2 2

Re: [alpine-aports] [PATCH] main/mkinitfs: backport cryptdiscards patch

Sören Tempel
Details
Message ID
<20170612105504.GA22141@francium>
Sender timestamp
1497264904
DKIM signature
missing
Download raw message
On 12.06.17, Natanael Copa wrote:
> Does other distros have similar options? If so do they use
> "cryptdiscards" as bootoption too, or something else?

Yes, other distros have similar options. According to the Arch Linux
wiki[1] all systemd based initrds use `rd.luks.options=discard` for
enabling this.

Cheers,
Sören

[1]: https://wiki.archlinux.org/index.php/Dm-crypt/Specialties#Discard.2FTRIM_support_for_solid_state_drives_.28SSD.29


---
Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
Help:         alpine-aports+help@lists.alpinelinux.org
---

Re: [alpine-aports] [PATCH] main/mkinitfs: backport cryptdiscards patch

Natanael Copa
Details
Message ID
<20170614152710.4f52282a@ncopa-desktop.copa.dup.pw>
In-Reply-To
<20170612105504.GA22141@francium> (view parent)
Sender timestamp
1497446830
DKIM signature
missing
Download raw message
On Mon, 12 Jun 2017 12:55:04 +0200
Sören Tempel <soeren@soeren-tempel.net> wrote:

> On 12.06.17, Natanael Copa wrote:
> > Does other distros have similar options? If so do they use
> > "cryptdiscards" as bootoption too, or something else?  
> 
> Yes, other distros have similar options. According to the Arch Linux
> wiki[1] all systemd based initrds use `rd.luks.options=discard` for
> enabling this.
> 
> Cheers,
> Sören
> 
> [1]: https://wiki.archlinux.org/index.php/Dm-crypt/Specialties#Discard.2FTRIM_support_for_solid_state_drives_.28SSD.29

Arch also has:

  cryptdevice=/dev/sdaX:root:allow-discards

and apparently they also have cryptkey=... for detached header.

Gentoo[1] does:
  root_trim=yes


Debian/ubuntu stores that option in /etc/crypttab which needs to be included in initramfs.

We currently have:

cryptroot cryptdm cryptheader cryptoffset

and now we add cryptdiscard

I kind of like the old Arch Linux way better:

  cryptdevice=$cryptroot:$cryptdm:$cryptdiscard

and for detached header:

  cryptkey=$cryptheader:$cryptoffset:$size


What do you think? Should we go for:

  cryptroot=$device cryptdm=$dmname cyptdiscards=yes cryptheader=$header cryptoffset=$offset

or should we do:

  cryptdevice=$device:$dmname:allow-discards cryptkey=$header:$offset

-nc

[1]: https://wiki.gentoo.org/wiki/Dm-crypt_full_disk_encryption#Genkernel.2FGenkernel-next


> 
> 
> ---
> Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
> Help:         alpine-aports+help@lists.alpinelinux.org
> ---
> 



---
Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
Help:         alpine-aports+help@lists.alpinelinux.org
---

Re: [alpine-aports] [PATCH] main/mkinitfs: backport cryptdiscards patch

Sören Tempel
Details
Message ID
<20170614214434.GA17311@francium>
In-Reply-To
<20170614152710.4f52282a@ncopa-desktop.copa.dup.pw> (view parent)
Sender timestamp
1497476674
DKIM signature
missing
Download raw message
On 14.06.17, Natanael Copa wrote:
> What do you think? Should we go for:
> 
>   cryptroot=$device cryptdm=$dmname cyptdiscards=yes cryptheader=$header cryptoffset=$offset
> 
> or should we do:
> 
>   cryptdevice=$device:$dmname:allow-discards cryptkey=$header:$offset

Honestly I don't have a strong opinion on this. I believe the latter is
harder to read and besides we would break backwards compatibility if we
would switch to this scheme.

Do you have an opinion on this? Would you like to switch to the latter?

Sören.


---
Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
Help:         alpine-aports+help@lists.alpinelinux.org
---