Suggestion: Using hardware acceleration for erasing encrypted volumes
I am currently formatting a Seagate Exos 8TB drive with EXT4 on LUKS using gnome-disks with erasing and a (reasonably fast) i5-10210U. It is taking a very long time (estimated 54h, about 41MB/s) compared to the drive writing speed. I assume that the erasing writes random data on the drive, which is what I want (couldn't find out what udisks_block_call_format() exactly does).
But: Probably udisks2 does something like "dd if=/dev/urandom of=/dev/sdX bs=1M" which is slow because the randomness is calculated by the CPU.
In the past, I used to fill a drive with randomness by creating an encrypted volume using a random password, and then fill the partition inside the encrypted drive with /dev/zero (as described here). After that, the partition header is overwritten with data from /dev/urandom so the randomness-encryption key is lost forever, remaining a drive completely filled with random data.
This technique utilizes the hardware-acceleration for encryption which is multiple times faster and can fill the drive with a speed close to the maximum drive speed (depending on the CPU).
It would be amazing to include this feature in gnome-disks. Maybe there is a way to fill the partition inside an encrypted volume by using the udisks_block_call_format() command currently used to fill the drive with randomness. A progress bar would also be a nice-to-have but is not necessary (probably hard to implement).
- gnome-disk-utility 3.36.3
- udisks 2.9.1