From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (NAM12-DM6-obe.outbound.protection.outlook.com [40.107.243.64]) by mx.groups.io with SMTP id smtpd.web12.6500.1666965249537652991 for ; Fri, 28 Oct 2022 06:54:10 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@ami.com header.s=selector1 header.b=GO+nBZ2B; spf=pass (domain: ami.com, ip: 40.107.243.64, mailfrom: igork@ami.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ALR2KBEFbASxRXAe9L3O0g1nT6A2z3iMBqRhIThw+ueAyDcuClo17cylfKdrLMG/GQbdMMmLET1CEUVMBlaiKOTRCMB7VOSrIVebwgJcdswU7M0yntz4Mf0D7Gow/Jr6Lfs1c+VwrGdxWZeBFYleRNAcByqrzvzPnX6nDKtmtx/nmFFjCp8l6TM2sC+duJoZBrWFmV6DZfDgoX8ReRcizqNS9d/3TrEaKnqYR0TTwrkSzhVxcpi8ysfhuDTTJ+lUAhQy5i59ZUmT+u4EZgLcIK7NOyxf4kBHD0mkUeq89evW3Yb7gB+Z0ETo8A1n96B+aKoQP1eQNRL4leHlTcot7A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=FfT/SDUTNJAhQavgCXHB5h7H1MK69l8DuCEwPbAbW6I=; b=M0GjrT7+ALZvTLPH3UZ+d1eCkyDoQuUBrAWseW+H0L5sG9Gsit7MNCoXQTxDvnMC1uz3QvDWXIjm3QUAfORQJ2aIBA0WyezwzbcB6E9SQ752BEdE2tjQxDdgD0HR8sMX6WH15SpyJOT+8B0rBAXxRl6pnkUgGxyoSGbQGVZbKwXYrKQMLQA9Np2L61r3DglAKg8rqgPzonSAHntT4NVwhQC0AcKnrwc2lOc92Vf778LkCH15RyvN13Qjuh3vnQI8y2EMAgp4PgFuwhWTCfVyFEdKqHZjb6qqL8ebzjUmiNZqifo4SbZtKzsUv/vtBnqH0s0N07DIv7nYleQNsDLg1g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ami.com; dmarc=pass action=none header.from=ami.com; dkim=pass header.d=ami.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ami.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=FfT/SDUTNJAhQavgCXHB5h7H1MK69l8DuCEwPbAbW6I=; b=GO+nBZ2BfC0AXHl6pKbAiiI4oEL8rQ3UqLKqSLfha6FwVt7/bhplvh0zSUrW8JaXNpsEzqv5vVzIhXAdMQZpGBypmZltAEV7I6Z7hdMEqjKPEOgk7PxEpDAQXpJTnUeZyppXEABM1ARHTu9tBHAE6XsCFy+gWcbeRzAnWgP0Rh4= Received: from BLAPR10MB5185.namprd10.prod.outlook.com (2603:10b6:208:328::16) by DS0PR10MB6725.namprd10.prod.outlook.com (2603:10b6:8:132::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5723.33; Fri, 28 Oct 2022 13:54:05 +0000 Received: from BLAPR10MB5185.namprd10.prod.outlook.com ([fe80::473b:192f:7fa7:8bbf]) by BLAPR10MB5185.namprd10.prod.outlook.com ([fe80::473b:192f:7fa7:8bbf%6]) with mapi id 15.20.5769.015; Fri, 28 Oct 2022 13:54:05 +0000 From: "Igor Kulchytskyy" To: "Chang, Abner" , "devel@edk2.groups.io" , "nicklew@nvidia.com" CC: Nick Ramirez Subject: Re: [edk2-devel] [PATCH] RedfishPkg/RedfishPlatformCredentialLib: IPMI implementation Thread-Topic: [EXTERNAL] RE: [edk2-devel] [PATCH] RedfishPkg/RedfishPlatformCredentialLib: IPMI implementation Thread-Index: AQHY6EsYXS94wpev0kC4g3CHzmE5HK4gwjhAgAF8cICAAApJAIABKbEAgABkfNA= Date: Fri, 28 Oct 2022 13:54:05 +0000 Message-ID: References: <20221020025434.29969-1-nicklew@nvidia.com> In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: msip_labels: MSIP_Label_4342314e-0df4-4b58-84bf-38bed6170a0f_Enabled=true; MSIP_Label_4342314e-0df4-4b58-84bf-38bed6170a0f_SetDate=2022-10-28T07:48:01Z; MSIP_Label_4342314e-0df4-4b58-84bf-38bed6170a0f_Method=Standard; MSIP_Label_4342314e-0df4-4b58-84bf-38bed6170a0f_Name=General; MSIP_Label_4342314e-0df4-4b58-84bf-38bed6170a0f_SiteId=3dd8961f-e488-4e60-8e11-a82d994e183d; MSIP_Label_4342314e-0df4-4b58-84bf-38bed6170a0f_ActionId=b6c45a3b-12e4-40ce-91d7-6905a538cb55; MSIP_Label_4342314e-0df4-4b58-84bf-38bed6170a0f_ContentBits=1 authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ami.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: BLAPR10MB5185:EE_|DS0PR10MB6725:EE_ x-ms-office365-filtering-correlation-id: 1da85f83-a6ed-4dfb-fd0c-08dab8ebe0af x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: oR/XHBy0iHLGJwV91WpyQ47ufA3oAwXJxB3MOx7/WHQNSWTAHH7LyA041nKvukLsbhvcAqGSuoXreQdetw2hVwr0pirBrfOvjgYheoWmiq+ualJ/s/CBE/KNyzZAd6MHyW0hdi2RVQBdPteRIPpkPBX9L6nFjXCWUvwHoNVxcFgwelO79KPuPVmRaVsko4VzKed/FkLKeuJEUPGXkMwoxq1hOojr3WuapfG+nr0Relv610id7soNCtr0X/NQvuXWe+lwsFChvTy63jPulYZSxkSYCKf8h+MhfpnzxcYXmfUyYrFTWfwjnirb3TnRUrBC7JySHk2aVBrEu7VXJmtm6paJUPUMUfzVg/mY5xlaCKk1YBnm+z1MO0xkhbGC1UCv2Le6XPAtFZD8Zbvv3FOwMK0k6tLkjB+DyjsqEMfniehLsAsIohkPnnMO6NWQOmDt6OmPve95/LnTxLEfTH3+Fs9h03dgd2iUDqQA95snVUvjBOcOiglVF2sQDP7tKWc3qlfSOZapFnuSfosOWAc+H3ik1D0iwW+4uV3HwwOf6CPtqIW/A7BhGv2HJMf5EoWYSyLQkIlONV/XDS2fKhD9FbT2fEZx2mpGbrCp/b9KKZDPS9kZmRcFtTzBvMbI8xhNWlqyo92Gr9xqn1SaFTdQHPj5bR5i5H4uv/QPWz2NXG0w4uRFF4xrqzKiDBFf9a9nY+bZ6PfvCfbTH0MSbt6AARPk+JvU8kIqkYtlbmxwIb+cJ43I44AGTNnc/UBCAxN/UAqz0b1dRAjmX9FsJol3eIvkEYa4JzALwz+JbwhwghA= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BLAPR10MB5185.namprd10.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230022)(4636009)(136003)(396003)(376002)(366004)(346002)(39850400004)(451199015)(33656002)(40140700001)(86362001)(66899015)(122000001)(38100700002)(5660300002)(38070700005)(41300700001)(2906002)(52536014)(30864003)(83380400001)(186003)(76116006)(66946007)(316002)(45080400002)(110136005)(66476007)(7696005)(6506007)(64756008)(66446008)(8676002)(4326008)(9686003)(66556008)(55016003)(478600001)(8936002)(26005)(53546011)(966005)(71200400001)(579004)(559001);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?9Av/e9hAoEwFdOs+xr19U+VPrKcuu1tra/qXhmyAMTRAJd32UT38K/0WdYk0?= =?us-ascii?Q?SYwXNT1IZwh8ZvWPYPiruSlTguLNUuS+1iaOLSaCRjjlKIEz6qmUeoEF4R5H?= =?us-ascii?Q?ifsrQwFRwFNyJl8IBKNM8UoW69vh3ZoSEhSswoURPHppWdnsZQP21CadExdZ?= =?us-ascii?Q?XzuTjzQvR27of0lK5B+JVAZisf8ybwve1bF+03ptJfBOeuvE5eRtdFbHtT1O?= =?us-ascii?Q?VZryvOiepE8bkEIzG006zDgiuVvykIg7XM5+P8FsiQstk6VbGptaWl4j/IuK?= =?us-ascii?Q?P4Wa1fi2vResUcamrG0zUIN6dl/9yx0XVzEpDGZCnAZsRioX6zKkx6+cwAyr?= =?us-ascii?Q?jurd06xOHhPyUyGxioGaq3OXqgcXbRFT77ZmnXV7NtcvkzKXnuNRj1Uf8iuM?= =?us-ascii?Q?p9HKKxLI5P1DK1mrf2Q9LRLNi5dZnLmDynrjrpS/P/OMTIZ8/zbce4vjTj5a?= =?us-ascii?Q?KZiWdtMGMD/71L7yTFhkkFWBYi5AeKhU7/MapnqhtRpmO30cw//6L8NzZmGF?= =?us-ascii?Q?LrFXN93C6h7QCMyHUN0Rhy2VwPM9wTuxBA4XiDYxJI0XzWK0JjuFIwE9J7pp?= =?us-ascii?Q?jsFI9uNtJtikLdo4qom/DfJQQu7NcXDVtRK2fQgnwiAW0ratmdzSyFgNfyur?= =?us-ascii?Q?8PJB1RZ82Cnrzgqec6aDa0jYSCQOJfwIb7QGiT3AHxCveFHGo4JtNh7TOL7H?= =?us-ascii?Q?dPKPsucFUQHG3v7rUntnweDcHapAuambJdO3mk5qOL476B97m7hRI/NZbvBL?= =?us-ascii?Q?dnZvgo0cdyG8IxKnlZaJE8sIERlNL5f/WU3weDLqoRoKfJbI+Y4BwoEWFJgR?= =?us-ascii?Q?vQusoe2+Yl5Vb5tjdFC9uf/oPhRW295mtjcjPG3H8ExC1ExOrtkjMBbbxMWw?= =?us-ascii?Q?sVWJbWs0BPqpjBLzNmj9q5URXSOcroD+z6d+doGC34SB7tlp71dUlGKLOb1Z?= =?us-ascii?Q?Ae0q88z4OQkGficoL1efYezMnDrhWBV5/jWor33LS1leAA+08dtx82GhuDLu?= =?us-ascii?Q?JxsSlsJ82FpXyJ06VZkxvO/Yw1+OWbMnBfmMrdepOCsF7Uv4WI3JZ+0FS6/D?= =?us-ascii?Q?HLD5Fu8bFCQjoeXzZWweYSHhch6GzLxBjm0SqA6e372Db+ogErU/IQsSATZT?= =?us-ascii?Q?/50ni1yMKnw5QlBLRF1ejUUCUDmi91Yvoo9uFriEc3w+HRtVYKPEWudlzrRb?= =?us-ascii?Q?/SEebkqkxULS/T//qzRMWYcZKU/BE98EFmvcNRxUAs9O+BupgF8764SWYtxG?= =?us-ascii?Q?syaTd+rNVGT1jwi2ts7kw6Je7FCrGCWWTAWHXgcOnV8uIKWn45uQQcSjJYU6?= =?us-ascii?Q?CqxrPUIo1Ic8ejjLftVlLu4IAe4PdXo4W15T/pEXp8LoEnHkKLQWMNWPUQLR?= =?us-ascii?Q?DaM4R9KepliAQ3aYzBpSP81gXhZ/REO4yCgoFbHGfr3FBNu+62OVwG6II49E?= =?us-ascii?Q?VIhnElE875xerqe7EVIRm1BU5OQ/XSw16tbuV/c4klYSNmRFSRMK5qyYp2ko?= =?us-ascii?Q?r4KgyA7/OFNByyD+QhK85ez1J/COps78En1IufQSv5R/A7mFBqmxqCc+1G3C?= =?us-ascii?Q?IGv2vplQ2xtIbLhrq0U=3D?= MIME-Version: 1.0 X-OriginatorOrg: ami.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: BLAPR10MB5185.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 1da85f83-a6ed-4dfb-fd0c-08dab8ebe0af X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Oct 2022 13:54:05.2645 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 27e97857-e15f-486c-b58e-86c2b3040f93 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: RuHMNK0dCwYI2aYt6rRi1TnLExfPeEILqa2+29fLnRXg4j/9/Edhk0lD3Rq2xhPx X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR10MB6725 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Abner, Yes, you are right that NVRAM variables were deprecated by DMTF. But we can use our own boot time NVRAM variable to keep FW credentials. Tha= t variable will not be accessible from OS, but since we agreed not to disab= le bootstrap credentials service on exit boot event, then OS may get its ow= n credentials. Or we can save the credentials in memory variable. But in this case if we h= ave several instances of the library linked with different modules they wil= l have to send their own IPMI command to get credentials. So, I think it is better to use our own NVRAM boot time variable. Thank you, Igor -----Original Message----- From: Chang, Abner Sent: Friday, October 28, 2022 3:48 AM To: devel@edk2.groups.io; Igor Kulchytskyy ; nicklew@nvidia.= com Cc: Nick Ramirez Subject: [EXTERNAL] RE: [edk2-devel] [PATCH] RedfishPkg/RedfishPlatformCred= entialLib: IPMI implementation **CAUTION: The e-mail below is from an external source. Please exercise cau= tion before opening attachments, clicking links, or following guidance.** [AMD Official Use Only - General] > -----Original Message----- > From: devel@edk2.groups.io On Behalf Of Igor > Kulchytskyy via groups.io > Sent: Thursday, October 27, 2022 10:42 PM > To: devel@edk2.groups.io; nicklew@nvidia.com; Chang, Abner > > Cc: Nick Ramirez > Subject: Re: [edk2-devel] [PATCH] RedfishPkg/RedfishPlatformCredentialLib= : > IPMI implementation > > Caution: This message originated from an External Source. Use proper > caution when opening attachments, clicking links, or responding. > > > Hi Nickle, > Pleased, see my comments on your questions below. > > Another point I missed in my previous mail. > You have that function in the library to get credentials and it is > used by RedfishCredentialsDxe driver to create the protocol which in > its turn will be used by other Redfish modules. > We do not know how many modules and how many times will call this > function during boot. Right? > And on each call of this function you call IPMI command. That command > will create new Redfish account on BMC side according to Redfish HI speci= fication: > > " If the Get Bootstrap Account Credentials command has been issued and > responds with the completion code 00h, a bootstrap account shall be > added to the manager's account collection and enabled. If the Get > Bootstrap Account Credentials command is sent subsequent times and > responds with the completion code 00h, a new account shall be created > based on the newly generated credentials. Any existing bootstrap accounts= shall remain active." > > As I know BMC may have some restrictions on the number of Redfish > accounts they can support. > And because of that BOS may hit this limit. Which is not good. > On the other hand I'm not sure we need to have different credentials > for different modules? All those modules are part of FW. And all of > them will be associated with the same RoleID (FW role) on BMC side. > So, all of them may use the same credentials. > Could we cash the credentials on first call of that Yes, this is something we have to avoid. Many accounts will be created whil= e each of Redfish client module requests a credential. FW can save it in EF= I variable and delete it at proper timing. Unfortunately the credential del= ivering via EFI variable section was deprecated, otherwise we can deliver t= he credential to OS through EFI variable with disabling the bootstrap crede= ntial at exit boot service. Abner > RedfishCredentialGetAuthInfo and then use those cashed credentials on > subsequential calls? > It will also may save a boot time, since there is no need to send IPMI > command. > > Thank you, > Igor > > -----Original Message----- > From: devel@edk2.groups.io On Behalf Of Nickle > Wang via groups.io > Sent: Thursday, October 27, 2022 9:26 AM > To: devel@edk2.groups.io; Igor Kulchytskyy ; > abner.chang@amd.com > Cc: Nick Ramirez > Subject: [EXTERNAL] Re: [edk2-devel] [PATCH] > RedfishPkg/RedfishPlatformCredentialLib: IPMI implementation > > > **CAUTION: The e-mail below is from an external source. Please > exercise caution before opening attachments, clicking links, or > following guidance.** > > Hi Igor, > > Thank you for your help to review my changes. > > > And it will be blocked by our IPMI call. > > I see your point. So, BIOS should never be the person to shutdown > credential service because BIOS always get executed prior to OS, right? > > Igor: Yes, my point is that we should not shutdown credential service > from BIOS. Even if OS sends that IPMI command, new account will be > created and BIOS credentials will not be compromised. > > > Should it be configured with some PCD? Maybe user may select in > > Setup > what method should be used? Or it could be build time configuration? > > I have below assumption while I implemented the library. I admit this > is not always true. > > No Auth: I think this is rare case for Redfish service which gives > anonymous privilege to change BIOS settings. > Basic Auth: this is the authentication method which uses username and > password to build base64 encoded string. > Session Auth: I assume that client must have a session token first and > then use this authentication method. Can we use username and password > to generate session token on our own? If my memory serves me > correctly, client has to do a login with username and password first > and then client can receive session token from server. > > Igor: BIOS will use the credentials to create session. It should send > POST request to the session URI with user name and password to create ses= sion. > If a session created successfully then on response BMC returns header > "X- Auth-Token" which then used for the subsequential calls. > > If we really like to know what authentication method that Redfish > service used, we can issue a HTTP query to "/redfish/v1/Systems" with "No= Auth". > Then we can know what authentication method is required by reading the > "WWW-Authenticate " filed in returned HTTP header. > > Igor: As my understanding, even if you include authentication header > (Base64 encoded) in the request to BMC and BMC has NoAuth > configuration, then that authentication header would be just ignored by B= MC. > > Thanks, > Nickle > > -----Original Message----- > From: devel@edk2.groups.io On Behalf Of Igor > Kulchytskyy via groups.io > Sent: Wednesday, October 26, 2022 11:26 PM > To: Nickle Wang ; devel@edk2.groups.io; > abner.chang@amd.com > Cc: Nick Ramirez > Subject: Re: [edk2-devel] [PATCH] RedfishPkg/RedfishPlatformCredentialLib= : > IPMI implementation > > External email: Use caution opening links or attachments > > > Hi Nickle, > I would like to discuss that DisableBootstrapControl flag and how it > is used in our implementation. > According to Redfish HI specification we can use this flag