From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (NAM11-BN8-obe.outbound.protection.outlook.com [40.107.236.41]) by mx.groups.io with SMTP id smtpd.web11.27948.1678474155372996153 for ; Fri, 10 Mar 2023 10:49:16 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@ami.com header.s=selector1 header.b=cHWwKI9b; spf=pass (domain: ami.com, ip: 40.107.236.41, mailfrom: igork@ami.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=XjXpe5BFZGlaW5FVUPBjj4WTzorydoi1o0CxRAkwpSDPkaWsGG/4ak3Bwr2Snwp2deksmNRJw0/ulFwAvaQ2GioNDJ/Ieio+rbC/FjPCXbAxQNFUMyuov5w3a8lkSDpyAZ4XCRi9OXmE1CSZt4XFB/2QTEzB03xoUYMRSL0Cws6ZpIMtGjwzpAVNEnLIa6E9nUF/7Pm6rj4yZ4vaBFpI4x5sBY5FkPyDiwANSKpEVHUwhWyBKUxXlXThTuox0z6HtvQ8gjNrHda+OeWEk1uaBo0zrluMiFUZDAn6w/rY/xIyOOLMlsIsVdeWBeKbdRuz76UP+IIBnEUbjGHR6vAfIg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=J4NRg3MVIO0ArWrRt89gM5IUBgcWFvg1cBGI943cgRk=; b=GDbYJNW8+kZVcyvlLq61TksvWyul5rlLZjoS/OQ4nzXAiKiqSlJW1/TKWZNNnIdmzcmsSfrd7LyV83yYWdc+F0bZ4zHXk6u+nCym3jnJ24wp1h1TYC7CmfRSFbtlTudl45rI3jMdrGxKFSYVGpqL4+fWiC4FZue4hfyrVb8dL/gGtOWUydwz4B2M0xaB1iSs3B6rqwYj7XSdVDOn2otl9B7tJX6soOgWv/fbgkCOozmD6CkuqVHiDwprkADwT2kfmC5XWaWm5VXjNqH/6w+ObvOHc5PA2G8TERFvae8l/w4cZs+rdYapYJ9/irDxEoKxKVdyz4oiMtOMYnmik3vhCw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ami.com; dmarc=pass action=none header.from=ami.com; dkim=pass header.d=ami.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ami.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=J4NRg3MVIO0ArWrRt89gM5IUBgcWFvg1cBGI943cgRk=; b=cHWwKI9bmDry7SZq6XhEdIP8bNZuy88dvq1XF7vL6b3nf7+46zLk/MunqfueyXxIKGx1XtoXZIBdXNRvzNsHJUgkVMDC/jycAiZU3ImZhVTkhqZ2R/9ft7oXz0P3zlygvQTcz6z9KCMXJsN/e4E9X0UMdQEHBAKAnnYr4i2owho= Received: from BLAPR10MB5185.namprd10.prod.outlook.com (2603:10b6:208:328::16) by DS0PR10MB7364.namprd10.prod.outlook.com (2603:10b6:8:fe::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6178.19; Fri, 10 Mar 2023 18:49:11 +0000 Received: from BLAPR10MB5185.namprd10.prod.outlook.com ([fe80::52c3:303b:cee1:d7a5]) by BLAPR10MB5185.namprd10.prod.outlook.com ([fe80::52c3:303b:cee1:d7a5%5]) with mapi id 15.20.6178.020; Fri, 10 Mar 2023 18:49:10 +0000 From: "Igor Kulchytskyy" To: Nickle Wang , "devel@edk2.groups.io" CC: Abner Chang , Nick Ramirez Subject: Re: [PATCH] RedfishPkg/RedfishPlatformCredentialIpmiLib: IPMI implementation Thread-Topic: [EXTERNAL] [PATCH] RedfishPkg/RedfishPlatformCredentialIpmiLib: IPMI implementation Thread-Index: AQHZUY6L8mH1qFBtGE2UFgy+YoWyl670PP4A Date: Fri, 10 Mar 2023 18:49:10 +0000 Message-ID: References: <20230308072048.354-1-nicklew@nvidia.com> In-Reply-To: <20230308072048.354-1-nicklew@nvidia.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ami.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: BLAPR10MB5185:EE_|DS0PR10MB7364:EE_ x-ms-office365-filtering-correlation-id: 9a58066b-acb2-454d-bb9d-08db219822da x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: YQrAnfYroir37Ygxru5s0HC3L0S6WiR47jxlbOeOeilJmsDf9gLOqCwyWKr1LTdjgE+tAIdGSPeRYghAluIjgO2i9UtK+CGh3Yy3AtRUjt1XM9kqZN1p0NhNkXTMSNWHI1kd2JzY2Hha7oMaZW2+tte9Qz4eI0ljqudQy9mB0AUs6z00EVbLryTSHKSgOkO8pEaWJTevQQ/LvSevJZXsEG4tjhqinVVddKmZeC7Kh6+WgJLwg71z2FHW7hGTWDbnl8EFW87o4X0UWGCqCjHOHnbPRHJRL8r1xovcXehuI1+gjBzrpfl9q/oejdi9PqMxf4VZOLRn2Fca27ywA5p6wVS4daovBV6ctBSRHQDWd1UHGNb40P/zXUBwNC2vWJ8PdSYaEuwk3Z1N0B9q1LNNnI0ZaM5L/isyhmWZ0kQtJDhwNw7qf2dpmXly3m6KIjTm4lPKQltC3lIx+agOCXktgwB1GsNzXgfCDcwGbFXLZ4z6HJqbvzJyIOX8mr/lvMy7gylGxdVYOsutueJHOI34/4GiSBB99od1ZP1VJFfTM4vzT0aEOsSEYTCjiDMdo1STZJSKBGMusF8zJHUqSIIKNzl2s93+NuQaHEP5Xaq92aPEp0hM2SVWm9nv2eqra0I2CTbTLA6JF6fecX0Gu9dze+h41OgDB6vkV2EIusqAXMhTWeGCP7FNvSSqCN8BDXysYSmKmogNR3KPNdOA/rJWcg== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BLAPR10MB5185.namprd10.