git.ipfire.org Git - thirdparty/systemd.git/commit

]> git.ipfire.org Git - thirdparty/systemd.git/commit

projects / thirdparty / systemd.git / commit

author	Lennart Poettering <lennart@poettering.net>
	Thu, 27 Feb 2025 14:29:48 +0000 (15:29 +0100)
committer	GitHub <noreply@github.com>
	Thu, 27 Feb 2025 14:29:48 +0000 (15:29 +0100)
commit	cf20b5d1dc34a15286a60d874430cfe25ea89118
tree	0fb4ae9d038019ff4255b5240dd72a0df12283d6	tree \| snapshot
parent	bc9414832dd88cadcc1dab65493b89cd9c07f00c	commit \| diff
parent	6ee3bc046bdee676d34e890c82d56f935891cb75	commit \| diff

units: measure additional phases into PCR 11 when entering storage target mode or factory reset (#36543)

Let's "spoil" access to TPM secrets when we boot into these two modes.
This matters in particular for storagetm: if the host gets exploited
while booted into storage target mode any secrets kept by the TPM might
remain accessible otherwise. By measuring a new "phase" word into PCR 11
we "blow the fuse" however on this boot.

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom