From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mx0a-002e3701.pphosted.com (mx0a-002e3701.pphosted.com [148.163.147.86]) by mx.groups.io with SMTP id smtpd.web10.1738.1608086733761251762 for ; Tue, 15 Dec 2020 18:45:33 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@hpe.com header.s=pps0720 header.b=HwkAO5YC; spf=pass (domain: hpe.com, ip: 148.163.147.86, mailfrom: prvs=0619dd586b=nickle.wang@hpe.com) Received: from pps.filterd (m0148663.ppops.net [127.0.0.1]) by mx0a-002e3701.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 0BG2iD27022028 for ; Wed, 16 Dec 2020 02:45:33 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hpe.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=pps0720; bh=SAkRkVSAvEMLDbv/yVthnkoG6UBMXod1EQ9mESRXBP0=; b=HwkAO5YCQSUz001+gbGr6OJ6X2InlZYYOfsNjT8IIG61N8AZaIMLuVpoh5yE0fwOqAlk bwxOkcY1p5r3UU2WCqIWiaq8p2YE8oRsEurMJJGF/4xF9Z9EzSwPq90sfhbcGs3aZxFF 1wh1m7e1XYyoK+kUuBax4K/tUGfZu1Gk5Ix2ZkNN3fCsuP2Db20kR+HeWYCaigy2Hxa6 kjDDGGoHOV/tsW9fEN0wbP5fK2w97r/8SH9K3KbRhN8UgFfopGeVJw8BhgGCAHSvxxpc 535wIawI7CkdYXjP1CTJ+0lIO88gsgHEfB7/EVSB5b3FeOUUw9+J3+Azi7c8UcDYgmMY YA== Received: from g2t2352.austin.hpe.com (g2t2352.austin.hpe.com [15.233.44.25]) by mx0a-002e3701.pphosted.com with ESMTP id 35f4cvt0na-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 16 Dec 2020 02:45:33 +0000 Received: from G4W10205.americas.hpqcorp.net (g4w10205.houston.hpecorp.net [16.207.82.15]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by g2t2352.austin.hpe.com (Postfix) with ESMTPS id 9F947B0 for ; Wed, 16 Dec 2020 02:45:32 +0000 (UTC) Received: from G9W9210.americas.hpqcorp.net (2002:10dc:429b::10dc:429b) by G4W10205.americas.hpqcorp.net (2002:10cf:520f::10cf:520f) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 16 Dec 2020 02:45:31 +0000 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (15.241.52.10) by G9W9210.americas.hpqcorp.net (16.220.66.155) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Wed, 16 Dec 2020 02:45:32 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cmsRN9Q/pbDyMdFznaNLaXaQY3Yb5OFGn3Mq4oNtOmA1YmzPpKaaLgri8aJyHUeXe6REhOMzElyuCeYYEIkGSDdSSR9qpOrMm+OOzp5yHnitFiurFWS2bbVO8mbSVwhT470K/exWYM/v3TC7ruXQ08+9Mtsg6oATVsMlgHvtxnv2KuikIA6FhC6mZVSEqFGB0kVVPCjdLhZn+ynMAQlpNRpRW4ddwAMuY+rQtrAobhxkkXyfRLfB+yU4BV+8eU8gC6WyLRoi1NGkCjp8a3Av3aT7IvsMLB67cEJfwC4+gu+OIqpz2L7bOhogvUOdimABAf7/2IKiLw6kZSn0c7AHpA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=SAkRkVSAvEMLDbv/yVthnkoG6UBMXod1EQ9mESRXBP0=; b=Ii/w1FAjasZAH/WDfzgFJXTiZwnX97xnNPheHZEeASWvWwnRWygn/kTeddd3zzI8SQLHRnixxt3X/fvTZqxMKbJBIcuH+TVSi2r3UHBowwYoIx4L8wpwoWaYiVTUvBpiA2BdGUEYNyWs7cJvWdw/No+AA1wFM12HMS7El2msYTL8MgjfiqT85tBCLkuNfYlKKe0WgQ8BkEL3IAPuTwcCHsMazPkoSoZD/Mq5ofO9pD9LBcQeXQ7nPTlX98Wo9MSWp5/7RrVqjGY9t6kRSUMzxJ1HsFPyALvi/gyihPKDg8y+1zQF//KDNYGnJeHt52jqDXcYiR+cupxS7kxU7a9BuA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=hpe.com; dmarc=pass action=none header.from=hpe.com; dkim=pass header.d=hpe.com; arc=none Received: from DF4PR8401MB0812.NAMPRD84.PROD.OUTLOOK.COM (2a01:111:e400:760d::7) by DF4PR8401MB0505.NAMPRD84.PROD.OUTLOOK.COM (2a01:111:e400:7607::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3654.13; Wed, 16 Dec 2020 02:45:31 +0000 Received: from DF4PR8401MB0812.NAMPRD84.PROD.OUTLOOK.COM ([fe80::e475:6a2b:ed1c:a060]) by DF4PR8401MB0812.NAMPRD84.PROD.OUTLOOK.COM ([fe80::e475:6a2b:ed1c:a060%11]) with mapi id 15.20.3654.025; Wed, 16 Dec 2020 02:45:30 +0000 From: "Nickle Wang" To: "Chang, Abner (HPS SW/FW Technologist)" , "devel@edk2.groups.io" CC: "O'Hanley, Peter (EXL)" Subject: Re: [PATCH 2/2] RedfishPkg/RedfishCredentialDxe: EDKII Redfish Credential DXE driver Thread-Topic: [PATCH 2/2] RedfishPkg/RedfishCredentialDxe: EDKII Redfish Credential DXE driver Thread-Index: AQHWzg30T64bER/8z0CdUjUDIPC/3an5Df/A Date: Wed, 16 Dec 2020 02:45:30 +0000 Message-ID: References: <20201209084333.22422-1-abner.chang@hpe.com> <20201209084333.22422-3-abner.chang@hpe.com> In-Reply-To: <20201209084333.22422-3-abner.chang@hpe.com> Accept-Language: zh-TW, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: hpe.com; dkim=none (message not signed) header.d=none;hpe.com; dmarc=none action=none header.from=hpe.com; x-originating-ip: [61.230.121.70] x-ms-publictraffictype: Email x-ms-office365-filtering-ht: Tenant x-ms-office365-filtering-correlation-id: 0425753f-e983-49ea-64c7-08d8a16ca754 x-ms-traffictypediagnostic: DF4PR8401MB0505: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:4125; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: mUJTC6JOiMzLit+sN9aEqih6RzcU4fKm7A7UvwZVjeUOrgATjQv0GmqwyKyk8SkP1WiX8ewpDhRLXvM93LLBULN+WIe5P67BBAfCDf21Kq5+lrI6FAnUtK2RvO/VzSK6X4eSnTC8GBx/dzo/SVRIpxrZZ9zlYJxVIS10nMtkutthcENZ1z0P3AsYALTrma4s/AkmSswKPb2ZxIZ3ClkJIbSB5/ACg2V8kwVFBRN0gyahismwrQdHdM8HFZux71rUlupqn8neVxsT0kCO4t+Ve622Pf3kt71Z2Ef1JtNERaO1Kx5jUdtNvL/SX7nmbJhdT/a1txlTm5BIjOiL5JyqPrTCh4BK8bWwbfZ9kAR8Kc96c4cQOfQkaEkytrbShhL6 x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DF4PR8401MB0812.NAMPRD84.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(376002)(396003)(366004)(346002)(136003)(39850400004)(53546011)(83380400001)(66446008)(33656002)(5660300002)(76116006)(4326008)(86362001)(110136005)(66476007)(55016002)(8936002)(52536014)(64756008)(30864003)(7696005)(66946007)(66556008)(71200400001)(9686003)(316002)(478600001)(26005)(186003)(8676002)(2906002)(6506007)(559001)(579004)(44824005);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata: =?us-ascii?Q?V+IcRYwYou0OxQthjCnFfyW079UzkA2WC3cS3yj7auMHXLkg7LmQGa+H3Rzc?= =?us-ascii?Q?vAaGnmaxCu3oSAOgjkaLe20JbWldT9YmuCFLHCp1TwO7WaLjXYIEyRm40nG/?= =?us-ascii?Q?C7AxzjvcWrOWywPU2tiVb6SEty/dlUPGTS2VNkH3JYtiuW+E7/up/csjDtLi?= =?us-ascii?Q?rZzw0GRF4QCALgi0PHmJ+JJuv/fK7PGoNjf5xxDLEiydE3JZkjE5/Mhl62Cw?= =?us-ascii?Q?QDf/4I1fcXRfeeZ25k43ChQGY8VC98hMdZcpxgllEhvvusj2fBJFbonlpCnC?= =?us-ascii?Q?taSTxazkjb6+cUl5dlunobH/zYQfThdm/b3LQbpB1VjLuCrInXIyu7UkrcHS?= =?us-ascii?Q?1IdTgvw2CgY8NMeCUg1lhapmakFcklCOLsggJWzTaqm0IivOllQ4AFf5VXwv?= =?us-ascii?Q?f9eT/D03pTNJpo/DYN8F2MXXSdGl50dwasHRe4xa4GPvIijGxZ0q9FLphcwh?= =?us-ascii?Q?xNnt/afZSyr2daqEg1241WJZP20DOtvH+/qdvulOphuZXA9HUQxzQC7H7ywF?= =?us-ascii?Q?Ev3JwmuWNUOsDgX/8PrDsiJMdWjdVxdPAkS+ITamktlouwNEZ7RJ7A2CpK1s?= =?us-ascii?Q?kVTPWcvclboxPk9wNvnYrg1IUW8Qza49Es71sDBeaKYJGnOdoJacpl5epIt1?= =?us-ascii?Q?3SlEiOxoYIE5NHxMH1CqFKl6HSJfeyS/FGu216MJ1GC9q5PBhBwGYz4Z81Ad?= =?us-ascii?Q?LU4karaJhXH7sG+MqfAV6vzvzSFT0E1OoAtHBd5VqxZGM6tI9R0cNewMBuOT?= =?us-ascii?Q?4UH9YZNzA5lRNcZSDtLgL1yo1dsrjqq81VIZwVLYU1QCcTOKGb0j5hR2mxwn?= =?us-ascii?Q?f97eO4bKoUhTJXtSsU6WAcPHrb+BtzhSRSKfLVQjlC7gkC2f9Z3MLKIHelcf?= =?us-ascii?Q?8uOpxNkIOFOfUPMLH0F3tEwFBQHZ1Z0Ck5PDS3HYzCxSLwAZNE7c8yJc5Sg4?= =?us-ascii?Q?tenT4TT7KCnL9h740RC6mGD1VaOGqZhD0PymD6eJnVE=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: DF4PR8401MB0812.NAMPRD84.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-Network-Message-Id: 0425753f-e983-49ea-64c7-08d8a16ca754 X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Dec 2020 02:45:30.7551 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 105b2061-b669-4b31-92ac-24d304d195dc X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: FDdTHpY5raracQbXCatBZ8dZaY9EH1rC7dgTG9FL2gKdegpIWhip3McpYJj5oPc3li5aaQByRgz/VEoSYXD+Zg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DF4PR8401MB0505 X-OriginatorOrg: hpe.com X-HPE-SCL: -1 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.343,18.0.737 definitions=2020-12-15_13:2020-12-15,2020-12-15 signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 phishscore=0 adultscore=0 suspectscore=0 mlxscore=0 spamscore=0 lowpriorityscore=0 priorityscore=1501 clxscore=1015 bulkscore=0 mlxlogscore=999 malwarescore=0 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2012160014 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Abner, Overall looks good to me. Just a question about implementation. The End-Of-DXE and Exit-Boot-Service is registered in Redfish Credential