From Fedora Project Wiki

Revision as of 06:59, 27 June 2017 by Jkurik (talk | contribs) (https://pagure.io/fesco/issue/1725)


Enable TRIM pass down to encrypted disks

Summary

Override kernel default for dm-crypt mappings of LUKS1 encrypted volumes via flag put in /etc/crypttab file. This change should affect only newly created encrypted storage based on LUKS1 format during installation.

Owner

  • Name: Vratislav Podzimek and Ondrej Kozina
  • Email:
    • okozina AT redhat DOT com
    • vpodzime AT redhat DOT com
  • Release notes owner:

Current status

Detailed Description

User base of Fedora distribution with SSDs grows steadily and while the argument for kernel default setting not to enable the discard is still strong one it doesn't change the fact that vast majority of users (with SSDs) doesn't want to sacrifice better performance of drive with discard/trim enabled for the sake of secrecy.

We're not speaking encrypted data security here and double emphasize on it! Only the fact that blank filesystem on top of dm-crypt device with discard enabled may create well visible patterns in ciphertext device below on SSDs.

For LUKS1 metadata format we don't have a space to store the new default in metadata and therefore we can't flip the default for new LUKS1 devices being formated via libcryptsetup or cryptsetup utility.

Changing the kernel default is of the table due to risk of data corruption with some TrueCrypt configurations involving hidden volumes.

For rotational devices the cost of enabled discard is negligible

Benefit to Fedora

Majority of users will benefit enhanced I/O performance provided they encrypt their SSD storage

Scope

  • Proposal owners:

This change despite being system wide change due to overriding legacy default is quite small and easy to manage.

  • Other developers:
    • Very minor change in python-blivet. Basically we just need to store discard keyword in /etc/crypttab lines related to new partitions created during installation process.


  • Policies and guidelines:
    • Add short information in documentation we're changing long term default and copy the reasoning there.
  • Trademark approval: N/A

Upgrade/compatibility impact

Not affected.

How To Test

  • Prerequisites:
    • Have a system w/ SSD installed
  • Check that newly created encrypted SSD partitions in installer are flagged with discard option put in /etc/crypttab file.
  • Check the encrypted partition is activated with allow_discards keyword in respective device-mapper table line. (after cryptsetup open command, dmsetup table <mapping_name> should show table w/ allow_discard in it)

User Experience

On a long term it's improved I/O performance when using encrypted storage setup on top of SSD.

Dependencies

None.

Contingency Plan

  • Contingency mechanism: Revert to current default configuration
  • Contingency deadline: devel freeze
  • Blocks release? No
  • Blocks product? N/A

Documentation

Release Notes