| View previous topic :: View next topic |
| Author |
Message |
anakin87
n00b
Joined: 02 Jan 2012
Posts: 9
|
 Posted: Tue Aug 07, 2012 9:49 am Post subject: SSD, LVM, cryptsetup guide |
 |
|
Hey folks,
Since I've got my new ssd I'd like to create, with your help, an installation guide for gentoo on a ssd including LVM and cryptseup.
Unfortunately I havn't found a tutorial which includes lvm and cryptsetup. The main issue is how to get the (mount)options right to support trim, in lvm and in cryptsetup.
My old setting was a single hdd with 2 partitions:
sda1 -> /boot
sda2 -> encrypted
sda2 -> decrypt -> /dev/mapper/vault -> LVM
/dev/mapper/vault contains:
vg-root as /
vg-home as /home
vg-swap as swap
v0.4 --> work in progress... not finished
Overview
1. create patitions (ok, yes thats not quite necessary to mention)
2. mounting per live-usb /live-dvd
3. installing stage
4. kernel configuration
5. create initramfs with trim support
6. configuration of fstab, cryptab and whats left (minimize swap access, /var/tmp/portage as tmpfs....)
1. create partitions
To initialize a disk many suggest to clean it
| Code: |
#write random data -> very very slow
dd if=/dev/random of=/dev/sda bs=100M
#if it's not secure enough for you try urandom -> this is could take days...
dd if=/dev/urandom of=/dev/sda bs=100M
#if you only want to clean it write zeros on it -> the fast way
dd if=/dev/zero of=/dev/sda bs=100M
#a tradeoff between speed and random data is badblocks -> it took me about 5h on a 300GB HDD
badblocks -c 10240 -s -w -t random -v /dev/sda
|
like my old setting I'd like to keep it at 2 partitions, one for /boot and the other contains the rest
| Code: |
fdisk /dev/sda
#create new primary with 100MB
#create new primary with your left space
|
so now we can create an encrypted sda2
| Code: |
cryptsetup -y --cipher aes-cbc-essiv:sha256 --key-size 256 luksFormat --align-payload=8192 /dev/sda2
|
note: if you lose your passphrase you lose your data -> you won't be able to recover it without the right passphrase -> that's the point
the next step is to open the encrypted partition to create an LVM-volume
| Code: |
cryptsetup luksOpen --allow-discards /dev/sda2 vault
|
creating the LVM
| Code: |
#creating LVM
pvcreate /dev/mapper/vault
#creating a volume-group called vg
vgcreate vg /dev/mapper/vault
#creating the actual data partitions
lvcreate -L30G -nroot vg
lvcreate -L5G -nswap vg
lvcreate -l100%FREE -nhome vg
|
these devices need a filesystem
| Code: |
mkfs.ext4 /dev/mapper/vg-root
mkfs.ext4 /dev/mapper/vg-home
mkswap /dev/mapper/vg-swap
mkfs.ext4 /dev/sda1
|
now we should be ready to mount
2. mounting per live-usb / live-dvd
the devices should be open - due to the creation...
| Code: |
mount -o discard /dev/mapper/vg-root /mnt/gentoo
mkdir /mnt/gentoo/boot/
mount -o discard /dev/sda1 /mnt/gentoo/boot
cd /mnt/gentoo
|
3. installing from stage
Now we need a current stage3 and the latest portage from www.gentoo.org/main/en/mirrors.xml
| Code: |
links http://www.gentoo.org/main/en/mirrors.xml
#unpack
tar xvjpf stage3*.tar.bz2
tar xvjf /mnt/gentoo/portage-latest.tar.bz2 -C /mnt/gentoo/usr
|
Edit /etc/make.conf to your liking and add the mirrors via mirrorselect.
(Preparing for chroot)
| Code: |
cp -L /etc/resolv.conf /mnt/gentoo/etc
mount -o discard /dev/mapper/vg-home /mnt/gentoo/home
mount -t proc none /mnt/gentoo/proc
mount --rbind /dev /mnt/gentoo/dev
chroot /mnt/gentoo /bin/bash
env-update
source /etc/profile
export PS1="(chroot) $PS1"
|
Now we are in our "new" system - let's update portage
As usual select the profile via eselect profile....
