[dm-crypt] [ANNOUNCE] cryptsetup 1.4.0
list at eworm.de
Thu Oct 27 16:27:30 CEST 2011
Alexander Koch <mail at alexanderkoch.net> on Thu, 27 Oct 2011 15:33:31 +0200:
> Am 26.10.2011 20:46, schrieb Milan Broz:
> > * Support --enable-discards option to allow discards/TRIM requests.
> > Since kernel 3.1, dm-crypt devices optionally (not by default) support
> > block discards (TRIM) comands.
> > If you want to enable this operation, you have to enable it manually
> > on every activation using --enable-discards
> > cryptsetup luksOpen --enable-discards /dev/sdb test_disk
> > WARNING: There are several security consequences, please read at least
> > http://asalor.blogspot.com/2011/08/trim-dm-crypt-problems.html
> > before you enable it.
> On Arch Linux, the package 'cryptsetup' contains
> /lib/initcpio/hooks/encrypt, which provides a hook for mounting
> encrypted volumes from initrd.
> Does anyone know if there exists any effort on making this script accept
> options for cryptsetup from kernel cmdline?
> The current version only reads device and mapper-name, so one cannot
> open an encrypted root device with discard enabled.
> Looking at the code, I think this would not be so hard to implement
> (maybe just an addidional ':'-separated field in the kernel cmdline for
> options like --enable-discards), but If someone is already working on it
> I won't start the hack ;)
More information about the dm-crypt