dr= iver and the implementation is provide by RedfishPlatformCredentialLib libr= ary. May I know if it is possible to register these two events in RedfishPl= atformCredentialLib directly? In this way, we do not need two additional in= terfaces in RedfishPlatformCredentialLib library. Thanks, Nickle > -----Original Message----- > From: Chang, Abner (HPS SW/FW Technologist) > Sent: Wednesday, December 9, 2020 4:44 PM > To: devel@edk2.groups.io > Cc: Wang, Nickle (HPS SW) ; O'Hanley, Peter (EXL) > > Subject: [PATCH 2/2] RedfishPkg/RedfishCredentialDxe: EDKII Redfish > Credential DXE driver >=20 > EDKII Redfish Credential DXE driver which abstracts platform Redfish > credential implementation. >=20 > Signed-off-by: Jiaxin Wu > Signed-off-by: Ting Ye > Signed-off-by: Siyuan Fu > Signed-off-by: Fan Wang > Signed-off-by: Abner Chang >=20 > Cc: Nickle Wang > Cc: Peter O'Hanley > --- > .../Include/Library/RedfishCredentialLib.h | 91 ++++++++ > .../PlatformCredentialLibNull.c | 101 +++++++++ > .../PlatformCredentialLibNull.inf | 30 +++ > RedfishPkg/Redfish.fdf.inc | 1 + > RedfishPkg/RedfishComponents.dsc.inc | 1 + > .../RedfishCredentialDxe.c | 209 ++++++++++++++++++ > .../RedfishCredentialDxe.h | 75 +++++++ > .../RedfishCredentialDxe.inf | 51 +++++ > RedfishPkg/RedfishPkg.dec | 4 + > RedfishPkg/RedfishPkg.dsc | 2 + > 10 files changed, 565 insertions(+) > create mode 100644 RedfishPkg/Include/Library/RedfishCredentialLib.h > create mode 100644 > RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNull.c > create mode 100644 > RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNull.in= f > create mode 100644 > RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.c > create mode 100644 > RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.h > create mode 100644 > RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.inf >=20 > diff --git a/RedfishPkg/Include/Library/RedfishCredentialLib.h > b/RedfishPkg/Include/Library/RedfishCredentialLib.h > new file mode 100644 > index 0000000000..dac1b3303f > --- /dev/null > +++ b/RedfishPkg/Include/Library/RedfishCredentialLib.h > @@ -0,0 +1,91 @@ > +/** @file > + Definitinos of RedfishHostInterfaceDxe driver. > + > + (C) Copyright 2020 Hewlett Packard Enterprise Development LP
> + > + SPDX-License-Identifier: BSD-2-Clause-Patent > + > +**/ > +#ifndef REDFISH_CREDENTIAL_LIB_H_ > +#define REDFISH_CREDENTIAL_LIB_H_ > + > +#include > + > +/** > + Notification of Exit Boot Service. > + > + @param[in] This Pointer to EDKII_REDFISH_CREDENTIAL_PROTOCOL. > +**/ > +VOID > +EFIAPI > +LibCredentialExitBootServicesNotify ( > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This > +); > + > +/** > + Notification of End of DXe. > + > + @param[in] This Pointer to EDKII_REDFISH_CREDENTIAL_PROTOCOL. > +**/ > +VOID > +EFIAPI > +LibCredentialEndOfDxeNotify ( > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This > +); > + > +/** > + Retrieve platform's Redfish authentication information. > + > + This functions returns the Redfish authentication method together with > the user Id and > + password. > + - For AuthMethodNone, the UserId and Password could be used for HTTP > header authentication > + as defined by RFC7235. > + - For AuthMethodRedfishSession, the UserId and Password could be used > for Redfish > + session login as defined by Redfish API specification (DSP0266). > + > + Callers are responsible for and freeing the returned string storage. > + > + @param[in] This Pointer to > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > + @param[out] AuthMethod Type of Redfish authentication method= . > + @param[out] UserId The pointer to store the returned Use= rId > string. > + @param[out] Password The pointer to store the returned Pas= sword > string. > + > + @retval EFI_SUCCESS Get the authentication information > successfully. > + @retval EFI_ACCESS_DENIED SecureBoot is disabled after EndOfDxe= . > + @retval EFI_INVALID_PARAMETER This or AuthMethod or UserId