1. Home
2. Questions
3. Unanswered
4. AI Assist Labs
5. Tags
7. Chat
8. Users
10. Companies
Teams

Ask questions, find answers and collaborate at work with Stack Overflow for Teams.
Try Teams for free Explore Teams
Teams
Ask questions, find answers and collaborate at work with Stack Overflow for Teams. Explore Teams

Return to Answer

Add advantages of doing this vs the other answer.

Source Link

edited Oct 2, 2022 at 23:41

31
2

Here's a patch I quickly wrote and have been using:

https://gist.github.com/kelvie/917d456cb572325aae8e3bd94a9c1350

I also ran into this setting up my Framework laptop with almost the same setup.

I have an encrypted swap (and encrypted RAM enabled), so with this patch you should understand the risks before adding lockdown_hibernate to your kernel params and forcing it to enable hibernate during lockdown.

The advantage of this vs just disabling lockdown altogether is that you still get the majority of the other protections that lockdown mode affords, albeit it's a moot point if someone can get your kernel to load from a compromised swap.

Here's a patch I quickly wrote and have been using:

https://gist.github.com/kelvie/917d456cb572325aae8e3bd94a9c1350

I also ran into this setting up my Framework laptop with almost the same setup.

I have an encrypted swap (and encrypted RAM enabled), so with this patch you should understand the risks before adding lockdown_hibernate to your kernel params and forcing it to enable hibernate during lockdown.

Here's a patch I quickly wrote and have been using:

https://gist.github.com/kelvie/917d456cb572325aae8e3bd94a9c1350

I also ran into this setting up my Framework laptop with almost the same setup.

I have an encrypted swap (and encrypted RAM enabled), so with this patch you should understand the risks before adding lockdown_hibernate to your kernel params and forcing it to enable hibernate during lockdown.

The advantage of this vs just disabling lockdown altogether is that you still get the majority of the other protections that lockdown mode affords, albeit it's a moot point if someone can get your kernel to load from a compromised swap.

Source Link

answered Oct 2, 2022 at 23:40

31
2

Here's a patch I quickly wrote and have been using:

https://gist.github.com/kelvie/917d456cb572325aae8e3bd94a9c1350

I also ran into this setting up my Framework laptop with almost the same setup.

I have an encrypted swap (and encrypted RAM enabled), so with this patch you should understand the risks before adding lockdown_hibernate to your kernel params and forcing it to enable hibernate during lockdown.