On Mon, Aug 15, 2011 at 08:45:30AM -0400, Chuck Anderson wrote:
> TrueCrypt and many other full disk encryption packages cannot tell the
> drive which sectors are actually free (and hence maintain them as
> zeroed sectors on the SSD) because they don't support TRIM.  Many of
> the packages don't want to support TRIM because it would leak
> information about the encrypted disk to a potential attacker.  That's
> pretty much it in a nutshell.

Here is a patch to add discard (TRIM) support to Linux dm-crypt (used
by cryptsetup-luks).  This will be in Linux 3.1:

http://git.kernel.org/?p=linux/kernel/git/agk/linux-2.6-dm.git;a=commitdiff;h=772ae5f54d69c38a5e3c4352c5fdbdaff141af21

Note the WARNING in the documentation.

This support is already included in the latest Fedora rawhide (what
will become Fedora 17) kernels.
_______________________________________________
Discuss mailing list
[email protected]
http://lists.blu.org/mailman/listinfo/discuss

Reply via email to