Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 24 Nov 2018 14:31:00 -0700
From:      Warner Losh <imp@bsdimp.com>
To:        Dimitry Andric <dim@freebsd.org>
Cc:        Wojciech Puchar <wojtek@puchar.net>,  "freebsd-hackers@freebsd.org" <freebsd-hackers@freebsd.org>, Poul-Henning Kamp <phk@phk.freebsd.dk>, Lev Serebryakov <lev@freebsd.org>, "Rodney W. Grimes" <freebsd-rwg@pdx.rh.cn85.dnsmgr.net>,  Eugene Grosbein <eugen@grosbein.net>
Subject:   Re: TRIM utility
Message-ID:  <CANCZdfrQc3Eb3G0A8FzJWH85OEFH_jJyBv_c_u3wQ2VmqU6cRQ@mail.gmail.com>
In-Reply-To: <CEF0AC1C-71C5-4CD3-A5A4-7A982D985F73@FreeBSD.org>
References:  <ca200443-f997-4d84-cbd5-592243714898@FreeBSD.org> <201811231600.wANG0wHc083199@pdx.rh.CN85.dnsmgr.net> <CANCZdfrnSw=06NfkwnowjJpiqbd3BN882nyFi%2ByWrsuYthEKoQ@mail.gmail.com> <alpine.BSF.2.20.1811241543300.19957@puchar.net> <CEF0AC1C-71C5-4CD3-A5A4-7A982D985F73@FreeBSD.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Nov 24, 2018 at 9:09 AM Dimitry Andric <dim@freebsd.org> wrote:

> On 24 Nov 2018, at 15:44, Wojciech Puchar <wojtek@puchar.net> wrote:
> >
> >> Yes. It would. That's hard with the current storage stack to do via the
> >> disk interface. And often the underlying protocols do not support
> partial
> >> ranges. There is no good way to do this with buf/bio interface we have.
> So
> >
> > what is an actual difference between "secure erase" and trimming whole
> disk?
>
> It depends a lot on the device.  Some devices encrypt all blocks
> automatically, and a Secure Erase command might just throw away the key,
> not go over all the data and actively wipe it.
>

When there's a difference, sanitize is usually the variant that does this.
In all the SSDs I've had problems with, however, both Secure Erase and
Sanitize reset the NAND pool (which effectively causes all the NAND erase
blocks to be erased).

TRIM is a 'logical' command, not a physical one. It doesn't tell the drive
to erase anything. It just marks the data as being free. Most drives will
then garbage collect things because certain low-water threshold marks are
hit causing the blocks to be erased, but TRIM is definitely not a command
to erase.

Also, Secure Erase and Sanitize both are more destructive an thorough than
a simple TRIM in that they potentially remove extra metadata that you'd
need to keep intact if you wanted to keep using the drive (such as the
current encryption keys).


> Most SSDs will likely also trim all the blocks to be erased, since userave
> come to expect the SSD performance to go back to the 'out of box'
> level, after such an operation.
>

Correct. I've not found any that don't, even though they are allowed to. It
also maximizes future performance because there's no need to stop and wait
for erase blocks to go through and an erase cycle before programming them.
And there's some advantage, in some of the NAND technology nodes, to
keeping things in the erased state a long as possible.


> If you are lucky, the manufacturer's documentation will explain the
> specifics, but don't count on it. :)
>

Very lucky :)

Warner



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CANCZdfrQc3Eb3G0A8FzJWH85OEFH_jJyBv_c_u3wQ2VmqU6cRQ>