Configure your keyboard. timezone,etc.
4. kernel configuration
Are there any special options for a ssd?
So now I need your help because I've some problems to understand how and where I'll have to enable trim
Do I need something else for trim in the LVM? or does the LVM handle it automaticaly?
What do other people mean by the alignment for ssd?
_________________
i'll fight untill the hell is freezing and then i'll start on ice..... |
|
| Back to top |
|
 |
mbjr
Guru
Joined: 17 Jan 2004
Posts: 531
Location: Budapest/Hungary
|
| Posted: Wed Aug 08, 2012 2:03 pm Post subject: |
|
|
Hi there,
I'm just before running into this as planning on buying an SSD and getting this setup properly.
From what I've read in other forums it seems that TRIM can be tricky when you use encrypted volumes (not sure if you want to) - some say "TRIM is ineffective for encrypted volumes, as encryption fills the drive with random data so an attacker dose not know where to look, consequentily meaning that there is nothing to trim!".
As for LVM only, using a 2.6.33 or newer kernel with ext4 fs should take care of the majority of things.
There are two ways to use trim:
Manual
Use fstrim, but note that it is not needed when automatic TRIM is enabled.
fstrim is provided by the util-linux package, and it's definitely in 2.21.2+
Earlier systems reference "wiper.sh" (some magic from hdparm)
Automatic
Use the "discard" mount option to mount your drive.
In your fstab it'd look like this:
| Code: | | /dev/mapper/volumegroup-root / ext4 discard,noatime,nodiratime,errors=remount-ro 0 1 |
Testing if trim works
change to a directory on your ssd (i.e. /mnt/ssd/mydir)
(assuming you're root below, an your ssd is /dev/sda):
| Code: | dd if=/dev/urandom of=testfile count=100 bs=512k oflag=direct
hdparm --fibmap testfile #grab the first begin_LBA integer in this output and use it in the next command (in my case this is 129008640
hdparm --read-sector 129008640 /dev/sda #replace 129008640 with the integer from above command |
You should receive a nice long string of characters for those sectors, something like this:
| Quote: | dev/sda:
reading sector 129008640: succeeded
b7e1 d69b 0e10 be04 3f5f 8c8e 4cf5 847e
bcff 1244 9281 4b45 6247 b603 e4ec 28b7
5e5a 7030 8e99 5c72 1de6 a696 8d60 ac75
c819 70a8 d534 46e6 d39b 18bb 04d7 37f9
a835 1892 5957 29fe 155d 15aa ad95 e7c2
7258 e333 e79f fa3f 153d 6104 bb0d 0a09
08d5 e03f 6259 5ebc 94ce a1f8 e97f 55be
b97d 9d91 bbde 0394 27d2 9f32 3d25 823e
0150 adf0 aa1a 563c 08d6 1f13 3060 8b01
519c f24b 3e7f 61f1 21cb adac 5c21 6416
f235 6b3e dbcf 2849 cc34 7c9b a48c f638
a32e 1ecc dbff 11e3 c2d2 bee5 53f0 55f6
7df9 cde1 f6e4 8f70 4a7c a5f5 041f 8f33
e535 9d3e 0bf7 a2d4 876c 6bbd 2f9d 1fc8
9b2e e7d3 6bd8 4b5a 6865 077a a288 3119
4d3a 8b08 b27f 11a5 9cf3 1f5c 47df f5e7
66e1 d6e8 0dec 7952 4b13 166f 5e48 df14
9d21 3bf7 e8ed e4bf 01a0 d3c8 597e 7d94
bf83 45c2 8b79 0ad8 8633 f660 d3b6 e7d0
61a2 2874 b546 ec12 e4a9 2eb4 f859 bd35
b0a9 9c4b ad28 98a4 76a4 3bd3 f273 1a79
e709 0304 addf 4070 11c8 edd0 f9b1 58e5
baaa f9d2 2d1b 40be f50e 17d8 ce9c 1046
92c7 3b1c 11c2 8401 a404 7fa9 0a64 b037
5869 b8a0 c844 7fb3 9333 ee1f 517f 50e0
c5a1 0d57 5c88 4355 c3b3 d7e6 23e7 f0bd
700a 478a 4bca 0a68 cff7 4300 e01b 57d0
ff4c 3238 995a 642c c534 5a47 3fd5 c4a6
12ed a129 7241 a63d 6f31 7c7a 45a9 5a31
ede0 3c92 e4ff f210 f960 0bb7 08e9 7c02
0188 4dca 74d5 959a 8282 35ae ac30 8a9f
3e2c f792 42fd e882 bbf2 3d23 9361 fba6
|
Now remove the testfile, sync, and try the hdparm --read-sector command again.
