From: abnchang <abnch...@amd.com>
Produce EdkiiHttpsTlsConfigData protocol to provide Redfish
REST EX TLS configuration data.
Signed-off-by: Abner Chang <abner.ch...@amd.com>
Cc: Saloni Kasbekar <saloni.kasbe...@intel.com>
Cc: Zachary Clark-williams <zachary.clark-willi...@intel.com>
Cc: Michael Brown <mc...@ipxe.org>
Cc: Nickle Wang <nick...@nvidia.com>
Cc: Igor Kulchytskyy <ig...@ami.com>
---
RedfishPkg/RedfishPkg.dec | 5 ++
.../RedfishRestExDxe/RedfishRestExDxe.inf | 2 +
.../RedfishRestExDxe/RedfishRestExDriver.h | 23 +++++-
.../RedfishRestExDxe/RedfishRestExDriver.c | 79 ++++++++++++++++++-
4 files changed, 104 insertions(+), 5 deletions(-)
diff --git a/RedfishPkg/RedfishPkg.dec b/RedfishPkg/RedfishPkg.dec
index 3ea9ff3ef7f..e4aa8b634c8 100644
--- a/RedfishPkg/RedfishPkg.dec
+++ b/RedfishPkg/RedfishPkg.dec
@@ -154,3 +154,8 @@
# set to EFI_REST_EX_PROTOCOL.
#
gEfiRedfishPkgTokenSpaceGuid.PcdRedfishSendReceiveTimeout|5000|UINT32|0x00001009
+ #
+ # This PCD declares whether to provide EDKII_HTTPS_CONFIG_DATA_PROTOCOL
+ # for Resfish REXT EX HTTPS TLS configuration data.
+ #
+
gEfiRedfishPkgTokenSpaceGuid.PcdRedfishRestExHttpsTlsConfigData|TRUE|BOOLEAN|0x00001010
diff --git a/RedfishPkg/RedfishRestExDxe/RedfishRestExDxe.inf
b/RedfishPkg/RedfishRestExDxe/RedfishRestExDxe.inf
index 64e6343bfbf..e75f5a87985 100644
--- a/RedfishPkg/RedfishRestExDxe/RedfishRestExDxe.inf
+++ b/RedfishPkg/RedfishRestExDxe/RedfishRestExDxe.inf
@@ -57,11 +57,13 @@
gEfiHttpServiceBindingProtocolGuid ## TO_START
gEfiHttpProtocolGuid ## TO_START
gEfiDevicePathProtocolGuid ## TO_START
+ gEdkiiHttpsTlsConfigDataProtocolGuid ## PRODUCED
[Pcd]
gEfiRedfishPkgTokenSpaceGuid.PcdRedfishRestExServiceAccessModeInBand ##
CONSUMES
gEfiRedfishPkgTokenSpaceGuid.PcdRedfishRestExChunkRequestMode ##
CONSUMES
gEfiRedfishPkgTokenSpaceGuid.PcdRedfishRestExAddingExpect ##
CONSUMES
+ gEfiRedfishPkgTokenSpaceGuid.PcdRedfishRestExHttpsTlsConfigData ##
CONSUMES
[UserExtensions.TianoCore."ExtraFiles"]
RedfishRestExDxeExtra.uni
diff --git a/RedfishPkg/RedfishRestExDxe/RedfishRestExDriver.h
b/RedfishPkg/RedfishRestExDxe/RedfishRestExDriver.h
index 6b94e5814c4..c3a15f1a976 100644
--- a/RedfishPkg/RedfishRestExDxe/RedfishRestExDriver.h
+++ b/RedfishPkg/RedfishRestExDxe/RedfishRestExDriver.h
@@ -30,8 +30,10 @@
/// UEFI Driver Model Protocols
///
#include <Protocol/DriverBinding.h>
+#include <Protocol/HttpsTlsConfigDataProtocol.h>
#include <Protocol/RestEx.h>
#include <Protocol/ServiceBinding.h>
+#include <Protocol/Tls.h>
///
/// Protocol instances
@@ -53,13 +55,19 @@ typedef struct _RESTEX_SERVICE RESTEX_SERVICE;
///
typedef struct _RESTEX_INSTANCE RESTEX_INSTANCE;
