From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 00B63D81195 for ; Sat, 30 Dec 2023 11:30:01 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=4gqXHRYZIqq89kb/EhO1ZPU+T3o2qCIP1oZlHycc8LY=; c=relaxed/simple; d=groups.io; h=ARC-Seal:ARC-Message-Signature:ARC-Authentication-Results:Received-SPF:From:To:CC:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding:Content-Type; s=20140610; t=1703935800; v=1; b=ggrGWVfbjb5EL2awT/c6T8e8oSVu/XQa+myAoHo4/U7XCIhzml4o7BATw7HQuBU217mvtvmN JjgBvmtlcqUyIZhZWQxt4+wtWi7hcOLVpbRmzgV4SJO3UWGEjfm/bXEoSYxfOOLjJ3hNAMv7Zxk kxbqEhCfy9tyKIN9OhoTNqFs= X-Received: by 127.0.0.2 with SMTP id EvCUYY7687511xqwZ8L1dTxO; Sat, 30 Dec 2023 03:30:00 -0800 X-Received: from NAM11-CO1-obe.outbound.protection.outlook.com (NAM11-CO1-obe.outbound.protection.outlook.com [40.107.220.62]) by mx.groups.io with SMTP id smtpd.web10.182613.1703935799981649639 for ; Sat, 30 Dec 2023 03:30:00 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=DvgUriYGXenTWQ3KvJe8UiLLucEn3BBduuZA4A8rdSB+DCYKHeQLgJj+S/lF8f7/igrzqOJv/evFY0b8R367omzMWsYoH4vogs0Oz/YPtPD5cwnqyheZy5H5UI7O6B7ej+0tE14zthjE5jVvJkdqFEya1m1W3TstWZAlyTexFGU7ikUKn2BuDpip8OWkfIoJu8wLEwzU4ul2dE8KMZ2gBbydN+hXtmUtMfPTPUQPArBcQT+E827dZyHAv8Ez6/gDMag6tcCzkswnjGui8FVcL35pc+JVrsXtEHS6aRsBUDeQiGqaMf3QUw7OVXsf1weM8JAyjS1raRaORcK+70fDzA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=7/2sL0iHhPkpNPxpbeFWk0JfyGjpaHqzklzssd8I6wM=; b=Hy749a3cdS2s3ClY7UIQysyETm7avWO6OvLQjB3UBTFkor5vOsUeEV+udLGrqYkJICkqIvd66DnUVZSPpFyeYG7GFZjGBRtknQe76lW3QnZv2J58MgDX1ANeZq4WK7MewwJppn9xpsOgAq4ubzU84BzajgjZKZorV0i1GDsWeHMl6G6fWha/XpY599jaAn3kKYZ0qESXYdjcCUWQrTNTLyp1BX1aCOIKO1YnoQ5j6h65jVyD9y5eC3OrBV7aCpWUhS2csUcaYKSMzMRRFIuVHGTupOqS5pNnwWiZuwsBNv8Mcc0aPiop7kr19WlC6PQYpVZErRK4MJrCBSJrPgw23g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=edk2.groups.io smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) X-Received: from DS7PR03CA0276.namprd03.prod.outlook.com (2603:10b6:5:3ad::11) by CH2PR12MB4038.namprd12.prod.outlook.com (2603:10b6:610:7b::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.22; Sat, 30 Dec 2023 11:29:53 +0000 X-Received: from DS1PEPF00017094.namprd03.prod.outlook.com (2603:10b6:5:3ad:cafe::5b) by DS7PR03CA0276.outlook.office365.com (2603:10b6:5:3ad::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7135.18 via Frontend Transport; Sat, 30 Dec 2023 11:29:53 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C X-Received: from SATLEXMB04.amd.com (165.204.84.17) by DS1PEPF00017094.mail.protection.outlook.com (10.167.17.137) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7159.9 via Frontend Transport; Sat, 30 Dec 2023 11:29:53 +0000 X-Received: from TPE-L1-ABNCHANG.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.34; Sat, 30 Dec 2023 05:29:51 -0600 From: "Chang, Abner via groups.io" To: CC: Saloni Kasbekar , Zachary Clark-williams , Michael Brown , Nickle Wang , Igor Kulchytskyy Subject: [edk2-devel] [PATCH 4/5] RedfishPkg/RedfishRestExDxe: Produce EdkiiHttpsTlsConfigData protocol Date: Sat, 30 Dec 2023 19:29:28 +0800 Message-ID: <20231230112929.1711-5-abner.chang@amd.com> In-Reply-To: <20231230112929.1711-1-abner.chang@amd.com> References: <20231230112929.1711-1-abner.chang@amd.com> MIME-Version: 1.0 X-Originating-IP: [10.180.168.240] X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS1PEPF00017094:EE_|CH2PR12MB4038:EE_ X-MS-Office365-Filtering-Correlation-Id: a26417ff-8007-41aa-0b48-08dc092aa483 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Message-Info: PFT9YW5IpcHxj/8Mxgwdk5nOS8Qh0h0uzgKAeULZmBsNZScwjBtlFJppXUAlVte9Wnxk5M55jsNF3/XkCg3MY8y/fecP0q1ecrbY4DF4g1rKgw2ZB+zxj+3WXNcxti45Ngmq07ZGfP92sHdz6dtZWGET208GRk+9V4Tz1m3pooKlJVbCxjrb5lhheiK7W0Ia/IUAvPAxTeU9CMja2qihv+HOgXmzHuqXiJhpcQfcc1+/r7/Qpcpxd0COL6hZILFT5tA48nC0p0X1iZwujwQe2ZXY8I2eTBNdM/2NKNo66Zj8p8wuHSpc1qaoom1WDjVKGA8xMww3zLdt7epePz7wsls+i3KlQYKPUau0m+8ebyxryARLSLyLcdltOm+r5NhhEgXL7oBfgBIpyCMDH/6aPWPIBrqUSE5swvMR5GmYaUp2bXQOmZp1Ucr4WMIJYvl7bi/5VXIDolQvtnnjBBEcK4C3F+Znrt5QS7GdYQRI4UoQtP8Mb57OKs4po/m45G3cgespfvmOoiK+dQPzOo8YYem6bgD7T3pFrURs3lZCLfDlAWKifct1Sl0gDuzAEPalA4tuAo8OrKZydzEBOznnEXVAKjqm1mX/1pFw/QPBqzgNdZCs9bxLBrdGlzpodyjkW9LtRKYEZZ9Uuz/RBfnhNQsiuPapc/84/W21tn6lmDYLbr+Va5xa1z4QFz5UNeGvB6WfA48jmuk2/LDslpbxz4MekRGMu4r0GacnLQjEzdCJcLMarKlUXEWAtssI2BlbDg2r/n8RTjv/8GytTwscDtyepgfiocmJ8qaHdpdB+ge87eupMw1EsSv5+u02KJvDfOXfLxwF8ESv9wxE9HqqeQ== X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Dec 2023 11:29:53.2158 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: a26417ff-8007-41aa-0b48-08dc092aa483 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: DS1PEPF00017094.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB4038 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,abner.chang@amd.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: lTt4Rsk7bZdnFxYvaG6E5af5x7686176AA= Content-Transfer-Encoding: quoted-printable Content-Type: text/plain X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=ggrGWVfb; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io; dmarc=none; arc=reject ("signature check failed: fail, {[1] = sig:microsoft.com:reject}") From: abnchang Produce EdkiiHttpsTlsConfigData protocol to provide Redfish REST EX TLS configuration data. Signed-off-by: Abner Chang Cc: Saloni Kasbekar Cc: Zachary Clark-williams Cc: Michael Brown Cc: Nickle Wang Cc: Igor Kulchytskyy --- RedfishPkg/RedfishPkg.dec | 5 ++ .../RedfishRestExDxe/RedfishRestExDxe.inf | 2 + .../RedfishRestExDxe/RedfishRestExDriver.h | 23 +++++- .../RedfishRestExDxe/RedfishRestExDriver.c | 79 ++++++++++++++++++- 4 files changed, 104 insertions(+), 5 deletions(-) diff --git a/RedfishPkg/RedfishPkg.dec b/RedfishPkg/RedfishPkg.dec index 3ea9ff3ef7f..e4aa8b634c8 100644 --- a/RedfishPkg/RedfishPkg.dec +++ b/RedfishPkg/RedfishPkg.dec @@ -154,3 +154,8 @@ # set to EFI_REST_EX_PROTOCOL. # gEfiRedfishPkgTokenSpaceGuid.PcdRedfishSendReceiveTimeout|5000|UINT32|0x= 00001009 + # + # This PCD declares whether to provide EDKII_HTTPS_CONFIG_DATA_PROTOCOL + # for Resfish REXT EX HTTPS TLS configuration data. + # + gEfiRedfishPkgTokenSpaceGuid.PcdRedfishRestExHttpsTlsConfigData|TRUE|BOO= LEAN|0x00001010 diff --git a/RedfishPkg/RedfishRestExDxe/RedfishRestExDxe.inf b/RedfishPkg/= RedfishRestExDxe/RedfishRestExDxe.inf index 64e6343bfbf..e75f5a87985 100644 --- a/RedfishPkg/RedfishRestExDxe/RedfishRestExDxe.inf +++ b/RedfishPkg/RedfishRestExDxe/RedfishRestExDxe.inf @@ -57,11 +57,13 @@ gEfiHttpServiceBindingProtocolGuid ## TO_START gEfiHttpProtocolGuid ## TO_START gEfiDevicePathProtocolGuid ## TO_START + gEdkiiHttpsTlsConfigDataProtocolGuid ## PRODUCED =20 [Pcd] gEfiRedfishPkgTokenSpaceGuid.PcdRedfishRestExServiceAccessModeInBand ## = CONSUMES gEfiRedfishPkgTokenSpaceGuid.PcdRedfishRestExChunkRequestMode ## = CONSUMES gEfiRedfishPkgTokenSpaceGuid.PcdRedfishRestExAddingExpect ## = CONSUMES + gEfiRedfishPkgTokenSpaceGuid.PcdRedfishRestExHttpsTlsConfigData ## = CONSUMES =20 [UserExtensions.TianoCore."ExtraFiles"] RedfishRestExDxeExtra.uni diff --git a/RedfishPkg/RedfishRestExDxe/RedfishRestExDriver.h b/RedfishPkg= /RedfishRestExDxe/RedfishRestExDriver.h index 6b94e5814c4..c3a15f1a976 100644 --- a/RedfishPkg/RedfishRestExDxe/RedfishRestExDriver.h +++ b/RedfishPkg/RedfishRestExDxe/RedfishRestExDriver.h @@ -30,8 +30,10 @@ /// UEFI Driver Model Protocols /// #include +#include #include #include +#include =20 /// /// Protocol instances @@ -53,13 +55,19 @@ typedef struct _RESTEX_SERVICE RESTEX_SERVICE; /// typedef struct _RESTEX_INSTANCE RESTEX_INSTANCE; =20 +/// +/// RestEx HTTP context +/// +typedef struct _RESTEX_HTTPS_CONTEXT RESTEX_HTTPS_CONTEXT; + /// /// Driver Version /// #define REDFISH_RESTEX_DRIVER_VERSION 0x0100 =20 -#define RESTEX_SERVICE_SIGNATURE SIGNATURE_32 ('R', 'E', 'S', 'S') -#define RESTEX_INSTANCE_SIGNATURE SIGNATURE_32 ('R', 'E', 'I', 'S') +#define RESTEX_SERVICE_SIGNATURE SIGNATURE_32 ('R', 'E', 'S', 'S') +#define RESTEX_INSTANCE_SIGNATURE SIGNATURE_32 ('R', 'E', 'I', 'S') +#define RESTEX_HTTPS_CONTEXT_SIGNATURE SIGNATURE_32 ('R', 'H', 'C', 'S') =20 #define RESTEX_SERVICE_FROM_THIS(a) \ CR (a, RESTEX_SERVICE, ServiceBinding, RESTEX_SERVICE_SIGNATURE) @@ -67,6 +75,9 @@ typedef struct _RESTEX_INSTANCE RESTEX_INSTANCE; #define RESTEX_INSTANCE_FROM_THIS(a) \ CR (a, RESTEX_INSTANCE, RestEx, RESTEX_INSTANCE_SIGNATURE) =20 +#define REDFISH_HTTPS_CONTEXT_FROM_THIS(a) \ + CR (a, RESTEX_HTTPS_CONTEXT, TlsConfigDataProtocol, RESTEX_HTTPS_CONTEXT= _SIGNATURE) + #define RESTEX_STATE_UNCONFIGED 0 #define RESTEX_STATE_CONFIGED 1 =20 @@ -93,6 +104,12 @@ struct _RESTEX_SERVICE { #define RESTEX_INSTANCE_FLAGS_TLS_RETRY 0x00000001 #define RESTEX_INSTANCE_FLAGS_TCP_ERROR_RETRY 0x00000002 =20 +struct _RESTEX_HTTPS_CONTEXT { + UINT32 Signature; + EDKII_HTTPS_TLS_CONFIG_DATA_PROTOCOL TlsConfigDataProtocol; + BOOLEAN TlsConfigDataProtocolInstalled; +}; + struct _RESTEX_INSTANCE { UINT32 Signature; LIST_ENTRY Link; @@ -107,6 +124,8 @@ struct _RESTEX_INSTANCE { =20 EFI_REST_EX_CONFIG_DATA ConfigData; =20 + RESTEX_HTTPS_CONTEXT *RestExHttpsContext; + // // HTTP_IO to access the HTTP service // diff --git a/RedfishPkg/RedfishRestExDxe/RedfishRestExDriver.c b/RedfishPkg= /RedfishRestExDxe/RedfishRestExDriver.c index 7036aed4268..f897248fc44 100644 --- a/RedfishPkg/RedfishRestExDxe/RedfishRestExDriver.c +++ b/RedfishPkg/RedfishRestExDxe/RedfishRestExDriver.c @@ -76,8 +76,26 @@ RestExDestroyInstance ( IN RESTEX_INSTANCE *Instance ) { - HttpIoDestroyIo (&(Instance->HttpIo)); + EFI_STATUS Status; =20 + if ((Instance !=3D NULL) && + (Instance->RestExHttpsContext !