Gitiles
Code Review Sign In
gerrit.devboardsforandroid.linaro.org / device / linaro / hikey960 / 0e33772df9ca72fb5f6e3d9a9b9ee547997b1b66 / . / uefi / linaro-edk2 / NetworkPkg / IpSecDxe / IpSecConfigImpl.h
blob: 3e365dae4aeb56f0210c71a727e15a9333fefed8 [file] [log] [blame]
Vishal Bhoj82c80712015-12-15 21:13:33 +0530[diff] [blame]1/** @file
2 Definitions related to IPSEC_CONFIG_PROTOCOL implementations.
3
4 Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
5
6 This program and the accompanying materials
7 are licensed and made available under the terms and conditions of the BSD License
8 which accompanies this distribution. The full text of the license may be found at
9 http://opensource.org/licenses/bsd-license.php.
10
11 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
12 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
13
14**/
15
16#ifndef _IPSEC_CONFIG_IMPL_H_
17#define _IPSEC_CONFIG_IMPL_H_
18
19#include <Protocol/IpSec.h>
20#include <Protocol/IpSecConfig.h>
21
22#include <Library/BaseLib.h>
23#include <Library/BaseMemoryLib.h>
24#include <Library/PrintLib.h>
25#include <Library/MemoryAllocationLib.h>
26#include <Library/UefiRuntimeServicesTableLib.h>
27#include <Library/UefiBootServicesTableLib.h>
28#include <Library/DebugLib.h>
29
30#include "IpSecImpl.h"
31
32#define EFI_IPSEC_ANY_PROTOCOL 0xFFFF
33#define EFI_IPSEC_ANY_PORT 0
34
35#define IPSEC_VAR_ITEM_HEADER_LOGO_BIT 0x80
36#define IPSEC_VAR_ITEM_HEADER_CONTENT_BIT 0x7F
37
38#define IPSECCONFIG_VARIABLE_NAME L"IpSecConfig"
39#define IPSECCONFIG_STATUS_NAME L"IpSecStatus"
40
41#define SIZE_OF_SPD_SELECTOR(x) (UINTN) (sizeof (EFI_IPSEC_SPD_SELECTOR) \
42 + sizeof (EFI_IP_ADDRESS_INFO) * ((x)->LocalAddressCount + (x)->RemoteAddressCount))
43
44#define FIX_REF_BUF_ADDR(addr, base) addr = (VOID *) ((UINTN) (addr) - (UINTN) (base))
45#define UNFIX_REF_BUF_ADDR(addr, base) addr = (VOID *) ((UINTN) (addr) + (UINTN) (base))
46
47//
48// The data structure used to store the genernall information of IPsec configuration.
49//
50typedef struct {
51 UINT32 VariableCount; // the total number of the IPsecConfig variables.
52 UINT32 VariableSize; // The total size of all IpsecConfig variables.
53 UINT32 SingleVariableSize; // The max size of single variable
54} IP_SEC_VARIABLE_INFO;
55
56typedef struct {
57 EFI_IPSEC_CONFIG_SELECTOR *Selector;
58 VOID *Data;
59 LIST_ENTRY List;
60} IPSEC_COMMON_POLICY_ENTRY;
61
62typedef struct {
63 UINT8 *Ptr;
64 UINTN Size;
65 UINTN Capacity;
66} IPSEC_VARIABLE_BUFFER;
67
68#pragma pack(1)
69typedef struct {
70 UINT8 Type;
71 UINT16 Size;
72} IPSEC_VAR_ITEM_HEADER;
73#pragma pack()
74
75/**
76 The prototype of Copy Source Selector to the Destination Selector.
77
78 @param[in, out] DstSel Pointer of Destination Selector. It would be
79 SPD Selector, or SAD Selector or PAD Selector.
80 @param[in] SrcSel Pointer of Source Selector. It would be
81 SPD Selector, or SAD Selector or PAD Selector.
82 @param[in, out] Size The size of the Destination Selector. If it
83 is not NULL and its value is less than the size of
84 Source Selector, the value of Source Selector's
85 size will be passed to the caller by this parameter.
86
87 @retval EFI_INVALID_PARAMETER If the Destination or Source Selector is NULL.
88 @retval EFI_BUFFER_TOO_SMALL If the input Size is less than size of Source Selector.
89 @retval EFI_SUCCESS Copy Source Selector to the Destination
90 Selector successfully.
91
92**/
93typedef
94EFI_STATUS
95(*IPSEC_DUPLICATE_SELECTOR) (
96 IN OUT EFI_IPSEC_CONFIG_SELECTOR *DstSel,
97 IN EFI_IPSEC_CONFIG_SELECTOR *SrcSel,
98 IN OUT UINTN *Size
99 );
100
101/**
102 It is prototype of compare two Selectors. The Selector would be SPD Selector,
103 or SAD Selector, or PAD selector.
