[Discuss] Linux dm-crypt TRIM support for use with SSD
Chuck Anderson
cra at WPI.EDU
Mon Aug 15 22:12:03 EDT 2011
On Mon, Aug 15, 2011 at 08:45:30AM -0400, Chuck Anderson wrote:
> TrueCrypt and many other full disk encryption packages cannot tell the
> drive which sectors are actually free (and hence maintain them as
> zeroed sectors on the SSD) because they don't support TRIM. Many of
> the packages don't want to support TRIM because it would leak
> information about the encrypted disk to a potential attacker. That's
> pretty much it in a nutshell.
Here is a patch to add discard (TRIM) support to Linux dm-crypt (used
by cryptsetup-luks). This will be in Linux 3.1:
http://git.kernel.org/?p=linux/kernel/git/agk/linux-2.6-dm.git;a=commitdiff;h=772ae5f54d69c38a5e3c4352c5fdbdaff141af21
Note the WARNING in the documentation.
This support is already included in the latest Fedora rawhide (what
will become Fedora 17) kernels.
More information about the Discuss
mailing list