Re: [edk2-devel] [edk2-redfish-client][PATCH] RedfishClientPkg: introduce RedfishBootstrapAccountDxe

["Nickle Wang via groups.io" <nicklew=nvidia.com@groups.io>]

> RedfishFeatureCore could be one of the Redfish clients, delete the credential from
> Redfish account service in RedfishFeatureCore lifecycle may impact other Redfish
> clients that still need the communication with Redfish service, right?

When all Redfish clients are managed by RedfishFeatureCore, I think we don't have such case. And this may be a good reason to keep it in RedfishClientPkg. This driver offers a way for BIOS to delete bootstrapping account at BMC after everything is done. Platform owner can decide to include this driver or not depending on the Redfish design in system. 

Regards,
Nickle

> -----Original Message-----
> From: Chang, Abner <Abner.Chang@amd.com>
> Sent: Thursday, May 16, 2024 10:41 AM
> To: Nickle Wang <nicklew@nvidia.com>; Igor Kulchytskyy <igork@ami.com>;
> devel@edk2.groups.io
> Cc: Nick Ramirez <nramirez@nvidia.com>
> Subject: RE: [EXTERNAL] RE: [edk2-devel] [edk2-redfish-client][PATCH]
> RedfishClientPkg: introduce RedfishBootstrapAccountDxe
> 
> External email: Use caution opening links or attachments
> 
> 
> [AMD Official Use Only - General]
> 
> I think we probably overlook some use cases. Multiple edk2 Redfish applications
> running simultaneously is allowed from the design perspective. However, we
> centralized GetAuthInfo in RedfishPlatformCredentialLib for all of edk2 Redfish
> client entities to leverage the same credential stored in EFI variable. This way we
> can limit the process of acquiring credential to only one time Redfish IPMI
> bootstrap command sent to BMC.
> RedfishFeatureCore could be one of the Redfish clients, delete the credential from
> Redfish account service in RedfishFeatureCore lifecycle may impact other Redfish
> clients that still need the communication with Redfish service, right?
> 
> Thanks
> Abner
> 
> > -----Original Message-----
> > From: Nickle Wang <nicklew@nvidia.com>
> > Sent: Thursday, May 16, 2024 9:38 AM
> > To: Chang, Abner <Abner.Chang@amd.com>; Igor Kulchytskyy
> > <igork@ami.com>; devel@edk2.groups.io
> > Cc: Nick Ramirez <nramirez@nvidia.com>
> > Subject: RE: [EXTERNAL] RE: [edk2-devel] [edk2-redfish-client][PATCH]
> > RedfishClientPkg: introduce RedfishBootstrapAccountDxe
> >
> > [AMD Official Use Only - General]
> >
> > Caution: This message originated from an External Source. Use proper
> > caution when opening attachments, clicking links, or responding.
> >
> >
> > Hi Igor, Abner,
> >
> > > Maybe we should consider moving RedfishBootstrapAccountDxe driver to
> > RedfishPkg and have some register mechanism which will be used by
> > interested drivers to notify that they finished their job and after
> > that RedfishBootstrapAccountDxe driver would delete an account.
> >
> > You are saying the mechanism in runtime, right? In current design,
> > RedfishFeatureCore driver will send "after provisioning" signal to
> > notify this driver to delete bootstrapping account. This makes sure
> > that all feature drivers are done with their jobs, so this driver is
> > safe to delete bootstrapping account at BMC.
> >
> > If we move it to RedfishPkg, there is no such centralized Redfish
> > driver managing Redfish stuff. How does a particular driver know that
> > there is no other driver running Redfish stuff after it? The way I can
> > think of now is to rely on EDK2 ready-to-boot event as the signal to
> > do the notification, since there is not supposed to have Redfish driver running
> jobs after this event...
> >
> > Regards,
> > Nickle
> >
> > > -----Original Message-----
> > > From: Chang, Abner <Abner.Chang@amd.com>
> > > Sent: Thursday, May 16, 2024 9:06 AM
> > > To: Igor Kulchytskyy <igork@ami.com>; Nickle Wang
> > > <nicklew@nvidia.com>; devel@edk2.groups.io
> > > Cc: Nick Ramirez <nramirez@nvidia.com>
> > > Subject: RE: [EXTERNAL] RE: [edk2-devel]
> > > [edk2-redfish-client][PATCH]
> > > RedfishClientPkg: introduce RedfishBootstrapAccountDxe
> > >
> > > External email: Use caution opening links or attachments
> > >
> > >
> > > [AMD Official Use Only - General]
> > >
> > > HI Igor,
> > > This sounds to me reasonable to me. As you mentioned, RedfishPkg was
> > designed
> > > to support multiple Redfish applications and RedfishClientPkg is
> > > just one of
> > them. I
> > > think we can review the implementation of acquiring/deleting credential.
> > >
> > > Thanks
> > > Abner
> > >
> > >
> > > > -----Original Message-----
> > > > From: Igor Kulchytskyy <igork@ami.com>
> > > > Sent: Wednesday, May 15, 2024 11:02 PM
> > > > To: Nickle Wang <nicklew@nvidia.com>; devel@edk2.groups.io; Chang,
> > > > Abner <Abner.Chang@amd.com>
> > > > Cc: Nick Ramirez <nramirez@nvidia.com>
> > > > Subject: RE: [EXTERNAL] RE: [edk2-devel]
> > > > [edk2-redfish-client][PATCH]
> > > > RedfishClientPkg: introduce RedfishBootstrapAccountDxe
> > > >
> > > > [AMD Official Use Only - General]
> > > >
> > > > Caution: This message originated from an External Source. Use
> > > > proper caution when opening attachments, clicking links, or responding.
> > > >
> > > >
> > > > Hi Nickle,
> > > > I have one more question to discuss regarding this driver.
> > > > We have a bootstrap account and creation of this account
> > > > controlled by RedfishCredentialDxe driver in RedfishPkg.
> > > > But deletion of that bootstrap account is moved to RedfishClientPkg.
> > > > What if we have another Redfish Client or some customer service
> > > > which uses RedfishPkg for the communication.
> > > > Architecturally it is allowed.
> > > > But then RedfishBootstrapAccountDxe module would delete account
> > > > just based on the RedfishClientPkg needs.
> > > > Maybe we should consider moving RedfishBootstrapAccountDxe driver
> > > > to RedfishPkg and have some register mechanism which will be used
> > > > by interested drivers to notify that they finished their job and
> > > > after that RedfishBootstrapAccountDxe driver would delete an account.
> > > > What do you think?