=3D NULL) && + (Instance->RestExHttpsContext->TlsConfigDataProtocolInstalled) + ) + { + Status =3D gBS->UninstallProtocolInterface ( + Instance->HttpIo.Handle, + &gEdkiiHttpsTlsConfigDataProtocolGuid, + (VOID *)&Instance->RestExHttpsContext->TlsConfigDataPr= otocol + ); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a: Fail to uninstall gEdkiiHttpsTlsConfigData= ProtocolGuid.\n", __func__)); + } + + FreePool (Instance->RestExHttpsContext); + } + + HttpIoDestroyIo (&(Instance->HttpIo)); FreePool (Instance); } =20 @@ -266,6 +284,56 @@ RestExCreateService ( return Status; } =20 +/** + Initial EDKII_HTTPS_TLS_CONFIG_DATA_PROTOCOL for Redfish REST EX TLS. + + @param[in] Instance REST EX internal structure instance. + +**/ +VOID +RedfishHttpsTlsConfigData ( + IN RESTEX_INSTANCE *Instance + ) +{ + EFI_STATUS Status; + RESTEX_HTTPS_CONTEXT *RestExHttpsContext; + + RestExHttpsContext =3D AllocateZeroPool (sizeof (RESTEX_HTTPS_CONTEXT)); + if (RestExHttpsContext =3D=3D NULL) { + DEBUG ((DEBUG_ERROR, "%a: Allocate memory fail for RESTEX_HTTPS_CONTEX= T\n", __func__)); + return; + } + + if (Instance->HttpIo.Handle =3D=3D NULL) { + DEBUG ((DEBUG_ERROR, "%a: Invalid HTTP handle.\n", __func__)); + return; + } + + RestExHttpsContext->Signature = =3D RESTEX_HTTPS_CONTEXT_SIGNATURE; + RestExHttpsContext->TlsConfigDataProtocol.Version.Major = =3D 1; + RestExHttpsContext->TlsConfigDataProtocol.Version.Minor = =3D 0; + RestExHttpsContext->TlsConfigDataProtocol.HttpsTlsConfigData.ConnectionE= nd =3D EfiTlsClient; + RestExHttpsContext->TlsConfigDataProtocol.HttpsTlsConfigData.VerifyMetho= d =3D EFI_TLS_VERIFY_NONE; + RestExHttpsContext->TlsConfigDataProtocol.HttpsTlsConfigData.VerifyHost.= Flags =3D EFI_TLS_VERIFY_FLAG_NONE; + RestExHttpsContext->TlsConfigDataProtocol.HttpsTlsConfigData.VerifyHost.= HostName =3D "Redfish Service"; + + // Install EDKII_HTTPS_TLS_CONFIG_DATA_PROTOCOL; + Status =3D gBS->InstallProtocolInterface ( + &Instance->HttpIo.Handle, + &gEdkiiHttpsTlsConfigDataProtocolGuid, + EFI_NATIVE_INTERFACE, + (VOID *)&RestExHttpsContext->TlsConfigDataProtocol + ); + if (EFI_ERROR (Status)) { + FreePool (RestExHttpsContext); + DEBUG ((DEBUG_ERROR, "%a: Fail to install EDKII_HTTPS_TLS_CONFIG_DATA_= PROTOCOL.\n", __func__)); + return; + } + + RestExHttpsContext->TlsConfigDataProtocolInstalled =3D TRUE; + Instance->RestExHttpsContext =3D RestExHttpsContex= t; +} + /** This is the declaration of an EFI image entry point. This entry point is the same for UEFI Applications, UEFI OS Loaders, and UEFI Drivers includ= ing @@ -286,8 +354,6 @@ RedfishRestExDriverEntryPoint ( { EFI_STATUS Status; =20 - Status =3D EFI_SUCCESS; - // // Install the RestEx Driver Binding Protocol. // @@ -699,6 +765,13 @@ RedfishRestExServiceBindingCreateChild ( goto ON_ERROR; } =20 + // + // Set Redfish HTTPS TLS configuration data. + // + if (FixedPcdGetBool (PcdRedfishRestExHttpsTlsConfigData)) { + RedfishHttpsTlsConfigData (Instance); + } + // // Add it to the parent's child list. // --=20 2.37.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#113008): https://edk2.groups.io/g/devel/message/113008 Mute This Topic: https://groups.io/mt/103430433/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-