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230025)(4636009)(376002)(396003)(366004)(346002)(39850400004)(136003)(451199018)(30864003)(52536014)(8936002)(45080400002)(5660300002)(26005)(8676002)(9686003)(41300700001)(6506007)(53546011)(38100700002)(122000001)(83380400001)(186003)(55016003)(86362001)(54906003)(316002)(33656002)(4326008)(66446008)(110136005)(64756008)(66556008)(76116006)(66476007)(40140700001)(478600001)(71200400001)(7696005)(38070700005)(66946007)(2906002)(213903007)(559001)(579004);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?89GpCKIdWkVuPASMfXqwYWRE3ZKBc2BfjBg8LDhxWz0sY+XAOyM/D/Fb7gGX?= =?us-ascii?Q?yusePFiOxKQI6hrWnMFdJWTPNV5M6lqPTDRM70n30p5F3i70ByX1PoSJd0ti?= =?us-ascii?Q?vA/ymmDyPVqtv0QH4T6CCzMy8wn2Jwe+l5+6xTemnZyvy0/5gcvGOYD6SETc?= =?us-ascii?Q?6q33hnrlX12SKAcxIz/og10Rt7yLOvkM/dbrS9vPrLW2L+oJgeeSTdLs4aCK?= =?us-ascii?Q?+EQKv8t+0cQDk98I+LbGUr/KyzWgL+bsvTn2e/wv4nAhzVTSwnjvAOQox8gJ?= =?us-ascii?Q?c8emLC/8Q5AaiZ0LU0t0M4xH5Gd+WY+RS0vbSHWkrwru3pyFPe25AOcVG7DO?= =?us-ascii?Q?bPteec/wpybnQHOGX6j92MjFuTyo+2xxLODvT7sOBYhAvrvccpRinLaGayLS?= =?us-ascii?Q?2Fc7hgefP3xj68IeIR3uA8U/b0IMzUxKzGxCMNgxu3PAmxViq/2tThNlllxl?= =?us-ascii?Q?JJm3OQAZ6uJ/K2akHIL/TDIiFKFFKD9xB/4UKMQjtkMrS+O55SqsOJQY8Erw?= =?us-ascii?Q?g7NNDuwnLeyxT6ZSKwxyiEfSx8I0wxZASTVel9ZtKGwmCWKy2r332hKoKrcE?= =?us-ascii?Q?HujlEvLBTWLTfVUaSc24Tpdrd8iqavcCHrzgBrKJr7//lDqa9HAoPm50KhMN?= =?us-ascii?Q?XNbouSAYGw/5/74DXS4D4voOY3LF3bWlPLKusoIJK7X0zx2jYtIbENZRpRN7?= =?us-ascii?Q?XsMr7eBXK6YZhph0BZMc9onauEysULCf4NlGc8agV/XPZZK/wc/jdnQ1kphD?= =?us-ascii?Q?sztW7+Fy0DswKDY9uQ3x8ffb8Nf+3sBdWk/fHEYKg12GDQfRVSSZcQUl3gyG?= =?us-ascii?Q?wLbQzpD2dU478jGZFElM3QzIpHN8Hb1v3pK1N/q6LE0YMbR1U9qXtKupsSJ9?= =?us-ascii?Q?5x6ei2ikwT8e76cLXPXKgX/8gEAZdUfVpF7z+9fM1nIoTyUaPEOx0eseWAKy?= =?us-ascii?Q?gUmU7SSQa/BqeQh358ClM05nPbI4U2RifjmGKuVnhVTFMs8u1MjE/TPkuuVK?= =?us-ascii?Q?fx0ePuSPM0P0j7+h6/AabBhW0qJJCzqRSjBYB9zNhBLv8iTc3SxTKBtEHOUt?= =?us-ascii?Q?T7LN6PsIiDlKhHH8ieTGsvFJE0XihkYlX14ZIMpQT6xyQMEjMa8yVzsypJzb?= =?us-ascii?Q?c86B4Op277ZQiUYbXo0YCbZ4wFfEd+3xu9v7ATo8AHohXyqGL/5d2P9O4EFq?= =?us-ascii?Q?cPNwB7h542BHiAoUezLlBljk7QJutyB1ECH6bztvF50pEYwX9MCioKeQ4chN?= =?us-ascii?Q?zNTQk1MSRckVyyvdl27ID/9DrOvlY7mOuCW2/xygevKOoEClyFhJThsQ8ips?= =?us-ascii?Q?b8UuDLatIt2t4JbVe9lnJWGBRawUYxXKC9RhfCC1Dao0qSYU3/iEcXaAShJs?= =?us-ascii?Q?CxYFFhoJfs+oufa/SXJsENG++QbyAJQRCqHXGEQu4VGy0rnzjJFCINrwAiZ0?= =?us-ascii?Q?zYkhu5oMAVI/Bxap+u0DayDjVMKbQy6mLLyKER3vWXrD7JiGe5syqv7kXmzF?= =?us-ascii?Q?JSK+g9alDhAIGKTjEmCmUwkgQD8uUEi6hDywv9lCvFlf8pxaTU2blsa+EKKH?= =?us-ascii?Q?EGCVtQyiipN1YOvP0Fk=3D?= MIME-Version: 1.0 X-OriginatorOrg: ami.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: BLAPR10MB5185.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 9a58066b-acb2-454d-bb9d-08db219822da X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Mar 2023 18:49:10.5938 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 27e97857-e15f-486c-b58e-86c2b3040f93 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: eDXg619MvATRjTMOi5ZI94WquXXcfeKu9vMoyCtuQpaLj9Kq/mwZskbbT2OAsj6x X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR10MB7364 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Nickle, See my comments below the text. Thank you, Igor -----Original Message----- From: Nickle Wang Sent: Wednesday, March 8, 2023 2:21 AM To: devel@edk2.groups.io Cc: Abner Chang ; Igor Kulchytskyy ; Ni= ck Ramirez Subject: [EXTERNAL] [PATCH] RedfishPkg/RedfishPlatformCredentialIpmiLib: IP= MI implementation **CAUTION: The e-mail below is from an external source. Please exercise cau= tion before opening attachments, clicking links, or following guidance.** This library follows Redfish Host Interface specification and use IPMI command to get bootstrap account credential(NetFn 2Ch, Command 02h) from BMC. RedfishHostInterfaceDxe will use this credential for the following communication between BIOS and BMC. Signed-off-by: Nickle Wang Cc: Abner Chang Cc: Igor Kulchytskyy Cc: Nick Ramirez --- .../RedfishPlatformCredentialIpmiLib.c | 443 ++++++++++++++++++ .../RedfishPlatformCredentialIpmiLib.h | 86 ++++ .../RedfishPlatformCredentialIpmiLib.inf | 42 ++ RedfishPkg/RedfishPkg.dec | 7 + RedfishPkg/RedfishPkg.dsc | 2 + 5 files changed, 580 insertions(+) create mode 100644 RedfishPkg/Library/RedfishPlatformCredentialIpmi/Redfis= hPlatformCredentialIpmiLib.c