Hello Tinker, there's a 2016-11 thread that's related: "swap on encrypted softraid, performance penalty"
stsp@ https://marc.info/?l=openbsd-misc&m=143184355522545 tedu@ https://marc.info/?l=openbsd-misc&m=143206067713324 Marcus t1...@protonmail.ch (Tinker), 2018.02.08 (Thu) 19:49 (CET): > Hi misc@, > > I looked through previous discussions on whether a SWAP partition > should be inside or outside the RAID partition when making a crypto > softraid. > > The only argument I stumbled into was that it should be outside because > swap is encrypted anyhow and it would be unnecessary to double-encrypt > the swap. > > > That seems like a weak argument to me, because swap is generally used > rarely and so speed does not really matter anyhow, and, the swap > partition is always used also as dump partition, and dumps are *not* > encrypted. > > For the case that a dump would happen, you want the OS to encrypt it > and the way to do that is to put the SWAP *inside* the RAID. > > > Maybe a crash-dump can be induced somehow. Maybe someone would get hold > of the HDD while the dump data is still on the swap partition because > the OS has not booted again, which would otherwise normally migrate > that dump data over to the filesystem. > > This is an extreme consideration though as a comprehensive motivation > for a choice it appears to me to make all sense. > > > Thoughts, comments? > > I would probably interpret no comments as that the SWAP should indeed > be located inside the RAID for this said reason. > > Thanks, > Tinker >
