[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Secure boot] Force check of kernel signature.

From: Andrei Borzenkov
Subject: Re: [Secure boot] Force check of kernel signature.
Date: Tue, 28 Apr 2015 12:26:39 +0300

On Tue, Apr 28, 2015 at 11:55 AM, Plamen K. Kosseff <address@hidden> wrote:
> Gentoo doesn't support Shim. Their view on the matter is that you should
> boot the kernel directly and rely on the
> firmware to provide boot loader functionality, however I have a very "nice"
> implementation of UEFI from HP that
> will always boot windows and will override changes in the boot order on
> every boot.

Well, you could try to use chainloader then. It will simply load
kernel and let firmware to verify it. You should be able to pass
parameters to kernel this way, including initrd path, but at least
initrd will probably need to be located on firmware accessible
directory i.e. ESP.

> Anyway I'll check if gummiboot provides enough functionality for my case.

Does not gummiboot rely on shim as well?

reply via email to

[Prev in Thread] Current Thread [Next in Thread]