| John Edward Broadbent | 59dffa6 | 2022-01-13 17:41:32 -0800 | [diff] [blame] | 1 | #include "cryptErase.hpp" |
| 2 | #include "cryptsetupInterface.hpp" |
| 3 | #include "erase.hpp" |
| 4 | |
| 5 | #include <libcryptsetup.h> |
| 6 | |
| 7 | #include <phosphor-logging/lg2.hpp> |
| 8 | #include <xyz/openbmc_project/Common/error.hpp> |
| 9 | |
| 10 | #include <memory> |
| 11 | #include <string> |
| 12 | #include <string_view> |
| 13 | |
| 14 | namespace estoraged |
| 15 | { |
| 16 | using sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure; |
| 17 | using sdbusplus::xyz::openbmc_project::Common::Error::ResourceNotFound; |
| 18 | |
| 19 | CryptErase::CryptErase( |
| 20 | std::string_view devPathIn, |
| 21 | std::unique_ptr<estoraged::CryptsetupInterface> inCryptIface) : |
| 22 | Erase(devPathIn), |
| 23 | cryptIface(std::move(inCryptIface)) |
| 24 | {} |
| 25 | |
| 26 | void CryptErase::doErase() |
| 27 | { |
| 28 | /* get cryptHandle */ |
| 29 | CryptHandle cryptHandle(std::string(devPath).c_str()); |
| 30 | if (cryptHandle.get() == nullptr) |
| 31 | { |
| 32 | lg2::error("Failed to initialize crypt device", "REDFISH_MESSAGE_ID", |
| 33 | std::string("OpenBMC.0.1.EraseFailure")); |
| 34 | throw ResourceNotFound(); |
| 35 | } |
| 36 | /* cryptLoad */ |
| Ed Tanous | 82897c3 | 2022-02-21 14:11:59 -0800 | [diff] [blame] | 37 | if (cryptIface->cryptLoad(cryptHandle.get(), CRYPT_LUKS2, nullptr) != 0) |
| John Edward Broadbent | 59dffa6 | 2022-01-13 17:41:32 -0800 | [diff] [blame] | 38 | { |
| 39 | lg2::error("Failed to load the key slots for destruction", |
| 40 | "REDFISH_MESSAGE_ID", |
| 41 | std::string("OpenBMC.0.1.EraseFailure")); |
| 42 | throw ResourceNotFound(); |
| 43 | } |
| 44 | |
| 45 | /* find key slots */ |
| Ed Tanous | 82897c3 | 2022-02-21 14:11:59 -0800 | [diff] [blame] | 46 | int nKeySlots = cryptIface->cryptKeySlotMax(CRYPT_LUKS2); |
| John Edward Broadbent | 59dffa6 | 2022-01-13 17:41:32 -0800 | [diff] [blame] | 47 | if (nKeySlots < 0) |
| 48 | { |
| 49 | lg2::error("Failed to find the max keyslots", "REDFISH_MESSAGE_ID", |
| 50 | std::string("OpenBMC.0.1.EraseFailure")); |
| 51 | throw ResourceNotFound(); |
| 52 | } |
| 53 | |
| 54 | if (nKeySlots == 0) |
| 55 | { |
| 56 | lg2::error("Max keyslots should never be zero", "REDFISH_MESSAGE_ID", |
| 57 | std::string("OpenBMC.0.1.EraseFailure")); |
| 58 | throw ResourceNotFound(); |
| 59 | } |
| 60 | |
| 61 | /* destory working keyslots */ |
| 62 | bool keySlotIssue = false; |
| 63 | for (int i = 0; i < nKeySlots; i++) |
| 64 | { |
| 65 | crypt_keyslot_info ki = |
| Ed Tanous | 82897c3 | 2022-02-21 14:11:59 -0800 | [diff] [blame] | 66 | cryptIface->cryptKeySlotStatus(cryptHandle.get(), i); |
| John Edward Broadbent | 59dffa6 | 2022-01-13 17:41:32 -0800 | [diff] [blame] | 67 | |
| 68 | if (ki == CRYPT_SLOT_ACTIVE || ki == CRYPT_SLOT_ACTIVE_LAST) |
| 69 | { |
| Ed Tanous | 82897c3 | 2022-02-21 14:11:59 -0800 | [diff] [blame] | 70 | if (cryptIface->cryptKeyslotDestroy(cryptHandle.get(), i) != 0) |
| John Edward Broadbent | 59dffa6 | 2022-01-13 17:41:32 -0800 | [diff] [blame] | 71 | { |
| 72 | lg2::error( |
| 73 | "Estoraged erase failed to destroy keyslot, continuing", |
| 74 | "REDFISH_MESSAGE_ID", |
| 75 | std::string("eStorageD.1.0.EraseFailure")); |
| 76 | keySlotIssue = true; |
| 77 | } |
| 78 | } |
| 79 | } |
| 80 | if (keySlotIssue) |
| 81 | { |
| 82 | throw InternalFailure(); |
| 83 | } |
| 84 | } |
| 85 | |
| 86 | } // namespace estoraged |