Linux 5.14 With EXT4 Adds Interface To Help Prevent Information Leakage From The Journal

Written by Michael Larabel in Linux Storage on 3 July 2021 at 08:32 PM EDT. 5 Comments
The EXT4 file-system updates have been sent in for the ongoing Linux 5.14 merge window.

Besides routine fixes and code improvements for this mature Linux file-system, EXT4 this cycle brings a noteworthy feature addition: support for triggering journal checkpoints from user-space in the name of extra privacy/security. The new EXT4_IOC_CHECKPOINT ioctl allows the journal to be checkpointed, truncated and discard or zeroed out.

With this new interface it can allow EXT4 to better guarantee that all file contents and metadata is not accessible through the file-system and is discarded or zeroed out to fend off possible information leaks from the EXT4 journal. User-space daemons can trigger the new ioctl if desired at given intervals for carrying out that checkpoint and discard/zero'ed out process. Thus with this functionality can help ensure that deleted filenames are cleared out in full with no signs/information of that prior file. This EXT4 feature appears to have been motivated by Google Cloud with persistent disks to ensure no personally identifiable information might be left around in the EXT4 file-system journal.

In addition to this new checkpoint ioctl, EXT4 with this next kernel version now allows applications to poll on changes to /sys/fs/ext4/*/errors_count. More details within this pull request.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via

Popular News This Week