From: Christoph Hellwig <hch@infradead.org>
To: Vitaly Chikunov <vt@altlinux.org>
Cc: Christoph Hellwig <hch@infradead.org>,
Alasdair Kergon <agk@redhat.com>,
Mike Snitzer <snitzer@redhat.com>,
dm-devel@redhat.com, Jonathan Corbet <corbet@lwn.net>,
Shaohua Li <shli@kernel.org>,
linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-raid@vger.kernel.org
Subject: Re: [dm-devel] [PATCH] dm: add secdel target
Date: Fri, 19 Oct 2018 05:00:33 -0700 [thread overview]
Message-ID: <20181019120033.GA7869@infradead.org> (raw)
In-Reply-To: <20181019114944.syemvziebwfuruof@sole.flsd.net>
On Fri, Oct 19, 2018 at 02:49:44PM +0300, Vitaly Chikunov wrote:
> On Thu, Oct 18, 2018 at 11:19:45PM -0700, Christoph Hellwig wrote:
> > Just as a note: the name is a complete misowner, a couple overwrite
> > are not in any way secure deletion. So naming it this way and exposing
> > this as erase is a problem that is going to get back to bite us.
>
> In what way it's not secure deletion?
>
> It's secure deletion by overwriting discarded data instead of leaving it
> as is.
Overwriting data does not delete data. Most certainly not in Flash based
SSDs, but also not in many storage arrays, or for that matter many modern
disks that have sectore remapping and various kinds of non-volatile
caches. There is a reason why devices tend to have special commands to
perform secure erase - depending on the media they might or might not
overwrite internally, but at least they do it in a way that actually
works for the given media and device configuration.
> dm-erase or dm-wipe? dm-discerase?
dm-overwrite?
> But still provide REQ_OP_SECURE_ERASE
> support?
On the one hand that is highly misleading and would warrant a warning
(see above), on the other hand discard is purely advisory and can
be skipped any time, including by intermediate layers. So I don't think
you can actually do what you want without major changes to the whole
I/O stack.
next prev parent reply other threads:[~2018-10-19 12:00 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-14 11:24 [PATCH] dm: add secdel target Vitaly Chikunov
2018-10-18 20:01 ` Mike Snitzer
2018-10-19 12:02 ` Vitaly Chikunov
2018-10-19 6:19 ` [dm-devel] [PATCH] " Christoph Hellwig
2018-10-19 11:49 ` Vitaly Chikunov
2018-10-19 12:00 ` Christoph Hellwig [this message]
2018-10-19 12:11 ` Vitaly Chikunov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181019120033.GA7869@infradead.org \
--to=hch@infradead.org \
--cc=agk@redhat.com \
--cc=corbet@lwn.net \
--cc=dm-devel@redhat.com \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-raid@vger.kernel.org \
--cc=shli@kernel.org \
--cc=snitzer@redhat.com \
--cc=vt@altlinux.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).