Feature #5658
move from sdmem to memtest
| Status: | Confirmed | Start date: | ||
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | - | % Done: | 0% | |
| Category: | - | |||
| Target version: | - | |||
| QA Check: | Blueprint: | |||
| Feature Branch: | Easy: | |||
| Type of work: | Code |
Description
Rationale¶
Replace sdmem with the Linux kernel's memtest=2 feature will fix sdmem does not clear all memory and will generally be simpler and more robust.
<blockquote>
Update: according to Liberte Linux' Maxim Kammerer, the memtest= approach is flawed; it only tests LOWMEM, "so it seems that at most ~895 MiB can be tested in 32-bit x86 kernels". Therefore, it's currently not fit for any kind of anti-forensics memory wiping. Being discussed on tails-dev / reported upstream, end of 2011: from sdmem to memtest, and testing procedures, PROBLEM: memtest tests only LOWMEM. Max Kammerer opened Linux bug 42630.
Let's wait for the outcome of the discussion with upstream.
There has been basically no progress 3 months later. We probably have to find an interested kernel hacker to patch the "memtest" code for our usecase.
</blockquote>
Plans¶
Implemented in bugfix/from_sdmem_to_memtest branch.
Let's wait for feature/hugetlb_mem_wipe to be merged. If we're happy with it, we can avoid moving to memtest.
Related issues