On Wed, Oct 07, 2009 at 10:24:07PM +0200, Andi Kleen wrote:
> Dave Chinner <david@xxxxxxxxxxxxx> writes:
> > On Tue, Oct 06, 2009 at 02:47:58PM -0400, Christoph Hellwig wrote:
> >> Call the BLKDISCARD ioctl to mark the whole disk as unused before creating
> >> a new filesystem. This will allow SSDs, Arrays with thin provisioning
> >> support
> >> and virtual machines to make smarter allocation decisions.
> > Good idea, but perhaps the discard should be optional rather than
> > unconditional. My immediate thought was the SOP for setting up
> > encrypted devices - fill the empty disk with random data before
> > setting up the encrypted device. If you then send it a discard....
> This actually doesn't really work for SSDs, because SSDs typically
> have more internal capacity than they advertise and when you fill
> it up then it will just allocate new blocks and leave some of the
> blocks with the existing data around.
Agreed, but initialisation with random data before encryption is not
to delete existing information on the drive - it is to prevent
simple side-channel attacks that can significantly reduce the
strength of the encryption (e.g. an observer can tell the difference
between written, encrypted regions and unused space). Using
discards during mkfs and during filesystem operation opens up this
avenue of attack, hence my reasoning for making discards
> So I think Christoph's case of making it default is fine.
So do I, but for different reasons ;)