From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mx0a-002e3701.pphosted.com (mx0a-002e3701.pphosted.com [148.163.147.86]) by mx.groups.io with SMTP id smtpd.web10.3973.1608102552640369811 for ; Tue, 15 Dec 2020 23:09:12 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@hpe.com header.s=pps0720 header.b=PKqBzLLY; spf=pass (domain: hpe.com, ip: 148.163.147.86, mailfrom: prvs=0619d1d483=abner.chang@hpe.com) Received: from pps.filterd (m0134421.ppops.net [127.0.0.1]) by mx0b-002e3701.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 0BG791uH021221 for ; Wed, 16 Dec 2020 07:09:12 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hpe.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=pps0720; bh=aYUtXBBakl4McPoOcZ28b8SBiqBuncxfosPaaqzrR2E=; b=PKqBzLLYuVcrTEq84+n/aAPadF1ztwjgDSi1K66ctEYvVrIbrnraH/7MuzIIrOH5TVaP Ri8hDhD4dJ0F0V5tfGBYllco0zXRLrwew0zOHNH03WSCjBf5755edHqrWVmwp4mD5X7G IxCY2FheVNlkICR/9VmXouU7GSLoa60sQUgj94qkCnAM8PNIX4P0wVsS/crSrYTjlfQp f7SxqqkFdKFEBuHBE3ZCmnwVxguEJI5cYx5sYJk7Z5EfQIfybFgXfHtYsHNiW7tGosSe L1oelmHqVP124uLjq8q/DC2wEKBeRkEG5UKNym6bKJxzkUxlNXOJ1ELdt4AOe6YJMQJD aA== Received: from g2t2354.austin.hpe.com (g2t2354.austin.hpe.com [15.233.44.27]) by mx0b-002e3701.pphosted.com with ESMTP id 35ew3qqfa5-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 16 Dec 2020 07:09:12 +0000 Received: from G1W8106.americas.hpqcorp.net (g1w8106.austin.hp.com [16.193.72.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by g2t2354.austin.hpe.com (Postfix) with ESMTPS id 85849D2 for ; Wed, 16 Dec 2020 07:09:10 +0000 (UTC) Received: from G4W9336.americas.hpqcorp.net (16.208.33.86) by G1W8106.americas.hpqcorp.net (16.193.72.61) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 16 Dec 2020 07:08:57 +0000 Received: from G4W10204.americas.hpqcorp.net (2002:10cf:5210::10cf:5210) by G4W9336.americas.hpqcorp.net (2002:10d0:2156::10d0:2156) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 16 Dec 2020 07:08:54 +0000 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (15.241.52.13) by G4W10204.americas.hpqcorp.net (16.207.82.16) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Wed, 16 Dec 2020 07:08:54 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=C/kqNvyb1nIAB26vBdRCMbz8G3MAw+aLUa8EVGvCaZdNm+thOakgAn2VZjUhtyTK3ITkU859gLNIw1N5Pa1z5rI5W6lCgEGq2FWhjRs0oF/VAq+Y0VyCK3RN8k3BXVXJG3hmae7ycasJxjci9Jj96XXSv06F0+3ZRgVbyczcyUBD0dVDlW/IQFMrg9uFnW8v77xV49CcjA6psUppB8R4d8kAvdiEeWk39K5KeVp53/El0MYz4Obu/PFtxwarY/WrCZU6KZBk+EGpFLfYoJGTW0qlnT11CpEMmbjeMpljjVdrhVQbsEk5PkHPIbI/g/s5JdrJjfjt+uSUIaJ56HmPdQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=aYUtXBBakl4McPoOcZ28b8SBiqBuncxfosPaaqzrR2E=; b=SktKJCljxRd94+sRCvN9W7HZCAbaW1bDSWGDMyQ2qid8JCJgc/s39bi5cKm+osb6uxORRUnYiEJoARGLPUh32tAQet91A0v2IaKh3Pwph3bCYf3B7L8ipZqcqDe8dneQ1OozXyl7lEWAhAUycG4gfsJBmom+yPRQe5oVzS+xNt4lD2WR7Hs6EUXj3gWDe7LfylaVU89ERVG0wBrEnDP0bFhKLF1QH0PGOEZlN0uF5cNyurCejLVcUQRyvfkV316NiN38sYrGQfR+7ciIP2mjB841umzf/qCkKQoUojKlOqjOSc9o8M5p8YB5g8ikjJhzZI29XW7Bd0dkI0V2METf/w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=hpe.com; dmarc=pass action=none header.from=hpe.com; dkim=pass header.d=hpe.com; arc=none Received: from CS1PR8401MB1144.NAMPRD84.PROD.OUTLOOK.COM (2a01:111:e400:7508::16) by CS1PR8401MB0470.NAMPRD84.PROD.OUTLOOK.COM (2a01:111:e400:7514::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3654.13; Wed, 16 Dec 2020 07:08:53 +0000 Received: from CS1PR8401MB1144.NAMPRD84.PROD.OUTLOOK.COM ([fe80::a094:ed67:fb40:340e]) by CS1PR8401MB1144.NAMPRD84.PROD.OUTLOOK.COM ([fe80::a094:ed67:fb40:340e%10]) with mapi id 15.20.3654.025; Wed, 16 Dec 2020 07:08:53 +0000 From: "Abner Chang" To: "Wang, Nickle (HPS SW)" , "devel@edk2.groups.io" CC: "O'Hanley, Peter (EXL)" Subject: Re: [PATCH 2/2] RedfishPkg/RedfishCredentialDxe: EDKII Redfish Credential DXE driver Thread-Topic: [PATCH 2/2] RedfishPkg/RedfishCredentialDxe: EDKII Redfish Credential DXE driver Thread-Index: AQHWzg30T64bER/8z0CdUjUDIPC/3an5Df/AgABJNWA= Date: Wed, 16 Dec 2020 07:08:53 +0000 Message-ID: References: <20201209084333.22422-1-abner.chang@hpe.com> <20201209084333.22422-3-abner.chang@hpe.com> In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: hpe.com; dkim=none (message not signed) header.d=none;hpe.com; dmarc=none action=none header.from=hpe.com; x-originating-ip: [16.242.247.131] x-ms-publictraffictype: Email x-ms-office365-filtering-ht: Tenant x-ms-office365-filtering-correlation-id: 500794c2-680c-4ffc-2032-08d8a1917257 x-ms-traffictypediagnostic: CS1PR8401MB0470: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:1850; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 8avGXLmTqnaqKJB8mgIl+0pyWOe8VGFiASaH5Fh8HAytDvVjqbY4K+1MesT0FRkYF4bK9dzc6RojhNKN9kshoUyjEHR26CJcy4vGM3uKm8uT260qKv1XVvJiEpmROwSayEXsK5cB+TwEMcsQzBOMKqDlPp47GMxzJgg2mOWo7npc3YtzspFHHDgjk9iKGoIg7ZERYnEMiEkAwmOpI3XcpNXkBKtEOkauVDjS6IUZoghcleKNryZ/nTvdVMdTl8XiEU+mhVCILHZhFX1XCSaudWDHidtnqvL53fZXGoAJM6xwk1YJRN332cwf3n7jhnI8c2d6kUbhq7UnkJhTsLyrjlRPlxWg7/srxbo3FLusYNUZrW+gDILttpXH/oKrJpE3 x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:CS1PR8401MB1144.NAMPRD84.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(39860400002)(136003)(376002)(346002)(396003)(366004)(4326008)(53546011)(71200400001)(9686003)(66446008)(8676002)(316002)(30864003)(186003)(83380400001)(478600001)(66556008)(64756008)(66476007)(33656002)(66946007)(110136005)(52536014)(76116006)(2906002)(6506007)(8936002)(86362001)(5660300002)(7696005)(55016002)(26005)(579004)(559001)(44824005);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata: =?us-ascii?Q?NxLHVZ8mByAD1HkYmXAsX99r29P/DcYBBYl1b0JikTnrkzxw/J7laWcIV2XG?= =?us-ascii?Q?cYUZp/FDvVnhSimlEVVt6PbrgrzEJbEwvtV8BQqAzetEe+BconNWW4ifDfCA?= =?us-ascii?Q?UvZQHG4AGXV5imjNHjGN2JxIaTkECDIGPWlnnxxi1kyRIwNR6mTf8dMDdL8X?= =?us-ascii?Q?IdxORv2Bx71lOyo4UUT/lhTnC8y+xogolAQP/Qch0TWY0XCdYugyYhlxI3qQ?= =?us-ascii?Q?Y5RrZZg6VBrRNSDcvBQdwRhkWsRDgfFs1JL1UQtWUI/hlL1mQtyNkcUHp41u?= =?us-ascii?Q?cCQ5vIM1NJOYG6Ic+5I4dCsWCFYejIUL2HmXwvlA+LMJuUhn+NxcHuvj8rQq?= =?us-ascii?Q?EQNP+US6R0cdxo/pmiUd2s2Ny8V+yrYMjBeDfWm+2JxrB9Ov2RAjUxibKhdj?= =?us-ascii?Q?gV/I9Y7KLkqYII7D/loVLRZ5dcHUlU7xrAHUbTRe7uLoSdCFt4m3pQePqi+m?= =?us-ascii?Q?ILImCxZfm+DqeUCWrvsL4DN00egPRz90EmleiL7CuxgVjRC3xwHwhV9K1KSJ?= =?us-ascii?Q?wBEnTzK73eu6D1SOLg2/Vq+yJRBxvpeG5+tZVHwqlHkruPgPD0qPvlIr7z/E?= =?us-ascii?Q?ibK70OWQkHnNuqJhuSqSDRkXxfZkwlHU2vIIheM0PJEITLpgtxvd4gRLYZFr?= =?us-ascii?Q?911sDkzaYFAKRQAoikThQgIHU+SGzHr+GhQ3zqw19eAwNKj0efhnmbPx1e7B?= =?us-ascii?Q?KG8LqOnKvC2vVu0mf2HJTIGJ6lN2xIeeGmj/9WsgnI+fQeMI2JBluhBAQLxE?= =?us-ascii?Q?SdYLBQXENV7Qc+s3bBxDZVXt8Rd48lt6nDibrzg17CodtU4XnL90HmGAGiGS?= =?us-ascii?Q?BcQkKQAbFHyUhobIIEbQC2qA0eYB7kwju4QRhHzbC22cNzSWwl/HIuhsMRRP?= =?us-ascii?Q?w2rSwFXOyg5xrx0Eq/tFCImH6gva3L6TmuIQfE1EoVk2mdeOpjk54keGFauz?= =?us-ascii?Q?WQM0+DEzEckrP8HVa+6GSxUL6EoRLfM9v3TOHuk+YP0=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: CS1PR8401MB1144.NAMPRD84.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-Network-Message-Id: 500794c2-680c-4ffc-2032-08d8a1917257 X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Dec 2020 07:08:53.1768 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 105b2061-b669-4b31-92ac-24d304d195dc X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: nAeRF5vdrILgvmGfS6xAwI3Z+d3IKZ7Xrodm01jI7mjW0KP/cWsMVwQICfH/2rEYdHCRPjWO5dGbzLBn/ztPpw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CS1PR8401MB0470 X-OriginatorOrg: hpe.com X-HPE-SCL: -1 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.343,18.0.737 definitions=2020-12-16_02:2020-12-15,2020-12-16 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 lowpriorityscore=0 bulkscore=0 priorityscore=1501 clxscore=1015 malwarescore=0 impostorscore=0 mlxscore=0 adultscore=0 phishscore=0 suspectscore=0 mlxlogscore=999 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2012160043 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable > -----Original Message----- > From: Wang, Nickle (HPS SW) > Sent: Wednesday, December 16, 2020 10:46 AM > To: Chang, Abner (HPS SW/FW Technologist) ; > devel@edk2.groups.io > Cc: O'Hanley, Peter (EXL) > Subject: RE: [PATCH 2/2] RedfishPkg/RedfishCredentialDxe: EDKII Redfish > Credential DXE driver >=20 > Hi Abner, >=20 > Overall looks good to me. Just a question about implementation. >=20 > The End-Of-DXE and Exit-Boot-Service is registered in Redfish Credential > driver and the implementation is provide by RedfishPlatformCredentialLib > library. May I know if it is possible to register these two events in > RedfishPlatformCredentialLib directly? In this way, we do not need two > additional interfaces in RedfishPlatformCredentialLib library. Yes Nickle, I think we can do that. Will resend the patch. thanks >=20 > Thanks, > Nickle >=20 > > -----Original Message----- > > From: Chang, Abner (HPS SW/FW Technologist) > > Sent: Wednesday, December 9, 2020 4:44 PM > > To: devel@edk2.groups.io > > Cc: Wang, Nickle (HPS SW) ; O'Hanley, Peter (EXL) > > > > Subject: [PATCH 2/2] RedfishPkg/RedfishCredentialDxe: EDKII Redfish > > Credential DXE driver > > > > EDKII Redfish Credential DXE driver which abstracts platform Redfish > > credential implementation. > > > > Signed-off-by: Jiaxin Wu > > Signed-off-by: Ting Ye > > Signed-off-by: Siyuan Fu > > Signed-off-by: Fan Wang > > Signed-off-by: Abner Chang > > > > Cc: Nickle Wang > > Cc: Peter O'Hanley > > --- > > .../Include/Library/RedfishCredentialLib.h | 91 ++++++++ > > .../PlatformCredentialLibNull.c | 101 +++++++++ > > .../PlatformCredentialLibNull.inf | 30 +++ > > RedfishPkg/Redfish.fdf.inc | 1 + > > RedfishPkg/RedfishComponents.dsc.inc | 1 + > > .../RedfishCredentialDxe.c | 209 ++++++++++++++++++ > > .../RedfishCredentialDxe.h | 75 +++++++ > > .../RedfishCredentialDxe.inf | 51 +++++ > > RedfishPkg/RedfishPkg.dec | 4 + > > RedfishPkg/RedfishPkg.dsc | 2 + > > 10 files changed, 565 insertions(+) > > create mode 100644 RedfishPkg/Include/Library/RedfishCredentialLib.h > > create mode 100644 > > RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNull > > .c > > create mode 100644 > > RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNull > > .inf > > create mode 100644 > > RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.c > > create mode 100644 > > RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.h > > create mode 100644 > > RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.inf > > > > diff --git a/RedfishPkg/Include/Library/RedfishCredentialLib.h > > b/RedfishPkg/Include/Library/RedfishCredentialLib.h > > new file mode 100644 > > index 0000000000..dac1b3303f > > --- /dev/null > > +++ b/RedfishPkg/Include/Library/RedfishCredentialLib.h > > @@ -0,0 +1,91 @@ > > +/** @file > > + Definitinos of RedfishHostInterfaceDxe driver. > > + > > + (C) Copyright 2020 Hewlett Packard Enterprise Development LP
> > + > > + SPDX-License-Identifier: BSD-2-Clause-Patent > > + > > +**/ > > +#ifndef REDFISH_CREDENTIAL_LIB_H_ > > +#define REDFISH_CREDENTIAL_LIB_H_ > > + > > +#include > > + > > +/** > > + Notification of Exit Boot Service. > > + > > + @param[in] This Pointer to EDKII_REDFISH_CREDENTIAL_PROTOCOL. > > +**/ > > +VOID > > +EFIAPI > > +LibCredentialExitBootServicesNotify ( > > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This ); > > + > > +/** > > + Notification of End of DXe. > > + > > + @param[in] This Pointer to EDKII_REDFISH_CREDENTIAL_PROTOCOL. > > +**/ > > +VOID > > +EFIAPI > > +LibCredentialEndOfDxeNotify ( > > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This ); > > + > > +/** > > + Retrieve platform's Redfish authentication information. > > + > > + This functions returns the Redfish authentication method together > > + with > > the user Id and > > + password. > > + - For AuthMethodNone, the UserId and Password could be used for > > + HTTP > > header authentication > > + as defined by RFC7235. > > + - For AuthMethodRedfishSession, the UserId and Password could be > > + used > > for Redfish > > + session login as defined by Redfish API specification (DSP0266). > > + > > + Callers are responsible for and freeing the returned string storage. > > + > > + @param[in] This Pointer to > > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > > + @param[out] AuthMethod Type of Redfish authentication meth= od. > > + @param[out] UserId The pointer to store the returned U= serId > > string. > > + @param[out] Password The pointer to store the returned > Password > > string. > > + > > + @retval EFI_SUCCESS Get the authentication information > > successfully. > > + @retval EFI_ACCESS_DENIED SecureBoot is disabled after EndOfD= xe. > > + @retval EFI_INVALID_PARAMETER This or AuthMethod or UserId or > > Password is NULL. > > + @retval EFI_OUT_OF_RESOURCES There are not enough memory > > resources. > > + @retval EFI_UNSUPPORTED