create mode 100644 RedfishPkg/Library/RedfishPlatformCredentialIpmi/Redfis= hPlatformCredentialIpmiLib.h create mode 100644 RedfishPkg/Library/RedfishPlatformCredentialIpmi/Redfis= hPlatformCredentialIpmiLib.inf diff --git a/RedfishPkg/Library/RedfishPlatformCredentialIpmi/RedfishPlatfo= rmCredentialIpmiLib.c b/RedfishPkg/Library/RedfishPlatformCredentialIpmi/Re= dfishPlatformCredentialIpmiLib.c new file mode 100644 index 0000000000..2706b8508b --- /dev/null +++ b/RedfishPkg/Library/RedfishPlatformCredentialIpmi/RedfishPlatformCrede= ntialIpmiLib.c @@ -0,0 +1,443 @@ +/** @file + Implementation of getting bootstrap credential via IPMI. + + Copyright (c) 2022-2023 NVIDIA CORPORATION & AFFILIATES. All rights rese= rved. + + SPDX-License-Identifier: BSD-2-Clause-Patent + + @par Specification Reference: + - Redfish Host Interface Specification + (https://nam12.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fwww= .dmtf.org%2Fsites%2Fdefault%2Ffiles%2Fstandards%2Fdocuments%2FDSP0270_1.3.0= .pdf&data=3D05%7C01%7Cigork%40ami.com%7C0ed34699a31b433d952a08db1fa5ab9f%7C= 27e97857e15f486cb58e86c2b3040f93%7C1%7C1%7C638138568651052766%7CUnknown%7CT= WFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%= 3D%7C3000%7C%7C%7C&sdata=3D0t4RMGFXAYj5dUI3C4l%2BfE7NveA3esyLu%2BTn9%2F1cns= E%3D&reserved=3D0) +**/ + +#include "RedfishPlatformCredentialIpmiLib.h" + +// +// Global flag of controlling credential service +// +BOOLEAN mRedfishServiceStopped =3D FALSE; + +/** + Notify the Redfish service provide to stop provide configuration service= to this platform. + + This function should be called when the platform is about to leave the s= afe environment. + It will notify the Redfish service provider to abort all login session, = and prohibit + further login with original auth info. GetAuthInfo() will return EFI_UNS= UPPORTED once this + function is returned. + + @param[in] This Pointer to EDKII_REDFISH_CREDENTIAL_PRO= TOCOL instance. + @param[in] ServiceStopType Reason of stopping Redfish service. + + @retval EFI_SUCCESS Service has been stoped successfully. + @retval EFI_INVALID_PARAMETER This is NULL. + @retval Others Some error happened. + +**/ +EFI_STATUS +EFIAPI +LibStopRedfishService ( + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, + IN EDKII_REDFISH_CREDENTIAL_STOP_SERVICE_TYPE ServiceStopType + ) +{ + EFI_STATUS Status; + + if ((ServiceStopType <=3D ServiceStopTypeNone) || (ServiceStopType >=3D = ServiceStopTypeMax)) { + return EFI_INVALID_PARAMETER; + } + + // + // Only stop credential service after leaving BIOS + // + if (ServiceStopType !=3D ServiceStopTypeExitBootService) { + return EFI_UNSUPPORTED; + } + + // + // Raise flag first + // + mRedfishServiceStopped =3D TRUE; + + // + // Notify BMC to disable credential bootstrapping support. + // + if (PcdGetBool (PcdRedfishDisableBootstrapCredentialService)) { + Status =3D GetBootstrapAccountCredentials (TRUE, NULL, NULL); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a: fail to disable bootstrap credential: %r\n= ", __FUNCTION__, Status)); + return Status; + } + } Why should we call IPMI function to disable bootstrap credentials here? This call will create new account on BMC side with username and password, w= hich is not going to be used anyway (we even do not save those credentials)= . We already have a call of IPMI function first time we need the credentials. Then we agreed to cash them in NVRAM variable and all other calls to get cr= edentials will use the credentials from that NVRAM variable. Shouldn't we use that PCD and send the corresponding flag to IPMI command d= uring our first call. I do not see any differences for Redfish modules as it explained above, but= we may save some boot time (timeout for IPMI command is 5 sec). And there = will be no spare bootstrap account on BMC side created. . + + // + // Delete cached variable + // + Status =3D SetBootstrapAccountCredentialsToVariable (NULL, NULL, TRUE); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a: fail to remove