Am Donnerstag, den 06.04.2017, 01:38 +0200 schrieb Rafael J. Wysocki:
> On Wed, Apr 5, 2017 at 10:16 PM, David Howells <[email protected]> wrote:
> >
> > From: Matthew Garrett <[email protected]>
> >
> > uswsusp allows a user process to dump and then restore kernel state, which
> > makes it possible to modify the running kernel. Disable this if the kernel
> > is locked down.
> >
> > Signed-off-by: Matthew Garrett <[email protected]>
> > Signed-off-by: David Howells <[email protected]>
> > cc: [email protected]
>
> You probably want to disable hibernation altogether in this case.
Your swap partition may be located on an NVDIMM or be encrypted.
Isn't this a bit overly drastic?
Regards
Oliver
