Re: dm-crypt is broken and causes massive data corruption

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Alasdair G Kergon schrieb:

On Fri, Jun 02, 2006 at 05:15:19PM +0200, Dr. Uwe Meyer-Gruhl wrote:

4. Problems occur with RAID-5 and RAID-6. Both are O.K. without dm-crypt.
5. Problems are unaffected by different ciphers under dm-crypt (at least AES, Serpent and Twofish expose the bug). dm-linear is reported to have failed, too. So, we suspect that neither dm-crypt nor ciphers are the culprit here, but rather the device mapper core functionality or RAID subsystem.
If we can get some more reports of it failing with dm-linear that represents a big simplification of the problem. 

Alasdair


O.K. I have just tested it:

/tmp/linear:

0 1000 linear /dev/md0 0
1000 1000 linear /dev/md0 1000
2000 1000 linear /dev/md0 2000
3000 100000000 linear /dev/md0 3000

#dmsetup create test /tmp/linear

#mke2fs -j -T largefile4 /dev/mapper/test
Copied to it for a couple of minutes, crash, auto-remounted r/o, as always, but this time without any encryption. Information verified, I guess.
Another tip I got from someone at the linux-raid list got me an idea as to why my cryptoloop setup had failed: I did not use loop-AES, but "standard" SuSE cryptoloop which is said to be unstable with journaled filesystems like reiserfs and ext3. I think that means only that installing a loop over a physical device may re-sequence I/O accesses which could lead to problems when there is no clean unmount, but who knows for sure?
That guy suggested using loop-AES for its stability (it reportedly even works with journaled filesystems), for he does not trust such "new" developments as cryptoloop and device mapper. 

Also, I have checked the patch by Neil Brown given here:

http://lwn.net/Articles/150583/

That did not fix the problem, either.
So, I still strongly believe that there is a problem with device mapper in conjunction with RAID and no easy fix :-(
BTW: Christophe was right with his tip to start two jobs for testing when you want to reproduce the problem quickly. The bonnie benchmark seems like a good candidate... works like a charm in less than an hour. 



---------------------------------------------------------------------
 - http://www.saout.de/misc/dm-crypt/
To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx
For additional commands, e-mail: dm-crypt-help@xxxxxxxx
[Index of Archives]     [Device Mapper Devel]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux