval EFI_SUCCESS Get user's identity type successfully.
>- @retval Others Fail to get user's identity type.
>-
>-**/
>-EFI_STATUS
>-GetIdentifyType (
>- IN EFI_USER_PROFILE_HANDLE User,
>- OUT UINT8 *PolicyType
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *IdentifyInfo;
>- UINTN TotalLen;
>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>-
>- //
>- // Get user identify policy information.
>- //
>- IdentifyInfo = NULL;
>- Status = FindUserInfoByType (User, &IdentifyInfo,
>EFI_USER_INFO_IDENTITY_POLICY_RECORD);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>- ASSERT (IdentifyInfo != NULL);
>-
>- //
>- // Search the user identify policy according to type.
>- //
>- TotalLen = 0;
>- *PolicyType = EFI_USER_INFO_IDENTITY_FALSE;
>- while (TotalLen < IdentifyInfo->InfoSize - sizeof (EFI_USER_INFO)) {
>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) ((UINT8 *) (IdentifyInfo +
>1) + TotalLen);
>- if (Identity->Type == EFI_USER_INFO_IDENTITY_AND) {
>- *PolicyType = EFI_USER_INFO_IDENTITY_AND;
>- break;
>- }
>-
>- if (Identity->Type == EFI_USER_INFO_IDENTITY_OR) {
>- *PolicyType = EFI_USER_INFO_IDENTITY_OR;
>- break;
>- }
>- TotalLen += Identity->Length;
>- }
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Identify the User by the specfied provider.
>-
>- @param[in] User Handle of a user profile.
>- @param[in] Provider Points to the identifier of credential provider.
>-
>- @retval EFI_INVALID_PARAMETER Provider is NULL.
>- @retval EFI_NOT_FOUND Fail to identify the specified user.
>- @retval EFI_SUCCESS User is identified successfully.
>-
>-**/
>-EFI_STATUS
>-IdentifyByProviderId (
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN EFI_GUID *Provider
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO_IDENTIFIER UserId;
>- UINTN Index;
>- EFI_CREDENTIAL_LOGON_FLAGS AutoLogon;
>- EFI_HII_HANDLE HiiHandle;
>- EFI_GUID FormSetId;
>- EFI_FORM_ID FormId;
>- EFI_USER_CREDENTIAL2_PROTOCOL *UserCredential;
>-
>- if (Provider == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Check the user ID identified by the specified credential provider.
>- //
>- for (Index = 0; Index < mProviderDb->Count; Index++) {
>- //
>- // Check credential provider class.
>- //
>- UserCredential = mProviderDb->Provider[Index];
>- if (CompareGuid (&UserCredential->Identifier, Provider)) {
>- Status = UserCredential->Select (UserCredential, &AutoLogon);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- if ((AutoLogon & EFI_CREDENTIAL_LOGON_FLAG_AUTO) == 0) {
>- //
>- // Get credential provider form.
>- //
>- Status = UserCredential->Form (
>- UserCredential,
>- &HiiHandle,
>- &FormSetId,
>- &FormId
>- );
>- if (!EFI_ERROR (Status)) {
>- //
>- // Send form to get user input.
>- //
>- Status = mCallbackInfo->FormBrowser2->SendForm (
>- mCallbackInfo->FormBrowser2,
>- &HiiHandle,
>- 1,
>- &FormSetId,
>- FormId,
>- NULL,
>- NULL
>- );
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>- }
>- }
>-
>- Status = UserCredential->User (UserCredential, User, &UserId);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- Status = UserCredential->Deselect (UserCredential);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- return EFI_SUCCESS;
>- }
>- }
>-
>- return EFI_NOT_FOUND;
>-}
>-
>-
>-/**
>- Update user information when user is logon on successfully.
>-
>- @param[in] User Points to user profile.
>-
>- @retval EFI_SUCCESS Update user information successfully.
>- @retval Others Fail to update user information.
>-
>-**/
>-EFI_STATUS
>-UpdateUserInfo (
>- IN USER_PROFILE_ENTRY *User
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *Info;
>- EFI_USER_INFO *NewInfo;
>- EFI_USER_INFO_CREATE_DATE Date;
>- EFI_USER_INFO_USAGE_COUNT UsageCount;
>- UINTN InfoLen;
>-
>- //
>- // Allocate a buffer to update user's date record and usage record.
>- //
>- InfoLen = MAX (sizeof (EFI_USER_INFO_CREATE_DATE), sizeof
>(EFI_USER_INFO_USAGE_COUNT));
>- Info = AllocateZeroPool (sizeof (EFI_USER_INFO) + InfoLen);
>- if (Info == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- //
>- // Check create date record.
>- //
>- NewInfo = NULL;
>- Status = FindUserInfoByType (User, &NewInfo,
>EFI_USER_INFO_CREATE_DATE_RECORD);
>- if (Status == EFI_NOT_FOUND) {
>- Info->InfoType = EFI_USER_INFO_CREATE_DATE_RECORD;
>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
>- Info->InfoSize = sizeof (EFI_USER_INFO) + sizeof
>(EFI_USER_INFO_CREATE_DATE);
>- Status = gRT->GetTime (&Date, NULL);
>- if (EFI_ERROR (Status)) {
>- FreePool (Info);
>- return Status;
>- }
>-
>- CopyMem ((UINT8 *) (Info + 1), &Date, sizeof
>(EFI_USER_INFO_CREATE_DATE));
>- NewInfo = NULL;
>- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
>- if (EFI_ERROR (Status)) {
>- FreePool (Info);
>- return Status;
>- }
>- }
>-
>- //
>- // Update usage date record.
>- //
>- NewInfo = NULL;
>- Status = FindUserInfoByType (User, &NewInfo,
>EFI_USER_INFO_USAGE_DATE_RECORD);
>- if ((Status == EFI_SUCCESS) || (Status == EFI_NOT_FOUND)) {
>- Info->InfoType = EFI_USER_INFO_USAGE_DATE_RECORD;
>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
>- Info->InfoSize = sizeof (EFI_USER_INFO) + sizeof
>(EFI_USER_INFO_USAGE_DATE);
>- Status = gRT->GetTime (&Date, NULL);
>- if (EFI_ERROR (Status)) {
>- FreePool (Info);
>- return Status;
>- }
>-
>- CopyMem ((UINT8 *) (Info + 1), &Date, sizeof
>(EFI_USER_INFO_USAGE_DATE));
>- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
>- if (EFI_ERROR (Status)) {
>- FreePool (Info);
>- return Status;
>- }
>- }
>-
>- //
>- // Update usage count record.
>- //
>- UsageCount = 0;
>- NewInfo = NULL;
>- Status = FindUserInfoByType (User, &NewInfo,
>EFI_USER_INFO_USAGE_COUNT_RECORD);
>- //
>- // Get usage count.
>- //
>- if (Status == EFI_SUCCESS) {
>- CopyMem (&UsageCount, (UINT8 *) (NewInfo + 1), sizeof
>(EFI_USER_INFO_USAGE_COUNT));
>- }
>-
>- UsageCount++;
>- if ((Status == EFI_SUCCESS) || (Status == EFI_NOT_FOUND)) {
>- Info->InfoType = EFI_USER_INFO_USAGE_COUNT_RECORD;
>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
>- Info->InfoSize = sizeof (EFI_USER_INFO) + sizeof
>(EFI_USER_INFO_USAGE_COUNT);
>- CopyMem ((UINT8 *) (Info + 1), &UsageCount, sizeof
>(EFI_USER_INFO_USAGE_COUNT));
>- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
>- if (EFI_ERROR (Status)) {
>- FreePool (Info);
>- return Status;
>- }
>- }
>-
>- FreePool (Info);
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Add a credenetial provider item in form.
>-
>- @param[in] ProviderGuid Points to the identifir of credential provider.
>- @param[in] OpCodeHandle Points to container for dynamic created
>opcodes.
>-
>-**/
>-VOID
>-AddProviderSelection (
>- IN EFI_GUID *ProviderGuid,
>- IN VOID *OpCodeHandle
>- )
>-{
>- EFI_HII_HANDLE HiiHandle;
>- EFI_STRING_ID ProvID;
>- CHAR16 *ProvStr;
>- UINTN Index;
>- EFI_USER_CREDENTIAL2_PROTOCOL *UserCredential;
>-
>- for (Index = 0; Index < mProviderDb->Count; Index++) {
>- UserCredential = mProviderDb->Provider[Index];
>- if (CompareGuid (&UserCredential->Identifier, ProviderGuid)) {
>- //
>- // Add credential provider selection.
>- //
>- UserCredential->Title (UserCredential, &HiiHandle, &ProvID);
>- ProvStr = HiiGetString (HiiHandle, ProvID, NULL);
>- if (ProvStr == NULL) {
>- continue ;
>- }
>- ProvID = HiiSetString (mCallbackInfo->HiiHandle, 0, ProvStr, NULL);
>- FreePool (ProvStr);
>- HiiCreateActionOpCode (
>- OpCodeHandle, // Container for dynamic created opcodes
>- (EFI_QUESTION_ID)(LABEL_PROVIDER_NAME + Index), // Question ID
>- ProvID, // Prompt text
>- STRING_TOKEN (STR_NULL_STRING), // Help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- 0 // Action String ID
>- );
>- break;
>- }
>- }
>-}
>-
>-
>-/**
>- Add a username item in form.
>-
>- @param[in] Index The index of the user in the user name list.
>- @param[in] User Points to the user profile whose username is added.
>- @param[in] OpCodeHandle Points to container for dynamic created
>opcodes.
>-
>- @retval EFI_SUCCESS Add a username successfully.
>- @retval Others Fail to add a username.
>-
>-**/
>-EFI_STATUS
>-AddUserSelection (
>- IN UINT16 Index,
>- IN USER_PROFILE_ENTRY *User,
>- IN VOID *OpCodeHandle
>- )
>-{
>- EFI_STRING_ID UserName;
>- EFI_STATUS Status;
>- EFI_USER_INFO *UserInfo;
>-
>- UserInfo = NULL;
>- Status = FindUserInfoByType (User, &UserInfo,
>EFI_USER_INFO_NAME_RECORD);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Add user name selection.
>- //
>- UserName = HiiSetString (mCallbackInfo->HiiHandle, 0, (EFI_STRING)
>(UserInfo + 1), NULL);
>- if (UserName == 0) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- HiiCreateGotoOpCode (
>- OpCodeHandle, // Container for dynamic created opcodes
>- FORMID_PROVIDER_FORM, // Target Form ID
>- UserName, // Prompt text
>- STRING_TOKEN (STR_NULL_STRING), // Help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- (UINT16) Index // Question ID
>- );
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Identify the user whose identity policy does not contain the operator 'OR'.
>-
>- @param[in] User Points to the user profile.
>-
>- @retval EFI_SUCCESS The specified user is identified successfully.
>- @retval Others Fail to identify the user.
>-
>-**/
>-EFI_STATUS
>-IdentifyAndTypeUser (
>- IN USER_PROFILE_ENTRY *User
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *IdentifyInfo;
>- BOOLEAN Success;
>- UINTN TotalLen;
>- UINTN ValueLen;
>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>-
>- //
>- // Get user identify policy information.
>- //
>- IdentifyInfo = NULL;
>- Status = FindUserInfoByType (User, &IdentifyInfo,
>EFI_USER_INFO_IDENTITY_POLICY_RECORD);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>- ASSERT (IdentifyInfo != NULL);
>-
>- //
>- // Check each part of identification policy expression.
>- //
>- Success = FALSE;
>- TotalLen = 0;
>- while (TotalLen < IdentifyInfo->InfoSize - sizeof (EFI_USER_INFO)) {
>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) ((UINT8 *) (IdentifyInfo +
>1) + TotalLen);
>- ValueLen = Identity->Length - sizeof (EFI_USER_INFO_IDENTITY_POLICY);
>- switch (Identity->Type) {
>-
>- case EFI_USER_INFO_IDENTITY_FALSE:
>- //
>- // Check False option.
>- //
>- Success = FALSE;
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_TRUE:
>- //
>- // Check True option.
>- //
>- Success = TRUE;
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_NOT:
>- //
>- // Check negative operation.
>- //
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_AND:
>- //
>- // Check and operation.
>- //
>- if (!Success) {
>- return EFI_NOT_READY;
>- }
>-
>- Success = FALSE;
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_OR:
>- //
>- // Check or operation.
>- //
>- if (Success) {
>- return EFI_SUCCESS;
>- }
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_CREDENTIAL_TYPE:
>- //
>- // Check credential provider by type.
>- //
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER:
>- //
>- // Check credential provider by ID.
>- //
>- if (ValueLen != sizeof (EFI_GUID)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- Status = IdentifyByProviderId (User, (EFI_GUID *) (Identity + 1));
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- Success = TRUE;
>- break;
>-
>- default:
>- return EFI_INVALID_PARAMETER;
>- break;
>- }
>-
>- TotalLen += Identity->Length;
>- }
>-
>- if (TotalLen != IdentifyInfo->InfoSize - sizeof (EFI_USER_INFO)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if (!Success) {
>- return EFI_NOT_READY;
>- }
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Identify the user whose identity policy does not contain the operator 'AND'.
>-
>- @param[in] User Points to the user profile.
>-
>- @retval EFI_SUCCESS The specified user is identified successfully.
>- @retval Others Fail to identify the user.
>-
>-**/
>-EFI_STATUS
>-IdentifyOrTypeUser (
>- IN USER_PROFILE_ENTRY *User
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *IdentifyInfo;
>- UINTN TotalLen;
>- UINTN ValueLen;
>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>- VOID *StartOpCodeHandle;
>- VOID *EndOpCodeHandle;
>- EFI_IFR_GUID_LABEL *StartLabel;
>- EFI_IFR_GUID_LABEL *EndLabel;
>-
>- //
>- // Get user identify policy information.
>- //
>- IdentifyInfo = NULL;
>- Status = FindUserInfoByType (User, &IdentifyInfo,
>EFI_USER_INFO_IDENTITY_POLICY_RECORD);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>- ASSERT (IdentifyInfo != NULL);
>-
>- //
>- // Initialize the container for dynamic opcodes.
>- //
>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (StartOpCodeHandle != NULL);
>-
>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (EndOpCodeHandle != NULL);
>-
>- //
>- // Create Hii Extend Label OpCode.
>- //
>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- StartOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- StartLabel->Number = LABEL_PROVIDER_NAME;
>-
>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- EndOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- EndLabel->Number = LABEL_END;
>-
>- //
>- // Add the providers that exists in the user's policy.
>- //
>- TotalLen = 0;
>- while (TotalLen < IdentifyInfo->InfoSize - sizeof (EFI_USER_INFO)) {
>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) ((UINT8 *) (IdentifyInfo +
>1) + TotalLen);
>- ValueLen = Identity->Length - sizeof (EFI_USER_INFO_IDENTITY_POLICY);
>- if (Identity->Type == EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER) {
>- AddProviderSelection ((EFI_GUID *) (Identity + 1), StartOpCodeHandle);
>- }
>-
>- TotalLen += Identity->Length;
>- }
>-
>- HiiUpdateForm (
>- mCallbackInfo->HiiHandle, // HII handle
>- &gUserIdentifyManagerGuid,// Formset GUID
>- FORMID_PROVIDER_FORM, // Form ID
>- StartOpCodeHandle, // Label for where to insert opcodes
>- EndOpCodeHandle // Replace data
>- );
>-
>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- This function processes the results of changes in configuration.
>-
>- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
>- @param Action Specifies the type of action taken by the browser.
>- @param QuestionId A unique value which is sent to the original
>- exporting driver so that it can identify the type
>- of data to expect.
>- @param Type The type of value for the question.
>- @param Value A pointer to the data being sent to the original
>- exporting driver.
>- @param ActionRequest On return, points to the action requested by
>the
>- callback function.
>-
>- @retval EFI_SUCCESS The callback successfully handled the action.
>- @retval Others Fail to handle the action.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserIdentifyManagerCallback (
>- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
>- IN EFI_BROWSER_ACTION Action,
>- IN EFI_QUESTION_ID QuestionId,
>- IN UINT8 Type,
>- IN EFI_IFR_TYPE_VALUE *Value,
>- OUT EFI_BROWSER_ACTION_REQUEST *ActionRequest
>- )
>-{
>- EFI_STATUS Status;
>- USER_PROFILE_ENTRY *User;
>- UINT8 PolicyType;
>- UINT16 Index;
>- VOID *StartOpCodeHandle;
>- VOID *EndOpCodeHandle;
>- EFI_IFR_GUID_LABEL *StartLabel;
>- EFI_IFR_GUID_LABEL *EndLabel;
>-
>- Status = EFI_SUCCESS;
>-
>- switch (Action) {
>- case EFI_BROWSER_ACTION_FORM_OPEN:
>- {
>- //
>- // Update user Form when user Form is opened.
>- // This will be done only in FORM_OPEN CallBack of question with
>FORM_OPEN_QUESTION_ID from user Form.
>- //
>- if (QuestionId != FORM_OPEN_QUESTION_ID) {
>- return EFI_SUCCESS;
>- }
>-
>- //
>- // Initialize the container for dynamic opcodes.
>- //
>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (StartOpCodeHandle != NULL);
>-
>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (EndOpCodeHandle != NULL);
>-
>- //
>- // Create Hii Extend Label OpCode.
>- //
>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- StartOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- StartLabel->Number = LABEL_USER_NAME;
>-
>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- EndOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- EndLabel->Number = LABEL_END;
>-
>- //
>- // Add all the user profile in the user profile database.
>- //
>- for (Index = 0; Index < mUserProfileDb->UserProfileNum; Index++) {
>- User = (USER_PROFILE_ENTRY *) mUserProfileDb->UserProfile[Index];
>- AddUserSelection ((UINT16)(LABEL_USER_NAME + Index), User,
>StartOpCodeHandle);
>- }
>-
>- HiiUpdateForm (
>- mCallbackInfo->HiiHandle, // HII handle
>- &gUserIdentifyManagerGuid,// Formset GUID
>- FORMID_USER_FORM, // Form ID
>- StartOpCodeHandle, // Label for where to insert opcodes
>- EndOpCodeHandle // Replace data
>- );
>-
>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>-
>- return EFI_SUCCESS;
>- }
>- break;
>-
>- case EFI_BROWSER_ACTION_FORM_CLOSE:
>- Status = EFI_SUCCESS;
>- break;
>-
>- case EFI_BROWSER_ACTION_CHANGED:
>- if (QuestionId >= LABEL_PROVIDER_NAME) {
>- //
>- // QuestionId comes from the second Form (Select a Credential Provider if
>identity
>- // policy is OR type). Identify the user by the selected provider.
>- //
>- Status = IdentifyByProviderId (mCurrentUser, &mProviderDb-
>>Provider[QuestionId & 0xFFF]->Identifier);
>- if (Status == EFI_SUCCESS) {
>- mIdentified = TRUE;
>- *ActionRequest = EFI_BROWSER_ACTION_REQUEST_EXIT;
>- }
>- return EFI_SUCCESS;
>- }
>- break;
>-
>- case EFI_BROWSER_ACTION_CHANGING:
>- //
>- // QuestionId comes from the first Form (Select a user to identify).
>- //
>- if (QuestionId >= LABEL_PROVIDER_NAME) {
>- return EFI_SUCCESS;
>- }
>-
>- User = (USER_PROFILE_ENTRY *) mUserProfileDb-
>>UserProfile[QuestionId & 0xFFF];
>- Status = GetIdentifyType (User, &PolicyType);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- if (PolicyType == EFI_USER_INFO_IDENTITY_OR) {
>- //
>- // Identify the user by "OR" logical.
>- //
>- Status = IdentifyOrTypeUser (User);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- mCurrentUser = (EFI_USER_PROFILE_HANDLE) User;
>- } else {
>- //
>- // Identify the user by "AND" logical.
>- //
>- Status = IdentifyAndTypeUser (User);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- mCurrentUser = (EFI_USER_PROFILE_HANDLE) User;
>- mIdentified = TRUE;
>- if (Type == EFI_IFR_TYPE_REF) {
>- Value->ref.FormId = FORMID_INVALID_FORM;
>- }
>- }
>- break;
>-
>- default:
>- //
>- // All other action return unsupported.
>- //
>- Status = EFI_UNSUPPORTED;
>- break;
>- }
>-
>-
>- return Status;
>-}
>-
>-
>-/**
>- This function construct user profile database from user data saved in the
>Flash.
>- If no user is found in Flash, add one default user "administrator" in the user
>- profile database.
>-
>- @retval EFI_SUCCESS Init user profile database successfully.
>- @retval Others Fail to init user profile database.
>-
>-**/
>-EFI_STATUS
>-InitUserProfileDb (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- UINT8 *VarData;
>- UINTN VarSize;
>- UINTN CurVarSize;
>- CHAR16 VarName[10];
>- UINTN Index;
>- UINT32 VarAttr;
>-
>- if (mUserProfileDb != NULL) {
>- //
>- // The user profiles had been already initialized.
>- //
>- return EFI_SUCCESS;
>- }
>-
>- //
>- // Init user profile database structure.
>- //
>- if (!ExpandUsermUserProfileDb ()) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- CurVarSize = DEFAULT_PROFILE_SIZE;
>- VarData = AllocateZeroPool (CurVarSize);
>- if (VarData == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- //
>- // Get all user proifle entries.
>- //
>- Index = 0;
>- while (TRUE) {
>- //
>- // Get variable name.
>- //
>- UnicodeSPrint (
>- VarName,
>- sizeof (VarName),
>- L"User%04x",
>- Index
>- );
>- Index++;
>-
>- //
>- // Get variable value.
>- //
>- VarSize = CurVarSize;
>- Status = gRT->GetVariable (VarName, &gUserIdentifyManagerGuid,
>&VarAttr, &VarSize, VarData);
>- if (Status == EFI_BUFFER_TOO_SMALL) {
>- FreePool (VarData);
>- VarData = AllocatePool (VarSize);
>- if (VarData == NULL) {
>- Status = EFI_OUT_OF_RESOURCES;
>- break;
>- }
>-
>- CurVarSize = VarSize;
>- Status = gRT->GetVariable (VarName, &gUserIdentifyManagerGuid,
>&VarAttr, &VarSize, VarData);
>- }
>-
>- if (EFI_ERROR (Status)) {
>- if (Status == EFI_NOT_FOUND) {
>- Status = EFI_SUCCESS;
>- }
>- break;
>- }
>-
>- //
>- // Check variable attributes.
>- //
>- if (VarAttr != (EFI_VARIABLE_NON_VOLATILE |
>EFI_VARIABLE_BOOTSERVICE_ACCESS)) {
>- Status = gRT->SetVariable (VarName, &gUserIdentifyManagerGuid,
>VarAttr, 0, NULL);
>- continue;
>- }
>-
>- //
>- // Add user profile to the user profile database.
>- //
>- Status = AddUserProfile (NULL, VarSize, VarData, FALSE);
>- if (EFI_ERROR (Status)) {
>- if (Status == EFI_SECURITY_VIOLATION) {
>- //
>- // Delete invalid user profile
>- //
>- gRT->SetVariable (VarName, &gUserIdentifyManagerGuid, VarAttr, 0,
>NULL);
>- } else if (Status == EFI_OUT_OF_RESOURCES) {
>- break;
>- }
>- } else {
>- //
>- // Delete and save the profile again if some invalid profiles are deleted.
>- //
>- if (mUserProfileDb->UserProfileNum < Index) {
>- gRT->SetVariable (VarName, &gUserIdentifyManagerGuid, VarAttr, 0,
>NULL);
>- SaveNvUserProfile (mUserProfileDb->UserProfile[mUserProfileDb-
>>UserProfileNum - 1], FALSE);
>- }
>- }
>- }
>-
>- if (VarData != NULL) {
>- FreePool (VarData);
>- }
>-
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Check whether the user profile database is empty.
>- //
>- if (mUserProfileDb->UserProfileNum == 0) {
>- Status = AddDefaultUserProfile ();
>- }
>-
>- return Status;
>-}
>-
>-
>-/**
>- This function collects all the credential providers and saves to mProviderDb.
>-
>- @retval EFI_SUCCESS Collect credential providers successfully.
>- @retval Others Fail to collect credential providers.
>-
>-**/
>-EFI_STATUS
>-InitProviderInfo (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- UINTN HandleCount;
>- EFI_HANDLE *HandleBuf;
>- UINTN Index;
>-
>- if (mProviderDb != NULL) {
>- //
>- // The credential providers had been collected before.
>- //
>- return EFI_SUCCESS;
>- }
>-
>- //
>- // Try to find all the user credential provider driver.
>- //
>- HandleCount = 0;
>- HandleBuf = NULL;
>- Status = gBS->LocateHandleBuffer (
>- ByProtocol,
>- &gEfiUserCredential2ProtocolGuid,
>- NULL,
>- &HandleCount,
>- &HandleBuf
>- );
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Get provider infomation.
>- //
>- mProviderDb = AllocateZeroPool (
>- sizeof (CREDENTIAL_PROVIDER_INFO) -
>- sizeof (EFI_USER_CREDENTIAL2_PROTOCOL *) +
>- HandleCount * sizeof (EFI_USER_CREDENTIAL2_PROTOCOL *)
>- );
>- if (mProviderDb == NULL) {
>- FreePool (HandleBuf);
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- mProviderDb->Count = HandleCount;
>- for (Index = 0; Index < HandleCount; Index++) {
>- Status = gBS->HandleProtocol (
>- HandleBuf[Index],
>- &gEfiUserCredential2ProtocolGuid,
>- (VOID **) &mProviderDb->Provider[Index]
>- );
>- if (EFI_ERROR (Status)) {
>- FreePool (HandleBuf);
>- FreePool (mProviderDb);
>- mProviderDb = NULL;
>- return Status;
>- }
>- }
>-
>- FreePool (HandleBuf);
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- This function allows a caller to extract the current configuration for one
>- or more named elements from the target driver.
>-
>-
>- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
>- @param Request A null-terminated Unicode string in <ConfigRequest>
>format.
>- @param Progress On return, points to a character in the Request string.
>- Points to the string's null terminator if request was successful.
>- Points to the most recent '&' before the first failing name/value
>- pair (or the beginning of the string if the failure is in the
>- first name/value pair) if the request was not successful.
>- @param Results A null-terminated Unicode string in <ConfigAltResp>
>format which
>- has all values filled in for the names in the Request string.
>- String to be allocated by the called function.
>-
>- @retval EFI_SUCCESS The Results is filled with the requested values.
>- @retval EFI_OUT_OF_RESOURCES Not enough memory to store the
>results.
>- @retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown
>name.
>- @retval EFI_NOT_FOUND Routing data doesn't match any storage in
>this driver.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-FakeExtractConfig (
>- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
>- IN CONST EFI_STRING Request,
>- OUT EFI_STRING *Progress,
>- OUT EFI_STRING *Results
>- )
>-{
>- if (Progress == NULL || Results == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>- *Progress = Request;
>- return EFI_NOT_FOUND;
>-}
>-
>-/**
>- This function processes the results of changes in configuration.
>-
>-
>- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
>- @param Configuration A null-terminated Unicode string in <ConfigResp>
>format.
>- @param Progress A pointer to a string filled in with the offset of the
>most
>- recent '&' before the first failing name/value pair (or the
>- beginning of the string if the failure is in the first
>- name/value pair) or the terminating NULL if all was successful.
>-
>- @retval EFI_SUCCESS The Results is processed successfully.
>- @retval EFI_INVALID_PARAMETER Configuration is NULL.
>- @retval EFI_NOT_FOUND Routing data doesn't match any storage in
>this driver.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-FakeRouteConfig (
>- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
>- IN CONST EFI_STRING Configuration,
>- OUT EFI_STRING *Progress
>- )
>-{
>- if (Configuration == NULL || Progress == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- *Progress = Configuration;
>-
>- return EFI_NOT_FOUND;
>-}
>-
>-
>-/**
>- This function initialize the data mainly used in form browser.
>-
>- @retval EFI_SUCCESS Initialize form data successfully.
>- @retval Others Fail to Initialize form data.
>-
>-**/
>-EFI_STATUS
>-InitFormBrowser (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- USER_MANAGER_CALLBACK_INFO *CallbackInfo;
>- EFI_HII_DATABASE_PROTOCOL *HiiDatabase;
>- EFI_HII_STRING_PROTOCOL *HiiString;
>- EFI_FORM_BROWSER2_PROTOCOL *FormBrowser2;
>-
>- //
>- // Initialize driver private data.
>- //
>- CallbackInfo = AllocateZeroPool (sizeof
>(USER_MANAGER_CALLBACK_INFO));
>- if (CallbackInfo == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- CallbackInfo->Signature = USER_MANAGER_SIGNATURE;
>- CallbackInfo->ConfigAccess.ExtractConfig = FakeExtractConfig;
>- CallbackInfo->ConfigAccess.RouteConfig = FakeRouteConfig;
>- CallbackInfo->ConfigAccess.Callback = UserIdentifyManagerCallback;
>-
>- //
>- // Locate Hii Database protocol.
>- //
>- Status = gBS->LocateProtocol (&gEfiHiiDatabaseProtocolGuid, NULL, (VOID
>**) &HiiDatabase);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>- CallbackInfo->HiiDatabase = HiiDatabase;
>-
>- //
>- // Locate HiiString protocol.
>- //
>- Status = gBS->LocateProtocol (&gEfiHiiStringProtocolGuid, NULL, (VOID **)
>&HiiString);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>- CallbackInfo->HiiString = HiiString;
>-
>- //
>- // Locate Formbrowser2 protocol.
>- //
>- Status = gBS->LocateProtocol (&gEfiFormBrowser2ProtocolGuid, NULL,
>(VOID **) &FormBrowser2);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- CallbackInfo->FormBrowser2 = FormBrowser2;
>- CallbackInfo->DriverHandle = NULL;
>-
>- //
>- // Install Device Path Protocol and Config Access protocol to driver handle.
>- //
>- Status = gBS->InstallMultipleProtocolInterfaces (
>- &CallbackInfo->DriverHandle,
>- &gEfiDevicePathProtocolGuid,
>- &mHiiVendorDevicePath,
>- &gEfiHiiConfigAccessProtocolGuid,
>- &CallbackInfo->ConfigAccess,
>- NULL
>- );
>- ASSERT_EFI_ERROR (Status);
>-
>- //
>- // Publish HII data.
>- //
>- CallbackInfo->HiiHandle = HiiAddPackages (
>- &gUserIdentifyManagerGuid,
>- CallbackInfo->DriverHandle,
>- UserIdentifyManagerStrings,
>- UserIdentifyManagerVfrBin,
>- NULL
>- );
>- if (CallbackInfo->HiiHandle == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- mCallbackInfo = CallbackInfo;
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Identify the user whose identification policy supports auto logon.
>-
>- @param[in] ProviderIndex The provider index in the provider list.
>- @param[out] User Points to user user profile if a user is identified
>successfully.
>-
>- @retval EFI_SUCCESS Identify a user with the specified provider
>successfully.
>- @retval Others Fail to identify a user.
>-
>-**/
>-EFI_STATUS
>-IdentifyAutoLogonUser (
>- IN UINTN ProviderIndex,
>- OUT USER_PROFILE_ENTRY **User
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *Info;
>- UINT8 PolicyType;
>-
>- Info = AllocateZeroPool (sizeof (EFI_USER_INFO) + sizeof
>(EFI_USER_INFO_IDENTIFIER));
>- if (Info == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- Info->InfoType = EFI_USER_INFO_IDENTIFIER_RECORD;
>- Info->InfoSize = sizeof (EFI_USER_INFO) + sizeof
>(EFI_USER_INFO_IDENTIFIER);
>-
>- //
>- // Identify the specified credential provider's auto logon user.
>- //
>- Status = mProviderDb->Provider[ProviderIndex]->User (
>- mProviderDb->Provider[ProviderIndex],
>- NULL,
>- (EFI_USER_INFO_IDENTIFIER *) (Info + 1)
>- );
>- if (EFI_ERROR (Status)) {
>- FreePool (Info);
>- return Status;
>- }
>-
>- //
>- // Find user with the specified user ID.
>- //
>- *User = NULL;
>- Status = FindUserProfileByInfo (User, NULL, Info, Info->InfoSize);
>- FreePool (Info);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- Status = GetIdentifyType ((EFI_USER_PROFILE_HANDLE) * User,
>&PolicyType);
>- if (PolicyType == EFI_USER_INFO_IDENTITY_AND) {
>- //
>- // The identified user need also identified by other credential provider.
>- // This can handle through select user.
>- //
>- return EFI_NOT_READY;
>- }
>-
>- return Status;
>-}
>-
>-
>-/**
>- Check whether the given console is ready.
>-
>- @param[in] ProtocolGuid Points to the protocol guid of sonsole .
>-
>- @retval TRUE The given console is ready.
>- @retval FALSE The given console is not ready.
>-
>-**/
>-BOOLEAN
>-CheckConsole (
>- EFI_GUID *ProtocolGuid
>- )
>-{
>- EFI_STATUS Status;
>- UINTN HandleCount;
>- EFI_HANDLE *HandleBuf;
>- UINTN Index;
>- EFI_DEVICE_PATH_PROTOCOL *DevicePath;
>-
>- //
>- // Try to find all the handle driver.
>- //
>- HandleCount = 0;
>- HandleBuf = NULL;
>- Status = gBS->LocateHandleBuffer (
>- ByProtocol,
>- ProtocolGuid,
>- NULL,
>- &HandleCount,
>- &HandleBuf
>- );
>- if (EFI_ERROR (Status)) {
>- return FALSE;
>- }
>-
>- for (Index = 0; Index < HandleCount; Index++) {
>- DevicePath = DevicePathFromHandle (HandleBuf[Index]);
>- if (DevicePath != NULL) {
>- FreePool (HandleBuf);
>- return TRUE;
>- }
>- }
>- FreePool (HandleBuf);
>- return FALSE;
>-}
>-
>-
>-/**
>- Check whether the console is ready.
>-
>- @retval TRUE The console is ready.
>- @retval FALSE The console is not ready.
>-
>-**/
>-BOOLEAN
>-IsConsoleReady (
>- VOID
>- )
>-{
>- if (!CheckConsole (&gEfiSimpleTextOutProtocolGuid)) {
>- return FALSE;
>- }
>-
>- if (!CheckConsole (&gEfiSimpleTextInProtocolGuid)) {
>- if (!CheckConsole (&gEfiSimpleTextInputExProtocolGuid)) {
>- return FALSE;
>- }
>- }
>-
>- return TRUE;
>-}
>-
>-
>-/**
>- Identify a user to logon.
>-
>- @param[out] User Points to user user profile if a user is identified
>successfully.
>-
>- @retval EFI_SUCCESS Identify a user successfully.
>-
>-**/
>-EFI_STATUS
>-IdentifyUser (
>- OUT USER_PROFILE_ENTRY **User
>- )
>-{
>- EFI_STATUS Status;
>- UINTN Index;
>- EFI_CREDENTIAL_LOGON_FLAGS AutoLogon;
>- EFI_USER_INFO *IdentifyInfo;
>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>- EFI_USER_CREDENTIAL2_PROTOCOL *UserCredential;
>- USER_PROFILE_ENTRY *UserEntry;
>-
>- //
>- // Initialize credential providers.
>- //
>- InitProviderInfo ();
>-
>- //
>- // Initialize user profile database.
>- //
>- InitUserProfileDb ();
>-
>- //
>- // If only one user in system, and its identify policy is TRUE, then auto logon.
>- //
>- if (mUserProfileDb->UserProfileNum == 1) {
>- UserEntry = (USER_PROFILE_ENTRY *) mUserProfileDb->UserProfile[0];
>- IdentifyInfo = NULL;
>- Status = FindUserInfoByType (UserEntry, &IdentifyInfo,
>EFI_USER_INFO_IDENTITY_POLICY_RECORD);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>- ASSERT (IdentifyInfo != NULL);
>-
>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) ((UINT8 *) (IdentifyInfo +
>1));
>- if (Identity->Type == EFI_USER_INFO_IDENTITY_TRUE) {
>- mCurrentUser = (EFI_USER_PROFILE_HANDLE) UserEntry;
>- UpdateUserInfo (UserEntry);
>- *User = UserEntry;
>- return EFI_SUCCESS;
>- }
>- }
>-
>- //
>- // Find and login the default & AutoLogon user.
>- //
>- for (Index = 0; Index < mProviderDb->Count; Index++) {
>- UserCredential = mProviderDb->Provider[Index];
>- Status = UserCredential->Default (UserCredential, &AutoLogon);
>- if (EFI_ERROR (Status)) {
>- continue;
>- }
>-
>- if ((AutoLogon & (EFI_CREDENTIAL_LOGON_FLAG_DEFAULT |
>EFI_CREDENTIAL_LOGON_FLAG_AUTO)) != 0) {
>- Status = IdentifyAutoLogonUser (Index, &UserEntry);
>- if (Status == EFI_SUCCESS) {
>- mCurrentUser = (EFI_USER_PROFILE_HANDLE) UserEntry;
>- UpdateUserInfo (UserEntry);
>- *User = UserEntry;
>- return EFI_SUCCESS;
>- }
>- }
>- }
>-
>- if (!IsConsoleReady ()) {
>- //
>- // The console is still not ready for user selection.
>- //
>- return EFI_ACCESS_DENIED;
>- }
>-
>- //
>- // Select a user and identify it.
>- //
>- mCallbackInfo->FormBrowser2->SendForm (
>- mCallbackInfo->FormBrowser2,
>- &mCallbackInfo->HiiHandle,
>- 1,
>- &gUserIdentifyManagerGuid,
>- 0,
>- NULL,
>- NULL
>- );
>-
>- if (mIdentified) {
>- *User = (USER_PROFILE_ENTRY *) mCurrentUser;
>- UpdateUserInfo (*User);
>- return EFI_SUCCESS;
>- }
>-
>- return EFI_ACCESS_DENIED;
>-}
>-
>-
>-/**
>- An empty function to pass error checking of CreateEventEx ().
>-
>- @param Event Event whose notification function is being invoked.
>- @param Context Pointer to the notification function's context,
>- which is implementation-dependent.
>-
>-**/
>-VOID
>-EFIAPI
>-InternalEmptyFuntion (
>- IN EFI_EVENT Event,
>- IN VOID *Context
>- )
>-{
>-}
>-
>-
>-/**
>- Create, Signal, and Close the User Profile Changed event.
>-
>-**/
>-VOID
>-SignalEventUserProfileChanged (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- EFI_EVENT Event;
>-
>- Status = gBS->CreateEventEx (
>- EVT_NOTIFY_SIGNAL,
>- TPL_CALLBACK,
>- InternalEmptyFuntion,
>- NULL,
>- &gEfiEventUserProfileChangedGuid,
>- &Event
>- );
>- ASSERT_EFI_ERROR (Status);
>- gBS->SignalEvent (Event);
>- gBS->CloseEvent (Event);
>-}
>-
>-
>-/**
>- Create a new user profile.
>-
>- This function creates a new user profile with only a new user identifier
>attached and returns
>- its handle. The user profile is non-volatile, but the handle User can change
>across reboots.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_MANAGER_PROTOCOL.
>- @param[out] User On return, points to the new user profile handle.
>- The user profile handle is unique only during this boot.
>-
>- @retval EFI_SUCCESS User profile was successfully created.
>- @retval EFI_ACCESS_DENIED Current user does not have sufficient
>permissions to create a
>- user profile.
>- @retval EFI_UNSUPPORTED Creation of new user profiles is not
>supported.
>- @retval EFI_INVALID_PARAMETER The User parameter is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileCreate (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- OUT EFI_USER_PROFILE_HANDLE *User
>- )
>-{
>- EFI_STATUS Status;
>-
>- if ((This == NULL) || (User == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Check the right of the current user.
>- //
>- if (!CheckCurrentUserAccessRight (EFI_USER_INFO_ACCESS_MANAGE)) {
>- if (!CheckCurrentUserAccessRight
>(EFI_USER_INFO_ACCESS_ENROLL_OTHERS)) {
>- return EFI_ACCESS_DENIED;
>- }
>- }
>-
>- //
>- // Create new user profile
>- //
>- Status = CreateUserProfile ((USER_PROFILE_ENTRY **) User);
>- if (EFI_ERROR (Status)) {
>- return EFI_ACCESS_DENIED;
>- }
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Delete an existing user profile.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_MANAGER_PROTOCOL.
>- @param[in] User User profile handle.
>-
>- @retval EFI_SUCCESS User profile was successfully deleted.
>- @retval EFI_ACCESS_DENIED Current user does not have sufficient
>permissions to delete a user
>- profile or there is only one user profile.
>- @retval EFI_UNSUPPORTED Deletion of new user profiles is not
>supported.
>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>profile.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileDelete (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User
>- )
>-{
>- EFI_STATUS Status;
>-
>- if (This == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Check the right of the current user.
>- //
>- if (!CheckCurrentUserAccessRight (EFI_USER_INFO_ACCESS_MANAGE)) {
>- return EFI_ACCESS_DENIED;
>- }
>-
>- //
>- // Delete user profile.
>- //
>- Status = DelUserProfile (User);
>- if (EFI_ERROR (Status)) {
>- if (Status != EFI_INVALID_PARAMETER) {
>- return EFI_ACCESS_DENIED;
>- }
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Enumerate all of the enrolled users on the platform.
>-
>- This function returns the next enrolled user profile. To retrieve the first user
>profile handle,
>- point User at a NULL. Each subsequent call will retrieve another user profile
>handle until there
>- are no more, at which point User will point to NULL.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_MANAGER_PROTOCOL.
>- @param[in, out] User On entry, points to the previous user profile
>handle or NULL to
>- start enumeration. On exit, points to the next user profile
>handle
>- or NULL if there are no more user profiles.
>-
>- @retval EFI_SUCCESS Next enrolled user profile successfully returned.
>- @retval EFI_ACCESS_DENIED Next enrolled user profile was not
>successfully returned.
>- @retval EFI_INVALID_PARAMETER The User parameter is NULL.
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileGetNext (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN OUT EFI_USER_PROFILE_HANDLE *User
>- )
>-{
>- EFI_STATUS Status;
>-
>- if ((This == NULL) || (User == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- Status = FindUserProfile ((USER_PROFILE_ENTRY **) User, TRUE, NULL);
>- if (EFI_ERROR (Status)) {
>- return EFI_ACCESS_DENIED;
>- }
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Return the current user profile handle.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_MANAGER_PROTOCOL.
>- @param[out] CurrentUser On return, points to the current user profile
>handle.
>-
>- @retval EFI_SUCCESS Current user profile handle returned successfully.
>- @retval EFI_INVALID_PARAMETER The CurrentUser parameter is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileCurrent (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- OUT EFI_USER_PROFILE_HANDLE *CurrentUser
>- )
>-{
>- //
>- // Get current user profile.
>- //
>- if ((This == NULL) || (CurrentUser == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- *CurrentUser = mCurrentUser;
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Identify a user.
>-
>- Identify the user and, if authenticated, returns the user handle and changes
>the current
>- user profile. All user information marked as private in a previously selected
>profile
>- is no longer available for inspection.
>- Whenever the current user profile is changed then the an event with the
>GUID
>- EFI_EVENT_GROUP_USER_PROFILE_CHANGED is signaled.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_MANAGER_PROTOCOL.
>- @param[out] User On return, points to the user profile handle for
>the current
>- user profile.
>-
>- @retval EFI_SUCCESS User was successfully identified.
>- @retval EFI_ACCESS_DENIED User was not successfully identified.
>- @retval EFI_INVALID_PARAMETER The User parameter is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileIdentify (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- OUT EFI_USER_PROFILE_HANDLE *User
>- )
>-{
>- EFI_STATUS Status;
>-
>- if ((This == NULL) || (User == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if (mCurrentUser != NULL) {
>- *User = mCurrentUser;
>- return EFI_SUCCESS;
>- }
>-
>- //
>- // Identify user
>- //
>- Status = IdentifyUser ((USER_PROFILE_ENTRY **) User);
>- if (EFI_ERROR (Status)) {
>- return EFI_ACCESS_DENIED;
>- }
>-
>- //
>- // Publish the user info into the EFI system configuration table.
>- //
>- PublishUserTable ();
>-
>- //
>- // Signal User Profile Changed event.
>- //
>- SignalEventUserProfileChanged ();
>- return EFI_SUCCESS;
>-}
>-
>-/**
>- Find a user using a user information record.
>-
>- This function searches all user profiles for the specified user information
>record.
>- The search starts with the user information record handle following
>UserInfo and
>- continues until either the information is found or there are no more user
>profiles.
>- A match occurs when the Info.InfoType field matches the user information
>record
>- type and the user information record data matches the portion of Info.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_MANAGER_PROTOCOL.
>- @param[in, out] User On entry, points to the previously returned user
>profile
>- handle, or NULL to start searching with the first user profile.
>- On return, points to the user profile handle, or NULL if not
>- found.
>- @param[in, out] UserInfo On entry, points to the previously returned
>user information
>- handle, or NULL to start searching with the first. On return,
>- points to the user information handle of the user
>information
>- record, or NULL if not found. Can be NULL, in which case only
>- one user information record per user can be returned.
>- @param[in] Info Points to the buffer containing the user information
>to be
>- compared to the user information record. If the user
>information
>- record data is empty, then only the user information record
>type
>- is compared. If InfoSize is 0, then the user information record
>- must be empty.
>-
>- @param[in] InfoSize The size of Info, in bytes.
>-
>- @retval EFI_SUCCESS User information was found. User points to the
>user profile
>- handle, and UserInfo points to the user information handle.
>- @retval EFI_NOT_FOUND User information was not found. User points
>to NULL, and
>- UserInfo points to NULL.
>- @retval EFI_INVALID_PARAMETER User is NULL. Or Info is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileFind (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN OUT EFI_USER_PROFILE_HANDLE *User,
>- IN OUT EFI_USER_INFO_HANDLE *UserInfo OPTIONAL,
>- IN CONST EFI_USER_INFO *Info,
>- IN UINTN InfoSize
>- )
>-{
>- EFI_STATUS Status;
>- UINTN Size;
>-
>- if ((This == NULL) || (User == NULL) || (Info == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if (InfoSize == 0) {
>- //
>- // If InfoSize is 0, then the user information record must be empty.
>- //
>- if (Info->InfoSize != sizeof (EFI_USER_INFO)) {
>- return EFI_INVALID_PARAMETER;
>- }
>- } else {
>- if (InfoSize != Info->InfoSize) {
>- return EFI_INVALID_PARAMETER;
>- }
>- }
>- Size = Info->InfoSize;
>-
>- //
>- // Find user profile accdoring to user information.
>- //
>- Status = FindUserProfileByInfo (
>- (USER_PROFILE_ENTRY **) User,
>- (EFI_USER_INFO **) UserInfo,
>- (EFI_USER_INFO *) Info,
>- Size
>- );
>- if (EFI_ERROR (Status)) {
>- *User = NULL;
>- if (UserInfo != NULL) {
>- *UserInfo = NULL;
>- }
>- return EFI_NOT_FOUND;
>- }
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Return information attached to the user.
>-
>- This function returns user information. The format of the information is
>described in User
>- Information. The function may return EFI_ACCESS_DENIED if the
>information is marked private
>- and the handle specified by User is not the current user profile. The function
>may return
>- EFI_ACCESS_DENIED if the information is marked protected and the
>information is associated
>- with a credential provider for which the user has not been authenticated.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_MANAGER_PROTOCOL.
>- @param[in] User Handle of the user whose profile will be retrieved.
>- @param[in] UserInfo Handle of the user information data record.
>- @param[out] Info On entry, points to a buffer of at least *InfoSize
>bytes. On exit,
>- holds the user information. If the buffer is too small to hold
>the
>- information, then EFI_BUFFER_TOO_SMALL is returned and
>InfoSize is
>- updated to contain the number of bytes actually required.
>- @param[in, out] InfoSize On entry, points to the size of Info. On return,
>points to the size
>- of the user information.
>-
>- @retval EFI_SUCCESS Information returned successfully.
>- @retval EFI_ACCESS_DENIED The information about the specified user
>cannot be accessed by the
>- current user.
>- @retval EFI_BUFFER_TOO_SMALL The number of bytes specified by
>*InfoSize is too small to hold the
>- returned data. The actual size required is returned in
>*InfoSize.
>- @retval EFI_NOT_FOUND User does not refer to a valid user profile or
>UserInfo does not refer
>- to a valid user info handle.
>- @retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileGetInfo (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN EFI_USER_INFO_HANDLE UserInfo,
>- OUT EFI_USER_INFO *Info,
>- IN OUT UINTN *InfoSize
>- )
>-{
>- EFI_STATUS Status;
>-
>- if ((This == NULL) || (InfoSize == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if ((*InfoSize != 0) && (Info == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if ((User == NULL) || (UserInfo == NULL)) {
>- return EFI_NOT_FOUND;
>- }
>-
>- Status = GetUserInfo (User, UserInfo, Info, InfoSize, TRUE);
>- if (EFI_ERROR (Status)) {
>- if (Status == EFI_BUFFER_TOO_SMALL) {
>- return EFI_BUFFER_TOO_SMALL;
>- }
>- return EFI_ACCESS_DENIED;
>- }
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Add or update user information.
>-
>- This function changes user information. If NULL is pointed to by UserInfo,
>then a new user
>- information record is created and its handle is returned in UserInfo.
>Otherwise, the existing
>- one is replaced.
>- If EFI_USER_INFO_IDENITTY_POLICY_RECORD is changed, it is the caller's
>responsibility to keep
>- it to be synced with the information on credential providers.
>- If EFI_USER_INFO_EXCLUSIVE is specified in Info and a user information
>record of the same
>- type already exists in the user profile, then EFI_ACCESS_DENIED will be
>returned and UserInfo
>- will point to the handle of the existing record.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_MANAGER_PROTOCOL.
>- @param[in] User Handle of the user whose profile will be retrieved.
>- @param[in, out] UserInfo Handle of the user information data record.
>- @param[in] Info On entry, points to a buffer of at least *InfoSize
>bytes. On exit,
>- holds the user information. If the buffer is too small to hold
>the
>- information, then EFI_BUFFER_TOO_SMALL is returned and
>InfoSize is
>- updated to contain the number of bytes actually required.
>- @param[in] InfoSize On entry, points to the size of Info. On return,
>points to the size
>- of the user information.
>-
>- @retval EFI_SUCCESS Information returned successfully.
>- @retval EFI_ACCESS_DENIED The record is exclusive.
>- @retval EFI_SECURITY_VIOLATION The current user does not have
>permission to change the specified
>- user profile or user information record.
>- @retval EFI_NOT_FOUND User does not refer to a valid user profile or
>UserInfo does not
>- refer to a valid user info handle.
>- @retval EFI_INVALID_PARAMETER UserInfo is NULL or Info is NULL.
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileSetInfo (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN OUT EFI_USER_INFO_HANDLE *UserInfo,
>- IN CONST EFI_USER_INFO *Info,
>- IN UINTN InfoSize
>- )
>-{
>- EFI_STATUS Status;
>-
>- if ((This == NULL) || (User == NULL) || (UserInfo == NULL) || (Info == NULL))
>{
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Check the right of the current user.
>- //
>- if (User != mCurrentUser) {
>- if (!CheckCurrentUserAccessRight (EFI_USER_INFO_ACCESS_MANAGE)) {
>- if (*UserInfo != NULL) {
>- //
>- // Can't update info in other profiles without MANAGE right.
>- //
>- return EFI_SECURITY_VIOLATION;
>- }
>-
>- if (!CheckCurrentUserAccessRight
>(EFI_USER_INFO_ACCESS_ENROLL_OTHERS)) {
>- //
>- // Can't add info into other profiles.
>- //
>- return EFI_SECURITY_VIOLATION;
>- }
>- }
>- }
>-
>- if (User == mCurrentUser) {
>- if (CheckCurrentUserAccessRight (EFI_USER_INFO_ACCESS_ENROLL_SELF))
>{
>- //
>- // Only identify policy can be added/updated.
>- //
>- if (Info->InfoType != EFI_USER_INFO_IDENTITY_POLICY_RECORD) {
>- return EFI_SECURITY_VIOLATION;
>- }
>- }
>- }
>-
>- //
>- // Modify user information.
>- //
>- Status = ModifyUserInfo (User, (EFI_USER_INFO **) UserInfo, Info,
>InfoSize);
>- if (EFI_ERROR (Status)) {
>- if (Status == EFI_ACCESS_DENIED) {
>- return EFI_ACCESS_DENIED;
>- }
>- return EFI_SECURITY_VIOLATION;
>- }
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Called by credential provider to notify of information change.
>-
>- This function allows the credential provider to notify the User Identity
>Manager when user status
>- has changed.
>- If the User Identity Manager doesn't support asynchronous changes in
>credentials, then this function
>- should return EFI_UNSUPPORTED.
>- If current user does not exist, and the credential provider can identify a user,
>then make the user
>- to be current user and signal the
>EFI_EVENT_GROUP_USER_PROFILE_CHANGED event.
>- If current user already exists, and the credential provider can identify
>another user, then switch
>- current user to the newly identified user, and signal the
>EFI_EVENT_GROUP_USER_PROFILE_CHANGED event.
>- If current user was identified by this credential provider and now the
>credential provider cannot identify
>- current user, then logout current user and signal the
>EFI_EVENT_GROUP_USER_PROFILE_CHANGED event.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_MANAGER_PROTOCOL.
>- @param[in] Changed Handle on which is installed an instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL
>- where the user has changed.
>-
>- @retval EFI_SUCCESS The User Identity Manager has handled the
>notification.
>- @retval EFI_NOT_READY The function was called while the specified
>credential provider was not selected.
>- @retval EFI_UNSUPPORTED The User Identity Manager doesn't support
>asynchronous notifications.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileNotify (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN EFI_HANDLE Changed
>- )
>-{
>- return EFI_UNSUPPORTED;
>-}
>-
>-
>-/**
>- Delete user information.
>-
>- Delete the user information attached to the user profile specified by the
>UserInfo.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_MANAGER_PROTOCOL.
>- @param[in] User Handle of the user whose information will be
>deleted.
>- @param[in] UserInfo Handle of the user information to remove.
>-
>- @retval EFI_SUCCESS User information deleted successfully.
>- @retval EFI_NOT_FOUND User information record UserInfo does not
>exist in the user profile.
>- @retval EFI_ACCESS_DENIED The current user does not have permission to
>delete this user information.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileDeleteInfo (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN EFI_USER_INFO_HANDLE UserInfo
>- )
>-{
>- EFI_STATUS Status;
>-
>- if (This == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Check the right of the current user.
>- //
>- if (User != mCurrentUser) {
>- if (!CheckCurrentUserAccessRight (EFI_USER_INFO_ACCESS_MANAGE)) {
>- return EFI_ACCESS_DENIED;
>- }
>- }
>-
>- //
>- // Delete user information.
>- //
>- Status = DelUserInfo (User, UserInfo, TRUE);
>- if (EFI_ERROR (Status)) {
>- if (Status == EFI_NOT_FOUND) {
>- return EFI_NOT_FOUND;
>- }
>- return EFI_ACCESS_DENIED;
>- }
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Enumerate user information of all the enrolled users on the platform.
>-
>- This function returns the next user information record. To retrieve the first
>user
>- information record handle, point UserInfo at a NULL. Each subsequent call
>will retrieve
>- another user information record handle until there are no more, at which
>point UserInfo
>- will point to NULL.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_MANAGER_PROTOCOL.
>- @param[in] User Handle of the user whose information will be
>deleted.
>- @param[in, out] UserInfo Handle of the user information to remove.
>-
>- @retval EFI_SUCCESS User information returned.
>- @retval EFI_NOT_FOUND No more user information found.
>- @retval EFI_INVALID_PARAMETER UserInfo is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileGetNextInfo (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN OUT EFI_USER_INFO_HANDLE *UserInfo
>- )
>-{
>- if ((This == NULL) || (UserInfo == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>- //
>- // Get next user information entry.
>- //
>- return FindUserInfo (User, (EFI_USER_INFO **) UserInfo, TRUE, NULL);
>-}
>-
>-
>-/**
>- Main entry for this driver.
>-
>- @param[in] ImageHandle Image handle this driver.
>- @param[in] SystemTable Pointer to SystemTable.
>-
>- @retval EFI_SUCESS This function always complete successfully.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserIdentifyManagerInit (
>- IN EFI_HANDLE ImageHandle,
>- IN EFI_SYSTEM_TABLE *SystemTable
>- )
>-{
>-
>- EFI_STATUS Status;
>-
>- //
>- // It is NOT robust enough to be included in production.
>- //
>- #error "This implementation is just a sample, please comment this line if you
>really want to use this driver."
>-
>- //
>- // Initiate form browser.
>- //
>- InitFormBrowser ();
>-
>- //
>- // Install protocol interfaces for the User Identity Manager.
>- //
>- Status = gBS->InstallProtocolInterface (
>- &mCallbackInfo->DriverHandle,
>- &gEfiUserManagerProtocolGuid,
>- EFI_NATIVE_INTERFACE,
>- &gUserIdentifyManager
>- );
>- ASSERT_EFI_ERROR (Status);
>-
>- LoadDeferredImageInit (ImageHandle);
>- return EFI_SUCCESS;
>-}
>-
>-
>diff --git
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>ager.h
>b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>ager.h
>deleted file mode 100644
>index 1c449b0128..0000000000
>---
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>ager.h
>+++ /dev/null
>@@ -1,413 +0,0 @@
>-/** @file
>- The header file for User identify Manager driver.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#ifndef _USER_IDENTIFY_MANAGER_H_
>-#define _USER_IDENTIFY_MANAGER_H_
>-
>-#include <Uefi.h>
>-
>-#include <Guid/GlobalVariable.h>
>-#include <Guid/MdeModuleHii.h>
>-
>-#include <Protocol/FormBrowser2.h>
>-#include <Protocol/HiiDatabase.h>
>-#include <Protocol/HiiConfigAccess.h>
>-#include <Protocol/HiiString.h>
>-#include <Protocol/HiiConfigRouting.h>
>-#include <Protocol/UserCredential2.h>
>-#include <Protocol/UserManager.h>
>-#include <Protocol/DeferredImageLoad.h>
>-#include <Protocol/SimpleTextOut.h>
>-#include <Protocol/SimpleTextIn.h>
>-#include <Protocol/SimpleTextInEx.h>
>-
>-#include <Library/UefiRuntimeServicesTableLib.h>
>-#include <Library/UefiBootServicesTableLib.h>
>-#include <Library/MemoryAllocationLib.h>
>-#include <Library/BaseMemoryLib.h>
>-#include <Library/DevicePathLib.h>
>-#include <Library/DebugLib.h>
>-#include <Library/UefiLib.h>
>-#include <Library/PrintLib.h>
>-#include <Library/HiiLib.h>
>-
>-#include "UserIdentifyManagerData.h"
>-
>-//
>-// This is the generated IFR binary data for each formset defined in VFR.
>-// This data array is ready to be used as input of HiiAddPackages() to
>-// create a packagelist.
>-//
>-extern UINT8 UserIdentifyManagerVfrBin[];
>-
>-//
>-// This is the generated String package data for all .UNI files.
>-// This data array is ready to be used as input of HiiAddPackages() to
>-// create a packagelist.
>-//
>-extern UINT8 UserIdentifyManagerStrings[];
>-
>-#define USER_NUMBER_INC 32
>-#define DEFAULT_PROFILE_SIZE 512
>-#define INFO_PAYLOAD_SIZE 64
>-
>-//
>-// Credential Provider Information.
>-//
>-typedef struct {
>- UINTN Count;
>- EFI_USER_CREDENTIAL2_PROTOCOL *Provider[1];
>-} CREDENTIAL_PROVIDER_INFO;
>-
>-//
>-// Internal user profile entry.
>-//
>-typedef struct {
>- UINTN MaxProfileSize;
>- UINTN UserProfileSize;
>- CHAR16 UserVarName[9];
>- UINT8 *ProfileInfo;
>-} USER_PROFILE_ENTRY;
>-
>-//
>-// Internal user profile database.
>-//
>-typedef struct {
>- UINTN UserProfileNum;
>- UINTN MaxProfileNum;
>- EFI_USER_PROFILE_HANDLE UserProfile[1];
>-} USER_PROFILE_DB;
>-
>-#define USER_MANAGER_SIGNATURE SIGNATURE_32 ('U', 'I', 'M', 'S')
>-
>-typedef struct {
>- UINTN Signature;
>- EFI_HANDLE DriverHandle;
>- EFI_HII_HANDLE HiiHandle;
>-
>- //
>- // Consumed protocol.
>- //
>- EFI_HII_DATABASE_PROTOCOL *HiiDatabase;
>- EFI_HII_STRING_PROTOCOL *HiiString;
>- EFI_HII_CONFIG_ROUTING_PROTOCOL *HiiConfigRouting;
>- EFI_FORM_BROWSER2_PROTOCOL *FormBrowser2;
>-
>- //
>- // Produced protocol.
>- //
>- EFI_HII_CONFIG_ACCESS_PROTOCOL ConfigAccess;
>-} USER_MANAGER_CALLBACK_INFO;
>-
>-///
>-/// HII specific Vendor Device Path definition.
>-///
>-typedef struct {
>- VENDOR_DEVICE_PATH VendorDevicePath;
>- EFI_DEVICE_PATH_PROTOCOL End;
>-} HII_VENDOR_DEVICE_PATH;
>-
>-/**
>- Register an event notification function for the user profile changed.
>-
>- @param[in] ImageHandle Image handle this driver.
>-
>-**/
>-VOID
>-LoadDeferredImageInit (
>- IN EFI_HANDLE ImageHandle
>- );
>-
>-
>-/**
>- This function creates a new user profile with only
>- a new user identifier attached and returns its handle.
>- The user profile is non-volatile, but the handle User
>- can change across reboots.
>-
>- @param[in] This Protocol EFI_USER_MANAGER_PROTOCOL
>instance
>- pointer.
>- @param[out] User Handle of a new user profile.
>-
>- @retval EFI_SUCCESS User profile was successfully created.
>- @retval EFI_ACCESS_DENIED Current user does not have sufficient
>permissions
>- to create a user profile.
>- @retval EFI_UNSUPPORTED Creation of new user profiles is not
>supported.
>- @retval EFI_INVALID_PARAMETER User is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileCreate (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- OUT EFI_USER_PROFILE_HANDLE *User
>- );
>-
>-
>-/**
>- Delete an existing user profile.
>-
>- @param This Protocol EFI_USER_MANAGER_PROTOCOL instance
>- pointer.
>- @param User User profile handle.
>-
>- @retval EFI_SUCCESS User profile was successfully deleted.
>- @retval EFI_ACCESS_DENIED Current user does not have sufficient
>permissions
>- to delete a user profile or there is only one
>- user profile.
>- @retval EFI_UNSUPPORTED Deletion of new user profiles is not
>supported.
>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>profile.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileDelete (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User
>- );
>-
>-
>-/**
>- Get next user profile from the user profile database.
>-
>- @param[in] This Protocol EFI_USER_MANAGER_PROTOCOL
>instance
>- pointer.
>- @param[in, out] User User profile handle.
>-
>- @retval EFI_SUCCESS Next enrolled user profile successfully returned.
>- @retval EFI_INVALID_PARAMETER User is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileGetNext (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN OUT EFI_USER_PROFILE_HANDLE *User
>- );
>-
>-
>-/**
>- This function returns the current user profile handle.
>-
>- @param[in] This Protocol EFI_USER_MANAGER_PROTOCOL
>instance pointer.
>- @param[out] CurrentUser User profile handle.
>-
>- @retval EFI_SUCCESS Current user profile handle returned
>successfully.
>- @retval EFI_INVALID_PARAMETER CurrentUser is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileCurrent (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- OUT EFI_USER_PROFILE_HANDLE *CurrentUser
>- );
>-
>-
>-/**
>- Identify the user and, if authenticated, returns the user handle and changes
>- the current user profile.
>-
>- @param This Protocol EFI_USER_MANAGER_PROTOCOL instance
>pointer.
>- @param CurrentUser User profile handle.
>-
>- @retval EFI_SUCCESS User was successfully identified.
>- @retval EFI_INVALID_PARAMETER User is NULL.
>- @retval EFI_ACCESS_DENIED User was not successfully identified.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileIdentify (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- OUT EFI_USER_PROFILE_HANDLE *User
>- );
>-
>-
>-/**
>- Find a user using a user information record.
>-
>- This function searches all user profiles for the specified user information
>record.
>- The search starts with the user information record handle following
>UserInfo and
>- continues until either the information is found or there are no more user
>profiles.
>- A match occurs when the Info.InfoType field matches the user information
>record
>- type and the user information record data matches the portion of Info
>passed the
>- EFI_USER_INFO header.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_MANAGER_PROTOCOL.
>- @param[in, out] User On entry, points to the previously returned user
>profile
>- handle, or NULL to start searching with the first user profile.
>- On return, points to the user profile handle, or NULL if not
>- found.
>- @param[in, out] UserInfo On entry, points to the previously returned user
>information
>- handle, or NULL to start searching with the first. On return,
>- points to the user information handle of the user information
>- record, or NULL if not found. Can be NULL, in which case only
>- one user information record per user can be returned.
>- @param[in] Info Points to the buffer containing the user information to
>be
>- compared to the user information record. If NULL, then only
>- the user information record type is compared. If InfoSize is 0,
>- then the user information record must be empty.
>-
>- @param[in] InfoSize The size of Info, in bytes.
>-
>- @retval EFI_SUCCESS User information was found. User points to the
>user profile handle,
>- and UserInfo points to the user information handle.
>- @retval EFI_NOT_FOUND User information was not found. User points to
>NULL and UserInfo
>- points to NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileFind (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN OUT EFI_USER_PROFILE_HANDLE *User,
>- IN OUT EFI_USER_INFO_HANDLE *UserInfo OPTIONAL,
>- IN CONST EFI_USER_INFO *Info,
>- IN UINTN InfoSize
>- );
>-
>-
>-/**
>- This function returns user information.
>-
>- @param This Protocol EFI_USER_MANAGER_PROTOCOL instance
>- pointer.
>- @param User Handle of the user whose profile will be
>- retrieved.
>- @param UserInfo Handle of the user information data record.
>- @param Info On entry, points to a buffer of at least
>- *InfoSize bytes. On exit, holds the user
>- information.
>- @param InfoSize On entry, points to the size of Info. On return,
>- points to the size of the user information.
>-
>- @retval EFI_SUCCESS Information returned successfully.
>- @retval EFI_ACCESS_DENIED The information about the specified user
>cannot
>- be accessed by the current user.
>- EFI_BUFFER_TOO_SMALL- The number of bytes
>- specified by *InfoSize is too small to hold the
>- returned data.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileGetInfo (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN EFI_USER_INFO_HANDLE UserInfo,
>- OUT EFI_USER_INFO *Info,
>- IN OUT UINTN *InfoSize
>- );
>-
>-
>-/**
>- This function changes user information.
>-
>- @param This Protocol EFI_USER_MANAGER_PROTOCOL instance
>- pointer.
>- @param User Handle of the user whose profile will be
>- retrieved.
>- @param UserInfo Handle of the user information data record.
>- @param Info Points to the user information.
>- @param InfoSize The size of Info, in bytes.
>-
>- @retval EFI_SUCCESS User profile information was successfully
>- changed/added.
>- @retval EFI_ACCESS_DENIED The record is exclusive.
>- @retval EFI_SECURITY_VIOLATION The current user does not have
>permission to
>- change the specified user profile or user
>- information record.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileSetInfo (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN OUT EFI_USER_INFO_HANDLE *UserInfo,
>- IN CONST EFI_USER_INFO *Info,
>- IN UINTN InfoSize
>- );
>-
>-
>-/**
>- This function allows the credential provider to notify the User Identity
>Manager
>- when user status has changed while deselected.
>-
>- @param This Protocol EFI_USER_MANAGER_PROTOCOL instance
>- pointer.
>- @param Changed Points to the instance of the
>- EFI_USER_CREDENTIAL_PROTOCOL where the user has
>- changed.
>-
>- @retval EFI_SUCCESS The User Identity Manager has handled the
>- notification.
>- @retval EFI_NOT_READY The function was called while the specified
>- credential provider was not selected.
>- @retval EFI_UNSUPPORTED The User Identity Manager doesn't support
>- asynchronous notifications.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileNotify (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN EFI_HANDLE Changed
>- );
>-
>-
>-/**
>- Delete the user information attached to the user profile specified by the
>UserInfo.
>-
>- @param This Protocol EFI_USER_MANAGER_PROTOCOL instance
>pointer.
>- @param User Handle of the user whose profile will be retrieved.
>- @param UserInfo Handle of the user information data record.
>-
>- @retval EFI_SUCCESS User information deleted successfully.
>- @retval EFI_ACCESS_DENIED The current user does not have permission
>to
>- delete this user in-formation.
>- @retval EFI_NOT_FOUND User information record UserInfo does not
>exist
>- in the user pro-file.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileDeleteInfo (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN EFI_USER_INFO_HANDLE UserInfo
>- );
>-
>-
>-/**
>- This function returns the next user information record.
>-
>- @param This Protocol EFI_USER_MANAGER_PROTOCOL instance
>pointer.
>- @param User Handle of the user whose profile will be retrieved.
>- @param UserInfo Handle of the user information data record.
>-
>- @retval EFI_SUCCESS User information returned.
>- @retval EFI_NOT_FOUND No more user information found.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileGetNextInfo (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN OUT EFI_USER_INFO_HANDLE *UserInfo
>- );
>-
>-#endif
>diff --git
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>ager.uni
>b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>ager.uni
>deleted file mode 100644
>index 82c72baeeb..0000000000
>---
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>ager.uni
>+++ /dev/null
>@@ -1,21 +0,0 @@
>-// /** @file
>-// Produces user manager protocol
>-//
>-// This module manages user information and produces user manager
>protocol.
>-//
>-// Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
>-//
>-// This program and the accompanying materials
>-// are licensed and made available under the terms and conditions of the BSD
>License
>-// which accompanies this distribution. The full text of the license may be
>found at
>-// http://opensource.org/licenses/bsd-license.php
>-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-//
>-// **/
>-
>-
>-#string STR_MODULE_ABSTRACT #language en-US "Produces user
>manager protocol"
>-
>-#string STR_MODULE_DESCRIPTION #language en-US "This module
>manages user information and produces user manager protocol."
>-
>diff --git
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerData.h
>b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerData.h
>deleted file mode 100644
>index 4e07ddd309..0000000000
>---
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerData.h
>+++ /dev/null
>@@ -1,35 +0,0 @@
>-/** @file
>- Data structure used by the user identify manager driver.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#ifndef _USER_IDENTIFY_MANAGER_DATA_H_
>-#define _USER_IDENTIFY_MANAGER_DATA_H_
>-
>-#include <Guid/UserIdentifyManagerHii.h>
>-
>-//
>-// Forms definition.
>-//
>-#define FORMID_USER_FORM 1
>-#define FORMID_PROVIDER_FORM 2
>-#define FORMID_INVALID_FORM 0x0FFF
>-
>-//
>-// Labels definition.
>-//
>-#define LABEL_USER_NAME 0x1000
>-#define LABEL_PROVIDER_NAME 0x3000
>-#define LABEL_END 0xffff
>-#define FORM_OPEN_QUESTION_ID 0xfffe
>-
>-#endif
>diff --git
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerDxe.inf
>b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerDxe.inf
>deleted file mode 100644
>index 27e8ba19ad..0000000000
>---
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerDxe.inf
>+++ /dev/null
>@@ -1,79 +0,0 @@
>-## @file
>-# Produces user manager protocol
>-#
>-# This module manages user information and produces user manager
>protocol.
>-#
>-# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-# This program and the accompanying materials
>-# are licensed and made available under the terms and conditions of the BSD
>License
>-# which accompanies this distribution. The full text of the license may be
>found at
>-# http://opensource.org/licenses/bsd-license.php
>-# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>-# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-#
>-##
>-
>-[defines]
>- INF_VERSION = 0x00010005
>- BASE_NAME = UserIdentifyManager
>- MODULE_UNI_FILE = UserIdentifyManager.uni
>- FILE_GUID = C5D3191B-27D5-4873-8DF2-628136991A21
>- MODULE_TYPE = DXE_DRIVER
>- VERSION_STRING = 1.0
>- ENTRY_POINT = UserIdentifyManagerInit
>-
>-[sources]
>- UserIdentifyManager.c
>- LoadDeferredImage.c
>- UserIdentifyManager.h
>- UserIdentifyManagerData.h
>- UserIdentifyManagerStrings.uni
>- UserIdentifyManagerVfr.Vfr
>-
>-[Packages]
>- MdePkg/MdePkg.dec
>- MdeModulePkg/MdeModulePkg.dec
>- SecurityPkg/SecurityPkg.dec
>-
>-[LibraryClasses]
>- UefiRuntimeServicesTableLib
>- UefiBootServicesTableLib
>- UefiDriverEntryPoint
>- MemoryAllocationLib
>- BaseMemoryLib
>- DebugLib
>- HiiLib
>- UefiLib
>-
>-[Guids]
>- gEfiIfrTianoGuid ## SOMETIMES_CONSUMES ## GUID
>- gEfiEventUserProfileChangedGuid ## SOMETIMES_PRODUCES ##
>Event
>-
>- ## SOMETIMES_PRODUCES ## Variable:L"Userxxxx"
>- ## SOMETIMES_CONSUMES ## Variable:L"Userxxxx"
>- ## CONSUMES ## HII
>- gUserIdentifyManagerGuid
>-
>-[Protocols]
>- gEfiFormBrowser2ProtocolGuid ## CONSUMES
>- gEfiHiiDatabaseProtocolGuid ## CONSUMES
>- gEfiUserCredential2ProtocolGuid ## SOMETIMES_CONSUMES
>- gEfiDeferredImageLoadProtocolGuid ## SOMETIMES_CONSUMES
>- gEfiSimpleTextOutProtocolGuid ## SOMETIMES_CONSUMES
>- gEfiSimpleTextInProtocolGuid ## SOMETIMES_CONSUMES
>- gEfiSimpleTextInputExProtocolGuid ## SOMETIMES_CONSUMES
>- gEfiHiiConfigAccessProtocolGuid ## PRODUCES
>- gEfiDevicePathProtocolGuid ## PRODUCES
>-
>- ## PRODUCES
>- ## SOMETIMES_PRODUCES ## SystemTable
>- gEfiUserManagerProtocolGuid
>-
>-[Depex]
>- gEfiHiiDatabaseProtocolGuid AND
>- gEfiHiiStringProtocolGuid AND
>- gEfiFormBrowser2ProtocolGuid
>-
>-[UserExtensions.TianoCore."ExtraFiles"]
>- UserIdentifyManagerExtra.uni
>-
>diff --git
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerExtra.uni
>b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerExtra.uni
>deleted file mode 100644
>index 8b7cba7b32..0000000000
>---
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerExtra.uni
>+++ /dev/null
>@@ -1,19 +0,0 @@
>-// /** @file
>-// UserIdentifyManager Localized Strings and Content
>-//
>-// Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
>-//
>-// This program and the accompanying materials
>-// are licensed and made available under the terms and conditions of the BSD
>License
>-// which accompanies this distribution. The full text of the license may be
>found at
>-// http://opensource.org/licenses/bsd-license.php
>-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-//
>-// **/
>-
>-#string STR_PROPERTIES_MODULE_NAME
>-#language en-US
>-"User Identify Manager"
>-
>-
>diff --git
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerStrings.uni
>b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerStrings.uni
>deleted file mode 100644
>index fcbf5005cd..0000000000
>---
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerStrings.uni
>+++ /dev/null
>@@ -1,27 +0,0 @@
>-/** @file
>- String definitions for the User Identify Manager driver.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php.
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#langdef en-US "English"
>-#langdef fr-FR "Francais"
>-
>-#string STR_TITLE #language en-US "User Identity Manager"
>- #language fr-FR "User Identity Manager(French)"
>-#string STR_USER_SELECT #language en-US "User Selection"
>- #language fr-FR "User Selection(French)"
>-#string STR_PROVIDER_SELECT #language en-US "Provider
>Selection"
>- #language fr-FR "User Selection(French)"
>-#string STR_NULL_STRING #language en-US ""
>- #language fr-FR ""
>-
>-
>diff --git
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerVfr.Vfr
>b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerVfr.Vfr
>deleted file mode 100644
>index 306679776d..0000000000
>---
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerVfr.Vfr
>+++ /dev/null
>@@ -1,43 +0,0 @@
>-/** @file
>- User identify manager formset.
>-
>-Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#include "UserIdentifyManagerData.h"
>-
>-formset
>- guid = USER_IDENTIFY_MANAGER_GUID,
>- title = STRING_TOKEN(STR_TITLE),
>- help = STRING_TOKEN(STR_NULL_STRING),
>- classguid = USER_IDENTIFY_MANAGER_GUID,
>-
>- form formid = FORMID_USER_FORM,
>- title = STRING_TOKEN(STR_USER_SELECT);
>-
>- suppressif TRUE;
>- text
>- help = STRING_TOKEN(STR_NULL_STRING),
>- text = STRING_TOKEN(STR_NULL_STRING),
>- flags = INTERACTIVE,
>- key = FORM_OPEN_QUESTION_ID;
>- endif;
>-
>- label LABEL_USER_NAME;
>- label LABEL_END;
>- endform;
>-
>- form formid = FORMID_PROVIDER_FORM,
>- title = STRING_TOKEN(STR_PROVIDER_SELECT);
>- label LABEL_PROVIDER_NAME;
>- label LABEL_END;
>- endform;
>-endformset;
>\ No newline at end of file
>diff --git
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyAccessPolic
>y.c
>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyAccessPolic
>y.c
>deleted file mode 100644
>index 56d3b1df98..0000000000
>---
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyAccessPolic
>y.c
>+++ /dev/null
>@@ -1,688 +0,0 @@
>-/** @file
>- The functions for access policy modification.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#include "UserProfileManager.h"
>-
>-/**
>- Collect all the access policy data to mUserInfo.AccessPolicy,
>- and save it to user profile.
>-
>-**/
>-VOID
>-SaveAccessPolicy (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- UINTN OffSet;
>- UINTN Size;
>- EFI_USER_INFO_ACCESS_CONTROL Control;
>- EFI_USER_INFO_HANDLE UserInfo;
>- EFI_USER_INFO *Info;
>-
>- if (mUserInfo.AccessPolicy != NULL) {
>- FreePool (mUserInfo.AccessPolicy);
>- }
>- mUserInfo.AccessPolicy = NULL;
>- mUserInfo.AccessPolicyLen = 0;
>- mUserInfo.AccessPolicyModified = TRUE;
>- OffSet = 0;
>-
>- //
>- // Save access right.
>- //
>- Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL);
>- if (mUserInfo.AccessPolicyLen - OffSet < Size) {
>- ExpandMemory (OffSet, Size);
>- }
>-
>- Control.Type = mAccessInfo.AccessRight;
>- Control.Size = (UINT32) Size;
>- CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
>- OffSet += sizeof (Control);
>-
>- //
>- // Save access setup.
>- //
>- Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) + sizeof (EFI_GUID);
>- if (mUserInfo.AccessPolicyLen - OffSet < Size) {
>- ExpandMemory (OffSet, Size);
>- }
>-
>- Control.Type = EFI_USER_INFO_ACCESS_SETUP;
>- Control.Size = (UINT32) Size;
>- CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
>- OffSet += sizeof (Control);
>-
>- if (mAccessInfo.AccessSetup == ACCESS_SETUP_NORMAL) {
>- CopyGuid ((EFI_GUID *) (mUserInfo.AccessPolicy + OffSet),
>&gEfiUserInfoAccessSetupNormalGuid);
>- } else if (mAccessInfo.AccessSetup == ACCESS_SETUP_RESTRICTED) {
>- CopyGuid ((EFI_GUID *) (mUserInfo.AccessPolicy + OffSet),
>&gEfiUserInfoAccessSetupRestrictedGuid);
>- } else if (mAccessInfo.AccessSetup == ACCESS_SETUP_ADMIN) {
>- CopyGuid ((EFI_GUID *) (mUserInfo.AccessPolicy + OffSet),
>&gEfiUserInfoAccessSetupAdminGuid);
>- }
>- OffSet += sizeof (EFI_GUID);
>-
>- //
>- // Save access of boot order.
>- //
>- Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) + sizeof (UINT32);
>- if (mUserInfo.AccessPolicyLen - OffSet < Size) {
>- ExpandMemory (OffSet, Size);
>- }
>-
>- Control.Type = EFI_USER_INFO_ACCESS_BOOT_ORDER;
>- Control.Size = (UINT32) Size;
>- CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
>- OffSet += sizeof (Control);
>-
>- CopyMem ((UINT8 *) (mUserInfo.AccessPolicy + OffSet),
>&mAccessInfo.AccessBootOrder, sizeof (UINT32));
>- OffSet += sizeof (UINT32);
>-
>- //
>- // Save permit load.
>- //
>- if (mAccessInfo.LoadPermitLen > 0) {
>- Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) +
>mAccessInfo.LoadPermitLen;
>- if (mUserInfo.AccessPolicyLen - OffSet < Size) {
>- ExpandMemory (OffSet, Size);
>- }
>-
>- Control.Type = EFI_USER_INFO_ACCESS_PERMIT_LOAD;
>- Control.Size = (UINT32) Size;
>- CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
>- OffSet += sizeof (Control);
>-
>- CopyMem (mUserInfo.AccessPolicy + OffSet, mAccessInfo.LoadPermit,
>mAccessInfo.LoadPermitLen);
>- OffSet += mAccessInfo.LoadPermitLen;
>- }
>-
>- //
>- // Save forbid load.
>- //
>- if (mAccessInfo.LoadForbidLen > 0) {
>- Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) +
>mAccessInfo.LoadForbidLen;
>- if (mUserInfo.AccessPolicyLen - OffSet < Size) {
>- ExpandMemory (OffSet, Size);
>- }
>-
>- Control.Type = EFI_USER_INFO_ACCESS_FORBID_LOAD;
>- Control.Size = (UINT32) Size;
>- CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
>- OffSet += sizeof (Control);
>-
>- CopyMem (mUserInfo.AccessPolicy + OffSet, mAccessInfo.LoadForbid,
>mAccessInfo.LoadForbidLen);
>- OffSet += mAccessInfo.LoadForbidLen;
>- }
>-
>- //
>- // Save permit connect.
>- //
>- if (mAccessInfo.ConnectPermitLen > 0) {
>- Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) +
>mAccessInfo.ConnectPermitLen;
>- if (mUserInfo.AccessPolicyLen - OffSet < Size) {
>- ExpandMemory (OffSet, Size);
>- }
>-
>- Control.Type = EFI_USER_INFO_ACCESS_PERMIT_CONNECT;
>- Control.Size = (UINT32) Size;
>- CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
>- OffSet += sizeof (Control);
>-
>- CopyMem (mUserInfo.AccessPolicy + OffSet, mAccessInfo.ConnectPermit,
>mAccessInfo.ConnectPermitLen);
>- OffSet += mAccessInfo.ConnectPermitLen;
>- }
>-
>- //
>- // Save forbid connect.
>- //
>- if (mAccessInfo.ConnectForbidLen > 0) {
>- Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) +
>mAccessInfo.ConnectForbidLen;
>- if (mUserInfo.AccessPolicyLen - OffSet < Size) {
>- ExpandMemory (OffSet, Size);
>- }
>-
>- Control.Type = EFI_USER_INFO_ACCESS_FORBID_CONNECT;
>- Control.Size = (UINT32) Size;
>- CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
>- OffSet += sizeof (Control);
>-
>- CopyMem (mUserInfo.AccessPolicy + OffSet, mAccessInfo.ConnectForbid,
>mAccessInfo.ConnectForbidLen);
>- OffSet += mAccessInfo.ConnectForbidLen;
>- }
>-
>- mUserInfo.AccessPolicyLen = OffSet;
>-
>- //
>- // Save access policy.
>- //
>- if (mUserInfo.AccessPolicyModified && (mUserInfo.AccessPolicyLen > 0)
>&& (mUserInfo.AccessPolicy != NULL)) {
>- Info = AllocateZeroPool (sizeof (EFI_USER_INFO) +
>mUserInfo.AccessPolicyLen);
>- if (Info == NULL) {
>- return ;
>- }
>-
>- Status = FindInfoByType (mModifyUser,
>EFI_USER_INFO_ACCESS_POLICY_RECORD, &UserInfo);
>- if (!EFI_ERROR (Status)) {
>- Info->InfoType = EFI_USER_INFO_ACCESS_POLICY_RECORD;
>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>- EFI_USER_INFO_PUBLIC |
>- EFI_USER_INFO_EXCLUSIVE;
>- Info->InfoSize = (UINT32) (sizeof (EFI_USER_INFO) +
>mUserInfo.AccessPolicyLen);
>- CopyMem ((UINT8 *) (Info + 1), mUserInfo.AccessPolicy,
>mUserInfo.AccessPolicyLen);
>- Status = mUserManager->SetInfo (
>- mUserManager,
>- mModifyUser,
>- &UserInfo,
>- Info,
>- Info->InfoSize
>- );
>- mUserInfo.AccessPolicyModified = FALSE;
>- }
>- FreePool (Info);
>- }
>-
>- if (mAccessInfo.ConnectForbid != NULL) {
>- FreePool (mAccessInfo.ConnectForbid);
>- mAccessInfo.ConnectForbid = NULL;
>- }
>-
>- if (mAccessInfo.ConnectPermit != NULL) {
>- FreePool (mAccessInfo.ConnectPermit);
>- mAccessInfo.ConnectPermit = NULL;
>- }
>-
>- if (mAccessInfo.LoadForbid != NULL) {
>- FreePool (mAccessInfo.LoadForbid);
>- mAccessInfo.LoadForbid = NULL;
>- }
>-
>- if (mAccessInfo.LoadPermit != NULL) {
>- FreePool (mAccessInfo.LoadPermit);
>- mAccessInfo.LoadPermit = NULL;
>- }
>-}
>-
>-/**
>- Create an action OpCode with QuestionID and DevicePath on a given
>OpCodeHandle.
>-
>- @param[in] QuestionID The question ID.
>- @param[in] DevicePath Points to device path.
>- @param[in] OpCodeHandle Points to container for dynamic created
>opcodes.
>-
>-**/
>-VOID
>-AddDevicePath (
>- IN UINTN QuestionID,
>- IN EFI_DEVICE_PATH_PROTOCOL *DevicePath,
>- IN VOID *OpCodeHandle
>- )
>-{
>- EFI_DEVICE_PATH_PROTOCOL *Next;
>- EFI_STRING_ID NameID;
>- EFI_STRING DriverName;
>-
>- //
>- // Get driver file name node.
>- //
>- Next = DevicePath;
>- while (!IsDevicePathEnd (Next)) {
>- DevicePath = Next;
>- Next = NextDevicePathNode (Next);
>- }
>-
>- //
>- // Display the device path in form.
>- //
>- DriverName = ConvertDevicePathToText (DevicePath, FALSE, FALSE);
>- NameID = HiiSetString (mCallbackInfo->HiiHandle, 0, DriverName, NULL);
>- FreePool (DriverName);
>- if (NameID == 0) {
>- return ;
>- }
>-
>- HiiCreateActionOpCode (
>- OpCodeHandle, // Container for dynamic created opcodes
>- (UINT16) QuestionID, // Question ID
>- NameID, // Prompt text
>- STRING_TOKEN (STR_NULL_STRING), // Help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- 0 // Action String ID
>- );
>-}
>-
>-
>-/**
>- Check whether the DevicePath is in the device path forbid list
>- (mAccessInfo.LoadForbid).
>-
>- @param[in] DevicePath Points to device path.
>-
>- @retval TRUE The DevicePath is in the device path forbid list.
>- @retval FALSE The DevicePath is not in the device path forbid list.
>-
>-**/
>-BOOLEAN
>-IsLoadForbidden (
>- IN EFI_DEVICE_PATH_PROTOCOL *DevicePath
>- )
>-{
>- UINTN OffSet;
>- UINTN DPSize;
>- UINTN Size;
>- EFI_DEVICE_PATH_PROTOCOL *Dp;
>-
>- OffSet = 0;
>- Size = GetDevicePathSize (DevicePath);
>- //
>- // Check each device path.
>- //
>- while (OffSet < mAccessInfo.LoadForbidLen) {
>- Dp = (EFI_DEVICE_PATH_PROTOCOL *) (mAccessInfo.LoadForbid +
>OffSet);
>- DPSize = GetDevicePathSize (Dp);
>- //
>- // Compare device path.
>- //
>- if ((DPSize == Size) && (CompareMem (DevicePath, Dp, Size) == 0)) {
>- return TRUE;
>- }
>- OffSet += DPSize;
>- }
>- return FALSE;
>-}
>-
>-
>-/**
>- Display the permit load device path in the loadable device path list.
>-
>-**/
>-VOID
>-DisplayLoadPermit(
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- CHAR16 *Order;
>- UINTN OrderSize;
>- UINTN ListCount;
>- UINTN Index;
>- UINT8 *Var;
>- UINT8 *VarPtr;
>- CHAR16 VarName[12];
>- VOID *StartOpCodeHandle;
>- VOID *EndOpCodeHandle;
>- EFI_IFR_GUID_LABEL *StartLabel;
>- EFI_IFR_GUID_LABEL *EndLabel;
>-
>- //
>- // Get DriverOrder.
>- //
>- OrderSize = 0;
>- Status = gRT->GetVariable (
>- L"DriverOrder",
>- &gEfiGlobalVariableGuid,
>- NULL,
>- &OrderSize,
>- NULL
>- );
>- if (Status != EFI_BUFFER_TOO_SMALL) {
>- return ;
>- }
>-
>- Order = AllocateZeroPool (OrderSize);
>- if (Order == NULL) {
>- return ;
>- }
>-
>- Status = gRT->GetVariable (
>- L"DriverOrder",
>- &gEfiGlobalVariableGuid,
>- NULL,
>- &OrderSize,
>- Order
>- );
>- if (EFI_ERROR (Status)) {
>- return ;
>- }
>-
>- //
>- // Initialize the container for dynamic opcodes.
>- //
>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (StartOpCodeHandle != NULL);
>-
>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (EndOpCodeHandle != NULL);
>-
>- //
>- // Create Hii Extend Label OpCode.
>- //
>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- StartOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- StartLabel->Number = LABEL_PERMIT_LOAD_FUNC;
>-
>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- EndOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- EndLabel->Number = LABEL_END;
>-
>- //
>- // Add each driver option.
>- //
>- Var = NULL;
>- ListCount = OrderSize / sizeof (UINT16);
>- for (Index = 0; Index < ListCount; Index++) {
>- //
>- // Get driver device path.
>- //
>- UnicodeSPrint (VarName, sizeof (VarName), L"Driver%04x", Order[Index]);
>- GetEfiGlobalVariable2 (VarName, (VOID**)&Var, NULL);
>- if (Var == NULL) {
>- continue;
>- }
>-
>- //
>- // Check whether the driver is already forbidden.
>- //
>-
>- VarPtr = Var;
>- //
>- // Skip attribute.
>- //
>- VarPtr += sizeof (UINT32);
>-
>- //
>- // Skip device path lenth.
>- //
>- VarPtr += sizeof (UINT16);
>-
>- //
>- // Skip descript string.
>- //
>- VarPtr += StrSize ((UINT16 *) VarPtr);
>-
>- if (IsLoadForbidden ((EFI_DEVICE_PATH_PROTOCOL *) VarPtr)) {
>- FreePool (Var);
>- Var = NULL;
>- continue;
>- }
>-
>- AddDevicePath (
>- KEY_MODIFY_USER | KEY_MODIFY_AP_DP | KEY_LOAD_PERMIT_MODIFY
>| Order[Index],
>- (EFI_DEVICE_PATH_PROTOCOL *) VarPtr,
>- StartOpCodeHandle
>- );
>- FreePool (Var);
>- Var = NULL;
>- }
>-
>- HiiUpdateForm (
>- mCallbackInfo->HiiHandle, // HII handle
>- &gUserProfileManagerGuid, // Formset GUID
>- FORMID_PERMIT_LOAD_DP, // Form ID
>- StartOpCodeHandle, // Label for where to insert opcodes
>- EndOpCodeHandle // Replace data
>- );
>-
>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>-
>- //
>- // Clear Environment.
>- //
>- if (Var != NULL) {
>- FreePool (Var);
>- }
>- FreePool (Order);
>-}
>-
>-
>-/**
>- Display the forbid load device path list (mAccessInfo.LoadForbid).
>-
>-**/
>-VOID
>-DisplayLoadForbid (
>- VOID
>- )
>-{
>- UINTN Offset;
>- UINTN DPSize;
>- UINTN Index;
>- EFI_DEVICE_PATH_PROTOCOL *Dp;
>- VOID *StartOpCodeHandle;
>- VOID *EndOpCodeHandle;
>- EFI_IFR_GUID_LABEL *StartLabel;
>- EFI_IFR_GUID_LABEL *EndLabel;
>-
>- //
>- // Initialize the container for dynamic opcodes.
>- //
>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (StartOpCodeHandle != NULL);
>-
>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (EndOpCodeHandle != NULL);
>-
>- //
>- // Create Hii Extend Label OpCode.
>- //
>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- StartOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- StartLabel->Number = LABLE_FORBID_LOAD_FUNC;
>-
>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- EndOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- EndLabel->Number = LABEL_END;
>-
>- //
>- // Add each forbid load drivers.
>- //
>- Offset = 0;
>- Index = 0;
>- while (Offset < mAccessInfo.LoadForbidLen) {
>- Dp = (EFI_DEVICE_PATH_PROTOCOL *) (mAccessInfo.LoadForbid +
>Offset);
>- DPSize = GetDevicePathSize (Dp);
>- AddDevicePath (
>- KEY_MODIFY_USER | KEY_MODIFY_AP_DP | KEY_LOAD_FORBID_MODIFY
>| Index,
>- Dp,
>- StartOpCodeHandle
>- );
>- Index++;
>- Offset += DPSize;
>- }
>-
>- HiiUpdateForm (
>- mCallbackInfo->HiiHandle, // HII handle
>- &gUserProfileManagerGuid, // Formset GUID
>- FORMID_FORBID_LOAD_DP, // Form ID
>- StartOpCodeHandle, // Label for where to insert opcodes
>- EndOpCodeHandle // Replace data
>- );
>-
>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>-}
>-
>-
>-/**
>- Display the permit connect device path.
>-
>-**/
>-VOID
>-DisplayConnectPermit (
>- VOID
>- )
>-{
>- //
>- // Note:
>- // As no architect protocol/interface to be called in ConnectController()
>- // to verify the device path, just add a place holder for permitted connect
>- // device path.
>- //
>-}
>-
>-
>-/**
>- Display the forbid connect device path list.
>-
>-**/
>-VOID
>-DisplayConnectForbid (
>- VOID
>- )
>-{
>- //
>- // Note:
>- // As no architect protocol/interface to be called in ConnectController()
>- // to verify the device path, just add a place holder for forbidden connect
>- // device path.
>- //
>-}
>-
>-
>-/**
>- Delete the specified device path by DriverIndex from the forbid device path
>- list (mAccessInfo.LoadForbid).
>-
>- @param[in] DriverIndex The index of driver in forbidden device path list.
>-
>-**/
>-VOID
>-DeleteFromForbidLoad (
>- IN UINT16 DriverIndex
>- )
>-{
>- UINTN OffSet;
>- UINTN DPSize;
>- UINTN OffLen;
>- EFI_DEVICE_PATH_PROTOCOL *Dp;
>-
>- OffSet = 0;
>- //
>- // Find the specified device path.
>- //
>- while ((OffSet < mAccessInfo.LoadForbidLen) && (DriverIndex > 0)) {
>- Dp = (EFI_DEVICE_PATH_PROTOCOL *) (mAccessInfo.LoadForbid +
>OffSet);
>- DPSize = GetDevicePathSize (Dp);
>- OffSet += DPSize;
>- DriverIndex--;
>- }
>-
>- //
>- // Specified device path found.
>- //
>- if (DriverIndex == 0) {
>- Dp = (EFI_DEVICE_PATH_PROTOCOL *) (mAccessInfo.LoadForbid +
>OffSet);
>- DPSize = GetDevicePathSize (Dp);
>- OffLen = mAccessInfo.LoadForbidLen - OffSet - DPSize;
>- if (OffLen > 0) {
>- CopyMem (
>- mAccessInfo.LoadForbid + OffSet,
>- mAccessInfo.LoadForbid + OffSet + DPSize,
>- OffLen
>- );
>- }
>- mAccessInfo.LoadForbidLen -= DPSize;
>- }
>-}
>-
>-
>-/**
>- Add the specified device path by DriverIndex to the forbid device path
>- list (mAccessInfo.LoadForbid).
>-
>- @param[in] DriverIndex The index of driver saved in driver options.
>-
>-**/
>-VOID
>-AddToForbidLoad (
>- IN UINT16 DriverIndex
>- )
>-{
>- UINTN DevicePathLen;
>- UINT8 *Var;
>- UINT8 *VarPtr;
>- UINTN NewLen;
>- UINT8 *NewFL;
>- CHAR16 VarName[13];
>-
>- //
>- // Get loadable driver device path.
>- //
>- UnicodeSPrint (VarName, sizeof (VarName), L"Driver%04x", DriverIndex);
>- GetEfiGlobalVariable2 (VarName, (VOID**)&Var, NULL);
>- if (Var == NULL) {
>- return;
>- }
>-
>- //
>- // Save forbid load driver.
>- //
>-
>- VarPtr = Var;
>- //
>- // Skip attribute.
>- //
>- VarPtr += sizeof (UINT32);
>-
>- DevicePathLen = *(UINT16 *) VarPtr;
>- //
>- // Skip device path length.
>- //
>- VarPtr += sizeof (UINT16);
>-
>- //
>- // Skip description string.
>- //
>- VarPtr += StrSize ((UINT16 *) VarPtr);
>-
>- NewLen = mAccessInfo.LoadForbidLen + DevicePathLen;
>- NewFL = AllocateZeroPool (NewLen);
>- if (NewFL == NULL) {
>- FreePool (Var);
>- return ;
>- }
>-
>- if (mAccessInfo.LoadForbidLen > 0) {
>- CopyMem (NewFL, mAccessInfo.LoadForbid, mAccessInfo.LoadForbidLen);
>- FreePool (mAccessInfo.LoadForbid);
>- }
>-
>- CopyMem (NewFL + mAccessInfo.LoadForbidLen, VarPtr, DevicePathLen);
>- mAccessInfo.LoadForbidLen = NewLen;
>- mAccessInfo.LoadForbid = NewFL;
>- FreePool (Var);
>-}
>-
>-
>diff --git
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyIdentityPoli
>cy.c
>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyIdentityPoli
>cy.c
>deleted file mode 100644
>index 602c4a8397..0000000000
>---
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyIdentityPoli
>cy.c
>+++ /dev/null
>@@ -1,516 +0,0 @@
>-/** @file
>- The functions for identification policy modification.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#include "UserProfileManager.h"
>-
>-
>-/**
>- Verify the new identity policy in the current implementation. The same
>credential
>- provider can't appear twice in one identity policy.
>-
>- @param[in] NewGuid Points to the credential provider guid.
>-
>- @retval TRUE The NewGuid was found in the identity policy.
>- @retval FALSE The NewGuid was not found.
>-
>-**/
>-BOOLEAN
>-ProviderAlreadyInPolicy (
>- IN EFI_GUID *NewGuid
>- )
>-{
>- UINTN Offset;
>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>- EFI_INPUT_KEY Key;
>-
>- Offset = 0;
>- while (Offset < mUserInfo.NewIdentityPolicyLen) {
>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *)
>(mUserInfo.NewIdentityPolicy + Offset);
>- if (Identity->Type == EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER) {
>- if (CompareGuid (NewGuid, (EFI_GUID *) (Identity + 1))) {
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- L"This Credential Provider Are Already Used!",
>- L"",
>- L"Press Any Key to Continue ...",
>- NULL
>- );
>- return TRUE;
>- }
>- }
>- Offset += Identity->Length;
>- }
>-
>- return FALSE;
>-}
>-
>-
>-/**
>- Add the user's credential record in the provider.
>-
>- @param[in] Identity Identity policy item including credential provider.
>- @param[in] User Points to user profile.
>-
>- @retval EFI_SUCCESS Add or delete record successfully.
>- @retval Others Fail to add or delete record.
>-
>-**/
>-EFI_STATUS
>-EnrollUserOnProvider (
>- IN EFI_USER_INFO_IDENTITY_POLICY *Identity,
>- IN EFI_USER_PROFILE_HANDLE User
>- )
>-{
>- UINTN Index;
>- EFI_USER_CREDENTIAL2_PROTOCOL *UserCredential;
>-
>- //
>- // Find the specified credential provider.
>- //
>- for (Index = 0; Index < mProviderInfo->Count; Index++) {
>- UserCredential = mProviderInfo->Provider[Index];
>- if (CompareGuid ((EFI_GUID *)(Identity + 1), &UserCredential->Identifier))
>{
>- return UserCredential->Enroll (UserCredential, User);
>- }
>- }
>-
>- return EFI_NOT_FOUND;
>-}
>-
>-
>-/**
>- Delete the User's credential record on the provider.
>-
>- @param[in] Identity Point to
>EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER user info.
>- @param[in] User Points to user profile.
>-
>- @retval EFI_SUCCESS Delete User's credential record successfully.
>- @retval Others Fail to add or delete record.
>-
>-**/
>-EFI_STATUS
>-DeleteUserOnProvider (
>- IN EFI_USER_INFO_IDENTITY_POLICY *Identity,
>- IN EFI_USER_PROFILE_HANDLE User
>- )
>-{
>- UINTN Index;
>- EFI_USER_CREDENTIAL2_PROTOCOL *UserCredential;
>-
>- //
>- // Find the specified credential provider.
>- //
>- for (Index = 0; Index < mProviderInfo->Count; Index++) {
>- UserCredential = mProviderInfo->Provider[Index];
>- if (CompareGuid ((EFI_GUID *)(Identity + 1), &UserCredential->Identifier))
>{
>- return UserCredential->Delete (UserCredential, User);
>- }
>- }
>-
>- return EFI_NOT_FOUND;
>-}
>-
>-
>-/**
>- Delete User's credental from all the providers that exist in User's identity
>policy.
>-
>- @param[in] IdentityPolicy Point to User's identity policy.
>- @param[in] IdentityPolicyLen The length of the identity policy.
>- @param[in] User Points to user profile.
>-
>-**/
>-VOID
>-DeleteCredentialFromProviders (
>- IN UINT8 *IdentityPolicy,
>- IN UINTN IdentityPolicyLen,
>- IN EFI_USER_PROFILE_HANDLE User
>- )
>-{
>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>- UINTN Offset;
>-
>- Offset = 0;
>- while (Offset < IdentityPolicyLen) {
>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) (IdentityPolicy + Offset);
>- if (Identity->Type == EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER) {
>- //
>- // Delete the user on this provider.
>- //
>- DeleteUserOnProvider (Identity, User);
>- }
>- Offset += Identity->Length;
>- }
>-
>-}
>-
>-
>-/**
>- Remove the provider specified by Offset from the new user identification
>record.
>-
>- @param[in] IdentityPolicy Point to user identity item in new identification
>policy.
>- @param[in] Offset The item offset in the new identification policy.
>-
>-**/
>-VOID
>-DeleteProviderFromPolicy (
>- IN EFI_USER_INFO_IDENTITY_POLICY *IdentityPolicy,
>- IN UINTN Offset
>- )
>-{
>- UINTN RemainingLen;
>- UINTN DeleteLen;
>-
>- if (IdentityPolicy->Length == mUserInfo.NewIdentityPolicyLen) {
>- //
>- // Only one credential provider in the identification policy.
>- // Set the new policy to be TRUE after removed the provider.
>- //
>- IdentityPolicy->Type = EFI_USER_INFO_IDENTITY_TRUE;
>- IdentityPolicy->Length = sizeof (EFI_USER_INFO_IDENTITY_POLICY);
>- mUserInfo.NewIdentityPolicyLen = IdentityPolicy->Length;
>- return ;
>- }
>-
>- DeleteLen = IdentityPolicy->Length +
>sizeof(EFI_USER_INFO_IDENTITY_POLICY);
>- if ((Offset + IdentityPolicy->Length) != mUserInfo.NewIdentityPolicyLen) {
>- //
>- // This provider is not the last item in the identification policy, delete it and
>the connector.
>- //
>- RemainingLen = mUserInfo.NewIdentityPolicyLen - Offset - DeleteLen;
>- CopyMem ((UINT8 *) IdentityPolicy, (UINT8 *) IdentityPolicy + DeleteLen,
>RemainingLen);
>- }
>- mUserInfo.NewIdentityPolicyLen -= DeleteLen;
>-}
>-
>-
>-/**
>- Add a new provider to the mUserInfo.NewIdentityPolicy.
>-
>- It is invoked when 'add option' in UI is pressed.
>-
>- @param[in] NewGuid Points to the credential provider guid.
>-
>-**/
>-VOID
>-AddProviderToPolicy (
>- IN EFI_GUID *NewGuid
>- )
>-{
>- UINT8 *NewPolicyInfo;
>- UINTN NewPolicyInfoLen;
>- EFI_USER_INFO_IDENTITY_POLICY *Policy;
>-
>- //
>- // Allocate memory for the new identity policy.
>- //
>- NewPolicyInfoLen = mUserInfo.NewIdentityPolicyLen + sizeof
>(EFI_USER_INFO_IDENTITY_POLICY) + sizeof (EFI_GUID);
>- if (mUserInfo.NewIdentityPolicyLen > 0) {
>- //
>- // It is not the first provider in the policy. Add a connector before provider.
>- //
>- NewPolicyInfoLen += sizeof (EFI_USER_INFO_IDENTITY_POLICY);
>- }
>- NewPolicyInfo = AllocateZeroPool (NewPolicyInfoLen);
>- if (NewPolicyInfo == NULL) {
>- return ;
>- }
>-
>- NewPolicyInfoLen = 0;
>- if (mUserInfo.NewIdentityPolicyLen > 0) {
>- //
>- // Save orginal policy.
>- //
>- CopyMem (NewPolicyInfo, mUserInfo.NewIdentityPolicy,
>mUserInfo.NewIdentityPolicyLen);
>-
>- //
>- // Save logical connector.
>- //
>- Policy = (EFI_USER_INFO_IDENTITY_POLICY *) (NewPolicyInfo +
>mUserInfo.NewIdentityPolicyLen);
>- if (mConncetLogical == 0) {
>- Policy->Type = EFI_USER_INFO_IDENTITY_AND;
>- } else {
>- Policy->Type = EFI_USER_INFO_IDENTITY_OR;
>- }
>-
>- Policy->Length = sizeof (EFI_USER_INFO_IDENTITY_POLICY);
>- NewPolicyInfoLen = mUserInfo.NewIdentityPolicyLen + Policy->Length;
>- FreePool (mUserInfo.NewIdentityPolicy);
>- }
>-
>- //
>- // Save credential provider.
>- //
>- Policy = (EFI_USER_INFO_IDENTITY_POLICY *) (NewPolicyInfo +
>NewPolicyInfoLen);
>- Policy->Length = sizeof (EFI_USER_INFO_IDENTITY_POLICY) + sizeof
>(EFI_GUID);
>- Policy->Type = EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER;
>- CopyGuid ((EFI_GUID *) (Policy + 1), NewGuid);
>- NewPolicyInfoLen += Policy->Length;
>-
>- //
>- // Update identity policy choice.
>- //
>- mUserInfo.NewIdentityPolicy = NewPolicyInfo;
>- mUserInfo.NewIdentityPolicyLen = NewPolicyInfoLen;
>- mUserInfo.NewIdentityPolicyModified = TRUE;
>-}
>-
>-
>-/**
>- This function replaces the old identity policy with a new identity policy.
>-
>- This function delete the user identity policy information.
>- If enroll new credential failed, recover the old identity policy.
>-
>- @retval EFI_SUCCESS Modify user identity policy successfully.
>- @retval Others Fail to modify user identity policy.
>-
>-**/
>-EFI_STATUS
>-UpdateCredentialProvider (
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>- UINTN Offset;
>-
>- //
>- // Delete the old identification policy.
>- //
>- DeleteCredentialFromProviders (mUserInfo.IdentityPolicy,
>mUserInfo.IdentityPolicyLen, mModifyUser);
>-
>- //
>- // Add the new identification policy.
>- //
>- Offset = 0;
>- while (Offset < mUserInfo.NewIdentityPolicyLen) {
>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *)
>(mUserInfo.NewIdentityPolicy + Offset);
>- if (Identity->Type == EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER) {
>- //
>- // Enroll the user on this provider
>- //
>- Status = EnrollUserOnProvider (Identity, mModifyUser);
>- if (EFI_ERROR (Status)) {
>- //
>- // Failed to enroll the user by new identification policy.
>- // So removed the credential provider from the identification policy
>- //
>- DeleteProviderFromPolicy (Identity, Offset);
>- continue;
>- }
>- }
>- Offset += Identity->Length;
>- }
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Check whether the identity policy is valid.
>-
>- @param[in] PolicyInfo Point to the identity policy.
>- @param[in] PolicyInfoLen The policy length.
>-
>- @retval TRUE The policy is a valid identity policy.
>- @retval FALSE The policy is not a valid identity policy.
>-
>-**/
>-BOOLEAN
>-CheckNewIdentityPolicy (
>- IN UINT8 *PolicyInfo,
>- IN UINTN PolicyInfoLen
>- )
>-{
>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>- EFI_INPUT_KEY Key;
>- UINTN Offset;
>- UINT32 OpCode;
>-
>- //
>- // Check policy expression.
>- //
>- OpCode = EFI_USER_INFO_IDENTITY_FALSE;
>- Offset = 0;
>- while (Offset < PolicyInfoLen) {
>- //
>- // Check identification policy according to type
>- //
>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) (PolicyInfo + Offset);
>- switch (Identity->Type) {
>-
>- case EFI_USER_INFO_IDENTITY_TRUE:
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_OR:
>- if (OpCode == EFI_USER_INFO_IDENTITY_AND) {
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- L"Invalid Identity Policy, Mixed Connector Unsupport!",
>- L"",
>- L"Press Any Key to Continue ...",
>- NULL
>- );
>- return FALSE;
>- }
>-
>- OpCode = EFI_USER_INFO_IDENTITY_OR;
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_AND:
>- if (OpCode == EFI_USER_INFO_IDENTITY_OR) {
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- L"Invalid Identity Policy, Mixed Connector Unsupport!",
>- L"",
>- L"Press Any Key to Continue ...",
>- NULL
>- );
>- return FALSE;
>- }
>-
>- OpCode = EFI_USER_INFO_IDENTITY_AND;
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER:
>- break;
>-
>- default:
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- L"Unsupport parameter",
>- L"",
>- L"Press Any Key to Continue ...",
>- NULL
>- );
>- return FALSE;
>- }
>- Offset += Identity->Length;
>- }
>-
>- return TRUE;
>-}
>-
>-
>-/**
>- Save the identity policy and update UI with it.
>-
>- This function will verify the new identity policy, in current implementation,
>- the identity policy can be: T, P & P & P & ..., P | P | P | ...
>- Here, "T" means "True", "P" means "Credential Provider", "&" means "and",
>"|" means "or".
>- Other identity policies are not supported.
>-
>-**/
>-VOID
>-SaveIdentityPolicy (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO_HANDLE UserInfo;
>- EFI_USER_INFO *Info;
>-
>- if (!mUserInfo.NewIdentityPolicyModified ||
>(mUserInfo.NewIdentityPolicyLen == 0)) {
>- return;
>- }
>-
>- //
>- // Check policy expression.
>- //
>- if (!CheckNewIdentityPolicy (mUserInfo.NewIdentityPolicy,
>mUserInfo.NewIdentityPolicyLen)) {
>- return;
>- }
>-
>- Status = FindInfoByType (mModifyUser,
>EFI_USER_INFO_IDENTITY_POLICY_RECORD, &UserInfo);
>- if (EFI_ERROR (Status)) {
>- return ;
>- }
>-
>- //
>- // Update the informantion on credential provider.
>- //
>- Status = UpdateCredentialProvider ();
>- if (EFI_ERROR (Status)) {
>- return ;
>- }
>-
>- //
>- // Save new identification policy.
>- //
>- Info = AllocateZeroPool (sizeof (EFI_USER_INFO) +
>mUserInfo.NewIdentityPolicyLen);
>- ASSERT (Info != NULL);
>-
>- Info->InfoType = EFI_USER_INFO_IDENTITY_POLICY_RECORD;
>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
>- Info->InfoSize = (UINT32) (sizeof (EFI_USER_INFO) +
>mUserInfo.NewIdentityPolicyLen);
>- CopyMem ((UINT8 *) (Info + 1), mUserInfo.NewIdentityPolicy,
>mUserInfo.NewIdentityPolicyLen);
>-
>- Status = mUserManager->SetInfo (mUserManager, mModifyUser,
>&UserInfo, Info, Info->InfoSize);
>- FreePool (Info);
>-
>- //
>- // Update the mUserInfo.IdentityPolicy by mUserInfo.NewIdentityPolicy
>- //
>- if (mUserInfo.IdentityPolicy != NULL) {
>- FreePool (mUserInfo.IdentityPolicy);
>- }
>- mUserInfo.IdentityPolicy = mUserInfo.NewIdentityPolicy;
>- mUserInfo.IdentityPolicyLen = mUserInfo.NewIdentityPolicyLen;
>-
>- mUserInfo.NewIdentityPolicy = NULL;
>- mUserInfo.NewIdentityPolicyLen = 0;
>- mUserInfo.NewIdentityPolicyModified = FALSE;
>-
>- //
>- // Update identity policy choice.
>- //
>- ResolveIdentityPolicy (mUserInfo.IdentityPolicy,
>mUserInfo.IdentityPolicyLen, STRING_TOKEN (STR_IDENTIFY_POLICY_VAL));
>-}
>-
>-
>-/**
>- Update the mUserInfo.NewIdentityPolicy, and UI when 'add option' is
>pressed.
>-
>-**/
>-VOID
>-AddIdentityPolicyItem (
>- VOID
>- )
>-{
>- if (mProviderInfo->Count == 0) {
>- return ;
>- }
>-
>- //
>- // Check the identity policy.
>- //
>- if (ProviderAlreadyInPolicy (&mProviderInfo->Provider[mProviderChoice]-
>>Identifier)) {
>- return;
>- }
>-
>- //
>- // Add it to identification policy
>- //
>- AddProviderToPolicy (&mProviderInfo->Provider[mProviderChoice]-
>>Identifier);
>-
>- //
>- // Update identity policy choice.
>- //
>- ResolveIdentityPolicy (mUserInfo.NewIdentityPolicy,
>mUserInfo.NewIdentityPolicyLen, STRING_TOKEN
>(STR_IDENTIFY_POLICY_VALUE));
>-}
>-
>-
>diff --git
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileAdd.c
>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileAdd.c
>deleted file mode 100644
>index 6de7e75e79..0000000000
>---
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileAdd.c
>+++ /dev/null
>@@ -1,372 +0,0 @@
>-/** @file
>- The functions to add a user profile.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#include "UserProfileManager.h"
>-
>-
>-/**
>- Get user name from the popup windows.
>-
>- @param[in, out] UserNameLen On entry, point to UserName buffer lengh,
>in bytes.
>- On exit, point to input user name length, in bytes.
>- @param[out] UserName The buffer to hold the input user name.
>-
>- @retval EFI_ABORTED It is given up by pressing 'ESC' key.
>- @retval EFI_NOT_READY Not a valid input at all.
>- @retval EFI_SUCCESS Get a user name successfully.
>-
>-**/
>-EFI_STATUS
>-GetUserNameInput (
>- IN OUT UINTN *UserNameLen,
>- OUT CHAR16 *UserName
>- )
>-{
>- EFI_INPUT_KEY Key;
>- UINTN NameLen;
>- CHAR16 Name[USER_NAME_LENGTH];
>-
>- NameLen = 0;
>- while (TRUE) {
>- Name[NameLen] = L'_';
>- Name[NameLen + 1] = L'\0';
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- L"Input User Name",
>- L"---------------------",
>- Name,
>- NULL
>- );
>- //
>- // Check key.
>- //
>- if (Key.ScanCode == SCAN_NULL) {
>- if (Key.UnicodeChar == CHAR_CARRIAGE_RETURN) {
>- //
>- // Add the null terminator.
>- //
>- Name[NameLen] = 0;
>- NameLen++;
>- break;
>- } else if ((Key.UnicodeChar == CHAR_NULL) ||
>- (Key.UnicodeChar == CHAR_TAB) ||
>- (Key.UnicodeChar == CHAR_LINEFEED)
>- ) {
>- continue;
>- } else {
>- if (Key.UnicodeChar == CHAR_BACKSPACE) {
>- if (NameLen > 0) {
>- NameLen--;
>- }
>- } else {
>- Name[NameLen] = Key.UnicodeChar;
>- NameLen++;
>- if (NameLen + 1 == USER_NAME_LENGTH) {
>- //
>- // Add the null terminator.
>- //
>- Name[NameLen] = 0;
>- NameLen++;
>- break;
>- }
>- }
>- }
>- }
>-
>- if (Key.ScanCode == SCAN_ESC) {
>- return EFI_ABORTED;
>- }
>- }
>-
>- if (NameLen <= 1) {
>- return EFI_NOT_READY;
>- }
>-
>- if (*UserNameLen < NameLen * sizeof (CHAR16)) {
>- return EFI_NOT_READY;
>- }
>-
>- *UserNameLen = NameLen * sizeof (CHAR16);
>- CopyMem (UserName, Name, *UserNameLen);
>-
>- return EFI_SUCCESS;
>-}
>-
>-/**
>- Set a user's username.
>-
>- @param[in] User Handle of a user profile .
>- @param[in] UserNameLen The lengh of UserName.
>- @param[in] UserName Point to the buffer of user name.
>-
>- @retval EFI_NOT_READY The usernme in mAddUserName had been used.
>- @retval EFI_SUCCESS Change the user's username successfully with
>- username in mAddUserName.
>-
>-**/
>-EFI_STATUS
>-SetUserName (
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN UINTN UserNameLen,
>- IN CHAR16 *UserName
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO_HANDLE UserInfo;
>- EFI_USER_PROFILE_HANDLE TempUser;
>- EFI_USER_INFO *NewUserInfo;
>-
>- NewUserInfo = AllocateZeroPool (sizeof (EFI_USER_INFO) + UserNameLen);
>- ASSERT (NewUserInfo != NULL);
>-
>- NewUserInfo->InfoType = EFI_USER_INFO_NAME_RECORD;
>- NewUserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>- EFI_USER_INFO_PUBLIC |
>- EFI_USER_INFO_EXCLUSIVE;
>- NewUserInfo->InfoSize = (UINT32) (sizeof (EFI_USER_INFO) +
>UserNameLen);
>- CopyMem ((UINT8 *) (NewUserInfo + 1), UserName, UserNameLen);
>- TempUser = NULL;
>- Status = mUserManager->Find (
>- mUserManager,
>- &TempUser,
>- NULL,
>- NewUserInfo,
>- NewUserInfo->InfoSize
>- );
>- if (!EFI_ERROR (Status)) {
>- //
>- // The user name had been used, return error.
>- //
>- FreePool (NewUserInfo);
>- return EFI_NOT_READY;
>- }
>-
>- UserInfo = NULL;
>- mUserManager->SetInfo (
>- mUserManager,
>- User,
>- &UserInfo,
>- NewUserInfo,
>- NewUserInfo->InfoSize
>- );
>- FreePool (NewUserInfo);
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Set create date of the specified user.
>-
>- @param[in] User Handle of a user profile.
>-
>-**/
>-VOID
>-SetCreateDate (
>- IN EFI_USER_PROFILE_HANDLE User
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO_HANDLE UserInfo;
>- EFI_USER_INFO_CREATE_DATE Date;
>- EFI_USER_INFO *NewUserInfo;
>-
>- NewUserInfo = AllocateZeroPool (
>- sizeof (EFI_USER_INFO) +
>- sizeof (EFI_USER_INFO_CREATE_DATE)
>- );
>- ASSERT (NewUserInfo != NULL);
>-
>- NewUserInfo->InfoType = EFI_USER_INFO_CREATE_DATE_RECORD;
>- NewUserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>- EFI_USER_INFO_PUBLIC |
>- EFI_USER_INFO_EXCLUSIVE;
>- NewUserInfo->InfoSize = sizeof (EFI_USER_INFO) + sizeof
>(EFI_USER_INFO_CREATE_DATE);
>- Status = gRT->GetTime (&Date, NULL);
>- if (EFI_ERROR (Status)) {
>- FreePool (NewUserInfo);
>- return ;
>- }
>-
>- CopyMem ((UINT8 *) (NewUserInfo + 1), &Date, sizeof
>(EFI_USER_INFO_CREATE_DATE));
>- UserInfo = NULL;
>- mUserManager->SetInfo (
>- mUserManager,
>- User,
>- &UserInfo,
>- NewUserInfo,
>- NewUserInfo->InfoSize
>- );
>- FreePool (NewUserInfo);
>-}
>-
>-
>-/**
>- Set the default identity policy of the specified user.
>-
>- @param[in] User Handle of a user profile.
>-
>-**/
>-VOID
>-SetIdentityPolicy (
>- IN EFI_USER_PROFILE_HANDLE User
>- )
>-{
>- EFI_USER_INFO_IDENTITY_POLICY *Policy;
>- EFI_USER_INFO_HANDLE UserInfo;
>- EFI_USER_INFO *NewUserInfo;
>-
>- NewUserInfo = AllocateZeroPool (
>- sizeof (EFI_USER_INFO) +
>- sizeof (EFI_USER_INFO_IDENTITY_POLICY)
>- );
>- ASSERT (NewUserInfo != NULL);
>-
>- Policy = (EFI_USER_INFO_IDENTITY_POLICY *) (NewUserInfo + 1);
>- Policy->Type = EFI_USER_INFO_IDENTITY_TRUE;
>- Policy->Length = sizeof (EFI_USER_INFO_IDENTITY_POLICY);
>-
>- NewUserInfo->InfoType = EFI_USER_INFO_IDENTITY_POLICY_RECORD;
>- NewUserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>- EFI_USER_INFO_PUBLIC |
>- EFI_USER_INFO_EXCLUSIVE;
>- NewUserInfo->InfoSize = sizeof (EFI_USER_INFO) + Policy->Length;
>- UserInfo = NULL;
>- mUserManager->SetInfo (
>- mUserManager,
>- User,
>- &UserInfo,
>- NewUserInfo,
>- NewUserInfo->InfoSize
>- );
>- FreePool (NewUserInfo);
>-}
>-
>-
>-/**
>- Set the default access policy of the specified user.
>-
>- @param[in] User Handle of a user profile.
>-
>-**/
>-VOID
>-SetAccessPolicy (
>- IN EFI_USER_PROFILE_HANDLE User
>- )
>-{
>- EFI_USER_INFO_ACCESS_CONTROL *Control;
>- EFI_USER_INFO_HANDLE UserInfo;
>- EFI_USER_INFO *NewUserInfo;
>-
>- NewUserInfo = AllocateZeroPool (
>- sizeof (EFI_USER_INFO) +
>- sizeof (EFI_USER_INFO_ACCESS_CONTROL)
>- );
>- ASSERT (NewUserInfo != NULL);
>-
>- Control = (EFI_USER_INFO_ACCESS_CONTROL *) (NewUserInfo +
>1);
>- Control->Type = EFI_USER_INFO_ACCESS_ENROLL_SELF;
>- Control->Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL);
>-
>- NewUserInfo->InfoType = EFI_USER_INFO_ACCESS_POLICY_RECORD;
>- NewUserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>- EFI_USER_INFO_PUBLIC |
>- EFI_USER_INFO_EXCLUSIVE;
>- NewUserInfo->InfoSize = sizeof (EFI_USER_INFO) + Control->Size;
>- UserInfo = NULL;
>- mUserManager->SetInfo (
>- mUserManager,
>- User,
>- &UserInfo,
>- NewUserInfo,
>- NewUserInfo->InfoSize
>- );
>- FreePool (NewUserInfo);
>-}
>-
>-
>-/**
>- Add a new user profile into the user profile database.
>-
>-**/
>-VOID
>-CallAddUser (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- EFI_INPUT_KEY Key;
>- EFI_USER_PROFILE_HANDLE User;
>- UINTN UserNameLen;
>- CHAR16 UserName[USER_NAME_LENGTH];
>- CHAR16 *QuestionStr;
>- CHAR16 *PromptStr;
>-
>- QuestionStr = NULL;
>- PromptStr = NULL;
>-
>- //
>- // Get user name to add.
>- //
>- UserNameLen = sizeof (UserName);
>- Status = GetUserNameInput (&UserNameLen, UserName);
>- if (EFI_ERROR (Status)) {
>- if (Status != EFI_ABORTED) {
>- QuestionStr = GetStringById (STRING_TOKEN
>(STR_GET_USERNAME_FAILED));
>- PromptStr = GetStringById (STRING_TOKEN
>(STR_STROKE_KEY_CONTINUE));
>- goto Done;
>- }
>- return ;
>- }
>-
>- //
>- // Create a new user profile.
>- //
>- User = NULL;
>- Status = mUserManager->Create (mUserManager, &User);
>- if (EFI_ERROR (Status)) {
>- QuestionStr = GetStringById (STRING_TOKEN
>(STR_CREATE_PROFILE_FAILED));
>- PromptStr = GetStringById (STRING_TOKEN
>(STR_STROKE_KEY_CONTINUE));
>- } else {
>- //
>- // Add default user information.
>- //
>- Status = SetUserName (User, UserNameLen, UserName);
>- if (EFI_ERROR (Status)) {
>- QuestionStr = GetStringById (STRING_TOKEN
>(STR_USER_ALREADY_EXISTED));
>- PromptStr = GetStringById (STRING_TOKEN
>(STR_STROKE_KEY_CONTINUE));
>- goto Done;
>- }
>-
>- SetCreateDate (User);
>- SetIdentityPolicy (User);
>- SetAccessPolicy (User);
>-
>- QuestionStr = GetStringById (STRING_TOKEN
>(STR_CREATE_PROFILE_SUCCESS));
>- PromptStr = GetStringById (STRING_TOKEN
>(STR_STROKE_KEY_CONTINUE));
>- }
>-
>-Done:
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- QuestionStr,
>- L"",
>- PromptStr,
>- NULL
>- );
>- FreePool (QuestionStr);
>- FreePool (PromptStr);
>-}
>-
>diff --git
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileDelete.
>c
>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileDelete.
>c
>deleted file mode 100644
>index af5d3109dd..0000000000
>---
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileDelete.
>c
>+++ /dev/null
>@@ -1,343 +0,0 @@
>-/** @file
>- The functions to delete a user profile.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#include "UserProfileManager.h"
>-
>-/**
>- Get the username from the specified user.
>-
>- @param[in] User Handle of a user profile.
>-
>- @retval EFI_STRING_ID The String Id of the user's username.
>-
>-**/
>-EFI_STRING_ID
>-GetUserName (
>- IN EFI_USER_PROFILE_HANDLE User
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO_HANDLE UserInfo;
>- EFI_USER_INFO *Info;
>- UINTN InfoSize;
>- UINTN MemSize;
>- UINTN NameLen;
>- CHAR16 UserName[USER_NAME_LENGTH];
>- EFI_STRING_ID UserId;
>-
>- //
>- // Allocate user information memory.
>- //
>- MemSize = sizeof (EFI_USER_INFO) + 63;
>- Info = AllocateZeroPool (MemSize);
>- ASSERT (Info != NULL);
>-
>- //
>- // Get user name information.
>- //
>- UserInfo = NULL;
>- while (TRUE) {
>- InfoSize = MemSize;
>- //
>- // Get next user information.
>- //
>- Status = mUserManager->GetNextInfo (
>- mUserManager,
>- User,
>- &UserInfo
>- );
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>-
>- Status = mUserManager->GetInfo (
>- mUserManager,
>- User,
>- UserInfo,
>- Info,
>- &InfoSize
>- );
>- if (Status == EFI_BUFFER_TOO_SMALL) {
>- MemSize = InfoSize;
>- FreePool (Info);
>- Info = AllocateZeroPool (MemSize);
>- ASSERT (Info != NULL);
>-
>- Status = mUserManager->GetInfo (
>- mUserManager,
>- User,
>- UserInfo,
>- Info,
>- &InfoSize
>- );
>- }
>- //
>- // Check user information.
>- //
>- if (Status == EFI_SUCCESS) {
>- if (Info->InfoType == EFI_USER_INFO_NAME_RECORD) {
>- NameLen = Info->InfoSize - sizeof (EFI_USER_INFO);
>- if (NameLen > USER_NAME_LENGTH * sizeof (CHAR16)) {
>- NameLen = USER_NAME_LENGTH * sizeof (CHAR16);
>- }
>- ASSERT (NameLen >= sizeof (CHAR16));
>- CopyMem (UserName, (UINT8 *) (Info + 1), NameLen);
>- UserName[NameLen / sizeof (CHAR16) - 1] = 0;
>- UserId = HiiSetString (
>- mCallbackInfo->HiiHandle,
>- 0,
>- UserName,
>- NULL
>- );
>- if (UserId != 0) {
>- FreePool (Info);
>- return UserId;
>- }
>- }
>- }
>- }
>-
>- FreePool (Info);
>- return 0;
>-}
>-
>-
>-/**
>- Add a username item in form.
>-
>- @param[in] User Points to the user profile whose username is added.
>- @param[in] Index The index of the user in the user name list
>- @param[in] OpCodeHandle Points to container for dynamic created
>opcodes.
>-
>-**/
>-VOID
>-AddUserToForm (
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN UINT16 Index,
>- IN VOID *OpCodeHandle
>- )
>-{
>- EFI_STRING_ID NameId;
>-
>- //
>- // Get user name
>- //
>- NameId = GetUserName (User);
>- if (NameId == 0) {
>- return ;
>- }
>-
>- //
>- // Create user name option.
>- //
>- switch (Index & KEY_FIRST_FORM_MASK) {
>- case KEY_MODIFY_USER:
>- HiiCreateGotoOpCode (
>- OpCodeHandle, // Container for dynamic created opcodes
>- FORMID_USER_INFO, // Target Form ID
>- NameId, // Prompt text
>- STRING_TOKEN (STR_NULL_STRING), // Help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- Index // Question ID
>- );
>- break;
>-
>- case KEY_DEL_USER:
>- HiiCreateActionOpCode (
>- OpCodeHandle, // Container for dynamic created opcodes
>- Index, // Question ID
>- NameId, // Prompt text
>- STRING_TOKEN (STR_NULL_STRING), // Help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- 0 // Action String ID
>- );
>- break;
>-
>- default:
>- break;
>- }
>-}
>-
>-
>-/**
>- Delete the user specified by UserIndex in user profile database.
>-
>- @param[in] UserIndex The index of user in the user name list
>- to be deleted.
>-
>-**/
>-VOID
>-DeleteUser (
>- IN UINT8 UserIndex
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_PROFILE_HANDLE User;
>- EFI_INPUT_KEY Key;
>- EFI_USER_INFO_HANDLE UserInfo;
>- EFI_USER_INFO *Info;
>- UINTN InfoSize;
>-
>- //
>- // Find specified user profile and delete it.
>- //
>- User = NULL;
>- Status = mUserManager->GetNext (mUserManager, &User);
>- if (EFI_ERROR (Status)) {
>- goto Done;
>- }
>-
>- while (UserIndex > 1) {
>- Status = mUserManager->GetNext (mUserManager, &User);
>- if (EFI_ERROR (Status)) {
>- goto Done;
>- }
>- UserIndex--;
>- }
>-
>- if (UserIndex == 1) {
>- //
>- // Get the identification policy.
>- //
>- Status = FindInfoByType (User,
>EFI_USER_INFO_IDENTITY_POLICY_RECORD, &UserInfo);
>- if (EFI_ERROR (Status)) {
>- goto Done;
>- }
>-
>- InfoSize = 0;
>- Info = NULL;
>- Status = mUserManager->GetInfo (mUserManager, User, UserInfo, Info,
>&InfoSize);
>- if (Status == EFI_BUFFER_TOO_SMALL) {
>- Info = AllocateZeroPool (InfoSize);
>- if (Info == NULL) {
>- goto Done;
>- }
>- Status = mUserManager->GetInfo (mUserManager, User, UserInfo, Info,
>&InfoSize);
>- }
>-
>- //
>- // Delete the user on the credential providers by its identification policy.
>- //
>- ASSERT (Info != NULL);
>- DeleteCredentialFromProviders ((UINT8 *)(Info + 1), Info->InfoSize - sizeof
>(EFI_USER_INFO), User);
>- FreePool (Info);
>-
>- Status = mUserManager->Delete (mUserManager, User);
>- if (EFI_ERROR (Status)) {
>- goto Done;
>- }
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- L"Delete User Succeed!",
>- L"",
>- L"Please Press Any Key to Continue ...",
>- NULL
>- );
>- return ;
>- }
>-
>-Done:
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- L"Delete User Failed!",
>- L"",
>- L"Please Press Any Key to Continue ...",
>- NULL
>- );
>-}
>-
>-
>-/**
>- Display user select form, cab select a user to delete.
>-
>-**/
>-VOID
>-SelectUserToDelete (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- UINT8 Index;
>- EFI_USER_PROFILE_HANDLE User;
>- EFI_USER_PROFILE_HANDLE CurrentUser;
>- VOID *StartOpCodeHandle;
>- VOID *EndOpCodeHandle;
>- EFI_IFR_GUID_LABEL *StartLabel;
>- EFI_IFR_GUID_LABEL *EndLabel;
>-
>- //
>- // Initialize the container for dynamic opcodes.
>- //
>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (StartOpCodeHandle != NULL);
>-
>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (EndOpCodeHandle != NULL);
>-
>- //
>- // Create Hii Extend Label OpCode.
>- //
>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- StartOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- StartLabel->Number = LABEL_USER_DEL_FUNC;
>-
>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- EndOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- EndLabel->Number = LABEL_END;
>-
>- //
>- // Add each user can be deleted.
>- //
>- User = NULL;
>- Index = 1;
>- mUserManager->Current (mUserManager, &CurrentUser);
>- while (TRUE) {
>- Status = mUserManager->GetNext (mUserManager, &User);
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>-
>- if (User != CurrentUser) {
>- AddUserToForm (
>- User,
>- (UINT16)(KEY_DEL_USER | KEY_SELECT_USER | Index),
>- StartOpCodeHandle
>- );
>- }
>- Index++;
>- }
>-
>- HiiUpdateForm (
>- mCallbackInfo->HiiHandle, // HII handle
>- &gUserProfileManagerGuid, // Formset GUID
>- FORMID_DEL_USER, // Form ID
>- StartOpCodeHandle, // Label for where to insert opcodes
>- EndOpCodeHandle // Replace data
>- );
>-
>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>-}
>diff --git
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>er.c
>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>er.c
>deleted file mode 100644
>index e73ba3a8fc..0000000000
>---
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>er.c
>+++ /dev/null
>@@ -1,887 +0,0 @@
>-/** @file
>- This driver is a configuration tool for adding, deleting or modifying user
>- profiles, including gathering the necessary information to ascertain their
>- identity in the future, updating user access policy and identification
>- policy, etc.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-(C) Copyright 2018 Hewlett Packard Enterprise Development LP<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#include "UserProfileManager.h"
>-
>-EFI_USER_MANAGER_PROTOCOL *mUserManager = NULL;
>-CREDENTIAL_PROVIDER_INFO *mProviderInfo = NULL;
>-UINT8 mProviderChoice;
>-UINT8 mConncetLogical;
>-USER_INFO_ACCESS mAccessInfo;
>-USER_INFO mUserInfo;
>-USER_PROFILE_MANAGER_CALLBACK_INFO *mCallbackInfo;
>-HII_VENDOR_DEVICE_PATH mHiiVendorDevicePath = {
>- {
>- {
>- HARDWARE_DEVICE_PATH,
>- HW_VENDOR_DP,
>- {
>- (UINT8) (sizeof (VENDOR_DEVICE_PATH)),
>- (UINT8) ((sizeof (VENDOR_DEVICE_PATH)) >> 8)
>- }
>- },
>- USER_PROFILE_MANAGER_GUID
>- },
>- {
>- END_DEVICE_PATH_TYPE,
>- END_ENTIRE_DEVICE_PATH_SUBTYPE,
>- {
>- (UINT8) (END_DEVICE_PATH_LENGTH),
>- (UINT8) ((END_DEVICE_PATH_LENGTH) >> 8)
>- }
>- }
>-};
>-
>-
>-/**
>- Get string by string id from HII Interface.
>-
>-
>- @param[in] Id String ID to get the string from.
>-
>- @retval CHAR16 * String from ID.
>- @retval NULL If error occurs.
>-
>-**/
>-CHAR16 *
>-GetStringById (
>- IN EFI_STRING_ID Id
>- )
>-{
>- //
>- // Get the current string for the current Language.
>- //
>- return HiiGetString (mCallbackInfo->HiiHandle, Id, NULL);
>-}
>-
>-
>-/**
>- This function gets all the credential providers in the system and saved them
>- to mProviderInfo.
>-
>- @retval EFI_SUCESS Init credential provider database successfully.
>- @retval Others Fail to init credential provider database.
>-
>-**/
>-EFI_STATUS
>-InitProviderInfo (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- UINTN HandleCount;
>- EFI_HANDLE *HandleBuf;
>- UINTN Index;
>-
>- //
>- // Try to find all the user credential provider driver.
>- //
>- HandleCount = 0;
>- HandleBuf = NULL;
>- Status = gBS->LocateHandleBuffer (
>- ByProtocol,
>- &gEfiUserCredential2ProtocolGuid,
>- NULL,
>- &HandleCount,
>- &HandleBuf
>- );
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Get provider infomation.
>- //
>- if (mProviderInfo != NULL) {
>- FreePool (mProviderInfo);
>- }
>- mProviderInfo = AllocateZeroPool (
>- sizeof (CREDENTIAL_PROVIDER_INFO) -
>- sizeof (EFI_USER_CREDENTIAL2_PROTOCOL *) +
>- HandleCount * sizeof (EFI_USER_CREDENTIAL2_PROTOCOL *)
>- );
>- if (mProviderInfo == NULL) {
>- FreePool (HandleBuf);
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- mProviderInfo->Count = HandleCount;
>- for (Index = 0; Index < HandleCount; Index++) {
>- Status = gBS->HandleProtocol (
>- HandleBuf[Index],
>- &gEfiUserCredential2ProtocolGuid,
>- (VOID **) &mProviderInfo->Provider[Index]
>- );
>- if (EFI_ERROR (Status)) {
>- FreePool (HandleBuf);
>- FreePool (mProviderInfo);
>- mProviderInfo = NULL;
>- return Status;
>- }
>- }
>-
>- FreePool (HandleBuf);
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- This function processes changes in user profile configuration.
>-
>- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
>- @param Action Specifies the type of action taken by the browser.
>- @param QuestionId A unique value which is sent to the original
>- exporting driver so that it can identify the type
>- of data to expect.
>- @param Type The type of value for the question.
>- @param Value A pointer to the data being sent to the original
>- exporting driver.
>- @param ActionRequest On return, points to the action requested by
>the
>- callback function.
>-
>- @retval EFI_SUCCESS The callback successfully handled the action.
>- @retval Others Fail to handle the action.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileManagerCallback (
>- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
>- IN EFI_BROWSER_ACTION Action,
>- IN EFI_QUESTION_ID QuestionId,
>- IN UINT8 Type,
>- IN EFI_IFR_TYPE_VALUE *Value,
>- OUT EFI_BROWSER_ACTION_REQUEST *ActionRequest
>- )
>-{
>- EFI_STATUS Status;
>- EFI_INPUT_KEY Key;
>- UINT32 CurrentAccessRight;
>- CHAR16 *QuestionStr;
>- CHAR16 *PromptStr;
>- VOID *StartOpCodeHandle;
>- VOID *EndOpCodeHandle;
>- EFI_IFR_GUID_LABEL *StartLabel;
>- EFI_IFR_GUID_LABEL *EndLabel;
>- EFI_USER_PROFILE_HANDLE CurrentUser;
>-
>- Status = EFI_SUCCESS;
>-
>- switch (Action) {
>- case EFI_BROWSER_ACTION_FORM_OPEN:
>- {
>- //
>- // Update user manage Form when user manage Form is opened.
>- // This will be done only in FORM_OPEN CallBack of question with
>QUESTIONID_USER_MANAGE from user manage Form.
>- //
>- if (QuestionId != QUESTIONID_USER_MANAGE) {
>- return EFI_SUCCESS;
>- }
>-
>- //
>- // Get current user
>- //
>- CurrentUser = NULL;
>- mUserManager->Current (mUserManager, &CurrentUser);
>- if (CurrentUser == NULL) {
>- DEBUG ((DEBUG_ERROR, "Error: current user does not exist!\n"));
>- return EFI_NOT_READY;
>- }
>-
>- //
>- // Get current user's right information.
>- //
>- Status = GetAccessRight (&CurrentAccessRight);
>- if (EFI_ERROR (Status)) {
>- CurrentAccessRight = EFI_USER_INFO_ACCESS_ENROLL_SELF;
>- }
>-
>- //
>- // Init credential provider information.
>- //
>- Status = InitProviderInfo ();
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Initialize the container for dynamic opcodes.
>- //
>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (StartOpCodeHandle != NULL);
>-
>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (EndOpCodeHandle != NULL);
>-
>- //
>- // Create Hii Extend Label OpCode.
>- //
>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- StartOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- StartLabel->Number = LABEL_USER_MANAGE_FUNC;
>-
>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- EndOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- EndLabel->Number = LABEL_END;
>-
>- //
>- // Add user profile option.
>- //
>- if ((CurrentAccessRight == EFI_USER_INFO_ACCESS_MANAGE) ||
>- (CurrentAccessRight == EFI_USER_INFO_ACCESS_ENROLL_OTHERS)
>- ) {
>- HiiCreateActionOpCode (
>- StartOpCodeHandle, // Container for dynamic created opcodes
>- KEY_ADD_USER, // Question ID
>- STRING_TOKEN (STR_ADD_USER_TITLE), // Prompt text
>- STRING_TOKEN (STR_ADD_USER_HELP), // Help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- 0 // Action String ID
>- );
>- }
>-
>- //
>- // Add modify user profile option.
>- //
>- HiiCreateGotoOpCode (
>- StartOpCodeHandle, // Container for dynamic created opcodes
>- FORMID_MODIFY_USER, // Target Form ID
>- STRING_TOKEN (STR_MODIFY_USER_TITLE), // Prompt text
>- STRING_TOKEN (STR_MODIFY_USER_HELP), // Help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- KEY_MODIFY_USER // Question ID
>- );
>-
>- //
>- // Add delete user profile option
>- //
>- if (CurrentAccessRight == EFI_USER_INFO_ACCESS_MANAGE) {
>- HiiCreateGotoOpCode (
>- StartOpCodeHandle, // Container for dynamic created opcodes
>- FORMID_DEL_USER, // Target Form ID
>- STRING_TOKEN (STR_DELETE_USER_TITLE), // Prompt text
>- STRING_TOKEN (STR_DELETE_USER_HELP), // Help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- KEY_DEL_USER // Question ID
>- );
>- }
>-
>- HiiUpdateForm (
>- mCallbackInfo->HiiHandle, // HII handle
>- &gUserProfileManagerGuid, // Formset GUID
>- FORMID_USER_MANAGE, // Form ID
>- StartOpCodeHandle, // Label for where to insert opcodes
>- EndOpCodeHandle // Replace data
>- );
>-
>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>-
>- return EFI_SUCCESS;
>- }
>- break;
>-
>- case EFI_BROWSER_ACTION_FORM_CLOSE:
>- Status = EFI_SUCCESS;
>- break;
>-
>- case EFI_BROWSER_ACTION_CHANGED:
>- {
>- //
>- // Handle the request from form.
>- //
>- if ((Value == NULL) || (ActionRequest == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Judge first 2 bits.
>- //
>- switch (QuestionId & KEY_FIRST_FORM_MASK) {
>- //
>- // Add user profile operation.
>- //
>- case KEY_ADD_USER:
>- CallAddUser ();
>- break;
>-
>- //
>- // Delete user profile operation.
>- //
>- case KEY_DEL_USER:
>- //
>- // Judge next 2 bits.
>- //
>- switch (QuestionId & KEY_SECOND_FORM_MASK) {
>- //
>- // Delete specified user profile.
>- //
>- case KEY_SELECT_USER:
>- DeleteUser ((UINT8) QuestionId);
>- //
>- // Update select user form after delete a user.
>- //
>- SelectUserToDelete ();
>- break;
>-
>- default:
>- break;
>- }
>- break;
>-
>- //
>- // Modify user profile operation.
>- //
>- case KEY_MODIFY_USER:
>- //
>- // Judge next 2 bits.
>- //
>- switch (QuestionId & KEY_SECOND_FORM_MASK) {
>- //
>- // Enter user profile information form.
>- //
>- case KEY_SELECT_USER:
>- //
>- // Judge next 3 bits.
>- //
>- switch (QuestionId & KEY_MODIFY_INFO_MASK) {
>- //
>- // Modify user name.
>- //
>- case KEY_MODIFY_NAME:
>- ModifyUserName ();
>- //
>- // Update username in parent form.
>- //
>- SelectUserToModify ();
>- break;
>-
>- //
>- // Modify identity policy.
