Re: [dm-crypt] What happen if hard drive has a read error?

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Arno Wagner <arno@wagner.name>
To: dm-crypt@saout.de
Subject: Re: [dm-crypt] What happen if hard drive has a read error?
Date: Fri, 8 Oct 2010 01:16:41 +0200	[thread overview]
Message-ID: <20101007231641.GA29526@tansi.org> (raw)
In-Reply-To: <4CAE3B9E.3060604@redhat.com>

On Thu, Oct 07, 2010 at 11:29:02PM +0200, Milan Broz wrote:
> On 10/07/2010 10:20 PM, octane indice wrote:
> > It's just a theorical question. I encrypted some data with dm-crypt on an
> > hard drive.
> > But what happens if the hard drive has an error? Not a kind of a big error
> > which cause  the hard drive hangs, but just a small error that make the
> > system doesn't read the bytes all right?
> > 
> > Obviously, dm-crypt won't decrypt the data. But what happens next?
> 
> Basically the same like if you have IO error on plain disk - the 
> IO operation returns IO error. Upper layer decides what to do next.

Just to clarify this a bit further: disk error correction
capability is limited, an unrecoverable read error is a real 
possibility. The datasheets say once every 10^15 bits read,
which whould translate to an unreadable sector once every 
125 TB read. I think this is realistic, but still a bit of a 
worst case scenario. Also keep in mind that this is for a 
healthy disk only. 

The error detection capabilities of the coding uses is far, far 
larger.  An undetected unrecovrable error (i.e. you get wrong 
data but no error even on retry) is something unlikely enough 
that you can safely ignore the possibility. There are special
safeguards against this, as error correction by itself can 
correct to the wrong value.

Nonetheless, you can find wrong data on disks without any 
explanation or detected errors. The reason is typically 
corruption in RAM or in busses before the data is written.
For a complex data aquisition system (compression -> 
network -> disk-buffer -> tape-library), I have observed 
something like one  unexplained bit error every 5-10TB 
written. This number may vary wildly in practice. Especially
overclocking and cheap non-ECC RAM may drive it up.

Arno
-- 
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier

     prev parent reply	other threads:[~2010-10-07 23:16 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-10-07 20:20 [dm-crypt] What happen if hard drive has a read error? octane indice
2010-10-07 21:29 ` Milan Broz
2010-10-07 23:16   ` Arno Wagner [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20101007231641.GA29526@tansi.org \
    --to=arno@wagner.name \
    --cc=dm-crypt@saout.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.