Dne 27.7.2016 v 21:17 Stuart Gathman napsal(a):
On 07/19/2016 11:28 AM, Scott Sullivan wrote:
Could someone please clarify if there is a legitimate reason to worry
about data security of a old (removed) LVM snapshot?
For example, when you lvremove a LVM snapshot, is it possible for data
to be recovered if you create another LVM and it happens to go into
the same area as the old snapshot we lvremoved?
If this helps clarify, do we have to worry about security scrubbing a
LVM snapshot for data security ?
Another idea: if your VG is on SSD, and properly aligned, then DISCARD
on the new LV will effectively zero it as far as any guest VMs are
concerned. (The data is still on the flash until erased by the
firmware, of course.) If VG and PE size do not align with the SSD erase
block, then you can still zero the "edges" of the new LV, which is much
faster (and less wear on the SSD) than zeroing the whole thing. You
could always read-verify that the data is actually all zero.
Yes - as already suggested - once you create a new LV -
you can 'blkdicard /dev/vg/lv'
Note - SSD may not always ensure blocks are zeroed - they could just
move trimmed block into reuse list with undefined content.
Anyway - lvm2 is not tool for data protection and it's upto system admin
to ensure there are no data leaks.
So pick the solution which fits best your needs - lvm2 provides all the
tooling for it.
Regards
Zdenek
_______________________________________________
linux-lvm mailing list
linux-lvm@redhat.com
https://www.redhat.com/mailman/listinfo/linux-lvm
read the LVM HOW-TO at http://tldp.org/HOWTO/LVM-HOWTO/