or > Password is NULL. > + @retval EFI_OUT_OF_RESOURCES There are not enough memory > resources. > + @retval EFI_UNSUPPORTED Unsupported authentication method is > found. > + > +**/ > +EFI_STATUS > +EFIAPI > +LibCredentialGetAuthInfo ( > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > + OUT EDKII_REDFISH_AUTH_METHOD *AuthMethod, > + OUT CHAR8 **UserId, > + OUT CHAR8 **Password > +); > + > +/** > + Notify the Redfish service provide to stop provide configuration servi= ce to > this platform. > + > + This function should be called when the platfrom is about to leave the= safe > environment. > + It will notify the Redfish service provider to abort all logined sessi= on, and > prohibit > + further login with original auth info. GetAuthInfo() will return > EFI_UNSUPPORTED once this > + function is returned. > + > + @param[in] This Pointer to > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > + @param[in] ServiceStopType Reason of stopping Redfish service. > + > + @retval EFI_SUCCESS Service has been stoped successfully. > + @retval EFI_INVALID_PARAMETER This is NULL. > + @retval Others Some error happened. > + > +**/ > +EFI_STATUS > +EFIAPI > +LibStopRedfishService ( > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > + IN EDKII_REDFISH_CREDENTIAL_STOP_SERVICE_TYPE ServiceStopType > +); > +#endif > diff --git > a/RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNull.= c > b/RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNull.= c > new file mode 100644 > index 0000000000..39de622d59 > --- /dev/null > +++ > b/RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNull.= c > @@ -0,0 +1,101 @@ > +/** @file > + NULL instace of RedfishPlatformCredentialLib > + > + (C) Copyright 2020 Hewlett Packard Enterprise Development LP
> + > + SPDX-License-Identifier: BSD-2-Clause-Patent > + > +**/ > +#include > +#include > +/** > + Notification of Exit Boot Service. > + > + @param[in] This Pointer to EDKII_REDFISH_CREDENTIAL_PROTOCOL. > +**/ > +VOID > +EFIAPI > +LibCredentialExitBootServicesNotify ( > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This > +) > +{ > + return; > +} > + > +/** > + Notification of End of DXe. > + > + @param[in] This Pointer to EDKII_REDFISH_CREDENTIAL_PROTOCOL. > +**/ > +VOID > +EFIAPI > +LibCredentialEndOfDxeNotify ( > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This > +) > +{ > + return; > +} > + > +/** > + Retrieve platform's Redfish authentication information. > + > + This functions returns the Redfish authentication method together with > the user Id and > + password. > + - For AuthMethodNone, the UserId and Password could be used for HTTP > header authentication > + as defined by RFC7235. > + - For AuthMethodRedfishSession, the UserId and Password could be used > for Redfish > + session login as defined by Redfish API specification (DSP0266). > + > + Callers are responsible for and freeing the returned string storage. > + > + @param[in] This Pointer to > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > + @param[out] AuthMethod Type of Redfish authentication method= . > + @param[out] UserId The pointer to store the returned Use= rId > string. > + @param[out] Password The pointer to store the returned Pas= sword > string. > + > + @retval EFI_SUCCESS Get the authentication information > successfully. > + @retval EFI_ACCESS_DENIED SecureBoot is disabled after EndOfDxe= . > + @retval EFI_INVALID_PARAMETER This or AuthMethod or UserId or > Password is NULL. > + @retval EFI_OUT_OF_RESOURCES There are not enough memory > resources. > + @retval EFI_UNSUPPORTED Unsupported authentication method is > found. > + > +**/ > +EFI_STATUS > +EFIAPI > +LibCredentialGetAuthInfo ( > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > + OUT EDKII_REDFISH_AUTH_METHOD *AuthMethod, > + OUT CHAR8 **UserId, > + OUT CHAR8 **Password > +) > +{ > + return EFI_UNSUPPORTED; > +} > + > +/** > + Notify the Redfish service provide to stop provide configuration