bootstrap credential: %r\n", = __FUNCTION__, Status)); + } + + DEBUG ((DEBUG_INFO, "%a: bootstrap credential service stopped\n", __FUNC= TION__)); + + return EFI_SUCCESS; +} + +/** + Notification of Exit Boot Service. + + @param[in] This Pointer to EDKII_REDFISH_CREDENTIAL_PROTOCOL. +**/ +VOID +EFIAPI +LibCredentialExitBootServicesNotify ( + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This + ) +{ + // + // Stop the credential support when system is about to enter OS. + // + LibStopRedfishService (This, ServiceStopTypeExitBootService); +} + +/** + Notification of End of DXe. + + @param[in] This Pointer to EDKII_REDFISH_CREDENTIAL_PROTOCOL. +**/ +VOID +EFIAPI +LibCredentialEndOfDxeNotify ( + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This + ) +{ + // + // Do nothing now. + // We can stop credential support when system reach end-of-dxe for secur= ity reason. + // +} + +/** + Function to retrieve temporary user credentials for the UEFI redfish cli= ent. This function can + also disable bootstrap credential service in BMC. + + @param[in] DisableBootstrapControl + TRUE - Tell the BMC to disable the b= ootstrap credential + service to ensure no one else= gains credentials + FALSE Allow the bootstrap credentia= l service to continue + @param[in,out] BootstrapUsername + A pointer to a Ascii encoded string = for the credential username + When DisableBootstrapControl is TRUE= , this pointer can be NULL + + @param[in,out] BootstrapPassword + A pointer to a Ascii encoded string = for the credential password + When DisableBootstrapControl is TRUE= , this pointer can be NULL + + @retval EFI_SUCCESS Credentials were successfully fetche= d and returned. When DisableBootstrapControl + is set to TRUE, the bootstrap creden= tial service is disabled successfully. + @retval EFI_INVALID_PARAMETER BootstrapUsername or BootstrapPasswo= rd is NULL when DisableBootstrapControl + is set to FALSE + @retval EFI_DEVICE_ERROR An IPMI failure occurred +**/ +EFI_STATUS +GetBootstrapAccountCredentials ( + IN BOOLEAN DisableBootstrapControl, + IN OUT CHAR8 *BootstrapUsername, OPTIONAL + IN OUT CHAR8 *BootstrapPassword OPTIONAL + ) +{ + EFI_STATUS Status; + IPMI_BOOTSTRAP_CREDENTIALS_COMMAND_DATA CommandData; + IPMI_BOOTSTRAP_CREDENTIALS_RESULT_RESPONSE ResponseData; + UINT32 ResponseSize; + + // + // NULL buffer check + // + if (!DisableBootstrapControl && ((BootstrapUsername =3D=3D NULL) || (Boo= tstrapPassword =3D=3D NULL))) { + return EFI_INVALID_PARAMETER; + } + + DEBUG ((DEBUG_VERBOSE, "%a: Disable bootstrap control: 0x%x\n", __FUNCTI= ON__, DisableBootstrapControl)); + + // + // IPMI callout to NetFn 2C, command 02 + // Request data: + // Byte 1: REDFISH_IPMI_GROUP_EXTENSION + // Byte 2: DisableBootstrapControl + // + CommandData.GroupExtensionId =3D REDFISH_IPMI_GROUP_EXTENSION; + CommandData.DisableBootstrapControl =3D (DisableBootstrapControl ? REDFI= SH_IPMI_BOOTSTRAP_CREDENTIAL_DISABLE : REDFISH_IPMI_BOOTSTRAP_CREDENTIAL_EN= ABLE); + + ResponseSize =3D sizeof (ResponseData); + + // + // Response data: + // Byte 1 : Completion code + // Byte 2 : REDFISH_IPMI_GROUP_EXTENSION + // Byte 3-18 : Username + // Byte 19-34: Password + // + Status =3D IpmiSubmitCommand ( + IPMI_NETFN_GROUP_EXT, + REDFISH_IPMI_GET_BOOTSTRAP_CREDENTIALS_CMD, + (UINT8 *)&CommandData, + sizeof (CommandData), + (UINT8 *)&ResponseData, + &ResponseSize + ); + + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a: IPMI transaction failure. Returning\n", __FU= NCTION__)); + return Status; + } else { + if (ResponseData.CompletionCode !=3D IPMI_COMP_CODE_NORMAL) { + if (ResponseData.CompletionCode =3D=3D REDFISH_IPMI_COMP_CODE_BOOTST= RAP_CREDENTIAL_DISABLED) { + DEBUG ((DEBUG_ERROR, "%a: bootstrap credential support was disable= d\n", __FUNCTION__)); + return EFI_ACCESS_DENIED; + } + + DEBUG ((DEBUG_ERROR, "%a: Completion code =3D 0x%x. Returning\n", __= FUNCTION__, ResponseData.CompletionCode)); + return EFI_PROTOCOL_ERROR; + } else if (ResponseData.GroupExtensionId !