>- //
>- case KEY_MODIFY_IP:
>- //
>- // Judge next 3 bits
>- //
>- switch (QuestionId & KEY_MODIFY_IP_MASK) {
>- //
>- // Change credential provider option.
>- //
>- case KEY_MODIFY_PROV:
>- mProviderChoice = Value->u8;
>- break;
>-
>- //
>- // Change logical connector.
>- //
>- case KEY_MODIFY_CONN:
>- mConncetLogical = Value->u8;
>- break;
>-
>- //
>- // Save option.
>- //
>- case KEY_ADD_IP_OP:
>- AddIdentityPolicyItem ();
>- break;
>-
>- //
>- // Return to user profile information form.
>- //
>- case KEY_IP_RETURN_UIF:
>- SaveIdentityPolicy ();
>- *ActionRequest =
>EFI_BROWSER_ACTION_REQUEST_FORM_SUBMIT_EXIT;
>- break;
>-
>- default:
>- break;
>- }
>- break;
>-
>- //
>- // Modify access policy.
>- //
>- case KEY_MODIFY_AP:
>- //
>- // Judge next 3 bits.
>- //
>- switch (QuestionId & KEY_MODIFY_AP_MASK) {
>- //
>- // Change access right choice.
>- //
>- case KEY_MODIFY_RIGHT:
>- mAccessInfo.AccessRight = Value->u8;
>- break;
>-
>- //
>- // Change setup choice.
>- //
>- case KEY_MODIFY_SETUP:
>- mAccessInfo.AccessSetup= Value->u8;
>- break;
>-
>- //
>- // Change boot order choice.
>- //
>- case KEY_MODIFY_BOOT:
>- mAccessInfo.AccessBootOrder = Value->u32;
>- break;
>-
>- //
>- // Return to user profile information form.
>- //
>- case KEY_AP_RETURN_UIF:
>- SaveAccessPolicy ();
>- *ActionRequest =
>EFI_BROWSER_ACTION_REQUEST_FORM_SUBMIT_EXIT;
>- break;
>-
>- default:
>- break;
>- }
>- break;
>-
>- default:
>- break;
>- }
>- break;
>-
>- //
>- // Access policy device path modified.
>- //
>- case KEY_MODIFY_AP_DP:
>- //
>- // Judge next 2 bits.
>- //
>- switch (QuestionId & KEY_MODIFY_DP_MASK) {
>- //
>- // Load permit device path modified.
>- //
>- case KEY_LOAD_PERMIT_MODIFY:
>- QuestionStr = GetStringById (STRING_TOKEN
>(STR_MOVE_TO_FORBID_LIST));
>- PromptStr = GetStringById (STRING_TOKEN
>(STR_PRESS_KEY_CONTINUE));
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- QuestionStr,
>- L"",
>- PromptStr,
>- NULL
>- );
>- FreePool (QuestionStr);
>- FreePool (PromptStr);
>- if (Key.UnicodeChar != CHAR_CARRIAGE_RETURN) {
>- break;
>- }
>-
>- AddToForbidLoad ((UINT16)(QuestionId & (KEY_MODIFY_DP_MASK -
>1)));
>- DisplayLoadPermit ();
>- break;
>-
>- //
>- // Load forbid device path modified.
>- //
>- case KEY_LOAD_FORBID_MODIFY:
>- QuestionStr = GetStringById (STRING_TOKEN
>(STR_MOVE_TO_PERMIT_LIST));
>- PromptStr = GetStringById (STRING_TOKEN
>(STR_PRESS_KEY_CONTINUE));
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- QuestionStr,
>- L"",
>- PromptStr,
>- NULL
>- );
>- FreePool (QuestionStr);
>- FreePool (PromptStr);
>- if (Key.UnicodeChar != CHAR_CARRIAGE_RETURN) {
>- break;
>- }
>-
>- DeleteFromForbidLoad ((UINT16)(QuestionId &
>(KEY_MODIFY_DP_MASK - 1)));
>- DisplayLoadForbid ();
>- break;
>-
>- //
>- // Connect permit device path modified.
>- //
>- case KEY_CONNECT_PERMIT_MODIFY:
>- break;
>-
>- //
>- // Connect forbid device path modified.
>- //
>- case KEY_CONNECT_FORBID_MODIFY:
>- break;
>-
>- default:
>- break;
>- }
>- break;
>-
>- default:
>- break;
>- }
>- break;
>-
>- default:
>- break;
>- }
>- }
>- break;
>-
>-
>- case EFI_BROWSER_ACTION_CHANGING:
>- {
>- //
>- // Handle the request from form.
>- //
>- if (Value == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Judge first 2 bits.
>- //
>- switch (QuestionId & KEY_FIRST_FORM_MASK) {
>- //
>- // Delete user profile operation.
>- //
>- case KEY_DEL_USER:
>- //
>- // Judge next 2 bits.
>- //
>- switch (QuestionId & KEY_SECOND_FORM_MASK) {
>- //
>- // Enter delete user profile form.
>- //
>- case KEY_ENTER_NEXT_FORM:
>- SelectUserToDelete ();
>- break;
>-
>- default:
>- break;
>- }
>- break;
>-
>- //
>- // Modify user profile operation.
>- //
>- case KEY_MODIFY_USER:
>- //
>- // Judge next 2 bits.
>- //
>- switch (QuestionId & KEY_SECOND_FORM_MASK) {
>- //
>- // Enter modify user profile form.
>- //
>- case KEY_ENTER_NEXT_FORM:
>- SelectUserToModify ();
>- break;
>-
>- //
>- // Enter user profile information form.
>- //
>- case KEY_SELECT_USER:
>- //
>- // Judge next 3 bits.
>- //
>- switch (QuestionId & KEY_MODIFY_INFO_MASK) {
>- //
>- // Display user information form.
>- //
>- case KEY_ENTER_NEXT_FORM:
>- ModifyUserInfo ((UINT8) QuestionId);
>- break;
>-
>- //
>- // Modify identity policy.
>- //
>- case KEY_MODIFY_IP:
>- //
>- // Judge next 3 bits
>- //
>- switch (QuestionId & KEY_MODIFY_IP_MASK) {
>- //
>- // Display identity policy modify form.
>- //
>- case KEY_ENTER_NEXT_FORM:
>- ModifyIdentityPolicy ();
>- break;
>-
>- default:
>- break;
>- }
>- break;
>-
>- //
>- // Modify access policy.
>- //
>- case KEY_MODIFY_AP:
>- //
>- // Judge next 3 bits.
>- //
>- switch (QuestionId & KEY_MODIFY_AP_MASK) {
>- //
>- // Display access policy modify form.
>- //
>- case KEY_ENTER_NEXT_FORM:
>- ModidyAccessPolicy ();
>- break;
>- //
>- // Load device path form.
>- //
>- case KEY_MODIFY_LOAD:
>- //
>- // Judge next 2 bits.
>- //
>- switch (QuestionId & KEY_DISPLAY_DP_MASK) {
>- //
>- // Permit load device path.
>- //
>- case KEY_PERMIT_MODIFY:
>- DisplayLoadPermit ();
>- break;
>-
>- //
>- // Forbid load device path.
>- //
>- case KEY_FORBID_MODIFY:
>- DisplayLoadForbid ();
>- break;
>-
>- default:
>- break;
>- }
>- break;
>-
>- //
>- // Connect device path form.
>- //
>- case KEY_MODIFY_CONNECT:
>- //
>- // Judge next 2 bits.
>- //
>- switch (QuestionId & KEY_DISPLAY_DP_MASK) {
>- //
>- // Permit connect device path.
>- //
>- case KEY_PERMIT_MODIFY:
>- DisplayConnectPermit ();
>- break;
>-
>- //
>- // Forbid connect device path.
>- //
>- case KEY_FORBID_MODIFY:
>- DisplayConnectForbid ();
>- break;
>-
>- default:
>- break;
>- }
>- break;
>-
>- default:
>- break;
>- }
>- break;
>-
>- default:
>- break;
>- }
>- break;
>-
>- default:
>- break;
>- }
>- break;
>-
>- default:
>- break;
>- }
>- }
>- break;
>-
>- default:
>- //
>- // All other action return unsupported.
>- //
>- Status = EFI_UNSUPPORTED;
>- break;
>- }
>-
>-
>- return Status;
>-}
>-
>-
>-/**
>- This function allows a caller to extract the current configuration for one
>- or more named elements from the target driver.
>-
>-
>- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
>- @param Request A null-terminated Unicode string in <ConfigRequest>
>format.
>- @param Progress On return, points to a character in the Request string.
>- Points to the string's null terminator if request was successful.
>- Points to the most recent '&' before the first failing name/value
>- pair (or the beginning of the string if the failure is in the
>- first name/value pair) if the request was not successful.
>- @param Results A null-terminated Unicode string in <ConfigAltResp>
>format which
>- has all values filled in for the names in the Request string.
>- String to be allocated by the called function.
>-
>- @retval EFI_SUCCESS The Results is filled with the requested values.
>- @retval EFI_OUT_OF_RESOURCES Not enough memory to store the
>results.
>- @retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown
>name.
>- @retval EFI_NOT_FOUND Routing data doesn't match any storage in
>this driver.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-FakeExtractConfig (
>- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
>- IN CONST EFI_STRING Request,
>- OUT EFI_STRING *Progress,
>- OUT EFI_STRING *Results
>- )
>-{
>- if (Progress == NULL || Results == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>- *Progress = Request;
>- return EFI_NOT_FOUND;
>-}
>-
>-/**
>- This function processes the results of changes in configuration.
>-
>-
>- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
>- @param Configuration A null-terminated Unicode string in <ConfigResp>
>format.
>- @param Progress A pointer to a string filled in with the offset of the
>most
>- recent '&' before the first failing name/value pair (or the
>- beginning of the string if the failure is in the first
>- name/value pair) or the terminating NULL if all was successful.
>-
>- @retval EFI_SUCCESS The Results is processed successfully.
>- @retval EFI_INVALID_PARAMETER Configuration is NULL.
>- @retval EFI_NOT_FOUND Routing data doesn't match any storage in
>this driver.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-FakeRouteConfig (
>- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
>- IN CONST EFI_STRING Configuration,
>- OUT EFI_STRING *Progress
>- )
>-{
>- if (Configuration == NULL || Progress == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- *Progress = Configuration;
>-
>- return EFI_NOT_FOUND;
>-}
>-
>-
>-/**
>- Main entry for this driver.
>-
>- @param ImageHandle Image handle this driver.
>- @param SystemTable Pointer to SystemTable.
>-
>- @retval EFI_SUCESS This function always complete successfully.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileManagerInit (
>- IN EFI_HANDLE ImageHandle,
>- IN EFI_SYSTEM_TABLE *SystemTable
>- )
>-{
>- EFI_STATUS Status;
>- USER_PROFILE_MANAGER_CALLBACK_INFO *CallbackInfo;
>-
>- Status = gBS->LocateProtocol (
>- &gEfiUserManagerProtocolGuid,
>- NULL,
>- (VOID **) &mUserManager
>- );
>- if (EFI_ERROR (Status)) {
>- return EFI_SUCCESS;
>- }
>-
>- //
>- // Initialize driver private data.
>- //
>- ZeroMem (&mUserInfo, sizeof (mUserInfo));
>- ZeroMem (&mAccessInfo, sizeof (mAccessInfo));
>-
>- CallbackInfo = AllocateZeroPool (sizeof
>(USER_PROFILE_MANAGER_CALLBACK_INFO));
>- ASSERT (CallbackInfo != NULL);
>-
>- CallbackInfo->Signature = USER_PROFILE_MANAGER_SIGNATURE;
>- CallbackInfo->ConfigAccess.ExtractConfig = FakeExtractConfig;
>- CallbackInfo->ConfigAccess.RouteConfig = FakeRouteConfig;
>- CallbackInfo->ConfigAccess.Callback = UserProfileManagerCallback;
>- CallbackInfo->DriverHandle = NULL;
>-
>- //
>- // Install Device Path Protocol and Config Access protocol to driver handle.
>- //
>- Status = gBS->InstallMultipleProtocolInterfaces (
>- &CallbackInfo->DriverHandle,
>- &gEfiDevicePathProtocolGuid,
>- &mHiiVendorDevicePath,
>- &gEfiHiiConfigAccessProtocolGuid,
>- &CallbackInfo->ConfigAccess,
>- NULL
>- );
>- ASSERT_EFI_ERROR (Status);
>-
>- //
>- // Publish HII data.
>- //
>- CallbackInfo->HiiHandle = HiiAddPackages (
>- &gUserProfileManagerGuid,
>- CallbackInfo->DriverHandle,
>- UserProfileManagerStrings,
>- UserProfileManagerVfrBin,
>- NULL
>- );
>- ASSERT (CallbackInfo->HiiHandle != NULL);
>- mCallbackInfo = CallbackInfo;
>-
>- return Status;
>-}
>-
>-
>diff --git
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>er.h
>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>er.h
>deleted file mode 100644
>index aff1e28d9d..0000000000
>---
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>er.h
>+++ /dev/null
>@@ -1,444 +0,0 @@
>-/** @file
>- The header file for user profile manager driver.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#ifndef __EFI_USER_PROFILE_MANAGER_H__
>-#define __EFI_USER_PROFILE_MANAGER_H__
>-
>-#include <Uefi.h>
>-
>-#include <Guid/GlobalVariable.h>
>-#include <Guid/MdeModuleHii.h>
>-
>-#include <Protocol/HiiConfigAccess.h>
>-#include <Protocol/UserCredential2.h>
>-#include <Protocol/UserManager.h>
>-
>-#include <Library/UefiRuntimeServicesTableLib.h>
>-#include <Library/UefiBootServicesTableLib.h>
>-#include <Library/MemoryAllocationLib.h>
>-#include <Library/BaseMemoryLib.h>
>-#include <Library/DevicePathLib.h>
>-#include <Library/DebugLib.h>
>-#include <Library/UefiLib.h>
>-#include <Library/PrintLib.h>
>-#include <Library/HiiLib.h>
>-
>-#include "UserProfileManagerData.h"
>-
>-#define USER_NAME_LENGTH 17
>-
>-//
>-// Credential Provider Information.
>-//
>-typedef struct {
>- UINTN Count;
>- EFI_USER_CREDENTIAL2_PROTOCOL *Provider[1];
>-} CREDENTIAL_PROVIDER_INFO;
>-
>-//
>-// User profile information structure.
>-//
>-typedef struct {
>- UINT64 UsageCount;
>- EFI_TIME CreateDate;
>- EFI_TIME UsageDate;
>- UINTN AccessPolicyLen;
>- UINTN IdentityPolicyLen;
>- UINTN NewIdentityPolicyLen;
>- UINT8 *AccessPolicy;
>- UINT8 *IdentityPolicy;
>- UINT8 *NewIdentityPolicy;
>- CHAR16 UserName[USER_NAME_LENGTH];
>- BOOLEAN CreateDateExist;
>- BOOLEAN UsageDateExist;
>- BOOLEAN AccessPolicyModified;
>- BOOLEAN IdentityPolicyModified;
>- BOOLEAN NewIdentityPolicyModified;
>-} USER_INFO;
>-
>-//
>-// User access information structure.
>-//
>-typedef struct {
>- UINTN LoadPermitLen;
>- UINTN LoadForbidLen;
>- UINTN ConnectPermitLen;
>- UINTN ConnectForbidLen;
>- UINT8 *LoadPermit;
>- UINT8 *LoadForbid;
>- UINT8 *ConnectPermit;
>- UINT8 *ConnectForbid;
>- UINT32 AccessBootOrder;
>- UINT8 AccessRight;
>- UINT8 AccessSetup;
>-} USER_INFO_ACCESS;
>-
>-#define USER_PROFILE_MANAGER_SIGNATURE SIGNATURE_32 ('U', 'P', 'M',
>'S')
>-
>-typedef struct {
>- UINTN Signature;
>- EFI_HANDLE DriverHandle;
>- EFI_HII_HANDLE HiiHandle;
>- EFI_HII_CONFIG_ACCESS_PROTOCOL ConfigAccess;
>-} USER_PROFILE_MANAGER_CALLBACK_INFO;
>-
>-//
>-// HII specific Vendor Device Path definition.
>-//
>-typedef struct {
>- VENDOR_DEVICE_PATH VendorDevicePath;
>- EFI_DEVICE_PATH_PROTOCOL End;
>-} HII_VENDOR_DEVICE_PATH;
>-
>-//
>-// This is the generated IFR binary data for each formset defined in VFR.
>-//
>-extern UINT8 UserProfileManagerVfrBin[];
>-
>-//
>-// This is the generated String package data for .UNI file.
>-//
>-extern UINT8 UserProfileManagerStrings[];
>-
>-//
>-// The user manager protocol, used in several function.
>-//
>-extern EFI_USER_MANAGER_PROTOCOL *mUserManager;
>-
>-//
>-// The credential providers database in system.
>-//
>-extern CREDENTIAL_PROVIDER_INFO *mProviderInfo;
>-
>-//
>-// The variables used to update identity policy.
>-//
>-extern UINT8 mProviderChoice;
>-extern UINT8 mConncetLogical;
>-
>-//
>-// The variables used to update access policy.
>-//
>-extern USER_INFO_ACCESS mAccessInfo;
>-
>-//
>-// The user information used to record all data in UI.
>-//
>-extern USER_INFO mUserInfo;
>-
>-extern USER_PROFILE_MANAGER_CALLBACK_INFO *mCallbackInfo;
>-
>-extern EFI_USER_PROFILE_HANDLE mModifyUser;
>-
>-/**
>- Get string by string id from HII Interface.
>-
>-
>- @param[in] Id String ID to get the string from.
>-
>- @retval CHAR16 * String from ID.
>- @retval NULL If error occurs.
>-
>-**/
>-CHAR16 *
>-GetStringById (
>- IN EFI_STRING_ID Id
>- );
>-
>-/**
>- Add a new user profile into the user profile database.
>-
>-**/
>-VOID
>-CallAddUser (
>- VOID
>- );
>-
>-/**
>- Display user select form; can select a user to modify.
>-
>-**/
>-VOID
>-SelectUserToModify (
>- VOID
>- );
>-
>-/**
>- Display user select form, cab select a user to delete.
>-
>-**/
>-VOID
>-SelectUserToDelete (
>- VOID
>- );
>-
>-/**
>- Delete the user specified by UserIndex in user profile database.
>-
>- @param[in] UserIndex The index of user in the user name list to be
>deleted.
>-
>-**/
>-VOID
>-DeleteUser (
>- IN UINT8 UserIndex
>- );
>-
>-/**
>- Add a username item in form.
>-
>- @param[in] User Points to the user profile whose username is added.
>- @param[in] Index The index of the user in the user name list.
>- @param[in] OpCodeHandle Points to container for dynamic created
>opcodes.
>-
>-**/
>-VOID
>-AddUserToForm (
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN UINT16 Index,
>- IN VOID *OpCodeHandle
>- );
>-
>-/**
>- Display modify user information form
>-
>- In this form, username, create Date, usage date, usage count, identity policy,
>- and access policy are displayed.
>-
>- @param[in] UserIndex The index of the user in display list to modify.
>-
>-**/
>-VOID
>-ModifyUserInfo (
>- IN UINT8 UserIndex
>- );
>-
>-/**
>- Get the username from user input and update username string in Hii
>- database with it.
>-
>-**/
>-VOID
>-ModifyUserName (
>- VOID
>- );
>-
>-/**
>- Display the form of modifying user identity policy.
>-
>-**/
>-VOID
>-ModifyIdentityPolicy (
>- VOID
>- );
>-
>-/**
>- Update the mUserInfo.NewIdentityPolicy and UI when 'add option' is
>pressed.
>-
>-**/
>-VOID
>-AddIdentityPolicyItem (
>- VOID
>- );
>-
>-/**
>- Save the identity policy and update UI with it.
>-
>- This function will verify the new identity policy, in current implementation,
>- the identity policy can be: T, P & P & P & ..., P | P | P | ...
>- Here, "T" means "True", "P" means "Credential Provider", "&" means "and",
>"|" means "or".
>- Other identity policies are not supported.
>-
>-**/
>-VOID
>-SaveIdentityPolicy (
>- VOID
>- );
>-
>-/**
>- Display modify user access policy form
>-
>- In this form, access right, access setu,p and access boot order are
>dynamically
>- added. Load devicepath and connect devicepath are displayed too.
>-
>-**/
>-VOID
>-ModidyAccessPolicy (
>- VOID
>- );
>-
>-/**
>- Collect all the access policy data to mUserInfo.AccessPolicy,
>- and save it to user profile.
>-
>-**/
>-VOID
>-SaveAccessPolicy (
>- VOID
>- );
>-
>-/**
>- Get current user's access rights.
>-
>- @param[out] AccessRight Points to the buffer used for user's access rights.
>-
>- @retval EFI_SUCCESS Get current user access rights successfully.
>- @retval others Fail to get current user access rights.
>-
>-**/
>-EFI_STATUS
>-GetAccessRight (
>- OUT UINT32 *AccessRight
>- );
>-
>-/**
>- Display the permit load device path in the loadable device path list.
>-
>-**/
>-VOID
>-DisplayLoadPermit(
>- VOID
>- );
>-
>-/**
>- Display the forbid load device path list (mAccessInfo.LoadForbid).
>-
>-**/
>-VOID
>-DisplayLoadForbid (
>- VOID
>- );
>-
>-/**
>- Display the permit connect device path.
>-
>-**/
>-VOID
>-DisplayConnectPermit (
>- VOID
>- );
>-
>-/**
>- Display the forbid connect device path list.
>-
>-**/
>-VOID
>-DisplayConnectForbid (
>- VOID
>- );
>-
>-/**
>- Delete the specified device path by DriverIndex from the forbid device path
>- list (mAccessInfo.LoadForbid).
>-
>- @param[in] DriverIndex The index of driver in a forbidden device path list.
>-
>-**/
>-VOID
>-DeleteFromForbidLoad (
>- IN UINT16 DriverIndex
>- );
>-
>-/**
>- Add the specified device path by DriverIndex to the forbid device path
>- list (mAccessInfo.LoadForbid).
>-
>- @param[in] DriverIndex The index of driver saved in driver options.
>-
>-**/
>-VOID
>-AddToForbidLoad (
>- IN UINT16 DriverIndex
>- );
>-
>-/**
>- Get user name from the popup windows.
>-
>- @param[in, out] UserNameLen On entry, point to the buffer lengh of
>UserName.
>- On exit, point to the input user name length.
>- @param[out] UserName The buffer to hold the input user name.
>-
>- @retval EFI_ABORTED It is given up by pressing 'ESC' key.
>- @retval EFI_NOT_READY Not a valid input at all.
>- @retval EFI_SUCCESS Get a user name successfully.
>-
>-**/
>-EFI_STATUS
>-GetUserNameInput (
>- IN OUT UINTN *UserNameLen,
>- OUT CHAR16 *UserName
>- );
>-
>-/**
>- Find the specified info in User profile by the InfoType.
>-
>- @param[in] User Handle of the user whose information will be
>searched.
>- @param[in] InfoType The user information type to find.
>- @param[out] UserInfo Points to user information handle found.
>-
>- @retval EFI_SUCCESS Find the user information successfully.
>- @retval Others Fail to find the user information.
>-
>-**/
>-EFI_STATUS
>-FindInfoByType (
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN UINT8 InfoType,
>- OUT EFI_USER_INFO_HANDLE *UserInfo
>- );
>-
>-/**
>- Convert the identity policy to a unicode string and update the Hii database
>- IpStringId string with it.
>-
>- @param[in] Ip Points to identity policy.
>- @param[in] IpLen The identity policy length.
>- @param[in] IpStringId String ID in the HII database to be replaced.
>-
>-**/
>-VOID
>-ResolveIdentityPolicy (
>- IN UINT8 *Ip,
>- IN UINTN IpLen,
>- IN EFI_STRING_ID IpStringId
>- );
>-
>-/**
>- Expand access policy memory size.
>-
>- @param[in] ValidLen The valid access policy length.
>- @param[in] ExpandLen The length that is needed to expand.
>-
>-**/
>-VOID
>-ExpandMemory (
>- IN UINTN ValidLen,
>- IN UINTN ExpandLen
>- );
>-
>-/**
>- Delete User's credental from all the providers that exist in User's identity
>policy.
>-
>- @param[in] IdentityPolicy Point to User's identity policy.
>- @param[in] IdentityPolicyLen The length of the identity policy.
>- @param[in] User Points to user profile.
>-
>-**/
>-VOID
>-DeleteCredentialFromProviders (
>- IN UINT8 *IdentityPolicy,
>- IN UINTN IdentityPolicyLen,
>- IN EFI_USER_PROFILE_HANDLE User
>- );
>-
>-#endif
>diff --git
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>er.uni
>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>er.uni
>deleted file mode 100644
>index e4a768e00a..0000000000
>---
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>er.uni
>+++ /dev/null
>@@ -1,22 +0,0 @@
>-// /** @file
>-// A UI tool to manage user profiles
>-//
>-// By this module, user can add/update/delete user profiles, and can also
>-// modify the user access policy and the user identification policy.
>-//
>-// Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
>-//
>-// This program and the accompanying materials
>-// are licensed and made available under the terms and conditions of the BSD
>License
>-// which accompanies this distribution. The full text of the license may be
>found at
>-// http://opensource.org/licenses/bsd-license.php
>-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-//
>-// **/
>-
>-
>-#string STR_MODULE_ABSTRACT #language en-US "A UI tool to
>manage user profiles"
>-
>-#string STR_MODULE_DESCRIPTION #language en-US "By this module,
>user can add/update/delete user profiles, and can also modify the user access
>policy and the user identification policy."
>-
>diff --git
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erData.h
>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erData.h
>deleted file mode 100644
>index a83caac9ba..0000000000
>---
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erData.h
>+++ /dev/null
>@@ -1,158 +0,0 @@
>-/** @file
>- The form data for user profile manager driver.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#ifndef __USER_PROFILE_MANAGER_DATA_H__
>-#define __USER_PROFILE_MANAGER_DATA_H__
>-
>-#include <Guid/UserProfileManagerHii.h>
>-
>-//
>-// Form ID
>-//
>-#define FORMID_USER_MANAGE 0x0001
>-#define FORMID_MODIFY_USER 0x0002
>-#define FORMID_DEL_USER 0x0003
>-#define FORMID_USER_INFO 0x0004
>-#define FORMID_MODIFY_IP 0x0005
>-#define FORMID_MODIFY_AP 0x0006
>-#define FORMID_LOAD_DP 0x0007
>-#define FORMID_CONNECT_DP 0x0008
>-#define FORMID_PERMIT_LOAD_DP 0x0009
>-#define FORMID_FORBID_LOAD_DP 0x000A
>-#define FORMID_PERMIT_CONNECT_DP 0x000B
>-#define FORMID_FORBID_CONNECT_DP 0x000C
>-
>-//
>-// Label ID
>-//
>-#define LABEL_USER_MANAGE_FUNC 0x0010
>-#define LABEL_USER_DEL_FUNC 0x0020
>-#define LABEL_USER_MOD_FUNC 0x0030
>-#define LABEL_USER_INFO_FUNC 0x0040
>-#define LABEL_IP_MOD_FUNC 0x0050
>-#define LABEL_AP_MOD_FUNC 0x0060
>-#define LABEL_PERMIT_LOAD_FUNC 0x0070
>-#define LABLE_FORBID_LOAD_FUNC 0x0080
>-#define LABEL_END 0x00F0
>-
>-//
>-// First form key (Add/modify/del user profile).
>-// First 2 bits (bit 16~15).
>-//
>-#define KEY_MODIFY_USER 0x4000
>-#define KEY_DEL_USER 0x8000
>-#define KEY_ADD_USER 0xC000
>-#define KEY_FIRST_FORM_MASK 0xC000
>-
>-//
>-// Second form key (Display new form /Select user / modify device path in
>access policy).
>-// Next 2 bits (bit 14~13).
>-//
>-#define KEY_ENTER_NEXT_FORM 0x0000
>-#define KEY_SELECT_USER 0x1000
>-#define KEY_MODIFY_AP_DP 0x2000
>-#define KEY_OPEN_CLOSE_FORM_ACTION 0x3000
>-#define KEY_SECOND_FORM_MASK 0x3000
>-
>-//
>-// User profile information form key.
>-// Next 3 bits (bit 12~10).
>-//
>-#define KEY_MODIFY_NAME 0x0200
>-#define KEY_MODIFY_IP 0x0400
>-#define KEY_MODIFY_AP 0x0600
>-#define KEY_MODIFY_INFO_MASK 0x0E00
>-
>-//
>-// Specified key, used in VFR (KEY_MODIFY_USER | KEY_SELECT_USER |
>KEY_MODIFY_NAME).
>-//
>-#define KEY_MODIFY_USER_NAME 0x5200
>-
>-//
>-// Modify identity policy form key.
>-// Next 3 bits (bit 9~7).
>-//
>-#define KEY_MODIFY_PROV 0x0040
>-#define KEY_MODIFY_MTYPE 0x0080
>-#define KEY_MODIFY_CONN 0x00C0
>-#define KEY_ADD_IP_OP 0x0100
>-#define KEY_IP_RETURN_UIF 0x0140
>-#define KEY_MODIFY_IP_MASK 0x01C0
>-
>-//
>-// Specified key.
>-//
>-#define KEY_ADD_LOGICAL_OP 0x5500
>-#define KEY_IP_RETURN 0x5540
>-
>-//
>-// Modify access policy form key.
>-// Next 3 bits (bit 9~7).
>-//
>-#define KEY_MODIFY_RIGHT 0x0040
>-#define KEY_MODIFY_SETUP 0x0080
>-#define KEY_MODIFY_BOOT 0x00C0
>-#define KEY_MODIFY_LOAD 0x0100
>-#define KEY_MODIFY_CONNECT 0x0140
>-#define KEY_AP_RETURN_UIF 0x0180
>-#define KEY_MODIFY_AP_MASK 0x01C0
>-
>-//
>-// Specified key.
>-//
>-#define KEY_LOAD_DP 0x5700
>-#define KEY_CONN_DP 0x5740
>-#define KEY_AP_RETURN 0x5780
>-
>-//
>-// Device path form key.
>-// Next 2 bits (bit 6~5).
>-//
>-#define KEY_PERMIT_MODIFY 0x0010
>-#define KEY_FORBID_MODIFY 0x0020
>-#define KEY_DISPLAY_DP_MASK 0x0030
>-
>-//
>-// Specified key.
>-//
>-#define KEY_LOAD_PERMIT 0x5710
>-#define KEY_LOAD_FORBID 0x5720
>-#define KEY_CONNECT_PERMIT 0x5750
>-#define KEY_CONNECT_FORBID 0x5760
>-
>-//
>-// Device path modify key.
>-// 2 bits (bit 12~11).
>-//
>-#define KEY_LOAD_PERMIT_MODIFY 0x0000
>-#define KEY_LOAD_FORBID_MODIFY 0x0400
>-#define KEY_CONNECT_PERMIT_MODIFY 0x0800
>-#define KEY_CONNECT_FORBID_MODIFY 0x0C00
>-#define KEY_MODIFY_DP_MASK 0x0C00
>-
>-
>-//
>-// The permissions usable when configuring the platform.
>-//
>-#define ACCESS_SETUP_RESTRICTED 1
>-#define ACCESS_SETUP_NORMAL 2
>-#define ACCESS_SETUP_ADMIN 3
>-
>-//
>-// Question ID for the question used in each form
>(KEY_OPEN_CLOSE_FORM_ACTION | FORMID_FORM_USER_MANAGE)
>-// This ID is used in FORM OPEN/CLOSE CallBack action.
>-//
>-#define QUESTIONID_USER_MANAGE 0x3001
>-
>-#endif
>diff --git
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erDxe.inf
>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erDxe.inf
>deleted file mode 100644
>index cdd97731b2..0000000000
>---
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erDxe.inf
>+++ /dev/null
>@@ -1,72 +0,0 @@
>-## @file
>-# A UI tool to manage user profiles
>-#
>-# By this module, user can add/update/delete user profiles, and can also
>-# modify the user access policy and the user identification policy.
>-#
>-# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-# This program and the accompanying materials
>-# are licensed and made available under the terms and conditions of the BSD
>License
>-# which accompanies this distribution. The full text of the license may be
>found at
>-# http://opensource.org/licenses/bsd-license.php
>-# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>-# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-#
>-##
>-
>-[Defines]
>- INF_VERSION = 0x00010005
>- BASE_NAME = UserProfileManager
>- MODULE_UNI_FILE = UserProfileManager.uni
>- FILE_GUID = E38CB52D-A74D-45db-A8D0-290C9B21BBF2
>- MODULE_TYPE = DXE_DRIVER
>- VERSION_STRING = 1.0
>- ENTRY_POINT = UserProfileManagerInit
>-
>-[Sources]
>- UserProfileManager.c
>- UserProfileManager.h
>- UserProfileAdd.c
>- UserProfileDelete.c
>- UserProfileModify.c
>- ModifyIdentityPolicy.c
>- ModifyAccessPolicy.c
>- UserProfileManagerData.h
>- UserProfileManagerStrings.uni
>- UserProfileManagerVfr.Vfr
>-
>-[Packages]
>- MdePkg/MdePkg.dec
>- MdeModulePkg/MdeModulePkg.dec
>- SecurityPkg/SecurityPkg.dec
>-
>-[LibraryClasses]
>- UefiRuntimeServicesTableLib
>- UefiBootServicesTableLib
>- UefiDriverEntryPoint
>- MemoryAllocationLib
>- BaseMemoryLib
>- DebugLib
>- HiiLib
>- UefiLib
>- DevicePathLib
>-
>-[Guids]
>- gEfiIfrTianoGuid ## SOMETIMES_CONSUMES ## GUID
>- gEfiUserInfoAccessSetupAdminGuid ## SOMETIMES_CONSUMES ##
>GUID
>- gEfiUserInfoAccessSetupNormalGuid ## SOMETIMES_CONSUMES ##
>GUID
>- gEfiUserInfoAccessSetupRestrictedGuid ## SOMETIMES_CONSUMES
>## GUID
>- gUserProfileManagerGuid ## CONSUMES ## HII
>-
>-[Protocols]
>- gEfiDevicePathProtocolGuid ## PRODUCES
>- gEfiHiiConfigAccessProtocolGuid ## PRODUCES
>- gEfiUserCredential2ProtocolGuid ## SOMETIMES_CONSUMES
>- gEfiUserManagerProtocolGuid ## CONSUMES
>-
>-[Depex]
>- gEfiUserManagerProtocolGuid
>-
>-[UserExtensions.TianoCore."ExtraFiles"]
>- UserProfileManagerExtra.uni
>-
>diff --git
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erExtra.uni
>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erExtra.uni
>deleted file mode 100644
>index bf7ac7dc04..0000000000
>---
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erExtra.uni
>+++ /dev/null
>@@ -1,19 +0,0 @@
>-// /** @file
>-// UserProfileManager Localized Strings and Content
>-//
>-// Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
>-//
>-// This program and the accompanying materials
>-// are licensed and made available under the terms and conditions of the BSD
>License
>-// which accompanies this distribution. The full text of the license may be
>found at
>-// http://opensource.org/licenses/bsd-license.php
>-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-//
>-// **/
>-
>-#string STR_PROPERTIES_MODULE_NAME
>-#language en-US
>-"User Profile Manager"
>-
>-
>diff --git
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erStrings.uni
>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erStrings.uni
>deleted file mode 100644
>index 3a003a9883..0000000000
>---
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erStrings.uni
>+++ /dev/null
>@@ -1,158 +0,0 @@
>-/** @file
>- String definitions for User Profile Manager driver.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#langdef en-US "English"
>-#langdef fr-FR "Français"
>-
>-#string STR_NULL_STRING #language en-US ""
>- #language fr-FR ""
>-#string STR_FORMSET_TITLE #language en-US "User Manager"
>- #language fr-FR "User Manager(French)"
>-#string STR_TITLE_HELP #language en-US "This selection will take
>you to the User Manager"
>- #language fr-FR "This selection will take you to the User
>Manager(French)"
>-#string STR_USERMAN_TITLE #language en-US "User Manager"
>- #language fr-FR "User Manager(French)"
>-#string STR_ADD_USER_TITLE #language en-US "Add User Profile"
>- #language fr-FR "Add User Profile(French)"
>-#string STR_ADD_USER_HELP #language en-US "Add User Profile to
>User Database"
>- #language fr-FR "Add User Profile to User
>Database(French)"
>-#string STR_MODIFY_USER_TITLE #language en-US "Modify User
>Profile"
>- #language fr-FR "Modify User Profile(French)"
>-#string STR_MODIFY_USER_HELP #language en-US "Modify User Profile
>Information"
>- #language fr-FR "Modify User Profile
>Information(French)"
>-#string STR_DELETE_USER_TITLE #language en-US "Delete User Profile"
>- #language fr-FR "Delete User Profile(French)"
>-#string STR_DELETE_USER_HELP #language en-US "Delete User Profile
>from User Database"
>- #language fr-FR "Delete User Profile from User
>Database(French)"
>-#string STR_USER_INFO #language en-US "User Profile
>Information"
>- #language fr-FR "User Profile Information(French)"
>-#string STR_USER_NAME #language en-US "User Name"
>- #language fr-FR "User Name(French)"
>-#string STR_USER_NAME_VAL #language en-US ""
>- #language fr-FR ""
>-#string STR_CREATE_DATE #language en-US "Create Date"
>- #language fr-FR "Create Date(French)"
>-#string STR_CREATE_DATE_VAL #language en-US ""
>- #language fr-FR ""
>-#string STR_USAGE_DATE #language en-US "Usage Date"
>- #language fr-FR "Usage Date(French)"
>-#string STR_USAGE_DATE_VAL #language en-US ""
>- #language fr-FR ""
>-#string STR_USAGE_COUNT #language en-US "Usage Count"
>- #language fr-FR "Usage Count(French)"
>-#string STR_USAGE_COUNT_VAL #language en-US ""
>- #language fr-FR ""
>-#string STR_IDENTIFY_POLICY #language en-US "Identify Policy"
>- #language fr-FR "Identify Policy(French)"
>-#string STR_IDENTIFY_POLICY_VAL #language en-US ""
>- #language fr-FR ""
>-#string STR_ACCESS_POLICY #language en-US "Access Policy"
>- #language fr-FR "Access Policy(French)"
>-#string STR_SAVE #language en-US "Save & Exit"
>- #language fr-FR "Save & Exit(French)"
>-#string STR_IDENTIFY_SAVE_HELP #language en-US "Save Identify Policy
>and Exit"
>- #language fr-FR "Save Identify Policy and Exit(French)"
>-#string STR_PROVIDER #language en-US "Credential Provider"
>- #language fr-FR "Credential Provider(French)"
>-#string STR_PROVIDER_HELP #language en-US "Select Credential
>Provider Option"
>- #language fr-FR "Select Credential Provider
>Option(French)"
>-#string STR_OR_CON #language en-US "Or"
>- #language fr-FR "Or(French)"
>-#string STR_AND_CON #language en-US "And"
>- #language fr-FR "And(French)"
>-#string STR_CONNECTOR #language en-US "Logical Connector"
>- #language fr-FR "Logical Connector(French)"
>-#string STR_CONNECTOR_HELP #language en-US "Select Logical
>Connector Option"
>- #language fr-FR "Select Logical Connector
>Option(French)"
>-#string STR_IDENTIFY_POLICY_VALUE #language en-US ""
>- #language fr-FR ""
>-#string STR_IDENTIFY_POLICY_HELP #language en-US "Current Identify
>Policy"
>- #language fr-FR "Current Identify Policy(French)"
>-#string STR_ADD_OPTION #language en-US "Add Option"
>- #language fr-FR "Add Option(French)"
>-#string STR_ADD_OPTION_HELP #language en-US "Add This Option to
>Identify Policy"
>- #language fr-FR "Add This Option to Identify
>Policy(French)"
>-#string STR_ACCESS_SAVE_HELP #language en-US "Save Access Policy
>and Exit"
>- #language fr-FR "Save Access Policy and Exit(French)"
>-#string STR_ACCESS_RIGHT #language en-US "Access Right"
>- #language fr-FR "Access Right(French)"
>-#string STR_ACCESS_RIGHT_HELP #language en-US "Select Access Right
>Option"
>- #language fr-FR "Select Access Right Option(French)"
>-#string STR_NORMAL #language en-US "Normal"
>- #language fr-FR "Normal(French)"
>-#string STR_ENROLL #language en-US "Enroll"
>- #language fr-FR "Enroll(French)"
>-#string STR_MANAGE #language en-US "Manage"
>- #language fr-FR "Manage(French)"
>-#string STR_ACCESS_SETUP #language en-US "Access Setup"
>- #language fr-FR "Access Setup(French)"
>-#string STR_ACCESS_SETUP_HELP #language en-US "Select Access
>Setup Option"
>- #language fr-FR "Selelct Access Setup Option(French)"
>-#string STR_RESTRICTED #language en-US "Restricted"
>- #language fr-FR "Restricted(French)"
>-#string STR_ADMIN #language en-US "Admin"
>- #language fr-FR "Admin(French)"
>-#string STR_BOOR_ORDER #language en-US "Access Boot Order"
>- #language fr-FR "Access Boot Order(French)"
>-#string STR_BOOT_ORDER_HELP #language en-US "Select Access Boot
>Order Option"
>- #language fr-FR "Select Access Boot Order
>Option(French)"
>-#string STR_INSERT #language en-US "Insert"
>- #language fr-FR "Insert(French)"
>-#string STR_APPEND #language en-US "Append"
>- #language fr-FR "Append(French)"
>-#string STR_REPLACE #language en-US "Replace"
>- #language fr-FR "Replace(French)"
>-#string STR_NODEFAULT #language en-US "Nodefault"
>- #language fr-FR "Nodefault(French)"
>-#string STR_LOAD #language en-US "Load Device Path"
>- #language fr-FR "Load Device Path(French)"
>-#string STR_LOAD_HELP #language en-US "Select Permit/Forbid
>Load Device Path"
>- #language fr-FR "Select Permit/Forbid Load Device
>Path(French)"
>-#string STR_CONNECT #language en-US "Connect Device Path"
>- #language fr-FR "Connect Device Path(French)"
>-#string STR_CONNECT_HELP #language en-US "Select Permit/Forbid
>Connect Device Path"
>- #language fr-FR "Select Permit/Forbid Connect Device
>Path(French)"
>-#string STR_LOAD_PERMIT #language en-US "Permit Load Device
>Path"
>- #language fr-FR "Permit Load Device Path(French)"
>-#string STR_LOAD_PERMIT_HELP #language en-US "Change Permit
>Load Device Path to Forbid"
>- #language fr-FR "Change Permit Load Device Path to
>Forbid(French)"
>-#string STR_LOAD_FORBID #language en-US "Forbid Load Device
>Path"
>- #language fr-FR "Forbid Load Device Path(French)"
>-#string STR_LOAD_FORBID_HELP #language en-US "Change Forbid Load
>Device Path to Permit"
>- #language fr-FR "Change Forbid Load Device Path to
>Permit(French)"
>-#string STR_CONNECT_PERMIT #language en-US "Permit Connect
>Device Path"
>- #language fr-FR "Permit Connect Device Path(French)"
>-#string STR_CONNECT_PERMIT_HELP #language en-US "Change Permit
>Connect Device Path to Forbid"
>- #language fr-FR "Change Permit Connect Device Path to
>Forbid(French)"
>-#string STR_CONNECT_FORBID #language en-US "Forbid Connect
>Device Path"
>- #language fr-FR "Forbid Connect Device Path(French)"
>-#string STR_CONNECT_FORBID_HELP #language en-US "Change Forbid
>Connect Device Path to Permit"
>- #language fr-FR "Change Forbid Connect Device Path to
>Permit(French)"
>-#string STR_PRESS_KEY_CONTINUE #language en-US "Press ENTER to
>Continue, Other Key to Cancel ..."
>- #language fr-FR "Press ENTER to Continue, Other Key to
>Cancel ...(French)"
>-#string STR_MOVE_TO_FORBID_LIST #language en-US "Are You Sure to
>Move It to Forbid List?"
>- #language fr-FR "Are You Sure to Move It to Forbid
>List?(French)"
>-#string STR_MOVE_TO_PERMIT_LIST #language en-US "Are You Sure to
>Move It to Permit List?"
>- #language fr-FR "Are You Sure to Move It to Permit
>List?(French)"
>-#string STR_STROKE_KEY_CONTINUE #language en-US "Please Press Any
>Key to Continue ..."
>- #language fr-FR "Please Press Any Key to Continue ...
>(French)"
>-#string STR_CREATE_PROFILE_FAILED #language en-US "Create New User
>Profile Failed!"
>- #language fr-FR "Create New User Profile Failed!
>(French)"
>-#string STR_CREATE_PROFILE_SUCCESS #language en-US "Create New
>User Profile Succeed!"
>- #language fr-FR "Create New User Profile Succeed!
>(French)"
>-#string STR_USER_ALREADY_EXISTED #language en-US "User Name Had
>Already Existed."
>- #language fr-FR "User Name Had Already Existed.
>(French)"
>-#string STR_GET_USERNAME_FAILED #language en-US "Failed To Get
>User Name."
>- #language fr-FR "Failed To Get User Name. (French)"
>-
>diff --git
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erVfr.Vfr
>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erVfr.Vfr
>deleted file mode 100644
>index 2cf3359f2a..0000000000
>---
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erVfr.Vfr
>+++ /dev/null
>@@ -1,244 +0,0 @@
>-/** @file
>- User Profile Manager formset.
>-
>-Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#include "UserProfileManagerData.h"
>-
>-#define USER_MANAGER_CLASS 0x00
>-#define USER_MANAGER_SUBCLASS 0x04
>-
>-formset
>- guid = USER_PROFILE_MANAGER_GUID,
>- title = STRING_TOKEN(STR_FORMSET_TITLE),
>- help = STRING_TOKEN(STR_TITLE_HELP),
>-
>- // User manager form
>- form formid = FORMID_USER_MANAGE,
>- title = STRING_TOKEN(STR_USERMAN_TITLE);
>-
>- label LABEL_USER_MANAGE_FUNC;
>- label LABEL_END;
>-
>- suppressif TRUE;
>- text
>- help = STRING_TOKEN(STR_NULL_STRING),
>- text = STRING_TOKEN(STR_NULL_STRING),
>- flags = INTERACTIVE,
>- key = QUESTIONID_USER_MANAGE;
>- endif;
>-
>- endform;
>-
>- // Modify user profile form
>- form formid = FORMID_MODIFY_USER,
>- title = STRING_TOKEN(STR_MODIFY_USER_TITLE);
>-
>- label LABEL_USER_MOD_FUNC;
>- label LABEL_END;
>-
>- endform;
>-
>- // Delete user profile form
>- form formid = FORMID_DEL_USER,
>- title = STRING_TOKEN(STR_DELETE_USER_TITLE);
>-
>- label LABEL_USER_DEL_FUNC;
>- label LABEL_END;
>-
>- subtitle
>- text = STRING_TOKEN(STR_NULL_STRING);
>- endform;
>-
>- //
>- // User profile information form
>- //
>- form formid = FORMID_USER_INFO,
>- title = STRING_TOKEN(STR_USER_INFO);
>-
>- text
>- help = STRING_TOKEN(STR_USER_NAME_VAL),
>- text = STRING_TOKEN(STR_USER_NAME),
>- flags = INTERACTIVE,
>- key = KEY_MODIFY_USER_NAME;
>-
>- text
>- help = STRING_TOKEN(STR_CREATE_DATE_VAL),
>- text = STRING_TOKEN(STR_CREATE_DATE);
>-
>- text
>- help = STRING_TOKEN(STR_USAGE_DATE_VAL),
>- text = STRING_TOKEN(STR_USAGE_DATE);
>-
>- text
>- help = STRING_TOKEN(STR_USAGE_COUNT_VAL),
>- text = STRING_TOKEN(STR_USAGE_COUNT);
>-
>- label LABEL_USER_INFO_FUNC;
>- label LABEL_END;
>-
>- endform;
>-
>- //
>- // Identify policy modify form
>- //
>- form formid = FORMID_MODIFY_IP,
>- title = STRING_TOKEN(STR_IDENTIFY_POLICY);
>-
>- text
>- help = STRING_TOKEN(STR_IDENTIFY_POLICY_HELP),
>- text = STRING_TOKEN(STR_IDENTIFY_POLICY),
>- text = STRING_TOKEN(STR_IDENTIFY_POLICY_VALUE);
>-
>- label LABEL_IP_MOD_FUNC;
>- label LABEL_END;
>-
>- text
>- help = STRING_TOKEN(STR_ADD_OPTION_HELP),
>- text = STRING_TOKEN(STR_ADD_OPTION),
>- flags = INTERACTIVE,
>- key = KEY_ADD_LOGICAL_OP;
>-
>- subtitle
>- text = STRING_TOKEN(STR_NULL_STRING);
>-
>- text
>- help = STRING_TOKEN(STR_IDENTIFY_SAVE_HELP),
>- text = STRING_TOKEN(STR_SAVE),
>- flags = INTERACTIVE,
>- key = KEY_IP_RETURN;
>-
>- endform;
>-
>- //
>- // Access policy modify form
>- //
>- form formid = FORMID_MODIFY_AP,
>- title = STRING_TOKEN(STR_ACCESS_POLICY);
>-
>- label LABEL_AP_MOD_FUNC;
>- label LABEL_END;
>-
>- goto FORMID_LOAD_DP,
>- prompt = STRING_TOKEN(STR_LOAD),
>- help = STRING_TOKEN(STR_LOAD_HELP),
>- flags = INTERACTIVE,
>- key = KEY_LOAD_DP;
>-
>- goto FORMID_CONNECT_DP,
>- prompt = STRING_TOKEN(STR_CONNECT),
>- help = STRING_TOKEN(STR_CONNECT_HELP),
>- flags = INTERACTIVE,
>- key = KEY_CONN_DP;
>-
>- subtitle
>- text = STRING_TOKEN(STR_NULL_STRING);
>-
>- text
>- help = STRING_TOKEN(STR_ACCESS_SAVE_HELP),
>- text = STRING_TOKEN(STR_SAVE),
>- flags = INTERACTIVE,
>- key = KEY_AP_RETURN;
>-
>- endform;
>-
>- //
>- // Load device path form
>- //
>- form formid = FORMID_LOAD_DP,
>- title = STRING_TOKEN(STR_LOAD);
>-
>- goto FORMID_PERMIT_LOAD_DP,
>- prompt = STRING_TOKEN(STR_LOAD_PERMIT),
>- help = STRING_TOKEN(STR_LOAD_PERMIT_HELP),
>- flags = INTERACTIVE,
>- key = KEY_LOAD_PERMIT;
>-
>- goto FORMID_FORBID_LOAD_DP,
>- prompt = STRING_TOKEN(STR_LOAD_FORBID),
>- help = STRING_TOKEN(STR_LOAD_FORBID_HELP),
>- flags = INTERACTIVE,
>- key = KEY_LOAD_FORBID;
>-
>- endform;
>-
>- //
>- // Permit load device path form
>- //
>- form formid = FORMID_PERMIT_LOAD_DP,
>- title = STRING_TOKEN(STR_LOAD_PERMIT);
>-
>- label LABEL_PERMIT_LOAD_FUNC;
>- label LABEL_END;
>-
>- subtitle
>- text = STRING_TOKEN(STR_NULL_STRING);
>-
>- endform;
>-
>- //
>- // Forbid load device path form
>- //
>- form formid = FORMID_FORBID_LOAD_DP,
>- title = STRING_TOKEN(STR_LOAD_FORBID);
>-
>- label LABLE_FORBID_LOAD_FUNC;
>- label LABEL_END;
>-
>- subtitle
>- text = STRING_TOKEN(STR_NULL_STRING);
>-
>- endform;
>-
>- //
>- // Connect device path form
>- //
>- form formid = FORMID_CONNECT_DP,
>- title = STRING_TOKEN(STR_CONNECT);
>-
>- goto FORMID_PERMIT_CONNECT_DP,
>- prompt = STRING_TOKEN(STR_CONNECT_PERMIT),
>- help = STRING_TOKEN(STR_CONNECT_PERMIT_HELP),
>- flags = INTERACTIVE,
>- key = KEY_CONNECT_PERMIT;
>-
>- goto FORMID_FORBID_CONNECT_DP,
>- prompt = STRING_TOKEN(STR_CONNECT_FORBID),
>- help = STRING_TOKEN(STR_CONNECT_FORBID_HELP),
>- flags = INTERACTIVE,
>- key = KEY_CONNECT_FORBID;
>-
>- endform;
>-
>- //
>- // Permit connect device path form
>- //
>- form formid = FORMID_PERMIT_CONNECT_DP,
>- title = STRING_TOKEN(STR_CONNECT_PERMIT);
>-
>- subtitle
>- text = STRING_TOKEN(STR_NULL_STRING);
>-
>- endform;
>-
>- //
>- // Forbid connect device path form
>- //
>- form formid = FORMID_FORBID_CONNECT_DP,
>- title = STRING_TOKEN(STR_CONNECT_FORBID);
>-
>- subtitle
>- text = STRING_TOKEN(STR_NULL_STRING);
>-
>- endform;
>-
>-endformset;
>diff --git
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileModify
>.c
>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileModify
>.c
>deleted file mode 100644
>index d165e5ae9b..0000000000
>---
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileModify
>.c
>+++ /dev/null
>@@ -1,1475 +0,0 @@
>-/** @file
>- The functions to modify a user profile.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#include "UserProfileManager.h"
>-
>-EFI_USER_PROFILE_HANDLE mModifyUser = NULL;
>-
>-/**
>- Display user select form, cab select a user to modify.
>-
>-**/
>-VOID
>-SelectUserToModify (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- UINT8 Index;
>- EFI_USER_PROFILE_HANDLE User;
>- EFI_USER_PROFILE_HANDLE CurrentUser;
>- UINT32 CurrentAccessRight;
>- VOID *StartOpCodeHandle;
>- VOID *EndOpCodeHandle;
>- EFI_IFR_GUID_LABEL *StartLabel;
>- EFI_IFR_GUID_LABEL *EndLabel;
>-
>- //
>- // Initialize the container for dynamic opcodes.
>- //
>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (StartOpCodeHandle != NULL);
>-
>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (EndOpCodeHandle != NULL);
>-
>- //
>- // Create Hii Extend Label OpCode.
>- //
>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- StartOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- StartLabel->Number = LABEL_USER_MOD_FUNC;
>-
>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- EndOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- EndLabel->Number = LABEL_END;
>-
>- //
>- // Add each user can be modified.
>- //
>- User = NULL;
>- Index = 1;
>- mUserManager->Current (mUserManager, &CurrentUser);
>- while (TRUE) {
>- Status = mUserManager->GetNext (mUserManager, &User);
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>-
>- Status = GetAccessRight (&CurrentAccessRight);
>- if (EFI_ERROR (Status)) {
>- CurrentAccessRight = EFI_USER_INFO_ACCESS_ENROLL_SELF;
>- }
>-
>- if ((CurrentAccessRight == EFI_USER_INFO_ACCESS_MANAGE) || (User ==
>CurrentUser)) {
>- AddUserToForm (User, (UINT16)(KEY_MODIFY_USER | KEY_SELECT_USER
>| Index), StartOpCodeHandle);
>- }
>- Index++;
>- }
>-
>- HiiUpdateForm (
>- mCallbackInfo->HiiHandle, // HII handle
>- &gUserProfileManagerGuid, // Formset GUID
>- FORMID_MODIFY_USER, // Form ID
>- StartOpCodeHandle, // Label for where to insert opcodes
>- EndOpCodeHandle // Replace data
>- );
>-
>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>-}
>-
>-
>-/**
>- Get all the user info from mModifyUser in the user manager, and save on
>the
>- global variable.
>-
>-**/
>-VOID
>-GetAllUserInfo (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO_HANDLE UserInfo;
>- EFI_USER_INFO *Info;
>- UINTN InfoSize;
>- UINTN MemSize;
>- UINTN DataLen;
>-
>- //
>- // Init variable to default value.
>- //
>- mProviderChoice = 0;
>- mConncetLogical = 0;
>-
>- mUserInfo.CreateDateExist = FALSE;
>- mUserInfo.UsageDateExist = FALSE;
>- mUserInfo.UsageCount = 0;
>-
>- mUserInfo.AccessPolicyLen = 0;
>- mUserInfo.AccessPolicyModified = FALSE;
>- if (mUserInfo.AccessPolicy != NULL) {
>- FreePool (mUserInfo.AccessPolicy);
>- mUserInfo.AccessPolicy = NULL;
>- }
>- mUserInfo.IdentityPolicyLen = 0;
>- mUserInfo.IdentityPolicyModified = FALSE;
>- if (mUserInfo.IdentityPolicy != NULL) {
>- FreePool (mUserInfo.IdentityPolicy);
>- mUserInfo.IdentityPolicy = NULL;
>- }
>-
>- //
>- // Allocate user information memory.
>- //
>- MemSize = sizeof (EFI_USER_INFO) + 63;
>- Info = AllocateZeroPool (MemSize);
>- if (Info == NULL) {
>- return ;
>- }
>-
>- //
>- // Get each user information.
>- //
>- UserInfo = NULL;
>- while (TRUE) {
>- Status = mUserManager->GetNextInfo (mUserManager, mModifyUser,
>&UserInfo);
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>- //
>- // Get information.
>- //
>- InfoSize = MemSize;
>- Status = mUserManager->GetInfo (
>- mUserManager,
>- mModifyUser,
>- UserInfo,
>- Info,
>- &InfoSize
>- );
>- if (Status == EFI_BUFFER_TOO_SMALL) {
>- MemSize = InfoSize;
>- FreePool (Info);
>- Info = AllocateZeroPool (MemSize);
>- if (Info == NULL) {
>- return ;
>- }
>-
>- Status = mUserManager->GetInfo (
>- mUserManager,
>- mModifyUser,
>- UserInfo,
>- Info,
>- &InfoSize
>- );
>- }
>-
>- if (Status == EFI_SUCCESS) {
>- //
>- // Deal with each information according to informaiton type.
>- //
>- DataLen = Info->InfoSize - sizeof (EFI_USER_INFO);
>- switch (Info->InfoType) {
>- case EFI_USER_INFO_NAME_RECORD:
>- CopyMem (&mUserInfo.UserName, (UINT8 *) (Info + 1), DataLen);
>- break;
>-
>- case EFI_USER_INFO_CREATE_DATE_RECORD:
>- CopyMem (&mUserInfo.CreateDate, (UINT8 *) (Info + 1), DataLen);
>- mUserInfo.CreateDateExist = TRUE;
>- break;
>-
>- case EFI_USER_INFO_USAGE_DATE_RECORD:
>- CopyMem (&mUserInfo.UsageDate, (UINT8 *) (Info + 1), DataLen);
>- mUserInfo.UsageDateExist = TRUE;
>- break;
>-
>- case EFI_USER_INFO_USAGE_COUNT_RECORD:
>- CopyMem (&mUserInfo.UsageCount, (UINT8 *) (Info + 1), DataLen);
>- break;
>-
>- case EFI_USER_INFO_ACCESS_POLICY_RECORD:
>- mUserInfo.AccessPolicy = AllocateZeroPool (DataLen);
>- if (mUserInfo.AccessPolicy == NULL) {
>- break;
>- }
>-
>- CopyMem (mUserInfo.AccessPolicy, (UINT8 *) (Info + 1), DataLen);
>- mUserInfo.AccessPolicyLen = DataLen;
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_POLICY_RECORD:
>- mUserInfo.IdentityPolicy = AllocateZeroPool (DataLen);
>- if (mUserInfo.IdentityPolicy == NULL) {
>- break;
>- }
>-
>- CopyMem (mUserInfo.IdentityPolicy, (UINT8 *) (Info + 1), DataLen);
>- mUserInfo.IdentityPolicyLen = DataLen;
>- break;
>-
>- default:
>- break;
>- }
>- }
>- }
>- FreePool (Info);
>-}
>-
>-
>-/**
>- Convert the Date to a string, and update the Hii database DateID string with
>it.
>-
>- @param[in] Date Points to the date to be converted.
>- @param[in] DateId String ID in the HII database to be replaced.
>-
>-**/
>-VOID
>-ResolveDate (
>- IN EFI_TIME *Date,
>- IN EFI_STRING_ID DateId
>- )
>-{
>- CHAR16 *Str;
>- UINTN DateBufLen;
>-
>- //
>- // Convert date to string.
>- //
>- DateBufLen = 64;
>- Str = AllocateZeroPool (DateBufLen);
>- if (Str == NULL) {
>- return ;
>- }
>-
>- UnicodeSPrint (
>- Str,
>- DateBufLen,
>- L"%4d-%2d-%2d ",
>- Date->Year,
>- Date->Month,
>- Date->Day
>- );
>-
>- //
>- // Convert time to string.
>- //
>- DateBufLen -= StrLen (Str);
>- UnicodeSPrint (
>- Str + StrLen (Str),
>- DateBufLen,
>- L"%2d:%2d:%2d",
>- Date->Hour,
>- Date->Minute,
>- Date->Second
>- );
>-
>- HiiSetString (mCallbackInfo->HiiHandle, DateId, Str, NULL);
>- FreePool (Str);
>-}
>-
>-
>-/**
>- Convert the CountVal to a string, and update the Hii database CountId string
>- with it.
>-
>- @param[in] CountVal The hex value to convert.
>- @param[in] CountId String ID in the HII database to be replaced.
>-
>-**/
>-VOID
>-ResolveCount (
>- IN UINT32 CountVal,
>- IN EFI_STRING_ID CountId
>- )
>-{
>- CHAR16 Count[10];
>-
>- UnicodeSPrint (Count, 20, L"%d", CountVal);
>- HiiSetString (mCallbackInfo->HiiHandle, CountId, Count, NULL);
>-}
>-
>-
>-/**
>- Concatenates one Null-terminated Unicode string to another Null-
>terminated
>- Unicode string.
>-
>- @param[in, out] Source1 On entry, point to a Null-terminated Unicode
>string.
>- On exit, point to a new concatenated Unicode string
>- @param[in] Source2 Pointer to a Null-terminated Unicode string.
>-
>-**/
>-VOID
>-AddStr (
>- IN OUT CHAR16 **Source1,
>- IN CONST CHAR16 *Source2
>- )
>-{
>- CHAR16 *TmpStr;
>- UINTN StrLength;
>-
>- ASSERT (Source1 != NULL);
>- ASSERT (Source2 != NULL);
>-
>- if (*Source1 == NULL) {
>- StrLength = StrSize (Source2);
>- } else {
>- StrLength = StrSize (*Source1);
>- StrLength += StrSize (Source2) - 2;
>- }
>-
>- TmpStr = AllocateZeroPool (StrLength);
>- ASSERT (TmpStr != NULL);
>-
>- if (*Source1 == NULL) {
>- StrCpyS (TmpStr, StrLength / sizeof (CHAR16), Source2);
>- } else {
>- StrCpyS (TmpStr, StrLength / sizeof (CHAR16), *Source1);
>- FreePool (*Source1);
>- StrCatS (TmpStr, StrLength / sizeof (CHAR16),Source2);
>- }
>-
>- *Source1 = TmpStr;
>-}
>-
>-
>-/**
>- Convert the identity policy to a unicode string and update the Hii database
>- IpStringId string with it.
>-
>- @param[in] Ip Points to identity policy.
>- @param[in] IpLen The identity policy length.
>- @param[in] IpStringId String ID in the HII database to be replaced.
>-
>-**/
>-VOID
>-ResolveIdentityPolicy (
>- IN UINT8 *Ip,
>- IN UINTN IpLen,
>- IN EFI_STRING_ID IpStringId
>- )
>-{
>- CHAR16 *TmpStr;
>- UINTN ChkLen;
>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>- UINT16 Index;
>- CHAR16 *ProvStr;
>- EFI_STRING_ID ProvId;
>- EFI_HII_HANDLE HiiHandle;
>- EFI_USER_CREDENTIAL2_PROTOCOL *UserCredential;
>-
>- TmpStr = NULL;
>-
>- //
>- // Resolve each policy.
>- //
>- ChkLen = 0;
>- while (ChkLen < IpLen) {
>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) (Ip + ChkLen);
>- switch (Identity->Type) {
>- case EFI_USER_INFO_IDENTITY_FALSE:
>- AddStr (&TmpStr, L"False");
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_TRUE:
>- AddStr (&TmpStr, L"None");
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_NOT:
>- AddStr (&TmpStr, L"! ");
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_AND:
>- AddStr (&TmpStr, L" && ");
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_OR:
>- AddStr (&TmpStr, L" || ");
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_CREDENTIAL_TYPE:
>- for (Index = 0; Index < mProviderInfo->Count; Index++) {
>- UserCredential = mProviderInfo->Provider[Index];
>- if (CompareGuid ((EFI_GUID *) (Identity + 1), &UserCredential->Type)) {
>- UserCredential->Title (
>- UserCredential,
>- &HiiHandle,
>- &ProvId
>- );
>- ProvStr = HiiGetString (HiiHandle, ProvId, NULL);
>- if (ProvStr != NULL) {
>- AddStr (&TmpStr, ProvStr);
>- FreePool (ProvStr);
>- }
>- break;
>- }
>- }
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER:
>- for (Index = 0; Index < mProviderInfo->Count; Index++) {
>- UserCredential = mProviderInfo->Provider[Index];
>- if (CompareGuid ((EFI_GUID *) (Identity + 1), &UserCredential-
>>Identifier)) {
>- UserCredential->Title (
>- UserCredential,
>- &HiiHandle,
>- &ProvId
>- );
>- ProvStr = HiiGetString (HiiHandle, ProvId, NULL);
>- if (ProvStr != NULL) {
>- AddStr (&TmpStr, ProvStr);
>- FreePool (ProvStr);
>- }
>- break;
>- }
>- }
>- break;
>- }
>-
>- ChkLen += Identity->Length;
>- }
>-
>- if (TmpStr != NULL) {
>- HiiSetString (mCallbackInfo->HiiHandle, IpStringId, TmpStr, NULL);
>- FreePool (TmpStr);
>- }
>-}
>-
>-
>-/**
>- Display modify user information form.
>-
>- This form displays, username, create Date, usage date, usage count, identity
>policy,
>- and access policy.
>-
>- @param[in] UserIndex The index of the user in display list to modify.
>-
>-**/
>-VOID
>-ModifyUserInfo (
>- IN UINT8 UserIndex
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_PROFILE_HANDLE CurrentUser;
>- UINT32 CurrentAccessRight;
>- VOID *StartOpCodeHandle;
>- VOID *EndOpCodeHandle;
>- EFI_IFR_GUID_LABEL *StartLabel;
>- EFI_IFR_GUID_LABEL *EndLabel;
>-
>- //
>- // Initialize the container for dynamic opcodes.
>- //
>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (StartOpCodeHandle != NULL);
>-
>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (EndOpCodeHandle != NULL);
>-
>- //
>- // Create Hii Extend Label OpCode.
>- //
>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- StartOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- StartLabel->Number = LABEL_USER_INFO_FUNC;
>-
>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- EndOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- EndLabel->Number = LABEL_END;
>-
>- //
>- // Find the user profile to be modified.
>- //
>- mModifyUser = NULL;
>- Status = mUserManager->GetNext (mUserManager, &mModifyUser);
>- if (EFI_ERROR (Status)) {
>- return ;
>- }
>-
>- while (UserIndex > 1) {
>- Status = mUserManager->GetNext (mUserManager, &mModifyUser);
>- if (EFI_ERROR (Status)) {
>- return ;
>- }
>- UserIndex--;
>- }
>-
>- //
>- // Get user profile information.
>- //
>- GetAllUserInfo ();
>-
>- //
>- // Update user name.
>- HiiSetString (
>- mCallbackInfo->HiiHandle,
>- STRING_TOKEN (STR_USER_NAME_VAL),
>- mUserInfo.UserName,
>- NULL
>- );
>-
>- //
>- // Update create date.
>- //
>- if (mUserInfo.CreateDateExist) {
>- ResolveDate (&mUserInfo.CreateDate, STRING_TOKEN
>(STR_CREATE_DATE_VAL));
>- } else {
>- HiiSetString (
>- mCallbackInfo->HiiHandle,
>- STRING_TOKEN (STR_CREATE_DATE_VAL),
>- L"",
>- NULL
>- );
>- }
>-
>- //
>- // Add usage date.
>- //
>- if (mUserInfo.UsageDateExist) {
>- ResolveDate (&mUserInfo.UsageDate, STRING_TOKEN
>(STR_USAGE_DATE_VAL));
>- } else {
>- HiiSetString (
>- mCallbackInfo->HiiHandle,
>- STRING_TOKEN (STR_USAGE_DATE_VAL),
>- L"",
>- NULL
>- );
>- }
>-
>- //
>- // Add usage count.
>- //
>- ResolveCount ((UINT32) mUserInfo.UsageCount, STRING_TOKEN
>(STR_USAGE_COUNT_VAL));
>-
>- //
>- // Add identity policy.
>- //
>- mUserManager->Current (mUserManager, &CurrentUser);
>- if (mModifyUser == CurrentUser) {
>- ResolveIdentityPolicy (
>- mUserInfo.IdentityPolicy,
>- mUserInfo.IdentityPolicyLen,
>- STRING_TOKEN (STR_IDENTIFY_POLICY_VAL)
>- );
>- HiiCreateGotoOpCode (
>- StartOpCodeHandle, // Container for opcodes
>- FORMID_MODIFY_IP, // Target Form ID
>- STRING_TOKEN (STR_IDENTIFY_POLICY), // Prompt text
>- STRING_TOKEN (STR_IDENTIFY_POLICY_VAL), // Help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_IP // Question
>ID
>- );
>- }
>-
>- //
>- // Add access policy.
>- //
>- Status = GetAccessRight (&CurrentAccessRight);
>- if (EFI_ERROR (Status)) {
>- CurrentAccessRight = EFI_USER_INFO_ACCESS_ENROLL_SELF;
>- }
>-
>- if (CurrentAccessRight == EFI_USER_INFO_ACCESS_MANAGE) {
>- HiiCreateGotoOpCode (
>- StartOpCodeHandle, // Container for opcodes
>- FORMID_MODIFY_AP, // Target Form ID
>- STRING_TOKEN (STR_ACCESS_POLICY), // Prompt text
>- STRING_TOKEN (STR_NULL_STRING), // Help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_AP // Question
>ID
>- );
>- }
>-
>- HiiUpdateForm (
>- mCallbackInfo->HiiHandle, // HII handle
>- &gUserProfileManagerGuid, // Formset GUID
>- FORMID_USER_INFO, // Form ID
>- StartOpCodeHandle, // Label
>- EndOpCodeHandle // Replace data
>- );
>-
>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>-}
>-
>-
>-/**
>- Get all the access policy info from current user info, and save in the global
>- variable.
>-
>-**/
>-VOID
>-ResolveAccessPolicy (
>- VOID
>- )
>-{
>- UINTN OffSet;
>- EFI_USER_INFO_ACCESS_CONTROL Control;
>- UINTN ValLen;
>- UINT8 *AccessData;
>-
>- //
>- // Set default value
>- //
>- mAccessInfo.AccessRight = EFI_USER_INFO_ACCESS_ENROLL_SELF;
>- mAccessInfo.AccessSetup = ACCESS_SETUP_RESTRICTED;
>- mAccessInfo.AccessBootOrder =
>EFI_USER_INFO_ACCESS_BOOT_ORDER_INSERT;
>-
>- mAccessInfo.LoadPermitLen = 0;
>- mAccessInfo.LoadForbidLen = 0;
>- mAccessInfo.ConnectPermitLen = 0;
>- mAccessInfo.ConnectForbidLen = 0;
>-
>- //
>- // Get each user access policy.
>- //
>- OffSet = 0;
>- while (OffSet < mUserInfo.AccessPolicyLen) {
>- CopyMem (&Control, mUserInfo.AccessPolicy + OffSet, sizeof (Control));
>- ValLen = Control.Size - sizeof (Control);
>- switch (Control.Type) {
>- case EFI_USER_INFO_ACCESS_ENROLL_SELF:
>- mAccessInfo.AccessRight = EFI_USER_INFO_ACCESS_ENROLL_SELF;
>- break;
>-
>- case EFI_USER_INFO_ACCESS_ENROLL_OTHERS:
>- mAccessInfo.AccessRight = EFI_USER_INFO_ACCESS_ENROLL_OTHERS;
>- break;
>-
>- case EFI_USER_INFO_ACCESS_MANAGE:
>- mAccessInfo.AccessRight = EFI_USER_INFO_ACCESS_MANAGE;
>- break;
>-
>- case EFI_USER_INFO_ACCESS_SETUP:
>- AccessData = mUserInfo.AccessPolicy + OffSet + sizeof (Control);
>- if (CompareGuid ((EFI_GUID *) AccessData,
>&gEfiUserInfoAccessSetupNormalGuid)) {
>- mAccessInfo.AccessSetup = ACCESS_SETUP_NORMAL;
>- } else if (CompareGuid ((EFI_GUID *) AccessData,
>&gEfiUserInfoAccessSetupRestrictedGuid)) {
>- mAccessInfo.AccessSetup = ACCESS_SETUP_RESTRICTED;
>- } else if (CompareGuid ((EFI_GUID *) AccessData,
>&gEfiUserInfoAccessSetupAdminGuid)) {
>- mAccessInfo.AccessSetup = ACCESS_SETUP_ADMIN;
>- }
>- break;
>-
>- case EFI_USER_INFO_ACCESS_BOOT_ORDER:
>- AccessData = mUserInfo.AccessPolicy + OffSet + sizeof (Control);
>- CopyMem (&mAccessInfo.AccessBootOrder, AccessData, sizeof (UINT32));
>- break;
>-
>- case EFI_USER_INFO_ACCESS_FORBID_LOAD:
>- if (mAccessInfo.LoadForbid != NULL) {
>- FreePool (mAccessInfo.LoadForbid);
>- }
>-
>- mAccessInfo.LoadForbid = AllocateZeroPool (ValLen);
>- if (mAccessInfo.LoadForbid != NULL) {
>- AccessData = mUserInfo.AccessPolicy + OffSet + sizeof (Control);
>- CopyMem (mAccessInfo.LoadForbid, AccessData, ValLen);
>- mAccessInfo.LoadForbidLen = ValLen;
>- }
>- break;
>-
>- case EFI_USER_INFO_ACCESS_PERMIT_LOAD:
>- if (mAccessInfo.LoadPermit != NULL) {
>- FreePool (mAccessInfo.LoadPermit);
>- }
>-
>- mAccessInfo.LoadPermit = AllocateZeroPool (ValLen);
>- if (mAccessInfo.LoadPermit != NULL) {
>- AccessData = mUserInfo.AccessPolicy + OffSet + sizeof (Control);
>- CopyMem (mAccessInfo.LoadPermit, AccessData, ValLen);
>- mAccessInfo.LoadPermitLen = ValLen;
>- }
>- break;
>-
>- case EFI_USER_INFO_ACCESS_FORBID_CONNECT:
>- if (mAccessInfo.ConnectForbid != NULL) {
>- FreePool (mAccessInfo.ConnectForbid);
>- }
>-
>- mAccessInfo.ConnectForbid = AllocateZeroPool (ValLen);
>- if (mAccessInfo.ConnectForbid != NULL) {
>- AccessData = mUserInfo.AccessPolicy + OffSet + sizeof (Control);
>- CopyMem (mAccessInfo.ConnectForbid, AccessData, ValLen);
>- mAccessInfo.ConnectForbidLen = ValLen;
>- }
>- break;
>-
>- case EFI_USER_INFO_ACCESS_PERMIT_CONNECT:
>- if (mAccessInfo.ConnectPermit != NULL) {
>- FreePool (mAccessInfo.ConnectPermit);
>- }
>-
>- mAccessInfo.ConnectPermit = AllocateZeroPool (ValLen);
>- if (mAccessInfo.ConnectPermit != NULL) {
>- AccessData = mUserInfo.AccessPolicy + OffSet + sizeof (Control);
>- CopyMem (mAccessInfo.ConnectPermit, AccessData, ValLen);
>- mAccessInfo.ConnectPermitLen = ValLen;
>- }
>- break;
>- }
>-
>- OffSet += Control.Size;
>- }
>-}
>-
>-
>-/**
>- Find the specified info in User profile by the InfoType.
>-
>- @param[in] User Handle of the user whose information will be
>searched.
>- @param[in] InfoType The user information type to find.
>- @param[out] UserInfo Points to user information handle found.
>-
>- @retval EFI_SUCCESS Find the user information successfully.
>- @retval Others Fail to find the user information.
>-
>-**/
>-EFI_STATUS
>-FindInfoByType (
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN UINT8 InfoType,
>- OUT EFI_USER_INFO_HANDLE *UserInfo
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *Info;
>- UINTN InfoSize;
>- UINTN MemSize;
>-
>- if (UserInfo == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- *UserInfo = NULL;
>- //
>- // Allocate user information memory.
>- //
>- MemSize = sizeof (EFI_USER_INFO) + 63;
>- Info = AllocateZeroPool (MemSize);
>- if (Info == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- //
>- // Get each user information.
>- //
>- while (TRUE) {
>- Status = mUserManager->GetNextInfo (mUserManager, User, UserInfo);
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>- //
>- // Get information.
>- //
>- InfoSize = MemSize;
>- Status = mUserManager->GetInfo (
>- mUserManager,
>- User,
>- *UserInfo,
>- Info,
>- &InfoSize
>- );
>- if (Status == EFI_BUFFER_TOO_SMALL) {
>- MemSize = InfoSize;
>- FreePool (Info);
>- Info = AllocateZeroPool (MemSize);
>- if (Info == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>- Status = mUserManager->GetInfo (
>- mUserManager,
>- User,
>- *UserInfo,
>- Info,
>- &InfoSize
>- );
>- }
>- if (Status == EFI_SUCCESS) {
>- if (Info->InfoType == InfoType) {
>- break;
>- }
>- }
>- }
>-
>- FreePool (Info);
>- return Status;
>-}
>-
>-
>-/**
>- Display modify user access policy form.
>-
>- In this form, access right, access setup and access boot order are dynamically
>- added. Load devicepath and connect devicepath are displayed too.
>-
>-**/
>-VOID
>-ModidyAccessPolicy (
>- VOID
>- )
>-{
>- VOID *StartOpCodeHandle;
>- VOID *EndOpCodeHandle;
>- VOID *OptionsOpCodeHandle;
>- EFI_IFR_GUID_LABEL *StartLabel;
>- EFI_IFR_GUID_LABEL *EndLabel;
>- VOID *DefaultOpCodeHandle;
>-
>- //
>- // Initialize the container for dynamic opcodes.
>- //
>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (StartOpCodeHandle != NULL);
>-
>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (EndOpCodeHandle != NULL);
>-
>- //
>- // Create Hii Extend Label OpCode.
>- //
>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- StartOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- StartLabel->Number = LABEL_AP_MOD_FUNC;
>-
>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- EndOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- EndLabel->Number = LABEL_END;
>-
>-
>- //
>- // Resolve access policy information.
>- //
>- ResolveAccessPolicy ();
>-
>- //
>- // Add access right one-of-code.
>- //
>- OptionsOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (OptionsOpCodeHandle != NULL);
>- DefaultOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (DefaultOpCodeHandle != NULL);
>-
>- HiiCreateOneOfOptionOpCode (
>- OptionsOpCodeHandle,
>- STRING_TOKEN (STR_NORMAL),
>- 0,
>- EFI_IFR_NUMERIC_SIZE_1,
>- EFI_USER_INFO_ACCESS_ENROLL_SELF
>- );
>-
>- HiiCreateOneOfOptionOpCode (
>- OptionsOpCodeHandle,
>- STRING_TOKEN (STR_ENROLL),
>- 0,
>- EFI_IFR_NUMERIC_SIZE_1,
>- EFI_USER_INFO_ACCESS_ENROLL_OTHERS
>- );
>-
>- HiiCreateOneOfOptionOpCode (
>- OptionsOpCodeHandle,
>- STRING_TOKEN (STR_MANAGE),
>- 0,
>- EFI_IFR_NUMERIC_SIZE_1,
>- EFI_USER_INFO_ACCESS_MANAGE
>- );
>-
>- HiiCreateDefaultOpCode (
>- DefaultOpCodeHandle,
>- EFI_HII_DEFAULT_CLASS_STANDARD,
>- EFI_IFR_NUMERIC_SIZE_1,
>- mAccessInfo.AccessRight
>- );
>-
>- HiiCreateOneOfOpCode (
>- StartOpCodeHandle, // Container for dynamic created opcodes
>- KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_AP |
>KEY_MODIFY_RIGHT, // Question ID
>- 0, // VarStore ID
>- 0, // Offset in Buffer Storage
>- STRING_TOKEN (STR_ACCESS_RIGHT), // Question prompt text
>- STRING_TOKEN (STR_ACCESS_RIGHT_HELP), // Question help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- EFI_IFR_NUMERIC_SIZE_1, // Data type of Question Value
>- OptionsOpCodeHandle, // Option Opcode list
>- DefaultOpCodeHandle // Default Opcode
>- );
>- HiiFreeOpCodeHandle (DefaultOpCodeHandle);
>- HiiFreeOpCodeHandle (OptionsOpCodeHandle);
>-
>-
>- //
>- // Add setup type one-of-code.
>- //
>- OptionsOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (OptionsOpCodeHandle != NULL);
>- DefaultOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (DefaultOpCodeHandle != NULL);
>-
>- HiiCreateOneOfOptionOpCode (
>- OptionsOpCodeHandle,
>- STRING_TOKEN (STR_RESTRICTED),
>- 0,
>- EFI_IFR_NUMERIC_SIZE_1,
>- ACCESS_SETUP_RESTRICTED
>- );
>-
>- HiiCreateOneOfOptionOpCode (
>- OptionsOpCodeHandle,
>- STRING_TOKEN (STR_NORMAL),
>- 0,
>- EFI_IFR_NUMERIC_SIZE_1,
>- ACCESS_SETUP_NORMAL
>- );
>-
>- HiiCreateOneOfOptionOpCode (
>- OptionsOpCodeHandle,
>- STRING_TOKEN (STR_ADMIN),
>- 0,
>- EFI_IFR_NUMERIC_SIZE_1,
>- ACCESS_SETUP_ADMIN
>- );
>-
>- HiiCreateDefaultOpCode (
>- DefaultOpCodeHandle,
>- EFI_HII_DEFAULT_CLASS_STANDARD,
>- EFI_IFR_NUMERIC_SIZE_1,
>- mAccessInfo.AccessSetup
>- );
>-
>- HiiCreateOneOfOpCode (
>- StartOpCodeHandle, // Container for dynamic created opcodes
>- KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_AP |
>KEY_MODIFY_SETUP, // Question ID
>- 0, // VarStore ID
>- 0, // Offset in Buffer Storage
>- STRING_TOKEN (STR_ACCESS_SETUP), // Question prompt text
>- STRING_TOKEN (STR_ACCESS_SETUP_HELP), // Question help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- EFI_IFR_NUMERIC_SIZE_1, // Data type of Question Value
>- OptionsOpCodeHandle, // Option Opcode list
>- DefaultOpCodeHandle // Default Opcode
>- );
>- HiiFreeOpCodeHandle (DefaultOpCodeHandle);
>- HiiFreeOpCodeHandle (OptionsOpCodeHandle);
>-
>- //
>- // Add boot order one-of-code.
>- //
>- OptionsOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (OptionsOpCodeHandle != NULL);
>- DefaultOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (DefaultOpCodeHandle != NULL);
>-
>- HiiCreateOneOfOptionOpCode (
>- OptionsOpCodeHandle,
>- STRING_TOKEN (STR_INSERT),
>- 0,
>- EFI_IFR_NUMERIC_SIZE_4,
>- EFI_USER_INFO_ACCESS_BOOT_ORDER_INSERT
>- );
>-
>- HiiCreateOneOfOptionOpCode (
>- OptionsOpCodeHandle,
>- STRING_TOKEN (STR_APPEND),
>- 0,
>- EFI_IFR_NUMERIC_SIZE_4,
>- EFI_USER_INFO_ACCESS_BOOT_ORDER_APPEND
>- );
>-
>- HiiCreateOneOfOptionOpCode (
>- OptionsOpCodeHandle,
>- STRING_TOKEN (STR_REPLACE),
>- 0,
>- EFI_IFR_NUMERIC_SIZE_4,
>- EFI_USER_INFO_ACCESS_BOOT_ORDER_REPLACE
>- );
>-
>- HiiCreateOneOfOptionOpCode (
>- OptionsOpCodeHandle,
>- STRING_TOKEN (STR_NODEFAULT),
>- 0,
>- EFI_IFR_NUMERIC_SIZE_4,
>- EFI_USER_INFO_ACCESS_BOOT_ORDER_NODEFAULT
>- );
>-
>- HiiCreateDefaultOpCode (
>- DefaultOpCodeHandle,
>- EFI_HII_DEFAULT_CLASS_STANDARD,
>- EFI_IFR_NUMERIC_SIZE_4,
>- mAccessInfo.AccessBootOrder
>- );
>-
>- HiiCreateOneOfOpCode (
>- StartOpCodeHandle, // Container for dynamic created opcodes
>- KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_AP |
>KEY_MODIFY_BOOT, // Question ID
>- 0, // VarStore ID
>- 0, // Offset in Buffer Storage
>- STRING_TOKEN (STR_BOOR_ORDER), // Question prompt text
>- STRING_TOKEN (STR_BOOT_ORDER_HELP), // Question help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- EFI_IFR_NUMERIC_SIZE_1, // Data type of Question Value
>- OptionsOpCodeHandle, // Option Opcode list
>- DefaultOpCodeHandle // Default Opcode
>- );
>- HiiFreeOpCodeHandle (DefaultOpCodeHandle);
>- HiiFreeOpCodeHandle (OptionsOpCodeHandle);
>-
>- //
>- // Update Form.
>- //
>- HiiUpdateForm (
>- mCallbackInfo->HiiHandle, // HII handle
>- &gUserProfileManagerGuid, // Formset GUID
>- FORMID_MODIFY_AP, // Form ID
>- StartOpCodeHandle, // Label for where to insert opcodes
>- EndOpCodeHandle // Replace data
>- );
>-
>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>-}
>-
>-
>-/**
>- Expand access policy memory size.
>-
>- @param[in] ValidLen The valid access policy length.
>- @param[in] ExpandLen The length that is needed to expand.
>-
>-**/
>-VOID
>-ExpandMemory (
>- IN UINTN ValidLen,
>- IN UINTN ExpandLen
>- )
>-{
>- UINT8 *Mem;
>- UINTN Len;
>-
>- //
>- // Expand memory.
>- //
>- Len = mUserInfo.AccessPolicyLen + (ExpandLen / 64 + 1) * 64;
>- Mem = AllocateZeroPool (Len);
>- ASSERT (Mem != NULL);
>-
>- if (mUserInfo.AccessPolicy != NULL) {
>- CopyMem (Mem, mUserInfo.AccessPolicy, ValidLen);
>- FreePool (mUserInfo.AccessPolicy);
>- }
>-
>- mUserInfo.AccessPolicy = Mem;
>- mUserInfo.AccessPolicyLen = Len;
>-}
>-
>-
>-/**
>- Get the username from user input, and update username string in the Hii
>- database with it.
>-
>-**/
>-VOID
>-ModifyUserName (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- CHAR16 UserName[USER_NAME_LENGTH];
>- UINTN Len;
>- EFI_INPUT_KEY Key;
>- EFI_USER_INFO_HANDLE UserInfo;
>- EFI_USER_INFO *Info;
>- EFI_USER_PROFILE_HANDLE TempUser;
>-
>- //
>- // Get the new user name.
>- //
>- Len = sizeof (UserName);
>- Status = GetUserNameInput (&Len, UserName);
>- if (EFI_ERROR (Status)) {
>- if (Status != EFI_ABORTED) {
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- L"Failed To Get User Name.",
>- L"",
>- L"Please Press Any Key to Continue ...",
>- NULL
>- );
>- }
>- return ;
>- }
>-
>- //
>- // Check whether the username had been used or not.
>- //
>- Info = AllocateZeroPool (sizeof (EFI_USER_INFO) + Len);
>- if (Info == NULL) {
>- return ;
>- }
>-
>- Info->InfoType = EFI_USER_INFO_NAME_RECORD;
>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>- EFI_USER_INFO_PUBLIC |
>- EFI_USER_INFO_EXCLUSIVE;
>- Info->InfoSize = (UINT32) (sizeof (EFI_USER_INFO) + Len);
>- CopyMem ((UINT8 *) (Info + 1), UserName, Len);
>-
>- TempUser = NULL;
>- Status = mUserManager->Find (
>- mUserManager,
>- &TempUser,
>- NULL,
>- Info,
>- Info->InfoSize
>- );
>- if (!EFI_ERROR (Status)) {
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- L"The User Name Had Been Used.",
>- L"",
>- L"Please Use Other User Name",
>- NULL
>- );
>- FreePool (Info);
>- return ;
>- }
>-
>- //
>- // Update username display in the form.
>- //
>- CopyMem (mUserInfo.UserName, UserName, Len);
>- HiiSetString (
>- mCallbackInfo->HiiHandle,
>- STRING_TOKEN (STR_USER_NAME_VAL),
>- mUserInfo.UserName,
>- NULL
>- );
>-
>- //
>- // Save the user name.
>- //
>- Status = FindInfoByType (mModifyUser, EFI_USER_INFO_NAME_RECORD,
>&UserInfo);
>- if (!EFI_ERROR (Status)) {
>- mUserManager->SetInfo (
>- mUserManager,
>- mModifyUser,
>- &UserInfo,
>- Info,
>- Info->InfoSize
>- );
>- }
>- FreePool (Info);
>-}
>-
>-
>-/**
>- Display the form of the modifying user identity policy.
>-
>-**/
>-VOID
>-ModifyIdentityPolicy (
>- VOID
>- )
>-{
>- UINTN Index;
>- CHAR16 *ProvStr;
>- EFI_STRING_ID ProvID;
>- EFI_HII_HANDLE HiiHandle;
>- VOID *OptionsOpCodeHandle;
>- VOID *StartOpCodeHandle;
>- VOID *EndOpCodeHandle;
>- EFI_IFR_GUID_LABEL *StartLabel;
>- EFI_IFR_GUID_LABEL *EndLabel;
>-
>- //
>- // Initialize the container for dynamic opcodes.
>- //
>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (StartOpCodeHandle != NULL);
>-
>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (EndOpCodeHandle != NULL);
>-
>- //
>- // Create Hii Extend Label OpCode.
>- //
>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- StartOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- StartLabel->Number = LABEL_IP_MOD_FUNC;
>-
>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- EndOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- EndLabel->Number = LABEL_END;
>-
>- //
>- // Add credential providers
>- //.
>- if (mProviderInfo->Count > 0) {
>- OptionsOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (OptionsOpCodeHandle != NULL);
>-
>- //
>- // Add credential provider Option OpCode.
>- //
>- for (Index = 0; Index < mProviderInfo->Count; Index++) {
>- mProviderInfo->Provider[Index]->Title (
>- mProviderInfo->Provider[Index],
>- &HiiHandle,
>- &ProvID
>- );
>- ProvStr = HiiGetString (HiiHandle, ProvID, NULL);
>- ProvID = HiiSetString (mCallbackInfo->HiiHandle, 0, ProvStr, NULL);
>- FreePool (ProvStr);
>- if (ProvID == 0) {
>- return ;
>- }
>-
>- HiiCreateOneOfOptionOpCode (
>- OptionsOpCodeHandle,
>- ProvID,
>- 0,
>- EFI_IFR_NUMERIC_SIZE_1,
>- (UINT8) Index
>- );
>- }
>-
>- HiiCreateOneOfOpCode (
>- StartOpCodeHandle, // Container for dynamic created opcodes
>- KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_IP |
>KEY_MODIFY_PROV, // Question ID
>- 0, // VarStore ID
>- 0, // Offset in Buffer Storage
>- STRING_TOKEN (STR_PROVIDER), // Question prompt text
>- STRING_TOKEN (STR_PROVIDER_HELP), // Question help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- EFI_IFR_NUMERIC_SIZE_1, // Data type of Question Value
>- OptionsOpCodeHandle, // Option Opcode list
>- NULL // Default Opcode is NULl
>- );
>-
>- HiiFreeOpCodeHandle (OptionsOpCodeHandle);
>- }
>-
>- //
>- // Add logical connector Option OpCode.
>- //
>- OptionsOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (OptionsOpCodeHandle != NULL);
>-
>- HiiCreateOneOfOptionOpCode (
>- OptionsOpCodeHandle,
>- STRING_TOKEN (STR_AND_CON),
>- 0,
>- EFI_IFR_NUMERIC_SIZE_1,
>- 0
>- );
>-
>- HiiCreateOneOfOptionOpCode (
>- OptionsOpCodeHandle,
>- STRING_TOKEN (STR_OR_CON),
>- 0,
>- EFI_IFR_NUMERIC_SIZE_1,
>- 1
>- );
>-
>- HiiCreateOneOfOpCode (
>- StartOpCodeHandle, // Container for dynamic created opcodes
>- KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_IP |
>KEY_MODIFY_CONN, // Question ID
>- 0, // VarStore ID
>- 0, // Offset in Buffer Storage
>- STRING_TOKEN (STR_CONNECTOR), // Question prompt text
>- STRING_TOKEN (STR_CONNECTOR_HELP), // Question help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- EFI_IFR_NUMERIC_SIZE_1, // Data type of Question Value
>- OptionsOpCodeHandle, // Option Opcode list
>- NULL // Default Opcode is NULl
>- );
>-
>- HiiFreeOpCodeHandle (OptionsOpCodeHandle);
>-
>- //
>- // Update identity policy in the form.
>- //
>- ResolveIdentityPolicy (
>- mUserInfo.IdentityPolicy,
>- mUserInfo.IdentityPolicyLen,
>- STRING_TOKEN (STR_IDENTIFY_POLICY_VALUE)
>- );
>-
>- if (mUserInfo.NewIdentityPolicy != NULL) {
>- FreePool (mUserInfo.NewIdentityPolicy);
>- mUserInfo.NewIdentityPolicy = NULL;
>- mUserInfo.NewIdentityPolicyLen = 0;
>- mUserInfo.NewIdentityPolicyModified = FALSE;
>- }
>- mProviderChoice = 0;
>- mConncetLogical = 0;
>-
>- HiiUpdateForm (
>- mCallbackInfo->HiiHandle, // HII handle
>- &gUserProfileManagerGuid, // Formset GUID
>- FORMID_MODIFY_IP, // Form ID
>- StartOpCodeHandle, // Label for where to insert opcodes
>- EndOpCodeHandle // Replace data
>- );
>-
>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>-}
>-
>-
>-/**
>- Get current user's access right.
>-
>- @param[out] AccessRight Points to the buffer used for user's access right.
>-
>- @retval EFI_SUCCESS Get current user access right successfully.
>- @retval others Fail to get current user access right.
>-
>-**/
>-EFI_STATUS
>-GetAccessRight (
>- OUT UINT32 *AccessRight
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO_HANDLE UserInfo;
>- EFI_USER_INFO *Info;
>- UINTN InfoSize;
>- UINTN MemSize;
>- EFI_USER_INFO_ACCESS_CONTROL Access;
>- EFI_USER_PROFILE_HANDLE CurrentUser;
>- UINTN TotalLen;
>- UINTN CheckLen;
>-
>- //
>- // Allocate user information memory.
>- //
>- MemSize = sizeof (EFI_USER_INFO) + 63;
>- Info = AllocateZeroPool (MemSize);
>- if (Info == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- //
>- // Get user access information.
>- //
>- UserInfo = NULL;
>- mUserManager->Current (mUserManager, &CurrentUser);
>- while (TRUE) {
>- InfoSize = MemSize;
>- //
>- // Get next user information.
>- //
>- Status = mUserManager->GetNextInfo (mUserManager, CurrentUser,
>&UserInfo);
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>-
>- Status = mUserManager->GetInfo (
>- mUserManager,
>- CurrentUser,
>- UserInfo,
>- Info,
>- &InfoSize
>- );
>- if (Status == EFI_BUFFER_TOO_SMALL) {
>- MemSize = InfoSize;
>- FreePool (Info);
>- Info = AllocateZeroPool (MemSize);
>- if (Info == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>- Status = mUserManager->GetInfo (
>- mUserManager,
>- CurrentUser,
>- UserInfo,
>- Info,
>- &InfoSize
>- );
>- }
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>-
>- //
>- // Check user information.
>- //
>- if (Info->InfoType == EFI_USER_INFO_ACCESS_POLICY_RECORD) {
>- TotalLen = Info->InfoSize - sizeof (EFI_USER_INFO);
>- CheckLen = 0;
>- //
>- // Get specified access information.
>- //
>- while (CheckLen < TotalLen) {
>- CopyMem (&Access, (UINT8 *) (Info + 1) + CheckLen, sizeof (Access));
>- if ((Access.Type == EFI_USER_INFO_ACCESS_ENROLL_SELF) ||
>- (Access.Type == EFI_USER_INFO_ACCESS_ENROLL_OTHERS) ||
>- (Access.Type == EFI_USER_INFO_ACCESS_MANAGE)
>- ) {
>- *AccessRight = Access.Type;
>- FreePool (Info);
>- return EFI_SUCCESS;
>- }
>- CheckLen += Access.Size;
>- }
>- }
>- }
>- FreePool (Info);
>- return EFI_NOT_FOUND;
>-}
>-
>--
>2.16.2.windows.1
>
>_______________________________________________
>edk2-devel mailing list
>edk2-devel@lists.01.org
>https://lists.01.org/mailman/listinfo/edk2-devel
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] SecurityPkg: Remove code under UserIdentification folder.
2019-01-09 1:38 ` Gao, Liming
@ 2019-01-09 1:54 ` Chen, Chen A
2019-01-09 2:17 ` Gao, Liming
0 siblings, 1 reply; 4+ messages in thread
From: Chen, Chen A @ 2019-01-09 1:54 UTC (permalink / raw)
To: Gao, Liming, edk2-devel@lists.01.org; +Cc: Zhang, Chao B
Yes, Chao has filed on BZ1427.
-----Original Message-----
From: Gao, Liming
Sent: Wednesday, January 9, 2019 9:39 AM
To: Chen, Chen A <chen.a.chen@intel.com>; edk2-devel@lists.01.org
Cc: Zhang, Chao B <chao.b.zhang@intel.com>
Subject: RE: [edk2] [PATCH] SecurityPkg: Remove code under UserIdentification folder.
Could you create BZ for this change?
>-----Original Message-----
>From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of
>chenche4
>Sent: Wednesday, January 09, 2019 9:09 AM
>To: edk2-devel@lists.01.org
>Cc: Zhang, Chao B <chao.b.zhang@intel.com>
>Subject: [edk2] [PATCH] SecurityPkg: Remove code under UserIdentification
>folder.
>
>1. UserIdentifyManagerDxe is used to provide UserManagerProtocol.
>2. UserProfileManagerDxe provide UI setting
>3. PwdCredentialProviderDxe & UsbCredentialProviderDxe are
>implementation
> examples.
>
>Remove above features because of no platform use it.
>
>Cc: Zhang Chao B <chao.b.zhang@intel.com>
>Contributed-under: TianoCore Contribution Agreement 1.1
>Signed-off-by: Chen A Chen <chen.a.chen@intel.com>
>---
> .../Include/Guid/UsbCredentialProviderHii.h | 29 -
> SecurityPkg/Include/Guid/UserIdentifyManagerHii.h | 25 -
> SecurityPkg/Include/Guid/UserProfileManagerHii.h | 25 -
> SecurityPkg/SecurityPkg.dec | 12 -
> SecurityPkg/SecurityPkg.dsc | 4 -
> .../PwdCredentialProvider.c | 1464 --------
> .../PwdCredentialProvider.h | 374 --
> .../PwdCredentialProvider.uni | 21 -
> .../PwdCredentialProviderData.h | 30 -
> .../PwdCredentialProviderDxe.inf | 65 -
> .../PwdCredentialProviderExtra.uni | 19 -
> .../PwdCredentialProviderStrings.uni | 38 -
> .../PwdCredentialProviderVfr.Vfr | 34 -
> .../UsbCredentialProvider.c | 1410 --------
> .../UsbCredentialProvider.h | 361 --
> .../UsbCredentialProvider.uni | 23 -
> .../UsbCredentialProviderDxe.inf | 70 -
> .../UsbCredentialProviderExtra.uni | 19 -
> .../UsbCredentialProviderStrings.uni | 29 -
> .../UserIdentifyManagerDxe/LoadDeferredImage.c | 148 -
> .../UserIdentifyManagerDxe/UserIdentifyManager.c | 3766 --------------------
> .../UserIdentifyManagerDxe/UserIdentifyManager.h | 413 ---
> .../UserIdentifyManagerDxe/UserIdentifyManager.uni | 21 -
> .../UserIdentifyManagerData.h | 35 -
> .../UserIdentifyManagerDxe.inf | 79 -
> .../UserIdentifyManagerExtra.uni | 19 -
> .../UserIdentifyManagerStrings.uni | 27 -
> .../UserIdentifyManagerVfr.Vfr | 43 -
> .../UserProfileManagerDxe/ModifyAccessPolicy.c | 688 ----
> .../UserProfileManagerDxe/ModifyIdentityPolicy.c | 516 ---
> .../UserProfileManagerDxe/UserProfileAdd.c | 372 --
> .../UserProfileManagerDxe/UserProfileDelete.c | 343 --
> .../UserProfileManagerDxe/UserProfileManager.c | 887 -----
> .../UserProfileManagerDxe/UserProfileManager.h | 444 ---
> .../UserProfileManagerDxe/UserProfileManager.uni | 22 -
> .../UserProfileManagerDxe/UserProfileManagerData.h | 158 -
> .../UserProfileManagerDxe.inf | 72 -
> .../UserProfileManagerExtra.uni | 19 -
> .../UserProfileManagerStrings.uni | 158 -
> .../UserProfileManagerVfr.Vfr | 244 --
> .../UserProfileManagerDxe/UserProfileModify.c | 1475 --------
> 41 files changed, 14001 deletions(-)
> delete mode 100644 SecurityPkg/Include/Guid/UsbCredentialProviderHii.h
> delete mode 100644 SecurityPkg/Include/Guid/UserIdentifyManagerHii.h
> delete mode 100644 SecurityPkg/Include/Guid/UserProfileManagerHii.h
> delete mode 100644
>SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialPro
>vider.c
> delete mode 100644
>SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialPro
>vider.h
> delete mode 100644
>SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialPro
>vider.uni
> delete mode 100644
>SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialPro
>viderData.h
> delete mode 100644
>SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialPro
>viderDxe.inf
> delete mode 100644
>SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialPro
>viderExtra.uni
> delete mode 100644
>SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialPro
>viderStrings.uni
> delete mode 100644
>SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialPro
>viderVfr.Vfr
> delete mode 100644
>SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPro
>vider.c
> delete mode 100644
>SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPro
>vider.h
> delete mode 100644
>SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPro
>vider.uni
> delete mode 100644
>SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPro
>viderDxe.inf
> delete mode 100644
>SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPro
>viderExtra.uni
> delete mode 100644
>SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPro
>viderStrings.uni
> delete mode 100644
>SecurityPkg/UserIdentification/UserIdentifyManagerDxe/LoadDeferredImag
>e.c
> delete mode 100644
>SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManag
>er.c
> delete mode 100644
>SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManag
>er.h
> delete mode 100644
>SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManag
>er.uni
> delete mode 100644
>SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManag
>erData.h
> delete mode 100644
>SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManag
>erDxe.inf
> delete mode 100644
>SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManag
>erExtra.uni
> delete mode 100644
>SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManag
>erStrings.uni
> delete mode 100644
>SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyManag
>erVfr.Vfr
> delete mode 100644
>SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyAccessPolicy.
>c
> delete mode 100644
>SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyIdentityPolicy
>.c
> delete mode 100644
>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileAdd.c
> delete mode 100644
>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileDelete.c
> delete mode 100644
>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.
>c
> delete mode 100644
>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.
>h
> delete mode 100644
>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.
>uni
> delete mode 100644
>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager
>Data.h
> delete mode 100644
>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager
>Dxe.inf
> delete mode 100644
>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager
>Extra.uni
> delete mode 100644
>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager
>Strings.uni
> delete mode 100644
>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager
>Vfr.Vfr
> delete mode 100644
>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileModify.c
>
>diff --git a/SecurityPkg/Include/Guid/UsbCredentialProviderHii.h
>b/SecurityPkg/Include/Guid/UsbCredentialProviderHii.h
>deleted file mode 100644
>index 059d68f32e..0000000000
>--- a/SecurityPkg/Include/Guid/UsbCredentialProviderHii.h
>+++ /dev/null
>@@ -1,29 +0,0 @@
>-/** @file
>- GUID used as HII Package list GUID in UsbCredentialProviderDxe driver.
>-
>-Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#ifndef __USB_CREDENTIAL_PROVIDER_HII_H__
>-#define __USB_CREDENTIAL_PROVIDER_HII_H__
>-
>-//
>-// Used for save password credential and form browser
>-// And used as provider identifier
>-//
>-#define USB_CREDENTIAL_PROVIDER_GUID \
>- { \
>- 0xd0849ed1, 0xa88c, 0x4ba6, { 0xb1, 0xd6, 0xab, 0x50, 0xe2, 0x80, 0xb7,
>0xa9 }\
>- }
>-
>-extern EFI_GUID gUsbCredentialProviderGuid;
>-
>-#endif
>diff --git a/SecurityPkg/Include/Guid/UserIdentifyManagerHii.h
>b/SecurityPkg/Include/Guid/UserIdentifyManagerHii.h
>deleted file mode 100644
>index 323c51f0f6..0000000000
>--- a/SecurityPkg/Include/Guid/UserIdentifyManagerHii.h
>+++ /dev/null
>@@ -1,25 +0,0 @@
>-/** @file
>- GUID used as HII FormSet and HII Package list GUID in
>UserIdentifyManagerDxe driver.
>-
>-Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#ifndef __USER_IDENTIFY_MANAGER_HII_H__
>-#define __USER_IDENTIFY_MANAGER_HII_H__
>-
>-#define USER_IDENTIFY_MANAGER_GUID \
>- { \
>- 0x3ccd3dd8, 0x8d45, 0x4fed, { 0x96, 0x2d, 0x2b, 0x38, 0xcd, 0x82, 0xb3,
>0xc4 } \
>- }
>-
>-extern EFI_GUID gUserIdentifyManagerGuid;
>-
>-#endif
>diff --git a/SecurityPkg/Include/Guid/UserProfileManagerHii.h
>b/SecurityPkg/Include/Guid/UserProfileManagerHii.h
>deleted file mode 100644
>index 105059350c..0000000000
>--- a/SecurityPkg/Include/Guid/UserProfileManagerHii.h
>+++ /dev/null
>@@ -1,25 +0,0 @@
>-/** @file
>- GUID used as HII FormSet and HII Package list GUID in
>UserProfileManagerDxe driver.
>-
>-Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#ifndef __USER_PROFILE_MANAGER_HII_H__
>-#define __USER_PROFILE_MANAGER_HII_H__
>-
>-#define USER_PROFILE_MANAGER_GUID \
>- { \
>- 0xc35f272c, 0x97c2, 0x465a, { 0xa2, 0x16, 0x69, 0x6b, 0x66, 0x8a, 0x8c, 0xfe }
>\
>- }
>-
>-extern EFI_GUID gUserProfileManagerGuid;
>-
>-#endif
>diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec
>index 8d64b4fefe..0c2afe2938 100644
>--- a/SecurityPkg/SecurityPkg.dec
>+++ b/SecurityPkg/SecurityPkg.dec
>@@ -139,22 +139,10 @@
> # Include/Guid/Tcg2PhysicalPresenceData.h
> gEfiTcg2PhysicalPresenceGuid = { 0xaeb9c5c1, 0x94f1, 0x4d02, { 0xbf, 0xd9,
>0x46, 0x2, 0xdb, 0x2d, 0x3c, 0x54 }}
>
>- ## GUID used for form browser, password credential and provider identifier.
>- # Include/Guid/PwdCredentialProviderHii.h
>- gPwdCredentialProviderGuid = { 0x78b9ec8b, 0xc000, 0x46c5, { 0xac,
>0x93, 0x24, 0xa0, 0xc1, 0xbb, 0x0, 0xce }}
>-
>- ## GUID used for form browser, USB credential and provider identifier.
>- # Include/Guid/UsbCredentialProviderHii.h
>- gUsbCredentialProviderGuid = { 0xd0849ed1, 0xa88c, 0x4ba6, { 0xb1,
>0xd6, 0xab, 0x50, 0xe2, 0x80, 0xb7, 0xa9 }}
>-
> ## GUID used for FormSet guid and user profile variable.
> # Include/Guid/UserIdentifyManagerHii.h
> gUserIdentifyManagerGuid = { 0x3ccd3dd8, 0x8d45, 0x4fed, { 0x96,
>0x2d, 0x2b, 0x38, 0xcd, 0x82, 0xb3, 0xc4 }}
>
>- ## GUID used for FormSet.
>- # Include/Guid/UserProfileManagerHii.h
>- gUserProfileManagerGuid = { 0xc35f272c, 0x97c2, 0x465a, { 0xa2, 0x16,
>0x69, 0x6b, 0x66, 0x8a, 0x8c, 0xfe }}
>-
> ## GUID used for FormSet.
> # Include/Guid/TcgConfigHii.h
> gTcgConfigFormSetGuid = { 0xb0f901e4, 0xc424, 0x45de, { 0x90, 0x81,
>0x95, 0xe2, 0xb, 0xde, 0x6f, 0xb5 }}
>diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc
>index 68a2953162..19aaebff1f 100644
>--- a/SecurityPkg/SecurityPkg.dsc
>+++ b/SecurityPkg/SecurityPkg.dsc
>@@ -146,8 +146,6 @@
> SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
> #SecurityPkg/Library/DxeDeferImageLoadLib/DxeDeferImageLoadLib.inf
>
>SecurityPkg/Library/DxeImageAuthenticationStatusLib/DxeImageAuthenticati
>onStatusLib.inf
>-
>#SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMana
>gerDxe.inf
>-
>#SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManage
>rDxe.inf
>
> #
> # TPM
>@@ -200,8 +198,6 @@
> SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
>
> [Components.IA32, Components.X64]
>-#
>SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialPro
>viderDxe.inf
>-#
>SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPro
>viderDxe.inf
>
>SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig
>Dxe.inf
>
> #
>diff --git
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>rovider.c
>b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>Provider.c
>deleted file mode 100644
>index 52fc68b5ee..0000000000
>---
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>rovider.c
>+++ /dev/null
>@@ -1,1464 +0,0 @@
>-/** @file
>- Password Credential Provider driver implementation.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-(C) Copyright 2018 Hewlett Packard Enterprise Development LP<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#include "PwdCredentialProvider.h"
>-
>-CREDENTIAL_TABLE *mPwdTable = NULL;
>-PWD_PROVIDER_CALLBACK_INFO *mCallbackInfo = NULL;
>-PASSWORD_CREDENTIAL_INFO *mPwdInfoHandle = NULL;
>-
>-HII_VENDOR_DEVICE_PATH mHiiVendorDevicePath = {
>- {
>- {
>- HARDWARE_DEVICE_PATH,
>- HW_VENDOR_DP,
>- {
>- (UINT8) (sizeof (VENDOR_DEVICE_PATH)),
>- (UINT8) ((sizeof (VENDOR_DEVICE_PATH)) >> 8)
>- }
>- },
>- PWD_CREDENTIAL_PROVIDER_GUID
>- },
>- {
>- END_DEVICE_PATH_TYPE,
>- END_ENTIRE_DEVICE_PATH_SUBTYPE,
>- {
>- (UINT8) (END_DEVICE_PATH_LENGTH),
>- (UINT8) ((END_DEVICE_PATH_LENGTH) >> 8)
>- }
>- }
>-};
>-
>-EFI_USER_CREDENTIAL2_PROTOCOL gPwdCredentialProviderDriver = {
>- PWD_CREDENTIAL_PROVIDER_GUID,
>- EFI_USER_CREDENTIAL_CLASS_PASSWORD,
>- CredentialEnroll,
>- CredentialForm,
>- CredentialTile,
>- CredentialTitle,
>- CredentialUser,
>- CredentialSelect,
>- CredentialDeselect,
>- CredentialDefault,
>- CredentialGetInfo,
>- CredentialGetNextInfo,
>- EFI_CREDENTIAL_CAPABILITIES_ENROLL,
>- CredentialDelete
>-};
>-
>-
>-/**
>- Get string by string id from HII Interface.
>-
>-
>- @param[in] Id String ID to get the string from.
>-
>- @retval CHAR16 * String from ID.
>- @retval NULL If error occurs.
>-
>-**/
>-CHAR16 *
>-GetStringById (
>- IN EFI_STRING_ID Id
>- )
>-{
>- //
>- // Get the current string for the current Language.
>- //
>- return HiiGetString (mCallbackInfo->HiiHandle, Id, NULL);
>-}
>-
>-
>-/**
>- Expand password table size.
>-
>-**/
>-VOID
>-ExpandTableSize (
>- VOID
>- )
>-{
>- CREDENTIAL_TABLE *NewTable;
>- UINTN Count;
>-
>- Count = mPwdTable->MaxCount + PASSWORD_TABLE_INC;
>- //
>- // Create new credential table.
>- //
>- NewTable = (CREDENTIAL_TABLE *) AllocateZeroPool (
>- sizeof (CREDENTIAL_TABLE) +
>- (Count - 1) * sizeof (PASSWORD_INFO)
>- );
>- ASSERT (NewTable != NULL);
>-
>- NewTable->MaxCount = Count;
>- NewTable->Count = mPwdTable->Count;
>- NewTable->ValidIndex = mPwdTable->ValidIndex;
>- //
>- // Copy old entries
>- //
>- CopyMem (
>- &NewTable->UserInfo,
>- &mPwdTable->UserInfo,
>- mPwdTable->Count * sizeof (PASSWORD_INFO)
>- );
>- FreePool (mPwdTable);
>- mPwdTable = NewTable;
>-}
>-
>-
>-/**
>- Add, update or delete info in table, and sync with NV variable.
>-
>- @param[in] Index The index of the password in table. If index is found in
>- table, update the info, else add the into to table.
>- @param[in] Info The new password info to add into table.If Info is NULL,
>- delete the info by Index.
>-
>- @retval EFI_INVALID_PARAMETER Info is NULL when save the info.
>- @retval EFI_SUCCESS Modify the table successfully.
>- @retval Others Failed to modify the table.
>-
>-**/
>-EFI_STATUS
>-ModifyTable (
>- IN UINTN Index,
>- IN PASSWORD_INFO * Info OPTIONAL
>- )
>-{
>- EFI_STATUS Status;
>- PASSWORD_INFO *NewPasswordInfo;
>-
>- NewPasswordInfo = NULL;
>-
>- if (Index < mPwdTable->Count) {
>- if (Info == NULL) {
>- //
>- // Delete the specified entry.
>- //
>- mPwdTable->Count--;
>- if (Index != mPwdTable->Count) {
>- NewPasswordInfo = &mPwdTable->UserInfo[mPwdTable->Count];
>- }
>- } else {
>- //
>- // Update the specified entry.
>- //
>- NewPasswordInfo = Info;
>- }
>- } else {
>- //
>- // Add a new password info.
>- //
>- if (Info == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if (mPwdTable->Count >= mPwdTable->MaxCount) {
>- ExpandTableSize ();
>- }
>-
>- NewPasswordInfo = Info;
>- mPwdTable->Count++;
>- }
>-
>- if (NewPasswordInfo != NULL) {
>- CopyMem (&mPwdTable->UserInfo[Index], NewPasswordInfo, sizeof
>(PASSWORD_INFO));
>- }
>-
>- //
>- // Save the credential table.
>- //
>- Status = gRT->SetVariable (
>- L"PwdCredential",
>- &gPwdCredentialProviderGuid,
>- EFI_VARIABLE_NON_VOLATILE |
>EFI_VARIABLE_BOOTSERVICE_ACCESS,
>- mPwdTable->Count * sizeof (PASSWORD_INFO),
>- &mPwdTable->UserInfo
>- );
>- return Status;
>-}
>-
>-
>-/**
>- Create a password table.
>-
>- @retval EFI_SUCCESS Create a password table successfully.
>- @retval Others Failed to create a password.
>-
>-**/
>-EFI_STATUS
>-InitCredentialTable (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- UINT8 *Var;
>- UINTN VarSize;
>-
>- //
>- // Get Password credential data from NV variable.
>- //
>- VarSize = 0;
>- Var = NULL;
>- Status = gRT->GetVariable (
>- L"PwdCredential",
>- &gPwdCredentialProviderGuid,
>- NULL,
>- &VarSize,
>- Var
>- );
>- if (Status == EFI_BUFFER_TOO_SMALL) {
>- Var = AllocateZeroPool (VarSize);
>- if (Var == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>- Status = gRT->GetVariable (
>- L"PwdCredential",
>- &gPwdCredentialProviderGuid,
>- NULL,
>- &VarSize,
>- Var
>- );
>- }
>- if (EFI_ERROR (Status) && (Status != EFI_NOT_FOUND)) {
>- return Status;
>- }
>-
>- //
>- // Create the password credential table.
>- //
>- mPwdTable = AllocateZeroPool (
>- sizeof (CREDENTIAL_TABLE) - sizeof (PASSWORD_INFO) +
>- PASSWORD_TABLE_INC * sizeof (PASSWORD_INFO) +
>- VarSize
>- );
>- if (mPwdTable == NULL) {
>- FreePool (Var);
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- mPwdTable->Count = VarSize / sizeof (PASSWORD_INFO);
>- mPwdTable->MaxCount = mPwdTable->Count + PASSWORD_TABLE_INC;
>- mPwdTable->ValidIndex = 0;
>- if (Var != NULL) {
>- CopyMem (mPwdTable->UserInfo, Var, VarSize);
>- FreePool (Var);
>- }
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Hash the password to get credential.
>-
>- @param[in] Password Points to the input password.
>- @param[in] PasswordSize The size of password, in bytes.
>- @param[out] Credential Points to the hashed result.
>-
>- @retval TRUE Hash the password successfully.
>- @retval FALSE Failed to hash the password.
>-
>-**/
>-BOOLEAN
>-GenerateCredential (
>- IN CHAR16 *Password,
>- IN UINTN PasswordSize,
>- OUT UINT8 *Credential
>- )
>-{
>- BOOLEAN Status;
>- UINTN HashSize;
>- VOID *Hash;
>-
>- HashSize = Sha1GetContextSize ();
>- Hash = AllocatePool (HashSize);
>- ASSERT (Hash != NULL);
>-
>- Status = Sha1Init (Hash);
>- if (!Status) {
>- goto Done;
>- }
>-
>- Status = Sha1Update (Hash, Password, PasswordSize);
>- if (!Status) {
>- goto Done;
>- }
>-
>- Status = Sha1Final (Hash, Credential);
>-
>-Done:
>- FreePool (Hash);
>- return Status;
>-}
>-
>-
>-/**
>- Get password from user input.
>-
>- @param[in] FirstPwd If True, prompt to input the first password.
>- If False, prompt to input password again.
>- @param[out] Credential Points to the input password.
>-
>-**/
>-VOID
>-GetPassword (
>- IN BOOLEAN FirstPwd,
>- OUT CHAR8 *Credential
>- )
>-{
>- EFI_INPUT_KEY Key;
>- CHAR16 PasswordMask[CREDENTIAL_LEN + 1];
>- CHAR16 Password[CREDENTIAL_LEN];
>- UINTN PasswordLen;
>- CHAR16 *QuestionStr;
>- CHAR16 *LineStr;
>-
>- PasswordLen = 0;
>- while (TRUE) {
>- PasswordMask[PasswordLen] = L'_';
>- PasswordMask[PasswordLen + 1] = L'\0';
>- LineStr = GetStringById (STRING_TOKEN (STR_DRAW_A_LINE));
>- if (FirstPwd) {
>- QuestionStr = GetStringById (STRING_TOKEN (STR_INPUT_PASSWORD));
>- } else {
>- QuestionStr = GetStringById (STRING_TOKEN
>(STR_INPUT_PASSWORD_AGAIN));
>- }
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- QuestionStr,
>- LineStr,
>- PasswordMask,
>- NULL
>- );
>- FreePool (QuestionStr);
>- FreePool (LineStr);
>-
>- //
>- // Check key stroke
>- //
>- if (Key.ScanCode == SCAN_NULL) {
>- if (Key.UnicodeChar == CHAR_CARRIAGE_RETURN) {
>- break;
>- } else if (Key.UnicodeChar == CHAR_BACKSPACE) {
>- if (PasswordLen > 0) {
>- PasswordLen--;
>- }
>- } else if ((Key.UnicodeChar == CHAR_NULL) ||
>- (Key.UnicodeChar == CHAR_TAB) ||
>- (Key.UnicodeChar == CHAR_LINEFEED)) {
>- continue;
>- } else {
>- Password[PasswordLen] = Key.UnicodeChar;
>- PasswordMask[PasswordLen] = L'*';
>- PasswordLen++;
>- if (PasswordLen == CREDENTIAL_LEN) {
>- break;
>- }
>- }
>- }
>- }
>-
>- PasswordLen = PasswordLen * sizeof (CHAR16);
>- GenerateCredential (Password, PasswordLen, (UINT8 *)Credential);
>-}
>-
>-/**
>- Check whether the password can be found on this provider.
>-
>- @param[in] Password The password to be found.
>-
>- @retval EFI_SUCCESS Found password sucessfully.
>- @retval EFI_NOT_FOUND Fail to find the password.
>-
>-**/
>-EFI_STATUS
>-CheckPassword (
>- IN CHAR8 *Password
>- )
>-{
>- UINTN Index;
>- CHAR8 *Pwd;
>-
>- //
>- // Check password credential.
>- //
>- mPwdTable->ValidIndex = 0;
>- for (Index = 0; Index < mPwdTable->Count; Index++) {
>- Pwd = mPwdTable->UserInfo[Index].Password;
>- if (CompareMem (Pwd, Password, CREDENTIAL_LEN) == 0) {
>- mPwdTable->ValidIndex = Index + 1;
>- return EFI_SUCCESS;
>- }
>- }
>-
>- return EFI_NOT_FOUND;
>-}
>-
>-
>-/**
>- Find a user infomation record by the information record type.
>-
>- This function searches all user information records of User from beginning
>- until either the information is found, or there are no more user infomation
>- records. A match occurs when a Info.InfoType field matches the user
>information
>- record type.
>-
>- @param[in] User Points to the user profile record to search.
>- @param[in] InfoType The infomation type to be searched.
>- @param[out] Info Points to the user info found, the caller is responsible
>- to free.
>-
>- @retval EFI_SUCCESS Find the user information successfully.
>- @retval Others Fail to find the user information.
>-
>-**/
>-EFI_STATUS
>-FindUserInfoByType (
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN UINT8 InfoType,
>- OUT EFI_USER_INFO **Info
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *UserInfo;
>- UINTN UserInfoSize;
>- EFI_USER_INFO_HANDLE UserInfoHandle;
>- EFI_USER_MANAGER_PROTOCOL *UserManager;
>-
>- //
>- // Find user information by information type.
>- //
>- if (Info == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- Status = gBS->LocateProtocol (
>- &gEfiUserManagerProtocolGuid,
>- NULL,
>- (VOID **) &UserManager
>- );
>- if (EFI_ERROR (Status)) {
>- return EFI_NOT_FOUND;
>- }
>-
>- //
>- // Get each user information.
>- //
>-
>- UserInfoHandle = NULL;
>- UserInfo = NULL;
>- UserInfoSize = 0;
>- while (TRUE) {
>- Status = UserManager->GetNextInfo (UserManager, User,
>&UserInfoHandle);
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>- //
>- // Get information.
>- //
>- Status = UserManager->GetInfo (
>- UserManager,
>- User,
>- UserInfoHandle,
>- UserInfo,
>- &UserInfoSize
>- );
>- if (Status == EFI_BUFFER_TOO_SMALL) {
>- if (UserInfo != NULL) {
>- FreePool (UserInfo);
>- }
>- UserInfo = AllocateZeroPool (UserInfoSize);
>- if (UserInfo == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>- Status = UserManager->GetInfo (
>- UserManager,
>- User,
>- UserInfoHandle,
>- UserInfo,
>- &UserInfoSize
>- );
>- }
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>-
>- ASSERT (UserInfo != NULL);
>- if (UserInfo->InfoType == InfoType) {
>- *Info = UserInfo;
>- return EFI_SUCCESS;
>- }
>- }
>-
>- if (UserInfo != NULL) {
>- FreePool (UserInfo);
>- }
>- return Status;
>-}
>-
>-
>-/**
>- This function processes the results of changes in configuration.
>-
>- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
>- @param Action Specifies the type of action taken by the browser.
>- @param QuestionId A unique value which is sent to the original
>- exporting driver so that it can identify the type
>- of data to expect.
>- @param Type The type of value for the question.
>- @param Value A pointer to the data being sent to the original
>- exporting driver.
>- @param ActionRequest On return, points to the action requested by
>the
>- callback function.
>-
>- @retval EFI_SUCCESS The callback successfully handled the action.
>- @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold
>the
>- variable and its data.
>- @retval EFI_DEVICE_ERROR The variable could not be saved.
>- @retval EFI_UNSUPPORTED The specified Action is not supported by the
>- callback.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialDriverCallback (
>- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
>- IN EFI_BROWSER_ACTION Action,
>- IN EFI_QUESTION_ID QuestionId,
>- IN UINT8 Type,
>- IN EFI_IFR_TYPE_VALUE *Value,
>- OUT EFI_BROWSER_ACTION_REQUEST *ActionRequest
>- )
>-{
>- EFI_STATUS Status;
>- EFI_INPUT_KEY Key;
>- CHAR8 Password[CREDENTIAL_LEN];
>- CHAR16 *PromptStr;
>-
>- if (Action == EFI_BROWSER_ACTION_CHANGED) {
>- if (QuestionId == KEY_GET_PASSWORD) {
>- //
>- // Get and check password.
>- //
>- GetPassword (TRUE, Password);
>- Status = CheckPassword (Password);
>- if (EFI_ERROR (Status)) {
>- PromptStr = GetStringById (STRING_TOKEN
>(STR_PASSWORD_INCORRECT));
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- L"",
>- PromptStr,
>- L"",
>- NULL
>- );
>- FreePool (PromptStr);
>- return Status;
>- }
>- *ActionRequest = EFI_BROWSER_ACTION_REQUEST_EXIT;
>- }
>- return EFI_SUCCESS;
>- }
>-
>- //
>- // All other action return unsupported.
>- //
>- return EFI_UNSUPPORTED;
>-}
>-
>-
>-/**
>- This function allows a caller to extract the current configuration for one
>- or more named elements from the target driver.
>-
>-
>- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
>- @param Request A null-terminated Unicode string in <ConfigRequest>
>format.
>- @param Progress On return, points to a character in the Request string.
>- Points to the string's null terminator if request was successful.
>- Points to the most recent '&' before the first failing name/value
>- pair (or the beginning of the string if the failure is in the
>- first name/value pair) if the request was not successful.
>- @param Results A null-terminated Unicode string in <ConfigAltResp>
>format which
>- has all values filled in for the names in the Request string.
>- String to be allocated by the called function.
>-
>- @retval EFI_SUCCESS The Results is filled with the requested values.
>- @retval EFI_OUT_OF_RESOURCES Not enough memory to store the
>results.
>- @retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown
>name.
>- @retval EFI_NOT_FOUND Routing data doesn't match any storage in
>this driver.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-FakeExtractConfig (
>- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
>- IN CONST EFI_STRING Request,
>- OUT EFI_STRING *Progress,
>- OUT EFI_STRING *Results
>- )
>-{
>- if (Progress == NULL || Results == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>- *Progress = Request;
>- return EFI_NOT_FOUND;
>-}
>-
>-/**
>- This function processes the results of changes in configuration.
>-
>-
>- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
>- @param Configuration A null-terminated Unicode string in <ConfigResp>
>format.
>- @param Progress A pointer to a string filled in with the offset of the
>most
>- recent '&' before the first failing name/value pair (or the
>- beginning of the string if the failure is in the first
>- name/value pair) or the terminating NULL if all was successful.
>-
>- @retval EFI_SUCCESS The Results is processed successfully.
>- @retval EFI_INVALID_PARAMETER Configuration is NULL.
>- @retval EFI_NOT_FOUND Routing data doesn't match any storage in
>this driver.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-FakeRouteConfig (
>- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
>- IN CONST EFI_STRING Configuration,
>- OUT EFI_STRING *Progress
>- )
>-{
>- if (Configuration == NULL || Progress == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- *Progress = Configuration;
>-
>- return EFI_NOT_FOUND;
>-}
>-
>-/**
>- This function initialize the data mainly used in form browser.
>-
>- @retval EFI_SUCCESS Initialize form data successfully.
>- @retval Others Fail to Initialize form data.
>-
>-**/
>-EFI_STATUS
>-InitFormBrowser (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- PWD_PROVIDER_CALLBACK_INFO *CallbackInfo;
>-
>- //
>- // Initialize driver private data.
>- //
>- CallbackInfo = AllocateZeroPool (sizeof (PWD_PROVIDER_CALLBACK_INFO));
>- if (CallbackInfo == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- CallbackInfo->Signature = PWD_PROVIDER_SIGNATURE;
>- CallbackInfo->ConfigAccess.ExtractConfig = FakeExtractConfig;
>- CallbackInfo->ConfigAccess.RouteConfig = FakeRouteConfig;
>- CallbackInfo->ConfigAccess.Callback = CredentialDriverCallback;
>- CallbackInfo->DriverHandle = NULL;
>-
>- //
>- // Install Device Path Protocol and Config Access protocol to driver handle.
>- //
>- Status = gBS->InstallMultipleProtocolInterfaces (
>- &CallbackInfo->DriverHandle,
>- &gEfiDevicePathProtocolGuid,
>- &mHiiVendorDevicePath,
>- &gEfiHiiConfigAccessProtocolGuid,
>- &CallbackInfo->ConfigAccess,
>- NULL
>- );
>- ASSERT_EFI_ERROR (Status);
>-
>- //
>- // Publish HII data.
>- //
>- CallbackInfo->HiiHandle = HiiAddPackages (
>- &gPwdCredentialProviderGuid,
>- CallbackInfo->DriverHandle,
>- PwdCredentialProviderStrings,
>- PwdCredentialProviderVfrBin,
>- NULL
>- );
>- if (CallbackInfo->HiiHandle == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>- mCallbackInfo = CallbackInfo;
>-
>- return Status;
>-}
>-
>-
>-/**
>- Enroll a user on a credential provider.
>-
>- This function enrolls a user on this credential provider. If the user exists on
>- this credential provider, update the user information on this credential
>provider;
>- otherwise add the user information on credential provider.
>-
>- @param[in] This Points to this instance of
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] User The user profile to enroll.
>-
>- @retval EFI_SUCCESS User profile was successfully enrolled.
>- @retval EFI_ACCESS_DENIED Current user profile does not permit
>enrollment on the
>- user profile handle. Either the user profile cannot enroll
>- on any user profile or cannot enroll on a user profile
>- other than the current user profile.
>- @retval EFI_UNSUPPORTED This credential provider does not support
>enrollment in
>- the pre-OS.
>- @retval EFI_DEVICE_ERROR The new credential could not be created
>because of a device
>- error.
>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>profile handle.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialEnroll (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User
>- )
>-{
>- EFI_STATUS Status;
>- UINTN Index;
>- PASSWORD_INFO PwdInfo;
>- EFI_USER_INFO *UserInfo;
>- CHAR8 Password[CREDENTIAL_LEN];
>- EFI_INPUT_KEY Key;
>- UINT8 *UserId;
>- CHAR16 *QuestionStr;
>- CHAR16 *PromptStr;
>-
>- if ((This == NULL) || (User == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Get User Identifier.
>- //
>- UserInfo = NULL;
>- Status = FindUserInfoByType (
>- User,
>- EFI_USER_INFO_IDENTIFIER_RECORD,
>- &UserInfo
>- );
>- if (EFI_ERROR (Status)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- CopyMem (PwdInfo.UserId, (UINT8 *) (UserInfo + 1), sizeof
>(EFI_USER_INFO_IDENTIFIER));
>- FreePool (UserInfo);
>-
>- //
>- // Get password from user.
>- //
>- while (TRUE) {
>- //
>- // Input password.
>- //
>- GetPassword (TRUE, PwdInfo.Password);
>-
>- //
>- // Input password again.
>- //
>- GetPassword (FALSE, Password);
>-
>- //
>- // Compare the two password consistency.
>- //
>- if (CompareMem (PwdInfo.Password, Password, CREDENTIAL_LEN) == 0) {
>- break;
>- }
>-
>- QuestionStr = GetStringById (STRING_TOKEN
>(STR_PASSWORD_MISMATCH));
>- PromptStr = GetStringById (STRING_TOKEN
>(STR_INPUT_PASSWORD_AGAIN));
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- QuestionStr,
>- L"",
>- PromptStr,
>- NULL
>- );
>- FreePool (QuestionStr);
>- FreePool (PromptStr);
>- }
>-
>- //
>- // Check whether User is ever enrolled in the provider.
>- //
>- for (Index = 0; Index < mPwdTable->Count; Index++) {
>- UserId = (UINT8 *) &mPwdTable->UserInfo[Index].UserId;
>- if (CompareMem (UserId, (UINT8 *) &PwdInfo.UserId, sizeof
>(EFI_USER_INFO_IDENTIFIER)) == 0) {
>- //
>- // User already exists, update the password.
>- //
>- break;
>- }
>- }
>-
>- //
>- // Enroll the User to the provider.
>- //
>- Status = ModifyTable (Index, &PwdInfo);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Returns the user interface information used during user identification.
>-
>- This function returns information about the form used when interacting
>with the
>- user during user identification. The form is the first enabled form in the
>form-set
>- class EFI_HII_USER_CREDENTIAL_FORMSET_GUID installed on the HII
>handle HiiHandle. If
>- the user credential provider does not require a form to identify the user,
>then this
>- function should return EFI_NOT_FOUND.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] Hii On return, holds the HII database handle.
>- @param[out] FormSetId On return, holds the identifier of the form set
>which contains
>- the form used during user identification.
>- @param[out] FormId On return, holds the identifier of the form used
>during user
>- identification.
>-
>- @retval EFI_SUCCESS Form returned successfully.
>- @retval EFI_NOT_FOUND Form not returned.
>- @retval EFI_INVALID_PARAMETER Hii is NULL or FormSetId is NULL or
>FormId is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialForm (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_HII_HANDLE *Hii,
>- OUT EFI_GUID *FormSetId,
>- OUT EFI_FORM_ID *FormId
>- )
>-{
>- if ((This == NULL) || (Hii == NULL) ||
>- (FormSetId == NULL) || (FormId == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- *Hii = mCallbackInfo->HiiHandle;
>- *FormId = FORMID_GET_PASSWORD_FORM;
>- CopyGuid (FormSetId, &gPwdCredentialProviderGuid);
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Returns bitmap used to describe the credential provider type.
>-
>- This optional function returns a bitmap that is less than or equal to the
>number
>- of pixels specified by Width and Height. If no such bitmap exists, then
>EFI_NOT_FOUND
>- is returned.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in, out] Width On entry, points to the desired bitmap width. If
>NULL then no
>- bitmap information will be returned. On exit, points to the
>- width of the bitmap returned.
>- @param[in, out] Height On entry, points to the desired bitmap height. If
>NULL then no
>- bitmap information will be returned. On exit, points to the
>- height of the bitmap returned
>- @param[out] Hii On return, holds the HII database handle.
>- @param[out] Image On return, holds the HII image identifier.
>-
>- @retval EFI_SUCCESS Image identifier returned successfully.
>- @retval EFI_NOT_FOUND Image identifier not returned.
>- @retval EFI_INVALID_PARAMETER Hii is NULL or Image is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialTile (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN OUT UINTN *Width,
>- IN OUT UINTN *Height,
>- OUT EFI_HII_HANDLE *Hii,
>- OUT EFI_IMAGE_ID *Image
>- )
>-{
>- if ((This == NULL) || (Hii == NULL) || (Image == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>- return EFI_NOT_FOUND;
>-}
>-
>-
>-/**
>- Returns string used to describe the credential provider type.
>-
>- This function returns a string which describes the credential provider. If no
>- such string exists, then EFI_NOT_FOUND is returned.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] Hii On return, holds the HII database handle.
>- @param[out] String On return, holds the HII string identifier.
>-
>- @retval EFI_SUCCESS String identifier returned successfully.
>- @retval EFI_NOT_FOUND String identifier not returned.
>- @retval EFI_INVALID_PARAMETER Hii is NULL or String is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialTitle (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_HII_HANDLE *Hii,
>- OUT EFI_STRING_ID *String
>- )
>-{
>- if ((This == NULL) || (Hii == NULL) || (String == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Set Hii handle and String ID.
>- //
>- *Hii = mCallbackInfo->HiiHandle;
>- *String = STRING_TOKEN (STR_CREDENTIAL_TITLE);
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Return the user identifier associated with the currently authenticated user.
>-
>- This function returns the user identifier of the user authenticated by this
>credential
>- provider. This function is called after the credential-related information has
>been
>- submitted on a form, OR after a call to Default() has returned that this
>credential is
>- ready to log on.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] User The user profile handle of the user profile currently
>being
>- considered by the user identity manager. If NULL, then no user
>- profile is currently under consideration.
>- @param[out] Identifier On return, points to the user identifier.
>-
>- @retval EFI_SUCCESS User identifier returned successfully.
>- @retval EFI_NOT_READY No user identifier can be returned.
>- @retval EFI_ACCESS_DENIED The user has been locked out of this user
>credential.
>- @retval EFI_INVALID_PARAMETER This is NULL, or Identifier is NULL.
>- @retval EFI_NOT_FOUND User is not NULL, and the specified user
>handle can't be
>- found in user profile database
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialUser (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User,
>- OUT EFI_USER_INFO_IDENTIFIER *Identifier
>- )
>-{
>- EFI_STATUS Status;
>- UINTN Index;
>- EFI_USER_INFO *UserInfo;
>- UINT8 *UserId;
>- UINT8 *NewUserId;
>- CHAR8 *Pwd;
>- CHAR8 *NewPwd;
>-
>- if ((This == NULL) || (Identifier == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if (mPwdTable->ValidIndex == 0) {
>- //
>- // No password input, or the input password doesn't match
>- // anyone in PwdTable.
>- //
>- return EFI_NOT_READY;
>- }
>-
>- if (User == NULL) {
>- //
>- // Return the user ID whose password matches the input password.
>- //
>- CopyMem (
>- Identifier,
>- &mPwdTable->UserInfo[mPwdTable->ValidIndex - 1].UserId,
>- sizeof (EFI_USER_INFO_IDENTIFIER)
>- );
>- return EFI_SUCCESS;
>- }
>-
>- //
>- // Get the User's ID.
>- //
>- Status = FindUserInfoByType (
>- User,
>- EFI_USER_INFO_IDENTIFIER_RECORD,
>- &UserInfo
>- );
>- if (EFI_ERROR (Status)) {
>- return EFI_NOT_FOUND;
>- }
>-
>- //
>- // Check whether the input password matches one in PwdTable.
>- //
>- for (Index = 0; Index < mPwdTable->Count; Index++) {
>- UserId = (UINT8 *) &mPwdTable->UserInfo[Index].UserId;
>- NewUserId = (UINT8 *) (UserInfo + 1);
>- if (CompareMem (UserId, NewUserId, sizeof (EFI_USER_INFO_IDENTIFIER))
>== 0) {
>- Pwd = mPwdTable->UserInfo[Index].Password;
>- NewPwd = mPwdTable->UserInfo[mPwdTable->ValidIndex - 1].Password;
>- if (CompareMem (Pwd, NewPwd, CREDENTIAL_LEN) == 0) {
>- CopyMem (Identifier, UserId, sizeof (EFI_USER_INFO_IDENTIFIER));
>- FreePool (UserInfo);
>- return EFI_SUCCESS;
>- }
>- }
>- }
>-
>- FreePool (UserInfo);
>- return EFI_NOT_READY;
>-}
>-
>-
>-/**
>- Indicate that user interface interaction has begun for the specified
>credential.
>-
>- This function is called when a credential provider is selected by the user. If
>- AutoLogon returns FALSE, then the user interface will be constructed by the
>User
>- Identity Manager.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] AutoLogon On return, points to the credential provider's
>capabilities
>- after the credential provider has been selected by the user.
>-
>- @retval EFI_SUCCESS Credential provider successfully selected.
>- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialSelect (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
>- )
>-{
>- if ((This == NULL) || (AutoLogon == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>- *AutoLogon = 0;
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Indicate that user interface interaction has ended for the specified
>credential.
>-
>- This function is called when a credential provider is deselected by the user.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>-
>- @retval EFI_SUCCESS Credential provider successfully deselected.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialDeselect (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This
>- )
>-{
>- if (This == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Return the default logon behavior for this user credential.
>-
>- This function reports the default login behavior regarding this credential
>provider.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] AutoLogon On return, holds whether the credential provider
>should be used
>- by default to automatically log on the user.
>-
>- @retval EFI_SUCCESS Default information successfully returned.
>- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialDefault (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
>- )
>-{
>- if ((This == NULL) || (AutoLogon == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>- *AutoLogon = 0;
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Return information attached to the credential provider.
>-
>- This function returns user information.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] UserInfo Handle of the user information data record.
>- @param[out] Info On entry, points to a buffer of at least *InfoSize
>bytes. On
>- exit, holds the user information. If the buffer is too small
>- to hold the information, then EFI_BUFFER_TOO_SMALL is
>returned
>- and InfoSize is updated to contain the number of bytes
>actually
>- required.
>- @param[in, out] InfoSize On entry, points to the size of Info. On return,
>points to the
>- size of the user information.
>-
>- @retval EFI_SUCCESS Information returned successfully.
>- @retval EFI_BUFFER_TOO_SMALL The size specified by InfoSize is too small
>to hold all of the
>- user information. The size required is returned in *InfoSize.
>- @retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
>- @retval EFI_NOT_FOUND The specified UserInfo does not refer to a
>valid user info handle.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialGetInfo (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_INFO_HANDLE UserInfo,
>- OUT EFI_USER_INFO *Info,
>- IN OUT UINTN *InfoSize
>- )
>-{
>- EFI_USER_INFO *CredentialInfo;
>- UINTN Index;
>-
>- if ((This == NULL) || (InfoSize == NULL) || (Info == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if ((UserInfo == NULL) || (mPwdInfoHandle == NULL)) {
>- return EFI_NOT_FOUND;
>- }
>-
>- //
>- // Find information handle in credential info table.
>- //
>- for (Index = 0; Index < mPwdInfoHandle->Count; Index++) {
>- CredentialInfo = mPwdInfoHandle->Info[Index];
>- if (UserInfo == (EFI_USER_INFO_HANDLE)CredentialInfo) {
>- //
>- // The handle is found, copy the user info.
>- //
>- if (CredentialInfo->InfoSize > *InfoSize) {
>- *InfoSize = CredentialInfo->InfoSize;
>- return EFI_BUFFER_TOO_SMALL;
>- }
>- CopyMem (Info, CredentialInfo, CredentialInfo->InfoSize);
>- return EFI_SUCCESS;
>- }
>- }
>-
>- return EFI_NOT_FOUND;
>-}
>-
>-
>-/**
>- Enumerate all of the user informations on the credential provider.
>-
>- This function returns the next user information record. To retrieve the first
>user
>- information record handle, point UserInfo at a NULL. Each subsequent call
>will retrieve
>- another user information record handle until there are no more, at which
>point UserInfo
>- will point to NULL.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in, out] UserInfo On entry, points to the previous user information
>handle or NULL
>- to start enumeration. On exit, points to the next user
>information
>- handle or NULL if there is no more user information.
>-
>- @retval EFI_SUCCESS User information returned.
>- @retval EFI_NOT_FOUND No more user information found.
>- @retval EFI_INVALID_PARAMETER UserInfo is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialGetNextInfo (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN OUT EFI_USER_INFO_HANDLE *UserInfo
>- )
>-{
>- EFI_USER_INFO *Info;
>- CHAR16 *ProvNameStr;
>- UINTN InfoLen;
>- UINTN Index;
>- UINTN ProvStrLen;
>-
>- if ((This == NULL) || (UserInfo == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if (mPwdInfoHandle == NULL) {
>- //
>- // Initilized user info table. There are 4 user info records in the table.
>- //
>- InfoLen = sizeof (PASSWORD_CREDENTIAL_INFO) + (4 - 1) * sizeof
>(EFI_USER_INFO *);
>- mPwdInfoHandle = AllocateZeroPool (InfoLen);
>- if (mPwdInfoHandle == NULL) {
>- *UserInfo = NULL;
>- return EFI_NOT_FOUND;
>- }
>-
>- //
>- // The first information, Credential Provider info.
