From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id B0406D800FD for ; Mon, 22 Apr 2024 15:02:46 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=cwvGF7yGLEt7WRdKfo8E3kW4e5aoOoFsCzodbSQj2OY=; c=relaxed/simple; d=groups.io; h=From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:References:In-Reply-To:Accept-Language:msip_labels:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20240206; t=1713798165; v=1; b=UF/o9Yk0rOY4E3OI0lWu480wRBD3ckvhYz5SIKf4z7sXNpYwMlN458V//fdav1MQvOOiac9t OKMAhGJvFP2H2/78CKeqmh+B5Sl0vnRNWclFPom+dV/swpAO0KYesCD2g28tcX54ZgtREsxJ5xc rFVUDrcFsyd0ZZae/V7sH9Wiw2DiYxOmhTB7f0rU6ovdwKeUIXMrpYXVFnOvgdE4pzdad//laua JhIhCBcTyEPXh6Sx7Y2q+wVn8iZjt1mSjLbaqrgPubBYSRyk4zuiWo5R11F4qhOhg9Ae2wS3gdK dvbnpporprvZ2aYJ6+v4hgPExxsfVBlIulBHwJteY+xrA== X-Received: by 127.0.0.2 with SMTP id v4UzYY7687511xPcRruAg77x; Mon, 22 Apr 2024 08:02:45 -0700 X-Received: from NAM11-CO1-obe.outbound.protection.outlook.com (NAM11-CO1-obe.outbound.protection.outlook.com [40.107.220.130]) by mx.groups.io with SMTP id smtpd.web11.20881.1713798163913774136 for ; Mon, 22 Apr 2024 08:02:44 -0700 X-Received: from BLAPR10MB5185.namprd10.prod.outlook.com (2603:10b6:208:328::16) by BY5PR10MB4162.namprd10.prod.outlook.com (2603:10b6:a03:20c::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.44; Mon, 22 Apr 2024 15:02:37 +0000 X-Received: from BLAPR10MB5185.namprd10.prod.outlook.com ([fe80::a03f:4d36:9713:33d0]) by BLAPR10MB5185.namprd10.prod.outlook.com ([fe80::a03f:4d36:9713:33d0%5]) with mapi id 15.20.7472.044; Mon, 22 Apr 2024 15:02:37 +0000 From: "Igor Kulchytskyy via groups.io" To: "Chang, Abner" , Nickle Wang , "devel@edk2.groups.io" CC: Nick Ramirez Subject: Re: [edk2-devel] [edk2-redfish-client][PATCH] RedfishClientPkg: introduce RedfishBootstrapAccountDxe Thread-Topic: [EXTERNAL] RE: [edk2-redfish-client][PATCH] RedfishClientPkg: introduce RedfishBootstrapAccountDxe Thread-Index: AQHalFw67RPYGcFIoUayL336AOXmULF0VNwg Date: Mon, 22 Apr 2024 15:02:37 +0000 Message-ID: References: <20240418122730.18204-1-nicklew@nvidia.com> In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: msip_labels: MSIP_Label_4342314e-0df4-4b58-84bf-38bed6170a0f_ActionId=02042108-8add-4e61-9fed-ea197e2b5c86;MSIP_Label_4342314e-0df4-4b58-84bf-38bed6170a0f_ContentBits=0;MSIP_Label_4342314e-0df4-4b58-84bf-38bed6170a0f_Enabled=true;MSIP_Label_4342314e-0df4-4b58-84bf-38bed6170a0f_Method=Standard;MSIP_Label_4342314e-0df4-4b58-84bf-38bed6170a0f_Name=General;MSIP_Label_4342314e-0df4-4b58-84bf-38bed6170a0f_SetDate=2024-04-22T02:10:33Z;MSIP_Label_4342314e-0df4-4b58-84bf-38bed6170a0f_SiteId=3dd8961f-e488-4e60-8e11-a82d994e183d; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: BLAPR10MB5185:EE_|BY5PR10MB4162:EE_ x-ms-office365-filtering-correlation-id: c9b20908-6933-46c6-c3e9-08dc62dd3fca x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam-message-info: =?us-ascii?Q?NWOoCHJX1BG9IlPOB55BOtDA//oRhQrqSfhYiiLux+hjkKhh3UNyXdVKYuJL?= =?us-ascii?Q?B6EjqkEvEt0z+bBAnTvATamoFYJDz3EfT1MSBjpkYkqgR5mAWZCKqj9LpN0O?= =?us-ascii?Q?KZGXtDnyKl5ZiJMPOXbvW5fKobvLCFpGeG4sw+UNhzGMfLsJwpVX2BcNjMM7?= =?us-ascii?Q?QHOasIAu+nRIwyWVDsSwzm6TiUX0DyMTPUIZK3iq6PRkZDndUFXGTPvhDnbD?= =?us-ascii?Q?oR2Q3zE1muvo7FkTDwBroScdSMmJcyCxuMCjst/PdmWLDYB716P8AKMFA3zo?