diff --git a/mod-luks.sh b/mod-luks.sh
index 8cd9959..43bdcaa 100644
--- a/mod-luks.sh
+++ b/mod-luks.sh
@@ -134,15 +134,27 @@ luks_crypttab() {
 			if key_is_random "$key"; then
 				die "$dst: LUKS requires non-random key, skipping"
 			fi
-			if [ -n "$opt" ]; then
-				warn "$dst: options are invalid for LUKS partitions, ignoring them"
-			fi
 			if [ "$key" ]; then
 				keyfile=/etc/.$dst.key
 				inst $key $keyfile
 			fi
 
-			verbose "+ cryptsetup ${keyfile:+-d $keyfile} luksOpen '$src' '$dst'"
+			crypttab_opt=""
+			old_IFS="$IFS"
+			IFS=","
+			for option in $opt; do
+				case "$option" in
+					discard|allow-discards)
+						crypttab_opt="$crypttab_opt --allow-discards"
+						;;
+					*)
+						warn "$dst: option \'$opt\' is invalid for LUKS partitions, ignored"
+						;;
+				esac
+			done
+			IFS="$old_IFS"
+
+			verbose "+ cryptsetup ${keyfile:+-d $keyfile} open --type luks $crypttab_opt '$src' '$dst'"
 			add_linuxrc <<-EOF
 			debugshell
 
@@ -169,7 +181,7 @@ luks_crypttab() {
 				crypt_status=\$(cryptsetup \$cryptsetup_opt status '$dst')
 				if [ "\${crypt_status%%is inactive.}" != "\$crypt_status" ]; then
 					# is inactive
-					cryptsetup \$cryptsetup_opt ${keyfile:+-d $keyfile} luksOpen "\$luksdev" '$dst' <&1
+					cryptsetup \$cryptsetup_opt ${keyfile:+-d $keyfile} open --type luks $crypttab_opt "\$luksdev" '$dst' <&1
 				fi
 			fi