xref: /openbmc/estoraged/src/erase/cryptoErase.cpp (revision 439f0fd8)
1 #include "cryptErase.hpp"
2 #include "cryptsetupInterface.hpp"
3 #include "erase.hpp"
4 
5 #include <libcryptsetup.h>
6 
7 #include <phosphor-logging/lg2.hpp>
8 #include <xyz/openbmc_project/Common/error.hpp>
9 
10 #include <memory>
11 #include <string>
12 #include <string_view>
13 
14 namespace estoraged
15 {
16 using sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure;
17 using sdbusplus::xyz::openbmc_project::Common::Error::ResourceNotFound;
18 
19 CryptErase::CryptErase(
20     std::string_view devPathIn,
21     std::unique_ptr<estoraged::CryptsetupInterface> inCryptIface) :
22     Erase(devPathIn),
23     cryptIface(std::move(inCryptIface))
24 {}
25 
26 void CryptErase::doErase()
27 {
28     /* get cryptHandle */
29     CryptHandle cryptHandle{devPath};
30     /* cryptLoad */
31     if (cryptIface->cryptLoad(cryptHandle.get(), CRYPT_LUKS2, nullptr) != 0)
32     {
33         lg2::error("Failed to load the key slots for destruction",
34                    "REDFISH_MESSAGE_ID",
35                    std::string("OpenBMC.0.1.EraseFailure"));
36         throw ResourceNotFound();
37     }
38 
39     /* find key slots */
40     int nKeySlots = cryptIface->cryptKeySlotMax(CRYPT_LUKS2);
41     if (nKeySlots < 0)
42     {
43         lg2::error("Failed to find the max keyslots", "REDFISH_MESSAGE_ID",
44                    std::string("OpenBMC.0.1.EraseFailure"));
45         throw ResourceNotFound();
46     }
47 
48     if (nKeySlots == 0)
49     {
50         lg2::error("Max keyslots should never be zero", "REDFISH_MESSAGE_ID",
51                    std::string("OpenBMC.0.1.EraseFailure"));
52         throw ResourceNotFound();
53     }
54 
55     /* destory working keyslots */
56     bool keySlotIssue = false;
57     for (int i = 0; i < nKeySlots; i++)
58     {
59         crypt_keyslot_info ki =
60             cryptIface->cryptKeySlotStatus(cryptHandle.get(), i);
61 
62         if (ki == CRYPT_SLOT_ACTIVE || ki == CRYPT_SLOT_ACTIVE_LAST)
63         {
64             if (cryptIface->cryptKeyslotDestroy(cryptHandle.get(), i) != 0)
65             {
66                 lg2::error(
67                     "Estoraged erase failed to destroy keyslot, continuing",
68                     "REDFISH_MESSAGE_ID",
69                     std::string("eStorageD.1.0.EraseFailure"));
70                 keySlotIssue = true;
71             }
72         }
73     }
74     if (keySlotIssue)
75     {
76         throw InternalFailure();
77     }
78 }
79 
80 } // namespace estoraged
81