Support HTTP application TLS configuration protocol

[edk2-devel] [PATCH 4/5] RedfishPkg/RedfishRestExDxe: Produce EdkiiHttpsTlsConfigData protocol
Posted by Chang, Abner via groups.io 1 year, 11 months ago
From: abnchang <abnchang@amd.com>

Produce EdkiiHttpsTlsConfigData protocol to provide Redfish
REST EX TLS configuration data.

Signed-off-by: Abner Chang <abner.chang@amd.com>
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
Cc: Michael Brown <mcb30@ipxe.org>
Cc: Nickle Wang <nicklew@nvidia.com>
Cc: Igor Kulchytskyy <igork@ami.com>
---
 RedfishPkg/RedfishPkg.dec                     |  5 ++
 .../RedfishRestExDxe/RedfishRestExDxe.inf     |  2 +
 .../RedfishRestExDxe/RedfishRestExDriver.h    | 23 +++++-
 .../RedfishRestExDxe/RedfishRestExDriver.c    | 79 ++++++++++++++++++-
 4 files changed, 104 insertions(+), 5 deletions(-)

diff --git a/RedfishPkg/RedfishPkg.dec b/RedfishPkg/RedfishPkg.dec
index 3ea9ff3ef7f..e4aa8b634c8 100644
--- a/RedfishPkg/RedfishPkg.dec
+++ b/RedfishPkg/RedfishPkg.dec
@@ -154,3 +154,8 @@
   # set to EFI_REST_EX_PROTOCOL.
   #
   gEfiRedfishPkgTokenSpaceGuid.PcdRedfishSendReceiveTimeout|5000|UINT32|0x00001009
+  #
+  # This PCD declares whether to provide EDKII_HTTPS_CONFIG_DATA_PROTOCOL
+  # for Resfish REXT EX HTTPS TLS configuration data.
+  #
+  gEfiRedfishPkgTokenSpaceGuid.PcdRedfishRestExHttpsTlsConfigData|TRUE|BOOLEAN|0x00001010
diff --git a/RedfishPkg/RedfishRestExDxe/RedfishRestExDxe.inf b/RedfishPkg/RedfishRestExDxe/RedfishRestExDxe.inf
index 64e6343bfbf..e75f5a87985 100644
--- a/RedfishPkg/RedfishRestExDxe/RedfishRestExDxe.inf
+++ b/RedfishPkg/RedfishRestExDxe/RedfishRestExDxe.inf
@@ -57,11 +57,13 @@
   gEfiHttpServiceBindingProtocolGuid              ## TO_START
   gEfiHttpProtocolGuid                            ## TO_START
   gEfiDevicePathProtocolGuid                      ## TO_START
+  gEdkiiHttpsTlsConfigDataProtocolGuid            ## PRODUCED
 
 [Pcd]
   gEfiRedfishPkgTokenSpaceGuid.PcdRedfishRestExServiceAccessModeInBand ## CONSUMES
   gEfiRedfishPkgTokenSpaceGuid.PcdRedfishRestExChunkRequestMode        ## CONSUMES
   gEfiRedfishPkgTokenSpaceGuid.PcdRedfishRestExAddingExpect            ## CONSUMES
+  gEfiRedfishPkgTokenSpaceGuid.PcdRedfishRestExHttpsTlsConfigData      ## CONSUMES
 
 [UserExtensions.TianoCore."ExtraFiles"]
   RedfishRestExDxeExtra.uni
diff --git a/RedfishPkg/RedfishRestExDxe/RedfishRestExDriver.h b/RedfishPkg/RedfishRestExDxe/RedfishRestExDriver.h
index 6b94e5814c4..c3a15f1a976 100644
--- a/RedfishPkg/RedfishRestExDxe/RedfishRestExDriver.h
+++ b/RedfishPkg/RedfishRestExDxe/RedfishRestExDriver.h
@@ -30,8 +30,10 @@
 /// UEFI Driver Model Protocols
 ///
 #include <Protocol/DriverBinding.h>
+#include <Protocol/HttpsTlsConfigDataProtocol.h>
 #include <Protocol/RestEx.h>
 #include <Protocol/ServiceBinding.h>
+#include <Protocol/Tls.h>
 
 ///
 /// Protocol instances
@@ -53,13 +55,19 @@ typedef struct _RESTEX_SERVICE RESTEX_SERVICE;
 ///
 typedef struct _RESTEX_INSTANCE RESTEX_INSTANCE;
 
