From 6e0c5c33438e5e898bd075c33a45b3abf9d1b26b Mon Sep 17 00:00:00 2001 From: sommerfeld Date: Fri, 29 May 2026 11:18:15 +0100 Subject: feat(suspend): re-enable suspend on s2idle, drop diagnostic scaffolding MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Confirmed root cause: this hardware's S3 (deep) firmware path triggers a fatal wake-from-suspend hang only on linux-hardened. INIT_ON_FREE + slab hardening + tighter locking turn a latent driver race that stock linux gets away with into an unrecoverable panic so early the journal isn't even flushed. mem_sleep_default=s2idle bypasses the BIOS S3 path entirely (s0ix is a pure-kernel low-power state) and suspends/resumes reliably under hardened. This is a widespread Lenovo S3 firmware issue across post-2018 ThinkPads (see Ubuntu T560, X1C9/10/11 reports). Lenovo themselves moved newer firmwares to s2idle-only. Not a linux-hardened bug per se; just hardened being a strict enough kernel to make the bug fatal. Keep: * mem_sleep_default=s2idle in etc/kernel/cmdline-linux-hardened.tmpl (only the hardened UKI; stock linux keeps unchanged shared cmdline) Revert (all the diagnostic / speculative scaffolding from the last few commits): * MODULES=(intel_lpss_pci) → MODULES=() — Arch wiki touchpad fix was not the cause here * nmi_watchdog=panic softlockup_panic=1 panic=10 — only needed to auto-reboot during diagnosis * no_console_suspend — diagnostic-only * etc/systemd/logind.conf.d/20-no-suspend.conf — masking workaround * sleep-target masking block in run_onchange_after_deploy-etc.sh.tmpl, replaced with a one-shot cleanup that removes any leftover /dev/null symlinks from systems that ran the previous version * systemd-pstore.service from systemd-units/system.txt — added only to catch the diagnostic panic * diagnose-suspend.sh helper (and its .gitignore/.chezmoiignore entries) * sway suspend → lock-session keybind workaround * power-menu.sh Suspend entry restoration * KEYBINDS.md docs --- etc/systemd/logind.conf.d/20-no-suspend.conf | 17 ----------------- 1 file changed, 17 deletions(-) delete mode 100644 etc/systemd/logind.conf.d/20-no-suspend.conf (limited to 'etc/systemd/logind.conf.d/20-no-suspend.conf') diff --git a/etc/systemd/logind.conf.d/20-no-suspend.conf b/etc/systemd/logind.conf.d/20-no-suspend.conf deleted file mode 100644 index 1b58aa4..0000000 --- a/etc/systemd/logind.conf.d/20-no-suspend.conf +++ /dev/null @@ -1,17 +0,0 @@ -[Login] -# Suspend is disabled while the linux-hardened wake-from-S3 hang is -# unresolved (NVMe / i915 / iwlwifi driver UAF surfaced by INIT_ON_FREE -# + slab hardening). Lid close, suspend/hibernate keys, and idle action -# all fall back to session lock instead of suspend. The sleep/suspend/ -# hibernate targets are also masked at the unit level via the etc/ -# deploy script as belt-and-braces against `systemctl suspend` from -# anywhere. Screen-off (DPMS) and swaylock continue to be driven by -# swayidle and are unaffected. -HandleLidSwitch=lock -HandleLidSwitchExternalPower=lock -HandleLidSwitchDocked=ignore -HandleSuspendKey=lock -HandleSuspendKeyLongPress=ignore -HandleHibernateKey=lock -HandleHibernateKeyLongPress=ignore -IdleAction=ignore -- cgit v1.3.1