Unsupported authentication method i= s > > found. > > + > > +**/ > > +EFI_STATUS > > +EFIAPI > > +LibCredentialGetAuthInfo ( > > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > > + OUT EDKII_REDFISH_AUTH_METHOD *AuthMethod, > > + OUT CHAR8 **UserId, > > + OUT CHAR8 **Password > > +); > > + > > +/** > > + Notify the Redfish service provide to stop provide configuration > > +service to > > this platform. > > + > > + This function should be called when the platfrom is about to leave > > + the safe > > environment. > > + It will notify the Redfish service provider to abort all logined > > + session, and > > prohibit > > + further login with original auth info. GetAuthInfo() will return > > EFI_UNSUPPORTED once this > > + function is returned. > > + > > + @param[in] This Pointer to > > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > > + @param[in] ServiceStopType Reason of stopping Redfish service. > > + > > + @retval EFI_SUCCESS Service has been stoped successfull= y. > > + @retval EFI_INVALID_PARAMETER This is NULL. > > + @retval Others Some error happened. > > + > > +**/ > > +EFI_STATUS > > +EFIAPI > > +LibStopRedfishService ( > > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > > + IN EDKII_REDFISH_CREDENTIAL_STOP_SERVICE_TYPE ServiceStopType > > +); > > +#endif > > diff --git > > a/RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNu > > ll.c > > b/RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNu > > ll.c > > new file mode 100644 > > index 0000000000..39de622d59 > > --- /dev/null > > +++ > > b/RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNu > > ll.c > > @@ -0,0 +1,101 @@ > > +/** @file > > + NULL instace of RedfishPlatformCredentialLib > > + > > + (C) Copyright 2020 Hewlett Packard Enterprise Development LP
> > + > > + SPDX-License-Identifier: BSD-2-Clause-Patent > > + > > +**/ > > +#include > > +#include > > +/** > > + Notification of Exit Boot Service. > > + > > + @param[in] This Pointer to EDKII_REDFISH_CREDENTIAL_PROTOCOL. > > +**/ > > +VOID > > +EFIAPI > > +LibCredentialExitBootServicesNotify ( > > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This > > +) > > +{ > > + return; > > +} > > + > > +/** > > + Notification of End of DXe. > > + > > + @param[in] This Pointer to EDKII_REDFISH_CREDENTIAL_PROTOCOL. > > +**/ > > +VOID > > +EFIAPI > > +LibCredentialEndOfDxeNotify ( > > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This > > +) > > +{ > > + return; > > +} > > + > > +/** > > + Retrieve platform's Redfish authentication information. > > + > > + This functions returns the Redfish authentication method together > > + with > > the user Id and > > + password. > > + - For AuthMethodNone, the UserId and Password could be used for > > + HTTP > > header authentication > > + as defined by RFC7235. > > + - For AuthMethodRedfishSession, the UserId and Password could be > > + used > > for Redfish > > + session login as defined by Redfish API specification (DSP0266). > > + > > + Callers are responsible for and freeing the returned string storage. > > + > > + @param[in] This Pointer to > > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > > + @param[out] AuthMethod Type of Redfish authentication meth= od. > > + @param[out] UserId The pointer to store the returned U= serId > > string. > > + @param[out] Password The pointer to store the returned > Password > > string. > > + > > + @retval EFI_SUCCESS Get the authentication information > > successfully. > > + @retval EFI_ACCESS_DENIED SecureBoot is disabled after EndOfD= xe. > > + @retval EFI_INVALID_PARAMETER This or AuthMethod or UserId or > > Password is NULL. > > + @retval EFI_OUT_OF_RESOURCES There are not enough memory > > resources. > > + @retval EFI_UNSUPPORTED Unsupported authentication method i= s > > found. > > + > > +**/ > > +EFI_STATUS > > +EFIAPI > > +LibCredentialGetAuthInfo ( > > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > > + OUT EDKII_REDFISH_AUTH_METHOD *AuthMethod, > > + OUT CHAR8 **UserId, > > + OUT CHAR8 **Password > > +) > > +{ > > + return EFI_UNSUPPORTED; > > +} > > + > > +/** > > + Notify the Redfish service provide to stop provide configuration > > +service to > > this platform. > > + > > + This function should be called when the platfrom is about to leave > > + the safe > > environment. > > + It will notify the Redfish service provider to abort all logined > > + session, and > > prohibit > > + further login with original auth info. GetAuthInfo() will return > > EFI_UNSUPPORTED once this > > + function is returned. > > + > > + @param[in] This Pointer to > > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > > + @param[in] ServiceStopType Reason of stopping Redfish service. > > + > > + @retval EFI_SUCCESS Service has been stoped successfull= y. > > + @retval EFI_INVALID_PARAMETER This is NULL or given the worng > > ServiceStopType. > > + @retval EFI_UNSUPPORTED Not support to stop Redfish service= . > > + @retval Others Some error happened. > > + > > +**/ > > +EFI_STATUS > > +EFIAPI > > +LibStopRedfishService ( > > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > > + IN EDKII_REDFISH_CREDENTIAL_STOP_SERVICE_TYPE ServiceStopType > > + ) > > +{ > > + return EFI_UNSUPPORTED; > > +} > > + > > diff --git > > a/RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNu > > ll.in > > f > > b/RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNu > > ll.in > > f > > new file mode 100644 > > index 0000000000..4c22e89718 > > --- /dev/null > > +++ > > b/RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNu > > ll.in > > f > > @@ -0,0 +1,30 @@ > > +## @file > > +# NULL instance of RedfishPlatformCredentialLib # # (C) Copyright > > +2020 Hewlett Packard Enterprise Development LP
# # > > +SPDX-License-Identifier: BSD-2-Clause-Patent # ## > > + > > +[Defines] > > + INF_VERSION =3D 0x0001000b > > + BASE_NAME =3D RedfishPlatformCredentialLibNull > > + FILE_GUID =3D CA3BD843-0BDD-4EE0-A38A-B45CA6631= 14F > > + MODULE_TYPE =3D DXE_DRIVER > > + VERSION_STRING =3D 1.0 > > + LIBRARY_CLASS =3D RedfishPlatformCredentialLib > > + > > +# > > +# VALID_ARCHITECTURES =3D IA32 X64 ARM AARCH64 RISCV64 > > +# > > + > > +[Sources] > > + PlatformCredentialLibNull.c > > + > > +[Packages] > > + MdePkg/MdePkg.dec > > + MdeModulePkg/MdeModulePkg.dec > > + RedfishPkg/RedfishPkg.dec > > + > > + > > diff --git a/RedfishPkg/Redfish.fdf.inc b/RedfishPkg/Redfish.fdf.inc > > index 19de479a80..24e32e0abf 100644 > > --- a/RedfishPkg/Redfish.fdf.inc > > +++ b/RedfishPkg/Redfish.fdf.inc > > @@ -13,4 +13,5 @@ > > !if $(REDFISH_ENABLE) =3D=3D TRUE > > INF RedfishPkg/RestJsonStructureDxe/RestJsonStructureDxe.inf > > INF RedfishPkg/RedfishHostInterfaceDxe/RedfishHostInterfaceDxe.inf > > + INF RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.inf > > !endif > > diff --git a/RedfishPkg/RedfishComponents.dsc.inc > > b/RedfishPkg/RedfishComponents.dsc.inc > > index ac1b57ed8f..ff32653ec8 100644 > > --- a/RedfishPkg/RedfishComponents.dsc.inc > > +++ b/RedfishPkg/RedfishComponents.dsc.inc > > @@ -15,4 +15,5 @@ > > !if $(REDFISH_ENABLE) =3D=3D TRUE > > RedfishPkg/RestJsonStructureDxe/RestJsonStructureDxe.inf > > RedfishPkg/RedfishHostInterfaceDxe/RedfishHostInterfaceDxe.inf > > + RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.inf > > !endif > > diff --git a/RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.c > > b/RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.c > > new file mode 100644 > > index 0000000000..f48d1d011c > > --- /dev/null > > +++ b/RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.c > > @@ -0,0 +1,209 @@ > > +/** @file > > + RedfishCrentialDxe produces the EdkIIRedfishCredentialProtocol for > > +the > > consumer > > + to get the Redfish credential Info and to restrict Redfish access > > + from UEFI > > side. > > + > > + (C) Copyright 2020 Hewlett Packard Enterprise Development LP
> > + > > + SPDX-License-Identifier: BSD-2-Clause-Patent > > + > > +**/ > > + > > +#include > > + > > +EDKII_REDFISH_CREDENTIAL_PROTOCOL mRedfishCredentialProtocol =3D { > > + RedfishCredentialGetAuthInfo, > > + RedfishCredentialStopService > > +}; > > + > > +/** > > + Callback function executed when the ExitBootServices event group is > > signaled. > > + > > + @param[in] Event Event whose notification function is being invo= ked. > > + @param[out] Context Pointer to the buffer pass in. > > +**/ > > +VOID > > +EFIAPI > > +RedfishCredentialExitBootServicesEventNotify ( > > + IN EFI_EVENT Event, > > + OUT VOID *Context > > + ) > > +{ > > + LibCredentialExitBootServicesNotify > > ((EDKII_REDFISH_CREDENTIAL_PROTOCOL *)Context); > > +} > > + > > +/** > > + Callback function executed when the EndOfDxe event group is signaled= . > > + > > + @param[in] Event Event whose notification function is being invo= ked. > > + @param[out] Context Pointer to the buffer pass in. > > +**/ > > +VOID > > +EFIAPI > > +RedfishCredentialEndOfDxeEventNotify ( > > + IN EFI_EVENT Event, > > + OUT VOID *Context > > + ) > > +{ > > + LibCredentialEndOfDxeNotify ((EDKII_REDFISH_CREDENTIAL_PROTOCOL > > *)Context); > > + > > + // > > + // Close event, so it will not be invoked again. > > + // > > + gBS->CloseEvent (Event); > > +} > > + > > +/** > > + Retrieve platform's Redfish authentication information. > > + > > + This functions returns the Redfish authentication method together > > + with > > the user Id and > > + password. > > + - For AuthMethodNone, the UserId and Password could be used for > > + HTTP > > header authentication > > + as defined by RFC7235. > > + - For AuthMethodRedfishSession, the UserId and Password could be > > + used > > for Redfish > > + session login as defined by Redfish API specification (DSP0266). > > + > > + Callers are responsible for and freeing the returned string storage. > > + > > + @param[in] This Pointer to > > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > > + @param[out] AuthMethod Type of Redfish authentication meth= od. > > + @param[out] UserId The pointer to store the returned U= serId > > string. > > + @param[out] Password The pointer to store the returned > Password > > string. > > + > > + @retval EFI_SUCCESS Get the authentication information > > successfully. > > + @retval EFI_ACCESS_DENIED SecureBoot is disabled after EndOfD= xe. > > + @retval EFI_INVALID_PARAMETER This or AuthMethod or UserId or > > Password is NULL. > > + @retval EFI_OUT_OF_RESOURCES There are not enough memory > > resources. > > + @retval EFI_UNSUPPORTED Unsupported authentication method i= s > > found. > > + > > +**/ > > +EFI_STATUS > > +EFIAPI > > +RedfishCredentialGetAuthInfo ( > > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > > + OUT EDKII_REDFISH_AUTH_METHOD *AuthMethod, > > + OUT CHAR8 **UserId, > > + OUT CHAR8 **Password > > + ) > > +{ > > + if (This =3D=3D NULL || AuthMethod =3D=3D NULL || UserId =3D=3D NULL= || > > +Password > > =3D=3D NULL) { > > + return EFI_INVALID_PARAMETER; > > + } > > + > > + return LibCredentialGetAuthInfo (This, AuthMethod, > > +UserId,Password); } > > + > > +/** > > + Notify the Redfish service provide to stop provide configuration > > +service to > > this platform. > > + > > + This function should be called when the platfrom is about to leave > > + the safe > > environment. > > + It will notify the Redfish service provider to abort all logined > > + session, and > > prohibit > > + further login with original auth info. GetAuthInfo() will return > > EFI_UNSUPPORTED once this > > + function is returned. > > + > > + @param[in] This Pointer to > > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > > + @param[in] ServiceStopType Reason of stopping Redfish service. > > + > > + @retval EFI_SUCCESS Service has been stoped successfull= y. > > + @retval EFI_INVALID_PARAMETER This is NULL or given the worng > > ServiceStopType. > > + @retval EFI_UNSUPPORTED Not support to stop Redfish service= . > > + @retval Others Some error happened. > > + > > +**/ > > +EFI_STATUS > > +EFIAPI > > +RedfishCredentialStopService ( > > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > > + IN EDKII_REDFISH_CREDENTIAL_STOP_SERVICE_TYPE ServiceStopType > > + ) > > +{ > > + if (This =3D=3D NULL) { > > + return EFI_INVALID_PARAMETER; > > + } > > + > > + return LibStopRedfishService (This, ServiceStopType); } > > + > > +/** > > + Main entry for this driver. > > + > > + @param ImageHandle Image handle this driver. > > + @param SystemTable Pointer to SystemTable. > > + > > + @retval EFI_SUCESS This function always complete successfully. > > + > > +**/ > > +EFI_STATUS > > +EFIAPI > > +RedfishCredentialDxeDriverEntryPoint ( > > + IN EFI_HANDLE ImageHandle, > > + IN EFI_SYSTEM_TABLE *SystemTable > > + ) > > +{ > > + EFI_STATUS Status; > > + EFI_HANDLE Handle; > > + EFI_EVENT EndOfDxeEvent; > > + EFI_EVENT