From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (NAM10-MW2-obe.outbound.protection.outlook.com [40.107.94.80]) by mx.groups.io with SMTP id smtpd.web10.7247.1678342760970507809 for ; Wed, 08 Mar 2023 22:19:21 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@amd.com header.s=selector1 header.b=M+VASPHB; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.94.80, mailfrom: abner.chang@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=KJAe00PQobkQ5C1USpcuvapT9doJHmEi03mO5mmBhBEftXbMni1Q6cOwpWAF89t5c3+sIuoa+tt3EaF8DN094YM/OHH4DXC+pQgT8lyl+rgvahl72HHMKLhcmS0pGWxXCBRYCkpdb+Uue7sX7LSFFOVq9EAgmqGNUhdXMghml+WbRIMG7l6jn5aHFN3hi0qqJEw5qsv2gGV1KR4/VQxWLTURvSLgTRVkHL6HjZcVCC2+QQfW7U/hAOA14t4AIYuWs3y2oZxMOyekxXRmUEBFdNP5NxiYEASW47S8JG1pWNSpTMbKXJpdSOpcylQcAjtxf5I20rdfx/iC6O7yXIOEuQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=V1sYSi4/L7dfZYjPFtYFPQUmesW8/ZFz52nVLkn2UjI=; b=htK2ZO+6EU5MI0wLgyQqHUz+/KnzY3/mWEJL96bVEJKSYR0tVF25OxxPXQLe9zZaP4P0GS1s1NIVZCnzeCfReiiTIAlAd/dQUqm5WuwXiCPoTnreSq0zUwOK0pK6wT9lN86k0Eu/+end3acSYLBrQX1/PJ8joBP229ZialuL3aHm+T3FeYxI4KL4LKPvYqXxnT2rdfLQ/rKpIl70eDYRqaJ+1RQNlIbEJx1bPzHtrlgl7INi8tcSEEh2FNd2+iJ7zOwz+/ONSUx+0SPKHDcSjI4ziUVoCwG2LcsJI/hqyBIpUqevLg6V0p+Ve67BMpaK5i4kow6KvCTTvVhj/jIaIg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=V1sYSi4/L7dfZYjPFtYFPQUmesW8/ZFz52nVLkn2UjI=; b=M+VASPHBdKagtuCkM0a9+fNxzZpdFEBPyrsvkytqymfIMmgF+2o3jbQ1MTkqbpBBD/QfKefkpnn7nD44P8wrvPTsLivlGRjt5ENOkGOGAj6WkCGSR2VE5YissEDs4FfJXakis0FPNYotHFWpdRR5x88f6gqXxOKNQOwgo+XkA2Y= Received: from MN2PR12MB3966.namprd12.prod.outlook.com (2603:10b6:208:165::18) by MW4PR12MB7165.namprd12.prod.outlook.com (2603:10b6:303:21b::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6178.17; Thu, 9 Mar 2023 06:19:16 +0000 Received: from MN2PR12MB3966.namprd12.prod.outlook.com ([fe80::8136:1f56:53e5:6fe]) by MN2PR12MB3966.namprd12.prod.outlook.com ([fe80::8136:1f56:53e5:6fe%3]) with mapi id 15.20.6156.028; Thu, 9 Mar 2023 06:19:16 +0000 From: "Chang, Abner" To: Nickle Wang , "devel@edk2.groups.io" CC: Igor Kulchytskyy , Nick Ramirez Subject: Re: [PATCH] RedfishPkg/RedfishPlatformCredentialIpmiLib: IPMI implementation Thread-Topic: [PATCH] RedfishPkg/RedfishPlatformCredentialIpmiLib: IPMI implementation Thread-Index: AQHZUY6oyCiXkUdbiEegC0xc7ayBC67x5kZAgAAMMwCAAAhUcA== Date: Thu, 9 Mar 2023 06:19:16 +0000 Message-ID: References: <20230308072048.354-1-nicklew@nvidia.com> In-Reply-To: Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: msip_labels: MSIP_Label_4342314e-0df4-4b58-84bf-38bed6170a0f_Enabled=true; MSIP_Label_4342314e-0df4-4b58-84bf-38bed6170a0f_SetDate=2023-03-09T06:19:13Z; MSIP_Label_4342314e-0df4-4b58-84bf-38bed6170a0f_Method=Standard; MSIP_Label_4342314e-0df4-4b58-84bf-38bed6170a0f_Name=General; MSIP_Label_4342314e-0df4-4b58-84bf-38bed6170a0f_SiteId=3dd8961f-e488-4e60-8e11-a82d994e183d; MSIP_Label_4342314e-0df4-4b58-84bf-38bed6170a0f_ActionId=f5902322-68f8-4d8b-acdf-224349eb72a4; MSIP_Label_4342314e-0df4-4b58-84bf-38bed6170a0f_ContentBits=1 authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=amd.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: MN2PR12MB3966:EE_|MW4PR12MB7165:EE_ x-ms-office365-filtering-correlation-id: 922a3672-df13-4268-0b49-08db2066359f x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: z0k009w9eJQg0O7EWN33hxYHFzmvSSdEW4oJDzOHX9xi95dlGI4DRAefzwLkrCdD3jJaauQLkvpvLQrytw6AYfGzCdhAEMbFxP/ZO6cL3TiRVb6wRrbB0ZHaKucdT0HB1EZUs0PDc1lNQUjCAzxagkZVI+4o8XWa/K2GXxtztHCKFJQ7XtwdX5dhyaTPyHUGiEKsIVqmN1uAmVK4u/JFoNva3C57IivUnVAFBZBw7RlCkbldbkzPIrM2dq0/ii2tJPk2m1aRSZuXFKSyw+xOsmDHJV47UcogDZ8yz2n5NP9PZJGaeRPEKOIJryGqfELLBsdg7D+Ytz16A0xt6vr+z00VNIyUR0rvVStuAhXy4H1ZK+Ja7VqtasE1bQ3nQlu2XUmTQMzdeveVKQmHYRIkXl8/o44ZF+0/F2C2+CvqImzoO5O5bY+kR2lSNEnJ/EEB+zNvjY9cSHRMX4AQVLVFdDwdddwjR8dL15MRsea2j7HRddDVetD0gpX8I2Ur2MJbiRPNkUn6N4LT3QlepF0mBivaNmSXLPx6zZ/nJRW+90UtkEOIdv1197PPqtRuAgnnTdFK+PNg/Z4TDy4b7yLQQUkhJnNJExAMKTfNnnAH9HMli306Rq1u5WCq/qTI4hw937EgZ2bYaUsH9sdfSkgKSezpeJO7WowlGRCoqNDsT2R8K9cM9pwGVz4X3hD8I3okv2ha7xtDxFgd2QQiSHIMycj2loLFN8CTi2lvY4eB3hs= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MN2PR12MB3966.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230025)(4636009)(346002)(136003)(396003)(376002)(39860400002)(366004)(451199018)(54906003)(110136005)(33656002)(6506007)(26005)(478600001)(38100700002)(186003)(86362001)(38070700005)(55016003)(83380400001)(53546011)(9686003)(122000001)(7696005)(45080400002)(5660300002)(8936002)(316002)(52536014)(71200400001)(4326008)(76116006)(41300700001)(2906002)(66946007)(66556008)(66476007)(30864003)(8676002)(66446008)(64756008)(213903007)(559001)(579004);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?JDXi680Sx3S5hE5UrlNGbYwCecAaIeCuCEqgxcCevJeTxvFMpL32hDKkPlsO?