Improve Linux performance with this one weird trick

Unless anyone else ever accesses your PC in any way

A cryptic website with a single line of text promises to make your Linux box more responsive – if you are willing to accept some risk.

Another day, another bleed-ing vulnerability. New speculative-execution attacks keep being discovered, and OS kernel developers keep finding ways to block them – at the cost of some CPU performance for each mitigation. But what if you run an isolated, standalone box? What if you just … turned off all the mitigations?

Many years ago my then-lodger – a Perl and Linux guru – attempted to show me a quick way to move some stuff from one Linux box to another. He was very surprised to discover that I didn't have SSH enabled, and that there was no way to access any of my Linux boxes from any of the others. This was and is the default setting for the desktop versions of Ubuntu and Mint, and for a lot of people, that's what you want: a computer that is sealed off to the outside world.

If that describes your needs, then you might find Jean-Michaël Celerier's admirably terse useful. The site is a little dated – you only need all of the switches if you're running a kernel older than version 5.1.13. These days, just the last one is enough. Add it to the end of the kernel line in /etc/default/grub, run update-grub and reboot.

If you want to see what each individual instruction does, there are both brief and wordier explanations out there. If those aren't enough instructions for you, then sorry – you probably shouldn't try this at home.

Also don't do it on a server, or in a VM, or a machine that hosts VMs or anything else that others use. If the box lets other devices connect to it over the network, don't do it.

Seriously. Just don't go there.

Another pretty easy optimization is one we mentioned back when it was introduced: the zswap feature. If your machine isn't a powerhouse with bucketloads of RAM, then it probably occasionally swaps to disk – whether an Ubuntu-style swapfile or a dedicated swap partition. Enabling zswap compresses whatever is being put into swap, which on any 64-bit machine is likely to be a much faster process than writing to disk. Along with the mitigations=off phrase mentioned above, just add zswap.enabled=1, run update-grub or your distro's equivalent, and reboot.

The Reg FOSS desk tried it on our 12GB RAM day-to-day laptop, and it took a zero off the amount of data placed into swap. ®

Similar topics

Other stories you might like

Biting the hand that feeds IT © 1998–2022