blob: 530ed8db6485bcd1f9212f59f2ec3586851c586b [file] [log] [blame]
John Edward Broadbent59dffa62022-01-13 17:41:32 -08001#include "cryptErase.hpp"
2#include "cryptsetupInterface.hpp"
3#include "erase.hpp"
4
5#include <libcryptsetup.h>
6
7#include <phosphor-logging/lg2.hpp>
8#include <xyz/openbmc_project/Common/error.hpp>
9
10#include <memory>
11#include <string>
12#include <string_view>
13
14namespace estoraged
15{
16using sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure;
17using sdbusplus::xyz::openbmc_project::Common::Error::ResourceNotFound;
18
19CryptErase::CryptErase(
20 std::string_view devPathIn,
21 std::unique_ptr<estoraged::CryptsetupInterface> inCryptIface) :
22 Erase(devPathIn),
23 cryptIface(std::move(inCryptIface))
24{}
25
26void CryptErase::doErase()
27{
28 /* get cryptHandle */
John Edward Broadbentb2c86be2022-04-15 11:45:53 -070029 CryptHandle cryptHandle{devPath};
John Edward Broadbent59dffa62022-01-13 17:41:32 -080030 /* cryptLoad */
Ed Tanous82897c32022-02-21 14:11:59 -080031 if (cryptIface->cryptLoad(cryptHandle.get(), CRYPT_LUKS2, nullptr) != 0)
John Edward Broadbent59dffa62022-01-13 17:41:32 -080032 {
33 lg2::error("Failed to load the key slots for destruction",
34 "REDFISH_MESSAGE_ID",
35 std::string("OpenBMC.0.1.EraseFailure"));
36 throw ResourceNotFound();
37 }
38
39 /* find key slots */
Ed Tanous82897c32022-02-21 14:11:59 -080040 int nKeySlots = cryptIface->cryptKeySlotMax(CRYPT_LUKS2);
John Edward Broadbent59dffa62022-01-13 17:41:32 -080041 if (nKeySlots < 0)
42 {
43 lg2::error("Failed to find the max keyslots", "REDFISH_MESSAGE_ID",
44 std::string("OpenBMC.0.1.EraseFailure"));
45 throw ResourceNotFound();
46 }
47
48 if (nKeySlots == 0)
49 {
50 lg2::error("Max keyslots should never be zero", "REDFISH_MESSAGE_ID",
51 std::string("OpenBMC.0.1.EraseFailure"));
52 throw ResourceNotFound();
53 }
54
55 /* destory working keyslots */
56 bool keySlotIssue = false;
57 for (int i = 0; i < nKeySlots; i++)
58 {
59 crypt_keyslot_info ki =
Ed Tanous82897c32022-02-21 14:11:59 -080060 cryptIface->cryptKeySlotStatus(cryptHandle.get(), i);
John Edward Broadbent59dffa62022-01-13 17:41:32 -080061
62 if (ki == CRYPT_SLOT_ACTIVE || ki == CRYPT_SLOT_ACTIVE_LAST)
63 {
Ed Tanous82897c32022-02-21 14:11:59 -080064 if (cryptIface->cryptKeyslotDestroy(cryptHandle.get(), i) != 0)
John Edward Broadbent59dffa62022-01-13 17:41:32 -080065 {
66 lg2::error(
67 "Estoraged erase failed to destroy keyslot, continuing",
68 "REDFISH_MESSAGE_ID",
69 std::string("eStorageD.1.0.EraseFailure"));
70 keySlotIssue = true;
71 }
72 }
73 }
74 if (keySlotIssue)
75 {
76 throw InternalFailure();
77 }
78}
79
80} // namespace estoraged