logging: switch to lg2
It is recommended to use `phosphor::lg2` to format log,
and the correct `CODE_LINE` and `CODE_FUNC` values
can be used in log tracking.
Tested By: Built CertificateManager successfully and Unit Test passes.
Change-Id: Ib2ff946febfe0335d4ecf5fa932683d3a0f117bb
Signed-off-by: Ravi Teja <raviteja28031990@gmail.com>
diff --git a/bmc-vmi-ca/ca_certs_manager.cpp b/bmc-vmi-ca/ca_certs_manager.cpp
index ed0f337..47cb12d 100644
--- a/bmc-vmi-ca/ca_certs_manager.cpp
+++ b/bmc-vmi-ca/ca_certs_manager.cpp
@@ -4,7 +4,7 @@
#include <phosphor-logging/elog-errors.hpp>
#include <phosphor-logging/elog.hpp>
-#include <phosphor-logging/log.hpp>
+#include <phosphor-logging/lg2.hpp>
#include <xyz/openbmc_project/Common/error.hpp>
#include <filesystem>
@@ -14,9 +14,6 @@
{
namespace fs = std::filesystem;
using ::phosphor::logging::elog;
-using ::phosphor::logging::entry;
-using ::phosphor::logging::level;
-using ::phosphor::logging::log;
using ::sdbusplus::xyz::openbmc_project::Common::Error::InvalidArgument;
using Argument =
@@ -31,7 +28,7 @@
{
if (csr.size() > maxCertSize)
{
- log<level::ERR>("Invalid CSR size");
+ lg2::error("Invalid CSR size");
elog<InvalidArgument>(Argument::ARGUMENT_NAME("CSR"),
Argument::ARGUMENT_VALUE(csr.c_str()));
}
@@ -48,7 +45,7 @@
}
catch (const std::invalid_argument& e)
{
- log<level::ERR>(e.what());
+ lg2::error(e.what());
elog<InvalidArgument>(Argument::ARGUMENT_NAME("csr"),
Argument::ARGUMENT_VALUE(csr.c_str()));
}
diff --git a/certificate.cpp b/certificate.cpp
index 52c3c2a..e3fe609 100644
--- a/certificate.cpp
+++ b/certificate.cpp
@@ -18,7 +18,7 @@
#include <phosphor-logging/elog-errors.hpp>
#include <phosphor-logging/elog.hpp>
-#include <phosphor-logging/log.hpp>
+#include <phosphor-logging/lg2.hpp>
#include <watch.hpp>
#include <xyz/openbmc_project/Certs/error.hpp>
#include <xyz/openbmc_project/Common/error.hpp>
@@ -40,10 +40,6 @@
{
namespace fs = std::filesystem;
using ::phosphor::logging::elog;
-using ::phosphor::logging::entry;
-using ::phosphor::logging::level;
-using ::phosphor::logging::log;
-using ::phosphor::logging::report;
using InvalidCertificateError =
::sdbusplus::xyz::openbmc_project::Certs::Error::InvalidCertificate;
using ::phosphor::logging::xyz::openbmc_project::Certs::InvalidCertificate;
@@ -108,9 +104,9 @@
}
catch (const std::exception& e)
{
- log<level::ERR>("Failed to dump certificate", entry("ERR=%s", e.what()),
- entry("SRC_PEM=%s", pem.c_str()),
- entry("DST=%s", certFilePath.c_str()));
+ lg2::error(
+ "Failed to dump certificate, ERR:{ERR}, SRC_PEM:{SRC_PEM}, DST:{DST}",
+ "ERR", e, "SRC_PEM", pem, "DST", certFilePath);
elog<InternalFailure>();
}
}
@@ -142,10 +138,9 @@
}
catch (const std::exception& e)
{
- log<level::ERR>("Failed to copy certificate",
- entry("ERR=%s", e.what()),
- entry("SRC=%s", certSrcFilePath.c_str()),
- entry("DST=%s", certFilePath.c_str()));
+ lg2::error(
+ "Failed to copy certificate, ERR:{ERR}, SRC:{SRC}, DST:{DST}",
+ "ERR", e, "SRC", certSrcFilePath, "DST", certFilePath);
elog<InternalFailure>();
}
}
@@ -157,9 +152,9 @@
char* filePath = tempnam(directoryPath.c_str(), nullptr);
if (filePath == nullptr)
{
- log<level::ERR>(
- "Error occurred while creating random certificate file path",
- entry("DIR=%s", directoryPath.c_str()));
+ lg2::error(
+ "Error occurred while creating random certificate file path, DIR:{DIR}",
+ "DIR", directoryPath);
elog<InternalFailure>();
}
std::string filePathStr(filePath);
@@ -188,8 +183,8 @@
}
}
- log<level::ERR>("Authority certificate x509 file path already used",
- entry("DIR=%s", certDstDirPath.c_str()));
+ lg2::error("Authority certificate x509 file path already used, DIR:{DIR}",
+ "DIR", certDstDirPath);
elog<InternalFailure>();
}
@@ -291,8 +286,8 @@
{
if (!fs::remove(certFilePath))
{
- log<level::INFO>("Certificate file not found!",
- entry("PATH=%s", certFilePath.c_str()));
+ lg2::info("Certificate file not found! PATH:{PATH}", "PATH",
+ certFilePath);
}
}
@@ -305,13 +300,13 @@
{
if (restore)
{
- log<level::DEBUG>("Certificate install ",
- entry("FILEPATH=%s", certSrcFilePath.c_str()));
+ lg2::debug("Certificate install, FILEPATH:{FILEPATH}", "FILEPATH",
+ certSrcFilePath);
}
else
{
- log<level::INFO>("Certificate install ",
- entry("FILEPATH=%s", certSrcFilePath.c_str()));
+ lg2::info("Certificate install, FILEPATH:{FILEPATH}", "FILEPATH",
+ certSrcFilePath);
}
// stop watch for user initiated certificate install
@@ -324,8 +319,7 @@
fs::path file(certSrcFilePath);
if (!fs::exists(file))
{
- log<level::ERR>("File is Missing",
- entry("FILE=%s", certSrcFilePath.c_str()));
+ lg2::error("File is Missing, FILE:{FILE}", "FILE", certSrcFilePath);
elog<InternalFailure>();
}
@@ -334,8 +328,7 @@
if (fs::file_size(certSrcFilePath) == 0)
{
// file is empty
- log<level::ERR>("File is empty",
- entry("FILE=%s", certSrcFilePath.c_str()));
+ lg2::error("File is empty, FILE:{FILE}", "FILE", certSrcFilePath);
elog<InvalidCertificateError>(
InvalidCertificate::REASON("File is empty"));
}
@@ -343,7 +336,8 @@
catch (const fs::filesystem_error& e)
{
// Log Error message
- log<level::ERR>(e.what(), entry("FILE=%s", certSrcFilePath.c_str()));
+ lg2::error("File is empty, FILE:{FILE}, ERR:{ERR}", "FILE",
+ certSrcFilePath, "ERR", e);
elog<InternalFailure>();
}
@@ -360,8 +354,8 @@
// Invoke type specific append private key function.
