Tails
The Amnesic Incognito Live System
blueprint
more efficient memory wipe
editing memtest86plus
editing memtest86plus
RecentChanges
Preferences
Download
Tails 0.23
March 19, 2014
About
Getting started…
Documentation
Help & Support
Contribute
News
[[!meta title="Erase memory: the memtest86+ way"]] Rationale ========= Memory erasure on shutdown is currently buggy. Sdmem and linux memtest implementation are failing. But a program exist that is actually dedicated at memory testing, and that has thus access to most (if tot all) available memory: [memtest86+](http://www.memtest.org/). This is a research using a modified memtest86+ to erase memory. Adapting memtest ================ We started from memtest86+ version 4.20 available at <http://www.memtest.org/download/4.20/memtest86+-4.20.tar.gz>. Executing a single test ----------------------- We patched memtest86+ to execute a single test, and then reboot. We choosed test #1 "Address test, own address" but quicker one could probably be choosen. The corresponding patchset: [0001-Do-only-one-test-and-hopefully-reboot.patch](https://labs.riseup.net/code/attachments/312/0001-Do-only-one-test-and-hopefully-reboot.patch) Nice display ------------ We patched memtest86+ to only display "Memory wipe, please wait..." with a progress bar, and then report success. The corresponding patchset: - [0002-Only-write-a-nice-title.patch](https://labs.riseup.net/code/attachments/314/0002-Only-write-a-nice-title.patch) - [0003-Remove-most-colors.patch](https://labs.riseup.net/code/attachments/315/0003-Remove-most-colors.patch) - [0004-Actually-writes-the-progress-bar-and-move-it-up.patch](https://labs.riseup.net/code/attachments/320/0004-Actually-writes-the-progress-bar-and-move-it-up.patch) - [0005-Display-message-at-the-end.patch](https://labs.riseup.net/code/attachments/322/0005-Display-message-at-the-end.patch) A screenshot: <img src="https://labs.riseup.net/code/attachments/323/memwipe.png"> Unfortunately, this is useless as when kexec launches memtest from Tails, the video mode in not native and nothing is displayed. Left to do ---------- - Actually halt the machine - Choose or write a quicker test - Disable keyboard shortcuts Integreating into Tails ======================= We patched tails experimental to kexec on our modified memtest86+ instead of on linux on shutdown. The `memtest` binary built on Tails from upstream with our patches applied is correctly recognised by kexec. Note that we didn't achive to kexec on a memtest built on another OS. The corresponding patchset: - [0001-Test-memory-wipe-with-memtest86.patch](https://labs.riseup.net/code/attachments/313/0001-Test-memory-wipe-with-memtest86.patch) Testing procedure ================= We launched the system to test with qemu or virtualbox. We dumped the ram just before shutdown, then after machine halt. With qemu, one should start the system to test with `-no-shutdown`, e.g.: qemu -enable-kvm -snapshot -m 2048 -no-shutdown -cdrom tails-i386-experimental-0.12.1-20120816.iso We launched 4 `fillram` processes in parallel, whatching them with `top` and waiting for them to be killed by oom killer. At least one terminated with `MemoryError`. Fillram fills the RAM with the pattern `wipe_didnt_work\n`. Then we dumped RAM with the following command in qemu console (CTRL+ALT+2). Note that the end address must be adapted to the amount of RAM available in the VM: pmemsave 0 0x80000000 before.dump Then shutdown Tails pressing the red button, and once the machine halted, dump the RAM again: pmemsave 0 0x80000000 after.dump Then we count the occurences of the pattern in the memory dump: grep -c wipe_didnt_work before.dump grep -c wipe_didnt_work after.dump Testing results =============== Machine RAM Patterns %patterns %wipe before wipe after wipe before wipe after wipe Tails sdmem+kexec 2147483648 1772984624 17168336 82,561% 0,799% 99,032% Tails memwipe+kexec 2147483648 1755221472 240 81,734% <0,001% >0,999% Tails sdmem+kexec 8589934592 3243648688 1128607952 37,761% 13,139% 65,206% Tails memwipe+kexec 8589934592 3372274816 240 39,258% <0,001% >0,999% Units: bytes Resolution: 16 bytes accuacy Memwipe erase memory better than current Tails implementation. There is a remaining area of 240 bytes that does not get erased. Conclusion ========== For the memory wipe approches we know about, this one is the most efficient we experimented. Pros: - We have something that works better than any other methods we know about. Cons: - There is still a small amount of memory not wiped. - We have to maintain a patchset. However there is only one memtest86+ release by year since 2009. - There is no output on screen, and it may be difficult to fix.
Optional description of this change:
FormattingHelp
Attachments
