From: Luca Boccassi <luca.boccassi@microsoft.com>
Date: Mon, 12 Jul 2021 21:47:59 +0000 (+0100)
Subject: TODO: note cgroup.kill and memfd_secret
X-Git-Tag: v250-rc1~957
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=8b213bf12eb59e4ce5365fdbbc36e42ec037107b;p=thirdparty%2Fsystemd.git

TODO: note cgroup.kill and memfd_secret
---

diff --git a/TODO b/TODO
index 7c5002e6b04..249f4a22570 100644
--- a/TODO
+++ b/TODO
@@ -262,6 +262,8 @@ Features:
 
 * pid1: support new clone3() fork-into-cgroup feature
 
+* pid1: support new cgroup.kill to terminate all processes in a cgroup
+
 * pid1: also remove PID files of a service when the service starts, not just
   when it exits
 
@@ -425,6 +427,7 @@ Features:
 * paranoia: whenever we process passwords, call mlock() on the memory
   first. i.e. look for all places we use free_and_erasep() and
   augment them with mlock(). Also use MADV_DONTDUMP.
+  Alternatively (preferably?) use memfd_secret().
 
 * Move RestrictAddressFamily= to the new cgroup create socket