From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mx0a-002e3701.pphosted.com (mx0a-002e3701.pphosted.com [148.163.147.86]) by mx.groups.io with SMTP id smtpd.web10.4184.1607506217782917455 for ; Wed, 09 Dec 2020 01:30:17 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@hpe.com header.s=pps0720 header.b=IaLAtc+3; spf=pass (domain: hpe.com, ip: 148.163.147.86, mailfrom: prvs=061271953b=abner.chang@hpe.com) Received: from pps.filterd (m0148663.ppops.net [127.0.0.1]) by mx0a-002e3701.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 0B99TpiP003062 for ; Wed, 9 Dec 2020 09:30:17 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hpe.com; h=from : to : cc : subject : date : message-id : in-reply-to : references; s=pps0720; bh=JZB/bDaQtNpUnPg7p2eiXmpmxkQ2YyZyqI85+smIVew=; b=IaLAtc+39nzQFXFVC5Ts+58bL1/bwU8Vm8poxqc+M6qRTaNUW1CXwZ6DE/mwqM8PE8kp QKOlR4AOnqRslcHC/acWHD2wBvmvJM16XemEdU+C76F2UnLJYFONKb3npRpz6YyOcLLJ aKuSJtC22r/5zuxfxODTJ7lA70pv7q4CYuWqhW7yjne+aUWy72Hk2tT6sCmxWOMyXE7g 4Qr+B6H7MnM7HEPe75yg8J5URrWQSRmhAyrMh0lcTUZTY12NdfVXy5YN58UiJoDXErkA NpGeOVKlj+6gG4A7BKWTNLJ18IBIkinTRKY5xylJSohvNbY0xgFevkwg32HdG+Xy4/GG tA== Received: from g9t5009.houston.hpe.com (g9t5009.houston.hpe.com [15.241.48.73]) by mx0a-002e3701.pphosted.com with ESMTP id 35agyhm6y8-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 09 Dec 2020 09:30:17 +0000 Received: from g9t2301.houston.hpecorp.net (g9t2301.houston.hpecorp.net [16.220.97.129]) by g9t5009.houston.hpe.com (Postfix) with ESMTP id 9DBA06F for ; Wed, 9 Dec 2020 09:30:16 +0000 (UTC) Received: from abner-virtual-machine.asiapacific.hpqcorp.net (abner-virtual-machine.asiapacific.hpqcorp.net [15.119.210.153]) by g9t2301.houston.hpecorp.net (Postfix) with ESMTP id B87C648; Wed, 9 Dec 2020 09:30:15 +0000 (UTC) From: "Abner Chang" To: devel@edk2.groups.io Cc: Nickle Wang , Peter O'Hanley Subject: [PATCH 1/2] RedfishPkg/Include: EDKII Redfish Credential Header file Date: Wed, 9 Dec 2020 16:43:32 +0800 Message-Id: <20201209084333.22422-2-abner.chang@hpe.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20201209084333.22422-1-abner.chang@hpe.com> References: <20201209084333.22422-1-abner.chang@hpe.com> X-HPE-SCL: -1 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.343,18.0.737 definitions=2020-12-09_07:2020-12-08,2020-12-09 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 phishscore=0 mlxscore=0 malwarescore=0 priorityscore=1501 suspectscore=1 adultscore=0 spamscore=0 clxscore=1015 bulkscore=0 mlxlogscore=999 lowpriorityscore=0 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2012090066 Signed-off-by: Jiaxin Wu Signed-off-by: Ting Ye Signed-off-by: Siyuan Fu Signed-off-by: Fan Wang Signed-off-by: Abner Chang Cc: Nickle Wang Cc: Peter O'Hanley --- .../Include/Protocol/EdkIIRedfishCredential.h | 101 ++++++++++++++++++ RedfishPkg/RedfishPkg.dec | 3 + 2 files changed, 104 insertions(+) create mode 100644 RedfishPkg/Include/Protocol/EdkIIRedfishCredential.h diff --git a/RedfishPkg/Include/Protocol/EdkIIRedfishCredential.h b/RedfishPkg/Include/Protocol/EdkIIRedfishCredential.h new file mode 100644 index 0000000000..34e33b1e00 --- /dev/null +++ b/RedfishPkg/Include/Protocol/EdkIIRedfishCredential.h @@ -0,0 +1,101 @@ +/** @file + This file defines the EDKII_REDFISH_CREDENTIAL_PROTOCOL interface. + + Copyright (c) 2019, Intel Corporation. All rights reserved.
