From 151e8965fa3a9c8f65e316430f9df0fa763fb02d Mon Sep 17 00:00:00 2001
From: "Joe Richey joerichey@google.com" <joerichey@google.com>
Date: Tue, 15 Aug 2017 18:11:29 -0700
Subject: cmd/fscrypt: purge command now clears cache

---
 util/util.go | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

(limited to 'util')

diff --git a/util/util.go b/util/util.go
index 14d23e2..acdc3fc 100644
--- a/util/util.go
+++ b/util/util.go
@@ -25,6 +25,7 @@ package util
 
 import (
 	"bufio"
+	"log"
 	"math"
 	"os"
 	"unsafe"
@@ -97,3 +98,19 @@ func ReadLine() (string, error) {
 	scanner.Scan()
 	return scanner.Text(), scanner.Err()
 }
+
+// DropInodeCache instructs the kernel to clear the global cache of inodes and
+// dentries. This has the effect of making encrypted directories whose keys
+// are not present no longer accessible. Requires root privileges.
+func DropInodeCache() error {
+	log.Print("dropping page caches")
+	// See: https://www.kernel.org/doc/Documentation/sysctl/vm.txt
+	file, err := os.OpenFile("/proc/sys/vm/drop_caches", os.O_WRONLY|os.O_SYNC, 0)
+	if err != nil {
+		return err
+	}
+	defer file.Close()
+	// "2" just clears the inodes and dentries
+	_, err = file.WriteString("2")
+	return err
+}
-- 
cgit v1.2.3