> > > > Thank you,
> > > > Igor
> > > >
> > > > -----Original Message-----
> > > > From: Nickle Wang <nicklew@nvidia.com>
> > > > Sent: Tuesday, May 14, 2024 8:40 AM
> > > > To: devel@edk2.groups.io; abner.chang@amd.com; Igor Kulchytskyy
> > > > <igork@ami.com>
> > > > Cc: Nick Ramirez <nramirez@nvidia.com>
> > > > Subject: [EXTERNAL] RE: [edk2-devel] [edk2-redfish-client][PATCH]
> > > > RedfishClientPkg: introduce RedfishBootstrapAccountDxe
> > > >
> > > >
> > > > **CAUTION: The e-mail below is from an external source. Please
> > > > exercise caution before opening attachments, clicking links, or
> > > > following guidance.**
> > > >
> > > > Hi Abner,
> > > >
> > > > > Ok, then I don't have the problem with invoking GetAuthInfo again.
> > > > However, I
> > > > > will suggest to add more description in GetAuthInfo function
> > > > > header,
> > > > mention that
> > > > > we will keep the auth info in EFI variable until exist boot service.
> > > > > Also, give some more descriptions on the code you invoke to
> > GetAuthInfo.
> > > >
> > > > Thanks for your comment. I add descriptions to explain above
> > > > before calling GetAuthInfo(). Version 2 path is here:
> > > >
> > https://nam11.safelinks.protection.outlook.com/?url=https%3A%2F%2Fedk%
> >
> 2F&data=05%7C02%7Cnicklew%40nvidia.com%7C77f28b71f7a9495ddbb308dc7
> 551a
> >
> 632%7C43083d15727340c1b7db39efd9ccc17a%7C0%7C0%7C638514240788650
> 508%7C
> >
> Unknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6I
> k1h
> >
> aWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=zGjzjMdGhyaOdjd56WA34xO
> 3vKD%2FMa
> > fSZNq0db9fo7k%3D&reserved=0
> > 2
> > >
> > > .groups.io%2Fg%2Fdevel%2Fmessage%2F118889&data=05%7C02%7Cnick
> > lew
> > > %40nvi
> > > >
> > >
> > dia.com%7C10ec4812a68a434b806008dc75445994%7C43083d15727340c
> > 1b7db
> > > 39efd
> > > >
> > >
> > 9ccc17a%7C0%7C0%7C638514183674607956%7CUnknown%7CTWFpbGZs
> > b3d8
> > > eyJWIjoiM
> > > >
> > >
> > C4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7
> > C%7
> > > C%7C
> > > >
> > >
> > &sdata=GNlisCnBmVQRhCLTxICGDsArv%2B64lC%2BkktUMi8Yg%2BJM%3D&r
> > ese
> > > rved=0
> > > >
> > > > Regards,
> > > > Nickle
> > > >
> > > > > -----Original Message-----
> > > > > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of
> > > > > Chang,
> > > > Abner
> > > > > via groups.io
> > > > > Sent: Tuesday, April 23, 2024 3:42 PM
> > > > > To: Nickle Wang <nicklew@nvidia.com>; Igor Kulchytskyy
> > > > > <igork@ami.com>; devel@edk2.groups.io
> > > > > Cc: Nick Ramirez <nramirez@nvidia.com>
> > > > > Subject: Re: [edk2-devel] [edk2-redfish-client][PATCH] RedfishClientPkg:
> > > > > introduce RedfishBootstrapAccountDxe
> > > > >
> > > > > External email: Use caution opening links or attachments
> > > > >
> > > > >
> > > > > [AMD Official Use Only - General]
> > > > >
> > > > > > -----Original Message-----
> > > > > > From: Nickle Wang <nicklew@nvidia.com>
> > > > > > Sent: Tuesday, April 23, 2024 3:09 PM
> > > > > > To: Igor Kulchytskyy <igork@ami.com>; Chang, Abner
> > > > > > <Abner.Chang@amd.com>; devel@edk2.groups.io
> > > > > > Cc: Nick Ramirez <nramirez@nvidia.com>
> > > > > > Subject: RE: [EXTERNAL] RE: [edk2-redfish-client][PATCH]
> > > > RedfishClientPkg:
> > > > > > introduce RedfishBootstrapAccountDxe
> > > > > >
> > > > > > [AMD Official Use Only - General]
> > > > > >
> > > > > > Caution: This message originated from an External Source. Use
> > > > > > proper caution when opening attachments, clicking links, or
> > responding.
> > > > > >
> > > > > >
> > > > > > Hi Igor, Abner,
> > > > > >
> > > > > > Thanks for your review. Please allow me to answer your
> > > > > > questions
> > > > together.
> > > > > >
> > > > > > > 1. We suppose acquire the credential before we start to
> > > > > > > communicate with
> > > > > > Redfish. Will Redfish credential driver create another
> > > > > > bootstrap account here after provisioning?
> > > > > > No, according to the RedfishPlatformCredentialIpmiLib
> > > > > > implementation, Redfish credential driver requests credential
> > > > > > from BMC and will keep it for later use. So only one
> > > > > > credential is requested for BIOS Redfish feature drivers during POST
> time.
> > > > > Ok, then I don't have the problem with invoking GetAuthInfo again.
> > > > However, I
> > > > > will suggest to add more description in GetAuthInfo function
> > > > > header,
> > > > mention that
> > > > > we will keep the auth info in EFI variable until exist boot service.
> > > > > Also, give some more descriptions on the code you invoke to
> > GetAuthInfo.
> > > > >
> > > > > >
> > > > > > > 2. And why do we delete the credential after provisioning?
> > > > > > > How about the
> > > > > > later Redfish property updating process?
> > > > > > In this driver, we listen to "AfterProvisioning" event. And
> > > > > > this is the event triggered after Redfish feature driver finish all jobs.
> > > > > > There is no feature driver which gets executed after this event.
> > > > > > And since we finished all Redfish operations, we remove this
> > > > > > account
> > on
> > > BMC.
> > > > > Then this makes sense to me now.
> > > > >
> > > > > >
> > > > > > > Why do we need to delete those credentials? According to
> > > > > > > spec BMC should
> > > > > > delete the bootstrap credentials automatically on host or service reset.
> > > > > > Yes, bootstrap credentials get deleted on host reset. In
> > > > > > practice, server in datacenter usually takes long time running
> > > > > > under OS before it gets
> > > > > rebooted.
> > > > > > The bootstrap credentials are exposed to end user at
> > > > > > "/redfish/v1/AccountService/Accounts". I got report that there
> > > > > > is concern for end user to see this unused account.
> > > > > This sounds to me reasonable as we will give bootstrap
> > > > > credential a high
> > > > privilege
> > > > > to update Redfish resource. Leave this information in Account
> > > > > service seems
> > > > not a
> > > > > good idea.
> > > > >
> > > > > Thanks
> > > > > Abner
> > > > >
> > > > > >
> > > > > > So, I create this driver to allows us to remove bootstrap
> > > > > > account at BMC after we finish Redfish jobs. And this also
> > > > > > release the BMC account resource since this account won't be
> > > > > > used for a long period of
> > > > time.