>- //
>- InfoLen = sizeof (EFI_USER_INFO) + sizeof (EFI_GUID);
>- Info = AllocateZeroPool (InfoLen);
>- ASSERT (Info != NULL);
>-
>- Info->InfoType = EFI_USER_INFO_CREDENTIAL_PROVIDER_RECORD;
>- Info->InfoSize = (UINT32) InfoLen;
>- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
>- CopyGuid (&Info->Credential, &gPwdCredentialProviderGuid);
>- CopyGuid ((EFI_GUID *)(Info + 1), &gPwdCredentialProviderGuid);
>-
>- mPwdInfoHandle->Info[0] = Info;
>- mPwdInfoHandle->Count++;
>-
>- //
>- // The second information, Credential Provider name info.
>- //
>- ProvNameStr = GetStringById (STRING_TOKEN (STR_PROVIDER_NAME));
>- ProvStrLen = StrSize (ProvNameStr);
>- InfoLen = sizeof (EFI_USER_INFO) + ProvStrLen;
>- Info = AllocateZeroPool (InfoLen);
>- ASSERT (Info != NULL);
>-
>- Info->InfoType =
>EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD;
>- Info->InfoSize = (UINT32) InfoLen;
>- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
>- CopyGuid (&Info->Credential, &gPwdCredentialProviderGuid);
>- CopyMem ((UINT8*)(Info + 1), ProvNameStr, ProvStrLen);
>- FreePool (ProvNameStr);
>-
>- mPwdInfoHandle->Info[1] = Info;
>- mPwdInfoHandle->Count++;
>-
>- //
>- // The third information, Credential Provider type info.
>- //
>- InfoLen = sizeof (EFI_USER_INFO) + sizeof (EFI_GUID);
>- Info = AllocateZeroPool (InfoLen);
>- ASSERT (Info != NULL);
>-
>- Info->InfoType = EFI_USER_INFO_CREDENTIAL_TYPE_RECORD;
>- Info->InfoSize = (UINT32) InfoLen;
>- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
>- CopyGuid (&Info->Credential, &gPwdCredentialProviderGuid);
>- CopyGuid ((EFI_GUID *)(Info + 1), &gEfiUserCredentialClassPasswordGuid);
>-
>- mPwdInfoHandle->Info[2] = Info;
>- mPwdInfoHandle->Count++;
>-
>- //
>- // The fourth information, Credential Provider type name info.
>- //
>- ProvNameStr = GetStringById (STRING_TOKEN
>(STR_PROVIDER_TYPE_NAME));
>- ProvStrLen = StrSize (ProvNameStr);
>- InfoLen = sizeof (EFI_USER_INFO) + ProvStrLen;
>- Info = AllocateZeroPool (InfoLen);
>- ASSERT (Info != NULL);
>-
>- Info->InfoType =
>EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD;
>- Info->InfoSize = (UINT32) InfoLen;
>- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
>- CopyGuid (&Info->Credential, &gPwdCredentialProviderGuid);
>- CopyMem ((UINT8*)(Info + 1), ProvNameStr, ProvStrLen);
>- FreePool (ProvNameStr);
>-
>- mPwdInfoHandle->Info[3] = Info;
>- mPwdInfoHandle->Count++;
>- }
>-
>- if (*UserInfo == NULL) {
>- //
>- // Return the first info handle.
>- //
>- *UserInfo = (EFI_USER_INFO_HANDLE) mPwdInfoHandle->Info[0];
>- return EFI_SUCCESS;
>- }
>-
>- //
>- // Find information handle in credential info table.
>- //
>- for (Index = 0; Index < mPwdInfoHandle->Count; Index++) {
>- Info = mPwdInfoHandle->Info[Index];
>- if (*UserInfo == (EFI_USER_INFO_HANDLE)Info) {
>- //
>- // The handle is found, get the next one.
>- //
>- if (Index == mPwdInfoHandle->Count - 1) {
>- //
>- // Already last one.
>- //
>- *UserInfo = NULL;
>- return EFI_NOT_FOUND;
>- }
>-
>- Index++;
>- *UserInfo = (EFI_USER_INFO_HANDLE)mPwdInfoHandle->Info[Index];
>- return EFI_SUCCESS;
>- }
>- }
>-
>- *UserInfo = NULL;
>- return EFI_NOT_FOUND;
>-}
>-
>-/**
>- Delete a user on this credential provider.
>-
>- This function deletes a user on this credential provider.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] User The user profile handle to delete.
>-
>- @retval EFI_SUCCESS User profile was successfully deleted.
>- @retval EFI_ACCESS_DENIED Current user profile does not permit
>deletion on the user profile handle.
>- Either the user profile cannot delete on any user profile or
>cannot delete
>- on a user profile other than the current user profile.
>- @retval EFI_UNSUPPORTED This credential provider does not support
>deletion in the pre-OS.
>- @retval EFI_DEVICE_ERROR The new credential could not be deleted
>because of a device error.
>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>profile handle.
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialDelete (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *UserInfo;
>- UINT8 *UserId;
>- UINT8 *NewUserId;
>- UINTN Index;
>-
>- if ((This == NULL) || (User == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Get User Identifier.
>- //
>- UserInfo = NULL;
>- Status = FindUserInfoByType (
>- User,
>- EFI_USER_INFO_IDENTIFIER_RECORD,
>- &UserInfo
>- );
>- if (EFI_ERROR (Status)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Find the user by user identifier in mPwdTable.
>- //
>- for (Index = 0; Index < mPwdTable->Count; Index++) {
>- UserId = (UINT8 *) &mPwdTable->UserInfo[Index].UserId;
>- NewUserId = (UINT8 *) (UserInfo + 1);
>- if (CompareMem (UserId, NewUserId, sizeof (EFI_USER_INFO_IDENTIFIER))
>== 0) {
>- //
>- // Found the user, delete it.
>- //
>- ModifyTable (Index, NULL);
>- break;
>- }
>- }
>-
>- FreePool (UserInfo);
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Main entry for this driver.
>-
>- @param ImageHandle Image handle this driver.
>- @param SystemTable Pointer to SystemTable.
>-
>- @retval EFI_SUCESS This function always complete successfully.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-PasswordProviderInit (
>- IN EFI_HANDLE ImageHandle,
>- IN EFI_SYSTEM_TABLE *SystemTable
>- )
>-{
>- EFI_STATUS Status;
>-
>- //
>- // It is NOT robust enough to be included in production.
>- //
>- #error "This implementation is just a sample, please comment this line if you
>really want to use this driver."
>-
>- //
>- // Init credential table.
>- //
>- Status = InitCredentialTable ();
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Init Form Browser.
>- //
>- Status = InitFormBrowser ();
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Install protocol interfaces for the password credential provider.
>- //
>- Status = gBS->InstallProtocolInterface (
>- &mCallbackInfo->DriverHandle,
>- &gEfiUserCredential2ProtocolGuid,
>- EFI_NATIVE_INTERFACE,
>- &gPwdCredentialProviderDriver
>- );
>- return Status;
>-}
>diff --git
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>rovider.h
>b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>Provider.h
>deleted file mode 100644
>index fd782549fd..0000000000
>---
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>rovider.h
>+++ /dev/null
>@@ -1,374 +0,0 @@
>-/** @file
>- Password Credential Provider driver header file.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#ifndef _PASSWORD_CREDENTIAL_PROVIDER_H_
>-#define _PASSWORD_CREDENTIAL_PROVIDER_H_
>-
>-#include <Uefi.h>
>-
>-#include <Guid/GlobalVariable.h>
>-
>-#include <Protocol/HiiConfigAccess.h>
>-#include <Protocol/UserCredential2.h>
>-#include <Protocol/UserManager.h>
>-
>-#include <Library/UefiRuntimeServicesTableLib.h>
>-#include <Library/UefiBootServicesTableLib.h>
>-#include <Library/MemoryAllocationLib.h>
>-#include <Library/BaseMemoryLib.h>
>-#include <Library/DevicePathLib.h>
>-#include <Library/DebugLib.h>
>-#include <Library/UefiLib.h>
>-#include <Library/PrintLib.h>
>-#include <Library/HiiLib.h>
>-#include <Library/BaseCryptLib.h>
>-
>-#include "PwdCredentialProviderData.h"
>-
>-extern UINT8 PwdCredentialProviderStrings[];
>-extern UINT8 PwdCredentialProviderVfrBin[];
>-
>-#define PASSWORD_TABLE_INC 16
>-#define CREDENTIAL_LEN 20
>-
>-//
>-// Password credential information.
>-//
>-typedef struct {
>- EFI_USER_INFO_IDENTIFIER UserId;
>- CHAR8 Password[CREDENTIAL_LEN];
>-} PASSWORD_INFO;
>-
>-//
>-// Password credential table.
>-//
>-typedef struct {
>- UINTN Count;
>- UINTN MaxCount;
>- UINTN ValidIndex;
>- PASSWORD_INFO UserInfo[1];
>-} CREDENTIAL_TABLE;
>-
>-//
>-// The user information on the password provider.
>-//
>-typedef struct {
>- UINTN Count;
>- EFI_USER_INFO *Info[1];
>-} PASSWORD_CREDENTIAL_INFO;
>-
>-///
>-/// HII specific Vendor Device Path definition.
>-///
>-typedef struct {
>- VENDOR_DEVICE_PATH VendorDevicePath;
>- EFI_DEVICE_PATH_PROTOCOL End;
>-} HII_VENDOR_DEVICE_PATH;
>-
>-#define PWD_PROVIDER_SIGNATURE SIGNATURE_32 ('P', 'W', 'D', 'P')
>-
>-typedef struct {
>- UINTN Signature;
>- EFI_HANDLE DriverHandle;
>- EFI_HII_HANDLE HiiHandle;
>- //
>- // Produced protocol.
>- //
>- EFI_HII_CONFIG_ACCESS_PROTOCOL ConfigAccess;
>-} PWD_PROVIDER_CALLBACK_INFO;
>-
>-
>-/**
>- Enroll a user on a credential provider.
>-
>- This function enrolls a user on this credential provider. If the user exists on
>- this credential provider, update the user information on this credential
>provider;
>- otherwise delete the user information on credential provider.
>-
>- @param[in] This Points to this instance of
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] User The user profile to enroll.
>-
>- @retval EFI_SUCCESS User profile was successfully enrolled.
>- @retval EFI_ACCESS_DENIED Current user profile does not permit
>enrollment on the
>- user profile handle. Either the user profile cannot enroll
>- on any user profile or cannot enroll on a user profile
>- other than the current user profile.
>- @retval EFI_UNSUPPORTED This credential provider does not support
>enrollment in
>- the pre-OS.
>- @retval EFI_DEVICE_ERROR The new credential could not be created
>because of a device
>- error.
>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>profile handle.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialEnroll (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User
>- );
>-
>-/**
>- Returns the user interface information used during user identification.
>-
>- This function returns information about the form used when interacting
>with the
>- user during user identification. The form is the first enabled form in the
>form-set
>- class EFI_HII_USER_CREDENTIAL_FORMSET_GUID installed on the HII
>handle HiiHandle. If
>- the user credential provider does not require a form to identify the user,
>then this
>- function should return EFI_NOT_FOUND.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] Hii On return, holds the HII database handle.
>- @param[out] FormSetId On return, holds the identifier of the form set
>which contains
>- the form used during user identification.
>- @param[out] FormId On return, holds the identifier of the form used
>during user
>- identification.
>-
>- @retval EFI_SUCCESS Form returned successfully.
>- @retval EFI_NOT_FOUND Form not returned.
>- @retval EFI_INVALID_PARAMETER Hii is NULL or FormSetId is NULL or
>FormId is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialForm (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_HII_HANDLE *Hii,
>- OUT EFI_GUID *FormSetId,
>- OUT EFI_FORM_ID *FormId
>- );
>-
>-/**
>- Returns bitmap used to describe the credential provider type.
>-
>- This optional function returns a bitmap which is less than or equal to the
>number
>- of pixels specified by Width and Height. If no such bitmap exists, then
>EFI_NOT_FOUND
>- is returned.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in, out] Width On entry, points to the desired bitmap width. If
>NULL then no
>- bitmap information will be returned. On exit, points to the
>- width of the bitmap returned.
>- @param[in, out] Height On entry, points to the desired bitmap height. If
>NULL then no
>- bitmap information will be returned. On exit, points to the
>- height of the bitmap returned
>- @param[out] Hii On return, holds the HII database handle.
>- @param[out] Image On return, holds the HII image identifier.
>-
>- @retval EFI_SUCCESS Image identifier returned successfully.
>- @retval EFI_NOT_FOUND Image identifier not returned.
>- @retval EFI_INVALID_PARAMETER Hii is NULL or Image is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialTile (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN OUT UINTN *Width,
>- IN OUT UINTN *Height,
>- OUT EFI_HII_HANDLE *Hii,
>- OUT EFI_IMAGE_ID *Image
>- );
>-
>-/**
>- Returns string used to describe the credential provider type.
>-
>- This function returns a string which describes the credential provider. If no
>- such string exists, then EFI_NOT_FOUND is returned.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] Hii On return, holds the HII database handle.
>- @param[out] String On return, holds the HII string identifier.
>-
>- @retval EFI_SUCCESS String identifier returned successfully.
>- @retval EFI_NOT_FOUND String identifier not returned.
>- @retval EFI_INVALID_PARAMETER Hii is NULL or String is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialTitle (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_HII_HANDLE *Hii,
>- OUT EFI_STRING_ID *String
>- );
>-
>-/**
>- Return the user identifier associated with the currently authenticated user.
>-
>- This function returns the user identifier of the user authenticated by this
>credential
>- provider. This function is called after the credential-related information has
>been
>- submitted on a form OR after a call to Default() has returned that this
>credential is
>- ready to log on.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] User The user profile handle of the user profile currently
>being
>- considered by the user identity manager. If NULL, then no user
>- profile is currently under consideration.
>- @param[out] Identifier On return, points to the user identifier.
>-
>- @retval EFI_SUCCESS User identifier returned successfully.
>- @retval EFI_NOT_READY No user identifier can be returned.
>- @retval EFI_ACCESS_DENIED The user has been locked out of this user
>credential.
>- @retval EFI_INVALID_PARAMETER This is NULL, or Identifier is NULL.
>- @retval EFI_NOT_FOUND User is not NULL, and the specified user
>handle can't be
>- found in user profile database
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialUser (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User,
>- OUT EFI_USER_INFO_IDENTIFIER *Identifier
>- );
>-
>-/**
>- Indicate that user interface interaction has begun for the specified
>credential.
>-
>- This function is called when a credential provider is selected by the user. If
>- AutoLogon returns FALSE, then the user interface will be constructed by the
>User
>- Identity Manager.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] AutoLogon On return, points to the credential provider's
>capabilities
>- after the credential provider has been selected by the user.
>-
>- @retval EFI_SUCCESS Credential provider successfully selected.
>- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialSelect (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
>- );
>-
>-/**
>- Indicate that user interface interaction has ended for the specified
>credential.
>-
>- This function is called when a credential provider is deselected by the user.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>-
>- @retval EFI_SUCCESS Credential provider successfully deselected.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialDeselect (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This
>- );
>-
>-/**
>- Return the default logon behavior for this user credential.
>-
>- This function reports the default login behavior regarding this credential
>provider.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] AutoLogon On return, holds whether the credential provider
>should be used
>- by default to automatically log on the user.
>-
>- @retval EFI_SUCCESS Default information successfully returned.
>- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialDefault (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
>- );
>-
>-/**
>- Return information attached to the credential provider.
>-
>- This function returns user information.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] UserInfo Handle of the user information data record.
>- @param[out] Info On entry, points to a buffer of at least *InfoSize
>bytes. On
>- exit, holds the user information. If the buffer is too small
>- to hold the information, then EFI_BUFFER_TOO_SMALL is
>returned
>- and InfoSize is updated to contain the number of bytes
>actually
>- required.
>- @param[in, out] InfoSize On entry, points to the size of Info. On return,
>points to the
>- size of the user information.
>-
>- @retval EFI_SUCCESS Information returned successfully.
>- @retval EFI_BUFFER_TOO_SMALL The size specified by InfoSize is too small
>to hold all of the
>- user information. The size required is returned in *InfoSize.
>- @retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
>- @retval EFI_NOT_FOUND The specified UserInfo does not refer to a
>valid user info handle.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialGetInfo (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_INFO_HANDLE UserInfo,
>- OUT EFI_USER_INFO *Info,
>- IN OUT UINTN *InfoSize
>- );
>-
>-
>-/**
>- Enumerate all of the user informations on the credential provider.
>-
>- This function returns the next user information record. To retrieve the first
>user
>- information record handle, point UserInfo at a NULL. Each subsequent call
>will retrieve
>- another user information record handle until there are no more, at which
>point UserInfo
>- will point to NULL.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in, out] UserInfo On entry, points to the previous user information
>handle or NULL
>- to start enumeration. On exit, points to the next user
>information
>- handle or NULL if there is no more user information.
>-
>- @retval EFI_SUCCESS User information returned.
>- @retval EFI_NOT_FOUND No more user information found.
>- @retval EFI_INVALID_PARAMETER UserInfo is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialGetNextInfo (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN OUT EFI_USER_INFO_HANDLE *UserInfo
>- );
>-
>-/**
>- Delete a user on this credential provider.
>-
>- This function deletes a user on this credential provider.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] User The user profile handle to delete.
>-
>- @retval EFI_SUCCESS User profile was successfully deleted.
>- @retval EFI_ACCESS_DENIED Current user profile does not permit
>deletion on the user profile handle.
>- Either the user profile cannot delete on any user profile or
>cannot delete
>- on a user profile other than the current user profile.
>- @retval EFI_UNSUPPORTED This credential provider does not support
>deletion in the pre-OS.
>- @retval EFI_DEVICE_ERROR The new credential could not be deleted
>because of a device error.
>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>profile handle.
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialDelete (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User
>- );
>-
>-#endif
>diff --git
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>rovider.uni
>b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>Provider.uni
>deleted file mode 100644
>index 749e9a8f17..0000000000
>---
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>rovider.uni
>+++ /dev/null
>@@ -1,21 +0,0 @@
>-// /** @file
>-// Provides a password credential provider implementation
>-//
>-// This module provides a password credential provider implementation.
>-//
>-// Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
>-//
>-// This program and the accompanying materials
>-// are licensed and made available under the terms and conditions of the BSD
>License
>-// which accompanies this distribution. The full text of the license may be
>found at
>-// http://opensource.org/licenses/bsd-license.php
>-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-//
>-// **/
>-
>-
>-#string STR_MODULE_ABSTRACT #language en-US "Provides a
>password credential provider implementation"
>-
>-#string STR_MODULE_DESCRIPTION #language en-US "This module
>provides a password credential provider implementation."
>-
>diff --git
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>roviderData.h
>b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>ProviderData.h
>deleted file mode 100644
>index 31bdfe4c50..0000000000
>---
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>roviderData.h
>+++ /dev/null
>@@ -1,30 +0,0 @@
>-/** @file
>- Data structure used by the Password Credential Provider driver.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#ifndef _PWD_CREDENTIAL_PROVIDER_DATA_H_
>-#define _PWD_CREDENTIAL_PROVIDER_DATA_H_
>-
>-#include <Guid/PwdCredentialProviderHii.h>
>-
>-//
>-// Forms definition
>-//
>-#define FORMID_GET_PASSWORD_FORM 1
>-
>-//
>-// Key defination
>-//
>-#define KEY_GET_PASSWORD 0x1000
>-
>-#endif
>diff --git
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>roviderDxe.inf
>b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>ProviderDxe.inf
>deleted file mode 100644
>index ab7ba2c913..0000000000
>---
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>roviderDxe.inf
>+++ /dev/null
>@@ -1,65 +0,0 @@
>-## @file
>-# Provides a password credential provider implementation
>-# This module provides a password credential provider implementation.
>-#
>-# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-# This program and the accompanying materials
>-# are licensed and made available under the terms and conditions of the BSD
>License
>-# which accompanies this distribution. The full text of the license may be
>found at
>-# http://opensource.org/licenses/bsd-license.php
>-# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>-# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-#
>-##
>-
>-[Defines]
>- INF_VERSION = 0x00010005
>- BASE_NAME = PwdCredentialProvider
>- MODULE_UNI_FILE = PwdCredentialProvider.uni
>- FILE_GUID = D6C589EA-DD29-49ef-97F6-1A9FE19A04E0
>- MODULE_TYPE = UEFI_DRIVER
>- VERSION_STRING = 1.0
>- ENTRY_POINT = PasswordProviderInit
>-
>-[Sources]
>- PwdCredentialProvider.c
>- PwdCredentialProvider.h
>- PwdCredentialProviderData.h
>- PwdCredentialProviderVfr.Vfr
>- PwdCredentialProviderStrings.uni
>-
>-[Packages]
>- MdePkg/MdePkg.dec
>- MdeModulePkg/MdeModulePkg.dec
>- CryptoPkg/CryptoPkg.dec
>- SecurityPkg/SecurityPkg.dec
>-
>-[LibraryClasses]
>- UefiRuntimeServicesTableLib
>- UefiBootServicesTableLib
>- UefiDriverEntryPoint
>- MemoryAllocationLib
>- BaseMemoryLib
>- DebugLib
>- HiiLib
>- UefiLib
>- BaseCryptLib
>-
>-[Guids]
>- gEfiUserCredentialClassPasswordGuid ## SOMETIMES_CONSUMES
>## GUID
>-
>- ## PRODUCES ## Variable:L"PwdCredential"
>- ## CONSUMES ## Variable:L"PwdCredential"
>- ## CONSUMES ## HII
>- ## SOMETIMES_CONSUMES ## GUID # The credential provider
>identifier
>- gPwdCredentialProviderGuid
>-
>-[Protocols]
>- gEfiDevicePathProtocolGuid ## PRODUCES
>- gEfiHiiConfigAccessProtocolGuid ## PRODUCES
>- gEfiUserCredential2ProtocolGuid ## PRODUCES
>- gEfiUserManagerProtocolGuid ## SOMETIMES_CONSUMES
>-
>-[UserExtensions.TianoCore."ExtraFiles"]
>- PwdCredentialProviderExtra.uni
>-
>diff --git
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>roviderExtra.uni
>b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>ProviderExtra.uni
>deleted file mode 100644
>index bcc220a51d..0000000000
>---
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>roviderExtra.uni
>+++ /dev/null
>@@ -1,19 +0,0 @@
>-// /** @file
>-// PwdCredentialProvider Localized Strings and Content
>-//
>-// Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
>-//
>-// This program and the accompanying materials
>-// are licensed and made available under the terms and conditions of the BSD
>License
>-// which accompanies this distribution. The full text of the license may be
>found at
>-// http://opensource.org/licenses/bsd-license.php
>-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-//
>-// **/
>-
>-#string STR_PROPERTIES_MODULE_NAME
>-#language en-US
>-"Password Credential Provider"
>-
>-
>diff --git
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>roviderStrings.uni
>b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>ProviderStrings.uni
>deleted file mode 100644
>index e7b3126f83..0000000000
>---
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>roviderStrings.uni
>+++ /dev/null
>@@ -1,38 +0,0 @@
>-/** @file
>- String definitions for the Password Credential Provider.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php.
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#langdef en-US "English"
>-#langdef fr-FR "Francais"
>-
>-#string STR_CREDENTIAL_TITLE #language en-US "Password
>Credential Provider"
>- #language fr-FR "Password Credential Provider
>(French)"
>-#string STR_FORM_TITLE #language en-US "Get Password"
>- #language fr-FR "Get Password(French)"
>-#string STR_NULL_STRING #language en-US ""
>- #language fr-FR ""
>-#string STR_INPUT_PASSWORD #language en-US "Please Input
>Password"
>- #language fr-FR "Please Input Password(French)"
>-#string STR_PROVIDER_NAME #language en-US "INTEL
>Password Credential Provider"
>- #language fr-FR "INTEL Password Credential
>Provider(French)"
>-#string STR_PROVIDER_TYPE_NAME #language en-US "Password
>Credential Provider"
>- #language fr-FR "Password Credential
>Provider(French)"
>-#string STR_INPUT_PASSWORD_AGAIN #language en-US "Input
>Password Again"
>- #language fr-FR "Input Password Again (French)"
>-#string STR_DRAW_A_LINE #language en-US "---------------------
>--------"
>- #language fr-FR "------------------------------------"
>-#string STR_PASSWORD_INCORRECT #language en-US " Incorrect
>Password! "
>- #language fr-FR " Incorrect Password! (French) "
>-#string STR_PASSWORD_MISMATCH #language en-US " The
>Password Mismatch! "
>- #language fr-FR " The Password Mismatch! (French)
>"
>-
>diff --git
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>roviderVfr.Vfr
>b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>ProviderVfr.Vfr
>deleted file mode 100644
>index 60972203b0..0000000000
>---
>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialP
>roviderVfr.Vfr
>+++ /dev/null
>@@ -1,34 +0,0 @@
>-/** @file
>- Password Credential Provider formset.
>-
>-Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#include "PwdCredentialProviderData.h"
>-
>-formset
>- guid = PWD_CREDENTIAL_PROVIDER_GUID,
>- title = STRING_TOKEN(STR_CREDENTIAL_TITLE),
>- help = STRING_TOKEN(STR_NULL_STRING),
>- classguid = PWD_CREDENTIAL_PROVIDER_GUID,
>-
>- form formid = FORMID_GET_PASSWORD_FORM,
>- title = STRING_TOKEN(STR_FORM_TITLE);
>-
>- text
>- help = STRING_TOKEN(STR_NULL_STRING),
>- text = STRING_TOKEN(STR_INPUT_PASSWORD),
>- flags = INTERACTIVE,
>- key = KEY_GET_PASSWORD;
>-
>- endform;
>-
>-endformset;
>\ No newline at end of file
>diff --git
>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>ovider.c
>b/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>ovider.c
>deleted file mode 100644
>index 841e975103..0000000000
>---
>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>ovider.c
>+++ /dev/null
>@@ -1,1410 +0,0 @@
>-/** @file
>- Usb Credential Provider driver implemenetation.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#include "UsbCredentialProvider.h"
>-
>-CREDENTIAL_TABLE *mUsbTable = NULL;
>-USB_PROVIDER_CALLBACK_INFO *mCallbackInfo = NULL;
>-USB_CREDENTIAL_INFO *mUsbInfoHandle = NULL;
>-
>-EFI_USER_CREDENTIAL2_PROTOCOL gUsbCredentialProviderDriver = {
>- USB_CREDENTIAL_PROVIDER_GUID,
>- EFI_USER_CREDENTIAL_CLASS_SECURE_CARD,
>- CredentialEnroll,
>- CredentialForm,
>- CredentialTile,
>- CredentialTitle,
>- CredentialUser,
>- CredentialSelect,
>- CredentialDeselect,
>- CredentialDefault,
>- CredentialGetInfo,
>- CredentialGetNextInfo,
>- EFI_CREDENTIAL_CAPABILITIES_ENROLL,
>- CredentialDelete
>-};
>-
>-
>-/**
>- Get string by string id from HII Interface.
>-
>-
>- @param[in] Id String ID to get the string from.
>-
>- @retval CHAR16 * String from ID.
>- @retval NULL If error occurs.
>-
>-**/
>-CHAR16 *
>-GetStringById (
>- IN EFI_STRING_ID Id
>- )
>-{
>- //
>- // Get the current string for the current Language
>- //
>- return HiiGetString (mCallbackInfo->HiiHandle, Id, NULL);
>-}
>-
>-
>-/**
>- Expand password table size.
>-
>-**/
>-VOID
>-ExpandTableSize (
>- VOID
>- )
>-{
>- CREDENTIAL_TABLE *NewTable;
>- UINTN Count;
>-
>- Count = mUsbTable->MaxCount + USB_TABLE_INC;
>- //
>- // Create new credential table.
>- //
>- NewTable = AllocateZeroPool (
>- sizeof (CREDENTIAL_TABLE) - sizeof (USB_INFO) +
>- Count * sizeof (USB_INFO)
>- );
>- ASSERT (NewTable != NULL);
>-
>- NewTable->MaxCount = Count;
>- NewTable->Count = mUsbTable->Count;
>-
>- //
>- // Copy old entries.
>- //
>- CopyMem (
>- &NewTable->UserInfo,
>- &mUsbTable->UserInfo,
>- mUsbTable->Count * sizeof (USB_INFO)
>- );
>- FreePool (mUsbTable);
>- mUsbTable = NewTable;
>-}
>-
>-
>-/**
>- Add, update or delete info in table, and sync with NV variable.
>-
>- @param[in] Index The index of the password in table. If index is found in
>- table, update the info, else add the into to table.
>- @param[in] Info The new credential info to add into table. If Info is NULL,
>- delete the info by Index.
>-
>- @retval EFI_INVALID_PARAMETER Info is NULL when save the info.
>- @retval EFI_SUCCESS Modify the table successfully.
>- @retval Others Failed to modify the table.
>-
>-**/
>-EFI_STATUS
>-ModifyTable (
>- IN UINTN Index,
>- IN USB_INFO * Info OPTIONAL
>- )
>-{
>- EFI_STATUS Status;
>- USB_INFO *NewUsbInfo;
>-
>- NewUsbInfo = NULL;
>- if (Index < mUsbTable->Count) {
>- if (Info == NULL) {
>- //
>- // Delete the specified entry.
>- //
>- mUsbTable->Count--;
>- if (Index != mUsbTable->Count) {
>- NewUsbInfo = &mUsbTable->UserInfo[mUsbTable->Count];
>- }
>- } else {
>- //
>- // Update the specified entry.
>- //
>- NewUsbInfo = Info;
>- }
>- } else {
>- //
>- // Add a new entry
>- //
>- if (Info == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if (mUsbTable->Count >= mUsbTable->MaxCount) {
>- ExpandTableSize ();
>- }
>-
>- NewUsbInfo = Info;
>- mUsbTable->Count++;
>- }
>-
>- if (NewUsbInfo != NULL) {
>- CopyMem (&mUsbTable->UserInfo[Index], NewUsbInfo, sizeof
>(USB_INFO));
>- }
>-
>- //
>- // Save the credential table.
>- //
>- Status = gRT->SetVariable (
>- L"UsbCredential",
>- &gUsbCredentialProviderGuid,
>- EFI_VARIABLE_NON_VOLATILE |
>EFI_VARIABLE_BOOTSERVICE_ACCESS,
>- mUsbTable->Count * sizeof (USB_INFO),
>- &mUsbTable->UserInfo
>- );
>- return Status;
>-}
>-
>-
>-/**
>- Create a credential table
>-
>- @retval EFI_SUCCESS Create a credential table successfully.
>- @retval Others Failed to create a password.
>-
>-**/
>-EFI_STATUS
>-InitCredentialTable (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- UINT8 *Var;
>- UINTN VarSize;
>-
>- //
>- // Get Usb credential data from NV variable.
>- //
>- VarSize = 0;
>- Var = NULL;
>- Status = gRT->GetVariable (
>- L"UsbCredential",
>- &gUsbCredentialProviderGuid,
>- NULL,
>- &VarSize,
>- Var
>- );
>- if (Status == EFI_BUFFER_TOO_SMALL) {
>- Var = AllocateZeroPool (VarSize);
>- if (Var == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>- Status = gRT->GetVariable (
>- L"UsbCredential",
>- &gUsbCredentialProviderGuid,
>- NULL,
>- &VarSize,
>- Var
>- );
>- }
>- if (EFI_ERROR (Status) && (Status != EFI_NOT_FOUND)) {
>- return Status;
>- }
>-
>- //
>- // Init Usb credential table.
>- //
>- mUsbTable = AllocateZeroPool (
>- sizeof (CREDENTIAL_TABLE) - sizeof (USB_INFO) +
>- USB_TABLE_INC * sizeof (USB_INFO) +
>- VarSize
>- );
>- if (mUsbTable == NULL) {
>- FreePool (Var);
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- mUsbTable->Count = VarSize / sizeof (USB_INFO);
>- mUsbTable->MaxCount = mUsbTable->Count + USB_TABLE_INC;
>- if (Var != NULL) {
>- CopyMem (mUsbTable->UserInfo, Var, VarSize);
>- FreePool (Var);
>- }
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Read the specified file by FileName in the Usb key and return the file size in
>BufferSize
>- and file content in Buffer.
>- Note: the caller is responsible to free the buffer memory.
>-
>- @param FileName File to read.
>- @param Buffer Returned with data read from the file.
>- @param BufferSize Size of the data buffer.
>-
>- @retval EFI_SUCCESS The command completed successfully.
>- @retval EFI_OUT_OF_RESOURCES Resource allocation failed.
>- @retval EFI_NOT_FOUND File not found.
>- @retval EFI_DEVICE_ERROR Device I/O error.
>-
>-**/
>-EFI_STATUS
>-GetFileData (
>- IN CHAR16 *FileName,
>- OUT VOID **Buffer,
>- OUT UINTN *BufferSize
>- )
>-{
>- EFI_STATUS Status;
>- UINTN Index;
>- UINTN HandleCount;
>- UINTN ScratchBufferSize;
>- EFI_HANDLE *HandleBuffer;
>- EFI_FILE *RootFs;
>- EFI_FILE *FileHandle;
>- EFI_FILE_INFO *FileInfo;
>- EFI_SIMPLE_FILE_SYSTEM_PROTOCOL *SimpleFileSystem;
>- EFI_BLOCK_IO_PROTOCOL *BlkIo;
>-
>- FileInfo = NULL;
>- FileHandle = NULL;
>-
>- Status = gBS->LocateHandleBuffer (
>- ByProtocol,
>- &gEfiSimpleFileSystemProtocolGuid,
>- NULL,
>- &HandleCount,
>- &HandleBuffer
>- );
>- if (EFI_ERROR (Status)) {
>- DEBUG ((DEBUG_ERROR, "Can not Locate SimpleFileSystemProtocol\n"));
>- goto Done;
>- }
>-
>- //
>- // Find and open the file in removable media disk.
>- //
>- for (Index = 0; Index < HandleCount; Index++) {
>- Status = gBS->HandleProtocol (
>- HandleBuffer[Index],
>- &gEfiBlockIoProtocolGuid,
>- (VOID **) &BlkIo
>- );
>- if (EFI_ERROR (Status)) {
>- continue;
>- }
>-
>- if (BlkIo->Media->RemovableMedia) {
>- Status = gBS->HandleProtocol (
>- HandleBuffer[Index],
>- &gEfiSimpleFileSystemProtocolGuid,
>- (VOID **) &SimpleFileSystem
>- );
>- if (EFI_ERROR (Status)) {
>- continue;
>- }
>-
>- Status = SimpleFileSystem->OpenVolume (
>- SimpleFileSystem,
>- &RootFs
>- );
>- if (EFI_ERROR (Status)) {
>- continue;
>- }
>-
>- Status = RootFs->Open (
>- RootFs,
>- &FileHandle,
>- FileName,
>- EFI_FILE_MODE_READ,
>- 0
>- );
>- if (!EFI_ERROR (Status)) {
>- break;
>- }
>- }
>- }
>-
>- FreePool (HandleBuffer);
>-
>- if (Index >= HandleCount) {
>- DEBUG ((DEBUG_ERROR, "Can not found the token file!\n"));
>- Status = EFI_NOT_FOUND;
>- goto Done;
>- }
>-
>- //
>- // Figure out how big the file is.
>- //
>- ScratchBufferSize = 0;
>- Status = FileHandle->GetInfo (
>- FileHandle,
>- &gEfiFileInfoGuid,
>- &ScratchBufferSize,
>- NULL
>- );
>- if (EFI_ERROR (Status) && (Status != EFI_BUFFER_TOO_SMALL)) {
>- DEBUG ((DEBUG_ERROR, "Can not obtain file size info!\n"));
>- Status = EFI_DEVICE_ERROR;
>- goto Done;
>- }
>-
>- FileInfo = AllocateZeroPool (ScratchBufferSize);
>- if (FileInfo == NULL) {
>- DEBUG ((DEBUG_ERROR, "Can not allocate enough memory for the token
>file!\n"));
>- Status = EFI_OUT_OF_RESOURCES;
>- goto Done;
>- }
>-
>- Status = FileHandle->GetInfo (
>- FileHandle,
>- &gEfiFileInfoGuid,
>- &ScratchBufferSize,
>- FileInfo
>- );
>- if (EFI_ERROR (Status)) {
>- DEBUG ((DEBUG_ERROR, "Can not obtain file info from the token file!\n"));
>- Status = EFI_DEVICE_ERROR;
>- goto Done;
>- }
>-
>- //
>- // Allocate a buffer for the file.
>- //
>- *BufferSize = (UINT32) FileInfo->FileSize;
>- *Buffer = AllocateZeroPool (*BufferSize);
>- if (*Buffer == NULL) {
>- DEBUG ((DEBUG_ERROR, "Can not allocate a buffer for the file!\n"));
>- Status = EFI_OUT_OF_RESOURCES;
>- goto Done;
>- }
>-
>- //
>- // Load file into the allocated memory.
>- //
>- Status = FileHandle->Read (FileHandle, BufferSize, *Buffer);
>- if (EFI_ERROR (Status)) {
>- FreePool (*Buffer);
>- DEBUG ((DEBUG_ERROR, "Can not read the token file!\n"));
>- Status = EFI_DEVICE_ERROR;
>- goto Done;
>- }
>-
>- //
>- // Close file.
>- //
>- Status = FileHandle->Close (FileHandle);
>- if (EFI_ERROR (Status)) {
>- FreePool (*Buffer);
>- DEBUG ((DEBUG_ERROR, "Can not close the token file !\n"));
>- Status = EFI_DEVICE_ERROR;
>- }
>-
>-Done:
>-
>- if (FileInfo != NULL) {
>- FreePool (FileInfo);
>- }
>-
>- return Status;
>-}
>-
>-
>-/**
>- Hash the data to get credential.
>-
>- @param[in] Buffer Points to the data buffer
>- @param[in] BufferSize The size of data in buffer, in bytes.
>- @param[out] Credential Points to the hashed result
>-
>- @retval TRUE Hash the data successfully.
>- @retval FALSE Failed to hash the data.
>-
>-**/
>-BOOLEAN
>-GenerateCredential (
>- IN UINT8 *Buffer,
>- IN UINTN BufferSize,
>- OUT UINT8 *Credential
>- )
>-{
>- BOOLEAN Status;
>- UINTN HashSize;
>- VOID *Hash;
>-
>- HashSize = Sha1GetContextSize ();
>- Hash = AllocatePool (HashSize);
>- ASSERT (Hash != NULL);
>-
>- Status = Sha1Init (Hash);
>- if (!Status) {
>- goto Done;
>- }
>-
>- Status = Sha1Update (Hash, Buffer, BufferSize);
>- if (!Status) {
>- goto Done;
>- }
>-
>- Status = Sha1Final (Hash, Credential);
>-
>-Done:
>- FreePool (Hash);
>- return Status;
>-}
>-
>-
>-/**
>- Read the token file, and default the Token is saved at the begining of the file.
>-
>- @param[out] Token Token read from a Token file.
>-
>- @retval EFI_SUCCESS Read a Token successfully.
>- @retval Others Fails to read a Token.
>-
>-**/
>-EFI_STATUS
>-GetToken (
>- OUT UINT8 *Token
>- )
>-{
>- EFI_STATUS Status;
>- UINT8 *Buffer;
>- UINTN BufSize;
>- CHAR16 *TokenFile;
>-
>- BufSize = 0;
>- Buffer = NULL;
>- TokenFile = PcdGetPtr (PcdFixedUsbCredentialProviderTokenFileName);
>- Status = GetFileData (TokenFile, (VOID *)&Buffer, &BufSize);
>- if (EFI_ERROR (Status)) {
>- DEBUG ((DEBUG_ERROR, "Read file %s from USB error! Status=(%r)\n",
>TokenFile, Status));
>- return Status;
>- }
>-
>- if (!GenerateCredential (Buffer, BufSize, Token)) {
>- DEBUG ((DEBUG_ERROR, "Generate credential from read data failed!\n"));
>- FreePool (Buffer);
>- return EFI_SECURITY_VIOLATION;
>- }
>-
>- FreePool (Buffer);
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Find a user infomation record by the information record type.
>-
>- This function searches all user information records of User from beginning
>- until either the information is found or there are no more user infomation
>- record. A match occurs when a Info.InfoType field matches the user
>information
>- record type.
>-
>- @param[in] User Points to the user profile record to search.
>- @param[in] InfoType The infomation type to be searched.
>- @param[out] Info Points to the user info found, the caller is responsible
>- to free.
>-
>- @retval EFI_SUCCESS Find the user information successfully.
>- @retval Others Fail to find the user information.
>-
>-**/
>-EFI_STATUS
>-FindUserInfoByType (
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN UINT8 InfoType,
>- OUT EFI_USER_INFO **Info
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *UserInfo;
>- UINTN UserInfoSize;
>- EFI_USER_INFO_HANDLE UserInfoHandle;
>- EFI_USER_MANAGER_PROTOCOL *UserManager;
>-
>- //
>- // Find user information by information type.
>- //
>- if (Info == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- Status = gBS->LocateProtocol (
>- &gEfiUserManagerProtocolGuid,
>- NULL,
>- (VOID **) &UserManager
>- );
>- if (EFI_ERROR (Status)) {
>- return EFI_NOT_FOUND;
>- }
>-
>- //
>- // Get each user information.
>- //
>-
>- UserInfoHandle = NULL;
>- UserInfo = NULL;
>- UserInfoSize = 0;
>- while (TRUE) {
>- Status = UserManager->GetNextInfo (UserManager, User,
>&UserInfoHandle);
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>- //
>- // Get information.
>- //
>- Status = UserManager->GetInfo (
>- UserManager,
>- User,
>- UserInfoHandle,
>- UserInfo,
>- &UserInfoSize
>- );
>- if (Status == EFI_BUFFER_TOO_SMALL) {
>- if (UserInfo != NULL) {
>- FreePool (UserInfo);
>- }
>- UserInfo = AllocateZeroPool (UserInfoSize);
>- if (UserInfo == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>- Status = UserManager->GetInfo (
>- UserManager,
>- User,
>- UserInfoHandle,
>- UserInfo,
>- &UserInfoSize
>- );
>- }
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>-
>- ASSERT (UserInfo != NULL);
>- if (UserInfo->InfoType == InfoType) {
>- *Info = UserInfo;
>- return EFI_SUCCESS;
>- }
>- }
>-
>- if (UserInfo != NULL) {
>- FreePool (UserInfo);
>- }
>- return Status;
>-}
>-
>-
>-/**
>- This function initialize the data mainly used in form browser.
>-
>- @retval EFI_SUCCESS Initialize form data successfully.
>- @retval Others Fail to Initialize form data.
>-
>-**/
>-EFI_STATUS
>-InitFormBrowser (
>- VOID
>- )
>-{
>- USB_PROVIDER_CALLBACK_INFO *CallbackInfo;
>-
>- //
>- // Initialize driver private data.
>- //
>- CallbackInfo = AllocateZeroPool (sizeof (USB_PROVIDER_CALLBACK_INFO));
>- if (CallbackInfo == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- CallbackInfo->DriverHandle = NULL;
>-
>- //
>- // Publish HII data.
>- //
>- CallbackInfo->HiiHandle = HiiAddPackages (
>- &gUsbCredentialProviderGuid,
>- CallbackInfo->DriverHandle,
>- UsbCredentialProviderStrings,
>- NULL
>- );
>- if (CallbackInfo->HiiHandle == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>- mCallbackInfo = CallbackInfo;
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Enroll a user on a credential provider.
>-
>- This function enrolls a user on this credential provider. If the user exists on
>- this credential provider, update the user information on this credential
>provider;
>- otherwise add the user information on credential provider.
>-
>- @param[in] This Points to this instance of
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] User The user profile to enroll.
>-
>- @retval EFI_SUCCESS User profile was successfully enrolled.
>- @retval EFI_ACCESS_DENIED Current user profile does not permit
>enrollment on the
>- user profile handle. Either the user profile cannot enroll
>- on any user profile or cannot enroll on a user profile
>- other than the current user profile.
>- @retval EFI_UNSUPPORTED This credential provider does not support
>enrollment in
>- the pre-OS.
>- @retval EFI_DEVICE_ERROR The new credential could not be created
>because of a device
>- error.
>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>profile handle.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialEnroll (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User
>- )
>-{
>- EFI_STATUS Status;
>- UINTN Index;
>- USB_INFO UsbInfo;
>- EFI_USER_INFO *UserInfo;
>- EFI_INPUT_KEY Key;
>- UINT8 *UserId;
>- CHAR16 *QuestionStr;
>- CHAR16 *PromptStr;
>-
>- if ((This == NULL) || (User == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Get User Identifier
>- //
>- UserInfo = NULL;
>- Status = FindUserInfoByType (
>- User,
>- EFI_USER_INFO_IDENTIFIER_RECORD,
>- &UserInfo
>- );
>- if (EFI_ERROR (Status)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- CopyMem (UsbInfo.UserId, (UINT8 *) (UserInfo + 1), sizeof
>(EFI_USER_INFO_IDENTIFIER));
>- FreePool (UserInfo);
>-
>- //
>- // Get Token and User ID to UsbInfo.
>- //
>- Status = GetToken (UsbInfo.Token);
>- if (EFI_ERROR (Status)) {
>- QuestionStr = GetStringById (STRING_TOKEN
>(STR_READ_USB_TOKEN_ERROR));
>- PromptStr = GetStringById (STRING_TOKEN (STR_INSERT_USB_TOKEN));
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- QuestionStr,
>- L"",
>- PromptStr,
>- NULL
>- );
>- FreePool (QuestionStr);
>- FreePool (PromptStr);
>- return Status;
>- }
>-
>- //
>- // Check whether User is ever enrolled in the provider.
>- //
>- for (Index = 0; Index < mUsbTable->Count; Index++) {
>- UserId = (UINT8 *) &mUsbTable->UserInfo[Index].UserId;
>- if (CompareMem (UserId, (UINT8 *) &UsbInfo.UserId, sizeof
>(EFI_USER_INFO_IDENTIFIER)) == 0) {
>- //
>- // User already exists, update the password.
>- //
>- break;
>- }
>- }
>-
>- //
>- // Enroll the User to the provider.
>- //
>- Status = ModifyTable (Index, &UsbInfo);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Returns the user interface information used during user identification.
>-
>- This function returns information about the form used when interacting
>with the
>- user during user identification. The form is the first enabled form in the
>form-set
>- class EFI_HII_USER_CREDENTIAL_FORMSET_GUID installed on the HII
>handle HiiHandle. If
>- the user credential provider does not require a form to identify the user,
>then this
>- function should return EFI_NOT_FOUND.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] Hii On return, holds the HII database handle.
>- @param[out] FormSetId On return, holds the identifier of the form set
>which contains
>- the form used during user identification.
>- @param[out] FormId On return, holds the identifier of the form used
>during user
>- identification.
>-
>- @retval EFI_SUCCESS Form returned successfully.
>- @retval EFI_NOT_FOUND Form not returned.
>- @retval EFI_INVALID_PARAMETER Hii is NULL or FormSetId is NULL or
>FormId is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialForm (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_HII_HANDLE *Hii,
>- OUT EFI_GUID *FormSetId,
>- OUT EFI_FORM_ID *FormId
>- )
>-{
>- if ((This == NULL) || (Hii == NULL) ||
>- (FormSetId == NULL) || (FormId == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>- return EFI_NOT_FOUND;
>-}
>-
>-
>-/**
>- Returns bitmap used to describe the credential provider type.
>-
>- This optional function returns a bitmap which is less than or equal to the
>number
>- of pixels specified by Width and Height. If no such bitmap exists, then
>EFI_NOT_FOUND
>- is returned.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in, out] Width On entry, points to the desired bitmap width. If
>NULL then no
>- bitmap information will be returned. On exit, points to the
>- width of the bitmap returned.
>- @param[in, out] Height On entry, points to the desired bitmap height. If
>NULL then no
>- bitmap information will be returned. On exit, points to the
>- height of the bitmap returned.
>- @param[out] Hii On return, holds the HII database handle.
>- @param[out] Image On return, holds the HII image identifier.
>-
>- @retval EFI_SUCCESS Image identifier returned successfully.
>- @retval EFI_NOT_FOUND Image identifier not returned.
>- @retval EFI_INVALID_PARAMETER Hii is NULL or Image is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialTile (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN OUT UINTN *Width,
>- IN OUT UINTN *Height,
>- OUT EFI_HII_HANDLE *Hii,
>- OUT EFI_IMAGE_ID *Image
>- )
>-{
>- if ((This == NULL) || (Hii == NULL) || (Image == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>- return EFI_NOT_FOUND;
>-}
>-
>-
>-/**
>- Returns string used to describe the credential provider type.
>-
>- This function returns a string which describes the credential provider. If no
>- such string exists, then EFI_NOT_FOUND is returned.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] Hii On return, holds the HII database handle.
>- @param[out] String On return, holds the HII string identifier.
>-
>- @retval EFI_SUCCESS String identifier returned successfully.
>- @retval EFI_NOT_FOUND String identifier not returned.
>- @retval EFI_INVALID_PARAMETER Hii is NULL or String is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialTitle (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_HII_HANDLE *Hii,
>- OUT EFI_STRING_ID *String
>- )
>-{
>- if ((This == NULL) || (Hii == NULL) || (String == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>- //
>- // Set Hii handle and String ID.
>- //
>- *Hii = mCallbackInfo->HiiHandle;
>- *String = STRING_TOKEN (STR_CREDENTIAL_TITLE);
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Return the user identifier associated with the currently authenticated user.
>-
>- This function returns the user identifier of the user authenticated by this
>credential
>- provider. This function is called after the credential-related information has
>been
>- submitted on a form OR after a call to Default() has returned that this
>credential is
>- ready to log on.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] User The user profile handle of the user profile currently
>being
>- considered by the user identity manager. If NULL, then no user
>- profile is currently under consideration.
>- @param[out] Identifier On return, points to the user identifier.
>-
>- @retval EFI_SUCCESS User identifier returned successfully.
>- @retval EFI_NOT_READY No user identifier can be returned.
>- @retval EFI_ACCESS_DENIED The user has been locked out of this user
>credential.
>- @retval EFI_INVALID_PARAMETER This is NULL, or Identifier is NULL.
>- @retval EFI_NOT_FOUND User is not NULL, and the specified user
>handle can't be
>- found in user profile database.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialUser (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User,
>- OUT EFI_USER_INFO_IDENTIFIER *Identifier
>- )
>-{
>- EFI_STATUS Status;
>- UINTN Index;
>- EFI_USER_INFO *UserInfo;
>- UINT8 *UserId;
>- UINT8 *NewUserId;
>- UINT8 *UserToken;
>- UINT8 ReadToken[HASHED_CREDENTIAL_LEN];
>- EFI_INPUT_KEY Key;
>- CHAR16 *QuestionStr;
>- CHAR16 *PromptStr;
>-
>- if ((This == NULL) || (Identifier == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if (User == NULL) {
>- //
>- // Verify the auto logon user, get user id by matched token.
>- //
>- if (mUsbTable->Count == 0) {
>- return EFI_NOT_READY;
>- }
>-
>- //
>- // No user selected, get token first and verify the user existed in user
>database.
>- //
>- Status = GetToken (ReadToken);
>- if (EFI_ERROR (Status)) {
>- return EFI_NOT_READY;
>- }
>-
>- for (Index = 0; Index < mUsbTable->Count; Index++) {
>- //
>- // find the specified credential in the Usb credential database.
>- //
>- UserToken = mUsbTable->UserInfo[Index].Token;
>- if (CompareMem (UserToken, ReadToken, HASHED_CREDENTIAL_LEN) ==
>0) {
>- UserId = (UINT8 *) &mUsbTable->UserInfo[Index].UserId;
>- CopyMem (Identifier, UserId, sizeof (EFI_USER_INFO_IDENTIFIER));
>- return EFI_SUCCESS;
>- }
>- }
>-
>- return EFI_NOT_READY;
>- }
>-
>- //
>- // User is not NULL here. Read a token, and check whether the token
>matches with
>- // the selected user's Token. If not, try to find a token in token DB to
>matches
>- // with read token.
>- //
>-
>- Status = GetToken (ReadToken);
>- if (EFI_ERROR (Status)) {
>- QuestionStr = GetStringById (STRING_TOKEN
>(STR_READ_USB_TOKEN_ERROR));
>- PromptStr = GetStringById (STRING_TOKEN (STR_INSERT_USB_TOKEN));
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- QuestionStr,
>- L"",
>- PromptStr,
>- NULL
>- );
>- FreePool (QuestionStr);
>- FreePool (PromptStr);
>- return EFI_NOT_FOUND;
>- }
>-
>- //
>- // Get the selected user's identifier.
>- //
>- Status = FindUserInfoByType (User, EFI_USER_INFO_IDENTIFIER_RECORD,
>&UserInfo);
>- if (EFI_ERROR (Status)) {
>- return EFI_NOT_FOUND;
>- }
>-
>- //
>- // Check the selected user's Token with the read token.
>- //
>- for (Index = 0; Index < mUsbTable->Count; Index++) {
>- UserId = (UINT8 *) &mUsbTable->UserInfo[Index].UserId;
>- NewUserId = (UINT8 *) (UserInfo + 1);
>- if (CompareMem (UserId, NewUserId, sizeof (EFI_USER_INFO_IDENTIFIER))
>== 0) {
>- //
>- // The user's ID is found in the UsbTable.
>- //
>- UserToken = mUsbTable->UserInfo[Index].Token;
>- if (CompareMem (UserToken, ReadToken, HASHED_CREDENTIAL_LEN) ==
>0) {
>- //
>- // The read token matches with the one in UsbTable.
>- //
>- CopyMem (Identifier, UserId, sizeof (EFI_USER_INFO_IDENTIFIER));
>- FreePool (UserInfo);
>- return EFI_SUCCESS;
>- }
>- }
>- }
>-
>- FreePool (UserInfo);
>-
>- return EFI_NOT_READY;
>-}
>-
>-
>-/**
>- Indicate that user interface interaction has begun for the specified
>credential.
>-
>- This function is called when a credential provider is selected by the user. If
>- AutoLogon returns FALSE, then the user interface will be constructed by the
>User
>- Identity Manager.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] AutoLogon On return, points to the credential provider's
>capabilities
>- after the credential provider has been selected by the user.
>-
>- @retval EFI_SUCCESS Credential provider successfully selected.
>- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialSelect (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
>- )
>-{
>- if ((This == NULL) || (AutoLogon == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- *AutoLogon = EFI_CREDENTIAL_LOGON_FLAG_DEFAULT |
>EFI_CREDENTIAL_LOGON_FLAG_AUTO;
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Indicate that user interface interaction has ended for the specified
>credential.
>-
>- This function is called when a credential provider is deselected by the user.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>-
>- @retval EFI_SUCCESS Credential provider successfully deselected.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialDeselect (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This
>- )
>-{
>- if (This == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Return the default logon behavior for this user credential.
>-
>- This function reports the default login behavior regarding this credential
>provider.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] AutoLogon On return, holds whether the credential provider
>should be used
>- by default to automatically log on the user.
>-
>- @retval EFI_SUCCESS Default information successfully returned.
>- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialDefault (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
>- )
>-{
>- if ((This == NULL) || (AutoLogon == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- *AutoLogon = EFI_CREDENTIAL_LOGON_FLAG_DEFAULT |
>EFI_CREDENTIAL_LOGON_FLAG_AUTO;
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Return information attached to the credential provider.
>-
>- This function returns user information.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] UserInfo Handle of the user information data record.
>- @param[out] Info On entry, points to a buffer of at least *InfoSize
>bytes. On
>- exit, holds the user information. If the buffer is too small
>- to hold the information, then EFI_BUFFER_TOO_SMALL is
>returned
>- and InfoSize is updated to contain the number of bytes
>actually
>- required.
>- @param[in, out] InfoSize On entry, points to the size of Info. On return,
>points to the
>- size of the user information.
>-
>- @retval EFI_SUCCESS Information returned successfully.
>- @retval EFI_BUFFER_TOO_SMALL The size specified by InfoSize is too small
>to hold all of the
>- user information. The size required is returned in *InfoSize.
>- @retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
>- @retval EFI_NOT_FOUND The specified UserInfo does not refer to a
>valid user info handle.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialGetInfo (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_INFO_HANDLE UserInfo,
>- OUT EFI_USER_INFO *Info,
>- IN OUT UINTN *InfoSize
>- )
>-{
>- EFI_USER_INFO *CredentialInfo;
>- UINTN Index;
>-
>- if ((This == NULL) || (InfoSize == NULL) || (Info == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if ((UserInfo == NULL) || (mUsbInfoHandle == NULL)) {
>- return EFI_NOT_FOUND;
>- }
>-
>- //
>- // Find information handle in credential info table.
>- //
>- for (Index = 0; Index < mUsbInfoHandle->Count; Index++) {
>- CredentialInfo = mUsbInfoHandle->Info[Index];
>- if (UserInfo == (EFI_USER_INFO_HANDLE)CredentialInfo) {
>- //
>- // The handle is found, copy the user info.
>- //
>- if (CredentialInfo->InfoSize > *InfoSize) {
>- *InfoSize = CredentialInfo->InfoSize;
>- return EFI_BUFFER_TOO_SMALL;
>- }
>-
>- CopyMem (Info, CredentialInfo, CredentialInfo->InfoSize);
>- return EFI_SUCCESS;
>- }
>- }
>-
>- return EFI_NOT_FOUND;
>-}
>-
>-
>-/**
>- Enumerate all of the user informations on the credential provider.
>-
>- This function returns the next user information record. To retrieve the first
>user
>- information record handle, point UserInfo at a NULL. Each subsequent call
>will retrieve
>- another user information record handle until there are no more, at which
>point UserInfo
>- will point to NULL.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in, out] UserInfo On entry, points to the previous user information
>handle or NULL
>- to start enumeration. On exit, points to the next user
>information
>- handle or NULL if there is no more user information.
>-
>- @retval EFI_SUCCESS User information returned.
>- @retval EFI_NOT_FOUND No more user information found.
>- @retval EFI_INVALID_PARAMETER UserInfo is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialGetNextInfo (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN OUT EFI_USER_INFO_HANDLE *UserInfo
>- )
>-{
>- EFI_USER_INFO *Info;
>- CHAR16 *ProvNameStr;
>- UINTN InfoLen;
>- UINTN Index;
>- UINTN ProvStrLen;
>-
>- if ((This == NULL) || (UserInfo == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if (mUsbInfoHandle == NULL) {
>- //
>- // Initilized user info table. There are 4 user info records in the table.
>- //
>- InfoLen = sizeof (USB_CREDENTIAL_INFO) + (4 - 1) * sizeof
>(EFI_USER_INFO *);
>- mUsbInfoHandle = AllocateZeroPool (InfoLen);
>- if (mUsbInfoHandle == NULL) {
>- *UserInfo = NULL;
>- return EFI_NOT_FOUND;
>- }
>-
>- //
>- // The first information, Credential Provider info.
>- //
>- InfoLen = sizeof (EFI_USER_INFO) + sizeof (EFI_GUID);
>- Info = AllocateZeroPool (InfoLen);
>- ASSERT (Info != NULL);
>-
>- Info->InfoType = EFI_USER_INFO_CREDENTIAL_PROVIDER_RECORD;
>- Info->InfoSize = (UINT32) InfoLen;
>- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
>- CopyGuid (&Info->Credential, &gUsbCredentialProviderGuid);
>- CopyGuid ((EFI_GUID *)(Info + 1), &gUsbCredentialProviderGuid);
>-
>- mUsbInfoHandle->Info[0] = Info;
>- mUsbInfoHandle->Count++;
>-
>- //
>- // The second information, Credential Provider name info.
>- //
>- ProvNameStr = GetStringById (STRING_TOKEN (STR_PROVIDER_NAME));
>- ProvStrLen = StrSize (ProvNameStr);
>- InfoLen = sizeof (EFI_USER_INFO) + ProvStrLen;
>- Info = AllocateZeroPool (InfoLen);
>- ASSERT (Info != NULL);
>-
>- Info->InfoType =
>EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD;
>- Info->InfoSize = (UINT32) InfoLen;
>- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
>- CopyGuid (&Info->Credential, &gUsbCredentialProviderGuid);
>- CopyMem ((UINT8*)(Info + 1), ProvNameStr, ProvStrLen);
>- FreePool (ProvNameStr);
>-
>- mUsbInfoHandle->Info[1] = Info;
>- mUsbInfoHandle->Count++;
>-
>- //
>- // The third information, Credential Provider type info.
>- //
>- InfoLen = sizeof (EFI_USER_INFO) + sizeof (EFI_GUID);
>- Info = AllocateZeroPool (InfoLen);
>- ASSERT (Info != NULL);
>-
>- Info->InfoType = EFI_USER_INFO_CREDENTIAL_TYPE_RECORD;
>- Info->InfoSize = (UINT32) InfoLen;
>- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
>- CopyGuid (&Info->Credential, &gUsbCredentialProviderGuid);
>- CopyGuid ((EFI_GUID *)(Info + 1),
>&gEfiUserCredentialClassSecureCardGuid);
>-
>- mUsbInfoHandle->Info[2] = Info;
>- mUsbInfoHandle->Count++;
>-
>- //
>- // The fourth information, Credential Provider type name info.
>- //
>- ProvNameStr = GetStringById (STRING_TOKEN
>(STR_PROVIDER_TYPE_NAME));
>- ProvStrLen = StrSize (ProvNameStr);
>- InfoLen = sizeof (EFI_USER_INFO) + ProvStrLen;
>- Info = AllocateZeroPool (InfoLen);
>- ASSERT (Info != NULL);
>-
>- Info->InfoType =
>EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD;
>- Info->InfoSize = (UINT32) InfoLen;
>- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
>- CopyGuid (&Info->Credential, &gUsbCredentialProviderGuid);
>- CopyMem ((UINT8*)(Info + 1), ProvNameStr, ProvStrLen);
>- FreePool (ProvNameStr);
>-
>- mUsbInfoHandle->Info[3] = Info;
>- mUsbInfoHandle->Count++;
>- }
>-
>- if (*UserInfo == NULL) {
>- //
>- // Return the first info handle.
>- //
>- *UserInfo = (EFI_USER_INFO_HANDLE) mUsbInfoHandle->Info[0];
>- return EFI_SUCCESS;
>- }
>-
>- //
>- // Find information handle in credential info table.
>- //
>- for (Index = 0; Index < mUsbInfoHandle->Count; Index++) {
>- Info = mUsbInfoHandle->Info[Index];
>- if (*UserInfo == (EFI_USER_INFO_HANDLE)Info) {
>- //
>- // The handle is found, get the next one.
>- //
>- if (Index == mUsbInfoHandle->Count - 1) {
>- //
>- // Already last one.
>- //
>- *UserInfo = NULL;
>- return EFI_NOT_FOUND;
>- }
>- Index++;
>- *UserInfo = (EFI_USER_INFO_HANDLE)mUsbInfoHandle->Info[Index];
>- return EFI_SUCCESS;
>- }
>- }
>-
>- *UserInfo = NULL;
>- return EFI_NOT_FOUND;
>-}
>-
>-
>-/**
>- Delete a user on this credential provider.
>-
>- This function deletes a user on this credential provider.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] User The user profile handle to delete.
>-
>- @retval EFI_SUCCESS User profile was successfully deleted.
>- @retval EFI_ACCESS_DENIED Current user profile does not permit
>deletion on the user profile handle.
>- Either the user profile cannot delete on any user profile or
>cannot delete
>- on a user profile other than the current user profile.
>- @retval EFI_UNSUPPORTED This credential provider does not support
>deletion in the pre-OS.
>- @retval EFI_DEVICE_ERROR The new credential could not be deleted
>because of a device error.
>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>profile handle.
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialDelete (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *UserInfo;
>- UINT8 *UserId;
>- UINT8 *NewUserId;
>- UINTN Index;
>-
>- if ((This == NULL) || (User == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Get User Identifier.
>- //
>- UserInfo = NULL;
>- Status = FindUserInfoByType (
>- User,
>- EFI_USER_INFO_IDENTIFIER_RECORD,
>- &UserInfo
>- );
>- if (EFI_ERROR (Status)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Find the user by user identifier in mPwdTable.
>- //
>- for (Index = 0; Index < mUsbTable->Count; Index++) {
>- UserId = (UINT8 *) &mUsbTable->UserInfo[Index].UserId;
>- NewUserId = (UINT8 *) (UserInfo + 1);
>- if (CompareMem (UserId, NewUserId, sizeof (EFI_USER_INFO_IDENTIFIER))
>== 0) {
>- //
>- // Found the user, delete it.
>- //
>- ModifyTable (Index, NULL);
>- break;
>- }
>- }
>-
>- FreePool (UserInfo);
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Main entry for this driver.
>-
>- @param ImageHandle Image handle this driver.
>- @param SystemTable Pointer to SystemTable.
>-
>- @retval EFI_SUCESS This function always complete successfully.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UsbProviderInit (
>- IN EFI_HANDLE ImageHandle,
>- IN EFI_SYSTEM_TABLE *SystemTable
>- )
>-{
>- EFI_STATUS Status;
>-
>- //
>- // It is NOT robust enough to be included in production.
>- //
>- #error "This implementation is just a sample, please comment this line if you
>really want to use this driver."
>-
>- //
>- // Init credential table.
>- //
>- Status = InitCredentialTable ();
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Init Form Browser
>- //
>- Status = InitFormBrowser ();
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Install protocol interfaces for the Usb Credential Provider.
>- //
>- Status = gBS->InstallProtocolInterface (
>- &mCallbackInfo->DriverHandle,
>- &gEfiUserCredential2ProtocolGuid,
>- EFI_NATIVE_INTERFACE,
>- &gUsbCredentialProviderDriver
>- );
>- return Status;
>-}
>diff --git
>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>ovider.h
>b/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>ovider.h
>deleted file mode 100644
>index 63f6576045..0000000000
>---
>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>ovider.h
>+++ /dev/null
>@@ -1,361 +0,0 @@
>-/** @file
>- Usb Credential Provider driver header file.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#ifndef _USB_CREDENTIAL_PROVIDER_H_
>-#define _USB_CREDENTIAL_PROVIDER_H_
>-
>-#include <Uefi.h>
>-
>-#include <Guid/GlobalVariable.h>
>-#include <Guid/FileInfo.h>
>-#include <Guid/SecurityPkgTokenSpace.h>
>-#include <Guid/UsbCredentialProviderHii.h>
>-
>-#include <Protocol/SimpleFileSystem.h>
>-#include <Protocol/BlockIo.h>
>-#include <Protocol/UserCredential2.h>
>-#include <Protocol/UserManager.h>
>-
>-#include <Library/UefiRuntimeServicesTableLib.h>
>-#include <Library/UefiBootServicesTableLib.h>
>-#include <Library/MemoryAllocationLib.h>
>-#include <Library/BaseMemoryLib.h>
>-#include <Library/DevicePathLib.h>
>-#include <Library/BaseCryptLib.h>
>-#include <Library/DebugLib.h>
>-#include <Library/UefiLib.h>
>-#include <Library/PrintLib.h>
>-#include <Library/HiiLib.h>
>-#include <Library/PcdLib.h>
>-
>-extern UINT8 UsbCredentialProviderStrings[];
>-
>-#define USB_TABLE_INC 16
>-#define HASHED_CREDENTIAL_LEN 20
>-
>-//
>-// Save the enroll user credential Information.
>-//
>-typedef struct {
>- EFI_USER_INFO_IDENTIFIER UserId;
>- UINT8 Token[HASHED_CREDENTIAL_LEN];
>-} USB_INFO;
>-
>-//
>-// USB Credential Table.
>-//
>-typedef struct {
>- UINTN Count;
>- UINTN MaxCount;
>- USB_INFO UserInfo[1];
>-} CREDENTIAL_TABLE;
>-
>-//
>-// The user information on the USB provider.
>-//
>-typedef struct {
>- UINTN Count;
>- EFI_USER_INFO *Info[1];
>-} USB_CREDENTIAL_INFO;
>-
>-#define USB_PROVIDER_SIGNATURE SIGNATURE_32 ('U', 'S', 'B', 'P')
>-
>-typedef struct {
>- UINTN Signature;
>- EFI_HANDLE DriverHandle;
>- EFI_HII_HANDLE HiiHandle;
>-} USB_PROVIDER_CALLBACK_INFO;
>-
>-/**
>- Enroll a user on a credential provider.
>-
>- This function enrolls and deletes a user profile using this credential provider.
>- If a user profile is successfully enrolled, it calls the User Manager Protocol
>- function Notify() to notify the user manager driver that credential
>information
>- has changed. If an enrolled user does exist, delete the user on the
>credential
>- provider.
>-
>- @param[in] This Points to this instance of
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] User The user profile to enroll.
>-
>- @retval EFI_SUCCESS User profile was successfully enrolled.
>- @retval EFI_ACCESS_DENIED Current user profile does not permit
>enrollment on the
>- user profile handle. Either the user profile cannot enroll
>- on any user profile or cannot enroll on a user profile
>- other than the current user profile.
>- @retval EFI_UNSUPPORTED This credential provider does not support
>enrollment in
>- the pre-OS.
>- @retval EFI_DEVICE_ERROR The new credential could not be created
>because of a device
>- error.
>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>profile handle.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialEnroll (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User
>- );
>-
>-/**
>- Returns the user interface information used during user identification.
>-
>- This function enrolls a user on this credential provider. If the user exists on
>- this credential provider, update the user information on this credential
>provider;
>- otherwise delete the user information on credential provider.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] Hii On return, holds the HII database handle.
>- @param[out] FormSetId On return, holds the identifier of the form set
>which contains
>- the form used during user identification.
>- @param[out] FormId On return, holds the identifier of the form used
>during user
>- identification.
>-
>- @retval EFI_SUCCESS Form returned successfully.
>- @retval EFI_NOT_FOUND Form not returned.
>- @retval EFI_INVALID_PARAMETER Hii is NULL or FormSetId is NULL or
>FormId is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialForm (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_HII_HANDLE *Hii,
>- OUT EFI_GUID *FormSetId,
>- OUT EFI_FORM_ID *FormId
>- );
>-
>-/**
>- Returns bitmap used to describe the credential provider type.
>-
>- This optional function returns a bitmap which is less than or equal to the
>number
>- of pixels specified by Width and Height. If no such bitmap exists, then
>EFI_NOT_FOUND
>- is returned.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in, out] Width On entry, points to the desired bitmap width. If
>NULL then no
>- bitmap information will be returned. On exit, points to the
>- width of the bitmap returned.
>- @param[in, out] Height On entry, points to the desired bitmap height. If
>NULL then no
>- bitmap information will be returned. On exit, points to the
>- height of the bitmap returned.
>- @param[out] Hii On return, holds the HII database handle.
>- @param[out] Image On return, holds the HII image identifier.
>-
>- @retval EFI_SUCCESS Image identifier returned successfully.
>- @retval EFI_NOT_FOUND Image identifier not returned.
>- @retval EFI_INVALID_PARAMETER Hii is NULL or Image is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialTile (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN OUT UINTN *Width,
>- IN OUT UINTN *Height,
>- OUT EFI_HII_HANDLE *Hii,
>- OUT EFI_IMAGE_ID *Image
>- );
>-
>-/**
>- Returns string used to describe the credential provider type.
>-
>- This function returns a string which describes the credential provider. If no
>- such string exists, then EFI_NOT_FOUND is returned.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] Hii On return, holds the HII database handle.
>- @param[out] String On return, holds the HII string identifier.
>-
>- @retval EFI_SUCCESS String identifier returned successfully.
>- @retval EFI_NOT_FOUND String identifier not returned.
>- @retval EFI_INVALID_PARAMETER Hii is NULL or String is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialTitle (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_HII_HANDLE *Hii,
>- OUT EFI_STRING_ID *String
>- );
>-
>-/**
>- Return the user identifier associated with the currently authenticated user.
>-
>- This function returns the user identifier of the user authenticated by this
>credential
>- provider. This function is called after the credential-related information has
>been
>- submitted on a form OR after a call to Default() has returned that this
>credential is
>- ready to log on.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] User The user profile handle of the user profile currently
>being
>- considered by the user identity manager. If NULL, then no user
>- profile is currently under consideration.
>- @param[out] Identifier On return, points to the user identifier.
>-
>- @retval EFI_SUCCESS User identifier returned successfully.
>- @retval EFI_NOT_READY No user identifier can be returned.
>- @retval EFI_ACCESS_DENIED The user has been locked out of this user
>credential.
>- @retval EFI_INVALID_PARAMETER This is NULL, or Identifier is NULL.
>- @retval EFI_NOT_FOUND User is not NULL, and the specified user
>handle can't be
>- found in user profile database.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialUser (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User,
>- OUT EFI_USER_INFO_IDENTIFIER *Identifier
>- );
>-
>-/**
>- Indicate that user interface interaction has begun for the specified
>credential.
>-
>- This function is called when a credential provider is selected by the user. If
>- AutoLogon returns FALSE, then the user interface will be constructed by the
>User
>- Identity Manager.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] AutoLogon On return, points to the credential provider's
>capabilities
>- after the credential provider has been selected by the user.
>-
>- @retval EFI_SUCCESS Credential provider successfully selected.
>- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialSelect (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
>- );
>-
>-/**
>- Indicate that user interface interaction has ended for the specified
>credential.
>-
>- This function is called when a credential provider is deselected by the user.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>-
>- @retval EFI_SUCCESS Credential provider successfully deselected.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialDeselect (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This
>- );
>-
>-/**
>- Return the default logon behavior for this user credential.
>-
>- This function reports the default login behavior regarding this credential
>provider.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[out] AutoLogon On return, holds whether the credential provider
>should be used
>- by default to automatically log on the user.
>-
>- @retval EFI_SUCCESS Default information successfully returned.
>- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialDefault (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
>- );
>-
>-/**
>- Return information attached to the credential provider.
>-
>- This function returns user information.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] UserInfo Handle of the user information data record.
>- @param[out] Info On entry, points to a buffer of at least *InfoSize
>bytes. On
>- exit, holds the user information. If the buffer is too small
>- to hold the information, then EFI_BUFFER_TOO_SMALL is
>returned
>- and InfoSize is updated to contain the number of bytes
>actually
>- required.
>- @param[in, out] InfoSize On entry, points to the size of Info. On return,
>points to the
>- size of the user information.
>-
>- @retval EFI_SUCCESS Information returned successfully.
>- @retval EFI_BUFFER_TOO_SMALL The size specified by InfoSize is too small
>to hold all of the
>- user information. The size required is returned in *InfoSize.
>- @retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
>- @retval EFI_NOT_FOUND The specified UserInfo does not refer to a
>valid user info handle.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialGetInfo (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_INFO_HANDLE UserInfo,
>- OUT EFI_USER_INFO *Info,
>- IN OUT UINTN *InfoSize
>- );
>-
>-/**
>- Enumerate all of the user informations on the credential provider.
>-
>- This function returns the next user information record. To retrieve the first
>user
>- information record handle, point UserInfo at a NULL. Each subsequent call
>will retrieve
>- another user information record handle until there are no more, at which
>point UserInfo
>- will point to NULL.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in, out] UserInfo On entry, points to the previous user information
>handle or NULL
>- to start enumeration. On exit, points to the next user
>information
>- handle or NULL if there is no more user information.
>-
>- @retval EFI_SUCCESS User information returned.
>- @retval EFI_NOT_FOUND No more user information found.
>- @retval EFI_INVALID_PARAMETER UserInfo is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialGetNextInfo (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN OUT EFI_USER_INFO_HANDLE *UserInfo
>- );
>-
>-/**
>- Delete a user on this credential provider.
>-
>- This function deletes a user on this credential provider.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL.
>- @param[in] User The user profile handle to delete.
>-
>- @retval EFI_SUCCESS User profile was successfully deleted.
>- @retval EFI_ACCESS_DENIED Current user profile does not permit
>deletion on the user profile handle.
>- Either the user profile cannot delete on any user profile or
>cannot delete
>- on a user profile other than the current user profile.
>- @retval EFI_UNSUPPORTED This credential provider does not support
>deletion in the pre-OS.
>- @retval EFI_DEVICE_ERROR The new credential could not be deleted
>because of a device error.
>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>profile handle.
>-**/
>-EFI_STATUS
>-EFIAPI
>-CredentialDelete (
>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User
>- );
>-
>-#endif
>diff --git
>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>ovider.uni
>b/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>ovider.uni
>deleted file mode 100644
>index 961e09f360..0000000000
>---
>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>ovider.uni
>+++ /dev/null
>@@ -1,23 +0,0 @@
>-// /** @file
>-// Provides a USB credential provider implementation
>-//
>-// This module reads a token from a token file that is saved in the root
>-// folder of a USB stick. The token file name can be specified by the PCD
>-// PcdFixedUsbCredentialProviderTokenFileName.
>-//
>-// Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
>-//
>-// This program and the accompanying materials
>-// are licensed and made available under the terms and conditions of the BSD
>License
>-// which accompanies this distribution. The full text of the license may be
>found at
>-// http://opensource.org/licenses/bsd-license.php
>-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-//
>-// **/
>-
>-
>-#string STR_MODULE_ABSTRACT #language en-US "Provides a USB
>credential provider implementation"
>-
>-#string STR_MODULE_DESCRIPTION #language en-US "This module
>reads a token from a token file that is saved in the root folder of a USB stick.
>The token file name can be specified by the PCD
>PcdFixedUsbCredentialProviderTokenFileName."
>-
>diff --git
>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>oviderDxe.inf
>b/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>oviderDxe.inf
>deleted file mode 100644
>index 1e8e42332f..0000000000
>---
>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>oviderDxe.inf
>+++ /dev/null
>@@ -1,70 +0,0 @@
>-## @file
>-# Provides a USB credential provider implementation
>-#
>-# This module reads a token from a token file that is saved in the root
>-# folder of a USB stick. The token file name can be specified by the PCD
>-# PcdFixedUsbCredentialProviderTokenFileName.
>-#
>-# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-# This program and the accompanying materials
>-# are licensed and made available under the terms and conditions of the BSD
>License
>-# which accompanies this distribution. The full text of the license may be
>found at
>-# http://opensource.org/licenses/bsd-license.php
>-# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>-# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-#
>-##
>-
>-[Defines]
>- INF_VERSION = 0x00010005
>- BASE_NAME = UsbCredentialProvider
>- MODULE_UNI_FILE = UsbCredentialProvider.uni
>- FILE_GUID = 672A0C68-2BF0-46f9-93C3-C4E7DC0FA555
>- MODULE_TYPE = UEFI_DRIVER
>- VERSION_STRING = 1.0
>- ENTRY_POINT = UsbProviderInit
>-
>-[Sources]
>- UsbCredentialProvider.c
>- UsbCredentialProvider.h
>- UsbCredentialProviderStrings.uni
>-
>-[Packages]
>- MdePkg/MdePkg.dec
>- MdeModulePkg/MdeModulePkg.dec
>- CryptoPkg/CryptoPkg.dec
>- SecurityPkg/SecurityPkg.dec
>-
>-[LibraryClasses]
>- UefiRuntimeServicesTableLib
>- UefiBootServicesTableLib
>- UefiDriverEntryPoint
>- MemoryAllocationLib
>- BaseMemoryLib
>- DebugLib
>- HiiLib
>- UefiLib
>- BaseCryptLib
>-
>-[Guids]
>- ## PRODUCES ## Variable:L"UsbCredential"
>- ## CONSUMES ## Variable:L"UsbCredential"
>- ## CONSUMES ## HII
>- ## SOMETIMES_CONSUMES ## GUID # The credential provider
>identifier
>- gUsbCredentialProviderGuid
>-
>- gEfiFileInfoGuid ## SOMETIMES_CONSUMES ## GUID
>- gEfiUserCredentialClassSecureCardGuid ## SOMETIMES_CONSUMES
>## GUID
>-
>-[Pcd]
>-
>gEfiSecurityPkgTokenSpaceGuid.PcdFixedUsbCredentialProviderTokenFileNa
>me ## SOMETIMES_CONSUMES
>-
>-[Protocols]
>- gEfiUserCredential2ProtocolGuid ## PRODUCES
>- gEfiUserManagerProtocolGuid ## SOMETIMES_CONSUMES
>- gEfiBlockIoProtocolGuid ## SOMETIMES_CONSUMES
>- gEfiSimpleFileSystemProtocolGuid ## SOMETIMES_CONSUMES
>-
>-[UserExtensions.TianoCore."ExtraFiles"]
>- UsbCredentialProviderExtra.uni
>-
>diff --git
>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>oviderExtra.uni
>b/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>oviderExtra.uni
>deleted file mode 100644
>index a20917d5f7..0000000000
>---
>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>oviderExtra.uni
>+++ /dev/null
>@@ -1,19 +0,0 @@
>-// /** @file
>-// UsbCredentialProvider Localized Strings and Content
>-//
>-// Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
>-//
>-// This program and the accompanying materials
>-// are licensed and made available under the terms and conditions of the BSD
>License
>-// which accompanies this distribution. The full text of the license may be
>found at
>-// http://opensource.org/licenses/bsd-license.php
>-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-//
>-// **/
>-
>-#string STR_PROPERTIES_MODULE_NAME
>-#language en-US
>-"USB Credential Provider"
>-
>-
>diff --git
>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>oviderStrings.uni
>b/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>oviderStrings.uni
>deleted file mode 100644
>index f306d50a4e..0000000000
>---
>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>oviderStrings.uni
>+++ /dev/null
>@@ -1,29 +0,0 @@
>-/** @file
>- String definitions for the USB Credential Provider.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php.
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#langdef en-US "English"
>-#langdef fr-FR "Francais"
>-
>-#string STR_CREDENTIAL_TITLE #language en-US "USB Credential
>Provider"
>- #language fr-FR "USB Credential Provider (French)"
>-#string STR_NULL_STRING #language en-US ""
>- #language fr-FR ""
>-#string STR_PROVIDER_NAME #language en-US "INTEL USB
>Credential Provider"
>- #language fr-FR "INTEL USB Credential Provider
>(French)"
>-#string STR_PROVIDER_TYPE_NAME #language en-US "Secure Card
>Credential Provider"
>- #language fr-FR "Secure Card Credential Provider
>(French)"
>-#string STR_READ_USB_TOKEN_ERROR #language en-US "Read USB
>Token File Error!"
>- #language fr-FR "Read USB Token File Error!
>(French)"
>-#string STR_INSERT_USB_TOKEN #language en-US "Please insert
>USB key with Token"
>- #language fr-FR "Please insert USB key with Token
>(French)"
>diff --git
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/LoadDeferredIma
>ge.c
>b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/LoadDeferredIm
>age.c
>deleted file mode 100644
>index 2cfe130db8..0000000000
>---
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/LoadDeferredIma
>ge.c
>+++ /dev/null
>@@ -1,148 +0,0 @@
>-/** @file
>- Load the deferred images after user is identified.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#include "UserIdentifyManager.h"
>-
>-EFI_HANDLE mDeferredImageHandle;
>-
>-/**
>- The function will load all the deferred images again. If the deferred image is
>loaded
>- successfully, try to start it.
>-
>- @param Event Event whose notification function is being invoked.
>- @param Context Pointer to the notification function's context
>-
>-**/
>-VOID
>-EFIAPI
>-LoadDeferredImage (
>- IN EFI_EVENT Event,
>- IN VOID *Context
>- )
>-{
>- EFI_STATUS Status;
>- EFI_DEFERRED_IMAGE_LOAD_PROTOCOL *DeferredImage;
>- UINTN HandleCount;
>- EFI_HANDLE *HandleBuf;
>- UINTN Index;
>- UINTN DriverIndex;
>- EFI_DEVICE_PATH_PROTOCOL *ImageDevicePath;
>- VOID *DriverImage;
>- UINTN ImageSize;
>- BOOLEAN BootOption;
>- EFI_HANDLE ImageHandle;
>- UINTN ExitDataSize;
>- CHAR16 *ExitData;
>-
>- //
>- // Find all the deferred image load protocols.
>- //
>- HandleCount = 0;
>- HandleBuf = NULL;
>- Status = gBS->LocateHandleBuffer (
>- ByProtocol,
>- &gEfiDeferredImageLoadProtocolGuid,
>- NULL,
>- &HandleCount,
>- &HandleBuf
>- );
>- if (EFI_ERROR (Status)) {
>- return ;
>- }
>-
>- for (Index = 0; Index < HandleCount; Index++) {
>- Status = gBS->HandleProtocol (
>- HandleBuf[Index],
>- &gEfiDeferredImageLoadProtocolGuid,
>- (VOID **) &DeferredImage
>- );
>- if (EFI_ERROR (Status)) {
>- continue ;
>- }
>-
>- DriverIndex = 0;
>- do {
>- //
>- // Load all the deferred images in this protocol instance.
>- //
>- Status = DeferredImage->GetImageInfo(
>- DeferredImage,
>- DriverIndex,
>- &ImageDevicePath,
>- (VOID **) &DriverImage,
>- &ImageSize,
>- &BootOption
>- );
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>-
>- //
>- // Load and start the image.
>- //
>- Status = gBS->LoadImage (
>- BootOption,
>- mDeferredImageHandle,
>- ImageDevicePath,
>- NULL,
>- 0,
>- &ImageHandle
>- );
>- if (!EFI_ERROR (Status)) {
>- //
>- // Before calling the image, enable the Watchdog Timer for
>- // a 5 Minute period
>- //
>- gBS->SetWatchdogTimer (5 * 60, 0x0000, 0x00, NULL);
>- Status = gBS->StartImage (ImageHandle, &ExitDataSize, &ExitData);
>-
>- //
>- // Clear the Watchdog Timer after the image returns.
>- //
>- gBS->SetWatchdogTimer (0x0000, 0x0000, 0x0000, NULL);
>- }
>- DriverIndex++;
>- } while (TRUE);
>- }
>- FreePool (HandleBuf);
>-}
>-
>-
>-/**
>- Register an event notification function for user profile changed.
>-
>- @param[in] ImageHandle Image handle this driver.
>-
>-**/
>-VOID
>-LoadDeferredImageInit (
>- IN EFI_HANDLE ImageHandle
>- )
>-{
>- EFI_STATUS Status;
>- EFI_EVENT Event;
>-
>- mDeferredImageHandle = ImageHandle;
>-
>- Status = gBS->CreateEventEx (
>- EVT_NOTIFY_SIGNAL,
>- TPL_CALLBACK,
>- LoadDeferredImage,
>- NULL,
>- &gEfiEventUserProfileChangedGuid,
>- &Event
>- );
>-
>- ASSERT (Status == EFI_SUCCESS);
>-}
>diff --git
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>ager.c
>b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>ager.c
>deleted file mode 100644
>index fd941792c1..0000000000
>---
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>ager.c
>+++ /dev/null
>@@ -1,3766 +0,0 @@
>-/** @file
>- This driver manages user information and produces user manager protocol.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-(C) Copyright 2018 Hewlett Packard Enterprise Development LP<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#include "UserIdentifyManager.h"
>-
>-//
>-// Default user name.
>-//
>-CHAR16 mUserName[] = L"Administrator";
>-
>-//
>-// Points to the user profile database.
>-//
>-USER_PROFILE_DB *mUserProfileDb = NULL;
>-
>-//
>-// Points to the credential providers found in system.
>-//
>-CREDENTIAL_PROVIDER_INFO *mProviderDb = NULL;
>-
>-//
>-// Current user shared in multi function.
>-//
>-EFI_USER_PROFILE_HANDLE mCurrentUser = NULL;
>-
>-//
>-// Flag indicates a user is identified.
>-//
>-BOOLEAN mIdentified = FALSE;
>-USER_MANAGER_CALLBACK_INFO *mCallbackInfo = NULL;
>-HII_VENDOR_DEVICE_PATH mHiiVendorDevicePath = {
>- {
>- {
>- HARDWARE_DEVICE_PATH,
>- HW_VENDOR_DP,
>- {
>- (UINT8) (sizeof (VENDOR_DEVICE_PATH)),
>- (UINT8) ((sizeof (VENDOR_DEVICE_PATH)) >> 8)
>- }
>- },
>- USER_IDENTIFY_MANAGER_GUID
>- },
>- {
>- END_DEVICE_PATH_TYPE,
>- END_ENTIRE_DEVICE_PATH_SUBTYPE,
>- {
>- (UINT8) (END_DEVICE_PATH_LENGTH),
>- (UINT8) ((END_DEVICE_PATH_LENGTH) >> 8)
>- }
>- }
>-};
>-
>-
>-EFI_USER_MANAGER_PROTOCOL gUserIdentifyManager = {
>- UserProfileCreate,
>- UserProfileDelete,
>- UserProfileGetNext,
>- UserProfileCurrent,
>- UserProfileIdentify,
>- UserProfileFind,
>- UserProfileNotify,
>- UserProfileGetInfo,
>- UserProfileSetInfo,
>- UserProfileDeleteInfo,
>- UserProfileGetNextInfo,
>-};
>-
>-
>-/**
>- Find the specified user in the user database.
>-
>- This function searches the specified user from the beginning of the user
>database.
>- And if NextUser is TRUE, return the next User in the user database.
>-
>- @param[in, out] User On entry, points to the user profile entry to
>search.
>- On return, points to the user profile entry or NULL if not
>found.
>- @param[in] NextUser If FALSE, find the user in user profile database
>specifyed by User
>- If TRUE, find the next user in user profile database specifyed
>- by User.
>- @param[out] ProfileIndex A pointer to the index of user profile database
>that matches the
>- user specifyed by User.
>-
>- @retval EFI_NOT_FOUND User was NULL, or User was not found, or the
>next user was not found.
>- @retval EFI_SUCCESS User or the next user are found in user profile
>database
>-
>-**/
>-EFI_STATUS
>-FindUserProfile (
>- IN OUT USER_PROFILE_ENTRY **User,
>- IN BOOLEAN NextUser,
>- OUT UINTN *ProfileIndex OPTIONAL
>- )
>-{
>- UINTN Index;
>-
>- //
>- // Check parameters
>- //
>- if ((mUserProfileDb == NULL) || (User == NULL)) {
>- return EFI_NOT_FOUND;
>- }
>-
>- //
>- // Check whether the user profile is in the user profile database.
>- //
>- for (Index = 0; Index < mUserProfileDb->UserProfileNum; Index++) {
>- if (mUserProfileDb->UserProfile[Index] == *User) {
>- if (ProfileIndex != NULL) {
>- *ProfileIndex = Index;
>- }
>- break;
>- }
>- }
>-
>- if (NextUser) {
>- //
>- // Find the next user profile.
>- //
>- Index++;
>- if (Index < mUserProfileDb->UserProfileNum) {
>- *User = mUserProfileDb->UserProfile[Index];
>- } else if (Index == mUserProfileDb->UserProfileNum) {
>- *User = NULL;
>- return EFI_NOT_FOUND;
>- } else {
>- if ((mUserProfileDb->UserProfileNum > 0) && (*User == NULL)) {
>- *User = mUserProfileDb->UserProfile[0];
>- } else {
>- *User = NULL;
>- return EFI_NOT_FOUND;
>- }
>- }
>- } else if (Index == mUserProfileDb->UserProfileNum) {
>- return EFI_NOT_FOUND;
>- }
>-
>- return EFI_SUCCESS;
>-}
>-
>-/**
>- Find the specified user information record in the specified User profile.
>-
>- This function searches the specified user information record from the
>beginning of the user
>- profile. And if NextInfo is TRUE, return the next info in the user profile.
>-
>- @param[in] User Points to the user profile entry.
>- @param[in, out] Info On entry, points to the user information record or
>NULL to start
>- searching with the first user information record.
>- On return, points to the user information record or NULL if not
>found.
>- @param[in] NextInfo If FALSE, find the user information record in profile
>specifyed by User.
>- If TRUE, find the next user information record in profile
>specifyed
>- by User.
>- @param[out] Offset A pointer to the offset of the information record in
>the user profile.
>-
>- @retval EFI_INVALID_PARAMETER Info is NULL
>- @retval EFI_NOT_FOUND Info was not found, or the next Info was not
>found.
>- @retval EFI_SUCCESS Info or the next info are found in user profile.
>-
>-**/
>-EFI_STATUS
>-FindUserInfo (
>- IN USER_PROFILE_ENTRY * User,
>- IN OUT EFI_USER_INFO **Info,
>- IN BOOLEAN NextInfo,
>- OUT UINTN *Offset OPTIONAL
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *UserInfo;
>- UINTN InfoLen;
>-
>- if (Info == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Check user profile entry
>- //
>- Status = FindUserProfile (&User, FALSE, NULL);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Find user information in the specified user record.
>- //
>- InfoLen = 0;
>- while (InfoLen < User->UserProfileSize) {
>- UserInfo = (EFI_USER_INFO *) (User->ProfileInfo + InfoLen);
>- if (UserInfo == *Info) {
>- if (Offset != NULL) {
>- *Offset = InfoLen;
>- }
>- break;
>- }
>- InfoLen += ALIGN_VARIABLE (UserInfo->InfoSize);
>- }
>-
>- //
>- // Check whether to find the next user information.
>- //
>- if (NextInfo) {
>- if (InfoLen < User->UserProfileSize) {
>- UserInfo = (EFI_USER_INFO *) (User->ProfileInfo + InfoLen);
>- InfoLen += ALIGN_VARIABLE (UserInfo->InfoSize);
>- if (InfoLen < User->UserProfileSize) {
>- *Info = (EFI_USER_INFO *) (User->ProfileInfo + InfoLen);
>- if (Offset != NULL) {
>- *Offset = InfoLen;
>- }
>- } else if (InfoLen == User->UserProfileSize) {
>- *Info = NULL;
>- return EFI_NOT_FOUND;
>- }
>- } else {
>- if (*Info == NULL) {
>- *Info = (EFI_USER_INFO *) User->ProfileInfo;
>- if (Offset != NULL) {
>- *Offset = 0;
>- }
>- } else {
>- *Info = NULL;
>- return EFI_NOT_FOUND;
>- }
>- }
>- } else if (InfoLen == User->UserProfileSize) {
>- return EFI_NOT_FOUND;
>- }
>-
>- return EFI_SUCCESS;
>-}
>-
>-/**
>- Find a user infomation record by the information record type.
>-
>- This function searches all user information records of User. The search starts
>with the
>- user information record following Info and continues until either the
>information is found
>- or there are no more user infomation record.
>- A match occurs when a Info.InfoType field matches the user information
>record type.
>-
>- @param[in] User Points to the user profile record to search.
>- @param[in, out] Info On entry, points to the user information record or
>NULL to start
>- searching with the first user information record.
>- On return, points to the user information record or NULL if not
>found.
>- @param[in] InfoType The infomation type to be searched.
>-
>- @retval EFI_SUCCESS User information was found. Info points to the
>user information record.
>- @retval EFI_NOT_FOUND User information was not found.
>- @retval EFI_INVALID_PARAMETER User is NULL or Info is NULL.
>-
>-**/
>-EFI_STATUS
>-FindUserInfoByType (
>- IN USER_PROFILE_ENTRY *User,
>- IN OUT EFI_USER_INFO **Info,
>- IN UINT8 InfoType
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *UserInfo;
>- UINTN InfoLen;
>-
>- if (Info == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Check whether the user has the specified user information.
>- //
>- InfoLen = 0;
>- if (*Info == NULL) {
>- Status = FindUserProfile (&User, FALSE, NULL);
>- } else {
>- Status = FindUserInfo (User, Info, TRUE, &InfoLen);
>- }
>-
>- if (EFI_ERROR (Status)) {
>- return EFI_NOT_FOUND;
>- }
>-
>- while (InfoLen < User->UserProfileSize) {
>- UserInfo = (EFI_USER_INFO *) (User->ProfileInfo + InfoLen);
>- if (UserInfo->InfoType == InfoType) {
>- if (UserInfo != *Info) {
>- *Info = UserInfo;
>- return EFI_SUCCESS;
>- }
>- }
>-
>- InfoLen += ALIGN_VARIABLE (UserInfo->InfoSize);
>- }
>-
>- *Info = NULL;
>- return EFI_NOT_FOUND;
>-}
>-
>-/**
>- Find a user using a user information record.
>-
>- This function searches all user profiles for the specified user information
>record. The
>- search starts with the user information record handle following UserInfo
>and continues
>- until either the information is found or there are no more user profiles.
>- A match occurs when the Info.InfoType field matches the user information
>record type and the
>- user information record data matches the portion of Info passed the
>EFI_USER_INFO header.
>-
>- @param[in, out] User On entry, points to the previously returned user
>profile record,
>- or NULL to start searching with the first user profile.
>- On return, points to the user profile entry, or NULL if not found.
>- @param[in, out] UserInfo On entry, points to the previously returned user
>information record,
>- or NULL to start searching with the first.
>- On return, points to the user information record, or NULL if not
>found.
>- @param[in] Info Points to the buffer containing the user information to
>be compared
>- to the user information record.
>- @param[in] InfoSize The size of Info, in bytes. Same as Info->InfoSize.
>-
>- @retval EFI_SUCCESS User information was found. User points to the
>user profile record,
>- and UserInfo points to the user information record.
>- @retval EFI_NOT_FOUND User information was not found.
>- @retval EFI_INVALID_PARAMETER User is NULL; Info is NULL; or, InfoSize is
>too small.
>-
>-**/
>-EFI_STATUS
>-FindUserProfileByInfo (
>- IN OUT USER_PROFILE_ENTRY **User,
>- IN OUT EFI_USER_INFO **UserInfo, OPTIONAL
>- IN EFI_USER_INFO *Info,
>- IN UINTN InfoSize
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *InfoEntry;
>-
>-
>- if ((User == NULL) || (Info == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if (InfoSize < sizeof (EFI_USER_INFO)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if (UserInfo != NULL) {
>- InfoEntry = *UserInfo;
>- } else {
>- InfoEntry = NULL;
>- }
>- //
>- // Find user profile according to information.
>- //
>- if (*User == NULL) {
>- *User = mUserProfileDb->UserProfile[0];
>- }
>-
>- //
>- // Check user profile handle.
>- //
>- Status = FindUserProfile (User, FALSE, NULL);
>-
>- while (!EFI_ERROR (Status)) {
>- //
>- // Find the user information in a user profile.
>- //
>- while (TRUE) {
>- Status = FindUserInfoByType (*User, &InfoEntry, Info->InfoType);
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>-
>- if (InfoSize == Info->InfoSize) {
>- if (CompareMem ((UINT8 *) (InfoEntry + 1), (UINT8 *) (Info + 1), InfoSize
>- sizeof (EFI_USER_INFO)) == 0) {
>- //
>- // Found the infomation record.
>- //
>- if (UserInfo != NULL) {
>- *UserInfo = InfoEntry;
>- }
>- return EFI_SUCCESS;
>- }
>- }
>- }
>-
>- //
>- // Get next user profile.
>- //
>- InfoEntry = NULL;
>- Status = FindUserProfile (User, TRUE, NULL);
>- }
>-
>- return EFI_NOT_FOUND;
>-}
>-
>-
>-/**
>- Check whether the access policy is valid.
>-
>- @param[in] PolicyInfo Point to the access policy.
>- @param[in] InfoLen The policy length.
>-
>- @retval TRUE The policy is a valid access policy.
>- @retval FALSE The access policy is not a valid access policy.
>-
>-**/
>-BOOLEAN
>-CheckAccessPolicy (
>- IN UINT8 *PolicyInfo,
>- IN UINTN InfoLen
>- )
>-{
>- UINTN TotalLen;
>- UINTN ValueLen;
>- UINTN OffSet;
>- EFI_USER_INFO_ACCESS_CONTROL Access;
>- EFI_DEVICE_PATH_PROTOCOL *Path;
>- UINTN PathSize;
>-
>- TotalLen = 0;
>- while (TotalLen < InfoLen) {
>- //
>- // Check access policy according to type.
>- //
>- CopyMem (&Access, PolicyInfo + TotalLen, sizeof (Access));
>- ValueLen = Access.Size - sizeof (EFI_USER_INFO_ACCESS_CONTROL);
>- switch (Access.Type) {
>- case EFI_USER_INFO_ACCESS_FORBID_LOAD:
>- case EFI_USER_INFO_ACCESS_PERMIT_LOAD:
>- case EFI_USER_INFO_ACCESS_FORBID_CONNECT:
>- case EFI_USER_INFO_ACCESS_PERMIT_CONNECT:
>- OffSet = 0;
>- while (OffSet < ValueLen) {
>- Path = (EFI_DEVICE_PATH_PROTOCOL *) (PolicyInfo + TotalLen +
>sizeof (Access) + OffSet);
>- PathSize = GetDevicePathSize (Path);
>- OffSet += PathSize;
>- }
>- if (OffSet != ValueLen) {
>- return FALSE;
>- }
>- break;
>-
>- case EFI_USER_INFO_ACCESS_SETUP:
>- if (ValueLen % sizeof (EFI_GUID) != 0) {
>- return FALSE;
>- }
>- break;
>-
>- case EFI_USER_INFO_ACCESS_BOOT_ORDER:
>- if (ValueLen % sizeof (EFI_USER_INFO_ACCESS_BOOT_ORDER_HDR) != 0)
>{
>- return FALSE;
>- }
>- break;
>-
>- case EFI_USER_INFO_ACCESS_ENROLL_SELF:
>- case EFI_USER_INFO_ACCESS_ENROLL_OTHERS:
>- case EFI_USER_INFO_ACCESS_MANAGE:
>- if (ValueLen != 0) {
>- return FALSE;
>- }
>- break;
>-
>- default:
>- return FALSE;
>- break;
>- }
>-
>- TotalLen += Access.Size;
>- }
>-
>- if (TotalLen != InfoLen) {
>- return FALSE;
>- }
>-
>- return TRUE;
>-}
>-
>-
>-/**
>- Check whether the identity policy is valid.
>-
>- @param[in] PolicyInfo Point to the identity policy.
>- @param[in] InfoLen The policy length.
>-
>- @retval TRUE The policy is a valid identity policy.
>- @retval FALSE The access policy is not a valid identity policy.
>-
>-**/
>-BOOLEAN
>-CheckIdentityPolicy (
>- IN UINT8 *PolicyInfo,
>- IN UINTN InfoLen
>- )
>-{
>- UINTN TotalLen;
>- UINTN ValueLen;
>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>-
>- TotalLen = 0;
>-
>- //
>- // Check each part of policy expression.
>- //
>- while (TotalLen < InfoLen) {
>- //
>- // Check access polisy according to type.
>- //
>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) (PolicyInfo + TotalLen);
>- ValueLen = Identity->Length - sizeof (EFI_USER_INFO_IDENTITY_POLICY);
>- switch (Identity->Type) {
>- //
>- // Check False option.
>- //
>- case EFI_USER_INFO_IDENTITY_FALSE:
>- if (ValueLen != 0) {
>- return FALSE;
>- }
>- break;
>-
>- //
>- // Check True option.
>- //
>- case EFI_USER_INFO_IDENTITY_TRUE:
>- if (ValueLen != 0) {
>- return FALSE;
>- }
>- break;
>-
>- //
>- // Check negative operation.
>- //
>- case EFI_USER_INFO_IDENTITY_NOT:
>- if (ValueLen != 0) {
>- return FALSE;
>- }
>- break;
>-
>- //
>- // Check and operation.
>- //
>- case EFI_USER_INFO_IDENTITY_AND:
>- if (ValueLen != 0) {
>- return FALSE;
>- }
>- break;
>-
>- //
>- // Check or operation.
>- //
>- case EFI_USER_INFO_IDENTITY_OR:
>- if (ValueLen != 0) {
>- return FALSE;
>- }
>- break;
>-
>- //
>- // Check credential provider by type.
>- //
>- case EFI_USER_INFO_IDENTITY_CREDENTIAL_TYPE:
>- if (ValueLen != sizeof (EFI_GUID)) {
>- return FALSE;
>- }
>- break;
>-
>- //
>- // Check credential provider by ID.
>- //
>- case EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER:
>- if (ValueLen != sizeof (EFI_GUID)) {
>- return FALSE;
>- }
>- break;
>-
>- default:
>- return FALSE;
>- break;
>- }
>-
>- TotalLen += Identity->Length;
>- }
>-
>- if (TotalLen != InfoLen) {
>- return FALSE;
>- }
>-
>- return TRUE;
>-}
>-
>-
>-/**
>- Check whether the user information is a valid user information record.
>-
>- @param[in] Info points to the user information.
>-
>- @retval TRUE The info is a valid user information record.
>- @retval FALSE The info is not a valid user information record.
>-
>-**/
>-BOOLEAN
>-CheckUserInfo (
>- IN CONST EFI_USER_INFO *Info
>- )
>-{
>- UINTN InfoLen;
>-
>- if (Info == NULL) {
>- return FALSE;
>- }
>- //
>- // Check user information according to information type.
>- //
>- InfoLen = Info->InfoSize - sizeof (EFI_USER_INFO);
>- switch (Info->InfoType) {
>- case EFI_USER_INFO_EMPTY_RECORD:
>- if (InfoLen != 0) {
>- return FALSE;
>- }
>- break;
>-
>- case EFI_USER_INFO_NAME_RECORD:
>- case EFI_USER_INFO_CREDENTIAL_TYPE_NAME_RECORD:
>- case EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD:
>- break;
>-
>- case EFI_USER_INFO_CREATE_DATE_RECORD:
>- case EFI_USER_INFO_USAGE_DATE_RECORD:
>- if (InfoLen != sizeof (EFI_TIME)) {
>- return FALSE;
>- }
>- break;
>-
>- case EFI_USER_INFO_USAGE_COUNT_RECORD:
>- if (InfoLen != sizeof (UINT64)) {
>- return FALSE;
>- }
>- break;
>-
>- case EFI_USER_INFO_IDENTIFIER_RECORD:
>- if (InfoLen != 16) {
>- return FALSE;
>- }
>- break;
>-
>- case EFI_USER_INFO_CREDENTIAL_TYPE_RECORD:
>- case EFI_USER_INFO_CREDENTIAL_PROVIDER_RECORD:
>- case EFI_USER_INFO_GUID_RECORD:
>- if (InfoLen != sizeof (EFI_GUID)) {
>- return FALSE;
>- }
>- break;
>-
>- case EFI_USER_INFO_PKCS11_RECORD:
>- case EFI_USER_INFO_CBEFF_RECORD:
>- break;
>-
>- case EFI_USER_INFO_FAR_RECORD:
>- case EFI_USER_INFO_RETRY_RECORD:
>- if (InfoLen != 1) {
>- return FALSE;
>- }
>- break;
>-
>- case EFI_USER_INFO_ACCESS_POLICY_RECORD:
>- if(!CheckAccessPolicy ((UINT8 *) (Info + 1), InfoLen)) {
>- return FALSE;
>- }
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_POLICY_RECORD:
>- if (!CheckIdentityPolicy ((UINT8 *) (Info + 1), InfoLen)) {
>- return FALSE;
>- }
>- break;
>-
>- default:
>- return FALSE;
>- break;
>- }
>-
>- return TRUE;
>-}
>-
>-
>-/**
>- Check the user profile data format to be added.
>-
>- @param[in] UserProfileInfo Points to the user profile data.
>- @param[in] UserProfileSize The length of user profile data.
>-
>- @retval TRUE It is a valid user profile.
>- @retval FALSE It is not a valid user profile.
>-
>-**/
>-BOOLEAN
>-CheckProfileInfo (
>- IN UINT8 *UserProfileInfo,
>- IN UINTN UserProfileSize
>- )
>-{
>- UINTN ChkLen;
>- EFI_USER_INFO *Info;
>-
>- if (UserProfileInfo == NULL) {
>- return FALSE;
>- }
>-
>- //
>- // Check user profile information length.
>- //
>- ChkLen = 0;
>- while (ChkLen < UserProfileSize) {
>- Info = (EFI_USER_INFO *) (UserProfileInfo + ChkLen);
>- //
>- // Check user information format.
>- //
>- if (!CheckUserInfo (Info)) {
>- return FALSE;
>- }
>-
>- ChkLen += ALIGN_VARIABLE (Info->InfoSize);
>- }
>-
>- if (ChkLen != UserProfileSize) {
>- return FALSE;
>- }
>-
>- return TRUE;
>-}
>-
>-
>-/**
>- Find the specified RightType in current user profile.
>-
>- @param[in] RightType Could be EFI_USER_INFO_ACCESS_MANAGE,
>- EFI_USER_INFO_ACCESS_ENROLL_OTHERS or
>- EFI_USER_INFO_ACCESS_ENROLL_SELF.
>-
>- @retval TRUE Find the specified RightType in current user profile.
>- @retval FALSE Can't find the right in the profile.
>-
>-**/
>-BOOLEAN
>-CheckCurrentUserAccessRight (
>- IN UINT32 RightType
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *Info;
>- UINTN TotalLen;
>- UINTN CheckLen;
>- EFI_USER_INFO_ACCESS_CONTROL Access;
>-
>- //
>- // Get user access right information.
>- //
>- Info = NULL;
>- Status = FindUserInfoByType (
>- (USER_PROFILE_ENTRY *) mCurrentUser,
>- &Info,
>- EFI_USER_INFO_ACCESS_POLICY_RECORD
>- );
>- if (EFI_ERROR (Status)) {
>- return FALSE;
>- }
>-
>- ASSERT (Info != NULL);
>- TotalLen = Info->InfoSize - sizeof (EFI_USER_INFO);
>- CheckLen = 0;
>- while (CheckLen < TotalLen) {
>- //
>- // Check right according to access type.
>- //
>- CopyMem (&Access, (UINT8 *) (Info + 1) + CheckLen, sizeof (Access));
>- if (Access.Type == RightType) {
>- return TRUE;;
>- }
>-
>- CheckLen += Access.Size;
>- }
>-
>- return FALSE;
>-}
>-
>-
>-/**
>- Create a unique user identifier.
>-
>- @param[out] Identifier This points to the identifier.
>-
>-**/
>-VOID
>-GenerateIdentifier (
>- OUT UINT8 *Identifier
>- )
>-{
>- EFI_TIME Time;
>- UINT64 MonotonicCount;
>- UINT32 *MonotonicPointer;
>- UINTN Index;
>-
>- //
>- // Create a unique user identifier.
>- //
>- gRT->GetTime (&Time, NULL);
>- CopyMem (Identifier, &Time, sizeof (EFI_TIME));
>- //
>- // Remove zeros.
>- //
>- for (Index = 0; Index < sizeof (EFI_TIME); Index++) {
>- if (Identifier[Index] == 0) {
>- Identifier[Index] = 0x5a;
>- }
>- }
>-
>- MonotonicPointer = (UINT32 *) Identifier;
>- gBS->GetNextMonotonicCount (&MonotonicCount);
>- MonotonicPointer[0] += (UINT32) MonotonicCount;
>- MonotonicPointer[1] += (UINT32) MonotonicCount;
>- MonotonicPointer[2] += (UINT32) MonotonicCount;
>- MonotonicPointer[3] += (UINT32) MonotonicCount;
>-}
>-
>-
>-/**
>- Generate unique user ID.
>-
>- @param[out] UserId Points to the user identifer.
>-
>-**/
>-VOID
>-GenerateUserId (
>- OUT UINT8 *UserId
>- )
>-{
>- EFI_STATUS Status;
>- USER_PROFILE_ENTRY *UserProfile;
>- EFI_USER_INFO *UserInfo;
>- UINTN Index;
>-
>- //
>- // Generate unique user ID
>- //
>- while (TRUE) {
>- GenerateIdentifier (UserId);
>- //
>- // Check whether it's unique in user profile database.
>- //
>- if (mUserProfileDb == NULL) {
>- return ;
>- }
>-
>- for (Index = 0; Index < mUserProfileDb->UserProfileNum; Index++) {
>- UserProfile = (USER_PROFILE_ENTRY *) (mUserProfileDb-
>>UserProfile[Index]);
>- UserInfo = NULL;
>- Status = FindUserInfoByType (UserProfile, &UserInfo,
>EFI_USER_INFO_IDENTIFIER_RECORD);
>- if (EFI_ERROR (Status)) {
>- continue;
>- }
>-
>- if (CompareMem ((UINT8 *) (UserInfo + 1), UserId, sizeof
>(EFI_USER_INFO_IDENTIFIER)) == 0) {
>- break;
>- }
>- }
>-
>- if (Index == mUserProfileDb->UserProfileNum) {
>- return ;
>- }
>- }
>-}
>-
>-
>-/**
>- Expand user profile database.
>-
>- @retval TRUE Success to expand user profile database.
>- @retval FALSE Fail to expand user profile database.
>-
>-**/
>-BOOLEAN
>-ExpandUsermUserProfileDb (
>- VOID
>- )
>-{
>- UINTN MaxNum;
>- USER_PROFILE_DB *NewDataBase;
>-
>- //
>- // Create new user profile database.
>- //
>- if (mUserProfileDb == NULL) {
>- MaxNum = USER_NUMBER_INC;
>- } else {
>- MaxNum = mUserProfileDb->MaxProfileNum + USER_NUMBER_INC;
>- }
>-
>- NewDataBase = AllocateZeroPool (
>- sizeof (USER_PROFILE_DB) - sizeof (EFI_USER_PROFILE_HANDLE) +
>- MaxNum * sizeof (EFI_USER_PROFILE_HANDLE)
>- );
>- if (NewDataBase == NULL) {
>- return FALSE;
>- }
>-
>- NewDataBase->MaxProfileNum = MaxNum;
>-
>- //
>- // Copy old user profile database value
>- //
>- if (mUserProfileDb == NULL) {
>- NewDataBase->UserProfileNum = 0;
>- } else {
>- NewDataBase->UserProfileNum = mUserProfileDb->UserProfileNum;
>- CopyMem (
>- NewDataBase->UserProfile,
>- mUserProfileDb->UserProfile,
>- NewDataBase->UserProfileNum * sizeof (EFI_USER_PROFILE_HANDLE)
>- );
>- FreePool (mUserProfileDb);
>- }
>-
>- mUserProfileDb = NewDataBase;
>- return TRUE;
>-}
>-
>-
>-/**
>- Expand user profile
>-
>- @param[in] User Points to user profile.
>- @param[in] ExpandSize The size of user profile.
>-
>- @retval TRUE Success to expand user profile size.
>- @retval FALSE Fail to expand user profile size.
>-
>-**/
>-BOOLEAN
>-ExpandUserProfile (
>- IN USER_PROFILE_ENTRY *User,
>- IN UINTN ExpandSize
>- )
>-{
>- UINT8 *Info;
>- UINTN InfoSizeInc;
>-
>- //
>- // Allocate new memory.
>- //
>- InfoSizeInc = 128;
>- User->MaxProfileSize += ((ExpandSize + InfoSizeInc - 1) / InfoSizeInc) *
>InfoSizeInc;
>- Info = AllocateZeroPool (User->MaxProfileSize);
>- if (Info == NULL) {
>- return FALSE;
>- }
>-
>- //
>- // Copy exist information.
>- //
>- if (User->UserProfileSize > 0) {
>- CopyMem (Info, User->ProfileInfo, User->UserProfileSize);
>- FreePool (User->ProfileInfo);
>- }
>-
>- User->ProfileInfo = Info;
>- return TRUE;
>-}
>-
>-
>-/**
>- Save the user profile to non-volatile memory, or delete it from non-volatile
>memory.
>-
>- @param[in] User Point to the user profile
>- @param[in] Delete If TRUE, delete the found user profile.
>- If FALSE, save the user profile.
>- @retval EFI_SUCCESS Save or delete user profile successfully.
>- @retval Others Fail to change the profile.
>-
>-**/
>-EFI_STATUS
>-SaveNvUserProfile (
>- IN USER_PROFILE_ENTRY *User,
>- IN BOOLEAN Delete
>- )
>-{
>- EFI_STATUS Status;
>-
>- //
>- // Check user profile entry.
>- //
>- Status = FindUserProfile (&User, FALSE, NULL);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Save the user profile to non-volatile memory.
>- //
>- Status = gRT->SetVariable (
>- User->UserVarName,
>- &gUserIdentifyManagerGuid,
>- EFI_VARIABLE_NON_VOLATILE |
>EFI_VARIABLE_BOOTSERVICE_ACCESS,
>- Delete ? 0 : User->UserProfileSize,
>- User->ProfileInfo
>- );
>- return Status;
>-}
>-
>-/**
>- Add one new user info into the user's profile.
>-
>- @param[in] User point to the user profile
>- @param[in] Info Points to the user information payload.
>- @param[in] InfoSize The size of the user information payload, in bytes.
>- @param[out] UserInfo Point to the new info in user profile
>- @param[in] Save If TRUE, save the profile to NV flash.
>- If FALSE, don't need to save the profile to NV flash.
>-
>- @retval EFI_SUCCESS Add user info to user profile successfully.
>- @retval Others Fail to add user info to user profile.
>-
>-**/
>-EFI_STATUS
>-AddUserInfo (
>- IN USER_PROFILE_ENTRY *User,
>- IN UINT8 *Info,
>- IN UINTN InfoSize,
>- OUT EFI_USER_INFO **UserInfo, OPTIONAL
>- IN BOOLEAN Save
>- )
>-{
>- EFI_STATUS Status;
>-
>- if ((Info == NULL) || (User == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Check user profile handle.
>- //
>- Status = FindUserProfile (&User, FALSE, NULL);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Check user information memory size.
>- //
>- if (User->MaxProfileSize - User->UserProfileSize < ALIGN_VARIABLE
>(InfoSize)) {
>- if (!ExpandUserProfile (User, ALIGN_VARIABLE (InfoSize))) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>- }
>-
>- //
>- // Add new user information.
>- //
>- CopyMem (User->ProfileInfo + User->UserProfileSize, Info, InfoSize);
>- if (UserInfo != NULL) {
>- *UserInfo = (EFI_USER_INFO *) (User->ProfileInfo + User-
>>UserProfileSize);
>- }
>- User->UserProfileSize += ALIGN_VARIABLE (InfoSize);
>-
>- //
>- // Save user profile information.
>- //
>- if (Save) {
>- Status = SaveNvUserProfile (User, FALSE);
>- }
>-
>- return Status;
>-}
>-
>-
>-/**
>- Get the user info from the specified user info handle.
>-
>- @param[in] User Point to the user profile.
>- @param[in] UserInfo Point to the user information record to get.
>- @param[out] Info On entry, points to a buffer of at least *InfoSize
>bytes.
>- On exit, holds the user information.
>- @param[in, out] InfoSize On entry, points to the size of Info.
>- On return, points to the size of the user information.
>- @param[in] ChkRight If TRUE, check the user info attribute.
>- If FALSE, don't check the user info attribute.
>-
>-
>- @retval EFI_ACCESS_DENIED The information cannot be accessed by the
>current user.
>- @retval EFI_INVALID_PARAMETER InfoSize is NULL or UserInfo is NULL.
>- @retval EFI_BUFFER_TOO_SMALL The number of bytes specified by
>*InfoSize is too small to hold the
>- returned data. The actual size required is returned in
>*InfoSize.
>- @retval EFI_SUCCESS Information returned successfully.
>-
>-**/
>-EFI_STATUS
>-GetUserInfo (
>- IN USER_PROFILE_ENTRY *User,
>- IN EFI_USER_INFO *UserInfo,
>- OUT EFI_USER_INFO *Info,
>- IN OUT UINTN *InfoSize,
>- IN BOOLEAN ChkRight
>- )
>-{
>- EFI_STATUS Status;
>-
>- if ((InfoSize == NULL) || (UserInfo == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if ((*InfoSize != 0) && (Info == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Find the user information to get.
>- //
>- Status = FindUserInfo (User, &UserInfo, FALSE, NULL);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Check information attributes.
>- //
>- if (ChkRight) {
>- switch (UserInfo->InfoAttribs & EFI_USER_INFO_ACCESS) {
>- case EFI_USER_INFO_PRIVATE:
>- case EFI_USER_INFO_PROTECTED:
>- if (User != mCurrentUser) {
>- return EFI_ACCESS_DENIED;
>- }
>- break;
>-
>- case EFI_USER_INFO_PUBLIC:
>- break;
>-
>- default:
>- return EFI_INVALID_PARAMETER;
>- break;
>- }
>- }
>-
>- //
>- // Get user information.
>- //
>- if (UserInfo->InfoSize > *InfoSize) {
>- *InfoSize = UserInfo->InfoSize;
>- return EFI_BUFFER_TOO_SMALL;
>- }
>-
>- *InfoSize = UserInfo->InfoSize;
>- if (Info != NULL) {
>- CopyMem (Info, UserInfo, *InfoSize);
>- }
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Delete the specified user information from user profile.
>-
>- @param[in] User Point to the user profile.
>- @param[in] Info Point to the user information record to delete.
>- @param[in] Save If TRUE, save the profile to NV flash.
>- If FALSE, don't need to save the profile to NV flash.
>-
>- @retval EFI_SUCCESS Delete user info from user profile successfully.
>- @retval Others Fail to delete user info from user profile.
>-
>-**/
>-EFI_STATUS
>-DelUserInfo (
>- IN USER_PROFILE_ENTRY *User,
>- IN EFI_USER_INFO *Info,
>- IN BOOLEAN Save
>- )
>-{
>- EFI_STATUS Status;
>- UINTN Offset;
>- UINTN NextOffset;
>-
>- //
>- // Check user information handle.
>- //
>- Status = FindUserInfo (User, &Info, FALSE, &Offset);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- if (Info->InfoType == EFI_USER_INFO_IDENTIFIER_RECORD) {
>- return EFI_ACCESS_DENIED;
>- }
>-
>- //
>- // Delete the specified user information.
>- //
>- NextOffset = Offset + ALIGN_VARIABLE (Info->InfoSize);
>- User->UserProfileSize -= ALIGN_VARIABLE (Info->InfoSize);
>- if (Offset < User->UserProfileSize) {
>- CopyMem (User->ProfileInfo + Offset, User->ProfileInfo + NextOffset,
>User->UserProfileSize - Offset);
>- }
>-
>- if (Save) {
>- Status = SaveNvUserProfile (User, FALSE);
>- }
>-
>- return Status;
>-}
>-
>-
>-/**
>- Add or update user information.
>-
>- @param[in] User Point to the user profile.
>- @param[in, out] UserInfo On entry, points to the user information to
>modify,
>- or NULL to add a new UserInfo.
>- On return, points to the modified user information.
>- @param[in] Info Points to the new user information.
>- @param[in] InfoSize The size of Info,in bytes.
>-
>- @retval EFI_INVALID_PARAMETER UserInfo is NULL or Info is NULL.
>- @retval EFI_ACCESS_DENIED The record is exclusive.
>- @retval EFI_SUCCESS User information was successfully
>changed/added.
>-
>-**/
>-EFI_STATUS
>-ModifyUserInfo (
>- IN USER_PROFILE_ENTRY *User,
>- IN OUT EFI_USER_INFO **UserInfo,
>- IN CONST EFI_USER_INFO *Info,
>- IN UINTN InfoSize
>- )
>-{
>- EFI_STATUS Status;
>- UINTN PayloadLen;
>- EFI_USER_INFO *OldInfo;
>-
>- if ((UserInfo == NULL) || (Info == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if (InfoSize < sizeof (EFI_USER_INFO) || InfoSize != Info->InfoSize) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Check user information.
>- //
>- if (Info->InfoType == EFI_USER_INFO_IDENTIFIER_RECORD) {
>- return EFI_ACCESS_DENIED;
>- }
>-
>- if (!CheckUserInfo (Info)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>-
>- if (*UserInfo == NULL) {
>- //
>- // Add new user information.
>- //
>- OldInfo = NULL;
>- do {
>- Status = FindUserInfoByType (User, &OldInfo, Info->InfoType);
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>- ASSERT (OldInfo != NULL);
>-
>- if (((OldInfo->InfoAttribs & EFI_USER_INFO_EXCLUSIVE) != 0) ||
>- ((Info->InfoAttribs & EFI_USER_INFO_EXCLUSIVE) != 0)) {
>- //
>- // Same type can not co-exist for exclusive information.
>- //
>- return EFI_ACCESS_DENIED;
>- }
>-
>- //
>- // Check whether it exists in DB.
>- //
>- if (Info->InfoSize != OldInfo->InfoSize) {
>- continue;
>- }
>-
>- if (!CompareGuid (&OldInfo->Credential, &Info->Credential)) {
>- continue;
>- }
>-
>- PayloadLen = Info->InfoSize - sizeof (EFI_USER_INFO);
>- if (PayloadLen == 0) {
>- continue;
>- }
>-
>- if (CompareMem ((UINT8 *)(OldInfo + 1), (UINT8 *)(Info + 1),
>PayloadLen) != 0) {
>- continue;
>- }
>-
>- //
>- // Yes. The new info is as same as the one in profile.
>- //
>- return EFI_SUCCESS;
>- } while (!EFI_ERROR (Status));
>-
>- Status = AddUserInfo (User, (UINT8 *) Info, InfoSize, UserInfo, TRUE);
>- return Status;
>- }
>-
>- //
>- // Modify existing user information.
>- //
>- OldInfo = *UserInfo;
>- if (OldInfo->InfoType != Info->InfoType) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if (((Info->InfoAttribs & EFI_USER_INFO_EXCLUSIVE) != 0) &&
>- (OldInfo->InfoAttribs & EFI_USER_INFO_EXCLUSIVE) == 0) {
>- //
>- // Try to add exclusive attrib in new info.
>- // Check whether there is another information with the same type in
>profile.
>- //
>- OldInfo = NULL;
>- do {
>- Status = FindUserInfoByType (User, &OldInfo, Info->InfoType);
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>- if (OldInfo != *UserInfo) {
>- //
>- // There is another information with the same type in profile.
>- // Therefore, can't modify existing user information to add exclusive
>attribute.
>- //
>- return EFI_ACCESS_DENIED;
>- }
>- } while (TRUE);
>- }
>-
>- Status = DelUserInfo (User, *UserInfo, FALSE);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- return AddUserInfo (User, (UINT8 *) Info, InfoSize, UserInfo, TRUE);
>-}
>-
>-
>-/**
>- Delete the user profile from non-volatile memory and database.
>-
>- @param[in] User Points to the user profile.
>-
>- @retval EFI_SUCCESS Delete user from the user profile successfully.
>- @retval Others Fail to delete user from user profile
>-
>-**/
>-EFI_STATUS
>-DelUserProfile (
>- IN USER_PROFILE_ENTRY *User
>- )
>-{
>- EFI_STATUS Status;
>- UINTN Index;
>-
>- //
>- // Check whether it is in the user profile database.
>- //
>- Status = FindUserProfile (&User, FALSE, &Index);
>- if (EFI_ERROR (Status)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Check whether it is the current user.
>- //
>- if (User == mCurrentUser) {
>- return EFI_ACCESS_DENIED;
>- }
>-
>- //
>- // Delete user profile from the non-volatile memory.
>- //
>- Status = SaveNvUserProfile (mUserProfileDb-
>>UserProfile[mUserProfileDb->UserProfileNum - 1], TRUE);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>- mUserProfileDb->UserProfileNum--;
>-
>- //
>- // Modify user profile database.
>- //
>- if (Index != mUserProfileDb->UserProfileNum) {
>- mUserProfileDb->UserProfile[Index] = mUserProfileDb-
>>UserProfile[mUserProfileDb->UserProfileNum];
>- CopyMem (
>- ((USER_PROFILE_ENTRY *) mUserProfileDb->UserProfile[Index])-
>>UserVarName,
>- User->UserVarName,
>- sizeof (User->UserVarName)
>- );
>- Status = SaveNvUserProfile (mUserProfileDb->UserProfile[Index], FALSE);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>- }
>- //
>- // Delete user profile information.
>- //
>- if (User->ProfileInfo != NULL) {
>- FreePool (User->ProfileInfo);
>- }
>-
>- FreePool (User);
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Add user profile to user profile database.
>-
>- @param[out] UserProfile Point to the newly added user profile.
>- @param[in] ProfileSize The size of the user profile.
>- @param[in] ProfileInfo Point to the user profie data.
>- @param[in] Save If TRUE, save the new added profile to NV flash.
>- If FALSE, don't save the profile to NV flash.
>-
>- @retval EFI_SUCCESS Add user profile to user profile database
>successfully.
>- @retval Others Fail to add user profile to user profile database.
>-
>-**/
>-EFI_STATUS
>-AddUserProfile (
>- OUT USER_PROFILE_ENTRY **UserProfile, OPTIONAL
>- IN UINTN ProfileSize,
>- IN UINT8 *ProfileInfo,
>- IN BOOLEAN Save
>- )
>-{
>- EFI_STATUS Status;
>- USER_PROFILE_ENTRY *User;
>-
>- //
>- // Check the data format to be added.
>- //
>- if (!CheckProfileInfo (ProfileInfo, ProfileSize)) {
>- return EFI_SECURITY_VIOLATION;
>- }
>-
>- //
>- // Create user profile entry.
>- //
>- User = AllocateZeroPool (sizeof (USER_PROFILE_ENTRY));
>- if (User == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>- //
>- // Add the entry to the user profile database.
>- //
>- if (mUserProfileDb->UserProfileNum == mUserProfileDb->MaxProfileNum)
>{
>- if (!ExpandUsermUserProfileDb ()) {
>- FreePool (User);
>- return EFI_OUT_OF_RESOURCES;
>- }
>- }
>-
>- UnicodeSPrint (
>- User->UserVarName,
>- sizeof (User->UserVarName),
>- L"User%04x",
>- mUserProfileDb->UserProfileNum
>- );
>- User->UserProfileSize = 0;
>- User->MaxProfileSize = 0;
>- User->ProfileInfo = NULL;
>- mUserProfileDb->UserProfile[mUserProfileDb->UserProfileNum] =
>(EFI_USER_PROFILE_HANDLE) User;
>- mUserProfileDb->UserProfileNum++;
>-
>- //
>- // Add user profile information.
>- //
>- Status = AddUserInfo (User, ProfileInfo, ProfileSize, NULL, Save);
>- if (EFI_ERROR (Status)) {
>- DelUserProfile (User);
>- return Status;
>- }
>- //
>- // Set new user profile handle.
>- //
>- if (UserProfile != NULL) {
>- *UserProfile = User;
>- }
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- This function creates a new user profile with only a new user identifier
>- attached and returns its handle. The user profile is non-volatile, but the
>- handle User can change across reboots.
>-
>- @param[out] User Handle of a new user profile.
>-
>- @retval EFI_SUCCESS User profile was successfully created.
>- @retval Others Fail to create user profile
>-
>-**/
>-EFI_STATUS
>-CreateUserProfile (
>- OUT USER_PROFILE_ENTRY **User
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *UserInfo;
>-
>- if (User == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>- //
>- // Generate user id information.
>- //
>- UserInfo = AllocateZeroPool (sizeof (EFI_USER_INFO) + sizeof
>(EFI_USER_INFO_IDENTIFIER));
>- if (UserInfo == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- UserInfo->InfoType = EFI_USER_INFO_IDENTIFIER_RECORD;
>- UserInfo->InfoSize = sizeof (EFI_USER_INFO) + sizeof
>(EFI_USER_INFO_IDENTIFIER);
>- UserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
>- GenerateUserId ((UINT8 *) (UserInfo + 1));
>-
>- //
>- // Add user profile to the user profile database.
>- //
>- Status = AddUserProfile (User, UserInfo->InfoSize, (UINT8 *) UserInfo,
>TRUE);
>- FreePool (UserInfo);
>- return Status;
>-}
>-
>-
>-/**
>- Add a default user profile to user profile database.
>-
>- @retval EFI_SUCCESS A default user profile is added successfully.
>- @retval Others Fail to add a default user profile
>-
>-**/
>-EFI_STATUS
>-AddDefaultUserProfile (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- USER_PROFILE_ENTRY *User;
>- EFI_USER_INFO *Info;
>- EFI_USER_INFO *NewInfo;
>- EFI_USER_INFO_CREATE_DATE CreateDate;
>- EFI_USER_INFO_USAGE_COUNT UsageCount;
>- EFI_USER_INFO_ACCESS_CONTROL *Access;
>- EFI_USER_INFO_IDENTITY_POLICY *Policy;
>-
>- //
>- // Create a user profile.
>- //
>- Status = CreateUserProfile (&User);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Allocate a buffer to add all default user information.
>- //
>- Info = AllocateZeroPool (sizeof (EFI_USER_INFO) + INFO_PAYLOAD_SIZE);
>- if (Info == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- //
>- // Add user name.
>- //
>- Info->InfoType = EFI_USER_INFO_NAME_RECORD;
>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
>- Info->InfoSize = sizeof (EFI_USER_INFO) + sizeof (mUserName);
>- CopyMem ((UINT8 *) (Info + 1), mUserName, sizeof (mUserName));
>- NewInfo = NULL;
>- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
>- if (EFI_ERROR (Status)) {
>- goto Done;
>- }
>-
>- //
>- // Add user profile create date record.
>- //
>- Info->InfoType = EFI_USER_INFO_CREATE_DATE_RECORD;
>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
>- Info->InfoSize = sizeof (EFI_USER_INFO) + sizeof
>(EFI_USER_INFO_CREATE_DATE);
>- Status = gRT->GetTime (&CreateDate, NULL);
>- if (EFI_ERROR (Status)) {
>- goto Done;
>- }
>-
>- CopyMem ((UINT8 *) (Info + 1), &CreateDate, sizeof
>(EFI_USER_INFO_CREATE_DATE));
>- NewInfo = NULL;
>- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
>- if (EFI_ERROR (Status)) {
>- goto Done;
>- }
>-
>- //
>- // Add user profile usage count record.
>- //
>- Info->InfoType = EFI_USER_INFO_USAGE_COUNT_RECORD;
>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
>- Info->InfoSize = sizeof (EFI_USER_INFO) + sizeof
>(EFI_USER_INFO_USAGE_COUNT);
>- UsageCount = 0;
>- CopyMem ((UINT8 *) (Info + 1), &UsageCount, sizeof
>(EFI_USER_INFO_USAGE_COUNT));
>- NewInfo = NULL;
>- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
>- if (EFI_ERROR (Status)) {
>- goto Done;
>- }
>-
>- //
>- // Add user access right.
>- //
>- Info->InfoType = EFI_USER_INFO_ACCESS_POLICY_RECORD;
>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
>- Access = (EFI_USER_INFO_ACCESS_CONTROL *) (Info + 1);
>- Access->Type = EFI_USER_INFO_ACCESS_MANAGE;
>- Access->Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL);
>- Info->InfoSize = sizeof (EFI_USER_INFO) + Access->Size;
>- NewInfo = NULL;
>- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
>- if (EFI_ERROR (Status)) {
>- goto Done;
>- }
>-
>- //
>- // Add user identity policy.
>- //
>- Info->InfoType = EFI_USER_INFO_IDENTITY_POLICY_RECORD;
>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>EFI_USER_INFO_PRIVATE | EFI_USER_INFO_EXCLUSIVE;
>- Policy = (EFI_USER_INFO_IDENTITY_POLICY *) (Info + 1);
>- Policy->Type = EFI_USER_INFO_IDENTITY_TRUE;
>- Policy->Length = sizeof (EFI_USER_INFO_IDENTITY_POLICY);
>- Info->InfoSize = sizeof (EFI_USER_INFO) + Policy->Length;
>- NewInfo = NULL;
>- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
>-
>-Done:
>- FreePool (Info);
>- return Status;
>-}
>-
>-
>-/**
>- Publish current user information into EFI System Configuration Table.
>-
>- By UEFI spec, the User Identity Manager will publish the current user profile
>- into the EFI System Configuration Table. Currently, only the user identifier
>and user
>- name are published.
>-
>- @retval EFI_SUCCESS Current user information is published successfully.
>- @retval Others Fail to publish current user information
>-
>-**/
>-EFI_STATUS
>-PublishUserTable (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- EFI_CONFIGURATION_TABLE *EfiConfigurationTable;
>- EFI_USER_INFO_TABLE *UserInfoTable;
>- EFI_USER_INFO *IdInfo;
>- EFI_USER_INFO *NameInfo;
>-
>- Status = EfiGetSystemConfigurationTable (
>- &gEfiUserManagerProtocolGuid,
>- (VOID **) &EfiConfigurationTable
>- );
>- if (!EFI_ERROR (Status)) {
>- //
>- // The table existed!
>- //
>- return EFI_SUCCESS;
>- }
>-
>- //
>- // Get user ID information.
>- //
>- IdInfo = NULL;
>- Status = FindUserInfoByType (mCurrentUser, &IdInfo,
>EFI_USER_INFO_IDENTIFIER_RECORD);
>- if (EFI_ERROR (Status)) {
>- return Status;
>-
>- }
>- //
>- // Get user name information.
>- //
>- NameInfo = NULL;
>- Status = FindUserInfoByType (mCurrentUser, &NameInfo,
>EFI_USER_INFO_NAME_RECORD);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Allocate a buffer for user information table.
>- //
>- UserInfoTable = (EFI_USER_INFO_TABLE *) AllocateRuntimePool (
>- sizeof (EFI_USER_INFO_TABLE) +
>- IdInfo->InfoSize +
>- NameInfo->InfoSize
>- );
>- if (UserInfoTable == NULL) {
>- Status = EFI_OUT_OF_RESOURCES;
>- return Status;
>- }
>-
>- UserInfoTable->Size = sizeof (EFI_USER_INFO_TABLE);
>-
>- //
>- // Append the user information to the user info table
>- //
>- CopyMem ((UINT8 *) UserInfoTable + UserInfoTable->Size, (UINT8 *) IdInfo,
>IdInfo->InfoSize);
>- UserInfoTable->Size += IdInfo->InfoSize;
>-
>- CopyMem ((UINT8 *) UserInfoTable + UserInfoTable->Size, (UINT8 *)
>NameInfo, NameInfo->InfoSize);
>- UserInfoTable->Size += NameInfo->InfoSize;
>-
>- Status = gBS->InstallConfigurationTable (&gEfiUserManagerProtocolGuid,
>(VOID *) UserInfoTable);
>- return Status;
>-}
>-
>-
>-/**
>- Get the user's identity type.
>-
>- The identify manager only supports the identity policy in which the
>credential
>- provider handles are connected by the operator 'AND' or 'OR'.
>-
>-
>- @param[in] User Handle of a user profile.
>- @param[out] PolicyType Point to the identity type.
>-
>- @retval EFI_SUCCESS Get user's identity type successfully.
>- @retval Others Fail to get user's identity type.
>-
>-**/
>-EFI_STATUS
>-GetIdentifyType (
>- IN EFI_USER_PROFILE_HANDLE User,
>- OUT UINT8 *PolicyType
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *IdentifyInfo;
>- UINTN TotalLen;
>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>-
>- //
>- // Get user identify policy information.
>- //
>- IdentifyInfo = NULL;
>- Status = FindUserInfoByType (User, &IdentifyInfo,
>EFI_USER_INFO_IDENTITY_POLICY_RECORD);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>- ASSERT (IdentifyInfo != NULL);
>-
>- //
>- // Search the user identify policy according to type.
>- //
>- TotalLen = 0;
>- *PolicyType = EFI_USER_INFO_IDENTITY_FALSE;
>- while (TotalLen < IdentifyInfo->InfoSize - sizeof (EFI_USER_INFO)) {
>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) ((UINT8 *) (IdentifyInfo +
>1) + TotalLen);
>- if (Identity->Type == EFI_USER_INFO_IDENTITY_AND) {
>- *PolicyType = EFI_USER_INFO_IDENTITY_AND;
>- break;
>- }
>-
>- if (Identity->Type == EFI_USER_INFO_IDENTITY_OR) {
>- *PolicyType = EFI_USER_INFO_IDENTITY_OR;
>- break;
>- }
>- TotalLen += Identity->Length;
>- }
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Identify the User by the specfied provider.
>-
>- @param[in] User Handle of a user profile.
>- @param[in] Provider Points to the identifier of credential provider.
>-
>- @retval EFI_INVALID_PARAMETER Provider is NULL.
>- @retval EFI_NOT_FOUND Fail to identify the specified user.
>- @retval EFI_SUCCESS User is identified successfully.
>-
>-**/
>-EFI_STATUS
>-IdentifyByProviderId (
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN EFI_GUID *Provider
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO_IDENTIFIER UserId;
>- UINTN Index;
>- EFI_CREDENTIAL_LOGON_FLAGS AutoLogon;
>- EFI_HII_HANDLE HiiHandle;
>- EFI_GUID FormSetId;
>- EFI_FORM_ID FormId;
>- EFI_USER_CREDENTIAL2_PROTOCOL *UserCredential;
>-
>- if (Provider == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Check the user ID identified by the specified credential provider.
>- //
>- for (Index = 0; Index < mProviderDb->Count; Index++) {
>- //
>- // Check credential provider class.
>- //
>- UserCredential = mProviderDb->Provider[Index];
>- if (CompareGuid (&UserCredential->Identifier, Provider)) {
>- Status = UserCredential->Select (UserCredential, &AutoLogon);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- if ((AutoLogon & EFI_CREDENTIAL_LOGON_FLAG_AUTO) == 0) {
>- //
>- // Get credential provider form.
>- //
>- Status = UserCredential->Form (
>- UserCredential,
>- &HiiHandle,
>- &FormSetId,
>- &FormId
>- );
>- if (!EFI_ERROR (Status)) {
>- //
>- // Send form to get user input.
>- //
>- Status = mCallbackInfo->FormBrowser2->SendForm (
>- mCallbackInfo->FormBrowser2,
>- &HiiHandle,
>- 1,
>- &FormSetId,
>- FormId,
>- NULL,
>- NULL
>- );
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>- }
>- }
>-
>- Status = UserCredential->User (UserCredential, User, &UserId);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- Status = UserCredential->Deselect (UserCredential);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- return EFI_SUCCESS;
>- }
>- }
>-
>- return EFI_NOT_FOUND;
>-}
>-
>-
>-/**
>- Update user information when user is logon on successfully.
>-
>- @param[in] User Points to user profile.
>-
>- @retval EFI_SUCCESS Update user information successfully.
>- @retval Others Fail to update user information.
>-
>-**/
>-EFI_STATUS
>-UpdateUserInfo (
>- IN USER_PROFILE_ENTRY *User
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *Info;
>- EFI_USER_INFO *NewInfo;
>- EFI_USER_INFO_CREATE_DATE Date;
>- EFI_USER_INFO_USAGE_COUNT UsageCount;
>- UINTN InfoLen;
>-
>- //
>- // Allocate a buffer to update user's date record and usage record.
>- //
>- InfoLen = MAX (sizeof (EFI_USER_INFO_CREATE_DATE), sizeof
>(EFI_USER_INFO_USAGE_COUNT));
>- Info = AllocateZeroPool (sizeof (EFI_USER_INFO) + InfoLen);
>- if (Info == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- //
>- // Check create date record.
>- //
>- NewInfo = NULL;
>- Status = FindUserInfoByType (User, &NewInfo,
>EFI_USER_INFO_CREATE_DATE_RECORD);
>- if (Status == EFI_NOT_FOUND) {
>- Info->InfoType = EFI_USER_INFO_CREATE_DATE_RECORD;
>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
>- Info->InfoSize = sizeof (EFI_USER_INFO) + sizeof
>(EFI_USER_INFO_CREATE_DATE);
>- Status = gRT->GetTime (&Date, NULL);
>- if (EFI_ERROR (Status)) {
>- FreePool (Info);
>- return Status;
>- }
>-
>- CopyMem ((UINT8 *) (Info + 1), &Date, sizeof
>(EFI_USER_INFO_CREATE_DATE));
>- NewInfo = NULL;
>- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
>- if (EFI_ERROR (Status)) {
>- FreePool (Info);
>- return Status;
>- }
>- }
>-
>- //
>- // Update usage date record.
>- //
>- NewInfo = NULL;
>- Status = FindUserInfoByType (User, &NewInfo,
>EFI_USER_INFO_USAGE_DATE_RECORD);
>- if ((Status == EFI_SUCCESS) || (Status == EFI_NOT_FOUND)) {
>- Info->InfoType = EFI_USER_INFO_USAGE_DATE_RECORD;
>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
>- Info->InfoSize = sizeof (EFI_USER_INFO) + sizeof
>(EFI_USER_INFO_USAGE_DATE);
>- Status = gRT->GetTime (&Date, NULL);
>- if (EFI_ERROR (Status)) {
>- FreePool (Info);
>- return Status;
>- }
>-
>- CopyMem ((UINT8 *) (Info + 1), &Date, sizeof
>(EFI_USER_INFO_USAGE_DATE));
>- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
>- if (EFI_ERROR (Status)) {
>- FreePool (Info);
>- return Status;
>- }
>- }
>-
>- //
>- // Update usage count record.
>- //
>- UsageCount = 0;
>- NewInfo = NULL;
>- Status = FindUserInfoByType (User, &NewInfo,
>EFI_USER_INFO_USAGE_COUNT_RECORD);
>- //
>- // Get usage count.
>- //
>- if (Status == EFI_SUCCESS) {
>- CopyMem (&UsageCount, (UINT8 *) (NewInfo + 1), sizeof
>(EFI_USER_INFO_USAGE_COUNT));
>- }
>-
>- UsageCount++;
>- if ((Status == EFI_SUCCESS) || (Status == EFI_NOT_FOUND)) {
>- Info->InfoType = EFI_USER_INFO_USAGE_COUNT_RECORD;
>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
>- Info->InfoSize = sizeof (EFI_USER_INFO) + sizeof
>(EFI_USER_INFO_USAGE_COUNT);
>- CopyMem ((UINT8 *) (Info + 1), &UsageCount, sizeof
>(EFI_USER_INFO_USAGE_COUNT));
>- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
>- if (EFI_ERROR (Status)) {
>- FreePool (Info);
>- return Status;
>- }
>- }
>-
>- FreePool (Info);
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Add a credenetial provider item in form.
>-
>- @param[in] ProviderGuid Points to the identifir of credential provider.
>- @param[in] OpCodeHandle Points to container for dynamic created
>opcodes.
>-
>-**/
>-VOID
>-AddProviderSelection (
>- IN EFI_GUID *ProviderGuid,
>- IN VOID *OpCodeHandle
>- )
>-{
>- EFI_HII_HANDLE HiiHandle;
>- EFI_STRING_ID ProvID;
>- CHAR16 *ProvStr;
>- UINTN Index;
>- EFI_USER_CREDENTIAL2_PROTOCOL *UserCredential;
>-
>- for (Index = 0; Index < mProviderDb->Count; Index++) {
>- UserCredential = mProviderDb->Provider[Index];
>- if (CompareGuid (&UserCredential->Identifier, ProviderGuid)) {
>- //
>- // Add credential provider selection.
>- //
>- UserCredential->Title (UserCredential, &HiiHandle, &ProvID);
>- ProvStr = HiiGetString (HiiHandle, ProvID, NULL);
>- if (ProvStr == NULL) {
>- continue ;
>- }
>- ProvID = HiiSetString (mCallbackInfo->HiiHandle, 0, ProvStr, NULL);
>- FreePool (ProvStr);
>- HiiCreateActionOpCode (
>- OpCodeHandle, // Container for dynamic created opcodes
>- (EFI_QUESTION_ID)(LABEL_PROVIDER_NAME + Index), // Question ID
>- ProvID, // Prompt text
>- STRING_TOKEN (STR_NULL_STRING), // Help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- 0 // Action String ID
>- );
>- break;
>- }
>- }
>-}
>-
>-
>-/**
>- Add a username item in form.
>-
>- @param[in] Index The index of the user in the user name list.
>- @param[in] User Points to the user profile whose username is added.
>- @param[in] OpCodeHandle Points to container for dynamic created
>opcodes.
>-
>- @retval EFI_SUCCESS Add a username successfully.
>- @retval Others Fail to add a username.
>-
>-**/
>-EFI_STATUS
>-AddUserSelection (
>- IN UINT16 Index,
>- IN USER_PROFILE_ENTRY *User,
>- IN VOID *OpCodeHandle
>- )
>-{
>- EFI_STRING_ID UserName;
>- EFI_STATUS Status;
>- EFI_USER_INFO *UserInfo;
>-
>- UserInfo = NULL;
>- Status = FindUserInfoByType (User, &UserInfo,
>EFI_USER_INFO_NAME_RECORD);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Add user name selection.
>- //
>- UserName = HiiSetString (mCallbackInfo->HiiHandle, 0, (EFI_STRING)
>(UserInfo + 1), NULL);
>- if (UserName == 0) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- HiiCreateGotoOpCode (
>- OpCodeHandle, // Container for dynamic created opcodes
>- FORMID_PROVIDER_FORM, // Target Form ID
>- UserName, // Prompt text
>- STRING_TOKEN (STR_NULL_STRING), // Help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- (UINT16) Index // Question ID
>- );
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Identify the user whose identity policy does not contain the operator 'OR'.
>-
>- @param[in] User Points to the user profile.
>-
>- @retval EFI_SUCCESS The specified user is identified successfully.
>- @retval Others Fail to identify the user.
>-
>-**/
>-EFI_STATUS
>-IdentifyAndTypeUser (
>- IN USER_PROFILE_ENTRY *User
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *IdentifyInfo;
>- BOOLEAN Success;
>- UINTN TotalLen;
>- UINTN ValueLen;
>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>-
>- //
>- // Get user identify policy information.
>- //
>- IdentifyInfo = NULL;
>- Status = FindUserInfoByType (User, &IdentifyInfo,
>EFI_USER_INFO_IDENTITY_POLICY_RECORD);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>- ASSERT (IdentifyInfo != NULL);
>-
>- //
>- // Check each part of identification policy expression.
>- //
>- Success = FALSE;
>- TotalLen = 0;
>- while (TotalLen < IdentifyInfo->InfoSize - sizeof (EFI_USER_INFO)) {
>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) ((UINT8 *) (IdentifyInfo +
>1) + TotalLen);
>- ValueLen = Identity->Length - sizeof (EFI_USER_INFO_IDENTITY_POLICY);
>- switch (Identity->Type) {
>-
>- case EFI_USER_INFO_IDENTITY_FALSE:
>- //
>- // Check False option.
>- //
>- Success = FALSE;
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_TRUE:
>- //
>- // Check True option.
>- //
>- Success = TRUE;
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_NOT:
>- //
>- // Check negative operation.
>- //
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_AND:
>- //
>- // Check and operation.
>- //
>- if (!Success) {
>- return EFI_NOT_READY;
>- }
>-
>- Success = FALSE;
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_OR:
>- //
>- // Check or operation.
>- //
>- if (Success) {
>- return EFI_SUCCESS;
>- }
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_CREDENTIAL_TYPE:
>- //
>- // Check credential provider by type.
>- //
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER:
>- //
>- // Check credential provider by ID.
>- //
>- if (ValueLen != sizeof (EFI_GUID)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- Status = IdentifyByProviderId (User, (EFI_GUID *) (Identity + 1));
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- Success = TRUE;
>- break;
>-
>- default:
>- return EFI_INVALID_PARAMETER;
>- break;
>- }
>-
>- TotalLen += Identity->Length;
>- }
>-
>- if (TotalLen != IdentifyInfo->InfoSize - sizeof (EFI_USER_INFO)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if (!Success) {
>- return EFI_NOT_READY;
>- }
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Identify the user whose identity policy does not contain the operator 'AND'.
>-
>- @param[in] User Points to the user profile.
>-
>- @retval EFI_SUCCESS The specified user is identified successfully.
>- @retval Others Fail to identify the user.
>-
>-**/
>-EFI_STATUS
>-IdentifyOrTypeUser (
>- IN USER_PROFILE_ENTRY *User
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *IdentifyInfo;
>- UINTN TotalLen;
>- UINTN ValueLen;
>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>- VOID *StartOpCodeHandle;
>- VOID *EndOpCodeHandle;
>- EFI_IFR_GUID_LABEL *StartLabel;
>- EFI_IFR_GUID_LABEL *EndLabel;
>-
>- //
>- // Get user identify policy information.
>- //
>- IdentifyInfo = NULL;
>- Status = FindUserInfoByType (User, &IdentifyInfo,
>EFI_USER_INFO_IDENTITY_POLICY_RECORD);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>- ASSERT (IdentifyInfo != NULL);
>-
>- //
>- // Initialize the container for dynamic opcodes.
>- //
>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (StartOpCodeHandle != NULL);
>-
>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (EndOpCodeHandle != NULL);
>-
>- //
>- // Create Hii Extend Label OpCode.
>- //
>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- StartOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- StartLabel->Number = LABEL_PROVIDER_NAME;
>-
>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- EndOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- EndLabel->Number = LABEL_END;
>-
>- //
>- // Add the providers that exists in the user's policy.
>- //
>- TotalLen = 0;
>- while (TotalLen < IdentifyInfo->InfoSize - sizeof (EFI_USER_INFO)) {
>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) ((UINT8 *) (IdentifyInfo +
>1) + TotalLen);
>- ValueLen = Identity->Length - sizeof (EFI_USER_INFO_IDENTITY_POLICY);
>- if (Identity->Type == EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER) {
>- AddProviderSelection ((EFI_GUID *) (Identity + 1), StartOpCodeHandle);
>- }
>-
>- TotalLen += Identity->Length;
>- }
>-
>- HiiUpdateForm (
>- mCallbackInfo->HiiHandle, // HII handle
>- &gUserIdentifyManagerGuid,// Formset GUID
>- FORMID_PROVIDER_FORM, // Form ID
>- StartOpCodeHandle, // Label for where to insert opcodes
>- EndOpCodeHandle // Replace data
>- );
>-
>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- This function processes the results of changes in configuration.
>-
>- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
>- @param Action Specifies the type of action taken by the browser.
>- @param QuestionId A unique value which is sent to the original
>- exporting driver so that it can identify the type
>- of data to expect.
>- @param Type The type of value for the question.
>- @param Value A pointer to the data being sent to the original
>- exporting driver.
>- @param ActionRequest On return, points to the action requested by
>the
>- callback function.
>-
>- @retval EFI_SUCCESS The callback successfully handled the action.
>- @retval Others Fail to handle the action.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserIdentifyManagerCallback (
>- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
>- IN EFI_BROWSER_ACTION Action,
>- IN EFI_QUESTION_ID QuestionId,
>- IN UINT8 Type,
>- IN EFI_IFR_TYPE_VALUE *Value,
>- OUT EFI_BROWSER_ACTION_REQUEST *ActionRequest
>- )
>-{
>- EFI_STATUS Status;
>- USER_PROFILE_ENTRY *User;
>- UINT8 PolicyType;
>- UINT16 Index;
>- VOID *StartOpCodeHandle;
>- VOID *EndOpCodeHandle;
>- EFI_IFR_GUID_LABEL *StartLabel;
>- EFI_IFR_GUID_LABEL *EndLabel;
>-
>- Status = EFI_SUCCESS;
>-
>- switch (Action) {
>- case EFI_BROWSER_ACTION_FORM_OPEN:
>- {
>- //
>- // Update user Form when user Form is opened.
>- // This will be done only in FORM_OPEN CallBack of question with
>FORM_OPEN_QUESTION_ID from user Form.
>- //
>- if (QuestionId != FORM_OPEN_QUESTION_ID) {
>- return EFI_SUCCESS;
>- }
>-
>- //
>- // Initialize the container for dynamic opcodes.
>- //
>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (StartOpCodeHandle != NULL);
>-
>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (EndOpCodeHandle != NULL);
>-
>- //
>- // Create Hii Extend Label OpCode.
>- //
>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- StartOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- StartLabel->Number = LABEL_USER_NAME;
>-
>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- EndOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- EndLabel->Number = LABEL_END;
>-
>- //
>- // Add all the user profile in the user profile database.
>- //
>- for (Index = 0; Index < mUserProfileDb->UserProfileNum; Index++) {
>- User = (USER_PROFILE_ENTRY *) mUserProfileDb->UserProfile[Index];
>- AddUserSelection ((UINT16)(LABEL_USER_NAME + Index), User,
>StartOpCodeHandle);
>- }
>-
>- HiiUpdateForm (
>- mCallbackInfo->HiiHandle, // HII handle
>- &gUserIdentifyManagerGuid,// Formset GUID
>- FORMID_USER_FORM, // Form ID
>- StartOpCodeHandle, // Label for where to insert opcodes
>- EndOpCodeHandle // Replace data
>- );
>-
>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>-
>- return EFI_SUCCESS;
>- }
>- break;
>-
>- case EFI_BROWSER_ACTION_FORM_CLOSE:
>- Status = EFI_SUCCESS;
>- break;
>-
>- case EFI_BROWSER_ACTION_CHANGED:
>- if (QuestionId >= LABEL_PROVIDER_NAME) {
>- //
>- // QuestionId comes from the second Form (Select a Credential Provider if
>identity
>- // policy is OR type). Identify the user by the selected provider.
>- //
>- Status = IdentifyByProviderId (mCurrentUser, &mProviderDb-
>>Provider[QuestionId & 0xFFF]->Identifier);
>- if (Status == EFI_SUCCESS) {
>- mIdentified = TRUE;
>- *ActionRequest = EFI_BROWSER_ACTION_REQUEST_EXIT;
>- }
>- return EFI_SUCCESS;
>- }
>- break;
>-
>- case EFI_BROWSER_ACTION_CHANGING:
>- //
>- // QuestionId comes from the first Form (Select a user to identify).
>- //
>- if (QuestionId >= LABEL_PROVIDER_NAME) {
>- return EFI_SUCCESS;
>- }
>-
>- User = (USER_PROFILE_ENTRY *) mUserProfileDb-
>>UserProfile[QuestionId & 0xFFF];
>- Status = GetIdentifyType (User, &PolicyType);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- if (PolicyType == EFI_USER_INFO_IDENTITY_OR) {
>- //
>- // Identify the user by "OR" logical.
>- //
>- Status = IdentifyOrTypeUser (User);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- mCurrentUser = (EFI_USER_PROFILE_HANDLE) User;
>- } else {
>- //
>- // Identify the user by "AND" logical.
>- //
>- Status = IdentifyAndTypeUser (User);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- mCurrentUser = (EFI_USER_PROFILE_HANDLE) User;
>- mIdentified = TRUE;
>- if (Type == EFI_IFR_TYPE_REF) {
>- Value->ref.FormId = FORMID_INVALID_FORM;
>- }
>- }
>- break;
>-
>- default:
>- //
>- // All other action return unsupported.
>- //
>- Status = EFI_UNSUPPORTED;
>- break;
>- }
>-
>-
>- return Status;
>-}
>-
>-
>-/**
>- This function construct user profile database from user data saved in the
>Flash.
>- If no user is found in Flash, add one default user "administrator" in the user
>- profile database.
>-
>- @retval EFI_SUCCESS Init user profile database successfully.
>- @retval Others Fail to init user profile database.
>-
>-**/
>-EFI_STATUS
>-InitUserProfileDb (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- UINT8 *VarData;
>- UINTN VarSize;
>- UINTN CurVarSize;
>- CHAR16 VarName[10];
>- UINTN Index;
>- UINT32 VarAttr;
>-
>- if (mUserProfileDb != NULL) {
>- //
>- // The user profiles had been already initialized.
>- //
>- return EFI_SUCCESS;
>- }
>-
>- //
>- // Init user profile database structure.
>- //
>- if (!ExpandUsermUserProfileDb ()) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- CurVarSize = DEFAULT_PROFILE_SIZE;
>- VarData = AllocateZeroPool (CurVarSize);
>- if (VarData == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- //
>- // Get all user proifle entries.
>- //
>- Index = 0;
>- while (TRUE) {
>- //
>- // Get variable name.
>- //
>- UnicodeSPrint (
>- VarName,
>- sizeof (VarName),
>- L"User%04x",
>- Index
>- );
>- Index++;
>-
>- //
>- // Get variable value.
>- //
>- VarSize = CurVarSize;
>- Status = gRT->GetVariable (VarName, &gUserIdentifyManagerGuid,
>&VarAttr, &VarSize, VarData);
>- if (Status == EFI_BUFFER_TOO_SMALL) {
>- FreePool (VarData);
>- VarData = AllocatePool (VarSize);
>- if (VarData == NULL) {
>- Status = EFI_OUT_OF_RESOURCES;
>- break;
>- }
>-
>- CurVarSize = VarSize;
>- Status = gRT->GetVariable (VarName, &gUserIdentifyManagerGuid,
>&VarAttr, &VarSize, VarData);
>- }
>-
>- if (EFI_ERROR (Status)) {
>- if (Status == EFI_NOT_FOUND) {
>- Status = EFI_SUCCESS;
>- }
>- break;
>- }
>-
>- //
>- // Check variable attributes.
>- //
>- if (VarAttr != (EFI_VARIABLE_NON_VOLATILE |
>EFI_VARIABLE_BOOTSERVICE_ACCESS)) {
>- Status = gRT->SetVariable (VarName, &gUserIdentifyManagerGuid,
>VarAttr, 0, NULL);
>- continue;
>- }
>-
>- //
>- // Add user profile to the user profile database.
>- //
>- Status = AddUserProfile (NULL, VarSize, VarData, FALSE);
>- if (EFI_ERROR (Status)) {
>- if (Status == EFI_SECURITY_VIOLATION) {
>- //
>- // Delete invalid user profile
>- //
>- gRT->SetVariable (VarName, &gUserIdentifyManagerGuid, VarAttr, 0,
>NULL);
>- } else if (Status == EFI_OUT_OF_RESOURCES) {
>- break;
>- }
>- } else {
>- //
>- // Delete and save the profile again if some invalid profiles are deleted.
>- //
>- if (mUserProfileDb->UserProfileNum < Index) {
>- gRT->SetVariable (VarName, &gUserIdentifyManagerGuid, VarAttr, 0,
>NULL);
>- SaveNvUserProfile (mUserProfileDb->UserProfile[mUserProfileDb-
>>UserProfileNum - 1], FALSE);
>- }
>- }
>- }
>-
>- if (VarData != NULL) {
>- FreePool (VarData);
>- }
>-
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Check whether the user profile database is empty.
>- //
>- if (mUserProfileDb->UserProfileNum == 0) {
>- Status = AddDefaultUserProfile ();
>- }
>-
>- return Status;
>-}
>-
>-
>-/**
>- This function collects all the credential providers and saves to mProviderDb.
>-
>- @retval EFI_SUCCESS Collect credential providers successfully.
>- @retval Others Fail to collect credential providers.
>-
>-**/
>-EFI_STATUS
>-InitProviderInfo (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- UINTN HandleCount;
>- EFI_HANDLE *HandleBuf;
>- UINTN Index;
>-
>- if (mProviderDb != NULL) {
>- //
>- // The credential providers had been collected before.
>- //
>- return EFI_SUCCESS;
>- }
>-
>- //
>- // Try to find all the user credential provider driver.
>- //
>- HandleCount = 0;
>- HandleBuf = NULL;
>- Status = gBS->LocateHandleBuffer (
>- ByProtocol,
>- &gEfiUserCredential2ProtocolGuid,
>- NULL,
>- &HandleCount,
>- &HandleBuf
>- );
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Get provider infomation.
>- //
>- mProviderDb = AllocateZeroPool (
>- sizeof (CREDENTIAL_PROVIDER_INFO) -
>- sizeof (EFI_USER_CREDENTIAL2_PROTOCOL *) +
>- HandleCount * sizeof (EFI_USER_CREDENTIAL2_PROTOCOL *)
>- );
>- if (mProviderDb == NULL) {
>- FreePool (HandleBuf);
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- mProviderDb->Count = HandleCount;
>- for (Index = 0; Index < HandleCount; Index++) {
>- Status = gBS->HandleProtocol (
>- HandleBuf[Index],
>- &gEfiUserCredential2ProtocolGuid,
>- (VOID **) &mProviderDb->Provider[Index]
>- );
>- if (EFI_ERROR (Status)) {
>- FreePool (HandleBuf);
>- FreePool (mProviderDb);
>- mProviderDb = NULL;
>- return Status;
>- }
>- }
>-
>- FreePool (HandleBuf);
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- This function allows a caller to extract the current configuration for one
>- or more named elements from the target driver.
>-
>-
>- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
>- @param Request A null-terminated Unicode string in <ConfigRequest>
>format.
>- @param Progress On return, points to a character in the Request string.
>- Points to the string's null terminator if request was successful.
>- Points to the most recent '&' before the first failing name/value
>- pair (or the beginning of the string if the failure is in the
>- first name/value pair) if the request was not successful.
>- @param Results A null-terminated Unicode string in <ConfigAltResp>
>format which
>- has all values filled in for the names in the Request string.
>- String to be allocated by the called function.
>-
>- @retval EFI_SUCCESS The Results is filled with the requested values.
>- @retval EFI_OUT_OF_RESOURCES Not enough memory to store the
>results.
>- @retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown
>name.
>- @retval EFI_NOT_FOUND Routing data doesn't match any storage in
>this driver.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-FakeExtractConfig (
>- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
>- IN CONST EFI_STRING Request,
>- OUT EFI_STRING *Progress,
>- OUT EFI_STRING *Results
>- )
>-{
>- if (Progress == NULL || Results == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>- *Progress = Request;
>- return EFI_NOT_FOUND;
>-}
>-
>-/**
>- This function processes the results of changes in configuration.
>-
>-
>- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
>- @param Configuration A null-terminated Unicode string in <ConfigResp>
>format.
>- @param Progress A pointer to a string filled in with the offset of the
>most
>- recent '&' before the first failing name/value pair (or the
>- beginning of the string if the failure is in the first
>- name/value pair) or the terminating NULL if all was successful.
>-
>- @retval EFI_SUCCESS The Results is processed successfully.
>- @retval EFI_INVALID_PARAMETER Configuration is NULL.
>- @retval EFI_NOT_FOUND Routing data doesn't match any storage in
>this driver.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-FakeRouteConfig (
>- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
>- IN CONST EFI_STRING Configuration,
>- OUT EFI_STRING *Progress
>- )
>-{
>- if (Configuration == NULL || Progress == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- *Progress = Configuration;
>-
>- return EFI_NOT_FOUND;
>-}
>-
>-
>-/**
>- This function initialize the data mainly used in form browser.
>-
>- @retval EFI_SUCCESS Initialize form data successfully.
>- @retval Others Fail to Initialize form data.
>-
>-**/
>-EFI_STATUS
>-InitFormBrowser (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- USER_MANAGER_CALLBACK_INFO *CallbackInfo;
>- EFI_HII_DATABASE_PROTOCOL *HiiDatabase;
>- EFI_HII_STRING_PROTOCOL *HiiString;
>- EFI_FORM_BROWSER2_PROTOCOL *FormBrowser2;
>-
>- //
>- // Initialize driver private data.
>- //
>- CallbackInfo = AllocateZeroPool (sizeof
>(USER_MANAGER_CALLBACK_INFO));
>- if (CallbackInfo == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- CallbackInfo->Signature = USER_MANAGER_SIGNATURE;
>- CallbackInfo->ConfigAccess.ExtractConfig = FakeExtractConfig;
>- CallbackInfo->ConfigAccess.RouteConfig = FakeRouteConfig;
>- CallbackInfo->ConfigAccess.Callback = UserIdentifyManagerCallback;
>-
>- //
>- // Locate Hii Database protocol.
>- //
>- Status = gBS->LocateProtocol (&gEfiHiiDatabaseProtocolGuid, NULL, (VOID
>**) &HiiDatabase);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>- CallbackInfo->HiiDatabase = HiiDatabase;
>-
>- //
>- // Locate HiiString protocol.
>- //
>- Status = gBS->LocateProtocol (&gEfiHiiStringProtocolGuid, NULL, (VOID **)
>&HiiString);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>- CallbackInfo->HiiString = HiiString;
>-
>- //
>- // Locate Formbrowser2 protocol.
>- //
>- Status = gBS->LocateProtocol (&gEfiFormBrowser2ProtocolGuid, NULL,
>(VOID **) &FormBrowser2);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- CallbackInfo->FormBrowser2 = FormBrowser2;
>- CallbackInfo->DriverHandle = NULL;
>-
>- //
>- // Install Device Path Protocol and Config Access protocol to driver handle.
>- //
>- Status = gBS->InstallMultipleProtocolInterfaces (
>- &CallbackInfo->DriverHandle,
>- &gEfiDevicePathProtocolGuid,
>- &mHiiVendorDevicePath,
>- &gEfiHiiConfigAccessProtocolGuid,
>- &CallbackInfo->ConfigAccess,
>- NULL
>- );
>- ASSERT_EFI_ERROR (Status);
>-
>- //
>- // Publish HII data.
>- //
>- CallbackInfo->HiiHandle = HiiAddPackages (
>- &gUserIdentifyManagerGuid,
>- CallbackInfo->DriverHandle,
>- UserIdentifyManagerStrings,
>- UserIdentifyManagerVfrBin,
>- NULL
>- );
>- if (CallbackInfo->HiiHandle == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- mCallbackInfo = CallbackInfo;
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Identify the user whose identification policy supports auto logon.
>-
>- @param[in] ProviderIndex The provider index in the provider list.
>- @param[out] User Points to user user profile if a user is identified
>successfully.
>-
>- @retval EFI_SUCCESS Identify a user with the specified provider
>successfully.
>- @retval Others Fail to identify a user.
>-
>-**/
>-EFI_STATUS
>-IdentifyAutoLogonUser (
>- IN UINTN ProviderIndex,
>- OUT USER_PROFILE_ENTRY **User
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *Info;
>- UINT8 PolicyType;
>-
>- Info = AllocateZeroPool (sizeof (EFI_USER_INFO) + sizeof
>(EFI_USER_INFO_IDENTIFIER));
>- if (Info == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- Info->InfoType = EFI_USER_INFO_IDENTIFIER_RECORD;
>- Info->InfoSize = sizeof (EFI_USER_INFO) + sizeof
>(EFI_USER_INFO_IDENTIFIER);
>-
>- //
>- // Identify the specified credential provider's auto logon user.
>- //
>- Status = mProviderDb->Provider[ProviderIndex]->User (
>- mProviderDb->Provider[ProviderIndex],
>- NULL,
>- (EFI_USER_INFO_IDENTIFIER *) (Info + 1)
>- );
>- if (EFI_ERROR (Status)) {
>- FreePool (Info);
>- return Status;
>- }
>-
>- //
>- // Find user with the specified user ID.
>- //
>- *User = NULL;
>- Status = FindUserProfileByInfo (User, NULL, Info, Info->InfoSize);
>- FreePool (Info);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- Status = GetIdentifyType ((EFI_USER_PROFILE_HANDLE) * User,
>&PolicyType);
>- if (PolicyType == EFI_USER_INFO_IDENTITY_AND) {
>- //
>- // The identified user need also identified by other credential provider.
>- // This can handle through select user.
>- //
>- return EFI_NOT_READY;
>- }
>-
>- return Status;
>-}
>-
>-
>-/**
>- Check whether the given console is ready.
>-
>- @param[in] ProtocolGuid Points to the protocol guid of sonsole .
>-
>- @retval TRUE The given console is ready.
>- @retval FALSE The given console is not ready.
>-
>-**/
>-BOOLEAN
>-CheckConsole (
>- EFI_GUID *ProtocolGuid
>- )
>-{
>- EFI_STATUS Status;
>- UINTN HandleCount;
>- EFI_HANDLE *HandleBuf;
>- UINTN Index;
>- EFI_DEVICE_PATH_PROTOCOL *DevicePath;
>-
>- //
>- // Try to find all the handle driver.
>- //
>- HandleCount = 0;
>- HandleBuf = NULL;
>- Status = gBS->LocateHandleBuffer (
>- ByProtocol,
>- ProtocolGuid,
>- NULL,
>- &HandleCount,
>- &HandleBuf
>- );
>- if (EFI_ERROR (Status)) {
>- return FALSE;
>- }
>-
>- for (Index = 0; Index < HandleCount; Index++) {
>- DevicePath = DevicePathFromHandle (HandleBuf[Index]);
>- if (DevicePath != NULL) {
>- FreePool (HandleBuf);
>- return TRUE;
>- }
>- }
>- FreePool (HandleBuf);
>- return FALSE;
>-}
>-
>-
>-/**
>- Check whether the console is ready.
>-
>- @retval TRUE The console is ready.
>- @retval FALSE The console is not ready.
>-
>-**/
>-BOOLEAN
>-IsConsoleReady (
>- VOID
>- )
>-{
>- if (!CheckConsole (&gEfiSimpleTextOutProtocolGuid)) {
>- return FALSE;
>- }
>-
>- if (!CheckConsole (&gEfiSimpleTextInProtocolGuid)) {
>- if (!CheckConsole (&gEfiSimpleTextInputExProtocolGuid)) {
>- return FALSE;
>- }
>- }
>-
>- return TRUE;
>-}
>-
>-
>-/**
>- Identify a user to logon.
>-
>- @param[out] User Points to user user profile if a user is identified
>successfully.
>-
>- @retval EFI_SUCCESS Identify a user successfully.
>-
>-**/
>-EFI_STATUS
>-IdentifyUser (
>- OUT USER_PROFILE_ENTRY **User
>- )
>-{
>- EFI_STATUS Status;
>- UINTN Index;
>- EFI_CREDENTIAL_LOGON_FLAGS AutoLogon;
>- EFI_USER_INFO *IdentifyInfo;
>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>- EFI_USER_CREDENTIAL2_PROTOCOL *UserCredential;
>- USER_PROFILE_ENTRY *UserEntry;
>-
>- //
>- // Initialize credential providers.
>- //
>- InitProviderInfo ();
>-
>- //
>- // Initialize user profile database.
>- //
>- InitUserProfileDb ();
>-
>- //
>- // If only one user in system, and its identify policy is TRUE, then auto logon.
>- //
>- if (mUserProfileDb->UserProfileNum == 1) {
>- UserEntry = (USER_PROFILE_ENTRY *) mUserProfileDb->UserProfile[0];
>- IdentifyInfo = NULL;
>- Status = FindUserInfoByType (UserEntry, &IdentifyInfo,
>EFI_USER_INFO_IDENTITY_POLICY_RECORD);
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>- ASSERT (IdentifyInfo != NULL);
>-
>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) ((UINT8 *) (IdentifyInfo +
>1));
>- if (Identity->Type == EFI_USER_INFO_IDENTITY_TRUE) {
>- mCurrentUser = (EFI_USER_PROFILE_HANDLE) UserEntry;
>- UpdateUserInfo (UserEntry);
>- *User = UserEntry;
>- return EFI_SUCCESS;
>- }
>- }
>-
>- //
>- // Find and login the default & AutoLogon user.
>- //
>- for (Index = 0; Index < mProviderDb->Count; Index++) {
>- UserCredential = mProviderDb->Provider[Index];
>- Status = UserCredential->Default (UserCredential, &AutoLogon);
>- if (EFI_ERROR (Status)) {
>- continue;
>- }
>-
>- if ((AutoLogon & (EFI_CREDENTIAL_LOGON_FLAG_DEFAULT |
>EFI_CREDENTIAL_LOGON_FLAG_AUTO)) != 0) {
>- Status = IdentifyAutoLogonUser (Index, &UserEntry);
>- if (Status == EFI_SUCCESS) {
>- mCurrentUser = (EFI_USER_PROFILE_HANDLE) UserEntry;
>- UpdateUserInfo (UserEntry);
>- *User = UserEntry;
>- return EFI_SUCCESS;
>- }
>- }
>- }
>-
>- if (!IsConsoleReady ()) {
>- //
>- // The console is still not ready for user selection.
>- //
>- return EFI_ACCESS_DENIED;
>- }
>-
>- //
>- // Select a user and identify it.
>- //
>- mCallbackInfo->FormBrowser2->SendForm (
>- mCallbackInfo->FormBrowser2,
>- &mCallbackInfo->HiiHandle,
>- 1,
>- &gUserIdentifyManagerGuid,
>- 0,
>- NULL,
>- NULL
>- );
>-
>- if (mIdentified) {
>- *User = (USER_PROFILE_ENTRY *) mCurrentUser;
>- UpdateUserInfo (*User);
>- return EFI_SUCCESS;
>- }
>-
>- return EFI_ACCESS_DENIED;
>-}
>-
>-
>-/**
>- An empty function to pass error checking of CreateEventEx ().
>-
>- @param Event Event whose notification function is being invoked.
>- @param Context Pointer to the notification function's context,
>- which is implementation-dependent.
>-
>-**/
>-VOID
>-EFIAPI
>-InternalEmptyFuntion (
>- IN EFI_EVENT Event,
>- IN VOID *Context
>- )
>-{
>-}
>-
>-
>-/**
>- Create, Signal, and Close the User Profile Changed event.
>-
>-**/
>-VOID
>-SignalEventUserProfileChanged (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- EFI_EVENT Event;
>-
>- Status = gBS->CreateEventEx (
>- EVT_NOTIFY_SIGNAL,
>- TPL_CALLBACK,
>- InternalEmptyFuntion,
>- NULL,
>- &gEfiEventUserProfileChangedGuid,
>- &Event
>- );
>- ASSERT_EFI_ERROR (Status);
>- gBS->SignalEvent (Event);
>- gBS->CloseEvent (Event);
>-}
>-
>-
>-/**
>- Create a new user profile.
>-
>- This function creates a new user profile with only a new user identifier
>attached and returns
>- its handle. The user profile is non-volatile, but the handle User can change
>across reboots.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_MANAGER_PROTOCOL.
>- @param[out] User On return, points to the new user profile handle.
>- The user profile handle is unique only during this boot.
>-
>- @retval EFI_SUCCESS User profile was successfully created.
>- @retval EFI_ACCESS_DENIED Current user does not have sufficient
>permissions to create a
>- user profile.
>- @retval EFI_UNSUPPORTED Creation of new user profiles is not
>supported.
>- @retval EFI_INVALID_PARAMETER The User parameter is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileCreate (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- OUT EFI_USER_PROFILE_HANDLE *User
>- )
>-{
>- EFI_STATUS Status;
>-
>- if ((This == NULL) || (User == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Check the right of the current user.
>- //
>- if (!CheckCurrentUserAccessRight (EFI_USER_INFO_ACCESS_MANAGE)) {
>- if (!CheckCurrentUserAccessRight
>(EFI_USER_INFO_ACCESS_ENROLL_OTHERS)) {
>- return EFI_ACCESS_DENIED;
>- }
>- }
>-
>- //
>- // Create new user profile
>- //
>- Status = CreateUserProfile ((USER_PROFILE_ENTRY **) User);
>- if (EFI_ERROR (Status)) {
>- return EFI_ACCESS_DENIED;
>- }
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Delete an existing user profile.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_MANAGER_PROTOCOL.
>- @param[in] User User profile handle.
>-
>- @retval EFI_SUCCESS User profile was successfully deleted.
>- @retval EFI_ACCESS_DENIED Current user does not have sufficient
>permissions to delete a user
>- profile or there is only one user profile.
>- @retval EFI_UNSUPPORTED Deletion of new user profiles is not
>supported.
>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>profile.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileDelete (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User
>- )
>-{
>- EFI_STATUS Status;
>-
>- if (This == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Check the right of the current user.
>- //
>- if (!CheckCurrentUserAccessRight (EFI_USER_INFO_ACCESS_MANAGE)) {
>- return EFI_ACCESS_DENIED;
>- }
>-
>- //
>- // Delete user profile.
>- //
>- Status = DelUserProfile (User);
>- if (EFI_ERROR (Status)) {
>- if (Status != EFI_INVALID_PARAMETER) {
>- return EFI_ACCESS_DENIED;
>- }
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Enumerate all of the enrolled users on the platform.
>-
>- This function returns the next enrolled user profile. To retrieve the first user
>profile handle,
>- point User at a NULL. Each subsequent call will retrieve another user profile
>handle until there
>- are no more, at which point User will point to NULL.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_MANAGER_PROTOCOL.
>- @param[in, out] User On entry, points to the previous user profile
>handle or NULL to
>- start enumeration. On exit, points to the next user profile
>handle
>- or NULL if there are no more user profiles.
>-
>- @retval EFI_SUCCESS Next enrolled user profile successfully returned.
>- @retval EFI_ACCESS_DENIED Next enrolled user profile was not
>successfully returned.
>- @retval EFI_INVALID_PARAMETER The User parameter is NULL.
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileGetNext (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN OUT EFI_USER_PROFILE_HANDLE *User
>- )
>-{
>- EFI_STATUS Status;
>-
>- if ((This == NULL) || (User == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- Status = FindUserProfile ((USER_PROFILE_ENTRY **) User, TRUE, NULL);
>- if (EFI_ERROR (Status)) {
>- return EFI_ACCESS_DENIED;
>- }
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Return the current user profile handle.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_MANAGER_PROTOCOL.
>- @param[out] CurrentUser On return, points to the current user profile
>handle.
>-
>- @retval EFI_SUCCESS Current user profile handle returned successfully.
>- @retval EFI_INVALID_PARAMETER The CurrentUser parameter is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileCurrent (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- OUT EFI_USER_PROFILE_HANDLE *CurrentUser
>- )
>-{
>- //
>- // Get current user profile.
>- //
>- if ((This == NULL) || (CurrentUser == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- *CurrentUser = mCurrentUser;
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Identify a user.
>-
>- Identify the user and, if authenticated, returns the user handle and changes
>the current
>- user profile. All user information marked as private in a previously selected
>profile
>- is no longer available for inspection.
>- Whenever the current user profile is changed then the an event with the
>GUID
>- EFI_EVENT_GROUP_USER_PROFILE_CHANGED is signaled.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_MANAGER_PROTOCOL.
>- @param[out] User On return, points to the user profile handle for
>the current
>- user profile.
>-
>- @retval EFI_SUCCESS User was successfully identified.
>- @retval EFI_ACCESS_DENIED User was not successfully identified.
>- @retval EFI_INVALID_PARAMETER The User parameter is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileIdentify (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- OUT EFI_USER_PROFILE_HANDLE *User
>- )
>-{
>- EFI_STATUS Status;
>-
>- if ((This == NULL) || (User == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if (mCurrentUser != NULL) {
>- *User = mCurrentUser;
>- return EFI_SUCCESS;
>- }
>-
>- //
>- // Identify user
>- //
>- Status = IdentifyUser ((USER_PROFILE_ENTRY **) User);
>- if (EFI_ERROR (Status)) {
>- return EFI_ACCESS_DENIED;
>- }
>-
>- //
>- // Publish the user info into the EFI system configuration table.
>- //
>- PublishUserTable ();
>-
>- //
>- // Signal User Profile Changed event.
>- //
>- SignalEventUserProfileChanged ();
>- return EFI_SUCCESS;
>-}
>-
>-/**
>- Find a user using a user information record.
>-
>- This function searches all user profiles for the specified user information
>record.
>- The search starts with the user information record handle following
>UserInfo and
>- continues until either the information is found or there are no more user
>profiles.
>- A match occurs when the Info.InfoType field matches the user information
>record
>- type and the user information record data matches the portion of Info.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_MANAGER_PROTOCOL.
>- @param[in, out] User On entry, points to the previously returned user
>profile
>- handle, or NULL to start searching with the first user profile.
>- On return, points to the user profile handle, or NULL if not
>- found.
>- @param[in, out] UserInfo On entry, points to the previously returned
>user information
>- handle, or NULL to start searching with the first. On return,
>- points to the user information handle of the user
>information
>- record, or NULL if not found. Can be NULL, in which case only
>- one user information record per user can be returned.
>- @param[in] Info Points to the buffer containing the user information
>to be
>- compared to the user information record. If the user
>information
>- record data is empty, then only the user information record
>type
>- is compared. If InfoSize is 0, then the user information record
>- must be empty.
>-
>- @param[in] InfoSize The size of Info, in bytes.
>-
>- @retval EFI_SUCCESS User information was found. User points to the
>user profile
>- handle, and UserInfo points to the user information handle.
>- @retval EFI_NOT_FOUND User information was not found. User points
>to NULL, and
>- UserInfo points to NULL.
>- @retval EFI_INVALID_PARAMETER User is NULL. Or Info is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileFind (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN OUT EFI_USER_PROFILE_HANDLE *User,
>- IN OUT EFI_USER_INFO_HANDLE *UserInfo OPTIONAL,
>- IN CONST EFI_USER_INFO *Info,
>- IN UINTN InfoSize
>- )
>-{
>- EFI_STATUS Status;
>- UINTN Size;
>-
>- if ((This == NULL) || (User == NULL) || (Info == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if (InfoSize == 0) {
>- //
>- // If InfoSize is 0, then the user information record must be empty.
>- //
>- if (Info->InfoSize != sizeof (EFI_USER_INFO)) {
>- return EFI_INVALID_PARAMETER;
>- }
>- } else {
>- if (InfoSize != Info->InfoSize) {
>- return EFI_INVALID_PARAMETER;
>- }
>- }
>- Size = Info->InfoSize;
>-
>- //
>- // Find user profile accdoring to user information.
>- //
>- Status = FindUserProfileByInfo (
>- (USER_PROFILE_ENTRY **) User,
>- (EFI_USER_INFO **) UserInfo,
>- (EFI_USER_INFO *) Info,
>- Size
>- );
>- if (EFI_ERROR (Status)) {
>- *User = NULL;
>- if (UserInfo != NULL) {
>- *UserInfo = NULL;
>- }
>- return EFI_NOT_FOUND;
>- }
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Return information attached to the user.
>-
>- This function returns user information. The format of the information is
>described in User
>- Information. The function may return EFI_ACCESS_DENIED if the
>information is marked private
>- and the handle specified by User is not the current user profile. The function
>may return
>- EFI_ACCESS_DENIED if the information is marked protected and the
>information is associated
>- with a credential provider for which the user has not been authenticated.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_MANAGER_PROTOCOL.
>- @param[in] User Handle of the user whose profile will be retrieved.
>- @param[in] UserInfo Handle of the user information data record.
>- @param[out] Info On entry, points to a buffer of at least *InfoSize
>bytes. On exit,
>- holds the user information. If the buffer is too small to hold
>the
>- information, then EFI_BUFFER_TOO_SMALL is returned and
>InfoSize is
>- updated to contain the number of bytes actually required.
>- @param[in, out] InfoSize On entry, points to the size of Info. On return,
>points to the size
>- of the user information.
>-
>- @retval EFI_SUCCESS Information returned successfully.
>- @retval EFI_ACCESS_DENIED The information about the specified user
>cannot be accessed by the
>- current user.
>- @retval EFI_BUFFER_TOO_SMALL The number of bytes specified by
>*InfoSize is too small to hold the
>- returned data. The actual size required is returned in
>*InfoSize.
>- @retval EFI_NOT_FOUND User does not refer to a valid user profile or
>UserInfo does not refer
>- to a valid user info handle.
>- @retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileGetInfo (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN EFI_USER_INFO_HANDLE UserInfo,
>- OUT EFI_USER_INFO *Info,
>- IN OUT UINTN *InfoSize
>- )
>-{
>- EFI_STATUS Status;
>-
>- if ((This == NULL) || (InfoSize == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if ((*InfoSize != 0) && (Info == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- if ((User == NULL) || (UserInfo == NULL)) {
>- return EFI_NOT_FOUND;
>- }
>-
>- Status = GetUserInfo (User, UserInfo, Info, InfoSize, TRUE);
>- if (EFI_ERROR (Status)) {
>- if (Status == EFI_BUFFER_TOO_SMALL) {
>- return EFI_BUFFER_TOO_SMALL;
>- }
>- return EFI_ACCESS_DENIED;
>- }
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Add or update user information.
>-
>- This function changes user information. If NULL is pointed to by UserInfo,
>then a new user
>- information record is created and its handle is returned in UserInfo.
>Otherwise, the existing
>- one is replaced.
>- If EFI_USER_INFO_IDENITTY_POLICY_RECORD is changed, it is the caller's
>responsibility to keep
>- it to be synced with the information on credential providers.
>- If EFI_USER_INFO_EXCLUSIVE is specified in Info and a user information
>record of the same
>- type already exists in the user profile, then EFI_ACCESS_DENIED will be
>returned and UserInfo
>- will point to the handle of the existing record.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_MANAGER_PROTOCOL.
>- @param[in] User Handle of the user whose profile will be retrieved.
>- @param[in, out] UserInfo Handle of the user information data record.
>- @param[in] Info On entry, points to a buffer of at least *InfoSize
>bytes. On exit,
>- holds the user information. If the buffer is too small to hold
>the
>- information, then EFI_BUFFER_TOO_SMALL is returned and
>InfoSize is
>- updated to contain the number of bytes actually required.
>- @param[in] InfoSize On entry, points to the size of Info. On return,
>points to the size
>- of the user information.
>-
>- @retval EFI_SUCCESS Information returned successfully.
>- @retval EFI_ACCESS_DENIED The record is exclusive.
>- @retval EFI_SECURITY_VIOLATION The current user does not have
>permission to change the specified
>- user profile or user information record.
>- @retval EFI_NOT_FOUND User does not refer to a valid user profile or
>UserInfo does not
>- refer to a valid user info handle.
>- @retval EFI_INVALID_PARAMETER UserInfo is NULL or Info is NULL.
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileSetInfo (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN OUT EFI_USER_INFO_HANDLE *UserInfo,
>- IN CONST EFI_USER_INFO *Info,
>- IN UINTN InfoSize
>- )
>-{
>- EFI_STATUS Status;
>-
>- if ((This == NULL) || (User == NULL) || (UserInfo == NULL) || (Info == NULL))
>{
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Check the right of the current user.
>- //
>- if (User != mCurrentUser) {
>- if (!CheckCurrentUserAccessRight (EFI_USER_INFO_ACCESS_MANAGE)) {
>- if (*UserInfo != NULL) {
>- //
>- // Can't update info in other profiles without MANAGE right.
>- //
>- return EFI_SECURITY_VIOLATION;
>- }
>-
>- if (!CheckCurrentUserAccessRight
>(EFI_USER_INFO_ACCESS_ENROLL_OTHERS)) {
>- //
>- // Can't add info into other profiles.
>- //
>- return EFI_SECURITY_VIOLATION;
>- }
>- }
>- }
>-
>- if (User == mCurrentUser) {
>- if (CheckCurrentUserAccessRight (EFI_USER_INFO_ACCESS_ENROLL_SELF))
>{
>- //
>- // Only identify policy can be added/updated.
>- //
>- if (Info->InfoType != EFI_USER_INFO_IDENTITY_POLICY_RECORD) {
>- return EFI_SECURITY_VIOLATION;
>- }
>- }
>- }
>-
>- //
>- // Modify user information.
>- //
>- Status = ModifyUserInfo (User, (EFI_USER_INFO **) UserInfo, Info,
>InfoSize);
>- if (EFI_ERROR (Status)) {
>- if (Status == EFI_ACCESS_DENIED) {
>- return EFI_ACCESS_DENIED;
>- }
>- return EFI_SECURITY_VIOLATION;
>- }
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Called by credential provider to notify of information change.
>-
>- This function allows the credential provider to notify the User Identity
>Manager when user status
>- has changed.
>- If the User Identity Manager doesn't support asynchronous changes in
>credentials, then this function
>- should return EFI_UNSUPPORTED.
>- If current user does not exist, and the credential provider can identify a user,
>then make the user
>- to be current user and signal the
>EFI_EVENT_GROUP_USER_PROFILE_CHANGED event.
>- If current user already exists, and the credential provider can identify
>another user, then switch
>- current user to the newly identified user, and signal the
>EFI_EVENT_GROUP_USER_PROFILE_CHANGED event.
>- If current user was identified by this credential provider and now the
>credential provider cannot identify
>- current user, then logout current user and signal the
>EFI_EVENT_GROUP_USER_PROFILE_CHANGED event.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_MANAGER_PROTOCOL.
>- @param[in] Changed Handle on which is installed an instance of the
>EFI_USER_CREDENTIAL2_PROTOCOL
>- where the user has changed.
>-
>- @retval EFI_SUCCESS The User Identity Manager has handled the
>notification.
>- @retval EFI_NOT_READY The function was called while the specified
>credential provider was not selected.
>- @retval EFI_UNSUPPORTED The User Identity Manager doesn't support
>asynchronous notifications.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileNotify (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN EFI_HANDLE Changed
>- )
>-{
>- return EFI_UNSUPPORTED;
>-}
>-
>-
>-/**
>- Delete user information.
>-
>- Delete the user information attached to the user profile specified by the
>UserInfo.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_MANAGER_PROTOCOL.
>- @param[in] User Handle of the user whose information will be
>deleted.
>- @param[in] UserInfo Handle of the user information to remove.
>-
>- @retval EFI_SUCCESS User information deleted successfully.
>- @retval EFI_NOT_FOUND User information record UserInfo does not
>exist in the user profile.
>- @retval EFI_ACCESS_DENIED The current user does not have permission to
>delete this user information.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileDeleteInfo (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN EFI_USER_INFO_HANDLE UserInfo
>- )
>-{
>- EFI_STATUS Status;
>-
>- if (This == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Check the right of the current user.
>- //
>- if (User != mCurrentUser) {
>- if (!CheckCurrentUserAccessRight (EFI_USER_INFO_ACCESS_MANAGE)) {
>- return EFI_ACCESS_DENIED;
>- }
>- }
>-
>- //
>- // Delete user information.
>- //
>- Status = DelUserInfo (User, UserInfo, TRUE);
>- if (EFI_ERROR (Status)) {
>- if (Status == EFI_NOT_FOUND) {
>- return EFI_NOT_FOUND;
>- }
>- return EFI_ACCESS_DENIED;
>- }
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Enumerate user information of all the enrolled users on the platform.
>-
>- This function returns the next user information record. To retrieve the first
>user
>- information record handle, point UserInfo at a NULL. Each subsequent call
>will retrieve
>- another user information record handle until there are no more, at which
>point UserInfo
>- will point to NULL.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_MANAGER_PROTOCOL.
>- @param[in] User Handle of the user whose information will be
>deleted.
>- @param[in, out] UserInfo Handle of the user information to remove.
>-
>- @retval EFI_SUCCESS User information returned.
>- @retval EFI_NOT_FOUND No more user information found.
>- @retval EFI_INVALID_PARAMETER UserInfo is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileGetNextInfo (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN OUT EFI_USER_INFO_HANDLE *UserInfo
>- )
>-{
>- if ((This == NULL) || (UserInfo == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>- //
>- // Get next user information entry.
>- //
>- return FindUserInfo (User, (EFI_USER_INFO **) UserInfo, TRUE, NULL);
>-}
>-
>-
>-/**
>- Main entry for this driver.
>-
>- @param[in] ImageHandle Image handle this driver.
>- @param[in] SystemTable Pointer to SystemTable.
>-
>- @retval EFI_SUCESS This function always complete successfully.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserIdentifyManagerInit (
>- IN EFI_HANDLE ImageHandle,
>- IN EFI_SYSTEM_TABLE *SystemTable
>- )
>-{
>-
>- EFI_STATUS Status;
>-
>- //
>- // It is NOT robust enough to be included in production.
>- //
>- #error "This implementation is just a sample, please comment this line if you
>really want to use this driver."
>-
>- //
>- // Initiate form browser.
>- //
>- InitFormBrowser ();
>-
>- //
>- // Install protocol interfaces for the User Identity Manager.
>- //
>- Status = gBS->InstallProtocolInterface (
>- &mCallbackInfo->DriverHandle,
>- &gEfiUserManagerProtocolGuid,
>- EFI_NATIVE_INTERFACE,
>- &gUserIdentifyManager
>- );
>- ASSERT_EFI_ERROR (Status);
>-
>- LoadDeferredImageInit (ImageHandle);
>- return EFI_SUCCESS;
>-}
>-
>-
>diff --git
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>ager.h
>b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>ager.h
>deleted file mode 100644
>index 1c449b0128..0000000000
>---
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>ager.h
>+++ /dev/null
>@@ -1,413 +0,0 @@
>-/** @file
>- The header file for User identify Manager driver.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#ifndef _USER_IDENTIFY_MANAGER_H_
>-#define _USER_IDENTIFY_MANAGER_H_
>-
>-#include <Uefi.h>
>-
>-#include <Guid/GlobalVariable.h>
>-#include <Guid/MdeModuleHii.h>
>-
>-#include <Protocol/FormBrowser2.h>
>-#include <Protocol/HiiDatabase.h>
>-#include <Protocol/HiiConfigAccess.h>
>-#include <Protocol/HiiString.h>
>-#include <Protocol/HiiConfigRouting.h>
>-#include <Protocol/UserCredential2.h>
>-#include <Protocol/UserManager.h>
>-#include <Protocol/DeferredImageLoad.h>
>-#include <Protocol/SimpleTextOut.h>
>-#include <Protocol/SimpleTextIn.h>
>-#include <Protocol/SimpleTextInEx.h>
>-
>-#include <Library/UefiRuntimeServicesTableLib.h>
>-#include <Library/UefiBootServicesTableLib.h>
>-#include <Library/MemoryAllocationLib.h>
>-#include <Library/BaseMemoryLib.h>
>-#include <Library/DevicePathLib.h>
>-#include <Library/DebugLib.h>
>-#include <Library/UefiLib.h>
>-#include <Library/PrintLib.h>
>-#include <Library/HiiLib.h>
>-
>-#include "UserIdentifyManagerData.h"
>-
>-//
>-// This is the generated IFR binary data for each formset defined in VFR.
>-// This data array is ready to be used as input of HiiAddPackages() to
>-// create a packagelist.
>-//
>-extern UINT8 UserIdentifyManagerVfrBin[];
>-
>-//
>-// This is the generated String package data for all .UNI files.
>-// This data array is ready to be used as input of HiiAddPackages() to
>-// create a packagelist.
>-//
>-extern UINT8 UserIdentifyManagerStrings[];
>-
>-#define USER_NUMBER_INC 32
>-#define DEFAULT_PROFILE_SIZE 512
>-#define INFO_PAYLOAD_SIZE 64
>-
>-//
>-// Credential Provider Information.
>-//
>-typedef struct {
>- UINTN Count;
>- EFI_USER_CREDENTIAL2_PROTOCOL *Provider[1];
>-} CREDENTIAL_PROVIDER_INFO;
>-
>-//
>-// Internal user profile entry.
>-//
>-typedef struct {
>- UINTN MaxProfileSize;
>- UINTN UserProfileSize;
>- CHAR16 UserVarName[9];
>- UINT8 *ProfileInfo;
>-} USER_PROFILE_ENTRY;
>-
>-//
>-// Internal user profile database.
>-//
>-typedef struct {
>- UINTN UserProfileNum;
>- UINTN MaxProfileNum;
>- EFI_USER_PROFILE_HANDLE UserProfile[1];
>-} USER_PROFILE_DB;
>-
>-#define USER_MANAGER_SIGNATURE SIGNATURE_32 ('U', 'I', 'M', 'S')
>-
>-typedef struct {
>- UINTN Signature;
>- EFI_HANDLE DriverHandle;
>- EFI_HII_HANDLE HiiHandle;
>-
>- //
>- // Consumed protocol.
>- //
>- EFI_HII_DATABASE_PROTOCOL *HiiDatabase;
>- EFI_HII_STRING_PROTOCOL *HiiString;
>- EFI_HII_CONFIG_ROUTING_PROTOCOL *HiiConfigRouting;
>- EFI_FORM_BROWSER2_PROTOCOL *FormBrowser2;
>-
>- //
>- // Produced protocol.
>- //
>- EFI_HII_CONFIG_ACCESS_PROTOCOL ConfigAccess;
>-} USER_MANAGER_CALLBACK_INFO;
>-
>-///
>-/// HII specific Vendor Device Path definition.
>-///
>-typedef struct {
>- VENDOR_DEVICE_PATH VendorDevicePath;
>- EFI_DEVICE_PATH_PROTOCOL End;
>-} HII_VENDOR_DEVICE_PATH;
>-
>-/**
>- Register an event notification function for the user profile changed.
>-
>- @param[in] ImageHandle Image handle this driver.
>-
>-**/
>-VOID
>-LoadDeferredImageInit (
>- IN EFI_HANDLE ImageHandle
>- );
>-
>-
>-/**
>- This function creates a new user profile with only
>- a new user identifier attached and returns its handle.
>- The user profile is non-volatile, but the handle User
>- can change across reboots.
>-
>- @param[in] This Protocol EFI_USER_MANAGER_PROTOCOL
>instance
>- pointer.
>- @param[out] User Handle of a new user profile.
>-
>- @retval EFI_SUCCESS User profile was successfully created.
>- @retval EFI_ACCESS_DENIED Current user does not have sufficient
>permissions
>- to create a user profile.
>- @retval EFI_UNSUPPORTED Creation of new user profiles is not
>supported.
>- @retval EFI_INVALID_PARAMETER User is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileCreate (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- OUT EFI_USER_PROFILE_HANDLE *User
>- );
>-
>-
>-/**
>- Delete an existing user profile.
>-
>- @param This Protocol EFI_USER_MANAGER_PROTOCOL instance
>- pointer.
>- @param User User profile handle.
>-
>- @retval EFI_SUCCESS User profile was successfully deleted.
>- @retval EFI_ACCESS_DENIED Current user does not have sufficient
>permissions
>- to delete a user profile or there is only one
>- user profile.
>- @retval EFI_UNSUPPORTED Deletion of new user profiles is not
>supported.
>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>profile.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileDelete (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User
>- );
>-
>-
>-/**
>- Get next user profile from the user profile database.
>-
>- @param[in] This Protocol EFI_USER_MANAGER_PROTOCOL
>instance
>- pointer.
>- @param[in, out] User User profile handle.
>-
>- @retval EFI_SUCCESS Next enrolled user profile successfully returned.
>- @retval EFI_INVALID_PARAMETER User is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileGetNext (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN OUT EFI_USER_PROFILE_HANDLE *User
>- );
>-
>-
>-/**
>- This function returns the current user profile handle.
>-
>- @param[in] This Protocol EFI_USER_MANAGER_PROTOCOL
>instance pointer.
>- @param[out] CurrentUser User profile handle.
>-
>- @retval EFI_SUCCESS Current user profile handle returned
>successfully.
>- @retval EFI_INVALID_PARAMETER CurrentUser is NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileCurrent (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- OUT EFI_USER_PROFILE_HANDLE *CurrentUser
>- );
>-
>-
>-/**
>- Identify the user and, if authenticated, returns the user handle and changes
>- the current user profile.
>-
>- @param This Protocol EFI_USER_MANAGER_PROTOCOL instance
>pointer.
>- @param CurrentUser User profile handle.
>-
>- @retval EFI_SUCCESS User was successfully identified.
>- @retval EFI_INVALID_PARAMETER User is NULL.
>- @retval EFI_ACCESS_DENIED User was not successfully identified.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileIdentify (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- OUT EFI_USER_PROFILE_HANDLE *User
>- );
>-
>-
>-/**
>- Find a user using a user information record.
>-
>- This function searches all user profiles for the specified user information
>record.
>- The search starts with the user information record handle following
>UserInfo and
>- continues until either the information is found or there are no more user
>profiles.
>- A match occurs when the Info.InfoType field matches the user information
>record
>- type and the user information record data matches the portion of Info
>passed the
>- EFI_USER_INFO header.
>-
>- @param[in] This Points to this instance of the
>EFI_USER_MANAGER_PROTOCOL.
>- @param[in, out] User On entry, points to the previously returned user
>profile
>- handle, or NULL to start searching with the first user profile.
>- On return, points to the user profile handle, or NULL if not
>- found.
>- @param[in, out] UserInfo On entry, points to the previously returned user
>information
>- handle, or NULL to start searching with the first. On return,
>- points to the user information handle of the user information
>- record, or NULL if not found. Can be NULL, in which case only
>- one user information record per user can be returned.
>- @param[in] Info Points to the buffer containing the user information to
>be
>- compared to the user information record. If NULL, then only
>- the user information record type is compared. If InfoSize is 0,
>- then the user information record must be empty.
>-
>- @param[in] InfoSize The size of Info, in bytes.
>-
>- @retval EFI_SUCCESS User information was found. User points to the
>user profile handle,
>- and UserInfo points to the user information handle.
>- @retval EFI_NOT_FOUND User information was not found. User points to
>NULL and UserInfo
>- points to NULL.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileFind (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN OUT EFI_USER_PROFILE_HANDLE *User,
>- IN OUT EFI_USER_INFO_HANDLE *UserInfo OPTIONAL,
>- IN CONST EFI_USER_INFO *Info,
>- IN UINTN InfoSize
>- );
>-
>-
>-/**
>- This function returns user information.
>-
>- @param This Protocol EFI_USER_MANAGER_PROTOCOL instance
>- pointer.
>- @param User Handle of the user whose profile will be
>- retrieved.
>- @param UserInfo Handle of the user information data record.
>- @param Info On entry, points to a buffer of at least
>- *InfoSize bytes. On exit, holds the user
>- information.
>- @param InfoSize On entry, points to the size of Info. On return,
>- points to the size of the user information.
>-
>- @retval EFI_SUCCESS Information returned successfully.
>- @retval EFI_ACCESS_DENIED The information about the specified user
>cannot
>- be accessed by the current user.
>- EFI_BUFFER_TOO_SMALL- The number of bytes
>- specified by *InfoSize is too small to hold the
>- returned data.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileGetInfo (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN EFI_USER_INFO_HANDLE UserInfo,
>- OUT EFI_USER_INFO *Info,
>- IN OUT UINTN *InfoSize
>- );
>-
>-
>-/**
>- This function changes user information.
>-
>- @param This Protocol EFI_USER_MANAGER_PROTOCOL instance
>- pointer.
>- @param User Handle of the user whose profile will be
>- retrieved.
>- @param UserInfo Handle of the user information data record.
>- @param Info Points to the user information.
>- @param InfoSize The size of Info, in bytes.
>-
>- @retval EFI_SUCCESS User profile information was successfully
>- changed/added.
>- @retval EFI_ACCESS_DENIED The record is exclusive.
>- @retval EFI_SECURITY_VIOLATION The current user does not have
>permission to
>- change the specified user profile or user
>- information record.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileSetInfo (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN OUT EFI_USER_INFO_HANDLE *UserInfo,
>- IN CONST EFI_USER_INFO *Info,
>- IN UINTN InfoSize
>- );
>-
>-
>-/**
>- This function allows the credential provider to notify the User Identity
>Manager
>- when user status has changed while deselected.
>-
>- @param This Protocol EFI_USER_MANAGER_PROTOCOL instance
>- pointer.
>- @param Changed Points to the instance of the
>- EFI_USER_CREDENTIAL_PROTOCOL where the user has
>- changed.
>-
>- @retval EFI_SUCCESS The User Identity Manager has handled the
>- notification.
>- @retval EFI_NOT_READY The function was called while the specified
>- credential provider was not selected.
>- @retval EFI_UNSUPPORTED The User Identity Manager doesn't support
>- asynchronous notifications.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileNotify (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN EFI_HANDLE Changed
>- );
>-
>-
>-/**
>- Delete the user information attached to the user profile specified by the
>UserInfo.
>-
>- @param This Protocol EFI_USER_MANAGER_PROTOCOL instance
>pointer.
>- @param User Handle of the user whose profile will be retrieved.
>- @param UserInfo Handle of the user information data record.
>-
>- @retval EFI_SUCCESS User information deleted successfully.
>- @retval EFI_ACCESS_DENIED The current user does not have permission
>to
>- delete this user in-formation.
>- @retval EFI_NOT_FOUND User information record UserInfo does not
>exist
>- in the user pro-file.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileDeleteInfo (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN EFI_USER_INFO_HANDLE UserInfo
>- );
>-
>-
>-/**
>- This function returns the next user information record.
>-
>- @param This Protocol EFI_USER_MANAGER_PROTOCOL instance
>pointer.
>- @param User Handle of the user whose profile will be retrieved.
>- @param UserInfo Handle of the user information data record.
>-
>- @retval EFI_SUCCESS User information returned.
>- @retval EFI_NOT_FOUND No more user information found.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileGetNextInfo (
>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN OUT EFI_USER_INFO_HANDLE *UserInfo
>- );
>-
>-#endif
>diff --git
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>ager.uni
>b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>ager.uni
>deleted file mode 100644
>index 82c72baeeb..0000000000
>---
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>ager.uni
>+++ /dev/null
>@@ -1,21 +0,0 @@
>-// /** @file
>-// Produces user manager protocol
>-//
>-// This module manages user information and produces user manager
>protocol.
>-//
>-// Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
>-//
>-// This program and the accompanying materials
>-// are licensed and made available under the terms and conditions of the BSD
>License
>-// which accompanies this distribution. The full text of the license may be
>found at
>-// http://opensource.org/licenses/bsd-license.php
>-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-//
>-// **/
>-
>-
>-#string STR_MODULE_ABSTRACT #language en-US "Produces user
>manager protocol"
>-
>-#string STR_MODULE_DESCRIPTION #language en-US "This module
>manages user information and produces user manager protocol."
>-
>diff --git
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerData.h
>b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerData.h
>deleted file mode 100644
>index 4e07ddd309..0000000000
>---
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerData.h
>+++ /dev/null
>@@ -1,35 +0,0 @@
>-/** @file
>- Data structure used by the user identify manager driver.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#ifndef _USER_IDENTIFY_MANAGER_DATA_H_
>-#define _USER_IDENTIFY_MANAGER_DATA_H_
>-
>-#include <Guid/UserIdentifyManagerHii.h>
>-
>-//
>-// Forms definition.
>-//
>-#define FORMID_USER_FORM 1
>-#define FORMID_PROVIDER_FORM 2
>-#define FORMID_INVALID_FORM 0x0FFF
>-
>-//
>-// Labels definition.
>-//
>-#define LABEL_USER_NAME 0x1000
>-#define LABEL_PROVIDER_NAME 0x3000
>-#define LABEL_END 0xffff
>-#define FORM_OPEN_QUESTION_ID 0xfffe
>-
>-#endif
>diff --git
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerDxe.inf
>b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerDxe.inf
>deleted file mode 100644
>index 27e8ba19ad..0000000000
>---
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerDxe.inf
>+++ /dev/null
>@@ -1,79 +0,0 @@
>-## @file
>-# Produces user manager protocol
>-#
>-# This module manages user information and produces user manager
>protocol.
>-#
>-# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-# This program and the accompanying materials
>-# are licensed and made available under the terms and conditions of the BSD
>License
>-# which accompanies this distribution. The full text of the license may be
>found at
>-# http://opensource.org/licenses/bsd-license.php
>-# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>-# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-#
>-##
>-
>-[defines]
>- INF_VERSION = 0x00010005
>- BASE_NAME = UserIdentifyManager
>- MODULE_UNI_FILE = UserIdentifyManager.uni
>- FILE_GUID = C5D3191B-27D5-4873-8DF2-628136991A21
>- MODULE_TYPE = DXE_DRIVER
>- VERSION_STRING = 1.0
>- ENTRY_POINT = UserIdentifyManagerInit
>-
>-[sources]
>- UserIdentifyManager.c
>- LoadDeferredImage.c
>- UserIdentifyManager.h
>- UserIdentifyManagerData.h
>- UserIdentifyManagerStrings.uni
>- UserIdentifyManagerVfr.Vfr
>-
>-[Packages]
>- MdePkg/MdePkg.dec
>- MdeModulePkg/MdeModulePkg.dec
>- SecurityPkg/SecurityPkg.dec
>-
>-[LibraryClasses]
>- UefiRuntimeServicesTableLib
>- UefiBootServicesTableLib
>- UefiDriverEntryPoint
>- MemoryAllocationLib
>- BaseMemoryLib
>- DebugLib
>- HiiLib
>- UefiLib
>-
>-[Guids]
>- gEfiIfrTianoGuid ## SOMETIMES_CONSUMES ## GUID
>- gEfiEventUserProfileChangedGuid ## SOMETIMES_PRODUCES ##
>Event
>-
>- ## SOMETIMES_PRODUCES ## Variable:L"Userxxxx"
>- ## SOMETIMES_CONSUMES ## Variable:L"Userxxxx"
>- ## CONSUMES ## HII
>- gUserIdentifyManagerGuid
>-
>-[Protocols]
>- gEfiFormBrowser2ProtocolGuid ## CONSUMES
>- gEfiHiiDatabaseProtocolGuid ## CONSUMES
>- gEfiUserCredential2ProtocolGuid ## SOMETIMES_CONSUMES
>- gEfiDeferredImageLoadProtocolGuid ## SOMETIMES_CONSUMES
>- gEfiSimpleTextOutProtocolGuid ## SOMETIMES_CONSUMES
>- gEfiSimpleTextInProtocolGuid ## SOMETIMES_CONSUMES
>- gEfiSimpleTextInputExProtocolGuid ## SOMETIMES_CONSUMES
>- gEfiHiiConfigAccessProtocolGuid ## PRODUCES
>- gEfiDevicePathProtocolGuid ## PRODUCES
>-
>- ## PRODUCES
>- ## SOMETIMES_PRODUCES ## SystemTable
>- gEfiUserManagerProtocolGuid
>-
>-[Depex]
>- gEfiHiiDatabaseProtocolGuid AND
>- gEfiHiiStringProtocolGuid AND
>- gEfiFormBrowser2ProtocolGuid
>-
>-[UserExtensions.TianoCore."ExtraFiles"]
>- UserIdentifyManagerExtra.uni
>-
>diff --git
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerExtra.uni
>b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerExtra.uni
>deleted file mode 100644
>index 8b7cba7b32..0000000000
>---
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerExtra.uni
>+++ /dev/null
>@@ -1,19 +0,0 @@
>-// /** @file
>-// UserIdentifyManager Localized Strings and Content
>-//
>-// Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
>-//
>-// This program and the accompanying materials
>-// are licensed and made available under the terms and conditions of the BSD
>License
>-// which accompanies this distribution. The full text of the license may be
>found at
>-// http://opensource.org/licenses/bsd-license.php
>-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-//
>-// **/
>-
>-#string STR_PROPERTIES_MODULE_NAME
>-#language en-US
>-"User Identify Manager"
>-
>-
>diff --git
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerStrings.uni
>b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerStrings.uni
>deleted file mode 100644
>index fcbf5005cd..0000000000
>---
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerStrings.uni
>+++ /dev/null
>@@ -1,27 +0,0 @@
>-/** @file
>- String definitions for the User Identify Manager driver.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php.
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#langdef en-US "English"
>-#langdef fr-FR "Francais"
>-
>-#string STR_TITLE #language en-US "User Identity Manager"
>- #language fr-FR "User Identity Manager(French)"
>-#string STR_USER_SELECT #language en-US "User Selection"
>- #language fr-FR "User Selection(French)"
>-#string STR_PROVIDER_SELECT #language en-US "Provider
>Selection"
>- #language fr-FR "User Selection(French)"
>-#string STR_NULL_STRING #language en-US ""
>- #language fr-FR ""
>-
>-
>diff --git
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerVfr.Vfr
>b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerVfr.Vfr
>deleted file mode 100644
>index 306679776d..0000000000
>---
>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>agerVfr.Vfr
>+++ /dev/null
>@@ -1,43 +0,0 @@
>-/** @file
>- User identify manager formset.
>-
>-Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#include "UserIdentifyManagerData.h"
>-
>-formset
>- guid = USER_IDENTIFY_MANAGER_GUID,
>- title = STRING_TOKEN(STR_TITLE),
>- help = STRING_TOKEN(STR_NULL_STRING),
>- classguid = USER_IDENTIFY_MANAGER_GUID,
>-
>- form formid = FORMID_USER_FORM,
>- title = STRING_TOKEN(STR_USER_SELECT);
>-
>- suppressif TRUE;
>- text
>- help = STRING_TOKEN(STR_NULL_STRING),
>- text = STRING_TOKEN(STR_NULL_STRING),
>- flags = INTERACTIVE,
>- key = FORM_OPEN_QUESTION_ID;
>- endif;
>-
>- label LABEL_USER_NAME;
>- label LABEL_END;
>- endform;
>-
>- form formid = FORMID_PROVIDER_FORM,
>- title = STRING_TOKEN(STR_PROVIDER_SELECT);
>- label LABEL_PROVIDER_NAME;
>- label LABEL_END;
>- endform;
>-endformset;
>\ No newline at end of file
>diff --git
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyAccessPolic
>y.c
>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyAccessPolic
>y.c
>deleted file mode 100644
>index 56d3b1df98..0000000000
>---
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyAccessPolic
>y.c
>+++ /dev/null
>@@ -1,688 +0,0 @@
>-/** @file
>- The functions for access policy modification.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#include "UserProfileManager.h"
>-
>-/**
>- Collect all the access policy data to mUserInfo.AccessPolicy,
>- and save it to user profile.
>-
>-**/
>-VOID
>-SaveAccessPolicy (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- UINTN OffSet;
>- UINTN Size;
>- EFI_USER_INFO_ACCESS_CONTROL Control;
>- EFI_USER_INFO_HANDLE UserInfo;
>- EFI_USER_INFO *Info;
>-
>- if (mUserInfo.AccessPolicy != NULL) {
>- FreePool (mUserInfo.AccessPolicy);
>- }
>- mUserInfo.AccessPolicy = NULL;
>- mUserInfo.AccessPolicyLen = 0;
>- mUserInfo.AccessPolicyModified = TRUE;
>- OffSet = 0;
>-
>- //
>- // Save access right.
>- //
>- Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL);
>- if (mUserInfo.AccessPolicyLen - OffSet < Size) {
>- ExpandMemory (OffSet, Size);
>- }
>-
>- Control.Type = mAccessInfo.AccessRight;
>- Control.Size = (UINT32) Size;
>- CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
>- OffSet += sizeof (Control);
>-
>- //
>- // Save access setup.
>- //
>- Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) + sizeof (EFI_GUID);
>- if (mUserInfo.AccessPolicyLen - OffSet < Size) {
>- ExpandMemory (OffSet, Size);
>- }
>-
>- Control.Type = EFI_USER_INFO_ACCESS_SETUP;
>- Control.Size = (UINT32) Size;
>- CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
>- OffSet += sizeof (Control);
>-
>- if (mAccessInfo.AccessSetup == ACCESS_SETUP_NORMAL) {
>- CopyGuid ((EFI_GUID *) (mUserInfo.AccessPolicy + OffSet),
>&gEfiUserInfoAccessSetupNormalGuid);
>- } else if (mAccessInfo.AccessSetup == ACCESS_SETUP_RESTRICTED) {
>- CopyGuid ((EFI_GUID *) (mUserInfo.AccessPolicy + OffSet),
>&gEfiUserInfoAccessSetupRestrictedGuid);
>- } else if (mAccessInfo.AccessSetup == ACCESS_SETUP_ADMIN) {
>- CopyGuid ((EFI_GUID *) (mUserInfo.AccessPolicy + OffSet),
>&gEfiUserInfoAccessSetupAdminGuid);
>- }
>- OffSet += sizeof (EFI_GUID);
>-
>- //
>- // Save access of boot order.
>- //
>- Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) + sizeof (UINT32);
>- if (mUserInfo.AccessPolicyLen - OffSet < Size) {
>- ExpandMemory (OffSet, Size);
>- }
>-
>- Control.Type = EFI_USER_INFO_ACCESS_BOOT_ORDER;
>- Control.Size = (UINT32) Size;
>- CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
>- OffSet += sizeof (Control);
>-
>- CopyMem ((UINT8 *) (mUserInfo.AccessPolicy + OffSet),
>&mAccessInfo.AccessBootOrder, sizeof (UINT32));
>- OffSet += sizeof (UINT32);
>-
>- //
>- // Save permit load.
>- //
>- if (mAccessInfo.LoadPermitLen > 0) {
>- Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) +
>mAccessInfo.LoadPermitLen;
>- if (mUserInfo.AccessPolicyLen - OffSet < Size) {
>- ExpandMemory (OffSet, Size);
>- }
>-
>- Control.Type = EFI_USER_INFO_ACCESS_PERMIT_LOAD;
>- Control.Size = (UINT32) Size;
>- CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
>- OffSet += sizeof (Control);
>-
>- CopyMem (mUserInfo.AccessPolicy + OffSet, mAccessInfo.LoadPermit,
>mAccessInfo.LoadPermitLen);
>- OffSet += mAccessInfo.LoadPermitLen;
>- }
>-
>- //
>- // Save forbid load.
>- //
>- if (mAccessInfo.LoadForbidLen > 0) {
>- Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) +
>mAccessInfo.LoadForbidLen;
>- if (mUserInfo.AccessPolicyLen - OffSet < Size) {
>- ExpandMemory (OffSet, Size);
>- }
>-
>- Control.Type = EFI_USER_INFO_ACCESS_FORBID_LOAD;
>- Control.Size = (UINT32) Size;
>- CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
>- OffSet += sizeof (Control);
>-
>- CopyMem (mUserInfo.AccessPolicy + OffSet, mAccessInfo.LoadForbid,
>mAccessInfo.LoadForbidLen);
>- OffSet += mAccessInfo.LoadForbidLen;
>- }
>-
>- //
>- // Save permit connect.
>- //
>- if (mAccessInfo.ConnectPermitLen > 0) {
>- Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) +
>mAccessInfo.ConnectPermitLen;
>- if (mUserInfo.AccessPolicyLen - OffSet < Size) {
>- ExpandMemory (OffSet, Size);
>- }
>-
>- Control.Type = EFI_USER_INFO_ACCESS_PERMIT_CONNECT;
>- Control.Size = (UINT32) Size;
>- CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
>- OffSet += sizeof (Control);
>-
>- CopyMem (mUserInfo.AccessPolicy + OffSet, mAccessInfo.ConnectPermit,
>mAccessInfo.ConnectPermitLen);
>- OffSet += mAccessInfo.ConnectPermitLen;
>- }
>-
>- //
>- // Save forbid connect.
>- //
>- if (mAccessInfo.ConnectForbidLen > 0) {
>- Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) +
>mAccessInfo.ConnectForbidLen;
>- if (mUserInfo.AccessPolicyLen - OffSet < Size) {
>- ExpandMemory (OffSet, Size);
>- }
>-
>- Control.Type = EFI_USER_INFO_ACCESS_FORBID_CONNECT;
>- Control.Size = (UINT32) Size;
>- CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
>- OffSet += sizeof (Control);
>-
>- CopyMem (mUserInfo.AccessPolicy + OffSet, mAccessInfo.ConnectForbid,
>mAccessInfo.ConnectForbidLen);
>- OffSet += mAccessInfo.ConnectForbidLen;
>- }
>-
>- mUserInfo.AccessPolicyLen = OffSet;
>-
>- //
>- // Save access policy.
>- //
>- if (mUserInfo.AccessPolicyModified && (mUserInfo.AccessPolicyLen > 0)
>&& (mUserInfo.AccessPolicy != NULL)) {
>- Info = AllocateZeroPool (sizeof (EFI_USER_INFO) +
>mUserInfo.AccessPolicyLen);
>- if (Info == NULL) {
>- return ;
>- }
>-
>- Status = FindInfoByType (mModifyUser,
>EFI_USER_INFO_ACCESS_POLICY_RECORD, &UserInfo);
>- if (!EFI_ERROR (Status)) {
>- Info->InfoType = EFI_USER_INFO_ACCESS_POLICY_RECORD;
>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>- EFI_USER_INFO_PUBLIC |
>- EFI_USER_INFO_EXCLUSIVE;
>- Info->InfoSize = (UINT32) (sizeof (EFI_USER_INFO) +
>mUserInfo.AccessPolicyLen);
>- CopyMem ((UINT8 *) (Info + 1), mUserInfo.AccessPolicy,
>mUserInfo.AccessPolicyLen);
>- Status = mUserManager->SetInfo (
>- mUserManager,
>- mModifyUser,
>- &UserInfo,
>- Info,
>- Info->InfoSize
>- );
>- mUserInfo.AccessPolicyModified = FALSE;
>- }
>- FreePool (Info);
>- }
>-
>- if (mAccessInfo.ConnectForbid != NULL) {
>- FreePool (mAccessInfo.ConnectForbid);
>- mAccessInfo.ConnectForbid = NULL;
>- }
>-
>- if (mAccessInfo.ConnectPermit != NULL) {
>- FreePool (mAccessInfo.ConnectPermit);
>- mAccessInfo.ConnectPermit = NULL;
>- }
>-
>- if (mAccessInfo.LoadForbid != NULL) {
>- FreePool (mAccessInfo.LoadForbid);
>- mAccessInfo.LoadForbid = NULL;
>- }
>-
>- if (mAccessInfo.LoadPermit != NULL) {
>- FreePool (mAccessInfo.LoadPermit);
>- mAccessInfo.LoadPermit = NULL;
>- }
>-}
>-
>-/**
>- Create an action OpCode with QuestionID and DevicePath on a given
>OpCodeHandle.
>-
>- @param[in] QuestionID The question ID.
>- @param[in] DevicePath Points to device path.
>- @param[in] OpCodeHandle Points to container for dynamic created
>opcodes.
>-
>-**/
>-VOID
>-AddDevicePath (
>- IN UINTN QuestionID,
>- IN EFI_DEVICE_PATH_PROTOCOL *DevicePath,
>- IN VOID *OpCodeHandle
>- )
>-{
>- EFI_DEVICE_PATH_PROTOCOL *Next;
>- EFI_STRING_ID NameID;
>- EFI_STRING DriverName;
>-
>- //
>- // Get driver file name node.
>- //
>- Next = DevicePath;
>- while (!IsDevicePathEnd (Next)) {
>- DevicePath = Next;
>- Next = NextDevicePathNode (Next);
>- }
>-
>- //
>- // Display the device path in form.
>- //
>- DriverName = ConvertDevicePathToText (DevicePath, FALSE, FALSE);
>- NameID = HiiSetString (mCallbackInfo->HiiHandle, 0, DriverName, NULL);
>- FreePool (DriverName);
>- if (NameID == 0) {
>- return ;
>- }
>-
>- HiiCreateActionOpCode (
>- OpCodeHandle, // Container for dynamic created opcodes
>- (UINT16) QuestionID, // Question ID
>- NameID, // Prompt text
>- STRING_TOKEN (STR_NULL_STRING), // Help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- 0 // Action String ID
>- );
>-}
>-
>-
>-/**
>- Check whether the DevicePath is in the device path forbid list
>- (mAccessInfo.LoadForbid).
>-
>- @param[in] DevicePath Points to device path.
>-
>- @retval TRUE The DevicePath is in the device path forbid list.
>- @retval FALSE The DevicePath is not in the device path forbid list.
>-
>-**/
>-BOOLEAN
>-IsLoadForbidden (
>- IN EFI_DEVICE_PATH_PROTOCOL *DevicePath
>- )
>-{
>- UINTN OffSet;
>- UINTN DPSize;
>- UINTN Size;
>- EFI_DEVICE_PATH_PROTOCOL *Dp;
>-
>- OffSet = 0;
>- Size = GetDevicePathSize (DevicePath);
>- //
>- // Check each device path.
>- //
>- while (OffSet < mAccessInfo.LoadForbidLen) {
>- Dp = (EFI_DEVICE_PATH_PROTOCOL *) (mAccessInfo.LoadForbid +
>OffSet);
>- DPSize = GetDevicePathSize (Dp);
>- //
>- // Compare device path.
>- //
>- if ((DPSize == Size) && (CompareMem (DevicePath, Dp, Size) == 0)) {
>- return TRUE;
>- }
>- OffSet += DPSize;
>- }
>- return FALSE;
>-}
>-
>-
>-/**
>- Display the permit load device path in the loadable device path list.
>-
>-**/
>-VOID
>-DisplayLoadPermit(
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- CHAR16 *Order;
>- UINTN OrderSize;
>- UINTN ListCount;
>- UINTN Index;
>- UINT8 *Var;
>- UINT8 *VarPtr;
>- CHAR16 VarName[12];
>- VOID *StartOpCodeHandle;
>- VOID *EndOpCodeHandle;
>- EFI_IFR_GUID_LABEL *StartLabel;
>- EFI_IFR_GUID_LABEL *EndLabel;
>-
>- //
>- // Get DriverOrder.
>- //
>- OrderSize = 0;
>- Status = gRT->GetVariable (
>- L"DriverOrder",
>- &gEfiGlobalVariableGuid,
>- NULL,
>- &OrderSize,
>- NULL
>- );
>- if (Status != EFI_BUFFER_TOO_SMALL) {
>- return ;
>- }
>-
>- Order = AllocateZeroPool (OrderSize);
>- if (Order == NULL) {
>- return ;
>- }
>-
>- Status = gRT->GetVariable (
>- L"DriverOrder",
>- &gEfiGlobalVariableGuid,
>- NULL,
>- &OrderSize,
>- Order
>- );
>- if (EFI_ERROR (Status)) {
>- return ;
>- }
>-
>- //
>- // Initialize the container for dynamic opcodes.
>- //
>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (StartOpCodeHandle != NULL);
>-
>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (EndOpCodeHandle != NULL);
>-
>- //
>- // Create Hii Extend Label OpCode.
>- //
>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- StartOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- StartLabel->Number = LABEL_PERMIT_LOAD_FUNC;
>-
>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- EndOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- EndLabel->Number = LABEL_END;
>-
>- //
>- // Add each driver option.
>- //
>- Var = NULL;
>- ListCount = OrderSize / sizeof (UINT16);
>- for (Index = 0; Index < ListCount; Index++) {
>- //
>- // Get driver device path.
>- //
>- UnicodeSPrint (VarName, sizeof (VarName), L"Driver%04x", Order[Index]);
>- GetEfiGlobalVariable2 (VarName, (VOID**)&Var, NULL);
>- if (Var == NULL) {
>- continue;
>- }
>-
>- //
>- // Check whether the driver is already forbidden.
>- //
>-
>- VarPtr = Var;
>- //
>- // Skip attribute.
>- //
>- VarPtr += sizeof (UINT32);
>-
>- //
>- // Skip device path lenth.
>- //
>- VarPtr += sizeof (UINT16);
>-
>- //
>- // Skip descript string.
>- //
>- VarPtr += StrSize ((UINT16 *) VarPtr);
>-
>- if (IsLoadForbidden ((EFI_DEVICE_PATH_PROTOCOL *) VarPtr)) {
>- FreePool (Var);
>- Var = NULL;
>- continue;
>- }
>-
>- AddDevicePath (
>- KEY_MODIFY_USER | KEY_MODIFY_AP_DP | KEY_LOAD_PERMIT_MODIFY
>| Order[Index],
>- (EFI_DEVICE_PATH_PROTOCOL *) VarPtr,
>- StartOpCodeHandle
>- );
>- FreePool (Var);
>- Var = NULL;
>- }
>-
>- HiiUpdateForm (
>- mCallbackInfo->HiiHandle, // HII handle
>- &gUserProfileManagerGuid, // Formset GUID
>- FORMID_PERMIT_LOAD_DP, // Form ID
>- StartOpCodeHandle, // Label for where to insert opcodes
>- EndOpCodeHandle // Replace data
>- );
>-
>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>-
>- //
>- // Clear Environment.
>- //
>- if (Var != NULL) {
>- FreePool (Var);
>- }
>- FreePool (Order);
>-}
>-
>-
>-/**
>- Display the forbid load device path list (mAccessInfo.LoadForbid).
>-
>-**/
>-VOID
>-DisplayLoadForbid (
>- VOID
>- )
>-{
>- UINTN Offset;
>- UINTN DPSize;
>- UINTN Index;
>- EFI_DEVICE_PATH_PROTOCOL *Dp;
>- VOID *StartOpCodeHandle;
>- VOID *EndOpCodeHandle;
>- EFI_IFR_GUID_LABEL *StartLabel;
>- EFI_IFR_GUID_LABEL *EndLabel;
>-
>- //
>- // Initialize the container for dynamic opcodes.
>- //
>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (StartOpCodeHandle != NULL);
>-
>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (EndOpCodeHandle != NULL);
>-
>- //
>- // Create Hii Extend Label OpCode.
>- //
>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- StartOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- StartLabel->Number = LABLE_FORBID_LOAD_FUNC;
>-
>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- EndOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- EndLabel->Number = LABEL_END;
>-
>- //
>- // Add each forbid load drivers.
>- //
>- Offset = 0;
>- Index = 0;
>- while (Offset < mAccessInfo.LoadForbidLen) {
>- Dp = (EFI_DEVICE_PATH_PROTOCOL *) (mAccessInfo.LoadForbid +
>Offset);
>- DPSize = GetDevicePathSize (Dp);
>- AddDevicePath (
>- KEY_MODIFY_USER | KEY_MODIFY_AP_DP | KEY_LOAD_FORBID_MODIFY
>| Index,
>- Dp,
>- StartOpCodeHandle
>- );
>- Index++;
>- Offset += DPSize;
>- }
>-
>- HiiUpdateForm (
>- mCallbackInfo->HiiHandle, // HII handle
>- &gUserProfileManagerGuid, // Formset GUID
>- FORMID_FORBID_LOAD_DP, // Form ID
>- StartOpCodeHandle, // Label for where to insert opcodes
>- EndOpCodeHandle // Replace data
>- );
>-
>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>-}
>-
>-
>-/**
>- Display the permit connect device path.
>-
>-**/
>-VOID
>-DisplayConnectPermit (
>- VOID
>- )
>-{
>- //
>- // Note:
>- // As no architect protocol/interface to be called in ConnectController()
>- // to verify the device path, just add a place holder for permitted connect
>- // device path.
>- //
>-}
>-
>-
>-/**
>- Display the forbid connect device path list.
>-
>-**/
>-VOID
>-DisplayConnectForbid (
>- VOID
>- )
>-{
>- //
>- // Note:
>- // As no architect protocol/interface to be called in ConnectController()
>- // to verify the device path, just add a place holder for forbidden connect
>- // device path.
>- //
>-}
>-
>-
>-/**
>- Delete the specified device path by DriverIndex from the forbid device path
>- list (mAccessInfo.LoadForbid).
>-
>- @param[in] DriverIndex The index of driver in forbidden device path list.
>-
>-**/
>-VOID
>-DeleteFromForbidLoad (
>- IN UINT16 DriverIndex
>- )
>-{
>- UINTN OffSet;
>- UINTN DPSize;
>- UINTN OffLen;
>- EFI_DEVICE_PATH_PROTOCOL *Dp;
>-
>- OffSet = 0;
>- //
>- // Find the specified device path.
>- //
>- while ((OffSet < mAccessInfo.LoadForbidLen) && (DriverIndex > 0)) {
>- Dp = (EFI_DEVICE_PATH_PROTOCOL *) (mAccessInfo.LoadForbid +
>OffSet);
>- DPSize = GetDevicePathSize (Dp);
>- OffSet += DPSize;
>- DriverIndex--;
>- }
>-
>- //
>- // Specified device path found.
>- //
>- if (DriverIndex == 0) {
>- Dp = (EFI_DEVICE_PATH_PROTOCOL *) (mAccessInfo.LoadForbid +
>OffSet);
>- DPSize = GetDevicePathSize (Dp);
>- OffLen = mAccessInfo.LoadForbidLen - OffSet - DPSize;
>- if (OffLen > 0) {
>- CopyMem (
>- mAccessInfo.LoadForbid + OffSet,
>- mAccessInfo.LoadForbid + OffSet + DPSize,
>- OffLen
>- );
>- }
>- mAccessInfo.LoadForbidLen -= DPSize;
>- }
>-}
>-
>-
>-/**
>- Add the specified device path by DriverIndex to the forbid device path
>- list (mAccessInfo.LoadForbid).
>-
>- @param[in] DriverIndex The index of driver saved in driver options.
>-
>-**/
>-VOID
>-AddToForbidLoad (
>- IN UINT16 DriverIndex
>- )
>-{
>- UINTN DevicePathLen;
>- UINT8 *Var;
>- UINT8 *VarPtr;
>- UINTN NewLen;
>- UINT8 *NewFL;
>- CHAR16 VarName[13];
>-
>- //
>- // Get loadable driver device path.
>- //
>- UnicodeSPrint (VarName, sizeof (VarName), L"Driver%04x", DriverIndex);
>- GetEfiGlobalVariable2 (VarName, (VOID**)&Var, NULL);
>- if (Var == NULL) {
>- return;
>- }
>-
>- //
>- // Save forbid load driver.
>- //
>-
>- VarPtr = Var;
>- //
>- // Skip attribute.
>- //
>- VarPtr += sizeof (UINT32);
>-
>- DevicePathLen = *(UINT16 *) VarPtr;
>- //
>- // Skip device path length.
>- //
>- VarPtr += sizeof (UINT16);
>-
>- //
>- // Skip description string.
>- //
>- VarPtr += StrSize ((UINT16 *) VarPtr);
>-
>- NewLen = mAccessInfo.LoadForbidLen + DevicePathLen;
>- NewFL = AllocateZeroPool (NewLen);
>- if (NewFL == NULL) {
>- FreePool (Var);
>- return ;
>- }
>-
>- if (mAccessInfo.LoadForbidLen > 0) {
>- CopyMem (NewFL, mAccessInfo.LoadForbid, mAccessInfo.LoadForbidLen);
>- FreePool (mAccessInfo.LoadForbid);
>- }
>-
>- CopyMem (NewFL + mAccessInfo.LoadForbidLen, VarPtr, DevicePathLen);
>- mAccessInfo.LoadForbidLen = NewLen;
>- mAccessInfo.LoadForbid = NewFL;
>- FreePool (Var);
>-}
>-
>-
>diff --git
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyIdentityPoli
>cy.c
>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyIdentityPoli
>cy.c
>deleted file mode 100644
>index 602c4a8397..0000000000
>---
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyIdentityPoli
>cy.c
>+++ /dev/null
>@@ -1,516 +0,0 @@
>-/** @file
>- The functions for identification policy modification.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#include "UserProfileManager.h"
>-
>-
>-/**
>- Verify the new identity policy in the current implementation. The same
>credential
>- provider can't appear twice in one identity policy.
>-
>- @param[in] NewGuid Points to the credential provider guid.
>-
>- @retval TRUE The NewGuid was found in the identity policy.
>- @retval FALSE The NewGuid was not found.
>-
>-**/
>-BOOLEAN
>-ProviderAlreadyInPolicy (
>- IN EFI_GUID *NewGuid
>- )
>-{
>- UINTN Offset;
>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>- EFI_INPUT_KEY Key;
>-
>- Offset = 0;
>- while (Offset < mUserInfo.NewIdentityPolicyLen) {
>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *)
>(mUserInfo.NewIdentityPolicy + Offset);
>- if (Identity->Type == EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER) {
>- if (CompareGuid (NewGuid, (EFI_GUID *) (Identity + 1))) {
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- L"This Credential Provider Are Already Used!",
>- L"",
>- L"Press Any Key to Continue ...",
>- NULL
>- );
>- return TRUE;
>- }
>- }
>- Offset += Identity->Length;
>- }
>-
>- return FALSE;
>-}
>-
>-
>-/**
>- Add the user's credential record in the provider.
>-
>- @param[in] Identity Identity policy item including credential provider.
>- @param[in] User Points to user profile.
>-
>- @retval EFI_SUCCESS Add or delete record successfully.
>- @retval Others Fail to add or delete record.
>-
>-**/
>-EFI_STATUS
>-EnrollUserOnProvider (
>- IN EFI_USER_INFO_IDENTITY_POLICY *Identity,
>- IN EFI_USER_PROFILE_HANDLE User
>- )
>-{
>- UINTN Index;
>- EFI_USER_CREDENTIAL2_PROTOCOL *UserCredential;
>-
>- //
>- // Find the specified credential provider.
>- //
>- for (Index = 0; Index < mProviderInfo->Count; Index++) {
>- UserCredential = mProviderInfo->Provider[Index];
>- if (CompareGuid ((EFI_GUID *)(Identity + 1), &UserCredential->Identifier))
>{
>- return UserCredential->Enroll (UserCredential, User);
>- }
>- }
>-
>- return EFI_NOT_FOUND;
>-}
>-
>-
>-/**
>- Delete the User's credential record on the provider.
>-
>- @param[in] Identity Point to
>EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER user info.
>- @param[in] User Points to user profile.
>-
>- @retval EFI_SUCCESS Delete User's credential record successfully.
>- @retval Others Fail to add or delete record.
>-
>-**/
>-EFI_STATUS
>-DeleteUserOnProvider (
>- IN EFI_USER_INFO_IDENTITY_POLICY *Identity,
>- IN EFI_USER_PROFILE_HANDLE User
>- )
>-{
>- UINTN Index;
>- EFI_USER_CREDENTIAL2_PROTOCOL *UserCredential;
>-
>- //
>- // Find the specified credential provider.
>- //
>- for (Index = 0; Index < mProviderInfo->Count; Index++) {
>- UserCredential = mProviderInfo->Provider[Index];
>- if (CompareGuid ((EFI_GUID *)(Identity + 1), &UserCredential->Identifier))
>{
>- return UserCredential->Delete (UserCredential, User);
>- }
>- }
>-
>- return EFI_NOT_FOUND;
>-}
>-
>-
>-/**
>- Delete User's credental from all the providers that exist in User's identity
>policy.
>-
>- @param[in] IdentityPolicy Point to User's identity policy.
>- @param[in] IdentityPolicyLen The length of the identity policy.
>- @param[in] User Points to user profile.
>-
>-**/
>-VOID
>-DeleteCredentialFromProviders (
>- IN UINT8 *IdentityPolicy,
>- IN UINTN IdentityPolicyLen,
>- IN EFI_USER_PROFILE_HANDLE User
>- )
>-{
>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>- UINTN Offset;
>-
>- Offset = 0;
>- while (Offset < IdentityPolicyLen) {
>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) (IdentityPolicy + Offset);
>- if (Identity->Type == EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER) {
>- //
>- // Delete the user on this provider.
>- //
>- DeleteUserOnProvider (Identity, User);
>- }
>- Offset += Identity->Length;
>- }
>-
>-}
>-
>-
>-/**
>- Remove the provider specified by Offset from the new user identification
>record.
>-
>- @param[in] IdentityPolicy Point to user identity item in new identification
>policy.
>- @param[in] Offset The item offset in the new identification policy.
>-
>-**/
>-VOID
>-DeleteProviderFromPolicy (
>- IN EFI_USER_INFO_IDENTITY_POLICY *IdentityPolicy,
>- IN UINTN Offset
>- )
>-{
>- UINTN RemainingLen;
>- UINTN DeleteLen;
>-
>- if (IdentityPolicy->Length == mUserInfo.NewIdentityPolicyLen) {
>- //
>- // Only one credential provider in the identification policy.
>- // Set the new policy to be TRUE after removed the provider.
>- //
>- IdentityPolicy->Type = EFI_USER_INFO_IDENTITY_TRUE;
>- IdentityPolicy->Length = sizeof (EFI_USER_INFO_IDENTITY_POLICY);
>- mUserInfo.NewIdentityPolicyLen = IdentityPolicy->Length;
>- return ;
>- }
>-
>- DeleteLen = IdentityPolicy->Length +
>sizeof(EFI_USER_INFO_IDENTITY_POLICY);
>- if ((Offset + IdentityPolicy->Length) != mUserInfo.NewIdentityPolicyLen) {
>- //
>- // This provider is not the last item in the identification policy, delete it and
>the connector.
>- //
>- RemainingLen = mUserInfo.NewIdentityPolicyLen - Offset - DeleteLen;
>- CopyMem ((UINT8 *) IdentityPolicy, (UINT8 *) IdentityPolicy + DeleteLen,
>RemainingLen);
>- }
>- mUserInfo.NewIdentityPolicyLen -= DeleteLen;
>-}
>-
>-
>-/**
>- Add a new provider to the mUserInfo.NewIdentityPolicy.
>-
>- It is invoked when 'add option' in UI is pressed.
>-
>- @param[in] NewGuid Points to the credential provider guid.
>-
>-**/
>-VOID
>-AddProviderToPolicy (
>- IN EFI_GUID *NewGuid
>- )
>-{
>- UINT8 *NewPolicyInfo;
>- UINTN NewPolicyInfoLen;
>- EFI_USER_INFO_IDENTITY_POLICY *Policy;
>-
>- //
>- // Allocate memory for the new identity policy.
>- //
>- NewPolicyInfoLen = mUserInfo.NewIdentityPolicyLen + sizeof
>(EFI_USER_INFO_IDENTITY_POLICY) + sizeof (EFI_GUID);
>- if (mUserInfo.NewIdentityPolicyLen > 0) {
>- //
>- // It is not the first provider in the policy. Add a connector before provider.
>- //
>- NewPolicyInfoLen += sizeof (EFI_USER_INFO_IDENTITY_POLICY);
>- }
>- NewPolicyInfo = AllocateZeroPool (NewPolicyInfoLen);
>- if (NewPolicyInfo == NULL) {
>- return ;
>- }
>-
>- NewPolicyInfoLen = 0;
>- if (mUserInfo.NewIdentityPolicyLen > 0) {
>- //
>- // Save orginal policy.
>- //
>- CopyMem (NewPolicyInfo, mUserInfo.NewIdentityPolicy,
>mUserInfo.NewIdentityPolicyLen);
>-
>- //
>- // Save logical connector.
>- //
>- Policy = (EFI_USER_INFO_IDENTITY_POLICY *) (NewPolicyInfo +
>mUserInfo.NewIdentityPolicyLen);
>- if (mConncetLogical == 0) {
>- Policy->Type = EFI_USER_INFO_IDENTITY_AND;
>- } else {
>- Policy->Type = EFI_USER_INFO_IDENTITY_OR;
>- }
>-
>- Policy->Length = sizeof (EFI_USER_INFO_IDENTITY_POLICY);
>- NewPolicyInfoLen = mUserInfo.NewIdentityPolicyLen + Policy->Length;
>- FreePool (mUserInfo.NewIdentityPolicy);
>- }
>-
>- //
>- // Save credential provider.
>- //
>- Policy = (EFI_USER_INFO_IDENTITY_POLICY *) (NewPolicyInfo +
>NewPolicyInfoLen);
>- Policy->Length = sizeof (EFI_USER_INFO_IDENTITY_POLICY) + sizeof
>(EFI_GUID);
>- Policy->Type = EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER;
>- CopyGuid ((EFI_GUID *) (Policy + 1), NewGuid);
>- NewPolicyInfoLen += Policy->Length;
>-
>- //
>- // Update identity policy choice.
>- //
>- mUserInfo.NewIdentityPolicy = NewPolicyInfo;
>- mUserInfo.NewIdentityPolicyLen = NewPolicyInfoLen;
>- mUserInfo.NewIdentityPolicyModified = TRUE;
>-}
>-
>-
>-/**
>- This function replaces the old identity policy with a new identity policy.
>-
>- This function delete the user identity policy information.
>- If enroll new credential failed, recover the old identity policy.
>-
>- @retval EFI_SUCCESS Modify user identity policy successfully.
>- @retval Others Fail to modify user identity policy.
>-
>-**/
>-EFI_STATUS
>-UpdateCredentialProvider (
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>- UINTN Offset;
>-
>- //
>- // Delete the old identification policy.
>- //
>- DeleteCredentialFromProviders (mUserInfo.IdentityPolicy,
>mUserInfo.IdentityPolicyLen, mModifyUser);
>-
>- //
>- // Add the new identification policy.
>- //
>- Offset = 0;
>- while (Offset < mUserInfo.NewIdentityPolicyLen) {
>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *)
>(mUserInfo.NewIdentityPolicy + Offset);
>- if (Identity->Type == EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER) {
>- //
>- // Enroll the user on this provider
>- //
>- Status = EnrollUserOnProvider (Identity, mModifyUser);
>- if (EFI_ERROR (Status)) {
>- //
>- // Failed to enroll the user by new identification policy.
>- // So removed the credential provider from the identification policy
>- //
>- DeleteProviderFromPolicy (Identity, Offset);
>- continue;
>- }
>- }
>- Offset += Identity->Length;
>- }
>-
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Check whether the identity policy is valid.
>-
>- @param[in] PolicyInfo Point to the identity policy.
>- @param[in] PolicyInfoLen The policy length.
>-
>- @retval TRUE The policy is a valid identity policy.
>- @retval FALSE The policy is not a valid identity policy.
>-
>-**/
>-BOOLEAN
>-CheckNewIdentityPolicy (
>- IN UINT8 *PolicyInfo,
>- IN UINTN PolicyInfoLen
>- )
>-{
>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>- EFI_INPUT_KEY Key;
>- UINTN Offset;
>- UINT32 OpCode;
>-
>- //
>- // Check policy expression.
>- //
>- OpCode = EFI_USER_INFO_IDENTITY_FALSE;
>- Offset = 0;
>- while (Offset < PolicyInfoLen) {
>- //
>- // Check identification policy according to type
>- //
>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) (PolicyInfo + Offset);
>- switch (Identity->Type) {
>-
>- case EFI_USER_INFO_IDENTITY_TRUE:
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_OR:
>- if (OpCode == EFI_USER_INFO_IDENTITY_AND) {
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- L"Invalid Identity Policy, Mixed Connector Unsupport!",
>- L"",
>- L"Press Any Key to Continue ...",
>- NULL
>- );
>- return FALSE;
>- }
>-
>- OpCode = EFI_USER_INFO_IDENTITY_OR;
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_AND:
>- if (OpCode == EFI_USER_INFO_IDENTITY_OR) {
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- L"Invalid Identity Policy, Mixed Connector Unsupport!",
>- L"",
>- L"Press Any Key to Continue ...",
>- NULL
>- );
>- return FALSE;
>- }
>-
>- OpCode = EFI_USER_INFO_IDENTITY_AND;
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER:
>- break;
>-
>- default:
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- L"Unsupport parameter",
>- L"",
>- L"Press Any Key to Continue ...",
>- NULL
>- );
>- return FALSE;
>- }
>- Offset += Identity->Length;
>- }
>-
>- return TRUE;
>-}
>-
>-
>-/**
>- Save the identity policy and update UI with it.
>-
>- This function will verify the new identity policy, in current implementation,
>- the identity policy can be: T, P & P & P & ..., P | P | P | ...
>- Here, "T" means "True", "P" means "Credential Provider", "&" means "and",
>"|" means "or".
>- Other identity policies are not supported.
>-
>-**/
>-VOID
>-SaveIdentityPolicy (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO_HANDLE UserInfo;
>- EFI_USER_INFO *Info;
>-
>- if (!mUserInfo.NewIdentityPolicyModified ||
>(mUserInfo.NewIdentityPolicyLen == 0)) {
>- return;
>- }
>-
>- //
>- // Check policy expression.
>- //
>- if (!CheckNewIdentityPolicy (mUserInfo.NewIdentityPolicy,
>mUserInfo.NewIdentityPolicyLen)) {
>- return;
>- }
>-
>- Status = FindInfoByType (mModifyUser,
>EFI_USER_INFO_IDENTITY_POLICY_RECORD, &UserInfo);
>- if (EFI_ERROR (Status)) {
>- return ;
>- }
>-
>- //
>- // Update the informantion on credential provider.
>- //
>- Status = UpdateCredentialProvider ();
>- if (EFI_ERROR (Status)) {
>- return ;
>- }
>-
>- //
>- // Save new identification policy.
>- //
>- Info = AllocateZeroPool (sizeof (EFI_USER_INFO) +
>mUserInfo.NewIdentityPolicyLen);
>- ASSERT (Info != NULL);
>-
>- Info->InfoType = EFI_USER_INFO_IDENTITY_POLICY_RECORD;
>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
>- Info->InfoSize = (UINT32) (sizeof (EFI_USER_INFO) +
>mUserInfo.NewIdentityPolicyLen);
>- CopyMem ((UINT8 *) (Info + 1), mUserInfo.NewIdentityPolicy,
>mUserInfo.NewIdentityPolicyLen);
>-
>- Status = mUserManager->SetInfo (mUserManager, mModifyUser,
>&UserInfo, Info, Info->InfoSize);
>- FreePool (Info);
>-
>- //
>- // Update the mUserInfo.IdentityPolicy by mUserInfo.NewIdentityPolicy
>- //
>- if (mUserInfo.IdentityPolicy != NULL) {
>- FreePool (mUserInfo.IdentityPolicy);
>- }
>- mUserInfo.IdentityPolicy = mUserInfo.NewIdentityPolicy;
>- mUserInfo.IdentityPolicyLen = mUserInfo.NewIdentityPolicyLen;
>-
>- mUserInfo.NewIdentityPolicy = NULL;
>- mUserInfo.NewIdentityPolicyLen = 0;
>- mUserInfo.NewIdentityPolicyModified = FALSE;
>-
>- //
>- // Update identity policy choice.
>- //
>- ResolveIdentityPolicy (mUserInfo.IdentityPolicy,
>mUserInfo.IdentityPolicyLen, STRING_TOKEN (STR_IDENTIFY_POLICY_VAL));
>-}
>-
>-
>-/**
>- Update the mUserInfo.NewIdentityPolicy, and UI when 'add option' is
>pressed.
>-
>-**/
>-VOID
>-AddIdentityPolicyItem (
>- VOID
>- )
>-{
>- if (mProviderInfo->Count == 0) {
>- return ;
>- }
>-
>- //
>- // Check the identity policy.
>- //
>- if (ProviderAlreadyInPolicy (&mProviderInfo->Provider[mProviderChoice]-
>>Identifier)) {
>- return;
>- }
>-
>- //
>- // Add it to identification policy
>- //
>- AddProviderToPolicy (&mProviderInfo->Provider[mProviderChoice]-
>>Identifier);
>-
>- //
>- // Update identity policy choice.
>- //
>- ResolveIdentityPolicy (mUserInfo.NewIdentityPolicy,
>mUserInfo.NewIdentityPolicyLen, STRING_TOKEN
>(STR_IDENTIFY_POLICY_VALUE));
>-}
>-
>-
>diff --git
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileAdd.c
>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileAdd.c
>deleted file mode 100644
>index 6de7e75e79..0000000000
>---
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileAdd.c
>+++ /dev/null
>@@ -1,372 +0,0 @@
>-/** @file
>- The functions to add a user profile.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#include "UserProfileManager.h"
>-
>-
>-/**
>- Get user name from the popup windows.
>-
>- @param[in, out] UserNameLen On entry, point to UserName buffer lengh,
>in bytes.
>- On exit, point to input user name length, in bytes.
>- @param[out] UserName The buffer to hold the input user name.
>-
>- @retval EFI_ABORTED It is given up by pressing 'ESC' key.
>- @retval EFI_NOT_READY Not a valid input at all.
>- @retval EFI_SUCCESS Get a user name successfully.
>-
>-**/
>-EFI_STATUS
>-GetUserNameInput (
>- IN OUT UINTN *UserNameLen,
>- OUT CHAR16 *UserName
>- )
>-{
>- EFI_INPUT_KEY Key;
>- UINTN NameLen;
>- CHAR16 Name[USER_NAME_LENGTH];
>-
>- NameLen = 0;
>- while (TRUE) {
>- Name[NameLen] = L'_';
>- Name[NameLen + 1] = L'\0';
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- L"Input User Name",
>- L"---------------------",
>- Name,
>- NULL
>- );
>- //
>- // Check key.
>- //
>- if (Key.ScanCode == SCAN_NULL) {
>- if (Key.UnicodeChar == CHAR_CARRIAGE_RETURN) {
>- //
>- // Add the null terminator.
>- //
>- Name[NameLen] = 0;
>- NameLen++;
>- break;
>- } else if ((Key.UnicodeChar == CHAR_NULL) ||
>- (Key.UnicodeChar == CHAR_TAB) ||
>- (Key.UnicodeChar == CHAR_LINEFEED)
>- ) {
>- continue;
>- } else {
>- if (Key.UnicodeChar == CHAR_BACKSPACE) {
>- if (NameLen > 0) {
>- NameLen--;
>- }
>- } else {
>- Name[NameLen] = Key.UnicodeChar;
>- NameLen++;
>- if (NameLen + 1 == USER_NAME_LENGTH) {
>- //
>- // Add the null terminator.
>- //
>- Name[NameLen] = 0;
>- NameLen++;
>- break;
>- }
>- }
>- }
>- }
>-
>- if (Key.ScanCode == SCAN_ESC) {
>- return EFI_ABORTED;
>- }
>- }
>-
>- if (NameLen <= 1) {
>- return EFI_NOT_READY;
>- }
>-
>- if (*UserNameLen < NameLen * sizeof (CHAR16)) {
>- return EFI_NOT_READY;
>- }
>-
>- *UserNameLen = NameLen * sizeof (CHAR16);
>- CopyMem (UserName, Name, *UserNameLen);
>-
>- return EFI_SUCCESS;
>-}
>-
>-/**
>- Set a user's username.
>-
>- @param[in] User Handle of a user profile .
>- @param[in] UserNameLen The lengh of UserName.
>- @param[in] UserName Point to the buffer of user name.
>-
>- @retval EFI_NOT_READY The usernme in mAddUserName had been used.
>- @retval EFI_SUCCESS Change the user's username successfully with
>- username in mAddUserName.
>-
>-**/
>-EFI_STATUS
>-SetUserName (
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN UINTN UserNameLen,
>- IN CHAR16 *UserName
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO_HANDLE UserInfo;
>- EFI_USER_PROFILE_HANDLE TempUser;
>- EFI_USER_INFO *NewUserInfo;
>-
>- NewUserInfo = AllocateZeroPool (sizeof (EFI_USER_INFO) + UserNameLen);
>- ASSERT (NewUserInfo != NULL);
>-
>- NewUserInfo->InfoType = EFI_USER_INFO_NAME_RECORD;
>- NewUserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>- EFI_USER_INFO_PUBLIC |
>- EFI_USER_INFO_EXCLUSIVE;
>- NewUserInfo->InfoSize = (UINT32) (sizeof (EFI_USER_INFO) +
>UserNameLen);
>- CopyMem ((UINT8 *) (NewUserInfo + 1), UserName, UserNameLen);
>- TempUser = NULL;
>- Status = mUserManager->Find (
>- mUserManager,
>- &TempUser,
>- NULL,
>- NewUserInfo,
>- NewUserInfo->InfoSize
>- );
>- if (!EFI_ERROR (Status)) {
>- //
>- // The user name had been used, return error.
>- //
>- FreePool (NewUserInfo);
>- return EFI_NOT_READY;
>- }
>-
>- UserInfo = NULL;
>- mUserManager->SetInfo (
>- mUserManager,
>- User,
>- &UserInfo,
>- NewUserInfo,
>- NewUserInfo->InfoSize
>- );
>- FreePool (NewUserInfo);
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- Set create date of the specified user.
>-
>- @param[in] User Handle of a user profile.
>-
>-**/
>-VOID
>-SetCreateDate (
>- IN EFI_USER_PROFILE_HANDLE User
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO_HANDLE UserInfo;
>- EFI_USER_INFO_CREATE_DATE Date;
>- EFI_USER_INFO *NewUserInfo;
>-
>- NewUserInfo = AllocateZeroPool (
>- sizeof (EFI_USER_INFO) +
>- sizeof (EFI_USER_INFO_CREATE_DATE)
>- );
>- ASSERT (NewUserInfo != NULL);
>-
>- NewUserInfo->InfoType = EFI_USER_INFO_CREATE_DATE_RECORD;
>- NewUserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>- EFI_USER_INFO_PUBLIC |
>- EFI_USER_INFO_EXCLUSIVE;
>- NewUserInfo->InfoSize = sizeof (EFI_USER_INFO) + sizeof
>(EFI_USER_INFO_CREATE_DATE);
>- Status = gRT->GetTime (&Date, NULL);
>- if (EFI_ERROR (Status)) {
>- FreePool (NewUserInfo);
>- return ;
>- }
>-
>- CopyMem ((UINT8 *) (NewUserInfo + 1), &Date, sizeof
>(EFI_USER_INFO_CREATE_DATE));
>- UserInfo = NULL;
>- mUserManager->SetInfo (
>- mUserManager,
>- User,
>- &UserInfo,
>- NewUserInfo,
>- NewUserInfo->InfoSize
>- );
>- FreePool (NewUserInfo);
>-}
>-
>-
>-/**
>- Set the default identity policy of the specified user.
>-
>- @param[in] User Handle of a user profile.
>-
>-**/
>-VOID
>-SetIdentityPolicy (
>- IN EFI_USER_PROFILE_HANDLE User
>- )
>-{
>- EFI_USER_INFO_IDENTITY_POLICY *Policy;
>- EFI_USER_INFO_HANDLE UserInfo;
>- EFI_USER_INFO *NewUserInfo;
>-
>- NewUserInfo = AllocateZeroPool (
>- sizeof (EFI_USER_INFO) +
>- sizeof (EFI_USER_INFO_IDENTITY_POLICY)
>- );
>- ASSERT (NewUserInfo != NULL);
>-
>- Policy = (EFI_USER_INFO_IDENTITY_POLICY *) (NewUserInfo + 1);
>- Policy->Type = EFI_USER_INFO_IDENTITY_TRUE;
>- Policy->Length = sizeof (EFI_USER_INFO_IDENTITY_POLICY);
>-
>- NewUserInfo->InfoType = EFI_USER_INFO_IDENTITY_POLICY_RECORD;
>- NewUserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>- EFI_USER_INFO_PUBLIC |
>- EFI_USER_INFO_EXCLUSIVE;
>- NewUserInfo->InfoSize = sizeof (EFI_USER_INFO) + Policy->Length;
>- UserInfo = NULL;
>- mUserManager->SetInfo (
>- mUserManager,
>- User,
>- &UserInfo,
>- NewUserInfo,
>- NewUserInfo->InfoSize
>- );
>- FreePool (NewUserInfo);
>-}
>-
>-
>-/**
>- Set the default access policy of the specified user.
>-
>- @param[in] User Handle of a user profile.
>-
>-**/
>-VOID
>-SetAccessPolicy (
>- IN EFI_USER_PROFILE_HANDLE User
>- )
>-{
>- EFI_USER_INFO_ACCESS_CONTROL *Control;
>- EFI_USER_INFO_HANDLE UserInfo;
>- EFI_USER_INFO *NewUserInfo;
>-
>- NewUserInfo = AllocateZeroPool (
>- sizeof (EFI_USER_INFO) +
>- sizeof (EFI_USER_INFO_ACCESS_CONTROL)
>- );
>- ASSERT (NewUserInfo != NULL);
>-
>- Control = (EFI_USER_INFO_ACCESS_CONTROL *) (NewUserInfo +
>1);
>- Control->Type = EFI_USER_INFO_ACCESS_ENROLL_SELF;
>- Control->Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL);
>-
>- NewUserInfo->InfoType = EFI_USER_INFO_ACCESS_POLICY_RECORD;
>- NewUserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>- EFI_USER_INFO_PUBLIC |
>- EFI_USER_INFO_EXCLUSIVE;
>- NewUserInfo->InfoSize = sizeof (EFI_USER_INFO) + Control->Size;
>- UserInfo = NULL;
>- mUserManager->SetInfo (
>- mUserManager,
>- User,
>- &UserInfo,
>- NewUserInfo,
>- NewUserInfo->InfoSize
>- );
>- FreePool (NewUserInfo);
>-}
>-
>-
>-/**
>- Add a new user profile into the user profile database.
>-
>-**/
>-VOID
>-CallAddUser (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- EFI_INPUT_KEY Key;
>- EFI_USER_PROFILE_HANDLE User;
>- UINTN UserNameLen;
>- CHAR16 UserName[USER_NAME_LENGTH];
>- CHAR16 *QuestionStr;
>- CHAR16 *PromptStr;
>-
>- QuestionStr = NULL;
>- PromptStr = NULL;
>-
>- //
>- // Get user name to add.
>- //
>- UserNameLen = sizeof (UserName);
>- Status = GetUserNameInput (&UserNameLen, UserName);
>- if (EFI_ERROR (Status)) {
>- if (Status != EFI_ABORTED) {
>- QuestionStr = GetStringById (STRING_TOKEN
>(STR_GET_USERNAME_FAILED));
>- PromptStr = GetStringById (STRING_TOKEN
>(STR_STROKE_KEY_CONTINUE));
>- goto Done;
>- }
>- return ;
>- }
>-
>- //
>- // Create a new user profile.
>- //
>- User = NULL;
>- Status = mUserManager->Create (mUserManager, &User);
>- if (EFI_ERROR (Status)) {
>- QuestionStr = GetStringById (STRING_TOKEN
>(STR_CREATE_PROFILE_FAILED));
>- PromptStr = GetStringById (STRING_TOKEN
>(STR_STROKE_KEY_CONTINUE));
>- } else {
>- //
>- // Add default user information.
>- //
>- Status = SetUserName (User, UserNameLen, UserName);
>- if (EFI_ERROR (Status)) {
>- QuestionStr = GetStringById (STRING_TOKEN
>(STR_USER_ALREADY_EXISTED));
>- PromptStr = GetStringById (STRING_TOKEN
>(STR_STROKE_KEY_CONTINUE));
>- goto Done;
>- }
>-
>- SetCreateDate (User);
>- SetIdentityPolicy (User);
>- SetAccessPolicy (User);
>-
>- QuestionStr = GetStringById (STRING_TOKEN
>(STR_CREATE_PROFILE_SUCCESS));
>- PromptStr = GetStringById (STRING_TOKEN
>(STR_STROKE_KEY_CONTINUE));
>- }
>-
>-Done:
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- QuestionStr,
>- L"",
>- PromptStr,
>- NULL
>- );
>- FreePool (QuestionStr);
>- FreePool (PromptStr);
>-}
>-
>diff --git
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileDelete.
>c
>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileDelete.
>c
>deleted file mode 100644
>index af5d3109dd..0000000000
>---
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileDelete.
>c
>+++ /dev/null
>@@ -1,343 +0,0 @@
>-/** @file
>- The functions to delete a user profile.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#include "UserProfileManager.h"
>-
>-/**
>- Get the username from the specified user.
>-
>- @param[in] User Handle of a user profile.
>-
>- @retval EFI_STRING_ID The String Id of the user's username.
>-
>-**/
>-EFI_STRING_ID
>-GetUserName (
>- IN EFI_USER_PROFILE_HANDLE User
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO_HANDLE UserInfo;
>- EFI_USER_INFO *Info;
>- UINTN InfoSize;
>- UINTN MemSize;
>- UINTN NameLen;
>- CHAR16 UserName[USER_NAME_LENGTH];
>- EFI_STRING_ID UserId;
>-
>- //
>- // Allocate user information memory.
>- //
>- MemSize = sizeof (EFI_USER_INFO) + 63;
>- Info = AllocateZeroPool (MemSize);
>- ASSERT (Info != NULL);
>-
>- //
>- // Get user name information.
>- //
>- UserInfo = NULL;
>- while (TRUE) {
>- InfoSize = MemSize;
>- //
>- // Get next user information.
>- //
>- Status = mUserManager->GetNextInfo (
>- mUserManager,
>- User,
>- &UserInfo
>- );
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>-
>- Status = mUserManager->GetInfo (
>- mUserManager,
>- User,
>- UserInfo,
>- Info,
>- &InfoSize
>- );
>- if (Status == EFI_BUFFER_TOO_SMALL) {
>- MemSize = InfoSize;
>- FreePool (Info);
>- Info = AllocateZeroPool (MemSize);
>- ASSERT (Info != NULL);
>-
>- Status = mUserManager->GetInfo (
>- mUserManager,
>- User,
>- UserInfo,
>- Info,
>- &InfoSize
>- );
>- }
>- //
>- // Check user information.
>- //
>- if (Status == EFI_SUCCESS) {
>- if (Info->InfoType == EFI_USER_INFO_NAME_RECORD) {
>- NameLen = Info->InfoSize - sizeof (EFI_USER_INFO);
>- if (NameLen > USER_NAME_LENGTH * sizeof (CHAR16)) {
>- NameLen = USER_NAME_LENGTH * sizeof (CHAR16);
>- }
>- ASSERT (NameLen >= sizeof (CHAR16));
>- CopyMem (UserName, (UINT8 *) (Info + 1), NameLen);
>- UserName[NameLen / sizeof (CHAR16) - 1] = 0;
>- UserId = HiiSetString (
>- mCallbackInfo->HiiHandle,
>- 0,
>- UserName,
>- NULL
>- );
>- if (UserId != 0) {
>- FreePool (Info);
>- return UserId;
>- }
>- }
>- }
>- }
>-
>- FreePool (Info);
>- return 0;
>-}
>-
>-
>-/**
>- Add a username item in form.
>-
>- @param[in] User Points to the user profile whose username is added.
>- @param[in] Index The index of the user in the user name list
>- @param[in] OpCodeHandle Points to container for dynamic created
>opcodes.
>-
>-**/
>-VOID
>-AddUserToForm (
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN UINT16 Index,
>- IN VOID *OpCodeHandle
>- )
>-{
>- EFI_STRING_ID NameId;
>-
>- //
>- // Get user name
>- //
>- NameId = GetUserName (User);
>- if (NameId == 0) {
>- return ;
>- }
>-
>- //
>- // Create user name option.
>- //
>- switch (Index & KEY_FIRST_FORM_MASK) {
>- case KEY_MODIFY_USER:
>- HiiCreateGotoOpCode (
>- OpCodeHandle, // Container for dynamic created opcodes
>- FORMID_USER_INFO, // Target Form ID
>- NameId, // Prompt text
>- STRING_TOKEN (STR_NULL_STRING), // Help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- Index // Question ID
>- );
>- break;
>-
>- case KEY_DEL_USER:
>- HiiCreateActionOpCode (
>- OpCodeHandle, // Container for dynamic created opcodes
>- Index, // Question ID
>- NameId, // Prompt text
>- STRING_TOKEN (STR_NULL_STRING), // Help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- 0 // Action String ID
>- );
>- break;
>-
>- default:
>- break;
>- }
>-}
>-
>-
>-/**
>- Delete the user specified by UserIndex in user profile database.
>-
>- @param[in] UserIndex The index of user in the user name list
>- to be deleted.
>-
>-**/
>-VOID
>-DeleteUser (
>- IN UINT8 UserIndex
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_PROFILE_HANDLE User;
>- EFI_INPUT_KEY Key;
>- EFI_USER_INFO_HANDLE UserInfo;
>- EFI_USER_INFO *Info;
>- UINTN InfoSize;
>-
>- //
>- // Find specified user profile and delete it.
>- //
>- User = NULL;
>- Status = mUserManager->GetNext (mUserManager, &User);
>- if (EFI_ERROR (Status)) {
>- goto Done;
>- }
>-
>- while (UserIndex > 1) {
>- Status = mUserManager->GetNext (mUserManager, &User);
>- if (EFI_ERROR (Status)) {
>- goto Done;
>- }
>- UserIndex--;
>- }
>-
>- if (UserIndex == 1) {
>- //
>- // Get the identification policy.
>- //
>- Status = FindInfoByType (User,
>EFI_USER_INFO_IDENTITY_POLICY_RECORD, &UserInfo);
>- if (EFI_ERROR (Status)) {
>- goto Done;
>- }
>-
>- InfoSize = 0;
>- Info = NULL;
>- Status = mUserManager->GetInfo (mUserManager, User, UserInfo, Info,
>&InfoSize);
>- if (Status == EFI_BUFFER_TOO_SMALL) {
>- Info = AllocateZeroPool (InfoSize);
>- if (Info == NULL) {
>- goto Done;
>- }
>- Status = mUserManager->GetInfo (mUserManager, User, UserInfo, Info,
>&InfoSize);
>- }
>-
>- //
>- // Delete the user on the credential providers by its identification policy.
>- //
>- ASSERT (Info != NULL);
>- DeleteCredentialFromProviders ((UINT8 *)(Info + 1), Info->InfoSize - sizeof
>(EFI_USER_INFO), User);
>- FreePool (Info);
>-
>- Status = mUserManager->Delete (mUserManager, User);
>- if (EFI_ERROR (Status)) {
>- goto Done;
>- }
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- L"Delete User Succeed!",
>- L"",
>- L"Please Press Any Key to Continue ...",
>- NULL
>- );
>- return ;
>- }
>-
>-Done:
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- L"Delete User Failed!",
>- L"",
>- L"Please Press Any Key to Continue ...",
>- NULL
>- );
>-}
>-
>-
>-/**
>- Display user select form, cab select a user to delete.
>-
>-**/
>-VOID
>-SelectUserToDelete (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- UINT8 Index;
>- EFI_USER_PROFILE_HANDLE User;
>- EFI_USER_PROFILE_HANDLE CurrentUser;
>- VOID *StartOpCodeHandle;
>- VOID *EndOpCodeHandle;
>- EFI_IFR_GUID_LABEL *StartLabel;
>- EFI_IFR_GUID_LABEL *EndLabel;
>-
>- //
>- // Initialize the container for dynamic opcodes.
>- //
>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (StartOpCodeHandle != NULL);
>-
>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (EndOpCodeHandle != NULL);
>-
>- //
>- // Create Hii Extend Label OpCode.
>- //
>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- StartOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- StartLabel->Number = LABEL_USER_DEL_FUNC;
>-
>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- EndOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- EndLabel->Number = LABEL_END;
>-
>- //
>- // Add each user can be deleted.
>- //
>- User = NULL;
>- Index = 1;
>- mUserManager->Current (mUserManager, &CurrentUser);
>- while (TRUE) {
>- Status = mUserManager->GetNext (mUserManager, &User);
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>-
>- if (User != CurrentUser) {
>- AddUserToForm (
>- User,
>- (UINT16)(KEY_DEL_USER | KEY_SELECT_USER | Index),
>- StartOpCodeHandle
>- );
>- }
>- Index++;
>- }
>-
>- HiiUpdateForm (
>- mCallbackInfo->HiiHandle, // HII handle
>- &gUserProfileManagerGuid, // Formset GUID
>- FORMID_DEL_USER, // Form ID
>- StartOpCodeHandle, // Label for where to insert opcodes
>- EndOpCodeHandle // Replace data
>- );
>-
>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>-}
>diff --git
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>er.c
>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>er.c
>deleted file mode 100644
>index e73ba3a8fc..0000000000
>---
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>er.c
>+++ /dev/null
>@@ -1,887 +0,0 @@
>-/** @file
>- This driver is a configuration tool for adding, deleting or modifying user
>- profiles, including gathering the necessary information to ascertain their
>- identity in the future, updating user access policy and identification
>- policy, etc.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-(C) Copyright 2018 Hewlett Packard Enterprise Development LP<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#include "UserProfileManager.h"
>-
>-EFI_USER_MANAGER_PROTOCOL *mUserManager = NULL;
>-CREDENTIAL_PROVIDER_INFO *mProviderInfo = NULL;
>-UINT8 mProviderChoice;
>-UINT8 mConncetLogical;
>-USER_INFO_ACCESS mAccessInfo;
>-USER_INFO mUserInfo;
>-USER_PROFILE_MANAGER_CALLBACK_INFO *mCallbackInfo;
>-HII_VENDOR_DEVICE_PATH mHiiVendorDevicePath = {
>- {
>- {
>- HARDWARE_DEVICE_PATH,
>- HW_VENDOR_DP,
>- {
>- (UINT8) (sizeof (VENDOR_DEVICE_PATH)),
>- (UINT8) ((sizeof (VENDOR_DEVICE_PATH)) >> 8)
>- }
>- },
>- USER_PROFILE_MANAGER_GUID
>- },
>- {
>- END_DEVICE_PATH_TYPE,
>- END_ENTIRE_DEVICE_PATH_SUBTYPE,
>- {
>- (UINT8) (END_DEVICE_PATH_LENGTH),
>- (UINT8) ((END_DEVICE_PATH_LENGTH) >> 8)
>- }
>- }
>-};
>-
>-
>-/**
>- Get string by string id from HII Interface.
>-
>-
>- @param[in] Id String ID to get the string from.
>-
>- @retval CHAR16 * String from ID.
>- @retval NULL If error occurs.
>-
>-**/
>-CHAR16 *
>-GetStringById (
>- IN EFI_STRING_ID Id
>- )
>-{
>- //
>- // Get the current string for the current Language.
>- //
>- return HiiGetString (mCallbackInfo->HiiHandle, Id, NULL);
>-}
>-
>-
>-/**
>- This function gets all the credential providers in the system and saved them
>- to mProviderInfo.
>-
>- @retval EFI_SUCESS Init credential provider database successfully.
>- @retval Others Fail to init credential provider database.
>-
>-**/
>-EFI_STATUS
>-InitProviderInfo (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- UINTN HandleCount;
>- EFI_HANDLE *HandleBuf;
>- UINTN Index;
>-
>- //
>- // Try to find all the user credential provider driver.
>- //
>- HandleCount = 0;
>- HandleBuf = NULL;
>- Status = gBS->LocateHandleBuffer (
>- ByProtocol,
>- &gEfiUserCredential2ProtocolGuid,
>- NULL,
>- &HandleCount,
>- &HandleBuf
>- );
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Get provider infomation.
>- //
>- if (mProviderInfo != NULL) {
>- FreePool (mProviderInfo);
>- }
>- mProviderInfo = AllocateZeroPool (
>- sizeof (CREDENTIAL_PROVIDER_INFO) -
>- sizeof (EFI_USER_CREDENTIAL2_PROTOCOL *) +
>- HandleCount * sizeof (EFI_USER_CREDENTIAL2_PROTOCOL *)
>- );
>- if (mProviderInfo == NULL) {
>- FreePool (HandleBuf);
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- mProviderInfo->Count = HandleCount;
>- for (Index = 0; Index < HandleCount; Index++) {
>- Status = gBS->HandleProtocol (
>- HandleBuf[Index],
>- &gEfiUserCredential2ProtocolGuid,
>- (VOID **) &mProviderInfo->Provider[Index]
>- );
>- if (EFI_ERROR (Status)) {
>- FreePool (HandleBuf);
>- FreePool (mProviderInfo);
>- mProviderInfo = NULL;
>- return Status;
>- }
>- }
>-
>- FreePool (HandleBuf);
>- return EFI_SUCCESS;
>-}
>-
>-
>-/**
>- This function processes changes in user profile configuration.
>-
>- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
>- @param Action Specifies the type of action taken by the browser.
>- @param QuestionId A unique value which is sent to the original
>- exporting driver so that it can identify the type
>- of data to expect.
>- @param Type The type of value for the question.
>- @param Value A pointer to the data being sent to the original
>- exporting driver.
>- @param ActionRequest On return, points to the action requested by
>the
>- callback function.
>-
>- @retval EFI_SUCCESS The callback successfully handled the action.
>- @retval Others Fail to handle the action.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileManagerCallback (
>- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
>- IN EFI_BROWSER_ACTION Action,
>- IN EFI_QUESTION_ID QuestionId,
>- IN UINT8 Type,
>- IN EFI_IFR_TYPE_VALUE *Value,
>- OUT EFI_BROWSER_ACTION_REQUEST *ActionRequest
>- )
>-{
>- EFI_STATUS Status;
>- EFI_INPUT_KEY Key;
>- UINT32 CurrentAccessRight;
>- CHAR16 *QuestionStr;
>- CHAR16 *PromptStr;
>- VOID *StartOpCodeHandle;
>- VOID *EndOpCodeHandle;
>- EFI_IFR_GUID_LABEL *StartLabel;
>- EFI_IFR_GUID_LABEL *EndLabel;
>- EFI_USER_PROFILE_HANDLE CurrentUser;
>-
>- Status = EFI_SUCCESS;
>-
>- switch (Action) {
>- case EFI_BROWSER_ACTION_FORM_OPEN:
>- {
>- //
>- // Update user manage Form when user manage Form is opened.
>- // This will be done only in FORM_OPEN CallBack of question with
>QUESTIONID_USER_MANAGE from user manage Form.
>- //
>- if (QuestionId != QUESTIONID_USER_MANAGE) {
>- return EFI_SUCCESS;
>- }
>-
>- //
>- // Get current user
>- //
>- CurrentUser = NULL;
>- mUserManager->Current (mUserManager, &CurrentUser);
>- if (CurrentUser == NULL) {
>- DEBUG ((DEBUG_ERROR, "Error: current user does not exist!\n"));
>- return EFI_NOT_READY;
>- }
>-
>- //
>- // Get current user's right information.
>- //
>- Status = GetAccessRight (&CurrentAccessRight);
>- if (EFI_ERROR (Status)) {
>- CurrentAccessRight = EFI_USER_INFO_ACCESS_ENROLL_SELF;
>- }
>-
>- //
>- // Init credential provider information.
>- //
>- Status = InitProviderInfo ();
>- if (EFI_ERROR (Status)) {
>- return Status;
>- }
>-
>- //
>- // Initialize the container for dynamic opcodes.
>- //
>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (StartOpCodeHandle != NULL);
>-
>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (EndOpCodeHandle != NULL);
>-
>- //
>- // Create Hii Extend Label OpCode.
>- //
>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- StartOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- StartLabel->Number = LABEL_USER_MANAGE_FUNC;
>-
>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- EndOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- EndLabel->Number = LABEL_END;
>-
>- //
>- // Add user profile option.
>- //
>- if ((CurrentAccessRight == EFI_USER_INFO_ACCESS_MANAGE) ||
>- (CurrentAccessRight == EFI_USER_INFO_ACCESS_ENROLL_OTHERS)
>- ) {
>- HiiCreateActionOpCode (
>- StartOpCodeHandle, // Container for dynamic created opcodes
>- KEY_ADD_USER, // Question ID
>- STRING_TOKEN (STR_ADD_USER_TITLE), // Prompt text
>- STRING_TOKEN (STR_ADD_USER_HELP), // Help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- 0 // Action String ID
>- );
>- }
>-
>- //
>- // Add modify user profile option.
>- //
>- HiiCreateGotoOpCode (
>- StartOpCodeHandle, // Container for dynamic created opcodes
>- FORMID_MODIFY_USER, // Target Form ID
>- STRING_TOKEN (STR_MODIFY_USER_TITLE), // Prompt text
>- STRING_TOKEN (STR_MODIFY_USER_HELP), // Help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- KEY_MODIFY_USER // Question ID
>- );
>-
>- //
>- // Add delete user profile option
>- //
>- if (CurrentAccessRight == EFI_USER_INFO_ACCESS_MANAGE) {
>- HiiCreateGotoOpCode (
>- StartOpCodeHandle, // Container for dynamic created opcodes
>- FORMID_DEL_USER, // Target Form ID
>- STRING_TOKEN (STR_DELETE_USER_TITLE), // Prompt text
>- STRING_TOKEN (STR_DELETE_USER_HELP), // Help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- KEY_DEL_USER // Question ID
>- );
>- }
>-
>- HiiUpdateForm (
>- mCallbackInfo->HiiHandle, // HII handle
>- &gUserProfileManagerGuid, // Formset GUID
>- FORMID_USER_MANAGE, // Form ID
>- StartOpCodeHandle, // Label for where to insert opcodes
>- EndOpCodeHandle // Replace data
>- );
>-
>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>-
>- return EFI_SUCCESS;
>- }
>- break;
>-
>- case EFI_BROWSER_ACTION_FORM_CLOSE:
>- Status = EFI_SUCCESS;
>- break;
>-
>- case EFI_BROWSER_ACTION_CHANGED:
>- {
>- //
>- // Handle the request from form.
>- //
>- if ((Value == NULL) || (ActionRequest == NULL)) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Judge first 2 bits.
>- //
>- switch (QuestionId & KEY_FIRST_FORM_MASK) {
>- //
>- // Add user profile operation.
>- //
>- case KEY_ADD_USER:
>- CallAddUser ();
>- break;
>-
>- //
>- // Delete user profile operation.
>- //
>- case KEY_DEL_USER:
>- //
>- // Judge next 2 bits.
>- //
>- switch (QuestionId & KEY_SECOND_FORM_MASK) {
>- //
>- // Delete specified user profile.
>- //
>- case KEY_SELECT_USER:
>- DeleteUser ((UINT8) QuestionId);
>- //
>- // Update select user form after delete a user.
>- //
>- SelectUserToDelete ();
>- break;
>-
>- default:
>- break;
>- }
>- break;
>-
>- //
>- // Modify user profile operation.
>- //
>- case KEY_MODIFY_USER:
>- //
>- // Judge next 2 bits.
>- //
>- switch (QuestionId & KEY_SECOND_FORM_MASK) {
>- //
>- // Enter user profile information form.
>- //
>- case KEY_SELECT_USER:
>- //
>- // Judge next 3 bits.
>- //
>- switch (QuestionId & KEY_MODIFY_INFO_MASK) {
>- //
>- // Modify user name.
>- //
>- case KEY_MODIFY_NAME:
>- ModifyUserName ();
>- //
>- // Update username in parent form.
>- //
>- SelectUserToModify ();
>- break;
>-
>- //
>- // Modify identity policy.
>- //
>- case KEY_MODIFY_IP:
>- //
>- // Judge next 3 bits
>- //
>- switch (QuestionId & KEY_MODIFY_IP_MASK) {
>- //
>- // Change credential provider option.
>- //
>- case KEY_MODIFY_PROV:
>- mProviderChoice = Value->u8;
>- break;
>-
>- //
>- // Change logical connector.
>- //
>- case KEY_MODIFY_CONN:
>- mConncetLogical = Value->u8;
>- break;
>-
>- //
>- // Save option.
>- //
>- case KEY_ADD_IP_OP:
>- AddIdentityPolicyItem ();
>- break;
>-
>- //
>- // Return to user profile information form.
>- //
>- case KEY_IP_RETURN_UIF:
>- SaveIdentityPolicy ();
>- *ActionRequest =
>EFI_BROWSER_ACTION_REQUEST_FORM_SUBMIT_EXIT;
>- break;
>-
>- default:
>- break;
>- }
>- break;
>-
>- //
>- // Modify access policy.
>- //
>- case KEY_MODIFY_AP:
>- //
>- // Judge next 3 bits.
>- //
>- switch (QuestionId & KEY_MODIFY_AP_MASK) {
>- //
>- // Change access right choice.
>- //
>- case KEY_MODIFY_RIGHT:
>- mAccessInfo.AccessRight = Value->u8;
>- break;
>-
>- //
>- // Change setup choice.
>- //
>- case KEY_MODIFY_SETUP:
>- mAccessInfo.AccessSetup= Value->u8;
>- break;
>-
>- //
>- // Change boot order choice.
>- //
>- case KEY_MODIFY_BOOT:
>- mAccessInfo.AccessBootOrder = Value->u32;
>- break;
>-
>- //
>- // Return to user profile information form.
>- //
>- case KEY_AP_RETURN_UIF:
>- SaveAccessPolicy ();
>- *ActionRequest =
>EFI_BROWSER_ACTION_REQUEST_FORM_SUBMIT_EXIT;
>- break;
>-
>- default:
>- break;
>- }
>- break;
>-
>- default:
>- break;
>- }
>- break;
>-
>- //
>- // Access policy device path modified.
>- //
>- case KEY_MODIFY_AP_DP:
>- //
>- // Judge next 2 bits.
>- //
>- switch (QuestionId & KEY_MODIFY_DP_MASK) {
>- //
>- // Load permit device path modified.
>- //
>- case KEY_LOAD_PERMIT_MODIFY:
>- QuestionStr = GetStringById (STRING_TOKEN
>(STR_MOVE_TO_FORBID_LIST));
>- PromptStr = GetStringById (STRING_TOKEN
>(STR_PRESS_KEY_CONTINUE));
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- QuestionStr,
>- L"",
>- PromptStr,
>- NULL
>- );
>- FreePool (QuestionStr);
>- FreePool (PromptStr);
>- if (Key.UnicodeChar != CHAR_CARRIAGE_RETURN) {
>- break;
>- }
>-
>- AddToForbidLoad ((UINT16)(QuestionId & (KEY_MODIFY_DP_MASK -
>1)));
>- DisplayLoadPermit ();
>- break;
>-
>- //
>- // Load forbid device path modified.
>- //
>- case KEY_LOAD_FORBID_MODIFY:
>- QuestionStr = GetStringById (STRING_TOKEN
>(STR_MOVE_TO_PERMIT_LIST));
>- PromptStr = GetStringById (STRING_TOKEN
>(STR_PRESS_KEY_CONTINUE));
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- QuestionStr,
>- L"",
>- PromptStr,
>- NULL
>- );
>- FreePool (QuestionStr);
>- FreePool (PromptStr);
>- if (Key.UnicodeChar != CHAR_CARRIAGE_RETURN) {
>- break;
>- }
>-
>- DeleteFromForbidLoad ((UINT16)(QuestionId &
>(KEY_MODIFY_DP_MASK - 1)));
>- DisplayLoadForbid ();
>- break;
>-
>- //
>- // Connect permit device path modified.
>- //
>- case KEY_CONNECT_PERMIT_MODIFY:
>- break;
>-
>- //
>- // Connect forbid device path modified.
>- //
>- case KEY_CONNECT_FORBID_MODIFY:
>- break;
>-
>- default:
>- break;
>- }
>- break;
>-
>- default:
>- break;
>- }
>- break;
>-
>- default:
>- break;
>- }
>- }
>- break;
>-
>-
>- case EFI_BROWSER_ACTION_CHANGING:
>- {
>- //
>- // Handle the request from form.
>- //
>- if (Value == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- //
>- // Judge first 2 bits.
>- //
>- switch (QuestionId & KEY_FIRST_FORM_MASK) {
>- //
>- // Delete user profile operation.
>- //
>- case KEY_DEL_USER:
>- //
>- // Judge next 2 bits.
>- //
>- switch (QuestionId & KEY_SECOND_FORM_MASK) {
>- //
>- // Enter delete user profile form.
>- //
>- case KEY_ENTER_NEXT_FORM:
>- SelectUserToDelete ();
>- break;
>-
>- default:
>- break;
>- }
>- break;
>-
>- //
>- // Modify user profile operation.
>- //
>- case KEY_MODIFY_USER:
>- //
>- // Judge next 2 bits.
>- //
>- switch (QuestionId & KEY_SECOND_FORM_MASK) {
>- //
>- // Enter modify user profile form.
>- //
>- case KEY_ENTER_NEXT_FORM:
>- SelectUserToModify ();
>- break;
>-
>- //
>- // Enter user profile information form.
>- //
>- case KEY_SELECT_USER:
>- //
>- // Judge next 3 bits.
>- //
>- switch (QuestionId & KEY_MODIFY_INFO_MASK) {
>- //
>- // Display user information form.
>- //
>- case KEY_ENTER_NEXT_FORM:
>- ModifyUserInfo ((UINT8) QuestionId);
>- break;
>-
>- //
>- // Modify identity policy.
>- //
>- case KEY_MODIFY_IP:
>- //
>- // Judge next 3 bits
>- //
>- switch (QuestionId & KEY_MODIFY_IP_MASK) {
>- //
>- // Display identity policy modify form.
>- //
>- case KEY_ENTER_NEXT_FORM:
>- ModifyIdentityPolicy ();
>- break;
>-
>- default:
>- break;
>- }
>- break;
>-
>- //
>- // Modify access policy.
>- //
>- case KEY_MODIFY_AP:
>- //
>- // Judge next 3 bits.
>- //
>- switch (QuestionId & KEY_MODIFY_AP_MASK) {
>- //
>- // Display access policy modify form.
>- //
>- case KEY_ENTER_NEXT_FORM:
>- ModidyAccessPolicy ();
>- break;
>- //
>- // Load device path form.
>- //
>- case KEY_MODIFY_LOAD:
>- //
>- // Judge next 2 bits.
>- //
>- switch (QuestionId & KEY_DISPLAY_DP_MASK) {
>- //
>- // Permit load device path.
>- //
>- case KEY_PERMIT_MODIFY:
>- DisplayLoadPermit ();
>- break;
>-
>- //
>- // Forbid load device path.
>- //
>- case KEY_FORBID_MODIFY:
>- DisplayLoadForbid ();
>- break;
>-
>- default:
>- break;
>- }
>- break;
>-
>- //
>- // Connect device path form.
