Security enhancement for UBIFS with secure erase feature

Atlant Schmidt aschmidt at dekaresearch.com
Thu Sep 8 07:18:31 EDT 2011 

Carsten:

  Unfortunately, the data sheets for many Flash parts
  specifically prohibit re-writing a page, even if
  you're driving the bits towards more zeroes. I
  think you'll find this is especially true for MLC
  devices.

                                 Atlant

-----Original Message-----
From: linux-mtd-bounces at lists.infradead.org [mailto:linux-mtd-bounces at lists.infradead.org] On Behalf Of Stelling Carsten
Sent: Monday, September 05, 2011 12:01
To: linux-mtd at lists.infradead.org
Subject: Security enhancement for UBIFS with secure erase feature

Hi everybody,

When building security relevant (embedded) applications, personal privacy
is of major importance.

Therefore it would be nice to have a configuration option to invalidate the
content of a deleted file in UBIFS. This feature shall allow an application to
ensure that, when a file is deleted, its contents are fully erased from the flash.
I.e. that each time a block is marked for erase, this block is written all zeros.
Writing zeros without erasing an entire page should be possible by design.

Giving such an option on a file by file basis (ioctl) would be optimal, because
wiping out the content of a deleted file is time and resource consuming and
not acceptable for all kinds of applications using UBIFS.

Are there any plans for such a security enhancement in UBIFS?

Regards

Carsten




______________________________________________________
Linux MTD discussion mailing list
http://lists.infradead.org/mailman/listinfo/linux-mtd/


 Click https://www.mailcontrol.com/sr/FcTd+AJENrvTndxI!oX7UsdpzMR7Bo2KZ8LARfqDk+yP+UC7hxpimCzUyXYqwgiFbrCRFdjEt0Ad5rLFZ!o!pA==  to report this email as spam.

This e-mail and the information, including any attachments, it contains are intended to be a confidential communication only to the person or entity to whom it is addressed and may contain information that is privileged. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please immediately notify the sender and destroy the original message.

Thank you.

Please consider the environment before printing this email.

More information about the linux-mtd mailing list