1 files changed, 387 insertions, 0 deletions
diff --git a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.h b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.h
new file mode 100644
index 0000000000..b7098dc7b6
--- /dev/null
+++ b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileManager.h
@@ -0,0 +1,387 @@
+/** @file
+  The header file for user profile manager driver.
+    
+Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials 
+are licensed and made available under the terms and conditions of the BSD License 
+which accompanies this distribution.  The full text of the license may be found at 
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, 
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#ifndef __EFI_USER_PROFILE_MANAGER_H__
+#define __EFI_USER_PROFILE_MANAGER_H__
+
+#include <Uefi.h>
+
+#include <Guid/GlobalVariable.h>
+#include <Guid/MdeModuleHii.h>
+
+#include <Protocol/HiiConfigAccess.h>
+#include <Protocol/DevicePathToText.h>
+#include <Protocol/UserCredential.h>
+#include <Protocol/UserManager.h>
+
+#include <Library/UefiRuntimeServicesTableLib.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/DevicePathLib.h>
+#include <Library/DebugLib.h>
+#include <Library/UefiLib.h>
+#include <Library/PrintLib.h>
+#include <Library/HiiLib.h>
+
+#include "UserProfileManagerData.h"
+
+#define  USER_NAME_LENGTH          17
+
+//
+// Credential Provider Information.
+//
+typedef struct {
+  UINTN                         Count;
+  EFI_USER_CREDENTIAL_PROTOCOL  *Provider[1];
+} CREDENTIAL_PROVIDER_INFO;
+
+//
+// User profile information structure.
+//
+typedef struct {
+  UINT64    UsageCount;
+  EFI_TIME  CreateDate;
+  EFI_TIME  UsageDate;
+  UINTN     AccessPolicyLen;
+  UINTN     IdentityPolicyLen;
+  UINTN     NewIdentityPolicyLen;    
+  UINT8     *AccessPolicy;
+  UINT8     *IdentityPolicy;
+  UINT8     *NewIdentityPolicy;
+  CHAR16    UserName[USER_NAME_LENGTH];
+  BOOLEAN   CreateDateExist;
+  BOOLEAN   UsageDateExist;
+  BOOLEAN   AccessPolicyModified;
+  BOOLEAN   IdentityPolicyModified;
+  BOOLEAN   NewIdentityPolicyModified;
+} USER_INFO;
+
+//
+// User access information structure.
+//
+typedef struct {
+  UINTN  LoadPermitLen;
+  UINTN  LoadForbidLen;
+  UINTN  ConnectPermitLen;
+  UINTN  ConnectForbidLen;
+  UINT8  *LoadPermit;
+  UINT8  *LoadForbid;
+  UINT8  *ConnectPermit;
+  UINT8  *ConnectForbid;
+  UINT32 AccessBootOrder;
+  UINT8  AccessRight;
+  UINT8  AccessSetup;
+} USER_INFO_ACCESS;
+
+#define USER_PROFILE_MANAGER_SIGNATURE  SIGNATURE_32 ('U', 'P', 'M', 'S')
+
+typedef struct {
+  UINTN                           Signature;
+  EFI_HANDLE                      DriverHandle;
+  EFI_HII_HANDLE                  HiiHandle;
+  EFI_HII_CONFIG_ACCESS_PROTOCOL  ConfigAccess;
+} USER_PROFILE_MANAGER_CALLBACK_INFO;
+
+//
+// HII specific Vendor Device Path definition.
+//
+typedef struct {
+  VENDOR_DEVICE_PATH        VendorDevicePath;
+  EFI_DEVICE_PATH_PROTOCOL  End;
+} HII_VENDOR_DEVICE_PATH;
+
+//
+// This is the generated IFR binary data for each formset defined in VFR.
+//
+extern UINT8                               UserProfileManagerVfrBin[];
+
+//
+// This is the generated String package data for .UNI file.
+//
+extern UINT8                               UserProfileManagerStrings[];
+
+//
+// Guid used in the form browse.
+//
+extern EFI_GUID                            mUserProfileManagerGuid;
+
+//
+// The user manager protocol, used in several function.
+//
+extern EFI_USER_MANAGER_PROTOCOL           *mUserManager;
+
+//
+// The credential providers database in system.
+//
+extern CREDENTIAL_PROVIDER_INFO            *mProviderInfo;
+
+//
+// The variables used to update identity policy.
+//
+extern UINT8                               mProviderChoice;
+extern UINT8                               mConncetLogical;
+
+//
+// The variables used to update access policy.
+//
+extern USER_INFO_ACCESS                    mAccessInfo;
+
+//
+// The user information used to record all data in UI.
+//
+extern USER_INFO                           mUserInfo;
+
+extern USER_PROFILE_MANAGER_CALLBACK_INFO  *mCallbackInfo;
+
+
+/**
+  Get string by string id from HII Interface.
+
+
+  @param[in] Id      String ID to get the string from.
+
+  @retval  CHAR16 *  String from ID.
+  @retval  NULL      If error occurs.
+
+**/
+CHAR16 *
+GetStringById (
+  IN EFI_STRING_ID             Id
+  );
+
+/**
+  Add a new user profile into the user profile database.
+
+**/
+VOID
+CallAddUser (
+  VOID
+  );
+
+/**
+  Display user select form; can select a user to modify.
+
+**/
+VOID
+SelectUserToModify  (
+  VOID
+  );
+
+/**
+  Display user select form, cab select a user to delete.
+
+**/
+VOID
+SelectUserToDelete (
+  VOID
+  );
+
+/**
+  Delete the user specified by UserIndex in user profile database.
+
+  @param[in]  UserIndex    The index of user in the user name list to be deleted.
+
+**/
+VOID
+DeleteUser (
+  IN UINT8                                      UserIndex
+  );
+
+/**
+  Add a username item in form.
+
+  @param[in]  User             Points to the user profile whose username is added. 
+  @param[in]  Index            The index of the user in the user name list.
+  @param[in]  OpCodeHandle     Points to container for dynamic created opcodes.
+
+**/
+VOID
+AddUserToForm (
+  IN  EFI_USER_PROFILE_HANDLE                   User,
+  IN  UINT16                                    Index,
+  IN  VOID                                      *OpCodeHandle
+  );
+
+/**
+  Display modify user information form
+
+  In this form, username, create Date, usage date, usage count, identity policy,
+  and access policy are displayed.
+
+  @param[in] UserIndex       The index of the user in display list to modify.
+  
+**/
+VOID
+ModifyUserInfo (
+  IN UINT8                                      UserIndex
+  );
+
+/**
+  Get the username from user input and update username string in Hii 
+  database with it.
+
+**/
+VOID
+ModifyUserName (
+  VOID
+  );
+
+/**
+  Display the form of modifying user identity policy.
+
+**/
+VOID
+ModifyIdentityPolicy (
+  VOID
+  );
+
+/**
+  Update the mUserInfo.NewIdentityPolicy and UI when 'add option' is pressed.
+
+**/
+VOID
+AddIdentityPolicyItem (
+  VOID
+  );
+
+/**
+  Save the identity policy and update UI with it.
+  
+  This funciton will verify the new identity policy, in current implementation, 
+  the identity policy can be:  T, P & P & P & ..., P | P | P | ...
+  Here, "T" means "True", "P" means "Credential Provider", "&" means "and", "|" means "or".
+  Other identity policies are not supported.  
+
+**/
+VOID
+SaveIdentityPolicy (
+  VOID
+  );
+
+/**
+  Display modify user access policy form
+
+  In this form, access right, access setu,p and access boot order are dynamically
+  added. Load devicepath and connect devicepath are displayed too.
+  
+**/
+VOID
+ModidyAccessPolicy (
+  VOID
+  );
+
+/**
+  Collect all the access policy data to mUserInfo.AccessPolicy, 
+  and save it to user profile.
+
+**/
+VOID
+SaveAccessPolicy (
+  VOID
+  );
+
+/**
+  Get current user's access rights.
+
+  @param[out]  AccessRight   Points to the buffer used for user's access rights.
+
+  @retval EFI_SUCCESS        Get current user access rights successfully.
+  @retval others             Fail to get current user access rights.
+
+**/
+EFI_STATUS
+GetAccessRight (
+  OUT  UINT32                                    *AccessRight
+  );
+
+/**
+  Display the permit load device path in the loadable device path list.
+
+**/
+VOID
+DisplayLoadPermit(
+  VOID
+  );
+
+/**
+  Display the forbid load device path list (mAccessInfo.LoadForbid).
+
+**/
+VOID
+DisplayLoadForbid (
+  VOID
+  );
+
+/**
+  Display the permit connect device path.
+
+**/
+VOID
+DisplayConnectPermit (
+  VOID
+  );
+
+/**
+  Display the forbid connect device path list.
+
+**/
+VOID
+DisplayConnectForbid (
+  VOID
+  );
+
+/**
+  Delete the specified device path by DriverIndex from the forbid device path 
+  list (mAccessInfo.LoadForbid).
+
+  @param[in]  DriverIndex   The index of driver in a forbidden device path list.
+  
+**/
+VOID
+DeleteFromForbidLoad (
+  IN  UINT16                                    DriverIndex
+  );
+  
+/**
+  Add the specified device path by DriverIndex to the forbid device path 
+  list (mAccessInfo.LoadForbid).
+
+  @param[in]  DriverIndex   The index of driver saved in driver options.
+  
+**/
+VOID
+AddToForbidLoad (
+  IN  UINT16                                    DriverIndex
+  );
+
+/**
+  Get user name from the popup windows.
+  
+  @param[in, out]  UserNameLen   On entry, point to the buffer lengh of UserName.
+                                 On exit, point to the input user name length.
+  @param[out]      UserName      The buffer to hold the input user name.
+ 
+  @retval EFI_ABORTED            It is given up by pressing 'ESC' key.
+  @retval EFI_NOT_READY          Not a valid input at all.
+  @retval EFI_SUCCESS            Get a user name successfully.
+
+**/
+EFI_STATUS
+GetUserNameInput (
+  IN OUT  UINTN         *UserNameLen,
+     OUT  CHAR16        *UserName
+  );
+  
+#endif