From: Milan Broz <gmazyland@gmail.com>
To: Nikolay Kichukov <hijacker@oldum.net>,
Chris Murphy <lists@colorremedies.com>
Cc: dm-crypt@saout.de
Subject: Re: [dm-crypt] luks2 and discard/trim not working
Date: Sat, 9 May 2020 22:11:56 +0200 [thread overview]
Message-ID: <69e220d1-d9b3-3e96-1b7a-8d400d6aed5a@gmail.com> (raw)
In-Reply-To: <20200509214159.3d85409c@glena.fritz.box>
On 09/05/2020 21:41, Nikolay Kichukov wrote:
>
> Does mine use an internal hash?
No, internal hash is used for non-cryptographic integrity
protection (IOW when you use only integritysetup).
LUKS2 can used with authenticated encryption and here discard
will be never supported. New cryptsetup should print better error
message here though ("TRIM/discard is not supported.")
(Discarded areas means that data area is undefined and reading
must return "integrity failure". Many programs do not expect this
and will misbehave.
And introducing new state "discarded" would basically define
a new state in authenticated encryption - we will not do this
in dm-crypt.)
Authenticated encryption for LUKS2 is an experimental feature,
I hope one day we will have something better on filesystem layer.
If you use just the same encryption as in LUKS1 (length
preserving encryption without any data integrity protection),
then it behaves exactly the same - discards can be enabled.
Milan
next prev parent reply other threads:[~2020-05-09 20:11 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-09 14:25 [dm-crypt] luks2 and discard/trim not working Nikolay Kichukov
2020-05-09 15:45 ` Chris Murphy
2020-05-09 19:41 ` Nikolay Kichukov
2020-05-09 20:11 ` Milan Broz [this message]
2020-05-10 1:41 ` Chris Murphy
2020-05-09 20:23 ` Chris Murphy
2020-05-09 21:35 ` Nikolay Kichukov
2020-05-09 22:01 ` Milan Broz
-- strict thread matches above, loose matches on Subject: below --
2020-05-08 21:41 Nikolay Kichukov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=69e220d1-d9b3-3e96-1b7a-8d400d6aed5a@gmail.com \
--to=gmazyland@gmail.com \
--cc=dm-crypt@saout.de \
--cc=hijacker@oldum.net \
--cc=lists@colorremedies.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox