Simon Heimlicher

Simon Heimlicher's Homepage

How Slow Is Lion's File Vault 2?

Mac OS X 10.7 Lion introduced File Fault 2, a whole-partition encryption scheme. Depending on your disk and CPU, encryption may causes a significant performance hit.

Here’s how to compare the speed of disk access once you have enabled encryption with the speed without encryption.

Note

We will use dd, a tool well known to any command line geek as potentially extremely dangerous. Make sure to identify the disks you are operating on properly and especially to ensure that you have exactly one parameter of and that it looks like this: of=/dev/null.

Be sure to have a full, complete, and working backup of your entire disk, not just the most important documents. A typo can and will destroy all your data in a split second.

In the following, ensure to disconnect any and all disks except your main OS X Lion system disk. Then reboot.

With that out of the way, let’s get to work.

First, verify that your physical hard drive is disk0 and the decrypted volume is disk1: Run diskutil list:

1
2
3
4
5
6
7
8
9
10
% diskutil list
/dev/disk0
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:      GUID_partition_scheme                        *250.1 GB   disk0
   1:                        EFI                         209.7 MB   disk0s1
   2:          Apple_CoreStorage                         249.2 GB   disk0s2
   3:                 Apple_Boot Recovery HD             650.0 MB   disk0s3
/dev/disk1
   #:                       TYPE NAME                    SIZE       IDENTIFIER
   0:                  Apple_HFS macosx                 *248.9 GB   disk1

As you can see, there are two disks, disk0 and disk1. In my case, disk1 is called "macosx" and it is my Lion system disk. However, it is not a physical disk but rather the decrypted volume hosted in the physical Apple_CoreStorage partition of disk0, referred to as disk0s2. To verify that disk1 is in fact mounted as the root file system, run diskutil mount:

1
2
3
4
5
% mount
/dev/disk1 on / (hfs, local, journaled)
devfs on /dev (devfs, local, nobrowse)
map -hosts on /net (autofs, nosuid, automounted, nobrowse)
map auto_home on /home (autofs, automounted, no browse)

Further, to see that disk1 is indeed a core storage logical volume, run diskutil cs info disk1:

1
2
3
4
5
6
7
8
9
10
11
12
13
% diskutil cs info disk1
Core Storage Properties:
   Role:                       Logical Volume (LV)
   UUID:                       XXXXXXXX-392A-46F8-8BA0-YYYYYYYYYYYY
   Parent LVF UUID:            XXXXXXXX-45EC-437E-9085-YYYYYYYYYYYY
   Parent LVG UUID:            XXXXXXXX-6AA4-485F-B946-YYYYYYYYYYYY
   Device Identifier:          disk1
   LV Status:                  Online
   Conversion Status:          Complete
   Content Hint:               Apple_HFS
   LV Name:                    macosx
   Volume Name:                macosx
   LV Size:                    248880820224 B

Now let us run some read tests on the physical disk, identified as /dev/rdisk0. Note that writing just a few bytes to this device may render your entire disk un-decryptable.

First, become root, then run the following command: time dd if=/dev/rdisk0 of=/dev/null bs=4k count=262144. This reads 1GiB from the raw disk and discards it (of=/dev/null), using a block size of 4kiB. (If you don’t know how to become root, this hint is not for you.)

1
2
3
4
5
# time dd if=/dev/rdisk0 of=/dev/null bs=4k count=262144
262144+0 records in
262144+0 records out
1073741824 bytes transferred in 100.246021 secs (10711067 bytes/sec)
dd if=/dev/rdisk0 of=/dev/null bs=4k count=262144  0.58s user 15.18s system 15% cpu 1:40.25 total

As you can see, dd reports "10711067 bytes/sec". Obviously, the disk is limited by the number of I/O operations it can perform per second. Let’s compare this with 64kiB blocks by running time dd if=/dev/rdisk0 of=/dev/null bs=64k count=32768:

1
2
3
4
5
# time dd if=/dev/rdisk0 of=/dev/null bs=64k count=32768
32768+0 records in
32768+0 records out
2147483648 bytes transferred in 34.796618 secs (61715298 bytes/sec)
dd if=/dev/rdisk0 of=/dev/null bs=64k count=32768  0.08s user 2.38s system 7% cpu 34.800 total

Now we pretty much observe the raw read rate, reported by dd "61715298 bytes/sec".

For comparison, run the same tests on disk1, the decrypted system disk.

Run the following command: time dd if=/dev/rdisk1 of=/dev/null bs=4k count=262144, now reading 1GiB of data from the decrypted disk in 4kiB blocks:

1
2
3
4
5
# time dd if=/dev/rdisk1 of=/dev/null bs=4k count=262144
262144+0 records in
262144+0 records out
1073741824 bytes transferred in 116.546454 secs (9212994 bytes/sec)
dd if=/dev/rdisk1 of=/dev/null bs=4k count=262144  0.79s user 17.89s system 16% cpu 1:56.55 total

Then, again for 64kiB block size: time dd if=/dev/rdisk1 of=/dev/null bs=64k count=32768

1
2
3
4
5
# time dd if=/dev/rdisk1 of=/dev/null bs=64k count=32768
32768+0 records in
32768+0 records out
2147483648 bytes transferred in 42.686829 secs (50307875 bytes/sec)
dd if=/dev/rdisk1 of=/dev/null bs=64k count=32768  0.03s user 1.03s system 2% cpu 42.690 total

Comments