Hi Tillmann,
thank you so much for this information.
I just thought about changing my (very stable) setup to the form of 3
Raid-1 devices and use dm-crypt over them !
But: Since a year or longer i use the following setup and never had any
problems:
3 RAID-1 device (MD0, MD1, MD2)
Added these devices to LVM-2.
Set up 10 logical volumes and crypted them (not the raid-devices directly)!
I have no idea, why this configuration is stable or if i'm just lucky
until now ...
Maybe the developers have an idea !
best regards and thanks again. (changing my setup would have been one
the next "projects ;-))
Tillmann Steinbrecher schrieb:
Hi,
it's been many months that dm-crypt has been broken, and is known to
cause massive data corruption.
Various people have noticed this, have lost data and wasted many hours
trying to find the reason, and still NOTHING is being done about it. The
problem seems to occur only in conjunction with RAID (dm-crypt on top of
RAID) (or possibly it occurs only in conjunction with large
filesystems). I've had issues with that for many months as well, trying
to eliminate other possible reasons. There are none.
Let's say this loud and clear:
dm-crypt causes data corruption. Yet it is not even marked as
"EXPERIMENTAL" in the kernel config, when in fact it's more than just
experimental, it's "DANGEROUS/BROKEN".
Here are some more reports:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=336153
(That was for 2.6.8, but the problems are still the same in recent
kernel versions)
http://www.ubuntuforums.org/showthread.php?t=170304
(Similar config, similar problem - this time with 2.6.12 and 2.6.15)
http://episteme.arstechnica.com/groupee/forums/a/tpc/f/96509133/m/282007248731/r/224008458731
(Again the same constellation, and the same problem.)
http://marc.theaimsgroup.com/?l=linux-kernel&m=114664786711245&w=2
(Same config, same problem. This time with 2.6.16!)
BTW the problem seems to be independent from the filesystem used;
however, filesystems seem to be more or less robust against this type of
corruption. With ext3, the filesystem would mess itself up within hours
on my system. With XFS, massive corruption (all data lost) had occured
after a few weeks. With ReiserFS 3, occasional problems that were
fixable using reiserfsck --rebuild-tree occured.
Sorry for the rant. But I think this is an important issue that needs to
be adressed ASAP, before even more people lose their data. Keep in mind
that crypto filesystems are typically used for systems where the data is
sensitive and important! Something must be done about it - in the worst
case, removing dm-crypt from the mainline kernel.
Please CC replies to me, as I'm not subscribed to either linux-kernel or
dm-crypt.
bye,
Tillmann
---------------------------------------------------------------------
- http://www.saout.de/misc/dm-crypt/
To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx
For additional commands, e-mail: dm-crypt-help@xxxxxxxx
