AWS hibernation failure with KASLR enabled

Observed during development and testing of AWS hibernation on Ubuntu linux-aws-bionic (4.15.0-1044.46):

There is a known issue when using On-Demand Hibernation related to KASLR (Kernel Address Space Layout Randomization). KASLR is a standard Linux kernel security feature which helps to mitigate exposure to and ramifications of yet-undiscovered memory access vulnerabilities by randomizing the base address value of the kernel. In a small percentage of tests, instances with KASLR enabled do not resume and become completely unusable after hibernation. Disabling KASLR, which is enabled by default, is known to avoid this issue. Please see (TBD AWS announcement) for additional details.

-----

Users affected by this issue may consider disabling KASLR as a work-around, as follows:

To disable KASLR on an instance, follow these steps to reboot with the 'nokaslr' kernel command line switch:

1. Edit the file /etc/default/grub.d/50-cloudimg-settings.cfg and add the word 'nokaslr' to the GRUB_CMDLINE_LINUX_DEFAULT string, e.g.:

      GRUB_CMDLINE_LINUX_DEFAULT="console=tty1 console=ttyS0 nvme_core.io_timeout=4294967295 nokaslr"

2. Run the command 'sudo update-grub'.

3. Reboot the instance.