= =?us-ascii?Q?GMALTYyD06hRi4IB+zrQXsQyb2UK1zuq3Fcz7mVxhreLDpczJzVKMcq/k6EJ?= =?us-ascii?Q?/BGnv2SAkbvICd2S78X5E7qlJx6jbSjxCdDZR4ftEOoBmVbeEiE6Jxtqfrqm?= =?us-ascii?Q?s6B1kGsaws25FwbG+qm3P75L3kTtKKqTn25gxCdsrcfclOGsP343PTJFpdh/?= =?us-ascii?Q?FzRXflSDyrihlAomOW3sA+YBEUm2nNfskBnhVgOTtcPhAwEdm/Kl3BPIM+A+?= =?us-ascii?Q?kUp/9j5bqB6Bit3hAt3SDnpkiC+OVrmXA6MoniINjyGW1KJBAeUNQiGvkZux?= =?us-ascii?Q?nZLiYL8VEwXLIubLUsbIbgYRHxVGGM7arad8BzZJHuPMVGDu6ROuByngXpTY?= =?us-ascii?Q?h5/Aei7d0Bo0Zh5gaf5TxGik2qz21+4QBzeRVJg+CarrJvTxCTvhCEhFQslq?= =?us-ascii?Q?lbXVqMaPVLSAL4zbt3iLp2jL8YLY+2SXgUCoWWEcNRIadLrF7mU+Eolemdmh?= =?us-ascii?Q?5RkITvPQzFu7S6FL8ClJRkaYLftNjuLdqt33Lr0sdevW95Tz6lYs8baOXcrp?= =?us-ascii?Q?NYvESHyQcEXZHgNnOT4x/1UaY1S7QlrEBlMsiep95mA3WlZyuFKAJubHnYgH?= =?us-ascii?Q?Mw1lBvCUP2iK1Po8AWlWFFiFYOIrlmvm0sKIOcDxs8r+TE+jBzmtzSY1a7ow?= =?us-ascii?Q?M/I5Lle2ilguSas6hlX68098SHX7E1/+0TBXG5InGvFh/v4O2Jp6qHZdarF9?= =?us-ascii?Q?DLvTIJFaO6RQ5Sb70XClwajGynhB0Wc+bx4gL7kOmPxpkj/LLtO9wxwNedpe?= =?us-ascii?Q?jiCT03z4xhnGdj4ygScBrn5OHM1YDxIgvI2Emb+Ci0QPhPqBGcVIC1HQbAab?= =?us-ascii?Q?PW/ur5C6oClj17s3O0iWNhkaWPypSjUxdP3puwI7Dv5AAb4dtR5uRupf6AFA?= =?us-ascii?Q?49Z+oXg/MdDmMoeewLcWSAeiD/El0aOP7NvkGdXxcSQ+NtZ5DiR0+ZMBKBGp?= =?us-ascii?Q?vKRb/JJvDxXp2PIhi+6Wg3pDiAtMtcm9JDok6gHDax5mu1x9+7g2YYwrA+RB?= =?us-ascii?Q?mbBXc608KvbwxizHR6glVzfHRCIB4JtG9ddCNzigOVS89Q=3D=3D?= x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?bqL5vEQ2XoeLB906Clo77xoYmaWdQX4JQgQ0PZQ90jXzLGJD3rcjQfndIuIw?= =?us-ascii?Q?vDbRYq5gWwPdXwCU2LdBtbstO0QWzoBaUmUBSy69bRsbZvBxu0oPEYoCL1Jf?= =?us-ascii?Q?rwjYcrAyhkqpjZGiA2v4VxPnqC1R8OBxC18ETPsqyey1pKVrdNH659pIM1BR?= =?us-ascii?Q?wiqYUhSvl6c+wjP2yFutP7yyOsjZt9gHxOrzMfui2TYP3k5Z7l4tJfBPT5Y9?= =?us-ascii?Q?usF/c94qy/mBpP3NT3EwoHXOhLkX790ayw3R+5GfOTq9UuYWnIsQMilxRIDn?= =?us-ascii?Q?e8CCjXUy/0NROdBC3x+SfPCDxqUceT0GXiSTPJZ+6p7WCc0QRuBsBhervsZI?= =?us-ascii?Q?hBkHMjC1YBvgtDP8Yd2FOJ8YwqN2KndEdSpbZX1kSG87LBZzOb5BlxOsdXL+?= =?us-ascii?Q?8GOwJrhrXRGSFHHLBCTGtdbKBhw7BdfYHdKNGd4sgG04FL6b2+tiDzEFg65f?= =?us-ascii?Q?PkL5NtbrZtTvesUYQnPsiJv2O43AonPOEXUAycg+lH5ZAjoVJ5sdOxU5Uw6m?= =?us-ascii?Q?KDh1VfhhZ0WDJLXV6fHqaG/vjxKthdGiatgYEHgltW377TRzB9DhIB8T/o8F?= =?us-ascii?Q?XSmR3DPLyM0XJnDsnkRn4PEvEuj8KLQdhuKXK2wHHdoEHXy2u+yV4SIz8s/c?= =?us-ascii?Q?adhMfuwEhnzubq/W2uZuPiJfPxVbkFqWneTYuj1eAboQKtN+G1EbBtj37gY5?= =?us-ascii?Q?MHYXzChYnipZ6VIVVD+fUj8tmSrNl+cc00hUC/JDZ7hUCg1jiF9XXa/mL9Dt?= =?us-ascii?Q?5f/Eq8SEI5m5WMYUWHGA0hL+royCUTzG9msMoUy0uxWeD0UPSt9D0srLKofx?= =?us-ascii?Q?k+bukYK8FCKtZJblaEVmLa0pv1n1KnqikKSNdkOHTGTSC5QbgROUV+Kre5hT?= =?us-ascii?Q?FFgY5aQXIW8k1bS/yrKbSKYjC1iT3SOTIhVvr2V5KActGtktpGWJM5m/tePw?= =?us-ascii?Q?P/4QQkfQrhPzBz5RPLn+FnD9AU3LKmGG1DcoCLbUEQaorvjp+tm6G2n+spUS?= =?us-ascii?Q?41+y9nUSETXFHMpy5v2V+gEoVzJZsv0aItKXEGrTvuvfyXyqPCzXyDjrJQC+?= =?us-ascii?Q?c37p2TvlozO3HawgL1AQBiplRtWrrMafrw1zF9MYCuxvL8pMc05wMvRb1dFV?= =?us-ascii?Q?LMCy2iVkaUgM4js2z7OtZbI163gpmbUACVZuvTHKWsRNEGxYlbrhpJ5k7PSV?= =?us-ascii?Q?VZ62auHrwCtriWIb88B9HMwF/jH4CusYihiQcPZftjpn9+kSU7k3D4xqknNx?= =?us-ascii?Q?SzAVs7URKYhQA2h8fr6Ojj7mqr0s8fN+WVNIKJo6oP3L6kdKQNKx3UZmDcHl?= =?us-ascii?Q?pgsYeckkM6aM2gsu/mSwKr0vp+rIJGYS5VHoThSkHd7sadL4c2nCbtlGXdt3?= =?us-ascii?Q?jXP7qOkSADaa1WxBhL+9oD8VOunlC3khiSqWtjvuSWx7fSC/mghh1p7rrRTU?= =?us-ascii?Q?AKcH1Nxoxgns/RIPm1p31AVzEp01FS7adz+N1WnykmtmEZmt+C7NscaZ+eVA?