Slashdot Mirror
Apple Disables Trim Support On 3rd Party SSDs In OS X
MojoKid (1002251) writes One of the disadvantages to buying an Apple system is that it generally means less upgrade flexibility than a system from a traditional PC OEM. Over the last few years, Apple has introduced features and adopted standards that made using third-party hardware progressively more difficult. Now, with OS X 10.10 Yosemite, the company has taken another step down the path towards total vendor lock-in and effectively disabled support for third-party SSDs. We say "effectively" because while third-party SSDs will still work, they'll no longer perform the TRIM garbage collection command. Being able to perform TRIM and clean the SSD when it's sitting idle is vital to keeping the drive at maximum performance. Without it, an SSD's real world performance will steadily degrade over time. What Apple did with OS X 10.10 is introduce KEXT (Kernel EXTension) driver signing. KEXT signing means that at boot, the OS checks to ensure that all drivers are approved and enabled by Apple. It's conceptually similar to the device driver checks that Windows performs at boot. However, with OS X, if a third-party SSD is detected, the OS will detect that a non-approved SSD is in use, and Yosemite will refuse to load the appropriate TRIM-enabled driver.
If you read the rest of the article, you find that you can simply disable the driver loading security to have it working again.
The article paints this as a huge security issue, but why? Anyone putting in a custom SSD is also probably technically astute enough not to download a KEXT that ostensibly puts a cat following your cursor or what have you.
Cn anyone reasonably argue that having a system highly secure for non-technical users with easy workarounds for actually technical users is a bad compromise? The people who are not technical need all the help they can get.
Also - couldn't you actually just sign the drivers that are needed for trim? What prevents that?
"There is more worth loving than we have strength to love." - Brian Jay Stanley
It can be done if you're willing to disable kext security check
see http://www.cindori.org/trim-en...
Because they don't want you buy something with the lowest SSD option then upgrade after market? Why do this? Because you have half a brain and realize the "value" in shininess doesn't work for the SSD, HDD and RAM portions of a computer. Why pay their insane prices when you can not pay them? I for one have one Core 2 Duo MacBook (2008) that was a donation. I love OS X, but this kind of shit makes me not want to buy anything expensive or expected to last years from Apple unless I really feel the need to set money on fire via shiny technology. I hope the Apple crowd stands up and bitches, but more likely they'll just say your "buying it wrong".
Apple has never enabled TRIM on non-OEM SSDs, which is probably the conservative and correct thing to do. If you're clever enough to install a new SSD, you're clever enough to enable it on your own (and presumably to know whether you should enable it, and whether it's even a benefit for your particular drive).
The current workaround involved a single software vendor who didn't sign their kexts. Apple's new security policy won't let you load random unsigned kernel modules unless you explicitly turn off the signature checking. While this is inconvenient for me personally - because I have a 3rd-party SSD and I used that software myself - on whole, I'd rather have a more secure OS than the dubious benefit of a possibly slightly faster SSD.
Dewey, what part of this looks like authorities should be involved?
See http://blog.macsales.com/21641... for an example of a properly designed SSD.
kext signing is a GoodThing for security. Making the system less secure so that lazy implementors are protected isn't a good trade off.
Apple *should* have provided a better upgrade experience so that users wouldn't be surprised, or end up with unbootable systems. Users that don't want to have kext protection CAN turn it off see http://www.cindori.org/trim-en...
To me this is akin to Apple's desupport of WPS ages ago. It took everyone else a while to figure out that WPS was a major security hole (indeed, its still there for most consumers).
The walled garden isn't just there to protect Apples brand image via some measures of quality control and moral censorship, its there to squeeze more money out of you, and more money out of the software developers for the platform.
In my experience, mac laptops cost 20% more and last twice as long as alternative PC laptop manufacturers. That doesn't seem like a bad deal to me.
I should use this sig to advertise my book ISBN-13 : 978-1501515132.
That is an interesting point, however I have owned 5 Mac laptops over the years. A G3 PowerBook, A G4, PowerBook, 2 Core Duos and 1 Core 2 Duo. I have owned about the same number of PC laptops. I have not seen any improvement in reliability over the macs except in the case of ultra cheap netbooks that Apple doesn't directly compete with anyway. Neither of our points matter much as they are totally anecdotal. Also, the 20% figure you list is arbitrary and varies over the years. The point I was trying to make you ignore. Why pay more for Apple to preinstall an SSD for you when you can buy the SAME BRAND if not identical model number they use and install it for usually HALF the cost or less than what they charge for the upgrade? Answer THAT. That is what the article is about after all.
