[linux-lvm] Snapshots & data security
Zdenek Kabelac
zdenek.kabelac at gmail.com
Tue Aug 16 09:44:23 UTC 2016
Dne 27.7.2016 v 21:17 Stuart Gathman napsal(a):
> On 07/19/2016 11:28 AM, Scott Sullivan wrote:
>>
>> Could someone please clarify if there is a legitimate reason to worry
>> about data security of a old (removed) LVM snapshot?
>>
>> For example, when you lvremove a LVM snapshot, is it possible for data
>> to be recovered if you create another LVM and it happens to go into
>> the same area as the old snapshot we lvremoved?
>>
>> If this helps clarify, do we have to worry about security scrubbing a
>> LVM snapshot for data security ?
>>
> Another idea: if your VG is on SSD, and properly aligned, then DISCARD
> on the new LV will effectively zero it as far as any guest VMs are
> concerned. (The data is still on the flash until erased by the
> firmware, of course.) If VG and PE size do not align with the SSD erase
> block, then you can still zero the "edges" of the new LV, which is much
> faster (and less wear on the SSD) than zeroing the whole thing. You
> could always read-verify that the data is actually all zero.
Yes - as already suggested - once you create a new LV -
you can 'blkdicard /dev/vg/lv'
Note - SSD may not always ensure blocks are zeroed - they could just
move trimmed block into reuse list with undefined content.
Anyway - lvm2 is not tool for data protection and it's upto system admin
to ensure there are no data leaks.
So pick the solution which fits best your needs - lvm2 provides all the
tooling for it.
Regards
Zdenek
More information about the linux-lvm
mailing list