logging: switch to lg2
It is recommended to use `phosphor::lg2` to format log,
and the correct `CODE_LINE` and `CODE_FUNC` values
can be used in log tracking.
Tested By: Built CertificateManager successfully and Unit Test passes.
Change-Id: Ib2ff946febfe0335d4ecf5fa932683d3a0f117bb
Signed-off-by: Ravi Teja <raviteja28031990@gmail.com>
diff --git a/certs_manager.cpp b/certs_manager.cpp
index 6e31091..c70eef0 100644
--- a/certs_manager.cpp
+++ b/certs_manager.cpp
@@ -17,7 +17,7 @@
#include <phosphor-logging/elog-errors.hpp>
#include <phosphor-logging/elog.hpp>
-#include <phosphor-logging/log.hpp>
+#include <phosphor-logging/lg2.hpp>
#include <sdbusplus/bus.hpp>
#include <sdbusplus/exception.hpp>
#include <sdbusplus/message.hpp>
@@ -45,9 +45,6 @@
namespace fs = std::filesystem;
using ::phosphor::logging::commit;
using ::phosphor::logging::elog;
-using ::phosphor::logging::entry;
-using ::phosphor::logging::level;
-using ::phosphor::logging::log;
using ::phosphor::logging::report;
using ::sdbusplus::xyz::openbmc_project::Certs::Error::InvalidCertificate;
@@ -99,9 +96,8 @@
}
catch (const std::exception& e)
{
- log<level::ERR>("Failed to read certificates list",
- entry("ERR=%s", e.what()),
- entry("SRC=%s", sourceFilePath.c_str()));
+ lg2::error("Failed to read certificates list, ERR:{ERR}, SRC:{SRC}",
+ "ERR", e, "SRC", sourceFilePath);
elog<InternalFailure>();
}
std::string pem = pemStream.str();
@@ -117,7 +113,7 @@
size_t end = pem.find(endCertificate, begin);
if (end == std::string::npos)
{
- log<level::ERR>(
+ lg2::error(
"invalid PEM contains a BEGIN identifier without an END");
elog<InvalidCertificate>(InvalidCertificateReason(
"invalid PEM contains a BEGIN identifier without an END"));
@@ -168,9 +164,9 @@
}
catch (const fs::filesystem_error& e)
{
- log<level::ERR>(
- "Failed to create directory", entry("ERR=%s", e.what()),
- entry("DIRECTORY=%s", certParentInstallPath.c_str()));
+ lg2::error(
+ "Failed to create directory, ERR:{ERR}, DIRECTORY:{DIRECTORY}",
+ "ERR", e, "DIRECTORY", certParentInstallPath);
report<InternalFailure>();
}
@@ -194,13 +190,13 @@
// if certificate file existing update it
if (!installedCerts.empty())
{
- log<level::INFO>("Inotify callback to update "
- "certificate properties");
+ lg2::info("Inotify callback to update "
+ "certificate properties");
installedCerts[0]->populateProperties();
}
else
{
- log<level::INFO>(
+ lg2::info(
"Inotify callback to create certificate object");
createCertificates();
}
@@ -222,31 +218,33 @@
const std::string singleCertPath = "/etc/ssl/certs/Root-CA.pem";
if (fs::exists(singleCertPath) && !fs::is_empty(singleCertPath))
{
- log<level::NOTICE>(
- "Legacy certificate detected, will be installed from: ",
- entry("SINGLE_CERTPATH=%s", singleCertPath.c_str()));
+ lg2::notice(
+ "Legacy certificate detected, will be installed from,"
+ "SINGLE_CERTPATH:{SINGLE_CERTPATH}",
+ "SINGLE_CERTPATH", singleCertPath);
install(singleCertPath);
if (!fs::remove(singleCertPath))
{
- log<level::ERR>(
- "Unable to remove old certificate from: ",
- entry("SINGLE_CERTPATH=%s",
- singleCertPath.c_str()));
+ lg2::error("Unable to remove old certificate from,"