>- //
>- case KEY_MODIFY_CONNECT:
>- //
>- // Judge next 2 bits.
>- //
>- switch (QuestionId & KEY_DISPLAY_DP_MASK) {
>- //
>- // Permit connect device path.
>- //
>- case KEY_PERMIT_MODIFY:
>- DisplayConnectPermit ();
>- break;
>-
>- //
>- // Forbid connect device path.
>- //
>- case KEY_FORBID_MODIFY:
>- DisplayConnectForbid ();
>- break;
>-
>- default:
>- break;
>- }
>- break;
>-
>- default:
>- break;
>- }
>- break;
>-
>- default:
>- break;
>- }
>- break;
>-
>- default:
>- break;
>- }
>- break;
>-
>- default:
>- break;
>- }
>- }
>- break;
>-
>- default:
>- //
>- // All other action return unsupported.
>- //
>- Status = EFI_UNSUPPORTED;
>- break;
>- }
>-
>-
>- return Status;
>-}
>-
>-
>-/**
>- This function allows a caller to extract the current configuration for one
>- or more named elements from the target driver.
>-
>-
>- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
>- @param Request A null-terminated Unicode string in <ConfigRequest>
>format.
>- @param Progress On return, points to a character in the Request string.
>- Points to the string's null terminator if request was successful.
>- Points to the most recent '&' before the first failing name/value
>- pair (or the beginning of the string if the failure is in the
>- first name/value pair) if the request was not successful.
>- @param Results A null-terminated Unicode string in <ConfigAltResp>
>format which
>- has all values filled in for the names in the Request string.
>- String to be allocated by the called function.
>-
>- @retval EFI_SUCCESS The Results is filled with the requested values.
>- @retval EFI_OUT_OF_RESOURCES Not enough memory to store the
>results.
>- @retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown
>name.
>- @retval EFI_NOT_FOUND Routing data doesn't match any storage in
>this driver.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-FakeExtractConfig (
>- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
>- IN CONST EFI_STRING Request,
>- OUT EFI_STRING *Progress,
>- OUT EFI_STRING *Results
>- )
>-{
>- if (Progress == NULL || Results == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>- *Progress = Request;
>- return EFI_NOT_FOUND;
>-}
>-
>-/**
>- This function processes the results of changes in configuration.
>-
>-
>- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
>- @param Configuration A null-terminated Unicode string in <ConfigResp>
>format.
>- @param Progress A pointer to a string filled in with the offset of the
>most
>- recent '&' before the first failing name/value pair (or the
>- beginning of the string if the failure is in the first
>- name/value pair) or the terminating NULL if all was successful.
>-
>- @retval EFI_SUCCESS The Results is processed successfully.
>- @retval EFI_INVALID_PARAMETER Configuration is NULL.
>- @retval EFI_NOT_FOUND Routing data doesn't match any storage in
>this driver.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-FakeRouteConfig (
>- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
>- IN CONST EFI_STRING Configuration,
>- OUT EFI_STRING *Progress
>- )
>-{
>- if (Configuration == NULL || Progress == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- *Progress = Configuration;
>-
>- return EFI_NOT_FOUND;
>-}
>-
>-
>-/**
>- Main entry for this driver.
>-
>- @param ImageHandle Image handle this driver.
>- @param SystemTable Pointer to SystemTable.
>-
>- @retval EFI_SUCESS This function always complete successfully.
>-
>-**/
>-EFI_STATUS
>-EFIAPI
>-UserProfileManagerInit (
>- IN EFI_HANDLE ImageHandle,
>- IN EFI_SYSTEM_TABLE *SystemTable
>- )
>-{
>- EFI_STATUS Status;
>- USER_PROFILE_MANAGER_CALLBACK_INFO *CallbackInfo;
>-
>- Status = gBS->LocateProtocol (
>- &gEfiUserManagerProtocolGuid,
>- NULL,
>- (VOID **) &mUserManager
>- );
>- if (EFI_ERROR (Status)) {
>- return EFI_SUCCESS;
>- }
>-
>- //
>- // Initialize driver private data.
>- //
>- ZeroMem (&mUserInfo, sizeof (mUserInfo));
>- ZeroMem (&mAccessInfo, sizeof (mAccessInfo));
>-
>- CallbackInfo = AllocateZeroPool (sizeof
>(USER_PROFILE_MANAGER_CALLBACK_INFO));
>- ASSERT (CallbackInfo != NULL);
>-
>- CallbackInfo->Signature = USER_PROFILE_MANAGER_SIGNATURE;
>- CallbackInfo->ConfigAccess.ExtractConfig = FakeExtractConfig;
>- CallbackInfo->ConfigAccess.RouteConfig = FakeRouteConfig;
>- CallbackInfo->ConfigAccess.Callback = UserProfileManagerCallback;
>- CallbackInfo->DriverHandle = NULL;
>-
>- //
>- // Install Device Path Protocol and Config Access protocol to driver handle.
>- //
>- Status = gBS->InstallMultipleProtocolInterfaces (
>- &CallbackInfo->DriverHandle,
>- &gEfiDevicePathProtocolGuid,
>- &mHiiVendorDevicePath,
>- &gEfiHiiConfigAccessProtocolGuid,
>- &CallbackInfo->ConfigAccess,
>- NULL
>- );
>- ASSERT_EFI_ERROR (Status);
>-
>- //
>- // Publish HII data.
>- //
>- CallbackInfo->HiiHandle = HiiAddPackages (
>- &gUserProfileManagerGuid,
>- CallbackInfo->DriverHandle,
>- UserProfileManagerStrings,
>- UserProfileManagerVfrBin,
>- NULL
>- );
>- ASSERT (CallbackInfo->HiiHandle != NULL);
>- mCallbackInfo = CallbackInfo;
>-
>- return Status;
>-}
>-
>-
>diff --git
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>er.h
>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>er.h
>deleted file mode 100644
>index aff1e28d9d..0000000000
>---
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>er.h
>+++ /dev/null
>@@ -1,444 +0,0 @@
>-/** @file
>- The header file for user profile manager driver.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#ifndef __EFI_USER_PROFILE_MANAGER_H__
>-#define __EFI_USER_PROFILE_MANAGER_H__
>-
>-#include <Uefi.h>
>-
>-#include <Guid/GlobalVariable.h>
>-#include <Guid/MdeModuleHii.h>
>-
>-#include <Protocol/HiiConfigAccess.h>
>-#include <Protocol/UserCredential2.h>
>-#include <Protocol/UserManager.h>
>-
>-#include <Library/UefiRuntimeServicesTableLib.h>
>-#include <Library/UefiBootServicesTableLib.h>
>-#include <Library/MemoryAllocationLib.h>
>-#include <Library/BaseMemoryLib.h>
>-#include <Library/DevicePathLib.h>
>-#include <Library/DebugLib.h>
>-#include <Library/UefiLib.h>
>-#include <Library/PrintLib.h>
>-#include <Library/HiiLib.h>
>-
>-#include "UserProfileManagerData.h"
>-
>-#define USER_NAME_LENGTH 17
>-
>-//
>-// Credential Provider Information.
>-//
>-typedef struct {
>- UINTN Count;
>- EFI_USER_CREDENTIAL2_PROTOCOL *Provider[1];
>-} CREDENTIAL_PROVIDER_INFO;
>-
>-//
>-// User profile information structure.
>-//
>-typedef struct {
>- UINT64 UsageCount;
>- EFI_TIME CreateDate;
>- EFI_TIME UsageDate;
>- UINTN AccessPolicyLen;
>- UINTN IdentityPolicyLen;
>- UINTN NewIdentityPolicyLen;
>- UINT8 *AccessPolicy;
>- UINT8 *IdentityPolicy;
>- UINT8 *NewIdentityPolicy;
>- CHAR16 UserName[USER_NAME_LENGTH];
>- BOOLEAN CreateDateExist;
>- BOOLEAN UsageDateExist;
>- BOOLEAN AccessPolicyModified;
>- BOOLEAN IdentityPolicyModified;
>- BOOLEAN NewIdentityPolicyModified;
>-} USER_INFO;
>-
>-//
>-// User access information structure.
>-//
>-typedef struct {
>- UINTN LoadPermitLen;
>- UINTN LoadForbidLen;
>- UINTN ConnectPermitLen;
>- UINTN ConnectForbidLen;
>- UINT8 *LoadPermit;
>- UINT8 *LoadForbid;
>- UINT8 *ConnectPermit;
>- UINT8 *ConnectForbid;
>- UINT32 AccessBootOrder;
>- UINT8 AccessRight;
>- UINT8 AccessSetup;
>-} USER_INFO_ACCESS;
>-
>-#define USER_PROFILE_MANAGER_SIGNATURE SIGNATURE_32 ('U', 'P', 'M',
>'S')
>-
>-typedef struct {
>- UINTN Signature;
>- EFI_HANDLE DriverHandle;
>- EFI_HII_HANDLE HiiHandle;
>- EFI_HII_CONFIG_ACCESS_PROTOCOL ConfigAccess;
>-} USER_PROFILE_MANAGER_CALLBACK_INFO;
>-
>-//
>-// HII specific Vendor Device Path definition.
>-//
>-typedef struct {
>- VENDOR_DEVICE_PATH VendorDevicePath;
>- EFI_DEVICE_PATH_PROTOCOL End;
>-} HII_VENDOR_DEVICE_PATH;
>-
>-//
>-// This is the generated IFR binary data for each formset defined in VFR.
>-//
>-extern UINT8 UserProfileManagerVfrBin[];
>-
>-//
>-// This is the generated String package data for .UNI file.
>-//
>-extern UINT8 UserProfileManagerStrings[];
>-
>-//
>-// The user manager protocol, used in several function.
>-//
>-extern EFI_USER_MANAGER_PROTOCOL *mUserManager;
>-
>-//
>-// The credential providers database in system.
>-//
>-extern CREDENTIAL_PROVIDER_INFO *mProviderInfo;
>-
>-//
>-// The variables used to update identity policy.
>-//
>-extern UINT8 mProviderChoice;
>-extern UINT8 mConncetLogical;
>-
>-//
>-// The variables used to update access policy.
>-//
>-extern USER_INFO_ACCESS mAccessInfo;
>-
>-//
>-// The user information used to record all data in UI.
>-//
>-extern USER_INFO mUserInfo;
>-
>-extern USER_PROFILE_MANAGER_CALLBACK_INFO *mCallbackInfo;
>-
>-extern EFI_USER_PROFILE_HANDLE mModifyUser;
>-
>-/**
>- Get string by string id from HII Interface.
>-
>-
>- @param[in] Id String ID to get the string from.
>-
>- @retval CHAR16 * String from ID.
>- @retval NULL If error occurs.
>-
>-**/
>-CHAR16 *
>-GetStringById (
>- IN EFI_STRING_ID Id
>- );
>-
>-/**
>- Add a new user profile into the user profile database.
>-
>-**/
>-VOID
>-CallAddUser (
>- VOID
>- );
>-
>-/**
>- Display user select form; can select a user to modify.
>-
>-**/
>-VOID
>-SelectUserToModify (
>- VOID
>- );
>-
>-/**
>- Display user select form, cab select a user to delete.
>-
>-**/
>-VOID
>-SelectUserToDelete (
>- VOID
>- );
>-
>-/**
>- Delete the user specified by UserIndex in user profile database.
>-
>- @param[in] UserIndex The index of user in the user name list to be
>deleted.
>-
>-**/
>-VOID
>-DeleteUser (
>- IN UINT8 UserIndex
>- );
>-
>-/**
>- Add a username item in form.
>-
>- @param[in] User Points to the user profile whose username is added.
>- @param[in] Index The index of the user in the user name list.
>- @param[in] OpCodeHandle Points to container for dynamic created
>opcodes.
>-
>-**/
>-VOID
>-AddUserToForm (
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN UINT16 Index,
>- IN VOID *OpCodeHandle
>- );
>-
>-/**
>- Display modify user information form
>-
>- In this form, username, create Date, usage date, usage count, identity policy,
>- and access policy are displayed.
>-
>- @param[in] UserIndex The index of the user in display list to modify.
>-
>-**/
>-VOID
>-ModifyUserInfo (
>- IN UINT8 UserIndex
>- );
>-
>-/**
>- Get the username from user input and update username string in Hii
>- database with it.
>-
>-**/
>-VOID
>-ModifyUserName (
>- VOID
>- );
>-
>-/**
>- Display the form of modifying user identity policy.
>-
>-**/
>-VOID
>-ModifyIdentityPolicy (
>- VOID
>- );
>-
>-/**
>- Update the mUserInfo.NewIdentityPolicy and UI when 'add option' is
>pressed.
>-
>-**/
>-VOID
>-AddIdentityPolicyItem (
>- VOID
>- );
>-
>-/**
>- Save the identity policy and update UI with it.
>-
>- This function will verify the new identity policy, in current implementation,
>- the identity policy can be: T, P & P & P & ..., P | P | P | ...
>- Here, "T" means "True", "P" means "Credential Provider", "&" means "and",
>"|" means "or".
>- Other identity policies are not supported.
>-
>-**/
>-VOID
>-SaveIdentityPolicy (
>- VOID
>- );
>-
>-/**
>- Display modify user access policy form
>-
>- In this form, access right, access setu,p and access boot order are
>dynamically
>- added. Load devicepath and connect devicepath are displayed too.
>-
>-**/
>-VOID
>-ModidyAccessPolicy (
>- VOID
>- );
>-
>-/**
>- Collect all the access policy data to mUserInfo.AccessPolicy,
>- and save it to user profile.
>-
>-**/
>-VOID
>-SaveAccessPolicy (
>- VOID
>- );
>-
>-/**
>- Get current user's access rights.
>-
>- @param[out] AccessRight Points to the buffer used for user's access rights.
>-
>- @retval EFI_SUCCESS Get current user access rights successfully.
>- @retval others Fail to get current user access rights.
>-
>-**/
>-EFI_STATUS
>-GetAccessRight (
>- OUT UINT32 *AccessRight
>- );
>-
>-/**
>- Display the permit load device path in the loadable device path list.
>-
>-**/
>-VOID
>-DisplayLoadPermit(
>- VOID
>- );
>-
>-/**
>- Display the forbid load device path list (mAccessInfo.LoadForbid).
>-
>-**/
>-VOID
>-DisplayLoadForbid (
>- VOID
>- );
>-
>-/**
>- Display the permit connect device path.
>-
>-**/
>-VOID
>-DisplayConnectPermit (
>- VOID
>- );
>-
>-/**
>- Display the forbid connect device path list.
>-
>-**/
>-VOID
>-DisplayConnectForbid (
>- VOID
>- );
>-
>-/**
>- Delete the specified device path by DriverIndex from the forbid device path
>- list (mAccessInfo.LoadForbid).
>-
>- @param[in] DriverIndex The index of driver in a forbidden device path list.
>-
>-**/
>-VOID
>-DeleteFromForbidLoad (
>- IN UINT16 DriverIndex
>- );
>-
>-/**
>- Add the specified device path by DriverIndex to the forbid device path
>- list (mAccessInfo.LoadForbid).
>-
>- @param[in] DriverIndex The index of driver saved in driver options.
>-
>-**/
>-VOID
>-AddToForbidLoad (
>- IN UINT16 DriverIndex
>- );
>-
>-/**
>- Get user name from the popup windows.
>-
>- @param[in, out] UserNameLen On entry, point to the buffer lengh of
>UserName.
>- On exit, point to the input user name length.
>- @param[out] UserName The buffer to hold the input user name.
>-
>- @retval EFI_ABORTED It is given up by pressing 'ESC' key.
>- @retval EFI_NOT_READY Not a valid input at all.
>- @retval EFI_SUCCESS Get a user name successfully.
>-
>-**/
>-EFI_STATUS
>-GetUserNameInput (
>- IN OUT UINTN *UserNameLen,
>- OUT CHAR16 *UserName
>- );
>-
>-/**
>- Find the specified info in User profile by the InfoType.
>-
>- @param[in] User Handle of the user whose information will be
>searched.
>- @param[in] InfoType The user information type to find.
>- @param[out] UserInfo Points to user information handle found.
>-
>- @retval EFI_SUCCESS Find the user information successfully.
>- @retval Others Fail to find the user information.
>-
>-**/
>-EFI_STATUS
>-FindInfoByType (
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN UINT8 InfoType,
>- OUT EFI_USER_INFO_HANDLE *UserInfo
>- );
>-
>-/**
>- Convert the identity policy to a unicode string and update the Hii database
>- IpStringId string with it.
>-
>- @param[in] Ip Points to identity policy.
>- @param[in] IpLen The identity policy length.
>- @param[in] IpStringId String ID in the HII database to be replaced.
>-
>-**/
>-VOID
>-ResolveIdentityPolicy (
>- IN UINT8 *Ip,
>- IN UINTN IpLen,
>- IN EFI_STRING_ID IpStringId
>- );
>-
>-/**
>- Expand access policy memory size.
>-
>- @param[in] ValidLen The valid access policy length.
>- @param[in] ExpandLen The length that is needed to expand.
>-
>-**/
>-VOID
>-ExpandMemory (
>- IN UINTN ValidLen,
>- IN UINTN ExpandLen
>- );
>-
>-/**
>- Delete User's credental from all the providers that exist in User's identity
>policy.
>-
>- @param[in] IdentityPolicy Point to User's identity policy.
>- @param[in] IdentityPolicyLen The length of the identity policy.
>- @param[in] User Points to user profile.
>-
>-**/
>-VOID
>-DeleteCredentialFromProviders (
>- IN UINT8 *IdentityPolicy,
>- IN UINTN IdentityPolicyLen,
>- IN EFI_USER_PROFILE_HANDLE User
>- );
>-
>-#endif
>diff --git
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>er.uni
>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>er.uni
>deleted file mode 100644
>index e4a768e00a..0000000000
>---
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>er.uni
>+++ /dev/null
>@@ -1,22 +0,0 @@
>-// /** @file
>-// A UI tool to manage user profiles
>-//
>-// By this module, user can add/update/delete user profiles, and can also
>-// modify the user access policy and the user identification policy.
>-//
>-// Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
>-//
>-// This program and the accompanying materials
>-// are licensed and made available under the terms and conditions of the BSD
>License
>-// which accompanies this distribution. The full text of the license may be
>found at
>-// http://opensource.org/licenses/bsd-license.php
>-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-//
>-// **/
>-
>-
>-#string STR_MODULE_ABSTRACT #language en-US "A UI tool to
>manage user profiles"
>-
>-#string STR_MODULE_DESCRIPTION #language en-US "By this module,
>user can add/update/delete user profiles, and can also modify the user access
>policy and the user identification policy."
>-
>diff --git
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erData.h
>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erData.h
>deleted file mode 100644
>index a83caac9ba..0000000000
>---
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erData.h
>+++ /dev/null
>@@ -1,158 +0,0 @@
>-/** @file
>- The form data for user profile manager driver.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#ifndef __USER_PROFILE_MANAGER_DATA_H__
>-#define __USER_PROFILE_MANAGER_DATA_H__
>-
>-#include <Guid/UserProfileManagerHii.h>
>-
>-//
>-// Form ID
>-//
>-#define FORMID_USER_MANAGE 0x0001
>-#define FORMID_MODIFY_USER 0x0002
>-#define FORMID_DEL_USER 0x0003
>-#define FORMID_USER_INFO 0x0004
>-#define FORMID_MODIFY_IP 0x0005
>-#define FORMID_MODIFY_AP 0x0006
>-#define FORMID_LOAD_DP 0x0007
>-#define FORMID_CONNECT_DP 0x0008
>-#define FORMID_PERMIT_LOAD_DP 0x0009
>-#define FORMID_FORBID_LOAD_DP 0x000A
>-#define FORMID_PERMIT_CONNECT_DP 0x000B
>-#define FORMID_FORBID_CONNECT_DP 0x000C
>-
>-//
>-// Label ID
>-//
>-#define LABEL_USER_MANAGE_FUNC 0x0010
>-#define LABEL_USER_DEL_FUNC 0x0020
>-#define LABEL_USER_MOD_FUNC 0x0030
>-#define LABEL_USER_INFO_FUNC 0x0040
>-#define LABEL_IP_MOD_FUNC 0x0050
>-#define LABEL_AP_MOD_FUNC 0x0060
>-#define LABEL_PERMIT_LOAD_FUNC 0x0070
>-#define LABLE_FORBID_LOAD_FUNC 0x0080
>-#define LABEL_END 0x00F0
>-
>-//
>-// First form key (Add/modify/del user profile).
>-// First 2 bits (bit 16~15).
>-//
>-#define KEY_MODIFY_USER 0x4000
>-#define KEY_DEL_USER 0x8000
>-#define KEY_ADD_USER 0xC000
>-#define KEY_FIRST_FORM_MASK 0xC000
>-
>-//
>-// Second form key (Display new form /Select user / modify device path in
>access policy).
>-// Next 2 bits (bit 14~13).
>-//
>-#define KEY_ENTER_NEXT_FORM 0x0000
>-#define KEY_SELECT_USER 0x1000
>-#define KEY_MODIFY_AP_DP 0x2000
>-#define KEY_OPEN_CLOSE_FORM_ACTION 0x3000
>-#define KEY_SECOND_FORM_MASK 0x3000
>-
>-//
>-// User profile information form key.
>-// Next 3 bits (bit 12~10).
>-//
>-#define KEY_MODIFY_NAME 0x0200
>-#define KEY_MODIFY_IP 0x0400
>-#define KEY_MODIFY_AP 0x0600
>-#define KEY_MODIFY_INFO_MASK 0x0E00
>-
>-//
>-// Specified key, used in VFR (KEY_MODIFY_USER | KEY_SELECT_USER |
>KEY_MODIFY_NAME).
>-//
>-#define KEY_MODIFY_USER_NAME 0x5200
>-
>-//
>-// Modify identity policy form key.
>-// Next 3 bits (bit 9~7).
>-//
>-#define KEY_MODIFY_PROV 0x0040
>-#define KEY_MODIFY_MTYPE 0x0080
>-#define KEY_MODIFY_CONN 0x00C0
>-#define KEY_ADD_IP_OP 0x0100
>-#define KEY_IP_RETURN_UIF 0x0140
>-#define KEY_MODIFY_IP_MASK 0x01C0
>-
>-//
>-// Specified key.
>-//
>-#define KEY_ADD_LOGICAL_OP 0x5500
>-#define KEY_IP_RETURN 0x5540
>-
>-//
>-// Modify access policy form key.
>-// Next 3 bits (bit 9~7).
>-//
>-#define KEY_MODIFY_RIGHT 0x0040
>-#define KEY_MODIFY_SETUP 0x0080
>-#define KEY_MODIFY_BOOT 0x00C0
>-#define KEY_MODIFY_LOAD 0x0100
>-#define KEY_MODIFY_CONNECT 0x0140
>-#define KEY_AP_RETURN_UIF 0x0180
>-#define KEY_MODIFY_AP_MASK 0x01C0
>-
>-//
>-// Specified key.
>-//
>-#define KEY_LOAD_DP 0x5700
>-#define KEY_CONN_DP 0x5740
>-#define KEY_AP_RETURN 0x5780
>-
>-//
>-// Device path form key.
>-// Next 2 bits (bit 6~5).
>-//
>-#define KEY_PERMIT_MODIFY 0x0010
>-#define KEY_FORBID_MODIFY 0x0020
>-#define KEY_DISPLAY_DP_MASK 0x0030
>-
>-//
>-// Specified key.
>-//
>-#define KEY_LOAD_PERMIT 0x5710
>-#define KEY_LOAD_FORBID 0x5720
>-#define KEY_CONNECT_PERMIT 0x5750
>-#define KEY_CONNECT_FORBID 0x5760
>-
>-//
>-// Device path modify key.
>-// 2 bits (bit 12~11).
>-//
>-#define KEY_LOAD_PERMIT_MODIFY 0x0000
>-#define KEY_LOAD_FORBID_MODIFY 0x0400
>-#define KEY_CONNECT_PERMIT_MODIFY 0x0800
>-#define KEY_CONNECT_FORBID_MODIFY 0x0C00
>-#define KEY_MODIFY_DP_MASK 0x0C00
>-
>-
>-//
>-// The permissions usable when configuring the platform.
>-//
>-#define ACCESS_SETUP_RESTRICTED 1
>-#define ACCESS_SETUP_NORMAL 2
>-#define ACCESS_SETUP_ADMIN 3
>-
>-//
>-// Question ID for the question used in each form
>(KEY_OPEN_CLOSE_FORM_ACTION | FORMID_FORM_USER_MANAGE)
>-// This ID is used in FORM OPEN/CLOSE CallBack action.
>-//
>-#define QUESTIONID_USER_MANAGE 0x3001
>-
>-#endif
>diff --git
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erDxe.inf
>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erDxe.inf
>deleted file mode 100644
>index cdd97731b2..0000000000
>---
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erDxe.inf
>+++ /dev/null
>@@ -1,72 +0,0 @@
>-## @file
>-# A UI tool to manage user profiles
>-#
>-# By this module, user can add/update/delete user profiles, and can also
>-# modify the user access policy and the user identification policy.
>-#
>-# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-# This program and the accompanying materials
>-# are licensed and made available under the terms and conditions of the BSD
>License
>-# which accompanies this distribution. The full text of the license may be
>found at
>-# http://opensource.org/licenses/bsd-license.php
>-# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>-# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-#
>-##
>-
>-[Defines]
>- INF_VERSION = 0x00010005
>- BASE_NAME = UserProfileManager
>- MODULE_UNI_FILE = UserProfileManager.uni
>- FILE_GUID = E38CB52D-A74D-45db-A8D0-290C9B21BBF2
>- MODULE_TYPE = DXE_DRIVER
>- VERSION_STRING = 1.0
>- ENTRY_POINT = UserProfileManagerInit
>-
>-[Sources]
>- UserProfileManager.c
>- UserProfileManager.h
>- UserProfileAdd.c
>- UserProfileDelete.c
>- UserProfileModify.c
>- ModifyIdentityPolicy.c
>- ModifyAccessPolicy.c
>- UserProfileManagerData.h
>- UserProfileManagerStrings.uni
>- UserProfileManagerVfr.Vfr
>-
>-[Packages]
>- MdePkg/MdePkg.dec
>- MdeModulePkg/MdeModulePkg.dec
>- SecurityPkg/SecurityPkg.dec
>-
>-[LibraryClasses]
>- UefiRuntimeServicesTableLib
>- UefiBootServicesTableLib
>- UefiDriverEntryPoint
>- MemoryAllocationLib
>- BaseMemoryLib
>- DebugLib
>- HiiLib
>- UefiLib
>- DevicePathLib
>-
>-[Guids]
>- gEfiIfrTianoGuid ## SOMETIMES_CONSUMES ## GUID
>- gEfiUserInfoAccessSetupAdminGuid ## SOMETIMES_CONSUMES ##
>GUID
>- gEfiUserInfoAccessSetupNormalGuid ## SOMETIMES_CONSUMES ##
>GUID
>- gEfiUserInfoAccessSetupRestrictedGuid ## SOMETIMES_CONSUMES
>## GUID
>- gUserProfileManagerGuid ## CONSUMES ## HII
>-
>-[Protocols]
>- gEfiDevicePathProtocolGuid ## PRODUCES
>- gEfiHiiConfigAccessProtocolGuid ## PRODUCES
>- gEfiUserCredential2ProtocolGuid ## SOMETIMES_CONSUMES
>- gEfiUserManagerProtocolGuid ## CONSUMES
>-
>-[Depex]
>- gEfiUserManagerProtocolGuid
>-
>-[UserExtensions.TianoCore."ExtraFiles"]
>- UserProfileManagerExtra.uni
>-
>diff --git
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erExtra.uni
>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erExtra.uni
>deleted file mode 100644
>index bf7ac7dc04..0000000000
>---
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erExtra.uni
>+++ /dev/null
>@@ -1,19 +0,0 @@
>-// /** @file
>-// UserProfileManager Localized Strings and Content
>-//
>-// Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
>-//
>-// This program and the accompanying materials
>-// are licensed and made available under the terms and conditions of the BSD
>License
>-// which accompanies this distribution. The full text of the license may be
>found at
>-// http://opensource.org/licenses/bsd-license.php
>-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-//
>-// **/
>-
>-#string STR_PROPERTIES_MODULE_NAME
>-#language en-US
>-"User Profile Manager"
>-
>-
>diff --git
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erStrings.uni
>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erStrings.uni
>deleted file mode 100644
>index 3a003a9883..0000000000
>---
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erStrings.uni
>+++ /dev/null
>@@ -1,158 +0,0 @@
>-/** @file
>- String definitions for User Profile Manager driver.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#langdef en-US "English"
>-#langdef fr-FR "Français"
>-
>-#string STR_NULL_STRING #language en-US ""
>- #language fr-FR ""
>-#string STR_FORMSET_TITLE #language en-US "User Manager"
>- #language fr-FR "User Manager(French)"
>-#string STR_TITLE_HELP #language en-US "This selection will take
>you to the User Manager"
>- #language fr-FR "This selection will take you to the User
>Manager(French)"
>-#string STR_USERMAN_TITLE #language en-US "User Manager"
>- #language fr-FR "User Manager(French)"
>-#string STR_ADD_USER_TITLE #language en-US "Add User Profile"
>- #language fr-FR "Add User Profile(French)"
>-#string STR_ADD_USER_HELP #language en-US "Add User Profile to
>User Database"
>- #language fr-FR "Add User Profile to User
>Database(French)"
>-#string STR_MODIFY_USER_TITLE #language en-US "Modify User
>Profile"
>- #language fr-FR "Modify User Profile(French)"
>-#string STR_MODIFY_USER_HELP #language en-US "Modify User Profile
>Information"
>- #language fr-FR "Modify User Profile
>Information(French)"
>-#string STR_DELETE_USER_TITLE #language en-US "Delete User Profile"
>- #language fr-FR "Delete User Profile(French)"
>-#string STR_DELETE_USER_HELP #language en-US "Delete User Profile
>from User Database"
>- #language fr-FR "Delete User Profile from User
>Database(French)"
>-#string STR_USER_INFO #language en-US "User Profile
>Information"
>- #language fr-FR "User Profile Information(French)"
>-#string STR_USER_NAME #language en-US "User Name"
>- #language fr-FR "User Name(French)"
>-#string STR_USER_NAME_VAL #language en-US ""
>- #language fr-FR ""
>-#string STR_CREATE_DATE #language en-US "Create Date"
>- #language fr-FR "Create Date(French)"
>-#string STR_CREATE_DATE_VAL #language en-US ""
>- #language fr-FR ""
>-#string STR_USAGE_DATE #language en-US "Usage Date"
>- #language fr-FR "Usage Date(French)"
>-#string STR_USAGE_DATE_VAL #language en-US ""
>- #language fr-FR ""
>-#string STR_USAGE_COUNT #language en-US "Usage Count"
>- #language fr-FR "Usage Count(French)"
>-#string STR_USAGE_COUNT_VAL #language en-US ""
>- #language fr-FR ""
>-#string STR_IDENTIFY_POLICY #language en-US "Identify Policy"
>- #language fr-FR "Identify Policy(French)"
>-#string STR_IDENTIFY_POLICY_VAL #language en-US ""
>- #language fr-FR ""
>-#string STR_ACCESS_POLICY #language en-US "Access Policy"
>- #language fr-FR "Access Policy(French)"
>-#string STR_SAVE #language en-US "Save & Exit"
>- #language fr-FR "Save & Exit(French)"
>-#string STR_IDENTIFY_SAVE_HELP #language en-US "Save Identify Policy
>and Exit"
>- #language fr-FR "Save Identify Policy and Exit(French)"
>-#string STR_PROVIDER #language en-US "Credential Provider"
>- #language fr-FR "Credential Provider(French)"
>-#string STR_PROVIDER_HELP #language en-US "Select Credential
>Provider Option"
>- #language fr-FR "Select Credential Provider
>Option(French)"
>-#string STR_OR_CON #language en-US "Or"
>- #language fr-FR "Or(French)"
>-#string STR_AND_CON #language en-US "And"
>- #language fr-FR "And(French)"
>-#string STR_CONNECTOR #language en-US "Logical Connector"
>- #language fr-FR "Logical Connector(French)"
>-#string STR_CONNECTOR_HELP #language en-US "Select Logical
>Connector Option"
>- #language fr-FR "Select Logical Connector
>Option(French)"
>-#string STR_IDENTIFY_POLICY_VALUE #language en-US ""
>- #language fr-FR ""
>-#string STR_IDENTIFY_POLICY_HELP #language en-US "Current Identify
>Policy"
>- #language fr-FR "Current Identify Policy(French)"
>-#string STR_ADD_OPTION #language en-US "Add Option"
>- #language fr-FR "Add Option(French)"
>-#string STR_ADD_OPTION_HELP #language en-US "Add This Option to
>Identify Policy"
>- #language fr-FR "Add This Option to Identify
>Policy(French)"
>-#string STR_ACCESS_SAVE_HELP #language en-US "Save Access Policy
>and Exit"
>- #language fr-FR "Save Access Policy and Exit(French)"
>-#string STR_ACCESS_RIGHT #language en-US "Access Right"
>- #language fr-FR "Access Right(French)"
>-#string STR_ACCESS_RIGHT_HELP #language en-US "Select Access Right
>Option"
>- #language fr-FR "Select Access Right Option(French)"
>-#string STR_NORMAL #language en-US "Normal"
>- #language fr-FR "Normal(French)"
>-#string STR_ENROLL #language en-US "Enroll"
>- #language fr-FR "Enroll(French)"
>-#string STR_MANAGE #language en-US "Manage"
>- #language fr-FR "Manage(French)"
>-#string STR_ACCESS_SETUP #language en-US "Access Setup"
>- #language fr-FR "Access Setup(French)"
>-#string STR_ACCESS_SETUP_HELP #language en-US "Select Access
>Setup Option"
>- #language fr-FR "Selelct Access Setup Option(French)"
>-#string STR_RESTRICTED #language en-US "Restricted"
>- #language fr-FR "Restricted(French)"
>-#string STR_ADMIN #language en-US "Admin"
>- #language fr-FR "Admin(French)"
>-#string STR_BOOR_ORDER #language en-US "Access Boot Order"
>- #language fr-FR "Access Boot Order(French)"
>-#string STR_BOOT_ORDER_HELP #language en-US "Select Access Boot
>Order Option"
>- #language fr-FR "Select Access Boot Order
>Option(French)"
>-#string STR_INSERT #language en-US "Insert"
>- #language fr-FR "Insert(French)"
>-#string STR_APPEND #language en-US "Append"
>- #language fr-FR "Append(French)"
>-#string STR_REPLACE #language en-US "Replace"
>- #language fr-FR "Replace(French)"
>-#string STR_NODEFAULT #language en-US "Nodefault"
>- #language fr-FR "Nodefault(French)"
>-#string STR_LOAD #language en-US "Load Device Path"
>- #language fr-FR "Load Device Path(French)"
>-#string STR_LOAD_HELP #language en-US "Select Permit/Forbid
>Load Device Path"
>- #language fr-FR "Select Permit/Forbid Load Device
>Path(French)"
>-#string STR_CONNECT #language en-US "Connect Device Path"
>- #language fr-FR "Connect Device Path(French)"
>-#string STR_CONNECT_HELP #language en-US "Select Permit/Forbid
>Connect Device Path"
>- #language fr-FR "Select Permit/Forbid Connect Device
>Path(French)"
>-#string STR_LOAD_PERMIT #language en-US "Permit Load Device
>Path"
>- #language fr-FR "Permit Load Device Path(French)"
>-#string STR_LOAD_PERMIT_HELP #language en-US "Change Permit
>Load Device Path to Forbid"
>- #language fr-FR "Change Permit Load Device Path to
>Forbid(French)"
>-#string STR_LOAD_FORBID #language en-US "Forbid Load Device
>Path"
>- #language fr-FR "Forbid Load Device Path(French)"
>-#string STR_LOAD_FORBID_HELP #language en-US "Change Forbid Load
>Device Path to Permit"
>- #language fr-FR "Change Forbid Load Device Path to
>Permit(French)"
>-#string STR_CONNECT_PERMIT #language en-US "Permit Connect
>Device Path"
>- #language fr-FR "Permit Connect Device Path(French)"
>-#string STR_CONNECT_PERMIT_HELP #language en-US "Change Permit
>Connect Device Path to Forbid"
>- #language fr-FR "Change Permit Connect Device Path to
>Forbid(French)"
>-#string STR_CONNECT_FORBID #language en-US "Forbid Connect
>Device Path"
>- #language fr-FR "Forbid Connect Device Path(French)"
>-#string STR_CONNECT_FORBID_HELP #language en-US "Change Forbid
>Connect Device Path to Permit"
>- #language fr-FR "Change Forbid Connect Device Path to
>Permit(French)"
>-#string STR_PRESS_KEY_CONTINUE #language en-US "Press ENTER to
>Continue, Other Key to Cancel ..."
>- #language fr-FR "Press ENTER to Continue, Other Key to
>Cancel ...(French)"
>-#string STR_MOVE_TO_FORBID_LIST #language en-US "Are You Sure to
>Move It to Forbid List?"
>- #language fr-FR "Are You Sure to Move It to Forbid
>List?(French)"
>-#string STR_MOVE_TO_PERMIT_LIST #language en-US "Are You Sure to
>Move It to Permit List?"
>- #language fr-FR "Are You Sure to Move It to Permit
>List?(French)"
>-#string STR_STROKE_KEY_CONTINUE #language en-US "Please Press Any
>Key to Continue ..."
>- #language fr-FR "Please Press Any Key to Continue ...
>(French)"
>-#string STR_CREATE_PROFILE_FAILED #language en-US "Create New User
>Profile Failed!"
>- #language fr-FR "Create New User Profile Failed!
>(French)"
>-#string STR_CREATE_PROFILE_SUCCESS #language en-US "Create New
>User Profile Succeed!"
>- #language fr-FR "Create New User Profile Succeed!
>(French)"
>-#string STR_USER_ALREADY_EXISTED #language en-US "User Name Had
>Already Existed."
>- #language fr-FR "User Name Had Already Existed.
>(French)"
>-#string STR_GET_USERNAME_FAILED #language en-US "Failed To Get
>User Name."
>- #language fr-FR "Failed To Get User Name. (French)"
>-
>diff --git
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erVfr.Vfr
>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erVfr.Vfr
>deleted file mode 100644
>index 2cf3359f2a..0000000000
>---
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>erVfr.Vfr
>+++ /dev/null
>@@ -1,244 +0,0 @@
>-/** @file
>- User Profile Manager formset.
>-
>-Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#include "UserProfileManagerData.h"
>-
>-#define USER_MANAGER_CLASS 0x00
>-#define USER_MANAGER_SUBCLASS 0x04
>-
>-formset
>- guid = USER_PROFILE_MANAGER_GUID,
>- title = STRING_TOKEN(STR_FORMSET_TITLE),
>- help = STRING_TOKEN(STR_TITLE_HELP),
>-
>- // User manager form
>- form formid = FORMID_USER_MANAGE,
>- title = STRING_TOKEN(STR_USERMAN_TITLE);
>-
>- label LABEL_USER_MANAGE_FUNC;
>- label LABEL_END;
>-
>- suppressif TRUE;
>- text
>- help = STRING_TOKEN(STR_NULL_STRING),
>- text = STRING_TOKEN(STR_NULL_STRING),
>- flags = INTERACTIVE,
>- key = QUESTIONID_USER_MANAGE;
>- endif;
>-
>- endform;
>-
>- // Modify user profile form
>- form formid = FORMID_MODIFY_USER,
>- title = STRING_TOKEN(STR_MODIFY_USER_TITLE);
>-
>- label LABEL_USER_MOD_FUNC;
>- label LABEL_END;
>-
>- endform;
>-
>- // Delete user profile form
>- form formid = FORMID_DEL_USER,
>- title = STRING_TOKEN(STR_DELETE_USER_TITLE);
>-
>- label LABEL_USER_DEL_FUNC;
>- label LABEL_END;
>-
>- subtitle
>- text = STRING_TOKEN(STR_NULL_STRING);
>- endform;
>-
>- //
>- // User profile information form
>- //
>- form formid = FORMID_USER_INFO,
>- title = STRING_TOKEN(STR_USER_INFO);
>-
>- text
>- help = STRING_TOKEN(STR_USER_NAME_VAL),
>- text = STRING_TOKEN(STR_USER_NAME),
>- flags = INTERACTIVE,
>- key = KEY_MODIFY_USER_NAME;
>-
>- text
>- help = STRING_TOKEN(STR_CREATE_DATE_VAL),
>- text = STRING_TOKEN(STR_CREATE_DATE);
>-
>- text
>- help = STRING_TOKEN(STR_USAGE_DATE_VAL),
>- text = STRING_TOKEN(STR_USAGE_DATE);
>-
>- text
>- help = STRING_TOKEN(STR_USAGE_COUNT_VAL),
>- text = STRING_TOKEN(STR_USAGE_COUNT);
>-
>- label LABEL_USER_INFO_FUNC;
>- label LABEL_END;
>-
>- endform;
>-
>- //
>- // Identify policy modify form
>- //
>- form formid = FORMID_MODIFY_IP,
>- title = STRING_TOKEN(STR_IDENTIFY_POLICY);
>-
>- text
>- help = STRING_TOKEN(STR_IDENTIFY_POLICY_HELP),
>- text = STRING_TOKEN(STR_IDENTIFY_POLICY),
>- text = STRING_TOKEN(STR_IDENTIFY_POLICY_VALUE);
>-
>- label LABEL_IP_MOD_FUNC;
>- label LABEL_END;
>-
>- text
>- help = STRING_TOKEN(STR_ADD_OPTION_HELP),
>- text = STRING_TOKEN(STR_ADD_OPTION),
>- flags = INTERACTIVE,
>- key = KEY_ADD_LOGICAL_OP;
>-
>- subtitle
>- text = STRING_TOKEN(STR_NULL_STRING);
>-
>- text
>- help = STRING_TOKEN(STR_IDENTIFY_SAVE_HELP),
>- text = STRING_TOKEN(STR_SAVE),
>- flags = INTERACTIVE,
>- key = KEY_IP_RETURN;
>-
>- endform;
>-
>- //
>- // Access policy modify form
>- //
>- form formid = FORMID_MODIFY_AP,
>- title = STRING_TOKEN(STR_ACCESS_POLICY);
>-
>- label LABEL_AP_MOD_FUNC;
>- label LABEL_END;
>-
>- goto FORMID_LOAD_DP,
>- prompt = STRING_TOKEN(STR_LOAD),
>- help = STRING_TOKEN(STR_LOAD_HELP),
>- flags = INTERACTIVE,
>- key = KEY_LOAD_DP;
>-
>- goto FORMID_CONNECT_DP,
>- prompt = STRING_TOKEN(STR_CONNECT),
>- help = STRING_TOKEN(STR_CONNECT_HELP),
>- flags = INTERACTIVE,
>- key = KEY_CONN_DP;
>-
>- subtitle
>- text = STRING_TOKEN(STR_NULL_STRING);
>-
>- text
>- help = STRING_TOKEN(STR_ACCESS_SAVE_HELP),
>- text = STRING_TOKEN(STR_SAVE),
>- flags = INTERACTIVE,
>- key = KEY_AP_RETURN;
>-
>- endform;
>-
>- //
>- // Load device path form
>- //
>- form formid = FORMID_LOAD_DP,
>- title = STRING_TOKEN(STR_LOAD);
>-
>- goto FORMID_PERMIT_LOAD_DP,
>- prompt = STRING_TOKEN(STR_LOAD_PERMIT),
>- help = STRING_TOKEN(STR_LOAD_PERMIT_HELP),
>- flags = INTERACTIVE,
>- key = KEY_LOAD_PERMIT;
>-
>- goto FORMID_FORBID_LOAD_DP,
>- prompt = STRING_TOKEN(STR_LOAD_FORBID),
>- help = STRING_TOKEN(STR_LOAD_FORBID_HELP),
>- flags = INTERACTIVE,
>- key = KEY_LOAD_FORBID;
>-
>- endform;
>-
>- //
>- // Permit load device path form
>- //
>- form formid = FORMID_PERMIT_LOAD_DP,
>- title = STRING_TOKEN(STR_LOAD_PERMIT);
>-
>- label LABEL_PERMIT_LOAD_FUNC;
>- label LABEL_END;
>-
>- subtitle
>- text = STRING_TOKEN(STR_NULL_STRING);
>-
>- endform;
>-
>- //
>- // Forbid load device path form
>- //
>- form formid = FORMID_FORBID_LOAD_DP,
>- title = STRING_TOKEN(STR_LOAD_FORBID);
>-
>- label LABLE_FORBID_LOAD_FUNC;
>- label LABEL_END;
>-
>- subtitle
>- text = STRING_TOKEN(STR_NULL_STRING);
>-
>- endform;
>-
>- //
>- // Connect device path form
>- //
>- form formid = FORMID_CONNECT_DP,
>- title = STRING_TOKEN(STR_CONNECT);
>-
>- goto FORMID_PERMIT_CONNECT_DP,
>- prompt = STRING_TOKEN(STR_CONNECT_PERMIT),
>- help = STRING_TOKEN(STR_CONNECT_PERMIT_HELP),
>- flags = INTERACTIVE,
>- key = KEY_CONNECT_PERMIT;
>-
>- goto FORMID_FORBID_CONNECT_DP,
>- prompt = STRING_TOKEN(STR_CONNECT_FORBID),
>- help = STRING_TOKEN(STR_CONNECT_FORBID_HELP),
>- flags = INTERACTIVE,
>- key = KEY_CONNECT_FORBID;
>-
>- endform;
>-
>- //
>- // Permit connect device path form
>- //
>- form formid = FORMID_PERMIT_CONNECT_DP,
>- title = STRING_TOKEN(STR_CONNECT_PERMIT);
>-
>- subtitle
>- text = STRING_TOKEN(STR_NULL_STRING);
>-
>- endform;
>-
>- //
>- // Forbid connect device path form
>- //
>- form formid = FORMID_FORBID_CONNECT_DP,
>- title = STRING_TOKEN(STR_CONNECT_FORBID);
>-
>- subtitle
>- text = STRING_TOKEN(STR_NULL_STRING);
>-
>- endform;
>-
>-endformset;
>diff --git
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileModify
>.c
>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileModify
>.c
>deleted file mode 100644
>index d165e5ae9b..0000000000
>---
>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileModify
>.c
>+++ /dev/null
>@@ -1,1475 +0,0 @@
>-/** @file
>- The functions to modify a user profile.
>-
>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>-This program and the accompanying materials
>-are licensed and made available under the terms and conditions of the BSD
>License
>-which accompanies this distribution. The full text of the license may be
>found at
>-http://opensource.org/licenses/bsd-license.php
>-
>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>EXPRESS OR IMPLIED.
>-
>-**/
>-
>-#include "UserProfileManager.h"
>-
>-EFI_USER_PROFILE_HANDLE mModifyUser = NULL;
>-
>-/**
>- Display user select form, cab select a user to modify.
>-
>-**/
>-VOID
>-SelectUserToModify (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- UINT8 Index;
>- EFI_USER_PROFILE_HANDLE User;
>- EFI_USER_PROFILE_HANDLE CurrentUser;
>- UINT32 CurrentAccessRight;
>- VOID *StartOpCodeHandle;
>- VOID *EndOpCodeHandle;
>- EFI_IFR_GUID_LABEL *StartLabel;
>- EFI_IFR_GUID_LABEL *EndLabel;
>-
>- //
>- // Initialize the container for dynamic opcodes.
>- //
>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (StartOpCodeHandle != NULL);
>-
>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (EndOpCodeHandle != NULL);
>-
>- //
>- // Create Hii Extend Label OpCode.
>- //
>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- StartOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- StartLabel->Number = LABEL_USER_MOD_FUNC;
>-
>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- EndOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- EndLabel->Number = LABEL_END;
>-
>- //
>- // Add each user can be modified.
>- //
>- User = NULL;
>- Index = 1;
>- mUserManager->Current (mUserManager, &CurrentUser);
>- while (TRUE) {
>- Status = mUserManager->GetNext (mUserManager, &User);
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>-
>- Status = GetAccessRight (&CurrentAccessRight);
>- if (EFI_ERROR (Status)) {
>- CurrentAccessRight = EFI_USER_INFO_ACCESS_ENROLL_SELF;
>- }
>-
>- if ((CurrentAccessRight == EFI_USER_INFO_ACCESS_MANAGE) || (User ==
>CurrentUser)) {
>- AddUserToForm (User, (UINT16)(KEY_MODIFY_USER | KEY_SELECT_USER
>| Index), StartOpCodeHandle);
>- }
>- Index++;
>- }
>-
>- HiiUpdateForm (
>- mCallbackInfo->HiiHandle, // HII handle
>- &gUserProfileManagerGuid, // Formset GUID
>- FORMID_MODIFY_USER, // Form ID
>- StartOpCodeHandle, // Label for where to insert opcodes
>- EndOpCodeHandle // Replace data
>- );
>-
>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>-}
>-
>-
>-/**
>- Get all the user info from mModifyUser in the user manager, and save on
>the
>- global variable.
>-
>-**/
>-VOID
>-GetAllUserInfo (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO_HANDLE UserInfo;
>- EFI_USER_INFO *Info;
>- UINTN InfoSize;
>- UINTN MemSize;
>- UINTN DataLen;
>-
>- //
>- // Init variable to default value.
>- //
>- mProviderChoice = 0;
>- mConncetLogical = 0;
>-
>- mUserInfo.CreateDateExist = FALSE;
>- mUserInfo.UsageDateExist = FALSE;
>- mUserInfo.UsageCount = 0;
>-
>- mUserInfo.AccessPolicyLen = 0;
>- mUserInfo.AccessPolicyModified = FALSE;
>- if (mUserInfo.AccessPolicy != NULL) {
>- FreePool (mUserInfo.AccessPolicy);
>- mUserInfo.AccessPolicy = NULL;
>- }
>- mUserInfo.IdentityPolicyLen = 0;
>- mUserInfo.IdentityPolicyModified = FALSE;
>- if (mUserInfo.IdentityPolicy != NULL) {
>- FreePool (mUserInfo.IdentityPolicy);
>- mUserInfo.IdentityPolicy = NULL;
>- }
>-
>- //
>- // Allocate user information memory.
>- //
>- MemSize = sizeof (EFI_USER_INFO) + 63;
>- Info = AllocateZeroPool (MemSize);
>- if (Info == NULL) {
>- return ;
>- }
>-
>- //
>- // Get each user information.
>- //
>- UserInfo = NULL;
>- while (TRUE) {
>- Status = mUserManager->GetNextInfo (mUserManager, mModifyUser,
>&UserInfo);
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>- //
>- // Get information.
>- //
>- InfoSize = MemSize;
>- Status = mUserManager->GetInfo (
>- mUserManager,
>- mModifyUser,
>- UserInfo,
>- Info,
>- &InfoSize
>- );
>- if (Status == EFI_BUFFER_TOO_SMALL) {
>- MemSize = InfoSize;
>- FreePool (Info);
>- Info = AllocateZeroPool (MemSize);
>- if (Info == NULL) {
>- return ;
>- }
>-
>- Status = mUserManager->GetInfo (
>- mUserManager,
>- mModifyUser,
>- UserInfo,
>- Info,
>- &InfoSize
>- );
>- }
>-
>- if (Status == EFI_SUCCESS) {
>- //
>- // Deal with each information according to informaiton type.
>- //
>- DataLen = Info->InfoSize - sizeof (EFI_USER_INFO);
>- switch (Info->InfoType) {
>- case EFI_USER_INFO_NAME_RECORD:
>- CopyMem (&mUserInfo.UserName, (UINT8 *) (Info + 1), DataLen);
>- break;
>-
>- case EFI_USER_INFO_CREATE_DATE_RECORD:
>- CopyMem (&mUserInfo.CreateDate, (UINT8 *) (Info + 1), DataLen);
>- mUserInfo.CreateDateExist = TRUE;
>- break;
>-
>- case EFI_USER_INFO_USAGE_DATE_RECORD:
>- CopyMem (&mUserInfo.UsageDate, (UINT8 *) (Info + 1), DataLen);
>- mUserInfo.UsageDateExist = TRUE;
>- break;
>-
>- case EFI_USER_INFO_USAGE_COUNT_RECORD:
>- CopyMem (&mUserInfo.UsageCount, (UINT8 *) (Info + 1), DataLen);
>- break;
>-
>- case EFI_USER_INFO_ACCESS_POLICY_RECORD:
>- mUserInfo.AccessPolicy = AllocateZeroPool (DataLen);
>- if (mUserInfo.AccessPolicy == NULL) {
>- break;
>- }
>-
>- CopyMem (mUserInfo.AccessPolicy, (UINT8 *) (Info + 1), DataLen);
>- mUserInfo.AccessPolicyLen = DataLen;
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_POLICY_RECORD:
>- mUserInfo.IdentityPolicy = AllocateZeroPool (DataLen);
>- if (mUserInfo.IdentityPolicy == NULL) {
>- break;
>- }
>-
>- CopyMem (mUserInfo.IdentityPolicy, (UINT8 *) (Info + 1), DataLen);
>- mUserInfo.IdentityPolicyLen = DataLen;
>- break;
>-
>- default:
>- break;
>- }
>- }
>- }
>- FreePool (Info);
>-}
>-
>-
>-/**
>- Convert the Date to a string, and update the Hii database DateID string with
>it.
>-
>- @param[in] Date Points to the date to be converted.
>- @param[in] DateId String ID in the HII database to be replaced.
>-
>-**/
>-VOID
>-ResolveDate (
>- IN EFI_TIME *Date,
>- IN EFI_STRING_ID DateId
>- )
>-{
>- CHAR16 *Str;
>- UINTN DateBufLen;
>-
>- //
>- // Convert date to string.
>- //
>- DateBufLen = 64;
>- Str = AllocateZeroPool (DateBufLen);
>- if (Str == NULL) {
>- return ;
>- }
>-
>- UnicodeSPrint (
>- Str,
>- DateBufLen,
>- L"%4d-%2d-%2d ",
>- Date->Year,
>- Date->Month,
>- Date->Day
>- );
>-
>- //
>- // Convert time to string.
>- //
>- DateBufLen -= StrLen (Str);
>- UnicodeSPrint (
>- Str + StrLen (Str),
>- DateBufLen,
>- L"%2d:%2d:%2d",
>- Date->Hour,
>- Date->Minute,
>- Date->Second
>- );
>-
>- HiiSetString (mCallbackInfo->HiiHandle, DateId, Str, NULL);
>- FreePool (Str);
>-}
>-
>-
>-/**
>- Convert the CountVal to a string, and update the Hii database CountId string
>- with it.
>-
>- @param[in] CountVal The hex value to convert.
>- @param[in] CountId String ID in the HII database to be replaced.
>-
>-**/
>-VOID
>-ResolveCount (
>- IN UINT32 CountVal,
>- IN EFI_STRING_ID CountId
>- )
>-{
>- CHAR16 Count[10];
>-
>- UnicodeSPrint (Count, 20, L"%d", CountVal);
>- HiiSetString (mCallbackInfo->HiiHandle, CountId, Count, NULL);
>-}
>-
>-
>-/**
>- Concatenates one Null-terminated Unicode string to another Null-
>terminated
>- Unicode string.
>-
>- @param[in, out] Source1 On entry, point to a Null-terminated Unicode
>string.
>- On exit, point to a new concatenated Unicode string
>- @param[in] Source2 Pointer to a Null-terminated Unicode string.
>-
>-**/
>-VOID
>-AddStr (
>- IN OUT CHAR16 **Source1,
>- IN CONST CHAR16 *Source2
>- )
>-{
>- CHAR16 *TmpStr;
>- UINTN StrLength;
>-
>- ASSERT (Source1 != NULL);
>- ASSERT (Source2 != NULL);
>-
>- if (*Source1 == NULL) {
>- StrLength = StrSize (Source2);
>- } else {
>- StrLength = StrSize (*Source1);
>- StrLength += StrSize (Source2) - 2;
>- }
>-
>- TmpStr = AllocateZeroPool (StrLength);
>- ASSERT (TmpStr != NULL);
>-
>- if (*Source1 == NULL) {
>- StrCpyS (TmpStr, StrLength / sizeof (CHAR16), Source2);
>- } else {
>- StrCpyS (TmpStr, StrLength / sizeof (CHAR16), *Source1);
>- FreePool (*Source1);
>- StrCatS (TmpStr, StrLength / sizeof (CHAR16),Source2);
>- }
>-
>- *Source1 = TmpStr;
>-}
>-
>-
>-/**
>- Convert the identity policy to a unicode string and update the Hii database
>- IpStringId string with it.
>-
>- @param[in] Ip Points to identity policy.
>- @param[in] IpLen The identity policy length.
>- @param[in] IpStringId String ID in the HII database to be replaced.
>-
>-**/
>-VOID
>-ResolveIdentityPolicy (
>- IN UINT8 *Ip,
>- IN UINTN IpLen,
>- IN EFI_STRING_ID IpStringId
>- )
>-{
>- CHAR16 *TmpStr;
>- UINTN ChkLen;
>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>- UINT16 Index;
>- CHAR16 *ProvStr;
>- EFI_STRING_ID ProvId;
>- EFI_HII_HANDLE HiiHandle;
>- EFI_USER_CREDENTIAL2_PROTOCOL *UserCredential;
>-
>- TmpStr = NULL;
>-
>- //
>- // Resolve each policy.
>- //
>- ChkLen = 0;
>- while (ChkLen < IpLen) {
>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) (Ip + ChkLen);
>- switch (Identity->Type) {
>- case EFI_USER_INFO_IDENTITY_FALSE:
>- AddStr (&TmpStr, L"False");
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_TRUE:
>- AddStr (&TmpStr, L"None");
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_NOT:
>- AddStr (&TmpStr, L"! ");
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_AND:
>- AddStr (&TmpStr, L" && ");
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_OR:
>- AddStr (&TmpStr, L" || ");
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_CREDENTIAL_TYPE:
>- for (Index = 0; Index < mProviderInfo->Count; Index++) {
>- UserCredential = mProviderInfo->Provider[Index];
>- if (CompareGuid ((EFI_GUID *) (Identity + 1), &UserCredential->Type)) {
>- UserCredential->Title (
>- UserCredential,
>- &HiiHandle,
>- &ProvId
>- );
>- ProvStr = HiiGetString (HiiHandle, ProvId, NULL);
>- if (ProvStr != NULL) {
>- AddStr (&TmpStr, ProvStr);
>- FreePool (ProvStr);
>- }
>- break;
>- }
>- }
>- break;
>-
>- case EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER:
>- for (Index = 0; Index < mProviderInfo->Count; Index++) {
>- UserCredential = mProviderInfo->Provider[Index];
>- if (CompareGuid ((EFI_GUID *) (Identity + 1), &UserCredential-
>>Identifier)) {
>- UserCredential->Title (
>- UserCredential,
>- &HiiHandle,
>- &ProvId
>- );
>- ProvStr = HiiGetString (HiiHandle, ProvId, NULL);
>- if (ProvStr != NULL) {
>- AddStr (&TmpStr, ProvStr);
>- FreePool (ProvStr);
>- }
>- break;
>- }
>- }
>- break;
>- }
>-
>- ChkLen += Identity->Length;
>- }
>-
>- if (TmpStr != NULL) {
>- HiiSetString (mCallbackInfo->HiiHandle, IpStringId, TmpStr, NULL);
>- FreePool (TmpStr);
>- }
>-}
>-
>-
>-/**
>- Display modify user information form.
>-
>- This form displays, username, create Date, usage date, usage count, identity
>policy,
>- and access policy.
>-
>- @param[in] UserIndex The index of the user in display list to modify.
>-
>-**/
>-VOID
>-ModifyUserInfo (
>- IN UINT8 UserIndex
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_PROFILE_HANDLE CurrentUser;
>- UINT32 CurrentAccessRight;
>- VOID *StartOpCodeHandle;
>- VOID *EndOpCodeHandle;
>- EFI_IFR_GUID_LABEL *StartLabel;
>- EFI_IFR_GUID_LABEL *EndLabel;
>-
>- //
>- // Initialize the container for dynamic opcodes.
>- //
>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (StartOpCodeHandle != NULL);
>-
>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (EndOpCodeHandle != NULL);
>-
>- //
>- // Create Hii Extend Label OpCode.
>- //
>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- StartOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- StartLabel->Number = LABEL_USER_INFO_FUNC;
>-
>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- EndOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- EndLabel->Number = LABEL_END;
>-
>- //
>- // Find the user profile to be modified.
>- //
>- mModifyUser = NULL;
>- Status = mUserManager->GetNext (mUserManager, &mModifyUser);
>- if (EFI_ERROR (Status)) {
>- return ;
>- }
>-
>- while (UserIndex > 1) {
>- Status = mUserManager->GetNext (mUserManager, &mModifyUser);
>- if (EFI_ERROR (Status)) {
>- return ;
>- }
>- UserIndex--;
>- }
>-
>- //
>- // Get user profile information.
>- //
>- GetAllUserInfo ();
>-
>- //
>- // Update user name.
>- HiiSetString (
>- mCallbackInfo->HiiHandle,
>- STRING_TOKEN (STR_USER_NAME_VAL),
>- mUserInfo.UserName,
>- NULL
>- );
>-
>- //
>- // Update create date.
>- //
>- if (mUserInfo.CreateDateExist) {
>- ResolveDate (&mUserInfo.CreateDate, STRING_TOKEN
>(STR_CREATE_DATE_VAL));
>- } else {
>- HiiSetString (
>- mCallbackInfo->HiiHandle,
>- STRING_TOKEN (STR_CREATE_DATE_VAL),
>- L"",
>- NULL
>- );
>- }
>-
>- //
>- // Add usage date.
>- //
>- if (mUserInfo.UsageDateExist) {
>- ResolveDate (&mUserInfo.UsageDate, STRING_TOKEN
>(STR_USAGE_DATE_VAL));
>- } else {
>- HiiSetString (
>- mCallbackInfo->HiiHandle,
>- STRING_TOKEN (STR_USAGE_DATE_VAL),
>- L"",
>- NULL
>- );
>- }
>-
>- //
>- // Add usage count.
>- //
>- ResolveCount ((UINT32) mUserInfo.UsageCount, STRING_TOKEN
>(STR_USAGE_COUNT_VAL));
>-
>- //
>- // Add identity policy.
>- //
>- mUserManager->Current (mUserManager, &CurrentUser);
>- if (mModifyUser == CurrentUser) {
>- ResolveIdentityPolicy (
>- mUserInfo.IdentityPolicy,
>- mUserInfo.IdentityPolicyLen,
>- STRING_TOKEN (STR_IDENTIFY_POLICY_VAL)
>- );
>- HiiCreateGotoOpCode (
>- StartOpCodeHandle, // Container for opcodes
>- FORMID_MODIFY_IP, // Target Form ID
>- STRING_TOKEN (STR_IDENTIFY_POLICY), // Prompt text
>- STRING_TOKEN (STR_IDENTIFY_POLICY_VAL), // Help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_IP // Question
>ID
>- );
>- }
>-
>- //
>- // Add access policy.
>- //
>- Status = GetAccessRight (&CurrentAccessRight);
>- if (EFI_ERROR (Status)) {
>- CurrentAccessRight = EFI_USER_INFO_ACCESS_ENROLL_SELF;
>- }
>-
>- if (CurrentAccessRight == EFI_USER_INFO_ACCESS_MANAGE) {
>- HiiCreateGotoOpCode (
>- StartOpCodeHandle, // Container for opcodes
>- FORMID_MODIFY_AP, // Target Form ID
>- STRING_TOKEN (STR_ACCESS_POLICY), // Prompt text
>- STRING_TOKEN (STR_NULL_STRING), // Help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_AP // Question
>ID
>- );
>- }
>-
>- HiiUpdateForm (
>- mCallbackInfo->HiiHandle, // HII handle
>- &gUserProfileManagerGuid, // Formset GUID
>- FORMID_USER_INFO, // Form ID
>- StartOpCodeHandle, // Label
>- EndOpCodeHandle // Replace data
>- );
>-
>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>-}
>-
>-
>-/**
>- Get all the access policy info from current user info, and save in the global
>- variable.
>-
>-**/
>-VOID
>-ResolveAccessPolicy (
>- VOID
>- )
>-{
>- UINTN OffSet;
>- EFI_USER_INFO_ACCESS_CONTROL Control;
>- UINTN ValLen;
>- UINT8 *AccessData;
>-
>- //
>- // Set default value
>- //
>- mAccessInfo.AccessRight = EFI_USER_INFO_ACCESS_ENROLL_SELF;
>- mAccessInfo.AccessSetup = ACCESS_SETUP_RESTRICTED;
>- mAccessInfo.AccessBootOrder =
>EFI_USER_INFO_ACCESS_BOOT_ORDER_INSERT;
>-
>- mAccessInfo.LoadPermitLen = 0;
>- mAccessInfo.LoadForbidLen = 0;
>- mAccessInfo.ConnectPermitLen = 0;
>- mAccessInfo.ConnectForbidLen = 0;
>-
>- //
>- // Get each user access policy.
>- //
>- OffSet = 0;
>- while (OffSet < mUserInfo.AccessPolicyLen) {
>- CopyMem (&Control, mUserInfo.AccessPolicy + OffSet, sizeof (Control));
>- ValLen = Control.Size - sizeof (Control);
>- switch (Control.Type) {
>- case EFI_USER_INFO_ACCESS_ENROLL_SELF:
>- mAccessInfo.AccessRight = EFI_USER_INFO_ACCESS_ENROLL_SELF;
>- break;
>-
>- case EFI_USER_INFO_ACCESS_ENROLL_OTHERS:
>- mAccessInfo.AccessRight = EFI_USER_INFO_ACCESS_ENROLL_OTHERS;
>- break;
>-
>- case EFI_USER_INFO_ACCESS_MANAGE:
>- mAccessInfo.AccessRight = EFI_USER_INFO_ACCESS_MANAGE;
>- break;
>-
>- case EFI_USER_INFO_ACCESS_SETUP:
>- AccessData = mUserInfo.AccessPolicy + OffSet + sizeof (Control);
>- if (CompareGuid ((EFI_GUID *) AccessData,
>&gEfiUserInfoAccessSetupNormalGuid)) {
>- mAccessInfo.AccessSetup = ACCESS_SETUP_NORMAL;
>- } else if (CompareGuid ((EFI_GUID *) AccessData,
>&gEfiUserInfoAccessSetupRestrictedGuid)) {
>- mAccessInfo.AccessSetup = ACCESS_SETUP_RESTRICTED;
>- } else if (CompareGuid ((EFI_GUID *) AccessData,
>&gEfiUserInfoAccessSetupAdminGuid)) {
>- mAccessInfo.AccessSetup = ACCESS_SETUP_ADMIN;
>- }
>- break;
>-
>- case EFI_USER_INFO_ACCESS_BOOT_ORDER:
>- AccessData = mUserInfo.AccessPolicy + OffSet + sizeof (Control);
>- CopyMem (&mAccessInfo.AccessBootOrder, AccessData, sizeof (UINT32));
>- break;
>-
>- case EFI_USER_INFO_ACCESS_FORBID_LOAD:
>- if (mAccessInfo.LoadForbid != NULL) {
>- FreePool (mAccessInfo.LoadForbid);
>- }
>-
>- mAccessInfo.LoadForbid = AllocateZeroPool (ValLen);
>- if (mAccessInfo.LoadForbid != NULL) {
>- AccessData = mUserInfo.AccessPolicy + OffSet + sizeof (Control);
>- CopyMem (mAccessInfo.LoadForbid, AccessData, ValLen);
>- mAccessInfo.LoadForbidLen = ValLen;
>- }
>- break;
>-
>- case EFI_USER_INFO_ACCESS_PERMIT_LOAD:
>- if (mAccessInfo.LoadPermit != NULL) {
>- FreePool (mAccessInfo.LoadPermit);
>- }
>-
>- mAccessInfo.LoadPermit = AllocateZeroPool (ValLen);
>- if (mAccessInfo.LoadPermit != NULL) {
>- AccessData = mUserInfo.AccessPolicy + OffSet + sizeof (Control);
>- CopyMem (mAccessInfo.LoadPermit, AccessData, ValLen);
>- mAccessInfo.LoadPermitLen = ValLen;
>- }
>- break;
>-
>- case EFI_USER_INFO_ACCESS_FORBID_CONNECT:
>- if (mAccessInfo.ConnectForbid != NULL) {
>- FreePool (mAccessInfo.ConnectForbid);
>- }
>-
>- mAccessInfo.ConnectForbid = AllocateZeroPool (ValLen);
>- if (mAccessInfo.ConnectForbid != NULL) {
>- AccessData = mUserInfo.AccessPolicy + OffSet + sizeof (Control);
>- CopyMem (mAccessInfo.ConnectForbid, AccessData, ValLen);
>- mAccessInfo.ConnectForbidLen = ValLen;
>- }
>- break;
>-
>- case EFI_USER_INFO_ACCESS_PERMIT_CONNECT:
>- if (mAccessInfo.ConnectPermit != NULL) {
>- FreePool (mAccessInfo.ConnectPermit);
>- }
>-
>- mAccessInfo.ConnectPermit = AllocateZeroPool (ValLen);
>- if (mAccessInfo.ConnectPermit != NULL) {
>- AccessData = mUserInfo.AccessPolicy + OffSet + sizeof (Control);
>- CopyMem (mAccessInfo.ConnectPermit, AccessData, ValLen);
>- mAccessInfo.ConnectPermitLen = ValLen;
>- }
>- break;
>- }
>-
>- OffSet += Control.Size;
>- }
>-}
>-
>-
>-/**
>- Find the specified info in User profile by the InfoType.
>-
>- @param[in] User Handle of the user whose information will be
>searched.
>- @param[in] InfoType The user information type to find.
>- @param[out] UserInfo Points to user information handle found.
>-
>- @retval EFI_SUCCESS Find the user information successfully.
>- @retval Others Fail to find the user information.
>-
>-**/
>-EFI_STATUS
>-FindInfoByType (
>- IN EFI_USER_PROFILE_HANDLE User,
>- IN UINT8 InfoType,
>- OUT EFI_USER_INFO_HANDLE *UserInfo
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO *Info;
>- UINTN InfoSize;
>- UINTN MemSize;
>-
>- if (UserInfo == NULL) {
>- return EFI_INVALID_PARAMETER;
>- }
>-
>- *UserInfo = NULL;
>- //
>- // Allocate user information memory.
>- //
>- MemSize = sizeof (EFI_USER_INFO) + 63;
>- Info = AllocateZeroPool (MemSize);
>- if (Info == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- //
>- // Get each user information.
>- //
>- while (TRUE) {
>- Status = mUserManager->GetNextInfo (mUserManager, User, UserInfo);
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>- //
>- // Get information.
>- //
>- InfoSize = MemSize;
>- Status = mUserManager->GetInfo (
>- mUserManager,
>- User,
>- *UserInfo,
>- Info,
>- &InfoSize
>- );
>- if (Status == EFI_BUFFER_TOO_SMALL) {
>- MemSize = InfoSize;
>- FreePool (Info);
>- Info = AllocateZeroPool (MemSize);
>- if (Info == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>- Status = mUserManager->GetInfo (
>- mUserManager,
>- User,
>- *UserInfo,
>- Info,
>- &InfoSize
>- );
>- }
>- if (Status == EFI_SUCCESS) {
>- if (Info->InfoType == InfoType) {
>- break;
>- }
>- }
>- }
>-
>- FreePool (Info);
>- return Status;
>-}
>-
>-
>-/**
>- Display modify user access policy form.
>-
>- In this form, access right, access setup and access boot order are dynamically
>- added. Load devicepath and connect devicepath are displayed too.
>-
>-**/
>-VOID
>-ModidyAccessPolicy (
>- VOID
>- )
>-{
>- VOID *StartOpCodeHandle;
>- VOID *EndOpCodeHandle;
>- VOID *OptionsOpCodeHandle;
>- EFI_IFR_GUID_LABEL *StartLabel;
>- EFI_IFR_GUID_LABEL *EndLabel;
>- VOID *DefaultOpCodeHandle;
>-
>- //
>- // Initialize the container for dynamic opcodes.
>- //
>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (StartOpCodeHandle != NULL);
>-
>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (EndOpCodeHandle != NULL);
>-
>- //
>- // Create Hii Extend Label OpCode.
>- //
>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- StartOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- StartLabel->Number = LABEL_AP_MOD_FUNC;
>-
>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- EndOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- EndLabel->Number = LABEL_END;
>-
>-
>- //
>- // Resolve access policy information.
>- //
>- ResolveAccessPolicy ();
>-
>- //
>- // Add access right one-of-code.
>- //
>- OptionsOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (OptionsOpCodeHandle != NULL);
>- DefaultOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (DefaultOpCodeHandle != NULL);
>-
>- HiiCreateOneOfOptionOpCode (
>- OptionsOpCodeHandle,
>- STRING_TOKEN (STR_NORMAL),
>- 0,
>- EFI_IFR_NUMERIC_SIZE_1,
>- EFI_USER_INFO_ACCESS_ENROLL_SELF
>- );
>-
>- HiiCreateOneOfOptionOpCode (
>- OptionsOpCodeHandle,
>- STRING_TOKEN (STR_ENROLL),
>- 0,
>- EFI_IFR_NUMERIC_SIZE_1,
>- EFI_USER_INFO_ACCESS_ENROLL_OTHERS
>- );
>-
>- HiiCreateOneOfOptionOpCode (
>- OptionsOpCodeHandle,
>- STRING_TOKEN (STR_MANAGE),
>- 0,
>- EFI_IFR_NUMERIC_SIZE_1,
>- EFI_USER_INFO_ACCESS_MANAGE
>- );
>-
>- HiiCreateDefaultOpCode (
>- DefaultOpCodeHandle,
>- EFI_HII_DEFAULT_CLASS_STANDARD,
>- EFI_IFR_NUMERIC_SIZE_1,
>- mAccessInfo.AccessRight
>- );
>-
>- HiiCreateOneOfOpCode (
>- StartOpCodeHandle, // Container for dynamic created opcodes
>- KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_AP |
>KEY_MODIFY_RIGHT, // Question ID
>- 0, // VarStore ID
>- 0, // Offset in Buffer Storage
>- STRING_TOKEN (STR_ACCESS_RIGHT), // Question prompt text
>- STRING_TOKEN (STR_ACCESS_RIGHT_HELP), // Question help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- EFI_IFR_NUMERIC_SIZE_1, // Data type of Question Value
>- OptionsOpCodeHandle, // Option Opcode list
>- DefaultOpCodeHandle // Default Opcode
>- );
>- HiiFreeOpCodeHandle (DefaultOpCodeHandle);
>- HiiFreeOpCodeHandle (OptionsOpCodeHandle);
>-
>-
>- //
>- // Add setup type one-of-code.
>- //
>- OptionsOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (OptionsOpCodeHandle != NULL);
>- DefaultOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (DefaultOpCodeHandle != NULL);
>-
>- HiiCreateOneOfOptionOpCode (
>- OptionsOpCodeHandle,
>- STRING_TOKEN (STR_RESTRICTED),
>- 0,
>- EFI_IFR_NUMERIC_SIZE_1,
>- ACCESS_SETUP_RESTRICTED
>- );
>-
>- HiiCreateOneOfOptionOpCode (
>- OptionsOpCodeHandle,
>- STRING_TOKEN (STR_NORMAL),
>- 0,
>- EFI_IFR_NUMERIC_SIZE_1,
>- ACCESS_SETUP_NORMAL
>- );
>-
>- HiiCreateOneOfOptionOpCode (
>- OptionsOpCodeHandle,
>- STRING_TOKEN (STR_ADMIN),
>- 0,
>- EFI_IFR_NUMERIC_SIZE_1,
>- ACCESS_SETUP_ADMIN
>- );
>-
>- HiiCreateDefaultOpCode (
>- DefaultOpCodeHandle,
>- EFI_HII_DEFAULT_CLASS_STANDARD,
>- EFI_IFR_NUMERIC_SIZE_1,
>- mAccessInfo.AccessSetup
>- );
>-
>- HiiCreateOneOfOpCode (
>- StartOpCodeHandle, // Container for dynamic created opcodes
>- KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_AP |
>KEY_MODIFY_SETUP, // Question ID
>- 0, // VarStore ID
>- 0, // Offset in Buffer Storage
>- STRING_TOKEN (STR_ACCESS_SETUP), // Question prompt text
>- STRING_TOKEN (STR_ACCESS_SETUP_HELP), // Question help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- EFI_IFR_NUMERIC_SIZE_1, // Data type of Question Value
>- OptionsOpCodeHandle, // Option Opcode list
>- DefaultOpCodeHandle // Default Opcode
>- );
>- HiiFreeOpCodeHandle (DefaultOpCodeHandle);
>- HiiFreeOpCodeHandle (OptionsOpCodeHandle);
>-
>- //
>- // Add boot order one-of-code.
>- //
>- OptionsOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (OptionsOpCodeHandle != NULL);
>- DefaultOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (DefaultOpCodeHandle != NULL);
>-
>- HiiCreateOneOfOptionOpCode (
>- OptionsOpCodeHandle,
>- STRING_TOKEN (STR_INSERT),
>- 0,
>- EFI_IFR_NUMERIC_SIZE_4,
>- EFI_USER_INFO_ACCESS_BOOT_ORDER_INSERT
>- );
>-
>- HiiCreateOneOfOptionOpCode (
>- OptionsOpCodeHandle,
>- STRING_TOKEN (STR_APPEND),
>- 0,
>- EFI_IFR_NUMERIC_SIZE_4,
>- EFI_USER_INFO_ACCESS_BOOT_ORDER_APPEND
>- );
>-
>- HiiCreateOneOfOptionOpCode (
>- OptionsOpCodeHandle,
>- STRING_TOKEN (STR_REPLACE),
>- 0,
>- EFI_IFR_NUMERIC_SIZE_4,
>- EFI_USER_INFO_ACCESS_BOOT_ORDER_REPLACE
>- );
>-
>- HiiCreateOneOfOptionOpCode (
>- OptionsOpCodeHandle,
>- STRING_TOKEN (STR_NODEFAULT),
>- 0,
>- EFI_IFR_NUMERIC_SIZE_4,
>- EFI_USER_INFO_ACCESS_BOOT_ORDER_NODEFAULT
>- );
>-
>- HiiCreateDefaultOpCode (
>- DefaultOpCodeHandle,
>- EFI_HII_DEFAULT_CLASS_STANDARD,
>- EFI_IFR_NUMERIC_SIZE_4,
>- mAccessInfo.AccessBootOrder
>- );
>-
>- HiiCreateOneOfOpCode (
>- StartOpCodeHandle, // Container for dynamic created opcodes
>- KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_AP |
>KEY_MODIFY_BOOT, // Question ID
>- 0, // VarStore ID
>- 0, // Offset in Buffer Storage
>- STRING_TOKEN (STR_BOOR_ORDER), // Question prompt text
>- STRING_TOKEN (STR_BOOT_ORDER_HELP), // Question help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- EFI_IFR_NUMERIC_SIZE_1, // Data type of Question Value
>- OptionsOpCodeHandle, // Option Opcode list
>- DefaultOpCodeHandle // Default Opcode
>- );
>- HiiFreeOpCodeHandle (DefaultOpCodeHandle);
>- HiiFreeOpCodeHandle (OptionsOpCodeHandle);
>-
>- //
>- // Update Form.
>- //
>- HiiUpdateForm (
>- mCallbackInfo->HiiHandle, // HII handle
>- &gUserProfileManagerGuid, // Formset GUID
>- FORMID_MODIFY_AP, // Form ID
>- StartOpCodeHandle, // Label for where to insert opcodes
>- EndOpCodeHandle // Replace data
>- );
>-
>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>-}
>-
>-
>-/**
>- Expand access policy memory size.
>-
>- @param[in] ValidLen The valid access policy length.
>- @param[in] ExpandLen The length that is needed to expand.
>-
>-**/
>-VOID
>-ExpandMemory (
>- IN UINTN ValidLen,
>- IN UINTN ExpandLen
>- )
>-{
>- UINT8 *Mem;
>- UINTN Len;
>-
>- //
>- // Expand memory.
>- //
>- Len = mUserInfo.AccessPolicyLen + (ExpandLen / 64 + 1) * 64;
>- Mem = AllocateZeroPool (Len);
>- ASSERT (Mem != NULL);
>-
>- if (mUserInfo.AccessPolicy != NULL) {
>- CopyMem (Mem, mUserInfo.AccessPolicy, ValidLen);
>- FreePool (mUserInfo.AccessPolicy);
>- }
>-
>- mUserInfo.AccessPolicy = Mem;
>- mUserInfo.AccessPolicyLen = Len;
>-}
>-
>-
>-/**
>- Get the username from user input, and update username string in the Hii
>- database with it.
>-
>-**/
>-VOID
>-ModifyUserName (
>- VOID
>- )
>-{
>- EFI_STATUS Status;
>- CHAR16 UserName[USER_NAME_LENGTH];
>- UINTN Len;
>- EFI_INPUT_KEY Key;
>- EFI_USER_INFO_HANDLE UserInfo;
>- EFI_USER_INFO *Info;
>- EFI_USER_PROFILE_HANDLE TempUser;
>-
>- //
>- // Get the new user name.
>- //
>- Len = sizeof (UserName);
>- Status = GetUserNameInput (&Len, UserName);
>- if (EFI_ERROR (Status)) {
>- if (Status != EFI_ABORTED) {
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- L"Failed To Get User Name.",
>- L"",
>- L"Please Press Any Key to Continue ...",
>- NULL
>- );
>- }
>- return ;
>- }
>-
>- //
>- // Check whether the username had been used or not.
>- //
>- Info = AllocateZeroPool (sizeof (EFI_USER_INFO) + Len);
>- if (Info == NULL) {
>- return ;
>- }
>-
>- Info->InfoType = EFI_USER_INFO_NAME_RECORD;
>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>- EFI_USER_INFO_PUBLIC |
>- EFI_USER_INFO_EXCLUSIVE;
>- Info->InfoSize = (UINT32) (sizeof (EFI_USER_INFO) + Len);
>- CopyMem ((UINT8 *) (Info + 1), UserName, Len);
>-
>- TempUser = NULL;
>- Status = mUserManager->Find (
>- mUserManager,
>- &TempUser,
>- NULL,
>- Info,
>- Info->InfoSize
>- );
>- if (!EFI_ERROR (Status)) {
>- CreatePopUp (
>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>- &Key,
>- L"The User Name Had Been Used.",
>- L"",
>- L"Please Use Other User Name",
>- NULL
>- );
>- FreePool (Info);
>- return ;
>- }
>-
>- //
>- // Update username display in the form.
>- //
>- CopyMem (mUserInfo.UserName, UserName, Len);
>- HiiSetString (
>- mCallbackInfo->HiiHandle,
>- STRING_TOKEN (STR_USER_NAME_VAL),
>- mUserInfo.UserName,
>- NULL
>- );
>-
>- //
>- // Save the user name.
>- //
>- Status = FindInfoByType (mModifyUser, EFI_USER_INFO_NAME_RECORD,
>&UserInfo);
>- if (!EFI_ERROR (Status)) {
>- mUserManager->SetInfo (
>- mUserManager,
>- mModifyUser,
>- &UserInfo,
>- Info,
>- Info->InfoSize
>- );
>- }
>- FreePool (Info);
>-}
>-
>-
>-/**
>- Display the form of the modifying user identity policy.
>-
>-**/
>-VOID
>-ModifyIdentityPolicy (
>- VOID
>- )
>-{
>- UINTN Index;
>- CHAR16 *ProvStr;
>- EFI_STRING_ID ProvID;
>- EFI_HII_HANDLE HiiHandle;
>- VOID *OptionsOpCodeHandle;
>- VOID *StartOpCodeHandle;
>- VOID *EndOpCodeHandle;
>- EFI_IFR_GUID_LABEL *StartLabel;
>- EFI_IFR_GUID_LABEL *EndLabel;
>-
>- //
>- // Initialize the container for dynamic opcodes.
>- //
>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (StartOpCodeHandle != NULL);
>-
>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (EndOpCodeHandle != NULL);
>-
>- //
>- // Create Hii Extend Label OpCode.
>- //
>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- StartOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- StartLabel->Number = LABEL_IP_MOD_FUNC;
>-
>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>- EndOpCodeHandle,
>- &gEfiIfrTianoGuid,
>- NULL,
>- sizeof (EFI_IFR_GUID_LABEL)
>- );
>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>- EndLabel->Number = LABEL_END;
>-
>- //
>- // Add credential providers
>- //.
>- if (mProviderInfo->Count > 0) {
>- OptionsOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (OptionsOpCodeHandle != NULL);
>-
>- //
>- // Add credential provider Option OpCode.
>- //
>- for (Index = 0; Index < mProviderInfo->Count; Index++) {
>- mProviderInfo->Provider[Index]->Title (
>- mProviderInfo->Provider[Index],
>- &HiiHandle,
>- &ProvID
>- );
>- ProvStr = HiiGetString (HiiHandle, ProvID, NULL);
>- ProvID = HiiSetString (mCallbackInfo->HiiHandle, 0, ProvStr, NULL);
>- FreePool (ProvStr);
>- if (ProvID == 0) {
>- return ;
>- }
>-
>- HiiCreateOneOfOptionOpCode (
>- OptionsOpCodeHandle,
>- ProvID,
>- 0,
>- EFI_IFR_NUMERIC_SIZE_1,
>- (UINT8) Index
>- );
>- }
>-
>- HiiCreateOneOfOpCode (
>- StartOpCodeHandle, // Container for dynamic created opcodes
>- KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_IP |
>KEY_MODIFY_PROV, // Question ID
>- 0, // VarStore ID
>- 0, // Offset in Buffer Storage
>- STRING_TOKEN (STR_PROVIDER), // Question prompt text
>- STRING_TOKEN (STR_PROVIDER_HELP), // Question help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- EFI_IFR_NUMERIC_SIZE_1, // Data type of Question Value
>- OptionsOpCodeHandle, // Option Opcode list
>- NULL // Default Opcode is NULl
>- );
>-
>- HiiFreeOpCodeHandle (OptionsOpCodeHandle);
>- }
>-
>- //
>- // Add logical connector Option OpCode.
>- //
>- OptionsOpCodeHandle = HiiAllocateOpCodeHandle ();
>- ASSERT (OptionsOpCodeHandle != NULL);
>-
>- HiiCreateOneOfOptionOpCode (
>- OptionsOpCodeHandle,
>- STRING_TOKEN (STR_AND_CON),
>- 0,
>- EFI_IFR_NUMERIC_SIZE_1,
>- 0
>- );
>-
>- HiiCreateOneOfOptionOpCode (
>- OptionsOpCodeHandle,
>- STRING_TOKEN (STR_OR_CON),
>- 0,
>- EFI_IFR_NUMERIC_SIZE_1,
>- 1
>- );
>-
>- HiiCreateOneOfOpCode (
>- StartOpCodeHandle, // Container for dynamic created opcodes
>- KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_IP |
>KEY_MODIFY_CONN, // Question ID
>- 0, // VarStore ID
>- 0, // Offset in Buffer Storage
>- STRING_TOKEN (STR_CONNECTOR), // Question prompt text
>- STRING_TOKEN (STR_CONNECTOR_HELP), // Question help text
>- EFI_IFR_FLAG_CALLBACK, // Question flag
>- EFI_IFR_NUMERIC_SIZE_1, // Data type of Question Value
>- OptionsOpCodeHandle, // Option Opcode list
>- NULL // Default Opcode is NULl
>- );
>-
>- HiiFreeOpCodeHandle (OptionsOpCodeHandle);
>-
>- //
>- // Update identity policy in the form.
>- //
>- ResolveIdentityPolicy (
>- mUserInfo.IdentityPolicy,
>- mUserInfo.IdentityPolicyLen,
>- STRING_TOKEN (STR_IDENTIFY_POLICY_VALUE)
>- );
>-
>- if (mUserInfo.NewIdentityPolicy != NULL) {
>- FreePool (mUserInfo.NewIdentityPolicy);
>- mUserInfo.NewIdentityPolicy = NULL;
>- mUserInfo.NewIdentityPolicyLen = 0;
>- mUserInfo.NewIdentityPolicyModified = FALSE;
>- }
>- mProviderChoice = 0;
>- mConncetLogical = 0;
>-
>- HiiUpdateForm (
>- mCallbackInfo->HiiHandle, // HII handle
>- &gUserProfileManagerGuid, // Formset GUID
>- FORMID_MODIFY_IP, // Form ID
>- StartOpCodeHandle, // Label for where to insert opcodes
>- EndOpCodeHandle // Replace data
>- );
>-
>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>-}
>-
>-
>-/**
>- Get current user's access right.
>-
>- @param[out] AccessRight Points to the buffer used for user's access right.
>-
>- @retval EFI_SUCCESS Get current user access right successfully.
>- @retval others Fail to get current user access right.
>-
>-**/
>-EFI_STATUS
>-GetAccessRight (
>- OUT UINT32 *AccessRight
>- )
>-{
>- EFI_STATUS Status;
>- EFI_USER_INFO_HANDLE UserInfo;
>- EFI_USER_INFO *Info;
>- UINTN InfoSize;
>- UINTN MemSize;
>- EFI_USER_INFO_ACCESS_CONTROL Access;
>- EFI_USER_PROFILE_HANDLE CurrentUser;
>- UINTN TotalLen;
>- UINTN CheckLen;
>-
>- //
>- // Allocate user information memory.
>- //
>- MemSize = sizeof (EFI_USER_INFO) + 63;
>- Info = AllocateZeroPool (MemSize);
>- if (Info == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>-
>- //
>- // Get user access information.
>- //
>- UserInfo = NULL;
>- mUserManager->Current (mUserManager, &CurrentUser);
>- while (TRUE) {
>- InfoSize = MemSize;
>- //
>- // Get next user information.
>- //
>- Status = mUserManager->GetNextInfo (mUserManager, CurrentUser,
>&UserInfo);
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>-
>- Status = mUserManager->GetInfo (
>- mUserManager,
>- CurrentUser,
>- UserInfo,
>- Info,
>- &InfoSize
>- );
>- if (Status == EFI_BUFFER_TOO_SMALL) {
>- MemSize = InfoSize;
>- FreePool (Info);
>- Info = AllocateZeroPool (MemSize);
>- if (Info == NULL) {
>- return EFI_OUT_OF_RESOURCES;
>- }
>- Status = mUserManager->GetInfo (
>- mUserManager,
>- CurrentUser,
>- UserInfo,
>- Info,
>- &InfoSize
>- );
>- }
>- if (EFI_ERROR (Status)) {
>- break;
>- }
>-
>- //
>- // Check user information.
>- //
>- if (Info->InfoType == EFI_USER_INFO_ACCESS_POLICY_RECORD) {
>- TotalLen = Info->InfoSize - sizeof (EFI_USER_INFO);
>- CheckLen = 0;
>- //
>- // Get specified access information.
>- //
>- while (CheckLen < TotalLen) {
>- CopyMem (&Access, (UINT8 *) (Info + 1) + CheckLen, sizeof (Access));
>- if ((Access.Type == EFI_USER_INFO_ACCESS_ENROLL_SELF) ||
>- (Access.Type == EFI_USER_INFO_ACCESS_ENROLL_OTHERS) ||
>- (Access.Type == EFI_USER_INFO_ACCESS_MANAGE)
>- ) {
>- *AccessRight = Access.Type;
>- FreePool (Info);
>- return EFI_SUCCESS;
>- }
>- CheckLen += Access.Size;
>- }
>- }
>- }
>- FreePool (Info);
>- return EFI_NOT_FOUND;
>-}
>-
>--
>2.16.2.windows.1
>
>_______________________________________________
>edk2-devel mailing list
>edk2-devel@lists.01.org
>https://lists.01.org/mailman/listinfo/edk2-devel
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] SecurityPkg: Remove code under UserIdentification folder.
2019-01-09 1:54 ` Chen, Chen A
@ 2019-01-09 2:17 ` Gao, Liming
0 siblings, 0 replies; 4+ messages in thread
From: Gao, Liming @ 2019-01-09 2:17 UTC (permalink / raw)
To: Chen, Chen A, edk2-devel@lists.01.org; +Cc: Zhang, Chao B
When you update the patch, please also add BZ URL in the commit message.
Thanks
Liming
>-----Original Message-----
>From: Chen, Chen A
>Sent: Wednesday, January 09, 2019 9:55 AM
>To: Gao, Liming <liming.gao@intel.com>; edk2-devel@lists.01.org
>Cc: Zhang, Chao B <chao.b.zhang@intel.com>
>Subject: RE: [edk2] [PATCH] SecurityPkg: Remove code under
>UserIdentification folder.
>
>Yes, Chao has filed on BZ1427.
>
>-----Original Message-----
>From: Gao, Liming
>Sent: Wednesday, January 9, 2019 9:39 AM
>To: Chen, Chen A <chen.a.chen@intel.com>; edk2-devel@lists.01.org
>Cc: Zhang, Chao B <chao.b.zhang@intel.com>
>Subject: RE: [edk2] [PATCH] SecurityPkg: Remove code under
>UserIdentification folder.
>
>Could you create BZ for this change?
>
>>-----Original Message-----
>>From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of
>>chenche4
>>Sent: Wednesday, January 09, 2019 9:09 AM
>>To: edk2-devel@lists.01.org
>>Cc: Zhang, Chao B <chao.b.zhang@intel.com>
>>Subject: [edk2] [PATCH] SecurityPkg: Remove code under UserIdentification
>>folder.
>>
>>1. UserIdentifyManagerDxe is used to provide UserManagerProtocol.
>>2. UserProfileManagerDxe provide UI setting
>>3. PwdCredentialProviderDxe & UsbCredentialProviderDxe are
>>implementation
>> examples.
>>
>>Remove above features because of no platform use it.
>>
>>Cc: Zhang Chao B <chao.b.zhang@intel.com>
>>Contributed-under: TianoCore Contribution Agreement 1.1
>>Signed-off-by: Chen A Chen <chen.a.chen@intel.com>
>>---
>> .../Include/Guid/UsbCredentialProviderHii.h | 29 -
>> SecurityPkg/Include/Guid/UserIdentifyManagerHii.h | 25 -
>> SecurityPkg/Include/Guid/UserProfileManagerHii.h | 25 -
>> SecurityPkg/SecurityPkg.dec | 12 -
>> SecurityPkg/SecurityPkg.dsc | 4 -
>> .../PwdCredentialProvider.c | 1464 --------
>> .../PwdCredentialProvider.h | 374 --
>> .../PwdCredentialProvider.uni | 21 -
>> .../PwdCredentialProviderData.h | 30 -
>> .../PwdCredentialProviderDxe.inf | 65 -
>> .../PwdCredentialProviderExtra.uni | 19 -
>> .../PwdCredentialProviderStrings.uni | 38 -
>> .../PwdCredentialProviderVfr.Vfr | 34 -
>> .../UsbCredentialProvider.c | 1410 --------
>> .../UsbCredentialProvider.h | 361 --
>> .../UsbCredentialProvider.uni | 23 -
>> .../UsbCredentialProviderDxe.inf | 70 -
>> .../UsbCredentialProviderExtra.uni | 19 -
>> .../UsbCredentialProviderStrings.uni | 29 -
>> .../UserIdentifyManagerDxe/LoadDeferredImage.c | 148 -
>> .../UserIdentifyManagerDxe/UserIdentifyManager.c | 3766 ------------------
>--
>> .../UserIdentifyManagerDxe/UserIdentifyManager.h | 413 ---
>> .../UserIdentifyManagerDxe/UserIdentifyManager.uni | 21 -
>> .../UserIdentifyManagerData.h | 35 -
>> .../UserIdentifyManagerDxe.inf | 79 -
>> .../UserIdentifyManagerExtra.uni | 19 -
>> .../UserIdentifyManagerStrings.uni | 27 -
>> .../UserIdentifyManagerVfr.Vfr | 43 -
>> .../UserProfileManagerDxe/ModifyAccessPolicy.c | 688 ----
>> .../UserProfileManagerDxe/ModifyIdentityPolicy.c | 516 ---
>> .../UserProfileManagerDxe/UserProfileAdd.c | 372 --
>> .../UserProfileManagerDxe/UserProfileDelete.c | 343 --
>> .../UserProfileManagerDxe/UserProfileManager.c | 887 -----
>> .../UserProfileManagerDxe/UserProfileManager.h | 444 ---
>> .../UserProfileManagerDxe/UserProfileManager.uni | 22 -
>> .../UserProfileManagerDxe/UserProfileManagerData.h | 158 -
>> .../UserProfileManagerDxe.inf | 72 -
>> .../UserProfileManagerExtra.uni | 19 -
>> .../UserProfileManagerStrings.uni | 158 -
>> .../UserProfileManagerVfr.Vfr | 244 --
>> .../UserProfileManagerDxe/UserProfileModify.c | 1475 --------
>> 41 files changed, 14001 deletions(-)
>> delete mode 100644 SecurityPkg/Include/Guid/UsbCredentialProviderHii.h
>> delete mode 100644 SecurityPkg/Include/Guid/UserIdentifyManagerHii.h
>> delete mode 100644 SecurityPkg/Include/Guid/UserProfileManagerHii.h
>> delete mode 100644
>>SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialPr
>o
>>vider.c
>> delete mode 100644
>>SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialPr
>o
>>vider.h
>> delete mode 100644
>>SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialPr
>o
>>vider.uni
>> delete mode 100644
>>SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialPr
>o
>>viderData.h
>> delete mode 100644
>>SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialPr
>o
>>viderDxe.inf
>> delete mode 100644
>>SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialPr
>o
>>viderExtra.uni
>> delete mode 100644
>>SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialPr
>o
>>viderStrings.uni
>> delete mode 100644
>>SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialPr
>o
>>viderVfr.Vfr
>> delete mode 100644
>>SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>o
>>vider.c
>> delete mode 100644
>>SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>o
>>vider.h
>> delete mode 100644
>>SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>o
>>vider.uni
>> delete mode 100644
>>SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>o
>>viderDxe.inf
>> delete mode 100644
>>SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>o
>>viderExtra.uni
>> delete mode 100644
>>SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>o
>>viderStrings.uni
>> delete mode 100644
>>SecurityPkg/UserIdentification/UserIdentifyManagerDxe/LoadDeferredIma
>g
>>e.c
>> delete mode 100644
>>SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMana
>g
>>er.c
>> delete mode 100644
>>SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMana
>g
>>er.h
>> delete mode 100644
>>SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMana
>g
>>er.uni
>> delete mode 100644
>>SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMana
>g
>>erData.h
>> delete mode 100644
>>SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMana
>g
>>erDxe.inf
>> delete mode 100644
>>SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMana
>g
>>erExtra.uni
>> delete mode 100644
>>SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMana
>g
>>erStrings.uni
>> delete mode 100644
>>SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMana
>g
>>erVfr.Vfr
>> delete mode 100644
>>SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyAccessPolicy.
>>c
>> delete mode 100644
>>SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyIdentityPolic
>y
>>.c
>> delete mode 100644
>>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileAdd.c
>> delete mode 100644
>>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileDelete.c
>> delete mode 100644
>>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManage
>r.
>>c
>> delete mode 100644
>>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManage
>r.
>>h
>> delete mode 100644
>>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManage
>r.
>>uni
>> delete mode 100644
>>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManage
>r
>>Data.h
>> delete mode 100644
>>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManage
>r
>>Dxe.inf
>> delete mode 100644
>>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManage
>r
>>Extra.uni
>> delete mode 100644
>>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManage
>r
>>Strings.uni
>> delete mode 100644
>>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManage
>r
>>Vfr.Vfr
>> delete mode 100644
>>SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileModify.
>c
>>
>>diff --git a/SecurityPkg/Include/Guid/UsbCredentialProviderHii.h
>>b/SecurityPkg/Include/Guid/UsbCredentialProviderHii.h
>>deleted file mode 100644
>>index 059d68f32e..0000000000
>>--- a/SecurityPkg/Include/Guid/UsbCredentialProviderHii.h
>>+++ /dev/null
>>@@ -1,29 +0,0 @@
>>-/** @file
>>- GUID used as HII Package list GUID in UsbCredentialProviderDxe driver.
>>-
>>-Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
>>-This program and the accompanying materials
>>-are licensed and made available under the terms and conditions of the BSD
>>License
>>-which accompanies this distribution. The full text of the license may be
>>found at
>>-http://opensource.org/licenses/bsd-license.php
>>-
>>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-
>>-**/
>>-
>>-#ifndef __USB_CREDENTIAL_PROVIDER_HII_H__
>>-#define __USB_CREDENTIAL_PROVIDER_HII_H__
>>-
>>-//
>>-// Used for save password credential and form browser
>>-// And used as provider identifier
>>-//
>>-#define USB_CREDENTIAL_PROVIDER_GUID \
>>- { \
>>- 0xd0849ed1, 0xa88c, 0x4ba6, { 0xb1, 0xd6, 0xab, 0x50, 0xe2, 0x80, 0xb7,
>>0xa9 }\
>>- }
>>-
>>-extern EFI_GUID gUsbCredentialProviderGuid;
>>-
>>-#endif
>>diff --git a/SecurityPkg/Include/Guid/UserIdentifyManagerHii.h
>>b/SecurityPkg/Include/Guid/UserIdentifyManagerHii.h
>>deleted file mode 100644
>>index 323c51f0f6..0000000000
>>--- a/SecurityPkg/Include/Guid/UserIdentifyManagerHii.h
>>+++ /dev/null
>>@@ -1,25 +0,0 @@
>>-/** @file
>>- GUID used as HII FormSet and HII Package list GUID in
>>UserIdentifyManagerDxe driver.
>>-
>>-Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
>>-This program and the accompanying materials
>>-are licensed and made available under the terms and conditions of the BSD
>>License
>>-which accompanies this distribution. The full text of the license may be
>>found at
>>-http://opensource.org/licenses/bsd-license.php
>>-
>>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-
>>-**/
>>-
>>-#ifndef __USER_IDENTIFY_MANAGER_HII_H__
>>-#define __USER_IDENTIFY_MANAGER_HII_H__
>>-
>>-#define USER_IDENTIFY_MANAGER_GUID \
>>- { \
>>- 0x3ccd3dd8, 0x8d45, 0x4fed, { 0x96, 0x2d, 0x2b, 0x38, 0xcd, 0x82, 0xb3,
>>0xc4 } \
>>- }
>>-
>>-extern EFI_GUID gUserIdentifyManagerGuid;
>>-
>>-#endif
>>diff --git a/SecurityPkg/Include/Guid/UserProfileManagerHii.h
>>b/SecurityPkg/Include/Guid/UserProfileManagerHii.h
>>deleted file mode 100644
>>index 105059350c..0000000000
>>--- a/SecurityPkg/Include/Guid/UserProfileManagerHii.h
>>+++ /dev/null
>>@@ -1,25 +0,0 @@
>>-/** @file
>>- GUID used as HII FormSet and HII Package list GUID in
>>UserProfileManagerDxe driver.
>>-
>>-Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
>>-This program and the accompanying materials
>>-are licensed and made available under the terms and conditions of the BSD
>>License
>>-which accompanies this distribution. The full text of the license may be
>>found at
>>-http://opensource.org/licenses/bsd-license.php
>>-
>>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-
>>-**/
>>-
>>-#ifndef __USER_PROFILE_MANAGER_HII_H__
>>-#define __USER_PROFILE_MANAGER_HII_H__
>>-
>>-#define USER_PROFILE_MANAGER_GUID \
>>- { \
>>- 0xc35f272c, 0x97c2, 0x465a, { 0xa2, 0x16, 0x69, 0x6b, 0x66, 0x8a, 0x8c,
>0xfe }
>>\
>>- }
>>-
>>-extern EFI_GUID gUserProfileManagerGuid;
>>-
>>-#endif
>>diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec
>>index 8d64b4fefe..0c2afe2938 100644
>>--- a/SecurityPkg/SecurityPkg.dec
>>+++ b/SecurityPkg/SecurityPkg.dec
>>@@ -139,22 +139,10 @@
>> # Include/Guid/Tcg2PhysicalPresenceData.h
>> gEfiTcg2PhysicalPresenceGuid = { 0xaeb9c5c1, 0x94f1, 0x4d02, { 0xbf, 0xd9,
>>0x46, 0x2, 0xdb, 0x2d, 0x3c, 0x54 }}
>>
>>- ## GUID used for form browser, password credential and provider
>identifier.
>>- # Include/Guid/PwdCredentialProviderHii.h
>>- gPwdCredentialProviderGuid = { 0x78b9ec8b, 0xc000, 0x46c5, { 0xac,
>>0x93, 0x24, 0xa0, 0xc1, 0xbb, 0x0, 0xce }}
>>-
>>- ## GUID used for form browser, USB credential and provider identifier.
>>- # Include/Guid/UsbCredentialProviderHii.h
>>- gUsbCredentialProviderGuid = { 0xd0849ed1, 0xa88c, 0x4ba6, { 0xb1,
>>0xd6, 0xab, 0x50, 0xe2, 0x80, 0xb7, 0xa9 }}
>>-
>> ## GUID used for FormSet guid and user profile variable.
>> # Include/Guid/UserIdentifyManagerHii.h
>> gUserIdentifyManagerGuid = { 0x3ccd3dd8, 0x8d45, 0x4fed, { 0x96,
>>0x2d, 0x2b, 0x38, 0xcd, 0x82, 0xb3, 0xc4 }}
>>
>>- ## GUID used for FormSet.
>>- # Include/Guid/UserProfileManagerHii.h
>>- gUserProfileManagerGuid = { 0xc35f272c, 0x97c2, 0x465a, { 0xa2, 0x16,
>>0x69, 0x6b, 0x66, 0x8a, 0x8c, 0xfe }}
>>-
>> ## GUID used for FormSet.
>> # Include/Guid/TcgConfigHii.h
>> gTcgConfigFormSetGuid = { 0xb0f901e4, 0xc424, 0x45de, { 0x90, 0x81,
>>0x95, 0xe2, 0xb, 0xde, 0x6f, 0xb5 }}
>>diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc
>>index 68a2953162..19aaebff1f 100644
>>--- a/SecurityPkg/SecurityPkg.dsc
>>+++ b/SecurityPkg/SecurityPkg.dsc
>>@@ -146,8 +146,6 @@
>> SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
>> #SecurityPkg/Library/DxeDeferImageLoadLib/DxeDeferImageLoadLib.inf
>>
>>SecurityPkg/Library/DxeImageAuthenticationStatusLib/DxeImageAuthentica
>ti
>>onStatusLib.inf
>>-
>>#SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMan
>a
>>gerDxe.inf
>>-
>>#SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManag
>e
>>rDxe.inf
>>
>> #
>> # TPM
>>@@ -200,8 +198,6 @@
>> SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
>>
>> [Components.IA32, Components.X64]
>>-#
>>SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialPr
>o
>>viderDxe.inf
>>-#
>>SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialPr
>o
>>viderDxe.inf
>>
>>SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfi
>g
>>Dxe.inf
>>
>> #
>>diff --git
>>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>P
>>rovider.c
>>b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentia
>l
>>Provider.c
>>deleted file mode 100644
>>index 52fc68b5ee..0000000000
>>---
>>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>P
>>rovider.c
>>+++ /dev/null
>>@@ -1,1464 +0,0 @@
>>-/** @file
>>- Password Credential Provider driver implementation.
>>-
>>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>>-(C) Copyright 2018 Hewlett Packard Enterprise Development LP<BR>
>>-This program and the accompanying materials
>>-are licensed and made available under the terms and conditions of the BSD
>>License
>>-which accompanies this distribution. The full text of the license may be
>>found at
>>-http://opensource.org/licenses/bsd-license.php
>>-
>>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-
>>-**/
>>-
>>-#include "PwdCredentialProvider.h"
>>-
>>-CREDENTIAL_TABLE *mPwdTable = NULL;
>>-PWD_PROVIDER_CALLBACK_INFO *mCallbackInfo = NULL;
>>-PASSWORD_CREDENTIAL_INFO *mPwdInfoHandle = NULL;
>>-
>>-HII_VENDOR_DEVICE_PATH mHiiVendorDevicePath = {
>>- {
>>- {
>>- HARDWARE_DEVICE_PATH,
>>- HW_VENDOR_DP,
>>- {
>>- (UINT8) (sizeof (VENDOR_DEVICE_PATH)),
>>- (UINT8) ((sizeof (VENDOR_DEVICE_PATH)) >> 8)
>>- }
>>- },
>>- PWD_CREDENTIAL_PROVIDER_GUID
>>- },
>>- {
>>- END_DEVICE_PATH_TYPE,
>>- END_ENTIRE_DEVICE_PATH_SUBTYPE,
>>- {
>>- (UINT8) (END_DEVICE_PATH_LENGTH),
>>- (UINT8) ((END_DEVICE_PATH_LENGTH) >> 8)
>>- }
>>- }
>>-};
>>-
>>-EFI_USER_CREDENTIAL2_PROTOCOL gPwdCredentialProviderDriver = {
>>- PWD_CREDENTIAL_PROVIDER_GUID,
>>- EFI_USER_CREDENTIAL_CLASS_PASSWORD,
>>- CredentialEnroll,
>>- CredentialForm,
>>- CredentialTile,
>>- CredentialTitle,
>>- CredentialUser,
>>- CredentialSelect,
>>- CredentialDeselect,
>>- CredentialDefault,
>>- CredentialGetInfo,
>>- CredentialGetNextInfo,
>>- EFI_CREDENTIAL_CAPABILITIES_ENROLL,
>>- CredentialDelete
>>-};
>>-
>>-
>>-/**
>>- Get string by string id from HII Interface.
>>-
>>-
>>- @param[in] Id String ID to get the string from.
>>-
>>- @retval CHAR16 * String from ID.
>>- @retval NULL If error occurs.
>>-
>>-**/
>>-CHAR16 *
>>-GetStringById (
>>- IN EFI_STRING_ID Id
>>- )
>>-{
>>- //
>>- // Get the current string for the current Language.
>>- //
>>- return HiiGetString (mCallbackInfo->HiiHandle, Id, NULL);
>>-}
>>-
>>-
>>-/**
>>- Expand password table size.
>>-
>>-**/
>>-VOID
>>-ExpandTableSize (
>>- VOID
>>- )
>>-{
>>- CREDENTIAL_TABLE *NewTable;
>>- UINTN Count;
>>-
>>- Count = mPwdTable->MaxCount + PASSWORD_TABLE_INC;
>>- //
>>- // Create new credential table.
>>- //
>>- NewTable = (CREDENTIAL_TABLE *) AllocateZeroPool (
>>- sizeof (CREDENTIAL_TABLE) +
>>- (Count - 1) * sizeof (PASSWORD_INFO)
>>- );
>>- ASSERT (NewTable != NULL);
>>-
>>- NewTable->MaxCount = Count;
>>- NewTable->Count = mPwdTable->Count;
>>- NewTable->ValidIndex = mPwdTable->ValidIndex;
>>- //
>>- // Copy old entries
>>- //
>>- CopyMem (
>>- &NewTable->UserInfo,
>>- &mPwdTable->UserInfo,
>>- mPwdTable->Count * sizeof (PASSWORD_INFO)
>>- );
>>- FreePool (mPwdTable);
>>- mPwdTable = NewTable;
>>-}
>>-
>>-
>>-/**
>>- Add, update or delete info in table, and sync with NV variable.
>>-
>>- @param[in] Index The index of the password in table. If index is found
>in
>>- table, update the info, else add the into to table.
>>- @param[in] Info The new password info to add into table.If Info is NULL,
>>- delete the info by Index.
>>-
>>- @retval EFI_INVALID_PARAMETER Info is NULL when save the info.
>>- @retval EFI_SUCCESS Modify the table successfully.
>>- @retval Others Failed to modify the table.
>>-
>>-**/
>>-EFI_STATUS
>>-ModifyTable (
>>- IN UINTN Index,
>>- IN PASSWORD_INFO * Info OPTIONAL
>>- )
>>-{
>>- EFI_STATUS Status;
>>- PASSWORD_INFO *NewPasswordInfo;
>>-
>>- NewPasswordInfo = NULL;
>>-
>>- if (Index < mPwdTable->Count) {
>>- if (Info == NULL) {
>>- //
>>- // Delete the specified entry.
>>- //
>>- mPwdTable->Count--;
>>- if (Index != mPwdTable->Count) {
>>- NewPasswordInfo = &mPwdTable->UserInfo[mPwdTable->Count];
>>- }
>>- } else {
>>- //
>>- // Update the specified entry.
>>- //
>>- NewPasswordInfo = Info;
>>- }
>>- } else {
>>- //
>>- // Add a new password info.
>>- //
>>- if (Info == NULL) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- if (mPwdTable->Count >= mPwdTable->MaxCount) {
>>- ExpandTableSize ();
>>- }
>>-
>>- NewPasswordInfo = Info;
>>- mPwdTable->Count++;
>>- }
>>-
>>- if (NewPasswordInfo != NULL) {
>>- CopyMem (&mPwdTable->UserInfo[Index], NewPasswordInfo, sizeof
>>(PASSWORD_INFO));
>>- }
>>-
>>- //
>>- // Save the credential table.
>>- //
>>- Status = gRT->SetVariable (
>>- L"PwdCredential",
>>- &gPwdCredentialProviderGuid,
>>- EFI_VARIABLE_NON_VOLATILE |
>>EFI_VARIABLE_BOOTSERVICE_ACCESS,
>>- mPwdTable->Count * sizeof (PASSWORD_INFO),
>>- &mPwdTable->UserInfo
>>- );
>>- return Status;
>>-}
>>-
>>-
>>-/**
>>- Create a password table.
>>-
>>- @retval EFI_SUCCESS Create a password table successfully.
>>- @retval Others Failed to create a password.
>>-
>>-**/
>>-EFI_STATUS
>>-InitCredentialTable (
>>- VOID
>>- )
>>-{
>>- EFI_STATUS Status;
>>- UINT8 *Var;
>>- UINTN VarSize;
>>-
>>- //
>>- // Get Password credential data from NV variable.
>>- //
>>- VarSize = 0;
>>- Var = NULL;
>>- Status = gRT->GetVariable (
>>- L"PwdCredential",
>>- &gPwdCredentialProviderGuid,
>>- NULL,
>>- &VarSize,
>>- Var
>>- );
>>- if (Status == EFI_BUFFER_TOO_SMALL) {
>>- Var = AllocateZeroPool (VarSize);
>>- if (Var == NULL) {
>>- return EFI_OUT_OF_RESOURCES;
>>- }
>>- Status = gRT->GetVariable (
>>- L"PwdCredential",
>>- &gPwdCredentialProviderGuid,
>>- NULL,
>>- &VarSize,
>>- Var
>>- );
>>- }
>>- if (EFI_ERROR (Status) && (Status != EFI_NOT_FOUND)) {
>>- return Status;
>>- }
>>-
>>- //
>>- // Create the password credential table.
>>- //
>>- mPwdTable = AllocateZeroPool (
>>- sizeof (CREDENTIAL_TABLE) - sizeof (PASSWORD_INFO) +
>>- PASSWORD_TABLE_INC * sizeof (PASSWORD_INFO) +
>>- VarSize
>>- );
>>- if (mPwdTable == NULL) {
>>- FreePool (Var);
>>- return EFI_OUT_OF_RESOURCES;
>>- }
>>-
>>- mPwdTable->Count = VarSize / sizeof (PASSWORD_INFO);
>>- mPwdTable->MaxCount = mPwdTable->Count + PASSWORD_TABLE_INC;
>>- mPwdTable->ValidIndex = 0;
>>- if (Var != NULL) {
>>- CopyMem (mPwdTable->UserInfo, Var, VarSize);
>>- FreePool (Var);
>>- }
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Hash the password to get credential.
>>-
>>- @param[in] Password Points to the input password.
>>- @param[in] PasswordSize The size of password, in bytes.
>>- @param[out] Credential Points to the hashed result.
>>-
>>- @retval TRUE Hash the password successfully.
>>- @retval FALSE Failed to hash the password.
>>-
>>-**/
>>-BOOLEAN
>>-GenerateCredential (
>>- IN CHAR16 *Password,
>>- IN UINTN PasswordSize,
>>- OUT UINT8 *Credential
>>- )
>>-{
>>- BOOLEAN Status;
>>- UINTN HashSize;
>>- VOID *Hash;
>>-
>>- HashSize = Sha1GetContextSize ();
>>- Hash = AllocatePool (HashSize);
>>- ASSERT (Hash != NULL);
>>-
>>- Status = Sha1Init (Hash);
>>- if (!Status) {
>>- goto Done;
>>- }
>>-
>>- Status = Sha1Update (Hash, Password, PasswordSize);
>>- if (!Status) {
>>- goto Done;
>>- }
>>-
>>- Status = Sha1Final (Hash, Credential);
>>-
>>-Done:
>>- FreePool (Hash);
>>- return Status;
>>-}
>>-
>>-
>>-/**
>>- Get password from user input.
>>-
>>- @param[in] FirstPwd If True, prompt to input the first password.
>>- If False, prompt to input password again.
>>- @param[out] Credential Points to the input password.
>>-
>>-**/
>>-VOID
>>-GetPassword (
>>- IN BOOLEAN FirstPwd,
>>- OUT CHAR8 *Credential
>>- )
>>-{
>>- EFI_INPUT_KEY Key;
>>- CHAR16 PasswordMask[CREDENTIAL_LEN + 1];
>>- CHAR16 Password[CREDENTIAL_LEN];
>>- UINTN PasswordLen;
>>- CHAR16 *QuestionStr;
>>- CHAR16 *LineStr;
>>-
>>- PasswordLen = 0;
>>- while (TRUE) {
>>- PasswordMask[PasswordLen] = L'_';
>>- PasswordMask[PasswordLen + 1] = L'\0';
>>- LineStr = GetStringById (STRING_TOKEN (STR_DRAW_A_LINE));
>>- if (FirstPwd) {
>>- QuestionStr = GetStringById (STRING_TOKEN (STR_INPUT_PASSWORD));
>>- } else {
>>- QuestionStr = GetStringById (STRING_TOKEN
>>(STR_INPUT_PASSWORD_AGAIN));
>>- }
>>- CreatePopUp (
>>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>>- &Key,
>>- QuestionStr,
>>- LineStr,
>>- PasswordMask,
>>- NULL
>>- );
>>- FreePool (QuestionStr);
>>- FreePool (LineStr);
>>-
>>- //
>>- // Check key stroke
>>- //
>>- if (Key.ScanCode == SCAN_NULL) {
>>- if (Key.UnicodeChar == CHAR_CARRIAGE_RETURN) {
>>- break;
>>- } else if (Key.UnicodeChar == CHAR_BACKSPACE) {
>>- if (PasswordLen > 0) {
>>- PasswordLen--;
>>- }
>>- } else if ((Key.UnicodeChar == CHAR_NULL) ||
>>- (Key.UnicodeChar == CHAR_TAB) ||
>>- (Key.UnicodeChar == CHAR_LINEFEED)) {
>>- continue;
>>- } else {
>>- Password[PasswordLen] = Key.UnicodeChar;
>>- PasswordMask[PasswordLen] = L'*';
>>- PasswordLen++;
>>- if (PasswordLen == CREDENTIAL_LEN) {
>>- break;
>>- }
>>- }
>>- }
>>- }
>>-
>>- PasswordLen = PasswordLen * sizeof (CHAR16);
>>- GenerateCredential (Password, PasswordLen, (UINT8 *)Credential);
>>-}
>>-
>>-/**
>>- Check whether the password can be found on this provider.
>>-
>>- @param[in] Password The password to be found.
>>-
>>- @retval EFI_SUCCESS Found password sucessfully.
>>- @retval EFI_NOT_FOUND Fail to find the password.
>>-
>>-**/
>>-EFI_STATUS
>>-CheckPassword (
>>- IN CHAR8 *Password
>>- )
>>-{
>>- UINTN Index;
>>- CHAR8 *Pwd;
>>-
>>- //
>>- // Check password credential.
>>- //
>>- mPwdTable->ValidIndex = 0;
>>- for (Index = 0; Index < mPwdTable->Count; Index++) {
>>- Pwd = mPwdTable->UserInfo[Index].Password;
>>- if (CompareMem (Pwd, Password, CREDENTIAL_LEN) == 0) {
>>- mPwdTable->ValidIndex = Index + 1;
>>- return EFI_SUCCESS;
>>- }
>>- }
>>-
>>- return EFI_NOT_FOUND;
>>-}
>>-
>>-
>>-/**
>>- Find a user infomation record by the information record type.
>>-
>>- This function searches all user information records of User from beginning
>>- until either the information is found, or there are no more user infomation
>>- records. A match occurs when a Info.InfoType field matches the user
>>information
>>- record type.
>>-
>>- @param[in] User Points to the user profile record to search.
>>- @param[in] InfoType The infomation type to be searched.
>>- @param[out] Info Points to the user info found, the caller is
>responsible
>>- to free.
>>-
>>- @retval EFI_SUCCESS Find the user information successfully.
>>- @retval Others Fail to find the user information.
>>-
>>-**/
>>-EFI_STATUS
>>-FindUserInfoByType (
>>- IN EFI_USER_PROFILE_HANDLE User,
>>- IN UINT8 InfoType,
>>- OUT EFI_USER_INFO **Info
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_USER_INFO *UserInfo;
>>- UINTN UserInfoSize;
>>- EFI_USER_INFO_HANDLE UserInfoHandle;
>>- EFI_USER_MANAGER_PROTOCOL *UserManager;
>>-
>>- //
>>- // Find user information by information type.
>>- //
>>- if (Info == NULL) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- Status = gBS->LocateProtocol (
>>- &gEfiUserManagerProtocolGuid,
>>- NULL,
>>- (VOID **) &UserManager
>>- );
>>- if (EFI_ERROR (Status)) {
>>- return EFI_NOT_FOUND;
>>- }
>>-
>>- //
>>- // Get each user information.
>>- //
>>-
>>- UserInfoHandle = NULL;
>>- UserInfo = NULL;
>>- UserInfoSize = 0;
>>- while (TRUE) {
>>- Status = UserManager->GetNextInfo (UserManager, User,
>>&UserInfoHandle);
>>- if (EFI_ERROR (Status)) {
>>- break;
>>- }
>>- //
>>- // Get information.
>>- //
>>- Status = UserManager->GetInfo (
>>- UserManager,
>>- User,
>>- UserInfoHandle,
>>- UserInfo,
>>- &UserInfoSize
>>- );
>>- if (Status == EFI_BUFFER_TOO_SMALL) {
>>- if (UserInfo != NULL) {
>>- FreePool (UserInfo);
>>- }
>>- UserInfo = AllocateZeroPool (UserInfoSize);
>>- if (UserInfo == NULL) {
>>- return EFI_OUT_OF_RESOURCES;
>>- }
>>- Status = UserManager->GetInfo (
>>- UserManager,
>>- User,
>>- UserInfoHandle,
>>- UserInfo,
>>- &UserInfoSize
>>- );
>>- }
>>- if (EFI_ERROR (Status)) {
>>- break;
>>- }
>>-
>>- ASSERT (UserInfo != NULL);
>>- if (UserInfo->InfoType == InfoType) {
>>- *Info = UserInfo;
>>- return EFI_SUCCESS;
>>- }
>>- }
>>-
>>- if (UserInfo != NULL) {
>>- FreePool (UserInfo);
>>- }
>>- return Status;
>>-}
>>-
>>-
>>-/**
>>- This function processes the results of changes in configuration.
>>-
>>- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
>>- @param Action Specifies the type of action taken by the browser.
>>- @param QuestionId A unique value which is sent to the original
>>- exporting driver so that it can identify the type
>>- of data to expect.
>>- @param Type The type of value for the question.
>>- @param Value A pointer to the data being sent to the original
>>- exporting driver.
>>- @param ActionRequest On return, points to the action requested by
>>the
>>- callback function.
>>-
>>- @retval EFI_SUCCESS The callback successfully handled the action.
>>- @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold
>>the
>>- variable and its data.
>>- @retval EFI_DEVICE_ERROR The variable could not be saved.
>>- @retval EFI_UNSUPPORTED The specified Action is not supported by
>the
>>- callback.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialDriverCallback (
>>- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
>>- IN EFI_BROWSER_ACTION Action,
>>- IN EFI_QUESTION_ID QuestionId,
>>- IN UINT8 Type,
>>- IN EFI_IFR_TYPE_VALUE *Value,
>>- OUT EFI_BROWSER_ACTION_REQUEST *ActionRequest
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_INPUT_KEY Key;
>>- CHAR8 Password[CREDENTIAL_LEN];
>>- CHAR16 *PromptStr;
>>-
>>- if (Action == EFI_BROWSER_ACTION_CHANGED) {
>>- if (QuestionId == KEY_GET_PASSWORD) {
>>- //
>>- // Get and check password.
>>- //
>>- GetPassword (TRUE, Password);
>>- Status = CheckPassword (Password);
>>- if (EFI_ERROR (Status)) {
>>- PromptStr = GetStringById (STRING_TOKEN
>>(STR_PASSWORD_INCORRECT));
>>- CreatePopUp (
>>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>>- &Key,
>>- L"",
>>- PromptStr,
>>- L"",
>>- NULL
>>- );
>>- FreePool (PromptStr);
>>- return Status;
>>- }
>>- *ActionRequest = EFI_BROWSER_ACTION_REQUEST_EXIT;
>>- }
>>- return EFI_SUCCESS;
>>- }
>>-
>>- //
>>- // All other action return unsupported.
>>- //
>>- return EFI_UNSUPPORTED;
>>-}
>>-
>>-
>>-/**
>>- This function allows a caller to extract the current configuration for one
>>- or more named elements from the target driver.
>>-
>>-
>>- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
>>- @param Request A null-terminated Unicode string in <ConfigRequest>
>>format.
>>- @param Progress On return, points to a character in the Request string.
>>- Points to the string's null terminator if request was successful.
>>- Points to the most recent '&' before the first failing name/value
>>- pair (or the beginning of the string if the failure is in the
>>- first name/value pair) if the request was not successful.
>>- @param Results A null-terminated Unicode string in <ConfigAltResp>
>>format which
>>- has all values filled in for the names in the Request string.
>>- String to be allocated by the called function.
>>-
>>- @retval EFI_SUCCESS The Results is filled with the requested values.
>>- @retval EFI_OUT_OF_RESOURCES Not enough memory to store the
>>results.
>>- @retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown
>>name.
>>- @retval EFI_NOT_FOUND Routing data doesn't match any storage in
>>this driver.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-FakeExtractConfig (
>>- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
>>- IN CONST EFI_STRING Request,
>>- OUT EFI_STRING *Progress,
>>- OUT EFI_STRING *Results
>>- )
>>-{
>>- if (Progress == NULL || Results == NULL) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>- *Progress = Request;
>>- return EFI_NOT_FOUND;
>>-}
>>-
>>-/**
>>- This function processes the results of changes in configuration.
>>-
>>-
>>- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
>>- @param Configuration A null-terminated Unicode string in <ConfigResp>
>>format.
>>- @param Progress A pointer to a string filled in with the offset of the
>>most
>>- recent '&' before the first failing name/value pair (or the
>>- beginning of the string if the failure is in the first
>>- name/value pair) or the terminating NULL if all was successful.
>>-
>>- @retval EFI_SUCCESS The Results is processed successfully.
>>- @retval EFI_INVALID_PARAMETER Configuration is NULL.
>>- @retval EFI_NOT_FOUND Routing data doesn't match any storage in
>>this driver.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-FakeRouteConfig (
>>- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
>>- IN CONST EFI_STRING Configuration,
>>- OUT EFI_STRING *Progress
>>- )
>>-{
>>- if (Configuration == NULL || Progress == NULL) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- *Progress = Configuration;
>>-
>>- return EFI_NOT_FOUND;
>>-}
>>-
>>-/**
>>- This function initialize the data mainly used in form browser.
>>-
>>- @retval EFI_SUCCESS Initialize form data successfully.
>>- @retval Others Fail to Initialize form data.
>>-
>>-**/
>>-EFI_STATUS
>>-InitFormBrowser (
>>- VOID
>>- )
>>-{
>>- EFI_STATUS Status;
>>- PWD_PROVIDER_CALLBACK_INFO *CallbackInfo;
>>-
>>- //
>>- // Initialize driver private data.
>>- //
>>- CallbackInfo = AllocateZeroPool (sizeof
>(PWD_PROVIDER_CALLBACK_INFO));
>>- if (CallbackInfo == NULL) {
>>- return EFI_OUT_OF_RESOURCES;
>>- }
>>-
>>- CallbackInfo->Signature = PWD_PROVIDER_SIGNATURE;
>>- CallbackInfo->ConfigAccess.ExtractConfig = FakeExtractConfig;
>>- CallbackInfo->ConfigAccess.RouteConfig = FakeRouteConfig;
>>- CallbackInfo->ConfigAccess.Callback = CredentialDriverCallback;
>>- CallbackInfo->DriverHandle = NULL;
>>-
>>- //
>>- // Install Device Path Protocol and Config Access protocol to driver handle.
>>- //
>>- Status = gBS->InstallMultipleProtocolInterfaces (
>>- &CallbackInfo->DriverHandle,
>>- &gEfiDevicePathProtocolGuid,
>>- &mHiiVendorDevicePath,
>>- &gEfiHiiConfigAccessProtocolGuid,
>>- &CallbackInfo->ConfigAccess,
>>- NULL
>>- );
>>- ASSERT_EFI_ERROR (Status);
>>-
>>- //
>>- // Publish HII data.
>>- //
>>- CallbackInfo->HiiHandle = HiiAddPackages (
>>- &gPwdCredentialProviderGuid,
>>- CallbackInfo->DriverHandle,
>>- PwdCredentialProviderStrings,
>>- PwdCredentialProviderVfrBin,
>>- NULL
>>- );
>>- if (CallbackInfo->HiiHandle == NULL) {
>>- return EFI_OUT_OF_RESOURCES;
>>- }
>>- mCallbackInfo = CallbackInfo;
>>-
>>- return Status;
>>-}
>>-
>>-
>>-/**
>>- Enroll a user on a credential provider.
>>-
>>- This function enrolls a user on this credential provider. If the user exists on
>>- this credential provider, update the user information on this credential
>>provider;
>>- otherwise add the user information on credential provider.
>>-
>>- @param[in] This Points to this instance of
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[in] User The user profile to enroll.
>>-
>>- @retval EFI_SUCCESS User profile was successfully enrolled.
>>- @retval EFI_ACCESS_DENIED Current user profile does not permit
>>enrollment on the
>>- user profile handle. Either the user profile cannot enroll
>>- on any user profile or cannot enroll on a user profile
>>- other than the current user profile.
>>- @retval EFI_UNSUPPORTED This credential provider does not support
>>enrollment in
>>- the pre-OS.
>>- @retval EFI_DEVICE_ERROR The new credential could not be created
>>because of a device
>>- error.
>>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>>profile handle.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialEnroll (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- IN EFI_USER_PROFILE_HANDLE User
>>- )
>>-{
>>- EFI_STATUS Status;
>>- UINTN Index;
>>- PASSWORD_INFO PwdInfo;
>>- EFI_USER_INFO *UserInfo;
>>- CHAR8 Password[CREDENTIAL_LEN];
>>- EFI_INPUT_KEY Key;
>>- UINT8 *UserId;
>>- CHAR16 *QuestionStr;
>>- CHAR16 *PromptStr;
>>-
>>- if ((This == NULL) || (User == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- //
>>- // Get User Identifier.
>>- //
>>- UserInfo = NULL;
>>- Status = FindUserInfoByType (
>>- User,
>>- EFI_USER_INFO_IDENTIFIER_RECORD,
>>- &UserInfo
>>- );
>>- if (EFI_ERROR (Status)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- CopyMem (PwdInfo.UserId, (UINT8 *) (UserInfo + 1), sizeof
>>(EFI_USER_INFO_IDENTIFIER));
>>- FreePool (UserInfo);
>>-
>>- //
>>- // Get password from user.
>>- //
>>- while (TRUE) {
>>- //
>>- // Input password.
>>- //
>>- GetPassword (TRUE, PwdInfo.Password);
>>-
>>- //
>>- // Input password again.
>>- //
>>- GetPassword (FALSE, Password);
>>-
>>- //
>>- // Compare the two password consistency.
>>- //
>>- if (CompareMem (PwdInfo.Password, Password, CREDENTIAL_LEN) == 0)
>{
>>- break;
>>- }
>>-
>>- QuestionStr = GetStringById (STRING_TOKEN
>>(STR_PASSWORD_MISMATCH));
>>- PromptStr = GetStringById (STRING_TOKEN
>>(STR_INPUT_PASSWORD_AGAIN));
>>- CreatePopUp (
>>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>>- &Key,
>>- QuestionStr,
>>- L"",
>>- PromptStr,
>>- NULL
>>- );
>>- FreePool (QuestionStr);
>>- FreePool (PromptStr);
>>- }
>>-
>>- //
>>- // Check whether User is ever enrolled in the provider.
>>- //
>>- for (Index = 0; Index < mPwdTable->Count; Index++) {
>>- UserId = (UINT8 *) &mPwdTable->UserInfo[Index].UserId;
>>- if (CompareMem (UserId, (UINT8 *) &PwdInfo.UserId, sizeof
>>(EFI_USER_INFO_IDENTIFIER)) == 0) {
>>- //
>>- // User already exists, update the password.
>>- //
>>- break;
>>- }
>>- }
>>-
>>- //
>>- // Enroll the User to the provider.
>>- //
>>- Status = ModifyTable (Index, &PwdInfo);
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>-
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Returns the user interface information used during user identification.
>>-
>>- This function returns information about the form used when interacting
>>with the
>>- user during user identification. The form is the first enabled form in the
>>form-set
>>- class EFI_HII_USER_CREDENTIAL_FORMSET_GUID installed on the HII
>>handle HiiHandle. If
>>- the user credential provider does not require a form to identify the user,
>>then this
>>- function should return EFI_NOT_FOUND.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[out] Hii On return, holds the HII database handle.
>>- @param[out] FormSetId On return, holds the identifier of the form set
>>which contains
>>- the form used during user identification.
>>- @param[out] FormId On return, holds the identifier of the form used
>>during user
>>- identification.
>>-
>>- @retval EFI_SUCCESS Form returned successfully.
>>- @retval EFI_NOT_FOUND Form not returned.
>>- @retval EFI_INVALID_PARAMETER Hii is NULL or FormSetId is NULL or
>>FormId is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialForm (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- OUT EFI_HII_HANDLE *Hii,
>>- OUT EFI_GUID *FormSetId,
>>- OUT EFI_FORM_ID *FormId
>>- )
>>-{
>>- if ((This == NULL) || (Hii == NULL) ||
>>- (FormSetId == NULL) || (FormId == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- *Hii = mCallbackInfo->HiiHandle;
>>- *FormId = FORMID_GET_PASSWORD_FORM;
>>- CopyGuid (FormSetId, &gPwdCredentialProviderGuid);
>>-
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Returns bitmap used to describe the credential provider type.
>>-
>>- This optional function returns a bitmap that is less than or equal to the
>>number
>>- of pixels specified by Width and Height. If no such bitmap exists, then
>>EFI_NOT_FOUND
>>- is returned.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[in, out] Width On entry, points to the desired bitmap width. If
>>NULL then no
>>- bitmap information will be returned. On exit, points to the
>>- width of the bitmap returned.
>>- @param[in, out] Height On entry, points to the desired bitmap height. If
>>NULL then no
>>- bitmap information will be returned. On exit, points to the
>>- height of the bitmap returned
>>- @param[out] Hii On return, holds the HII database handle.
>>- @param[out] Image On return, holds the HII image identifier.
>>-
>>- @retval EFI_SUCCESS Image identifier returned successfully.
>>- @retval EFI_NOT_FOUND Image identifier not returned.
>>- @retval EFI_INVALID_PARAMETER Hii is NULL or Image is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialTile (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- IN OUT UINTN *Width,
>>- IN OUT UINTN *Height,
>>- OUT EFI_HII_HANDLE *Hii,
>>- OUT EFI_IMAGE_ID *Image
>>- )
>>-{
>>- if ((This == NULL) || (Hii == NULL) || (Image == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>- return EFI_NOT_FOUND;
>>-}
>>-
>>-
>>-/**
>>- Returns string used to describe the credential provider type.
>>-
>>- This function returns a string which describes the credential provider. If no
>>- such string exists, then EFI_NOT_FOUND is returned.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[out] Hii On return, holds the HII database handle.
>>- @param[out] String On return, holds the HII string identifier.
>>-
>>- @retval EFI_SUCCESS String identifier returned successfully.
>>- @retval EFI_NOT_FOUND String identifier not returned.
>>- @retval EFI_INVALID_PARAMETER Hii is NULL or String is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialTitle (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- OUT EFI_HII_HANDLE *Hii,
>>- OUT EFI_STRING_ID *String
>>- )
>>-{
>>- if ((This == NULL) || (Hii == NULL) || (String == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- //
>>- // Set Hii handle and String ID.
>>- //
>>- *Hii = mCallbackInfo->HiiHandle;
>>- *String = STRING_TOKEN (STR_CREDENTIAL_TITLE);
>>-
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Return the user identifier associated with the currently authenticated user.
>>-
>>- This function returns the user identifier of the user authenticated by this
>>credential
>>- provider. This function is called after the credential-related information has
>>been
>>- submitted on a form, OR after a call to Default() has returned that this
>>credential is
>>- ready to log on.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[in] User The user profile handle of the user profile currently
>>being
>>- considered by the user identity manager. If NULL, then no
>user
>>- profile is currently under consideration.
>>- @param[out] Identifier On return, points to the user identifier.
>>-
>>- @retval EFI_SUCCESS User identifier returned successfully.
>>- @retval EFI_NOT_READY No user identifier can be returned.
>>- @retval EFI_ACCESS_DENIED The user has been locked out of this user
>>credential.
>>- @retval EFI_INVALID_PARAMETER This is NULL, or Identifier is NULL.
>>- @retval EFI_NOT_FOUND User is not NULL, and the specified user
>>handle can't be
>>- found in user profile database
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialUser (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- IN EFI_USER_PROFILE_HANDLE User,
>>- OUT EFI_USER_INFO_IDENTIFIER *Identifier
>>- )
>>-{
>>- EFI_STATUS Status;
>>- UINTN Index;
>>- EFI_USER_INFO *UserInfo;
>>- UINT8 *UserId;
>>- UINT8 *NewUserId;
>>- CHAR8 *Pwd;
>>- CHAR8 *NewPwd;
>>-
>>- if ((This == NULL) || (Identifier == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- if (mPwdTable->ValidIndex == 0) {
>>- //
>>- // No password input, or the input password doesn't match
>>- // anyone in PwdTable.
>>- //
>>- return EFI_NOT_READY;
>>- }
>>-
>>- if (User == NULL) {
>>- //
>>- // Return the user ID whose password matches the input password.
>>- //
>>- CopyMem (
>>- Identifier,
>>- &mPwdTable->UserInfo[mPwdTable->ValidIndex - 1].UserId,
>>- sizeof (EFI_USER_INFO_IDENTIFIER)
>>- );
>>- return EFI_SUCCESS;
>>- }
>>-
>>- //
>>- // Get the User's ID.
>>- //
>>- Status = FindUserInfoByType (
>>- User,
>>- EFI_USER_INFO_IDENTIFIER_RECORD,
>>- &UserInfo
>>- );
>>- if (EFI_ERROR (Status)) {
>>- return EFI_NOT_FOUND;
>>- }
>>-
>>- //
>>- // Check whether the input password matches one in PwdTable.
>>- //
>>- for (Index = 0; Index < mPwdTable->Count; Index++) {
>>- UserId = (UINT8 *) &mPwdTable->UserInfo[Index].UserId;
>>- NewUserId = (UINT8 *) (UserInfo + 1);
>>- if (CompareMem (UserId, NewUserId, sizeof
>(EFI_USER_INFO_IDENTIFIER))
>>== 0) {
>>- Pwd = mPwdTable->UserInfo[Index].Password;
>>- NewPwd = mPwdTable->UserInfo[mPwdTable->ValidIndex -
>1].Password;
>>- if (CompareMem (Pwd, NewPwd, CREDENTIAL_LEN) == 0) {
>>- CopyMem (Identifier, UserId, sizeof (EFI_USER_INFO_IDENTIFIER));
>>- FreePool (UserInfo);
>>- return EFI_SUCCESS;
>>- }
>>- }
>>- }
>>-
>>- FreePool (UserInfo);
>>- return EFI_NOT_READY;
>>-}
>>-
>>-
>>-/**
>>- Indicate that user interface interaction has begun for the specified
>>credential.
>>-
>>- This function is called when a credential provider is selected by the user. If
>>- AutoLogon returns FALSE, then the user interface will be constructed by
>the
>>User
>>- Identity Manager.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[out] AutoLogon On return, points to the credential provider's
>>capabilities
>>- after the credential provider has been selected by the user.
>>-
>>- @retval EFI_SUCCESS Credential provider successfully selected.
>>- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialSelect (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
>>- )
>>-{
>>- if ((This == NULL) || (AutoLogon == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>- *AutoLogon = 0;
>>-
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Indicate that user interface interaction has ended for the specified
>>credential.
>>-
>>- This function is called when a credential provider is deselected by the user.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>-
>>- @retval EFI_SUCCESS Credential provider successfully deselected.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialDeselect (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This
>>- )
>>-{
>>- if (This == NULL) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Return the default logon behavior for this user credential.
>>-
>>- This function reports the default login behavior regarding this credential
>>provider.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[out] AutoLogon On return, holds whether the credential
>provider
>>should be used
>>- by default to automatically log on the user.
>>-
>>- @retval EFI_SUCCESS Default information successfully returned.
>>- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialDefault (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
>>- )
>>-{
>>- if ((This == NULL) || (AutoLogon == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>- *AutoLogon = 0;
>>-
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Return information attached to the credential provider.
>>-
>>- This function returns user information.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[in] UserInfo Handle of the user information data record.
>>- @param[out] Info On entry, points to a buffer of at least *InfoSize
>>bytes. On
>>- exit, holds the user information. If the buffer is too small
>>- to hold the information, then EFI_BUFFER_TOO_SMALL is
>>returned
>>- and InfoSize is updated to contain the number of bytes
>>actually
>>- required.
>>- @param[in, out] InfoSize On entry, points to the size of Info. On return,
>>points to the
>>- size of the user information.
>>-
>>- @retval EFI_SUCCESS Information returned successfully.
>>- @retval EFI_BUFFER_TOO_SMALL The size specified by InfoSize is too
>small
>>to hold all of the
>>- user information. The size required is returned in *InfoSize.
>>- @retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
>>- @retval EFI_NOT_FOUND The specified UserInfo does not refer to a
>>valid user info handle.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialGetInfo (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- IN EFI_USER_INFO_HANDLE UserInfo,
>>- OUT EFI_USER_INFO *Info,
>>- IN OUT UINTN *InfoSize
>>- )
>>-{
>>- EFI_USER_INFO *CredentialInfo;
>>- UINTN Index;
>>-
>>- if ((This == NULL) || (InfoSize == NULL) || (Info == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- if ((UserInfo == NULL) || (mPwdInfoHandle == NULL)) {
>>- return EFI_NOT_FOUND;
>>- }
>>-
>>- //
>>- // Find information handle in credential info table.
>>- //
>>- for (Index = 0; Index < mPwdInfoHandle->Count; Index++) {
>>- CredentialInfo = mPwdInfoHandle->Info[Index];
>>- if (UserInfo == (EFI_USER_INFO_HANDLE)CredentialInfo) {
>>- //
>>- // The handle is found, copy the user info.
>>- //
>>- if (CredentialInfo->InfoSize > *InfoSize) {
>>- *InfoSize = CredentialInfo->InfoSize;
>>- return EFI_BUFFER_TOO_SMALL;
>>- }
>>- CopyMem (Info, CredentialInfo, CredentialInfo->InfoSize);
>>- return EFI_SUCCESS;
>>- }
>>- }
>>-
>>- return EFI_NOT_FOUND;
>>-}
>>-
>>-
>>-/**
>>- Enumerate all of the user informations on the credential provider.
>>-
>>- This function returns the next user information record. To retrieve the first
>>user
>>- information record handle, point UserInfo at a NULL. Each subsequent call
>>will retrieve
>>- another user information record handle until there are no more, at which
>>point UserInfo
>>- will point to NULL.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[in, out] UserInfo On entry, points to the previous user
>information
>>handle or NULL
>>- to start enumeration. On exit, points to the next user
>>information
>>- handle or NULL if there is no more user information.
>>-
>>- @retval EFI_SUCCESS User information returned.
>>- @retval EFI_NOT_FOUND No more user information found.
>>- @retval EFI_INVALID_PARAMETER UserInfo is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialGetNextInfo (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- IN OUT EFI_USER_INFO_HANDLE *UserInfo
>>- )
>>-{
>>- EFI_USER_INFO *Info;
>>- CHAR16 *ProvNameStr;
>>- UINTN InfoLen;
>>- UINTN Index;
>>- UINTN ProvStrLen;
>>-
>>- if ((This == NULL) || (UserInfo == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- if (mPwdInfoHandle == NULL) {
>>- //
>>- // Initilized user info table. There are 4 user info records in the table.
>>- //
>>- InfoLen = sizeof (PASSWORD_CREDENTIAL_INFO) + (4 - 1) * sizeof
>>(EFI_USER_INFO *);
>>- mPwdInfoHandle = AllocateZeroPool (InfoLen);
>>- if (mPwdInfoHandle == NULL) {
>>- *UserInfo = NULL;
>>- return EFI_NOT_FOUND;
>>- }
>>-
>>- //
>>- // The first information, Credential Provider info.
