Comment by jaffa2

Comment by jaffa2 2 days ago

this just sounds absolutely horrendous. I could not operate like this. Is this a general linux on laptop thing or just a specific to your situation thing?

mwpmaybe 21 hours ago

It's... not great. It's a dual-boot laptop that I take out into the field so I'd like to encrypt the Windows and Linux volumes with BitLocker and LUKS respectively, and ideally I would leave Secure Boot enabled for that extra bit of security. Ultimately I'll need to decide whether to disable Secure Boot or patch the kernel to let me override lockdown mode. I know SuSE has implemented it but I don't know if their patch series will apply cleanly to a mainline Ubuntu kernel.

Reply View 0 replies

Telaneo a day ago

It's a Linux thing.

> The Linux kernel disables the possibility of hibernation when Secure Boot is in use because it cannot guarantee that the swap file is unchanged. "Unencrypted hibernation/suspend to swap are disallowed as the kernel image is saved to a medium that can then be accessed."

https://wiki.debian.org/Hibernation

Reply View 0 replies

bigyabai 2 days ago

I think it's specific to their machine? I've got an old Skylake (6600u) machine with Secure Boot disabled that will last a weekend with the lid closed.

Reply View 2 replies

charcircuit a day ago

This is a general Linux issue. Over the years patches have floated around to address it (like letting people force it to be allowed if their swap is encrypted).
https://man7.org/linux/man-pages/man7/kernel_lockdown.7.html

Reply View | 0 replies
Telaneo a day ago

> with Secure Boot disabled
That's why it works for you. Enable secure boot and you lose hibernate.

Reply View | 0 replies