+ "SINGLE_CERTPATH:{SINGLE_CERTPATH}",
+ "SINGLE_CERTPATH", singleCertPath);
elog<InternalFailure>();
}
}
}
catch (const std::exception& ex)
{
- log<level::ERR>("Error in restoring legacy certificate",
- entry("ERROR_STR=%s", ex.what()));
+ lg2::error(
+ "Error in restoring legacy certificate, ERROR_STR:{ERROR_STR}",
+ "ERROR_STR", ex);
}
}
}
catch (const std::exception& ex)
{
- log<level::ERR>("Error in certificate manager constructor",
- entry("ERROR_STR=%s", ex.what()));
+ lg2::error(
+ "Error in certificate manager constructor, ERROR_STR:{ERROR_STR}",
+ "ERROR_STR", ex);
}
}
@@ -300,7 +298,7 @@
fs::path sourceFile(filePath);
if (!fs::exists(sourceFile))
{
- log<level::ERR>("File is Missing", entry("FILE=%s", filePath.c_str()));
+ lg2::error("File is Missing, FILE:{FILE}", "FILE", filePath);
elog<InternalFailure>();
}
std::vector<std::string> authorities = splitCertificates(sourceFile);
@@ -309,7 +307,7 @@
elog<NotAllowed>(NotAllowedReason("Certificates limit reached"));
}
- log<level::INFO>("Starts authority list install");
+ lg2::info("Starts authority list install");
fs::path authorityStore(certInstallPath);
fs::path authoritiesListFile = authorityStore /
@@ -363,7 +361,7 @@
objects.emplace_back(certificate->getObjectPath());
}
- log<level::INFO>("Finishes authority list install; reload units starts");
+ lg2::info("Finishes authority list install; reload units starts");
reloadOrReset(unitToRestart);
return objects;
}
@@ -415,8 +413,8 @@
}
else
{
- log<level::ERR>("Certificate does not exist",
- entry("ID=%s", certificate->getCertId().c_str()));
+ lg2::error("Certificate does not exist, ID:{ID}", "ID",
+ certificate->getCertId());
elog<InternalFailure>();
}
}
@@ -450,7 +448,7 @@
auto pid = fork();
if (pid == -1)
{
- log<level::ERR>("Error occurred during forking process");
+ lg2::error("Error occurred during forking process");
report<InternalFailure>();
}
else if (pid == 0)
@@ -500,19 +498,19 @@
sigset_t ss;
if (sigemptyset(&ss) < 0)
{
- log<level::ERR>("Unable to initialize signal set");
+ lg2::error("Unable to initialize signal set");
elog<InternalFailure>();
}
if (sigaddset(&ss, SIGCHLD) < 0)
{
- log<level::ERR>("Unable to add signal to signal set");
+ lg2::error("Unable to add signal to signal set");
elog<InternalFailure>();
}
// Block SIGCHLD first, so that the event loop can handle it
if (sigprocmask(SIG_BLOCK, &ss, nullptr) < 0)
{
- log<level::ERR>("Unable to block signal");
+ lg2::error("Unable to block signal");
elog<InternalFailure>();
}
if (childPtr)
@@ -554,7 +552,7 @@
ret = X509_REQ_set_version(x509Req.get(), nVersion);
if (ret == 0)
{
- log<level::ERR>("Error occurred during X509_REQ_set_version call");
+ lg2::error("Error occurred during X509_REQ_set_version call");
elog<InternalFailure>();
}
@@ -599,8 +597,8 @@
EVPPkeyPtr pKey(nullptr, ::EVP_PKEY_free);
- log<level::INFO>("Given Key pair algorithm",
- entry("KEYPAIRALGORITHM=%s", keyPairAlgorithm.c_str()));
+ lg2::info("Given Key pair algorithm, KEYPAIRALGORITHM:{KEYPAIRALGORITHM}",
+ "KEYPAIRALGORITHM", keyPairAlgorithm);
// Used EC algorithm as default if user did not give algorithm type.
