Discussion:
[linux-lvm] Questions about residual data in LVM after delete the Logic Volume
Young Yang
2015-11-26 08:20:33 UTC
Permalink
Hi

This is my LVM version
LVM version: 2.02.98(2) (2012-10-15)
Library version: 1.02.77 (2012-10-15)
Driver version: 4.27.0
I created a 1GB physical volume with a block device setup by losetup, and
added it to my volume group.
Then I created a 1GB logic volume A and I can find my block device
here /dev/stack-volumes-lvmdriver-1/volume-e31af77b-1bf4-43e3-ac1f-23e3e825e576.

I mount this Logic volume and write some data containing a string PATTERN
into it.
Then I grep the block device with `sudo grep -zbl PATTERN
/dev/stack-volumes-lvmdriver-1/volume-e31af77b-1bf4-43e3-ac1f-23e3e825e576`
and It really have found the string PATTERN

Then I deleted this 1GB logic volume A and created another 1GB logic
volume.B.
I expected the residual data containing string PATTERN should appear in
the 1GB logic volume B, because they both used all the same 1GB physical
volume.
However, when I grep the 1GB logic volume B's block device directly, it
return nothing.



*So Here comes the quesions,*

Does LVM have any mechanism to prevent the residual data in the previously
deleted logical volume from appearing in the new logical volume?
If there is any, how can I config it? How does it work , where can I find
the related docs?




Thanks in advances :)
Young Yang
2015-11-27 12:28:32 UTC
Permalink
---------- Forwarded message ----------
From: Young Yang <***@gmail.com>
Date: Thu, Nov 26, 2015 at 4:20 PM
Subject: Questions about residual data in LVM after delete the Logic Volume
To: linux-***@redhat.com



Hi

This is my LVM version
LVM version: 2.02.98(2) (2012-10-15)
Library version: 1.02.77 (2012-10-15)
Driver version: 4.27.0
I created a 1GB physical volume with a block device setup by losetup, and
added it to my volume group.
Then I created a 1GB logic volume A and I can find my block device
here /dev/stack-volumes-lvmdriver-1/volume-e31af77b-1bf4-43e3-ac1f-23e3e825e576.

I mount this Logic volume and write some data containing a string PATTERN
into it.
Then I grep the block device with `sudo grep -zbl PATTERN
/dev/stack-volumes-lvmdriver-1/volume-e31af77b-1bf4-43e3-ac1f-23e3e825e576`
and It really have found the string PATTERN

Then I deleted this 1GB logic volume A and created another 1GB logic
volume.B.
I expected the residual data containing string PATTERN should appear in
the 1GB logic volume B, because they both used all the same 1GB physical
volume.
However, when I grep the 1GB logic volume B's block device directly, it
return nothing.



*So Here comes the quesions,*

Does LVM have any mechanism to prevent the residual data in the previously
deleted logical volume from appearing in the new logical volume?
If there is any, how can I config it? How does it work , where can I find
the related docs?




Thanks in advances :)
Zdenek Kabelac
2015-12-01 10:45:26 UTC
Permalink
Post by Young Yang
---------- Forwarded message ----------
Date: Thu, Nov 26, 2015 at 4:20 PM
Subject: Questions about residual data in LVM after delete the Logic Volume
Hi
This is my LVM version
LVM version: 2.02.98(2) (2012-10-15)
Library version: 1.02.77 (2012-10-15)
Driver version: 4.27.0
I created a 1GB physical volume with a block device setup by losetup, and
added it to my volume group.
Then I created a 1GB logic volume A and I can find my block device
here /dev/stack-volumes-lvmdriver-1/volume-e31af77b-1bf4-43e3-ac1f-23e3e825e576.
I mount this Logic volume and write some data containing a string PATTERN
into it.
Then I grep the block device with `sudo grep -zbl PATTERN
/dev/stack-volumes-lvmdriver-1/volume-e31af77b-1bf4-43e3-ac1f-23e3e825e576`
and It really have found the string PATTERN
Then I deleted this 1GB logic volume A and created another 1GB logic volume.B.
I expected the residual data containing string PATTERN should appear in the
1GB logic volume B, because they both used all the same 1GB physical volume.
However, when I grep the 1GB logic volume B's block device directly, it
return nothing.
*So Here comes the quesions,*
Does LVM have any mechanism to prevent the residual data in the previously
deleted logical volume from appearing in the new logical volume?
If there is any, how can I config it? How does it work , where can I find
the related docs?
Nope - lvm2 as "L"ogical "V"olume "M"anager does not zero user's data.

If you do not want to 'leak' your data after use - simply 'zero' LV before
it's being removed (might be quite lengthy operation)

If you use 'SSD' and you have some kind of 'trust' into discard/trim - you
may setup sending of discard on deleted extents (however note - you cannot
revert back with 'vgcfgrestore' your LV removal operation.

You could also switch into 'thin-provisioning' - which does provide 'zeroing'
of new provisioned blocks - depends on your use-case - but then you are
STRONGLY advised to switch to some modern distro and not 3 years old one....

And also the most secure option is - encrypt LV (dm-crypt)
this way you simply don't care what does exist in blocks since without proper
key data are just white noice...

Regards

Zdenek

Loading...