RedfishPlatformCredentialIpmiLib.c File Reference

#include "RedfishPlatformCredentialIpmiLib.h"

Go to the source code of this file.

Functions
EFI_STATUS EFIAPI	LibStopRedfishService (IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, IN EDKII_REDFISH_CREDENTIAL_STOP_SERVICE_TYPE ServiceStopType)
VOID EFIAPI	LibCredentialExitBootServicesNotify (IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This)
VOID EFIAPI	LibCredentialEndOfDxeNotify (IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This)
EFI_STATUS	GetBootstrapAccountCredentials (IN BOOLEAN DisableBootstrapControl, IN OUT CHAR8 *BootstrapUsername, OPTIONAL IN UINTN BootstrapUsernameSize, IN OUT CHAR8 *BootstrapPassword, OPTIONAL IN UINTN BootstrapPasswordSize)
EFI_STATUS	GetBootstrapAccountCredentialsFromVariable (IN OUT CHAR8 *BootstrapUsername, IN UINTN BootstrapUsernameSize, IN OUT CHAR8 *BootstrapPassword, IN UINTN BootstrapPasswordSize)
EFI_STATUS	SetBootstrapAccountCredentialsToVariable (IN CHAR8 *BootstrapUsername, OPTIONAL IN CHAR8 *BootstrapPassword, OPTIONAL IN BOOLEAN DeleteVariable)
EFI_STATUS EFIAPI	LibCredentialGetAuthInfo (IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *This, OUT EDKII_REDFISH_AUTH_METHOD *AuthMethod, OUT CHAR8 **UserId, OUT CHAR8 **Password)

Variables
BOOLEAN	mRedfishServiceStopped = FALSE

Detailed Description

Implementation of getting bootstrap credential via IPMI.

Copyright (c) 2022-2023 NVIDIA CORPORATION & AFFILIATES. All rights reserved.

SPDX-License-Identifier: BSD-2-Clause-Patent

Specification Reference:

• Redfish Host Interface Specification (https://www.dmtf.org/sites/default/files/standards/documents/DSP0270_1.3.0.pdf)

Definition in file RedfishPlatformCredentialIpmiLib.c.

Function Documentation

GetBootstrapAccountCredentials()

EFI_STATUS GetBootstrapAccountCredentials	(	IN BOOLEAN	DisableBootstrapControl,
		IN OUT CHAR8 *	BootstrapUsername,
		OPTIONAL IN UINTN	BootstrapUsernameSize,
		IN OUT CHAR8 *	BootstrapPassword,
		OPTIONAL IN UINTN	BootstrapPasswordSize
	)

Function to retrieve temporary user credentials for the UEFI redfish client. This function can also disable bootstrap credential service in BMC.

Parameters

[in]	DisableBootstrapControl	TRUE - Tell the BMC to disable the bootstrap credential service to ensure no one else gains credentials FALSE Allow the bootstrap credential service to continue
[in,out]	BootstrapUsername	A pointer to a Ascii encoded string for the credential username When DisableBootstrapControl is TRUE, this pointer can be NULL
[in]	BootstrapUsernameSize	The size of BootstrapUsername including NULL terminator in bytes. Per specification, the size is USERNAME_MAX_SIZE.
[in,out]	BootstrapPassword	A pointer to a Ascii encoded string for the credential password When DisableBootstrapControl is TRUE, this pointer can be NULL
[in]	BootstrapPasswordSize	The size of BootstrapPassword including NULL terminator in bytes. Per specification, the size is PASSWORD_MAX_SIZE.

Return values

EFI_SUCCESS	Credentials were successfully fetched and returned. When DisableBootstrapControl is set to TRUE, the bootstrap credential service is disabled successfully.
EFI_INVALID_PARAMETER	BootstrapUsername or BootstrapPassword is NULL when DisableBootstrapControl is set to FALSE. BootstrapUsernameSize or BootstrapPasswordSize is incorrect when DisableBootstrapControl is set to FALSE.
EFI_DEVICE_ERROR	An IPMI failure occurred

Definition at line 132 of file RedfishPlatformCredentialIpmiLib.c.

GetBootstrapAccountCredentialsFromVariable()

EFI_STATUS GetBootstrapAccountCredentialsFromVariable	(	IN OUT CHAR8 *	BootstrapUsername,
		IN UINTN	BootstrapUsernameSize,
		IN OUT CHAR8 *	BootstrapPassword,
		IN UINTN	BootstrapPasswordSize
	)

Function to retrieve temporary user credentials from cached boot time variable.

Parameters

[in,out]	BootstrapUsername	A pointer to a Ascii encoded string for the credential username.
[in]	BootstrapUsernameSize	The size of BootstrapUsername including NULL terminator in bytes. Per specification, the size is USERNAME_MAX_SIZE.
[in,out]	BootstrapPassword	A pointer to a Ascii encoded string for the credential password.
[in]	BootstrapPasswordSize	The size of BootstrapPassword including NULL terminator in bytes. Per specification, the size is PASSWORD_MAX_SIZE.

