From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail.byosoft.com.cn (mail.byosoft.com.cn [58.240.74.242]) by mx.groups.io with SMTP id smtpd.web09.7101.1607565629118010846 for ; Wed, 09 Dec 2020 18:00:30 -0800 Authentication-Results: mx.groups.io; dkim=missing; spf=none, err=permanent DNS error (domain: byosoft.com.cn, ip: 58.240.74.242, mailfrom: gaoliming@byosoft.com.cn) Received: from DESKTOPS6D0PVI ([58.246.60.130]) (envelope-sender ) by 192.168.6.13 with ESMTP for ; Thu, 10 Dec 2020 10:00:24 +0800 X-WM-Sender: gaoliming@byosoft.com.cn X-WM-AuthFlag: YES X-WM-AuthUser: gaoliming@byosoft.com.cn From: "gaoliming" To: , Cc: "'Nickle Wang'" , "'Peter O'Hanley'" References: <20201209084333.22422-1-abner.chang@hpe.com> <20201209084333.22422-3-abner.chang@hpe.com> In-Reply-To: <20201209084333.22422-3-abner.chang@hpe.com> Subject: =?UTF-8?B?5Zue5aSNOiBbZWRrMi1kZXZlbF0gW1BBVENIIDIvMl0gUmVkZmlzaFBrZy9SZWRmaXNoQ3JlZGVudGlhbER4ZTogRURLSUkgUmVkZmlzaCBDcmVkZW50aWFsIERYRSBkcml2ZXI=?= Date: Thu, 10 Dec 2020 10:00:27 +0800 Message-ID: <004a01d6ce98$3b62a640$b227f2c0$@byosoft.com.cn> MIME-Version: 1.0 X-Mailer: Microsoft Outlook 16.0 Thread-Index: AQFeS6/tR+kmcZWYubXhu59WAzgNBgGnfWjDqtNcxuA= Content-Type: text/plain; charset="gb2312" Content-Transfer-Encoding: quoted-printable Content-Language: zh-cn Abner: For RedfishCredentialDxe module, please remove unused library class PrintLib, UefiLib, UefiRuntimeServicesTableLib.=20 Thanks Liming > -----=D3=CA=BC=FE=D4=AD=BC=FE----- > =B7=A2=BC=FE=C8=CB: bounce+27952+68538+4905953+8761045@groups.io > =B4=FA=B1=ED Abner Chang > =B7=A2=CB=CD=CA=B1=BC=E4: 2020=C4=EA12=D4=C29=C8=D5 16:44 > =CA=D5=BC=FE=C8=CB: devel@edk2.groups.io > =B3=AD=CB=CD: Nickle Wang ; Peter O'Hanley > > =D6=F7=CC=E2: [edk2-devel] [PATCH 2/2] RedfishPkg/RedfishCredentialDxe: = EDKII > Redfish Credential DXE driver >=20 > EDKII Redfish Credential DXE driver which abstracts platform Redfish > credential implementation. >=20 > Signed-off-by: Jiaxin Wu > Signed-off-by: Ting Ye > Signed-off-by: Siyuan Fu > Signed-off-by: Fan Wang > Signed-off-by: Abner Chang >=20 > Cc: Nickle Wang > Cc: Peter O'Hanley > --- > .../Include/Library/RedfishCredentialLib.h | 91 ++++++++ > .../PlatformCredentialLibNull.c | 101 +++++++++ > .../PlatformCredentialLibNull.inf | 30 +++ > RedfishPkg/Redfish.fdf.inc | 1 + > RedfishPkg/RedfishComponents.dsc.inc | 1 + > .../RedfishCredentialDxe.c | 209 > ++++++++++++++++++ > .../RedfishCredentialDxe.h | 75 +++++++ > .../RedfishCredentialDxe.inf | 51 +++++ > RedfishPkg/RedfishPkg.dec | 4 + > RedfishPkg/RedfishPkg.dsc | 2 + > 10 files changed, 565 insertions(+) > create mode 100644 RedfishPkg/Include/Library/RedfishCredentialLib.h > create mode 100644 > RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNull.c > create mode 100644 > RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNull.i= nf > create mode 100644 > RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.c > create mode 100644 > RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.h > create mode 100644 > RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.inf >=20 > diff --git a/RedfishPkg/Include/Library/RedfishCredentialLib.h > b/RedfishPkg/Include/Library/RedfishCredentialLib.h > new file mode 100644 > index 0000000000..dac1b3303f > --- /dev/null > +++ b/RedfishPkg/Include/Library/RedfishCredentialLib.h > @@ -0,0 +1,91 @@ > +/** @file > + Definitinos of RedfishHostInterfaceDxe driver. > + > + (C) Copyright 2020 Hewlett Packard Enterprise Development LP
