[dm-crypt] [ANNOUNCE] cryptsetup 1.4.0

Alexander Koch mail at alexanderkoch.net
Thu Oct 27 15:33:31 CEST 2011


Am 26.10.2011 20:46, schrieb Milan Broz:
> * Support --enable-discards option to allow discards/TRIM requests.
> 
>    Since kernel 3.1, dm-crypt devices optionally (not by default) support
>    block discards (TRIM) comands.
>    If you want to enable this operation, you have to enable it manually
>    on every activation using --enable-discards
> 
>           cryptsetup luksOpen --enable-discards /dev/sdb test_disk
> 
>    WARNING: There are several security consequences, please read at least
>             http://asalor.blogspot.com/2011/08/trim-dm-crypt-problems.html
>             before you enable it.

On Arch Linux, the package 'cryptsetup' contains
/lib/initcpio/hooks/encrypt, which provides a hook for mounting
encrypted volumes from initrd.

Does anyone know if there exists any effort on making this script accept
options for cryptsetup from kernel cmdline?
The current version only reads device and mapper-name, so one cannot
open an encrypted root device with discard enabled.

Looking at the code, I think this would not be so hard to implement
(maybe just an addidional ':'-separated field in the kernel cmdline for
options like --enable-discards), but If someone is already working on it
I won't start the hack ;)


Cheers,

lynix


More information about the dm-crypt mailing list