RedfishPkg: PlatformHostInterfaceBmcUsbNicLib: use credential protocol

This patch replaces call of IpmiSubmitCommand() issued
REDFISH_IPMI_BOOTSTRAP_CREDENTIAL_ENABLE IPMI command to check
whether bootstrap credential support enabled or not.
The problem is that in accordance with IPMI spec while handling
such command BMC creates bootstrap account. The credentials of this account
is returned as a response. Obviously in this code the response is not used.
From the other side there is an implementation
of EDKII_REDFISH_CREDENTIAL_PROTOCOL exists and used by
RedfishPlatformCredentialIpmiLib.

By design RedfishPlatformCredentialIpmiLib keeps returned bootstrap
credentials and uses it later. So all services using
EDKII_REDFISH_CREDENTIAL_PROTOCOL instance operates with a same
credentials.
Current design of PlatformHostInterfaceBmcUsbNicLib leads to creation
of two bootstrap accounts on BMC side. This is on nesseccary and one
account is not used at all.

Using EDKII_REDFISH_CREDENTIAL_PROTOCOL prevents from creating useless
bootstrap account on BMC side.

Signed-off-by: Mike Maslenkin <mike.maslenkin@gmail.com>

diff --git a/RedfishPkg/Library/PlatformHostInterfaceBmcUsbNicLib/PlatformHostInterfaceBmcUsbNicLib.c b/RedfishPkg/Library/PlatformHostInterfaceBmcUsbNicLib/PlatformHostInterfaceBmcUsbNicLib.c
index 6cb5a4b5a1340749c86160a4e924738fa91e8d6c..5c3f8f9c5031ffe3c1ce4ad7ac40a345db236992 100644 (file)
--- a/RedfishPkg/Library/PlatformHostInterfaceBmcUsbNicLib/PlatformHostInterfaceBmcUsbNicLib.c
+++ b/RedfishPkg/Library/PlatformHostInterfaceBmcUsbNicLib/PlatformHostInterfaceBmcUsbNicLib.c
@@ -23,7 +23,7 @@ static LIST_ENTRY  mBmcIpmiLan;
   Bootstrapping.\r
 \r
   @retval TRUE   Yes, it is supported.\r
-          TRUE   No, it is not supported.\r
+          FALSE  No, it is not supported.\r
 \r
 **/\r
 BOOLEAN\r
@@ -31,47 +31,53 @@ ProbeRedfishCredentialBootstrap (
   VOID\r
   )\r
 {\r
-  EFI_STATUS                                  Status;\r
-  IPMI_BOOTSTRAP_CREDENTIALS_COMMAND_DATA     CommandData;\r
-  IPMI_BOOTSTRAP_CREDENTIALS_RESULT_RESPONSE  ResponseData;\r
-  UINT32                                      ResponseSize;\r
-  BOOLEAN                                     ReturnBool;\r
+  EDKII_REDFISH_AUTH_METHOD           AuthMethod;\r
+  EDKII_REDFISH_CREDENTIAL2_PROTOCOL  *CredentialProtocol;\r
+  CHAR8                               *UserName;\r
+  CHAR8                               *Password;\r
+  BOOLEAN                             ReturnBool;\r
+  EFI_STATUS                          Status;\r
 \r
   DEBUG ((DEBUG_MANAGEABILITY, "%a: Entry\n", __func__));\r
 \r
+  ReturnBool = FALSE;\r
   //\r
-  // IPMI callout to NetFn 2C, command 02\r
-  //    Request data:\r
-  //      Byte 1: REDFISH_IPMI_GROUP_EXTENSION\r
-  //      Byte 2: DisableBootstrapControl\r
+  // Locate HII credential protocol.\r
   //\r
-  CommandData.GroupExtensionId        = REDFISH_IPMI_GROUP_EXTENSION;\r
-  CommandData.DisableBootstrapControl = REDFISH_IPMI_BOOTSTRAP_CREDENTIAL_ENABLE;\r
-  ResponseData.CompletionCode         = IPMI_COMP_CODE_UNSPECIFIED;\r
-  ResponseSize                        = sizeof (ResponseData);\r
-  //\r
-  //  Response data: Ignored.\r
-  //\r
-  Status = IpmiSubmitCommand (\r
-             IPMI_NETFN_GROUP_EXT,\r
-             REDFISH_IPMI_GET_BOOTSTRAP_CREDENTIALS_CMD,\r
-             (UINT8 *)&CommandData,\r
-             sizeof (CommandData),\r
-             (UINT8 *)&ResponseData,\r
-             &ResponseSize\r
-             );\r
-  if (!EFI_ERROR (Status) &&\r
-      ((ResponseData.CompletionCode == IPMI_COMP_CODE_NORMAL) ||\r
-       (ResponseData.CompletionCode == REDFISH_IPMI_COMP_CODE_BOOTSTRAP_CREDENTIAL_DISABLED)\r
-      ))\r
-  {\r
-    DEBUG ((DEBUG_REDFISH_HOST_INTERFACE, "    Redfish Credential Bootstrapping is supported\n"));\r
+  Status = gBS->LocateProtocol (\r
+                  &gEdkIIRedfishCredential2ProtocolGuid,\r
+                  NULL,\r
+                  (VOID **)&CredentialProtocol\r
+                  );\r
+  if (EFI_ERROR (Status)) {\r
+    ASSERT_EFI_ERROR (Status);\r
+    return FALSE;\r
+  }\r
+\r
+  Status = CredentialProtocol->GetAuthInfo (\r
+                                 CredentialProtocol,\r
+                                 &AuthMethod,\r
+                                 &UserName,\r
+                                 &Password\r
+                                 );\r
+  if (!EFI_ERROR (Status)) {\r
+    ZeroMem (Password, AsciiStrSize (Password));\r
+    FreePool (Password);\r
+    ZeroMem (UserName, AsciiStrSize (UserName));\r
+    FreePool (UserName);\r
     ReturnBool = TRUE;\r
   } else {\r
-    DEBUG ((DEBUG_REDFISH_HOST_INTERFACE, "    Redfish Credential Bootstrapping is not supported\n"));\r
-    ReturnBool = FALSE;\r
+    if (Status == EFI_ACCESS_DENIED) {\r
+      // bootstrap credential support was disabled\r
+      ReturnBool = TRUE;\r
+    }\r
   }\r
 \r
+  DEBUG ((\r
+    DEBUG_REDFISH_HOST_INTERFACE,\r
+    "    Redfish Credential Bootstrapping is %a\n",\r
+    ReturnBool ? "supported" : "not supported"\r
+    ));\r
   return ReturnBool;\r
 }\r
 \r
@@ -1201,9 +1207,9 @@ CheckBmcUsbNic (
 \r
   DEBUG ((DEBUG_MANAGEABILITY, "%a: Entry, the registration key - 0x%08x.\n", __func__, Registration));\r
 \r
-  Handle = NULL;\r
+  Handle       = NULL;\r
   HandleBuffer = NULL;\r
-  Status = EFI_SUCCESS;\r
+  Status       = EFI_SUCCESS;\r
 \r
   do {\r
     BufferSize = 0;\r

diff --git a/RedfishPkg/Library/PlatformHostInterfaceBmcUsbNicLib/PlatformHostInterfaceBmcUsbNicLib.h b/RedfishPkg/Library/PlatformHostInterfaceBmcUsbNicLib/PlatformHostInterfaceBmcUsbNicLib.h
index 669c304fc3d8f4f2b0caf469f35d1162023b64a5..96b2bdfbe721eec582fb2e5132d5519f4e908a9b 100644 (file)
--- a/RedfishPkg/Library/PlatformHostInterfaceBmcUsbNicLib/PlatformHostInterfaceBmcUsbNicLib.h
+++ b/RedfishPkg/Library/PlatformHostInterfaceBmcUsbNicLib/PlatformHostInterfaceBmcUsbNicLib.h
@@ -21,7 +21,6 @@
 #include <Library/BaseMemoryLib.h>\r
 #include <Library/DebugLib.h>\r
 #include <Library/DevicePathLib.h>\r
-#include <Library/IpmiLib.h>\r
 #include <Library/IpmiCommandLib.h>\r
 #include <Library/RedfishHostInterfaceLib.h>\r
 #include <Library/MemoryAllocationLib.h>\r
@@ -29,6 +28,7 @@
 #include <Library/DevicePathLib.h>\r
 #include <Library/RedfishDebugLib.h>\r
 \r
+#include <Protocol/EdkIIRedfishCredential2.h>\r
 #include <Protocol/SimpleNetwork.h>\r
 #include <Protocol/UsbIo.h>\r
 \r

diff --git a/RedfishPkg/Library/PlatformHostInterfaceBmcUsbNicLib/PlatformHostInterfaceBmcUsbNicLib.inf b/RedfishPkg/Library/PlatformHostInterfaceBmcUsbNicLib/PlatformHostInterfaceBmcUsbNicLib.inf
index 3660249a3588477b0c86e38d48008d4ae857e482..c3791199321959a7f6b9c17d5333ba278eafbfa3 100644 (file)
--- a/RedfishPkg/Library/PlatformHostInterfaceBmcUsbNicLib/PlatformHostInterfaceBmcUsbNicLib.inf
+++ b/RedfishPkg/Library/PlatformHostInterfaceBmcUsbNicLib/PlatformHostInterfaceBmcUsbNicLib.inf
@@ -29,7 +29,6 @@
 [LibraryClasses]\r
   BaseMemoryLib\r
   DebugLib\r
-  IpmiLib\r
   IpmiCommandLib\r
   MemoryAllocationLib\r
   UefiLib\r
@@ -39,6 +38,7 @@
   gEfiSimpleNetworkProtocolGuid                 ## CONSUMED\r
   gEfiUsbIoProtocolGuid                         ## CONSUMED\r
   gEfiDevicePathProtocolGuid                    ## CONSUMED\r
+  gEdkIIRedfishCredential2ProtocolGuid          ## CONSUMED\r
 \r
 [Pcd]\r
   gEfiRedfishPkgTokenSpaceGuid.PcdRedfishHostName     ## CONSUMED\r
@@ -47,3 +47,4 @@
 \r
 [Depex]\r
   gIpmiProtocolGuid\r
+  AND gEdkIIRedfishCredential2ProtocolGuid\r