From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from v1.tansi.org (mail.tansi.org [84.19.178.47]) by mail.server123.net (Postfix) with ESMTP for ; Sat, 20 Apr 2019 19:09:24 +0200 (CEST) Received: from gatewagner.dyndns.org (81-6-44-245.init7.net [81.6.44.245]) by v1.tansi.org (Postfix) with ESMTPA id A5C38140171 for ; Sat, 20 Apr 2019 19:09:20 +0200 (CEST) Date: Sat, 20 Apr 2019 19:09:23 +0200 From: Arno Wagner Message-ID: <20190420170923.GA10922@tansi.org> References: <7ce39bb6-6a83-4a70-98eb-2cc0148de230@email.android.com> <35adea23-cf39-664c-d17e-929e42f981b6@comcast.net> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Disposition: inline Content-Transfer-Encoding: quoted-printable In-Reply-To: <35adea23-cf39-664c-d17e-929e42f981b6@comcast.net> Subject: Re: [dm-crypt] Problem_wiping List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de Interesting, I had not noticed.=20 You are right though, I get 260MB/s with 5.0.x on hardware=20 that used to be about 10x slower for this. This is even a bit=20 faster than the ciphers cryptsetup offers. Indeed time for an update. Should be able to get to it=20 some time after Easter. Thanks! Arno On Sat, Apr 20, 2019 at 16:18:50 CEST, Robert Nichols wrote: > On 4/19/19 8:13 AM, Dernsen wrote: > >Hi, > > > >I prepared a partition on my hdd (no ssd) as described in cryptsetup FAQ= (intel i3 3rd gen. ; 4gb ram): > > > >Test 1. dd urandom direct on partition: > > > > > >root@pocket-pc:/home/dernsen# dd bs=3D16M status=3Dprogress if=3D/dev/ur= andom of=3D/dev/sda3 > >55566139392 Bytes (56 GB, 52 GiB) kopiert, 1611 s, 34,5 MB/s > >dd: Fehler beim Schreiben von '/dev/sda3': Auf dem Ger=E4t ist kein Spei= cherplatz mehr verf=FCgbar > >3313+0 Datens=E4tze ein > >3312+0 Datens=E4tze aus > >55574528000 Bytes (56 GB, 52 GiB) kopiert, 1630,73 s, 34,1 MB/s > >root@pocket-pc:/home/dernsen# > > > > > > > >Test 2. dm-crypt + dd on device-mapper: > > > >root@pocket-pc:/home/dernsen# cryptsetup open --type plain -d /dev/urand= om /dev/sda3 to_be_wiped > >root@pocket-pc:/home/dernsen# dd bs=3D16M status=3Dprogress if=3D/dev/ze= ro of=3D/dev/mapper/to_be_wiped > >55566139392 Bytes (56 GB, 52 GiB) kopiert, 1536 s, 36,2 MB/s > >dd: Fehler beim Schreiben von '/dev/mapper/to_be_wiped': Auf dem Ger=E4t= ist kein Speicherplatz mehr verf=FCgbar > >3313+0 Datens=E4tze ein > >3312+0 Datens=E4tze aus > >55574528000 Bytes (56 GB, 52 GiB) kopiert, 1554,81 s, 35,7 MB/s > >root@pocket-pc:/home/dernsen# > > > > > > > >There is almost no difference in speed. > > > >1. Did i do any mistake? > >2. Is this recommodation still up to date? >=20 > Recent kernels (3.x and newer) have a much faster /dev/urandom, so there = is no longer a speedup when overwriting with encrypted zeros. With a 2.6 ke= rnel, I measure just 13 MB/s from /dev/urandom, whereas a 3.10 kernel on th= e same hardware achieves 251 MB/s from /dev/urandom. >=20 > Perhaps it's time to update the FAQ. >=20 > --=20 > Bob Nichols "NOSPAM" is really part of my email address. > Do NOT delete it. >=20 > _______________________________________________ > dm-crypt mailing list > dm-crypt@saout.de > https://www.saout.de/mailman/listinfo/dm-crypt --=20 Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@wagner.name GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- A good decision is based on knowledge and not on numbers. -- Plato If it's in the news, don't worry about it. The very definition of=20 "news" is "something that hardly ever happens." -- Bruce Schneier