Some SSDs' TRIM support is so broken that its use can actually lead to corruption and other issues. Maybe Apple simply prefers to have users complain about speed than about data loss, IOW it could be cheap but safe workaround.
The Linux kernel, for instance, keeps a blacklist for this issue instead — but one that (commonly) only grows when the devs get reports from somebody who already suffered data loss, and then it takes ages for the new kernel to be used widely in the wild.
It isn't really true that SSD performance goes down by a whole lot if TRIM is not enabled. SSD performance and firmware has undergone radical improvements every year and people have come to the mistaken belief that enabling TRIM is responsible for most of the performance and wear leveling improvements.
TRIM has numerous problems, not the least of which being drives and/or filesystems which do not implement it properly. Because its use and effects can be seriously non-deterministic (even in a proper implementation), any bug in the drive firmware OR the filesystem in the use of TRIM can create serious corruption issues down the line when the drive actually decides to blow away some of the trimmed sectors. The TRIM command was badly conceived from the get-go.
The easiest and safest solution to getting 95% of the benefit of TRIM without actually using TRIM is to simply partition a factory fresh drive to leave a bit of unused space at the end... say another 5-10%. As long as it isn't written to, the drive will use that space as part of its dynamic wear leveling mechanic. As long as the drive also does static wear leveling (which nearly all will do these days), you wind up with nearly all the benefit of TRIM without having to actually use TRIM. TRIM was more important in the days where static wear leveling was not well implemented (or implemented at all). It is less useful these days.
-Matt
The difference is choice.
In the Apple model, yes, they have built that walled garden. Yes, they are generally sealed units with limited upgrade options. But with Apple in 2014, they're just one vendor among many viable alternatives. Depending on who you ask, they're somewhere between 8% and 15% of the market. That leaves a huge selection of alternate vendors from which to choose.
Microsoft, lest anyone forget, is a convicted (unfortunately never punished) monopolist. Is the late '90s they had something like 98% marketshare. In MS' world, you have no choice but to submit to his will and his ecosystem. You would not be free to leave and switch vendors because there would be no alternatives available. And while Gates may have recently been able to buy them a better reputation with his so-called charity work; you're a damn fool if you think he is anything but a viciously ruthless businessman who wanted nothing less than complete dominance over you.
Seriously, look at this fellow's posts. Doesn't matter what Apples does, it is not their fault, or it is their fault but it's Apple, so there is a good and just reason.
I just understand this mindset. TRIM has been around for a long time now and it works. Plain and simple. It has worked perfectly on my mac after I enabled with a 3rd party hack.
No, this is only a clamp down in order for force you to buy their SSD for double the price.
I am 100% positive if MS sold SDDs and suddenly blocked TRIM, this turkey would be screaming at the top of his lung about power grabs and anti-competitive actions. But, since we are talking about Apple....
The Linux kernel, for instance, keeps a blacklist for this issue instead
This is true. The blacklist is contained in drivers/ata/libata-core.c for anyone who wants to take a look at it.
To find it, in that file search for: static const struct ata_blacklist_entry ata_device_blacklist []
For SSDs with (queued) TRIM problems, that list seems to contain only Crucial/Micron M500/M550. There is a lot of other devices blacklisted for various reasons. Of course they aren't blacklisted completely but just some features are disabled in them.
There are three approaches to computing.
There's the commercial-ubiquitous approach. This is Microsoft's approach. Try to support (or to get manufacturers to support) as much hardware as possible. Be the default solution. Things generally look good (I can't fault Microsoft over their years for most of their UI decisions), stability may not always be terribly good though, and that's the sacrifice, ubiquity over stability, but the gain is to run on just about all hardware in existence. Android is also mostly falling into this category too now.
There's the commercial-restricted approach. Sell your hardware and your software, and only allow a select-few others to sell hardware or software that is compatible with your products. The upside is that the platforms are highly stable, but the downsides are that users will sometimes find they simply can't do something because it's disallowed. It also requires the company to be ever-vigilant about pushing more features and capabilities, as stagnation will mean death. Apple currently leads this community, but SGI, Sun, NeXT, Commodore, and a whole bunch of computer companies throughout the years have tried it and ultimately closed up shop.
The Open-Source method is the third approach, and it's both leading edge (ie, research projects by major universities) and completely behind (many user applications simply don't exist or are only partially functional).
I use Windows, OSX, and Linux daily as desktop environments. Linux is stable and fast, but often not compatible with developments out of Redmond and with a lot of work to make some features function. OSX is very smooth, very stable, and awkwardly locked-down to where some things simply aren't options. Windows is compatible with just about everything and requires weekly reboots to keep it running.
They all suck. All of them.
Do not look into laser with remaining eye.
Yes... the demented world of Apple where daring to buy a 3rd party peripheral is only for "power users" or "cheapskates" or some other class of person that will be denigrated by the hive mind.
THIS here is the biggest reason to avoid Apple products. Not the price. Not the novelty form factors that cook your machine. Not the fact that nothing is maintainable.
It's THIS attitude here that anyone that's using this "platform for creatives" in a remotely creative way will get shouted down by the hive mind.
A Pirate and a Puritan look the same on a balance sheet.
I've been primarily a Mac user since 1999 or 2000, and I've watched the serviceability of Apple's machines go back and forth over the years. Before they moved to the Intel processor, you often had very limited options to do anything with the configuration you purchased, even when the machine in question was a tower type desktop computer. RAM was generally not an issue, although Apple sometimes required very specific timing for the DIMM modules - limiting what you could put in. But certainly, upgraded video was a problem (very limited in which cards could be used as upgrades - including cases like the G4 Cube where some cards were physically too long to fit, even if they'd work otherwise). Laptops like the iBook G4 were notoriously difficult to take apart for service. I remember replacing a bad hard drive in one for a guy I used to work for, and it was at least a 2 hour long job for me with screws all over the place. After that, I understood why repair shops would quote such high labor rates when you asked about an iBook repair.
Then I watched things go the opposite direction. The newer Macbooks and Pros became increasingly easy to work on, so you could unscrew the bottom plate and have instant access to everything -- or just remove a small plate to get to the RAM slots. Batteries became removable from the bottom by just sliding an unlock switch. Even the iMac was easy to upgrade at one point (hard drive right there once you took the back cover off, and no need to do more than unscrew a couple screws on the bottom to get to the SO-DIMM memory).
But it's now swinging back to the "non serviceable" mode again, with the pentalobe screws trying to keep people out, soldered RAM on the motherboards, and having to take the whole glass and LCD screens out of iMacs to work on them.
Truthfully, I don't think the TRIM support for non-Apple branded SSDs is that big of a deal. It's been known for quite a while now that Apple wasn't including TRIM support for 3rd. party drives -- and there's even one 3rd. party SSD coming out now with TRIM functionality built into its firmware, so OS X doesn't need to have support to do it. You can turn off the feature in OS X that verifies you're only using signed KEXTs and get the custom ones to work for TRIM support too.
But sure, it's annoying .... and I'm not going to make apologies for Apple about any of this. We still use their products where I work and none of this will make us stop. (As long as you have a warranty, you just hand it back to Apple when it breaks and it's their problem. If you still need it and the warranty is up? Fine... you pay up and let Apple service it and hand it back to you again. Their repair prices have actually gone down in recent years, as they've made more products reliant on them to service them.) Home users are the ones who get the short end of the deal though, as money is more of a problem for us and we tend to buy lesser configurations of machines to save money up front -- intending to add to it later. With Apple, that's becoming a poor decision.
The reason that Apple disabled this is that a lot of SSDs have really buggy TRIM implementations. This observation wasn't unique to Apple: Microsoft and the Linux kernel defaulted to TRIM being off until quite recently. Apple could afford to turn it on for their own SSDs because they did extensive compatibility testing of those before shipping them.
Now, it doesn't really make sense, but enabling it automatically would likely burn some users, and bug reports about data loss lead to a lot more anger than bug reports about lower performance.
I am TheRaven on Soylent News
The real problem here, as I see it, is that the developer of the TRIM enabler is writing bug reports that request a ridiculously complex solution that doesn't make much sense, rather than a very trivial solution that does.
The right way to solve this problem would be for Apple to add a single line of code that checks for a magic value in the device tree, and enables TRIM support if it finds it. Then, the TRIM enabler could write a codeless kext for any devices whose TRIM support seems to work, whose sole purpose is to add that magic value into the device tree, that matches at a higher priority than the Apple driver, modifies the device tree, and walks away from the table, allowing the Apple driver to attach, see the flag, and use TRIM support.
Heck, there's probably a flag like that in there already. Just looking at the device tree for my Apple-branded drive in 10.9, I see something pretty glaring:
"IOStorageFeatures" = {"Unmap"=Yes}
and thirty seconds later, found the documentation for that key here. Chances are, if you write a codeless kext that modifies the device tree to add this property to the device, and if you get your matching correct, the unmodified Apple driver will magically enable TRIM support. If so, then you just need to get a proper signing key from Apple, sign the codeless kext, and you're done. If not, file a bug asking for that approach (or a similar approach with a different key) to work.
If that approach doesn't work, then and only then should you even think about writing an actual chunk of kernel code.
Check out my sci-fi/humor trilogy at PatriotsBooks.