Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

os-helpers-fs: add function to erase disks #3574

Merged
merged 1 commit into from
Dec 5, 2024
Merged

os-helpers-fs: add function to erase disks #3574

merged 1 commit into from
Dec 5, 2024

Conversation

alexgg
Copy link
Contributor

@alexgg alexgg commented Dec 5, 2024
edited
Loading

The function overwrites the first 16 MiB of each partition (the default LUKS2 header size), as well as the primary and backup GPT partition tables.

It's typically called from the cryptsetup flasher initramfs script when running on a locked device to close attack vectors that use the flasher images on locked devices, for example in balena-os/meta-balena-hab@e638c64

Contributor checklist

Reviewer Guidelines

  • When submitting a review, please pick:
    • 'Approve' if this change would be acceptable in the codebase (even if there are minor or cosmetic tweaks that could be improved).
    • 'Request Changes' if this change would not be acceptable in our codebase (e.g. bugs, changes that will make development harder in future, security/performance issues, etc).
    • 'Comment' if you don't feel you have enough information to decide either way (e.g. if you have major questions, or you don't understand the context of the change sufficiently to fully review yourself, but want to make a comment)

@alexgg alexgg requested a review from a team December 5, 2024 11:17
@alexgg alexgg temporarily deployed to balena-staging.com December 5, 2024 15:32 — with GitHub Actions Inactive
@alexgg alexgg temporarily deployed to balena-staging.com December 5, 2024 15:32 — with GitHub Actions Inactive
@alexgg alexgg temporarily deployed to balena-staging.com December 5, 2024 15:32 — with GitHub Actions Inactive
@alexgg alexgg temporarily deployed to balena-staging.com December 5, 2024 15:32 — with GitHub Actions Inactive
@alexgg alexgg temporarily deployed to balena-staging.com December 5, 2024 15:32 — with GitHub Actions Inactive
@alexgg alexgg had a problem deploying to balena-staging.com December 5, 2024 15:32 — with GitHub Actions Failure
@alexgg alexgg temporarily deployed to balena-staging.com December 5, 2024 15:32 — with GitHub Actions Inactive
@alexgg alexgg temporarily deployed to balena-staging.com December 5, 2024 15:32 — with GitHub Actions Inactive
@alexgg alexgg temporarily deployed to balena-staging.com December 5, 2024 15:32 — with GitHub Actions Inactive
@alexgg alexgg temporarily deployed to balena-staging.com December 5, 2024 15:32 — with GitHub Actions Inactive
@alexgg alexgg temporarily deployed to balena-staging.com December 5, 2024 15:32 — with GitHub Actions Inactive
@alexgg alexgg temporarily deployed to balena-staging.com December 5, 2024 15:32 — with GitHub Actions Inactive
@alexgg alexgg temporarily deployed to balena-staging.com December 5, 2024 15:32 — with GitHub Actions Inactive
@alexgg alexgg temporarily deployed to balena-staging.com December 5, 2024 15:32 — with GitHub Actions Inactive
@alexgg alexgg temporarily deployed to balena-staging.com December 5, 2024 15:32 — with GitHub Actions Inactive
@alexgg alexgg temporarily deployed to balena-staging.com December 5, 2024 15:32 — with GitHub Actions Inactive
@alexgg alexgg temporarily deployed to balena-staging.com December 5, 2024 15:32 — with GitHub Actions Inactive
@alexgg alexgg temporarily deployed to balena-staging.com December 5, 2024 15:32 — with GitHub Actions Inactive
@alexgg alexgg temporarily deployed to balena-cloud.com December 5, 2024 16:01 — with GitHub Actions Inactive
@alexgg alexgg temporarily deployed to balena-cloud.com December 5, 2024 16:01 — with GitHub Actions Inactive
@alexgg alexgg temporarily deployed to balena-cloud.com December 5, 2024 16:01 — with GitHub Actions Inactive
@alexgg alexgg temporarily deployed to balena-cloud.com December 5, 2024 16:17 — with GitHub Actions Inactive
@alexgg alexgg temporarily deployed to balena-cloud.com December 5, 2024 16:17 — with GitHub Actions Inactive
@alexgg alexgg temporarily deployed to balena-cloud.com December 5, 2024 16:17 — with GitHub Actions Inactive
@alexgg alexgg temporarily deployed to balena-cloud.com December 5, 2024 16:34 — with GitHub Actions Inactive
@alexgg alexgg temporarily deployed to balena-cloud.com December 5, 2024 16:34 — with GitHub Actions Inactive
@alexgg alexgg temporarily deployed to balena-cloud.com December 5, 2024 16:34 — with GitHub Actions Inactive
jakogut
jakogut approved these changes Dec 5, 2024
View reviewed changes
Copy link
Contributor

@jakogut jakogut left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks fine to me

@flowzone-app flowzone-app bot merged commit 4bb4473 into master Dec 5, 2024
161 of 163 checks passed
@flowzone-app flowzone-app bot deleted the alexgg/erasedisk branch December 5, 2024 17:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jakogut jakogut jakogut approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@alexgg @jakogut