if (auto it = appendKeyMap.find(certType); it == appendKeyMap.end())
{
- log<level::ERR>("Unsupported Type",
- entry("TYPE=%s", certificateTypeToString(certType)));
+ lg2::error("Unsupported Type, TYPE:{TYPE}", "TYPE",
+ certificateTypeToString(certType));
elog<InternalFailure>();
}
else
@@ -372,8 +366,8 @@
// Invoke type specific compare keys function.
if (auto it = typeFuncMap.find(certType); it == typeFuncMap.end())
{
- log<level::ERR>("Unsupported Type",
- entry("TYPE=%s", certificateTypeToString(certType)));
+ lg2::error("Unsupported Type, TYPE:{TYPE}", "TYPE",
+ certificateTypeToString(certType));
elog<InternalFailure>();
}
else
@@ -402,20 +396,18 @@
{
if (restore)
{
- log<level::DEBUG>("Certificate install ",
- entry("PEM_STR=%s", pem.data()));
+ lg2::debug("Certificate install, PEM_STR:{PEM_STR}", "PEM_STR", pem);
}
else
{
- log<level::INFO>("Certificate install ",
- entry("PEM_STR=%s", pem.data()));
+ lg2::info("Certificate install, PEM_STR:{PEM_STR} ", "PEM_STR", pem);
}
if (certType != CertificateType::authority)
{
- log<level::ERR>("Bulk install error: Unsupported Type; only authority "
- "supports bulk install",
- entry("TYPE=%s", certificateTypeToString(certType)));
+ lg2::error("Bulk install error: Unsupported Type; only authority "
+ "supports bulk install, TYPE:{TYPE}",
+ "TYPE", certificateTypeToString(certType));
elog<InternalFailure>();
}
@@ -482,10 +474,10 @@
}
catch (const std::exception& e)
{
- log<level::ERR>("Failed to create symlink for certificate",
- entry("ERR=%s", e.what()),
- entry("FILE=%s", certFilePath.c_str()),
- entry("SYMLINK=%s", certFileX509Path.c_str()));
+ lg2::error("Failed to create symlink for certificate, ERR:{ERR},"
+ "FILE:{FILE}, SYMLINK:{SYMLINK}",
+ "ERR", e, "FILE", certFilePath, "SYMLINK",
+ certFileX509Path);
elog<InternalFailure>();
}
}
@@ -574,8 +566,8 @@
BIOMemPtr keyBio(BIO_new(BIO_s_file()), ::BIO_free);
if (!keyBio)
{
- log<level::ERR>("Error occurred during BIO_s_file call",
- entry("FILE=%s", filePath.c_str()));
+ lg2::error("Error occurred during BIO_s_file call, FILE:{FILE}", "FILE",
+ filePath);
elog<InternalFailure>();
}
BIO_read_filename(keyBio.get(), filePath.c_str());
@@ -585,14 +577,14 @@
::EVP_PKEY_free);
if (!priKey)
{
- log<level::INFO>("Private key not present in file",
- entry("FILE=%s", filePath.c_str()));
+ lg2::info("Private key not present in file, FILE:{FILE}", "FILE",
+ filePath);
fs::path privateKeyFile = fs::path(certInstallPath).parent_path();
privateKeyFile = privateKeyFile / defaultPrivateKeyFileName;
if (!fs::exists(privateKeyFile))
{
- log<level::ERR>("Private key file is not found",
- entry("FILE=%s", privateKeyFile.c_str()));
+ lg2::error("Private key file is not found, FILE:{FILE}", "FILE",
+ privateKeyFile);
elog<InternalFailure>();
}
@@ -615,10 +607,9 @@
}
catch (const std::exception& e)
{
- log<level::ERR>("Failed to append private key",
- entry("ERR=%s", e.what()),
- entry("SRC=%s", privateKeyFile.c_str()),
- entry("DST=%s", filePath.c_str()));
+ lg2::error(
+ "Failed to append private key, ERR:{ERR}, SRC:{SRC}, DST:{DST}",
+ "ERR", e, "SRC", privateKeyFile, "DST", filePath);
elog<InternalFailure>();
}
}
@@ -626,22 +617,22 @@
bool Certificate::compareKeys(const std::string& filePath)
{
- log<level::INFO>("Certificate compareKeys",
- entry("FILEPATH=%s", filePath.c_str()));
+ lg2::info("Certificate compareKeys, FILEPATH:{FILEPATH}", "FILEPATH",
+ filePath);
internal::X509Ptr cert(X509_new(), ::X509_free);
if (!cert)
{
- log<level::ERR>("Error occurred during X509_new call",
- entry("FILE=%s", filePath.c_str()),
- entry("ERRCODE=%lu", ERR_get_error()));
+ lg2::error(
+ "Error occurred during X509_new call, FILE:{FILE}, ERRCODE:{ERRCODE}",
+ "FILE", filePath, "ERRCODE", ERR_get_error());
elog<InternalFailure>();
}
BIOMemPtr bioCert(BIO_new_file(filePath.c_str(), "rb"), ::BIO_free);
if (!bioCert)
{