to disable > credential bootstrapping control. > It can be disabled permanently or till next reboot of the host or > service. That depend on the EnableAfterReset setting on BMC side: > CredentialBootstrapping (v1.3+) > { object The credential bootstrapping settings for this interface. > EnableAfterReset (v1.3+) Boolean read-write (null) An > indication of whether credential bootstrapping is enabled after a reset f= or this interface. > Enabled (v1.3+) Boolean read-write (null) An indication of > whether credential bootstrapping is enabled for this interface. > RoleId (v1.3+) string read-write The role used for the > bootstrap account created for this interface. > } > So, if EnableAfterReset set to false, that means BMC will response > with 0x80 error and will not return any credentials after reboot. And > BIOS BMC communication will fail. > Another concern with disabling credential bootstrapping control is > that we do it on Exit Boot event before passing a control to OS. > But OS may also need to communicate to BMC through Redfish Host > Interface to post some information. And it will be blocked by our IPMI ca= ll. > We create that SMBIOS Type 42 table with Redfish Host Interface > settings which can be used by OS to communicate with BMC. But without > the credentials it will not be possible. > > Another question is AuthMethod parameter you initialize in this library: > *AuthMethod =3D AuthMethodHttpBasic; > According to Redfish HI specification 3 methods may be used - No Auth, > Basic Auth and Session Auth. > Basic Auth and Session Auth methods are required the credentials to be > used by BIOS. And both of them should be supported by BMC. > And your high level function RedfishCreateLibredfishService also > supports of creation Basic or Session Auth service. > I'm not sure why low level library which is created to get credentials > from BMC should decide what Authentication method should be used? > Should it be configured with some PCD? Maybe user may select in Setup > what method should be used? Or it could be build time configuration? > > Thank you, > Igor > > -----Original Message----- > From: Nickle Wang > Sent: Tuesday, October 25, 2022 4:24 AM > To: devel@edk2.groups.io; abner.chang@amd.com > Cc: Nick Ramirez ; Igor Kulchytskyy > > Subject: [EXTERNAL] RE: [edk2-devel] [PATCH] > RedfishPkg/RedfishPlatformCredentialLib: IPMI implementation > > > **CAUTION: The e-mail below is from an external source. Please > exercise caution before opening attachments, clicking links, or > following guidance.** > > Thanks for your review comments, Abner! I will update new version > patch later. The CI build error will be handled together. > > > please add Igor as reviewer too > Sure! > > > > + *UserId =3D AllocateZeroPool (sizeof (CHAR8) * USERNAME_MAX_SIZE); > > + if > [Chang, Abner] > Allocation memory with the size (USERNAME_MAX_LENGTH + 1) for both > BootUsername and BootstrapPassword? Because the maximum number of > characters defined in the spec is USERNAME_MAX_LENGTH for the > user/password. > > Yes, the additional one byte is for NULL terminator. > USERNAME_MAX_LENGTH is defined as 16 and follow host interface > specification. > > Regards, > Nickle > > -----Original Message----- > From: devel@edk2.groups.io On Behalf Of Chang, > Abner via groups.io > Sent: Saturday, October 22, 2022 3:01 PM > To: Nickle Wang ; devel@edk2.groups.io > Cc: Nick Ramirez ; Igor Kulchytskyy > > Subject: Re: [edk2-devel] [PATCH] RedfishPkg/RedfishPlatformCredentialLib= : > IPMI implementation > > External email: Use caution opening links or attachments > > > [AMD Official Use Only - General] > > Hi Nickle, please add Igor as reviewer too. My comments is in below, > > > -----Original Message----- > > From: Nickle Wang > > Sent: Thursday, October 20, 2022 10:55 AM > > To: devel@edk2.groups.io > > Cc: Chang, Abner ; Nick Ramirez > > > > Subject: [PATCH] RedfishPkg/RedfishPlatformCredentialLib: IPMI > > implementation > > > > Caution: This message originated from an External Source. Use proper > > caution when opening attachments, clicking links, or responding. > > > > > > This library follows Redfish Host Interface specification and use > > IPMI command to get bootstrap account credential(NetFn 2Ch, Command > > 02h) > from BMC. > > RedfishHostInterfaceDxe will use this credential for the following > > communication between BIOS and BMC. > > > > Cc: Abner Chang > > Cc: Nick Ramirez > > Signed-off-by: Nickle Wang > > --- > > .../RedfishPlatformCredentialLib.c | 273 ++++++++++++++++++ > > .../RedfishPlatformCredentialLib.h | 75 +++++ > > .../RedfishPlatformCredentialLib.inf | 37 +++ > [Chang, Abner] > Could we name this library RedfishPlatformCredentialIpmi so the naming > style is consistent with RedfishPlatformCredentialNull? > > > 3 