random: fix merge: credit cpu and bootloader seeds by default

Author: scpcom

drivers/char/Kconfig

@@ -556,8 +556,6 @@ config SUNXI_BS83B16C
 	  the driver, it is necessary to ensure that the MCU has burned the
 	  corresponding firmware.
 
-endmenu
-
 config RANDOM_TRUST_CPU
 	bool "Initialize RNG using CPU RNG instructions"
 	default y
@@ -581,11 +579,21 @@ config RANDOM_TRUST_BOOTLOADER
 	bool "Initialize RNG using bootloader-supplied seed"
 	default y
 	help
-	Some bootloaders can provide entropy to increase the kernel's initial
-	device randomness. Say Y here to assume the entropy provided by the
-	booloader is trustworthy so it will be added to the kernel's entropy
-	pool. Otherwise, say N here so it will be regarded as device input that
-	only mixes the entropy pool.
+	  Initialize the RNG using a seed supplied by the bootloader or boot
+	  environment (e.g. EFI or a bootloader-generated device tree). This
+	  seed is not used directly, but is rather hashed into the main input
+	  pool, and this happens regardless of whether or not this option is
+	  enabled. Instead, this option controls whether the seed is credited
+	  and hence can initialize the RNG. Additionally, other sources of
+	  randomness are always used, regardless of this setting. Enabling
+	  this implies trusting that the bootloader can supply high quality and
+	  non-backdoored seeds.
+
+	  Say Y here unless you have reason to mistrust your bootloader or
+	  believe its RNG facilities may be faulty. This may also be configured
+	  at boot time with "random.trust_bootloader=on/off".
+
+endmenu
 
 source "drivers/char/sunxi_g2d/Kconfig"
 source "drivers/char/sunxi-di/Kconfig"