Trusting CPU and bootloader as entropy sources #13
Description
Currently the recommendations are:
# Get as much entropy as possible from external sources. The Chacha mixer isn't vulnerable to injected entropy, so even
# malicious sources should not cause problems.
CONFIG_RANDOM_TRUST_BOOTLOADER=y
CONFIG_RANDOM_TRUST_CPU=y
These CONFIGs actually do the opposite as they credit both sources when intialising the CRNG.
Should the CONFIGs not instead be:
CONFIG_RANDOM_TRUST_BOOTLOADER=n
CONFIG_RANDOM_TRUST_CPU=n
This way other entropy is obtained from other sources at the cost of increasing boot time?