> + > + SPDX-License-Identifier: BSD-2-Clause-Patent > + > +**/ > +#ifndef REDFISH_CREDENTIAL_LIB_H_ > +#define REDFISH_CREDENTIAL_LIB_H_ > + > +#include > + > +/** > + Notification of Exit Boot Service. > + > + @param[in] This Pointer to > EDKII_REDFISH_CREDENTIAL_PROTOCOL. > +**/ > +VOID > +EFIAPI > +LibCredentialExitBootServicesNotify ( > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This > +); > + > +/** > + Notification of End of DXe. > + > + @param[in] This Pointer to > EDKII_REDFISH_CREDENTIAL_PROTOCOL. > +**/ > +VOID > +EFIAPI > +LibCredentialEndOfDxeNotify ( > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This > +); > + > +/** > + Retrieve platform's Redfish authentication information. > + > + This functions returns the Redfish authentication method together wit= h > the user Id and > + password. > + - For AuthMethodNone, the UserId and Password could be used for HTTP > header authentication > + as defined by RFC7235. > + - For AuthMethodRedfishSession, the UserId and Password could be used > for Redfish > + session login as defined by Redfish API specification (DSP0266). > + > + Callers are responsible for and freeing the returned string storage. > + > + @param[in] This Pointer to > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > + @param[out] AuthMethod Type of Redfish authentication > method. > + @param[out] UserId The pointer to store the returned > UserId string. > + @param[out] Password The pointer to store the returned > Password string. > + > + @retval EFI_SUCCESS Get the authentication information > successfully. > + @retval EFI_ACCESS_DENIED SecureBoot is disabled after > EndOfDxe. > + @retval EFI_INVALID_PARAMETER This or AuthMethod or UserId or > Password is NULL. > + @retval EFI_OUT_OF_RESOURCES There are not enough memory > resources. > + @retval EFI_UNSUPPORTED Unsupported authentication > method is found. > + > +**/ > +EFI_STATUS > +EFIAPI > +LibCredentialGetAuthInfo ( > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > + OUT EDKII_REDFISH_AUTH_METHOD *AuthMethod, > + OUT CHAR8 **UserId, > + OUT CHAR8 **Password > +); > + > +/** > + Notify the Redfish service provide to stop provide configuration service to > this platform. > + > + This function should be called when the platfrom is about to leave th= e safe > environment. > + It will notify the Redfish service provider to abort all logined session, and > prohibit > + further login with original auth info. GetAuthInfo() will return > EFI_UNSUPPORTED once this > + function is returned. > + > + @param[in] This Pointer to > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > + @param[in] ServiceStopType Reason of stopping Redfish service. > + > + @retval EFI_SUCCESS Service has been stoped > successfully. > + @retval EFI_INVALID_PARAMETER This is NULL. > + @retval Others Some error happened. > + > +**/ > +EFI_STATUS > +EFIAPI > +LibStopRedfishService ( > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > + IN EDKII_REDFISH_CREDENTIAL_STOP_SERVICE_TYPE > ServiceStopType > +); > +#endif > diff --git > a/RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNull= .c > b/RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNull= .c > new file mode 100644 > index 0000000000..39de622d59 > --- /dev/null > +++ > b/RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNull= .c > @@ -0,0 +1,101 @@ > +/** @file > + NULL instace of RedfishPlatformCredentialLib > + > + (C) Copyright 2020 Hewlett Packard Enterprise Development LP
