Re: Zeroing data blocks

Re: Zeroing data blocks

[Avinash Ramanath]

Hi,

As per your suggestion, if I write a file with zero bits, it would
remap to other pages, and I might not zero the real pages. So is there
any other way that I can access the pages that a file is using?

On 7/9/06, Arjan van de Ven <arjan@infradead.org> wrote:
> On Sat, 2006-07-08 at 18:56 -0700, Avinash Ramanath wrote:
> > I am trying to zero data blocks whenever an unlink is invoked as part
> > of a secure delete filesystem.
> [
> Hi,
>
> just a question... how secure do you want to be?
> (just asking because zeros might not be the best pattern when protecting
> against government type use :)
I would be using zeroes multiple times followed by random bit patterns.


> > I tried to zero the file by writing a buffer (of file size) with
> > zeroes onto the file.
>
> that's not so nice since there is no guarantee that the filesystem or
> the disk won't remap the data blocks underneath you...
>
>
>

Re: Zeroing data blocks

[Arjan van de Ven]

On Sat, 2006-08-05 at 00:55 -0700, Avinash Ramanath wrote:
> Hi,
> 
> As per your suggestion, if I write a file with zero bits, it would
> remap to other pages, and I might not zero the real pages. So is there
> any other way that I can access the pages that a file is using?

there is an ioctl to find the blocks the file is in.. but still that's
only a snapshot, not a guarantee. What you really need/want is to do
this at the filesystem level, you can't reliably do it above that level.

-- 
if you want to mail me at work (you don't), use arjan (at) linux.intel.com

Re: Zeroing data blocks

[Avinash Ramanath]

Hi,

I want to do this at the filesystem-level not in user-space.
I have a stackable-filesystem that runs as a layer on top of the
existing filesystem (with all the function pointers mapped to the
corresponding base filesystem function pointers, and other suitable
adjustments).
So yes I have access to the filesystem.
But the question is how can I access those particular data-blocks?

On 8/5/06, Arjan van de Ven <arjan@infradead.org> wrote:
> On Sat, 2006-08-05 at 00:55 -0700, Avinash Ramanath wrote:
> > Hi,
> >
> > As per your suggestion, if I write a file with zero bits, it would
> > remap to other pages, and I might not zero the real pages. So is there
> > any other way that I can access the pages that a file is using?
>
> there is an ioctl to find the blocks the file is in.. but still that's
> only a snapshot, not a guarantee. What you really need/want is to do
> this at the filesystem level, you can't reliably do it above that level.
>
> --
> if you want to mail me at work (you don't), use arjan (at) linux.intel.com
>
>
>

Re: Zeroing data blocks

[Arjan van de Ven]

On Sat, 2006-08-05 at 10:13 -0700, Avinash Ramanath wrote:
> Hi,
> 
> I want to do this at the filesystem-level not in user-space.
> I have a stackable-filesystem that runs as a layer on top of the
> existing filesystem (with all the function pointers mapped to the
> corresponding base filesystem function pointers, and other suitable
> adjustments).
> So yes I have access to the filesystem.
> But the question is how can I access those particular data-blocks?

I think you misunderstood: You need to do this in the filesystem layer
that allocates and tracks the blocks. You really can't do it outside
that...

Re: Zeroing data blocks

[Ian Stirling]

Arjan van de Ven wrote:
> On Sat, 2006-08-05 at 10:13 -0700, Avinash Ramanath wrote:
> 
>>Hi,
>>
>>I want to do this at the filesystem-level not in user-space.
>>I have a stackable-filesystem that runs as a layer on top of the
>>existing filesystem (with all the function pointers mapped to the
>>corresponding base filesystem function pointers, and other suitable
>>adjustments).
>>So yes I have access to the filesystem.
>>But the question is how can I access those particular data-blocks?
> 
> 
> I think you misunderstood: You need to do this in the filesystem layer
> that allocates and tracks the blocks. You really can't do it outside
> that...

On modern (>200 meg or so) disk drives, you can't do it at all without 
drive-specific debug tools.

The problem is that the drive, if it detects a bad sector, may well
remap the track that the sector is on to a spare track. You then
simply cannot access the old track. The drive may or may not zero
it for you.
Any standard access will simply ignore the old copy of the track.
It may or may not be possible to retrieve/erase it with disk-drive
specific tools that the vendor won't give you anyway.

If you want to do this reliably - you need to encrypt the disk
(not with loopcrypt or dm-crypt in its current state) so you can
just throw it away.

Zeroing data blocks

[Avinash Ramanath]

I am trying to zero data blocks whenever an unlink is invoked as part
of a secure delete filesystem.
I tried to zero the file by writing a buffer (of file size) with
zeroes onto the file.
But the system hangs.
I see the printk "In page_left loop" being printed, but nothing after that.
Could someone let me know what might be happening with the code below?
Also could you recommend me what is the best operation for writing
zeroes onto a file?