=3D REDFISH_IPMI_GROUP_EXTEN= SION) { + DEBUG ((DEBUG_ERROR, "%a: Group Extension Response =3D 0x%x. Returni= ng\n", __FUNCTION__, ResponseData.GroupExtensionId)); + return EFI_DEVICE_ERROR; + } else { + if (BootstrapUsername !=3D NULL) { + CopyMem (BootstrapUsername, ResponseData.Username, USERNAME_MAX_LE= NGTH); + // + // Manually append null-terminator in case 16 characters username = returned. + // + BootstrapUsername[USERNAME_MAX_LENGTH] =3D '\0'; + } + + if (BootstrapPassword !=3D NULL) { + CopyMem (BootstrapPassword, ResponseData.Password, PASSWORD_MAX_LE= NGTH); + // + // Manually append null-terminator in case 16 characters password = returned. + // + BootstrapPassword[PASSWORD_MAX_LENGTH] =3D '\0'; + } + } + } + + DEBUG ((DEBUG_INFO, "%a: get bootstrap credential via IPMI: %r\n", __FUN= CTION__, Status)); + + return Status; +} + +/** + Function to retrieve temporary user credentials from cached boot time va= riable. + + @param[in,out] BootstrapUsername A pointer to a Ascii encoded string = for the credential username + @param[in,out] BootstrapPassword A pointer to a Ascii encoded string = for the credential password + + @retval EFI_SUCCESS Credentials were successfully fetche= d and returned + @retval EFI_INVALID_PARAMETER BootstrapUsername or BootstrapPasswo= rd is NULL + @retval EFI_NOT_FOUND No variable found for account and cr= edentials +**/ +EFI_STATUS +GetBootstrapAccountCredentialsFromVariable ( + IN OUT CHAR8 *BootstrapUsername, + IN OUT CHAR8 *BootstrapPassword + ) +{ + EFI_STATUS Status; + BOOTSTRAP_CREDENTIALS_VARIABLE *CredentialVariable; + VOID *Data; + UINTN DataSize; + + if ((BootstrapUsername =3D=3D NULL) || (BootstrapPassword =3D=3D NULL)) = { + return EFI_INVALID_PARAMETER; + } + + DataSize =3D 0; + Status =3D GetVariable2 ( + CREDENTIAL_VARIABLE_NAME, + &gEfiRedfishVariableGuid, + (VOID *)&Data, + &DataSize + ); + if (EFI_ERROR (Status)) { + return EFI_NOT_FOUND; + } + + if (DataSize !=3D sizeof (BOOTSTRAP_CREDENTIALS_VARIABLE)) { + DEBUG ((DEBUG_ERROR, "%a: data corruption. returned size: %d !=3D stru= cture size: %d\n", __FUNCTION__, DataSize, sizeof (BOOTSTRAP_CREDENTIALS_VA= RIABLE))); + return EFI_NOT_FOUND; + } + + CredentialVariable =3D (BOOTSTRAP_CREDENTIALS_VARIABLE *)Data; + + AsciiStrCpyS (BootstrapUsername, USERNAME_MAX_SIZE, CredentialVariable->= Username); + AsciiStrCpyS (BootstrapPassword, PASSWORD_MAX_SIZE, CredentialVariable->= Password); + + ZeroMem (CredentialVariable->Username, USERNAME_MAX_SIZE); + ZeroMem (CredentialVariable->Password, PASSWORD_MAX_SIZE); + + FreePool (Data); + + DEBUG ((DEBUG_INFO, "%a: get bootstrap credential from variable\n", __FU= NCTION__)); + + return EFI_SUCCESS; +} + +/** + Function to save temporary user credentials into boot time variable. Whe= n DeleteVariable is True, + this function delete boot time variable. + + @param[in] BootstrapUsername A pointer to a Ascii encoded string f= or the credential username. + @param[in] BootstrapPassword A pointer to a Ascii encoded string f= or the credential password. + @param[in] DeleteVariable True to remove boot time variable. Fa= lse otherwise. + + @retval EFI_SUCCESS Credentials were successfully saved. + @retval EFI_INVALID_PARAMETER BootstrapUsername or BootstrapPasswo= rd is NULL + @retval Others Error occurs +**/ +EFI_STATUS +SetBootstrapAccountCredentialsToVariable ( + IN CHAR8 *BootstrapUsername, OPTIONAL + IN CHAR8 *BootstrapPassword, OPTIONAL + IN BOOLEAN DeleteVariable + ) +{ + EFI_STATUS Status; + BOOTSTRAP_CREDENTIALS_VARIABLE CredentialVariable; + VOID *Data; + + if (!DeleteVariable && ((BootstrapUsername =3D=3D NULL) || (BootstrapUse= rname[0] =3D=3D '\0'))) { + return EFI_INVALID_PARAMETER; + } + + if (!DeleteVariable && ((BootstrapPassword =3D=3D NULL) || (BootstrapPas= sword[0] =3D=3D '\0'))) { + return EFI_INVALID_PARAMETER; + } + + // + // Delete variable + // + if (DeleteVariable) { + Status =3D GetVariable2 ( + CREDENTIAL_VARIABLE_NAME, + &gEfiRedfishVariableGuid, + (VOID *)&Data, + NULL + ); + if (!EFI_ERROR (Status)) { + FreePool (Data); + gRT->SetVariable (CREDENTIAL_VARIABLE_NAME, &gEfiRedfishVariableGuid= , EFI_VARIABLE_BOOTSERVICE_ACCESS, 0, NULL); + } + + return EFI_SUCCESS; + } + + ZeroMem (CredentialVariable.Username, USERNAME_MAX_SIZE); + ZeroMem (CredentialVariable.Password, PASSWORD_MAX_SIZE); + + AsciiStrCpyS (CredentialVariable.Username, USERNAME_MAX_SIZE, BootstrapU= sername); + AsciiStrCpyS (CredentialVariable.Password, PASSWORD_MAX_SIZE, BootstrapP= assword); + + // + // Check if variable exists already. If yes, remove it first. + // + Status =3D GetVariable2 ( + CREDENTIAL_VARIABLE_NAME, + &gEfiRedfishVariableGuid, + (VOID *)&Data, + NULL + ); + if (!EFI_ERROR (Status)) { + FreePool (Data); + gRT->SetVariable (CREDENTIAL_VARIABLE_NAME, &gEfiRedfishVariableGuid, = EFI_VARIABLE_BOOTSERVICE_ACCESS, 0, NULL); + } + + Status =3D gRT->SetVariable (CREDENTIAL_VARIABLE_NAME, &gEfiRedfishVaria= bleGuid, EFI_VARIABLE_BOOTSERVICE_ACCESS, sizeof (BOOTSTRAP_CREDENTIALS_VAR= IABLE), (VOID *)&CredentialVariable); + You used the same operations to delete NVRAM variable in two places. What if we delete it at the beginning and then just return from the functio= n if DeleteVariable is TRUE. Something like this: // // Delete variable // Status =3D GetVariable2 ( CREDENTIAL_VARIABLE_NAME, &gEfiRedfishVariableGuid, (VOID *)&Data, NULL ); if (!EFI_ERROR (Status)) { FreePool (Data); gRT->SetVariable (CREDENTIAL_VARIABLE_NAME, &gEfiRedfishVariableGuid, E= FI_VARIABLE_BOOTSERVICE_ACCESS, 0, NULL); } if (DeleteVariable) { return EFI_SUCCESS; } ZeroMem (CredentialVariable.Username, USERNAME_MAX_SIZE); ZeroMem (CredentialVariable.Password, PASSWORD_MAX_SIZE); AsciiStrCpyS (CredentialVariable.Username, USERNAME_MAX_SIZE, BootstrapUs= ername); AsciiStrCpyS (CredentialVariable.Password, PASSWORD_MAX_SIZE, BootstrapPa= ssword); Status =3D gRT->SetVariable (CREDENTIAL_VARIABLE_NAME, &gEfiRedfishVariab= leGuid, EFI_VARIABLE_BOOTSERVICE_ACCESS, sizeof (BOOTSTRAP_CREDENTIALS_VARI= ABLE), (VOID *)&CredentialVariable); Just small optimization of the code. + ZeroMem (CredentialVariable.Username, USERNAME_MAX_SIZE); + ZeroMem (CredentialVariable.Password, PASSWORD_MAX_SIZE); + + return Status; +} + +/** + Retrieve platform's Redfish authentication information. + + This functions returns the Redfish authentication method together with t= he user Id and + password. + - For AuthMethodNone, the UserId and Password could be used for HTTP hea= der authentication + as defined by RFC7235. + - For AuthMethodRedfishSession, the UserId and Password could be used fo= r Redfish + session login as defined by Redfish API specification (DSP0266). + + Callers are responsible for and freeing the returned string storage. + + @param[in] This Pointer to EDKII_REDFISH_CREDENTIAL_PRO= TOCOL instance. + @param[out] AuthMethod Type of Redfish authentication method. + @param[out] UserId The pointer to store the returned UserI= d string. + @param[out] Password The pointer to store the returned Passw= ord string. + + @retval EFI_SUCCESS Get the authentication information succ= essfully. + @retval EFI_ACCESS_DENIED SecureBoot is disabled after EndOfDxe. + @retval EFI_INVALID_PARAMETER This or AuthMethod or UserId or Passwor= d is NULL. + @retval EFI_OUT_OF_RESOURCES There are not enough memory resources. + @retval EFI_UNSUPPORTED Unsupported authentication method is fo= und. + +**/ +EFI_STATUS +EFIAPI +LibCredentialGetAuthInfo ( + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, + OUT EDKII_REDFISH_AUTH_METHOD *AuthMethod, + OUT CHAR8 **UserId, + OUT CHAR8 **Password + ) +{ + EFI_STATUS Status; + + if ((AuthMethod =3D=3D NULL) || (UserId =3D=3D NULL) || (Password =3D=3D= NULL)) { + return EFI_INVALID_PARAMETER; + } + + *UserId =3D NULL; + *Password =3D NULL; + + if (mRedfishServiceStopped) { + DEBUG ((DEBUG_ERROR, "%a: credential service is stopped due to securit= y reason\n", __FUNCTION__)); + return EFI_ACCESS_DENIED; + } + + *AuthMethod =3D AuthMethodHttpBasic; + + *UserId =3D AllocateZeroPool (sizeof (CHAR8) * USERNAME_MAX_SIZE); + if (*UserId =3D=3D NULL) { + return EFI_OUT_OF_RESOURCES; + } + + *Password =3D AllocateZeroPool (sizeof (CHAR8) * PASSWORD_MAX_SIZE); + if (*Password =3D=3D NULL) { + return EFI_OUT_OF_RESOURCES; + } + + // + // Get bootstrap credential from variable first + // + Status =3D GetBootstrapAccountCredentialsFromVariable (*UserId, *Passwor= d); + if (!EFI_ERROR (Status)) { + return EFI_SUCCESS; + } + + // + // Make a IPMI query + // + Status =3D GetBootstrapAccountCredentials (FALSE, *UserId, *Password); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a: fail to get bootstrap credential: %r\n", __F= UNCTION__, Status)); + return Status; + } + + Status =3D SetBootstrapAccountCredentialsToVariable (*UserId, *Password,= FALSE); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "%a: fail to cache bootstrap credential: %r\n", _= _FUNCTION__, Status)); + } + + return EFI_SUCCESS; +} diff --git a/RedfishPkg/Library/RedfishPlatformCredentialIpmi/RedfishPlatfo= rmCredentialIpmiLib.h b/RedfishPkg/Library/RedfishPlatformCredentialIpmi/Re= dfishPlatformCredentialIpmiLib.h new file mode 100644 index 0000000000..5325767eab --- /dev/null +++ b/RedfishPkg/Library/RedfishPlatformCredentialIpmi/RedfishPlatformCrede= ntialIpmiLib.h @@ -0,0 +1,86 @@ +/** @file + Header file for RedfishPlatformCredentialIpmiLib. + + Copyright (c) 2022-2023 NVIDIA CORPORATION & AFFILIATES. All rights rese= rved. + + SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef REDFISH_PLATFORM_CREDENTIAL_IPMI_LIB_H_ +#define REDFISH_PLATFORM_CREDENTIAL_IPMI_LIB_H_ + +#include +#include +#include + +#include + +#include +#include +#include +#include +#include +#include +#include +#include + +#define CREDENTIAL_VARIABLE_NAME L"Partstooblaitnederc" + +/// +/// The bootstrap credential keeping in UEFI variable +/// +typedef struct { + CHAR8 Username[USERNAME_MAX_SIZE]; + CHAR8 Password[PASSWORD_MAX_SIZE]; +} BOOTSTRAP_CREDENTIALS_VARIABLE; + +/** + Function to retrieve temporary user credentials for the UEFI redfish cli= ent. This function can + also disable bootstrap credential service in BMC. + + @param[in] DisableBootstrapControl + TRUE - Tell the BMC to disable the b= ootstrap credential + service to ensure no one else= gains credentials + FALSE Allow the bootstrap credentia= l service to continue + @param[out] BootstrapUsername + A pointer to a Ascii encoded string = for the credential username + When DisableBootstrapControl is TRUE= , this pointer can be NULL + + @param[out] BootstrapPassword + A pointer to a Ascii encoded string = for the credential password + When DisableBootstrapControl is TRUE= , this pointer can be NULL + + @retval EFI_SUCCESS Credentials were successfully fetche= d and returned. When DisableBootstrapControl + is set to TRUE, the bootstrap creden= tial service is disabled successfully. + @retval EFI_INVALID_PARAMETER BootstrapUsername or BootstrapPasswo= rd is NULL when DisableBootstrapControl + is set to FALSE + @retval EFI_DEVICE_ERROR An IPMI failure occurred +**/ +EFI_STATUS +GetBootstrapAccountCredentials ( + IN BOOLEAN DisableBootstrapControl, + IN OUT CHAR8 *BootstrapUsername, + IN OUT CHAR8 *BootstrapPassword + ); BootstrapUsername and BootstrapPassword buffers allocated in the external f= unctions but filled in the GetBootstrapAccountCredentials. How do we know i= f the size of the buffer is enough to hold username and password. Should we mention the required size in the description of the function. Or we can send the size of the buffers as the parameters and check their si= zes in the function. Return error in case the size is wrong. + +/** + Function to save temporary user credentials into boot time variable. Whe= n DeleteVariable is True, + this function delete boot time variable. + + @param[in] BootstrapUsername A pointer to a Ascii encoded string f= or the credential username. + @param[in] BootstrapPassword A pointer to a Ascii encoded string f= or the credential password. + @param[in] DeleteVariable True to remove boot time