[d-kernel] [PATCH un-def/sisyphus] config: Enable seeding CRNG from CPU and bootleader
Andrey Savchenko
bircoph на altlinux.org
Пн Май 9 19:05:01 MSK 2022
On Mon, 9 May 2022 17:23:00 +0300 Vitaly Chikunov wrote:
> This can be disabled at boot time with:
> random.trust_cpu=off
> random.trust_bootloader=off
>
> Signed-off-by: Vitaly Chikunov <vt на altlinux.org>
> ---
> config | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/config b/config
> index e529911fd5dc..5b817e945274 100644
> --- a/config
> +++ b/config
> @@ -4479,8 +4479,8 @@ CONFIG_XILLYBUS_CLASS=m
> CONFIG_XILLYBUS=m
> CONFIG_XILLYBUS_PCIE=m
> # CONFIG_XILLYUSB is not set
> -# CONFIG_RANDOM_TRUST_CPU is not set
> -# CONFIG_RANDOM_TRUST_BOOTLOADER is not set
> +CONFIG_RANDOM_TRUST_CPU=y
> +CONFIG_RANDOM_TRUST_BOOTLOADER=y
These sources are not trusted in most cases, so please avoid
enabling them by default for everyone.
Best regards,
Andrew Savchenko
----------- следующая часть -----------
Было удалено вложение не в текстовом формате...
Имя : отсутствует
Тип : application/pgp-signature
Размер : 833 байтов
Описание: отсутствует
Url : <http://lists.altlinux.org/pipermail/devel-kernel/attachments/20220509/e0ff98d9/attachment.bin>
Подробная информация о списке рассылки devel-kernel