104
105 @param[in] Selector1 Pointer of the first Selector.
106 @param[in] Selector2 Pointer of the second Selector.
107
108 @retval TRUE These two Selectors have the same value in certain fields.
109 @retval FALSE Not all fields have the same value in these two Selectors.
110
111**/
112typedef
113BOOLEAN
114(*IPSEC_COMPARE_SELECTOR) (
115 IN EFI_IPSEC_CONFIG_SELECTOR *Selector1,
116 IN EFI_IPSEC_CONFIG_SELECTOR *Selector2
117 );
118
119/**
120 The prototype of a function to check if the Selector is Zero by its certain fields.
121
122 @param[in] Selector Pointer of the Selector.
123
124 @retval TRUE If the Selector is Zero.
125 @retval FALSE If the Selector is not Zero.
126
127**/
128typedef
129BOOLEAN
130(*IPSEC_IS_ZERO_SELECTOR) (
131 IN EFI_IPSEC_CONFIG_SELECTOR *Selector
132 );
133
134/**
135 The prototype of a function to fix the value of particular members of the Selector.
136
137 @param[in] Selector Pointer of Selector.
138 @param[in] Data Pointer of Data.
139
140**/
141typedef
142VOID
143(*IPSEC_FIX_POLICY_ENTRY) (
144 IN EFI_IPSEC_CONFIG_SELECTOR *Selector,
145 IN VOID *Data
146 );
147
148/**
149 It is prototype function to define a routine function by the caller of IpSecVisitConfigData().
150
151 @param[in] Type A specified IPSEC_CONFIG_DATA_TYPE.
152 @param[in] Selector Points to EFI_IPSEC_CONFIG_SELECTOR to be copied
153 to the buffer.
154 @param[in] Data Points to data to be copied to the buffer. The
155 Data type is related to the Type.
156 @param[in] SelectorSize The size of the Selector.
157 @param[in] DataSize The size of the Data.
158 @param[in, out] Buffer The buffer to store the Selector and Data.
159
160 @retval EFI_SUCCESS Copied the Selector and Data to a buffer successfully.
161 @retval EFI_OUT_OF_RESOURCES The required system resource could not be allocated.
162
163**/
164typedef
165EFI_STATUS
166(*IPSEC_COPY_POLICY_ENTRY) (
167 IN EFI_IPSEC_CONFIG_DATA_TYPE Type,
168 IN EFI_IPSEC_CONFIG_SELECTOR *Selector,
169 IN VOID *Data,
170 IN UINTN SelectorSize,
171 IN UINTN DataSize,
172 IN OUT VOID *Context
173 );
174
175/**
176 Set the security policy information for the EFI IPsec driver.
177
178 The IPsec configuration data has a unique selector/identifier separately to
179 identify a data entry.
180
181 @param[in] Selector Pointer to an entry selector on operated
182 configuration data specified by DataType.
183 A NULL Selector causes the entire specified-type
184 configuration information to be flushed.
185 @param[in] Data The data buffer to be set.
186 @param[in] Context Pointer to one entry selector that describes
187 the expected position the new data entry will
188 be added. If Context is NULL, the new entry will
189 be appended to the end of the database.
190
191 @retval EFI_INVALID_PARAMETER Certain Parameters are not correct. The Parameter
192 requiring a check depends on the Selector type.
193 @retval EFI_OUT_OF_RESOURCED The required system resource could not be allocated.
194 @retval EFI_SUCCESS The specified configuration data was obtained successfully.
195
196**/
197typedef
198EFI_STATUS
199(*IPSEC_SET_POLICY_ENTRY) (
200 IN EFI_IPSEC_CONFIG_SELECTOR *Selector,
201 IN VOID *Data,
202 IN VOID *Context OPTIONAL
203 );
204
205/**
206 A prototype function definition to lookup the data entry from IPsec. Return the configuration
207 value of the specified Entry.
208
209 @param[in] Selector Pointer to an entry selector that is an identifier
210 of the entry.
211 @param[in, out] DataSize On output, the size of data returned in Data.
212 @param[out] Data The buffer to return the contents of the IPsec
213 configuration data. The type of the data buffer
214 is associated with the DataType.
215
216 @retval EFI_SUCCESS The specified configuration data was obtained successfully.
217 @retval EFI_INVALID_PARAMETER Data is NULL and *DataSize is not zero.
218 @retval EFI_NOT_FOUND The configuration data specified by Selector is not found.
219 @retval EFI_BUFFER_TOO_SMALL The DataSize is too small for the result. DataSize has been
220 updated with the size needed to complete the request.
