Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / estoraged / 15b63e12bdc3f3116fb841349dd4f1cd17a8398b / . / src / erase / cryptoErase.cpp
blob: 579370ec166791a358476a1e4d4865dd9981ba4d [file] [log] [blame]
John Edward Broadbent59dffa62022-01-13 17:41:32 -0800[diff] [blame]1#include "cryptErase.hpp"
2#include "cryptsetupInterface.hpp"
3#include "erase.hpp"
4
5#include <libcryptsetup.h>
6
7#include <phosphor-logging/lg2.hpp>
8#include <xyz/openbmc_project/Common/error.hpp>
9
10#include <memory>
11#include <string>
12#include <string_view>
13
14namespace estoraged
15{
16using sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure;
17using sdbusplus::xyz::openbmc_project::Common::Error::ResourceNotFound;
18
19CryptErase::CryptErase(
20 std::string_view devPathIn,
21 std::unique_ptr<estoraged::CryptsetupInterface> inCryptIface) :
Patrick Williams15b63e12024-08-16 15:22:01 -0400[diff] [blame^]22 Erase(devPathIn), cryptIface(std::move(inCryptIface))
John Edward Broadbent59dffa62022-01-13 17:41:32 -0800[diff] [blame]23{}
24
25void CryptErase::doErase()
26{
27 /* get cryptHandle */
John Edward Broadbentb2c86be2022-04-15 11:45:53 -0700[diff] [blame]28 CryptHandle cryptHandle{devPath};
John Edward Broadbent59dffa62022-01-13 17:41:32 -0800[diff] [blame]29 /* cryptLoad */
Ed Tanous82897c32022-02-21 14:11:59 -0800[diff] [blame]30 if (cryptIface->cryptLoad(cryptHandle.get(), CRYPT_LUKS2, nullptr) != 0)
John Edward Broadbent59dffa62022-01-13 17:41:32 -0800[diff] [blame]31 {
32 lg2::error("Failed to load the key slots for destruction",
33 "REDFISH_MESSAGE_ID",
34 std::string("OpenBMC.0.1.EraseFailure"));
35 throw ResourceNotFound();
36 }
37
38 /* find key slots */
Ed Tanous82897c32022-02-21 14:11:59 -0800[diff] [blame]39 int nKeySlots = cryptIface->cryptKeySlotMax(CRYPT_LUKS2);
John Edward Broadbent59dffa62022-01-13 17:41:32 -0800[diff] [blame]40 if (nKeySlots < 0)
41 {
42 lg2::error("Failed to find the max keyslots", "REDFISH_MESSAGE_ID",
43 std::string("OpenBMC.0.1.EraseFailure"));
44 throw ResourceNotFound();
45 }
46
47 if (nKeySlots == 0)
48 {
49 lg2::error("Max keyslots should never be zero", "REDFISH_MESSAGE_ID",
50 std::string("OpenBMC.0.1.EraseFailure"));
51 throw ResourceNotFound();
52 }
53
Manojkiran Edad4554f22024-06-17 14:11:30 +0530[diff] [blame]54 /* destroy working keyslots */
John Edward Broadbent59dffa62022-01-13 17:41:32 -0800[diff] [blame]55 bool keySlotIssue = false;
56 for (int i = 0; i < nKeySlots; i++)
57 {
58 crypt_keyslot_info ki =
Ed Tanous82897c32022-02-21 14:11:59 -0800[diff] [blame]59 cryptIface->cryptKeySlotStatus(cryptHandle.get(), i);
John Edward Broadbent59dffa62022-01-13 17:41:32 -0800[diff] [blame]60
61 if (ki == CRYPT_SLOT_ACTIVE || ki == CRYPT_SLOT_ACTIVE_LAST)
62 {
Ed Tanous82897c32022-02-21 14:11:59 -0800[diff] [blame]63 if (cryptIface->cryptKeyslotDestroy(cryptHandle.get(), i) != 0)
John Edward Broadbent59dffa62022-01-13 17:41:32 -0800[diff] [blame]64 {
65 lg2::error(
66 "Estoraged erase failed to destroy keyslot, continuing",
67 "REDFISH_MESSAGE_ID",
68 std::string("eStorageD.1.0.EraseFailure"));
69 keySlotIssue = true;
70 }
71 }
72 }
73 if (keySlotIssue)
74 {
75 throw InternalFailure();
76 }
77}
78
79} // namespace estoraged