John Wedig | 4f70334 | 2021-11-04 11:50:51 -0700 | [diff] [blame] | 1 | description: > |
| 2 | D-bus interface to manage a logical storage volume. Currently, this |
| 3 | interface only supports LUKS encrypted volumes, but it can be extended in |
| 4 | the future to support other types of volumes, as well. |
| 5 | |
| 6 | methods: |
| 7 | - name: FormatLuks |
| 8 | description: > |
Patrick Williams | 8da396c | 2022-03-14 14:21:02 -0500 | [diff] [blame] | 9 | Format a LUKS encrypted device and create a filesystem. |
John Wedig | 4f70334 | 2021-11-04 11:50:51 -0700 | [diff] [blame] | 10 | parameters: |
Patrick Williams | 8da396c | 2022-03-14 14:21:02 -0500 | [diff] [blame] | 11 | - name: Password |
| 12 | type: array[byte] |
| 13 | description: > |
| 14 | Array of bytes to use as the LUKS password. |
| 15 | - name: Type |
| 16 | type: enum[self.FilesystemType] |
| 17 | description: > |
| 18 | Type of filesystem, e.g. ext2, ext3, ext4, vfat. |
John Wedig | 4f70334 | 2021-11-04 11:50:51 -0700 | [diff] [blame] | 19 | errors: |
Patrick Williams | 8da396c | 2022-03-14 14:21:02 -0500 | [diff] [blame] | 20 | - xyz.openbmc_project.Common.Error.InternalFailure |
| 21 | - xyz.openbmc_project.Common.Error.ResourceNotFound |
| 22 | - xyz.openbmc_project.Common.Error.UnsupportedRequest |
John Wedig | 4f70334 | 2021-11-04 11:50:51 -0700 | [diff] [blame] | 23 | |
| 24 | - name: Erase |
| 25 | description: > |
Patrick Williams | 8da396c | 2022-03-14 14:21:02 -0500 | [diff] [blame] | 26 | Erase the contents of the volume. |
John Wedig | 4f70334 | 2021-11-04 11:50:51 -0700 | [diff] [blame] | 27 | parameters: |
Patrick Williams | 8da396c | 2022-03-14 14:21:02 -0500 | [diff] [blame] | 28 | - name: EraseType |
| 29 | type: enum[self.EraseMethod] |
| 30 | description: > |
| 31 | Describes what type of erase is done. |
John Wedig | 4f70334 | 2021-11-04 11:50:51 -0700 | [diff] [blame] | 32 | errors: |
Patrick Williams | 8da396c | 2022-03-14 14:21:02 -0500 | [diff] [blame] | 33 | - xyz.openbmc_project.Common.Error.InternalFailure |
| 34 | - xyz.openbmc_project.Common.Error.ResourceNotFound |
John Wedig | 4f70334 | 2021-11-04 11:50:51 -0700 | [diff] [blame] | 35 | |
| 36 | - name: Lock |
| 37 | description: > |
Patrick Williams | 8da396c | 2022-03-14 14:21:02 -0500 | [diff] [blame] | 38 | Unmount the filesystem, lock the volume, and remove sensitive data |
| 39 | (e.g. volume key) from memory. |
John Wedig | 4f70334 | 2021-11-04 11:50:51 -0700 | [diff] [blame] | 40 | errors: |
Patrick Williams | 8da396c | 2022-03-14 14:21:02 -0500 | [diff] [blame] | 41 | - xyz.openbmc_project.Common.Error.InternalFailure |
| 42 | - xyz.openbmc_project.Common.Error.UnsupportedRequest |
John Wedig | 4f70334 | 2021-11-04 11:50:51 -0700 | [diff] [blame] | 43 | |
| 44 | - name: Unlock |
| 45 | description: > |
Patrick Williams | 8da396c | 2022-03-14 14:21:02 -0500 | [diff] [blame] | 46 | Activate the volume and mount the filesystem. |
John Wedig | 4f70334 | 2021-11-04 11:50:51 -0700 | [diff] [blame] | 47 | parameters: |
Patrick Williams | 8da396c | 2022-03-14 14:21:02 -0500 | [diff] [blame] | 48 | - name: Password |
| 49 | type: array[byte] |
| 50 | description: > |
| 51 | Array of bytes to use as the LUKS password. |
John Wedig | 4f70334 | 2021-11-04 11:50:51 -0700 | [diff] [blame] | 52 | errors: |
Patrick Williams | 8da396c | 2022-03-14 14:21:02 -0500 | [diff] [blame] | 53 | - xyz.openbmc_project.Common.Error.InternalFailure |
