On Fri, Apr 23, 2010 at 10:49:23AM +0200, Milan Broz wrote: > On 04/23/2010 12:22 AM, Richard Zidlicky wrote: > > isn't TRIM considered information leakage in the case of dm-crypt? > > What do you mean? Information that some blocks are not used in device? yes. > If it is problem, you should not use FS with TRIM support in the first place. > dm-crypt basically should support TRIM if the request comes, it is just block device. Layering problem. Traditionally dm-crypt was expected to provide fs agnostic transparent encryption. TRIM is something that breaks the layering assumption. > The same logic - should I ban old ciphers and weak IV because they are insecure? > Nope, it is not dm-crypt level decision. these are useful only in case someone has such an obsolete volume. But you would not seriously consider implementing new known weak features just on the ground that the user can choose some workaround? I am not against having the possibility to pass through ata trim but it is debatable whether this should be the default behaviour. Richard _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
