You are not logged in.
- Topics: Active | Unanswered
#1 2017-01-29 10:12:00
- cb951303
- Member
- Registered: 2007-03-17
- Posts: 91
SSD periodic trim on dm-crypt file system
According to Arch wiki there is 2 way of doing TRIM.
Performance wise it looks like doing a weekly trim is better. But wiki fails to mention that if fstrim service works also on dm-crypt file systems?
Should I just enable fstrim.timer and be done with it should I do some more work to enable it for dm-crypt?
Thanks
Offline
#2 2017-01-29 10:13:59
- graysky
- Wiki Maintainer
- From: :wq
- Registered: 2008-12-01
- Posts: 10,597
- Website
Re: SSD periodic trim on dm-crypt file system
Don't think dm-crypt or not matters... timer is my vote.
CPU-optimized Linux-ck packages @ Repo-ck • AUR packages • Zsh and other configs
Offline
#3 2017-01-29 14:13:50
- hexchain
- Member
- Registered: 2011-12-26
- Posts: 19
Re: SSD periodic trim on dm-crypt file system
TRIMming on dm-crypt devices has security implications, and requires some configuration, as described by https://wiki.archlinux.org/index.php/Dm … _.28SSD.29
Last edited by hexchain (2017-01-29 14:14:10)
Offline
#4 2017-01-29 14:25:53
- frostschutz
- Member
- Registered: 2013-11-15
- Posts: 1,417
Re: SSD periodic trim on dm-crypt file system
crypt is the one storage layer that does not pass trim/discard by default and needs explicit allow-discards. Everything else (partitions, raids, lvms, loop devices, etc...) passes trim with no questions asked (and no way to turn it off).
security implications
Data is still fully encrypted. Free space will appear zeroed. Usually this is not an issue - most setups have glaring weakpoints elsewhere, hiding free space is far down the list / there's not much point to it - and you have the same "problem" with any file based encryption (ecryptfs, ext4-encryption, etc.) or even regular LUKS if you did not overwrite it entirely with random data first. If you did not overwrite old unencrypted data, trim will even help get rid of that for you, not to mention that there is no way to recover/undelete trimmed data, so there are also cases where it improves security... 
Last edited by frostschutz (2017-01-29 14:26:33)
Offline
#5 2017-01-30 18:40:07
- cb951303
- Member
- Registered: 2007-03-17
- Posts: 91
Re: SSD periodic trim on dm-crypt file system
TRIMming on dm-crypt devices has security implications, and requires some configuration, as described by https://wiki.archlinux.org/index.php/Dm … _.28SSD.29
From what I understand those configurations are for continous trimming which is not something I want to do. What can I do for periodic trimming? That's why I specifically asked if the fstrim service mentioned in the arch wiki also work on dm-crypt. That's the only thing mentioned under "periodic trimming" title.
Last edited by cb951303 (2017-01-30 18:48:13)
Offline
#6 2017-01-30 18:50:10
- frostschutz
- Member
- Registered: 2013-11-15
- Posts: 1,417
Re: SSD periodic trim on dm-crypt file system
It works fine as long as allow-discards is set (you can check with dmsetup table | grep allow_discards).
Or the yes-Method to test trim through all storage layers: http://unix.stackexchange.com/a/85880/30851
Last edited by frostschutz (2017-01-30 19:13:12)
Offline