Re: F26 System Wide Change: Enable TRIM pass down to encrypted disks

On Mon, Feb 06, 2017 at 11:15:59AM +0100, Ondrej Kozina wrote: > On 02/03/2017 05:42 PM, Nathanael D. Noblet wrote: > > > > Also what are the risks of enabling this? > > There's nice overview for it: > http://asalor.blogspot.cz/2011/08/trim-dm-crypt-problems.html > > In short (beside other

Re: F26 System Wide Change: Enable TRIM pass down to encrypted disks

On 02/03/2017 03:40 PM, Josh Boyer wrote: How is SSD being detected? Well, we can detect whether bdev is spindle or not from sysfs AFAIK. But anyway, do we need to know? It's mostly about whether dm-crypt would just *allow* discard to pass through dm-crypt target in general. In default

Re: F26 System Wide Change: Enable TRIM pass down to encrypted disks

On 02/03/2017 06:12 PM, Chris Murphy wrote: Further I wonder if /etc/lvm/lvm.conf needs issue_discards = 1 Both / and /home are actually LV's which are made from the LUKS PV. So trim pass down from dmcrypt to block device isn't enough to do anything. I think this is unrelated to this change

Re: F26 System Wide Change: Enable TRIM pass down to encrypted disks

On 02/03/2017 05:42 PM, Nathanael D. Noblet wrote: Also what are the risks of enabling this? There's nice overview for it: http://asalor.blogspot.cz/2011/08/trim-dm-crypt-problems.html In short (beside other facts covered in blog): A very simple analysis of encrypted block device with

Re: F26 System Wide Change: Enable TRIM pass down to encrypted disks

On 02/03/2017 08:42 AM, Nathanael D. Noblet wrote: > Also what are the risks of enabling this? It makes it possible for an attacker to distinguish used and unused space on the disk, as they can see zeros instead of encrypted noise. Whether that's a problem depends on your level of paranoia.

Re: F26 System Wide Change: Enable TRIM pass down to encrypted disks

On Fri, Feb 3, 2017 at 10:40 AM, Zdenek Kabelac wrote: > Dne 3.2.2017 v 18:23 Chris Murphy napsal(a): >> >> On Fri, Feb 3, 2017 at 10:18 AM, Chris Adams wrote: >>> >>> Once upon a time, Chris Murphy said: Further I

Re: F26 System Wide Change: Enable TRIM pass down to encrypted disks

Dne 3.2.2017 v 18:23 Chris Murphy napsal(a): On Fri, Feb 3, 2017 at 10:18 AM, Chris Adams wrote: Once upon a time, Chris Murphy said: Further I wonder if /etc/lvm/lvm.conf needs issue_discards = 1 Both / and /home are actually LV's which are made

Re: F26 System Wide Change: Enable TRIM pass down to encrypted disks

On Fri, Feb 3, 2017 at 10:18 AM, Chris Adams wrote: > Once upon a time, Chris Murphy said: >> Further I wonder if /etc/lvm/lvm.conf needs >> issue_discards = 1 >> >> Both / and /home are actually LV's which are made from the LUKS PV. So >> trim pass

Re: F26 System Wide Change: Enable TRIM pass down to encrypted disks

Once upon a time, Chris Murphy said: > Further I wonder if /etc/lvm/lvm.conf needs > issue_discards = 1 > > Both / and /home are actually LV's which are made from the LUKS PV. So > trim pass down from dmcrypt to block device isn't enough to do > anything. LVM passes

Re: F26 System Wide Change: Enable TRIM pass down to encrypted disks

Further I wonder if /etc/lvm/lvm.conf needs issue_discards = 1 Both / and /home are actually LV's which are made from the LUKS PV. So trim pass down from dmcrypt to block device isn't enough to do anything. ext4 (discard mount option or fstrim.service) -> LVM (issue_discards=1 in lvm.conf) ->

Re: F26 System Wide Change: Enable TRIM pass down to encrypted disks

On Fri, Feb 3, 2017 at 9:32 AM, Tomasz Torcz wrote: > On Fri, Feb 03, 2017 at 09:25:07AM -0700, Nathanael D. Noblet wrote: >> On Fri, 2017-02-03 at 09:40 -0500, Josh Boyer wrote: >> > On Mon, Jan 16, 2017 at 10:32 AM, Jan Kurik >> > wrote: >> > > = System

Re: F26 System Wide Change: Enable TRIM pass down to encrypted disks

On Fri, 2017-02-03 at 17:32 +0100, Tomasz Torcz wrote: > > So I've got multiple systems with encrypted partitions on SSD > > disks. > > Are there ways of enabling this for pre-existing partitions? > >   I believe putting “discard” at the the of each line in > /etc/crypttab > will do the trick.

Re: F26 System Wide Change: Enable TRIM pass down to encrypted disks

On Fri, Feb 03, 2017 at 09:25:07AM -0700, Nathanael D. Noblet wrote: > On Fri, 2017-02-03 at 09:40 -0500, Josh Boyer wrote: > > On Mon, Jan 16, 2017 at 10:32 AM, Jan Kurik > > wrote: > > > = System Wide Change: Enable TRIM pass down to encrypted disks = > > >

Re: F26 System Wide Change: Enable TRIM pass down to encrypted disks

On Fri, 2017-02-03 at 09:40 -0500, Josh Boyer wrote: > On Mon, Jan 16, 2017 at 10:32 AM, Jan Kurik > wrote: > > = System Wide Change: Enable TRIM pass down to encrypted disks = > > https://fedoraproject.org/wiki/Changes/EnableTrimOnDmCrypt > > > > Change owner(s): > > *

Re: F26 System Wide Change: Enable TRIM pass down to encrypted disks

On Mon, Jan 16, 2017 at 10:32 AM, Jan Kurik wrote: > = System Wide Change: Enable TRIM pass down to encrypted disks = > https://fedoraproject.org/wiki/Changes/EnableTrimOnDmCrypt > > Change owner(s): > * Vratislav Podzimek > * Ondrej Kozina > > > Override kernel default for

Re: F26 System Wide Change: Enable TRIM pass down to encrypted disks

On Monday, 16 January 2017 at 16:32, Jan Kurik wrote: [...] > == Detailed Description == > User base of Fedora distribution with SSDs grows steadily and while > the argument for kernel default setting not to enable the discard is > still strong one it doesn't change the fact that vast majority of

F26 System Wide Change: Enable TRIM pass down to encrypted disks

= System Wide Change: Enable TRIM pass down to encrypted disks = https://fedoraproject.org/wiki/Changes/EnableTrimOnDmCrypt Change owner(s): * Vratislav Podzimek * Ondrej Kozina Override kernel default for dm-crypt mappings of LUKS1 encrypted volumes via flag put in /etc/crypttab file. This

F26 System Wide Change: Enable TRIM pass down to encrypted disks

= System Wide Change: Enable TRIM pass down to encrypted disks = https://fedoraproject.org/wiki/Changes/EnableTrimOnDmCrypt Change owner(s): * Vratislav Podzimek * Ondrej Kozina Override kernel default for dm-crypt mappings of LUKS1 encrypted volumes via flag put in /etc/crypttab file. This