description: > D-bus interface to manage a logical storage volume. Currently, this interface only supports LUKS encrypted volumes, but it can be extended in the future to support other types of volumes, as well. methods: - name: FormatLuks description: > Format a LUKS encrypted device and create a filesystem. parameters: - name: Password type: array[byte] description: > Array of bytes to use as the LUKS password. - name: Type type: enum[self.FilesystemType] description: > Type of filesystem, e.g. ext2, ext3, ext4, vfat. errors: - xyz.openbmc_project.Common.Error.InternalFailure - xyz.openbmc_project.Common.Error.ResourceNotFound - xyz.openbmc_project.Common.Error.UnsupportedRequest - name: Erase description: > Erase the contents of the volume. parameters: - name: EraseType type: enum[self.EraseMethod] description: > Describes what type of erase is done. errors: - xyz.openbmc_project.Common.Error.InternalFailure - xyz.openbmc_project.Common.Error.ResourceNotFound - name: Lock description: > Unmount the filesystem, lock the volume, and remove sensitive data (e.g. volume key) from memory. errors: - xyz.openbmc_project.Common.Error.InternalFailure - xyz.openbmc_project.Common.Error.UnsupportedRequest - name: Unlock description: > Activate the volume and mount the filesystem. parameters: - name: Password type: array[byte] description: > Array of bytes to use as the LUKS password. errors: - xyz.openbmc_project.Common.Error.InternalFailure - xyz.openbmc_project.Common.Error.ResourceNotFound - name: ChangePassword description: > Change the LUKS password that unlocks the storage volume. parameters: - name: OldPassword type: array[byte] description: > Array of bytes for the old LUKS password. - name: NewPassword type: array[byte] description: > Array of bytes to use as the LUKS password. errors: - xyz.openbmc_project.Common.Error.InternalFailure - xyz.openbmc_project.Common.Error.ResourceNotFound properties: - name: Locked type: boolean default: false description: > Indicates whether the LUKS volume is locked. enumerations: - name: EraseMethod description: > Indicates which erase method/step is being requested. values: - name: CryptoErase description: > Destroys the encryption key slots, preventing decyrption. - name: VerifyGeometry description: > Confirms a set percent of the disk is accessible. - name: LogicalOverWrite description: > Overwrites the disk with a reproducible incompressible pattern. - name: LogicalVerify description: > Verifies a reproducible pattern has been written to the disk. - name: VendorSanitize description: > Uses the sanitization provided by the device firmware. - name: ZeroOverWrite description: > Writes zeros over the whole disk. - name: ZeroVerify description: > Verifies the the entire disk has been zeroed. - name: SecuredLocked description: > Locks the disk to prevent data being written to it. - name: FilesystemType description: > Type of filesystem used on the storage device. values: - name: ext2 description: > Filesystem type ext2 - name: ext3 description: > Filesystem type ext3 - name: ext4 description: > Filesystem type ext4 - name: vfat description: > Filesystem type vfat