From ccb0ba56ef190205a39d59743ef7bd6936da43a0 Mon Sep 17 00:00:00 2001
From: Franz Pletz <fpletz@fnordicwalking.de>
Date: Wed, 3 Jan 2018 07:10:24 +0100
Subject: linux_hardended: enable gcc latent entropy plugin

---
 pkgs/os-specific/linux/kernel/hardened-config.nix | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/pkgs/os-specific/linux/kernel/hardened-config.nix b/pkgs/os-specific/linux/kernel/hardened-config.nix
index a859a3cefbd4..b7959f9d3599 100644
--- a/pkgs/os-specific/linux/kernel/hardened-config.nix
+++ b/pkgs/os-specific/linux/kernel/hardened-config.nix
@@ -97,6 +97,9 @@ PANIC_TIMEOUT -1
 
 GCC_PLUGINS y # Enable gcc plugin options
 
+# Gather additional entropy at boot time for systems that may not have appropriate entropy sources.
+GCC_PLUGIN_LATENT_ENTROPY y
+
 ${optionalString (versionAtLeast version "4.11") ''
   GCC_PLUGIN_STRUCTLEAK y # A port of the PaX structleak plugin
 ''}
-- 
cgit 1.4.1