Implement faster developer mode transitions for systems with eMMC storage |
||||
Issue descriptionDesign doc is at: https://docs.google.com/document/d/1RdARIySHBHMovLexSp26zK8osQmnR7Gzdct6ctRm7ZI/edit The first step is to make a new package (chromeos-base/secure-erase?) that provides a library and binary to for secure erasure. Then, changes will be made to clobber-log and cryptohome to use the secure erase logic. The early code I have appears to work correctly on caroline and eve, so I'm feeling good about moving forward.
,
May 26 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/151099ba77590e9b490aa32af1d71fd2404fca36 commit 151099ba77590e9b490aa32af1d71fd2404fca36 Author: Justin TerAvest <teravest@chromium.org> Date: Fri May 26 16:47:46 2017 secure_erase_file: Create secure_erase_file tool. This commit introduces a library and binary for securely erasing files that are backed by eMMC storage. This change uses BLKDISCARD, which is translated by the kernel to either an eMMC "Secure Trim" or "Secure Erase" command, depending on the request length. Followup changes will * create an ebuild package, * add an autotest-based integration test, * add binary uses in platform2/init/clobber-state, and * add library uses in platform2/cryptohome. BUG= chromium:718518 TEST=manually tested on caroline, eve, also tested with platform_SecureErase Change-Id: I5252997993072b479be37d57d971ec66934c1594 Reviewed-on: https://chromium-review.googlesource.com/498647 Commit-Ready: Justin TerAvest <teravest@chromium.org> Tested-by: Justin TerAvest <teravest@chromium.org> Reviewed-by: Justin TerAvest <teravest@chromium.org> [add] https://crrev.com/151099ba77590e9b490aa32af1d71fd2404fca36/secure_erase_file/secure_erase_file_main.cc [add] https://crrev.com/151099ba77590e9b490aa32af1d71fd2404fca36/secure_erase_file/OWNERS [add] https://crrev.com/151099ba77590e9b490aa32af1d71fd2404fca36/secure_erase_file/secure_erase_file.gyp [add] https://crrev.com/151099ba77590e9b490aa32af1d71fd2404fca36/secure_erase_file/secure_erase_file.cc [add] https://crrev.com/151099ba77590e9b490aa32af1d71fd2404fca36/secure_erase_file/README.md [add] https://crrev.com/151099ba77590e9b490aa32af1d71fd2404fca36/secure_erase_file/secure_erase_file.h
,
May 30 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/third_party/autotest/+/6ff5d72ed88e05848d1250e0d185da6f728e3c3c commit 6ff5d72ed88e05848d1250e0d185da6f728e3c3c Author: Justin TerAvest <teravest@chromium.org> Date: Tue May 30 23:29:01 2017 autotest: Add platform_SecureErase test. This tool tests that the new "secure_erase" tool reliably destroys data, as far as can be validated from userspace inside autotest. BUG= chromium:718518 TEST=Ran this test successfully on kevin CQ-DEPEND=CL:498647 Change-Id: I5bb5b46d845d5df3006788ca6f481bdc4acd2ca3 Reviewed-on: https://chromium-review.googlesource.com/498728 Commit-Ready: Justin TerAvest <teravest@chromium.org> Tested-by: Justin TerAvest <teravest@chromium.org> Reviewed-by: Justin TerAvest <teravest@chromium.org> [add] https://crrev.com/6ff5d72ed88e05848d1250e0d185da6f728e3c3c/client/site_tests/platform_SecureEraseFile/platform_SecureEraseFile.py [add] https://crrev.com/6ff5d72ed88e05848d1250e0d185da6f728e3c3c/client/site_tests/platform_SecureEraseFile/control
,
Jun 8 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/00db1033ff531c330a0c65df46ef33b94eb03bc6 commit 00db1033ff531c330a0c65df46ef33b94eb03bc6 Author: Justin TerAvest <teravest@chromium.org> Date: Thu Jun 08 06:45:42 2017 secure_erase_file: Build fixes for lakitu. This fixes some build errors that I missed earlier when building for lakitu. BUG= chromium:718518 TEST=emerge-lakitu secure-erase-file Change-Id: I3f3c39b716ef9fbc96bda92de31d6d78f8c08349 Reviewed-on: https://chromium-review.googlesource.com/527333 Commit-Ready: Justin TerAvest <teravest@chromium.org> Tested-by: Justin TerAvest <teravest@chromium.org> Reviewed-by: Dan Erat <derat@chromium.org> [modify] https://crrev.com/00db1033ff531c330a0c65df46ef33b94eb03bc6/secure_erase_file/secure_erase_file.cc
,
Jun 9 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/overlays/chromiumos-overlay/+/5f38b5f9bc75e5f612e36490515a3d290896837d commit 5f38b5f9bc75e5f612e36490515a3d290896837d Author: Justin TerAvest <teravest@chromium.org> Date: Fri Jun 09 18:22:18 2017 Create secure-erase-file package and test. This introduces an ebuild for a new secure-erase-file package and introduces the corresponding integration test in the autotest-tests ebuild. Details on this package are available at: platform2/secure_erase_file/README.md BUG= chromium:718518 TEST=emerge secure-erase-file, test_that platform_SecureEraseFile CQ-DEPEND=CL:498647,CL:198728 Change-Id: Iaafdb52f825850db6509fe18fb898a3f70f1b7ab Reviewed-on: https://chromium-review.googlesource.com/499430 Commit-Ready: Justin TerAvest <teravest@chromium.org> Tested-by: Justin TerAvest <teravest@chromium.org> Reviewed-by: Justin TerAvest <teravest@chromium.org> [add] https://crrev.com/5f38b5f9bc75e5f612e36490515a3d290896837d/chromeos-base/secure-erase-file/secure-erase-file-9999.ebuild [modify] https://crrev.com/5f38b5f9bc75e5f612e36490515a3d290896837d/chromeos-base/autotest-tests/autotest-tests-9999.ebuild
,
Jul 6 2017
,
Jul 10 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/overlays/chromiumos-overlay/+/baa8a0dce9218408909bcb4521c845a163cf0766 commit baa8a0dce9218408909bcb4521c845a163cf0766 Author: Justin TerAvest <teravest@chromium.org> Date: Mon Jul 10 18:22:35 2017 Add secure-erase-file deps for init, cryptohome. The library and binary from that package will be used by cryptohome and the init scripts for securely erasing key material on systems with eMMC devices. BUG= chromium:718518 TEST=build_packages, build_image, secure-erase-file is present. Change-Id: I85341b8a09b6a709c3cc9d2022ffba30b943385c Reviewed-on: https://chromium-review.googlesource.com/535981 Commit-Ready: Justin TerAvest <teravest@chromium.org> Tested-by: Justin TerAvest <teravest@chromium.org> Reviewed-by: Simon Glass <sjg@chromium.org> [modify] https://crrev.com/baa8a0dce9218408909bcb4521c845a163cf0766/chromeos-base/chromeos-init/chromeos-init-9999.ebuild [modify] https://crrev.com/baa8a0dce9218408909bcb4521c845a163cf0766/chromeos-base/cryptohome/cryptohome-9999.ebuild
,
Jul 12 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/7be1bdd249f8c234c2c22fa03fe7e2d36617b6bb commit 7be1bdd249f8c234c2c22fa03fe7e2d36617b6bb Author: Justin TerAvest <teravest@chromium.org> Date: Wed Jul 12 00:47:57 2017 cryptohome: Securely erase deleted keys. Developer mode transitions will speed up for some machines by performing a cryptographic erase, securely erasing encryption keys used for sensitive storage. We should clear those keys when cryptohome is removing keys as well, to ensure data is not left behind on the filesystem. BUG= chromium:718518 TEST=build CQ-DEPEND=CL:535981 Change-Id: I8d7dcab0f60ab9461a6f5f9bb297603cc1ac6b3b Reviewed-on: https://chromium-review.googlesource.com/535845 Commit-Ready: Justin TerAvest <teravest@chromium.org> Tested-by: Justin TerAvest <teravest@chromium.org> Reviewed-by: Gwendal Grignou <gwendal@chromium.org> [modify] https://crrev.com/7be1bdd249f8c234c2c22fa03fe7e2d36617b6bb/cryptohome/cryptohome.gyp [modify] https://crrev.com/7be1bdd249f8c234c2c22fa03fe7e2d36617b6bb/cryptohome/platform.cc [modify] https://crrev.com/7be1bdd249f8c234c2c22fa03fe7e2d36617b6bb/cryptohome/homedirs.cc [modify] https://crrev.com/7be1bdd249f8c234c2c22fa03fe7e2d36617b6bb/cryptohome/platform.h
,
Jul 12 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/platform2/+/9a0041241f5253d055fe26ff69a9211293d67a0f commit 9a0041241f5253d055fe26ff69a9211293d67a0f Author: Justin TerAvest <teravest@chromium.org> Date: Wed Jul 12 05:19:58 2017 init: Erase keys for faster clobber on eMMC SSDs. "shred" is used to speed up developer mode transitions on rotational drives. secure_erase_file is a tool similar to shred, which uses secure erasure methods supported by drives. This commit applies that tool to speed up transitions and more securely erase data. This was tested in two ways: - Ran "clobber-state keepimg" from a prompt, which allowed me to inspect clobber-state.log and confirm the correct commands ran. - Rebooted the system afterward, which triggered the self_repair flow in chromeos_startup, which followed the same codepath, and used the 5 minute delay. BUG= chromium:718518 TEST=See commit description CQ-DEPEND=CL:535981 Change-Id: Ie14ab66089c7ce7ab0fafa694d614b0b4fe39748 Reviewed-on: https://chromium-review.googlesource.com/535846 Commit-Ready: Justin TerAvest <teravest@chromium.org> Tested-by: Justin TerAvest <teravest@chromium.org> Reviewed-by: Mike Frysinger <vapier@chromium.org> [modify] https://crrev.com/9a0041241f5253d055fe26ff69a9211293d67a0f/init/clobber-state
,
Jul 13 2017
,
Jan 22 2018
|
||||
►
Sign in to add a comment |
||||
Comment 1 by teravest@chromium.org
, May 18 2017