| estoraged.hpp (2098dabe5c79ce61722a047bb67d0de0db8b590a) | estoraged.hpp (b810c926021976665707f90d460aec0300f5ccf1) |
|---|---|
| 1#pragma once 2 | 1#pragma once 2 |
| 3#include "cryptsetupInterface.hpp" 4#include "filesystemInterface.hpp" 5 6#include <libcryptsetup.h> 7 |
|
| 3#include <sdbusplus/bus.hpp> 4#include <sdbusplus/exception.hpp> 5#include <sdbusplus/server/object.hpp> 6#include <xyz/openbmc_project/eStoraged/server.hpp> 7 | 8#include <sdbusplus/bus.hpp> 9#include <sdbusplus/exception.hpp> 10#include <sdbusplus/server/object.hpp> 11#include <xyz/openbmc_project/eStoraged/server.hpp> 12 |
| 13#include <filesystem> 14#include <memory> |
|
| 8#include <string> | 15#include <string> |
| 16#include <string_view> |
|
| 9#include <vector> 10 11namespace estoraged 12{ 13using eStoragedInherit = sdbusplus::server::object_t< 14 sdbusplus::xyz::openbmc_project::server::eStoraged>; | 17#include <vector> 18 19namespace estoraged 20{ 21using eStoragedInherit = sdbusplus::server::object_t< 22 sdbusplus::xyz::openbmc_project::server::eStoraged>; |
| 23using estoraged::Cryptsetup; 24using estoraged::Filesystem; |
|
| 15 16/** @class eStoraged 17 * @brief eStoraged object to manage a LUKS encrypted storage device. 18 */ 19class eStoraged : eStoragedInherit 20{ 21 public: | 25 26/** @class eStoraged 27 * @brief eStoraged object to manage a LUKS encrypted storage device. 28 */ 29class eStoraged : eStoragedInherit 30{ 31 public: |
| 32 /** @brief Constructor for eStoraged 33 * 34 * @param[in] bus - sdbusplus dbus object 35 * @param[in] path - DBus object path 36 * @param[in] devPath - path to device file, e.g. /dev/mmcblk0 37 * @param[in] luksName - name for the LUKS container 38 * @param[in] cryptInterface - (optional) pointer to CryptsetupInterface 39 * object 40 * @param[in] fsInterface - (optional) pointer to FilesystemInterface 41 * object 42 */ |
|
| 22 eStoraged(sdbusplus::bus::bus& bus, const char* path, | 43 eStoraged(sdbusplus::bus::bus& bus, const char* path, |
| 23 const std::string& devPath, const std::string& containerName) : | 44 const std::string& devPath, const std::string& luksName, 45 std::unique_ptr<CryptsetupInterface> cryptInterface = 46 std::make_unique<Cryptsetup>(), 47 std::unique_ptr<FilesystemInterface> fsInterface = 48 std::make_unique<Filesystem>()) : |
| 24 eStoragedInherit(bus, path), | 49 eStoragedInherit(bus, path), |
| 25 devPath(devPath), containerName(containerName) | 50 devPath(devPath), containerName(luksName), 51 mountPoint("/mnt/" + luksName + "_fs"), 52 cryptIface(std::move(cryptInterface)), fsIface(std::move(fsInterface)) |
| 26 {} 27 28 /** @brief Format the LUKS encrypted device and create empty filesystem. 29 * 30 * @param[in] password - password to set for the LUKS device. 31 */ 32 void format(std::vector<uint8_t> password) override; 33 --- 19 unchanged lines hidden (view full) --- 53 /** @brief Change the password for the LUKS device. 54 * 55 * @param[in] oldPassword - old password for the LUKS device. 56 * @param[in] newPassword - new password for the LUKS device. 57 */ 58 void changePassword(std::vector<uint8_t> oldPassword, 59 std::vector<uint8_t> newPassword) override; 60 | 53 {} 54 55 /** @brief Format the LUKS encrypted device and create empty filesystem. 56 * 57 * @param[in] password - password to set for the LUKS device. 58 */ 59 void format(std::vector<uint8_t> password) override; 60 --- 19 unchanged lines hidden (view full) --- 80 /** @brief Change the password for the LUKS device. 81 * 82 * @param[in] oldPassword - old password for the LUKS device. 83 * @param[in] newPassword - new password for the LUKS device. 84 */ 85 void changePassword(std::vector<uint8_t> oldPassword, 86 std::vector<uint8_t> newPassword) override; 87 |
| 88 /** @brief Check if the LUKS device is currently locked. */ 89 bool isLocked() const; 90 91 /** @brief Get the mount point for the filesystem on the LUKS device. */ 92 std::string_view getMountPoint() const; 93 |
|
| 61 private: | 94 private: |
| 62 /* Full path of the device file, e.g. /dev/mmcblk0 */ | 95 /** @brief Full path of the device file, e.g. /dev/mmcblk0. */ |
| 63 std::string devPath; 64 | 96 std::string devPath; 97 |
| 65 /* Name of the LUKS container. */ | 98 /** @brief Name of the LUKS container. */ |
| 66 std::string containerName; | 99 std::string containerName; |
| 100 101 /** @brief Mount point for the filesystem. */ 102 std::string mountPoint; 103 104 /** @brief Pointer to cryptsetup interface object. 105 * @details This is used to mock out the cryptsetup functions. 106 */ 107 std::unique_ptr<CryptsetupInterface> cryptIface; 108 109 /** @brief Pointer to filesystem interface object. 110 * @details This is used to mock out filesystem operations. 111 */ 112 std::unique_ptr<FilesystemInterface> fsIface; 113 114 /** @brief Format LUKS encrypted device. 115 * 116 * @param[in] cd - initialized crypt_device struct for the device. 117 * @param[in] password - password to set for the LUKS device. 118 */ 119 void formatLuksDev(struct crypt_device* cd, std::vector<uint8_t> password); 120 121 /** @brief Unlock the device. 122 * 123 * @param[in] cd - initialized crypt_device struct for the device. 124 * @param[in] password - password to activate the LUKS device. 125 */ 126 void activateLuksDev(struct crypt_device* cd, 127 std::vector<uint8_t> password); 128 129 /** @brief Create the filesystem on the LUKS device. 130 * @details The LUKS device should already be activated, i.e. unlocked. 131 */ 132 void createFilesystem(); 133 134 /** @brief Deactivate the LUKS device. 135 * @details The filesystem is assumed to be unmounted already. 136 */ 137 void deactivateLuksDev(); 138 139 /** @brief Mount the filesystem. 140 * @details The filesystem should already exist and the LUKS device should 141 * be unlocked already. 142 */ 143 void mountFilesystem(); 144 145 /** @brief Unmount the filesystem. */ 146 void unmountFilesystem(); |
|
| 67}; 68 69} // namespace estoraged | 147}; 148 149} // namespace estoraged |