Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / estoraged / 5d799bb97ca8759f39a35f1121f77b03c4efbfba / . / src / estoraged.cpp
blob: 96461398adc4dec6bbe07a5c622143e06af841e0 [file] [log] [blame]
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]1
2#include "estoraged.hpp"
3
John Edward Broadbent59dffa62022-01-13 17:41:32 -0800[diff] [blame]4#include "cryptErase.hpp"
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]5#include "cryptsetupInterface.hpp"
John Edward Broadbent7f2ab642021-11-11 21:00:38 -0800[diff] [blame]6#include "pattern.hpp"
John Edward Broadbent605085a2021-11-05 13:45:45 -0700[diff] [blame]7#include "sanitize.hpp"
John Edward Broadbente6ffe702021-10-14 14:03:11 -0700[diff] [blame]8#include "verifyDriveGeometry.hpp"
John Edward Broadbent4bc8a102021-12-30 16:11:49 -0800[diff] [blame]9#include "zero.hpp"
John Edward Broadbent4e13b0a2021-11-15 15:21:59 -0800[diff] [blame]10
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]11#include <libcryptsetup.h>
12#include <openssl/rand.h>
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]13
14#include <phosphor-logging/lg2.hpp>
John Wedig67a47442022-04-05 17:21:29 -0700[diff] [blame]15#include <sdbusplus/asio/object_server.hpp>
John Wedig972c3fa2021-12-29 17:30:41 -0800[diff] [blame]16#include <xyz/openbmc_project/Common/error.hpp>
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]17
Ed Tanous82897c32022-02-21 14:11:59 -0800[diff] [blame]18#include <cstdlib>
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]19#include <filesystem>
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]20#include <iostream>
John Wedig67a47442022-04-05 17:21:29 -0700[diff] [blame]21#include <string>
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]22#include <string_view>
John Wedig67a47442022-04-05 17:21:29 -0700[diff] [blame]23#include <utility>
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]24#include <vector>
25
26namespace estoraged
27{
28
John Wedig972c3fa2021-12-29 17:30:41 -0800[diff] [blame]29using sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure;
30using sdbusplus::xyz::openbmc_project::Common::Error::ResourceNotFound;
31using sdbusplus::xyz::openbmc_project::Common::Error::UnsupportedRequest;
John Wedig67a47442022-04-05 17:21:29 -0700[diff] [blame]32using sdbusplus::xyz::openbmc_project::Inventory::Item::server::Volume;
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]33
John Wedig67a47442022-04-05 17:21:29 -0700[diff] [blame]34EStoraged::EStoraged(sdbusplus::asio::object_server& server,
35 const std::string& devPath, const std::string& luksName,
John Edward Broadbent5d799bb2022-03-22 16:14:24 -0700[diff] [blame^]36 uint64_t size, uint8_t lifeTime,
John Wedig67a47442022-04-05 17:21:29 -0700[diff] [blame]37 std::unique_ptr<CryptsetupInterface> cryptInterface,
38 std::unique_ptr<FilesystemInterface> fsInterface) :
39 devPath(devPath),
40 containerName(luksName), mountPoint("/mnt/" + luksName + "_fs"),
41 lockedProperty(false), cryptIface(std::move(cryptInterface)),
42 fsIface(std::move(fsInterface)), objectServer(server)
43{
44 /* Get the filename of the device (without "/dev/"). */
45 std::string deviceName = std::filesystem::path(devPath).filename().string();
46 /* DBus object path */
47 std::string path = "/xyz/openbmc_project/inventory/storage/" + deviceName;
48
49 /* Add Volume interface. */
50 volumeInterface = objectServer.add_interface(
51 path, "xyz.openbmc_project.Inventory.Item.Volume");
52 volumeInterface->register_method(
53 "FormatLuks", [this](const std::vector<uint8_t>& password,
54 Volume::FilesystemType type) {
