From 0ea8c6e3de08b902887eef8aa107891f49d1f610 Mon Sep 17 00:00:00 2001 From: Dan Callahan Date: Thu, 21 Feb 2019 12:05:43 +0000 Subject: [PATCH] linux: Enable support for Self-Encrypting Drives To quote block/Kconfig: > Builds Logic for interfacing with Opal enabled controllers. > Enabling this option enables users to setup/unlock/lock > Locking ranges for SED devices using the Opal protocol. Without `BLK_SED_OPAL`, it is impossible to resume from sleep when using a locked self-encrypting drive. This configuration option appeared in earlier kernels, but only reached maturity in 4.14 according to discussion at: - https://github.com/Drive-Trust-Alliance/sedutil/issues/90 and - https://github.com/Drive-Trust-Alliance/sedutil/pull/190 This kernel option is enabled in the default kernels shipped with Fedora, Debian, and other mainstream Linux distributions. --- pkgs/os-specific/linux/kernel/common-config.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index e8126c23d3d1..61dbf2393bb1 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -592,6 +592,8 @@ let BLK_DEV_INTEGRITY = yes; + BLK_SED_OPAL = whenAtLeast "4.14" yes; + BSD_PROCESS_ACCT_V3 = yes; BT_HCIUART_BCSP = option yes;