| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 28 Sep 2015 14:45:24 -0700 From: Grant Grundler <grundler@...omium.org> To: Jens Axboe <axboe@...nel.dk>, Ulf Hansson <ulf.hansson@...aro.org>, LKML <linux-kernel@...r.kernel.org>, "linux-mmc@...r.kernel.org" <linux-mmc@...r.kernel.org> Subject: Fwd: RFC: 32-bit __data_len and REQ_DISCARD+REQ_SECURE [resending...I forgot to switch gmail back to text-only mode. grrrh..] ---------- Forwarded message ---------- From: Grant Grundler <grundler@...omium.org> Date: Mon, Sep 28, 2015 at 2:42 PM Subject: Re: RFC: 32-bit __data_len and REQ_DISCARD+REQ_SECURE To: Grant Grundler <grundler@...omium.org> Cc: Jens Axboe <axboe@...nel.dk>, Ulf Hansson <ulf.hansson@...aro.org>, LKML <linux-kernel@...r.kernel.org>, "linux-mmc@...r.kernel.org" <linux-mmc@...r.kernel.org> On Thu, Sep 24, 2015 at 10:39 AM, Grant Grundler <grundler@...omium.org> wrote: > > Some followup. ... > > 2) I've been able to test this hack on an eMMC device: > [ 13.147747] mmc..._secdiscard_rq(mmc1) ERASE from 14116864 cnt > 0x2c00000 (size 22528 MiB) > [ 13.155964] sdhci cmd: 35/0x1a arg 0xd76800 > [ 13.160266] sdhci cmd: 36/0x1a arg 0x39767ff > [ 13.164593] sdhci cmd: 38/0x1b arg 0x80000000 > [ 13.803360] random: nonblocking pool is initialized > [ 14.567735] sdhci cmd: 13/0x1a arg 0x10000 > [ 14.573324] mmc..._secdiscard_rq(mmc1) err 0 > > This was with ~15K files and about 5GB written to the device. 1.4 > seconds compared to about 20 minutes to secure erase the same region > with original v3.18 code. To put a few more numbers on the "chunk size vs perf": 1EG (512KB) -> 44K commands -> ~20 minutes 32EG (16MB) -> 1375 commands -> ~1 minute 128EG (64MB) -> 344 commands -> ~30 seconds 8191EG (~4GB) -> 6 commands -> 2 seconds + ~8 seconds mkfs (I'm assuming times above include about 6-10 seconds of mkfs as part of writing a new file system) This is with only ~300MB of data written to the partition. I'm fully aware that times will vary depending on how much data needs to be migrated (and in this case very little or none). I'm certain the difference will only get worse for the smaller the "chunk size" used to Secure Erase due to repeated data migration. Given the different use model for secure erase (legal/contractually required behavior), is using 4GB chunk size acceptable? Would anyone be terribly offended if I used the recently added "MMC_IOC_MULTI_CMD" to send the cmd 35/36/38 sequence to the eMMC device to securely erase the offending partition? thanks, grant -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists