Announcement

Collapse
No announcement yet.

Linux 5.14 To Allow EXT4 Journal Checkpoints From User-Space For Extra Privacy

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Linux 5.14 To Allow EXT4 Journal Checkpoints From User-Space For Extra Privacy

    Phoronix: Linux 5.14 To Allow EXT4 Journal Checkpoints From User-Space For Extra Privacy

    Queued up now into the EXT4 file-system's "dev" tree is the recent work on a journal checkpoint ioctl (EXT4_IOC_CHECKPOINT) and optional support for TRIM/discard or zero-out support on journal flushes. This is the work that came about in recent months in working to ensure the privacy of deleted file names from the system...

    https://www.phoronix.com/scan.php?pa...-Journal-Check

  • #2
    I guess this will require us to re-format our actual ext4 drives to take advantage of the new ext4. Does anyone have any information on that?

    Comment


    • #3
      No on-disk format changes are needed to use this feature. What is required is a device which supports the discard / trim operation; and the security guarantees that you get are (obviously) dependent on the security guarantees which the device provides in terms of discard operations. There are some specifications (e.g. SATA) where discard is defined to be a "hint" that the blocks are no longer needed by the host OS, which means, "the device is allowed to ignore a discard if whenever it feels like it". Many devices provide stronger guarantees than what is required by the SATA specification (which was written by the manufacturers) --- for example, Google Cloud's Persistent Disk guarantees that discards will always result in the block contents no longer being available from the VM --- but YMMV.

      Comment

      Working...
      X