+///
+/// RestEx HTTP context
+///
+typedef struct _RESTEX_HTTPS_CONTEXT RESTEX_HTTPS_CONTEXT;
+
///
/// Driver Version
///
#define REDFISH_RESTEX_DRIVER_VERSION 0x0100
-#define RESTEX_SERVICE_SIGNATURE SIGNATURE_32 ('R', 'E', 'S', 'S')
-#define RESTEX_INSTANCE_SIGNATURE SIGNATURE_32 ('R', 'E', 'I', 'S')
+#define RESTEX_SERVICE_SIGNATURE SIGNATURE_32 ('R', 'E', 'S', 'S')
+#define RESTEX_INSTANCE_SIGNATURE SIGNATURE_32 ('R', 'E', 'I', 'S')
+#define RESTEX_HTTPS_CONTEXT_SIGNATURE SIGNATURE_32 ('R', 'H', 'C', 'S')
#define RESTEX_SERVICE_FROM_THIS(a) \
CR (a, RESTEX_SERVICE, ServiceBinding, RESTEX_SERVICE_SIGNATURE)
@@ -67,6 +75,9 @@ typedef struct _RESTEX_INSTANCE RESTEX_INSTANCE;
#define RESTEX_INSTANCE_FROM_THIS(a) \
CR (a, RESTEX_INSTANCE, RestEx, RESTEX_INSTANCE_SIGNATURE)
+#define REDFISH_HTTPS_CONTEXT_FROM_THIS(a) \
+ CR (a, RESTEX_HTTPS_CONTEXT, TlsConfigDataProtocol,
RESTEX_HTTPS_CONTEXT_SIGNATURE)
+
#define RESTEX_STATE_UNCONFIGED 0
#define RESTEX_STATE_CONFIGED 1
@@ -93,6 +104,12 @@ struct _RESTEX_SERVICE {
#define RESTEX_INSTANCE_FLAGS_TLS_RETRY 0x00000001
#define RESTEX_INSTANCE_FLAGS_TCP_ERROR_RETRY 0x00000002
+struct _RESTEX_HTTPS_CONTEXT {
+ UINT32 Signature;
+ EDKII_HTTPS_TLS_CONFIG_DATA_PROTOCOL TlsConfigDataProtocol;
+ BOOLEAN TlsConfigDataProtocolInstalled;
+};
+
struct _RESTEX_INSTANCE {
UINT32 Signature;
LIST_ENTRY Link;
@@ -107,6 +124,8 @@ struct _RESTEX_INSTANCE {
EFI_REST_EX_CONFIG_DATA ConfigData;
+ RESTEX_HTTPS_CONTEXT *RestExHttpsContext;
+
//
// HTTP_IO to access the HTTP service
//
diff --git a/RedfishPkg/RedfishRestExDxe/RedfishRestExDriver.c
b/RedfishPkg/RedfishRestExDxe/RedfishRestExDriver.c
index 7036aed4268..f897248fc44 100644
--- a/RedfishPkg/RedfishRestExDxe/RedfishRestExDriver.c
+++ b/RedfishPkg/RedfishRestExDxe/RedfishRestExDriver.c
@@ -76,8 +76,26 @@ RestExDestroyInstance (
IN RESTEX_INSTANCE *Instance
)
{
- HttpIoDestroyIo (&(Instance->HttpIo));
+ EFI_STATUS Status;
+ if ((Instance != NULL) &&
+ (Instance->RestExHttpsContext != NULL) &&
+ (Instance->RestExHttpsContext->TlsConfigDataProtocolInstalled)
+ )
+ {
+ Status = gBS->UninstallProtocolInterface (
+ Instance->HttpIo.Handle,
+ &gEdkiiHttpsTlsConfigDataProtocolGuid,
+ (VOID
*)&Instance->RestExHttpsContext->TlsConfigDataProtocol
+ );
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "%a: Fail to uninstall
gEdkiiHttpsTlsConfigDataProtocolGuid.\n", __func__));
+ }
+
+ FreePool (Instance->RestExHttpsContext);
+ }
+
+ HttpIoDestroyIo (&(Instance->HttpIo));
FreePool (Instance);
}
@@ -266,6 +284,56 @@ RestExCreateService (
return Status;
}
+/**
+ Initial EDKII_HTTPS_TLS_CONFIG_DATA_PROTOCOL for Redfish REST EX TLS.
