From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (NAM12-MW2-obe.outbound.protection.outlook.com [40.107.244.42]) by mx.groups.io with SMTP id smtpd.web08.3679.1666943288298385864 for ; Fri, 28 Oct 2022 00:48:08 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@amd.com header.s=selector1 header.b=yPLngR5z; spf=permerror, err=parse error for token &{10 18 %{i}._ip.%{h}._ehlo.%{d}._spf.vali.email}: invalid domain name (domain: amd.com, ip: 40.107.244.42, mailfrom: abner.chang@amd.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Lhpinf+VpJeFrIqrnQW0PVfSwK3SLWXoiy5/2CLwRf5p2n+5MPtwRiRKVHNnVXSUOATQbRmhIq9Zx6RA4XFcjnOJBwd9OxY5ouS8Ijq0Xpx+EhX/jQe+cCS4u80f0VIFLuEGLvMe2uBPQyex05B7neTyOhzsUEB9y/278hnIZWGBtYKGyT+DAaZtVycKIZKqmqXHpzsofClb3itinkOKdOriUOt4XbLgYV4mUx6EjOUPtP+rcceRo6Bocjcz8dSxzX8vXqG1W6ebNvZXffy2lcFAZ8vbq8fXecOS7AdiF1y5b7ONSWA5BGZD4YjxzyYRRr9msEq0d2/auGL+aM2JuA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=H43bdwC4GgLR6W2XMVzPWQe588KjwCsbdq6FTypNfpQ=; b=Rk33IKxj0ihQgwKddyveINZEwz3TCMGOvNWqGDZzmIn2Yqj/YJcO5k13OVE7AGdMuRdUIKNkZ/NKmXyrSKNC8B0rhcrD69lErtWNUtNcLHr2wSGTXtTpJgMaZxwQliXnCE+n1QjDokQl9Ev5AezHjt3EKFiZBZORnryBRc1VkfncNwI9Y+5s3HosSxoKBR/V66Dwjl50SxGhNzqERnkwrIKaz61HmWmCifDHgWByfnj9gSxcPshiepzNidHw+RN7pqrJUVKwP2ggHsEQUxI6UGlR6VUSlCl8l3diHmqmD1An9EUcFvNElASvt+waQ0jaYmUWMUDvQm2Mnv6idiiumw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=H43bdwC4GgLR6W2XMVzPWQe588KjwCsbdq6FTypNfpQ=; b=yPLngR5z3sYE8W4i/ZqP2A2LPPJnUgoXHcr6VukHAXiaxns9D/kpGRpGm5eC4TV2l5NvA2vqhliCWzZrB6c9yy0gnq8D2+AitxIXR15qOSMEROQh9F9neH3KIg9ost+XOLPF6vNnCi3SlxdLfbuhoyvNSip352Ljfff7pD/8wjg= Received: from MN2PR12MB3966.namprd12.prod.outlook.com (2603:10b6:208:165::18) by DM4PR12MB6011.namprd12.prod.outlook.com (2603:10b6:8:6b::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5746.28; Fri, 28 Oct 2022 07:48:05 +0000 Received: from MN2PR12MB3966.namprd12.prod.outlook.com ([fe80::2547:627:78b9:cd63]) by MN2PR12MB3966.namprd12.prod.outlook.com ([fe80::2547:627:78b9:cd63%3]) with mapi id 15.20.5769.015; Fri, 28 Oct 2022 07:48:05 +0000 From: "Chang, Abner" To: "devel@edk2.groups.io" , "igork@ami.com" , "nicklew@nvidia.com" CC: Nick Ramirez Subject: Re: [edk2-devel] [PATCH] RedfishPkg/RedfishPlatformCredentialLib: IPMI implementation Thread-Topic: [edk2-devel] [PATCH] RedfishPkg/RedfishPlatformCredentialLib: IPMI implementation Thread-Index: AQHY5C9PGUTe6vZyy0GPSakTdTeet64ZvY7ggAUNBrCAAguhAIABYxxAgAAi/ACAARwMsA== Date: Fri, 28 Oct 2022 07:48:04 +0000 Message-ID: References: <20221020025434.29969-1-nicklew@nvidia.com> In-Reply-To: Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: msip_labels: MSIP_Label_4342314e-0df4-4b58-84bf-38bed6170a0f_Enabled=true; MSIP_Label_4342314e-0df4-4b58-84bf-38bed6170a0f_SetDate=2022-10-28T07:48:01Z; MSIP_Label_4342314e-0df4-4b58-84bf-38bed6170a0f_Method=Standard; MSIP_Label_4342314e-0df4-4b58-84bf-38bed6170a0f_Name=General; MSIP_Label_4342314e-0df4-4b58-84bf-38bed6170a0f_SiteId=3dd8961f-e488-4e60-8e11-a82d994e183d; MSIP_Label_4342314e-0df4-4b58-84bf-38bed6170a0f_ActionId=b6c45a3b-12e4-40ce-91d7-6905a538cb55; MSIP_Label_4342314e-0df4-4b58-84bf-38bed6170a0f_ContentBits=1 authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=amd.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: MN2PR12MB3966:EE_|DM4PR12MB6011:EE_ x-ms-office365-filtering-correlation-id: 6a51f02e-3861-4f05-2b17-08dab8b8bf5c x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: UR0ANa2/uznvYeVdVIH1mg/dBNDqZ6O960iP3DEkkh7kVHqGU7LZqAM1cqJ1fJNDDsE39/qlSXpVwVMInNUobKwytIRidfSViM97X+7Iw5GAQnjc1ha2nfdJJTu6mLI98kvwJs3yeq9wBtuIwRhZWgqh5eXmMUWJwpfCUqhTb4iVk9Bdoi3IZv7OKe9ELf5Ye75f/iMCPblEgvkV3Pupq4EWipJOmIi5XlV1aSVbb94t8mOUMXHq8jCw6Mb0Zt01vTHgFKIlX9vhLU14NjCEp9+RfB14ThU+H4Y5EBZYiUnbG3oskZvIgtbGAnLH97ONvi/GOQNy2qocSFVWYtDe6IdyNnWsspV08/Nn2AC6PJo5kdyeJn++5RTJernjaoOKv3mpMMxgv1UuN1wFjhc7bny8jR5eGpwRxBSBNzWKRgsrE2LVLQbCIgS3RE1bs+jn3liqoFlrQ4gkTUuIvJI5A7jP8bCPSHCI3lXeDQscqWg5gPNczVaLVZYm4fKhbYY2uhQ7DXZqwA7zCcfb0nIVjF0Xq2XZdGasU1Is25DKJPTVGnxQ4VpwaSs87QarnjwLQKHbdh1i7N0lXpIdLDDQENgo44rcDprSL5YP4BrZfTTvZPRTBnRE0lvYKLE6GOY9xneOenXXN0574pUepIUPZbyPQvTqfxmktfz/fEdzMBWvDG2/Y7kqggRYnAzKpkS0l6BVdyvs9P58HKgizDVCk+u7k7NFGWbEN7rGRNqhvducBJW7ZcsDASA9RHsNWRDaZ3MKdFZDGSMZD6FutIZinaMTTkDbUF7U9Y9EBH3qqMBko3keBSFdnV86Qcvsh7VIoWWboBaV/4MSIcQi0DPflA== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MN2PR12MB3966.