Security enhancement for UBIFS with secure erase feature

Stelling Carsten Carsten.Stelling at
Mon Sep 5 12:01:01 EDT 2011

Hi everybody,

When building security relevant (embedded) applications, personal privacy
is of major importance.

Therefore it would be nice to have a configuration option to invalidate the
content of a deleted file in UBIFS. This feature shall allow an application to
ensure that, when a file is deleted, its contents are fully erased from the flash.
I.e. that each time a block is marked for erase, this block is written all zeros.
Writing zeros without erasing an entire page should be possible by design.

Giving such an option on a file by file basis (ioctl) would be optimal, because
wiping out the content of a deleted file is time and resource consuming and
not acceptable for all kinds of applications using UBIFS.

Are there any plans for such a security enhancement in UBIFS?



More information about the linux-mtd mailing list