+
+ @param[in] Instance REST EX internal structure instance.
+
+**/
+VOID
+RedfishHttpsTlsConfigData (
+ IN RESTEX_INSTANCE *Instance
+ )
+{
+ EFI_STATUS Status;
+ RESTEX_HTTPS_CONTEXT *RestExHttpsContext;
+
+ RestExHttpsContext = AllocateZeroPool (sizeof (RESTEX_HTTPS_CONTEXT));
+ if (RestExHttpsContext == NULL) {
+ DEBUG ((DEBUG_ERROR, "%a: Allocate memory fail for
RESTEX_HTTPS_CONTEXT\n", __func__));
+ return;
+ }
+
+ if (Instance->HttpIo.Handle == NULL) {
+ DEBUG ((DEBUG_ERROR, "%a: Invalid HTTP handle.\n", __func__));
+ return;
+ }
+
+ RestExHttpsContext->Signature
= RESTEX_HTTPS_CONTEXT_SIGNATURE;
+ RestExHttpsContext->TlsConfigDataProtocol.Version.Major
= 1;
+ RestExHttpsContext->TlsConfigDataProtocol.Version.Minor
= 0;
+ RestExHttpsContext->TlsConfigDataProtocol.HttpsTlsConfigData.ConnectionEnd
= EfiTlsClient;
+ RestExHttpsContext->TlsConfigDataProtocol.HttpsTlsConfigData.VerifyMethod
= EFI_TLS_VERIFY_NONE;
+
RestExHttpsContext->TlsConfigDataProtocol.HttpsTlsConfigData.VerifyHost.Flags
= EFI_TLS_VERIFY_FLAG_NONE;
+
RestExHttpsContext->TlsConfigDataProtocol.HttpsTlsConfigData.VerifyHost.HostName
= "Redfish Service";
+
+ // Install EDKII_HTTPS_TLS_CONFIG_DATA_PROTOCOL;
+ Status = gBS->InstallProtocolInterface (
+ &Instance->HttpIo.Handle,
+ &gEdkiiHttpsTlsConfigDataProtocolGuid,
+ EFI_NATIVE_INTERFACE,
+ (VOID *)&RestExHttpsContext->TlsConfigDataProtocol
+ );
+ if (EFI_ERROR (Status)) {
+ FreePool (RestExHttpsContext);
+ DEBUG ((DEBUG_ERROR, "%a: Fail to install
EDKII_HTTPS_TLS_CONFIG_DATA_PROTOCOL.\n", __func__));
+ return;
+ }
+
+ RestExHttpsContext->TlsConfigDataProtocolInstalled = TRUE;
+ Instance->RestExHttpsContext = RestExHttpsContext;
+}
+
/**
This is the declaration of an EFI image entry point. This entry point is
the same for UEFI Applications, UEFI OS Loaders, and UEFI Drivers including
@@ -286,8 +354,6 @@ RedfishRestExDriverEntryPoint (
{
EFI_STATUS Status;
- Status = EFI_SUCCESS;
-
//
// Install the RestEx Driver Binding Protocol.
//
@@ -699,6 +765,13 @@ RedfishRestExServiceBindingCreateChild (
goto ON_ERROR;
}
+ //
+ // Set Redfish HTTPS TLS configuration data.
+ //
+ if (FixedPcdGetBool (PcdRedfishRestExHttpsTlsConfigData)) {
+ RedfishHttpsTlsConfigData (Instance);
+ }
+
//
// Add it to the parent's child list.
//
--
2.37.1.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#113008): https://edk2.groups.io/g/devel/message/113008
Mute This Topic: https://groups.io/mt/103430433/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