= =?us-ascii?Q?umsDMQScpafvtHXQIi+iBJ+K2aX6b7OT+8ndNYOqHGpQQoOlgwHCfSxBd54C?= =?us-ascii?Q?+w/k0dXr4eA37YGLVn8zLlnTB76PdlsCVMtQDUAlfaNR/3Pzx+QoQ5dq1Fxd?= =?us-ascii?Q?c0tg+bbWCqwWDK/FVqhHQxaQgEzUdmu5wNgA6oEiJj6efGkYhu9hFG44GEHb?= =?us-ascii?Q?PAqCo4Tbg0D6MRiifGzE3nRMKBlReagDz27U19BZ4qyuIIf+cDQP6TdO+C2i?= =?us-ascii?Q?j8TsLXMCrzrrphza6UaPzsIa6mW1K4r7GBZrbnHf6xqKIP+zX7b/mRlN78Uz?= =?us-ascii?Q?16HkEUPxHxyNT4htHmx64huqtTLZwgpbF0HDt/NUgLM0tLzQAmeId4A57bQc?= =?us-ascii?Q?suGHmR6KTA3qF3brp8o982gTgFzymIzJs0kBqjp01xtRxvq5xJWaM2yxcw1T?= =?us-ascii?Q?OFryyLA8c3WC6am8CEZ1k94445PyBDF8XmITOWgcvh12xGKNTbs/EGcCAk9c?= =?us-ascii?Q?E1TYsO0wM6JTgp0SC2hZx6N8sXXdkaWj88awWU7bVljGaa+1P7avjHTnUYHw?= =?us-ascii?Q?nZPgrgNNT4lXB2XE8qqXu4wn7lQyTtzY8DZ+VBpyT95jrDXLbJt1eTEjg2WN?= =?us-ascii?Q?kUA98BzM/BbstwT7ldnFRE50f4i637+Lmb+cxnv2beHMHcdW6qn5ae0ULaGD?= =?us-ascii?Q?O7bon7BsmVjixCZCzarOKMKh4z408CwfoV72p3qe3LD+b3eCXty6mtlbwlbk?= =?us-ascii?Q?a4akrR/EW+m2rIYLCGdJ9W9cK9qV4ftqbgu2nNNh5cMd21yEF91jdZrE28LC?= =?us-ascii?Q?GXKiN3hVdG1kHIHpt6P4WyOxeLOeB2ok3/EL6J/238jReCcCoL8xTxBQPIMv?= =?us-ascii?Q?7fnjDUf/Lew3Xh5BOtH8QMM5Temui/+LWv5n5yl2g5ff+yudOyR2okjF+HN8?= =?us-ascii?Q?teo45a1ZPxLrWutm6oRWNek7hDQNNWIVWxmsNuXWWKQd/tjy3VdnB6u65gfk?= =?us-ascii?Q?HDc+dMfpL6RocKp6bMC0sF9+wfmDTdOFFlSZdzdjV/UQiqD038+Kfrxeivz/?= =?us-ascii?Q?Tt+cZJyNLqB3VSe1Zd3gqapQ0yHM7PLuFq51436PFfnAvxTN43Ct5lJvUSfE?= =?us-ascii?Q?zchPY7dLv1LHnF63q6WFj2lHikNodswKFjdaGvX4i0bf+LoZnVwEQUUy6N+a?= =?us-ascii?Q?67McwBzu4GGHoQo9w8JeUXk6eYVJPwyQT1DT2FWRmaJAV+BYgKBhbxJYWlZ0?= =?us-ascii?Q?2irLuTrnME8Bmux6H7H4fOf7wKewQ2ILEDAxEL/RnTf5jJmdlhPB7zEeJWRr?= =?us-ascii?Q?Z3OfeGian2hQu6hy6I59Rxbn6A/OLRxvs+ql6BWURikrI5L3oudckY0moKF5?= =?us-ascii?Q?BLgitFWwNqqplzrCJAhp7z5xS4+/Mzx/r3nJfkmIm6ZBgzNE5ZgljNCiXMwd?= =?us-ascii?Q?JtLOuN0M6j/NMdojG0oF6n02HCmYRoc7zmgBYkF0GYtIaF+gHJV4TtcZvdBN?= =?us-ascii?Q?mDMZNhjzY6Kdf7jj0+l2NG4G1OJ6G60Fa/C1PDLn1b22xnstSoU1V2elHQgG?= =?us-ascii?Q?tn0m5+OeempEM4Pt6YYJLqwi+Swhct4bb6pAtdmG?= MIME-Version: 1.0 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MN2PR12MB3966.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 922a3672-df13-4268-0b49-08db2066359f X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Mar 2023 06:19:16.0957 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: qnm12SIoUib72IPougIyGTl9o4dO5mZQsE9IGWIYrtLf+C9lvt9yvfMC9hBPkIyBhhicQO0l+wODLGFvH0AuLA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW4PR12MB7165 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable [AMD Official Use Only - General] > -----Original Message----- > From: Nickle Wang > Sent: Thursday, March 9, 2023 1:49 PM > To: Chang, Abner ; devel@edk2.groups.io > Cc: Igor Kulchytskyy ; Nick Ramirez > > Subject: RE: [PATCH] RedfishPkg/RedfishPlatformCredentialIpmiLib: IPMI > implementation >=20 > Caution: This message originated from an External Source. Use proper > caution when opening attachments, clicking links, or responding. >=20 >=20 > Hi Abner, >=20 > Thanks for your review. >=20 > >> + // > >> + // Get bootstrap credential from variable first // Status =3D > >> + GetBootstrapAccountCredentialsFromVariable (*UserId, *Password); > >> + if (!EFI_ERROR (Status)) { > >> + return EFI_SUCCESS; > >> + } > > I think the process should keep going if the error status is EFI_NOT_FO= UND? > Besides this, all others look fine to me. >=20 > This function turns EFI_SUCCESS when we can get credentials from variable= . > If it failed (including EFI_NOT_FOUND), the process will move forward and > get credentials via IPMI command. Ah I see. My mistake of reading the code. >=20 > > BTW, how about the conclusions we had in the previous discussion? Which > is to probe "/redfish/v1/Systems" to get the supported authentication > method? Is this idea is valid? >=20 > This must be done in RedfishCredentailDxe driver. I will create separated > patch to address this comment. Got it. Thanks Abner >=20 > Regards, > Nickle >=20 > -----Original Message----- > From: Chang, Abner > Sent: Thursday, March 9, 2023 1:23 PM > To: Nickle Wang ; devel@edk2.groups.io > Cc: Igor Kulchytskyy ; Nick Ramirez > > Subject: RE: [PATCH] RedfishPkg/RedfishPlatformCredentialIpmiLib: IPMI > implementation >=20 > External