secure_erase_file/secure_erase_file.h - mirrors/cros/chromiumos/platform2 - Git at Google

 // Copyright 2017 The Chromium OS Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef SECURE_ERASE_FILE_SECURE_ERASE_FILE_H_
 #define SECURE_ERASE_FILE_SECURE_ERASE_FILE_H_

 #include <base/files/file_path.h>
 #include <brillo/brillo_export.h>

 namespace secure_erase_file {

 // Returns true if the backing store for the file path supports secure erase.
 //
 // This can be used as a high-level check if we think the target file can be
 // securely erased, but SecureErase() is not guaranteed to succeed.
 BRILLO_EXPORT bool IsSupported(const base::FilePath& path);

 // Securely erase a file, returning true on success and false on failure.
 //
 // Requires that:
 //   - the file is a regular file.
 //   - the file is stored on an eMMC device.
 //   - the file is stored on a filesystem that supports FS_IOC_FIEMAP.
 //   - the file does not span more than 32 extents.
 //   - the underlying eMMC device and kernel support FITRIM.
 //   - the underlying block point is not "anonymous", as with btrfs.
 //
 // This function internally calls IsSupported on the requested path, so it's not
 // necessary to call IsSupported() before SecureErase().
 //
 // After unlink() and trim, this function reads from the file's original LBA
 // range to ensure that it reads all 0s or 1s.
 BRILLO_EXPORT bool SecureErase(const base::FilePath& path);

 // Drop all filesystem caches.
 //
 // This must be called after securely erasing files to ensure that cached data
 // is not kept in the filesystem caches.
 //
 // This drops caches for all filesystems, and thus takes no path argument.
 BRILLO_EXPORT bool DropCaches();

 }  // namespace secure_erase_file

 #endif  // SECURE_ERASE_FILE_SECURE_ERASE_FILE_H_
	// Copyright 2017 The Chromium OS Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef SECURE_ERASE_FILE_SECURE_ERASE_FILE_H_
	#define SECURE_ERASE_FILE_SECURE_ERASE_FILE_H_

	#include <base/files/file_path.h>
	#include <brillo/brillo_export.h>

	namespace secure_erase_file {

	// Returns true if the backing store for the file path supports secure erase.
	//
	// This can be used as a high-level check if we think the target file can be
	// securely erased, but SecureErase() is not guaranteed to succeed.
	BRILLO_EXPORT bool IsSupported(const base::FilePath& path);

	// Securely erase a file, returning true on success and false on failure.
	//
	// Requires that:
	// - the file is a regular file.
	// - the file is stored on an eMMC device.
	// - the file is stored on a filesystem that supports FS_IOC_FIEMAP.
	// - the file does not span more than 32 extents.
	// - the underlying eMMC device and kernel support FITRIM.
	// - the underlying block point is not "anonymous", as with btrfs.
	//
	// This function internally calls IsSupported on the requested path, so it's not
	// necessary to call IsSupported() before SecureErase().
	//
	// After unlink() and trim, this function reads from the file's original LBA
	// range to ensure that it reads all 0s or 1s.
	BRILLO_EXPORT bool SecureErase(const base::FilePath& path);

	// Drop all filesystem caches.
	//
	// This must be called after securely erasing files to ensure that cached data
	// is not kept in the filesystem caches.
	//
	// This drops caches for all filesystems, and thus takes no path argument.
	BRILLO_EXPORT bool DropCaches();

	} // namespace secure_erase_file

	#endif // SECURE_ERASE_FILE_SECURE_ERASE_FILE_H_