[ptxdist] [PATCH] util-linux: add option for building blkdiscard

[ptxdist] [PATCH] util-linux: add option for building blkdiscard

[Ahmad Fatoum]

We currently only have an option for BusyBox blkdiscard, but that one
lacks some options like -z for zeroing the block device.

This can be important as regular discard on an eMMC isn't guaranteed
to clear data.

Add a util-linux blkdiscard option to address this.

Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
---
 rules/util-linux.in   | 10 ++++++++++
 rules/util-linux.make |  3 ++-
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/rules/util-linux.in b/rules/util-linux.in
index 8bf035f3901e..83e075852689 100644
--- a/rules/util-linux.in
+++ b/rules/util-linux.in
@@ -62,6 +62,16 @@ config UTIL_LINUX_ADDPART
 	help
 	  The addpart utility.
 
+config UTIL_LINUX_BLKDISCARD
+	bool
+	depends on !BUSYBOX_BLKDISCARD || ALLYES
+	prompt "blkdiscard"
+	help
+	  blkdiscard is used to discard device sectors.
+
+comment "BusyBox' blkdiscard is selected!"
+	depends on BUSYBOX_BLKDISCARD
+
 config UTIL_LINUX_CFDISK
 	bool
 	select UTIL_LINUX_FDISKS
diff --git a/rules/util-linux.make b/rules/util-linux.make
index 579c165e6edb..02d83715c6f1 100644
--- a/rules/util-linux.make
+++ b/rules/util-linux.make
@@ -54,7 +54,7 @@ UTIL_LINUX_CONF_OPT	:= \
 	-Dbuild-agetty=$(call ptx/endis, PTXCONF_UTIL_LINUX_AGETTY)d \
 	-Dbuild-bash-completion=disabled \
 	-Dbuild-bfs=disabled \
-	-Dbuild-blkdiscard=disabled \
+	-Dbuild-blkdiscard=$(call ptx/endis, PTXCONF_UTIL_LINUX_BLKDISCARD)d \
 	-Dbuild-blkpr=disabled \
 	-Dbuild-blkzone=disabled \
 	-Dbuild-blockdev=disabled \
@@ -197,6 +197,7 @@ UTIL_LINUX_LIB-$(PTXCONF_UTIL_LINUX_LIBFDISK)		+= fdisk
 
 # disk-utils
 UTIL_LINUX_BIN-$(PTXCONF_UTIL_LINUX_ADDPART)		+= sbin/addpart
+UTIL_LINUX_BIN-$(PTXCONF_UTIL_LINUX_BLKDISCARD)		+= sbin/blkdiscard
 UTIL_LINUX_BIN-$(PTXCONF_UTIL_LINUX_CFDISK)		+= sbin/cfdisk
 UTIL_LINUX_BIN-$(PTXCONF_UTIL_LINUX_DELPART)		+= sbin/delpart
 UTIL_LINUX_BIN-$(PTXCONF_UTIL_LINUX_RESIZEPART)		+= sbin/resizepart
-- 
2.39.5

Re: [ptxdist] [PATCH] util-linux: add option for building blkdiscard

[Christian Melki]

On 1/23/25 9:54 PM, Ahmad Fatoum wrote:
> We currently only have an option for BusyBox blkdiscard, but that one
> lacks some options like -z for zeroing the block device.
> 
> This can be important as regular discard on an eMMC isn't guaranteed
> to clear data.
> 
> Add a util-linux blkdiscard option to address this.
> 

Zeroing is certainly not guaranteed to do anything useful either to the
physical media. A normal FTL getting a full block zero will only move
the read index for that LBA to some zeroed return block index and do
nothing else (fast zeroed read, with no read perturbation from real media).
Depending on how one views the discarded blocks, it might also put the
zeroed block on the discard list anyway.
If you still can read real data from a zeroed (reindexed) or discarded
block you have other security issues with the device.
Having lower level access to the device with intentional holes isn't
going to protect you from leaking by anything, including key changes to
some transparent AES-XTS blocks.
If you mistrust the device, your best bet is going to be forcing fast
prng data on all accessible blocks, including whatever sideband blocks
you can get at. With no reusage between blocks, the drive won't have any
other choice than to write over data. It's slow though.
Smart drives will see various reoccuring fill patterns and create fast
read indexes for those too.

