159dffa63SJohn Edward Broadbent #include "cryptErase.hpp" 259dffa63SJohn Edward Broadbent #include "cryptsetupInterface.hpp" 359dffa63SJohn Edward Broadbent #include "erase.hpp" 459dffa63SJohn Edward Broadbent 559dffa63SJohn Edward Broadbent #include <libcryptsetup.h> 659dffa63SJohn Edward Broadbent 759dffa63SJohn Edward Broadbent #include <phosphor-logging/lg2.hpp> 859dffa63SJohn Edward Broadbent #include <xyz/openbmc_project/Common/error.hpp> 959dffa63SJohn Edward Broadbent 1059dffa63SJohn Edward Broadbent #include <memory> 1159dffa63SJohn Edward Broadbent #include <string> 1259dffa63SJohn Edward Broadbent #include <string_view> 1359dffa63SJohn Edward Broadbent 1459dffa63SJohn Edward Broadbent namespace estoraged 1559dffa63SJohn Edward Broadbent { 1659dffa63SJohn Edward Broadbent using sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure; 1759dffa63SJohn Edward Broadbent using sdbusplus::xyz::openbmc_project::Common::Error::ResourceNotFound; 1859dffa63SJohn Edward Broadbent 1959dffa63SJohn Edward Broadbent CryptErase::CryptErase( 2059dffa63SJohn Edward Broadbent std::string_view devPathIn, 2159dffa63SJohn Edward Broadbent std::unique_ptr<estoraged::CryptsetupInterface> inCryptIface) : 2259dffa63SJohn Edward Broadbent Erase(devPathIn), 2359dffa63SJohn Edward Broadbent cryptIface(std::move(inCryptIface)) 2459dffa63SJohn Edward Broadbent {} 2559dffa63SJohn Edward Broadbent 2659dffa63SJohn Edward Broadbent void CryptErase::doErase() 2759dffa63SJohn Edward Broadbent { 2859dffa63SJohn Edward Broadbent /* get cryptHandle */ 29b2c86be3SJohn Edward Broadbent CryptHandle cryptHandle{devPath}; 3059dffa63SJohn Edward Broadbent /* cryptLoad */ 3182897c35SEd Tanous if (cryptIface->cryptLoad(cryptHandle.get(), CRYPT_LUKS2, nullptr) != 0) 3259dffa63SJohn Edward Broadbent { 3359dffa63SJohn Edward Broadbent lg2::error("Failed to load the key slots for destruction", 3459dffa63SJohn Edward Broadbent "REDFISH_MESSAGE_ID", 3559dffa63SJohn Edward Broadbent std::string("OpenBMC.0.1.EraseFailure")); 3659dffa63SJohn Edward Broadbent throw ResourceNotFound(); 3759dffa63SJohn Edward Broadbent } 3859dffa63SJohn Edward Broadbent 3959dffa63SJohn Edward Broadbent /* find key slots */ 4082897c35SEd Tanous int nKeySlots = cryptIface->cryptKeySlotMax(CRYPT_LUKS2); 4159dffa63SJohn Edward Broadbent if (nKeySlots < 0) 4259dffa63SJohn Edward Broadbent { 4359dffa63SJohn Edward Broadbent lg2::error("Failed to find the max keyslots", "REDFISH_MESSAGE_ID", 4459dffa63SJohn Edward Broadbent std::string("OpenBMC.0.1.EraseFailure")); 4559dffa63SJohn Edward Broadbent throw ResourceNotFound(); 4659dffa63SJohn Edward Broadbent } 4759dffa63SJohn Edward Broadbent 4859dffa63SJohn Edward Broadbent if (nKeySlots == 0) 4959dffa63SJohn Edward Broadbent { 5059dffa63SJohn Edward Broadbent lg2::error("Max keyslots should never be zero", "REDFISH_MESSAGE_ID", 5159dffa63SJohn Edward Broadbent std::string("OpenBMC.0.1.EraseFailure")); 5259dffa63SJohn Edward Broadbent throw ResourceNotFound(); 5359dffa63SJohn Edward Broadbent } 5459dffa63SJohn Edward Broadbent 55*d4554f2aSManojkiran Eda /* destroy working keyslots */ 5659dffa63SJohn Edward Broadbent bool keySlotIssue = false; 5759dffa63SJohn Edward Broadbent for (int i = 0; i < nKeySlots; i++) 5859dffa63SJohn Edward Broadbent { 5959dffa63SJohn Edward Broadbent crypt_keyslot_info ki = 6082897c35SEd Tanous cryptIface->cryptKeySlotStatus(cryptHandle.get(), i); 6159dffa63SJohn Edward Broadbent 6259dffa63SJohn Edward Broadbent if (ki == CRYPT_SLOT_ACTIVE || ki == CRYPT_SLOT_ACTIVE_LAST) 6359dffa63SJohn Edward Broadbent { 6482897c35SEd Tanous if (cryptIface->cryptKeyslotDestroy(cryptHandle.get(), i) != 0) 6559dffa63SJohn Edward Broadbent { 6659dffa63SJohn Edward Broadbent lg2::error( 6759dffa63SJohn Edward Broadbent "Estoraged erase failed to destroy keyslot, continuing", 6859dffa63SJohn Edward Broadbent "REDFISH_MESSAGE_ID", 6959dffa63SJohn Edward Broadbent std::string("eStorageD.1.0.EraseFailure")); 7059dffa63SJohn Edward Broadbent keySlotIssue = true; 7159dffa63SJohn Edward Broadbent } 7259dffa63SJohn Edward Broadbent } 7359dffa63SJohn Edward Broadbent } 7459dffa63SJohn Edward Broadbent if (keySlotIssue) 7559dffa63SJohn Edward Broadbent { 7659dffa63SJohn Edward Broadbent throw InternalFailure(); 7759dffa63SJohn Edward Broadbent } 7859dffa63SJohn Edward Broadbent } 7959dffa63SJohn Edward Broadbent 8059dffa63SJohn Edward Broadbent } // namespace estoraged 81