files changed, 385 insertions(+) > > create mode 100644 > > > RedfishPkg/Library/RedfishPlatformCredentialLib/RedfishPlatformCredent > ial > Lib. > > c > > create mode 100644 > > > RedfishPkg/Library/RedfishPlatformCredentialLib/RedfishPlatformCredent > ial > Lib. > > h > > create mode 100644 > > RedfishPkg/Library/RedfishPlatformCredentialLib/RedfishPlatformCrede > > nt > > ialLib.i > > nf > > > > diff --git > > a/RedfishPkg/Library/RedfishPlatformCredentialLib/RedfishPlatformCre > > de > > ntialLi > > b.c > > b/RedfishPkg/Library/RedfishPlatformCredentialLib/RedfishPlatformCre > > de > > ntialLi > > b.c > > new file mode 100644 > > index 0000000000..23a15ab1fa > > --- /dev/null > > +++ b/RedfishPkg/Library/RedfishPlatformCredentialLib/RedfishPlatfor > > +++ mC > > +++ re > > +++ dentialLib.c > > @@ -0,0 +1,273 @@ > > +/** @file > > +* > > +* Copyright (c) 2022 NVIDIA CORPORATION & AFFILIATES. All rights > reserved. > > +* > > +* SPDX-License-Identifier: BSD-2-Clause-Patent > [Chang, Abner] > We can have "@par Revision Reference:" in the file header to point > out the spec. > https://nam12.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fnam1 > 1.safelinks.protection.outlook.com%2F%3Furl%3Dhttps%253A%252F%252Fww&a > mp;data=3D05%7C01%7Cigork%40ami.com%7C2b5b562c02c04c90d51208dab8b8c0fd%7 > C27e97857e15f486cb58e86c2b3040f93%7C1%7C0%7C638025400915295621%7CUnkno > wn%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiL > CJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=3DUy%2B3HS336N3rgNSESPcyOPGX3eOR > 48hekdz08nLtJU4%3D&reserved=3D0 > w.dmtf.org%2Fsites%2Fdefault%2Ffiles%2Fstandards%2Fdocuments%2FDSP > 0270_1.3.0.pdf&data=3D05%7C01%7Cabner.chang%40amd.com%7C074aa > e162fba49409af408dab8297c03%7C3dd8961fe4884e608e11a82d994e183d%7C > 0%7C0%7C638024786060127888%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiM > C4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000 > %7C%7C%7C&sdata=3DyY6hhKjQfVqmNuufbeDNk%2B2FKrebHyIAyS9Ya4 > szE3Y%3D&reserved=3D0 > > > +* > > +**/ > > + > > +#include "RedfishPlatformCredentialLib.h" > > + > > +// > > +// Global flag of controlling credential service // BOOLEAN > > +mRedfishServiceStopped =3D FALSE; > > + > > +/** > > + Notify the Redfish service provide to stop provide configuration > > +service to this > > platform. > > + > > + This function should be called when the platfrom is about to > > + leave the safe > > environment. > > + It will notify the Redfish service provider to abort all logined > > + session, and prohibit further login with original auth info. > > + GetAuthInfo() will return EFI_UNSUPPORTED once this function is > returned. > > + > > + @param[in] This Pointer to > > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > > + @param[in] ServiceStopType Reason of stopping Redfish service. > > + > > + @retval EFI_SUCCESS Service has been stoped successfull= y. > > + @retval EFI_INVALID_PARAMETER This is NULL. > > + @retval Others Some error happened. > > + > > +**/ > > +EFI_STATUS > > +EFIAPI > > +LibStopRedfishService ( > > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > > + IN EDKII_REDFISH_CREDENTIAL_STOP_SERVICE_TYPE > ServiceStopType > > + ) > > +{ > > + EFI_STATUS Status; > > + > > + if ((ServiceStopType <=3D ServiceStopTypeNone) || (ServiceStopType > > + >=3D > > ServiceStopTypeMax)) { > > + return EFI_INVALID_PARAMETER; > > + } > > + > > + // > > + // Raise flag first > > + // > > + mRedfishServiceStopped =3D TRUE; > > + > > + // > > + // Notify BMC to disable credential bootstrapping support. > > + // > > + Status =3D GetBootstrapAccountCredentials (TRUE, NULL, NULL); if > > + (EFI_ERROR (Status)) { > > + DEBUG ((DEBUG_ERROR, "%a: fail to disable bootstrap credential: > > + %r\n", > > __FUNCTION__, Status)); > > + return Status; > > + } > > + > > + return EFI_SUCCESS; > > +} > > + > > +/** > > + Notification of Exit Boot Service. > > + > > + @param[in] This Pointer to EDKII_REDFISH_CREDENTIAL_PROTOCOL. > > +**/ > > +VOID > > +EFIAPI > > +LibCredentialExitBootServicesNotify ( > > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This > > + ) > > +{ > > + // > > + // Stop the credential support when system is about to enter OS. > > + // > > + LibStopRedfishService (This, ServiceStopTypeExitBootService); } > > + > > +/** > > + Notification of End of DXe. > > + > > + @param[in] This Pointer to EDKII_REDFISH_CREDENTIAL_PROTOCOL. > > +**/ > > +VOID > > +EFIAPI > > +LibCredentialEndOfDxeNotify ( > > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This > > + ) > > +{ > > + // > > + // Do nothing now. > > + // We can stop credential support when system reach end-of-dxe > > +for security > > reason. > > + // > > +} > > + > > +/** > > + Function to retrieve temporary use credentials for the UEFI > > +redfish client > [Chang, Abner] > We miss the functionality to disable bootstrap credential service in > the function description. > > > + > > + @param[in] DisableBootstrapControl > > + TRUE - Tell the BMC to disable t= he bootstrap credential > > + service to ensure no one = else gains credentials > > + FALSE Allow the bootstrap > > + credential service to continue @param[out] BootstrapUsername > > + A pointer to a UTF-8 encoded > > + string for the credential > > username > > + When DisableBootstrapControl > > + is TRUE, this pointer can be NULL > > + > > + @param[out] BootstrapPassword > > + A pointer to a UTF-8 encoded > > + string for the credential > > password > > + When DisableBootstrapControl > > + is TRUE, this pointer can be NULL > > + > > + @retval EFI_SUCCESS Credentials were successfully fe= tched and > > returned > > + @retval EFI_INVALID_PARAMETER BootstrapUsername or > > BootstrapPassword is NULL when DisableBootstrapControl > > + is set to FALSE > > + @retval EFI_DEVICE_ERROR An IPMI failure occurred > [Chang, Abner] > The return status should also include the status of disabling > bootstrap credential. > > > > +**/ > > +EFI_STATUS > > +GetBootstrapAccountCredentials ( > > + IN BOOLEAN DisableBootstrapControl, > > + IN OUT CHAR8 *BootstrapUsername, OPTIONAL > > + IN OUT CHAR8 *BootstrapPassword OPTIONAL > > + ) > > +{ > > + EFI_STATUS Status; > > + IPMI_BOOTSTRAP_CREDENTIALS_COMMAND_DATA CommandData; > > + IPMI_BOOTSTRAP_CREDENTIALS_RESULT_RESPONSE ResponseData; > > + UINT32 ResponseSize; > > + > > + if (!PcdGetBool (PcdIpmiFeatureEnable)) { > > + DEBUG ((DEBUG_ERROR, "%a: IPMI is not enabled! Unable to fetch > > + Redfish > > credentials\n", __FUNCTION__)); > > + return EFI_UNSUPPORTED; > > + } > > + > > + // > > + // NULL buffer check > > + // > > + if (!DisableBootstrapControl && ((BootstrapUsername =3D=3D NULL) || > > (BootstrapPassword =3D=3D NULL))) { > > + return EFI_INVALID_PARAMETER; > > + } > > + > > + DEBUG ((DEBUG_VERBOSE, "%a: Disable bootstrap control: 0x%x\n", > > + __FUNCTION__, DisableBootstrapControl)); > > + > > + // > > + // IPMI callout to NetFn 2C, command 02 > > + // Request data: > > + // Byte 1: REDFISH_IPMI_GROUP_EXTENSION > > + // Byte 2: DisableBootstrapControl > > + // > > + CommandData.GroupExtensionId =3D > REDFISH_IPMI_GROUP_EXTENSION; > > + CommandData.DisableBootstrapControl =3D (DisableBootstrapControl ? > > + REDFISH_IPMI_BOOTSTRAP_CREDENTIAL_DISABLE : > > + REDFISH_IPMI_BOOTSTRAP_CREDENTIAL_ENABLE); > > + > > + ResponseSize =3D sizeof (ResponseData); > > + > > + // > > + // Response data: > > + // Byte 1 : Completion code > > + // Byte 2 : REDFISH_IPMI_GROUP_EXTENSION > > + // Byte 3-18 : Username > > + // Byte 19-34: Password > > + // > > + Status =3D IpmiSubmitCommand ( > > + IPMI_NETFN_GROUP_EXT, > > + REDFISH_IPMI_GET_BOOTSTRAP_CREDENTIALS_CMD, > > + (UINT8 *)&CommandData, > > + sizeof (CommandData), > > + (UINT8 *)&ResponseData, > > + &ResponseSize > > + ); > > + > > + if (EFI_ERROR (Status)) { > > + DEBUG ((DEBUG_ERROR, "%a: IPMI transaction failure. > > + Returning\n", > > __FUNCTION__)); > > + ASSERT_EFI_ERROR (Status); > > + return Status; > > + } else { > > + if (ResponseData.CompletionCode !=3D IPMI_COMP_CODE_NORMAL) { > > + if (ResponseData.CompletionCode =3D=3D > > REDFISH_IPMI_COMP_CODE_BOOTSTRAP_CREDENTIAL_DISABLED) { > > + DEBUG ((DEBUG_ERROR, "%a: bootstrap credential support was > > disabled\n", __FUNCTION__)); > > + return EFI_ACCESS_DENIED; > > + } > > + > > + DEBUG ((DEBUG_ERROR, "%a: Completion code =3D 0x%x. > > + Returning\n", > > __FUNCTION__, ResponseData.CompletionCode)); > > + return EFI_PROTOCOL_ERROR; > > + } else if (ResponseData.GroupExtensionId !=3D > > REDFISH_IPMI_GROUP_EXTENSION) { > > + DEBUG ((DEBUG_ERROR, "%a: Group Extension Response =3D 0x%x. > > Returning\n", __FUNCTION__, ResponseData.GroupExtensionId)); > > + return EFI_DEVICE_ERROR; > > + } else { > > + if (BootstrapUsername !=3D NULL) { > > + CopyMem (BootstrapUsername, ResponseData.Username, > > USERNAME_MAX_LENGTH); > > + // > > + // Manually append null-terminator in case 16 characters > > + username > > returned. > > + // > > + BootstrapUsername[USERNAME_MAX_LENGTH] =3D '\0'; > > + } > > + > > + if (BootstrapPassword !