| commit | 91c1ec1bdd87839aaea11e5751282c820574f943 | [log] [tgz] |
|---|---|---|
| author | John Edward Broadbent <jebr@google.com> | Fri May 20 16:51:43 2022 -0700 |
| committer | John Edward Broadbent <jebr@google.com> | Mon Jun 06 17:28:15 2022 -0700 |
| tree | 1b7854d49ce9dc83dfc2b58d839c926a2f91a6f6 | |
| parent | 4906f4ef7e04ddbbf18a401a5b9963748270cce2 [diff] |
Add DriveEncryptionState property Tested: Verify the property is as expected (Encrypted). Then wipe the disk, and re-check the value to verify it is as expected (unknown). $ busctl get-property xyz.openbmc_project.eStoraged \ /xyz/openbmc_project/inventory/storage/mmcblk0 \ xyz.openbmc_project.Inventory.Item.Drive EncryptionStatus s \ "xyz.openbmc_project.Inventory.Item.Drive.DriveEncryptionState.Encrypted" $ busctl call xyz.openbmc_project.eStoraged \ /xyz/openbmc_project/inventory/storage/mmcblk0 \ xyz.openbmc_project.Inventory.Item.Volume Erase s \ xyz.openbmc_project.Inventory.Item.Volume.EraseMethod.VendorSanitize $ busctl get-property xyz.openbmc_project.eStoraged \ /xyz/openbmc_project/inventory/storage/mmcblk0 \ xyz.openbmc_project.Inventory.Item.Drive EncryptionStatus s \ "xyz.openbmc_project.Inventory.Item.Drive.DriveEncryptionState.Unknown" Signed-off-by: John Edward Broadbent <jebr@google.com> Change-Id: I4abba7a1e7f047c481aaf4938b2b1e2b7d7ec6be
This daemon serves as an abstraction for an encrypted storage device, encapsulating the security functionality and providing a D-Bus interface to manage the encrypted filesystem on the device. Using the D-Bus interface, other software components can interact with eStoraged to do things like create a new encrypted filesystem, wipe its contents, lock/unlock the device, or change the password.