xref: /openbmc/estoraged/src/erase/cryptoErase.cpp (revision 67a47446) 
1 #include "cryptErase.hpp"
2 #include "cryptsetupInterface.hpp"
3 #include "erase.hpp"
4 
5 #include <libcryptsetup.h>
6 
7 #include <phosphor-logging/lg2.hpp>
8 #include <xyz/openbmc_project/Common/error.hpp>
9 
10 #include <memory>
11 #include <string>
12 #include <string_view>
13 
14 namespace estoraged
15 {
16 using sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure;
17 using sdbusplus::xyz::openbmc_project::Common::Error::ResourceNotFound;
18 
19 CryptErase::CryptErase(
20     std::string_view devPathIn,
21     std::unique_ptr<estoraged::CryptsetupInterface> inCryptIface) :
22     Erase(devPathIn),
23     cryptIface(std::move(inCryptIface))
24 {}
25 
26 void CryptErase::doErase()
27 {
28     /* get cryptHandle */
29     CryptHandle cryptHandle(std::string(devPath).c_str());
30     if (cryptHandle.get() == nullptr)
31     {
32         lg2::error("Failed to initialize crypt device", "REDFISH_MESSAGE_ID",
33                    std::string("OpenBMC.0.1.EraseFailure"));
34         throw ResourceNotFound();
35     }
36     /* cryptLoad */
37     if (cryptIface->cryptLoad(cryptHandle.get(), CRYPT_LUKS2, nullptr) != 0)
38     {
39         lg2::error("Failed to load the key slots for destruction",
40                    "REDFISH_MESSAGE_ID",
41                    std::string("OpenBMC.0.1.EraseFailure"));
42         throw ResourceNotFound();
43     }
44 
45     /* find key slots */
46     int nKeySlots = cryptIface->cryptKeySlotMax(CRYPT_LUKS2);
47     if (nKeySlots < 0)
48     {
49         lg2::error("Failed to find the max keyslots", "REDFISH_MESSAGE_ID",
50                    std::string("OpenBMC.0.1.EraseFailure"));
51         throw ResourceNotFound();
52     }
53 
54     if (nKeySlots == 0)
55     {
56         lg2::error("Max keyslots should never be zero", "REDFISH_MESSAGE_ID",
57                    std::string("OpenBMC.0.1.EraseFailure"));
58         throw ResourceNotFound();
59     }
60 
61     /* destory working keyslots */
62     bool keySlotIssue = false;
63     for (int i = 0; i < nKeySlots; i++)
64     {
65         crypt_keyslot_info ki =
66             cryptIface->cryptKeySlotStatus(cryptHandle.get(), i);
67 
68         if (ki == CRYPT_SLOT_ACTIVE || ki == CRYPT_SLOT_ACTIVE_LAST)
69         {
70             if (cryptIface->cryptKeyslotDestroy(cryptHandle.get(), i) != 0)
71             {
72                 lg2::error(
73                     "Estoraged erase failed to destroy keyslot, continuing",
74                     "REDFISH_MESSAGE_ID",
75                     std::string("eStorageD.1.0.EraseFailure"));
76                 keySlotIssue = true;
77             }
78         }
79     }
80     if (keySlotIssue)
81     {
82         throw InternalFailure();
83     }
84 }
85 
86 } // namespace estoraged
87