From 3be68c032c864fa98ed85e54ea5af19976c55ed7 Mon Sep 17 00:00:00 2001 From: sommerfeld Date: Fri, 29 May 2026 11:18:14 +0100 Subject: feat(suspend): disable system suspend until hardened kernel resume issue is fixed linux-hardened wedges on resume from S3 (NVMe/i915/iwlwifi driver UAF exposed by INIT_ON_FREE + slab hardening). Until root-caused, take suspend off the table while keeping lock + DPMS intact. - etc/systemd/logind.conf.d/20-no-suspend.conf: lid close, suspend key, hibernate key all map to 'lock'; IdleAction=ignore (swayidle drives DPMS+swaylock independently). - run_onchange_after_deploy-etc.sh.tmpl: mask sleep.target, suspend.target, hibernate.target, hybrid-sleep.target, suspend-then-hibernate.target via /etc/systemd/system -> /dev/null symlinks. Catches 'systemctl suspend' from any source. - dot_config/sway/config: XF86Sleep and system-mode 's' now run loginctl lock-session instead of systemctl suspend. - dot_config/sway/executable_power-menu.sh: drop Suspend entry. - KEYBINDS.md: reflect new behaviour. To re-enable later: remove the logind drop-in + symlink loop, then sudo systemctl daemon-reload. --- etc/systemd/logind.conf.d/20-no-suspend.conf | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 etc/systemd/logind.conf.d/20-no-suspend.conf (limited to 'etc/systemd/logind.conf.d/20-no-suspend.conf') diff --git a/etc/systemd/logind.conf.d/20-no-suspend.conf b/etc/systemd/logind.conf.d/20-no-suspend.conf new file mode 100644 index 0000000..1b58aa4 --- /dev/null +++ b/etc/systemd/logind.conf.d/20-no-suspend.conf @@ -0,0 +1,17 @@ +[Login] +# Suspend is disabled while the linux-hardened wake-from-S3 hang is +# unresolved (NVMe / i915 / iwlwifi driver UAF surfaced by INIT_ON_FREE +# + slab hardening). Lid close, suspend/hibernate keys, and idle action +# all fall back to session lock instead of suspend. The sleep/suspend/ +# hibernate targets are also masked at the unit level via the etc/ +# deploy script as belt-and-braces against `systemctl suspend` from +# anywhere. Screen-off (DPMS) and swaylock continue to be driven by +# swayidle and are unaffected. +HandleLidSwitch=lock +HandleLidSwitchExternalPower=lock +HandleLidSwitchDocked=ignore +HandleSuspendKey=lock +HandleSuspendKeyLongPress=ignore +HandleHibernateKey=lock +HandleHibernateKeyLongPress=ignore +IdleAction=ignore -- cgit v1.3.1