>>- //
>>- InfoLen = sizeof (EFI_USER_INFO) + sizeof (EFI_GUID);
>>- Info = AllocateZeroPool (InfoLen);
>>- ASSERT (Info != NULL);
>>-
>>- Info->InfoType = EFI_USER_INFO_CREDENTIAL_PROVIDER_RECORD;
>>- Info->InfoSize = (UINT32) InfoLen;
>>- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
>>- CopyGuid (&Info->Credential, &gPwdCredentialProviderGuid);
>>- CopyGuid ((EFI_GUID *)(Info + 1), &gPwdCredentialProviderGuid);
>>-
>>- mPwdInfoHandle->Info[0] = Info;
>>- mPwdInfoHandle->Count++;
>>-
>>- //
>>- // The second information, Credential Provider name info.
>>- //
>>- ProvNameStr = GetStringById (STRING_TOKEN (STR_PROVIDER_NAME));
>>- ProvStrLen = StrSize (ProvNameStr);
>>- InfoLen = sizeof (EFI_USER_INFO) + ProvStrLen;
>>- Info = AllocateZeroPool (InfoLen);
>>- ASSERT (Info != NULL);
>>-
>>- Info->InfoType =
>>EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD;
>>- Info->InfoSize = (UINT32) InfoLen;
>>- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
>>- CopyGuid (&Info->Credential, &gPwdCredentialProviderGuid);
>>- CopyMem ((UINT8*)(Info + 1), ProvNameStr, ProvStrLen);
>>- FreePool (ProvNameStr);
>>-
>>- mPwdInfoHandle->Info[1] = Info;
>>- mPwdInfoHandle->Count++;
>>-
>>- //
>>- // The third information, Credential Provider type info.
>>- //
>>- InfoLen = sizeof (EFI_USER_INFO) + sizeof (EFI_GUID);
>>- Info = AllocateZeroPool (InfoLen);
>>- ASSERT (Info != NULL);
>>-
>>- Info->InfoType = EFI_USER_INFO_CREDENTIAL_TYPE_RECORD;
>>- Info->InfoSize = (UINT32) InfoLen;
>>- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
>>- CopyGuid (&Info->Credential, &gPwdCredentialProviderGuid);
>>- CopyGuid ((EFI_GUID *)(Info + 1),
>&gEfiUserCredentialClassPasswordGuid);
>>-
>>- mPwdInfoHandle->Info[2] = Info;
>>- mPwdInfoHandle->Count++;
>>-
>>- //
>>- // The fourth information, Credential Provider type name info.
>>- //
>>- ProvNameStr = GetStringById (STRING_TOKEN
>>(STR_PROVIDER_TYPE_NAME));
>>- ProvStrLen = StrSize (ProvNameStr);
>>- InfoLen = sizeof (EFI_USER_INFO) + ProvStrLen;
>>- Info = AllocateZeroPool (InfoLen);
>>- ASSERT (Info != NULL);
>>-
>>- Info->InfoType =
>>EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD;
>>- Info->InfoSize = (UINT32) InfoLen;
>>- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
>>- CopyGuid (&Info->Credential, &gPwdCredentialProviderGuid);
>>- CopyMem ((UINT8*)(Info + 1), ProvNameStr, ProvStrLen);
>>- FreePool (ProvNameStr);
>>-
>>- mPwdInfoHandle->Info[3] = Info;
>>- mPwdInfoHandle->Count++;
>>- }
>>-
>>- if (*UserInfo == NULL) {
>>- //
>>- // Return the first info handle.
>>- //
>>- *UserInfo = (EFI_USER_INFO_HANDLE) mPwdInfoHandle->Info[0];
>>- return EFI_SUCCESS;
>>- }
>>-
>>- //
>>- // Find information handle in credential info table.
>>- //
>>- for (Index = 0; Index < mPwdInfoHandle->Count; Index++) {
>>- Info = mPwdInfoHandle->Info[Index];
>>- if (*UserInfo == (EFI_USER_INFO_HANDLE)Info) {
>>- //
>>- // The handle is found, get the next one.
>>- //
>>- if (Index == mPwdInfoHandle->Count - 1) {
>>- //
>>- // Already last one.
>>- //
>>- *UserInfo = NULL;
>>- return EFI_NOT_FOUND;
>>- }
>>-
>>- Index++;
>>- *UserInfo = (EFI_USER_INFO_HANDLE)mPwdInfoHandle->Info[Index];
>>- return EFI_SUCCESS;
>>- }
>>- }
>>-
>>- *UserInfo = NULL;
>>- return EFI_NOT_FOUND;
>>-}
>>-
>>-/**
>>- Delete a user on this credential provider.
>>-
>>- This function deletes a user on this credential provider.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[in] User The user profile handle to delete.
>>-
>>- @retval EFI_SUCCESS User profile was successfully deleted.
>>- @retval EFI_ACCESS_DENIED Current user profile does not permit
>>deletion on the user profile handle.
>>- Either the user profile cannot delete on any user profile or
>>cannot delete
>>- on a user profile other than the current user profile.
>>- @retval EFI_UNSUPPORTED This credential provider does not support
>>deletion in the pre-OS.
>>- @retval EFI_DEVICE_ERROR The new credential could not be deleted
>>because of a device error.
>>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>>profile handle.
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialDelete (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- IN EFI_USER_PROFILE_HANDLE User
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_USER_INFO *UserInfo;
>>- UINT8 *UserId;
>>- UINT8 *NewUserId;
>>- UINTN Index;
>>-
>>- if ((This == NULL) || (User == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- //
>>- // Get User Identifier.
>>- //
>>- UserInfo = NULL;
>>- Status = FindUserInfoByType (
>>- User,
>>- EFI_USER_INFO_IDENTIFIER_RECORD,
>>- &UserInfo
>>- );
>>- if (EFI_ERROR (Status)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- //
>>- // Find the user by user identifier in mPwdTable.
>>- //
>>- for (Index = 0; Index < mPwdTable->Count; Index++) {
>>- UserId = (UINT8 *) &mPwdTable->UserInfo[Index].UserId;
>>- NewUserId = (UINT8 *) (UserInfo + 1);
>>- if (CompareMem (UserId, NewUserId, sizeof
>(EFI_USER_INFO_IDENTIFIER))
>>== 0) {
>>- //
>>- // Found the user, delete it.
>>- //
>>- ModifyTable (Index, NULL);
>>- break;
>>- }
>>- }
>>-
>>- FreePool (UserInfo);
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Main entry for this driver.
>>-
>>- @param ImageHandle Image handle this driver.
>>- @param SystemTable Pointer to SystemTable.
>>-
>>- @retval EFI_SUCESS This function always complete successfully.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-PasswordProviderInit (
>>- IN EFI_HANDLE ImageHandle,
>>- IN EFI_SYSTEM_TABLE *SystemTable
>>- )
>>-{
>>- EFI_STATUS Status;
>>-
>>- //
>>- // It is NOT robust enough to be included in production.
>>- //
>>- #error "This implementation is just a sample, please comment this line if
>you
>>really want to use this driver."
>>-
>>- //
>>- // Init credential table.
>>- //
>>- Status = InitCredentialTable ();
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>-
>>- //
>>- // Init Form Browser.
>>- //
>>- Status = InitFormBrowser ();
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>-
>>- //
>>- // Install protocol interfaces for the password credential provider.
>>- //
>>- Status = gBS->InstallProtocolInterface (
>>- &mCallbackInfo->DriverHandle,
>>- &gEfiUserCredential2ProtocolGuid,
>>- EFI_NATIVE_INTERFACE,
>>- &gPwdCredentialProviderDriver
>>- );
>>- return Status;
>>-}
>>diff --git
>>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>P
>>rovider.h
>>b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentia
>l
>>Provider.h
>>deleted file mode 100644
>>index fd782549fd..0000000000
>>---
>>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>P
>>rovider.h
>>+++ /dev/null
>>@@ -1,374 +0,0 @@
>>-/** @file
>>- Password Credential Provider driver header file.
>>-
>>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>>-This program and the accompanying materials
>>-are licensed and made available under the terms and conditions of the BSD
>>License
>>-which accompanies this distribution. The full text of the license may be
>>found at
>>-http://opensource.org/licenses/bsd-license.php
>>-
>>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-
>>-**/
>>-
>>-#ifndef _PASSWORD_CREDENTIAL_PROVIDER_H_
>>-#define _PASSWORD_CREDENTIAL_PROVIDER_H_
>>-
>>-#include <Uefi.h>
>>-
>>-#include <Guid/GlobalVariable.h>
>>-
>>-#include <Protocol/HiiConfigAccess.h>
>>-#include <Protocol/UserCredential2.h>
>>-#include <Protocol/UserManager.h>
>>-
>>-#include <Library/UefiRuntimeServicesTableLib.h>
>>-#include <Library/UefiBootServicesTableLib.h>
>>-#include <Library/MemoryAllocationLib.h>
>>-#include <Library/BaseMemoryLib.h>
>>-#include <Library/DevicePathLib.h>
>>-#include <Library/DebugLib.h>
>>-#include <Library/UefiLib.h>
>>-#include <Library/PrintLib.h>
>>-#include <Library/HiiLib.h>
>>-#include <Library/BaseCryptLib.h>
>>-
>>-#include "PwdCredentialProviderData.h"
>>-
>>-extern UINT8 PwdCredentialProviderStrings[];
>>-extern UINT8 PwdCredentialProviderVfrBin[];
>>-
>>-#define PASSWORD_TABLE_INC 16
>>-#define CREDENTIAL_LEN 20
>>-
>>-//
>>-// Password credential information.
>>-//
>>-typedef struct {
>>- EFI_USER_INFO_IDENTIFIER UserId;
>>- CHAR8 Password[CREDENTIAL_LEN];
>>-} PASSWORD_INFO;
>>-
>>-//
>>-// Password credential table.
>>-//
>>-typedef struct {
>>- UINTN Count;
>>- UINTN MaxCount;
>>- UINTN ValidIndex;
>>- PASSWORD_INFO UserInfo[1];
>>-} CREDENTIAL_TABLE;
>>-
>>-//
>>-// The user information on the password provider.
>>-//
>>-typedef struct {
>>- UINTN Count;
>>- EFI_USER_INFO *Info[1];
>>-} PASSWORD_CREDENTIAL_INFO;
>>-
>>-///
>>-/// HII specific Vendor Device Path definition.
>>-///
>>-typedef struct {
>>- VENDOR_DEVICE_PATH VendorDevicePath;
>>- EFI_DEVICE_PATH_PROTOCOL End;
>>-} HII_VENDOR_DEVICE_PATH;
>>-
>>-#define PWD_PROVIDER_SIGNATURE SIGNATURE_32 ('P', 'W', 'D', 'P')
>>-
>>-typedef struct {
>>- UINTN Signature;
>>- EFI_HANDLE DriverHandle;
>>- EFI_HII_HANDLE HiiHandle;
>>- //
>>- // Produced protocol.
>>- //
>>- EFI_HII_CONFIG_ACCESS_PROTOCOL ConfigAccess;
>>-} PWD_PROVIDER_CALLBACK_INFO;
>>-
>>-
>>-/**
>>- Enroll a user on a credential provider.
>>-
>>- This function enrolls a user on this credential provider. If the user exists on
>>- this credential provider, update the user information on this credential
>>provider;
>>- otherwise delete the user information on credential provider.
>>-
>>- @param[in] This Points to this instance of
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[in] User The user profile to enroll.
>>-
>>- @retval EFI_SUCCESS User profile was successfully enrolled.
>>- @retval EFI_ACCESS_DENIED Current user profile does not permit
>>enrollment on the
>>- user profile handle. Either the user profile cannot enroll
>>- on any user profile or cannot enroll on a user profile
>>- other than the current user profile.
>>- @retval EFI_UNSUPPORTED This credential provider does not support
>>enrollment in
>>- the pre-OS.
>>- @retval EFI_DEVICE_ERROR The new credential could not be created
>>because of a device
>>- error.
>>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>>profile handle.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialEnroll (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- IN EFI_USER_PROFILE_HANDLE User
>>- );
>>-
>>-/**
>>- Returns the user interface information used during user identification.
>>-
>>- This function returns information about the form used when interacting
>>with the
>>- user during user identification. The form is the first enabled form in the
>>form-set
>>- class EFI_HII_USER_CREDENTIAL_FORMSET_GUID installed on the HII
>>handle HiiHandle. If
>>- the user credential provider does not require a form to identify the user,
>>then this
>>- function should return EFI_NOT_FOUND.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[out] Hii On return, holds the HII database handle.
>>- @param[out] FormSetId On return, holds the identifier of the form set
>>which contains
>>- the form used during user identification.
>>- @param[out] FormId On return, holds the identifier of the form used
>>during user
>>- identification.
>>-
>>- @retval EFI_SUCCESS Form returned successfully.
>>- @retval EFI_NOT_FOUND Form not returned.
>>- @retval EFI_INVALID_PARAMETER Hii is NULL or FormSetId is NULL or
>>FormId is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialForm (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- OUT EFI_HII_HANDLE *Hii,
>>- OUT EFI_GUID *FormSetId,
>>- OUT EFI_FORM_ID *FormId
>>- );
>>-
>>-/**
>>- Returns bitmap used to describe the credential provider type.
>>-
>>- This optional function returns a bitmap which is less than or equal to the
>>number
>>- of pixels specified by Width and Height. If no such bitmap exists, then
>>EFI_NOT_FOUND
>>- is returned.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[in, out] Width On entry, points to the desired bitmap width. If
>>NULL then no
>>- bitmap information will be returned. On exit, points to the
>>- width of the bitmap returned.
>>- @param[in, out] Height On entry, points to the desired bitmap height. If
>>NULL then no
>>- bitmap information will be returned. On exit, points to the
>>- height of the bitmap returned
>>- @param[out] Hii On return, holds the HII database handle.
>>- @param[out] Image On return, holds the HII image identifier.
>>-
>>- @retval EFI_SUCCESS Image identifier returned successfully.
>>- @retval EFI_NOT_FOUND Image identifier not returned.
>>- @retval EFI_INVALID_PARAMETER Hii is NULL or Image is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialTile (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- IN OUT UINTN *Width,
>>- IN OUT UINTN *Height,
>>- OUT EFI_HII_HANDLE *Hii,
>>- OUT EFI_IMAGE_ID *Image
>>- );
>>-
>>-/**
>>- Returns string used to describe the credential provider type.
>>-
>>- This function returns a string which describes the credential provider. If no
>>- such string exists, then EFI_NOT_FOUND is returned.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[out] Hii On return, holds the HII database handle.
>>- @param[out] String On return, holds the HII string identifier.
>>-
>>- @retval EFI_SUCCESS String identifier returned successfully.
>>- @retval EFI_NOT_FOUND String identifier not returned.
>>- @retval EFI_INVALID_PARAMETER Hii is NULL or String is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialTitle (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- OUT EFI_HII_HANDLE *Hii,
>>- OUT EFI_STRING_ID *String
>>- );
>>-
>>-/**
>>- Return the user identifier associated with the currently authenticated user.
>>-
>>- This function returns the user identifier of the user authenticated by this
>>credential
>>- provider. This function is called after the credential-related information has
>>been
>>- submitted on a form OR after a call to Default() has returned that this
>>credential is
>>- ready to log on.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[in] User The user profile handle of the user profile currently
>>being
>>- considered by the user identity manager. If NULL, then no
>user
>>- profile is currently under consideration.
>>- @param[out] Identifier On return, points to the user identifier.
>>-
>>- @retval EFI_SUCCESS User identifier returned successfully.
>>- @retval EFI_NOT_READY No user identifier can be returned.
>>- @retval EFI_ACCESS_DENIED The user has been locked out of this user
>>credential.
>>- @retval EFI_INVALID_PARAMETER This is NULL, or Identifier is NULL.
>>- @retval EFI_NOT_FOUND User is not NULL, and the specified user
>>handle can't be
>>- found in user profile database
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialUser (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- IN EFI_USER_PROFILE_HANDLE User,
>>- OUT EFI_USER_INFO_IDENTIFIER *Identifier
>>- );
>>-
>>-/**
>>- Indicate that user interface interaction has begun for the specified
>>credential.
>>-
>>- This function is called when a credential provider is selected by the user. If
>>- AutoLogon returns FALSE, then the user interface will be constructed by
>the
>>User
>>- Identity Manager.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[out] AutoLogon On return, points to the credential provider's
>>capabilities
>>- after the credential provider has been selected by the user.
>>-
>>- @retval EFI_SUCCESS Credential provider successfully selected.
>>- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialSelect (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
>>- );
>>-
>>-/**
>>- Indicate that user interface interaction has ended for the specified
>>credential.
>>-
>>- This function is called when a credential provider is deselected by the user.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>-
>>- @retval EFI_SUCCESS Credential provider successfully deselected.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialDeselect (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This
>>- );
>>-
>>-/**
>>- Return the default logon behavior for this user credential.
>>-
>>- This function reports the default login behavior regarding this credential
>>provider.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[out] AutoLogon On return, holds whether the credential
>provider
>>should be used
>>- by default to automatically log on the user.
>>-
>>- @retval EFI_SUCCESS Default information successfully returned.
>>- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialDefault (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
>>- );
>>-
>>-/**
>>- Return information attached to the credential provider.
>>-
>>- This function returns user information.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[in] UserInfo Handle of the user information data record.
>>- @param[out] Info On entry, points to a buffer of at least *InfoSize
>>bytes. On
>>- exit, holds the user information. If the buffer is too small
>>- to hold the information, then EFI_BUFFER_TOO_SMALL is
>>returned
>>- and InfoSize is updated to contain the number of bytes
>>actually
>>- required.
>>- @param[in, out] InfoSize On entry, points to the size of Info. On return,
>>points to the
>>- size of the user information.
>>-
>>- @retval EFI_SUCCESS Information returned successfully.
>>- @retval EFI_BUFFER_TOO_SMALL The size specified by InfoSize is too
>small
>>to hold all of the
>>- user information. The size required is returned in *InfoSize.
>>- @retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
>>- @retval EFI_NOT_FOUND The specified UserInfo does not refer to a
>>valid user info handle.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialGetInfo (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- IN EFI_USER_INFO_HANDLE UserInfo,
>>- OUT EFI_USER_INFO *Info,
>>- IN OUT UINTN *InfoSize
>>- );
>>-
>>-
>>-/**
>>- Enumerate all of the user informations on the credential provider.
>>-
>>- This function returns the next user information record. To retrieve the first
>>user
>>- information record handle, point UserInfo at a NULL. Each subsequent call
>>will retrieve
>>- another user information record handle until there are no more, at which
>>point UserInfo
>>- will point to NULL.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[in, out] UserInfo On entry, points to the previous user
>information
>>handle or NULL
>>- to start enumeration. On exit, points to the next user
>>information
>>- handle or NULL if there is no more user information.
>>-
>>- @retval EFI_SUCCESS User information returned.
>>- @retval EFI_NOT_FOUND No more user information found.
>>- @retval EFI_INVALID_PARAMETER UserInfo is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialGetNextInfo (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- IN OUT EFI_USER_INFO_HANDLE *UserInfo
>>- );
>>-
>>-/**
>>- Delete a user on this credential provider.
>>-
>>- This function deletes a user on this credential provider.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[in] User The user profile handle to delete.
>>-
>>- @retval EFI_SUCCESS User profile was successfully deleted.
>>- @retval EFI_ACCESS_DENIED Current user profile does not permit
>>deletion on the user profile handle.
>>- Either the user profile cannot delete on any user profile or
>>cannot delete
>>- on a user profile other than the current user profile.
>>- @retval EFI_UNSUPPORTED This credential provider does not support
>>deletion in the pre-OS.
>>- @retval EFI_DEVICE_ERROR The new credential could not be deleted
>>because of a device error.
>>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>>profile handle.
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialDelete (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- IN EFI_USER_PROFILE_HANDLE User
>>- );
>>-
>>-#endif
>>diff --git
>>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>P
>>rovider.uni
>>b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentia
>l
>>Provider.uni
>>deleted file mode 100644
>>index 749e9a8f17..0000000000
>>---
>>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>P
>>rovider.uni
>>+++ /dev/null
>>@@ -1,21 +0,0 @@
>>-// /** @file
>>-// Provides a password credential provider implementation
>>-//
>>-// This module provides a password credential provider implementation.
>>-//
>>-// Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
>>-//
>>-// This program and the accompanying materials
>>-// are licensed and made available under the terms and conditions of the
>BSD
>>License
>>-// which accompanies this distribution. The full text of the license may be
>>found at
>>-// http://opensource.org/licenses/bsd-license.php
>>-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>>BASIS,
>>-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-//
>>-// **/
>>-
>>-
>>-#string STR_MODULE_ABSTRACT #language en-US "Provides a
>>password credential provider implementation"
>>-
>>-#string STR_MODULE_DESCRIPTION #language en-US "This module
>>provides a password credential provider implementation."
>>-
>>diff --git
>>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>P
>>roviderData.h
>>b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentia
>l
>>ProviderData.h
>>deleted file mode 100644
>>index 31bdfe4c50..0000000000
>>---
>>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>P
>>roviderData.h
>>+++ /dev/null
>>@@ -1,30 +0,0 @@
>>-/** @file
>>- Data structure used by the Password Credential Provider driver.
>>-
>>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>>-This program and the accompanying materials
>>-are licensed and made available under the terms and conditions of the BSD
>>License
>>-which accompanies this distribution. The full text of the license may be
>>found at
>>-http://opensource.org/licenses/bsd-license.php
>>-
>>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-
>>-**/
>>-
>>-#ifndef _PWD_CREDENTIAL_PROVIDER_DATA_H_
>>-#define _PWD_CREDENTIAL_PROVIDER_DATA_H_
>>-
>>-#include <Guid/PwdCredentialProviderHii.h>
>>-
>>-//
>>-// Forms definition
>>-//
>>-#define FORMID_GET_PASSWORD_FORM 1
>>-
>>-//
>>-// Key defination
>>-//
>>-#define KEY_GET_PASSWORD 0x1000
>>-
>>-#endif
>>diff --git
>>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>P
>>roviderDxe.inf
>>b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentia
>l
>>ProviderDxe.inf
>>deleted file mode 100644
>>index ab7ba2c913..0000000000
>>---
>>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>P
>>roviderDxe.inf
>>+++ /dev/null
>>@@ -1,65 +0,0 @@
>>-## @file
>>-# Provides a password credential provider implementation
>>-# This module provides a password credential provider implementation.
>>-#
>>-# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>>-# This program and the accompanying materials
>>-# are licensed and made available under the terms and conditions of the
>BSD
>>License
>>-# which accompanies this distribution. The full text of the license may be
>>found at
>>-# http://opensource.org/licenses/bsd-license.php
>>-# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>>BASIS,
>>-# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-#
>>-##
>>-
>>-[Defines]
>>- INF_VERSION = 0x00010005
>>- BASE_NAME = PwdCredentialProvider
>>- MODULE_UNI_FILE = PwdCredentialProvider.uni
>>- FILE_GUID = D6C589EA-DD29-49ef-97F6-1A9FE19A04E0
>>- MODULE_TYPE = UEFI_DRIVER
>>- VERSION_STRING = 1.0
>>- ENTRY_POINT = PasswordProviderInit
>>-
>>-[Sources]
>>- PwdCredentialProvider.c
>>- PwdCredentialProvider.h
>>- PwdCredentialProviderData.h
>>- PwdCredentialProviderVfr.Vfr
>>- PwdCredentialProviderStrings.uni
>>-
>>-[Packages]
>>- MdePkg/MdePkg.dec
>>- MdeModulePkg/MdeModulePkg.dec
>>- CryptoPkg/CryptoPkg.dec
>>- SecurityPkg/SecurityPkg.dec
>>-
>>-[LibraryClasses]
>>- UefiRuntimeServicesTableLib
>>- UefiBootServicesTableLib
>>- UefiDriverEntryPoint
>>- MemoryAllocationLib
>>- BaseMemoryLib
>>- DebugLib
>>- HiiLib
>>- UefiLib
>>- BaseCryptLib
>>-
>>-[Guids]
>>- gEfiUserCredentialClassPasswordGuid ## SOMETIMES_CONSUMES
>>## GUID
>>-
>>- ## PRODUCES ## Variable:L"PwdCredential"
>>- ## CONSUMES ## Variable:L"PwdCredential"
>>- ## CONSUMES ## HII
>>- ## SOMETIMES_CONSUMES ## GUID # The credential provider
>>identifier
>>- gPwdCredentialProviderGuid
>>-
>>-[Protocols]
>>- gEfiDevicePathProtocolGuid ## PRODUCES
>>- gEfiHiiConfigAccessProtocolGuid ## PRODUCES
>>- gEfiUserCredential2ProtocolGuid ## PRODUCES
>>- gEfiUserManagerProtocolGuid ## SOMETIMES_CONSUMES
>>-
>>-[UserExtensions.TianoCore."ExtraFiles"]
>>- PwdCredentialProviderExtra.uni
>>-
>>diff --git
>>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>P
>>roviderExtra.uni
>>b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentia
>l
>>ProviderExtra.uni
>>deleted file mode 100644
>>index bcc220a51d..0000000000
>>---
>>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>P
>>roviderExtra.uni
>>+++ /dev/null
>>@@ -1,19 +0,0 @@
>>-// /** @file
>>-// PwdCredentialProvider Localized Strings and Content
>>-//
>>-// Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
>>-//
>>-// This program and the accompanying materials
>>-// are licensed and made available under the terms and conditions of the
>BSD
>>License
>>-// which accompanies this distribution. The full text of the license may be
>>found at
>>-// http://opensource.org/licenses/bsd-license.php
>>-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>>BASIS,
>>-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-//
>>-// **/
>>-
>>-#string STR_PROPERTIES_MODULE_NAME
>>-#language en-US
>>-"Password Credential Provider"
>>-
>>-
>>diff --git
>>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>P
>>roviderStrings.uni
>>b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentia
>l
>>ProviderStrings.uni
>>deleted file mode 100644
>>index e7b3126f83..0000000000
>>---
>>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>P
>>roviderStrings.uni
>>+++ /dev/null
>>@@ -1,38 +0,0 @@
>>-/** @file
>>- String definitions for the Password Credential Provider.
>>-
>>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>>-This program and the accompanying materials
>>-are licensed and made available under the terms and conditions of the BSD
>>License
>>-which accompanies this distribution. The full text of the license may be
>>found at
>>-http://opensource.org/licenses/bsd-license.php.
>>-
>>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-
>>-**/
>>-
>>-#langdef en-US "English"
>>-#langdef fr-FR "Francais"
>>-
>>-#string STR_CREDENTIAL_TITLE #language en-US "Password
>>Credential Provider"
>>- #language fr-FR "Password Credential Provider
>>(French)"
>>-#string STR_FORM_TITLE #language en-US "Get Password"
>>- #language fr-FR "Get Password(French)"
>>-#string STR_NULL_STRING #language en-US ""
>>- #language fr-FR ""
>>-#string STR_INPUT_PASSWORD #language en-US "Please Input
>>Password"
>>- #language fr-FR "Please Input Password(French)"
>>-#string STR_PROVIDER_NAME #language en-US "INTEL
>>Password Credential Provider"
>>- #language fr-FR "INTEL Password Credential
>>Provider(French)"
>>-#string STR_PROVIDER_TYPE_NAME #language en-US "Password
>>Credential Provider"
>>- #language fr-FR "Password Credential
>>Provider(French)"
>>-#string STR_INPUT_PASSWORD_AGAIN #language en-US "Input
>>Password Again"
>>- #language fr-FR "Input Password Again (French)"
>>-#string STR_DRAW_A_LINE #language en-US "--------------------
>-
>>--------"
>>- #language fr-FR "------------------------------------"
>>-#string STR_PASSWORD_INCORRECT #language en-US "
>Incorrect
>>Password! "
>>- #language fr-FR " Incorrect Password! (French)
>"
>>-#string STR_PASSWORD_MISMATCH #language en-US " The
>>Password Mismatch! "
>>- #language fr-FR " The Password Mismatch!
>(French)
>>"
>>-
>>diff --git
>>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>P
>>roviderVfr.Vfr
>>b/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentia
>l
>>ProviderVfr.Vfr
>>deleted file mode 100644
>>index 60972203b0..0000000000
>>---
>>a/SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredential
>P
>>roviderVfr.Vfr
>>+++ /dev/null
>>@@ -1,34 +0,0 @@
>>-/** @file
>>- Password Credential Provider formset.
>>-
>>-Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
>>-This program and the accompanying materials
>>-are licensed and made available under the terms and conditions of the BSD
>>License
>>-which accompanies this distribution. The full text of the license may be
>>found at
>>-http://opensource.org/licenses/bsd-license.php
>>-
>>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-
>>-**/
>>-
>>-#include "PwdCredentialProviderData.h"
>>-
>>-formset
>>- guid = PWD_CREDENTIAL_PROVIDER_GUID,
>>- title = STRING_TOKEN(STR_CREDENTIAL_TITLE),
>>- help = STRING_TOKEN(STR_NULL_STRING),
>>- classguid = PWD_CREDENTIAL_PROVIDER_GUID,
>>-
>>- form formid = FORMID_GET_PASSWORD_FORM,
>>- title = STRING_TOKEN(STR_FORM_TITLE);
>>-
>>- text
>>- help = STRING_TOKEN(STR_NULL_STRING),
>>- text = STRING_TOKEN(STR_INPUT_PASSWORD),
>>- flags = INTERACTIVE,
>>- key = KEY_GET_PASSWORD;
>>-
>>- endform;
>>-
>>-endformset;
>>\ No newline at end of file
>>diff --git
>>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredential
>Pr
>>ovider.c
>>b/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredential
>Pr
>>ovider.c
>>deleted file mode 100644
>>index 841e975103..0000000000
>>---
>>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredential
>Pr
>>ovider.c
>>+++ /dev/null
>>@@ -1,1410 +0,0 @@
>>-/** @file
>>- Usb Credential Provider driver implemenetation.
>>-
>>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>>-This program and the accompanying materials
>>-are licensed and made available under the terms and conditions of the BSD
>>License
>>-which accompanies this distribution. The full text of the license may be
>>found at
>>-http://opensource.org/licenses/bsd-license.php
>>-
>>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-
>>-**/
>>-
>>-#include "UsbCredentialProvider.h"
>>-
>>-CREDENTIAL_TABLE *mUsbTable = NULL;
>>-USB_PROVIDER_CALLBACK_INFO *mCallbackInfo = NULL;
>>-USB_CREDENTIAL_INFO *mUsbInfoHandle = NULL;
>>-
>>-EFI_USER_CREDENTIAL2_PROTOCOL gUsbCredentialProviderDriver = {
>>- USB_CREDENTIAL_PROVIDER_GUID,
>>- EFI_USER_CREDENTIAL_CLASS_SECURE_CARD,
>>- CredentialEnroll,
>>- CredentialForm,
>>- CredentialTile,
>>- CredentialTitle,
>>- CredentialUser,
>>- CredentialSelect,
>>- CredentialDeselect,
>>- CredentialDefault,
>>- CredentialGetInfo,
>>- CredentialGetNextInfo,
>>- EFI_CREDENTIAL_CAPABILITIES_ENROLL,
>>- CredentialDelete
>>-};
>>-
>>-
>>-/**
>>- Get string by string id from HII Interface.
>>-
>>-
>>- @param[in] Id String ID to get the string from.
>>-
>>- @retval CHAR16 * String from ID.
>>- @retval NULL If error occurs.
>>-
>>-**/
>>-CHAR16 *
>>-GetStringById (
>>- IN EFI_STRING_ID Id
>>- )
>>-{
>>- //
>>- // Get the current string for the current Language
>>- //
>>- return HiiGetString (mCallbackInfo->HiiHandle, Id, NULL);
>>-}
>>-
>>-
>>-/**
>>- Expand password table size.
>>-
>>-**/
>>-VOID
>>-ExpandTableSize (
>>- VOID
>>- )
>>-{
>>- CREDENTIAL_TABLE *NewTable;
>>- UINTN Count;
>>-
>>- Count = mUsbTable->MaxCount + USB_TABLE_INC;
>>- //
>>- // Create new credential table.
>>- //
>>- NewTable = AllocateZeroPool (
>>- sizeof (CREDENTIAL_TABLE) - sizeof (USB_INFO) +
>>- Count * sizeof (USB_INFO)
>>- );
>>- ASSERT (NewTable != NULL);
>>-
>>- NewTable->MaxCount = Count;
>>- NewTable->Count = mUsbTable->Count;
>>-
>>- //
>>- // Copy old entries.
>>- //
>>- CopyMem (
>>- &NewTable->UserInfo,
>>- &mUsbTable->UserInfo,
>>- mUsbTable->Count * sizeof (USB_INFO)
>>- );
>>- FreePool (mUsbTable);
>>- mUsbTable = NewTable;
>>-}
>>-
>>-
>>-/**
>>- Add, update or delete info in table, and sync with NV variable.
>>-
>>- @param[in] Index The index of the password in table. If index is found
>in
>>- table, update the info, else add the into to table.
>>- @param[in] Info The new credential info to add into table. If Info is
>NULL,
>>- delete the info by Index.
>>-
>>- @retval EFI_INVALID_PARAMETER Info is NULL when save the info.
>>- @retval EFI_SUCCESS Modify the table successfully.
>>- @retval Others Failed to modify the table.
>>-
>>-**/
>>-EFI_STATUS
>>-ModifyTable (
>>- IN UINTN Index,
>>- IN USB_INFO * Info OPTIONAL
>>- )
>>-{
>>- EFI_STATUS Status;
>>- USB_INFO *NewUsbInfo;
>>-
>>- NewUsbInfo = NULL;
>>- if (Index < mUsbTable->Count) {
>>- if (Info == NULL) {
>>- //
>>- // Delete the specified entry.
>>- //
>>- mUsbTable->Count--;
>>- if (Index != mUsbTable->Count) {
>>- NewUsbInfo = &mUsbTable->UserInfo[mUsbTable->Count];
>>- }
>>- } else {
>>- //
>>- // Update the specified entry.
>>- //
>>- NewUsbInfo = Info;
>>- }
>>- } else {
>>- //
>>- // Add a new entry
>>- //
>>- if (Info == NULL) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- if (mUsbTable->Count >= mUsbTable->MaxCount) {
>>- ExpandTableSize ();
>>- }
>>-
>>- NewUsbInfo = Info;
>>- mUsbTable->Count++;
>>- }
>>-
>>- if (NewUsbInfo != NULL) {
>>- CopyMem (&mUsbTable->UserInfo[Index], NewUsbInfo, sizeof
>>(USB_INFO));
>>- }
>>-
>>- //
>>- // Save the credential table.
>>- //
>>- Status = gRT->SetVariable (
>>- L"UsbCredential",
>>- &gUsbCredentialProviderGuid,
>>- EFI_VARIABLE_NON_VOLATILE |
>>EFI_VARIABLE_BOOTSERVICE_ACCESS,
>>- mUsbTable->Count * sizeof (USB_INFO),
>>- &mUsbTable->UserInfo
>>- );
>>- return Status;
>>-}
>>-
>>-
>>-/**
>>- Create a credential table
>>-
>>- @retval EFI_SUCCESS Create a credential table successfully.
>>- @retval Others Failed to create a password.
>>-
>>-**/
>>-EFI_STATUS
>>-InitCredentialTable (
>>- VOID
>>- )
>>-{
>>- EFI_STATUS Status;
>>- UINT8 *Var;
>>- UINTN VarSize;
>>-
>>- //
>>- // Get Usb credential data from NV variable.
>>- //
>>- VarSize = 0;
>>- Var = NULL;
>>- Status = gRT->GetVariable (
>>- L"UsbCredential",
>>- &gUsbCredentialProviderGuid,
>>- NULL,
>>- &VarSize,
>>- Var
>>- );
>>- if (Status == EFI_BUFFER_TOO_SMALL) {
>>- Var = AllocateZeroPool (VarSize);
>>- if (Var == NULL) {
>>- return EFI_OUT_OF_RESOURCES;
>>- }
>>- Status = gRT->GetVariable (
>>- L"UsbCredential",
>>- &gUsbCredentialProviderGuid,
>>- NULL,
>>- &VarSize,
>>- Var
>>- );
>>- }
>>- if (EFI_ERROR (Status) && (Status != EFI_NOT_FOUND)) {
>>- return Status;
>>- }
>>-
>>- //
>>- // Init Usb credential table.
>>- //
>>- mUsbTable = AllocateZeroPool (
>>- sizeof (CREDENTIAL_TABLE) - sizeof (USB_INFO) +
>>- USB_TABLE_INC * sizeof (USB_INFO) +
>>- VarSize
>>- );
>>- if (mUsbTable == NULL) {
>>- FreePool (Var);
>>- return EFI_OUT_OF_RESOURCES;
>>- }
>>-
>>- mUsbTable->Count = VarSize / sizeof (USB_INFO);
>>- mUsbTable->MaxCount = mUsbTable->Count + USB_TABLE_INC;
>>- if (Var != NULL) {
>>- CopyMem (mUsbTable->UserInfo, Var, VarSize);
>>- FreePool (Var);
>>- }
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Read the specified file by FileName in the Usb key and return the file size
>in
>>BufferSize
>>- and file content in Buffer.
>>- Note: the caller is responsible to free the buffer memory.
>>-
>>- @param FileName File to read.
>>- @param Buffer Returned with data read from the file.
>>- @param BufferSize Size of the data buffer.
>>-
>>- @retval EFI_SUCCESS The command completed successfully.
>>- @retval EFI_OUT_OF_RESOURCES Resource allocation failed.
>>- @retval EFI_NOT_FOUND File not found.
>>- @retval EFI_DEVICE_ERROR Device I/O error.
>>-
>>-**/
>>-EFI_STATUS
>>-GetFileData (
>>- IN CHAR16 *FileName,
>>- OUT VOID **Buffer,
>>- OUT UINTN *BufferSize
>>- )
>>-{
>>- EFI_STATUS Status;
>>- UINTN Index;
>>- UINTN HandleCount;
>>- UINTN ScratchBufferSize;
>>- EFI_HANDLE *HandleBuffer;
>>- EFI_FILE *RootFs;
>>- EFI_FILE *FileHandle;
>>- EFI_FILE_INFO *FileInfo;
>>- EFI_SIMPLE_FILE_SYSTEM_PROTOCOL *SimpleFileSystem;
>>- EFI_BLOCK_IO_PROTOCOL *BlkIo;
>>-
>>- FileInfo = NULL;
>>- FileHandle = NULL;
>>-
>>- Status = gBS->LocateHandleBuffer (
>>- ByProtocol,
>>- &gEfiSimpleFileSystemProtocolGuid,
>>- NULL,
>>- &HandleCount,
>>- &HandleBuffer
>>- );
>>- if (EFI_ERROR (Status)) {
>>- DEBUG ((DEBUG_ERROR, "Can not Locate SimpleFileSystemProtocol\n"));
>>- goto Done;
>>- }
>>-
>>- //
>>- // Find and open the file in removable media disk.
>>- //
>>- for (Index = 0; Index < HandleCount; Index++) {
>>- Status = gBS->HandleProtocol (
>>- HandleBuffer[Index],
>>- &gEfiBlockIoProtocolGuid,
>>- (VOID **) &BlkIo
>>- );
>>- if (EFI_ERROR (Status)) {
>>- continue;
>>- }
>>-
>>- if (BlkIo->Media->RemovableMedia) {
>>- Status = gBS->HandleProtocol (
>>- HandleBuffer[Index],
>>- &gEfiSimpleFileSystemProtocolGuid,
>>- (VOID **) &SimpleFileSystem
>>- );
>>- if (EFI_ERROR (Status)) {
>>- continue;
>>- }
>>-
>>- Status = SimpleFileSystem->OpenVolume (
>>- SimpleFileSystem,
>>- &RootFs
>>- );
>>- if (EFI_ERROR (Status)) {
>>- continue;
>>- }
>>-
>>- Status = RootFs->Open (
>>- RootFs,
>>- &FileHandle,
>>- FileName,
>>- EFI_FILE_MODE_READ,
>>- 0
>>- );
>>- if (!EFI_ERROR (Status)) {
>>- break;
>>- }
>>- }
>>- }
>>-
>>- FreePool (HandleBuffer);
>>-
>>- if (Index >= HandleCount) {
>>- DEBUG ((DEBUG_ERROR, "Can not found the token file!\n"));
>>- Status = EFI_NOT_FOUND;
>>- goto Done;
>>- }
>>-
>>- //
>>- // Figure out how big the file is.
>>- //
>>- ScratchBufferSize = 0;
>>- Status = FileHandle->GetInfo (
>>- FileHandle,
>>- &gEfiFileInfoGuid,
>>- &ScratchBufferSize,
>>- NULL
>>- );
>>- if (EFI_ERROR (Status) && (Status != EFI_BUFFER_TOO_SMALL)) {
>>- DEBUG ((DEBUG_ERROR, "Can not obtain file size info!\n"));
>>- Status = EFI_DEVICE_ERROR;
>>- goto Done;
>>- }
>>-
>>- FileInfo = AllocateZeroPool (ScratchBufferSize);
>>- if (FileInfo == NULL) {
>>- DEBUG ((DEBUG_ERROR, "Can not allocate enough memory for the token
>>file!\n"));
>>- Status = EFI_OUT_OF_RESOURCES;
>>- goto Done;
>>- }
>>-
>>- Status = FileHandle->GetInfo (
>>- FileHandle,
>>- &gEfiFileInfoGuid,
>>- &ScratchBufferSize,
>>- FileInfo
>>- );
>>- if (EFI_ERROR (Status)) {
>>- DEBUG ((DEBUG_ERROR, "Can not obtain file info from the token
>file!\n"));
>>- Status = EFI_DEVICE_ERROR;
>>- goto Done;
>>- }
>>-
>>- //
>>- // Allocate a buffer for the file.
>>- //
>>- *BufferSize = (UINT32) FileInfo->FileSize;
>>- *Buffer = AllocateZeroPool (*BufferSize);
>>- if (*Buffer == NULL) {
>>- DEBUG ((DEBUG_ERROR, "Can not allocate a buffer for the file!\n"));
>>- Status = EFI_OUT_OF_RESOURCES;
>>- goto Done;
>>- }
>>-
>>- //
>>- // Load file into the allocated memory.
>>- //
>>- Status = FileHandle->Read (FileHandle, BufferSize, *Buffer);
>>- if (EFI_ERROR (Status)) {
>>- FreePool (*Buffer);
>>- DEBUG ((DEBUG_ERROR, "Can not read the token file!\n"));
>>- Status = EFI_DEVICE_ERROR;
>>- goto Done;
>>- }
>>-
>>- //
>>- // Close file.
>>- //
>>- Status = FileHandle->Close (FileHandle);
>>- if (EFI_ERROR (Status)) {
>>- FreePool (*Buffer);
>>- DEBUG ((DEBUG_ERROR, "Can not close the token file !\n"));
>>- Status = EFI_DEVICE_ERROR;
>>- }
>>-
>>-Done:
>>-
>>- if (FileInfo != NULL) {
>>- FreePool (FileInfo);
>>- }
>>-
>>- return Status;
>>-}
>>-
>>-
>>-/**
>>- Hash the data to get credential.
>>-
>>- @param[in] Buffer Points to the data buffer
>>- @param[in] BufferSize The size of data in buffer, in bytes.
>>- @param[out] Credential Points to the hashed result
>>-
>>- @retval TRUE Hash the data successfully.
>>- @retval FALSE Failed to hash the data.
>>-
>>-**/
>>-BOOLEAN
>>-GenerateCredential (
>>- IN UINT8 *Buffer,
>>- IN UINTN BufferSize,
>>- OUT UINT8 *Credential
>>- )
>>-{
>>- BOOLEAN Status;
>>- UINTN HashSize;
>>- VOID *Hash;
>>-
>>- HashSize = Sha1GetContextSize ();
>>- Hash = AllocatePool (HashSize);
>>- ASSERT (Hash != NULL);
>>-
>>- Status = Sha1Init (Hash);
>>- if (!Status) {
>>- goto Done;
>>- }
>>-
>>- Status = Sha1Update (Hash, Buffer, BufferSize);
>>- if (!Status) {
>>- goto Done;
>>- }
>>-
>>- Status = Sha1Final (Hash, Credential);
>>-
>>-Done:
>>- FreePool (Hash);
>>- return Status;
>>-}
>>-
>>-
>>-/**
>>- Read the token file, and default the Token is saved at the begining of the
>file.
>>-
>>- @param[out] Token Token read from a Token file.
>>-
>>- @retval EFI_SUCCESS Read a Token successfully.
>>- @retval Others Fails to read a Token.
>>-
>>-**/
>>-EFI_STATUS
>>-GetToken (
>>- OUT UINT8 *Token
>>- )
>>-{
>>- EFI_STATUS Status;
>>- UINT8 *Buffer;
>>- UINTN BufSize;
>>- CHAR16 *TokenFile;
>>-
>>- BufSize = 0;
>>- Buffer = NULL;
>>- TokenFile = PcdGetPtr (PcdFixedUsbCredentialProviderTokenFileName);
>>- Status = GetFileData (TokenFile, (VOID *)&Buffer, &BufSize);
>>- if (EFI_ERROR (Status)) {
>>- DEBUG ((DEBUG_ERROR, "Read file %s from USB error! Status=(%r)\n",
>>TokenFile, Status));
>>- return Status;
>>- }
>>-
>>- if (!GenerateCredential (Buffer, BufSize, Token)) {
>>- DEBUG ((DEBUG_ERROR, "Generate credential from read data
>failed!\n"));
>>- FreePool (Buffer);
>>- return EFI_SECURITY_VIOLATION;
>>- }
>>-
>>- FreePool (Buffer);
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Find a user infomation record by the information record type.
>>-
>>- This function searches all user information records of User from beginning
>>- until either the information is found or there are no more user infomation
>>- record. A match occurs when a Info.InfoType field matches the user
>>information
>>- record type.
>>-
>>- @param[in] User Points to the user profile record to search.
>>- @param[in] InfoType The infomation type to be searched.
>>- @param[out] Info Points to the user info found, the caller is
>responsible
>>- to free.
>>-
>>- @retval EFI_SUCCESS Find the user information successfully.
>>- @retval Others Fail to find the user information.
>>-
>>-**/
>>-EFI_STATUS
>>-FindUserInfoByType (
>>- IN EFI_USER_PROFILE_HANDLE User,
>>- IN UINT8 InfoType,
>>- OUT EFI_USER_INFO **Info
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_USER_INFO *UserInfo;
>>- UINTN UserInfoSize;
>>- EFI_USER_INFO_HANDLE UserInfoHandle;
>>- EFI_USER_MANAGER_PROTOCOL *UserManager;
>>-
>>- //
>>- // Find user information by information type.
>>- //
>>- if (Info == NULL) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- Status = gBS->LocateProtocol (
>>- &gEfiUserManagerProtocolGuid,
>>- NULL,
>>- (VOID **) &UserManager
>>- );
>>- if (EFI_ERROR (Status)) {
>>- return EFI_NOT_FOUND;
>>- }
>>-
>>- //
>>- // Get each user information.
>>- //
>>-
>>- UserInfoHandle = NULL;
>>- UserInfo = NULL;
>>- UserInfoSize = 0;
>>- while (TRUE) {
>>- Status = UserManager->GetNextInfo (UserManager, User,
>>&UserInfoHandle);
>>- if (EFI_ERROR (Status)) {
>>- break;
>>- }
>>- //
>>- // Get information.
>>- //
>>- Status = UserManager->GetInfo (
>>- UserManager,
>>- User,
>>- UserInfoHandle,
>>- UserInfo,
>>- &UserInfoSize
>>- );
>>- if (Status == EFI_BUFFER_TOO_SMALL) {
>>- if (UserInfo != NULL) {
>>- FreePool (UserInfo);
>>- }
>>- UserInfo = AllocateZeroPool (UserInfoSize);
>>- if (UserInfo == NULL) {
>>- return EFI_OUT_OF_RESOURCES;
>>- }
>>- Status = UserManager->GetInfo (
>>- UserManager,
>>- User,
>>- UserInfoHandle,
>>- UserInfo,
>>- &UserInfoSize
>>- );
>>- }
>>- if (EFI_ERROR (Status)) {
>>- break;
>>- }
>>-
>>- ASSERT (UserInfo != NULL);
>>- if (UserInfo->InfoType == InfoType) {
>>- *Info = UserInfo;
>>- return EFI_SUCCESS;
>>- }
>>- }
>>-
>>- if (UserInfo != NULL) {
>>- FreePool (UserInfo);
>>- }
>>- return Status;
>>-}
>>-
>>-
>>-/**
>>- This function initialize the data mainly used in form browser.
>>-
>>- @retval EFI_SUCCESS Initialize form data successfully.
>>- @retval Others Fail to Initialize form data.
>>-
>>-**/
>>-EFI_STATUS
>>-InitFormBrowser (
>>- VOID
>>- )
>>-{
>>- USB_PROVIDER_CALLBACK_INFO *CallbackInfo;
>>-
>>- //
>>- // Initialize driver private data.
>>- //
>>- CallbackInfo = AllocateZeroPool (sizeof
>(USB_PROVIDER_CALLBACK_INFO));
>>- if (CallbackInfo == NULL) {
>>- return EFI_OUT_OF_RESOURCES;
>>- }
>>-
>>- CallbackInfo->DriverHandle = NULL;
>>-
>>- //
>>- // Publish HII data.
>>- //
>>- CallbackInfo->HiiHandle = HiiAddPackages (
>>- &gUsbCredentialProviderGuid,
>>- CallbackInfo->DriverHandle,
>>- UsbCredentialProviderStrings,
>>- NULL
>>- );
>>- if (CallbackInfo->HiiHandle == NULL) {
>>- return EFI_OUT_OF_RESOURCES;
>>- }
>>- mCallbackInfo = CallbackInfo;
>>-
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Enroll a user on a credential provider.
>>-
>>- This function enrolls a user on this credential provider. If the user exists on
>>- this credential provider, update the user information on this credential
>>provider;
>>- otherwise add the user information on credential provider.
>>-
>>- @param[in] This Points to this instance of
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[in] User The user profile to enroll.
>>-
>>- @retval EFI_SUCCESS User profile was successfully enrolled.
>>- @retval EFI_ACCESS_DENIED Current user profile does not permit
>>enrollment on the
>>- user profile handle. Either the user profile cannot enroll
>>- on any user profile or cannot enroll on a user profile
>>- other than the current user profile.
>>- @retval EFI_UNSUPPORTED This credential provider does not support
>>enrollment in
>>- the pre-OS.
>>- @retval EFI_DEVICE_ERROR The new credential could not be created
>>because of a device
>>- error.
>>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>>profile handle.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialEnroll (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- IN EFI_USER_PROFILE_HANDLE User
>>- )
>>-{
>>- EFI_STATUS Status;
>>- UINTN Index;
>>- USB_INFO UsbInfo;
>>- EFI_USER_INFO *UserInfo;
>>- EFI_INPUT_KEY Key;
>>- UINT8 *UserId;
>>- CHAR16 *QuestionStr;
>>- CHAR16 *PromptStr;
>>-
>>- if ((This == NULL) || (User == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- //
>>- // Get User Identifier
>>- //
>>- UserInfo = NULL;
>>- Status = FindUserInfoByType (
>>- User,
>>- EFI_USER_INFO_IDENTIFIER_RECORD,
>>- &UserInfo
>>- );
>>- if (EFI_ERROR (Status)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- CopyMem (UsbInfo.UserId, (UINT8 *) (UserInfo + 1), sizeof
>>(EFI_USER_INFO_IDENTIFIER));
>>- FreePool (UserInfo);
>>-
>>- //
>>- // Get Token and User ID to UsbInfo.
>>- //
>>- Status = GetToken (UsbInfo.Token);
>>- if (EFI_ERROR (Status)) {
>>- QuestionStr = GetStringById (STRING_TOKEN
>>(STR_READ_USB_TOKEN_ERROR));
>>- PromptStr = GetStringById (STRING_TOKEN (STR_INSERT_USB_TOKEN));
>>- CreatePopUp (
>>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>>- &Key,
>>- QuestionStr,
>>- L"",
>>- PromptStr,
>>- NULL
>>- );
>>- FreePool (QuestionStr);
>>- FreePool (PromptStr);
>>- return Status;
>>- }
>>-
>>- //
>>- // Check whether User is ever enrolled in the provider.
>>- //
>>- for (Index = 0; Index < mUsbTable->Count; Index++) {
>>- UserId = (UINT8 *) &mUsbTable->UserInfo[Index].UserId;
>>- if (CompareMem (UserId, (UINT8 *) &UsbInfo.UserId, sizeof
>>(EFI_USER_INFO_IDENTIFIER)) == 0) {
>>- //
>>- // User already exists, update the password.
>>- //
>>- break;
>>- }
>>- }
>>-
>>- //
>>- // Enroll the User to the provider.
>>- //
>>- Status = ModifyTable (Index, &UsbInfo);
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>-
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Returns the user interface information used during user identification.
>>-
>>- This function returns information about the form used when interacting
>>with the
>>- user during user identification. The form is the first enabled form in the
>>form-set
>>- class EFI_HII_USER_CREDENTIAL_FORMSET_GUID installed on the HII
>>handle HiiHandle. If
>>- the user credential provider does not require a form to identify the user,
>>then this
>>- function should return EFI_NOT_FOUND.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[out] Hii On return, holds the HII database handle.
>>- @param[out] FormSetId On return, holds the identifier of the form set
>>which contains
>>- the form used during user identification.
>>- @param[out] FormId On return, holds the identifier of the form used
>>during user
>>- identification.
>>-
>>- @retval EFI_SUCCESS Form returned successfully.
>>- @retval EFI_NOT_FOUND Form not returned.
>>- @retval EFI_INVALID_PARAMETER Hii is NULL or FormSetId is NULL or
>>FormId is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialForm (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- OUT EFI_HII_HANDLE *Hii,
>>- OUT EFI_GUID *FormSetId,
>>- OUT EFI_FORM_ID *FormId
>>- )
>>-{
>>- if ((This == NULL) || (Hii == NULL) ||
>>- (FormSetId == NULL) || (FormId == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>- return EFI_NOT_FOUND;
>>-}
>>-
>>-
>>-/**
>>- Returns bitmap used to describe the credential provider type.
>>-
>>- This optional function returns a bitmap which is less than or equal to the
>>number
>>- of pixels specified by Width and Height. If no such bitmap exists, then
>>EFI_NOT_FOUND
>>- is returned.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[in, out] Width On entry, points to the desired bitmap width. If
>>NULL then no
>>- bitmap information will be returned. On exit, points to the
>>- width of the bitmap returned.
>>- @param[in, out] Height On entry, points to the desired bitmap height. If
>>NULL then no
>>- bitmap information will be returned. On exit, points to the
>>- height of the bitmap returned.
>>- @param[out] Hii On return, holds the HII database handle.
>>- @param[out] Image On return, holds the HII image identifier.
>>-
>>- @retval EFI_SUCCESS Image identifier returned successfully.
>>- @retval EFI_NOT_FOUND Image identifier not returned.
>>- @retval EFI_INVALID_PARAMETER Hii is NULL or Image is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialTile (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- IN OUT UINTN *Width,
>>- IN OUT UINTN *Height,
>>- OUT EFI_HII_HANDLE *Hii,
>>- OUT EFI_IMAGE_ID *Image
>>- )
>>-{
>>- if ((This == NULL) || (Hii == NULL) || (Image == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>- return EFI_NOT_FOUND;
>>-}
>>-
>>-
>>-/**
>>- Returns string used to describe the credential provider type.
>>-
>>- This function returns a string which describes the credential provider. If no
>>- such string exists, then EFI_NOT_FOUND is returned.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[out] Hii On return, holds the HII database handle.
>>- @param[out] String On return, holds the HII string identifier.
>>-
>>- @retval EFI_SUCCESS String identifier returned successfully.
>>- @retval EFI_NOT_FOUND String identifier not returned.
>>- @retval EFI_INVALID_PARAMETER Hii is NULL or String is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialTitle (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- OUT EFI_HII_HANDLE *Hii,
>>- OUT EFI_STRING_ID *String
>>- )
>>-{
>>- if ((This == NULL) || (Hii == NULL) || (String == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>- //
>>- // Set Hii handle and String ID.
>>- //
>>- *Hii = mCallbackInfo->HiiHandle;
>>- *String = STRING_TOKEN (STR_CREDENTIAL_TITLE);
>>-
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Return the user identifier associated with the currently authenticated user.
>>-
>>- This function returns the user identifier of the user authenticated by this
>>credential
>>- provider. This function is called after the credential-related information has
>>been
>>- submitted on a form OR after a call to Default() has returned that this
>>credential is
>>- ready to log on.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[in] User The user profile handle of the user profile currently
>>being
>>- considered by the user identity manager. If NULL, then no
>user
>>- profile is currently under consideration.
>>- @param[out] Identifier On return, points to the user identifier.
>>-
>>- @retval EFI_SUCCESS User identifier returned successfully.
>>- @retval EFI_NOT_READY No user identifier can be returned.
>>- @retval EFI_ACCESS_DENIED The user has been locked out of this user
>>credential.
>>- @retval EFI_INVALID_PARAMETER This is NULL, or Identifier is NULL.
>>- @retval EFI_NOT_FOUND User is not NULL, and the specified user
>>handle can't be
>>- found in user profile database.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialUser (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- IN EFI_USER_PROFILE_HANDLE User,
>>- OUT EFI_USER_INFO_IDENTIFIER *Identifier
>>- )
>>-{
>>- EFI_STATUS Status;
>>- UINTN Index;
>>- EFI_USER_INFO *UserInfo;
>>- UINT8 *UserId;
>>- UINT8 *NewUserId;
>>- UINT8 *UserToken;
>>- UINT8 ReadToken[HASHED_CREDENTIAL_LEN];
>>- EFI_INPUT_KEY Key;
>>- CHAR16 *QuestionStr;
>>- CHAR16 *PromptStr;
>>-
>>- if ((This == NULL) || (Identifier == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- if (User == NULL) {
>>- //
>>- // Verify the auto logon user, get user id by matched token.
>>- //
>>- if (mUsbTable->Count == 0) {
>>- return EFI_NOT_READY;
>>- }
>>-
>>- //
>>- // No user selected, get token first and verify the user existed in user
>>database.
>>- //
>>- Status = GetToken (ReadToken);
>>- if (EFI_ERROR (Status)) {
>>- return EFI_NOT_READY;
>>- }
>>-
>>- for (Index = 0; Index < mUsbTable->Count; Index++) {
>>- //
>>- // find the specified credential in the Usb credential database.
>>- //
>>- UserToken = mUsbTable->UserInfo[Index].Token;
>>- if (CompareMem (UserToken, ReadToken, HASHED_CREDENTIAL_LEN)
>==
>>0) {
>>- UserId = (UINT8 *) &mUsbTable->UserInfo[Index].UserId;
>>- CopyMem (Identifier, UserId, sizeof (EFI_USER_INFO_IDENTIFIER));
>>- return EFI_SUCCESS;
>>- }
>>- }
>>-
>>- return EFI_NOT_READY;
>>- }
>>-
>>- //
>>- // User is not NULL here. Read a token, and check whether the token
>>matches with
>>- // the selected user's Token. If not, try to find a token in token DB to
>>matches
>>- // with read token.
>>- //
>>-
>>- Status = GetToken (ReadToken);
>>- if (EFI_ERROR (Status)) {
>>- QuestionStr = GetStringById (STRING_TOKEN
>>(STR_READ_USB_TOKEN_ERROR));
>>- PromptStr = GetStringById (STRING_TOKEN (STR_INSERT_USB_TOKEN));
>>- CreatePopUp (
>>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>>- &Key,
>>- QuestionStr,
>>- L"",
>>- PromptStr,
>>- NULL
>>- );
>>- FreePool (QuestionStr);
>>- FreePool (PromptStr);
>>- return EFI_NOT_FOUND;
>>- }
>>-
>>- //
>>- // Get the selected user's identifier.
>>- //
>>- Status = FindUserInfoByType (User, EFI_USER_INFO_IDENTIFIER_RECORD,
>>&UserInfo);
>>- if (EFI_ERROR (Status)) {
>>- return EFI_NOT_FOUND;
>>- }
>>-
>>- //
>>- // Check the selected user's Token with the read token.
>>- //
>>- for (Index = 0; Index < mUsbTable->Count; Index++) {
>>- UserId = (UINT8 *) &mUsbTable->UserInfo[Index].UserId;
>>- NewUserId = (UINT8 *) (UserInfo + 1);
>>- if (CompareMem (UserId, NewUserId, sizeof
>(EFI_USER_INFO_IDENTIFIER))
>>== 0) {
>>- //
>>- // The user's ID is found in the UsbTable.
>>- //
>>- UserToken = mUsbTable->UserInfo[Index].Token;
>>- if (CompareMem (UserToken, ReadToken, HASHED_CREDENTIAL_LEN)
>==
>>0) {
>>- //
>>- // The read token matches with the one in UsbTable.
>>- //
>>- CopyMem (Identifier, UserId, sizeof (EFI_USER_INFO_IDENTIFIER));
>>- FreePool (UserInfo);
>>- return EFI_SUCCESS;
>>- }
>>- }
>>- }
>>-
>>- FreePool (UserInfo);
>>-
>>- return EFI_NOT_READY;
>>-}
>>-
>>-
>>-/**
>>- Indicate that user interface interaction has begun for the specified
>>credential.
>>-
>>- This function is called when a credential provider is selected by the user. If
>>- AutoLogon returns FALSE, then the user interface will be constructed by
>the
>>User
>>- Identity Manager.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[out] AutoLogon On return, points to the credential provider's
>>capabilities
>>- after the credential provider has been selected by the user.
>>-
>>- @retval EFI_SUCCESS Credential provider successfully selected.
>>- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialSelect (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
>>- )
>>-{
>>- if ((This == NULL) || (AutoLogon == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- *AutoLogon = EFI_CREDENTIAL_LOGON_FLAG_DEFAULT |
>>EFI_CREDENTIAL_LOGON_FLAG_AUTO;
>>-
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Indicate that user interface interaction has ended for the specified
>>credential.
>>-
>>- This function is called when a credential provider is deselected by the user.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>-
>>- @retval EFI_SUCCESS Credential provider successfully deselected.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialDeselect (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This
>>- )
>>-{
>>- if (This == NULL) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Return the default logon behavior for this user credential.
>>-
>>- This function reports the default login behavior regarding this credential
>>provider.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[out] AutoLogon On return, holds whether the credential
>provider
>>should be used
>>- by default to automatically log on the user.
>>-
>>- @retval EFI_SUCCESS Default information successfully returned.
>>- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialDefault (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
>>- )
>>-{
>>- if ((This == NULL) || (AutoLogon == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- *AutoLogon = EFI_CREDENTIAL_LOGON_FLAG_DEFAULT |
>>EFI_CREDENTIAL_LOGON_FLAG_AUTO;
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Return information attached to the credential provider.
>>-
>>- This function returns user information.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[in] UserInfo Handle of the user information data record.
>>- @param[out] Info On entry, points to a buffer of at least *InfoSize
>>bytes. On
>>- exit, holds the user information. If the buffer is too small
>>- to hold the information, then EFI_BUFFER_TOO_SMALL is
>>returned
>>- and InfoSize is updated to contain the number of bytes
>>actually
>>- required.
>>- @param[in, out] InfoSize On entry, points to the size of Info. On return,
>>points to the
>>- size of the user information.
>>-
>>- @retval EFI_SUCCESS Information returned successfully.
>>- @retval EFI_BUFFER_TOO_SMALL The size specified by InfoSize is too
>small
>>to hold all of the
>>- user information. The size required is returned in *InfoSize.
>>- @retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
>>- @retval EFI_NOT_FOUND The specified UserInfo does not refer to a
>>valid user info handle.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialGetInfo (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- IN EFI_USER_INFO_HANDLE UserInfo,
>>- OUT EFI_USER_INFO *Info,
>>- IN OUT UINTN *InfoSize
>>- )
>>-{
>>- EFI_USER_INFO *CredentialInfo;
>>- UINTN Index;
>>-
>>- if ((This == NULL) || (InfoSize == NULL) || (Info == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- if ((UserInfo == NULL) || (mUsbInfoHandle == NULL)) {
>>- return EFI_NOT_FOUND;
>>- }
>>-
>>- //
>>- // Find information handle in credential info table.
>>- //
>>- for (Index = 0; Index < mUsbInfoHandle->Count; Index++) {
>>- CredentialInfo = mUsbInfoHandle->Info[Index];
>>- if (UserInfo == (EFI_USER_INFO_HANDLE)CredentialInfo) {
>>- //
>>- // The handle is found, copy the user info.
>>- //
>>- if (CredentialInfo->InfoSize > *InfoSize) {
>>- *InfoSize = CredentialInfo->InfoSize;
>>- return EFI_BUFFER_TOO_SMALL;
>>- }
>>-
>>- CopyMem (Info, CredentialInfo, CredentialInfo->InfoSize);
>>- return EFI_SUCCESS;
>>- }
>>- }
>>-
>>- return EFI_NOT_FOUND;
>>-}
>>-
>>-
>>-/**
>>- Enumerate all of the user informations on the credential provider.
>>-
>>- This function returns the next user information record. To retrieve the first
>>user
>>- information record handle, point UserInfo at a NULL. Each subsequent call
>>will retrieve
>>- another user information record handle until there are no more, at which
>>point UserInfo
>>- will point to NULL.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[in, out] UserInfo On entry, points to the previous user
>information
>>handle or NULL
>>- to start enumeration. On exit, points to the next user
>>information
>>- handle or NULL if there is no more user information.
>>-
>>- @retval EFI_SUCCESS User information returned.
>>- @retval EFI_NOT_FOUND No more user information found.
>>- @retval EFI_INVALID_PARAMETER UserInfo is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialGetNextInfo (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- IN OUT EFI_USER_INFO_HANDLE *UserInfo
>>- )
>>-{
>>- EFI_USER_INFO *Info;
>>- CHAR16 *ProvNameStr;
>>- UINTN InfoLen;
>>- UINTN Index;
>>- UINTN ProvStrLen;
>>-
>>- if ((This == NULL) || (UserInfo == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- if (mUsbInfoHandle == NULL) {
>>- //
>>- // Initilized user info table. There are 4 user info records in the table.
>>- //
>>- InfoLen = sizeof (USB_CREDENTIAL_INFO) + (4 - 1) * sizeof
>>(EFI_USER_INFO *);
>>- mUsbInfoHandle = AllocateZeroPool (InfoLen);
>>- if (mUsbInfoHandle == NULL) {
>>- *UserInfo = NULL;
>>- return EFI_NOT_FOUND;
>>- }
>>-
>>- //
>>- // The first information, Credential Provider info.
>>- //
>>- InfoLen = sizeof (EFI_USER_INFO) + sizeof (EFI_GUID);
>>- Info = AllocateZeroPool (InfoLen);
>>- ASSERT (Info != NULL);
>>-
>>- Info->InfoType = EFI_USER_INFO_CREDENTIAL_PROVIDER_RECORD;
>>- Info->InfoSize = (UINT32) InfoLen;
>>- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
>>- CopyGuid (&Info->Credential, &gUsbCredentialProviderGuid);
>>- CopyGuid ((EFI_GUID *)(Info + 1), &gUsbCredentialProviderGuid);
>>-
>>- mUsbInfoHandle->Info[0] = Info;
>>- mUsbInfoHandle->Count++;
>>-
>>- //
>>- // The second information, Credential Provider name info.
>>- //
>>- ProvNameStr = GetStringById (STRING_TOKEN (STR_PROVIDER_NAME));
>>- ProvStrLen = StrSize (ProvNameStr);
>>- InfoLen = sizeof (EFI_USER_INFO) + ProvStrLen;
>>- Info = AllocateZeroPool (InfoLen);
>>- ASSERT (Info != NULL);
>>-
>>- Info->InfoType =
>>EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD;
>>- Info->InfoSize = (UINT32) InfoLen;
>>- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
>>- CopyGuid (&Info->Credential, &gUsbCredentialProviderGuid);
>>- CopyMem ((UINT8*)(Info + 1), ProvNameStr, ProvStrLen);
>>- FreePool (ProvNameStr);
>>-
>>- mUsbInfoHandle->Info[1] = Info;
>>- mUsbInfoHandle->Count++;
>>-
>>- //
>>- // The third information, Credential Provider type info.
>>- //
>>- InfoLen = sizeof (EFI_USER_INFO) + sizeof (EFI_GUID);
>>- Info = AllocateZeroPool (InfoLen);
>>- ASSERT (Info != NULL);
>>-
>>- Info->InfoType = EFI_USER_INFO_CREDENTIAL_TYPE_RECORD;
>>- Info->InfoSize = (UINT32) InfoLen;
>>- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
>>- CopyGuid (&Info->Credential, &gUsbCredentialProviderGuid);
>>- CopyGuid ((EFI_GUID *)(Info + 1),
>>&gEfiUserCredentialClassSecureCardGuid);
>>-
>>- mUsbInfoHandle->Info[2] = Info;
>>- mUsbInfoHandle->Count++;
>>-
>>- //
>>- // The fourth information, Credential Provider type name info.
>>- //
>>- ProvNameStr = GetStringById (STRING_TOKEN
>>(STR_PROVIDER_TYPE_NAME));
>>- ProvStrLen = StrSize (ProvNameStr);
>>- InfoLen = sizeof (EFI_USER_INFO) + ProvStrLen;
>>- Info = AllocateZeroPool (InfoLen);
>>- ASSERT (Info != NULL);
>>-
>>- Info->InfoType =
>>EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD;
>>- Info->InfoSize = (UINT32) InfoLen;
>>- Info->InfoAttribs = EFI_USER_INFO_PROTECTED;
>>- CopyGuid (&Info->Credential, &gUsbCredentialProviderGuid);
>>- CopyMem ((UINT8*)(Info + 1), ProvNameStr, ProvStrLen);
>>- FreePool (ProvNameStr);
>>-
>>- mUsbInfoHandle->Info[3] = Info;
>>- mUsbInfoHandle->Count++;
>>- }
>>-
>>- if (*UserInfo == NULL) {
>>- //
>>- // Return the first info handle.
>>- //
>>- *UserInfo = (EFI_USER_INFO_HANDLE) mUsbInfoHandle->Info[0];
>>- return EFI_SUCCESS;
>>- }
>>-
>>- //
>>- // Find information handle in credential info table.
>>- //
>>- for (Index = 0; Index < mUsbInfoHandle->Count; Index++) {
>>- Info = mUsbInfoHandle->Info[Index];
>>- if (*UserInfo == (EFI_USER_INFO_HANDLE)Info) {
>>- //
>>- // The handle is found, get the next one.
>>- //
>>- if (Index == mUsbInfoHandle->Count - 1) {
>>- //
>>- // Already last one.
>>- //
>>- *UserInfo = NULL;
>>- return EFI_NOT_FOUND;
>>- }
>>- Index++;
>>- *UserInfo = (EFI_USER_INFO_HANDLE)mUsbInfoHandle->Info[Index];
>>- return EFI_SUCCESS;
>>- }
>>- }
>>-
>>- *UserInfo = NULL;
>>- return EFI_NOT_FOUND;
>>-}
>>-
>>-
>>-/**
>>- Delete a user on this credential provider.
>>-
>>- This function deletes a user on this credential provider.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[in] User The user profile handle to delete.
>>-
>>- @retval EFI_SUCCESS User profile was successfully deleted.
>>- @retval EFI_ACCESS_DENIED Current user profile does not permit
>>deletion on the user profile handle.
>>- Either the user profile cannot delete on any user profile or
>>cannot delete
>>- on a user profile other than the current user profile.
>>- @retval EFI_UNSUPPORTED This credential provider does not support
>>deletion in the pre-OS.
>>- @retval EFI_DEVICE_ERROR The new credential could not be deleted
>>because of a device error.
>>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>>profile handle.
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialDelete (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- IN EFI_USER_PROFILE_HANDLE User
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_USER_INFO *UserInfo;
>>- UINT8 *UserId;
>>- UINT8 *NewUserId;
>>- UINTN Index;
>>-
>>- if ((This == NULL) || (User == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- //
>>- // Get User Identifier.
>>- //
>>- UserInfo = NULL;
>>- Status = FindUserInfoByType (
>>- User,
>>- EFI_USER_INFO_IDENTIFIER_RECORD,
>>- &UserInfo
>>- );
>>- if (EFI_ERROR (Status)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- //
>>- // Find the user by user identifier in mPwdTable.
>>- //
>>- for (Index = 0; Index < mUsbTable->Count; Index++) {
>>- UserId = (UINT8 *) &mUsbTable->UserInfo[Index].UserId;
>>- NewUserId = (UINT8 *) (UserInfo + 1);
>>- if (CompareMem (UserId, NewUserId, sizeof
>(EFI_USER_INFO_IDENTIFIER))
>>== 0) {
>>- //
>>- // Found the user, delete it.
>>- //
>>- ModifyTable (Index, NULL);
>>- break;
>>- }
>>- }
>>-
>>- FreePool (UserInfo);
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Main entry for this driver.
>>-
>>- @param ImageHandle Image handle this driver.
>>- @param SystemTable Pointer to SystemTable.
>>-
>>- @retval EFI_SUCESS This function always complete successfully.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-UsbProviderInit (
>>- IN EFI_HANDLE ImageHandle,
>>- IN EFI_SYSTEM_TABLE *SystemTable
>>- )
>>-{
>>- EFI_STATUS Status;
>>-
>>- //
>>- // It is NOT robust enough to be included in production.
>>- //
>>- #error "This implementation is just a sample, please comment this line if
>you
>>really want to use this driver."
>>-
>>- //
>>- // Init credential table.
>>- //
>>- Status = InitCredentialTable ();
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>-
>>- //
>>- // Init Form Browser
>>- //
>>- Status = InitFormBrowser ();
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>-
>>- //
>>- // Install protocol interfaces for the Usb Credential Provider.
>>- //
>>- Status = gBS->InstallProtocolInterface (
>>- &mCallbackInfo->DriverHandle,
>>- &gEfiUserCredential2ProtocolGuid,
>>- EFI_NATIVE_INTERFACE,
>>- &gUsbCredentialProviderDriver
>>- );
>>- return Status;
>>-}
>>diff --git
>>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredential
>Pr
>>ovider.h
>>b/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredential
>Pr
>>ovider.h
>>deleted file mode 100644
>>index 63f6576045..0000000000
>>---
>>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredential
>Pr
>>ovider.h
>>+++ /dev/null
>>@@ -1,361 +0,0 @@
>>-/** @file
>>- Usb Credential Provider driver header file.
>>-
>>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>>-This program and the accompanying materials
>>-are licensed and made available under the terms and conditions of the BSD
>>License
>>-which accompanies this distribution. The full text of the license may be
>>found at
>>-http://opensource.org/licenses/bsd-license.php
>>-
>>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-
>>-**/
>>-
>>-#ifndef _USB_CREDENTIAL_PROVIDER_H_
>>-#define _USB_CREDENTIAL_PROVIDER_H_
>>-
>>-#include <Uefi.h>
>>-
>>-#include <Guid/GlobalVariable.h>
>>-#include <Guid/FileInfo.h>
>>-#include <Guid/SecurityPkgTokenSpace.h>
>>-#include <Guid/UsbCredentialProviderHii.h>
>>-
>>-#include <Protocol/SimpleFileSystem.h>
>>-#include <Protocol/BlockIo.h>
>>-#include <Protocol/UserCredential2.h>
>>-#include <Protocol/UserManager.h>
>>-
>>-#include <Library/UefiRuntimeServicesTableLib.h>
>>-#include <Library/UefiBootServicesTableLib.h>
>>-#include <Library/MemoryAllocationLib.h>
>>-#include <Library/BaseMemoryLib.h>
>>-#include <Library/DevicePathLib.h>
>>-#include <Library/BaseCryptLib.h>
>>-#include <Library/DebugLib.h>
>>-#include <Library/UefiLib.h>
>>-#include <Library/PrintLib.h>
>>-#include <Library/HiiLib.h>
>>-#include <Library/PcdLib.h>
>>-
>>-extern UINT8 UsbCredentialProviderStrings[];
>>-
>>-#define USB_TABLE_INC 16
>>-#define HASHED_CREDENTIAL_LEN 20
>>-
>>-//
>>-// Save the enroll user credential Information.
>>-//
>>-typedef struct {
>>- EFI_USER_INFO_IDENTIFIER UserId;
>>- UINT8 Token[HASHED_CREDENTIAL_LEN];
>>-} USB_INFO;
>>-
>>-//
>>-// USB Credential Table.
>>-//
>>-typedef struct {
>>- UINTN Count;
>>- UINTN MaxCount;
>>- USB_INFO UserInfo[1];
>>-} CREDENTIAL_TABLE;
>>-
>>-//
>>-// The user information on the USB provider.
>>-//
>>-typedef struct {
>>- UINTN Count;
>>- EFI_USER_INFO *Info[1];
>>-} USB_CREDENTIAL_INFO;
>>-
>>-#define USB_PROVIDER_SIGNATURE SIGNATURE_32 ('U', 'S', 'B', 'P')
>>-
>>-typedef struct {
>>- UINTN Signature;
>>- EFI_HANDLE DriverHandle;
>>- EFI_HII_HANDLE HiiHandle;
>>-} USB_PROVIDER_CALLBACK_INFO;
>>-
>>-/**
>>- Enroll a user on a credential provider.
>>-
>>- This function enrolls and deletes a user profile using this credential
>provider.
>>- If a user profile is successfully enrolled, it calls the User Manager Protocol
>>- function Notify() to notify the user manager driver that credential
>>information
>>- has changed. If an enrolled user does exist, delete the user on the
>>credential
>>- provider.
>>-
>>- @param[in] This Points to this instance of
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[in] User The user profile to enroll.
>>-
>>- @retval EFI_SUCCESS User profile was successfully enrolled.
>>- @retval EFI_ACCESS_DENIED Current user profile does not permit
>>enrollment on the
>>- user profile handle. Either the user profile cannot enroll
>>- on any user profile or cannot enroll on a user profile
>>- other than the current user profile.
>>- @retval EFI_UNSUPPORTED This credential provider does not support
>>enrollment in
>>- the pre-OS.
>>- @retval EFI_DEVICE_ERROR The new credential could not be created
>>because of a device
>>- error.
>>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>>profile handle.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialEnroll (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- IN EFI_USER_PROFILE_HANDLE User
>>- );
>>-
>>-/**
>>- Returns the user interface information used during user identification.
>>-
>>- This function enrolls a user on this credential provider. If the user exists on
>>- this credential provider, update the user information on this credential
>>provider;
>>- otherwise delete the user information on credential provider.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[out] Hii On return, holds the HII database handle.
>>- @param[out] FormSetId On return, holds the identifier of the form set
>>which contains
>>- the form used during user identification.
>>- @param[out] FormId On return, holds the identifier of the form used
>>during user
>>- identification.
>>-
>>- @retval EFI_SUCCESS Form returned successfully.
>>- @retval EFI_NOT_FOUND Form not returned.
>>- @retval EFI_INVALID_PARAMETER Hii is NULL or FormSetId is NULL or
>>FormId is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialForm (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- OUT EFI_HII_HANDLE *Hii,
>>- OUT EFI_GUID *FormSetId,
>>- OUT EFI_FORM_ID *FormId
>>- );
>>-
>>-/**
>>- Returns bitmap used to describe the credential provider type.
>>-
>>- This optional function returns a bitmap which is less than or equal to the
>>number
>>- of pixels specified by Width and Height. If no such bitmap exists, then
>>EFI_NOT_FOUND
>>- is returned.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[in, out] Width On entry, points to the desired bitmap width. If
>>NULL then no
>>- bitmap information will be returned. On exit, points to the
>>- width of the bitmap returned.
>>- @param[in, out] Height On entry, points to the desired bitmap height. If
>>NULL then no
>>- bitmap information will be returned. On exit, points to the
>>- height of the bitmap returned.
>>- @param[out] Hii On return, holds the HII database handle.
>>- @param[out] Image On return, holds the HII image identifier.
>>-
>>- @retval EFI_SUCCESS Image identifier returned successfully.
>>- @retval EFI_NOT_FOUND Image identifier not returned.
>>- @retval EFI_INVALID_PARAMETER Hii is NULL or Image is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialTile (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- IN OUT UINTN *Width,
>>- IN OUT UINTN *Height,
>>- OUT EFI_HII_HANDLE *Hii,
>>- OUT EFI_IMAGE_ID *Image
>>- );
>>-
>>-/**
>>- Returns string used to describe the credential provider type.
>>-
>>- This function returns a string which describes the credential provider. If no
>>- such string exists, then EFI_NOT_FOUND is returned.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[out] Hii On return, holds the HII database handle.
>>- @param[out] String On return, holds the HII string identifier.
>>-
>>- @retval EFI_SUCCESS String identifier returned successfully.
>>- @retval EFI_NOT_FOUND String identifier not returned.
>>- @retval EFI_INVALID_PARAMETER Hii is NULL or String is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialTitle (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- OUT EFI_HII_HANDLE *Hii,
>>- OUT EFI_STRING_ID *String
>>- );
>>-
>>-/**
>>- Return the user identifier associated with the currently authenticated user.
>>-
>>- This function returns the user identifier of the user authenticated by this
>>credential
>>- provider. This function is called after the credential-related information has
>>been
>>- submitted on a form OR after a call to Default() has returned that this
>>credential is
>>- ready to log on.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[in] User The user profile handle of the user profile currently
>>being
>>- considered by the user identity manager. If NULL, then no
>user
>>- profile is currently under consideration.
>>- @param[out] Identifier On return, points to the user identifier.
>>-
>>- @retval EFI_SUCCESS User identifier returned successfully.
>>- @retval EFI_NOT_READY No user identifier can be returned.
>>- @retval EFI_ACCESS_DENIED The user has been locked out of this user
>>credential.
>>- @retval EFI_INVALID_PARAMETER This is NULL, or Identifier is NULL.
>>- @retval EFI_NOT_FOUND User is not NULL, and the specified user
>>handle can't be
>>- found in user profile database.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialUser (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- IN EFI_USER_PROFILE_HANDLE User,
>>- OUT EFI_USER_INFO_IDENTIFIER *Identifier
>>- );
>>-
>>-/**
>>- Indicate that user interface interaction has begun for the specified
>>credential.
>>-
>>- This function is called when a credential provider is selected by the user. If
>>- AutoLogon returns FALSE, then the user interface will be constructed by
>the
>>User
>>- Identity Manager.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[out] AutoLogon On return, points to the credential provider's
>>capabilities
>>- after the credential provider has been selected by the user.
>>-
>>- @retval EFI_SUCCESS Credential provider successfully selected.
>>- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialSelect (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
>>- );
>>-
>>-/**
>>- Indicate that user interface interaction has ended for the specified
>>credential.
>>-
>>- This function is called when a credential provider is deselected by the user.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>-
>>- @retval EFI_SUCCESS Credential provider successfully deselected.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialDeselect (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This
>>- );
>>-
>>-/**
>>- Return the default logon behavior for this user credential.
>>-
>>- This function reports the default login behavior regarding this credential
>>provider.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[out] AutoLogon On return, holds whether the credential
>provider
>>should be used
>>- by default to automatically log on the user.
>>-
>>- @retval EFI_SUCCESS Default information successfully returned.
>>- @retval EFI_INVALID_PARAMETER AutoLogon is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialDefault (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- OUT EFI_CREDENTIAL_LOGON_FLAGS *AutoLogon
>>- );
>>-
>>-/**
>>- Return information attached to the credential provider.
>>-
>>- This function returns user information.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[in] UserInfo Handle of the user information data record.
>>- @param[out] Info On entry, points to a buffer of at least *InfoSize
>>bytes. On
>>- exit, holds the user information. If the buffer is too small
>>- to hold the information, then EFI_BUFFER_TOO_SMALL is
>>returned
>>- and InfoSize is updated to contain the number of bytes
>>actually
>>- required.
>>- @param[in, out] InfoSize On entry, points to the size of Info. On return,
>>points to the
>>- size of the user information.
>>-
>>- @retval EFI_SUCCESS Information returned successfully.
>>- @retval EFI_BUFFER_TOO_SMALL The size specified by InfoSize is too
>small
>>to hold all of the
>>- user information. The size required is returned in *InfoSize.
>>- @retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
>>- @retval EFI_NOT_FOUND The specified UserInfo does not refer to a
>>valid user info handle.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialGetInfo (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- IN EFI_USER_INFO_HANDLE UserInfo,
>>- OUT EFI_USER_INFO *Info,
>>- IN OUT UINTN *InfoSize
>>- );
>>-
>>-/**
>>- Enumerate all of the user informations on the credential provider.
>>-
>>- This function returns the next user information record. To retrieve the first
>>user
>>- information record handle, point UserInfo at a NULL. Each subsequent call
>>will retrieve
>>- another user information record handle until there are no more, at which
>>point UserInfo
>>- will point to NULL.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[in, out] UserInfo On entry, points to the previous user
>information
>>handle or NULL
>>- to start enumeration. On exit, points to the next user
>>information
>>- handle or NULL if there is no more user information.
>>-
>>- @retval EFI_SUCCESS User information returned.
>>- @retval EFI_NOT_FOUND No more user information found.
>>- @retval EFI_INVALID_PARAMETER UserInfo is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialGetNextInfo (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- IN OUT EFI_USER_INFO_HANDLE *UserInfo
>>- );
>>-
>>-/**
>>- Delete a user on this credential provider.
>>-
>>- This function deletes a user on this credential provider.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL.
>>- @param[in] User The user profile handle to delete.
>>-
>>- @retval EFI_SUCCESS User profile was successfully deleted.
>>- @retval EFI_ACCESS_DENIED Current user profile does not permit
>>deletion on the user profile handle.
>>- Either the user profile cannot delete on any user profile or
>>cannot delete
>>- on a user profile other than the current user profile.
>>- @retval EFI_UNSUPPORTED This credential provider does not support
>>deletion in the pre-OS.
>>- @retval EFI_DEVICE_ERROR The new credential could not be deleted
>>because of a device error.
>>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>>profile handle.
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-CredentialDelete (
>>- IN CONST EFI_USER_CREDENTIAL2_PROTOCOL *This,
>>- IN EFI_USER_PROFILE_HANDLE User
>>- );
>>-
>>-#endif
>>diff --git
>>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredential
>Pr
>>ovider.uni
>>b/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredential
>Pr
>>ovider.uni
>>deleted file mode 100644
>>index 961e09f360..0000000000
>>---
>>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredential
>Pr
>>ovider.uni
>>+++ /dev/null
>>@@ -1,23 +0,0 @@
>>-// /** @file
>>-// Provides a USB credential provider implementation
>>-//
>>-// This module reads a token from a token file that is saved in the root
>>-// folder of a USB stick. The token file name can be specified by the PCD
>>-// PcdFixedUsbCredentialProviderTokenFileName.
>>-//
>>-// Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
>>-//
>>-// This program and the accompanying materials
>>-// are licensed and made available under the terms and conditions of the
>BSD
>>License
>>-// which accompanies this distribution. The full text of the license may be
>>found at
>>-// http://opensource.org/licenses/bsd-license.php
>>-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>>BASIS,
>>-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-//
>>-// **/
>>-
>>-
>>-#string STR_MODULE_ABSTRACT #language en-US "Provides a USB
>>credential provider implementation"
>>-
>>-#string STR_MODULE_DESCRIPTION #language en-US "This module
>>reads a token from a token file that is saved in the root folder of a USB stick.
>>The token file name can be specified by the PCD
>>PcdFixedUsbCredentialProviderTokenFileName."
>>-
>>diff --git
>>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredential
>Pr
>>oviderDxe.inf
>>b/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredential
>Pr
>>oviderDxe.inf
>>deleted file mode 100644
>>index 1e8e42332f..0000000000
>>---
>>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredential
>Pr
>>oviderDxe.inf
>>+++ /dev/null
>>@@ -1,70 +0,0 @@
>>-## @file
>>-# Provides a USB credential provider implementation
>>-#
>>-# This module reads a token from a token file that is saved in the root
>>-# folder of a USB stick. The token file name can be specified by the PCD
>>-# PcdFixedUsbCredentialProviderTokenFileName.
>>-#
>>-# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>>-# This program and the accompanying materials
>>-# are licensed and made available under the terms and conditions of the
>BSD
>>License
>>-# which accompanies this distribution. The full text of the license may be
>>found at
>>-# http://opensource.org/licenses/bsd-license.php
>>-# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>>BASIS,
>>-# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-#
>>-##
>>-
>>-[Defines]
>>- INF_VERSION = 0x00010005
>>- BASE_NAME = UsbCredentialProvider
>>- MODULE_UNI_FILE = UsbCredentialProvider.uni
>>- FILE_GUID = 672A0C68-2BF0-46f9-93C3-C4E7DC0FA555
>>- MODULE_TYPE = UEFI_DRIVER
>>- VERSION_STRING = 1.0
>>- ENTRY_POINT = UsbProviderInit
>>-
>>-[Sources]
>>- UsbCredentialProvider.c
>>- UsbCredentialProvider.h
>>- UsbCredentialProviderStrings.uni
>>-
>>-[Packages]
>>- MdePkg/MdePkg.dec
>>- MdeModulePkg/MdeModulePkg.dec
>>- CryptoPkg/CryptoPkg.dec
>>- SecurityPkg/SecurityPkg.dec
>>-
>>-[LibraryClasses]
>>- UefiRuntimeServicesTableLib
>>- UefiBootServicesTableLib
>>- UefiDriverEntryPoint
>>- MemoryAllocationLib
>>- BaseMemoryLib
>>- DebugLib
>>- HiiLib
>>- UefiLib
>>- BaseCryptLib
>>-
>>-[Guids]
>>- ## PRODUCES ## Variable:L"UsbCredential"
>>- ## CONSUMES ## Variable:L"UsbCredential"
>>- ## CONSUMES ## HII
>>- ## SOMETIMES_CONSUMES ## GUID # The credential provider
>>identifier
>>- gUsbCredentialProviderGuid
>>-
>>- gEfiFileInfoGuid ## SOMETIMES_CONSUMES ## GUID
>>- gEfiUserCredentialClassSecureCardGuid ## SOMETIMES_CONSUMES
>>## GUID
>>-
>>-[Pcd]
>>-
>>gEfiSecurityPkgTokenSpaceGuid.PcdFixedUsbCredentialProviderTokenFileN
>a
>>me ## SOMETIMES_CONSUMES
>>-
>>-[Protocols]
>>- gEfiUserCredential2ProtocolGuid ## PRODUCES
>>- gEfiUserManagerProtocolGuid ## SOMETIMES_CONSUMES
>>- gEfiBlockIoProtocolGuid ## SOMETIMES_CONSUMES
>>- gEfiSimpleFileSystemProtocolGuid ## SOMETIMES_CONSUMES
>>-
>>-[UserExtensions.TianoCore."ExtraFiles"]
>>- UsbCredentialProviderExtra.uni
>>-
>>diff --git
>>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredential
>Pr
>>oviderExtra.uni
>>b/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredential
>Pr
>>oviderExtra.uni
>>deleted file mode 100644
>>index a20917d5f7..0000000000
>>---
>>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredential
>Pr
>>oviderExtra.uni
>>+++ /dev/null
>>@@ -1,19 +0,0 @@
>>-// /** @file
>>-// UsbCredentialProvider Localized Strings and Content
>>-//
>>-// Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
>>-//
>>-// This program and the accompanying materials
>>-// are licensed and made available under the terms and conditions of the
>BSD
>>License
>>-// which accompanies this distribution. The full text of the license may be
>>found at
>>-// http://opensource.org/licenses/bsd-license.php
>>-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>>BASIS,
>>-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-//
>>-// **/
>>-
>>-#string STR_PROPERTIES_MODULE_NAME
>>-#language en-US
>>-"USB Credential Provider"
>>-
>>-
>>diff --git
>>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredential
>Pr
>>oviderStrings.uni
>>b/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredential
>Pr
>>oviderStrings.uni
>>deleted file mode 100644
>>index f306d50a4e..0000000000
>>---
>>a/SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredential
>Pr
>>oviderStrings.uni
>>+++ /dev/null
>>@@ -1,29 +0,0 @@
>>-/** @file
>>- String definitions for the USB Credential Provider.
>>-
>>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>>-This program and the accompanying materials
>>-are licensed and made available under the terms and conditions of the BSD
>>License
>>-which accompanies this distribution. The full text of the license may be
>>found at
>>-http://opensource.org/licenses/bsd-license.php.
>>-
>>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-
>>-**/
>>-
>>-#langdef en-US "English"
>>-#langdef fr-FR "Francais"
>>-
>>-#string STR_CREDENTIAL_TITLE #language en-US "USB Credential
>>Provider"
>>- #language fr-FR "USB Credential Provider
>(French)"
>>-#string STR_NULL_STRING #language en-US ""
>>- #language fr-FR ""
>>-#string STR_PROVIDER_NAME #language en-US "INTEL USB
>>Credential Provider"
>>- #language fr-FR "INTEL USB Credential Provider
>>(French)"
>>-#string STR_PROVIDER_TYPE_NAME #language en-US "Secure
>Card
>>Credential Provider"
>>- #language fr-FR "Secure Card Credential Provider
>>(French)"
>>-#string STR_READ_USB_TOKEN_ERROR #language en-US "Read
>USB
>>Token File Error!"
>>- #language fr-FR "Read USB Token File Error!
>>(French)"
>>-#string STR_INSERT_USB_TOKEN #language en-US "Please insert
>>USB key with Token"
>>- #language fr-FR "Please insert USB key with Token
>>(French)"
>>diff --git
>>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/LoadDeferredI
>ma
>>ge.c
>>b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/LoadDeferredI
>m
>>age.c
>>deleted file mode 100644
>>index 2cfe130db8..0000000000
>>---
>>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/LoadDeferredI
>ma
>>ge.c
>>+++ /dev/null
>>@@ -1,148 +0,0 @@
>>-/** @file
>>- Load the deferred images after user is identified.
>>-
>>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>>-This program and the accompanying materials
>>-are licensed and made available under the terms and conditions of the BSD
>>License
>>-which accompanies this distribution. The full text of the license may be
>>found at
>>-http://opensource.org/licenses/bsd-license.php
>>-
>>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-
>>-**/
>>-
>>-#include "UserIdentifyManager.h"
>>-
>>-EFI_HANDLE mDeferredImageHandle;
>>-
>>-/**
>>- The function will load all the deferred images again. If the deferred image
>is
>>loaded
>>- successfully, try to start it.
>>-
>>- @param Event Event whose notification function is being invoked.
>>- @param Context Pointer to the notification function's context
>>-
>>-**/
>>-VOID
>>-EFIAPI
>>-LoadDeferredImage (
>>- IN EFI_EVENT Event,
>>- IN VOID *Context
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_DEFERRED_IMAGE_LOAD_PROTOCOL *DeferredImage;
>>- UINTN HandleCount;
>>- EFI_HANDLE *HandleBuf;
>>- UINTN Index;
>>- UINTN DriverIndex;
>>- EFI_DEVICE_PATH_PROTOCOL *ImageDevicePath;
>>- VOID *DriverImage;
>>- UINTN ImageSize;
>>- BOOLEAN BootOption;
>>- EFI_HANDLE ImageHandle;
>>- UINTN ExitDataSize;
>>- CHAR16 *ExitData;
>>-
>>- //
>>- // Find all the deferred image load protocols.
>>- //
>>- HandleCount = 0;
>>- HandleBuf = NULL;
>>- Status = gBS->LocateHandleBuffer (
>>- ByProtocol,
>>- &gEfiDeferredImageLoadProtocolGuid,
>>- NULL,
>>- &HandleCount,
>>- &HandleBuf
>>- );
>>- if (EFI_ERROR (Status)) {
>>- return ;
>>- }
>>-
>>- for (Index = 0; Index < HandleCount; Index++) {
>>- Status = gBS->HandleProtocol (
>>- HandleBuf[Index],
>>- &gEfiDeferredImageLoadProtocolGuid,
>>- (VOID **) &DeferredImage
>>- );
>>- if (EFI_ERROR (Status)) {
>>- continue ;
>>- }
>>-
>>- DriverIndex = 0;
>>- do {
>>- //
>>- // Load all the deferred images in this protocol instance.
>>- //
>>- Status = DeferredImage->GetImageInfo(
>>- DeferredImage,
>>- DriverIndex,
>>- &ImageDevicePath,
>>- (VOID **) &DriverImage,
>>- &ImageSize,
>>- &BootOption
>>- );
>>- if (EFI_ERROR (Status)) {
>>- break;
>>- }
>>-
>>- //
>>- // Load and start the image.
>>- //
>>- Status = gBS->LoadImage (
>>- BootOption,
>>- mDeferredImageHandle,
>>- ImageDevicePath,
>>- NULL,
>>- 0,
>>- &ImageHandle
>>- );
>>- if (!EFI_ERROR (Status)) {
>>- //
>>- // Before calling the image, enable the Watchdog Timer for
>>- // a 5 Minute period
>>- //
>>- gBS->SetWatchdogTimer (5 * 60, 0x0000, 0x00, NULL);
>>- Status = gBS->StartImage (ImageHandle, &ExitDataSize, &ExitData);
>>-
>>- //
>>- // Clear the Watchdog Timer after the image returns.
>>- //
>>- gBS->SetWatchdogTimer (0x0000, 0x0000, 0x0000, NULL);
>>- }
>>- DriverIndex++;
>>- } while (TRUE);
>>- }
>>- FreePool (HandleBuf);
>>-}
>>-
>>-
>>-/**
>>- Register an event notification function for user profile changed.
>>-
>>- @param[in] ImageHandle Image handle this driver.
>>-
>>-**/
>>-VOID
>>-LoadDeferredImageInit (
>>- IN EFI_HANDLE ImageHandle
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_EVENT Event;
>>-
>>- mDeferredImageHandle = ImageHandle;
>>-
>>- Status = gBS->CreateEventEx (
>>- EVT_NOTIFY_SIGNAL,
>>- TPL_CALLBACK,
>>- LoadDeferredImage,
>>- NULL,
>>- &gEfiEventUserProfileChangedGuid,
>>- &Event
>>- );
>>-
>>- ASSERT (Status == EFI_SUCCESS);
>>-}
>>diff --git
>>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMa
>n
>>ager.c
>>b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMa
>n
>>ager.c
>>deleted file mode 100644
>>index fd941792c1..0000000000
>>---
>>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMa
>n
>>ager.c
>>+++ /dev/null
>>@@ -1,3766 +0,0 @@
>>-/** @file
>>- This driver manages user information and produces user manager protocol.
>>-
>>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>>-(C) Copyright 2018 Hewlett Packard Enterprise Development LP<BR>
>>-This program and the accompanying materials
>>-are licensed and made available under the terms and conditions of the BSD
>>License
>>-which accompanies this distribution. The full text of the license may be
>>found at
>>-http://opensource.org/licenses/bsd-license.php
>>-
>>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-
>>-**/
>>-
>>-#include "UserIdentifyManager.h"
>>-
>>-//
>>-// Default user name.
>>-//
>>-CHAR16 mUserName[] = L"Administrator";
>>-
>>-//
>>-// Points to the user profile database.
>>-//
>>-USER_PROFILE_DB *mUserProfileDb = NULL;
>>-
>>-//
>>-// Points to the credential providers found in system.
>>-//
>>-CREDENTIAL_PROVIDER_INFO *mProviderDb = NULL;
>>-
>>-//
>>-// Current user shared in multi function.
>>-//
>>-EFI_USER_PROFILE_HANDLE mCurrentUser = NULL;
>>-
>>-//
>>-// Flag indicates a user is identified.
>>-//
>>-BOOLEAN mIdentified = FALSE;
>>-USER_MANAGER_CALLBACK_INFO *mCallbackInfo = NULL;
>>-HII_VENDOR_DEVICE_PATH mHiiVendorDevicePath = {
>>- {
>>- {
>>- HARDWARE_DEVICE_PATH,
>>- HW_VENDOR_DP,
>>- {
>>- (UINT8) (sizeof (VENDOR_DEVICE_PATH)),
>>- (UINT8) ((sizeof (VENDOR_DEVICE_PATH)) >> 8)
>>- }
>>- },
>>- USER_IDENTIFY_MANAGER_GUID
>>- },
>>- {
>>- END_DEVICE_PATH_TYPE,
>>- END_ENTIRE_DEVICE_PATH_SUBTYPE,
>>- {
>>- (UINT8) (END_DEVICE_PATH_LENGTH),
>>- (UINT8) ((END_DEVICE_PATH_LENGTH) >> 8)
>>- }
>>- }
>>-};
>>-
>>-
>>-EFI_USER_MANAGER_PROTOCOL gUserIdentifyManager = {
>>- UserProfileCreate,
>>- UserProfileDelete,
>>- UserProfileGetNext,
>>- UserProfileCurrent,
>>- UserProfileIdentify,
>>- UserProfileFind,
>>- UserProfileNotify,
>>- UserProfileGetInfo,
>>- UserProfileSetInfo,
>>- UserProfileDeleteInfo,
>>- UserProfileGetNextInfo,
>>-};
>>-
>>-
>>-/**
>>- Find the specified user in the user database.
>>-
>>- This function searches the specified user from the beginning of the user
>>database.
>>- And if NextUser is TRUE, return the next User in the user database.
>>-
>>- @param[in, out] User On entry, points to the user profile entry to
>>search.
>>- On return, points to the user profile entry or NULL if not
>>found.
>>- @param[in] NextUser If FALSE, find the user in user profile database
>>specifyed by User
>>- If TRUE, find the next user in user profile database specifyed
>>- by User.
>>- @param[out] ProfileIndex A pointer to the index of user profile
>database
>>that matches the
>>- user specifyed by User.
>>-
>>- @retval EFI_NOT_FOUND User was NULL, or User was not found, or
>the
>>next user was not found.
>>- @retval EFI_SUCCESS User or the next user are found in user profile
>>database
>>-
>>-**/
>>-EFI_STATUS
>>-FindUserProfile (
>>- IN OUT USER_PROFILE_ENTRY **User,
>>- IN BOOLEAN NextUser,
>>- OUT UINTN *ProfileIndex OPTIONAL
>>- )
>>-{
>>- UINTN Index;
>>-
>>- //
>>- // Check parameters
>>- //
>>- if ((mUserProfileDb == NULL) || (User == NULL)) {
>>- return EFI_NOT_FOUND;
>>- }
>>-
>>- //
>>- // Check whether the user profile is in the user profile database.
>>- //
>>- for (Index = 0; Index < mUserProfileDb->UserProfileNum; Index++) {
>>- if (mUserProfileDb->UserProfile[Index] == *User) {
>>- if (ProfileIndex != NULL) {
>>- *ProfileIndex = Index;
>>- }
>>- break;
>>- }
>>- }
>>-
>>- if (NextUser) {
>>- //
>>- // Find the next user profile.
>>- //
>>- Index++;
>>- if (Index < mUserProfileDb->UserProfileNum) {
>>- *User = mUserProfileDb->UserProfile[Index];
>>- } else if (Index == mUserProfileDb->UserProfileNum) {
>>- *User = NULL;
>>- return EFI_NOT_FOUND;
>>- } else {
>>- if ((mUserProfileDb->UserProfileNum > 0) && (*User == NULL)) {
>>- *User = mUserProfileDb->UserProfile[0];
>>- } else {
>>- *User = NULL;
>>- return EFI_NOT_FOUND;
>>- }
>>- }
>>- } else if (Index == mUserProfileDb->UserProfileNum) {
>>- return EFI_NOT_FOUND;
>>- }
>>-
>>- return EFI_SUCCESS;
>>-}
>>-
>>-/**
>>- Find the specified user information record in the specified User profile.
>>-
>>- This function searches the specified user information record from the
>>beginning of the user
>>- profile. And if NextInfo is TRUE, return the next info in the user profile.
>>-
>>- @param[in] User Points to the user profile entry.
>>- @param[in, out] Info On entry, points to the user information record or
>>NULL to start
>>- searching with the first user information record.
>>- On return, points to the user information record or NULL if not
>>found.
>>- @param[in] NextInfo If FALSE, find the user information record in profile
>>specifyed by User.
>>- If TRUE, find the next user information record in profile
>>specifyed
>>- by User.
>>- @param[out] Offset A pointer to the offset of the information record in
>>the user profile.
>>-
>>- @retval EFI_INVALID_PARAMETER Info is NULL
>>- @retval EFI_NOT_FOUND Info was not found, or the next Info was not
>>found.
>>- @retval EFI_SUCCESS Info or the next info are found in user profile.
>>-
>>-**/
>>-EFI_STATUS
>>-FindUserInfo (
>>- IN USER_PROFILE_ENTRY * User,
>>- IN OUT EFI_USER_INFO **Info,
>>- IN BOOLEAN NextInfo,
>>- OUT UINTN *Offset OPTIONAL
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_USER_INFO *UserInfo;
>>- UINTN InfoLen;
>>-
>>- if (Info == NULL) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- //
>>- // Check user profile entry
>>- //
>>- Status = FindUserProfile (&User, FALSE, NULL);
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>-
>>- //
>>- // Find user information in the specified user record.
>>- //
>>- InfoLen = 0;
>>- while (InfoLen < User->UserProfileSize) {
>>- UserInfo = (EFI_USER_INFO *) (User->ProfileInfo + InfoLen);
>>- if (UserInfo == *Info) {
>>- if (Offset != NULL) {
>>- *Offset = InfoLen;
>>- }
>>- break;
>>- }
>>- InfoLen += ALIGN_VARIABLE (UserInfo->InfoSize);
>>- }
>>-
>>- //
>>- // Check whether to find the next user information.
>>- //
>>- if (NextInfo) {
>>- if (InfoLen < User->UserProfileSize) {
>>- UserInfo = (EFI_USER_INFO *) (User->ProfileInfo + InfoLen);
>>- InfoLen += ALIGN_VARIABLE (UserInfo->InfoSize);
>>- if (InfoLen < User->UserProfileSize) {
>>- *Info = (EFI_USER_INFO *) (User->ProfileInfo + InfoLen);
>>- if (Offset != NULL) {
>>- *Offset = InfoLen;
>>- }
>>- } else if (InfoLen == User->UserProfileSize) {
>>- *Info = NULL;
>>- return EFI_NOT_FOUND;
>>- }
>>- } else {
>>- if (*Info == NULL) {
>>- *Info = (EFI_USER_INFO *) User->ProfileInfo;
>>- if (Offset != NULL) {
>>- *Offset = 0;
>>- }
>>- } else {
>>- *Info = NULL;
>>- return EFI_NOT_FOUND;
>>- }
>>- }
>>- } else if (InfoLen == User->UserProfileSize) {
>>- return EFI_NOT_FOUND;
>>- }
>>-
>>- return EFI_SUCCESS;
>>-}
>>-
>>-/**
>>- Find a user infomation record by the information record type.
>>-
>>- This function searches all user information records of User. The search
>starts
>>with the
>>- user information record following Info and continues until either the
>>information is found
>>- or there are no more user infomation record.
>>- A match occurs when a Info.InfoType field matches the user information
>>record type.
>>-
>>- @param[in] User Points to the user profile record to search.
>>- @param[in, out] Info On entry, points to the user information record or
>>NULL to start
>>- searching with the first user information record.
>>- On return, points to the user information record or NULL if not
>>found.
>>- @param[in] InfoType The infomation type to be searched.
>>-
>>- @retval EFI_SUCCESS User information was found. Info points to the
>>user information record.
>>- @retval EFI_NOT_FOUND User information was not found.
>>- @retval EFI_INVALID_PARAMETER User is NULL or Info is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-FindUserInfoByType (
>>- IN USER_PROFILE_ENTRY *User,
>>- IN OUT EFI_USER_INFO **Info,
>>- IN UINT8 InfoType
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_USER_INFO *UserInfo;
>>- UINTN InfoLen;
>>-
>>- if (Info == NULL) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- //
>>- // Check whether the user has the specified user information.
>>- //
>>- InfoLen = 0;
>>- if (*Info == NULL) {
>>- Status = FindUserProfile (&User, FALSE, NULL);
>>- } else {
>>- Status = FindUserInfo (User, Info, TRUE, &InfoLen);
>>- }
>>-
>>- if (EFI_ERROR (Status)) {
>>- return EFI_NOT_FOUND;
>>- }
>>-
>>- while (InfoLen < User->UserProfileSize) {
>>- UserInfo = (EFI_USER_INFO *) (User->ProfileInfo + InfoLen);
>>- if (UserInfo->InfoType == InfoType) {
>>- if (UserInfo != *Info) {
>>- *Info = UserInfo;
>>- return EFI_SUCCESS;
>>- }
>>- }
>>-
>>- InfoLen += ALIGN_VARIABLE (UserInfo->InfoSize);
>>- }
>>-
>>- *Info = NULL;
>>- return EFI_NOT_FOUND;
>>-}
>>-
>>-/**
>>- Find a user using a user information record.
>>-
>>- This function searches all user profiles for the specified user information
>>record. The
>>- search starts with the user information record handle following UserInfo
>>and continues
>>- until either the information is found or there are no more user profiles.
>>- A match occurs when the Info.InfoType field matches the user information
>>record type and the
>>- user information record data matches the portion of Info passed the
>>EFI_USER_INFO header.
>>-
>>- @param[in, out] User On entry, points to the previously returned user
>>profile record,
>>- or NULL to start searching with the first user profile.
>>- On return, points to the user profile entry, or NULL if not
>found.
>>- @param[in, out] UserInfo On entry, points to the previously returned user
>>information record,
>>- or NULL to start searching with the first.
>>- On return, points to the user information record, or NULL if
>not
>>found.
>>- @param[in] Info Points to the buffer containing the user information
>to
>>be compared
>>- to the user information record.
>>- @param[in] InfoSize The size of Info, in bytes. Same as Info->InfoSize.
>>-
>>- @retval EFI_SUCCESS User information was found. User points to the
>>user profile record,
>>- and UserInfo points to the user information record.
>>- @retval EFI_NOT_FOUND User information was not found.
>>- @retval EFI_INVALID_PARAMETER User is NULL; Info is NULL; or, InfoSize
>is
>>too small.
>>-
>>-**/
>>-EFI_STATUS
>>-FindUserProfileByInfo (
>>- IN OUT USER_PROFILE_ENTRY **User,
>>- IN OUT EFI_USER_INFO **UserInfo, OPTIONAL
>>- IN EFI_USER_INFO *Info,
>>- IN UINTN InfoSize
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_USER_INFO *InfoEntry;
>>-
>>-
>>- if ((User == NULL) || (Info == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- if (InfoSize < sizeof (EFI_USER_INFO)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- if (UserInfo != NULL) {
>>- InfoEntry = *UserInfo;
>>- } else {
>>- InfoEntry = NULL;
>>- }
>>- //
>>- // Find user profile according to information.
>>- //
>>- if (*User == NULL) {
>>- *User = mUserProfileDb->UserProfile[0];
>>- }
>>-
>>- //
>>- // Check user profile handle.
>>- //
>>- Status = FindUserProfile (User, FALSE, NULL);
>>-
>>- while (!EFI_ERROR (Status)) {
>>- //
>>- // Find the user information in a user profile.
>>- //
>>- while (TRUE) {
>>- Status = FindUserInfoByType (*User, &InfoEntry, Info->InfoType);
>>- if (EFI_ERROR (Status)) {
>>- break;
>>- }
>>-
>>- if (InfoSize == Info->InfoSize) {
>>- if (CompareMem ((UINT8 *) (InfoEntry + 1), (UINT8 *) (Info + 1),
>InfoSize
>>- sizeof (EFI_USER_INFO)) == 0) {
>>- //
>>- // Found the infomation record.
>>- //
>>- if (UserInfo != NULL) {
>>- *UserInfo = InfoEntry;
>>- }
>>- return EFI_SUCCESS;
>>- }
>>- }
>>- }
>>-
>>- //
>>- // Get next user profile.
>>- //
>>- InfoEntry = NULL;
>>- Status = FindUserProfile (User, TRUE, NULL);
>>- }
>>-
>>- return EFI_NOT_FOUND;
>>-}
>>-
>>-
>>-/**
>>- Check whether the access policy is valid.
>>-
>>- @param[in] PolicyInfo Point to the access policy.
>>- @param[in] InfoLen The policy length.
>>-
>>- @retval TRUE The policy is a valid access policy.
>>- @retval FALSE The access policy is not a valid access policy.
>>-
>>-**/
>>-BOOLEAN
>>-CheckAccessPolicy (
>>- IN UINT8 *PolicyInfo,
>>- IN UINTN InfoLen
>>- )
>>-{
>>- UINTN TotalLen;
>>- UINTN ValueLen;
>>- UINTN OffSet;
>>- EFI_USER_INFO_ACCESS_CONTROL Access;
>>- EFI_DEVICE_PATH_PROTOCOL *Path;
>>- UINTN PathSize;
>>-
>>- TotalLen = 0;
>>- while (TotalLen < InfoLen) {
>>- //
>>- // Check access policy according to type.
>>- //
>>- CopyMem (&Access, PolicyInfo + TotalLen, sizeof (Access));
>>- ValueLen = Access.Size - sizeof (EFI_USER_INFO_ACCESS_CONTROL);
>>- switch (Access.Type) {
>>- case EFI_USER_INFO_ACCESS_FORBID_LOAD:
>>- case EFI_USER_INFO_ACCESS_PERMIT_LOAD:
>>- case EFI_USER_INFO_ACCESS_FORBID_CONNECT:
>>- case EFI_USER_INFO_ACCESS_PERMIT_CONNECT:
>>- OffSet = 0;
>>- while (OffSet < ValueLen) {
>>- Path = (EFI_DEVICE_PATH_PROTOCOL *) (PolicyInfo + TotalLen +
>>sizeof (Access) + OffSet);
>>- PathSize = GetDevicePathSize (Path);
>>- OffSet += PathSize;
>>- }
>>- if (OffSet != ValueLen) {
>>- return FALSE;
>>- }
>>- break;
>>-
>>- case EFI_USER_INFO_ACCESS_SETUP:
>>- if (ValueLen % sizeof (EFI_GUID) != 0) {
>>- return FALSE;
>>- }
>>- break;
>>-
>>- case EFI_USER_INFO_ACCESS_BOOT_ORDER:
>>- if (ValueLen % sizeof (EFI_USER_INFO_ACCESS_BOOT_ORDER_HDR) != 0)
>>{
>>- return FALSE;
>>- }
>>- break;
>>-
>>- case EFI_USER_INFO_ACCESS_ENROLL_SELF:
>>- case EFI_USER_INFO_ACCESS_ENROLL_OTHERS:
>>- case EFI_USER_INFO_ACCESS_MANAGE:
>>- if (ValueLen != 0) {
>>- return FALSE;
>>- }
>>- break;
>>-
>>- default:
>>- return FALSE;
>>- break;
>>- }
>>-
>>- TotalLen += Access.Size;
>>- }
>>-
>>- if (TotalLen != InfoLen) {
>>- return FALSE;
>>- }
>>-
>>- return TRUE;
>>-}
>>-
>>-
>>-/**
>>- Check whether the identity policy is valid.
>>-
>>- @param[in] PolicyInfo Point to the identity policy.
>>- @param[in] InfoLen The policy length.
>>-
>>- @retval TRUE The policy is a valid identity policy.
>>- @retval FALSE The access policy is not a valid identity policy.
>>-
>>-**/
>>-BOOLEAN
>>-CheckIdentityPolicy (
>>- IN UINT8 *PolicyInfo,
>>- IN UINTN InfoLen
>>- )
>>-{
>>- UINTN TotalLen;
>>- UINTN ValueLen;
>>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>>-
>>- TotalLen = 0;
>>-
>>- //
>>- // Check each part of policy expression.
>>- //
>>- while (TotalLen < InfoLen) {
>>- //
>>- // Check access polisy according to type.
>>- //
>>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) (PolicyInfo + TotalLen);
>>- ValueLen = Identity->Length - sizeof (EFI_USER_INFO_IDENTITY_POLICY);
>>- switch (Identity->Type) {
>>- //
>>- // Check False option.
>>- //
>>- case EFI_USER_INFO_IDENTITY_FALSE:
>>- if (ValueLen != 0) {
>>- return FALSE;
>>- }
>>- break;
>>-
>>- //
>>- // Check True option.
>>- //
>>- case EFI_USER_INFO_IDENTITY_TRUE:
>>- if (ValueLen != 0) {
>>- return FALSE;
>>- }
>>- break;
>>-
>>- //
>>- // Check negative operation.
>>- //
>>- case EFI_USER_INFO_IDENTITY_NOT:
>>- if (ValueLen != 0) {
>>- return FALSE;
>>- }
>>- break;
>>-
>>- //
>>- // Check and operation.
>>- //
>>- case EFI_USER_INFO_IDENTITY_AND:
>>- if (ValueLen != 0) {
>>- return FALSE;
>>- }
>>- break;
>>-
>>- //
>>- // Check or operation.
>>- //
>>- case EFI_USER_INFO_IDENTITY_OR:
>>- if (ValueLen != 0) {
>>- return FALSE;
>>- }
>>- break;
>>-
>>- //
>>- // Check credential provider by type.
>>- //
>>- case EFI_USER_INFO_IDENTITY_CREDENTIAL_TYPE:
>>- if (ValueLen != sizeof (EFI_GUID)) {
>>- return FALSE;
>>- }
>>- break;
>>-
>>- //
>>- // Check credential provider by ID.
>>- //
>>- case EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER:
>>- if (ValueLen != sizeof (EFI_GUID)) {
>>- return FALSE;
>>- }
>>- break;
>>-
>>- default:
>>- return FALSE;
>>- break;
>>- }
>>-
>>- TotalLen += Identity->Length;
>>- }
>>-
>>- if (TotalLen != InfoLen) {
>>- return FALSE;
>>- }
>>-
>>- return TRUE;
>>-}
>>-
>>-
>>-/**
>>- Check whether the user information is a valid user information record.
>>-
>>- @param[in] Info points to the user information.
>>-
>>- @retval TRUE The info is a valid user information record.
>>- @retval FALSE The info is not a valid user information record.
>>-
>>-**/
>>-BOOLEAN
>>-CheckUserInfo (
>>- IN CONST EFI_USER_INFO *Info
>>- )
>>-{
>>- UINTN InfoLen;
>>-
>>- if (Info == NULL) {
>>- return FALSE;
>>- }
>>- //
>>- // Check user information according to information type.
>>- //
>>- InfoLen = Info->InfoSize - sizeof (EFI_USER_INFO);
>>- switch (Info->InfoType) {
>>- case EFI_USER_INFO_EMPTY_RECORD:
>>- if (InfoLen != 0) {
>>- return FALSE;
>>- }
>>- break;
>>-
>>- case EFI_USER_INFO_NAME_RECORD:
>>- case EFI_USER_INFO_CREDENTIAL_TYPE_NAME_RECORD:
>>- case EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD:
>>- break;
>>-
>>- case EFI_USER_INFO_CREATE_DATE_RECORD:
>>- case EFI_USER_INFO_USAGE_DATE_RECORD:
>>- if (InfoLen != sizeof (EFI_TIME)) {
>>- return FALSE;
>>- }
>>- break;
>>-
>>- case EFI_USER_INFO_USAGE_COUNT_RECORD:
>>- if (InfoLen != sizeof (UINT64)) {
>>- return FALSE;
>>- }
>>- break;
>>-
>>- case EFI_USER_INFO_IDENTIFIER_RECORD:
>>- if (InfoLen != 16) {
>>- return FALSE;
>>- }
>>- break;
>>-
>>- case EFI_USER_INFO_CREDENTIAL_TYPE_RECORD:
>>- case EFI_USER_INFO_CREDENTIAL_PROVIDER_RECORD:
>>- case EFI_USER_INFO_GUID_RECORD:
>>- if (InfoLen != sizeof (EFI_GUID)) {
>>- return FALSE;
>>- }
>>- break;
>>-
>>- case EFI_USER_INFO_PKCS11_RECORD:
>>- case EFI_USER_INFO_CBEFF_RECORD:
>>- break;
>>-
>>- case EFI_USER_INFO_FAR_RECORD:
>>- case EFI_USER_INFO_RETRY_RECORD:
>>- if (InfoLen != 1) {
>>- return FALSE;
>>- }
>>- break;
>>-
>>- case EFI_USER_INFO_ACCESS_POLICY_RECORD:
>>- if(!CheckAccessPolicy ((UINT8 *) (Info + 1), InfoLen)) {
>>- return FALSE;
>>- }
>>- break;
>>-
>>- case EFI_USER_INFO_IDENTITY_POLICY_RECORD:
>>- if (!CheckIdentityPolicy ((UINT8 *) (Info + 1), InfoLen)) {
>>- return FALSE;
>>- }
>>- break;
>>-
>>- default:
>>- return FALSE;
>>- break;
>>- }
>>-
>>- return TRUE;
>>-}
>>-
>>-
>>-/**
>>- Check the user profile data format to be added.
>>-
>>- @param[in] UserProfileInfo Points to the user profile data.
>>- @param[in] UserProfileSize The length of user profile data.
>>-
>>- @retval TRUE It is a valid user profile.
>>- @retval FALSE It is not a valid user profile.
>>-
>>-**/
>>-BOOLEAN
>>-CheckProfileInfo (
>>- IN UINT8 *UserProfileInfo,
>>- IN UINTN UserProfileSize
>>- )
>>-{
>>- UINTN ChkLen;
>>- EFI_USER_INFO *Info;
>>-
>>- if (UserProfileInfo == NULL) {
>>- return FALSE;
>>- }
>>-
>>- //
>>- // Check user profile information length.
>>- //
>>- ChkLen = 0;
>>- while (ChkLen < UserProfileSize) {
>>- Info = (EFI_USER_INFO *) (UserProfileInfo + ChkLen);
>>- //
>>- // Check user information format.
>>- //
>>- if (!CheckUserInfo (Info)) {
>>- return FALSE;
>>- }
>>-
>>- ChkLen += ALIGN_VARIABLE (Info->InfoSize);
>>- }
>>-
>>- if (ChkLen != UserProfileSize) {
>>- return FALSE;
>>- }
>>-
>>- return TRUE;
>>-}
>>-
>>-
>>-/**
>>- Find the specified RightType in current user profile.
>>-
>>- @param[in] RightType Could be EFI_USER_INFO_ACCESS_MANAGE,
>>- EFI_USER_INFO_ACCESS_ENROLL_OTHERS or
>>- EFI_USER_INFO_ACCESS_ENROLL_SELF.
>>-
>>- @retval TRUE Find the specified RightType in current user profile.
>>- @retval FALSE Can't find the right in the profile.
>>-
>>-**/
>>-BOOLEAN
>>-CheckCurrentUserAccessRight (
>>- IN UINT32 RightType
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_USER_INFO *Info;
>>- UINTN TotalLen;
>>- UINTN CheckLen;
>>- EFI_USER_INFO_ACCESS_CONTROL Access;
>>-
>>- //
>>- // Get user access right information.
>>- //
>>- Info = NULL;
>>- Status = FindUserInfoByType (
>>- (USER_PROFILE_ENTRY *) mCurrentUser,
>>- &Info,
>>- EFI_USER_INFO_ACCESS_POLICY_RECORD
>>- );
>>- if (EFI_ERROR (Status)) {
>>- return FALSE;
>>- }
>>-
>>- ASSERT (Info != NULL);
>>- TotalLen = Info->InfoSize - sizeof (EFI_USER_INFO);
>>- CheckLen = 0;
>>- while (CheckLen < TotalLen) {
>>- //
>>- // Check right according to access type.
>>- //
>>- CopyMem (&Access, (UINT8 *) (Info + 1) + CheckLen, sizeof (Access));
>>- if (Access.Type == RightType) {
>>- return TRUE;;
>>- }
>>-
>>- CheckLen += Access.Size;
>>- }
>>-
>>- return FALSE;
>>-}
>>-
>>-
>>-/**
>>- Create a unique user identifier.
>>-
>>- @param[out] Identifier This points to the identifier.
>>-
>>-**/
>>-VOID
>>-GenerateIdentifier (
>>- OUT UINT8 *Identifier
>>- )
>>-{
>>- EFI_TIME Time;
>>- UINT64 MonotonicCount;
>>- UINT32 *MonotonicPointer;
>>- UINTN Index;
>>-
>>- //
>>- // Create a unique user identifier.
>>- //
>>- gRT->GetTime (&Time, NULL);
>>- CopyMem (Identifier, &Time, sizeof (EFI_TIME));
>>- //
>>- // Remove zeros.
>>- //
>>- for (Index = 0; Index < sizeof (EFI_TIME); Index++) {
>>- if (Identifier[Index] == 0) {
>>- Identifier[Index] = 0x5a;
>>- }
>>- }
>>-
>>- MonotonicPointer = (UINT32 *) Identifier;
>>- gBS->GetNextMonotonicCount (&MonotonicCount);
>>- MonotonicPointer[0] += (UINT32) MonotonicCount;
>>- MonotonicPointer[1] += (UINT32) MonotonicCount;
>>- MonotonicPointer[2] += (UINT32) MonotonicCount;
>>- MonotonicPointer[3] += (UINT32) MonotonicCount;
>>-}
>>-
>>-
>>-/**
>>- Generate unique user ID.
>>-
>>- @param[out] UserId Points to the user identifer.
>>-
>>-**/
>>-VOID
>>-GenerateUserId (
>>- OUT UINT8 *UserId
>>- )
>>-{
>>- EFI_STATUS Status;
>>- USER_PROFILE_ENTRY *UserProfile;
>>- EFI_USER_INFO *UserInfo;
>>- UINTN Index;
>>-
>>- //
>>- // Generate unique user ID
>>- //
>>- while (TRUE) {
>>- GenerateIdentifier (UserId);
>>- //
>>- // Check whether it's unique in user profile database.
>>- //
>>- if (mUserProfileDb == NULL) {
>>- return ;
>>- }
>>-
>>- for (Index = 0; Index < mUserProfileDb->UserProfileNum; Index++) {
>>- UserProfile = (USER_PROFILE_ENTRY *) (mUserProfileDb-
>>>UserProfile[Index]);
>>- UserInfo = NULL;
>>- Status = FindUserInfoByType (UserProfile, &UserInfo,
>>EFI_USER_INFO_IDENTIFIER_RECORD);
>>- if (EFI_ERROR (Status)) {
>>- continue;
>>- }
>>-
>>- if (CompareMem ((UINT8 *) (UserInfo + 1), UserId, sizeof
>>(EFI_USER_INFO_IDENTIFIER)) == 0) {
>>- break;
>>- }
>>- }
>>-
>>- if (Index == mUserProfileDb->UserProfileNum) {
>>- return ;
>>- }
>>- }
>>-}
>>-
>>-
>>-/**
>>- Expand user profile database.
>>-
>>- @retval TRUE Success to expand user profile database.
>>- @retval FALSE Fail to expand user profile database.
>>-
>>-**/
>>-BOOLEAN
>>-ExpandUsermUserProfileDb (
>>- VOID
>>- )
>>-{
>>- UINTN MaxNum;
>>- USER_PROFILE_DB *NewDataBase;
>>-
>>- //
>>- // Create new user profile database.
>>- //
>>- if (mUserProfileDb == NULL) {
>>- MaxNum = USER_NUMBER_INC;
>>- } else {
>>- MaxNum = mUserProfileDb->MaxProfileNum + USER_NUMBER_INC;
>>- }
>>-
>>- NewDataBase = AllocateZeroPool (
>>- sizeof (USER_PROFILE_DB) - sizeof (EFI_USER_PROFILE_HANDLE) +
>>- MaxNum * sizeof (EFI_USER_PROFILE_HANDLE)
>>- );
>>- if (NewDataBase == NULL) {
>>- return FALSE;
>>- }
>>-
>>- NewDataBase->MaxProfileNum = MaxNum;
>>-
>>- //
>>- // Copy old user profile database value
>>- //
>>- if (mUserProfileDb == NULL) {
>>- NewDataBase->UserProfileNum = 0;
>>- } else {
>>- NewDataBase->UserProfileNum = mUserProfileDb->UserProfileNum;
>>- CopyMem (
>>- NewDataBase->UserProfile,
>>- mUserProfileDb->UserProfile,
>>- NewDataBase->UserProfileNum * sizeof (EFI_USER_PROFILE_HANDLE)
>>- );
>>- FreePool (mUserProfileDb);
>>- }
>>-
>>- mUserProfileDb = NewDataBase;
>>- return TRUE;
>>-}
>>-
>>-
>>-/**
>>- Expand user profile
>>-
>>- @param[in] User Points to user profile.
>>- @param[in] ExpandSize The size of user profile.
>>-
>>- @retval TRUE Success to expand user profile size.
>>- @retval FALSE Fail to expand user profile size.
>>-
>>-**/
>>-BOOLEAN
>>-ExpandUserProfile (
>>- IN USER_PROFILE_ENTRY *User,
>>- IN UINTN ExpandSize
>>- )
>>-{
>>- UINT8 *Info;
>>- UINTN InfoSizeInc;
>>-
>>- //
>>- // Allocate new memory.
>>- //
>>- InfoSizeInc = 128;
>>- User->MaxProfileSize += ((ExpandSize + InfoSizeInc - 1) / InfoSizeInc) *
>>InfoSizeInc;
>>- Info = AllocateZeroPool (User->MaxProfileSize);
>>- if (Info == NULL) {
>>- return FALSE;
>>- }
>>-
>>- //
>>- // Copy exist information.
>>- //
>>- if (User->UserProfileSize > 0) {
>>- CopyMem (Info, User->ProfileInfo, User->UserProfileSize);
>>- FreePool (User->ProfileInfo);
>>- }
>>-
>>- User->ProfileInfo = Info;
>>- return TRUE;
>>-}
>>-
>>-
>>-/**
>>- Save the user profile to non-volatile memory, or delete it from non-volatile
>>memory.
>>-
>>- @param[in] User Point to the user profile
>>- @param[in] Delete If TRUE, delete the found user profile.
>>- If FALSE, save the user profile.
>>- @retval EFI_SUCCESS Save or delete user profile successfully.
>>- @retval Others Fail to change the profile.
>>-
>>-**/
>>-EFI_STATUS
>>-SaveNvUserProfile (
>>- IN USER_PROFILE_ENTRY *User,
>>- IN BOOLEAN Delete
>>- )
>>-{
>>- EFI_STATUS Status;
>>-
>>- //
>>- // Check user profile entry.
>>- //
>>- Status = FindUserProfile (&User, FALSE, NULL);
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>-
>>- //
>>- // Save the user profile to non-volatile memory.
>>- //
>>- Status = gRT->SetVariable (
>>- User->UserVarName,
>>- &gUserIdentifyManagerGuid,
>>- EFI_VARIABLE_NON_VOLATILE |
>>EFI_VARIABLE_BOOTSERVICE_ACCESS,
>>- Delete ? 0 : User->UserProfileSize,
>>- User->ProfileInfo
>>- );
>>- return Status;
>>-}
>>-
>>-/**
>>- Add one new user info into the user's profile.
>>-
>>- @param[in] User point to the user profile
>>- @param[in] Info Points to the user information payload.
>>- @param[in] InfoSize The size of the user information payload, in bytes.
>>- @param[out] UserInfo Point to the new info in user profile
>>- @param[in] Save If TRUE, save the profile to NV flash.
>>- If FALSE, don't need to save the profile to NV flash.
>>-
>>- @retval EFI_SUCCESS Add user info to user profile successfully.
>>- @retval Others Fail to add user info to user profile.
>>-
>>-**/
>>-EFI_STATUS
>>-AddUserInfo (
>>- IN USER_PROFILE_ENTRY *User,
>>- IN UINT8 *Info,
>>- IN UINTN InfoSize,
>>- OUT EFI_USER_INFO **UserInfo, OPTIONAL
>>- IN BOOLEAN Save
>>- )
>>-{
>>- EFI_STATUS Status;
>>-
>>- if ((Info == NULL) || (User == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- //
>>- // Check user profile handle.
>>- //
>>- Status = FindUserProfile (&User, FALSE, NULL);
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>-
>>- //
>>- // Check user information memory size.
>>- //
>>- if (User->MaxProfileSize - User->UserProfileSize < ALIGN_VARIABLE
>>(InfoSize)) {
>>- if (!ExpandUserProfile (User, ALIGN_VARIABLE (InfoSize))) {
>>- return EFI_OUT_OF_RESOURCES;
>>- }
>>- }
>>-
>>- //
>>- // Add new user information.
>>- //
>>- CopyMem (User->ProfileInfo + User->UserProfileSize, Info, InfoSize);
>>- if (UserInfo != NULL) {
>>- *UserInfo = (EFI_USER_INFO *) (User->ProfileInfo + User-
>>>UserProfileSize);
>>- }
>>- User->UserProfileSize += ALIGN_VARIABLE (InfoSize);
>>-
>>- //
>>- // Save user profile information.
>>- //
>>- if (Save) {
>>- Status = SaveNvUserProfile (User, FALSE);
>>- }
>>-
>>- return Status;
>>-}
>>-
>>-
>>-/**
>>- Get the user info from the specified user info handle.
>>-
>>- @param[in] User Point to the user profile.
>>- @param[in] UserInfo Point to the user information record to get.
>>- @param[out] Info On entry, points to a buffer of at least *InfoSize
>>bytes.
>>- On exit, holds the user information.
>>- @param[in, out] InfoSize On entry, points to the size of Info.
>>- On return, points to the size of the user information.
>>- @param[in] ChkRight If TRUE, check the user info attribute.
>>- If FALSE, don't check the user info attribute.
>>-
>>-
>>- @retval EFI_ACCESS_DENIED The information cannot be accessed by
>the
>>current user.
>>- @retval EFI_INVALID_PARAMETER InfoSize is NULL or UserInfo is NULL.
>>- @retval EFI_BUFFER_TOO_SMALL The number of bytes specified by
>>*InfoSize is too small to hold the
>>- returned data. The actual size required is returned in
>>*InfoSize.
>>- @retval EFI_SUCCESS Information returned successfully.
>>-
>>-**/
>>-EFI_STATUS
>>-GetUserInfo (
>>- IN USER_PROFILE_ENTRY *User,
>>- IN EFI_USER_INFO *UserInfo,
>>- OUT EFI_USER_INFO *Info,
>>- IN OUT UINTN *InfoSize,
>>- IN BOOLEAN ChkRight
>>- )
>>-{
>>- EFI_STATUS Status;
>>-
>>- if ((InfoSize == NULL) || (UserInfo == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- if ((*InfoSize != 0) && (Info == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- //
>>- // Find the user information to get.
>>- //
>>- Status = FindUserInfo (User, &UserInfo, FALSE, NULL);
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>-
>>- //
>>- // Check information attributes.
>>- //
>>- if (ChkRight) {
>>- switch (UserInfo->InfoAttribs & EFI_USER_INFO_ACCESS) {
>>- case EFI_USER_INFO_PRIVATE:
>>- case EFI_USER_INFO_PROTECTED:
>>- if (User != mCurrentUser) {
>>- return EFI_ACCESS_DENIED;
>>- }
>>- break;
>>-
>>- case EFI_USER_INFO_PUBLIC:
>>- break;
>>-
>>- default:
>>- return EFI_INVALID_PARAMETER;
>>- break;
>>- }
>>- }
>>-
>>- //
>>- // Get user information.
>>- //
>>- if (UserInfo->InfoSize > *InfoSize) {
>>- *InfoSize = UserInfo->InfoSize;
>>- return EFI_BUFFER_TOO_SMALL;
>>- }
>>-
>>- *InfoSize = UserInfo->InfoSize;
>>- if (Info != NULL) {
>>- CopyMem (Info, UserInfo, *InfoSize);
>>- }
>>-
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Delete the specified user information from user profile.
>>-
>>- @param[in] User Point to the user profile.
>>- @param[in] Info Point to the user information record to delete.
>>- @param[in] Save If TRUE, save the profile to NV flash.
>>- If FALSE, don't need to save the profile to NV flash.
>>-
>>- @retval EFI_SUCCESS Delete user info from user profile successfully.
>>- @retval Others Fail to delete user info from user profile.
>>-
>>-**/
>>-EFI_STATUS
>>-DelUserInfo (
>>- IN USER_PROFILE_ENTRY *User,
>>- IN EFI_USER_INFO *Info,
>>- IN BOOLEAN Save
>>- )
>>-{
>>- EFI_STATUS Status;
>>- UINTN Offset;
>>- UINTN NextOffset;
>>-
>>- //
>>- // Check user information handle.
>>- //
>>- Status = FindUserInfo (User, &Info, FALSE, &Offset);
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>-
>>- if (Info->InfoType == EFI_USER_INFO_IDENTIFIER_RECORD) {
>>- return EFI_ACCESS_DENIED;
>>- }
>>-
>>- //
>>- // Delete the specified user information.
>>- //
>>- NextOffset = Offset + ALIGN_VARIABLE (Info->InfoSize);
>>- User->UserProfileSize -= ALIGN_VARIABLE (Info->InfoSize);
>>- if (Offset < User->UserProfileSize) {
>>- CopyMem (User->ProfileInfo + Offset, User->ProfileInfo + NextOffset,
>>User->UserProfileSize - Offset);
>>- }
>>-
>>- if (Save) {
>>- Status = SaveNvUserProfile (User, FALSE);
>>- }
>>-
>>- return Status;
>>-}
>>-
>>-
>>-/**
>>- Add or update user information.
>>-
>>- @param[in] User Point to the user profile.
>>- @param[in, out] UserInfo On entry, points to the user information to
>>modify,
>>- or NULL to add a new UserInfo.
>>- On return, points to the modified user information.
>>- @param[in] Info Points to the new user information.
>>- @param[in] InfoSize The size of Info,in bytes.
>>-
>>- @retval EFI_INVALID_PARAMETER UserInfo is NULL or Info is NULL.
>>- @retval EFI_ACCESS_DENIED The record is exclusive.
>>- @retval EFI_SUCCESS User information was successfully
>>changed/added.
>>-
>>-**/
>>-EFI_STATUS
>>-ModifyUserInfo (
>>- IN USER_PROFILE_ENTRY *User,
>>- IN OUT EFI_USER_INFO **UserInfo,
>>- IN CONST EFI_USER_INFO *Info,
>>- IN UINTN InfoSize
>>- )
>>-{
>>- EFI_STATUS Status;
>>- UINTN PayloadLen;
>>- EFI_USER_INFO *OldInfo;
>>-
>>- if ((UserInfo == NULL) || (Info == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- if (InfoSize < sizeof (EFI_USER_INFO) || InfoSize != Info->InfoSize) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- //
>>- // Check user information.
>>- //
>>- if (Info->InfoType == EFI_USER_INFO_IDENTIFIER_RECORD) {
>>- return EFI_ACCESS_DENIED;
>>- }
>>-
>>- if (!CheckUserInfo (Info)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>-
>>- if (*UserInfo == NULL) {
>>- //
>>- // Add new user information.
>>- //
>>- OldInfo = NULL;
>>- do {
>>- Status = FindUserInfoByType (User, &OldInfo, Info->InfoType);
>>- if (EFI_ERROR (Status)) {
>>- break;
>>- }
>>- ASSERT (OldInfo != NULL);
>>-
>>- if (((OldInfo->InfoAttribs & EFI_USER_INFO_EXCLUSIVE) != 0) ||
>>- ((Info->InfoAttribs & EFI_USER_INFO_EXCLUSIVE) != 0)) {
>>- //
>>- // Same type can not co-exist for exclusive information.
>>- //
>>- return EFI_ACCESS_DENIED;
>>- }
>>-
>>- //
>>- // Check whether it exists in DB.
>>- //
>>- if (Info->InfoSize != OldInfo->InfoSize) {
>>- continue;
>>- }
>>-
>>- if (!CompareGuid (&OldInfo->Credential, &Info->Credential)) {
>>- continue;
>>- }
>>-
>>- PayloadLen = Info->InfoSize - sizeof (EFI_USER_INFO);
>>- if (PayloadLen == 0) {
>>- continue;
>>- }
>>-
>>- if (CompareMem ((UINT8 *)(OldInfo + 1), (UINT8 *)(Info + 1),
>>PayloadLen) != 0) {
>>- continue;
>>- }
>>-
>>- //
>>- // Yes. The new info is as same as the one in profile.
>>- //
>>- return EFI_SUCCESS;
>>- } while (!EFI_ERROR (Status));
>>-
>>- Status = AddUserInfo (User, (UINT8 *) Info, InfoSize, UserInfo, TRUE);
>>- return Status;
>>- }
>>-
>>- //
>>- // Modify existing user information.
>>- //
>>- OldInfo = *UserInfo;
>>- if (OldInfo->InfoType != Info->InfoType) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- if (((Info->InfoAttribs & EFI_USER_INFO_EXCLUSIVE) != 0) &&
>>- (OldInfo->InfoAttribs & EFI_USER_INFO_EXCLUSIVE) == 0) {
>>- //
>>- // Try to add exclusive attrib in new info.
>>- // Check whether there is another information with the same type in
>>profile.
>>- //
>>- OldInfo = NULL;
>>- do {
>>- Status = FindUserInfoByType (User, &OldInfo, Info->InfoType);
>>- if (EFI_ERROR (Status)) {
>>- break;
>>- }
>>- if (OldInfo != *UserInfo) {
>>- //
>>- // There is another information with the same type in profile.
>>- // Therefore, can't modify existing user information to add exclusive
>>attribute.
>>- //
>>- return EFI_ACCESS_DENIED;
>>- }
>>- } while (TRUE);
>>- }
>>-
>>- Status = DelUserInfo (User, *UserInfo, FALSE);
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>-
>>- return AddUserInfo (User, (UINT8 *) Info, InfoSize, UserInfo, TRUE);
>>-}
>>-
>>-
>>-/**
>>- Delete the user profile from non-volatile memory and database.
>>-
>>- @param[in] User Points to the user profile.
>>-
>>- @retval EFI_SUCCESS Delete user from the user profile successfully.
>>- @retval Others Fail to delete user from user profile
>>-
>>-**/
>>-EFI_STATUS
>>-DelUserProfile (
>>- IN USER_PROFILE_ENTRY *User
>>- )
>>-{
>>- EFI_STATUS Status;
>>- UINTN Index;
>>-
>>- //
>>- // Check whether it is in the user profile database.
>>- //
>>- Status = FindUserProfile (&User, FALSE, &Index);
>>- if (EFI_ERROR (Status)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- //
>>- // Check whether it is the current user.
>>- //
>>- if (User == mCurrentUser) {
>>- return EFI_ACCESS_DENIED;
>>- }
>>-
>>- //
>>- // Delete user profile from the non-volatile memory.
>>- //
>>- Status = SaveNvUserProfile (mUserProfileDb-
>>>UserProfile[mUserProfileDb->UserProfileNum - 1], TRUE);
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>- mUserProfileDb->UserProfileNum--;
>>-
>>- //
>>- // Modify user profile database.
>>- //
>>- if (Index != mUserProfileDb->UserProfileNum) {
>>- mUserProfileDb->UserProfile[Index] = mUserProfileDb-
>>>UserProfile[mUserProfileDb->UserProfileNum];
>>- CopyMem (
>>- ((USER_PROFILE_ENTRY *) mUserProfileDb->UserProfile[Index])-
>>>UserVarName,
>>- User->UserVarName,
>>- sizeof (User->UserVarName)
>>- );
>>- Status = SaveNvUserProfile (mUserProfileDb->UserProfile[Index], FALSE);
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>- }
>>- //
>>- // Delete user profile information.
>>- //
>>- if (User->ProfileInfo != NULL) {
>>- FreePool (User->ProfileInfo);
>>- }
>>-
>>- FreePool (User);
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Add user profile to user profile database.
>>-
>>- @param[out] UserProfile Point to the newly added user profile.
>>- @param[in] ProfileSize The size of the user profile.
>>- @param[in] ProfileInfo Point to the user profie data.
>>- @param[in] Save If TRUE, save the new added profile to NV flash.
>>- If FALSE, don't save the profile to NV flash.
>>-
>>- @retval EFI_SUCCESS Add user profile to user profile database
>>successfully.
>>- @retval Others Fail to add user profile to user profile database.
>>-
>>-**/
>>-EFI_STATUS
>>-AddUserProfile (
>>- OUT USER_PROFILE_ENTRY **UserProfile, OPTIONAL
>>- IN UINTN ProfileSize,
>>- IN UINT8 *ProfileInfo,
>>- IN BOOLEAN Save
>>- )
>>-{
>>- EFI_STATUS Status;
>>- USER_PROFILE_ENTRY *User;
>>-
>>- //
>>- // Check the data format to be added.
>>- //
>>- if (!CheckProfileInfo (ProfileInfo, ProfileSize)) {
>>- return EFI_SECURITY_VIOLATION;
>>- }
>>-
>>- //
>>- // Create user profile entry.
>>- //
>>- User = AllocateZeroPool (sizeof (USER_PROFILE_ENTRY));
>>- if (User == NULL) {
>>- return EFI_OUT_OF_RESOURCES;
>>- }
>>- //
>>- // Add the entry to the user profile database.