> + > + SPDX-License-Identifier: BSD-2-Clause-Patent > + > +**/ > +#include > +#include > +/** > + Notification of Exit Boot Service. > + > + @param[in] This Pointer to > EDKII_REDFISH_CREDENTIAL_PROTOCOL. > +**/ > +VOID > +EFIAPI > +LibCredentialExitBootServicesNotify ( > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This > +) > +{ > + return; > +} > + > +/** > + Notification of End of DXe. > + > + @param[in] This Pointer to > EDKII_REDFISH_CREDENTIAL_PROTOCOL. > +**/ > +VOID > +EFIAPI > +LibCredentialEndOfDxeNotify ( > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This > +) > +{ > + return; > +} > + > +/** > + Retrieve platform's Redfish authentication information. > + > + This functions returns the Redfish authentication method together wit= h > the user Id and > + password. > + - For AuthMethodNone, the UserId and Password could be used for HTTP > header authentication > + as defined by RFC7235. > + - For AuthMethodRedfishSession, the UserId and Password could be used > for Redfish > + session login as defined by Redfish API specification (DSP0266). > + > + Callers are responsible for and freeing the returned string storage. > + > + @param[in] This Pointer to > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > + @param[out] AuthMethod Type of Redfish authentication > method. > + @param[out] UserId The pointer to store the returned > UserId string. > + @param[out] Password The pointer to store the returned > Password string. > + > + @retval EFI_SUCCESS Get the authentication information > successfully. > + @retval EFI_ACCESS_DENIED SecureBoot is disabled after > EndOfDxe. > + @retval EFI_INVALID_PARAMETER This or AuthMethod or UserId or > Password is NULL. > + @retval EFI_OUT_OF_RESOURCES There are not enough memory > resources. > + @retval EFI_UNSUPPORTED Unsupported authentication > method is found. > + > +**/ > +EFI_STATUS > +EFIAPI > +LibCredentialGetAuthInfo ( > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > + OUT EDKII_REDFISH_AUTH_METHOD *AuthMethod, > + OUT CHAR8 **UserId, > + OUT CHAR8 **Password > +) > +{ > + return EFI_UNSUPPORTED; > +} > + > +/** > + Notify the Redfish service provide to stop provide configuration service to > this platform. > + > + This function should be called when the platfrom is about to leave th= e safe > environment. > + It will notify the Redfish service provider to abort all logined session, and > prohibit > + further login with original auth info. GetAuthInfo() will return > EFI_UNSUPPORTED once this > + function is returned. > + > + @param[in] This Pointer to > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > + @param[in] ServiceStopType Reason of stopping Redfish service. > + > + @retval EFI_SUCCESS Service has been stoped > successfully. > + @retval EFI_INVALID_PARAMETER This is NULL or given the worng > ServiceStopType. > + @retval EFI_UNSUPPORTED Not support to stop Redfish > service. > + @retval Others Some error happened. > + > +**/ > +EFI_STATUS > +EFIAPI > +LibStopRedfishService ( > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > + IN EDKII_REDFISH_CREDENTIAL_STOP_SERVICE_TYPE > ServiceStopType > + ) > +{ > + return EFI_UNSUPPORTED; > +} > + > diff --git > a/RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNull.i= nf > b/RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNull.i= nf > new file mode 100644 > index 0000000000..4c22e89718 > --- /dev/null > +++ > b/RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNull.i= nf > @@ -0,0 +1,30 @@ > +## @file > +# NULL instance of RedfishPlatformCredentialLib > +# > +# (C) Copyright 2020 Hewlett Packard Enterprise Development LP
