lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 11 Apr 2019 11:42:57 +0200
From:   Reindl Harald <>
To:     Andrea Lo Pumo <>,
Subject: Re: Run mkfs.ext4 on an already existing ext4 filesystem. Seeking
 professional help or programming hints for the recovery.

Am 11.04.19 um 11:37 schrieb Andrea Lo Pumo:
> Sorry for writing on this development mailing list, we are seeking an
> expert in ext4, we are also willing to offer a professional contract
> to solve this issue.
> On /dev/sda1(*) there was an ext4 file system with a lot of large
> files. Now, by mistake, mkfs.ext4 has been run on /dev/sda1. The
> result is that now /dev/sda1 is "empty": mounting it shows no files.
> Note *: actually, it is /dev/mapper/secure_storage, an encrypted
> volume opened with LUKS: cryptsetup luksOpen /dev/sda1 secure_storage
> This is my current understanding:
> - Originally, /dev/sda1 was created with "mkfs.ext4 /dev/sda1"
> - Now, the second "mkfs.ext4 /dev/sda1" has overwritten the
> superblock, and all backups of the superblock (because it has created
> the backups of the NEW superblock at the exact same locations of the
> previous superblock backups)


you said you had a LUKS volume on /dev/sda1 which means by directly
create a fs on /dev/sda1 you have overwritten parts of the encryption
layer *and* at the same time the filesystem *on top* of it

in other words: you are done, can stop seek solutions and start restore
your backups

Powered by blists - more mailing lists