File tree Expand file tree Collapse file tree 1 file changed +11
-0
lines changed
Expand file tree Collapse file tree 1 file changed +11
-0
lines changed Original file line number Diff line number Diff line change @@ -22,6 +22,17 @@ Janitorial Clean-ups:
2222
2323Features:
2424
25+ * ability to insert trusted configuration and secrets into the boot paramaters
26+ of a kernel booting in a VM or on baremetal some way, via TPM
27+ protection. idea:
28+ 1. pass via /proc/bootconfig
29+ 2. for secrets: put secrets in node of /proc/bootconfig, decrypt them via
30+ TPM early on in PID 1, put them in $CREDENTIAL_PATH logic
31+ 3. for config: put signed data in node /proc/booconfig, validate via TPM
32+ early on in PID 1, put data into /run/bootconfig/ as individual files
33+ 4. boot loader/stub should pick these up automatically from the boot loader
34+ file systems
35+
2536* journald: support RFC3164 fully for the incoming syslog transport, see
2637 https://github.com/systemd/systemd/issues/19251#issuecomment-816601955
2738
You can’t perform that action at this time.
0 commit comments