[AMD Official Use Only - General] Hi Nickle, I don't see the obvious coding error in this patch. However, I think we can remove HPE copyright from Redfish secure boot feature driver, as this is a new feature driver and HPE doesn't have contributions to these files, right? If so, then please remove it.
Thanks Reviewed-by: Abner Chang <abner.ch...@amd.com> > -----Original Message----- > From: Nickle Wang <nick...@nvidia.com> > Sent: Monday, April 1, 2024 10:18 PM > To: devel@edk2.groups.io > Cc: Chang, Abner <abner.ch...@amd.com>; Igor Kulchytskyy > <ig...@ami.com>; Nick Ramirez <nrami...@nvidia.com> > Subject: [edk2-redfish-client][PATCH v2 1/2] RedfishClientPkg/Features: > support Redfish Secure Boot > > Caution: This message originated from an External Source. Use proper > caution when opening attachments, clicking links, or responding. > > > Introduce SecureBoot driver to support > /redfish/v1/Systems/SYS/SecureBoot resource. > > Signed-off-by: Nickle Wang <nick...@nvidia.com> > Cc: Abner Chang <abner.ch...@amd.com> > Cc: Igor Kulchytskyy <ig...@ami.com> > Cc: Nick Ramirez <nrami...@nvidia.com> > --- > .../RedfishClientComponents.dsc.inc | 2 + > RedfishClientPkg/RedfishClientLibs.dsc.inc | 4 + > .../SecureBoot/v1_1_0/Dxe/SecureBootDxe.inf | 60 ++ > .../v1_1_0/Common/SecureBootCommon.h | 40 + > .../v1_1_0/Common/SecureBootCommon.c | 765 +++++++++++++++++ > .../SecureBoot/v1_1_0/Dxe/SecureBootDxe.c | 809 ++++++++++++++++++ > RedfishClientPkg/RedfishClient.fdf.inc | 1 + > 7 files changed, 1681 insertions(+) > create mode 100644 > RedfishClientPkg/Features/SecureBoot/v1_1_0/Dxe/SecureBootDxe.inf > create mode 100644 > RedfishClientPkg/Features/SecureBoot/v1_1_0/Common/SecureBootCommo > n.h > create mode 100644 > RedfishClientPkg/Features/SecureBoot/v1_1_0/Common/SecureBootCommo > n.c > create mode 100644 > RedfishClientPkg/Features/SecureBoot/v1_1_0/Dxe/SecureBootDxe.c > > diff --git a/RedfishClientPkg/RedfishClientComponents.dsc.inc > b/RedfishClientPkg/RedfishClientComponents.dsc.inc > index ae2a4b025..42fc0c299 100644 > --- a/RedfishClientPkg/RedfishClientComponents.dsc.inc > +++ b/RedfishClientPkg/RedfishClientComponents.dsc.inc > @@ -34,6 +34,7 @@ > RedfishClientPkg/Features/Bios/v1_0_9/Dxe/BiosDxe.inf > > RedfishClientPkg/Features/BootOptionCollection/BootOptionCollectionDxe.in > f > RedfishClientPkg/Features/BootOption/v1_0_4/Dxe/BootOptionDxe.inf > + RedfishClientPkg/Features/SecureBoot/v1_1_0/Dxe/SecureBootDxe.inf > > !include RedfishClientPkg/RedfishJsonStructureDxe.dsc.inc > > @@ -47,3 +48,4 @@ > RedfishClientPkg/Converter/Bios/v1_0_9/RedfishBios_V1_0_9_Dxe.inf > > RedfishClientPkg/Converter/BootOptionCollection/RedfishBootOptionCollecti > on_Dxe.inf > > RedfishClientPkg/Converter/BootOption/v1_0_4/RedfishBootOption_V1_0_4_ > Dxe.inf > + > RedfishClientPkg/Converter/SecureBoot/v1_1_0/RedfishSecureBoot_V1_1_0_ > Dxe.inf > diff --git a/RedfishClientPkg/RedfishClientLibs.dsc.inc > b/RedfishClientPkg/RedfishClientLibs.dsc.inc > index 6599926ab..9126465df 100644 > --- a/RedfishClientPkg/RedfishClientLibs.dsc.inc > +++ b/RedfishClientPkg/RedfishClientLibs.dsc.inc > @@ -25,6 +25,8 @@ > > BiosV1_0_9Lib|RedfishClientPkg/ConverterLib/edk2library/Bios/v1_0_9/Lib.in > f > > BootOptionCollectionLib|RedfishClientPkg/ConverterLib/edk2library/BootOp > tionCollection/Lib.inf > > BootOptionV1_0_4Lib|RedfishClientPkg/ConverterLib/edk2library/BootOptio > n/v1_0_4/Lib.inf > + > SecureBootV1_1_0Lib|RedfishClientPkg/ConverterLib/edk2library/SecureBoot > /v1_1_0/Lib.inf > + > # > # Above modules should be pulled in by build tool. > # > @@ -42,3 +44,5 @@ > > RedfishAddendumLib|RedfishClientPkg/Library/RedfishAddendumLib/Redfis > hAddendumLib.inf > RedfishDebugLib|RedfishPkg/Library/RedfishDebugLib/RedfishDebugLib.inf > RedfishHttpLib|RedfishPkg/Library/RedfishHttpLib/RedfishHttpLib.inf > + > SecureBootVariableLib|SecurityPkg/Library/SecureBootVariableLib/SecureBo > otVariableLib.inf > + > PlatformPKProtectionLib|SecurityPkg/Library/PlatformPKProtectionLibVarPolic > y/PlatformPKProtectionLibVarPolicy.inf > diff --git > a/RedfishClientPkg/Features/SecureBoot/v1_1_0/Dxe/SecureBootDxe.inf > b/RedfishClientPkg/Features/SecureBoot/v1_1_0/Dxe/SecureBootDxe.inf > new file mode 100644 > index 000000000..1ad8c623f > --- /dev/null > +++ b/RedfishClientPkg/Features/SecureBoot/v1_1_0/Dxe/SecureBootDxe.inf > @@ -0,0 +1,60 @@ > +## @file > +# > +# (C) Copyright 2020-2022 Hewlett Packard Enterprise Development LP<BR> > +# Copyright (c) 2022-2024, NVIDIA CORPORATION & AFFILIATES. All rights > reserved. > +# > +# SPDX-License-Identifier: BSD-2-Clause-Patent > +# > +## > + > + > +[Defines] > + INF_VERSION = 0x00010005 > + BASE_NAME = SecureBootDxe > + FILE_GUID = 5E4025F8-DA42-468A-853E-6A1091D35052 > + MODULE_TYPE = DXE_DRIVER > + VERSION_STRING = 1.0 > + ENTRY_POINT = RedfishResourceEntryPoint > + UNLOAD_IMAGE = RedfishResourceUnload > + > +[Packages] > + MdePkg/MdePkg.dec > + MdeModulePkg/MdeModulePkg.dec > + SecurityPkg/SecurityPkg.dec > + RedfishPkg/RedfishPkg.dec > + RedfishClientPkg/RedfishClientPkg.dec > + > +[Sources] > + ../Common/SecureBootCommon.h > + ../Common/SecureBootCommon.c > + SecureBootDxe.c > + > +[LibraryClasses] > + BaseMemoryLib > + DebugLib > + EdkIIRedfishResourceConfigLib > + RedfishFeatureUtilityLib > + RedfishVersionLib > + RedfishResourceIdentifyLib > + SecureBootVariableLib > + UefiLib > + UefiDriverEntryPoint > + RedfishAddendumLib > + UefiRuntimeServicesTableLib > + > +[Protocols] > + gEdkIIRedfishConfigHandlerProtocolGuid ## PRODUCED > + gEfiRestJsonStructureProtocolGuid ## CONSUMED > + gEdkIIRedfishResourceConfigProtocolGuid ## PRODUCED > + gEdkIIRedfishFeatureProtocolGuid ## CONSUMED > + > +[Guids] > + gEfiSecureBootEnableDisableGuid ## CONSUMED > + > +[Pcd] > + gEfiRedfishClientPkgTokenSpaceGuid.PcdMaxRedfishSchemaStringSize > + gEfiRedfishClientPkgTokenSpaceGuid.PcdMaxRedfishSchemaVersionSize > + gEfiRedfishClientPkgTokenSpaceGuid.PcdRedfishSystemRebootRequired > + > +[Depex] > + TRUE > diff --git > a/RedfishClientPkg/Features/SecureBoot/v1_1_0/Common/SecureBootCom > mon.h > b/RedfishClientPkg/Features/SecureBoot/v1_1_0/Common/SecureBootCom > mon.h > new file mode 100644 > index 000000000..0d1824160 > --- /dev/null > +++ > b/RedfishClientPkg/Features/SecureBoot/v1_1_0/Common/SecureBootCom > mon.h > @@ -0,0 +1,40 @@ > +/** @file > + > + Redfish feature driver implementation - internal header file > + (C) Copyright 2020-2022 Hewlett Packard Enterprise Development LP<BR> > + Copyright (c) 2022-2024, NVIDIA CORPORATION & AFFILIATES. All rights > reserved. > + > + SPDX-License-Identifier: BSD-2-Clause-Patent > + > +**/ > + > +#ifndef EFI_REDFISH_SECUREBOOT_COMMON_H_ > +#define EFI_REDFISH_SECUREBOOT_COMMON_H_ > + > +#include <Guid/ImageAuthentication.h> > +#include <Guid/GlobalVariable.h> > +#include <Guid/AuthenticatedVariableFormat.h> > +#include > <RedfishJsonStructure/SecureBoot/v1_1_0/EfiSecureBootV1_1_0.h> > +#include <RedfishResourceCommon.h> > +#include <UefiSecureBoot.h> > +#include <Library/UefiRuntimeServicesTableLib.h> > +#include <Library/SecureBootVariableLib.h> > + > +// > +// Schema information. > +// > +#define REDFISH_MANAGED_URI L"Systems/{}/SecureBoot" > +#define REDFISH_DUMMY_CONFIG_LANG L"Systems/{1}/SecureBoot" > +#define MAX_URI_LENGTH 256 > +#define RESOURCE_SCHEMA "SecureBoot" > +#define RESOURCE_SCHEMA_MAJOR "1" > +#define RESOURCE_SCHEMA_MINOR "1" > +#define RESOURCE_SCHEMA_ERRATA "0" > +#define RESOURCE_SCHEMA_VERSION "v1_1_0" > +#define SECURE_BOOT_SETUP_MODE "SetupMode" > +#define SECURE_BOOT_USER_MODE "UserMode" > +#define SECURE_BOOT_ENABLED "Enabled" > +#define SECURE_BOOT_DISABLED "Disabled" > +#define SECURE_BOOT_MODE_STR_LEN 16 > + > +#endif > diff --git > a/RedfishClientPkg/Features/SecureBoot/v1_1_0/Common/SecureBootCom > mon.c > b/RedfishClientPkg/Features/SecureBoot/v1_1_0/Common/SecureBootCom > mon.c > new file mode 100644 > index 000000000..adee31b87 > --- /dev/null > +++ > b/RedfishClientPkg/Features/SecureBoot/v1_1_0/Common/SecureBootCom > mon.c > @@ -0,0 +1,765 @@ > +/** @file > + Redfish feature driver implementation - common functions > + > + (C) Copyright 2020-2022 Hewlett Packard Enterprise Development LP<BR> > + Copyright (c) 2023-2024, NVIDIA CORPORATION & AFFILIATES. All rights > reserved. > + > + SPDX-License-Identifier: BSD-2-Clause-Patent > + > +**/ > + > +#include "SecureBootCommon.h" > + > +CHAR8 SecureBootEmptyJson[] = "{\"@odata.id\": \"\", \"@odata.type\": > \"#SecureBoot.v1_1_0.SecureBoot\", \"Id\": \"\", \"Name\": \"\", > \"Attributes\":{}}"; > + > +REDFISH_RESOURCE_COMMON_PRIVATE *mRedfishResourcePrivate > = NULL; > +EFI_HANDLE mRedfishResourceConfigProtocolHandle > = NULL; > +CHAR16 > *mSecureBootSupportedAttributes[SECURE_BOOT_MODE_STR_LEN] = { > + L"SecureBootCurrentBoot", > + L"SecureBootEnable", > + L"SecureBootMode" > +}; > + > +/** > + Read EFI_SECURE_BOOT_ENABLE_NAME variable and return its value to > caller. > + > + @retval BOOLEAN TRUE when EFI_SECURE_BOOT_ENABLE_NAME value > is SECURE_BOOT_ENABLE > + FALSE when EFI_SECURE_BOOT_ENABLE_NAME value is > SECURE_BOOT_DISABLE > +**/ > +BOOLEAN > +RedfishReadSecureBootEnable ( > + VOID > + ) > +{ > + UINT8 *Buffer; > + BOOLEAN SecureBootEnableValue; > + > + Buffer = NULL; > + SecureBootEnableValue = FALSE; > + > + GetVariable2 ( > + EFI_SECURE_BOOT_ENABLE_NAME, > + &gEfiSecureBootEnableDisableGuid, > + (VOID **)&Buffer, > + NULL > + ); > + > + if (Buffer != NULL) { > + if (*Buffer == SECURE_BOOT_ENABLE) { > + SecureBootEnableValue = TRUE; > + } > + > + FreePool (Buffer); > + } > + > + return SecureBootEnableValue; > +} > + > +/** > + Write EFI_SECURE_BOOT_ENABLE_NAME variable with given value. > + > + @param[in] SecureBootEnableValue Value to write. TRUE is > SECURE_BOOT_ENABLE. > + FALSE is SECURE_BOOT_DISABLE. > + > + @retval EFI_SUCCESS Write value successfully. > + @retval Others Some error happened. > +**/ > +EFI_STATUS > +RedfishWriteSecureBootEnable ( > + BOOLEAN SecureBootEnableValue > + ) > +{ > + EFI_STATUS Status; > + UINT8 VarValue; > + > + VarValue = (SecureBootEnableValue ? SECURE_BOOT_ENABLE : > SECURE_BOOT_DISABLE); > + Status = gRT->SetVariable ( > + EFI_SECURE_BOOT_ENABLE_NAME, > + &gEfiSecureBootEnableDisableGuid, > + EFI_VARIABLE_NON_VOLATILE | > EFI_VARIABLE_BOOTSERVICE_ACCESS, > + sizeof (VarValue), > + &VarValue > + ); > + > + return Status; > +} > + > +/** > + Consume Redfish resource in given Json data. > + > + @param[in] This Pointer to > REDFISH_RESOURCE_COMMON_PRIVATE instance. > + @param[in] Json The JSON to consume. > + @param[in] HeaderEtag The Etag string returned in HTTP header. > + > + @retval EFI_SUCCESS Consume Redfish attribute successfully. > + @retval Others Some error happened. > + > +**/ > +EFI_STATUS > +RedfishConsumeResourceCommon ( > + IN REDFISH_RESOURCE_COMMON_PRIVATE *Private, > + IN CHAR8 *Json, > + IN CHAR8 *HeaderEtag OPTIONAL > + ) > +{ > + EFI_STATUS Status; > + EFI_REDFISH_SECUREBOOT_V1_1_0 *SecureBoot; > + EFI_REDFISH_SECUREBOOT_V1_1_0_CS *SecureBootCs; > + BOOLEAN SecureBootEnableDisable; > + > + if ((Private == NULL) || IS_EMPTY_STRING (Json)) { > + return EFI_INVALID_PARAMETER; > + } > + > + SecureBoot = NULL; > + SecureBootCs = NULL; > + SecureBootEnableDisable = RedfishReadSecureBootEnable (); > + > + Status = Private->JsonStructProtocol->ToStructure ( > + Private->JsonStructProtocol, > + NULL, > + Json, > + (EFI_REST_JSON_STRUCTURE_HEADER > **)&SecureBoot > + ); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: ToStructure() failed: %r\n", __func__, > Status)); > + return Status; > + } > + > + SecureBootCs = SecureBoot->SecureBoot; > + > + // > + // Check ETAG to see if we need to consume it > + // > + if (CheckEtag (Private->Uri, HeaderEtag, SecureBootCs->odata_etag)) { > + // > + // No change > + // > + DEBUG ((REDFISH_DEBUG_TRACE, "%a: ETAG: %s has no change, ignore > consume action\n", __func__, Private->Uri)); > + Status = EFI_ALREADY_STARTED; > + goto ON_RELEASE; > + } > + > + // > + // Secure boot enable > + // > + if (SecureBootCs->SecureBootEnable != NULL) { > + if (SecureBootEnableDisable != *SecureBootCs->SecureBootEnable) { > + // > + // Write value to "SecureBootEnable" variable. AuthVariableLib will > enable or disable secure boot > + // based on "SecureBootEnable" value. > + // > + Status = RedfishWriteSecureBootEnable (*SecureBootCs- > >SecureBootEnable); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: write secure boot enable disable failed: > %r\n", __func__, Status)); > + } else { > + REDFISH_ENABLE_SYSTEM_REBOOT (); > + } > + } else { > + DEBUG ((REDFISH_DEBUG_TRACE, "%a: secure boot mode is not > changed\n", __func__)); > + } > + } > + > +ON_RELEASE: > + > + // > + // Release resource. > + // > + Private->JsonStructProtocol->DestoryStructure ( > + Private->JsonStructProtocol, > + (EFI_REST_JSON_STRUCTURE_HEADER *)SecureBoot > + ); > + > + return EFI_SUCCESS; > +} > + > +/** > + Provision Redfish resource. This function reads secure boot variable and > convert it > + to Redfish attribute. > + > + @param[in] JsonStructProtocol Pointer to Json structure protocol. > + @param[in] InputJson Jason data on input. > + @param[in] ResourceId Resource ID. This is optional. > + @param[in] ConfigureLang Configure language for this Redfish > resource. > + @param[in] ProvisionMode TRUE when this is to provision Redfish > attribute to > + Redfish service. FALSE is to update > Redfish attribute > + to Redfish service. > + @param[out] ResultJson Json data on output. > + > + @retval EFI_SUCCESS Provision Redfish attribute successfully. > + @retval Others Some