regards,
Christian

> Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
> ---
>  rules/util-linux.in   | 10 ++++++++++
>  rules/util-linux.make |  3 ++-
>  2 files changed, 12 insertions(+), 1 deletion(-)
> 
> diff --git a/rules/util-linux.in b/rules/util-linux.in
> index 8bf035f3901e..83e075852689 100644
> --- a/rules/util-linux.in
> +++ b/rules/util-linux.in
> @@ -62,6 +62,16 @@ config UTIL_LINUX_ADDPART
>  	help
>  	  The addpart utility.
>  
> +config UTIL_LINUX_BLKDISCARD
> +	bool
> +	depends on !BUSYBOX_BLKDISCARD || ALLYES
> +	prompt "blkdiscard"
> +	help
> +	  blkdiscard is used to discard device sectors.
> +
> +comment "BusyBox' blkdiscard is selected!"
> +	depends on BUSYBOX_BLKDISCARD
> +
>  config UTIL_LINUX_CFDISK
>  	bool
>  	select UTIL_LINUX_FDISKS
> diff --git a/rules/util-linux.make b/rules/util-linux.make
> index 579c165e6edb..02d83715c6f1 100644
> --- a/rules/util-linux.make
> +++ b/rules/util-linux.make
> @@ -54,7 +54,7 @@ UTIL_LINUX_CONF_OPT	:= \
>  	-Dbuild-agetty=$(call ptx/endis, PTXCONF_UTIL_LINUX_AGETTY)d \
>  	-Dbuild-bash-completion=disabled \
>  	-Dbuild-bfs=disabled \
> -	-Dbuild-blkdiscard=disabled \
> +	-Dbuild-blkdiscard=$(call ptx/endis, PTXCONF_UTIL_LINUX_BLKDISCARD)d \
>  	-Dbuild-blkpr=disabled \
>  	-Dbuild-blkzone=disabled \
>  	-Dbuild-blockdev=disabled \
> @@ -197,6 +197,7 @@ UTIL_LINUX_LIB-$(PTXCONF_UTIL_LINUX_LIBFDISK)		+= fdisk
>  
>  # disk-utils
>  UTIL_LINUX_BIN-$(PTXCONF_UTIL_LINUX_ADDPART)		+= sbin/addpart
> +UTIL_LINUX_BIN-$(PTXCONF_UTIL_LINUX_BLKDISCARD)		+= sbin/blkdiscard
>  UTIL_LINUX_BIN-$(PTXCONF_UTIL_LINUX_CFDISK)		+= sbin/cfdisk
>  UTIL_LINUX_BIN-$(PTXCONF_UTIL_LINUX_DELPART)		+= sbin/delpart
>  UTIL_LINUX_BIN-$(PTXCONF_UTIL_LINUX_RESIZEPART)		+= sbin/resizepart

Re: [ptxdist] [PATCH] util-linux: add option for building blkdiscard

[Ahmad Fatoum]

Hello Christian,

On 23.01.25 22:55, Christian Melki wrote:
> On 1/23/25 9:54 PM, Ahmad Fatoum wrote:
>> We currently only have an option for BusyBox blkdiscard, but that one
>> lacks some options like -z for zeroing the block device.
>>
>> This can be important as regular discard on an eMMC isn't guaranteed
>> to clear data.
>>
>> Add a util-linux blkdiscard option to address this.
>>
> 
> Zeroing is certainly not guaranteed to do anything useful either to the
> physical media. A normal FTL getting a full block zero will only move
> the read index for that LBA to some zeroed return block index and do
> nothing else (fast zeroed read, with no read perturbation from real media).
> Depending on how one views the discarded blocks, it might also put the
> zeroed block on the discard list anyway.
> If you still can read real data from a zeroed (reindexed) or discarded
> block you have other security issues with the device.
> Having lower level access to the device with intentional holes isn't
> going to protect you from leaking by anything, including key changes to
> some transparent AES-XTS blocks.
> If you mistrust the device, your best bet is going to be forcing fast
> prng data on all accessible blocks, including whatever sideband blocks
> you can get at. With no reusage between blocks, the drive won't have any
> other choice than to write over data. It's slow though.
> Smart drives will see various reoccuring fill patterns and create fast
> read indexes for those too.

My particular need for blkdiscard -z is not for mangling key material.
I just want to clear the block device, so software that checks for partition
magic doesn't see stale data. I am aware that this is no substitute for
a blkdiscard -s (which busybox also supports) or randomized overwrite,
but this is beyond what I need.

