diff options
| author | Ahmad Fatoum <[email protected]> | 2022-05-13 16:57:00 +0200 |
|---|---|---|
| committer | Jarkko Sakkinen <[email protected]> | 2022-05-23 18:47:50 +0300 |
| commit | fcd7c26901c83681532c6daac599e53d4df11738 (patch) | |
| tree | 80e61e94c05de33043fefb0e4970e53e32c4f16b /tools/perf/scripts/python/failed-syscalls-by-pid.py | |
| parent | be07858fbf8115fc74528292c2ee8775fe49116f (diff) | |
KEYS: trusted: allow use of kernel RNG for key material
The two existing trusted key sources don't make use of the kernel RNG,
but instead let the hardware doing the sealing/unsealing also
generate the random key material. However, both users and future
backends may want to place less trust into the quality of the trust
source's random number generator and instead reuse the kernel entropy
pool, which can be seeded from multiple entropy sources.
Make this possible by adding a new trusted.rng parameter,
that will force use of the kernel RNG. In its absence, it's up
to the trust source to decide, which random numbers to use,
maintaining the existing behavior.
Suggested-by: Jarkko Sakkinen <[email protected]>
Acked-by: Sumit Garg <[email protected]>
Acked-by: Pankaj Gupta <[email protected]>
Reviewed-by: David Gstir <[email protected]>
Reviewed-by: Pankaj Gupta <[email protected]>
Reviewed-by: Jarkko Sakkinen <[email protected]>
Tested-by: Pankaj Gupta <[email protected]>
Tested-by: Michael Walle <[email protected]> # on ls1028a (non-E and E)
Tested-by: John Ernberg <[email protected]> # iMX8QXP
Signed-off-by: Ahmad Fatoum <[email protected]>
Signed-off-by: Jarkko Sakkinen <[email protected]>
Diffstat (limited to 'tools/perf/scripts/python/failed-syscalls-by-pid.py')
0 files changed, 0 insertions, 0 deletions