diff options
author | Lennart Poettering <lennart@poettering.net> | 2022-10-14 11:32:43 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2022-10-14 11:33:17 +0200 |
commit | 4554c178bf07ded86f9f3982f26e87afd1caf0f4 (patch) | |
tree | efe01420b0ed456f8681d87308d33da908185c85 /TODO | |
parent | 73bf6859cb1b356cc6bb63e624b8be88dc224d49 (diff) | |
download | systemd-4554c178bf07ded86f9f3982f26e87afd1caf0f4.tar.gz |
update TODO
Diffstat (limited to 'TODO')
-rw-r--r-- | TODO | 6 |
1 files changed, 6 insertions, 0 deletions
@@ -119,6 +119,12 @@ Deprecations and removals: Features: +* We should start measuring all services, containers, and system extensions we + activate. probably into PCR 13. i.e. add --tpm2-measure-pcr= or so to + systemd-nspawn, and MeasurePCR= to unit files. Should contain a measurement + of the activated configuration and the image that is being activated (in case + verity is used, hash of the root hash). + * whenever we measure something into a TPM PCR from userspace, write a record in TCG's "Canonical Event Log" format to some file, so that we can reason about how PCR values we manage came to |