+ (C) Copyright 2020 Hewlett Packard Enterprise Development LP
+ + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef EDKII_REDFISH_CREDENTIAL_H_ +#define EDKII_REDFISH_CREDENTIAL_H_ + +typedef struct _EDKII_REDFISH_CREDENTIAL_PROTOCOL EDKII_REDFISH_CREDENTIAL_PROTOCOL; + +#define EDKII_REDFISH_CREDENTIAL_PROTOCOL_GUID \ + { \ + 0x8804377, 0xaf7a, 0x4496, { 0x8a, 0x7b, 0x17, 0x59, 0x0, 0xe9, 0xab, 0x46 } \ + } + +typedef enum { + AuthMethodNone, ///< No authentication is required. + AuthMethodHttpBasic, ///< Basic authentication is required. + AuthMethodRedfishSession, ///< Session authentication is required. + AuthMethodMax +} EDKII_REDFISH_AUTH_METHOD; + +typedef enum { + ServiceStopTypeNone = 0, ///< Stop Redfsih service without reason. + ServiceStopTypeSecureBootDisabled, ///< Stop Redfsih service becasue EFI + ///< Secure Boot is disabled. + ServiceStopTypeExitBootService, ///< Stop Redfsih service becasue existing + ///< Boot Service. + ServiceStopTypeMax +} EDKII_REDFISH_CREDENTIAL_STOP_SERVICE_TYPE; + + +/** + Retrieve platform's Redfish authentication information. + + This functions returns the Redfish authentication method together with the user Id and + password. + - For AuthMethodNone, the UserId and Password could be used for HTTP header authentication + as defined by RFC7235. + - For AuthMethodRedfishSession, the UserId and Password could be used for Redfish + session login as defined by Redfish API specification (DSP0266). + + Callers are responsible for and freeing the returned string storage. + + @param[in] This Pointer to EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. + @param[out] AuthMethod Type of Redfish authentication method. + @param[out] UserId The pointer to store the returned UserId string. + @param[out] Password The pointer to store the returned Password string. + + @retval EFI_SUCCESS Get the authentication information successfully. + @retval EFI_ACCESS_DENIED SecureBoot is disabled after EndOfDxe. + @retval EFI_INVALID_PARAMETER This or AuthMethod or UserId or Password is NULL. + @retval EFI_OUT_OF_RESOURCES There are not enough memory resources. + @retval EFI_UNSUPPORTED Unsupported authentication method is found. + +**/ +typedef +EFI_STATUS +(EFIAPI *EDKII_REDFISH_CREDENTIAL_PROTOCOL_GET_AUTH_INFO) ( + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, + OUT EDKII_REDFISH_AUTH_METHOD *AuthMethod, + OUT CHAR8 **UserId, + OUT CHAR8 **Password + ); + +/** + Notify the Redfish service provide to stop provide configuration service to this platform. + + This function should be called when the platfrom is about to leave the safe environment. + It will notify the Redfish service provider to abort all logined session, and prohibit + further login with original auth info. GetAuthInfo() will return EFI_UNSUPPORTED once this + function is returned. + + @param[in] This Pointer to EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. + @param[in] ServiceStopType Reason of stopping Redfish service. + + @retval EFI_SUCCESS Service has been stoped successfully. + @retval EFI_INVALID_PARAMETER This is NULL. + @retval Others Some error happened. + +**/ +typedef +EFI_STATUS +(EFIAPI *EDKII_REDFISH_CREDENTIAL_PROTOCOL_STOP_SERVICE) ( + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, + IN EDKII_REDFISH_CREDENTIAL_STOP_SERVICE_TYPE ServiceStopType + ); + +struct _EDKII_REDFISH_CREDENTIAL_PROTOCOL { + EDKII_REDFISH_CREDENTIAL_PROTOCOL_GET_AUTH_INFO GetAuthInfo; + EDKII_REDFISH_CREDENTIAL_PROTOCOL_STOP_SERVICE StopService; +}; + +extern EFI_GUID gEdkIIRedfishCredentialProtocolGuid; + +#endif diff --git a/RedfishPkg/RedfishPkg.dec b/RedfishPkg/RedfishPkg.dec index b38e9b4789..861f6dd0c8 100644 --- a/RedfishPkg/RedfishPkg.dec +++ b/RedfishPkg/RedfishPkg.dec @@ -25,6 +25,9 @@ ## Include/Protocol/RedfishDiscover.h gEfiRedfishDiscoverProtocolGuid = { 0x5db12509, 0x4550, 0x4347, { 0x96, 0xb3, 0x73, 0xc0, 0xff, 0x6e, 0x86, 0x9f }} + ## Include/Protocol/EdkIIRedfishCredential.h + gEdkIIRedfishCredentialProtocolGuid = { 0x8804377, 0xaf7a, 0x4496, { 0x8a, 0x7b, 0x17, 0x59, 0x0, 0xe9, 0xab, 0x46 } } + [Guids] gEfiRedfishPkgTokenSpaceGuid = { 0x4fdbccb7, 0xe829, 0x4b4c, { 0x88, 0x87, 0xb2, 0x3f, 0xd7, 0x25, 0x4b, 0x85 }} -- 2.17.1