email: Use caution opening links or attachments >=20 >=20 > [AMD Official Use Only - General] >=20 > Hi Nickle, > My comments in below, >=20 > > -----Original Message----- > > From: Nickle Wang > > Sent: Wednesday, March 8, 2023 3:21 PM > > To: devel@edk2.groups.io > > Cc: Chang, Abner ; Igor Kulchytskyy > > ; Nick Ramirez > > Subject: [PATCH] RedfishPkg/RedfishPlatformCredentialIpmiLib: IPMI > > implementation > > > > Caution: This message originated from an External Source. Use proper > > caution when opening attachments, clicking links, or responding. > > > > > > This library follows Redfish Host Interface specification and use IPMI > > command to get bootstrap account credential(NetFn 2Ch, Command 02h) > > from BMC. RedfishHostInterfaceDxe will use this credential for the > > following communication between BIOS and BMC. > > > > Signed-off-by: Nickle Wang > > Cc: Abner Chang > > Cc: Igor Kulchytskyy > > Cc: Nick Ramirez > > --- > > .../RedfishPlatformCredentialIpmiLib.c | 443 ++++++++++++++++++ > > .../RedfishPlatformCredentialIpmiLib.h | 86 ++++ > > .../RedfishPlatformCredentialIpmiLib.inf | 42 ++ > > RedfishPkg/RedfishPkg.dec | 7 + > > RedfishPkg/RedfishPkg.dsc | 2 + > > 5 files changed, 580 insertions(+) > > create mode 100644 > > > RedfishPkg/Library/RedfishPlatformCredentialIpmi/RedfishPlatformCreden > > ti > > alIpmiLib.c > > create mode 100644 > > > RedfishPkg/Library/RedfishPlatformCredentialIpmi/RedfishPlatformCreden > > ti > > alIpmiLib.h > > create mode 100644 > > > RedfishPkg/Library/RedfishPlatformCredentialIpmi/RedfishPlatformCreden > > ti > > alIpmiLib.inf > > > > diff --git > > a/RedfishPkg/Library/RedfishPlatformCredentialIpmi/RedfishPlatformCred > > e > > ntialIpmiLib.c > > b/RedfishPkg/Library/RedfishPlatformCredentialIpmi/RedfishPlatformCred > > e > > ntialIpmiLib.c > > new file mode 100644 > > index 0000000000..2706b8508b > > --- /dev/null > > +++ b/RedfishPkg/Library/RedfishPlatformCredentialIpmi/RedfishPlatform > > +++ Cr > > +++ edentialIpmiLib.c > > @@ -0,0 +1,443 @@ > > +/** @file > > + Implementation of getting bootstrap credential via IPMI. > > + > > + Copyright (c) 2022-2023 NVIDIA CORPORATION & AFFILIATES. All rights > > reserved. > > + > > + SPDX-License-Identifier: BSD-2-Clause-Patent > > + > > + @par Specification Reference: > > + - Redfish Host Interface Specification > > + > > > +(https://nam11.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fw > w > > > +w.dmtf.org%2Fsites%2Fdefault%2Ffiles%2Fstandards%2Fdocuments%2FDS > P027 > > > +0&data=3D05%7C01%7Cnicklew%40nvidia.com%7C623e0d3c9ed04505bb0e08 > db205e5 > > > +bc6%7C43083d15727340c1b7db39efd9ccc17a%7C0%7C0%7C63813936186784 > 1554%7 > > > +CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLC > JBTiI6Ik > > > +1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=3DSHkhXpaxboVMDD > WipEgzgNg5TN > > +54lzWAs8Xn%2F8T1cNk%3D&reserved=3D0 > > _1 > > +.3.0.pdf) > > +**/ > > + > > +#include "RedfishPlatformCredentialIpmiLib.h" > > + > > +// > > +// Global flag of controlling credential service // BOOLEAN > > +mRedfishServiceStopped =3D FALSE; > > + > > +/** > > + Notify the Redfish service provide to stop provide configuration > > +service to > > this platform. > > + > > + This function should be called when the platform is about to leave > > + the safe > > environment. > > + It will notify the Redfish service provider to abort all login > > + session, and prohibit further login with original auth info. > > + GetAuthInfo() will return EFI_UNSUPPORTED once this function is > > returned. > > + > > + @param[in] This Pointer to > > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > > + @param[in] ServiceStopType Reason of stopping Redfish service. > > + > > + @retval EFI_SUCCESS Service has been stoped successfull= y. > > + @retval EFI_INVALID_PARAMETER This is NULL. > > + @retval Others Some error happened. > > + > > +**/ > > +EFI_STATUS > > +EFIAPI > > +LibStopRedfishService ( > > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > > + IN EDKII_REDFISH_CREDENTIAL_STOP_SERVICE_TYPE > ServiceStopType > > + ) > > +{ > > + EFI_STATUS Status; > > + > > + if ((ServiceStopType <=3D ServiceStopTypeNone) || (ServiceStopType >= =3D > > ServiceStopTypeMax)) { > > + return EFI_INVALID_PARAMETER; > > + } > > + > > + // > > + // Only stop credential service after leaving BIOS // if > > + (ServiceStopType !