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230022)(4636009)(39860400002)(376002)(136003)(366004)(346002)(396003)(451199015)(8936002)(66899015)(41300700001)(64756008)(122000001)(53546011)(6506007)(66476007)(5660300002)(8676002)(45080400002)(33656002)(66946007)(40140700001)(71200400001)(76116006)(4326008)(55016003)(66556008)(66446008)(2906002)(38100700002)(316002)(7696005)(30864003)(52536014)(86362001)(83380400001)(38070700005)(110136005)(9686003)(26005)(186003)(966005)(478600001)(559001)(579004);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?jyP+1wsWfKuJen4VLhYS98MA8fdgMbq0UlfYvpPZrT5tW50C6jX/s2vIim4t?= =?us-ascii?Q?4B2tUMLurdZp8OLxudA4hbzLrOL9Gwfjpq/pObUqjiQ/Cq2BnIdDqWZPrjcC?= =?us-ascii?Q?KOPmwO8qtBeNnc8eGUkPu65WtenN9bq+Jv853exZ2Q70nr0OlPKna4y5uS13?= =?us-ascii?Q?magnrEUcsZJLA0oq1jv/l8s5ju01/3wIHbN630HhB+jqdQKYPjoqDcxeULcc?= =?us-ascii?Q?OP1GuEHBx+xHsR4YLkIKBwoUdkjwy4BtFIWdtjBuuX1nLYy+Q5UIs8L3+siS?= =?us-ascii?Q?JK90j7VUNsl57zNh9TZCKmsRdMXA2ZetK3181ZsafzvqBbUlFqKgU+mS3pe3?= =?us-ascii?Q?GEgnQXX8Y9CiVaPlUY8fcFunaBm8OKSqc+g4w2rekJamRh5jtLuGCzrb1Lrl?= =?us-ascii?Q?TNgtprOVdul7sqBKWAcyd97/HQjLRGj3yR9wZ8vKTsqJuhc7Dz7ddUTEEQiP?= =?us-ascii?Q?kww9HloyZYFbKlBHa5NEw2YMMaVuE7K5sQIH9a1XjgIkbxGXG5LWP/wniIMY?= =?us-ascii?Q?RGKLKpAAjSExRHeL3BIYJhkhkA+NOJL1G5+D1E9wp4TC9bblu5V9FYuTq74R?= =?us-ascii?Q?AXGM5ZSHaUcfbTRX5zyNAQ+hevLGu/1yLK4/IJgFBejKA1Mago9+dGSQlukF?= =?us-ascii?Q?Ur2ksaMMqMgtBW7geNeoN+iWqcDAAvE6XLcF3qcSBDTJ7C9EKxa9COPv222Y?= =?us-ascii?Q?03uo1lZooOeLUttPJEeitfkfBpJWZHad8pik7h01uFONxHJN7g2CkRsvrUI/?= =?us-ascii?Q?JsyWTHxfCRT3wx1TqAHCJRKwRo9DHOBtAAPP2FELBMLSGBQ0s8bh4KF/Vvh+?= =?us-ascii?Q?5ACnQy+o24AiVsnxewypQr7ufKEXEnxI//tHTautj0pu4bsUwgZfUEsY/pzn?= =?us-ascii?Q?GYPAXvCKPHd5+8HjnW+car4UX3MPOx2Mo1vX7FodtTGkp+xU47Co3zt9Yqig?= =?us-ascii?Q?NsVn3siR5ZJvB/TS1nx2/yvWxoqdJScgxSxpXTrAxb8hpFRIKkAynu3whgc+?= =?us-ascii?Q?Lop0BgGJrJJqyTTtmBN/Mgk26C0nfxc4/dsk2bcuD3I8Ddg5YWjPkJjuT68m?= =?us-ascii?Q?Yl/4LQ/97sZz2jEkZxADhna7uOSPyh0nYFZEgQLY85akThUb5F45a+NsjGLc?= =?us-ascii?Q?FGzrTmvFn8ue3p9iKuTNMnZHeEUI7vKrdaGt8uzSNQWhtNgGCAv5EMDFc3yh?= =?us-ascii?Q?F9wy1y5OgrdGqn3EyKV19qUTFDbkOICE/sacEip+NFjWmYqTQ8tS+CNRWjy7?= =?us-ascii?Q?n2HPw725H3FvZeO3KIgS/cF26c/9IHNk6whz/F6pR9en4y0T8Da/PSm/QoSG?= =?us-ascii?Q?0cOJonxv2hbeOOvXhcTBIHWXLj6zJfhmdqPb78zcFStfBT0/QvHsfbdgeeIP?= =?us-ascii?Q?WEMKDhXp1xTO8iDxg6Ihch7CDOgeYezptS0nN5xRwAim3OhYWpNt3+e9zi2g?= =?us-ascii?Q?2kwwhb9oF16QaZwKgmYt584LG/8lhBZQ/++DoWqliGJqyoowP3J+OTtxoTqr?= =?us-ascii?Q?t4VKUDBz8q0LA2R8rnWo0uxBEmzfbKtj0qIqOvw6fawRTg5sAXSQvK8PbOw6?= =?us-ascii?Q?B4RpSZ5LmkfkM2WHpDTdMTskPKLLGb76jtpH5ZtA?= MIME-Version: 1.0 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MN2PR12MB3966.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 6a51f02e-3861-4f05-2b17-08dab8b8bf5c X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Oct 2022 07:48:05.0015 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: a7/Z4+gDmIlHhRSidYKG6TEhhgXDvxqOZIqKVPRv++lzVpbuxPhjSbRJ1UF+h+ODaWkFeYepbUlXCXDcdlNH1w== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR12MB6011 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable [AMD Official Use Only - General] > -----Original Message----- > From: devel@edk2.groups.io On Behalf Of Igor > Kulchytskyy via groups.io > Sent: Thursday, October 27, 2022 10:42 PM > To: devel@edk2.groups.io; nicklew@nvidia.com; Chang, Abner > > Cc: Nick Ramirez > Subject: Re: [edk2-devel] [PATCH] RedfishPkg/RedfishPlatformCredentialLib= : > IPMI implementation >=20 > Caution: This message originated from an External Source. Use proper > caution when opening attachments, clicking links, or responding. >=20 >=20 > Hi Nickle, > Pleased, see my comments on your questions below. >=20 > Another point I missed in my previous mail. > You have that function in the library to get credentials and it is used b= y > RedfishCredentialsDxe driver to create the protocol which in its turn wil= l be > used by other Redfish modules. > We do not know how many modules and how many times will call this > function during boot. Right? > And on each call of this function you call IPMI command. That command wil= l > create new Redfish account on BMC side according to Redfish HI specificat= ion: >=20 > " If the Get Bootstrap Account Credentials command has been issued and > responds with the completion code 00h, a bootstrap account shall be added > to the manager's account collection and enabled. If the Get Bootstrap > Account Credentials command is sent subsequent times and responds with > the completion code 00h, a new account shall be created based on the newl= y > generated credentials. Any existing bootstrap accounts shall remain activ= e." >=20 > As I know BMC may have some restrictions on the number of Redfish > accounts they can support. > And