33973e1e1f
Generally a guest needs an external source of randomness to properly enable things like address space randomisation. However in a trusted boot environment where the firmware will cryptographically verify components having random data in the DTB will cause verification to fail. Add a control knob so we can prevent this being added to the system DTB. Signed-off-by: Alex Bennée <alex.bennee@linaro.org> Tested-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Acked-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Andrew Jones <drjones@redhat.com> Message-Id: <20220105135009.1584676-22-alex.bennee@linaro.org> |
||
---|---|---|
.. | ||
_templates | ||
about | ||
config | ||
devel | ||
interop | ||
specs | ||
sphinx | ||
sphinx-static | ||
spin | ||
system | ||
tools | ||
user | ||
amd-memory-encryption.txt | ||
block-replication.txt | ||
bypass-iommu.txt | ||
can.txt | ||
ccid.txt | ||
COLO-FT.txt | ||
colo-proxy.txt | ||
conf.py | ||
confidential-guest-support.txt | ||
defs.rst.inc | ||
hyperv.txt | ||
igd-assign.txt | ||
image-fuzzer.txt | ||
index.rst | ||
memory-hotplug.txt | ||
meson.build | ||
multi-thread-compression.txt | ||
multiseat.txt | ||
nvdimm.txt | ||
pci_expander_bridge.txt | ||
pcie_pci_bridge.txt | ||
pcie.txt | ||
pvrdma.txt | ||
qcow2-cache.txt | ||
qdev-device-use.txt | ||
qemu_logo.pdf | ||
qemu-option-trace.rst.inc | ||
qemupciserial.inf | ||
rdma.txt | ||
replay.txt | ||
spice-port-fqdn.txt | ||
throttle.txt | ||
u2f.txt | ||
xbzrle.txt | ||
xen-save-devices-state.txt |