[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20181019114944.syemvziebwfuruof@sole.flsd.net>
Date: Fri, 19 Oct 2018 14:49:44 +0300
From: Vitaly Chikunov <vt@...linux.org>
To: Christoph Hellwig <hch@...radead.org>
Cc: Alasdair Kergon <agk@...hat.com>,
Mike Snitzer <snitzer@...hat.com>, dm-devel@...hat.com,
Jonathan Corbet <corbet@....net>, Shaohua Li <shli@...nel.org>,
linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-raid@...r.kernel.org
Subject: Re: [dm-devel] [PATCH] dm: add secdel target
On Thu, Oct 18, 2018 at 11:19:45PM -0700, Christoph Hellwig wrote:
> Just as a note: the name is a complete misowner, a couple overwrite
> are not in any way secure deletion. So naming it this way and exposing
> this as erase is a problem that is going to get back to bite us.
In what way it's not secure deletion?
It's secure deletion by overwriting discarded data instead of leaving it
as is. Thus it's secure deletion in some way. Level of security and
applicability (disks choice) is to be determined by the end user.
Because nobody could guarantee absolute security. Some three letter
agencies require just one pass of overwrite, some say that more than one
pass does not increase security. Some hardware disks advertising secure
deletion may do not much more than this target. Thus 'secure erase' is
applicable in that way too.
> If you really want this anyway at least give it a different way, and
> do a one-time warning when th first erase comes in that it is not in
> any meaninful way secure.
dm-erase or dm-wipe? dm-discerase? But still provide REQ_OP_SECURE_ERASE
support?
Powered by blists - more mailing lists