>>- //
>>- if (mUserProfileDb->UserProfileNum == mUserProfileDb->MaxProfileNum)
>>{
>>- if (!ExpandUsermUserProfileDb ()) {
>>- FreePool (User);
>>- return EFI_OUT_OF_RESOURCES;
>>- }
>>- }
>>-
>>- UnicodeSPrint (
>>- User->UserVarName,
>>- sizeof (User->UserVarName),
>>- L"User%04x",
>>- mUserProfileDb->UserProfileNum
>>- );
>>- User->UserProfileSize = 0;
>>- User->MaxProfileSize = 0;
>>- User->ProfileInfo = NULL;
>>- mUserProfileDb->UserProfile[mUserProfileDb->UserProfileNum] =
>>(EFI_USER_PROFILE_HANDLE) User;
>>- mUserProfileDb->UserProfileNum++;
>>-
>>- //
>>- // Add user profile information.
>>- //
>>- Status = AddUserInfo (User, ProfileInfo, ProfileSize, NULL, Save);
>>- if (EFI_ERROR (Status)) {
>>- DelUserProfile (User);
>>- return Status;
>>- }
>>- //
>>- // Set new user profile handle.
>>- //
>>- if (UserProfile != NULL) {
>>- *UserProfile = User;
>>- }
>>-
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- This function creates a new user profile with only a new user identifier
>>- attached and returns its handle. The user profile is non-volatile, but the
>>- handle User can change across reboots.
>>-
>>- @param[out] User Handle of a new user profile.
>>-
>>- @retval EFI_SUCCESS User profile was successfully created.
>>- @retval Others Fail to create user profile
>>-
>>-**/
>>-EFI_STATUS
>>-CreateUserProfile (
>>- OUT USER_PROFILE_ENTRY **User
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_USER_INFO *UserInfo;
>>-
>>- if (User == NULL) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>- //
>>- // Generate user id information.
>>- //
>>- UserInfo = AllocateZeroPool (sizeof (EFI_USER_INFO) + sizeof
>>(EFI_USER_INFO_IDENTIFIER));
>>- if (UserInfo == NULL) {
>>- return EFI_OUT_OF_RESOURCES;
>>- }
>>-
>>- UserInfo->InfoType = EFI_USER_INFO_IDENTIFIER_RECORD;
>>- UserInfo->InfoSize = sizeof (EFI_USER_INFO) + sizeof
>>(EFI_USER_INFO_IDENTIFIER);
>>- UserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>>EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
>>- GenerateUserId ((UINT8 *) (UserInfo + 1));
>>-
>>- //
>>- // Add user profile to the user profile database.
>>- //
>>- Status = AddUserProfile (User, UserInfo->InfoSize, (UINT8 *) UserInfo,
>>TRUE);
>>- FreePool (UserInfo);
>>- return Status;
>>-}
>>-
>>-
>>-/**
>>- Add a default user profile to user profile database.
>>-
>>- @retval EFI_SUCCESS A default user profile is added successfully.
>>- @retval Others Fail to add a default user profile
>>-
>>-**/
>>-EFI_STATUS
>>-AddDefaultUserProfile (
>>- VOID
>>- )
>>-{
>>- EFI_STATUS Status;
>>- USER_PROFILE_ENTRY *User;
>>- EFI_USER_INFO *Info;
>>- EFI_USER_INFO *NewInfo;
>>- EFI_USER_INFO_CREATE_DATE CreateDate;
>>- EFI_USER_INFO_USAGE_COUNT UsageCount;
>>- EFI_USER_INFO_ACCESS_CONTROL *Access;
>>- EFI_USER_INFO_IDENTITY_POLICY *Policy;
>>-
>>- //
>>- // Create a user profile.
>>- //
>>- Status = CreateUserProfile (&User);
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>-
>>- //
>>- // Allocate a buffer to add all default user information.
>>- //
>>- Info = AllocateZeroPool (sizeof (EFI_USER_INFO) + INFO_PAYLOAD_SIZE);
>>- if (Info == NULL) {
>>- return EFI_OUT_OF_RESOURCES;
>>- }
>>-
>>- //
>>- // Add user name.
>>- //
>>- Info->InfoType = EFI_USER_INFO_NAME_RECORD;
>>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>>EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
>>- Info->InfoSize = sizeof (EFI_USER_INFO) + sizeof (mUserName);
>>- CopyMem ((UINT8 *) (Info + 1), mUserName, sizeof (mUserName));
>>- NewInfo = NULL;
>>- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
>>- if (EFI_ERROR (Status)) {
>>- goto Done;
>>- }
>>-
>>- //
>>- // Add user profile create date record.
>>- //
>>- Info->InfoType = EFI_USER_INFO_CREATE_DATE_RECORD;
>>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>>EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
>>- Info->InfoSize = sizeof (EFI_USER_INFO) + sizeof
>>(EFI_USER_INFO_CREATE_DATE);
>>- Status = gRT->GetTime (&CreateDate, NULL);
>>- if (EFI_ERROR (Status)) {
>>- goto Done;
>>- }
>>-
>>- CopyMem ((UINT8 *) (Info + 1), &CreateDate, sizeof
>>(EFI_USER_INFO_CREATE_DATE));
>>- NewInfo = NULL;
>>- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
>>- if (EFI_ERROR (Status)) {
>>- goto Done;
>>- }
>>-
>>- //
>>- // Add user profile usage count record.
>>- //
>>- Info->InfoType = EFI_USER_INFO_USAGE_COUNT_RECORD;
>>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>>EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
>>- Info->InfoSize = sizeof (EFI_USER_INFO) + sizeof
>>(EFI_USER_INFO_USAGE_COUNT);
>>- UsageCount = 0;
>>- CopyMem ((UINT8 *) (Info + 1), &UsageCount, sizeof
>>(EFI_USER_INFO_USAGE_COUNT));
>>- NewInfo = NULL;
>>- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
>>- if (EFI_ERROR (Status)) {
>>- goto Done;
>>- }
>>-
>>- //
>>- // Add user access right.
>>- //
>>- Info->InfoType = EFI_USER_INFO_ACCESS_POLICY_RECORD;
>>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>>EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
>>- Access = (EFI_USER_INFO_ACCESS_CONTROL *) (Info + 1);
>>- Access->Type = EFI_USER_INFO_ACCESS_MANAGE;
>>- Access->Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL);
>>- Info->InfoSize = sizeof (EFI_USER_INFO) + Access->Size;
>>- NewInfo = NULL;
>>- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
>>- if (EFI_ERROR (Status)) {
>>- goto Done;
>>- }
>>-
>>- //
>>- // Add user identity policy.
>>- //
>>- Info->InfoType = EFI_USER_INFO_IDENTITY_POLICY_RECORD;
>>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>>EFI_USER_INFO_PRIVATE | EFI_USER_INFO_EXCLUSIVE;
>>- Policy = (EFI_USER_INFO_IDENTITY_POLICY *) (Info + 1);
>>- Policy->Type = EFI_USER_INFO_IDENTITY_TRUE;
>>- Policy->Length = sizeof (EFI_USER_INFO_IDENTITY_POLICY);
>>- Info->InfoSize = sizeof (EFI_USER_INFO) + Policy->Length;
>>- NewInfo = NULL;
>>- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
>>-
>>-Done:
>>- FreePool (Info);
>>- return Status;
>>-}
>>-
>>-
>>-/**
>>- Publish current user information into EFI System Configuration Table.
>>-
>>- By UEFI spec, the User Identity Manager will publish the current user
>profile
>>- into the EFI System Configuration Table. Currently, only the user identifier
>>and user
>>- name are published.
>>-
>>- @retval EFI_SUCCESS Current user information is published successfully.
>>- @retval Others Fail to publish current user information
>>-
>>-**/
>>-EFI_STATUS
>>-PublishUserTable (
>>- VOID
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_CONFIGURATION_TABLE *EfiConfigurationTable;
>>- EFI_USER_INFO_TABLE *UserInfoTable;
>>- EFI_USER_INFO *IdInfo;
>>- EFI_USER_INFO *NameInfo;
>>-
>>- Status = EfiGetSystemConfigurationTable (
>>- &gEfiUserManagerProtocolGuid,
>>- (VOID **) &EfiConfigurationTable
>>- );
>>- if (!EFI_ERROR (Status)) {
>>- //
>>- // The table existed!
>>- //
>>- return EFI_SUCCESS;
>>- }
>>-
>>- //
>>- // Get user ID information.
>>- //
>>- IdInfo = NULL;
>>- Status = FindUserInfoByType (mCurrentUser, &IdInfo,
>>EFI_USER_INFO_IDENTIFIER_RECORD);
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>-
>>- }
>>- //
>>- // Get user name information.
>>- //
>>- NameInfo = NULL;
>>- Status = FindUserInfoByType (mCurrentUser, &NameInfo,
>>EFI_USER_INFO_NAME_RECORD);
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>-
>>- //
>>- // Allocate a buffer for user information table.
>>- //
>>- UserInfoTable = (EFI_USER_INFO_TABLE *) AllocateRuntimePool (
>>- sizeof (EFI_USER_INFO_TABLE) +
>>- IdInfo->InfoSize +
>>- NameInfo->InfoSize
>>- );
>>- if (UserInfoTable == NULL) {
>>- Status = EFI_OUT_OF_RESOURCES;
>>- return Status;
>>- }
>>-
>>- UserInfoTable->Size = sizeof (EFI_USER_INFO_TABLE);
>>-
>>- //
>>- // Append the user information to the user info table
>>- //
>>- CopyMem ((UINT8 *) UserInfoTable + UserInfoTable->Size, (UINT8 *)
>IdInfo,
>>IdInfo->InfoSize);
>>- UserInfoTable->Size += IdInfo->InfoSize;
>>-
>>- CopyMem ((UINT8 *) UserInfoTable + UserInfoTable->Size, (UINT8 *)
>>NameInfo, NameInfo->InfoSize);
>>- UserInfoTable->Size += NameInfo->InfoSize;
>>-
>>- Status = gBS->InstallConfigurationTable (&gEfiUserManagerProtocolGuid,
>>(VOID *) UserInfoTable);
>>- return Status;
>>-}
>>-
>>-
>>-/**
>>- Get the user's identity type.
>>-
>>- The identify manager only supports the identity policy in which the
>>credential
>>- provider handles are connected by the operator 'AND' or 'OR'.
>>-
>>-
>>- @param[in] User Handle of a user profile.
>>- @param[out] PolicyType Point to the identity type.
>>-
>>- @retval EFI_SUCCESS Get user's identity type successfully.
>>- @retval Others Fail to get user's identity type.
>>-
>>-**/
>>-EFI_STATUS
>>-GetIdentifyType (
>>- IN EFI_USER_PROFILE_HANDLE User,
>>- OUT UINT8 *PolicyType
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_USER_INFO *IdentifyInfo;
>>- UINTN TotalLen;
>>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>>-
>>- //
>>- // Get user identify policy information.
>>- //
>>- IdentifyInfo = NULL;
>>- Status = FindUserInfoByType (User, &IdentifyInfo,
>>EFI_USER_INFO_IDENTITY_POLICY_RECORD);
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>- ASSERT (IdentifyInfo != NULL);
>>-
>>- //
>>- // Search the user identify policy according to type.
>>- //
>>- TotalLen = 0;
>>- *PolicyType = EFI_USER_INFO_IDENTITY_FALSE;
>>- while (TotalLen < IdentifyInfo->InfoSize - sizeof (EFI_USER_INFO)) {
>>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) ((UINT8 *) (IdentifyInfo
>+
>>1) + TotalLen);
>>- if (Identity->Type == EFI_USER_INFO_IDENTITY_AND) {
>>- *PolicyType = EFI_USER_INFO_IDENTITY_AND;
>>- break;
>>- }
>>-
>>- if (Identity->Type == EFI_USER_INFO_IDENTITY_OR) {
>>- *PolicyType = EFI_USER_INFO_IDENTITY_OR;
>>- break;
>>- }
>>- TotalLen += Identity->Length;
>>- }
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Identify the User by the specfied provider.
>>-
>>- @param[in] User Handle of a user profile.
>>- @param[in] Provider Points to the identifier of credential provider.
>>-
>>- @retval EFI_INVALID_PARAMETER Provider is NULL.
>>- @retval EFI_NOT_FOUND Fail to identify the specified user.
>>- @retval EFI_SUCCESS User is identified successfully.
>>-
>>-**/
>>-EFI_STATUS
>>-IdentifyByProviderId (
>>- IN EFI_USER_PROFILE_HANDLE User,
>>- IN EFI_GUID *Provider
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_USER_INFO_IDENTIFIER UserId;
>>- UINTN Index;
>>- EFI_CREDENTIAL_LOGON_FLAGS AutoLogon;
>>- EFI_HII_HANDLE HiiHandle;
>>- EFI_GUID FormSetId;
>>- EFI_FORM_ID FormId;
>>- EFI_USER_CREDENTIAL2_PROTOCOL *UserCredential;
>>-
>>- if (Provider == NULL) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- //
>>- // Check the user ID identified by the specified credential provider.
>>- //
>>- for (Index = 0; Index < mProviderDb->Count; Index++) {
>>- //
>>- // Check credential provider class.
>>- //
>>- UserCredential = mProviderDb->Provider[Index];
>>- if (CompareGuid (&UserCredential->Identifier, Provider)) {
>>- Status = UserCredential->Select (UserCredential, &AutoLogon);
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>-
>>- if ((AutoLogon & EFI_CREDENTIAL_LOGON_FLAG_AUTO) == 0) {
>>- //
>>- // Get credential provider form.
>>- //
>>- Status = UserCredential->Form (
>>- UserCredential,
>>- &HiiHandle,
>>- &FormSetId,
>>- &FormId
>>- );
>>- if (!EFI_ERROR (Status)) {
>>- //
>>- // Send form to get user input.
>>- //
>>- Status = mCallbackInfo->FormBrowser2->SendForm (
>>- mCallbackInfo->FormBrowser2,
>>- &HiiHandle,
>>- 1,
>>- &FormSetId,
>>- FormId,
>>- NULL,
>>- NULL
>>- );
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>- }
>>- }
>>-
>>- Status = UserCredential->User (UserCredential, User, &UserId);
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>-
>>- Status = UserCredential->Deselect (UserCredential);
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>-
>>- return EFI_SUCCESS;
>>- }
>>- }
>>-
>>- return EFI_NOT_FOUND;
>>-}
>>-
>>-
>>-/**
>>- Update user information when user is logon on successfully.
>>-
>>- @param[in] User Points to user profile.
>>-
>>- @retval EFI_SUCCESS Update user information successfully.
>>- @retval Others Fail to update user information.
>>-
>>-**/
>>-EFI_STATUS
>>-UpdateUserInfo (
>>- IN USER_PROFILE_ENTRY *User
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_USER_INFO *Info;
>>- EFI_USER_INFO *NewInfo;
>>- EFI_USER_INFO_CREATE_DATE Date;
>>- EFI_USER_INFO_USAGE_COUNT UsageCount;
>>- UINTN InfoLen;
>>-
>>- //
>>- // Allocate a buffer to update user's date record and usage record.
>>- //
>>- InfoLen = MAX (sizeof (EFI_USER_INFO_CREATE_DATE), sizeof
>>(EFI_USER_INFO_USAGE_COUNT));
>>- Info = AllocateZeroPool (sizeof (EFI_USER_INFO) + InfoLen);
>>- if (Info == NULL) {
>>- return EFI_OUT_OF_RESOURCES;
>>- }
>>-
>>- //
>>- // Check create date record.
>>- //
>>- NewInfo = NULL;
>>- Status = FindUserInfoByType (User, &NewInfo,
>>EFI_USER_INFO_CREATE_DATE_RECORD);
>>- if (Status == EFI_NOT_FOUND) {
>>- Info->InfoType = EFI_USER_INFO_CREATE_DATE_RECORD;
>>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>>EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
>>- Info->InfoSize = sizeof (EFI_USER_INFO) + sizeof
>>(EFI_USER_INFO_CREATE_DATE);
>>- Status = gRT->GetTime (&Date, NULL);
>>- if (EFI_ERROR (Status)) {
>>- FreePool (Info);
>>- return Status;
>>- }
>>-
>>- CopyMem ((UINT8 *) (Info + 1), &Date, sizeof
>>(EFI_USER_INFO_CREATE_DATE));
>>- NewInfo = NULL;
>>- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
>>- if (EFI_ERROR (Status)) {
>>- FreePool (Info);
>>- return Status;
>>- }
>>- }
>>-
>>- //
>>- // Update usage date record.
>>- //
>>- NewInfo = NULL;
>>- Status = FindUserInfoByType (User, &NewInfo,
>>EFI_USER_INFO_USAGE_DATE_RECORD);
>>- if ((Status == EFI_SUCCESS) || (Status == EFI_NOT_FOUND)) {
>>- Info->InfoType = EFI_USER_INFO_USAGE_DATE_RECORD;
>>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>>EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
>>- Info->InfoSize = sizeof (EFI_USER_INFO) + sizeof
>>(EFI_USER_INFO_USAGE_DATE);
>>- Status = gRT->GetTime (&Date, NULL);
>>- if (EFI_ERROR (Status)) {
>>- FreePool (Info);
>>- return Status;
>>- }
>>-
>>- CopyMem ((UINT8 *) (Info + 1), &Date, sizeof
>>(EFI_USER_INFO_USAGE_DATE));
>>- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
>>- if (EFI_ERROR (Status)) {
>>- FreePool (Info);
>>- return Status;
>>- }
>>- }
>>-
>>- //
>>- // Update usage count record.
>>- //
>>- UsageCount = 0;
>>- NewInfo = NULL;
>>- Status = FindUserInfoByType (User, &NewInfo,
>>EFI_USER_INFO_USAGE_COUNT_RECORD);
>>- //
>>- // Get usage count.
>>- //
>>- if (Status == EFI_SUCCESS) {
>>- CopyMem (&UsageCount, (UINT8 *) (NewInfo + 1), sizeof
>>(EFI_USER_INFO_USAGE_COUNT));
>>- }
>>-
>>- UsageCount++;
>>- if ((Status == EFI_SUCCESS) || (Status == EFI_NOT_FOUND)) {
>>- Info->InfoType = EFI_USER_INFO_USAGE_COUNT_RECORD;
>>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>>EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
>>- Info->InfoSize = sizeof (EFI_USER_INFO) + sizeof
>>(EFI_USER_INFO_USAGE_COUNT);
>>- CopyMem ((UINT8 *) (Info + 1), &UsageCount, sizeof
>>(EFI_USER_INFO_USAGE_COUNT));
>>- Status = ModifyUserInfo (User, &NewInfo, Info, Info->InfoSize);
>>- if (EFI_ERROR (Status)) {
>>- FreePool (Info);
>>- return Status;
>>- }
>>- }
>>-
>>- FreePool (Info);
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Add a credenetial provider item in form.
>>-
>>- @param[in] ProviderGuid Points to the identifir of credential provider.
>>- @param[in] OpCodeHandle Points to container for dynamic created
>>opcodes.
>>-
>>-**/
>>-VOID
>>-AddProviderSelection (
>>- IN EFI_GUID *ProviderGuid,
>>- IN VOID *OpCodeHandle
>>- )
>>-{
>>- EFI_HII_HANDLE HiiHandle;
>>- EFI_STRING_ID ProvID;
>>- CHAR16 *ProvStr;
>>- UINTN Index;
>>- EFI_USER_CREDENTIAL2_PROTOCOL *UserCredential;
>>-
>>- for (Index = 0; Index < mProviderDb->Count; Index++) {
>>- UserCredential = mProviderDb->Provider[Index];
>>- if (CompareGuid (&UserCredential->Identifier, ProviderGuid)) {
>>- //
>>- // Add credential provider selection.
>>- //
>>- UserCredential->Title (UserCredential, &HiiHandle, &ProvID);
>>- ProvStr = HiiGetString (HiiHandle, ProvID, NULL);
>>- if (ProvStr == NULL) {
>>- continue ;
>>- }
>>- ProvID = HiiSetString (mCallbackInfo->HiiHandle, 0, ProvStr, NULL);
>>- FreePool (ProvStr);
>>- HiiCreateActionOpCode (
>>- OpCodeHandle, // Container for dynamic created opcodes
>>- (EFI_QUESTION_ID)(LABEL_PROVIDER_NAME + Index), // Question ID
>>- ProvID, // Prompt text
>>- STRING_TOKEN (STR_NULL_STRING), // Help text
>>- EFI_IFR_FLAG_CALLBACK, // Question flag
>>- 0 // Action String ID
>>- );
>>- break;
>>- }
>>- }
>>-}
>>-
>>-
>>-/**
>>- Add a username item in form.
>>-
>>- @param[in] Index The index of the user in the user name list.
>>- @param[in] User Points to the user profile whose username is
>added.
>>- @param[in] OpCodeHandle Points to container for dynamic created
>>opcodes.
>>-
>>- @retval EFI_SUCCESS Add a username successfully.
>>- @retval Others Fail to add a username.
>>-
>>-**/
>>-EFI_STATUS
>>-AddUserSelection (
>>- IN UINT16 Index,
>>- IN USER_PROFILE_ENTRY *User,
>>- IN VOID *OpCodeHandle
>>- )
>>-{
>>- EFI_STRING_ID UserName;
>>- EFI_STATUS Status;
>>- EFI_USER_INFO *UserInfo;
>>-
>>- UserInfo = NULL;
>>- Status = FindUserInfoByType (User, &UserInfo,
>>EFI_USER_INFO_NAME_RECORD);
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>-
>>- //
>>- // Add user name selection.
>>- //
>>- UserName = HiiSetString (mCallbackInfo->HiiHandle, 0, (EFI_STRING)
>>(UserInfo + 1), NULL);
>>- if (UserName == 0) {
>>- return EFI_OUT_OF_RESOURCES;
>>- }
>>-
>>- HiiCreateGotoOpCode (
>>- OpCodeHandle, // Container for dynamic created opcodes
>>- FORMID_PROVIDER_FORM, // Target Form ID
>>- UserName, // Prompt text
>>- STRING_TOKEN (STR_NULL_STRING), // Help text
>>- EFI_IFR_FLAG_CALLBACK, // Question flag
>>- (UINT16) Index // Question ID
>>- );
>>-
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Identify the user whose identity policy does not contain the operator 'OR'.
>>-
>>- @param[in] User Points to the user profile.
>>-
>>- @retval EFI_SUCCESS The specified user is identified successfully.
>>- @retval Others Fail to identify the user.
>>-
>>-**/
>>-EFI_STATUS
>>-IdentifyAndTypeUser (
>>- IN USER_PROFILE_ENTRY *User
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_USER_INFO *IdentifyInfo;
>>- BOOLEAN Success;
>>- UINTN TotalLen;
>>- UINTN ValueLen;
>>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>>-
>>- //
>>- // Get user identify policy information.
>>- //
>>- IdentifyInfo = NULL;
>>- Status = FindUserInfoByType (User, &IdentifyInfo,
>>EFI_USER_INFO_IDENTITY_POLICY_RECORD);
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>- ASSERT (IdentifyInfo != NULL);
>>-
>>- //
>>- // Check each part of identification policy expression.
>>- //
>>- Success = FALSE;
>>- TotalLen = 0;
>>- while (TotalLen < IdentifyInfo->InfoSize - sizeof (EFI_USER_INFO)) {
>>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) ((UINT8 *) (IdentifyInfo
>+
>>1) + TotalLen);
>>- ValueLen = Identity->Length - sizeof (EFI_USER_INFO_IDENTITY_POLICY);
>>- switch (Identity->Type) {
>>-
>>- case EFI_USER_INFO_IDENTITY_FALSE:
>>- //
>>- // Check False option.
>>- //
>>- Success = FALSE;
>>- break;
>>-
>>- case EFI_USER_INFO_IDENTITY_TRUE:
>>- //
>>- // Check True option.
>>- //
>>- Success = TRUE;
>>- break;
>>-
>>- case EFI_USER_INFO_IDENTITY_NOT:
>>- //
>>- // Check negative operation.
>>- //
>>- break;
>>-
>>- case EFI_USER_INFO_IDENTITY_AND:
>>- //
>>- // Check and operation.
>>- //
>>- if (!Success) {
>>- return EFI_NOT_READY;
>>- }
>>-
>>- Success = FALSE;
>>- break;
>>-
>>- case EFI_USER_INFO_IDENTITY_OR:
>>- //
>>- // Check or operation.
>>- //
>>- if (Success) {
>>- return EFI_SUCCESS;
>>- }
>>- break;
>>-
>>- case EFI_USER_INFO_IDENTITY_CREDENTIAL_TYPE:
>>- //
>>- // Check credential provider by type.
>>- //
>>- break;
>>-
>>- case EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER:
>>- //
>>- // Check credential provider by ID.
>>- //
>>- if (ValueLen != sizeof (EFI_GUID)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- Status = IdentifyByProviderId (User, (EFI_GUID *) (Identity + 1));
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>-
>>- Success = TRUE;
>>- break;
>>-
>>- default:
>>- return EFI_INVALID_PARAMETER;
>>- break;
>>- }
>>-
>>- TotalLen += Identity->Length;
>>- }
>>-
>>- if (TotalLen != IdentifyInfo->InfoSize - sizeof (EFI_USER_INFO)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- if (!Success) {
>>- return EFI_NOT_READY;
>>- }
>>-
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Identify the user whose identity policy does not contain the operator 'AND'.
>>-
>>- @param[in] User Points to the user profile.
>>-
>>- @retval EFI_SUCCESS The specified user is identified successfully.
>>- @retval Others Fail to identify the user.
>>-
>>-**/
>>-EFI_STATUS
>>-IdentifyOrTypeUser (
>>- IN USER_PROFILE_ENTRY *User
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_USER_INFO *IdentifyInfo;
>>- UINTN TotalLen;
>>- UINTN ValueLen;
>>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>>- VOID *StartOpCodeHandle;
>>- VOID *EndOpCodeHandle;
>>- EFI_IFR_GUID_LABEL *StartLabel;
>>- EFI_IFR_GUID_LABEL *EndLabel;
>>-
>>- //
>>- // Get user identify policy information.
>>- //
>>- IdentifyInfo = NULL;
>>- Status = FindUserInfoByType (User, &IdentifyInfo,
>>EFI_USER_INFO_IDENTITY_POLICY_RECORD);
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>- ASSERT (IdentifyInfo != NULL);
>>-
>>- //
>>- // Initialize the container for dynamic opcodes.
>>- //
>>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>>- ASSERT (StartOpCodeHandle != NULL);
>>-
>>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>>- ASSERT (EndOpCodeHandle != NULL);
>>-
>>- //
>>- // Create Hii Extend Label OpCode.
>>- //
>>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>>- StartOpCodeHandle,
>>- &gEfiIfrTianoGuid,
>>- NULL,
>>- sizeof (EFI_IFR_GUID_LABEL)
>>- );
>>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>>- StartLabel->Number = LABEL_PROVIDER_NAME;
>>-
>>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>>- EndOpCodeHandle,
>>- &gEfiIfrTianoGuid,
>>- NULL,
>>- sizeof (EFI_IFR_GUID_LABEL)
>>- );
>>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>>- EndLabel->Number = LABEL_END;
>>-
>>- //
>>- // Add the providers that exists in the user's policy.
>>- //
>>- TotalLen = 0;
>>- while (TotalLen < IdentifyInfo->InfoSize - sizeof (EFI_USER_INFO)) {
>>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) ((UINT8 *) (IdentifyInfo
>+
>>1) + TotalLen);
>>- ValueLen = Identity->Length - sizeof (EFI_USER_INFO_IDENTITY_POLICY);
>>- if (Identity->Type == EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER)
>{
>>- AddProviderSelection ((EFI_GUID *) (Identity + 1), StartOpCodeHandle);
>>- }
>>-
>>- TotalLen += Identity->Length;
>>- }
>>-
>>- HiiUpdateForm (
>>- mCallbackInfo->HiiHandle, // HII handle
>>- &gUserIdentifyManagerGuid,// Formset GUID
>>- FORMID_PROVIDER_FORM, // Form ID
>>- StartOpCodeHandle, // Label for where to insert opcodes
>>- EndOpCodeHandle // Replace data
>>- );
>>-
>>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>>-
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- This function processes the results of changes in configuration.
>>-
>>- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
>>- @param Action Specifies the type of action taken by the browser.
>>- @param QuestionId A unique value which is sent to the original
>>- exporting driver so that it can identify the type
>>- of data to expect.
>>- @param Type The type of value for the question.
>>- @param Value A pointer to the data being sent to the original
>>- exporting driver.
>>- @param ActionRequest On return, points to the action requested by
>>the
>>- callback function.
>>-
>>- @retval EFI_SUCCESS The callback successfully handled the action.
>>- @retval Others Fail to handle the action.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-UserIdentifyManagerCallback (
>>- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
>>- IN EFI_BROWSER_ACTION Action,
>>- IN EFI_QUESTION_ID QuestionId,
>>- IN UINT8 Type,
>>- IN EFI_IFR_TYPE_VALUE *Value,
>>- OUT EFI_BROWSER_ACTION_REQUEST *ActionRequest
>>- )
>>-{
>>- EFI_STATUS Status;
>>- USER_PROFILE_ENTRY *User;
>>- UINT8 PolicyType;
>>- UINT16 Index;
>>- VOID *StartOpCodeHandle;
>>- VOID *EndOpCodeHandle;
>>- EFI_IFR_GUID_LABEL *StartLabel;
>>- EFI_IFR_GUID_LABEL *EndLabel;
>>-
>>- Status = EFI_SUCCESS;
>>-
>>- switch (Action) {
>>- case EFI_BROWSER_ACTION_FORM_OPEN:
>>- {
>>- //
>>- // Update user Form when user Form is opened.
>>- // This will be done only in FORM_OPEN CallBack of question with
>>FORM_OPEN_QUESTION_ID from user Form.
>>- //
>>- if (QuestionId != FORM_OPEN_QUESTION_ID) {
>>- return EFI_SUCCESS;
>>- }
>>-
>>- //
>>- // Initialize the container for dynamic opcodes.
>>- //
>>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>>- ASSERT (StartOpCodeHandle != NULL);
>>-
>>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>>- ASSERT (EndOpCodeHandle != NULL);
>>-
>>- //
>>- // Create Hii Extend Label OpCode.
>>- //
>>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>>- StartOpCodeHandle,
>>- &gEfiIfrTianoGuid,
>>- NULL,
>>- sizeof (EFI_IFR_GUID_LABEL)
>>- );
>>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>>- StartLabel->Number = LABEL_USER_NAME;
>>-
>>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>>- EndOpCodeHandle,
>>- &gEfiIfrTianoGuid,
>>- NULL,
>>- sizeof (EFI_IFR_GUID_LABEL)
>>- );
>>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>>- EndLabel->Number = LABEL_END;
>>-
>>- //
>>- // Add all the user profile in the user profile database.
>>- //
>>- for (Index = 0; Index < mUserProfileDb->UserProfileNum; Index++) {
>>- User = (USER_PROFILE_ENTRY *) mUserProfileDb->UserProfile[Index];
>>- AddUserSelection ((UINT16)(LABEL_USER_NAME + Index), User,
>>StartOpCodeHandle);
>>- }
>>-
>>- HiiUpdateForm (
>>- mCallbackInfo->HiiHandle, // HII handle
>>- &gUserIdentifyManagerGuid,// Formset GUID
>>- FORMID_USER_FORM, // Form ID
>>- StartOpCodeHandle, // Label for where to insert opcodes
>>- EndOpCodeHandle // Replace data
>>- );
>>-
>>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>>-
>>- return EFI_SUCCESS;
>>- }
>>- break;
>>-
>>- case EFI_BROWSER_ACTION_FORM_CLOSE:
>>- Status = EFI_SUCCESS;
>>- break;
>>-
>>- case EFI_BROWSER_ACTION_CHANGED:
>>- if (QuestionId >= LABEL_PROVIDER_NAME) {
>>- //
>>- // QuestionId comes from the second Form (Select a Credential Provider
>if
>>identity
>>- // policy is OR type). Identify the user by the selected provider.
>>- //
>>- Status = IdentifyByProviderId (mCurrentUser, &mProviderDb-
>>>Provider[QuestionId & 0xFFF]->Identifier);
>>- if (Status == EFI_SUCCESS) {
>>- mIdentified = TRUE;
>>- *ActionRequest = EFI_BROWSER_ACTION_REQUEST_EXIT;
>>- }
>>- return EFI_SUCCESS;
>>- }
>>- break;
>>-
>>- case EFI_BROWSER_ACTION_CHANGING:
>>- //
>>- // QuestionId comes from the first Form (Select a user to identify).
>>- //
>>- if (QuestionId >= LABEL_PROVIDER_NAME) {
>>- return EFI_SUCCESS;
>>- }
>>-
>>- User = (USER_PROFILE_ENTRY *) mUserProfileDb-
>>>UserProfile[QuestionId & 0xFFF];
>>- Status = GetIdentifyType (User, &PolicyType);
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>-
>>- if (PolicyType == EFI_USER_INFO_IDENTITY_OR) {
>>- //
>>- // Identify the user by "OR" logical.
>>- //
>>- Status = IdentifyOrTypeUser (User);
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>-
>>- mCurrentUser = (EFI_USER_PROFILE_HANDLE) User;
>>- } else {
>>- //
>>- // Identify the user by "AND" logical.
>>- //
>>- Status = IdentifyAndTypeUser (User);
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>-
>>- mCurrentUser = (EFI_USER_PROFILE_HANDLE) User;
>>- mIdentified = TRUE;
>>- if (Type == EFI_IFR_TYPE_REF) {
>>- Value->ref.FormId = FORMID_INVALID_FORM;
>>- }
>>- }
>>- break;
>>-
>>- default:
>>- //
>>- // All other action return unsupported.
>>- //
>>- Status = EFI_UNSUPPORTED;
>>- break;
>>- }
>>-
>>-
>>- return Status;
>>-}
>>-
>>-
>>-/**
>>- This function construct user profile database from user data saved in the
>>Flash.
>>- If no user is found in Flash, add one default user "administrator" in the user
>>- profile database.
>>-
>>- @retval EFI_SUCCESS Init user profile database successfully.
>>- @retval Others Fail to init user profile database.
>>-
>>-**/
>>-EFI_STATUS
>>-InitUserProfileDb (
>>- VOID
>>- )
>>-{
>>- EFI_STATUS Status;
>>- UINT8 *VarData;
>>- UINTN VarSize;
>>- UINTN CurVarSize;
>>- CHAR16 VarName[10];
>>- UINTN Index;
>>- UINT32 VarAttr;
>>-
>>- if (mUserProfileDb != NULL) {
>>- //
>>- // The user profiles had been already initialized.
>>- //
>>- return EFI_SUCCESS;
>>- }
>>-
>>- //
>>- // Init user profile database structure.
>>- //
>>- if (!ExpandUsermUserProfileDb ()) {
>>- return EFI_OUT_OF_RESOURCES;
>>- }
>>-
>>- CurVarSize = DEFAULT_PROFILE_SIZE;
>>- VarData = AllocateZeroPool (CurVarSize);
>>- if (VarData == NULL) {
>>- return EFI_OUT_OF_RESOURCES;
>>- }
>>-
>>- //
>>- // Get all user proifle entries.
>>- //
>>- Index = 0;
>>- while (TRUE) {
>>- //
>>- // Get variable name.
>>- //
>>- UnicodeSPrint (
>>- VarName,
>>- sizeof (VarName),
>>- L"User%04x",
>>- Index
>>- );
>>- Index++;
>>-
>>- //
>>- // Get variable value.
>>- //
>>- VarSize = CurVarSize;
>>- Status = gRT->GetVariable (VarName, &gUserIdentifyManagerGuid,
>>&VarAttr, &VarSize, VarData);
>>- if (Status == EFI_BUFFER_TOO_SMALL) {
>>- FreePool (VarData);
>>- VarData = AllocatePool (VarSize);
>>- if (VarData == NULL) {
>>- Status = EFI_OUT_OF_RESOURCES;
>>- break;
>>- }
>>-
>>- CurVarSize = VarSize;
>>- Status = gRT->GetVariable (VarName, &gUserIdentifyManagerGuid,
>>&VarAttr, &VarSize, VarData);
>>- }
>>-
>>- if (EFI_ERROR (Status)) {
>>- if (Status == EFI_NOT_FOUND) {
>>- Status = EFI_SUCCESS;
>>- }
>>- break;
>>- }
>>-
>>- //
>>- // Check variable attributes.
>>- //
>>- if (VarAttr != (EFI_VARIABLE_NON_VOLATILE |
>>EFI_VARIABLE_BOOTSERVICE_ACCESS)) {
>>- Status = gRT->SetVariable (VarName, &gUserIdentifyManagerGuid,
>>VarAttr, 0, NULL);
>>- continue;
>>- }
>>-
>>- //
>>- // Add user profile to the user profile database.
>>- //
>>- Status = AddUserProfile (NULL, VarSize, VarData, FALSE);
>>- if (EFI_ERROR (Status)) {
>>- if (Status == EFI_SECURITY_VIOLATION) {
>>- //
>>- // Delete invalid user profile
>>- //
>>- gRT->SetVariable (VarName, &gUserIdentifyManagerGuid, VarAttr, 0,
>>NULL);
>>- } else if (Status == EFI_OUT_OF_RESOURCES) {
>>- break;
>>- }
>>- } else {
>>- //
>>- // Delete and save the profile again if some invalid profiles are deleted.
>>- //
>>- if (mUserProfileDb->UserProfileNum < Index) {
>>- gRT->SetVariable (VarName, &gUserIdentifyManagerGuid, VarAttr, 0,
>>NULL);
>>- SaveNvUserProfile (mUserProfileDb->UserProfile[mUserProfileDb-
>>>UserProfileNum - 1], FALSE);
>>- }
>>- }
>>- }
>>-
>>- if (VarData != NULL) {
>>- FreePool (VarData);
>>- }
>>-
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>-
>>- //
>>- // Check whether the user profile database is empty.
>>- //
>>- if (mUserProfileDb->UserProfileNum == 0) {
>>- Status = AddDefaultUserProfile ();
>>- }
>>-
>>- return Status;
>>-}
>>-
>>-
>>-/**
>>- This function collects all the credential providers and saves to mProviderDb.
>>-
>>- @retval EFI_SUCCESS Collect credential providers successfully.
>>- @retval Others Fail to collect credential providers.
>>-
>>-**/
>>-EFI_STATUS
>>-InitProviderInfo (
>>- VOID
>>- )
>>-{
>>- EFI_STATUS Status;
>>- UINTN HandleCount;
>>- EFI_HANDLE *HandleBuf;
>>- UINTN Index;
>>-
>>- if (mProviderDb != NULL) {
>>- //
>>- // The credential providers had been collected before.
>>- //
>>- return EFI_SUCCESS;
>>- }
>>-
>>- //
>>- // Try to find all the user credential provider driver.
>>- //
>>- HandleCount = 0;
>>- HandleBuf = NULL;
>>- Status = gBS->LocateHandleBuffer (
>>- ByProtocol,
>>- &gEfiUserCredential2ProtocolGuid,
>>- NULL,
>>- &HandleCount,
>>- &HandleBuf
>>- );
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>-
>>- //
>>- // Get provider infomation.
>>- //
>>- mProviderDb = AllocateZeroPool (
>>- sizeof (CREDENTIAL_PROVIDER_INFO) -
>>- sizeof (EFI_USER_CREDENTIAL2_PROTOCOL *) +
>>- HandleCount * sizeof (EFI_USER_CREDENTIAL2_PROTOCOL *)
>>- );
>>- if (mProviderDb == NULL) {
>>- FreePool (HandleBuf);
>>- return EFI_OUT_OF_RESOURCES;
>>- }
>>-
>>- mProviderDb->Count = HandleCount;
>>- for (Index = 0; Index < HandleCount; Index++) {
>>- Status = gBS->HandleProtocol (
>>- HandleBuf[Index],
>>- &gEfiUserCredential2ProtocolGuid,
>>- (VOID **) &mProviderDb->Provider[Index]
>>- );
>>- if (EFI_ERROR (Status)) {
>>- FreePool (HandleBuf);
>>- FreePool (mProviderDb);
>>- mProviderDb = NULL;
>>- return Status;
>>- }
>>- }
>>-
>>- FreePool (HandleBuf);
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- This function allows a caller to extract the current configuration for one
>>- or more named elements from the target driver.
>>-
>>-
>>- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
>>- @param Request A null-terminated Unicode string in <ConfigRequest>
>>format.
>>- @param Progress On return, points to a character in the Request string.
>>- Points to the string's null terminator if request was successful.
>>- Points to the most recent '&' before the first failing name/value
>>- pair (or the beginning of the string if the failure is in the
>>- first name/value pair) if the request was not successful.
>>- @param Results A null-terminated Unicode string in <ConfigAltResp>
>>format which
>>- has all values filled in for the names in the Request string.
>>- String to be allocated by the called function.
>>-
>>- @retval EFI_SUCCESS The Results is filled with the requested values.
>>- @retval EFI_OUT_OF_RESOURCES Not enough memory to store the
>>results.
>>- @retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown
>>name.
>>- @retval EFI_NOT_FOUND Routing data doesn't match any storage in
>>this driver.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-FakeExtractConfig (
>>- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
>>- IN CONST EFI_STRING Request,
>>- OUT EFI_STRING *Progress,
>>- OUT EFI_STRING *Results
>>- )
>>-{
>>- if (Progress == NULL || Results == NULL) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>- *Progress = Request;
>>- return EFI_NOT_FOUND;
>>-}
>>-
>>-/**
>>- This function processes the results of changes in configuration.
>>-
>>-
>>- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
>>- @param Configuration A null-terminated Unicode string in <ConfigResp>
>>format.
>>- @param Progress A pointer to a string filled in with the offset of the
>>most
>>- recent '&' before the first failing name/value pair (or the
>>- beginning of the string if the failure is in the first
>>- name/value pair) or the terminating NULL if all was successful.
>>-
>>- @retval EFI_SUCCESS The Results is processed successfully.
>>- @retval EFI_INVALID_PARAMETER Configuration is NULL.
>>- @retval EFI_NOT_FOUND Routing data doesn't match any storage in
>>this driver.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-FakeRouteConfig (
>>- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
>>- IN CONST EFI_STRING Configuration,
>>- OUT EFI_STRING *Progress
>>- )
>>-{
>>- if (Configuration == NULL || Progress == NULL) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- *Progress = Configuration;
>>-
>>- return EFI_NOT_FOUND;
>>-}
>>-
>>-
>>-/**
>>- This function initialize the data mainly used in form browser.
>>-
>>- @retval EFI_SUCCESS Initialize form data successfully.
>>- @retval Others Fail to Initialize form data.
>>-
>>-**/
>>-EFI_STATUS
>>-InitFormBrowser (
>>- VOID
>>- )
>>-{
>>- EFI_STATUS Status;
>>- USER_MANAGER_CALLBACK_INFO *CallbackInfo;
>>- EFI_HII_DATABASE_PROTOCOL *HiiDatabase;
>>- EFI_HII_STRING_PROTOCOL *HiiString;
>>- EFI_FORM_BROWSER2_PROTOCOL *FormBrowser2;
>>-
>>- //
>>- // Initialize driver private data.
>>- //
>>- CallbackInfo = AllocateZeroPool (sizeof
>>(USER_MANAGER_CALLBACK_INFO));
>>- if (CallbackInfo == NULL) {
>>- return EFI_OUT_OF_RESOURCES;
>>- }
>>-
>>- CallbackInfo->Signature = USER_MANAGER_SIGNATURE;
>>- CallbackInfo->ConfigAccess.ExtractConfig = FakeExtractConfig;
>>- CallbackInfo->ConfigAccess.RouteConfig = FakeRouteConfig;
>>- CallbackInfo->ConfigAccess.Callback = UserIdentifyManagerCallback;
>>-
>>- //
>>- // Locate Hii Database protocol.
>>- //
>>- Status = gBS->LocateProtocol (&gEfiHiiDatabaseProtocolGuid, NULL, (VOID
>>**) &HiiDatabase);
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>- CallbackInfo->HiiDatabase = HiiDatabase;
>>-
>>- //
>>- // Locate HiiString protocol.
>>- //
>>- Status = gBS->LocateProtocol (&gEfiHiiStringProtocolGuid, NULL, (VOID **)
>>&HiiString);
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>- CallbackInfo->HiiString = HiiString;
>>-
>>- //
>>- // Locate Formbrowser2 protocol.
>>- //
>>- Status = gBS->LocateProtocol (&gEfiFormBrowser2ProtocolGuid, NULL,
>>(VOID **) &FormBrowser2);
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>-
>>- CallbackInfo->FormBrowser2 = FormBrowser2;
>>- CallbackInfo->DriverHandle = NULL;
>>-
>>- //
>>- // Install Device Path Protocol and Config Access protocol to driver handle.
>>- //
>>- Status = gBS->InstallMultipleProtocolInterfaces (
>>- &CallbackInfo->DriverHandle,
>>- &gEfiDevicePathProtocolGuid,
>>- &mHiiVendorDevicePath,
>>- &gEfiHiiConfigAccessProtocolGuid,
>>- &CallbackInfo->ConfigAccess,
>>- NULL
>>- );
>>- ASSERT_EFI_ERROR (Status);
>>-
>>- //
>>- // Publish HII data.
>>- //
>>- CallbackInfo->HiiHandle = HiiAddPackages (
>>- &gUserIdentifyManagerGuid,
>>- CallbackInfo->DriverHandle,
>>- UserIdentifyManagerStrings,
>>- UserIdentifyManagerVfrBin,
>>- NULL
>>- );
>>- if (CallbackInfo->HiiHandle == NULL) {
>>- return EFI_OUT_OF_RESOURCES;
>>- }
>>-
>>- mCallbackInfo = CallbackInfo;
>>-
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Identify the user whose identification policy supports auto logon.
>>-
>>- @param[in] ProviderIndex The provider index in the provider list.
>>- @param[out] User Points to user user profile if a user is identified
>>successfully.
>>-
>>- @retval EFI_SUCCESS Identify a user with the specified provider
>>successfully.
>>- @retval Others Fail to identify a user.
>>-
>>-**/
>>-EFI_STATUS
>>-IdentifyAutoLogonUser (
>>- IN UINTN ProviderIndex,
>>- OUT USER_PROFILE_ENTRY **User
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_USER_INFO *Info;
>>- UINT8 PolicyType;
>>-
>>- Info = AllocateZeroPool (sizeof (EFI_USER_INFO) + sizeof
>>(EFI_USER_INFO_IDENTIFIER));
>>- if (Info == NULL) {
>>- return EFI_OUT_OF_RESOURCES;
>>- }
>>-
>>- Info->InfoType = EFI_USER_INFO_IDENTIFIER_RECORD;
>>- Info->InfoSize = sizeof (EFI_USER_INFO) + sizeof
>>(EFI_USER_INFO_IDENTIFIER);
>>-
>>- //
>>- // Identify the specified credential provider's auto logon user.
>>- //
>>- Status = mProviderDb->Provider[ProviderIndex]->User (
>>- mProviderDb->Provider[ProviderIndex],
>>- NULL,
>>- (EFI_USER_INFO_IDENTIFIER *) (Info + 1)
>>- );
>>- if (EFI_ERROR (Status)) {
>>- FreePool (Info);
>>- return Status;
>>- }
>>-
>>- //
>>- // Find user with the specified user ID.
>>- //
>>- *User = NULL;
>>- Status = FindUserProfileByInfo (User, NULL, Info, Info->InfoSize);
>>- FreePool (Info);
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>-
>>- Status = GetIdentifyType ((EFI_USER_PROFILE_HANDLE) * User,
>>&PolicyType);
>>- if (PolicyType == EFI_USER_INFO_IDENTITY_AND) {
>>- //
>>- // The identified user need also identified by other credential provider.
>>- // This can handle through select user.
>>- //
>>- return EFI_NOT_READY;
>>- }
>>-
>>- return Status;
>>-}
>>-
>>-
>>-/**
>>- Check whether the given console is ready.
>>-
>>- @param[in] ProtocolGuid Points to the protocol guid of sonsole .
>>-
>>- @retval TRUE The given console is ready.
>>- @retval FALSE The given console is not ready.
>>-
>>-**/
>>-BOOLEAN
>>-CheckConsole (
>>- EFI_GUID *ProtocolGuid
>>- )
>>-{
>>- EFI_STATUS Status;
>>- UINTN HandleCount;
>>- EFI_HANDLE *HandleBuf;
>>- UINTN Index;
>>- EFI_DEVICE_PATH_PROTOCOL *DevicePath;
>>-
>>- //
>>- // Try to find all the handle driver.
>>- //
>>- HandleCount = 0;
>>- HandleBuf = NULL;
>>- Status = gBS->LocateHandleBuffer (
>>- ByProtocol,
>>- ProtocolGuid,
>>- NULL,
>>- &HandleCount,
>>- &HandleBuf
>>- );
>>- if (EFI_ERROR (Status)) {
>>- return FALSE;
>>- }
>>-
>>- for (Index = 0; Index < HandleCount; Index++) {
>>- DevicePath = DevicePathFromHandle (HandleBuf[Index]);
>>- if (DevicePath != NULL) {
>>- FreePool (HandleBuf);
>>- return TRUE;
>>- }
>>- }
>>- FreePool (HandleBuf);
>>- return FALSE;
>>-}
>>-
>>-
>>-/**
>>- Check whether the console is ready.
>>-
>>- @retval TRUE The console is ready.
>>- @retval FALSE The console is not ready.
>>-
>>-**/
>>-BOOLEAN
>>-IsConsoleReady (
>>- VOID
>>- )
>>-{
>>- if (!CheckConsole (&gEfiSimpleTextOutProtocolGuid)) {
>>- return FALSE;
>>- }
>>-
>>- if (!CheckConsole (&gEfiSimpleTextInProtocolGuid)) {
>>- if (!CheckConsole (&gEfiSimpleTextInputExProtocolGuid)) {
>>- return FALSE;
>>- }
>>- }
>>-
>>- return TRUE;
>>-}
>>-
>>-
>>-/**
>>- Identify a user to logon.
>>-
>>- @param[out] User Points to user user profile if a user is identified
>>successfully.
>>-
>>- @retval EFI_SUCCESS Identify a user successfully.
>>-
>>-**/
>>-EFI_STATUS
>>-IdentifyUser (
>>- OUT USER_PROFILE_ENTRY **User
>>- )
>>-{
>>- EFI_STATUS Status;
>>- UINTN Index;
>>- EFI_CREDENTIAL_LOGON_FLAGS AutoLogon;
>>- EFI_USER_INFO *IdentifyInfo;
>>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>>- EFI_USER_CREDENTIAL2_PROTOCOL *UserCredential;
>>- USER_PROFILE_ENTRY *UserEntry;
>>-
>>- //
>>- // Initialize credential providers.
>>- //
>>- InitProviderInfo ();
>>-
>>- //
>>- // Initialize user profile database.
>>- //
>>- InitUserProfileDb ();
>>-
>>- //
>>- // If only one user in system, and its identify policy is TRUE, then auto logon.
>>- //
>>- if (mUserProfileDb->UserProfileNum == 1) {
>>- UserEntry = (USER_PROFILE_ENTRY *) mUserProfileDb->UserProfile[0];
>>- IdentifyInfo = NULL;
>>- Status = FindUserInfoByType (UserEntry, &IdentifyInfo,
>>EFI_USER_INFO_IDENTITY_POLICY_RECORD);
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>- ASSERT (IdentifyInfo != NULL);
>>-
>>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) ((UINT8 *) (IdentifyInfo
>+
>>1));
>>- if (Identity->Type == EFI_USER_INFO_IDENTITY_TRUE) {
>>- mCurrentUser = (EFI_USER_PROFILE_HANDLE) UserEntry;
>>- UpdateUserInfo (UserEntry);
>>- *User = UserEntry;
>>- return EFI_SUCCESS;
>>- }
>>- }
>>-
>>- //
>>- // Find and login the default & AutoLogon user.
>>- //
>>- for (Index = 0; Index < mProviderDb->Count; Index++) {
>>- UserCredential = mProviderDb->Provider[Index];
>>- Status = UserCredential->Default (UserCredential, &AutoLogon);
>>- if (EFI_ERROR (Status)) {
>>- continue;
>>- }
>>-
>>- if ((AutoLogon & (EFI_CREDENTIAL_LOGON_FLAG_DEFAULT |
>>EFI_CREDENTIAL_LOGON_FLAG_AUTO)) != 0) {
>>- Status = IdentifyAutoLogonUser (Index, &UserEntry);
>>- if (Status == EFI_SUCCESS) {
>>- mCurrentUser = (EFI_USER_PROFILE_HANDLE) UserEntry;
>>- UpdateUserInfo (UserEntry);
>>- *User = UserEntry;
>>- return EFI_SUCCESS;
>>- }
>>- }
>>- }
>>-
>>- if (!IsConsoleReady ()) {
>>- //
>>- // The console is still not ready for user selection.
>>- //
>>- return EFI_ACCESS_DENIED;
>>- }
>>-
>>- //
>>- // Select a user and identify it.
>>- //
>>- mCallbackInfo->FormBrowser2->SendForm (
>>- mCallbackInfo->FormBrowser2,
>>- &mCallbackInfo->HiiHandle,
>>- 1,
>>- &gUserIdentifyManagerGuid,
>>- 0,
>>- NULL,
>>- NULL
>>- );
>>-
>>- if (mIdentified) {
>>- *User = (USER_PROFILE_ENTRY *) mCurrentUser;
>>- UpdateUserInfo (*User);
>>- return EFI_SUCCESS;
>>- }
>>-
>>- return EFI_ACCESS_DENIED;
>>-}
>>-
>>-
>>-/**
>>- An empty function to pass error checking of CreateEventEx ().
>>-
>>- @param Event Event whose notification function is being invoked.
>>- @param Context Pointer to the notification function's context,
>>- which is implementation-dependent.
>>-
>>-**/
>>-VOID
>>-EFIAPI
>>-InternalEmptyFuntion (
>>- IN EFI_EVENT Event,
>>- IN VOID *Context
>>- )
>>-{
>>-}
>>-
>>-
>>-/**
>>- Create, Signal, and Close the User Profile Changed event.
>>-
>>-**/
>>-VOID
>>-SignalEventUserProfileChanged (
>>- VOID
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_EVENT Event;
>>-
>>- Status = gBS->CreateEventEx (
>>- EVT_NOTIFY_SIGNAL,
>>- TPL_CALLBACK,
>>- InternalEmptyFuntion,
>>- NULL,
>>- &gEfiEventUserProfileChangedGuid,
>>- &Event
>>- );
>>- ASSERT_EFI_ERROR (Status);
>>- gBS->SignalEvent (Event);
>>- gBS->CloseEvent (Event);
>>-}
>>-
>>-
>>-/**
>>- Create a new user profile.
>>-
>>- This function creates a new user profile with only a new user identifier
>>attached and returns
>>- its handle. The user profile is non-volatile, but the handle User can change
>>across reboots.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_MANAGER_PROTOCOL.
>>- @param[out] User On return, points to the new user profile handle.
>>- The user profile handle is unique only during this boot.
>>-
>>- @retval EFI_SUCCESS User profile was successfully created.
>>- @retval EFI_ACCESS_DENIED Current user does not have sufficient
>>permissions to create a
>>- user profile.
>>- @retval EFI_UNSUPPORTED Creation of new user profiles is not
>>supported.
>>- @retval EFI_INVALID_PARAMETER The User parameter is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-UserProfileCreate (
>>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>>- OUT EFI_USER_PROFILE_HANDLE *User
>>- )
>>-{
>>- EFI_STATUS Status;
>>-
>>- if ((This == NULL) || (User == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- //
>>- // Check the right of the current user.
>>- //
>>- if (!CheckCurrentUserAccessRight (EFI_USER_INFO_ACCESS_MANAGE)) {
>>- if (!CheckCurrentUserAccessRight
>>(EFI_USER_INFO_ACCESS_ENROLL_OTHERS)) {
>>- return EFI_ACCESS_DENIED;
>>- }
>>- }
>>-
>>- //
>>- // Create new user profile
>>- //
>>- Status = CreateUserProfile ((USER_PROFILE_ENTRY **) User);
>>- if (EFI_ERROR (Status)) {
>>- return EFI_ACCESS_DENIED;
>>- }
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Delete an existing user profile.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_MANAGER_PROTOCOL.
>>- @param[in] User User profile handle.
>>-
>>- @retval EFI_SUCCESS User profile was successfully deleted.
>>- @retval EFI_ACCESS_DENIED Current user does not have sufficient
>>permissions to delete a user
>>- profile or there is only one user profile.
>>- @retval EFI_UNSUPPORTED Deletion of new user profiles is not
>>supported.
>>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>>profile.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-UserProfileDelete (
>>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>>- IN EFI_USER_PROFILE_HANDLE User
>>- )
>>-{
>>- EFI_STATUS Status;
>>-
>>- if (This == NULL) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- //
>>- // Check the right of the current user.
>>- //
>>- if (!CheckCurrentUserAccessRight (EFI_USER_INFO_ACCESS_MANAGE)) {
>>- return EFI_ACCESS_DENIED;
>>- }
>>-
>>- //
>>- // Delete user profile.
>>- //
>>- Status = DelUserProfile (User);
>>- if (EFI_ERROR (Status)) {
>>- if (Status != EFI_INVALID_PARAMETER) {
>>- return EFI_ACCESS_DENIED;
>>- }
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Enumerate all of the enrolled users on the platform.
>>-
>>- This function returns the next enrolled user profile. To retrieve the first
>user
>>profile handle,
>>- point User at a NULL. Each subsequent call will retrieve another user profile
>>handle until there
>>- are no more, at which point User will point to NULL.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_MANAGER_PROTOCOL.
>>- @param[in, out] User On entry, points to the previous user profile
>>handle or NULL to
>>- start enumeration. On exit, points to the next user profile
>>handle
>>- or NULL if there are no more user profiles.
>>-
>>- @retval EFI_SUCCESS Next enrolled user profile successfully returned.
>>- @retval EFI_ACCESS_DENIED Next enrolled user profile was not
>>successfully returned.
>>- @retval EFI_INVALID_PARAMETER The User parameter is NULL.
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-UserProfileGetNext (
>>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>>- IN OUT EFI_USER_PROFILE_HANDLE *User
>>- )
>>-{
>>- EFI_STATUS Status;
>>-
>>- if ((This == NULL) || (User == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- Status = FindUserProfile ((USER_PROFILE_ENTRY **) User, TRUE, NULL);
>>- if (EFI_ERROR (Status)) {
>>- return EFI_ACCESS_DENIED;
>>- }
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Return the current user profile handle.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_MANAGER_PROTOCOL.
>>- @param[out] CurrentUser On return, points to the current user profile
>>handle.
>>-
>>- @retval EFI_SUCCESS Current user profile handle returned
>successfully.
>>- @retval EFI_INVALID_PARAMETER The CurrentUser parameter is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-UserProfileCurrent (
>>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>>- OUT EFI_USER_PROFILE_HANDLE *CurrentUser
>>- )
>>-{
>>- //
>>- // Get current user profile.
>>- //
>>- if ((This == NULL) || (CurrentUser == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- *CurrentUser = mCurrentUser;
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Identify a user.
>>-
>>- Identify the user and, if authenticated, returns the user handle and
>changes
>>the current
>>- user profile. All user information marked as private in a previously selected
>>profile
>>- is no longer available for inspection.
>>- Whenever the current user profile is changed then the an event with the
>>GUID
>>- EFI_EVENT_GROUP_USER_PROFILE_CHANGED is signaled.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_MANAGER_PROTOCOL.
>>- @param[out] User On return, points to the user profile handle for
>>the current
>>- user profile.
>>-
>>- @retval EFI_SUCCESS User was successfully identified.
>>- @retval EFI_ACCESS_DENIED User was not successfully identified.
>>- @retval EFI_INVALID_PARAMETER The User parameter is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-UserProfileIdentify (
>>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>>- OUT EFI_USER_PROFILE_HANDLE *User
>>- )
>>-{
>>- EFI_STATUS Status;
>>-
>>- if ((This == NULL) || (User == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- if (mCurrentUser != NULL) {
>>- *User = mCurrentUser;
>>- return EFI_SUCCESS;
>>- }
>>-
>>- //
>>- // Identify user
>>- //
>>- Status = IdentifyUser ((USER_PROFILE_ENTRY **) User);
>>- if (EFI_ERROR (Status)) {
>>- return EFI_ACCESS_DENIED;
>>- }
>>-
>>- //
>>- // Publish the user info into the EFI system configuration table.
>>- //
>>- PublishUserTable ();
>>-
>>- //
>>- // Signal User Profile Changed event.
>>- //
>>- SignalEventUserProfileChanged ();
>>- return EFI_SUCCESS;
>>-}
>>-
>>-/**
>>- Find a user using a user information record.
>>-
>>- This function searches all user profiles for the specified user information
>>record.
>>- The search starts with the user information record handle following
>>UserInfo and
>>- continues until either the information is found or there are no more user
>>profiles.
>>- A match occurs when the Info.InfoType field matches the user information
>>record
>>- type and the user information record data matches the portion of Info.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_MANAGER_PROTOCOL.
>>- @param[in, out] User On entry, points to the previously returned
>user
>>profile
>>- handle, or NULL to start searching with the first user profile.
>>- On return, points to the user profile handle, or NULL if not
>>- found.
>>- @param[in, out] UserInfo On entry, points to the previously returned
>>user information
>>- handle, or NULL to start searching with the first. On return,
>>- points to the user information handle of the user
>>information
>>- record, or NULL if not found. Can be NULL, in which case
>only
>>- one user information record per user can be returned.
>>- @param[in] Info Points to the buffer containing the user
>information
>>to be
>>- compared to the user information record. If the user
>>information
>>- record data is empty, then only the user information record
>>type
>>- is compared. If InfoSize is 0, then the user information
>record
>>- must be empty.
>>-
>>- @param[in] InfoSize The size of Info, in bytes.
>>-
>>- @retval EFI_SUCCESS User information was found. User points to the
>>user profile
>>- handle, and UserInfo points to the user information handle.
>>- @retval EFI_NOT_FOUND User information was not found. User
>points
>>to NULL, and
>>- UserInfo points to NULL.
>>- @retval EFI_INVALID_PARAMETER User is NULL. Or Info is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-UserProfileFind (
>>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>>- IN OUT EFI_USER_PROFILE_HANDLE *User,
>>- IN OUT EFI_USER_INFO_HANDLE *UserInfo OPTIONAL,
>>- IN CONST EFI_USER_INFO *Info,
>>- IN UINTN InfoSize
>>- )
>>-{
>>- EFI_STATUS Status;
>>- UINTN Size;
>>-
>>- if ((This == NULL) || (User == NULL) || (Info == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- if (InfoSize == 0) {
>>- //
>>- // If InfoSize is 0, then the user information record must be empty.
>>- //
>>- if (Info->InfoSize != sizeof (EFI_USER_INFO)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>- } else {
>>- if (InfoSize != Info->InfoSize) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>- }
>>- Size = Info->InfoSize;
>>-
>>- //
>>- // Find user profile accdoring to user information.
>>- //
>>- Status = FindUserProfileByInfo (
>>- (USER_PROFILE_ENTRY **) User,
>>- (EFI_USER_INFO **) UserInfo,
>>- (EFI_USER_INFO *) Info,
>>- Size
>>- );
>>- if (EFI_ERROR (Status)) {
>>- *User = NULL;
>>- if (UserInfo != NULL) {
>>- *UserInfo = NULL;
>>- }
>>- return EFI_NOT_FOUND;
>>- }
>>-
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Return information attached to the user.
>>-
>>- This function returns user information. The format of the information is
>>described in User
>>- Information. The function may return EFI_ACCESS_DENIED if the
>>information is marked private
>>- and the handle specified by User is not the current user profile. The
>function
>>may return
>>- EFI_ACCESS_DENIED if the information is marked protected and the
>>information is associated
>>- with a credential provider for which the user has not been authenticated.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_MANAGER_PROTOCOL.
>>- @param[in] User Handle of the user whose profile will be retrieved.
>>- @param[in] UserInfo Handle of the user information data record.
>>- @param[out] Info On entry, points to a buffer of at least *InfoSize
>>bytes. On exit,
>>- holds the user information. If the buffer is too small to hold
>>the
>>- information, then EFI_BUFFER_TOO_SMALL is returned and
>>InfoSize is
>>- updated to contain the number of bytes actually required.
>>- @param[in, out] InfoSize On entry, points to the size of Info. On return,
>>points to the size
>>- of the user information.
>>-
>>- @retval EFI_SUCCESS Information returned successfully.
>>- @retval EFI_ACCESS_DENIED The information about the specified user
>>cannot be accessed by the
>>- current user.
>>- @retval EFI_BUFFER_TOO_SMALL The number of bytes specified by
>>*InfoSize is too small to hold the
>>- returned data. The actual size required is returned in
>>*InfoSize.
>>- @retval EFI_NOT_FOUND User does not refer to a valid user profile or
>>UserInfo does not refer
>>- to a valid user info handle.
>>- @retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-UserProfileGetInfo (
>>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>>- IN EFI_USER_PROFILE_HANDLE User,
>>- IN EFI_USER_INFO_HANDLE UserInfo,
>>- OUT EFI_USER_INFO *Info,
>>- IN OUT UINTN *InfoSize
>>- )
>>-{
>>- EFI_STATUS Status;
>>-
>>- if ((This == NULL) || (InfoSize == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- if ((*InfoSize != 0) && (Info == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- if ((User == NULL) || (UserInfo == NULL)) {
>>- return EFI_NOT_FOUND;
>>- }
>>-
>>- Status = GetUserInfo (User, UserInfo, Info, InfoSize, TRUE);
>>- if (EFI_ERROR (Status)) {
>>- if (Status == EFI_BUFFER_TOO_SMALL) {
>>- return EFI_BUFFER_TOO_SMALL;
>>- }
>>- return EFI_ACCESS_DENIED;
>>- }
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Add or update user information.
>>-
>>- This function changes user information. If NULL is pointed to by UserInfo,
>>then a new user
>>- information record is created and its handle is returned in UserInfo.
>>Otherwise, the existing
>>- one is replaced.
>>- If EFI_USER_INFO_IDENITTY_POLICY_RECORD is changed, it is the caller's
>>responsibility to keep
>>- it to be synced with the information on credential providers.
>>- If EFI_USER_INFO_EXCLUSIVE is specified in Info and a user information
>>record of the same
>>- type already exists in the user profile, then EFI_ACCESS_DENIED will be
>>returned and UserInfo
>>- will point to the handle of the existing record.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_MANAGER_PROTOCOL.
>>- @param[in] User Handle of the user whose profile will be
>retrieved.
>>- @param[in, out] UserInfo Handle of the user information data record.
>>- @param[in] Info On entry, points to a buffer of at least *InfoSize
>>bytes. On exit,
>>- holds the user information. If the buffer is too small to hold
>>the
>>- information, then EFI_BUFFER_TOO_SMALL is returned
>and
>>InfoSize is
>>- updated to contain the number of bytes actually required.
>>- @param[in] InfoSize On entry, points to the size of Info. On return,
>>points to the size
>>- of the user information.
>>-
>>- @retval EFI_SUCCESS Information returned successfully.
>>- @retval EFI_ACCESS_DENIED The record is exclusive.
>>- @retval EFI_SECURITY_VIOLATION The current user does not have
>>permission to change the specified
>>- user profile or user information record.
>>- @retval EFI_NOT_FOUND User does not refer to a valid user profile or
>>UserInfo does not
>>- refer to a valid user info handle.
>>- @retval EFI_INVALID_PARAMETER UserInfo is NULL or Info is NULL.
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-UserProfileSetInfo (
>>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>>- IN EFI_USER_PROFILE_HANDLE User,
>>- IN OUT EFI_USER_INFO_HANDLE *UserInfo,
>>- IN CONST EFI_USER_INFO *Info,
>>- IN UINTN InfoSize
>>- )
>>-{
>>- EFI_STATUS Status;
>>-
>>- if ((This == NULL) || (User == NULL) || (UserInfo == NULL) || (Info ==
>NULL))
>>{
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- //
>>- // Check the right of the current user.
>>- //
>>- if (User != mCurrentUser) {
>>- if (!CheckCurrentUserAccessRight (EFI_USER_INFO_ACCESS_MANAGE)) {
>>- if (*UserInfo != NULL) {
>>- //
>>- // Can't update info in other profiles without MANAGE right.
>>- //
>>- return EFI_SECURITY_VIOLATION;
>>- }
>>-
>>- if (!CheckCurrentUserAccessRight
>>(EFI_USER_INFO_ACCESS_ENROLL_OTHERS)) {
>>- //
>>- // Can't add info into other profiles.
>>- //
>>- return EFI_SECURITY_VIOLATION;
>>- }
>>- }
>>- }
>>-
>>- if (User == mCurrentUser) {
>>- if (CheckCurrentUserAccessRight
>(EFI_USER_INFO_ACCESS_ENROLL_SELF))
>>{
>>- //
>>- // Only identify policy can be added/updated.
>>- //
>>- if (Info->InfoType != EFI_USER_INFO_IDENTITY_POLICY_RECORD) {
>>- return EFI_SECURITY_VIOLATION;
>>- }
>>- }
>>- }
>>-
>>- //
>>- // Modify user information.
>>- //
>>- Status = ModifyUserInfo (User, (EFI_USER_INFO **) UserInfo, Info,
>>InfoSize);
>>- if (EFI_ERROR (Status)) {
>>- if (Status == EFI_ACCESS_DENIED) {
>>- return EFI_ACCESS_DENIED;
>>- }
>>- return EFI_SECURITY_VIOLATION;
>>- }
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Called by credential provider to notify of information change.
>>-
>>- This function allows the credential provider to notify the User Identity
>>Manager when user status
>>- has changed.
>>- If the User Identity Manager doesn't support asynchronous changes in
>>credentials, then this function
>>- should return EFI_UNSUPPORTED.
>>- If current user does not exist, and the credential provider can identify a
>user,
>>then make the user
>>- to be current user and signal the
>>EFI_EVENT_GROUP_USER_PROFILE_CHANGED event.
>>- If current user already exists, and the credential provider can identify
>>another user, then switch
>>- current user to the newly identified user, and signal the
>>EFI_EVENT_GROUP_USER_PROFILE_CHANGED event.
>>- If current user was identified by this credential provider and now the
>>credential provider cannot identify
>>- current user, then logout current user and signal the
>>EFI_EVENT_GROUP_USER_PROFILE_CHANGED event.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_MANAGER_PROTOCOL.
>>- @param[in] Changed Handle on which is installed an instance of the
>>EFI_USER_CREDENTIAL2_PROTOCOL
>>- where the user has changed.
>>-
>>- @retval EFI_SUCCESS The User Identity Manager has handled the
>>notification.
>>- @retval EFI_NOT_READY The function was called while the specified
>>credential provider was not selected.
>>- @retval EFI_UNSUPPORTED The User Identity Manager doesn't support
>>asynchronous notifications.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-UserProfileNotify (
>>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>>- IN EFI_HANDLE Changed
>>- )
>>-{
>>- return EFI_UNSUPPORTED;
>>-}
>>-
>>-
>>-/**
>>- Delete user information.
>>-
>>- Delete the user information attached to the user profile specified by the
>>UserInfo.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_MANAGER_PROTOCOL.
>>- @param[in] User Handle of the user whose information will be
>>deleted.
>>- @param[in] UserInfo Handle of the user information to remove.
>>-
>>- @retval EFI_SUCCESS User information deleted successfully.
>>- @retval EFI_NOT_FOUND User information record UserInfo does not
>>exist in the user profile.
>>- @retval EFI_ACCESS_DENIED The current user does not have permission
>to
>>delete this user information.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-UserProfileDeleteInfo (
>>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>>- IN EFI_USER_PROFILE_HANDLE User,
>>- IN EFI_USER_INFO_HANDLE UserInfo
>>- )
>>-{
>>- EFI_STATUS Status;
>>-
>>- if (This == NULL) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- //
>>- // Check the right of the current user.
>>- //
>>- if (User != mCurrentUser) {
>>- if (!CheckCurrentUserAccessRight (EFI_USER_INFO_ACCESS_MANAGE)) {
>>- return EFI_ACCESS_DENIED;
>>- }
>>- }
>>-
>>- //
>>- // Delete user information.
>>- //
>>- Status = DelUserInfo (User, UserInfo, TRUE);
>>- if (EFI_ERROR (Status)) {
>>- if (Status == EFI_NOT_FOUND) {
>>- return EFI_NOT_FOUND;
>>- }
>>- return EFI_ACCESS_DENIED;
>>- }
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Enumerate user information of all the enrolled users on the platform.
>>-
>>- This function returns the next user information record. To retrieve the first
>>user
>>- information record handle, point UserInfo at a NULL. Each subsequent call
>>will retrieve
>>- another user information record handle until there are no more, at which
>>point UserInfo
>>- will point to NULL.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_MANAGER_PROTOCOL.
>>- @param[in] User Handle of the user whose information will be
>>deleted.
>>- @param[in, out] UserInfo Handle of the user information to remove.
>>-
>>- @retval EFI_SUCCESS User information returned.
>>- @retval EFI_NOT_FOUND No more user information found.
>>- @retval EFI_INVALID_PARAMETER UserInfo is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-UserProfileGetNextInfo (
>>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>>- IN EFI_USER_PROFILE_HANDLE User,
>>- IN OUT EFI_USER_INFO_HANDLE *UserInfo
>>- )
>>-{
>>- if ((This == NULL) || (UserInfo == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>- //
>>- // Get next user information entry.
>>- //
>>- return FindUserInfo (User, (EFI_USER_INFO **) UserInfo, TRUE, NULL);
>>-}
>>-
>>-
>>-/**
>>- Main entry for this driver.
>>-
>>- @param[in] ImageHandle Image handle this driver.
>>- @param[in] SystemTable Pointer to SystemTable.
>>-
>>- @retval EFI_SUCESS This function always complete successfully.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-UserIdentifyManagerInit (
>>- IN EFI_HANDLE ImageHandle,
>>- IN EFI_SYSTEM_TABLE *SystemTable
>>- )
>>-{
>>-
>>- EFI_STATUS Status;
>>-
>>- //
>>- // It is NOT robust enough to be included in production.
>>- //
>>- #error "This implementation is just a sample, please comment this line if
>you
>>really want to use this driver."
>>-
>>- //
>>- // Initiate form browser.
>>- //
>>- InitFormBrowser ();
>>-
>>- //
>>- // Install protocol interfaces for the User Identity Manager.
>>- //
>>- Status = gBS->InstallProtocolInterface (
>>- &mCallbackInfo->DriverHandle,
>>- &gEfiUserManagerProtocolGuid,
>>- EFI_NATIVE_INTERFACE,
>>- &gUserIdentifyManager
>>- );
>>- ASSERT_EFI_ERROR (Status);
>>-
>>- LoadDeferredImageInit (ImageHandle);
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>diff --git
>>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMa
>n
>>ager.h
>>b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMa
>n
>>ager.h
>>deleted file mode 100644
>>index 1c449b0128..0000000000
>>---
>>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMa
>n
>>ager.h
>>+++ /dev/null
>>@@ -1,413 +0,0 @@
>>-/** @file
>>- The header file for User identify Manager driver.
>>-
>>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>>-This program and the accompanying materials
>>-are licensed and made available under the terms and conditions of the BSD
>>License
>>-which accompanies this distribution. The full text of the license may be
>>found at
>>-http://opensource.org/licenses/bsd-license.php
>>-
>>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-
>>-**/
>>-
>>-#ifndef _USER_IDENTIFY_MANAGER_H_
>>-#define _USER_IDENTIFY_MANAGER_H_
>>-
>>-#include <Uefi.h>
>>-
>>-#include <Guid/GlobalVariable.h>
>>-#include <Guid/MdeModuleHii.h>
>>-
>>-#include <Protocol/FormBrowser2.h>
>>-#include <Protocol/HiiDatabase.h>
>>-#include <Protocol/HiiConfigAccess.h>
>>-#include <Protocol/HiiString.h>
>>-#include <Protocol/HiiConfigRouting.h>
>>-#include <Protocol/UserCredential2.h>
>>-#include <Protocol/UserManager.h>
>>-#include <Protocol/DeferredImageLoad.h>
>>-#include <Protocol/SimpleTextOut.h>
>>-#include <Protocol/SimpleTextIn.h>
>>-#include <Protocol/SimpleTextInEx.h>
>>-
>>-#include <Library/UefiRuntimeServicesTableLib.h>
>>-#include <Library/UefiBootServicesTableLib.h>
>>-#include <Library/MemoryAllocationLib.h>
>>-#include <Library/BaseMemoryLib.h>
>>-#include <Library/DevicePathLib.h>
>>-#include <Library/DebugLib.h>
>>-#include <Library/UefiLib.h>
>>-#include <Library/PrintLib.h>
>>-#include <Library/HiiLib.h>
>>-
>>-#include "UserIdentifyManagerData.h"
>>-
>>-//
>>-// This is the generated IFR binary data for each formset defined in VFR.
>>-// This data array is ready to be used as input of HiiAddPackages() to
>>-// create a packagelist.
>>-//
>>-extern UINT8 UserIdentifyManagerVfrBin[];
>>-
>>-//
>>-// This is the generated String package data for all .UNI files.
>>-// This data array is ready to be used as input of HiiAddPackages() to
>>-// create a packagelist.
>>-//
>>-extern UINT8 UserIdentifyManagerStrings[];
>>-
>>-#define USER_NUMBER_INC 32
>>-#define DEFAULT_PROFILE_SIZE 512
>>-#define INFO_PAYLOAD_SIZE 64
>>-
>>-//
>>-// Credential Provider Information.
>>-//
>>-typedef struct {
>>- UINTN Count;
>>- EFI_USER_CREDENTIAL2_PROTOCOL *Provider[1];
>>-} CREDENTIAL_PROVIDER_INFO;
>>-
>>-//
>>-// Internal user profile entry.
>>-//
>>-typedef struct {
>>- UINTN MaxProfileSize;
>>- UINTN UserProfileSize;
>>- CHAR16 UserVarName[9];
>>- UINT8 *ProfileInfo;
>>-} USER_PROFILE_ENTRY;
>>-
>>-//
>>-// Internal user profile database.
>>-//
>>-typedef struct {
>>- UINTN UserProfileNum;
>>- UINTN MaxProfileNum;
>>- EFI_USER_PROFILE_HANDLE UserProfile[1];
>>-} USER_PROFILE_DB;
>>-
>>-#define USER_MANAGER_SIGNATURE SIGNATURE_32 ('U', 'I', 'M', 'S')
>>-
>>-typedef struct {
>>- UINTN Signature;
>>- EFI_HANDLE DriverHandle;
>>- EFI_HII_HANDLE HiiHandle;
>>-
>>- //
>>- // Consumed protocol.
>>- //
>>- EFI_HII_DATABASE_PROTOCOL *HiiDatabase;
>>- EFI_HII_STRING_PROTOCOL *HiiString;
>>- EFI_HII_CONFIG_ROUTING_PROTOCOL *HiiConfigRouting;
>>- EFI_FORM_BROWSER2_PROTOCOL *FormBrowser2;
>>-
>>- //
>>- // Produced protocol.
>>- //
>>- EFI_HII_CONFIG_ACCESS_PROTOCOL ConfigAccess;
>>-} USER_MANAGER_CALLBACK_INFO;
>>-
>>-///
>>-/// HII specific Vendor Device Path definition.
>>-///
>>-typedef struct {
>>- VENDOR_DEVICE_PATH VendorDevicePath;
>>- EFI_DEVICE_PATH_PROTOCOL End;
>>-} HII_VENDOR_DEVICE_PATH;
>>-
>>-/**
>>- Register an event notification function for the user profile changed.
>>-
>>- @param[in] ImageHandle Image handle this driver.
>>-
>>-**/
>>-VOID
>>-LoadDeferredImageInit (
>>- IN EFI_HANDLE ImageHandle
>>- );
>>-
>>-
>>-/**
>>- This function creates a new user profile with only
>>- a new user identifier attached and returns its handle.
>>- The user profile is non-volatile, but the handle User
>>- can change across reboots.
>>-
>>- @param[in] This Protocol EFI_USER_MANAGER_PROTOCOL
>>instance
>>- pointer.
>>- @param[out] User Handle of a new user profile.
>>-
>>- @retval EFI_SUCCESS User profile was successfully created.
>>- @retval EFI_ACCESS_DENIED Current user does not have sufficient
>>permissions
>>- to create a user profile.
>>- @retval EFI_UNSUPPORTED Creation of new user profiles is not
>>supported.
>>- @retval EFI_INVALID_PARAMETER User is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-UserProfileCreate (
>>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>>- OUT EFI_USER_PROFILE_HANDLE *User
>>- );
>>-
>>-
>>-/**
>>- Delete an existing user profile.
>>-
>>- @param This Protocol EFI_USER_MANAGER_PROTOCOL instance
>>- pointer.
>>- @param User User profile handle.
>>-
>>- @retval EFI_SUCCESS User profile was successfully deleted.
>>- @retval EFI_ACCESS_DENIED Current user does not have sufficient
>>permissions
>>- to delete a user profile or there is only one
>>- user profile.
>>- @retval EFI_UNSUPPORTED Deletion of new user profiles is not
>>supported.
>>- @retval EFI_INVALID_PARAMETER User does not refer to a valid user
>>profile.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-UserProfileDelete (
>>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>>- IN EFI_USER_PROFILE_HANDLE User
>>- );
>>-
>>-
>>-/**
>>- Get next user profile from the user profile database.
>>-
>>- @param[in] This Protocol EFI_USER_MANAGER_PROTOCOL
>>instance
>>- pointer.
>>- @param[in, out] User User profile handle.
>>-
>>- @retval EFI_SUCCESS Next enrolled user profile successfully
>returned.
>>- @retval EFI_INVALID_PARAMETER User is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-UserProfileGetNext (
>>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>>- IN OUT EFI_USER_PROFILE_HANDLE *User
>>- );
>>-
>>-
>>-/**
>>- This function returns the current user profile handle.
>>-
>>- @param[in] This Protocol EFI_USER_MANAGER_PROTOCOL
>>instance pointer.
>>- @param[out] CurrentUser User profile handle.
>>-
>>- @retval EFI_SUCCESS Current user profile handle returned
>>successfully.
>>- @retval EFI_INVALID_PARAMETER CurrentUser is NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-UserProfileCurrent (
>>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>>- OUT EFI_USER_PROFILE_HANDLE *CurrentUser
>>- );
>>-
>>-
>>-/**
>>- Identify the user and, if authenticated, returns the user handle and
>changes
>>- the current user profile.
>>-
>>- @param This Protocol EFI_USER_MANAGER_PROTOCOL instance
>>pointer.
>>- @param CurrentUser User profile handle.
>>-
>>- @retval EFI_SUCCESS User was successfully identified.
>>- @retval EFI_INVALID_PARAMETER User is NULL.
>>- @retval EFI_ACCESS_DENIED User was not successfully identified.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-UserProfileIdentify (
>>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>>- OUT EFI_USER_PROFILE_HANDLE *User
>>- );
>>-
>>-
>>-/**
>>- Find a user using a user information record.
>>-
>>- This function searches all user profiles for the specified user information
>>record.
>>- The search starts with the user information record handle following
>>UserInfo and
>>- continues until either the information is found or there are no more user
>>profiles.
>>- A match occurs when the Info.InfoType field matches the user information
>>record
>>- type and the user information record data matches the portion of Info
>>passed the
>>- EFI_USER_INFO header.
>>-
>>- @param[in] This Points to this instance of the
>>EFI_USER_MANAGER_PROTOCOL.
>>- @param[in, out] User On entry, points to the previously returned user
>>profile
>>- handle, or NULL to start searching with the first user profile.
>>- On return, points to the user profile handle, or NULL if not
>>- found.
>>- @param[in, out] UserInfo On entry, points to the previously returned user
>>information
>>- handle, or NULL to start searching with the first. On return,
>>- points to the user information handle of the user information
>>- record, or NULL if not found. Can be NULL, in which case only
>>- one user information record per user can be returned.
>>- @param[in] Info Points to the buffer containing the user information
>to
>>be
>>- compared to the user information record. If NULL, then only
>>- the user information record type is compared. If InfoSize is 0,
>>- then the user information record must be empty.
>>-
>>- @param[in] InfoSize The size of Info, in bytes.
>>-
>>- @retval EFI_SUCCESS User information was found. User points to the
>>user profile handle,
>>- and UserInfo points to the user information handle.
>>- @retval EFI_NOT_FOUND User information was not found. User points
>to
>>NULL and UserInfo
>>- points to NULL.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-UserProfileFind (
>>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>>- IN OUT EFI_USER_PROFILE_HANDLE *User,
>>- IN OUT EFI_USER_INFO_HANDLE *UserInfo OPTIONAL,
>>- IN CONST EFI_USER_INFO *Info,
>>- IN UINTN InfoSize
>>- );
>>-
>>-
>>-/**
>>- This function returns user information.
>>-
>>- @param This Protocol EFI_USER_MANAGER_PROTOCOL instance
>>- pointer.
>>- @param User Handle of the user whose profile will be
>>- retrieved.
>>- @param UserInfo Handle of the user information data record.
>>- @param Info On entry, points to a buffer of at least
>>- *InfoSize bytes. On exit, holds the user
>>- information.
>>- @param InfoSize On entry, points to the size of Info. On return,
>>- points to the size of the user information.
>>-
>>- @retval EFI_SUCCESS Information returned successfully.
>>- @retval EFI_ACCESS_DENIED The information about the specified user
>>cannot
>>- be accessed by the current user.
>>- EFI_BUFFER_TOO_SMALL- The number of bytes
>>- specified by *InfoSize is too small to hold the
>>- returned data.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-UserProfileGetInfo (
>>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>>- IN EFI_USER_PROFILE_HANDLE User,
>>- IN EFI_USER_INFO_HANDLE UserInfo,
>>- OUT EFI_USER_INFO *Info,
>>- IN OUT UINTN *InfoSize
>>- );
>>-
>>-
>>-/**
>>- This function changes user information.
>>-
>>- @param This Protocol EFI_USER_MANAGER_PROTOCOL instance
>>- pointer.
>>- @param User Handle of the user whose profile will be
>>- retrieved.
>>- @param UserInfo Handle of the user information data record.
>>- @param Info Points to the user information.
>>- @param InfoSize The size of Info, in bytes.
>>-
>>- @retval EFI_SUCCESS User profile information was successfully
>>- changed/added.
>>- @retval EFI_ACCESS_DENIED The record is exclusive.
>>- @retval EFI_SECURITY_VIOLATION The current user does not have
>>permission to
>>- change the specified user profile or user
>>- information record.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-UserProfileSetInfo (
>>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>>- IN EFI_USER_PROFILE_HANDLE User,
>>- IN OUT EFI_USER_INFO_HANDLE *UserInfo,
>>- IN CONST EFI_USER_INFO *Info,
>>- IN UINTN InfoSize
>>- );
>>-
>>-
>>-/**
>>- This function allows the credential provider to notify the User Identity
>>Manager
>>- when user status has changed while deselected.
>>-
>>- @param This Protocol EFI_USER_MANAGER_PROTOCOL instance
>>- pointer.
>>- @param Changed Points to the instance of the
>>- EFI_USER_CREDENTIAL_PROTOCOL where the user has
>>- changed.
>>-
>>- @retval EFI_SUCCESS The User Identity Manager has handled the
>>- notification.
>>- @retval EFI_NOT_READY The function was called while the specified
>>- credential provider was not selected.
>>- @retval EFI_UNSUPPORTED The User Identity Manager doesn't
>support
>>- asynchronous notifications.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-UserProfileNotify (
>>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>>- IN EFI_HANDLE Changed
>>- );
>>-
>>-
>>-/**
>>- Delete the user information attached to the user profile specified by the
>>UserInfo.
>>-
>>- @param This Protocol EFI_USER_MANAGER_PROTOCOL instance
>>pointer.
>>- @param User Handle of the user whose profile will be retrieved.
>>- @param UserInfo Handle of the user information data record.
>>-
>>- @retval EFI_SUCCESS User information deleted successfully.
>>- @retval EFI_ACCESS_DENIED The current user does not have
>permission
>>to
>>- delete this user in-formation.
>>- @retval EFI_NOT_FOUND User information record UserInfo does not
>>exist
>>- in the user pro-file.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-UserProfileDeleteInfo (
>>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>>- IN EFI_USER_PROFILE_HANDLE User,
>>- IN EFI_USER_INFO_HANDLE UserInfo
>>- );
>>-
>>-
>>-/**
>>- This function returns the next user information record.
>>-
>>- @param This Protocol EFI_USER_MANAGER_PROTOCOL instance
>>pointer.
>>- @param User Handle of the user whose profile will be retrieved.
>>- @param UserInfo Handle of the user information data record.
>>-
>>- @retval EFI_SUCCESS User information returned.
>>- @retval EFI_NOT_FOUND No more user information found.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-UserProfileGetNextInfo (
>>- IN CONST EFI_USER_MANAGER_PROTOCOL *This,
>>- IN EFI_USER_PROFILE_HANDLE User,
>>- IN OUT EFI_USER_INFO_HANDLE *UserInfo
>>- );
>>-
>>-#endif
>>diff --git
>>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMa
>n
>>ager.uni
>>b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMa
>n
>>ager.uni
>>deleted file mode 100644
>>index 82c72baeeb..0000000000
>>---
>>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMa
>n
>>ager.uni
>>+++ /dev/null
>>@@ -1,21 +0,0 @@
>>-// /** @file
>>-// Produces user manager protocol
>>-//
>>-// This module manages user information and produces user manager
>>protocol.
>>-//
>>-// Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
>>-//
>>-// This program and the accompanying materials
>>-// are licensed and made available under the terms and conditions of the
>BSD
>>License
>>-// which accompanies this distribution. The full text of the license may be
>>found at
>>-// http://opensource.org/licenses/bsd-license.php
>>-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>>BASIS,
>>-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-//
>>-// **/
>>-
>>-
>>-#string STR_MODULE_ABSTRACT #language en-US "Produces user
>>manager protocol"
>>-
>>-#string STR_MODULE_DESCRIPTION #language en-US "This module
>>manages user information and produces user manager protocol."
>>-
>>diff --git
>>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMa
>n
>>agerData.h
>>b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMa
>n
>>agerData.h
>>deleted file mode 100644
>>index 4e07ddd309..0000000000
>>---
>>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMa
>n
>>agerData.h
>>+++ /dev/null
>>@@ -1,35 +0,0 @@
>>-/** @file
>>- Data structure used by the user identify manager driver.
>>-
>>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>>-This program and the accompanying materials
>>-are licensed and made available under the terms and conditions of the BSD
>>License
>>-which accompanies this distribution. The full text of the license may be
>>found at
>>-http://opensource.org/licenses/bsd-license.php
>>-
>>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-
>>-**/
>>-
>>-#ifndef _USER_IDENTIFY_MANAGER_DATA_H_
>>-#define _USER_IDENTIFY_MANAGER_DATA_H_
>>-
>>-#include <Guid/UserIdentifyManagerHii.h>
>>-
>>-//
>>-// Forms definition.
>>-//
>>-#define FORMID_USER_FORM 1
>>-#define FORMID_PROVIDER_FORM 2
>>-#define FORMID_INVALID_FORM 0x0FFF
>>-
>>-//
>>-// Labels definition.
>>-//
>>-#define LABEL_USER_NAME 0x1000
>>-#define LABEL_PROVIDER_NAME 0x3000
>>-#define LABEL_END 0xffff
>>-#define FORM_OPEN_QUESTION_ID 0xfffe
>>-
>>-#endif
>>diff --git
>>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMa
>n
>>agerDxe.inf
>>b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMa
>n
>>agerDxe.inf
>>deleted file mode 100644
>>index 27e8ba19ad..0000000000
>>---
>>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMa
>n
>>agerDxe.inf
>>+++ /dev/null
>>@@ -1,79 +0,0 @@
>>-## @file
>>-# Produces user manager protocol
>>-#
>>-# This module manages user information and produces user manager
>>protocol.
>>-#
>>-# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>>-# This program and the accompanying materials
>>-# are licensed and made available under the terms and conditions of the
>BSD
>>License
>>-# which accompanies this distribution. The full text of the license may be
>>found at
>>-# http://opensource.org/licenses/bsd-license.php
>>-# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>>BASIS,
>>-# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-#
>>-##
>>-
>>-[defines]
>>- INF_VERSION = 0x00010005
>>- BASE_NAME = UserIdentifyManager
>>- MODULE_UNI_FILE = UserIdentifyManager.uni
>>- FILE_GUID = C5D3191B-27D5-4873-8DF2-628136991A21
>>- MODULE_TYPE = DXE_DRIVER
>>- VERSION_STRING = 1.0
>>- ENTRY_POINT = UserIdentifyManagerInit
>>-
>>-[sources]
>>- UserIdentifyManager.c
>>- LoadDeferredImage.c
>>- UserIdentifyManager.h
>>- UserIdentifyManagerData.h
>>- UserIdentifyManagerStrings.uni
>>- UserIdentifyManagerVfr.Vfr
>>-
>>-[Packages]
>>- MdePkg/MdePkg.dec
>>- MdeModulePkg/MdeModulePkg.dec
>>- SecurityPkg/SecurityPkg.dec
>>-
>>-[LibraryClasses]
>>- UefiRuntimeServicesTableLib
>>- UefiBootServicesTableLib
>>- UefiDriverEntryPoint
>>- MemoryAllocationLib
>>- BaseMemoryLib
>>- DebugLib
>>- HiiLib
>>- UefiLib
>>-
>>-[Guids]
>>- gEfiIfrTianoGuid ## SOMETIMES_CONSUMES ## GUID
>>- gEfiEventUserProfileChangedGuid ## SOMETIMES_PRODUCES ##
>>Event
>>-
>>- ## SOMETIMES_PRODUCES ## Variable:L"Userxxxx"
>>- ## SOMETIMES_CONSUMES ## Variable:L"Userxxxx"
>>- ## CONSUMES ## HII
>>- gUserIdentifyManagerGuid
>>-
>>-[Protocols]
>>- gEfiFormBrowser2ProtocolGuid ## CONSUMES
>>- gEfiHiiDatabaseProtocolGuid ## CONSUMES
>>- gEfiUserCredential2ProtocolGuid ## SOMETIMES_CONSUMES
>>- gEfiDeferredImageLoadProtocolGuid ## SOMETIMES_CONSUMES
>>- gEfiSimpleTextOutProtocolGuid ## SOMETIMES_CONSUMES
>>- gEfiSimpleTextInProtocolGuid ## SOMETIMES_CONSUMES
>>- gEfiSimpleTextInputExProtocolGuid ## SOMETIMES_CONSUMES
>>- gEfiHiiConfigAccessProtocolGuid ## PRODUCES
>>- gEfiDevicePathProtocolGuid ## PRODUCES
>>-
>>- ## PRODUCES
>>- ## SOMETIMES_PRODUCES ## SystemTable
>>- gEfiUserManagerProtocolGuid
>>-
>>-[Depex]
>>- gEfiHiiDatabaseProtocolGuid AND
>>- gEfiHiiStringProtocolGuid AND
>>- gEfiFormBrowser2ProtocolGuid
>>-
>>-[UserExtensions.TianoCore."ExtraFiles"]
>>- UserIdentifyManagerExtra.uni
>>-
>>diff --git
>>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMa
>n
>>agerExtra.uni
>>b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMa
>n
>>agerExtra.uni
>>deleted file mode 100644
>>index 8b7cba7b32..0000000000
>>---
>>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMa
>n
>>agerExtra.uni
>>+++ /dev/null
>>@@ -1,19 +0,0 @@
>>-// /** @file
>>-// UserIdentifyManager Localized Strings and Content
>>-//
>>-// Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
>>-//
>>-// This program and the accompanying materials
>>-// are licensed and made available under the terms and conditions of the
>BSD
>>License
>>-// which accompanies this distribution. The full text of the license may be
>>found at
>>-// http://opensource.org/licenses/bsd-license.php
>>-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>>BASIS,
>>-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-//
>>-// **/
>>-
>>-#string STR_PROPERTIES_MODULE_NAME
>>-#language en-US
>>-"User Identify Manager"
>>-
>>-
>>diff --git
>>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMa
>n
>>agerStrings.uni
>>b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMa
>n
>>agerStrings.uni
>>deleted file mode 100644
>>index fcbf5005cd..0000000000
>>---
>>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMa
>n
>>agerStrings.uni
>>+++ /dev/null
>>@@ -1,27 +0,0 @@
>>-/** @file
>>- String definitions for the User Identify Manager driver.
>>-
>>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>>-This program and the accompanying materials
>>-are licensed and made available under the terms and conditions of the BSD
>>License
>>-which accompanies this distribution. The full text of the license may be
>>found at
>>-http://opensource.org/licenses/bsd-license.php.
>>-
>>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-
>>-**/
>>-
>>-#langdef en-US "English"
>>-#langdef fr-FR "Francais"
>>-
>>-#string STR_TITLE #language en-US "User Identity
>Manager"
>>- #language fr-FR "User Identity Manager(French)"
>>-#string STR_USER_SELECT #language en-US "User Selection"
>>- #language fr-FR "User Selection(French)"
>>-#string STR_PROVIDER_SELECT #language en-US "Provider
>>Selection"
>>- #language fr-FR "User Selection(French)"
>>-#string STR_NULL_STRING #language en-US ""
>>- #language fr-FR ""
>>-
>>-
>>diff --git
>>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMa
>n
>>agerVfr.Vfr
>>b/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMa
>n
>>agerVfr.Vfr
>>deleted file mode 100644
>>index 306679776d..0000000000
>>---
>>a/SecurityPkg/UserIdentification/UserIdentifyManagerDxe/UserIdentifyMa
>n
>>agerVfr.Vfr
>>+++ /dev/null
>>@@ -1,43 +0,0 @@
>>-/** @file
>>- User identify manager formset.
>>-
>>-Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
>>-This program and the accompanying materials
>>-are licensed and made available under the terms and conditions of the BSD
>>License
>>-which accompanies this distribution. The full text of the license may be
>>found at
>>-http://opensource.org/licenses/bsd-license.php
>>-
>>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-
>>-**/
>>-
>>-#include "UserIdentifyManagerData.h"
>>-
>>-formset
>>- guid = USER_IDENTIFY_MANAGER_GUID,
>>- title = STRING_TOKEN(STR_TITLE),
>>- help = STRING_TOKEN(STR_NULL_STRING),
>>- classguid = USER_IDENTIFY_MANAGER_GUID,
>>-
>>- form formid = FORMID_USER_FORM,
>>- title = STRING_TOKEN(STR_USER_SELECT);
>>-
>>- suppressif TRUE;
>>- text
>>- help = STRING_TOKEN(STR_NULL_STRING),
>>- text = STRING_TOKEN(STR_NULL_STRING),
>>- flags = INTERACTIVE,
>>- key = FORM_OPEN_QUESTION_ID;
>>- endif;
>>-
>>- label LABEL_USER_NAME;
>>- label LABEL_END;
>>- endform;
>>-
>>- form formid = FORMID_PROVIDER_FORM,
>>- title = STRING_TOKEN(STR_PROVIDER_SELECT);
>>- label LABEL_PROVIDER_NAME;
>>- label LABEL_END;
>>- endform;
>>-endformset;
>>\ No newline at end of file
>>diff --git
>>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyAccessPoli
>c
>>y.c
>>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyAccessPoli
>c
>>y.c
>>deleted file mode 100644
>>index 56d3b1df98..0000000000
>>---
>>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyAccessPoli
>c
>>y.c
>>+++ /dev/null
>>@@ -1,688 +0,0 @@
>>-/** @file
>>- The functions for access policy modification.
>>-
>>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>>-This program and the accompanying materials
>>-are licensed and made available under the terms and conditions of the BSD
>>License
>>-which accompanies this distribution. The full text of the license may be
>>found at
>>-http://opensource.org/licenses/bsd-license.php
>>-
>>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-
>>-**/
>>-
>>-#include "UserProfileManager.h"
>>-
>>-/**
>>- Collect all the access policy data to mUserInfo.AccessPolicy,
>>- and save it to user profile.
>>-
>>-**/
>>-VOID
>>-SaveAccessPolicy (
>>- VOID
>>- )
>>-{
>>- EFI_STATUS Status;
>>- UINTN OffSet;
>>- UINTN Size;
>>- EFI_USER_INFO_ACCESS_CONTROL Control;
>>- EFI_USER_INFO_HANDLE UserInfo;
>>- EFI_USER_INFO *Info;
>>-
>>- if (mUserInfo.AccessPolicy != NULL) {
>>- FreePool (mUserInfo.AccessPolicy);
>>- }
>>- mUserInfo.AccessPolicy = NULL;
>>- mUserInfo.AccessPolicyLen = 0;
>>- mUserInfo.AccessPolicyModified = TRUE;
>>- OffSet = 0;
>>-
>>- //
>>- // Save access right.
>>- //
>>- Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL);
>>- if (mUserInfo.AccessPolicyLen - OffSet < Size) {
>>- ExpandMemory (OffSet, Size);
>>- }
>>-
>>- Control.Type = mAccessInfo.AccessRight;
>>- Control.Size = (UINT32) Size;
>>- CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
>>- OffSet += sizeof (Control);
>>-
>>- //
>>- // Save access setup.
>>- //
>>- Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) + sizeof (EFI_GUID);
>>- if (mUserInfo.AccessPolicyLen - OffSet < Size) {
>>- ExpandMemory (OffSet, Size);
>>- }
>>-
>>- Control.Type = EFI_USER_INFO_ACCESS_SETUP;
>>- Control.Size = (UINT32) Size;
>>- CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
>>- OffSet += sizeof (Control);
>>-
>>- if (mAccessInfo.AccessSetup == ACCESS_SETUP_NORMAL) {
>>- CopyGuid ((EFI_GUID *) (mUserInfo.AccessPolicy + OffSet),
>>&gEfiUserInfoAccessSetupNormalGuid);
>>- } else if (mAccessInfo.AccessSetup == ACCESS_SETUP_RESTRICTED) {
>>- CopyGuid ((EFI_GUID *) (mUserInfo.AccessPolicy + OffSet),
>>&gEfiUserInfoAccessSetupRestrictedGuid);
>>- } else if (mAccessInfo.AccessSetup == ACCESS_SETUP_ADMIN) {
>>- CopyGuid ((EFI_GUID *) (mUserInfo.AccessPolicy + OffSet),
>>&gEfiUserInfoAccessSetupAdminGuid);
>>- }
>>- OffSet += sizeof (EFI_GUID);
>>-
>>- //
>>- // Save access of boot order.
>>- //
>>- Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) + sizeof (UINT32);
>>- if (mUserInfo.AccessPolicyLen - OffSet < Size) {
>>- ExpandMemory (OffSet, Size);
>>- }
>>-
>>- Control.Type = EFI_USER_INFO_ACCESS_BOOT_ORDER;
>>- Control.Size = (UINT32) Size;
>>- CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
>>- OffSet += sizeof (Control);
>>-
>>- CopyMem ((UINT8 *) (mUserInfo.AccessPolicy + OffSet),
>>&mAccessInfo.AccessBootOrder, sizeof (UINT32));
>>- OffSet += sizeof (UINT32);
>>-
>>- //
>>- // Save permit load.
>>- //
>>- if (mAccessInfo.LoadPermitLen > 0) {
>>- Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) +
>>mAccessInfo.LoadPermitLen;
>>- if (mUserInfo.AccessPolicyLen - OffSet < Size) {
>>- ExpandMemory (OffSet, Size);
>>- }
>>-
>>- Control.Type = EFI_USER_INFO_ACCESS_PERMIT_LOAD;
>>- Control.Size = (UINT32) Size;
>>- CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
>>- OffSet += sizeof (Control);
>>-
>>- CopyMem (mUserInfo.AccessPolicy + OffSet, mAccessInfo.LoadPermit,
>>mAccessInfo.LoadPermitLen);
>>- OffSet += mAccessInfo.LoadPermitLen;
>>- }
>>-
>>- //
>>- // Save forbid load.
>>- //
>>- if (mAccessInfo.LoadForbidLen > 0) {
>>- Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) +
>>mAccessInfo.LoadForbidLen;
>>- if (mUserInfo.AccessPolicyLen - OffSet < Size) {
>>- ExpandMemory (OffSet, Size);
>>- }
>>-
>>- Control.Type = EFI_USER_INFO_ACCESS_FORBID_LOAD;
>>- Control.Size = (UINT32) Size;
>>- CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
>>- OffSet += sizeof (Control);
>>-
>>- CopyMem (mUserInfo.AccessPolicy + OffSet, mAccessInfo.LoadForbid,
>>mAccessInfo.LoadForbidLen);
>>- OffSet += mAccessInfo.LoadForbidLen;
>>- }
>>-
>>- //
>>- // Save permit connect.
>>- //
>>- if (mAccessInfo.ConnectPermitLen > 0) {
>>- Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) +
>>mAccessInfo.ConnectPermitLen;
>>- if (mUserInfo.AccessPolicyLen - OffSet < Size) {
>>- ExpandMemory (OffSet, Size);
>>- }
>>-
>>- Control.Type = EFI_USER_INFO_ACCESS_PERMIT_CONNECT;
>>- Control.Size = (UINT32) Size;
>>- CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
>>- OffSet += sizeof (Control);
>>-
>>- CopyMem (mUserInfo.AccessPolicy + OffSet,
>mAccessInfo.ConnectPermit,
>>mAccessInfo.ConnectPermitLen);
>>- OffSet += mAccessInfo.ConnectPermitLen;
>>- }
>>-
>>- //
>>- // Save forbid connect.
>>- //
>>- if (mAccessInfo.ConnectForbidLen > 0) {
>>- Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL) +
>>mAccessInfo.ConnectForbidLen;
>>- if (mUserInfo.AccessPolicyLen - OffSet < Size) {
>>- ExpandMemory (OffSet, Size);
>>- }
>>-
>>- Control.Type = EFI_USER_INFO_ACCESS_FORBID_CONNECT;
>>- Control.Size = (UINT32) Size;
>>- CopyMem (mUserInfo.AccessPolicy + OffSet, &Control, sizeof (Control));
>>- OffSet += sizeof (Control);
>>-
>>- CopyMem (mUserInfo.AccessPolicy + OffSet, mAccessInfo.ConnectForbid,
>>mAccessInfo.ConnectForbidLen);
>>- OffSet += mAccessInfo.ConnectForbidLen;
>>- }
>>-
>>- mUserInfo.AccessPolicyLen = OffSet;
>>-
>>- //
>>- // Save access policy.
>>- //
>>- if (mUserInfo.AccessPolicyModified && (mUserInfo.AccessPolicyLen > 0)
>>&& (mUserInfo.AccessPolicy != NULL)) {
>>- Info = AllocateZeroPool (sizeof (EFI_USER_INFO) +
>>mUserInfo.AccessPolicyLen);
>>- if (Info == NULL) {
>>- return ;
>>- }
>>-
>>- Status = FindInfoByType (mModifyUser,
>>EFI_USER_INFO_ACCESS_POLICY_RECORD, &UserInfo);
>>- if (!EFI_ERROR (Status)) {
>>- Info->InfoType = EFI_USER_INFO_ACCESS_POLICY_RECORD;
>>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>>- EFI_USER_INFO_PUBLIC |
>>- EFI_USER_INFO_EXCLUSIVE;
>>- Info->InfoSize = (UINT32) (sizeof (EFI_USER_INFO) +
>>mUserInfo.AccessPolicyLen);
>>- CopyMem ((UINT8 *) (Info + 1), mUserInfo.AccessPolicy,
>>mUserInfo.AccessPolicyLen);
>>- Status = mUserManager->SetInfo (
>>- mUserManager,
>>- mModifyUser,
>>- &UserInfo,
>>- Info,
>>- Info->InfoSize
>>- );
>>- mUserInfo.AccessPolicyModified = FALSE;
>>- }
>>- FreePool (Info);
>>- }
>>-
>>- if (mAccessInfo.ConnectForbid != NULL) {
>>- FreePool (mAccessInfo.ConnectForbid);
>>- mAccessInfo.ConnectForbid = NULL;
>>- }
>>-
>>- if (mAccessInfo.ConnectPermit != NULL) {
>>- FreePool (mAccessInfo.ConnectPermit);
>>- mAccessInfo.ConnectPermit = NULL;
>>- }
>>-
>>- if (mAccessInfo.LoadForbid != NULL) {
>>- FreePool (mAccessInfo.LoadForbid);
>>- mAccessInfo.LoadForbid = NULL;
>>- }
>>-
>>- if (mAccessInfo.LoadPermit != NULL) {
>>- FreePool (mAccessInfo.LoadPermit);
>>- mAccessInfo.LoadPermit = NULL;
>>- }
>>-}
>>-
>>-/**
>>- Create an action OpCode with QuestionID and DevicePath on a given
>>OpCodeHandle.
>>-
>>- @param[in] QuestionID The question ID.
>>- @param[in] DevicePath Points to device path.
>>- @param[in] OpCodeHandle Points to container for dynamic created
>>opcodes.
>>-
>>-**/
>>-VOID
>>-AddDevicePath (
>>- IN UINTN QuestionID,
>>- IN EFI_DEVICE_PATH_PROTOCOL *DevicePath,
>>- IN VOID *OpCodeHandle
>>- )
>>-{
>>- EFI_DEVICE_PATH_PROTOCOL *Next;
>>- EFI_STRING_ID NameID;
>>- EFI_STRING DriverName;
>>-
>>- //
>>- // Get driver file name node.
>>- //
>>- Next = DevicePath;
>>- while (!IsDevicePathEnd (Next)) {
>>- DevicePath = Next;
>>- Next = NextDevicePathNode (Next);
>>- }
>>-
>>- //
>>- // Display the device path in form.
>>- //
>>- DriverName = ConvertDevicePathToText (DevicePath, FALSE, FALSE);
>>- NameID = HiiSetString (mCallbackInfo->HiiHandle, 0, DriverName, NULL);
>>- FreePool (DriverName);
>>- if (NameID == 0) {
>>- return ;
>>- }
>>-
>>- HiiCreateActionOpCode (
>>- OpCodeHandle, // Container for dynamic created opcodes
>>- (UINT16) QuestionID, // Question ID
>>- NameID, // Prompt text
>>- STRING_TOKEN (STR_NULL_STRING), // Help text
>>- EFI_IFR_FLAG_CALLBACK, // Question flag
>>- 0 // Action String ID
>>- );
>>-}
>>-
>>-
>>-/**
>>- Check whether the DevicePath is in the device path forbid list
>>- (mAccessInfo.LoadForbid).
>>-
>>- @param[in] DevicePath Points to device path.
>>-
>>- @retval TRUE The DevicePath is in the device path forbid list.
>>- @retval FALSE The DevicePath is not in the device path forbid list.
>>-
>>-**/
>>-BOOLEAN
>>-IsLoadForbidden (
>>- IN EFI_DEVICE_PATH_PROTOCOL *DevicePath
>>- )
>>-{
>>- UINTN OffSet;
>>- UINTN DPSize;
>>- UINTN Size;
>>- EFI_DEVICE_PATH_PROTOCOL *Dp;
>>-
>>- OffSet = 0;
>>- Size = GetDevicePathSize (DevicePath);
>>- //
>>- // Check each device path.
>>- //
>>- while (OffSet < mAccessInfo.LoadForbidLen) {
>>- Dp = (EFI_DEVICE_PATH_PROTOCOL *) (mAccessInfo.LoadForbid +
>>OffSet);
>>- DPSize = GetDevicePathSize (Dp);
>>- //
>>- // Compare device path.
>>- //
>>- if ((DPSize == Size) && (CompareMem (DevicePath, Dp, Size) == 0)) {
>>- return TRUE;
>>- }
>>- OffSet += DPSize;
>>- }
>>- return FALSE;
>>-}
>>-
>>-
>>-/**
>>- Display the permit load device path in the loadable device path list.
>>-
>>-**/
>>-VOID
>>-DisplayLoadPermit(
>>- VOID
>>- )
>>-{
>>- EFI_STATUS Status;
>>- CHAR16 *Order;
>>- UINTN OrderSize;
>>- UINTN ListCount;
>>- UINTN Index;
>>- UINT8 *Var;
>>- UINT8 *VarPtr;
>>- CHAR16 VarName[12];
>>- VOID *StartOpCodeHandle;
>>- VOID *EndOpCodeHandle;
>>- EFI_IFR_GUID_LABEL *StartLabel;
>>- EFI_IFR_GUID_LABEL *EndLabel;
>>-
>>- //
>>- // Get DriverOrder.
>>- //
>>- OrderSize = 0;
>>- Status = gRT->GetVariable (
>>- L"DriverOrder",
>>- &gEfiGlobalVariableGuid,
>>- NULL,
>>- &OrderSize,
>>- NULL
>>- );
>>- if (Status != EFI_BUFFER_TOO_SMALL) {
>>- return ;
>>- }
>>-
>>- Order = AllocateZeroPool (OrderSize);
>>- if (Order == NULL) {
>>- return ;
>>- }
>>-
>>- Status = gRT->GetVariable (
>>- L"DriverOrder",
>>- &gEfiGlobalVariableGuid,
>>- NULL,
>>- &OrderSize,
>>- Order
>>- );
>>- if (EFI_ERROR (Status)) {
>>- return ;
>>- }
>>-
>>- //
>>- // Initialize the container for dynamic opcodes.
>>- //
>>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>>- ASSERT (StartOpCodeHandle != NULL);
>>-
>>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>>- ASSERT (EndOpCodeHandle != NULL);
>>-
>>- //
>>- // Create Hii Extend Label OpCode.
>>- //
>>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>>- StartOpCodeHandle,
>>- &gEfiIfrTianoGuid,
>>- NULL,
>>- sizeof (EFI_IFR_GUID_LABEL)
>>- );
>>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>>- StartLabel->Number = LABEL_PERMIT_LOAD_FUNC;
>>-
>>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>>- EndOpCodeHandle,
>>- &gEfiIfrTianoGuid,
>>- NULL,
>>- sizeof (EFI_IFR_GUID_LABEL)
>>- );
>>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>>- EndLabel->Number = LABEL_END;
>>-
>>- //
>>- // Add each driver option.
>>- //
>>- Var = NULL;
>>- ListCount = OrderSize / sizeof (UINT16);
>>- for (Index = 0; Index < ListCount; Index++) {
>>- //
>>- // Get driver device path.
>>- //
>>- UnicodeSPrint (VarName, sizeof (VarName), L"Driver%04x",
>Order[Index]);
>>- GetEfiGlobalVariable2 (VarName, (VOID**)&Var, NULL);
>>- if (Var == NULL) {
>>- continue;
>>- }
>>-
>>- //
>>- // Check whether the driver is already forbidden.
>>- //
>>-
>>- VarPtr = Var;
>>- //
>>- // Skip attribute.
>>- //
>>- VarPtr += sizeof (UINT32);
>>-
>>- //
>>- // Skip device path lenth.
>>- //
>>- VarPtr += sizeof (UINT16);
>>-
>>- //
>>- // Skip descript string.
>>- //
>>- VarPtr += StrSize ((UINT16 *) VarPtr);
>>-
>>- if (IsLoadForbidden ((EFI_DEVICE_PATH_PROTOCOL *) VarPtr)) {
>>- FreePool (Var);
>>- Var = NULL;
>>- continue;
>>- }
>>-
>>- AddDevicePath (
>>- KEY_MODIFY_USER | KEY_MODIFY_AP_DP |
>KEY_LOAD_PERMIT_MODIFY
>>| Order[Index],
>>- (EFI_DEVICE_PATH_PROTOCOL *) VarPtr,
>>- StartOpCodeHandle
>>- );
>>- FreePool (Var);
>>- Var = NULL;
>>- }
>>-
>>- HiiUpdateForm (
>>- mCallbackInfo->HiiHandle, // HII handle
>>- &gUserProfileManagerGuid, // Formset GUID
>>- FORMID_PERMIT_LOAD_DP, // Form ID
>>- StartOpCodeHandle, // Label for where to insert opcodes
>>- EndOpCodeHandle // Replace data
>>- );
>>-
>>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>>-
>>- //
>>- // Clear Environment.
>>- //
>>- if (Var != NULL) {
>>- FreePool (Var);
>>- }
>>- FreePool (Order);
>>-}
>>-
>>-
>>-/**
>>- Display the forbid load device path list (mAccessInfo.LoadForbid).
>>-
>>-**/
>>-VOID
>>-DisplayLoadForbid (
>>- VOID
>>- )
>>-{
>>- UINTN Offset;
>>- UINTN DPSize;
>>- UINTN Index;
>>- EFI_DEVICE_PATH_PROTOCOL *Dp;
>>- VOID *StartOpCodeHandle;
>>- VOID *EndOpCodeHandle;
>>- EFI_IFR_GUID_LABEL *StartLabel;
>>- EFI_IFR_GUID_LABEL *EndLabel;
>>-
>>- //
>>- // Initialize the container for dynamic opcodes.
>>- //
>>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>>- ASSERT (StartOpCodeHandle != NULL);
>>-
>>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>>- ASSERT (EndOpCodeHandle != NULL);
>>-
>>- //
>>- // Create Hii Extend Label OpCode.
>>- //
>>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>>- StartOpCodeHandle,
>>- &gEfiIfrTianoGuid,
>>- NULL,
>>- sizeof (EFI_IFR_GUID_LABEL)
>>- );
>>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>>- StartLabel->Number = LABLE_FORBID_LOAD_FUNC;
>>-
>>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>>- EndOpCodeHandle,
>>- &gEfiIfrTianoGuid,
>>- NULL,
>>- sizeof (EFI_IFR_GUID_LABEL)
>>- );
>>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>>- EndLabel->Number = LABEL_END;
>>-
>>- //
>>- // Add each forbid load drivers.
>>- //
>>- Offset = 0;
>>- Index = 0;
>>- while (Offset < mAccessInfo.LoadForbidLen) {
>>- Dp = (EFI_DEVICE_PATH_PROTOCOL *) (mAccessInfo.LoadForbid +
>>Offset);
>>- DPSize = GetDevicePathSize (Dp);
>>- AddDevicePath (
>>- KEY_MODIFY_USER | KEY_MODIFY_AP_DP |
>KEY_LOAD_FORBID_MODIFY
>>| Index,
>>- Dp,
>>- StartOpCodeHandle
>>- );
>>- Index++;
>>- Offset += DPSize;
>>- }
>>-
>>- HiiUpdateForm (
>>- mCallbackInfo->HiiHandle, // HII handle
>>- &gUserProfileManagerGuid, // Formset GUID
>>- FORMID_FORBID_LOAD_DP, // Form ID
>>- StartOpCodeHandle, // Label for where to insert opcodes
>>- EndOpCodeHandle // Replace data
>>- );
>>-
>>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>>-}
>>-
>>-
>>-/**
>>- Display the permit connect device path.
>>-
>>-**/
>>-VOID
>>-DisplayConnectPermit (
>>- VOID
>>- )
>>-{
>>- //
>>- // Note:
>>- // As no architect protocol/interface to be called in ConnectController()
>>- // to verify the device path, just add a place holder for permitted connect
>>- // device path.
>>- //
>>-}
>>-
>>-
>>-/**
>>- Display the forbid connect device path list.
>>-
>>-**/
>>-VOID
>>-DisplayConnectForbid (
>>- VOID
>>- )
>>-{
>>- //
>>- // Note:
>>- // As no architect protocol/interface to be called in ConnectController()
>>- // to verify the device path, just add a place holder for forbidden connect
>>- // device path.
>>- //
>>-}
>>-
>>-
>>-/**
>>- Delete the specified device path by DriverIndex from the forbid device
>path
>>- list (mAccessInfo.LoadForbid).
>>-
>>- @param[in] DriverIndex The index of driver in forbidden device path list.
>>-
>>-**/
>>-VOID
>>-DeleteFromForbidLoad (
>>- IN UINT16 DriverIndex
>>- )
>>-{
>>- UINTN OffSet;
>>- UINTN DPSize;
>>- UINTN OffLen;
>>- EFI_DEVICE_PATH_PROTOCOL *Dp;
>>-
>>- OffSet = 0;
>>- //
>>- // Find the specified device path.
>>- //
>>- while ((OffSet < mAccessInfo.LoadForbidLen) && (DriverIndex > 0)) {
>>- Dp = (EFI_DEVICE_PATH_PROTOCOL *) (mAccessInfo.LoadForbid +
>>OffSet);
>>- DPSize = GetDevicePathSize (Dp);
>>- OffSet += DPSize;
>>- DriverIndex--;
>>- }
>>-
>>- //
>>- // Specified device path found.
>>- //
>>- if (DriverIndex == 0) {
>>- Dp = (EFI_DEVICE_PATH_PROTOCOL *) (mAccessInfo.LoadForbid +
>>OffSet);
>>- DPSize = GetDevicePathSize (Dp);
>>- OffLen = mAccessInfo.LoadForbidLen - OffSet - DPSize;
>>- if (OffLen > 0) {
>>- CopyMem (
>>- mAccessInfo.LoadForbid + OffSet,
>>- mAccessInfo.LoadForbid + OffSet + DPSize,
>>- OffLen
>>- );
>>- }
>>- mAccessInfo.LoadForbidLen -= DPSize;
>>- }
>>-}
>>-
>>-
>>-/**
>>- Add the specified device path by DriverIndex to the forbid device path
>>- list (mAccessInfo.LoadForbid).
>>-
>>- @param[in] DriverIndex The index of driver saved in driver options.
>>-
>>-**/
>>-VOID
>>-AddToForbidLoad (
>>- IN UINT16 DriverIndex
>>- )
>>-{
>>- UINTN DevicePathLen;
>>- UINT8 *Var;
>>- UINT8 *VarPtr;
>>- UINTN NewLen;
>>- UINT8 *NewFL;
>>- CHAR16 VarName[13];
>>-
>>- //
>>- // Get loadable driver device path.
>>- //
>>- UnicodeSPrint (VarName, sizeof (VarName), L"Driver%04x", DriverIndex);
>>- GetEfiGlobalVariable2 (VarName, (VOID**)&Var, NULL);
>>- if (Var == NULL) {
>>- return;
>>- }
>>-
>>- //
>>- // Save forbid load driver.
>>- //
>>-
>>- VarPtr = Var;
>>- //
>>- // Skip attribute.
>>- //
>>- VarPtr += sizeof (UINT32);
>>-
>>- DevicePathLen = *(UINT16 *) VarPtr;
>>- //
>>- // Skip device path length.
>>- //
>>- VarPtr += sizeof (UINT16);
>>-
>>- //
>>- // Skip description string.
>>- //
>>- VarPtr += StrSize ((UINT16 *) VarPtr);
>>-
>>- NewLen = mAccessInfo.LoadForbidLen + DevicePathLen;
>>- NewFL = AllocateZeroPool (NewLen);
>>- if (NewFL == NULL) {
>>- FreePool (Var);
>>- return ;
>>- }
>>-
>>- if (mAccessInfo.LoadForbidLen > 0) {
>>- CopyMem (NewFL, mAccessInfo.LoadForbid,
>mAccessInfo.LoadForbidLen);
>>- FreePool (mAccessInfo.LoadForbid);
>>- }
>>-
>>- CopyMem (NewFL + mAccessInfo.LoadForbidLen, VarPtr, DevicePathLen);
>>- mAccessInfo.LoadForbidLen = NewLen;
>>- mAccessInfo.LoadForbid = NewFL;
>>- FreePool (Var);
>>-}
>>-
>>-
>>diff --git
>>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyIdentityPo
>li
>>cy.c
>>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyIdentityP
>oli
>>cy.c
>>deleted file mode 100644
>>index 602c4a8397..0000000000
>>---
>>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/ModifyIdentityPo
>li
>>cy.c
>>+++ /dev/null
>>@@ -1,516 +0,0 @@
>>-/** @file
>>- The functions for identification policy modification.
>>-
>>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>>-This program and the accompanying materials
>>-are licensed and made available under the terms and conditions of the BSD
>>License
>>-which accompanies this distribution. The full text of the license may be
>>found at
>>-http://opensource.org/licenses/bsd-license.php
>>-
>>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-
>>-**/
>>-
>>-#include "UserProfileManager.h"
>>-
>>-
>>-/**
>>- Verify the new identity policy in the current implementation. The same
>>credential
>>- provider can't appear twice in one identity policy.
>>-
>>- @param[in] NewGuid Points to the credential provider guid.
>>-
>>- @retval TRUE The NewGuid was found in the identity policy.
>>- @retval FALSE The NewGuid was not found.
>>-
>>-**/
>>-BOOLEAN
>>-ProviderAlreadyInPolicy (
>>- IN EFI_GUID *NewGuid
>>- )
>>-{
>>- UINTN Offset;
>>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>>- EFI_INPUT_KEY Key;
>>-
>>- Offset = 0;
>>- while (Offset < mUserInfo.NewIdentityPolicyLen) {
>>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *)
>>(mUserInfo.NewIdentityPolicy + Offset);
>>- if (Identity->Type == EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER)
>{
>>- if (CompareGuid (NewGuid, (EFI_GUID *) (Identity + 1))) {
>>- CreatePopUp (
>>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>>- &Key,
>>- L"This Credential Provider Are Already Used!",
>>- L"",
>>- L"Press Any Key to Continue ...",
>>- NULL
>>- );
>>- return TRUE;
>>- }
>>- }
>>- Offset += Identity->Length;
>>- }
>>-
>>- return FALSE;
>>-}
>>-
>>-
>>-/**
>>- Add the user's credential record in the provider.
>>-
>>- @param[in] Identity Identity policy item including credential provider.
>>- @param[in] User Points to user profile.
>>-
>>- @retval EFI_SUCCESS Add or delete record successfully.
>>- @retval Others Fail to add or delete record.
>>-
>>-**/
>>-EFI_STATUS
>>-EnrollUserOnProvider (
>>- IN EFI_USER_INFO_IDENTITY_POLICY *Identity,
>>- IN EFI_USER_PROFILE_HANDLE User
>>- )
>>-{
>>- UINTN Index;
>>- EFI_USER_CREDENTIAL2_PROTOCOL *UserCredential;
>>-
>>- //
>>- // Find the specified credential provider.
>>- //
>>- for (Index = 0; Index < mProviderInfo->Count; Index++) {
>>- UserCredential = mProviderInfo->Provider[Index];
>>- if (CompareGuid ((EFI_GUID *)(Identity + 1), &UserCredential-
>>Identifier))
>>{
>>- return UserCredential->Enroll (UserCredential, User);
>>- }
>>- }
>>-
>>- return EFI_NOT_FOUND;
>>-}
>>-
>>-
>>-/**
>>- Delete the User's credential record on the provider.
>>-
>>- @param[in] Identity Point to
>>EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER user info.
>>- @param[in] User Points to user profile.
>>-
>>- @retval EFI_SUCCESS Delete User's credential record successfully.
>>- @retval Others Fail to add or delete record.
>>-
>>-**/
>>-EFI_STATUS
>>-DeleteUserOnProvider (
>>- IN EFI_USER_INFO_IDENTITY_POLICY *Identity,
>>- IN EFI_USER_PROFILE_HANDLE User
>>- )
>>-{
>>- UINTN Index;
>>- EFI_USER_CREDENTIAL2_PROTOCOL *UserCredential;
>>-
>>- //
>>- // Find the specified credential provider.
>>- //
>>- for (Index = 0; Index < mProviderInfo->Count; Index++) {
>>- UserCredential = mProviderInfo->Provider[Index];
>>- if (CompareGuid ((EFI_GUID *)(Identity + 1), &UserCredential-
>>Identifier))
>>{
>>- return UserCredential->Delete (UserCredential, User);
>>- }
>>- }
>>-
>>- return EFI_NOT_FOUND;
>>-}
>>-
>>-
>>-/**
>>- Delete User's credental from all the providers that exist in User's identity
>>policy.
>>-
>>- @param[in] IdentityPolicy Point to User's identity policy.
>>- @param[in] IdentityPolicyLen The length of the identity policy.
>>- @param[in] User Points to user profile.
>>-
>>-**/
>>-VOID
>>-DeleteCredentialFromProviders (
>>- IN UINT8 *IdentityPolicy,
>>- IN UINTN IdentityPolicyLen,
>>- IN EFI_USER_PROFILE_HANDLE User
>>- )
>>-{
>>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>>- UINTN Offset;
>>-
>>- Offset = 0;
>>- while (Offset < IdentityPolicyLen) {
>>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) (IdentityPolicy + Offset);
>>- if (Identity->Type == EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER)
>{
>>- //
>>- // Delete the user on this provider.
>>- //
>>- DeleteUserOnProvider (Identity, User);
>>- }
>>- Offset += Identity->Length;
>>- }
>>-
>>-}
>>-
>>-
>>-/**
>>- Remove the provider specified by Offset from the new user identification
>>record.
>>-
>>- @param[in] IdentityPolicy Point to user identity item in new
>identification
>>policy.
>>- @param[in] Offset The item offset in the new identification policy.
>>-
>>-**/
>>-VOID
>>-DeleteProviderFromPolicy (
>>- IN EFI_USER_INFO_IDENTITY_POLICY *IdentityPolicy,
>>- IN UINTN Offset
>>- )
>>-{
>>- UINTN RemainingLen;
>>- UINTN DeleteLen;
>>-
>>- if (IdentityPolicy->Length == mUserInfo.NewIdentityPolicyLen) {
>>- //
>>- // Only one credential provider in the identification policy.
>>- // Set the new policy to be TRUE after removed the provider.
>>- //
>>- IdentityPolicy->Type = EFI_USER_INFO_IDENTITY_TRUE;
>>- IdentityPolicy->Length = sizeof (EFI_USER_INFO_IDENTITY_POLICY);
>>- mUserInfo.NewIdentityPolicyLen = IdentityPolicy->Length;
>>- return ;
>>- }
>>-
>>- DeleteLen = IdentityPolicy->Length +
>>sizeof(EFI_USER_INFO_IDENTITY_POLICY);
>>- if ((Offset + IdentityPolicy->Length) != mUserInfo.NewIdentityPolicyLen) {
>>- //
>>- // This provider is not the last item in the identification policy, delete it
>and
>>the connector.
>>- //
>>- RemainingLen = mUserInfo.NewIdentityPolicyLen - Offset - DeleteLen;
>>- CopyMem ((UINT8 *) IdentityPolicy, (UINT8 *) IdentityPolicy + DeleteLen,
>>RemainingLen);
>>- }
>>- mUserInfo.NewIdentityPolicyLen -= DeleteLen;
>>-}
>>-
>>-
>>-/**
>>- Add a new provider to the mUserInfo.NewIdentityPolicy.
>>-
>>- It is invoked when 'add option' in UI is pressed.
>>-
>>- @param[in] NewGuid Points to the credential provider guid.
>>-
>>-**/
>>-VOID
>>-AddProviderToPolicy (
>>- IN EFI_GUID *NewGuid
>>- )
>>-{
>>- UINT8 *NewPolicyInfo;
>>- UINTN NewPolicyInfoLen;
>>- EFI_USER_INFO_IDENTITY_POLICY *Policy;
>>-
>>- //
>>- // Allocate memory for the new identity policy.
>>- //
>>- NewPolicyInfoLen = mUserInfo.NewIdentityPolicyLen + sizeof
>>(EFI_USER_INFO_IDENTITY_POLICY) + sizeof (EFI_GUID);
>>- if (mUserInfo.NewIdentityPolicyLen > 0) {
>>- //
>>- // It is not the first provider in the policy. Add a connector before provider.
>>- //
>>- NewPolicyInfoLen += sizeof (EFI_USER_INFO_IDENTITY_POLICY);
>>- }
>>- NewPolicyInfo = AllocateZeroPool (NewPolicyInfoLen);
>>- if (NewPolicyInfo == NULL) {
>>- return ;
>>- }
>>-
>>- NewPolicyInfoLen = 0;
>>- if (mUserInfo.NewIdentityPolicyLen > 0) {
>>- //
>>- // Save orginal policy.
>>- //
>>- CopyMem (NewPolicyInfo, mUserInfo.NewIdentityPolicy,
>>mUserInfo.NewIdentityPolicyLen);
>>-
>>- //
>>- // Save logical connector.
>>- //
>>- Policy = (EFI_USER_INFO_IDENTITY_POLICY *) (NewPolicyInfo +
>>mUserInfo.NewIdentityPolicyLen);
>>- if (mConncetLogical == 0) {
>>- Policy->Type = EFI_USER_INFO_IDENTITY_AND;
>>- } else {
>>- Policy->Type = EFI_USER_INFO_IDENTITY_OR;
>>- }
>>-
>>- Policy->Length = sizeof (EFI_USER_INFO_IDENTITY_POLICY);
>>- NewPolicyInfoLen = mUserInfo.NewIdentityPolicyLen + Policy->Length;
>>- FreePool (mUserInfo.NewIdentityPolicy);
>>- }
>>-
>>- //
>>- // Save credential provider.
>>- //
>>- Policy = (EFI_USER_INFO_IDENTITY_POLICY *) (NewPolicyInfo +
>>NewPolicyInfoLen);
>>- Policy->Length = sizeof (EFI_USER_INFO_IDENTITY_POLICY) + sizeof
>>(EFI_GUID);
>>- Policy->Type = EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER;
>>- CopyGuid ((EFI_GUID *) (Policy + 1), NewGuid);
>>- NewPolicyInfoLen += Policy->Length;
>>-
>>- //
>>- // Update identity policy choice.
>>- //
>>- mUserInfo.NewIdentityPolicy = NewPolicyInfo;
>>- mUserInfo.NewIdentityPolicyLen = NewPolicyInfoLen;
>>- mUserInfo.NewIdentityPolicyModified = TRUE;
>>-}
>>-
>>-
>>-/**
>>- This function replaces the old identity policy with a new identity policy.
>>-
>>- This function delete the user identity policy information.
>>- If enroll new credential failed, recover the old identity policy.
>>-
>>- @retval EFI_SUCCESS Modify user identity policy successfully.
>>- @retval Others Fail to modify user identity policy.
>>-
>>-**/
>>-EFI_STATUS
>>-UpdateCredentialProvider (
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>>- UINTN Offset;
>>-
>>- //
>>- // Delete the old identification policy.
>>- //
>>- DeleteCredentialFromProviders (mUserInfo.IdentityPolicy,
>>mUserInfo.IdentityPolicyLen, mModifyUser);
>>-
>>- //
>>- // Add the new identification policy.
>>- //
>>- Offset = 0;
>>- while (Offset < mUserInfo.NewIdentityPolicyLen) {
>>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *)
>>(mUserInfo.NewIdentityPolicy + Offset);
>>- if (Identity->Type == EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER)
>{
>>- //
>>- // Enroll the user on this provider
>>- //
>>- Status = EnrollUserOnProvider (Identity, mModifyUser);
>>- if (EFI_ERROR (Status)) {
>>- //
>>- // Failed to enroll the user by new identification policy.
>>- // So removed the credential provider from the identification policy
>>- //
>>- DeleteProviderFromPolicy (Identity, Offset);
>>- continue;
>>- }
>>- }
>>- Offset += Identity->Length;
>>- }
>>-
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Check whether the identity policy is valid.
>>-
>>- @param[in] PolicyInfo Point to the identity policy.
>>- @param[in] PolicyInfoLen The policy length.
>>-
>>- @retval TRUE The policy is a valid identity policy.
>>- @retval FALSE The policy is not a valid identity policy.
>>-
>>-**/
>>-BOOLEAN
>>-CheckNewIdentityPolicy (
>>- IN UINT8 *PolicyInfo,
>>- IN UINTN PolicyInfoLen
>>- )
>>-{
>>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>>- EFI_INPUT_KEY Key;
>>- UINTN Offset;
>>- UINT32 OpCode;
>>-
>>- //
>>- // Check policy expression.
>>- //
>>- OpCode = EFI_USER_INFO_IDENTITY_FALSE;
>>- Offset = 0;
>>- while (Offset < PolicyInfoLen) {
>>- //
>>- // Check identification policy according to type
>>- //
>>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) (PolicyInfo + Offset);
>>- switch (Identity->Type) {
>>-
>>- case EFI_USER_INFO_IDENTITY_TRUE:
>>- break;
>>-
>>- case EFI_USER_INFO_IDENTITY_OR:
>>- if (OpCode == EFI_USER_INFO_IDENTITY_AND) {
>>- CreatePopUp (
>>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>>- &Key,
>>- L"Invalid Identity Policy, Mixed Connector Unsupport!",
>>- L"",
>>- L"Press Any Key to Continue ...",
>>- NULL
>>- );
>>- return FALSE;
>>- }
>>-
>>- OpCode = EFI_USER_INFO_IDENTITY_OR;
>>- break;
>>-
>>- case EFI_USER_INFO_IDENTITY_AND:
>>- if (OpCode == EFI_USER_INFO_IDENTITY_OR) {
>>- CreatePopUp (
>>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>>- &Key,
>>- L"Invalid Identity Policy, Mixed Connector Unsupport!",
>>- L"",
>>- L"Press Any Key to Continue ...",
>>- NULL
>>- );
>>- return FALSE;
>>- }
>>-
>>- OpCode = EFI_USER_INFO_IDENTITY_AND;
>>- break;
>>-
>>- case EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER:
>>- break;
>>-
>>- default:
>>- CreatePopUp (
>>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>>- &Key,
>>- L"Unsupport parameter",
>>- L"",
>>- L"Press Any Key to Continue ...",
>>- NULL
>>- );
>>- return FALSE;
>>- }
>>- Offset += Identity->Length;
>>- }
>>-
>>- return TRUE;
>>-}
>>-
>>-
>>-/**
>>- Save the identity policy and update UI with it.
>>-
>>- This function will verify the new identity policy, in current implementation,
>>- the identity policy can be: T, P & P & P & ..., P | P | P | ...
>>- Here, "T" means "True", "P" means "Credential Provider", "&" means
>"and",
>>"|" means "or".
>>- Other identity policies are not supported.
>>-
>>-**/
>>-VOID
>>-SaveIdentityPolicy (
>>- VOID
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_USER_INFO_HANDLE UserInfo;
>>- EFI_USER_INFO *Info;
>>-
>>- if (!mUserInfo.NewIdentityPolicyModified ||
>>(mUserInfo.NewIdentityPolicyLen == 0)) {
>>- return;
>>- }
>>-
>>- //
>>- // Check policy expression.
>>- //
>>- if (!CheckNewIdentityPolicy (mUserInfo.NewIdentityPolicy,
>>mUserInfo.NewIdentityPolicyLen)) {
>>- return;
>>- }
>>-
>>- Status = FindInfoByType (mModifyUser,
>>EFI_USER_INFO_IDENTITY_POLICY_RECORD, &UserInfo);
>>- if (EFI_ERROR (Status)) {
>>- return ;
>>- }
>>-
>>- //
>>- // Update the informantion on credential provider.
>>- //
>>- Status = UpdateCredentialProvider ();
>>- if (EFI_ERROR (Status)) {
>>- return ;
>>- }
>>-
>>- //
>>- // Save new identification policy.
>>- //
>>- Info = AllocateZeroPool (sizeof (EFI_USER_INFO) +
>>mUserInfo.NewIdentityPolicyLen);
>>- ASSERT (Info != NULL);
>>-
>>- Info->InfoType = EFI_USER_INFO_IDENTITY_POLICY_RECORD;
>>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>>EFI_USER_INFO_PUBLIC | EFI_USER_INFO_EXCLUSIVE;
>>- Info->InfoSize = (UINT32) (sizeof (EFI_USER_INFO) +
>>mUserInfo.NewIdentityPolicyLen);
>>- CopyMem ((UINT8 *) (Info + 1), mUserInfo.NewIdentityPolicy,
>>mUserInfo.NewIdentityPolicyLen);
>>-
>>- Status = mUserManager->SetInfo (mUserManager, mModifyUser,
>>&UserInfo, Info, Info->InfoSize);
>>- FreePool (Info);
>>-
>>- //
>>- // Update the mUserInfo.IdentityPolicy by mUserInfo.NewIdentityPolicy
>>- //
>>- if (mUserInfo.IdentityPolicy != NULL) {
>>- FreePool (mUserInfo.IdentityPolicy);
>>- }
>>- mUserInfo.IdentityPolicy = mUserInfo.NewIdentityPolicy;
>>- mUserInfo.IdentityPolicyLen = mUserInfo.NewIdentityPolicyLen;
>>-
>>- mUserInfo.NewIdentityPolicy = NULL;
>>- mUserInfo.NewIdentityPolicyLen = 0;
>>- mUserInfo.NewIdentityPolicyModified = FALSE;
>>-
>>- //
>>- // Update identity policy choice.
>>- //
>>- ResolveIdentityPolicy (mUserInfo.IdentityPolicy,
>>mUserInfo.IdentityPolicyLen, STRING_TOKEN (STR_IDENTIFY_POLICY_VAL));
>>-}
>>-
>>-
>>-/**
>>- Update the mUserInfo.NewIdentityPolicy, and UI when 'add option' is
>>pressed.
>>-
>>-**/
>>-VOID
>>-AddIdentityPolicyItem (
>>- VOID
>>- )
>>-{
>>- if (mProviderInfo->Count == 0) {
>>- return ;
>>- }
>>-
>>- //
>>- // Check the identity policy.
>>- //
>>- if (ProviderAlreadyInPolicy (&mProviderInfo->Provider[mProviderChoice]-
>>>Identifier)) {
>>- return;
>>- }
>>-
>>- //
>>- // Add it to identification policy
>>- //
>>- AddProviderToPolicy (&mProviderInfo->Provider[mProviderChoice]-
>>>Identifier);
>>-
>>- //
>>- // Update identity policy choice.
>>- //
>>- ResolveIdentityPolicy (mUserInfo.NewIdentityPolicy,
>>mUserInfo.NewIdentityPolicyLen, STRING_TOKEN
>>(STR_IDENTIFY_POLICY_VALUE));
>>-}
>>-
>>-
>>diff --git
>>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileAdd.c
>>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileAdd.c
>>deleted file mode 100644
>>index 6de7e75e79..0000000000
>>---
>>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileAdd.c
>>+++ /dev/null
>>@@ -1,372 +0,0 @@
>>-/** @file
>>- The functions to add a user profile.
>>-
>>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>>-This program and the accompanying materials
>>-are licensed and made available under the terms and conditions of the BSD
>>License
>>-which accompanies this distribution. The full text of the license may be
>>found at
>>-http://opensource.org/licenses/bsd-license.php
>>-
>>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-
>>-**/
>>-
>>-#include "UserProfileManager.h"
>>-
>>-
>>-/**
>>- Get user name from the popup windows.
>>-
>>- @param[in, out] UserNameLen On entry, point to UserName buffer
>lengh,
>>in bytes.
>>- On exit, point to input user name length, in bytes.
>>- @param[out] UserName The buffer to hold the input user name.
>>-
>>- @retval EFI_ABORTED It is given up by pressing 'ESC' key.
>>- @retval EFI_NOT_READY Not a valid input at all.
>>- @retval EFI_SUCCESS Get a user name successfully.
>>-
>>-**/
>>-EFI_STATUS
>>-GetUserNameInput (
>>- IN OUT UINTN *UserNameLen,
>>- OUT CHAR16 *UserName
>>- )
>>-{
>>- EFI_INPUT_KEY Key;
>>- UINTN NameLen;
>>- CHAR16 Name[USER_NAME_LENGTH];
>>-
>>- NameLen = 0;
>>- while (TRUE) {
>>- Name[NameLen] = L'_';
>>- Name[NameLen + 1] = L'\0';
>>- CreatePopUp (
>>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>>- &Key,
>>- L"Input User Name",
>>- L"---------------------",
>>- Name,
>>- NULL
>>- );
>>- //
>>- // Check key.
>>- //
>>- if (Key.ScanCode == SCAN_NULL) {
>>- if (Key.UnicodeChar == CHAR_CARRIAGE_RETURN) {
>>- //
>>- // Add the null terminator.
>>- //
>>- Name[NameLen] = 0;
>>- NameLen++;
>>- break;
>>- } else if ((Key.UnicodeChar == CHAR_NULL) ||
>>- (Key.UnicodeChar == CHAR_TAB) ||
>>- (Key.UnicodeChar == CHAR_LINEFEED)
>>- ) {
>>- continue;
>>- } else {
>>- if (Key.UnicodeChar == CHAR_BACKSPACE) {
>>- if (NameLen > 0) {
>>- NameLen--;
>>- }
>>- } else {
>>- Name[NameLen] = Key.UnicodeChar;
>>- NameLen++;
>>- if (NameLen + 1 == USER_NAME_LENGTH) {
>>- //
>>- // Add the null terminator.
>>- //
>>- Name[NameLen] = 0;
>>- NameLen++;
>>- break;
>>- }
>>- }
>>- }
>>- }
>>-
>>- if (Key.ScanCode == SCAN_ESC) {
>>- return EFI_ABORTED;
>>- }
>>- }
>>-
>>- if (NameLen <= 1) {
>>- return EFI_NOT_READY;
>>- }
>>-
>>- if (*UserNameLen < NameLen * sizeof (CHAR16)) {
>>- return EFI_NOT_READY;
>>- }
>>-
>>- *UserNameLen = NameLen * sizeof (CHAR16);
>>- CopyMem (UserName, Name, *UserNameLen);
>>-
>>- return EFI_SUCCESS;
>>-}
>>-
>>-/**
>>- Set a user's username.
>>-
>>- @param[in] User Handle of a user profile .
>>- @param[in] UserNameLen The lengh of UserName.
>>- @param[in] UserName Point to the buffer of user name.
>>-
>>- @retval EFI_NOT_READY The usernme in mAddUserName had been
>used.