- log<level::ERR>("Error occurred during BIO_new_file call",
- entry("FILE=%s", filePath.c_str()));
+ lg2::error("Error occurred during BIO_new_file call, FILE:{FILE}",
+ "FILE", filePath);
elog<InternalFailure>();
}
@@ -651,9 +642,9 @@
EVPPkeyPtr pubKey(X509_get_pubkey(cert.get()), ::EVP_PKEY_free);
if (!pubKey)
{
- log<level::ERR>("Error occurred during X509_get_pubkey",
- entry("FILE=%s", filePath.c_str()),
- entry("ERRCODE=%lu", ERR_get_error()));
+ lg2::error(
+ "Error occurred during X509_get_pubkey, FILE:{FILE}, ERRCODE:{ERRCODE}",
+ "FILE", filePath, "ERRCODE", ERR_get_error());
elog<InvalidCertificateError>(
InvalidCertificate::REASON("Failed to get public key info"));
}
@@ -661,8 +652,8 @@
BIOMemPtr keyBio(BIO_new(BIO_s_file()), ::BIO_free);
if (!keyBio)
{
- log<level::ERR>("Error occurred during BIO_s_file call",
- entry("FILE=%s", filePath.c_str()));
+ lg2::error("Error occurred during BIO_s_file call, FILE:{FILE}", "FILE",
+ filePath);
elog<InternalFailure>();
}
BIO_read_filename(keyBio.get(), filePath.c_str());
@@ -672,9 +663,9 @@
::EVP_PKEY_free);
if (!priKey)
{
- log<level::ERR>("Error occurred during PEM_read_bio_PrivateKey",
- entry("FILE=%s", filePath.c_str()),
- entry("ERRCODE=%lu", ERR_get_error()));
+ lg2::error(
+ "Error occurred during PEM_read_bio_PrivateKey, FILE:{FILE}, ERRCODE:{ERRCODE}",
+ "FILE", filePath, "ERRCODE", ERR_get_error());
elog<InvalidCertificateError>(
InvalidCertificate::REASON("Failed to get private key info"));
}
@@ -686,9 +677,9 @@
#endif
if (rc != 1)
{
- log<level::ERR>("Private key is not matching with Certificate",
- entry("FILE=%s", filePath.c_str()),
- entry("ERRCODE=%d", rc));
+ lg2::error(
+ "Private key is not matching with Certificate, FILE:{FILE}, ERRCODE:{ERRCODE}",
+ "FILE", filePath, "ERRCODE", rc);
return false;
}
return true;
diff --git a/certs_manager.cpp b/certs_manager.cpp
index 6e31091..c70eef0 100644
--- a/certs_manager.cpp
+++ b/certs_manager.cpp
@@ -17,7 +17,7 @@
#include <phosphor-logging/elog-errors.hpp>
#include <phosphor-logging/elog.hpp>
-#include <phosphor-logging/log.hpp>
+#include <phosphor-logging/lg2.hpp>
#include <sdbusplus/bus.hpp>
#include <sdbusplus/exception.hpp>
#include <sdbusplus/message.hpp>
@@ -45,9 +45,6 @@
namespace fs = std::filesystem;
using ::phosphor::logging::commit;
using ::phosphor::logging::elog;
-using ::phosphor::logging::entry;
-using ::phosphor::logging::level;
-using ::phosphor::logging::log;
using ::phosphor::logging::report;
using ::sdbusplus::xyz::openbmc_project::Certs::Error::InvalidCertificate;
@@ -99,9 +96,8 @@
}
catch (const std::exception& e)
{
- log<level::ERR>("Failed to read certificates list",
- entry("ERR=%s", e.what()),
- entry("SRC=%s", sourceFilePath.c_str()));
+ lg2::error("Failed to read certificates list, ERR:{ERR}, SRC:{SRC}",
+ "ERR", e, "SRC", sourceFilePath);
elog<InternalFailure>();
}
std::string pem = pemStream.str();
@@ -117,7 +113,7 @@
size_t end = pem.find(endCertificate, begin);
if (end == std::string::npos)
{
- log<level::ERR>(
+ lg2::error(
"invalid PEM contains a BEGIN identifier without an END");
elog<InvalidCertificate>(InvalidCertificateReason(
"invalid PEM contains a BEGIN identifier without an END"));
@@ -168,9 +164,9 @@
}
catch (const fs::filesystem_error& e)
{
- log<level::ERR>(
- "Failed to create directory", entry("ERR=%s", e.what()),
- entry("DIRECTORY=%s", certParentInstallPath.c_str()));
+ lg2::error(
+ "Failed to create directory, ERR:{ERR}, DIRECTORY:{DIRECTORY}",
+ "ERR", e, "DIRECTORY", certParentInstallPath);
report<InternalFailure>();
}
@@ -194,13 +190,13 @@
// if certificate file existing update it
if (!installedCerts.empty())
{
- log<level::INFO>("Inotify callback to update "
- "certificate properties");
+ lg2::info("Inotify callback to update "
+ "certificate properties");
installedCerts[0]->populateProperties();
}
else
{
- log<level::INFO>(
+ lg2::info(