You will see, that after removing the file, the sectors are still not empty.
Wait for a couple of minutes and do it again.
If you get only zeros, TRIM is working as expected.
If you keep getting your data back, something went wrong 
Let me know how it goes
Thanks,
_________________
mb |
|
| Back to top |
|
|
anakin87
n00b
Joined: 02 Jan 2012
Posts: 9
|
| Posted: Wed Aug 08, 2012 5:53 pm Post subject: |
|
|
Nice idea! If I'll get my system running I'll give it a try....
After 2 days of constant frustration I don't know any more if my plan is such a good idea.
I don't know why, but my own initramfs won't start to open my encrypted partition - something about kernel panic befor i can enter the passphrase - I have to look into it, it's a bit strange
I'm not shure but cryptsetup doesn't fill up your partition - as far as I know on the other side deleted data will not be trimed either (I quessed that)..... - please disagree, if you know it for sure 
So now I've a problem - how do I get a system on my ssd (it's in a notebook) and prevent other people form accessing it for example live-usb.....
Any alternative solutions? Or should I continue...
best regards
_________________
i'll fight untill the hell is freezing and then i'll start on ice..... |
|
| Back to top |
|
|
mbjr
Guru
Joined: 17 Jan 2004
Posts: 531
Location: Budapest/Hungary
|
| Posted: Wed Aug 08, 2012 7:34 pm Post subject: |
|
|
Hi there,
Not a bad idea that is, I'd have welcome a guide you are about to create when I did my setup.
There are kernel params one can set, but frankly after a 3 lines long param list in my grub config I gave up on hacking grub and went with the initramfs way. This keeps a kernel /kernel-latest and initramfs /initramfs-latest, some vga opts and stuff for splash, all fit nicely in one line
My hardware configuration has 2 hdds with 2 partitions on each, sda1, sda2, sdb1 and sdb2. The first partitions are in a raid 1 array while the seconds partitions serve as individual swap spaces, both activated
I use a USB pendrive to get rid of the otherwise useless boot partition, and keep my kernel, initramfs and unlock keys in my pocket.
Try to create a custom initramfs without any raid, lvm and crypto magic first.
You must have a clean boot, then you can start adding all the magic you need (make sure your mdadm, lvm ,vrytpsetup, etc are compiled with USE=static). Gentoo has a great guide on custom initramfs - try following that.
You may try with a genkernel first - it definitely has all the stuff you may ever need.
Once you have a clean boot, it's a piece of cake really.
