mirror of
https://github.com/Kicksecure/security-misc.git
synced 2024-10-01 08:25:45 -04:00
23 lines
1.0 KiB
INI
23 lines
1.0 KiB
INI
## Copyright (C) 2022 - 2022 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
|
|
## See the file COPYING for copying conditions.
|
|
|
|
## RAM wipe is enabled by default on real hardware / bare metal.
|
|
## RAM wipe is disabled by in virtual machines (VMs).
|
|
##
|
|
## User documentation:
|
|
## https://www.kicksecure.com/wiki/Cold_Boot_Attack_Defense
|
|
##
|
|
## Design documentation:
|
|
## https://www.kicksecure.com/wiki/Dev/RAM_Wipe
|
|
|
|
## RAM wipe is omitted in virtual machines (VMs) by default because it is
|
|
## unclear if that could actually lead to the host operating system using
|
|
## swap. Through use of kernel parameter wiperam=force it is possible to
|
|
## force RAM wipe inside VMs which is useful for testing, development purposes.
|
|
#GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT wiperam=force"
|
|
|
|
## Kernel parameter wiperam=skip is provided to support disabling RAM wipe
|
|
## at shutdown, which might be useful to speed up shutdown or in case should
|
|
## there ever be issues.
|
|
#GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT wiperam=skip"
|