Thanks,
Ahmad

> 
> regards,
> Christian
> 
>> Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
>> ---
>>  rules/util-linux.in   | 10 ++++++++++
>>  rules/util-linux.make |  3 ++-
>>  2 files changed, 12 insertions(+), 1 deletion(-)
>>
>> diff --git a/rules/util-linux.in b/rules/util-linux.in
>> index 8bf035f3901e..83e075852689 100644
>> --- a/rules/util-linux.in
>> +++ b/rules/util-linux.in
>> @@ -62,6 +62,16 @@ config UTIL_LINUX_ADDPART
>>  	help
>>  	  The addpart utility.
>>  
>> +config UTIL_LINUX_BLKDISCARD
>> +	bool
>> +	depends on !BUSYBOX_BLKDISCARD || ALLYES
>> +	prompt "blkdiscard"
>> +	help
>> +	  blkdiscard is used to discard device sectors.
>> +
>> +comment "BusyBox' blkdiscard is selected!"
>> +	depends on BUSYBOX_BLKDISCARD
>> +
>>  config UTIL_LINUX_CFDISK
>>  	bool
>>  	select UTIL_LINUX_FDISKS
>> diff --git a/rules/util-linux.make b/rules/util-linux.make
>> index 579c165e6edb..02d83715c6f1 100644
>> --- a/rules/util-linux.make
>> +++ b/rules/util-linux.make
>> @@ -54,7 +54,7 @@ UTIL_LINUX_CONF_OPT	:= \
>>  	-Dbuild-agetty=$(call ptx/endis, PTXCONF_UTIL_LINUX_AGETTY)d \
>>  	-Dbuild-bash-completion=disabled \
>>  	-Dbuild-bfs=disabled \
>> -	-Dbuild-blkdiscard=disabled \
>> +	-Dbuild-blkdiscard=$(call ptx/endis, PTXCONF_UTIL_LINUX_BLKDISCARD)d \
>>  	-Dbuild-blkpr=disabled \
>>  	-Dbuild-blkzone=disabled \
>>  	-Dbuild-blockdev=disabled \
>> @@ -197,6 +197,7 @@ UTIL_LINUX_LIB-$(PTXCONF_UTIL_LINUX_LIBFDISK)		+= fdisk
>>  
>>  # disk-utils
>>  UTIL_LINUX_BIN-$(PTXCONF_UTIL_LINUX_ADDPART)		+= sbin/addpart
>> +UTIL_LINUX_BIN-$(PTXCONF_UTIL_LINUX_BLKDISCARD)		+= sbin/blkdiscard
>>  UTIL_LINUX_BIN-$(PTXCONF_UTIL_LINUX_CFDISK)		+= sbin/cfdisk
>>  UTIL_LINUX_BIN-$(PTXCONF_UTIL_LINUX_DELPART)		+= sbin/delpart
>>  UTIL_LINUX_BIN-$(PTXCONF_UTIL_LINUX_RESIZEPART)		+= sbin/resizepart
> 
> 


-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

Re: [ptxdist] [APPLIED] util-linux: add option for building blkdiscard

[Michael Olbrich]

Thanks, applied as 9e0602b0e355efaf23b6306c813aa54630d101da.

Michael

[sent from post-receive hook]

