* [dm-crypt] What happen if hard drive has a read error?
@ 2010-10-07 20:20 octane indice
2010-10-07 21:29 ` Milan Broz
0 siblings, 1 reply; 3+ messages in thread
From: octane indice @ 2010-10-07 20:20 UTC (permalink / raw)
To: dm-crypt
Hello
It's just a theorical question. I encrypted some data with dm-crypt on an
hard drive.
But what happens if the hard drive has an error? Not a kind of a big error
which cause the hard drive hangs, but just a small error that make the
system doesn't read the bytes all right?
Obviously, dm-crypt won't decrypt the data. But what happens next?
-dm-crypt will panic() the kernel
-Only a block won't be decrypted, so it means that at best, only a file is
corrupted, and at worst all of the filesystem is trashed, depending the
location of the error?
-Or everything beyond the point of the read error will be trash?
-Or it depends of the crypto layer choosen as CBC, or else?
That's just a theorical question, thank you
Envoyé avec Inmano, ma messagerie renversante et gratuite : http://www.inmano.com
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [dm-crypt] What happen if hard drive has a read error?
2010-10-07 20:20 [dm-crypt] What happen if hard drive has a read error? octane indice
@ 2010-10-07 21:29 ` Milan Broz
2010-10-07 23:16 ` Arno Wagner
0 siblings, 1 reply; 3+ messages in thread
From: Milan Broz @ 2010-10-07 21:29 UTC (permalink / raw)
To: octane indice; +Cc: dm-crypt
On 10/07/2010 10:20 PM, octane indice wrote:
> It's just a theorical question. I encrypted some data with dm-crypt on an
> hard drive.
> But what happens if the hard drive has an error? Not a kind of a big error
> which cause the hard drive hangs, but just a small error that make the
> system doesn't read the bytes all right?
>
> Obviously, dm-crypt won't decrypt the data. But what happens next?
Basically the same like if you have IO error on plain disk - the IO operation
returns IO error. Upper layer decides what to do next.
If it is in LUKS keyslot or header, you will not be able to access data at all.
If it is somewhere on data area, you lost just these bad sectors. Every sector
is encrypted separately (e.g. using cbc with per-sector IV).
But note that errors on encrypted disks (in general) causes more visible
problems.
> -dm-crypt will panic() the kernel
Nope. But underlying hw driver can lockup the system - but not dmcrypt itself.
> -Only a block won't be decrypted, so it means that at best, only a file is
> corrupted, and at worst all of the filesystem is trashed, depending the
> location of the error?
yes
> -Or everything beyond the point of the read error will be trash?
> -Or it depends of the crypto layer choosen as CBC, or else?
no, see above. CBC is used inside 512 byte sector
(e.g. CBC block size is 16 bytes), sectors are encrypted independently,
with different IV.
> That's just a theorical question, thank you
No, it is not theoretical question:-) HW fails are still quite common...
Even with modern SSD drives.
Milan
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [dm-crypt] What happen if hard drive has a read error?
2010-10-07 21:29 ` Milan Broz
@ 2010-10-07 23:16 ` Arno Wagner
0 siblings, 0 replies; 3+ messages in thread
From: Arno Wagner @ 2010-10-07 23:16 UTC (permalink / raw)
To: dm-crypt
On Thu, Oct 07, 2010 at 11:29:02PM +0200, Milan Broz wrote:
> On 10/07/2010 10:20 PM, octane indice wrote:
> > It's just a theorical question. I encrypted some data with dm-crypt on an
> > hard drive.
> > But what happens if the hard drive has an error? Not a kind of a big error
> > which cause the hard drive hangs, but just a small error that make the
> > system doesn't read the bytes all right?
> >
> > Obviously, dm-crypt won't decrypt the data. But what happens next?
>
> Basically the same like if you have IO error on plain disk - the
> IO operation returns IO error. Upper layer decides what to do next.
Just to clarify this a bit further: disk error correction
capability is limited, an unrecoverable read error is a real
possibility. The datasheets say once every 10^15 bits read,
which whould translate to an unreadable sector once every
125 TB read. I think this is realistic, but still a bit of a
worst case scenario. Also keep in mind that this is for a
healthy disk only.
The error detection capabilities of the coding uses is far, far
larger. An undetected unrecovrable error (i.e. you get wrong
data but no error even on retry) is something unlikely enough
that you can safely ignore the possibility. There are special
safeguards against this, as error correction by itself can
correct to the wrong value.
Nonetheless, you can find wrong data on disks without any
explanation or detected errors. The reason is typically
corruption in RAM or in busses before the data is written.
For a complex data aquisition system (compression ->
network -> disk-buffer -> tape-library), I have observed
something like one unexplained bit error every 5-10TB
written. This number may vary wildly in practice. Especially
overclocking and cheap non-ECC RAM may drive it up.
Arno
--
Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@wagner.name
GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F
----
Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans
If it's in the news, don't worry about it. The very definition of
"news" is "something that hardly ever happens." -- Bruce Schneier
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2010-10-07 23:16 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-10-07 20:20 [dm-crypt] What happen if hard drive has a read error? octane indice
2010-10-07 21:29 ` Milan Broz
2010-10-07 23:16 ` Arno Wagner
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.