On Tue, 4 Nov 2014, Mikulas Patocka wrote: > > > > > Recovery after a power fail > > > --------------------------- > > > > > > If the dm-protected device was not cleanly shut down, then we need to > > > examine all of the checksum blocks in the Active Area. For each > > > checksum block in the AA, the checksums for all of their data blocks > > > should machine either the checksum found in the AA, or the checksum > > > found in the checksum block in the checksum group. > > > > ... and if the checksum of the block matches BOTH the checksum in the AA > > and the checksum in the checksum group (because of checksum function > > collision), you don't know which 4-bit nibble belongs to the data in the > > block. > > Though, I realize that you could avoid this problem by selecting the > appropriate checksum function - that never results in collision if the > 4-bit nibble differs. Hmm, that is still not sufficient. Suppose that "a" and "b" is sector content without the 4-bit nibble and "x" and "y" are two different nibbles. Now, we have this situation: a + x -> checksum1 b + x -> checksum1 a + y -> checksum2 b + y -> checksum2 Suppose that we do crash recovery and we have (x,checksum1) in the checksum block and (y,checksum2) in the active area - we can't really tell which one is valid. So you really need cryptographic hashes instead of checksums to avoid the collisions. Mikulas -- dm-devel mailing list dm-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/dm-devel