On Mon, 27 Jan 2025 09:35:16 +0100, Ahmad Fatoum <a.fatoum@pengutronix.de> wrote:
> We currently only have an option for BusyBox blkdiscard, but that one
> lacks some options like -z for zeroing the block device.
> 
> This can be important as regular discard on an eMMC isn't guaranteed
> to clear data.
> 
> Add a util-linux blkdiscard option to address this.
> 
> Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
> Message-Id: <20250123205453.2841392-1-a.fatoum@pengutronix.de>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
> 
> diff --git a/rules/util-linux.in b/rules/util-linux.in
> index 58bd21100a9e..d883fb402ca2 100644
> --- a/rules/util-linux.in
> +++ b/rules/util-linux.in
> @@ -62,6 +62,16 @@ config UTIL_LINUX_ADDPART
>  	help
>  	  The addpart utility.
>  
> +config UTIL_LINUX_BLKDISCARD
> +	bool
> +	depends on !BUSYBOX_BLKDISCARD || ALLYES
> +	prompt "blkdiscard"
> +	help
> +	  blkdiscard is used to discard device sectors.
> +
> +comment "BusyBox' blkdiscard is selected!"
> +	depends on BUSYBOX_BLKDISCARD
> +
>  config UTIL_LINUX_CFDISK
>  	bool
>  	select UTIL_LINUX_FDISKS
> diff --git a/rules/util-linux.make b/rules/util-linux.make
> index c98200a52258..143c7bcb78aa 100644
> --- a/rules/util-linux.make
> +++ b/rules/util-linux.make
> @@ -197,6 +197,7 @@ UTIL_LINUX_LIB-$(PTXCONF_UTIL_LINUX_LIBFDISK)		+= fdisk
>  
>  # disk-utils
>  UTIL_LINUX_BIN-$(PTXCONF_UTIL_LINUX_ADDPART)		+= sbin/addpart
> +UTIL_LINUX_BIN-$(PTXCONF_UTIL_LINUX_BLKDISCARD)		+= sbin/blkdiscard
>  UTIL_LINUX_BIN-$(PTXCONF_UTIL_LINUX_CFDISK)		+= sbin/cfdisk
>  UTIL_LINUX_BIN-$(PTXCONF_UTIL_LINUX_DELPART)		+= sbin/delpart
>  UTIL_LINUX_BIN-$(PTXCONF_UTIL_LINUX_RESIZEPART)		+= sbin/resizepart

Re: [ptxdist] [APPLIED] util-linux: add option for building blkdiscard

[Michael Olbrich]

On Mon, Jan 27, 2025 at 09:35:16AM +0100, Michael Olbrich wrote:
> Thanks, applied as 9e0602b0e355efaf23b6306c813aa54630d101da.

And as Jonas noted, I've now applied two patches for the same thing... I'll
revert this one.

Michael

> [sent from post-receive hook]
> 
> On Mon, 27 Jan 2025 09:35:16 +0100, Ahmad Fatoum <a.fatoum@pengutronix.de> wrote:
> > We currently only have an option for BusyBox blkdiscard, but that one
> > lacks some options like -z for zeroing the block device.
> > 
> > This can be important as regular discard on an eMMC isn't guaranteed
> > to clear data.
> > 
> > Add a util-linux blkdiscard option to address this.
> > 
> > Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
> > Message-Id: <20250123205453.2841392-1-a.fatoum@pengutronix.de>
> > Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
> > 
> > diff --git a/rules/util-linux.in b/rules/util-linux.in
> > index 58bd21100a9e..d883fb402ca2 100644
> > --- a/rules/util-linux.in
> > +++ b/rules/util-linux.in
> > @@ -62,6 +62,16 @@ config UTIL_LINUX_ADDPART
> >  	help
> >  	  The addpart utility.
> >  
> > +config UTIL_LINUX_BLKDISCARD
> > +	bool
> > +	depends on !BUSYBOX_BLKDISCARD || ALLYES
> > +	prompt "blkdiscard"
> > +	help
> > +	  blkdiscard is used to discard device sectors.
> > +
> > +comment "BusyBox' blkdiscard is selected!"
> > +	depends on BUSYBOX_BLKDISCARD
> > +
> >  config UTIL_LINUX_CFDISK
> >  	bool
> >  	select UTIL_LINUX_FDISKS
> > diff --git a/rules/util-linux.make b/rules/util-linux.make
> > index c98200a52258..143c7bcb78aa 100644
> > --- a/rules/util-linux.make
> > +++ b/rules/util-linux.make
> > @@ -197,6 +197,7 @@ UTIL_LINUX_LIB-$(PTXCONF_UTIL_LINUX_LIBFDISK)		+= fdisk
> >  
> >  # disk-utils
> >  UTIL_LINUX_BIN-$(PTXCONF_UTIL_LINUX_ADDPART)		+= sbin/addpart
> > +UTIL_LINUX_BIN-$(PTXCONF_UTIL_LINUX_BLKDISCARD)		+= sbin/blkdiscard
> >  UTIL_LINUX_BIN-$(PTXCONF_UTIL_LINUX_CFDISK)		+= sbin/cfdisk
> >  UTIL_LINUX_BIN-$(PTXCONF_UTIL_LINUX_DELPART)		+= sbin/delpart
> >  UTIL_LINUX_BIN-$(PTXCONF_UTIL_LINUX_RESIZEPART)		+= sbin/resizepart
> 
> 

-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |