* add service file setting to force the fwmark (a la SO_MARK) to some value, so
that we can allowlist certain services for imds this way.
+* lock down swtpm a bit to make it harder to extract keys from it as it is
+ running. i.e. make ptracing + termination hard from the outside. also run
+ swtpm as unpriv user (not trivial, probably requires patch swtpm, as it needs
+ to allocate vtpm device), to lock it down from the inside.
+
+* once swtpm's sd_notify() support has landed in the distributions, remove the
+ invocation in tpm2-swtpm.c and let swtpm handle it.
+
* make systemd work nicely without /bin/sh, logins and associated shell tools around
- make sure debug shell service (sushell) has a nice failure mode, prints a message and reboots
- varlink interface for "systemctl start" and friends
* on first login of a user, measure its identity to some nvpcr
-* optionally spawn an swtpm instance if a system doesn't have a native tpm, do
- it via the tpm generator
-
-* add a secret key logic to sd-stub, that uses early-boot efi variables for
- storing, that can be used as fallback logic for tpm-less systems for disk
- encryption, and swtpm state encryption.
-
* sd-lldp: pick up 802.3 maximum frame size/mtu, to be able to detect jumbo
frame capable networks
service into the early boot, waiting for the DMI and network device to show
up.
-* Add UKI profile conditioning so that profles are only available if secure
+* Add UKI profile conditioning so that profiles are only available if secure
boot is turned off, or only on. similar, add conditions on TPM availability,
network boot, and other conditions.
projects / thirdparty / systemd.git / commitdiff