error happened. > + > +**/ > +EFI_STATUS > +ProvisioningSecureBootProperties ( > + IN EFI_REST_JSON_STRUCTURE_PROTOCOL *JsonStructProtocol, > + IN CHAR8 *InputJson, > + IN CHAR8 *ResourceId OPTIONAL, > + IN EFI_STRING ConfigureLang, > + IN BOOLEAN ProvisionMode, > + OUT CHAR8 **ResultJson > + ) > +{ > + EFI_REDFISH_SECUREBOOT_V1_1_0 *SecureBoot; > + EFI_REDFISH_SECUREBOOT_V1_1_0_CS *SecureBootCs; > + EFI_STATUS Status; > + BOOLEAN PropertyChanged; > + CHAR8 *AsciiStringValue; > + INT32 *IntegerValue; > + UINT8 SetupMode; > + BOOLEAN SecureBootEnabled; > + BOOLEAN SecureBootEnableDisable; > + > + if ((JsonStructProtocol == NULL) || (ResultJson == NULL) || > IS_EMPTY_STRING (InputJson) || IS_EMPTY_STRING (ConfigureLang)) { > + return EFI_INVALID_PARAMETER; > + } > + > + DEBUG ((REDFISH_DEBUG_TRACE, "%a provision for %s with: %s\n", > __func__, ConfigureLang, (ProvisionMode ? L"Provision resource" : L"Update > resource"))); > + > + *ResultJson = NULL; > + PropertyChanged = FALSE; > + AsciiStringValue = NULL; > + IntegerValue = NULL; > + SecureBootEnableDisable = RedfishReadSecureBootEnable (); > + SecureBootEnabled = IsSecureBootEnabled (); > + > + SecureBoot = NULL; > + Status = JsonStructProtocol->ToStructure ( > + JsonStructProtocol, > + NULL, > + InputJson, > + (EFI_REST_JSON_STRUCTURE_HEADER > **)&SecureBoot > + ); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: ToStructure failure: %r\n", __func__, > Status)); > + return Status; > + } > + > + SecureBootCs = SecureBoot->SecureBoot; > + > + // > + // ID > + // > + if (SecureBootCs->Id != NULL) { > + SecureBootCs->Id = NULL; > + } > + > + // > + // Name > + // > + if (SecureBootCs->Name != NULL) { > + SecureBootCs->Name = NULL; > + } > + > + // > + // Secure boot variables that we will handle here > + // > + // EFI_SETUP_MODE_NAME (gEfiGlobalVariableGuid) > + // EFI_SECURE_BOOT_MODE_NAME (gEfiGlobalVariableGuid) > + // EFI_SECURE_BOOT_ENABLE_NAME (gEfiSecureBootEnableDisableGuid) > + // > + > + // > + // Current Boot > + // > + if (PropertyChecker (SecureBootCs->SecureBootCurrentBoot, > ProvisionMode)) { > + AsciiStringValue = AllocateZeroPool (SECURE_BOOT_MODE_STR_LEN * > sizeof (CHAR8)); > + if (AsciiStringValue != NULL) { > + AsciiSPrint (AsciiStringValue, SECURE_BOOT_MODE_STR_LEN, "%a", > (SecureBootEnabled ? SECURE_BOOT_ENABLED : SECURE_BOOT_DISABLED)); > + if (ProvisionMode || (AsciiStrCmp (SecureBootCs- > >SecureBootCurrentBoot, AsciiStringValue) != 0)) { > + SecureBootCs->SecureBootCurrentBoot = AsciiStringValue; > + PropertyChanged = TRUE; > + } else { > + FreePool (AsciiStringValue); > + } > + } else { > + DEBUG ((DEBUG_ERROR, "%a: out of resource\n", __func__)); > + } > + } > + > + // > + // Secure boot enable > + // > + if (PropertyChecker (SecureBootCs->SecureBootEnable, ProvisionMode)) { > + if (ProvisionMode || (*SecureBootCs->SecureBootEnable != > SecureBootEnableDisable)) { > + IntegerValue = AllocatePool (sizeof (*IntegerValue)); > + if (IntegerValue != NULL) { > + *IntegerValue = (SecureBootEnableDisable ? 0x01 : > 0x00); > + SecureBootCs->SecureBootEnable = IntegerValue; > + PropertyChanged = TRUE; > + } else { > + DEBUG ((DEBUG_ERROR, "%a: out of resource\n", __func__)); > + } > + } > + } > + > + // > + // Secure boot mode > + // > + if (PropertyChecker (SecureBootCs->SecureBootMode, ProvisionMode)) { > + Status = GetSetupMode (&SetupMode); > + if (!EFI_ERROR (Status)) { > + AsciiStringValue = AllocateZeroPool (SECURE_BOOT_MODE_STR_LEN > *sizeof (CHAR8)); > + if (AsciiStringValue != NULL) { > + AsciiSPrint (AsciiStringValue, SECURE_BOOT_MODE_STR_LEN *sizeof > (CHAR8), "%a", (SetupMode == USER_MODE ? SECURE_BOOT_USER_MODE : > SECURE_BOOT_SETUP_MODE)); > + if (ProvisionMode || (AsciiStrCmp (SecureBootCs->SecureBootMode, > AsciiStringValue) != 0)) { > + SecureBootCs->SecureBootMode = AsciiStringValue; > + PropertyChanged = TRUE; > + } else { > + FreePool (AsciiStringValue); > + } > + } > + } else { > + DEBUG ((DEBUG_ERROR, "%a: cannot read setup mode: %r\n", > __func__, Status)); > + } > + } > + > + // > + // Convert C structure back to JSON text. > + // > + Status = JsonStructProtocol->ToJson ( > + JsonStructProtocol, > + (EFI_REST_JSON_STRUCTURE_HEADER > *)SecureBoot, > + ResultJson > + ); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: ToJson() failed: %r\n", __func__, Status)); > + } > + > + // > + // Release resource. > + // > + JsonStructProtocol->DestoryStructure ( > + JsonStructProtocol, > + (EFI_REST_JSON_STRUCTURE_HEADER *)SecureBoot > + ); > + > + if (EFI_ERROR (Status)) { > + return Status; > + } > + > + return (PropertyChanged ? EFI_SUCCESS : EFI_NOT_FOUND); > +} > + > +/** > + Provision Redfish resource and upload data to Redfish service. This > function > + checks OEM data and platform addendum data before sending data to > Redfish service. > + > + @param[in] Private Pointer to private data. > + > + @retval EFI_SUCCESS Provision Redfish resource successfully. > + @retval Others Some error happened. > + > +**/ > +EFI_STATUS > +ProvisioningSecureBootResource ( > + IN REDFISH_RESOURCE_COMMON_PRIVATE *Private > + ) > +{ > + EFI_STATUS Status; > + CHAR8 *Json; > + CHAR8 *JsonWithAddendum; > + REDFISH_RESPONSE Response; > + > + if (Private == NULL) { > + return EFI_INVALID_PARAMETER; > + } > + > + ZeroMem (&Response, sizeof (REDFISH_RESPONSE)); > + Json = NULL; > + > + Status = ProvisioningSecureBootProperties ( > + Private->JsonStructProtocol, > + SecureBootEmptyJson, > + NULL, > + REDFISH_DUMMY_CONFIG_LANG, > + TRUE, > + &Json > + ); > + if (EFI_ERROR (Status)) { > + if (Status == EFI_NOT_FOUND) { > + DEBUG ((REDFISH_DEBUG_TRACE, "%a: provisioning existing resource for > %s ignored. Nothing changed\n", __func__, > REDFISH_DUMMY_CONFIG_LANG)); > + Status = EFI_SUCCESS; > + } else { > + DEBUG ((DEBUG_ERROR, "%a: provisioning existing resource for %s > failed: %r\n", __func__, REDFISH_DUMMY_CONFIG_LANG, Status)); > + } > + > + goto ON_RELEASE; > + } > + > + // > + // Check and see if platform has OEM data or not > + // > + Status = RedfishGetOemData ( > + Private->Uri, > + RESOURCE_SCHEMA, > + RESOURCE_SCHEMA_VERSION, > + Json, > + &JsonWithAddendum > + ); > + if (!EFI_ERROR (Status) && (JsonWithAddendum != NULL)) { > + FreePool (Json); > + Json = JsonWithAddendum; > + JsonWithAddendum = NULL; > + } > + > + // > + // Check and see if platform has addendum data or not > + // > + Status = RedfishGetAddendumData ( > + Private->Uri, > + RESOURCE_SCHEMA, > + RESOURCE_SCHEMA_VERSION, > + Json, > + &JsonWithAddendum > + ); > + if (!EFI_ERROR (Status) && (JsonWithAddendum != NULL)) { > + FreePool (Json); > + Json = JsonWithAddendum; > + JsonWithAddendum = NULL; > + } > + > + DEBUG ((REDFISH_DEBUG_TRACE, "%a: provisioning existing resource for > %s\n", __func__, REDFISH_DUMMY_CONFIG_LANG)); > + > + // > + // PATCH back to instance > + // > + Status = RedfishHttpPatchResource (Private->RedfishService, Private->Uri, > Json, &Response); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: patch resource for %s failed: %r\n", > __func__, REDFISH_DUMMY_CONFIG_LANG, Status)); > + } > + > +ON_RELEASE: > + > + if (Json != NULL) { > + FreePool (Json); > + } > + > + RedfishHttpFreeResponse (&Response); > + > + return Status; > +} > + > +/** > + Provisioning redfish resource to Redfish service. > + > + @param[in] Private Pointer to private data. > + @param[in] ResourceExist This is not used in Redfish secure > + boot resource. > + > + @retval EFI_SUCCESS Provision resource successfully. > + @retval Others Some error happened. > + > +**/ > +EFI_STATUS > +RedfishProvisioningResourceCommon ( > + IN REDFISH_RESOURCE_COMMON_PRIVATE *Private, > + IN BOOLEAN ResourceExist > + ) > +{ > + if (Private == NULL) { > + return EFI_INVALID_PARAMETER; > + } > + > + return ProvisioningSecureBootResource (Private); > +} > + > +/** > + Check resource from given Json data. > + > + @param[in] This Pointer to > REDFISH_RESOURCE_COMMON_PRIVATE instance. > + @param[in] Json The JSON data to check. > + @param[in] HeaderEtag The Etag string returned in HTTP header. > + > + @retval EFI_SUCCESS Check resource successfully. > + @retval Others Some error happened. > + > +**/ > +EFI_STATUS > +RedfishCheckResourceCommon ( > + IN REDFISH_RESOURCE_COMMON_PRIVATE *Private, > + IN CHAR8 *Json, > + IN CHAR8 *HeaderEtag OPTIONAL > + ) > +{ > + UINTN Index; > + EFI_STATUS Status; > + UINTN Count; > + EFI_STRING Property; > + > + if ((Private == NULL) || IS_EMPTY_STRING (Json)) { > + return EFI_INVALID_PARAMETER; > + } > + > + // > + // Check ETAG to see if we need to check it > + // > + if (CheckEtag (Private->Uri, HeaderEtag, NULL)) { > + // > + // No change > + // > + DEBUG ((REDFISH_DEBUG_TRACE, "%a: ETAG: %s has no change, ignore > check action\n", __func__, Private->Uri)); > + return EFI_SUCCESS; > + } > + > + Count = sizeof (mSecureBootSupportedAttributes) / sizeof > (mSecureBootSupportedAttributes[0]); > + if (Count == 0) { > + return EFI_UNSUPPORTED; > + } > + > + Status = EFI_SUCCESS; > + for (Index = 0; Index < Count; Index++) { > + Property = mSecureBootSupportedAttributes[Index]; > + if (Property == NULL) { > + continue; > + } > + > + DEBUG ((REDFISH_DEBUG_TRACE, "%a: [%d] check attribute for: %s\n", > __func__, Index, Property)); > + if (!MatchPropertyWithJsonContext (Property, Json)) { > + DEBUG ((REDFISH_DEBUG_TRACE, "%a: property is missing: %s\n", > __func__, Property)); > + Status = EFI_NOT_FOUND; > + break; > + } > + } > + > + return Status; > +} > + > +/** > + Update resource to Redfish service. > + > + @param[in] Private Pointer to > REDFISH_RESOURCE_COMMON_PRIVATE instance. > + @param[in] Json The JSON data to be updated. > + > + @retval EFI_SUCCESS Update resource successfully. > + @retval Others Some error happened. > + > +**/ > +EFI_STATUS > +RedfishUpdateResourceCommon ( > + IN REDFISH_RESOURCE_COMMON_PRIVATE *Private, > + IN CHAR8 *InputJson > + ) > +{ > + EFI_STATUS Status; > + CHAR8 *Json; > + CHAR8 *JsonWithAddendum; > + REDFISH_RESPONSE Response; > + > + if ((Private == NULL) || IS_EMPTY_STRING (InputJson)) { > + return EFI_INVALID_PARAMETER; > + } > + > + ZeroMem (&Response, sizeof (REDFISH_RESPONSE)); > + Json = NULL; > + > + Status = ProvisioningSecureBootProperties ( > + Private->JsonStructProtocol, > + SecureBootEmptyJson, > + NULL, > + REDFISH_DUMMY_CONFIG_LANG, > + TRUE, > + &Json > + ); > + if (EFI_ERROR (Status)) { > + if (Status == EFI_NOT_FOUND) { > + DEBUG ((REDFISH_DEBUG_TRACE, "%a: update resource for %s ignored. > Nothing changed\n", __func__, REDFISH_DUMMY_CONFIG_LANG)); > + Status = EFI_SUCCESS; > + } else { > + DEBUG ((DEBUG_ERROR, "%a: update resource for %s failed: %r\n", > __func__, REDFISH_DUMMY_CONFIG_LANG, Status)); > + } > + > + goto ON_RELEASE; > + } > + > + // > + // Check and see if platform has OEM data or not > + // > + Status = RedfishGetOemData ( > + Private->Uri, > + RESOURCE_SCHEMA, > + RESOURCE_SCHEMA_VERSION, > + Json, > + &JsonWithAddendum > + ); > + if (!EFI_ERROR (Status) && (JsonWithAddendum != NULL)) { > + FreePool (Json); > + Json = JsonWithAddendum; > + JsonWithAddendum = NULL; > + } > + > + // > + // Check and see if platform has addendum data or not > + // > + Status = RedfishGetAddendumData ( > + Private->Uri, > + RESOURCE_SCHEMA, > + RESOURCE_SCHEMA_VERSION, > + Json, > + &JsonWithAddendum > + ); > + if (!EFI_ERROR (Status) && (JsonWithAddendum != NULL)) { > + FreePool (Json); > + Json = JsonWithAddendum; > + JsonWithAddendum = NULL; > + } > + > + DEBUG ((REDFISH_DEBUG_TRACE, "%a: update resource for %s\n", > __func__, REDFISH_DUMMY_CONFIG_LANG)); > + > + // > + // PATCH back to instance > + // > + Status = RedfishHttpPatchResource (Private->RedfishService, Private->Uri, > Json, &Response); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: patch resource for %s failed: %r\n", > __func__, REDFISH_DUMMY_CONFIG_LANG, Status)); > + } > + > +ON_RELEASE: > + > + if (Json != NULL) { > + FreePool (Json); > + } > + > + RedfishHttpFreeResponse (&Response); > + > + return Status; > +} > + > +/** > + Identify resource in given Json data. > + > + @param[in] Private Pointer to > REDFISH_RESOURCE_COMMON_PRIVATE instance. > + @param[in] Json The JSON to be identified. > + > + @retval EFI_SUCCESS Identify resource successfully. > + @retval Others Some error happened. > + > +**/ > +EFI_STATUS > +RedfishIdentifyResourceCommon ( > + IN REDFISH_RESOURCE_COMMON_PRIVATE *Private, > + IN CHAR8 *Json > + ) > +{ > + BOOLEAN Supported; > + > + Supported = RedfishIdentifyResource (Private->Uri, Private->Json); > + if (Supported) { > + // > + // Keep URI and ConfigLang mapping > + // > + RedfishSetRedfishUri (REDFISH_DUMMY_CONFIG_LANG, Private->Uri); > + } > + > + return (Supported ? EFI_SUCCESS : EFI_UNSUPPORTED); > +} > + > +/** > + Handle Redfish resource in Uri. > + > + @param[in] Private Pointer to > REDFISH_RESOURCE_COMMON_PRIVATE instance. > + @param[in] Uri URI to Redfish resource that we like to > process. > + > + @retval EFI_SUCCESS Handle resource successfully. > + @retval Others Some error happened. > + > +**/ > +EFI_STATUS > +HandleResource ( > + IN REDFISH_RESOURCE_COMMON_PRIVATE *Private, > + IN EFI_STRING Uri > + ) > +{ > + EFI_STATUS Status; > + REDFISH_SCHEMA_INFO SchemaInfo; > + EFI_STRING ConfigLang; > + > + if ((Private == NULL) || IS_EMPTY_STRING (Uri)) { > + return EFI_INVALID_PARAMETER; > + } > + > + // > + // Resource match > + // > + > + DEBUG ((REDFISH_DEBUG_TRACE, "%a: process resource for: %s\n", > __func__, Uri)); > + > + Status = GetRedfishSchemaInfo (Private->RedfishService, Private- > >JsonStructProtocol, Uri, NULL, &SchemaInfo); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: failed to get schema information from: %s > %r\n", __func__, Uri, Status)); > + return Status; > + } > + > + // > + // Check and see if this is target resource that we want to handle. > + // Some resource is handled by other provider so we have to make sure > this first. > + // > + DEBUG ((REDFISH_DEBUG_TRACE, "%a: Identify for %s\n", __func__, Uri)); > + ConfigLang = RedfishGetConfigLanguage (Uri); > + if (ConfigLang == NULL) { > + Status = EdkIIRedfishResourceConfigIdentify (&SchemaInfo, Uri, NULL, > Private->InformationExchange); > + if (EFI_ERROR (Status)) { > + if (Status == EFI_UNSUPPORTED) { > + DEBUG ((REDFISH_DEBUG_TRACE, "%a: \"%s\" is not handled by us\n", > __func__, Uri)); > + return EFI_SUCCESS; > + } else if (Status == EFI_NOT_FOUND) { > + DEBUG ((REDFISH_DEBUG_TRACE, "%a: \"%s\" has nothing to > handle\n", __func__, Uri)); > + return EFI_SUCCESS; > + } > + > + DEBUG ((DEBUG_ERROR, "%a: fail to identify resource: \"%s\": %r\n", > __func__, Uri, Status)); > + return Status; > + } > + } else { > + DEBUG ((REDFISH_DEBUG_TRACE, "%a: history record found: %s\n", > __func__, ConfigLang)); > + FreePool (ConfigLang); > + } > + > + // > + // Check and see if target property exist or not even when collection > member exists. > + // If not, we still do provision. > + // > + DEBUG ((REDFISH_DEBUG_TRACE, "%a Check for %s\n", __func__, Uri)); > + Status = EdkIIRedfishResourceConfigCheck (&SchemaInfo, Uri, NULL); > + if (EFI_ERROR (Status)) { > + if (Status == EFI_UNSUPPORTED) { > + DEBUG ((REDFISH_DEBUG_TRACE, "%a: \"%s\" is not handled by us\n", > __func__, Uri)); > + return EFI_SUCCESS; > + } > + > + // > + // The target property does not exist, do the provision to create > property. > + // > + DEBUG ((REDFISH_DEBUG_TRACE, "%a provision for %s\n", __func__, > Uri)); > + Status = EdkIIRedfishResourceConfigProvisioning (&SchemaInfo, Uri, NULL, > Private->InformationExchange, FALSE); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: failed to provision with GET mode: %r\n", > __func__, Status)); > + } > + > + DEBUG ((REDFISH_DEBUG_TRACE, "%a: process resource for: %s > finished\n", __func__, Uri)); > + > + return Status; > + } > + > + // > + // Consume first. > + // > + DEBUG ((REDFISH_DEBUG_TRACE, "%a consume for %s\n", __func__, Uri)); > + Status = EdkIIRedfishResourceConfigConsume (&SchemaInfo, Uri, NULL); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: failed to consume resource for: %s: %r\n", > __func__, Uri, Status)); > + } > + > + // > + // Patch. > + // > + DEBUG ((REDFISH_DEBUG_TRACE, "%a update for %s\n", __func__, Uri)); > + Status = EdkIIRedfishResourceConfigUpdate (&SchemaInfo, Uri, NULL); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: failed to update resource for: %s: %r\n", > __func__, Uri, Status)); > + } > + > + DEBUG ((REDFISH_DEBUG_TRACE, "%a: process resource for: %s > finished\n", __func__, Uri)); > + > + return Status; > +} > diff --git > a/RedfishClientPkg/Features/SecureBoot/v1_1_0/Dxe/SecureBootDxe.c > b/RedfishClientPkg/Features/SecureBoot/v1_1_0/Dxe/SecureBootDxe.c > new file mode 100644 > index 000000000..31801ac72 > --- /dev/null > +++ b/RedfishClientPkg/Features/SecureBoot/v1_1_0/Dxe/SecureBootDxe.c > @@ -0,0 +1,809 @@ > +/** @file > + Redfish feature driver implementation - SecureBoot > + > + (C) Copyright 2020-2022 Hewlett Packard Enterprise Development LP<BR> > + Copyright (c) 2023-2024, NVIDIA CORPORATION & AFFILIATES. All rights > reserved. > + > + SPDX-License-Identifier: BSD-2-Clause-Patent > + > +**/ > + > +#include "../Common/SecureBootCommon.h" > + > +extern REDFISH_RESOURCE_COMMON_PRIVATE *mRedfishResourcePrivate; > +extern EFI_HANDLE mRedfishResourceConfigProtocolHandle; > + > +EFI_STATUS > +HandleResource ( > + IN REDFISH_RESOURCE_COMMON_PRIVATE *Private, > + IN EFI_STRING Uri > + ); > + > +/** > + Provisioning redfish resource by given URI. > + > + @param[in] This Pointer to EFI_HP_REDFISH_HII_PROTOCOL > instance. > + @param[in] Uri Target URI to create resource. > + @param[in] PostMode TRUE if the resource does not exist, post > method is used. > + FALSE if the resource exist but property > is missing, > patch method is used. > + > + @retval EFI_SUCCESS Value is returned successfully. > + @retval Others Some error happened. > + > +**/ > +EFI_STATUS > +EFIAPI > +RedfishResourceProvisioningResource ( > + IN EDKII_REDFISH_RESOURCE_CONFIG_PROTOCOL *This, > + IN EFI_STRING Uri, > + IN BOOLEAN PostMode > + ) > +{ > + REDFISH_RESOURCE_COMMON_PRIVATE *Private; > + EFI_STATUS Status; > + REDFISH_RESPONSE Response; > + > + if ((This == NULL) || IS_EMPTY_STRING (Uri)) { > + return EFI_INVALID_PARAMETER; > + } > + > + DEBUG ((REDFISH_DEBUG_TRACE, "%a: provisioning in %s mode\n", > __func__, (PostMode ? L"POST" : L"PATCH"))); > + > + ZeroMem (&Response, sizeof (REDFISH_RESPONSE)); > + Private = > REDFISH_RESOURCE_COMMON_PRIVATE_DATA_FROM_RESOURCE_PROTOCOL > (This); > + > + if (Private->RedfishService == NULL) { > + return EFI_NOT_READY; > + } > + > + Status = RedfishHttpGetResource (Private->RedfishService, Uri, NULL, > &Response, TRUE); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: get resource from: %s failed\n", __func__, > Uri)); > + return Status; > + } > + > + Private->Uri = Uri; > + Private->Payload = Response.Payload; > + ASSERT (Private->Payload != NULL); > + > + Status = RedfishProvisioningResourceCommon (Private, !PostMode); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: failed to provision resource to: %s: %r\n", > __func__, Uri, Status)); > + } else { > + // > + // Get latest ETag on URI and keep it in variable. > + // > + SetEtagFromUri (Private->RedfishService, Private->Uri, TRUE); > + } > + > + // > + // Release resource > + // > + RedfishHttpFreeResponse (&Response); > + Private->Payload = NULL; > + > + return Status; > +} > + > +/** > + Consume resource from given URI. > + > + @param[in] This Pointer to EFI_HP_REDFISH_HII_PROTOCOL > instance. > + @param[in] Uri The target URI to consume. > + > + @retval EFI_SUCCESS Value is returned successfully. > + @retval Others Some error happened. > + > +**/ > +EFI_STATUS > +EFIAPI > +RedfishResourceConsumeResource ( > + IN EDKII_REDFISH_RESOURCE_CONFIG_PROTOCOL *This, > + IN EFI_STRING Uri > + ) > +{ > + REDFISH_RESOURCE_COMMON_PRIVATE *Private; > + EFI_STATUS Status; > + REDFISH_RESPONSE Response; > + EFI_STRING PendingSettingUri; > + REDFISH_RESPONSE PendingSettingResponse; > + REDFISH_RESPONSE *ExpectedResponse; > + CHAR8 *Etag; > + > + if ((This == NULL) || IS_EMPTY_STRING (Uri)) { > + return EFI_INVALID_PARAMETER; > + } > + > + ZeroMem (&Response, sizeof (REDFISH_RESPONSE)); > + ZeroMem (&PendingSettingResponse, sizeof (REDFISH_RESPONSE)); > + Private = > REDFISH_RESOURCE_COMMON_PRIVATE_DATA_FROM_RESOURCE_PROTOCOL > (This); > + > + if (Private->RedfishService == NULL) { > + return EFI_NOT_READY; > + } > + > + Status = RedfishHttpGetResource (Private->RedfishService, Uri, NULL, > &Response, TRUE); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: get resource from: %s failed\n", __func__, > Uri)); > + return Status; > + } > + > + // > + // Check and see if "@Redfish.Settings" exist or not. > + // > + PendingSettingUri = NULL; > + Status = GetPendingSettings ( > + Private->RedfishService, > + Response.Payload, > + &PendingSettingResponse, > + &PendingSettingUri > + ); > + if (!EFI_ERROR (Status)) { > + DEBUG ((REDFISH_DEBUG_TRACE, "%a: @Redfish.Settings found: %s\n", > __func__, PendingSettingUri)); > + SetRedfishSettingsObjectsUri (Uri, PendingSettingUri); > + Private->Uri = PendingSettingUri; > + ExpectedResponse = &PendingSettingResponse; > + } else { > + Private->Uri = Uri; > + ExpectedResponse = &Response; > + } > + > + Private->Payload = ExpectedResponse->Payload; > + ASSERT (Private->Payload != NULL); > + > + Private->Json = JsonDumpString (RedfishJsonInPayload (Private->Payload), > EDKII_JSON_COMPACT); > + ASSERT (Private->Json != NULL); > + > + // > + // Searching for etag in HTTP response header > + // > + Etag = NULL; > + Status = GetHttpResponseEtag (ExpectedResponse, &Etag); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: failed to get ETag from HTTP header\n", > __func__)); > + } > + > + Status = RedfishConsumeResourceCommon (Private, Private->Json, Etag); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: failed to consume resource from: %s: > %r\n", __func__, Private->Uri, Status)); > + } > + > + // > + // Release resource > + // > + RedfishHttpFreeResponse (&Response); > + RedfishHttpFreeResponse (&PendingSettingResponse); > + Private->Payload = NULL; > + > + if (Private->Json != NULL) { > + FreePool (Private->Json); > + Private->Json = NULL; > + } > + > + if (Etag != NULL) { > + FreePool (Etag); > + } > + > + if (PendingSettingUri != NULL) { > + FreePool (PendingSettingUri); > + } > + > + return Status; > +} > + > +/** > + Get information about this protocol. > + > + @param[in] This Pointer to EFI_HP_REDFISH_HII_PROTOCOL > instance. > + @param[out] Schema Supported schema. > + @param[out] Major Supported major number. > + @param[out] Minor Supported minor number. > + @param[out] Errata Supported errata number. > + > + @retval EFI_SUCCESS Value is returned successfully. > + @retval Others Some error happened. > + > +**/ > +EFI_STATUS > +EFIAPI > +RedfishResourceGetInfo ( > + IN EDKII_REDFISH_RESOURCE_CONFIG_PROTOCOL *This, > + OUT REDFISH_SCHEMA_INFO *Info > + ) > +{ > + if ((This == NULL) || (Info == NULL)) { > + return EFI_INVALID_PARAMETER; > + } > + > + AsciiStrCpyS (Info->Schema, REDFISH_SCHEMA_STRING_SIZE, > RESOURCE_SCHEMA); > + AsciiStrCpyS (Info->Major, REDFISH_SCHEMA_VERSION_SIZE, > RESOURCE_SCHEMA_MAJOR); > + AsciiStrCpyS (Info->Minor, REDFISH_SCHEMA_VERSION_SIZE, > RESOURCE_SCHEMA_MINOR); > + AsciiStrCpyS (Info->Errata, REDFISH_SCHEMA_VERSION_SIZE, > RESOURCE_SCHEMA_ERRATA); > + > + return EFI_SUCCESS; > +} > + > +/** > + Update resource to given URI. > + > + @param[in] This Pointer to EFI_HP_REDFISH_HII_PROTOCOL > instance. > + @param[in] Uri The target URI to consume. > + > + @retval EFI_SUCCESS Value is returned successfully. > + @retval Others Some error happened. > + > +**/ > +EFI_STATUS > +EFIAPI > +RedfishResourceUpdate ( > + IN EDKII_REDFISH_RESOURCE_CONFIG_PROTOCOL *This, > + IN EFI_STRING Uri > + ) > +{ > + REDFISH_RESOURCE_COMMON_PRIVATE *Private; > + EFI_STATUS Status; > + REDFISH_RESPONSE Response; > + > + if ((This == NULL) || IS_EMPTY_STRING (Uri)) { > + return EFI_INVALID_PARAMETER; > + } > + > + ZeroMem (&Response, sizeof (REDFISH_RESPONSE)); > + Private = > REDFISH_RESOURCE_COMMON_PRIVATE_DATA_FROM_RESOURCE_PROTOCOL > (This); > + > + if (Private->RedfishService == NULL) { > + return EFI_NOT_READY; > + } > + > + Status = RedfishHttpGetResource (Private->RedfishService, Uri, NULL, > &Response, TRUE); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: get resource from: %s failed\n", __func__, > Uri)); > + return Status; > + } > + > + Private->Uri = Uri; > + Private->Payload = Response.Payload; > + ASSERT (Private->Payload != NULL); > + > + Private->Json = JsonDumpString (RedfishJsonInPayload (Private->Payload), > EDKII_JSON_COMPACT); > + ASSERT (Private->Json != NULL); > + > + Status = RedfishUpdateResourceCommon (Private, Private->Json); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: failed to update resource to: %s: %r\n", > __func__, Uri, Status)); > + } else { > + // > + // Get latest ETag on URI and keep it in variable. > + // > + SetEtagFromUri (Private->RedfishService, Private->Uri, TRUE); > + } > + > + // > + // Release resource > + // > + RedfishHttpFreeResponse (&Response); > + Private->Payload = NULL; > + > + if (Private->Json != NULL) { > + FreePool (Private->Json); > + Private->Json = NULL; > + } > + > + return Status; > +} > + > +/** > + Check resource on given URI. > + > + @param[in] This Pointer to EFI_HP_REDFISH_HII_PROTOCOL > instance. > + @param[in] Uri The target URI to consume. > + > + @retval EFI_SUCCESS Value is returned successfully. > + @retval Others Some error happened. > + > +**/ > +EFI_STATUS > +EFIAPI > +RedfishResourceCheck ( > + IN EDKII_REDFISH_RESOURCE_CONFIG_PROTOCOL *This, > + IN EFI_STRING Uri > + ) > +{ > + REDFISH_RESOURCE_COMMON_PRIVATE *Private; > + EFI_STATUS Status; > + REDFISH_RESPONSE Response; > + CHAR8 *Etag; > + > + if ((This == NULL) || IS_EMPTY_STRING (Uri)) { > + return EFI_INVALID_PARAMETER; > + } > + > + ZeroMem (&Response, sizeof (REDFISH_RESPONSE)); > + Private = > REDFISH_RESOURCE_COMMON_PRIVATE_DATA_FROM_RESOURCE_PROTOCOL > (This); > + > + if (Private->RedfishService == NULL) { > + return EFI_NOT_READY; > + } > + > + Status = RedfishHttpGetResource (Private->RedfishService, Uri, NULL, > &Response, TRUE); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: get resource from: %s failed\n", __func__, > Uri)); > + return Status; > + } > + > + Private->Uri = Uri; > + Private->Payload = Response.Payload; > + ASSERT (Private->Payload != NULL); > + > + Private->Json = JsonDumpString (RedfishJsonInPayload (Private->Payload), > EDKII_JSON_COMPACT); > + ASSERT (Private->Json != NULL); > + > + // > + // Find etag in HTTP response header > + // > + Etag = NULL; > + Status = GetHttpResponseEtag (&Response, &Etag); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: failed to get ETag from HTTP header\n", > __func__)); > + } > + > + Status = RedfishCheckResourceCommon (Private, Private->Json, Etag); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: failed to check resource from: %s: %r\n", > __func__, Uri, Status)); > + } > + > + // > + // Release resource > + // > + if (Etag != NULL) { > + FreePool (Etag); > + } > + > + RedfishHttpFreeResponse (&Response); > + Private->Payload = NULL; > + > + if (Private->Json != NULL) { > + FreePool (Private->Json); > + Private->Json = NULL; > + } > + > + return Status; > +} > + > +/** > + Identify resource on given URI. > + > + @param[in] This Pointer to > EDKII_REDFISH_RESOURCE_CONFIG_PROTOCOL instance. > + @param[in] Uri The target URI to consume. > + > + @retval EFI_SUCCESS This is target resource which we want to > handle. > + @retval EFI_UNSUPPORTED This is not the target resource. > + @retval Others Some error happened. > + > +**/ > +EFI_STATUS > +EFIAPI > +RedfishResourceIdentify ( > + IN EDKII_REDFISH_RESOURCE_CONFIG_PROTOCOL *This, > + IN EFI_STRING Uri > + ) > +{ > + REDFISH_RESOURCE_COMMON_PRIVATE *Private; > + EFI_STATUS Status; > + REDFISH_RESPONSE Response; > + > + if ((This == NULL) || IS_EMPTY_STRING (Uri)) { > + return EFI_INVALID_PARAMETER; > + } > + > + ZeroMem (&Response, sizeof (REDFISH_RESPONSE)); > + Private = > REDFISH_RESOURCE_COMMON_PRIVATE_DATA_FROM_RESOURCE_PROTOCOL > (This); > + > + if (Private->RedfishService == NULL) { > + return EFI_NOT_READY; > + } > + > + Status = RedfishHttpGetResource (Private->RedfishService, Uri, NULL, > &Response, TRUE); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: get resource from: %s failed\n", __func__, > Uri)); > + return Status; > + } > + > + Private->Uri = Uri; > + Private->Payload = Response.Payload; > + ASSERT (Private->Payload != NULL); > + > + Private->Json = JsonDumpString (RedfishJsonInPayload (Private->Payload), > EDKII_JSON_COMPACT); > + ASSERT (Private->Json != NULL); > + > + Status = RedfishIdentifyResourceCommon (Private, Private->Json); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: identify %s failed: %r\n", __func__, Uri, > Status)); > + } > + > + // > + // Release resource > + // > + RedfishHttpFreeResponse (&Response); > + Private->Payload = NULL; > + > + if (Private->Json != NULL) { > + FreePool (Private->Json); > + Private->Json = NULL; > + } > + > + return Status; > +} > + > +EDKII_REDFISH_RESOURCE_CONFIG_PROTOCOL mRedfishResourceConfig = { > + RedfishResourceProvisioningResource, > + RedfishResourceConsumeResource, > + RedfishResourceUpdate, > + RedfishResourceCheck, > + RedfishResourceIdentify, > + RedfishResourceGetInfo > +}; > + > +/** > + Initialize a Redfish configure handler. > + > + This function will be called by the Redfish config driver to initialize > each > Redfish configure > + handler. > + > + @param[in] This Pointer to > EDKII_REDFISH_CONFIG_HANDLER_PROTOCOL instance. > + @param[in] RedfishConfigServiceInfo Redfish service information. > + > + @retval EFI_SUCCESS The handler has been initialized > successfully. > + @retval EFI_DEVICE_ERROR Failed to create or configure the REST > EX protocol instance. > + @retval EFI_ALREADY_STARTED This handler has already been > initialized. > + @retval Other Error happens during the > initialization. > + > +**/ > +EFI_STATUS > +EFIAPI > +RedfishResourceInit ( > + IN EDKII_REDFISH_CONFIG_HANDLER_PROTOCOL *This, > + IN REDFISH_CONFIG_SERVICE_INFORMATION *RedfishConfigServiceInfo > + ) > +{ > + REDFISH_RESOURCE_COMMON_PRIVATE *Private; > + > + Private = > REDFISH_RESOURCE_COMMON_PRIVATE_DATA_FROM_CONFIG_PROTOCOL > (This); > + > + Private->RedfishService = RedfishCreateService (RedfishConfigServiceInfo); > + if (Private->RedfishService == NULL) { > + return EFI_DEVICE_ERROR; > + } > + > + return EFI_SUCCESS; > +} > + > +/** > + Stop a Redfish configure handler. > + > + @param[in] This Pointer to > EDKII_REDFISH_CONFIG_HANDLER_PROTOCOL instance. > + > + @retval EFI_SUCCESS This handler has been stoped successfully. > + @retval Others Some error happened. > + > +**/ > +EFI_STATUS > +EFIAPI > +RedfishResourceStop ( > + IN EDKII_REDFISH_CONFIG_HANDLER_PROTOCOL *This > + ) > +{ > + REDFISH_RESOURCE_COMMON_PRIVATE *Private; > + > + Private = > REDFISH_RESOURCE_COMMON_PRIVATE_DATA_FROM_CONFIG_PROTOCOL > (This); > + > + if (Private->Event != NULL) { > + gBS->CloseEvent (Private->Event); > + Private->Event = NULL; > + } > + > + if (Private->RedfishService != NULL) { > + RedfishCleanupService (Private->RedfishService); > + Private->RedfishService = NULL; > + } > + > + return EFI_SUCCESS; > +} > + > +EDKII_REDFISH_CONFIG_HANDLER_PROTOCOL mRedfishConfigHandler = { > + RedfishResourceInit, > + RedfishResourceStop > +}; > + > +/** > + Callback function when gEfiRestJsonStructureProtocolGuid is installed. > + > + @param[in] Event Event whose notification function is being invoked. > + @param[in] Context Pointer to the notification function's context. > +**/ > +VOID > +EFIAPI > +EfiRestJsonStructureProtocolIsReady ( > + IN EFI_EVENT Event, > + IN VOID *Context > + ) > +{ > + EFI_STATUS Status; > + > + if (mRedfishResourcePrivate == NULL) { > + return; > + } > + > + if (mRedfishResourcePrivate->JsonStructProtocol != NULL) { > + return; > + } > + > + Status = gBS->LocateProtocol ( > + &gEfiRestJsonStructureProtocolGuid, > + NULL, > + (VOID **)&mRedfishResourcePrivate->JsonStructProtocol > + ); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: failed to locate > gEfiRestJsonStructureProtocolGuid: %r\n", __func__, Status)); > + } > + > + gBS->CloseEvent (Event); > +} > + > +/** > + Unloads an image. > + > + @param ImageHandle Handle that identifies the image to be > unloaded. > + > + @retval EFI_SUCCESS The image has been unloaded. > + @retval EFI_INVALID_PARAMETER ImageHandle is not a valid image > handle. > + > +**/ > +EFI_STATUS > +EFIAPI > +RedfishResourceUnload ( > + IN EFI_HANDLE ImageHandle > + ) > +{ > + EFI_STATUS Status; > + EDKII_REDFISH_CONFIG_HANDLER_PROTOCOL *ConfigHandler; > + > + if (mRedfishResourcePrivate == NULL) { > + return EFI_NOT_READY; > + } > + > + ConfigHandler = NULL; > + > + // > + // Firstly, find ConfigHandler Protocol interface in this ImageHandle. > + // > + Status = gBS->OpenProtocol ( > + ImageHandle, > + &gEdkIIRedfishConfigHandlerProtocolGuid, > + (VOID **)&ConfigHandler, > + NULL, > + NULL, > + EFI_OPEN_PROTOCOL_BY_HANDLE_PROTOCOL > + ); > + if (EFI_ERROR (Status) || (ConfigHandler == NULL)) { > + return Status; > + } > + > + ConfigHandler->Stop (ConfigHandler); > + > + // > + // Last, uninstall ConfigHandler Protocol and resource protocol. > + // > + Status = gBS->UninstallMultipleProtocolInterfaces ( > + ImageHandle, > + &gEdkIIRedfishConfigHandlerProtocolGuid, > + ConfigHandler, > + &gEdkIIRedfishResourceConfigProtocolGuid, > + &mRedfishResourcePrivate->RedfishResourceConfig, > + NULL > + ); > + > + FreePool (mRedfishResourcePrivate); > + mRedfishResourcePrivate = NULL; > + > + return Status; > +} > + > +/** > + The callback function provided by Redfish Feature driver. > + > + @param[in] This Pointer to > EDKII_REDFISH_FEATURE_PROTOCOL > instance. > + @param[in] FeatureAction The action Redfish feature driver should > take. > + @param[in] Uri The collection URI. > + @param[in] Context The context of Redfish feature driver. > + @param[in,out] InformationExchange The pointer to > RESOURCE_INFORMATION_EXCHANGE > + > + @retval EFI_SUCCESS Redfish feature driver callback is > executed > successfully. > + @retval Others Some errors happened. > + > + @retval EFI_SUCCESS Redfish feature driver callback is > executed > successfully. > + @retval Others Some errors happened. > + > +**/ > +EFI_STATUS > +EFIAPI > +RedfishExternalResourceResourceFeatureCallback ( > + IN EDKII_REDFISH_FEATURE_PROTOCOL *This, > + IN FEATURE_CALLBACK_ACTION FeatureAction, > + IN VOID *Context, > + IN OUT RESOURCE_INFORMATION_EXCHANGE *InformationExchange > + ) > +{ > + EFI_STATUS Status; > + REDFISH_SERVICE RedfishService; > + REDFISH_RESOURCE_COMMON_PRIVATE *Private; > + EFI_STRING ResourceUri; > + EFI_STRING SecureBootUri; > + > + if (FeatureAction != CallbackActionStartOperation) { > + return EFI_UNSUPPORTED; > + } > + > + Private = (REDFISH_RESOURCE_COMMON_PRIVATE *)Context; > + > + RedfishService = Private->RedfishService; > + if (RedfishService == NULL) { > + DEBUG ((DEBUG_ERROR, "%a: no Redfish service configured\n", > __func__)); > + return EFI_NOT_READY; > + } > + > + // > + // Save in private structure. > + // > + Private->InformationExchange = InformationExchange; > + > + // > + // Find Redfish version on Redfish ser > + // > + Private->RedfishVersion = RedfishGetVersion (RedfishService); > + > + // > + // Create the full URI from Redfish service root. > + // > + ResourceUri = (EFI_STRING)AllocateZeroPool (MAX_URI_LENGTH * sizeof > (CHAR16)); > + if (ResourceUri == NULL) { > + DEBUG ((DEBUG_ERROR, "%a: Fail to allocate memory for full URI.\n", > __func__)); > + return EFI_OUT_OF_RESOURCES; > + } > + > + StrCatS (ResourceUri, MAX_URI_LENGTH, Private->RedfishVersion); > + StrCatS (ResourceUri, MAX_URI_LENGTH, InformationExchange- > >SendInformation.FullUri); > + > + // > + // Initialize collection path > + // > + SecureBootUri = RedfishGetUri (ResourceUri); > + if (SecureBootUri == NULL) { > + ASSERT (FALSE); > + FreePool (ResourceUri); > + return EFI_OUT_OF_RESOURCES; > + } > + > + Status = HandleResource (Private, SecureBootUri); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: process external resource: %s failed: %r\n", > __func__, SecureBootUri, Status)); > + } > + > + FreePool (SecureBootUri); > + FreePool (ResourceUri); > + return Status; > +} > + > +/** > + Callback function when gEdkIIRedfishFeatureProtocolGuid is installed. > + > + @param[in] Event Event whose notification function is being invoked. > + @param[in] Context Pointer to the notification function's context. > +**/ > +VOID > +EFIAPI > +EdkIIRedfishFeatureProtocolIsReady ( > + IN EFI_EVENT Event, > + IN VOID *Context > + ) > +{ > + EFI_STATUS Status; > + EDKII_REDFISH_FEATURE_PROTOCOL *FeatureProtocol; > + > + if (mRedfishResourcePrivate == NULL) { > + return; > + } > + > + if (mRedfishResourcePrivate->FeatureProtocol != NULL) { > + return; > + } > + > + Status = gBS->LocateProtocol ( > + &gEdkIIRedfishFeatureProtocolGuid, > + NULL, > + (VOID **)&FeatureProtocol > + ); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: failed to locate > gEdkIIRedfishFeatureProtocolGuid: %r\n", __func__, Status)); > + gBS->CloseEvent (Event); > + return; > + } > + > + Status = FeatureProtocol->Register ( > + FeatureProtocol, > + REDFISH_MANAGED_URI, > + RedfishExternalResourceResourceFeatureCallback, > + (VOID *)mRedfishResourcePrivate > + ); > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "%a: failed to register %s: %r\n", __func__, > REDFISH_MANAGED_URI, Status)); > + } > + > + mRedfishResourcePrivate->FeatureProtocol = FeatureProtocol; > + > + gBS->CloseEvent (Event); > +} > + > +/** > + This is the declaration of an EFI image entry point. This entry point is > + the same for UEFI Applications, UEFI OS Loaders, and UEFI Drivers > including > + both device drivers and bus drivers. It initialize the global variables and > + publish the driver binding protocol. > + > + @param[in] ImageHandle The firmware allocated handle for the UEFI > image. > + @param[in] SystemTable A pointer to the EFI System Table. > + > + @retval EFI_SUCCESS The operation completed successfully. > + @retval EFI_ACCESS_DENIED EFI_ISCSI_INITIATOR_NAME_PROTOCOL was > installed unexpectedly. > + @retval Others Other errors as indicated. > +**/ > +EFI_STATUS > +EFIAPI > +RedfishResourceEntryPoint ( > + IN EFI_HANDLE ImageHandle, > + IN EFI_SYSTEM_TABLE *SystemTable > + ) > +{ > + EFI_STATUS Status; > + VOID *Registration; > + > + if (mRedfishResourcePrivate != NULL) { > + return EFI_ALREADY_STARTED; > + } > + > + mRedfishResourceConfigProtocolHandle = ImageHandle; > + > + mRedfishResourcePrivate = AllocateZeroPool (sizeof > (REDFISH_RESOURCE_COMMON_PRIVATE)); > + CopyMem (&mRedfishResourcePrivate->ConfigHandler, > &mRedfishConfigHandler, sizeof > (EDKII_REDFISH_CONFIG_HANDLER_PROTOCOL)); > + CopyMem (&mRedfishResourcePrivate->RedfishResourceConfig, > &mRedfishResourceConfig, sizeof > (EDKII_REDFISH_RESOURCE_CONFIG_PROTOCOL)); > + > + // > + // Publish config handler protocol and resource protocol. > + // > + Status = gBS->InstallMultipleProtocolInterfaces ( > + &ImageHandle, > + &gEdkIIRedfishConfigHandlerProtocolGuid, > + &mRedfishResourcePrivate->ConfigHandler, > + &gEdkIIRedfishResourceConfigProtocolGuid, > + &mRedfishResourcePrivate->RedfishResourceConfig, > + NULL > + ); > + > + EfiCreateProtocolNotifyEvent ( > + &gEfiRestJsonStructureProtocolGuid, > + TPL_CALLBACK, > + EfiRestJsonStructureProtocolIsReady, > + NULL, > + &Registration > + ); > + > + EfiCreateProtocolNotifyEvent ( > + &gEdkIIRedfishFeatureProtocolGuid, > + TPL_CALLBACK, > + EdkIIRedfishFeatureProtocolIsReady, > + (VOID *)mRedfishResourcePrivate, > + &Registration > + ); > + > + return Status; > +} > diff --git a/RedfishClientPkg/RedfishClient.fdf.inc > b/RedfishClientPkg/RedfishClient.fdf.inc > index 59b8acba1..154f641b2 100644 > --- a/RedfishClientPkg/RedfishClient.fdf.inc > +++ b/RedfishClientPkg/RedfishClient.fdf.inc > @@ -25,6 +25,7 @@ > INF RedfishClientPkg/HiiToRedfishBiosDxe/HiiToRedfishBiosDxe.inf > INF > RedfishClientPkg/Features/BootOptionCollection/BootOptionCollectionDxe.in > f > INF RedfishClientPkg/Features/BootOption/v1_0_4/Dxe/BootOptionDxe.inf > + INF RedfishClientPkg/Features/SecureBoot/v1_1_0/Dxe/SecureBootDxe.inf > > !include RedfishClientPkg/RedfishJsonStructureDxe.fdf.inc > # > -- > 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117560): https://edk2.groups.io/g/devel/message/117560 Mute This Topic: https://groups.io/mt/105265011/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-