LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   TRIM on manually mounted encrypted SSD (https://www.linuxquestions.org/questions/linux-software-2/trim-on-manually-mounted-encrypted-ssd-4175593147/)

PasBern 11-08-2016 07:21 AM
TRIM on manually mounted encrypted SSD
 
Hi all,

I have a second PCIe slot in my Lenovo laptop which I use for a second SSD drive in addition to an NVMe where my system is installed. I have encrypted this drive with dmcrypt and mount it manually after boot up. Putting the drive into /etc/fstab makes my Ubuntu 16.10 (upgraded from 16.04) fail to boot or boot so slowly it is not acceptable. I haven't looked into this issue.

To keep the second SSD fast I want have its cells 'cleaned up' via the trim command. It is formatted with the XFS file system.

There is a weekly cron job for all mounted file systems, but the second SSD seems to be getting slower.

When I execute the fstrim command manually on all mounted file systems, the SSD drive is left out:

Code:
# /sbin/fstrim -v --all || true
/media/pascal/YouTubeCard: 14,8 GiB (15920910336 bytes) trimmed
/home/pascal: 0 B (0 bytes) trimmed
/boot: 0 B (0 bytes) trimmed
/: 0 B (0 bytes) trimmed
There are no fstrim erros in the syslog file:

Code:
cat /var/log/syslog | grep fstrim
I would be very grateful for your help and hints where I should look further.

If you need more information, let me know.

cepheus11 11-08-2016 07:28 AM
The partition is encrypted. You have to allow the trim operation also in the encryption layer, otherwise the operations from the filesystem layer never actually hit the drive controller. From "man cryptsetup":

Quote:
--allow-discards
Allow the use of discard (TRIM) requests for device. This option is only relevant for open action.
WARNING: This command can have a negative security impact because it can make filesystem-level operations visible on the physical device. For example, information leaking filesystem type, used space, etc. may be extractable from the physical device if the discarded blocks can be located later. If in doubt, do not use it.

A kernel version of 3.1 or later is needed. For earlier kernels this option is ignored.
So, for SSD's it is actually "paranoid security" XOR "drive performance".

Elizine 11-10-2016 12:56 AM
TRIM on manually mounted encrypted SSD
 
No. Trim is installed by the installer though but the 2 have no correlation. Trim is enabled based on the brand of your SSD. If the SSD is supported and tested prior and deemded working perfectly trim will be enabled. Otherwise it will be installed and disabled and you need to enable it manually. This is independent of the installer.

So, one installation might have you a working trim from the start; another installation might have you needing to enable it manually.

If not, how could I enable it after the installation?
Code:
From fstrim:

5555            if ! contains "$HDPARM" "Intel" && \
5656              ! contains "$HDPARM" "INTEL" && \
5757              ! contains "$HDPARM" "Samsung" && \
58                ! contains "$HDPARM" "SAMSUNG"; then
59                echo "device $DEV is not an Intel or Samsung drive"
 58              ! contains "$HDPARM" "SAMSUNG" && \
 59              ! contains "$HDPARM" "OCZ" && \
 60              ! contains "$HDPARM" "SanDisk" && \
 61              ! contains "$HDPARM" "Patriot"; then
 62                echo "device $DEV is not a drive that is known-safe for trimming"
6063                continue
6164            fi
6265        fi


All times are GMT -5. The time now is 07:25 PM.