From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 33400740035 for ; Sat, 30 Dec 2023 11:29:53 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=4Vg9seBsbec3+WpjY7TJHPqx2HB4K/X8KIBRGgCpkm4=; c=relaxed/simple; d=groups.io; h=ARC-Seal:ARC-Message-Signature:ARC-Authentication-Results:Received-SPF:From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding:Content-Type; s=20140610; t=1703935791; v=1; b=FlKW8NXLsz1hXbjtEp1ToSu8ZrDpMqtxWKHwYenn23QaE4kj8g0HUSFnbzJFXv1j39WWKFn5 lbm1W8Zypy4/yO7abdrD4IZq12UsufC4CsvBd0yzmjcD4oThndd7DWFQ8a43Q28yPv+TkAAyLde 26DnLEzOovaqItol+djHCwFQ= X-Received: by 127.0.0.2 with SMTP id PHCxYY7687511xjF2nUoQFXw; Sat, 30 Dec 2023 03:29:51 -0800 X-Received: from NAM10-DM6-obe.outbound.protection.outlook.com (NAM10-DM6-obe.outbound.protection.outlook.com [40.107.93.72]) by mx.groups.io with SMTP id smtpd.web10.182609.1703935791066136916 for ; Sat, 30 Dec 2023 03:29:51 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cuhSgzDgiZPSOqh1bn7nTzpvOpHZSx+CdT5ZqCguJP+5MWiz5WhtnR4P8vBlifDGPrE39e2hUImmR98Xv5uACW3EOs+qFDaFfsWhodXgjAtC93BnDZgFY9oZExe7BPktb+CIbrydYxsVJbHOFzFEhx+Keb80ihF+Af9fZNFqhKEP6DjC9B/npv43syULM4FuIO3Bjxeo5b07vfFSNMMnAvd4C7NBgY98XfLcIOEWYn+q6/2z7/0ZN2Qd3G8I1Yq12oaff/G/T1/u8cGWK57XRTSfOT211Bnd8NYaSBqG1MWNUKvexc6rvAYH+S0KvklB3wTZMwEdb8Gw1czspCVapQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=poFr52TyTO6i/77d4OhmL6bwT0wvPMiltZ/vct40Tdo=; b=b/UTGHQcL3TKEpaK71MHcILywGWEYLgWJLuFrEBPSz3DxkBymGTQsVuwVMkPx80vxP4A8H+IBcLn0yvuw43uMbY1IXi1nyarS5LYrTUIvBSJwKtUEFikYalYTDEC5FS+1/pQy/X/+EBO/NJkUSxAZa0kd511Tu5CkBDkVOczoOrl8pjbb9w+ckZARQZpNQyqinLhJuEKcinw6TCrhqwS7N7u1iIUQFC57omb7sCCW1aiawOi1H3cEpt4lkv1ye0IxO0sfbgas+5CScIl/4Gp30SKCKnq0Y5CVhhhfJxuQyTM79+rtTBUtC8LliUhC3cPN874R7TVGvfoDYbz/KHprw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) X-Received: from DM6PR08CA0058.namprd08.prod.outlook.com (2603:10b6:5:1e0::32) by MN2PR12MB4189.namprd12.prod.outlook.com (2603:10b6:208:1d8::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22; Sat, 30 Dec 2023 11:29:47 +0000 X-Received: from DS1PEPF00017092.namprd03.prod.outlook.com (2603:10b6:5:1e0:cafe::35) by DM6PR08CA0058.outlook.office365.com (2603:10b6:5:1e0::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.20 via Frontend Transport; Sat, 30 Dec 2023 11:29:47 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C X-Received: from SATLEXMB04.amd.com (165.204.84.17) by DS1PEPF00017092.mail.protection.outlook.com (10.167.17.135) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 11:29:46 +0000 X-Received: from TPE-L1-ABNCHANG.