221
222**/
223typedef
224EFI_STATUS
225(*IPSEC_GET_POLICY_ENTRY) (
226 IN EFI_IPSEC_CONFIG_SELECTOR *Selector,
227 IN OUT UINTN *DataSize,
228 IN VOID *Data
229 );
230
231/**
232 Compare two SPD Selectors.
233
234 Compare two SPD Selector by the fields of LocalAddressCount/RemoteAddressCount/
235 NextLayerProtocol/LocalPort/LocalPortRange/RemotePort/RemotePortRange and the
236 Local Addresses and remote Addresses.
237
238 @param[in] Selector1 Pointer of the first SPD Selector.
239 @param[in] Selector2 Pointer of the second SPD Selector.
240
241 @retval TRUE These two Selectors have the same value in above fields.
242 @retval FALSE Not all of the above fields have the same value in these two Selectors.
243
244**/
245BOOLEAN
246CompareSpdSelector (
247 IN EFI_IPSEC_CONFIG_SELECTOR *Selector1,
248 IN EFI_IPSEC_CONFIG_SELECTOR *Selector2
249 );
250
251
252/**
253 Visit all IPsec Configurations of specified Type and call the caller defined
254 interface.
255
256 @param[in] DataType The specified IPsec Config Data Type.
257 @param[in] Routine The function caller defined.
258 @param[in] Context The data passed to the Routine.
259
260 @retval EFI_OUT_OF_RESOURCES The required system resource could not be allocated.
261 @retval EFI_SUCCESS This function complete successfully.
262
263**/
264EFI_STATUS
265IpSecVisitConfigData (
266 IN EFI_IPSEC_CONFIG_DATA_TYPE DataType,
267 IN IPSEC_COPY_POLICY_ENTRY Routine,
268 IN VOID *Context
269 );
270
271
272/**
273 This function is the subfunction of the EFIIpSecConfigSetData.
274
275 This function call IpSecSetVaraible to set the IPsec Configuration into the firmware.
276
277 @retval EFI_OUT_OF_RESOURCES The required system resource could not be allocated.
278 @retval EFI_SUCCESS Saved the configration successfully.
279 @retval Others Other errors were found while obtaining the variable.
280
281**/
282EFI_STATUS
283IpSecConfigSave (
284 VOID
285 );
286
287/**
288 Initialize IPsecConfig protocol
289
290 @param[in, out] Private Pointer to IPSEC_PRIVATE_DATA. After this function finish,
291 the pointer of IPsecConfig Protocol implementation will copy
292 into its IPsecConfig member.
293
294 @retval EFI_SUCCESS Initialized the IPsecConfig Protocol successfully.
295 @retval Others Initializing the IPsecConfig Protocol failed.
296
297**/
298EFI_STATUS
299IpSecConfigInitialize (
300 IN OUT IPSEC_PRIVATE_DATA *Private
301 );
302
303/**
304 Calculate the entire size of EFI_IPSEC_SPD_DATA, which includes the buffer size pointed
305 by the pointer members.
306
307 @param[in] SpdData Pointer to a specified EFI_IPSEC_SPD_DATA.
308
309 @return The entire size of the specified EFI_IPSEC_SPD_DATA.
310
311**/
312UINTN
313IpSecGetSizeOfEfiSpdData (
314 IN EFI_IPSEC_SPD_DATA *SpdData
315 );
316
317/**
318 Calculate the a entire size of IPSEC_SPD_DATA, which includes the buffer size pointed
319 by the pointer members and the buffer size used by Sa List.
320
321 @param[in] SpdData Pointer to the specified IPSEC_SPD_DATA.
322
323 @return The entire size of IPSEC_SPD_DATA.
324
325**/
326UINTN
327IpSecGetSizeOfSpdData (
328 IN IPSEC_SPD_DATA *SpdData
329 );
330
331/**
332 Copy Source Process Policy to the Destination Process Policy.
333
334 @param[in] Dst Pointer to the Source Process Policy.
335 @param[in] Src Pointer to the Destination Process Policy.
336
337**/
338VOID
339IpSecDuplicateProcessPolicy (
340 IN EFI_IPSEC_PROCESS_POLICY *Dst,
341 IN EFI_IPSEC_PROCESS_POLICY *Src
342 );
343
344/**
345 Find if the two SPD Selectors has subordinative.
346
347 Compare two SPD Selector by the fields of LocalAddressCount/RemoteAddressCount/
348 NextLayerProtocol/LocalPort/LocalPortRange/RemotePort/RemotePortRange and the
349 Local Addresses and remote Addresses.
350
351 @param[in] Selector1 Pointer of first SPD Selector.
352 @param[in] Selector2 Pointer of second SPD Selector.
353
354 @retval TRUE The first SPD Selector is subordinate Selector of second SPD Selector.
