From: "Martin Jørgensen" <mjoerg@gmail.com>
To: Mistave <mistave@countermail.com>
Cc: dm-crypt@saout.de
Subject: Re: [dm-crypt] Properly enabling TRIM for dm-crypt on an SSD
Date: Sun, 20 Dec 2020 19:12:06 +0100 [thread overview]
Message-ID: <CAJN12jm-KqRWA8qFwygp7NvcvVGR_t9HV2o54QO3fUHUh4SEmw@mail.gmail.com> (raw)
In-Reply-To: <1e91347d-24ba-a387-e148-b3dd96bf0adc@countermail.com>
[-- Attachment #1.1: Type: text/plain, Size: 1742 bytes --]
On Sun, Dec 20, 2020 at 12:47 PM Mistave <mistave@countermail.com> wrote:
> Hello!
...
> there is so much contradicting information available online. Some people
> mentioned that a "discard" parameter should be added to /etc/crypttab
> entry, others claim they must be present on both files - fstab and
> crypttab. Some even suggest to add an "allow-discards" parameter to the
> GRUB kernel command line in /etc/default/grub file. I was also told that
> the continuous TRIM is discouraged and that periodic should be used
> instead.
>
> What's the correct thing to do here?
>
There's a longer explanation e.g. here:
https://stackoverflow.com/questions/61428311/ssd-trim-on-linux and I
understand that LUKS does not allow TRIM by befault, because of security
issues:
*"Note that if you're using LVM or cryptsetup, all such layers need to be
configured to pass through the discard operation to the lower layer. By
default, cryptsetup ignores discard operations as it prioritizes privacy
over performance – TRIM by its nature reveals which disk areas are in use
and which ones are free."*
For the last part I now think I understand the need for passing through
discard operations to the lower layer (haven't done it but also haven't had
problems in years using LUKS). I think something like this could be what
you're looking for:
https://blog.christophersmart.com/2013/06/05/trim-on-lvm-on-luks-on-ssd/ -
I found several similar posts on google, it seems you basically need to
ensure that discards are sent to the crypto layer by adding the
*allow-discards* option to /etc/crypttab... Haven't actually done it myself
- maybe I should do that in near future, sounds like a good idea...
Br,
M.
[-- Attachment #1.2: Type: text/html, Size: 2518 bytes --]
[-- Attachment #2: Type: text/plain, Size: 135 bytes --]
_______________________________________________
dm-crypt mailing list
dm-crypt@saout.de
https://www.saout.de/mailman/listinfo/dm-crypt
next prev parent reply other threads:[~2020-12-20 18:13 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-20 11:36 [dm-crypt] Properly enabling TRIM for dm-crypt on an SSD Mistave
2020-12-20 18:12 ` Martin Jørgensen [this message]
2020-12-21 16:53 ` Mistave
2020-12-21 21:45 ` Mistave
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAJN12jm-KqRWA8qFwygp7NvcvVGR_t9HV2o54QO3fUHUh4SEmw@mail.gmail.com \
--to=mjoerg@gmail.com \
--cc=dm-crypt@saout.de \
--cc=mistave@countermail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).