55 this->formatLuks(password, type);
56 });
57 volumeInterface->register_method(
58 "Erase",
59 [this](Volume::EraseMethod eraseType) { this->erase(eraseType); });
60 volumeInterface->register_method("Lock", [this]() { this->lock(); });
61 volumeInterface->register_method(
62 "Unlock",
63 [this](std::vector<uint8_t>& password) { this->unlock(password); });
64 volumeInterface->register_method(
65 "ChangePassword", [this](const std::vector<uint8_t>& oldPassword,
66 const std::vector<uint8_t>& newPassword) {
67 this->changePassword(oldPassword, newPassword);
68 });
69 volumeInterface->register_property_r(
70 "Locked", lockedProperty, sdbusplus::vtable::property_::emits_change,
71 [this](bool& value) {
72 value = this->isLocked();
73 return value;
74 });
75
76 /* Add Drive interface. */
77 driveInterface = objectServer.add_interface(
78 path, "xyz.openbmc_project.Inventory.Item.Drive");
79 driveInterface->register_property("Capacity", size);
John Edward Broadbent5d799bb2022-03-22 16:14:24 -0700[diff] [blame^]80 driveInterface->register_property("PredictedMediaLifeLeftPercent",
81 lifeTime);
John Wedig67a47442022-04-05 17:21:29 -0700[diff] [blame]82
83 volumeInterface->initialize();
84 driveInterface->initialize();
85}
86
87EStoraged::~EStoraged()
88{
89 objectServer.remove_interface(volumeInterface);
90 objectServer.remove_interface(driveInterface);
91}
92
93void EStoraged::formatLuks(const std::vector<uint8_t>& password,
94 Volume::FilesystemType type)
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]95{
John Edward Broadbent4e13b0a2021-11-15 15:21:59 -0800[diff] [blame]96 std::string msg = "OpenBMC.0.1.DriveFormat";
97 lg2::info("Starting format", "REDFISH_MESSAGE_ID", msg);
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]98
John Wedig67a47442022-04-05 17:21:29 -0700[diff] [blame]99 if (type != Volume::FilesystemType::ext4)
John Wedig972c3fa2021-12-29 17:30:41 -0800[diff] [blame]100 {
101 lg2::error("Only ext4 filesystems are supported currently",
102 "REDFISH_MESSAGE_ID", std::string("OpenBMC.0.1.FormatFail"));
103 throw UnsupportedRequest();
104 }
105
John Wedig6218dc52021-12-03 09:36:35 -0800[diff] [blame]106 CryptHandle cryptHandle(devPath.c_str());
107 if (cryptHandle.get() == nullptr)
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]108 {
109 lg2::error("Failed to initialize crypt device", "REDFISH_MESSAGE_ID",
110 std::string("OpenBMC.0.1.FormatFail"));
John Wedig972c3fa2021-12-29 17:30:41 -0800[diff] [blame]111 throw ResourceNotFound();
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]112 }
113
John Wedig6218dc52021-12-03 09:36:35 -0800[diff] [blame]114 formatLuksDev(cryptHandle.get(), password);
115 activateLuksDev(cryptHandle.get(), password);
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]116
117 createFilesystem();
118 mountFilesystem();
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]119}
120
John Wedig67a47442022-04-05 17:21:29 -0700[diff] [blame]121void EStoraged::erase(Volume::EraseMethod inEraseMethod)
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]122{
123 std::cerr << "Erasing encrypted eMMC" << std::endl;
John Edward Broadbente6ffe702021-10-14 14:03:11 -0700[diff] [blame]124 lg2::info("Starting erase", "REDFISH_MESSAGE_ID",
125 std::string("OpenBMC.0.1.DriveErase"));
126 switch (inEraseMethod)
127 {
John Wedig67a47442022-04-05 17:21:29 -0700[diff] [blame]128 case Volume::EraseMethod::CryptoErase:
John Edward Broadbente6ffe702021-10-14 14:03:11 -0700[diff] [blame]129 {
John Edward Broadbent59dffa62022-01-13 17:41:32 -0800[diff] [blame]130 CryptErase myCryptErase(devPath);
131 myCryptErase.doErase();
John Edward Broadbente6ffe702021-10-14 14:03:11 -0700[diff] [blame]132 break;
133 }
John Wedig67a47442022-04-05 17:21:29 -0700[diff] [blame]134 case Volume::EraseMethod::VerifyGeometry:
John Edward Broadbente6ffe702021-10-14 14:03:11 -0700[diff] [blame]135 {
136 VerifyDriveGeometry myVerifyGeometry(devPath);
John Edward Broadbenta6e3b992022-03-17 14:33:15 -0700[diff] [blame]137 myVerifyGeometry.geometryOkay();
John Edward Broadbente6ffe702021-10-14 14:03:11 -0700[diff] [blame]138 break;
139 }
John Wedig67a47442022-04-05 17:21:29 -0700[diff] [blame]140 case Volume::EraseMethod::LogicalOverWrite:
John Edward Broadbente6ffe702021-10-14 14:03:11 -0700[diff] [blame]141 {
John Edward Broadbent7f2ab642021-11-11 21:00:38 -0800[diff] [blame]142 Pattern myErasePattern(devPath);
John Edward Broadbenta6e3b992022-03-17 14:33:15 -0700[diff] [blame]143 myErasePattern.writePattern();
John Edward Broadbente6ffe702021-10-14 14:03:11 -0700[diff] [blame]144 break;
145 }
John Wedig67a47442022-04-05 17:21:29 -0700[diff] [blame]146 case Volume::EraseMethod::LogicalVerify:
John Edward Broadbente6ffe702021-10-14 14:03:11 -0700[diff] [blame]147 {
John Edward Broadbent7f2ab642021-11-11 21:00:38 -0800[diff] [blame]148 Pattern myErasePattern(devPath);
John Edward Broadbenta6e3b992022-03-17 14:33:15 -0700[diff] [blame]149 myErasePattern.verifyPattern();
John Edward Broadbente6ffe702021-10-14 14:03:11 -0700[diff] [blame]150 break;
151 }
John Wedig67a47442022-04-05 17:21:29 -0700[diff] [blame]152 case Volume::EraseMethod::VendorSanitize:
John Edward Broadbente6ffe702021-10-14 14:03:11 -0700[diff] [blame]153 {
John Edward Broadbent605085a2021-11-05 13:45:45 -0700[diff] [blame]154 Sanitize mySanitize(devPath);
155 mySanitize.doSanitize();
John Edward Broadbente6ffe702021-10-14 14:03:11 -0700[diff] [blame]156 break;
157 }
John Wedig67a47442022-04-05 17:21:29 -0700[diff] [blame]158 case Volume::EraseMethod::ZeroOverWrite:
John Edward Broadbente6ffe702021-10-14 14:03:11 -0700[diff] [blame]159 {
John Edward Broadbent4bc8a102021-12-30 16:11:49 -0800[diff] [blame]160 Zero myZero(devPath);
John Edward Broadbenta6e3b992022-03-17 14:33:15 -0700[diff] [blame]161 myZero.writeZero();
John Edward Broadbente6ffe702021-10-14 14:03:11 -0700[diff] [blame]162 break;
163 }
John Wedig67a47442022-04-05 17:21:29 -0700[diff] [blame]164 case Volume::EraseMethod::ZeroVerify:
John Edward Broadbente6ffe702021-10-14 14:03:11 -0700[diff] [blame]165 {
John Edward Broadbent4bc8a102021-12-30 16:11:49 -0800[diff] [blame]166 Zero myZero(devPath);
John Edward Broadbenta6e3b992022-03-17 14:33:15 -0700[diff] [blame]167 myZero.verifyZero();
John Edward Broadbente6ffe702021-10-14 14:03:11 -0700[diff] [blame]168 break;
169 }
John Wedig67a47442022-04-05 17:21:29 -0700[diff] [blame]170 case Volume::EraseMethod::SecuredLocked:
John Edward Broadbente6ffe702021-10-14 14:03:11 -0700[diff] [blame]171 {
John Edward Broadbentf59b7292022-02-15 15:07:15 -0800[diff] [blame]172 if (isLocked())
173 {
174 lock();
175 }
176 // TODO: implement hardware locking
177 // Until that is done, we can lock using eStoraged::lock()
John Edward Broadbente6ffe702021-10-14 14:03:11 -0700[diff] [blame]178 break;
179 }
180 }
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]181}
182
Ed Tanous82897c32022-02-21 14:11:59 -0800[diff] [blame]183void EStoraged::lock()
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]184{
John Edward Broadbent4e13b0a2021-11-15 15:21:59 -0800[diff] [blame]185 std::string msg = "OpenBMC.0.1.DriveLock";
186 lg2::info("Starting lock", "REDFISH_MESSAGE_ID", msg);
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]187
188 unmountFilesystem();
189 deactivateLuksDev();
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]190}
191
Ed Tanous82897c32022-02-21 14:11:59 -0800[diff] [blame]192void EStoraged::unlock(std::vector<uint8_t> password)
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]193{
John Edward Broadbent4e13b0a2021-11-15 15:21:59 -0800[diff] [blame]194 std::string msg = "OpenBMC.0.1.DriveUnlock";
195 lg2::info("Starting unlock", "REDFISH_MESSAGE_ID", msg);
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]196
John Wedig6218dc52021-12-03 09:36:35 -0800[diff] [blame]197 CryptHandle cryptHandle(devPath.c_str());
198 if (cryptHandle.get() == nullptr)
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]199 {
200 lg2::error("Failed to initialize crypt device", "REDFISH_MESSAGE_ID",
201 std::string("OpenBMC.0.1.UnlockFail"));
John Wedig972c3fa2021-12-29 17:30:41 -0800[diff] [blame]202 throw ResourceNotFound();
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]203 }
204
John Wedig67a47442022-04-05 17:21:29 -0700[diff] [blame]205 activateLuksDev(cryptHandle.get(), std::move(password));
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]206 mountFilesystem();
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]207}
208
John Wedig67a47442022-04-05 17:21:29 -0700[diff] [blame]209void EStoraged::changePassword(const std::vector<uint8_t>& /*oldPassword*/,
210 const std::vector<uint8_t>& /*newPassword*/)
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]211{
212 std::cerr << "Changing password for encrypted eMMC" << std::endl;
John Edward Broadbente6ffe702021-10-14 14:03:11 -0700[diff] [blame]213 lg2::info("Starting change password", "REDFISH_MESSAGE_ID",
214 std::string("OpenBMC.0.1.DrivePasswordChanged"));
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]215}
216
Ed Tanous82897c32022-02-21 14:11:59 -0800[diff] [blame]217bool EStoraged::isLocked() const
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]218{
John Wedig67a47442022-04-05 17:21:29 -0700[diff] [blame]219 return lockedProperty;
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]220}
221
Ed Tanous82897c32022-02-21 14:11:59 -0800[diff] [blame]222std::string_view EStoraged::getMountPoint() const
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]223{
224 return mountPoint;
225}
226
Ed Tanous82897c32022-02-21 14:11:59 -0800[diff] [blame]227void EStoraged::formatLuksDev(struct crypt_device* cd,
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]228 std::vector<uint8_t> password)
229{
230 lg2::info("Formatting device {DEV}", "DEV", devPath, "REDFISH_MESSAGE_ID",
231 std::string("OpenBMC.0.1.FormatLuksDev"));
232
233 /* Generate the volume key. */
234 const std::size_t keySize = 64;
235 std::vector<uint8_t> volumeKey(keySize);
236 if (RAND_bytes(volumeKey.data(), keySize) != 1)
237 {
238 lg2::error("Failed to create volume key", "REDFISH_MESSAGE_ID",
239 std::string("OpenBMC.0.1.FormatLuksDevFail"));
John Wedig972c3fa2021-12-29 17:30:41 -0800[diff] [blame]240 throw InternalFailure();
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]241 }
242 /* Format the LUKS encrypted device. */
243 int retval =
244 cryptIface->cryptFormat(cd, CRYPT_LUKS2, "aes", "xts-plain64", nullptr,
245 reinterpret_cast<const char*>(volumeKey.data()),
246 volumeKey.size(), nullptr);
247 if (retval < 0)
248 {
249 lg2::error("Failed to format encrypted device: {RETVAL}", "RETVAL",
250 retval, "REDFISH_MESSAGE_ID",
251 std::string("OpenBMC.0.1.FormatLuksDevFail"));
