Background block scrubbing
Daniel Ellard
ellard at eecs.harvard.edu
Wed Apr 27 15:43:31 PDT 2005
On Wed, 27 Apr 2005, [iso-8859-1] Dag-Erling Sm=F8rgrav wrote:
> "Robert Krten" <root at parse.com> writes:
> > Is there a utility that does background unused block scrubbing?
> >
> > What I'm thinking of is something that looks for unused blocks on the
> > disk, and then writes zeros, then random, then more random, etc, to the=
m
> > for security applications.
>
> That's not how it's done. Here's a good explanation of how to do it
> and why it must be done that way:
>
> http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
That's not how it's done *now*, but it could be done like
that in the future. The problem with this approach is that
it might take an unknown amount of time before a particular
block is sufficiently scrubbed. If the user needs to have
something scrubbed right away (or by any given time) then
this won't work -- but if the user has relaxed time constraints
and a good amount of idle time, this doesn't seem like a bad
way to get started on the process.
Another suggestion -- look at the work done on free block
scheduling, which opportunistically schedules I/Os for "free"
during time that would ordinarily be rotational delays. There
was a study a few years ago that showed that a free block
scheduler could read or write every block on a disk in a
matter of hours, even if the disk was heavily utilized during
this period -- no need to wait for the disk to be idle.
[Note that this scheduleing is "free" in terms of time, but
not power or wear -- if you've got a disk that's designed to
be idle a good fraction of the time, like most PC disks,
this could cook it.]
-Dan
More information about the freebsd-fs
mailing list