Cheers,
_________________
mb |
|
| Back to top |
|
|
anakin87
n00b
Joined: 02 Jan 2012
Posts: 9
|
| Posted: Wed Aug 08, 2012 9:09 pm Post subject: |
|
|
Thats the plan, but in my 2 years of gentoo I never tried genkernel and I've heard ext4, lvm are not out of the box in there - can you confirm this?
my old initramfs script seems not to work any more and I don't know why....
because I've kept my .config for the kernel - so this should work too - but I get a kernel panic befor I get to the passphrase... so my script stops befor
cryptsetup luksOpen. But there are only two mount options... I don't get it
| Code: |
#!/bin/sh
mount -t proc none /proc
CMDLINE=`cat /proc/cmdline`
mount -t sysfs none /sys
#wait a little to avoid trailing kernel output
sleep 3
#If you don't have a qwerty keyboard, uncomment the next line
#loadkmap < /etc/kmap-de
#dm-crypt
/bin/cryptsetup luksOpen /dev/sda2 vault
#lvm
#/bin/vgscan
/bin/vgchange -ay vg
#root filesystem
mount -r /dev/mapper/vg-root /newroot
#unmount pseudo FS
umount /sys
umount /proc
#root switch
exec /bin/busybox switch_root /newroot /sbin/init ${CMDLINE}
|
For now I will try it without crypt and lvm to test my kernelconfiguration for the ssd
EDIT:
So my trialsystem without encryption/lvm is installed, up and running. Therefore I think my kernel-configuration is OK, because it worked also
on my encrypted/lvm HDD. Now I'm confused, because I don't know what went wrong in my init-script above.
PLS help
EDIT 2.0:
Sorry some bad news - it looks like encryption is nearly useless on an ssd
http://en.gentoo-wiki.com/wiki/DM-Crypt_with_LUKS#Filling_the_disk_with_random_data
And we should use a ssd with encryption provided by the controller. So I guess my idea and this guide is also useless..... 
_________________
i'll fight untill the hell is freezing and then i'll start on ice..... |
|
| Back to top |
|
|
d2_racing
Bodhisattva
Joined: 25 Apr 2005
Posts: 13047
Location: Ste-Foy,Canada
|
| Posted: Sat Aug 25, 2012 4:54 pm Post subject: |
|
|
One of my friend tested this and the discard stuff is not working.
Also, I noticed that hdparm doesn't like a btrfs partition too :
| Code: |
Kira boot # mount
rootfs on / type rootfs (rw)
/dev/root on / type btrfs (rw,noatime,ssd,discard,noacl,space_cache)
devtmpfs on /dev type devtmpfs (rw,relatime,size=4077860k,nr_inodes=1019465,mode=755)
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
tmpfs on /run type tmpfs (rw,nosuid,nodev,relatime,mode=755)
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
debugfs on /sys/kernel/debug type debugfs (rw,nosuid,nodev,noexec,relatime)
cgroup_root on /sys/fs/cgroup type tmpfs (rw,nosuid,nodev,noexec,relatime,size=10240k,mode=755)
openrc on /sys/fs/cgroup/openrc type cgroup (rw,nosuid,nodev,noexec,relatime,release_agent=/lib64/rc/sh/cgroup-release-agent.sh,name=openrc)
cpuset on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)
cpu on /sys/fs/cgroup/cpu type cgroup (rw,nosuid,nodev,noexec,relatime,cpu)
cpuacct on /sys/fs/cgroup/cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpuacct)
freezer on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620)
none on /dev/shm type tmpfs (rw,nosuid,nodev,noexec,relatime)
/dev/sda4 on /home type btrfs (rw,noatime,subvol=@home,discard,ssd)
/dev/sdc2 on /var type ext4 (rw,noatime)
/dev/sdb1 on /media/utilitaire type ext4 (rw,noatime)
/dev/sdb2 on /media/multimedia_2 type btrfs (rw,noatime)
/dev/sdd1 on /media/multimedia type btrfs (rw,noatime)
binfmt_misc on /proc/sys/fs/binfmt_misc type binfmt_misc (rw,noexec,nosuid,nodev)
/dev/sde1 on /run/media/eraindil/Kira_travel type fuseblk (rw,nosuid,nodev,allow_other,blksize=4096)
/dev/sr0 on /run/media/eraindil/rtcw type iso9660 (ro,nosuid,nodev,uhelper=udisks2,uid=1000,gid=1002,iocharset=utf8,mode=0400,dmode=0500)
/dev/sda1 on /boot type ext2 (rw,noatime,discard)
|
| Code: |
# cd /boot
# dd if=/dev/urandom of=testfile count=25 bs=512k oflag=direct
25+0 enregistrements lus
25+0 enregistrements écrits
13107200 octets (13 MB) copiés, 0,914161 s, 14,3 MB/s
Kira boot # hdparm --fibmap testfile
testfile:
filesystem blocksize 1024, begins at LBA 2048; assuming 512 byte sectors.