if (keyPairAlgorithm == "RSA")
@@ -609,8 +607,8 @@
pKey = generateECKeyPair(keyCurveId);
else
{
- log<level::ERR>("Given Key pair algorithm is not supported. Supporting "
- "RSA and EC only");
+ lg2::error("Given Key pair algorithm is not supported. Supporting "
+ "RSA and EC only");
elog<InvalidArgument>(
Argument::ARGUMENT_NAME("KEYPAIRALGORITHM"),
Argument::ARGUMENT_VALUE(keyPairAlgorithm.c_str()));
@@ -619,7 +617,7 @@
ret = X509_REQ_set_pubkey(x509Req.get(), pKey.get());
if (ret == 0)
{
- log<level::ERR>("Error occurred while setting Public key");
+ lg2::error("Error occurred while setting Public key");
elog<InternalFailure>();
}
@@ -630,11 +628,11 @@
ret = X509_REQ_sign(x509Req.get(), pKey.get(), EVP_sha256());
if (ret == 0)
{
- log<level::ERR>("Error occurred while signing key of x509");
+ lg2::error("Error occurred while signing key of x509");
elog<InternalFailure>();
}
- log<level::INFO>("Writing CSR to file");
+ lg2::info("Writing CSR to file");
fs::path csrFilePath = certParentInstallPath / defaultCSRFileName;
writeCSR(csrFilePath.string(), x509Req);
}
@@ -656,9 +654,9 @@
// set keybit length to default value if not set
if (keyBitLen <= 0)
{
- log<level::INFO>(
- "KeyBitLength is not given.Hence, using default KeyBitLength",
- entry("DEFAULTKEYBITLENGTH=%d", defaultKeyBitLength));
+ lg2::info("KeyBitLength is not given.Hence, using default KeyBitLength:"
+ "{DEFAULTKEYBITLENGTH}",
+ "DEFAULTKEYBITLENGTH", defaultKeyBitLength);
keyBitLen = defaultKeyBitLength;
}
@@ -669,7 +667,7 @@
auto ret = BN_set_word(bne.get(), RSA_F4);
if (ret == 0)
{
- log<level::ERR>("Error occurred during BN_set_word call");
+ lg2::error("Error occurred during BN_set_word call");
elog<InternalFailure>();
}
using RSAPtr = std::unique_ptr<RSA, decltype(&::RSA_free)>;
@@ -677,8 +675,9 @@
ret = RSA_generate_key_ex(rsa.get(), keyBitLen, bne.get(), nullptr);
if (ret != 1)
{
- log<level::ERR>("Error occurred during RSA_generate_key_ex call",
- entry("KEYBITLENGTH=%PRIu64", keyBitLen));
+ lg2::error(
+ "Error occurred during RSA_generate_key_ex call: {KEYBITLENGTH}",
+ "KEYBITLENGTH", keyBitLen);
elog<InternalFailure>();
}
@@ -687,7 +686,7 @@
ret = EVP_PKEY_assign_RSA(pKey.get(), rsa.get());
if (ret == 0)
{
- log<level::ERR>("Error occurred during assign rsa key into EVP");
+ lg2::error("Error occurred during assign rsa key into EVP");
elog<InternalFailure>();
}
// Now |rsa| is managed by |pKey|
@@ -699,7 +698,7 @@
EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, nullptr), &::EVP_PKEY_CTX_free);
if (!ctx)
{
- log<level::ERR>("Error occurred creating EVP_PKEY_CTX from algorithm");
+ lg2::error("Error occurred creating EVP_PKEY_CTX from algorithm");
elog<InternalFailure>();
}
@@ -707,14 +706,14 @@
(EVP_PKEY_CTX_set_rsa_keygen_bits(ctx.get(), keyBitLen) <= 0))
{
- log<level::ERR>("Error occurred initializing keygen context");
+ lg2::error("Error occurred initializing keygen context");
elog<InternalFailure>();
}
EVP_PKEY* pKey = nullptr;
if (EVP_PKEY_keygen(ctx.get(), &pKey) <= 0)
{
- log<level::ERR>("Error occurred during generate EC key");
+ lg2::error("Error occurred during generate EC key");
elog<InternalFailure>();
}
@@ -728,18 +727,19 @@
if (curId.empty())
{
- log<level::INFO>(
- "KeyCurveId is not given. Hence using default curve id",
- entry("DEFAULTKEYCURVEID=%s", defaultKeyCurveID));
+ lg2::info("KeyCurveId is not given. Hence using default curve id,"
+ "DEFAULTKEYCURVEID:{DEFAULTKEYCURVEID}",
+ "DEFAULTKEYCURVEID", defaultKeyCurveID);
curId = defaultKeyCurveID;
}
int ecGrp = OBJ_txt2nid(curId.c_str());
if (ecGrp == NID_undef)
{
- log<level::ERR>(
- "Error occurred during convert the curve id string format into NID",
- entry("KEYCURVEID=%s", curId.c_str()));
+ lg2::error(
+ "Error occurred during convert the curve id string format into NID,"
+ "KEYCURVEID:{KEYCURVEID}",
+ "KEYCURVEID", curId);
elog<InternalFailure>();
}
@@ -749,9 +749,9 @@
if (ecKey == nullptr)
{
