From owner-freebsd-fs@FreeBSD.ORG Wed Apr 27 22:43:31 2005 Return-Path: Delivered-To: freebsd-fs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7843716A4CE for ; Wed, 27 Apr 2005 22:43:31 +0000 (GMT) Received: from mail.eecs.harvard.edu (bowser.eecs.harvard.edu [140.247.60.24]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0E9BF43D73 for ; Wed, 27 Apr 2005 22:43:31 +0000 (GMT) (envelope-from ellard@eecs.harvard.edu) Received: from localhost (localhost.eecs.harvard.edu [127.0.0.1]) by mail.eecs.harvard.edu (Postfix) with ESMTP id 390A754C9D6; Wed, 27 Apr 2005 18:43:30 -0400 (EDT) Received: from mail.eecs.harvard.edu ([127.0.0.1]) by localhost (bowser.eecs.harvard.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 52879-09; Wed, 27 Apr 2005 18:43:30 -0400 (EDT) Received: by mail.eecs.harvard.edu (Postfix, from userid 465) id 0FB2254C9D4; Wed, 27 Apr 2005 18:43:30 -0400 (EDT) Received: from localhost (localhost [127.0.0.1]) by mail.eecs.harvard.edu (Postfix) with ESMTP id 0C57554C9CA; Wed, 27 Apr 2005 18:43:30 -0400 (EDT) Date: Wed, 27 Apr 2005 18:43:29 -0400 (EDT) From: Daniel Ellard To: freebsd-fs@freebsd.org In-Reply-To: <867jin2a2p.fsf@xps.des.no> Message-ID: <20050427183037.E46204@bowser.eecs.harvard.edu> References: <200504271918.PAA05842@parse.com> <867jin2a2p.fsf@xps.des.no> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=X-UNKNOWN Content-Transfer-Encoding: QUOTED-PRINTABLE X-Virus-Scanned: by amavisd-new at eecs.harvard.edu cc: Robert Krten Subject: Re: Background block scrubbing X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Apr 2005 22:43:31 -0000 On Wed, 27 Apr 2005, [iso-8859-1] Dag-Erling Sm=F8rgrav wrote: > "Robert Krten" writes: > > Is there a utility that does background unused block scrubbing? > > > > What I'm thinking of is something that looks for unused blocks on the > > disk, and then writes zeros, then random, then more random, etc, to the= m > > for security applications. > > That's not how it's done. Here's a good explanation of how to do it > and why it must be done that way: > > http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html That's not how it's done *now*, but it could be done like that in the future. The problem with this approach is that it might take an unknown amount of time before a particular block is sufficiently scrubbed. If the user needs to have something scrubbed right away (or by any given time) then this won't work -- but if the user has relaxed time constraints and a good amount of idle time, this doesn't seem like a bad way to get started on the process. Another suggestion -- look at the work done on free block scheduling, which opportunistically schedules I/Os for "free" during time that would ordinarily be rotational delays. There was a study a few years ago that showed that a free block scheduler could read or write every block on a disk in a matter of hours, even if the disk was heavily utilized during this period -- no need to wait for the disk to be idle. [Note that this scheduleing is "free" in terms of time, but not power or wear -- if you've got a disk that's designed to be idle a good fraction of the time, like most PC disks, this could cook it.] -Dan