On Wed, Apr 11, 2012 at 11:08:41AM +1000, Tim Connors wrote:
As long as the file is either the new or the old version, and not zeroed out because of braindead filesystem behaviour,
you've made this claim a few times about XFS. sometimes naming XFS explicitly, and sometimes not as here. i suspect it's because you don't know or don't understand how XFS works. tl;dr version: XFS does not zero sectors due to brain-dead filesystem behaviour. more detailed version: (dredging up half-remembered stuff from years ago when it was actually relevant or worth knowing): it gives you zeroed sectors if and only if the system crashes when the metadata has been written but the actual data has not, resulting in the file's metadata pointing to some completely arbitrary section of disk containing completely arbitrary data - it might be zeroes, it's likely to be sectors that were previously in use by some other file. it could be an old copy of /etc/shadow, or a confidential file. when xfs detects that this has happened after a crash, then it zeroes the sectors to prevent leakage of potentially confidential or security-sensitive information. when this happens (e.g. due to power-failure or kernel lockup) choosing between the old version and the new version IS NOT AN OPTION and there is no possibility that it could even be an option. The metadata pointing to the old version has already been overwritten, and the new version never got synced to disk. the xfs developers aren't idiots. if it was at all possible to give you either the new version or the old version in this particular situation, then they'd give it to you. they can't, so they err on the side of security and privacy. AFAIK, this situation can only occur today if you override the defaults and force an xfs filesystem to be mounted without barriers. If you do this, you are asking for trouble and have no legitimate cause for complaint. more to the point, ext3/4 will have exactly the same problem in the same situation (hard crash, no write barriers). I'm unsure of whether they bother to zero the sectors or if they just give you whatever data happened to be in the sectors. hopefully the former. newer filesystems, like btrfs and zfs, avoid this problem entirely because they are copy-on-write. craig -- craig sanders <cas@taz.net.au> BOFH excuse #447: According to Microsoft, it's by design