On 04/04/2018 12:57 PM, cooloutac wrote:
On Wednesday, April 4, 2018 at 12:32:56 PM UTC-4, Chris Laprise wrote:
On 04/04/2018 11:50 AM, cooloutac wrote:
On Sunday, April 1, 2018 at 5:45:54 PM UTC-4, Chris Laprise wrote:
On 04/01/2018 03:06 PM, 'awokd' via qubes-users wrote:
On Sun, April 1, 2018 6:15 pm, cooloutac wrote:
Doesn't using trim on encrypted drive lessen security though?
In my opinion, it's so marginal a security decrease it hardly bears
mention. :) There's a link in the trim doc for further reading.
I'd like to remind people: Discard and TRIM are not exactly the same thing.
Commands like 'fstrim' only generate discards, and in a Qubes LVM setup
those discards will logically deallocate blocks in the pool, thus
freeing up space for filesystems.
If you enable 'discard' or 'disktrim' or whatever they call it these
days in crypttab, that will result in discards being converted into
hardware TRIM commands. That is because the crypto layer is the one
closest to the hardware in our configuration.
Does TRIM free up space? No. It helps the SSD maintain top write speeds
and perform more efficient wear-leveling. On some drives, it will also
cause the unallocated data to be wiped-out (according to vendor claims).
Does fstrim free up space? Yes! Because it actually generates discards
and the name is misleading.
IMO, the best thing to do is edit your dom0 /etc/fstab and add 'discard'
to the options for root fs '/'. That will free up space in a usable way
and you won't need to run fstrim.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
according to these qubes doc it says it can hurt performance though if added to
fstab? It says to use a systemd or cron job instead. Also says templates and
vms already have trim enabled automatically. it also says if we are using luks
to add it to crypttab or it won't work?
That doc may need some clarifying. TRIM might hurt performance on older
SSDs as they wipe data blocks without caching the commands... but
without TRIM the discards are just changing block allocation tables.
Also, we're talking about dom0 where few filesystem operations are
performed; the domUs already all have discard enabled in fstab.
But is this really nescessary to do in dom0? Will it make any difference if all
the templates and vms already have discard by default? And so does that mean
we make the cron job for dom0 we also have to add discard to crypttab?
The default rc5 dom0 config ran fstrim automatically once per week. IMO,
that's plenty of time for a user to do something which will lead to an
(unnecessary) out of space condition or at least be misinformed about
free space much of the time.
The Qubes code has since been changed to add discard to dom0 fstab
during install, but I don't know if that made it to the 4.0 release iso.
I don't believe the crypttab setting has changed.
TL;dr using discard is necessary when using thin pools (like its
necessary when using sparse disk image files) and relying on fstrim for
that means it should be run frequently.
To me, the most interesting question all this raises is how close in
speed/performance are virtual disk operations on Thin LVM vs Btrfs since
they offer similar features and both incur block allocation processing
on two separate layers.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
I dunno man I keep hearing about how newer ssd's are supposed to be better.
but I got a windows system with an m.2 and its horrible. can't use sleep when
using on board audio card. still disabled indexing, superfetch, search and
anything else that causes hdd space cause it would cause instability and
corruption.
Seems like right now every pc that has an old or new ssd using sleep mode, has
instability after resume, no matter what os they are using.
My Qubes dom0 got corrupted once, cause I was using an ssd when resuming from
sleep, its even worse in 4.0. and that kind of sucks cause without magic
packet waking it up i considered sleep a security feature. but I guess with
ssd you can just shut it off and on even better and same thing basically.
But are you saying in RC5 and on trim is enabled by default in dom0?
Hardware TRIM is disabled by default (the crypttab setting), but dom0
runs 'fstrim' once per week which frees up any extra space dom0 is
occupying in the pool. In this config, both 'discard' option in fstab
and 'fstrim' command only generates discards and shouldn't noticeably
affect performance.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/72914976-b542-59fb-d8de-e5e8b9291642%40posteo.net.
For more options, visit https://groups.google.com/d/optout.