355 @retval FALSE The first SPD Selector is not subordinate Selector of second
356 SPD Selector.
357
358**/
359BOOLEAN
360IsSubSpdSelector (
361 IN EFI_IPSEC_CONFIG_SELECTOR *Selector1,
362 IN EFI_IPSEC_CONFIG_SELECTOR *Selector2
363 );
364
365/**
366 Compare two SA IDs.
367
368 @param[in] Selector1 Pointer of the first SA ID.
369 @param[in] Selector2 Pointer of the second SA ID.
370
371 @retval TRUE This two Selectors have the same SA ID.
372 @retval FALSE This two Selecotrs don't have the same SA ID.
373
374**/
375BOOLEAN
376CompareSaId (
377 IN EFI_IPSEC_CONFIG_SELECTOR *Selector1,
378 IN EFI_IPSEC_CONFIG_SELECTOR *Selector2
379 );
380
381/**
382 Compare two PAD IDs.
383
384 @param[in] Selector1 Pointer of the first PAD ID.
385 @param[in] Selector2 Pointer of the second PAD ID.
386
387 @retval TRUE This two Selectors have the same PAD ID.
388 @retval FALSE This two Selecotrs don't have the same PAD ID.
389
390**/
391BOOLEAN
392ComparePadId (
393 IN EFI_IPSEC_CONFIG_SELECTOR *Selector1,
394 IN EFI_IPSEC_CONFIG_SELECTOR *Selector2
395 );
396
397/**
398 Check if the SPD Selector is Zero by its LocalAddressCount and RemoteAddressCount
399 fields.
400
401 @param[in] Selector Pointer of the SPD Selector.
402
403 @retval TRUE If the SPD Selector is Zero.
404 @retval FALSE If the SPD Selector is not Zero.
405
406**/
407BOOLEAN
408IsZeroSpdSelector (
409 IN EFI_IPSEC_CONFIG_SELECTOR *Selector
410 );
411
412/**
413 Check if the SA ID is Zero by its DestAddress.
414
415 @param[in] Selector Pointer of the SA ID.
416
417 @retval TRUE If the SA ID is Zero.
418 @retval FALSE If the SA ID is not Zero.
419
420**/
421BOOLEAN
422IsZeroSaId (
423 IN EFI_IPSEC_CONFIG_SELECTOR *Selector
424 );
425
426/**
427 Check if the PAD ID is Zero.
428
429 @param[in] Selector Pointer of the PAD ID.
430
431 @retval TRUE If the PAD ID is Zero.
432 @retval FALSE If the PAD ID is not Zero.
433
434**/
435BOOLEAN
436IsZeroPadId (
437 IN EFI_IPSEC_CONFIG_SELECTOR *Selector
438 );
439
440/**
441 Copy Source SPD Selector to the Destination SPD Selector.
442
443 @param[in, out] DstSel Pointer of Destination SPD Selector.
444 @param[in] SrcSel Pointer of Source SPD Selector.
445 @param[in, out] Size The size of the Destination SPD Selector. If
446 it is not NULL and its value is less than the
447 size of Source SPD Selector, the value of
448 Source SPD Selector's size will be passed to
449 the caller by this parameter.
450
451 @retval EFI_INVALID_PARAMETER If the Destination or Source SPD Selector is NULL.
452 @retval EFI_BUFFER_TOO_SMALL If the input Size is less than size of Source SPD Selector.
453 @retval EFI_SUCCESS Copy Source SPD Selector to the Destination SPD
454 Selector successfully.
455
456**/
457EFI_STATUS
458DuplicateSpdSelector (
459 IN OUT EFI_IPSEC_CONFIG_SELECTOR *DstSel,
460 IN EFI_IPSEC_CONFIG_SELECTOR *SrcSel,
461 IN OUT UINTN *Size
462 );
463
464/**
465 Copy Source SA ID to the Destination SA ID.
466
467 @param[in, out] DstSel Pointer of the Destination SA ID.
468 @param[in] SrcSel Pointer of the Source SA ID.
469 @param[in, out] Size The size of the Destination SA ID. If it
470 not NULL, and its value is less than the size of
471 Source SA ID, the value of Source SA ID's size
472 will be passed to the caller by this parameter.
473
474 @retval EFI_INVALID_PARAMETER If the Destination or Source SA ID is NULL.
475 @retval EFI_BUFFER_TOO_SMALL If the input Size less than size of source SA ID.
476 @retval EFI_SUCCESS Copied Source SA ID to the Destination SA ID successfully.
477
478**/
479EFI_STATUS
480DuplicateSaId (
481 IN OUT EFI_IPSEC_CONFIG_SELECTOR *DstSel,
482 IN EFI_IPSEC_CONFIG_SELECTOR *SrcSel,
483 IN OUT UINTN *Size
484 );
485
486/**
487 Copy Source PAD ID to the Destination PAD ID.
488
489 @param[in, out] DstSel Pointer of Destination PAD ID.
