opentitan icon indicating copy to clipboard operation
opentitan copied to clipboard
verified publisher icon lowRISC

[sw] Flash secure erase and guidance

Open tjaychen opened this issue 3 years ago • 6 comments

Description

There may be a software need to implement a "secure" erase. This is an erase that is multi-pass where after the data is erased a random value is then written.

It should also be well defined when such an erase should be used, since uncontrolled usage of such a feature may degrade flash endurance.

Some examples of when we would use this is when sensitive data is wiped, such as keys, owners data during ownership transfers.

There is no hardware change request with this, but it does need to be documented somewhere as guidance.

tjaychen avatar Jan 11 '23 03:01 tjaychen

this does not need to be M3, but it's also not exactly "backlog". Do we need to create a milestone representing software items that can essentially be post silicon?

tjaychen avatar Jan 12 '23 18:01 tjaychen

@moidx / @cfrantz - I think the priority should be bumped up for this. Please correct me if I'm wrong. @luismarques - for visibility also as this will probably need to be implemented in SW / referenced.

johngt avatar Mar 03 '23 12:03 johngt

CC @cfrantz

msfschaffner avatar Oct 07 '23 03:10 msfschaffner

@moidx @johannheyszl @cfrantz we have several such "SW guidance" items for security that should be documented somewhere. what is the best milestone or label to collect these?

msfschaffner avatar Nov 08 '23 02:11 msfschaffner

cc @jadephilipoom agree it would make sense to have a dedicated label.

johannheyszl avatar Nov 08 '23 07:11 johannheyszl

Will be added to SW security guidance doc by @jadephilipoom

johannheyszl avatar Dec 04 '23 10:12 johannheyszl