[systemd-devel] Initrd passing changes in systemd 257

Hey all, we've recently tried to upgrade a legacy image of ours from Fedora 40 to Fedora 42, including a systemd version bump from version 255 to version 257. This broke our PCR9 measurement because the initrd measured into that doesn't match our expectations anymore. The initrd section measured

[systemd-devel] ioctl calls from within sandboxed unit

me=yes RestrictSUIDSGID=yes RestrictNamespaces=yes ProtectProc=invisible ProcSubset=all ProtectHostname=yes Moritz Sanft