On Tue, Nov 16, 2021 at 02:03:15AM +0000, Qi, Yadong wrote: > > > Add a new option "secdiscard" for block drive. Parse it and record it > > > in bs->open_flags as bit(BDRV_O_SECDISCARD). > > > > > > Add a new BDRV_REQ_SECDISCARD bit for secure discard request from > > > virtual device. > > > > > > For host_device backend: implement by ioctl(BLKSECDISCARD) on real > > > host block device. > > > For other backend, no implementation. > > > > > > E.g.: > > > qemu-system-x86_64 \ > > > ... \ > > > -drive > > file=/dev/mmcblk0p2,if=none,format=raw,discard=on,secdiscard=on,id=sd0 \ > > > -device virtio-blk-pci,drive=sd0,id=sd0_vblk \ > > > ... > > > > I'm curious why there is explicit control over this feature (-drive > > secdiscard=on|off). For example, is there a reason why users would want to > > disable secdiscard on a drive that supports it? I guess there is no way to > > emulate > > it correctly so secdiscard=on on a drive that doesn't support it produces > > an error? > > Yes. AFAIK, there is no way to emulate a "secure" discard. But it seems also > hard to > detect whether a host drive support secdiscard unless it really perform a real > secdiscard. So I choose to add an option for user to enable it for virtual > block. > There is an assumption that user knows whether host support secdiscard.
Question for Jens and Christoph: Is there a way for userspace to detect whether a Linux block device supports SECDISCARD? If not, then maybe a new sysfs attribute can be added: diff --git a/block/blk-sysfs.c b/block/blk-sysfs.c index cef1f713370b..c946ef49ac15 100644 --- a/block/blk-sysfs.c +++ b/block/blk-sysfs.c @@ -304,6 +304,7 @@ QUEUE_SYSFS_BIT_FNS(nonrot, NONROT, 1); QUEUE_SYSFS_BIT_FNS(random, ADD_RANDOM, 0); QUEUE_SYSFS_BIT_FNS(iostats, IO_STAT, 0); QUEUE_SYSFS_BIT_FNS(stable_writes, STABLE_WRITES, 0); +QUEUE_SYSFS_BIT_FNS(secure_erase, SECERASE, 0); #undef QUEUE_SYSFS_BIT_FNS static ssize_t queue_zoned_show(struct request_queue *q, char *page) Stefan
signature.asc
Description: PGP signature