- log<level::ERR>(
- "Error occurred during create the EC_Key object from NID",
- entry("ECGROUP=%d", ecGrp));
+ lg2::error(
+ "Error occurred during create the EC_Key object from NID, ECGROUP:{ECGROUP}",
+ "ECGROUP", ecGrp);
elog<InternalFailure>();
}
@@ -765,7 +765,7 @@
if (ret == 0)
{
EC_KEY_free(ecKey);
- log<level::ERR>("Error occurred during generate EC key");
+ lg2::error("Error occurred during generate EC key");
elog<InternalFailure>();
}
@@ -774,7 +774,7 @@
if (ret == 0)
{
EC_KEY_free(ecKey);
- log<level::ERR>("Error occurred during assign EC Key into EVP");
+ lg2::error("Error occurred during assign EC Key into EVP");
elog<InternalFailure>();
}
@@ -791,7 +791,7 @@
EVP_PKEY_CTX_new_id(EVP_PKEY_EC, nullptr), &::EVP_PKEY_CTX_free);
if (!ctx)
{
- log<level::ERR>("Error occurred creating EVP_PKEY_CTX for params");
+ lg2::error("Error occurred creating EVP_PKEY_CTX for params");
elog<InternalFailure>();
}
@@ -804,7 +804,7 @@
(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx.get(), ecGrp) <= 0) ||
(EVP_PKEY_paramgen(ctx.get(), ¶ms) <= 0))
{
- log<level::ERR>("Error occurred setting curve parameters");
+ lg2::error("Error occurred setting curve parameters");
elog<InternalFailure>();
}
@@ -816,14 +816,14 @@
if (!ctx || (EVP_PKEY_keygen_init(ctx.get()) <= 0))
{
- log<level::ERR>("Error occurred initializing keygen context");
+ lg2::error("Error occurred initializing keygen context");
elog<InternalFailure>();
}
EVP_PKEY* pKey = nullptr;
if (EVP_PKEY_keygen(ctx.get(), &pKey) <= 0)
{
- log<level::ERR>("Error occurred during generate EC key");
+ lg2::error("Error occurred during generate EC key");
elog<InternalFailure>();
}
@@ -834,14 +834,14 @@
void Manager::writePrivateKey(const EVPPkeyPtr& pKey,
const std::string& privKeyFileName)
{
- log<level::INFO>("Writing private key to file");
+ lg2::info("Writing private key to file");
// write private key to file
fs::path privKeyPath = certParentInstallPath / privKeyFileName;
FILE* fp = std::fopen(privKeyPath.c_str(), "w");
if (fp == nullptr)
{
- log<level::ERR>("Error occurred creating private key file");
+ lg2::error("Error occurred creating private key file");
elog<InternalFailure>();
}
int ret = PEM_write_PrivateKey(fp, pKey.get(), nullptr, nullptr, 0, 0,
@@ -849,7 +849,7 @@
std::fclose(fp);
if (ret == 0)
{
- log<level::ERR>("Error occurred while writing private key to file");
+ lg2::error("Error occurred while writing private key to file");
elog<InternalFailure>();
}
}
@@ -866,8 +866,8 @@
reinterpret_cast<const unsigned char*>(bytes.c_str()), -1, -1, 0);
if (ret != 1)
{
- log<level::ERR>("Unable to set entry", entry("FIELD=%s", field),
- entry("VALUE=%s", bytes.c_str()));
+ lg2::error("Unable to set entry, FIELD:{FIELD}, VALUE:{VALUE}", "FIELD",
+ field, "VALUE", bytes);
elog<InternalFailure>();
}
}
@@ -887,12 +887,12 @@
{
if (fs::exists(filePath))
{
- log<level::INFO>("Removing the existing file",
- entry("FILENAME=%s", filePath.c_str()));
+ lg2::info("Removing the existing file, FILENAME:{FILENAME}", "FILENAME",
+ filePath);
if (!fs::remove(filePath.c_str()))
{
- log<level::ERR>("Unable to remove the file",
- entry("FILENAME=%s", filePath.c_str()));
+ lg2::error("Unable to remove the file, FILENAME:{FILENAME}",
+ "FILENAME", filePath);
elog<InternalFailure>();
}
}
@@ -901,16 +901,17 @@
if ((fp = std::fopen(filePath.c_str(), "w")) == nullptr)
{
- log<level::ERR>("Error opening the file to write the CSR",
- entry("FILENAME=%s", filePath.c_str()));
+ lg2::error(
+ "Error opening the file to write the CSR, FILENAME:{FILENAME}",
+ "FILENAME", filePath);
elog<InternalFailure>();
}
int rc = PEM_write_X509_REQ(fp, x509Req.get());
if (!rc)
{
- log<level::ERR>("PEM write routine failed",
- entry("FILENAME=%s", filePath.c_str()));
+ lg2::error("PEM write routine failed, FILENAME:{FILENAME}", "FILENAME",
+ filePath);
std::fclose(fp);
elog<InternalFailure>();
}
@@ -926,8 +927,8 @@
// Check whether install path is a directory.