490 @param[in] SrcSel Pointer of Source PAD ID.
491 @param[in, out] Size The size of the Destination PAD ID. If it
492 not NULL, and its value less than the size of
493 Source PAD ID, the value of Source PAD ID's size
494 will be passed to the caller by this parameter.
495
496 @retval EFI_INVALID_PARAMETER If the Destination or Source PAD ID is NULL.
497 @retval EFI_BUFFER_TOO_SMALL If the input Size less than size of source PAD ID.
498 @retval EFI_SUCCESS Copied Source PAD ID to the Destination PAD ID successfully.
499
500**/
501EFI_STATUS
502DuplicatePadId (
503 IN OUT EFI_IPSEC_CONFIG_SELECTOR *DstSel,
504 IN EFI_IPSEC_CONFIG_SELECTOR *SrcSel,
505 IN OUT UINTN *Size
506 );
507
508/**
509 Fix the value of some members of the SPD Selector.
510
511 This function is called by IpSecCopyPolicyEntry(), which copies the Policy
512 Entry into the Variable. Since some members in SPD Selector are pointers,
513 a physical address to relative address conversion is required before copying
514 this SPD entry into the variable.
515
516 @param[in] Selector Pointer of SPD Selector.
517 @param[in, out] Data Pointer of SPD Data.
518
519**/
520VOID
521FixSpdEntry (
522 IN EFI_IPSEC_SPD_SELECTOR *Selector,
523 IN OUT EFI_IPSEC_SPD_DATA *Data
524 );
525
526/**
527 Fix the value of some members of SA ID.
528
529 This function is called by IpSecCopyPolicyEntry(), which copies the Policy
530 Entry into the Variable. Since some members in SA ID are pointers,
531 a physical address to relative address conversion is required before copying
532 this SAD into the variable.
533
534 @param[in] SaId Pointer of SA ID.
535 @param[in, out] Data Pointer of SA Data.
536
537**/
538VOID
539FixSadEntry (
540 IN EFI_IPSEC_SA_ID *SaId,
541 IN OUT EFI_IPSEC_SA_DATA2 *Data
542 );
543
544/**
545 Fix the value of some members of PAD ID.
546
547 This function is called by IpSecCopyPolicyEntry(), which copy the Policy
548 Entry into the Variable. Since some members in PAD ID are pointers,
549 a physical address to relative address conversion is required before copying
550 this PAD into the variable.
551
552 @param[in] PadId Pointer of PAD ID.
553 @param[in, out] Data Pointer of PAD Data.
554
555**/
556VOID
557FixPadEntry (
558 IN EFI_IPSEC_PAD_ID *PadId,
559 IN OUT EFI_IPSEC_PAD_DATA *Data
560 );
561
562/**
563 Recover the value of some members of SPD Selector.
564
565 This function is corresponding to FixSpdEntry(). It recovers the value of members
566 of SPD Selector which fix by the FixSpdEntry().
567
568 @param[in, out] Selector Pointer of SPD Selector.
569 @param[in, out] Data Pointer of SPD Data.
570
571**/
572VOID
573UnfixSpdEntry (
574 IN OUT EFI_IPSEC_SPD_SELECTOR *Selector,
575 IN OUT EFI_IPSEC_SPD_DATA *Data
576 );
577
578
579/**
580 Recover the value of some members of SA ID.
581
582 This function is corresponding to FixSadEntry(). It recovers the value of members
583 of SAD ID which fix by the FixSadEntry().
584
585 @param[in, out] SaId Pointer of SAD ID
586 @param[in, out] Data Pointer of SAD Data.
587
588**/
589VOID
590UnfixSadEntry (
591 IN OUT EFI_IPSEC_SA_ID *SaId,
592 IN OUT EFI_IPSEC_SA_DATA2 *Data
593 );
594
595/**
596 Recover the value of some members of PAD ID.
597
598 This function is corresponding to FixPadEntry(). It recovers the value of members
599 of PAD ID which fix by the FixPadEntry().
600
601 @param[in] PadId Pointer of PAD ID
602 @param[in, out] Data Pointer of PAD Data.
603
604**/
605VOID
606UnfixPadEntry (
607 IN EFI_IPSEC_PAD_ID *PadId,
608 IN OUT EFI_IPSEC_PAD_DATA *Data
609 );
610
611/**
612 Set the security policy information for the EFI IPsec driver.
613
614 The IPsec configuration data has a unique selector/identifier separately to
615 identify a data entry.
616
617 @param[in] Selector Pointer to an entry selector on operated
618 configuration data specified by DataType.
619 A NULL Selector causes the entire specified-type
620 configuration information to be flushed.
621 @param[in] Data The data buffer to be set. The structure
622 of the data buffer should be EFI_IPSEC_SPD_DATA.
