kernel: Trust the randomness from the CPU

This will allow the kernel to seed its CRNG using RDSEED or RDRAND.

During the boot process, it is required that the CRNG is being
initialised, but it may take some long time on systems that do not have
a random number generator.

This is the default for various other distributions like Debian.

Signed-off-by: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/config/kernel/kernel.config.i586-ipfire b/config/kernel/kernel.config.i586-ipfire
index 0903d48d628e96f6fa6bb8c69b085a5f42356f51..1dbc6ba6762565162a92415fb8a75c5c0eda85e0 100644 (file)
--- a/config/kernel/kernel.config.i586-ipfire
+++ b/config/kernel/kernel.config.i586-ipfire
@@ -3468,7 +3468,7 @@ CONFIG_HANGCHECK_TIMER=m
 # CONFIG_XILLYBUS is not set
 # end of Character devices
 
-# CONFIG_RANDOM_TRUST_CPU is not set
+CONFIG_RANDOM_TRUST_CPU=y
 # CONFIG_RANDOM_TRUST_BOOTLOADER is not set
 
 #

diff --git a/config/kernel/kernel.config.x86_64-ipfire b/config/kernel/kernel.config.x86_64-ipfire
index deda2add826c98e55bc848eacf2ddcb151fc2515..cb9a806d5d0f8613145a28b943905dcd475d29c0 100644 (file)
--- a/config/kernel/kernel.config.x86_64-ipfire
+++ b/config/kernel/kernel.config.x86_64-ipfire
@@ -3433,7 +3433,7 @@ CONFIG_HANGCHECK_TIMER=m
 # CONFIG_XILLYBUS is not set
 # end of Character devices
 
-# CONFIG_RANDOM_TRUST_CPU is not set
+CONFIG_RANDOM_TRUST_CPU=y
 # CONFIG_RANDOM_TRUST_BOOTLOADER is not set
 
 #