diff options
author | Luca Boccassi <luca.boccassi@microsoft.com> | 2021-07-12 22:47:59 +0100 |
---|---|---|
committer | Luca Boccassi <luca.boccassi@microsoft.com> | 2021-07-12 22:47:59 +0100 |
commit | 8b213bf12eb59e4ce5365fdbbc36e42ec037107b (patch) | |
tree | defbbe92a27858d4dd85134e7292e5bb5adf45a2 /TODO | |
parent | b1f8d0255748e4f5ac9198d53a376169674413da (diff) | |
download | systemd-8b213bf12eb59e4ce5365fdbbc36e42ec037107b.tar.gz |
TODO: note cgroup.kill and memfd_secret
Diffstat (limited to 'TODO')
-rw-r--r-- | TODO | 3 |
1 files changed, 3 insertions, 0 deletions
@@ -262,6 +262,8 @@ Features: * pid1: support new clone3() fork-into-cgroup feature +* pid1: support new cgroup.kill to terminate all processes in a cgroup + * pid1: also remove PID files of a service when the service starts, not just when it exits @@ -425,6 +427,7 @@ Features: * paranoia: whenever we process passwords, call mlock() on the memory first. i.e. look for all places we use free_and_erasep() and augment them with mlock(). Also use MADV_DONTDUMP. + Alternatively (preferably?) use memfd_secret(). * Move RestrictAddressFamily= to the new cgroup create socket |