> > > > > >
> > > > > > Regards,
> > > > > > Nickle
> > > > > >
> > > > > > > -----Original Message-----
> > > > > > > From: Igor Kulchytskyy <igork@ami.com>
> > > > > > > Sent: Monday, April 22, 2024 11:03 PM
> > > > > > > To: Chang, Abner <Abner.Chang@amd.com>; Nickle Wang
> > > > > > > <nicklew@nvidia.com>; devel@edk2.groups.io
> > > > > > > Cc: Nick Ramirez <nramirez@nvidia.com>
> > > > > > > Subject: RE: [EXTERNAL] RE: [edk2-redfish-client][PATCH]
> > > > RedfishClientPkg:
> > > > > > > introduce RedfishBootstrapAccountDxe
> > > > > > >
> > > > > > > External email: Use caution opening links or attachments
> > > > > > >
> > > > > > >
> > > > > > > Hi Nickle and Abner,
> > > > > > > I also have the same question as Abner.
> > > > > > > Why do we need to delete those credentials?
> > > > > > > According to spec BMC should delete the bootstrap
> > > > > > > credentials automatically
> > > > > > on
> > > > > > > host or service reset.
> > > > > > > Thank you,
> > > > > > > Igor
> > > > > > >
> > > > > > > -----Original Message-----
> > > > > > > From: Chang, Abner <Abner.Chang@amd.com>
> > > > > > > Sent: Sunday, April 21, 2024 10:25 PM
> > > > > > > To: Nickle Wang <nicklew@nvidia.com>; devel@edk2.groups.io
> > > > > > > Cc: Igor Kulchytskyy <igork@ami.com>; Nick Ramirez
> > > > > > <nramirez@nvidia.com>
> > > > > > > Subject: [EXTERNAL] RE: [edk2-redfish-client][PATCH]
> > RedfishClientPkg:
> > > > > > > introduce RedfishBootstrapAccountDxe
> > > > > > >
> > > > > > >
> > > > > > > **CAUTION: The e-mail below is from an external source.
> > > > > > > Please exercise caution before opening attachments, clicking
> > > > > > > links, or following guidance.**
> > > > > > >
> > > > > > > [AMD Official Use Only - General]
> > > > > > >
> > > > > > > Hi Nickle,
> > > > > > > One comment and few questions,
> > > > > > >
> > > > > > > > -----Original Message-----
> > > > > > > > From: Nickle Wang <nicklew@nvidia.com>
> > > > > > > > Sent: Thursday, April 18, 2024 8:28 PM
> > > > > > > > To: devel@edk2.groups.io
> > > > > > > > Cc: Chang, Abner <Abner.Chang@amd.com>; Igor Kulchytskyy
> > > > > > > > <igork@ami.com>; Nick Ramirez <nramirez@nvidia.com>
> > > > > > > > Subject: [edk2-redfish-client][PATCH] RedfishClientPkg:
> > > > > > > > introduce RedfishBootstrapAccountDxe
> > > > > > > >
> > > > > > > > Caution: This message originated from an External Source.
> > > > > > > > Use proper caution when opening attachments, clicking
> > > > > > > > links, or
> > > > responding.
> > > > > > > >
> > > > > > > >
> > > > > > > > -Introduce RedfishBootstrapAccountDxe to delete bootstrap
> > > > > > > > account from /redfish/v1/AccountService/Accounts after
> > > > > > > > BIOS finished all Redfish jobs. The bootstrap account
> > > > > > > > won't be available to other
> > > > application.
> > > > > > > > So deleting bootstrap account helps to release resource at BMC.
> > > > > > > > - After bootstrap account is deleted at BMC, the Redfish
> > > > > > > > service instance is no longer usable. Close Redfish
> > > > > > > > service instance to release the HTTP connection between BIOS and
> BMC.
> > > > > > > >
> > > > > > > > Signed-off-by: Nickle Wang <nicklew@nvidia.com>
> > > > > > > > Cc: Abner Chang <abner.chang@amd.com>
> > > > > > > > Cc: Igor Kulchytskyy <igork@ami.com>
> > > > > > > > Cc: Nick Ramirez <nramirez@nvidia.com>
> > > > > > > > ---
> > > > > > > >  .../RedfishClientComponents.dsc.inc           |   1 +
> > > > > > > >  .../RedfishBootstrapAccountDxe.inf            |  53 +++
> > > > > > > >  .../RedfishBootstrapAccountDxe.h              |  58 ++++
> > > > > > > >  .../RedfishBootstrapAccountDxe.c              | 328
> > ++++++++++++++++++
> > > > > > > >  RedfishClientPkg/RedfishClient.fdf.inc        |   1 +
> > > > > > > >  5 files changed, 441 insertions(+)  create mode 100644
> > > > > > > >
> > > > > >
> > > >
> > RedfishClientPkg/RedfishBootstrapAccountDxe/RedfishBootstrapAccountDxe
> > > > > > > > .inf
> > > > > > > >  create mode 100644
> > > > > > > >
> > > > > >
> > > >
> > RedfishClientPkg/RedfishBootstrapAccountDxe/RedfishBootstrapAccountDxe
> > > > > > > > .h
> > > > > > > >  create mode 100644
> > > > > > > >
> > > > > >
> > > >
> > RedfishClientPkg/RedfishBootstrapAccountDxe/RedfishBootstrapAccountDxe
> > > > > > > > .c
> > > > > > > >
> > > > > > > > diff --git
> > > > > > > > a/RedfishClientPkg/RedfishClientComponents.dsc.inc
> > > > > > > > b/RedfishClientPkg/RedfishClientComponents.dsc.inc
> > > > > > > > index 42fc0c299..fe5248b62 100644
> > > > > > > > --- a/RedfishClientPkg/RedfishClientComponents.dsc.inc
> > > > > > > > +++ b/RedfishClientPkg/RedfishClientComponents.dsc.inc
> > > > > > > > @@ -20,6 +20,7 @@
> > > > > > > >
> > > > RedfishClientPkg/HiiToRedfishMemoryDxe/HiiToRedfishMemoryDxe.inf
> > > > > > > >
> > > > > > > > RedfishClientPkg/HiiToRedfishBootDxe/HiiToRedfishBootDxe.i
> > > > > > > > nf
> > > > > > > >
> > > > > > > > RedfishClientPkg/HiiToRedfishBiosDxe/HiiToRedfishBiosDxe.i
> > > > > > > > nf
> > > > > > > > +
> > > > > > > >
> > > > > >
> > > >
> > RedfishClientPkg/RedfishBootstrapAccountDxe/RedfishBootstrapAccountDxe
> > > > > > > > .inf
> > > > > > > >  !endif
> > > > > > > >    #
> > > > > > > >    # Below two modules should be pulled in by build tool.
> > > > > > > > diff --git
> > > > > > > >
> > > > > >
> > > >
> > a/RedfishClientPkg/RedfishBootstrapAccountDxe/RedfishBootstrapAccountD
> > > > > > > > xe.in
> > > > > > > > f
> > > > > > > >
> > > > > >
> > > >
> > b/RedfishClientPkg/RedfishBootstrapAccountDxe/RedfishBootstrapAccountD
> > > > > > > > xe.in
> > > > > > > > f
> > > > > > > > new file mode 100644
> > > > > > > > index 000000000..4073e95f4
> > > > > > > > --- /dev/null
> > > > > > > > +++
> > > > > > > >
> > > > > >
> > > >
> > b/RedfishClientPkg/RedfishBootstrapAccountDxe/RedfishBootstrapAccountD
> > > > > > > > xe.in
> > > > > > > > f
> > > > > > > > @@ -0,0 +1,53 @@
> > > > > > > > +## @file
> > > > > > > > +#  This driver deletes bootstrap account in BMC after
> > > > > > > > +BIOS Redfish finished #  all jobs # #  (C) Copyright 2021
> > > > > > > > +Hewlett Packard Enterprise Development LP<BR> #
> > > > > > > > +Copyright (c) 2023, NVIDIA CORPORATION & AFFILIATES. All rights
> reserved.
> > > > > > >
> > > > > > >
> > > > > > > Not sure if you want to update the copyright to 2024.
> > > > > > >
> > > > > > >
> > > > > > > > +#
> > > > > > > > +#  SPDX-License-Identifier: BSD-2-Clause-Patent # ##
> > > > > > > > +
> > > > > > > > +[Defines]
> > > > > > > > +  INF_VERSION               = 0x0001000b
> > > > > > > > +  BASE_NAME                 = RedfishBootstrapAccountDxe
> > > > > > > > +  FILE_GUID                 = 87555253-2F7E-45FC-B469-FD35B2E51210
> > > > > > > > +  MODULE_TYPE               = DXE_DRIVER
> > > > > > > > +  VERSION_STRING            = 1.0
> > > > > > > > +  ENTRY_POINT               = RedfishBootstrapAccountEntryPoint
> > > > > > > > +  UNLOAD_IMAGE              = RedfishBootstrapAccountUnload
> > > > > > > > +
> > > > > > > > +[Packages]
> > > > > > > > +  MdePkg/MdePkg.dec
> > > > > > > > +  MdeModulePkg/MdeModulePkg.dec
> > > > > > > > +  RedfishPkg/RedfishPkg.dec
> > > > > > > > +  RedfishClientPkg/RedfishClientPkg.dec
> > > > > > > > +
> > > > > > > > +[Sources]
> > > > > > > > +  RedfishBootstrapAccountDxe.h
> > > > > > > > +  RedfishBootstrapAccountDxe.c
> > > > > > > > +
> > > > > > > > +[LibraryClasses]
> > > > > > > > +  BaseLib
> > > > > > > > +  BaseMemoryLib
> > > > > > > > +  DebugLib
> > > > > > > > +  MemoryAllocationLib
> > > > > > > > +  PrintLib
> > > > > > > > +  RedfishEventLib
> > > > > > > > +  RedfishFeatureUtilityLib
> > > > > > > > +  RedfishDebugLib
> > > > > > > > +  RedfishVersionLib
> > > > > > > > +  RedfishHttpLib
> > > > > > > > +  UefiLib
> > > > > > > > +  UefiBootServicesTableLib
> > > > > > > > +  UefiRuntimeServicesTableLib
> > > > > > > > +  UefiDriverEntryPoint
> > > > > > > > +
> > > > > > > > +[Protocols]
> > > > > > > > +  gEdkIIRedfishConfigHandlerProtocolGuid  ## CONSUMES ##
> > > > > > > > +  gEdkIIRedfishCredentialProtocolGuid     ## CONSUMES ##
> > > > > > > > +  gEfiRestExProtocolGuid                  ## CONSUMES ##
> > > > > > > > +
> > > > > > > > +[Depex]
> > > > > > > > +  gEdkIIRedfishCredentialProtocolGuid
> > > > > > > > diff --git
> > > > > > > >
> > > > > >
> > > >
> > a/RedfishClientPkg/RedfishBootstrapAccountDxe/RedfishBootstrapAccountD
> > > > > > > > xe.h
> > > > > > > >
> > > > > >
> > > >
> > b/RedfishClientPkg/RedfishBootstrapAccountDxe/RedfishBootstrapAccountD
> > > > > > > > xe.h
> > > > > > > > new file mode 100644
> > > > > > > > index 000000000..5262f1e6b
> > > > > > > > --- /dev/null
> > > > > > > > +++
> > > > > > > >
> > > > > >
> > > >
> > b/RedfishClientPkg/RedfishBootstrapAccountDxe/RedfishBootstrapAccountD
> > > > > > > > xe.h
> > > > > > > > @@ -0,0 +1,58 @@
> > > > > > > > +/** @file
> > > > > > > > +  Common header file for RedfishBootstrapAccountDxe driver.
> > > > > > > > +
> > > > > > > > +  (C) Copyright 2021-2022 Hewlett Packard Enterprise
> > > > > > > > + Development LP<BR>  Copyright (c) 2023, NVIDIA
> > > > > > > > + CORPORATION
> > &
> > > > > > > > + AFFILIATES. All
> > > > > > rights
> > > > > > > reserved.
