Change ownership of handle to eStorageD object
Clients used to create both the CryptHandle and the eStorageD objects
using the same information. Then the client would pass the CryptHandle
into eStorageD methods in order to perform crypto methods. This change
creates the CryptHandle closer to where it is used. This makes the code
simpler and easier to understand.
Tested:
busctl call xyz.openbmc_project.eStoraged.mmcblk0 \
> /xyz/openbmc_project/inventory/storage/mmcblk0 \
> xyz.openbmc_project.Inventory.Item.Volume FormatLuks ays 3 1 2 3 \
> xyz.openbmc_project.Inventory.Item.Volume.FilesystemType.ext4 \
> --timeout=60
Change-Id: I276e97146f4498191eb19512bc244a1e8d9cd2cb
Signed-off-by: John Edward Broadbent <jebr@google.com>
diff --git a/src/estoraged.cpp b/src/estoraged.cpp
index c1ac2fd..6ea2cb2 100644
--- a/src/estoraged.cpp
+++ b/src/estoraged.cpp
@@ -102,10 +102,8 @@
throw UnsupportedRequest();
}
- CryptHandle cryptHandle(devPath.c_str());
-
- formatLuksDev(cryptHandle.get(), password);
- activateLuksDev(cryptHandle.get(), password);
+ formatLuksDev(password);
+ activateLuksDev(password);
createFilesystem();
mountFilesystem();
@@ -187,9 +185,7 @@
std::string msg = "OpenBMC.0.1.DriveUnlock";
lg2::info("Starting unlock", "REDFISH_MESSAGE_ID", msg);
- CryptHandle cryptHandle(devPath.c_str());
-
- activateLuksDev(cryptHandle.get(), std::move(password));
+ activateLuksDev(std::move(password));
mountFilesystem();
}
@@ -211,8 +207,7 @@
return mountPoint;
}
-void EStoraged::formatLuksDev(struct crypt_device* cd,
- std::vector<uint8_t> password)
+void EStoraged::formatLuksDev(std::vector<uint8_t> password)
{
lg2::info("Formatting device {DEV}", "DEV", devPath, "REDFISH_MESSAGE_ID",
std::string("OpenBMC.0.1.FormatLuksDev"));
@@ -226,11 +221,15 @@
std::string("OpenBMC.0.1.FormatLuksDevFail"));
throw InternalFailure();
}
+
+ /* Create the handle. */
+ CryptHandle cryptHandle(devPath);
+
/* Format the LUKS encrypted device. */
- int retval =
- cryptIface->cryptFormat(cd, CRYPT_LUKS2, "aes", "xts-plain64", nullptr,
- reinterpret_cast<const char*>(volumeKey.data()),
- volumeKey.size(), nullptr);
+ int retval = cryptIface->cryptFormat(
+ cryptHandle.get(), CRYPT_LUKS2, "aes", "xts-plain64", nullptr,
+ reinterpret_cast<const char*>(volumeKey.data()), volumeKey.size(),
+ nullptr);
if (retval < 0)
{
lg2::error("Failed to format encrypted device: {RETVAL}", "RETVAL",
@@ -244,7 +243,7 @@
/* Set the password. */
retval = cryptIface->cryptKeyslotAddByVolumeKey(
- cd, CRYPT_ANY_SLOT, nullptr, 0,
+ cryptHandle.get(), CRYPT_ANY_SLOT, nullptr, 0,
reinterpret_cast<const char*>(password.data()), password.size());
if (retval < 0)
@@ -259,13 +258,15 @@
std::string("OpenBMC.0.1.FormatLuksDevSuccess"));
}
-void EStoraged::activateLuksDev(struct crypt_device* cd,
- std::vector<uint8_t> password)
+void EStoraged::activateLuksDev(std::vector<uint8_t> password)
{
lg2::info("Activating LUKS dev {DEV}", "DEV", devPath, "REDFISH_MESSAGE_ID",
std::string("OpenBMC.0.1.ActivateLuksDev"));
- int retval = cryptIface->cryptLoad(cd, CRYPT_LUKS2, nullptr);
+ /* Create the handle. */
+ CryptHandle cryptHandle(devPath);
+
+ int retval = cryptIface->cryptLoad(cryptHandle.get(), CRYPT_LUKS2, nullptr);
if (retval < 0)
{
lg2::error("Failed to load LUKS header: {RETVAL}", "RETVAL", retval,
@@ -275,7 +276,7 @@
}
retval = cryptIface->cryptActivateByPassphrase(
- cd, containerName.c_str(), CRYPT_ANY_SLOT,
+ cryptHandle.get(), containerName.c_str(), CRYPT_ANY_SLOT,
reinterpret_cast<const char*>(password.data()), password.size(), 0);
if (retval < 0)