GSoC 2011 project proposal [Implement file system flags to scrub data blocks before deletion]

To: tech-security%NetBSD.org@localhost
Subject: GSoC 2011 project proposal [Implement file system flags to scrub data blocks before deletion]
From: Ihar Hrachyshka <ihar.hrachyshka%gmail.com@localhost>
Date: Wed, 06 Apr 2011 02:18:21 +0300

Hello everybody!

I am a 1st year Master program student of GIS Centre, Lund University,
Sweden. I'm a Bachelor of Computer Science of Minsk State Higher
Radio-engineering College, Belarus.

Here is my proposal for "Implement file system flags to scrub data
blocks before deletion" GSoC project. Any comments are welcome.

I didn't contact any designated mentors but I hope they will react to
this project proposal here. In a day, I'll send it (with comments
applied) to Google because deadline is already near.

Sorry for sending this proposal that late: I swear there were some
objective reasons for this. :)


What is the goal of the project?
--------------------------------

The goal of the project is to add security feature to vfs layer which
will add ability to scrub blocks which are about to be freed on file
operations like unlink and truncate with 'random' data. This will add
appropriate option (-o scrub?) to mount utility.

Random data will be generated with available hardware generators (f.e.
Intel RNG) or, as a fallback, pseudo-random values' generation
algorithms should be used. We should also consider providing appropriate
sysctl interface to explicitly choose between available algorithms.

This feature will make delete/truncate operations really unrecoverable
which can be considered as additional security merit.


What will be the deliverables of the project?
---------------------------------------------

The final deliverables are expected to be:
   1. A set of patches for NetBSD kernel unlink/truncate vfs syscalls;
   2. Patch for mount utility/kernel subsystem to add new vfs option;
   3. New sysctl option;
   4. Kernel test suite for the feature (possibly rump?);
   5. Documentation updates (man 8 mount; man 3 sysctl).


Milestones and schedule
-----------------------

1. Community bonding period
   * Get familiar with vfs/vnode, sysctl interface, kernel accessible
random generators, *rump* kernel testing framework;
   * Evaluate appropriate pseudo-random generation algorithms;
   * Discuss the ways of implementation with mentor;
   * Start implementation (I'm not going to wait until official coding
start).

2. ~May 10 - June 15:
   * Add support for at least one of pseudo-random generator algorithm;
   * Add new mount option;
   * Tests, review, bug-fixing, documentation.

3. June 16 - July 10:
   * Add left pseudo-random/hardware (pseudo-)random sources;
   * Add sysctl interface to choose random data source;
   * Tests, review, bug-fixing, documentation.

4. July 17 - July 31: will not work on the project

5. Aug 1 - August 22: final stage
   * Tests
   * Review
   * Bug fixing
   * Documentation
   * Delivery


Some implementation notes
-------------------------

My project will mainly affect syscall vfs implementation
(src/sys/kern/vfs_syscalls.c). I will also add new mount flag (for
kernel vnode.v_mount struct and for mount utility).

There will be several algorithms/sources of random data to choose from.
For this, new sysctl will be added.

We should investigate which pseudo-random generator algorithms are good
at speed and use them. This is because we will need lots of 'random'
data to write to disk.

Feature testing will require advanced testing framework. Hopefully, it
seems NetBSD project uses one called 'rump' which will allow me to
automate preparation of testing environment.


About me
--------
I haven't used NetBSD system before though I use OpenBSD for some of my
activities. I'm an old Gentoo Linux user (from ~2005) and I have good
understanding of how a modern source-based Unix system works.

I have been working as a embedded Linux kernel / Unix userspace
developer for about 3 years. Currently I use C and Python as my primary
languages. I'm working closely with ISC products like named, dhcpd. I'm
a part of dev team of ~50 people. We use serious patch review process;
perforce/git as VCS.

Examples of tasks completed by me: port OpenEmbedded Linux to two new
hardware platforms; implement video driver for custom LCD hardware using
advanced blitting functions; implement Linux sysfs equalizer support for
one of ALSA SoC drivers; implement dhcpv6 client test simulator;
Microsoft DNS-RPC protocol parser... to name a few.

As for my open-source activity, there are some patches for Linux kernel,
OpenEmbedded distribution (Qt4/Embedded porting mainly), other patches
and packages (gentoo ebuilds; patches: for ncmpc, epdfview,
wpa_supplicant, translate-toolkit; glibc locales...). Not to mention my
Gnome activity as a Belarusian translation coordinator...

Anyway, my open-source activity was not 'completing new projects' rather
'fixing existing ones' - here and there.

Link for kernel/OpenEmbedded: http://www.ohloh.net/accounts/booxter
Other stuff can be found with Google, too much to mention here.

With best regards,
Dmitry

Follow-Ups:
- Re: GSoC 2011 project proposal [Implement file system flags to scrub data blocks before deletion]
  - From: Christos Zoulas

Prev by Date: NetBSD Security Advisory 2011-003: Exhausting kernel memory from user controlled value
Next by Date: Re: GSoC 2011 project proposal [Implement file system flags to scrub data blocks before deletion]
Previous by Thread: NetBSD Security Advisory 2011-003: Exhausting kernel memory from user controlled value
Next by Thread: Re: GSoC 2011 project proposal [Implement file system flags to scrub data blocks before deletion]
Indexes:

Home | Main Index | Thread Index | Old Index