On Sat, Apr 18, 2015 at 7:01 AM, Bradley Remedios <
bremedios@gmail.com>
wrote:
> I have a question about what YAFFS2 supports for providing a mechanism
> to securely delete a file so that it cannot be recovered once deleted.
>
> We are looking for a file system that supports the concept of secure
> delete, either by performing a block erase that encompasses all
> outstanding pages, or by utilizing Cryptographic Encryption on a
> per-file basis.
>
> Our main requirement is to support the ability to perform a secure
> delete. We do not require the data on the drive to be unreadable
> until we go to delete the file. If we are using Cryptographic
> Encryption we would need the encryption key that is used to be unique
> per file as we would only want to have to delete a single file to
> cause the contents to become unreadable.
>
> I took a look at the yaffs.net site and didn't see anything that
> seemed to specifically outline that it supports Cryptographic
> Encryption itself or what level of encryption that it is using. I
> have seen a few research papers on people that have made the
> modifications themselves.
>
> Am I missing something, or is it accurate that YAFFS2 does not support
> any secure delete functionality or a Cryptographic Encryption feature
> that could be used for the same purpose.
>
Yaffs does not have any encryption or secure deletion feature per se, but
it is still possible to achieve this quite easily in two ways:
1) Loop mounting: If you're using Linux then you can loop mount onto Yaffs
thus making Yaffs the underlying media for some other fs that has the
features you want.
2) Using background garbage collection (on by default in Linux):
Yaffs is log structured which means all file activity happens by writing to
the end of the log and space is reclaimed by identifying blocks with unused
data (eg. parts of deleted files), rewriting the useful data and then
erasing the block.
By tweaking the garbage collection thresholds you can get Yaffs to clean up
quite promptly meaning that soon after a file is deleted, the garbage
collector will erase all that file's data from the file system.
-- CHarles
(text/plain)