2 * utils_wipe - wipe a device
4 * Copyright (C) 2004-2007, Clemens Fruhwirth <clemens@endorphin.org>
5 * Copyright (C) 2011-2012, Red Hat, Inc. All rights reserved.
6 * Copyright (C) 2009-2012, Milan Broz
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License
10 * as published by the Free Software Foundation; either version 2
11 * of the License, or (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
27 #include <sys/types.h>
29 #include <sys/types.h>
31 #include <sys/ioctl.h>
33 #ifdef HAVE_SYS_SYSMACROS_H
34 #include <sys/sysmacros.h> /* for major, minor */
37 #include "libcryptsetup.h"
40 #define MAXIMUM_WIPE_BYTES 1024 * 1024 * 32 /* 32 MiB */
42 static ssize_t _crypt_wipe_zero(int fd, int bsize, char *buffer,
43 uint64_t offset, uint64_t size)
45 memset(buffer, 0, size);
46 return write_lseek_blockwise(fd, bsize, buffer, size, offset);
49 static ssize_t _crypt_wipe_random(int fd, int bsize, char *buffer,
50 uint64_t offset, uint64_t size)
52 if (crypt_random_get(NULL, buffer, size, CRYPT_RND_NORMAL) < 0)
55 return write_lseek_blockwise(fd, bsize, buffer, size, offset);
59 * Wipe using Peter Gutmann method described in
60 * http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
62 static void wipeSpecial(char *buffer, size_t buffer_size, unsigned int turn)
66 unsigned char write_modes[][3] = {
67 {"\x55\x55\x55"}, {"\xaa\xaa\xaa"}, {"\x92\x49\x24"},
68 {"\x49\x24\x92"}, {"\x24\x92\x49"}, {"\x00\x00\x00"},
69 {"\x11\x11\x11"}, {"\x22\x22\x22"}, {"\x33\x33\x33"},
70 {"\x44\x44\x44"}, {"\x55\x55\x55"}, {"\x66\x66\x66"},
71 {"\x77\x77\x77"}, {"\x88\x88\x88"}, {"\x99\x99\x99"},
72 {"\xaa\xaa\xaa"}, {"\xbb\xbb\xbb"}, {"\xcc\xcc\xcc"},
73 {"\xdd\xdd\xdd"}, {"\xee\xee\xee"}, {"\xff\xff\xff"},
74 {"\x92\x49\x24"}, {"\x49\x24\x92"}, {"\x24\x92\x49"},
75 {"\x6d\xb6\xdb"}, {"\xb6\xdb\x6d"}, {"\xdb\x6d\xb6"}
78 for(i = 0; i < buffer_size / 3; ++i) {
79 memcpy(buffer, write_modes[turn], 3);
84 static ssize_t _crypt_wipe_disk(int fd, int bsize, char *buffer,
85 uint64_t offset, uint64_t size)
91 for(i = 0; i < 39; ++i) {
93 r = crypt_random_get(NULL, buffer, size, CRYPT_RND_NORMAL);
94 } else if(i >= 5 && i < 32) {
95 wipeSpecial(buffer, size, i - 5);
97 } else if(i >= 32 && i < 38) {
98 r = crypt_random_get(NULL, buffer, size, CRYPT_RND_NORMAL);
99 } else if(i >= 38 && i < 39) {
100 memset(buffer, 0xFF, size);
106 written = write_lseek_blockwise(fd, bsize, buffer, size, offset);
107 if (written < 0 || written != (ssize_t)size)
111 /* Rewrite it finally with random */
112 return _crypt_wipe_random(fd, bsize, buffer, offset, size);
115 static ssize_t _crypt_wipe_ssd(int fd, int bsize, char *buffer,
116 uint64_t offset, uint64_t size)
118 // FIXME: for now just rewrite it by random
119 return _crypt_wipe_random(fd, bsize, buffer, offset, size);
122 int crypt_wipe(struct device *device,
125 crypt_wipe_type type,
130 int devfd, flags, bsize;
133 if (!size || size % SECTOR_SIZE || (size > MAXIMUM_WIPE_BYTES)) {
134 log_dbg("Unsuported wipe size for device %s: %ld.",
135 device_path(device), (unsigned long)size);
139 if (stat(device_path(device), &st) < 0) {
140 log_dbg("Device %s not found.", device_path(device));
144 if (type == CRYPT_WIPE_DISK && S_ISBLK(st.st_mode)) {
145 if (!crypt_dev_is_rotational(major(st.st_rdev),
146 minor(st.st_rdev))) {
147 type = CRYPT_WIPE_SSD;
148 log_dbg("Non-rotational device, using SSD wipe mode.");
150 log_dbg("Rotational device, using normal wipe mode.");
153 bsize = device_block_size(device);
157 buffer = malloc(size);
163 /* use O_EXCL only for block devices */
164 if (exclusive && S_ISBLK(st.st_mode))
167 /* coverity[toctou] */
168 devfd = device_open(device, flags);
171 return errno ? -errno : -EINVAL;
174 // FIXME: use fixed block size and loop here
176 case CRYPT_WIPE_ZERO:
177 written = _crypt_wipe_zero(devfd, bsize, buffer, offset, size);
179 case CRYPT_WIPE_DISK:
180 written = _crypt_wipe_disk(devfd, bsize, buffer, offset, size);
183 written = _crypt_wipe_ssd(devfd, bsize, buffer, offset, size);
185 case CRYPT_WIPE_RANDOM:
186 written = _crypt_wipe_random(devfd, bsize, buffer, offset, size);
189 log_dbg("Unsuported wipe type requested: (%d)", type);
196 if (written != (ssize_t)size || written < 0)