nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-14 09:43:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

linux: enable PERSISTENT_KEYRINGS and KEYS_REQUEST_CACHE

Browse Source 
PERSISTENT_KEYRINGS provides a register of persistent per-UID keyrings, useful for encrypting storage pools in stratis.
KEYS_REQUEST_CACHE enable temporary caching of the last request_key() result.
This commit is contained in:
Nick Cao 2022-08-02 15:03:56 +08:00
parent 22c17bd5f3
commit 8db1ad7850
No known key found for this signature in database
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
pkgs/os-specific/linux/kernel/common-config.nix
View File

@ -504,6 +504,11 @@ let
# Depends on MODULE_SIG and only really helps when you sign your modules
# and enforce signatures which we don't do by default.
SECURITY_LOCKDOWN_LSM = option no;
# provides a register of persistent per-UID keyrings, useful for encrypting storage pools in stratis
PERSISTENT_KEYRINGS = yes;
# enable temporary caching of the last request_key() result
KEYS_REQUEST_CACHE = whenAtLeast "5.3" yes;
} // optionalAttrs (!stdenv.hostPlatform.isAarch32) {
# Detect buffer overflows on the stack