= =?us-ascii?Q?LVOeFHMMzhztdBasAY7B0o6+3W9EflZzKvR6GJAs/uRk0b3R4yZkkbdXfPqO?= =?us-ascii?Q?X3yplvLCnVaiOzazQIw=3D?= MIME-Version: 1.0 X-OriginatorOrg: ami.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: BLAPR10MB5185.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: c9b20908-6933-46c6-c3e9-08dc62dd3fca X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Apr 2024 15:02:37.6751 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 27e97857-e15f-486c-b58e-86c2b3040f93 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: 8lMLwNql9jvaIbdc0XzxRYXAvt3VqGTNr5tlpatDQvQCRiJW2dzCRUicNFXfCYAL X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR10MB4162 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Mon, 22 Apr 2024 08:02:44 -0700 Resent-From: igork@ami.com Reply-To: devel@edk2.groups.io,igork@ami.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: Hk9sgHc5GuLTADvzPaCJTQXQx7686176AA= Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b="UF/o9Yk0"; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io; dmarc=pass (policy=none) header.from=groups.io Hi Nickle and Abner, I also have the same question as Abner. Why do we need to delete those credentials? According to spec BMC should delete the bootstrap credentials automatically= on host or service reset. Thank you, Igor -----Original Message----- From: Chang, Abner Sent: Sunday, April 21, 2024 10:25 PM To: Nickle Wang ; devel@edk2.groups.io Cc: Igor Kulchytskyy ; Nick Ramirez Subject: [EXTERNAL] RE: [edk2-redfish-client][PATCH] RedfishClientPkg: intr= oduce RedfishBootstrapAccountDxe **CAUTION: The e-mail below is from an external source. Please exercise cau= tion before opening attachments, clicking links, or following guidance.** [AMD Official Use Only - General] Hi Nickle, One comment and few questions, > -----Original Message----- > From: Nickle Wang > Sent: Thursday, April 18, 2024 8:28 PM > To: devel@edk2.groups.io > Cc: Chang, Abner ; Igor Kulchytskyy > ; Nick Ramirez > Subject: [edk2-redfish-client][PATCH] RedfishClientPkg: introduce > RedfishBootstrapAccountDxe > > Caution: This message originated from an External Source. Use proper caut= ion > when opening attachments, clicking links, or responding. > > > -Introduce RedfishBootstrapAccountDxe to delete bootstrap > account from /redfish/v1/AccountService/Accounts after BIOS > finished all Redfish jobs. The bootstrap account won't be > available to other application. So deleting bootstrap account > helps to release resource at BMC. > - After bootstrap account is deleted at BMC, the Redfish service > instance is no longer usable. Close Redfish service instance to > release the HTTP connection between BIOS and BMC. > > Signed-off-by: Nickle Wang > Cc: Abner Chang > Cc: Igor Kulchytskyy > Cc: Nick Ramirez > --- > .../RedfishClientComponents.dsc.inc | 1 + > .../RedfishBootstrapAccountDxe.inf | 53 +++ > .../RedfishBootstrapAccountDxe.h | 58 ++++ > .../RedfishBootstrapAccountDxe.c | 328 ++++++++++++++++++ > RedfishClientPkg/RedfishClient.fdf.inc | 1 + > 5 files changed, 441 insertions(+) > create mode 100644 > RedfishClientPkg/RedfishBootstrapAccountDxe/RedfishBootstrapAccountDxe.in= f > create mode 100644 > RedfishClientPkg/RedfishBootstrapAccountDxe/RedfishBootstrapAccountDxe.h > create mode 100644 > RedfishClientPkg/RedfishBootstrapAccountDxe/RedfishBootstrapAccountDxe.c > > diff --git a/RedfishClientPkg/RedfishClientComponents.dsc.inc > b/RedfishClientPkg/RedfishClientComponents.dsc.inc > index 42fc0c299..fe5248b62 100644 > --- a/RedfishClientPkg/RedfishClientComponents.dsc.inc > +++ b/RedfishClientPkg/RedfishClientComponents.dsc.inc > @@ -20,6 +20,7 @@ > RedfishClientPkg/HiiToRedfishMemoryDxe/HiiToRedfishMemoryDxe.inf > RedfishClientPkg/HiiToRedfishBootDxe/HiiToRedfishBootDxe.inf > RedfishClientPkg/HiiToRedfishBiosDxe/HiiToRedfishBiosDxe.inf > + > RedfishClientPkg/RedfishBootstrapAccountDxe/RedfishBootstrapAccountDxe.in= f > !endif > # > # Below two modules should be pulled in by build tool. > diff --git > a/RedfishClientPkg/RedfishBootstrapAccountDxe/RedfishBootstrapAccountDxe.= in > f > b/RedfishClientPkg/RedfishBootstrapAccountDxe/RedfishBootstrapAccountDxe.= in > f > new file mode 100644 > index 000000000..4073e95f4 > --- /dev/null > +++ > b/RedfishClientPkg/RedfishBootstrapAccountDxe/RedfishBootstrapAccountDxe.= in > f > @@ -0,0 +1,53 @@ > +## @file > +# This driver deletes bootstrap account in BMC after BIOS Redfish finis= hed > +# all jobs > +# > +# (C) Copyright 2021 Hewlett Packard Enterprise Development LP
> +# Copyright (c) 2023, NVIDIA CORPORATION & AFFILIATES. All rights reser= ved. Not sure if you want to update the copyright to 2024. > +# > +# SPDX-License-Identifier: BSD-2-Clause-Patent > +# > +## > + > +[Defines] > + INF_VERSION =3D 0x0001000b > + BASE_NAME =3D RedfishBootstrapAccountDxe > + FILE_GUID =3D 87555253-2F7E-45FC-B469-FD35B2E51210 > + MODULE_TYPE =3D DXE_DRIVER > + VERSION_STRING =3D 1.0 > + ENTRY_POINT =3D RedfishBootstrapAccountEntryPoint > + UNLOAD_IMAGE =3D RedfishBootstrapAccountUnload > + > +[Packages] > + MdePkg/MdePkg.dec > + MdeModulePkg/MdeModulePkg.dec > + RedfishPkg/RedfishPkg.dec > + RedfishClientPkg/RedfishClientPkg.dec > + > +[Sources] > + RedfishBootstrapAccountDxe.h > + RedfishBootstrapAccountDxe.c > + > +[LibraryClasses] > + BaseLib > + BaseMemoryLib > + DebugLib > + MemoryAllocationLib > + PrintLib > + RedfishEventLib > + RedfishFeatureUtilityLib > + RedfishDebugLib > + RedfishVersionLib > + RedfishHttpLib > + UefiLib > + UefiBootServicesTableLib > + UefiRuntimeServicesTableLib > + UefiDriverEntryPoint > + > +[Protocols] > + gEdkIIRedfishConfigHandlerProtocolGuid ## CONSUMES ## > + gEdkIIRedfishCredentialProtocolGuid ## CONSUMES ## > + gEfiRestExProtocolGuid ## CONSUMES ## > + > +[Depex] > + gEdkIIRedfishCredentialProtocolGuid > diff --git > a/RedfishClientPkg/RedfishBootstrapAccountDxe/RedfishBootstrapAccountDxe.= h > b/RedfishClientPkg/RedfishBootstrapAccountDxe/RedfishBootstrapAccountDxe.= h > new file mode 100644 > index 000000000..5262f1e6b > --- /dev/null > +++ > b/RedfishClientPkg/RedfishBootstrapAccountDxe/RedfishBootstrapAccountDxe.= h > @@ -0,0 +1,58 @@ > +/** @file > + Common header file for RedfishBootstrapAccountDxe driver. > + > + (C) Copyright 2021-2022 Hewlett Packard Enterprise Development LP
