[talk] Does swap still matter?

[Brian Cully]

On 3/16/22 11:03, George Rosamond wrote:

Today, when those 64G or more of RAM are the norm for bare-metal
boxes, and it's overkill in many contexts, is swap still necessary?

Do certain applications/OS functions still use swap as opposed to RAM
for some reason? I mean, swap is normally encrypted by default, so
there is a justifiable reason to use swap over RAM.

    I don't use it on servers because I'd rather have things die than
incur a swap penalty if things start to get bogged down. To be fair, I
was also turning off swap in the 90s, when RAM was much tighter, for
the same reason. When things started to get hammered swap *always*
made the problem worse because now your disks are thrashing.

    I don't use it at home, either, because I have more than adequate
RAM on my home systems and don't see a need for it, and I value
consistent interactive performance. If I had substantially less RAM
I'd turn on swap to cover for bloated applications like web browsers,
or VMS I'm not actively using.

    Theoretically, swap can make your system faster because it allows
you to page out RAM that's been allocated and almost never used for
buffers. I don't know if there are systems that actually do this in
practice, though, and it opens you up to severe performance
degradation. Swap's always seemed to me like this thing that, in
theory, allows for more flexibility, but in practice is almost never
worth the trade offs.

    As far as swap being encrypted, I don't see that as much of a
reason to use over RAM. The keys to decrypt it still have to be in RAM
somewhere, and if you can arbitrarily read RAM, it doesn't seem like
it's much of a stretch to find the key and read whatever you want off
of swap. The value in on-disk encryption is when the system is off,
right? If it's on, and someone has the access to read your block
devices raw, then they can also read your key out of the kernel too,
right? Or has this changed in the advent of TPM and its ilk?

-bjc