"Inotify callback to create certificate object");
createCertificates();
}
@@ -222,31 +218,33 @@
const std::string singleCertPath = "/etc/ssl/certs/Root-CA.pem";
if (fs::exists(singleCertPath) && !fs::is_empty(singleCertPath))
{
- log<level::NOTICE>(
- "Legacy certificate detected, will be installed from: ",
- entry("SINGLE_CERTPATH=%s", singleCertPath.c_str()));
+ lg2::notice(
+ "Legacy certificate detected, will be installed from,"
+ "SINGLE_CERTPATH:{SINGLE_CERTPATH}",
+ "SINGLE_CERTPATH", singleCertPath);
install(singleCertPath);
if (!fs::remove(singleCertPath))
{
- log<level::ERR>(
- "Unable to remove old certificate from: ",
- entry("SINGLE_CERTPATH=%s",
- singleCertPath.c_str()));
+ lg2::error("Unable to remove old certificate from,"
+ "SINGLE_CERTPATH:{SINGLE_CERTPATH}",
+ "SINGLE_CERTPATH", singleCertPath);
elog<InternalFailure>();
}
}
}
catch (const std::exception& ex)
{
- log<level::ERR>("Error in restoring legacy certificate",
- entry("ERROR_STR=%s", ex.what()));
+ lg2::error(
+ "Error in restoring legacy certificate, ERROR_STR:{ERROR_STR}",
+ "ERROR_STR", ex);
}
}
}
catch (const std::exception& ex)
{
- log<level::ERR>("Error in certificate manager constructor",
- entry("ERROR_STR=%s", ex.what()));
+ lg2::error(
+ "Error in certificate manager constructor, ERROR_STR:{ERROR_STR}",
+ "ERROR_STR", ex);
}
}
@@ -300,7 +298,7 @@
fs::path sourceFile(filePath);
if (!fs::exists(sourceFile))
{
- log<level::ERR>("File is Missing", entry("FILE=%s", filePath.c_str()));
+ lg2::error("File is Missing, FILE:{FILE}", "FILE", filePath);
elog<InternalFailure>();
}
std::vector<std::string> authorities = splitCertificates(sourceFile);
@@ -309,7 +307,7 @@
elog<NotAllowed>(NotAllowedReason("Certificates limit reached"));
}
- log<level::INFO>("Starts authority list install");
+ lg2::info("Starts authority list install");
fs::path authorityStore(certInstallPath);
fs::path authoritiesListFile = authorityStore /
@@ -363,7 +361,7 @@
objects.emplace_back(certificate->getObjectPath());
}
- log<level::INFO>("Finishes authority list install; reload units starts");
+ lg2::info("Finishes authority list install; reload units starts");
reloadOrReset(unitToRestart);
return objects;
}
@@ -415,8 +413,8 @@
}
else
{
- log<level::ERR>("Certificate does not exist",
- entry("ID=%s", certificate->getCertId().c_str()));
+ lg2::error("Certificate does not exist, ID:{ID}", "ID",
+ certificate->getCertId());
elog<InternalFailure>();
}
}
@@ -450,7 +448,7 @@
auto pid = fork();
if (pid == -1)
{
- log<level::ERR>("Error occurred during forking process");
+ lg2::error("Error occurred during forking process");
report<InternalFailure>();
}
else if (pid == 0)
@@ -500,19 +498,19 @@
sigset_t ss;
if (sigemptyset(&ss) < 0)
{
- log<level::ERR>("Unable to initialize signal set");
+ lg2::error("Unable to initialize signal set");
elog<InternalFailure>();
}
if (sigaddset(&ss, SIGCHLD) < 0)
{
- log<level::ERR>("Unable to add signal to signal set");
+ lg2::error("Unable to add signal to signal set");
elog<InternalFailure>();
}
// Block SIGCHLD first, so that the event loop can handle it
if (sigprocmask(SIG_BLOCK, &ss, nullptr) < 0)
{
- log<level::ERR>("Unable to block signal");
+ lg2::error("Unable to block signal");
elog<InternalFailure>();
}
if (childPtr)
@@ -554,7 +552,7 @@
ret = X509_REQ_set_version(x509Req.get(), nVersion);
if (ret == 0)
{
- log<level::ERR>("Error occurred during X509_REQ_set_version call");
+ lg2::error("Error occurred during X509_REQ_set_version call");
elog<InternalFailure>();
}
@@ -599,8 +597,8 @@
EVPPkeyPtr pKey(nullptr, ::EVP_PKEY_free);
- log<level::INFO>("Given Key pair algorithm",
- entry("KEYPAIRALGORITHM=%s", keyPairAlgorithm.c_str()));
+ lg2::info("Given Key pair algorithm, KEYPAIRALGORITHM:{KEYPAIRALGORITHM}",
+ "KEYPAIRALGORITHM", keyPairAlgorithm);
// Used EC algorithm as default if user did not give algorithm type.
