On Jun 5, 2014, at 9:14 AM, Swâmi Petaramesh <sw...@petaramesh.org> wrote:
>> I don't believe that LVM offers any benefit if you use BTRFS. > > BTRFS cannot handle swap. Yes but Fedora's installer doesn't support swapfiles anyway. It only creates swap partitions (encrypted or not encrypted). And it does allow you to selectively only encrypt swap if you want. > A full disk encryption needs the swap to be > encrypted as well. The Fedora installer will let you use regular partitions and encrypt them. LVM isn't necessary to achieve this. > The only solution for getting both the swap and filesystems > encrypted using the same key is to put both of them on an LVM itself luks- > encrypted using dm-crypt. Why do they need to have the same key? The Fedora installer will let you do a Btrfs installation with swap as a separate partition, encrypt both partitions using one passphrase. Yes there are two LUKS device keys setup, but one passphrase unlocks both at the same time during boot. > All my machines have been made this way for *years*, so I know it works damn > well ;-) The Fedora installer won't even let you do this. Btrfs can't be put on LVM via anaconda. Best practices for SSDs has been to encrypt each LV separately because dmcrypt was one thread per logical device. For an SSD this can make a big difference because it's possible to pin that single encryption thread and turn it into a bottle neck. There are multithreaded dmcrypt patches but I have no idea if it's in mainline kernels and if it gets used by default. > > …And it also allows for hibernateing the system to (encrypted) swap space... *shrug* that's hardware specific, whether it works or not. Right now hibernation in general, let alone encrypted, sucks on Linux right now. It and suspend are totally busted on all of my hardware right now, and forums are littered with people not able to get it to work, or having to become virtual experts getting it to work. Chris Murphy -- To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
