Re: [PATCH 2/2] storage: Forbid wiping formatted volume types that are not supported

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Jul 15, 2016 at 09:46:50AM +0200, Ján Tomko wrote:
On Thu, Jul 14, 2016 at 02:27:41PM +0200, Martin Kletzander wrote:
Until now we allowed that to happen, however the only thing we supported
was either rewiting the file or truncating it.  That however doesn't
keep the format of that file, so QCOWs, VDIs and all others just became
RAW with arbitrary size.

Yes, wiping wipes the format as well. Nothing wrong with that.


It is not?  Even though QEMU will not start?

Also consider this:

$ virsh vol-info asdf.img default
Name:           asdf.img
Type:           file
Capacity:       10.00 GiB
Allocation:     196.00 KiB

$ virsh vol-wipe asdf.img default
Vol asdf.img wiped

$ virsh vol-info asdf.img default
Name:           asdf.img
Type:           file
Capacity:       196.00 KiB
Allocation:     196.00 KiB

Does that seem right?

Not to mention any domain using such volume
could not start anymore.  Instead of dealing with the recreation of
every single possible file that we have (and possibly failing due to
create_tool capabilities) just forbid it for now.

We even state in our
documentation that it has no value for file-backed volumes.


Where?


OK, my bad, can't find it.  Anyway it should be there.  "Ensure data
previously on a volume is not accessible to future reads." for me,
personally, means that you cannot get any data back by issuing read() on
the volume.  So if it is a file, I think:

 truncate(fd, 0);
 truncate(fd, size);

is enough.  Algorithm makes sense for partitions and other block (or
basically non-file backed) storage.

 Also note, that depending on the actual volume representation, this call
 may not really overwrite the physical location of the volume. For
 instance, files stored journaled, log structured, copy-on-write,
 versioned, and network file systems are known to be problematic.

http://libvirt.org/html/libvirt-libvirt-storage.html#virStorageVolWipe

This only says that it might not work, not that it's completely useless.

I think we have a precedent for supporting marginally useful features by
still supporting qcow encryption.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=868771


NACK to breaking functionality in order to resolve a 4-year-old
synthetic QE-filed bug.


How about the fact that it boils my blood (I have no idea how to say
"pisses me off" politely) when I see that we have an API not doing it's
one job correctly and we can fix it with almost trivial patch?  Could
you elaborate on what functionality is being broken here?

I suggest WONTFIX or NOTABUG.


No, it is a bug and I don't see a reason why we wouldn't fix it.

Jan

Attachment: signature.asc
Description: Digital signature

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list

[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]