update TODO

author Lennart Poettering <lennart@poettering.net>

Tue, 11 Mar 2025 16:19:25 +0000 (17:19 +0100)

committer Lennart Poettering <lennart@poettering.net>

Tue, 11 Mar 2025 16:19:32 +0000 (17:19 +0100)
author Lennart Poettering <lennart@poettering.net>
Tue, 11 Mar 2025 16:19:25 +0000 (17:19 +0100)
committer Lennart Poettering <lennart@poettering.net>
Tue, 11 Mar 2025 16:19:32 +0000 (17:19 +0100)
diff --git a/TODO b/TODO

index 33cc02d406d10b81b3e65a86805587368365b4da..151c364498a1e73a0bf82a3ed28f9ecc8dd34ec5 100644 (file)
--- a/TODO
+++ b/TODO
@@ -130,6 +130,21 @@ Deprecations and removals:
  
  Features:
  
+* pcrextend: when we fail to measure, reboot the system (at least optionally).
+  important because certain measurements are supposed to "destroy" tpm object
+  access.
+
+* pcrextend: after measuring get an immediate quote from the TPM, and validate
+  it. if it doesn't check out, i.e. the measurement we made doesn't appear in
+  the PCR then also reboot.
+
+* cryptsetup: add boolean for disabling use of any password/recovery key slots.
+
+* dissect: when mounting a file system, look into certain xattrs on / in them, and
+  if that exists, check if gpt partition flags + type uuid + uuid match the
+  data encoded therein, so that attackers cannot make us misuse our file
+  systems
+
  * complete varlink introspection comments:
    - io.systemd.BootControl
    - io.systemd.Hostname
author	Lennart Poettering <lennart@poettering.net>
	Tue, 11 Mar 2025 16:19:25 +0000 (17:19 +0100)
committer	Lennart Poettering <lennart@poettering.net>
	Tue, 11 Mar 2025 16:19:32 +0000 (17:19 +0100)