> + Copyright (c) 2023, NVIDIA CORPORATION & AFFILIATES. All rights reserv= ed. > + > + SPDX-License-Identifier: BSD-2-Clause-Patent > + > +**/ > + > +#ifndef REDFISH_BOOTSTRAP_ACCOUNT_DXE_H_ > +#define REDFISH_BOOTSTRAP_ACCOUNT_DXE_H_ > + > +#include > +#include > + > +// > +// Libraries > +// > +#include > +#include > +#include > + > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > + > +#include > +#include > +#include > + > +#define REDFISH_BOOTSTRAP_ACCOUNT_DEBUG DEBUG_VERBOSE > +#define REDFISH_MANAGER_ACCOUNT_COLLECTION_URI > L"AccountService/Accounts" > +#define REDFISH_URI_LENGTH 128 > + > +// > +// Definitions of REDFISH_BOOTSTRAP_ACCOUNT_PRIVATE > +// > +typedef struct { > + EFI_HANDLE ImageHandle; > + EFI_HANDLE RestExHandle; > + REDFISH_SERVICE RedfishService; > + EFI_EVENT RedfishEvent; > + EDKII_REDFISH_CONFIG_HANDLER_PROTOCOL Protocol; > +} REDFISH_BOOTSTRAP_ACCOUNT_PRIVATE; > + > +#define REDFISH_BOOTSTRAP_ACCOUNT_PRIVATE_FROM_PROTOCOL(This) \ > + BASE_CR ((This), REDFISH_BOOTSTRAP_ACCOUNT_PRIVATE, Protocol) > + > +#endif > diff --git > a/RedfishClientPkg/RedfishBootstrapAccountDxe/RedfishBootstrapAccountDxe.= c > b/RedfishClientPkg/RedfishBootstrapAccountDxe/RedfishBootstrapAccountDxe.= c > new file mode 100644 > index 000000000..6fe4856f8 > --- /dev/null > +++ > b/RedfishClientPkg/RedfishBootstrapAccountDxe/RedfishBootstrapAccountDxe.= c > @@ -0,0 +1,328 @@ > +/** @file > + This driver deletes bootstrap account in BMC after BIOS Redfish finish= ed > + all jobs. > + > + (C) Copyright 2021-2022 Hewlett Packard Enterprise Development LP
> + Copyright (c) 2023, NVIDIA CORPORATION & AFFILIATES. All rights reserv= ed. > + > + SPDX-License-Identifier: BSD-2-Clause-Patent > + > +**/ > + > +#include "RedfishBootstrapAccountDxe.h" > + > +REDFISH_BOOTSTRAP_ACCOUNT_PRIVATE *mBootstrapPrivate =3D NULL; > + > +/** > + Close Redfish service instance by calling RestEx protocol to release i= nstance. > + > + @param[in] RestExHandle Handle of RestEx protocol. > + > + @retval EFI_SUCCESS The Redfish service is closed successful= ly. > + @retval EFI_INVALID_PARAMETER RestExHandle is NULL. > + @retval Others Error occurs. > + > +**/ > +EFI_STATUS > +CloseRedfishService ( > + IN EFI_HANDLE RestExHandle > + ) > +{ > + EFI_REST_EX_PROTOCOL *RestEx; > + EFI_STATUS Status; > + > + if (RestExHandle =3D=3D NULL) { > + return EFI_INVALID_PARAMETER; > + } > + > + Status =3D gBS->HandleProtocol ( > + RestExHandle, > + &gEfiRestExProtocolGuid, > + (VOID **)&RestEx > + ); > + if (!EFI_ERROR (Status)) { > + Status =3D RestEx->Configure (RestEx, NULL); > + DEBUG ((REDFISH_BOOTSTRAP_ACCOUNT_DEBUG, "%a: release RestEx > instance: %r\n", __func__, Status)); > + } > + > + return Status; > +} > + > +/** > + Callback function executed when the AfterProvisioning event group is > signaled. > + > + @param[in] Event Event whose notification function is being invok= ed. > + @param[out] Context Pointer to the Context buffer > + > +**/ > +VOID > +EFIAPI > +RedfishBootstrapAccountOnRedfishAfterProvisioning ( > + IN EFI_EVENT Event, > + OUT VOID *Context > + ) > +{ > + EFI_STATUS Status; > + REDFISH_BOOTSTRAP_ACCOUNT_PRIVATE *Private; > + EDKII_REDFISH_CREDENTIAL_PROTOCOL *credentialProtocol; > + EDKII_REDFISH_AUTH_METHOD AuthMethod; > + CHAR8 *AccountName; > + CHAR8 *AccountCredential; > + CHAR16 TargetUri[REDFISH_URI_LENGTH]; > + CHAR16 *RedfishVersion; > + REDFISH_RESPONSE RedfishResponse; > + > + RedfishVersion =3D NULL; > + > + Private =3D (REDFISH_BOOTSTRAP_ACCOUNT_PRIVATE *)Context; > + if ((Private =3D=3D