John Wedig972c3fa2021-12-29 17:30:41 -0800[diff] [blame]252 throw InternalFailure();
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]253 }
254
255 /* Device is now encrypted. */
256 locked(true);
257
258 /* Set the password. */
259 retval = cryptIface->cryptKeyslotAddByVolumeKey(
260 cd, CRYPT_ANY_SLOT, nullptr, 0,
261 reinterpret_cast<const char*>(password.data()), password.size());
262
263 if (retval < 0)
264 {
265 lg2::error("Failed to set encryption password", "REDFISH_MESSAGE_ID",
266 std::string("OpenBMC.0.1.FormatLuksDevFail"));
John Wedig972c3fa2021-12-29 17:30:41 -0800[diff] [blame]267 throw InternalFailure();
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]268 }
269
270 lg2::info("Encrypted device {DEV} successfully formatted", "DEV", devPath,
271 "REDFISH_MESSAGE_ID",
272 std::string("OpenBMC.0.1.FormatLuksDevSuccess"));
273}
274
Ed Tanous82897c32022-02-21 14:11:59 -0800[diff] [blame]275void EStoraged::activateLuksDev(struct crypt_device* cd,
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]276 std::vector<uint8_t> password)
277{
278 lg2::info("Activating LUKS dev {DEV}", "DEV", devPath, "REDFISH_MESSAGE_ID",
279 std::string("OpenBMC.0.1.ActivateLuksDev"));
280
281 int retval = cryptIface->cryptLoad(cd, CRYPT_LUKS2, nullptr);
282 if (retval < 0)
283 {
284 lg2::error("Failed to load LUKS header: {RETVAL}", "RETVAL", retval,
285 "REDFISH_MESSAGE_ID",
286 std::string("OpenBMC.0.1.ActivateLuksDevFail"));
John Wedig972c3fa2021-12-29 17:30:41 -0800[diff] [blame]287 throw InternalFailure();
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]288 }
289
290 retval = cryptIface->cryptActivateByPassphrase(
291 cd, containerName.c_str(), CRYPT_ANY_SLOT,
292 reinterpret_cast<const char*>(password.data()), password.size(), 0);
293
294 if (retval < 0)
295 {
296 lg2::error("Failed to activate LUKS dev: {RETVAL}", "RETVAL", retval,
297 "REDFISH_MESSAGE_ID",
298 std::string("OpenBMC.0.1.ActivateLuksDevFail"));
John Wedig972c3fa2021-12-29 17:30:41 -0800[diff] [blame]299 throw InternalFailure();
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]300 }
301
302 /* Device is now unlocked. */
303 locked(false);
304
305 lg2::info("Successfully activated LUKS dev {DEV}", "DEV", devPath,
306 "REDFISH_MESSAGE_ID",
307 std::string("OpenBMC.0.1.ActivateLuksDevSuccess"));
308}
309
Ed Tanous82897c32022-02-21 14:11:59 -0800[diff] [blame]310void EStoraged::createFilesystem()
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]311{
312 /* Run the command to create the filesystem. */
313 int retval = fsIface->runMkfs(containerName);
Ed Tanous82897c32022-02-21 14:11:59 -0800[diff] [blame]314 if (retval != 0)
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]315 {
316 lg2::error("Failed to create filesystem: {RETVAL}", "RETVAL", retval,
317 "REDFISH_MESSAGE_ID",
318 std::string("OpenBMC.0.1.CreateFilesystemFail"));
John Wedig972c3fa2021-12-29 17:30:41 -0800[diff] [blame]319 throw InternalFailure();
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]320 }
321 lg2::info("Successfully created filesystem for /dev/mapper/{CONTAINER}",
322 "CONTAINER", containerName, "REDFISH_MESSAGE_ID",
323 std::string("OpenBMC.0.1.CreateFilesystemSuccess"));
324}
325
Ed Tanous82897c32022-02-21 14:11:59 -0800[diff] [blame]326void EStoraged::mountFilesystem()
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]327{
John Wedigb17f8252022-01-12 14:24:26 -0800[diff] [blame]328 /*
329 * Create directory for the filesystem, if it's not already present. It
330 * might already exist if, for example, the BMC reboots after creating the
331 * directory.
