Add D-Bus interface for a logical volume
Add an initial D-Bus interface for a logical volume, which will be used
for eStoraged. It includes the following methods: FormatLuks, Lock,
Unlock, and ChangePassword.
The design doc for eStoraged can be found here:
https://github.com/openbmc/docs/blob/master/designs/estoraged.md
Signed-off-by: John Wedig <johnwedig@google.com>
Signed-off-by: John Edward Broadbent <jebr@google.com>
Change-Id: I7975056e52901a82b36933b51fb3eea112818385
diff --git a/gen/xyz/openbmc_project/Inventory/Item/Volume/meson.build b/gen/xyz/openbmc_project/Inventory/Item/Volume/meson.build
new file mode 100644
index 0000000..d78cbd7
--- /dev/null
+++ b/gen/xyz/openbmc_project/Inventory/Item/Volume/meson.build
@@ -0,0 +1,14 @@
+# Generated file; do not modify.
+generated_sources += custom_target(
+ 'xyz/openbmc_project/Inventory/Item/Volume__cpp'.underscorify(),
+ input: [ '../../../../../../yaml/xyz/openbmc_project/Inventory/Item/Volume.interface.yaml', ],
+ output: [ 'server.cpp', 'server.hpp', 'client.hpp', ],
+ command: [
+ sdbuspp_gen_meson_prog, '--command', 'cpp',
+ '--output', meson.current_build_dir(),
+ '--tool', sdbusplusplus_prog,
+ '--directory', meson.current_source_dir() / '../../../../../../yaml',
+ 'xyz/openbmc_project/Inventory/Item/Volume',
+ ],
+)
+
diff --git a/gen/xyz/openbmc_project/Inventory/Item/meson.build b/gen/xyz/openbmc_project/Inventory/Item/meson.build
index 0e05594..c3bb46d 100644
--- a/gen/xyz/openbmc_project/Inventory/Item/meson.build
+++ b/gen/xyz/openbmc_project/Inventory/Item/meson.build
@@ -404,6 +404,20 @@
],
)
+subdir('Volume')
+generated_others += custom_target(
+ 'xyz/openbmc_project/Inventory/Item/Volume__markdown'.underscorify(),
+ input: [ '../../../../../yaml/xyz/openbmc_project/Inventory/Item/Volume.interface.yaml', ],
+ output: [ 'Volume.md' ],
+ command: [
+ sdbuspp_gen_meson_prog, '--command', 'markdown',
+ '--output', meson.current_build_dir(),
+ '--tool', sdbusplusplus_prog,
+ '--directory', meson.current_source_dir() / '../../../../../yaml',
+ 'xyz/openbmc_project/Inventory/Item/Volume',
+ ],
+)
+
subdir('Vrm')
generated_others += custom_target(
'xyz/openbmc_project/Inventory/Item/Vrm__markdown'.underscorify(),
diff --git a/yaml/xyz/openbmc_project/Inventory/Item/Volume.interface.yaml b/yaml/xyz/openbmc_project/Inventory/Item/Volume.interface.yaml
new file mode 100644
index 0000000..fab0db8
--- /dev/null
+++ b/yaml/xyz/openbmc_project/Inventory/Item/Volume.interface.yaml
@@ -0,0 +1,124 @@
+description: >
+ D-bus interface to manage a logical storage volume. Currently, this
+ interface only supports LUKS encrypted volumes, but it can be extended in
+ the future to support other types of volumes, as well.
+
+methods:
+ - name: FormatLuks
+ description: >
+ Format a LUKS encrypted device and create a filesystem.
+ parameters:
+ - name: Password
+ type: array[byte]
+ description: >
+ Array of bytes to use as the LUKS password.
+ - name: Type
+ type: enum[self.FilesystemType]
+ description: >
+ Type of filesystem, e.g. ext2, ext3, ext4, vfat.
+ errors:
+ - xyz.openbmc_project.Common.Error.InternalFailure
+ - xyz.openbmc_project.Common.Error.ResourceNotFound
+ - xyz.openbmc_project.Common.Error.UnsupportedRequest
+
+ - name: Erase
+ description: >
+ Erase the contents of the volume.
+ parameters:
+ - name: EraseType
+ type: enum[self.EraseMethod]
+ description: >
+ Describes what type of erase is done.
+ errors:
+ - xyz.openbmc_project.Common.Error.InternalFailure
+ - xyz.openbmc_project.Common.Error.ResourceNotFound
+
+ - name: Lock
+ description: >
+ Unmount the filesystem, lock the volume, and remove sensitive data
+ (e.g. volume key) from memory.
+ errors:
+ - xyz.openbmc_project.Common.Error.InternalFailure
+ - xyz.openbmc_project.Common.Error.UnsupportedRequest
+
+ - name: Unlock
+ description: >
+ Activate the volume and mount the filesystem.
+ parameters:
+ - name: Password
+ type: array[byte]
+ description: >
+ Array of bytes to use as the LUKS password.
+ errors:
+ - xyz.openbmc_project.Common.Error.InternalFailure
+ - xyz.openbmc_project.Common.Error.ResourceNotFound
+
+ - name: ChangePassword
+ description: >
+ Change the LUKS password that unlocks the storage volume.
+ parameters:
+ - name: OldPassword
+ type: array[byte]
+ description: >
+ Array of bytes for the old LUKS password.
+ - name: NewPassword
+ type: array[byte]
+ description: >
+ Array of bytes to use as the LUKS password.
+ errors:
+ - xyz.openbmc_project.Common.Error.InternalFailure
+ - xyz.openbmc_project.Common.Error.ResourceNotFound
+
+properties:
+ - name: Locked
+ type: boolean
+ default: false
+ description: >
+ Indicates whether the LUKS volume is locked.
+
+enumerations:
+ - name: EraseMethod
+ description: >
+ Indicates which erase method/step is being requested.
+ values:
+ - name: CryptoErase
+ description: >
+ Destroys the encryption key slots, preventing decyrption.
+ - name: VerifyGeometry
+ description: >
+ Confirms a set percent of the disk is accessible.
+ - name: LogicalOverWrite
+ description: >
+ Overwrites the disk with a reproducible incompressible pattern.
+ - name: LogicalVerify
+ description: >
+ Verifies a reproducible pattern has been written to the disk.
+ - name: VendorSanitize
+ description: >
+ Uses the sanitization provided by the device firmware.
+ - name: ZeroOverWrite
+ description: >
+ Writes zeros over the whole disk.
+ - name: ZeroVerify
+ description: >
+ Verifies the the entire disk has been zeroed.
+ - name: SecuredLocked
+ description: >
+ Locks the disk to prevent data being written to it.
+
+ - name: FilesystemType
+ description: >
+ Type of filesystem used on the storage device.
+ values:
+ - name: ext2
+ description: >
+ Filesystem type ext2
+ - name: ext3
+ description: >
+ Filesystem type ext3
+ - name: ext4
+ description: >
+ Filesystem type ext4
+ - name: vfat
+ description: >
+ Filesystem type vfat