Ronak Kanabar | 1ae366f | 2023-06-07 01:21:56 +0530 | [diff] [blame^] | 1 | /** @file |
| 2 | UEFI User Manager Protocol definition. |
| 3 | |
| 4 | This protocol manages user profiles. |
| 5 | |
| 6 | Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR> |
| 7 | SPDX-License-Identifier: BSD-2-Clause-Patent |
| 8 | |
| 9 | **/ |
| 10 | |
| 11 | #ifndef __USER_MANAGER_H__ |
| 12 | #define __USER_MANAGER_H__ |
| 13 | |
| 14 | /// |
| 15 | /// Global ID for the User Manager Protocol |
| 16 | /// |
| 17 | #define EFI_USER_MANAGER_PROTOCOL_GUID \ |
| 18 | { \ |
| 19 | 0x6fd5b00c, 0xd426, 0x4283, { 0x98, 0x87, 0x6c, 0xf5, 0xcf, 0x1c, 0xb1, 0xfe } \ |
| 20 | } |
| 21 | |
| 22 | #define EFI_EVENT_GROUP_USER_PROFILE_CHANGED \ |
| 23 | { \ |
| 24 | 0xbaf1e6de, 0x209e, 0x4adb, { 0x8d, 0x96, 0xfd, 0x8b, 0x71, 0xf3, 0xf6, 0x83 } \ |
| 25 | } |
| 26 | |
| 27 | typedef VOID *EFI_USER_PROFILE_HANDLE; |
| 28 | typedef VOID *EFI_USER_INFO_HANDLE; |
| 29 | |
| 30 | /// |
| 31 | /// The attributes of the user profile information. |
| 32 | /// |
| 33 | typedef UINT16 EFI_USER_INFO_ATTRIBS; |
| 34 | #define EFI_USER_INFO_STORAGE 0x000F |
| 35 | #define EFI_USER_INFO_STORAGE_VOLATILE 0x0000 |
| 36 | #define EFI_USER_INFO_STORAGE_CREDENTIAL_NV 0x0001 |
| 37 | #define EFI_USER_INFO_STORAGE_PLATFORM_NV 0x0002 |
| 38 | |
| 39 | #define EFI_USER_INFO_ACCESS 0x0070 |
| 40 | #define EFI_USER_INFO_PUBLIC 0x0010 |
| 41 | #define EFI_USER_INFO_PRIVATE 0x0020 |
| 42 | #define EFI_USER_INFO_PROTECTED 0x0030 |
| 43 | #define EFI_USER_INFO_EXCLUSIVE 0x0080 |
| 44 | |
| 45 | /// |
| 46 | /// User information structure |
| 47 | /// |
| 48 | typedef struct { |
| 49 | /// |
| 50 | /// The user credential identifier associated with this user information or else Nil if the |
| 51 | /// information is not associated with any specific credential. |
| 52 | /// |
| 53 | EFI_GUID Credential; |
| 54 | /// |
| 55 | /// The type of user information. |
| 56 | /// |
| 57 | UINT8 InfoType; |
| 58 | /// |
| 59 | /// Must be set to 0. |
| 60 | /// |
| 61 | UINT8 Reserved1; |
| 62 | /// |
| 63 | /// The attributes of the user profile information. |
| 64 | /// |
| 65 | EFI_USER_INFO_ATTRIBS InfoAttribs; |
| 66 | /// |
| 67 | /// The size of the user information, in bytes, including this header. |
| 68 | /// |
| 69 | UINT32 InfoSize; |
| 70 | } EFI_USER_INFO; |
| 71 | |
| 72 | /// |
| 73 | /// User credential class GUIDs |
| 74 | /// |
| 75 | #define EFI_USER_CREDENTIAL_CLASS_UNKNOWN \ |
| 76 | { 0x5cf32e68, 0x7660, 0x449b, { 0x80, 0xe6, 0x7e, 0xa3, 0x6e, 0x3, 0xf6, 0xa8 } } |
| 77 | #define EFI_USER_CREDENTIAL_CLASS_PASSWORD \ |
| 78 | { 0xf8e5058c, 0xccb6, 0x4714, { 0xb2, 0x20, 0x3f, 0x7e, 0x3a, 0x64, 0xb, 0xd1 } } |
| 79 | #define EFI_USER_CREDENTIAL_CLASS_SMART_CARD \ |
| 80 | { 0x5f03ba33, 0x8c6b, 0x4c24, { 0xaa, 0x2e, 0x14, 0xa2, 0x65, 0x7b, 0xd4, 0x54 } } |
| 81 | #define EFI_USER_CREDENTIAL_CLASS_FINGERPRINT \ |
| 82 | { 0x32cba21f, 0xf308, 0x4cbc, { 0x9a, 0xb5, 0xf5, 0xa3, 0x69, 0x9f, 0x4, 0x4a } } |
| 83 | #define EFI_USER_CREDENTIAL_CLASS_HANDPRINT \ |
| 84 | { 0x5917ef16, 0xf723, 0x4bb9, { 0xa6, 0x4b, 0xd8, 0xc5, 0x32, 0xf4, 0xd8, 0xb5 } } |
| 85 | #define EFI_USER_CREDENTIAL_CLASS_SECURE_CARD \ |
| 86 | { 0x8a6b4a83, 0x42fe, 0x45d2, { 0xa2, 0xef, 0x46, 0xf0, 0x6c, 0x7d, 0x98, 0x52 } } |
| 87 | |
| 88 | typedef UINT64 EFI_CREDENTIAL_CAPABILITIES; |
| 89 | #define EFI_CREDENTIAL_CAPABILITIES_ENROLL 0x0000000000000001 |
| 90 | |
| 91 | /// |
| 92 | /// Credential logon flags |
| 93 | /// |
| 94 | typedef UINT32 EFI_CREDENTIAL_LOGON_FLAGS; |
| 95 | #define EFI_CREDENTIAL_LOGON_FLAG_AUTO 0x00000001 |