> > > > > > > > +
> > > > > > > > +  SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > > > > +
> > > > > > > > +**/
> > > > > > > > +
> > > > > > > > +#ifndef REDFISH_BOOTSTRAP_ACCOUNT_DXE_H_ #define
> > > > > > > > +REDFISH_BOOTSTRAP_ACCOUNT_DXE_H_
> > > > > > > > +
> > > > > > > > +#include <Uefi.h>
> > > > > > > > +#include <RedfishBase.h>
> > > > > > > > +
> > > > > > > > +//
> > > > > > > > +// Libraries
> > > > > > > > +//
> > > > > > > > +#include <Library/BaseLib.h> #include
> > > > > > > > +<Library/BaseMemoryLib.h> #include <Library/DebugLib.h>
> > > > > > > > +
> > > > > > > > +#include <Library/MemoryAllocationLib.h> #include
> > > > > > > > +<Library/PrintLib.h> #include <Library/RedfishEventLib.h>
> > > > > > > > +#include <Library/RedfishFeatureUtilityLib.h>
> > > > > > > > +#include <Library/RedfishDebugLib.h> #include
> > > > > > > > +<Library/RedfishVersionLib.h> #include
> > > > > > > > +<Library/RedfishHttpLib.h> #include
> > > > > > > > +<Library/UefiBootServicesTableLib.h>
> > > > > > > > +#include <Library/UefiDriverEntryPoint.h> #include
> > > > > > > > +<Library/UefiLib.h> #include
> > > > > > > > +<Library/UefiRuntimeServicesTableLib.h>
> > > > > > > > +
> > > > > > > > +#include <Protocol/EdkIIRedfishConfigHandler.h>
> > > > > > > > +#include <Protocol/EdkIIRedfishCredential.h>
> > > > > > > > +#include <Protocol/RestEx.h>
> > > > > > > > +
> > > > > > > > +#define REDFISH_BOOTSTRAP_ACCOUNT_DEBUG
> > > > DEBUG_VERBOSE
> > > > > > > > +#define REDFISH_MANAGER_ACCOUNT_COLLECTION_URI
> > > > > > > > L"AccountService/Accounts"
> > > > > > > > +#define REDFISH_URI_LENGTH                      128
> > > > > > > > +
> > > > > > > > +//
> > > > > > > > +// Definitions of REDFISH_BOOTSTRAP_ACCOUNT_PRIVATE //
> > > > > > > > +typedef
> > > > > > struct
> > > > > > > > +{
> > > > > > > > +  EFI_HANDLE                               ImageHandle;
> > > > > > > > +  EFI_HANDLE                               RestExHandle;
> > > > > > > > +  REDFISH_SERVICE                          RedfishService;
> > > > > > > > +  EFI_EVENT                                RedfishEvent;
> > > > > > > > +  EDKII_REDFISH_CONFIG_HANDLER_PROTOCOL    Protocol;
> > > > > > > > +} REDFISH_BOOTSTRAP_ACCOUNT_PRIVATE;
> > > > > > > > +
> > > > > > > > +#define
> > > > > > REDFISH_BOOTSTRAP_ACCOUNT_PRIVATE_FROM_PROTOCOL(This) \
> > > > > > > > +          BASE_CR ((This),
> > > > > > > > +REDFISH_BOOTSTRAP_ACCOUNT_PRIVATE,
> > > > > > > > +Protocol)
> > > > > > > > +
> > > > > > > > +#endif
> > > > > > > > diff --git
> > > > > > > >
> > > > > >
> > > >
> > a/RedfishClientPkg/RedfishBootstrapAccountDxe/RedfishBootstrapAccountD
> > > > > > > > xe.c
> > > > > > > >
> > > > > >
> > > >
> > b/RedfishClientPkg/RedfishBootstrapAccountDxe/RedfishBootstrapAccountD
> > > > > > > > xe.c
> > > > > > > > new file mode 100644
> > > > > > > > index 000000000..6fe4856f8
> > > > > > > > --- /dev/null
> > > > > > > > +++
> > > > > > > >
> > > > > >
> > > >
> > b/RedfishClientPkg/RedfishBootstrapAccountDxe/RedfishBootstrapAccountD
> > > > > > > > xe.c
> > > > > > > > @@ -0,0 +1,328 @@
> > > > > > > > +/** @file
> > > > > > > > +  This driver deletes bootstrap account in BMC after BIOS
> > > > > > > > +Redfish finished
> > > > > > > > +  all jobs.
> > > > > > > > +
> > > > > > > > +  (C) Copyright 2021-2022 Hewlett Packard Enterprise
> > > > > > > > + Development LP<BR>  Copyright (c) 2023, NVIDIA
> > > > > > > > + CORPORATION
> > &
> > > > > > > > + AFFILIATES. All
> > > > > > rights
> > > > > > > reserved.
> > > > > > > > +
> > > > > > > > +  SPDX-License-Identifier: BSD-2-Clause-Patent
> > > > > > > > +
> > > > > > > > +**/
> > > > > > > > +
> > > > > > > > +#include "RedfishBootstrapAccountDxe.h"
> > > > > > > > +
> > > > > > > > +REDFISH_BOOTSTRAP_ACCOUNT_PRIVATE  *mBootstrapPrivate =
> > > > NULL;
> > > > > > > > +
> > > > > > > > +/**
> > > > > > > > +  Close Redfish service instance by calling RestEx
> > > > > > > > +protocol to release
> > > > > > instance.
> > > > > > > > +
> > > > > > > > +  @param[in]  RestExHandle      Handle of RestEx protocol.
> > > > > > > > +
> > > > > > > > +  @retval EFI_SUCCESS           The Redfish service is closed
> > successfully.
> > > > > > > > +  @retval EFI_INVALID_PARAMETER RestExHandle is NULL.
> > > > > > > > +  @retval Others                Error occurs.
> > > > > > > > +
> > > > > > > > +**/
> > > > > > > > +EFI_STATUS
> > > > > > > > +CloseRedfishService (
> > > > > > > > +  IN EFI_HANDLE  RestExHandle
> > > > > > > > +  )
> > > > > > > > +{
> > > > > > > > +  EFI_REST_EX_PROTOCOL  *RestEx;
> > > > > > > > +  EFI_STATUS            Status;
> > > > > > > > +
> > > > > > > > +  if (RestExHandle == NULL) {
> > > > > > > > +    return EFI_INVALID_PARAMETER;  }
> > > > > > > > +
> > > > > > > > +  Status = gBS->HandleProtocol (
> > > > > > > > +                  RestExHandle,
> > > > > > > > +                  &gEfiRestExProtocolGuid,
> > > > > > > > +                  (VOID **)&RestEx
> > > > > > > > +                  );
> > > > > > > > +  if (!EFI_ERROR (Status)) {
> > > > > > > > +    Status = RestEx->Configure (RestEx, NULL);
> > > > > > > > +    DEBUG ((REDFISH_BOOTSTRAP_ACCOUNT_DEBUG, "%a: release
> > > > RestEx
> > > > > > > > instance: %r\n", __func__, Status));
> > > > > > > > +  }
> > > > > > > > +
> > > > > > > > +  return Status;
> > > > > > > > +}
> > > > > > > > +
> > > > > > > > +/**
> > > > > > > > +  Callback function executed when the AfterProvisioning
> > > > > > > > +event group is
> > > > > > > > signaled.
> > > > > > > > +
> > > > > > > > +  @param[in]   Event    Event whose notification function is being
> > > > invoked.
> > > > > > > > +  @param[out]  Context  Pointer to the Context buffer
> > > > > > > > +
> > > > > > > > +**/
> > > > > > > > +VOID
> > > > > > > > +EFIAPI
> > > > > > > > +RedfishBootstrapAccountOnRedfishAfterProvisioning (
> > > > > > > > +  IN  EFI_EVENT  Event,
> > > > > > > > +  OUT VOID       *Context
> > > > > > > > +  )
> > > > > > > > +{
> > > > > > > > +  EFI_STATUS                         Status;
> > > > > > > > +  REDFISH_BOOTSTRAP_ACCOUNT_PRIVATE  *Private;
> > > > > > > > +  EDKII_REDFISH_CREDENTIAL_PROTOCOL  *credentialProtocol;
> > > > > > > > +  EDKII_REDFISH_AUTH_METHOD          AuthMethod;
> > > > > > > > +  CHAR8                              *AccountName;
> > > > > > > > +  CHAR8                              *AccountCredential;
> > > > > > > > +  CHAR16                             TargetUri[REDFISH_URI_LENGTH];
> > > > > > > > +  CHAR16                             *RedfishVersion;
> > > > > > > > +  REDFISH_RESPONSE                   RedfishResponse;
> > > > > > > > +
> > > > > > > > +  RedfishVersion = NULL;
> > > > > > > > +
> > > > > > > > +  Private = (REDFISH_BOOTSTRAP_ACCOUNT_PRIVATE *)Context;
> > if
> > > > > > > > + ((Private == NULL) || (Private->RedfishService == NULL)) {
> > > > > > > > +    DEBUG ((DEBUG_ERROR, "%a: Redfish service is not
> > > > > > > > + available\n",
> > > > > > > > __func__));
> > > > > > > > +    return;
> > > > > > > > +  }
> > > > > > > > +
> > > > > > > > +  //
> > > > > > > > +  // Locate Redfish Credential Protocol to get credential
> > > > > > > > + for // accessing to Redfish service.