because of that BOS may hit this limit. Which is not good. > On the other hand I'm not sure we need to have different credentials for > different modules? All those modules are part of FW. And all of them will= be > associated with the same RoleID (FW role) on BMC side. > So, all of them may use the same credentials. > Could we cash the credentials on first call of that Yes, this is something we have to avoid. Many accounts will be created whil= e each of Redfish client module requests a credential. FW can save it in EF= I variable and delete it at proper timing. Unfortunately the credential del= ivering via EFI variable section was deprecated, otherwise we can deliver t= he credential to OS through EFI variable with disabling the bootstrap crede= ntial at exit boot service. Abner > RedfishCredentialGetAuthInfo and then use those cashed credentials on > subsequential calls? > It will also may save a boot time, since there is no need to send IPMI > command. >=20 > Thank you, > Igor >=20 > -----Original Message----- > From: devel@edk2.groups.io On Behalf Of Nickle > Wang via groups.io > Sent: Thursday, October 27, 2022 9:26 AM > To: devel@edk2.groups.io; Igor Kulchytskyy ; > abner.chang@amd.com > Cc: Nick Ramirez > Subject: [EXTERNAL] Re: [edk2-devel] [PATCH] > RedfishPkg/RedfishPlatformCredentialLib: IPMI implementation >=20 >=20 > **CAUTION: The e-mail below is from an external source. Please exercise > caution before opening attachments, clicking links, or following guidance= .** >=20 > Hi Igor, >=20 > Thank you for your help to review my changes. >=20 > > And it will be blocked by our IPMI call. >=20 > I see your point. So, BIOS should never be the person to shutdown credent= ial > service because BIOS always get executed prior to OS, right? >=20 > Igor: Yes, my point is that we should not shutdown credential service fro= m > BIOS. Even if OS sends that IPMI command, new account will be created and > BIOS credentials will not be compromised. >=20 > > Should it be configured with some PCD? Maybe user may select in Setup > what method should be used? Or it could be build time configuration? >=20 > I have below assumption while I implemented the library. I admit this is = not > always true. >=20 > No Auth: I think this is rare case for Redfish service which gives anonym= ous > privilege to change BIOS settings. > Basic Auth: this is the authentication method which uses username and > password to build base64 encoded string. > Session Auth: I assume that client must have a session token first and th= en > use this authentication method. Can we use username and password to > generate session token on our own? If my memory serves me correctly, > client has to do a login with username and password first and then client= can > receive session token from server. >=20 > Igor: BIOS will use the credentials to create session. It should send POS= T > request to the session URI with user name and password to create session. > If a session created successfully then on response BMC returns header "X- > Auth-Token" which then used for the subsequential calls. >=20 > If we really like to know what authentication method that Redfish service > used, we can issue a HTTP query to "/redfish/v1/Systems" with "No Auth". > Then we can know what authentication method is required by reading the > "WWW-Authenticate " filed in returned HTTP header. >=20 > Igor: As my understanding, even if you include authentication header > (Base64 encoded) in the request to BMC and BMC has NoAuth configuration, > then that authentication header would be just ignored by BMC. >=20 > Thanks, > Nickle >=20 > -----Original Message----- > From: devel@edk2.groups.io On Behalf Of Igor > Kulchytskyy via groups.io > Sent: Wednesday, October 26, 2022 11:26 PM > To: Nickle Wang ; devel@edk2.groups.io; > abner.chang@amd.com > Cc: Nick Ramirez > Subject: Re: [edk2-devel] [PATCH] RedfishPkg/RedfishPlatformCredentialLib= : > IPMI implementation >=20 > External email: Use caution opening links or attachments >=20 >=20 > Hi Nickle, > I would like to discuss that DisableBootstrapControl flag and how it is u= sed in > our implementation. > According to Redfish HI specification we can use this flag to disable cre= dential > bootstrapping control. > It can be disabled permanently or till next reboot of the host or service= . That > depend on the EnableAfterReset setting on BMC side: > CredentialBootstrapping (v1.3+) > { object The credential bootstrapping settings for this interface. > EnableAfterReset (v1.3+) Boolean read-write (null) An indication = of > whether credential bootstrapping is enabled after a reset for this interf= ace. > Enabled (v1.3+) Boolean read-write (null) An indication of whethe= r > credential bootstrapping is enabled for this interface. > RoleId (v1.3+) string read-write The role used for the bootstrap = account > created for this interface. > } > So, if EnableAfterReset set to false, that means BMC will response with 0= x80 > error and will not return any credentials after reboot. And BIOS BMC > communication will fail. > Another concern with disabling credential bootstrapping control is that = we > do it on Exit Boot event before passing a control to OS. > But OS may also need to communicate to BMC through Redfish Host > Interface to post some information. And it will be blocked by our IPMI ca= ll. > We create that SMBIOS Type 42 table with Redfish Host Interface settings > which can be used by OS to communicate with BMC. But without the > credentials it will not be possible. >=20 > Another question is AuthMethod parameter you initialize in this library: > *AuthMethod =3D AuthMethodHttpBasic; > According to Redfish HI specification 3 methods may be used - No Auth, Ba= sic > Auth and Session Auth. > Basic Auth and Session Auth methods are required the credentials to be us= ed > by BIOS. And both of them should be supported by BMC. > And your high level function RedfishCreateLibredfishService also supports= of > creation Basic or Session Auth service. > I'm not sure why low level library which is created to get credentials fr= om > BMC should decide what Authentication method should be used? > Should it be configured with some PCD? Maybe user may select in Setup > what method should be used? Or it could be build time configuration? >=20 > Thank you, > Igor >=20 > -----Original Message----- > From: Nickle Wang > Sent: Tuesday, October 25, 2022 4:24 AM > To: devel@edk2.groups.io; abner.chang@amd.com > Cc: Nick Ramirez ; Igor Kulchytskyy > > Subject: [EXTERNAL] RE: [edk2-devel] [PATCH] > RedfishPkg/RedfishPlatformCredentialLib: IPMI implementation >=20 >=20 > **CAUTION: The e-mail below is from an external source. Please exercise > caution before opening attachments, clicking links, or following guidance= .** >=20 > Thanks for your review comments, Abner! I will update new version patch > later. The CI build error will be handled together. >=20 > > please add Igor as reviewer too > Sure! >=20 >=20 > > + *UserId =3D AllocateZeroPool (sizeof (CHAR8) * USERNAME_MAX_SIZE); i= f > [Chang, Abner] > Allocation memory with the size (USERNAME_MAX_LENGTH + 1) for both > BootUsername and BootstrapPassword? Because the maximum number of > characters defined in the spec is USERNAME_MAX_LENGTH for the > user/password. >=20 > Yes, the additional one byte is for NULL terminator. > USERNAME_MAX_LENGTH is defined as 16 and follow host interface > specification. >=20 > Regards, > Nickle >=20 > -----Original Message----- > From: devel@edk2.groups.io On Behalf Of Chang, > Abner via groups.io > Sent: Saturday, October 22, 2022 3:01 PM > To: Nickle Wang ; devel@edk2.groups.io > Cc: Nick Ramirez ; Igor Kulchytskyy > > Subject: Re: [edk2-devel] [PATCH] RedfishPkg/RedfishPlatformCredentialLib= : > IPMI implementation >=20 > External email: Use caution opening links or attachments >=20 >=20 > [AMD Official Use Only - General] >=20 > Hi Nickle, please add Igor as reviewer too. My comments is in below, >=20 > > -----Original Message----- > > From: Nickle Wang > > Sent: Thursday, October 20, 2022 10:55 AM > > To: devel@edk2.groups.io > > Cc: Chang, Abner ; Nick Ramirez > > > > Subject: [PATCH] RedfishPkg/RedfishPlatformCredentialLib: IPMI > > implementation > > > > Caution: This message originated from an External Source. Use proper > > caution when opening attachments, clicking links, or responding. > > > > > > This library follows Redfish Host Interface specification and use IPMI > > command to get bootstrap account credential(NetFn 2Ch, Command 02h) > from BMC. > > RedfishHostInterfaceDxe will use this credential for the following > > communication between BIOS and BMC. > > > > Cc: Abner Chang > > Cc: Nick Ramirez > > Signed-off-by: Nickle Wang > > --- > > .../RedfishPlatformCredentialLib.c | 273 ++++++++++++++++++ > > .../RedfishPlatformCredentialLib.h | 75 +++++ > > .../RedfishPlatformCredentialLib.inf | 37 +++ > [Chang, Abner] > Could we name this library RedfishPlatformCredentialIpmi so the naming > style is consistent with RedfishPlatformCredentialNull? >=20 > > 3 files changed, 385 