Thanks,
Avinash.

I saw that the file size is 12, with page_number being 0 and page_left 12.

Code:
=====

int overwrite(dentry_t *dentry, int overwrite_num)
{
        int err = 0;
	int n, m;
	file_t *fip, *fop;
	char *readbuf, *writebuf;
	mm_segment_t oldfs;
	int size = 0;
	int page_number, page_left;
	int i, j;
	oldfs.seg = 0;

	printk("overwrite number is %d\n", overwrite_num);
	printk("Overwriting file name %s\n", dentry->d_name.name);
	fip = filp_open(dentry->d_name.name, O_RDONLY, 0);
	if(!S_ISREG(fip->f_dentry->d_inode->i_mode))
	{
		printk("%s is not a regular file\n", dentry->d_name.name);
		err = -EINVAL;
		goto error;
	}
	if(!fip || IS_ERR(fip))
	{
		err = -EPERM;
		printk("Cannot open input file\n");
		goto error;
	}
	if(!fip->f_op->read)
	{
		err = -EPERM;
		printk("Cannot read from input file\n");
		goto error;
	}		
	fop = filp_open(dentry->d_name.name, O_WRONLY, 0);
	if(!S_ISREG(fop->f_dentry->d_inode->i_mode))
	{
		printk("%s is not a regular file\n", dentry->d_name.name);
		err = -EINVAL;
		goto error;
	}
	if(!fop || IS_ERR(fop))
	{
		err = -EPERM;
		printk("Cannot open input file\n");
		goto error;
	}
	if(!fop->f_op->write)
	{
		err = -EPERM;
		printk("Cannot write to input file\n");
		goto error;
	}		
	fip->f_pos = 0;
	fop->f_pos = 0;
	oldfs = get_fs();
	set_fs(KERNEL_DS);
	readbuf = kmalloc(PAGE_CACHE_SIZE,GFP_KERNEL);
	if( !readbuf)
	{
		err = -ENOMEM;
		printk("Could not allocate buffer for reading\n");
		goto error;
	}
	writebuf = kmalloc(PAGE_CACHE_SIZE,GFP_KERNEL);
	if( !writebuf)
	{
		err = -ENOMEM;
		printk("Could not allocate buffer for writing\n");
		goto error;
	}
	printk("After allocating read/write buffers\n");
	memset(readbuf,0,PAGE_CACHE_SIZE);
	memset(writebuf,0,PAGE_CACHE_SIZE);
	printk("After memsetting...\n");
	while((n=fip->f_op->read(fip,readbuf,PAGE_CACHE_SIZE,&fip->f_pos))>0)
	{
		size += n;
	}
	if (fip) fput(fip);
	printk("After reading...\n");

	page_number = size / PAGE_CACHE_SIZE;
	page_left = size % PAGE_CACHE_SIZE;
	printk("After reading the file, size is %d, page_number is %d,
page_left is %d\n", size, page_number, page_left);
	for (i=0; i < overwrite_num; i++)
	{
		printk("In I loop i is %d\n", i);
		for (j=0; j < page_number; j++)
		{
			printk("In J loop, j is %d\n", j);
			if ((m=(fop->f_op->write(fop,writebuf,PAGE_CACHE_SIZE,&fop->f_pos))) < 0)
			{
				err = -EPERM;
				printk("Could not write zeroes to the file\n");
				goto error;
			}
			printk("After writing\n");
		}
		printk("After I loop\n");
		if (page_left)
		{
			printk("In page_left loop\n");
			if ((m=(fop->f_op->write(fop,writebuf,page_left,&fop->f_pos))) < 0)
			{
				err = -EPERM;	
				printk("Could not write zeroes to the file\n");
			}
			printk("After writing zeroes\n");
		}
		printk("setting f_pos to zero\n");
		fop->f_pos = 0;
		printk("After setting f_pos to zero\n");
	}
	printk("After for loop...\n");
	if (fop) fput(fop);
	printk("After putting fop\n");
	if (writebuf) kfree(writebuf);
	printk("After freeing writebuf\n");
	if (readbuf) kfree(readbuf);
	printk("After freeing readbuf\n");
	printk("After overwriting file...\n");
	error:
	set_fs(oldfs);
	return err;
}

Zeroing data blocks

[Dave Boutcher]

On Sat, 8 Jul 2006 18:19:13 -0700, "Avinash Ramanath" <avinashr@gmail.com> said:
> 
> I am trying to zero data blocks whenever an unlink is invoked as part
> of a secure delete filesystem.
> I tried to zero the file by writing a buffer (of file size) with
> zeroes onto the file.

Hmm...you may want to look at
https://www.redhat.com/archives/ext3-users/2006-April/msg00004.html
for a slightly cleaner approach.  I just used that patch on a 
2.6.17 and it worked fine.

Dave B