diff options
| author | Bernardo Meurer <bernardo@meurer.org> | 2022-10-14 09:46:01 -0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-10-14 09:46:01 -0300 |
| commit | 71f2836fbab0f8697119255b6edc7d5f1f3309b9 (patch) | |
| tree | c713b00e98c87309d56e8b093cb1fd6f4324d375 /pkgs/os-specific/linux/kernel | |
| parent | 5e66f427c661955f08d55f654e82bab1b1a7abc1 (diff) | |
| parent | 732950b26b452cc6762df0d3a2998f010da76624 (diff) | |
| download | nixpkgs-71f2836fbab0f8697119255b6edc7d5f1f3309b9.tar nixpkgs-71f2836fbab0f8697119255b6edc7d5f1f3309b9.tar.gz nixpkgs-71f2836fbab0f8697119255b6edc7d5f1f3309b9.tar.bz2 nixpkgs-71f2836fbab0f8697119255b6edc7d5f1f3309b9.tar.lz nixpkgs-71f2836fbab0f8697119255b6edc7d5f1f3309b9.tar.xz nixpkgs-71f2836fbab0f8697119255b6edc7d5f1f3309b9.tar.zst nixpkgs-71f2836fbab0f8697119255b6edc7d5f1f3309b9.zip | |
Merge pull request #184770 from NickCao/kernel-keyring
Diffstat (limited to 'pkgs/os-specific/linux/kernel')
| -rw-r--r-- | pkgs/os-specific/linux/kernel/common-config.nix | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/pkgs/os-specific/linux/kernel/common-config.nix b/pkgs/os-specific/linux/kernel/common-config.nix index 3a71563593e..2e076063458 100644 --- a/pkgs/os-specific/linux/kernel/common-config.nix +++ b/pkgs/os-specific/linux/kernel/common-config.nix @@ -505,6 +505,11 @@ let # Depends on MODULE_SIG and only really helps when you sign your modules # and enforce signatures which we don't do by default. SECURITY_LOCKDOWN_LSM = option no; + + # provides a register of persistent per-UID keyrings, useful for encrypting storage pools in stratis + PERSISTENT_KEYRINGS = yes; + # enable temporary caching of the last request_key() result + KEYS_REQUEST_CACHE = whenAtLeast "5.3" yes; } // optionalAttrs (!stdenv.hostPlatform.isAarch32) { # Detect buffer overflows on the stack |