insertions(+) > > create mode 100644 > > > RedfishPkg/Library/RedfishPlatformCredentialLib/RedfishPlatformCredential > Lib. > > c > > create mode 100644 > > > RedfishPkg/Library/RedfishPlatformCredentialLib/RedfishPlatformCredential > Lib. > > h > > create mode 100644 > > RedfishPkg/Library/RedfishPlatformCredentialLib/RedfishPlatformCredent > > ialLib.i > > nf > > > > diff --git > > a/RedfishPkg/Library/RedfishPlatformCredentialLib/RedfishPlatformCrede > > ntialLi > > b.c > > b/RedfishPkg/Library/RedfishPlatformCredentialLib/RedfishPlatformCrede > > ntialLi > > b.c > > new file mode 100644 > > index 0000000000..23a15ab1fa > > --- /dev/null > > +++ b/RedfishPkg/Library/RedfishPlatformCredentialLib/RedfishPlatformC > > +++ re > > +++ dentialLib.c > > @@ -0,0 +1,273 @@ > > +/** @file > > +* > > +* Copyright (c) 2022 NVIDIA CORPORATION & AFFILIATES. All rights > reserved. > > +* > > +* SPDX-License-Identifier: BSD-2-Clause-Patent > [Chang, Abner] > We can have "@par Revision Reference:" in the file header to point out t= he > spec. > https://nam11.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fww > w.dmtf.org%2Fsites%2Fdefault%2Ffiles%2Fstandards%2Fdocuments%2FDSP > 0270_1.3.0.pdf&data=3D05%7C01%7Cabner.chang%40amd.com%7C074aa > e162fba49409af408dab8297c03%7C3dd8961fe4884e608e11a82d994e183d%7C > 0%7C0%7C638024786060127888%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiM > C4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000 > %7C%7C%7C&sdata=3DyY6hhKjQfVqmNuufbeDNk%2B2FKrebHyIAyS9Ya4 > szE3Y%3D&reserved=3D0 >=20 > > +* > > +**/ > > + > > +#include "RedfishPlatformCredentialLib.h" > > + > > +// > > +// Global flag of controlling credential service // BOOLEAN > > +mRedfishServiceStopped =3D FALSE; > > + > > +/** > > + Notify the Redfish service provide to stop provide configuration > > +service to this > > platform. > > + > > + This function should be called when the platfrom is about to leave > > + the safe > > environment. > > + It will notify the Redfish service provider to abort all logined > > + session, and prohibit further login with original auth info. > > + GetAuthInfo() will return EFI_UNSUPPORTED once this function is > returned. > > + > > + @param[in] This Pointer to > > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > > + @param[in] ServiceStopType Reason of stopping Redfish service. > > + > > + @retval EFI_SUCCESS Service has been stoped successfull= y. > > + @retval EFI_INVALID_PARAMETER This is NULL. > > + @retval Others Some error happened. > > + > > +**/ > > +EFI_STATUS > > +EFIAPI > > +LibStopRedfishService ( > > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > > + IN EDKII_REDFISH_CREDENTIAL_STOP_SERVICE_TYPE > ServiceStopType > > + ) > > +{ > > + EFI_STATUS Status; > > + > > + if ((ServiceStopType <=3D ServiceStopTypeNone) || (ServiceStopType >= =3D > > ServiceStopTypeMax)) { > > + return EFI_INVALID_PARAMETER; > > + } > > + > > + // > > + // Raise flag first > > + // > > + mRedfishServiceStopped =3D TRUE; > > + > > + // > > + // Notify BMC to disable credential bootstrapping support. > > + // > > + Status =3D GetBootstrapAccountCredentials (TRUE, NULL, NULL); if > > + (EFI_ERROR (Status)) { > > + DEBUG ((DEBUG_ERROR, "%a: fail to disable bootstrap credential: > > + %r\n", > > __FUNCTION__, Status)); > > + return Status; > > + } > > + > > + return EFI_SUCCESS; > > +} > > + > > +/** > > + Notification of Exit Boot Service. > > + > > + @param[in] This Pointer to EDKII_REDFISH_CREDENTIAL_PROTOCOL. > > +**/ > > +VOID > > +EFIAPI > > +LibCredentialExitBootServicesNotify ( > > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This > > + ) > > +{ > > + // > > + // Stop the credential support when system is about to enter OS. > > + // > > + LibStopRedfishService (This, ServiceStopTypeExitBootService); } > > + > > +/** > > + Notification of End of DXe. > > + > > + @param[in] This Pointer to EDKII_REDFISH_CREDENTIAL_PROTOCOL. > > +**/ > > +VOID > > +EFIAPI > > +LibCredentialEndOfDxeNotify ( > > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This > > + ) > > +{ > > + // > > + // Do nothing now. > > + // We can stop credential support when system reach end-of-dxe for > > +security > > reason. > > + // > > +} > > + > > +/** > > + Function to retrieve temporary use credentials for the UEFI redfish > > +client > [Chang, Abner] > We miss the functionality to disable bootstrap credential service in the > function description. >=20 > > + > > + @param[in] DisableBootstrapControl > > + TRUE - Tell the BMC to disable t= he bootstrap credential > > + service to ensure no one = else gains credentials > > + FALSE Allow the bootstrap > > + credential service to continue @param[out] BootstrapUsername > > + A pointer to a UTF-8 encoded > > + string for the credential > > username > > + When DisableBootstrapControl is > > + TRUE, this pointer can be NULL > > + > > + @param[out] BootstrapPassword > > + A pointer to a UTF-8 encoded > > + string for the credential > > password > > + When DisableBootstrapControl is > > + TRUE, this pointer can be NULL > > + > > + @retval EFI_SUCCESS Credentials were successfully fe= tched and > > returned > > + @retval EFI_INVALID_PARAMETER BootstrapUsername or > > BootstrapPassword is NULL when DisableBootstrapControl > > + is set to FALSE > > + @retval EFI_DEVICE_ERROR An IPMI failure occurred > [Chang, Abner] > The return status should also include the status of disabling bootstrap > credential. >=20 >=20 > > +**/ > > +EFI_STATUS > > +GetBootstrapAccountCredentials ( > > + IN BOOLEAN DisableBootstrapControl, > > + IN OUT CHAR8 *BootstrapUsername, OPTIONAL > > + IN OUT CHAR8 *BootstrapPassword OPTIONAL > > + ) > > +{ > > + EFI_STATUS Status; > > + IPMI_BOOTSTRAP_CREDENTIALS_COMMAND_DATA CommandData; > > + IPMI_BOOTSTRAP_CREDENTIALS_RESULT_RESPONSE ResponseData; > > + UINT32 ResponseSize; > > + > > + if (!PcdGetBool (PcdIpmiFeatureEnable)) { > > + DEBUG ((DEBUG_ERROR, "%a: IPMI is not enabled! Unable to fetch > > + Redfish > > credentials\n", __FUNCTION__)); > > + return EFI_UNSUPPORTED; > > + } > > + > > + // > > + // NULL buffer check > > + // > > + if (!DisableBootstrapControl && ((BootstrapUsername =3D=3D NULL) || > > (BootstrapPassword =3D=3D NULL))) { > > + return EFI_INVALID_PARAMETER; > > + } > > + > > + DEBUG ((DEBUG_VERBOSE, "%a: Disable bootstrap control: 0x%x\n", > > + __FUNCTION__, DisableBootstrapControl)); > > + > > + // > > + // IPMI callout to NetFn 2C, command 02 > > + // Request data: > > + // Byte 1: REDFISH_IPMI_GROUP_EXTENSION > > + // Byte 2: DisableBootstrapControl > > + // > > + CommandData.GroupExtensionId =3D > REDFISH_IPMI_GROUP_EXTENSION; > > + CommandData.DisableBootstrapControl =3D (DisableBootstrapControl ? > > + REDFISH_IPMI_BOOTSTRAP_CREDENTIAL_DISABLE : > > + REDFISH_IPMI_BOOTSTRAP_CREDENTIAL_ENABLE); > > + > > + ResponseSize =3D sizeof (ResponseData); > > + > > + // > > + // Response data: > > + // Byte 1 : Completion code > > + // Byte 2 : REDFISH_IPMI_GROUP_EXTENSION > > + // Byte 3-18 : Username > > + // Byte 19-34: Password > > + // > > + Status =3D IpmiSubmitCommand ( > > + IPMI_NETFN_GROUP_EXT, > > + REDFISH_IPMI_GET_BOOTSTRAP_CREDENTIALS_CMD, > > + (UINT8 *)&CommandData, > > + sizeof (CommandData), > > + (UINT8 *)&ResponseData, > > + &ResponseSize > > + ); > > + > > + if (EFI_ERROR (Status)) { > > + DEBUG ((DEBUG_ERROR, "%a: IPMI transaction failure. Returning\n", > > __FUNCTION__)); > > + ASSERT_EFI_ERROR (Status); > > + return Status; > > + } else { > > + if (ResponseData.CompletionCode !=3D IPMI_COMP_CODE_NORMAL) { > > + if (ResponseData.CompletionCode =3D=3D > > REDFISH_IPMI_COMP_CODE_BOOTSTRAP_CREDENTIAL_DISABLED) { > > + DEBUG ((DEBUG_ERROR, "%a: bootstrap credential support was > > disabled\n", __FUNCTION__)); > > + return EFI_ACCESS_DENIED; > > + } > > + > > + DEBUG ((DEBUG_ERROR, "%a: Completion code =3D 0x%x. Returning\n"= , > > __FUNCTION__, ResponseData.CompletionCode)); > > + return EFI_PROTOCOL_ERROR; > > + } else if (ResponseData.GroupExtensionId !=3D > > REDFISH_IPMI_GROUP_EXTENSION) { > > + DEBUG ((DEBUG_ERROR, "%a: Group Extension Response =3D 0x%x. > > Returning\n", __FUNCTION__, ResponseData.GroupExtensionId)); > > + return EFI_DEVICE_ERROR; > > + } else { > > + if (BootstrapUsername !=3D NULL) { > > + CopyMem (BootstrapUsername, ResponseData.Username, > > USERNAME_MAX_LENGTH); > > + // > > + // Manually append null-terminator in case 16 characters > > + username > > returned. > > + // > > + BootstrapUsername[USERNAME_MAX_LENGTH] =3D '\0'; > > + } > > + > > + if (BootstrapPassword !=3D NULL) { > > + CopyMem (BootstrapPassword, ResponseData.Password, > > PASSWORD_MAX_LENGTH); > > + // > > + // Manually append null-terminator in case 16 characters > > + password > > returned. > > + // > > + BootstrapPassword[PASSWORD_MAX_LENGTH] =3D '\0'; > > + } > > + } > > + } > > + > > + return Status; > > +} > > + > > +/** > > + Retrieve platform's Redfish authentication information. > > + > > + This functions returns the Redfish authentication method together > > + with the user Id and password. > > + - For AuthMethodNone, the UserId and Password could be used for > > + HTTP > > header authentication > > + as defined by RFC7235. > > + - For AuthMethodRedfishSession, the UserId and Password could be > > + used for > > Redfish > > + session login as defined by Redfish API specification (DSP0266). > > + > > + Callers are responsible for and freeing the returned string storage. > > + > > + @param[in] This Pointer to > > EDKII_REDFISH_CREDENTIAL_PROTOCOL instance. > > + @param[out] AuthMethod Type of Redfish authentication meth= od. > > + @param[out] UserId The pointer to store the returned U= serId > string. > > + @param[out] Password The pointer to store the returned > Password > > string. > > + > > + @retval EFI_SUCCESS Get the authentication information > successfully. > > + @retval EFI_ACCESS_DENIED SecureBoot is disabled after EndOfD= xe. > > + @retval EFI_INVALID_PARAMETER This or AuthMethod or UserId or > > Password is NULL. > > + @retval EFI_OUT_OF_RESOURCES There are not enough memory > resources. > > + @retval EFI_UNSUPPORTED Unsupported authentication method i= s > > found. > > + > > +**/ > > +EFI_STATUS > > +EFIAPI > > +LibCredentialGetAuthInfo ( > > + IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, > > + OUT EDKII_REDFISH_AUTH_METHOD *AuthMethod, > > + OUT CHAR8 **UserId, > > + OUT CHAR8 **Password > > + ) > > +{ > > + EFI_STATUS Status; > > + > > + if ((AuthMethod =3D=3D NULL) || (UserId =3D=3D NULL) || (Password = =3D=3D NULL)) { > > + return EFI_INVALID_PARAMETER; > > + } > > + > > + *UserId =3D NULL; > > + *Password =3D NULL; > > + > > + if (mRedfishServiceStopped) { > > + DEBUG ((DEBUG_ERROR, "%a: credential service is stopped due to > > + security > > reason\n", __FUNCTION__)); > > + return EFI_ACCESS_DENIED; > > + } > > + > > + *AuthMethod =3D AuthMethodHttpBasic; > > + > > + *UserId =3D AllocateZeroPool (sizeof (CHAR8) * USERNAME_MAX_SIZE); i= f > [Chang, Abner] > Allocation memory with the size (USERNAME_MAX_LENGTH + 1) for both > BootUsername and BootstrapPassword? Because the maximum number of > characters defined in the spec is USERNAME_MAX_LENGTH for the > user/password. >=20 >=20 > > + (*UserId =3D=3D NULL) { > > + return EFI_OUT_OF_RESOURCES; > > + } > > + > > + *Password =3D AllocateZeroPool (sizeof (CHAR8) * PASSWORD_MAX_SIZE); > > + if (*Password =3D=3D NULL) { > > + return EFI_OUT_OF_RESOURCES; > > + } > > + > > + Status =3D GetBootstrapAccountCredentials (FALSE, *UserId, > > + *Password); if (EFI_ERROR (Status)) { > > + DEBUG ((DEBUG_ERROR, "%a: fail to get bootstrap credential: > > + %r\n", > > __FUNCTION__, Status)); > > + return Status; > > + } > > + > > + return EFI_SUCCESS; > > +} > > diff --git > > a/RedfishPkg/Library/RedfishPlatformCredentialLib/RedfishPlatformCrede > > ntialLi > > b.h > > b/RedfishPkg/Library/RedfishPlatformCredentialLib/RedfishPlatformCrede > > ntialLi > > b.h > > new file mode 100644 > > index 0000000000..5b448e01be > > --- /dev/null > > +++ b/RedfishPkg/Library/RedfishPlatformCredentialLib/RedfishPlatformC > > +++ re > > +++ dentialLib.h > > @@ -0,0 +1,75 @@ > > +/** @file > > +* > > +* Copyright (c) 2022 NVIDIA CORPORATION & AFFILIATES. All rights > reserved. > > +* > > +* SPDX-License-Identifier: BSD-2-Clause-Patent > > +* > > +**/ > > +#include > > +#include > > +#include > > +#include > > +#include > > +#include > > +#include > > +#include #include > > + > > + > > +#define REDFISH_IPMI_GROUP_EXTENSION 0x52 > > +#define REDFISH_IPMI_GET_BOOTSTRAP_CREDENTIALS_CMD 0x02 > > +#define REDFISH_IPMI_BOOTSTRAP_CREDENTIAL_ENABLE 0xA5 > > +#define REDFISH_IPMI_BOOTSTRAP_CREDENTIAL_DISABLE 0x00 > > +#define > REDFISH_IPMI_COMP_CODE_BOOTSTRAP_CREDENTIAL_DISABLED > > 0x80 > > + > > +// > > +// Per Redfish Host Interface Specification 1.3, The maximum lenght > > +of // username and password is 16 characters long. > > +// > > +#define USERNAME_MAX_LENGTH 16 > > +#define PASSWORD_MAX_LENGTH 16 > > +#define USERNAME_MAX_SIZE (USERNAME_MAX_LENGTH + 1) // > NULL > > terminator > > +#define PASSWORD_MAX_SIZE (PASSWORD_MAX_LENGTH + 1) // > NULL > > terminator > > + > > +#pragma pack(1) > > +/// > > +/// The definition of IPMI command to get bootstrap account > > +credentials /// typedef struct { > > + UINT8 GroupExtensionId; > > + UINT8 DisableBootstrapControl; > > +} IPMI_BOOTSTRAP_CREDENTIALS_COMMAND_DATA; > > + > > +/// > > +/// The response data of getting bootstrap credential /// typedef > > +struct { > > + UINT8 CompletionCode; > > + UINT8 GroupExtensionId; > > + CHAR8 Username[USERNAME_MAX_LENGTH]; > > + CHAR8 