332 */
333 if (!fsIface->directoryExists(std::filesystem::path(mountPoint)))
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]334 {
John Wedigb17f8252022-01-12 14:24:26 -0800[diff] [blame]335 bool success =
336 fsIface->createDirectory(std::filesystem::path(mountPoint));
337 if (!success)
338 {
339 lg2::error("Failed to create mount point: {DIR}", "DIR", mountPoint,
340 "REDFISH_MESSAGE_ID",
341 std::string("OpenBMC.0.1.MountFilesystemFail"));
342 throw InternalFailure();
343 }
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]344 }
345
346 /* Run the command to mount the filesystem. */
347 std::string luksContainer("/dev/mapper/" + containerName);
348 int retval = fsIface->doMount(luksContainer.c_str(), mountPoint.c_str(),
349 "ext4", 0, nullptr);
Ed Tanous82897c32022-02-21 14:11:59 -0800[diff] [blame]350 if (retval != 0)
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]351 {
352 lg2::error("Failed to mount filesystem: {RETVAL}", "RETVAL", retval,
353 "REDFISH_MESSAGE_ID",
354 std::string("OpenBMC.0.1.MountFilesystemFail"));
355 bool removeSuccess =
356 fsIface->removeDirectory(std::filesystem::path(mountPoint));
357 if (!removeSuccess)
358 {
359 lg2::error("Failed to remove mount point: {DIR}", "DIR", mountPoint,
360 "REDFISH_MESSAGE_ID",
361 std::string("OpenBMC.0.1.MountFilesystemFail"));
362 }
John Wedig972c3fa2021-12-29 17:30:41 -0800[diff] [blame]363 throw InternalFailure();
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]364 }
365
366 lg2::info("Successfully mounted filesystem at {DIR}", "DIR", mountPoint,
367 "REDFISH_MESSAGE_ID",
368 std::string("OpenBMC.0.1.MountFilesystemSuccess"));
369}
370
Ed Tanous82897c32022-02-21 14:11:59 -0800[diff] [blame]371void EStoraged::unmountFilesystem()
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]372{
373 int retval = fsIface->doUnmount(mountPoint.c_str());
Ed Tanous82897c32022-02-21 14:11:59 -0800[diff] [blame]374 if (retval != 0)
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]375 {
376 lg2::error("Failed to unmount filesystem: {RETVAL}", "RETVAL", retval,
377 "REDFISH_MESSAGE_ID",
378 std::string("OpenBMC.0.1.UnmountFilesystemFail"));
John Wedig972c3fa2021-12-29 17:30:41 -0800[diff] [blame]379 throw InternalFailure();
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]380 }
381
382 /* Remove the mount point. */
383 bool success = fsIface->removeDirectory(std::filesystem::path(mountPoint));
384 if (!success)
385 {
386 lg2::error("Failed to remove mount point {DIR}", "DIR", mountPoint,
387 "REDFISH_MESSAGE_ID",
388 std::string("OpenBMC.0.1.UnmountFilesystemFail"));
John Wedig972c3fa2021-12-29 17:30:41 -0800[diff] [blame]389 throw InternalFailure();
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]390 }
391
392 lg2::info("Successfully unmounted filesystem at {DIR}", "DIR", mountPoint,
393 "REDFISH_MESSAGE_ID",
394 std::string("OpenBMC.0.1.MountFilesystemSuccess"));
395}
396
Ed Tanous82897c32022-02-21 14:11:59 -0800[diff] [blame]397void EStoraged::deactivateLuksDev()
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]398{
399 lg2::info("Deactivating LUKS device {DEV}", "DEV", devPath,
400 "REDFISH_MESSAGE_ID",
401 std::string("OpenBMC.0.1.DeactivateLuksDev"));
402
403 int retval = cryptIface->cryptDeactivate(nullptr, containerName.c_str());
404 if (retval < 0)
405 {
406 lg2::error("Failed to deactivate crypt device: {RETVAL}", "RETVAL",
407 retval, "REDFISH_MESSAGE_ID",
408 std::string("OpenBMC.0.1.DeactivateLuksDevFail"));
John Wedig972c3fa2021-12-29 17:30:41 -0800[diff] [blame]409 throw InternalFailure();
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]410 }
411
412 /* Device is now locked. */
413 locked(true);
414
415 lg2::info("Successfully deactivated LUKS device {DEV}", "DEV", devPath,
416 "REDFISH_MESSAGE_ID",
417 std::string("OpenBMC.0.1.DeactivateLuksDevSuccess"));
418}
419
John Wedig67a47442022-04-05 17:21:29 -0700[diff] [blame]420void EStoraged::locked(bool isLocked)
421{
422 lockedProperty = isLocked;
423}
424
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]425} // namespace estoraged