SSD TRIM on LUKS Encrypted Partitions
Much of this tutorial is outdated; it is being included for reference. This tutorial has been tested on Ubuntu 12.04 LTS
How to Activate TRIM on LUKS Encrypted Partitions in Ubuntu & Debian
This step by step walkthrough will let you take advantage of the TRIM technology for your encrypted SSD partitions for cryptsetup 1.4 or higher and kernel 3.1 or higher. This leads to a hassle-free SSD experience because
“TRIM enables the SSD to handle garbage collection overhead, that would otherwise significantly slow down future write operations to the involved blocks, in advance.”
Notebook with SSD as the single drive, Linux installed in single ext4 LVM root partition with LVM swap partition, both over LUKS encrypted logical partition.
sudo fdisk -l /dev/sda
- Make a backup of all your data. You’re messing with your file system so having a backup is simply a good idea.
- Make sure you have the required kernel and cryptsetup versions (3.1 & 1.4, e.g. in Ubuntu 12.04).
- Add discard parameter to the file system options of the encrypted LVM volume(s) in your /etc/fstab file. This makes the file system of your LVM partition aware that you want to use TRIM.
/dev/mapper/volumegroup-root / ext4 discard,noatime,nodiratime,errors=remount-ro 0 1
- The last step is not enough though. As long as LUKS is not aware
that you want to use TRIM it will effectively block all TRIM operations
coming from the LVM partition’s file system, for security reasons. Add discard parameter to the cryptdevice options in /etc/crypttab to make LUKS accept the discard behavior of the LVM partition.
sda5_crypt UUID=e364d03f-[...]6cd7e none luks,discard
- Rebuild your initramfs. The crypttab options are stored there and used on boot.
sudo update-initramfs -c -k all
- Check if TRIM is now active.
sudo dmsetup table /dev/mapper/sda5_crypt --showkeys
- If the last command shows a result like this (1 allow_discards at the end) you’re all set.
0 77656056 crypt aes-cbc-essiv:sha256 abc[...]c7a0c 0 8:5 2056 1 allow_discards
TRIM is activated.