| 96 | #define EFI_CREDENTIAL_LOGON_FLAG_DEFAULT 0x00000002 |
| 97 | |
| 98 | /// |
| 99 | /// User information record types |
| 100 | /// |
| 101 | |
| 102 | /// |
| 103 | /// No information. |
| 104 | /// |
| 105 | #define EFI_USER_INFO_EMPTY_RECORD 0x00 |
| 106 | /// |
| 107 | /// Provide the user's name for the enrolled user. |
| 108 | /// |
| 109 | #define EFI_USER_INFO_NAME_RECORD 0x01 |
| 110 | typedef CHAR16 *EFI_USER_INFO_NAME; |
| 111 | /// |
| 112 | /// Provides the date and time when the user profile was created. |
| 113 | /// |
| 114 | #define EFI_USER_INFO_CREATE_DATE_RECORD 0x02 |
| 115 | typedef EFI_TIME EFI_USER_INFO_CREATE_DATE; |
| 116 | /// |
| 117 | /// Provides the date and time when the user profile was selected. |
| 118 | /// |
| 119 | #define EFI_USER_INFO_USAGE_DATE_RECORD 0x03 |
| 120 | typedef EFI_TIME EFI_USER_INFO_USAGE_DATE; |
| 121 | /// |
| 122 | /// Provides the number of times that the user profile has been selected. |
| 123 | /// |
| 124 | #define EFI_USER_INFO_USAGE_COUNT_RECORD 0x04 |
| 125 | typedef UINT64 EFI_USER_INFO_USAGE_COUNT; |
| 126 | /// |
| 127 | /// Provides a unique non-volatile user identifier for each enrolled user. |
| 128 | /// |
| 129 | #define EFI_USER_INFO_IDENTIFIER_RECORD 0x05 |
| 130 | typedef UINT8 EFI_USER_INFO_IDENTIFIER[16]; |
| 131 | /// |
| 132 | /// Specifies the type of a particular credential associated with the user profile. |
| 133 | /// |
| 134 | #define EFI_USER_INFO_CREDENTIAL_TYPE_RECORD 0x06 |
| 135 | typedef EFI_GUID EFI_USER_INFO_CREDENTIAL_TYPE; |
| 136 | /// |
| 137 | /// Specifies the user-readable name of a particular credential type. |
| 138 | /// |
| 139 | #define EFI_USER_INFO_CREDENTIAL_TYPE_NAME_RECORD 0x07 |
| 140 | typedef CHAR16 *EFI_USER_INFO_CREDENTIAL_TYPE_NAME; |
| 141 | /// |
| 142 | /// Specifies the credential provider. |
| 143 | /// |
| 144 | #define EFI_USER_INFO_CREDENTIAL_PROVIDER_RECORD 0x08 |
| 145 | typedef EFI_GUID EFI_USER_INFO_CREDENTIAL_PROVIDER; |
| 146 | /// |
| 147 | /// Specifies the user-readable name of a particular credential's provider. |
| 148 | /// |
| 149 | #define EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME_RECORD 0x09 |
| 150 | typedef CHAR16 *EFI_USER_INFO_CREDENTIAL_PROVIDER_NAME; |
| 151 | /// |
| 152 | /// Provides PKCS#11 credential information from a smart card. |
| 153 | /// |
| 154 | #define EFI_USER_INFO_PKCS11_RECORD 0x0A |
| 155 | /// |
| 156 | /// Provides standard biometric information in the format specified by the ISO 19785 (Common |
| 157 | /// Biometric Exchange Formats Framework) specification. |
| 158 | /// |
| 159 | #define EFI_USER_INFO_CBEFF_RECORD 0x0B |
| 160 | typedef VOID *EFI_USER_INFO_CBEFF; |
| 161 | /// |
| 162 | /// Indicates how close of a match the fingerprint must be in order to be considered a match. |
| 163 | /// |
| 164 | #define EFI_USER_INFO_FAR_RECORD 0x0C |
| 165 | typedef UINT8 EFI_USER_INFO_FAR; |
| 166 | /// |
| 167 | /// Indicates how many attempts the user has to with a particular credential before the system prevents |
| 168 | /// further attempts. |
| 169 | /// |
| 170 | #define EFI_USER_INFO_RETRY_RECORD 0x0D |
| 171 | typedef UINT8 EFI_USER_INFO_RETRY; |
| 172 | /// |
| 173 | /// Provides the user's pre-OS access rights. |
| 174 | /// |
| 175 | #define EFI_USER_INFO_ACCESS_POLICY_RECORD 0x0E |
| 176 | |
| 177 | typedef struct { |
| 178 | UINT32 Type; ///< Specifies the type of user access control. |
| 179 | UINT32 Size; ///< Specifies the size of the user access control record, in bytes, including this header. |
| 180 | } EFI_USER_INFO_ACCESS_CONTROL; |