> > > > > > > > +  //
> > > > > > > > +  Status = gBS->LocateProtocol (
> > > > > > > > +                  &gEdkIIRedfishCredentialProtocolGuid,
> > > > > > > > +                  NULL,
> > > > > > > > +                  (VOID **)&credentialProtocol
> > > > > > > > +                  );
> > > > > > > > +  if (EFI_ERROR (Status)) {
> > > > > > > > +    DEBUG ((REDFISH_BOOTSTRAP_ACCOUNT_DEBUG, "%a: No
> > Redfish
> > > > > > > > Credential Protocol is installed on system.", __func__));
> > > > > > > > +    return;
> > > > > > > > +  }
> > > > > > > > +
> > > > > > > > +  Status = credentialProtocol->GetAuthInfo (
> > > > > > > > +                                 credentialProtocol,
> > > > > > > > +                                 &AuthMethod,
> > > > > > > > +                                 &AccountName,
> > > > > > > > +                                 &AccountCredential
> > > > > > > > +                                 );
> > > > > > >
> > > > > > > HI Nickle, I am not quite understand why do we acquire a
> > > > > > > credential here but delete it from the Redfish account
> > > > > > > service here
> > after
> > > provision.
> > > > > > > 1. We suppose acquire the credential before we start to
> > > > > > > communicate with Redfish. Will Redfish credential driver
> > > > > > > create another bootstrap account here after provisioning?
> > > > > > > 2. And why do we delete the credential after provisioning?
> > > > > > > How about the
> > > > > > later
> > > > > > > Redfish property updating process?
> > > > > > > Or do I misunderstand the code logic?
> > > > > > >
> > > > > > > Regards,
> > > > > > > Abner
> > > > > > >
> > > > > > > > +  if (EFI_ERROR (Status)) {
> > > > > > > > +    DEBUG ((DEBUG_ERROR, "%a: can not get bootstrap
> > > > > > > > + account
> > > > > > information:
> > > > > > > > %r\n", __func__, Status));
> > > > > > > > +    return;
> > > > > > > > +  }
> > > > > > > > +
> > > > > > > > +  //
> > > > > > > > +  // Carving the URI
> > > > > > > > +  //
> > > > > > > > +  RedfishVersion = RedfishGetVersion
> > > > > > > > + (Private->RedfishService); if (RedfishVersion == NULL) {
> > > > > > > > +    DEBUG ((DEBUG_ERROR, "%a: can not get Redfish
> > > > > > > > + version\n",
> > > > > > __func__));
> > > > > > > > +    return;
> > > > > > > > +  }
> > > > > > > > +
> > > > > > > > +  UnicodeSPrint (TargetUri, (sizeof (CHAR16) *
> > > > > > > > + REDFISH_URI_LENGTH),
> > > > > > > > L"%s%s/%a", RedfishVersion,
> > > > > > > REDFISH_MANAGER_ACCOUNT_COLLECTION_URI,
> > > > > > > > AccountName);
> > > > > > > > +
> > > > > > > > +  DEBUG ((REDFISH_BOOTSTRAP_ACCOUNT_DEBUG, "%a:
> > bootstrap
> > > > > > account:
> > > > > > > > %a\n", __func__, AccountName));
> > > > > > > > +  DEBUG ((REDFISH_BOOTSTRAP_ACCOUNT_DEBUG, "%a:
> > bootstrap
> > > > > > > > credential: %a\n", __func__, AccountCredential));
> > > > > > > > +  DEBUG ((REDFISH_BOOTSTRAP_ACCOUNT_DEBUG, "%a:
> > bootstrap
> > > > URI:
> > > > > > > > %s\n", __func__, TargetUri));
> > > > > > > > +
> > > > > > > > +  //
> > > > > > > > +  // Remove bootstrap account at
> > > > > > > > + /redfish/v1/AccountService/Account
> > > > > > > > +  //
> > > > > > > > +  ZeroMem (&RedfishResponse, sizeof (REDFISH_RESPONSE));
> > > > > > > > + Status = RedfishHttpDeleteResource (
> > > > > > > > +             Private->RedfishService,
> > > > > > > > +             TargetUri,
> > > > > > > > +             &RedfishResponse
> > > > > > > > +             );
> > > > > > > > +  if (EFI_ERROR (Status)) {
> > > > > > > > +    DEBUG ((DEBUG_ERROR, "%a: can not remove bootstrap
> > > > > > > > + account at
> > > > > > BMC:
> > > > > > > > %r", __func__, Status));
> > > > > > > > +    DumpRedfishResponse (__func__, DEBUG_ERROR,
> > > > > > &RedfishResponse);  }
> > > > > > > > + else {
> > > > > > > > +    DEBUG ((REDFISH_BOOTSTRAP_ACCOUNT_DEBUG, "%a:
> > bootstrap
> > > > > > > account:
> > > > > > > > %a is removed from: %s\n", __func__, AccountName,
> > > > > > > > REDFISH_MANAGER_ACCOUNT_COLLECTION_URI));
> > > > > > > > +  }
> > > > > > > > +
> > > > > > > > +  //
> > > > > > > > +  // Clean credential
> > > > > > > > +  //
> > > > > > > > +  ZeroMem (AccountName, AsciiStrSize (AccountName));
> > ZeroMem
> > > > > > > > + (AccountCredential, AsciiStrSize (AccountCredential));
> > > > > > > > +
> > > > > > > > +  //
> > > > > > > > +  // Since the bootstrap account is deleted at BMC, the
> > > > > > > > + Redfish service instance
> > > > > > > > is no longer usable.
> > > > > > > > +  // Close Redfish service instance to release the HTTP
> > > > > > > > + connection between
> > > > > > > > BIOS and BMC.
> > > > > > > > +  //
> > > > > > > > +  Status = CloseRedfishService (Private->RestExHandle);
> > > > > > > > + if (EFI_ERROR (Status)) {
> > > > > > > > +    DEBUG ((DEBUG_ERROR, "%a: cannot close Redfish
> > > > > > > > + service
> > instance:
> > > > > > > > + %r\n",
> > > > > > > > __func__, Status));
> > > > > > > > +  }
> > > > > > > > +
> > > > > > > > +  RedfishHttpFreeResponse (&RedfishResponse);
> > > > > > > > +
> > > > > > > > +  return;
> > > > > > > > +}
> > > > > > > > +
> > > > > > > > +/**
> > > > > > > > +  Initialize a Redfish configure handler.
