diff options
| author | Lennart Poettering <lennart@poettering.net> | 2022-04-19 12:43:14 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2022-04-19 12:44:45 +0200 |
| commit | e4b5226d63350cfe2eacacfa343d0323f05e3ebd (patch) | |
| tree | cf8b335555a2163fd825501920562db2cbee15bf | |
| parent | 5e3b8aeef30f8b46669280ecffc178fa43c8bf00 (diff) | |
| download | systemd-e4b5226d63350cfe2eacacfa343d0323f05e3ebd.tar.gz | |
update TODO
| -rw-r--r-- | TODO | 4 |
1 files changed, 4 insertions, 0 deletions
@@ -112,6 +112,10 @@ Features: kernel-install when encrypting the creds it generates on systems that lack a TPM, so that we can have very similar codepaths on TPM and TPM-less systems. i.e. --with-key=tpm-graceful or so. + - sd-stub should measure the kernel/initrd/… into a separate PCR, so that we + have one PCR we can bind the encrypted creds to that is not effected by + anything else but what we drop in via kernel-install, i.e. by earlier EFI + code running (i.e. like PCR 4) * Add a new service type very similar to Type=notify, that goes one step further and extends the protocol to cover reloads. Specifically, SIGHUP will |