+///
+/// RestEx HTTP context
+///
+typedef struct _RESTEX_HTTPS_CONTEXT RESTEX_HTTPS_CONTEXT;
+
 ///
 /// Driver Version
 ///
 #define REDFISH_RESTEX_DRIVER_VERSION  0x0100
 
-#define RESTEX_SERVICE_SIGNATURE   SIGNATURE_32 ('R', 'E', 'S', 'S')
-#define RESTEX_INSTANCE_SIGNATURE  SIGNATURE_32 ('R', 'E', 'I', 'S')
+#define RESTEX_SERVICE_SIGNATURE        SIGNATURE_32 ('R', 'E', 'S', 'S')
+#define RESTEX_INSTANCE_SIGNATURE       SIGNATURE_32 ('R', 'E', 'I', 'S')
+#define RESTEX_HTTPS_CONTEXT_SIGNATURE  SIGNATURE_32 ('R', 'H', 'C', 'S')
 
 #define RESTEX_SERVICE_FROM_THIS(a)   \
   CR (a, RESTEX_SERVICE, ServiceBinding, RESTEX_SERVICE_SIGNATURE)
@@ -67,6 +75,9 @@ typedef struct _RESTEX_INSTANCE RESTEX_INSTANCE;
 #define RESTEX_INSTANCE_FROM_THIS(a)  \
   CR (a, RESTEX_INSTANCE, RestEx, RESTEX_INSTANCE_SIGNATURE)
 
+#define REDFISH_HTTPS_CONTEXT_FROM_THIS(a)  \
+  CR (a, RESTEX_HTTPS_CONTEXT, TlsConfigDataProtocol, RESTEX_HTTPS_CONTEXT_SIGNATURE)
+
 #define RESTEX_STATE_UNCONFIGED  0
 #define RESTEX_STATE_CONFIGED    1
 
@@ -93,6 +104,12 @@ struct _RESTEX_SERVICE {
 #define RESTEX_INSTANCE_FLAGS_TLS_RETRY        0x00000001
 #define RESTEX_INSTANCE_FLAGS_TCP_ERROR_RETRY  0x00000002
 
+struct _RESTEX_HTTPS_CONTEXT {
+  UINT32                                  Signature;
+  EDKII_HTTPS_TLS_CONFIG_DATA_PROTOCOL    TlsConfigDataProtocol;
+  BOOLEAN                                 TlsConfigDataProtocolInstalled;
+};
+
 struct _RESTEX_INSTANCE {
   UINT32                     Signature;
   LIST_ENTRY                 Link;
@@ -107,6 +124,8 @@ struct _RESTEX_INSTANCE {
 
   EFI_REST_EX_CONFIG_DATA    ConfigData;
 
+  RESTEX_HTTPS_CONTEXT       *RestExHttpsContext;
+
   //
   // HTTP_IO to access the HTTP service
   //
diff --git a/RedfishPkg/RedfishRestExDxe/RedfishRestExDriver.c b/RedfishPkg/RedfishRestExDxe/RedfishRestExDriver.c
index 7036aed4268..f897248fc44 100644
--- a/RedfishPkg/RedfishRestExDxe/RedfishRestExDriver.c
+++ b/RedfishPkg/RedfishRestExDxe/RedfishRestExDriver.c
@@ -76,8 +76,26 @@ RestExDestroyInstance (
   IN RESTEX_INSTANCE  *Instance
   )
 {
-  HttpIoDestroyIo (&(Instance->HttpIo));
+  EFI_STATUS  Status;
 
+  if ((Instance != NULL) &&
+      (Instance->RestExHttpsContext != NULL) &&
+      (Instance->RestExHttpsContext->TlsConfigDataProtocolInstalled)
+      )
+  {
+    Status = gBS->UninstallProtocolInterface (
+                    Instance->HttpIo.Handle,
+                    &gEdkiiHttpsTlsConfigDataProtocolGuid,
+                    (VOID *)&Instance->RestExHttpsContext->TlsConfigDataProtocol
+                    );
+    if (EFI_ERROR (Status)) {
+      DEBUG ((DEBUG_ERROR, "%a: Fail to uninstall gEdkiiHttpsTlsConfigDataProtocolGuid.\n", __func__));
+    }
+
+    FreePool (Instance->RestExHttpsContext);
+  }
+
+  HttpIoDestroyIo (&(Instance->HttpIo));
   FreePool (Instance);
 }
 