byte_offset begin_LBA end_LBA sectors
0 7170 7193 24
12288 134170 134681 512
274432 134682 135193 512
536576 135194 135705 512
798720 135706 136193 488
1048576 142338 142361 24
1060864 142362 142873 512
1323008 142874 143385 512
1585152 143386 143897 512
1847296 143898 144385 488
2097152 137218 137241 24
2109440 137242 137753 512
2371584 137754 138265 512
2633728 138266 138777 512
2895872 138778 139289 512
3158016 139290 139801 512
3420160 139802 140313 512
3682304 140314 140825 512
3944448 140826 141313 488
4194304 145410 145433 24
4206592 145434 145945 512
4468736 145946 146457 512
4730880 146458 146969 512
4993024 146970 147481 512
5255168 147482 147993 512
5517312 147994 148505 512
5779456 148506 149017 512
6041600 149018 149505 488
6291456 174082 174105 24
6303744 174106 174617 512
6565888 174618 175129 512
6828032 175130 175641 512
7090176 175642 176153 512
7352320 176154 176665 512
7614464 176666 177177 512
7876608 177178 177689 512
8138752 177690 178201 512
8400896 178202 178713 512
8663040 178714 179225 512
8925184 179226 179737 512
9187328 179738 180249 512
9449472 180250 180761 512
9711616 180762 181273 512
9973760 181274 181785 512
10235904 181786 182273 488
10485760 186370 186393 24
10498048 186394 186905 512
10760192 186906 187417 512
11022336 187418 187929 512
11284480 187930 188441 512
11546624 188442 188953 512
11808768 188954 189465 512
12070912 189466 189977 512
12333056 189978 190489 512
12595200 190490 191001 512
12857344 191002 191489 488
|
| Code: |
# hdparm --read-sector 7170 /dev/sda
|
| Code: |
# rm testfile
# sync
# hdparm --read-sector 7170 /dev/sda
|
| Code: |
Kira boot # hdparm --read-sector 7170 /dev/sda
/dev/sda:
reading sector 7170: succeeded
fa99 a073 b2d4 f527 0827 0600 caa6 c58f
9669 99fc b03d 610d 907d 6fac 2fbe 7767
6fe2 3c30 0712 879f 37b3 03d5 813b cb96
5595 8256 3b9b 5b50 4ee7 3838 da37 f0ee
d88f 6beb 3b16 3bbe 7696 17ec af42 1426
3d1d a2c7 b466 2374 ceff b12f fcaa 9039
46a5 6e1a ccee 2f2d 9ad3 7c15 0a06 887f
c703 df95 6535 6375 a070 d129 3dec 10b3
6505 1127 ae72 27eb 51b6 689f 9f63 9338
73fe c6fc f1cb dc6b 1553 8ab8 8b71 f480
b784 dc8e e622 5bd7 4540 eb3b 915e f103
d691 7f62 bed2 9314 260f 5b16 8f59 4b02
d8f8 ce1f 4a89 10c3 c862 0bcc 9fff 58d9
eebb 78e1 5864 5760 8c51 3a64 d4e7 f25a
c404 4804 c164 33d7 7924 0bc6 7f23 e0a6
264f 7eb6 7ba2 47b9 59a4 041a 3c27 7282
6481 7ef0 fc3e 45a4 e135 6909 bd51 f2ae