Password[PASSWORD_MAX_LENGTH]; > > +} IPMI_BOOTSTRAP_CREDENTIALS_RESULT_RESPONSE; > > + > > +#pragma pack() > > + > > +/** > > + Function to retrieve temporary use credentials for the UEFI redfish > > +client > [Chang, Abner] > We miss the functionality to disable bootstrap credential service in the > function description. >=20 > > + > > + @param[in] DisableBootstrapControl > > + TRUE - Tell the BMC to disable t= he bootstrap credential > > + service to ensure no one = else gains credentials > > + FALSE Allow the bootstrap > > + credential service to continue @param[out] BootstrapUsername > > + A pointer to a UTF-8 encoded > > + string for the credential username > > + > > + @param[out] BootstrapPassword > > + A pointer to a UTF-8 encoded > > + string for the credential password > > + > > + @retval EFI_SUCCESS Credentials were successfully fe= tched and > > returned > [Chang, Abner] > Or the bootstrap credential service is disabled successfully, right? >=20 > > + @retval EFI_DEVICE_ERROR An IPMI failure occurred > > +**/ > > +EFI_STATUS > > +GetBootstrapAccountCredentials ( > > + IN BOOLEAN DisableBootstrapControl, > > + IN OUT CHAR8 *BootstrapUsername, > > + IN OUT CHAR8 *BootstrapPassword > > + ); > > diff --git > > a/RedfishPkg/Library/RedfishPlatformCredentialLib/RedfishPlatformCrede > > ntialLi > > b.inf > > b/RedfishPkg/Library/RedfishPlatformCredentialLib/RedfishPlatformCrede > > ntialLi > > b.inf > > new file mode 100644 > > index 0000000000..a990d28363 > > --- /dev/null > > +++ b/RedfishPkg/Library/RedfishPlatformCredentialLib/RedfishPlatformC > > +++ re > > +++ dentialLib.inf > > @@ -0,0 +1,37 @@ > > +## @file > > +# > > +# Copyright (c) 2022 NVIDIA CORPORATION & AFFILIATES. All rights > reserved. > > +# > > +# SPDX-License-Identifier: BSD-2-Clause-Patent # ## > > + > > +[Defines] > > + INF_VERSION =3D 0x0001000b > > + BASE_NAME =3D RedfishPlatformCredentialLib > > + FILE_GUID =3D 9C45D622-4C66-417F-814C-F76246D97= 233 > > + MODULE_TYPE =3D DXE_DRIVER > > + VERSION_STRING =3D 1.0 > > + LIBRARY_CLASS =3D RedfishPlatformCredentialLib > > + > > +[Sources] > > + RedfishPlatformCredentialLib.c > > + > > +[Packages] > > + MdePkg/MdePkg.dec > > + MdeModulePkg/MdeModulePkg.dec > > + RedfishPkg/RedfishPkg.dec > > + IpmiFeaturePkg/IpmiFeaturePkg.dec > [Chang, Abner] > Could you please add a comment to the reference of IpmiFeaturePkg? We > have to give customers a notice that the dependence of "edk2- > platforms/Features/Intel/OutOfBandManagement/". They have to add the > path to PACKAGES_PATH. You also have to skip this dependence in the > RedfishPkg.yaml to avoid the CI error. >=20 > Another thing is I propose to move out IpmiFeaturePkg from edk2- > platforms/Features/Intel/OutOfBandManagement to edk2- > platforms/Features/ManageabilityPkg that also provides the > implementation of PLDM/MCTP/IPMI/KCS. I had an initial talk with > IpmiFeaturePkg owner and get the positive response on this proposal. I wi= ll > kick off the discussion on the dev mailing list. That is to say this modu= le may > need a little bit change later, however that is good to me having this > implementation now. > Thanks > Abner > > + > > +[LibraryClasses] > > + UefiLib > > + DebugLib > > + IpmiBaseLib > > + MemoryAllocationLib > > + BaseMemoryLib > > + > > +[Pcd] > > + gIpmiFeaturePkgTokenSpaceGuid.PcdIpmiFeatureEnable > > + > > +[Depex] > > + TRUE > > -- > > 2.17.1 >=20 >=20 >=20 >=20 >=20 > -The information contained in this message may be confidential and > proprietary to American Megatrends (AMI). This communication is intended > to be read only by the individual or entity to whom it is addressed or by= their > designee. If the reader of this message is not the intended recipient, yo= u are > on notice that any distribution of this message, in any form, is strictly > prohibited. Please promptly notify the sender by reply e-mail or by > telephone at 770-246-8600, and then delete or destroy all copies of the > transmission. >=20 >=20 >=20 >=20 >=20 >=20 >=20 >=20 >=20 >=20 > -The information contained in this message may be confidential and > proprietary to American Megatrends (AMI). This communication is intended > to be read only by the individual or entity to whom it is addressed or by= their > designee. If the reader of this message is not the intended recipient, yo= u are > on notice that any distribution of this message, in any form, is strictly > prohibited. Please promptly notify the sender by reply e-mail or by > telephone at 770-246-8600, and then delete or destroy all copies of the > transmission. >=20 >=20 >=20 >=20