> +# > +# SPDX-License-Identifier: BSD-2-Clause-Patent > +# > +## > + > +[Defines] > + INF_VERSION =3D 0x0001000b > + BASE_NAME =3D > RedfishPlatformCredentialLibNull > + FILE_GUID =3D > CA3BD843-0BDD-4EE0-A38A-B45CA663114F > + MODULE_TYPE =3D DXE_DRIVER > + VERSION_STRING =3D 1.0 > + LIBRARY_CLASS =3D RedfishPlatformCredentialLib > + > +# > +# VALID_ARCHITECTURES =3D IA32 X64 ARM AARCH64 > RISCV64 > +# > + > +[Sources] > + PlatformCredentialLibNull.c > + > +[Packages] > + MdePkg/MdePkg.dec > + MdeModulePkg/MdeModulePkg.dec > + RedfishPkg/RedfishPkg.dec > + > + > diff --git a/RedfishPkg/Redfish.fdf.inc b/RedfishPkg/Redfish.fdf.inc > index 19de479a80..24e32e0abf 100644 > --- a/RedfishPkg/Redfish.fdf.inc > +++ b/RedfishPkg/Redfish.fdf.inc > @@ -13,4 +13,5 @@ > !if $(REDFISH_ENABLE) =3D=3D TRUE > INF RedfishPkg/RestJsonStructureDxe/RestJsonStructureDxe.inf > INF RedfishPkg/RedfishHostInterfaceDxe/RedfishHostInterfaceDxe.inf > + INF RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.inf > !endif > diff --git a/RedfishPkg/RedfishComponents.dsc.inc > b/RedfishPkg/RedfishComponents.dsc.inc > index ac1b57ed8f..ff32653ec8 100644 > --- a/RedfishPkg/RedfishComponents.dsc.inc > +++ b/RedfishPkg/RedfishComponents.dsc.inc > @@ -15,4 +15,5 @@ > !if $(REDFISH_ENABLE) =3D=3D TRUE > RedfishPkg/RestJsonStructureDxe/RestJsonStructureDxe.inf > RedfishPkg/RedfishHostInterfaceDxe/RedfishHostInterfaceDxe.inf > + RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.inf > !endif > diff --git a/RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.c > b/RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.c > new file mode 100644 > index 0000000000..f48d1d011c > --- /dev/null > +++ b/RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.c > @@ -0,0 +1,209 @@ > +/** @file > + RedfishCrentialDxe produces the EdkIIRedfishCredentialProtocol for th= e > consumer > + to get the Redfish credential Info and to restrict Redfish access fro= m UEFI > side. > + > + (C) Copyright 2020 Hewlett Packard Enterprise Development LP
> + > + SPDX-License-Identifier: BSD-2-Clause-Patent > + > +**/ > + > +#include > + > +EDKII_REDFISH_CREDENTIAL_PROTOCOL mRedfishCredentialProtocol =3D { > + RedfishCredentialGetAuthInfo, > + RedfishCredentialStopService > +}; > + > +/** > + Callback function executed when the ExitBootServices event group is > signaled. > + > + @param[in] Event Event whose notification function is being > invoked. > + @param[out] Context Pointer to the buffer pass in. > +**/ > +VOID > +EFIAPI > +RedfishCredentialExitBootServicesEventNotify ( > + IN EFI_EVENT Event, > + OUT VOID *Context > + ) > +{ > + LibCredentialExitBootServicesNotify > ((EDKII_REDFISH_CREDENTIAL_PROTOCOL *)Context); > +} > + > +/** > + Callback function executed when the EndOfDxe event group is signaled. > + > + @param[in] Event Event whose notification function is being > invoked. > + @param[out] Context Pointer to the buffer pass in. > +**/ > +VOID > +EFIAPI > +RedfishCredentialEndOfDxeEventNotify ( > + IN EFI_EVENT Event, > + OUT VOID *Context > + ) > +{ > + LibCredentialEndOfDxeNotify ((EDKII_REDFISH_CREDENTIAL_PROTOCOL > *)Context); > + > + // > + // Close event, so it will not be invoked again. > + // > + gBS->CloseEvent (Event); > +} > + > +/** > + Retrieve platform's Redfish authentication information. > + > + This functions returns the Redfish authentication method together wit= h > the user Id and > + password. > + - For AuthMethodNone, the UserId and Password could be used for HTTP > header authentication > + as defined by RFC7235. > + - For AuthMethodRedfishSession, the UserId and Password could be used > for Redfish > + session login as defined by Redfish API specification (DSP0266). > + > + Callers are responsible for and freeing the returned string storage. > + > + @param[in] This Pointer to > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > + @param[out] AuthMethod Type of Redfish authentication > method. > + @param[out] UserId The pointer to store the returned > UserId string. > + @param[out] Password The pointer to store the returned > Password string. > + > + @retval EFI_SUCCESS Get the authentication information > successfully. > + @retval EFI_ACCESS_DENIED SecureBoot is disabled after > EndOfDxe. > + @retval EFI_INVALID_PARAMETER This or AuthMethod or UserId or > Password is NULL. > + @retval EFI_OUT_OF_RESOURCES There are not enough memory > resources. > + @retval EFI_UNSUPPORTED Unsupported authentication > method is found. > + > +**/ > +EFI_STATUS > +EFIAPI > +RedfishCredentialGetAuthInfo ( > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > + OUT EDKII_REDFISH_AUTH_METHOD *AuthMethod, > + OUT CHAR8 **UserId, > + OUT CHAR8 **Password > + ) > +{ > + if (This =3D=3D NULL || AuthMethod =3D=3D NULL || UserId =3D=3D NULL = || Password > =3D=3D NULL) { > + return EFI_INVALID_PARAMETER; > + } > + > + return LibCredentialGetAuthInfo (This, AuthMethod, UserId,Password); > +} > + > +/** > + Notify the Redfish service provide to stop provide configuration service to > this platform. > + > + This function should be called when the platfrom is about to leave th= e safe > environment. > + It will notify the Redfish service provider to abort all logined session, and > prohibit > + further login with original auth info. GetAuthInfo() will return > EFI_UNSUPPORTED once this > + function is returned. > + > + @param[in] This Pointer to > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > + @param[in] ServiceStopType Reason of stopping Redfish service. > + > + @retval EFI_SUCCESS Service has been stoped > successfully. > + @retval EFI_INVALID_PARAMETER This is NULL or given the worng > ServiceStopType. > + @retval EFI_UNSUPPORTED Not support to stop Redfish > service. > + @retval Others Some error happened. > + > +**/ > +EFI_STATUS > +EFIAPI > +RedfishCredentialStopService ( > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > + IN EDKII_REDFISH_CREDENTIAL_STOP_SERVICE_TYPE > ServiceStopType > + ) > +{ > + if (This =3D=3D NULL) { > + return EFI_INVALID_PARAMETER; > + } > + > + return LibStopRedfishService (This, ServiceStopType); > +} > + > +/** > + Main entry for this driver. > + > + @param ImageHandle Image handle this driver. > + @param SystemTable Pointer to SystemTable. > + > + @retval EFI_SUCESS This function always complete successfully. > + > +**/ > +EFI_STATUS > +EFIAPI > +RedfishCredentialDxeDriverEntryPoint ( > + IN EFI_HANDLE ImageHandle, > + IN EFI_SYSTEM_TABLE *SystemTable > + ) > +{ > + EFI_STATUS Status; > + EFI_HANDLE Handle; > + EFI_EVENT EndOfDxeEvent; > + EFI_EVENT ExitBootServiceEvent; > + > + Handle =3D NULL; > + > + // > + // Install the RedfishCredentialProtocol onto Handle. > + // > + Status =3D gBS->InstallMultipleProtocolInterfaces ( > + &Handle, > + &gEdkIIRedfishCredentialProtocolGuid, > + &mRedfishCredentialProtocol, > + NULL > + ); > + if (EFI_ERROR (Status)) { > + return Status; > + } > + > + // > + // After EndOfDxe, if SecureBoot is disabled, Redfish Credential Protocol > should return > + // error code to caller to avoid the 3rd code to bypass Redfish Credential > Protocol and > + // retrieve userid/pwd directly. So, here, we create EndOfDxe Event t= o > check SecureBoot > + // status. > + // > + Status =3D gBS->CreateEventEx ( > + EVT_NOTIFY_SIGNAL, > + TPL_CALLBACK, > + RedfishCredentialEndOfDxeEventNotify, > + (VOID *)&mRedfishCredentialProtocol, > + &gEfiEndOfDxeEventGroupGuid, > + &EndOfDxeEvent > + ); > + if (EFI_ERROR (Status)) { > + goto ON_ERROR; > + } > + > + // > + // After ExitBootServices, Redfish Credential Protocol should stop th= e > service. > + // So, here, we create ExitBootService Event to stop service. > + // > + Status =3D gBS->CreateEventEx ( > + EVT_NOTIFY_SIGNAL, > + TPL_CALLBACK, > + RedfishCredentialExitBootServicesEventNotify, > + (VOID *)&mRedfishCredentialProtocol, > + &gEfiEventExitBootServicesGuid, > + &ExitBootServiceEvent > + ); > + if (EFI_ERROR (Status)) { > + gBS->CloseEvent (EndOfDxeEvent); > + goto ON_ERROR; > + } > + > + return EFI_SUCCESS; > + > +ON_ERROR: > + > + gBS->UninstallMultipleProtocolInterfaces ( > + Handle, > + &gEdkIIRedfishCredentialProtocolGuid, > + &mRedfishCredentialProtocol, > + NULL > + ); > + > + return Status; > +} > diff --git a/RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.h > b/RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.h > new file mode 100644 > index 0000000000..6e7e417b33 > --- /dev/null > +++ b/RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.h > @@ -0,0 +1,75 @@ > +/** @file > + Definition of Redfish Credential DXE driver. > + > + (C) Copyright 2020 Hewlett Packard Enterprise Development LP
> + > + SPDX-License-Identifier: BSD-2-Clause-Patent > + > +**/ > +#ifndef EDKII_REDFISH_CREDENTIAL_DXE_H_ > +#define EDKII_REDFISH_CREDENTIAL_DXE_H_ > + > +#include > + > +#include > +#include > +#include > +#include > +#include > +#include > + > +/** > + Retrieve platform's Redfish authentication information. > + > + This functions returns the Redfish authentication method together wit= h > the user Id and > + password. > + - For AuthMethodNone, the UserId and Password could be used for HTTP > header authentication > + as defined by RFC7235. > + - For AuthMethodRedfishSession, the UserId and Password could be used > for Redfish > + session login as defined by Redfish API specification (DSP0266). > + > + Callers are responsible for and freeing the returned string storage. > + > + @param[in] This Pointer to > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > + @param[out] AuthMethod Type of Redfish authentication > method. > + @param[out] UserId The pointer to store the returned > UserId string. > + @param[out] Password The pointer to store the returned > Password string. > + > + @retval EFI_SUCCESS Get the authentication information > successfully. > + @retval EFI_ACCESS_DENIED SecureBoot is disabled after > EndOfDxe. > + @retval EFI_INVALID_PARAMETER This or AuthMethod or UserId or > Password is NULL. > + @retval EFI_OUT_OF_RESOURCES There are not enough memory > resources. > + @retval EFI_UNSUPPORTED Unsupported authentication > method is found. > + > +**/ > +EFI_STATUS > +EFIAPI > +RedfishCredentialGetAuthInfo ( > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > + OUT EDKII_REDFISH_AUTH_METHOD *AuthMethod, > + OUT CHAR8 **UserId, > + OUT CHAR8 **Password > + ); > + > +/** > + Notify the Redfish service provide to stop provide configuration service to > this platform. > + > + This function should be called when the platfrom is about to leave th= e safe > environment. > + It will notify the Redfish service provider to abort all logined session, and > prohibit > + further login with original auth info. GetAuthInfo() will return > EFI_UNSUPPORTED once this > + function is returned. > + > + @param[in] This Pointer to > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > + > + @retval