xref: /openbmc/estoraged/src/erase/cryptoErase.cpp (revision 59dffa63) 
1 #include "cryptErase.hpp"
2 #include "cryptsetupInterface.hpp"
3 #include "erase.hpp"
4 
5 #include <libcryptsetup.h>
6 
7 #include <phosphor-logging/lg2.hpp>
8 #include <xyz/openbmc_project/Common/error.hpp>
9 
10 #include <memory>
11 #include <string>
12 #include <string_view>
13 
14 namespace estoraged
15 {
16 using sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure;
17 using sdbusplus::xyz::openbmc_project::Common::Error::ResourceNotFound;
18 
19 CryptErase::CryptErase(
20     std::string_view devPathIn,
21     std::unique_ptr<estoraged::CryptsetupInterface> inCryptIface) :
22     Erase(devPathIn),
23     cryptIface(std::move(inCryptIface))
24 {}
25 
26 void CryptErase::doErase()
27 {
28     /* get cryptHandle */
29     CryptHandle cryptHandle(std::string(devPath).c_str());
30     if (cryptHandle.get() == nullptr)
31     {
32         lg2::error("Failed to initialize crypt device", "REDFISH_MESSAGE_ID",
33                    std::string("OpenBMC.0.1.EraseFailure"));
34         throw ResourceNotFound();
35     }
36     /* cryptLoad */
37     if (cryptIface.get()->cryptLoad(cryptHandle.get(), CRYPT_LUKS2, nullptr) !=
38         0)
39     {
40         lg2::error("Failed to load the key slots for destruction",
41                    "REDFISH_MESSAGE_ID",
42                    std::string("OpenBMC.0.1.EraseFailure"));
43         throw ResourceNotFound();
44     }
45 
46     /* find key slots */
47     int nKeySlots = cryptIface.get()->cryptKeySlotMax(CRYPT_LUKS2);
48     if (nKeySlots < 0)
49     {
50         lg2::error("Failed to find the max keyslots", "REDFISH_MESSAGE_ID",
51                    std::string("OpenBMC.0.1.EraseFailure"));
52         throw ResourceNotFound();
53     }
54 
55     if (nKeySlots == 0)
56     {
57         lg2::error("Max keyslots should never be zero", "REDFISH_MESSAGE_ID",
58                    std::string("OpenBMC.0.1.EraseFailure"));
59         throw ResourceNotFound();
60     }
61 
62     /* destory working keyslots */
63     bool keySlotIssue = false;
64     for (int i = 0; i < nKeySlots; i++)
65     {
66         crypt_keyslot_info ki =
67             cryptIface.get()->cryptKeySlotStatus(cryptHandle.get(), i);
68 
69         if (ki == CRYPT_SLOT_ACTIVE || ki == CRYPT_SLOT_ACTIVE_LAST)
70         {
71             if (cryptIface.get()->cryptKeyslotDestroy(cryptHandle.get(), i) !=
72                 0)
73             {
74                 lg2::error(
75                     "Estoraged erase failed to destroy keyslot, continuing",
76                     "REDFISH_MESSAGE_ID",
77                     std::string("eStorageD.1.0.EraseFailure"));
78                 keySlotIssue = true;
79             }
80         }
81     }
82     if (keySlotIssue)
83     {
84         throw InternalFailure();
85     }
86 }
87 
88 } // namespace estoraged
89