Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[solved] Disk readahead on encrypted volumes
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Kernel & Hardware
View previous topic :: View next topic  
Author Message
haarp
Guru
Guru


Joined: 31 Oct 2007
Posts: 517

PostPosted: Fri May 29, 2015 10:49 am    Post subject: [solved] Disk readahead on encrypted volumes Reply with quote

Increasing readahead can improve throughput tremendously. Especially on my NAS which is supposed to just gobble up as much data into RAM as possible (16GB RAM) to serve it quickly over the network.

Some more information about this can be found in this old LWN article: https://lwn.net/Articles/372384/

Now I could increase the readahead on my data disk, buuut, I also have Luks encryption on it. Readahead acts directly to the block device. Due to the "random" nature of encryption, files will not reside in continuous blocks on the device, but rather be distributed randomly. Thus, my reasoning, reading ahead additional blocks would be detrimental to performance, as these blocks will almost certainly not be relevant to the file being requested.

Thoughts?


Last edited by haarp on Sat May 30, 2015 7:30 am; edited 1 time in total
Back to top
View user's profile Send private message
eccerr0r
Watchman
Watchman


Joined: 01 Jul 2004
Posts: 7165
Location: almost Mile High in the USA

PostPosted: Fri May 29, 2015 2:41 pm    Post subject: Reply with quote

Encryption is costly, and if it puts blocks on the disk randomly (not randomly, but randomly mapped) as well, specifically to a mechanical device like a hard drive, performance really will tank. Usually disk blocks are still linear with encryption to maintain some speed. The random dumping to the disk is to confuse forensics.

All bets are off with SSD. You could randomly allocate blocks on SSD without as much as a performance hit (though you still want to stay within an erase block). It definitely would make forensics life harder, but so will a longer key.
_________________
Intel Core i7 2700K@ 4.1GHz/HD3000 graphics/8GB DDR3/180GB SSD
What am I supposed watching?
Back to top
View user's profile Send private message
haarp
Guru
Guru


Joined: 31 Oct 2007
Posts: 517

PostPosted: Fri May 29, 2015 3:12 pm    Post subject: Reply with quote

eccerr0r wrote:
Usually disk blocks are still linear with encryption to maintain some speed.

Oh? Interesting.

How does the mapping really work? Does it take chunks of X blocks and maps them to random regions?
Back to top
View user's profile Send private message
eccerr0r
Watchman
Watchman


Joined: 01 Jul 2004
Posts: 7165
Location: almost Mile High in the USA

PostPosted: Fri May 29, 2015 4:17 pm    Post subject: Reply with quote

I would think that most block level encryption algorithms would just write the block at the same place it would have normally written it, except encrypted. There's no real need to randomize the location. If you randomize the location, the chance of needing to do an expensive seek on a mechanical hard drive would be almost guaranteed which would tank your disk performance.
_________________
Intel Core i7 2700K@ 4.1GHz/HD3000 graphics/8GB DDR3/180GB SSD
What am I supposed watching?
Back to top
View user's profile Send private message
frostschutz
Advocate
Advocate


Joined: 22 Feb 2005
Posts: 2971
Location: Germany

PostPosted: Fri May 29, 2015 7:50 pm    Post subject: Reply with quote

there is no region re-mapping with encryption so readahead should work regardless of encryption
Back to top
View user's profile Send private message
haarp
Guru
Guru


Joined: 31 Oct 2007
Posts: 517

PostPosted: Sat May 30, 2015 7:29 am    Post subject: Reply with quote

frostschutz wrote:
there is no region re-mapping with encryption so readahead should work regardless of encryption

I always figured it was somewhat random, but apparently not. Good to know!

Thanks!
Back to top
View user's profile Send private message
szatox
Veteran
Veteran


Joined: 27 Aug 2013
Posts: 1753

PostPosted: Sat May 30, 2015 4:36 pm    Post subject: Reply with quote

I know at least 5 modes of block chiper modes and none of them changes order of blocks.
What would be the purpose of changing physical location anyway? You hide data with encryption. If encryption algorithm gets broken that random pattern won't help you.
You may chose logging filesystem like JFFS to ensure moving static data to other locations if you really want to hide long lasting patterns. Most modes have some kind of counter that makes the same data block look different as you put it somewhere else within the chain.
Back to top
View user's profile Send private message
haarp
Guru
Guru


Joined: 31 Oct 2007
Posts: 517

PostPosted: Sat May 30, 2015 4:51 pm    Post subject: Reply with quote

Thank you. It was just a misconception I had, but it's good to learn more :)
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Kernel & Hardware All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum