My #systemd feature awareness is always about two years old because you don’t become aware of its features by doing #kernel development :-)
For instance, I had no idea that systemd already natively supported #TPM2 before month or two ago someone told me about systemd-cryptenroll
. I had seen the utility tho in some article but had a blind spot for the prefix.
Now that I’ve seen systemd’s TPM2 implementation in source level I can only say that it is somewhat bloated but I guess it is working fine :-) It is bloated because it would have been better idea just directly use the device. So not a great implementation, but at least a working one. That said, it is not a major glitch but IMHO could be rewritten at some point, with the motivation of decreasing dependencies and compilation times.
In order to address the 1-2 year turn-over issue, I’ll try to get my #BuildRoot build to generate a fully working #systemd environment.