=3D ServiceStopTypeExitBootService) { > > + return EFI_UNSUPPORTED; > > + } > > + > > + // > > + // Raise flag first > > + // > > + mRedfishServiceStopped =3D TRUE; > > + > > + // > > + // Notify BMC to disable credential bootstrapping support. > > + // > > + if (PcdGetBool (PcdRedfishDisableBootstrapCredentialService)) { > > + Status =3D GetBootstrapAccountCredentials (TRUE, NULL, NULL); > > + if (EFI_ERROR (Status)) { > > + DEBUG ((DEBUG_ERROR, "%a: fail to disable bootstrap credential: > > + %r\n", > > __FUNCTION__, Status)); > > + return Status; > > + } > > + } > > + > > + // > > + // Delete cached variable > > + // > > + Status =3D SetBootstrapAccountCredentialsToVariable (NULL, NULL, > > + TRUE); if (EFI_ERROR (Status)) { > > + DEBUG ((DEBUG_ERROR, "%a: fail to remove bootstrap credential: > > + %r\n", __FUNCTION__, Status)); } > > + > > + DEBUG ((DEBUG_INFO, "%a: bootstrap credential service stopped\n", > > + __FUNCTION__)); > > + > > + return EFI_SUCCESS; > > +} > > + > > +/** > > + Notification of Exit Boot Service. > > + > > + @param[in] This Pointer to EDKII_REDFISH_CREDENTIAL_PROTOCOL. > > +**/ > > +VOID > > +EFIAPI > > +LibCredentialExitBootServicesNotify ( > > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This > > + ) > > +{ > > + // > > + // Stop the credential support when system is about to enter OS. > > + // > > + LibStopRedfishService (This, ServiceStopTypeExitBootService); } > > + > > +/** > > + Notification of End of DXe. > > + > > + @param[in] This Pointer to EDKII_REDFISH_CREDENTIAL_PROTOCOL. > > +**/ > > +VOID > > +EFIAPI > > +LibCredentialEndOfDxeNotify ( > > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This > > + ) > > +{ > > + // > > + // Do nothing now. > > + // We can stop credential support when system reach end-of-dxe for > > security reason. > > + // > > +} > > + > > +/** > > + Function to retrieve temporary user credentials for the UEFI > > +redfish client. This function can > > + also disable bootstrap credential service in BMC. > > + > > + @param[in] DisableBootstrapControl > > + TRUE - Tell the BMC to disable t= he bootstrap credential > > + service to ensure no one = else gains credentials > > + FALSE Allow the bootstrap > > + credential service to continue @param[in,out] BootstrapUsername > > + A pointer to a Ascii encoded > > + string for the credential > > username > > + When DisableBootstrapControl is > > + TRUE, this pointer can be NULL > > + > > + @param[in,out] BootstrapPassword > > + A pointer to a Ascii encoded > > + string for the credential > > password > > + When DisableBootstrapControl is > > + TRUE, this pointer can be NULL > > + > > + @retval EFI_SUCCESS Credentials were successfully fe= tched and > > returned. When DisableBootstrapControl > > + is set to TRUE, the bootstrap > > + credential service is > > disabled successfully. > > + @retval EFI_INVALID_PARAMETER BootstrapUsername or > > BootstrapPassword is NULL when DisableBootstrapControl > > + is set to FALSE > > + @retval EFI_DEVICE_ERROR An IPMI failure occurred > > +**/ > > +EFI_STATUS > > +GetBootstrapAccountCredentials ( > > + IN BOOLEAN DisableBootstrapControl, > > + IN OUT CHAR8 *BootstrapUsername, OPTIONAL > > + IN OUT CHAR8 *BootstrapPassword OPTIONAL > > + ) > > +{ > > + EFI_STATUS Status; > > + IPMI_BOOTSTRAP_CREDENTIALS_COMMAND_DATA CommandData; > > + IPMI_BOOTSTRAP_CREDENTIALS_RESULT_RESPONSE ResponseData; > > + UINT32 ResponseSize; > > + > > + // > > + // NULL buffer check > > + // > > + if (!DisableBootstrapControl && ((BootstrapUsername =3D=3D NULL) || > > (BootstrapPassword =3D=3D NULL))) { > > + return EFI_INVALID_PARAMETER; > > + } > > + > > + DEBUG ((DEBUG_VERBOSE, "%a: Disable bootstrap control: 0x%x\n", > > + __FUNCTION__, DisableBootstrapControl)); > > + > > + // > > + // IPMI callout to NetFn 2C, command 02 > > + // Request data: > > + // Byte 1: REDFISH_IPMI_GROUP_EXTENSION > > + // Byte 2: DisableBootstrapControl > > + // > > + CommandData.GroupExtensionId =3D > > REDFISH_IPMI_GROUP_EXTENSION; > > + CommandData.DisableBootstrapControl =3D (DisableBootstrapControl ? > > + REDFISH_IPMI_BOOTSTRAP_CREDENTIAL_DISABLE : > > + REDFISH_IPMI_BOOTSTRAP_CREDENTIAL_ENABLE); > > + > > + ResponseSize =3D sizeof (ResponseData); > > + > > + // > > + // Response data: > > + // Byte 1 : Completion code > > + // Byte 2 : REDFISH_IPMI_GROUP_EXTENSION > > + // Byte 3-18 : Username > > + // Byte 19-34: Password > > + // > > + Status =3D IpmiSubmitCommand ( > > + IPMI_NETFN_GROUP_EXT, > > + REDFISH_IPMI_GET_BOOTSTRAP_CREDENTIALS_CMD, > > + (UINT8 *)&CommandData, > > + sizeof (CommandData), > > + (UINT8 *)&ResponseData, > > + &ResponseSize > > + ); > > + > > + if (EFI_ERROR (Status)) { > > + DEBUG ((DEBUG_ERROR, "%a: IPMI transaction failure. Returning\n", > > __FUNCTION__)); > > + return Status; > > + } else { > > + if (ResponseData.CompletionCode !