TRIM on an encrypted SSD

Ubuntu 11.10 Oneiric does not ship with cryptsetup 1.4, although Precise does. I don't know whether cryptsetup can be upgraded on Oneiric or not. Since Precise will be released in a month, you can also wait for that release before considering TRIM with encrypted partitions. The kernel can always be upgraded afterwards.

From http://code.google.com/p/cryptsetup/wiki/Cryptsetup140:

Support --allow-discards option to allow discards/TRIM requests.

Since kernel 3.1, dm-crypt devices optionally (not by default) support block discards (TRIM) commands.

If you want to enable this operation, you have to enable it manually on every activation using --allow-discards

cryptsetup luksOpen --allow-discards /dev/sdb test_disk

WARNING: There are several security consequences, please read at least http://asalor.blogspot.com/2011/08/trim-dm-crypt-problems.html before you enable it.

As you can see, this feature is not enabled by default because of the degraded security as mentioned in the linked blog. So, if you use cryptsetup on kernel 3.0 (the one shipped with Precise), you won't have TRIM support on your encrypted partitions. After upgrading to 3.1+, you still don't have unless you enable it.

To do so, you have to edit /etc/crypttab after installation (not sure if it's possible during installation) and add the discard option. See also crypttab(5).

I have posted a step by step guide to enabling TRIM with LUKS encrypted partitions in Ubuntu 12.04 or any Debian with cryptsetup 1.4+ and Kernel 3.1+. (Feel free to copy it here if some askubuntu guidelines deem it necessary.)

Find the Howto here:

http://worldsmostsecret.blogspot.com/2012/04/how-to-activate-trim-on-luks-encrypted.html