These changes solve three issues. The first
issue was that it wasn't obvious that the
PDFs are only created once you press return
to exit after all the wipes have finished. It
is now explicitly stated in the footer message if
PDFs are enabled.
It also now specifies the logfile name on the
footer if the user has specified a log file as a
command line option. If no logfile is specified
then STDOUT is displayed.
If the user specified --PDFreportpath=noPDF on the
command line, prior to this commit it had no affect.
This is now fixed so that it disables PDF's irrespective
of what is in nwipe.conf. i.e command line options
override the entries in nwipe.conf
If the user has specified a --PDFreportpath=noPDF=/some/path
then PDF's are enabled irrespective of the value in nwipe.conf
The message that displays where the nwipe PDF certificate
is being saved was being printed multiple times in the
middle of the erasure summary table.
This was corrected so that it only prints once at the end
of the table.
Under the following conditions a segfault will
occur upon starting nwipe.
Run nwipe with --logfile option AND run nwipe in a directory that does
not have write permissions so the logfile can't be created AND run nwipe
without sudo or root or as as a user without sufficient privileges so
you don't have permissions to write to the directory.
Fixes to apparent and real disc size fields in PDF based on use
of c->Calculated_real_max_size_in_bytes.
Minor changes to HPA status messages for consistent messaging.
When HPA and DCO sector information cannot be obtained display the
message "HPA/DCO data unavailable, can not determine hidden sector
status" in the information field on the PDF.
Determine human readable size for the c->Calculated_real_max_size_in_bytes
as used in the PDF real disc size field.
Instead of >>FAILURE!<< -1 when a I/O error occurs display >>IOERROR!<< -1
in the GUI.
1. If nwipe enumerates a USB bridge that does not support
ATA pass through or you are wiping a USB memory stick,
nwipe will show a message in the GUI that says
"HPA/DCO hidden area indeterminate". If you get this message
you know to either get yourself a better quality USB to SATA
adapter or in the case of a USB memory stick, i've never
come across one that supports HPA/DCO so either don't worry
about it and wipe it as normal or physically destroy it.
2.We now check for a nonsense "real max sectors" as produced
by the bug in hdparm. We use our own low level function to
issue a DCO identify command and retrieve the correct value.
3. Changed the dmidecode info at the start of the log from
a 'notice' classification to 'info'.
4. Made changes to the nwipe_log function so that any messages
logged that are classified as 'debug' will not be logged unless
the --verbose flag has been set on the command line options. I
send the hex data structures and hex sense data to the logs as debug
information and as they can take up a lot of space and make the
log look untidy they will only appear in --verbose mode.
5. I also extended the nwipe's log message length from 512 to 1024
as some of the sense data was being truncated in the log.
1. Further work was completed, putting the HPA status and HPA size into
the report/certificate.
2. Moved some general functions that may be used throughout nwipe
into miscellaneous.c These tend to be string processing functions.
3. Tested certificate HPA status. There are three possible states of the HPA
i. Enabled and HPA size is displayed on the certificate
ii. Disabled, the drive reports it's real size to the O.S.
iii. Unknown. Nwipe could not determine whether there is a HPA or not.
This may be caused by the use of a USB adapter or could be a bad drive,
or finally a change in hdparms format when displaying HPA information.
More code to follow, next on the list is to add the HPA status into the
drive selection screen in the GUI, so when you select the drive you can see
the status of HPA and choose to disable it.
1. Added rounds requested & completed. Coloured
green if equal and red if not.
2. Fixed endtime sometimes not being recorded when
a wipe is aborted. This affected the creation of the
PDF filename. Now ok.
3. Added throughput using the appropriate nomenclature
such as KB/sec MB/sec, GB/sec etc
1. Added bytes erased including percentage, green
if equal to disc size and red if the drive hasn't been
fully erased at least once.
2. Added explanation of bytes erased to certificate.
3. Added throughput
1. Rearranged the layout so the Tech/ID signature
is at the bottom of the report.
2. Added start date/time
3. Added end date/time
4. Changed data from helvetica to helvetica-bold
5. Created a definition for PDF_DARK_GREEN text in
create_pdf.h and moved the previously created PDF_GRAY
to create_pdf.h, to keep pdfgen.h vanilla.
6. Added the erasure status, ERASED, FAILED, ABORTED.
ERASED in green and FAILED, ABORTED in red.
Further code to follow ..
1. Display unknown in serial number field for loopback device
2. Added device type, USB, SATA, VIRT etc
3. Added duration of wipe in hh:mm:ss
4. Added pseudo random number generator type, twister, isaac etc
5. Added final blanking pass type, none, zeros, ones
6. Added number of rounds
1. Changed most titles in certificate to gray with
the data in black.
Started adding real data to template including:
Model, serial no., method, verify, size.
more code to follow...
If you use the --logfile option but specify a filename
that will be created in a directory that is not writable,
for instance, a system directory such as /proc/sys/ or
your current directory happens to be a system directory
that you are running nwipe from while not specifying a
writable path for the log file then nwipe would exit with
a segfault.
This is now fixed and if the logfile cannot be created
or opened then an appropriate message is displayed and
nwipe is aborted.
If you used control-c during a wipe,
the summary table would report FAILED
rather than UABORTED, even though no
errors had occured and no errors were
reported in the error summary table.
The correct message on control-c abort
should be UABORTED if no errors on that
drive had so far been detected or FAILED
if errors had been detected.
nwipe reported correctly when letting
the wipe continue to it's natural completion.
This patch fixes that issue.
This fixes column alignment issues in the gui
with nvme drives i.e. nvme0n1 etc. If the drive
name including path exceeds 8 characters the
/dev/ is removed and prefixed with spaces to
a total max length of 8 characters.
Stage 1 adds the additional variables to the drive
context and creates the temperature initialisation
function, which associates a hwmonX directory with
a block device. Also wrote the context update function,
that reads hwmon for each drive context and writes the
temperatures back to the context.
Stage 2 commit to follow which will make changes within
the GUI to call the update function every 60 seconds
and display the temperature information.
1. The log reported verification errors while also
showing an entry in the log that said "[SUCCESS] Blanked /dev/...".
The blanked device message now shows [FAILURE] /dev/... may not be blanked"
if any verification errors are detected for a specific drive.
2. If a verification error occurred, the error would be correctly
shown in the GUI and in the logs but the summary table drive status
would show 'ERASED' not 'FAILED'. Now corrected so that the tables
drive status field shows 'FAILED' if any verification error is detected.
Prior to this it was marking the status as 'FAILED' only if the O.S
detected write errors. In practise most drive errors are detected
by the write I/O process on syncing but this will now detect errors not
recognised by the O.S. and found by the verification process. Despite
this the textual log and GUI correcty reported verification errors.
3. The final log message "Nwipe exited successfully" was checking for
fatal errors but ignoring non fatal errors despite being reported in
the log.
The final message now reads
either "Nwipe Exited Succesfully" if no fatal and non fatal errors were
detected. Alternatively it displays ...
"Nwipe exited with errors, check the log & summary table for individual drive status."
if any fatal OR non fatal errors are detected.
1. Prior to this fix, if a user aborted a multi drive using control-C,
and if some of the drives had completed their wipe either
successfully or with a I/O failures, the summary log would say
UABORTED for all drives. UABORTED is acceptable status for drives that
hadn't completed their wipe but for drives that had completed the wipe,
the summary table should have gave either a ERASED or FAILED status
message. This fix corrects the summary status when using control-c to
abort a multi drive wipe where some drives have completed and some have
not.
2. If I wipe was selected but not started and then the user used
control-C to abort nwipe, the summary table would possibly
intermittently be displayed showing the last drive wiped. The correct
behaviour is that no summary table is displayed if the wipe hasn't been
started yet. This fix corrects the behaviour of the summary table when
control-c is used and a drive has been selected for wiping but not
started, in this scenario the summary table is NOT displayed.
3. When nwipe exits it always prints the message "nwipe successfully
exited". To make this single line message more informative it now
reports a different message depending upon the wipe status.
These four messages are:
"Nwipe was aborted by the user. Check the summary table for the drive
status" - When the user aborts during a wipe.
"Nwipe was aborted by the user prior to the wipe starting."
"Nwipe exited with fatal errors, check the summary table for individual
drive status." - When one or more drives failed.
"Nwipe successfully completed. See summary table for details." - When
selected drives were all erased without error.
Previously if a drive failed during
a multiple drive wipe and the user
decided to abort nwipe to say remove
the drive and start over, the user would
use CONTROl-C to abort. This would be
reflected in the summary table as ALL drives
having been aborted including the drive that
failed. It makes more sense for a failed drive
to be marked as failed in the summary table
even though the user aborted the wipe.
This patch fixes that, so that if a drive failed
it reflects that drives status in the summary
even if the user aborts the wipe.
