From: Allison Henderson <achender@linux.vnet.ibm.com>
To: Andreas Dilger <aedilger@gmail.com>
Cc: "linux-ext4@vger.kernel.org" <linux-ext4@vger.kernel.org>,
"linux-fsdevel@vger.kernel.org" <linux-fsdevel@vger.kernel.org>
Subject: Re: [Ext4 Secure Delete 0/7 v4] Ext4 secure delete
Date: Mon, 10 Oct 2011 10:20:48 -0700 [thread overview]
Message-ID: <4E932970.9020901@linux.vnet.ibm.com> (raw)
In-Reply-To: <4E8F31D6.108@linux.vnet.ibm.com>
On 10/07/2011 10:07 AM, Allison Henderson wrote:
> On 10/07/2011 08:21 AM, Andreas Dilger wrote:
>> On 2011-10-07, at 1:10 AM, Allison Henderson<achender@linux.vnet.ibm.com> wrote:
>>> Sorry for the delay in getting this next version out.
>>> I had some tasks to take care of, and now I'm picking up my
>>> secure delete work again. I'm still not quite done yet,
>>> but a lot has changed and I wanted to update people so that
>>> we have an idea of where its going. Currently the patch
>>> deals with data blocks, meta blocks, directory entries,
>>> journal blocks, and also provides an option for secure
>>> deleting with random data instead of just zeros.
>>> I'm also planning on adding some more patches to
>>> deal with inodes and also a mount option that turns
>>> on secure delete by default. Im still not quite done
>>> debugging, but Im just sending it out early to get
>>> some more eyes on it. Feed back appreciated! :)
>>>
>>> v3->v4
>>> Added a new file attribute flag EXT4_SECRM_RANDOM_FL
>>> This flag causes the secure delete operations to over write
>>> blocks with random data instead of zeros.
>>
>> Since inode flags are in short supply, and I suspect users that want this want it for all files, this should probably be a superblock flag?
>>
> That is a really good point. The first thing that comes to mind though would be the fact that it is a lot slower when the random flag is on especially for really big files. So that would be one case where I could imagine a user might want the ability to set different options per file. But since the flags are a limited resource, I can see where we may not want to spend it so quickly. I will see if maybe there is some way I can optimize it, but I would like to see more folks weigh in on this topic too.
>
I've had another suggestion for this come up, so I wanted to put it out
here to see what people think. Instead of a new flag, we could use a
flag that is mutually exclusive like the undelete flag, since a file
that is secure deleted, should not be undeletable. Would this be
something that people would be interested in doing?
>>> New function ext4_secure_delete_lblks added to walk
>>> data blocks and secure delete them before any blocks
>>> are removed.
>>>
>>> Meta blocks are secure deleted before they are
>>> released
>>>
>>> New function added to identify holes in ind files.
>>> Used by ext4_secure_delete_lblks to skip over holes
>>> during secure delete.
>>>
>>> Added another list in the journal structure to track
>>> journal blocks so that they can be secure deleted later.
>>>
>>> Added new ext4_secure_delete_jblks that secure deletes
>>> journal blocks that were used to journal the specified
>>> logical blocks
>>>
>>> Allison Henderson (7):
>>> ext4: Secure Delete: Add new EXT4_SECRM_RANDOM_FL flag
>>> ext4: Secure Delete: Add ext4_ind_hole_lookup function
>>> ext4: Secure Delete: Add secure delete functions
>>> ext4: Secure Delete: Secure delete file data
>>> ext4: Secure Delete: Secure delete directory entry
>>> ext4: Secure Delete: Secure delete meta data blocks
>>> ext4/jbd2: Secure Delete: Secure delete journal blocks
>>>
>>> fs/ext4/ext4.h | 28 +++-
>>> fs/ext4/ext4_extents.h | 2 +
>>> fs/ext4/extents.c | 21 +++-
>>> fs/ext4/indirect.c | 2 +-
>>> fs/ext4/inode.c | 391 ++++++++++++++++++++++++++++++++++++++++++++++++
>>> fs/ext4/mballoc.c | 8 +
>>> fs/ext4/namei.c | 64 +++++++-
>>> fs/jbd2/commit.c | 6 +
>>> fs/jbd2/journal.c | 112 ++++++++++++++
>>> include/linux/jbd2.h | 21 +++
>>> 10 files changed, 642 insertions(+), 13 deletions(-)
>>>
>>> --
>>> To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
>>> the body of a message to majordomo@vger.kernel.org
>>> More majordomo info at http://vger.kernel.org/majordomo-info.html
>>
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
prev parent reply other threads:[~2011-10-10 17:20 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-10-07 7:10 [Ext4 Secure Delete 0/7 v4] Ext4 secure delete Allison Henderson
2011-10-07 7:10 ` [Ext4 Secure Delete 1/7v4] ext4: Secure Delete: Add new EXT4_SECRM_RANDOM_FL flag Allison Henderson
2011-10-07 17:02 ` Darrick J. Wong
2011-10-07 17:14 ` Allison Henderson
2011-10-07 7:11 ` [Ext4 Secure Delete 2/7v4] ext4: Secure Delete: Add ext4_ind_hole_lookup function Allison Henderson
2011-10-07 17:47 ` Darrick J. Wong
2011-10-07 23:10 ` Allison Henderson
2011-10-07 7:11 ` [Ext4 Secure Delete 3/7v4] ext4: Secure Delete: Add secure delete functions Allison Henderson
2011-10-07 17:19 ` Allison Henderson
2011-10-07 18:07 ` Darrick J. Wong
2011-10-07 23:08 ` Allison Henderson
2011-10-07 7:11 ` [Ext4 Secure Delete 4/7v4] ext4: Secure Delete: Secure delete file data Allison Henderson
2011-10-07 7:11 ` [Ext4 Secure Delete 5/7v4] ext4: Secure Delete: Secure delete directory entry Allison Henderson
2011-10-07 17:22 ` Darrick J. Wong
2011-10-07 17:59 ` Allison Henderson
2011-10-07 7:11 ` [Ext4 Secure Delete 6/7v4] ext4: Secure Delete: Secure delete meta data blocks Allison Henderson
2011-10-07 7:11 ` [Ext4 Secure Delete 7/7v4] ext4/jbd2: Secure Delete: Secure delete journal blocks Allison Henderson
2011-10-07 18:35 ` Darrick J. Wong
2011-10-07 19:31 ` Sunil Mushran
2011-10-07 19:54 ` Eric Sandeen
2011-10-07 20:14 ` Allison Henderson
2011-10-07 19:55 ` Allison Henderson
2011-10-07 20:58 ` Darrick J. Wong
2011-10-08 0:06 ` Allison Henderson
2011-10-10 19:47 ` Jonathan Corbet
2011-10-10 23:35 ` Allison Henderson
2011-10-10 23:41 ` Jonathan Corbet
2011-10-11 0:54 ` Allison Henderson
2011-10-10 20:00 ` Jonathan Corbet
2011-10-10 23:36 ` Allison Henderson
2011-10-07 15:21 ` [Ext4 Secure Delete 0/7 v4] Ext4 secure delete Andreas Dilger
2011-10-07 17:07 ` Allison Henderson
2011-10-10 17:20 ` Allison Henderson [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4E932970.9020901@linux.vnet.ibm.com \
--to=achender@linux.vnet.ibm.com \
--cc=aedilger@gmail.com \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).