| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Confirmed root cause: this hardware's S3 (deep) firmware path triggers a
fatal wake-from-suspend hang only on linux-hardened. INIT_ON_FREE + slab
hardening + tighter locking turn a latent driver race that stock linux
gets away with into an unrecoverable panic so early the journal isn't
even flushed. mem_sleep_default=s2idle bypasses the BIOS S3 path
entirely (s0ix is a pure-kernel low-power state) and suspends/resumes
reliably under hardened.
This is a widespread Lenovo S3 firmware issue across post-2018
ThinkPads (see Ubuntu T560, X1C9/10/11 reports). Lenovo themselves
moved newer firmwares to s2idle-only. Not a linux-hardened bug per se;
just hardened being a strict enough kernel to make the bug fatal.
Keep:
* mem_sleep_default=s2idle in etc/kernel/cmdline-linux-hardened.tmpl
(only the hardened UKI; stock linux keeps unchanged shared cmdline)
Revert (all the diagnostic / speculative scaffolding from the last
few commits):
* MODULES=(intel_lpss_pci) → MODULES=() — Arch wiki touchpad fix was
not the cause here
* nmi_watchdog=panic softlockup_panic=1 panic=10 — only needed to
auto-reboot during diagnosis
* no_console_suspend — diagnostic-only
* etc/systemd/logind.conf.d/20-no-suspend.conf — masking workaround
* sleep-target masking block in run_onchange_after_deploy-etc.sh.tmpl,
replaced with a one-shot cleanup that removes any leftover
/dev/null symlinks from systems that ran the previous version
* systemd-pstore.service from systemd-units/system.txt — added only to
catch the diagnostic panic
* diagnose-suspend.sh helper (and its .gitignore/.chezmoiignore entries)
* sway suspend → lock-session keybind workaround
* power-menu.sh Suspend entry restoration
* KEYBINDS.md docs
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
fixed
linux-hardened wedges on resume from S3 (NVMe/i915/iwlwifi driver UAF
exposed by INIT_ON_FREE + slab hardening). Until root-caused, take
suspend off the table while keeping lock + DPMS intact.
- etc/systemd/logind.conf.d/20-no-suspend.conf: lid close, suspend
key, hibernate key all map to 'lock'; IdleAction=ignore (swayidle
drives DPMS+swaylock independently).
- run_onchange_after_deploy-etc.sh.tmpl: mask sleep.target,
suspend.target, hibernate.target, hybrid-sleep.target,
suspend-then-hibernate.target via /etc/systemd/system -> /dev/null
symlinks. Catches 'systemctl suspend' from any source.
- dot_config/sway/config: XF86Sleep and system-mode 's' now run
loginctl lock-session instead of systemctl suspend.
- dot_config/sway/executable_power-menu.sh: drop Suspend entry.
- KEYBINDS.md: reflect new behaviour.
To re-enable later: remove the logind drop-in + symlink loop, then
sudo systemctl daemon-reload.
|
| |
|
|
|
| |
Drop --hide-search and enable --matching=fuzzy --insensitive so typing
'po' jumps to Poweroff, 'su' to Suspend, etc.
|
| |
|
|
|
|
| |
Pure formatter output from shfmt (2-space indent, '|' line breaks),
prettier (KEYBINDS.md), and 'just fmt' (justfile blank line).
No behavior change.
|
| |
|
|
|
|
|
|
|
| |
- wofi --dmenu --hide-search: pure j/k arrow-key picker, no fuzzy
search field. Matches existing wofi config (key_up/key_down already
include j/k).
- systemctl reboot/poweroff/suspend instead of sudo: rely on polkit,
which permits these for active session users by default — no
passwordless sudo required.
|
|
|
swaynag buttons require a mouse click. Replace the Mod+Shift+e session
prompt with a fuzzel --dmenu picker so the whole menu is keyboard
navigable. Adds Suspend as a new entry while we're here.
|
sommerfeld