git.ipfire.org Git - thirdparty/systemd.git/commit

author	Lennart Poettering <lennart@poettering.net>
	Fri, 14 Oct 2022 18:53:42 +0000 (20:53 +0200)
committer	Luca Boccassi <luca.boccassi@gmail.com>
	Mon, 17 Oct 2022 10:09:43 +0000 (12:09 +0200)
commit	047273e6e8a044e2a7e9471fc3737ef9ebb9bc39
tree	6b9c422c3d0278ea88eec37c265da7d3f20cbf9b	tree \| snapshot
parent	961549ab4163c0873b72e6e40cb72b11ac493fd7	commit \| diff

pcrphase: add two additional phases

This adds two more phases to the PCR boot phase logic: "sysinit" +
"final".

The "sysinit" one is placed between sysinit.target and basic.target.
It's good to have a milestone in this place, since this is after all
file systems/LUKS volumes are in place (which sooner or later should
result in measurements of their own) and before services are started
(where we should be able to rely on them to be complete).

This is particularly useful to make certain secrets available for
mounting secondary file systems, but making them unavailable later.

This breaks API in a way (as measurements during runtime will change),
but given that the pcrphase stuff wasn't realeased yet should be OK.

man/rules/meson.build		diff \| blob \| blame \| history
man/systemd-measure.xml		diff \| blob \| blame \| history
man/systemd-pcrphase.service.xml		diff \| blob \| blame \| history
src/boot/measure.c		diff \| blob \| blame \| history
units/meson.build		diff \| blob \| blame \| history
units/systemd-pcrphase-sysinit.service.in	[new file with mode: 0644]	blob
units/systemd-pcrphase.service.in		diff \| blob \| blame \| history