Fix recovery method for internal encryption

- add recovery method to expose to client
- fix logic of recovery
- add recovery command to ode-admin-cli

Change-Id: I6eb162a83bb2796fd597f3b118a788b304939a41
Signed-off-by: seolheui kim <s414.kim@samsung.com>

diff --git a/server/internal-encryption.cpp b/server/internal-encryption.cpp
index 35b7729..6ac8e0f 100644 (file)
--- a/server/internal-encryption.cpp
+++ b/server/internal-encryption.cpp
@@ -20,6 +20,7 @@
 #include <condition_variable>
 #include <list>
 
+#include <fstream>
 #include <fcntl.h>
 #include <signal.h>
 #include <unistd.h>
@@ -51,19 +52,6 @@ namespace {
 
 const char *PRIVILEGE_PLATFORM = "http://tizen.org/privilege/internal/default/platform";
 
-// TODO: see recovery()
-const std::string PROG_FACTORY_RESET = "/usr/bin/dbus-send";
-const std::vector<std::string> wipeCommand = {
-    PROG_FACTORY_RESET,
-    "--system",
-    "--type=signal",
-    "--print-reply",
-    "--dest=com.samsung.factoryreset",
-    "/com/samsung/factoryreset",
-    "com.samsung.factoryreset.start.setting"
-};
-
-
 // watches systemd jobs
 class JobWatch {
 public:
@@ -313,6 +301,7 @@ InternalEncryptionServer::InternalEncryptionServer(ServerContext& srv,
        server.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::encrypt)(std::string, unsigned int));
        server.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::decrypt)(std::string));
        server.expose(this, "", (int)(InternalEncryptionServer::isPasswordInitialized)());
+       server.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::recovery)());
        server.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::initPassword)(std::string));
        server.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::cleanPassword)(std::string));
        server.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::changePassword)(std::string, std::string));
@@ -515,17 +504,41 @@ int InternalEncryptionServer::decrypt(const std::string& password)
 
 int InternalEncryptionServer::recovery()
 {
-       if (getState() == State::Unencrypted) {
+       int state = getState();
+
+       if (state == State::Unencrypted)
                return error::NoSuchDevice;
-       }
 
-       //TODO
-       runtime::Process proc(PROG_FACTORY_RESET, wipeCommand);
-       if (proc.execute() == -1) {
-               ERROR(SINK, "Failed to launch factory-reset");
-               return error::WrongPassword;
+       if (state == State::Corrupted) {
+               const char *mkfsPath = "/sbin/mkfs.ext4";
+               std::vector<std::string> formatArg = {
+                       mkfsPath, "-F", engine->getSource()};
+               runtime::Process proc(mkfsPath, formatArg);
+
+               int ret = proc.execute();
+               if (ret < 0)
+                       throw runtime::Exception("Failed to execute mkfs.ext4");
+
+               ret = proc.waitForFinished();
+               if (ret < 0 || !WIFEXITED(ret) || WEXITSTATUS(ret) != 0)
+                       throw runtime::Exception("Failed to wait for finish of format");
        }
 
+       std::fstream fs;
+       fs.open("/opt/.factoryreset", std::ios::out);
+       fs.close();
+
+       ::sync();
+       try {
+               dbus::Connection& systemDBus = dbus::Connection::getSystem();
+               systemDBus.methodcall("org.tizen.deviced",
+                                                               "/Org/Tizen/DeviceD/Power",
+                                                               "org.tizen.deviced.power",
+                                                               "reboot",
+                                                               -1, "()", "(si)");
+       } catch (runtime::Exception &e) {
+               ::reboot(RB_AUTOBOOT);
+       }
        return error::None;
 }
 

diff --git a/tools/cli/ode-admin-cli.cpp b/tools/cli/ode-admin-cli.cpp
index dc4e110..3838ccb 100644 (file)
--- a/tools/cli/ode-admin-cli.cpp
+++ b/tools/cli/ode-admin-cli.cpp
@@ -65,6 +65,7 @@ static inline int usage(const std::string name)
                          << "  -s, --state=internal|external      get state" << std::endl
                          << "  -w, --waitmnt=internal|external    wait for mount"<< std::endl
                          << "  -c, --clean=DIRECTORY              secure-clean" << std::endl
+                         << "  -r, --recovery                     recovery" << std::endl
                          << "  -h, --help                         show this" << std::endl
                          << std::endl;
 
@@ -605,6 +606,17 @@ static inline int clean(const std::string name)
        return ret;
 }
 
+static inline int recovery()
+{
+       int ret = 0;
+
+       ret = ode_internal_encryption_recovery();
+       if (ret != 0)
+               std::cerr << "Error : " << ret << std::endl;
+
+       return ret;
+}
+
 int main(int argc, char* argv[])
 {
        int opt = 0, luks_opt = 0, index, ret = 0;
@@ -621,6 +633,7 @@ int main(int argc, char* argv[])
                {"state", required_argument, 0, 's'},
                {"waitmnt", required_argument, 0, 'w'},
                {"clean", required_argument, 0, 'c'},
+               {"recovery", no_argument, 0, 'r'},
                {0, 0, 0, 0}
        };
 
@@ -639,7 +652,7 @@ int main(int argc, char* argv[])
        std::string mapping, device, op;
        bool sync = true;
 
-       while ((opt = getopt_long(argc, argv, "m:u:e:d:l:L:p:k:s:w:c:h", options, &index)) != -1) {
+       while ((opt = getopt_long(argc, argv, "m:u:e:d:l:L:p:k:s:w:c:rh", options, &index)) != -1) {
                switch (opt) {
                case 'm':
                        ret = mount(optarg);
@@ -699,6 +712,9 @@ int main(int argc, char* argv[])
                case 'c':
                        ret = clean(optarg);
                        break;
+               case 'r':
+                       ret = recovery();
+                       break;
                case 'D':
                        device = optarg;
                        break;