RFC: Pass TRIM through GELI
Steven Hartland
killing at multiplay.co.uk
Sun Mar 8 23:05:38 UTC 2015
On 08/03/2015 22:50, Matthew D. Fuller wrote:
> On Sun, Mar 08, 2015 at 10:40:03PM +0000 I heard the voice of
> Steven Hartland, and lo! it spake thus:
>> Given GEIL is all about security translating the delete to a noop
>> results in a pretty serious security issue I would say as it will
>> leave data which he user intended to be removed present on the
>> device.
> But we're not translating it to anything; we're just passing it along.
> Certainly in my testing (Virtualbox-provided ada0, which doesn't TRIM,
> and md(4), which does) ufs and zfs seem to get the message just fine.
> If a poorly-behaved filesystem ignores the "I don't support that"
> message from our provider (SSD, hard drive, md(4), whatever), wouldn't
> it ignore us just the same?
IIRC ufs doesn't support TRIM by default, it needs to be manually
enabled. ZFS deals with the case and only enables TRIM on devices that
enable it, by detecting the not supported error and disabling it for
said devices.
GELI is kind of different though given is use, I'm sure users of it
would expect delete to leave no trace of the data which was there, which
is what I was under the impression it does, correct me if I'm wrong?
If that assumption is correct the altering is to do nothing if the
underlying device doesn't support delete would be a concern.
Regards
Steve
More information about the freebsd-geom
mailing list