=3D IPMI_COMP_CODE_NORMAL) { > > + if (ResponseData.CompletionCode =3D=3D > > REDFISH_IPMI_COMP_CODE_BOOTSTRAP_CREDENTIAL_DISABLED) { > > + DEBUG ((DEBUG_ERROR, "%a: bootstrap credential support was > > disabled\n", __FUNCTION__)); > > + return EFI_ACCESS_DENIED; > > + } > > + > > + DEBUG ((DEBUG_ERROR, "%a: Completion code =3D 0x%x. Returning\n"= , > > __FUNCTION__, ResponseData.CompletionCode)); > > + return EFI_PROTOCOL_ERROR; > > + } else if (ResponseData.GroupExtensionId !=3D > > REDFISH_IPMI_GROUP_EXTENSION) { > > + DEBUG ((DEBUG_ERROR, "%a: Group Extension Response =3D 0x%x. > > Returning\n", __FUNCTION__, ResponseData.GroupExtensionId)); > > + return EFI_DEVICE_ERROR; > > + } else { > > + if (BootstrapUsername !=3D NULL) { > > + CopyMem (BootstrapUsername, ResponseData.Username, > > USERNAME_MAX_LENGTH); > > + // > > + // Manually append null-terminator in case 16 characters > > + username > > returned. > > + // > > + BootstrapUsername[USERNAME_MAX_LENGTH] =3D '\0'; > > + } > > + > > + if (BootstrapPassword !=3D NULL) { > > + CopyMem (BootstrapPassword, ResponseData.Password, > > PASSWORD_MAX_LENGTH); > > + // > > + // Manually append null-terminator in case 16 characters > > + password > > returned. > > + // > > + BootstrapPassword[PASSWORD_MAX_LENGTH] =3D '\0'; > > + } > > + } > > + } > > + > > + DEBUG ((DEBUG_INFO, "%a: get bootstrap credential via IPMI: %r\n", > > + __FUNCTION__, Status)); > > + > > + return Status; > > +} > > + > > +/** > > + Function to retrieve temporary user credentials from cached boot > > +time > > variable. > > + > > + @param[in,out] BootstrapUsername A pointer to a Ascii encoded str= ing > > for the credential username > > + @param[in,out] BootstrapPassword A pointer to a Ascii encoded str= ing > > for the credential password > > + > > + @retval EFI_SUCCESS Credentials were successfully fe= tched and > > returned > > + @retval EFI_INVALID_PARAMETER BootstrapUsername or > > BootstrapPassword is NULL > > + @retval EFI_NOT_FOUND No variable found for account an= d > > credentials > > +**/ > > +EFI_STATUS > > +GetBootstrapAccountCredentialsFromVariable ( > > + IN OUT CHAR8 *BootstrapUsername, > > + IN OUT CHAR8 *BootstrapPassword > > + ) > > +{ > > + EFI_STATUS Status; > > + BOOTSTRAP_CREDENTIALS_VARIABLE *CredentialVariable; > > + VOID *Data; > > + UINTN DataSize; > > + > > + if ((BootstrapUsername =3D=3D NULL) || (BootstrapPassword =3D=3D NUL= L)) { > > + return EFI_INVALID_PARAMETER; > > + } > > + > > + DataSize =3D 0; > > + Status =3D GetVariable2 ( > > + CREDENTIAL_VARIABLE_NAME, > > + &gEfiRedfishVariableGuid, > > + (VOID *)&Data, > > + &DataSize > > + ); > > + if (EFI_ERROR (Status)) { > > + return EFI_NOT_FOUND; > > + } > > + > > + if (DataSize !=3D sizeof (BOOTSTRAP_CREDENTIALS_VARIABLE)) { > > + DEBUG ((DEBUG_ERROR, "%a: data corruption. returned size: %d !=3D > > structure size: %d\n", __FUNCTION__, DataSize, sizeof > > (BOOTSTRAP_CREDENTIALS_VARIABLE))); > > + return EFI_NOT_FOUND; > > + } > > + > > + CredentialVariable =3D (BOOTSTRAP_CREDENTIALS_VARIABLE *)Data; > > + > > + AsciiStrCpyS (BootstrapUsername, USERNAME_MAX_SIZE, > > + CredentialVariable->Username); AsciiStrCpyS (BootstrapPassword, > > + PASSWORD_MAX_SIZE, CredentialVariable->Password); > > + > > + ZeroMem (CredentialVariable->Username, USERNAME_MAX_SIZE); > > ZeroMem > > + (CredentialVariable->Password, PASSWORD_MAX_SIZE); > > + > > + FreePool (Data); > > + > > + DEBUG ((DEBUG_INFO, "%a: get bootstrap credential from variable\n", > > + __FUNCTION__)); > > + > > + return EFI_SUCCESS; > > +} > > + > > +/** > > + Function to save temporary user credentials into boot time variable. > > +When DeleteVariable is True, > > + this function delete boot time variable. > > + > > + @param[in] BootstrapUsername A pointer to a Ascii encoded stri= ng > for > > the credential username. > > + @param[in] BootstrapPassword A pointer to a Ascii encoded stri= ng for > > the credential password. > > + @param[in] DeleteVariable True to remove boot time variable= . False > > otherwise. > > + > > + @retval EFI_SUCCESS Credentials were successfully sa= ved. > > + @retval