| 54 | - xyz.openbmc_project.Common.Error.ResourceNotFound |
John Wedig | 4f70334 | 2021-11-04 11:50:51 -0700 | [diff] [blame] | 55 | |
| 56 | - name: ChangePassword |
| 57 | description: > |
Patrick Williams | 8da396c | 2022-03-14 14:21:02 -0500 | [diff] [blame] | 58 | Change the LUKS password that unlocks the storage volume. |
John Wedig | 4f70334 | 2021-11-04 11:50:51 -0700 | [diff] [blame] | 59 | parameters: |
Patrick Williams | 8da396c | 2022-03-14 14:21:02 -0500 | [diff] [blame] | 60 | - name: OldPassword |
| 61 | type: array[byte] |
| 62 | description: > |
| 63 | Array of bytes for the old LUKS password. |
| 64 | - name: NewPassword |
| 65 | type: array[byte] |
| 66 | description: > |
| 67 | Array of bytes to use as the LUKS password. |
John Wedig | 4f70334 | 2021-11-04 11:50:51 -0700 | [diff] [blame] | 68 | errors: |
Patrick Williams | 8da396c | 2022-03-14 14:21:02 -0500 | [diff] [blame] | 69 | - xyz.openbmc_project.Common.Error.InternalFailure |
| 70 | - xyz.openbmc_project.Common.Error.ResourceNotFound |
John Wedig | 4f70334 | 2021-11-04 11:50:51 -0700 | [diff] [blame] | 71 | |
| 72 | properties: |
| 73 | - name: Locked |
| 74 | type: boolean |
| 75 | default: false |
| 76 | description: > |
Patrick Williams | 8da396c | 2022-03-14 14:21:02 -0500 | [diff] [blame] | 77 | Indicates whether the LUKS volume is locked. |
John Wedig | 4f70334 | 2021-11-04 11:50:51 -0700 | [diff] [blame] | 78 | |
| 79 | enumerations: |
| 80 | - name: EraseMethod |
| 81 | description: > |
Patrick Williams | 8da396c | 2022-03-14 14:21:02 -0500 | [diff] [blame] | 82 | Indicates which erase method/step is being requested. |
John Wedig | 4f70334 | 2021-11-04 11:50:51 -0700 | [diff] [blame] | 83 | values: |
Patrick Williams | 8da396c | 2022-03-14 14:21:02 -0500 | [diff] [blame] | 84 | - name: CryptoErase |
| 85 | description: > |
| 86 | Destroys the encryption key slots, preventing decyrption. |
| 87 | - name: VerifyGeometry |
| 88 | description: > |
| 89 | Confirms a set percent of the disk is accessible. |
| 90 | - name: LogicalOverWrite |
| 91 | description: > |
| 92 | Overwrites the disk with a reproducible incompressible pattern. |
| 93 | - name: LogicalVerify |
| 94 | description: > |
| 95 | Verifies a reproducible pattern has been written to the disk. |
| 96 | - name: VendorSanitize |
| 97 | description: > |
| 98 | Uses the sanitization provided by the device firmware. |
| 99 | - name: ZeroOverWrite |
| 100 | description: > |
| 101 | Writes zeros over the whole disk. |
| 102 | - name: ZeroVerify |
| 103 | description: > |
| 104 | Verifies the the entire disk has been zeroed. |
| 105 | - name: SecuredLocked |
| 106 | description: > |
| 107 | Locks the disk to prevent data being written to it. |
John Wedig | 4f70334 | 2021-11-04 11:50:51 -0700 | [diff] [blame] | 108 | |
| 109 | - name: FilesystemType |
| 110 | description: > |
Patrick Williams | 8da396c | 2022-03-14 14:21:02 -0500 | [diff] [blame] | 111 | Type of filesystem used on the storage device. |
John Wedig | 4f70334 | 2021-11-04 11:50:51 -0700 | [diff] [blame] | 112 | values: |
Patrick Williams | 8da396c | 2022-03-14 14:21:02 -0500 | [diff] [blame] | 113 | - name: ext2 |
| 114 | description: > |
| 115 | Filesystem type ext2 |
| 116 | - name: ext3 |
| 117 | description: > |
| 118 | Filesystem type ext3 |
| 119 | - name: ext4 |
| 120 | description: > |
| 121 | Filesystem type ext4 |
| 122 | - name: vfat |
| 123 | description: > |
| 124 | Filesystem type vfat |