Re: Why start the first partition at 2 MIB, why not at any multiple of 4096 bytes ...

To: debian-user@lists.debian.org
Subject: Re: Why start the first partition at 2 MIB, why not at any multiple of 4096 bytes ...
From: David Wright <deblis@lionunicorn.co.uk>
Date: Wed, 9 Sep 2020 10:03:43 -0500
Message-id: <[🔎] 20200909150343.GC5266@axis.corp>
Reply-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 202009081743.21057.rhkramer@gmail.com>
References: <[🔎] 202009081253.00223.rhkramer@gmail.com> <[🔎] 202009081256.14661.rhkramer@gmail.com> <[🔎] 41cee973-ca8c-a7f9-c830-932775c35a6a@holgerdanske.com> <[🔎] 202009081743.21057.rhkramer@gmail.com>

On Tue 08 Sep 2020 at 17:43:21 (-0400), rhkramer@gmail.com wrote:
> On Tuesday, September 08, 2020 04:39:05 PM David Christensen wrote:
> > Neither the string "2 MiB" nor the string "2 M" appear on page you have
> > cited.
> 
> That is correct, that's is what I have not found on that page.
>  
> > Please provide a URL that advocates "start the first partition at 2 MIB"
> 
> Maybe I misinterpreted what David Wright said in an email responding to one of 
> my questions back in June.
> 
> <quote>
> Subject: Re: Advice on encrypted filesystem
> Date: Friday, June 26, 2020, 09:25:49 AM
> From: David Wright <deblis@lionunicorn.co.uk>
> To: debian-user@lists.debian.org
> 
> ---< snip >---
> 
> If encrypting an entire disk, scramble the disk first, then partition.
> If only encrypting a partition, partition the disk first.
> *Alignments should be at least 2M (4096 x 512B sectors).*
> Scramble any sensitive pre-existing contents:
> </quote>
> 
> I took that to mean that the first partition should start at 2 MiB.

:) I'm flattered. OK, but those notes were introduced as *my*
method for encrypting (spinning rust) disks. My 2MB alignment
wouldn't apply to the first partition because I always start with
a BIOS boot partition aligned (not that it really matters much)
at the usual 1MB. With an ESP added too, I can boot the disk in
either type of machine, BIOS or EFI.

I see no point in not being generous with alignment as well as
with partition sizes. Also, I always include --align-payload 2048
when creating encrypted partitions, having been bitten by
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923561
(2048 is not an override, but just the default made explicit.)

Rationale: look back over just 2020 (if memory serves) for instances
posted here of undersized ESP, /boot, /, and lack of anywhere to
place Grub's core.img. Insufficient sizes get noticed; OTOH alignment
problems sometimes get reported when they're diagnosed or logged,
but are often ignored. Today's tools are very forgiving, and tend
to just do the Right Thing. In my case, things worked well until
I started adding encryption into the mix, and the logs reacted.

Cheers,
David.

Reply to:

Follow-Ups:
- Re: Why start the first partition at 2 MIB, why not at any multiple of 4096 bytes ...
  - From: David Christensen <dpchrist@holgerdanske.com>

References:
- Why start the first partition at 2 MIB, why not at any multiple of 4096 bytes ...
  - From: rhkramer@gmail.com
- Re: Why start the first partition at 2 MIB, why not at any multiple of 4096 bytes ...
  - From: rhkramer@gmail.com
- Re: Why start the first partition at 2 MIB, why not at any multiple of 4096 bytes ...
  - From: David Christensen <dpchrist@holgerdanske.com>
- Re: Why start the first partition at 2 MIB, why not at any multiple of 4096 bytes ...
  - From: rhkramer@gmail.com

Prev by Date: Re: LEAN Debian install: Exploring task selection menu
Next by Date: Re: Why start the first partition at 2 MIB, why not at any multiple of 4096 bytes ...
Previous by thread: Re: Why start the first partition at 2 MIB, why not at any multiple of 4096 bytes ...
Next by thread: Re: Why start the first partition at 2 MIB, why not at any multiple of 4096 bytes ...
Index(es):
- Date
- Thread