This step by step walkthrough will let you take advantage of the TRIM technology for your encrypted SSD partitions for cryptsetup 1.4 or higher and kernel 3.1 or higher. This leads to a hassle-free SSD experience because
"TRIM enables the SSD to handle garbage collection overhead, that would otherwise significantly slow down future write operations to the involved blocks, in advance."
Notebook with SSD as the single drive, Linux installed in single ext4 LVM root partition with LVM swap partition, both over LUKS encrypted logical partition.
sudo fdisk -l /dev/sda /dev/sda1 # boot partition (83) (unencrypted, ext4) /dev/sda2 # extended partition /dev/sda5 # logical partition (83) with LUKS encryption
ls /dev/mapper /dev/mapper/sda5_crypt # encrypted LUKS device in physical /dev/sda5 partition /dev/mapper/volumegroup-root # root partition sda5_crypt /dev/mapper/volumegroup-swap # swap partition sda5_crypt
- Make a backup of all your data. You're messing with your file system so having a backup is simply a good idea.
- Make sure you have the required kernel and cryptsetup versions (3.1 & 1.4, e.g. in Ubuntu 12.04, beware though, at time of writing 12.04 is still beta).
- Add discard parameter to the file system options of the encrypted LVM volume(s) in your /etc/fstab file. This makes the file system of your LVM partition aware that you want to use TRIM.
/dev/mapper/volumegroup-root / ext4 discard,noatime,nodiratime,errors=remount-ro 0 1
- The last step is not enough though. As long as LUKS is not aware that you want to use TRIM it will effectively block all TRIM operations coming from the LVM partition's file system, for security reasons. Add discard parameter to the cryptdevice options in /etc/crypttab to make LUKS accept the discard behavior of the LVM partition.
sda5_crypt UUID=e364d03f-[...]6cd7e none luks,discard
- Rebuild your initramfs. The crypttab options are stored there and used on boot.
sudo update-initramfs -c -k all
- Check if TRIM is now active.
sudo dmsetup table /dev/mapper/sda5_crypt --showkeys
- If the last command shows a result like this (1 allow_discards at the end) you're all set.
0 77656056 crypt aes-cbc-essiv:sha256 abc[...]c7a0c 0 8:5 2056 1 allow_discards
TRIM is activated. Enjoy your hassle-free SSD!