EFI_INVALID_PARAMETER BootstrapUsername or > > BootstrapPassword is NULL > > + @retval Others Error occurs > > +**/ > > +EFI_STATUS > > +SetBootstrapAccountCredentialsToVariable ( > > + IN CHAR8 *BootstrapUsername, OPTIONAL > > + IN CHAR8 *BootstrapPassword, OPTIONAL > > + IN BOOLEAN DeleteVariable > > + ) > > +{ > > + EFI_STATUS Status; > > + BOOTSTRAP_CREDENTIALS_VARIABLE CredentialVariable; > > + VOID *Data; > > + > > + if (!DeleteVariable && ((BootstrapUsername =3D=3D NULL) || > > (BootstrapUsername[0] =3D=3D '\0'))) { > > + return EFI_INVALID_PARAMETER; > > + } > > + > > + if (!DeleteVariable && ((BootstrapPassword =3D=3D NULL) || > > (BootstrapPassword[0] =3D=3D '\0'))) { > > + return EFI_INVALID_PARAMETER; > > + } > > + > > + // > > + // Delete variable > > + // > > + if (DeleteVariable) { > > + Status =3D GetVariable2 ( > > + CREDENTIAL_VARIABLE_NAME, > > + &gEfiRedfishVariableGuid, > > + (VOID *)&Data, > > + NULL > > + ); > > + if (!EFI_ERROR (Status)) { > > + FreePool (Data); > > + gRT->SetVariable (CREDENTIAL_VARIABLE_NAME, > > &gEfiRedfishVariableGuid, EFI_VARIABLE_BOOTSERVICE_ACCESS, 0, NULL); > > + } > > + > > + return EFI_SUCCESS; > > + } > > + > > + ZeroMem (CredentialVariable.Username, USERNAME_MAX_SIZE); > > ZeroMem > > + (CredentialVariable.Password, PASSWORD_MAX_SIZE); > > + > > + AsciiStrCpyS (CredentialVariable.Username, USERNAME_MAX_SIZE, > > + BootstrapUsername); AsciiStrCpyS (CredentialVariable.Password, > > + PASSWORD_MAX_SIZE, BootstrapPassword); > > + > > + // > > + // Check if variable exists already. If yes, remove it first. > > + // > > + Status =3D GetVariable2 ( > > + CREDENTIAL_VARIABLE_NAME, > > + &gEfiRedfishVariableGuid, > > + (VOID *)&Data, > > + NULL > > + ); > > + if (!EFI_ERROR (Status)) { > > + FreePool (Data); > > + gRT->SetVariable (CREDENTIAL_VARIABLE_NAME, > > + &gEfiRedfishVariableGuid, EFI_VARIABLE_BOOTSERVICE_ACCESS, 0, > NULL); > > + } > > + > > + Status =3D gRT->SetVariable (CREDENTIAL_VARIABLE_NAME, > > + &gEfiRedfishVariableGuid, EFI_VARIABLE_BOOTSERVICE_ACCESS, sizeof > > + (BOOTSTRAP_CREDENTIALS_VARIABLE), (VOID *)&CredentialVariable); > > + > > + ZeroMem (CredentialVariable.Username, USERNAME_MAX_SIZE); > > ZeroMem > > + (CredentialVariable.Password, PASSWORD_MAX_SIZE); > > + > > + return Status; > > +} > > + > > +/** > > + Retrieve platform's Redfish authentication information. > > + > > + This functions returns the Redfish authentication method together > > + with the user Id and password. > > + - For AuthMethodNone, the UserId and Password could be used for > > + HTTP > > header authentication > > + as defined by RFC7235. > > + - For AuthMethodRedfishSession, the UserId and Password could be > > + used > > for Redfish > > + session login as defined by Redfish API specification (DSP0266). > > + > > + Callers are responsible for and freeing the returned string storage. > > + > > + @param[in] This Pointer to > > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > > + @param[out] AuthMethod Type of Redfish authentication meth= od. > > + @param[out] UserId The pointer to store the returned U= serId > > string. > > + @param[out] Password The pointer to store the returned > Password > > string. > > + > > + @retval EFI_SUCCESS Get the authentication information > > successfully. > > + @retval EFI_ACCESS_DENIED SecureBoot is disabled after EndOfD= xe. > > + @retval EFI_INVALID_PARAMETER This or AuthMethod or UserId or > > Password is NULL. > > + @retval EFI_OUT_OF_RESOURCES There are not enough memory > > resources. > > + @retval EFI_UNSUPPORTED Unsupported authentication method i= s > > found. > > + > > +**/ > > +EFI_STATUS > > +EFIAPI > > +LibCredentialGetAuthInfo ( > > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > > + OUT EDKII_REDFISH_AUTH_METHOD *AuthMethod, > > + OUT CHAR8 **UserId, > > + OUT CHAR8 **Password > > + ) > > +{ > > + EFI_STATUS Status; > > + > > + if ((AuthMethod =3D=3D NULL) || (UserId =3D=3D NULL) || (Password = =3D=3D NULL)) { > > + return EFI_INVALID_PARAMETER; > > + } > > + > > + *UserId =3D NULL; > > + *Password =3D NULL; > > + > > + if (mRedfishServiceStopped) { > > + DEBUG ((DEBUG_ERROR, "%a: credential service is stopped due to > > security reason\n", __FUNCTION__)); > > + return EFI_ACCESS_DENIED; > > + } > > + > > + *AuthMethod =3D AuthMethodHttpBasic; > > + > > + *UserId =3D AllocateZeroPool (sizeof (CHAR8) * USERNAME_MAX_SIZE); i= f > > + (*UserId =3D=3D NULL) { > > + return