837d 8e0b e404 c2ba f1d7 bfd7 4773 ebbf
1d2b 55eb f20c 2da2 8420 a698 da98 df86
0848 c1ea 1ead c080 68b3 cafd 5115 007a
b70d 892a 95b6 e829 7d38 00da 729c 0b61
296e 3247 f852 aef2 13b5 f390 9323 c094
6c0a d2ab 5a36 7cca 347e f757 e230 8d58
5ab9 0e58 6514 931e 07fa 2768 ec50 0fc1
8cb5 5969 7593 29e5 dcd8 74c3 1dd0 8da9
75fd 7b79 a02a 3cc5 de68 c30c ad5c 276a
f842 75b9 80a1 9b02 8384 5bcb 0dd9 292b
aa6c cb36 d3dc a635 e1de 6d8c 1129 b785
e5d9 d068 1556 d74f 802b 0a30 ac55 5028
ad3a 4b38 6f55 b43e d764 34d7 430e f244
b1c7 3b0f d63b 5731 afba 21ab b617 3861
fe8e e966 2eba b9d6 8497 9706 a153 0d82
Kira boot # hdparm --read-sector 7170 /dev/sda
/dev/sda:
reading sector 7170: succeeded
fa99 a073 b2d4 f527 0827 0600 caa6 c58f
9669 99fc b03d 610d 907d 6fac 2fbe 7767
6fe2 3c30 0712 879f 37b3 03d5 813b cb96
5595 8256 3b9b 5b50 4ee7 3838 da37 f0ee
d88f 6beb 3b16 3bbe 7696 17ec af42 1426
3d1d a2c7 b466 2374 ceff b12f fcaa 9039
46a5 6e1a ccee 2f2d 9ad3 7c15 0a06 887f
c703 df95 6535 6375 a070 d129 3dec 10b3
6505 1127 ae72 27eb 51b6 689f 9f63 9338
73fe c6fc f1cb dc6b 1553 8ab8 8b71 f480
b784 dc8e e622 5bd7 4540 eb3b 915e f103
d691 7f62 bed2 9314 260f 5b16 8f59 4b02
d8f8 ce1f 4a89 10c3 c862 0bcc 9fff 58d9
eebb 78e1 5864 5760 8c51 3a64 d4e7 f25a
c404 4804 c164 33d7 7924 0bc6 7f23 e0a6
264f 7eb6 7ba2 47b9 59a4 041a 3c27 7282
6481 7ef0 fc3e 45a4 e135 6909 bd51 f2ae
837d 8e0b e404 c2ba f1d7 bfd7 4773 ebbf
1d2b 55eb f20c 2da2 8420 a698 da98 df86
0848 c1ea 1ead c080 68b3 cafd 5115 007a
b70d 892a 95b6 e829 7d38 00da 729c 0b61
296e 3247 f852 aef2 13b5 f390 9323 c094
6c0a d2ab 5a36 7cca 347e f757 e230 8d58
5ab9 0e58 6514 931e 07fa 2768 ec50 0fc1
8cb5 5969 7593 29e5 dcd8 74c3 1dd0 8da9
75fd 7b79 a02a 3cc5 de68 c30c ad5c 276a
f842 75b9 80a1 9b02 8384 5bcb 0dd9 292b
aa6c cb36 d3dc a635 e1de 6d8c 1129 b785
e5d9 d068 1556 d74f 802b 0a30 ac55 5028
ad3a 4b38 6f55 b43e d764 34d7 430e f244
b1c7 3b0f d63b 5731 afba 21ab b617 3861
fe8e e966 2eba b9d6 8497 9706 a153 0d82
Kira boot # hdparm --read-sector 7170 /dev/sda
/dev/sda:
reading sector 7170: succeeded
fa99 a073 b2d4 f527 0827 0600 caa6 c58f
9669 99fc b03d 610d 907d 6fac 2fbe 7767
6fe2 3c30 0712 879f 37b3 03d5 813b cb96
5595 8256 3b9b 5b50 4ee7 3838 da37 f0ee
d88f 6beb 3b16 3bbe 7696 17ec af42 1426
3d1d a2c7 b466 2374 ceff b12f fcaa 9039
46a5 6e1a ccee 2f2d 9ad3 7c15 0a06 887f
c703 df95 6535 6375 a070 d129 3dec 10b3
6505 1127 ae72 27eb 51b6 689f 9f63 9338