servi= ce to > this platform. > + > + This function should be called when the platfrom is about to leave the= safe > environment. > + It will notify the Redfish service provider to abort all logined sessi= on, and > prohibit > + further login with original auth info. GetAuthInfo() will return > EFI_UNSUPPORTED once this > + function is returned. > + > + @param[in] This Pointer to > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > + @param[in] ServiceStopType Reason of stopping Redfish service. > + > + @retval EFI_SUCCESS Service has been stoped successfully. > + @retval EFI_INVALID_PARAMETER This is NULL or given the worng > ServiceStopType. > + @retval EFI_UNSUPPORTED Not support to stop Redfish service. > + @retval Others Some error happened. > + > +**/ > +EFI_STATUS > +EFIAPI > +LibStopRedfishService ( > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > + IN EDKII_REDFISH_CREDENTIAL_STOP_SERVICE_TYPE ServiceStopType > + ) > +{ > + return EFI_UNSUPPORTED; > +} > + > diff --git > a/RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNull.= in > f > b/RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNull.= in > f > new file mode 100644 > index 0000000000..4c22e89718 > --- /dev/null > +++ > b/RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNull.= in > f > @@ -0,0 +1,30 @@ > +## @file > +# NULL instance of RedfishPlatformCredentialLib > +# > +# (C) Copyright 2020 Hewlett Packard Enterprise Development LP
> +# > +# SPDX-License-Identifier: BSD-2-Clause-Patent > +# > +## > + > +[Defines] > + INF_VERSION =3D 0x0001000b > + BASE_NAME =3D RedfishPlatformCredentialLibNull > + FILE_GUID =3D CA3BD843-0BDD-4EE0-A38A-B45CA663114= F > + MODULE_TYPE =3D DXE_DRIVER > + VERSION_STRING =3D 1.0 > + LIBRARY_CLASS =3D RedfishPlatformCredentialLib > + > +# > +# VALID_ARCHITECTURES =3D IA32 X64 ARM AARCH64 RISCV64 > +# > + > +[Sources] > + PlatformCredentialLibNull.c > + > +[Packages] > + MdePkg/MdePkg.dec > + MdeModulePkg/MdeModulePkg.dec > + RedfishPkg/RedfishPkg.dec > + > + > diff --git a/RedfishPkg/Redfish.fdf.inc b/RedfishPkg/Redfish.fdf.inc > index 19de479a80..24e32e0abf 100644 > --- a/RedfishPkg/Redfish.fdf.inc > +++ b/RedfishPkg/Redfish.fdf.inc > @@ -13,4 +13,5 @@ > !if $(REDFISH_ENABLE) =3D=3D TRUE > INF RedfishPkg/RestJsonStructureDxe/RestJsonStructureDxe.inf > INF RedfishPkg/RedfishHostInterfaceDxe/RedfishHostInterfaceDxe.inf > + INF RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.inf > !endif > diff --git a/RedfishPkg/RedfishComponents.dsc.inc > b/RedfishPkg/RedfishComponents.dsc.inc > index ac1b57ed8f..ff32653ec8 100644 > --- a/RedfishPkg/RedfishComponents.dsc.inc > +++ b/RedfishPkg/RedfishComponents.dsc.inc > @@ -15,4 +15,5 @@ > !if $(REDFISH_ENABLE) =3D=3D TRUE > RedfishPkg/RestJsonStructureDxe/RestJsonStructureDxe.inf > RedfishPkg/RedfishHostInterfaceDxe/RedfishHostInterfaceDxe.inf > + RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.inf > !endif > diff --git a/RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.c > b/RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.c > new file mode 100644 > index 0000000000..f48d1d011c > --- /dev/null > +++ b/RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.c > @@ -0,0 +1,209 @@ > +/** @file > + RedfishCrentialDxe produces the EdkIIRedfishCredentialProtocol for the > consumer > + to get the Redfish credential Info and to restrict Redfish access from= UEFI > side. > + > + (C) Copyright 2020 Hewlett Packard Enterprise Development LP