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 05:29:44 -0600 From: "Chang, Abner via groups.io" To: CC: Saloni Kasbekar , Zachary Clark-williams , Michael Brown , Nickle Wang , Igor Kulchytskyy Subject: [edk2-devel] [PATCH 1/5] NetworkPkg/HttpDxe: Refactor TlsCreateChild function Date: Sat, 30 Dec 2023 19:29:25 +0800 Message-ID: <20231230112929.1711-2-abner.chang@amd.com> In-Reply-To: <20231230112929.1711-1-abner.chang@amd.com> References: <20231230112929.1711-1-abner.chang@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS1PEPF00017092:EE_|MN2PR12MB4189:EE_ X-MS-Office365-Filtering-Correlation-Id: 5e0c761b-d46a-4548-f525-08dc092aa0bb X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: pRT6toszUjSlAC35l+d043jFnIv3V4JZ/kr858PYbJJtY60W26EL2EF0k4IB7Es69xKQw57bsXMLxo/iXLFooJc11Mt5EVscMED/53Rqydr8QaVcI8HE+BAeyavBm2gWbXBihlZA66dRT5m+z6HTIn6iSm1McWDJ4emCE7U+gqNJ9fVUmWp4mcy1nhk+KUIHRiQyKq3+YvjS7J3EzUgYWVTlGiKejl97begqa6dqjfWbmuXkzSVziNr5V3NE64mV7g9vaaYxpkCdLGtcNR8uoG2B9tfBxD9RT6/ZzNbukMnVHcT7sUa2NXjwJAV4ddUeywazZW/0vYrqVmF92mY7TsjQOcbit7TKwuXDXgUZiI2MeS/RYF6O6/0hfTrqrCi+iB7slqW+o/lVQY6tjd2iu9dhd2/LOD/AoBA7LrE02J5g8gcm34jVQ49F1ivGEmrkSKP+XKDLvLRG6hmzkpxKaTksS8vSD2qA0J32glH7mG7F55T8D/lz8Qs0xYOAYW0dFa6jJCdS2RVG88aOV0lyD/kRcB/BI+EnlHcGKaZnBCirjbLhxTQYnDruCTv9/oZgHwDt9g1iSlFKAX7xvQZBWYt39NR0fdj9aigdrt8lFUNbrQEkdxQuUyVIKSqdeuOrHU1xEMvs//zCYFt3ykxAOPnodwiXjF3KV2/2CpxExS+/IXRzYDSS7pPv7/cPdONyjHNyBM6dhOx0ZMN9F+pN/qPevFUPHvBMePGcK5ONCD4NrrCh4tzxCKcwregaNwGHEdHdsEnUuVKY5rywi7h+i1mMT25siuFmRNNqXZV/hBFfDRmSvXskHMcp0Al4xDiL X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 11:29:46.8935 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 5e0c761b-d46a-4548-f525-08dc092aa0bb X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS1PEPF00017092.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR12MB4189 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,abner.chang@amd.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: 0PpmGRiUKd1GIXPCYkX1C88Kx7686176AA= Content-Transfer-Encoding: quoted-printable Content-Type: text/plain X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=FlKW8NXL; dmarc=none; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io; arc=reject ("signature check failed: fail, {[1] = sig:microsoft.com:reject}") From: Abner Chang - Use HTTP instance as the parameter for TlsCreateChild function. - Install TLS protocol on the HTTP instance that creates TLS child. Signed-off-by: Abner Chang Cc: Saloni Kasbekar Cc: Zachary Clark-williams Cc: Michael Brown Cc: Nickle Wang Cc: Igor Kulchytskyy --- NetworkPkg/HttpDxe/HttpsSupport.h | 17 +++---- NetworkPkg/HttpDxe/HttpImpl.c | 20 ++------- NetworkPkg/HttpDxe/HttpsSupport.c | 75 +++++++++++++++++-------------- 3 files changed, 52 insertions(+), 60 deletions(-) diff --git a/NetworkPkg/HttpDxe/HttpsSupport.h b/NetworkPkg/HttpDxe/HttpsSu= pport.h index 3c70825e8c3..326a4e50120 100644 --- a/NetworkPkg/HttpDxe/HttpsSupport.h +++ b/NetworkPkg/HttpDxe/HttpsSupport.h @@ -30,21 +30,18 @@ IsHttpsUrl ( /** Creates a Tls child handle, open EFI_TLS_PROTOCOL and EFI_TLS_CONFIGURAT= ION_PROTOCOL. =20 - @param[in] ImageHandle The firmware allocated handle for the = UEFI image. - @param[out] TlsSb Pointer to the