EFI_SUCCESS Service has been stoped > successfully. > + @retval EFI_INVALID_PARAMETER This is NULL. > + @retval Others Some error happened. > + > +**/ > +EFI_STATUS > +EFIAPI > +RedfishCredentialStopService ( > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > + IN EDKII_REDFISH_CREDENTIAL_STOP_SERVICE_TYPE > ServiceStopType > + ); > +#endif > diff --git a/RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.inf > b/RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.inf > new file mode 100644 > index 0000000000..707d9a04d9 > --- /dev/null > +++ b/RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.inf > @@ -0,0 +1,51 @@ > +## @file > +# RedfishCredentialDxe is required to produce the > +# EdkII RedfishCredentialProtocol for the consumer to get the Redfish > +# credential Info and to restrict Redfish access from UEFI side. > +# > +# (C) Copyright 2020 Hewlett Packard Enterprise Development LP
> +# SPDX-License-Identifier: BSD-2-Clause-Patent > +# > +## > + > +[Defines] > + INF_VERSION =3D 0x0001000b > + BASE_NAME =3D RedfishCredentialDxe > + FILE_GUID =3D > 458CE95A-4942-09A9-5D21-A6B16D5DAD7F > + MODULE_TYPE =3D DXE_DRIVER > + VERSION_STRING =3D 1.0 > + ENTRY_POINT =3D > RedfishCredentialDxeDriverEntryPoint > + > +# > +# VALID_ARCHITECTURES =3D IA32 X64 ARM AARCH64 > RISCV64 > +# > + > +[Sources] > + RedfishCredentialDxe.c > + RedfishCredentialDxe.h > + > +[Packages] > + MdePkg/MdePkg.dec > + MdeModulePkg/MdeModulePkg.dec > + RedfishPkg/RedfishPkg.dec > + > +[LibraryClasses] > + BaseLib > + DebugLib > + PrintLib > + RedfishPlatformCredentialLib > + UefiBootServicesTableLib > + UefiDriverEntryPoint > + UefiRuntimeServicesTableLib > + UefiLib > + > +[Protocols] > + gEdkIIRedfishCredentialProtocolGuid ## BY_START > + > + > +[Guids] > + gEfiEndOfDxeEventGroupGuid ## CONSUMES ## Event > + gEfiEventExitBootServicesGuid ## CONSUMES ## Event > + > +[Depex] > + TRUE > diff --git a/RedfishPkg/RedfishPkg.dec b/RedfishPkg/RedfishPkg.dec > index 861f6dd0c8..fc56b4fefb 100644 > --- a/RedfishPkg/RedfishPkg.dec > +++ b/RedfishPkg/RedfishPkg.dec > @@ -21,6 +21,10 @@ > # Platform implementation-specific Redfish Host Interface. >=20 > RedfishPlatformHostInterfaceLib|Include/Library/RedfishHostInterfaceLib.= h >=20 > + ## @libraryclass Platform Redfish Credential Library > + # Platform implementation-specific Redfish Credential Interface. > + RedfishPlatformCredentialLib|Include/Library/RedfishCredentialLib.h > + > [Protocols] > ## Include/Protocol/RedfishDiscover.h > gEfiRedfishDiscoverProtocolGuid =3D { 0x5db12509, 0x4550, 0x4347= , > { 0x96, 0xb3, 0x73, 0xc0, 0xff, 0x6e, 0x86, 0x9f }} > diff --git a/RedfishPkg/RedfishPkg.dsc b/RedfishPkg/RedfishPkg.dsc > index 94e7127bc6..f7d5b90918 100644 > --- a/RedfishPkg/RedfishPkg.dsc > +++ b/RedfishPkg/RedfishPkg.dsc > @@ -32,6 +32,7 @@ >=20 > DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/Base > DebugPrintErrorLevelLib.inf > PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf >=20 > RedfishPlatformHostInterfaceLib|RedfishPkg/Library/PlatformHostInterface= Li > bNull/PlatformHostInterfaceLibNull.inf > + > RedfishPlatformCredentialLib|RedfishPkg/Library/PlatformCredentialLibNull/= P > latformCredentialLibNull.inf >=20 > [LibraryClasses.ARM, LibraryClasses.AARCH64] > # > @@ -43,5 +44,6 @@ >=20 > [Components] >=20 > RedfishPkg/Library/PlatformHostInterfaceLibNull/PlatformHostInterfaceLib= Nu > ll.inf > + > RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNull.i= nf >=20 > !include RedfishPkg/Redfish.dsc.inc > -- > 2.17.1 >=20 >=20 >=20 >=20 >=20