Am Donnerstag, den 06.04.2017, 01:38 +0200 schrieb Rafael J. Wysocki:
> On Wed, Apr 5, 2017 at 10:16 PM, David Howells <dhowe...@redhat.com> wrote:
> >
> > From: Matthew Garrett <mj...@srcf.ucam.org>
> >
> > uswsusp allows a user process to dump and then restore kernel state, which
> > makes it possible to modify the running kernel. Disable this if the kernel
> > is locked down.
> >
> > Signed-off-by: Matthew Garrett <mj...@srcf.ucam.org>
> > Signed-off-by: David Howells <dhowe...@redhat.com>
> > cc: linux...@vger.kernel.org
>
> You probably want to disable hibernation altogether in this case.
Your swap partition may be located on an NVDIMM or be encrypted.
Isn't this a bit overly drastic?
Regards
Oliver