Return values

EFI_SUCCESS	Credentials were successfully fetched and returned.
EFI_INVALID_PARAMETER	BootstrapUsername or BootstrapPassword is NULL. BootstrapUsernameSize or BootstrapPasswordSize is incorrect.
EFI_NOT_FOUND	No variable found for account and credentials.

Definition at line 240 of file RedfishPlatformCredentialIpmiLib.c.

LibCredentialEndOfDxeNotify()

VOID EFIAPI LibCredentialEndOfDxeNotify

(

IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *

This

)

Notification of End of DXe.

Parameters

[in]

This

Pointer to EDKII_REDFISH_CREDENTIAL_PROTOCOL.

Definition at line 98 of file RedfishPlatformCredentialIpmiLib.c.

LibCredentialExitBootServicesNotify()

VOID EFIAPI LibCredentialExitBootServicesNotify

(

IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *

This

)

Notification of Exit Boot Service.

Parameters

[in]

This

Pointer to EDKII_REDFISH_CREDENTIAL_PROTOCOL.

Definition at line 81 of file RedfishPlatformCredentialIpmiLib.c.

LibCredentialGetAuthInfo()

EFI_STATUS EFIAPI LibCredentialGetAuthInfo	(	IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *	This,
		OUT EDKII_REDFISH_AUTH_METHOD *	AuthMethod,
		OUT CHAR8 **	UserId,
		OUT CHAR8 **	Password
	)

Retrieve platform's Redfish authentication information.

This functions returns the Redfish authentication method together with the user Id and password.

• For AuthMethodNone, the UserId and Password could be used for HTTP header authentication as defined by RFC7235.
• For AuthMethodRedfishSession, the UserId and Password could be used for Redfish session login as defined by Redfish API specification (DSP0266).

Callers are responsible for and freeing the returned string storage.

Parameters

[in]	This	Pointer to EDKII_REDFISH_CREDENTIAL_PROTOCOL instance.
[out]	AuthMethod	Type of Redfish authentication method.
[out]	UserId	The pointer to store the returned UserId string.
[out]	Password	The pointer to store the returned Password string.

Return values

EFI_SUCCESS	Get the authentication information successfully.
EFI_ACCESS_DENIED	SecureBoot is disabled after EndOfDxe.
EFI_INVALID_PARAMETER	This or AuthMethod or UserId or Password is NULL.
EFI_OUT_OF_RESOURCES	There are not enough memory resources.
EFI_UNSUPPORTED	Unsupported authentication method is found.

Definition at line 396 of file RedfishPlatformCredentialIpmiLib.c.

LibStopRedfishService()

EFI_STATUS EFIAPI LibStopRedfishService	(	IN EDKII_REDFISH_CREDENTIAL_PROTOCOL *	This,
		IN EDKII_REDFISH_CREDENTIAL_STOP_SERVICE_TYPE	ServiceStopType
	)

Notify the Redfish service provide to stop provide configuration service to this platform.

This function should be called when the platform is about to leave the safe environment. It will notify the Redfish service provider to abort all login session, and prohibit further login with original auth info. GetAuthInfo() will return EFI_UNSUPPORTED once this function is returned.

Parameters

[in]	This	Pointer to EDKII_REDFISH_CREDENTIAL_PROTOCOL instance.
[in]	ServiceStopType	Reason of stopping Redfish service.

Return values

EFI_SUCCESS	Service has been stoped successfully.
EFI_INVALID_PARAMETER	This is NULL.
Others	Some error happened.

Definition at line 38 of file RedfishPlatformCredentialIpmiLib.c.

SetBootstrapAccountCredentialsToVariable()

EFI_STATUS SetBootstrapAccountCredentialsToVariable	(	IN CHAR8 *	BootstrapUsername,
		OPTIONAL IN CHAR8 *	BootstrapPassword,
		OPTIONAL IN BOOLEAN	DeleteVariable
	)

Function to save temporary user credentials into boot time variable. When DeleteVariable is True, this function delete boot time variable.

Parameters

[in]	BootstrapUsername	A pointer to a Ascii encoded string for the credential username.
[in]	BootstrapPassword	A pointer to a Ascii encoded string for the credential password.
[in]	DeleteVariable	True to remove boot time variable. False otherwise.

Return values

EFI_SUCCESS	Credentials were successfully saved.
EFI_INVALID_PARAMETER	BootstrapUsername or BootstrapPassword is NULL
Others	Error occurs

Definition at line 305 of file RedfishPlatformCredentialIpmiLib.c.

Variable Documentation

mRedfishServiceStopped

BOOLEAN mRedfishServiceStopped = FALSE

Definition at line 18 of file RedfishPlatformCredentialIpmiLib.c.