if (keyPairAlgorithm == "RSA")
@@ -609,8 +607,8 @@
pKey = generateECKeyPair(keyCurveId);
else
{
- log<level::ERR>("Given Key pair algorithm is not supported. Supporting "
- "RSA and EC only");
+ lg2::error("Given Key pair algorithm is not supported. Supporting "
+ "RSA and EC only");
elog<InvalidArgument>(
Argument::ARGUMENT_NAME("KEYPAIRALGORITHM"),
Argument::ARGUMENT_VALUE(keyPairAlgorithm.c_str()));
@@ -619,7 +617,7 @@
ret = X509_REQ_set_pubkey(x509Req.get(), pKey.get());
if (ret == 0)
{
- log<level::ERR>("Error occurred while setting Public key");
+ lg2::error("Error occurred while setting Public key");
elog<InternalFailure>();
}
@@ -630,11 +628,11 @@
ret = X509_REQ_sign(x509Req.get(), pKey.get(), EVP_sha256());
if (ret == 0)
{
- log<level::ERR>("Error occurred while signing key of x509");
+ lg2::error("Error occurred while signing key of x509");
elog<InternalFailure>();
}
- log<level::INFO>("Writing CSR to file");
+ lg2::info("Writing CSR to file");
fs::path csrFilePath = certParentInstallPath / defaultCSRFileName;
writeCSR(csrFilePath.string(), x509Req);
}
@@ -656,9 +654,9 @@
// set keybit length to default value if not set
if (keyBitLen <= 0)
{
- log<level::INFO>(
- "KeyBitLength is not given.Hence, using default KeyBitLength",
- entry("DEFAULTKEYBITLENGTH=%d", defaultKeyBitLength));
+ lg2::info("KeyBitLength is not given.Hence, using default KeyBitLength:"
+ "{DEFAULTKEYBITLENGTH}",
+ "DEFAULTKEYBITLENGTH", defaultKeyBitLength);
keyBitLen = defaultKeyBitLength;
}
@@ -669,7 +667,7 @@
auto ret = BN_set_word(bne.get(), RSA_F4);
if (ret == 0)
{
- log<level::ERR>("Error occurred during BN_set_word call");
+ lg2::error("Error occurred during BN_set_word call");
elog<InternalFailure>();
}
using RSAPtr = std::unique_ptr<RSA, decltype(&::RSA_free)>;
@@ -677,8 +675,9 @@
ret = RSA_generate_key_ex(rsa.get(), keyBitLen, bne.get(), nullptr);
if (ret != 1)
{
- log<level::ERR>("Error occurred during RSA_generate_key_ex call",
- entry("KEYBITLENGTH=%PRIu64", keyBitLen));
+ lg2::error(
+ "Error occurred during RSA_generate_key_ex call: {KEYBITLENGTH}",
+ "KEYBITLENGTH", keyBitLen);
elog<InternalFailure>();
}
@@ -687,7 +686,7 @@
ret = EVP_PKEY_assign_RSA(pKey.get(), rsa.get());
if (ret == 0)
{
- log<level::ERR>("Error occurred during assign rsa key into EVP");
+ lg2::error("Error occurred during assign rsa key into EVP");
elog<InternalFailure>();
}
// Now |rsa| is managed by |pKey|
@@ -699,7 +698,7 @@
EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, nullptr), &::EVP_PKEY_CTX_free);
if (!ctx)
{
- log<level::ERR>("Error occurred creating EVP_PKEY_CTX from algorithm");
+ lg2::error("Error occurred creating EVP_PKEY_CTX from algorithm");
elog<InternalFailure>();
}
@@ -707,14 +706,14 @@
(EVP_PKEY_CTX_set_rsa_keygen_bits(ctx.get(), keyBitLen) <= 0))
{
- log<level::ERR>("Error occurred initializing keygen context");
+ lg2::error("Error occurred initializing keygen context");
elog<InternalFailure>();
}
EVP_PKEY* pKey = nullptr;
if (EVP_PKEY_keygen(ctx.get(), &pKey) <= 0)
{
- log<level::ERR>("Error occurred during generate EC key");
+ lg2::error("Error occurred during generate EC key");
elog<InternalFailure>();
}
@@ -728,18 +727,19 @@
if (curId.empty())
{
- log<level::INFO>(
- "KeyCurveId is not given. Hence using default curve id",
- entry("DEFAULTKEYCURVEID=%s", defaultKeyCurveID));
+ lg2::info("KeyCurveId is not given. Hence using default curve id,"
+ "DEFAULTKEYCURVEID:{DEFAULTKEYCURVEID}",
+ "DEFAULTKEYCURVEID", defaultKeyCurveID);
curId = defaultKeyCurveID;
}
int ecGrp = OBJ_txt2nid(curId.c_str());
if (ecGrp == NID_undef)
{
- log<level::ERR>(
- "Error occurred during convert the curve id string format into NID",
- entry("KEYCURVEID=%s", curId.c_str()));
+ lg2::error(
+ "Error occurred during convert the curve id string format into NID,"
+ "KEYCURVEID:{KEYCURVEID}",
+ "KEYCURVEID", curId);
elog<InternalFailure>();
}
@@ -749,9 +749,9 @@
if (ecKey == nullptr)
{
- log<level::ERR>(
- "Error occurred during create the EC_Key object from NID",
- entry("ECGROUP=%d", ecGrp));
+ lg2::error(
+ "Error occurred during create the EC_Key object from NID, ECGROUP:{ECGROUP}",
+ "ECGROUP", ecGrp);
elog<InternalFailure>();
}
@@ -765,7 +765,7 @@
if (ret == 0)
{
EC_KEY_free(ecKey);
- log<level::ERR>("Error occurred during generate EC key");
+ lg2::error("Error occurred during generate EC key");
elog<InternalFailure>();
}
@@ -774,7 +774,7 @@
if (ret == 0)
{
EC_KEY_free(ecKey);
- log<level::ERR>("Error occurred during assign EC Key into EVP");
+ lg2::error("Error occurred during assign EC Key into EVP");
elog<InternalFailure>();
}
@@ -791,7 +791,7 @@
EVP_PKEY_CTX_new_id(EVP_PKEY_EC, nullptr), &::EVP_PKEY_CTX_free);
if (!ctx)
{
- log<level::ERR>("Error occurred creating EVP_PKEY_CTX for params");
+ lg2::error("Error occurred creating EVP_PKEY_CTX for params");
elog<InternalFailure>();
}
@@ -804,7 +804,7 @@
(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx.get(), ecGrp) <= 0) ||