NULL) || (Private->RedfishService =3D=3D NULL)) { > + DEBUG ((DEBUG_ERROR, "%a: Redfish service is not available\n", > __func__)); > + return; > + } > + > + // > + // Locate Redfish Credential Protocol to get credential for > + // accessing to Redfish service. > + // > + Status =3D gBS->LocateProtocol ( > + &gEdkIIRedfishCredentialProtocolGuid, > + NULL, > + (VOID **)&credentialProtocol > + ); > + if (EFI_ERROR (Status)) { > + DEBUG ((REDFISH_BOOTSTRAP_ACCOUNT_DEBUG, "%a: No Redfish > Credential Protocol is installed on system.", __func__)); > + return; > + } > + > + Status =3D credentialProtocol->GetAuthInfo ( > + credentialProtocol, > + &AuthMethod, > + &AccountName, > + &AccountCredential > + ); HI Nickle, I am not quite understand why do we acquire a credential here bu= t delete it from the Redfish account service here after provision. 1. We suppose acquire the credential before we start to communicate with Re= dfish. Will Redfish credential driver create another bootstrap account here= after provisioning? 2. And why do we delete the credential after provisioning? How about the la= ter Redfish property updating process? Or do I misunderstand the code logic? Regards, Abner > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: can not get bootstrap account information: > %r\n", __func__, Status)); > + return; > + } > + > + // > + // Carving the URI > + // > + RedfishVersion =3D RedfishGetVersion (Private->RedfishService); > + if (RedfishVersion =3D=3D NULL) { > + DEBUG ((DEBUG_ERROR, "%a: can not get Redfish version\n", __func__))= ; > + return; > + } > + > + UnicodeSPrint (TargetUri, (sizeof (CHAR16) * REDFISH_URI_LENGTH), > L"%s%s/%a", RedfishVersion, REDFISH_MANAGER_ACCOUNT_COLLECTION_URI, > AccountName); > + > + DEBUG ((REDFISH_BOOTSTRAP_ACCOUNT_DEBUG, "%a: bootstrap account: > %a\n", __func__, AccountName)); > + DEBUG ((REDFISH_BOOTSTRAP_ACCOUNT_DEBUG, "%a: bootstrap > credential: %a\n", __func__, AccountCredential)); > + DEBUG ((REDFISH_BOOTSTRAP_ACCOUNT_DEBUG, "%a: bootstrap URI: > %s\n", __func__, TargetUri)); > + > + // > + // Remove bootstrap account at /redfish/v1/AccountService/Account > + // > + ZeroMem (&RedfishResponse, sizeof (REDFISH_RESPONSE)); > + Status =3D RedfishHttpDeleteResource ( > + Private->RedfishService, > + TargetUri, > + &RedfishResponse > + ); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: can not remove bootstrap account at BMC: > %r", __func__, Status)); > + DumpRedfishResponse (__func__, DEBUG_ERROR, &RedfishResponse); > + } else { > + DEBUG ((REDFISH_BOOTSTRAP_ACCOUNT_DEBUG, "%a: bootstrap account: > %a is removed from: %s\n", __func__, AccountName, > REDFISH_MANAGER_ACCOUNT_COLLECTION_URI)); > + } > + > + // > + // Clean credential > + // > + ZeroMem (AccountName, AsciiStrSize (AccountName)); > + ZeroMem (AccountCredential, AsciiStrSize (AccountCredential)); > + > + // > + // Since the bootstrap account is deleted at BMC, the Redfish service = instance > is no longer usable. > + // Close Redfish service instance to release the HTTP connection betwe= en > BIOS and BMC. > + // > + Status =3D CloseRedfishService (Private->RestExHandle); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: cannot close Redfish service instance: %r\= n", > __func__, Status)); > + } > + > + RedfishHttpFreeResponse (&RedfishResponse); > + > + return; > +} > + > +/** > + Initialize a Redfish configure handler. > + > + This function will be called by the Redfish config driver to initializ= e each > Redfish configure > + handler. > + > + @param[in] This Pointer to > EDKII_REDFISH_CONFIG_HANDLER_PROTOCOL instance. > + @param[in] RedfishConfigServiceInfo Redfish service informaiton. > + > + @retval EFI_SUCCESS The handler has been initialized = successfully. > + @retval EFI_DEVICE_ERROR Failed to create or configure the= REST EX > protocol instance. > + @retval EFI_ALREADY_STARTED This handler has already been > initialized. > + @retval Other Error happens during the initiali= zation. > + > +**/ > +EFI_STATUS > +EFIAPI > +RedfishBootstrapAccountInit ( > + IN EDKII_REDFISH_CONFIG_HANDLER_PROTOCOL *This, > + IN REDFISH_CONFIG_SERVICE_INFORMATION *RedfishConfigServiceInfo > + ) > +{ > + REDFISH_BOOTSTRAP_ACCOUNT_PRIVATE *Private; > + > + Private =3D REDFISH_BOOTSTRAP_ACCOUNT_PRIVATE_FROM_PROTOCOL > (This); > + > + Private->RedfishService =3D RedfishCreateService (RedfishConfigService= Info); > + if (Private->RedfishService =3D=3D NULL) { > + return EFI_DEVICE_ERROR; > + } > + > + Private->RestExHandle =3D RedfishConfigServiceInfo- > >RedfishServiceRestExHandle; > + > + return EFI_SUCCESS; > +} > + > +/** > + Stop a Redfish configure handler. > + > + @param[in] This Pointer to > EDKII_REDFISH_CONFIG_HANDLER_PROTOCOL instance. > + > + @retval EFI_SUCCESS This handler has been stoped successf= ully. > + @retval Others Some error happened. > + > +**/ > +EFI_STATUS > +EFIAPI > +RedfishBootstrapAccountStop ( > + IN EDKII_REDFISH_CONFIG_HANDLER_PROTOCOL *This > + ) > +{ > + REDFISH_BOOTSTRAP_ACCOUNT_PRIVATE *Private; > + > + Private =3D REDFISH_BOOTSTRAP_ACCOUNT_PRIVATE_FROM_PROTOCOL > (This); > + > + if (Private->RedfishService !=3D NULL) { > + RedfishCleanupService (Private->RedfishService); > + Private->RedfishService =3D NULL; > + } > + > + return EFI_SUCCESS; > +} > + > +EDKII_REDFISH_CONFIG_HANDLER_PROTOCOL mRedfishConfigHandler =3D { > + RedfishBootstrapAccountInit, > + RedfishBootstrapAccountStop > +}; > + > +/** > + Unloads an image. > + > + @param[in] ImageHandle Handle that identifies the image to = be > unloaded. > + > + @retval EFI_SUCCESS The image has been unloaded. > + @retval EFI_INVALID_PARAMETER ImageHandle is not a valid image handle. > + > +**/ > +EFI_STATUS > +EFIAPI > +RedfishBootstrapAccountUnload ( > + IN EFI_HANDLE ImageHandle > + ) > +{ > + EFI_STATUS Status; > + > + if (mBootstrapPrivate =3D=3D NULL) { > + return EFI_SUCCESS; > + } > + > + if (mBootstrapPrivate->RedfishEvent !=3D NULL) { > + gBS->CloseEvent (mBootstrapPrivate->RedfishEvent); > + } > + > + Status =3D gBS->UninstallProtocolInterface ( > + mBootstrapPrivate->ImageHandle, > + &gEdkIIRedfishConfigHandlerProtocolGuid, > + (VOID *)&mBootstrapPrivate->Protocol > + ); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: can not uninstall Redfish config handler > protocol: %r\n", __func__, Status)); > + } > + > + FreePool (mBootstrapPrivate); > + mBootstrapPrivate =3D NULL; > + > + return EFI_SUCCESS; > +} > + > +/** > + This is the declaration of an EFI image entry point. This entry point = is > + the same for UEFI Applications, UEFI OS Loaders, and UEFI