[dm-crypt] expanding encrypted volume/growing the volume

Ross Boylan ross at biostat.ucsf.edu
Wed Sep 10 05:31:31 CEST 2014


On Tue, Sep 09, 2014 at 08:59:03PM -0500, Robert Nichols wrote:
> On 09/09/2014 04:52 PM, Ross Boylan wrote:
>>   The FAQ advises wipeing it, though the
>> only explicit reasons seem not much of a concern for space in a volume
>> group (but later there are references to attacks available if the
>> attacker can determine which sectors are unused).  As far as I know
>> there is no way to access the unused area of the volume group ...
>
> Easy.  Create a new LV in that VG and use "--extents 100%FREE" as
> its size.  Fill that LV with whatever variety of random data you
> choose, then delete that LV and use the space to expand your active
> LV.

Thanks; I wasn't aware of that syntax.

But do the snapshots make that hazardous?  If the maximum space I
specified for them is pre-allocated it should be fine, but I thought
the implementation grabbed blocks as needed.  If that's the case, a
snapshot could fail while I have grabbed all the "free" space.

I suppose worst case I could do 90%Free and be good enough.

Ross


More information about the dm-crypt mailing list