73fe c6fc f1cb dc6b 1553 8ab8 8b71 f480
b784 dc8e e622 5bd7 4540 eb3b 915e f103
d691 7f62 bed2 9314 260f 5b16 8f59 4b02
d8f8 ce1f 4a89 10c3 c862 0bcc 9fff 58d9
eebb 78e1 5864 5760 8c51 3a64 d4e7 f25a
c404 4804 c164 33d7 7924 0bc6 7f23 e0a6
264f 7eb6 7ba2 47b9 59a4 041a 3c27 7282
6481 7ef0 fc3e 45a4 e135 6909 bd51 f2ae
837d 8e0b e404 c2ba f1d7 bfd7 4773 ebbf
1d2b 55eb f20c 2da2 8420 a698 da98 df86
0848 c1ea 1ead c080 68b3 cafd 5115 007a
b70d 892a 95b6 e829 7d38 00da 729c 0b61
296e 3247 f852 aef2 13b5 f390 9323 c094
6c0a d2ab 5a36 7cca 347e f757 e230 8d58
5ab9 0e58 6514 931e 07fa 2768 ec50 0fc1
8cb5 5969 7593 29e5 dcd8 74c3 1dd0 8da9
75fd 7b79 a02a 3cc5 de68 c30c ad5c 276a
f842 75b9 80a1 9b02 8384 5bcb 0dd9 292b
aa6c cb36 d3dc a635 e1de 6d8c 1129 b785
e5d9 d068 1556 d74f 802b 0a30 ac55 5028
ad3a 4b38 6f55 b43e d764 34d7 430e f244
b1c7 3b0f d63b 5731 afba 21ab b617 3861
fe8e e966 2eba b9d6 8497 9706 a153 0d82
Kira boot # hdparm --read-sector 7170 /dev/sda
/dev/sda:
reading sector 7170: succeeded
fa99 a073 b2d4 f527 0827 0600 caa6 c58f
9669 99fc b03d 610d 907d 6fac 2fbe 7767
6fe2 3c30 0712 879f 37b3 03d5 813b cb96
5595 8256 3b9b 5b50 4ee7 3838 da37 f0ee
d88f 6beb 3b16 3bbe 7696 17ec af42 1426
3d1d a2c7 b466 2374 ceff b12f fcaa 9039
46a5 6e1a ccee 2f2d 9ad3 7c15 0a06 887f
c703 df95 6535 6375 a070 d129 3dec 10b3
6505 1127 ae72 27eb 51b6 689f 9f63 9338
73fe c6fc f1cb dc6b 1553 8ab8 8b71 f480
b784 dc8e e622 5bd7 4540 eb3b 915e f103
d691 7f62 bed2 9314 260f 5b16 8f59 4b02
d8f8 ce1f 4a89 10c3 c862 0bcc 9fff 58d9
eebb 78e1 5864 5760 8c51 3a64 d4e7 f25a
c404 4804 c164 33d7 7924 0bc6 7f23 e0a6
264f 7eb6 7ba2 47b9 59a4 041a 3c27 7282
6481 7ef0 fc3e 45a4 e135 6909 bd51 f2ae
837d 8e0b e404 c2ba f1d7 bfd7 4773 ebbf
1d2b 55eb f20c 2da2 8420 a698 da98 df86
0848 c1ea 1ead c080 68b3 cafd 5115 007a
b70d 892a 95b6 e829 7d38 00da 729c 0b61
296e 3247 f852 aef2 13b5 f390 9323 c094
6c0a d2ab 5a36 7cca 347e f757 e230 8d58
5ab9 0e58 6514 931e 07fa 2768 ec50 0fc1
8cb5 5969 7593 29e5 dcd8 74c3 1dd0 8da9
75fd 7b79 a02a 3cc5 de68 c30c ad5c 276a
f842 75b9 80a1 9b02 8384 5bcb 0dd9 292b
aa6c cb36 d3dc a635 e1de 6d8c 1129 b785
e5d9 d068 1556 d74f 802b 0a30 ac55 5028
ad3a 4b38 6f55 b43e d764 34d7 430e f244
b1c7 3b0f d63b 5731 afba 21ab b617 3861
fe8e e966 2eba b9d6 8497 9706 a153 0d82
Kira boot # hdparm --read-sector 7170 /dev/sda
/dev/sda:
reading sector 7170: succeeded
fa99 a073 b2d4 f527 0827 0600 caa6 c58f
9669 99fc b03d 610d 907d 6fac 2fbe 7767
6fe2 3c30 0712 879f 37b3 03d5 813b cb96
5595 8256 3b9b 5b50 4ee7 3838 da37 f0ee
d88f 6beb 3b16 3bbe 7696 17ec af42 1426
3d1d a2c7 b466 2374 ceff b12f fcaa 9039
46a5 6e1a ccee 2f2d 9ad3 7c15 0a06 887f
c703 df95 6535 6375 a070 d129 3dec 10b3
6505 1127 ae72 27eb 51b6 689f 9f63 9338
73fe c6fc f1cb dc6b 1553 8ab8 8b71 f480
b784 dc8e e622 5bd7 4540 eb3b 915e f103
d691 7f62 bed2 9314 260f 5b16 8f59 4b02
d8f8 ce1f 4a89 10c3 c862 0bcc 9fff 58d9
eebb 78e1 5864 5760 8c51 3a64 d4e7 f25a
c404 4804 c164 33d7 7924 0bc6 7f23 e0a6
264f 7eb6 7ba2 47b9 59a4 041a 3c27 7282
6481 7ef0 fc3e 45a4 e135 6909 bd51 f2ae
837d 8e0b e404 c2ba f1d7 bfd7 4773 ebbf
1d2b 55eb f20c 2da2 8420 a698 da98 df86
0848 c1ea 1ead c080 68b3 cafd 5115 007a
b70d 892a 95b6 e829 7d38 00da 729c 0b61
296e 3247 f852 aef2 13b5 f390 9323 c094
6c0a d2ab 5a36 7cca 347e f757 e230 8d58
5ab9 0e58 6514 931e 07fa 2768 ec50 0fc1
8cb5 5969 7593 29e5 dcd8 74c3 1dd0 8da9
75fd 7b79 a02a 3cc5 de68 c30c ad5c 276a
f842 75b9 80a1 9b02 8384 5bcb 0dd9 292b
aa6c cb36 d3dc a635 e1de 6d8c 1129 b785
e5d9 d068 1556 d74f 802b 0a30 ac55 5028
ad3a 4b38 6f55 b43e d764 34d7 430e f244
b1c7 3b0f d63b 5731 afba 21ab b617 3861
fe8e e966 2eba b9d6 8497 9706 a153 0d82
|
All the data is still there, so how can I help him to fix his trim feature ?
He owns a Crucial M4 SSD 128 gigs. |
|
| Back to top |
|
|
cach0rr0
Bodhisattva
Joined: 13 Nov 2008
Posts: 4123
Location: Houston, Republic of Texas
|
| Posted: Sun Aug 26, 2012 8:12 am Post subject: |
|
|
useless no. less strong than it would be with a disk that, when analyzed with forensic tools, looks like just one large block of random data, yes.
TRIMming via lvm will at least free up space, which is good. As the volume grows the data that's written to disk will still be unreadable, which is good. What you lose out on, is someone looking at your disk can tell where a volume starts and stops, they can tell what space is used or unused.
So yeah, it's sub-optimal, it's not as impervious as a standard rotational disk might be, but not entirely useless.
As far as fashioning an initramfs goes, I put this guide together, which may be of some use. Extra emphasis on the devtmpfs portion.
HTH
_________________
Lost configuring your system?
dump lspci -n here | see Pappy's guide | Link Stash |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Installing Gentoo