Drivers incl= uding > + both device drivers and bus drivers. > + > + @param[in] ImageHandle The firmware allocated handle for the UE= FI > image. > + @param[in] SystemTable A pointer to the EFI System Table. > + > + @retval EFI_SUCCESS The operation completed successfully. > + @retval Others An unexpected error occurred. > +**/ > +EFI_STATUS > +EFIAPI > +RedfishBootstrapAccountEntryPoint ( > + IN EFI_HANDLE ImageHandle, > + IN EFI_SYSTEM_TABLE *SystemTable > + ) > +{ > + EFI_STATUS Status; > + > + if (mBootstrapPrivate !=3D NULL) { > + return EFI_ALREADY_STARTED; > + } > + > + mBootstrapPrivate =3D AllocateZeroPool (sizeof > (REDFISH_BOOTSTRAP_ACCOUNT_PRIVATE)); > + if (mBootstrapPrivate =3D=3D NULL) { > + return EFI_OUT_OF_RESOURCES; > + } > + > + CopyMem (&mBootstrapPrivate->Protocol, &mRedfishConfigHandler, sizeof > (EDKII_REDFISH_CONFIG_HANDLER_PROTOCOL)); > + Status =3D gBS->InstallProtocolInterface ( > + &ImageHandle, > + &gEdkIIRedfishConfigHandlerProtocolGuid, > + EFI_NATIVE_INTERFACE, > + &mBootstrapPrivate->Protocol > + ); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: can not install Redfish config handler > protocol: %r\n", __func__, Status)); > + goto ON_ERROR; > + } > + > + // > + // Register after provisioning event to remove bootstrap account. > + // > + Status =3D CreateAfterProvisioningEvent ( > + RedfishBootstrapAccountOnRedfishAfterProvisioning, > + (VOID *)mBootstrapPrivate, > + &mBootstrapPrivate->RedfishEvent > + ); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: failed to register after-provisioning even= t: > %r\n", __func__, Status)); > + goto ON_ERROR; > + } > + > + return EFI_SUCCESS; > + > +ON_ERROR: > + > + RedfishBootstrapAccountUnload (ImageHandle); > + > + return Status; > +} > diff --git a/RedfishClientPkg/RedfishClient.fdf.inc > b/RedfishClientPkg/RedfishClient.fdf.inc > index 154f641b2..47e5093f2 100644 > --- a/RedfishClientPkg/RedfishClient.fdf.inc > +++ b/RedfishClientPkg/RedfishClient.fdf.inc > @@ -15,6 +15,7 @@ > INF RedfishClientPkg/RedfishFeatureCoreDxe/RedfishFeatureCoreDxe.inf > INF RedfishClientPkg/RedfishETagDxe/RedfishETagDxe.inf > INF > RedfishClientPkg/RedfishConfigLangMapDxe/RedfishConfigLangMapDxe.inf > + INF > RedfishClientPkg/RedfishBootstrapAccountDxe/RedfishBootstrapAccountDxe.in= f > INF RedfishClientPkg/Features/Memory/V1_7_1/Dxe/MemoryDxe.inf > INF > RedfishClientPkg/Features/MemoryCollectionDxe/MemoryCollectionDxe.inf > INF > RedfishClientPkg/Features/ComputerSystem/v1_5_0/Dxe/ComputerSystemDxe.i > nf > -- > 2.34.1 -The information contained in this message may be confidential and propriet= ary to American Megatrends (AMI). This communication is intended to be read= only by the individual or entity to whom it is addressed or by their desig= nee. If the reader of this message is not the intended recipient, you are o= n notice that any distribution of this message, in any form, is strictly pr= ohibited. Please promptly notify the sender by reply e-mail or by telephone= at 770-246-8600, and then delete or destroy all copies of the transmission= . -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#118098): https://edk2.groups.io/g/devel/message/118098 Mute This Topic: https://groups.io/mt/105596648/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-