@@ -266,6 +284,56 @@ RestExCreateService (
   return Status;
 }
 
+/**
+  Initial EDKII_HTTPS_TLS_CONFIG_DATA_PROTOCOL for Redfish REST EX TLS.
+
+  @param[in]  Instance  REST EX internal structure instance.
+
+**/
+VOID
+RedfishHttpsTlsConfigData (
+  IN  RESTEX_INSTANCE  *Instance
+  )
+{
+  EFI_STATUS            Status;
+  RESTEX_HTTPS_CONTEXT  *RestExHttpsContext;
+
+  RestExHttpsContext = AllocateZeroPool (sizeof (RESTEX_HTTPS_CONTEXT));
+  if (RestExHttpsContext == NULL) {
+    DEBUG ((DEBUG_ERROR, "%a: Allocate memory fail for RESTEX_HTTPS_CONTEXT\n", __func__));
+    return;
+  }
+
+  if (Instance->HttpIo.Handle == NULL) {
+    DEBUG ((DEBUG_ERROR, "%a: Invalid HTTP handle.\n", __func__));
+    return;
+  }
+
+  RestExHttpsContext->Signature                                                    = RESTEX_HTTPS_CONTEXT_SIGNATURE;
+  RestExHttpsContext->TlsConfigDataProtocol.Version.Major                          = 1;
+  RestExHttpsContext->TlsConfigDataProtocol.Version.Minor                          = 0;
+  RestExHttpsContext->TlsConfigDataProtocol.HttpsTlsConfigData.ConnectionEnd       = EfiTlsClient;
+  RestExHttpsContext->TlsConfigDataProtocol.HttpsTlsConfigData.VerifyMethod        = EFI_TLS_VERIFY_NONE;
+  RestExHttpsContext->TlsConfigDataProtocol.HttpsTlsConfigData.VerifyHost.Flags    = EFI_TLS_VERIFY_FLAG_NONE;
+  RestExHttpsContext->TlsConfigDataProtocol.HttpsTlsConfigData.VerifyHost.HostName = "Redfish Service";
+
+  // Install EDKII_HTTPS_TLS_CONFIG_DATA_PROTOCOL;
+  Status = gBS->InstallProtocolInterface (
+                  &Instance->HttpIo.Handle,
+                  &gEdkiiHttpsTlsConfigDataProtocolGuid,
+                  EFI_NATIVE_INTERFACE,
+                  (VOID *)&RestExHttpsContext->TlsConfigDataProtocol
+                  );
+  if (EFI_ERROR (Status)) {
+    FreePool (RestExHttpsContext);
+    DEBUG ((DEBUG_ERROR, "%a: Fail to install EDKII_HTTPS_TLS_CONFIG_DATA_PROTOCOL.\n", __func__));
+    return;
+  }
+
+  RestExHttpsContext->TlsConfigDataProtocolInstalled = TRUE;
+  Instance->RestExHttpsContext                       = RestExHttpsContext;
+}
+
 /**
   This is the declaration of an EFI image entry point. This entry point is
   the same for UEFI Applications, UEFI OS Loaders, and UEFI Drivers including
@@ -286,8 +354,6 @@ RedfishRestExDriverEntryPoint (
 {
   EFI_STATUS  Status;
 
-  Status = EFI_SUCCESS;
-
   //
   // Install the RestEx Driver Binding Protocol.
   //
@@ -699,6 +765,13 @@ RedfishRestExServiceBindingCreateChild (
     goto ON_ERROR;
   }
 
+  //
+  // Set Redfish HTTPS TLS configuration data.
+  //
+  if (FixedPcdGetBool (PcdRedfishRestExHttpsTlsConfigData)) {
+    RedfishHttpsTlsConfigData (Instance);
+  }
+
   //
   // Add it to the parent's child list.
   //
-- 
2.37.1.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#113008): https://edk2.groups.io/g/devel/message/113008
Mute This Topic: https://groups.io/mt/103430433/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
[edk2-devel] [PATCH 1/5] NetworkPkg/HttpDxe: Refactor TlsCreateChild function
[edk2-devel] [PATCH 2/5] NetworkPkg: Introduce HttpsTlsConfigDataProtocol
[edk2-devel] [PATCH 3/5] NetworkPkg/HttpDxe: Use HttpsTlsConfigDataProtocol
[edk2-devel] [PATCH 4/5] RedfishPkg/RedfishRestExDxe: Produce EdkiiHttpsTlsConfigData protocol
[edk2-devel] [PATCH 5/5] RedfishPkg/RedfishRestExDxe: Update the Supported function