encryption_selfdestruct_post.c

/**
 * Callback function for destroying the data on an encrypted device.
 * It does so by overwriting the luks header and keyslots with zeroes.
 * See https://gitlab.com/cryptsetup/cryptsetup/wikis/FrequentlyAskedQuestions:
 *     5.4 How do I securely erase a LUKS (or other) partition?
 * @param[in]   request   incoming HTTP request
 * @param[out]  response  HTTP response to the request
 * @param[in]   user_data extra data to pass between handler and main thread
 * @return                internal status code
 */
int callback_encryption_selfdestruct_post(const struct _u_request * request,
    struct _u_response * response, void * user_data)
{
    bool * reboot = (bool *)user_data;
    int r;

    // Overwrite start of data partition with zeroes.
    y_log_message(Y_LOG_LEVEL_DEBUG,
        "Overwriting start of data partition with zeroes");
    char * command = NULL;
    asprintf(&command, "head -c %d /dev/zero > %s; sync",
        LUKS_HEADER_SIZE, DATA_PARTITION_DEVICE);
    r = system(command);
    if (r != 0)
    {
        y_log_message(Y_LOG_LEVEL_ERROR,
            "overwriting data device failed: return code %d",
            r);
        return send_simple_response(response, 500, "error",
            "overwriting data device failed");
    }
    y_log_message(Y_LOG_LEVEL_DEBUG,
        "Overwriting finished succesfully");

    // Record that we want to reboot the machine.
    *reboot = true;
    y_log_message(Y_LOG_LEVEL_DEBUG,
        "Will reboot");

    r = send_simple_response(response, 200, "status", "ok");
    y_log_message(Y_LOG_LEVEL_DEBUG,
        "Response sent");
    stop_server();
    return r;
}