Package: linux-2.6 Version: 3.0.0-5 Severity: wishlist Hi,
Please enable CONFIG_MEMTEST on x86. I know it was asked for, and refused for good reasons if one asks me, in bug #556365. My request is a bit different: I am asking for this feature to piggy-back it for reasons that have nothing to do with testing memory. Debian is used in some contexts that require protecting against memory recovery such as cold boot attack. In the context of Tails (a Debian Live system targetted at privacy and anonymity [0]), we achieve this by overwritting (most of) the RAM when Tails is being shutdown or when the boot medium is physically removed. [0] http://tails.boum.org/ Our current implementation [1], based on kexec and secure-delete's sdmem, has many flaws (some that could be workarounded, some that cannot since are due, by design, to using userspace tools). [1] http://tails.boum.org/contribute/design/memory_erasure/ This is why we have been dreaming of using memtest= instead of flakky userspace solutions, as a way to overwrite memory: using this in-kernel feature seems the only available reliable way to implement what we need. It would 1. be the best to ensure the biggest possible amount of RAM is overwritten; 2. avoid the need for us to play dirty tricks with the OOM-killer, kernel cache settings and so on. Hence our request to enable CONFIG_MEMTEST on x86. Please note that we plan to convert Tails' "erase memory on shutdown" feature into a Debian package proper, so that all users of Debian (and derivatives) who need it can easily enable this feature. What do you think? Bye, -- intrigeri <intrig...@boum.org> -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