623 @param[in] Context Pointer to one entry selector that describes
624 the expected position the new data entry will
625 be added. If Context is NULL,the new entry will
626 be appended the end of database.
627
628 @retval EFI_INVALID_PARAMETER One or more of the following are TRUE:
629 - Selector is not NULL and its LocalAddress
630 is NULL or its RemoteAddress is NULL.
631 - Data is not NULL, its Action is Protected,
632 and its policy is NULL.
633 - Data is not NULL and its Action is not protected
634 and its policy is not NULL.
635 - The Action of Data is Protected, its policy
636 mode is Tunnel, and its tunnel option is NULL.
637 - The Action of Data is protected, its policy
638 mode is not Tunnel, and it tunnel option is not NULL.
639 @retval EFI_OUT_OF_RESOURCED The required system resource could not be allocated.
640 @retval EFI_SUCCESS The specified configuration data was obtained successfully.
641
642**/
643EFI_STATUS
644SetSpdEntry (
645 IN EFI_IPSEC_CONFIG_SELECTOR *Selector,
646 IN VOID *Data,
647 IN VOID *Context OPTIONAL
648 );
649
650/**
651 Set the security association information for the EFI IPsec driver.
652
653 The IPsec configuration data has a unique selector/identifier separately to
654 identify a data entry.
655
656 @param[in] Selector Pointer to an entry selector on operated
657 configuration data specified by DataType.
658 A NULL Selector causes the entire specified-type
659 configuration information to be flushed.
660 @param[in] Data The data buffer to be set. The structure
661 of the data buffer should be EFI_IPSEC_SA_DATA.
662 @param[in] Context Pointer to one entry selector which describes
663 the expected position the new data entry will
664 be added. If Context is NULL,the new entry will
665 be appended to the end of database.
666
667 @retval EFI_OUT_OF_RESOURCED The required system resource could not be allocated.
668 @retval EFI_SUCCESS The specified configuration data was obtained successfully.
669
670**/
671EFI_STATUS
672SetSadEntry (
673 IN EFI_IPSEC_CONFIG_SELECTOR *Selector,
674 IN VOID *Data,
675 IN VOID *Context OPTIONAL
676 );
677
678/**
679 Set the peer authorization configuration information for the EFI IPsec driver.
680
681 The IPsec configuration data has a unique selector/identifier separately to
682 identify a data entry.
683
684 @param[in] Selector Pointer to an entry selector on operated
685 configuration data specified by DataType.
686 A NULL Selector causes the entire specified-type
687 configuration information to be flushed.
688 @param[in] Data The data buffer to be set. The structure
689 of the data buffer should be EFI_IPSEC_PAD_DATA.
690 @param[in] Context Pointer to one entry selector that describes
691 the expected position where the new data entry will
692 be added. If Context is NULL, the new entry will
693 be appended the end of database.
694
695 @retval EFI_OUT_OF_RESOURCED The required system resource could not be allocated.
696 @retval EFI_SUCCESS The specified configuration data was obtained successfully.
697
698**/
699EFI_STATUS
700SetPadEntry (
701 IN EFI_IPSEC_CONFIG_SELECTOR *Selector,
702 IN VOID *Data,
703 IN VOID *Context OPTIONAL
704 );
705
706/**
707 This function looks up the data entry from IPsec SPD, and returns the configuration
708 value of the specified SPD Entry.
709
710 @param[in] Selector Pointer to an entry selector which is an identifier
711 of the SPD entry.
712 @param[in, out] DataSize On output the size of data returned in Data.
713 @param[out] Data The buffer to return the contents of the IPsec
714 configuration data. The type of the data buffer
715 is associated with the DataType.
716
717 @retval EFI_SUCCESS The specified configuration data was obtained successfully.
718 @retval EFI_INVALID_PARAMETER Data is NULL and *DataSize is not zero.
719 @retval EFI_NOT_FOUND The configuration data specified by Selector is not found.
720 @retval EFI_BUFFER_TOO_SMALL The DataSize is too small for the result. DataSize has been
721 updated with the size needed to complete the request.
722
723**/
724EFI_STATUS
725GetSpdEntry (
726 IN EFI_IPSEC_CONFIG_SELECTOR *Selector,
727 IN OUT UINTN *DataSize,
728 OUT VOID *Data
729 );
730
731/**
732 This function looks up the data entry from IPsec SAD and returns the configuration
733 value of the specified SAD Entry.
734
735 @param[in] Selector Pointer to an entry selector that is an identifier
736 of the SAD entry.
737 @param[in, out] DataSize On output, the size of data returned in Data.
738 @param[out] Data The buffer to return the contents of the IPsec
739 configuration data. This type of the data buffer
740 is associated with the DataType.
741
742 @retval EFI_SUCCESS The specified configuration data was obtained successfully.
743 @retval EFI_NOT_FOUND The configuration data specified by Selector is not found.
744 @retval EFI_BUFFER_TOO_SMALL The DataSize is too small for the result. DataSize has been
745 updated with the size needed to complete the request.
746
747**/
748EFI_STATUS
749GetSadEntry (
750 IN EFI_IPSEC_CONFIG_SELECTOR *Selector,
751 IN OUT UINTN *DataSize,
752 OUT VOID *Data
753 );
754
755/**
756 This function looks up the data entry from IPsec PADand returns the configuration
757 value of the specified PAD Entry.
758
759 @param[in] Selector Pointer to an entry selector that is an identifier
760 of the PAD entry.
761 @param[in, out] DataSize On output the size of data returned in Data.
762 @param[out] Data The buffer to return the contents of the IPsec
763 configuration data. This type of the data buffer
764 is associated with the DataType.
765
766 @retval EFI_SUCCESS The specified configuration data was obtained successfully.
767 @retval EFI_NOT_FOUND The configuration data specified by Selector is not found.
768 @retval EFI_BUFFER_TOO_SMALL The DataSize is too small for the result. DataSize has been
769 updated with the size needed to complete the request.
770
771**/
772EFI_STATUS
773GetPadEntry (
774 IN EFI_IPSEC_CONFIG_SELECTOR *Selector,
775 IN OUT UINTN *DataSize,
776 OUT VOID *Data
777 );
778
779/**
780 Return the configuration value for the EFI IPsec driver.
781
782 This function lookup the data entry from IPsec database or IKEv2 configuration
783 information. The expected data type and unique identification are described in
784 DataType and Selector parameters.
785
786 @param[in] This Pointer to the EFI_IPSEC_CONFIG_PROTOCOL instance.
787 @param[in] DataType The type of data to retrieve.
788 @param[in] Selector Pointer to an entry selector that is an identifier of the IPsec
789 configuration data entry.
790 @param[in, out] DataSize On output the size of data returned in Data.
791 @param[out] Data The buffer to return the contents of the IPsec configuration data.
792 The type of the data buffer is associated with the DataType.
793
794 @retval EFI_SUCCESS The specified configuration data was obtained successfully.
795 @retval EFI_INVALID_PARAMETER One or more of the followings are TRUE:
796 - This is NULL.
797 - Selector is NULL.
798 - DataSize is NULL.
799 - Data is NULL and *DataSize is not zero
800 @retval EFI_NOT_FOUND The configuration data specified by Selector is not found.
801 @retval EFI_UNSUPPORTED The specified DataType is not supported.
802 @retval EFI_BUFFER_TOO_SMALL The DataSize is too small for the result. DataSize has been
803 updated with the size needed to complete the request.
804
805**/
806EFI_STATUS
807EFIAPI
808EfiIpSecConfigGetData (
809 IN EFI_IPSEC_CONFIG_PROTOCOL *This,
810 IN EFI_IPSEC_CONFIG_DATA_TYPE DataType,
811 IN EFI_IPSEC_CONFIG_SELECTOR *Selector,
812 IN OUT UINTN *DataSize,
813 OUT VOID *Data
814 );
815
816/**
817 Set the security association, security policy and peer authorization configuration
818 information for the EFI IPsec driver.
819
820 This function is used to set the IPsec configuration information of type DataType for
821 the EFI IPsec driver.
822 The IPsec configuration data has a unique selector/identifier separately to identify
823 a data entry. The selector structure depends on DataType's definition.
824 Using SetData() with a Data of NULL causes the IPsec configuration data entry identified
825 by DataType and Selector to be deleted.
826
827 @param[in] This Pointer to the EFI_IPSEC_CONFIG_PROTOCOL instance.
828 @param[in] DataType The type of data to be set.
829 @param[in] Selector Pointer to an entry selector on operated configuration data
830 specified by DataType. A NULL Selector causes the entire
831 specified-type configuration information to be flushed.
832 @param[in] Data The data buffer to be set. The structure of the data buffer is
833 associated with the DataType.
834 @param[in] InsertBefore Pointer to one entry selector which describes the expected
835 position the new data entry will be added. If InsertBefore is NULL,
836 the new entry will be appended the end of database.
837
838 @retval EFI_SUCCESS The specified configuration entry data was set successfully.
839 @retval EFI_INVALID_PARAMETER One or more of the following are TRUE:
840 - This is NULL.
841 @retval EFI_UNSUPPORTED The specified DataType is not supported.
842 @retval EFI_OUT_OF_RESOURCED The required system resource could not be allocated.
843
844**/
845EFI_STATUS
846EFIAPI
847EfiIpSecConfigSetData (
848 IN EFI_IPSEC_CONFIG_PROTOCOL *This,
849 IN EFI_IPSEC_CONFIG_DATA_TYPE DataType,
850 IN EFI_IPSEC_CONFIG_SELECTOR *Selector,
851 IN VOID *Data,
852 IN EFI_IPSEC_CONFIG_SELECTOR *InsertBefore OPTIONAL
853 );
854
855/**
856 Enumerates the current selector for IPsec configuration data entry.
857
858 This function is called multiple times to retrieve the entry Selector in IPsec
859 configuration database. On each call to GetNextSelector(), the next entry
860 Selector are retrieved into the output interface.
861
862 If the entire IPsec configuration database has been iterated, the error
863 EFI_NOT_FOUND is returned.
864 If the Selector buffer is too small for the next Selector copy, an
865 EFI_BUFFER_TOO_SMALL error is returned, and SelectorSize is updated to reflect
866 the size of buffer needed.
867
868 On the initial call to GetNextSelector() to start the IPsec configuration database
869 search, a pointer to the buffer with all zero value is passed in Selector. Calls
870 to SetData() between calls to GetNextSelector may produce unpredictable results.
871
872 @param[in] This Pointer to the EFI_IPSEC_CONFIG_PROTOCOL instance.
873 @param[in] DataType The type of IPsec configuration data to retrieve.
874 @param[in, out] SelectorSize The size of the Selector buffer.
875 @param[in, out] Selector On input, supplies the pointer to last Selector that was
876 returned by GetNextSelector().
877 On output, returns one copy of the current entry Selector
878 of a given DataType.
879
880 @retval EFI_SUCCESS The specified configuration data was obtained successfully.
881 @retval EFI_INVALID_PARAMETER One or more of the followings are TRUE:
882 - This is NULL.
883 - SelectorSize is NULL.
884 - Selector is NULL.
885 @retval EFI_NOT_FOUND The next configuration data entry was not found.
886 @retval EFI_UNSUPPORTED The specified DataType is not supported.
887 @retval EFI_BUFFER_TOO_SMALL The SelectorSize is too small for the result. This parameter
888 has been updated with the size needed to complete the search
889 request.
890
891**/
892EFI_STATUS
893EFIAPI
894EfiIpSecConfigGetNextSelector (
895 IN EFI_IPSEC_CONFIG_PROTOCOL *This,
896 IN EFI_IPSEC_CONFIG_DATA_TYPE DataType,
897 IN OUT UINTN *SelectorSize,
898 IN OUT EFI_IPSEC_CONFIG_SELECTOR *Selector
899 );
900
901/**
902 Register an event that is to be signaled whenever a configuration process on the
903 specified IPsec configuration information is done.
904
905 The register function is not surpport now and always returns EFI_UNSUPPORTED.
906
907 @param[in] This Pointer to the EFI_IPSEC_CONFIG_PROTOCOL instance.
908 @param[in] DataType The type of data to be registered the event for.
909 @param[in] Event The event to be registered.
910
911 @retval EFI_SUCCESS The event is registered successfully.
912 @retval EFI_INVALID_PARAMETER This is NULL, or Event is NULL.
913 @retval EFI_ACCESS_DENIED The Event is already registered for the DataType.
914 @retval EFI_UNSUPPORTED The notify registration unsupported, or the specified
915 DataType is not supported.
916
917**/
918EFI_STATUS
919EFIAPI
920EfiIpSecConfigRegisterNotify (
921 IN EFI_IPSEC_CONFIG_PROTOCOL *This,
922 IN EFI_IPSEC_CONFIG_DATA_TYPE DataType,
923 IN EFI_EVENT Event
924 );
925
926
927/**
928 Remove the specified event that was previously registered on the specified IPsec
929 configuration data.
930
931 This function is not supported now and always returns EFI_UNSUPPORTED.
932
933 @param[in] This Pointer to the EFI_IPSEC_CONFIG_PROTOCOL instance.
934 @param[in] DataType The configuration data type to remove the registered event for.
935 @param[in] Event The event to be unregistered.
936
937 @retval EFI_SUCCESS The event was removed successfully.
938 @retval EFI_NOT_FOUND The Event specified by DataType could not be found in the
939 database.
940 @retval EFI_INVALID_PARAMETER This is NULL or Event is NULL.
941 @retval EFI_UNSUPPORTED The notify registration unsupported or the specified
942 DataType is not supported.
943
944**/
945EFI_STATUS
946EFIAPI
947EfiIpSecConfigUnregisterNotify (
948 IN EFI_IPSEC_CONFIG_PROTOCOL *This,
949 IN EFI_IPSEC_CONFIG_DATA_TYPE DataType,
950 IN EFI_EVENT Event
951 );
952
953extern LIST_ENTRY mConfigData[IPsecConfigDataTypeMaximum];
954
955#endif