Swap or no swap?

All threads related to any flava of Linux or BSD.
Post Reply
User avatar
Thor
htd0rg lieutenant
Posts: 440
Joined: Tue Dec 18, 2007 9:39 am
Location: Location Location

Swap or no swap?

Post by Thor » Tue Dec 08, 2009 8:02 am

I was reading some things the other day that suggested that it may be better to go with no swap on some linux machines. This way you don't need to worry about what it's collecting and things like that. We can encrypt swap, but it might impact performance. I was thinking about setting up a nix box with 512mb RAM with no swap to see if I even noticed it gone. Any thoughts on this?
Quidquid latine dictum sit, altum sonatur.
- Whatever is said in Latin sounds profound.

Omnis Vestri Substructio Es Servus Ad Nobis.
- All Your Base Are Belong To Us

User avatar
stasik
Guru
Posts: 525
Joined: Thu Oct 12, 2006 8:38 am
Location: dublin

Re: Swap or no swap?

Post by stasik » Tue Dec 08, 2009 10:05 am

if i am not mistaken, swap for linux is like pagefiles for windows. if u r out of ram, or hibernate/stand by, then its nice to have a swap partition. i never heard of any disadvantages of swap partition (except security in ur case maybe). 512 may be enough, but maybe not, depending on how many simultaneous applications are gonna be running, or if u r gonna do any big/long computations. i would say u need swap partition for less then 2 gb of ram

horze
Hacker in Training
Posts: 53
Joined: Wed Aug 26, 2009 8:33 am

Re: Swap or no swap?

Post by horze » Tue Dec 08, 2009 11:58 am

The only disadvantage with swap I have read about is if you use a SSD but even there the opinion is divided.
You can also tweak the way Linux swaps.This site has some common information about the subject:
http://www.linux.com/news/software/appl ... swap-space

psilocybin
Sargeant at Arms
Posts: 191
Joined: Tue Feb 17, 2009 5:27 am

Re: Swap or no swap?

Post by psilocybin » Tue Dec 08, 2009 5:17 pm

if it's security you're concerned about, would it be possible to add a feature to the shutdown routine which would quickly shred the swap space? that way, any performance impact would only affect the time it takes to shut down, and you're done using it then anyway.

bear in mind that I know nothing about linux, so I don't know how hard this would be to implement.

mfukar
Apprentice
Posts: 36
Joined: Thu Sep 17, 2009 7:41 pm
Location: Athens, GR

Re: Swap or no swap?

Post by mfukar » Tue Dec 08, 2009 7:37 pm

Thor wrote:I was reading some things the other day that suggested that it may be better to go with no swap on some linux machines. This way you don't need to worry about what it's collecting and things like that. We can encrypt swap, but it might impact performance. I was thinking about setting up a nix box with 512mb RAM with no swap to see if I even noticed it gone. Any thoughts on this?
When you run out of memory, you're going to suffer.

Why would you worry about what's in the swap, though? Based on your thought to encrypt the swap file/partition, I'm assuming security concerns. What's your threat model - someone stealing your drive?

User avatar
stasik
Guru
Posts: 525
Joined: Thu Oct 12, 2006 8:38 am
Location: dublin

Re: Swap or no swap?

Post by stasik » Wed Dec 09, 2009 11:59 am

maybe TrueCrypt could be used to encrypt ur swap partition, and decrypt it on boot. never used truecrypt on linux, so no idea how it could be implemented. but even if u r concern about security, the info saved on swap partition is Process Pointers of the addresses, which means nothing without the actual memory (which is ur linux partition, encrypted one). no photo/docs/audio/video/etc will ever be saved/moved to the swap partition (i think so)...

mfukar
Apprentice
Posts: 36
Joined: Thu Sep 17, 2009 7:41 pm
Location: Athens, GR

Re: Swap or no swap?

Post by mfukar » Wed Dec 09, 2009 7:32 pm

stasik wrote:no photo/docs/audio/video/etc will ever be saved/moved to the swap partition (i think so)...
Sure they will. That's the whole point of swap space. Maybe you're thinking of TLBs?

User avatar
foldingstock
htd0rg lieutenant
Posts: 300
Joined: Sat Aug 16, 2008 10:38 pm

Re: Swap or no swap?

Post by foldingstock » Thu Dec 10, 2009 3:02 am

stasik wrote:maybe TrueCrypt could be used to encrypt ur swap partition, and decrypt it on boot. never used truecrypt on linux, so no idea how it could be implemented. but even if u r concern about security, the info saved on swap partition is Process Pointers of the addresses, which means nothing without the actual memory (which is ur linux partition, encrypted one). no photo/docs/audio/video/etc will ever be saved/moved to the swap partition (i think so)...
dm_crypt would be easier to setup. TrueCrypt would work, but if you ever upgraded your kernel it would have to be reinstalled before encrypted volumes could be mounted.
"If a man empties his purse into his head, no one can take it from him."
- Benjamin Franklin

Dark Nova
Hacker in Training
Posts: 91
Joined: Mon Feb 28, 2005 8:27 pm

Re: Swap or no swap?

Post by Dark Nova » Thu Dec 17, 2009 4:06 am

Alternatively,

If you need swap, you could use a swap file instead of a partition, which lives in your system along with system files and such, and would essentially be encrypted when you encrypt the drive.

NOVA
Sometimes insanity is the only sanity left

User avatar
Thor
htd0rg lieutenant
Posts: 440
Joined: Tue Dec 18, 2007 9:39 am
Location: Location Location

Re: Swap or no swap?

Post by Thor » Thu Dec 17, 2009 1:32 pm

I use Truecrypt for making encrypted containers in my system now, but I think I would only use it just for that. I'm not even 100% sure how I would use Truecrypt to do a swap partition, it would be weird I think. I believe the suggestion about using dm-crypt would be better for that. As far as what I want to do with the swap, I think I will keep a swap, but encrypt it. My 512mb ram is just to low IMO for things to really operate smoothly. Plus, I tend to load systems up with a bunch of different things which takes away from their bare bones value.

I am under the impression that more than just address pointers are being passed through swap. In fact I thought that any data that would be found in any memory normally, can also be found in swap. With this logic, it seems that passwords unencrypted and any other text, image or data file can be found there. It could be possible to scrape this data before power down. (I believe so). Please correct or elaborate if I am wrong or half true here.

EDIT: One thing I haven't really considered is the use of a Linux swap file. I haven't really heard of anyone doing this. What directory would you put that in? /tmp I guess?
Quidquid latine dictum sit, altum sonatur.
- Whatever is said in Latin sounds profound.

Omnis Vestri Substructio Es Servus Ad Nobis.
- All Your Base Are Belong To Us

Dark Nova
Hacker in Training
Posts: 91
Joined: Mon Feb 28, 2005 8:27 pm

Re: Swap or no swap?

Post by Dark Nova » Fri Dec 18, 2009 12:29 am

I've seen it be used in the root drive, I guess temp is as good a place as any, or even create a dedicated subdir for it. Never had to use it myself, I obviously aint that worried about laptop theft....

NOVA
Sometimes insanity is the only sanity left

19bab79
Hacker in Training
Posts: 81
Joined: Wed Jan 21, 2009 2:13 pm

Re: Swap or no swap?

Post by 19bab79 » Mon Dec 21, 2009 7:42 pm

since you guys were on the subject of an encrypted swap partition i though that i might throw this out there. there is a guy on another forum that i visit who is developing his own linux distro. one of the planned features of the distro is an encrypted swap partition. since he is planning on using it, i am sure he could probably enlighten you on how it would work if you got into contact with him. here is the link to the thread.

http://www.undergroundsystems.org/forum ... #post67967

Post Reply