(EVP_PKEY_paramgen(ctx.get(), ¶ms) <= 0))
{
- log<level::ERR>("Error occurred setting curve parameters");
+ lg2::error("Error occurred setting curve parameters");
elog<InternalFailure>();
}
@@ -816,14 +816,14 @@
if (!ctx || (EVP_PKEY_keygen_init(ctx.get()) <= 0))
{
- log<level::ERR>("Error occurred initializing keygen context");
+ lg2::error("Error occurred initializing keygen context");
elog<InternalFailure>();
}
EVP_PKEY* pKey = nullptr;
if (EVP_PKEY_keygen(ctx.get(), &pKey) <= 0)
{
- log<level::ERR>("Error occurred during generate EC key");
+ lg2::error("Error occurred during generate EC key");
elog<InternalFailure>();
}
@@ -834,14 +834,14 @@
void Manager::writePrivateKey(const EVPPkeyPtr& pKey,
const std::string& privKeyFileName)
{
- log<level::INFO>("Writing private key to file");
+ lg2::info("Writing private key to file");
// write private key to file
fs::path privKeyPath = certParentInstallPath / privKeyFileName;
FILE* fp = std::fopen(privKeyPath.c_str(), "w");
if (fp == nullptr)
{
- log<level::ERR>("Error occurred creating private key file");
+ lg2::error("Error occurred creating private key file");
elog<InternalFailure>();
}
int ret = PEM_write_PrivateKey(fp, pKey.get(), nullptr, nullptr, 0, 0,
@@ -849,7 +849,7 @@
std::fclose(fp);
if (ret == 0)
{
- log<level::ERR>("Error occurred while writing private key to file");
+ lg2::error("Error occurred while writing private key to file");
elog<InternalFailure>();
}
}
@@ -866,8 +866,8 @@
reinterpret_cast<const unsigned char*>(bytes.c_str()), -1, -1, 0);
if (ret != 1)
{
- log<level::ERR>("Unable to set entry", entry("FIELD=%s", field),
- entry("VALUE=%s", bytes.c_str()));
+ lg2::error("Unable to set entry, FIELD:{FIELD}, VALUE:{VALUE}", "FIELD",
+ field, "VALUE", bytes);
elog<InternalFailure>();
}
}
@@ -887,12 +887,12 @@
{
if (fs::exists(filePath))
{
- log<level::INFO>("Removing the existing file",
- entry("FILENAME=%s", filePath.c_str()));
+ lg2::info("Removing the existing file, FILENAME:{FILENAME}", "FILENAME",
+ filePath);
if (!fs::remove(filePath.c_str()))
{
- log<level::ERR>("Unable to remove the file",
- entry("FILENAME=%s", filePath.c_str()));
+ lg2::error("Unable to remove the file, FILENAME:{FILENAME}",
+ "FILENAME", filePath);
elog<InternalFailure>();
}
}
@@ -901,16 +901,17 @@
if ((fp = std::fopen(filePath.c_str(), "w")) == nullptr)
{
- log<level::ERR>("Error opening the file to write the CSR",
- entry("FILENAME=%s", filePath.c_str()));
+ lg2::error(
+ "Error opening the file to write the CSR, FILENAME:{FILENAME}",
+ "FILENAME", filePath);
elog<InternalFailure>();
}
int rc = PEM_write_X509_REQ(fp, x509Req.get());
if (!rc)
{
- log<level::ERR>("PEM write routine failed",
- entry("FILENAME=%s", filePath.c_str()));
+ lg2::error("PEM write routine failed, FILENAME:{FILENAME}", "FILENAME",
+ filePath);
std::fclose(fp);
elog<InternalFailure>();
}
@@ -926,8 +927,8 @@
// Check whether install path is a directory.
if (!fs::is_directory(certInstallPath))
{
- log<level::ERR>("Certificate installation path exists and it is "
- "not a directory");
+ lg2::error("Certificate installation path exists and it is "
+ "not a directory");
elog<InternalFailure>();
}
@@ -1017,10 +1018,11 @@
{
if (keyBitLength != supportedKeyBitLength)
{
- log<level::ERR>(
- "Given Key bit length is not supported",
- entry("GIVENKEYBITLENGTH=%d", keyBitLength),
- entry("SUPPORTEDKEYBITLENGTH=%d", supportedKeyBitLength));
+ lg2::error(
+ "Given Key bit length is not supported, GIVENKEYBITLENGTH:"
+ "{GIVENKEYBITLENGTH}, SUPPORTEDKEYBITLENGTH:{SUPPORTEDKEYBITLENGTH}",
+ "GIVENKEYBITLENGTH", keyBitLength, "SUPPORTEDKEYBITLENGTH",
+ supportedKeyBitLength);
elog<InvalidArgument>(
Argument::ARGUMENT_NAME("KEYBITLENGTH"),
Argument::ARGUMENT_VALUE(std::to_string(keyBitLength).c_str()));
@@ -1031,9 +1033,11 @@
FILE* privateKeyFile = std::fopen(rsaPrivateKeyFileName.c_str(), "r");
if (!privateKeyFile)
{
- log<level::ERR>("Unable to open RSA private key file to read",
- entry("RSAKEYFILE=%s", rsaPrivateKeyFileName.c_str()),
- entry("ERRORREASON=%s", strerror(errno)));
+ lg2::error(
+ "Unable to open RSA private key file to read, RSAKEYFILE:{RSAKEYFILE},"
+ "ERRORREASON:{ERRORREASON}",
+ "RSAKEYFILE", rsaPrivateKeyFileName, "ERRORREASON",
+ strerror(errno));
elog<InternalFailure>();
}
@@ -1044,7 +1048,7 @@
if (!privateKey)
{
- log<level::ERR>("Error occurred during PEM_read_PrivateKey call");
+ lg2::error("Error occurred during PEM_read_PrivateKey call");
elog<InternalFailure>();
}
return privateKey;
@@ -1066,10 +1070,9 @@
}
catch (const std::exception& e)
{
- log<level::ERR>(
- "Failed to remove symlink for certificate",
- entry("ERR=%s", e.what()),
- entry("SYMLINK=%s", certPath.path().string().c_str()));
+ lg2::error(
+ "Failed to remove symlink for certificate, ERR:{ERR} SYMLINK:{SYMLINK}",
+ "ERR", e, "SYMLINK", certPath.path().string());
elog<InternalFailure>();
}
}
@@ -1100,9 +1103,9 @@
