Erase memory: the GRUB way
Download Tails 0.23 March 19, 2014

GRUB is a really small and featureful kernel. Among other thing, it knows perfectly how to shut down x86 hardware. So how about adding a command that would erase memory? A simple grub.cfg script could then be used perform the wipe and shutdown (or reboot) the system.

Status:

  • wipe_memory command is basically complete.
  • The minimal set of GRUB modules to use is known.
  • There is GRUB configuration using gfxterm to get a nice display.
  • Figure out why using kexec fails on real hardware.

Patches

  • ?version 2

Version history:

  • Changes since v1:
    • Adjust line width to fit ascii font in gfxterm 640x480.
    • Do not always include all modules in grub-mkstandalone. This makes testing easier.
  • Changes since v0:
    • Really fill memory with zeros.
    • Change strategy for grub_wipe_with_malloc. Use dichotomy and recursion for a more robust allocation strategy.
    • Debug output has been cleaned up and isolated.
    • Now with a progress bar!

Known issues:

  • The code related to high order wipe is not portable to other architectures than i386 so it should be labeled clearly as such.

How to test

Using a qemu image

  1. Uncompress GRUB 2.00 sources:

    tar -zxf grub-2.00.tar.gz

  2. Apply the patch and copy the boot configuration files:

    cd grub-2.00
patch -p1 < /path/to/amnesia/wiki/src/todo/more_efficient_memory_wipe/grub/grub-wipe-memory-v2.patch
cp -r /path/to/amnesia/wiki/src/todo/more_efficient_memory_wipe/grub/boot .

  3. Build:

    ./autogen.sh
test -f Makefile && make distclean
./configure --with-platform=qemu --target=i386
mkdir -p /tmp/tftp
make -j4 &&
    pkgdatadir='.' ./grub-mkstandalone -C xz -o /tmp/qemu.bin \
        -d ./grub-core -O i386-qemu --grub-mkimage='./grub-mkimage' \
        --modules="all_video echo gfxterm halt normal png reboot serial test wipe_memory" \
        boot/grub/grub.cfg boot/grub/ascii.pf2 boot/grub/splash.png

  4. Start qemu:

    qemu -hda /dev/zero -bios /tmp/qemu.bin \
    -vga std -enable-kvm -m 5120

Using a lnxboot

GRUB can actually be loaded using an image compatible with bzImage in lnxboot.img. It will actually load and execute a GRUB image given as a ramdisk.

  1. Uncompress GRUB 2.00 sources.
  2. Apply the patch and copy the boot configuration files.

  3. Build:

    test -f Makefile && make distclean
./configure --with-platform=pc --target=i386
make -j4 &&
    pkgdatadir='.' ./grub-mkstandalone -C xz -o /tmp/core.img \
        -d ./grub-core -O i386-pc --grub-mkimage='./grub-mkimage' \
        --modules="all_video echo gfxterm halt normal pci png reboot serial test wipe_memory" \
        boot/grub/grub.cfg boot/grub/ascii.pf2 boot/grub/splash.png

  4. Start qemu:

    qemu -hda /dev/zero -kernel grub-core/lnxboot.img -initrd /tmp/core.img \
     -vga std -m 256

The image can be also be started with kexec given lnxboot.img is extended (e.g. filled with zeros) to be at least 32kB in size. Then, the following should work:

kexec --load --real-mode --initrd=/tmp/core.img grub-core/lnxboot.img
kexec --exec

Tests done with the former worked on qemu, VirtualBox but not on bare metal.

Screenshot

?grub wipe memory.png