Hugetlb mem wipe
Using a custom memory wiping program from initramfs is implemented in the
It makes the wipe much faster and better looking, but it's not as efficient as Tails' current parallel sdmem approach when using a PAE kernel (which usually results in 0 occurrences in my tests, if not it's just a few hundred occurences), which arguably is what most users will use. For the non-PAE kernel I believe this branch is better, though.
Next thing to do: fine tune the algorithm parameters and/or memory settings to be as efficient on PAE than current implementation.
Both tests performed in the same 8 GiB-RAM VM:
- With PAE-kernel: 137K occurences =~ 2.1 MiB of unwiped memory.
- With non-PAE-kernel: 155K occurences =~ 2.4 MiB of unwiped memory.
#3 Updated by intrigeri almost 3 years ago
- Status changed from Confirmed to Rejected
See #12354: we're dropping our kexec-based implementation, that's not robust enough, gives poor UX, and a reasonably good alternative is now available. Let's come back to it once there's something we can kexec, that fixes these problems.