Package: partman-crypto
Severity: normal
Tags: d-i patch
Hello!
blockdev-wipe uses BLKGETSIZE64 to determine the size of the device to be
wiped. In case that fails, there currently is a fallback to BLKGETSIZE.
Please remove the fallback (patch attached) for these reasons:
a) On 32bit platforms (with 32bit "long"), the fallback code contains an
integer wraparound bug which restricts the region to be wiped to at most the
first 4GB of the device.
b) BLKGETSIZE64 exists since Linux 2.4.10, so there's really no need for a
fallback.
This bug seems to exist since 2006-04-18, i.e. it has been in Debian
installers since etch. The kernel for etch was 2.6.18 which includes
BLKGETSIZE64, therefore I believe that the fallback was never used and thus we
don't need to worry about insufficiently wiped devices in deployed Debian
installations. (I'd appreciate if someone could confirm this line of
argument.)
Regards,
Thiemo Nagel
-- System Information:
Debian Release: 6.0.7
APT prefers oldstable-updates
APT policy: (990, 'oldstable-updates'), (990, 'oldstable-proposed-updates'),
(990, 'oldstable'), (450, 'proposed-updates'), (450, 'stable'), (300,
'unstable'), (150, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff --git a/blockdev-wipe/blockdev-wipe.c b/blockdev-wipe/blockdev-wipe.c
index 064ab15..dfced12 100644
--- a/blockdev-wipe/blockdev-wipe.c
+++ b/blockdev-wipe/blockdev-wipe.c
@@ -63,19 +63,14 @@ static unsigned long long dev_size(int fd)
{
int ret;
unsigned long long size;
- unsigned long blocks;
ret = ioctl(fd, BLKGETSIZE64, &size);
- if (ret == 0)
- return size;
-
- ret = ioctl(fd, BLKGETSIZE, &blocks);
if (ret < 0) {
close(fd);
die("failed to get device size", 1);
}
- return blocks * 512;
+ return size;
}
static int do_wipe(int source, int target, size_t wsize)
