| John Edward Broadbent | 59dffa6 | 2022-01-13 17:41:32 -0800 | [diff] [blame^] | 1 | #include "cryptErase.hpp" |
| 2 | #include "cryptsetupInterface.hpp" |
| 3 | #include "erase.hpp" |
| 4 | |
| 5 | #include <libcryptsetup.h> |
| 6 | |
| 7 | #include <phosphor-logging/lg2.hpp> |
| 8 | #include <xyz/openbmc_project/Common/error.hpp> |
| 9 | |
| 10 | #include <memory> |
| 11 | #include <string> |
| 12 | #include <string_view> |
| 13 | |
| 14 | namespace estoraged |
| 15 | { |
| 16 | using sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure; |
| 17 | using sdbusplus::xyz::openbmc_project::Common::Error::ResourceNotFound; |
| 18 | |
| 19 | CryptErase::CryptErase( |
| 20 | std::string_view devPathIn, |
| 21 | std::unique_ptr<estoraged::CryptsetupInterface> inCryptIface) : |
| 22 | Erase(devPathIn), |
| 23 | cryptIface(std::move(inCryptIface)) |
| 24 | {} |
| 25 | |
| 26 | void CryptErase::doErase() |
| 27 | { |
| 28 | /* get cryptHandle */ |
| 29 | CryptHandle cryptHandle(std::string(devPath).c_str()); |
| 30 | if (cryptHandle.get() == nullptr) |
| 31 | { |
| 32 | lg2::error("Failed to initialize crypt device", "REDFISH_MESSAGE_ID", |
| 33 | std::string("OpenBMC.0.1.EraseFailure")); |
| 34 | throw ResourceNotFound(); |
| 35 | } |
| 36 | /* cryptLoad */ |
| 37 | if (cryptIface.get()->cryptLoad(cryptHandle.get(), CRYPT_LUKS2, nullptr) != |
| 38 | 0) |
| 39 | { |
| 40 | lg2::error("Failed to load the key slots for destruction", |
| 41 | "REDFISH_MESSAGE_ID", |
| 42 | std::string("OpenBMC.0.1.EraseFailure")); |
| 43 | throw ResourceNotFound(); |
| 44 | } |
| 45 | |
| 46 | /* find key slots */ |
| 47 | int nKeySlots = cryptIface.get()->cryptKeySlotMax(CRYPT_LUKS2); |
| 48 | if (nKeySlots < 0) |
| 49 | { |
| 50 | lg2::error("Failed to find the max keyslots", "REDFISH_MESSAGE_ID", |
| 51 | std::string("OpenBMC.0.1.EraseFailure")); |
| 52 | throw ResourceNotFound(); |
| 53 | } |
| 54 | |
| 55 | if (nKeySlots == 0) |
| 56 | { |
| 57 | lg2::error("Max keyslots should never be zero", "REDFISH_MESSAGE_ID", |
| 58 | std::string("OpenBMC.0.1.EraseFailure")); |
| 59 | throw ResourceNotFound(); |
| 60 | } |
| 61 | |
| 62 | /* destory working keyslots */ |
| 63 | bool keySlotIssue = false; |
| 64 | for (int i = 0; i < nKeySlots; i++) |
| 65 | { |
| 66 | crypt_keyslot_info ki = |
| 67 | cryptIface.get()->cryptKeySlotStatus(cryptHandle.get(), i); |
| 68 | |
| 69 | if (ki == CRYPT_SLOT_ACTIVE || ki == CRYPT_SLOT_ACTIVE_LAST) |
| 70 | { |
| 71 | if (cryptIface.get()->cryptKeyslotDestroy(cryptHandle.get(), i) != |
| 72 | 0) |
| 73 | { |
| 74 | lg2::error( |
| 75 | "Estoraged erase failed to destroy keyslot, continuing", |
| 76 | "REDFISH_MESSAGE_ID", |
| 77 | std::string("eStorageD.1.0.EraseFailure")); |
| 78 | keySlotIssue = true; |
| 79 | } |
| 80 | } |
| 81 | } |
| 82 | if (keySlotIssue) |
| 83 | { |
| 84 | throw InternalFailure(); |
| 85 | } |
| 86 | } |
| 87 | |
| 88 | } // namespace estoraged |