Slow /dev/zero format using dd with nvme to prepare crypto, is there nvme specific tool?

Question

I try to prepare an nvme for encryption, so i first follow this post on SO.

But the speed of dd is really really slow (less than 100 mb/s). I see there is new option to speed up dm-crypt on kernel 5.9 (see this post), but before updating my kernel, i want to know if using nvme-cli format zero tools is equivalent to /dev/zero to prepare a disk : https://manpages.debian.org/testing/nvme-cli/nvme-write-zeroes.1.en.html

The actual (and very very slow) command to prepare disk before luks2 format :

   cryptsetup plainOpen --key-file /dev/urandom /dev/nvme0n1p2 ecrypt
   dd if=/dev/zero of=/dev/mapper/ecrypt bs=1M status=progress
   cryptsetup plainClose

Update :

Going to kernel 5.12 with dmcrypt 2.3.4, i use this new perf options :

cryptsetup plainOpen --perf-no_read_workqueue --perf-no_write_workqueue --key-file /dev/urandom /dev/nvme0n1p2 ecrypt 

dmsetup table say option are correctly activated :

ecrypt: 0 1999358607 crypt aes-cbc-essiv:sha256 0000000000000000000000000000000000000000000000000000000000000000 0 259:2 0 2 no_read_workqueue no_write_workqueue

I also verifyed that AES is activated with cpuid :

 cpuid | grep -i aes | sort | uniq
      AES instruction                         = true
      VAES instructions                        = false

I have the same problem, dd write zero at 900mb/s and slowly decrease to 45 mb/s ...

Answer 1

Found the answer, this is much much better with oflag=direct, jumping from 45 Mb/s to 536 Mb/s :)

dd if=/dev/zero of=/dev/mapper/ecrypt oflag=direct bs=1M status=progress

Thanks to these two posts :

• NVMe performance hit when using LUKS encryption
• https://stackoverflow.com/questions/33485108/why-is-dd-with-the-direct-o-direct-flag-so-dramatically-faster