xref: /openbmc/estoraged/src/erase/cryptoErase.cpp (revision 15b63e12bdc3f3116fb841349dd4f1cd17a8398b) 
1  #include "cryptErase.hpp"
2  #include "cryptsetupInterface.hpp"
3  #include "erase.hpp"
4  
5  #include <libcryptsetup.h>
6  
7  #include <phosphor-logging/lg2.hpp>
8  #include <xyz/openbmc_project/Common/error.hpp>
9  
10  #include <memory>
11  #include <string>
12  #include <string_view>
13  
14  namespace estoraged
15  {
16  using sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure;
17  using sdbusplus::xyz::openbmc_project::Common::Error::ResourceNotFound;
18  
CryptErase(std::string_view devPathIn,std::unique_ptr<estoraged::CryptsetupInterface> inCryptIface)19  CryptErase::CryptErase(
20      std::string_view devPathIn,
21      std::unique_ptr<estoraged::CryptsetupInterface> inCryptIface) :
22      Erase(devPathIn), cryptIface(std::move(inCryptIface))
23  {}
24  
doErase()25  void CryptErase::doErase()
26  {
27      /* get cryptHandle */
28      CryptHandle cryptHandle{devPath};
29      /* cryptLoad */
30      if (cryptIface->cryptLoad(cryptHandle.get(), CRYPT_LUKS2, nullptr) != 0)
31      {
32          lg2::error("Failed to load the key slots for destruction",
33                     "REDFISH_MESSAGE_ID",
34                     std::string("OpenBMC.0.1.EraseFailure"));
35          throw ResourceNotFound();
36      }
37  
38      /* find key slots */
39      int nKeySlots = cryptIface->cryptKeySlotMax(CRYPT_LUKS2);
40      if (nKeySlots < 0)
41      {
42          lg2::error("Failed to find the max keyslots", "REDFISH_MESSAGE_ID",
43                     std::string("OpenBMC.0.1.EraseFailure"));
44          throw ResourceNotFound();
45      }
46  
47      if (nKeySlots == 0)
48      {
49          lg2::error("Max keyslots should never be zero", "REDFISH_MESSAGE_ID",
50                     std::string("OpenBMC.0.1.EraseFailure"));
51          throw ResourceNotFound();
52      }
53  
54      /* destroy working keyslots */
55      bool keySlotIssue = false;
56      for (int i = 0; i < nKeySlots; i++)
57      {
58          crypt_keyslot_info ki =
59              cryptIface->cryptKeySlotStatus(cryptHandle.get(), i);
60  
61          if (ki == CRYPT_SLOT_ACTIVE || ki == CRYPT_SLOT_ACTIVE_LAST)
62          {
63              if (cryptIface->cryptKeyslotDestroy(cryptHandle.get(), i) != 0)
64              {
65                  lg2::error(
66                      "Estoraged erase failed to destroy keyslot, continuing",
67                      "REDFISH_MESSAGE_ID",
68                      std::string("eStorageD.1.0.EraseFailure"));
69                  keySlotIssue = true;
70              }
71          }
72      }
73      if (keySlotIssue)
74      {
75          throw InternalFailure();
76      }
77  }
78  
79  } // namespace estoraged
80