| 181 | |
| 182 | typedef EFI_USER_INFO_ACCESS_CONTROL EFI_USER_INFO_ACCESS_POLICY; |
| 183 | |
| 184 | /// |
| 185 | /// User Information access types |
| 186 | /// |
| 187 | |
| 188 | /// |
| 189 | /// Forbids the user from booting or loading executables from the specified device path or any child |
| 190 | /// device paths. |
| 191 | /// |
| 192 | #define EFI_USER_INFO_ACCESS_FORBID_LOAD 0x00000001 |
| 193 | /// |
| 194 | /// Permits the user from booting or loading executables from the specified device path or any child |
| 195 | /// device paths. |
| 196 | /// Note: in-consistency between code and the UEFI 2.3 specification here. |
| 197 | /// The definition EFI_USER_INFO_ACCESS_PERMIT_BOOT in the specification should be typo and wait for |
| 198 | /// spec update. |
| 199 | /// |
| 200 | #define EFI_USER_INFO_ACCESS_PERMIT_LOAD 0x00000002 |
| 201 | /// |
| 202 | /// Presence of this record indicates that a user can update enrollment information. |
| 203 | /// |
| 204 | #define EFI_USER_INFO_ACCESS_ENROLL_SELF 0x00000003 |
| 205 | /// |
| 206 | /// Presence of this record indicates that a user can enroll new users. |
| 207 | /// |
| 208 | #define EFI_USER_INFO_ACCESS_ENROLL_OTHERS 0x00000004 |
| 209 | /// |
| 210 | /// Presence of this record indicates that a user can update the user information of any user. |
| 211 | /// |
| 212 | #define EFI_USER_INFO_ACCESS_MANAGE 0x00000005 |
| 213 | /// |
| 214 | /// Describes permissions usable when configuring the platform. |
| 215 | /// |
| 216 | #define EFI_USER_INFO_ACCESS_SETUP 0x00000006 |
| 217 | /// |
| 218 | /// Standard GUIDs for access to configure the platform. |
| 219 | /// |
| 220 | #define EFI_USER_INFO_ACCESS_SETUP_ADMIN_GUID \ |
| 221 | { 0x85b75607, 0xf7ce, 0x471e, { 0xb7, 0xe4, 0x2a, 0xea, 0x5f, 0x72, 0x32, 0xee } } |
| 222 | #define EFI_USER_INFO_ACCESS_SETUP_NORMAL_GUID \ |
| 223 | { 0x1db29ae0, 0x9dcb, 0x43bc, { 0x8d, 0x87, 0x5d, 0xa1, 0x49, 0x64, 0xdd, 0xe2 } } |
| 224 | #define EFI_USER_INFO_ACCESS_SETUP_RESTRICTED_GUID \ |
| 225 | { 0xbdb38125, 0x4d63, 0x49f4, { 0x82, 0x12, 0x61, 0xcf, 0x5a, 0x19, 0xa, 0xf8 } } |
| 226 | |
| 227 | /// |
| 228 | /// Forbids UEFI drivers from being started from the specified device path(s) or any child device paths. |
| 229 | /// |
| 230 | #define EFI_USER_INFO_ACCESS_FORBID_CONNECT 0x00000007 |
| 231 | /// |
| 232 | /// Permits UEFI drivers to be started on the specified device path(s) or any child device paths. |
| 233 | /// |
| 234 | #define EFI_USER_INFO_ACCESS_PERMIT_CONNECT 0x00000008 |
| 235 | /// |
| 236 | /// Modifies the boot order. |
| 237 | /// |
| 238 | #define EFI_USER_INFO_ACCESS_BOOT_ORDER 0x00000009 |
| 239 | typedef UINT32 EFI_USER_INFO_ACCESS_BOOT_ORDER_HDR; |
| 240 | |
| 241 | #define EFI_USER_INFO_ACCESS_BOOT_ORDER_MASK 0x0000000F |
| 242 | /// |
| 243 | /// Insert new boot options at the beginning of the boot order. |
| 244 | /// |
| 245 | #define EFI_USER_INFO_ACCESS_BOOT_ORDER_INSERT 0x00000000 |
| 246 | /// |
| 247 | /// Append new boot options to the end of the boot order. |
| 248 | /// |
| 249 | #define EFI_USER_INFO_ACCESS_BOOT_ORDER_APPEND 0x00000001 |
| 250 | /// |
| 251 | /// Replace the entire boot order. |
| 252 | /// |
| 253 | #define EFI_USER_INFO_ACCESS_BOOT_ORDER_REPLACE 0x00000002 |
| 254 | /// |
| 255 | /// The Boot Manager will not attempt find a default boot device |
| 256 | /// when the default boot order is does not lead to a bootable device. |
| 257 | /// |
| 258 | #define EFI_USER_INFO_ACCESS_BOOT_ORDER_NODEFAULT 0x00000010 |
| 259 | |
| 260 | /// |
| 261 | /// Provides the expression which determines which credentials are required to assert user identity. |
