On Tue, Jun 17, 2014 at 03:00:40PM +0200, Lukáš Czerner wrote: > > What is the difference between -o discard mount option ? I guess > that this way you can do it selectively on certain files, but I > wonder how useful it is going to be anyway ? Well, it will reduce the amount of flash wear, since a SECDISCARD requires an immediate copy of the remaining data in the erase block followed by a erase. This increases write magnification. > Nevertheless, I think that there is a conclusion that there is no > "security" to be had with file system and SECDISCARD. And no secure > erase with this type of interface would be "secure" enough. There's an assumption here that the eMMC SECDISCARD functionality is more competently spec'ed out compared to the ATA/SCSI interface. I'm not sure whether or not that's true, but perhaps JP and Geremy can confirm that. And even if it isn't guaranteed by the MMC spec, a mobile handset manufacturer is buying in sufficently large quantities that they can probably negotiate with their suppliers and demand a custom firmware which doesn't drop the discard command if the flash device doesn't feel like it. (There's nothing new about this, by the way. Very large buyers of hard drives such as EMC, Amazon, Facebook, etc. do their own performance and quality control testing, and then have demanded custom firmware if necessary for a very long time.) So at least in some specific use cases, it should be possible to make this to be secure. And the reason why to call it secure is SECDISCARD is the term used in the spec. And if the spec doesn't guarantee it, we can mock the spec. :-) - Ted -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
