How can I obtain a raw access to the HD and know if that location is used or is a free space? Just a piece of example, I can obtain a direct access simply with an open and a read on a disk device, the goal is knowing whether the, for example, 10.000 byte is used or not.
You can just open
the block device (for example, /dev/sda
) and read the sectors manually. However, that won't tell tell you if it's empty or not directly. Being empty or not is a something defined at the filesystem abstraction level. File system data structures store that kind of data and you should have a deep understanding of the specific filesystem to do so from the raw blocks (without using any filesystem provided function).
To pile on with the cautions...
Don't forget that you have to cooperate with the existing driver stack's own thread safety provisions and internal caching. Many threads in the system can (and will) be writing to the disk all the time. To wipe a free sector, you have to know it to be free and stay free while you have your way with it. It would be bad if you wiped a sector that the file system had already decided to use, but hadn't flushed the evidence of that decision out to disk yet so you had no way to know it was in use. This could result in data loss which can result in outraged users.
If you can guarantee that the file system is currently not mounted then you can, in principle at least, open /dev/sda
(probably not the specific one you want!) and parse the on-disk data structures to do anything you need to do. This is actually how utilities like fsck
and mkfs
are implemented.
The remaining big issue is that you have to stay in sync with every version of every file system you might encounter. At least you have the source code available for the file system itself for reference, but it will not be easy to just port it out of the kernel and into a user-mode application.
My advice would be to use the file system itself to get you the guarantees you need. Open large files and fill them with your wipe patterns. Fill the disk to capacity. Note that if this might have a serious impact on any running daemons that assume that some disk space is available, so it might still need to be done on a system with most daemons and such killed. If you are aiming for a secure wipe, you will still need to worry about actually flushing the written blocks to disk between passes because everything in the normal file system is going to try to optimize multiple writes of a single block.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With