=3D NULL) { > > + CopyMem (BootstrapPassword, ResponseData.Password, > > PASSWORD_MAX_LENGTH); > > + // > > + // Manually append null-terminator in case 16 characters > > + password > > returned. > > + // > > + BootstrapPassword[PASSWORD_MAX_LENGTH] =3D '\0'; > > + } > > + } > > + } > > + > > + return Status; > > +} > > + > > +/** > > + Retrieve platform's Redfish authentication information. > > + > > + This functions returns the Redfish authentication method together > > + with the user Id and password. > > + - For AuthMethodNone, the UserId and Password could be used for > > + HTTP > > header authentication > > + as defined by RFC7235. > > + - For AuthMethodRedfishSession, the UserId and Password could be > > + used for > > Redfish > > + session login as defined by Redfish API specification (DSP0266). > > + > > + Callers are responsible for and freeing the returned string storage. > > + > > + @param[in] This Pointer to > > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > > + @param[out] AuthMethod Type of Redfish authentication meth= od. > > + @param[out] UserId The pointer to store the returned U= serId > string. > > + @param[out] Password The pointer to store the returned > Password > > string. > > + > > + @retval EFI_SUCCESS Get the authentication information > successfully. > > + @retval EFI_ACCESS_DENIED SecureBoot is disabled after EndOfD= xe. > > + @retval EFI_INVALID_PARAMETER This or AuthMethod or UserId or > > Password is NULL. > > + @retval EFI_OUT_OF_RESOURCES There are not enough memory > resources. > > + @retval EFI_UNSUPPORTED Unsupported authentication method i= s > > found. > > + > > +**/ > > +EFI_STATUS > > +EFIAPI > > +LibCredentialGetAuthInfo ( > > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > > + OUT EDKII_REDFISH_AUTH_METHOD *AuthMethod, > > + OUT CHAR8 **UserId, > > + OUT CHAR8 **Password > > + ) > > +{ > > + EFI_STATUS Status; > > + > > + if ((AuthMethod =3D=3D NULL) || (UserId =3D=3D NULL) || (Password = =3D=3D NULL)) { > > + return EFI_INVALID_PARAMETER; > > + } > > + > > + *UserId =3D NULL; > > + *Password =3D NULL; > > + > > + if (mRedfishServiceStopped) { > > + DEBUG ((DEBUG_ERROR, "%a: credential service is stopped due to > > + security > > reason\n", __FUNCTION__)); > > + return EFI_ACCESS_DENIED; > > + } > > + > > + *AuthMethod =3D AuthMethodHttpBasic; > > + > > + *UserId =3D AllocateZeroPool (sizeof (CHAR8) * USERNAME_MAX_SIZE); > > + if > [Chang, Abner] > Allocation memory with the size (USERNAME_MAX_LENGTH + 1) for both > BootUsername and BootstrapPassword? Because the maximum number of > characters defined in the spec is USERNAME_MAX_LENGTH for the > user/password. > > > > + (*UserId =3D=3D NULL) { > > + return EFI_OUT_OF_RESOURCES; > > + } > > + > > + *Password =3D AllocateZeroPool (sizeof (CHAR8) * > > + PASSWORD_MAX_SIZE); if (*Password =3D=3D NULL) { > > + return EFI_OUT_OF_RESOURCES; > > + } > > + > > + Status =3D GetBootstrapAccountCredentials (FALSE, *UserId, > > + *Password); if (EFI_ERROR (Status)) { > > + DEBUG ((DEBUG_ERROR, "%a: fail to get bootstrap credential: > > + %r\n", > > __FUNCTION__, Status)); > > + return Status; > > + } > > + > > + return EFI_SUCCESS; > > +} > > diff --git > > a/RedfishPkg/Library/RedfishPlatformCredentialLib/RedfishPlatformCre > > de > > ntialLi > > b.h > > b/RedfishPkg/Library/RedfishPlatformCredentialLib/RedfishPlatformCre > > de > > ntialLi > > b.h > > new file mode 100644 > > index 0000000000..5b448e01be > > --- /dev/null > > +++ b/RedfishPkg/Library/RedfishPlatformCredentialLib/RedfishPlatfor > > +++ mC > > +++ re > > +++ dentialLib.h > > @@ -0,0 +1,75 @@ > > +/** @file > > +* > > +* Copyright (c) 2022 NVIDIA CORPORATION & AFFILIATES. All rights > reserved. > > +* > > +* SPDX-License-Identifier: BSD-2-Clause-Patent > > +* > > +**/ > > +#include > > +#include > > +#include > > +#include > > +#include > > +#include > > +#include > > +#include #include > > + > > + > > +#define REDFISH_IPMI_GROUP_EXTENSION 0x52 > > +#define REDFISH_IPMI_GET_BOOTSTRAP_CREDENTIALS_CMD 0x02 > > +#define REDFISH_IPMI_BOOTSTRAP_CREDENTIAL_ENABLE 0xA5 > > +#define REDFISH_IPMI_BOOTSTRAP_CREDENTIAL_DISABLE 0x00 > > +#define > REDFISH_IPMI_COMP_CODE_BOOTSTRAP_CREDENTIAL_DISABLED > > 0x80 > > + > > +// > > +// Per Redfish Host Interface Specification 1.3, The maximum lenght > > +of // username and password is 16 characters long. > > +// > > +#define USERNAME_MAX_LENGTH 16 > > +#define PASSWORD_MAX_LENGTH 16 > > +#define USERNAME_MAX_SIZE (USERNAME_MAX_LENGTH + 1) // > NULL > > terminator > > +#define PASSWORD_MAX_SIZE (PASSWORD_MAX_LENGTH + 1) // > NULL > > terminator > > + > > +#pragma pack(1) > > +/// > > +/// The definition of IPMI command to get bootstrap account > > +credentials /// typedef struct { > > + UINT8 GroupExtensionId; > > + UINT8 DisableBootstrapControl; > > +} IPMI_BOOTSTRAP_CREDENTIALS_COMMAND_DATA; > > + > > +/// > > +/// The response data of getting bootstrap credential /// typedef > > +struct { > > + UINT8 CompletionCode; > > + UINT8 GroupExtensionId; > > + CHAR8 Username[USERNAME_MAX_LENGTH]; > > + CHAR8 Password[PASSWORD_MAX_LENGTH]; > > +} IPMI_BOOTSTRAP_CREDENTIALS_RESULT_RESPONSE; > > + > > +#pragma pack() > > + > > +/** > > + Function to retrieve temporary use credentials for the UEFI > > +redfish client > [Chang, Abner] > We miss the functionality to disable bootstrap credential service in > the function description. > > > + > > + @param[in] DisableBootstrapControl > > + TRUE - Tell the BMC to disable t= he bootstrap credential > > + service to ensure no one = else gains credentials > > + FALSE Allow the bootstrap > > + credential service to continue @param[out] BootstrapUsername > > + A pointer to a UTF-8 encoded > > + string for the credential username > > + > > + @param[out] BootstrapPassword > > + A pointer to a UTF-8 encoded > > + string for the credential password > > + > > + @retval EFI_SUCCESS Credentials were successfully fe= tched and > > returned > [Chang, Abner] > Or the bootstrap credential service is disabled successfully, right? > > > + @retval EFI_DEVICE_ERROR An IPMI failure occurred > > +**/ > > +EFI_STATUS > > +GetBootstrapAccountCredentials ( > > + IN BOOLEAN DisableBootstrapControl, > > + IN OUT CHAR8 *BootstrapUsername, > > + IN OUT CHAR8 *BootstrapPassword > > + ); > > diff --git > > a/RedfishPkg/Library/RedfishPlatformCredentialLib/RedfishPlatformCre > > de > > ntialLi > > b.inf > > b/RedfishPkg/Library/RedfishPlatformCredentialLib/RedfishPlatformCre > > de > > ntialLi > > b.inf > > new file mode 100644 > > index 0000000000..a990d28363 > > --- /dev/null > > +++ b/RedfishPkg/Library/RedfishPlatformCredentialLib/RedfishPlatfor > > +++ mC > > +++ re > > +++ dentialLib.inf > > @@ -0,0 +1,37 @@ > > +## @file > > +# > > +# Copyright (c) 2022 NVIDIA CORPORATION & AFFILIATES. All rights > reserved. > > +# > > +# SPDX-License-Identifier: BSD-2-Clause-Patent # ## > > + > > +[Defines] > > + INF_VERSION =3D 0x0001000b > > + BASE_NAME =3D RedfishPlatformCredentialLib > > + FILE_GUID =3D 9C45D622-4C66-417F-814C-F76246D97= 233 > > + MODULE_TYPE =3D DXE_DRIVER > > + VERSION_STRING =3D 1.0 > > + LIBRARY_CLASS =3D RedfishPlatformCredentialLib > > + > > +[Sources] > > + RedfishPlatformCredentialLib.c > > + > > +[Packages] > > + MdePkg/MdePkg.dec > > + MdeModulePkg/MdeModulePkg.dec > > + RedfishPkg/RedfishPkg.dec > > + IpmiFeaturePkg/IpmiFeaturePkg.dec > [Chang, Abner] > Could you please add a comment to the reference of IpmiFeaturePkg? We > have to give customers a notice that the dependence of "edk2- > platforms/Features/Intel/OutOfBandManagement/". They have to add the > path to PACKAGES_PATH. You also have to skip this dependence in the > RedfishPkg.yaml to avoid the CI error. > > Another thing is I propose to move out IpmiFeaturePkg from edk2- > platforms/Features/Intel/OutOfBandManagement to edk2- > platforms/Features/ManageabilityPkg that also provides the > implementation of PLDM/MCTP/IPMI/KCS. I had an initial talk with > IpmiFeaturePkg owner and get the positive response on this proposal. I > will kick off the discussion on the dev mailing list. That is to say > this module may need a little bit change later, however that is good > to me having this implementation now. > Thanks > Abner > > + > > +[LibraryClasses] > > + UefiLib > > + DebugLib > > + IpmiBaseLib > > + MemoryAllocationLib > > + BaseMemoryLib > > + > > +[Pcd] > > + gIpmiFeaturePkgTokenSpaceGuid.PcdIpmiFeatureEnable > > + > > +[Depex] > > + TRUE > > -- > > 2.17.1 > > > > > > -The information contained in this message may be confidential and > proprietary to American Megatrends (AMI). This communication is > intended to be read only by the individual or entity to whom it is > addressed or by their designee. If the reader of this message is not > the intended recipient, you are on notice that any distribution of > this message, in any form, is strictly prohibited. Please promptly > notify the sender by reply e-mail or by telephone at 770-246-8600, and > then delete or destroy all copies of the transmission. > > > > > > > > > > > -The information contained in this message may be confidential and > proprietary to American Megatrends (AMI). This communication is > intended to be read only by the individual or entity to whom it is > addressed or by their designee. If the reader of this message is not > the intended recipient, you are on notice that any distribution of > this message, in any form, is strictly prohibited. Please promptly > notify the sender by reply e-mail or by telephone at 770-246-8600, and > then delete or destroy all copies of the transmission. > > >=20 > -The information contained in this message may be confidential and propriet= ary to American Megatrends (AMI). This communication is intended to be read= only by the individual or entity to whom it is addressed or by their desig= nee. If the reader of this message is not the intended recipient, you are o= n notice that any distribution of this message, in any form, is strictly pr= ohibited. Please promptly notify the sender by reply e-mail or by telephone= at 770-246-8600, and then delete or destroy all copies of the transmission= .