variable. Fa= lse otherwise. + + @retval EFI_SUCCESS Credentials were successfully saved. + @retval EFI_INVALID_PARAMETER BootstrapUsername or BootstrapPasswo= rd is NULL + @retval Others Error occurs +**/ +EFI_STATUS +SetBootstrapAccountCredentialsToVariable ( + IN CHAR8 *BootstrapUsername, OPTIONAL + IN CHAR8 *BootstrapPassword, OPTIONAL + IN BOOLEAN DeleteVariable + ); + +#endif diff --git a/RedfishPkg/Library/RedfishPlatformCredentialIpmi/RedfishPlatfo= rmCredentialIpmiLib.inf b/RedfishPkg/Library/RedfishPlatformCredentialIpmi/= RedfishPlatformCredentialIpmiLib.inf new file mode 100644 index 0000000000..694e401ad9 --- /dev/null +++ b/RedfishPkg/Library/RedfishPlatformCredentialIpmi/RedfishPlatformCrede= ntialIpmiLib.inf @@ -0,0 +1,42 @@ +## @file +# INF file for RedfishPlatformCredentialIpmiLib. +# +# Copyright (c) 2022-2023 NVIDIA CORPORATION & AFFILIATES. All rights res= erved. +# +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +[Defines] + INF_VERSION =3D 0x0001000b + BASE_NAME =3D RedfishPlatformCredentialIpmiLib + FILE_GUID =3D 9C45D622-4C66-417F-814C-F76246D97233 + MODULE_TYPE =3D DXE_DRIVER + VERSION_STRING =3D 1.0 + LIBRARY_CLASS =3D RedfishPlatformCredentialIpmiLib + +[Sources] + RedfishPlatformCredentialIpmiLib.c + RedfishPlatformCredentialIpmiLib.h + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + RedfishPkg/RedfishPkg.dec + +[LibraryClasses] + UefiLib + DebugLib + IpmiBaseLib + MemoryAllocationLib + BaseMemoryLib + UefiRuntimeServicesTableLib + +[Pcd] + gEfiRedfishPkgTokenSpaceGuid.PcdRedfishDisableBootstrapCredentialService + +[Guids] + gEfiRedfishVariableGuid + +[Depex] + TRUE diff --git a/RedfishPkg/RedfishPkg.dec b/RedfishPkg/RedfishPkg.dec index 53e52c2b00..86102b8ffd 100644 --- a/RedfishPkg/RedfishPkg.dec +++ b/RedfishPkg/RedfishPkg.dec @@ -81,6 +81,9 @@ [Guids] gEfiRedfishPkgTokenSpaceGuid =3D { 0x4fdbccb7, 0xe829, 0x4b4c, { 0x= 88, 0x87, 0xb2, 0x3f, 0xd7, 0x25, 0x4b, 0x85 }} + # Redfish variable guid + gEfiRedfishVariableGuid =3D { 0x85ef8dd3, 0xe606, 0x4b89, { 0x= 8b, 0xbd, 0x93, 0xbf, 0x5c, 0xbe, 0x1c, 0x18 } } + [PcdsFixedAtBuild, PcdsPatchableInModule] # # This PCD is the UEFI device path which is used as the Redfish host int= erface. @@ -113,3 +116,7 @@ # Default is set to not add. # gEfiRedfishPkgTokenSpaceGuid.PcdRedfishRestExAddingExpect|FALSE|BOOLEAN|= 0x00001004 + # + # This PCD indicates that if BMC bootstrap credential service will be di= sabled by BIOS or not. + # + gEfiRedfishPkgTokenSpaceGuid.PcdRedfishDisableBootstrapCredentialService= |FALSE|BOOLEAN|0x00001005 diff --git a/RedfishPkg/RedfishPkg.dsc b/RedfishPkg/RedfishPkg.dsc index cf25b63cc2..f2ca212bea 100644 --- a/RedfishPkg/RedfishPkg.dsc +++ b/RedfishPkg/RedfishPkg.dsc @@ -3,6 +3,7 @@ # # Copyright (c) 2019 - 2021, Intel Corporation. All rights reserved.
# (C) Copyright 2021 Hewlett-Packard Enterprise Development LP. +# Copyright (c) 2023, NVIDIA CORPORATION & AFFILIATES. All rights reserved= . # # SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -52,6 +53,7 @@ [Components] RedfishPkg/Library/PlatformHostInterfaceLibNull/PlatformHostInterfaceLib= Null.inf RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNull.i= nf + RedfishPkg/Library/RedfishPlatformCredentialIpmi/RedfishPlatformCredenti= alIpmiLib.inf RedfishPkg/Library/RedfishContentCodingLibNull/RedfishContentCodingLibNu= ll.inf RedfishPkg/Library/DxeRestExLib/DxeRestExLib.inf RedfishPkg/Library/BaseUcs2Utf8Lib/BaseUcs2Utf8Lib.inf -- 2.39.2.windows.1 -The information contained in this message may be confidential and propriet= ary to American Megatrends (AMI). This communication is intended to be read= only by the individual or entity to whom it is addressed or by their desig= nee. If the reader of this message is not the intended recipient, you are o= n notice that any distribution of this message, in any form, is strictly pr= ohibited. Please promptly notify the sender by reply e-mail or by telephone= at 770-246-8600, and then delete or destroy all copies of the transmission= .