| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 5 Nov 2006 11:22:20 -0500 From: "Albert Cahalan" <acahalan@...il.com> To: "James Courtier-Dutton" <James@...erbug.co.uk> Cc: "Alan Cox" <alan@...rguk.ukuu.org.uk>, kangur@...com.net, mikulas@...ax.karlin.mff.cuni.cz, linux-kernel@...r.kernel.org Subject: Re: New filesystem for Linux On 11/5/06, James Courtier-Dutton <James@...erbug.co.uk> wrote: > I have seen this too. I think that when IDE drive relocates the sector > due to hard errors, one would silently loose the information that was > stored in that sector. I didn't just mean hidden relocation of bad blocks. I really meant that sectors can trade places. This is probably what happens when the bad-block remapping is itself corrupt. Inodes 16,17,18,19 trade places with inodes 40,41,42,43. An indirect block for your database trades places with an indirect block for an outgoing email. A chunk of /etc/shadow trades places with a chunk of a user's ~/.bash_logout file. > I suppose a work around is to provide a fs level error check. This could > take the form of the fs adding a checksum to any file. To avoid recheck > summing the entire file each time it changes, maybe break the file up > into blocks and checksum those. This would slow things down due to CPU > use for the checksum, but at least we could tell us as soon as a file > became corrupted, as the verification could be done on reading the file. Yes indeed. This is what ZFS does. You can choose between regular and crypto checksums. You can cause the filesystem to replicate blocks over multiple devices. Unlike RAID, this lets you recover from silent corruption. > Another possible solution could be using a few bytes from each sector to > place a fs level checksum in. Then, if the IDE drive silently relocates > the sector, the fs level checksum will fail. A saw a feature like this > on some old filesystem, but I don't remember which. It placed a > checksum, forwards chain link, and possibly backwards chain link. So, if > the filesystem became really badly corrupted, one could pick any sector > on the disk and recover the entire file associated with it. Both OS/400 and AmigaOS had this feature. AmigaOS used regular 512-byte sectors, making the data portion oddly sized. OS/400 made the sectors bigger, by another 8 or 16 bytes if I remember right. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists