[linux-lvm] Snapshots and disk re-use

Stuart D. Gathman stuart at bmsi.com
Wed Feb 23 23:25:57 UTC 2011


On Wed, 23 Feb 2011, Jonathan Tripathy wrote:

> Give that I currently follow the current procedure for removing and adding
> customers:
> 
> To remove customer: zero out customer LV, then remove LV
> To add customer: create a new LV
> 
> And I want to run backups of a customer's LV using snapshots I just:
> create a snapshot of the customer LV, then use rsync, then remove the
> snapshot. Is there anything I should do to prevent cross-customer data
> leakage?

You are still ambiguous.  If by "create a new LV", you mean a new LV
that is not an LVM snapshot, then just zero it out when you create it
(rather than when you delete it).

If by "create a new LV", you mean create a new snapshot on a (mostly)
readonly origin, then you don't need to do anything.  The entire logical
volume is (logically) initialized to the origin.  There is no need to
zero when deleting either.

If, in addition to "cross-customer data leakage", you are worried about
FBI raids finding old data from deleted customers in LVM free space, then zero
independent LVs when deleting (as you planned), and zero *-cow for snapshots
before deleting with the origin unmounted (but check with an expert whether
that is safe while other snapshots for the same origin are mounted - I think it
should be).

IDEA - it seems that the device mapper could logically zero an LV by
simply returning blocks of zero on reads until the corresponding block
it written.  Yeah, would require overhead to track which blocks have
been written.  That overhead could be 1 bit for each of fairly large blocks,
and be fairly small, fit into ram easily, and be stored in a logically
zeroed block and discarded when the last block is written.  So effectively
it only requires storing a pointer in meta-data to the current block where
the bitmap is stored.  I can see that compared to the simplicity of
simply writing zeroes on allocation, it might not be worth it.

-- 
	      Stuart D. Gathman <stuart at bmsi.com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.




More information about the linux-lvm mailing list