EFI_OUT_OF_RESOURCES; > > + } > > + > > + *Password =3D AllocateZeroPool (sizeof (CHAR8) * PASSWORD_MAX_SIZE); > > + if (*Password =3D=3D NULL) { > > + return EFI_OUT_OF_RESOURCES; > > + } > > + > > + // > > + // Get bootstrap credential from variable first // Status =3D > > + GetBootstrapAccountCredentialsFromVariable (*UserId, *Password); if > > + (!EFI_ERROR (Status)) { > > + return EFI_SUCCESS; > > + } > I think the process should keep going if the error status is EFI_NOT_FOUN= D? > Besides this, all others look fine to me. >=20 > BTW, how about the conclusions we had in the previous discussion? Which i= s > to probe "/redfish/v1/Systems" to get the supported authentication > method? Is this idea is valid? > Thanks > Abner >=20 >=20 > > + > > + // > > + // Make a IPMI query > > + // > > + Status =3D GetBootstrapAccountCredentials (FALSE, *UserId, > > + *Password); if (EFI_ERROR (Status)) { > > + DEBUG ((DEBUG_ERROR, "%a: fail to get bootstrap credential: > > + %r\n", > > __FUNCTION__, Status)); > > + return Status; > > + } > > + > > + Status =3D SetBootstrapAccountCredentialsToVariable (*UserId, > > + *Password, FALSE); if (EFI_ERROR (Status)) { > > + DEBUG ((DEBUG_ERROR, "%a: fail to cache bootstrap credential: > > + %r\n", __FUNCTION__, Status)); } > > + > > + return EFI_SUCCESS; > > +} > > diff --git > > a/RedfishPkg/Library/RedfishPlatformCredentialIpmi/RedfishPlatformCred > > e > > ntialIpmiLib.h > > b/RedfishPkg/Library/RedfishPlatformCredentialIpmi/RedfishPlatformCred > > e > > ntialIpmiLib.h > > new file mode 100644 > > index 0000000000..5325767eab > > --- /dev/null > > +++ b/RedfishPkg/Library/RedfishPlatformCredentialIpmi/RedfishPlatform > > +++ Cr > > +++ edentialIpmiLib.h > > @@ -0,0 +1,86 @@ > > +/** @file > > + Header file for RedfishPlatformCredentialIpmiLib. > > + > > + Copyright (c) 2022-2023 NVIDIA CORPORATION & AFFILIATES. All rights > > reserved. > > + > > + SPDX-License-Identifier: BSD-2-Clause-Patent > > + > > +**/ > > + > > +#ifndef REDFISH_PLATFORM_CREDENTIAL_IPMI_LIB_H_ > > +#define REDFISH_PLATFORM_CREDENTIAL_IPMI_LIB_H_ > > + > > +#include > > +#include > > +#include > > + > > +#include > > + > > +#include > > +#include > > +#include > > +#include > > +#include #include > > + #include > > +#include > > + > > +#define CREDENTIAL_VARIABLE_NAME L"Partstooblaitnederc" > > + > > +/// > > +/// The bootstrap credential keeping in UEFI variable /// typedef > > +struct { > > + CHAR8 Username[USERNAME_MAX_SIZE]; > > + CHAR8 Password[PASSWORD_MAX_SIZE]; > > +} BOOTSTRAP_CREDENTIALS_VARIABLE; > > + > > +/** > > + Function to retrieve temporary user credentials for the UEFI > > +redfish client. This function can > > + also disable bootstrap credential service in BMC. > > + > > + @param[in] DisableBootstrapControl > > + TRUE - Tell the BMC to disable t= he bootstrap credential > > + service to ensure no one = else gains credentials > > + FALSE Allow the bootstrap > > + credential service to continue @param[out] BootstrapUsername > > + A pointer to a Ascii encoded > > + string for the credential > > username > > + When DisableBootstrapControl is > > + TRUE, this pointer can be NULL > > + > > + @param[out] BootstrapPassword > > + A pointer to a Ascii encoded > > + string for the credential > > password > > + When DisableBootstrapControl is > > + TRUE, this pointer can be NULL > > + > > + @retval EFI_SUCCESS Credentials were successfully fe= tched and > > returned. When DisableBootstrapControl > > + is set to TRUE, the bootstrap > > + credential service is > > disabled successfully. > > + @retval EFI_INVALID_PARAMETER BootstrapUsername or > > BootstrapPassword is NULL when DisableBootstrapControl > > + is set to FALSE > > + @retval EFI_DEVICE_ERROR An IPMI failure occurred > > +**/ > > +EFI_STATUS > > +GetBootstrapAccountCredentials ( > > + IN BOOLEAN DisableBootstrapControl, > > + IN OUT CHAR8 *BootstrapUsername, > > + IN OUT CHAR8 *BootstrapPassword > > + ); > > + > > +/** > > + Function to save temporary user credentials into boot time variable. > > +When DeleteVariable is True, > > + this function delete boot time variable. > > + > > + @param[in] BootstrapUsername A pointer to a Ascii encoded stri= ng > for > > the credential username. > > + @param[in] BootstrapPassword A pointer to a Ascii encoded stri= ng for > > the credential password. > > + @param[in] DeleteVariable True to remove boot time variable= . False > > otherwise. > > + > > + @retval EFI_SUCCESS Credentials