| 262 | /// |
| 263 | #define EFI_USER_INFO_IDENTITY_POLICY_RECORD 0x0F |
| 264 | |
| 265 | typedef struct { |
| 266 | UINT32 Type; ///< Specifies either an operator or a data item. |
| 267 | UINT32 Length; ///< The length of this block, in bytes, including this header. |
| 268 | } EFI_USER_INFO_IDENTITY_POLICY; |
| 269 | |
| 270 | /// |
| 271 | /// User identity policy expression operators. |
| 272 | /// |
| 273 | #define EFI_USER_INFO_IDENTITY_FALSE 0x00 |
| 274 | #define EFI_USER_INFO_IDENTITY_TRUE 0x01 |
| 275 | #define EFI_USER_INFO_IDENTITY_CREDENTIAL_TYPE 0x02 |
| 276 | #define EFI_USER_INFO_IDENTITY_CREDENTIAL_PROVIDER 0x03 |
| 277 | #define EFI_USER_INFO_IDENTITY_NOT 0x10 |
| 278 | #define EFI_USER_INFO_IDENTITY_AND 0x11 |
| 279 | #define EFI_USER_INFO_IDENTITY_OR 0x12 |
| 280 | |
| 281 | /// |
| 282 | /// Provides placeholder for additional user profile information identified by a GUID. |
| 283 | /// |
| 284 | #define EFI_USER_INFO_GUID_RECORD 0xFF |
| 285 | typedef EFI_GUID EFI_USER_INFO_GUID; |
| 286 | |
| 287 | /// |
| 288 | /// User information table |
| 289 | /// A collection of EFI_USER_INFO records, prefixed with this header. |
| 290 | /// |
| 291 | typedef struct { |
| 292 | UINT64 Size; ///< Total size of the user information table, in bytes. |
| 293 | } EFI_USER_INFO_TABLE; |
| 294 | |
| 295 | typedef struct _EFI_USER_MANAGER_PROTOCOL EFI_USER_MANAGER_PROTOCOL; |
| 296 | |
| 297 | /** |
| 298 | Create a new user profile. |
| 299 | |
| 300 | This function creates a new user profile with only a new user identifier attached and returns its |
| 301 | handle. The user profile is non-volatile, but the handle User can change across reboots. |
| 302 | |
| 303 | @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL. |
| 304 | @param[out] User On return, points to the new user profile handle. |
| 305 | The user profile handle is unique only during this boot. |
| 306 | |
| 307 | @retval EFI_SUCCESS User profile was successfully created. |
| 308 | @retval EFI_ACCESS_DENIED Current user does not have sufficient permissions to create a user profile. |
| 309 | @retval EFI_UNSUPPORTED Creation of new user profiles is not supported. |
| 310 | @retval EFI_INVALID_PARAMETER The User parameter is NULL. |
| 311 | **/ |
| 312 | typedef |
| 313 | EFI_STATUS |
| 314 | (EFIAPI *EFI_USER_PROFILE_CREATE)( |
| 315 | IN CONST EFI_USER_MANAGER_PROTOCOL *This, |
| 316 | OUT EFI_USER_PROFILE_HANDLE *User |
| 317 | ); |
| 318 | |
| 319 | /** |
| 320 | Delete an existing user profile. |
| 321 | |
| 322 | @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL. |
| 323 | @param[in] User User profile handle. |
| 324 | |
| 325 | @retval EFI_SUCCESS User profile was successfully deleted. |
| 326 | @retval EFI_ACCESS_DENIED Current user does not have sufficient permissions to delete a user |
| 327 | profile or there is only one user profile. |
| 328 | @retval EFI_UNSUPPORTED Deletion of new user profiles is not supported. |
| 329 | @retval EFI_INVALID_PARAMETER User does not refer to a valid user profile. |
| 330 | **/ |
| 331 | typedef |
| 332 | EFI_STATUS |
| 333 | (EFIAPI *EFI_USER_PROFILE_DELETE)( |
| 334 | IN CONST EFI_USER_MANAGER_PROTOCOL *This, |
| 335 | IN EFI_USER_PROFILE_HANDLE User |
| 336 | ); |
| 337 | |
| 338 | /** |
| 339 | Enumerate all of the enrolled users on the platform. |
| 340 | |
| 341 | This function returns the next enrolled user profile. To retrieve the first user profile handle, point |
| 342 | User at a NULL. Each subsequent call will retrieve another user profile handle until there are no |
| 343 | more, at which point User will point to NULL. |
| 344 | |
| 345 | @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL. |
| 346 | @param[in,out] User On entry, points to the previous user profile handle or NULL to |
| 347 | start enumeration. On exit, points to the next user profile handle |
| 348 | or NULL if there are no more user profiles. |
| 349 | |
| 350 | @retval EFI_SUCCESS Next enrolled user profile successfully returned. |
| 351 | @retval EFI_ACCESS_DENIED Next enrolled user profile was not successfully returned. |
| 352 | @retval EFI_INVALID_PARAMETER The User parameter is NULL. |
| 353 | **/ |
| 354 | typedef |
| 355 | EFI_STATUS |
| 356 | (EFIAPI *EFI_USER_PROFILE_GET_NEXT)( |
| 357 | IN CONST EFI_USER_MANAGER_PROTOCOL *This, |
| 358 | IN OUT EFI_USER_PROFILE_HANDLE *User |
| 359 | ); |
| 360 | |
| 361 | /** |
| 362 | Return the current user profile handle. |
| 363 | |
| 364 | @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL. |
| 365 | @param[out] CurrentUser On return, points to the current user profile handle. |
| 366 | |
| 367 | @retval EFI_SUCCESS Current user profile handle returned successfully. |
| 368 | @retval EFI_INVALID_PARAMETER The CurrentUser parameter is NULL. |
| 369 | **/ |
| 370 | typedef |
| 371 | EFI_STATUS |
| 372 | (EFIAPI *EFI_USER_PROFILE_CURRENT)( |
| 373 | IN CONST EFI_USER_MANAGER_PROTOCOL *This, |
| 374 | OUT EFI_USER_PROFILE_HANDLE *CurrentUser |
| 375 | ); |
| 376 | |
| 377 | /** |
| 378 | Identify a user. |
| 379 | |
| 380 | Identify the user and, if authenticated, returns the user handle and changes the current user profile. |
| 381 | All user information marked as private in a previously selected profile is no longer available for |
| 382 | inspection. |
| 383 | Whenever the current user profile is changed then the an event with the GUID |
| 384 | EFI_EVENT_GROUP_USER_PROFILE_CHANGED is signaled. |
| 385 | |
| 386 | @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL. |
| 387 | @param[out] User On return, points to the user profile handle for the current user profile. |
| 388 | |
| 389 | @retval EFI_SUCCESS User was successfully identified. |
| 390 | @retval EFI_ACCESS_DENIED User was not successfully identified. |
| 391 | @retval EFI_INVALID_PARAMETER The User parameter is NULL. |
| 392 | **/ |
| 393 | typedef |
| 394 | EFI_STATUS |
| 395 | (EFIAPI *EFI_USER_PROFILE_IDENTIFY)( |
| 396 | IN CONST EFI_USER_MANAGER_PROTOCOL *This, |
| 397 | OUT EFI_USER_PROFILE_HANDLE *User |
| 398 | ); |
| 399 | |
| 400 | /** |
| 401 | Find a user using a user information record. |
| 402 | |
| 403 | This function searches all user profiles for the specified user information record. The search starts |
| 404 | with the user information record handle following UserInfo and continues until either the |
| 405 | information is found or there are no more user profiles. |
| 406 | A match occurs when the Info.InfoType field matches the user information record type and the |
| 407 | user information record data matches the portion of Info. |
| 408 | |
| 409 | @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL. |
| 410 | @param[in,out] User On entry, points to the previously returned user profile handle or NULL to start |
| 411 | searching with the first user profile. On return, points to the user profile handle or |
| 412 | NULL if not found. |
| 413 | @param[in,out] UserInfo On entry, points to the previously returned user information handle or NULL to start |
| 414 | searching with the first. On return, points to the user information handle of the user |