> > > > > > > > +
> > > > > > > > +  This function will be called by the Redfish config
> > > > > > > > + driver to initialize each
> > > > > > > > Redfish configure
> > > > > > > > +  handler.
> > > > > > > > +
> > > > > > > > +  @param[in]   This                     Pointer to
> > > > > > > > EDKII_REDFISH_CONFIG_HANDLER_PROTOCOL instance.
> > > > > > > > +  @param[in]   RedfishConfigServiceInfo Redfish service
> > informaiton.
> > > > > > > > +
> > > > > > > > +  @retval EFI_SUCCESS                  The handler has been initialized
> > > > > > successfully.
> > > > > > > > +  @retval EFI_DEVICE_ERROR             Failed to create or configure
> the
> > > > REST
> > > > > > EX
> > > > > > > > protocol instance.
> > > > > > > > +  @retval EFI_ALREADY_STARTED          This handler has already
> been
> > > > > > > > initialized.
> > > > > > > > +  @retval Other                        Error happens during the initialization.
> > > > > > > > +
> > > > > > > > +**/
> > > > > > > > +EFI_STATUS
> > > > > > > > +EFIAPI
> > > > > > > > +RedfishBootstrapAccountInit (
> > > > > > > > +  IN  EDKII_REDFISH_CONFIG_HANDLER_PROTOCOL  *This,
> > > > > > > > +  IN  REDFISH_CONFIG_SERVICE_INFORMATION
> > > > > > *RedfishConfigServiceInfo
> > > > > > > > +  )
> > > > > > > > +{
> > > > > > > > +  REDFISH_BOOTSTRAP_ACCOUNT_PRIVATE  *Private;
> > > > > > > > +
> > > > > > > > +  Private =
> > > > REDFISH_BOOTSTRAP_ACCOUNT_PRIVATE_FROM_PROTOCOL
> > > > > > > > (This);
> > > > > > > > +
> > > > > > > > +  Private->RedfishService = RedfishCreateService
> > > > > > > > + (RedfishConfigServiceInfo);  if (Private->RedfishService == NULL) {
> > > > > > > > +    return EFI_DEVICE_ERROR;  }
> > > > > > > > +
> > > > > > > > +  Private->RestExHandle = RedfishConfigServiceInfo-
> > > > > > > > >RedfishServiceRestExHandle;
> > > > > > > > +
> > > > > > > > +  return EFI_SUCCESS;
> > > > > > > > +}
> > > > > > > > +
> > > > > > > > +/**
> > > > > > > > +  Stop a Redfish configure handler.
> > > > > > > > +
> > > > > > > > +  @param[in]   This                Pointer to
> > > > > > > > EDKII_REDFISH_CONFIG_HANDLER_PROTOCOL instance.
> > > > > > > > +
> > > > > > > > +  @retval EFI_SUCCESS              This handler has been stoped
> > > > successfully.
> > > > > > > > +  @retval Others                   Some error happened.
> > > > > > > > +
> > > > > > > > +**/
> > > > > > > > +EFI_STATUS
> > > > > > > > +EFIAPI
> > > > > > > > +RedfishBootstrapAccountStop (
> > > > > > > > +  IN  EDKII_REDFISH_CONFIG_HANDLER_PROTOCOL  *This
> > > > > > > > +  )
> > > > > > > > +{
> > > > > > > > +  REDFISH_BOOTSTRAP_ACCOUNT_PRIVATE  *Private;
> > > > > > > > +
> > > > > > > > +  Private =
> > > > REDFISH_BOOTSTRAP_ACCOUNT_PRIVATE_FROM_PROTOCOL
> > > > > > > > (This);
> > > > > > > > +
> > > > > > > > +  if (Private->RedfishService != NULL) {
> > > > > > > > +    RedfishCleanupService (Private->RedfishService);
> > > > > > > > +    Private->RedfishService = NULL;  }
> > > > > > > > +
> > > > > > > > +  return EFI_SUCCESS;
> > > > > > > > +}
> > > > > > > > +
> > > > > > > > +EDKII_REDFISH_CONFIG_HANDLER_PROTOCOL
> > > > mRedfishConfigHandler =
> > > > > > {
> > > > > > > > +  RedfishBootstrapAccountInit,
> > > > > > > > + RedfishBootstrapAccountStop };
> > > > > > > > +
> > > > > > > > +/**
> > > > > > > > +  Unloads an image.
> > > > > > > > +
> > > > > > > > +  @param[in]  ImageHandle           Handle that identifies the image
> to
> > > be
> > > > > > > > unloaded.
> > > > > > > > +
> > > > > > > > +  @retval EFI_SUCCESS           The image has been unloaded.
> > > > > > > > +  @retval EFI_INVALID_PARAMETER ImageHandle is not a
> > > > > > > > + valid image
> > > > > > handle.
> > > > > > > > +
> > > > > > > > +**/
> > > > > > > > +EFI_STATUS
> > > > > > > > +EFIAPI
> > > > > > > > +RedfishBootstrapAccountUnload (
> > > > > > > > +  IN EFI_HANDLE  ImageHandle
> > > > > > > > +  )
> > > > > > > > +{
> > > > > > > > +  EFI_STATUS  Status;
> > > > > > > > +
> > > > > > > > +  if (mBootstrapPrivate == NULL) {
> > > > > > > > +    return EFI_SUCCESS;
> > > > > > > > +  }
> > > > > > > > +
> > > > > > > > +  if (mBootstrapPrivate->RedfishEvent != NULL) {
> > > > > > > > +    gBS->CloseEvent (mBootstrapPrivate->RedfishEvent);
> > > > > > > > +  }
> > > > > > > > +
> > > > > > > > +  Status = gBS->UninstallProtocolInterface (
> > > > > > > > +                  mBootstrapPrivate->ImageHandle,
> > > > > > > > +                  &gEdkIIRedfishConfigHandlerProtocolGuid,
> > > > > > > > +                  (VOID *)&mBootstrapPrivate->Protocol
> > > > > > > > +                  );
> > > > > > > > +  if (EFI_ERROR (Status)) {
> > > > > > > > +    DEBUG ((DEBUG_ERROR, "%a: can not uninstall Redfish
> > > > > > > > + config handler
> > > > > > > > protocol: %r\n", __func__, Status));
> > > > > > > > +  }
> > > > > > > > +
> > > > > > > > +  FreePool (mBootstrapPrivate);  mBootstrapPrivate =
> > > > > > > > + NULL;
> > > > > > > > +
> > > > > > > > +  return EFI_SUCCESS;
> > > > > > > > +}
> > > > > > > > +
> > > > > > > > +/**
> > > > > > > > +  This is the declaration of an EFI image entry point.
> > > > > > > > +This entry point is
> > > > > > > > +  the same for UEFI Applications, UEFI OS Loaders, and
> > > > > > > > +UEFI Drivers including
> > > > > > > > +  both device drivers and bus drivers.