ExitBootServiceEvent; > > + > > + Handle =3D NULL; > > + > > + // > > + // Install the RedfishCredentialProtocol onto Handle. > > + // > > + Status =3D gBS->InstallMultipleProtocolInterfaces ( > > + &Handle, > > + &gEdkIIRedfishCredentialProtocolGuid, > > + &mRedfishCredentialProtocol, > > + NULL > > + ); > > + if (EFI_ERROR (Status)) { > > + return Status; > > + } > > + > > + // > > + // After EndOfDxe, if SecureBoot is disabled, Redfish Credential > > + Protocol > > should return > > + // error code to caller to avoid the 3rd code to bypass Redfish > > + Credential > > Protocol and > > + // retrieve userid/pwd directly. So, here, we create EndOfDxe Event > > + to > > check SecureBoot > > + // status. > > + // > > + Status =3D gBS->CreateEventEx ( > > + EVT_NOTIFY_SIGNAL, > > + TPL_CALLBACK, > > + RedfishCredentialEndOfDxeEventNotify, > > + (VOID *)&mRedfishCredentialProtocol, > > + &gEfiEndOfDxeEventGroupGuid, > > + &EndOfDxeEvent > > + ); > > + if (EFI_ERROR (Status)) { > > + goto ON_ERROR; > > + } > > + > > + // > > + // After ExitBootServices, Redfish Credential Protocol should stop > > + the > > service. > > + // So, here, we create ExitBootService Event to stop service. > > + // > > + Status =3D gBS->CreateEventEx ( > > + EVT_NOTIFY_SIGNAL, > > + TPL_CALLBACK, > > + RedfishCredentialExitBootServicesEventNotify, > > + (VOID *)&mRedfishCredentialProtocol, > > + &gEfiEventExitBootServicesGuid, > > + &ExitBootServiceEvent > > + ); > > + if (EFI_ERROR (Status)) { > > + gBS->CloseEvent (EndOfDxeEvent); > > + goto ON_ERROR; > > + } > > + > > + return EFI_SUCCESS; > > + > > +ON_ERROR: > > + > > + gBS->UninstallMultipleProtocolInterfaces ( > > + Handle, > > + &gEdkIIRedfishCredentialProtocolGuid, > > + &mRedfishCredentialProtocol, > > + NULL > > + ); > > + > > + return Status; > > +} > > diff --git a/RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.h > > b/RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.h > > new file mode 100644 > > index 0000000000..6e7e417b33 > > --- /dev/null > > +++ b/RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.h > > @@ -0,0 +1,75 @@ > > +/** @file > > + Definition of Redfish Credential DXE driver. > > + > > + (C) Copyright 2020 Hewlett Packard Enterprise Development LP
> > + > > + SPDX-License-Identifier: BSD-2-Clause-Patent > > + > > +**/ > > +#ifndef EDKII_REDFISH_CREDENTIAL_DXE_H_ #define > > +EDKII_REDFISH_CREDENTIAL_DXE_H_ > > + > > +#include > > + > > +#include > > +#include > > +#include > > +#include #include > > + #include > > + > > +/** > > + Retrieve platform's Redfish authentication information. > > + > > + This functions returns the Redfish authentication method together > > + with > > the user Id and > > + password. > > + - For AuthMethodNone, the UserId and Password could be used for > > + HTTP > > header authentication > > + as defined by RFC7235. > > + - For AuthMethodRedfishSession, the UserId and Password could be > > + used > > for Redfish > > + session login as defined by Redfish API specification (DSP0266). > > + > > + Callers are responsible for and freeing the returned string storage. > > + > > + @param[in] This Pointer to > > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > > + @param[out] AuthMethod Type of Redfish authentication meth= od. > > + @param[out] UserId The pointer to store the returned U= serId > > string. > > + @param[out] Password The pointer to store the returned > Password > > string. > > + > > + @retval EFI_SUCCESS Get the authentication information > > successfully. > > + @retval EFI_ACCESS_DENIED SecureBoot is disabled after EndOfD= xe. > > + @retval EFI_INVALID_PARAMETER This or AuthMethod or UserId or > > Password is NULL. > > + @retval EFI_OUT_OF_RESOURCES There are not enough memory > > resources. > > + @retval EFI_UNSUPPORTED Unsupported authentication method i= s > > found. > > + > > +**/ > > +EFI_STATUS > > +EFIAPI > > +RedfishCredentialGetAuthInfo ( > > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > > + OUT EDKII_REDFISH_AUTH_METHOD *AuthMethod, > > + OUT CHAR8 **UserId, > > + OUT CHAR8 **Password > > + ); > > + > > +/** > > + Notify the Redfish service provide to stop provide configuration > > +service to > > this platform. > > + > > + This function should be called when