possibly. (also, NV_ORDERLY makes stuff faster, and dropping it costs
possibly up to 100ms supposedly)
-* create a hwdb database that contains tpm quirks, i.e. knows whether NV_ORDERLY
- + TPM2_NT_EXTEND can be safely mixed or
- not. (see https://github.com/systemd/systemd/issues/40485#issuecomment-3984855537)
-
* instead of going directly for DefineSpace when initializing nvpcrs, check if
they exist first. apparently DEfineSpace is broken on some tpms, and also
creates log spam if the nvindex already exists.
reference implementation uses a different address syntax, which needs to be
taken into account.
-* downgrade the uid/gid disposition enforcement in udev
-
* have a signal that reloads every unit that supports reloading
* systemd: add storage API via varlink, where everyone can drop a socket in a
generates a random password, passes it as credential to sysusers for the root
user, then displays it on screen. people can use this to remotely log in.
-* Maybe introducean InodeRef structure inspired by PidRef, which references a
+* Maybe introduce an InodeRef structure inspired by PidRef, which references a
specific inode, and combines: a path, an O_PATH fd, and possibly a FID into
one. Why? We often pass around path and fd separately in chaseat() and similar
calls. Because passing around both separately is cumbersome we sometimes only
* measure all log-in attempts into a new nvpcr
-* measure all DDI activations into a new nvpcr
-
* maybe rework systemd-modules-load to be a generator that just instantiates
modprobe@.service a bunch of times
root disks)
* complete varlink introspection comments:
- - io.systemd.BootControl
- io.systemd.Hostname
- io.systemd.ManagedOOM
- io.systemd.Network
projects / thirdparty / systemd.git / commitdiff
