tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: GSOC 2012 project clarification

I'm not the originator of that project, but I've recently worked on
support for SSD trim/erase commands which is quite similar technically.
If this project materializes, I do offer my help. For now just two

On Sun, 1 Apr 2012 13:04:13 -0400
Sanket Padawe <> wrote:
> whenever that flag is set and a file/folder
> gets deleted i.e. at the point of unlink system call we just need to
> rewrite all the blocks of that file with some random data and then
> release those blocks.

The deletion is generally not at the time of "unlink". It happens when
the file isn't referenced by anything anymore. It needs to happen
after that point, but before the file system's allocation management
gets notified that the data blocks can be reused.
For performance, this needs to be dove asynchronously. It needs some
knowledge about kernel locking and signaling mechanisms to implement.

> So by
> generating some pseudo random numbers we can erase the previous secure
> data.

I'm not sure that pseudo-random numbers help security in the general
case, compared to just zeros. For a plain harddisk, either one is
good enough. For a SSD, both are useless. A difference would be
if the device was an encrypted disk because all-0 would be a perfect
"known plaintext". It should be configurable.

best regards

Forschungszentrum Juelich GmbH
52425 Juelich
Sitz der Gesellschaft: Juelich
Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498
Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen Huthmacher
Geschaeftsfuehrung: Prof. Dr. Achim Bachem (Vorsitzender),
Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt,
Prof. Dr. Sebastian M. Schmidt

Kennen Sie schon unsere app?

Home | Main Index | Thread Index | Old Index