| 415 | information record or NULL if not found. Can be NULL, in which case only one user |
| 416 | information record per user can be returned. |
| 417 | @param[in] Info Points to the buffer containing the user information to be compared to the user |
| 418 | information record. If the user information record data is empty, then only the user |
| 419 | information record type is compared. |
| 420 | If InfoSize is 0, then the user information record must be empty. |
| 421 | |
| 422 | @param[in] InfoSize The size of Info, in bytes. |
| 423 | |
| 424 | @retval EFI_SUCCESS User information was found. User points to the user profile handle and UserInfo |
| 425 | points to the user information handle. |
| 426 | @retval EFI_NOT_FOUND User information was not found. User points to NULL and UserInfo points to NULL. |
| 427 | @retval EFI_INVALID_PARAMETER User is NULL. Or Info is NULL. |
| 428 | **/ |
| 429 | typedef |
| 430 | EFI_STATUS |
| 431 | (EFIAPI *EFI_USER_PROFILE_FIND)( |
| 432 | IN CONST EFI_USER_MANAGER_PROTOCOL *This, |
| 433 | IN OUT EFI_USER_PROFILE_HANDLE *User, |
| 434 | IN OUT EFI_USER_INFO_HANDLE *UserInfo OPTIONAL, |
| 435 | IN CONST EFI_USER_INFO *Info, |
| 436 | IN UINTN InfoSize |
| 437 | ); |
| 438 | |
| 439 | /** |
| 440 | Called by credential provider to notify of information change. |
| 441 | |
| 442 | This function allows the credential provider to notify the User Identity Manager when user status |
| 443 | has changed. |
| 444 | If the User Identity Manager doesn't support asynchronous changes in credentials, then this function |
| 445 | should return EFI_UNSUPPORTED. |
| 446 | If current user does not exist, and the credential provider can identify a user, then make the user |
| 447 | to be current user and signal the EFI_EVENT_GROUP_USER_PROFILE_CHANGED event. |
| 448 | If current user already exists, and the credential provider can identify another user, then switch |
| 449 | current user to the newly identified user, and signal the EFI_EVENT_GROUP_USER_PROFILE_CHANGED event. |
| 450 | If current user was identified by this credential provider and now the credential provider cannot identify |
| 451 | current user, then logout current user and signal the EFI_EVENT_GROUP_USER_PROFILE_CHANGED event. |
| 452 | |
| 453 | @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL. |
| 454 | @param[in] Changed Handle on which is installed an instance of the |
| 455 | EFI_USER_CREDENTIAL_PROTOCOL where the user has changed. |
| 456 | |
| 457 | @retval EFI_SUCCESS The User Identity Manager has handled the notification. |
| 458 | @retval EFI_NOT_READY The function was called while the specified credential provider was not selected. |
| 459 | @retval EFI_UNSUPPORTED The User Identity Manager doesn't support asynchronous notifications. |
| 460 | **/ |
| 461 | typedef |
| 462 | EFI_STATUS |
| 463 | (EFIAPI *EFI_USER_PROFILE_NOTIFY)( |
| 464 | IN CONST EFI_USER_MANAGER_PROTOCOL *This, |
| 465 | IN EFI_HANDLE Changed |
| 466 | ); |
| 467 | |
| 468 | /** |
| 469 | Return information attached to the user. |
| 470 | |
| 471 | This function returns user information. The format of the information is described in User |
| 472 | Information. The function may return EFI_ACCESS_DENIED if the information is marked private |
| 473 | and the handle specified by User is not the current user profile. The function may return |
| 474 | EFI_ACCESS_DENIED if the information is marked protected and the information is associated |
| 475 | with a credential provider for which the user has not been authenticated. |
| 476 | |
| 477 | @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL. |
| 478 | @param[in] User Handle of the user whose profile will be retrieved. |
| 479 | @param[in] UserInfo Handle of the user information data record. |
| 480 | @param[out] Info On entry, points to a buffer of at least *InfoSize bytes. On exit, holds the user |
| 481 | information. If the buffer is too small to hold the information, then |
| 482 | EFI_BUFFER_TOO_SMALL is returned and InfoSize is updated to contain the |
| 483 | number of bytes actually required. |
| 484 | @param[in,out] InfoSize On entry, points to the size of Info. On return, points to the size of the user |
| 485 | information. |
| 486 | |
| 487 | @retval EFI_SUCCESS Information returned successfully. |
| 488 | @retval EFI_ACCESS_DENIED The information about the specified user cannot be accessed by the current user. |
| 489 | @retval EFI_BUFFER_TOO_SMALL The number of bytes specified by *InfoSize is too small to hold |
| 490 | the returned data. The actual size required is returned in *InfoSize. |
| 491 | @retval EFI_NOT_FOUND User does not refer to a valid user profile or UserInfo does not refer to a valid |
| 492 | user info handle. |
| 493 | @retval EFI_INVALID_PARAMETER Info is NULL or InfoSize is NULL. |
| 494 | **/ |
| 495 | typedef |
| 496 | EFI_STATUS |
| 497 | (EFIAPI *EFI_USER_PROFILE_GET_INFO)( |
| 498 | IN CONST EFI_USER_MANAGER_PROTOCOL *This, |
| 499 | IN EFI_USER_PROFILE_HANDLE User, |
| 500 | IN EFI_USER_INFO_HANDLE UserInfo, |
| 501 | OUT EFI_USER_INFO *Info, |
| 502 | IN OUT UINTN *InfoSize |
| 503 | ); |
| 504 | |
| 505 | /** |
| 506 | Add or update user information. |
| 507 | |
| 508 | This function changes user information. If NULL is pointed to by UserInfo, then a new user |
| 509 | information record is created and its handle is returned in UserInfo. Otherwise, the existing one is |
| 510 | replaced. |
| 511 | If EFI_USER_INFO_IDENTITY_POLICY_RECORD is changed, it is the caller's responsibility to keep it to |
| 512 | be synced with the information on credential providers. |
| 513 | If EFI_USER_INFO_EXCLUSIVE is specified in Info and a user information record of the same |
| 514 | type already exists in the user profile, then EFI_ACCESS_DENIED will be returned and |
| 515 | UserInfo will point to the handle of the existing record. |
| 516 | |
| 517 | @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL. |
| 518 | @param[in] User Handle of the user whose profile will be retrieved. |
| 519 | @param[in,out] UserInfo Handle of the user information data record. |
| 520 | @param[in] Info On entry, points to a buffer of at least *InfoSize bytes. On exit, holds the user |
| 521 | information. If the buffer is too small to hold the information, then |
| 522 | EFI_BUFFER_TOO_SMALL is returned and InfoSize is updated to contain the |
| 523 | number of bytes actually required. |
| 524 | @param[in] InfoSize On entry, points to the size of Info. On return, points to the size of the user |
| 525 | information. |
| 526 | |
| 527 | @retval EFI_SUCCESS Information returned successfully. |
| 528 | @retval EFI_ACCESS_DENIED The record is exclusive. |
| 529 | @retval EFI_SECURITY_VIOLATION The current user does not have permission to change the specified |
| 530 | user profile or user information record. |
| 531 | @retval EFI_NOT_FOUND User does not refer to a valid user profile or UserInfo does not refer to a valid |
| 532 | user info handle. |
| 533 | @retval EFI_INVALID_PARAMETER UserInfo is NULL or Info is NULL. |
| 534 | **/ |
| 535 | typedef |
| 536 | EFI_STATUS |
| 537 | (EFIAPI *EFI_USER_PROFILE_SET_INFO)( |
| 538 | IN CONST EFI_USER_MANAGER_PROTOCOL *This, |
| 539 | IN EFI_USER_PROFILE_HANDLE User, |
| 540 | IN OUT EFI_USER_INFO_HANDLE *UserInfo, |
| 541 | IN CONST EFI_USER_INFO *Info, |
| 542 | IN UINTN InfoSize |
| 543 | ); |
| 544 | |
| 545 | /** |
| 546 | Delete user information. |
| 547 | |
| 548 | Delete the user information attached to the user profile specified by the UserInfo. |
| 549 | |
| 550 | @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL. |
| 551 | @param[in] User Handle of the user whose information will be deleted. |
| 552 | @param[in] UserInfo Handle of the user information to remove. |
| 553 | |
| 554 | @retval EFI_SUCCESS User information deleted successfully. |
| 555 | @retval EFI_NOT_FOUND User information record UserInfo does not exist in the user profile. |
| 556 | @retval EFI_ACCESS_DENIED The current user does not have permission to delete this user information. |
| 557 | **/ |
| 558 | typedef |
| 559 | EFI_STATUS |
| 560 | (EFIAPI *EFI_USER_PROFILE_DELETE_INFO)( |
| 561 | IN CONST EFI_USER_MANAGER_PROTOCOL *This, |
| 562 | IN EFI_USER_PROFILE_HANDLE User, |
| 563 | IN EFI_USER_INFO_HANDLE UserInfo |
| 564 | ); |
| 565 | |
| 566 | /** |
| 567 | Enumerate user information of all the enrolled users on the platform. |
| 568 | |
| 569 | This function returns the next user information record. To retrieve the first user information record |
| 570 | handle, point UserInfo at a NULL. Each subsequent call will retrieve another user information |
| 571 | record handle until there are no more, at which point UserInfo will point to NULL. |
| 572 | |
| 573 | @param[in] This Points to this instance of the EFI_USER_MANAGER_PROTOCOL. |
| 574 | @param[in] User Handle of the user whose information will be deleted. |
| 575 | @param[in,out] UserInfo Handle of the user information to remove. |
| 576 | |
| 577 | @retval EFI_SUCCESS User information returned. |
| 578 | @retval EFI_NOT_FOUND No more user information found. |
| 579 | @retval EFI_INVALID_PARAMETER UserInfo is NULL. |
| 580 | **/ |
| 581 | typedef |
| 582 | EFI_STATUS |
| 583 | (EFIAPI *EFI_USER_PROFILE_GET_NEXT_INFO)( |
| 584 | IN CONST EFI_USER_MANAGER_PROTOCOL *This, |
| 585 | IN EFI_USER_PROFILE_HANDLE User, |
| 586 | IN OUT EFI_USER_INFO_HANDLE *UserInfo |
| 587 | ); |
| 588 | |
| 589 | /// |
| 590 | /// This protocol provides the services used to manage user profiles. |
| 591 | /// |
| 592 | struct _EFI_USER_MANAGER_PROTOCOL { |
| 593 | EFI_USER_PROFILE_CREATE Create; |
| 594 | EFI_USER_PROFILE_DELETE Delete; |
| 595 | EFI_USER_PROFILE_GET_NEXT GetNext; |
| 596 | EFI_USER_PROFILE_CURRENT Current; |
| 597 | EFI_USER_PROFILE_IDENTIFY Identify; |
| 598 | EFI_USER_PROFILE_FIND Find; |
| 599 | EFI_USER_PROFILE_NOTIFY Notify; |
| 600 | EFI_USER_PROFILE_GET_INFO GetInfo; |
| 601 | EFI_USER_PROFILE_SET_INFO SetInfo; |
| 602 | EFI_USER_PROFILE_DELETE_INFO DeleteInfo; |
| 603 | EFI_USER_PROFILE_GET_NEXT_INFO GetNextInfo; |
| 604 | }; |
| 605 | |
| 606 | extern EFI_GUID gEfiUserManagerProtocolGuid; |
| 607 | extern EFI_GUID gEfiEventUserProfileChangedGuid; |
| 608 | extern EFI_GUID gEfiUserCredentialClassUnknownGuid; |
| 609 | extern EFI_GUID gEfiUserCredentialClassPasswordGuid; |
| 610 | extern EFI_GUID gEfiUserCredentialClassSmartCardGuid; |
| 611 | extern EFI_GUID gEfiUserCredentialClassFingerprintGuid; |
| 612 | extern EFI_GUID gEfiUserCredentialClassHandprintGuid; |
| 613 | extern EFI_GUID gEfiUserCredentialClassSecureCardGuid; |
| 614 | extern EFI_GUID gEfiUserInfoAccessSetupAdminGuid; |
| 615 | extern EFI_GUID gEfiUserInfoAccessSetupNormalGuid; |
| 616 | extern EFI_GUID gEfiUserInfoAccessSetupRestrictedGuid; |
| 617 | |
| 618 | #endif |