Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / estoraged / 86dfb244ee46ff5199c166da7f856e7b6b16d614 / . / include / estoraged.hpp
blob: d14a007bc02cf89807effc914a68144c7d2cedaa [file] [log] [blame]
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]1#pragma once
2
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]3#include "cryptsetupInterface.hpp"
4#include "filesystemInterface.hpp"
5
6#include <libcryptsetup.h>
7
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]8#include <sdbusplus/bus.hpp>
9#include <sdbusplus/exception.hpp>
10#include <sdbusplus/server/object.hpp>
John Edward Broadbent86dfb242022-03-14 11:04:36 -0700[diff] [blame^]11#include <xyz/openbmc_project/Inventory/Item/Drive/server.hpp>
John Wedig972c3fa2021-12-29 17:30:41 -0800[diff] [blame]12#include <xyz/openbmc_project/Inventory/Item/Volume/server.hpp>
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]13
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]14#include <filesystem>
15#include <memory>
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]16#include <string>
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]17#include <string_view>
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]18#include <vector>
19
20namespace estoraged
21{
John Edward Broadbent86dfb242022-03-14 11:04:36 -0700[diff] [blame^]22using driveInherit = sdbusplus::server::object_t<
23 sdbusplus::xyz::openbmc_project::Inventory::Item::server::Drive>;
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]24using eStoragedInherit = sdbusplus::server::object_t<
John Wedig972c3fa2021-12-29 17:30:41 -0800[diff] [blame]25 sdbusplus::xyz::openbmc_project::Inventory::Item::server::Volume>;
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]26using estoraged::Cryptsetup;
27using estoraged::Filesystem;
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]28
29/** @class eStoraged
30 * @brief eStoraged object to manage a LUKS encrypted storage device.
31 */
John Edward Broadbent86dfb242022-03-14 11:04:36 -0700[diff] [blame^]32class EStoraged : private eStoragedInherit, private driveInherit
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]33{
34 public:
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]35 /** @brief Constructor for eStoraged
36 *
37 * @param[in] bus - sdbusplus dbus object
38 * @param[in] path - DBus object path
39 * @param[in] devPath - path to device file, e.g. /dev/mmcblk0
40 * @param[in] luksName - name for the LUKS container
41 * @param[in] cryptInterface - (optional) pointer to CryptsetupInterface
42 * object
43 * @param[in] fsInterface - (optional) pointer to FilesystemInterface
44 * object
45 */
Ed Tanous82897c32022-02-21 14:11:59 -0800[diff] [blame]46 EStoraged(sdbusplus::bus::bus& bus, const char* path,
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]47 const std::string& devPath, const std::string& luksName,
48 std::unique_ptr<CryptsetupInterface> cryptInterface =
49 std::make_unique<Cryptsetup>(),
50 std::unique_ptr<FilesystemInterface> fsInterface =
51 std::make_unique<Filesystem>()) :
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]52 eStoragedInherit(bus, path),
John Edward Broadbent86dfb242022-03-14 11:04:36 -0700[diff] [blame^]53 driveInherit(bus, path), devPath(devPath), containerName(luksName),
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]54 mountPoint("/mnt/" + luksName + "_fs"),
55 cryptIface(std::move(cryptInterface)), fsIface(std::move(fsInterface))
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]56 {}
57
58 /** @brief Format the LUKS encrypted device and create empty filesystem.
59 *
60 * @param[in] password - password to set for the LUKS device.
John Wedig972c3fa2021-12-29 17:30:41 -0800[diff] [blame]61 * @param[in] type - filesystem type, e.g. ext4
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]62 */
John Wedig972c3fa2021-12-29 17:30:41 -0800[diff] [blame]63 void formatLuks(std::vector<uint8_t> password,
64 FilesystemType type) override;
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]65
66 /** @brief Erase the contents of the storage device.
67 *
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]68 * @param[in] eraseType - type of erase operation.
69 */
John Wedig972c3fa2021-12-29 17:30:41 -0800[diff] [blame]70 void erase(EraseMethod eraseType) override;
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]71
72 /** @brief Unmount filesystem and lock the LUKS device.
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]73 */
John Wedig972c3fa2021-12-29 17:30:41 -0800[diff] [blame]74 void lock() override;
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]75
76 /** @brief Unlock device and mount the filesystem.
77 *
78 * @param[in] password - password for the LUKS device.
79 */
80 void unlock(std::vector<uint8_t> password) override;
81
82 /** @brief Change the password for the LUKS device.
83 *
84 * @param[in] oldPassword - old password for the LUKS device.
85 * @param[in] newPassword - new password for the LUKS device.
86 */
87 void changePassword(std::vector<uint8_t> oldPassword,
88 std::vector<uint8_t> newPassword) override;
89
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]90 /** @brief Check if the LUKS device is currently locked. */
91 bool isLocked() const;
92
93 /** @brief Get the mount point for the filesystem on the LUKS device. */
94 std::string_view getMountPoint() const;
95
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]96 private:
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]97 /** @brief Full path of the device file, e.g. /dev/mmcblk0. */
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]98 std::string devPath;
99
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]100 /** @brief Name of the LUKS container. */
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]101 std::string containerName;
John Wedigb810c922021-11-17 16:38:03 -0800[diff] [blame]102
103 /** @brief Mount point for the filesystem. */
104 std::string mountPoint;
105
106 /** @brief Pointer to cryptsetup interface object.
107 * @details This is used to mock out the cryptsetup functions.
108 */
109 std::unique_ptr<CryptsetupInterface> cryptIface;
110
111 /** @brief Pointer to filesystem interface object.
112 * @details This is used to mock out filesystem operations.
113 */
114 std::unique_ptr<FilesystemInterface> fsIface;
115
116 /** @brief Format LUKS encrypted device.
117 *
118 * @param[in] cd - initialized crypt_device struct for the device.
119 * @param[in] password - password to set for the LUKS device.
120 */
121 void formatLuksDev(struct crypt_device* cd, std::vector<uint8_t> password);
122
123 /** @brief Unlock the device.
124 *
125 * @param[in] cd - initialized crypt_device struct for the device.
126 * @param[in] password - password to activate the LUKS device.
127 */
128 void activateLuksDev(struct crypt_device* cd,
129 std::vector<uint8_t> password);
130
131 /** @brief Create the filesystem on the LUKS device.
132 * @details The LUKS device should already be activated, i.e. unlocked.
133 */
134 void createFilesystem();
135
136 /** @brief Deactivate the LUKS device.
137 * @details The filesystem is assumed to be unmounted already.
138 */
139 void deactivateLuksDev();
140
141 /** @brief Mount the filesystem.
142 * @details The filesystem should already exist and the LUKS device should
143 * be unlocked already.
144 */
145 void mountFilesystem();
146
147 /** @brief Unmount the filesystem. */
148 void unmountFilesystem();
John Wedig2098dab2021-09-14 13:56:28 -0700[diff] [blame]149};
150
151} // namespace estoraged