Mailinglist Archive: opensuse-bugs (2150 mails)

< Previous Next >
[Bug 866751] SATA TRIM / discard does not work on encrypted LUKS devices

https://bugzilla.novell.com/show_bug.cgi?id=866751

https://bugzilla.novell.com/show_bug.cgi?id=866751#c1


--- Comment #1 from Ludwig Nussel <lnussel@xxxxxxxx> 2014-04-04 14:39:22 CEST
---
The manpage has this:

WARNING: This command can have a negative security impact because it can
make filesystem-level operations visible on the physical device. For exam-
ple, information leaking filesystem type, used space, etc. may be
extractable from the physical device if the discarded blocks can be
located later. If in doubt, do no use it.

So this cannot be enabled unconditionally or by default. looks like systemd
understands a 'discard' option in crypttab. So setup-luks.sh could read that
and export to boot-luks.sh. I'm a bit busy with other stuff and mkinitrd is
dead anyways. If you send me a patch I'd be happy to integrate though.

https://github.com/openSUSE/boot.crypto

--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

< Previous Next >
This Thread
  • No further messages