From b917a96ed39a4a8e49febc5951266219ebab0e99 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?=
 <marmarek@invisiblethingslab.com>
Date: Sun, 11 May 2014 16:03:56 +0000
Subject: [PATCH] DiskTRIM changed

---
 DiskTRIM.md | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 DiskTRIM.md

diff --git a/DiskTRIM.md b/DiskTRIM.md
new file mode 100644
index 00000000..0732fe8c
--- /dev/null
+++ b/DiskTRIM.md
@@ -0,0 +1,34 @@
+---
+layout: wiki
+title: DiskTRIM
+permalink: /wiki/DiskTRIM/
+---
+
+VMs have already TRIM enabled by default, but dom0 doesn't. There are some security implications (read for example [​this article](http://asalor.blogspot.com/2011/08/trim-dm-crypt-problems.html)), but IMO not very serious.
+
+To enable TRIM in dom0 you need:
+
+1.  Get your root device UUID:
+
+    ``` {.wiki}
+    blkid /dev/mapper/*root
+    ```
+
+2.  Add entry to `/etc/crypttab` (replace \<UUID\> with the device UUID):
+
+    ``` {.wiki}
+    luks-<UUID> UUID=<UUID> none allow-discards
+    ```
+
+3.  Add `rd.luks.allow-discards=1` to kernel cmdline (`/etc/default/grub`, GRUB\_CMDLINE\_LINUX line)
+4.  Rebuild grub config (`grub2-mkconfig -o /boot/grub2/grub.cfg`)
+5.  Rebuild initrd **in hostonly mode**:
+
+    ``` {.wiki}
+    dracut -H -f
+    ```
+
+6.  Add "discard" option to `/etc/fstab` for root device
+7.  Reboot the system, verify that allow-discards is really enabled (`dmsetup table`)
+
+There is a [​bug affecting allow-discards option](https://bugzilla.redhat.com/show_bug.cgi?id=890533), once it will be fixed, first two steps will be no longer needed.