>>- @retval EFI_SUCCESS Change the user's username successfully with
>>- username in mAddUserName.
>>-
>>-**/
>>-EFI_STATUS
>>-SetUserName (
>>- IN EFI_USER_PROFILE_HANDLE User,
>>- IN UINTN UserNameLen,
>>- IN CHAR16 *UserName
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_USER_INFO_HANDLE UserInfo;
>>- EFI_USER_PROFILE_HANDLE TempUser;
>>- EFI_USER_INFO *NewUserInfo;
>>-
>>- NewUserInfo = AllocateZeroPool (sizeof (EFI_USER_INFO) +
>UserNameLen);
>>- ASSERT (NewUserInfo != NULL);
>>-
>>- NewUserInfo->InfoType = EFI_USER_INFO_NAME_RECORD;
>>- NewUserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>>- EFI_USER_INFO_PUBLIC |
>>- EFI_USER_INFO_EXCLUSIVE;
>>- NewUserInfo->InfoSize = (UINT32) (sizeof (EFI_USER_INFO) +
>>UserNameLen);
>>- CopyMem ((UINT8 *) (NewUserInfo + 1), UserName, UserNameLen);
>>- TempUser = NULL;
>>- Status = mUserManager->Find (
>>- mUserManager,
>>- &TempUser,
>>- NULL,
>>- NewUserInfo,
>>- NewUserInfo->InfoSize
>>- );
>>- if (!EFI_ERROR (Status)) {
>>- //
>>- // The user name had been used, return error.
>>- //
>>- FreePool (NewUserInfo);
>>- return EFI_NOT_READY;
>>- }
>>-
>>- UserInfo = NULL;
>>- mUserManager->SetInfo (
>>- mUserManager,
>>- User,
>>- &UserInfo,
>>- NewUserInfo,
>>- NewUserInfo->InfoSize
>>- );
>>- FreePool (NewUserInfo);
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- Set create date of the specified user.
>>-
>>- @param[in] User Handle of a user profile.
>>-
>>-**/
>>-VOID
>>-SetCreateDate (
>>- IN EFI_USER_PROFILE_HANDLE User
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_USER_INFO_HANDLE UserInfo;
>>- EFI_USER_INFO_CREATE_DATE Date;
>>- EFI_USER_INFO *NewUserInfo;
>>-
>>- NewUserInfo = AllocateZeroPool (
>>- sizeof (EFI_USER_INFO) +
>>- sizeof (EFI_USER_INFO_CREATE_DATE)
>>- );
>>- ASSERT (NewUserInfo != NULL);
>>-
>>- NewUserInfo->InfoType = EFI_USER_INFO_CREATE_DATE_RECORD;
>>- NewUserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>>- EFI_USER_INFO_PUBLIC |
>>- EFI_USER_INFO_EXCLUSIVE;
>>- NewUserInfo->InfoSize = sizeof (EFI_USER_INFO) + sizeof
>>(EFI_USER_INFO_CREATE_DATE);
>>- Status = gRT->GetTime (&Date, NULL);
>>- if (EFI_ERROR (Status)) {
>>- FreePool (NewUserInfo);
>>- return ;
>>- }
>>-
>>- CopyMem ((UINT8 *) (NewUserInfo + 1), &Date, sizeof
>>(EFI_USER_INFO_CREATE_DATE));
>>- UserInfo = NULL;
>>- mUserManager->SetInfo (
>>- mUserManager,
>>- User,
>>- &UserInfo,
>>- NewUserInfo,
>>- NewUserInfo->InfoSize
>>- );
>>- FreePool (NewUserInfo);
>>-}
>>-
>>-
>>-/**
>>- Set the default identity policy of the specified user.
>>-
>>- @param[in] User Handle of a user profile.
>>-
>>-**/
>>-VOID
>>-SetIdentityPolicy (
>>- IN EFI_USER_PROFILE_HANDLE User
>>- )
>>-{
>>- EFI_USER_INFO_IDENTITY_POLICY *Policy;
>>- EFI_USER_INFO_HANDLE UserInfo;
>>- EFI_USER_INFO *NewUserInfo;
>>-
>>- NewUserInfo = AllocateZeroPool (
>>- sizeof (EFI_USER_INFO) +
>>- sizeof (EFI_USER_INFO_IDENTITY_POLICY)
>>- );
>>- ASSERT (NewUserInfo != NULL);
>>-
>>- Policy = (EFI_USER_INFO_IDENTITY_POLICY *) (NewUserInfo + 1);
>>- Policy->Type = EFI_USER_INFO_IDENTITY_TRUE;
>>- Policy->Length = sizeof (EFI_USER_INFO_IDENTITY_POLICY);
>>-
>>- NewUserInfo->InfoType = EFI_USER_INFO_IDENTITY_POLICY_RECORD;
>>- NewUserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>>- EFI_USER_INFO_PUBLIC |
>>- EFI_USER_INFO_EXCLUSIVE;
>>- NewUserInfo->InfoSize = sizeof (EFI_USER_INFO) + Policy->Length;
>>- UserInfo = NULL;
>>- mUserManager->SetInfo (
>>- mUserManager,
>>- User,
>>- &UserInfo,
>>- NewUserInfo,
>>- NewUserInfo->InfoSize
>>- );
>>- FreePool (NewUserInfo);
>>-}
>>-
>>-
>>-/**
>>- Set the default access policy of the specified user.
>>-
>>- @param[in] User Handle of a user profile.
>>-
>>-**/
>>-VOID
>>-SetAccessPolicy (
>>- IN EFI_USER_PROFILE_HANDLE User
>>- )
>>-{
>>- EFI_USER_INFO_ACCESS_CONTROL *Control;
>>- EFI_USER_INFO_HANDLE UserInfo;
>>- EFI_USER_INFO *NewUserInfo;
>>-
>>- NewUserInfo = AllocateZeroPool (
>>- sizeof (EFI_USER_INFO) +
>>- sizeof (EFI_USER_INFO_ACCESS_CONTROL)
>>- );
>>- ASSERT (NewUserInfo != NULL);
>>-
>>- Control = (EFI_USER_INFO_ACCESS_CONTROL *) (NewUserInfo +
>>1);
>>- Control->Type = EFI_USER_INFO_ACCESS_ENROLL_SELF;
>>- Control->Size = sizeof (EFI_USER_INFO_ACCESS_CONTROL);
>>-
>>- NewUserInfo->InfoType = EFI_USER_INFO_ACCESS_POLICY_RECORD;
>>- NewUserInfo->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>>- EFI_USER_INFO_PUBLIC |
>>- EFI_USER_INFO_EXCLUSIVE;
>>- NewUserInfo->InfoSize = sizeof (EFI_USER_INFO) + Control->Size;
>>- UserInfo = NULL;
>>- mUserManager->SetInfo (
>>- mUserManager,
>>- User,
>>- &UserInfo,
>>- NewUserInfo,
>>- NewUserInfo->InfoSize
>>- );
>>- FreePool (NewUserInfo);
>>-}
>>-
>>-
>>-/**
>>- Add a new user profile into the user profile database.
>>-
>>-**/
>>-VOID
>>-CallAddUser (
>>- VOID
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_INPUT_KEY Key;
>>- EFI_USER_PROFILE_HANDLE User;
>>- UINTN UserNameLen;
>>- CHAR16 UserName[USER_NAME_LENGTH];
>>- CHAR16 *QuestionStr;
>>- CHAR16 *PromptStr;
>>-
>>- QuestionStr = NULL;
>>- PromptStr = NULL;
>>-
>>- //
>>- // Get user name to add.
>>- //
>>- UserNameLen = sizeof (UserName);
>>- Status = GetUserNameInput (&UserNameLen, UserName);
>>- if (EFI_ERROR (Status)) {
>>- if (Status != EFI_ABORTED) {
>>- QuestionStr = GetStringById (STRING_TOKEN
>>(STR_GET_USERNAME_FAILED));
>>- PromptStr = GetStringById (STRING_TOKEN
>>(STR_STROKE_KEY_CONTINUE));
>>- goto Done;
>>- }
>>- return ;
>>- }
>>-
>>- //
>>- // Create a new user profile.
>>- //
>>- User = NULL;
>>- Status = mUserManager->Create (mUserManager, &User);
>>- if (EFI_ERROR (Status)) {
>>- QuestionStr = GetStringById (STRING_TOKEN
>>(STR_CREATE_PROFILE_FAILED));
>>- PromptStr = GetStringById (STRING_TOKEN
>>(STR_STROKE_KEY_CONTINUE));
>>- } else {
>>- //
>>- // Add default user information.
>>- //
>>- Status = SetUserName (User, UserNameLen, UserName);
>>- if (EFI_ERROR (Status)) {
>>- QuestionStr = GetStringById (STRING_TOKEN
>>(STR_USER_ALREADY_EXISTED));
>>- PromptStr = GetStringById (STRING_TOKEN
>>(STR_STROKE_KEY_CONTINUE));
>>- goto Done;
>>- }
>>-
>>- SetCreateDate (User);
>>- SetIdentityPolicy (User);
>>- SetAccessPolicy (User);
>>-
>>- QuestionStr = GetStringById (STRING_TOKEN
>>(STR_CREATE_PROFILE_SUCCESS));
>>- PromptStr = GetStringById (STRING_TOKEN
>>(STR_STROKE_KEY_CONTINUE));
>>- }
>>-
>>-Done:
>>- CreatePopUp (
>>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>>- &Key,
>>- QuestionStr,
>>- L"",
>>- PromptStr,
>>- NULL
>>- );
>>- FreePool (QuestionStr);
>>- FreePool (PromptStr);
>>-}
>>-
>>diff --git
>>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileDelet
>e.
>>c
>>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileDelet
>e.
>>c
>>deleted file mode 100644
>>index af5d3109dd..0000000000
>>---
>>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileDelet
>e.
>>c
>>+++ /dev/null
>>@@ -1,343 +0,0 @@
>>-/** @file
>>- The functions to delete a user profile.
>>-
>>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>>-This program and the accompanying materials
>>-are licensed and made available under the terms and conditions of the BSD
>>License
>>-which accompanies this distribution. The full text of the license may be
>>found at
>>-http://opensource.org/licenses/bsd-license.php
>>-
>>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-
>>-**/
>>-
>>-#include "UserProfileManager.h"
>>-
>>-/**
>>- Get the username from the specified user.
>>-
>>- @param[in] User Handle of a user profile.
>>-
>>- @retval EFI_STRING_ID The String Id of the user's username.
>>-
>>-**/
>>-EFI_STRING_ID
>>-GetUserName (
>>- IN EFI_USER_PROFILE_HANDLE User
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_USER_INFO_HANDLE UserInfo;
>>- EFI_USER_INFO *Info;
>>- UINTN InfoSize;
>>- UINTN MemSize;
>>- UINTN NameLen;
>>- CHAR16 UserName[USER_NAME_LENGTH];
>>- EFI_STRING_ID UserId;
>>-
>>- //
>>- // Allocate user information memory.
>>- //
>>- MemSize = sizeof (EFI_USER_INFO) + 63;
>>- Info = AllocateZeroPool (MemSize);
>>- ASSERT (Info != NULL);
>>-
>>- //
>>- // Get user name information.
>>- //
>>- UserInfo = NULL;
>>- while (TRUE) {
>>- InfoSize = MemSize;
>>- //
>>- // Get next user information.
>>- //
>>- Status = mUserManager->GetNextInfo (
>>- mUserManager,
>>- User,
>>- &UserInfo
>>- );
>>- if (EFI_ERROR (Status)) {
>>- break;
>>- }
>>-
>>- Status = mUserManager->GetInfo (
>>- mUserManager,
>>- User,
>>- UserInfo,
>>- Info,
>>- &InfoSize
>>- );
>>- if (Status == EFI_BUFFER_TOO_SMALL) {
>>- MemSize = InfoSize;
>>- FreePool (Info);
>>- Info = AllocateZeroPool (MemSize);
>>- ASSERT (Info != NULL);
>>-
>>- Status = mUserManager->GetInfo (
>>- mUserManager,
>>- User,
>>- UserInfo,
>>- Info,
>>- &InfoSize
>>- );
>>- }
>>- //
>>- // Check user information.
>>- //
>>- if (Status == EFI_SUCCESS) {
>>- if (Info->InfoType == EFI_USER_INFO_NAME_RECORD) {
>>- NameLen = Info->InfoSize - sizeof (EFI_USER_INFO);
>>- if (NameLen > USER_NAME_LENGTH * sizeof (CHAR16)) {
>>- NameLen = USER_NAME_LENGTH * sizeof (CHAR16);
>>- }
>>- ASSERT (NameLen >= sizeof (CHAR16));
>>- CopyMem (UserName, (UINT8 *) (Info + 1), NameLen);
>>- UserName[NameLen / sizeof (CHAR16) - 1] = 0;
>>- UserId = HiiSetString (
>>- mCallbackInfo->HiiHandle,
>>- 0,
>>- UserName,
>>- NULL
>>- );
>>- if (UserId != 0) {
>>- FreePool (Info);
>>- return UserId;
>>- }
>>- }
>>- }
>>- }
>>-
>>- FreePool (Info);
>>- return 0;
>>-}
>>-
>>-
>>-/**
>>- Add a username item in form.
>>-
>>- @param[in] User Points to the user profile whose username is added.
>>- @param[in] Index The index of the user in the user name list
>>- @param[in] OpCodeHandle Points to container for dynamic created
>>opcodes.
>>-
>>-**/
>>-VOID
>>-AddUserToForm (
>>- IN EFI_USER_PROFILE_HANDLE User,
>>- IN UINT16 Index,
>>- IN VOID *OpCodeHandle
>>- )
>>-{
>>- EFI_STRING_ID NameId;
>>-
>>- //
>>- // Get user name
>>- //
>>- NameId = GetUserName (User);
>>- if (NameId == 0) {
>>- return ;
>>- }
>>-
>>- //
>>- // Create user name option.
>>- //
>>- switch (Index & KEY_FIRST_FORM_MASK) {
>>- case KEY_MODIFY_USER:
>>- HiiCreateGotoOpCode (
>>- OpCodeHandle, // Container for dynamic created opcodes
>>- FORMID_USER_INFO, // Target Form ID
>>- NameId, // Prompt text
>>- STRING_TOKEN (STR_NULL_STRING), // Help text
>>- EFI_IFR_FLAG_CALLBACK, // Question flag
>>- Index // Question ID
>>- );
>>- break;
>>-
>>- case KEY_DEL_USER:
>>- HiiCreateActionOpCode (
>>- OpCodeHandle, // Container for dynamic created opcodes
>>- Index, // Question ID
>>- NameId, // Prompt text
>>- STRING_TOKEN (STR_NULL_STRING), // Help text
>>- EFI_IFR_FLAG_CALLBACK, // Question flag
>>- 0 // Action String ID
>>- );
>>- break;
>>-
>>- default:
>>- break;
>>- }
>>-}
>>-
>>-
>>-/**
>>- Delete the user specified by UserIndex in user profile database.
>>-
>>- @param[in] UserIndex The index of user in the user name list
>>- to be deleted.
>>-
>>-**/
>>-VOID
>>-DeleteUser (
>>- IN UINT8 UserIndex
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_USER_PROFILE_HANDLE User;
>>- EFI_INPUT_KEY Key;
>>- EFI_USER_INFO_HANDLE UserInfo;
>>- EFI_USER_INFO *Info;
>>- UINTN InfoSize;
>>-
>>- //
>>- // Find specified user profile and delete it.
>>- //
>>- User = NULL;
>>- Status = mUserManager->GetNext (mUserManager, &User);
>>- if (EFI_ERROR (Status)) {
>>- goto Done;
>>- }
>>-
>>- while (UserIndex > 1) {
>>- Status = mUserManager->GetNext (mUserManager, &User);
>>- if (EFI_ERROR (Status)) {
>>- goto Done;
>>- }
>>- UserIndex--;
>>- }
>>-
>>- if (UserIndex == 1) {
>>- //
>>- // Get the identification policy.
>>- //
>>- Status = FindInfoByType (User,
>>EFI_USER_INFO_IDENTITY_POLICY_RECORD, &UserInfo);
>>- if (EFI_ERROR (Status)) {
>>- goto Done;
>>- }
>>-
>>- InfoSize = 0;
>>- Info = NULL;
>>- Status = mUserManager->GetInfo (mUserManager, User, UserInfo, Info,
>>&InfoSize);
>>- if (Status == EFI_BUFFER_TOO_SMALL) {
>>- Info = AllocateZeroPool (InfoSize);
>>- if (Info == NULL) {
>>- goto Done;
>>- }
>>- Status = mUserManager->GetInfo (mUserManager, User, UserInfo, Info,
>>&InfoSize);
>>- }
>>-
>>- //
>>- // Delete the user on the credential providers by its identification policy.
>>- //
>>- ASSERT (Info != NULL);
>>- DeleteCredentialFromProviders ((UINT8 *)(Info + 1), Info->InfoSize -
>sizeof
>>(EFI_USER_INFO), User);
>>- FreePool (Info);
>>-
>>- Status = mUserManager->Delete (mUserManager, User);
>>- if (EFI_ERROR (Status)) {
>>- goto Done;
>>- }
>>- CreatePopUp (
>>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>>- &Key,
>>- L"Delete User Succeed!",
>>- L"",
>>- L"Please Press Any Key to Continue ...",
>>- NULL
>>- );
>>- return ;
>>- }
>>-
>>-Done:
>>- CreatePopUp (
>>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>>- &Key,
>>- L"Delete User Failed!",
>>- L"",
>>- L"Please Press Any Key to Continue ...",
>>- NULL
>>- );
>>-}
>>-
>>-
>>-/**
>>- Display user select form, cab select a user to delete.
>>-
>>-**/
>>-VOID
>>-SelectUserToDelete (
>>- VOID
>>- )
>>-{
>>- EFI_STATUS Status;
>>- UINT8 Index;
>>- EFI_USER_PROFILE_HANDLE User;
>>- EFI_USER_PROFILE_HANDLE CurrentUser;
>>- VOID *StartOpCodeHandle;
>>- VOID *EndOpCodeHandle;
>>- EFI_IFR_GUID_LABEL *StartLabel;
>>- EFI_IFR_GUID_LABEL *EndLabel;
>>-
>>- //
>>- // Initialize the container for dynamic opcodes.
>>- //
>>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>>- ASSERT (StartOpCodeHandle != NULL);
>>-
>>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>>- ASSERT (EndOpCodeHandle != NULL);
>>-
>>- //
>>- // Create Hii Extend Label OpCode.
>>- //
>>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>>- StartOpCodeHandle,
>>- &gEfiIfrTianoGuid,
>>- NULL,
>>- sizeof (EFI_IFR_GUID_LABEL)
>>- );
>>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>>- StartLabel->Number = LABEL_USER_DEL_FUNC;
>>-
>>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>>- EndOpCodeHandle,
>>- &gEfiIfrTianoGuid,
>>- NULL,
>>- sizeof (EFI_IFR_GUID_LABEL)
>>- );
>>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>>- EndLabel->Number = LABEL_END;
>>-
>>- //
>>- // Add each user can be deleted.
>>- //
>>- User = NULL;
>>- Index = 1;
>>- mUserManager->Current (mUserManager, &CurrentUser);
>>- while (TRUE) {
>>- Status = mUserManager->GetNext (mUserManager, &User);
>>- if (EFI_ERROR (Status)) {
>>- break;
>>- }
>>-
>>- if (User != CurrentUser) {
>>- AddUserToForm (
>>- User,
>>- (UINT16)(KEY_DEL_USER | KEY_SELECT_USER | Index),
>>- StartOpCodeHandle
>>- );
>>- }
>>- Index++;
>>- }
>>-
>>- HiiUpdateForm (
>>- mCallbackInfo->HiiHandle, // HII handle
>>- &gUserProfileManagerGuid, // Formset GUID
>>- FORMID_DEL_USER, // Form ID
>>- StartOpCodeHandle, // Label for where to insert opcodes
>>- EndOpCodeHandle // Replace data
>>- );
>>-
>>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>>-}
>>diff --git
>>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileMana
>g
>>er.c
>>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileMana
>g
>>er.c
>>deleted file mode 100644
>>index e73ba3a8fc..0000000000
>>---
>>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileMana
>g
>>er.c
>>+++ /dev/null
>>@@ -1,887 +0,0 @@
>>-/** @file
>>- This driver is a configuration tool for adding, deleting or modifying user
>>- profiles, including gathering the necessary information to ascertain their
>>- identity in the future, updating user access policy and identification
>>- policy, etc.
>>-
>>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>>-(C) Copyright 2018 Hewlett Packard Enterprise Development LP<BR>
>>-This program and the accompanying materials
>>-are licensed and made available under the terms and conditions of the BSD
>>License
>>-which accompanies this distribution. The full text of the license may be
>>found at
>>-http://opensource.org/licenses/bsd-license.php
>>-
>>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-
>>-**/
>>-
>>-#include "UserProfileManager.h"
>>-
>>-EFI_USER_MANAGER_PROTOCOL *mUserManager = NULL;
>>-CREDENTIAL_PROVIDER_INFO *mProviderInfo = NULL;
>>-UINT8 mProviderChoice;
>>-UINT8 mConncetLogical;
>>-USER_INFO_ACCESS mAccessInfo;
>>-USER_INFO mUserInfo;
>>-USER_PROFILE_MANAGER_CALLBACK_INFO *mCallbackInfo;
>>-HII_VENDOR_DEVICE_PATH mHiiVendorDevicePath = {
>>- {
>>- {
>>- HARDWARE_DEVICE_PATH,
>>- HW_VENDOR_DP,
>>- {
>>- (UINT8) (sizeof (VENDOR_DEVICE_PATH)),
>>- (UINT8) ((sizeof (VENDOR_DEVICE_PATH)) >> 8)
>>- }
>>- },
>>- USER_PROFILE_MANAGER_GUID
>>- },
>>- {
>>- END_DEVICE_PATH_TYPE,
>>- END_ENTIRE_DEVICE_PATH_SUBTYPE,
>>- {
>>- (UINT8) (END_DEVICE_PATH_LENGTH),
>>- (UINT8) ((END_DEVICE_PATH_LENGTH) >> 8)
>>- }
>>- }
>>-};
>>-
>>-
>>-/**
>>- Get string by string id from HII Interface.
>>-
>>-
>>- @param[in] Id String ID to get the string from.
>>-
>>- @retval CHAR16 * String from ID.
>>- @retval NULL If error occurs.
>>-
>>-**/
>>-CHAR16 *
>>-GetStringById (
>>- IN EFI_STRING_ID Id
>>- )
>>-{
>>- //
>>- // Get the current string for the current Language.
>>- //
>>- return HiiGetString (mCallbackInfo->HiiHandle, Id, NULL);
>>-}
>>-
>>-
>>-/**
>>- This function gets all the credential providers in the system and saved
>them
>>- to mProviderInfo.
>>-
>>- @retval EFI_SUCESS Init credential provider database successfully.
>>- @retval Others Fail to init credential provider database.
>>-
>>-**/
>>-EFI_STATUS
>>-InitProviderInfo (
>>- VOID
>>- )
>>-{
>>- EFI_STATUS Status;
>>- UINTN HandleCount;
>>- EFI_HANDLE *HandleBuf;
>>- UINTN Index;
>>-
>>- //
>>- // Try to find all the user credential provider driver.
>>- //
>>- HandleCount = 0;
>>- HandleBuf = NULL;
>>- Status = gBS->LocateHandleBuffer (
>>- ByProtocol,
>>- &gEfiUserCredential2ProtocolGuid,
>>- NULL,
>>- &HandleCount,
>>- &HandleBuf
>>- );
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>-
>>- //
>>- // Get provider infomation.
>>- //
>>- if (mProviderInfo != NULL) {
>>- FreePool (mProviderInfo);
>>- }
>>- mProviderInfo = AllocateZeroPool (
>>- sizeof (CREDENTIAL_PROVIDER_INFO) -
>>- sizeof (EFI_USER_CREDENTIAL2_PROTOCOL *) +
>>- HandleCount * sizeof (EFI_USER_CREDENTIAL2_PROTOCOL *)
>>- );
>>- if (mProviderInfo == NULL) {
>>- FreePool (HandleBuf);
>>- return EFI_OUT_OF_RESOURCES;
>>- }
>>-
>>- mProviderInfo->Count = HandleCount;
>>- for (Index = 0; Index < HandleCount; Index++) {
>>- Status = gBS->HandleProtocol (
>>- HandleBuf[Index],
>>- &gEfiUserCredential2ProtocolGuid,
>>- (VOID **) &mProviderInfo->Provider[Index]
>>- );
>>- if (EFI_ERROR (Status)) {
>>- FreePool (HandleBuf);
>>- FreePool (mProviderInfo);
>>- mProviderInfo = NULL;
>>- return Status;
>>- }
>>- }
>>-
>>- FreePool (HandleBuf);
>>- return EFI_SUCCESS;
>>-}
>>-
>>-
>>-/**
>>- This function processes changes in user profile configuration.
>>-
>>- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
>>- @param Action Specifies the type of action taken by the browser.
>>- @param QuestionId A unique value which is sent to the original
>>- exporting driver so that it can identify the type
>>- of data to expect.
>>- @param Type The type of value for the question.
>>- @param Value A pointer to the data being sent to the original
>>- exporting driver.
>>- @param ActionRequest On return, points to the action requested by
>>the
>>- callback function.
>>-
>>- @retval EFI_SUCCESS The callback successfully handled the action.
>>- @retval Others Fail to handle the action.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-UserProfileManagerCallback (
>>- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
>>- IN EFI_BROWSER_ACTION Action,
>>- IN EFI_QUESTION_ID QuestionId,
>>- IN UINT8 Type,
>>- IN EFI_IFR_TYPE_VALUE *Value,
>>- OUT EFI_BROWSER_ACTION_REQUEST *ActionRequest
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_INPUT_KEY Key;
>>- UINT32 CurrentAccessRight;
>>- CHAR16 *QuestionStr;
>>- CHAR16 *PromptStr;
>>- VOID *StartOpCodeHandle;
>>- VOID *EndOpCodeHandle;
>>- EFI_IFR_GUID_LABEL *StartLabel;
>>- EFI_IFR_GUID_LABEL *EndLabel;
>>- EFI_USER_PROFILE_HANDLE CurrentUser;
>>-
>>- Status = EFI_SUCCESS;
>>-
>>- switch (Action) {
>>- case EFI_BROWSER_ACTION_FORM_OPEN:
>>- {
>>- //
>>- // Update user manage Form when user manage Form is opened.
>>- // This will be done only in FORM_OPEN CallBack of question with
>>QUESTIONID_USER_MANAGE from user manage Form.
>>- //
>>- if (QuestionId != QUESTIONID_USER_MANAGE) {
>>- return EFI_SUCCESS;
>>- }
>>-
>>- //
>>- // Get current user
>>- //
>>- CurrentUser = NULL;
>>- mUserManager->Current (mUserManager, &CurrentUser);
>>- if (CurrentUser == NULL) {
>>- DEBUG ((DEBUG_ERROR, "Error: current user does not exist!\n"));
>>- return EFI_NOT_READY;
>>- }
>>-
>>- //
>>- // Get current user's right information.
>>- //
>>- Status = GetAccessRight (&CurrentAccessRight);
>>- if (EFI_ERROR (Status)) {
>>- CurrentAccessRight = EFI_USER_INFO_ACCESS_ENROLL_SELF;
>>- }
>>-
>>- //
>>- // Init credential provider information.
>>- //
>>- Status = InitProviderInfo ();
>>- if (EFI_ERROR (Status)) {
>>- return Status;
>>- }
>>-
>>- //
>>- // Initialize the container for dynamic opcodes.
>>- //
>>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>>- ASSERT (StartOpCodeHandle != NULL);
>>-
>>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>>- ASSERT (EndOpCodeHandle != NULL);
>>-
>>- //
>>- // Create Hii Extend Label OpCode.
>>- //
>>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>>- StartOpCodeHandle,
>>- &gEfiIfrTianoGuid,
>>- NULL,
>>- sizeof (EFI_IFR_GUID_LABEL)
>>- );
>>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>>- StartLabel->Number = LABEL_USER_MANAGE_FUNC;
>>-
>>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>>- EndOpCodeHandle,
>>- &gEfiIfrTianoGuid,
>>- NULL,
>>- sizeof (EFI_IFR_GUID_LABEL)
>>- );
>>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>>- EndLabel->Number = LABEL_END;
>>-
>>- //
>>- // Add user profile option.
>>- //
>>- if ((CurrentAccessRight == EFI_USER_INFO_ACCESS_MANAGE) ||
>>- (CurrentAccessRight == EFI_USER_INFO_ACCESS_ENROLL_OTHERS)
>>- ) {
>>- HiiCreateActionOpCode (
>>- StartOpCodeHandle, // Container for dynamic created
>opcodes
>>- KEY_ADD_USER, // Question ID
>>- STRING_TOKEN (STR_ADD_USER_TITLE), // Prompt text
>>- STRING_TOKEN (STR_ADD_USER_HELP), // Help text
>>- EFI_IFR_FLAG_CALLBACK, // Question flag
>>- 0 // Action String ID
>>- );
>>- }
>>-
>>- //
>>- // Add modify user profile option.
>>- //
>>- HiiCreateGotoOpCode (
>>- StartOpCodeHandle, // Container for dynamic created
>opcodes
>>- FORMID_MODIFY_USER, // Target Form ID
>>- STRING_TOKEN (STR_MODIFY_USER_TITLE), // Prompt text
>>- STRING_TOKEN (STR_MODIFY_USER_HELP), // Help text
>>- EFI_IFR_FLAG_CALLBACK, // Question flag
>>- KEY_MODIFY_USER // Question ID
>>- );
>>-
>>- //
>>- // Add delete user profile option
>>- //
>>- if (CurrentAccessRight == EFI_USER_INFO_ACCESS_MANAGE) {
>>- HiiCreateGotoOpCode (
>>- StartOpCodeHandle, // Container for dynamic created
>opcodes
>>- FORMID_DEL_USER, // Target Form ID
>>- STRING_TOKEN (STR_DELETE_USER_TITLE), // Prompt text
>>- STRING_TOKEN (STR_DELETE_USER_HELP), // Help text
>>- EFI_IFR_FLAG_CALLBACK, // Question flag
>>- KEY_DEL_USER // Question ID
>>- );
>>- }
>>-
>>- HiiUpdateForm (
>>- mCallbackInfo->HiiHandle, // HII handle
>>- &gUserProfileManagerGuid, // Formset GUID
>>- FORMID_USER_MANAGE, // Form ID
>>- StartOpCodeHandle, // Label for where to insert opcodes
>>- EndOpCodeHandle // Replace data
>>- );
>>-
>>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>>-
>>- return EFI_SUCCESS;
>>- }
>>- break;
>>-
>>- case EFI_BROWSER_ACTION_FORM_CLOSE:
>>- Status = EFI_SUCCESS;
>>- break;
>>-
>>- case EFI_BROWSER_ACTION_CHANGED:
>>- {
>>- //
>>- // Handle the request from form.
>>- //
>>- if ((Value == NULL) || (ActionRequest == NULL)) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- //
>>- // Judge first 2 bits.
>>- //
>>- switch (QuestionId & KEY_FIRST_FORM_MASK) {
>>- //
>>- // Add user profile operation.
>>- //
>>- case KEY_ADD_USER:
>>- CallAddUser ();
>>- break;
>>-
>>- //
>>- // Delete user profile operation.
>>- //
>>- case KEY_DEL_USER:
>>- //
>>- // Judge next 2 bits.
>>- //
>>- switch (QuestionId & KEY_SECOND_FORM_MASK) {
>>- //
>>- // Delete specified user profile.
>>- //
>>- case KEY_SELECT_USER:
>>- DeleteUser ((UINT8) QuestionId);
>>- //
>>- // Update select user form after delete a user.
>>- //
>>- SelectUserToDelete ();
>>- break;
>>-
>>- default:
>>- break;
>>- }
>>- break;
>>-
>>- //
>>- // Modify user profile operation.
>>- //
>>- case KEY_MODIFY_USER:
>>- //
>>- // Judge next 2 bits.
>>- //
>>- switch (QuestionId & KEY_SECOND_FORM_MASK) {
>>- //
>>- // Enter user profile information form.
>>- //
>>- case KEY_SELECT_USER:
>>- //
>>- // Judge next 3 bits.
>>- //
>>- switch (QuestionId & KEY_MODIFY_INFO_MASK) {
>>- //
>>- // Modify user name.
>>- //
>>- case KEY_MODIFY_NAME:
>>- ModifyUserName ();
>>- //
>>- // Update username in parent form.
>>- //
>>- SelectUserToModify ();
>>- break;
>>-
>>- //
>>- // Modify identity policy.
>>- //
>>- case KEY_MODIFY_IP:
>>- //
>>- // Judge next 3 bits
>>- //
>>- switch (QuestionId & KEY_MODIFY_IP_MASK) {
>>- //
>>- // Change credential provider option.
>>- //
>>- case KEY_MODIFY_PROV:
>>- mProviderChoice = Value->u8;
>>- break;
>>-
>>- //
>>- // Change logical connector.
>>- //
>>- case KEY_MODIFY_CONN:
>>- mConncetLogical = Value->u8;
>>- break;
>>-
>>- //
>>- // Save option.
>>- //
>>- case KEY_ADD_IP_OP:
>>- AddIdentityPolicyItem ();
>>- break;
>>-
>>- //
>>- // Return to user profile information form.
>>- //
>>- case KEY_IP_RETURN_UIF:
>>- SaveIdentityPolicy ();
>>- *ActionRequest =
>>EFI_BROWSER_ACTION_REQUEST_FORM_SUBMIT_EXIT;
>>- break;
>>-
>>- default:
>>- break;
>>- }
>>- break;
>>-
>>- //
>>- // Modify access policy.
>>- //
>>- case KEY_MODIFY_AP:
>>- //
>>- // Judge next 3 bits.
>>- //
>>- switch (QuestionId & KEY_MODIFY_AP_MASK) {
>>- //
>>- // Change access right choice.
>>- //
>>- case KEY_MODIFY_RIGHT:
>>- mAccessInfo.AccessRight = Value->u8;
>>- break;
>>-
>>- //
>>- // Change setup choice.
>>- //
>>- case KEY_MODIFY_SETUP:
>>- mAccessInfo.AccessSetup= Value->u8;
>>- break;
>>-
>>- //
>>- // Change boot order choice.
>>- //
>>- case KEY_MODIFY_BOOT:
>>- mAccessInfo.AccessBootOrder = Value->u32;
>>- break;
>>-
>>- //
>>- // Return to user profile information form.
>>- //
>>- case KEY_AP_RETURN_UIF:
>>- SaveAccessPolicy ();
>>- *ActionRequest =
>>EFI_BROWSER_ACTION_REQUEST_FORM_SUBMIT_EXIT;
>>- break;
>>-
>>- default:
>>- break;
>>- }
>>- break;
>>-
>>- default:
>>- break;
>>- }
>>- break;
>>-
>>- //
>>- // Access policy device path modified.
>>- //
>>- case KEY_MODIFY_AP_DP:
>>- //
>>- // Judge next 2 bits.
>>- //
>>- switch (QuestionId & KEY_MODIFY_DP_MASK) {
>>- //
>>- // Load permit device path modified.
>>- //
>>- case KEY_LOAD_PERMIT_MODIFY:
>>- QuestionStr = GetStringById (STRING_TOKEN
>>(STR_MOVE_TO_FORBID_LIST));
>>- PromptStr = GetStringById (STRING_TOKEN
>>(STR_PRESS_KEY_CONTINUE));
>>- CreatePopUp (
>>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>>- &Key,
>>- QuestionStr,
>>- L"",
>>- PromptStr,
>>- NULL
>>- );
>>- FreePool (QuestionStr);
>>- FreePool (PromptStr);
>>- if (Key.UnicodeChar != CHAR_CARRIAGE_RETURN) {
>>- break;
>>- }
>>-
>>- AddToForbidLoad ((UINT16)(QuestionId & (KEY_MODIFY_DP_MASK -
>>1)));
>>- DisplayLoadPermit ();
>>- break;
>>-
>>- //
>>- // Load forbid device path modified.
>>- //
>>- case KEY_LOAD_FORBID_MODIFY:
>>- QuestionStr = GetStringById (STRING_TOKEN
>>(STR_MOVE_TO_PERMIT_LIST));
>>- PromptStr = GetStringById (STRING_TOKEN
>>(STR_PRESS_KEY_CONTINUE));
>>- CreatePopUp (
>>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>>- &Key,
>>- QuestionStr,
>>- L"",
>>- PromptStr,
>>- NULL
>>- );
>>- FreePool (QuestionStr);
>>- FreePool (PromptStr);
>>- if (Key.UnicodeChar != CHAR_CARRIAGE_RETURN) {
>>- break;
>>- }
>>-
>>- DeleteFromForbidLoad ((UINT16)(QuestionId &
>>(KEY_MODIFY_DP_MASK - 1)));
>>- DisplayLoadForbid ();
>>- break;
>>-
>>- //
>>- // Connect permit device path modified.
>>- //
>>- case KEY_CONNECT_PERMIT_MODIFY:
>>- break;
>>-
>>- //
>>- // Connect forbid device path modified.
>>- //
>>- case KEY_CONNECT_FORBID_MODIFY:
>>- break;
>>-
>>- default:
>>- break;
>>- }
>>- break;
>>-
>>- default:
>>- break;
>>- }
>>- break;
>>-
>>- default:
>>- break;
>>- }
>>- }
>>- break;
>>-
>>-
>>- case EFI_BROWSER_ACTION_CHANGING:
>>- {
>>- //
>>- // Handle the request from form.
>>- //
>>- if (Value == NULL) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- //
>>- // Judge first 2 bits.
>>- //
>>- switch (QuestionId & KEY_FIRST_FORM_MASK) {
>>- //
>>- // Delete user profile operation.
>>- //
>>- case KEY_DEL_USER:
>>- //
>>- // Judge next 2 bits.
>>- //
>>- switch (QuestionId & KEY_SECOND_FORM_MASK) {
>>- //
>>- // Enter delete user profile form.
>>- //
>>- case KEY_ENTER_NEXT_FORM:
>>- SelectUserToDelete ();
>>- break;
>>-
>>- default:
>>- break;
>>- }
>>- break;
>>-
>>- //
>>- // Modify user profile operation.
>>- //
>>- case KEY_MODIFY_USER:
>>- //
>>- // Judge next 2 bits.
>>- //
>>- switch (QuestionId & KEY_SECOND_FORM_MASK) {
>>- //
>>- // Enter modify user profile form.
>>- //
>>- case KEY_ENTER_NEXT_FORM:
>>- SelectUserToModify ();
>>- break;
>>-
>>- //
>>- // Enter user profile information form.
>>- //
>>- case KEY_SELECT_USER:
>>- //
>>- // Judge next 3 bits.
>>- //
>>- switch (QuestionId & KEY_MODIFY_INFO_MASK) {
>>- //
>>- // Display user information form.
>>- //
>>- case KEY_ENTER_NEXT_FORM:
>>- ModifyUserInfo ((UINT8) QuestionId);
>>- break;
>>-
>>- //
>>- // Modify identity policy.
>>- //
>>- case KEY_MODIFY_IP:
>>- //
>>- // Judge next 3 bits
>>- //
>>- switch (QuestionId & KEY_MODIFY_IP_MASK) {
>>- //
>>- // Display identity policy modify form.
>>- //
>>- case KEY_ENTER_NEXT_FORM:
>>- ModifyIdentityPolicy ();
>>- break;
>>-
>>- default:
>>- break;
>>- }
>>- break;
>>-
>>- //
>>- // Modify access policy.
>>- //
>>- case KEY_MODIFY_AP:
>>- //
>>- // Judge next 3 bits.
>>- //
>>- switch (QuestionId & KEY_MODIFY_AP_MASK) {
>>- //
>>- // Display access policy modify form.
>>- //
>>- case KEY_ENTER_NEXT_FORM:
>>- ModidyAccessPolicy ();
>>- break;
>>- //
>>- // Load device path form.
>>- //
>>- case KEY_MODIFY_LOAD:
>>- //
>>- // Judge next 2 bits.
>>- //
>>- switch (QuestionId & KEY_DISPLAY_DP_MASK) {
>>- //
>>- // Permit load device path.
>>- //
>>- case KEY_PERMIT_MODIFY:
>>- DisplayLoadPermit ();
>>- break;
>>-
>>- //
>>- // Forbid load device path.
>>- //
>>- case KEY_FORBID_MODIFY:
>>- DisplayLoadForbid ();
>>- break;
>>-
>>- default:
>>- break;
>>- }
>>- break;
>>-
>>- //
>>- // Connect device path form.
>>- //
>>- case KEY_MODIFY_CONNECT:
>>- //
>>- // Judge next 2 bits.
>>- //
>>- switch (QuestionId & KEY_DISPLAY_DP_MASK) {
>>- //
>>- // Permit connect device path.
>>- //
>>- case KEY_PERMIT_MODIFY:
>>- DisplayConnectPermit ();
>>- break;
>>-
>>- //
>>- // Forbid connect device path.
>>- //
>>- case KEY_FORBID_MODIFY:
>>- DisplayConnectForbid ();
>>- break;
>>-
>>- default:
>>- break;
>>- }
>>- break;
>>-
>>- default:
>>- break;
>>- }
>>- break;
>>-
>>- default:
>>- break;
>>- }
>>- break;
>>-
>>- default:
>>- break;
>>- }
>>- break;
>>-
>>- default:
>>- break;
>>- }
>>- }
>>- break;
>>-
>>- default:
>>- //
>>- // All other action return unsupported.
>>- //
>>- Status = EFI_UNSUPPORTED;
>>- break;
>>- }
>>-
>>-
>>- return Status;
>>-}
>>-
>>-
>>-/**
>>- This function allows a caller to extract the current configuration for one
>>- or more named elements from the target driver.
>>-
>>-
>>- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
>>- @param Request A null-terminated Unicode string in <ConfigRequest>
>>format.
>>- @param Progress On return, points to a character in the Request string.
>>- Points to the string's null terminator if request was successful.
>>- Points to the most recent '&' before the first failing name/value
>>- pair (or the beginning of the string if the failure is in the
>>- first name/value pair) if the request was not successful.
>>- @param Results A null-terminated Unicode string in <ConfigAltResp>
>>format which
>>- has all values filled in for the names in the Request string.
>>- String to be allocated by the called function.
>>-
>>- @retval EFI_SUCCESS The Results is filled with the requested values.
>>- @retval EFI_OUT_OF_RESOURCES Not enough memory to store the
>>results.
>>- @retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown
>>name.
>>- @retval EFI_NOT_FOUND Routing data doesn't match any storage in
>>this driver.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-FakeExtractConfig (
>>- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
>>- IN CONST EFI_STRING Request,
>>- OUT EFI_STRING *Progress,
>>- OUT EFI_STRING *Results
>>- )
>>-{
>>- if (Progress == NULL || Results == NULL) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>- *Progress = Request;
>>- return EFI_NOT_FOUND;
>>-}
>>-
>>-/**
>>- This function processes the results of changes in configuration.
>>-
>>-
>>- @param This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
>>- @param Configuration A null-terminated Unicode string in <ConfigResp>
>>format.
>>- @param Progress A pointer to a string filled in with the offset of the
>>most
>>- recent '&' before the first failing name/value pair (or the
>>- beginning of the string if the failure is in the first
>>- name/value pair) or the terminating NULL if all was successful.
>>-
>>- @retval EFI_SUCCESS The Results is processed successfully.
>>- @retval EFI_INVALID_PARAMETER Configuration is NULL.
>>- @retval EFI_NOT_FOUND Routing data doesn't match any storage in
>>this driver.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-FakeRouteConfig (
>>- IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
>>- IN CONST EFI_STRING Configuration,
>>- OUT EFI_STRING *Progress
>>- )
>>-{
>>- if (Configuration == NULL || Progress == NULL) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- *Progress = Configuration;
>>-
>>- return EFI_NOT_FOUND;
>>-}
>>-
>>-
>>-/**
>>- Main entry for this driver.
>>-
>>- @param ImageHandle Image handle this driver.
>>- @param SystemTable Pointer to SystemTable.
>>-
>>- @retval EFI_SUCESS This function always complete successfully.
>>-
>>-**/
>>-EFI_STATUS
>>-EFIAPI
>>-UserProfileManagerInit (
>>- IN EFI_HANDLE ImageHandle,
>>- IN EFI_SYSTEM_TABLE *SystemTable
>>- )
>>-{
>>- EFI_STATUS Status;
>>- USER_PROFILE_MANAGER_CALLBACK_INFO *CallbackInfo;
>>-
>>- Status = gBS->LocateProtocol (
>>- &gEfiUserManagerProtocolGuid,
>>- NULL,
>>- (VOID **) &mUserManager
>>- );
>>- if (EFI_ERROR (Status)) {
>>- return EFI_SUCCESS;
>>- }
>>-
>>- //
>>- // Initialize driver private data.
>>- //
>>- ZeroMem (&mUserInfo, sizeof (mUserInfo));
>>- ZeroMem (&mAccessInfo, sizeof (mAccessInfo));
>>-
>>- CallbackInfo = AllocateZeroPool (sizeof
>>(USER_PROFILE_MANAGER_CALLBACK_INFO));
>>- ASSERT (CallbackInfo != NULL);
>>-
>>- CallbackInfo->Signature = USER_PROFILE_MANAGER_SIGNATURE;
>>- CallbackInfo->ConfigAccess.ExtractConfig = FakeExtractConfig;
>>- CallbackInfo->ConfigAccess.RouteConfig = FakeRouteConfig;
>>- CallbackInfo->ConfigAccess.Callback = UserProfileManagerCallback;
>>- CallbackInfo->DriverHandle = NULL;
>>-
>>- //
>>- // Install Device Path Protocol and Config Access protocol to driver handle.
>>- //
>>- Status = gBS->InstallMultipleProtocolInterfaces (
>>- &CallbackInfo->DriverHandle,
>>- &gEfiDevicePathProtocolGuid,
>>- &mHiiVendorDevicePath,
>>- &gEfiHiiConfigAccessProtocolGuid,
>>- &CallbackInfo->ConfigAccess,
>>- NULL
>>- );
>>- ASSERT_EFI_ERROR (Status);
>>-
>>- //
>>- // Publish HII data.
>>- //
>>- CallbackInfo->HiiHandle = HiiAddPackages (
>>- &gUserProfileManagerGuid,
>>- CallbackInfo->DriverHandle,
>>- UserProfileManagerStrings,
>>- UserProfileManagerVfrBin,
>>- NULL
>>- );
>>- ASSERT (CallbackInfo->HiiHandle != NULL);
>>- mCallbackInfo = CallbackInfo;
>>-
>>- return Status;
>>-}
>>-
>>-
>>diff --git
>>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileMana
>g
>>er.h
>>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileMana
>g
>>er.h
>>deleted file mode 100644
>>index aff1e28d9d..0000000000
>>---
>>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileMana
>g
>>er.h
>>+++ /dev/null
>>@@ -1,444 +0,0 @@
>>-/** @file
>>- The header file for user profile manager driver.
>>-
>>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>>-This program and the accompanying materials
>>-are licensed and made available under the terms and conditions of the BSD
>>License
>>-which accompanies this distribution. The full text of the license may be
>>found at
>>-http://opensource.org/licenses/bsd-license.php
>>-
>>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-
>>-**/
>>-
>>-#ifndef __EFI_USER_PROFILE_MANAGER_H__
>>-#define __EFI_USER_PROFILE_MANAGER_H__
>>-
>>-#include <Uefi.h>
>>-
>>-#include <Guid/GlobalVariable.h>
>>-#include <Guid/MdeModuleHii.h>
>>-
>>-#include <Protocol/HiiConfigAccess.h>
>>-#include <Protocol/UserCredential2.h>
>>-#include <Protocol/UserManager.h>
>>-
>>-#include <Library/UefiRuntimeServicesTableLib.h>
>>-#include <Library/UefiBootServicesTableLib.h>
>>-#include <Library/MemoryAllocationLib.h>
>>-#include <Library/BaseMemoryLib.h>
>>-#include <Library/DevicePathLib.h>
>>-#include <Library/DebugLib.h>
>>-#include <Library/UefiLib.h>
>>-#include <Library/PrintLib.h>
>>-#include <Library/HiiLib.h>
>>-
>>-#include "UserProfileManagerData.h"
>>-
>>-#define USER_NAME_LENGTH 17
>>-
>>-//
>>-// Credential Provider Information.
>>-//
>>-typedef struct {
>>- UINTN Count;
>>- EFI_USER_CREDENTIAL2_PROTOCOL *Provider[1];
>>-} CREDENTIAL_PROVIDER_INFO;
>>-
>>-//
>>-// User profile information structure.
>>-//
>>-typedef struct {
>>- UINT64 UsageCount;
>>- EFI_TIME CreateDate;
>>- EFI_TIME UsageDate;
>>- UINTN AccessPolicyLen;
>>- UINTN IdentityPolicyLen;
>>- UINTN NewIdentityPolicyLen;
>>- UINT8 *AccessPolicy;
>>- UINT8 *IdentityPolicy;
>>- UINT8 *NewIdentityPolicy;
>>- CHAR16 UserName[USER_NAME_LENGTH];
>>- BOOLEAN CreateDateExist;
>>- BOOLEAN UsageDateExist;
>>- BOOLEAN AccessPolicyModified;
>>- BOOLEAN IdentityPolicyModified;
>>- BOOLEAN NewIdentityPolicyModified;
>>-} USER_INFO;
>>-
>>-//
>>-// User access information structure.
>>-//
>>-typedef struct {
>>- UINTN LoadPermitLen;
>>- UINTN LoadForbidLen;
>>- UINTN ConnectPermitLen;
>>- UINTN ConnectForbidLen;
>>- UINT8 *LoadPermit;
>>- UINT8 *LoadForbid;
>>- UINT8 *ConnectPermit;
>>- UINT8 *ConnectForbid;
>>- UINT32 AccessBootOrder;
>>- UINT8 AccessRight;
>>- UINT8 AccessSetup;
>>-} USER_INFO_ACCESS;
>>-
>>-#define USER_PROFILE_MANAGER_SIGNATURE SIGNATURE_32 ('U', 'P',
>'M',
>>'S')
>>-
>>-typedef struct {
>>- UINTN Signature;
>>- EFI_HANDLE DriverHandle;
>>- EFI_HII_HANDLE HiiHandle;
>>- EFI_HII_CONFIG_ACCESS_PROTOCOL ConfigAccess;
>>-} USER_PROFILE_MANAGER_CALLBACK_INFO;
>>-
>>-//
>>-// HII specific Vendor Device Path definition.
>>-//
>>-typedef struct {
>>- VENDOR_DEVICE_PATH VendorDevicePath;
>>- EFI_DEVICE_PATH_PROTOCOL End;
>>-} HII_VENDOR_DEVICE_PATH;
>>-
>>-//
>>-// This is the generated IFR binary data for each formset defined in VFR.
>>-//
>>-extern UINT8 UserProfileManagerVfrBin[];
>>-
>>-//
>>-// This is the generated String package data for .UNI file.
>>-//
>>-extern UINT8 UserProfileManagerStrings[];
>>-
>>-//
>>-// The user manager protocol, used in several function.
>>-//
>>-extern EFI_USER_MANAGER_PROTOCOL *mUserManager;
>>-
>>-//
>>-// The credential providers database in system.
>>-//
>>-extern CREDENTIAL_PROVIDER_INFO *mProviderInfo;
>>-
>>-//
>>-// The variables used to update identity policy.
>>-//
>>-extern UINT8 mProviderChoice;
>>-extern UINT8 mConncetLogical;
>>-
>>-//
>>-// The variables used to update access policy.
>>-//
>>-extern USER_INFO_ACCESS mAccessInfo;
>>-
>>-//
>>-// The user information used to record all data in UI.
>>-//
>>-extern USER_INFO mUserInfo;
>>-
>>-extern USER_PROFILE_MANAGER_CALLBACK_INFO *mCallbackInfo;
>>-
>>-extern EFI_USER_PROFILE_HANDLE mModifyUser;
>>-
>>-/**
>>- Get string by string id from HII Interface.
>>-
>>-
>>- @param[in] Id String ID to get the string from.
>>-
>>- @retval CHAR16 * String from ID.
>>- @retval NULL If error occurs.
>>-
>>-**/
>>-CHAR16 *
>>-GetStringById (
>>- IN EFI_STRING_ID Id
>>- );
>>-
>>-/**
>>- Add a new user profile into the user profile database.
>>-
>>-**/
>>-VOID
>>-CallAddUser (
>>- VOID
>>- );
>>-
>>-/**
>>- Display user select form; can select a user to modify.
>>-
>>-**/
>>-VOID
>>-SelectUserToModify (
>>- VOID
>>- );
>>-
>>-/**
>>- Display user select form, cab select a user to delete.
>>-
>>-**/
>>-VOID
>>-SelectUserToDelete (
>>- VOID
>>- );
>>-
>>-/**
>>- Delete the user specified by UserIndex in user profile database.
>>-
>>- @param[in] UserIndex The index of user in the user name list to be
>>deleted.
>>-
>>-**/
>>-VOID
>>-DeleteUser (
>>- IN UINT8 UserIndex
>>- );
>>-
>>-/**
>>- Add a username item in form.
>>-
>>- @param[in] User Points to the user profile whose username is
>added.
>>- @param[in] Index The index of the user in the user name list.
>>- @param[in] OpCodeHandle Points to container for dynamic created
>>opcodes.
>>-
>>-**/
>>-VOID
>>-AddUserToForm (
>>- IN EFI_USER_PROFILE_HANDLE User,
>>- IN UINT16 Index,
>>- IN VOID *OpCodeHandle
>>- );
>>-
>>-/**
>>- Display modify user information form
>>-
>>- In this form, username, create Date, usage date, usage count, identity
>policy,
>>- and access policy are displayed.
>>-
>>- @param[in] UserIndex The index of the user in display list to modify.
>>-
>>-**/
>>-VOID
>>-ModifyUserInfo (
>>- IN UINT8 UserIndex
>>- );
>>-
>>-/**
>>- Get the username from user input and update username string in Hii
>>- database with it.
>>-
>>-**/
>>-VOID
>>-ModifyUserName (
>>- VOID
>>- );
>>-
>>-/**
>>- Display the form of modifying user identity policy.
>>-
>>-**/
>>-VOID
>>-ModifyIdentityPolicy (
>>- VOID
>>- );
>>-
>>-/**
>>- Update the mUserInfo.NewIdentityPolicy and UI when 'add option' is
>>pressed.
>>-
>>-**/
>>-VOID
>>-AddIdentityPolicyItem (
>>- VOID
>>- );
>>-
>>-/**
>>- Save the identity policy and update UI with it.
>>-
>>- This function will verify the new identity policy, in current implementation,
>>- the identity policy can be: T, P & P & P & ..., P | P | P | ...
>>- Here, "T" means "True", "P" means "Credential Provider", "&" means
>"and",
>>"|" means "or".
>>- Other identity policies are not supported.
>>-
>>-**/
>>-VOID
>>-SaveIdentityPolicy (
>>- VOID
>>- );
>>-
>>-/**
>>- Display modify user access policy form
>>-
>>- In this form, access right, access setu,p and access boot order are
>>dynamically
>>- added. Load devicepath and connect devicepath are displayed too.
>>-
>>-**/
>>-VOID
>>-ModidyAccessPolicy (
>>- VOID
>>- );
>>-
>>-/**
>>- Collect all the access policy data to mUserInfo.AccessPolicy,
>>- and save it to user profile.
>>-
>>-**/
>>-VOID
>>-SaveAccessPolicy (
>>- VOID
>>- );
>>-
>>-/**
>>- Get current user's access rights.
>>-
>>- @param[out] AccessRight Points to the buffer used for user's access
>rights.
>>-
>>- @retval EFI_SUCCESS Get current user access rights successfully.
>>- @retval others Fail to get current user access rights.
>>-
>>-**/
>>-EFI_STATUS
>>-GetAccessRight (
>>- OUT UINT32 *AccessRight
>>- );
>>-
>>-/**
>>- Display the permit load device path in the loadable device path list.
>>-
>>-**/
>>-VOID
>>-DisplayLoadPermit(
>>- VOID
>>- );
>>-
>>-/**
>>- Display the forbid load device path list (mAccessInfo.LoadForbid).
>>-
>>-**/
>>-VOID
>>-DisplayLoadForbid (
>>- VOID
>>- );
>>-
>>-/**
>>- Display the permit connect device path.
>>-
>>-**/
>>-VOID
>>-DisplayConnectPermit (
>>- VOID
>>- );
>>-
>>-/**
>>- Display the forbid connect device path list.
>>-
>>-**/
>>-VOID
>>-DisplayConnectForbid (
>>- VOID
>>- );
>>-
>>-/**
>>- Delete the specified device path by DriverIndex from the forbid device
>path
>>- list (mAccessInfo.LoadForbid).
>>-
>>- @param[in] DriverIndex The index of driver in a forbidden device path list.
>>-
>>-**/
>>-VOID
>>-DeleteFromForbidLoad (
>>- IN UINT16 DriverIndex
>>- );
>>-
>>-/**
>>- Add the specified device path by DriverIndex to the forbid device path
>>- list (mAccessInfo.LoadForbid).
>>-
>>- @param[in] DriverIndex The index of driver saved in driver options.
>>-
>>-**/
>>-VOID
>>-AddToForbidLoad (
>>- IN UINT16 DriverIndex
>>- );
>>-
>>-/**
>>- Get user name from the popup windows.
>>-
>>- @param[in, out] UserNameLen On entry, point to the buffer lengh of
>>UserName.
>>- On exit, point to the input user name length.
>>- @param[out] UserName The buffer to hold the input user name.
>>-
>>- @retval EFI_ABORTED It is given up by pressing 'ESC' key.
>>- @retval EFI_NOT_READY Not a valid input at all.
>>- @retval EFI_SUCCESS Get a user name successfully.
>>-
>>-**/
>>-EFI_STATUS
>>-GetUserNameInput (
>>- IN OUT UINTN *UserNameLen,
>>- OUT CHAR16 *UserName
>>- );
>>-
>>-/**
>>- Find the specified info in User profile by the InfoType.
>>-
>>- @param[in] User Handle of the user whose information will be
>>searched.
>>- @param[in] InfoType The user information type to find.
>>- @param[out] UserInfo Points to user information handle found.
>>-
>>- @retval EFI_SUCCESS Find the user information successfully.
>>- @retval Others Fail to find the user information.
>>-
>>-**/
>>-EFI_STATUS
>>-FindInfoByType (
>>- IN EFI_USER_PROFILE_HANDLE User,
>>- IN UINT8 InfoType,
>>- OUT EFI_USER_INFO_HANDLE *UserInfo
>>- );
>>-
>>-/**
>>- Convert the identity policy to a unicode string and update the Hii database
>>- IpStringId string with it.
>>-
>>- @param[in] Ip Points to identity policy.
>>- @param[in] IpLen The identity policy length.
>>- @param[in] IpStringId String ID in the HII database to be replaced.
>>-
>>-**/
>>-VOID
>>-ResolveIdentityPolicy (
>>- IN UINT8 *Ip,
>>- IN UINTN IpLen,
>>- IN EFI_STRING_ID IpStringId
>>- );
>>-
>>-/**
>>- Expand access policy memory size.
>>-
>>- @param[in] ValidLen The valid access policy length.
>>- @param[in] ExpandLen The length that is needed to expand.
>>-
>>-**/
>>-VOID
>>-ExpandMemory (
>>- IN UINTN ValidLen,
>>- IN UINTN ExpandLen
>>- );
>>-
>>-/**
>>- Delete User's credental from all the providers that exist in User's identity
>>policy.
>>-
>>- @param[in] IdentityPolicy Point to User's identity policy.
>>- @param[in] IdentityPolicyLen The length of the identity policy.
>>- @param[in] User Points to user profile.
>>-
>>-**/
>>-VOID
>>-DeleteCredentialFromProviders (
>>- IN UINT8 *IdentityPolicy,
>>- IN UINTN IdentityPolicyLen,
>>- IN EFI_USER_PROFILE_HANDLE User
>>- );
>>-
>>-#endif
>>diff --git
>>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileMana
>g
>>er.uni
>>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileMana
>g
>>er.uni
>>deleted file mode 100644
>>index e4a768e00a..0000000000
>>---
>>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileMana
>g
>>er.uni
>>+++ /dev/null
>>@@ -1,22 +0,0 @@
>>-// /** @file
>>-// A UI tool to manage user profiles
>>-//
>>-// By this module, user can add/update/delete user profiles, and can also
>>-// modify the user access policy and the user identification policy.
>>-//
>>-// Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
>>-//
>>-// This program and the accompanying materials
>>-// are licensed and made available under the terms and conditions of the
>BSD
>>License
>>-// which accompanies this distribution. The full text of the license may be
>>found at
>>-// http://opensource.org/licenses/bsd-license.php
>>-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>>BASIS,
>>-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-//
>>-// **/
>>-
>>-
>>-#string STR_MODULE_ABSTRACT #language en-US "A UI tool to
>>manage user profiles"
>>-
>>-#string STR_MODULE_DESCRIPTION #language en-US "By this module,
>>user can add/update/delete user profiles, and can also modify the user
>access
>>policy and the user identification policy."
>>-
>>diff --git
>>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileMana
>g
>>erData.h
>>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileMana
>g
>>erData.h
>>deleted file mode 100644
>>index a83caac9ba..0000000000
>>---
>>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileMana
>g
>>erData.h
>>+++ /dev/null
>>@@ -1,158 +0,0 @@
>>-/** @file
>>- The form data for user profile manager driver.
>>-
>>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>>-This program and the accompanying materials
>>-are licensed and made available under the terms and conditions of the BSD
>>License
>>-which accompanies this distribution. The full text of the license may be
>>found at
>>-http://opensource.org/licenses/bsd-license.php
>>-
>>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-
>>-**/
>>-
>>-#ifndef __USER_PROFILE_MANAGER_DATA_H__
>>-#define __USER_PROFILE_MANAGER_DATA_H__
>>-
>>-#include <Guid/UserProfileManagerHii.h>
>>-
>>-//
>>-// Form ID
>>-//
>>-#define FORMID_USER_MANAGE 0x0001
>>-#define FORMID_MODIFY_USER 0x0002
>>-#define FORMID_DEL_USER 0x0003
>>-#define FORMID_USER_INFO 0x0004
>>-#define FORMID_MODIFY_IP 0x0005
>>-#define FORMID_MODIFY_AP 0x0006
>>-#define FORMID_LOAD_DP 0x0007
>>-#define FORMID_CONNECT_DP 0x0008
>>-#define FORMID_PERMIT_LOAD_DP 0x0009
>>-#define FORMID_FORBID_LOAD_DP 0x000A
>>-#define FORMID_PERMIT_CONNECT_DP 0x000B
>>-#define FORMID_FORBID_CONNECT_DP 0x000C
>>-
>>-//
>>-// Label ID
>>-//
>>-#define LABEL_USER_MANAGE_FUNC 0x0010
>>-#define LABEL_USER_DEL_FUNC 0x0020
>>-#define LABEL_USER_MOD_FUNC 0x0030
>>-#define LABEL_USER_INFO_FUNC 0x0040
>>-#define LABEL_IP_MOD_FUNC 0x0050
>>-#define LABEL_AP_MOD_FUNC 0x0060
>>-#define LABEL_PERMIT_LOAD_FUNC 0x0070
>>-#define LABLE_FORBID_LOAD_FUNC 0x0080
>>-#define LABEL_END 0x00F0
>>-
>>-//
>>-// First form key (Add/modify/del user profile).
>>-// First 2 bits (bit 16~15).
>>-//
>>-#define KEY_MODIFY_USER 0x4000
>>-#define KEY_DEL_USER 0x8000
>>-#define KEY_ADD_USER 0xC000
>>-#define KEY_FIRST_FORM_MASK 0xC000
>>-
>>-//
>>-// Second form key (Display new form /Select user / modify device path in
>>access policy).
>>-// Next 2 bits (bit 14~13).
>>-//
>>-#define KEY_ENTER_NEXT_FORM 0x0000
>>-#define KEY_SELECT_USER 0x1000
>>-#define KEY_MODIFY_AP_DP 0x2000
>>-#define KEY_OPEN_CLOSE_FORM_ACTION 0x3000
>>-#define KEY_SECOND_FORM_MASK 0x3000
>>-
>>-//
>>-// User profile information form key.
>>-// Next 3 bits (bit 12~10).
>>-//
>>-#define KEY_MODIFY_NAME 0x0200
>>-#define KEY_MODIFY_IP 0x0400
>>-#define KEY_MODIFY_AP 0x0600
>>-#define KEY_MODIFY_INFO_MASK 0x0E00
>>-
>>-//
>>-// Specified key, used in VFR (KEY_MODIFY_USER | KEY_SELECT_USER |
>>KEY_MODIFY_NAME).
>>-//
>>-#define KEY_MODIFY_USER_NAME 0x5200
>>-
>>-//
>>-// Modify identity policy form key.
>>-// Next 3 bits (bit 9~7).
>>-//
>>-#define KEY_MODIFY_PROV 0x0040
>>-#define KEY_MODIFY_MTYPE 0x0080
>>-#define KEY_MODIFY_CONN 0x00C0
>>-#define KEY_ADD_IP_OP 0x0100
>>-#define KEY_IP_RETURN_UIF 0x0140
>>-#define KEY_MODIFY_IP_MASK 0x01C0
>>-
>>-//
>>-// Specified key.
>>-//
>>-#define KEY_ADD_LOGICAL_OP 0x5500
>>-#define KEY_IP_RETURN 0x5540
>>-
>>-//
>>-// Modify access policy form key.
>>-// Next 3 bits (bit 9~7).
>>-//
>>-#define KEY_MODIFY_RIGHT 0x0040
>>-#define KEY_MODIFY_SETUP 0x0080
>>-#define KEY_MODIFY_BOOT 0x00C0
>>-#define KEY_MODIFY_LOAD 0x0100
>>-#define KEY_MODIFY_CONNECT 0x0140
>>-#define KEY_AP_RETURN_UIF 0x0180
>>-#define KEY_MODIFY_AP_MASK 0x01C0
>>-
>>-//
>>-// Specified key.
>>-//
>>-#define KEY_LOAD_DP 0x5700
>>-#define KEY_CONN_DP 0x5740
>>-#define KEY_AP_RETURN 0x5780
>>-
>>-//
>>-// Device path form key.
>>-// Next 2 bits (bit 6~5).
>>-//
>>-#define KEY_PERMIT_MODIFY 0x0010
>>-#define KEY_FORBID_MODIFY 0x0020
>>-#define KEY_DISPLAY_DP_MASK 0x0030
>>-
>>-//
>>-// Specified key.
>>-//
>>-#define KEY_LOAD_PERMIT 0x5710
>>-#define KEY_LOAD_FORBID 0x5720
>>-#define KEY_CONNECT_PERMIT 0x5750
>>-#define KEY_CONNECT_FORBID 0x5760
>>-
>>-//
>>-// Device path modify key.
>>-// 2 bits (bit 12~11).
>>-//
>>-#define KEY_LOAD_PERMIT_MODIFY 0x0000
>>-#define KEY_LOAD_FORBID_MODIFY 0x0400
>>-#define KEY_CONNECT_PERMIT_MODIFY 0x0800
>>-#define KEY_CONNECT_FORBID_MODIFY 0x0C00
>>-#define KEY_MODIFY_DP_MASK 0x0C00
>>-
>>-
>>-//
>>-// The permissions usable when configuring the platform.
>>-//
>>-#define ACCESS_SETUP_RESTRICTED 1
>>-#define ACCESS_SETUP_NORMAL 2
>>-#define ACCESS_SETUP_ADMIN 3
>>-
>>-//
>>-// Question ID for the question used in each form
>>(KEY_OPEN_CLOSE_FORM_ACTION | FORMID_FORM_USER_MANAGE)
>>-// This ID is used in FORM OPEN/CLOSE CallBack action.
>>-//
>>-#define QUESTIONID_USER_MANAGE 0x3001
>>-
>>-#endif
>>diff --git
>>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileMana
>g
>>erDxe.inf
>>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileMana
>g
>>erDxe.inf
>>deleted file mode 100644
>>index cdd97731b2..0000000000
>>---
>>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileMana
>g
>>erDxe.inf
>>+++ /dev/null
>>@@ -1,72 +0,0 @@
>>-## @file
>>-# A UI tool to manage user profiles
>>-#
>>-# By this module, user can add/update/delete user profiles, and can also
>>-# modify the user access policy and the user identification policy.
>>-#
>>-# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>>-# This program and the accompanying materials
>>-# are licensed and made available under the terms and conditions of the
>BSD
>>License
>>-# which accompanies this distribution. The full text of the license may be
>>found at
>>-# http://opensource.org/licenses/bsd-license.php
>>-# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>>BASIS,
>>-# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-#
>>-##
>>-
>>-[Defines]
>>- INF_VERSION = 0x00010005
>>- BASE_NAME = UserProfileManager
>>- MODULE_UNI_FILE = UserProfileManager.uni
>>- FILE_GUID = E38CB52D-A74D-45db-A8D0-290C9B21BBF2
>>- MODULE_TYPE = DXE_DRIVER
>>- VERSION_STRING = 1.0
>>- ENTRY_POINT = UserProfileManagerInit
>>-
>>-[Sources]
>>- UserProfileManager.c
>>- UserProfileManager.h
>>- UserProfileAdd.c
>>- UserProfileDelete.c
>>- UserProfileModify.c
>>- ModifyIdentityPolicy.c
>>- ModifyAccessPolicy.c
>>- UserProfileManagerData.h
>>- UserProfileManagerStrings.uni
>>- UserProfileManagerVfr.Vfr
>>-
>>-[Packages]
>>- MdePkg/MdePkg.dec
>>- MdeModulePkg/MdeModulePkg.dec
>>- SecurityPkg/SecurityPkg.dec
>>-
>>-[LibraryClasses]
>>- UefiRuntimeServicesTableLib
>>- UefiBootServicesTableLib
>>- UefiDriverEntryPoint
>>- MemoryAllocationLib
>>- BaseMemoryLib
>>- DebugLib
>>- HiiLib
>>- UefiLib
>>- DevicePathLib
>>-
>>-[Guids]
>>- gEfiIfrTianoGuid ## SOMETIMES_CONSUMES ## GUID
>>- gEfiUserInfoAccessSetupAdminGuid ## SOMETIMES_CONSUMES
>##
>>GUID
>>- gEfiUserInfoAccessSetupNormalGuid ## SOMETIMES_CONSUMES
>##
>>GUID
>>- gEfiUserInfoAccessSetupRestrictedGuid ## SOMETIMES_CONSUMES
>>## GUID
>>- gUserProfileManagerGuid ## CONSUMES ## HII
>>-
>>-[Protocols]
>>- gEfiDevicePathProtocolGuid ## PRODUCES
>>- gEfiHiiConfigAccessProtocolGuid ## PRODUCES
>>- gEfiUserCredential2ProtocolGuid ## SOMETIMES_CONSUMES
>>- gEfiUserManagerProtocolGuid ## CONSUMES
>>-
>>-[Depex]
>>- gEfiUserManagerProtocolGuid
>>-
>>-[UserExtensions.TianoCore."ExtraFiles"]
>>- UserProfileManagerExtra.uni
>>-
>>diff --git
>>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileMana
>g
>>erExtra.uni
>>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileMana
>g
>>erExtra.uni
>>deleted file mode 100644
>>index bf7ac7dc04..0000000000
>>---
>>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileMana
>g
>>erExtra.uni
>>+++ /dev/null
>>@@ -1,19 +0,0 @@
>>-// /** @file
>>-// UserProfileManager Localized Strings and Content
>>-//
>>-// Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
>>-//
>>-// This program and the accompanying materials
>>-// are licensed and made available under the terms and conditions of the
>BSD
>>License
>>-// which accompanies this distribution. The full text of the license may be
>>found at
>>-// http://opensource.org/licenses/bsd-license.php
>>-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>>BASIS,
>>-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-//
>>-// **/
>>-
>>-#string STR_PROPERTIES_MODULE_NAME
>>-#language en-US
>>-"User Profile Manager"
>>-
>>-
>>diff --git
>>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileMana
>g
>>erStrings.uni
>>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileMana
>g
>>erStrings.uni
>>deleted file mode 100644
>>index 3a003a9883..0000000000
>>---
>>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileMana
>g
>>erStrings.uni
>>+++ /dev/null
>>@@ -1,158 +0,0 @@
>>-/** @file
>>- String definitions for User Profile Manager driver.
>>-
>>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>>-This program and the accompanying materials
>>-are licensed and made available under the terms and conditions of the BSD
>>License
>>-which accompanies this distribution. The full text of the license may be
>>found at
>>-http://opensource.org/licenses/bsd-license.php
>>-
>>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-
>>-**/
>>-
>>-#langdef en-US "English"
>>-#langdef fr-FR "Français"
>>-
>>-#string STR_NULL_STRING #language en-US ""
>>- #language fr-FR ""
>>-#string STR_FORMSET_TITLE #language en-US "User Manager"
>>- #language fr-FR "User Manager(French)"
>>-#string STR_TITLE_HELP #language en-US "This selection will take
>>you to the User Manager"
>>- #language fr-FR "This selection will take you to the User
>>Manager(French)"
>>-#string STR_USERMAN_TITLE #language en-US "User Manager"
>>- #language fr-FR "User Manager(French)"
>>-#string STR_ADD_USER_TITLE #language en-US "Add User Profile"
>>- #language fr-FR "Add User Profile(French)"
>>-#string STR_ADD_USER_HELP #language en-US "Add User Profile to
>>User Database"
>>- #language fr-FR "Add User Profile to User
>>Database(French)"
>>-#string STR_MODIFY_USER_TITLE #language en-US "Modify User
>>Profile"
>>- #language fr-FR "Modify User Profile(French)"
>>-#string STR_MODIFY_USER_HELP #language en-US "Modify User
>Profile
>>Information"
>>- #language fr-FR "Modify User Profile
>>Information(French)"
>>-#string STR_DELETE_USER_TITLE #language en-US "Delete User
>Profile"
>>- #language fr-FR "Delete User Profile(French)"
>>-#string STR_DELETE_USER_HELP #language en-US "Delete User Profile
>>from User Database"
>>- #language fr-FR "Delete User Profile from User
>>Database(French)"
>>-#string STR_USER_INFO #language en-US "User Profile
>>Information"
>>- #language fr-FR "User Profile Information(French)"
>>-#string STR_USER_NAME #language en-US "User Name"
>>- #language fr-FR "User Name(French)"
>>-#string STR_USER_NAME_VAL #language en-US ""
>>- #language fr-FR ""
>>-#string STR_CREATE_DATE #language en-US "Create Date"
>>- #language fr-FR "Create Date(French)"
>>-#string STR_CREATE_DATE_VAL #language en-US ""
>>- #language fr-FR ""
>>-#string STR_USAGE_DATE #language en-US "Usage Date"
>>- #language fr-FR "Usage Date(French)"
>>-#string STR_USAGE_DATE_VAL #language en-US ""
>>- #language fr-FR ""
>>-#string STR_USAGE_COUNT #language en-US "Usage Count"
>>- #language fr-FR "Usage Count(French)"
>>-#string STR_USAGE_COUNT_VAL #language en-US ""
>>- #language fr-FR ""
>>-#string STR_IDENTIFY_POLICY #language en-US "Identify Policy"
>>- #language fr-FR "Identify Policy(French)"
>>-#string STR_IDENTIFY_POLICY_VAL #language en-US ""
>>- #language fr-FR ""
>>-#string STR_ACCESS_POLICY #language en-US "Access Policy"
>>- #language fr-FR "Access Policy(French)"
>>-#string STR_SAVE #language en-US "Save & Exit"
>>- #language fr-FR "Save & Exit(French)"
>>-#string STR_IDENTIFY_SAVE_HELP #language en-US "Save Identify
>Policy
>>and Exit"
>>- #language fr-FR "Save Identify Policy and Exit(French)"
>>-#string STR_PROVIDER #language en-US "Credential Provider"
>>- #language fr-FR "Credential Provider(French)"
>>-#string STR_PROVIDER_HELP #language en-US "Select Credential
>>Provider Option"
>>- #language fr-FR "Select Credential Provider
>>Option(French)"
>>-#string STR_OR_CON #language en-US "Or"
>>- #language fr-FR "Or(French)"
>>-#string STR_AND_CON #language en-US "And"
>>- #language fr-FR "And(French)"
>>-#string STR_CONNECTOR #language en-US "Logical Connector"
>>- #language fr-FR "Logical Connector(French)"
>>-#string STR_CONNECTOR_HELP #language en-US "Select Logical
>>Connector Option"
>>- #language fr-FR "Select Logical Connector
>>Option(French)"
>>-#string STR_IDENTIFY_POLICY_VALUE #language en-US ""
>>- #language fr-FR ""
>>-#string STR_IDENTIFY_POLICY_HELP #language en-US "Current Identify
>>Policy"
>>- #language fr-FR "Current Identify Policy(French)"
>>-#string STR_ADD_OPTION #language en-US "Add Option"
>>- #language fr-FR "Add Option(French)"
>>-#string STR_ADD_OPTION_HELP #language en-US "Add This Option
>to
>>Identify Policy"
>>- #language fr-FR "Add This Option to Identify
>>Policy(French)"
>>-#string STR_ACCESS_SAVE_HELP #language en-US "Save Access Policy
>>and Exit"
>>- #language fr-FR "Save Access Policy and Exit(French)"
>>-#string STR_ACCESS_RIGHT #language en-US "Access Right"
>>- #language fr-FR "Access Right(French)"
>>-#string STR_ACCESS_RIGHT_HELP #language en-US "Select Access
>Right
>>Option"
>>- #language fr-FR "Select Access Right Option(French)"
>>-#string STR_NORMAL #language en-US "Normal"
>>- #language fr-FR "Normal(French)"
>>-#string STR_ENROLL #language en-US "Enroll"
>>- #language fr-FR "Enroll(French)"
>>-#string STR_MANAGE #language en-US "Manage"
>>- #language fr-FR "Manage(French)"
>>-#string STR_ACCESS_SETUP #language en-US "Access Setup"
>>- #language fr-FR "Access Setup(French)"
>>-#string STR_ACCESS_SETUP_HELP #language en-US "Select Access
>>Setup Option"
>>- #language fr-FR "Selelct Access Setup Option(French)"
>>-#string STR_RESTRICTED #language en-US "Restricted"
>>- #language fr-FR "Restricted(French)"
>>-#string STR_ADMIN #language en-US "Admin"
>>- #language fr-FR "Admin(French)"
>>-#string STR_BOOR_ORDER #language en-US "Access Boot Order"
>>- #language fr-FR "Access Boot Order(French)"
>>-#string STR_BOOT_ORDER_HELP #language en-US "Select Access
>Boot
>>Order Option"
>>- #language fr-FR "Select Access Boot Order
>>Option(French)"
>>-#string STR_INSERT #language en-US "Insert"
>>- #language fr-FR "Insert(French)"
>>-#string STR_APPEND #language en-US "Append"
>>- #language fr-FR "Append(French)"
>>-#string STR_REPLACE #language en-US "Replace"
>>- #language fr-FR "Replace(French)"
>>-#string STR_NODEFAULT #language en-US "Nodefault"
>>- #language fr-FR "Nodefault(French)"
>>-#string STR_LOAD #language en-US "Load Device Path"
>>- #language fr-FR "Load Device Path(French)"
>>-#string STR_LOAD_HELP #language en-US "Select Permit/Forbid
>>Load Device Path"
>>- #language fr-FR "Select Permit/Forbid Load Device
>>Path(French)"
>>-#string STR_CONNECT #language en-US "Connect Device Path"
>>- #language fr-FR "Connect Device Path(French)"
>>-#string STR_CONNECT_HELP #language en-US "Select Permit/Forbid
>>Connect Device Path"
>>- #language fr-FR "Select Permit/Forbid Connect Device
>>Path(French)"
>>-#string STR_LOAD_PERMIT #language en-US "Permit Load Device
>>Path"
>>- #language fr-FR "Permit Load Device Path(French)"
>>-#string STR_LOAD_PERMIT_HELP #language en-US "Change Permit
>>Load Device Path to Forbid"
>>- #language fr-FR "Change Permit Load Device Path to
>>Forbid(French)"
>>-#string STR_LOAD_FORBID #language en-US "Forbid Load Device
>>Path"
>>- #language fr-FR "Forbid Load Device Path(French)"
>>-#string STR_LOAD_FORBID_HELP #language en-US "Change Forbid
>Load
>>Device Path to Permit"
>>- #language fr-FR "Change Forbid Load Device Path to
>>Permit(French)"
>>-#string STR_CONNECT_PERMIT #language en-US "Permit Connect
>>Device Path"
>>- #language fr-FR "Permit Connect Device Path(French)"
>>-#string STR_CONNECT_PERMIT_HELP #language en-US "Change Permit
>>Connect Device Path to Forbid"
>>- #language fr-FR "Change Permit Connect Device Path to
>>Forbid(French)"
>>-#string STR_CONNECT_FORBID #language en-US "Forbid Connect
>>Device Path"
>>- #language fr-FR "Forbid Connect Device Path(French)"
>>-#string STR_CONNECT_FORBID_HELP #language en-US "Change Forbid
>>Connect Device Path to Permit"
>>- #language fr-FR "Change Forbid Connect Device Path to
>>Permit(French)"
>>-#string STR_PRESS_KEY_CONTINUE #language en-US "Press ENTER to
>>Continue, Other Key to Cancel ..."
>>- #language fr-FR "Press ENTER to Continue, Other Key to
>>Cancel ...(French)"
>>-#string STR_MOVE_TO_FORBID_LIST #language en-US "Are You Sure to
>>Move It to Forbid List?"
>>- #language fr-FR "Are You Sure to Move It to Forbid
>>List?(French)"
>>-#string STR_MOVE_TO_PERMIT_LIST #language en-US "Are You Sure
>to
>>Move It to Permit List?"
>>- #language fr-FR "Are You Sure to Move It to Permit
>>List?(French)"
>>-#string STR_STROKE_KEY_CONTINUE #language en-US "Please Press
>Any
>>Key to Continue ..."
>>- #language fr-FR "Please Press Any Key to Continue ...
>>(French)"
>>-#string STR_CREATE_PROFILE_FAILED #language en-US "Create New
>User
>>Profile Failed!"
>>- #language fr-FR "Create New User Profile Failed!
>>(French)"
>>-#string STR_CREATE_PROFILE_SUCCESS #language en-US "Create New
>>User Profile Succeed!"
>>- #language fr-FR "Create New User Profile Succeed!
>>(French)"
>>-#string STR_USER_ALREADY_EXISTED #language en-US "User Name Had
>>Already Existed."
>>- #language fr-FR "User Name Had Already Existed.
>>(French)"
>>-#string STR_GET_USERNAME_FAILED #language en-US "Failed To Get
>>User Name."
>>- #language fr-FR "Failed To Get User Name. (French)"
>>-
>>diff --git
>>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileMana
>g
>>erVfr.Vfr
>>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileMana
>g
>>erVfr.Vfr
>>deleted file mode 100644
>>index 2cf3359f2a..0000000000
>>---
>>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileMana
>g
>>erVfr.Vfr
>>+++ /dev/null
>>@@ -1,244 +0,0 @@
>>-/** @file
>>- User Profile Manager formset.
>>-
>>-Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
>>-This program and the accompanying materials
>>-are licensed and made available under the terms and conditions of the BSD
>>License
>>-which accompanies this distribution. The full text of the license may be
>>found at
>>-http://opensource.org/licenses/bsd-license.php
>>-
>>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-
>>-**/
>>-
>>-#include "UserProfileManagerData.h"
>>-
>>-#define USER_MANAGER_CLASS 0x00
>>-#define USER_MANAGER_SUBCLASS 0x04
>>-
>>-formset
>>- guid = USER_PROFILE_MANAGER_GUID,
>>- title = STRING_TOKEN(STR_FORMSET_TITLE),
>>- help = STRING_TOKEN(STR_TITLE_HELP),
>>-
>>- // User manager form
>>- form formid = FORMID_USER_MANAGE,
>>- title = STRING_TOKEN(STR_USERMAN_TITLE);
>>-
>>- label LABEL_USER_MANAGE_FUNC;
>>- label LABEL_END;
>>-
>>- suppressif TRUE;
>>- text
>>- help = STRING_TOKEN(STR_NULL_STRING),
>>- text = STRING_TOKEN(STR_NULL_STRING),
>>- flags = INTERACTIVE,
>>- key = QUESTIONID_USER_MANAGE;
>>- endif;
>>-
>>- endform;
>>-
>>- // Modify user profile form
>>- form formid = FORMID_MODIFY_USER,
>>- title = STRING_TOKEN(STR_MODIFY_USER_TITLE);
>>-
>>- label LABEL_USER_MOD_FUNC;
>>- label LABEL_END;
>>-
>>- endform;
>>-
>>- // Delete user profile form
>>- form formid = FORMID_DEL_USER,
>>- title = STRING_TOKEN(STR_DELETE_USER_TITLE);
>>-
>>- label LABEL_USER_DEL_FUNC;
>>- label LABEL_END;
>>-
>>- subtitle
>>- text = STRING_TOKEN(STR_NULL_STRING);
>>- endform;
>>-
>>- //
>>- // User profile information form
>>- //
>>- form formid = FORMID_USER_INFO,
>>- title = STRING_TOKEN(STR_USER_INFO);
>>-
>>- text
>>- help = STRING_TOKEN(STR_USER_NAME_VAL),
>>- text = STRING_TOKEN(STR_USER_NAME),
>>- flags = INTERACTIVE,
>>- key = KEY_MODIFY_USER_NAME;
>>-
>>- text
>>- help = STRING_TOKEN(STR_CREATE_DATE_VAL),
>>- text = STRING_TOKEN(STR_CREATE_DATE);
>>-
>>- text
>>- help = STRING_TOKEN(STR_USAGE_DATE_VAL),
>>- text = STRING_TOKEN(STR_USAGE_DATE);
>>-
>>- text
>>- help = STRING_TOKEN(STR_USAGE_COUNT_VAL),
>>- text = STRING_TOKEN(STR_USAGE_COUNT);
>>-
>>- label LABEL_USER_INFO_FUNC;
>>- label LABEL_END;
>>-
>>- endform;
>>-
>>- //
>>- // Identify policy modify form
>>- //
>>- form formid = FORMID_MODIFY_IP,
>>- title = STRING_TOKEN(STR_IDENTIFY_POLICY);
>>-
>>- text
>>- help = STRING_TOKEN(STR_IDENTIFY_POLICY_HELP),
>>- text = STRING_TOKEN(STR_IDENTIFY_POLICY),
>>- text = STRING_TOKEN(STR_IDENTIFY_POLICY_VALUE);
>>-
>>- label LABEL_IP_MOD_FUNC;
>>- label LABEL_END;
>>-
>>- text
>>- help = STRING_TOKEN(STR_ADD_OPTION_HELP),
>>- text = STRING_TOKEN(STR_ADD_OPTION),
>>- flags = INTERACTIVE,
>>- key = KEY_ADD_LOGICAL_OP;
>>-
>>- subtitle
>>- text = STRING_TOKEN(STR_NULL_STRING);
>>-
>>- text
>>- help = STRING_TOKEN(STR_IDENTIFY_SAVE_HELP),
>>- text = STRING_TOKEN(STR_SAVE),
>>- flags = INTERACTIVE,
>>- key = KEY_IP_RETURN;
>>-
>>- endform;
>>-
>>- //
>>- // Access policy modify form
>>- //
>>- form formid = FORMID_MODIFY_AP,
>>- title = STRING_TOKEN(STR_ACCESS_POLICY);
>>-
>>- label LABEL_AP_MOD_FUNC;
>>- label LABEL_END;
>>-
>>- goto FORMID_LOAD_DP,
>>- prompt = STRING_TOKEN(STR_LOAD),
>>- help = STRING_TOKEN(STR_LOAD_HELP),
>>- flags = INTERACTIVE,
>>- key = KEY_LOAD_DP;
>>-
>>- goto FORMID_CONNECT_DP,
>>- prompt = STRING_TOKEN(STR_CONNECT),
>>- help = STRING_TOKEN(STR_CONNECT_HELP),
>>- flags = INTERACTIVE,
>>- key = KEY_CONN_DP;
>>-
>>- subtitle
>>- text = STRING_TOKEN(STR_NULL_STRING);
>>-
>>- text
>>- help = STRING_TOKEN(STR_ACCESS_SAVE_HELP),
>>- text = STRING_TOKEN(STR_SAVE),
>>- flags = INTERACTIVE,
>>- key = KEY_AP_RETURN;
>>-
>>- endform;
>>-
>>- //
>>- // Load device path form
>>- //
>>- form formid = FORMID_LOAD_DP,
>>- title = STRING_TOKEN(STR_LOAD);
>>-
>>- goto FORMID_PERMIT_LOAD_DP,
>>- prompt = STRING_TOKEN(STR_LOAD_PERMIT),
>>- help = STRING_TOKEN(STR_LOAD_PERMIT_HELP),
>>- flags = INTERACTIVE,
>>- key = KEY_LOAD_PERMIT;
>>-
>>- goto FORMID_FORBID_LOAD_DP,
>>- prompt = STRING_TOKEN(STR_LOAD_FORBID),
>>- help = STRING_TOKEN(STR_LOAD_FORBID_HELP),
>>- flags = INTERACTIVE,
>>- key = KEY_LOAD_FORBID;
>>-
>>- endform;
>>-
>>- //
>>- // Permit load device path form
>>- //
>>- form formid = FORMID_PERMIT_LOAD_DP,
>>- title = STRING_TOKEN(STR_LOAD_PERMIT);
>>-
>>- label LABEL_PERMIT_LOAD_FUNC;
>>- label LABEL_END;
>>-
>>- subtitle
>>- text = STRING_TOKEN(STR_NULL_STRING);
>>-
>>- endform;
>>-
>>- //
>>- // Forbid load device path form
>>- //
>>- form formid = FORMID_FORBID_LOAD_DP,
>>- title = STRING_TOKEN(STR_LOAD_FORBID);
>>-
>>- label LABLE_FORBID_LOAD_FUNC;
>>- label LABEL_END;
>>-
>>- subtitle
>>- text = STRING_TOKEN(STR_NULL_STRING);
>>-
>>- endform;
>>-
>>- //
>>- // Connect device path form
>>- //
>>- form formid = FORMID_CONNECT_DP,
>>- title = STRING_TOKEN(STR_CONNECT);
>>-
>>- goto FORMID_PERMIT_CONNECT_DP,
>>- prompt = STRING_TOKEN(STR_CONNECT_PERMIT),
>>- help = STRING_TOKEN(STR_CONNECT_PERMIT_HELP),
>>- flags = INTERACTIVE,
>>- key = KEY_CONNECT_PERMIT;
>>-
>>- goto FORMID_FORBID_CONNECT_DP,
>>- prompt = STRING_TOKEN(STR_CONNECT_FORBID),
>>- help = STRING_TOKEN(STR_CONNECT_FORBID_HELP),
>>- flags = INTERACTIVE,
>>- key = KEY_CONNECT_FORBID;
>>-
>>- endform;
>>-
>>- //
>>- // Permit connect device path form
>>- //
>>- form formid = FORMID_PERMIT_CONNECT_DP,
>>- title = STRING_TOKEN(STR_CONNECT_PERMIT);
>>-
>>- subtitle
>>- text = STRING_TOKEN(STR_NULL_STRING);
>>-
>>- endform;
>>-
>>- //
>>- // Forbid connect device path form
>>- //
>>- form formid = FORMID_FORBID_CONNECT_DP,
>>- title = STRING_TOKEN(STR_CONNECT_FORBID);
>>-
>>- subtitle
>>- text = STRING_TOKEN(STR_NULL_STRING);
>>-
>>- endform;
>>-
>>-endformset;
>>diff --git
>>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileModif
>y
>>.c
>>b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileModif
>y
>>.c
>>deleted file mode 100644
>>index d165e5ae9b..0000000000
>>---
>>a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileModif
>y
>>.c
>>+++ /dev/null
>>@@ -1,1475 +0,0 @@
>>-/** @file
>>- The functions to modify a user profile.
>>-
>>-Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
>>-This program and the accompanying materials
>>-are licensed and made available under the terms and conditions of the BSD
>>License
>>-which accompanies this distribution. The full text of the license may be
>>found at
>>-http://opensource.org/licenses/bsd-license.php
>>-
>>-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS"
>BASIS,
>>-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER
>>EXPRESS OR IMPLIED.
>>-
>>-**/
>>-
>>-#include "UserProfileManager.h"
>>-
>>-EFI_USER_PROFILE_HANDLE mModifyUser = NULL;
>>-
>>-/**
>>- Display user select form, cab select a user to modify.
>>-
>>-**/
>>-VOID
>>-SelectUserToModify (
>>- VOID
>>- )
>>-{
>>- EFI_STATUS Status;
>>- UINT8 Index;
>>- EFI_USER_PROFILE_HANDLE User;
>>- EFI_USER_PROFILE_HANDLE CurrentUser;
>>- UINT32 CurrentAccessRight;
>>- VOID *StartOpCodeHandle;
>>- VOID *EndOpCodeHandle;
>>- EFI_IFR_GUID_LABEL *StartLabel;
>>- EFI_IFR_GUID_LABEL *EndLabel;
>>-
>>- //
>>- // Initialize the container for dynamic opcodes.
>>- //
>>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>>- ASSERT (StartOpCodeHandle != NULL);
>>-
>>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>>- ASSERT (EndOpCodeHandle != NULL);
>>-
>>- //
>>- // Create Hii Extend Label OpCode.
>>- //
>>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>>- StartOpCodeHandle,
>>- &gEfiIfrTianoGuid,
>>- NULL,
>>- sizeof (EFI_IFR_GUID_LABEL)
>>- );
>>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>>- StartLabel->Number = LABEL_USER_MOD_FUNC;
>>-
>>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>>- EndOpCodeHandle,
>>- &gEfiIfrTianoGuid,
>>- NULL,
>>- sizeof (EFI_IFR_GUID_LABEL)
>>- );
>>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>>- EndLabel->Number = LABEL_END;
>>-
>>- //
>>- // Add each user can be modified.
>>- //
>>- User = NULL;
>>- Index = 1;
>>- mUserManager->Current (mUserManager, &CurrentUser);
>>- while (TRUE) {
>>- Status = mUserManager->GetNext (mUserManager, &User);
>>- if (EFI_ERROR (Status)) {
>>- break;
>>- }
>>-
>>- Status = GetAccessRight (&CurrentAccessRight);
>>- if (EFI_ERROR (Status)) {
>>- CurrentAccessRight = EFI_USER_INFO_ACCESS_ENROLL_SELF;
>>- }
>>-
>>- if ((CurrentAccessRight == EFI_USER_INFO_ACCESS_MANAGE) || (User
>==
>>CurrentUser)) {
>>- AddUserToForm (User, (UINT16)(KEY_MODIFY_USER |
>KEY_SELECT_USER
>>| Index), StartOpCodeHandle);
>>- }
>>- Index++;
>>- }
>>-
>>- HiiUpdateForm (
>>- mCallbackInfo->HiiHandle, // HII handle
>>- &gUserProfileManagerGuid, // Formset GUID
>>- FORMID_MODIFY_USER, // Form ID
>>- StartOpCodeHandle, // Label for where to insert opcodes
>>- EndOpCodeHandle // Replace data
>>- );
>>-
>>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>>-}
>>-
>>-
>>-/**
>>- Get all the user info from mModifyUser in the user manager, and save on
>>the
>>- global variable.
>>-
>>-**/
>>-VOID
>>-GetAllUserInfo (
>>- VOID
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_USER_INFO_HANDLE UserInfo;
>>- EFI_USER_INFO *Info;
>>- UINTN InfoSize;
>>- UINTN MemSize;
>>- UINTN DataLen;
>>-
>>- //
>>- // Init variable to default value.
>>- //
>>- mProviderChoice = 0;
>>- mConncetLogical = 0;
>>-
>>- mUserInfo.CreateDateExist = FALSE;
>>- mUserInfo.UsageDateExist = FALSE;
>>- mUserInfo.UsageCount = 0;
>>-
>>- mUserInfo.AccessPolicyLen = 0;
>>- mUserInfo.AccessPolicyModified = FALSE;
>>- if (mUserInfo.AccessPolicy != NULL) {
>>- FreePool (mUserInfo.AccessPolicy);
>>- mUserInfo.AccessPolicy = NULL;
>>- }
>>- mUserInfo.IdentityPolicyLen = 0;
>>- mUserInfo.IdentityPolicyModified = FALSE;
>>- if (mUserInfo.IdentityPolicy != NULL) {
>>- FreePool (mUserInfo.IdentityPolicy);
>>- mUserInfo.IdentityPolicy = NULL;
>>- }
>>-
>>- //
>>- // Allocate user information memory.
>>- //
>>- MemSize = sizeof (EFI_USER_INFO) + 63;
>>- Info = AllocateZeroPool (MemSize);
>>- if (Info == NULL) {
>>- return ;
>>- }
>>-
>>- //
>>- // Get each user information.
>>- //
>>- UserInfo = NULL;
>>- while (TRUE) {
>>- Status = mUserManager->GetNextInfo (mUserManager, mModifyUser,
>>&UserInfo);
>>- if (EFI_ERROR (Status)) {
>>- break;
>>- }
>>- //
>>- // Get information.
>>- //
>>- InfoSize = MemSize;
>>- Status = mUserManager->GetInfo (
>>- mUserManager,
>>- mModifyUser,
>>- UserInfo,
>>- Info,
>>- &InfoSize
>>- );
>>- if (Status == EFI_BUFFER_TOO_SMALL) {
>>- MemSize = InfoSize;
>>- FreePool (Info);
>>- Info = AllocateZeroPool (MemSize);
>>- if (Info == NULL) {
>>- return ;
>>- }
>>-
>>- Status = mUserManager->GetInfo (
>>- mUserManager,
>>- mModifyUser,
>>- UserInfo,
>>- Info,
>>- &InfoSize
>>- );
>>- }
>>-
>>- if (Status == EFI_SUCCESS) {
>>- //
>>- // Deal with each information according to informaiton type.
>>- //
>>- DataLen = Info->InfoSize - sizeof (EFI_USER_INFO);
>>- switch (Info->InfoType) {
>>- case EFI_USER_INFO_NAME_RECORD:
>>- CopyMem (&mUserInfo.UserName, (UINT8 *) (Info + 1), DataLen);
>>- break;
>>-
>>- case EFI_USER_INFO_CREATE_DATE_RECORD:
>>- CopyMem (&mUserInfo.CreateDate, (UINT8 *) (Info + 1), DataLen);
>>- mUserInfo.CreateDateExist = TRUE;
>>- break;
>>-
>>- case EFI_USER_INFO_USAGE_DATE_RECORD:
>>- CopyMem (&mUserInfo.UsageDate, (UINT8 *) (Info + 1), DataLen);
>>- mUserInfo.UsageDateExist = TRUE;
>>- break;
>>-
>>- case EFI_USER_INFO_USAGE_COUNT_RECORD:
>>- CopyMem (&mUserInfo.UsageCount, (UINT8 *) (Info + 1), DataLen);
>>- break;
>>-
>>- case EFI_USER_INFO_ACCESS_POLICY_RECORD:
>>- mUserInfo.AccessPolicy = AllocateZeroPool (DataLen);
>>- if (mUserInfo.AccessPolicy == NULL) {
>>- break;
>>- }
>>-
>>- CopyMem (mUserInfo.AccessPolicy, (UINT8 *) (Info + 1), DataLen);
>>- mUserInfo.AccessPolicyLen = DataLen;
>>- break;
>>-
>>- case EFI_USER_INFO_IDENTITY_POLICY_RECORD:
>>- mUserInfo.IdentityPolicy = AllocateZeroPool (DataLen);
>>- if (mUserInfo.IdentityPolicy == NULL) {
>>- break;
>>- }
>>-
>>- CopyMem (mUserInfo.IdentityPolicy, (UINT8 *) (Info + 1), DataLen);
>>- mUserInfo.IdentityPolicyLen = DataLen;
>>- break;
>>-
>>- default:
>>- break;
>>- }
>>- }
>>- }
>>- FreePool (Info);
>>-}
>>-
>>-
>>-/**
>>- Convert the Date to a string, and update the Hii database DateID string
>with
>>it.
>>-
>>- @param[in] Date Points to the date to be converted.
>>- @param[in] DateId String ID in the HII database to be replaced.
>>-
>>-**/
>>-VOID
>>-ResolveDate (
>>- IN EFI_TIME *Date,
>>- IN EFI_STRING_ID DateId
>>- )
>>-{
>>- CHAR16 *Str;
>>- UINTN DateBufLen;
>>-
>>- //
>>- // Convert date to string.
>>- //
>>- DateBufLen = 64;
>>- Str = AllocateZeroPool (DateBufLen);
>>- if (Str == NULL) {
>>- return ;
>>- }
>>-
>>- UnicodeSPrint (
>>- Str,
>>- DateBufLen,
>>- L"%4d-%2d-%2d ",
>>- Date->Year,
>>- Date->Month,
>>- Date->Day
>>- );
>>-
>>- //
>>- // Convert time to string.
>>- //
>>- DateBufLen -= StrLen (Str);
>>- UnicodeSPrint (
>>- Str + StrLen (Str),
>>- DateBufLen,
>>- L"%2d:%2d:%2d",
>>- Date->Hour,
>>- Date->Minute,
>>- Date->Second
>>- );
>>-
>>- HiiSetString (mCallbackInfo->HiiHandle, DateId, Str, NULL);
>>- FreePool (Str);
>>-}
>>-
>>-
>>-/**
>>- Convert the CountVal to a string, and update the Hii database CountId
>string
>>- with it.
>>-
>>- @param[in] CountVal The hex value to convert.
>>- @param[in] CountId String ID in the HII database to be replaced.
>>-
>>-**/
>>-VOID
>>-ResolveCount (
>>- IN UINT32 CountVal,
>>- IN EFI_STRING_ID CountId
>>- )
>>-{
>>- CHAR16 Count[10];
>>-
>>- UnicodeSPrint (Count, 20, L"%d", CountVal);
>>- HiiSetString (mCallbackInfo->HiiHandle, CountId, Count, NULL);
>>-}
>>-
>>-
>>-/**
>>- Concatenates one Null-terminated Unicode string to another Null-
>>terminated
>>- Unicode string.
>>-
>>- @param[in, out] Source1 On entry, point to a Null-terminated Unicode
>>string.
>>- On exit, point to a new concatenated Unicode string
>>- @param[in] Source2 Pointer to a Null-terminated Unicode string.
>>-
>>-**/
>>-VOID
>>-AddStr (
>>- IN OUT CHAR16 **Source1,
>>- IN CONST CHAR16 *Source2
>>- )
>>-{
>>- CHAR16 *TmpStr;
>>- UINTN StrLength;
>>-
>>- ASSERT (Source1 != NULL);
>>- ASSERT (Source2 != NULL);
>>-
>>- if (*Source1 == NULL) {
>>- StrLength = StrSize (Source2);
>>- } else {
>>- StrLength = StrSize (*Source1);
>>- StrLength += StrSize (Source2) - 2;
>>- }
>>-
>>- TmpStr = AllocateZeroPool (StrLength);
>>- ASSERT (TmpStr != NULL);
>>-
>>- if (*Source1 == NULL) {
>>- StrCpyS (TmpStr, StrLength / sizeof (CHAR16), Source2);
>>- } else {
>>- StrCpyS (TmpStr, StrLength / sizeof (CHAR16), *Source1);
>>- FreePool (*Source1);
>>- StrCatS (TmpStr, StrLength / sizeof (CHAR16),Source2);
>>- }
>>-
>>- *Source1 = TmpStr;
>>-}
>>-
>>-
>>-/**
>>- Convert the identity policy to a unicode string and update the Hii database
>>- IpStringId string with it.
>>-
>>- @param[in] Ip Points to identity policy.
>>- @param[in] IpLen The identity policy length.
>>- @param[in] IpStringId String ID in the HII database to be replaced.
>>-
>>-**/
>>-VOID
>>-ResolveIdentityPolicy (
>>- IN UINT8 *Ip,
>>- IN UINTN IpLen,
>>- IN EFI_STRING_ID IpStringId
>>- )
>>-{
>>- CHAR16 *TmpStr;
>>- UINTN ChkLen;
>>- EFI_USER_INFO_IDENTITY_POLICY *Identity;
>>- UINT16 Index;
>>- CHAR16 *ProvStr;
>>- EFI_STRING_ID ProvId;
>>- EFI_HII_HANDLE HiiHandle;
>>- EFI_USER_CREDENTIAL2_PROTOCOL *UserCredential;
>>-
>>- TmpStr = NULL;
>>-
>>- //
>>- // Resolve each policy.
>>- //
>>- ChkLen = 0;
>>- while (ChkLen < IpLen) {
>>- Identity = (EFI_USER_INFO_IDENTITY_POLICY *) (Ip + ChkLen);
>>- switch (Identity->Type) {
>>- case EFI_USER_INFO_IDENTITY_FALSE:
>>- AddStr (&TmpStr, L"False");
>>- break;
>>-
>>- case EFI_USER_INFO_IDENTITY_TRUE:
>>- AddStr (&TmpStr, L"None");
>>- break;
>>-
>>- case EFI_USER_INFO_IDENTITY_NOT:
>>- AddStr (&TmpStr, L"! ");
>>- break;
>>-
>>- case EFI_USER_INFO_IDENTITY_AND:
>>- AddStr (&TmpStr, L" && ");
>>- break;
>>-
>>- case EFI_USER_INFO_IDENTITY_OR:
>>- AddStr (&TmpStr, L" || ");
>>- break;
>>-
>>- case EFI_USER_INFO_IDENTITY_CREDENTIAL_TYPE:
>>- for (Index = 0; Index < mProviderInfo->Count; Index++) {
>>- UserCredential = mProviderInfo->Provider[Index];
>>- if (CompareGuid ((EFI_GUID *) (Identity + 1), &UserCredential->Type))
>{
>>- UserCredential->Title (
>>- UserCredential,
>>- &HiiHandle,
>>- &ProvId
>>- );
>>- ProvStr = HiiGetString (HiiHandle, ProvId, NULL);
>>- if (ProvStr != NULL) {
>>- AddStr (&TmpStr, ProvStr);
>>- FreePool (ProvStr);
>>- }
>>- break;
>>- }
>>- }
>>- break;
>>-
>>- case EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER:
>>- for (Index = 0; Index < mProviderInfo->Count; Index++) {
>>- UserCredential = mProviderInfo->Provider[Index];
>>- if (CompareGuid ((EFI_GUID *) (Identity + 1), &UserCredential-
>>>Identifier)) {
>>- UserCredential->Title (
>>- UserCredential,
>>- &HiiHandle,
>>- &ProvId
>>- );
>>- ProvStr = HiiGetString (HiiHandle, ProvId, NULL);
>>- if (ProvStr != NULL) {
>>- AddStr (&TmpStr, ProvStr);
>>- FreePool (ProvStr);
>>- }
>>- break;
>>- }
>>- }
>>- break;
>>- }
>>-
>>- ChkLen += Identity->Length;
>>- }
>>-
>>- if (TmpStr != NULL) {
>>- HiiSetString (mCallbackInfo->HiiHandle, IpStringId, TmpStr, NULL);
>>- FreePool (TmpStr);
>>- }
>>-}
>>-
>>-
>>-/**
>>- Display modify user information form.
>>-
>>- This form displays, username, create Date, usage date, usage count,
>identity
>>policy,
>>- and access policy.
>>-
>>- @param[in] UserIndex The index of the user in display list to modify.
>>-
>>-**/
>>-VOID
>>-ModifyUserInfo (
>>- IN UINT8 UserIndex
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_USER_PROFILE_HANDLE CurrentUser;
>>- UINT32 CurrentAccessRight;
>>- VOID *StartOpCodeHandle;
>>- VOID *EndOpCodeHandle;
>>- EFI_IFR_GUID_LABEL *StartLabel;
>>- EFI_IFR_GUID_LABEL *EndLabel;
>>-
>>- //
>>- // Initialize the container for dynamic opcodes.
>>- //
>>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>>- ASSERT (StartOpCodeHandle != NULL);
>>-
>>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>>- ASSERT (EndOpCodeHandle != NULL);
>>-
>>- //
>>- // Create Hii Extend Label OpCode.
>>- //
>>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>>- StartOpCodeHandle,
>>- &gEfiIfrTianoGuid,
>>- NULL,
>>- sizeof (EFI_IFR_GUID_LABEL)
>>- );
>>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>>- StartLabel->Number = LABEL_USER_INFO_FUNC;
>>-
>>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>>- EndOpCodeHandle,
>>- &gEfiIfrTianoGuid,
>>- NULL,
>>- sizeof (EFI_IFR_GUID_LABEL)
>>- );
>>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>>- EndLabel->Number = LABEL_END;
>>-
>>- //
>>- // Find the user profile to be modified.
>>- //
>>- mModifyUser = NULL;
>>- Status = mUserManager->GetNext (mUserManager, &mModifyUser);
>>- if (EFI_ERROR (Status)) {
>>- return ;
>>- }
>>-
>>- while (UserIndex > 1) {
>>- Status = mUserManager->GetNext (mUserManager, &mModifyUser);
>>- if (EFI_ERROR (Status)) {
>>- return ;
>>- }
>>- UserIndex--;
>>- }
>>-
>>- //
>>- // Get user profile information.
>>- //
>>- GetAllUserInfo ();
>>-
>>- //
>>- // Update user name.
>>- HiiSetString (
>>- mCallbackInfo->HiiHandle,
>>- STRING_TOKEN (STR_USER_NAME_VAL),
>>- mUserInfo.UserName,
>>- NULL
>>- );
>>-
>>- //
>>- // Update create date.
>>- //
>>- if (mUserInfo.CreateDateExist) {
>>- ResolveDate (&mUserInfo.CreateDate, STRING_TOKEN
>>(STR_CREATE_DATE_VAL));
>>- } else {
>>- HiiSetString (
>>- mCallbackInfo->HiiHandle,
>>- STRING_TOKEN (STR_CREATE_DATE_VAL),
>>- L"",
>>- NULL
>>- );
>>- }
>>-
>>- //
>>- // Add usage date.
>>- //
>>- if (mUserInfo.UsageDateExist) {
>>- ResolveDate (&mUserInfo.UsageDate, STRING_TOKEN
>>(STR_USAGE_DATE_VAL));
>>- } else {
>>- HiiSetString (
>>- mCallbackInfo->HiiHandle,
>>- STRING_TOKEN (STR_USAGE_DATE_VAL),
>>- L"",
>>- NULL
>>- );
>>- }
>>-
>>- //
>>- // Add usage count.
>>- //
>>- ResolveCount ((UINT32) mUserInfo.UsageCount, STRING_TOKEN
>>(STR_USAGE_COUNT_VAL));
>>-
>>- //
>>- // Add identity policy.
>>- //
>>- mUserManager->Current (mUserManager, &CurrentUser);
>>- if (mModifyUser == CurrentUser) {
>>- ResolveIdentityPolicy (
>>- mUserInfo.IdentityPolicy,
>>- mUserInfo.IdentityPolicyLen,
>>- STRING_TOKEN (STR_IDENTIFY_POLICY_VAL)
>>- );
>>- HiiCreateGotoOpCode (
>>- StartOpCodeHandle, // Container for opcodes
>>- FORMID_MODIFY_IP, // Target Form ID
>>- STRING_TOKEN (STR_IDENTIFY_POLICY), // Prompt text
>>- STRING_TOKEN (STR_IDENTIFY_POLICY_VAL), // Help text
>>- EFI_IFR_FLAG_CALLBACK, // Question flag
>>- KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_IP // Question
>>ID
>>- );
>>- }
>>-
>>- //
>>- // Add access policy.
>>- //
>>- Status = GetAccessRight (&CurrentAccessRight);
>>- if (EFI_ERROR (Status)) {
>>- CurrentAccessRight = EFI_USER_INFO_ACCESS_ENROLL_SELF;
>>- }
>>-
>>- if (CurrentAccessRight == EFI_USER_INFO_ACCESS_MANAGE) {
>>- HiiCreateGotoOpCode (
>>- StartOpCodeHandle, // Container for opcodes
>>- FORMID_MODIFY_AP, // Target Form ID
>>- STRING_TOKEN (STR_ACCESS_POLICY), // Prompt text
>>- STRING_TOKEN (STR_NULL_STRING), // Help text
>>- EFI_IFR_FLAG_CALLBACK, // Question flag
>>- KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_AP // Question
>>ID
>>- );
>>- }
>>-
>>- HiiUpdateForm (
>>- mCallbackInfo->HiiHandle, // HII handle
>>- &gUserProfileManagerGuid, // Formset GUID
>>- FORMID_USER_INFO, // Form ID
>>- StartOpCodeHandle, // Label
>>- EndOpCodeHandle // Replace data
>>- );
>>-
>>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>>-}
>>-
>>-
>>-/**
>>- Get all the access policy info from current user info, and save in the global
>>- variable.
>>-
>>-**/
>>-VOID
>>-ResolveAccessPolicy (
>>- VOID
>>- )
>>-{
>>- UINTN OffSet;
>>- EFI_USER_INFO_ACCESS_CONTROL Control;
>>- UINTN ValLen;
>>- UINT8 *AccessData;
>>-
>>- //
>>- // Set default value
>>- //
>>- mAccessInfo.AccessRight = EFI_USER_INFO_ACCESS_ENROLL_SELF;
>>- mAccessInfo.AccessSetup = ACCESS_SETUP_RESTRICTED;
>>- mAccessInfo.AccessBootOrder =
>>EFI_USER_INFO_ACCESS_BOOT_ORDER_INSERT;
>>-
>>- mAccessInfo.LoadPermitLen = 0;
>>- mAccessInfo.LoadForbidLen = 0;
>>- mAccessInfo.ConnectPermitLen = 0;
>>- mAccessInfo.ConnectForbidLen = 0;
>>-
>>- //
>>- // Get each user access policy.
>>- //
>>- OffSet = 0;
>>- while (OffSet < mUserInfo.AccessPolicyLen) {
>>- CopyMem (&Control, mUserInfo.AccessPolicy + OffSet, sizeof (Control));
>>- ValLen = Control.Size - sizeof (Control);
>>- switch (Control.Type) {
>>- case EFI_USER_INFO_ACCESS_ENROLL_SELF:
>>- mAccessInfo.AccessRight = EFI_USER_INFO_ACCESS_ENROLL_SELF;
>>- break;
>>-
>>- case EFI_USER_INFO_ACCESS_ENROLL_OTHERS:
>>- mAccessInfo.AccessRight = EFI_USER_INFO_ACCESS_ENROLL_OTHERS;
>>- break;
>>-
>>- case EFI_USER_INFO_ACCESS_MANAGE:
>>- mAccessInfo.AccessRight = EFI_USER_INFO_ACCESS_MANAGE;
>>- break;
>>-
>>- case EFI_USER_INFO_ACCESS_SETUP:
>>- AccessData = mUserInfo.AccessPolicy + OffSet + sizeof (Control);
>>- if (CompareGuid ((EFI_GUID *) AccessData,
>>&gEfiUserInfoAccessSetupNormalGuid)) {
>>- mAccessInfo.AccessSetup = ACCESS_SETUP_NORMAL;
>>- } else if (CompareGuid ((EFI_GUID *) AccessData,
>>&gEfiUserInfoAccessSetupRestrictedGuid)) {
>>- mAccessInfo.AccessSetup = ACCESS_SETUP_RESTRICTED;
>>- } else if (CompareGuid ((EFI_GUID *) AccessData,
>>&gEfiUserInfoAccessSetupAdminGuid)) {
>>- mAccessInfo.AccessSetup = ACCESS_SETUP_ADMIN;
>>- }
>>- break;
>>-
>>- case EFI_USER_INFO_ACCESS_BOOT_ORDER:
>>- AccessData = mUserInfo.AccessPolicy + OffSet + sizeof (Control);
>>- CopyMem (&mAccessInfo.AccessBootOrder, AccessData, sizeof
>(UINT32));
>>- break;
>>-
>>- case EFI_USER_INFO_ACCESS_FORBID_LOAD:
>>- if (mAccessInfo.LoadForbid != NULL) {
>>- FreePool (mAccessInfo.LoadForbid);
>>- }
>>-
>>- mAccessInfo.LoadForbid = AllocateZeroPool (ValLen);
>>- if (mAccessInfo.LoadForbid != NULL) {
>>- AccessData = mUserInfo.AccessPolicy + OffSet + sizeof (Control);
>>- CopyMem (mAccessInfo.LoadForbid, AccessData, ValLen);
>>- mAccessInfo.LoadForbidLen = ValLen;
>>- }
>>- break;
>>-
>>- case EFI_USER_INFO_ACCESS_PERMIT_LOAD:
>>- if (mAccessInfo.LoadPermit != NULL) {
>>- FreePool (mAccessInfo.LoadPermit);
>>- }
>>-
>>- mAccessInfo.LoadPermit = AllocateZeroPool (ValLen);
>>- if (mAccessInfo.LoadPermit != NULL) {
>>- AccessData = mUserInfo.AccessPolicy + OffSet + sizeof (Control);
>>- CopyMem (mAccessInfo.LoadPermit, AccessData, ValLen);
>>- mAccessInfo.LoadPermitLen = ValLen;
>>- }
>>- break;
>>-
>>- case EFI_USER_INFO_ACCESS_FORBID_CONNECT:
>>- if (mAccessInfo.ConnectForbid != NULL) {
>>- FreePool (mAccessInfo.ConnectForbid);
>>- }
>>-
>>- mAccessInfo.ConnectForbid = AllocateZeroPool (ValLen);
>>- if (mAccessInfo.ConnectForbid != NULL) {
>>- AccessData = mUserInfo.AccessPolicy + OffSet + sizeof (Control);
>>- CopyMem (mAccessInfo.ConnectForbid, AccessData, ValLen);
>>- mAccessInfo.ConnectForbidLen = ValLen;
>>- }
>>- break;
>>-
>>- case EFI_USER_INFO_ACCESS_PERMIT_CONNECT:
>>- if (mAccessInfo.ConnectPermit != NULL) {
>>- FreePool (mAccessInfo.ConnectPermit);
>>- }
>>-
>>- mAccessInfo.ConnectPermit = AllocateZeroPool (ValLen);
>>- if (mAccessInfo.ConnectPermit != NULL) {
>>- AccessData = mUserInfo.AccessPolicy + OffSet + sizeof (Control);
>>- CopyMem (mAccessInfo.ConnectPermit, AccessData, ValLen);
>>- mAccessInfo.ConnectPermitLen = ValLen;
>>- }
>>- break;
>>- }
>>-
>>- OffSet += Control.Size;
>>- }
>>-}
>>-
>>-
>>-/**
>>- Find the specified info in User profile by the InfoType.
>>-
>>- @param[in] User Handle of the user whose information will be
>>searched.
>>- @param[in] InfoType The user information type to find.
>>- @param[out] UserInfo Points to user information handle found.
>>-
>>- @retval EFI_SUCCESS Find the user information successfully.
>>- @retval Others Fail to find the user information.
>>-
>>-**/
>>-EFI_STATUS
>>-FindInfoByType (
>>- IN EFI_USER_PROFILE_HANDLE User,
>>- IN UINT8 InfoType,
>>- OUT EFI_USER_INFO_HANDLE *UserInfo
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_USER_INFO *Info;
>>- UINTN InfoSize;
>>- UINTN MemSize;
>>-
>>- if (UserInfo == NULL) {
>>- return EFI_INVALID_PARAMETER;
>>- }
>>-
>>- *UserInfo = NULL;
>>- //
>>- // Allocate user information memory.
>>- //
>>- MemSize = sizeof (EFI_USER_INFO) + 63;
>>- Info = AllocateZeroPool (MemSize);
>>- if (Info == NULL) {
>>- return EFI_OUT_OF_RESOURCES;
>>- }
>>-
>>- //
>>- // Get each user information.
>>- //
>>- while (TRUE) {
>>- Status = mUserManager->GetNextInfo (mUserManager, User, UserInfo);
>>- if (EFI_ERROR (Status)) {
>>- break;
>>- }
>>- //
>>- // Get information.
>>- //
>>- InfoSize = MemSize;
>>- Status = mUserManager->GetInfo (
>>- mUserManager,
>>- User,
>>- *UserInfo,
>>- Info,
>>- &InfoSize
>>- );
>>- if (Status == EFI_BUFFER_TOO_SMALL) {
>>- MemSize = InfoSize;
>>- FreePool (Info);
>>- Info = AllocateZeroPool (MemSize);
>>- if (Info == NULL) {
>>- return EFI_OUT_OF_RESOURCES;
>>- }
>>- Status = mUserManager->GetInfo (
>>- mUserManager,
>>- User,
>>- *UserInfo,
>>- Info,
>>- &InfoSize
>>- );
>>- }
>>- if (Status == EFI_SUCCESS) {
>>- if (Info->InfoType == InfoType) {
>>- break;
>>- }
>>- }
>>- }
>>-
>>- FreePool (Info);
>>- return Status;
>>-}
>>-
>>-
>>-/**
>>- Display modify user access policy form.
>>-
>>- In this form, access right, access setup and access boot order are
>dynamically
>>- added. Load devicepath and connect devicepath are displayed too.
>>-
>>-**/
>>-VOID
>>-ModidyAccessPolicy (
>>- VOID
>>- )
>>-{
>>- VOID *StartOpCodeHandle;
>>- VOID *EndOpCodeHandle;
>>- VOID *OptionsOpCodeHandle;
>>- EFI_IFR_GUID_LABEL *StartLabel;
>>- EFI_IFR_GUID_LABEL *EndLabel;
>>- VOID *DefaultOpCodeHandle;
>>-
>>- //
>>- // Initialize the container for dynamic opcodes.
>>- //
>>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>>- ASSERT (StartOpCodeHandle != NULL);
>>-
>>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>>- ASSERT (EndOpCodeHandle != NULL);
>>-
>>- //
>>- // Create Hii Extend Label OpCode.
>>- //
>>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>>- StartOpCodeHandle,
>>- &gEfiIfrTianoGuid,
>>- NULL,
>>- sizeof (EFI_IFR_GUID_LABEL)
>>- );
>>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>>- StartLabel->Number = LABEL_AP_MOD_FUNC;
>>-
>>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>>- EndOpCodeHandle,
>>- &gEfiIfrTianoGuid,
>>- NULL,
>>- sizeof (EFI_IFR_GUID_LABEL)
>>- );
>>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>>- EndLabel->Number = LABEL_END;
>>-
>>-
>>- //
>>- // Resolve access policy information.
>>- //
>>- ResolveAccessPolicy ();
>>-
>>- //
>>- // Add access right one-of-code.
>>- //
>>- OptionsOpCodeHandle = HiiAllocateOpCodeHandle ();
>>- ASSERT (OptionsOpCodeHandle != NULL);
>>- DefaultOpCodeHandle = HiiAllocateOpCodeHandle ();
>>- ASSERT (DefaultOpCodeHandle != NULL);
>>-
>>- HiiCreateOneOfOptionOpCode (
>>- OptionsOpCodeHandle,
>>- STRING_TOKEN (STR_NORMAL),
>>- 0,
>>- EFI_IFR_NUMERIC_SIZE_1,
>>- EFI_USER_INFO_ACCESS_ENROLL_SELF
>>- );
>>-
>>- HiiCreateOneOfOptionOpCode (
>>- OptionsOpCodeHandle,
>>- STRING_TOKEN (STR_ENROLL),
>>- 0,
>>- EFI_IFR_NUMERIC_SIZE_1,
>>- EFI_USER_INFO_ACCESS_ENROLL_OTHERS
>>- );
>>-
>>- HiiCreateOneOfOptionOpCode (
>>- OptionsOpCodeHandle,
>>- STRING_TOKEN (STR_MANAGE),
>>- 0,
>>- EFI_IFR_NUMERIC_SIZE_1,
>>- EFI_USER_INFO_ACCESS_MANAGE
>>- );
>>-
>>- HiiCreateDefaultOpCode (
>>- DefaultOpCodeHandle,
>>- EFI_HII_DEFAULT_CLASS_STANDARD,
>>- EFI_IFR_NUMERIC_SIZE_1,
>>- mAccessInfo.AccessRight
>>- );
>>-
>>- HiiCreateOneOfOpCode (
>>- StartOpCodeHandle, // Container for dynamic created opcodes
>>- KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_AP |
>>KEY_MODIFY_RIGHT, // Question ID
>>- 0, // VarStore ID
>>- 0, // Offset in Buffer Storage
>>- STRING_TOKEN (STR_ACCESS_RIGHT), // Question prompt text
>>- STRING_TOKEN (STR_ACCESS_RIGHT_HELP), // Question help text
>>- EFI_IFR_FLAG_CALLBACK, // Question flag
>>- EFI_IFR_NUMERIC_SIZE_1, // Data type of Question Value
>>- OptionsOpCodeHandle, // Option Opcode list
>>- DefaultOpCodeHandle // Default Opcode
>>- );
>>- HiiFreeOpCodeHandle (DefaultOpCodeHandle);
>>- HiiFreeOpCodeHandle (OptionsOpCodeHandle);
>>-
>>-
>>- //
>>- // Add setup type one-of-code.
>>- //
>>- OptionsOpCodeHandle = HiiAllocateOpCodeHandle ();
>>- ASSERT (OptionsOpCodeHandle != NULL);
>>- DefaultOpCodeHandle = HiiAllocateOpCodeHandle ();
>>- ASSERT (DefaultOpCodeHandle != NULL);
>>-
>>- HiiCreateOneOfOptionOpCode (
>>- OptionsOpCodeHandle,
>>- STRING_TOKEN (STR_RESTRICTED),
>>- 0,
>>- EFI_IFR_NUMERIC_SIZE_1,
>>- ACCESS_SETUP_RESTRICTED
>>- );
>>-
>>- HiiCreateOneOfOptionOpCode (
>>- OptionsOpCodeHandle,
>>- STRING_TOKEN (STR_NORMAL),
>>- 0,
>>- EFI_IFR_NUMERIC_SIZE_1,
>>- ACCESS_SETUP_NORMAL
>>- );
>>-
>>- HiiCreateOneOfOptionOpCode (
>>- OptionsOpCodeHandle,
>>- STRING_TOKEN (STR_ADMIN),
>>- 0,
>>- EFI_IFR_NUMERIC_SIZE_1,
>>- ACCESS_SETUP_ADMIN
>>- );
>>-
>>- HiiCreateDefaultOpCode (
>>- DefaultOpCodeHandle,
>>- EFI_HII_DEFAULT_CLASS_STANDARD,
>>- EFI_IFR_NUMERIC_SIZE_1,
>>- mAccessInfo.AccessSetup
>>- );
>>-
>>- HiiCreateOneOfOpCode (
>>- StartOpCodeHandle, // Container for dynamic created opcodes
>>- KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_AP |
>>KEY_MODIFY_SETUP, // Question ID
>>- 0, // VarStore ID
>>- 0, // Offset in Buffer Storage
>>- STRING_TOKEN (STR_ACCESS_SETUP), // Question prompt text
>>- STRING_TOKEN (STR_ACCESS_SETUP_HELP), // Question help text
>>- EFI_IFR_FLAG_CALLBACK, // Question flag
>>- EFI_IFR_NUMERIC_SIZE_1, // Data type of Question Value
>>- OptionsOpCodeHandle, // Option Opcode list
>>- DefaultOpCodeHandle // Default Opcode
>>- );
>>- HiiFreeOpCodeHandle (DefaultOpCodeHandle);
>>- HiiFreeOpCodeHandle (OptionsOpCodeHandle);
>>-
>>- //
>>- // Add boot order one-of-code.
>>- //
>>- OptionsOpCodeHandle = HiiAllocateOpCodeHandle ();
>>- ASSERT (OptionsOpCodeHandle != NULL);
>>- DefaultOpCodeHandle = HiiAllocateOpCodeHandle ();
>>- ASSERT (DefaultOpCodeHandle != NULL);
>>-
>>- HiiCreateOneOfOptionOpCode (
>>- OptionsOpCodeHandle,
>>- STRING_TOKEN (STR_INSERT),
>>- 0,
>>- EFI_IFR_NUMERIC_SIZE_4,
>>- EFI_USER_INFO_ACCESS_BOOT_ORDER_INSERT
>>- );
>>-
>>- HiiCreateOneOfOptionOpCode (
>>- OptionsOpCodeHandle,
>>- STRING_TOKEN (STR_APPEND),
>>- 0,
>>- EFI_IFR_NUMERIC_SIZE_4,
>>- EFI_USER_INFO_ACCESS_BOOT_ORDER_APPEND
>>- );
>>-
>>- HiiCreateOneOfOptionOpCode (
>>- OptionsOpCodeHandle,
>>- STRING_TOKEN (STR_REPLACE),
>>- 0,
>>- EFI_IFR_NUMERIC_SIZE_4,
>>- EFI_USER_INFO_ACCESS_BOOT_ORDER_REPLACE
>>- );
>>-
>>- HiiCreateOneOfOptionOpCode (
>>- OptionsOpCodeHandle,
>>- STRING_TOKEN (STR_NODEFAULT),
>>- 0,
>>- EFI_IFR_NUMERIC_SIZE_4,
>>- EFI_USER_INFO_ACCESS_BOOT_ORDER_NODEFAULT
>>- );
>>-
>>- HiiCreateDefaultOpCode (
>>- DefaultOpCodeHandle,
>>- EFI_HII_DEFAULT_CLASS_STANDARD,
>>- EFI_IFR_NUMERIC_SIZE_4,
>>- mAccessInfo.AccessBootOrder
>>- );
>>-
>>- HiiCreateOneOfOpCode (
>>- StartOpCodeHandle, // Container for dynamic created opcodes
>>- KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_AP |
>>KEY_MODIFY_BOOT, // Question ID
>>- 0, // VarStore ID
>>- 0, // Offset in Buffer Storage
>>- STRING_TOKEN (STR_BOOR_ORDER), // Question prompt text
>>- STRING_TOKEN (STR_BOOT_ORDER_HELP), // Question help text
>>- EFI_IFR_FLAG_CALLBACK, // Question flag
>>- EFI_IFR_NUMERIC_SIZE_1, // Data type of Question Value
>>- OptionsOpCodeHandle, // Option Opcode list
>>- DefaultOpCodeHandle // Default Opcode
>>- );
>>- HiiFreeOpCodeHandle (DefaultOpCodeHandle);
>>- HiiFreeOpCodeHandle (OptionsOpCodeHandle);
>>-
>>- //
>>- // Update Form.
>>- //
>>- HiiUpdateForm (
>>- mCallbackInfo->HiiHandle, // HII handle
>>- &gUserProfileManagerGuid, // Formset GUID
>>- FORMID_MODIFY_AP, // Form ID
>>- StartOpCodeHandle, // Label for where to insert opcodes
>>- EndOpCodeHandle // Replace data
>>- );
>>-
>>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>>-}
>>-
>>-
>>-/**
>>- Expand access policy memory size.
>>-
>>- @param[in] ValidLen The valid access policy length.
>>- @param[in] ExpandLen The length that is needed to expand.
>>-
>>-**/
>>-VOID
>>-ExpandMemory (
>>- IN UINTN ValidLen,
>>- IN UINTN ExpandLen
>>- )
>>-{
>>- UINT8 *Mem;
>>- UINTN Len;
>>-
>>- //
>>- // Expand memory.
>>- //
>>- Len = mUserInfo.AccessPolicyLen + (ExpandLen / 64 + 1) * 64;
>>- Mem = AllocateZeroPool (Len);
>>- ASSERT (Mem != NULL);
>>-
>>- if (mUserInfo.AccessPolicy != NULL) {
>>- CopyMem (Mem, mUserInfo.AccessPolicy, ValidLen);
>>- FreePool (mUserInfo.AccessPolicy);
>>- }
>>-
>>- mUserInfo.AccessPolicy = Mem;
>>- mUserInfo.AccessPolicyLen = Len;
>>-}
>>-
>>-
>>-/**
>>- Get the username from user input, and update username string in the Hii
>>- database with it.
>>-
>>-**/
>>-VOID
>>-ModifyUserName (
>>- VOID
>>- )
>>-{
>>- EFI_STATUS Status;
>>- CHAR16 UserName[USER_NAME_LENGTH];
>>- UINTN Len;
>>- EFI_INPUT_KEY Key;
>>- EFI_USER_INFO_HANDLE UserInfo;
>>- EFI_USER_INFO *Info;
>>- EFI_USER_PROFILE_HANDLE TempUser;
>>-
>>- //
>>- // Get the new user name.
>>- //
>>- Len = sizeof (UserName);
>>- Status = GetUserNameInput (&Len, UserName);
>>- if (EFI_ERROR (Status)) {
>>- if (Status != EFI_ABORTED) {
>>- CreatePopUp (
>>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>>- &Key,
>>- L"Failed To Get User Name.",
>>- L"",
>>- L"Please Press Any Key to Continue ...",
>>- NULL
>>- );
>>- }
>>- return ;
>>- }
>>-
>>- //
>>- // Check whether the username had been used or not.
>>- //
>>- Info = AllocateZeroPool (sizeof (EFI_USER_INFO) + Len);
>>- if (Info == NULL) {
>>- return ;
>>- }
>>-
>>- Info->InfoType = EFI_USER_INFO_NAME_RECORD;
>>- Info->InfoAttribs = EFI_USER_INFO_STORAGE_PLATFORM_NV |
>>- EFI_USER_INFO_PUBLIC |
>>- EFI_USER_INFO_EXCLUSIVE;
>>- Info->InfoSize = (UINT32) (sizeof (EFI_USER_INFO) + Len);
>>- CopyMem ((UINT8 *) (Info + 1), UserName, Len);
>>-
>>- TempUser = NULL;
>>- Status = mUserManager->Find (
>>- mUserManager,
>>- &TempUser,
>>- NULL,
>>- Info,
>>- Info->InfoSize
>>- );
>>- if (!EFI_ERROR (Status)) {
>>- CreatePopUp (
>>- EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
>>- &Key,
>>- L"The User Name Had Been Used.",
>>- L"",
>>- L"Please Use Other User Name",
>>- NULL
>>- );
>>- FreePool (Info);
>>- return ;
>>- }
>>-
>>- //
>>- // Update username display in the form.
>>- //
>>- CopyMem (mUserInfo.UserName, UserName, Len);
>>- HiiSetString (
>>- mCallbackInfo->HiiHandle,
>>- STRING_TOKEN (STR_USER_NAME_VAL),
>>- mUserInfo.UserName,
>>- NULL
>>- );
>>-
>>- //
>>- // Save the user name.
>>- //
>>- Status = FindInfoByType (mModifyUser, EFI_USER_INFO_NAME_RECORD,
>>&UserInfo);
>>- if (!EFI_ERROR (Status)) {
>>- mUserManager->SetInfo (
>>- mUserManager,
>>- mModifyUser,
>>- &UserInfo,
>>- Info,
>>- Info->InfoSize
>>- );
>>- }
>>- FreePool (Info);
>>-}
>>-
>>-
>>-/**
>>- Display the form of the modifying user identity policy.
>>-
>>-**/
>>-VOID
>>-ModifyIdentityPolicy (
>>- VOID
>>- )
>>-{
>>- UINTN Index;
>>- CHAR16 *ProvStr;
>>- EFI_STRING_ID ProvID;
>>- EFI_HII_HANDLE HiiHandle;
>>- VOID *OptionsOpCodeHandle;
>>- VOID *StartOpCodeHandle;
>>- VOID *EndOpCodeHandle;
>>- EFI_IFR_GUID_LABEL *StartLabel;
>>- EFI_IFR_GUID_LABEL *EndLabel;
>>-
>>- //
>>- // Initialize the container for dynamic opcodes.
>>- //
>>- StartOpCodeHandle = HiiAllocateOpCodeHandle ();
>>- ASSERT (StartOpCodeHandle != NULL);
>>-
>>- EndOpCodeHandle = HiiAllocateOpCodeHandle ();
>>- ASSERT (EndOpCodeHandle != NULL);
>>-
>>- //
>>- // Create Hii Extend Label OpCode.
>>- //
>>- StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>>- StartOpCodeHandle,
>>- &gEfiIfrTianoGuid,
>>- NULL,
>>- sizeof (EFI_IFR_GUID_LABEL)
>>- );
>>- StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>>- StartLabel->Number = LABEL_IP_MOD_FUNC;
>>-
>>- EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (
>>- EndOpCodeHandle,
>>- &gEfiIfrTianoGuid,
>>- NULL,
>>- sizeof (EFI_IFR_GUID_LABEL)
>>- );
>>- EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
>>- EndLabel->Number = LABEL_END;
>>-
>>- //
>>- // Add credential providers
>>- //.
>>- if (mProviderInfo->Count > 0) {
>>- OptionsOpCodeHandle = HiiAllocateOpCodeHandle ();
>>- ASSERT (OptionsOpCodeHandle != NULL);
>>-
>>- //
>>- // Add credential provider Option OpCode.
>>- //
>>- for (Index = 0; Index < mProviderInfo->Count; Index++) {
>>- mProviderInfo->Provider[Index]->Title (
>>- mProviderInfo->Provider[Index],
>>- &HiiHandle,
>>- &ProvID
>>- );
>>- ProvStr = HiiGetString (HiiHandle, ProvID, NULL);
>>- ProvID = HiiSetString (mCallbackInfo->HiiHandle, 0, ProvStr, NULL);
>>- FreePool (ProvStr);
>>- if (ProvID == 0) {
>>- return ;
>>- }
>>-
>>- HiiCreateOneOfOptionOpCode (
>>- OptionsOpCodeHandle,
>>- ProvID,
>>- 0,
>>- EFI_IFR_NUMERIC_SIZE_1,
>>- (UINT8) Index
>>- );
>>- }
>>-
>>- HiiCreateOneOfOpCode (
>>- StartOpCodeHandle, // Container for dynamic created opcodes
>>- KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_IP |
>>KEY_MODIFY_PROV, // Question ID
>>- 0, // VarStore ID
>>- 0, // Offset in Buffer Storage
>>- STRING_TOKEN (STR_PROVIDER), // Question prompt text
>>- STRING_TOKEN (STR_PROVIDER_HELP), // Question help text
>>- EFI_IFR_FLAG_CALLBACK, // Question flag
>>- EFI_IFR_NUMERIC_SIZE_1, // Data type of Question Value
>>- OptionsOpCodeHandle, // Option Opcode list
>>- NULL // Default Opcode is NULl
>>- );
>>-
>>- HiiFreeOpCodeHandle (OptionsOpCodeHandle);
>>- }
>>-
>>- //
>>- // Add logical connector Option OpCode.
>>- //
>>- OptionsOpCodeHandle = HiiAllocateOpCodeHandle ();
>>- ASSERT (OptionsOpCodeHandle != NULL);
>>-
>>- HiiCreateOneOfOptionOpCode (
>>- OptionsOpCodeHandle,
>>- STRING_TOKEN (STR_AND_CON),
>>- 0,
>>- EFI_IFR_NUMERIC_SIZE_1,
>>- 0
>>- );
>>-
>>- HiiCreateOneOfOptionOpCode (
>>- OptionsOpCodeHandle,
>>- STRING_TOKEN (STR_OR_CON),
>>- 0,
>>- EFI_IFR_NUMERIC_SIZE_1,
>>- 1
>>- );
>>-
>>- HiiCreateOneOfOpCode (
>>- StartOpCodeHandle, // Container for dynamic created opcodes
>>- KEY_MODIFY_USER | KEY_SELECT_USER | KEY_MODIFY_IP |
>>KEY_MODIFY_CONN, // Question ID
>>- 0, // VarStore ID
>>- 0, // Offset in Buffer Storage
>>- STRING_TOKEN (STR_CONNECTOR), // Question prompt text
>>- STRING_TOKEN (STR_CONNECTOR_HELP), // Question help text
>>- EFI_IFR_FLAG_CALLBACK, // Question flag
>>- EFI_IFR_NUMERIC_SIZE_1, // Data type of Question Value
>>- OptionsOpCodeHandle, // Option Opcode list
>>- NULL // Default Opcode is NULl
>>- );
>>-
>>- HiiFreeOpCodeHandle (OptionsOpCodeHandle);
>>-
>>- //
>>- // Update identity policy in the form.
>>- //
>>- ResolveIdentityPolicy (
>>- mUserInfo.IdentityPolicy,
>>- mUserInfo.IdentityPolicyLen,
>>- STRING_TOKEN (STR_IDENTIFY_POLICY_VALUE)
>>- );
>>-
>>- if (mUserInfo.NewIdentityPolicy != NULL) {
>>- FreePool (mUserInfo.NewIdentityPolicy);
>>- mUserInfo.NewIdentityPolicy = NULL;
>>- mUserInfo.NewIdentityPolicyLen = 0;
>>- mUserInfo.NewIdentityPolicyModified = FALSE;
>>- }
>>- mProviderChoice = 0;
>>- mConncetLogical = 0;
>>-
>>- HiiUpdateForm (
>>- mCallbackInfo->HiiHandle, // HII handle
>>- &gUserProfileManagerGuid, // Formset GUID
>>- FORMID_MODIFY_IP, // Form ID
>>- StartOpCodeHandle, // Label for where to insert opcodes
>>- EndOpCodeHandle // Replace data
>>- );
>>-
>>- HiiFreeOpCodeHandle (StartOpCodeHandle);
>>- HiiFreeOpCodeHandle (EndOpCodeHandle);
>>-}
>>-
>>-
>>-/**
>>- Get current user's access right.
>>-
>>- @param[out] AccessRight Points to the buffer used for user's access right.
>>-
>>- @retval EFI_SUCCESS Get current user access right successfully.
>>- @retval others Fail to get current user access right.
>>-
>>-**/
>>-EFI_STATUS
>>-GetAccessRight (
>>- OUT UINT32 *AccessRight
>>- )
>>-{
>>- EFI_STATUS Status;
>>- EFI_USER_INFO_HANDLE UserInfo;
>>- EFI_USER_INFO *Info;
>>- UINTN InfoSize;
>>- UINTN MemSize;
>>- EFI_USER_INFO_ACCESS_CONTROL Access;
>>- EFI_USER_PROFILE_HANDLE CurrentUser;
>>- UINTN TotalLen;
>>- UINTN CheckLen;
>>-
>>- //
>>- // Allocate user information memory.
>>- //
>>- MemSize = sizeof (EFI_USER_INFO) + 63;
>>- Info = AllocateZeroPool (MemSize);
>>- if (Info == NULL) {
>>- return EFI_OUT_OF_RESOURCES;
>>- }
>>-
>>- //
>>- // Get user access information.
>>- //
>>- UserInfo = NULL;
>>- mUserManager->Current (mUserManager, &CurrentUser);
>>- while (TRUE) {
>>- InfoSize = MemSize;
>>- //
>>- // Get next user information.
>>- //
>>- Status = mUserManager->GetNextInfo (mUserManager, CurrentUser,
>>&UserInfo);
>>- if (EFI_ERROR (Status)) {
>>- break;
>>- }
>>-
>>- Status = mUserManager->GetInfo (
>>- mUserManager,
>>- CurrentUser,
>>- UserInfo,
>>- Info,
>>- &InfoSize
>>- );
>>- if (Status == EFI_BUFFER_TOO_SMALL) {
>>- MemSize = InfoSize;
>>- FreePool (Info);
>>- Info = AllocateZeroPool (MemSize);
>>- if (Info == NULL) {
>>- return EFI_OUT_OF_RESOURCES;
>>- }
>>- Status = mUserManager->GetInfo (
>>- mUserManager,
>>- CurrentUser,
>>- UserInfo,
>>- Info,
>>- &InfoSize
>>- );
>>- }
>>- if (EFI_ERROR (Status)) {
>>- break;
>>- }
>>-
>>- //
>>- // Check user information.
>>- //
>>- if (Info->InfoType == EFI_USER_INFO_ACCESS_POLICY_RECORD) {
>>- TotalLen = Info->InfoSize - sizeof (EFI_USER_INFO);
>>- CheckLen = 0;
>>- //
>>- // Get specified access information.
>>- //
>>- while (CheckLen < TotalLen) {
>>- CopyMem (&Access, (UINT8 *) (Info + 1) + CheckLen, sizeof (Access));
>>- if ((Access.Type == EFI_USER_INFO_ACCESS_ENROLL_SELF) ||
>>- (Access.Type == EFI_USER_INFO_ACCESS_ENROLL_OTHERS) ||
>>- (Access.Type == EFI_USER_INFO_ACCESS_MANAGE)
>>- ) {
>>- *AccessRight = Access.Type;
>>- FreePool (Info);
>>- return EFI_SUCCESS;
>>- }
>>- CheckLen += Access.Size;
>>- }
>>- }
>>- }
>>- FreePool (Info);
>>- return EFI_NOT_FOUND;
>>-}
>>-
>>--
>>2.16.2.windows.1
>>
>>_______________________________________________
>>edk2-devel mailing list
>>edk2-devel@lists.01.org
>>https://lists.01.org/mailman/listinfo/edk2-devel
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2019-01-09 2:17 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-01-09 1:09 [PATCH] SecurityPkg: Remove code under UserIdentification folder chenche4
2019-01-09 1:38 ` Gao, Liming
2019-01-09 1:54 ` Chen, Chen A
2019-01-09 2:17 ` Gao, Liming
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox