1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
|
/** @file
The function declaration of policy entry operation in IpSecConfig application.
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php.
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef _POLICY_ENTRY_OPERATION_H_
#define _POLICY_ENTRY_OPERATION_H_
#define LOCAL BIT(0)
#define REMOTE BIT(1)
#define PROTO BIT(2)
#define LOCAL_PORT BIT(3)
#define REMOTE_PORT BIT(4)
#define ICMP_TYPE BIT(5)
#define ICMP_CODE BIT(6)
#define NAME BIT(7)
#define PACKET_FLAG BIT(8)
#define ACTION BIT(9)
#define EXT_SEQUENCE BIT(10)
#define SEQUENCE_OVERFLOW BIT(11)
#define FRAGMENT_CHECK BIT(12)
#define LIFEBYTE BIT(13)
#define LIFETIME_SOFT BIT(14)
#define LIFETIME BIT(15)
#define MODE BIT(16)
#define TUNNEL_LOCAL BIT(17)
#define TUNNEL_REMOTE BIT(18)
#define DONT_FRAGMENT BIT(19)
#define IPSEC_PROTO BIT(20)
#define AUTH_ALGO BIT(21)
#define ENCRYPT_ALGO BIT(22)
#define SPI BIT(23)
#define DEST BIT(24)
#define SEQUENCE_NUMBER BIT(25)
#define ANTIREPLAY_WINDOW BIT(26)
#define AUTH_KEY BIT(27)
#define ENCRYPT_KEY BIT(28)
#define PATH_MTU BIT(29)
#define PEER_ID BIT(0)
#define PEER_ADDRESS BIT(1)
#define AUTH_PROTO BIT(2)
#define AUTH_METHOD BIT(3)
#define IKE_ID BIT(4)
#define AUTH_DATA BIT(5)
#define REVOCATION_DATA BIT(6)
typedef struct {
EFI_IPSEC_CONFIG_DATA_TYPE DataType;
EFI_IPSEC_CONFIG_SELECTOR *Selector; // Data to be inserted.
VOID *Data;
UINT32 Mask;
POLICY_ENTRY_INDEXER Indexer;
EFI_STATUS Status; // Indicate whether insertion succeeds.
} EDIT_POLICY_ENTRY_CONTEXT;
typedef struct {
EFI_IPSEC_CONFIG_DATA_TYPE DataType;
EFI_IPSEC_CONFIG_SELECTOR *Selector; // Data to be inserted.
VOID *Data;
POLICY_ENTRY_INDEXER Indexer;
EFI_STATUS Status; // Indicate whether insertion succeeds.
} INSERT_POLICY_ENTRY_CONTEXT;
/**
The prototype for the CreateSpdEntry()/CreateSadEntry()/CreatePadEntry().
Fill in EFI_IPSEC_CONFIG_SELECTOR and corresponding data thru ParamPackage list.
@param[out] Selector The pointer to the EFI_IPSEC_CONFIG_SELECTOR union.
@param[out] Data The pointer to corresponding data.
@param[in] ParamPackage The pointer to the ParamPackage list.
@param[out] Mask The pointer to the Mask.
@param[in] CreateNew The switch to create new.
@retval EFI_SUCCESS Filled in EFI_IPSEC_CONFIG_SELECTOR and corresponding data successfully.
@retval EFI_INVALID_PARAMETER Invalid user input parameter.
**/
typedef
EFI_STATUS
(*CREATE_POLICY_ENTRY) (
OUT EFI_IPSEC_CONFIG_SELECTOR **Selector,
OUT VOID **Data,
IN LIST_ENTRY *ParamPackage,
OUT UINT32 *Mask,
IN BOOLEAN CreateNew
);
/**
The prototype for the CombineSpdEntry()/CombineSadEntry()/CombinePadEntry().
Combine old SPD/SAD/PAD entry with new SPD/SAD/PAD entry.
@param[in, out] OldSelector The pointer to the old EFI_IPSEC_CONFIG_SELECTOR union.
@param[in, out] OldData The pointer to the corresponding old data.
@param[in] NewSelector The pointer to the new EFI_IPSEC_CONFIG_SELECTOR union.
@param[in] NewData The pointer to the corresponding new data.
@param[in] Mask The pointer to the Mask.
@param[out] CreateNew The switch to create new.
@retval EFI_SUCCESS Combined successfully.
@retval EFI_INVALID_PARAMETER Invalid user input parameter.
**/
typedef
EFI_STATUS
(* COMBINE_POLICY_ENTRY) (
EFI_IPSEC_CONFIG_SELECTOR *OldSelector,
VOID *OldData,
EFI_IPSEC_CONFIG_SELECTOR *NewSelector,
VOID *NewData,
UINT32 Mask,
BOOLEAN *CreateNew
);
/**
Insert or add entry information in database according to datatype.
@param[in] DataType The value of EFI_IPSEC_CONFIG_DATA_TYPE.
@param[in] ParamPackage The pointer to the ParamPackage list.
@retval EFI_SUCCESS Insert or add entry information successfully.
@retval EFI_NOT_FOUND Can't find the specified entry.
@retval EFI_BUFFER_TOO_SMALL The entry already existed.
@retval EFI_UNSUPPORTED The operation is not supported./
@retval Others Some mistaken case.
**/
EFI_STATUS
AddOrInsertPolicyEntry (
IN EFI_IPSEC_CONFIG_DATA_TYPE DataType,
IN LIST_ENTRY *ParamPackage
);
/**
Edit entry information in the database according to datatype.
@param[in] DataType The value of EFI_IPSEC_CONFIG_DATA_TYPE.
@param[in] ParamPackage The pointer to the ParamPackage list.
@retval EFI_SUCCESS Edit entry information successfully.
@retval EFI_NOT_FOUND Can't find the specified entry.
@retval Others Some mistaken case.
**/
EFI_STATUS
EditPolicyEntry (
IN EFI_IPSEC_CONFIG_DATA_TYPE DataType,
IN LIST_ENTRY *ParamPackage
);
#endif
|