}
catch (const sdbusplus::exception_t& e)
{
- log<level::ERR>("Failed to reload or restart service",
- entry("ERR=%s", e.what()),
- entry("UNIT=%s", unit.c_str()));
+ lg2::error(
+ "Failed to reload or restart service, ERR:{ERR}, UNIT:{UNIT}",
+ "ERR", e, "UNIT", unit);
elog<InternalFailure>();
}
}
diff --git a/csr.cpp b/csr.cpp
index 88fb761..e271b1f 100644
--- a/csr.cpp
+++ b/csr.cpp
@@ -10,7 +10,7 @@
#include <phosphor-logging/elog-errors.hpp>
#include <phosphor-logging/elog.hpp>
-#include <phosphor-logging/log.hpp>
+#include <phosphor-logging/lg2.hpp>
#include <xyz/openbmc_project/Certs/error.hpp>
#include <xyz/openbmc_project/Common/error.hpp>
@@ -23,9 +23,6 @@
{
using ::phosphor::logging::elog;
-using ::phosphor::logging::entry;
-using ::phosphor::logging::level;
-using ::phosphor::logging::log;
using ::sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure;
namespace fs = std::filesystem;
@@ -46,15 +43,15 @@
{
if (csrStatus == Status::failure)
{
- log<level::ERR>("Failure in Generating CSR");
+ lg2::error("Failure in Generating CSR");
elog<InternalFailure>();
}
fs::path csrFilePath = certInstallPath;
csrFilePath = csrFilePath.parent_path() / defaultCSRFileName;
if (!fs::exists(csrFilePath))
{
- log<level::ERR>("CSR file doesn't exists",
- entry("FILENAME=%s", csrFilePath.c_str()));
+ lg2::error("CSR file doesn't exists, FILENAME:{FILENAME}", "FILENAME",
+ csrFilePath);
elog<InternalFailure>();
}
@@ -67,8 +64,8 @@
{
std::fclose(fp);
}
- log<level::ERR>("ERROR occurred while reading CSR file",
- entry("FILENAME=%s", csrFilePath.c_str()));
+ lg2::error("ERROR occurred while reading CSR file, FILENAME:{FILENAME}",
+ "FILENAME", csrFilePath);
elog<InternalFailure>();
}
std::fclose(fp);
@@ -77,7 +74,7 @@
int ret = PEM_write_bio_X509_REQ(bio.get(), x509Req.get());
if (ret <= 0)
{
- log<level::ERR>("Error occurred while calling PEM_write_bio_X509_REQ");
+ lg2::error("Error occurred while calling PEM_write_bio_X509_REQ");
elog<InternalFailure>();
}
diff --git a/watch.cpp b/watch.cpp
index 1bfc109..933e5ab 100644
--- a/watch.cpp
+++ b/watch.cpp
@@ -6,7 +6,7 @@
#include <phosphor-logging/elog-errors.hpp>
#include <phosphor-logging/elog.hpp>
-#include <phosphor-logging/log.hpp>
+#include <phosphor-logging/lg2.hpp>
#include <sdeventplus/source/io.hpp>
#include <xyz/openbmc_project/Common/error.hpp>
@@ -21,9 +21,6 @@
{
using ::phosphor::logging::elog;
-using ::phosphor::logging::entry;
-using ::phosphor::logging::level;
-using ::phosphor::logging::log;
using ::sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure;
namespace fs = std::filesystem;
@@ -41,8 +38,9 @@
}
catch (const fs::filesystem_error& e)
{
- log<level::ERR>("Failed to create directory", entry("ERR=%s", e.what()),
- entry("DIRECTORY=%s", path.c_str()));
+ lg2::error(
+ "Failed to create directory, ERR:{ERR}, DIRECTORY:{DIRECTORY}",
+ "ERR", e, "DIRECTORY", path);
elog<InternalFailure>();
}
watchDir = path;
@@ -63,17 +61,15 @@
fd = inotify_init1(IN_NONBLOCK);
if (-1 == fd)
{
- log<level::ERR>("inotify_init1 failed,",
- entry("ERR=%s", std::strerror(errno)));
+ lg2::error("inotify_init1 failed: {ERR}", "ERR", std::strerror(errno));
elog<InternalFailure>();
}
wd = inotify_add_watch(fd, watchDir.c_str(), IN_CLOSE_WRITE);
if (-1 == wd)
{
close(fd);
- log<level::ERR>("inotify_add_watch failed,",
- entry("ERR=%s", std::strerror(errno)),
- entry("WATCH=%s", watchDir.c_str()));
+ lg2::error("inotify_add_watch failed, ERR:{ERR}, WATCH:{WATCH}", "ERR",
+ std::strerror(errno), "WATCH", watchDir);
elog<InternalFailure>();
}
@@ -96,7 +92,7 @@
}
else
{
- log<level::ERR>("Failed to read inotify event");
+ lg2::error("Failed to read inotify event");
}
});
}
diff --git a/x509_utils.cpp b/x509_utils.cpp
index 7978771..bc3ccbb 100644
--- a/x509_utils.cpp
+++ b/x509_utils.cpp
@@ -12,7 +12,7 @@
#include <phosphor-logging/elog-errors.hpp>
#include <phosphor-logging/elog.hpp>
-#include <phosphor-logging/log.hpp>
+#include <phosphor-logging/lg2.hpp>
#include <xyz/openbmc_project/Certs/error.hpp>
#include <xyz/openbmc_project/Common/error.hpp>
@@ -28,9 +28,6 @@
{
using ::phosphor::logging::elog;
-using ::phosphor::logging::entry;
-using ::phosphor::logging::level;
-using ::phosphor::logging::log;
using ::sdbusplus::xyz::openbmc_project::Certs::Error::InvalidCertificate;
using ::sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure;
using Reason = ::phosphor::logging::xyz::openbmc_project::Certs::
@@ -63,7 +60,7 @@
X509StorePtr x509Store(X509_STORE_new(), &X509_STORE_free);
if (!x509Store)
{
- log<level::ERR>("Error occurred during X509_STORE_new call");
+ lg2::error("Error occurred during X509_STORE_new call");
elog<InternalFailure>();
}
@@ -75,7 +72,7 @@
if (!lookup)
{
- log<level::ERR>("Error occurred during X509_STORE_add_lookup call");
+ lg2::error("Error occurred during X509_STORE_add_lookup call");
elog<InternalFailure>();
}
// Load the Certificate file into X509 Store.
