[openstack-dev] [cinder] dd performance for wipe in cinder
Chris Friesen
chris.friesen at windriver.com
Fri Oct 11 16:50:33 UTC 2013
On 10/11/2013 09:02 AM, John Griffith wrote:
> As Matt pointed out there's an option to turn off secure-delete
> altogether. The reason for the volume_clear setting (aka secure delete)
> is that since we're allocating volumes via LVM from a shared VG there is
> the possibility that a user had a volume with sensitive data and
> deleted/removed the logical volume they were using. If there was no
> encryption or if no secure delete operation were performed it is
> possible that another tenant when creating a new volume from the Volume
> Group could be allocated some of the blocks that the previous volume
> utilized and potentially inspect/read those blocks and obtain some of
> the other users data.
Sounds like we could use some kind of layer that will zero out blocks on
read if they haven't been written by that user.
That way the performance penalty would only affect people that try to
read data from the volume without writing it first (which nobody should
actually be doing).
Chris
More information about the OpenStack-dev
mailing list