TLS SERVICE_BINDING_PRO= TOCOL. - @param[out] TlsProto Pointer to the EFI_TLS_PROTOCOL instan= ce. - @param[out] TlsConfiguration Pointer to the EFI_TLS_CONFIGURATION_P= ROTOCOL instance. + @param[in] HttpInstance Pointer to HTTP_PROTOCOL structure. =20 - @return The child handle with opened EFI_TLS_PROTOCOL and EFI_TLS_CONFI= GURATION_PROTOCOL. + @return EFI_SUCCESS TLS child handle is returned in HttpInstance= ->TlsChildHandle + with opened EFI_TLS_PROTOCOL and EFI_TLS_CON= FIGURATION_PROTOCOL. + EFI_DEVICE_ERROR TLS service binding protocol is not found. + Otherwise Fail to create TLS chile handle. =20 **/ -EFI_HANDLE +EFI_STATUS EFIAPI TlsCreateChild ( - IN EFI_HANDLE ImageHandle, - OUT EFI_SERVICE_BINDING_PROTOCOL **TlsSb, - OUT EFI_TLS_PROTOCOL **TlsProto, - OUT EFI_TLS_CONFIGURATION_PROTOCOL **TlsConfiguration + IN HTTP_PROTOCOL *HttpInstance ); =20 /** diff --git a/NetworkPkg/HttpDxe/HttpImpl.c b/NetworkPkg/HttpDxe/HttpImpl.c index 7c5c925cf78..aa4efedbf6b 100644 --- a/NetworkPkg/HttpDxe/HttpImpl.c +++ b/NetworkPkg/HttpDxe/HttpImpl.c @@ -248,7 +248,6 @@ EfiHttpRequest ( HTTP_TOKEN_WRAP *Wrap; CHAR8 *FileUrl; UINTN RequestMsgSize; - EFI_HANDLE ImageHandle; =20 // // Initializations @@ -372,22 +371,9 @@ EfiHttpRequest ( // Check whether we need to create Tls child and open the TLS protocol= . // if (HttpInstance->UseHttps && (HttpInstance->TlsChildHandle =3D=3D NUL= L)) { - // - // Use TlsSb to create Tls child and open the TLS protocol. - // - if (HttpInstance->LocalAddressIsIPv6) { - ImageHandle =3D HttpInstance->Service->Ip6DriverBindingHandle; - } else { - ImageHandle =3D HttpInstance->Service->Ip4DriverBindingHandle; - } - - HttpInstance->TlsChildHandle =3D TlsCreateChild ( - ImageHandle, - &(HttpInstance->TlsSb), - &(HttpInstance->Tls), - &(HttpInstance->TlsConfiguration) - ); - if (HttpInstance->TlsChildHandle =3D=3D NULL) { + // Create TLS child for this HTTP instance. + Status =3D TlsCreateChild (HttpInstance); + if (EFI_ERROR (Status)) { return EFI_DEVICE_ERROR; } =20 diff --git a/NetworkPkg/HttpDxe/HttpsSupport.c b/NetworkPkg/HttpDxe/HttpsSu= pport.c index 7330be42c00..fb7c1ea59f2 100644 --- a/NetworkPkg/HttpDxe/HttpsSupport.c +++ b/NetworkPkg/HttpDxe/HttpsSupport.c @@ -134,27 +134,31 @@ IsHttpsUrl ( /** Creates a Tls child handle, open EFI_TLS_PROTOCOL and EFI_TLS_CONFIGURAT= ION_PROTOCOL. =20 - @param[in] ImageHandle The firmware allocated handle for the = UEFI image. - @param[out] TlsSb Pointer to the TLS SERVICE_BINDING_PRO= TOCOL. - @param[out] TlsProto Pointer to the EFI_TLS_PROTOCOL instan= ce. - @param[out] TlsConfiguration Pointer to the EFI_TLS_CONFIGURATION_P= ROTOCOL instance. + @param[in] HttpInstance Pointer to HTTP_PROTOCOL structure. =20 - @return The child handle with opened EFI_TLS_PROTOCOL and EFI_TLS_CONFI= GURATION_PROTOCOL. + @return EFI_SUCCESS TLS child handle is returned in HttpInstance= ->TlsChildHandle + with opened EFI_TLS_PROTOCOL and EFI_TLS_CON= FIGURATION_PROTOCOL. + EFI_DEVICE_ERROR TLS service binding protocol is not found. + Otherwise Fail to create TLS chile handle. =20 **/ -EFI_HANDLE +EFI_STATUS EFIAPI TlsCreateChild ( - IN EFI_HANDLE ImageHandle, - OUT EFI_SERVICE_BINDING_PROTOCOL **TlsSb, - OUT EFI_TLS_PROTOCOL **TlsProto, - OUT EFI_TLS_CONFIGURATION_PROTOCOL **TlsConfiguration + IN HTTP_PROTOCOL *HttpInstance ) { + EFI_HANDLE ImageHandle; EFI_STATUS Status; - EFI_HANDLE TlsChildHandle; =20 - TlsChildHandle =3D 0; + // + // Use TlsSb to create Tls child and open the TLS protocol. + // + if (HttpInstance->LocalAddressIsIPv6) { + ImageHandle =3D HttpInstance->Service->Ip6DriverBindingHandle; + } else { + ImageHandle =3D HttpInstance->Service->Ip4DriverBindingHandle; + } =20 // // Locate TlsServiceBinding protocol. @@ -162,44 +166,49 @@ TlsCreateChild ( gBS->LocateProtocol ( &gEfiTlsServiceBindingProtocolGuid, NULL, - (VOID **)TlsSb + (VOID **)&HttpInstance->TlsSb ); - if (*TlsSb =3D=3D NULL) { - return NULL; + if (HttpInstance->TlsSb =3D=3D NULL) { + return EFI_DEVICE_ERROR; } =20 - Status =3D (*TlsSb)->CreateChild (*TlsSb, &TlsChildHandle); + // + // Create TLS protocol on HTTP handle, this creates the association betw= een HTTP and TLS + // for HTTP driver external usages. + // + Status =3D HttpInstance->TlsSb->CreateChild (HttpInstance->TlsSb, &HttpI= nstance->Handle); if (EFI_ERROR (Status)) { - return NULL; + return Status; } =20 - Status =3D gBS->OpenProtocol ( - TlsChildHandle, - &gEfiTlsProtocolGuid, - (VOID **)TlsProto, - ImageHandle, - TlsChildHandle, - EFI_OPEN_PROTOCOL_GET_PROTOCOL - ); + HttpInstance->TlsChildHandle =3D HttpInstance->Handle; + Status =3D gBS->OpenProtocol ( + HttpInstance->TlsChildHandle, + &gEfiTlsProtocolGuid, + (VOID **)&HttpInstance->Tls, + ImageHandle, + HttpInstance->TlsChildHandle, + EFI_OPEN_PROTOCOL_GET_PROTOCOL + ); if (EFI_ERROR (Status)) { - (*TlsSb)->DestroyChild (*TlsSb, TlsChildHandle); - return NULL; + HttpInstance->TlsSb->DestroyChild (HttpInstance->TlsSb, HttpInstance->= TlsChildHandle); + return Status; } =20 Status =3D gBS->OpenProtocol ( - TlsChildHandle, + HttpInstance->TlsChildHandle, &gEfiTlsConfigurationProtocolGuid, - (VOID **)TlsConfiguration, + (VOID **)&HttpInstance->TlsConfiguration, ImageHandle, - TlsChildHandle, + HttpInstance->TlsChildHandle, EFI_OPEN_PROTOCOL_GET_PROTOCOL ); if (EFI_ERROR (Status)) { - (*TlsSb)->DestroyChild (*TlsSb, TlsChildHandle); - return NULL; + HttpInstance->TlsSb->DestroyChild (HttpInstance->TlsSb, HttpInstance->= TlsChildHandle); + return Status; } =20 - return TlsChildHandle; + return EFI_SUCCESS; } =20 /** --=20 2.37.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#113005): https://edk2.groups.io/g/devel/message/113005 Mute This Topic: https://groups.io/mt/103430430/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-