[GH-ISSUE #3132] [Feature?] Force process to spend most of its time in swap (zram, cgroups) #1965

New issue

Closed

opened 2026-05-05 08:37:39 -06:00 by gitea-mirror · 1 comment

gitea-mirror commented

2026-05-05 08:37:39 -06:00

Owner

Originally created by @ghost on GitHub (Jan 8, 2020).
Original GitHub issue: https://github.com/netblue30/firejail/issues/3132

I want to launch for example, a browser with firejail such that it would spend the majority of its time in swap (and even when used most of it will be in swap since not all its memory pages will be accessed).

My swap is zram which is exceptionally good at compressing text - which browser memory mostly consists of (tests showed a compression factor of 2.5 to 3 with lzo - cat /sys/block/zram0/mm_stat gives numbers to divide for compression factor : make sure some swap is used fist or else the initialized 0 swap doesn't contain meaningful numbers)
Edit: echo $(cat /sys/block/zram0/mm_stat | cut -d" " -f 1) / $(cat /sys/block/zram0/mm_stat | cut -d" " -f 2) | bc -l

So the intention is to force something that is known to be well compressible to be compressed first and delay further necessary compression/decompression of unknown memory - unless you are filling your memory with /dev/urandom it will probably still be nicely compressible but not as much.

Apparently cgroups can be used to limit the memory of processes somehow to achieve this effect. Is there an easy way to do it with firejail, if not then this is a feature request.

zram is ridiculously effective at multiplying your RAM and few desktop users seem to be aware of it. Android makes extensive use of it among other strapped for memory embedded systems, it's mostly arm contributors that were responsible for the kernel feature as I understand it.

For those interested: https://www.kernel.org/doc/Documentation/blockdev/zram.txt or https://www.kernel.org/doc/html/latest/admin-guide/blockdev/zram.html
Extremely easy to set up.

sudo modprobe zram
sudo sh -c "echo lzo > /sys/block/zram0/comp_algorithm"
sudo sh -c "echo 32G > /sys/block/zram0/disksize"
sudo mkswap --label zram0 /dev/zram0
sudo swapon --priority 100 /dev/zram0

PS: If your kernel is sufficiently new use lzo-rle instead of lzo.
to check, after modprobe: cat /sys/block/zram0/comp_algorithm

also:
vm.overcommit_memory = 1
vm.swappiness = 100
vm.page-cluster = 0

Originally created by @ghost on GitHub (Jan 8, 2020). Original GitHub issue: https://github.com/netblue30/firejail/issues/3132 I want to launch for example, a browser with firejail such that it would spend the majority of its time in swap (and even when used most of it will be in swap since not all its memory pages will be accessed). My swap is zram which is exceptionally good at compressing text - which browser memory mostly consists of (tests showed a compression factor of 2.5 to 3 with lzo - cat /sys/block/zram0/mm_stat gives numbers to divide for compression factor : make sure some swap is used fist or else the initialized 0 swap doesn't contain meaningful numbers) Edit: echo $(cat /sys/block/zram0/mm_stat | cut -d" " -f 1) / $(cat /sys/block/zram0/mm_stat | cut -d" " -f 2) | bc -l So the intention is to force something that is known to be well compressible to be compressed first and delay further necessary compression/decompression of unknown memory - unless you are filling your memory with /dev/urandom it will probably still be nicely compressible but not as much. Apparently cgroups can be used to limit the memory of processes somehow to achieve this effect. Is there an easy way to do it with firejail, if not then this is a feature request. zram is ridiculously effective at multiplying your RAM and few desktop users seem to be aware of it. Android makes extensive use of it among other strapped for memory embedded systems, it's mostly arm contributors that were responsible for the kernel feature as I understand it. For those interested: https://www.kernel.org/doc/Documentation/blockdev/zram.txt or https://www.kernel.org/doc/html/latest/admin-guide/blockdev/zram.html Extremely easy to set up. ``` sudo modprobe zram sudo sh -c "echo lzo > /sys/block/zram0/comp_algorithm" sudo sh -c "echo 32G > /sys/block/zram0/disksize" sudo mkswap --label zram0 /dev/zram0 sudo swapon --priority 100 /dev/zram0 ``` PS: If your kernel is sufficiently new use lzo-rle instead of lzo. to check, after modprobe: cat /sys/block/zram0/comp_algorithm also: vm.overcommit_memory = 1 vm.swappiness = 100 vm.page-cluster = 0

gitea-mirror closed this issue

2026-05-05 08:37:40 -06:00

gitea-mirror commented

2026-05-05 08:37:42 -06:00

Author

Owner

@ghost commented on GitHub (Jan 8, 2020):

Found the answer elsewhere:

sudo cgcreate -a $USER:$USER -t $USER:$USER -g memory:/firejail_browser
echo 1G > /sys/fs/cgroup/memory/firejail_browser/memory.limit_in_bytes
echo 128M > /sys/fs/cgroup/memory/firejail_browser/memory.soft_limit_in_bytes

and

firejail --cgroup=/sys/fs/cgroup/memory/firejail_browser/tasks

It's certainly swapping so probably works.

@ghost commented on GitHub (Jan 8, 2020): Found the answer elsewhere: ``` sudo cgcreate -a $USER:$USER -t $USER:$USER -g memory:/firejail_browser echo 1G > /sys/fs/cgroup/memory/firejail_browser/memory.limit_in_bytes echo 128M > /sys/fs/cgroup/memory/firejail_browser/memory.soft_limit_in_bytes ``` and firejail --cgroup=/sys/fs/cgroup/memory/firejail_browser/tasks It's certainly swapping so probably works.

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#1965

No description provided.

Rows
Columns