> + > + SPDX-License-Identifier: BSD-2-Clause-Patent > + > +**/ > + > +#include > + > +EDKII_REDFISH_CREDENTIAL_PROTOCOL mRedfishCredentialProtocol =3D { > + RedfishCredentialGetAuthInfo, > + RedfishCredentialStopService > +}; > + > +/** > + Callback function executed when the ExitBootServices event group is > signaled. > + > + @param[in] Event Event whose notification function is being invoke= d. > + @param[out] Context Pointer to the buffer pass in. > +**/ > +VOID > +EFIAPI > +RedfishCredentialExitBootServicesEventNotify ( > + IN EFI_EVENT Event, > + OUT VOID *Context > + ) > +{ > + LibCredentialExitBootServicesNotify > ((EDKII_REDFISH_CREDENTIAL_PROTOCOL *)Context); > +} > + > +/** > + Callback function executed when the EndOfDxe event group is signaled. > + > + @param[in] Event Event whose notification function is being invoke= d. > + @param[out] Context Pointer to the buffer pass in. > +**/ > +VOID > +EFIAPI > +RedfishCredentialEndOfDxeEventNotify ( > + IN EFI_EVENT Event, > + OUT VOID *Context > + ) > +{ > + LibCredentialEndOfDxeNotify ((EDKII_REDFISH_CREDENTIAL_PROTOCOL > *)Context); > + > + // > + // Close event, so it will not be invoked again. > + // > + gBS->CloseEvent (Event); > +} > + > +/** > + Retrieve platform's Redfish authentication information. > + > + This functions returns the Redfish authentication method together with > the user Id and > + password. > + - For AuthMethodNone, the UserId and Password could be used for HTTP > header authentication > + as defined by RFC7235. > + - For AuthMethodRedfishSession, the UserId and Password could be used > for Redfish > + session login as defined by Redfish API specification (DSP0266). > + > + Callers are responsible for and freeing the returned string storage. > + > + @param[in] This Pointer to > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > + @param[out] AuthMethod Type of Redfish authentication method= . > + @param[out] UserId The pointer to store the returned Use= rId > string. > + @param[out] Password The pointer to store the returned Pas= sword > string. > + > + @retval EFI_SUCCESS Get the authentication information > successfully. > + @retval EFI_ACCESS_DENIED SecureBoot is disabled after EndOfDxe= . > + @retval EFI_INVALID_PARAMETER This or AuthMethod or UserId or > Password is NULL. > + @retval EFI_OUT_OF_RESOURCES There are not enough memory > resources. > + @retval EFI_UNSUPPORTED Unsupported authentication method is > found. > + > +**/ > +EFI_STATUS > +EFIAPI > +RedfishCredentialGetAuthInfo ( > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > + OUT EDKII_REDFISH_AUTH_METHOD *AuthMethod, > + OUT CHAR8 **UserId, > + OUT CHAR8 **Password > + ) > +{ > + if (This =3D=3D NULL || AuthMethod =3D=3D NULL || UserId =3D=3D NULL |= | Password > =3D=3D NULL) { > + return EFI_INVALID_PARAMETER; > + } > + > + return LibCredentialGetAuthInfo (This, AuthMethod, UserId,Password); > +} > + > +/** > + Notify the Redfish service provide to stop provide configuration servi= ce to > this platform. > + > + This function should be called when the platfrom is about to leave the= safe > environment. > + It will notify the Redfish service provider to abort all logined sessi= on, and > prohibit > + further login with original auth info. GetAuthInfo() will return > EFI_UNSUPPORTED once this > + function is returned. > + > + @param[in] This Pointer to > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > + @param[in] ServiceStopType Reason of stopping Redfish service. > + > + @retval EFI_SUCCESS Service has been stoped successfully. > + @retval EFI_INVALID_PARAMETER This is NULL or given the worng > ServiceStopType. > + @retval EFI_UNSUPPORTED Not support to stop Redfish service. > + @retval Others Some error happened. > + > +**/ > +EFI_STATUS > +EFIAPI > +RedfishCredentialStopService ( > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > + IN EDKII_REDFISH_CREDENTIAL_STOP_SERVICE_TYPE ServiceStopType > + ) > +{ > + if (This =3D=3D NULL) { > + return EFI_INVALID_PARAMETER; > + } > + > + return LibStopRedfishService (This, ServiceStopType); > +} > + > +/** > + Main entry for this driver. > + > + @param ImageHandle Image handle this driver. > + @param SystemTable Pointer to SystemTable. > + > + @retval EFI_SUCESS This function always complete successfully. > + > +**/ > +EFI_STATUS > +EFIAPI > +RedfishCredentialDxeDriverEntryPoint ( > + IN EFI_HANDLE ImageHandle, > + IN EFI_SYSTEM_TABLE *SystemTable > + ) > +{ > + EFI_STATUS Status; > + EFI_HANDLE Handle; > + EFI_EVENT EndOfDxeEvent; > + EFI_EVENT ExitBootServiceEvent; > + > + Handle =3D NULL; > + > + // > + // Install the RedfishCredentialProtocol onto Handle. > + // > + Status =3D gBS->InstallMultipleProtocolInterfaces ( > + &Handle, > + &gEdkIIRedfishCredentialProtocolGuid, > + &mRedfishCredentialProtocol, > + NULL > + ); > + if (EFI_ERROR (Status)) { > + return Status; > + } > + > + // > + // After EndOfDxe, if SecureBoot is disabled, Redfish Credential Proto= col > should return > + // error code to caller to avoid the 3rd code to bypass Redfish Creden= tial > Protocol and > + // retrieve userid/pwd directly. So, here, we create EndOfDxe Event to > check SecureBoot > + // status. > + // > + Status =3D gBS->CreateEventEx ( > + EVT_NOTIFY_SIGNAL, > + TPL_CALLBACK, > + RedfishCredentialEndOfDxeEventNotify, > + (VOID *)&mRedfishCredentialProtocol, > + &gEfiEndOfDxeEventGroupGuid, > + &EndOfDxeEvent > + ); > + if (EFI_ERROR (Status)) { > + goto ON_ERROR; > + } > + > + // > + // After ExitBootServices, Redfish Credential Protocol should stop the > service. > + // So, here, we create ExitBootService Event to stop service. > + // > + Status =3D gBS->CreateEventEx ( > + EVT_NOTIFY_SIGNAL, > + TPL_CALLBACK, > + RedfishCredentialExitBootServicesEventNotify, > + (VOID *)&mRedfishCredentialProtocol, > + &gEfiEventExitBootServicesGuid, > + &ExitBootServiceEvent > + ); > + if (EFI_ERROR (Status)) { > + gBS->CloseEvent (EndOfDxeEvent); > + goto ON_ERROR; > + } > + > + return EFI_SUCCESS; > + > +ON_ERROR: > + > + gBS->UninstallMultipleProtocolInterfaces ( > + Handle, > + &gEdkIIRedfishCredentialProtocolGuid, > + &mRedfishCredentialProtocol, > + NULL > + ); > + > + return Status; > +} > diff --git a/RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.h > b/RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.h > new file mode 100644 > index 0000000000..6e7e417b33 > --- /dev/null > +++ b/RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.h > @@ -0,0 +1,75 @@ > +/** @file > + Definition of Redfish Credential DXE driver. > + > + (C) Copyright 2020 Hewlett Packard Enterprise Development LP
> + > + SPDX-License-Identifier: BSD-2-Clause-Patent > + > +**/ > +#ifndef EDKII_REDFISH_CREDENTIAL_DXE_H_ > +#define EDKII_REDFISH_CREDENTIAL_DXE_H_ > + > +#include > + > +#include > +#include > +#include > +#include > +#include > +#include > + > +/** > + Retrieve platform's Redfish authentication information. > + > + This functions returns the Redfish authentication method together with > the user Id and > + password. > + - For AuthMethodNone, the UserId and Password could be used for HTTP > header authentication > + as defined by RFC7235. > + - For AuthMethodRedfishSession, the UserId and Password could be used > for Redfish > + session login as defined by Redfish API specification (DSP0266). > + > + Callers are responsible for and freeing the returned string storage. > + > + @param[in] This Pointer to > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > + @param[out] AuthMethod Type of Redfish authentication method= . > + @param[out] UserId The pointer to store the returned Use= rId > string. > + @param[out] Password The pointer to store the returned Pas= sword > string. > + > + @retval EFI_SUCCESS Get the authentication information > successfully. > + @retval EFI_ACCESS_DENIED SecureBoot is disabled after EndOfDxe= . > + @retval EFI_INVALID_PARAMETER This or AuthMethod or UserId or > Password is NULL. > + @retval EFI_OUT_OF_RESOURCES There are not enough memory > resources. > + @retval EFI_UNSUPPORTED Unsupported authentication method is > found. > + > +**/ > +EFI_STATUS > +EFIAPI > +RedfishCredentialGetAuthInfo ( > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > + OUT EDKII_REDFISH_AUTH_METHOD *AuthMethod, > + OUT CHAR8 **UserId, > + OUT CHAR8 **Password > + ); > + > +/** > + Notify the Redfish service provide to stop provide configuration servi= ce to > this platform. > + > + This function should be called when the platfrom is about to leave the= safe > environment. > + It will notify the Redfish service provider to abort all logined sessi= on, and > prohibit > + further login with original auth info. GetAuthInfo() will return > EFI_UNSUPPORTED once this > + function is returned. > + > + @param[in] This Pointer to > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > + > + @retval EFI_SUCCESS Service has been stoped successfully. > + @retval EFI_INVALID_PARAMETER This is NULL. > + @retval Others Some error happened. > + > +**/ > +EFI_STATUS > +EFIAPI > +RedfishCredentialStopService ( > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > + IN EDKII_REDFISH_CREDENTIAL_STOP_SERVICE_TYPE ServiceStopType > + ); > +#endif > diff --git a/RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.inf > b/RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.inf > new file mode 100644 > index 0000000000..707d9a04d9 > --- /dev/null > +++ b/RedfishPkg/RedfishCredentialDxe/RedfishCredentialDxe.inf > @@ -0,0 +1,51 @@ > +## @file > +# RedfishCredentialDxe is required to produce the > +# EdkII RedfishCredentialProtocol for the consumer to get the Redfish > +# credential Info and to restrict Redfish access from UEFI side. > +# > +# (C) Copyright 2020 Hewlett Packard Enterprise Development LP
> +# SPDX-License-Identifier: BSD-2-Clause-Patent > +# > +## > + > +[Defines] > + INF_VERSION =3D 0x0001000b > + BASE_NAME =3D RedfishCredentialDxe > + FILE_GUID =3D 458CE95A-4942-09A9-5D21-A6B16D5DAD7= F > + MODULE_TYPE =3D DXE_DRIVER > + VERSION_STRING =3D 1.0 > + ENTRY_POINT =3D RedfishCredentialDxeDriverEntryPoin= t > + > +# > +# VALID_ARCHITECTURES =3D IA32 X64 ARM AARCH64 RISCV64 > +# > + > +[Sources] > + RedfishCredentialDxe.c > + RedfishCredentialDxe.h > + > +[Packages] > + MdePkg/MdePkg.dec > + MdeModulePkg/MdeModulePkg.dec > + RedfishPkg/RedfishPkg.dec > + > +[LibraryClasses] > + BaseLib > + DebugLib > + PrintLib > + RedfishPlatformCredentialLib > + UefiBootServicesTableLib > + UefiDriverEntryPoint > + UefiRuntimeServicesTableLib > + UefiLib > + > +[Protocols] > + gEdkIIRedfishCredentialProtocolGuid ## BY_START > + > + > +[Guids] > + gEfiEndOfDxeEventGroupGuid ## CONSUMES ## Event > + gEfiEventExitBootServicesGuid ## CONSUMES ## Event > + > +[Depex] > + TRUE > diff --git a/RedfishPkg/RedfishPkg.dec b/RedfishPkg/RedfishPkg.dec > index 861f6dd0c8..fc56b4fefb 100644 > --- a/RedfishPkg/RedfishPkg.dec > +++ b/RedfishPkg/RedfishPkg.dec > @@ -21,6 +21,10 @@ > # Platform implementation-specific Redfish Host Interface. >=20 > RedfishPlatformHostInterfaceLib|Include/Library/RedfishHostInterfaceLib.h >=20 > + ## @libraryclass Platform Redfish Credential Library > + # Platform implementation-specific Redfish Credential Interface. > + RedfishPlatformCredentialLib|Include/Library/RedfishCredentialLib.h > + > [Protocols] > ## Include/Protocol/RedfishDiscover.h > gEfiRedfishDiscoverProtocolGuid =3D { 0x5db12509, 0x4550, 0x4347,= { 0x96, > 0xb3, 0x73, 0xc0, 0xff, 0x6e, 0x86, 0x9f }} > diff --git a/RedfishPkg/RedfishPkg.dsc b/RedfishPkg/RedfishPkg.dsc > index 94e7127bc6..f7d5b90918 100644 > --- a/RedfishPkg/RedfishPkg.dsc > +++ b/RedfishPkg/RedfishPkg.dsc > @@ -32,6 +32,7 @@ >=20 > DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/Bas > eDebugPrintErrorLevelLib.inf > PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf >=20 > RedfishPlatformHostInterfaceLib|RedfishPkg/Library/PlatformHostInterface > LibNull/PlatformHostInterfaceLibNull.inf > + > RedfishPlatformCredentialLib|RedfishPkg/Library/PlatformCredentialLibNull= / > PlatformCredentialLibNull.inf >=20 > [LibraryClasses.ARM, LibraryClasses.AARCH64] > # > @@ -43,5 +44,6 @@ >=20 > [Components] >=20 > RedfishPkg/Library/PlatformHostInterfaceLibNull/PlatformHostInterfaceLibN > ull.inf > + > RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNull.in= f >=20 > !include RedfishPkg/Redfish.dsc.inc > -- > 2.17.1