Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / estoraged / 605085a6319630441a71fecc897465b419675bf6 / . / include / estoraged.hpp
blob: 3a4fb6c90fc143a75378fc6f196b639cd89ae372 [file] [log] [blame]
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]1#pragma once
2
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]3#include "cryptsetupInterface.hpp"
4#include "filesystemInterface.hpp"
5
6#include <libcryptsetup.h>
7
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]8#include <sdbusplus/bus.hpp>
9#include <sdbusplus/exception.hpp>
10#include <sdbusplus/server/object.hpp>
John Edward Broadbente35e7362022-03-22 16:14:24 -0700[diff] [blame]11#include <util.hpp>
John Edward Broadbent86dfb242022-03-14 11:04:36 -0700[diff] [blame]12#include <xyz/openbmc_project/Inventory/Item/Drive/server.hpp>
John Wedig972c3fa2021-12-29 17:30:41 -0800[diff] [blame]13#include <xyz/openbmc_project/Inventory/Item/Volume/server.hpp>
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]14
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]15#include <filesystem>
16#include <memory>
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]17#include <string>
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]18#include <string_view>
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]19#include <vector>
20
21namespace estoraged
22{
John Edward Broadbent86dfb242022-03-14 11:04:36 -0700[diff] [blame]23using driveInherit = sdbusplus::server::object_t<
24 sdbusplus::xyz::openbmc_project::Inventory::Item::server::Drive>;
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]25using eStoragedInherit = sdbusplus::server::object_t<
John Wedig972c3fa2021-12-29 17:30:41 -0800[diff] [blame]26 sdbusplus::xyz::openbmc_project::Inventory::Item::server::Volume>;
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]27using estoraged::Cryptsetup;
28using estoraged::Filesystem;
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]29
30/** @class eStoraged
31 * @brief eStoraged object to manage a LUKS encrypted storage device.
32 */
John Edward Broadbent86dfb242022-03-14 11:04:36 -0700[diff] [blame]33class EStoraged : private eStoragedInherit, private driveInherit
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]34{
35 public:
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]36 /** @brief Constructor for eStoraged
37 *
38 * @param[in] bus - sdbusplus dbus object
39 * @param[in] path - DBus object path
40 * @param[in] devPath - path to device file, e.g. /dev/mmcblk0
41 * @param[in] luksName - name for the LUKS container
42 * @param[in] cryptInterface - (optional) pointer to CryptsetupInterface
43 * object
44 * @param[in] fsInterface - (optional) pointer to FilesystemInterface
45 * object
46 */
Ed Tanous82897c32022-02-21 14:11:59 -0800[diff] [blame]47 EStoraged(sdbusplus::bus::bus& bus, const char* path,
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]48 const std::string& devPath, const std::string& luksName,
John Edward Broadbente35e7362022-03-22 16:14:24 -0700[diff] [blame]49 uint64_t size,
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]50 std::unique_ptr<CryptsetupInterface> cryptInterface =
51 std::make_unique<Cryptsetup>(),
52 std::unique_ptr<FilesystemInterface> fsInterface =
53 std::make_unique<Filesystem>()) :
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]54 eStoragedInherit(bus, path),
John Edward Broadbent86dfb242022-03-14 11:04:36 -0700[diff] [blame]55 driveInherit(bus, path), devPath(devPath), containerName(luksName),
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]56 mountPoint("/mnt/" + luksName + "_fs"),
57 cryptIface(std::move(cryptInterface)), fsIface(std::move(fsInterface))
John Edward Broadbente35e7362022-03-22 16:14:24 -0700[diff] [blame]58 {
59 capacity(size);
60 }
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]61
62 /** @brief Format the LUKS encrypted device and create empty filesystem.
63 *
64 * @param[in] password - password to set for the LUKS device.
John Wedig972c3fa2021-12-29 17:30:41 -0800[diff] [blame]65 * @param[in] type - filesystem type, e.g. ext4
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]66 */
John Wedig972c3fa2021-12-29 17:30:41 -0800[diff] [blame]67 void formatLuks(std::vector<uint8_t> password,
68 FilesystemType type) override;
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]69
70 /** @brief Erase the contents of the storage device.
71 *
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]72 * @param[in] eraseType - type of erase operation.
73 */
John Wedig972c3fa2021-12-29 17:30:41 -0800[diff] [blame]74 void erase(EraseMethod eraseType) override;
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]75
76 /** @brief Unmount filesystem and lock the LUKS device.
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]77 */
John Wedig972c3fa2021-12-29 17:30:41 -0800[diff] [blame]78 void lock() override;
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]79
80 /** @brief Unlock device and mount the filesystem.
81 *
82 * @param[in] password - password for the LUKS device.
83 */
84 void unlock(std::vector<uint8_t> password) override;
85
86 /** @brief Change the password for the LUKS device.
87 *
88 * @param[in] oldPassword - old password for the LUKS device.
89 * @param[in] newPassword - new password for the LUKS device.
90 */
91 void changePassword(std::vector<uint8_t> oldPassword,
92 std::vector<uint8_t> newPassword) override;
93
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]94 /** @brief Check if the LUKS device is currently locked. */
95 bool isLocked() const;
96
97 /** @brief Get the mount point for the filesystem on the LUKS device. */
98 std::string_view getMountPoint() const;
99
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]100 private:
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]101 /** @brief Full path of the device file, e.g. /dev/mmcblk0. */
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]102 std::string devPath;
103
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]104 /** @brief Name of the LUKS container. */
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]105 std::string containerName;
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]106
107 /** @brief Mount point for the filesystem. */
108 std::string mountPoint;
109
110 /** @brief Pointer to cryptsetup interface object.
111 * @details This is used to mock out the cryptsetup functions.
112 */
113 std::unique_ptr<CryptsetupInterface> cryptIface;
114
115 /** @brief Pointer to filesystem interface object.
116 * @details This is used to mock out filesystem operations.
117 */
118 std::unique_ptr<FilesystemInterface> fsIface;
119
120 /** @brief Format LUKS encrypted device.
121 *
122 * @param[in] cd - initialized crypt_device struct for the device.
123 * @param[in] password - password to set for the LUKS device.
124 */
125 void formatLuksDev(struct crypt_device* cd, std::vector<uint8_t> password);
126
127 /** @brief Unlock the device.
128 *
129 * @param[in] cd - initialized crypt_device struct for the device.
130 * @param[in] password - password to activate the LUKS device.
131 */
132 void activateLuksDev(struct crypt_device* cd,
133 std::vector<uint8_t> password);
134
135 /** @brief Create the filesystem on the LUKS device.
136 * @details The LUKS device should already be activated, i.e. unlocked.
137 */
138 void createFilesystem();
139
140 /** @brief Deactivate the LUKS device.
141 * @details The filesystem is assumed to be unmounted already.
142 */
143 void deactivateLuksDev();
144
145 /** @brief Mount the filesystem.
146 * @details The filesystem should already exist and the LUKS device should
147 * be unlocked already.
148 */
149 void mountFilesystem();
150
151 /** @brief Unmount the filesystem. */
152 void unmountFilesystem();
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]153};
154
155} // namespace estoraged