@@ -83,8 +80,9 @@
X509_FILETYPE_PEM);
errCode != 1)
{
- log<level::ERR>("Error occurred during X509_LOOKUP_load_file call",
- entry("FILE=%s", certSrcPath.c_str()));
+ lg2::error(
+ "Error occurred during X509_LOOKUP_load_file call, FILE:{FILE}",
+ "FILE", certSrcPath);
elog<InvalidCertificate>(Reason("Invalid certificate file format"));
}
return x509Store;
@@ -96,25 +94,25 @@
X509Ptr cert(X509_new(), ::X509_free);
if (!cert)
{
- log<level::ERR>("Error occurred during X509_new call",
- entry("FILE=%s", filePath.c_str()),
- entry("ERRCODE=%lu", ERR_get_error()));
+ lg2::error(
+ "Error occurred during X509_new call, FILE:{FILE}, ERRCODE:{ERRCODE}",
+ "FILE", filePath, "ERRCODE", ERR_get_error());
elog<InternalFailure>();
}
BIOMemPtr bioCert(BIO_new_file(filePath.c_str(), "rb"), ::BIO_free);
if (!bioCert)
{
- log<level::ERR>("Error occurred during BIO_new_file call",
- entry("FILE=%s", filePath.c_str()));
+ lg2::error("Error occurred during BIO_new_file call, FILE:{FILE}",
+ "FILE", filePath);
elog<InternalFailure>();
}
X509* x509 = cert.get();
if (!PEM_read_bio_X509(bioCert.get(), &x509, nullptr, nullptr))
{
- log<level::ERR>("Error occurred during PEM_read_bio_X509 call",
- entry("FILE=%s", filePath.c_str()));
+ lg2::error("Error occurred during PEM_read_bio_X509 call, FILE:{FILE}",
+ "FILE", filePath);
elog<InternalFailure>();
}
return cert;
@@ -136,7 +134,7 @@
if (days < 0 || secs < 0)
{
- log<level::ERR>("Certificate valid date starts before the Unix Epoch");
+ lg2::error("Certificate valid date starts before the Unix Epoch");
elog<InvalidCertificate>(
Reason("NotBefore should after 19700101000000Z"));
}
@@ -148,14 +146,14 @@
X509StoreCtxPtr storeCtx(X509_STORE_CTX_new(), ::X509_STORE_CTX_free);
if (!storeCtx)
{
- log<level::ERR>("Error occurred during X509_STORE_CTX_new call");
+ lg2::error("Error occurred during X509_STORE_CTX_new call");
elog<InternalFailure>();
}
errCode = X509_STORE_CTX_init(storeCtx.get(), &x509Store, &cert, nullptr);
if (errCode != 1)
{
- log<level::ERR>("Error occurred during X509_STORE_CTX_init call");
+ lg2::error("Error occurred during X509_STORE_CTX_init call");
elog<InternalFailure>();
}
@@ -173,15 +171,15 @@
else if (errCode == 0)
{
errCode = X509_STORE_CTX_get_error(storeCtx.get());
- log<level::INFO>(
+ lg2::info(
"Error occurred during X509_verify_cert call, checking for known "
- "error",
- entry("ERRCODE=%d", errCode),
- entry("ERROR_STR=%s", X509_verify_cert_error_string(errCode)));
+ "error, ERRCODE:{ERRCODE}, ERROR_STR:{ERROR_STR}",
+ "ERRCODE", errCode, "ERROR_STR",
+ X509_verify_cert_error_string(errCode));
}
else
{
- log<level::ERR>("Error occurred during X509_verify_cert call");
+ lg2::error("Error occurred during X509_verify_cert call");
elog<InternalFailure>();
}
@@ -198,13 +196,14 @@
{
if (errCode == X509_V_ERR_CERT_HAS_EXPIRED)
{
- log<level::ERR>("Expired certificate ");
+ lg2::error("Expired certificate ");
elog<InvalidCertificate>(Reason("Expired Certificate"));
}
// Loging general error here.
- log<level::ERR>(
- "Certificate validation failed", entry("ERRCODE=%d", errCode),
- entry("ERROR_STR=%s", X509_verify_cert_error_string(errCode)));
+ lg2::error(
+ "Certificate validation failed, ERRCODE:{ERRCODE}, ERROR_STR:{ERROR_STR}",
+ "ERRCODE", errCode, "ERROR_STR",
+ X509_verify_cert_error_string(errCode));
elog<InvalidCertificate>(Reason("Certificate validation failed"));
}
}
@@ -215,8 +214,8 @@
SSLCtxPtr ctx(SSL_CTX_new(method), SSL_CTX_free);
if (SSL_CTX_use_certificate(ctx.get(), &cert) != 1)
{
- log<level::ERR>("Certificate is not usable",
- entry("ERRCODE=%x", ERR_get_error()));
+ lg2::error("Certificate is not usable, ERRCODE:{ERRCODE}", "ERRCODE",
+ ERR_get_error());
elog<InvalidCertificate>(Reason("Certificate is not usable"));
}
}
@@ -238,14 +237,14 @@
{
if (pem.size() > INT_MAX)
{
- log<level::ERR>("Error occurred during parseCert: PEM is too long");
+ lg2::error("Error occurred during parseCert: PEM is too long");
elog<InvalidCertificate>(Reason("Invalid PEM: too long"));
}
X509Ptr cert(X509_new(), ::X509_free);
if (!cert)
{
- log<level::ERR>("Error occurred during X509_new call",
- entry("ERRCODE=%lu", ERR_get_error()));
+ lg2::error("Error occurred during X509_new call, ERRCODE:{ERRCODE}",
+ "ERRCODE", ERR_get_error());
elog<InternalFailure>();
}
@@ -254,8 +253,8 @@
X509* x509 = cert.get();
if (!PEM_read_bio_X509(bioCert.get(), &x509, nullptr, nullptr))
{
- log<level::ERR>("Error occurred during PEM_read_bio_X509 call",
- entry("PEM=%s", pem.c_str()));
+ lg2::error("Error occurred during PEM_read_bio_X509 call, PEM:{PEM}",
+ "PEM", pem);
elog<InternalFailure>();
}
return cert;