RedfishPkg: PlatformHostInterfaceBmcUsbNicLib: use credential protocol

This patch replaces call of IpmiSubmitCommand() issued
REDFISH_IPMI_BOOTSTRAP_CREDENTIAL_ENABLE IPMI command to check
whether bootstrap credential support enabled or not.
The problem is that in accordance with IPMI spec while handling
such command BMC creates bootstrap account. The credentials of this account
is returned as a response. Obviously in this code the response is not used.
From the other side there is an implementation
of EDKII_REDFISH_CREDENTIAL_PROTOCOL exists and used by
RedfishPlatformCredentialIpmiLib.

By design RedfishPlatformCredentialIpmiLib keeps returned bootstrap
credentials and uses it later. So all services using
EDKII_REDFISH_CREDENTIAL_PROTOCOL instance operates with a same
credentials.
Current design of PlatformHostInterfaceBmcUsbNicLib leads to creation
of two bootstrap accounts on BMC side. This is on nesseccary and one
account is not used at all.

Using EDKII_REDFISH_CREDENTIAL_PROTOCOL prevents from creating useless
bootstrap account on BMC side.

Signed-off-by: Mike Maslenkin <[email protected]>

RedfishPkg/Library/PlatformHostInterfaceBmcUsbNicLib/PlatformHostInterfaceBmcUsbNicLib.c

@@ -23,55 +23,61 @@ static LIST_ENTRY  mBmcIpmiLan;
   Bootstrapping.
 
   @retval TRUE   Yes, it is supported.
-          TRUE   No, it is not supported.
+          FALSE  No, it is not supported.
 
 **/
 BOOLEAN
 ProbeRedfishCredentialBootstrap (
   VOID
   )
 {
-  EFI_STATUS                                  Status;
-  IPMI_BOOTSTRAP_CREDENTIALS_COMMAND_DATA     CommandData;
-  IPMI_BOOTSTRAP_CREDENTIALS_RESULT_RESPONSE  ResponseData;
-  UINT32                                      ResponseSize;
-  BOOLEAN                                     ReturnBool;
+  EDKII_REDFISH_AUTH_METHOD           AuthMethod;
+  EDKII_REDFISH_CREDENTIAL2_PROTOCOL  *CredentialProtocol;
+  CHAR8                               *UserName;
+  CHAR8                               *Password;
+  BOOLEAN                             ReturnBool;
+  EFI_STATUS                          Status;
 
   DEBUG ((DEBUG_MANAGEABILITY, "%a: Entry\n", __func__));
 
+  ReturnBool = FALSE;
   //
-  // IPMI callout to NetFn 2C, command 02
-  //    Request data:
-  //      Byte 1: REDFISH_IPMI_GROUP_EXTENSION
-  //      Byte 2: DisableBootstrapControl
+  // Locate HII credential protocol.
   //
-  CommandData.GroupExtensionId        = REDFISH_IPMI_GROUP_EXTENSION;
-  CommandData.DisableBootstrapControl = REDFISH_IPMI_BOOTSTRAP_CREDENTIAL_ENABLE;
-  ResponseData.CompletionCode         = IPMI_COMP_CODE_UNSPECIFIED;
-  ResponseSize                        = sizeof (ResponseData);
-  //
-  //  Response data: Ignored.
-  //
-  Status = IpmiSubmitCommand (
-             IPMI_NETFN_GROUP_EXT,
-             REDFISH_IPMI_GET_BOOTSTRAP_CREDENTIALS_CMD,
-             (UINT8 *)&CommandData,
-             sizeof (CommandData),
-             (UINT8 *)&ResponseData,
-             &ResponseSize
-             );
-  if (!EFI_ERROR (Status) &&
-      ((ResponseData.CompletionCode == IPMI_COMP_CODE_NORMAL) ||
-       (ResponseData.CompletionCode == REDFISH_IPMI_COMP_CODE_BOOTSTRAP_CREDENTIAL_DISABLED)
-      ))
-  {
-    DEBUG ((DEBUG_REDFISH_HOST_INTERFACE, "    Redfish Credential Bootstrapping is supported\n"));
+  Status = gBS->LocateProtocol (
+                  &gEdkIIRedfishCredential2ProtocolGuid,
+                  NULL,
+                  (VOID **)&CredentialProtocol
+                  );
+  if (EFI_ERROR (Status)) {
+    ASSERT_EFI_ERROR (Status);
+    return FALSE;
+  }
+
+  Status = CredentialProtocol->GetAuthInfo (
+                                 CredentialProtocol,
+                                 &AuthMethod,
+                                 &UserName,
+                                 &Password
+                                 );
+  if (!EFI_ERROR (Status)) {
+    ZeroMem (Password, AsciiStrSize (Password));
+    FreePool (Password);
+    ZeroMem (UserName, AsciiStrSize (UserName));
+    FreePool (UserName);
     ReturnBool = TRUE;
   } else {
-    DEBUG ((DEBUG_REDFISH_HOST_INTERFACE, "    Redfish Credential Bootstrapping is not supported\n"));
-    ReturnBool = FALSE;
+    if (Status == EFI_ACCESS_DENIED) {
+      // bootstrap credential support was disabled
+      ReturnBool = TRUE;
+    }
   }
 
+  DEBUG ((
+    DEBUG_REDFISH_HOST_INTERFACE,
+    "    Redfish Credential Bootstrapping is %a\n",
+    ReturnBool ? "supported" : "not supported"
+    ));
   return ReturnBool;
 }
 
@@ -1201,9 +1207,9 @@ CheckBmcUsbNic (
 
   DEBUG ((DEBUG_MANAGEABILITY, "%a: Entry, the registration key - 0x%08x.\n", __func__, Registration));
 
-  Handle = NULL;
+  Handle       = NULL;
   HandleBuffer = NULL;
-  Status = EFI_SUCCESS;
+  Status       = EFI_SUCCESS;
 
   do {
     BufferSize = 0;

RedfishPkg/Library/PlatformHostInterfaceBmcUsbNicLib/PlatformHostInterfaceBmcUsbNicLib.h

@@ -21,14 +21,14 @@
 #include <Library/BaseMemoryLib.h>
 #include <Library/DebugLib.h>
 #include <Library/DevicePathLib.h>
-#include <Library/IpmiLib.h>
 #include <Library/IpmiCommandLib.h>
 #include <Library/RedfishHostInterfaceLib.h>
 #include <Library/MemoryAllocationLib.h>
 #include <Library/UefiBootServicesTableLib.h>
 #include <Library/DevicePathLib.h>
 #include <Library/RedfishDebugLib.h>
 
+#include <Protocol/EdkIIRedfishCredential2.h>
 #include <Protocol/SimpleNetwork.h>
 #include <Protocol/UsbIo.h>
 

RedfishPkg/Library/PlatformHostInterfaceBmcUsbNicLib/PlatformHostInterfaceBmcUsbNicLib.inf

@@ -29,7 +29,6 @@
 [LibraryClasses]
   BaseMemoryLib
   DebugLib
-  IpmiLib
   IpmiCommandLib
   MemoryAllocationLib
   UefiLib
@@ -39,6 +38,7 @@
   gEfiSimpleNetworkProtocolGuid                 ## CONSUMED
   gEfiUsbIoProtocolGuid                         ## CONSUMED
   gEfiDevicePathProtocolGuid                    ## CONSUMED
+  gEdkIIRedfishCredential2ProtocolGuid          ## CONSUMED
 
 [Pcd]
   gEfiRedfishPkgTokenSpaceGuid.PcdRedfishHostName     ## CONSUMED
@@ -47,3 +47,4 @@
 
 [Depex]
   gIpmiProtocolGuid
+  AND gEdkIIRedfishCredential2ProtocolGuid