> > > > > > > > +
> > > > > > > > +  @param[in]  ImageHandle       The firmware allocated handle for
> > the
> > > > UEFI
> > > > > > > > image.
> > > > > > > > +  @param[in]  SystemTable       A pointer to the EFI System Table.
> > > > > > > > +
> > > > > > > > +  @retval EFI_SUCCESS           The operation completed successfully.
> > > > > > > > +  @retval Others                An unexpected error occurred.
> > > > > > > > +**/
> > > > > > > > +EFI_STATUS
> > > > > > > > +EFIAPI
> > > > > > > > +RedfishBootstrapAccountEntryPoint (
> > > > > > > > +  IN EFI_HANDLE        ImageHandle,
> > > > > > > > +  IN EFI_SYSTEM_TABLE  *SystemTable
> > > > > > > > +  )
> > > > > > > > +{
> > > > > > > > +  EFI_STATUS  Status;
> > > > > > > > +
> > > > > > > > +  if (mBootstrapPrivate != NULL) {
> > > > > > > > +    return EFI_ALREADY_STARTED;  }
> > > > > > > > +
> > > > > > > > +  mBootstrapPrivate = AllocateZeroPool (sizeof
> > > > > > > > (REDFISH_BOOTSTRAP_ACCOUNT_PRIVATE));
> > > > > > > > +  if (mBootstrapPrivate == NULL) {
> > > > > > > > +    return EFI_OUT_OF_RESOURCES;  }
> > > > > > > > +
> > > > > > > > +  CopyMem (&mBootstrapPrivate->Protocol,
> > > > &mRedfishConfigHandler,
> > > > > > > > + sizeof
> > > > > > > > (EDKII_REDFISH_CONFIG_HANDLER_PROTOCOL));
> > > > > > > > +  Status = gBS->InstallProtocolInterface (
> > > > > > > > +                  &ImageHandle,
> > > > > > > > +                  &gEdkIIRedfishConfigHandlerProtocolGuid,
> > > > > > > > +                  EFI_NATIVE_INTERFACE,
> > > > > > > > +                  &mBootstrapPrivate->Protocol
> > > > > > > > +                  );
> > > > > > > > +  if (EFI_ERROR (Status)) {
> > > > > > > > +    DEBUG ((DEBUG_ERROR, "%a: can not install Redfish
> > > > > > > > + config handler
> > > > > > > > protocol: %r\n", __func__, Status));
> > > > > > > > +    goto ON_ERROR;
> > > > > > > > +  }
> > > > > > > > +
> > > > > > > > +  //
> > > > > > > > +  // Register after provisioning event to remove bootstrap account.
> > > > > > > > +  //
> > > > > > > > +  Status = CreateAfterProvisioningEvent (
> > > > > > > > +             RedfishBootstrapAccountOnRedfishAfterProvisioning,
> > > > > > > > +             (VOID *)mBootstrapPrivate,
> > > > > > > > +             &mBootstrapPrivate->RedfishEvent
> > > > > > > > +             );
> > > > > > > > +  if (EFI_ERROR (Status)) {
> > > > > > > > +    DEBUG ((DEBUG_ERROR, "%a: failed to register
> > > > > > > > + after-provisioning
> > > > > > event:
> > > > > > > > %r\n", __func__, Status));
> > > > > > > > +    goto ON_ERROR;
> > > > > > > > +  }
> > > > > > > > +
> > > > > > > > +  return EFI_SUCCESS;
> > > > > > > > +
> > > > > > > > +ON_ERROR:
> > > > > > > > +
> > > > > > > > +  RedfishBootstrapAccountUnload (ImageHandle);
> > > > > > > > +
> > > > > > > > +  return Status;
> > > > > > > > +}
> > > > > > > > diff --git a/RedfishClientPkg/RedfishClient.fdf.inc
> > > > > > > > b/RedfishClientPkg/RedfishClient.fdf.inc
> > > > > > > > index 154f641b2..47e5093f2 100644
> > > > > > > > --- a/RedfishClientPkg/RedfishClient.fdf.inc
> > > > > > > > +++ b/RedfishClientPkg/RedfishClient.fdf.inc
> > > > > > > > @@ -15,6 +15,7 @@
> > > > > > > >    INF
> > > > RedfishClientPkg/RedfishFeatureCoreDxe/RedfishFeatureCoreDxe.inf
> > > > > > > >    INF RedfishClientPkg/RedfishETagDxe/RedfishETagDxe.inf
> > > > > > > >    INF
> > > > > > > >
> > > > > >
> > > >
> > RedfishClientPkg/RedfishConfigLangMapDxe/RedfishConfigLangMapDxe.inf
> > > > > > > > +  INF
> > > > > > > >
> > > > > > >
> > > > > >
> > > >
> > RedfishClientPkg/RedfishBootstrapAccountDxe/RedfishBootstrapAccountDxe
> > > > > > .inf
> > > > > > > >    INF
> > > > RedfishClientPkg/Features/Memory/V1_7_1/Dxe/MemoryDxe.inf
> > > > > > > >    INF
> > > > > > > >
> > > > > >
> > > >
> > RedfishClientPkg/Features/MemoryCollectionDxe/MemoryCollectionDxe.inf
> > > > > > > >    INF
> > > > > > > >
> > > > > > >
> > > > > >
> > > >
> > RedfishClientPkg/Features/ComputerSystem/v1_5_0/Dxe/ComputerSystemD
> > > > > > xe.
> > > > > > > > i
> > > > > > > > nf
> > > > > > > > --
> > > > > > > > 2.34.1
> > > > > > >
> > > > > > > -The information contained in this message may be
> > > > > > > confidential and
> > > > > > proprietary
> > > > > > > to American Megatrends (AMI). This communication is intended
> > > > > > > to be read
> > > > > > only by
> > > > > > > the individual or entity to whom it is addressed or by their
> > > > > > > designee. If the
> > > > > > reader
> > > > > > > of this message is not the intended recipient, you are on
> > > > > > > notice that any distribution of this message, in any form,
> > > > > > > is strictly prohibited. Please
> > > > > > promptly
> > > > > > > notify the sender by reply e-mail or by telephone at
> > > > > > > 770-246-8600, and
> > > > > > then
> > > > > > > delete or destroy all copies of the transmission.
> > > > >
> > > > >
> > > > > 
> > > > >
> > > >
> > > > -The information contained in this message may be confidential and
> > > > proprietary to American Megatrends (AMI). This communication is
> > > > intended to be read only by the individual or entity to whom it is
> > > > addressed or by their designee. If the reader of this message is
> > > > not the intended recipient, you are on notice that any
> > > > distribution of this message, in any form, is strictly prohibited.
> > > > Please promptly notify the sender by reply e-mail or by telephone
> > > > at 770-246-8600, and
> > then
> > > delete or destroy all copies of the transmission.


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118947): https://edk2.groups.io/g/devel/message/118947
Mute This Topic: https://groups.io/mt/105596648/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-