the platfrom is about to leave > > + the safe > > environment. > > + It will notify the Redfish service provider to abort all logined > > + session, and > > prohibit > > + further login with original auth info. GetAuthInfo() will return > > EFI_UNSUPPORTED once this > > + function is returned. > > + > > + @param[in] This Pointer to > > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > > + > > + @retval EFI_SUCCESS Service has been stoped successfull= y. > > + @retval EFI_INVALID_PARAMETER This is NULL. > > + @retval Others Some error happened. > > + > > +**/ > > +EFI_STATUS > > +EFIAPI > > +RedfishCredentialStopService ( > > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > > + IN EDKII_REDFISH_CREDENTIAL_STOP_SERVICE_TYPE ServiceStopType > > + ); > > +#endif > > diff --git a/RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.inf > > b/RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.inf > > new file mode 100644 > > index 0000000000..707d9a04d9 > > --- /dev/null > > +++ b/RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.inf > > @@ -0,0 +1,51 @@ > > +## @file > > +# RedfishCredentialDxe is required to produce the # EdkII > > +RedfishCredentialProtocol for the consumer to get the Redfish # > > +credential Info and to restrict Redfish access from UEFI side. > > +# > > +# (C) Copyright 2020 Hewlett Packard Enterprise Development LP
# > > +SPDX-License-Identifier: BSD-2-Clause-Patent # ## > > + > > +[Defines] > > + INF_VERSION =3D 0x0001000b > > + BASE_NAME =3D RedfishCredentialDxe > > + FILE_GUID =3D 458CE95A-4942-09A9-5D21-A6B16D5DA= D7F > > + MODULE_TYPE =3D DXE_DRIVER > > + VERSION_STRING =3D 1.0 > > + ENTRY_POINT =3D RedfishCredentialDxeDriverEntryPo= int > > + > > +# > > +# VALID_ARCHITECTURES =3D IA32 X64 ARM AARCH64 RISCV64 > > +# > > + > > +[Sources] > > + RedfishCredentialDxe.c > > + RedfishCredentialDxe.h > > + > > +[Packages] > > + MdePkg/MdePkg.dec > > + MdeModulePkg/MdeModulePkg.dec > > + RedfishPkg/RedfishPkg.dec > > + > > +[LibraryClasses] > > + BaseLib > > + DebugLib > > + PrintLib > > + RedfishPlatformCredentialLib > > + UefiBootServicesTableLib > > + UefiDriverEntryPoint > > + UefiRuntimeServicesTableLib > > + UefiLib > > + > > +[Protocols] > > + gEdkIIRedfishCredentialProtocolGuid ## BY_START > > + > > + > > +[Guids] > > + gEfiEndOfDxeEventGroupGuid ## CONSUMES ## Event > > + gEfiEventExitBootServicesGuid ## CONSUMES ## Event > > + > > +[Depex] > > + TRUE > > diff --git a/RedfishPkg/RedfishPkg.dec b/RedfishPkg/RedfishPkg.dec > > index 861f6dd0c8..fc56b4fefb 100644 > > --- a/RedfishPkg/RedfishPkg.dec > > +++ b/RedfishPkg/RedfishPkg.dec > > @@ -21,6 +21,10 @@ > > # Platform implementation-specific Redfish Host Interface. > > > > RedfishPlatformHostInterfaceLib|Include/Library/RedfishHostInterfaceLi > > RedfishPlatformHostInterfaceLib|b.h > > > > + ## @libraryclass Platform Redfish Credential Library > > + # Platform implementation-specific Redfish Credential Interface. > > + RedfishPlatformCredentialLib|Include/Library/RedfishCredentialLib.h > > + > > [Protocols] > > ## Include/Protocol/RedfishDiscover.h > > gEfiRedfishDiscoverProtocolGuid =3D { 0x5db12509, 0x4550, 0x434= 7, { 0x96, > > 0xb3, 0x73, 0xc0, 0xff, 0x6e, 0x86, 0x9f }} diff --git > > a/RedfishPkg/RedfishPkg.dsc b/RedfishPkg/RedfishPkg.dsc index > > 94e7127bc6..f7d5b90918 100644 > > --- a/RedfishPkg/RedfishPkg.dsc > > +++ b/RedfishPkg/RedfishPkg.dsc > > @@ -32,6 +32,7 @@ > > > > > DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/Bas > > eDebugPrintErrorLevelLib.inf > > PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf > > > > RedfishPlatformHostInterfaceLib|RedfishPkg/Library/PlatformHostInterfa > > RedfishPlatformHostInterfaceLib|ce > > LibNull/PlatformHostInterfaceLibNull.inf > > + > > RedfishPlatformCredentialLib|RedfishPkg/Library/PlatformCredentialLibN > > RedfishPlatformCredentialLib|ull/ > > PlatformCredentialLibNull.inf > > > > [LibraryClasses.ARM, LibraryClasses.AARCH64] > > # > > @@ -43,5 +44,6 @@ > > > > [Components] > > > > RedfishPkg/Library/PlatformHostInterfaceLibNull/PlatformHostInterfaceL > > ibN > > ull.inf > > + > > RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNull > > .inf > > > > !include RedfishPkg/Redfish.dsc.inc > > -- > > 2.17.1