On 1109635700 seconds since the Beginning of the UNIX epoch
Thomas Sparrevohn wrote:
>

>I could be wrong but I would assume that if it is correctly handled within 
>softupdates there should be no need for journalling - e.g. If both 
>transactions are not completed the writes are ignored

This does not work.  The problem is that in GBDE for sector n which
is written, there are two operations:

	1.  change the key by which sector n is encrypted, and
	2.  write sector n ecnrypted with the new key.

If one of these fails, how could the write be ignored? If one of
the two completes but not both, then one is left in the situation
of either:

	1.  trying to decrypt the old sector with the new
	    encryption key, or
	2.  trying to decrypt the new sector with the old
	    encryption key.

Either way, the sector has been lost.  Neither the original contents
of the sector nor the new contents can be recovered without breaking
AES-128.  Fsck(8) does not contain this functionality (and it would
be rather impressive if it did.)

Softupdates does not maintain old copies of sectors which it is
writing.  Hence the sector is gone forever (or for however long it
takes to break AES-128.)  There is no [reasonable] possibility of
recovery.

--
    Roland Dowdeswell                      http://www.Imrryr.ORG/~elric/