Re: [linux-lvm] Fwd: Questions about residual data in LVM after delete the Logic Volume

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Zdenek Kabelac <zkabelac@redhat.com>
To: LVM general discussion and development <linux-lvm@redhat.com>
Subject: Re: [linux-lvm] Fwd: Questions about residual data in LVM after delete the Logic Volume
Date: Tue, 1 Dec 2015 11:45:26 +0100	[thread overview]
Message-ID: <565D7A46.9030002@redhat.com> (raw)
In-Reply-To: <CAKPOGq4moLpBysQ=PenzGj0Xt98eV5ewTgynnfqJJRhVOYHdcw@mail.gmail.com>

Dne 27.11.2015 v 13:28 Young Yang napsal(a):
>
> ---------- Forwarded message ----------
> From: *Young Yang* <afe.young@gmail.com <mailto:afe.young@gmail.com>>
> Date: Thu, Nov 26, 2015 at 4:20 PM
> Subject: Questions about residual data in LVM after delete the Logic Volume
> To: linux-lvm@redhat.com <mailto:linux-lvm@redhat.com>
>
>
>
> Hi
>
> This is my LVM version
>
>     stack@DevStackOSDomU:~$ sudo lvm version
>        LVM version:     2.02.98(2) (2012-10-15)
>        Library version: 1.02.77 (2012-10-15)
>        Driver version:  4.27.0
>
>
> I created a 1GB physical volume with a block device setup by losetup,  and
> added it to my volume group.
> Then I created a 1GB logic volume  A  and  I can find my block device
> here /dev/stack-volumes-lvmdriver-1/volume-e31af77b-1bf4-43e3-ac1f-23e3e825e576.
>
> I mount this Logic volume and write some data containing a string PATTERN
>   into it.
> Then I grep the block device with  `sudo grep -zbl PATTERN
> /dev/stack-volumes-lvmdriver-1/volume-e31af77b-1bf4-43e3-ac1f-23e3e825e576`
>   and   It really have found the string  PATTERN
>
> Then I deleted this 1GB logic volume A  and created another  1GB logic volume.B.
> I expected  the residual data containing string PATTERN should appear in the
> 1GB logic volume B, because they both used all the same 1GB physical volume.
> However, when I grep the  1GB logic volume B's block device directly,  it
> return nothing.
>
>
>
> *So Here comes the quesions,*
>
> Does LVM have any mechanism to prevent the residual data in the previously
> deleted logical volume from  appearing in the new logical volume?
> If there is any, how can I config it?  How  does it work , where can I find
> the related  docs?



Nope - lvm2 as "L"ogical "V"olume "M"anager does not zero user's data.

If you do not want to 'leak' your data after use - simply 'zero'  LV before 
it's being removed (might be quite lengthy operation)

If you use 'SSD' and you have some kind of 'trust' into discard/trim - you
may setup sending of discard on deleted extents (however note - you cannot
revert back with  'vgcfgrestore' your LV removal operation.

You could also switch into 'thin-provisioning' - which does provide 'zeroing'
of new provisioned blocks - depends on your use-case - but then you are 
STRONGLY advised to switch to some modern distro and not 3 years old one....

And also the most secure option is - encrypt LV (dm-crypt)
this way you simply don't care what does exist in blocks since without proper 
key data are just white noice...

Regards

Zdenek

     prev parent reply	other threads:[~2015-12-01 10:45 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-11-26  8:20 [linux-lvm] Questions about residual data in LVM after delete the Logic Volume Young Yang
2015-11-27 12:28 ` [linux-lvm] Fwd: " Young Yang
2015-12-01 10:45   ` Zdenek Kabelac [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=565D7A46.9030002@redhat.com \
    --to=zkabelac@redhat.com \
    --cc=linux-lvm@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.