if (!fs::is_directory(certInstallPath))
{
- log<level::ERR>("Certificate installation path exists and it is "
- "not a directory");
+ lg2::error("Certificate installation path exists and it is "
+ "not a directory");
elog<InternalFailure>();
}
@@ -1017,10 +1018,11 @@
{
if (keyBitLength != supportedKeyBitLength)
{
- log<level::ERR>(
- "Given Key bit length is not supported",
- entry("GIVENKEYBITLENGTH=%d", keyBitLength),
- entry("SUPPORTEDKEYBITLENGTH=%d", supportedKeyBitLength));
+ lg2::error(
+ "Given Key bit length is not supported, GIVENKEYBITLENGTH:"
+ "{GIVENKEYBITLENGTH}, SUPPORTEDKEYBITLENGTH:{SUPPORTEDKEYBITLENGTH}",
+ "GIVENKEYBITLENGTH", keyBitLength, "SUPPORTEDKEYBITLENGTH",
+ supportedKeyBitLength);
elog<InvalidArgument>(
Argument::ARGUMENT_NAME("KEYBITLENGTH"),
Argument::ARGUMENT_VALUE(std::to_string(keyBitLength).c_str()));
@@ -1031,9 +1033,11 @@
FILE* privateKeyFile = std::fopen(rsaPrivateKeyFileName.c_str(), "r");
if (!privateKeyFile)
{
- log<level::ERR>("Unable to open RSA private key file to read",
- entry("RSAKEYFILE=%s", rsaPrivateKeyFileName.c_str()),
- entry("ERRORREASON=%s", strerror(errno)));
+ lg2::error(
+ "Unable to open RSA private key file to read, RSAKEYFILE:{RSAKEYFILE},"
+ "ERRORREASON:{ERRORREASON}",
+ "RSAKEYFILE", rsaPrivateKeyFileName, "ERRORREASON",
+ strerror(errno));
elog<InternalFailure>();
}
@@ -1044,7 +1048,7 @@
if (!privateKey)
{
- log<level::ERR>("Error occurred during PEM_read_PrivateKey call");
+ lg2::error("Error occurred during PEM_read_PrivateKey call");
elog<InternalFailure>();
}
return privateKey;
@@ -1066,10 +1070,9 @@
}
catch (const std::exception& e)
{
- log<level::ERR>(
- "Failed to remove symlink for certificate",
- entry("ERR=%s", e.what()),
- entry("SYMLINK=%s", certPath.path().string().c_str()));
+ lg2::error(
+ "Failed to remove symlink for certificate, ERR:{ERR} SYMLINK:{SYMLINK}",
+ "ERR", e, "SYMLINK", certPath.path().string());
elog<InternalFailure>();
}
}
@@ -1100,9 +1103,9 @@
}
catch (const sdbusplus::exception_t& e)
{
- log<level::ERR>("Failed to reload or restart service",
- entry("ERR=%s", e.what()),
- entry("UNIT=%s", unit.c_str()));
+ lg2::error(
+ "Failed to reload or restart service, ERR:{ERR}, UNIT:{UNIT}",
+ "ERR", e, "UNIT", unit);
elog<InternalFailure>();
}
}