were successfully sa= ved. > > + @retval EFI_INVALID_PARAMETER BootstrapUsername or > > BootstrapPassword is NULL > > + @retval Others Error occurs > > +**/ > > +EFI_STATUS > > +SetBootstrapAccountCredentialsToVariable ( > > + IN CHAR8 *BootstrapUsername, OPTIONAL > > + IN CHAR8 *BootstrapPassword, OPTIONAL > > + IN BOOLEAN DeleteVariable > > + ); > > + > > +#endif > > diff --git > > a/RedfishPkg/Library/RedfishPlatformCredentialIpmi/RedfishPlatformCred > > e > > ntialIpmiLib.inf > > b/RedfishPkg/Library/RedfishPlatformCredentialIpmi/RedfishPlatformCred > > e > > ntialIpmiLib.inf > > new file mode 100644 > > index 0000000000..694e401ad9 > > --- /dev/null > > +++ b/RedfishPkg/Library/RedfishPlatformCredentialIpmi/RedfishPlatform > > +++ Cr > > +++ edentialIpmiLib.inf > > @@ -0,0 +1,42 @@ > > +## @file > > +# INF file for RedfishPlatformCredentialIpmiLib. > > +# > > +# Copyright (c) 2022-2023 NVIDIA CORPORATION & AFFILIATES. All > > +rights > > reserved. > > +# > > +# SPDX-License-Identifier: BSD-2-Clause-Patent # ## > > + > > +[Defines] > > + INF_VERSION =3D 0x0001000b > > + BASE_NAME =3D RedfishPlatformCredentialIpmiLib > > + FILE_GUID =3D 9C45D622-4C66-417F-814C-F76246D97= 233 > > + MODULE_TYPE =3D DXE_DRIVER > > + VERSION_STRING =3D 1.0 > > + LIBRARY_CLASS =3D RedfishPlatformCredentialIpmiLib > > + > > +[Sources] > > + RedfishPlatformCredentialIpmiLib.c > > + RedfishPlatformCredentialIpmiLib.h > > + > > +[Packages] > > + MdePkg/MdePkg.dec > > + MdeModulePkg/MdeModulePkg.dec > > + RedfishPkg/RedfishPkg.dec > > + > > +[LibraryClasses] > > + UefiLib > > + DebugLib > > + IpmiBaseLib > > + MemoryAllocationLib > > + BaseMemoryLib > > + UefiRuntimeServicesTableLib > > + > > +[Pcd] > > + > > > +gEfiRedfishPkgTokenSpaceGuid.PcdRedfishDisableBootstrapCredentialServ > > +i > > c > > +e > > + > > +[Guids] > > + gEfiRedfishVariableGuid > > + > > +[Depex] > > + TRUE > > diff --git a/RedfishPkg/RedfishPkg.dec b/RedfishPkg/RedfishPkg.dec > > index 53e52c2b00..86102b8ffd 100644 > > --- a/RedfishPkg/RedfishPkg.dec > > +++ b/RedfishPkg/RedfishPkg.dec > > @@ -81,6 +81,9 @@ > > [Guids] > > gEfiRedfishPkgTokenSpaceGuid =3D { 0x4fdbccb7, 0xe829, 0x4b4c, = { 0x88, > > 0x87, 0xb2, 0x3f, 0xd7, 0x25, 0x4b, 0x85 }} > > > > + # Redfish variable guid > > + gEfiRedfishVariableGuid =3D { 0x85ef8dd3, 0xe606, 0x4b89, = { 0x8b, > 0xbd, > > 0x93, 0xbf, 0x5c, 0xbe, 0x1c, 0x18 } } > > + > > [PcdsFixedAtBuild, PcdsPatchableInModule] > > # > > # This PCD is the UEFI device path which is used as the Redfish > > host interface. > > @@ -113,3 +116,7 @@ > > # Default is set to not add. > > # > > > > > gEfiRedfishPkgTokenSpaceGuid.PcdRedfishRestExAddingExpect|FALSE|BOO > > LEAN|0x00001004 > > + # > > + # This PCD indicates that if BMC bootstrap credential service will > > + be > > disabled by BIOS or not. > > + # > > + > > + > > > gEfiRedfishPkgTokenSpaceGuid.PcdRedfishDisableBootstrapCredentialServi > > + ce|FALSE|BOOLEAN|0x00001005 > > diff --git a/RedfishPkg/RedfishPkg.dsc b/RedfishPkg/RedfishPkg.dsc > > index cf25b63cc2..f2ca212bea 100644 > > --- a/RedfishPkg/RedfishPkg.dsc > > +++ b/RedfishPkg/RedfishPkg.dsc > > @@ -3,6 +3,7 @@ > > # > > # Copyright (c) 2019 - 2021, Intel Corporation. All rights > > reserved.
# (C) Copyright 2021 Hewlett-Packard Enterprise > Development LP. > > +# Copyright (c) 2023, NVIDIA CORPORATION & AFFILIATES. All rights > > reserved. > > # > > # SPDX-License-Identifier: BSD-2-Clause-Patent > > # > > @@ -52,6 +53,7 @@ > > [Components] > > > > RedfishPkg/Library/PlatformHostInterfaceLibNull/PlatformHostInterfaceL > > ibN > > ull.inf > > > > RedfishPkg/Library/PlatformCredentialLibNull/PlatformCredentialLibNull > > .inf > > + > > + > > > RedfishPkg/Library/RedfishPlatformCredentialIpmi/RedfishPlatformCreden > > + tialIpmiLib.inf > Please also add this library to RedfishLibs.dsc.inc. The one in the [Comp= onent] > section should be kept as well so the CI can build it even no module uses= it, if > my understanding of having library in [Component] section is correct. >=20 > Those *.inc under RedfishPkg should be relocated to under \Include later = so > the platform can pull it in to the platform dsc. > RedfishPkg.dsc is used to build the individual package. >=20 > > > > > RedfishPkg/Library/RedfishContentCodingLibNull/RedfishContentCodingLib > > Null.inf > > RedfishPkg/Library/DxeRestExLib/DxeRestExLib.inf > > RedfishPkg/Library/BaseUcs2Utf8Lib/BaseUcs2Utf8Lib.inf > > -- > > 2.39.2.windows.1