shred()
PROTOTYPE
#include <posix.h>
int shred(const char *path);
DESCRIPTION
shred() is a non-standard routine that deletes the file specified by path and attempts to obscure its former contents. This path name cannot end with “.” or “..”. Paths starting with ‘/’ are absolute. Otherwise they are relative to the CWD.
shred() fails with errno set to ENOTEMPTY if used on a non-empty directory. It fails with errno set to EBUSY if the directory is open, a root directory, or any task’s CWD. For regular files, shred() fails with errno set to EBUSY if the file is open or has another link. Otherwise, the file or directory is removed.
If the file is a regular file, shred() attempts to make its former contents unavailable. If it was stored on an SD Card or eMMC device, erase commands are given for the sectors used by the file. Otherwise, the file’s clusters are overwritten with a fixed pattern.
If an FTL is used, the file’s pages are marked unused. The data remains on flash but the FTL will not provide it to the file system. Calling vclean() afterward increases the likelihood that blocks holding unused pages are erased. unformat() erases all data on NOR flash, but old data will remain on NAND flash “bad blocks”, as bad blocks are not allowed to be erased.
To make shred() persistent, a synchronization should be done after it returns. If a power loss occurs after shred() returns but before a synchronization, the file will be present but if stored on an SD Card, eMMC device, or block storage device, its contents will have been overwritten.
The caller needs search-access to the path prefix and write-access to the parent directory.
If successful, shred() returns 0. Otherwise, it sets errno and returns -1.
ERROR CODES
| EACCES | No execute access to a directory in the path prefix or no write access to the parent directory. |
| EBUSY | The specified file is either open, a root directory, or a task’s CWD. |
| EFAULT | path equals NULL. |
| EINVAL | path ends with “.” or “..”. |
| ENAMETOOLONG | A name in path exceeds the effective maximum file name length. |
| ENOENT | path is the empty string or includes a file that was not found. |
| ENOTDIR | One of the non-leaf path components is not a directory. |
| ENOTEMPTY | The directory specified by path is not empty. |
| EROFS | The volume is read-only. |
EXAMPLE
/*---------------------------------------------------------------*/
/* Remove the file and overwrite its contents. */
/*---------------------------------------------------------------*/
if (shred(path1))
perror("shred() failed");