[dm-crypt] Hybrid drives
sven at whgl.uni-frankfurt.de
Sat Jul 17 15:27:20 CEST 2010
I do see your point now, I think.
If the SDD (Flash) cache would be exported as device to the system, to use
it for system level caching (as in the system decides what to use it for,
i.e. page cache), then yes, portions of unencryoted memmory would be
written to that cache.
On the other hand, when support for this should come to the kernel (and
the HDD would allow the use of that flash in such a way) of course kernel
developers would have to take precautions, that this should not happen.
As for the key and passphrase itself I assume the pages are mlock()ed anyway
so they won't get paged.
On Sat, July 17, 2010 13:45, Heinz Diehl wrote:
> On 17.07.2010, Mikko Rauhala wrote:
>> > When you format the disc using "cryptsetup luksFormat", the 4 GB SSD
>> > isn't included. Please correct me if I'm wrong.
>> You're wrong in a very confused way. The SSD never stores anything that
>> wasn't on the hard disk, and only a part of that anyway. All operations
>> on the disk likewise indirectly affect the SSD cache.
> It's quite clear to me how the crypto layer works, and data send /written
> to the SSD cache only gets there in encrypted form when the SSD part is
> used as a disc cache exclusively. I'm not quite good in explaining things,
> I guess :-) I'm just curious if this SSD part is "just a cache", or maybe
> something else, as e.g. an additional "drive" with its one device, or a
> mixture of that... That wasn't quite clear to me. There's some articles
> out there which describe this SSD part as a "cache only" area, just like
> the cache which commonly is used with any harddisc drive, and I've read a
> report which described this area as a kind of "additional drive" which
> gets used as a cache at the same time, just if you would store your linux
> swap on an extra harddisk.
> Don't know if you can follow me now, blame it on me in this case, thinking
> "'round the corner" :-)
> dm-crypt mailing list
> dm-crypt at saout.de
More information about the dm-crypt