![]() TPM2 knows two types of policy sessions: "real" ones and "trial" ones. The latter allow you to calculate a policy hash without this enforcing any policy, which the former do. Typically you want to use the "trial" ones when enrolling, and you have to use the "real" ones for unlocking. So far we used "real" ones for both cases. Which works fine – as long as the policy put together matches the current reality (e.g. the PCR values included in the policy are the ones currently in place in the TPM). Let's switch to using trial sessions for enrolling. First of all this is preparation for later work to implement further policy extensions (for example, policies binding to literally specified PCR values, instead of the once currently measured). But from my perspective more importantly it actually is cleaner, as it communicates more clearly what we are actually doing here. No user-visible change in behaviour. |
||
---|---|---|
.clusterfuzzlite | ||
.github | ||
.lgtm/cpp-queries | ||
.semaphore | ||
catalog | ||
coccinelle | ||
docs | ||
factory | ||
hwdb.d | ||
LICENSES | ||
man | ||
mkosi.default.d | ||
modprobe.d | ||
network | ||
po | ||
presets | ||
rules.d | ||
shell-completion | ||
src | ||
sysctl.d | ||
sysusers.d | ||
test | ||
tmpfiles.d | ||
tools | ||
units | ||
xorg | ||
.clang-format | ||
.ctags | ||
.dir-locals.el | ||
.editorconfig | ||
.gitattributes | ||
.gitignore | ||
.lgtm.yml | ||
.mailmap | ||
.packit.yml | ||
.vimrc | ||
.ycm_extra_conf.py | ||
configure | ||
LICENSE.GPL2 | ||
LICENSE.LGPL2.1 | ||
Makefile | ||
meson.build | ||
meson_options.txt | ||
mkosi.build | ||
mkosi.postinst | ||
NEWS | ||
README | ||
README.md | ||
TODO |
System and Service Manager
Details
Most documentation is available on systemd's web site.
Assorted, older, general information about systemd can be found in the systemd Wiki.
Information about build requirements is provided in the README file.
Consult our NEWS file for information about what's new in the most recent systemd versions.
Please see the Code Map for information about this repository's layout and content.
Please see the Hacking guide for information on how to hack on systemd and test your modifications.
Please see our Contribution Guidelines for more information about filing GitHub Issues and posting GitHub Pull Requests.
When preparing patches for systemd, please follow our Coding Style Guidelines.
If you are looking for support, please contact our mailing list or join our IRC channel.
Stable branches with backported patches are available in the stable repo.