Benefits include:
1. Standard fixed width output for disk
throughput, combined throughput and disk
capacity. Allows for better column alignment
when wiping multiple drives.
2. Removal of about 40 lines of duplicated code.
I've always wondered, when you first view
all the drives, why drives above 999GB appeared
in their GB nomenclature instead of TB. For
instance a 2TB drive would appear as 2000GB.
Unlike other places in nwipe that does a proper
job of describing capacity just this one location
in the program was wrong.
This information was obtained by a call to a function
in libparted. Maybe when libparted was written there
was no such thing as a TByte drive ?? Who knows, so
anyway it was far easier to use nwipes build in function
called 'determine_C_B_nomenclature()' This provides us
with the correct nomenclature that is a fixed number of
digits (three) and prefixed with spaces so the length
is always the same. In the GUI this gives a nice
list when viewing multiple drives that appears in neat
columns.
In Debian Sid dmidecode is not found as /sbin is not
searched when nwipe only specifies 'dmidecode', so
if it fails then it will next try /sbin/dmidecode
which is where it's normally located if it's installed.
In ubuntu etc, the sudo environment is setup so /sbin
is automatically searched.
Fix throughput so it shows the average throughput
calculated from the start of the wipe.
Because we currently use cached access to the disks
initially for a few seconds or minute the throughput looks high
as nwipes writes are cached in memory before being written to disc.
When we change to a non cached or nwipe buffered model the
throughput will reflect a throughput that is actual
disc throughput.
Using an averaged throughput means that when the wipe finishes it will show
a higher value than the previous calculation but this new calculation is the
actual averaged speed of the wipe and reflects a value that is closer to what
you would expect a given drive to exhibit.
For instance a 160GB WD1600AAJS using Dod-S, B+VL, using the old
calculation would finish with a throughput of 48MB/s, using the
new calculation it finishes with a throughput of 76MB/s. This was tested
over multiple wipes and multiple rounds and gave consistently similiar
results.
Throughput is not so accurate on small loop drives due to the fact the drive
is so small it fits within CPU memory so when reading back to verify your're
actually reading back from cache not the disk. Another reason I want to move
to non cached I/O and have nwipe manage buffering and size of block writes.
If a sudo kill -s USR1 (Nwipe's PID) is issued
on the command line while nwipe is operating in
--nogui mode, ETA is now displayed along with
percentage completion, pass and round information.
Note! Because we rely upon cached I/O at the moment
the calculated ETA early in the wipe is very inaccurate
but becomes more accurate as CPU memory cache is filled.
If the system is shutdown while nwipe is still
wiping, the duration calculation would be
incorrect. This patch fixes that problem, so for
instance if a UPS signals the system running nwipe to
shutdown, nwipe typically traps that signal and
exits in an orderly manner. The log summary
is generated showing the wipe was aborted and
the wipe duration shows a valid value i.e the
elapsed time since the start of the wipe.
Add a summary table to the log that shows each drives status
i.e. erased or failed, throughput, duration of wipe, model,
serial no etc. In particular it benefits those that wipe many
drives simultaneously in rack servers. At a glance any failed
drives can be seen without having to browse back through the
log. Especially useful in --nogui mode, but also useful in GUI
mode.
1. Keep nwipe_log notices succinct and below 80 chars in length including
timestamp. This is especially relevant for 80x30 terminal use such
as ALT-F2 etc or Shredos without losing any information.
2. Add [SUCCESS] to blanked & verified messages to make them stand out for quicker checking.
Change code so that there is only one place where the log is flushed on
exit from the ncurses gui. Prior to this patch the flush was done twice
which resulted in duplicated lines and missing lines. The
log_current_element variable was being initialised after the first flush.
This caused subsequent writes to nwipe to write log_lines pointers passed
the end of the pointer array causing memory corruption and resulting in the
occassional segfault on attempts to print the log array.
This patch fixes a segfault that occurs when a logfile is specified.
The segfault occurred on exit of nwipe. It did not affect the wipe
process.
This patch also fixes a related issue, at the end of a wipe some
of the log lines were missing on stdout, this occurred when a log
file was not specified as an option.
This fix allows nwipe to log an error, specifically the exit code of dmidecode if the exit code
is not 0.
For instance if dmidecode is not installed on a system, then dmidecode reports the following
[2019/11/04 22:12:50] nwipe: info: nwipe_log_sysinfo: dmidecode failed, "dmidecode -s bios-version" exit status = 127
nwipe does not abort on this error but does log the error and continue.
