ilyakooo0/nixpkgs
1
0
Fork 0
mirror of https://github.com/ilyakooo0/nixpkgs.git synced 2024-09-22 04:57:56 +03:00
Code Issues Projects Releases Wiki Activity

Merge pull request #165355 from NixOS/random-trust-bootloader

Browse Source 
kernel: enable RANDOM_TRUST_BOOTLOADER on >= 5.4
This commit is contained in:
Graham Christensen 2022-03-24 09:14:53 -04:00 committed by GitHub
commit e492708e2f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
pkgs/os-specific/linux/kernel/common-config.nix
View File

@ -479,6 +479,7 @@ let
DEFAULT_SECURITY_APPARMOR = yes;
RANDOM_TRUST_CPU = whenAtLeast "4.19" yes; # allow RDRAND to seed the RNG
RANDOM_TRUST_BOOTLOADER = whenAtLeast "5.4" yes; # allow the bootloader to seed the RNG
MODULE_SIG = no; # r13y, generates a random key during build and bakes it in
# Depends on MODULE_SIG and only really helps when you sign your modules